]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #4797 from opensourcerouting/eigrpd-vrf
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56
57 /*
58 * OSPF Fragmentation / fragmented writes
59 *
60 * ospfd can support writing fragmented packets, for cases where
61 * kernel will not fragment IP_HDRINCL and/or multicast destined
62 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
63 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
64 * flags fields, hence user-space fragmentation will not work.
65 * Only Linux is known to leave IP header unmolested.
66 * Further, fragmentation really should be done the kernel, which already
67 * supports it, and which avoids nasty IP ID state problems.
68 *
69 * Fragmentation of OSPF packets can be required on networks with router
70 * with many many interfaces active in one area, or on networks with links
71 * with low MTUs.
72 */
73 #ifdef GNU_LINUX
74 #define WANT_OSPF_WRITE_FRAGMENT
75 #endif
76
77 /* Packet Type String. */
78 const struct message ospf_packet_type_str[] = {
79 {OSPF_MSG_HELLO, "Hello"},
80 {OSPF_MSG_DB_DESC, "Database Description"},
81 {OSPF_MSG_LS_REQ, "Link State Request"},
82 {OSPF_MSG_LS_UPD, "Link State Update"},
83 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
84 {0}};
85
86 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
87 particular types, offset is the "type" field of a packet. */
88 static const uint16_t ospf_packet_minlen[] = {
89 0,
90 OSPF_HELLO_MIN_SIZE,
91 OSPF_DB_DESC_MIN_SIZE,
92 OSPF_LS_REQ_MIN_SIZE,
93 OSPF_LS_UPD_MIN_SIZE,
94 OSPF_LS_ACK_MIN_SIZE,
95 };
96
97 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
98 types, offset is the "LSA type" field. */
99 static const uint16_t ospf_lsa_minlen[] = {
100 0,
101 OSPF_ROUTER_LSA_MIN_SIZE,
102 OSPF_NETWORK_LSA_MIN_SIZE,
103 OSPF_SUMMARY_LSA_MIN_SIZE,
104 OSPF_SUMMARY_LSA_MIN_SIZE,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 0,
110 0,
111 0,
112 };
113
114 /* for ospf_check_auth() */
115 static int ospf_check_sum(struct ospf_header *);
116
117 /* OSPF authentication checking function */
118 static int ospf_auth_type(struct ospf_interface *oi)
119 {
120 int auth_type;
121
122 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
123 auth_type = oi->area->auth_type;
124 else
125 auth_type = OSPF_IF_PARAM(oi, auth_type);
126
127 /* Handle case where MD5 key list is not configured aka Cisco */
128 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
129 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
130 return OSPF_AUTH_NULL;
131
132 return auth_type;
133 }
134
135 struct ospf_packet *ospf_packet_new(size_t size)
136 {
137 struct ospf_packet *new;
138
139 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
140 new->s = stream_new(size);
141
142 return new;
143 }
144
145 void ospf_packet_free(struct ospf_packet *op)
146 {
147 if (op->s)
148 stream_free(op->s);
149
150 XFREE(MTYPE_OSPF_PACKET, op);
151 }
152
153 struct ospf_fifo *ospf_fifo_new(void)
154 {
155 struct ospf_fifo *new;
156
157 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
158 return new;
159 }
160
161 /* Add new packet to fifo. */
162 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
163 {
164 if (fifo->tail)
165 fifo->tail->next = op;
166 else
167 fifo->head = op;
168
169 fifo->tail = op;
170
171 fifo->count++;
172 }
173
174 /* Add new packet to head of fifo. */
175 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
176 {
177 op->next = fifo->head;
178
179 if (fifo->tail == NULL)
180 fifo->tail = op;
181
182 fifo->head = op;
183
184 fifo->count++;
185 }
186
187 /* Delete first packet from fifo. */
188 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
189 {
190 struct ospf_packet *op;
191
192 op = fifo->head;
193
194 if (op) {
195 fifo->head = op->next;
196
197 if (fifo->head == NULL)
198 fifo->tail = NULL;
199
200 fifo->count--;
201 }
202
203 return op;
204 }
205
206 /* Return first fifo entry. */
207 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
208 {
209 return fifo->head;
210 }
211
212 /* Flush ospf packet fifo. */
213 void ospf_fifo_flush(struct ospf_fifo *fifo)
214 {
215 struct ospf_packet *op;
216 struct ospf_packet *next;
217
218 for (op = fifo->head; op; op = next) {
219 next = op->next;
220 ospf_packet_free(op);
221 }
222 fifo->head = fifo->tail = NULL;
223 fifo->count = 0;
224 }
225
226 /* Free ospf packet fifo. */
227 void ospf_fifo_free(struct ospf_fifo *fifo)
228 {
229 ospf_fifo_flush(fifo);
230
231 XFREE(MTYPE_OSPF_FIFO, fifo);
232 }
233
234 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
235 {
236 if (!oi->obuf) {
237 flog_err(
238 EC_OSPF_PKT_PROCESS,
239 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
240 "destination %s) called with NULL obuf, ignoring "
241 "(please report this bug)!\n",
242 IF_NAME(oi), oi->state,
243 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
244 lookup_msg(ospf_packet_type_str,
245 stream_getc_from(op->s, 1), NULL),
246 inet_ntoa(op->dst));
247 return;
248 }
249
250 /* Add packet to end of queue. */
251 ospf_fifo_push(oi->obuf, op);
252
253 /* Debug of packet fifo*/
254 /* ospf_fifo_debug (oi->obuf); */
255 }
256
257 static void ospf_packet_add_top(struct ospf_interface *oi,
258 struct ospf_packet *op)
259 {
260 if (!oi->obuf) {
261 flog_err(
262 EC_OSPF_PKT_PROCESS,
263 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
264 "destination %s) called with NULL obuf, ignoring "
265 "(please report this bug)!\n",
266 IF_NAME(oi), oi->state,
267 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
268 lookup_msg(ospf_packet_type_str,
269 stream_getc_from(op->s, 1), NULL),
270 inet_ntoa(op->dst));
271 return;
272 }
273
274 /* Add packet to head of queue. */
275 ospf_fifo_push_head(oi->obuf, op);
276
277 /* Debug of packet fifo*/
278 /* ospf_fifo_debug (oi->obuf); */
279 }
280
281 void ospf_packet_delete(struct ospf_interface *oi)
282 {
283 struct ospf_packet *op;
284
285 op = ospf_fifo_pop(oi->obuf);
286
287 if (op)
288 ospf_packet_free(op);
289 }
290
291 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
292 {
293 struct ospf_packet *new;
294
295 if (stream_get_endp(op->s) != op->length)
296 /* XXX size_t */
297 zlog_debug(
298 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
299 (unsigned long)STREAM_SIZE(op->s), op->length);
300
301 /* Reserve space for MD5 authentication that may be added later. */
302 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
303 stream_copy(new->s, op->s);
304
305 new->dst = op->dst;
306 new->length = op->length;
307
308 return new;
309 }
310
311 /* XXX inline */
312 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
313 {
314 int auth = 0;
315
316 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
317 auth = OSPF_AUTH_MD5_SIZE;
318
319 return auth;
320 }
321
322 static unsigned int ospf_packet_max(struct ospf_interface *oi)
323 {
324 int max;
325
326 max = oi->ifp->mtu - ospf_packet_authspace(oi);
327
328 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
329
330 return max;
331 }
332
333
334 static int ospf_check_md5_digest(struct ospf_interface *oi,
335 struct ospf_header *ospfh)
336 {
337 #ifdef CRYPTO_OPENSSL
338 EVP_MD_CTX *ctx;
339 #elif CRYPTO_INTERNAL
340 MD5_CTX ctx;
341 #endif
342 unsigned char digest[OSPF_AUTH_MD5_SIZE];
343 struct crypt_key *ck;
344 struct ospf_neighbor *nbr;
345 uint16_t length = ntohs(ospfh->length);
346
347 /* Get secret key. */
348 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
349 ospfh->u.crypt.key_id);
350 if (ck == NULL) {
351 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
352 IF_NAME(oi), ospfh->u.crypt.key_id);
353 return 0;
354 }
355
356 /* check crypto seqnum. */
357 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
358
359 if (nbr
360 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
361 flog_warn(
362 EC_OSPF_MD5,
363 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
364 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
365 ntohl(nbr->crypt_seqnum));
366 return 0;
367 }
368
369 /* Generate a digest for the ospf packet - their digest + our digest. */
370 #ifdef CRYPTO_OPENSSL
371 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
372 ctx = EVP_MD_CTX_new();
373 EVP_DigestInit(ctx, EVP_md5());
374 EVP_DigestUpdate(ctx, ospfh, length);
375 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
376 EVP_DigestFinal(ctx, digest, &md5_size);
377 EVP_MD_CTX_free(ctx);
378 #elif CRYPTO_INTERNAL
379 memset(&ctx, 0, sizeof(ctx));
380 MD5Init(&ctx);
381 MD5Update(&ctx, ospfh, length);
382 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
383 MD5Final(digest, &ctx);
384 #endif
385
386 /* compare the two */
387 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
388 flog_warn(EC_OSPF_MD5,
389 "interface %s: ospf_check_md5 checksum mismatch",
390 IF_NAME(oi));
391 return 0;
392 }
393
394 /* save neighbor's crypt_seqnum */
395 if (nbr)
396 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
397 return 1;
398 }
399
400 /* This function is called from ospf_write(), it will detect the
401 authentication scheme and if it is MD5, it will change the sequence
402 and update the MD5 digest. */
403 static int ospf_make_md5_digest(struct ospf_interface *oi,
404 struct ospf_packet *op)
405 {
406 struct ospf_header *ospfh;
407 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
408 #ifdef CRYPTO_OPENSSL
409 EVP_MD_CTX *ctx;
410 #elif CRYPTO_INTERNAL
411 MD5_CTX ctx;
412 #endif
413 void *ibuf;
414 uint32_t t;
415 struct crypt_key *ck;
416 const uint8_t *auth_key;
417
418 ibuf = STREAM_DATA(op->s);
419 ospfh = (struct ospf_header *)ibuf;
420
421 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
422 return 0;
423
424 /* We do this here so when we dup a packet, we don't have to
425 waste CPU rewriting other headers.
426
427 Note that quagga_time /deliberately/ is not used here */
428 t = (time(NULL) & 0xFFFFFFFF);
429 if (t > oi->crypt_seqnum)
430 oi->crypt_seqnum = t;
431 else
432 oi->crypt_seqnum++;
433
434 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
435
436 /* Get MD5 Authentication key from auth_key list. */
437 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
438 auth_key = (const uint8_t *)digest;
439 else {
440 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
441 auth_key = ck->auth_key;
442 }
443
444 /* Generate a digest for the entire packet + our secret key. */
445 #ifdef CRYPTO_OPENSSL
446 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
447 ctx = EVP_MD_CTX_new();
448 EVP_DigestInit(ctx, EVP_md5());
449 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
450 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
451 EVP_DigestFinal(ctx, digest, &md5_size);
452 EVP_MD_CTX_free(ctx);
453 #elif CRYPTO_INTERNAL
454 memset(&ctx, 0, sizeof(ctx));
455 MD5Init(&ctx);
456 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
457 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
458 MD5Final(digest, &ctx);
459 #endif
460
461 /* Append md5 digest to the end of the stream. */
462 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
463
464 /* We do *NOT* increment the OSPF header length. */
465 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
466
467 if (stream_get_endp(op->s) != op->length)
468 /* XXX size_t */
469 flog_warn(
470 EC_OSPF_MD5,
471 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
472 (unsigned long)stream_get_endp(op->s), op->length);
473
474 return OSPF_AUTH_MD5_SIZE;
475 }
476
477
478 static int ospf_ls_req_timer(struct thread *thread)
479 {
480 struct ospf_neighbor *nbr;
481
482 nbr = THREAD_ARG(thread);
483 nbr->t_ls_req = NULL;
484
485 /* Send Link State Request. */
486 if (ospf_ls_request_count(nbr))
487 ospf_ls_req_send(nbr);
488
489 /* Set Link State Request retransmission timer. */
490 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
491
492 return 0;
493 }
494
495 void ospf_ls_req_event(struct ospf_neighbor *nbr)
496 {
497 if (nbr->t_ls_req) {
498 thread_cancel(nbr->t_ls_req);
499 nbr->t_ls_req = NULL;
500 }
501 nbr->t_ls_req = NULL;
502 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
503 }
504
505 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
506 ospf_neighbor.c */
507 int ospf_ls_upd_timer(struct thread *thread)
508 {
509 struct ospf_neighbor *nbr;
510
511 nbr = THREAD_ARG(thread);
512 nbr->t_ls_upd = NULL;
513
514 /* Send Link State Update. */
515 if (ospf_ls_retransmit_count(nbr) > 0) {
516 struct list *update;
517 struct ospf_lsdb *lsdb;
518 int i;
519 int retransmit_interval;
520
521 retransmit_interval =
522 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
523
524 lsdb = &nbr->ls_rxmt;
525 update = list_new();
526
527 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
528 struct route_table *table = lsdb->type[i].db;
529 struct route_node *rn;
530
531 for (rn = route_top(table); rn; rn = route_next(rn)) {
532 struct ospf_lsa *lsa;
533
534 if ((lsa = rn->info) != NULL) {
535 /* Don't retransmit an LSA if we
536 received it within
537 the last RxmtInterval seconds - this
538 is to allow the
539 neighbour a chance to acknowledge the
540 LSA as it may
541 have ben just received before the
542 retransmit timer
543 fired. This is a small tweak to what
544 is in the RFC,
545 but it will cut out out a lot of
546 retransmit traffic
547 - MAG */
548 if (monotime_since(&lsa->tv_recv, NULL)
549 >= retransmit_interval * 1000000LL)
550 listnode_add(update, rn->info);
551 }
552 }
553 }
554
555 if (listcount(update) > 0)
556 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
557 0);
558 list_delete(&update);
559 }
560
561 /* Set LS Update retransmission timer. */
562 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
563
564 return 0;
565 }
566
567 int ospf_ls_ack_timer(struct thread *thread)
568 {
569 struct ospf_interface *oi;
570
571 oi = THREAD_ARG(thread);
572 oi->t_ls_ack = NULL;
573
574 /* Send Link State Acknowledgment. */
575 if (listcount(oi->ls_ack) > 0)
576 ospf_ls_ack_send_delayed(oi);
577
578 /* Set LS Ack timer. */
579 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
580
581 return 0;
582 }
583
584 #ifdef WANT_OSPF_WRITE_FRAGMENT
585 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
586 struct msghdr *msg, unsigned int maxdatasize,
587 unsigned int mtu, int flags, uint8_t type)
588 {
589 #define OSPF_WRITE_FRAG_SHIFT 3
590 uint16_t offset;
591 struct iovec *iovp;
592 int ret;
593
594 assert(op->length == stream_get_endp(op->s));
595 assert(msg->msg_iovlen == 2);
596
597 /* we can but try.
598 *
599 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
600 * well as the IP_MF flag, making this all quite pointless.
601 *
602 * However, for a system on which IP_MF is left alone, and ip_id left
603 * alone or else which sets same ip_id for each fragment this might
604 * work, eg linux.
605 *
606 * XXX-TODO: It would be much nicer to have the kernel's use their
607 * existing fragmentation support to do this for us. Bugs/RFEs need to
608 * be raised against the various kernels.
609 */
610
611 /* set More Frag */
612 iph->ip_off |= IP_MF;
613
614 /* ip frag offset is expressed in units of 8byte words */
615 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
616
617 iovp = &msg->msg_iov[1];
618
619 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
620 > maxdatasize) {
621 /* data length of this frag is to next offset value */
622 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
623 iph->ip_len = iovp->iov_len + sizeof(struct ip);
624 assert(iph->ip_len <= mtu);
625
626 sockopt_iphdrincl_swab_htosys(iph);
627
628 ret = sendmsg(fd, msg, flags);
629
630 sockopt_iphdrincl_swab_systoh(iph);
631
632 if (ret < 0)
633 flog_err(
634 EC_LIB_SOCKET,
635 "*** ospf_write_frags: sendmsg failed to %s,"
636 " id %d, off %d, len %d, mtu %u failed with %s",
637 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
638 iph->ip_len, mtu, safe_strerror(errno));
639
640 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
641 zlog_debug(
642 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
643 iph->ip_id, iph->ip_off, iph->ip_len,
644 inet_ntoa(iph->ip_dst));
645 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
646 zlog_debug(
647 "-----------------IP Header Dump----------------------");
648 ospf_ip_header_dump(iph);
649 zlog_debug(
650 "-----------------------------------------------------");
651 }
652 }
653
654 iph->ip_off += offset;
655 stream_forward_getp(op->s, iovp->iov_len);
656 iovp->iov_base = stream_pnt(op->s);
657 }
658
659 /* setup for final fragment */
660 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
661 iph->ip_len = iovp->iov_len + sizeof(struct ip);
662 iph->ip_off &= (~IP_MF);
663 }
664 #endif /* WANT_OSPF_WRITE_FRAGMENT */
665
666 static int ospf_write(struct thread *thread)
667 {
668 struct ospf *ospf = THREAD_ARG(thread);
669 struct ospf_interface *oi;
670 struct ospf_interface *last_serviced_oi = NULL;
671 struct ospf_packet *op;
672 struct sockaddr_in sa_dst;
673 struct ip iph;
674 struct msghdr msg;
675 struct iovec iov[2];
676 uint8_t type;
677 int ret;
678 int flags = 0;
679 struct listnode *node;
680 #ifdef WANT_OSPF_WRITE_FRAGMENT
681 static uint16_t ipid = 0;
682 uint16_t maxdatasize;
683 #endif /* WANT_OSPF_WRITE_FRAGMENT */
684 #define OSPF_WRITE_IPHL_SHIFT 2
685 int pkt_count = 0;
686
687 #ifdef GNU_LINUX
688 unsigned char cmsgbuf[64] = {};
689 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
690 struct in_pktinfo *pi;
691 #endif
692
693 if (ospf->fd < 0 || ospf->oi_running == 0) {
694 if (IS_DEBUG_OSPF_EVENT)
695 zlog_debug(
696 "ospf_write failed to send, fd %d, instance %u"
697 ,ospf->fd, ospf->oi_running);
698 return -1;
699 }
700
701 ospf->t_write = NULL;
702
703 node = listhead(ospf->oi_write_q);
704 assert(node);
705 oi = listgetdata(node);
706 assert(oi);
707
708 #ifdef WANT_OSPF_WRITE_FRAGMENT
709 /* seed ipid static with low order bits of time */
710 if (ipid == 0)
711 ipid = (time(NULL) & 0xffff);
712 #endif /* WANT_OSPF_WRITE_FRAGMENT */
713
714 while ((pkt_count < ospf->write_oi_count) && oi
715 && (last_serviced_oi != oi)) {
716 /* If there is only packet in the queue, the oi is removed from
717 write-q, so fix up the last interface that was serviced */
718 if (last_serviced_oi == NULL) {
719 last_serviced_oi = oi;
720 }
721 pkt_count++;
722 #ifdef WANT_OSPF_WRITE_FRAGMENT
723 /* convenience - max OSPF data per packet */
724 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
725 #endif /* WANT_OSPF_WRITE_FRAGMENT */
726 /* Get one packet from queue. */
727 op = ospf_fifo_head(oi->obuf);
728 assert(op);
729 assert(op->length >= OSPF_HEADER_SIZE);
730
731 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
732 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
733 ospf_if_ipmulticast(ospf, oi->address,
734 oi->ifp->ifindex);
735
736 /* Rewrite the md5 signature & update the seq */
737 ospf_make_md5_digest(oi, op);
738
739 /* Retrieve OSPF packet type. */
740 stream_set_getp(op->s, 1);
741 type = stream_getc(op->s);
742
743 /* reset get pointer */
744 stream_set_getp(op->s, 0);
745
746 memset(&iph, 0, sizeof(struct ip));
747 memset(&sa_dst, 0, sizeof(sa_dst));
748
749 sa_dst.sin_family = AF_INET;
750 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
751 sa_dst.sin_len = sizeof(sa_dst);
752 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
753 sa_dst.sin_addr = op->dst;
754 sa_dst.sin_port = htons(0);
755
756 /* Set DONTROUTE flag if dst is unicast. */
757 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
758 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
759 flags = MSG_DONTROUTE;
760
761 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
762 /* it'd be very strange for header to not be 4byte-word aligned
763 * but.. */
764 if (sizeof(struct ip)
765 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
766 iph.ip_hl++; /* we presume sizeof struct ip cant
767 overflow ip_hl.. */
768
769 iph.ip_v = IPVERSION;
770 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
771 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
772
773 #if defined(__DragonFly__)
774 /*
775 * DragonFly's raw socket expects ip_len/ip_off in network byte
776 * order.
777 */
778 iph.ip_len = htons(iph.ip_len);
779 #endif
780
781 #ifdef WANT_OSPF_WRITE_FRAGMENT
782 /* XXX-MT: not thread-safe at all..
783 * XXX: this presumes this is only programme sending OSPF
784 * packets
785 * otherwise, no guarantee ipid will be unique
786 */
787 iph.ip_id = ++ipid;
788 #endif /* WANT_OSPF_WRITE_FRAGMENT */
789
790 iph.ip_off = 0;
791 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
792 iph.ip_ttl = OSPF_VL_IP_TTL;
793 else
794 iph.ip_ttl = OSPF_IP_TTL;
795 iph.ip_p = IPPROTO_OSPFIGP;
796 iph.ip_sum = 0;
797 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
798 iph.ip_dst.s_addr = op->dst.s_addr;
799
800 memset(&msg, 0, sizeof(msg));
801 msg.msg_name = (caddr_t)&sa_dst;
802 msg.msg_namelen = sizeof(sa_dst);
803 msg.msg_iov = iov;
804 msg.msg_iovlen = 2;
805
806 iov[0].iov_base = (char *)&iph;
807 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
808 iov[1].iov_base = stream_pnt(op->s);
809 iov[1].iov_len = op->length;
810
811 #ifdef GNU_LINUX
812 msg.msg_control = (caddr_t)cm;
813 cm->cmsg_level = SOL_IP;
814 cm->cmsg_type = IP_PKTINFO;
815 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
816 pi = (struct in_pktinfo *)CMSG_DATA(cm);
817 pi->ipi_ifindex = oi->ifp->ifindex;
818
819 msg.msg_controllen = cm->cmsg_len;
820 #endif
821
822 /* Sadly we can not rely on kernels to fragment packets
823 * because of either IP_HDRINCL and/or multicast
824 * destination being set.
825 */
826
827 #ifdef WANT_OSPF_WRITE_FRAGMENT
828 if (op->length > maxdatasize)
829 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
830 oi->ifp->mtu, flags, type);
831 #endif /* WANT_OSPF_WRITE_FRAGMENT */
832
833 /* send final fragment (could be first) */
834 sockopt_iphdrincl_swab_htosys(&iph);
835 ret = sendmsg(ospf->fd, &msg, flags);
836 sockopt_iphdrincl_swab_systoh(&iph);
837 if (IS_DEBUG_OSPF_EVENT)
838 zlog_debug(
839 "ospf_write to %s, "
840 "id %d, off %d, len %d, interface %s, mtu %u:",
841 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
842 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
843
844 if (ret < 0)
845 flog_err(
846 EC_LIB_SOCKET,
847 "*** sendmsg in ospf_write failed to %s, "
848 "id %d, off %d, len %d, interface %s, mtu %u: %s",
849 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
850 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
851 safe_strerror(errno));
852
853 /* Show debug sending packet. */
854 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
855 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
856 zlog_debug(
857 "-----------------------------------------------------");
858 ospf_ip_header_dump(&iph);
859 stream_set_getp(op->s, 0);
860 ospf_packet_dump(op->s);
861 }
862
863 zlog_debug("%s sent to [%s] via [%s].",
864 lookup_msg(ospf_packet_type_str, type, NULL),
865 inet_ntoa(op->dst), IF_NAME(oi));
866
867 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
868 zlog_debug(
869 "-----------------------------------------------------");
870 }
871
872 switch (type) {
873 case OSPF_MSG_HELLO:
874 oi->hello_out++;
875 break;
876 case OSPF_MSG_DB_DESC:
877 oi->db_desc_out++;
878 break;
879 case OSPF_MSG_LS_REQ:
880 oi->ls_req_out++;
881 break;
882 case OSPF_MSG_LS_UPD:
883 oi->ls_upd_out++;
884 break;
885 case OSPF_MSG_LS_ACK:
886 oi->ls_ack_out++;
887 break;
888 default:
889 break;
890 }
891
892 /* Now delete packet from queue. */
893 ospf_packet_delete(oi);
894
895 /* Move this interface to the tail of write_q to
896 serve everyone in a round robin fashion */
897 list_delete_node(ospf->oi_write_q, node);
898 if (ospf_fifo_head(oi->obuf) == NULL) {
899 oi->on_write_q = 0;
900 last_serviced_oi = NULL;
901 oi = NULL;
902 } else {
903 listnode_add(ospf->oi_write_q, oi);
904 }
905
906 /* Setup to service from the head of the queue again */
907 if (!list_isempty(ospf->oi_write_q)) {
908 node = listhead(ospf->oi_write_q);
909 assert(node);
910 oi = listgetdata(node);
911 assert(oi);
912 }
913 }
914
915 /* If packets still remain in queue, call write thread. */
916 if (!list_isempty(ospf->oi_write_q))
917 thread_add_write(master, ospf_write, ospf, ospf->fd,
918 &ospf->t_write);
919
920 return 0;
921 }
922
923 /* OSPF Hello message read -- RFC2328 Section 10.5. */
924 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
925 struct stream *s, struct ospf_interface *oi, int size)
926 {
927 struct ospf_hello *hello;
928 struct ospf_neighbor *nbr;
929 int old_state;
930 struct prefix p;
931
932 /* increment statistics. */
933 oi->hello_in++;
934
935 hello = (struct ospf_hello *)stream_pnt(s);
936
937 /* If Hello is myself, silently discard. */
938 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
939 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
940 zlog_debug(
941 "ospf_header[%s/%s]: selforiginated, "
942 "dropping.",
943 lookup_msg(ospf_packet_type_str, ospfh->type,
944 NULL),
945 inet_ntoa(iph->ip_src));
946 }
947 return;
948 }
949
950 /* get neighbor prefix. */
951 p.family = AF_INET;
952 p.prefixlen = ip_masklen(hello->network_mask);
953 p.u.prefix4 = iph->ip_src;
954
955 /* Compare network mask. */
956 /* Checking is ignored for Point-to-Point and Virtual link. */
957 if (oi->type != OSPF_IFTYPE_POINTOPOINT
958 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
959 if (oi->address->prefixlen != p.prefixlen) {
960 flog_warn(
961 EC_OSPF_PACKET,
962 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
963 inet_ntoa(ospfh->router_id), IF_NAME(oi),
964 (int)oi->address->prefixlen, (int)p.prefixlen);
965 return;
966 }
967
968 /* Compare Router Dead Interval. */
969 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
970 flog_warn(EC_OSPF_PACKET,
971 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
972 "(expected %u, but received %u).",
973 inet_ntoa(ospfh->router_id),
974 OSPF_IF_PARAM(oi, v_wait),
975 ntohl(hello->dead_interval));
976 return;
977 }
978
979 /* Compare Hello Interval - ignored if fast-hellos are set. */
980 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
981 if (OSPF_IF_PARAM(oi, v_hello)
982 != ntohs(hello->hello_interval)) {
983 flog_warn(
984 EC_OSPF_PACKET,
985 "Packet %s [Hello:RECV]: HelloInterval mismatch "
986 "(expected %u, but received %u).",
987 inet_ntoa(ospfh->router_id),
988 OSPF_IF_PARAM(oi, v_hello),
989 ntohs(hello->hello_interval));
990 return;
991 }
992 }
993
994 if (IS_DEBUG_OSPF_EVENT)
995 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
996 inet_ntoa(ospfh->router_id),
997 ospf_options_dump(hello->options),
998 ospf_vrf_id_to_name(oi->ospf->vrf_id));
999
1000 /* Compare options. */
1001 #define REJECT_IF_TBIT_ON 1 /* XXX */
1002 #ifdef REJECT_IF_TBIT_ON
1003 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
1004 /*
1005 * This router does not support non-zero TOS.
1006 * Drop this Hello packet not to establish neighbor
1007 * relationship.
1008 */
1009 flog_warn(EC_OSPF_PACKET,
1010 "Packet %s [Hello:RECV]: T-bit on, drop it.",
1011 inet_ntoa(ospfh->router_id));
1012 return;
1013 }
1014 #endif /* REJECT_IF_TBIT_ON */
1015
1016 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
1017 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
1018 /*
1019 * This router does know the correct usage of O-bit
1020 * the bit should be set in DD packet only.
1021 */
1022 flog_warn(EC_OSPF_PACKET,
1023 "Packet %s [Hello:RECV]: O-bit abuse?",
1024 inet_ntoa(ospfh->router_id));
1025 #ifdef STRICT_OBIT_USAGE_CHECK
1026 return; /* Reject this packet. */
1027 #else /* STRICT_OBIT_USAGE_CHECK */
1028 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
1029 #endif /* STRICT_OBIT_USAGE_CHECK */
1030 }
1031
1032 /* new for NSSA is to ensure that NP is on and E is off */
1033
1034 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1035 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1036 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1037 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1038 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1039 flog_warn(
1040 EC_OSPF_PACKET,
1041 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1042 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1043 hello->options);
1044 return;
1045 }
1046 if (IS_DEBUG_OSPF_NSSA)
1047 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1048 inet_ntoa(ospfh->router_id));
1049 } else
1050 /* The setting of the E-bit found in the Hello Packet's Options
1051 field must match this area's ExternalRoutingCapability A
1052 mismatch causes processing to stop and the packet to be
1053 dropped. The setting of the rest of the bits in the Hello
1054 Packet's Options field should be ignored. */
1055 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1056 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1057 flog_warn(
1058 EC_OSPF_PACKET,
1059 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1060 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1061 hello->options);
1062 return;
1063 }
1064
1065 /* get neighbour struct */
1066 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1067
1068 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1069 assert(nbr);
1070
1071 old_state = nbr->state;
1072
1073 /* Add event to thread. */
1074 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1075
1076 /* RFC2328 Section 9.5.1
1077 If the router is not eligible to become Designated Router,
1078 (snip) It must also send an Hello Packet in reply to an
1079 Hello Packet received from any eligible neighbor (other than
1080 the current Designated Router and Backup Designated Router). */
1081 if (oi->type == OSPF_IFTYPE_NBMA)
1082 if (PRIORITY(oi) == 0 && hello->priority > 0
1083 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1084 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1085 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1086 ospf_hello_reply_timer,
1087 OSPF_HELLO_REPLY_DELAY);
1088
1089 /* on NBMA network type, it happens to receive bidirectional Hello
1090 packet
1091 without advance 1-Way Received event.
1092 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1093 if (oi->type == OSPF_IFTYPE_NBMA
1094 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1095 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1096 nbr->priority = hello->priority;
1097 nbr->d_router = hello->d_router;
1098 nbr->bd_router = hello->bd_router;
1099 return;
1100 }
1101
1102 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1103 size - OSPF_HELLO_MIN_SIZE)) {
1104 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1105 nbr->options |= hello->options;
1106 } else {
1107 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1108 /* Set neighbor information. */
1109 nbr->priority = hello->priority;
1110 nbr->d_router = hello->d_router;
1111 nbr->bd_router = hello->bd_router;
1112 return;
1113 }
1114
1115 /* If neighbor itself declares DR and no BDR exists,
1116 cause event BackupSeen */
1117 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1118 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1119 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1120
1121 /* neighbor itself declares BDR. */
1122 if (oi->state == ISM_Waiting
1123 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1124 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1125
1126 /* had not previously. */
1127 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1128 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1129 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1130 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1131 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1132
1133 /* had not previously. */
1134 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1135 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1136 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1137 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1138 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1139
1140 /* Neighbor priority check. */
1141 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1142 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1143
1144 /* Set neighbor information. */
1145 nbr->priority = hello->priority;
1146 nbr->d_router = hello->d_router;
1147 nbr->bd_router = hello->bd_router;
1148 }
1149
1150 /* Save DD flags/options/Seqnum received. */
1151 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1152 struct ospf_db_desc *dd)
1153 {
1154 nbr->last_recv.flags = dd->flags;
1155 nbr->last_recv.options = dd->options;
1156 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1157 }
1158
1159 /* Process rest of DD packet. */
1160 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1161 struct ospf_neighbor *nbr,
1162 struct ospf_db_desc *dd, uint16_t size)
1163 {
1164 struct ospf_lsa *new, *find;
1165 struct lsa_header *lsah;
1166
1167 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1168 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1169 size -= OSPF_LSA_HEADER_SIZE) {
1170 lsah = (struct lsa_header *)stream_pnt(s);
1171 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1172
1173 /* Unknown LS type. */
1174 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1175 flog_warn(EC_OSPF_PACKET,
1176 "Packet [DD:RECV]: Unknown LS type %d.",
1177 lsah->type);
1178 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1179 return;
1180 }
1181
1182 if (IS_OPAQUE_LSA(lsah->type)
1183 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1184 flog_warn(EC_OSPF_PACKET,
1185 "LSA[Type%d:%s]: Opaque capability mismatch?",
1186 lsah->type, inet_ntoa(lsah->id));
1187 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1188 return;
1189 }
1190
1191 switch (lsah->type) {
1192 case OSPF_AS_EXTERNAL_LSA:
1193 case OSPF_OPAQUE_AS_LSA:
1194 /* Check for stub area. Reject if AS-External from stub
1195 but
1196 allow if from NSSA. */
1197 if (oi->area->external_routing == OSPF_AREA_STUB) {
1198 flog_warn(
1199 EC_OSPF_PACKET,
1200 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1201 lsah->type, inet_ntoa(lsah->id),
1202 (oi->area->external_routing
1203 == OSPF_AREA_STUB)
1204 ? "STUB"
1205 : "NSSA");
1206 OSPF_NSM_EVENT_SCHEDULE(nbr,
1207 NSM_SeqNumberMismatch);
1208 return;
1209 }
1210 break;
1211 default:
1212 break;
1213 }
1214
1215 /* Create LS-request object. */
1216 new = ospf_ls_request_new(lsah);
1217
1218 /* Lookup received LSA, then add LS request list. */
1219 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1220
1221 /* ospf_lsa_more_recent is fine with NULL pointers */
1222 switch (ospf_lsa_more_recent(find, new)) {
1223 case -1:
1224 /* Neighbour has a more recent LSA, we must request it
1225 */
1226 ospf_ls_request_add(nbr, new);
1227 /* fallthru */
1228 case 0:
1229 /* If we have a copy of this LSA, it's either less
1230 * recent
1231 * and we're requesting it from neighbour (the case
1232 * above), or
1233 * it's as recent and we both have same copy (this
1234 * case).
1235 *
1236 * In neither of these two cases is there any point in
1237 * describing our copy of the LSA to the neighbour in a
1238 * DB-Summary packet, if we're still intending to do so.
1239 *
1240 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1241 * backward compatible optimisation to OSPF DB Exchange
1242 * /
1243 * DB Description process implemented here.
1244 */
1245 if (find)
1246 ospf_lsdb_delete(&nbr->db_sum, find);
1247 ospf_lsa_discard(new);
1248 break;
1249 default:
1250 /* We have the more recent copy, nothing specific to do:
1251 * - no need to request neighbours stale copy
1252 * - must leave DB summary list copy alone
1253 */
1254 if (IS_DEBUG_OSPF_EVENT)
1255 zlog_debug(
1256 "Packet [DD:RECV]: LSA received Type %d, "
1257 "ID %s is not recent.",
1258 lsah->type, inet_ntoa(lsah->id));
1259 ospf_lsa_discard(new);
1260 }
1261 }
1262
1263 /* Master */
1264 if (IS_SET_DD_MS(nbr->dd_flags)) {
1265 nbr->dd_seqnum++;
1266
1267 /* Both sides have no More, then we're done with Exchange */
1268 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1269 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1270 else
1271 ospf_db_desc_send(nbr);
1272 }
1273 /* Slave */
1274 else {
1275 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1276
1277 /* Send DD packet in reply.
1278 *
1279 * Must be done to acknowledge the Master's DD, regardless of
1280 * whether we have more LSAs ourselves to describe.
1281 *
1282 * This function will clear the 'More' bit, if after this DD
1283 * we have no more LSAs to describe to the master..
1284 */
1285 ospf_db_desc_send(nbr);
1286
1287 /* Slave can raise ExchangeDone now, if master is also done */
1288 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1289 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1290 }
1291
1292 /* Save received neighbor values from DD. */
1293 ospf_db_desc_save_current(nbr, dd);
1294
1295 if (!nbr->t_ls_req)
1296 ospf_ls_req_send(nbr);
1297 }
1298
1299 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1300 struct ospf_neighbor *nbr)
1301 {
1302 /* Is DD duplicated? */
1303 if (dd->options == nbr->last_recv.options
1304 && dd->flags == nbr->last_recv.flags
1305 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1306 return 1;
1307
1308 return 0;
1309 }
1310
1311 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1312 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1313 struct stream *s, struct ospf_interface *oi,
1314 uint16_t size)
1315 {
1316 struct ospf_db_desc *dd;
1317 struct ospf_neighbor *nbr;
1318
1319 /* Increment statistics. */
1320 oi->db_desc_in++;
1321
1322 dd = (struct ospf_db_desc *)stream_pnt(s);
1323
1324 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1325 if (nbr == NULL) {
1326 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1327 inet_ntoa(ospfh->router_id));
1328 return;
1329 }
1330
1331 /* Check MTU. */
1332 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1333 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1334 flog_warn(
1335 EC_OSPF_PACKET,
1336 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1337 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1338 oi->ifp->mtu);
1339 return;
1340 }
1341
1342 /*
1343 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1344 * not
1345 * required. In fact at least JunOS sends DD packets with P bit clear.
1346 * Until proper solution is developped, this hack should help.
1347 *
1348 * Update: According to the RFCs, N bit is specified /only/ for Hello
1349 * options, unfortunately its use in DD options is not specified. Hence
1350 * some
1351 * implementations follow E-bit semantics and set it in DD options, and
1352 * some
1353 * treat it as unspecified and hence follow the directive "default for
1354 * options is clear", ie unset.
1355 *
1356 * Reset the flag, as ospfd follows E-bit semantics.
1357 */
1358 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1359 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1360 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1361 if (IS_DEBUG_OSPF_EVENT)
1362 zlog_debug(
1363 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1364 inet_ntoa(nbr->router_id));
1365 SET_FLAG(dd->options, OSPF_OPTION_NP);
1366 }
1367
1368 #ifdef REJECT_IF_TBIT_ON
1369 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1370 /*
1371 * In Hello protocol, optional capability must have checked
1372 * to prevent this T-bit enabled router be my neighbor.
1373 */
1374 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1375 inet_ntoa(nbr->router_id));
1376 return;
1377 }
1378 #endif /* REJECT_IF_TBIT_ON */
1379
1380 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1381 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1382 /*
1383 * This node is not configured to handle O-bit, for now.
1384 * Clear it to ignore unsupported capability proposed by
1385 * neighbor.
1386 */
1387 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1388 }
1389
1390 /* Add event to thread. */
1391 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1392
1393 /* Process DD packet by neighbor status. */
1394 switch (nbr->state) {
1395 case NSM_Down:
1396 case NSM_Attempt:
1397 case NSM_TwoWay:
1398 flog_warn(
1399 EC_OSPF_PACKET,
1400 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1401 inet_ntoa(nbr->router_id),
1402 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1403 break;
1404 case NSM_Init:
1405 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1406 /* If the new state is ExStart, the processing of the current
1407 packet should then continue in this new state by falling
1408 through to case ExStart below. */
1409 if (nbr->state != NSM_ExStart)
1410 break;
1411 /* fallthru */
1412 case NSM_ExStart:
1413 /* Initial DBD */
1414 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1415 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1416 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1417 > 0) {
1418 /* We're Slave---obey */
1419 if (CHECK_FLAG(oi->ospf->config,
1420 OSPF_LOG_ADJACENCY_DETAIL))
1421 zlog_info(
1422 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1423 inet_ntoa(nbr->router_id));
1424
1425 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1426
1427 /* Reset I/MS */
1428 UNSET_FLAG(nbr->dd_flags,
1429 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1430 } else {
1431 /* We're Master, ignore the initial DBD from
1432 * Slave */
1433 if (CHECK_FLAG(oi->ospf->config,
1434 OSPF_LOG_ADJACENCY_DETAIL))
1435 zlog_info(
1436 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1437 "ignoring.",
1438 inet_ntoa(nbr->router_id));
1439 break;
1440 }
1441 }
1442 /* Ack from the Slave */
1443 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1444 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1445 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1446 < 0) {
1447 zlog_info(
1448 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1449 inet_ntoa(nbr->router_id));
1450 /* Reset I, leaving MS */
1451 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1452 } else {
1453 flog_warn(EC_OSPF_PACKET,
1454 "Packet[DD]: Neighbor %s Negotiation fails.",
1455 inet_ntoa(nbr->router_id));
1456 break;
1457 }
1458
1459 /* This is where the real Options are saved */
1460 nbr->options = dd->options;
1461
1462 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1463 if (IS_DEBUG_OSPF_EVENT)
1464 zlog_debug(
1465 "Neighbor[%s] is %sOpaque-capable.",
1466 inet_ntoa(nbr->router_id),
1467 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1468 ? ""
1469 : "NOT ");
1470
1471 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1472 && IPV4_ADDR_SAME(&DR(oi),
1473 &nbr->address.u.prefix4)) {
1474 flog_warn(
1475 EC_OSPF_PACKET,
1476 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1477 inet_ntoa(nbr->router_id));
1478 /* This situation is undesirable, but not a real
1479 * error. */
1480 }
1481 }
1482
1483 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1484
1485 /* continue processing rest of packet. */
1486 ospf_db_desc_proc(s, oi, nbr, dd, size);
1487 break;
1488 case NSM_Exchange:
1489 if (ospf_db_desc_is_dup(dd, nbr)) {
1490 if (IS_SET_DD_MS(nbr->dd_flags))
1491 /* Master: discard duplicated DD packet. */
1492 zlog_info(
1493 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1494 inet_ntoa(nbr->router_id));
1495 else
1496 /* Slave: cause to retransmit the last Database
1497 Description. */
1498 {
1499 zlog_info(
1500 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1501 inet_ntoa(nbr->router_id));
1502 ospf_db_desc_resend(nbr);
1503 }
1504 break;
1505 }
1506
1507 /* Otherwise DD packet should be checked. */
1508 /* Check Master/Slave bit mismatch */
1509 if (IS_SET_DD_MS(dd->flags)
1510 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1511 flog_warn(EC_OSPF_PACKET,
1512 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1513 inet_ntoa(nbr->router_id));
1514 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1515 if (IS_DEBUG_OSPF_EVENT)
1516 zlog_debug(
1517 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1518 dd->flags, nbr->dd_flags);
1519 break;
1520 }
1521
1522 /* Check initialize bit is set. */
1523 if (IS_SET_DD_I(dd->flags)) {
1524 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1525 inet_ntoa(nbr->router_id));
1526 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1527 break;
1528 }
1529
1530 /* Check DD Options. */
1531 if (dd->options != nbr->options) {
1532 #ifdef ORIGINAL_CODING
1533 /* Save the new options for debugging */
1534 nbr->options = dd->options;
1535 #endif /* ORIGINAL_CODING */
1536 flog_warn(EC_OSPF_PACKET,
1537 "Packet[DD]: Neighbor %s options mismatch.",
1538 inet_ntoa(nbr->router_id));
1539 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1540 break;
1541 }
1542
1543 /* Check DD sequence number. */
1544 if ((IS_SET_DD_MS(nbr->dd_flags)
1545 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1546 || (!IS_SET_DD_MS(nbr->dd_flags)
1547 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1548 flog_warn(
1549 EC_OSPF_PACKET,
1550 "Packet[DD]: Neighbor %s sequence number mismatch.",
1551 inet_ntoa(nbr->router_id));
1552 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1553 break;
1554 }
1555
1556 /* Continue processing rest of packet. */
1557 ospf_db_desc_proc(s, oi, nbr, dd, size);
1558 break;
1559 case NSM_Loading:
1560 case NSM_Full:
1561 if (ospf_db_desc_is_dup(dd, nbr)) {
1562 if (IS_SET_DD_MS(nbr->dd_flags)) {
1563 /* Master should discard duplicate DD packet. */
1564 zlog_info(
1565 "Packet[DD]: Neighbor %s duplicated, "
1566 "packet discarded.",
1567 inet_ntoa(nbr->router_id));
1568 break;
1569 } else {
1570 if (monotime_since(&nbr->last_send_ts, NULL)
1571 < nbr->v_inactivity * 1000000LL) {
1572 /* In states Loading and Full the slave
1573 must resend
1574 its last Database Description packet
1575 in response to
1576 duplicate Database Description
1577 packets received
1578 from the master. For this reason the
1579 slave must
1580 wait RouterDeadInterval seconds
1581 before freeing the
1582 last Database Description packet.
1583 Reception of a
1584 Database Description packet from the
1585 master after
1586 this interval will generate a
1587 SeqNumberMismatch
1588 neighbor event. RFC2328 Section 10.8
1589 */
1590 ospf_db_desc_resend(nbr);
1591 break;
1592 }
1593 }
1594 }
1595
1596 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1597 break;
1598 default:
1599 flog_warn(EC_OSPF_PACKET,
1600 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1601 inet_ntoa(nbr->router_id), nbr->state);
1602 break;
1603 }
1604 }
1605
1606 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1607
1608 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1609 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1610 struct stream *s, struct ospf_interface *oi,
1611 uint16_t size)
1612 {
1613 struct ospf_neighbor *nbr;
1614 uint32_t ls_type;
1615 struct in_addr ls_id;
1616 struct in_addr adv_router;
1617 struct ospf_lsa *find;
1618 struct list *ls_upd;
1619 unsigned int length;
1620
1621 /* Increment statistics. */
1622 oi->ls_req_in++;
1623
1624 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1625 if (nbr == NULL) {
1626 flog_warn(EC_OSPF_PACKET,
1627 "Link State Request: Unknown Neighbor %s.",
1628 inet_ntoa(ospfh->router_id));
1629 return;
1630 }
1631
1632 /* Add event to thread. */
1633 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1634
1635 /* Neighbor State should be Exchange or later. */
1636 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1637 && nbr->state != NSM_Full) {
1638 flog_warn(
1639 EC_OSPF_PACKET,
1640 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1641 inet_ntoa(ospfh->router_id),
1642 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1643 return;
1644 }
1645
1646 /* Send Link State Update for ALL requested LSAs. */
1647 ls_upd = list_new();
1648 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1649
1650 while (size >= OSPF_LSA_KEY_SIZE) {
1651 /* Get one slice of Link State Request. */
1652 ls_type = stream_getl(s);
1653 ls_id.s_addr = stream_get_ipv4(s);
1654 adv_router.s_addr = stream_get_ipv4(s);
1655
1656 /* Verify LSA type. */
1657 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1658 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1659 list_delete(&ls_upd);
1660 return;
1661 }
1662
1663 /* Search proper LSA in LSDB. */
1664 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1665 adv_router);
1666 if (find == NULL) {
1667 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1668 list_delete(&ls_upd);
1669 return;
1670 }
1671
1672 /* Packet overflows MTU size, send immediately. */
1673 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1674 if (oi->type == OSPF_IFTYPE_NBMA)
1675 ospf_ls_upd_send(nbr, ls_upd,
1676 OSPF_SEND_PACKET_DIRECT, 0);
1677 else
1678 ospf_ls_upd_send(nbr, ls_upd,
1679 OSPF_SEND_PACKET_INDIRECT, 0);
1680
1681 /* Only remove list contents. Keep ls_upd. */
1682 list_delete_all_node(ls_upd);
1683
1684 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1685 }
1686
1687 /* Append LSA to update list. */
1688 listnode_add(ls_upd, find);
1689 length += ntohs(find->data->length);
1690
1691 size -= OSPF_LSA_KEY_SIZE;
1692 }
1693
1694 /* Send rest of Link State Update. */
1695 if (listcount(ls_upd) > 0) {
1696 if (oi->type == OSPF_IFTYPE_NBMA)
1697 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1698 0);
1699 else
1700 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1701 0);
1702
1703 list_delete(&ls_upd);
1704 } else
1705 list_delete(&ls_upd);
1706 }
1707
1708 /* Get the list of LSAs from Link State Update packet.
1709 And process some validation -- RFC2328 Section 13. (1)-(2). */
1710 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1711 struct stream *s,
1712 struct ospf_interface *oi, size_t size)
1713 {
1714 uint16_t count, sum;
1715 uint32_t length;
1716 struct lsa_header *lsah;
1717 struct ospf_lsa *lsa;
1718 struct list *lsas;
1719
1720 lsas = list_new();
1721
1722 count = stream_getl(s);
1723 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1724
1725 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1726 size -= length, stream_forward_getp(s, length), count--) {
1727 lsah = (struct lsa_header *)stream_pnt(s);
1728 length = ntohs(lsah->length);
1729
1730 if (length > size) {
1731 flog_warn(
1732 EC_OSPF_PACKET,
1733 "Link State Update: LSA length exceeds packet size.");
1734 break;
1735 }
1736
1737 /* Validate the LSA's LS checksum. */
1738 sum = lsah->checksum;
1739 if (!ospf_lsa_checksum_valid(lsah)) {
1740 /* (bug #685) more details in a one-line message make it
1741 * possible
1742 * to identify problem source on the one hand and to
1743 * have a better
1744 * chance to compress repeated messages in syslog on the
1745 * other */
1746 flog_warn(
1747 EC_OSPF_PACKET,
1748 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1749 sum, lsah->checksum, inet_ntoa(lsah->id),
1750 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1751 inet_ntoa(lsah->adv_router));
1752 continue;
1753 }
1754
1755 /* Examine the LSA's LS type. */
1756 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1757 flog_warn(EC_OSPF_PACKET,
1758 "Link State Update: Unknown LS type %d",
1759 lsah->type);
1760 continue;
1761 }
1762
1763 /*
1764 * What if the received LSA's age is greater than MaxAge?
1765 * Treat it as a MaxAge case -- endo.
1766 */
1767 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1768 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1769
1770 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1771 #ifdef STRICT_OBIT_USAGE_CHECK
1772 if ((IS_OPAQUE_LSA(lsah->type)
1773 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1774 || (!IS_OPAQUE_LSA(lsah->type)
1775 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1776 /*
1777 * This neighbor must know the exact usage of
1778 * O-bit;
1779 * the bit will be set in Type-9,10,11 LSAs
1780 * only.
1781 */
1782 flog_warn(EC_OSPF_PACKET,
1783 "LSA[Type%d:%s]: O-bit abuse?",
1784 lsah->type, inet_ntoa(lsah->id));
1785 continue;
1786 }
1787 #endif /* STRICT_OBIT_USAGE_CHECK */
1788
1789 /* Do not take in AS External Opaque-LSAs if we are a
1790 * stub. */
1791 if (lsah->type == OSPF_OPAQUE_AS_LSA
1792 && nbr->oi->area->external_routing
1793 != OSPF_AREA_DEFAULT) {
1794 if (IS_DEBUG_OSPF_EVENT)
1795 zlog_debug(
1796 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1797 lsah->type,
1798 inet_ntoa(lsah->id));
1799 continue;
1800 }
1801 } else if (IS_OPAQUE_LSA(lsah->type)) {
1802 flog_warn(EC_OSPF_PACKET,
1803 "LSA[Type%d:%s]: Opaque capability mismatch?",
1804 lsah->type, inet_ntoa(lsah->id));
1805 continue;
1806 }
1807
1808 /* Create OSPF LSA instance. */
1809 lsa = ospf_lsa_new_and_data(length);
1810
1811 lsa->vrf_id = oi->ospf->vrf_id;
1812 /* We may wish to put some error checking if type NSSA comes in
1813 and area not in NSSA mode */
1814 switch (lsah->type) {
1815 case OSPF_AS_EXTERNAL_LSA:
1816 case OSPF_OPAQUE_AS_LSA:
1817 lsa->area = NULL;
1818 break;
1819 case OSPF_OPAQUE_LINK_LSA:
1820 lsa->oi = oi; /* Remember incoming interface for
1821 flooding control. */
1822 /* Fallthrough */
1823 default:
1824 lsa->area = oi->area;
1825 break;
1826 }
1827
1828 memcpy(lsa->data, lsah, length);
1829
1830 if (IS_DEBUG_OSPF_EVENT)
1831 zlog_debug(
1832 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1833 lsa->data->type, inet_ntoa(lsa->data->id),
1834 (void *)lsa);
1835 listnode_add(lsas, lsa);
1836 }
1837
1838 return lsas;
1839 }
1840
1841 /* Cleanup Update list. */
1842 static void ospf_upd_list_clean(struct list *lsas)
1843 {
1844 struct listnode *node, *nnode;
1845 struct ospf_lsa *lsa;
1846
1847 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1848 ospf_lsa_discard(lsa);
1849
1850 list_delete(&lsas);
1851 }
1852
1853 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1854 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1855 struct ospf_header *ospfh, struct stream *s,
1856 struct ospf_interface *oi, uint16_t size)
1857 {
1858 struct ospf_neighbor *nbr;
1859 struct list *lsas;
1860 struct listnode *node, *nnode;
1861 struct ospf_lsa *lsa = NULL;
1862 /* unsigned long ls_req_found = 0; */
1863
1864 /* Dis-assemble the stream, update each entry, re-encapsulate for
1865 * flooding */
1866
1867 /* Increment statistics. */
1868 oi->ls_upd_in++;
1869
1870 /* Check neighbor. */
1871 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1872 if (nbr == NULL) {
1873 flog_warn(EC_OSPF_PACKET,
1874 "Link State Update: Unknown Neighbor %s on int: %s",
1875 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1876 return;
1877 }
1878
1879 /* Add event to thread. */
1880 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1881
1882 /* Check neighbor state. */
1883 if (nbr->state < NSM_Exchange) {
1884 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1885 zlog_debug(
1886 "Link State Update: "
1887 "Neighbor[%s] state %s is less than Exchange",
1888 inet_ntoa(ospfh->router_id),
1889 lookup_msg(ospf_nsm_state_msg, nbr->state,
1890 NULL));
1891 return;
1892 }
1893
1894 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1895 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1896 * of section 13.
1897 */
1898 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1899
1900 if (lsas == NULL)
1901 return;
1902 #define DISCARD_LSA(L, N) \
1903 { \
1904 if (IS_DEBUG_OSPF_EVENT) \
1905 zlog_debug( \
1906 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1907 " Type-%d", \
1908 N, (void *)lsa, (int)lsa->data->type); \
1909 ospf_lsa_discard(L); \
1910 continue; \
1911 }
1912
1913 /* Process each LSA received in the one packet.
1914 *
1915 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1916 * text below are from the steps in RFC 2328, Section 13.
1917 */
1918 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1919 struct ospf_lsa *ls_ret, *current;
1920 int ret = 1;
1921
1922 if (IS_DEBUG_OSPF_NSSA) {
1923 char buf1[INET_ADDRSTRLEN];
1924 char buf2[INET_ADDRSTRLEN];
1925 char buf3[INET_ADDRSTRLEN];
1926
1927 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1928 lsa->data->type,
1929 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1930 INET_ADDRSTRLEN),
1931 inet_ntop(AF_INET, &lsa->data->id, buf2,
1932 INET_ADDRSTRLEN),
1933 inet_ntop(AF_INET, &lsa->data->adv_router,
1934 buf3, INET_ADDRSTRLEN));
1935 }
1936
1937 listnode_delete(lsas,
1938 lsa); /* We don't need it in list anymore */
1939
1940 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1941 */
1942
1943 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1944
1945 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1946 */
1947
1948 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1949 */
1950
1951 /* Do take in Type-7's if we are an NSSA */
1952
1953 /* If we are also an ABR, later translate them to a Type-5
1954 * packet */
1955
1956 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1957 translate them to a separate Type-5 packet. */
1958
1959 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1960 /* Reject from STUB or NSSA */
1961 if (nbr->oi->area->external_routing
1962 != OSPF_AREA_DEFAULT) {
1963 if (IS_DEBUG_OSPF_NSSA)
1964 zlog_debug(
1965 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1966 DISCARD_LSA(lsa, 1);
1967 }
1968
1969 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1970 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1971 if (IS_DEBUG_OSPF_NSSA)
1972 zlog_debug(
1973 "Incoming NSSA LSA Discarded: Not NSSA Area");
1974 DISCARD_LSA(lsa, 2);
1975 }
1976
1977 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1978 if (lsa->data->type == OSPF_ROUTER_LSA)
1979 if (!IPV4_ADDR_SAME(&lsa->data->id,
1980 &lsa->data->adv_router)) {
1981 char buf1[INET_ADDRSTRLEN];
1982 char buf2[INET_ADDRSTRLEN];
1983 char buf3[INET_ADDRSTRLEN];
1984
1985 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1986 "Incoming Router-LSA from %s with "
1987 "Adv-ID[%s] != LS-ID[%s]",
1988 inet_ntop(AF_INET, &ospfh->router_id,
1989 buf1, INET_ADDRSTRLEN),
1990 inet_ntop(AF_INET, &lsa->data->id,
1991 buf2, INET_ADDRSTRLEN),
1992 inet_ntop(AF_INET,
1993 &lsa->data->adv_router, buf3,
1994 INET_ADDRSTRLEN));
1995 flog_err(
1996 EC_OSPF_DOMAIN_CORRUPT,
1997 "OSPF domain compromised by attack or corruption. "
1998 "Verify correct operation of -ALL- OSPF routers.");
1999 DISCARD_LSA(lsa, 0);
2000 }
2001
2002 /* Find the LSA in the current database. */
2003
2004 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
2005
2006 /* (4) If the LSA's LS age is equal to MaxAge, and there is
2007 currently
2008 no instance of the LSA in the router's link state database,
2009 and none of router's neighbors are in states Exchange or
2010 Loading,
2011 then take the following actions: */
2012
2013 if (IS_LSA_MAXAGE(lsa) && !current
2014 && ospf_check_nbr_status(oi->ospf)) {
2015 /* (4a) Response Link State Acknowledgment. */
2016 ospf_ls_ack_send(nbr, lsa);
2017
2018 /* (4b) Discard LSA. */
2019 if (IS_DEBUG_OSPF(lsa, LSA)) {
2020 zlog_debug(
2021 "Link State Update[%s]: LS age is equal to MaxAge.",
2022 dump_lsa_key(lsa));
2023 }
2024 DISCARD_LSA(lsa, 3);
2025 }
2026
2027 if (IS_OPAQUE_LSA(lsa->data->type)
2028 && IPV4_ADDR_SAME(&lsa->data->adv_router,
2029 &oi->ospf->router_id)) {
2030 /*
2031 * Even if initial flushing seems to be completed, there
2032 * might
2033 * be a case that self-originated LSA with MaxAge still
2034 * remain
2035 * in the routing domain.
2036 * Just send an LSAck message to cease retransmission.
2037 */
2038 if (IS_LSA_MAXAGE(lsa)) {
2039 zlog_info("LSA[%s]: Boomerang effect?",
2040 dump_lsa_key(lsa));
2041 ospf_ls_ack_send(nbr, lsa);
2042 ospf_lsa_discard(lsa);
2043
2044 if (current != NULL && !IS_LSA_MAXAGE(current))
2045 ospf_opaque_lsa_refresh_schedule(
2046 current);
2047 continue;
2048 }
2049
2050 /*
2051 * If an instance of self-originated Opaque-LSA is not
2052 * found
2053 * in the LSDB, there are some possible cases here.
2054 *
2055 * 1) This node lost opaque-capability after restart.
2056 * 2) Else, a part of opaque-type is no more supported.
2057 * 3) Else, a part of opaque-id is no more supported.
2058 *
2059 * Anyway, it is still this node's responsibility to
2060 * flush it.
2061 * Otherwise, the LSA instance remains in the routing
2062 * domain
2063 * until its age reaches to MaxAge.
2064 */
2065 /* XXX: We should deal with this for *ALL* LSAs, not
2066 * just opaque */
2067 if (current == NULL) {
2068 if (IS_DEBUG_OSPF_EVENT)
2069 zlog_debug(
2070 "LSA[%s]: Previously originated Opaque-LSA,"
2071 "not found in the LSDB.",
2072 dump_lsa_key(lsa));
2073
2074 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2075
2076 ospf_opaque_self_originated_lsa_received(nbr,
2077 lsa);
2078 ospf_ls_ack_send(nbr, lsa);
2079
2080 continue;
2081 }
2082 }
2083
2084 /* It might be happen that received LSA is self-originated
2085 * network LSA, but
2086 * router ID is changed. So, we should check if LSA is a
2087 * network-LSA whose
2088 * Link State ID is one of the router's own IP interface
2089 * addresses but whose
2090 * Advertising Router is not equal to the router's own Router ID
2091 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2092 * flushed.
2093 */
2094
2095 if (lsa->data->type == OSPF_NETWORK_LSA) {
2096 struct listnode *oinode, *oinnode;
2097 struct ospf_interface *out_if;
2098 int Flag = 0;
2099
2100 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2101 oinnode, out_if)) {
2102 if (out_if == NULL)
2103 break;
2104
2105 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2106 &lsa->data->id))
2107 && (!(IPV4_ADDR_SAME(
2108 &oi->ospf->router_id,
2109 &lsa->data->adv_router)))) {
2110 if (out_if->network_lsa_self) {
2111 ospf_lsa_flush_area(
2112 lsa, out_if->area);
2113 if (IS_DEBUG_OSPF_EVENT)
2114 zlog_debug(
2115 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2116 (void *)lsa,
2117 (int)lsa->data
2118 ->type);
2119 ospf_lsa_discard(lsa);
2120 Flag = 1;
2121 }
2122 break;
2123 }
2124 }
2125 if (Flag)
2126 continue;
2127 }
2128
2129 /* (5) Find the instance of this LSA that is currently contained
2130 in the router's link state database. If there is no
2131 database copy, or the received LSA is more recent than
2132 the database copy the following steps must be performed.
2133 (The sub steps from RFC 2328 section 13 step (5) will be
2134 performed in
2135 ospf_flood() ) */
2136
2137 if (current == NULL
2138 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2139 /* CVE-2017-3224 */
2140 if (current && (lsa->data->ls_seqnum ==
2141 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2142 && !IS_LSA_MAXAGE(lsa))) {
2143 zlog_debug(
2144 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2145 dump_lsa_key(lsa));
2146
2147 DISCARD_LSA(lsa, 4);
2148 }
2149
2150 /* Actual flooding procedure. */
2151 if (ospf_flood(oi->ospf, nbr, current, lsa)
2152 < 0) /* Trap NSSA later. */
2153 DISCARD_LSA(lsa, 5);
2154 continue;
2155 }
2156
2157 /* (6) Else, If there is an instance of the LSA on the sending
2158 neighbor's Link state request list, an error has occurred in
2159 the Database Exchange process. In this case, restart the
2160 Database Exchange process by generating the neighbor event
2161 BadLSReq for the sending neighbor and stop processing the
2162 Link State Update packet. */
2163
2164 if (ospf_ls_request_lookup(nbr, lsa)) {
2165 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2166 flog_warn(
2167 EC_OSPF_PACKET,
2168 "LSA[%s] instance exists on Link state request list",
2169 dump_lsa_key(lsa));
2170
2171 /* Clean list of LSAs. */
2172 ospf_upd_list_clean(lsas);
2173 /* this lsa is not on lsas list already. */
2174 ospf_lsa_discard(lsa);
2175 return;
2176 }
2177
2178 /* If the received LSA is the same instance as the database copy
2179 (i.e., neither one is more recent) the following two steps
2180 should be performed: */
2181
2182 if (ret == 0) {
2183 /* If the LSA is listed in the Link state retransmission
2184 list
2185 for the receiving adjacency, the router itself is
2186 expecting
2187 an acknowledgment for this LSA. The router should
2188 treat the
2189 received LSA as an acknowledgment by removing the LSA
2190 from
2191 the Link state retransmission list. This is termed
2192 an
2193 "implied acknowledgment". */
2194
2195 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2196
2197 if (ls_ret != NULL) {
2198 ospf_ls_retransmit_delete(nbr, ls_ret);
2199
2200 /* Delayed acknowledgment sent if advertisement
2201 received
2202 from Designated Router, otherwise do nothing.
2203 */
2204 if (oi->state == ISM_Backup)
2205 if (NBR_IS_DR(nbr))
2206 listnode_add(
2207 oi->ls_ack,
2208 ospf_lsa_lock(lsa));
2209
2210 DISCARD_LSA(lsa, 6);
2211 } else
2212 /* Acknowledge the receipt of the LSA by sending a
2213 Link State Acknowledgment packet back out the
2214 receiving
2215 interface. */
2216 {
2217 ospf_ls_ack_send(nbr, lsa);
2218 DISCARD_LSA(lsa, 7);
2219 }
2220 }
2221
2222 /* The database copy is more recent. If the database copy
2223 has LS age equal to MaxAge and LS sequence number equal to
2224 MaxSequenceNumber, simply discard the received LSA without
2225 acknowledging it. (In this case, the LSA's LS sequence number
2226 is
2227 wrapping, and the MaxSequenceNumber LSA must be completely
2228 flushed before any new LSA instance can be introduced). */
2229
2230 else if (ret > 0) /* Database copy is more recent */
2231 {
2232 if (IS_LSA_MAXAGE(current)
2233 && current->data->ls_seqnum
2234 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2235 DISCARD_LSA(lsa, 8);
2236 }
2237 /* Otherwise, as long as the database copy has not been
2238 sent in a
2239 Link State Update within the last MinLSArrival
2240 seconds, send the
2241 database copy back to the sending neighbor,
2242 encapsulated within
2243 a Link State Update Packet. The Link State Update
2244 Packet should
2245 be sent directly to the neighbor. In so doing, do not
2246 put the
2247 database copy of the LSA on the neighbor's link state
2248 retransmission list, and do not acknowledge the
2249 received (less
2250 recent) LSA instance. */
2251 else {
2252 if (monotime_since(&current->tv_orig, NULL)
2253 >= ospf->min_ls_arrival * 1000LL)
2254 /* Trap NSSA type later.*/
2255 ospf_ls_upd_send_lsa(
2256 nbr, current,
2257 OSPF_SEND_PACKET_DIRECT);
2258 DISCARD_LSA(lsa, 9);
2259 }
2260 }
2261 }
2262 #undef DISCARD_LSA
2263
2264 assert(listcount(lsas) == 0);
2265 list_delete(&lsas);
2266 }
2267
2268 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2269 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2270 struct stream *s, struct ospf_interface *oi,
2271 uint16_t size)
2272 {
2273 struct ospf_neighbor *nbr;
2274
2275 /* increment statistics. */
2276 oi->ls_ack_in++;
2277
2278 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2279 if (nbr == NULL) {
2280 flog_warn(EC_OSPF_PACKET,
2281 "Link State Acknowledgment: Unknown Neighbor %s.",
2282 inet_ntoa(ospfh->router_id));
2283 return;
2284 }
2285
2286 /* Add event to thread. */
2287 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2288
2289 if (nbr->state < NSM_Exchange) {
2290 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2291 zlog_debug(
2292 "Link State Acknowledgment: "
2293 "Neighbor[%s] state %s is less than Exchange",
2294 inet_ntoa(ospfh->router_id),
2295 lookup_msg(ospf_nsm_state_msg, nbr->state,
2296 NULL));
2297 return;
2298 }
2299
2300 while (size >= OSPF_LSA_HEADER_SIZE) {
2301 struct ospf_lsa *lsa, *lsr;
2302
2303 lsa = ospf_lsa_new();
2304 lsa->data = (struct lsa_header *)stream_pnt(s);
2305 lsa->vrf_id = oi->ospf->vrf_id;
2306
2307 /* lsah = (struct lsa_header *) stream_pnt (s); */
2308 size -= OSPF_LSA_HEADER_SIZE;
2309 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2310
2311 if (lsa->data->type < OSPF_MIN_LSA
2312 || lsa->data->type >= OSPF_MAX_LSA) {
2313 lsa->data = NULL;
2314 ospf_lsa_discard(lsa);
2315 continue;
2316 }
2317
2318 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2319
2320 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2321 ospf_ls_retransmit_delete(nbr, lsr);
2322
2323 lsa->data = NULL;
2324 ospf_lsa_discard(lsa);
2325 }
2326
2327 return;
2328 }
2329
2330 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2331 struct interface **ifp,
2332 struct stream *ibuf)
2333 {
2334 int ret;
2335 struct ip *iph;
2336 uint16_t ip_len;
2337 ifindex_t ifindex = 0;
2338 struct iovec iov;
2339 /* Header and data both require alignment. */
2340 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2341 struct msghdr msgh;
2342
2343 memset(&msgh, 0, sizeof(struct msghdr));
2344 msgh.msg_iov = &iov;
2345 msgh.msg_iovlen = 1;
2346 msgh.msg_control = (caddr_t)buff;
2347 msgh.msg_controllen = sizeof(buff);
2348
2349 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2350 if (ret < 0) {
2351 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2352 safe_strerror(errno));
2353 return NULL;
2354 }
2355 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2356 {
2357 flog_warn(
2358 EC_OSPF_PACKET,
2359 "ospf_recv_packet: discarding runt packet of length %d "
2360 "(ip header size is %u)",
2361 ret, (unsigned int)sizeof(iph));
2362 return NULL;
2363 }
2364
2365 /* Note that there should not be alignment problems with this assignment
2366 because this is at the beginning of the stream data buffer. */
2367 iph = (struct ip *)STREAM_DATA(ibuf);
2368 sockopt_iphdrincl_swab_systoh(iph);
2369
2370 ip_len = iph->ip_len;
2371
2372 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2373 /*
2374 * Kernel network code touches incoming IP header parameters,
2375 * before protocol specific processing.
2376 *
2377 * 1) Convert byteorder to host representation.
2378 * --> ip_len, ip_id, ip_off
2379 *
2380 * 2) Adjust ip_len to strip IP header size!
2381 * --> If user process receives entire IP packet via RAW
2382 * socket, it must consider adding IP header size to
2383 * the "ip_len" field of "ip" structure.
2384 *
2385 * For more details, see <netinet/ip_input.c>.
2386 */
2387 ip_len = ip_len + (iph->ip_hl << 2);
2388 #endif
2389
2390 #if defined(__DragonFly__)
2391 /*
2392 * in DragonFly's raw socket, ip_len/ip_off are read
2393 * in network byte order.
2394 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2395 */
2396 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2397 #endif
2398
2399 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2400
2401 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2402
2403 if (ret != ip_len) {
2404 flog_warn(
2405 EC_OSPF_PACKET,
2406 "ospf_recv_packet read length mismatch: ip_len is %d, "
2407 "but recvmsg returned %d",
2408 ip_len, ret);
2409 return NULL;
2410 }
2411
2412 return ibuf;
2413 }
2414
2415 static struct ospf_interface *
2416 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2417 struct ip *iph, struct ospf_header *ospfh)
2418 {
2419 struct ospf_interface *rcv_oi;
2420 struct ospf_vl_data *vl_data;
2421 struct ospf_area *vl_area;
2422 struct listnode *node;
2423
2424 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2425 || !OSPF_IS_AREA_BACKBONE(ospfh))
2426 return NULL;
2427
2428 /* look for local OSPF interface matching the destination
2429 * to determine Area ID. We presume therefore the destination address
2430 * is unique, or at least (for "unnumbered" links), not used in other
2431 * areas
2432 */
2433 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2434 == NULL)
2435 return NULL;
2436
2437 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2438 vl_area =
2439 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2440 if (!vl_area)
2441 continue;
2442
2443 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2444 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2445 if (IS_DEBUG_OSPF_EVENT)
2446 zlog_debug("associating packet with %s",
2447 IF_NAME(vl_data->vl_oi));
2448 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2449 if (IS_DEBUG_OSPF_EVENT)
2450 zlog_debug(
2451 "This VL is not up yet, sorry");
2452 return NULL;
2453 }
2454
2455 return vl_data->vl_oi;
2456 }
2457 }
2458
2459 if (IS_DEBUG_OSPF_EVENT)
2460 zlog_debug("couldn't find any VL to associate the packet with");
2461
2462 return NULL;
2463 }
2464
2465 static int ospf_check_area_id(struct ospf_interface *oi,
2466 struct ospf_header *ospfh)
2467 {
2468 /* Check match the Area ID of the receiving interface. */
2469 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2470 return 1;
2471
2472 return 0;
2473 }
2474
2475 /* Unbound socket will accept any Raw IP packets if proto is matched.
2476 To prevent it, compare src IP address and i/f address with masking
2477 i/f network mask. */
2478 static int ospf_check_network_mask(struct ospf_interface *oi,
2479 struct in_addr ip_src)
2480 {
2481 struct in_addr mask, me, him;
2482
2483 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2484 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2485 return 1;
2486
2487 masklen2ip(oi->address->prefixlen, &mask);
2488
2489 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2490 him.s_addr = ip_src.s_addr & mask.s_addr;
2491
2492 if (IPV4_ADDR_SAME(&me, &him))
2493 return 1;
2494
2495 return 0;
2496 }
2497
2498 /* Return 1, if the packet is properly authenticated and checksummed,
2499 0 otherwise. In particular, check that AuType header field is valid and
2500 matches the locally configured AuType, and that D.5 requirements are met. */
2501 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2502 {
2503 struct crypt_key *ck;
2504 uint16_t iface_auth_type;
2505 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2506
2507 switch (pkt_auth_type) {
2508 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2509 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2510 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2511 flog_warn(
2512 EC_OSPF_PACKET,
2513 "interface %s: auth-type mismatch, local %s, rcvd Null",
2514 IF_NAME(oi),
2515 lookup_msg(ospf_auth_type_str,
2516 iface_auth_type, NULL));
2517 return 0;
2518 }
2519 if (!ospf_check_sum(ospfh)) {
2520 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2521 flog_warn(
2522 EC_OSPF_PACKET,
2523 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2524 IF_NAME(oi),
2525 inet_ntoa(ospfh->router_id));
2526 return 0;
2527 }
2528 return 1;
2529 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2530 if (OSPF_AUTH_SIMPLE
2531 != (iface_auth_type = ospf_auth_type(oi))) {
2532 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2533 flog_warn(
2534 EC_OSPF_PACKET,
2535 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2536 IF_NAME(oi),
2537 lookup_msg(ospf_auth_type_str,
2538 iface_auth_type, NULL));
2539 return 0;
2540 }
2541 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2542 OSPF_AUTH_SIMPLE_SIZE)) {
2543 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2544 flog_warn(EC_OSPF_PACKET,
2545 "interface %s: Simple auth failed",
2546 IF_NAME(oi));
2547 return 0;
2548 }
2549 if (!ospf_check_sum(ospfh)) {
2550 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2551 flog_warn(
2552 EC_OSPF_PACKET,
2553 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2554 IF_NAME(oi),
2555 inet_ntoa(ospfh->router_id));
2556 return 0;
2557 }
2558 return 1;
2559 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2560 if (OSPF_AUTH_CRYPTOGRAPHIC
2561 != (iface_auth_type = ospf_auth_type(oi))) {
2562 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2563 flog_warn(
2564 EC_OSPF_PACKET,
2565 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2566 IF_NAME(oi),
2567 lookup_msg(ospf_auth_type_str,
2568 iface_auth_type, NULL));
2569 return 0;
2570 }
2571 if (ospfh->checksum) {
2572 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2573 flog_warn(
2574 EC_OSPF_PACKET,
2575 "interface %s: OSPF header checksum is not 0",
2576 IF_NAME(oi));
2577 return 0;
2578 }
2579 /* only MD5 crypto method can pass ospf_packet_examin() */
2580 if (NULL == (ck = listgetdata(
2581 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2582 || ospfh->u.crypt.key_id != ck->key_id ||
2583 /* Condition above uses the last key ID on the list,
2584 which is
2585 different from what ospf_crypt_key_lookup() does. A
2586 bug? */
2587 !ospf_check_md5_digest(oi, ospfh)) {
2588 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2589 flog_warn(EC_OSPF_MD5,
2590 "interface %s: MD5 auth failed",
2591 IF_NAME(oi));
2592 return 0;
2593 }
2594 return 1;
2595 default:
2596 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2597 flog_warn(
2598 EC_OSPF_PACKET,
2599 "interface %s: invalid packet auth-type (%02x)",
2600 IF_NAME(oi), pkt_auth_type);
2601 return 0;
2602 }
2603 }
2604
2605 static int ospf_check_sum(struct ospf_header *ospfh)
2606 {
2607 uint32_t ret;
2608 uint16_t sum;
2609
2610 /* clear auth_data for checksum. */
2611 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2612
2613 /* keep checksum and clear. */
2614 sum = ospfh->checksum;
2615 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2616
2617 /* calculate checksum. */
2618 ret = in_cksum(ospfh, ntohs(ospfh->length));
2619
2620 if (ret != sum) {
2621 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2622 ret, sum);
2623 return 0;
2624 }
2625
2626 return 1;
2627 }
2628
2629 /* Verify, that given link/TOS records are properly sized/aligned and match
2630 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2631 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2632 uint16_t linkbytes,
2633 const uint16_t num_links)
2634 {
2635 unsigned counted_links = 0, thislinklen;
2636
2637 while (linkbytes) {
2638 thislinklen =
2639 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2640 if (thislinklen > linkbytes) {
2641 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2642 zlog_debug("%s: length error in link block #%u",
2643 __func__, counted_links);
2644 return MSG_NG;
2645 }
2646 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2647 linkbytes -= thislinklen;
2648 counted_links++;
2649 }
2650 if (counted_links != num_links) {
2651 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2652 zlog_debug("%s: %u link blocks declared, %u present",
2653 __func__, num_links, counted_links);
2654 return MSG_NG;
2655 }
2656 return MSG_OK;
2657 }
2658
2659 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2660 minimum length constraint). */
2661 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2662 const uint8_t headeronly)
2663 {
2664 unsigned ret;
2665 struct router_lsa *rlsa;
2666 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2667 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2668 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2669 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2670 lookup_msg(ospf_lsa_type_msg, lsah->type,
2671 NULL));
2672 return MSG_NG;
2673 }
2674 switch (lsah->type) {
2675 case OSPF_ROUTER_LSA:
2676 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2677 * (12+)-byte link blocks */
2678 if (headeronly) {
2679 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2680 - OSPF_ROUTER_LSA_MIN_SIZE)
2681 % 4
2682 ? MSG_NG
2683 : MSG_OK;
2684 break;
2685 }
2686 rlsa = (struct router_lsa *)lsah;
2687 ret = ospf_router_lsa_links_examin(
2688 (struct router_lsa_link *)rlsa->link,
2689 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2690 header, "flags",
2691 0, "# links" */
2692 ntohs(rlsa->links) /* 16 bits */
2693 );
2694 break;
2695 case OSPF_AS_EXTERNAL_LSA:
2696 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2697 * blocks */
2698 case OSPF_AS_NSSA_LSA:
2699 /* RFC3101 C, idem */
2700 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2701 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2702 % 12
2703 ? MSG_NG
2704 : MSG_OK;
2705 break;
2706 /* Following LSA types are considered OK length-wise as soon as their
2707 * minimum
2708 * length constraint is met and length of the whole LSA is a multiple of
2709 * 4
2710 * (basic LSA header size is already a multiple of 4). */
2711 case OSPF_NETWORK_LSA:
2712 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2713 case OSPF_SUMMARY_LSA:
2714 case OSPF_ASBR_SUMMARY_LSA:
2715 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2716 * blocks */
2717 case OSPF_OPAQUE_LINK_LSA:
2718 case OSPF_OPAQUE_AREA_LSA:
2719 case OSPF_OPAQUE_AS_LSA:
2720 /* RFC5250 A.2, "some number of octets (of application-specific
2721 * data) padded to 32-bit alignment." This is considered
2722 * equivalent
2723 * to 4-byte alignment of all other LSA types, see
2724 * OSPF-ALIGNMENT.txt
2725 * file for the detailed analysis of this passage. */
2726 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2727 break;
2728 default:
2729 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2730 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2731 lsah->type);
2732 return MSG_NG;
2733 }
2734 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2735 zlog_debug("%s: alignment error in %s", __func__,
2736 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2737 return ret;
2738 }
2739
2740 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2741 includes verification of LSA blocks length/alignment and dispatching
2742 of deeper-level checks. */
2743 static unsigned
2744 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2745 size_t length, const uint8_t headeronly,
2746 /* When declared_num_lsas is not 0, compare it to the real
2747 number of LSAs
2748 and treat the difference as an error. */
2749 const uint32_t declared_num_lsas)
2750 {
2751 uint32_t counted_lsas = 0;
2752
2753 while (length) {
2754 uint16_t lsalen;
2755 if (length < OSPF_LSA_HEADER_SIZE) {
2756 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2757 zlog_debug(
2758 "%s: undersized (%zu B) trailing (#%u) LSA header",
2759 __func__, length, counted_lsas);
2760 return MSG_NG;
2761 }
2762 /* save on ntohs() calls here and in the LSA validator */
2763 lsalen = ntohs(lsah->length);
2764 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2765 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2766 zlog_debug(
2767 "%s: malformed LSA header #%u, declared length is %u B",
2768 __func__, counted_lsas, lsalen);
2769 return MSG_NG;
2770 }
2771 if (headeronly) {
2772 /* less checks here and in ospf_lsa_examin() */
2773 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2774 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2775 zlog_debug(
2776 "%s: malformed header-only LSA #%u",
2777 __func__, counted_lsas);
2778 return MSG_NG;
2779 }
2780 lsah = (struct lsa_header *)((caddr_t)lsah
2781 + OSPF_LSA_HEADER_SIZE);
2782 length -= OSPF_LSA_HEADER_SIZE;
2783 } else {
2784 /* make sure the input buffer is deep enough before
2785 * further checks */
2786 if (lsalen > length) {
2787 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2788 zlog_debug(
2789 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2790 __func__, counted_lsas, lsalen,
2791 length);
2792 return MSG_NG;
2793 }
2794 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2795 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2796 zlog_debug("%s: malformed LSA #%u",
2797 __func__, counted_lsas);
2798 return MSG_NG;
2799 }
2800 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2801 length -= lsalen;
2802 }
2803 counted_lsas++;
2804 }
2805
2806 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2807 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2808 zlog_debug(
2809 "%s: #LSAs declared (%u) does not match actual (%u)",
2810 __func__, declared_num_lsas, counted_lsas);
2811 return MSG_NG;
2812 }
2813 return MSG_OK;
2814 }
2815
2816 /* Verify a complete OSPF packet for proper sizing/alignment. */
2817 static unsigned ospf_packet_examin(struct ospf_header *oh,
2818 const unsigned bytesonwire)
2819 {
2820 uint16_t bytesdeclared, bytesauth;
2821 unsigned ret;
2822 struct ospf_ls_update *lsupd;
2823
2824 /* Length, 1st approximation. */
2825 if (bytesonwire < OSPF_HEADER_SIZE) {
2826 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2827 zlog_debug("%s: undersized (%u B) packet", __func__,
2828 bytesonwire);
2829 return MSG_NG;
2830 }
2831 /* Now it is safe to access header fields. Performing length check,
2832 * allow
2833 * for possible extra bytes of crypto auth/padding, which are not
2834 * counted
2835 * in the OSPF header "length" field. */
2836 if (oh->version != OSPF_VERSION) {
2837 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2838 zlog_debug("%s: invalid (%u) protocol version",
2839 __func__, oh->version);
2840 return MSG_NG;
2841 }
2842 bytesdeclared = ntohs(oh->length);
2843 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2844 bytesauth = 0;
2845 else {
2846 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2847 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2848 zlog_debug(
2849 "%s: unsupported crypto auth length (%u B)",
2850 __func__, oh->u.crypt.auth_data_len);
2851 return MSG_NG;
2852 }
2853 bytesauth = OSPF_AUTH_MD5_SIZE;
2854 }
2855 if (bytesdeclared + bytesauth > bytesonwire) {
2856 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2857 zlog_debug(
2858 "%s: packet length error (%u real, %u+%u declared)",
2859 __func__, bytesonwire, bytesdeclared,
2860 bytesauth);
2861 return MSG_NG;
2862 }
2863 /* Length, 2nd approximation. The type-specific constraint is checked
2864 against declared length, not amount of bytes on wire. */
2865 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2866 && bytesdeclared
2867 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2868 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2869 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2870 bytesdeclared,
2871 lookup_msg(ospf_packet_type_str, oh->type,
2872 NULL));
2873 return MSG_NG;
2874 }
2875 switch (oh->type) {
2876 case OSPF_MSG_HELLO:
2877 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2878 followed
2879 by N>=0 router-IDs. */
2880 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2881 % 4
2882 ? MSG_NG
2883 : MSG_OK;
2884 break;
2885 case OSPF_MSG_DB_DESC:
2886 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2887 followed
2888 by N>=0 header-only LSAs. */
2889 ret = ospf_lsaseq_examin(
2890 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2891 + OSPF_DB_DESC_MIN_SIZE),
2892 bytesdeclared - OSPF_HEADER_SIZE
2893 - OSPF_DB_DESC_MIN_SIZE,
2894 1, /* header-only LSAs */
2895 0);
2896 break;
2897 case OSPF_MSG_LS_REQ:
2898 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2899 * request blocks. */
2900 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2901 % OSPF_LSA_KEY_SIZE
2902 ? MSG_NG
2903 : MSG_OK;
2904 break;
2905 case OSPF_MSG_LS_UPD:
2906 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2907 followed
2908 by N>=0 full LSAs (with N declared beforehand). */
2909 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2910 + OSPF_HEADER_SIZE);
2911 ret = ospf_lsaseq_examin(
2912 (struct lsa_header *)((caddr_t)lsupd
2913 + OSPF_LS_UPD_MIN_SIZE),
2914 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2915 0, /* full LSAs */
2916 ntohl(lsupd->num_lsas) /* 32 bits */
2917 );
2918 break;
2919 case OSPF_MSG_LS_ACK:
2920 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2921 * LSAs. */
2922 ret = ospf_lsaseq_examin(
2923 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2924 + OSPF_LS_ACK_MIN_SIZE),
2925 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2926 1, /* header-only LSAs */
2927 0);
2928 break;
2929 default:
2930 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2931 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2932 oh->type);
2933 return MSG_NG;
2934 }
2935 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2936 zlog_debug("%s: malformed %s packet", __func__,
2937 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2938 return ret;
2939 }
2940
2941 /* OSPF Header verification. */
2942 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2943 struct ip *iph, struct ospf_header *ospfh)
2944 {
2945 /* Check Area ID. */
2946 if (!ospf_check_area_id(oi, ospfh)) {
2947 flog_warn(EC_OSPF_PACKET,
2948 "interface %s: ospf_read invalid Area ID %s.",
2949 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2950 return -1;
2951 }
2952
2953 /* Check network mask, Silently discarded. */
2954 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2955 flog_warn(
2956 EC_OSPF_PACKET,
2957 "interface %s: ospf_read network address is not same [%s]",
2958 IF_NAME(oi), inet_ntoa(iph->ip_src));
2959 return -1;
2960 }
2961
2962 /* Check authentication. The function handles logging actions, where
2963 * required. */
2964 if (!ospf_check_auth(oi, ospfh))
2965 return -1;
2966
2967 return 0;
2968 }
2969
2970 /* Starting point of packet process function. */
2971 int ospf_read(struct thread *thread)
2972 {
2973 int ret;
2974 struct stream *ibuf;
2975 struct ospf *ospf;
2976 struct ospf_interface *oi;
2977 struct ip *iph;
2978 struct ospf_header *ospfh;
2979 uint16_t length;
2980 struct interface *ifp = NULL;
2981 struct connected *c;
2982
2983 /* first of all get interface pointer. */
2984 ospf = THREAD_ARG(thread);
2985
2986 /* prepare for next packet. */
2987 ospf->t_read = NULL;
2988 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2989
2990 stream_reset(ospf->ibuf);
2991 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2992 if (ibuf == NULL)
2993 return -1;
2994 /* This raw packet is known to be at least as big as its IP header. */
2995
2996 /* Note that there should not be alignment problems with this assignment
2997 because this is at the beginning of the stream data buffer. */
2998 iph = (struct ip *)STREAM_DATA(ibuf);
2999 /* Note that sockopt_iphdrincl_swab_systoh was called in
3000 * ospf_recv_packet. */
3001
3002 if (ifp == NULL) {
3003 /* Handle cases where the platform does not support retrieving
3004 the ifindex,
3005 and also platforms (such as Solaris 8) that claim to support
3006 ifindex
3007 retrieval but do not. */
3008 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
3009 ospf->vrf_id);
3010 if (c)
3011 ifp = c->ifp;
3012 if (ifp == NULL)
3013 return 0;
3014 }
3015
3016 /* IP Header dump. */
3017 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3018 ospf_ip_header_dump(iph);
3019
3020 /* Self-originated packet should be discarded silently. */
3021 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3022 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3023 zlog_debug(
3024 "ospf_read[%s]: Dropping self-originated packet",
3025 inet_ntoa(iph->ip_src));
3026 }
3027 return 0;
3028 }
3029
3030 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
3031 by ospf_recv_packet() to be correct). */
3032 stream_forward_getp(ibuf, iph->ip_hl * 4);
3033
3034 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3035 if (MSG_OK
3036 != ospf_packet_examin(
3037 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
3038 return -1;
3039 /* Now it is safe to access all fields of OSPF packet header. */
3040
3041 /* associate packet with ospf interface */
3042 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3043
3044 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3045 only
3046 after the passive/backbone/other checks below are passed. These
3047 checks
3048 in turn access the fields of unverified "ospfh" structure for their
3049 own
3050 purposes and must remain very accurate in doing this. */
3051
3052 /* If incoming interface is passive one, ignore it. */
3053 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3054 char buf[3][INET_ADDRSTRLEN];
3055
3056 if (IS_DEBUG_OSPF_EVENT)
3057 zlog_debug(
3058 "ignoring packet from router %s sent to %s, "
3059 "received on a passive interface, %s",
3060 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3061 sizeof(buf[0])),
3062 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3063 sizeof(buf[1])),
3064 inet_ntop(AF_INET, &oi->address->u.prefix4,
3065 buf[2], sizeof(buf[2])));
3066
3067 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3068 /* Try to fix multicast membership.
3069 * Some OS:es may have problems in this area,
3070 * make sure it is removed.
3071 */
3072 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3073 ospf_if_set_multicast(oi);
3074 }
3075 return 0;
3076 }
3077
3078
3079 /* if no local ospf_interface,
3080 * or header area is backbone but ospf_interface is not
3081 * check for VLINK interface
3082 */
3083 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3084 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3085 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3086 == NULL) {
3087 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3088 zlog_debug(
3089 "Packet from [%s] received on link %s"
3090 " but no ospf_interface",
3091 inet_ntoa(iph->ip_src), ifp->name);
3092 return 0;
3093 }
3094 }
3095
3096 /* else it must be a local ospf interface, check it was received on
3097 * correct link
3098 */
3099 else if (oi->ifp != ifp) {
3100 if (IS_DEBUG_OSPF_EVENT)
3101 flog_warn(EC_OSPF_PACKET,
3102 "Packet from [%s] received on wrong link %s",
3103 inet_ntoa(iph->ip_src), ifp->name);
3104 return 0;
3105 } else if (oi->state == ISM_Down) {
3106 char buf[2][INET_ADDRSTRLEN];
3107 flog_warn(
3108 EC_OSPF_PACKET,
3109 "Ignoring packet from %s to %s received on interface that is "
3110 "down [%s]; interface flags are %s",
3111 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3112 sizeof(buf[0])),
3113 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3114 sizeof(buf[1])),
3115 ifp->name, if_flag_dump(ifp->flags));
3116 /* Fix multicast memberships? */
3117 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3118 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3119 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3120 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3121 if (oi->multicast_memberships)
3122 ospf_if_set_multicast(oi);
3123 return 0;
3124 }
3125
3126 /*
3127 * If the received packet is destined for AllDRouters, the packet
3128 * should be accepted only if the received ospf interface state is
3129 * either DR or Backup -- endo.
3130 */
3131 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3132 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3133 flog_warn(
3134 EC_OSPF_PACKET,
3135 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3136 inet_ntoa(iph->ip_src), IF_NAME(oi),
3137 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3138 /* Try to fix multicast membership. */
3139 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3140 ospf_if_set_multicast(oi);
3141 return 0;
3142 }
3143
3144 /* Verify more OSPF header fields. */
3145 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3146 if (ret < 0) {
3147 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3148 zlog_debug(
3149 "ospf_read[%s]: Header check failed, "
3150 "dropping.",
3151 inet_ntoa(iph->ip_src));
3152 return ret;
3153 }
3154
3155 /* Show debug receiving packet. */
3156 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3157 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3158 zlog_debug(
3159 "-----------------------------------------------------");
3160 ospf_packet_dump(ibuf);
3161 }
3162
3163 zlog_debug("%s received from [%s] via [%s]",
3164 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3165 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3166 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3167 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3168
3169 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3170 zlog_debug(
3171 "-----------------------------------------------------");
3172 }
3173
3174 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3175
3176 /* Adjust size to message length. */
3177 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3178
3179 /* Read rest of the packet and call each sort of packet routine. */
3180 switch (ospfh->type) {
3181 case OSPF_MSG_HELLO:
3182 ospf_hello(iph, ospfh, ibuf, oi, length);
3183 break;
3184 case OSPF_MSG_DB_DESC:
3185 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3186 break;
3187 case OSPF_MSG_LS_REQ:
3188 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3189 break;
3190 case OSPF_MSG_LS_UPD:
3191 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3192 break;
3193 case OSPF_MSG_LS_ACK:
3194 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3195 break;
3196 default:
3197 flog_warn(EC_OSPF_PACKET,
3198 "interface %s: OSPF packet header type %d is illegal",
3199 IF_NAME(oi), ospfh->type);
3200 break;
3201 }
3202
3203 return 0;
3204 }
3205
3206 /* Make OSPF header. */
3207 static void ospf_make_header(int type, struct ospf_interface *oi,
3208 struct stream *s)
3209 {
3210 struct ospf_header *ospfh;
3211
3212 ospfh = (struct ospf_header *)STREAM_DATA(s);
3213
3214 ospfh->version = (uint8_t)OSPF_VERSION;
3215 ospfh->type = (uint8_t)type;
3216
3217 ospfh->router_id = oi->ospf->router_id;
3218
3219 ospfh->checksum = 0;
3220 ospfh->area_id = oi->area->area_id;
3221 ospfh->auth_type = htons(ospf_auth_type(oi));
3222
3223 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3224
3225 stream_forward_endp(s, OSPF_HEADER_SIZE);
3226 }
3227
3228 /* Make Authentication Data. */
3229 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3230 {
3231 struct crypt_key *ck;
3232
3233 switch (ospf_auth_type(oi)) {
3234 case OSPF_AUTH_NULL:
3235 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3236 */
3237 break;
3238 case OSPF_AUTH_SIMPLE:
3239 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3240 OSPF_AUTH_SIMPLE_SIZE);
3241 break;
3242 case OSPF_AUTH_CRYPTOGRAPHIC:
3243 /* If key is not set, then set 0. */
3244 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3245 ospfh->u.crypt.zero = 0;
3246 ospfh->u.crypt.key_id = 0;
3247 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3248 } else {
3249 ck = listgetdata(
3250 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3251 ospfh->u.crypt.zero = 0;
3252 ospfh->u.crypt.key_id = ck->key_id;
3253 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3254 }
3255 /* note: the seq is done in ospf_make_md5_digest() */
3256 break;
3257 default:
3258 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3259 */
3260 break;
3261 }
3262
3263 return 0;
3264 }
3265
3266 /* Fill rest of OSPF header. */
3267 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3268 uint16_t length)
3269 {
3270 struct ospf_header *ospfh;
3271
3272 ospfh = (struct ospf_header *)STREAM_DATA(s);
3273
3274 /* Fill length. */
3275 ospfh->length = htons(length);
3276
3277 /* Calculate checksum. */
3278 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3279 ospfh->checksum = in_cksum(ospfh, length);
3280 else
3281 ospfh->checksum = 0;
3282
3283 /* Add Authentication Data. */
3284 ospf_make_auth(oi, ospfh);
3285 }
3286
3287 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3288 {
3289 struct ospf_neighbor *nbr;
3290 struct route_node *rn;
3291 uint16_t length = OSPF_HELLO_MIN_SIZE;
3292 struct in_addr mask;
3293 unsigned long p;
3294 int flag = 0;
3295
3296 /* Set netmask of interface. */
3297 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3298 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3299 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3300 masklen2ip(oi->address->prefixlen, &mask);
3301 else
3302 memset((char *)&mask, 0, sizeof(struct in_addr));
3303 stream_put_ipv4(s, mask.s_addr);
3304
3305 /* Set Hello Interval. */
3306 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3307 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3308 else
3309 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3310
3311 if (IS_DEBUG_OSPF_EVENT)
3312 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3313 IF_NAME(oi));
3314
3315 /* Set Options. */
3316 stream_putc(s, OPTIONS(oi));
3317
3318 /* Set Router Priority. */
3319 stream_putc(s, PRIORITY(oi));
3320
3321 /* Set Router Dead Interval. */
3322 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3323
3324 /* Set Designated Router. */
3325 stream_put_ipv4(s, DR(oi).s_addr);
3326
3327 p = stream_get_endp(s);
3328
3329 /* Set Backup Designated Router. */
3330 stream_put_ipv4(s, BDR(oi).s_addr);
3331
3332 /* Add neighbor seen. */
3333 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3334 if ((nbr = rn->info))
3335 if (nbr->router_id.s_addr
3336 != 0) /* Ignore 0.0.0.0 node. */
3337 if (nbr->state
3338 != NSM_Attempt) /* Ignore Down neighbor. */
3339 if (nbr->state
3340 != NSM_Down) /* This is myself for
3341 DR election. */
3342 if (!IPV4_ADDR_SAME(
3343 &nbr->router_id,
3344 &oi->ospf->router_id)) {
3345 /* Check neighbor is
3346 * sane? */
3347 if (nbr->d_router.s_addr
3348 != 0
3349 && IPV4_ADDR_SAME(
3350 &nbr->d_router,
3351 &oi->address
3352 ->u
3353 .prefix4)
3354 && IPV4_ADDR_SAME(
3355 &nbr->bd_router,
3356 &oi->address
3357 ->u
3358 .prefix4))
3359 flag = 1;
3360
3361 /* Hello packet overflows interface MTU. */
3362 if (length + sizeof(uint32_t)
3363 > ospf_packet_max(oi)) {
3364 flog_err(
3365 EC_OSPF_LARGE_HELLO,
3366 "Oversized Hello packet! Larger than MTU. Not sending it out");
3367 return 0;
3368 }
3369
3370 stream_put_ipv4(
3371 s,
3372 nbr->router_id
3373 .s_addr);
3374 length += 4;
3375 }
3376
3377 /* Let neighbor generate BackupSeen. */
3378 if (flag == 1)
3379 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3380
3381 return length;
3382 }
3383
3384 static int ospf_make_db_desc(struct ospf_interface *oi,
3385 struct ospf_neighbor *nbr, struct stream *s)
3386 {
3387 struct ospf_lsa *lsa;
3388 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3389 uint8_t options;
3390 unsigned long pp;
3391 int i;
3392 struct ospf_lsdb *lsdb;
3393
3394 /* Set Interface MTU. */
3395 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3396 stream_putw(s, 0);
3397 else
3398 stream_putw(s, oi->ifp->mtu);
3399
3400 /* Set Options. */
3401 options = OPTIONS(oi);
3402 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3403 SET_FLAG(options, OSPF_OPTION_O);
3404 stream_putc(s, options);
3405
3406 /* DD flags */
3407 pp = stream_get_endp(s);
3408 stream_putc(s, nbr->dd_flags);
3409
3410 /* Set DD Sequence Number. */
3411 stream_putl(s, nbr->dd_seqnum);
3412
3413 /* shortcut unneeded walk of (empty) summary LSDBs */
3414 if (ospf_db_summary_isempty(nbr))
3415 goto empty;
3416
3417 /* Describe LSA Header from Database Summary List. */
3418 lsdb = &nbr->db_sum;
3419
3420 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3421 struct route_table *table = lsdb->type[i].db;
3422 struct route_node *rn;
3423
3424 for (rn = route_top(table); rn; rn = route_next(rn))
3425 if ((lsa = rn->info) != NULL) {
3426 if (IS_OPAQUE_LSA(lsa->data->type)
3427 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3428 /* Suppress advertising
3429 * opaque-information. */
3430 /* Remove LSA from DB summary list. */
3431 ospf_lsdb_delete(lsdb, lsa);
3432 continue;
3433 }
3434
3435 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3436 struct lsa_header *lsah;
3437 uint16_t ls_age;
3438
3439 /* DD packet overflows interface MTU. */
3440 if (length + OSPF_LSA_HEADER_SIZE
3441 > ospf_packet_max(oi))
3442 break;
3443
3444 /* Keep pointer to LS age. */
3445 lsah = (struct lsa_header
3446 *)(STREAM_DATA(s)
3447 + stream_get_endp(
3448 s));
3449
3450 /* Proceed stream pointer. */
3451 stream_put(s, lsa->data,
3452 OSPF_LSA_HEADER_SIZE);
3453 length += OSPF_LSA_HEADER_SIZE;
3454
3455 /* Set LS age. */
3456 ls_age = LS_AGE(lsa);
3457 lsah->ls_age = htons(ls_age);
3458 }
3459
3460 /* Remove LSA from DB summary list. */
3461 ospf_lsdb_delete(lsdb, lsa);
3462 }
3463 }
3464
3465 /* Update 'More' bit */
3466 if (ospf_db_summary_isempty(nbr)) {
3467 empty:
3468 if (nbr->state >= NSM_Exchange) {
3469 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3470 /* Rewrite DD flags */
3471 stream_putc_at(s, pp, nbr->dd_flags);
3472 } else {
3473 assert(IS_SET_DD_M(nbr->dd_flags));
3474 }
3475 }
3476 return length;
3477 }
3478
3479 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3480 unsigned long delta, struct ospf_neighbor *nbr,
3481 struct ospf_lsa *lsa)
3482 {
3483 struct ospf_interface *oi;
3484
3485 oi = nbr->oi;
3486
3487 /* LS Request packet overflows interface MTU
3488 * delta is just number of bytes required for 1 LS Req
3489 * ospf_packet_max will return the number of bytes can
3490 * be accomodated without ospf header. So length+delta
3491 * can be compared to ospf_packet_max
3492 * to check if it can fit another lsreq in the same packet.
3493 */
3494
3495 if (*length + delta > ospf_packet_max(oi))
3496 return 0;
3497
3498 stream_putl(s, lsa->data->type);
3499 stream_put_ipv4(s, lsa->data->id.s_addr);
3500 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3501
3502 ospf_lsa_unlock(&nbr->ls_req_last);
3503 nbr->ls_req_last = ospf_lsa_lock(lsa);
3504
3505 *length += 12;
3506 return 1;
3507 }
3508
3509 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3510 {
3511 struct ospf_lsa *lsa;
3512 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3513 unsigned long delta = 12;
3514 struct route_table *table;
3515 struct route_node *rn;
3516 int i;
3517 struct ospf_lsdb *lsdb;
3518
3519 lsdb = &nbr->ls_req;
3520
3521 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3522 table = lsdb->type[i].db;
3523 for (rn = route_top(table); rn; rn = route_next(rn))
3524 if ((lsa = (rn->info)) != NULL)
3525 if (ospf_make_ls_req_func(s, &length, delta,
3526 nbr, lsa)
3527 == 0) {
3528 route_unlock_node(rn);
3529 break;
3530 }
3531 }
3532 return length;
3533 }
3534
3535 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3536 {
3537 int age;
3538
3539 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3540
3541 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3542 }
3543
3544 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3545 struct stream *s)
3546 {
3547 struct ospf_lsa *lsa;
3548 struct listnode *node;
3549 uint16_t length = 0;
3550 unsigned int size_noauth;
3551 unsigned long delta = stream_get_endp(s);
3552 unsigned long pp;
3553 int count = 0;
3554
3555 if (IS_DEBUG_OSPF_EVENT)
3556 zlog_debug("ospf_make_ls_upd: Start");
3557
3558 pp = stream_get_endp(s);
3559 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3560 length += OSPF_LS_UPD_MIN_SIZE;
3561
3562 /* Calculate amount of packet usable for data. */
3563 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3564
3565 while ((node = listhead(update)) != NULL) {
3566 struct lsa_header *lsah;
3567 uint16_t ls_age;
3568
3569 if (IS_DEBUG_OSPF_EVENT)
3570 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3571 count);
3572
3573 lsa = listgetdata(node);
3574
3575 assert(lsa->data);
3576
3577 /* Will it fit? Minimum it has to fit atleast one */
3578 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3579 (count > 0))
3580 break;
3581
3582 /* Keep pointer to LS age. */
3583 lsah = (struct lsa_header *)(STREAM_DATA(s)
3584 + stream_get_endp(s));
3585
3586 /* Put LSA to Link State Request. */
3587 stream_put(s, lsa->data, ntohs(lsa->data->length));
3588
3589 /* Set LS age. */
3590 /* each hop must increment an lsa_age by transmit_delay
3591 of OSPF interface */
3592 ls_age = ls_age_increment(lsa,
3593 OSPF_IF_PARAM(oi, transmit_delay));
3594 lsah->ls_age = htons(ls_age);
3595
3596 length += ntohs(lsa->data->length);
3597 count++;
3598
3599 list_delete_node(update, node);
3600 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3601 }
3602
3603 /* Now set #LSAs. */
3604 stream_putl_at(s, pp, count);
3605
3606 if (IS_DEBUG_OSPF_EVENT)
3607 zlog_debug("ospf_make_ls_upd: Stop");
3608 return length;
3609 }
3610
3611 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3612 struct stream *s)
3613 {
3614 struct listnode *node, *nnode;
3615 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3616 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3617 struct ospf_lsa *lsa;
3618
3619 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3620 assert(lsa);
3621
3622 /* LS Ack packet overflows interface MTU
3623 * delta is just number of bytes required for
3624 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3625 * the number of bytes can be accomodated without
3626 * ospf header. So length+delta can be compared
3627 * against ospf_packet_max to check if it can fit
3628 * another ls header in the same packet.
3629 */
3630 if ((length + delta) > ospf_packet_max(oi))
3631 break;
3632
3633 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3634 length += OSPF_LSA_HEADER_SIZE;
3635
3636 listnode_delete(ack, lsa);
3637 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3638 }
3639
3640 return length;
3641 }
3642
3643 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3644 {
3645 struct ospf_packet *op;
3646 uint16_t length = OSPF_HEADER_SIZE;
3647
3648 op = ospf_packet_new(oi->ifp->mtu);
3649
3650 /* Prepare OSPF common header. */
3651 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3652
3653 /* Prepare OSPF Hello body. */
3654 length += ospf_make_hello(oi, op->s);
3655 if (length == OSPF_HEADER_SIZE) {
3656 /* Hello overshooting MTU */
3657 ospf_packet_free(op);
3658 return;
3659 }
3660
3661 /* Fill OSPF header. */
3662 ospf_fill_header(oi, op->s, length);
3663
3664 /* Set packet length. */
3665 op->length = length;
3666
3667 op->dst.s_addr = addr;
3668
3669 if (IS_DEBUG_OSPF_EVENT) {
3670 if (oi->ospf->vrf_id)
3671 zlog_debug(
3672 "%s: Hello Tx interface %s ospf vrf %s id %u",
3673 __PRETTY_FUNCTION__, oi->ifp->name,
3674 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3675 oi->ospf->vrf_id);
3676 }
3677 /* Add packet to the top of the interface output queue, so that they
3678 * can't get delayed by things like long queues of LS Update packets
3679 */
3680 ospf_packet_add_top(oi, op);
3681
3682 /* Hook thread to write packet. */
3683 OSPF_ISM_WRITE_ON(oi->ospf);
3684 }
3685
3686 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3687 {
3688 struct ospf_interface *oi;
3689
3690 oi = nbr_nbma->oi;
3691 assert(oi);
3692
3693 /* If this is passive interface, do not send OSPF Hello. */
3694 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3695 return;
3696
3697 if (oi->type != OSPF_IFTYPE_NBMA)
3698 return;
3699
3700 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3701 return;
3702
3703 if (PRIORITY(oi) == 0)
3704 return;
3705
3706 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3707 && oi->state != ISM_Backup)
3708 return;
3709
3710 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3711 }
3712
3713 int ospf_poll_timer(struct thread *thread)
3714 {
3715 struct ospf_nbr_nbma *nbr_nbma;
3716
3717 nbr_nbma = THREAD_ARG(thread);
3718 nbr_nbma->t_poll = NULL;
3719
3720 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3721 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3722 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3723
3724 ospf_poll_send(nbr_nbma);
3725
3726 if (nbr_nbma->v_poll > 0)
3727 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3728 nbr_nbma->v_poll);
3729
3730 return 0;
3731 }
3732
3733
3734 int ospf_hello_reply_timer(struct thread *thread)
3735 {
3736 struct ospf_neighbor *nbr;
3737
3738 nbr = THREAD_ARG(thread);
3739 nbr->t_hello_reply = NULL;
3740
3741 assert(nbr->oi);
3742
3743 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3744 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3745 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3746
3747 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3748
3749 return 0;
3750 }
3751
3752 /* Send OSPF Hello. */
3753 void ospf_hello_send(struct ospf_interface *oi)
3754 {
3755 /* If this is passive interface, do not send OSPF Hello. */
3756 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3757 return;
3758
3759 if (oi->type == OSPF_IFTYPE_NBMA) {
3760 struct ospf_neighbor *nbr;
3761 struct route_node *rn;
3762
3763 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3764 if ((nbr = rn->info))
3765 if (nbr != oi->nbr_self)
3766 if (nbr->state != NSM_Down) {
3767 /* RFC 2328 Section 9.5.1
3768 If the router is not
3769 eligible to become Designated
3770 Router,
3771 it must periodically send
3772 Hello Packets to both the
3773 Designated Router and the
3774 Backup Designated Router (if
3775 they
3776 exist). */
3777 if (PRIORITY(oi) == 0
3778 && IPV4_ADDR_CMP(
3779 &DR(oi),
3780 &nbr->address.u
3781 .prefix4)
3782 && IPV4_ADDR_CMP(
3783 &BDR(oi),
3784 &nbr->address.u
3785 .prefix4))
3786 continue;
3787
3788 /* If the router is eligible to
3789 become Designated Router, it
3790 must periodically send Hello
3791 Packets to all neighbors that
3792 are also eligible. In
3793 addition, if the router is
3794 itself the
3795 Designated Router or Backup
3796 Designated Router, it must
3797 also
3798 send periodic Hello Packets
3799 to all other neighbors. */
3800
3801 if (nbr->priority == 0
3802 && oi->state == ISM_DROther)
3803 continue;
3804 /* if oi->state == Waiting, send
3805 * hello to all neighbors */
3806 ospf_hello_send_sub(
3807 oi,
3808 nbr->address.u.prefix4
3809 .s_addr);
3810 }
3811 } else {
3812 /* Decide destination address. */
3813 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3814 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3815 else
3816 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3817 }
3818 }
3819
3820 /* Send OSPF Database Description. */
3821 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3822 {
3823 struct ospf_interface *oi;
3824 struct ospf_packet *op;
3825 uint16_t length = OSPF_HEADER_SIZE;
3826
3827 oi = nbr->oi;
3828 op = ospf_packet_new(oi->ifp->mtu);
3829
3830 /* Prepare OSPF common header. */
3831 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3832
3833 /* Prepare OSPF Database Description body. */
3834 length += ospf_make_db_desc(oi, nbr, op->s);
3835
3836 /* Fill OSPF header. */
3837 ospf_fill_header(oi, op->s, length);
3838
3839 /* Set packet length. */
3840 op->length = length;
3841
3842 /* Decide destination address. */
3843 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3844 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3845 else
3846 op->dst = nbr->address.u.prefix4;
3847
3848 /* Add packet to the interface output queue. */
3849 ospf_packet_add(oi, op);
3850
3851 /* Hook thread to write packet. */
3852 OSPF_ISM_WRITE_ON(oi->ospf);
3853
3854 /* Remove old DD packet, then copy new one and keep in neighbor
3855 * structure. */
3856 if (nbr->last_send)
3857 ospf_packet_free(nbr->last_send);
3858 nbr->last_send = ospf_packet_dup(op);
3859 monotime(&nbr->last_send_ts);
3860 }
3861
3862 /* Re-send Database Description. */
3863 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3864 {
3865 struct ospf_interface *oi;
3866
3867 oi = nbr->oi;
3868
3869 /* Add packet to the interface output queue. */
3870 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3871
3872 /* Hook thread to write packet. */
3873 OSPF_ISM_WRITE_ON(oi->ospf);
3874 }
3875
3876 /* Send Link State Request. */
3877 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3878 {
3879 struct ospf_interface *oi;
3880 struct ospf_packet *op;
3881 uint16_t length = OSPF_HEADER_SIZE;
3882
3883 oi = nbr->oi;
3884 op = ospf_packet_new(oi->ifp->mtu);
3885
3886 /* Prepare OSPF common header. */
3887 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3888
3889 /* Prepare OSPF Link State Request body. */
3890 length += ospf_make_ls_req(nbr, op->s);
3891 if (length == OSPF_HEADER_SIZE) {
3892 ospf_packet_free(op);
3893 return;
3894 }
3895
3896 /* Fill OSPF header. */
3897 ospf_fill_header(oi, op->s, length);
3898
3899 /* Set packet length. */
3900 op->length = length;
3901
3902 /* Decide destination address. */
3903 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3904 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3905 else
3906 op->dst = nbr->address.u.prefix4;
3907
3908 /* Add packet to the interface output queue. */
3909 ospf_packet_add(oi, op);
3910
3911 /* Hook thread to write packet. */
3912 OSPF_ISM_WRITE_ON(oi->ospf);
3913
3914 /* Add Link State Request Retransmission Timer. */
3915 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3916 }
3917
3918 /* Send Link State Update with an LSA. */
3919 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3920 int flag)
3921 {
3922 struct list *update;
3923
3924 update = list_new();
3925
3926 listnode_add(update, lsa);
3927
3928 /*ospf instance is going down, send self originated
3929 * MAXAGE LSA update to neighbors to remove from LSDB */
3930 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3931 ospf_ls_upd_send(nbr, update, flag, 1);
3932 else
3933 ospf_ls_upd_send(nbr, update, flag, 0);
3934
3935 list_delete(&update);
3936 }
3937
3938 /* Determine size for packet. Must be at least big enough to accomodate next
3939 * LSA on list, which may be bigger than MTU size.
3940 *
3941 * Return pointer to new ospf_packet
3942 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3943 * on packet sizes (in which case offending LSA is deleted from update list)
3944 */
3945 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3946 struct ospf_interface *oi)
3947 {
3948 struct ospf_lsa *lsa;
3949 struct listnode *ln;
3950 size_t size;
3951 static char warned = 0;
3952
3953 lsa = listgetdata((ln = listhead(update)));
3954 assert(lsa->data);
3955
3956 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3957 > ospf_packet_max(oi)) {
3958 if (!warned) {
3959 flog_warn(
3960 EC_OSPF_LARGE_LSA,
3961 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3962 "will need to fragment. Not optimal. Try divide up"
3963 " your network with areas. Use 'debug ospf packet send'"
3964 " to see details, or look at 'show ip ospf database ..'");
3965 warned = 1;
3966 }
3967
3968 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3969 zlog_debug(
3970 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3971 " %d bytes originated by %s, will be fragmented!",
3972 inet_ntoa(lsa->data->id),
3973 ntohs(lsa->data->length),
3974 inet_ntoa(lsa->data->adv_router));
3975
3976 /*
3977 * Allocate just enough to fit this LSA only, to avoid including
3978 * other
3979 * LSAs in fragmented LSA Updates.
3980 */
3981 size = ntohs(lsa->data->length)
3982 + (oi->ifp->mtu - ospf_packet_max(oi))
3983 + OSPF_LS_UPD_MIN_SIZE;
3984 } else
3985 size = oi->ifp->mtu;
3986
3987 if (size > OSPF_MAX_PACKET_SIZE) {
3988 flog_warn(EC_OSPF_LARGE_LSA,
3989 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3990 " %d bytes, packet size %ld, dropping it completely."
3991 " OSPF routing is broken!",
3992 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3993 (long int)size);
3994 list_delete_node(update, ln);
3995 return NULL;
3996 }
3997
3998 /* IP header is built up separately by ospf_write(). This means, that we
3999 * must
4000 * reduce the "affordable" size just calculated by length of an IP
4001 * header.
4002 * This makes sure, that even if we manage to fill the payload with LSA
4003 * data
4004 * completely, the final packet (our data plus IP header) still fits
4005 * into
4006 * outgoing interface MTU. This correction isn't really meaningful for
4007 * an
4008 * oversized LSA, but for consistency the correction is done for both
4009 * cases.
4010 *
4011 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4012 */
4013 return ospf_packet_new(size - sizeof(struct ip));
4014 }
4015
4016 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
4017 struct list *update, struct in_addr addr,
4018 int send_lsupd_now)
4019 {
4020 struct ospf_packet *op;
4021 uint16_t length = OSPF_HEADER_SIZE;
4022
4023 if (IS_DEBUG_OSPF_EVENT)
4024 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
4025 IF_NAME(oi), inet_ntoa(addr));
4026
4027 /* Check that we have really something to process */
4028 if (listcount(update) == 0)
4029 return;
4030
4031 op = ospf_ls_upd_packet_new(update, oi);
4032
4033 /* Prepare OSPF common header. */
4034 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4035
4036 /* Prepare OSPF Link State Update body.
4037 * Includes Type-7 translation.
4038 */
4039 length += ospf_make_ls_upd(oi, update, op->s);
4040
4041 /* Fill OSPF header. */
4042 ospf_fill_header(oi, op->s, length);
4043
4044 /* Set packet length. */
4045 op->length = length;
4046
4047 /* Decide destination address. */
4048 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4049 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4050 else
4051 op->dst.s_addr = addr.s_addr;
4052
4053 /* Add packet to the interface output queue. */
4054 ospf_packet_add(oi, op);
4055 /* Call ospf_write() right away to send ospf packets to neighbors */
4056 if (send_lsupd_now) {
4057 struct thread os_packet_thd;
4058
4059 os_packet_thd.arg = (void *)oi->ospf;
4060 if (oi->on_write_q == 0) {
4061 listnode_add(oi->ospf->oi_write_q, oi);
4062 oi->on_write_q = 1;
4063 }
4064 ospf_write(&os_packet_thd);
4065 } else {
4066 /* Hook thread to write packet. */
4067 OSPF_ISM_WRITE_ON(oi->ospf);
4068 }
4069 }
4070
4071 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4072 {
4073 struct ospf_interface *oi = THREAD_ARG(thread);
4074 struct route_node *rn;
4075 struct route_node *rnext;
4076 struct list *update;
4077 char again = 0;
4078
4079 oi->t_ls_upd_event = NULL;
4080
4081 if (IS_DEBUG_OSPF_EVENT)
4082 zlog_debug("ospf_ls_upd_send_queue start");
4083
4084 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4085 rnext = route_next(rn);
4086
4087 if (rn->info == NULL)
4088 continue;
4089
4090 update = (struct list *)rn->info;
4091
4092 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4093
4094 /* list might not be empty. */
4095 if (listcount(update) == 0) {
4096 list_delete((struct list **)&rn->info);
4097 route_unlock_node(rn);
4098 } else
4099 again = 1;
4100 }
4101
4102 if (again != 0) {
4103 if (IS_DEBUG_OSPF_EVENT)
4104 zlog_debug(
4105 "ospf_ls_upd_send_queue: update lists not cleared,"
4106 " %d nodes to try again, raising new event",
4107 again);
4108 oi->t_ls_upd_event = NULL;
4109 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4110 &oi->t_ls_upd_event);
4111 }
4112
4113 if (IS_DEBUG_OSPF_EVENT)
4114 zlog_debug("ospf_ls_upd_send_queue stop");
4115
4116 return 0;
4117 }
4118
4119 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4120 int send_lsupd_now)
4121 {
4122 struct ospf_interface *oi;
4123 struct ospf_lsa *lsa;
4124 struct prefix_ipv4 p;
4125 struct route_node *rn;
4126 struct listnode *node;
4127
4128 oi = nbr->oi;
4129
4130 p.family = AF_INET;
4131 p.prefixlen = IPV4_MAX_BITLEN;
4132
4133 /* Decide destination address. */
4134 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4135 p.prefix = oi->vl_data->peer_addr;
4136 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4137 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4138 else if (flag == OSPF_SEND_PACKET_DIRECT)
4139 p.prefix = nbr->address.u.prefix4;
4140 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4141 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4142 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4143 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4144 else
4145 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4146
4147 if (oi->type == OSPF_IFTYPE_NBMA) {
4148 if (flag == OSPF_SEND_PACKET_INDIRECT)
4149 flog_warn(
4150 EC_OSPF_PACKET,
4151 "* LS-Update is directly sent on NBMA network.");
4152 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4153 flog_warn(EC_OSPF_PACKET,
4154 "* LS-Update is sent to myself.");
4155 }
4156
4157 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4158
4159 if (rn->info == NULL)
4160 rn->info = list_new();
4161 else
4162 route_unlock_node(rn);
4163
4164 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4165 listnode_add(rn->info,
4166 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4167 if (send_lsupd_now) {
4168 struct list *send_update_list;
4169 struct route_node *rnext;
4170
4171 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4172 rnext = route_next(rn);
4173
4174 if (rn->info == NULL)
4175 continue;
4176
4177 send_update_list = (struct list *)rn->info;
4178
4179 ospf_ls_upd_queue_send(oi, send_update_list,
4180 rn->p.u.prefix4, 1);
4181 }
4182 } else
4183 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4184 &oi->t_ls_upd_event);
4185 }
4186
4187 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4188 struct in_addr dst)
4189 {
4190 struct ospf_packet *op;
4191 uint16_t length = OSPF_HEADER_SIZE;
4192
4193 op = ospf_packet_new(oi->ifp->mtu);
4194
4195 /* Prepare OSPF common header. */
4196 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4197
4198 /* Prepare OSPF Link State Acknowledgment body. */
4199 length += ospf_make_ls_ack(oi, ack, op->s);
4200
4201 /* Fill OSPF header. */
4202 ospf_fill_header(oi, op->s, length);
4203
4204 /* Set packet length. */
4205 op->length = length;
4206
4207 /* Decide destination address. */
4208 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4209 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4210 else
4211 op->dst.s_addr = dst.s_addr;
4212
4213 /* Add packet to the interface output queue. */
4214 ospf_packet_add(oi, op);
4215
4216 /* Hook thread to write packet. */
4217 OSPF_ISM_WRITE_ON(oi->ospf);
4218 }
4219
4220 static int ospf_ls_ack_send_event(struct thread *thread)
4221 {
4222 struct ospf_interface *oi = THREAD_ARG(thread);
4223
4224 oi->t_ls_ack_direct = NULL;
4225
4226 while (listcount(oi->ls_ack_direct.ls_ack))
4227 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4228 oi->ls_ack_direct.dst);
4229
4230 return 0;
4231 }
4232
4233 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4234 {
4235 struct ospf_interface *oi = nbr->oi;
4236
4237 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4238 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4239
4240 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4241
4242 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4243 &oi->t_ls_ack_direct);
4244 }
4245
4246 /* Send Link State Acknowledgment delayed. */
4247 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4248 {
4249 struct in_addr dst;
4250
4251 /* Decide destination address. */
4252 /* RFC2328 Section 13.5 On non-broadcast
4253 networks, delayed Link State Acknowledgment packets must be
4254 unicast separately over each adjacency (i.e., neighbor whose
4255 state is >= Exchange). */
4256 if (oi->type == OSPF_IFTYPE_NBMA) {
4257 struct ospf_neighbor *nbr;
4258 struct route_node *rn;
4259
4260 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4261 if ((nbr = rn->info) != NULL)
4262 if (nbr != oi->nbr_self
4263 && nbr->state >= NSM_Exchange)
4264 while (listcount(oi->ls_ack))
4265 ospf_ls_ack_send_list(
4266 oi, oi->ls_ack,
4267 nbr->address.u.prefix4);
4268 return;
4269 }
4270 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4271 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4272 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4273 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4274 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4275 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4276 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4277 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4278 else
4279 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4280
4281 while (listcount(oi->ls_ack))
4282 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4283 }
4284
4285 /*
4286 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4287 * address. As a result, the kernel does not need to learn the interface
4288 * MAC of the OSPF neighbor. However, in our world, this will delay
4289 * convergence. Take the case when due to a link flap, all routes now
4290 * want to use an interface which was deemed to be costlier prior to this
4291 * event. For routes that will be installed, the missing MAC will have
4292 * punt-to-CPU set on them. This may overload the CPU control path that
4293 * can be avoided if the MAC was known apriori.
4294 */
4295 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4296 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4297 {
4298 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4299 int ret;
4300
4301 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4302 return;
4303
4304 snprintf(ping_nbr, sizeof(ping_nbr),
4305 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4306 inet_ntoa(nbr->address.u.prefix4));
4307
4308 ret = system(ping_nbr);
4309 if (IS_DEBUG_OSPF_EVENT)
4310 zlog_debug("Executed %s %s", ping_nbr,
4311 ((ret == 0) ? "successfully" : "but failed"));
4312 }
FRRouting mirror