]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ospfd: OSPFv2 VRF Support
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38
39 #include "ospfd/ospfd.h"
40 #include "ospfd/ospf_network.h"
41 #include "ospfd/ospf_interface.h"
42 #include "ospfd/ospf_ism.h"
43 #include "ospfd/ospf_asbr.h"
44 #include "ospfd/ospf_lsa.h"
45 #include "ospfd/ospf_lsdb.h"
46 #include "ospfd/ospf_neighbor.h"
47 #include "ospfd/ospf_nsm.h"
48 #include "ospfd/ospf_packet.h"
49 #include "ospfd/ospf_spf.h"
50 #include "ospfd/ospf_flood.h"
51 #include "ospfd/ospf_dump.h"
52
53 /*
54 * OSPF Fragmentation / fragmented writes
55 *
56 * ospfd can support writing fragmented packets, for cases where
57 * kernel will not fragment IP_HDRINCL and/or multicast destined
58 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
59 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
60 * flags fields, hence user-space fragmentation will not work.
61 * Only Linux is known to leave IP header unmolested.
62 * Further, fragmentation really should be done the kernel, which already
63 * supports it, and which avoids nasty IP ID state problems.
64 *
65 * Fragmentation of OSPF packets can be required on networks with router
66 * with many many interfaces active in one area, or on networks with links
67 * with low MTUs.
68 */
69 #ifdef GNU_LINUX
70 #define WANT_OSPF_WRITE_FRAGMENT
71 #endif
72
73 /* Packet Type String. */
74 const struct message ospf_packet_type_str[] = {
75 {OSPF_MSG_HELLO, "Hello"},
76 {OSPF_MSG_DB_DESC, "Database Description"},
77 {OSPF_MSG_LS_REQ, "Link State Request"},
78 {OSPF_MSG_LS_UPD, "Link State Update"},
79 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
80 {0}};
81
82 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
83 particular types, offset is the "type" field of a packet. */
84 static const u_int16_t ospf_packet_minlen[] = {
85 0,
86 OSPF_HELLO_MIN_SIZE,
87 OSPF_DB_DESC_MIN_SIZE,
88 OSPF_LS_REQ_MIN_SIZE,
89 OSPF_LS_UPD_MIN_SIZE,
90 OSPF_LS_ACK_MIN_SIZE,
91 };
92
93 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
94 types, offset is the "LSA type" field. */
95 static const u_int16_t ospf_lsa_minlen[] = {
96 0,
97 OSPF_ROUTER_LSA_MIN_SIZE,
98 OSPF_NETWORK_LSA_MIN_SIZE,
99 OSPF_SUMMARY_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
102 0,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 0,
106 0,
107 0,
108 };
109
110 /* for ospf_check_auth() */
111 static int ospf_check_sum(struct ospf_header *);
112
113 /* OSPF authentication checking function */
114 static int ospf_auth_type(struct ospf_interface *oi)
115 {
116 int auth_type;
117
118 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
119 auth_type = oi->area->auth_type;
120 else
121 auth_type = OSPF_IF_PARAM(oi, auth_type);
122
123 /* Handle case where MD5 key list is not configured aka Cisco */
124 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
125 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
126 return OSPF_AUTH_NULL;
127
128 return auth_type;
129 }
130
131 struct ospf_packet *ospf_packet_new(size_t size)
132 {
133 struct ospf_packet *new;
134
135 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
136 new->s = stream_new(size);
137
138 return new;
139 }
140
141 void ospf_packet_free(struct ospf_packet *op)
142 {
143 if (op->s)
144 stream_free(op->s);
145
146 XFREE(MTYPE_OSPF_PACKET, op);
147
148 op = NULL;
149 }
150
151 struct ospf_fifo *ospf_fifo_new()
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 zlog_err(
236 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
237 "destination %s) called with NULL obuf, ignoring "
238 "(please report this bug)!\n",
239 IF_NAME(oi), oi->state,
240 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
241 lookup_msg(ospf_packet_type_str,
242 stream_getc_from(op->s, 1), NULL),
243 inet_ntoa(op->dst));
244 return;
245 }
246
247 /* Add packet to end of queue. */
248 ospf_fifo_push(oi->obuf, op);
249
250 /* Debug of packet fifo*/
251 /* ospf_fifo_debug (oi->obuf); */
252 }
253
254 static void ospf_packet_add_top(struct ospf_interface *oi,
255 struct ospf_packet *op)
256 {
257 if (!oi->obuf) {
258 zlog_err(
259 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
260 "destination %s) called with NULL obuf, ignoring "
261 "(please report this bug)!\n",
262 IF_NAME(oi), oi->state,
263 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
264 lookup_msg(ospf_packet_type_str,
265 stream_getc_from(op->s, 1), NULL),
266 inet_ntoa(op->dst));
267 return;
268 }
269
270 /* Add packet to head of queue. */
271 ospf_fifo_push_head(oi->obuf, op);
272
273 /* Debug of packet fifo*/
274 /* ospf_fifo_debug (oi->obuf); */
275 }
276
277 void ospf_packet_delete(struct ospf_interface *oi)
278 {
279 struct ospf_packet *op;
280
281 op = ospf_fifo_pop(oi->obuf);
282
283 if (op)
284 ospf_packet_free(op);
285 }
286
287 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
288 {
289 struct ospf_packet *new;
290
291 if (stream_get_endp(op->s) != op->length)
292 /* XXX size_t */
293 zlog_warn(
294 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
295 (u_long)STREAM_SIZE(op->s), op->length);
296
297 /* Reserve space for MD5 authentication that may be added later. */
298 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
299 stream_copy(new->s, op->s);
300
301 new->dst = op->dst;
302 new->length = op->length;
303
304 return new;
305 }
306
307 /* XXX inline */
308 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
309 {
310 int auth = 0;
311
312 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
313 auth = OSPF_AUTH_MD5_SIZE;
314
315 return auth;
316 }
317
318 static unsigned int ospf_packet_max(struct ospf_interface *oi)
319 {
320 int max;
321
322 max = oi->ifp->mtu - ospf_packet_authspace(oi);
323
324 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
325
326 return max;
327 }
328
329
330 static int ospf_check_md5_digest(struct ospf_interface *oi,
331 struct ospf_header *ospfh)
332 {
333 MD5_CTX ctx;
334 unsigned char digest[OSPF_AUTH_MD5_SIZE];
335 struct crypt_key *ck;
336 struct ospf_neighbor *nbr;
337 u_int16_t length = ntohs(ospfh->length);
338
339 /* Get secret key. */
340 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
341 ospfh->u.crypt.key_id);
342 if (ck == NULL) {
343 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
344 ospfh->u.crypt.key_id);
345 return 0;
346 }
347
348 /* check crypto seqnum. */
349 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
350
351 if (nbr
352 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
353 zlog_warn(
354 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
355 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
356 ntohl(nbr->crypt_seqnum));
357 return 0;
358 }
359
360 /* Generate a digest for the ospf packet - their digest + our digest. */
361 memset(&ctx, 0, sizeof(ctx));
362 MD5Init(&ctx);
363 MD5Update(&ctx, ospfh, length);
364 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
365 MD5Final(digest, &ctx);
366
367 /* compare the two */
368 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
369 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
370 IF_NAME(oi));
371 return 0;
372 }
373
374 /* save neighbor's crypt_seqnum */
375 if (nbr)
376 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
377 return 1;
378 }
379
380 /* This function is called from ospf_write(), it will detect the
381 authentication scheme and if it is MD5, it will change the sequence
382 and update the MD5 digest. */
383 static int ospf_make_md5_digest(struct ospf_interface *oi,
384 struct ospf_packet *op)
385 {
386 struct ospf_header *ospfh;
387 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
388 MD5_CTX ctx;
389 void *ibuf;
390 u_int32_t t;
391 struct crypt_key *ck;
392 const u_int8_t *auth_key;
393
394 ibuf = STREAM_DATA(op->s);
395 ospfh = (struct ospf_header *)ibuf;
396
397 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
398 return 0;
399
400 /* We do this here so when we dup a packet, we don't have to
401 waste CPU rewriting other headers.
402
403 Note that quagga_time /deliberately/ is not used here */
404 t = (time(NULL) & 0xFFFFFFFF);
405 if (t > oi->crypt_seqnum)
406 oi->crypt_seqnum = t;
407 else
408 oi->crypt_seqnum++;
409
410 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
411
412 /* Get MD5 Authentication key from auth_key list. */
413 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
414 auth_key = (const u_int8_t *)digest;
415 else {
416 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
417 auth_key = ck->auth_key;
418 }
419
420 /* Generate a digest for the entire packet + our secret key. */
421 memset(&ctx, 0, sizeof(ctx));
422 MD5Init(&ctx);
423 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
424 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
425 MD5Final(digest, &ctx);
426
427 /* Append md5 digest to the end of the stream. */
428 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
429
430 /* We do *NOT* increment the OSPF header length. */
431 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
432
433 if (stream_get_endp(op->s) != op->length)
434 /* XXX size_t */
435 zlog_warn(
436 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
437 (u_long)stream_get_endp(op->s), op->length);
438
439 return OSPF_AUTH_MD5_SIZE;
440 }
441
442
443 static int ospf_ls_req_timer(struct thread *thread)
444 {
445 struct ospf_neighbor *nbr;
446
447 nbr = THREAD_ARG(thread);
448 nbr->t_ls_req = NULL;
449
450 /* Send Link State Request. */
451 if (ospf_ls_request_count(nbr))
452 ospf_ls_req_send(nbr);
453
454 /* Set Link State Request retransmission timer. */
455 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
456
457 return 0;
458 }
459
460 void ospf_ls_req_event(struct ospf_neighbor *nbr)
461 {
462 if (nbr->t_ls_req) {
463 thread_cancel(nbr->t_ls_req);
464 nbr->t_ls_req = NULL;
465 }
466 nbr->t_ls_req = NULL;
467 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
468 }
469
470 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
471 ospf_neighbor.c */
472 int ospf_ls_upd_timer(struct thread *thread)
473 {
474 struct ospf_neighbor *nbr;
475
476 nbr = THREAD_ARG(thread);
477 nbr->t_ls_upd = NULL;
478
479 /* Send Link State Update. */
480 if (ospf_ls_retransmit_count(nbr) > 0) {
481 struct list *update;
482 struct ospf_lsdb *lsdb;
483 int i;
484 int retransmit_interval;
485
486 retransmit_interval =
487 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
488
489 lsdb = &nbr->ls_rxmt;
490 update = list_new();
491
492 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
493 struct route_table *table = lsdb->type[i].db;
494 struct route_node *rn;
495
496 for (rn = route_top(table); rn; rn = route_next(rn)) {
497 struct ospf_lsa *lsa;
498
499 if ((lsa = rn->info) != NULL) {
500 /* Don't retransmit an LSA if we
501 received it within
502 the last RxmtInterval seconds - this
503 is to allow the
504 neighbour a chance to acknowledge the
505 LSA as it may
506 have ben just received before the
507 retransmit timer
508 fired. This is a small tweak to what
509 is in the RFC,
510 but it will cut out out a lot of
511 retransmit traffic
512 - MAG */
513 if (monotime_since(&lsa->tv_recv, NULL)
514 >= retransmit_interval * 1000000LL)
515 listnode_add(update, rn->info);
516 }
517 }
518 }
519
520 if (listcount(update) > 0)
521 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT);
522 list_delete(update);
523 }
524
525 /* Set LS Update retransmission timer. */
526 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
527
528 return 0;
529 }
530
531 int ospf_ls_ack_timer(struct thread *thread)
532 {
533 struct ospf_interface *oi;
534
535 oi = THREAD_ARG(thread);
536 oi->t_ls_ack = NULL;
537
538 /* Send Link State Acknowledgment. */
539 if (listcount(oi->ls_ack) > 0)
540 ospf_ls_ack_send_delayed(oi);
541
542 /* Set LS Ack timer. */
543 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
544
545 return 0;
546 }
547
548 #ifdef WANT_OSPF_WRITE_FRAGMENT
549 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
550 struct msghdr *msg, unsigned int maxdatasize,
551 unsigned int mtu, int flags, u_char type)
552 {
553 #define OSPF_WRITE_FRAG_SHIFT 3
554 u_int16_t offset;
555 struct iovec *iovp;
556 int ret;
557
558 assert(op->length == stream_get_endp(op->s));
559 assert(msg->msg_iovlen == 2);
560
561 /* we can but try.
562 *
563 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
564 * well as the IP_MF flag, making this all quite pointless.
565 *
566 * However, for a system on which IP_MF is left alone, and ip_id left
567 * alone or else which sets same ip_id for each fragment this might
568 * work, eg linux.
569 *
570 * XXX-TODO: It would be much nicer to have the kernel's use their
571 * existing fragmentation support to do this for us. Bugs/RFEs need to
572 * be raised against the various kernels.
573 */
574
575 /* set More Frag */
576 iph->ip_off |= IP_MF;
577
578 /* ip frag offset is expressed in units of 8byte words */
579 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
580
581 iovp = &msg->msg_iov[1];
582
583 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
584 > maxdatasize) {
585 /* data length of this frag is to next offset value */
586 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
587 iph->ip_len = iovp->iov_len + sizeof(struct ip);
588 assert(iph->ip_len <= mtu);
589
590 sockopt_iphdrincl_swab_htosys(iph);
591
592 ret = sendmsg(fd, msg, flags);
593
594 sockopt_iphdrincl_swab_systoh(iph);
595
596 if (ret < 0)
597 zlog_warn(
598 "*** ospf_write_frags: sendmsg failed to %s,"
599 " id %d, off %d, len %d, mtu %u failed with %s",
600 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
601 iph->ip_len, mtu, safe_strerror(errno));
602
603 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
604 zlog_debug(
605 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
606 iph->ip_id, iph->ip_off, iph->ip_len,
607 inet_ntoa(iph->ip_dst));
608 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
609 zlog_debug(
610 "-----------------IP Header Dump----------------------");
611 ospf_ip_header_dump(iph);
612 zlog_debug(
613 "-----------------------------------------------------");
614 }
615 }
616
617 iph->ip_off += offset;
618 stream_forward_getp(op->s, iovp->iov_len);
619 iovp->iov_base = STREAM_PNT(op->s);
620 }
621
622 /* setup for final fragment */
623 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
624 iph->ip_len = iovp->iov_len + sizeof(struct ip);
625 iph->ip_off &= (~IP_MF);
626 }
627 #endif /* WANT_OSPF_WRITE_FRAGMENT */
628
629 static int ospf_write(struct thread *thread)
630 {
631 struct ospf *ospf = THREAD_ARG(thread);
632 struct ospf_interface *oi;
633 struct ospf_interface *last_serviced_oi = NULL;
634 struct ospf_packet *op;
635 struct sockaddr_in sa_dst;
636 struct ip iph;
637 struct msghdr msg;
638 struct iovec iov[2];
639 u_char type;
640 int ret;
641 int flags = 0;
642 struct listnode *node;
643 #ifdef WANT_OSPF_WRITE_FRAGMENT
644 static u_int16_t ipid = 0;
645 u_int16_t maxdatasize;
646 #endif /* WANT_OSPF_WRITE_FRAGMENT */
647 /* $FRR indent$ */
648 /* clang-format off */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 ospf->t_write = NULL;
653
654 node = listhead(ospf->oi_write_q);
655 assert(node);
656 oi = listgetdata(node);
657 assert(oi);
658
659 #ifdef WANT_OSPF_WRITE_FRAGMENT
660 /* seed ipid static with low order bits of time */
661 if (ipid == 0)
662 ipid = (time(NULL) & 0xffff);
663 #endif /* WANT_OSPF_WRITE_FRAGMENT */
664
665 while ((pkt_count < ospf->write_oi_count) && oi
666 && (last_serviced_oi != oi)) {
667 /* If there is only packet in the queue, the oi is removed from
668 write-q, so fix up the last interface that was serviced */
669 if (last_serviced_oi == NULL) {
670 last_serviced_oi = oi;
671 }
672 pkt_count++;
673 #ifdef WANT_OSPF_WRITE_FRAGMENT
674 /* convenience - max OSPF data per packet */
675 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
676 #endif /* WANT_OSPF_WRITE_FRAGMENT */
677 /* Get one packet from queue. */
678 op = ospf_fifo_head(oi->obuf);
679 assert(op);
680 assert(op->length >= OSPF_HEADER_SIZE);
681
682 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
683 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
684 ospf_if_ipmulticast(ospf, oi->address,
685 oi->ifp->ifindex);
686
687 /* Rewrite the md5 signature & update the seq */
688 ospf_make_md5_digest(oi, op);
689
690 /* Retrieve OSPF packet type. */
691 stream_set_getp(op->s, 1);
692 type = stream_getc(op->s);
693
694 /* reset get pointer */
695 stream_set_getp(op->s, 0);
696
697 memset(&iph, 0, sizeof(struct ip));
698 memset(&sa_dst, 0, sizeof(sa_dst));
699
700 sa_dst.sin_family = AF_INET;
701 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
702 sa_dst.sin_len = sizeof(sa_dst);
703 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
704 sa_dst.sin_addr = op->dst;
705 sa_dst.sin_port = htons(0);
706
707 /* Set DONTROUTE flag if dst is unicast. */
708 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
709 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
710 flags = MSG_DONTROUTE;
711
712 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
713 /* it'd be very strange for header to not be 4byte-word aligned
714 * but.. */
715 if (sizeof(struct ip)
716 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
717 iph.ip_hl++; /* we presume sizeof struct ip cant
718 overflow ip_hl.. */
719
720 iph.ip_v = IPVERSION;
721 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
722 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
723
724 #if defined(__DragonFly__)
725 /*
726 * DragonFly's raw socket expects ip_len/ip_off in network byte
727 * order.
728 */
729 iph.ip_len = htons(iph.ip_len);
730 #endif
731
732 #ifdef WANT_OSPF_WRITE_FRAGMENT
733 /* XXX-MT: not thread-safe at all..
734 * XXX: this presumes this is only programme sending OSPF
735 * packets
736 * otherwise, no guarantee ipid will be unique
737 */
738 iph.ip_id = ++ipid;
739 #endif /* WANT_OSPF_WRITE_FRAGMENT */
740
741 iph.ip_off = 0;
742 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
743 iph.ip_ttl = OSPF_VL_IP_TTL;
744 else
745 iph.ip_ttl = OSPF_IP_TTL;
746 iph.ip_p = IPPROTO_OSPFIGP;
747 iph.ip_sum = 0;
748 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
749 iph.ip_dst.s_addr = op->dst.s_addr;
750
751 memset(&msg, 0, sizeof(msg));
752 msg.msg_name = (caddr_t)&sa_dst;
753 msg.msg_namelen = sizeof(sa_dst);
754 msg.msg_iov = iov;
755 msg.msg_iovlen = 2;
756 iov[0].iov_base = (char *)&iph;
757 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
758 iov[1].iov_base = STREAM_PNT(op->s);
759 iov[1].iov_len = op->length;
760
761 /* Sadly we can not rely on kernels to fragment packets because of either
762 * IP_HDRINCL and/or multicast destination being set.
763 */
764 #ifdef WANT_OSPF_WRITE_FRAGMENT
765 if (op->length > maxdatasize)
766 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
767 oi->ifp->mtu, flags, type);
768 #endif /* WANT_OSPF_WRITE_FRAGMENT */
769
770 /* send final fragment (could be first) */
771 sockopt_iphdrincl_swab_htosys(&iph);
772 ret = sendmsg(ospf->fd, &msg, flags);
773 sockopt_iphdrincl_swab_systoh(&iph);
774 if (IS_DEBUG_OSPF_EVENT)
775 zlog_debug(
776 "ospf_write to %s, "
777 "id %d, off %d, len %d, interface %s, mtu %u:",
778 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
779 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
780
781 if (ret < 0)
782 zlog_warn(
783 "*** sendmsg in ospf_write failed to %s, "
784 "id %d, off %d, len %d, interface %s, mtu %u: %s",
785 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
786 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
787 safe_strerror(errno));
788
789 /* Show debug sending packet. */
790 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
791 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
792 zlog_debug(
793 "-----------------------------------------------------");
794 ospf_ip_header_dump(&iph);
795 stream_set_getp(op->s, 0);
796 ospf_packet_dump(op->s);
797 }
798
799 zlog_debug("%s sent to [%s] via [%s].",
800 lookup_msg(ospf_packet_type_str, type, NULL),
801 inet_ntoa(op->dst), IF_NAME(oi));
802
803 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
804 zlog_debug(
805 "-----------------------------------------------------");
806 }
807
808 /* Now delete packet from queue. */
809 ospf_packet_delete(oi);
810
811 /* Move this interface to the tail of write_q to
812 serve everyone in a round robin fashion */
813 list_delete_node(ospf->oi_write_q, node);
814 if (ospf_fifo_head(oi->obuf) == NULL) {
815 oi->on_write_q = 0;
816 last_serviced_oi = NULL;
817 oi = NULL;
818 } else {
819 listnode_add(ospf->oi_write_q, oi);
820 }
821
822 /* Setup to service from the head of the queue again */
823 if (!list_isempty(ospf->oi_write_q)) {
824 node = listhead(ospf->oi_write_q);
825 assert(node);
826 oi = listgetdata(node);
827 assert(oi);
828 }
829 }
830
831 /* If packets still remain in queue, call write thread. */
832 if (!list_isempty(ospf->oi_write_q)) {
833 ospf->t_write = NULL;
834 thread_add_write(master, ospf_write, ospf, ospf->fd,
835 &ospf->t_write);
836 }
837
838 return 0;
839 }
840
841 /* OSPF Hello message read -- RFC2328 Section 10.5. */
842 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
843 struct stream *s, struct ospf_interface *oi, int size)
844 {
845 struct ospf_hello *hello;
846 struct ospf_neighbor *nbr;
847 int old_state;
848 struct prefix p;
849
850 /* increment statistics. */
851 oi->hello_in++;
852
853 hello = (struct ospf_hello *)STREAM_PNT(s);
854
855 /* If Hello is myself, silently discard. */
856 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
857 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
858 zlog_debug(
859 "ospf_header[%s/%s]: selforiginated, "
860 "dropping.",
861 lookup_msg(ospf_packet_type_str, ospfh->type,
862 NULL),
863 inet_ntoa(iph->ip_src));
864 }
865 return;
866 }
867
868 /* get neighbor prefix. */
869 p.family = AF_INET;
870 p.prefixlen = ip_masklen(hello->network_mask);
871 p.u.prefix4 = iph->ip_src;
872
873 /* Compare network mask. */
874 /* Checking is ignored for Point-to-Point and Virtual link. */
875 if (oi->type != OSPF_IFTYPE_POINTOPOINT
876 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
877 if (oi->address->prefixlen != p.prefixlen) {
878 zlog_warn(
879 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
880 inet_ntoa(ospfh->router_id), IF_NAME(oi),
881 (int)oi->address->prefixlen, (int)p.prefixlen);
882 return;
883 }
884
885 /* Compare Router Dead Interval. */
886 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
887 zlog_warn(
888 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
889 "(expected %u, but received %u).",
890 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
891 ntohl(hello->dead_interval));
892 return;
893 }
894
895 /* Compare Hello Interval - ignored if fast-hellos are set. */
896 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
897 if (OSPF_IF_PARAM(oi, v_hello)
898 != ntohs(hello->hello_interval)) {
899 zlog_warn(
900 "Packet %s [Hello:RECV]: HelloInterval mismatch "
901 "(expected %u, but received %u).",
902 inet_ntoa(ospfh->router_id),
903 OSPF_IF_PARAM(oi, v_hello),
904 ntohs(hello->hello_interval));
905 return;
906 }
907 }
908
909 if (IS_DEBUG_OSPF_EVENT)
910 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
911 inet_ntoa(ospfh->router_id),
912 ospf_options_dump(hello->options),
913 ospf_vrf_id_to_name(oi->ospf->vrf_id));
914
915 /* Compare options. */
916 #define REJECT_IF_TBIT_ON 1 /* XXX */
917 #ifdef REJECT_IF_TBIT_ON
918 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
919 /*
920 * This router does not support non-zero TOS.
921 * Drop this Hello packet not to establish neighbor
922 * relationship.
923 */
924 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
925 inet_ntoa(ospfh->router_id));
926 return;
927 }
928 #endif /* REJECT_IF_TBIT_ON */
929
930 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
931 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
932 /*
933 * This router does know the correct usage of O-bit
934 * the bit should be set in DD packet only.
935 */
936 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
937 inet_ntoa(ospfh->router_id));
938 #ifdef STRICT_OBIT_USAGE_CHECK
939 return; /* Reject this packet. */
940 #else /* STRICT_OBIT_USAGE_CHECK */
941 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
942 #endif /* STRICT_OBIT_USAGE_CHECK */
943 }
944
945 /* new for NSSA is to ensure that NP is on and E is off */
946
947 if (oi->area->external_routing == OSPF_AREA_NSSA) {
948 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
949 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
950 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
951 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
952 zlog_warn(
953 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
954 inet_ntoa(ospfh->router_id), OPTIONS(oi),
955 hello->options);
956 return;
957 }
958 if (IS_DEBUG_OSPF_NSSA)
959 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
960 inet_ntoa(ospfh->router_id));
961 } else
962 /* The setting of the E-bit found in the Hello Packet's Options
963 field must match this area's ExternalRoutingCapability A
964 mismatch causes processing to stop and the packet to be
965 dropped. The setting of the rest of the bits in the Hello
966 Packet's Options field should be ignored. */
967 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
968 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
969 zlog_warn(
970 "Packet %s [Hello:RECV]: my options: %x, his options %x",
971 inet_ntoa(ospfh->router_id), OPTIONS(oi),
972 hello->options);
973 return;
974 }
975
976 /* get neighbour struct */
977 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
978
979 /* neighbour must be valid, ospf_nbr_get creates if none existed */
980 assert(nbr);
981
982 old_state = nbr->state;
983
984 /* Add event to thread. */
985 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
986
987 /* RFC2328 Section 9.5.1
988 If the router is not eligible to become Designated Router,
989 (snip) It must also send an Hello Packet in reply to an
990 Hello Packet received from any eligible neighbor (other than
991 the current Designated Router and Backup Designated Router). */
992 if (oi->type == OSPF_IFTYPE_NBMA)
993 if (PRIORITY(oi) == 0 && hello->priority > 0
994 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
995 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
996 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
997 ospf_hello_reply_timer,
998 OSPF_HELLO_REPLY_DELAY);
999
1000 /* on NBMA network type, it happens to receive bidirectional Hello
1001 packet
1002 without advance 1-Way Received event.
1003 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1004 if (oi->type == OSPF_IFTYPE_NBMA
1005 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1006 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1007 nbr->priority = hello->priority;
1008 nbr->d_router = hello->d_router;
1009 nbr->bd_router = hello->bd_router;
1010 return;
1011 }
1012
1013 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1014 size - OSPF_HELLO_MIN_SIZE)) {
1015 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1016 nbr->options |= hello->options;
1017 } else {
1018 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1019 /* Set neighbor information. */
1020 nbr->priority = hello->priority;
1021 nbr->d_router = hello->d_router;
1022 nbr->bd_router = hello->bd_router;
1023 return;
1024 }
1025
1026 /* If neighbor itself declares DR and no BDR exists,
1027 cause event BackupSeen */
1028 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1029 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1030 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1031
1032 /* neighbor itself declares BDR. */
1033 if (oi->state == ISM_Waiting
1034 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1035 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1036
1037 /* had not previously. */
1038 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1039 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1040 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1041 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1042 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1043
1044 /* had not previously. */
1045 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1046 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1047 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1048 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1049 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1050
1051 /* Neighbor priority check. */
1052 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1053 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1054
1055 /* Set neighbor information. */
1056 nbr->priority = hello->priority;
1057 nbr->d_router = hello->d_router;
1058 nbr->bd_router = hello->bd_router;
1059 }
1060
1061 /* Save DD flags/options/Seqnum received. */
1062 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1063 struct ospf_db_desc *dd)
1064 {
1065 nbr->last_recv.flags = dd->flags;
1066 nbr->last_recv.options = dd->options;
1067 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1068 }
1069
1070 /* Process rest of DD packet. */
1071 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1072 struct ospf_neighbor *nbr,
1073 struct ospf_db_desc *dd, u_int16_t size)
1074 {
1075 struct ospf_lsa *new, *find;
1076 struct lsa_header *lsah;
1077
1078 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1079 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1080 size -= OSPF_LSA_HEADER_SIZE) {
1081 lsah = (struct lsa_header *)STREAM_PNT(s);
1082 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1083
1084 /* Unknown LS type. */
1085 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1086 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1087 lsah->type);
1088 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1089 return;
1090 }
1091
1092 if (IS_OPAQUE_LSA(lsah->type)
1093 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1094 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1095 lsah->type, inet_ntoa(lsah->id));
1096 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1097 return;
1098 }
1099
1100 switch (lsah->type) {
1101 case OSPF_AS_EXTERNAL_LSA:
1102 case OSPF_OPAQUE_AS_LSA:
1103 /* Check for stub area. Reject if AS-External from stub
1104 but
1105 allow if from NSSA. */
1106 if (oi->area->external_routing == OSPF_AREA_STUB) {
1107 zlog_warn(
1108 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1109 lsah->type, inet_ntoa(lsah->id),
1110 (oi->area->external_routing
1111 == OSPF_AREA_STUB)
1112 ? "STUB"
1113 : "NSSA");
1114 OSPF_NSM_EVENT_SCHEDULE(nbr,
1115 NSM_SeqNumberMismatch);
1116 return;
1117 }
1118 break;
1119 default:
1120 break;
1121 }
1122
1123 /* Create LS-request object. */
1124 new = ospf_ls_request_new(lsah);
1125
1126 /* Lookup received LSA, then add LS request list. */
1127 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1128
1129 /* ospf_lsa_more_recent is fine with NULL pointers */
1130 switch (ospf_lsa_more_recent(find, new)) {
1131 case -1:
1132 /* Neighbour has a more recent LSA, we must request it
1133 */
1134 ospf_ls_request_add(nbr, new);
1135 /* fallthru */
1136 case 0:
1137 /* If we have a copy of this LSA, it's either less
1138 * recent
1139 * and we're requesting it from neighbour (the case
1140 * above), or
1141 * it's as recent and we both have same copy (this
1142 * case).
1143 *
1144 * In neither of these two cases is there any point in
1145 * describing our copy of the LSA to the neighbour in a
1146 * DB-Summary packet, if we're still intending to do so.
1147 *
1148 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1149 * backward compatible optimisation to OSPF DB Exchange
1150 * /
1151 * DB Description process implemented here.
1152 */
1153 if (find)
1154 ospf_lsdb_delete(&nbr->db_sum, find);
1155 ospf_lsa_discard(new);
1156 break;
1157 default:
1158 /* We have the more recent copy, nothing specific to do:
1159 * - no need to request neighbours stale copy
1160 * - must leave DB summary list copy alone
1161 */
1162 if (IS_DEBUG_OSPF_EVENT)
1163 zlog_debug(
1164 "Packet [DD:RECV]: LSA received Type %d, "
1165 "ID %s is not recent.",
1166 lsah->type, inet_ntoa(lsah->id));
1167 ospf_lsa_discard(new);
1168 }
1169 }
1170
1171 /* Master */
1172 if (IS_SET_DD_MS(nbr->dd_flags)) {
1173 nbr->dd_seqnum++;
1174
1175 /* Both sides have no More, then we're done with Exchange */
1176 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1177 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1178 else
1179 ospf_db_desc_send(nbr);
1180 }
1181 /* Slave */
1182 else {
1183 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1184
1185 /* Send DD packet in reply.
1186 *
1187 * Must be done to acknowledge the Master's DD, regardless of
1188 * whether we have more LSAs ourselves to describe.
1189 *
1190 * This function will clear the 'More' bit, if after this DD
1191 * we have no more LSAs to describe to the master..
1192 */
1193 ospf_db_desc_send(nbr);
1194
1195 /* Slave can raise ExchangeDone now, if master is also done */
1196 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1197 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1198 }
1199
1200 /* Save received neighbor values from DD. */
1201 ospf_db_desc_save_current(nbr, dd);
1202
1203 if (!nbr->t_ls_req)
1204 ospf_ls_req_send(nbr);
1205 }
1206
1207 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1208 struct ospf_neighbor *nbr)
1209 {
1210 /* Is DD duplicated? */
1211 if (dd->options == nbr->last_recv.options
1212 && dd->flags == nbr->last_recv.flags
1213 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1214 return 1;
1215
1216 return 0;
1217 }
1218
1219 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1220 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1221 struct stream *s, struct ospf_interface *oi,
1222 u_int16_t size)
1223 {
1224 struct ospf_db_desc *dd;
1225 struct ospf_neighbor *nbr;
1226
1227 /* Increment statistics. */
1228 oi->db_desc_in++;
1229
1230 dd = (struct ospf_db_desc *)STREAM_PNT(s);
1231
1232 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1233 if (nbr == NULL) {
1234 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1235 inet_ntoa(ospfh->router_id));
1236 return;
1237 }
1238
1239 /* Check MTU. */
1240 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1241 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1242 zlog_warn(
1243 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1244 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1245 oi->ifp->mtu);
1246 return;
1247 }
1248
1249 /*
1250 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1251 * not
1252 * required. In fact at least JunOS sends DD packets with P bit clear.
1253 * Until proper solution is developped, this hack should help.
1254 *
1255 * Update: According to the RFCs, N bit is specified /only/ for Hello
1256 * options, unfortunately its use in DD options is not specified. Hence
1257 * some
1258 * implementations follow E-bit semantics and set it in DD options, and
1259 * some
1260 * treat it as unspecified and hence follow the directive "default for
1261 * options is clear", ie unset.
1262 *
1263 * Reset the flag, as ospfd follows E-bit semantics.
1264 */
1265 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1266 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1267 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1268 if (IS_DEBUG_OSPF_EVENT)
1269 zlog_debug(
1270 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1271 inet_ntoa(nbr->router_id));
1272 SET_FLAG(dd->options, OSPF_OPTION_NP);
1273 }
1274
1275 #ifdef REJECT_IF_TBIT_ON
1276 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1277 /*
1278 * In Hello protocol, optional capability must have checked
1279 * to prevent this T-bit enabled router be my neighbor.
1280 */
1281 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1282 inet_ntoa(nbr->router_id));
1283 return;
1284 }
1285 #endif /* REJECT_IF_TBIT_ON */
1286
1287 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1288 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1289 /*
1290 * This node is not configured to handle O-bit, for now.
1291 * Clear it to ignore unsupported capability proposed by
1292 * neighbor.
1293 */
1294 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1295 }
1296
1297 /* Add event to thread. */
1298 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1299
1300 /* Process DD packet by neighbor status. */
1301 switch (nbr->state) {
1302 case NSM_Down:
1303 case NSM_Attempt:
1304 case NSM_TwoWay:
1305 zlog_warn(
1306 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1307 inet_ntoa(nbr->router_id),
1308 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1309 break;
1310 case NSM_Init:
1311 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1312 /* If the new state is ExStart, the processing of the current
1313 packet should then continue in this new state by falling
1314 through to case ExStart below. */
1315 if (nbr->state != NSM_ExStart)
1316 break;
1317 /* fallthru */
1318 case NSM_ExStart:
1319 /* Initial DBD */
1320 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1321 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1322 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1323 > 0) {
1324 /* We're Slave---obey */
1325 zlog_info(
1326 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1327 inet_ntoa(nbr->router_id));
1328 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1329
1330 /* Reset I/MS */
1331 UNSET_FLAG(nbr->dd_flags,
1332 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1333 } else {
1334 /* We're Master, ignore the initial DBD from
1335 * Slave */
1336 zlog_info(
1337 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1338 "ignoring.",
1339 inet_ntoa(nbr->router_id));
1340 break;
1341 }
1342 }
1343 /* Ack from the Slave */
1344 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1345 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1346 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1347 < 0) {
1348 zlog_info(
1349 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1350 inet_ntoa(nbr->router_id));
1351 /* Reset I, leaving MS */
1352 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1353 } else {
1354 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1355 inet_ntoa(nbr->router_id));
1356 break;
1357 }
1358
1359 /* This is where the real Options are saved */
1360 nbr->options = dd->options;
1361
1362 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1363 if (IS_DEBUG_OSPF_EVENT)
1364 zlog_debug(
1365 "Neighbor[%s] is %sOpaque-capable.",
1366 inet_ntoa(nbr->router_id),
1367 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1368 ? ""
1369 : "NOT ");
1370
1371 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1372 && IPV4_ADDR_SAME(&DR(oi),
1373 &nbr->address.u.prefix4)) {
1374 zlog_warn(
1375 "DR-neighbor[%s] is NOT opaque-capable; "
1376 "Opaque-LSAs cannot be reliably advertised "
1377 "in this network.",
1378 inet_ntoa(nbr->router_id));
1379 /* This situation is undesirable, but not a real
1380 * error. */
1381 }
1382 }
1383
1384 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1385
1386 /* continue processing rest of packet. */
1387 ospf_db_desc_proc(s, oi, nbr, dd, size);
1388 break;
1389 case NSM_Exchange:
1390 if (ospf_db_desc_is_dup(dd, nbr)) {
1391 if (IS_SET_DD_MS(nbr->dd_flags))
1392 /* Master: discard duplicated DD packet. */
1393 zlog_info(
1394 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1395 inet_ntoa(nbr->router_id));
1396 else
1397 /* Slave: cause to retransmit the last Database
1398 Description. */
1399 {
1400 zlog_info(
1401 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1402 inet_ntoa(nbr->router_id));
1403 ospf_db_desc_resend(nbr);
1404 }
1405 break;
1406 }
1407
1408 /* Otherwise DD packet should be checked. */
1409 /* Check Master/Slave bit mismatch */
1410 if (IS_SET_DD_MS(dd->flags)
1411 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1412 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1413 inet_ntoa(nbr->router_id));
1414 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1415 if (IS_DEBUG_OSPF_EVENT)
1416 zlog_debug(
1417 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1418 dd->flags, nbr->dd_flags);
1419 break;
1420 }
1421
1422 /* Check initialize bit is set. */
1423 if (IS_SET_DD_I(dd->flags)) {
1424 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1425 inet_ntoa(nbr->router_id));
1426 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1427 break;
1428 }
1429
1430 /* Check DD Options. */
1431 if (dd->options != nbr->options) {
1432 #ifdef ORIGINAL_CODING
1433 /* Save the new options for debugging */
1434 nbr->options = dd->options;
1435 #endif /* ORIGINAL_CODING */
1436 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1437 inet_ntoa(nbr->router_id));
1438 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1439 break;
1440 }
1441
1442 /* Check DD sequence number. */
1443 if ((IS_SET_DD_MS(nbr->dd_flags)
1444 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1445 || (!IS_SET_DD_MS(nbr->dd_flags)
1446 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1447 zlog_warn(
1448 "Packet[DD]: Neighbor %s sequence number mismatch.",
1449 inet_ntoa(nbr->router_id));
1450 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1451 break;
1452 }
1453
1454 /* Continue processing rest of packet. */
1455 ospf_db_desc_proc(s, oi, nbr, dd, size);
1456 break;
1457 case NSM_Loading:
1458 case NSM_Full:
1459 if (ospf_db_desc_is_dup(dd, nbr)) {
1460 if (IS_SET_DD_MS(nbr->dd_flags)) {
1461 /* Master should discard duplicate DD packet. */
1462 zlog_info(
1463 "Packet[DD]: Neighbor %s duplicated, "
1464 "packet discarded.",
1465 inet_ntoa(nbr->router_id));
1466 break;
1467 } else {
1468 if (monotime_since(&nbr->last_send_ts, NULL)
1469 < nbr->v_inactivity * 1000000LL) {
1470 /* In states Loading and Full the slave
1471 must resend
1472 its last Database Description packet
1473 in response to
1474 duplicate Database Description
1475 packets received
1476 from the master. For this reason the
1477 slave must
1478 wait RouterDeadInterval seconds
1479 before freeing the
1480 last Database Description packet.
1481 Reception of a
1482 Database Description packet from the
1483 master after
1484 this interval will generate a
1485 SeqNumberMismatch
1486 neighbor event. RFC2328 Section 10.8
1487 */
1488 ospf_db_desc_resend(nbr);
1489 break;
1490 }
1491 }
1492 }
1493
1494 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1495 break;
1496 default:
1497 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1498 inet_ntoa(nbr->router_id), nbr->state);
1499 break;
1500 }
1501 }
1502
1503 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1504
1505 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1506 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1507 struct stream *s, struct ospf_interface *oi,
1508 u_int16_t size)
1509 {
1510 struct ospf_neighbor *nbr;
1511 u_int32_t ls_type;
1512 struct in_addr ls_id;
1513 struct in_addr adv_router;
1514 struct ospf_lsa *find;
1515 struct list *ls_upd;
1516 unsigned int length;
1517
1518 /* Increment statistics. */
1519 oi->ls_req_in++;
1520
1521 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1522 if (nbr == NULL) {
1523 zlog_warn("Link State Request: Unknown Neighbor %s.",
1524 inet_ntoa(ospfh->router_id));
1525 return;
1526 }
1527
1528 /* Add event to thread. */
1529 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1530
1531 /* Neighbor State should be Exchange or later. */
1532 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1533 && nbr->state != NSM_Full) {
1534 zlog_warn(
1535 "Link State Request received from %s: "
1536 "Neighbor state is %s, packet discarded.",
1537 inet_ntoa(ospfh->router_id),
1538 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1539 return;
1540 }
1541
1542 /* Send Link State Update for ALL requested LSAs. */
1543 ls_upd = list_new();
1544 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1545
1546 while (size >= OSPF_LSA_KEY_SIZE) {
1547 /* Get one slice of Link State Request. */
1548 ls_type = stream_getl(s);
1549 ls_id.s_addr = stream_get_ipv4(s);
1550 adv_router.s_addr = stream_get_ipv4(s);
1551
1552 /* Verify LSA type. */
1553 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1554 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1555 list_delete(ls_upd);
1556 return;
1557 }
1558
1559 /* Search proper LSA in LSDB. */
1560 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1561 adv_router);
1562 if (find == NULL) {
1563 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1564 list_delete(ls_upd);
1565 return;
1566 }
1567
1568 /* Packet overflows MTU size, send immediately. */
1569 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1570 if (oi->type == OSPF_IFTYPE_NBMA)
1571 ospf_ls_upd_send(nbr, ls_upd,
1572 OSPF_SEND_PACKET_DIRECT);
1573 else
1574 ospf_ls_upd_send(nbr, ls_upd,
1575 OSPF_SEND_PACKET_INDIRECT);
1576
1577 /* Only remove list contents. Keep ls_upd. */
1578 list_delete_all_node(ls_upd);
1579
1580 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1581 }
1582
1583 /* Append LSA to update list. */
1584 listnode_add(ls_upd, find);
1585 length += ntohs(find->data->length);
1586
1587 size -= OSPF_LSA_KEY_SIZE;
1588 }
1589
1590 /* Send rest of Link State Update. */
1591 if (listcount(ls_upd) > 0) {
1592 if (oi->type == OSPF_IFTYPE_NBMA)
1593 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT);
1594 else
1595 ospf_ls_upd_send(nbr, ls_upd,
1596 OSPF_SEND_PACKET_INDIRECT);
1597
1598 list_delete(ls_upd);
1599 } else
1600 list_free(ls_upd);
1601 }
1602
1603 /* Get the list of LSAs from Link State Update packet.
1604 And process some validation -- RFC2328 Section 13. (1)-(2). */
1605 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1606 struct stream *s,
1607 struct ospf_interface *oi, size_t size)
1608 {
1609 u_int16_t count, sum;
1610 u_int32_t length;
1611 struct lsa_header *lsah;
1612 struct ospf_lsa *lsa;
1613 struct list *lsas;
1614
1615 lsas = list_new();
1616
1617 count = stream_getl(s);
1618 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1619
1620 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1621 size -= length, stream_forward_getp(s, length), count--) {
1622 lsah = (struct lsa_header *)STREAM_PNT(s);
1623 length = ntohs(lsah->length);
1624
1625 if (length > size) {
1626 zlog_warn(
1627 "Link State Update: LSA length exceeds packet size.");
1628 break;
1629 }
1630
1631 /* Validate the LSA's LS checksum. */
1632 sum = lsah->checksum;
1633 if (!ospf_lsa_checksum_valid(lsah)) {
1634 /* (bug #685) more details in a one-line message make it
1635 * possible
1636 * to identify problem source on the one hand and to
1637 * have a better
1638 * chance to compress repeated messages in syslog on the
1639 * other */
1640 zlog_warn(
1641 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1642 sum, lsah->checksum, inet_ntoa(lsah->id),
1643 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1644 inet_ntoa(lsah->adv_router));
1645 continue;
1646 }
1647
1648 /* Examine the LSA's LS type. */
1649 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1650 zlog_warn("Link State Update: Unknown LS type %d",
1651 lsah->type);
1652 continue;
1653 }
1654
1655 /*
1656 * What if the received LSA's age is greater than MaxAge?
1657 * Treat it as a MaxAge case -- endo.
1658 */
1659 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1660 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1661
1662 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1663 #ifdef STRICT_OBIT_USAGE_CHECK
1664 if ((IS_OPAQUE_LSA(lsah->type)
1665 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1666 || (!IS_OPAQUE_LSA(lsah->type)
1667 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1668 /*
1669 * This neighbor must know the exact usage of
1670 * O-bit;
1671 * the bit will be set in Type-9,10,11 LSAs
1672 * only.
1673 */
1674 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1675 lsah->type, inet_ntoa(lsah->id));
1676 continue;
1677 }
1678 #endif /* STRICT_OBIT_USAGE_CHECK */
1679
1680 /* Do not take in AS External Opaque-LSAs if we are a
1681 * stub. */
1682 if (lsah->type == OSPF_OPAQUE_AS_LSA
1683 && nbr->oi->area->external_routing
1684 != OSPF_AREA_DEFAULT) {
1685 if (IS_DEBUG_OSPF_EVENT)
1686 zlog_debug(
1687 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1688 lsah->type,
1689 inet_ntoa(lsah->id));
1690 continue;
1691 }
1692 } else if (IS_OPAQUE_LSA(lsah->type)) {
1693 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1694 lsah->type, inet_ntoa(lsah->id));
1695 continue;
1696 }
1697
1698 /* Create OSPF LSA instance. */
1699 lsa = ospf_lsa_new();
1700
1701 lsa->vrf_id = oi->ospf->vrf_id;
1702 /* We may wish to put some error checking if type NSSA comes in
1703 and area not in NSSA mode */
1704 switch (lsah->type) {
1705 case OSPF_AS_EXTERNAL_LSA:
1706 case OSPF_OPAQUE_AS_LSA:
1707 lsa->area = NULL;
1708 break;
1709 case OSPF_OPAQUE_LINK_LSA:
1710 lsa->oi = oi; /* Remember incoming interface for
1711 flooding control. */
1712 /* Fallthrough */
1713 default:
1714 lsa->area = oi->area;
1715 break;
1716 }
1717
1718 lsa->data = ospf_lsa_data_new(length);
1719 memcpy(lsa->data, lsah, length);
1720
1721 if (IS_DEBUG_OSPF_EVENT)
1722 zlog_debug(
1723 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1724 lsa->data->type, inet_ntoa(lsa->data->id),
1725 (void *)lsa);
1726 listnode_add(lsas, lsa);
1727 }
1728
1729 return lsas;
1730 }
1731
1732 /* Cleanup Update list. */
1733 static void ospf_upd_list_clean(struct list *lsas)
1734 {
1735 struct listnode *node, *nnode;
1736 struct ospf_lsa *lsa;
1737
1738 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1739 ospf_lsa_discard(lsa);
1740
1741 list_delete(lsas);
1742 }
1743
1744 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1745 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1746 struct ospf_header *ospfh, struct stream *s,
1747 struct ospf_interface *oi, u_int16_t size)
1748 {
1749 struct ospf_neighbor *nbr;
1750 struct list *lsas;
1751 struct listnode *node, *nnode;
1752 struct ospf_lsa *lsa = NULL;
1753 /* unsigned long ls_req_found = 0; */
1754
1755 /* Dis-assemble the stream, update each entry, re-encapsulate for
1756 * flooding */
1757
1758 /* Increment statistics. */
1759 oi->ls_upd_in++;
1760
1761 /* Check neighbor. */
1762 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1763 if (nbr == NULL) {
1764 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1765 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1766 return;
1767 }
1768
1769 /* Add event to thread. */
1770 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1771
1772 /* Check neighbor state. */
1773 if (nbr->state < NSM_Exchange) {
1774 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1775 zlog_debug(
1776 "Link State Update: "
1777 "Neighbor[%s] state %s is less than Exchange",
1778 inet_ntoa(ospfh->router_id),
1779 lookup_msg(ospf_nsm_state_msg, nbr->state,
1780 NULL));
1781 return;
1782 }
1783
1784 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1785 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1786 * of section 13.
1787 */
1788 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1789
1790 #define DISCARD_LSA(L, N) \
1791 { \
1792 if (IS_DEBUG_OSPF_EVENT) \
1793 zlog_debug( \
1794 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1795 " Type-%d", \
1796 N, (void *)lsa, (int)lsa->data->type); \
1797 ospf_lsa_discard(L); \
1798 continue; \
1799 }
1800
1801 /* Process each LSA received in the one packet.
1802 *
1803 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1804 * text below are from the steps in RFC 2328, Section 13.
1805 */
1806 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1807 struct ospf_lsa *ls_ret, *current;
1808 int ret = 1;
1809
1810 if (IS_DEBUG_OSPF_NSSA) {
1811 char buf1[INET_ADDRSTRLEN];
1812 char buf2[INET_ADDRSTRLEN];
1813 char buf3[INET_ADDRSTRLEN];
1814
1815 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1816 lsa->data->type,
1817 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1818 INET_ADDRSTRLEN),
1819 inet_ntop(AF_INET, &lsa->data->id, buf2,
1820 INET_ADDRSTRLEN),
1821 inet_ntop(AF_INET, &lsa->data->adv_router,
1822 buf3, INET_ADDRSTRLEN));
1823 }
1824
1825 listnode_delete(lsas,
1826 lsa); /* We don't need it in list anymore */
1827
1828 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1829 */
1830
1831 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1832
1833 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1834 */
1835
1836 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1837 */
1838
1839 /* Do take in Type-7's if we are an NSSA */
1840
1841 /* If we are also an ABR, later translate them to a Type-5
1842 * packet */
1843
1844 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1845 translate them to a separate Type-5 packet. */
1846
1847 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1848 /* Reject from STUB or NSSA */
1849 if (nbr->oi->area->external_routing
1850 != OSPF_AREA_DEFAULT) {
1851 if (IS_DEBUG_OSPF_NSSA)
1852 zlog_debug(
1853 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1854 DISCARD_LSA(lsa, 1);
1855 }
1856
1857 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1858 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1859 if (IS_DEBUG_OSPF_NSSA)
1860 zlog_debug(
1861 "Incoming NSSA LSA Discarded: Not NSSA Area");
1862 DISCARD_LSA(lsa, 2);
1863 }
1864
1865 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1866 if (lsa->data->type == OSPF_ROUTER_LSA)
1867 if (!IPV4_ADDR_SAME(&lsa->data->id,
1868 &lsa->data->adv_router)) {
1869 char buf1[INET_ADDRSTRLEN];
1870 char buf2[INET_ADDRSTRLEN];
1871 char buf3[INET_ADDRSTRLEN];
1872
1873 zlog_err(
1874 "Incoming Router-LSA from %s with "
1875 "Adv-ID[%s] != LS-ID[%s]",
1876 inet_ntop(AF_INET, &ospfh->router_id,
1877 buf1, INET_ADDRSTRLEN),
1878 inet_ntop(AF_INET, &lsa->data->id, buf2,
1879 INET_ADDRSTRLEN),
1880 inet_ntop(AF_INET,
1881 &lsa->data->adv_router, buf3,
1882 INET_ADDRSTRLEN));
1883 zlog_err(
1884 "OSPF domain compromised by attack or corruption. "
1885 "Verify correct operation of -ALL- OSPF routers.");
1886 DISCARD_LSA(lsa, 0);
1887 }
1888
1889 /* Find the LSA in the current database. */
1890
1891 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1892
1893 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1894 currently
1895 no instance of the LSA in the router's link state database,
1896 and none of router's neighbors are in states Exchange or
1897 Loading,
1898 then take the following actions: */
1899
1900 if (IS_LSA_MAXAGE(lsa) && !current
1901 && ospf_check_nbr_status(oi->ospf)) {
1902 /* (4a) Response Link State Acknowledgment. */
1903 ospf_ls_ack_send(nbr, lsa);
1904
1905 /* (4b) Discard LSA. */
1906 if (IS_DEBUG_OSPF(lsa, LSA)) {
1907 zlog_debug(
1908 "Link State Update[%s]: LS age is equal to MaxAge.",
1909 dump_lsa_key(lsa));
1910 }
1911 DISCARD_LSA(lsa, 3);
1912 }
1913
1914 if (IS_OPAQUE_LSA(lsa->data->type)
1915 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1916 &oi->ospf->router_id)) {
1917 /*
1918 * Even if initial flushing seems to be completed, there
1919 * might
1920 * be a case that self-originated LSA with MaxAge still
1921 * remain
1922 * in the routing domain.
1923 * Just send an LSAck message to cease retransmission.
1924 */
1925 if (IS_LSA_MAXAGE(lsa)) {
1926 zlog_warn("LSA[%s]: Boomerang effect?",
1927 dump_lsa_key(lsa));
1928 ospf_ls_ack_send(nbr, lsa);
1929 ospf_lsa_discard(lsa);
1930
1931 if (current != NULL && !IS_LSA_MAXAGE(current))
1932 ospf_opaque_lsa_refresh_schedule(
1933 current);
1934 continue;
1935 }
1936
1937 /*
1938 * If an instance of self-originated Opaque-LSA is not
1939 * found
1940 * in the LSDB, there are some possible cases here.
1941 *
1942 * 1) This node lost opaque-capability after restart.
1943 * 2) Else, a part of opaque-type is no more supported.
1944 * 3) Else, a part of opaque-id is no more supported.
1945 *
1946 * Anyway, it is still this node's responsibility to
1947 * flush it.
1948 * Otherwise, the LSA instance remains in the routing
1949 * domain
1950 * until its age reaches to MaxAge.
1951 */
1952 /* XXX: We should deal with this for *ALL* LSAs, not
1953 * just opaque */
1954 if (current == NULL) {
1955 if (IS_DEBUG_OSPF_EVENT)
1956 zlog_debug(
1957 "LSA[%s]: Previously originated Opaque-LSA,"
1958 "not found in the LSDB.",
1959 dump_lsa_key(lsa));
1960
1961 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
1962
1963 ospf_opaque_self_originated_lsa_received(nbr,
1964 lsa);
1965 ospf_ls_ack_send(nbr, lsa);
1966
1967 continue;
1968 }
1969 }
1970
1971 /* It might be happen that received LSA is self-originated
1972 * network LSA, but
1973 * router ID is changed. So, we should check if LSA is a
1974 * network-LSA whose
1975 * Link State ID is one of the router's own IP interface
1976 * addresses but whose
1977 * Advertising Router is not equal to the router's own Router ID
1978 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
1979 * flushed.
1980 */
1981
1982 if (lsa->data->type == OSPF_NETWORK_LSA) {
1983 struct listnode *oinode, *oinnode;
1984 struct ospf_interface *out_if;
1985 int Flag = 0;
1986
1987 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
1988 oinnode, out_if)) {
1989 if (out_if == NULL)
1990 break;
1991
1992 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
1993 &lsa->data->id))
1994 && (!(IPV4_ADDR_SAME(
1995 &oi->ospf->router_id,
1996 &lsa->data->adv_router)))) {
1997 if (out_if->network_lsa_self) {
1998 ospf_lsa_flush_area(
1999 lsa, out_if->area);
2000 if (IS_DEBUG_OSPF_EVENT)
2001 zlog_debug(
2002 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2003 (void *)lsa,
2004 (int)lsa->data
2005 ->type);
2006 ospf_lsa_discard(lsa);
2007 Flag = 1;
2008 }
2009 break;
2010 }
2011 }
2012 if (Flag)
2013 continue;
2014 }
2015
2016 /* (5) Find the instance of this LSA that is currently contained
2017 in the router's link state database. If there is no
2018 database copy, or the received LSA is more recent than
2019 the database copy the following steps must be performed.
2020 (The sub steps from RFC 2328 section 13 step (5) will be
2021 performed in
2022 ospf_flood() ) */
2023
2024 if (current == NULL
2025 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2026 /* Actual flooding procedure. */
2027 if (ospf_flood(oi->ospf, nbr, current, lsa)
2028 < 0) /* Trap NSSA later. */
2029 DISCARD_LSA(lsa, 4);
2030 continue;
2031 }
2032
2033 /* (6) Else, If there is an instance of the LSA on the sending
2034 neighbor's Link state request list, an error has occurred in
2035 the Database Exchange process. In this case, restart the
2036 Database Exchange process by generating the neighbor event
2037 BadLSReq for the sending neighbor and stop processing the
2038 Link State Update packet. */
2039
2040 if (ospf_ls_request_lookup(nbr, lsa)) {
2041 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2042 zlog_warn(
2043 "LSA[%s] instance exists on Link state request list",
2044 dump_lsa_key(lsa));
2045
2046 /* Clean list of LSAs. */
2047 ospf_upd_list_clean(lsas);
2048 /* this lsa is not on lsas list already. */
2049 ospf_lsa_discard(lsa);
2050 return;
2051 }
2052
2053 /* If the received LSA is the same instance as the database copy
2054 (i.e., neither one is more recent) the following two steps
2055 should be performed: */
2056
2057 if (ret == 0) {
2058 /* If the LSA is listed in the Link state retransmission
2059 list
2060 for the receiving adjacency, the router itself is
2061 expecting
2062 an acknowledgment for this LSA. The router should
2063 treat the
2064 received LSA as an acknowledgment by removing the LSA
2065 from
2066 the Link state retransmission list. This is termed
2067 an
2068 "implied acknowledgment". */
2069
2070 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2071
2072 if (ls_ret != NULL) {
2073 ospf_ls_retransmit_delete(nbr, ls_ret);
2074
2075 /* Delayed acknowledgment sent if advertisement
2076 received
2077 from Designated Router, otherwise do nothing.
2078 */
2079 if (oi->state == ISM_Backup)
2080 if (NBR_IS_DR(nbr))
2081 listnode_add(
2082 oi->ls_ack,
2083 ospf_lsa_lock(lsa));
2084
2085 DISCARD_LSA(lsa, 5);
2086 } else
2087 /* Acknowledge the receipt of the LSA by sending a
2088 Link State Acknowledgment packet back out the
2089 receiving
2090 interface. */
2091 {
2092 ospf_ls_ack_send(nbr, lsa);
2093 DISCARD_LSA(lsa, 6);
2094 }
2095 }
2096
2097 /* The database copy is more recent. If the database copy
2098 has LS age equal to MaxAge and LS sequence number equal to
2099 MaxSequenceNumber, simply discard the received LSA without
2100 acknowledging it. (In this case, the LSA's LS sequence number
2101 is
2102 wrapping, and the MaxSequenceNumber LSA must be completely
2103 flushed before any new LSA instance can be introduced). */
2104
2105 else if (ret > 0) /* Database copy is more recent */
2106 {
2107 if (IS_LSA_MAXAGE(current)
2108 && current->data->ls_seqnum
2109 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2110 DISCARD_LSA(lsa, 7);
2111 }
2112 /* Otherwise, as long as the database copy has not been
2113 sent in a
2114 Link State Update within the last MinLSArrival
2115 seconds, send the
2116 database copy back to the sending neighbor,
2117 encapsulated within
2118 a Link State Update Packet. The Link State Update
2119 Packet should
2120 be sent directly to the neighbor. In so doing, do not
2121 put the
2122 database copy of the LSA on the neighbor's link state
2123 retransmission list, and do not acknowledge the
2124 received (less
2125 recent) LSA instance. */
2126 else {
2127 if (monotime_since(&current->tv_orig, NULL)
2128 >= ospf->min_ls_arrival * 1000LL)
2129 /* Trap NSSA type later.*/
2130 ospf_ls_upd_send_lsa(
2131 nbr, current,
2132 OSPF_SEND_PACKET_DIRECT);
2133 DISCARD_LSA(lsa, 8);
2134 }
2135 }
2136 }
2137 #undef DISCARD_LSA
2138
2139 assert(listcount(lsas) == 0);
2140 list_delete(lsas);
2141 }
2142
2143 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2144 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2145 struct stream *s, struct ospf_interface *oi,
2146 u_int16_t size)
2147 {
2148 struct ospf_neighbor *nbr;
2149
2150 /* increment statistics. */
2151 oi->ls_ack_in++;
2152
2153 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2154 if (nbr == NULL) {
2155 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2156 inet_ntoa(ospfh->router_id));
2157 return;
2158 }
2159
2160 /* Add event to thread. */
2161 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2162
2163 if (nbr->state < NSM_Exchange) {
2164 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2165 zlog_debug(
2166 "Link State Acknowledgment: "
2167 "Neighbor[%s] state %s is less than Exchange",
2168 inet_ntoa(ospfh->router_id),
2169 lookup_msg(ospf_nsm_state_msg, nbr->state,
2170 NULL));
2171 return;
2172 }
2173
2174 while (size >= OSPF_LSA_HEADER_SIZE) {
2175 struct ospf_lsa *lsa, *lsr;
2176
2177 lsa = ospf_lsa_new();
2178 lsa->data = (struct lsa_header *)STREAM_PNT(s);
2179 lsa->vrf_id = oi->ospf->vrf_id;
2180
2181 /* lsah = (struct lsa_header *) STREAM_PNT (s); */
2182 size -= OSPF_LSA_HEADER_SIZE;
2183 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2184
2185 if (lsa->data->type < OSPF_MIN_LSA
2186 || lsa->data->type >= OSPF_MAX_LSA) {
2187 lsa->data = NULL;
2188 ospf_lsa_discard(lsa);
2189 continue;
2190 }
2191
2192 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2193
2194 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2195 ospf_ls_retransmit_delete(nbr, lsr);
2196
2197 lsa->data = NULL;
2198 ospf_lsa_discard(lsa);
2199 }
2200
2201 return;
2202 }
2203
2204 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2205 struct interface **ifp,
2206 struct stream *ibuf)
2207 {
2208 int ret;
2209 struct ip *iph;
2210 u_int16_t ip_len;
2211 ifindex_t ifindex = 0;
2212 struct iovec iov;
2213 /* Header and data both require alignment. */
2214 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2215 struct msghdr msgh;
2216
2217 memset(&msgh, 0, sizeof(struct msghdr));
2218 msgh.msg_iov = &iov;
2219 msgh.msg_iovlen = 1;
2220 msgh.msg_control = (caddr_t)buff;
2221 msgh.msg_controllen = sizeof(buff);
2222
2223 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2224 if (ret < 0) {
2225 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2226 return NULL;
2227 }
2228 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2229 {
2230 zlog_warn(
2231 "ospf_recv_packet: discarding runt packet of length %d "
2232 "(ip header size is %u)",
2233 ret, (u_int)sizeof(iph));
2234 return NULL;
2235 }
2236
2237 /* Note that there should not be alignment problems with this assignment
2238 because this is at the beginning of the stream data buffer. */
2239 iph = (struct ip *)STREAM_DATA(ibuf);
2240 sockopt_iphdrincl_swab_systoh(iph);
2241
2242 ip_len = iph->ip_len;
2243
2244 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2245 /*
2246 * Kernel network code touches incoming IP header parameters,
2247 * before protocol specific processing.
2248 *
2249 * 1) Convert byteorder to host representation.
2250 * --> ip_len, ip_id, ip_off
2251 *
2252 * 2) Adjust ip_len to strip IP header size!
2253 * --> If user process receives entire IP packet via RAW
2254 * socket, it must consider adding IP header size to
2255 * the "ip_len" field of "ip" structure.
2256 *
2257 * For more details, see <netinet/ip_input.c>.
2258 */
2259 ip_len = ip_len + (iph->ip_hl << 2);
2260 #endif
2261
2262 #if defined(__DragonFly__)
2263 /*
2264 * in DragonFly's raw socket, ip_len/ip_off are read
2265 * in network byte order.
2266 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2267 */
2268 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2269 #endif
2270
2271 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2272
2273 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2274
2275 if (ret != ip_len) {
2276 zlog_warn(
2277 "ospf_recv_packet read length mismatch: ip_len is %d, "
2278 "but recvmsg returned %d",
2279 ip_len, ret);
2280 return NULL;
2281 }
2282
2283 return ibuf;
2284 }
2285
2286 static struct ospf_interface *
2287 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2288 struct ip *iph, struct ospf_header *ospfh)
2289 {
2290 struct ospf_interface *rcv_oi;
2291 struct ospf_vl_data *vl_data;
2292 struct ospf_area *vl_area;
2293 struct listnode *node;
2294
2295 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2296 || !OSPF_IS_AREA_BACKBONE(ospfh))
2297 return NULL;
2298
2299 /* look for local OSPF interface matching the destination
2300 * to determine Area ID. We presume therefore the destination address
2301 * is unique, or at least (for "unnumbered" links), not used in other
2302 * areas
2303 */
2304 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2305 == NULL)
2306 return NULL;
2307
2308 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2309 vl_area =
2310 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2311 if (!vl_area)
2312 continue;
2313
2314 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2315 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2316 if (IS_DEBUG_OSPF_EVENT)
2317 zlog_debug("associating packet with %s",
2318 IF_NAME(vl_data->vl_oi));
2319 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2320 if (IS_DEBUG_OSPF_EVENT)
2321 zlog_debug(
2322 "This VL is not up yet, sorry");
2323 return NULL;
2324 }
2325
2326 return vl_data->vl_oi;
2327 }
2328 }
2329
2330 if (IS_DEBUG_OSPF_EVENT)
2331 zlog_debug("couldn't find any VL to associate the packet with");
2332
2333 return NULL;
2334 }
2335
2336 static int ospf_check_area_id(struct ospf_interface *oi,
2337 struct ospf_header *ospfh)
2338 {
2339 /* Check match the Area ID of the receiving interface. */
2340 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2341 return 1;
2342
2343 return 0;
2344 }
2345
2346 /* Unbound socket will accept any Raw IP packets if proto is matched.
2347 To prevent it, compare src IP address and i/f address with masking
2348 i/f network mask. */
2349 static int ospf_check_network_mask(struct ospf_interface *oi,
2350 struct in_addr ip_src)
2351 {
2352 struct in_addr mask, me, him;
2353
2354 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2355 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2356 return 1;
2357
2358 masklen2ip(oi->address->prefixlen, &mask);
2359
2360 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2361 him.s_addr = ip_src.s_addr & mask.s_addr;
2362
2363 if (IPV4_ADDR_SAME(&me, &him))
2364 return 1;
2365
2366 return 0;
2367 }
2368
2369 /* Return 1, if the packet is properly authenticated and checksummed,
2370 0 otherwise. In particular, check that AuType header field is valid and
2371 matches the locally configured AuType, and that D.5 requirements are met. */
2372 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2373 {
2374 struct crypt_key *ck;
2375 u_int16_t iface_auth_type;
2376 u_int16_t pkt_auth_type = ntohs(ospfh->auth_type);
2377
2378 switch (pkt_auth_type) {
2379 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2380 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2381 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2382 zlog_warn(
2383 "interface %s: auth-type mismatch, local %s, rcvd Null",
2384 IF_NAME(oi),
2385 lookup_msg(ospf_auth_type_str,
2386 iface_auth_type, NULL));
2387 return 0;
2388 }
2389 if (!ospf_check_sum(ospfh)) {
2390 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2391 zlog_warn(
2392 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2393 IF_NAME(oi),
2394 inet_ntoa(ospfh->router_id));
2395 return 0;
2396 }
2397 return 1;
2398 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2399 if (OSPF_AUTH_SIMPLE
2400 != (iface_auth_type = ospf_auth_type(oi))) {
2401 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2402 zlog_warn(
2403 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2404 IF_NAME(oi),
2405 lookup_msg(ospf_auth_type_str,
2406 iface_auth_type, NULL));
2407 return 0;
2408 }
2409 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2410 OSPF_AUTH_SIMPLE_SIZE)) {
2411 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2412 zlog_warn("interface %s: Simple auth failed",
2413 IF_NAME(oi));
2414 return 0;
2415 }
2416 if (!ospf_check_sum(ospfh)) {
2417 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2418 zlog_warn(
2419 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2420 IF_NAME(oi),
2421 inet_ntoa(ospfh->router_id));
2422 return 0;
2423 }
2424 return 1;
2425 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2426 if (OSPF_AUTH_CRYPTOGRAPHIC
2427 != (iface_auth_type = ospf_auth_type(oi))) {
2428 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2429 zlog_warn(
2430 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2431 IF_NAME(oi),
2432 lookup_msg(ospf_auth_type_str,
2433 iface_auth_type, NULL));
2434 return 0;
2435 }
2436 if (ospfh->checksum) {
2437 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2438 zlog_warn(
2439 "interface %s: OSPF header checksum is not 0",
2440 IF_NAME(oi));
2441 return 0;
2442 }
2443 /* only MD5 crypto method can pass ospf_packet_examin() */
2444 if (
2445 NULL == (ck = listgetdata(listtail(
2446 OSPF_IF_PARAM(oi, auth_crypt))))
2447 || ospfh->u.crypt.key_id != ck->key_id ||
2448 /* Condition above uses the last key ID on the list,
2449 which is
2450 different from what ospf_crypt_key_lookup() does. A
2451 bug? */
2452 !ospf_check_md5_digest(oi, ospfh)) {
2453 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2454 zlog_warn("interface %s: MD5 auth failed",
2455 IF_NAME(oi));
2456 return 0;
2457 }
2458 return 1;
2459 default:
2460 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2461 zlog_warn(
2462 "interface %s: invalid packet auth-type (%02x)",
2463 IF_NAME(oi), pkt_auth_type);
2464 return 0;
2465 }
2466 }
2467
2468 static int ospf_check_sum(struct ospf_header *ospfh)
2469 {
2470 u_int32_t ret;
2471 u_int16_t sum;
2472
2473 /* clear auth_data for checksum. */
2474 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2475
2476 /* keep checksum and clear. */
2477 sum = ospfh->checksum;
2478 memset(&ospfh->checksum, 0, sizeof(u_int16_t));
2479
2480 /* calculate checksum. */
2481 ret = in_cksum(ospfh, ntohs(ospfh->length));
2482
2483 if (ret != sum) {
2484 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2485 ret, sum);
2486 return 0;
2487 }
2488
2489 return 1;
2490 }
2491
2492 /* Verify, that given link/TOS records are properly sized/aligned and match
2493 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2494 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2495 u_int16_t linkbytes,
2496 const u_int16_t num_links)
2497 {
2498 unsigned counted_links = 0, thislinklen;
2499
2500 while (linkbytes) {
2501 thislinklen =
2502 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2503 if (thislinklen > linkbytes) {
2504 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2505 zlog_debug("%s: length error in link block #%u",
2506 __func__, counted_links);
2507 return MSG_NG;
2508 }
2509 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2510 linkbytes -= thislinklen;
2511 counted_links++;
2512 }
2513 if (counted_links != num_links) {
2514 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2515 zlog_debug("%s: %u link blocks declared, %u present",
2516 __func__, num_links, counted_links);
2517 return MSG_NG;
2518 }
2519 return MSG_OK;
2520 }
2521
2522 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2523 minimum length constraint). */
2524 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const u_int16_t lsalen,
2525 const u_char headeronly)
2526 {
2527 unsigned ret;
2528 struct router_lsa *rlsa;
2529 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2530 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2531 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2532 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2533 lookup_msg(ospf_lsa_type_msg, lsah->type,
2534 NULL));
2535 return MSG_NG;
2536 }
2537 switch (lsah->type) {
2538 case OSPF_ROUTER_LSA:
2539 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2540 * (12+)-byte link blocks */
2541 if (headeronly) {
2542 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2543 - OSPF_ROUTER_LSA_MIN_SIZE)
2544 % 4
2545 ? MSG_NG
2546 : MSG_OK;
2547 break;
2548 }
2549 rlsa = (struct router_lsa *)lsah;
2550 ret = ospf_router_lsa_links_examin(
2551 (struct router_lsa_link *)rlsa->link,
2552 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2553 header, "flags",
2554 0, "# links" */
2555 ntohs(rlsa->links) /* 16 bits */
2556 );
2557 break;
2558 case OSPF_AS_EXTERNAL_LSA:
2559 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2560 * blocks */
2561 case OSPF_AS_NSSA_LSA:
2562 /* RFC3101 C, idem */
2563 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2564 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2565 % 12
2566 ? MSG_NG
2567 : MSG_OK;
2568 break;
2569 /* Following LSA types are considered OK length-wise as soon as their
2570 * minimum
2571 * length constraint is met and length of the whole LSA is a multiple of
2572 * 4
2573 * (basic LSA header size is already a multiple of 4). */
2574 case OSPF_NETWORK_LSA:
2575 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2576 case OSPF_SUMMARY_LSA:
2577 case OSPF_ASBR_SUMMARY_LSA:
2578 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2579 * blocks */
2580 case OSPF_OPAQUE_LINK_LSA:
2581 case OSPF_OPAQUE_AREA_LSA:
2582 case OSPF_OPAQUE_AS_LSA:
2583 /* RFC5250 A.2, "some number of octets (of application-specific
2584 * data) padded to 32-bit alignment." This is considered
2585 * equivalent
2586 * to 4-byte alignment of all other LSA types, see
2587 * OSPF-ALIGNMENT.txt
2588 * file for the detailed analysis of this passage. */
2589 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2590 break;
2591 default:
2592 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2593 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2594 lsah->type);
2595 return MSG_NG;
2596 }
2597 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2598 zlog_debug("%s: alignment error in %s", __func__,
2599 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2600 return ret;
2601 }
2602
2603 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2604 includes verification of LSA blocks length/alignment and dispatching
2605 of deeper-level checks. */
2606 static unsigned
2607 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2608 size_t length, const u_char headeronly,
2609 /* When declared_num_lsas is not 0, compare it to the real
2610 number of LSAs
2611 and treat the difference as an error. */
2612 const u_int32_t declared_num_lsas)
2613 {
2614 u_int32_t counted_lsas = 0;
2615
2616 while (length) {
2617 u_int16_t lsalen;
2618 if (length < OSPF_LSA_HEADER_SIZE) {
2619 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2620 zlog_debug(
2621 "%s: undersized (%zu B) trailing (#%u) LSA header",
2622 __func__, length, counted_lsas);
2623 return MSG_NG;
2624 }
2625 /* save on ntohs() calls here and in the LSA validator */
2626 lsalen = ntohs(lsah->length);
2627 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2628 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2629 zlog_debug(
2630 "%s: malformed LSA header #%u, declared length is %u B",
2631 __func__, counted_lsas, lsalen);
2632 return MSG_NG;
2633 }
2634 if (headeronly) {
2635 /* less checks here and in ospf_lsa_examin() */
2636 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2637 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2638 zlog_debug(
2639 "%s: malformed header-only LSA #%u",
2640 __func__, counted_lsas);
2641 return MSG_NG;
2642 }
2643 lsah = (struct lsa_header *)((caddr_t)lsah
2644 + OSPF_LSA_HEADER_SIZE);
2645 length -= OSPF_LSA_HEADER_SIZE;
2646 } else {
2647 /* make sure the input buffer is deep enough before
2648 * further checks */
2649 if (lsalen > length) {
2650 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2651 zlog_debug(
2652 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2653 __func__, counted_lsas, lsalen,
2654 length);
2655 return MSG_NG;
2656 }
2657 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2658 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2659 zlog_debug("%s: malformed LSA #%u",
2660 __func__, counted_lsas);
2661 return MSG_NG;
2662 }
2663 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2664 length -= lsalen;
2665 }
2666 counted_lsas++;
2667 }
2668
2669 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2670 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2671 zlog_debug(
2672 "%s: #LSAs declared (%u) does not match actual (%u)",
2673 __func__, declared_num_lsas, counted_lsas);
2674 return MSG_NG;
2675 }
2676 return MSG_OK;
2677 }
2678
2679 /* Verify a complete OSPF packet for proper sizing/alignment. */
2680 static unsigned ospf_packet_examin(struct ospf_header *oh,
2681 const unsigned bytesonwire)
2682 {
2683 u_int16_t bytesdeclared, bytesauth;
2684 unsigned ret;
2685 struct ospf_ls_update *lsupd;
2686
2687 /* Length, 1st approximation. */
2688 if (bytesonwire < OSPF_HEADER_SIZE) {
2689 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2690 zlog_debug("%s: undersized (%u B) packet", __func__,
2691 bytesonwire);
2692 return MSG_NG;
2693 }
2694 /* Now it is safe to access header fields. Performing length check,
2695 * allow
2696 * for possible extra bytes of crypto auth/padding, which are not
2697 * counted
2698 * in the OSPF header "length" field. */
2699 if (oh->version != OSPF_VERSION) {
2700 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2701 zlog_debug("%s: invalid (%u) protocol version",
2702 __func__, oh->version);
2703 return MSG_NG;
2704 }
2705 bytesdeclared = ntohs(oh->length);
2706 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2707 bytesauth = 0;
2708 else {
2709 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2710 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2711 zlog_debug(
2712 "%s: unsupported crypto auth length (%u B)",
2713 __func__, oh->u.crypt.auth_data_len);
2714 return MSG_NG;
2715 }
2716 bytesauth = OSPF_AUTH_MD5_SIZE;
2717 }
2718 if (bytesdeclared + bytesauth > bytesonwire) {
2719 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2720 zlog_debug(
2721 "%s: packet length error (%u real, %u+%u declared)",
2722 __func__, bytesonwire, bytesdeclared,
2723 bytesauth);
2724 return MSG_NG;
2725 }
2726 /* Length, 2nd approximation. The type-specific constraint is checked
2727 against declared length, not amount of bytes on wire. */
2728 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2729 && bytesdeclared
2730 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2731 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2732 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2733 bytesdeclared,
2734 lookup_msg(ospf_packet_type_str, oh->type,
2735 NULL));
2736 return MSG_NG;
2737 }
2738 switch (oh->type) {
2739 case OSPF_MSG_HELLO:
2740 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2741 followed
2742 by N>=0 router-IDs. */
2743 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2744 % 4
2745 ? MSG_NG
2746 : MSG_OK;
2747 break;
2748 case OSPF_MSG_DB_DESC:
2749 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2750 followed
2751 by N>=0 header-only LSAs. */
2752 ret = ospf_lsaseq_examin(
2753 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2754 + OSPF_DB_DESC_MIN_SIZE),
2755 bytesdeclared - OSPF_HEADER_SIZE
2756 - OSPF_DB_DESC_MIN_SIZE,
2757 1, /* header-only LSAs */
2758 0);
2759 break;
2760 case OSPF_MSG_LS_REQ:
2761 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2762 * request blocks. */
2763 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2764 % OSPF_LSA_KEY_SIZE
2765 ? MSG_NG
2766 : MSG_OK;
2767 break;
2768 case OSPF_MSG_LS_UPD:
2769 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2770 followed
2771 by N>=0 full LSAs (with N declared beforehand). */
2772 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2773 + OSPF_HEADER_SIZE);
2774 ret = ospf_lsaseq_examin(
2775 (struct lsa_header *)((caddr_t)lsupd
2776 + OSPF_LS_UPD_MIN_SIZE),
2777 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2778 0, /* full LSAs */
2779 ntohl(lsupd->num_lsas) /* 32 bits */
2780 );
2781 break;
2782 case OSPF_MSG_LS_ACK:
2783 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2784 * LSAs. */
2785 ret = ospf_lsaseq_examin(
2786 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2787 + OSPF_LS_ACK_MIN_SIZE),
2788 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2789 1, /* header-only LSAs */
2790 0);
2791 break;
2792 default:
2793 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2794 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2795 oh->type);
2796 return MSG_NG;
2797 }
2798 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2799 zlog_debug("%s: malformed %s packet", __func__,
2800 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2801 return ret;
2802 }
2803
2804 /* OSPF Header verification. */
2805 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2806 struct ip *iph, struct ospf_header *ospfh)
2807 {
2808 /* Check Area ID. */
2809 if (!ospf_check_area_id(oi, ospfh)) {
2810 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2811 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2812 return -1;
2813 }
2814
2815 /* Check network mask, Silently discarded. */
2816 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2817 zlog_warn(
2818 "interface %s: ospf_read network address is not same [%s]",
2819 IF_NAME(oi), inet_ntoa(iph->ip_src));
2820 return -1;
2821 }
2822
2823 /* Check authentication. The function handles logging actions, where
2824 * required. */
2825 if (!ospf_check_auth(oi, ospfh))
2826 return -1;
2827
2828 return 0;
2829 }
2830
2831 /* Starting point of packet process function. */
2832 int ospf_read(struct thread *thread)
2833 {
2834 int ret;
2835 struct stream *ibuf;
2836 struct ospf *ospf;
2837 struct ospf_interface *oi;
2838 struct ip *iph;
2839 struct ospf_header *ospfh;
2840 u_int16_t length;
2841 struct interface *ifp = NULL;
2842 struct connected *c;
2843
2844 /* first of all get interface pointer. */
2845 ospf = THREAD_ARG(thread);
2846
2847 /* prepare for next packet. */
2848 ospf->t_read = NULL;
2849 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2850
2851 stream_reset(ospf->ibuf);
2852 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2853 if (ibuf == NULL)
2854 return -1;
2855 /* This raw packet is known to be at least as big as its IP header. */
2856
2857 /* Note that there should not be alignment problems with this assignment
2858 because this is at the beginning of the stream data buffer. */
2859 iph = (struct ip *)STREAM_DATA(ibuf);
2860 /* Note that sockopt_iphdrincl_swab_systoh was called in
2861 * ospf_recv_packet. */
2862
2863 if (ifp == NULL) {
2864 /* Handle cases where the platform does not support retrieving
2865 the ifindex,
2866 and also platforms (such as Solaris 8) that claim to support
2867 ifindex
2868 retrieval but do not. */
2869 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2870 ospf->vrf_id);
2871 if (c)
2872 ifp = c->ifp;
2873 if (ifp == NULL)
2874 return 0;
2875 }
2876
2877 /* IP Header dump. */
2878 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2879 ospf_ip_header_dump(iph);
2880
2881 /* Self-originated packet should be discarded silently. */
2882 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2883 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2884 zlog_debug(
2885 "ospf_read[%s]: Dropping self-originated packet",
2886 inet_ntoa(iph->ip_src));
2887 }
2888 return 0;
2889 }
2890
2891 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2892 by ospf_recv_packet() to be correct). */
2893 stream_forward_getp(ibuf, iph->ip_hl * 4);
2894
2895 ospfh = (struct ospf_header *)STREAM_PNT(ibuf);
2896 if (MSG_OK
2897 != ospf_packet_examin(
2898 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2899 return -1;
2900 /* Now it is safe to access all fields of OSPF packet header. */
2901
2902 /* associate packet with ospf interface */
2903 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2904
2905 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2906 only
2907 after the passive/backbone/other checks below are passed. These
2908 checks
2909 in turn access the fields of unverified "ospfh" structure for their
2910 own
2911 purposes and must remain very accurate in doing this. */
2912
2913 /* If incoming interface is passive one, ignore it. */
2914 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2915 char buf[3][INET_ADDRSTRLEN];
2916
2917 if (IS_DEBUG_OSPF_EVENT)
2918 zlog_debug(
2919 "ignoring packet from router %s sent to %s, "
2920 "received on a passive interface, %s",
2921 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2922 sizeof(buf[0])),
2923 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2924 sizeof(buf[1])),
2925 inet_ntop(AF_INET, &oi->address->u.prefix4,
2926 buf[2], sizeof(buf[2])));
2927
2928 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2929 /* Try to fix multicast membership.
2930 * Some OS:es may have problems in this area,
2931 * make sure it is removed.
2932 */
2933 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2934 ospf_if_set_multicast(oi);
2935 }
2936 return 0;
2937 }
2938
2939
2940 /* if no local ospf_interface,
2941 * or header area is backbone but ospf_interface is not
2942 * check for VLINK interface
2943 */
2944 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2945 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2946 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2947 == NULL) {
2948 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2949 zlog_debug(
2950 "Packet from [%s] received on link %s"
2951 " but no ospf_interface",
2952 inet_ntoa(iph->ip_src), ifp->name);
2953 return 0;
2954 }
2955 }
2956
2957 /* else it must be a local ospf interface, check it was received on
2958 * correct link
2959 */
2960 else if (oi->ifp != ifp) {
2961 if (IS_DEBUG_OSPF_EVENT)
2962 zlog_warn("Packet from [%s] received on wrong link %s",
2963 inet_ntoa(iph->ip_src), ifp->name);
2964 return 0;
2965 } else if (oi->state == ISM_Down) {
2966 char buf[2][INET_ADDRSTRLEN];
2967 zlog_warn(
2968 "Ignoring packet from %s to %s received on interface that is "
2969 "down [%s]; interface flags are %s",
2970 inet_ntop(AF_INET, &iph->ip_src, buf[0],
2971 sizeof(buf[0])),
2972 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2973 sizeof(buf[1])),
2974 ifp->name, if_flag_dump(ifp->flags));
2975 /* Fix multicast memberships? */
2976 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
2977 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2978 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
2979 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
2980 if (oi->multicast_memberships)
2981 ospf_if_set_multicast(oi);
2982 return 0;
2983 }
2984
2985 /*
2986 * If the received packet is destined for AllDRouters, the packet
2987 * should be accepted only if the received ospf interface state is
2988 * either DR or Backup -- endo.
2989 */
2990 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
2991 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
2992 zlog_warn(
2993 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
2994 inet_ntoa(iph->ip_src), IF_NAME(oi),
2995 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
2996 /* Try to fix multicast membership. */
2997 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
2998 ospf_if_set_multicast(oi);
2999 return 0;
3000 }
3001
3002 /* Verify more OSPF header fields. */
3003 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3004 if (ret < 0) {
3005 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3006 zlog_debug(
3007 "ospf_read[%s]: Header check failed, "
3008 "dropping.",
3009 inet_ntoa(iph->ip_src));
3010 return ret;
3011 }
3012
3013 /* Show debug receiving packet. */
3014 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3015 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3016 zlog_debug(
3017 "-----------------------------------------------------");
3018 ospf_packet_dump(ibuf);
3019 }
3020
3021 zlog_debug("%s received from [%s] via [%s]",
3022 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3023 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3024 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3025 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3026
3027 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3028 zlog_debug(
3029 "-----------------------------------------------------");
3030 }
3031
3032 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3033
3034 /* Adjust size to message length. */
3035 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3036
3037 /* Read rest of the packet and call each sort of packet routine. */
3038 switch (ospfh->type) {
3039 case OSPF_MSG_HELLO:
3040 ospf_hello(iph, ospfh, ibuf, oi, length);
3041 break;
3042 case OSPF_MSG_DB_DESC:
3043 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3044 break;
3045 case OSPF_MSG_LS_REQ:
3046 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3047 break;
3048 case OSPF_MSG_LS_UPD:
3049 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3050 break;
3051 case OSPF_MSG_LS_ACK:
3052 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3053 break;
3054 default:
3055 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3056 IF_NAME(oi), ospfh->type);
3057 break;
3058 }
3059
3060 return 0;
3061 }
3062
3063 /* Make OSPF header. */
3064 static void ospf_make_header(int type, struct ospf_interface *oi,
3065 struct stream *s)
3066 {
3067 struct ospf_header *ospfh;
3068
3069 ospfh = (struct ospf_header *)STREAM_DATA(s);
3070
3071 ospfh->version = (u_char)OSPF_VERSION;
3072 ospfh->type = (u_char)type;
3073
3074 ospfh->router_id = oi->ospf->router_id;
3075
3076 ospfh->checksum = 0;
3077 ospfh->area_id = oi->area->area_id;
3078 ospfh->auth_type = htons(ospf_auth_type(oi));
3079
3080 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3081
3082 stream_forward_endp(s, OSPF_HEADER_SIZE);
3083 }
3084
3085 /* Make Authentication Data. */
3086 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3087 {
3088 struct crypt_key *ck;
3089
3090 switch (ospf_auth_type(oi)) {
3091 case OSPF_AUTH_NULL:
3092 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3093 */
3094 break;
3095 case OSPF_AUTH_SIMPLE:
3096 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3097 OSPF_AUTH_SIMPLE_SIZE);
3098 break;
3099 case OSPF_AUTH_CRYPTOGRAPHIC:
3100 /* If key is not set, then set 0. */
3101 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3102 ospfh->u.crypt.zero = 0;
3103 ospfh->u.crypt.key_id = 0;
3104 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3105 } else {
3106 ck = listgetdata(
3107 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3108 ospfh->u.crypt.zero = 0;
3109 ospfh->u.crypt.key_id = ck->key_id;
3110 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3111 }
3112 /* note: the seq is done in ospf_make_md5_digest() */
3113 break;
3114 default:
3115 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3116 */
3117 break;
3118 }
3119
3120 return 0;
3121 }
3122
3123 /* Fill rest of OSPF header. */
3124 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3125 u_int16_t length)
3126 {
3127 struct ospf_header *ospfh;
3128
3129 ospfh = (struct ospf_header *)STREAM_DATA(s);
3130
3131 /* Fill length. */
3132 ospfh->length = htons(length);
3133
3134 /* Calculate checksum. */
3135 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3136 ospfh->checksum = in_cksum(ospfh, length);
3137 else
3138 ospfh->checksum = 0;
3139
3140 /* Add Authentication Data. */
3141 ospf_make_auth(oi, ospfh);
3142 }
3143
3144 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3145 {
3146 struct ospf_neighbor *nbr;
3147 struct route_node *rn;
3148 u_int16_t length = OSPF_HELLO_MIN_SIZE;
3149 struct in_addr mask;
3150 unsigned long p;
3151 int flag = 0;
3152
3153 /* Set netmask of interface. */
3154 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3155 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3156 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3157 masklen2ip(oi->address->prefixlen, &mask);
3158 else
3159 memset((char *)&mask, 0, sizeof(struct in_addr));
3160 stream_put_ipv4(s, mask.s_addr);
3161
3162 /* Set Hello Interval. */
3163 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3164 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3165 else
3166 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3167
3168 if (IS_DEBUG_OSPF_EVENT)
3169 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3170 IF_NAME(oi));
3171
3172 /* Set Options. */
3173 stream_putc(s, OPTIONS(oi));
3174
3175 /* Set Router Priority. */
3176 stream_putc(s, PRIORITY(oi));
3177
3178 /* Set Router Dead Interval. */
3179 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3180
3181 /* Set Designated Router. */
3182 stream_put_ipv4(s, DR(oi).s_addr);
3183
3184 p = stream_get_endp(s);
3185
3186 /* Set Backup Designated Router. */
3187 stream_put_ipv4(s, BDR(oi).s_addr);
3188
3189 /* Add neighbor seen. */
3190 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3191 if ((nbr = rn->info))
3192 if (nbr->router_id.s_addr
3193 != 0) /* Ignore 0.0.0.0 node. */
3194 if (nbr->state
3195 != NSM_Attempt) /* Ignore Down neighbor. */
3196 if (nbr->state
3197 != NSM_Down) /* This is myself for
3198 DR election. */
3199 if (!IPV4_ADDR_SAME(
3200 &nbr->router_id,
3201 &oi->ospf->router_id)) {
3202 /* Check neighbor is
3203 * sane? */
3204 if (nbr->d_router.s_addr
3205 != 0
3206 && IPV4_ADDR_SAME(
3207 &nbr->d_router,
3208 &oi->address
3209 ->u
3210 .prefix4)
3211 && IPV4_ADDR_SAME(
3212 &nbr->bd_router,
3213 &oi->address
3214 ->u
3215 .prefix4))
3216 flag = 1;
3217
3218 stream_put_ipv4(
3219 s,
3220 nbr->router_id
3221 .s_addr);
3222 length += 4;
3223 }
3224
3225 /* Let neighbor generate BackupSeen. */
3226 if (flag == 1)
3227 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3228
3229 return length;
3230 }
3231
3232 static int ospf_make_db_desc(struct ospf_interface *oi,
3233 struct ospf_neighbor *nbr, struct stream *s)
3234 {
3235 struct ospf_lsa *lsa;
3236 u_int16_t length = OSPF_DB_DESC_MIN_SIZE;
3237 u_char options;
3238 unsigned long pp;
3239 int i;
3240 struct ospf_lsdb *lsdb;
3241
3242 /* Set Interface MTU. */
3243 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3244 stream_putw(s, 0);
3245 else
3246 stream_putw(s, oi->ifp->mtu);
3247
3248 /* Set Options. */
3249 options = OPTIONS(oi);
3250 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3251 SET_FLAG(options, OSPF_OPTION_O);
3252 stream_putc(s, options);
3253
3254 /* DD flags */
3255 pp = stream_get_endp(s);
3256 stream_putc(s, nbr->dd_flags);
3257
3258 /* Set DD Sequence Number. */
3259 stream_putl(s, nbr->dd_seqnum);
3260
3261 /* shortcut unneeded walk of (empty) summary LSDBs */
3262 if (ospf_db_summary_isempty(nbr))
3263 goto empty;
3264
3265 /* Describe LSA Header from Database Summary List. */
3266 lsdb = &nbr->db_sum;
3267
3268 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3269 struct route_table *table = lsdb->type[i].db;
3270 struct route_node *rn;
3271
3272 for (rn = route_top(table); rn; rn = route_next(rn))
3273 if ((lsa = rn->info) != NULL) {
3274 if (IS_OPAQUE_LSA(lsa->data->type)
3275 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3276 /* Suppress advertising
3277 * opaque-informations. */
3278 /* Remove LSA from DB summary list. */
3279 ospf_lsdb_delete(lsdb, lsa);
3280 continue;
3281 }
3282
3283 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3284 struct lsa_header *lsah;
3285 u_int16_t ls_age;
3286
3287 /* DD packet overflows interface MTU. */
3288 if (length + OSPF_LSA_HEADER_SIZE
3289 > ospf_packet_max(oi))
3290 break;
3291
3292 /* Keep pointer to LS age. */
3293 lsah = (struct lsa_header
3294 *)(STREAM_DATA(s)
3295 + stream_get_endp(
3296 s));
3297
3298 /* Proceed stream pointer. */
3299 stream_put(s, lsa->data,
3300 OSPF_LSA_HEADER_SIZE);
3301 length += OSPF_LSA_HEADER_SIZE;
3302
3303 /* Set LS age. */
3304 ls_age = LS_AGE(lsa);
3305 lsah->ls_age = htons(ls_age);
3306 }
3307
3308 /* Remove LSA from DB summary list. */
3309 ospf_lsdb_delete(lsdb, lsa);
3310 }
3311 }
3312
3313 /* Update 'More' bit */
3314 if (ospf_db_summary_isempty(nbr)) {
3315 empty:
3316 if (nbr->state >= NSM_Exchange) {
3317 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3318 /* Rewrite DD flags */
3319 stream_putc_at(s, pp, nbr->dd_flags);
3320 } else {
3321 assert(IS_SET_DD_M(nbr->dd_flags));
3322 }
3323 }
3324 return length;
3325 }
3326
3327 static int ospf_make_ls_req_func(struct stream *s, u_int16_t *length,
3328 unsigned long delta, struct ospf_neighbor *nbr,
3329 struct ospf_lsa *lsa)
3330 {
3331 struct ospf_interface *oi;
3332
3333 oi = nbr->oi;
3334
3335 /* LS Request packet overflows interface MTU. */
3336 if (*length + delta > ospf_packet_max(oi))
3337 return 0;
3338
3339 stream_putl(s, lsa->data->type);
3340 stream_put_ipv4(s, lsa->data->id.s_addr);
3341 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3342
3343 ospf_lsa_unlock(&nbr->ls_req_last);
3344 nbr->ls_req_last = ospf_lsa_lock(lsa);
3345
3346 *length += 12;
3347 return 1;
3348 }
3349
3350 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3351 {
3352 struct ospf_lsa *lsa;
3353 u_int16_t length = OSPF_LS_REQ_MIN_SIZE;
3354 unsigned long delta = stream_get_endp(s) + 12;
3355 struct route_table *table;
3356 struct route_node *rn;
3357 int i;
3358 struct ospf_lsdb *lsdb;
3359
3360 lsdb = &nbr->ls_req;
3361
3362 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3363 table = lsdb->type[i].db;
3364 for (rn = route_top(table); rn; rn = route_next(rn))
3365 if ((lsa = (rn->info)) != NULL)
3366 if (ospf_make_ls_req_func(s, &length, delta,
3367 nbr, lsa)
3368 == 0) {
3369 route_unlock_node(rn);
3370 break;
3371 }
3372 }
3373 return length;
3374 }
3375
3376 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3377 {
3378 int age;
3379
3380 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3381
3382 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3383 }
3384
3385 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3386 struct stream *s)
3387 {
3388 struct ospf_lsa *lsa;
3389 struct listnode *node;
3390 u_int16_t length = 0;
3391 unsigned int size_noauth;
3392 unsigned long delta = stream_get_endp(s);
3393 unsigned long pp;
3394 int count = 0;
3395
3396 if (IS_DEBUG_OSPF_EVENT)
3397 zlog_debug("ospf_make_ls_upd: Start");
3398
3399 pp = stream_get_endp(s);
3400 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3401 length += OSPF_LS_UPD_MIN_SIZE;
3402
3403 /* Calculate amount of packet usable for data. */
3404 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3405
3406 while ((node = listhead(update)) != NULL) {
3407 struct lsa_header *lsah;
3408 u_int16_t ls_age;
3409
3410 if (IS_DEBUG_OSPF_EVENT)
3411 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3412 count);
3413
3414 lsa = listgetdata(node);
3415
3416 assert(lsa->data);
3417
3418 /* Will it fit? */
3419 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3420 break;
3421
3422 /* Keep pointer to LS age. */
3423 lsah = (struct lsa_header *)(STREAM_DATA(s)
3424 + stream_get_endp(s));
3425
3426 /* Put LSA to Link State Request. */
3427 stream_put(s, lsa->data, ntohs(lsa->data->length));
3428
3429 /* Set LS age. */
3430 /* each hop must increment an lsa_age by transmit_delay
3431 of OSPF interface */
3432 ls_age = ls_age_increment(lsa,
3433 OSPF_IF_PARAM(oi, transmit_delay));
3434 lsah->ls_age = htons(ls_age);
3435
3436 length += ntohs(lsa->data->length);
3437 count++;
3438
3439 list_delete_node(update, node);
3440 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3441 }
3442
3443 /* Now set #LSAs. */
3444 stream_putl_at(s, pp, count);
3445
3446 if (IS_DEBUG_OSPF_EVENT)
3447 zlog_debug("ospf_make_ls_upd: Stop");
3448 return length;
3449 }
3450
3451 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3452 struct stream *s)
3453 {
3454 struct listnode *node, *nnode;
3455 u_int16_t length = OSPF_LS_ACK_MIN_SIZE;
3456 unsigned long delta = stream_get_endp(s) + 24;
3457 struct ospf_lsa *lsa;
3458
3459 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3460 assert(lsa);
3461
3462 if (length + delta > ospf_packet_max(oi))
3463 break;
3464
3465 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3466 length += OSPF_LSA_HEADER_SIZE;
3467
3468 listnode_delete(ack, lsa);
3469 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3470 }
3471
3472 return length;
3473 }
3474
3475 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3476 {
3477 struct ospf_packet *op;
3478 u_int16_t length = OSPF_HEADER_SIZE;
3479
3480 op = ospf_packet_new(oi->ifp->mtu);
3481
3482 /* Prepare OSPF common header. */
3483 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3484
3485 /* Prepare OSPF Hello body. */
3486 length += ospf_make_hello(oi, op->s);
3487
3488 /* Fill OSPF header. */
3489 ospf_fill_header(oi, op->s, length);
3490
3491 /* Set packet length. */
3492 op->length = length;
3493
3494 op->dst.s_addr = addr;
3495
3496 if (IS_DEBUG_OSPF_EVENT) {
3497 if (oi->ospf->vrf_id)
3498 zlog_debug("%s: Hello Tx interface %s ospf vrf %s id %u",
3499 __PRETTY_FUNCTION__, oi->ifp->name,
3500 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3501 oi->ospf->vrf_id);
3502 }
3503 /* Add packet to the top of the interface output queue, so that they
3504 * can't get delayed by things like long queues of LS Update packets
3505 */
3506 ospf_packet_add_top(oi, op);
3507
3508 /* Hook thread to write packet. */
3509 OSPF_ISM_WRITE_ON(oi->ospf);
3510 }
3511
3512 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3513 {
3514 struct ospf_interface *oi;
3515
3516 oi = nbr_nbma->oi;
3517 assert(oi);
3518
3519 /* If this is passive interface, do not send OSPF Hello. */
3520 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3521 return;
3522
3523 if (oi->type != OSPF_IFTYPE_NBMA)
3524 return;
3525
3526 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3527 return;
3528
3529 if (PRIORITY(oi) == 0)
3530 return;
3531
3532 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3533 && oi->state != ISM_Backup)
3534 return;
3535
3536 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3537 }
3538
3539 int ospf_poll_timer(struct thread *thread)
3540 {
3541 struct ospf_nbr_nbma *nbr_nbma;
3542
3543 nbr_nbma = THREAD_ARG(thread);
3544 nbr_nbma->t_poll = NULL;
3545
3546 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3547 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3548 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3549
3550 ospf_poll_send(nbr_nbma);
3551
3552 if (nbr_nbma->v_poll > 0)
3553 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3554 nbr_nbma->v_poll);
3555
3556 return 0;
3557 }
3558
3559
3560 int ospf_hello_reply_timer(struct thread *thread)
3561 {
3562 struct ospf_neighbor *nbr;
3563
3564 nbr = THREAD_ARG(thread);
3565 nbr->t_hello_reply = NULL;
3566
3567 assert(nbr->oi);
3568
3569 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3570 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3571 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3572
3573 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3574
3575 return 0;
3576 }
3577
3578 /* Send OSPF Hello. */
3579 void ospf_hello_send(struct ospf_interface *oi)
3580 {
3581 /* If this is passive interface, do not send OSPF Hello. */
3582 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3583 return;
3584
3585 if (oi->type == OSPF_IFTYPE_NBMA) {
3586 struct ospf_neighbor *nbr;
3587 struct route_node *rn;
3588
3589 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3590 if ((nbr = rn->info))
3591 if (nbr != oi->nbr_self)
3592 if (nbr->state != NSM_Down) {
3593 /* RFC 2328 Section 9.5.1
3594 If the router is not
3595 eligible to become Designated
3596 Router,
3597 it must periodically send
3598 Hello Packets to both the
3599 Designated Router and the
3600 Backup Designated Router (if
3601 they
3602 exist). */
3603 if (PRIORITY(oi) == 0
3604 && IPV4_ADDR_CMP(
3605 &DR(oi),
3606 &nbr->address.u
3607 .prefix4)
3608 && IPV4_ADDR_CMP(
3609 &BDR(oi),
3610 &nbr->address.u
3611 .prefix4))
3612 continue;
3613
3614 /* If the router is eligible to
3615 become Designated Router, it
3616 must periodically send Hello
3617 Packets to all neighbors that
3618 are also eligible. In
3619 addition, if the router is
3620 itself the
3621 Designated Router or Backup
3622 Designated Router, it must
3623 also
3624 send periodic Hello Packets
3625 to all other neighbors. */
3626
3627 if (nbr->priority == 0
3628 && oi->state == ISM_DROther)
3629 continue;
3630 /* if oi->state == Waiting, send
3631 * hello to all neighbors */
3632 ospf_hello_send_sub(
3633 oi,
3634 nbr->address.u.prefix4
3635 .s_addr);
3636 }
3637 } else {
3638 /* Decide destination address. */
3639 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3640 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3641 else
3642 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3643 }
3644 }
3645
3646 /* Send OSPF Database Description. */
3647 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3648 {
3649 struct ospf_interface *oi;
3650 struct ospf_packet *op;
3651 u_int16_t length = OSPF_HEADER_SIZE;
3652
3653 oi = nbr->oi;
3654 op = ospf_packet_new(oi->ifp->mtu);
3655
3656 /* Prepare OSPF common header. */
3657 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3658
3659 /* Prepare OSPF Database Description body. */
3660 length += ospf_make_db_desc(oi, nbr, op->s);
3661
3662 /* Fill OSPF header. */
3663 ospf_fill_header(oi, op->s, length);
3664
3665 /* Set packet length. */
3666 op->length = length;
3667
3668 /* Decide destination address. */
3669 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3670 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3671 else
3672 op->dst = nbr->address.u.prefix4;
3673
3674 /* Add packet to the interface output queue. */
3675 ospf_packet_add(oi, op);
3676
3677 /* Hook thread to write packet. */
3678 OSPF_ISM_WRITE_ON(oi->ospf);
3679
3680 /* Remove old DD packet, then copy new one and keep in neighbor
3681 * structure. */
3682 if (nbr->last_send)
3683 ospf_packet_free(nbr->last_send);
3684 nbr->last_send = ospf_packet_dup(op);
3685 monotime(&nbr->last_send_ts);
3686 }
3687
3688 /* Re-send Database Description. */
3689 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3690 {
3691 struct ospf_interface *oi;
3692
3693 oi = nbr->oi;
3694
3695 /* Add packet to the interface output queue. */
3696 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3697
3698 /* Hook thread to write packet. */
3699 OSPF_ISM_WRITE_ON(oi->ospf);
3700 }
3701
3702 /* Send Link State Request. */
3703 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3704 {
3705 struct ospf_interface *oi;
3706 struct ospf_packet *op;
3707 u_int16_t length = OSPF_HEADER_SIZE;
3708
3709 oi = nbr->oi;
3710 op = ospf_packet_new(oi->ifp->mtu);
3711
3712 /* Prepare OSPF common header. */
3713 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3714
3715 /* Prepare OSPF Link State Request body. */
3716 length += ospf_make_ls_req(nbr, op->s);
3717 if (length == OSPF_HEADER_SIZE) {
3718 ospf_packet_free(op);
3719 return;
3720 }
3721
3722 /* Fill OSPF header. */
3723 ospf_fill_header(oi, op->s, length);
3724
3725 /* Set packet length. */
3726 op->length = length;
3727
3728 /* Decide destination address. */
3729 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3730 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3731 else
3732 op->dst = nbr->address.u.prefix4;
3733
3734 /* Add packet to the interface output queue. */
3735 ospf_packet_add(oi, op);
3736
3737 /* Hook thread to write packet. */
3738 OSPF_ISM_WRITE_ON(oi->ospf);
3739
3740 /* Add Link State Request Retransmission Timer. */
3741 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3742 }
3743
3744 /* Send Link State Update with an LSA. */
3745 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3746 int flag)
3747 {
3748 struct list *update;
3749
3750 update = list_new();
3751
3752 listnode_add(update, lsa);
3753 ospf_ls_upd_send(nbr, update, flag);
3754
3755 list_delete(update);
3756 }
3757
3758 /* Determine size for packet. Must be at least big enough to accomodate next
3759 * LSA on list, which may be bigger than MTU size.
3760 *
3761 * Return pointer to new ospf_packet
3762 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3763 * on packet sizes (in which case offending LSA is deleted from update list)
3764 */
3765 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3766 struct ospf_interface *oi)
3767 {
3768 struct ospf_lsa *lsa;
3769 struct listnode *ln;
3770 size_t size;
3771 static char warned = 0;
3772
3773 lsa = listgetdata((ln = listhead(update)));
3774 assert(lsa->data);
3775
3776 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3777 > ospf_packet_max(oi)) {
3778 if (!warned) {
3779 zlog_warn(
3780 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3781 "will need to fragment. Not optimal. Try divide up"
3782 " your network with areas. Use 'debug ospf packet send'"
3783 " to see details, or look at 'show ip ospf database ..'");
3784 warned = 1;
3785 }
3786
3787 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3788 zlog_debug(
3789 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3790 " %d bytes originated by %s, will be fragmented!",
3791 inet_ntoa(lsa->data->id),
3792 ntohs(lsa->data->length),
3793 inet_ntoa(lsa->data->adv_router));
3794
3795 /*
3796 * Allocate just enough to fit this LSA only, to avoid including
3797 * other
3798 * LSAs in fragmented LSA Updates.
3799 */
3800 size = ntohs(lsa->data->length)
3801 + (oi->ifp->mtu - ospf_packet_max(oi))
3802 + OSPF_LS_UPD_MIN_SIZE;
3803 } else
3804 size = oi->ifp->mtu;
3805
3806 if (size > OSPF_MAX_PACKET_SIZE) {
3807 zlog_warn(
3808 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3809 " %d bytes, packet size %ld, dropping it completely."
3810 " OSPF routing is broken!",
3811 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3812 (long int)size);
3813 list_delete_node(update, ln);
3814 return NULL;
3815 }
3816
3817 /* IP header is built up separately by ospf_write(). This means, that we
3818 * must
3819 * reduce the "affordable" size just calculated by length of an IP
3820 * header.
3821 * This makes sure, that even if we manage to fill the payload with LSA
3822 * data
3823 * completely, the final packet (our data plus IP header) still fits
3824 * into
3825 * outgoing interface MTU. This correction isn't really meaningful for
3826 * an
3827 * oversized LSA, but for consistency the correction is done for both
3828 * cases.
3829 *
3830 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3831 */
3832 return ospf_packet_new(size - sizeof(struct ip));
3833 }
3834
3835 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3836 struct list *update, struct in_addr addr)
3837 {
3838 struct ospf_packet *op;
3839 u_int16_t length = OSPF_HEADER_SIZE;
3840
3841 if (IS_DEBUG_OSPF_EVENT)
3842 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3843 IF_NAME(oi), inet_ntoa(addr));
3844
3845 op = ospf_ls_upd_packet_new(update, oi);
3846
3847 /* Prepare OSPF common header. */
3848 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3849
3850 /* Prepare OSPF Link State Update body.
3851 * Includes Type-7 translation.
3852 */
3853 length += ospf_make_ls_upd(oi, update, op->s);
3854
3855 /* Fill OSPF header. */
3856 ospf_fill_header(oi, op->s, length);
3857
3858 /* Set packet length. */
3859 op->length = length;
3860
3861 /* Decide destination address. */
3862 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3863 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3864 else
3865 op->dst.s_addr = addr.s_addr;
3866
3867 /* Add packet to the interface output queue. */
3868 ospf_packet_add(oi, op);
3869
3870 /* Hook thread to write packet. */
3871 OSPF_ISM_WRITE_ON(oi->ospf);
3872 }
3873
3874 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3875 {
3876 struct ospf_interface *oi = THREAD_ARG(thread);
3877 struct route_node *rn;
3878 struct route_node *rnext;
3879 struct list *update;
3880 char again = 0;
3881
3882 oi->t_ls_upd_event = NULL;
3883
3884 if (IS_DEBUG_OSPF_EVENT)
3885 zlog_debug("ospf_ls_upd_send_queue start");
3886
3887 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3888 rnext = route_next(rn);
3889
3890 if (rn->info == NULL)
3891 continue;
3892
3893 update = (struct list *)rn->info;
3894
3895 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4);
3896
3897 /* list might not be empty. */
3898 if (listcount(update) == 0) {
3899 list_delete(rn->info);
3900 rn->info = NULL;
3901 route_unlock_node(rn);
3902 } else
3903 again = 1;
3904 }
3905
3906 if (again != 0) {
3907 if (IS_DEBUG_OSPF_EVENT)
3908 zlog_debug(
3909 "ospf_ls_upd_send_queue: update lists not cleared,"
3910 " %d nodes to try again, raising new event",
3911 again);
3912 oi->t_ls_upd_event = NULL;
3913 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3914 &oi->t_ls_upd_event);
3915 }
3916
3917 if (IS_DEBUG_OSPF_EVENT)
3918 zlog_debug("ospf_ls_upd_send_queue stop");
3919
3920 return 0;
3921 }
3922
3923 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag)
3924 {
3925 struct ospf_interface *oi;
3926 struct ospf_lsa *lsa;
3927 struct prefix_ipv4 p;
3928 struct route_node *rn;
3929 struct listnode *node;
3930
3931 oi = nbr->oi;
3932
3933 p.family = AF_INET;
3934 p.prefixlen = IPV4_MAX_BITLEN;
3935
3936 /* Decide destination address. */
3937 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3938 p.prefix = oi->vl_data->peer_addr;
3939 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3940 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3941 else if (flag == OSPF_SEND_PACKET_DIRECT)
3942 p.prefix = nbr->address.u.prefix4;
3943 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
3944 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3945 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
3946 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
3947 else
3948 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
3949
3950 if (oi->type == OSPF_IFTYPE_NBMA) {
3951 if (flag == OSPF_SEND_PACKET_INDIRECT)
3952 zlog_warn(
3953 "* LS-Update is directly sent on NBMA network.");
3954 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
3955 zlog_warn("* LS-Update is sent to myself.");
3956 }
3957
3958 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
3959
3960 if (rn->info == NULL)
3961 rn->info = list_new();
3962 else
3963 route_unlock_node(rn);
3964
3965 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
3966 listnode_add(rn->info,
3967 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
3968
3969 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3970 &oi->t_ls_upd_event);
3971 }
3972
3973 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
3974 struct in_addr dst)
3975 {
3976 struct ospf_packet *op;
3977 u_int16_t length = OSPF_HEADER_SIZE;
3978
3979 op = ospf_packet_new(oi->ifp->mtu);
3980
3981 /* Prepare OSPF common header. */
3982 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
3983
3984 /* Prepare OSPF Link State Acknowledgment body. */
3985 length += ospf_make_ls_ack(oi, ack, op->s);
3986
3987 /* Fill OSPF header. */
3988 ospf_fill_header(oi, op->s, length);
3989
3990 /* Set packet length. */
3991 op->length = length;
3992
3993 /* Decide destination address. */
3994 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3995 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3996 else
3997 op->dst.s_addr = dst.s_addr;
3998
3999 /* Add packet to the interface output queue. */
4000 ospf_packet_add(oi, op);
4001
4002 /* Hook thread to write packet. */
4003 OSPF_ISM_WRITE_ON(oi->ospf);
4004 }
4005
4006 static int ospf_ls_ack_send_event(struct thread *thread)
4007 {
4008 struct ospf_interface *oi = THREAD_ARG(thread);
4009
4010 oi->t_ls_ack_direct = NULL;
4011
4012 while (listcount(oi->ls_ack_direct.ls_ack))
4013 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4014 oi->ls_ack_direct.dst);
4015
4016 return 0;
4017 }
4018
4019 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4020 {
4021 struct ospf_interface *oi = nbr->oi;
4022
4023 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4024 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4025
4026 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4027
4028 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4029 &oi->t_ls_ack_direct);
4030 }
4031
4032 /* Send Link State Acknowledgment delayed. */
4033 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4034 {
4035 struct in_addr dst;
4036
4037 /* Decide destination address. */
4038 /* RFC2328 Section 13.5 On non-broadcast
4039 networks, delayed Link State Acknowledgment packets must be
4040 unicast separately over each adjacency (i.e., neighbor whose
4041 state is >= Exchange). */
4042 if (oi->type == OSPF_IFTYPE_NBMA) {
4043 struct ospf_neighbor *nbr;
4044 struct route_node *rn;
4045
4046 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4047 if ((nbr = rn->info) != NULL)
4048 if (nbr != oi->nbr_self
4049 && nbr->state >= NSM_Exchange)
4050 while (listcount(oi->ls_ack))
4051 ospf_ls_ack_send_list(
4052 oi, oi->ls_ack,
4053 nbr->address.u.prefix4);
4054 return;
4055 }
4056 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4057 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4058 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4059 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4060 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4061 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4062 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4063 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4064 else
4065 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4066
4067 while (listcount(oi->ls_ack))
4068 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4069 }
4070
4071 /*
4072 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4073 * address. As a result, the kernel does not need to learn the interface
4074 * MAC of the OSPF neighbor. However, in our world, this will delay
4075 * convergence. Take the case when due to a link flap, all routes now
4076 * want to use an interface which was deemed to be costlier prior to this
4077 * event. For routes that will be installed, the missing MAC will have
4078 * punt-to-CPU set on them. This may overload the CPU control path that
4079 * can be avoided if the MAC was known apriori.
4080 */
4081 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4082 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4083 {
4084 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4085 int ret;
4086
4087 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4088 return;
4089
4090 snprintf(ping_nbr, sizeof(ping_nbr),
4091 "ping -c 1 -I %s %s > /dev/null 2>&1 &",
4092 nbr->oi->ifp->name, inet_ntoa(nbr->address.u.prefix4));
4093
4094 ret = system(ping_nbr);
4095 if (IS_DEBUG_OSPF_EVENT)
4096 zlog_debug("Executed %s %s", ping_nbr,
4097 ((ret == 0) ? "successfully" : "but failed"));
4098 }
FRRouting mirror