]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ospfd: no router ospf crash fix
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38 #include "lib_errors.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53 #include "ospfd/ospf_errors.h"
54
55 /*
56 * OSPF Fragmentation / fragmented writes
57 *
58 * ospfd can support writing fragmented packets, for cases where
59 * kernel will not fragment IP_HDRINCL and/or multicast destined
60 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
61 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
62 * flags fields, hence user-space fragmentation will not work.
63 * Only Linux is known to leave IP header unmolested.
64 * Further, fragmentation really should be done the kernel, which already
65 * supports it, and which avoids nasty IP ID state problems.
66 *
67 * Fragmentation of OSPF packets can be required on networks with router
68 * with many many interfaces active in one area, or on networks with links
69 * with low MTUs.
70 */
71 #ifdef GNU_LINUX
72 #define WANT_OSPF_WRITE_FRAGMENT
73 #endif
74
75 /* Packet Type String. */
76 const struct message ospf_packet_type_str[] = {
77 {OSPF_MSG_HELLO, "Hello"},
78 {OSPF_MSG_DB_DESC, "Database Description"},
79 {OSPF_MSG_LS_REQ, "Link State Request"},
80 {OSPF_MSG_LS_UPD, "Link State Update"},
81 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
82 {0}};
83
84 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
85 particular types, offset is the "type" field of a packet. */
86 static const uint16_t ospf_packet_minlen[] = {
87 0,
88 OSPF_HELLO_MIN_SIZE,
89 OSPF_DB_DESC_MIN_SIZE,
90 OSPF_LS_REQ_MIN_SIZE,
91 OSPF_LS_UPD_MIN_SIZE,
92 OSPF_LS_ACK_MIN_SIZE,
93 };
94
95 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
96 types, offset is the "LSA type" field. */
97 static const uint16_t ospf_lsa_minlen[] = {
98 0,
99 OSPF_ROUTER_LSA_MIN_SIZE,
100 OSPF_NETWORK_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_SUMMARY_LSA_MIN_SIZE,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 0,
108 0,
109 0,
110 };
111
112 /* for ospf_check_auth() */
113 static int ospf_check_sum(struct ospf_header *);
114
115 /* OSPF authentication checking function */
116 static int ospf_auth_type(struct ospf_interface *oi)
117 {
118 int auth_type;
119
120 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
121 auth_type = oi->area->auth_type;
122 else
123 auth_type = OSPF_IF_PARAM(oi, auth_type);
124
125 /* Handle case where MD5 key list is not configured aka Cisco */
126 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
127 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
128 return OSPF_AUTH_NULL;
129
130 return auth_type;
131 }
132
133 struct ospf_packet *ospf_packet_new(size_t size)
134 {
135 struct ospf_packet *new;
136
137 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
138 new->s = stream_new(size);
139
140 return new;
141 }
142
143 void ospf_packet_free(struct ospf_packet *op)
144 {
145 if (op->s)
146 stream_free(op->s);
147
148 XFREE(MTYPE_OSPF_PACKET, op);
149 }
150
151 struct ospf_fifo *ospf_fifo_new(void)
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 flog_err(
236 EC_OSPF_PKT_PROCESS,
237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
247
248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
257 {
258 if (!oi->obuf) {
259 flog_err(
260 EC_OSPF_PKT_PROCESS,
261 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
262 "destination %s) called with NULL obuf, ignoring "
263 "(please report this bug)!\n",
264 IF_NAME(oi), oi->state,
265 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
266 lookup_msg(ospf_packet_type_str,
267 stream_getc_from(op->s, 1), NULL),
268 inet_ntoa(op->dst));
269 return;
270 }
271
272 /* Add packet to head of queue. */
273 ospf_fifo_push_head(oi->obuf, op);
274
275 /* Debug of packet fifo*/
276 /* ospf_fifo_debug (oi->obuf); */
277 }
278
279 void ospf_packet_delete(struct ospf_interface *oi)
280 {
281 struct ospf_packet *op;
282
283 op = ospf_fifo_pop(oi->obuf);
284
285 if (op)
286 ospf_packet_free(op);
287 }
288
289 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
290 {
291 struct ospf_packet *new;
292
293 if (stream_get_endp(op->s) != op->length)
294 /* XXX size_t */
295 zlog_debug(
296 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
297 (unsigned long)STREAM_SIZE(op->s), op->length);
298
299 /* Reserve space for MD5 authentication that may be added later. */
300 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
301 stream_copy(new->s, op->s);
302
303 new->dst = op->dst;
304 new->length = op->length;
305
306 return new;
307 }
308
309 /* XXX inline */
310 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
311 {
312 int auth = 0;
313
314 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
315 auth = OSPF_AUTH_MD5_SIZE;
316
317 return auth;
318 }
319
320 static unsigned int ospf_packet_max(struct ospf_interface *oi)
321 {
322 int max;
323
324 max = oi->ifp->mtu - ospf_packet_authspace(oi);
325
326 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
327
328 return max;
329 }
330
331
332 static int ospf_check_md5_digest(struct ospf_interface *oi,
333 struct ospf_header *ospfh)
334 {
335 MD5_CTX ctx;
336 unsigned char digest[OSPF_AUTH_MD5_SIZE];
337 struct crypt_key *ck;
338 struct ospf_neighbor *nbr;
339 uint16_t length = ntohs(ospfh->length);
340
341 /* Get secret key. */
342 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
343 ospfh->u.crypt.key_id);
344 if (ck == NULL) {
345 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
346 IF_NAME(oi), ospfh->u.crypt.key_id);
347 return 0;
348 }
349
350 /* check crypto seqnum. */
351 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
352
353 if (nbr
354 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
355 flog_warn(
356 EC_OSPF_MD5,
357 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
358 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
359 ntohl(nbr->crypt_seqnum));
360 return 0;
361 }
362
363 /* Generate a digest for the ospf packet - their digest + our digest. */
364 memset(&ctx, 0, sizeof(ctx));
365 MD5Init(&ctx);
366 MD5Update(&ctx, ospfh, length);
367 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
368 MD5Final(digest, &ctx);
369
370 /* compare the two */
371 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
372 flog_warn(EC_OSPF_MD5,
373 "interface %s: ospf_check_md5 checksum mismatch",
374 IF_NAME(oi));
375 return 0;
376 }
377
378 /* save neighbor's crypt_seqnum */
379 if (nbr)
380 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
381 return 1;
382 }
383
384 /* This function is called from ospf_write(), it will detect the
385 authentication scheme and if it is MD5, it will change the sequence
386 and update the MD5 digest. */
387 static int ospf_make_md5_digest(struct ospf_interface *oi,
388 struct ospf_packet *op)
389 {
390 struct ospf_header *ospfh;
391 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
392 MD5_CTX ctx;
393 void *ibuf;
394 uint32_t t;
395 struct crypt_key *ck;
396 const uint8_t *auth_key;
397
398 ibuf = STREAM_DATA(op->s);
399 ospfh = (struct ospf_header *)ibuf;
400
401 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
402 return 0;
403
404 /* We do this here so when we dup a packet, we don't have to
405 waste CPU rewriting other headers.
406
407 Note that quagga_time /deliberately/ is not used here */
408 t = (time(NULL) & 0xFFFFFFFF);
409 if (t > oi->crypt_seqnum)
410 oi->crypt_seqnum = t;
411 else
412 oi->crypt_seqnum++;
413
414 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
415
416 /* Get MD5 Authentication key from auth_key list. */
417 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
418 auth_key = (const uint8_t *)digest;
419 else {
420 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
421 auth_key = ck->auth_key;
422 }
423
424 /* Generate a digest for the entire packet + our secret key. */
425 memset(&ctx, 0, sizeof(ctx));
426 MD5Init(&ctx);
427 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
428 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
429 MD5Final(digest, &ctx);
430
431 /* Append md5 digest to the end of the stream. */
432 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
433
434 /* We do *NOT* increment the OSPF header length. */
435 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
436
437 if (stream_get_endp(op->s) != op->length)
438 /* XXX size_t */
439 flog_warn(
440 EC_OSPF_MD5,
441 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
442 (unsigned long)stream_get_endp(op->s), op->length);
443
444 return OSPF_AUTH_MD5_SIZE;
445 }
446
447
448 static int ospf_ls_req_timer(struct thread *thread)
449 {
450 struct ospf_neighbor *nbr;
451
452 nbr = THREAD_ARG(thread);
453 nbr->t_ls_req = NULL;
454
455 /* Send Link State Request. */
456 if (ospf_ls_request_count(nbr))
457 ospf_ls_req_send(nbr);
458
459 /* Set Link State Request retransmission timer. */
460 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
461
462 return 0;
463 }
464
465 void ospf_ls_req_event(struct ospf_neighbor *nbr)
466 {
467 if (nbr->t_ls_req) {
468 thread_cancel(nbr->t_ls_req);
469 nbr->t_ls_req = NULL;
470 }
471 nbr->t_ls_req = NULL;
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
473 }
474
475 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
477 int ospf_ls_upd_timer(struct thread *thread)
478 {
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
524
525 if (listcount(update) > 0)
526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
528 list_delete(&update);
529 }
530
531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
533
534 return 0;
535 }
536
537 int ospf_ls_ack_timer(struct thread *thread)
538 {
539 struct ospf_interface *oi;
540
541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
543
544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
547
548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
550
551 return 0;
552 }
553
554 #ifdef WANT_OSPF_WRITE_FRAGMENT
555 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
557 unsigned int mtu, int flags, uint8_t type)
558 {
559 #define OSPF_WRITE_FRAG_SHIFT 3
560 uint16_t offset;
561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
603 flog_err(
604 EC_LIB_SOCKET,
605 "*** ospf_write_frags: sendmsg failed to %s,"
606 " id %d, off %d, len %d, mtu %u failed with %s",
607 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
608 iph->ip_len, mtu, safe_strerror(errno));
609
610 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
611 zlog_debug(
612 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
613 iph->ip_id, iph->ip_off, iph->ip_len,
614 inet_ntoa(iph->ip_dst));
615 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
616 zlog_debug(
617 "-----------------IP Header Dump----------------------");
618 ospf_ip_header_dump(iph);
619 zlog_debug(
620 "-----------------------------------------------------");
621 }
622 }
623
624 iph->ip_off += offset;
625 stream_forward_getp(op->s, iovp->iov_len);
626 iovp->iov_base = stream_pnt(op->s);
627 }
628
629 /* setup for final fragment */
630 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
631 iph->ip_len = iovp->iov_len + sizeof(struct ip);
632 iph->ip_off &= (~IP_MF);
633 }
634 #endif /* WANT_OSPF_WRITE_FRAGMENT */
635
636 static int ospf_write(struct thread *thread)
637 {
638 struct ospf *ospf = THREAD_ARG(thread);
639 struct ospf_interface *oi;
640 struct ospf_interface *last_serviced_oi = NULL;
641 struct ospf_packet *op;
642 struct sockaddr_in sa_dst;
643 struct ip iph;
644 struct msghdr msg;
645 struct iovec iov[2];
646 uint8_t type;
647 int ret;
648 int flags = 0;
649 struct listnode *node;
650 #ifdef WANT_OSPF_WRITE_FRAGMENT
651 static uint16_t ipid = 0;
652 uint16_t maxdatasize;
653 #endif /* WANT_OSPF_WRITE_FRAGMENT */
654 #define OSPF_WRITE_IPHL_SHIFT 2
655 int pkt_count = 0;
656
657 #ifdef GNU_LINUX
658 unsigned char cmsgbuf[64] = {};
659 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
660 struct in_pktinfo *pi;
661 #endif
662
663 if (ospf->fd < 0 || ospf->oi_running == 0) {
664 if (IS_DEBUG_OSPF_EVENT)
665 zlog_debug(
666 "ospf_write failed to send, fd %d, instance %u"
667 ,ospf->fd, ospf->oi_running);
668 return -1;
669 }
670
671 ospf->t_write = NULL;
672
673 node = listhead(ospf->oi_write_q);
674 assert(node);
675 oi = listgetdata(node);
676 assert(oi);
677
678 #ifdef WANT_OSPF_WRITE_FRAGMENT
679 /* seed ipid static with low order bits of time */
680 if (ipid == 0)
681 ipid = (time(NULL) & 0xffff);
682 #endif /* WANT_OSPF_WRITE_FRAGMENT */
683
684 while ((pkt_count < ospf->write_oi_count) && oi
685 && (last_serviced_oi != oi)) {
686 /* If there is only packet in the queue, the oi is removed from
687 write-q, so fix up the last interface that was serviced */
688 if (last_serviced_oi == NULL) {
689 last_serviced_oi = oi;
690 }
691 pkt_count++;
692 #ifdef WANT_OSPF_WRITE_FRAGMENT
693 /* convenience - max OSPF data per packet */
694 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
695 #endif /* WANT_OSPF_WRITE_FRAGMENT */
696 /* Get one packet from queue. */
697 op = ospf_fifo_head(oi->obuf);
698 assert(op);
699 assert(op->length >= OSPF_HEADER_SIZE);
700
701 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
702 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
703 ospf_if_ipmulticast(ospf, oi->address,
704 oi->ifp->ifindex);
705
706 /* Rewrite the md5 signature & update the seq */
707 ospf_make_md5_digest(oi, op);
708
709 /* Retrieve OSPF packet type. */
710 stream_set_getp(op->s, 1);
711 type = stream_getc(op->s);
712
713 /* reset get pointer */
714 stream_set_getp(op->s, 0);
715
716 memset(&iph, 0, sizeof(struct ip));
717 memset(&sa_dst, 0, sizeof(sa_dst));
718
719 sa_dst.sin_family = AF_INET;
720 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
721 sa_dst.sin_len = sizeof(sa_dst);
722 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
723 sa_dst.sin_addr = op->dst;
724 sa_dst.sin_port = htons(0);
725
726 /* Set DONTROUTE flag if dst is unicast. */
727 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
728 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
729 flags = MSG_DONTROUTE;
730
731 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
732 /* it'd be very strange for header to not be 4byte-word aligned
733 * but.. */
734 if (sizeof(struct ip)
735 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
736 iph.ip_hl++; /* we presume sizeof struct ip cant
737 overflow ip_hl.. */
738
739 iph.ip_v = IPVERSION;
740 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
741 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
742
743 #if defined(__DragonFly__)
744 /*
745 * DragonFly's raw socket expects ip_len/ip_off in network byte
746 * order.
747 */
748 iph.ip_len = htons(iph.ip_len);
749 #endif
750
751 #ifdef WANT_OSPF_WRITE_FRAGMENT
752 /* XXX-MT: not thread-safe at all..
753 * XXX: this presumes this is only programme sending OSPF
754 * packets
755 * otherwise, no guarantee ipid will be unique
756 */
757 iph.ip_id = ++ipid;
758 #endif /* WANT_OSPF_WRITE_FRAGMENT */
759
760 iph.ip_off = 0;
761 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
762 iph.ip_ttl = OSPF_VL_IP_TTL;
763 else
764 iph.ip_ttl = OSPF_IP_TTL;
765 iph.ip_p = IPPROTO_OSPFIGP;
766 iph.ip_sum = 0;
767 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
768 iph.ip_dst.s_addr = op->dst.s_addr;
769
770 memset(&msg, 0, sizeof(msg));
771 msg.msg_name = (caddr_t)&sa_dst;
772 msg.msg_namelen = sizeof(sa_dst);
773 msg.msg_iov = iov;
774 msg.msg_iovlen = 2;
775
776 iov[0].iov_base = (char *)&iph;
777 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
778 iov[1].iov_base = stream_pnt(op->s);
779 iov[1].iov_len = op->length;
780
781 #ifdef GNU_LINUX
782 msg.msg_control = (caddr_t)cm;
783 cm->cmsg_level = SOL_IP;
784 cm->cmsg_type = IP_PKTINFO;
785 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
786 pi = (struct in_pktinfo *)CMSG_DATA(cm);
787 pi->ipi_ifindex = oi->ifp->ifindex;
788
789 msg.msg_controllen = cm->cmsg_len;
790 #endif
791
792 /* Sadly we can not rely on kernels to fragment packets
793 * because of either IP_HDRINCL and/or multicast
794 * destination being set.
795 */
796
797 #ifdef WANT_OSPF_WRITE_FRAGMENT
798 if (op->length > maxdatasize)
799 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
800 oi->ifp->mtu, flags, type);
801 #endif /* WANT_OSPF_WRITE_FRAGMENT */
802
803 /* send final fragment (could be first) */
804 sockopt_iphdrincl_swab_htosys(&iph);
805 ret = sendmsg(ospf->fd, &msg, flags);
806 sockopt_iphdrincl_swab_systoh(&iph);
807 if (IS_DEBUG_OSPF_EVENT)
808 zlog_debug(
809 "ospf_write to %s, "
810 "id %d, off %d, len %d, interface %s, mtu %u:",
811 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
812 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
813
814 if (ret < 0)
815 flog_err(
816 EC_LIB_SOCKET,
817 "*** sendmsg in ospf_write failed to %s, "
818 "id %d, off %d, len %d, interface %s, mtu %u: %s",
819 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
820 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
821 safe_strerror(errno));
822
823 /* Show debug sending packet. */
824 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
825 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
826 zlog_debug(
827 "-----------------------------------------------------");
828 ospf_ip_header_dump(&iph);
829 stream_set_getp(op->s, 0);
830 ospf_packet_dump(op->s);
831 }
832
833 zlog_debug("%s sent to [%s] via [%s].",
834 lookup_msg(ospf_packet_type_str, type, NULL),
835 inet_ntoa(op->dst), IF_NAME(oi));
836
837 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
838 zlog_debug(
839 "-----------------------------------------------------");
840 }
841
842 switch (type) {
843 case OSPF_MSG_HELLO:
844 oi->hello_out++;
845 break;
846 case OSPF_MSG_DB_DESC:
847 oi->db_desc_out++;
848 break;
849 case OSPF_MSG_LS_REQ:
850 oi->ls_req_out++;
851 break;
852 case OSPF_MSG_LS_UPD:
853 oi->ls_upd_out++;
854 break;
855 case OSPF_MSG_LS_ACK:
856 oi->ls_ack_out++;
857 break;
858 default:
859 break;
860 }
861
862 /* Now delete packet from queue. */
863 ospf_packet_delete(oi);
864
865 /* Move this interface to the tail of write_q to
866 serve everyone in a round robin fashion */
867 list_delete_node(ospf->oi_write_q, node);
868 if (ospf_fifo_head(oi->obuf) == NULL) {
869 oi->on_write_q = 0;
870 last_serviced_oi = NULL;
871 oi = NULL;
872 } else {
873 listnode_add(ospf->oi_write_q, oi);
874 }
875
876 /* Setup to service from the head of the queue again */
877 if (!list_isempty(ospf->oi_write_q)) {
878 node = listhead(ospf->oi_write_q);
879 assert(node);
880 oi = listgetdata(node);
881 assert(oi);
882 }
883 }
884
885 /* If packets still remain in queue, call write thread. */
886 if (!list_isempty(ospf->oi_write_q))
887 thread_add_write(master, ospf_write, ospf, ospf->fd,
888 &ospf->t_write);
889
890 return 0;
891 }
892
893 /* OSPF Hello message read -- RFC2328 Section 10.5. */
894 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
895 struct stream *s, struct ospf_interface *oi, int size)
896 {
897 struct ospf_hello *hello;
898 struct ospf_neighbor *nbr;
899 int old_state;
900 struct prefix p;
901
902 /* increment statistics. */
903 oi->hello_in++;
904
905 hello = (struct ospf_hello *)stream_pnt(s);
906
907 /* If Hello is myself, silently discard. */
908 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
909 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
910 zlog_debug(
911 "ospf_header[%s/%s]: selforiginated, "
912 "dropping.",
913 lookup_msg(ospf_packet_type_str, ospfh->type,
914 NULL),
915 inet_ntoa(iph->ip_src));
916 }
917 return;
918 }
919
920 /* get neighbor prefix. */
921 p.family = AF_INET;
922 p.prefixlen = ip_masklen(hello->network_mask);
923 p.u.prefix4 = iph->ip_src;
924
925 /* Compare network mask. */
926 /* Checking is ignored for Point-to-Point and Virtual link. */
927 if (oi->type != OSPF_IFTYPE_POINTOPOINT
928 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
929 if (oi->address->prefixlen != p.prefixlen) {
930 flog_warn(
931 EC_OSPF_PACKET,
932 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
933 inet_ntoa(ospfh->router_id), IF_NAME(oi),
934 (int)oi->address->prefixlen, (int)p.prefixlen);
935 return;
936 }
937
938 /* Compare Router Dead Interval. */
939 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
940 flog_warn(EC_OSPF_PACKET,
941 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
942 "(expected %u, but received %u).",
943 inet_ntoa(ospfh->router_id),
944 OSPF_IF_PARAM(oi, v_wait),
945 ntohl(hello->dead_interval));
946 return;
947 }
948
949 /* Compare Hello Interval - ignored if fast-hellos are set. */
950 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
951 if (OSPF_IF_PARAM(oi, v_hello)
952 != ntohs(hello->hello_interval)) {
953 flog_warn(
954 EC_OSPF_PACKET,
955 "Packet %s [Hello:RECV]: HelloInterval mismatch "
956 "(expected %u, but received %u).",
957 inet_ntoa(ospfh->router_id),
958 OSPF_IF_PARAM(oi, v_hello),
959 ntohs(hello->hello_interval));
960 return;
961 }
962 }
963
964 if (IS_DEBUG_OSPF_EVENT)
965 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
966 inet_ntoa(ospfh->router_id),
967 ospf_options_dump(hello->options),
968 ospf_vrf_id_to_name(oi->ospf->vrf_id));
969
970 /* Compare options. */
971 #define REJECT_IF_TBIT_ON 1 /* XXX */
972 #ifdef REJECT_IF_TBIT_ON
973 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
974 /*
975 * This router does not support non-zero TOS.
976 * Drop this Hello packet not to establish neighbor
977 * relationship.
978 */
979 flog_warn(EC_OSPF_PACKET,
980 "Packet %s [Hello:RECV]: T-bit on, drop it.",
981 inet_ntoa(ospfh->router_id));
982 return;
983 }
984 #endif /* REJECT_IF_TBIT_ON */
985
986 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
987 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
988 /*
989 * This router does know the correct usage of O-bit
990 * the bit should be set in DD packet only.
991 */
992 flog_warn(EC_OSPF_PACKET,
993 "Packet %s [Hello:RECV]: O-bit abuse?",
994 inet_ntoa(ospfh->router_id));
995 #ifdef STRICT_OBIT_USAGE_CHECK
996 return; /* Reject this packet. */
997 #else /* STRICT_OBIT_USAGE_CHECK */
998 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
999 #endif /* STRICT_OBIT_USAGE_CHECK */
1000 }
1001
1002 /* new for NSSA is to ensure that NP is on and E is off */
1003
1004 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1005 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1006 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1007 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1008 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1009 flog_warn(
1010 EC_OSPF_PACKET,
1011 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1012 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1013 hello->options);
1014 return;
1015 }
1016 if (IS_DEBUG_OSPF_NSSA)
1017 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1018 inet_ntoa(ospfh->router_id));
1019 } else
1020 /* The setting of the E-bit found in the Hello Packet's Options
1021 field must match this area's ExternalRoutingCapability A
1022 mismatch causes processing to stop and the packet to be
1023 dropped. The setting of the rest of the bits in the Hello
1024 Packet's Options field should be ignored. */
1025 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1026 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1027 flog_warn(
1028 EC_OSPF_PACKET,
1029 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1030 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1031 hello->options);
1032 return;
1033 }
1034
1035 /* get neighbour struct */
1036 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1037
1038 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1039 assert(nbr);
1040
1041 old_state = nbr->state;
1042
1043 /* Add event to thread. */
1044 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1045
1046 /* RFC2328 Section 9.5.1
1047 If the router is not eligible to become Designated Router,
1048 (snip) It must also send an Hello Packet in reply to an
1049 Hello Packet received from any eligible neighbor (other than
1050 the current Designated Router and Backup Designated Router). */
1051 if (oi->type == OSPF_IFTYPE_NBMA)
1052 if (PRIORITY(oi) == 0 && hello->priority > 0
1053 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1054 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1055 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1056 ospf_hello_reply_timer,
1057 OSPF_HELLO_REPLY_DELAY);
1058
1059 /* on NBMA network type, it happens to receive bidirectional Hello
1060 packet
1061 without advance 1-Way Received event.
1062 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1063 if (oi->type == OSPF_IFTYPE_NBMA
1064 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1065 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1066 nbr->priority = hello->priority;
1067 nbr->d_router = hello->d_router;
1068 nbr->bd_router = hello->bd_router;
1069 return;
1070 }
1071
1072 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1073 size - OSPF_HELLO_MIN_SIZE)) {
1074 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1075 nbr->options |= hello->options;
1076 } else {
1077 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1078 /* Set neighbor information. */
1079 nbr->priority = hello->priority;
1080 nbr->d_router = hello->d_router;
1081 nbr->bd_router = hello->bd_router;
1082 return;
1083 }
1084
1085 /* If neighbor itself declares DR and no BDR exists,
1086 cause event BackupSeen */
1087 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1088 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1089 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1090
1091 /* neighbor itself declares BDR. */
1092 if (oi->state == ISM_Waiting
1093 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1094 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1095
1096 /* had not previously. */
1097 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1098 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1099 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1100 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1101 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1102
1103 /* had not previously. */
1104 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1105 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1106 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1107 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1108 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1109
1110 /* Neighbor priority check. */
1111 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1112 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1113
1114 /* Set neighbor information. */
1115 nbr->priority = hello->priority;
1116 nbr->d_router = hello->d_router;
1117 nbr->bd_router = hello->bd_router;
1118 }
1119
1120 /* Save DD flags/options/Seqnum received. */
1121 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1122 struct ospf_db_desc *dd)
1123 {
1124 nbr->last_recv.flags = dd->flags;
1125 nbr->last_recv.options = dd->options;
1126 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1127 }
1128
1129 /* Process rest of DD packet. */
1130 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1131 struct ospf_neighbor *nbr,
1132 struct ospf_db_desc *dd, uint16_t size)
1133 {
1134 struct ospf_lsa *new, *find;
1135 struct lsa_header *lsah;
1136
1137 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1138 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1139 size -= OSPF_LSA_HEADER_SIZE) {
1140 lsah = (struct lsa_header *)stream_pnt(s);
1141 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1142
1143 /* Unknown LS type. */
1144 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1145 flog_warn(EC_OSPF_PACKET,
1146 "Packet [DD:RECV]: Unknown LS type %d.",
1147 lsah->type);
1148 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1149 return;
1150 }
1151
1152 if (IS_OPAQUE_LSA(lsah->type)
1153 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1154 flog_warn(EC_OSPF_PACKET,
1155 "LSA[Type%d:%s]: Opaque capability mismatch?",
1156 lsah->type, inet_ntoa(lsah->id));
1157 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1158 return;
1159 }
1160
1161 switch (lsah->type) {
1162 case OSPF_AS_EXTERNAL_LSA:
1163 case OSPF_OPAQUE_AS_LSA:
1164 /* Check for stub area. Reject if AS-External from stub
1165 but
1166 allow if from NSSA. */
1167 if (oi->area->external_routing == OSPF_AREA_STUB) {
1168 flog_warn(
1169 EC_OSPF_PACKET,
1170 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1171 lsah->type, inet_ntoa(lsah->id),
1172 (oi->area->external_routing
1173 == OSPF_AREA_STUB)
1174 ? "STUB"
1175 : "NSSA");
1176 OSPF_NSM_EVENT_SCHEDULE(nbr,
1177 NSM_SeqNumberMismatch);
1178 return;
1179 }
1180 break;
1181 default:
1182 break;
1183 }
1184
1185 /* Create LS-request object. */
1186 new = ospf_ls_request_new(lsah);
1187
1188 /* Lookup received LSA, then add LS request list. */
1189 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1190
1191 /* ospf_lsa_more_recent is fine with NULL pointers */
1192 switch (ospf_lsa_more_recent(find, new)) {
1193 case -1:
1194 /* Neighbour has a more recent LSA, we must request it
1195 */
1196 ospf_ls_request_add(nbr, new);
1197 /* fallthru */
1198 case 0:
1199 /* If we have a copy of this LSA, it's either less
1200 * recent
1201 * and we're requesting it from neighbour (the case
1202 * above), or
1203 * it's as recent and we both have same copy (this
1204 * case).
1205 *
1206 * In neither of these two cases is there any point in
1207 * describing our copy of the LSA to the neighbour in a
1208 * DB-Summary packet, if we're still intending to do so.
1209 *
1210 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1211 * backward compatible optimisation to OSPF DB Exchange
1212 * /
1213 * DB Description process implemented here.
1214 */
1215 if (find)
1216 ospf_lsdb_delete(&nbr->db_sum, find);
1217 ospf_lsa_discard(new);
1218 break;
1219 default:
1220 /* We have the more recent copy, nothing specific to do:
1221 * - no need to request neighbours stale copy
1222 * - must leave DB summary list copy alone
1223 */
1224 if (IS_DEBUG_OSPF_EVENT)
1225 zlog_debug(
1226 "Packet [DD:RECV]: LSA received Type %d, "
1227 "ID %s is not recent.",
1228 lsah->type, inet_ntoa(lsah->id));
1229 ospf_lsa_discard(new);
1230 }
1231 }
1232
1233 /* Master */
1234 if (IS_SET_DD_MS(nbr->dd_flags)) {
1235 nbr->dd_seqnum++;
1236
1237 /* Both sides have no More, then we're done with Exchange */
1238 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1239 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1240 else
1241 ospf_db_desc_send(nbr);
1242 }
1243 /* Slave */
1244 else {
1245 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1246
1247 /* Send DD packet in reply.
1248 *
1249 * Must be done to acknowledge the Master's DD, regardless of
1250 * whether we have more LSAs ourselves to describe.
1251 *
1252 * This function will clear the 'More' bit, if after this DD
1253 * we have no more LSAs to describe to the master..
1254 */
1255 ospf_db_desc_send(nbr);
1256
1257 /* Slave can raise ExchangeDone now, if master is also done */
1258 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1259 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1260 }
1261
1262 /* Save received neighbor values from DD. */
1263 ospf_db_desc_save_current(nbr, dd);
1264
1265 if (!nbr->t_ls_req)
1266 ospf_ls_req_send(nbr);
1267 }
1268
1269 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1270 struct ospf_neighbor *nbr)
1271 {
1272 /* Is DD duplicated? */
1273 if (dd->options == nbr->last_recv.options
1274 && dd->flags == nbr->last_recv.flags
1275 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1276 return 1;
1277
1278 return 0;
1279 }
1280
1281 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1282 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1283 struct stream *s, struct ospf_interface *oi,
1284 uint16_t size)
1285 {
1286 struct ospf_db_desc *dd;
1287 struct ospf_neighbor *nbr;
1288
1289 /* Increment statistics. */
1290 oi->db_desc_in++;
1291
1292 dd = (struct ospf_db_desc *)stream_pnt(s);
1293
1294 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1295 if (nbr == NULL) {
1296 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1297 inet_ntoa(ospfh->router_id));
1298 return;
1299 }
1300
1301 /* Check MTU. */
1302 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1303 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1304 flog_warn(
1305 EC_OSPF_PACKET,
1306 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1307 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1308 oi->ifp->mtu);
1309 return;
1310 }
1311
1312 /*
1313 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1314 * not
1315 * required. In fact at least JunOS sends DD packets with P bit clear.
1316 * Until proper solution is developped, this hack should help.
1317 *
1318 * Update: According to the RFCs, N bit is specified /only/ for Hello
1319 * options, unfortunately its use in DD options is not specified. Hence
1320 * some
1321 * implementations follow E-bit semantics and set it in DD options, and
1322 * some
1323 * treat it as unspecified and hence follow the directive "default for
1324 * options is clear", ie unset.
1325 *
1326 * Reset the flag, as ospfd follows E-bit semantics.
1327 */
1328 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1329 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1330 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1331 if (IS_DEBUG_OSPF_EVENT)
1332 zlog_debug(
1333 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1334 inet_ntoa(nbr->router_id));
1335 SET_FLAG(dd->options, OSPF_OPTION_NP);
1336 }
1337
1338 #ifdef REJECT_IF_TBIT_ON
1339 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1340 /*
1341 * In Hello protocol, optional capability must have checked
1342 * to prevent this T-bit enabled router be my neighbor.
1343 */
1344 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1345 inet_ntoa(nbr->router_id));
1346 return;
1347 }
1348 #endif /* REJECT_IF_TBIT_ON */
1349
1350 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1351 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1352 /*
1353 * This node is not configured to handle O-bit, for now.
1354 * Clear it to ignore unsupported capability proposed by
1355 * neighbor.
1356 */
1357 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1358 }
1359
1360 /* Add event to thread. */
1361 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1362
1363 /* Process DD packet by neighbor status. */
1364 switch (nbr->state) {
1365 case NSM_Down:
1366 case NSM_Attempt:
1367 case NSM_TwoWay:
1368 flog_warn(
1369 EC_OSPF_PACKET,
1370 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1371 inet_ntoa(nbr->router_id),
1372 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1373 break;
1374 case NSM_Init:
1375 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1376 /* If the new state is ExStart, the processing of the current
1377 packet should then continue in this new state by falling
1378 through to case ExStart below. */
1379 if (nbr->state != NSM_ExStart)
1380 break;
1381 /* fallthru */
1382 case NSM_ExStart:
1383 /* Initial DBD */
1384 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1385 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1386 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1387 > 0) {
1388 /* We're Slave---obey */
1389 if (CHECK_FLAG(oi->ospf->config,
1390 OSPF_LOG_ADJACENCY_DETAIL))
1391 zlog_info(
1392 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1393 inet_ntoa(nbr->router_id));
1394
1395 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1396
1397 /* Reset I/MS */
1398 UNSET_FLAG(nbr->dd_flags,
1399 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1400 } else {
1401 /* We're Master, ignore the initial DBD from
1402 * Slave */
1403 if (CHECK_FLAG(oi->ospf->config,
1404 OSPF_LOG_ADJACENCY_DETAIL))
1405 zlog_info(
1406 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1407 "ignoring.",
1408 inet_ntoa(nbr->router_id));
1409 break;
1410 }
1411 }
1412 /* Ack from the Slave */
1413 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1414 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1415 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1416 < 0) {
1417 zlog_info(
1418 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1419 inet_ntoa(nbr->router_id));
1420 /* Reset I, leaving MS */
1421 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1422 } else {
1423 flog_warn(EC_OSPF_PACKET,
1424 "Packet[DD]: Neighbor %s Negotiation fails.",
1425 inet_ntoa(nbr->router_id));
1426 break;
1427 }
1428
1429 /* This is where the real Options are saved */
1430 nbr->options = dd->options;
1431
1432 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1433 if (IS_DEBUG_OSPF_EVENT)
1434 zlog_debug(
1435 "Neighbor[%s] is %sOpaque-capable.",
1436 inet_ntoa(nbr->router_id),
1437 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1438 ? ""
1439 : "NOT ");
1440
1441 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1442 && IPV4_ADDR_SAME(&DR(oi),
1443 &nbr->address.u.prefix4)) {
1444 flog_warn(
1445 EC_OSPF_PACKET,
1446 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1447 inet_ntoa(nbr->router_id));
1448 /* This situation is undesirable, but not a real
1449 * error. */
1450 }
1451 }
1452
1453 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1454
1455 /* continue processing rest of packet. */
1456 ospf_db_desc_proc(s, oi, nbr, dd, size);
1457 break;
1458 case NSM_Exchange:
1459 if (ospf_db_desc_is_dup(dd, nbr)) {
1460 if (IS_SET_DD_MS(nbr->dd_flags))
1461 /* Master: discard duplicated DD packet. */
1462 zlog_info(
1463 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1464 inet_ntoa(nbr->router_id));
1465 else
1466 /* Slave: cause to retransmit the last Database
1467 Description. */
1468 {
1469 zlog_info(
1470 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1471 inet_ntoa(nbr->router_id));
1472 ospf_db_desc_resend(nbr);
1473 }
1474 break;
1475 }
1476
1477 /* Otherwise DD packet should be checked. */
1478 /* Check Master/Slave bit mismatch */
1479 if (IS_SET_DD_MS(dd->flags)
1480 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1481 flog_warn(EC_OSPF_PACKET,
1482 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1483 inet_ntoa(nbr->router_id));
1484 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1485 if (IS_DEBUG_OSPF_EVENT)
1486 zlog_debug(
1487 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1488 dd->flags, nbr->dd_flags);
1489 break;
1490 }
1491
1492 /* Check initialize bit is set. */
1493 if (IS_SET_DD_I(dd->flags)) {
1494 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1495 inet_ntoa(nbr->router_id));
1496 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1497 break;
1498 }
1499
1500 /* Check DD Options. */
1501 if (dd->options != nbr->options) {
1502 #ifdef ORIGINAL_CODING
1503 /* Save the new options for debugging */
1504 nbr->options = dd->options;
1505 #endif /* ORIGINAL_CODING */
1506 flog_warn(EC_OSPF_PACKET,
1507 "Packet[DD]: Neighbor %s options mismatch.",
1508 inet_ntoa(nbr->router_id));
1509 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1510 break;
1511 }
1512
1513 /* Check DD sequence number. */
1514 if ((IS_SET_DD_MS(nbr->dd_flags)
1515 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1516 || (!IS_SET_DD_MS(nbr->dd_flags)
1517 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1518 flog_warn(
1519 EC_OSPF_PACKET,
1520 "Packet[DD]: Neighbor %s sequence number mismatch.",
1521 inet_ntoa(nbr->router_id));
1522 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1523 break;
1524 }
1525
1526 /* Continue processing rest of packet. */
1527 ospf_db_desc_proc(s, oi, nbr, dd, size);
1528 break;
1529 case NSM_Loading:
1530 case NSM_Full:
1531 if (ospf_db_desc_is_dup(dd, nbr)) {
1532 if (IS_SET_DD_MS(nbr->dd_flags)) {
1533 /* Master should discard duplicate DD packet. */
1534 zlog_info(
1535 "Packet[DD]: Neighbor %s duplicated, "
1536 "packet discarded.",
1537 inet_ntoa(nbr->router_id));
1538 break;
1539 } else {
1540 if (monotime_since(&nbr->last_send_ts, NULL)
1541 < nbr->v_inactivity * 1000000LL) {
1542 /* In states Loading and Full the slave
1543 must resend
1544 its last Database Description packet
1545 in response to
1546 duplicate Database Description
1547 packets received
1548 from the master. For this reason the
1549 slave must
1550 wait RouterDeadInterval seconds
1551 before freeing the
1552 last Database Description packet.
1553 Reception of a
1554 Database Description packet from the
1555 master after
1556 this interval will generate a
1557 SeqNumberMismatch
1558 neighbor event. RFC2328 Section 10.8
1559 */
1560 ospf_db_desc_resend(nbr);
1561 break;
1562 }
1563 }
1564 }
1565
1566 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1567 break;
1568 default:
1569 flog_warn(EC_OSPF_PACKET,
1570 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1571 inet_ntoa(nbr->router_id), nbr->state);
1572 break;
1573 }
1574 }
1575
1576 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1577
1578 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1579 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1580 struct stream *s, struct ospf_interface *oi,
1581 uint16_t size)
1582 {
1583 struct ospf_neighbor *nbr;
1584 uint32_t ls_type;
1585 struct in_addr ls_id;
1586 struct in_addr adv_router;
1587 struct ospf_lsa *find;
1588 struct list *ls_upd;
1589 unsigned int length;
1590
1591 /* Increment statistics. */
1592 oi->ls_req_in++;
1593
1594 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1595 if (nbr == NULL) {
1596 flog_warn(EC_OSPF_PACKET,
1597 "Link State Request: Unknown Neighbor %s.",
1598 inet_ntoa(ospfh->router_id));
1599 return;
1600 }
1601
1602 /* Add event to thread. */
1603 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1604
1605 /* Neighbor State should be Exchange or later. */
1606 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1607 && nbr->state != NSM_Full) {
1608 flog_warn(
1609 EC_OSPF_PACKET,
1610 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1611 inet_ntoa(ospfh->router_id),
1612 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1613 return;
1614 }
1615
1616 /* Send Link State Update for ALL requested LSAs. */
1617 ls_upd = list_new();
1618 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1619
1620 while (size >= OSPF_LSA_KEY_SIZE) {
1621 /* Get one slice of Link State Request. */
1622 ls_type = stream_getl(s);
1623 ls_id.s_addr = stream_get_ipv4(s);
1624 adv_router.s_addr = stream_get_ipv4(s);
1625
1626 /* Verify LSA type. */
1627 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1628 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1629 list_delete(&ls_upd);
1630 return;
1631 }
1632
1633 /* Search proper LSA in LSDB. */
1634 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1635 adv_router);
1636 if (find == NULL) {
1637 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1638 list_delete(&ls_upd);
1639 return;
1640 }
1641
1642 /* Packet overflows MTU size, send immediately. */
1643 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1644 if (oi->type == OSPF_IFTYPE_NBMA)
1645 ospf_ls_upd_send(nbr, ls_upd,
1646 OSPF_SEND_PACKET_DIRECT, 0);
1647 else
1648 ospf_ls_upd_send(nbr, ls_upd,
1649 OSPF_SEND_PACKET_INDIRECT, 0);
1650
1651 /* Only remove list contents. Keep ls_upd. */
1652 list_delete_all_node(ls_upd);
1653
1654 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1655 }
1656
1657 /* Append LSA to update list. */
1658 listnode_add(ls_upd, find);
1659 length += ntohs(find->data->length);
1660
1661 size -= OSPF_LSA_KEY_SIZE;
1662 }
1663
1664 /* Send rest of Link State Update. */
1665 if (listcount(ls_upd) > 0) {
1666 if (oi->type == OSPF_IFTYPE_NBMA)
1667 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1668 0);
1669 else
1670 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1671 0);
1672
1673 list_delete(&ls_upd);
1674 } else
1675 list_delete(&ls_upd);
1676 }
1677
1678 /* Get the list of LSAs from Link State Update packet.
1679 And process some validation -- RFC2328 Section 13. (1)-(2). */
1680 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1681 struct stream *s,
1682 struct ospf_interface *oi, size_t size)
1683 {
1684 uint16_t count, sum;
1685 uint32_t length;
1686 struct lsa_header *lsah;
1687 struct ospf_lsa *lsa;
1688 struct list *lsas;
1689
1690 lsas = list_new();
1691
1692 count = stream_getl(s);
1693 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1694
1695 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1696 size -= length, stream_forward_getp(s, length), count--) {
1697 lsah = (struct lsa_header *)stream_pnt(s);
1698 length = ntohs(lsah->length);
1699
1700 if (length > size) {
1701 flog_warn(
1702 EC_OSPF_PACKET,
1703 "Link State Update: LSA length exceeds packet size.");
1704 break;
1705 }
1706
1707 /* Validate the LSA's LS checksum. */
1708 sum = lsah->checksum;
1709 if (!ospf_lsa_checksum_valid(lsah)) {
1710 /* (bug #685) more details in a one-line message make it
1711 * possible
1712 * to identify problem source on the one hand and to
1713 * have a better
1714 * chance to compress repeated messages in syslog on the
1715 * other */
1716 flog_warn(
1717 EC_OSPF_PACKET,
1718 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1719 sum, lsah->checksum, inet_ntoa(lsah->id),
1720 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1721 inet_ntoa(lsah->adv_router));
1722 continue;
1723 }
1724
1725 /* Examine the LSA's LS type. */
1726 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1727 flog_warn(EC_OSPF_PACKET,
1728 "Link State Update: Unknown LS type %d",
1729 lsah->type);
1730 continue;
1731 }
1732
1733 /*
1734 * What if the received LSA's age is greater than MaxAge?
1735 * Treat it as a MaxAge case -- endo.
1736 */
1737 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1738 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1739
1740 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1741 #ifdef STRICT_OBIT_USAGE_CHECK
1742 if ((IS_OPAQUE_LSA(lsah->type)
1743 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1744 || (!IS_OPAQUE_LSA(lsah->type)
1745 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1746 /*
1747 * This neighbor must know the exact usage of
1748 * O-bit;
1749 * the bit will be set in Type-9,10,11 LSAs
1750 * only.
1751 */
1752 flog_warn(EC_OSPF_PACKET,
1753 "LSA[Type%d:%s]: O-bit abuse?",
1754 lsah->type, inet_ntoa(lsah->id));
1755 continue;
1756 }
1757 #endif /* STRICT_OBIT_USAGE_CHECK */
1758
1759 /* Do not take in AS External Opaque-LSAs if we are a
1760 * stub. */
1761 if (lsah->type == OSPF_OPAQUE_AS_LSA
1762 && nbr->oi->area->external_routing
1763 != OSPF_AREA_DEFAULT) {
1764 if (IS_DEBUG_OSPF_EVENT)
1765 zlog_debug(
1766 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1767 lsah->type,
1768 inet_ntoa(lsah->id));
1769 continue;
1770 }
1771 } else if (IS_OPAQUE_LSA(lsah->type)) {
1772 flog_warn(EC_OSPF_PACKET,
1773 "LSA[Type%d:%s]: Opaque capability mismatch?",
1774 lsah->type, inet_ntoa(lsah->id));
1775 continue;
1776 }
1777
1778 /* Create OSPF LSA instance. */
1779 lsa = ospf_lsa_new_and_data(length);
1780
1781 lsa->vrf_id = oi->ospf->vrf_id;
1782 /* We may wish to put some error checking if type NSSA comes in
1783 and area not in NSSA mode */
1784 switch (lsah->type) {
1785 case OSPF_AS_EXTERNAL_LSA:
1786 case OSPF_OPAQUE_AS_LSA:
1787 lsa->area = NULL;
1788 break;
1789 case OSPF_OPAQUE_LINK_LSA:
1790 lsa->oi = oi; /* Remember incoming interface for
1791 flooding control. */
1792 /* Fallthrough */
1793 default:
1794 lsa->area = oi->area;
1795 break;
1796 }
1797
1798 memcpy(lsa->data, lsah, length);
1799
1800 if (IS_DEBUG_OSPF_EVENT)
1801 zlog_debug(
1802 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1803 lsa->data->type, inet_ntoa(lsa->data->id),
1804 (void *)lsa);
1805 listnode_add(lsas, lsa);
1806 }
1807
1808 return lsas;
1809 }
1810
1811 /* Cleanup Update list. */
1812 static void ospf_upd_list_clean(struct list *lsas)
1813 {
1814 struct listnode *node, *nnode;
1815 struct ospf_lsa *lsa;
1816
1817 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1818 ospf_lsa_discard(lsa);
1819
1820 list_delete(&lsas);
1821 }
1822
1823 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1824 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1825 struct ospf_header *ospfh, struct stream *s,
1826 struct ospf_interface *oi, uint16_t size)
1827 {
1828 struct ospf_neighbor *nbr;
1829 struct list *lsas;
1830 struct listnode *node, *nnode;
1831 struct ospf_lsa *lsa = NULL;
1832 /* unsigned long ls_req_found = 0; */
1833
1834 /* Dis-assemble the stream, update each entry, re-encapsulate for
1835 * flooding */
1836
1837 /* Increment statistics. */
1838 oi->ls_upd_in++;
1839
1840 /* Check neighbor. */
1841 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1842 if (nbr == NULL) {
1843 flog_warn(EC_OSPF_PACKET,
1844 "Link State Update: Unknown Neighbor %s on int: %s",
1845 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1846 return;
1847 }
1848
1849 /* Add event to thread. */
1850 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1851
1852 /* Check neighbor state. */
1853 if (nbr->state < NSM_Exchange) {
1854 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1855 zlog_debug(
1856 "Link State Update: "
1857 "Neighbor[%s] state %s is less than Exchange",
1858 inet_ntoa(ospfh->router_id),
1859 lookup_msg(ospf_nsm_state_msg, nbr->state,
1860 NULL));
1861 return;
1862 }
1863
1864 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1865 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1866 * of section 13.
1867 */
1868 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1869
1870 if (lsas == NULL)
1871 return;
1872 #define DISCARD_LSA(L, N) \
1873 { \
1874 if (IS_DEBUG_OSPF_EVENT) \
1875 zlog_debug( \
1876 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1877 " Type-%d", \
1878 N, (void *)lsa, (int)lsa->data->type); \
1879 ospf_lsa_discard(L); \
1880 continue; \
1881 }
1882
1883 /* Process each LSA received in the one packet.
1884 *
1885 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1886 * text below are from the steps in RFC 2328, Section 13.
1887 */
1888 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1889 struct ospf_lsa *ls_ret, *current;
1890 int ret = 1;
1891
1892 if (IS_DEBUG_OSPF_NSSA) {
1893 char buf1[INET_ADDRSTRLEN];
1894 char buf2[INET_ADDRSTRLEN];
1895 char buf3[INET_ADDRSTRLEN];
1896
1897 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1898 lsa->data->type,
1899 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1900 INET_ADDRSTRLEN),
1901 inet_ntop(AF_INET, &lsa->data->id, buf2,
1902 INET_ADDRSTRLEN),
1903 inet_ntop(AF_INET, &lsa->data->adv_router,
1904 buf3, INET_ADDRSTRLEN));
1905 }
1906
1907 listnode_delete(lsas,
1908 lsa); /* We don't need it in list anymore */
1909
1910 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1911 */
1912
1913 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1914
1915 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1916 */
1917
1918 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1919 */
1920
1921 /* Do take in Type-7's if we are an NSSA */
1922
1923 /* If we are also an ABR, later translate them to a Type-5
1924 * packet */
1925
1926 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1927 translate them to a separate Type-5 packet. */
1928
1929 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1930 /* Reject from STUB or NSSA */
1931 if (nbr->oi->area->external_routing
1932 != OSPF_AREA_DEFAULT) {
1933 if (IS_DEBUG_OSPF_NSSA)
1934 zlog_debug(
1935 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1936 DISCARD_LSA(lsa, 1);
1937 }
1938
1939 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1940 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1941 if (IS_DEBUG_OSPF_NSSA)
1942 zlog_debug(
1943 "Incoming NSSA LSA Discarded: Not NSSA Area");
1944 DISCARD_LSA(lsa, 2);
1945 }
1946
1947 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1948 if (lsa->data->type == OSPF_ROUTER_LSA)
1949 if (!IPV4_ADDR_SAME(&lsa->data->id,
1950 &lsa->data->adv_router)) {
1951 char buf1[INET_ADDRSTRLEN];
1952 char buf2[INET_ADDRSTRLEN];
1953 char buf3[INET_ADDRSTRLEN];
1954
1955 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1956 "Incoming Router-LSA from %s with "
1957 "Adv-ID[%s] != LS-ID[%s]",
1958 inet_ntop(AF_INET, &ospfh->router_id,
1959 buf1, INET_ADDRSTRLEN),
1960 inet_ntop(AF_INET, &lsa->data->id,
1961 buf2, INET_ADDRSTRLEN),
1962 inet_ntop(AF_INET,
1963 &lsa->data->adv_router, buf3,
1964 INET_ADDRSTRLEN));
1965 flog_err(
1966 EC_OSPF_DOMAIN_CORRUPT,
1967 "OSPF domain compromised by attack or corruption. "
1968 "Verify correct operation of -ALL- OSPF routers.");
1969 DISCARD_LSA(lsa, 0);
1970 }
1971
1972 /* Find the LSA in the current database. */
1973
1974 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1975
1976 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1977 currently
1978 no instance of the LSA in the router's link state database,
1979 and none of router's neighbors are in states Exchange or
1980 Loading,
1981 then take the following actions: */
1982
1983 if (IS_LSA_MAXAGE(lsa) && !current
1984 && ospf_check_nbr_status(oi->ospf)) {
1985 /* (4a) Response Link State Acknowledgment. */
1986 ospf_ls_ack_send(nbr, lsa);
1987
1988 /* (4b) Discard LSA. */
1989 if (IS_DEBUG_OSPF(lsa, LSA)) {
1990 zlog_debug(
1991 "Link State Update[%s]: LS age is equal to MaxAge.",
1992 dump_lsa_key(lsa));
1993 }
1994 DISCARD_LSA(lsa, 3);
1995 }
1996
1997 if (IS_OPAQUE_LSA(lsa->data->type)
1998 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1999 &oi->ospf->router_id)) {
2000 /*
2001 * Even if initial flushing seems to be completed, there
2002 * might
2003 * be a case that self-originated LSA with MaxAge still
2004 * remain
2005 * in the routing domain.
2006 * Just send an LSAck message to cease retransmission.
2007 */
2008 if (IS_LSA_MAXAGE(lsa)) {
2009 zlog_info("LSA[%s]: Boomerang effect?",
2010 dump_lsa_key(lsa));
2011 ospf_ls_ack_send(nbr, lsa);
2012 ospf_lsa_discard(lsa);
2013
2014 if (current != NULL && !IS_LSA_MAXAGE(current))
2015 ospf_opaque_lsa_refresh_schedule(
2016 current);
2017 continue;
2018 }
2019
2020 /*
2021 * If an instance of self-originated Opaque-LSA is not
2022 * found
2023 * in the LSDB, there are some possible cases here.
2024 *
2025 * 1) This node lost opaque-capability after restart.
2026 * 2) Else, a part of opaque-type is no more supported.
2027 * 3) Else, a part of opaque-id is no more supported.
2028 *
2029 * Anyway, it is still this node's responsibility to
2030 * flush it.
2031 * Otherwise, the LSA instance remains in the routing
2032 * domain
2033 * until its age reaches to MaxAge.
2034 */
2035 /* XXX: We should deal with this for *ALL* LSAs, not
2036 * just opaque */
2037 if (current == NULL) {
2038 if (IS_DEBUG_OSPF_EVENT)
2039 zlog_debug(
2040 "LSA[%s]: Previously originated Opaque-LSA,"
2041 "not found in the LSDB.",
2042 dump_lsa_key(lsa));
2043
2044 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2045
2046 ospf_opaque_self_originated_lsa_received(nbr,
2047 lsa);
2048 ospf_ls_ack_send(nbr, lsa);
2049
2050 continue;
2051 }
2052 }
2053
2054 /* It might be happen that received LSA is self-originated
2055 * network LSA, but
2056 * router ID is changed. So, we should check if LSA is a
2057 * network-LSA whose
2058 * Link State ID is one of the router's own IP interface
2059 * addresses but whose
2060 * Advertising Router is not equal to the router's own Router ID
2061 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2062 * flushed.
2063 */
2064
2065 if (lsa->data->type == OSPF_NETWORK_LSA) {
2066 struct listnode *oinode, *oinnode;
2067 struct ospf_interface *out_if;
2068 int Flag = 0;
2069
2070 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2071 oinnode, out_if)) {
2072 if (out_if == NULL)
2073 break;
2074
2075 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2076 &lsa->data->id))
2077 && (!(IPV4_ADDR_SAME(
2078 &oi->ospf->router_id,
2079 &lsa->data->adv_router)))) {
2080 if (out_if->network_lsa_self) {
2081 ospf_lsa_flush_area(
2082 lsa, out_if->area);
2083 if (IS_DEBUG_OSPF_EVENT)
2084 zlog_debug(
2085 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2086 (void *)lsa,
2087 (int)lsa->data
2088 ->type);
2089 ospf_lsa_discard(lsa);
2090 Flag = 1;
2091 }
2092 break;
2093 }
2094 }
2095 if (Flag)
2096 continue;
2097 }
2098
2099 /* (5) Find the instance of this LSA that is currently contained
2100 in the router's link state database. If there is no
2101 database copy, or the received LSA is more recent than
2102 the database copy the following steps must be performed.
2103 (The sub steps from RFC 2328 section 13 step (5) will be
2104 performed in
2105 ospf_flood() ) */
2106
2107 if (current == NULL
2108 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2109 /* CVE-2017-3224 */
2110 if (current && (lsa->data->ls_seqnum ==
2111 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2112 && !IS_LSA_MAXAGE(lsa))) {
2113 zlog_debug(
2114 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2115 dump_lsa_key(lsa));
2116
2117 DISCARD_LSA(lsa, 4);
2118 }
2119
2120 /* Actual flooding procedure. */
2121 if (ospf_flood(oi->ospf, nbr, current, lsa)
2122 < 0) /* Trap NSSA later. */
2123 DISCARD_LSA(lsa, 5);
2124 continue;
2125 }
2126
2127 /* (6) Else, If there is an instance of the LSA on the sending
2128 neighbor's Link state request list, an error has occurred in
2129 the Database Exchange process. In this case, restart the
2130 Database Exchange process by generating the neighbor event
2131 BadLSReq for the sending neighbor and stop processing the
2132 Link State Update packet. */
2133
2134 if (ospf_ls_request_lookup(nbr, lsa)) {
2135 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2136 flog_warn(
2137 EC_OSPF_PACKET,
2138 "LSA[%s] instance exists on Link state request list",
2139 dump_lsa_key(lsa));
2140
2141 /* Clean list of LSAs. */
2142 ospf_upd_list_clean(lsas);
2143 /* this lsa is not on lsas list already. */
2144 ospf_lsa_discard(lsa);
2145 return;
2146 }
2147
2148 /* If the received LSA is the same instance as the database copy
2149 (i.e., neither one is more recent) the following two steps
2150 should be performed: */
2151
2152 if (ret == 0) {
2153 /* If the LSA is listed in the Link state retransmission
2154 list
2155 for the receiving adjacency, the router itself is
2156 expecting
2157 an acknowledgment for this LSA. The router should
2158 treat the
2159 received LSA as an acknowledgment by removing the LSA
2160 from
2161 the Link state retransmission list. This is termed
2162 an
2163 "implied acknowledgment". */
2164
2165 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2166
2167 if (ls_ret != NULL) {
2168 ospf_ls_retransmit_delete(nbr, ls_ret);
2169
2170 /* Delayed acknowledgment sent if advertisement
2171 received
2172 from Designated Router, otherwise do nothing.
2173 */
2174 if (oi->state == ISM_Backup)
2175 if (NBR_IS_DR(nbr))
2176 listnode_add(
2177 oi->ls_ack,
2178 ospf_lsa_lock(lsa));
2179
2180 DISCARD_LSA(lsa, 6);
2181 } else
2182 /* Acknowledge the receipt of the LSA by sending a
2183 Link State Acknowledgment packet back out the
2184 receiving
2185 interface. */
2186 {
2187 ospf_ls_ack_send(nbr, lsa);
2188 DISCARD_LSA(lsa, 7);
2189 }
2190 }
2191
2192 /* The database copy is more recent. If the database copy
2193 has LS age equal to MaxAge and LS sequence number equal to
2194 MaxSequenceNumber, simply discard the received LSA without
2195 acknowledging it. (In this case, the LSA's LS sequence number
2196 is
2197 wrapping, and the MaxSequenceNumber LSA must be completely
2198 flushed before any new LSA instance can be introduced). */
2199
2200 else if (ret > 0) /* Database copy is more recent */
2201 {
2202 if (IS_LSA_MAXAGE(current)
2203 && current->data->ls_seqnum
2204 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2205 DISCARD_LSA(lsa, 8);
2206 }
2207 /* Otherwise, as long as the database copy has not been
2208 sent in a
2209 Link State Update within the last MinLSArrival
2210 seconds, send the
2211 database copy back to the sending neighbor,
2212 encapsulated within
2213 a Link State Update Packet. The Link State Update
2214 Packet should
2215 be sent directly to the neighbor. In so doing, do not
2216 put the
2217 database copy of the LSA on the neighbor's link state
2218 retransmission list, and do not acknowledge the
2219 received (less
2220 recent) LSA instance. */
2221 else {
2222 if (monotime_since(&current->tv_orig, NULL)
2223 >= ospf->min_ls_arrival * 1000LL)
2224 /* Trap NSSA type later.*/
2225 ospf_ls_upd_send_lsa(
2226 nbr, current,
2227 OSPF_SEND_PACKET_DIRECT);
2228 DISCARD_LSA(lsa, 9);
2229 }
2230 }
2231 }
2232 #undef DISCARD_LSA
2233
2234 assert(listcount(lsas) == 0);
2235 list_delete(&lsas);
2236 }
2237
2238 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2239 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2240 struct stream *s, struct ospf_interface *oi,
2241 uint16_t size)
2242 {
2243 struct ospf_neighbor *nbr;
2244
2245 /* increment statistics. */
2246 oi->ls_ack_in++;
2247
2248 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2249 if (nbr == NULL) {
2250 flog_warn(EC_OSPF_PACKET,
2251 "Link State Acknowledgment: Unknown Neighbor %s.",
2252 inet_ntoa(ospfh->router_id));
2253 return;
2254 }
2255
2256 /* Add event to thread. */
2257 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2258
2259 if (nbr->state < NSM_Exchange) {
2260 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2261 zlog_debug(
2262 "Link State Acknowledgment: "
2263 "Neighbor[%s] state %s is less than Exchange",
2264 inet_ntoa(ospfh->router_id),
2265 lookup_msg(ospf_nsm_state_msg, nbr->state,
2266 NULL));
2267 return;
2268 }
2269
2270 while (size >= OSPF_LSA_HEADER_SIZE) {
2271 struct ospf_lsa *lsa, *lsr;
2272
2273 lsa = ospf_lsa_new();
2274 lsa->data = (struct lsa_header *)stream_pnt(s);
2275 lsa->vrf_id = oi->ospf->vrf_id;
2276
2277 /* lsah = (struct lsa_header *) stream_pnt (s); */
2278 size -= OSPF_LSA_HEADER_SIZE;
2279 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2280
2281 if (lsa->data->type < OSPF_MIN_LSA
2282 || lsa->data->type >= OSPF_MAX_LSA) {
2283 lsa->data = NULL;
2284 ospf_lsa_discard(lsa);
2285 continue;
2286 }
2287
2288 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2289
2290 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2291 ospf_ls_retransmit_delete(nbr, lsr);
2292
2293 lsa->data = NULL;
2294 ospf_lsa_discard(lsa);
2295 }
2296
2297 return;
2298 }
2299
2300 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2301 struct interface **ifp,
2302 struct stream *ibuf)
2303 {
2304 int ret;
2305 struct ip *iph;
2306 uint16_t ip_len;
2307 ifindex_t ifindex = 0;
2308 struct iovec iov;
2309 /* Header and data both require alignment. */
2310 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2311 struct msghdr msgh;
2312
2313 memset(&msgh, 0, sizeof(struct msghdr));
2314 msgh.msg_iov = &iov;
2315 msgh.msg_iovlen = 1;
2316 msgh.msg_control = (caddr_t)buff;
2317 msgh.msg_controllen = sizeof(buff);
2318
2319 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2320 if (ret < 0) {
2321 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2322 safe_strerror(errno));
2323 return NULL;
2324 }
2325 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2326 {
2327 flog_warn(
2328 EC_OSPF_PACKET,
2329 "ospf_recv_packet: discarding runt packet of length %d "
2330 "(ip header size is %u)",
2331 ret, (unsigned int)sizeof(iph));
2332 return NULL;
2333 }
2334
2335 /* Note that there should not be alignment problems with this assignment
2336 because this is at the beginning of the stream data buffer. */
2337 iph = (struct ip *)STREAM_DATA(ibuf);
2338 sockopt_iphdrincl_swab_systoh(iph);
2339
2340 ip_len = iph->ip_len;
2341
2342 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2343 /*
2344 * Kernel network code touches incoming IP header parameters,
2345 * before protocol specific processing.
2346 *
2347 * 1) Convert byteorder to host representation.
2348 * --> ip_len, ip_id, ip_off
2349 *
2350 * 2) Adjust ip_len to strip IP header size!
2351 * --> If user process receives entire IP packet via RAW
2352 * socket, it must consider adding IP header size to
2353 * the "ip_len" field of "ip" structure.
2354 *
2355 * For more details, see <netinet/ip_input.c>.
2356 */
2357 ip_len = ip_len + (iph->ip_hl << 2);
2358 #endif
2359
2360 #if defined(__DragonFly__)
2361 /*
2362 * in DragonFly's raw socket, ip_len/ip_off are read
2363 * in network byte order.
2364 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2365 */
2366 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2367 #endif
2368
2369 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2370
2371 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2372
2373 if (ret != ip_len) {
2374 flog_warn(
2375 EC_OSPF_PACKET,
2376 "ospf_recv_packet read length mismatch: ip_len is %d, "
2377 "but recvmsg returned %d",
2378 ip_len, ret);
2379 return NULL;
2380 }
2381
2382 return ibuf;
2383 }
2384
2385 static struct ospf_interface *
2386 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2387 struct ip *iph, struct ospf_header *ospfh)
2388 {
2389 struct ospf_interface *rcv_oi;
2390 struct ospf_vl_data *vl_data;
2391 struct ospf_area *vl_area;
2392 struct listnode *node;
2393
2394 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2395 || !OSPF_IS_AREA_BACKBONE(ospfh))
2396 return NULL;
2397
2398 /* look for local OSPF interface matching the destination
2399 * to determine Area ID. We presume therefore the destination address
2400 * is unique, or at least (for "unnumbered" links), not used in other
2401 * areas
2402 */
2403 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2404 == NULL)
2405 return NULL;
2406
2407 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2408 vl_area =
2409 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2410 if (!vl_area)
2411 continue;
2412
2413 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2414 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2415 if (IS_DEBUG_OSPF_EVENT)
2416 zlog_debug("associating packet with %s",
2417 IF_NAME(vl_data->vl_oi));
2418 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2419 if (IS_DEBUG_OSPF_EVENT)
2420 zlog_debug(
2421 "This VL is not up yet, sorry");
2422 return NULL;
2423 }
2424
2425 return vl_data->vl_oi;
2426 }
2427 }
2428
2429 if (IS_DEBUG_OSPF_EVENT)
2430 zlog_debug("couldn't find any VL to associate the packet with");
2431
2432 return NULL;
2433 }
2434
2435 static int ospf_check_area_id(struct ospf_interface *oi,
2436 struct ospf_header *ospfh)
2437 {
2438 /* Check match the Area ID of the receiving interface. */
2439 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2440 return 1;
2441
2442 return 0;
2443 }
2444
2445 /* Unbound socket will accept any Raw IP packets if proto is matched.
2446 To prevent it, compare src IP address and i/f address with masking
2447 i/f network mask. */
2448 static int ospf_check_network_mask(struct ospf_interface *oi,
2449 struct in_addr ip_src)
2450 {
2451 struct in_addr mask, me, him;
2452
2453 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2454 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2455 return 1;
2456
2457 masklen2ip(oi->address->prefixlen, &mask);
2458
2459 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2460 him.s_addr = ip_src.s_addr & mask.s_addr;
2461
2462 if (IPV4_ADDR_SAME(&me, &him))
2463 return 1;
2464
2465 return 0;
2466 }
2467
2468 /* Return 1, if the packet is properly authenticated and checksummed,
2469 0 otherwise. In particular, check that AuType header field is valid and
2470 matches the locally configured AuType, and that D.5 requirements are met. */
2471 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2472 {
2473 struct crypt_key *ck;
2474 uint16_t iface_auth_type;
2475 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2476
2477 switch (pkt_auth_type) {
2478 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2479 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2480 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2481 flog_warn(
2482 EC_OSPF_PACKET,
2483 "interface %s: auth-type mismatch, local %s, rcvd Null",
2484 IF_NAME(oi),
2485 lookup_msg(ospf_auth_type_str,
2486 iface_auth_type, NULL));
2487 return 0;
2488 }
2489 if (!ospf_check_sum(ospfh)) {
2490 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2491 flog_warn(
2492 EC_OSPF_PACKET,
2493 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2494 IF_NAME(oi),
2495 inet_ntoa(ospfh->router_id));
2496 return 0;
2497 }
2498 return 1;
2499 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2500 if (OSPF_AUTH_SIMPLE
2501 != (iface_auth_type = ospf_auth_type(oi))) {
2502 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2503 flog_warn(
2504 EC_OSPF_PACKET,
2505 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2506 IF_NAME(oi),
2507 lookup_msg(ospf_auth_type_str,
2508 iface_auth_type, NULL));
2509 return 0;
2510 }
2511 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2512 OSPF_AUTH_SIMPLE_SIZE)) {
2513 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2514 flog_warn(EC_OSPF_PACKET,
2515 "interface %s: Simple auth failed",
2516 IF_NAME(oi));
2517 return 0;
2518 }
2519 if (!ospf_check_sum(ospfh)) {
2520 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2521 flog_warn(
2522 EC_OSPF_PACKET,
2523 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2524 IF_NAME(oi),
2525 inet_ntoa(ospfh->router_id));
2526 return 0;
2527 }
2528 return 1;
2529 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2530 if (OSPF_AUTH_CRYPTOGRAPHIC
2531 != (iface_auth_type = ospf_auth_type(oi))) {
2532 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2533 flog_warn(
2534 EC_OSPF_PACKET,
2535 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2536 IF_NAME(oi),
2537 lookup_msg(ospf_auth_type_str,
2538 iface_auth_type, NULL));
2539 return 0;
2540 }
2541 if (ospfh->checksum) {
2542 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2543 flog_warn(
2544 EC_OSPF_PACKET,
2545 "interface %s: OSPF header checksum is not 0",
2546 IF_NAME(oi));
2547 return 0;
2548 }
2549 /* only MD5 crypto method can pass ospf_packet_examin() */
2550 if (NULL == (ck = listgetdata(
2551 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2552 || ospfh->u.crypt.key_id != ck->key_id ||
2553 /* Condition above uses the last key ID on the list,
2554 which is
2555 different from what ospf_crypt_key_lookup() does. A
2556 bug? */
2557 !ospf_check_md5_digest(oi, ospfh)) {
2558 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2559 flog_warn(EC_OSPF_MD5,
2560 "interface %s: MD5 auth failed",
2561 IF_NAME(oi));
2562 return 0;
2563 }
2564 return 1;
2565 default:
2566 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2567 flog_warn(
2568 EC_OSPF_PACKET,
2569 "interface %s: invalid packet auth-type (%02x)",
2570 IF_NAME(oi), pkt_auth_type);
2571 return 0;
2572 }
2573 }
2574
2575 static int ospf_check_sum(struct ospf_header *ospfh)
2576 {
2577 uint32_t ret;
2578 uint16_t sum;
2579
2580 /* clear auth_data for checksum. */
2581 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2582
2583 /* keep checksum and clear. */
2584 sum = ospfh->checksum;
2585 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2586
2587 /* calculate checksum. */
2588 ret = in_cksum(ospfh, ntohs(ospfh->length));
2589
2590 if (ret != sum) {
2591 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2592 ret, sum);
2593 return 0;
2594 }
2595
2596 return 1;
2597 }
2598
2599 /* Verify, that given link/TOS records are properly sized/aligned and match
2600 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2601 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2602 uint16_t linkbytes,
2603 const uint16_t num_links)
2604 {
2605 unsigned counted_links = 0, thislinklen;
2606
2607 while (linkbytes) {
2608 thislinklen =
2609 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2610 if (thislinklen > linkbytes) {
2611 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2612 zlog_debug("%s: length error in link block #%u",
2613 __func__, counted_links);
2614 return MSG_NG;
2615 }
2616 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2617 linkbytes -= thislinklen;
2618 counted_links++;
2619 }
2620 if (counted_links != num_links) {
2621 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2622 zlog_debug("%s: %u link blocks declared, %u present",
2623 __func__, num_links, counted_links);
2624 return MSG_NG;
2625 }
2626 return MSG_OK;
2627 }
2628
2629 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2630 minimum length constraint). */
2631 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2632 const uint8_t headeronly)
2633 {
2634 unsigned ret;
2635 struct router_lsa *rlsa;
2636 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2637 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2638 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2639 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2640 lookup_msg(ospf_lsa_type_msg, lsah->type,
2641 NULL));
2642 return MSG_NG;
2643 }
2644 switch (lsah->type) {
2645 case OSPF_ROUTER_LSA:
2646 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2647 * (12+)-byte link blocks */
2648 if (headeronly) {
2649 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2650 - OSPF_ROUTER_LSA_MIN_SIZE)
2651 % 4
2652 ? MSG_NG
2653 : MSG_OK;
2654 break;
2655 }
2656 rlsa = (struct router_lsa *)lsah;
2657 ret = ospf_router_lsa_links_examin(
2658 (struct router_lsa_link *)rlsa->link,
2659 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2660 header, "flags",
2661 0, "# links" */
2662 ntohs(rlsa->links) /* 16 bits */
2663 );
2664 break;
2665 case OSPF_AS_EXTERNAL_LSA:
2666 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2667 * blocks */
2668 case OSPF_AS_NSSA_LSA:
2669 /* RFC3101 C, idem */
2670 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2671 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2672 % 12
2673 ? MSG_NG
2674 : MSG_OK;
2675 break;
2676 /* Following LSA types are considered OK length-wise as soon as their
2677 * minimum
2678 * length constraint is met and length of the whole LSA is a multiple of
2679 * 4
2680 * (basic LSA header size is already a multiple of 4). */
2681 case OSPF_NETWORK_LSA:
2682 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2683 case OSPF_SUMMARY_LSA:
2684 case OSPF_ASBR_SUMMARY_LSA:
2685 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2686 * blocks */
2687 case OSPF_OPAQUE_LINK_LSA:
2688 case OSPF_OPAQUE_AREA_LSA:
2689 case OSPF_OPAQUE_AS_LSA:
2690 /* RFC5250 A.2, "some number of octets (of application-specific
2691 * data) padded to 32-bit alignment." This is considered
2692 * equivalent
2693 * to 4-byte alignment of all other LSA types, see
2694 * OSPF-ALIGNMENT.txt
2695 * file for the detailed analysis of this passage. */
2696 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2697 break;
2698 default:
2699 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2700 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2701 lsah->type);
2702 return MSG_NG;
2703 }
2704 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2705 zlog_debug("%s: alignment error in %s", __func__,
2706 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2707 return ret;
2708 }
2709
2710 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2711 includes verification of LSA blocks length/alignment and dispatching
2712 of deeper-level checks. */
2713 static unsigned
2714 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2715 size_t length, const uint8_t headeronly,
2716 /* When declared_num_lsas is not 0, compare it to the real
2717 number of LSAs
2718 and treat the difference as an error. */
2719 const uint32_t declared_num_lsas)
2720 {
2721 uint32_t counted_lsas = 0;
2722
2723 while (length) {
2724 uint16_t lsalen;
2725 if (length < OSPF_LSA_HEADER_SIZE) {
2726 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2727 zlog_debug(
2728 "%s: undersized (%zu B) trailing (#%u) LSA header",
2729 __func__, length, counted_lsas);
2730 return MSG_NG;
2731 }
2732 /* save on ntohs() calls here and in the LSA validator */
2733 lsalen = ntohs(lsah->length);
2734 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2735 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2736 zlog_debug(
2737 "%s: malformed LSA header #%u, declared length is %u B",
2738 __func__, counted_lsas, lsalen);
2739 return MSG_NG;
2740 }
2741 if (headeronly) {
2742 /* less checks here and in ospf_lsa_examin() */
2743 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2744 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2745 zlog_debug(
2746 "%s: malformed header-only LSA #%u",
2747 __func__, counted_lsas);
2748 return MSG_NG;
2749 }
2750 lsah = (struct lsa_header *)((caddr_t)lsah
2751 + OSPF_LSA_HEADER_SIZE);
2752 length -= OSPF_LSA_HEADER_SIZE;
2753 } else {
2754 /* make sure the input buffer is deep enough before
2755 * further checks */
2756 if (lsalen > length) {
2757 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2758 zlog_debug(
2759 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2760 __func__, counted_lsas, lsalen,
2761 length);
2762 return MSG_NG;
2763 }
2764 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2765 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2766 zlog_debug("%s: malformed LSA #%u",
2767 __func__, counted_lsas);
2768 return MSG_NG;
2769 }
2770 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2771 length -= lsalen;
2772 }
2773 counted_lsas++;
2774 }
2775
2776 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2777 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2778 zlog_debug(
2779 "%s: #LSAs declared (%u) does not match actual (%u)",
2780 __func__, declared_num_lsas, counted_lsas);
2781 return MSG_NG;
2782 }
2783 return MSG_OK;
2784 }
2785
2786 /* Verify a complete OSPF packet for proper sizing/alignment. */
2787 static unsigned ospf_packet_examin(struct ospf_header *oh,
2788 const unsigned bytesonwire)
2789 {
2790 uint16_t bytesdeclared, bytesauth;
2791 unsigned ret;
2792 struct ospf_ls_update *lsupd;
2793
2794 /* Length, 1st approximation. */
2795 if (bytesonwire < OSPF_HEADER_SIZE) {
2796 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2797 zlog_debug("%s: undersized (%u B) packet", __func__,
2798 bytesonwire);
2799 return MSG_NG;
2800 }
2801 /* Now it is safe to access header fields. Performing length check,
2802 * allow
2803 * for possible extra bytes of crypto auth/padding, which are not
2804 * counted
2805 * in the OSPF header "length" field. */
2806 if (oh->version != OSPF_VERSION) {
2807 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2808 zlog_debug("%s: invalid (%u) protocol version",
2809 __func__, oh->version);
2810 return MSG_NG;
2811 }
2812 bytesdeclared = ntohs(oh->length);
2813 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2814 bytesauth = 0;
2815 else {
2816 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2817 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2818 zlog_debug(
2819 "%s: unsupported crypto auth length (%u B)",
2820 __func__, oh->u.crypt.auth_data_len);
2821 return MSG_NG;
2822 }
2823 bytesauth = OSPF_AUTH_MD5_SIZE;
2824 }
2825 if (bytesdeclared + bytesauth > bytesonwire) {
2826 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2827 zlog_debug(
2828 "%s: packet length error (%u real, %u+%u declared)",
2829 __func__, bytesonwire, bytesdeclared,
2830 bytesauth);
2831 return MSG_NG;
2832 }
2833 /* Length, 2nd approximation. The type-specific constraint is checked
2834 against declared length, not amount of bytes on wire. */
2835 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2836 && bytesdeclared
2837 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2838 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2839 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2840 bytesdeclared,
2841 lookup_msg(ospf_packet_type_str, oh->type,
2842 NULL));
2843 return MSG_NG;
2844 }
2845 switch (oh->type) {
2846 case OSPF_MSG_HELLO:
2847 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2848 followed
2849 by N>=0 router-IDs. */
2850 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2851 % 4
2852 ? MSG_NG
2853 : MSG_OK;
2854 break;
2855 case OSPF_MSG_DB_DESC:
2856 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2857 followed
2858 by N>=0 header-only LSAs. */
2859 ret = ospf_lsaseq_examin(
2860 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2861 + OSPF_DB_DESC_MIN_SIZE),
2862 bytesdeclared - OSPF_HEADER_SIZE
2863 - OSPF_DB_DESC_MIN_SIZE,
2864 1, /* header-only LSAs */
2865 0);
2866 break;
2867 case OSPF_MSG_LS_REQ:
2868 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2869 * request blocks. */
2870 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2871 % OSPF_LSA_KEY_SIZE
2872 ? MSG_NG
2873 : MSG_OK;
2874 break;
2875 case OSPF_MSG_LS_UPD:
2876 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2877 followed
2878 by N>=0 full LSAs (with N declared beforehand). */
2879 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2880 + OSPF_HEADER_SIZE);
2881 ret = ospf_lsaseq_examin(
2882 (struct lsa_header *)((caddr_t)lsupd
2883 + OSPF_LS_UPD_MIN_SIZE),
2884 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2885 0, /* full LSAs */
2886 ntohl(lsupd->num_lsas) /* 32 bits */
2887 );
2888 break;
2889 case OSPF_MSG_LS_ACK:
2890 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2891 * LSAs. */
2892 ret = ospf_lsaseq_examin(
2893 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2894 + OSPF_LS_ACK_MIN_SIZE),
2895 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2896 1, /* header-only LSAs */
2897 0);
2898 break;
2899 default:
2900 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2901 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2902 oh->type);
2903 return MSG_NG;
2904 }
2905 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2906 zlog_debug("%s: malformed %s packet", __func__,
2907 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2908 return ret;
2909 }
2910
2911 /* OSPF Header verification. */
2912 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2913 struct ip *iph, struct ospf_header *ospfh)
2914 {
2915 /* Check Area ID. */
2916 if (!ospf_check_area_id(oi, ospfh)) {
2917 flog_warn(EC_OSPF_PACKET,
2918 "interface %s: ospf_read invalid Area ID %s.",
2919 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2920 return -1;
2921 }
2922
2923 /* Check network mask, Silently discarded. */
2924 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2925 flog_warn(
2926 EC_OSPF_PACKET,
2927 "interface %s: ospf_read network address is not same [%s]",
2928 IF_NAME(oi), inet_ntoa(iph->ip_src));
2929 return -1;
2930 }
2931
2932 /* Check authentication. The function handles logging actions, where
2933 * required. */
2934 if (!ospf_check_auth(oi, ospfh))
2935 return -1;
2936
2937 return 0;
2938 }
2939
2940 /* Starting point of packet process function. */
2941 int ospf_read(struct thread *thread)
2942 {
2943 int ret;
2944 struct stream *ibuf;
2945 struct ospf *ospf;
2946 struct ospf_interface *oi;
2947 struct ip *iph;
2948 struct ospf_header *ospfh;
2949 uint16_t length;
2950 struct interface *ifp = NULL;
2951 struct connected *c;
2952
2953 /* first of all get interface pointer. */
2954 ospf = THREAD_ARG(thread);
2955
2956 /* prepare for next packet. */
2957 ospf->t_read = NULL;
2958 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2959
2960 stream_reset(ospf->ibuf);
2961 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2962 if (ibuf == NULL)
2963 return -1;
2964 /* This raw packet is known to be at least as big as its IP header. */
2965
2966 /* Note that there should not be alignment problems with this assignment
2967 because this is at the beginning of the stream data buffer. */
2968 iph = (struct ip *)STREAM_DATA(ibuf);
2969 /* Note that sockopt_iphdrincl_swab_systoh was called in
2970 * ospf_recv_packet. */
2971
2972 if (ifp == NULL) {
2973 /* Handle cases where the platform does not support retrieving
2974 the ifindex,
2975 and also platforms (such as Solaris 8) that claim to support
2976 ifindex
2977 retrieval but do not. */
2978 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2979 ospf->vrf_id);
2980 if (c)
2981 ifp = c->ifp;
2982 if (ifp == NULL)
2983 return 0;
2984 }
2985
2986 /* IP Header dump. */
2987 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2988 ospf_ip_header_dump(iph);
2989
2990 /* Self-originated packet should be discarded silently. */
2991 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2992 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2993 zlog_debug(
2994 "ospf_read[%s]: Dropping self-originated packet",
2995 inet_ntoa(iph->ip_src));
2996 }
2997 return 0;
2998 }
2999
3000 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
3001 by ospf_recv_packet() to be correct). */
3002 stream_forward_getp(ibuf, iph->ip_hl * 4);
3003
3004 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3005 if (MSG_OK
3006 != ospf_packet_examin(
3007 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
3008 return -1;
3009 /* Now it is safe to access all fields of OSPF packet header. */
3010
3011 /* associate packet with ospf interface */
3012 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3013
3014 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3015 only
3016 after the passive/backbone/other checks below are passed. These
3017 checks
3018 in turn access the fields of unverified "ospfh" structure for their
3019 own
3020 purposes and must remain very accurate in doing this. */
3021
3022 /* If incoming interface is passive one, ignore it. */
3023 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3024 char buf[3][INET_ADDRSTRLEN];
3025
3026 if (IS_DEBUG_OSPF_EVENT)
3027 zlog_debug(
3028 "ignoring packet from router %s sent to %s, "
3029 "received on a passive interface, %s",
3030 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3031 sizeof(buf[0])),
3032 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3033 sizeof(buf[1])),
3034 inet_ntop(AF_INET, &oi->address->u.prefix4,
3035 buf[2], sizeof(buf[2])));
3036
3037 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3038 /* Try to fix multicast membership.
3039 * Some OS:es may have problems in this area,
3040 * make sure it is removed.
3041 */
3042 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3043 ospf_if_set_multicast(oi);
3044 }
3045 return 0;
3046 }
3047
3048
3049 /* if no local ospf_interface,
3050 * or header area is backbone but ospf_interface is not
3051 * check for VLINK interface
3052 */
3053 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3054 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3055 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3056 == NULL) {
3057 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3058 zlog_debug(
3059 "Packet from [%s] received on link %s"
3060 " but no ospf_interface",
3061 inet_ntoa(iph->ip_src), ifp->name);
3062 return 0;
3063 }
3064 }
3065
3066 /* else it must be a local ospf interface, check it was received on
3067 * correct link
3068 */
3069 else if (oi->ifp != ifp) {
3070 if (IS_DEBUG_OSPF_EVENT)
3071 flog_warn(EC_OSPF_PACKET,
3072 "Packet from [%s] received on wrong link %s",
3073 inet_ntoa(iph->ip_src), ifp->name);
3074 return 0;
3075 } else if (oi->state == ISM_Down) {
3076 char buf[2][INET_ADDRSTRLEN];
3077 flog_warn(
3078 EC_OSPF_PACKET,
3079 "Ignoring packet from %s to %s received on interface that is "
3080 "down [%s]; interface flags are %s",
3081 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3082 sizeof(buf[0])),
3083 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3084 sizeof(buf[1])),
3085 ifp->name, if_flag_dump(ifp->flags));
3086 /* Fix multicast memberships? */
3087 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3088 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3089 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3090 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3091 if (oi->multicast_memberships)
3092 ospf_if_set_multicast(oi);
3093 return 0;
3094 }
3095
3096 /*
3097 * If the received packet is destined for AllDRouters, the packet
3098 * should be accepted only if the received ospf interface state is
3099 * either DR or Backup -- endo.
3100 */
3101 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3102 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3103 flog_warn(
3104 EC_OSPF_PACKET,
3105 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3106 inet_ntoa(iph->ip_src), IF_NAME(oi),
3107 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3108 /* Try to fix multicast membership. */
3109 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3110 ospf_if_set_multicast(oi);
3111 return 0;
3112 }
3113
3114 /* Verify more OSPF header fields. */
3115 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3116 if (ret < 0) {
3117 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3118 zlog_debug(
3119 "ospf_read[%s]: Header check failed, "
3120 "dropping.",
3121 inet_ntoa(iph->ip_src));
3122 return ret;
3123 }
3124
3125 /* Show debug receiving packet. */
3126 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3127 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3128 zlog_debug(
3129 "-----------------------------------------------------");
3130 ospf_packet_dump(ibuf);
3131 }
3132
3133 zlog_debug("%s received from [%s] via [%s]",
3134 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3135 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3136 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3137 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3138
3139 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3140 zlog_debug(
3141 "-----------------------------------------------------");
3142 }
3143
3144 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3145
3146 /* Adjust size to message length. */
3147 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3148
3149 /* Read rest of the packet and call each sort of packet routine. */
3150 switch (ospfh->type) {
3151 case OSPF_MSG_HELLO:
3152 ospf_hello(iph, ospfh, ibuf, oi, length);
3153 break;
3154 case OSPF_MSG_DB_DESC:
3155 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3156 break;
3157 case OSPF_MSG_LS_REQ:
3158 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3159 break;
3160 case OSPF_MSG_LS_UPD:
3161 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3162 break;
3163 case OSPF_MSG_LS_ACK:
3164 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3165 break;
3166 default:
3167 flog_warn(EC_OSPF_PACKET,
3168 "interface %s: OSPF packet header type %d is illegal",
3169 IF_NAME(oi), ospfh->type);
3170 break;
3171 }
3172
3173 return 0;
3174 }
3175
3176 /* Make OSPF header. */
3177 static void ospf_make_header(int type, struct ospf_interface *oi,
3178 struct stream *s)
3179 {
3180 struct ospf_header *ospfh;
3181
3182 ospfh = (struct ospf_header *)STREAM_DATA(s);
3183
3184 ospfh->version = (uint8_t)OSPF_VERSION;
3185 ospfh->type = (uint8_t)type;
3186
3187 ospfh->router_id = oi->ospf->router_id;
3188
3189 ospfh->checksum = 0;
3190 ospfh->area_id = oi->area->area_id;
3191 ospfh->auth_type = htons(ospf_auth_type(oi));
3192
3193 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3194
3195 stream_forward_endp(s, OSPF_HEADER_SIZE);
3196 }
3197
3198 /* Make Authentication Data. */
3199 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3200 {
3201 struct crypt_key *ck;
3202
3203 switch (ospf_auth_type(oi)) {
3204 case OSPF_AUTH_NULL:
3205 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3206 */
3207 break;
3208 case OSPF_AUTH_SIMPLE:
3209 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3210 OSPF_AUTH_SIMPLE_SIZE);
3211 break;
3212 case OSPF_AUTH_CRYPTOGRAPHIC:
3213 /* If key is not set, then set 0. */
3214 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3215 ospfh->u.crypt.zero = 0;
3216 ospfh->u.crypt.key_id = 0;
3217 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3218 } else {
3219 ck = listgetdata(
3220 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3221 ospfh->u.crypt.zero = 0;
3222 ospfh->u.crypt.key_id = ck->key_id;
3223 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3224 }
3225 /* note: the seq is done in ospf_make_md5_digest() */
3226 break;
3227 default:
3228 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3229 */
3230 break;
3231 }
3232
3233 return 0;
3234 }
3235
3236 /* Fill rest of OSPF header. */
3237 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3238 uint16_t length)
3239 {
3240 struct ospf_header *ospfh;
3241
3242 ospfh = (struct ospf_header *)STREAM_DATA(s);
3243
3244 /* Fill length. */
3245 ospfh->length = htons(length);
3246
3247 /* Calculate checksum. */
3248 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3249 ospfh->checksum = in_cksum(ospfh, length);
3250 else
3251 ospfh->checksum = 0;
3252
3253 /* Add Authentication Data. */
3254 ospf_make_auth(oi, ospfh);
3255 }
3256
3257 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3258 {
3259 struct ospf_neighbor *nbr;
3260 struct route_node *rn;
3261 uint16_t length = OSPF_HELLO_MIN_SIZE;
3262 struct in_addr mask;
3263 unsigned long p;
3264 int flag = 0;
3265
3266 /* Set netmask of interface. */
3267 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3268 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3269 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3270 masklen2ip(oi->address->prefixlen, &mask);
3271 else
3272 memset((char *)&mask, 0, sizeof(struct in_addr));
3273 stream_put_ipv4(s, mask.s_addr);
3274
3275 /* Set Hello Interval. */
3276 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3277 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3278 else
3279 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3280
3281 if (IS_DEBUG_OSPF_EVENT)
3282 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3283 IF_NAME(oi));
3284
3285 /* Set Options. */
3286 stream_putc(s, OPTIONS(oi));
3287
3288 /* Set Router Priority. */
3289 stream_putc(s, PRIORITY(oi));
3290
3291 /* Set Router Dead Interval. */
3292 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3293
3294 /* Set Designated Router. */
3295 stream_put_ipv4(s, DR(oi).s_addr);
3296
3297 p = stream_get_endp(s);
3298
3299 /* Set Backup Designated Router. */
3300 stream_put_ipv4(s, BDR(oi).s_addr);
3301
3302 /* Add neighbor seen. */
3303 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3304 if ((nbr = rn->info))
3305 if (nbr->router_id.s_addr
3306 != 0) /* Ignore 0.0.0.0 node. */
3307 if (nbr->state
3308 != NSM_Attempt) /* Ignore Down neighbor. */
3309 if (nbr->state
3310 != NSM_Down) /* This is myself for
3311 DR election. */
3312 if (!IPV4_ADDR_SAME(
3313 &nbr->router_id,
3314 &oi->ospf->router_id)) {
3315 /* Check neighbor is
3316 * sane? */
3317 if (nbr->d_router.s_addr
3318 != 0
3319 && IPV4_ADDR_SAME(
3320 &nbr->d_router,
3321 &oi->address
3322 ->u
3323 .prefix4)
3324 && IPV4_ADDR_SAME(
3325 &nbr->bd_router,
3326 &oi->address
3327 ->u
3328 .prefix4))
3329 flag = 1;
3330
3331 /* Hello packet overflows interface MTU. */
3332 if (length + sizeof(uint32_t)
3333 > ospf_packet_max(oi)) {
3334 flog_err(
3335 EC_OSPF_LARGE_HELLO,
3336 "Oversized Hello packet! Larger than MTU. Not sending it out");
3337 return 0;
3338 }
3339
3340 stream_put_ipv4(
3341 s,
3342 nbr->router_id
3343 .s_addr);
3344 length += 4;
3345 }
3346
3347 /* Let neighbor generate BackupSeen. */
3348 if (flag == 1)
3349 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3350
3351 return length;
3352 }
3353
3354 static int ospf_make_db_desc(struct ospf_interface *oi,
3355 struct ospf_neighbor *nbr, struct stream *s)
3356 {
3357 struct ospf_lsa *lsa;
3358 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3359 uint8_t options;
3360 unsigned long pp;
3361 int i;
3362 struct ospf_lsdb *lsdb;
3363
3364 /* Set Interface MTU. */
3365 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3366 stream_putw(s, 0);
3367 else
3368 stream_putw(s, oi->ifp->mtu);
3369
3370 /* Set Options. */
3371 options = OPTIONS(oi);
3372 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3373 SET_FLAG(options, OSPF_OPTION_O);
3374 stream_putc(s, options);
3375
3376 /* DD flags */
3377 pp = stream_get_endp(s);
3378 stream_putc(s, nbr->dd_flags);
3379
3380 /* Set DD Sequence Number. */
3381 stream_putl(s, nbr->dd_seqnum);
3382
3383 /* shortcut unneeded walk of (empty) summary LSDBs */
3384 if (ospf_db_summary_isempty(nbr))
3385 goto empty;
3386
3387 /* Describe LSA Header from Database Summary List. */
3388 lsdb = &nbr->db_sum;
3389
3390 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3391 struct route_table *table = lsdb->type[i].db;
3392 struct route_node *rn;
3393
3394 for (rn = route_top(table); rn; rn = route_next(rn))
3395 if ((lsa = rn->info) != NULL) {
3396 if (IS_OPAQUE_LSA(lsa->data->type)
3397 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3398 /* Suppress advertising
3399 * opaque-information. */
3400 /* Remove LSA from DB summary list. */
3401 ospf_lsdb_delete(lsdb, lsa);
3402 continue;
3403 }
3404
3405 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3406 struct lsa_header *lsah;
3407 uint16_t ls_age;
3408
3409 /* DD packet overflows interface MTU. */
3410 if (length + OSPF_LSA_HEADER_SIZE
3411 > ospf_packet_max(oi))
3412 break;
3413
3414 /* Keep pointer to LS age. */
3415 lsah = (struct lsa_header
3416 *)(STREAM_DATA(s)
3417 + stream_get_endp(
3418 s));
3419
3420 /* Proceed stream pointer. */
3421 stream_put(s, lsa->data,
3422 OSPF_LSA_HEADER_SIZE);
3423 length += OSPF_LSA_HEADER_SIZE;
3424
3425 /* Set LS age. */
3426 ls_age = LS_AGE(lsa);
3427 lsah->ls_age = htons(ls_age);
3428 }
3429
3430 /* Remove LSA from DB summary list. */
3431 ospf_lsdb_delete(lsdb, lsa);
3432 }
3433 }
3434
3435 /* Update 'More' bit */
3436 if (ospf_db_summary_isempty(nbr)) {
3437 empty:
3438 if (nbr->state >= NSM_Exchange) {
3439 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3440 /* Rewrite DD flags */
3441 stream_putc_at(s, pp, nbr->dd_flags);
3442 } else {
3443 assert(IS_SET_DD_M(nbr->dd_flags));
3444 }
3445 }
3446 return length;
3447 }
3448
3449 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3450 unsigned long delta, struct ospf_neighbor *nbr,
3451 struct ospf_lsa *lsa)
3452 {
3453 struct ospf_interface *oi;
3454
3455 oi = nbr->oi;
3456
3457 /* LS Request packet overflows interface MTU
3458 * delta is just number of bytes required for 1 LS Req
3459 * ospf_packet_max will return the number of bytes can
3460 * be accomodated without ospf header. So length+delta
3461 * can be compared to ospf_packet_max
3462 * to check if it can fit another lsreq in the same packet.
3463 */
3464
3465 if (*length + delta > ospf_packet_max(oi))
3466 return 0;
3467
3468 stream_putl(s, lsa->data->type);
3469 stream_put_ipv4(s, lsa->data->id.s_addr);
3470 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3471
3472 ospf_lsa_unlock(&nbr->ls_req_last);
3473 nbr->ls_req_last = ospf_lsa_lock(lsa);
3474
3475 *length += 12;
3476 return 1;
3477 }
3478
3479 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3480 {
3481 struct ospf_lsa *lsa;
3482 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3483 unsigned long delta = 12;
3484 struct route_table *table;
3485 struct route_node *rn;
3486 int i;
3487 struct ospf_lsdb *lsdb;
3488
3489 lsdb = &nbr->ls_req;
3490
3491 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3492 table = lsdb->type[i].db;
3493 for (rn = route_top(table); rn; rn = route_next(rn))
3494 if ((lsa = (rn->info)) != NULL)
3495 if (ospf_make_ls_req_func(s, &length, delta,
3496 nbr, lsa)
3497 == 0) {
3498 route_unlock_node(rn);
3499 break;
3500 }
3501 }
3502 return length;
3503 }
3504
3505 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3506 {
3507 int age;
3508
3509 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3510
3511 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3512 }
3513
3514 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3515 struct stream *s)
3516 {
3517 struct ospf_lsa *lsa;
3518 struct listnode *node;
3519 uint16_t length = 0;
3520 unsigned int size_noauth;
3521 unsigned long delta = stream_get_endp(s);
3522 unsigned long pp;
3523 int count = 0;
3524
3525 if (IS_DEBUG_OSPF_EVENT)
3526 zlog_debug("ospf_make_ls_upd: Start");
3527
3528 pp = stream_get_endp(s);
3529 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3530 length += OSPF_LS_UPD_MIN_SIZE;
3531
3532 /* Calculate amount of packet usable for data. */
3533 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3534
3535 while ((node = listhead(update)) != NULL) {
3536 struct lsa_header *lsah;
3537 uint16_t ls_age;
3538
3539 if (IS_DEBUG_OSPF_EVENT)
3540 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3541 count);
3542
3543 lsa = listgetdata(node);
3544
3545 assert(lsa->data);
3546
3547 /* Will it fit? Minimum it has to fit atleast one */
3548 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3549 (count > 0))
3550 break;
3551
3552 /* Keep pointer to LS age. */
3553 lsah = (struct lsa_header *)(STREAM_DATA(s)
3554 + stream_get_endp(s));
3555
3556 /* Put LSA to Link State Request. */
3557 stream_put(s, lsa->data, ntohs(lsa->data->length));
3558
3559 /* Set LS age. */
3560 /* each hop must increment an lsa_age by transmit_delay
3561 of OSPF interface */
3562 ls_age = ls_age_increment(lsa,
3563 OSPF_IF_PARAM(oi, transmit_delay));
3564 lsah->ls_age = htons(ls_age);
3565
3566 length += ntohs(lsa->data->length);
3567 count++;
3568
3569 list_delete_node(update, node);
3570 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3571 }
3572
3573 /* Now set #LSAs. */
3574 stream_putl_at(s, pp, count);
3575
3576 if (IS_DEBUG_OSPF_EVENT)
3577 zlog_debug("ospf_make_ls_upd: Stop");
3578 return length;
3579 }
3580
3581 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3582 struct stream *s)
3583 {
3584 struct listnode *node, *nnode;
3585 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3586 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3587 struct ospf_lsa *lsa;
3588
3589 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3590 assert(lsa);
3591
3592 /* LS Ack packet overflows interface MTU
3593 * delta is just number of bytes required for
3594 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3595 * the number of bytes can be accomodated without
3596 * ospf header. So length+delta can be compared
3597 * against ospf_packet_max to check if it can fit
3598 * another ls header in the same packet.
3599 */
3600 if ((length + delta) > ospf_packet_max(oi))
3601 break;
3602
3603 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3604 length += OSPF_LSA_HEADER_SIZE;
3605
3606 listnode_delete(ack, lsa);
3607 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3608 }
3609
3610 return length;
3611 }
3612
3613 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3614 {
3615 struct ospf_packet *op;
3616 uint16_t length = OSPF_HEADER_SIZE;
3617
3618 op = ospf_packet_new(oi->ifp->mtu);
3619
3620 /* Prepare OSPF common header. */
3621 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3622
3623 /* Prepare OSPF Hello body. */
3624 length += ospf_make_hello(oi, op->s);
3625 if (length == OSPF_HEADER_SIZE) {
3626 /* Hello overshooting MTU */
3627 ospf_packet_free(op);
3628 return;
3629 }
3630
3631 /* Fill OSPF header. */
3632 ospf_fill_header(oi, op->s, length);
3633
3634 /* Set packet length. */
3635 op->length = length;
3636
3637 op->dst.s_addr = addr;
3638
3639 if (IS_DEBUG_OSPF_EVENT) {
3640 if (oi->ospf->vrf_id)
3641 zlog_debug(
3642 "%s: Hello Tx interface %s ospf vrf %s id %u",
3643 __PRETTY_FUNCTION__, oi->ifp->name,
3644 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3645 oi->ospf->vrf_id);
3646 }
3647 /* Add packet to the top of the interface output queue, so that they
3648 * can't get delayed by things like long queues of LS Update packets
3649 */
3650 ospf_packet_add_top(oi, op);
3651
3652 /* Hook thread to write packet. */
3653 OSPF_ISM_WRITE_ON(oi->ospf);
3654 }
3655
3656 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3657 {
3658 struct ospf_interface *oi;
3659
3660 oi = nbr_nbma->oi;
3661 assert(oi);
3662
3663 /* If this is passive interface, do not send OSPF Hello. */
3664 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3665 return;
3666
3667 if (oi->type != OSPF_IFTYPE_NBMA)
3668 return;
3669
3670 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3671 return;
3672
3673 if (PRIORITY(oi) == 0)
3674 return;
3675
3676 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3677 && oi->state != ISM_Backup)
3678 return;
3679
3680 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3681 }
3682
3683 int ospf_poll_timer(struct thread *thread)
3684 {
3685 struct ospf_nbr_nbma *nbr_nbma;
3686
3687 nbr_nbma = THREAD_ARG(thread);
3688 nbr_nbma->t_poll = NULL;
3689
3690 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3691 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3692 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3693
3694 ospf_poll_send(nbr_nbma);
3695
3696 if (nbr_nbma->v_poll > 0)
3697 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3698 nbr_nbma->v_poll);
3699
3700 return 0;
3701 }
3702
3703
3704 int ospf_hello_reply_timer(struct thread *thread)
3705 {
3706 struct ospf_neighbor *nbr;
3707
3708 nbr = THREAD_ARG(thread);
3709 nbr->t_hello_reply = NULL;
3710
3711 assert(nbr->oi);
3712
3713 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3714 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3715 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3716
3717 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3718
3719 return 0;
3720 }
3721
3722 /* Send OSPF Hello. */
3723 void ospf_hello_send(struct ospf_interface *oi)
3724 {
3725 /* If this is passive interface, do not send OSPF Hello. */
3726 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3727 return;
3728
3729 if (oi->type == OSPF_IFTYPE_NBMA) {
3730 struct ospf_neighbor *nbr;
3731 struct route_node *rn;
3732
3733 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3734 if ((nbr = rn->info))
3735 if (nbr != oi->nbr_self)
3736 if (nbr->state != NSM_Down) {
3737 /* RFC 2328 Section 9.5.1
3738 If the router is not
3739 eligible to become Designated
3740 Router,
3741 it must periodically send
3742 Hello Packets to both the
3743 Designated Router and the
3744 Backup Designated Router (if
3745 they
3746 exist). */
3747 if (PRIORITY(oi) == 0
3748 && IPV4_ADDR_CMP(
3749 &DR(oi),
3750 &nbr->address.u
3751 .prefix4)
3752 && IPV4_ADDR_CMP(
3753 &BDR(oi),
3754 &nbr->address.u
3755 .prefix4))
3756 continue;
3757
3758 /* If the router is eligible to
3759 become Designated Router, it
3760 must periodically send Hello
3761 Packets to all neighbors that
3762 are also eligible. In
3763 addition, if the router is
3764 itself the
3765 Designated Router or Backup
3766 Designated Router, it must
3767 also
3768 send periodic Hello Packets
3769 to all other neighbors. */
3770
3771 if (nbr->priority == 0
3772 && oi->state == ISM_DROther)
3773 continue;
3774 /* if oi->state == Waiting, send
3775 * hello to all neighbors */
3776 ospf_hello_send_sub(
3777 oi,
3778 nbr->address.u.prefix4
3779 .s_addr);
3780 }
3781 } else {
3782 /* Decide destination address. */
3783 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3784 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3785 else
3786 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3787 }
3788 }
3789
3790 /* Send OSPF Database Description. */
3791 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3792 {
3793 struct ospf_interface *oi;
3794 struct ospf_packet *op;
3795 uint16_t length = OSPF_HEADER_SIZE;
3796
3797 oi = nbr->oi;
3798 op = ospf_packet_new(oi->ifp->mtu);
3799
3800 /* Prepare OSPF common header. */
3801 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3802
3803 /* Prepare OSPF Database Description body. */
3804 length += ospf_make_db_desc(oi, nbr, op->s);
3805
3806 /* Fill OSPF header. */
3807 ospf_fill_header(oi, op->s, length);
3808
3809 /* Set packet length. */
3810 op->length = length;
3811
3812 /* Decide destination address. */
3813 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3814 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3815 else
3816 op->dst = nbr->address.u.prefix4;
3817
3818 /* Add packet to the interface output queue. */
3819 ospf_packet_add(oi, op);
3820
3821 /* Hook thread to write packet. */
3822 OSPF_ISM_WRITE_ON(oi->ospf);
3823
3824 /* Remove old DD packet, then copy new one and keep in neighbor
3825 * structure. */
3826 if (nbr->last_send)
3827 ospf_packet_free(nbr->last_send);
3828 nbr->last_send = ospf_packet_dup(op);
3829 monotime(&nbr->last_send_ts);
3830 }
3831
3832 /* Re-send Database Description. */
3833 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3834 {
3835 struct ospf_interface *oi;
3836
3837 oi = nbr->oi;
3838
3839 /* Add packet to the interface output queue. */
3840 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3841
3842 /* Hook thread to write packet. */
3843 OSPF_ISM_WRITE_ON(oi->ospf);
3844 }
3845
3846 /* Send Link State Request. */
3847 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3848 {
3849 struct ospf_interface *oi;
3850 struct ospf_packet *op;
3851 uint16_t length = OSPF_HEADER_SIZE;
3852
3853 oi = nbr->oi;
3854 op = ospf_packet_new(oi->ifp->mtu);
3855
3856 /* Prepare OSPF common header. */
3857 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3858
3859 /* Prepare OSPF Link State Request body. */
3860 length += ospf_make_ls_req(nbr, op->s);
3861 if (length == OSPF_HEADER_SIZE) {
3862 ospf_packet_free(op);
3863 return;
3864 }
3865
3866 /* Fill OSPF header. */
3867 ospf_fill_header(oi, op->s, length);
3868
3869 /* Set packet length. */
3870 op->length = length;
3871
3872 /* Decide destination address. */
3873 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3874 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3875 else
3876 op->dst = nbr->address.u.prefix4;
3877
3878 /* Add packet to the interface output queue. */
3879 ospf_packet_add(oi, op);
3880
3881 /* Hook thread to write packet. */
3882 OSPF_ISM_WRITE_ON(oi->ospf);
3883
3884 /* Add Link State Request Retransmission Timer. */
3885 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3886 }
3887
3888 /* Send Link State Update with an LSA. */
3889 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3890 int flag)
3891 {
3892 struct list *update;
3893
3894 update = list_new();
3895
3896 listnode_add(update, lsa);
3897
3898 /*ospf instance is going down, send self originated
3899 * MAXAGE LSA update to neighbors to remove from LSDB */
3900 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3901 ospf_ls_upd_send(nbr, update, flag, 1);
3902 else
3903 ospf_ls_upd_send(nbr, update, flag, 0);
3904
3905 list_delete(&update);
3906 }
3907
3908 /* Determine size for packet. Must be at least big enough to accomodate next
3909 * LSA on list, which may be bigger than MTU size.
3910 *
3911 * Return pointer to new ospf_packet
3912 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3913 * on packet sizes (in which case offending LSA is deleted from update list)
3914 */
3915 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3916 struct ospf_interface *oi)
3917 {
3918 struct ospf_lsa *lsa;
3919 struct listnode *ln;
3920 size_t size;
3921 static char warned = 0;
3922
3923 lsa = listgetdata((ln = listhead(update)));
3924 assert(lsa->data);
3925
3926 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3927 > ospf_packet_max(oi)) {
3928 if (!warned) {
3929 flog_warn(
3930 EC_OSPF_LARGE_LSA,
3931 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3932 "will need to fragment. Not optimal. Try divide up"
3933 " your network with areas. Use 'debug ospf packet send'"
3934 " to see details, or look at 'show ip ospf database ..'");
3935 warned = 1;
3936 }
3937
3938 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3939 zlog_debug(
3940 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3941 " %d bytes originated by %s, will be fragmented!",
3942 inet_ntoa(lsa->data->id),
3943 ntohs(lsa->data->length),
3944 inet_ntoa(lsa->data->adv_router));
3945
3946 /*
3947 * Allocate just enough to fit this LSA only, to avoid including
3948 * other
3949 * LSAs in fragmented LSA Updates.
3950 */
3951 size = ntohs(lsa->data->length)
3952 + (oi->ifp->mtu - ospf_packet_max(oi))
3953 + OSPF_LS_UPD_MIN_SIZE;
3954 } else
3955 size = oi->ifp->mtu;
3956
3957 if (size > OSPF_MAX_PACKET_SIZE) {
3958 flog_warn(EC_OSPF_LARGE_LSA,
3959 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3960 " %d bytes, packet size %ld, dropping it completely."
3961 " OSPF routing is broken!",
3962 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3963 (long int)size);
3964 list_delete_node(update, ln);
3965 return NULL;
3966 }
3967
3968 /* IP header is built up separately by ospf_write(). This means, that we
3969 * must
3970 * reduce the "affordable" size just calculated by length of an IP
3971 * header.
3972 * This makes sure, that even if we manage to fill the payload with LSA
3973 * data
3974 * completely, the final packet (our data plus IP header) still fits
3975 * into
3976 * outgoing interface MTU. This correction isn't really meaningful for
3977 * an
3978 * oversized LSA, but for consistency the correction is done for both
3979 * cases.
3980 *
3981 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3982 */
3983 return ospf_packet_new(size - sizeof(struct ip));
3984 }
3985
3986 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3987 struct list *update, struct in_addr addr,
3988 int send_lsupd_now)
3989 {
3990 struct ospf_packet *op;
3991 uint16_t length = OSPF_HEADER_SIZE;
3992
3993 if (IS_DEBUG_OSPF_EVENT)
3994 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3995 IF_NAME(oi), inet_ntoa(addr));
3996
3997 /* Check that we have really something to process */
3998 if (listcount(update) == 0)
3999 return;
4000
4001 op = ospf_ls_upd_packet_new(update, oi);
4002
4003 /* Prepare OSPF common header. */
4004 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4005
4006 /* Prepare OSPF Link State Update body.
4007 * Includes Type-7 translation.
4008 */
4009 length += ospf_make_ls_upd(oi, update, op->s);
4010
4011 /* Fill OSPF header. */
4012 ospf_fill_header(oi, op->s, length);
4013
4014 /* Set packet length. */
4015 op->length = length;
4016
4017 /* Decide destination address. */
4018 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4019 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4020 else
4021 op->dst.s_addr = addr.s_addr;
4022
4023 /* Add packet to the interface output queue. */
4024 ospf_packet_add(oi, op);
4025 /* Call ospf_write() right away to send ospf packets to neighbors */
4026 if (send_lsupd_now) {
4027 struct thread os_packet_thd;
4028
4029 os_packet_thd.arg = (void *)oi->ospf;
4030 if (oi->on_write_q == 0) {
4031 listnode_add(oi->ospf->oi_write_q, oi);
4032 oi->on_write_q = 1;
4033 }
4034 ospf_write(&os_packet_thd);
4035 } else {
4036 /* Hook thread to write packet. */
4037 OSPF_ISM_WRITE_ON(oi->ospf);
4038 }
4039 }
4040
4041 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4042 {
4043 struct ospf_interface *oi = THREAD_ARG(thread);
4044 struct route_node *rn;
4045 struct route_node *rnext;
4046 struct list *update;
4047 char again = 0;
4048
4049 oi->t_ls_upd_event = NULL;
4050
4051 if (IS_DEBUG_OSPF_EVENT)
4052 zlog_debug("ospf_ls_upd_send_queue start");
4053
4054 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4055 rnext = route_next(rn);
4056
4057 if (rn->info == NULL)
4058 continue;
4059
4060 update = (struct list *)rn->info;
4061
4062 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4063
4064 /* list might not be empty. */
4065 if (listcount(update) == 0) {
4066 list_delete((struct list **)&rn->info);
4067 route_unlock_node(rn);
4068 } else
4069 again = 1;
4070 }
4071
4072 if (again != 0) {
4073 if (IS_DEBUG_OSPF_EVENT)
4074 zlog_debug(
4075 "ospf_ls_upd_send_queue: update lists not cleared,"
4076 " %d nodes to try again, raising new event",
4077 again);
4078 oi->t_ls_upd_event = NULL;
4079 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4080 &oi->t_ls_upd_event);
4081 }
4082
4083 if (IS_DEBUG_OSPF_EVENT)
4084 zlog_debug("ospf_ls_upd_send_queue stop");
4085
4086 return 0;
4087 }
4088
4089 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4090 int send_lsupd_now)
4091 {
4092 struct ospf_interface *oi;
4093 struct ospf_lsa *lsa;
4094 struct prefix_ipv4 p;
4095 struct route_node *rn;
4096 struct listnode *node;
4097
4098 oi = nbr->oi;
4099
4100 p.family = AF_INET;
4101 p.prefixlen = IPV4_MAX_BITLEN;
4102
4103 /* Decide destination address. */
4104 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4105 p.prefix = oi->vl_data->peer_addr;
4106 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4107 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4108 else if (flag == OSPF_SEND_PACKET_DIRECT)
4109 p.prefix = nbr->address.u.prefix4;
4110 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4111 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4112 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4113 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4114 else
4115 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4116
4117 if (oi->type == OSPF_IFTYPE_NBMA) {
4118 if (flag == OSPF_SEND_PACKET_INDIRECT)
4119 flog_warn(
4120 EC_OSPF_PACKET,
4121 "* LS-Update is directly sent on NBMA network.");
4122 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4123 flog_warn(EC_OSPF_PACKET,
4124 "* LS-Update is sent to myself.");
4125 }
4126
4127 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4128
4129 if (rn->info == NULL)
4130 rn->info = list_new();
4131 else
4132 route_unlock_node(rn);
4133
4134 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4135 listnode_add(rn->info,
4136 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4137 if (send_lsupd_now) {
4138 struct list *send_update_list;
4139 struct route_node *rnext;
4140
4141 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4142 rnext = route_next(rn);
4143
4144 if (rn->info == NULL)
4145 continue;
4146
4147 send_update_list = (struct list *)rn->info;
4148
4149 ospf_ls_upd_queue_send(oi, send_update_list,
4150 rn->p.u.prefix4, 1);
4151 }
4152 } else
4153 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4154 &oi->t_ls_upd_event);
4155 }
4156
4157 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4158 struct in_addr dst)
4159 {
4160 struct ospf_packet *op;
4161 uint16_t length = OSPF_HEADER_SIZE;
4162
4163 op = ospf_packet_new(oi->ifp->mtu);
4164
4165 /* Prepare OSPF common header. */
4166 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4167
4168 /* Prepare OSPF Link State Acknowledgment body. */
4169 length += ospf_make_ls_ack(oi, ack, op->s);
4170
4171 /* Fill OSPF header. */
4172 ospf_fill_header(oi, op->s, length);
4173
4174 /* Set packet length. */
4175 op->length = length;
4176
4177 /* Decide destination address. */
4178 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4179 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4180 else
4181 op->dst.s_addr = dst.s_addr;
4182
4183 /* Add packet to the interface output queue. */
4184 ospf_packet_add(oi, op);
4185
4186 /* Hook thread to write packet. */
4187 OSPF_ISM_WRITE_ON(oi->ospf);
4188 }
4189
4190 static int ospf_ls_ack_send_event(struct thread *thread)
4191 {
4192 struct ospf_interface *oi = THREAD_ARG(thread);
4193
4194 oi->t_ls_ack_direct = NULL;
4195
4196 while (listcount(oi->ls_ack_direct.ls_ack))
4197 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4198 oi->ls_ack_direct.dst);
4199
4200 return 0;
4201 }
4202
4203 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4204 {
4205 struct ospf_interface *oi = nbr->oi;
4206
4207 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4208 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4209
4210 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4211
4212 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4213 &oi->t_ls_ack_direct);
4214 }
4215
4216 /* Send Link State Acknowledgment delayed. */
4217 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4218 {
4219 struct in_addr dst;
4220
4221 /* Decide destination address. */
4222 /* RFC2328 Section 13.5 On non-broadcast
4223 networks, delayed Link State Acknowledgment packets must be
4224 unicast separately over each adjacency (i.e., neighbor whose
4225 state is >= Exchange). */
4226 if (oi->type == OSPF_IFTYPE_NBMA) {
4227 struct ospf_neighbor *nbr;
4228 struct route_node *rn;
4229
4230 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4231 if ((nbr = rn->info) != NULL)
4232 if (nbr != oi->nbr_self
4233 && nbr->state >= NSM_Exchange)
4234 while (listcount(oi->ls_ack))
4235 ospf_ls_ack_send_list(
4236 oi, oi->ls_ack,
4237 nbr->address.u.prefix4);
4238 return;
4239 }
4240 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4241 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4242 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4243 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4244 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4245 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4246 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4247 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4248 else
4249 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4250
4251 while (listcount(oi->ls_ack))
4252 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4253 }
4254
4255 /*
4256 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4257 * address. As a result, the kernel does not need to learn the interface
4258 * MAC of the OSPF neighbor. However, in our world, this will delay
4259 * convergence. Take the case when due to a link flap, all routes now
4260 * want to use an interface which was deemed to be costlier prior to this
4261 * event. For routes that will be installed, the missing MAC will have
4262 * punt-to-CPU set on them. This may overload the CPU control path that
4263 * can be avoided if the MAC was known apriori.
4264 */
4265 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4266 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4267 {
4268 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4269 int ret;
4270
4271 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4272 return;
4273
4274 snprintf(ping_nbr, sizeof(ping_nbr),
4275 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4276 inet_ntoa(nbr->address.u.prefix4));
4277
4278 ret = system(ping_nbr);
4279 if (IS_DEBUG_OSPF_EVENT)
4280 zlog_debug("Executed %s %s", ping_nbr,
4281 ((ret == 0) ? "successfully" : "but failed"));
4282 }
FRRouting mirror