]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ospfd: Modify ospf_packet.c to use new error-cards subsystem
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38 #include "lib_errors.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53 #include "ospfd/ospf_errors.h"
54
55 /*
56 * OSPF Fragmentation / fragmented writes
57 *
58 * ospfd can support writing fragmented packets, for cases where
59 * kernel will not fragment IP_HDRINCL and/or multicast destined
60 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
61 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
62 * flags fields, hence user-space fragmentation will not work.
63 * Only Linux is known to leave IP header unmolested.
64 * Further, fragmentation really should be done the kernel, which already
65 * supports it, and which avoids nasty IP ID state problems.
66 *
67 * Fragmentation of OSPF packets can be required on networks with router
68 * with many many interfaces active in one area, or on networks with links
69 * with low MTUs.
70 */
71 #ifdef GNU_LINUX
72 #define WANT_OSPF_WRITE_FRAGMENT
73 #endif
74
75 /* Packet Type String. */
76 const struct message ospf_packet_type_str[] = {
77 {OSPF_MSG_HELLO, "Hello"},
78 {OSPF_MSG_DB_DESC, "Database Description"},
79 {OSPF_MSG_LS_REQ, "Link State Request"},
80 {OSPF_MSG_LS_UPD, "Link State Update"},
81 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
82 {0}};
83
84 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
85 particular types, offset is the "type" field of a packet. */
86 static const uint16_t ospf_packet_minlen[] = {
87 0,
88 OSPF_HELLO_MIN_SIZE,
89 OSPF_DB_DESC_MIN_SIZE,
90 OSPF_LS_REQ_MIN_SIZE,
91 OSPF_LS_UPD_MIN_SIZE,
92 OSPF_LS_ACK_MIN_SIZE,
93 };
94
95 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
96 types, offset is the "LSA type" field. */
97 static const uint16_t ospf_lsa_minlen[] = {
98 0,
99 OSPF_ROUTER_LSA_MIN_SIZE,
100 OSPF_NETWORK_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_SUMMARY_LSA_MIN_SIZE,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 0,
108 0,
109 0,
110 };
111
112 /* for ospf_check_auth() */
113 static int ospf_check_sum(struct ospf_header *);
114
115 /* OSPF authentication checking function */
116 static int ospf_auth_type(struct ospf_interface *oi)
117 {
118 int auth_type;
119
120 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
121 auth_type = oi->area->auth_type;
122 else
123 auth_type = OSPF_IF_PARAM(oi, auth_type);
124
125 /* Handle case where MD5 key list is not configured aka Cisco */
126 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
127 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
128 return OSPF_AUTH_NULL;
129
130 return auth_type;
131 }
132
133 struct ospf_packet *ospf_packet_new(size_t size)
134 {
135 struct ospf_packet *new;
136
137 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
138 new->s = stream_new(size);
139
140 return new;
141 }
142
143 void ospf_packet_free(struct ospf_packet *op)
144 {
145 if (op->s)
146 stream_free(op->s);
147
148 XFREE(MTYPE_OSPF_PACKET, op);
149 }
150
151 struct ospf_fifo *ospf_fifo_new()
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 flog_err(
236 OSPF_ERR_PKT_PROCESS,
237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
247
248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
257 {
258 if (!oi->obuf) {
259 flog_err(
260 OSPF_ERR_PKT_PROCESS,
261 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
262 "destination %s) called with NULL obuf, ignoring "
263 "(please report this bug)!\n",
264 IF_NAME(oi), oi->state,
265 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
266 lookup_msg(ospf_packet_type_str,
267 stream_getc_from(op->s, 1), NULL),
268 inet_ntoa(op->dst));
269 return;
270 }
271
272 /* Add packet to head of queue. */
273 ospf_fifo_push_head(oi->obuf, op);
274
275 /* Debug of packet fifo*/
276 /* ospf_fifo_debug (oi->obuf); */
277 }
278
279 void ospf_packet_delete(struct ospf_interface *oi)
280 {
281 struct ospf_packet *op;
282
283 op = ospf_fifo_pop(oi->obuf);
284
285 if (op)
286 ospf_packet_free(op);
287 }
288
289 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
290 {
291 struct ospf_packet *new;
292
293 if (stream_get_endp(op->s) != op->length)
294 /* XXX size_t */
295 zlog_debug(
296 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
297 (unsigned long)STREAM_SIZE(op->s), op->length);
298
299 /* Reserve space for MD5 authentication that may be added later. */
300 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
301 stream_copy(new->s, op->s);
302
303 new->dst = op->dst;
304 new->length = op->length;
305
306 return new;
307 }
308
309 /* XXX inline */
310 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
311 {
312 int auth = 0;
313
314 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
315 auth = OSPF_AUTH_MD5_SIZE;
316
317 return auth;
318 }
319
320 static unsigned int ospf_packet_max(struct ospf_interface *oi)
321 {
322 int max;
323
324 max = oi->ifp->mtu - ospf_packet_authspace(oi);
325
326 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
327
328 return max;
329 }
330
331
332 static int ospf_check_md5_digest(struct ospf_interface *oi,
333 struct ospf_header *ospfh)
334 {
335 MD5_CTX ctx;
336 unsigned char digest[OSPF_AUTH_MD5_SIZE];
337 struct crypt_key *ck;
338 struct ospf_neighbor *nbr;
339 uint16_t length = ntohs(ospfh->length);
340
341 /* Get secret key. */
342 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
343 ospfh->u.crypt.key_id);
344 if (ck == NULL) {
345 flog_warn(OSPF_WARN_MD5,
346 "interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
347 ospfh->u.crypt.key_id);
348 return 0;
349 }
350
351 /* check crypto seqnum. */
352 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
353
354 if (nbr
355 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
356 flog_warn(
357 OSPF_WARN_MD5,
358 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
359 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
360 ntohl(nbr->crypt_seqnum));
361 return 0;
362 }
363
364 /* Generate a digest for the ospf packet - their digest + our digest. */
365 memset(&ctx, 0, sizeof(ctx));
366 MD5Init(&ctx);
367 MD5Update(&ctx, ospfh, length);
368 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
369 MD5Final(digest, &ctx);
370
371 /* compare the two */
372 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
373 flog_warn(OSPF_WARN_MD5,
374 "interface %s: ospf_check_md5 checksum mismatch",
375 IF_NAME(oi));
376 return 0;
377 }
378
379 /* save neighbor's crypt_seqnum */
380 if (nbr)
381 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
382 return 1;
383 }
384
385 /* This function is called from ospf_write(), it will detect the
386 authentication scheme and if it is MD5, it will change the sequence
387 and update the MD5 digest. */
388 static int ospf_make_md5_digest(struct ospf_interface *oi,
389 struct ospf_packet *op)
390 {
391 struct ospf_header *ospfh;
392 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
393 MD5_CTX ctx;
394 void *ibuf;
395 uint32_t t;
396 struct crypt_key *ck;
397 const uint8_t *auth_key;
398
399 ibuf = STREAM_DATA(op->s);
400 ospfh = (struct ospf_header *)ibuf;
401
402 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
403 return 0;
404
405 /* We do this here so when we dup a packet, we don't have to
406 waste CPU rewriting other headers.
407
408 Note that quagga_time /deliberately/ is not used here */
409 t = (time(NULL) & 0xFFFFFFFF);
410 if (t > oi->crypt_seqnum)
411 oi->crypt_seqnum = t;
412 else
413 oi->crypt_seqnum++;
414
415 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
416
417 /* Get MD5 Authentication key from auth_key list. */
418 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
419 auth_key = (const uint8_t *)digest;
420 else {
421 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
422 auth_key = ck->auth_key;
423 }
424
425 /* Generate a digest for the entire packet + our secret key. */
426 memset(&ctx, 0, sizeof(ctx));
427 MD5Init(&ctx);
428 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
429 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
430 MD5Final(digest, &ctx);
431
432 /* Append md5 digest to the end of the stream. */
433 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
434
435 /* We do *NOT* increment the OSPF header length. */
436 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
437
438 if (stream_get_endp(op->s) != op->length)
439 /* XXX size_t */
440 flog_warn(
441 OSPF_WARN_MD5,
442 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
443 (unsigned long)stream_get_endp(op->s), op->length);
444
445 return OSPF_AUTH_MD5_SIZE;
446 }
447
448
449 static int ospf_ls_req_timer(struct thread *thread)
450 {
451 struct ospf_neighbor *nbr;
452
453 nbr = THREAD_ARG(thread);
454 nbr->t_ls_req = NULL;
455
456 /* Send Link State Request. */
457 if (ospf_ls_request_count(nbr))
458 ospf_ls_req_send(nbr);
459
460 /* Set Link State Request retransmission timer. */
461 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
462
463 return 0;
464 }
465
466 void ospf_ls_req_event(struct ospf_neighbor *nbr)
467 {
468 if (nbr->t_ls_req) {
469 thread_cancel(nbr->t_ls_req);
470 nbr->t_ls_req = NULL;
471 }
472 nbr->t_ls_req = NULL;
473 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
474 }
475
476 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
477 ospf_neighbor.c */
478 int ospf_ls_upd_timer(struct thread *thread)
479 {
480 struct ospf_neighbor *nbr;
481
482 nbr = THREAD_ARG(thread);
483 nbr->t_ls_upd = NULL;
484
485 /* Send Link State Update. */
486 if (ospf_ls_retransmit_count(nbr) > 0) {
487 struct list *update;
488 struct ospf_lsdb *lsdb;
489 int i;
490 int retransmit_interval;
491
492 retransmit_interval =
493 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
494
495 lsdb = &nbr->ls_rxmt;
496 update = list_new();
497
498 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
499 struct route_table *table = lsdb->type[i].db;
500 struct route_node *rn;
501
502 for (rn = route_top(table); rn; rn = route_next(rn)) {
503 struct ospf_lsa *lsa;
504
505 if ((lsa = rn->info) != NULL) {
506 /* Don't retransmit an LSA if we
507 received it within
508 the last RxmtInterval seconds - this
509 is to allow the
510 neighbour a chance to acknowledge the
511 LSA as it may
512 have ben just received before the
513 retransmit timer
514 fired. This is a small tweak to what
515 is in the RFC,
516 but it will cut out out a lot of
517 retransmit traffic
518 - MAG */
519 if (monotime_since(&lsa->tv_recv, NULL)
520 >= retransmit_interval * 1000000LL)
521 listnode_add(update, rn->info);
522 }
523 }
524 }
525
526 if (listcount(update) > 0)
527 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
528 0);
529 list_delete_and_null(&update);
530 }
531
532 /* Set LS Update retransmission timer. */
533 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
534
535 return 0;
536 }
537
538 int ospf_ls_ack_timer(struct thread *thread)
539 {
540 struct ospf_interface *oi;
541
542 oi = THREAD_ARG(thread);
543 oi->t_ls_ack = NULL;
544
545 /* Send Link State Acknowledgment. */
546 if (listcount(oi->ls_ack) > 0)
547 ospf_ls_ack_send_delayed(oi);
548
549 /* Set LS Ack timer. */
550 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
551
552 return 0;
553 }
554
555 #ifdef WANT_OSPF_WRITE_FRAGMENT
556 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
557 struct msghdr *msg, unsigned int maxdatasize,
558 unsigned int mtu, int flags, uint8_t type)
559 {
560 #define OSPF_WRITE_FRAG_SHIFT 3
561 uint16_t offset;
562 struct iovec *iovp;
563 int ret;
564
565 assert(op->length == stream_get_endp(op->s));
566 assert(msg->msg_iovlen == 2);
567
568 /* we can but try.
569 *
570 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
571 * well as the IP_MF flag, making this all quite pointless.
572 *
573 * However, for a system on which IP_MF is left alone, and ip_id left
574 * alone or else which sets same ip_id for each fragment this might
575 * work, eg linux.
576 *
577 * XXX-TODO: It would be much nicer to have the kernel's use their
578 * existing fragmentation support to do this for us. Bugs/RFEs need to
579 * be raised against the various kernels.
580 */
581
582 /* set More Frag */
583 iph->ip_off |= IP_MF;
584
585 /* ip frag offset is expressed in units of 8byte words */
586 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
587
588 iovp = &msg->msg_iov[1];
589
590 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
591 > maxdatasize) {
592 /* data length of this frag is to next offset value */
593 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
594 iph->ip_len = iovp->iov_len + sizeof(struct ip);
595 assert(iph->ip_len <= mtu);
596
597 sockopt_iphdrincl_swab_htosys(iph);
598
599 ret = sendmsg(fd, msg, flags);
600
601 sockopt_iphdrincl_swab_systoh(iph);
602
603 if (ret < 0)
604 flog_err(
605 LIB_ERR_SOCKET,
606 "*** ospf_write_frags: sendmsg failed to %s,"
607 " id %d, off %d, len %d, mtu %u failed with %s",
608 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
609 iph->ip_len, mtu, safe_strerror(errno));
610
611 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
612 zlog_debug(
613 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
614 iph->ip_id, iph->ip_off, iph->ip_len,
615 inet_ntoa(iph->ip_dst));
616 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
617 zlog_debug(
618 "-----------------IP Header Dump----------------------");
619 ospf_ip_header_dump(iph);
620 zlog_debug(
621 "-----------------------------------------------------");
622 }
623 }
624
625 iph->ip_off += offset;
626 stream_forward_getp(op->s, iovp->iov_len);
627 iovp->iov_base = stream_pnt(op->s);
628 }
629
630 /* setup for final fragment */
631 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
632 iph->ip_len = iovp->iov_len + sizeof(struct ip);
633 iph->ip_off &= (~IP_MF);
634 }
635 #endif /* WANT_OSPF_WRITE_FRAGMENT */
636
637 static int ospf_write(struct thread *thread)
638 {
639 struct ospf *ospf = THREAD_ARG(thread);
640 struct ospf_interface *oi;
641 struct ospf_interface *last_serviced_oi = NULL;
642 struct ospf_packet *op;
643 struct sockaddr_in sa_dst;
644 struct ip iph;
645 struct msghdr msg;
646 struct iovec iov[2];
647 uint8_t type;
648 int ret;
649 int flags = 0;
650 struct listnode *node;
651 #ifdef WANT_OSPF_WRITE_FRAGMENT
652 static uint16_t ipid = 0;
653 uint16_t maxdatasize;
654 #endif /* WANT_OSPF_WRITE_FRAGMENT */
655 #define OSPF_WRITE_IPHL_SHIFT 2
656 int pkt_count = 0;
657
658 #ifdef GNU_LINUX
659 unsigned char cmsgbuf[64] = {};
660 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
661 struct in_pktinfo *pi;
662 #endif
663
664 ospf->t_write = NULL;
665
666 node = listhead(ospf->oi_write_q);
667 assert(node);
668 oi = listgetdata(node);
669 assert(oi);
670
671 #ifdef WANT_OSPF_WRITE_FRAGMENT
672 /* seed ipid static with low order bits of time */
673 if (ipid == 0)
674 ipid = (time(NULL) & 0xffff);
675 #endif /* WANT_OSPF_WRITE_FRAGMENT */
676
677 while ((pkt_count < ospf->write_oi_count) && oi
678 && (last_serviced_oi != oi)) {
679 /* If there is only packet in the queue, the oi is removed from
680 write-q, so fix up the last interface that was serviced */
681 if (last_serviced_oi == NULL) {
682 last_serviced_oi = oi;
683 }
684 pkt_count++;
685 #ifdef WANT_OSPF_WRITE_FRAGMENT
686 /* convenience - max OSPF data per packet */
687 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
688 #endif /* WANT_OSPF_WRITE_FRAGMENT */
689 /* Get one packet from queue. */
690 op = ospf_fifo_head(oi->obuf);
691 assert(op);
692 assert(op->length >= OSPF_HEADER_SIZE);
693
694 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
695 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
696 ospf_if_ipmulticast(ospf, oi->address,
697 oi->ifp->ifindex);
698
699 /* Rewrite the md5 signature & update the seq */
700 ospf_make_md5_digest(oi, op);
701
702 /* Retrieve OSPF packet type. */
703 stream_set_getp(op->s, 1);
704 type = stream_getc(op->s);
705
706 /* reset get pointer */
707 stream_set_getp(op->s, 0);
708
709 memset(&iph, 0, sizeof(struct ip));
710 memset(&sa_dst, 0, sizeof(sa_dst));
711
712 sa_dst.sin_family = AF_INET;
713 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
714 sa_dst.sin_len = sizeof(sa_dst);
715 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
716 sa_dst.sin_addr = op->dst;
717 sa_dst.sin_port = htons(0);
718
719 /* Set DONTROUTE flag if dst is unicast. */
720 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
721 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
722 flags = MSG_DONTROUTE;
723
724 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
725 /* it'd be very strange for header to not be 4byte-word aligned
726 * but.. */
727 if (sizeof(struct ip)
728 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
729 iph.ip_hl++; /* we presume sizeof struct ip cant
730 overflow ip_hl.. */
731
732 iph.ip_v = IPVERSION;
733 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
734 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
735
736 #if defined(__DragonFly__)
737 /*
738 * DragonFly's raw socket expects ip_len/ip_off in network byte
739 * order.
740 */
741 iph.ip_len = htons(iph.ip_len);
742 #endif
743
744 #ifdef WANT_OSPF_WRITE_FRAGMENT
745 /* XXX-MT: not thread-safe at all..
746 * XXX: this presumes this is only programme sending OSPF
747 * packets
748 * otherwise, no guarantee ipid will be unique
749 */
750 iph.ip_id = ++ipid;
751 #endif /* WANT_OSPF_WRITE_FRAGMENT */
752
753 iph.ip_off = 0;
754 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
755 iph.ip_ttl = OSPF_VL_IP_TTL;
756 else
757 iph.ip_ttl = OSPF_IP_TTL;
758 iph.ip_p = IPPROTO_OSPFIGP;
759 iph.ip_sum = 0;
760 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
761 iph.ip_dst.s_addr = op->dst.s_addr;
762
763 memset(&msg, 0, sizeof(msg));
764 msg.msg_name = (caddr_t)&sa_dst;
765 msg.msg_namelen = sizeof(sa_dst);
766 msg.msg_iov = iov;
767 msg.msg_iovlen = 2;
768
769 iov[0].iov_base = (char *)&iph;
770 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
771 iov[1].iov_base = stream_pnt(op->s);
772 iov[1].iov_len = op->length;
773
774 #ifdef GNU_LINUX
775 msg.msg_control = (caddr_t)cm;
776 cm->cmsg_level = SOL_IP;
777 cm->cmsg_type = IP_PKTINFO;
778 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
779 pi = (struct in_pktinfo *)CMSG_DATA(cm);
780 pi->ipi_ifindex = oi->ifp->ifindex;
781
782 msg.msg_controllen = cm->cmsg_len;
783 #endif
784
785 /* Sadly we can not rely on kernels to fragment packets
786 * because of either IP_HDRINCL and/or multicast
787 * destination being set.
788 */
789
790 #ifdef WANT_OSPF_WRITE_FRAGMENT
791 if (op->length > maxdatasize)
792 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
793 oi->ifp->mtu, flags, type);
794 #endif /* WANT_OSPF_WRITE_FRAGMENT */
795
796 /* send final fragment (could be first) */
797 sockopt_iphdrincl_swab_htosys(&iph);
798 ret = sendmsg(ospf->fd, &msg, flags);
799 sockopt_iphdrincl_swab_systoh(&iph);
800 if (IS_DEBUG_OSPF_EVENT)
801 zlog_debug(
802 "ospf_write to %s, "
803 "id %d, off %d, len %d, interface %s, mtu %u:",
804 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
805 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
806
807 if (ret < 0)
808 flog_err(
809 LIB_ERR_SOCKET,
810 "*** sendmsg in ospf_write failed to %s, "
811 "id %d, off %d, len %d, interface %s, mtu %u: %s",
812 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
813 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
814 safe_strerror(errno));
815
816 /* Show debug sending packet. */
817 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
818 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
819 zlog_debug(
820 "-----------------------------------------------------");
821 ospf_ip_header_dump(&iph);
822 stream_set_getp(op->s, 0);
823 ospf_packet_dump(op->s);
824 }
825
826 zlog_debug("%s sent to [%s] via [%s].",
827 lookup_msg(ospf_packet_type_str, type, NULL),
828 inet_ntoa(op->dst), IF_NAME(oi));
829
830 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
831 zlog_debug(
832 "-----------------------------------------------------");
833 }
834
835 switch (type) {
836 case OSPF_MSG_HELLO:
837 oi->hello_out++;
838 break;
839 case OSPF_MSG_DB_DESC:
840 oi->db_desc_out++;
841 break;
842 case OSPF_MSG_LS_REQ:
843 oi->ls_req_out++;
844 break;
845 case OSPF_MSG_LS_UPD:
846 oi->ls_upd_out++;
847 break;
848 case OSPF_MSG_LS_ACK:
849 oi->ls_ack_out++;
850 break;
851 default:
852 break;
853 }
854
855 /* Now delete packet from queue. */
856 ospf_packet_delete(oi);
857
858 /* Move this interface to the tail of write_q to
859 serve everyone in a round robin fashion */
860 list_delete_node(ospf->oi_write_q, node);
861 if (ospf_fifo_head(oi->obuf) == NULL) {
862 oi->on_write_q = 0;
863 last_serviced_oi = NULL;
864 oi = NULL;
865 } else {
866 listnode_add(ospf->oi_write_q, oi);
867 }
868
869 /* Setup to service from the head of the queue again */
870 if (!list_isempty(ospf->oi_write_q)) {
871 node = listhead(ospf->oi_write_q);
872 assert(node);
873 oi = listgetdata(node);
874 assert(oi);
875 }
876 }
877
878 /* If packets still remain in queue, call write thread. */
879 if (!list_isempty(ospf->oi_write_q)) {
880 ospf->t_write = NULL;
881 thread_add_write(master, ospf_write, ospf, ospf->fd,
882 &ospf->t_write);
883 }
884
885 return 0;
886 }
887
888 /* OSPF Hello message read -- RFC2328 Section 10.5. */
889 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
890 struct stream *s, struct ospf_interface *oi, int size)
891 {
892 struct ospf_hello *hello;
893 struct ospf_neighbor *nbr;
894 int old_state;
895 struct prefix p;
896
897 /* increment statistics. */
898 oi->hello_in++;
899
900 hello = (struct ospf_hello *)stream_pnt(s);
901
902 /* If Hello is myself, silently discard. */
903 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
904 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
905 zlog_debug(
906 "ospf_header[%s/%s]: selforiginated, "
907 "dropping.",
908 lookup_msg(ospf_packet_type_str, ospfh->type,
909 NULL),
910 inet_ntoa(iph->ip_src));
911 }
912 return;
913 }
914
915 /* get neighbor prefix. */
916 p.family = AF_INET;
917 p.prefixlen = ip_masklen(hello->network_mask);
918 p.u.prefix4 = iph->ip_src;
919
920 /* Compare network mask. */
921 /* Checking is ignored for Point-to-Point and Virtual link. */
922 if (oi->type != OSPF_IFTYPE_POINTOPOINT
923 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
924 if (oi->address->prefixlen != p.prefixlen) {
925 flog_warn(
926 OSPF_WARN_PACKET,
927 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
928 inet_ntoa(ospfh->router_id), IF_NAME(oi),
929 (int)oi->address->prefixlen, (int)p.prefixlen);
930 return;
931 }
932
933 /* Compare Router Dead Interval. */
934 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
935 flog_warn(OSPF_WARN_PACKET,
936 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
937 "(expected %u, but received %u).",
938 inet_ntoa(ospfh->router_id),
939 OSPF_IF_PARAM(oi, v_wait),
940 ntohl(hello->dead_interval));
941 return;
942 }
943
944 /* Compare Hello Interval - ignored if fast-hellos are set. */
945 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
946 if (OSPF_IF_PARAM(oi, v_hello)
947 != ntohs(hello->hello_interval)) {
948 flog_warn(
949 OSPF_WARN_PACKET,
950 "Packet %s [Hello:RECV]: HelloInterval mismatch "
951 "(expected %u, but received %u).",
952 inet_ntoa(ospfh->router_id),
953 OSPF_IF_PARAM(oi, v_hello),
954 ntohs(hello->hello_interval));
955 return;
956 }
957 }
958
959 if (IS_DEBUG_OSPF_EVENT)
960 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
961 inet_ntoa(ospfh->router_id),
962 ospf_options_dump(hello->options),
963 ospf_vrf_id_to_name(oi->ospf->vrf_id));
964
965 /* Compare options. */
966 #define REJECT_IF_TBIT_ON 1 /* XXX */
967 #ifdef REJECT_IF_TBIT_ON
968 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
969 /*
970 * This router does not support non-zero TOS.
971 * Drop this Hello packet not to establish neighbor
972 * relationship.
973 */
974 flog_warn(OSPF_WARN_PACKET,
975 "Packet %s [Hello:RECV]: T-bit on, drop it.",
976 inet_ntoa(ospfh->router_id));
977 return;
978 }
979 #endif /* REJECT_IF_TBIT_ON */
980
981 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
982 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
983 /*
984 * This router does know the correct usage of O-bit
985 * the bit should be set in DD packet only.
986 */
987 flog_warn(OSPF_WARN_PACKET,
988 "Packet %s [Hello:RECV]: O-bit abuse?",
989 inet_ntoa(ospfh->router_id));
990 #ifdef STRICT_OBIT_USAGE_CHECK
991 return; /* Reject this packet. */
992 #else /* STRICT_OBIT_USAGE_CHECK */
993 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
994 #endif /* STRICT_OBIT_USAGE_CHECK */
995 }
996
997 /* new for NSSA is to ensure that NP is on and E is off */
998
999 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1000 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1001 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1002 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1003 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1004 flog_warn(
1005 OSPF_WARN_PACKET,
1006 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1007 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1008 hello->options);
1009 return;
1010 }
1011 if (IS_DEBUG_OSPF_NSSA)
1012 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1013 inet_ntoa(ospfh->router_id));
1014 } else
1015 /* The setting of the E-bit found in the Hello Packet's Options
1016 field must match this area's ExternalRoutingCapability A
1017 mismatch causes processing to stop and the packet to be
1018 dropped. The setting of the rest of the bits in the Hello
1019 Packet's Options field should be ignored. */
1020 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1021 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1022 flog_warn(
1023 OSPF_WARN_PACKET,
1024 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1025 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1026 hello->options);
1027 return;
1028 }
1029
1030 /* get neighbour struct */
1031 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1032
1033 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1034 assert(nbr);
1035
1036 old_state = nbr->state;
1037
1038 /* Add event to thread. */
1039 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1040
1041 /* RFC2328 Section 9.5.1
1042 If the router is not eligible to become Designated Router,
1043 (snip) It must also send an Hello Packet in reply to an
1044 Hello Packet received from any eligible neighbor (other than
1045 the current Designated Router and Backup Designated Router). */
1046 if (oi->type == OSPF_IFTYPE_NBMA)
1047 if (PRIORITY(oi) == 0 && hello->priority > 0
1048 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1049 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1050 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1051 ospf_hello_reply_timer,
1052 OSPF_HELLO_REPLY_DELAY);
1053
1054 /* on NBMA network type, it happens to receive bidirectional Hello
1055 packet
1056 without advance 1-Way Received event.
1057 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1058 if (oi->type == OSPF_IFTYPE_NBMA
1059 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1060 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1061 nbr->priority = hello->priority;
1062 nbr->d_router = hello->d_router;
1063 nbr->bd_router = hello->bd_router;
1064 return;
1065 }
1066
1067 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1068 size - OSPF_HELLO_MIN_SIZE)) {
1069 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1070 nbr->options |= hello->options;
1071 } else {
1072 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1073 /* Set neighbor information. */
1074 nbr->priority = hello->priority;
1075 nbr->d_router = hello->d_router;
1076 nbr->bd_router = hello->bd_router;
1077 return;
1078 }
1079
1080 /* If neighbor itself declares DR and no BDR exists,
1081 cause event BackupSeen */
1082 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1083 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1084 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1085
1086 /* neighbor itself declares BDR. */
1087 if (oi->state == ISM_Waiting
1088 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1089 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1090
1091 /* had not previously. */
1092 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1093 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1094 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1095 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1096 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1097
1098 /* had not previously. */
1099 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1100 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1101 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1102 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1103 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1104
1105 /* Neighbor priority check. */
1106 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1107 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1108
1109 /* Set neighbor information. */
1110 nbr->priority = hello->priority;
1111 nbr->d_router = hello->d_router;
1112 nbr->bd_router = hello->bd_router;
1113 }
1114
1115 /* Save DD flags/options/Seqnum received. */
1116 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1117 struct ospf_db_desc *dd)
1118 {
1119 nbr->last_recv.flags = dd->flags;
1120 nbr->last_recv.options = dd->options;
1121 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1122 }
1123
1124 /* Process rest of DD packet. */
1125 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1126 struct ospf_neighbor *nbr,
1127 struct ospf_db_desc *dd, uint16_t size)
1128 {
1129 struct ospf_lsa *new, *find;
1130 struct lsa_header *lsah;
1131
1132 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1133 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1134 size -= OSPF_LSA_HEADER_SIZE) {
1135 lsah = (struct lsa_header *)stream_pnt(s);
1136 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1137
1138 /* Unknown LS type. */
1139 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1140 flog_warn(OSPF_WARN_PACKET,
1141 "Packet [DD:RECV]: Unknown LS type %d.",
1142 lsah->type);
1143 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1144 return;
1145 }
1146
1147 if (IS_OPAQUE_LSA(lsah->type)
1148 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1149 flog_warn(OSPF_WARN_PACKET,
1150 "LSA[Type%d:%s]: Opaque capability mismatch?",
1151 lsah->type, inet_ntoa(lsah->id));
1152 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1153 return;
1154 }
1155
1156 switch (lsah->type) {
1157 case OSPF_AS_EXTERNAL_LSA:
1158 case OSPF_OPAQUE_AS_LSA:
1159 /* Check for stub area. Reject if AS-External from stub
1160 but
1161 allow if from NSSA. */
1162 if (oi->area->external_routing == OSPF_AREA_STUB) {
1163 flog_warn(
1164 OSPF_WARN_PACKET,
1165 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1166 lsah->type, inet_ntoa(lsah->id),
1167 (oi->area->external_routing
1168 == OSPF_AREA_STUB)
1169 ? "STUB"
1170 : "NSSA");
1171 OSPF_NSM_EVENT_SCHEDULE(nbr,
1172 NSM_SeqNumberMismatch);
1173 return;
1174 }
1175 break;
1176 default:
1177 break;
1178 }
1179
1180 /* Create LS-request object. */
1181 new = ospf_ls_request_new(lsah);
1182
1183 /* Lookup received LSA, then add LS request list. */
1184 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1185
1186 /* ospf_lsa_more_recent is fine with NULL pointers */
1187 switch (ospf_lsa_more_recent(find, new)) {
1188 case -1:
1189 /* Neighbour has a more recent LSA, we must request it
1190 */
1191 ospf_ls_request_add(nbr, new);
1192 /* fallthru */
1193 case 0:
1194 /* If we have a copy of this LSA, it's either less
1195 * recent
1196 * and we're requesting it from neighbour (the case
1197 * above), or
1198 * it's as recent and we both have same copy (this
1199 * case).
1200 *
1201 * In neither of these two cases is there any point in
1202 * describing our copy of the LSA to the neighbour in a
1203 * DB-Summary packet, if we're still intending to do so.
1204 *
1205 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1206 * backward compatible optimisation to OSPF DB Exchange
1207 * /
1208 * DB Description process implemented here.
1209 */
1210 if (find)
1211 ospf_lsdb_delete(&nbr->db_sum, find);
1212 ospf_lsa_discard(new);
1213 break;
1214 default:
1215 /* We have the more recent copy, nothing specific to do:
1216 * - no need to request neighbours stale copy
1217 * - must leave DB summary list copy alone
1218 */
1219 if (IS_DEBUG_OSPF_EVENT)
1220 zlog_debug(
1221 "Packet [DD:RECV]: LSA received Type %d, "
1222 "ID %s is not recent.",
1223 lsah->type, inet_ntoa(lsah->id));
1224 ospf_lsa_discard(new);
1225 }
1226 }
1227
1228 /* Master */
1229 if (IS_SET_DD_MS(nbr->dd_flags)) {
1230 nbr->dd_seqnum++;
1231
1232 /* Both sides have no More, then we're done with Exchange */
1233 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1234 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1235 else
1236 ospf_db_desc_send(nbr);
1237 }
1238 /* Slave */
1239 else {
1240 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1241
1242 /* Send DD packet in reply.
1243 *
1244 * Must be done to acknowledge the Master's DD, regardless of
1245 * whether we have more LSAs ourselves to describe.
1246 *
1247 * This function will clear the 'More' bit, if after this DD
1248 * we have no more LSAs to describe to the master..
1249 */
1250 ospf_db_desc_send(nbr);
1251
1252 /* Slave can raise ExchangeDone now, if master is also done */
1253 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1254 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1255 }
1256
1257 /* Save received neighbor values from DD. */
1258 ospf_db_desc_save_current(nbr, dd);
1259
1260 if (!nbr->t_ls_req)
1261 ospf_ls_req_send(nbr);
1262 }
1263
1264 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1265 struct ospf_neighbor *nbr)
1266 {
1267 /* Is DD duplicated? */
1268 if (dd->options == nbr->last_recv.options
1269 && dd->flags == nbr->last_recv.flags
1270 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1271 return 1;
1272
1273 return 0;
1274 }
1275
1276 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1277 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1278 struct stream *s, struct ospf_interface *oi,
1279 uint16_t size)
1280 {
1281 struct ospf_db_desc *dd;
1282 struct ospf_neighbor *nbr;
1283
1284 /* Increment statistics. */
1285 oi->db_desc_in++;
1286
1287 dd = (struct ospf_db_desc *)stream_pnt(s);
1288
1289 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1290 if (nbr == NULL) {
1291 flog_warn(OSPF_WARN_PACKET, "Packet[DD]: Unknown Neighbor %s",
1292 inet_ntoa(ospfh->router_id));
1293 return;
1294 }
1295
1296 /* Check MTU. */
1297 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1298 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1299 flog_warn(
1300 OSPF_WARN_PACKET,
1301 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1302 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1303 oi->ifp->mtu);
1304 return;
1305 }
1306
1307 /*
1308 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1309 * not
1310 * required. In fact at least JunOS sends DD packets with P bit clear.
1311 * Until proper solution is developped, this hack should help.
1312 *
1313 * Update: According to the RFCs, N bit is specified /only/ for Hello
1314 * options, unfortunately its use in DD options is not specified. Hence
1315 * some
1316 * implementations follow E-bit semantics and set it in DD options, and
1317 * some
1318 * treat it as unspecified and hence follow the directive "default for
1319 * options is clear", ie unset.
1320 *
1321 * Reset the flag, as ospfd follows E-bit semantics.
1322 */
1323 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1324 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1325 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1326 if (IS_DEBUG_OSPF_EVENT)
1327 zlog_debug(
1328 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1329 inet_ntoa(nbr->router_id));
1330 SET_FLAG(dd->options, OSPF_OPTION_NP);
1331 }
1332
1333 #ifdef REJECT_IF_TBIT_ON
1334 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1335 /*
1336 * In Hello protocol, optional capability must have checked
1337 * to prevent this T-bit enabled router be my neighbor.
1338 */
1339 flog_warn(OSPF_WARN_PACKET,
1340 "Packet[DD]: Neighbor %s: T-bit on?",
1341 inet_ntoa(nbr->router_id));
1342 return;
1343 }
1344 #endif /* REJECT_IF_TBIT_ON */
1345
1346 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1347 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1348 /*
1349 * This node is not configured to handle O-bit, for now.
1350 * Clear it to ignore unsupported capability proposed by
1351 * neighbor.
1352 */
1353 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1354 }
1355
1356 /* Add event to thread. */
1357 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1358
1359 /* Process DD packet by neighbor status. */
1360 switch (nbr->state) {
1361 case NSM_Down:
1362 case NSM_Attempt:
1363 case NSM_TwoWay:
1364 flog_warn(
1365 OSPF_WARN_PACKET,
1366 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1367 inet_ntoa(nbr->router_id),
1368 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1369 break;
1370 case NSM_Init:
1371 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1372 /* If the new state is ExStart, the processing of the current
1373 packet should then continue in this new state by falling
1374 through to case ExStart below. */
1375 if (nbr->state != NSM_ExStart)
1376 break;
1377 /* fallthru */
1378 case NSM_ExStart:
1379 /* Initial DBD */
1380 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1381 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1382 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1383 > 0) {
1384 /* We're Slave---obey */
1385 if (CHECK_FLAG(oi->ospf->config,
1386 OSPF_LOG_ADJACENCY_DETAIL))
1387 zlog_info(
1388 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1389 inet_ntoa(nbr->router_id));
1390
1391 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1392
1393 /* Reset I/MS */
1394 UNSET_FLAG(nbr->dd_flags,
1395 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1396 } else {
1397 /* We're Master, ignore the initial DBD from
1398 * Slave */
1399 if (CHECK_FLAG(oi->ospf->config,
1400 OSPF_LOG_ADJACENCY_DETAIL))
1401 zlog_info(
1402 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1403 "ignoring.",
1404 inet_ntoa(nbr->router_id));
1405 break;
1406 }
1407 }
1408 /* Ack from the Slave */
1409 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1410 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1411 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1412 < 0) {
1413 zlog_info(
1414 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1415 inet_ntoa(nbr->router_id));
1416 /* Reset I, leaving MS */
1417 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1418 } else {
1419 flog_warn(OSPF_WARN_PACKET,
1420 "Packet[DD]: Neighbor %s Negotiation fails.",
1421 inet_ntoa(nbr->router_id));
1422 break;
1423 }
1424
1425 /* This is where the real Options are saved */
1426 nbr->options = dd->options;
1427
1428 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1429 if (IS_DEBUG_OSPF_EVENT)
1430 zlog_debug(
1431 "Neighbor[%s] is %sOpaque-capable.",
1432 inet_ntoa(nbr->router_id),
1433 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1434 ? ""
1435 : "NOT ");
1436
1437 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1438 && IPV4_ADDR_SAME(&DR(oi),
1439 &nbr->address.u.prefix4)) {
1440 flog_warn(
1441 OSPF_WARN_PACKET,
1442 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1443 inet_ntoa(nbr->router_id));
1444 /* This situation is undesirable, but not a real
1445 * error. */
1446 }
1447 }
1448
1449 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1450
1451 /* continue processing rest of packet. */
1452 ospf_db_desc_proc(s, oi, nbr, dd, size);
1453 break;
1454 case NSM_Exchange:
1455 if (ospf_db_desc_is_dup(dd, nbr)) {
1456 if (IS_SET_DD_MS(nbr->dd_flags))
1457 /* Master: discard duplicated DD packet. */
1458 zlog_info(
1459 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1460 inet_ntoa(nbr->router_id));
1461 else
1462 /* Slave: cause to retransmit the last Database
1463 Description. */
1464 {
1465 zlog_info(
1466 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1467 inet_ntoa(nbr->router_id));
1468 ospf_db_desc_resend(nbr);
1469 }
1470 break;
1471 }
1472
1473 /* Otherwise DD packet should be checked. */
1474 /* Check Master/Slave bit mismatch */
1475 if (IS_SET_DD_MS(dd->flags)
1476 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1477 flog_warn(OSPF_WARN_PACKET,
1478 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1479 inet_ntoa(nbr->router_id));
1480 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1481 if (IS_DEBUG_OSPF_EVENT)
1482 zlog_debug(
1483 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1484 dd->flags, nbr->dd_flags);
1485 break;
1486 }
1487
1488 /* Check initialize bit is set. */
1489 if (IS_SET_DD_I(dd->flags)) {
1490 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1491 inet_ntoa(nbr->router_id));
1492 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1493 break;
1494 }
1495
1496 /* Check DD Options. */
1497 if (dd->options != nbr->options) {
1498 #ifdef ORIGINAL_CODING
1499 /* Save the new options for debugging */
1500 nbr->options = dd->options;
1501 #endif /* ORIGINAL_CODING */
1502 flog_warn(OSPF_WARN_PACKET,
1503 "Packet[DD]: Neighbor %s options mismatch.",
1504 inet_ntoa(nbr->router_id));
1505 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1506 break;
1507 }
1508
1509 /* Check DD sequence number. */
1510 if ((IS_SET_DD_MS(nbr->dd_flags)
1511 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1512 || (!IS_SET_DD_MS(nbr->dd_flags)
1513 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1514 flog_warn(
1515 OSPF_WARN_PACKET,
1516 "Packet[DD]: Neighbor %s sequence number mismatch.",
1517 inet_ntoa(nbr->router_id));
1518 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1519 break;
1520 }
1521
1522 /* Continue processing rest of packet. */
1523 ospf_db_desc_proc(s, oi, nbr, dd, size);
1524 break;
1525 case NSM_Loading:
1526 case NSM_Full:
1527 if (ospf_db_desc_is_dup(dd, nbr)) {
1528 if (IS_SET_DD_MS(nbr->dd_flags)) {
1529 /* Master should discard duplicate DD packet. */
1530 zlog_info(
1531 "Packet[DD]: Neighbor %s duplicated, "
1532 "packet discarded.",
1533 inet_ntoa(nbr->router_id));
1534 break;
1535 } else {
1536 if (monotime_since(&nbr->last_send_ts, NULL)
1537 < nbr->v_inactivity * 1000000LL) {
1538 /* In states Loading and Full the slave
1539 must resend
1540 its last Database Description packet
1541 in response to
1542 duplicate Database Description
1543 packets received
1544 from the master. For this reason the
1545 slave must
1546 wait RouterDeadInterval seconds
1547 before freeing the
1548 last Database Description packet.
1549 Reception of a
1550 Database Description packet from the
1551 master after
1552 this interval will generate a
1553 SeqNumberMismatch
1554 neighbor event. RFC2328 Section 10.8
1555 */
1556 ospf_db_desc_resend(nbr);
1557 break;
1558 }
1559 }
1560 }
1561
1562 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1563 break;
1564 default:
1565 flog_warn(OSPF_WARN_PACKET,
1566 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1567 inet_ntoa(nbr->router_id), nbr->state);
1568 break;
1569 }
1570 }
1571
1572 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1573
1574 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1575 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1576 struct stream *s, struct ospf_interface *oi,
1577 uint16_t size)
1578 {
1579 struct ospf_neighbor *nbr;
1580 uint32_t ls_type;
1581 struct in_addr ls_id;
1582 struct in_addr adv_router;
1583 struct ospf_lsa *find;
1584 struct list *ls_upd;
1585 unsigned int length;
1586
1587 /* Increment statistics. */
1588 oi->ls_req_in++;
1589
1590 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1591 if (nbr == NULL) {
1592 flog_warn(OSPF_WARN_PACKET,
1593 "Link State Request: Unknown Neighbor %s.",
1594 inet_ntoa(ospfh->router_id));
1595 return;
1596 }
1597
1598 /* Add event to thread. */
1599 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1600
1601 /* Neighbor State should be Exchange or later. */
1602 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1603 && nbr->state != NSM_Full) {
1604 flog_warn(
1605 OSPF_WARN_PACKET,
1606 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1607 inet_ntoa(ospfh->router_id),
1608 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1609 return;
1610 }
1611
1612 /* Send Link State Update for ALL requested LSAs. */
1613 ls_upd = list_new();
1614 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1615
1616 while (size >= OSPF_LSA_KEY_SIZE) {
1617 /* Get one slice of Link State Request. */
1618 ls_type = stream_getl(s);
1619 ls_id.s_addr = stream_get_ipv4(s);
1620 adv_router.s_addr = stream_get_ipv4(s);
1621
1622 /* Verify LSA type. */
1623 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1624 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1625 list_delete_and_null(&ls_upd);
1626 return;
1627 }
1628
1629 /* Search proper LSA in LSDB. */
1630 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1631 adv_router);
1632 if (find == NULL) {
1633 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1634 list_delete_and_null(&ls_upd);
1635 return;
1636 }
1637
1638 /* Packet overflows MTU size, send immediately. */
1639 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1640 if (oi->type == OSPF_IFTYPE_NBMA)
1641 ospf_ls_upd_send(nbr, ls_upd,
1642 OSPF_SEND_PACKET_DIRECT, 0);
1643 else
1644 ospf_ls_upd_send(nbr, ls_upd,
1645 OSPF_SEND_PACKET_INDIRECT, 0);
1646
1647 /* Only remove list contents. Keep ls_upd. */
1648 list_delete_all_node(ls_upd);
1649
1650 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1651 }
1652
1653 /* Append LSA to update list. */
1654 listnode_add(ls_upd, find);
1655 length += ntohs(find->data->length);
1656
1657 size -= OSPF_LSA_KEY_SIZE;
1658 }
1659
1660 /* Send rest of Link State Update. */
1661 if (listcount(ls_upd) > 0) {
1662 if (oi->type == OSPF_IFTYPE_NBMA)
1663 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1664 0);
1665 else
1666 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1667 0);
1668
1669 list_delete_and_null(&ls_upd);
1670 } else
1671 list_delete_and_null(&ls_upd);
1672 }
1673
1674 /* Get the list of LSAs from Link State Update packet.
1675 And process some validation -- RFC2328 Section 13. (1)-(2). */
1676 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1677 struct stream *s,
1678 struct ospf_interface *oi, size_t size)
1679 {
1680 uint16_t count, sum;
1681 uint32_t length;
1682 struct lsa_header *lsah;
1683 struct ospf_lsa *lsa;
1684 struct list *lsas;
1685
1686 lsas = list_new();
1687
1688 count = stream_getl(s);
1689 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1690
1691 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1692 size -= length, stream_forward_getp(s, length), count--) {
1693 lsah = (struct lsa_header *)stream_pnt(s);
1694 length = ntohs(lsah->length);
1695
1696 if (length > size) {
1697 flog_warn(
1698 OSPF_WARN_PACKET,
1699 "Link State Update: LSA length exceeds packet size.");
1700 break;
1701 }
1702
1703 /* Validate the LSA's LS checksum. */
1704 sum = lsah->checksum;
1705 if (!ospf_lsa_checksum_valid(lsah)) {
1706 /* (bug #685) more details in a one-line message make it
1707 * possible
1708 * to identify problem source on the one hand and to
1709 * have a better
1710 * chance to compress repeated messages in syslog on the
1711 * other */
1712 flog_warn(
1713 OSPF_WARN_PACKET,
1714 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1715 sum, lsah->checksum, inet_ntoa(lsah->id),
1716 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1717 inet_ntoa(lsah->adv_router));
1718 continue;
1719 }
1720
1721 /* Examine the LSA's LS type. */
1722 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1723 flog_warn(OSPF_WARN_PACKET,
1724 "Link State Update: Unknown LS type %d",
1725 lsah->type);
1726 continue;
1727 }
1728
1729 /*
1730 * What if the received LSA's age is greater than MaxAge?
1731 * Treat it as a MaxAge case -- endo.
1732 */
1733 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1734 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1735
1736 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1737 #ifdef STRICT_OBIT_USAGE_CHECK
1738 if ((IS_OPAQUE_LSA(lsah->type)
1739 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1740 || (!IS_OPAQUE_LSA(lsah->type)
1741 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1742 /*
1743 * This neighbor must know the exact usage of
1744 * O-bit;
1745 * the bit will be set in Type-9,10,11 LSAs
1746 * only.
1747 */
1748 flog_warn(OSPF_WARN_PACKET,
1749 "LSA[Type%d:%s]: O-bit abuse?",
1750 lsah->type, inet_ntoa(lsah->id));
1751 continue;
1752 }
1753 #endif /* STRICT_OBIT_USAGE_CHECK */
1754
1755 /* Do not take in AS External Opaque-LSAs if we are a
1756 * stub. */
1757 if (lsah->type == OSPF_OPAQUE_AS_LSA
1758 && nbr->oi->area->external_routing
1759 != OSPF_AREA_DEFAULT) {
1760 if (IS_DEBUG_OSPF_EVENT)
1761 zlog_debug(
1762 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1763 lsah->type,
1764 inet_ntoa(lsah->id));
1765 continue;
1766 }
1767 } else if (IS_OPAQUE_LSA(lsah->type)) {
1768 flog_warn(OSPF_WARN_PACKET,
1769 "LSA[Type%d:%s]: Opaque capability mismatch?",
1770 lsah->type, inet_ntoa(lsah->id));
1771 continue;
1772 }
1773
1774 /* Create OSPF LSA instance. */
1775 lsa = ospf_lsa_new_and_data(length);
1776
1777 lsa->vrf_id = oi->ospf->vrf_id;
1778 /* We may wish to put some error checking if type NSSA comes in
1779 and area not in NSSA mode */
1780 switch (lsah->type) {
1781 case OSPF_AS_EXTERNAL_LSA:
1782 case OSPF_OPAQUE_AS_LSA:
1783 lsa->area = NULL;
1784 break;
1785 case OSPF_OPAQUE_LINK_LSA:
1786 lsa->oi = oi; /* Remember incoming interface for
1787 flooding control. */
1788 /* Fallthrough */
1789 default:
1790 lsa->area = oi->area;
1791 break;
1792 }
1793
1794 memcpy(lsa->data, lsah, length);
1795
1796 if (IS_DEBUG_OSPF_EVENT)
1797 zlog_debug(
1798 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1799 lsa->data->type, inet_ntoa(lsa->data->id),
1800 (void *)lsa);
1801 listnode_add(lsas, lsa);
1802 }
1803
1804 return lsas;
1805 }
1806
1807 /* Cleanup Update list. */
1808 static void ospf_upd_list_clean(struct list *lsas)
1809 {
1810 struct listnode *node, *nnode;
1811 struct ospf_lsa *lsa;
1812
1813 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1814 ospf_lsa_discard(lsa);
1815
1816 list_delete_and_null(&lsas);
1817 }
1818
1819 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1820 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1821 struct ospf_header *ospfh, struct stream *s,
1822 struct ospf_interface *oi, uint16_t size)
1823 {
1824 struct ospf_neighbor *nbr;
1825 struct list *lsas;
1826 struct listnode *node, *nnode;
1827 struct ospf_lsa *lsa = NULL;
1828 /* unsigned long ls_req_found = 0; */
1829
1830 /* Dis-assemble the stream, update each entry, re-encapsulate for
1831 * flooding */
1832
1833 /* Increment statistics. */
1834 oi->ls_upd_in++;
1835
1836 /* Check neighbor. */
1837 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1838 if (nbr == NULL) {
1839 flog_warn(OSPF_WARN_PACKET,
1840 "Link State Update: Unknown Neighbor %s on int: %s",
1841 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1842 return;
1843 }
1844
1845 /* Add event to thread. */
1846 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1847
1848 /* Check neighbor state. */
1849 if (nbr->state < NSM_Exchange) {
1850 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1851 zlog_debug(
1852 "Link State Update: "
1853 "Neighbor[%s] state %s is less than Exchange",
1854 inet_ntoa(ospfh->router_id),
1855 lookup_msg(ospf_nsm_state_msg, nbr->state,
1856 NULL));
1857 return;
1858 }
1859
1860 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1861 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1862 * of section 13.
1863 */
1864 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1865
1866 if (lsas == NULL)
1867 return;
1868 #define DISCARD_LSA(L, N) \
1869 { \
1870 if (IS_DEBUG_OSPF_EVENT) \
1871 zlog_debug( \
1872 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1873 " Type-%d", \
1874 N, (void *)lsa, (int)lsa->data->type); \
1875 ospf_lsa_discard(L); \
1876 continue; \
1877 }
1878
1879 /* Process each LSA received in the one packet.
1880 *
1881 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1882 * text below are from the steps in RFC 2328, Section 13.
1883 */
1884 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1885 struct ospf_lsa *ls_ret, *current;
1886 int ret = 1;
1887
1888 if (IS_DEBUG_OSPF_NSSA) {
1889 char buf1[INET_ADDRSTRLEN];
1890 char buf2[INET_ADDRSTRLEN];
1891 char buf3[INET_ADDRSTRLEN];
1892
1893 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1894 lsa->data->type,
1895 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1896 INET_ADDRSTRLEN),
1897 inet_ntop(AF_INET, &lsa->data->id, buf2,
1898 INET_ADDRSTRLEN),
1899 inet_ntop(AF_INET, &lsa->data->adv_router,
1900 buf3, INET_ADDRSTRLEN));
1901 }
1902
1903 listnode_delete(lsas,
1904 lsa); /* We don't need it in list anymore */
1905
1906 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1907 */
1908
1909 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1910
1911 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1912 */
1913
1914 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1915 */
1916
1917 /* Do take in Type-7's if we are an NSSA */
1918
1919 /* If we are also an ABR, later translate them to a Type-5
1920 * packet */
1921
1922 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1923 translate them to a separate Type-5 packet. */
1924
1925 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1926 /* Reject from STUB or NSSA */
1927 if (nbr->oi->area->external_routing
1928 != OSPF_AREA_DEFAULT) {
1929 if (IS_DEBUG_OSPF_NSSA)
1930 zlog_debug(
1931 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1932 DISCARD_LSA(lsa, 1);
1933 }
1934
1935 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1936 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1937 if (IS_DEBUG_OSPF_NSSA)
1938 zlog_debug(
1939 "Incoming NSSA LSA Discarded: Not NSSA Area");
1940 DISCARD_LSA(lsa, 2);
1941 }
1942
1943 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1944 if (lsa->data->type == OSPF_ROUTER_LSA)
1945 if (!IPV4_ADDR_SAME(&lsa->data->id,
1946 &lsa->data->adv_router)) {
1947 char buf1[INET_ADDRSTRLEN];
1948 char buf2[INET_ADDRSTRLEN];
1949 char buf3[INET_ADDRSTRLEN];
1950
1951 flog_err(OSPF_ERR_ROUTER_LSA_MISMATCH,
1952 "Incoming Router-LSA from %s with "
1953 "Adv-ID[%s] != LS-ID[%s]",
1954 inet_ntop(AF_INET, &ospfh->router_id,
1955 buf1, INET_ADDRSTRLEN),
1956 inet_ntop(AF_INET, &lsa->data->id,
1957 buf2, INET_ADDRSTRLEN),
1958 inet_ntop(AF_INET,
1959 &lsa->data->adv_router,
1960 buf3, INET_ADDRSTRLEN));
1961 flog_err(
1962 OSPF_ERR_DOMAIN_CORRUPT,
1963 "OSPF domain compromised by attack or corruption. "
1964 "Verify correct operation of -ALL- OSPF routers.");
1965 DISCARD_LSA(lsa, 0);
1966 }
1967
1968 /* Find the LSA in the current database. */
1969
1970 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1971
1972 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1973 currently
1974 no instance of the LSA in the router's link state database,
1975 and none of router's neighbors are in states Exchange or
1976 Loading,
1977 then take the following actions: */
1978
1979 if (IS_LSA_MAXAGE(lsa) && !current
1980 && ospf_check_nbr_status(oi->ospf)) {
1981 /* (4a) Response Link State Acknowledgment. */
1982 ospf_ls_ack_send(nbr, lsa);
1983
1984 /* (4b) Discard LSA. */
1985 if (IS_DEBUG_OSPF(lsa, LSA)) {
1986 zlog_debug(
1987 "Link State Update[%s]: LS age is equal to MaxAge.",
1988 dump_lsa_key(lsa));
1989 }
1990 DISCARD_LSA(lsa, 3);
1991 }
1992
1993 if (IS_OPAQUE_LSA(lsa->data->type)
1994 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1995 &oi->ospf->router_id)) {
1996 /*
1997 * Even if initial flushing seems to be completed, there
1998 * might
1999 * be a case that self-originated LSA with MaxAge still
2000 * remain
2001 * in the routing domain.
2002 * Just send an LSAck message to cease retransmission.
2003 */
2004 if (IS_LSA_MAXAGE(lsa)) {
2005 zlog_info("LSA[%s]: Boomerang effect?",
2006 dump_lsa_key(lsa));
2007 ospf_ls_ack_send(nbr, lsa);
2008 ospf_lsa_discard(lsa);
2009
2010 if (current != NULL && !IS_LSA_MAXAGE(current))
2011 ospf_opaque_lsa_refresh_schedule(
2012 current);
2013 continue;
2014 }
2015
2016 /*
2017 * If an instance of self-originated Opaque-LSA is not
2018 * found
2019 * in the LSDB, there are some possible cases here.
2020 *
2021 * 1) This node lost opaque-capability after restart.
2022 * 2) Else, a part of opaque-type is no more supported.
2023 * 3) Else, a part of opaque-id is no more supported.
2024 *
2025 * Anyway, it is still this node's responsibility to
2026 * flush it.
2027 * Otherwise, the LSA instance remains in the routing
2028 * domain
2029 * until its age reaches to MaxAge.
2030 */
2031 /* XXX: We should deal with this for *ALL* LSAs, not
2032 * just opaque */
2033 if (current == NULL) {
2034 if (IS_DEBUG_OSPF_EVENT)
2035 zlog_debug(
2036 "LSA[%s]: Previously originated Opaque-LSA,"
2037 "not found in the LSDB.",
2038 dump_lsa_key(lsa));
2039
2040 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2041
2042 ospf_opaque_self_originated_lsa_received(nbr,
2043 lsa);
2044 ospf_ls_ack_send(nbr, lsa);
2045
2046 continue;
2047 }
2048 }
2049
2050 /* It might be happen that received LSA is self-originated
2051 * network LSA, but
2052 * router ID is changed. So, we should check if LSA is a
2053 * network-LSA whose
2054 * Link State ID is one of the router's own IP interface
2055 * addresses but whose
2056 * Advertising Router is not equal to the router's own Router ID
2057 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2058 * flushed.
2059 */
2060
2061 if (lsa->data->type == OSPF_NETWORK_LSA) {
2062 struct listnode *oinode, *oinnode;
2063 struct ospf_interface *out_if;
2064 int Flag = 0;
2065
2066 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2067 oinnode, out_if)) {
2068 if (out_if == NULL)
2069 break;
2070
2071 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2072 &lsa->data->id))
2073 && (!(IPV4_ADDR_SAME(
2074 &oi->ospf->router_id,
2075 &lsa->data->adv_router)))) {
2076 if (out_if->network_lsa_self) {
2077 ospf_lsa_flush_area(
2078 lsa, out_if->area);
2079 if (IS_DEBUG_OSPF_EVENT)
2080 zlog_debug(
2081 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2082 (void *)lsa,
2083 (int)lsa->data
2084 ->type);
2085 ospf_lsa_discard(lsa);
2086 Flag = 1;
2087 }
2088 break;
2089 }
2090 }
2091 if (Flag)
2092 continue;
2093 }
2094
2095 /* (5) Find the instance of this LSA that is currently contained
2096 in the router's link state database. If there is no
2097 database copy, or the received LSA is more recent than
2098 the database copy the following steps must be performed.
2099 (The sub steps from RFC 2328 section 13 step (5) will be
2100 performed in
2101 ospf_flood() ) */
2102
2103 if (current == NULL
2104 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2105 /* Actual flooding procedure. */
2106 if (ospf_flood(oi->ospf, nbr, current, lsa)
2107 < 0) /* Trap NSSA later. */
2108 DISCARD_LSA(lsa, 4);
2109 continue;
2110 }
2111
2112 /* (6) Else, If there is an instance of the LSA on the sending
2113 neighbor's Link state request list, an error has occurred in
2114 the Database Exchange process. In this case, restart the
2115 Database Exchange process by generating the neighbor event
2116 BadLSReq for the sending neighbor and stop processing the
2117 Link State Update packet. */
2118
2119 if (ospf_ls_request_lookup(nbr, lsa)) {
2120 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2121 flog_warn(
2122 OSPF_WARN_PACKET,
2123 "LSA[%s] instance exists on Link state request list",
2124 dump_lsa_key(lsa));
2125
2126 /* Clean list of LSAs. */
2127 ospf_upd_list_clean(lsas);
2128 /* this lsa is not on lsas list already. */
2129 ospf_lsa_discard(lsa);
2130 return;
2131 }
2132
2133 /* If the received LSA is the same instance as the database copy
2134 (i.e., neither one is more recent) the following two steps
2135 should be performed: */
2136
2137 if (ret == 0) {
2138 /* If the LSA is listed in the Link state retransmission
2139 list
2140 for the receiving adjacency, the router itself is
2141 expecting
2142 an acknowledgment for this LSA. The router should
2143 treat the
2144 received LSA as an acknowledgment by removing the LSA
2145 from
2146 the Link state retransmission list. This is termed
2147 an
2148 "implied acknowledgment". */
2149
2150 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2151
2152 if (ls_ret != NULL) {
2153 ospf_ls_retransmit_delete(nbr, ls_ret);
2154
2155 /* Delayed acknowledgment sent if advertisement
2156 received
2157 from Designated Router, otherwise do nothing.
2158 */
2159 if (oi->state == ISM_Backup)
2160 if (NBR_IS_DR(nbr))
2161 listnode_add(
2162 oi->ls_ack,
2163 ospf_lsa_lock(lsa));
2164
2165 DISCARD_LSA(lsa, 5);
2166 } else
2167 /* Acknowledge the receipt of the LSA by sending a
2168 Link State Acknowledgment packet back out the
2169 receiving
2170 interface. */
2171 {
2172 ospf_ls_ack_send(nbr, lsa);
2173 DISCARD_LSA(lsa, 6);
2174 }
2175 }
2176
2177 /* The database copy is more recent. If the database copy
2178 has LS age equal to MaxAge and LS sequence number equal to
2179 MaxSequenceNumber, simply discard the received LSA without
2180 acknowledging it. (In this case, the LSA's LS sequence number
2181 is
2182 wrapping, and the MaxSequenceNumber LSA must be completely
2183 flushed before any new LSA instance can be introduced). */
2184
2185 else if (ret > 0) /* Database copy is more recent */
2186 {
2187 if (IS_LSA_MAXAGE(current)
2188 && current->data->ls_seqnum
2189 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2190 DISCARD_LSA(lsa, 7);
2191 }
2192 /* Otherwise, as long as the database copy has not been
2193 sent in a
2194 Link State Update within the last MinLSArrival
2195 seconds, send the
2196 database copy back to the sending neighbor,
2197 encapsulated within
2198 a Link State Update Packet. The Link State Update
2199 Packet should
2200 be sent directly to the neighbor. In so doing, do not
2201 put the
2202 database copy of the LSA on the neighbor's link state
2203 retransmission list, and do not acknowledge the
2204 received (less
2205 recent) LSA instance. */
2206 else {
2207 if (monotime_since(&current->tv_orig, NULL)
2208 >= ospf->min_ls_arrival * 1000LL)
2209 /* Trap NSSA type later.*/
2210 ospf_ls_upd_send_lsa(
2211 nbr, current,
2212 OSPF_SEND_PACKET_DIRECT);
2213 DISCARD_LSA(lsa, 8);
2214 }
2215 }
2216 }
2217 #undef DISCARD_LSA
2218
2219 assert(listcount(lsas) == 0);
2220 list_delete_and_null(&lsas);
2221 }
2222
2223 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2224 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2225 struct stream *s, struct ospf_interface *oi,
2226 uint16_t size)
2227 {
2228 struct ospf_neighbor *nbr;
2229
2230 /* increment statistics. */
2231 oi->ls_ack_in++;
2232
2233 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2234 if (nbr == NULL) {
2235 flog_warn(OSPF_WARN_PACKET,
2236 "Link State Acknowledgment: Unknown Neighbor %s.",
2237 inet_ntoa(ospfh->router_id));
2238 return;
2239 }
2240
2241 /* Add event to thread. */
2242 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2243
2244 if (nbr->state < NSM_Exchange) {
2245 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2246 zlog_debug(
2247 "Link State Acknowledgment: "
2248 "Neighbor[%s] state %s is less than Exchange",
2249 inet_ntoa(ospfh->router_id),
2250 lookup_msg(ospf_nsm_state_msg, nbr->state,
2251 NULL));
2252 return;
2253 }
2254
2255 while (size >= OSPF_LSA_HEADER_SIZE) {
2256 struct ospf_lsa *lsa, *lsr;
2257
2258 lsa = ospf_lsa_new();
2259 lsa->data = (struct lsa_header *)stream_pnt(s);
2260 lsa->vrf_id = oi->ospf->vrf_id;
2261
2262 /* lsah = (struct lsa_header *) stream_pnt (s); */
2263 size -= OSPF_LSA_HEADER_SIZE;
2264 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2265
2266 if (lsa->data->type < OSPF_MIN_LSA
2267 || lsa->data->type >= OSPF_MAX_LSA) {
2268 lsa->data = NULL;
2269 ospf_lsa_discard(lsa);
2270 continue;
2271 }
2272
2273 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2274
2275 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2276 ospf_ls_retransmit_delete(nbr, lsr);
2277
2278 lsa->data = NULL;
2279 ospf_lsa_discard(lsa);
2280 }
2281
2282 return;
2283 }
2284
2285 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2286 struct interface **ifp,
2287 struct stream *ibuf)
2288 {
2289 int ret;
2290 struct ip *iph;
2291 uint16_t ip_len;
2292 ifindex_t ifindex = 0;
2293 struct iovec iov;
2294 /* Header and data both require alignment. */
2295 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2296 struct msghdr msgh;
2297
2298 memset(&msgh, 0, sizeof(struct msghdr));
2299 msgh.msg_iov = &iov;
2300 msgh.msg_iovlen = 1;
2301 msgh.msg_control = (caddr_t)buff;
2302 msgh.msg_controllen = sizeof(buff);
2303
2304 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2305 if (ret < 0) {
2306 flog_warn(OSPF_WARN_PACKET, "stream_recvmsg failed: %s",
2307 safe_strerror(errno));
2308 return NULL;
2309 }
2310 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2311 {
2312 flog_warn(
2313 OSPF_WARN_PACKET,
2314 "ospf_recv_packet: discarding runt packet of length %d "
2315 "(ip header size is %u)",
2316 ret, (unsigned int)sizeof(iph));
2317 return NULL;
2318 }
2319
2320 /* Note that there should not be alignment problems with this assignment
2321 because this is at the beginning of the stream data buffer. */
2322 iph = (struct ip *)STREAM_DATA(ibuf);
2323 sockopt_iphdrincl_swab_systoh(iph);
2324
2325 ip_len = iph->ip_len;
2326
2327 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2328 /*
2329 * Kernel network code touches incoming IP header parameters,
2330 * before protocol specific processing.
2331 *
2332 * 1) Convert byteorder to host representation.
2333 * --> ip_len, ip_id, ip_off
2334 *
2335 * 2) Adjust ip_len to strip IP header size!
2336 * --> If user process receives entire IP packet via RAW
2337 * socket, it must consider adding IP header size to
2338 * the "ip_len" field of "ip" structure.
2339 *
2340 * For more details, see <netinet/ip_input.c>.
2341 */
2342 ip_len = ip_len + (iph->ip_hl << 2);
2343 #endif
2344
2345 #if defined(__DragonFly__)
2346 /*
2347 * in DragonFly's raw socket, ip_len/ip_off are read
2348 * in network byte order.
2349 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2350 */
2351 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2352 #endif
2353
2354 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2355
2356 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2357
2358 if (ret != ip_len) {
2359 flog_warn(
2360 OSPF_WARN_PACKET,
2361 "ospf_recv_packet read length mismatch: ip_len is %d, "
2362 "but recvmsg returned %d",
2363 ip_len, ret);
2364 return NULL;
2365 }
2366
2367 return ibuf;
2368 }
2369
2370 static struct ospf_interface *
2371 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2372 struct ip *iph, struct ospf_header *ospfh)
2373 {
2374 struct ospf_interface *rcv_oi;
2375 struct ospf_vl_data *vl_data;
2376 struct ospf_area *vl_area;
2377 struct listnode *node;
2378
2379 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2380 || !OSPF_IS_AREA_BACKBONE(ospfh))
2381 return NULL;
2382
2383 /* look for local OSPF interface matching the destination
2384 * to determine Area ID. We presume therefore the destination address
2385 * is unique, or at least (for "unnumbered" links), not used in other
2386 * areas
2387 */
2388 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2389 == NULL)
2390 return NULL;
2391
2392 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2393 vl_area =
2394 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2395 if (!vl_area)
2396 continue;
2397
2398 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2399 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2400 if (IS_DEBUG_OSPF_EVENT)
2401 zlog_debug("associating packet with %s",
2402 IF_NAME(vl_data->vl_oi));
2403 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2404 if (IS_DEBUG_OSPF_EVENT)
2405 zlog_debug(
2406 "This VL is not up yet, sorry");
2407 return NULL;
2408 }
2409
2410 return vl_data->vl_oi;
2411 }
2412 }
2413
2414 if (IS_DEBUG_OSPF_EVENT)
2415 zlog_debug("couldn't find any VL to associate the packet with");
2416
2417 return NULL;
2418 }
2419
2420 static int ospf_check_area_id(struct ospf_interface *oi,
2421 struct ospf_header *ospfh)
2422 {
2423 /* Check match the Area ID of the receiving interface. */
2424 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2425 return 1;
2426
2427 return 0;
2428 }
2429
2430 /* Unbound socket will accept any Raw IP packets if proto is matched.
2431 To prevent it, compare src IP address and i/f address with masking
2432 i/f network mask. */
2433 static int ospf_check_network_mask(struct ospf_interface *oi,
2434 struct in_addr ip_src)
2435 {
2436 struct in_addr mask, me, him;
2437
2438 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2439 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2440 return 1;
2441
2442 masklen2ip(oi->address->prefixlen, &mask);
2443
2444 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2445 him.s_addr = ip_src.s_addr & mask.s_addr;
2446
2447 if (IPV4_ADDR_SAME(&me, &him))
2448 return 1;
2449
2450 return 0;
2451 }
2452
2453 /* Return 1, if the packet is properly authenticated and checksummed,
2454 0 otherwise. In particular, check that AuType header field is valid and
2455 matches the locally configured AuType, and that D.5 requirements are met. */
2456 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2457 {
2458 struct crypt_key *ck;
2459 uint16_t iface_auth_type;
2460 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2461
2462 switch (pkt_auth_type) {
2463 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2464 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2465 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2466 flog_warn(
2467 OSPF_WARN_PACKET,
2468 "interface %s: auth-type mismatch, local %s, rcvd Null",
2469 IF_NAME(oi),
2470 lookup_msg(ospf_auth_type_str,
2471 iface_auth_type, NULL));
2472 return 0;
2473 }
2474 if (!ospf_check_sum(ospfh)) {
2475 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2476 flog_warn(
2477 OSPF_WARN_PACKET,
2478 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2479 IF_NAME(oi),
2480 inet_ntoa(ospfh->router_id));
2481 return 0;
2482 }
2483 return 1;
2484 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2485 if (OSPF_AUTH_SIMPLE
2486 != (iface_auth_type = ospf_auth_type(oi))) {
2487 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2488 flog_warn(
2489 OSPF_WARN_PACKET,
2490 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2491 IF_NAME(oi),
2492 lookup_msg(ospf_auth_type_str,
2493 iface_auth_type, NULL));
2494 return 0;
2495 }
2496 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2497 OSPF_AUTH_SIMPLE_SIZE)) {
2498 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2499 flog_warn(OSPF_WARN_PACKET,
2500 "interface %s: Simple auth failed",
2501 IF_NAME(oi));
2502 return 0;
2503 }
2504 if (!ospf_check_sum(ospfh)) {
2505 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2506 flog_warn(
2507 OSPF_WARN_PACKET,
2508 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2509 IF_NAME(oi),
2510 inet_ntoa(ospfh->router_id));
2511 return 0;
2512 }
2513 return 1;
2514 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2515 if (OSPF_AUTH_CRYPTOGRAPHIC
2516 != (iface_auth_type = ospf_auth_type(oi))) {
2517 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2518 flog_warn(
2519 OSPF_WARN_PACKET,
2520 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2521 IF_NAME(oi),
2522 lookup_msg(ospf_auth_type_str,
2523 iface_auth_type, NULL));
2524 return 0;
2525 }
2526 if (ospfh->checksum) {
2527 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2528 flog_warn(
2529 OSPF_WARN_PACKET,
2530 "interface %s: OSPF header checksum is not 0",
2531 IF_NAME(oi));
2532 return 0;
2533 }
2534 /* only MD5 crypto method can pass ospf_packet_examin() */
2535 if (NULL == (ck = listgetdata(
2536 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2537 || ospfh->u.crypt.key_id != ck->key_id ||
2538 /* Condition above uses the last key ID on the list,
2539 which is
2540 different from what ospf_crypt_key_lookup() does. A
2541 bug? */
2542 !ospf_check_md5_digest(oi, ospfh)) {
2543 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2544 flog_warn(OSPF_WARN_MD5,
2545 "interface %s: MD5 auth failed",
2546 IF_NAME(oi));
2547 return 0;
2548 }
2549 return 1;
2550 default:
2551 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2552 flog_warn(
2553 OSPF_WARN_PACKET,
2554 "interface %s: invalid packet auth-type (%02x)",
2555 IF_NAME(oi), pkt_auth_type);
2556 return 0;
2557 }
2558 }
2559
2560 static int ospf_check_sum(struct ospf_header *ospfh)
2561 {
2562 uint32_t ret;
2563 uint16_t sum;
2564
2565 /* clear auth_data for checksum. */
2566 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2567
2568 /* keep checksum and clear. */
2569 sum = ospfh->checksum;
2570 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2571
2572 /* calculate checksum. */
2573 ret = in_cksum(ospfh, ntohs(ospfh->length));
2574
2575 if (ret != sum) {
2576 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2577 ret, sum);
2578 return 0;
2579 }
2580
2581 return 1;
2582 }
2583
2584 /* Verify, that given link/TOS records are properly sized/aligned and match
2585 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2586 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2587 uint16_t linkbytes,
2588 const uint16_t num_links)
2589 {
2590 unsigned counted_links = 0, thislinklen;
2591
2592 while (linkbytes) {
2593 thislinklen =
2594 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2595 if (thislinklen > linkbytes) {
2596 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2597 zlog_debug("%s: length error in link block #%u",
2598 __func__, counted_links);
2599 return MSG_NG;
2600 }
2601 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2602 linkbytes -= thislinklen;
2603 counted_links++;
2604 }
2605 if (counted_links != num_links) {
2606 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2607 zlog_debug("%s: %u link blocks declared, %u present",
2608 __func__, num_links, counted_links);
2609 return MSG_NG;
2610 }
2611 return MSG_OK;
2612 }
2613
2614 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2615 minimum length constraint). */
2616 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2617 const uint8_t headeronly)
2618 {
2619 unsigned ret;
2620 struct router_lsa *rlsa;
2621 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2622 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2623 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2624 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2625 lookup_msg(ospf_lsa_type_msg, lsah->type,
2626 NULL));
2627 return MSG_NG;
2628 }
2629 switch (lsah->type) {
2630 case OSPF_ROUTER_LSA:
2631 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2632 * (12+)-byte link blocks */
2633 if (headeronly) {
2634 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2635 - OSPF_ROUTER_LSA_MIN_SIZE)
2636 % 4
2637 ? MSG_NG
2638 : MSG_OK;
2639 break;
2640 }
2641 rlsa = (struct router_lsa *)lsah;
2642 ret = ospf_router_lsa_links_examin(
2643 (struct router_lsa_link *)rlsa->link,
2644 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2645 header, "flags",
2646 0, "# links" */
2647 ntohs(rlsa->links) /* 16 bits */
2648 );
2649 break;
2650 case OSPF_AS_EXTERNAL_LSA:
2651 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2652 * blocks */
2653 case OSPF_AS_NSSA_LSA:
2654 /* RFC3101 C, idem */
2655 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2656 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2657 % 12
2658 ? MSG_NG
2659 : MSG_OK;
2660 break;
2661 /* Following LSA types are considered OK length-wise as soon as their
2662 * minimum
2663 * length constraint is met and length of the whole LSA is a multiple of
2664 * 4
2665 * (basic LSA header size is already a multiple of 4). */
2666 case OSPF_NETWORK_LSA:
2667 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2668 case OSPF_SUMMARY_LSA:
2669 case OSPF_ASBR_SUMMARY_LSA:
2670 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2671 * blocks */
2672 case OSPF_OPAQUE_LINK_LSA:
2673 case OSPF_OPAQUE_AREA_LSA:
2674 case OSPF_OPAQUE_AS_LSA:
2675 /* RFC5250 A.2, "some number of octets (of application-specific
2676 * data) padded to 32-bit alignment." This is considered
2677 * equivalent
2678 * to 4-byte alignment of all other LSA types, see
2679 * OSPF-ALIGNMENT.txt
2680 * file for the detailed analysis of this passage. */
2681 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2682 break;
2683 default:
2684 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2685 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2686 lsah->type);
2687 return MSG_NG;
2688 }
2689 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2690 zlog_debug("%s: alignment error in %s", __func__,
2691 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2692 return ret;
2693 }
2694
2695 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2696 includes verification of LSA blocks length/alignment and dispatching
2697 of deeper-level checks. */
2698 static unsigned
2699 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2700 size_t length, const uint8_t headeronly,
2701 /* When declared_num_lsas is not 0, compare it to the real
2702 number of LSAs
2703 and treat the difference as an error. */
2704 const uint32_t declared_num_lsas)
2705 {
2706 uint32_t counted_lsas = 0;
2707
2708 while (length) {
2709 uint16_t lsalen;
2710 if (length < OSPF_LSA_HEADER_SIZE) {
2711 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2712 zlog_debug(
2713 "%s: undersized (%zu B) trailing (#%u) LSA header",
2714 __func__, length, counted_lsas);
2715 return MSG_NG;
2716 }
2717 /* save on ntohs() calls here and in the LSA validator */
2718 lsalen = ntohs(lsah->length);
2719 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2720 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2721 zlog_debug(
2722 "%s: malformed LSA header #%u, declared length is %u B",
2723 __func__, counted_lsas, lsalen);
2724 return MSG_NG;
2725 }
2726 if (headeronly) {
2727 /* less checks here and in ospf_lsa_examin() */
2728 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2729 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2730 zlog_debug(
2731 "%s: malformed header-only LSA #%u",
2732 __func__, counted_lsas);
2733 return MSG_NG;
2734 }
2735 lsah = (struct lsa_header *)((caddr_t)lsah
2736 + OSPF_LSA_HEADER_SIZE);
2737 length -= OSPF_LSA_HEADER_SIZE;
2738 } else {
2739 /* make sure the input buffer is deep enough before
2740 * further checks */
2741 if (lsalen > length) {
2742 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2743 zlog_debug(
2744 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2745 __func__, counted_lsas, lsalen,
2746 length);
2747 return MSG_NG;
2748 }
2749 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2750 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2751 zlog_debug("%s: malformed LSA #%u",
2752 __func__, counted_lsas);
2753 return MSG_NG;
2754 }
2755 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2756 length -= lsalen;
2757 }
2758 counted_lsas++;
2759 }
2760
2761 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2762 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2763 zlog_debug(
2764 "%s: #LSAs declared (%u) does not match actual (%u)",
2765 __func__, declared_num_lsas, counted_lsas);
2766 return MSG_NG;
2767 }
2768 return MSG_OK;
2769 }
2770
2771 /* Verify a complete OSPF packet for proper sizing/alignment. */
2772 static unsigned ospf_packet_examin(struct ospf_header *oh,
2773 const unsigned bytesonwire)
2774 {
2775 uint16_t bytesdeclared, bytesauth;
2776 unsigned ret;
2777 struct ospf_ls_update *lsupd;
2778
2779 /* Length, 1st approximation. */
2780 if (bytesonwire < OSPF_HEADER_SIZE) {
2781 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2782 zlog_debug("%s: undersized (%u B) packet", __func__,
2783 bytesonwire);
2784 return MSG_NG;
2785 }
2786 /* Now it is safe to access header fields. Performing length check,
2787 * allow
2788 * for possible extra bytes of crypto auth/padding, which are not
2789 * counted
2790 * in the OSPF header "length" field. */
2791 if (oh->version != OSPF_VERSION) {
2792 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2793 zlog_debug("%s: invalid (%u) protocol version",
2794 __func__, oh->version);
2795 return MSG_NG;
2796 }
2797 bytesdeclared = ntohs(oh->length);
2798 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2799 bytesauth = 0;
2800 else {
2801 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2802 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2803 zlog_debug(
2804 "%s: unsupported crypto auth length (%u B)",
2805 __func__, oh->u.crypt.auth_data_len);
2806 return MSG_NG;
2807 }
2808 bytesauth = OSPF_AUTH_MD5_SIZE;
2809 }
2810 if (bytesdeclared + bytesauth > bytesonwire) {
2811 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2812 zlog_debug(
2813 "%s: packet length error (%u real, %u+%u declared)",
2814 __func__, bytesonwire, bytesdeclared,
2815 bytesauth);
2816 return MSG_NG;
2817 }
2818 /* Length, 2nd approximation. The type-specific constraint is checked
2819 against declared length, not amount of bytes on wire. */
2820 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2821 && bytesdeclared
2822 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2823 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2824 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2825 bytesdeclared,
2826 lookup_msg(ospf_packet_type_str, oh->type,
2827 NULL));
2828 return MSG_NG;
2829 }
2830 switch (oh->type) {
2831 case OSPF_MSG_HELLO:
2832 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2833 followed
2834 by N>=0 router-IDs. */
2835 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2836 % 4
2837 ? MSG_NG
2838 : MSG_OK;
2839 break;
2840 case OSPF_MSG_DB_DESC:
2841 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2842 followed
2843 by N>=0 header-only LSAs. */
2844 ret = ospf_lsaseq_examin(
2845 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2846 + OSPF_DB_DESC_MIN_SIZE),
2847 bytesdeclared - OSPF_HEADER_SIZE
2848 - OSPF_DB_DESC_MIN_SIZE,
2849 1, /* header-only LSAs */
2850 0);
2851 break;
2852 case OSPF_MSG_LS_REQ:
2853 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2854 * request blocks. */
2855 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2856 % OSPF_LSA_KEY_SIZE
2857 ? MSG_NG
2858 : MSG_OK;
2859 break;
2860 case OSPF_MSG_LS_UPD:
2861 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2862 followed
2863 by N>=0 full LSAs (with N declared beforehand). */
2864 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2865 + OSPF_HEADER_SIZE);
2866 ret = ospf_lsaseq_examin(
2867 (struct lsa_header *)((caddr_t)lsupd
2868 + OSPF_LS_UPD_MIN_SIZE),
2869 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2870 0, /* full LSAs */
2871 ntohl(lsupd->num_lsas) /* 32 bits */
2872 );
2873 break;
2874 case OSPF_MSG_LS_ACK:
2875 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2876 * LSAs. */
2877 ret = ospf_lsaseq_examin(
2878 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2879 + OSPF_LS_ACK_MIN_SIZE),
2880 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2881 1, /* header-only LSAs */
2882 0);
2883 break;
2884 default:
2885 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2886 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2887 oh->type);
2888 return MSG_NG;
2889 }
2890 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2891 zlog_debug("%s: malformed %s packet", __func__,
2892 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2893 return ret;
2894 }
2895
2896 /* OSPF Header verification. */
2897 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2898 struct ip *iph, struct ospf_header *ospfh)
2899 {
2900 /* Check Area ID. */
2901 if (!ospf_check_area_id(oi, ospfh)) {
2902 flog_warn(OSPF_WARN_PACKET,
2903 "interface %s: ospf_read invalid Area ID %s.",
2904 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2905 return -1;
2906 }
2907
2908 /* Check network mask, Silently discarded. */
2909 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2910 flog_warn(
2911 OSPF_WARN_PACKET,
2912 "interface %s: ospf_read network address is not same [%s]",
2913 IF_NAME(oi), inet_ntoa(iph->ip_src));
2914 return -1;
2915 }
2916
2917 /* Check authentication. The function handles logging actions, where
2918 * required. */
2919 if (!ospf_check_auth(oi, ospfh))
2920 return -1;
2921
2922 return 0;
2923 }
2924
2925 /* Starting point of packet process function. */
2926 int ospf_read(struct thread *thread)
2927 {
2928 int ret;
2929 struct stream *ibuf;
2930 struct ospf *ospf;
2931 struct ospf_interface *oi;
2932 struct ip *iph;
2933 struct ospf_header *ospfh;
2934 uint16_t length;
2935 struct interface *ifp = NULL;
2936 struct connected *c;
2937
2938 /* first of all get interface pointer. */
2939 ospf = THREAD_ARG(thread);
2940
2941 /* prepare for next packet. */
2942 ospf->t_read = NULL;
2943 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2944
2945 stream_reset(ospf->ibuf);
2946 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2947 if (ibuf == NULL)
2948 return -1;
2949 /* This raw packet is known to be at least as big as its IP header. */
2950
2951 /* Note that there should not be alignment problems with this assignment
2952 because this is at the beginning of the stream data buffer. */
2953 iph = (struct ip *)STREAM_DATA(ibuf);
2954 /* Note that sockopt_iphdrincl_swab_systoh was called in
2955 * ospf_recv_packet. */
2956
2957 if (ifp == NULL) {
2958 /* Handle cases where the platform does not support retrieving
2959 the ifindex,
2960 and also platforms (such as Solaris 8) that claim to support
2961 ifindex
2962 retrieval but do not. */
2963 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2964 ospf->vrf_id);
2965 if (c)
2966 ifp = c->ifp;
2967 if (ifp == NULL)
2968 return 0;
2969 }
2970
2971 /* IP Header dump. */
2972 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2973 ospf_ip_header_dump(iph);
2974
2975 /* Self-originated packet should be discarded silently. */
2976 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2977 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2978 zlog_debug(
2979 "ospf_read[%s]: Dropping self-originated packet",
2980 inet_ntoa(iph->ip_src));
2981 }
2982 return 0;
2983 }
2984
2985 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2986 by ospf_recv_packet() to be correct). */
2987 stream_forward_getp(ibuf, iph->ip_hl * 4);
2988
2989 ospfh = (struct ospf_header *)stream_pnt(ibuf);
2990 if (MSG_OK
2991 != ospf_packet_examin(
2992 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2993 return -1;
2994 /* Now it is safe to access all fields of OSPF packet header. */
2995
2996 /* associate packet with ospf interface */
2997 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2998
2999 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3000 only
3001 after the passive/backbone/other checks below are passed. These
3002 checks
3003 in turn access the fields of unverified "ospfh" structure for their
3004 own
3005 purposes and must remain very accurate in doing this. */
3006
3007 /* If incoming interface is passive one, ignore it. */
3008 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3009 char buf[3][INET_ADDRSTRLEN];
3010
3011 if (IS_DEBUG_OSPF_EVENT)
3012 zlog_debug(
3013 "ignoring packet from router %s sent to %s, "
3014 "received on a passive interface, %s",
3015 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3016 sizeof(buf[0])),
3017 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3018 sizeof(buf[1])),
3019 inet_ntop(AF_INET, &oi->address->u.prefix4,
3020 buf[2], sizeof(buf[2])));
3021
3022 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3023 /* Try to fix multicast membership.
3024 * Some OS:es may have problems in this area,
3025 * make sure it is removed.
3026 */
3027 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3028 ospf_if_set_multicast(oi);
3029 }
3030 return 0;
3031 }
3032
3033
3034 /* if no local ospf_interface,
3035 * or header area is backbone but ospf_interface is not
3036 * check for VLINK interface
3037 */
3038 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3039 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3040 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3041 == NULL) {
3042 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3043 zlog_debug(
3044 "Packet from [%s] received on link %s"
3045 " but no ospf_interface",
3046 inet_ntoa(iph->ip_src), ifp->name);
3047 return 0;
3048 }
3049 }
3050
3051 /* else it must be a local ospf interface, check it was received on
3052 * correct link
3053 */
3054 else if (oi->ifp != ifp) {
3055 if (IS_DEBUG_OSPF_EVENT)
3056 flog_warn(OSPF_WARN_PACKET,
3057 "Packet from [%s] received on wrong link %s",
3058 inet_ntoa(iph->ip_src), ifp->name);
3059 return 0;
3060 } else if (oi->state == ISM_Down) {
3061 char buf[2][INET_ADDRSTRLEN];
3062 flog_warn(
3063 OSPF_WARN_PACKET,
3064 "Ignoring packet from %s to %s received on interface that is "
3065 "down [%s]; interface flags are %s",
3066 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3067 sizeof(buf[0])),
3068 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3069 sizeof(buf[1])),
3070 ifp->name, if_flag_dump(ifp->flags));
3071 /* Fix multicast memberships? */
3072 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3073 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3074 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3075 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3076 if (oi->multicast_memberships)
3077 ospf_if_set_multicast(oi);
3078 return 0;
3079 }
3080
3081 /*
3082 * If the received packet is destined for AllDRouters, the packet
3083 * should be accepted only if the received ospf interface state is
3084 * either DR or Backup -- endo.
3085 */
3086 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3087 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3088 flog_warn(
3089 OSPF_WARN_PACKET,
3090 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3091 inet_ntoa(iph->ip_src), IF_NAME(oi),
3092 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3093 /* Try to fix multicast membership. */
3094 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3095 ospf_if_set_multicast(oi);
3096 return 0;
3097 }
3098
3099 /* Verify more OSPF header fields. */
3100 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3101 if (ret < 0) {
3102 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3103 zlog_debug(
3104 "ospf_read[%s]: Header check failed, "
3105 "dropping.",
3106 inet_ntoa(iph->ip_src));
3107 return ret;
3108 }
3109
3110 /* Show debug receiving packet. */
3111 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3112 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3113 zlog_debug(
3114 "-----------------------------------------------------");
3115 ospf_packet_dump(ibuf);
3116 }
3117
3118 zlog_debug("%s received from [%s] via [%s]",
3119 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3120 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3121 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3122 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3123
3124 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3125 zlog_debug(
3126 "-----------------------------------------------------");
3127 }
3128
3129 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3130
3131 /* Adjust size to message length. */
3132 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3133
3134 /* Read rest of the packet and call each sort of packet routine. */
3135 switch (ospfh->type) {
3136 case OSPF_MSG_HELLO:
3137 ospf_hello(iph, ospfh, ibuf, oi, length);
3138 break;
3139 case OSPF_MSG_DB_DESC:
3140 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3141 break;
3142 case OSPF_MSG_LS_REQ:
3143 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3144 break;
3145 case OSPF_MSG_LS_UPD:
3146 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3147 break;
3148 case OSPF_MSG_LS_ACK:
3149 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3150 break;
3151 default:
3152 flog_warn(OSPF_WARN_PACKET,
3153 "interface %s: OSPF packet header type %d is illegal",
3154 IF_NAME(oi), ospfh->type);
3155 break;
3156 }
3157
3158 return 0;
3159 }
3160
3161 /* Make OSPF header. */
3162 static void ospf_make_header(int type, struct ospf_interface *oi,
3163 struct stream *s)
3164 {
3165 struct ospf_header *ospfh;
3166
3167 ospfh = (struct ospf_header *)STREAM_DATA(s);
3168
3169 ospfh->version = (uint8_t)OSPF_VERSION;
3170 ospfh->type = (uint8_t)type;
3171
3172 ospfh->router_id = oi->ospf->router_id;
3173
3174 ospfh->checksum = 0;
3175 ospfh->area_id = oi->area->area_id;
3176 ospfh->auth_type = htons(ospf_auth_type(oi));
3177
3178 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3179
3180 stream_forward_endp(s, OSPF_HEADER_SIZE);
3181 }
3182
3183 /* Make Authentication Data. */
3184 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3185 {
3186 struct crypt_key *ck;
3187
3188 switch (ospf_auth_type(oi)) {
3189 case OSPF_AUTH_NULL:
3190 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3191 */
3192 break;
3193 case OSPF_AUTH_SIMPLE:
3194 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3195 OSPF_AUTH_SIMPLE_SIZE);
3196 break;
3197 case OSPF_AUTH_CRYPTOGRAPHIC:
3198 /* If key is not set, then set 0. */
3199 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3200 ospfh->u.crypt.zero = 0;
3201 ospfh->u.crypt.key_id = 0;
3202 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3203 } else {
3204 ck = listgetdata(
3205 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3206 ospfh->u.crypt.zero = 0;
3207 ospfh->u.crypt.key_id = ck->key_id;
3208 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3209 }
3210 /* note: the seq is done in ospf_make_md5_digest() */
3211 break;
3212 default:
3213 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3214 */
3215 break;
3216 }
3217
3218 return 0;
3219 }
3220
3221 /* Fill rest of OSPF header. */
3222 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3223 uint16_t length)
3224 {
3225 struct ospf_header *ospfh;
3226
3227 ospfh = (struct ospf_header *)STREAM_DATA(s);
3228
3229 /* Fill length. */
3230 ospfh->length = htons(length);
3231
3232 /* Calculate checksum. */
3233 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3234 ospfh->checksum = in_cksum(ospfh, length);
3235 else
3236 ospfh->checksum = 0;
3237
3238 /* Add Authentication Data. */
3239 ospf_make_auth(oi, ospfh);
3240 }
3241
3242 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3243 {
3244 struct ospf_neighbor *nbr;
3245 struct route_node *rn;
3246 uint16_t length = OSPF_HELLO_MIN_SIZE;
3247 struct in_addr mask;
3248 unsigned long p;
3249 int flag = 0;
3250
3251 /* Set netmask of interface. */
3252 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3253 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3254 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3255 masklen2ip(oi->address->prefixlen, &mask);
3256 else
3257 memset((char *)&mask, 0, sizeof(struct in_addr));
3258 stream_put_ipv4(s, mask.s_addr);
3259
3260 /* Set Hello Interval. */
3261 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3262 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3263 else
3264 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3265
3266 if (IS_DEBUG_OSPF_EVENT)
3267 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3268 IF_NAME(oi));
3269
3270 /* Set Options. */
3271 stream_putc(s, OPTIONS(oi));
3272
3273 /* Set Router Priority. */
3274 stream_putc(s, PRIORITY(oi));
3275
3276 /* Set Router Dead Interval. */
3277 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3278
3279 /* Set Designated Router. */
3280 stream_put_ipv4(s, DR(oi).s_addr);
3281
3282 p = stream_get_endp(s);
3283
3284 /* Set Backup Designated Router. */
3285 stream_put_ipv4(s, BDR(oi).s_addr);
3286
3287 /* Add neighbor seen. */
3288 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3289 if ((nbr = rn->info))
3290 if (nbr->router_id.s_addr
3291 != 0) /* Ignore 0.0.0.0 node. */
3292 if (nbr->state
3293 != NSM_Attempt) /* Ignore Down neighbor. */
3294 if (nbr->state
3295 != NSM_Down) /* This is myself for
3296 DR election. */
3297 if (!IPV4_ADDR_SAME(
3298 &nbr->router_id,
3299 &oi->ospf->router_id)) {
3300 /* Check neighbor is
3301 * sane? */
3302 if (nbr->d_router.s_addr
3303 != 0
3304 && IPV4_ADDR_SAME(
3305 &nbr->d_router,
3306 &oi->address
3307 ->u
3308 .prefix4)
3309 && IPV4_ADDR_SAME(
3310 &nbr->bd_router,
3311 &oi->address
3312 ->u
3313 .prefix4))
3314 flag = 1;
3315
3316 stream_put_ipv4(
3317 s,
3318 nbr->router_id
3319 .s_addr);
3320 length += 4;
3321 }
3322
3323 /* Let neighbor generate BackupSeen. */
3324 if (flag == 1)
3325 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3326
3327 return length;
3328 }
3329
3330 static int ospf_make_db_desc(struct ospf_interface *oi,
3331 struct ospf_neighbor *nbr, struct stream *s)
3332 {
3333 struct ospf_lsa *lsa;
3334 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3335 uint8_t options;
3336 unsigned long pp;
3337 int i;
3338 struct ospf_lsdb *lsdb;
3339
3340 /* Set Interface MTU. */
3341 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3342 stream_putw(s, 0);
3343 else
3344 stream_putw(s, oi->ifp->mtu);
3345
3346 /* Set Options. */
3347 options = OPTIONS(oi);
3348 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3349 SET_FLAG(options, OSPF_OPTION_O);
3350 stream_putc(s, options);
3351
3352 /* DD flags */
3353 pp = stream_get_endp(s);
3354 stream_putc(s, nbr->dd_flags);
3355
3356 /* Set DD Sequence Number. */
3357 stream_putl(s, nbr->dd_seqnum);
3358
3359 /* shortcut unneeded walk of (empty) summary LSDBs */
3360 if (ospf_db_summary_isempty(nbr))
3361 goto empty;
3362
3363 /* Describe LSA Header from Database Summary List. */
3364 lsdb = &nbr->db_sum;
3365
3366 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3367 struct route_table *table = lsdb->type[i].db;
3368 struct route_node *rn;
3369
3370 for (rn = route_top(table); rn; rn = route_next(rn))
3371 if ((lsa = rn->info) != NULL) {
3372 if (IS_OPAQUE_LSA(lsa->data->type)
3373 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3374 /* Suppress advertising
3375 * opaque-informations. */
3376 /* Remove LSA from DB summary list. */
3377 ospf_lsdb_delete(lsdb, lsa);
3378 continue;
3379 }
3380
3381 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3382 struct lsa_header *lsah;
3383 uint16_t ls_age;
3384
3385 /* DD packet overflows interface MTU. */
3386 if (length + OSPF_LSA_HEADER_SIZE
3387 > ospf_packet_max(oi))
3388 break;
3389
3390 /* Keep pointer to LS age. */
3391 lsah = (struct lsa_header
3392 *)(STREAM_DATA(s)
3393 + stream_get_endp(
3394 s));
3395
3396 /* Proceed stream pointer. */
3397 stream_put(s, lsa->data,
3398 OSPF_LSA_HEADER_SIZE);
3399 length += OSPF_LSA_HEADER_SIZE;
3400
3401 /* Set LS age. */
3402 ls_age = LS_AGE(lsa);
3403 lsah->ls_age = htons(ls_age);
3404 }
3405
3406 /* Remove LSA from DB summary list. */
3407 ospf_lsdb_delete(lsdb, lsa);
3408 }
3409 }
3410
3411 /* Update 'More' bit */
3412 if (ospf_db_summary_isempty(nbr)) {
3413 empty:
3414 if (nbr->state >= NSM_Exchange) {
3415 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3416 /* Rewrite DD flags */
3417 stream_putc_at(s, pp, nbr->dd_flags);
3418 } else {
3419 assert(IS_SET_DD_M(nbr->dd_flags));
3420 }
3421 }
3422 return length;
3423 }
3424
3425 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3426 unsigned long delta, struct ospf_neighbor *nbr,
3427 struct ospf_lsa *lsa)
3428 {
3429 struct ospf_interface *oi;
3430
3431 oi = nbr->oi;
3432
3433 /* LS Request packet overflows interface MTU. */
3434 if (*length + delta > ospf_packet_max(oi))
3435 return 0;
3436
3437 stream_putl(s, lsa->data->type);
3438 stream_put_ipv4(s, lsa->data->id.s_addr);
3439 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3440
3441 ospf_lsa_unlock(&nbr->ls_req_last);
3442 nbr->ls_req_last = ospf_lsa_lock(lsa);
3443
3444 *length += 12;
3445 return 1;
3446 }
3447
3448 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3449 {
3450 struct ospf_lsa *lsa;
3451 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3452 unsigned long delta = stream_get_endp(s) + 12;
3453 struct route_table *table;
3454 struct route_node *rn;
3455 int i;
3456 struct ospf_lsdb *lsdb;
3457
3458 lsdb = &nbr->ls_req;
3459
3460 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3461 table = lsdb->type[i].db;
3462 for (rn = route_top(table); rn; rn = route_next(rn))
3463 if ((lsa = (rn->info)) != NULL)
3464 if (ospf_make_ls_req_func(s, &length, delta,
3465 nbr, lsa)
3466 == 0) {
3467 route_unlock_node(rn);
3468 break;
3469 }
3470 }
3471 return length;
3472 }
3473
3474 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3475 {
3476 int age;
3477
3478 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3479
3480 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3481 }
3482
3483 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3484 struct stream *s)
3485 {
3486 struct ospf_lsa *lsa;
3487 struct listnode *node;
3488 uint16_t length = 0;
3489 unsigned int size_noauth;
3490 unsigned long delta = stream_get_endp(s);
3491 unsigned long pp;
3492 int count = 0;
3493
3494 if (IS_DEBUG_OSPF_EVENT)
3495 zlog_debug("ospf_make_ls_upd: Start");
3496
3497 pp = stream_get_endp(s);
3498 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3499 length += OSPF_LS_UPD_MIN_SIZE;
3500
3501 /* Calculate amount of packet usable for data. */
3502 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3503
3504 while ((node = listhead(update)) != NULL) {
3505 struct lsa_header *lsah;
3506 uint16_t ls_age;
3507
3508 if (IS_DEBUG_OSPF_EVENT)
3509 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3510 count);
3511
3512 lsa = listgetdata(node);
3513
3514 assert(lsa->data);
3515
3516 /* Will it fit? */
3517 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3518 break;
3519
3520 /* Keep pointer to LS age. */
3521 lsah = (struct lsa_header *)(STREAM_DATA(s)
3522 + stream_get_endp(s));
3523
3524 /* Put LSA to Link State Request. */
3525 stream_put(s, lsa->data, ntohs(lsa->data->length));
3526
3527 /* Set LS age. */
3528 /* each hop must increment an lsa_age by transmit_delay
3529 of OSPF interface */
3530 ls_age = ls_age_increment(lsa,
3531 OSPF_IF_PARAM(oi, transmit_delay));
3532 lsah->ls_age = htons(ls_age);
3533
3534 length += ntohs(lsa->data->length);
3535 count++;
3536
3537 list_delete_node(update, node);
3538 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3539 }
3540
3541 /* Now set #LSAs. */
3542 stream_putl_at(s, pp, count);
3543
3544 if (IS_DEBUG_OSPF_EVENT)
3545 zlog_debug("ospf_make_ls_upd: Stop");
3546 return length;
3547 }
3548
3549 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3550 struct stream *s)
3551 {
3552 struct listnode *node, *nnode;
3553 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3554 unsigned long delta = stream_get_endp(s) + 24;
3555 struct ospf_lsa *lsa;
3556
3557 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3558 assert(lsa);
3559
3560 if (length + delta > ospf_packet_max(oi))
3561 break;
3562
3563 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3564 length += OSPF_LSA_HEADER_SIZE;
3565
3566 listnode_delete(ack, lsa);
3567 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3568 }
3569
3570 return length;
3571 }
3572
3573 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3574 {
3575 struct ospf_packet *op;
3576 uint16_t length = OSPF_HEADER_SIZE;
3577
3578 op = ospf_packet_new(oi->ifp->mtu);
3579
3580 /* Prepare OSPF common header. */
3581 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3582
3583 /* Prepare OSPF Hello body. */
3584 length += ospf_make_hello(oi, op->s);
3585
3586 /* Fill OSPF header. */
3587 ospf_fill_header(oi, op->s, length);
3588
3589 /* Set packet length. */
3590 op->length = length;
3591
3592 op->dst.s_addr = addr;
3593
3594 if (IS_DEBUG_OSPF_EVENT) {
3595 if (oi->ospf->vrf_id)
3596 zlog_debug(
3597 "%s: Hello Tx interface %s ospf vrf %s id %u",
3598 __PRETTY_FUNCTION__, oi->ifp->name,
3599 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3600 oi->ospf->vrf_id);
3601 }
3602 /* Add packet to the top of the interface output queue, so that they
3603 * can't get delayed by things like long queues of LS Update packets
3604 */
3605 ospf_packet_add_top(oi, op);
3606
3607 /* Hook thread to write packet. */
3608 OSPF_ISM_WRITE_ON(oi->ospf);
3609 }
3610
3611 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3612 {
3613 struct ospf_interface *oi;
3614
3615 oi = nbr_nbma->oi;
3616 assert(oi);
3617
3618 /* If this is passive interface, do not send OSPF Hello. */
3619 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3620 return;
3621
3622 if (oi->type != OSPF_IFTYPE_NBMA)
3623 return;
3624
3625 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3626 return;
3627
3628 if (PRIORITY(oi) == 0)
3629 return;
3630
3631 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3632 && oi->state != ISM_Backup)
3633 return;
3634
3635 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3636 }
3637
3638 int ospf_poll_timer(struct thread *thread)
3639 {
3640 struct ospf_nbr_nbma *nbr_nbma;
3641
3642 nbr_nbma = THREAD_ARG(thread);
3643 nbr_nbma->t_poll = NULL;
3644
3645 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3646 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3647 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3648
3649 ospf_poll_send(nbr_nbma);
3650
3651 if (nbr_nbma->v_poll > 0)
3652 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3653 nbr_nbma->v_poll);
3654
3655 return 0;
3656 }
3657
3658
3659 int ospf_hello_reply_timer(struct thread *thread)
3660 {
3661 struct ospf_neighbor *nbr;
3662
3663 nbr = THREAD_ARG(thread);
3664 nbr->t_hello_reply = NULL;
3665
3666 assert(nbr->oi);
3667
3668 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3669 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3670 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3671
3672 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3673
3674 return 0;
3675 }
3676
3677 /* Send OSPF Hello. */
3678 void ospf_hello_send(struct ospf_interface *oi)
3679 {
3680 /* If this is passive interface, do not send OSPF Hello. */
3681 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3682 return;
3683
3684 if (oi->type == OSPF_IFTYPE_NBMA) {
3685 struct ospf_neighbor *nbr;
3686 struct route_node *rn;
3687
3688 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3689 if ((nbr = rn->info))
3690 if (nbr != oi->nbr_self)
3691 if (nbr->state != NSM_Down) {
3692 /* RFC 2328 Section 9.5.1
3693 If the router is not
3694 eligible to become Designated
3695 Router,
3696 it must periodically send
3697 Hello Packets to both the
3698 Designated Router and the
3699 Backup Designated Router (if
3700 they
3701 exist). */
3702 if (PRIORITY(oi) == 0
3703 && IPV4_ADDR_CMP(
3704 &DR(oi),
3705 &nbr->address.u
3706 .prefix4)
3707 && IPV4_ADDR_CMP(
3708 &BDR(oi),
3709 &nbr->address.u
3710 .prefix4))
3711 continue;
3712
3713 /* If the router is eligible to
3714 become Designated Router, it
3715 must periodically send Hello
3716 Packets to all neighbors that
3717 are also eligible. In
3718 addition, if the router is
3719 itself the
3720 Designated Router or Backup
3721 Designated Router, it must
3722 also
3723 send periodic Hello Packets
3724 to all other neighbors. */
3725
3726 if (nbr->priority == 0
3727 && oi->state == ISM_DROther)
3728 continue;
3729 /* if oi->state == Waiting, send
3730 * hello to all neighbors */
3731 ospf_hello_send_sub(
3732 oi,
3733 nbr->address.u.prefix4
3734 .s_addr);
3735 }
3736 } else {
3737 /* Decide destination address. */
3738 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3739 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3740 else
3741 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3742 }
3743 }
3744
3745 /* Send OSPF Database Description. */
3746 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3747 {
3748 struct ospf_interface *oi;
3749 struct ospf_packet *op;
3750 uint16_t length = OSPF_HEADER_SIZE;
3751
3752 oi = nbr->oi;
3753 op = ospf_packet_new(oi->ifp->mtu);
3754
3755 /* Prepare OSPF common header. */
3756 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3757
3758 /* Prepare OSPF Database Description body. */
3759 length += ospf_make_db_desc(oi, nbr, op->s);
3760
3761 /* Fill OSPF header. */
3762 ospf_fill_header(oi, op->s, length);
3763
3764 /* Set packet length. */
3765 op->length = length;
3766
3767 /* Decide destination address. */
3768 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3769 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3770 else
3771 op->dst = nbr->address.u.prefix4;
3772
3773 /* Add packet to the interface output queue. */
3774 ospf_packet_add(oi, op);
3775
3776 /* Hook thread to write packet. */
3777 OSPF_ISM_WRITE_ON(oi->ospf);
3778
3779 /* Remove old DD packet, then copy new one and keep in neighbor
3780 * structure. */
3781 if (nbr->last_send)
3782 ospf_packet_free(nbr->last_send);
3783 nbr->last_send = ospf_packet_dup(op);
3784 monotime(&nbr->last_send_ts);
3785 }
3786
3787 /* Re-send Database Description. */
3788 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3789 {
3790 struct ospf_interface *oi;
3791
3792 oi = nbr->oi;
3793
3794 /* Add packet to the interface output queue. */
3795 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3796
3797 /* Hook thread to write packet. */
3798 OSPF_ISM_WRITE_ON(oi->ospf);
3799 }
3800
3801 /* Send Link State Request. */
3802 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3803 {
3804 struct ospf_interface *oi;
3805 struct ospf_packet *op;
3806 uint16_t length = OSPF_HEADER_SIZE;
3807
3808 oi = nbr->oi;
3809 op = ospf_packet_new(oi->ifp->mtu);
3810
3811 /* Prepare OSPF common header. */
3812 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3813
3814 /* Prepare OSPF Link State Request body. */
3815 length += ospf_make_ls_req(nbr, op->s);
3816 if (length == OSPF_HEADER_SIZE) {
3817 ospf_packet_free(op);
3818 return;
3819 }
3820
3821 /* Fill OSPF header. */
3822 ospf_fill_header(oi, op->s, length);
3823
3824 /* Set packet length. */
3825 op->length = length;
3826
3827 /* Decide destination address. */
3828 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3829 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3830 else
3831 op->dst = nbr->address.u.prefix4;
3832
3833 /* Add packet to the interface output queue. */
3834 ospf_packet_add(oi, op);
3835
3836 /* Hook thread to write packet. */
3837 OSPF_ISM_WRITE_ON(oi->ospf);
3838
3839 /* Add Link State Request Retransmission Timer. */
3840 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3841 }
3842
3843 /* Send Link State Update with an LSA. */
3844 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3845 int flag)
3846 {
3847 struct list *update;
3848
3849 update = list_new();
3850
3851 listnode_add(update, lsa);
3852
3853 /*ospf instance is going down, send self originated
3854 * MAXAGE LSA update to neighbors to remove from LSDB */
3855 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3856 ospf_ls_upd_send(nbr, update, flag, 1);
3857 else
3858 ospf_ls_upd_send(nbr, update, flag, 0);
3859
3860 list_delete_and_null(&update);
3861 }
3862
3863 /* Determine size for packet. Must be at least big enough to accomodate next
3864 * LSA on list, which may be bigger than MTU size.
3865 *
3866 * Return pointer to new ospf_packet
3867 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3868 * on packet sizes (in which case offending LSA is deleted from update list)
3869 */
3870 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3871 struct ospf_interface *oi)
3872 {
3873 struct ospf_lsa *lsa;
3874 struct listnode *ln;
3875 size_t size;
3876 static char warned = 0;
3877
3878 lsa = listgetdata((ln = listhead(update)));
3879 assert(lsa->data);
3880
3881 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3882 > ospf_packet_max(oi)) {
3883 if (!warned) {
3884 flog_warn(
3885 OSPF_WARN_LARGE_LSA,
3886 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3887 "will need to fragment. Not optimal. Try divide up"
3888 " your network with areas. Use 'debug ospf packet send'"
3889 " to see details, or look at 'show ip ospf database ..'");
3890 warned = 1;
3891 }
3892
3893 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3894 zlog_debug(
3895 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3896 " %d bytes originated by %s, will be fragmented!",
3897 inet_ntoa(lsa->data->id),
3898 ntohs(lsa->data->length),
3899 inet_ntoa(lsa->data->adv_router));
3900
3901 /*
3902 * Allocate just enough to fit this LSA only, to avoid including
3903 * other
3904 * LSAs in fragmented LSA Updates.
3905 */
3906 size = ntohs(lsa->data->length)
3907 + (oi->ifp->mtu - ospf_packet_max(oi))
3908 + OSPF_LS_UPD_MIN_SIZE;
3909 } else
3910 size = oi->ifp->mtu;
3911
3912 if (size > OSPF_MAX_PACKET_SIZE) {
3913 flog_warn(OSPF_WARN_LARGE_LSA,
3914 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3915 " %d bytes, packet size %ld, dropping it completely."
3916 " OSPF routing is broken!",
3917 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3918 (long int)size);
3919 list_delete_node(update, ln);
3920 return NULL;
3921 }
3922
3923 /* IP header is built up separately by ospf_write(). This means, that we
3924 * must
3925 * reduce the "affordable" size just calculated by length of an IP
3926 * header.
3927 * This makes sure, that even if we manage to fill the payload with LSA
3928 * data
3929 * completely, the final packet (our data plus IP header) still fits
3930 * into
3931 * outgoing interface MTU. This correction isn't really meaningful for
3932 * an
3933 * oversized LSA, but for consistency the correction is done for both
3934 * cases.
3935 *
3936 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3937 */
3938 return ospf_packet_new(size - sizeof(struct ip));
3939 }
3940
3941 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3942 struct list *update, struct in_addr addr,
3943 int send_lsupd_now)
3944 {
3945 struct ospf_packet *op;
3946 uint16_t length = OSPF_HEADER_SIZE;
3947
3948 if (IS_DEBUG_OSPF_EVENT)
3949 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3950 IF_NAME(oi), inet_ntoa(addr));
3951
3952 /* Check that we have really something to process */
3953 if (listcount(update) == 0)
3954 return;
3955
3956 op = ospf_ls_upd_packet_new(update, oi);
3957
3958 /* Prepare OSPF common header. */
3959 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3960
3961 /* Prepare OSPF Link State Update body.
3962 * Includes Type-7 translation.
3963 */
3964 length += ospf_make_ls_upd(oi, update, op->s);
3965
3966 /* Fill OSPF header. */
3967 ospf_fill_header(oi, op->s, length);
3968
3969 /* Set packet length. */
3970 op->length = length;
3971
3972 /* Decide destination address. */
3973 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3974 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3975 else
3976 op->dst.s_addr = addr.s_addr;
3977
3978 /* Add packet to the interface output queue. */
3979 ospf_packet_add(oi, op);
3980 /* Call ospf_write() right away to send ospf packets to neighbors */
3981 if (send_lsupd_now) {
3982 struct thread os_packet_thd;
3983
3984 os_packet_thd.arg = (void *)oi->ospf;
3985 if (oi->on_write_q == 0) {
3986 listnode_add(oi->ospf->oi_write_q, oi);
3987 oi->on_write_q = 1;
3988 }
3989 ospf_write(&os_packet_thd);
3990 } else {
3991 /* Hook thread to write packet. */
3992 OSPF_ISM_WRITE_ON(oi->ospf);
3993 }
3994 }
3995
3996 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3997 {
3998 struct ospf_interface *oi = THREAD_ARG(thread);
3999 struct route_node *rn;
4000 struct route_node *rnext;
4001 struct list *update;
4002 char again = 0;
4003
4004 oi->t_ls_upd_event = NULL;
4005
4006 if (IS_DEBUG_OSPF_EVENT)
4007 zlog_debug("ospf_ls_upd_send_queue start");
4008
4009 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4010 rnext = route_next(rn);
4011
4012 if (rn->info == NULL)
4013 continue;
4014
4015 update = (struct list *)rn->info;
4016
4017 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4018
4019 /* list might not be empty. */
4020 if (listcount(update) == 0) {
4021 list_delete_and_null((struct list **)&rn->info);
4022 route_unlock_node(rn);
4023 } else
4024 again = 1;
4025 }
4026
4027 if (again != 0) {
4028 if (IS_DEBUG_OSPF_EVENT)
4029 zlog_debug(
4030 "ospf_ls_upd_send_queue: update lists not cleared,"
4031 " %d nodes to try again, raising new event",
4032 again);
4033 oi->t_ls_upd_event = NULL;
4034 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4035 &oi->t_ls_upd_event);
4036 }
4037
4038 if (IS_DEBUG_OSPF_EVENT)
4039 zlog_debug("ospf_ls_upd_send_queue stop");
4040
4041 return 0;
4042 }
4043
4044 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4045 int send_lsupd_now)
4046 {
4047 struct ospf_interface *oi;
4048 struct ospf_lsa *lsa;
4049 struct prefix_ipv4 p;
4050 struct route_node *rn;
4051 struct listnode *node;
4052
4053 oi = nbr->oi;
4054
4055 p.family = AF_INET;
4056 p.prefixlen = IPV4_MAX_BITLEN;
4057
4058 /* Decide destination address. */
4059 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4060 p.prefix = oi->vl_data->peer_addr;
4061 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4062 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4063 else if (flag == OSPF_SEND_PACKET_DIRECT)
4064 p.prefix = nbr->address.u.prefix4;
4065 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4066 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4067 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4068 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4069 else
4070 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4071
4072 if (oi->type == OSPF_IFTYPE_NBMA) {
4073 if (flag == OSPF_SEND_PACKET_INDIRECT)
4074 flog_warn(
4075 OSPF_WARN_PACKET,
4076 "* LS-Update is directly sent on NBMA network.");
4077 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4078 flog_warn(OSPF_WARN_PACKET,
4079 "* LS-Update is sent to myself.");
4080 }
4081
4082 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4083
4084 if (rn->info == NULL)
4085 rn->info = list_new();
4086 else
4087 route_unlock_node(rn);
4088
4089 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4090 listnode_add(rn->info,
4091 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4092 if (send_lsupd_now) {
4093 struct list *send_update_list;
4094 struct route_node *rn, *rnext;
4095
4096 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4097 rnext = route_next(rn);
4098
4099 if (rn->info == NULL)
4100 continue;
4101
4102 send_update_list = (struct list *)rn->info;
4103
4104 ospf_ls_upd_queue_send(oi, send_update_list,
4105 rn->p.u.prefix4, 1);
4106 }
4107 } else
4108 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4109 &oi->t_ls_upd_event);
4110 }
4111
4112 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4113 struct in_addr dst)
4114 {
4115 struct ospf_packet *op;
4116 uint16_t length = OSPF_HEADER_SIZE;
4117
4118 op = ospf_packet_new(oi->ifp->mtu);
4119
4120 /* Prepare OSPF common header. */
4121 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4122
4123 /* Prepare OSPF Link State Acknowledgment body. */
4124 length += ospf_make_ls_ack(oi, ack, op->s);
4125
4126 /* Fill OSPF header. */
4127 ospf_fill_header(oi, op->s, length);
4128
4129 /* Set packet length. */
4130 op->length = length;
4131
4132 /* Decide destination address. */
4133 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4134 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4135 else
4136 op->dst.s_addr = dst.s_addr;
4137
4138 /* Add packet to the interface output queue. */
4139 ospf_packet_add(oi, op);
4140
4141 /* Hook thread to write packet. */
4142 OSPF_ISM_WRITE_ON(oi->ospf);
4143 }
4144
4145 static int ospf_ls_ack_send_event(struct thread *thread)
4146 {
4147 struct ospf_interface *oi = THREAD_ARG(thread);
4148
4149 oi->t_ls_ack_direct = NULL;
4150
4151 while (listcount(oi->ls_ack_direct.ls_ack))
4152 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4153 oi->ls_ack_direct.dst);
4154
4155 return 0;
4156 }
4157
4158 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4159 {
4160 struct ospf_interface *oi = nbr->oi;
4161
4162 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4163 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4164
4165 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4166
4167 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4168 &oi->t_ls_ack_direct);
4169 }
4170
4171 /* Send Link State Acknowledgment delayed. */
4172 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4173 {
4174 struct in_addr dst;
4175
4176 /* Decide destination address. */
4177 /* RFC2328 Section 13.5 On non-broadcast
4178 networks, delayed Link State Acknowledgment packets must be
4179 unicast separately over each adjacency (i.e., neighbor whose
4180 state is >= Exchange). */
4181 if (oi->type == OSPF_IFTYPE_NBMA) {
4182 struct ospf_neighbor *nbr;
4183 struct route_node *rn;
4184
4185 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4186 if ((nbr = rn->info) != NULL)
4187 if (nbr != oi->nbr_self
4188 && nbr->state >= NSM_Exchange)
4189 while (listcount(oi->ls_ack))
4190 ospf_ls_ack_send_list(
4191 oi, oi->ls_ack,
4192 nbr->address.u.prefix4);
4193 return;
4194 }
4195 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4196 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4197 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4198 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4199 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4200 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4201 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4202 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4203 else
4204 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4205
4206 while (listcount(oi->ls_ack))
4207 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4208 }
4209
4210 /*
4211 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4212 * address. As a result, the kernel does not need to learn the interface
4213 * MAC of the OSPF neighbor. However, in our world, this will delay
4214 * convergence. Take the case when due to a link flap, all routes now
4215 * want to use an interface which was deemed to be costlier prior to this
4216 * event. For routes that will be installed, the missing MAC will have
4217 * punt-to-CPU set on them. This may overload the CPU control path that
4218 * can be avoided if the MAC was known apriori.
4219 */
4220 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4221 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4222 {
4223 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4224 int ret;
4225
4226 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4227 return;
4228
4229 snprintf(ping_nbr, sizeof(ping_nbr),
4230 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4231 inet_ntoa(nbr->address.u.prefix4));
4232
4233 ret = system(ping_nbr);
4234 if (IS_DEBUG_OSPF_EVENT)
4235 zlog_debug("Executed %s %s", ping_nbr,
4236 ((ret == 0) ? "successfully" : "but failed"));
4237 }
FRRouting mirror