]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #4885 from satheeshkarra/pim_mlag
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #ifdef CRYPTO_INTERNAL
37 #include "md5.h"
38 #endif
39 #include "vrf.h"
40 #include "lib_errors.h"
41
42 #include "ospfd/ospfd.h"
43 #include "ospfd/ospf_network.h"
44 #include "ospfd/ospf_interface.h"
45 #include "ospfd/ospf_ism.h"
46 #include "ospfd/ospf_asbr.h"
47 #include "ospfd/ospf_lsa.h"
48 #include "ospfd/ospf_lsdb.h"
49 #include "ospfd/ospf_neighbor.h"
50 #include "ospfd/ospf_nsm.h"
51 #include "ospfd/ospf_packet.h"
52 #include "ospfd/ospf_spf.h"
53 #include "ospfd/ospf_flood.h"
54 #include "ospfd/ospf_dump.h"
55 #include "ospfd/ospf_errors.h"
56
57 /*
58 * OSPF Fragmentation / fragmented writes
59 *
60 * ospfd can support writing fragmented packets, for cases where
61 * kernel will not fragment IP_HDRINCL and/or multicast destined
62 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
63 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
64 * flags fields, hence user-space fragmentation will not work.
65 * Only Linux is known to leave IP header unmolested.
66 * Further, fragmentation really should be done the kernel, which already
67 * supports it, and which avoids nasty IP ID state problems.
68 *
69 * Fragmentation of OSPF packets can be required on networks with router
70 * with many many interfaces active in one area, or on networks with links
71 * with low MTUs.
72 */
73 #ifdef GNU_LINUX
74 #define WANT_OSPF_WRITE_FRAGMENT
75 #endif
76
77 /* Packet Type String. */
78 const struct message ospf_packet_type_str[] = {
79 {OSPF_MSG_HELLO, "Hello"},
80 {OSPF_MSG_DB_DESC, "Database Description"},
81 {OSPF_MSG_LS_REQ, "Link State Request"},
82 {OSPF_MSG_LS_UPD, "Link State Update"},
83 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
84 {0}};
85
86 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
87 particular types, offset is the "type" field of a packet. */
88 static const uint16_t ospf_packet_minlen[] = {
89 0,
90 OSPF_HELLO_MIN_SIZE,
91 OSPF_DB_DESC_MIN_SIZE,
92 OSPF_LS_REQ_MIN_SIZE,
93 OSPF_LS_UPD_MIN_SIZE,
94 OSPF_LS_ACK_MIN_SIZE,
95 };
96
97 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
98 types, offset is the "LSA type" field. */
99 static const uint16_t ospf_lsa_minlen[] = {
100 0,
101 OSPF_ROUTER_LSA_MIN_SIZE,
102 OSPF_NETWORK_LSA_MIN_SIZE,
103 OSPF_SUMMARY_LSA_MIN_SIZE,
104 OSPF_SUMMARY_LSA_MIN_SIZE,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
108 0,
109 0,
110 0,
111 0,
112 };
113
114 /* for ospf_check_auth() */
115 static int ospf_check_sum(struct ospf_header *);
116
117 /* OSPF authentication checking function */
118 static int ospf_auth_type(struct ospf_interface *oi)
119 {
120 int auth_type;
121
122 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
123 auth_type = oi->area->auth_type;
124 else
125 auth_type = OSPF_IF_PARAM(oi, auth_type);
126
127 /* Handle case where MD5 key list is not configured aka Cisco */
128 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
129 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
130 return OSPF_AUTH_NULL;
131
132 return auth_type;
133 }
134
135 static struct ospf_packet *ospf_packet_new(size_t size)
136 {
137 struct ospf_packet *new;
138
139 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
140 new->s = stream_new(size);
141
142 return new;
143 }
144
145 void ospf_packet_free(struct ospf_packet *op)
146 {
147 if (op->s)
148 stream_free(op->s);
149
150 XFREE(MTYPE_OSPF_PACKET, op);
151 }
152
153 struct ospf_fifo *ospf_fifo_new(void)
154 {
155 struct ospf_fifo *new;
156
157 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
158 return new;
159 }
160
161 /* Add new packet to fifo. */
162 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
163 {
164 if (fifo->tail)
165 fifo->tail->next = op;
166 else
167 fifo->head = op;
168
169 fifo->tail = op;
170
171 fifo->count++;
172 }
173
174 /* Add new packet to head of fifo. */
175 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
176 {
177 op->next = fifo->head;
178
179 if (fifo->tail == NULL)
180 fifo->tail = op;
181
182 fifo->head = op;
183
184 fifo->count++;
185 }
186
187 /* Delete first packet from fifo. */
188 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
189 {
190 struct ospf_packet *op;
191
192 op = fifo->head;
193
194 if (op) {
195 fifo->head = op->next;
196
197 if (fifo->head == NULL)
198 fifo->tail = NULL;
199
200 fifo->count--;
201 }
202
203 return op;
204 }
205
206 /* Return first fifo entry. */
207 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
208 {
209 return fifo->head;
210 }
211
212 /* Flush ospf packet fifo. */
213 void ospf_fifo_flush(struct ospf_fifo *fifo)
214 {
215 struct ospf_packet *op;
216 struct ospf_packet *next;
217
218 for (op = fifo->head; op; op = next) {
219 next = op->next;
220 ospf_packet_free(op);
221 }
222 fifo->head = fifo->tail = NULL;
223 fifo->count = 0;
224 }
225
226 /* Free ospf packet fifo. */
227 void ospf_fifo_free(struct ospf_fifo *fifo)
228 {
229 ospf_fifo_flush(fifo);
230
231 XFREE(MTYPE_OSPF_FIFO, fifo);
232 }
233
234 static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
235 {
236 /* Add packet to end of queue. */
237 ospf_fifo_push(oi->obuf, op);
238
239 /* Debug of packet fifo*/
240 /* ospf_fifo_debug (oi->obuf); */
241 }
242
243 static void ospf_packet_add_top(struct ospf_interface *oi,
244 struct ospf_packet *op)
245 {
246 /* Add packet to head of queue. */
247 ospf_fifo_push_head(oi->obuf, op);
248
249 /* Debug of packet fifo*/
250 /* ospf_fifo_debug (oi->obuf); */
251 }
252
253 static void ospf_packet_delete(struct ospf_interface *oi)
254 {
255 struct ospf_packet *op;
256
257 op = ospf_fifo_pop(oi->obuf);
258
259 if (op)
260 ospf_packet_free(op);
261 }
262
263 static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
264 {
265 struct ospf_packet *new;
266
267 if (stream_get_endp(op->s) != op->length)
268 /* XXX size_t */
269 zlog_debug(
270 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
271 (unsigned long)STREAM_SIZE(op->s), op->length);
272
273 /* Reserve space for MD5 authentication that may be added later. */
274 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
275 stream_copy(new->s, op->s);
276
277 new->dst = op->dst;
278 new->length = op->length;
279
280 return new;
281 }
282
283 /* XXX inline */
284 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
285 {
286 int auth = 0;
287
288 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
289 auth = OSPF_AUTH_MD5_SIZE;
290
291 return auth;
292 }
293
294 static unsigned int ospf_packet_max(struct ospf_interface *oi)
295 {
296 int max;
297
298 max = oi->ifp->mtu - ospf_packet_authspace(oi);
299
300 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
301
302 return max;
303 }
304
305
306 static int ospf_check_md5_digest(struct ospf_interface *oi,
307 struct ospf_header *ospfh)
308 {
309 #ifdef CRYPTO_OPENSSL
310 EVP_MD_CTX *ctx;
311 #elif CRYPTO_INTERNAL
312 MD5_CTX ctx;
313 #endif
314 unsigned char digest[OSPF_AUTH_MD5_SIZE];
315 struct crypt_key *ck;
316 struct ospf_neighbor *nbr;
317 uint16_t length = ntohs(ospfh->length);
318
319 /* Get secret key. */
320 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
321 ospfh->u.crypt.key_id);
322 if (ck == NULL) {
323 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
324 IF_NAME(oi), ospfh->u.crypt.key_id);
325 return 0;
326 }
327
328 /* check crypto seqnum. */
329 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
330
331 if (nbr
332 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
333 flog_warn(
334 EC_OSPF_MD5,
335 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
336 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
337 ntohl(nbr->crypt_seqnum));
338 return 0;
339 }
340
341 /* Generate a digest for the ospf packet - their digest + our digest. */
342 #ifdef CRYPTO_OPENSSL
343 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
344 ctx = EVP_MD_CTX_new();
345 EVP_DigestInit(ctx, EVP_md5());
346 EVP_DigestUpdate(ctx, ospfh, length);
347 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
348 EVP_DigestFinal(ctx, digest, &md5_size);
349 EVP_MD_CTX_free(ctx);
350 #elif CRYPTO_INTERNAL
351 memset(&ctx, 0, sizeof(ctx));
352 MD5Init(&ctx);
353 MD5Update(&ctx, ospfh, length);
354 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
355 MD5Final(digest, &ctx);
356 #endif
357
358 /* compare the two */
359 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
360 flog_warn(EC_OSPF_MD5,
361 "interface %s: ospf_check_md5 checksum mismatch",
362 IF_NAME(oi));
363 return 0;
364 }
365
366 /* save neighbor's crypt_seqnum */
367 if (nbr)
368 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
369 return 1;
370 }
371
372 /* This function is called from ospf_write(), it will detect the
373 authentication scheme and if it is MD5, it will change the sequence
374 and update the MD5 digest. */
375 static int ospf_make_md5_digest(struct ospf_interface *oi,
376 struct ospf_packet *op)
377 {
378 struct ospf_header *ospfh;
379 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
380 #ifdef CRYPTO_OPENSSL
381 EVP_MD_CTX *ctx;
382 #elif CRYPTO_INTERNAL
383 MD5_CTX ctx;
384 #endif
385 void *ibuf;
386 uint32_t t;
387 struct crypt_key *ck;
388 const uint8_t *auth_key;
389
390 ibuf = STREAM_DATA(op->s);
391 ospfh = (struct ospf_header *)ibuf;
392
393 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
394 return 0;
395
396 /* We do this here so when we dup a packet, we don't have to
397 waste CPU rewriting other headers.
398
399 Note that quagga_time /deliberately/ is not used here */
400 t = (time(NULL) & 0xFFFFFFFF);
401 if (t > oi->crypt_seqnum)
402 oi->crypt_seqnum = t;
403 else
404 oi->crypt_seqnum++;
405
406 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
407
408 /* Get MD5 Authentication key from auth_key list. */
409 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
410 auth_key = (const uint8_t *)digest;
411 else {
412 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
413 auth_key = ck->auth_key;
414 }
415
416 /* Generate a digest for the entire packet + our secret key. */
417 #ifdef CRYPTO_OPENSSL
418 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
419 ctx = EVP_MD_CTX_new();
420 EVP_DigestInit(ctx, EVP_md5());
421 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
422 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
423 EVP_DigestFinal(ctx, digest, &md5_size);
424 EVP_MD_CTX_free(ctx);
425 #elif CRYPTO_INTERNAL
426 memset(&ctx, 0, sizeof(ctx));
427 MD5Init(&ctx);
428 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
429 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
430 MD5Final(digest, &ctx);
431 #endif
432
433 /* Append md5 digest to the end of the stream. */
434 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
435
436 /* We do *NOT* increment the OSPF header length. */
437 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
438
439 if (stream_get_endp(op->s) != op->length)
440 /* XXX size_t */
441 flog_warn(
442 EC_OSPF_MD5,
443 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
444 (unsigned long)stream_get_endp(op->s), op->length);
445
446 return OSPF_AUTH_MD5_SIZE;
447 }
448
449
450 static int ospf_ls_req_timer(struct thread *thread)
451 {
452 struct ospf_neighbor *nbr;
453
454 nbr = THREAD_ARG(thread);
455 nbr->t_ls_req = NULL;
456
457 /* Send Link State Request. */
458 if (ospf_ls_request_count(nbr))
459 ospf_ls_req_send(nbr);
460
461 /* Set Link State Request retransmission timer. */
462 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
463
464 return 0;
465 }
466
467 void ospf_ls_req_event(struct ospf_neighbor *nbr)
468 {
469 if (nbr->t_ls_req) {
470 thread_cancel(nbr->t_ls_req);
471 nbr->t_ls_req = NULL;
472 }
473 nbr->t_ls_req = NULL;
474 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
475 }
476
477 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
478 ospf_neighbor.c */
479 int ospf_ls_upd_timer(struct thread *thread)
480 {
481 struct ospf_neighbor *nbr;
482
483 nbr = THREAD_ARG(thread);
484 nbr->t_ls_upd = NULL;
485
486 /* Send Link State Update. */
487 if (ospf_ls_retransmit_count(nbr) > 0) {
488 struct list *update;
489 struct ospf_lsdb *lsdb;
490 int i;
491 int retransmit_interval;
492
493 retransmit_interval =
494 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
495
496 lsdb = &nbr->ls_rxmt;
497 update = list_new();
498
499 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
500 struct route_table *table = lsdb->type[i].db;
501 struct route_node *rn;
502
503 for (rn = route_top(table); rn; rn = route_next(rn)) {
504 struct ospf_lsa *lsa;
505
506 if ((lsa = rn->info) != NULL) {
507 /* Don't retransmit an LSA if we
508 received it within
509 the last RxmtInterval seconds - this
510 is to allow the
511 neighbour a chance to acknowledge the
512 LSA as it may
513 have ben just received before the
514 retransmit timer
515 fired. This is a small tweak to what
516 is in the RFC,
517 but it will cut out out a lot of
518 retransmit traffic
519 - MAG */
520 if (monotime_since(&lsa->tv_recv, NULL)
521 >= retransmit_interval * 1000000LL)
522 listnode_add(update, rn->info);
523 }
524 }
525 }
526
527 if (listcount(update) > 0)
528 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
529 0);
530 list_delete(&update);
531 }
532
533 /* Set LS Update retransmission timer. */
534 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
535
536 return 0;
537 }
538
539 int ospf_ls_ack_timer(struct thread *thread)
540 {
541 struct ospf_interface *oi;
542
543 oi = THREAD_ARG(thread);
544 oi->t_ls_ack = NULL;
545
546 /* Send Link State Acknowledgment. */
547 if (listcount(oi->ls_ack) > 0)
548 ospf_ls_ack_send_delayed(oi);
549
550 /* Set LS Ack timer. */
551 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
552
553 return 0;
554 }
555
556 #ifdef WANT_OSPF_WRITE_FRAGMENT
557 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
558 struct msghdr *msg, unsigned int maxdatasize,
559 unsigned int mtu, int flags, uint8_t type)
560 {
561 #define OSPF_WRITE_FRAG_SHIFT 3
562 uint16_t offset;
563 struct iovec *iovp;
564 int ret;
565
566 assert(op->length == stream_get_endp(op->s));
567 assert(msg->msg_iovlen == 2);
568
569 /* we can but try.
570 *
571 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
572 * well as the IP_MF flag, making this all quite pointless.
573 *
574 * However, for a system on which IP_MF is left alone, and ip_id left
575 * alone or else which sets same ip_id for each fragment this might
576 * work, eg linux.
577 *
578 * XXX-TODO: It would be much nicer to have the kernel's use their
579 * existing fragmentation support to do this for us. Bugs/RFEs need to
580 * be raised against the various kernels.
581 */
582
583 /* set More Frag */
584 iph->ip_off |= IP_MF;
585
586 /* ip frag offset is expressed in units of 8byte words */
587 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
588
589 iovp = &msg->msg_iov[1];
590
591 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
592 > maxdatasize) {
593 /* data length of this frag is to next offset value */
594 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
595 iph->ip_len = iovp->iov_len + sizeof(struct ip);
596 assert(iph->ip_len <= mtu);
597
598 sockopt_iphdrincl_swab_htosys(iph);
599
600 ret = sendmsg(fd, msg, flags);
601
602 sockopt_iphdrincl_swab_systoh(iph);
603
604 if (ret < 0)
605 flog_err(
606 EC_LIB_SOCKET,
607 "*** ospf_write_frags: sendmsg failed to %s,"
608 " id %d, off %d, len %d, mtu %u failed with %s",
609 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
610 iph->ip_len, mtu, safe_strerror(errno));
611
612 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
613 zlog_debug(
614 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
615 iph->ip_id, iph->ip_off, iph->ip_len,
616 inet_ntoa(iph->ip_dst));
617 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
618 zlog_debug(
619 "-----------------IP Header Dump----------------------");
620 ospf_ip_header_dump(iph);
621 zlog_debug(
622 "-----------------------------------------------------");
623 }
624 }
625
626 iph->ip_off += offset;
627 stream_forward_getp(op->s, iovp->iov_len);
628 iovp->iov_base = stream_pnt(op->s);
629 }
630
631 /* setup for final fragment */
632 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
633 iph->ip_len = iovp->iov_len + sizeof(struct ip);
634 iph->ip_off &= (~IP_MF);
635 }
636 #endif /* WANT_OSPF_WRITE_FRAGMENT */
637
638 static int ospf_write(struct thread *thread)
639 {
640 struct ospf *ospf = THREAD_ARG(thread);
641 struct ospf_interface *oi;
642 struct ospf_interface *last_serviced_oi = NULL;
643 struct ospf_packet *op;
644 struct sockaddr_in sa_dst;
645 struct ip iph;
646 struct msghdr msg;
647 struct iovec iov[2];
648 uint8_t type;
649 int ret;
650 int flags = 0;
651 struct listnode *node;
652 #ifdef WANT_OSPF_WRITE_FRAGMENT
653 static uint16_t ipid = 0;
654 uint16_t maxdatasize;
655 #endif /* WANT_OSPF_WRITE_FRAGMENT */
656 #define OSPF_WRITE_IPHL_SHIFT 2
657 int pkt_count = 0;
658
659 #ifdef GNU_LINUX
660 unsigned char cmsgbuf[64] = {};
661 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
662 struct in_pktinfo *pi;
663 #endif
664
665 if (ospf->fd < 0 || ospf->oi_running == 0) {
666 if (IS_DEBUG_OSPF_EVENT)
667 zlog_debug(
668 "ospf_write failed to send, fd %d, instance %u"
669 ,ospf->fd, ospf->oi_running);
670 return -1;
671 }
672
673 node = listhead(ospf->oi_write_q);
674 assert(node);
675 oi = listgetdata(node);
676
677 #ifdef WANT_OSPF_WRITE_FRAGMENT
678 /* seed ipid static with low order bits of time */
679 if (ipid == 0)
680 ipid = (time(NULL) & 0xffff);
681 #endif /* WANT_OSPF_WRITE_FRAGMENT */
682
683 while ((pkt_count < ospf->write_oi_count) && oi
684 && (last_serviced_oi != oi)) {
685 /* If there is only packet in the queue, the oi is removed from
686 write-q, so fix up the last interface that was serviced */
687 if (last_serviced_oi == NULL) {
688 last_serviced_oi = oi;
689 }
690 pkt_count++;
691 #ifdef WANT_OSPF_WRITE_FRAGMENT
692 /* convenience - max OSPF data per packet */
693 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
694 #endif /* WANT_OSPF_WRITE_FRAGMENT */
695 /* Get one packet from queue. */
696 op = ospf_fifo_head(oi->obuf);
697 assert(op);
698 assert(op->length >= OSPF_HEADER_SIZE);
699
700 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
701 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
702 ospf_if_ipmulticast(ospf, oi->address,
703 oi->ifp->ifindex);
704
705 /* Rewrite the md5 signature & update the seq */
706 ospf_make_md5_digest(oi, op);
707
708 /* Retrieve OSPF packet type. */
709 stream_set_getp(op->s, 1);
710 type = stream_getc(op->s);
711
712 /* reset get pointer */
713 stream_set_getp(op->s, 0);
714
715 memset(&iph, 0, sizeof(struct ip));
716 memset(&sa_dst, 0, sizeof(sa_dst));
717
718 sa_dst.sin_family = AF_INET;
719 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
720 sa_dst.sin_len = sizeof(sa_dst);
721 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
722 sa_dst.sin_addr = op->dst;
723 sa_dst.sin_port = htons(0);
724
725 /* Set DONTROUTE flag if dst is unicast. */
726 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
727 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
728 flags = MSG_DONTROUTE;
729
730 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
731 /* it'd be very strange for header to not be 4byte-word aligned
732 * but.. */
733 if (sizeof(struct ip)
734 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
735 iph.ip_hl++; /* we presume sizeof struct ip cant
736 overflow ip_hl.. */
737
738 iph.ip_v = IPVERSION;
739 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
740 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
741
742 #if defined(__DragonFly__)
743 /*
744 * DragonFly's raw socket expects ip_len/ip_off in network byte
745 * order.
746 */
747 iph.ip_len = htons(iph.ip_len);
748 #endif
749
750 #ifdef WANT_OSPF_WRITE_FRAGMENT
751 /* XXX-MT: not thread-safe at all..
752 * XXX: this presumes this is only programme sending OSPF
753 * packets
754 * otherwise, no guarantee ipid will be unique
755 */
756 iph.ip_id = ++ipid;
757 #endif /* WANT_OSPF_WRITE_FRAGMENT */
758
759 iph.ip_off = 0;
760 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
761 iph.ip_ttl = OSPF_VL_IP_TTL;
762 else
763 iph.ip_ttl = OSPF_IP_TTL;
764 iph.ip_p = IPPROTO_OSPFIGP;
765 iph.ip_sum = 0;
766 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
767 iph.ip_dst.s_addr = op->dst.s_addr;
768
769 memset(&msg, 0, sizeof(msg));
770 msg.msg_name = (caddr_t)&sa_dst;
771 msg.msg_namelen = sizeof(sa_dst);
772 msg.msg_iov = iov;
773 msg.msg_iovlen = 2;
774
775 iov[0].iov_base = (char *)&iph;
776 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
777 iov[1].iov_base = stream_pnt(op->s);
778 iov[1].iov_len = op->length;
779
780 #ifdef GNU_LINUX
781 msg.msg_control = (caddr_t)cm;
782 cm->cmsg_level = SOL_IP;
783 cm->cmsg_type = IP_PKTINFO;
784 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
785 pi = (struct in_pktinfo *)CMSG_DATA(cm);
786 pi->ipi_ifindex = oi->ifp->ifindex;
787
788 msg.msg_controllen = cm->cmsg_len;
789 #endif
790
791 /* Sadly we can not rely on kernels to fragment packets
792 * because of either IP_HDRINCL and/or multicast
793 * destination being set.
794 */
795
796 #ifdef WANT_OSPF_WRITE_FRAGMENT
797 if (op->length > maxdatasize)
798 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
799 oi->ifp->mtu, flags, type);
800 #endif /* WANT_OSPF_WRITE_FRAGMENT */
801
802 /* send final fragment (could be first) */
803 sockopt_iphdrincl_swab_htosys(&iph);
804 ret = sendmsg(ospf->fd, &msg, flags);
805 sockopt_iphdrincl_swab_systoh(&iph);
806 if (IS_DEBUG_OSPF_EVENT)
807 zlog_debug(
808 "ospf_write to %s, "
809 "id %d, off %d, len %d, interface %s, mtu %u:",
810 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
811 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
812
813 if (ret < 0)
814 flog_err(
815 EC_LIB_SOCKET,
816 "*** sendmsg in ospf_write failed to %s, "
817 "id %d, off %d, len %d, interface %s, mtu %u: %s",
818 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
819 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
820 safe_strerror(errno));
821
822 /* Show debug sending packet. */
823 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
824 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
825 zlog_debug(
826 "-----------------------------------------------------");
827 ospf_ip_header_dump(&iph);
828 stream_set_getp(op->s, 0);
829 ospf_packet_dump(op->s);
830 }
831
832 zlog_debug("%s sent to [%s] via [%s].",
833 lookup_msg(ospf_packet_type_str, type, NULL),
834 inet_ntoa(op->dst), IF_NAME(oi));
835
836 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
837 zlog_debug(
838 "-----------------------------------------------------");
839 }
840
841 switch (type) {
842 case OSPF_MSG_HELLO:
843 oi->hello_out++;
844 break;
845 case OSPF_MSG_DB_DESC:
846 oi->db_desc_out++;
847 break;
848 case OSPF_MSG_LS_REQ:
849 oi->ls_req_out++;
850 break;
851 case OSPF_MSG_LS_UPD:
852 oi->ls_upd_out++;
853 break;
854 case OSPF_MSG_LS_ACK:
855 oi->ls_ack_out++;
856 break;
857 default:
858 break;
859 }
860
861 /* Now delete packet from queue. */
862 ospf_packet_delete(oi);
863
864 /* Move this interface to the tail of write_q to
865 serve everyone in a round robin fashion */
866 list_delete_node(ospf->oi_write_q, node);
867 if (ospf_fifo_head(oi->obuf) == NULL) {
868 oi->on_write_q = 0;
869 last_serviced_oi = NULL;
870 oi = NULL;
871 } else {
872 listnode_add(ospf->oi_write_q, oi);
873 }
874
875 /* Setup to service from the head of the queue again */
876 if (!list_isempty(ospf->oi_write_q)) {
877 node = listhead(ospf->oi_write_q);
878 oi = listgetdata(node);
879 }
880 }
881
882 /* If packets still remain in queue, call write thread. */
883 if (!list_isempty(ospf->oi_write_q))
884 thread_add_write(master, ospf_write, ospf, ospf->fd,
885 &ospf->t_write);
886
887 return 0;
888 }
889
890 /* OSPF Hello message read -- RFC2328 Section 10.5. */
891 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
892 struct stream *s, struct ospf_interface *oi, int size)
893 {
894 struct ospf_hello *hello;
895 struct ospf_neighbor *nbr;
896 int old_state;
897 struct prefix p;
898
899 /* increment statistics. */
900 oi->hello_in++;
901
902 hello = (struct ospf_hello *)stream_pnt(s);
903
904 /* If Hello is myself, silently discard. */
905 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
906 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
907 zlog_debug(
908 "ospf_header[%s/%s]: selforiginated, "
909 "dropping.",
910 lookup_msg(ospf_packet_type_str, ospfh->type,
911 NULL),
912 inet_ntoa(iph->ip_src));
913 }
914 return;
915 }
916
917 /* get neighbor prefix. */
918 p.family = AF_INET;
919 p.prefixlen = ip_masklen(hello->network_mask);
920 p.u.prefix4 = iph->ip_src;
921
922 /* Compare network mask. */
923 /* Checking is ignored for Point-to-Point and Virtual link. */
924 if (oi->type != OSPF_IFTYPE_POINTOPOINT
925 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
926 if (oi->address->prefixlen != p.prefixlen) {
927 flog_warn(
928 EC_OSPF_PACKET,
929 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
930 inet_ntoa(ospfh->router_id), IF_NAME(oi),
931 (int)oi->address->prefixlen, (int)p.prefixlen);
932 return;
933 }
934
935 /* Compare Router Dead Interval. */
936 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
937 flog_warn(EC_OSPF_PACKET,
938 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
939 "(expected %u, but received %u).",
940 inet_ntoa(ospfh->router_id),
941 OSPF_IF_PARAM(oi, v_wait),
942 ntohl(hello->dead_interval));
943 return;
944 }
945
946 /* Compare Hello Interval - ignored if fast-hellos are set. */
947 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
948 if (OSPF_IF_PARAM(oi, v_hello)
949 != ntohs(hello->hello_interval)) {
950 flog_warn(
951 EC_OSPF_PACKET,
952 "Packet %s [Hello:RECV]: HelloInterval mismatch "
953 "(expected %u, but received %u).",
954 inet_ntoa(ospfh->router_id),
955 OSPF_IF_PARAM(oi, v_hello),
956 ntohs(hello->hello_interval));
957 return;
958 }
959 }
960
961 if (IS_DEBUG_OSPF_EVENT)
962 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
963 inet_ntoa(ospfh->router_id),
964 ospf_options_dump(hello->options),
965 ospf_vrf_id_to_name(oi->ospf->vrf_id));
966
967 /* Compare options. */
968 #define REJECT_IF_TBIT_ON 1 /* XXX */
969 #ifdef REJECT_IF_TBIT_ON
970 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
971 /*
972 * This router does not support non-zero TOS.
973 * Drop this Hello packet not to establish neighbor
974 * relationship.
975 */
976 flog_warn(EC_OSPF_PACKET,
977 "Packet %s [Hello:RECV]: T-bit on, drop it.",
978 inet_ntoa(ospfh->router_id));
979 return;
980 }
981 #endif /* REJECT_IF_TBIT_ON */
982
983 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
984 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
985 /*
986 * This router does know the correct usage of O-bit
987 * the bit should be set in DD packet only.
988 */
989 flog_warn(EC_OSPF_PACKET,
990 "Packet %s [Hello:RECV]: O-bit abuse?",
991 inet_ntoa(ospfh->router_id));
992 #ifdef STRICT_OBIT_USAGE_CHECK
993 return; /* Reject this packet. */
994 #else /* STRICT_OBIT_USAGE_CHECK */
995 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
996 #endif /* STRICT_OBIT_USAGE_CHECK */
997 }
998
999 /* new for NSSA is to ensure that NP is on and E is off */
1000
1001 if (oi->area->external_routing == OSPF_AREA_NSSA) {
1002 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1003 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1004 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1005 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1006 flog_warn(
1007 EC_OSPF_PACKET,
1008 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1009 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1010 hello->options);
1011 return;
1012 }
1013 if (IS_DEBUG_OSPF_NSSA)
1014 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1015 inet_ntoa(ospfh->router_id));
1016 } else
1017 /* The setting of the E-bit found in the Hello Packet's Options
1018 field must match this area's ExternalRoutingCapability A
1019 mismatch causes processing to stop and the packet to be
1020 dropped. The setting of the rest of the bits in the Hello
1021 Packet's Options field should be ignored. */
1022 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1023 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1024 flog_warn(
1025 EC_OSPF_PACKET,
1026 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1027 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1028 hello->options);
1029 return;
1030 }
1031
1032 /* get neighbour struct */
1033 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1034
1035 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1036 assert(nbr);
1037
1038 old_state = nbr->state;
1039
1040 /* Add event to thread. */
1041 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1042
1043 /* RFC2328 Section 9.5.1
1044 If the router is not eligible to become Designated Router,
1045 (snip) It must also send an Hello Packet in reply to an
1046 Hello Packet received from any eligible neighbor (other than
1047 the current Designated Router and Backup Designated Router). */
1048 if (oi->type == OSPF_IFTYPE_NBMA)
1049 if (PRIORITY(oi) == 0 && hello->priority > 0
1050 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1051 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1052 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1053 ospf_hello_reply_timer,
1054 OSPF_HELLO_REPLY_DELAY);
1055
1056 /* on NBMA network type, it happens to receive bidirectional Hello
1057 packet
1058 without advance 1-Way Received event.
1059 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1060 if (oi->type == OSPF_IFTYPE_NBMA
1061 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1062 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1063 nbr->priority = hello->priority;
1064 nbr->d_router = hello->d_router;
1065 nbr->bd_router = hello->bd_router;
1066 return;
1067 }
1068
1069 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1070 size - OSPF_HELLO_MIN_SIZE)) {
1071 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1072 nbr->options |= hello->options;
1073 } else {
1074 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1075 /* Set neighbor information. */
1076 nbr->priority = hello->priority;
1077 nbr->d_router = hello->d_router;
1078 nbr->bd_router = hello->bd_router;
1079 return;
1080 }
1081
1082 /* If neighbor itself declares DR and no BDR exists,
1083 cause event BackupSeen */
1084 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1085 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1086 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1087
1088 /* neighbor itself declares BDR. */
1089 if (oi->state == ISM_Waiting
1090 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1091 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1092
1093 /* had not previously. */
1094 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1095 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1096 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1097 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1098 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1099
1100 /* had not previously. */
1101 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1102 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1103 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1104 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1105 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1106
1107 /* Neighbor priority check. */
1108 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1109 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1110
1111 /* Set neighbor information. */
1112 nbr->priority = hello->priority;
1113 nbr->d_router = hello->d_router;
1114 nbr->bd_router = hello->bd_router;
1115 }
1116
1117 /* Save DD flags/options/Seqnum received. */
1118 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1119 struct ospf_db_desc *dd)
1120 {
1121 nbr->last_recv.flags = dd->flags;
1122 nbr->last_recv.options = dd->options;
1123 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1124 }
1125
1126 /* Process rest of DD packet. */
1127 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1128 struct ospf_neighbor *nbr,
1129 struct ospf_db_desc *dd, uint16_t size)
1130 {
1131 struct ospf_lsa *new, *find;
1132 struct lsa_header *lsah;
1133
1134 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1135 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1136 size -= OSPF_LSA_HEADER_SIZE) {
1137 lsah = (struct lsa_header *)stream_pnt(s);
1138 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1139
1140 /* Unknown LS type. */
1141 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1142 flog_warn(EC_OSPF_PACKET,
1143 "Packet [DD:RECV]: Unknown LS type %d.",
1144 lsah->type);
1145 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1146 return;
1147 }
1148
1149 if (IS_OPAQUE_LSA(lsah->type)
1150 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1151 flog_warn(EC_OSPF_PACKET,
1152 "LSA[Type%d:%s]: Opaque capability mismatch?",
1153 lsah->type, inet_ntoa(lsah->id));
1154 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1155 return;
1156 }
1157
1158 switch (lsah->type) {
1159 case OSPF_AS_EXTERNAL_LSA:
1160 case OSPF_OPAQUE_AS_LSA:
1161 /* Check for stub area. Reject if AS-External from stub
1162 but
1163 allow if from NSSA. */
1164 if (oi->area->external_routing == OSPF_AREA_STUB) {
1165 flog_warn(
1166 EC_OSPF_PACKET,
1167 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1168 lsah->type, inet_ntoa(lsah->id),
1169 (oi->area->external_routing
1170 == OSPF_AREA_STUB)
1171 ? "STUB"
1172 : "NSSA");
1173 OSPF_NSM_EVENT_SCHEDULE(nbr,
1174 NSM_SeqNumberMismatch);
1175 return;
1176 }
1177 break;
1178 default:
1179 break;
1180 }
1181
1182 /* Create LS-request object. */
1183 new = ospf_ls_request_new(lsah);
1184
1185 /* Lookup received LSA, then add LS request list. */
1186 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1187
1188 /* ospf_lsa_more_recent is fine with NULL pointers */
1189 switch (ospf_lsa_more_recent(find, new)) {
1190 case -1:
1191 /* Neighbour has a more recent LSA, we must request it
1192 */
1193 ospf_ls_request_add(nbr, new);
1194 /* fallthru */
1195 case 0:
1196 /* If we have a copy of this LSA, it's either less
1197 * recent
1198 * and we're requesting it from neighbour (the case
1199 * above), or
1200 * it's as recent and we both have same copy (this
1201 * case).
1202 *
1203 * In neither of these two cases is there any point in
1204 * describing our copy of the LSA to the neighbour in a
1205 * DB-Summary packet, if we're still intending to do so.
1206 *
1207 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1208 * backward compatible optimisation to OSPF DB Exchange
1209 * /
1210 * DB Description process implemented here.
1211 */
1212 if (find)
1213 ospf_lsdb_delete(&nbr->db_sum, find);
1214 ospf_lsa_discard(new);
1215 break;
1216 default:
1217 /* We have the more recent copy, nothing specific to do:
1218 * - no need to request neighbours stale copy
1219 * - must leave DB summary list copy alone
1220 */
1221 if (IS_DEBUG_OSPF_EVENT)
1222 zlog_debug(
1223 "Packet [DD:RECV]: LSA received Type %d, "
1224 "ID %s is not recent.",
1225 lsah->type, inet_ntoa(lsah->id));
1226 ospf_lsa_discard(new);
1227 }
1228 }
1229
1230 /* Master */
1231 if (IS_SET_DD_MS(nbr->dd_flags)) {
1232 nbr->dd_seqnum++;
1233
1234 /* Both sides have no More, then we're done with Exchange */
1235 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1236 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1237 else
1238 ospf_db_desc_send(nbr);
1239 }
1240 /* Slave */
1241 else {
1242 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1243
1244 /* Send DD packet in reply.
1245 *
1246 * Must be done to acknowledge the Master's DD, regardless of
1247 * whether we have more LSAs ourselves to describe.
1248 *
1249 * This function will clear the 'More' bit, if after this DD
1250 * we have no more LSAs to describe to the master..
1251 */
1252 ospf_db_desc_send(nbr);
1253
1254 /* Slave can raise ExchangeDone now, if master is also done */
1255 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1256 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1257 }
1258
1259 /* Save received neighbor values from DD. */
1260 ospf_db_desc_save_current(nbr, dd);
1261
1262 if (!nbr->t_ls_req)
1263 ospf_ls_req_send(nbr);
1264 }
1265
1266 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1267 struct ospf_neighbor *nbr)
1268 {
1269 /* Is DD duplicated? */
1270 if (dd->options == nbr->last_recv.options
1271 && dd->flags == nbr->last_recv.flags
1272 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1273 return 1;
1274
1275 return 0;
1276 }
1277
1278 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1279 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1280 struct stream *s, struct ospf_interface *oi,
1281 uint16_t size)
1282 {
1283 struct ospf_db_desc *dd;
1284 struct ospf_neighbor *nbr;
1285
1286 /* Increment statistics. */
1287 oi->db_desc_in++;
1288
1289 dd = (struct ospf_db_desc *)stream_pnt(s);
1290
1291 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1292 if (nbr == NULL) {
1293 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1294 inet_ntoa(ospfh->router_id));
1295 return;
1296 }
1297
1298 /* Check MTU. */
1299 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1300 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1301 flog_warn(
1302 EC_OSPF_PACKET,
1303 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1304 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1305 oi->ifp->mtu);
1306 return;
1307 }
1308
1309 /*
1310 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1311 * not
1312 * required. In fact at least JunOS sends DD packets with P bit clear.
1313 * Until proper solution is developped, this hack should help.
1314 *
1315 * Update: According to the RFCs, N bit is specified /only/ for Hello
1316 * options, unfortunately its use in DD options is not specified. Hence
1317 * some
1318 * implementations follow E-bit semantics and set it in DD options, and
1319 * some
1320 * treat it as unspecified and hence follow the directive "default for
1321 * options is clear", ie unset.
1322 *
1323 * Reset the flag, as ospfd follows E-bit semantics.
1324 */
1325 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1326 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1327 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1328 if (IS_DEBUG_OSPF_EVENT)
1329 zlog_debug(
1330 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1331 inet_ntoa(nbr->router_id));
1332 SET_FLAG(dd->options, OSPF_OPTION_NP);
1333 }
1334
1335 #ifdef REJECT_IF_TBIT_ON
1336 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1337 /*
1338 * In Hello protocol, optional capability must have checked
1339 * to prevent this T-bit enabled router be my neighbor.
1340 */
1341 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1342 inet_ntoa(nbr->router_id));
1343 return;
1344 }
1345 #endif /* REJECT_IF_TBIT_ON */
1346
1347 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1348 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1349 /*
1350 * This node is not configured to handle O-bit, for now.
1351 * Clear it to ignore unsupported capability proposed by
1352 * neighbor.
1353 */
1354 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1355 }
1356
1357 /* Add event to thread. */
1358 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1359
1360 /* Process DD packet by neighbor status. */
1361 switch (nbr->state) {
1362 case NSM_Down:
1363 case NSM_Attempt:
1364 case NSM_TwoWay:
1365 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1366 zlog_info(
1367 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1368 inet_ntoa(nbr->router_id),
1369 lookup_msg(ospf_nsm_state_msg, nbr->state,
1370 NULL));
1371 break;
1372 case NSM_Init:
1373 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1374 /* If the new state is ExStart, the processing of the current
1375 packet should then continue in this new state by falling
1376 through to case ExStart below. */
1377 if (nbr->state != NSM_ExStart)
1378 break;
1379 /* fallthru */
1380 case NSM_ExStart:
1381 /* Initial DBD */
1382 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1383 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1384 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1385 > 0) {
1386 /* We're Slave---obey */
1387 if (CHECK_FLAG(oi->ospf->config,
1388 OSPF_LOG_ADJACENCY_DETAIL))
1389 zlog_info(
1390 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1391 inet_ntoa(nbr->router_id));
1392
1393 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1394
1395 /* Reset I/MS */
1396 UNSET_FLAG(nbr->dd_flags,
1397 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1398 } else {
1399 /* We're Master, ignore the initial DBD from
1400 * Slave */
1401 if (CHECK_FLAG(oi->ospf->config,
1402 OSPF_LOG_ADJACENCY_DETAIL))
1403 zlog_info(
1404 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1405 "ignoring.",
1406 inet_ntoa(nbr->router_id));
1407 break;
1408 }
1409 }
1410 /* Ack from the Slave */
1411 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1412 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1413 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1414 < 0) {
1415 zlog_info(
1416 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1417 inet_ntoa(nbr->router_id));
1418 /* Reset I, leaving MS */
1419 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1420 } else {
1421 flog_warn(EC_OSPF_PACKET,
1422 "Packet[DD]: Neighbor %s Negotiation fails.",
1423 inet_ntoa(nbr->router_id));
1424 break;
1425 }
1426
1427 /* This is where the real Options are saved */
1428 nbr->options = dd->options;
1429
1430 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1431 if (IS_DEBUG_OSPF_EVENT)
1432 zlog_debug(
1433 "Neighbor[%s] is %sOpaque-capable.",
1434 inet_ntoa(nbr->router_id),
1435 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1436 ? ""
1437 : "NOT ");
1438
1439 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1440 && IPV4_ADDR_SAME(&DR(oi),
1441 &nbr->address.u.prefix4)) {
1442 flog_warn(
1443 EC_OSPF_PACKET,
1444 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1445 inet_ntoa(nbr->router_id));
1446 /* This situation is undesirable, but not a real
1447 * error. */
1448 }
1449 }
1450
1451 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1452
1453 /* continue processing rest of packet. */
1454 ospf_db_desc_proc(s, oi, nbr, dd, size);
1455 break;
1456 case NSM_Exchange:
1457 if (ospf_db_desc_is_dup(dd, nbr)) {
1458 if (IS_SET_DD_MS(nbr->dd_flags))
1459 /* Master: discard duplicated DD packet. */
1460 zlog_info(
1461 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1462 inet_ntoa(nbr->router_id));
1463 else
1464 /* Slave: cause to retransmit the last Database
1465 Description. */
1466 {
1467 zlog_info(
1468 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1469 inet_ntoa(nbr->router_id));
1470 ospf_db_desc_resend(nbr);
1471 }
1472 break;
1473 }
1474
1475 /* Otherwise DD packet should be checked. */
1476 /* Check Master/Slave bit mismatch */
1477 if (IS_SET_DD_MS(dd->flags)
1478 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1479 flog_warn(EC_OSPF_PACKET,
1480 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1481 inet_ntoa(nbr->router_id));
1482 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1483 if (IS_DEBUG_OSPF_EVENT)
1484 zlog_debug(
1485 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1486 dd->flags, nbr->dd_flags);
1487 break;
1488 }
1489
1490 /* Check initialize bit is set. */
1491 if (IS_SET_DD_I(dd->flags)) {
1492 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1493 inet_ntoa(nbr->router_id));
1494 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1495 break;
1496 }
1497
1498 /* Check DD Options. */
1499 if (dd->options != nbr->options) {
1500 #ifdef ORIGINAL_CODING
1501 /* Save the new options for debugging */
1502 nbr->options = dd->options;
1503 #endif /* ORIGINAL_CODING */
1504 flog_warn(EC_OSPF_PACKET,
1505 "Packet[DD]: Neighbor %s options mismatch.",
1506 inet_ntoa(nbr->router_id));
1507 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1508 break;
1509 }
1510
1511 /* Check DD sequence number. */
1512 if ((IS_SET_DD_MS(nbr->dd_flags)
1513 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1514 || (!IS_SET_DD_MS(nbr->dd_flags)
1515 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1516 flog_warn(
1517 EC_OSPF_PACKET,
1518 "Packet[DD]: Neighbor %s sequence number mismatch.",
1519 inet_ntoa(nbr->router_id));
1520 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1521 break;
1522 }
1523
1524 /* Continue processing rest of packet. */
1525 ospf_db_desc_proc(s, oi, nbr, dd, size);
1526 break;
1527 case NSM_Loading:
1528 case NSM_Full:
1529 if (ospf_db_desc_is_dup(dd, nbr)) {
1530 if (IS_SET_DD_MS(nbr->dd_flags)) {
1531 /* Master should discard duplicate DD packet. */
1532 zlog_info(
1533 "Packet[DD]: Neighbor %s duplicated, "
1534 "packet discarded.",
1535 inet_ntoa(nbr->router_id));
1536 break;
1537 } else {
1538 if (monotime_since(&nbr->last_send_ts, NULL)
1539 < nbr->v_inactivity * 1000000LL) {
1540 /* In states Loading and Full the slave
1541 must resend
1542 its last Database Description packet
1543 in response to
1544 duplicate Database Description
1545 packets received
1546 from the master. For this reason the
1547 slave must
1548 wait RouterDeadInterval seconds
1549 before freeing the
1550 last Database Description packet.
1551 Reception of a
1552 Database Description packet from the
1553 master after
1554 this interval will generate a
1555 SeqNumberMismatch
1556 neighbor event. RFC2328 Section 10.8
1557 */
1558 ospf_db_desc_resend(nbr);
1559 break;
1560 }
1561 }
1562 }
1563
1564 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1565 break;
1566 default:
1567 flog_warn(EC_OSPF_PACKET,
1568 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1569 inet_ntoa(nbr->router_id), nbr->state);
1570 break;
1571 }
1572 }
1573
1574 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1575
1576 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1577 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1578 struct stream *s, struct ospf_interface *oi,
1579 uint16_t size)
1580 {
1581 struct ospf_neighbor *nbr;
1582 uint32_t ls_type;
1583 struct in_addr ls_id;
1584 struct in_addr adv_router;
1585 struct ospf_lsa *find;
1586 struct list *ls_upd;
1587 unsigned int length;
1588
1589 /* Increment statistics. */
1590 oi->ls_req_in++;
1591
1592 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1593 if (nbr == NULL) {
1594 flog_warn(EC_OSPF_PACKET,
1595 "Link State Request: Unknown Neighbor %s.",
1596 inet_ntoa(ospfh->router_id));
1597 return;
1598 }
1599
1600 /* Add event to thread. */
1601 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1602
1603 /* Neighbor State should be Exchange or later. */
1604 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1605 && nbr->state != NSM_Full) {
1606 flog_warn(
1607 EC_OSPF_PACKET,
1608 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1609 inet_ntoa(ospfh->router_id),
1610 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1611 return;
1612 }
1613
1614 /* Send Link State Update for ALL requested LSAs. */
1615 ls_upd = list_new();
1616 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1617
1618 while (size >= OSPF_LSA_KEY_SIZE) {
1619 /* Get one slice of Link State Request. */
1620 ls_type = stream_getl(s);
1621 ls_id.s_addr = stream_get_ipv4(s);
1622 adv_router.s_addr = stream_get_ipv4(s);
1623
1624 /* Verify LSA type. */
1625 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1626 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1627 list_delete(&ls_upd);
1628 return;
1629 }
1630
1631 /* Search proper LSA in LSDB. */
1632 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1633 adv_router);
1634 if (find == NULL) {
1635 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1636 list_delete(&ls_upd);
1637 return;
1638 }
1639
1640 /* Packet overflows MTU size, send immediately. */
1641 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1642 if (oi->type == OSPF_IFTYPE_NBMA)
1643 ospf_ls_upd_send(nbr, ls_upd,
1644 OSPF_SEND_PACKET_DIRECT, 0);
1645 else
1646 ospf_ls_upd_send(nbr, ls_upd,
1647 OSPF_SEND_PACKET_INDIRECT, 0);
1648
1649 /* Only remove list contents. Keep ls_upd. */
1650 list_delete_all_node(ls_upd);
1651
1652 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1653 }
1654
1655 /* Append LSA to update list. */
1656 listnode_add(ls_upd, find);
1657 length += ntohs(find->data->length);
1658
1659 size -= OSPF_LSA_KEY_SIZE;
1660 }
1661
1662 /* Send rest of Link State Update. */
1663 if (listcount(ls_upd) > 0) {
1664 if (oi->type == OSPF_IFTYPE_NBMA)
1665 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1666 0);
1667 else
1668 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1669 0);
1670
1671 list_delete(&ls_upd);
1672 } else
1673 list_delete(&ls_upd);
1674 }
1675
1676 /* Get the list of LSAs from Link State Update packet.
1677 And process some validation -- RFC2328 Section 13. (1)-(2). */
1678 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1679 struct stream *s,
1680 struct ospf_interface *oi, size_t size)
1681 {
1682 uint16_t count, sum;
1683 uint32_t length;
1684 struct lsa_header *lsah;
1685 struct ospf_lsa *lsa;
1686 struct list *lsas;
1687
1688 lsas = list_new();
1689
1690 count = stream_getl(s);
1691 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1692
1693 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1694 size -= length, stream_forward_getp(s, length), count--) {
1695 lsah = (struct lsa_header *)stream_pnt(s);
1696 length = ntohs(lsah->length);
1697
1698 if (length > size) {
1699 flog_warn(
1700 EC_OSPF_PACKET,
1701 "Link State Update: LSA length exceeds packet size.");
1702 break;
1703 }
1704
1705 /* Validate the LSA's LS checksum. */
1706 sum = lsah->checksum;
1707 if (!ospf_lsa_checksum_valid(lsah)) {
1708 /* (bug #685) more details in a one-line message make it
1709 * possible
1710 * to identify problem source on the one hand and to
1711 * have a better
1712 * chance to compress repeated messages in syslog on the
1713 * other */
1714 flog_warn(
1715 EC_OSPF_PACKET,
1716 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1717 sum, lsah->checksum, inet_ntoa(lsah->id),
1718 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1719 inet_ntoa(lsah->adv_router));
1720 continue;
1721 }
1722
1723 /* Examine the LSA's LS type. */
1724 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1725 flog_warn(EC_OSPF_PACKET,
1726 "Link State Update: Unknown LS type %d",
1727 lsah->type);
1728 continue;
1729 }
1730
1731 /*
1732 * What if the received LSA's age is greater than MaxAge?
1733 * Treat it as a MaxAge case -- endo.
1734 */
1735 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1736 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1737
1738 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1739 #ifdef STRICT_OBIT_USAGE_CHECK
1740 if ((IS_OPAQUE_LSA(lsah->type)
1741 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1742 || (!IS_OPAQUE_LSA(lsah->type)
1743 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1744 /*
1745 * This neighbor must know the exact usage of
1746 * O-bit;
1747 * the bit will be set in Type-9,10,11 LSAs
1748 * only.
1749 */
1750 flog_warn(EC_OSPF_PACKET,
1751 "LSA[Type%d:%s]: O-bit abuse?",
1752 lsah->type, inet_ntoa(lsah->id));
1753 continue;
1754 }
1755 #endif /* STRICT_OBIT_USAGE_CHECK */
1756
1757 /* Do not take in AS External Opaque-LSAs if we are a
1758 * stub. */
1759 if (lsah->type == OSPF_OPAQUE_AS_LSA
1760 && nbr->oi->area->external_routing
1761 != OSPF_AREA_DEFAULT) {
1762 if (IS_DEBUG_OSPF_EVENT)
1763 zlog_debug(
1764 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1765 lsah->type,
1766 inet_ntoa(lsah->id));
1767 continue;
1768 }
1769 } else if (IS_OPAQUE_LSA(lsah->type)) {
1770 flog_warn(EC_OSPF_PACKET,
1771 "LSA[Type%d:%s]: Opaque capability mismatch?",
1772 lsah->type, inet_ntoa(lsah->id));
1773 continue;
1774 }
1775
1776 /* Create OSPF LSA instance. */
1777 lsa = ospf_lsa_new_and_data(length);
1778
1779 lsa->vrf_id = oi->ospf->vrf_id;
1780 /* We may wish to put some error checking if type NSSA comes in
1781 and area not in NSSA mode */
1782 switch (lsah->type) {
1783 case OSPF_AS_EXTERNAL_LSA:
1784 case OSPF_OPAQUE_AS_LSA:
1785 lsa->area = NULL;
1786 break;
1787 case OSPF_OPAQUE_LINK_LSA:
1788 lsa->oi = oi; /* Remember incoming interface for
1789 flooding control. */
1790 /* Fallthrough */
1791 default:
1792 lsa->area = oi->area;
1793 break;
1794 }
1795
1796 memcpy(lsa->data, lsah, length);
1797
1798 if (IS_DEBUG_OSPF_EVENT)
1799 zlog_debug(
1800 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1801 lsa->data->type, inet_ntoa(lsa->data->id),
1802 (void *)lsa);
1803 listnode_add(lsas, lsa);
1804 }
1805
1806 return lsas;
1807 }
1808
1809 /* Cleanup Update list. */
1810 static void ospf_upd_list_clean(struct list *lsas)
1811 {
1812 struct listnode *node, *nnode;
1813 struct ospf_lsa *lsa;
1814
1815 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1816 ospf_lsa_discard(lsa);
1817
1818 list_delete(&lsas);
1819 }
1820
1821 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1822 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1823 struct ospf_header *ospfh, struct stream *s,
1824 struct ospf_interface *oi, uint16_t size)
1825 {
1826 struct ospf_neighbor *nbr;
1827 struct list *lsas;
1828 struct listnode *node, *nnode;
1829 struct ospf_lsa *lsa = NULL;
1830 /* unsigned long ls_req_found = 0; */
1831
1832 /* Dis-assemble the stream, update each entry, re-encapsulate for
1833 * flooding */
1834
1835 /* Increment statistics. */
1836 oi->ls_upd_in++;
1837
1838 /* Check neighbor. */
1839 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1840 if (nbr == NULL) {
1841 flog_warn(EC_OSPF_PACKET,
1842 "Link State Update: Unknown Neighbor %s on int: %s",
1843 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1844 return;
1845 }
1846
1847 /* Add event to thread. */
1848 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1849
1850 /* Check neighbor state. */
1851 if (nbr->state < NSM_Exchange) {
1852 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1853 zlog_debug(
1854 "Link State Update: "
1855 "Neighbor[%s] state %s is less than Exchange",
1856 inet_ntoa(ospfh->router_id),
1857 lookup_msg(ospf_nsm_state_msg, nbr->state,
1858 NULL));
1859 return;
1860 }
1861
1862 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1863 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1864 * of section 13.
1865 */
1866 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1867
1868 if (lsas == NULL)
1869 return;
1870 #define DISCARD_LSA(L, N) \
1871 { \
1872 if (IS_DEBUG_OSPF_EVENT) \
1873 zlog_debug( \
1874 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1875 " Type-%d", \
1876 N, (void *)lsa, (int)lsa->data->type); \
1877 ospf_lsa_discard(L); \
1878 continue; \
1879 }
1880
1881 /* Process each LSA received in the one packet.
1882 *
1883 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1884 * text below are from the steps in RFC 2328, Section 13.
1885 */
1886 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1887 struct ospf_lsa *ls_ret, *current;
1888 int ret = 1;
1889
1890 if (IS_DEBUG_OSPF_NSSA) {
1891 char buf1[INET_ADDRSTRLEN];
1892 char buf2[INET_ADDRSTRLEN];
1893 char buf3[INET_ADDRSTRLEN];
1894
1895 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1896 lsa->data->type,
1897 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1898 INET_ADDRSTRLEN),
1899 inet_ntop(AF_INET, &lsa->data->id, buf2,
1900 INET_ADDRSTRLEN),
1901 inet_ntop(AF_INET, &lsa->data->adv_router,
1902 buf3, INET_ADDRSTRLEN));
1903 }
1904
1905 listnode_delete(lsas,
1906 lsa); /* We don't need it in list anymore */
1907
1908 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1909 */
1910
1911 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1912
1913 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1914 */
1915
1916 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1917 */
1918
1919 /* Do take in Type-7's if we are an NSSA */
1920
1921 /* If we are also an ABR, later translate them to a Type-5
1922 * packet */
1923
1924 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1925 translate them to a separate Type-5 packet. */
1926
1927 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1928 /* Reject from STUB or NSSA */
1929 if (nbr->oi->area->external_routing
1930 != OSPF_AREA_DEFAULT) {
1931 if (IS_DEBUG_OSPF_NSSA)
1932 zlog_debug(
1933 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1934 DISCARD_LSA(lsa, 1);
1935 }
1936
1937 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1938 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1939 if (IS_DEBUG_OSPF_NSSA)
1940 zlog_debug(
1941 "Incoming NSSA LSA Discarded: Not NSSA Area");
1942 DISCARD_LSA(lsa, 2);
1943 }
1944
1945 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1946 if (lsa->data->type == OSPF_ROUTER_LSA)
1947 if (!IPV4_ADDR_SAME(&lsa->data->id,
1948 &lsa->data->adv_router)) {
1949 char buf1[INET_ADDRSTRLEN];
1950 char buf2[INET_ADDRSTRLEN];
1951 char buf3[INET_ADDRSTRLEN];
1952
1953 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1954 "Incoming Router-LSA from %s with "
1955 "Adv-ID[%s] != LS-ID[%s]",
1956 inet_ntop(AF_INET, &ospfh->router_id,
1957 buf1, INET_ADDRSTRLEN),
1958 inet_ntop(AF_INET, &lsa->data->id,
1959 buf2, INET_ADDRSTRLEN),
1960 inet_ntop(AF_INET,
1961 &lsa->data->adv_router, buf3,
1962 INET_ADDRSTRLEN));
1963 flog_err(
1964 EC_OSPF_DOMAIN_CORRUPT,
1965 "OSPF domain compromised by attack or corruption. "
1966 "Verify correct operation of -ALL- OSPF routers.");
1967 DISCARD_LSA(lsa, 0);
1968 }
1969
1970 /* Find the LSA in the current database. */
1971
1972 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1973
1974 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1975 currently
1976 no instance of the LSA in the router's link state database,
1977 and none of router's neighbors are in states Exchange or
1978 Loading,
1979 then take the following actions: */
1980
1981 if (IS_LSA_MAXAGE(lsa) && !current
1982 && ospf_check_nbr_status(oi->ospf)) {
1983 /* (4a) Response Link State Acknowledgment. */
1984 ospf_ls_ack_send(nbr, lsa);
1985
1986 /* (4b) Discard LSA. */
1987 if (IS_DEBUG_OSPF(lsa, LSA)) {
1988 zlog_debug(
1989 "Link State Update[%s]: LS age is equal to MaxAge.",
1990 dump_lsa_key(lsa));
1991 }
1992 DISCARD_LSA(lsa, 3);
1993 }
1994
1995 if (IS_OPAQUE_LSA(lsa->data->type)
1996 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1997 &oi->ospf->router_id)) {
1998 /*
1999 * Even if initial flushing seems to be completed, there
2000 * might
2001 * be a case that self-originated LSA with MaxAge still
2002 * remain
2003 * in the routing domain.
2004 * Just send an LSAck message to cease retransmission.
2005 */
2006 if (IS_LSA_MAXAGE(lsa)) {
2007 zlog_info("LSA[%s]: Boomerang effect?",
2008 dump_lsa_key(lsa));
2009 ospf_ls_ack_send(nbr, lsa);
2010 ospf_lsa_discard(lsa);
2011
2012 if (current != NULL && !IS_LSA_MAXAGE(current))
2013 ospf_opaque_lsa_refresh_schedule(
2014 current);
2015 continue;
2016 }
2017
2018 /*
2019 * If an instance of self-originated Opaque-LSA is not
2020 * found
2021 * in the LSDB, there are some possible cases here.
2022 *
2023 * 1) This node lost opaque-capability after restart.
2024 * 2) Else, a part of opaque-type is no more supported.
2025 * 3) Else, a part of opaque-id is no more supported.
2026 *
2027 * Anyway, it is still this node's responsibility to
2028 * flush it.
2029 * Otherwise, the LSA instance remains in the routing
2030 * domain
2031 * until its age reaches to MaxAge.
2032 */
2033 /* XXX: We should deal with this for *ALL* LSAs, not
2034 * just opaque */
2035 if (current == NULL) {
2036 if (IS_DEBUG_OSPF_EVENT)
2037 zlog_debug(
2038 "LSA[%s]: Previously originated Opaque-LSA,"
2039 "not found in the LSDB.",
2040 dump_lsa_key(lsa));
2041
2042 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2043
2044 ospf_opaque_self_originated_lsa_received(nbr,
2045 lsa);
2046 ospf_ls_ack_send(nbr, lsa);
2047
2048 continue;
2049 }
2050 }
2051
2052 /* It might be happen that received LSA is self-originated
2053 * network LSA, but
2054 * router ID is changed. So, we should check if LSA is a
2055 * network-LSA whose
2056 * Link State ID is one of the router's own IP interface
2057 * addresses but whose
2058 * Advertising Router is not equal to the router's own Router ID
2059 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2060 * flushed.
2061 */
2062
2063 if (lsa->data->type == OSPF_NETWORK_LSA) {
2064 struct listnode *oinode, *oinnode;
2065 struct ospf_interface *out_if;
2066 int Flag = 0;
2067
2068 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2069 oinnode, out_if)) {
2070 if (out_if == NULL)
2071 break;
2072
2073 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2074 &lsa->data->id))
2075 && (!(IPV4_ADDR_SAME(
2076 &oi->ospf->router_id,
2077 &lsa->data->adv_router)))) {
2078 if (out_if->network_lsa_self) {
2079 ospf_lsa_flush_area(
2080 lsa, out_if->area);
2081 if (IS_DEBUG_OSPF_EVENT)
2082 zlog_debug(
2083 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2084 (void *)lsa,
2085 (int)lsa->data
2086 ->type);
2087 ospf_lsa_discard(lsa);
2088 Flag = 1;
2089 }
2090 break;
2091 }
2092 }
2093 if (Flag)
2094 continue;
2095 }
2096
2097 /* (5) Find the instance of this LSA that is currently contained
2098 in the router's link state database. If there is no
2099 database copy, or the received LSA is more recent than
2100 the database copy the following steps must be performed.
2101 (The sub steps from RFC 2328 section 13 step (5) will be
2102 performed in
2103 ospf_flood() ) */
2104
2105 if (current == NULL
2106 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2107 /* CVE-2017-3224 */
2108 if (current && (lsa->data->ls_seqnum ==
2109 htonl(OSPF_MAX_SEQUENCE_NUMBER)
2110 && !IS_LSA_MAXAGE(lsa))) {
2111 zlog_debug(
2112 "Link State Update[%s]: has Max Seq but not MaxAge. Dropping it",
2113 dump_lsa_key(lsa));
2114
2115 DISCARD_LSA(lsa, 4);
2116 }
2117
2118 /* Actual flooding procedure. */
2119 if (ospf_flood(oi->ospf, nbr, current, lsa)
2120 < 0) /* Trap NSSA later. */
2121 DISCARD_LSA(lsa, 5);
2122 continue;
2123 }
2124
2125 /* (6) Else, If there is an instance of the LSA on the sending
2126 neighbor's Link state request list, an error has occurred in
2127 the Database Exchange process. In this case, restart the
2128 Database Exchange process by generating the neighbor event
2129 BadLSReq for the sending neighbor and stop processing the
2130 Link State Update packet. */
2131
2132 if (ospf_ls_request_lookup(nbr, lsa)) {
2133 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2134 flog_warn(
2135 EC_OSPF_PACKET,
2136 "LSA[%s] instance exists on Link state request list",
2137 dump_lsa_key(lsa));
2138
2139 /* Clean list of LSAs. */
2140 ospf_upd_list_clean(lsas);
2141 /* this lsa is not on lsas list already. */
2142 ospf_lsa_discard(lsa);
2143 return;
2144 }
2145
2146 /* If the received LSA is the same instance as the database copy
2147 (i.e., neither one is more recent) the following two steps
2148 should be performed: */
2149
2150 if (ret == 0) {
2151 /* If the LSA is listed in the Link state retransmission
2152 list
2153 for the receiving adjacency, the router itself is
2154 expecting
2155 an acknowledgment for this LSA. The router should
2156 treat the
2157 received LSA as an acknowledgment by removing the LSA
2158 from
2159 the Link state retransmission list. This is termed
2160 an
2161 "implied acknowledgment". */
2162
2163 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2164
2165 if (ls_ret != NULL) {
2166 ospf_ls_retransmit_delete(nbr, ls_ret);
2167
2168 /* Delayed acknowledgment sent if advertisement
2169 received
2170 from Designated Router, otherwise do nothing.
2171 */
2172 if (oi->state == ISM_Backup)
2173 if (NBR_IS_DR(nbr))
2174 listnode_add(
2175 oi->ls_ack,
2176 ospf_lsa_lock(lsa));
2177
2178 DISCARD_LSA(lsa, 6);
2179 } else
2180 /* Acknowledge the receipt of the LSA by sending a
2181 Link State Acknowledgment packet back out the
2182 receiving
2183 interface. */
2184 {
2185 ospf_ls_ack_send(nbr, lsa);
2186 DISCARD_LSA(lsa, 7);
2187 }
2188 }
2189
2190 /* The database copy is more recent. If the database copy
2191 has LS age equal to MaxAge and LS sequence number equal to
2192 MaxSequenceNumber, simply discard the received LSA without
2193 acknowledging it. (In this case, the LSA's LS sequence number
2194 is
2195 wrapping, and the MaxSequenceNumber LSA must be completely
2196 flushed before any new LSA instance can be introduced). */
2197
2198 else if (ret > 0) /* Database copy is more recent */
2199 {
2200 if (IS_LSA_MAXAGE(current)
2201 && current->data->ls_seqnum
2202 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2203 DISCARD_LSA(lsa, 8);
2204 }
2205 /* Otherwise, as long as the database copy has not been
2206 sent in a
2207 Link State Update within the last MinLSArrival
2208 seconds, send the
2209 database copy back to the sending neighbor,
2210 encapsulated within
2211 a Link State Update Packet. The Link State Update
2212 Packet should
2213 be sent directly to the neighbor. In so doing, do not
2214 put the
2215 database copy of the LSA on the neighbor's link state
2216 retransmission list, and do not acknowledge the
2217 received (less
2218 recent) LSA instance. */
2219 else {
2220 if (monotime_since(&current->tv_orig, NULL)
2221 >= ospf->min_ls_arrival * 1000LL)
2222 /* Trap NSSA type later.*/
2223 ospf_ls_upd_send_lsa(
2224 nbr, current,
2225 OSPF_SEND_PACKET_DIRECT);
2226 DISCARD_LSA(lsa, 9);
2227 }
2228 }
2229 }
2230 #undef DISCARD_LSA
2231
2232 assert(listcount(lsas) == 0);
2233 list_delete(&lsas);
2234 }
2235
2236 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2237 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2238 struct stream *s, struct ospf_interface *oi,
2239 uint16_t size)
2240 {
2241 struct ospf_neighbor *nbr;
2242
2243 /* increment statistics. */
2244 oi->ls_ack_in++;
2245
2246 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2247 if (nbr == NULL) {
2248 flog_warn(EC_OSPF_PACKET,
2249 "Link State Acknowledgment: Unknown Neighbor %s.",
2250 inet_ntoa(ospfh->router_id));
2251 return;
2252 }
2253
2254 /* Add event to thread. */
2255 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2256
2257 if (nbr->state < NSM_Exchange) {
2258 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2259 zlog_debug(
2260 "Link State Acknowledgment: "
2261 "Neighbor[%s] state %s is less than Exchange",
2262 inet_ntoa(ospfh->router_id),
2263 lookup_msg(ospf_nsm_state_msg, nbr->state,
2264 NULL));
2265 return;
2266 }
2267
2268 while (size >= OSPF_LSA_HEADER_SIZE) {
2269 struct ospf_lsa *lsa, *lsr;
2270
2271 lsa = ospf_lsa_new();
2272 lsa->data = (struct lsa_header *)stream_pnt(s);
2273 lsa->vrf_id = oi->ospf->vrf_id;
2274
2275 /* lsah = (struct lsa_header *) stream_pnt (s); */
2276 size -= OSPF_LSA_HEADER_SIZE;
2277 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2278
2279 if (lsa->data->type < OSPF_MIN_LSA
2280 || lsa->data->type >= OSPF_MAX_LSA) {
2281 lsa->data = NULL;
2282 ospf_lsa_discard(lsa);
2283 continue;
2284 }
2285
2286 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2287
2288 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2289 ospf_ls_retransmit_delete(nbr, lsr);
2290
2291 lsa->data = NULL;
2292 ospf_lsa_discard(lsa);
2293 }
2294
2295 return;
2296 }
2297
2298 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2299 struct interface **ifp,
2300 struct stream *ibuf)
2301 {
2302 int ret;
2303 struct ip *iph;
2304 uint16_t ip_len;
2305 ifindex_t ifindex = 0;
2306 struct iovec iov;
2307 /* Header and data both require alignment. */
2308 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2309 struct msghdr msgh;
2310
2311 memset(&msgh, 0, sizeof(struct msghdr));
2312 msgh.msg_iov = &iov;
2313 msgh.msg_iovlen = 1;
2314 msgh.msg_control = (caddr_t)buff;
2315 msgh.msg_controllen = sizeof(buff);
2316
2317 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2318 if (ret < 0) {
2319 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2320 safe_strerror(errno));
2321 return NULL;
2322 }
2323 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2324 {
2325 flog_warn(
2326 EC_OSPF_PACKET,
2327 "ospf_recv_packet: discarding runt packet of length %d "
2328 "(ip header size is %u)",
2329 ret, (unsigned int)sizeof(iph));
2330 return NULL;
2331 }
2332
2333 /* Note that there should not be alignment problems with this assignment
2334 because this is at the beginning of the stream data buffer. */
2335 iph = (struct ip *)STREAM_DATA(ibuf);
2336 sockopt_iphdrincl_swab_systoh(iph);
2337
2338 ip_len = iph->ip_len;
2339
2340 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2341 /*
2342 * Kernel network code touches incoming IP header parameters,
2343 * before protocol specific processing.
2344 *
2345 * 1) Convert byteorder to host representation.
2346 * --> ip_len, ip_id, ip_off
2347 *
2348 * 2) Adjust ip_len to strip IP header size!
2349 * --> If user process receives entire IP packet via RAW
2350 * socket, it must consider adding IP header size to
2351 * the "ip_len" field of "ip" structure.
2352 *
2353 * For more details, see <netinet/ip_input.c>.
2354 */
2355 ip_len = ip_len + (iph->ip_hl << 2);
2356 #endif
2357
2358 #if defined(__DragonFly__)
2359 /*
2360 * in DragonFly's raw socket, ip_len/ip_off are read
2361 * in network byte order.
2362 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2363 */
2364 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2365 #endif
2366
2367 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2368
2369 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2370
2371 if (ret != ip_len) {
2372 flog_warn(
2373 EC_OSPF_PACKET,
2374 "ospf_recv_packet read length mismatch: ip_len is %d, "
2375 "but recvmsg returned %d",
2376 ip_len, ret);
2377 return NULL;
2378 }
2379
2380 return ibuf;
2381 }
2382
2383 static struct ospf_interface *
2384 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2385 struct ip *iph, struct ospf_header *ospfh)
2386 {
2387 struct ospf_interface *rcv_oi;
2388 struct ospf_vl_data *vl_data;
2389 struct ospf_area *vl_area;
2390 struct listnode *node;
2391
2392 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2393 || !OSPF_IS_AREA_BACKBONE(ospfh))
2394 return NULL;
2395
2396 /* look for local OSPF interface matching the destination
2397 * to determine Area ID. We presume therefore the destination address
2398 * is unique, or at least (for "unnumbered" links), not used in other
2399 * areas
2400 */
2401 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2402 == NULL)
2403 return NULL;
2404
2405 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2406 vl_area =
2407 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2408 if (!vl_area)
2409 continue;
2410
2411 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2412 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2413 if (IS_DEBUG_OSPF_EVENT)
2414 zlog_debug("associating packet with %s",
2415 IF_NAME(vl_data->vl_oi));
2416 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2417 if (IS_DEBUG_OSPF_EVENT)
2418 zlog_debug(
2419 "This VL is not up yet, sorry");
2420 return NULL;
2421 }
2422
2423 return vl_data->vl_oi;
2424 }
2425 }
2426
2427 if (IS_DEBUG_OSPF_EVENT)
2428 zlog_debug("couldn't find any VL to associate the packet with");
2429
2430 return NULL;
2431 }
2432
2433 static int ospf_check_area_id(struct ospf_interface *oi,
2434 struct ospf_header *ospfh)
2435 {
2436 /* Check match the Area ID of the receiving interface. */
2437 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2438 return 1;
2439
2440 return 0;
2441 }
2442
2443 /* Unbound socket will accept any Raw IP packets if proto is matched.
2444 To prevent it, compare src IP address and i/f address with masking
2445 i/f network mask. */
2446 static int ospf_check_network_mask(struct ospf_interface *oi,
2447 struct in_addr ip_src)
2448 {
2449 struct in_addr mask, me, him;
2450
2451 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2452 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2453 return 1;
2454
2455 masklen2ip(oi->address->prefixlen, &mask);
2456
2457 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2458 him.s_addr = ip_src.s_addr & mask.s_addr;
2459
2460 if (IPV4_ADDR_SAME(&me, &him))
2461 return 1;
2462
2463 return 0;
2464 }
2465
2466 /* Return 1, if the packet is properly authenticated and checksummed,
2467 0 otherwise. In particular, check that AuType header field is valid and
2468 matches the locally configured AuType, and that D.5 requirements are met. */
2469 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2470 {
2471 struct crypt_key *ck;
2472 uint16_t iface_auth_type;
2473 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2474
2475 switch (pkt_auth_type) {
2476 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2477 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2478 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2479 flog_warn(
2480 EC_OSPF_PACKET,
2481 "interface %s: auth-type mismatch, local %s, rcvd Null",
2482 IF_NAME(oi),
2483 lookup_msg(ospf_auth_type_str,
2484 iface_auth_type, NULL));
2485 return 0;
2486 }
2487 if (!ospf_check_sum(ospfh)) {
2488 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2489 flog_warn(
2490 EC_OSPF_PACKET,
2491 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2492 IF_NAME(oi),
2493 inet_ntoa(ospfh->router_id));
2494 return 0;
2495 }
2496 return 1;
2497 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2498 if (OSPF_AUTH_SIMPLE
2499 != (iface_auth_type = ospf_auth_type(oi))) {
2500 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2501 flog_warn(
2502 EC_OSPF_PACKET,
2503 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2504 IF_NAME(oi),
2505 lookup_msg(ospf_auth_type_str,
2506 iface_auth_type, NULL));
2507 return 0;
2508 }
2509 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2510 OSPF_AUTH_SIMPLE_SIZE)) {
2511 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2512 flog_warn(EC_OSPF_PACKET,
2513 "interface %s: Simple auth failed",
2514 IF_NAME(oi));
2515 return 0;
2516 }
2517 if (!ospf_check_sum(ospfh)) {
2518 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2519 flog_warn(
2520 EC_OSPF_PACKET,
2521 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2522 IF_NAME(oi),
2523 inet_ntoa(ospfh->router_id));
2524 return 0;
2525 }
2526 return 1;
2527 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2528 if (OSPF_AUTH_CRYPTOGRAPHIC
2529 != (iface_auth_type = ospf_auth_type(oi))) {
2530 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2531 flog_warn(
2532 EC_OSPF_PACKET,
2533 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2534 IF_NAME(oi),
2535 lookup_msg(ospf_auth_type_str,
2536 iface_auth_type, NULL));
2537 return 0;
2538 }
2539 if (ospfh->checksum) {
2540 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2541 flog_warn(
2542 EC_OSPF_PACKET,
2543 "interface %s: OSPF header checksum is not 0",
2544 IF_NAME(oi));
2545 return 0;
2546 }
2547 /* only MD5 crypto method can pass ospf_packet_examin() */
2548 if (NULL == (ck = listgetdata(
2549 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2550 || ospfh->u.crypt.key_id != ck->key_id ||
2551 /* Condition above uses the last key ID on the list,
2552 which is
2553 different from what ospf_crypt_key_lookup() does. A
2554 bug? */
2555 !ospf_check_md5_digest(oi, ospfh)) {
2556 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2557 flog_warn(EC_OSPF_MD5,
2558 "interface %s: MD5 auth failed",
2559 IF_NAME(oi));
2560 return 0;
2561 }
2562 return 1;
2563 default:
2564 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2565 flog_warn(
2566 EC_OSPF_PACKET,
2567 "interface %s: invalid packet auth-type (%02x)",
2568 IF_NAME(oi), pkt_auth_type);
2569 return 0;
2570 }
2571 }
2572
2573 static int ospf_check_sum(struct ospf_header *ospfh)
2574 {
2575 uint32_t ret;
2576 uint16_t sum;
2577
2578 /* clear auth_data for checksum. */
2579 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2580
2581 /* keep checksum and clear. */
2582 sum = ospfh->checksum;
2583 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2584
2585 /* calculate checksum. */
2586 ret = in_cksum(ospfh, ntohs(ospfh->length));
2587
2588 if (ret != sum) {
2589 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2590 ret, sum);
2591 return 0;
2592 }
2593
2594 return 1;
2595 }
2596
2597 /* Verify, that given link/TOS records are properly sized/aligned and match
2598 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2599 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2600 uint16_t linkbytes,
2601 const uint16_t num_links)
2602 {
2603 unsigned counted_links = 0, thislinklen;
2604
2605 while (linkbytes) {
2606 thislinklen =
2607 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2608 if (thislinklen > linkbytes) {
2609 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2610 zlog_debug("%s: length error in link block #%u",
2611 __func__, counted_links);
2612 return MSG_NG;
2613 }
2614 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2615 linkbytes -= thislinklen;
2616 counted_links++;
2617 }
2618 if (counted_links != num_links) {
2619 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2620 zlog_debug("%s: %u link blocks declared, %u present",
2621 __func__, num_links, counted_links);
2622 return MSG_NG;
2623 }
2624 return MSG_OK;
2625 }
2626
2627 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2628 minimum length constraint). */
2629 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2630 const uint8_t headeronly)
2631 {
2632 unsigned ret;
2633 struct router_lsa *rlsa;
2634 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2635 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2636 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2637 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2638 lookup_msg(ospf_lsa_type_msg, lsah->type,
2639 NULL));
2640 return MSG_NG;
2641 }
2642 switch (lsah->type) {
2643 case OSPF_ROUTER_LSA:
2644 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2645 * (12+)-byte link blocks */
2646 if (headeronly) {
2647 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2648 - OSPF_ROUTER_LSA_MIN_SIZE)
2649 % 4
2650 ? MSG_NG
2651 : MSG_OK;
2652 break;
2653 }
2654 rlsa = (struct router_lsa *)lsah;
2655 ret = ospf_router_lsa_links_examin(
2656 (struct router_lsa_link *)rlsa->link,
2657 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2658 header, "flags",
2659 0, "# links" */
2660 ntohs(rlsa->links) /* 16 bits */
2661 );
2662 break;
2663 case OSPF_AS_EXTERNAL_LSA:
2664 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2665 * blocks */
2666 case OSPF_AS_NSSA_LSA:
2667 /* RFC3101 C, idem */
2668 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2669 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2670 % 12
2671 ? MSG_NG
2672 : MSG_OK;
2673 break;
2674 /* Following LSA types are considered OK length-wise as soon as their
2675 * minimum
2676 * length constraint is met and length of the whole LSA is a multiple of
2677 * 4
2678 * (basic LSA header size is already a multiple of 4). */
2679 case OSPF_NETWORK_LSA:
2680 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2681 case OSPF_SUMMARY_LSA:
2682 case OSPF_ASBR_SUMMARY_LSA:
2683 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2684 * blocks */
2685 case OSPF_OPAQUE_LINK_LSA:
2686 case OSPF_OPAQUE_AREA_LSA:
2687 case OSPF_OPAQUE_AS_LSA:
2688 /* RFC5250 A.2, "some number of octets (of application-specific
2689 * data) padded to 32-bit alignment." This is considered
2690 * equivalent
2691 * to 4-byte alignment of all other LSA types, see
2692 * OSPF-ALIGNMENT.txt
2693 * file for the detailed analysis of this passage. */
2694 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2695 break;
2696 default:
2697 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2698 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2699 lsah->type);
2700 return MSG_NG;
2701 }
2702 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2703 zlog_debug("%s: alignment error in %s", __func__,
2704 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2705 return ret;
2706 }
2707
2708 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2709 includes verification of LSA blocks length/alignment and dispatching
2710 of deeper-level checks. */
2711 static unsigned
2712 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2713 size_t length, const uint8_t headeronly,
2714 /* When declared_num_lsas is not 0, compare it to the real
2715 number of LSAs
2716 and treat the difference as an error. */
2717 const uint32_t declared_num_lsas)
2718 {
2719 uint32_t counted_lsas = 0;
2720
2721 while (length) {
2722 uint16_t lsalen;
2723 if (length < OSPF_LSA_HEADER_SIZE) {
2724 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2725 zlog_debug(
2726 "%s: undersized (%zu B) trailing (#%u) LSA header",
2727 __func__, length, counted_lsas);
2728 return MSG_NG;
2729 }
2730 /* save on ntohs() calls here and in the LSA validator */
2731 lsalen = ntohs(lsah->length);
2732 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2733 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2734 zlog_debug(
2735 "%s: malformed LSA header #%u, declared length is %u B",
2736 __func__, counted_lsas, lsalen);
2737 return MSG_NG;
2738 }
2739 if (headeronly) {
2740 /* less checks here and in ospf_lsa_examin() */
2741 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2742 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2743 zlog_debug(
2744 "%s: malformed header-only LSA #%u",
2745 __func__, counted_lsas);
2746 return MSG_NG;
2747 }
2748 lsah = (struct lsa_header *)((caddr_t)lsah
2749 + OSPF_LSA_HEADER_SIZE);
2750 length -= OSPF_LSA_HEADER_SIZE;
2751 } else {
2752 /* make sure the input buffer is deep enough before
2753 * further checks */
2754 if (lsalen > length) {
2755 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2756 zlog_debug(
2757 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2758 __func__, counted_lsas, lsalen,
2759 length);
2760 return MSG_NG;
2761 }
2762 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2763 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2764 zlog_debug("%s: malformed LSA #%u",
2765 __func__, counted_lsas);
2766 return MSG_NG;
2767 }
2768 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2769 length -= lsalen;
2770 }
2771 counted_lsas++;
2772 }
2773
2774 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2775 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2776 zlog_debug(
2777 "%s: #LSAs declared (%u) does not match actual (%u)",
2778 __func__, declared_num_lsas, counted_lsas);
2779 return MSG_NG;
2780 }
2781 return MSG_OK;
2782 }
2783
2784 /* Verify a complete OSPF packet for proper sizing/alignment. */
2785 static unsigned ospf_packet_examin(struct ospf_header *oh,
2786 const unsigned bytesonwire)
2787 {
2788 uint16_t bytesdeclared, bytesauth;
2789 unsigned ret;
2790 struct ospf_ls_update *lsupd;
2791
2792 /* Length, 1st approximation. */
2793 if (bytesonwire < OSPF_HEADER_SIZE) {
2794 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2795 zlog_debug("%s: undersized (%u B) packet", __func__,
2796 bytesonwire);
2797 return MSG_NG;
2798 }
2799 /* Now it is safe to access header fields. Performing length check,
2800 * allow
2801 * for possible extra bytes of crypto auth/padding, which are not
2802 * counted
2803 * in the OSPF header "length" field. */
2804 if (oh->version != OSPF_VERSION) {
2805 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2806 zlog_debug("%s: invalid (%u) protocol version",
2807 __func__, oh->version);
2808 return MSG_NG;
2809 }
2810 bytesdeclared = ntohs(oh->length);
2811 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2812 bytesauth = 0;
2813 else {
2814 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2815 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2816 zlog_debug(
2817 "%s: unsupported crypto auth length (%u B)",
2818 __func__, oh->u.crypt.auth_data_len);
2819 return MSG_NG;
2820 }
2821 bytesauth = OSPF_AUTH_MD5_SIZE;
2822 }
2823 if (bytesdeclared + bytesauth > bytesonwire) {
2824 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2825 zlog_debug(
2826 "%s: packet length error (%u real, %u+%u declared)",
2827 __func__, bytesonwire, bytesdeclared,
2828 bytesauth);
2829 return MSG_NG;
2830 }
2831 /* Length, 2nd approximation. The type-specific constraint is checked
2832 against declared length, not amount of bytes on wire. */
2833 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2834 && bytesdeclared
2835 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2836 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2837 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2838 bytesdeclared,
2839 lookup_msg(ospf_packet_type_str, oh->type,
2840 NULL));
2841 return MSG_NG;
2842 }
2843 switch (oh->type) {
2844 case OSPF_MSG_HELLO:
2845 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2846 followed
2847 by N>=0 router-IDs. */
2848 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2849 % 4
2850 ? MSG_NG
2851 : MSG_OK;
2852 break;
2853 case OSPF_MSG_DB_DESC:
2854 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2855 followed
2856 by N>=0 header-only LSAs. */
2857 ret = ospf_lsaseq_examin(
2858 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2859 + OSPF_DB_DESC_MIN_SIZE),
2860 bytesdeclared - OSPF_HEADER_SIZE
2861 - OSPF_DB_DESC_MIN_SIZE,
2862 1, /* header-only LSAs */
2863 0);
2864 break;
2865 case OSPF_MSG_LS_REQ:
2866 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2867 * request blocks. */
2868 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2869 % OSPF_LSA_KEY_SIZE
2870 ? MSG_NG
2871 : MSG_OK;
2872 break;
2873 case OSPF_MSG_LS_UPD:
2874 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2875 followed
2876 by N>=0 full LSAs (with N declared beforehand). */
2877 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2878 + OSPF_HEADER_SIZE);
2879 ret = ospf_lsaseq_examin(
2880 (struct lsa_header *)((caddr_t)lsupd
2881 + OSPF_LS_UPD_MIN_SIZE),
2882 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2883 0, /* full LSAs */
2884 ntohl(lsupd->num_lsas) /* 32 bits */
2885 );
2886 break;
2887 case OSPF_MSG_LS_ACK:
2888 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2889 * LSAs. */
2890 ret = ospf_lsaseq_examin(
2891 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2892 + OSPF_LS_ACK_MIN_SIZE),
2893 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2894 1, /* header-only LSAs */
2895 0);
2896 break;
2897 default:
2898 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2899 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2900 oh->type);
2901 return MSG_NG;
2902 }
2903 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2904 zlog_debug("%s: malformed %s packet", __func__,
2905 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2906 return ret;
2907 }
2908
2909 /* OSPF Header verification. */
2910 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2911 struct ip *iph, struct ospf_header *ospfh)
2912 {
2913 /* Check Area ID. */
2914 if (!ospf_check_area_id(oi, ospfh)) {
2915 flog_warn(EC_OSPF_PACKET,
2916 "interface %s: ospf_read invalid Area ID %s.",
2917 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2918 return -1;
2919 }
2920
2921 /* Check network mask, Silently discarded. */
2922 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2923 flog_warn(
2924 EC_OSPF_PACKET,
2925 "interface %s: ospf_read network address is not same [%s]",
2926 IF_NAME(oi), inet_ntoa(iph->ip_src));
2927 return -1;
2928 }
2929
2930 /* Check authentication. The function handles logging actions, where
2931 * required. */
2932 if (!ospf_check_auth(oi, ospfh))
2933 return -1;
2934
2935 return 0;
2936 }
2937
2938 /* Starting point of packet process function. */
2939 int ospf_read(struct thread *thread)
2940 {
2941 int ret;
2942 struct stream *ibuf;
2943 struct ospf *ospf;
2944 struct ospf_interface *oi;
2945 struct ip *iph;
2946 struct ospf_header *ospfh;
2947 uint16_t length;
2948 struct interface *ifp = NULL;
2949 struct connected *c;
2950
2951 /* first of all get interface pointer. */
2952 ospf = THREAD_ARG(thread);
2953
2954 /* prepare for next packet. */
2955 ospf->t_read = NULL;
2956 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2957
2958 stream_reset(ospf->ibuf);
2959 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2960 if (ibuf == NULL)
2961 return -1;
2962 /* This raw packet is known to be at least as big as its IP header. */
2963
2964 /* Note that there should not be alignment problems with this assignment
2965 because this is at the beginning of the stream data buffer. */
2966 iph = (struct ip *)STREAM_DATA(ibuf);
2967 /* Note that sockopt_iphdrincl_swab_systoh was called in
2968 * ospf_recv_packet. */
2969
2970 if (ifp == NULL) {
2971 /* Handle cases where the platform does not support retrieving
2972 the ifindex,
2973 and also platforms (such as Solaris 8) that claim to support
2974 ifindex
2975 retrieval but do not. */
2976 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2977 ospf->vrf_id);
2978 if (c)
2979 ifp = c->ifp;
2980 if (ifp == NULL)
2981 return 0;
2982 }
2983
2984 /* IP Header dump. */
2985 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2986 ospf_ip_header_dump(iph);
2987
2988 /* Self-originated packet should be discarded silently. */
2989 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2990 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2991 zlog_debug(
2992 "ospf_read[%s]: Dropping self-originated packet",
2993 inet_ntoa(iph->ip_src));
2994 }
2995 return 0;
2996 }
2997
2998 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2999 by ospf_recv_packet() to be correct). */
3000 stream_forward_getp(ibuf, iph->ip_hl * 4);
3001
3002 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3003 if (MSG_OK
3004 != ospf_packet_examin(
3005 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
3006 return -1;
3007 /* Now it is safe to access all fields of OSPF packet header. */
3008
3009 /* associate packet with ospf interface */
3010 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
3011
3012 /* ospf_verify_header() relies on a valid "oi" and thus can be called
3013 only
3014 after the passive/backbone/other checks below are passed. These
3015 checks
3016 in turn access the fields of unverified "ospfh" structure for their
3017 own
3018 purposes and must remain very accurate in doing this. */
3019
3020 /* If incoming interface is passive one, ignore it. */
3021 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3022 char buf[3][INET_ADDRSTRLEN];
3023
3024 if (IS_DEBUG_OSPF_EVENT)
3025 zlog_debug(
3026 "ignoring packet from router %s sent to %s, "
3027 "received on a passive interface, %s",
3028 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3029 sizeof(buf[0])),
3030 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3031 sizeof(buf[1])),
3032 inet_ntop(AF_INET, &oi->address->u.prefix4,
3033 buf[2], sizeof(buf[2])));
3034
3035 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3036 /* Try to fix multicast membership.
3037 * Some OS:es may have problems in this area,
3038 * make sure it is removed.
3039 */
3040 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3041 ospf_if_set_multicast(oi);
3042 }
3043 return 0;
3044 }
3045
3046
3047 /* if no local ospf_interface,
3048 * or header area is backbone but ospf_interface is not
3049 * check for VLINK interface
3050 */
3051 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3052 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3053 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3054 == NULL) {
3055 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3056 zlog_debug(
3057 "Packet from [%s] received on link %s"
3058 " but no ospf_interface",
3059 inet_ntoa(iph->ip_src), ifp->name);
3060 return 0;
3061 }
3062 }
3063
3064 /* else it must be a local ospf interface, check it was received on
3065 * correct link
3066 */
3067 else if (oi->ifp != ifp) {
3068 if (IS_DEBUG_OSPF_EVENT)
3069 flog_warn(EC_OSPF_PACKET,
3070 "Packet from [%s] received on wrong link %s",
3071 inet_ntoa(iph->ip_src), ifp->name);
3072 return 0;
3073 } else if (oi->state == ISM_Down) {
3074 char buf[2][INET_ADDRSTRLEN];
3075 flog_warn(
3076 EC_OSPF_PACKET,
3077 "Ignoring packet from %s to %s received on interface that is "
3078 "down [%s]; interface flags are %s",
3079 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3080 sizeof(buf[0])),
3081 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3082 sizeof(buf[1])),
3083 ifp->name, if_flag_dump(ifp->flags));
3084 /* Fix multicast memberships? */
3085 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3086 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3087 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3088 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3089 if (oi->multicast_memberships)
3090 ospf_if_set_multicast(oi);
3091 return 0;
3092 }
3093
3094 /*
3095 * If the received packet is destined for AllDRouters, the packet
3096 * should be accepted only if the received ospf interface state is
3097 * either DR or Backup -- endo.
3098 */
3099 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3100 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3101 flog_warn(
3102 EC_OSPF_PACKET,
3103 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3104 inet_ntoa(iph->ip_src), IF_NAME(oi),
3105 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3106 /* Try to fix multicast membership. */
3107 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3108 ospf_if_set_multicast(oi);
3109 return 0;
3110 }
3111
3112 /* Verify more OSPF header fields. */
3113 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3114 if (ret < 0) {
3115 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3116 zlog_debug(
3117 "ospf_read[%s]: Header check failed, "
3118 "dropping.",
3119 inet_ntoa(iph->ip_src));
3120 return ret;
3121 }
3122
3123 /* Show debug receiving packet. */
3124 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3125 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3126 zlog_debug(
3127 "-----------------------------------------------------");
3128 ospf_packet_dump(ibuf);
3129 }
3130
3131 zlog_debug("%s received from [%s] via [%s]",
3132 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3133 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3134 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3135 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3136
3137 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3138 zlog_debug(
3139 "-----------------------------------------------------");
3140 }
3141
3142 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3143
3144 /* Adjust size to message length. */
3145 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3146
3147 /* Read rest of the packet and call each sort of packet routine. */
3148 switch (ospfh->type) {
3149 case OSPF_MSG_HELLO:
3150 ospf_hello(iph, ospfh, ibuf, oi, length);
3151 break;
3152 case OSPF_MSG_DB_DESC:
3153 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3154 break;
3155 case OSPF_MSG_LS_REQ:
3156 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3157 break;
3158 case OSPF_MSG_LS_UPD:
3159 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3160 break;
3161 case OSPF_MSG_LS_ACK:
3162 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3163 break;
3164 default:
3165 flog_warn(EC_OSPF_PACKET,
3166 "interface %s: OSPF packet header type %d is illegal",
3167 IF_NAME(oi), ospfh->type);
3168 break;
3169 }
3170
3171 return 0;
3172 }
3173
3174 /* Make OSPF header. */
3175 static void ospf_make_header(int type, struct ospf_interface *oi,
3176 struct stream *s)
3177 {
3178 struct ospf_header *ospfh;
3179
3180 ospfh = (struct ospf_header *)STREAM_DATA(s);
3181
3182 ospfh->version = (uint8_t)OSPF_VERSION;
3183 ospfh->type = (uint8_t)type;
3184
3185 ospfh->router_id = oi->ospf->router_id;
3186
3187 ospfh->checksum = 0;
3188 ospfh->area_id = oi->area->area_id;
3189 ospfh->auth_type = htons(ospf_auth_type(oi));
3190
3191 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3192
3193 stream_forward_endp(s, OSPF_HEADER_SIZE);
3194 }
3195
3196 /* Make Authentication Data. */
3197 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3198 {
3199 struct crypt_key *ck;
3200
3201 switch (ospf_auth_type(oi)) {
3202 case OSPF_AUTH_NULL:
3203 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3204 */
3205 break;
3206 case OSPF_AUTH_SIMPLE:
3207 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3208 OSPF_AUTH_SIMPLE_SIZE);
3209 break;
3210 case OSPF_AUTH_CRYPTOGRAPHIC:
3211 /* If key is not set, then set 0. */
3212 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3213 ospfh->u.crypt.zero = 0;
3214 ospfh->u.crypt.key_id = 0;
3215 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3216 } else {
3217 ck = listgetdata(
3218 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3219 ospfh->u.crypt.zero = 0;
3220 ospfh->u.crypt.key_id = ck->key_id;
3221 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3222 }
3223 /* note: the seq is done in ospf_make_md5_digest() */
3224 break;
3225 default:
3226 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3227 */
3228 break;
3229 }
3230
3231 return 0;
3232 }
3233
3234 /* Fill rest of OSPF header. */
3235 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3236 uint16_t length)
3237 {
3238 struct ospf_header *ospfh;
3239
3240 ospfh = (struct ospf_header *)STREAM_DATA(s);
3241
3242 /* Fill length. */
3243 ospfh->length = htons(length);
3244
3245 /* Calculate checksum. */
3246 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3247 ospfh->checksum = in_cksum(ospfh, length);
3248 else
3249 ospfh->checksum = 0;
3250
3251 /* Add Authentication Data. */
3252 ospf_make_auth(oi, ospfh);
3253 }
3254
3255 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3256 {
3257 struct ospf_neighbor *nbr;
3258 struct route_node *rn;
3259 uint16_t length = OSPF_HELLO_MIN_SIZE;
3260 struct in_addr mask;
3261 unsigned long p;
3262 int flag = 0;
3263
3264 /* Set netmask of interface. */
3265 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3266 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3267 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3268 masklen2ip(oi->address->prefixlen, &mask);
3269 else
3270 memset((char *)&mask, 0, sizeof(struct in_addr));
3271 stream_put_ipv4(s, mask.s_addr);
3272
3273 /* Set Hello Interval. */
3274 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3275 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3276 else
3277 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3278
3279 if (IS_DEBUG_OSPF_EVENT)
3280 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3281 IF_NAME(oi));
3282
3283 /* Set Options. */
3284 stream_putc(s, OPTIONS(oi));
3285
3286 /* Set Router Priority. */
3287 stream_putc(s, PRIORITY(oi));
3288
3289 /* Set Router Dead Interval. */
3290 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3291
3292 /* Set Designated Router. */
3293 stream_put_ipv4(s, DR(oi).s_addr);
3294
3295 p = stream_get_endp(s);
3296
3297 /* Set Backup Designated Router. */
3298 stream_put_ipv4(s, BDR(oi).s_addr);
3299
3300 /* Add neighbor seen. */
3301 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3302 if ((nbr = rn->info))
3303 if (nbr->router_id.s_addr
3304 != 0) /* Ignore 0.0.0.0 node. */
3305 if (nbr->state
3306 != NSM_Attempt) /* Ignore Down neighbor. */
3307 if (nbr->state
3308 != NSM_Down) /* This is myself for
3309 DR election. */
3310 if (!IPV4_ADDR_SAME(
3311 &nbr->router_id,
3312 &oi->ospf->router_id)) {
3313 /* Check neighbor is
3314 * sane? */
3315 if (nbr->d_router.s_addr
3316 != 0
3317 && IPV4_ADDR_SAME(
3318 &nbr->d_router,
3319 &oi->address
3320 ->u
3321 .prefix4)
3322 && IPV4_ADDR_SAME(
3323 &nbr->bd_router,
3324 &oi->address
3325 ->u
3326 .prefix4))
3327 flag = 1;
3328
3329 /* Hello packet overflows interface MTU. */
3330 if (length + sizeof(uint32_t)
3331 > ospf_packet_max(oi)) {
3332 flog_err(
3333 EC_OSPF_LARGE_HELLO,
3334 "Oversized Hello packet! Larger than MTU. Not sending it out");
3335 return 0;
3336 }
3337
3338 stream_put_ipv4(
3339 s,
3340 nbr->router_id
3341 .s_addr);
3342 length += 4;
3343 }
3344
3345 /* Let neighbor generate BackupSeen. */
3346 if (flag == 1)
3347 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3348
3349 return length;
3350 }
3351
3352 static int ospf_make_db_desc(struct ospf_interface *oi,
3353 struct ospf_neighbor *nbr, struct stream *s)
3354 {
3355 struct ospf_lsa *lsa;
3356 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3357 uint8_t options;
3358 unsigned long pp;
3359 int i;
3360 struct ospf_lsdb *lsdb;
3361
3362 /* Set Interface MTU. */
3363 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3364 stream_putw(s, 0);
3365 else
3366 stream_putw(s, oi->ifp->mtu);
3367
3368 /* Set Options. */
3369 options = OPTIONS(oi);
3370 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3371 SET_FLAG(options, OSPF_OPTION_O);
3372 stream_putc(s, options);
3373
3374 /* DD flags */
3375 pp = stream_get_endp(s);
3376 stream_putc(s, nbr->dd_flags);
3377
3378 /* Set DD Sequence Number. */
3379 stream_putl(s, nbr->dd_seqnum);
3380
3381 /* shortcut unneeded walk of (empty) summary LSDBs */
3382 if (ospf_db_summary_isempty(nbr))
3383 goto empty;
3384
3385 /* Describe LSA Header from Database Summary List. */
3386 lsdb = &nbr->db_sum;
3387
3388 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3389 struct route_table *table = lsdb->type[i].db;
3390 struct route_node *rn;
3391
3392 for (rn = route_top(table); rn; rn = route_next(rn))
3393 if ((lsa = rn->info) != NULL) {
3394 if (IS_OPAQUE_LSA(lsa->data->type)
3395 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3396 /* Suppress advertising
3397 * opaque-information. */
3398 /* Remove LSA from DB summary list. */
3399 ospf_lsdb_delete(lsdb, lsa);
3400 continue;
3401 }
3402
3403 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3404 struct lsa_header *lsah;
3405 uint16_t ls_age;
3406
3407 /* DD packet overflows interface MTU. */
3408 if (length + OSPF_LSA_HEADER_SIZE
3409 > ospf_packet_max(oi))
3410 break;
3411
3412 /* Keep pointer to LS age. */
3413 lsah = (struct lsa_header
3414 *)(STREAM_DATA(s)
3415 + stream_get_endp(
3416 s));
3417
3418 /* Proceed stream pointer. */
3419 stream_put(s, lsa->data,
3420 OSPF_LSA_HEADER_SIZE);
3421 length += OSPF_LSA_HEADER_SIZE;
3422
3423 /* Set LS age. */
3424 ls_age = LS_AGE(lsa);
3425 lsah->ls_age = htons(ls_age);
3426 }
3427
3428 /* Remove LSA from DB summary list. */
3429 ospf_lsdb_delete(lsdb, lsa);
3430 }
3431 }
3432
3433 /* Update 'More' bit */
3434 if (ospf_db_summary_isempty(nbr)) {
3435 empty:
3436 if (nbr->state >= NSM_Exchange) {
3437 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3438 /* Rewrite DD flags */
3439 stream_putc_at(s, pp, nbr->dd_flags);
3440 } else {
3441 assert(IS_SET_DD_M(nbr->dd_flags));
3442 }
3443 }
3444 return length;
3445 }
3446
3447 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3448 unsigned long delta, struct ospf_neighbor *nbr,
3449 struct ospf_lsa *lsa)
3450 {
3451 struct ospf_interface *oi;
3452
3453 oi = nbr->oi;
3454
3455 /* LS Request packet overflows interface MTU
3456 * delta is just number of bytes required for 1 LS Req
3457 * ospf_packet_max will return the number of bytes can
3458 * be accomodated without ospf header. So length+delta
3459 * can be compared to ospf_packet_max
3460 * to check if it can fit another lsreq in the same packet.
3461 */
3462
3463 if (*length + delta > ospf_packet_max(oi))
3464 return 0;
3465
3466 stream_putl(s, lsa->data->type);
3467 stream_put_ipv4(s, lsa->data->id.s_addr);
3468 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3469
3470 ospf_lsa_unlock(&nbr->ls_req_last);
3471 nbr->ls_req_last = ospf_lsa_lock(lsa);
3472
3473 *length += 12;
3474 return 1;
3475 }
3476
3477 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3478 {
3479 struct ospf_lsa *lsa;
3480 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3481 unsigned long delta = 12;
3482 struct route_table *table;
3483 struct route_node *rn;
3484 int i;
3485 struct ospf_lsdb *lsdb;
3486
3487 lsdb = &nbr->ls_req;
3488
3489 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3490 table = lsdb->type[i].db;
3491 for (rn = route_top(table); rn; rn = route_next(rn))
3492 if ((lsa = (rn->info)) != NULL)
3493 if (ospf_make_ls_req_func(s, &length, delta,
3494 nbr, lsa)
3495 == 0) {
3496 route_unlock_node(rn);
3497 break;
3498 }
3499 }
3500 return length;
3501 }
3502
3503 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3504 {
3505 int age;
3506
3507 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3508
3509 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3510 }
3511
3512 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3513 struct stream *s)
3514 {
3515 struct ospf_lsa *lsa;
3516 struct listnode *node;
3517 uint16_t length = 0;
3518 unsigned int size_noauth;
3519 unsigned long delta = stream_get_endp(s);
3520 unsigned long pp;
3521 int count = 0;
3522
3523 if (IS_DEBUG_OSPF_EVENT)
3524 zlog_debug("ospf_make_ls_upd: Start");
3525
3526 pp = stream_get_endp(s);
3527 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3528 length += OSPF_LS_UPD_MIN_SIZE;
3529
3530 /* Calculate amount of packet usable for data. */
3531 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3532
3533 while ((node = listhead(update)) != NULL) {
3534 struct lsa_header *lsah;
3535 uint16_t ls_age;
3536
3537 if (IS_DEBUG_OSPF_EVENT)
3538 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3539 count);
3540
3541 lsa = listgetdata(node);
3542
3543 assert(lsa->data);
3544
3545 /* Will it fit? Minimum it has to fit atleast one */
3546 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3547 (count > 0))
3548 break;
3549
3550 /* Keep pointer to LS age. */
3551 lsah = (struct lsa_header *)(STREAM_DATA(s)
3552 + stream_get_endp(s));
3553
3554 /* Put LSA to Link State Request. */
3555 stream_put(s, lsa->data, ntohs(lsa->data->length));
3556
3557 /* Set LS age. */
3558 /* each hop must increment an lsa_age by transmit_delay
3559 of OSPF interface */
3560 ls_age = ls_age_increment(lsa,
3561 OSPF_IF_PARAM(oi, transmit_delay));
3562 lsah->ls_age = htons(ls_age);
3563
3564 length += ntohs(lsa->data->length);
3565 count++;
3566
3567 list_delete_node(update, node);
3568 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3569 }
3570
3571 /* Now set #LSAs. */
3572 stream_putl_at(s, pp, count);
3573
3574 if (IS_DEBUG_OSPF_EVENT)
3575 zlog_debug("ospf_make_ls_upd: Stop");
3576 return length;
3577 }
3578
3579 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3580 struct stream *s)
3581 {
3582 struct listnode *node, *nnode;
3583 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3584 unsigned long delta = OSPF_LSA_HEADER_SIZE;
3585 struct ospf_lsa *lsa;
3586
3587 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3588 assert(lsa);
3589
3590 /* LS Ack packet overflows interface MTU
3591 * delta is just number of bytes required for
3592 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
3593 * the number of bytes can be accomodated without
3594 * ospf header. So length+delta can be compared
3595 * against ospf_packet_max to check if it can fit
3596 * another ls header in the same packet.
3597 */
3598 if ((length + delta) > ospf_packet_max(oi))
3599 break;
3600
3601 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3602 length += OSPF_LSA_HEADER_SIZE;
3603
3604 listnode_delete(ack, lsa);
3605 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3606 }
3607
3608 return length;
3609 }
3610
3611 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3612 {
3613 struct ospf_packet *op;
3614 uint16_t length = OSPF_HEADER_SIZE;
3615
3616 op = ospf_packet_new(oi->ifp->mtu);
3617
3618 /* Prepare OSPF common header. */
3619 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3620
3621 /* Prepare OSPF Hello body. */
3622 length += ospf_make_hello(oi, op->s);
3623 if (length == OSPF_HEADER_SIZE) {
3624 /* Hello overshooting MTU */
3625 ospf_packet_free(op);
3626 return;
3627 }
3628
3629 /* Fill OSPF header. */
3630 ospf_fill_header(oi, op->s, length);
3631
3632 /* Set packet length. */
3633 op->length = length;
3634
3635 op->dst.s_addr = addr;
3636
3637 if (IS_DEBUG_OSPF_EVENT) {
3638 if (oi->ospf->vrf_id)
3639 zlog_debug(
3640 "%s: Hello Tx interface %s ospf vrf %s id %u",
3641 __PRETTY_FUNCTION__, oi->ifp->name,
3642 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3643 oi->ospf->vrf_id);
3644 }
3645 /* Add packet to the top of the interface output queue, so that they
3646 * can't get delayed by things like long queues of LS Update packets
3647 */
3648 ospf_packet_add_top(oi, op);
3649
3650 /* Hook thread to write packet. */
3651 OSPF_ISM_WRITE_ON(oi->ospf);
3652 }
3653
3654 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3655 {
3656 struct ospf_interface *oi;
3657
3658 oi = nbr_nbma->oi;
3659 assert(oi);
3660
3661 /* If this is passive interface, do not send OSPF Hello. */
3662 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3663 return;
3664
3665 if (oi->type != OSPF_IFTYPE_NBMA)
3666 return;
3667
3668 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3669 return;
3670
3671 if (PRIORITY(oi) == 0)
3672 return;
3673
3674 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3675 && oi->state != ISM_Backup)
3676 return;
3677
3678 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3679 }
3680
3681 int ospf_poll_timer(struct thread *thread)
3682 {
3683 struct ospf_nbr_nbma *nbr_nbma;
3684
3685 nbr_nbma = THREAD_ARG(thread);
3686 nbr_nbma->t_poll = NULL;
3687
3688 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3689 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3690 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3691
3692 ospf_poll_send(nbr_nbma);
3693
3694 if (nbr_nbma->v_poll > 0)
3695 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3696 nbr_nbma->v_poll);
3697
3698 return 0;
3699 }
3700
3701
3702 int ospf_hello_reply_timer(struct thread *thread)
3703 {
3704 struct ospf_neighbor *nbr;
3705
3706 nbr = THREAD_ARG(thread);
3707 nbr->t_hello_reply = NULL;
3708
3709 assert(nbr->oi);
3710
3711 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3712 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3713 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3714
3715 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3716
3717 return 0;
3718 }
3719
3720 /* Send OSPF Hello. */
3721 void ospf_hello_send(struct ospf_interface *oi)
3722 {
3723 /* If this is passive interface, do not send OSPF Hello. */
3724 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3725 return;
3726
3727 if (oi->type == OSPF_IFTYPE_NBMA) {
3728 struct ospf_neighbor *nbr;
3729 struct route_node *rn;
3730
3731 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3732 if ((nbr = rn->info))
3733 if (nbr != oi->nbr_self)
3734 if (nbr->state != NSM_Down) {
3735 /* RFC 2328 Section 9.5.1
3736 If the router is not
3737 eligible to become Designated
3738 Router,
3739 it must periodically send
3740 Hello Packets to both the
3741 Designated Router and the
3742 Backup Designated Router (if
3743 they
3744 exist). */
3745 if (PRIORITY(oi) == 0
3746 && IPV4_ADDR_CMP(
3747 &DR(oi),
3748 &nbr->address.u
3749 .prefix4)
3750 && IPV4_ADDR_CMP(
3751 &BDR(oi),
3752 &nbr->address.u
3753 .prefix4))
3754 continue;
3755
3756 /* If the router is eligible to
3757 become Designated Router, it
3758 must periodically send Hello
3759 Packets to all neighbors that
3760 are also eligible. In
3761 addition, if the router is
3762 itself the
3763 Designated Router or Backup
3764 Designated Router, it must
3765 also
3766 send periodic Hello Packets
3767 to all other neighbors. */
3768
3769 if (nbr->priority == 0
3770 && oi->state == ISM_DROther)
3771 continue;
3772 /* if oi->state == Waiting, send
3773 * hello to all neighbors */
3774 ospf_hello_send_sub(
3775 oi,
3776 nbr->address.u.prefix4
3777 .s_addr);
3778 }
3779 } else {
3780 /* Decide destination address. */
3781 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3782 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3783 else
3784 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3785 }
3786 }
3787
3788 /* Send OSPF Database Description. */
3789 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3790 {
3791 struct ospf_interface *oi;
3792 struct ospf_packet *op;
3793 uint16_t length = OSPF_HEADER_SIZE;
3794
3795 oi = nbr->oi;
3796 op = ospf_packet_new(oi->ifp->mtu);
3797
3798 /* Prepare OSPF common header. */
3799 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3800
3801 /* Prepare OSPF Database Description body. */
3802 length += ospf_make_db_desc(oi, nbr, op->s);
3803
3804 /* Fill OSPF header. */
3805 ospf_fill_header(oi, op->s, length);
3806
3807 /* Set packet length. */
3808 op->length = length;
3809
3810 /* Decide destination address. */
3811 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3812 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3813 else
3814 op->dst = nbr->address.u.prefix4;
3815
3816 /* Add packet to the interface output queue. */
3817 ospf_packet_add(oi, op);
3818
3819 /* Hook thread to write packet. */
3820 OSPF_ISM_WRITE_ON(oi->ospf);
3821
3822 /* Remove old DD packet, then copy new one and keep in neighbor
3823 * structure. */
3824 if (nbr->last_send)
3825 ospf_packet_free(nbr->last_send);
3826 nbr->last_send = ospf_packet_dup(op);
3827 monotime(&nbr->last_send_ts);
3828 }
3829
3830 /* Re-send Database Description. */
3831 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3832 {
3833 struct ospf_interface *oi;
3834
3835 oi = nbr->oi;
3836
3837 /* Add packet to the interface output queue. */
3838 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3839
3840 /* Hook thread to write packet. */
3841 OSPF_ISM_WRITE_ON(oi->ospf);
3842 }
3843
3844 /* Send Link State Request. */
3845 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3846 {
3847 struct ospf_interface *oi;
3848 struct ospf_packet *op;
3849 uint16_t length = OSPF_HEADER_SIZE;
3850
3851 oi = nbr->oi;
3852 op = ospf_packet_new(oi->ifp->mtu);
3853
3854 /* Prepare OSPF common header. */
3855 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3856
3857 /* Prepare OSPF Link State Request body. */
3858 length += ospf_make_ls_req(nbr, op->s);
3859 if (length == OSPF_HEADER_SIZE) {
3860 ospf_packet_free(op);
3861 return;
3862 }
3863
3864 /* Fill OSPF header. */
3865 ospf_fill_header(oi, op->s, length);
3866
3867 /* Set packet length. */
3868 op->length = length;
3869
3870 /* Decide destination address. */
3871 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3872 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3873 else
3874 op->dst = nbr->address.u.prefix4;
3875
3876 /* Add packet to the interface output queue. */
3877 ospf_packet_add(oi, op);
3878
3879 /* Hook thread to write packet. */
3880 OSPF_ISM_WRITE_ON(oi->ospf);
3881
3882 /* Add Link State Request Retransmission Timer. */
3883 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3884 }
3885
3886 /* Send Link State Update with an LSA. */
3887 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3888 int flag)
3889 {
3890 struct list *update;
3891
3892 update = list_new();
3893
3894 listnode_add(update, lsa);
3895
3896 /*ospf instance is going down, send self originated
3897 * MAXAGE LSA update to neighbors to remove from LSDB */
3898 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3899 ospf_ls_upd_send(nbr, update, flag, 1);
3900 else
3901 ospf_ls_upd_send(nbr, update, flag, 0);
3902
3903 list_delete(&update);
3904 }
3905
3906 /* Determine size for packet. Must be at least big enough to accomodate next
3907 * LSA on list, which may be bigger than MTU size.
3908 *
3909 * Return pointer to new ospf_packet
3910 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3911 * on packet sizes (in which case offending LSA is deleted from update list)
3912 */
3913 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3914 struct ospf_interface *oi)
3915 {
3916 struct ospf_lsa *lsa;
3917 struct listnode *ln;
3918 size_t size;
3919 static char warned = 0;
3920
3921 lsa = listgetdata((ln = listhead(update)));
3922 assert(lsa->data);
3923
3924 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3925 > ospf_packet_max(oi)) {
3926 if (!warned) {
3927 flog_warn(
3928 EC_OSPF_LARGE_LSA,
3929 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3930 "will need to fragment. Not optimal. Try divide up"
3931 " your network with areas. Use 'debug ospf packet send'"
3932 " to see details, or look at 'show ip ospf database ..'");
3933 warned = 1;
3934 }
3935
3936 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3937 zlog_debug(
3938 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3939 " %d bytes originated by %s, will be fragmented!",
3940 inet_ntoa(lsa->data->id),
3941 ntohs(lsa->data->length),
3942 inet_ntoa(lsa->data->adv_router));
3943
3944 /*
3945 * Allocate just enough to fit this LSA only, to avoid including
3946 * other
3947 * LSAs in fragmented LSA Updates.
3948 */
3949 size = ntohs(lsa->data->length)
3950 + (oi->ifp->mtu - ospf_packet_max(oi))
3951 + OSPF_LS_UPD_MIN_SIZE;
3952 } else
3953 size = oi->ifp->mtu;
3954
3955 if (size > OSPF_MAX_PACKET_SIZE) {
3956 flog_warn(EC_OSPF_LARGE_LSA,
3957 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3958 " %d bytes, packet size %ld, dropping it completely."
3959 " OSPF routing is broken!",
3960 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3961 (long int)size);
3962 list_delete_node(update, ln);
3963 return NULL;
3964 }
3965
3966 /* IP header is built up separately by ospf_write(). This means, that we
3967 * must
3968 * reduce the "affordable" size just calculated by length of an IP
3969 * header.
3970 * This makes sure, that even if we manage to fill the payload with LSA
3971 * data
3972 * completely, the final packet (our data plus IP header) still fits
3973 * into
3974 * outgoing interface MTU. This correction isn't really meaningful for
3975 * an
3976 * oversized LSA, but for consistency the correction is done for both
3977 * cases.
3978 *
3979 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3980 */
3981 return ospf_packet_new(size - sizeof(struct ip));
3982 }
3983
3984 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3985 struct list *update, struct in_addr addr,
3986 int send_lsupd_now)
3987 {
3988 struct ospf_packet *op;
3989 uint16_t length = OSPF_HEADER_SIZE;
3990
3991 if (IS_DEBUG_OSPF_EVENT)
3992 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3993 IF_NAME(oi), inet_ntoa(addr));
3994
3995 /* Check that we have really something to process */
3996 if (listcount(update) == 0)
3997 return;
3998
3999 op = ospf_ls_upd_packet_new(update, oi);
4000
4001 /* Prepare OSPF common header. */
4002 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
4003
4004 /* Prepare OSPF Link State Update body.
4005 * Includes Type-7 translation.
4006 */
4007 length += ospf_make_ls_upd(oi, update, op->s);
4008
4009 /* Fill OSPF header. */
4010 ospf_fill_header(oi, op->s, length);
4011
4012 /* Set packet length. */
4013 op->length = length;
4014
4015 /* Decide destination address. */
4016 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4017 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4018 else
4019 op->dst.s_addr = addr.s_addr;
4020
4021 /* Add packet to the interface output queue. */
4022 ospf_packet_add(oi, op);
4023 /* Call ospf_write() right away to send ospf packets to neighbors */
4024 if (send_lsupd_now) {
4025 struct thread os_packet_thd;
4026
4027 os_packet_thd.arg = (void *)oi->ospf;
4028 if (oi->on_write_q == 0) {
4029 listnode_add(oi->ospf->oi_write_q, oi);
4030 oi->on_write_q = 1;
4031 }
4032 ospf_write(&os_packet_thd);
4033 /*
4034 * We are fake calling ospf_write with a fake
4035 * thread. Imagine that we have oi_a already
4036 * enqueued and we have turned on the write
4037 * thread(t_write).
4038 * Now this function calls this for oi_b
4039 * so the on_write_q has oi_a and oi_b on
4040 * it, ospf_write runs and clears the packets
4041 * for both oi_a and oi_b. Removing them from
4042 * the on_write_q. After this thread of execution
4043 * finishes we will execute the t_write thread
4044 * with nothing in the on_write_q causing an
4045 * assert. So just make sure that the t_write
4046 * is actually turned off.
4047 */
4048 if (list_isempty(oi->ospf->oi_write_q))
4049 OSPF_TIMER_OFF(oi->ospf->t_write);
4050 } else {
4051 /* Hook thread to write packet. */
4052 OSPF_ISM_WRITE_ON(oi->ospf);
4053 }
4054 }
4055
4056 static int ospf_ls_upd_send_queue_event(struct thread *thread)
4057 {
4058 struct ospf_interface *oi = THREAD_ARG(thread);
4059 struct route_node *rn;
4060 struct route_node *rnext;
4061 struct list *update;
4062 char again = 0;
4063
4064 oi->t_ls_upd_event = NULL;
4065
4066 if (IS_DEBUG_OSPF_EVENT)
4067 zlog_debug("ospf_ls_upd_send_queue start");
4068
4069 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4070 rnext = route_next(rn);
4071
4072 if (rn->info == NULL)
4073 continue;
4074
4075 update = (struct list *)rn->info;
4076
4077 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4078
4079 /* list might not be empty. */
4080 if (listcount(update) == 0) {
4081 list_delete((struct list **)&rn->info);
4082 route_unlock_node(rn);
4083 } else
4084 again = 1;
4085 }
4086
4087 if (again != 0) {
4088 if (IS_DEBUG_OSPF_EVENT)
4089 zlog_debug(
4090 "ospf_ls_upd_send_queue: update lists not cleared,"
4091 " %d nodes to try again, raising new event",
4092 again);
4093 oi->t_ls_upd_event = NULL;
4094 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4095 &oi->t_ls_upd_event);
4096 }
4097
4098 if (IS_DEBUG_OSPF_EVENT)
4099 zlog_debug("ospf_ls_upd_send_queue stop");
4100
4101 return 0;
4102 }
4103
4104 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4105 int send_lsupd_now)
4106 {
4107 struct ospf_interface *oi;
4108 struct ospf_lsa *lsa;
4109 struct prefix_ipv4 p;
4110 struct route_node *rn;
4111 struct listnode *node;
4112
4113 oi = nbr->oi;
4114
4115 p.family = AF_INET;
4116 p.prefixlen = IPV4_MAX_BITLEN;
4117
4118 /* Decide destination address. */
4119 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4120 p.prefix = oi->vl_data->peer_addr;
4121 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4122 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4123 else if (flag == OSPF_SEND_PACKET_DIRECT)
4124 p.prefix = nbr->address.u.prefix4;
4125 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4126 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4127 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4128 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4129 else
4130 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4131
4132 if (oi->type == OSPF_IFTYPE_NBMA) {
4133 if (flag == OSPF_SEND_PACKET_INDIRECT)
4134 flog_warn(
4135 EC_OSPF_PACKET,
4136 "* LS-Update is directly sent on NBMA network.");
4137 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4138 flog_warn(EC_OSPF_PACKET,
4139 "* LS-Update is sent to myself.");
4140 }
4141
4142 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4143
4144 if (rn->info == NULL)
4145 rn->info = list_new();
4146 else
4147 route_unlock_node(rn);
4148
4149 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4150 listnode_add(rn->info,
4151 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4152 if (send_lsupd_now) {
4153 struct list *send_update_list;
4154 struct route_node *rnext;
4155
4156 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4157 rnext = route_next(rn);
4158
4159 if (rn->info == NULL)
4160 continue;
4161
4162 send_update_list = (struct list *)rn->info;
4163
4164 ospf_ls_upd_queue_send(oi, send_update_list,
4165 rn->p.u.prefix4, 1);
4166 }
4167 } else
4168 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4169 &oi->t_ls_upd_event);
4170 }
4171
4172 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4173 struct in_addr dst)
4174 {
4175 struct ospf_packet *op;
4176 uint16_t length = OSPF_HEADER_SIZE;
4177
4178 op = ospf_packet_new(oi->ifp->mtu);
4179
4180 /* Prepare OSPF common header. */
4181 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4182
4183 /* Prepare OSPF Link State Acknowledgment body. */
4184 length += ospf_make_ls_ack(oi, ack, op->s);
4185
4186 /* Fill OSPF header. */
4187 ospf_fill_header(oi, op->s, length);
4188
4189 /* Set packet length. */
4190 op->length = length;
4191
4192 /* Decide destination address. */
4193 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4194 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4195 else
4196 op->dst.s_addr = dst.s_addr;
4197
4198 /* Add packet to the interface output queue. */
4199 ospf_packet_add(oi, op);
4200
4201 /* Hook thread to write packet. */
4202 OSPF_ISM_WRITE_ON(oi->ospf);
4203 }
4204
4205 static int ospf_ls_ack_send_event(struct thread *thread)
4206 {
4207 struct ospf_interface *oi = THREAD_ARG(thread);
4208
4209 oi->t_ls_ack_direct = NULL;
4210
4211 while (listcount(oi->ls_ack_direct.ls_ack))
4212 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4213 oi->ls_ack_direct.dst);
4214
4215 return 0;
4216 }
4217
4218 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4219 {
4220 struct ospf_interface *oi = nbr->oi;
4221
4222 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4223 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4224
4225 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4226
4227 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4228 &oi->t_ls_ack_direct);
4229 }
4230
4231 /* Send Link State Acknowledgment delayed. */
4232 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4233 {
4234 struct in_addr dst;
4235
4236 /* Decide destination address. */
4237 /* RFC2328 Section 13.5 On non-broadcast
4238 networks, delayed Link State Acknowledgment packets must be
4239 unicast separately over each adjacency (i.e., neighbor whose
4240 state is >= Exchange). */
4241 if (oi->type == OSPF_IFTYPE_NBMA) {
4242 struct ospf_neighbor *nbr;
4243 struct route_node *rn;
4244
4245 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4246 if ((nbr = rn->info) != NULL)
4247 if (nbr != oi->nbr_self
4248 && nbr->state >= NSM_Exchange)
4249 while (listcount(oi->ls_ack))
4250 ospf_ls_ack_send_list(
4251 oi, oi->ls_ack,
4252 nbr->address.u.prefix4);
4253 return;
4254 }
4255 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4256 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4257 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4258 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4259 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4260 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4261 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4262 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4263 else
4264 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4265
4266 while (listcount(oi->ls_ack))
4267 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4268 }
4269
4270 /*
4271 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4272 * address. As a result, the kernel does not need to learn the interface
4273 * MAC of the OSPF neighbor. However, in our world, this will delay
4274 * convergence. Take the case when due to a link flap, all routes now
4275 * want to use an interface which was deemed to be costlier prior to this
4276 * event. For routes that will be installed, the missing MAC will have
4277 * punt-to-CPU set on them. This may overload the CPU control path that
4278 * can be avoided if the MAC was known apriori.
4279 */
4280 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4281 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4282 {
4283 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4284 int ret;
4285
4286 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4287 return;
4288
4289 snprintf(ping_nbr, sizeof(ping_nbr),
4290 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4291 inet_ntoa(nbr->address.u.prefix4));
4292
4293 ret = system(ping_nbr);
4294 if (IS_DEBUG_OSPF_EVENT)
4295 zlog_debug("Executed %s %s", ping_nbr,
4296 ((ret == 0) ? "successfully" : "but failed"));
4297 }
FRRouting mirror