]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2818 from kssoman/rmap_fix
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38 #include "ospf_errors.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53
54 /*
55 * OSPF Fragmentation / fragmented writes
56 *
57 * ospfd can support writing fragmented packets, for cases where
58 * kernel will not fragment IP_HDRINCL and/or multicast destined
59 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
60 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
61 * flags fields, hence user-space fragmentation will not work.
62 * Only Linux is known to leave IP header unmolested.
63 * Further, fragmentation really should be done the kernel, which already
64 * supports it, and which avoids nasty IP ID state problems.
65 *
66 * Fragmentation of OSPF packets can be required on networks with router
67 * with many many interfaces active in one area, or on networks with links
68 * with low MTUs.
69 */
70 #ifdef GNU_LINUX
71 #define WANT_OSPF_WRITE_FRAGMENT
72 #endif
73
74 /* Packet Type String. */
75 const struct message ospf_packet_type_str[] = {
76 {OSPF_MSG_HELLO, "Hello"},
77 {OSPF_MSG_DB_DESC, "Database Description"},
78 {OSPF_MSG_LS_REQ, "Link State Request"},
79 {OSPF_MSG_LS_UPD, "Link State Update"},
80 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
81 {0}};
82
83 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
84 particular types, offset is the "type" field of a packet. */
85 static const uint16_t ospf_packet_minlen[] = {
86 0,
87 OSPF_HELLO_MIN_SIZE,
88 OSPF_DB_DESC_MIN_SIZE,
89 OSPF_LS_REQ_MIN_SIZE,
90 OSPF_LS_UPD_MIN_SIZE,
91 OSPF_LS_ACK_MIN_SIZE,
92 };
93
94 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
95 types, offset is the "LSA type" field. */
96 static const uint16_t ospf_lsa_minlen[] = {
97 0,
98 OSPF_ROUTER_LSA_MIN_SIZE,
99 OSPF_NETWORK_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
103 0,
104 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
105 0,
106 0,
107 0,
108 0,
109 };
110
111 /* for ospf_check_auth() */
112 static int ospf_check_sum(struct ospf_header *);
113
114 /* OSPF authentication checking function */
115 static int ospf_auth_type(struct ospf_interface *oi)
116 {
117 int auth_type;
118
119 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
120 auth_type = oi->area->auth_type;
121 else
122 auth_type = OSPF_IF_PARAM(oi, auth_type);
123
124 /* Handle case where MD5 key list is not configured aka Cisco */
125 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
126 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
127 return OSPF_AUTH_NULL;
128
129 return auth_type;
130 }
131
132 struct ospf_packet *ospf_packet_new(size_t size)
133 {
134 struct ospf_packet *new;
135
136 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
137 new->s = stream_new(size);
138
139 return new;
140 }
141
142 void ospf_packet_free(struct ospf_packet *op)
143 {
144 if (op->s)
145 stream_free(op->s);
146
147 XFREE(MTYPE_OSPF_PACKET, op);
148 }
149
150 struct ospf_fifo *ospf_fifo_new()
151 {
152 struct ospf_fifo *new;
153
154 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
155 return new;
156 }
157
158 /* Add new packet to fifo. */
159 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
160 {
161 if (fifo->tail)
162 fifo->tail->next = op;
163 else
164 fifo->head = op;
165
166 fifo->tail = op;
167
168 fifo->count++;
169 }
170
171 /* Add new packet to head of fifo. */
172 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
173 {
174 op->next = fifo->head;
175
176 if (fifo->tail == NULL)
177 fifo->tail = op;
178
179 fifo->head = op;
180
181 fifo->count++;
182 }
183
184 /* Delete first packet from fifo. */
185 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
186 {
187 struct ospf_packet *op;
188
189 op = fifo->head;
190
191 if (op) {
192 fifo->head = op->next;
193
194 if (fifo->head == NULL)
195 fifo->tail = NULL;
196
197 fifo->count--;
198 }
199
200 return op;
201 }
202
203 /* Return first fifo entry. */
204 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
205 {
206 return fifo->head;
207 }
208
209 /* Flush ospf packet fifo. */
210 void ospf_fifo_flush(struct ospf_fifo *fifo)
211 {
212 struct ospf_packet *op;
213 struct ospf_packet *next;
214
215 for (op = fifo->head; op; op = next) {
216 next = op->next;
217 ospf_packet_free(op);
218 }
219 fifo->head = fifo->tail = NULL;
220 fifo->count = 0;
221 }
222
223 /* Free ospf packet fifo. */
224 void ospf_fifo_free(struct ospf_fifo *fifo)
225 {
226 ospf_fifo_flush(fifo);
227
228 XFREE(MTYPE_OSPF_FIFO, fifo);
229 }
230
231 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
232 {
233 if (!oi->obuf) {
234 flog_err(
235 OSPF_ERR_PKT_PROCESS,
236 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
237 "destination %s) called with NULL obuf, ignoring "
238 "(please report this bug)!\n",
239 IF_NAME(oi), oi->state,
240 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
241 lookup_msg(ospf_packet_type_str,
242 stream_getc_from(op->s, 1), NULL),
243 inet_ntoa(op->dst));
244 return;
245 }
246
247 /* Add packet to end of queue. */
248 ospf_fifo_push(oi->obuf, op);
249
250 /* Debug of packet fifo*/
251 /* ospf_fifo_debug (oi->obuf); */
252 }
253
254 static void ospf_packet_add_top(struct ospf_interface *oi,
255 struct ospf_packet *op)
256 {
257 if (!oi->obuf) {
258 flog_err(
259 OSPF_ERR_PKT_PROCESS,
260 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
261 "destination %s) called with NULL obuf, ignoring "
262 "(please report this bug)!\n",
263 IF_NAME(oi), oi->state,
264 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
265 lookup_msg(ospf_packet_type_str,
266 stream_getc_from(op->s, 1), NULL),
267 inet_ntoa(op->dst));
268 return;
269 }
270
271 /* Add packet to head of queue. */
272 ospf_fifo_push_head(oi->obuf, op);
273
274 /* Debug of packet fifo*/
275 /* ospf_fifo_debug (oi->obuf); */
276 }
277
278 void ospf_packet_delete(struct ospf_interface *oi)
279 {
280 struct ospf_packet *op;
281
282 op = ospf_fifo_pop(oi->obuf);
283
284 if (op)
285 ospf_packet_free(op);
286 }
287
288 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
289 {
290 struct ospf_packet *new;
291
292 if (stream_get_endp(op->s) != op->length)
293 /* XXX size_t */
294 zlog_warn(
295 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
296 (unsigned long)STREAM_SIZE(op->s), op->length);
297
298 /* Reserve space for MD5 authentication that may be added later. */
299 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
300 stream_copy(new->s, op->s);
301
302 new->dst = op->dst;
303 new->length = op->length;
304
305 return new;
306 }
307
308 /* XXX inline */
309 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
310 {
311 int auth = 0;
312
313 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
314 auth = OSPF_AUTH_MD5_SIZE;
315
316 return auth;
317 }
318
319 static unsigned int ospf_packet_max(struct ospf_interface *oi)
320 {
321 int max;
322
323 max = oi->ifp->mtu - ospf_packet_authspace(oi);
324
325 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
326
327 return max;
328 }
329
330
331 static int ospf_check_md5_digest(struct ospf_interface *oi,
332 struct ospf_header *ospfh)
333 {
334 MD5_CTX ctx;
335 unsigned char digest[OSPF_AUTH_MD5_SIZE];
336 struct crypt_key *ck;
337 struct ospf_neighbor *nbr;
338 uint16_t length = ntohs(ospfh->length);
339
340 /* Get secret key. */
341 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
342 ospfh->u.crypt.key_id);
343 if (ck == NULL) {
344 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
345 ospfh->u.crypt.key_id);
346 return 0;
347 }
348
349 /* check crypto seqnum. */
350 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
351
352 if (nbr
353 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
354 zlog_warn(
355 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
356 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
357 ntohl(nbr->crypt_seqnum));
358 return 0;
359 }
360
361 /* Generate a digest for the ospf packet - their digest + our digest. */
362 memset(&ctx, 0, sizeof(ctx));
363 MD5Init(&ctx);
364 MD5Update(&ctx, ospfh, length);
365 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
366 MD5Final(digest, &ctx);
367
368 /* compare the two */
369 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
370 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
371 IF_NAME(oi));
372 return 0;
373 }
374
375 /* save neighbor's crypt_seqnum */
376 if (nbr)
377 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
378 return 1;
379 }
380
381 /* This function is called from ospf_write(), it will detect the
382 authentication scheme and if it is MD5, it will change the sequence
383 and update the MD5 digest. */
384 static int ospf_make_md5_digest(struct ospf_interface *oi,
385 struct ospf_packet *op)
386 {
387 struct ospf_header *ospfh;
388 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
389 MD5_CTX ctx;
390 void *ibuf;
391 uint32_t t;
392 struct crypt_key *ck;
393 const uint8_t *auth_key;
394
395 ibuf = STREAM_DATA(op->s);
396 ospfh = (struct ospf_header *)ibuf;
397
398 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
399 return 0;
400
401 /* We do this here so when we dup a packet, we don't have to
402 waste CPU rewriting other headers.
403
404 Note that quagga_time /deliberately/ is not used here */
405 t = (time(NULL) & 0xFFFFFFFF);
406 if (t > oi->crypt_seqnum)
407 oi->crypt_seqnum = t;
408 else
409 oi->crypt_seqnum++;
410
411 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
412
413 /* Get MD5 Authentication key from auth_key list. */
414 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
415 auth_key = (const uint8_t *)digest;
416 else {
417 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
418 auth_key = ck->auth_key;
419 }
420
421 /* Generate a digest for the entire packet + our secret key. */
422 memset(&ctx, 0, sizeof(ctx));
423 MD5Init(&ctx);
424 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
425 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
426 MD5Final(digest, &ctx);
427
428 /* Append md5 digest to the end of the stream. */
429 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
430
431 /* We do *NOT* increment the OSPF header length. */
432 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
433
434 if (stream_get_endp(op->s) != op->length)
435 /* XXX size_t */
436 zlog_warn(
437 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
438 (unsigned long)stream_get_endp(op->s), op->length);
439
440 return OSPF_AUTH_MD5_SIZE;
441 }
442
443
444 static int ospf_ls_req_timer(struct thread *thread)
445 {
446 struct ospf_neighbor *nbr;
447
448 nbr = THREAD_ARG(thread);
449 nbr->t_ls_req = NULL;
450
451 /* Send Link State Request. */
452 if (ospf_ls_request_count(nbr))
453 ospf_ls_req_send(nbr);
454
455 /* Set Link State Request retransmission timer. */
456 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
457
458 return 0;
459 }
460
461 void ospf_ls_req_event(struct ospf_neighbor *nbr)
462 {
463 if (nbr->t_ls_req) {
464 thread_cancel(nbr->t_ls_req);
465 nbr->t_ls_req = NULL;
466 }
467 nbr->t_ls_req = NULL;
468 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
469 }
470
471 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
472 ospf_neighbor.c */
473 int ospf_ls_upd_timer(struct thread *thread)
474 {
475 struct ospf_neighbor *nbr;
476
477 nbr = THREAD_ARG(thread);
478 nbr->t_ls_upd = NULL;
479
480 /* Send Link State Update. */
481 if (ospf_ls_retransmit_count(nbr) > 0) {
482 struct list *update;
483 struct ospf_lsdb *lsdb;
484 int i;
485 int retransmit_interval;
486
487 retransmit_interval =
488 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
489
490 lsdb = &nbr->ls_rxmt;
491 update = list_new();
492
493 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
494 struct route_table *table = lsdb->type[i].db;
495 struct route_node *rn;
496
497 for (rn = route_top(table); rn; rn = route_next(rn)) {
498 struct ospf_lsa *lsa;
499
500 if ((lsa = rn->info) != NULL) {
501 /* Don't retransmit an LSA if we
502 received it within
503 the last RxmtInterval seconds - this
504 is to allow the
505 neighbour a chance to acknowledge the
506 LSA as it may
507 have ben just received before the
508 retransmit timer
509 fired. This is a small tweak to what
510 is in the RFC,
511 but it will cut out out a lot of
512 retransmit traffic
513 - MAG */
514 if (monotime_since(&lsa->tv_recv, NULL)
515 >= retransmit_interval * 1000000LL)
516 listnode_add(update, rn->info);
517 }
518 }
519 }
520
521 if (listcount(update) > 0)
522 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
523 0);
524 list_delete_and_null(&update);
525 }
526
527 /* Set LS Update retransmission timer. */
528 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
529
530 return 0;
531 }
532
533 int ospf_ls_ack_timer(struct thread *thread)
534 {
535 struct ospf_interface *oi;
536
537 oi = THREAD_ARG(thread);
538 oi->t_ls_ack = NULL;
539
540 /* Send Link State Acknowledgment. */
541 if (listcount(oi->ls_ack) > 0)
542 ospf_ls_ack_send_delayed(oi);
543
544 /* Set LS Ack timer. */
545 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
546
547 return 0;
548 }
549
550 #ifdef WANT_OSPF_WRITE_FRAGMENT
551 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
552 struct msghdr *msg, unsigned int maxdatasize,
553 unsigned int mtu, int flags, uint8_t type)
554 {
555 #define OSPF_WRITE_FRAG_SHIFT 3
556 uint16_t offset;
557 struct iovec *iovp;
558 int ret;
559
560 assert(op->length == stream_get_endp(op->s));
561 assert(msg->msg_iovlen == 2);
562
563 /* we can but try.
564 *
565 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
566 * well as the IP_MF flag, making this all quite pointless.
567 *
568 * However, for a system on which IP_MF is left alone, and ip_id left
569 * alone or else which sets same ip_id for each fragment this might
570 * work, eg linux.
571 *
572 * XXX-TODO: It would be much nicer to have the kernel's use their
573 * existing fragmentation support to do this for us. Bugs/RFEs need to
574 * be raised against the various kernels.
575 */
576
577 /* set More Frag */
578 iph->ip_off |= IP_MF;
579
580 /* ip frag offset is expressed in units of 8byte words */
581 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
582
583 iovp = &msg->msg_iov[1];
584
585 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
586 > maxdatasize) {
587 /* data length of this frag is to next offset value */
588 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
589 iph->ip_len = iovp->iov_len + sizeof(struct ip);
590 assert(iph->ip_len <= mtu);
591
592 sockopt_iphdrincl_swab_htosys(iph);
593
594 ret = sendmsg(fd, msg, flags);
595
596 sockopt_iphdrincl_swab_systoh(iph);
597
598 if (ret < 0)
599 zlog_warn(
600 "*** ospf_write_frags: sendmsg failed to %s,"
601 " id %d, off %d, len %d, mtu %u failed with %s",
602 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
603 iph->ip_len, mtu, safe_strerror(errno));
604
605 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
606 zlog_debug(
607 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
608 iph->ip_id, iph->ip_off, iph->ip_len,
609 inet_ntoa(iph->ip_dst));
610 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
611 zlog_debug(
612 "-----------------IP Header Dump----------------------");
613 ospf_ip_header_dump(iph);
614 zlog_debug(
615 "-----------------------------------------------------");
616 }
617 }
618
619 iph->ip_off += offset;
620 stream_forward_getp(op->s, iovp->iov_len);
621 iovp->iov_base = stream_pnt(op->s);
622 }
623
624 /* setup for final fragment */
625 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
626 iph->ip_len = iovp->iov_len + sizeof(struct ip);
627 iph->ip_off &= (~IP_MF);
628 }
629 #endif /* WANT_OSPF_WRITE_FRAGMENT */
630
631 static int ospf_write(struct thread *thread)
632 {
633 struct ospf *ospf = THREAD_ARG(thread);
634 struct ospf_interface *oi;
635 struct ospf_interface *last_serviced_oi = NULL;
636 struct ospf_packet *op;
637 struct sockaddr_in sa_dst;
638 struct ip iph;
639 struct msghdr msg;
640 struct iovec iov[2];
641 uint8_t type;
642 int ret;
643 int flags = 0;
644 struct listnode *node;
645 #ifdef WANT_OSPF_WRITE_FRAGMENT
646 static uint16_t ipid = 0;
647 uint16_t maxdatasize;
648 #endif /* WANT_OSPF_WRITE_FRAGMENT */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 #ifdef GNU_LINUX
653 unsigned char cmsgbuf[64] = {};
654 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
655 struct in_pktinfo *pi;
656 #endif
657
658 ospf->t_write = NULL;
659
660 node = listhead(ospf->oi_write_q);
661 assert(node);
662 oi = listgetdata(node);
663 assert(oi);
664
665 #ifdef WANT_OSPF_WRITE_FRAGMENT
666 /* seed ipid static with low order bits of time */
667 if (ipid == 0)
668 ipid = (time(NULL) & 0xffff);
669 #endif /* WANT_OSPF_WRITE_FRAGMENT */
670
671 while ((pkt_count < ospf->write_oi_count) && oi
672 && (last_serviced_oi != oi)) {
673 /* If there is only packet in the queue, the oi is removed from
674 write-q, so fix up the last interface that was serviced */
675 if (last_serviced_oi == NULL) {
676 last_serviced_oi = oi;
677 }
678 pkt_count++;
679 #ifdef WANT_OSPF_WRITE_FRAGMENT
680 /* convenience - max OSPF data per packet */
681 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
682 #endif /* WANT_OSPF_WRITE_FRAGMENT */
683 /* Get one packet from queue. */
684 op = ospf_fifo_head(oi->obuf);
685 assert(op);
686 assert(op->length >= OSPF_HEADER_SIZE);
687
688 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
689 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
690 ospf_if_ipmulticast(ospf, oi->address,
691 oi->ifp->ifindex);
692
693 /* Rewrite the md5 signature & update the seq */
694 ospf_make_md5_digest(oi, op);
695
696 /* Retrieve OSPF packet type. */
697 stream_set_getp(op->s, 1);
698 type = stream_getc(op->s);
699
700 /* reset get pointer */
701 stream_set_getp(op->s, 0);
702
703 memset(&iph, 0, sizeof(struct ip));
704 memset(&sa_dst, 0, sizeof(sa_dst));
705
706 sa_dst.sin_family = AF_INET;
707 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
708 sa_dst.sin_len = sizeof(sa_dst);
709 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
710 sa_dst.sin_addr = op->dst;
711 sa_dst.sin_port = htons(0);
712
713 /* Set DONTROUTE flag if dst is unicast. */
714 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
715 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
716 flags = MSG_DONTROUTE;
717
718 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
719 /* it'd be very strange for header to not be 4byte-word aligned
720 * but.. */
721 if (sizeof(struct ip)
722 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
723 iph.ip_hl++; /* we presume sizeof struct ip cant
724 overflow ip_hl.. */
725
726 iph.ip_v = IPVERSION;
727 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
728 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
729
730 #if defined(__DragonFly__)
731 /*
732 * DragonFly's raw socket expects ip_len/ip_off in network byte
733 * order.
734 */
735 iph.ip_len = htons(iph.ip_len);
736 #endif
737
738 #ifdef WANT_OSPF_WRITE_FRAGMENT
739 /* XXX-MT: not thread-safe at all..
740 * XXX: this presumes this is only programme sending OSPF
741 * packets
742 * otherwise, no guarantee ipid will be unique
743 */
744 iph.ip_id = ++ipid;
745 #endif /* WANT_OSPF_WRITE_FRAGMENT */
746
747 iph.ip_off = 0;
748 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
749 iph.ip_ttl = OSPF_VL_IP_TTL;
750 else
751 iph.ip_ttl = OSPF_IP_TTL;
752 iph.ip_p = IPPROTO_OSPFIGP;
753 iph.ip_sum = 0;
754 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
755 iph.ip_dst.s_addr = op->dst.s_addr;
756
757 memset(&msg, 0, sizeof(msg));
758 msg.msg_name = (caddr_t)&sa_dst;
759 msg.msg_namelen = sizeof(sa_dst);
760 msg.msg_iov = iov;
761 msg.msg_iovlen = 2;
762
763 iov[0].iov_base = (char *)&iph;
764 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
765 iov[1].iov_base = stream_pnt(op->s);
766 iov[1].iov_len = op->length;
767
768 #ifdef GNU_LINUX
769 msg.msg_control = (caddr_t)cm;
770 cm->cmsg_level = SOL_IP;
771 cm->cmsg_type = IP_PKTINFO;
772 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
773 pi = (struct in_pktinfo *)CMSG_DATA(cm);
774 pi->ipi_ifindex = oi->ifp->ifindex;
775
776 msg.msg_controllen = cm->cmsg_len;
777 #endif
778
779 /* Sadly we can not rely on kernels to fragment packets
780 * because of either IP_HDRINCL and/or multicast
781 * destination being set.
782 */
783
784 #ifdef WANT_OSPF_WRITE_FRAGMENT
785 if (op->length > maxdatasize)
786 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
787 oi->ifp->mtu, flags, type);
788 #endif /* WANT_OSPF_WRITE_FRAGMENT */
789
790 /* send final fragment (could be first) */
791 sockopt_iphdrincl_swab_htosys(&iph);
792 ret = sendmsg(ospf->fd, &msg, flags);
793 sockopt_iphdrincl_swab_systoh(&iph);
794 if (IS_DEBUG_OSPF_EVENT)
795 zlog_debug(
796 "ospf_write to %s, "
797 "id %d, off %d, len %d, interface %s, mtu %u:",
798 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
799 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
800
801 if (ret < 0)
802 zlog_warn(
803 "*** sendmsg in ospf_write failed to %s, "
804 "id %d, off %d, len %d, interface %s, mtu %u: %s",
805 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
806 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
807 safe_strerror(errno));
808
809 /* Show debug sending packet. */
810 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
811 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
812 zlog_debug(
813 "-----------------------------------------------------");
814 ospf_ip_header_dump(&iph);
815 stream_set_getp(op->s, 0);
816 ospf_packet_dump(op->s);
817 }
818
819 zlog_debug("%s sent to [%s] via [%s].",
820 lookup_msg(ospf_packet_type_str, type, NULL),
821 inet_ntoa(op->dst), IF_NAME(oi));
822
823 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
824 zlog_debug(
825 "-----------------------------------------------------");
826 }
827
828 switch (type) {
829 case OSPF_MSG_HELLO:
830 oi->hello_out++;
831 break;
832 case OSPF_MSG_DB_DESC:
833 oi->db_desc_out++;
834 break;
835 case OSPF_MSG_LS_REQ:
836 oi->ls_req_out++;
837 break;
838 case OSPF_MSG_LS_UPD:
839 oi->ls_upd_out++;
840 break;
841 case OSPF_MSG_LS_ACK:
842 oi->ls_ack_out++;
843 break;
844 default:
845 break;
846 }
847
848 /* Now delete packet from queue. */
849 ospf_packet_delete(oi);
850
851 /* Move this interface to the tail of write_q to
852 serve everyone in a round robin fashion */
853 list_delete_node(ospf->oi_write_q, node);
854 if (ospf_fifo_head(oi->obuf) == NULL) {
855 oi->on_write_q = 0;
856 last_serviced_oi = NULL;
857 oi = NULL;
858 } else {
859 listnode_add(ospf->oi_write_q, oi);
860 }
861
862 /* Setup to service from the head of the queue again */
863 if (!list_isempty(ospf->oi_write_q)) {
864 node = listhead(ospf->oi_write_q);
865 assert(node);
866 oi = listgetdata(node);
867 assert(oi);
868 }
869 }
870
871 /* If packets still remain in queue, call write thread. */
872 if (!list_isempty(ospf->oi_write_q)) {
873 ospf->t_write = NULL;
874 thread_add_write(master, ospf_write, ospf, ospf->fd,
875 &ospf->t_write);
876 }
877
878 return 0;
879 }
880
881 /* OSPF Hello message read -- RFC2328 Section 10.5. */
882 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
883 struct stream *s, struct ospf_interface *oi, int size)
884 {
885 struct ospf_hello *hello;
886 struct ospf_neighbor *nbr;
887 int old_state;
888 struct prefix p;
889
890 /* increment statistics. */
891 oi->hello_in++;
892
893 hello = (struct ospf_hello *)stream_pnt(s);
894
895 /* If Hello is myself, silently discard. */
896 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
897 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
898 zlog_debug(
899 "ospf_header[%s/%s]: selforiginated, "
900 "dropping.",
901 lookup_msg(ospf_packet_type_str, ospfh->type,
902 NULL),
903 inet_ntoa(iph->ip_src));
904 }
905 return;
906 }
907
908 /* get neighbor prefix. */
909 p.family = AF_INET;
910 p.prefixlen = ip_masklen(hello->network_mask);
911 p.u.prefix4 = iph->ip_src;
912
913 /* Compare network mask. */
914 /* Checking is ignored for Point-to-Point and Virtual link. */
915 if (oi->type != OSPF_IFTYPE_POINTOPOINT
916 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
917 if (oi->address->prefixlen != p.prefixlen) {
918 zlog_warn(
919 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
920 inet_ntoa(ospfh->router_id), IF_NAME(oi),
921 (int)oi->address->prefixlen, (int)p.prefixlen);
922 return;
923 }
924
925 /* Compare Router Dead Interval. */
926 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
927 zlog_warn(
928 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
929 "(expected %u, but received %u).",
930 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
931 ntohl(hello->dead_interval));
932 return;
933 }
934
935 /* Compare Hello Interval - ignored if fast-hellos are set. */
936 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
937 if (OSPF_IF_PARAM(oi, v_hello)
938 != ntohs(hello->hello_interval)) {
939 zlog_warn(
940 "Packet %s [Hello:RECV]: HelloInterval mismatch "
941 "(expected %u, but received %u).",
942 inet_ntoa(ospfh->router_id),
943 OSPF_IF_PARAM(oi, v_hello),
944 ntohs(hello->hello_interval));
945 return;
946 }
947 }
948
949 if (IS_DEBUG_OSPF_EVENT)
950 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
951 inet_ntoa(ospfh->router_id),
952 ospf_options_dump(hello->options),
953 ospf_vrf_id_to_name(oi->ospf->vrf_id));
954
955 /* Compare options. */
956 #define REJECT_IF_TBIT_ON 1 /* XXX */
957 #ifdef REJECT_IF_TBIT_ON
958 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
959 /*
960 * This router does not support non-zero TOS.
961 * Drop this Hello packet not to establish neighbor
962 * relationship.
963 */
964 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
965 inet_ntoa(ospfh->router_id));
966 return;
967 }
968 #endif /* REJECT_IF_TBIT_ON */
969
970 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
971 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
972 /*
973 * This router does know the correct usage of O-bit
974 * the bit should be set in DD packet only.
975 */
976 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
977 inet_ntoa(ospfh->router_id));
978 #ifdef STRICT_OBIT_USAGE_CHECK
979 return; /* Reject this packet. */
980 #else /* STRICT_OBIT_USAGE_CHECK */
981 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
982 #endif /* STRICT_OBIT_USAGE_CHECK */
983 }
984
985 /* new for NSSA is to ensure that NP is on and E is off */
986
987 if (oi->area->external_routing == OSPF_AREA_NSSA) {
988 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
989 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
990 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
991 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
992 zlog_warn(
993 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
994 inet_ntoa(ospfh->router_id), OPTIONS(oi),
995 hello->options);
996 return;
997 }
998 if (IS_DEBUG_OSPF_NSSA)
999 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1000 inet_ntoa(ospfh->router_id));
1001 } else
1002 /* The setting of the E-bit found in the Hello Packet's Options
1003 field must match this area's ExternalRoutingCapability A
1004 mismatch causes processing to stop and the packet to be
1005 dropped. The setting of the rest of the bits in the Hello
1006 Packet's Options field should be ignored. */
1007 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1008 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1009 zlog_warn(
1010 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1011 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1012 hello->options);
1013 return;
1014 }
1015
1016 /* get neighbour struct */
1017 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1018
1019 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1020 assert(nbr);
1021
1022 old_state = nbr->state;
1023
1024 /* Add event to thread. */
1025 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1026
1027 /* RFC2328 Section 9.5.1
1028 If the router is not eligible to become Designated Router,
1029 (snip) It must also send an Hello Packet in reply to an
1030 Hello Packet received from any eligible neighbor (other than
1031 the current Designated Router and Backup Designated Router). */
1032 if (oi->type == OSPF_IFTYPE_NBMA)
1033 if (PRIORITY(oi) == 0 && hello->priority > 0
1034 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1035 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1036 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1037 ospf_hello_reply_timer,
1038 OSPF_HELLO_REPLY_DELAY);
1039
1040 /* on NBMA network type, it happens to receive bidirectional Hello
1041 packet
1042 without advance 1-Way Received event.
1043 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1044 if (oi->type == OSPF_IFTYPE_NBMA
1045 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1046 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1047 nbr->priority = hello->priority;
1048 nbr->d_router = hello->d_router;
1049 nbr->bd_router = hello->bd_router;
1050 return;
1051 }
1052
1053 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1054 size - OSPF_HELLO_MIN_SIZE)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1056 nbr->options |= hello->options;
1057 } else {
1058 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1059 /* Set neighbor information. */
1060 nbr->priority = hello->priority;
1061 nbr->d_router = hello->d_router;
1062 nbr->bd_router = hello->bd_router;
1063 return;
1064 }
1065
1066 /* If neighbor itself declares DR and no BDR exists,
1067 cause event BackupSeen */
1068 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1069 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1070 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1071
1072 /* neighbor itself declares BDR. */
1073 if (oi->state == ISM_Waiting
1074 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1075 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1076
1077 /* had not previously. */
1078 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1079 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1080 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1081 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1082 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1083
1084 /* had not previously. */
1085 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1086 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1087 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1088 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1089 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1090
1091 /* Neighbor priority check. */
1092 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1093 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1094
1095 /* Set neighbor information. */
1096 nbr->priority = hello->priority;
1097 nbr->d_router = hello->d_router;
1098 nbr->bd_router = hello->bd_router;
1099 }
1100
1101 /* Save DD flags/options/Seqnum received. */
1102 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1103 struct ospf_db_desc *dd)
1104 {
1105 nbr->last_recv.flags = dd->flags;
1106 nbr->last_recv.options = dd->options;
1107 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1108 }
1109
1110 /* Process rest of DD packet. */
1111 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1112 struct ospf_neighbor *nbr,
1113 struct ospf_db_desc *dd, uint16_t size)
1114 {
1115 struct ospf_lsa *new, *find;
1116 struct lsa_header *lsah;
1117
1118 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1119 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1120 size -= OSPF_LSA_HEADER_SIZE) {
1121 lsah = (struct lsa_header *)stream_pnt(s);
1122 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1123
1124 /* Unknown LS type. */
1125 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1126 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1127 lsah->type);
1128 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1129 return;
1130 }
1131
1132 if (IS_OPAQUE_LSA(lsah->type)
1133 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1134 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1135 lsah->type, inet_ntoa(lsah->id));
1136 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1137 return;
1138 }
1139
1140 switch (lsah->type) {
1141 case OSPF_AS_EXTERNAL_LSA:
1142 case OSPF_OPAQUE_AS_LSA:
1143 /* Check for stub area. Reject if AS-External from stub
1144 but
1145 allow if from NSSA. */
1146 if (oi->area->external_routing == OSPF_AREA_STUB) {
1147 zlog_warn(
1148 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1149 lsah->type, inet_ntoa(lsah->id),
1150 (oi->area->external_routing
1151 == OSPF_AREA_STUB)
1152 ? "STUB"
1153 : "NSSA");
1154 OSPF_NSM_EVENT_SCHEDULE(nbr,
1155 NSM_SeqNumberMismatch);
1156 return;
1157 }
1158 break;
1159 default:
1160 break;
1161 }
1162
1163 /* Create LS-request object. */
1164 new = ospf_ls_request_new(lsah);
1165
1166 /* Lookup received LSA, then add LS request list. */
1167 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1168
1169 /* ospf_lsa_more_recent is fine with NULL pointers */
1170 switch (ospf_lsa_more_recent(find, new)) {
1171 case -1:
1172 /* Neighbour has a more recent LSA, we must request it
1173 */
1174 ospf_ls_request_add(nbr, new);
1175 /* fallthru */
1176 case 0:
1177 /* If we have a copy of this LSA, it's either less
1178 * recent
1179 * and we're requesting it from neighbour (the case
1180 * above), or
1181 * it's as recent and we both have same copy (this
1182 * case).
1183 *
1184 * In neither of these two cases is there any point in
1185 * describing our copy of the LSA to the neighbour in a
1186 * DB-Summary packet, if we're still intending to do so.
1187 *
1188 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1189 * backward compatible optimisation to OSPF DB Exchange
1190 * /
1191 * DB Description process implemented here.
1192 */
1193 if (find)
1194 ospf_lsdb_delete(&nbr->db_sum, find);
1195 ospf_lsa_discard(new);
1196 break;
1197 default:
1198 /* We have the more recent copy, nothing specific to do:
1199 * - no need to request neighbours stale copy
1200 * - must leave DB summary list copy alone
1201 */
1202 if (IS_DEBUG_OSPF_EVENT)
1203 zlog_debug(
1204 "Packet [DD:RECV]: LSA received Type %d, "
1205 "ID %s is not recent.",
1206 lsah->type, inet_ntoa(lsah->id));
1207 ospf_lsa_discard(new);
1208 }
1209 }
1210
1211 /* Master */
1212 if (IS_SET_DD_MS(nbr->dd_flags)) {
1213 nbr->dd_seqnum++;
1214
1215 /* Both sides have no More, then we're done with Exchange */
1216 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1217 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1218 else
1219 ospf_db_desc_send(nbr);
1220 }
1221 /* Slave */
1222 else {
1223 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1224
1225 /* Send DD packet in reply.
1226 *
1227 * Must be done to acknowledge the Master's DD, regardless of
1228 * whether we have more LSAs ourselves to describe.
1229 *
1230 * This function will clear the 'More' bit, if after this DD
1231 * we have no more LSAs to describe to the master..
1232 */
1233 ospf_db_desc_send(nbr);
1234
1235 /* Slave can raise ExchangeDone now, if master is also done */
1236 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1237 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1238 }
1239
1240 /* Save received neighbor values from DD. */
1241 ospf_db_desc_save_current(nbr, dd);
1242
1243 if (!nbr->t_ls_req)
1244 ospf_ls_req_send(nbr);
1245 }
1246
1247 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1248 struct ospf_neighbor *nbr)
1249 {
1250 /* Is DD duplicated? */
1251 if (dd->options == nbr->last_recv.options
1252 && dd->flags == nbr->last_recv.flags
1253 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1254 return 1;
1255
1256 return 0;
1257 }
1258
1259 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1260 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1261 struct stream *s, struct ospf_interface *oi,
1262 uint16_t size)
1263 {
1264 struct ospf_db_desc *dd;
1265 struct ospf_neighbor *nbr;
1266
1267 /* Increment statistics. */
1268 oi->db_desc_in++;
1269
1270 dd = (struct ospf_db_desc *)stream_pnt(s);
1271
1272 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1273 if (nbr == NULL) {
1274 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1275 inet_ntoa(ospfh->router_id));
1276 return;
1277 }
1278
1279 /* Check MTU. */
1280 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1281 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1282 zlog_warn(
1283 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1284 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1285 oi->ifp->mtu);
1286 return;
1287 }
1288
1289 /*
1290 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1291 * not
1292 * required. In fact at least JunOS sends DD packets with P bit clear.
1293 * Until proper solution is developped, this hack should help.
1294 *
1295 * Update: According to the RFCs, N bit is specified /only/ for Hello
1296 * options, unfortunately its use in DD options is not specified. Hence
1297 * some
1298 * implementations follow E-bit semantics and set it in DD options, and
1299 * some
1300 * treat it as unspecified and hence follow the directive "default for
1301 * options is clear", ie unset.
1302 *
1303 * Reset the flag, as ospfd follows E-bit semantics.
1304 */
1305 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1306 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1307 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1308 if (IS_DEBUG_OSPF_EVENT)
1309 zlog_debug(
1310 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1311 inet_ntoa(nbr->router_id));
1312 SET_FLAG(dd->options, OSPF_OPTION_NP);
1313 }
1314
1315 #ifdef REJECT_IF_TBIT_ON
1316 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1317 /*
1318 * In Hello protocol, optional capability must have checked
1319 * to prevent this T-bit enabled router be my neighbor.
1320 */
1321 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1322 inet_ntoa(nbr->router_id));
1323 return;
1324 }
1325 #endif /* REJECT_IF_TBIT_ON */
1326
1327 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1328 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1329 /*
1330 * This node is not configured to handle O-bit, for now.
1331 * Clear it to ignore unsupported capability proposed by
1332 * neighbor.
1333 */
1334 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1335 }
1336
1337 /* Add event to thread. */
1338 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1339
1340 /* Process DD packet by neighbor status. */
1341 switch (nbr->state) {
1342 case NSM_Down:
1343 case NSM_Attempt:
1344 case NSM_TwoWay:
1345 zlog_warn(
1346 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1347 inet_ntoa(nbr->router_id),
1348 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1349 break;
1350 case NSM_Init:
1351 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1352 /* If the new state is ExStart, the processing of the current
1353 packet should then continue in this new state by falling
1354 through to case ExStart below. */
1355 if (nbr->state != NSM_ExStart)
1356 break;
1357 /* fallthru */
1358 case NSM_ExStart:
1359 /* Initial DBD */
1360 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1361 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1362 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1363 > 0) {
1364 /* We're Slave---obey */
1365 if (CHECK_FLAG(oi->ospf->config,
1366 OSPF_LOG_ADJACENCY_DETAIL))
1367 zlog_info(
1368 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1369 inet_ntoa(nbr->router_id));
1370
1371 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1372
1373 /* Reset I/MS */
1374 UNSET_FLAG(nbr->dd_flags,
1375 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1376 } else {
1377 /* We're Master, ignore the initial DBD from
1378 * Slave */
1379 if (CHECK_FLAG(oi->ospf->config,
1380 OSPF_LOG_ADJACENCY_DETAIL))
1381 zlog_info(
1382 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1383 "ignoring.",
1384 inet_ntoa(nbr->router_id));
1385 break;
1386 }
1387 }
1388 /* Ack from the Slave */
1389 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1390 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1391 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1392 < 0) {
1393 zlog_info(
1394 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1395 inet_ntoa(nbr->router_id));
1396 /* Reset I, leaving MS */
1397 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1398 } else {
1399 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1400 inet_ntoa(nbr->router_id));
1401 break;
1402 }
1403
1404 /* This is where the real Options are saved */
1405 nbr->options = dd->options;
1406
1407 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1408 if (IS_DEBUG_OSPF_EVENT)
1409 zlog_debug(
1410 "Neighbor[%s] is %sOpaque-capable.",
1411 inet_ntoa(nbr->router_id),
1412 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1413 ? ""
1414 : "NOT ");
1415
1416 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1417 && IPV4_ADDR_SAME(&DR(oi),
1418 &nbr->address.u.prefix4)) {
1419 zlog_warn(
1420 "DR-neighbor[%s] is NOT opaque-capable; "
1421 "Opaque-LSAs cannot be reliably advertised "
1422 "in this network.",
1423 inet_ntoa(nbr->router_id));
1424 /* This situation is undesirable, but not a real
1425 * error. */
1426 }
1427 }
1428
1429 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1430
1431 /* continue processing rest of packet. */
1432 ospf_db_desc_proc(s, oi, nbr, dd, size);
1433 break;
1434 case NSM_Exchange:
1435 if (ospf_db_desc_is_dup(dd, nbr)) {
1436 if (IS_SET_DD_MS(nbr->dd_flags))
1437 /* Master: discard duplicated DD packet. */
1438 zlog_info(
1439 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1440 inet_ntoa(nbr->router_id));
1441 else
1442 /* Slave: cause to retransmit the last Database
1443 Description. */
1444 {
1445 zlog_info(
1446 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1447 inet_ntoa(nbr->router_id));
1448 ospf_db_desc_resend(nbr);
1449 }
1450 break;
1451 }
1452
1453 /* Otherwise DD packet should be checked. */
1454 /* Check Master/Slave bit mismatch */
1455 if (IS_SET_DD_MS(dd->flags)
1456 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1457 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1458 inet_ntoa(nbr->router_id));
1459 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1460 if (IS_DEBUG_OSPF_EVENT)
1461 zlog_debug(
1462 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1463 dd->flags, nbr->dd_flags);
1464 break;
1465 }
1466
1467 /* Check initialize bit is set. */
1468 if (IS_SET_DD_I(dd->flags)) {
1469 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1470 inet_ntoa(nbr->router_id));
1471 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1472 break;
1473 }
1474
1475 /* Check DD Options. */
1476 if (dd->options != nbr->options) {
1477 #ifdef ORIGINAL_CODING
1478 /* Save the new options for debugging */
1479 nbr->options = dd->options;
1480 #endif /* ORIGINAL_CODING */
1481 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1482 inet_ntoa(nbr->router_id));
1483 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1484 break;
1485 }
1486
1487 /* Check DD sequence number. */
1488 if ((IS_SET_DD_MS(nbr->dd_flags)
1489 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1490 || (!IS_SET_DD_MS(nbr->dd_flags)
1491 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1492 zlog_warn(
1493 "Packet[DD]: Neighbor %s sequence number mismatch.",
1494 inet_ntoa(nbr->router_id));
1495 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1496 break;
1497 }
1498
1499 /* Continue processing rest of packet. */
1500 ospf_db_desc_proc(s, oi, nbr, dd, size);
1501 break;
1502 case NSM_Loading:
1503 case NSM_Full:
1504 if (ospf_db_desc_is_dup(dd, nbr)) {
1505 if (IS_SET_DD_MS(nbr->dd_flags)) {
1506 /* Master should discard duplicate DD packet. */
1507 zlog_info(
1508 "Packet[DD]: Neighbor %s duplicated, "
1509 "packet discarded.",
1510 inet_ntoa(nbr->router_id));
1511 break;
1512 } else {
1513 if (monotime_since(&nbr->last_send_ts, NULL)
1514 < nbr->v_inactivity * 1000000LL) {
1515 /* In states Loading and Full the slave
1516 must resend
1517 its last Database Description packet
1518 in response to
1519 duplicate Database Description
1520 packets received
1521 from the master. For this reason the
1522 slave must
1523 wait RouterDeadInterval seconds
1524 before freeing the
1525 last Database Description packet.
1526 Reception of a
1527 Database Description packet from the
1528 master after
1529 this interval will generate a
1530 SeqNumberMismatch
1531 neighbor event. RFC2328 Section 10.8
1532 */
1533 ospf_db_desc_resend(nbr);
1534 break;
1535 }
1536 }
1537 }
1538
1539 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1540 break;
1541 default:
1542 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1543 inet_ntoa(nbr->router_id), nbr->state);
1544 break;
1545 }
1546 }
1547
1548 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1549
1550 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1551 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1552 struct stream *s, struct ospf_interface *oi,
1553 uint16_t size)
1554 {
1555 struct ospf_neighbor *nbr;
1556 uint32_t ls_type;
1557 struct in_addr ls_id;
1558 struct in_addr adv_router;
1559 struct ospf_lsa *find;
1560 struct list *ls_upd;
1561 unsigned int length;
1562
1563 /* Increment statistics. */
1564 oi->ls_req_in++;
1565
1566 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1567 if (nbr == NULL) {
1568 zlog_warn("Link State Request: Unknown Neighbor %s.",
1569 inet_ntoa(ospfh->router_id));
1570 return;
1571 }
1572
1573 /* Add event to thread. */
1574 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1575
1576 /* Neighbor State should be Exchange or later. */
1577 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1578 && nbr->state != NSM_Full) {
1579 zlog_warn(
1580 "Link State Request received from %s: "
1581 "Neighbor state is %s, packet discarded.",
1582 inet_ntoa(ospfh->router_id),
1583 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1584 return;
1585 }
1586
1587 /* Send Link State Update for ALL requested LSAs. */
1588 ls_upd = list_new();
1589 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1590
1591 while (size >= OSPF_LSA_KEY_SIZE) {
1592 /* Get one slice of Link State Request. */
1593 ls_type = stream_getl(s);
1594 ls_id.s_addr = stream_get_ipv4(s);
1595 adv_router.s_addr = stream_get_ipv4(s);
1596
1597 /* Verify LSA type. */
1598 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1599 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1600 list_delete_and_null(&ls_upd);
1601 return;
1602 }
1603
1604 /* Search proper LSA in LSDB. */
1605 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1606 adv_router);
1607 if (find == NULL) {
1608 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1609 list_delete_and_null(&ls_upd);
1610 return;
1611 }
1612
1613 /* Packet overflows MTU size, send immediately. */
1614 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1615 if (oi->type == OSPF_IFTYPE_NBMA)
1616 ospf_ls_upd_send(nbr, ls_upd,
1617 OSPF_SEND_PACKET_DIRECT, 0);
1618 else
1619 ospf_ls_upd_send(nbr, ls_upd,
1620 OSPF_SEND_PACKET_INDIRECT, 0);
1621
1622 /* Only remove list contents. Keep ls_upd. */
1623 list_delete_all_node(ls_upd);
1624
1625 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1626 }
1627
1628 /* Append LSA to update list. */
1629 listnode_add(ls_upd, find);
1630 length += ntohs(find->data->length);
1631
1632 size -= OSPF_LSA_KEY_SIZE;
1633 }
1634
1635 /* Send rest of Link State Update. */
1636 if (listcount(ls_upd) > 0) {
1637 if (oi->type == OSPF_IFTYPE_NBMA)
1638 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1639 0);
1640 else
1641 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1642 0);
1643
1644 list_delete_and_null(&ls_upd);
1645 } else
1646 list_delete_and_null(&ls_upd);
1647 }
1648
1649 /* Get the list of LSAs from Link State Update packet.
1650 And process some validation -- RFC2328 Section 13. (1)-(2). */
1651 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1652 struct stream *s,
1653 struct ospf_interface *oi, size_t size)
1654 {
1655 uint16_t count, sum;
1656 uint32_t length;
1657 struct lsa_header *lsah;
1658 struct ospf_lsa *lsa;
1659 struct list *lsas;
1660
1661 lsas = list_new();
1662
1663 count = stream_getl(s);
1664 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1665
1666 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1667 size -= length, stream_forward_getp(s, length), count--) {
1668 lsah = (struct lsa_header *)stream_pnt(s);
1669 length = ntohs(lsah->length);
1670
1671 if (length > size) {
1672 zlog_warn(
1673 "Link State Update: LSA length exceeds packet size.");
1674 break;
1675 }
1676
1677 /* Validate the LSA's LS checksum. */
1678 sum = lsah->checksum;
1679 if (!ospf_lsa_checksum_valid(lsah)) {
1680 /* (bug #685) more details in a one-line message make it
1681 * possible
1682 * to identify problem source on the one hand and to
1683 * have a better
1684 * chance to compress repeated messages in syslog on the
1685 * other */
1686 zlog_warn(
1687 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1688 sum, lsah->checksum, inet_ntoa(lsah->id),
1689 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1690 inet_ntoa(lsah->adv_router));
1691 continue;
1692 }
1693
1694 /* Examine the LSA's LS type. */
1695 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1696 zlog_warn("Link State Update: Unknown LS type %d",
1697 lsah->type);
1698 continue;
1699 }
1700
1701 /*
1702 * What if the received LSA's age is greater than MaxAge?
1703 * Treat it as a MaxAge case -- endo.
1704 */
1705 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1706 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1707
1708 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1709 #ifdef STRICT_OBIT_USAGE_CHECK
1710 if ((IS_OPAQUE_LSA(lsah->type)
1711 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1712 || (!IS_OPAQUE_LSA(lsah->type)
1713 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1714 /*
1715 * This neighbor must know the exact usage of
1716 * O-bit;
1717 * the bit will be set in Type-9,10,11 LSAs
1718 * only.
1719 */
1720 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1721 lsah->type, inet_ntoa(lsah->id));
1722 continue;
1723 }
1724 #endif /* STRICT_OBIT_USAGE_CHECK */
1725
1726 /* Do not take in AS External Opaque-LSAs if we are a
1727 * stub. */
1728 if (lsah->type == OSPF_OPAQUE_AS_LSA
1729 && nbr->oi->area->external_routing
1730 != OSPF_AREA_DEFAULT) {
1731 if (IS_DEBUG_OSPF_EVENT)
1732 zlog_debug(
1733 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1734 lsah->type,
1735 inet_ntoa(lsah->id));
1736 continue;
1737 }
1738 } else if (IS_OPAQUE_LSA(lsah->type)) {
1739 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1740 lsah->type, inet_ntoa(lsah->id));
1741 continue;
1742 }
1743
1744 /* Create OSPF LSA instance. */
1745 lsa = ospf_lsa_new_and_data(length);
1746
1747 lsa->vrf_id = oi->ospf->vrf_id;
1748 /* We may wish to put some error checking if type NSSA comes in
1749 and area not in NSSA mode */
1750 switch (lsah->type) {
1751 case OSPF_AS_EXTERNAL_LSA:
1752 case OSPF_OPAQUE_AS_LSA:
1753 lsa->area = NULL;
1754 break;
1755 case OSPF_OPAQUE_LINK_LSA:
1756 lsa->oi = oi; /* Remember incoming interface for
1757 flooding control. */
1758 /* Fallthrough */
1759 default:
1760 lsa->area = oi->area;
1761 break;
1762 }
1763
1764 memcpy(lsa->data, lsah, length);
1765
1766 if (IS_DEBUG_OSPF_EVENT)
1767 zlog_debug(
1768 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1769 lsa->data->type, inet_ntoa(lsa->data->id),
1770 (void *)lsa);
1771 listnode_add(lsas, lsa);
1772 }
1773
1774 return lsas;
1775 }
1776
1777 /* Cleanup Update list. */
1778 static void ospf_upd_list_clean(struct list *lsas)
1779 {
1780 struct listnode *node, *nnode;
1781 struct ospf_lsa *lsa;
1782
1783 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1784 ospf_lsa_discard(lsa);
1785
1786 list_delete_and_null(&lsas);
1787 }
1788
1789 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1790 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1791 struct ospf_header *ospfh, struct stream *s,
1792 struct ospf_interface *oi, uint16_t size)
1793 {
1794 struct ospf_neighbor *nbr;
1795 struct list *lsas;
1796 struct listnode *node, *nnode;
1797 struct ospf_lsa *lsa = NULL;
1798 /* unsigned long ls_req_found = 0; */
1799
1800 /* Dis-assemble the stream, update each entry, re-encapsulate for
1801 * flooding */
1802
1803 /* Increment statistics. */
1804 oi->ls_upd_in++;
1805
1806 /* Check neighbor. */
1807 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1808 if (nbr == NULL) {
1809 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1810 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1811 return;
1812 }
1813
1814 /* Add event to thread. */
1815 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1816
1817 /* Check neighbor state. */
1818 if (nbr->state < NSM_Exchange) {
1819 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1820 zlog_debug(
1821 "Link State Update: "
1822 "Neighbor[%s] state %s is less than Exchange",
1823 inet_ntoa(ospfh->router_id),
1824 lookup_msg(ospf_nsm_state_msg, nbr->state,
1825 NULL));
1826 return;
1827 }
1828
1829 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1830 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1831 * of section 13.
1832 */
1833 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1834
1835 if (lsas == NULL)
1836 return;
1837 #define DISCARD_LSA(L, N) \
1838 { \
1839 if (IS_DEBUG_OSPF_EVENT) \
1840 zlog_debug( \
1841 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1842 " Type-%d", \
1843 N, (void *)lsa, (int)lsa->data->type); \
1844 ospf_lsa_discard(L); \
1845 continue; \
1846 }
1847
1848 /* Process each LSA received in the one packet.
1849 *
1850 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1851 * text below are from the steps in RFC 2328, Section 13.
1852 */
1853 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1854 struct ospf_lsa *ls_ret, *current;
1855 int ret = 1;
1856
1857 if (IS_DEBUG_OSPF_NSSA) {
1858 char buf1[INET_ADDRSTRLEN];
1859 char buf2[INET_ADDRSTRLEN];
1860 char buf3[INET_ADDRSTRLEN];
1861
1862 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1863 lsa->data->type,
1864 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1865 INET_ADDRSTRLEN),
1866 inet_ntop(AF_INET, &lsa->data->id, buf2,
1867 INET_ADDRSTRLEN),
1868 inet_ntop(AF_INET, &lsa->data->adv_router,
1869 buf3, INET_ADDRSTRLEN));
1870 }
1871
1872 listnode_delete(lsas,
1873 lsa); /* We don't need it in list anymore */
1874
1875 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1876 */
1877
1878 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1879
1880 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1881 */
1882
1883 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1884 */
1885
1886 /* Do take in Type-7's if we are an NSSA */
1887
1888 /* If we are also an ABR, later translate them to a Type-5
1889 * packet */
1890
1891 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1892 translate them to a separate Type-5 packet. */
1893
1894 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1895 /* Reject from STUB or NSSA */
1896 if (nbr->oi->area->external_routing
1897 != OSPF_AREA_DEFAULT) {
1898 if (IS_DEBUG_OSPF_NSSA)
1899 zlog_debug(
1900 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1901 DISCARD_LSA(lsa, 1);
1902 }
1903
1904 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1905 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1906 if (IS_DEBUG_OSPF_NSSA)
1907 zlog_debug(
1908 "Incoming NSSA LSA Discarded: Not NSSA Area");
1909 DISCARD_LSA(lsa, 2);
1910 }
1911
1912 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1913 if (lsa->data->type == OSPF_ROUTER_LSA)
1914 if (!IPV4_ADDR_SAME(&lsa->data->id,
1915 &lsa->data->adv_router)) {
1916 char buf1[INET_ADDRSTRLEN];
1917 char buf2[INET_ADDRSTRLEN];
1918 char buf3[INET_ADDRSTRLEN];
1919
1920 flog_err(OSPF_ERR_ROUTER_LSA_MISMATCH,
1921 "Incoming Router-LSA from %s with "
1922 "Adv-ID[%s] != LS-ID[%s]",
1923 inet_ntop(AF_INET, &ospfh->router_id,
1924 buf1, INET_ADDRSTRLEN),
1925 inet_ntop(AF_INET, &lsa->data->id,
1926 buf2, INET_ADDRSTRLEN),
1927 inet_ntop(AF_INET,
1928 &lsa->data->adv_router,
1929 buf3, INET_ADDRSTRLEN));
1930 flog_err(
1931 OSPF_ERR_DOMAIN_CORRUPT,
1932 "OSPF domain compromised by attack or corruption. "
1933 "Verify correct operation of -ALL- OSPF routers.");
1934 DISCARD_LSA(lsa, 0);
1935 }
1936
1937 /* Find the LSA in the current database. */
1938
1939 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1940
1941 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1942 currently
1943 no instance of the LSA in the router's link state database,
1944 and none of router's neighbors are in states Exchange or
1945 Loading,
1946 then take the following actions: */
1947
1948 if (IS_LSA_MAXAGE(lsa) && !current
1949 && ospf_check_nbr_status(oi->ospf)) {
1950 /* (4a) Response Link State Acknowledgment. */
1951 ospf_ls_ack_send(nbr, lsa);
1952
1953 /* (4b) Discard LSA. */
1954 if (IS_DEBUG_OSPF(lsa, LSA)) {
1955 zlog_debug(
1956 "Link State Update[%s]: LS age is equal to MaxAge.",
1957 dump_lsa_key(lsa));
1958 }
1959 DISCARD_LSA(lsa, 3);
1960 }
1961
1962 if (IS_OPAQUE_LSA(lsa->data->type)
1963 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1964 &oi->ospf->router_id)) {
1965 /*
1966 * Even if initial flushing seems to be completed, there
1967 * might
1968 * be a case that self-originated LSA with MaxAge still
1969 * remain
1970 * in the routing domain.
1971 * Just send an LSAck message to cease retransmission.
1972 */
1973 if (IS_LSA_MAXAGE(lsa)) {
1974 zlog_warn("LSA[%s]: Boomerang effect?",
1975 dump_lsa_key(lsa));
1976 ospf_ls_ack_send(nbr, lsa);
1977 ospf_lsa_discard(lsa);
1978
1979 if (current != NULL && !IS_LSA_MAXAGE(current))
1980 ospf_opaque_lsa_refresh_schedule(
1981 current);
1982 continue;
1983 }
1984
1985 /*
1986 * If an instance of self-originated Opaque-LSA is not
1987 * found
1988 * in the LSDB, there are some possible cases here.
1989 *
1990 * 1) This node lost opaque-capability after restart.
1991 * 2) Else, a part of opaque-type is no more supported.
1992 * 3) Else, a part of opaque-id is no more supported.
1993 *
1994 * Anyway, it is still this node's responsibility to
1995 * flush it.
1996 * Otherwise, the LSA instance remains in the routing
1997 * domain
1998 * until its age reaches to MaxAge.
1999 */
2000 /* XXX: We should deal with this for *ALL* LSAs, not
2001 * just opaque */
2002 if (current == NULL) {
2003 if (IS_DEBUG_OSPF_EVENT)
2004 zlog_debug(
2005 "LSA[%s]: Previously originated Opaque-LSA,"
2006 "not found in the LSDB.",
2007 dump_lsa_key(lsa));
2008
2009 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2010
2011 ospf_opaque_self_originated_lsa_received(nbr,
2012 lsa);
2013 ospf_ls_ack_send(nbr, lsa);
2014
2015 continue;
2016 }
2017 }
2018
2019 /* It might be happen that received LSA is self-originated
2020 * network LSA, but
2021 * router ID is changed. So, we should check if LSA is a
2022 * network-LSA whose
2023 * Link State ID is one of the router's own IP interface
2024 * addresses but whose
2025 * Advertising Router is not equal to the router's own Router ID
2026 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2027 * flushed.
2028 */
2029
2030 if (lsa->data->type == OSPF_NETWORK_LSA) {
2031 struct listnode *oinode, *oinnode;
2032 struct ospf_interface *out_if;
2033 int Flag = 0;
2034
2035 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2036 oinnode, out_if)) {
2037 if (out_if == NULL)
2038 break;
2039
2040 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2041 &lsa->data->id))
2042 && (!(IPV4_ADDR_SAME(
2043 &oi->ospf->router_id,
2044 &lsa->data->adv_router)))) {
2045 if (out_if->network_lsa_self) {
2046 ospf_lsa_flush_area(
2047 lsa, out_if->area);
2048 if (IS_DEBUG_OSPF_EVENT)
2049 zlog_debug(
2050 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2051 (void *)lsa,
2052 (int)lsa->data
2053 ->type);
2054 ospf_lsa_discard(lsa);
2055 Flag = 1;
2056 }
2057 break;
2058 }
2059 }
2060 if (Flag)
2061 continue;
2062 }
2063
2064 /* (5) Find the instance of this LSA that is currently contained
2065 in the router's link state database. If there is no
2066 database copy, or the received LSA is more recent than
2067 the database copy the following steps must be performed.
2068 (The sub steps from RFC 2328 section 13 step (5) will be
2069 performed in
2070 ospf_flood() ) */
2071
2072 if (current == NULL
2073 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2074 /* Actual flooding procedure. */
2075 if (ospf_flood(oi->ospf, nbr, current, lsa)
2076 < 0) /* Trap NSSA later. */
2077 DISCARD_LSA(lsa, 4);
2078 continue;
2079 }
2080
2081 /* (6) Else, If there is an instance of the LSA on the sending
2082 neighbor's Link state request list, an error has occurred in
2083 the Database Exchange process. In this case, restart the
2084 Database Exchange process by generating the neighbor event
2085 BadLSReq for the sending neighbor and stop processing the
2086 Link State Update packet. */
2087
2088 if (ospf_ls_request_lookup(nbr, lsa)) {
2089 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2090 zlog_warn(
2091 "LSA[%s] instance exists on Link state request list",
2092 dump_lsa_key(lsa));
2093
2094 /* Clean list of LSAs. */
2095 ospf_upd_list_clean(lsas);
2096 /* this lsa is not on lsas list already. */
2097 ospf_lsa_discard(lsa);
2098 return;
2099 }
2100
2101 /* If the received LSA is the same instance as the database copy
2102 (i.e., neither one is more recent) the following two steps
2103 should be performed: */
2104
2105 if (ret == 0) {
2106 /* If the LSA is listed in the Link state retransmission
2107 list
2108 for the receiving adjacency, the router itself is
2109 expecting
2110 an acknowledgment for this LSA. The router should
2111 treat the
2112 received LSA as an acknowledgment by removing the LSA
2113 from
2114 the Link state retransmission list. This is termed
2115 an
2116 "implied acknowledgment". */
2117
2118 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2119
2120 if (ls_ret != NULL) {
2121 ospf_ls_retransmit_delete(nbr, ls_ret);
2122
2123 /* Delayed acknowledgment sent if advertisement
2124 received
2125 from Designated Router, otherwise do nothing.
2126 */
2127 if (oi->state == ISM_Backup)
2128 if (NBR_IS_DR(nbr))
2129 listnode_add(
2130 oi->ls_ack,
2131 ospf_lsa_lock(lsa));
2132
2133 DISCARD_LSA(lsa, 5);
2134 } else
2135 /* Acknowledge the receipt of the LSA by sending a
2136 Link State Acknowledgment packet back out the
2137 receiving
2138 interface. */
2139 {
2140 ospf_ls_ack_send(nbr, lsa);
2141 DISCARD_LSA(lsa, 6);
2142 }
2143 }
2144
2145 /* The database copy is more recent. If the database copy
2146 has LS age equal to MaxAge and LS sequence number equal to
2147 MaxSequenceNumber, simply discard the received LSA without
2148 acknowledging it. (In this case, the LSA's LS sequence number
2149 is
2150 wrapping, and the MaxSequenceNumber LSA must be completely
2151 flushed before any new LSA instance can be introduced). */
2152
2153 else if (ret > 0) /* Database copy is more recent */
2154 {
2155 if (IS_LSA_MAXAGE(current)
2156 && current->data->ls_seqnum
2157 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2158 DISCARD_LSA(lsa, 7);
2159 }
2160 /* Otherwise, as long as the database copy has not been
2161 sent in a
2162 Link State Update within the last MinLSArrival
2163 seconds, send the
2164 database copy back to the sending neighbor,
2165 encapsulated within
2166 a Link State Update Packet. The Link State Update
2167 Packet should
2168 be sent directly to the neighbor. In so doing, do not
2169 put the
2170 database copy of the LSA on the neighbor's link state
2171 retransmission list, and do not acknowledge the
2172 received (less
2173 recent) LSA instance. */
2174 else {
2175 if (monotime_since(&current->tv_orig, NULL)
2176 >= ospf->min_ls_arrival * 1000LL)
2177 /* Trap NSSA type later.*/
2178 ospf_ls_upd_send_lsa(
2179 nbr, current,
2180 OSPF_SEND_PACKET_DIRECT);
2181 DISCARD_LSA(lsa, 8);
2182 }
2183 }
2184 }
2185 #undef DISCARD_LSA
2186
2187 assert(listcount(lsas) == 0);
2188 list_delete_and_null(&lsas);
2189 }
2190
2191 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2192 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2193 struct stream *s, struct ospf_interface *oi,
2194 uint16_t size)
2195 {
2196 struct ospf_neighbor *nbr;
2197
2198 /* increment statistics. */
2199 oi->ls_ack_in++;
2200
2201 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2202 if (nbr == NULL) {
2203 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2204 inet_ntoa(ospfh->router_id));
2205 return;
2206 }
2207
2208 /* Add event to thread. */
2209 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2210
2211 if (nbr->state < NSM_Exchange) {
2212 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2213 zlog_debug(
2214 "Link State Acknowledgment: "
2215 "Neighbor[%s] state %s is less than Exchange",
2216 inet_ntoa(ospfh->router_id),
2217 lookup_msg(ospf_nsm_state_msg, nbr->state,
2218 NULL));
2219 return;
2220 }
2221
2222 while (size >= OSPF_LSA_HEADER_SIZE) {
2223 struct ospf_lsa *lsa, *lsr;
2224
2225 lsa = ospf_lsa_new();
2226 lsa->data = (struct lsa_header *)stream_pnt(s);
2227 lsa->vrf_id = oi->ospf->vrf_id;
2228
2229 /* lsah = (struct lsa_header *) stream_pnt (s); */
2230 size -= OSPF_LSA_HEADER_SIZE;
2231 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2232
2233 if (lsa->data->type < OSPF_MIN_LSA
2234 || lsa->data->type >= OSPF_MAX_LSA) {
2235 lsa->data = NULL;
2236 ospf_lsa_discard(lsa);
2237 continue;
2238 }
2239
2240 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2241
2242 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2243 ospf_ls_retransmit_delete(nbr, lsr);
2244
2245 lsa->data = NULL;
2246 ospf_lsa_discard(lsa);
2247 }
2248
2249 return;
2250 }
2251
2252 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2253 struct interface **ifp,
2254 struct stream *ibuf)
2255 {
2256 int ret;
2257 struct ip *iph;
2258 uint16_t ip_len;
2259 ifindex_t ifindex = 0;
2260 struct iovec iov;
2261 /* Header and data both require alignment. */
2262 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2263 struct msghdr msgh;
2264
2265 memset(&msgh, 0, sizeof(struct msghdr));
2266 msgh.msg_iov = &iov;
2267 msgh.msg_iovlen = 1;
2268 msgh.msg_control = (caddr_t)buff;
2269 msgh.msg_controllen = sizeof(buff);
2270
2271 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2272 if (ret < 0) {
2273 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2274 return NULL;
2275 }
2276 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2277 {
2278 zlog_warn(
2279 "ospf_recv_packet: discarding runt packet of length %d "
2280 "(ip header size is %u)",
2281 ret, (unsigned int)sizeof(iph));
2282 return NULL;
2283 }
2284
2285 /* Note that there should not be alignment problems with this assignment
2286 because this is at the beginning of the stream data buffer. */
2287 iph = (struct ip *)STREAM_DATA(ibuf);
2288 sockopt_iphdrincl_swab_systoh(iph);
2289
2290 ip_len = iph->ip_len;
2291
2292 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2293 /*
2294 * Kernel network code touches incoming IP header parameters,
2295 * before protocol specific processing.
2296 *
2297 * 1) Convert byteorder to host representation.
2298 * --> ip_len, ip_id, ip_off
2299 *
2300 * 2) Adjust ip_len to strip IP header size!
2301 * --> If user process receives entire IP packet via RAW
2302 * socket, it must consider adding IP header size to
2303 * the "ip_len" field of "ip" structure.
2304 *
2305 * For more details, see <netinet/ip_input.c>.
2306 */
2307 ip_len = ip_len + (iph->ip_hl << 2);
2308 #endif
2309
2310 #if defined(__DragonFly__)
2311 /*
2312 * in DragonFly's raw socket, ip_len/ip_off are read
2313 * in network byte order.
2314 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2315 */
2316 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2317 #endif
2318
2319 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2320
2321 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2322
2323 if (ret != ip_len) {
2324 zlog_warn(
2325 "ospf_recv_packet read length mismatch: ip_len is %d, "
2326 "but recvmsg returned %d",
2327 ip_len, ret);
2328 return NULL;
2329 }
2330
2331 return ibuf;
2332 }
2333
2334 static struct ospf_interface *
2335 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2336 struct ip *iph, struct ospf_header *ospfh)
2337 {
2338 struct ospf_interface *rcv_oi;
2339 struct ospf_vl_data *vl_data;
2340 struct ospf_area *vl_area;
2341 struct listnode *node;
2342
2343 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2344 || !OSPF_IS_AREA_BACKBONE(ospfh))
2345 return NULL;
2346
2347 /* look for local OSPF interface matching the destination
2348 * to determine Area ID. We presume therefore the destination address
2349 * is unique, or at least (for "unnumbered" links), not used in other
2350 * areas
2351 */
2352 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2353 == NULL)
2354 return NULL;
2355
2356 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2357 vl_area =
2358 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2359 if (!vl_area)
2360 continue;
2361
2362 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2363 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2364 if (IS_DEBUG_OSPF_EVENT)
2365 zlog_debug("associating packet with %s",
2366 IF_NAME(vl_data->vl_oi));
2367 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2368 if (IS_DEBUG_OSPF_EVENT)
2369 zlog_debug(
2370 "This VL is not up yet, sorry");
2371 return NULL;
2372 }
2373
2374 return vl_data->vl_oi;
2375 }
2376 }
2377
2378 if (IS_DEBUG_OSPF_EVENT)
2379 zlog_debug("couldn't find any VL to associate the packet with");
2380
2381 return NULL;
2382 }
2383
2384 static int ospf_check_area_id(struct ospf_interface *oi,
2385 struct ospf_header *ospfh)
2386 {
2387 /* Check match the Area ID of the receiving interface. */
2388 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2389 return 1;
2390
2391 return 0;
2392 }
2393
2394 /* Unbound socket will accept any Raw IP packets if proto is matched.
2395 To prevent it, compare src IP address and i/f address with masking
2396 i/f network mask. */
2397 static int ospf_check_network_mask(struct ospf_interface *oi,
2398 struct in_addr ip_src)
2399 {
2400 struct in_addr mask, me, him;
2401
2402 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2403 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2404 return 1;
2405
2406 masklen2ip(oi->address->prefixlen, &mask);
2407
2408 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2409 him.s_addr = ip_src.s_addr & mask.s_addr;
2410
2411 if (IPV4_ADDR_SAME(&me, &him))
2412 return 1;
2413
2414 return 0;
2415 }
2416
2417 /* Return 1, if the packet is properly authenticated and checksummed,
2418 0 otherwise. In particular, check that AuType header field is valid and
2419 matches the locally configured AuType, and that D.5 requirements are met. */
2420 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2421 {
2422 struct crypt_key *ck;
2423 uint16_t iface_auth_type;
2424 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2425
2426 switch (pkt_auth_type) {
2427 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2428 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2429 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2430 zlog_warn(
2431 "interface %s: auth-type mismatch, local %s, rcvd Null",
2432 IF_NAME(oi),
2433 lookup_msg(ospf_auth_type_str,
2434 iface_auth_type, NULL));
2435 return 0;
2436 }
2437 if (!ospf_check_sum(ospfh)) {
2438 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2439 zlog_warn(
2440 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2441 IF_NAME(oi),
2442 inet_ntoa(ospfh->router_id));
2443 return 0;
2444 }
2445 return 1;
2446 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2447 if (OSPF_AUTH_SIMPLE
2448 != (iface_auth_type = ospf_auth_type(oi))) {
2449 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2450 zlog_warn(
2451 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2452 IF_NAME(oi),
2453 lookup_msg(ospf_auth_type_str,
2454 iface_auth_type, NULL));
2455 return 0;
2456 }
2457 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2458 OSPF_AUTH_SIMPLE_SIZE)) {
2459 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2460 zlog_warn("interface %s: Simple auth failed",
2461 IF_NAME(oi));
2462 return 0;
2463 }
2464 if (!ospf_check_sum(ospfh)) {
2465 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2466 zlog_warn(
2467 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2468 IF_NAME(oi),
2469 inet_ntoa(ospfh->router_id));
2470 return 0;
2471 }
2472 return 1;
2473 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2474 if (OSPF_AUTH_CRYPTOGRAPHIC
2475 != (iface_auth_type = ospf_auth_type(oi))) {
2476 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2477 zlog_warn(
2478 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2479 IF_NAME(oi),
2480 lookup_msg(ospf_auth_type_str,
2481 iface_auth_type, NULL));
2482 return 0;
2483 }
2484 if (ospfh->checksum) {
2485 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2486 zlog_warn(
2487 "interface %s: OSPF header checksum is not 0",
2488 IF_NAME(oi));
2489 return 0;
2490 }
2491 /* only MD5 crypto method can pass ospf_packet_examin() */
2492 if (NULL == (ck = listgetdata(
2493 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2494 || ospfh->u.crypt.key_id != ck->key_id ||
2495 /* Condition above uses the last key ID on the list,
2496 which is
2497 different from what ospf_crypt_key_lookup() does. A
2498 bug? */
2499 !ospf_check_md5_digest(oi, ospfh)) {
2500 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2501 zlog_warn("interface %s: MD5 auth failed",
2502 IF_NAME(oi));
2503 return 0;
2504 }
2505 return 1;
2506 default:
2507 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2508 zlog_warn(
2509 "interface %s: invalid packet auth-type (%02x)",
2510 IF_NAME(oi), pkt_auth_type);
2511 return 0;
2512 }
2513 }
2514
2515 static int ospf_check_sum(struct ospf_header *ospfh)
2516 {
2517 uint32_t ret;
2518 uint16_t sum;
2519
2520 /* clear auth_data for checksum. */
2521 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2522
2523 /* keep checksum and clear. */
2524 sum = ospfh->checksum;
2525 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2526
2527 /* calculate checksum. */
2528 ret = in_cksum(ospfh, ntohs(ospfh->length));
2529
2530 if (ret != sum) {
2531 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2532 ret, sum);
2533 return 0;
2534 }
2535
2536 return 1;
2537 }
2538
2539 /* Verify, that given link/TOS records are properly sized/aligned and match
2540 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2541 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2542 uint16_t linkbytes,
2543 const uint16_t num_links)
2544 {
2545 unsigned counted_links = 0, thislinklen;
2546
2547 while (linkbytes) {
2548 thislinklen =
2549 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2550 if (thislinklen > linkbytes) {
2551 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2552 zlog_debug("%s: length error in link block #%u",
2553 __func__, counted_links);
2554 return MSG_NG;
2555 }
2556 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2557 linkbytes -= thislinklen;
2558 counted_links++;
2559 }
2560 if (counted_links != num_links) {
2561 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2562 zlog_debug("%s: %u link blocks declared, %u present",
2563 __func__, num_links, counted_links);
2564 return MSG_NG;
2565 }
2566 return MSG_OK;
2567 }
2568
2569 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2570 minimum length constraint). */
2571 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2572 const uint8_t headeronly)
2573 {
2574 unsigned ret;
2575 struct router_lsa *rlsa;
2576 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2577 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2578 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2579 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2580 lookup_msg(ospf_lsa_type_msg, lsah->type,
2581 NULL));
2582 return MSG_NG;
2583 }
2584 switch (lsah->type) {
2585 case OSPF_ROUTER_LSA:
2586 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2587 * (12+)-byte link blocks */
2588 if (headeronly) {
2589 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2590 - OSPF_ROUTER_LSA_MIN_SIZE)
2591 % 4
2592 ? MSG_NG
2593 : MSG_OK;
2594 break;
2595 }
2596 rlsa = (struct router_lsa *)lsah;
2597 ret = ospf_router_lsa_links_examin(
2598 (struct router_lsa_link *)rlsa->link,
2599 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2600 header, "flags",
2601 0, "# links" */
2602 ntohs(rlsa->links) /* 16 bits */
2603 );
2604 break;
2605 case OSPF_AS_EXTERNAL_LSA:
2606 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2607 * blocks */
2608 case OSPF_AS_NSSA_LSA:
2609 /* RFC3101 C, idem */
2610 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2611 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2612 % 12
2613 ? MSG_NG
2614 : MSG_OK;
2615 break;
2616 /* Following LSA types are considered OK length-wise as soon as their
2617 * minimum
2618 * length constraint is met and length of the whole LSA is a multiple of
2619 * 4
2620 * (basic LSA header size is already a multiple of 4). */
2621 case OSPF_NETWORK_LSA:
2622 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2623 case OSPF_SUMMARY_LSA:
2624 case OSPF_ASBR_SUMMARY_LSA:
2625 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2626 * blocks */
2627 case OSPF_OPAQUE_LINK_LSA:
2628 case OSPF_OPAQUE_AREA_LSA:
2629 case OSPF_OPAQUE_AS_LSA:
2630 /* RFC5250 A.2, "some number of octets (of application-specific
2631 * data) padded to 32-bit alignment." This is considered
2632 * equivalent
2633 * to 4-byte alignment of all other LSA types, see
2634 * OSPF-ALIGNMENT.txt
2635 * file for the detailed analysis of this passage. */
2636 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2637 break;
2638 default:
2639 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2640 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2641 lsah->type);
2642 return MSG_NG;
2643 }
2644 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2645 zlog_debug("%s: alignment error in %s", __func__,
2646 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2647 return ret;
2648 }
2649
2650 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2651 includes verification of LSA blocks length/alignment and dispatching
2652 of deeper-level checks. */
2653 static unsigned
2654 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2655 size_t length, const uint8_t headeronly,
2656 /* When declared_num_lsas is not 0, compare it to the real
2657 number of LSAs
2658 and treat the difference as an error. */
2659 const uint32_t declared_num_lsas)
2660 {
2661 uint32_t counted_lsas = 0;
2662
2663 while (length) {
2664 uint16_t lsalen;
2665 if (length < OSPF_LSA_HEADER_SIZE) {
2666 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2667 zlog_debug(
2668 "%s: undersized (%zu B) trailing (#%u) LSA header",
2669 __func__, length, counted_lsas);
2670 return MSG_NG;
2671 }
2672 /* save on ntohs() calls here and in the LSA validator */
2673 lsalen = ntohs(lsah->length);
2674 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2675 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2676 zlog_debug(
2677 "%s: malformed LSA header #%u, declared length is %u B",
2678 __func__, counted_lsas, lsalen);
2679 return MSG_NG;
2680 }
2681 if (headeronly) {
2682 /* less checks here and in ospf_lsa_examin() */
2683 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2684 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2685 zlog_debug(
2686 "%s: malformed header-only LSA #%u",
2687 __func__, counted_lsas);
2688 return MSG_NG;
2689 }
2690 lsah = (struct lsa_header *)((caddr_t)lsah
2691 + OSPF_LSA_HEADER_SIZE);
2692 length -= OSPF_LSA_HEADER_SIZE;
2693 } else {
2694 /* make sure the input buffer is deep enough before
2695 * further checks */
2696 if (lsalen > length) {
2697 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2698 zlog_debug(
2699 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2700 __func__, counted_lsas, lsalen,
2701 length);
2702 return MSG_NG;
2703 }
2704 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2705 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2706 zlog_debug("%s: malformed LSA #%u",
2707 __func__, counted_lsas);
2708 return MSG_NG;
2709 }
2710 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2711 length -= lsalen;
2712 }
2713 counted_lsas++;
2714 }
2715
2716 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2717 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2718 zlog_debug(
2719 "%s: #LSAs declared (%u) does not match actual (%u)",
2720 __func__, declared_num_lsas, counted_lsas);
2721 return MSG_NG;
2722 }
2723 return MSG_OK;
2724 }
2725
2726 /* Verify a complete OSPF packet for proper sizing/alignment. */
2727 static unsigned ospf_packet_examin(struct ospf_header *oh,
2728 const unsigned bytesonwire)
2729 {
2730 uint16_t bytesdeclared, bytesauth;
2731 unsigned ret;
2732 struct ospf_ls_update *lsupd;
2733
2734 /* Length, 1st approximation. */
2735 if (bytesonwire < OSPF_HEADER_SIZE) {
2736 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2737 zlog_debug("%s: undersized (%u B) packet", __func__,
2738 bytesonwire);
2739 return MSG_NG;
2740 }
2741 /* Now it is safe to access header fields. Performing length check,
2742 * allow
2743 * for possible extra bytes of crypto auth/padding, which are not
2744 * counted
2745 * in the OSPF header "length" field. */
2746 if (oh->version != OSPF_VERSION) {
2747 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2748 zlog_debug("%s: invalid (%u) protocol version",
2749 __func__, oh->version);
2750 return MSG_NG;
2751 }
2752 bytesdeclared = ntohs(oh->length);
2753 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2754 bytesauth = 0;
2755 else {
2756 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2757 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2758 zlog_debug(
2759 "%s: unsupported crypto auth length (%u B)",
2760 __func__, oh->u.crypt.auth_data_len);
2761 return MSG_NG;
2762 }
2763 bytesauth = OSPF_AUTH_MD5_SIZE;
2764 }
2765 if (bytesdeclared + bytesauth > bytesonwire) {
2766 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2767 zlog_debug(
2768 "%s: packet length error (%u real, %u+%u declared)",
2769 __func__, bytesonwire, bytesdeclared,
2770 bytesauth);
2771 return MSG_NG;
2772 }
2773 /* Length, 2nd approximation. The type-specific constraint is checked
2774 against declared length, not amount of bytes on wire. */
2775 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2776 && bytesdeclared
2777 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2778 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2779 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2780 bytesdeclared,
2781 lookup_msg(ospf_packet_type_str, oh->type,
2782 NULL));
2783 return MSG_NG;
2784 }
2785 switch (oh->type) {
2786 case OSPF_MSG_HELLO:
2787 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2788 followed
2789 by N>=0 router-IDs. */
2790 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2791 % 4
2792 ? MSG_NG
2793 : MSG_OK;
2794 break;
2795 case OSPF_MSG_DB_DESC:
2796 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2797 followed
2798 by N>=0 header-only LSAs. */
2799 ret = ospf_lsaseq_examin(
2800 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2801 + OSPF_DB_DESC_MIN_SIZE),
2802 bytesdeclared - OSPF_HEADER_SIZE
2803 - OSPF_DB_DESC_MIN_SIZE,
2804 1, /* header-only LSAs */
2805 0);
2806 break;
2807 case OSPF_MSG_LS_REQ:
2808 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2809 * request blocks. */
2810 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2811 % OSPF_LSA_KEY_SIZE
2812 ? MSG_NG
2813 : MSG_OK;
2814 break;
2815 case OSPF_MSG_LS_UPD:
2816 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2817 followed
2818 by N>=0 full LSAs (with N declared beforehand). */
2819 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2820 + OSPF_HEADER_SIZE);
2821 ret = ospf_lsaseq_examin(
2822 (struct lsa_header *)((caddr_t)lsupd
2823 + OSPF_LS_UPD_MIN_SIZE),
2824 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2825 0, /* full LSAs */
2826 ntohl(lsupd->num_lsas) /* 32 bits */
2827 );
2828 break;
2829 case OSPF_MSG_LS_ACK:
2830 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2831 * LSAs. */
2832 ret = ospf_lsaseq_examin(
2833 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2834 + OSPF_LS_ACK_MIN_SIZE),
2835 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2836 1, /* header-only LSAs */
2837 0);
2838 break;
2839 default:
2840 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2841 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2842 oh->type);
2843 return MSG_NG;
2844 }
2845 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2846 zlog_debug("%s: malformed %s packet", __func__,
2847 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2848 return ret;
2849 }
2850
2851 /* OSPF Header verification. */
2852 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2853 struct ip *iph, struct ospf_header *ospfh)
2854 {
2855 /* Check Area ID. */
2856 if (!ospf_check_area_id(oi, ospfh)) {
2857 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2858 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2859 return -1;
2860 }
2861
2862 /* Check network mask, Silently discarded. */
2863 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2864 zlog_warn(
2865 "interface %s: ospf_read network address is not same [%s]",
2866 IF_NAME(oi), inet_ntoa(iph->ip_src));
2867 return -1;
2868 }
2869
2870 /* Check authentication. The function handles logging actions, where
2871 * required. */
2872 if (!ospf_check_auth(oi, ospfh))
2873 return -1;
2874
2875 return 0;
2876 }
2877
2878 /* Starting point of packet process function. */
2879 int ospf_read(struct thread *thread)
2880 {
2881 int ret;
2882 struct stream *ibuf;
2883 struct ospf *ospf;
2884 struct ospf_interface *oi;
2885 struct ip *iph;
2886 struct ospf_header *ospfh;
2887 uint16_t length;
2888 struct interface *ifp = NULL;
2889 struct connected *c;
2890
2891 /* first of all get interface pointer. */
2892 ospf = THREAD_ARG(thread);
2893
2894 /* prepare for next packet. */
2895 ospf->t_read = NULL;
2896 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2897
2898 stream_reset(ospf->ibuf);
2899 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2900 if (ibuf == NULL)
2901 return -1;
2902 /* This raw packet is known to be at least as big as its IP header. */
2903
2904 /* Note that there should not be alignment problems with this assignment
2905 because this is at the beginning of the stream data buffer. */
2906 iph = (struct ip *)STREAM_DATA(ibuf);
2907 /* Note that sockopt_iphdrincl_swab_systoh was called in
2908 * ospf_recv_packet. */
2909
2910 if (ifp == NULL) {
2911 /* Handle cases where the platform does not support retrieving
2912 the ifindex,
2913 and also platforms (such as Solaris 8) that claim to support
2914 ifindex
2915 retrieval but do not. */
2916 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2917 ospf->vrf_id);
2918 if (c)
2919 ifp = c->ifp;
2920 if (ifp == NULL)
2921 return 0;
2922 }
2923
2924 /* IP Header dump. */
2925 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2926 ospf_ip_header_dump(iph);
2927
2928 /* Self-originated packet should be discarded silently. */
2929 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2930 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2931 zlog_debug(
2932 "ospf_read[%s]: Dropping self-originated packet",
2933 inet_ntoa(iph->ip_src));
2934 }
2935 return 0;
2936 }
2937
2938 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2939 by ospf_recv_packet() to be correct). */
2940 stream_forward_getp(ibuf, iph->ip_hl * 4);
2941
2942 ospfh = (struct ospf_header *)stream_pnt(ibuf);
2943 if (MSG_OK
2944 != ospf_packet_examin(
2945 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2946 return -1;
2947 /* Now it is safe to access all fields of OSPF packet header. */
2948
2949 /* associate packet with ospf interface */
2950 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2951
2952 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2953 only
2954 after the passive/backbone/other checks below are passed. These
2955 checks
2956 in turn access the fields of unverified "ospfh" structure for their
2957 own
2958 purposes and must remain very accurate in doing this. */
2959
2960 /* If incoming interface is passive one, ignore it. */
2961 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2962 char buf[3][INET_ADDRSTRLEN];
2963
2964 if (IS_DEBUG_OSPF_EVENT)
2965 zlog_debug(
2966 "ignoring packet from router %s sent to %s, "
2967 "received on a passive interface, %s",
2968 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2969 sizeof(buf[0])),
2970 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2971 sizeof(buf[1])),
2972 inet_ntop(AF_INET, &oi->address->u.prefix4,
2973 buf[2], sizeof(buf[2])));
2974
2975 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2976 /* Try to fix multicast membership.
2977 * Some OS:es may have problems in this area,
2978 * make sure it is removed.
2979 */
2980 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2981 ospf_if_set_multicast(oi);
2982 }
2983 return 0;
2984 }
2985
2986
2987 /* if no local ospf_interface,
2988 * or header area is backbone but ospf_interface is not
2989 * check for VLINK interface
2990 */
2991 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2992 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2993 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2994 == NULL) {
2995 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2996 zlog_debug(
2997 "Packet from [%s] received on link %s"
2998 " but no ospf_interface",
2999 inet_ntoa(iph->ip_src), ifp->name);
3000 return 0;
3001 }
3002 }
3003
3004 /* else it must be a local ospf interface, check it was received on
3005 * correct link
3006 */
3007 else if (oi->ifp != ifp) {
3008 if (IS_DEBUG_OSPF_EVENT)
3009 zlog_warn("Packet from [%s] received on wrong link %s",
3010 inet_ntoa(iph->ip_src), ifp->name);
3011 return 0;
3012 } else if (oi->state == ISM_Down) {
3013 char buf[2][INET_ADDRSTRLEN];
3014 zlog_warn(
3015 "Ignoring packet from %s to %s received on interface that is "
3016 "down [%s]; interface flags are %s",
3017 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3018 sizeof(buf[0])),
3019 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3020 sizeof(buf[1])),
3021 ifp->name, if_flag_dump(ifp->flags));
3022 /* Fix multicast memberships? */
3023 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3024 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3025 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3026 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3027 if (oi->multicast_memberships)
3028 ospf_if_set_multicast(oi);
3029 return 0;
3030 }
3031
3032 /*
3033 * If the received packet is destined for AllDRouters, the packet
3034 * should be accepted only if the received ospf interface state is
3035 * either DR or Backup -- endo.
3036 */
3037 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3038 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3039 zlog_warn(
3040 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3041 inet_ntoa(iph->ip_src), IF_NAME(oi),
3042 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3043 /* Try to fix multicast membership. */
3044 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3045 ospf_if_set_multicast(oi);
3046 return 0;
3047 }
3048
3049 /* Verify more OSPF header fields. */
3050 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3051 if (ret < 0) {
3052 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3053 zlog_debug(
3054 "ospf_read[%s]: Header check failed, "
3055 "dropping.",
3056 inet_ntoa(iph->ip_src));
3057 return ret;
3058 }
3059
3060 /* Show debug receiving packet. */
3061 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3062 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3063 zlog_debug(
3064 "-----------------------------------------------------");
3065 ospf_packet_dump(ibuf);
3066 }
3067
3068 zlog_debug("%s received from [%s] via [%s]",
3069 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3070 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3071 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3072 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3073
3074 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3075 zlog_debug(
3076 "-----------------------------------------------------");
3077 }
3078
3079 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3080
3081 /* Adjust size to message length. */
3082 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3083
3084 /* Read rest of the packet and call each sort of packet routine. */
3085 switch (ospfh->type) {
3086 case OSPF_MSG_HELLO:
3087 ospf_hello(iph, ospfh, ibuf, oi, length);
3088 break;
3089 case OSPF_MSG_DB_DESC:
3090 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3091 break;
3092 case OSPF_MSG_LS_REQ:
3093 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3094 break;
3095 case OSPF_MSG_LS_UPD:
3096 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3097 break;
3098 case OSPF_MSG_LS_ACK:
3099 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3100 break;
3101 default:
3102 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3103 IF_NAME(oi), ospfh->type);
3104 break;
3105 }
3106
3107 return 0;
3108 }
3109
3110 /* Make OSPF header. */
3111 static void ospf_make_header(int type, struct ospf_interface *oi,
3112 struct stream *s)
3113 {
3114 struct ospf_header *ospfh;
3115
3116 ospfh = (struct ospf_header *)STREAM_DATA(s);
3117
3118 ospfh->version = (uint8_t)OSPF_VERSION;
3119 ospfh->type = (uint8_t)type;
3120
3121 ospfh->router_id = oi->ospf->router_id;
3122
3123 ospfh->checksum = 0;
3124 ospfh->area_id = oi->area->area_id;
3125 ospfh->auth_type = htons(ospf_auth_type(oi));
3126
3127 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3128
3129 stream_forward_endp(s, OSPF_HEADER_SIZE);
3130 }
3131
3132 /* Make Authentication Data. */
3133 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3134 {
3135 struct crypt_key *ck;
3136
3137 switch (ospf_auth_type(oi)) {
3138 case OSPF_AUTH_NULL:
3139 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3140 */
3141 break;
3142 case OSPF_AUTH_SIMPLE:
3143 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3144 OSPF_AUTH_SIMPLE_SIZE);
3145 break;
3146 case OSPF_AUTH_CRYPTOGRAPHIC:
3147 /* If key is not set, then set 0. */
3148 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3149 ospfh->u.crypt.zero = 0;
3150 ospfh->u.crypt.key_id = 0;
3151 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3152 } else {
3153 ck = listgetdata(
3154 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3155 ospfh->u.crypt.zero = 0;
3156 ospfh->u.crypt.key_id = ck->key_id;
3157 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3158 }
3159 /* note: the seq is done in ospf_make_md5_digest() */
3160 break;
3161 default:
3162 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3163 */
3164 break;
3165 }
3166
3167 return 0;
3168 }
3169
3170 /* Fill rest of OSPF header. */
3171 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3172 uint16_t length)
3173 {
3174 struct ospf_header *ospfh;
3175
3176 ospfh = (struct ospf_header *)STREAM_DATA(s);
3177
3178 /* Fill length. */
3179 ospfh->length = htons(length);
3180
3181 /* Calculate checksum. */
3182 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3183 ospfh->checksum = in_cksum(ospfh, length);
3184 else
3185 ospfh->checksum = 0;
3186
3187 /* Add Authentication Data. */
3188 ospf_make_auth(oi, ospfh);
3189 }
3190
3191 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3192 {
3193 struct ospf_neighbor *nbr;
3194 struct route_node *rn;
3195 uint16_t length = OSPF_HELLO_MIN_SIZE;
3196 struct in_addr mask;
3197 unsigned long p;
3198 int flag = 0;
3199
3200 /* Set netmask of interface. */
3201 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3202 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3203 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3204 masklen2ip(oi->address->prefixlen, &mask);
3205 else
3206 memset((char *)&mask, 0, sizeof(struct in_addr));
3207 stream_put_ipv4(s, mask.s_addr);
3208
3209 /* Set Hello Interval. */
3210 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3211 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3212 else
3213 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3214
3215 if (IS_DEBUG_OSPF_EVENT)
3216 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3217 IF_NAME(oi));
3218
3219 /* Set Options. */
3220 stream_putc(s, OPTIONS(oi));
3221
3222 /* Set Router Priority. */
3223 stream_putc(s, PRIORITY(oi));
3224
3225 /* Set Router Dead Interval. */
3226 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3227
3228 /* Set Designated Router. */
3229 stream_put_ipv4(s, DR(oi).s_addr);
3230
3231 p = stream_get_endp(s);
3232
3233 /* Set Backup Designated Router. */
3234 stream_put_ipv4(s, BDR(oi).s_addr);
3235
3236 /* Add neighbor seen. */
3237 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3238 if ((nbr = rn->info))
3239 if (nbr->router_id.s_addr
3240 != 0) /* Ignore 0.0.0.0 node. */
3241 if (nbr->state
3242 != NSM_Attempt) /* Ignore Down neighbor. */
3243 if (nbr->state
3244 != NSM_Down) /* This is myself for
3245 DR election. */
3246 if (!IPV4_ADDR_SAME(
3247 &nbr->router_id,
3248 &oi->ospf->router_id)) {
3249 /* Check neighbor is
3250 * sane? */
3251 if (nbr->d_router.s_addr
3252 != 0
3253 && IPV4_ADDR_SAME(
3254 &nbr->d_router,
3255 &oi->address
3256 ->u
3257 .prefix4)
3258 && IPV4_ADDR_SAME(
3259 &nbr->bd_router,
3260 &oi->address
3261 ->u
3262 .prefix4))
3263 flag = 1;
3264
3265 stream_put_ipv4(
3266 s,
3267 nbr->router_id
3268 .s_addr);
3269 length += 4;
3270 }
3271
3272 /* Let neighbor generate BackupSeen. */
3273 if (flag == 1)
3274 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3275
3276 return length;
3277 }
3278
3279 static int ospf_make_db_desc(struct ospf_interface *oi,
3280 struct ospf_neighbor *nbr, struct stream *s)
3281 {
3282 struct ospf_lsa *lsa;
3283 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3284 uint8_t options;
3285 unsigned long pp;
3286 int i;
3287 struct ospf_lsdb *lsdb;
3288
3289 /* Set Interface MTU. */
3290 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3291 stream_putw(s, 0);
3292 else
3293 stream_putw(s, oi->ifp->mtu);
3294
3295 /* Set Options. */
3296 options = OPTIONS(oi);
3297 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3298 SET_FLAG(options, OSPF_OPTION_O);
3299 stream_putc(s, options);
3300
3301 /* DD flags */
3302 pp = stream_get_endp(s);
3303 stream_putc(s, nbr->dd_flags);
3304
3305 /* Set DD Sequence Number. */
3306 stream_putl(s, nbr->dd_seqnum);
3307
3308 /* shortcut unneeded walk of (empty) summary LSDBs */
3309 if (ospf_db_summary_isempty(nbr))
3310 goto empty;
3311
3312 /* Describe LSA Header from Database Summary List. */
3313 lsdb = &nbr->db_sum;
3314
3315 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3316 struct route_table *table = lsdb->type[i].db;
3317 struct route_node *rn;
3318
3319 for (rn = route_top(table); rn; rn = route_next(rn))
3320 if ((lsa = rn->info) != NULL) {
3321 if (IS_OPAQUE_LSA(lsa->data->type)
3322 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3323 /* Suppress advertising
3324 * opaque-informations. */
3325 /* Remove LSA from DB summary list. */
3326 ospf_lsdb_delete(lsdb, lsa);
3327 continue;
3328 }
3329
3330 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3331 struct lsa_header *lsah;
3332 uint16_t ls_age;
3333
3334 /* DD packet overflows interface MTU. */
3335 if (length + OSPF_LSA_HEADER_SIZE
3336 > ospf_packet_max(oi))
3337 break;
3338
3339 /* Keep pointer to LS age. */
3340 lsah = (struct lsa_header
3341 *)(STREAM_DATA(s)
3342 + stream_get_endp(
3343 s));
3344
3345 /* Proceed stream pointer. */
3346 stream_put(s, lsa->data,
3347 OSPF_LSA_HEADER_SIZE);
3348 length += OSPF_LSA_HEADER_SIZE;
3349
3350 /* Set LS age. */
3351 ls_age = LS_AGE(lsa);
3352 lsah->ls_age = htons(ls_age);
3353 }
3354
3355 /* Remove LSA from DB summary list. */
3356 ospf_lsdb_delete(lsdb, lsa);
3357 }
3358 }
3359
3360 /* Update 'More' bit */
3361 if (ospf_db_summary_isempty(nbr)) {
3362 empty:
3363 if (nbr->state >= NSM_Exchange) {
3364 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3365 /* Rewrite DD flags */
3366 stream_putc_at(s, pp, nbr->dd_flags);
3367 } else {
3368 assert(IS_SET_DD_M(nbr->dd_flags));
3369 }
3370 }
3371 return length;
3372 }
3373
3374 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3375 unsigned long delta, struct ospf_neighbor *nbr,
3376 struct ospf_lsa *lsa)
3377 {
3378 struct ospf_interface *oi;
3379
3380 oi = nbr->oi;
3381
3382 /* LS Request packet overflows interface MTU. */
3383 if (*length + delta > ospf_packet_max(oi))
3384 return 0;
3385
3386 stream_putl(s, lsa->data->type);
3387 stream_put_ipv4(s, lsa->data->id.s_addr);
3388 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3389
3390 ospf_lsa_unlock(&nbr->ls_req_last);
3391 nbr->ls_req_last = ospf_lsa_lock(lsa);
3392
3393 *length += 12;
3394 return 1;
3395 }
3396
3397 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3398 {
3399 struct ospf_lsa *lsa;
3400 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3401 unsigned long delta = stream_get_endp(s) + 12;
3402 struct route_table *table;
3403 struct route_node *rn;
3404 int i;
3405 struct ospf_lsdb *lsdb;
3406
3407 lsdb = &nbr->ls_req;
3408
3409 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3410 table = lsdb->type[i].db;
3411 for (rn = route_top(table); rn; rn = route_next(rn))
3412 if ((lsa = (rn->info)) != NULL)
3413 if (ospf_make_ls_req_func(s, &length, delta,
3414 nbr, lsa)
3415 == 0) {
3416 route_unlock_node(rn);
3417 break;
3418 }
3419 }
3420 return length;
3421 }
3422
3423 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3424 {
3425 int age;
3426
3427 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3428
3429 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3430 }
3431
3432 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3433 struct stream *s)
3434 {
3435 struct ospf_lsa *lsa;
3436 struct listnode *node;
3437 uint16_t length = 0;
3438 unsigned int size_noauth;
3439 unsigned long delta = stream_get_endp(s);
3440 unsigned long pp;
3441 int count = 0;
3442
3443 if (IS_DEBUG_OSPF_EVENT)
3444 zlog_debug("ospf_make_ls_upd: Start");
3445
3446 pp = stream_get_endp(s);
3447 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3448 length += OSPF_LS_UPD_MIN_SIZE;
3449
3450 /* Calculate amount of packet usable for data. */
3451 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3452
3453 while ((node = listhead(update)) != NULL) {
3454 struct lsa_header *lsah;
3455 uint16_t ls_age;
3456
3457 if (IS_DEBUG_OSPF_EVENT)
3458 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3459 count);
3460
3461 lsa = listgetdata(node);
3462
3463 assert(lsa->data);
3464
3465 /* Will it fit? */
3466 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3467 break;
3468
3469 /* Keep pointer to LS age. */
3470 lsah = (struct lsa_header *)(STREAM_DATA(s)
3471 + stream_get_endp(s));
3472
3473 /* Put LSA to Link State Request. */
3474 stream_put(s, lsa->data, ntohs(lsa->data->length));
3475
3476 /* Set LS age. */
3477 /* each hop must increment an lsa_age by transmit_delay
3478 of OSPF interface */
3479 ls_age = ls_age_increment(lsa,
3480 OSPF_IF_PARAM(oi, transmit_delay));
3481 lsah->ls_age = htons(ls_age);
3482
3483 length += ntohs(lsa->data->length);
3484 count++;
3485
3486 list_delete_node(update, node);
3487 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3488 }
3489
3490 /* Now set #LSAs. */
3491 stream_putl_at(s, pp, count);
3492
3493 if (IS_DEBUG_OSPF_EVENT)
3494 zlog_debug("ospf_make_ls_upd: Stop");
3495 return length;
3496 }
3497
3498 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3499 struct stream *s)
3500 {
3501 struct listnode *node, *nnode;
3502 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3503 unsigned long delta = stream_get_endp(s) + 24;
3504 struct ospf_lsa *lsa;
3505
3506 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3507 assert(lsa);
3508
3509 if (length + delta > ospf_packet_max(oi))
3510 break;
3511
3512 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3513 length += OSPF_LSA_HEADER_SIZE;
3514
3515 listnode_delete(ack, lsa);
3516 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3517 }
3518
3519 return length;
3520 }
3521
3522 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3523 {
3524 struct ospf_packet *op;
3525 uint16_t length = OSPF_HEADER_SIZE;
3526
3527 op = ospf_packet_new(oi->ifp->mtu);
3528
3529 /* Prepare OSPF common header. */
3530 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3531
3532 /* Prepare OSPF Hello body. */
3533 length += ospf_make_hello(oi, op->s);
3534
3535 /* Fill OSPF header. */
3536 ospf_fill_header(oi, op->s, length);
3537
3538 /* Set packet length. */
3539 op->length = length;
3540
3541 op->dst.s_addr = addr;
3542
3543 if (IS_DEBUG_OSPF_EVENT) {
3544 if (oi->ospf->vrf_id)
3545 zlog_debug(
3546 "%s: Hello Tx interface %s ospf vrf %s id %u",
3547 __PRETTY_FUNCTION__, oi->ifp->name,
3548 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3549 oi->ospf->vrf_id);
3550 }
3551 /* Add packet to the top of the interface output queue, so that they
3552 * can't get delayed by things like long queues of LS Update packets
3553 */
3554 ospf_packet_add_top(oi, op);
3555
3556 /* Hook thread to write packet. */
3557 OSPF_ISM_WRITE_ON(oi->ospf);
3558 }
3559
3560 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3561 {
3562 struct ospf_interface *oi;
3563
3564 oi = nbr_nbma->oi;
3565 assert(oi);
3566
3567 /* If this is passive interface, do not send OSPF Hello. */
3568 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3569 return;
3570
3571 if (oi->type != OSPF_IFTYPE_NBMA)
3572 return;
3573
3574 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3575 return;
3576
3577 if (PRIORITY(oi) == 0)
3578 return;
3579
3580 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3581 && oi->state != ISM_Backup)
3582 return;
3583
3584 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3585 }
3586
3587 int ospf_poll_timer(struct thread *thread)
3588 {
3589 struct ospf_nbr_nbma *nbr_nbma;
3590
3591 nbr_nbma = THREAD_ARG(thread);
3592 nbr_nbma->t_poll = NULL;
3593
3594 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3595 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3596 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3597
3598 ospf_poll_send(nbr_nbma);
3599
3600 if (nbr_nbma->v_poll > 0)
3601 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3602 nbr_nbma->v_poll);
3603
3604 return 0;
3605 }
3606
3607
3608 int ospf_hello_reply_timer(struct thread *thread)
3609 {
3610 struct ospf_neighbor *nbr;
3611
3612 nbr = THREAD_ARG(thread);
3613 nbr->t_hello_reply = NULL;
3614
3615 assert(nbr->oi);
3616
3617 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3618 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3619 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3620
3621 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3622
3623 return 0;
3624 }
3625
3626 /* Send OSPF Hello. */
3627 void ospf_hello_send(struct ospf_interface *oi)
3628 {
3629 /* If this is passive interface, do not send OSPF Hello. */
3630 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3631 return;
3632
3633 if (oi->type == OSPF_IFTYPE_NBMA) {
3634 struct ospf_neighbor *nbr;
3635 struct route_node *rn;
3636
3637 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3638 if ((nbr = rn->info))
3639 if (nbr != oi->nbr_self)
3640 if (nbr->state != NSM_Down) {
3641 /* RFC 2328 Section 9.5.1
3642 If the router is not
3643 eligible to become Designated
3644 Router,
3645 it must periodically send
3646 Hello Packets to both the
3647 Designated Router and the
3648 Backup Designated Router (if
3649 they
3650 exist). */
3651 if (PRIORITY(oi) == 0
3652 && IPV4_ADDR_CMP(
3653 &DR(oi),
3654 &nbr->address.u
3655 .prefix4)
3656 && IPV4_ADDR_CMP(
3657 &BDR(oi),
3658 &nbr->address.u
3659 .prefix4))
3660 continue;
3661
3662 /* If the router is eligible to
3663 become Designated Router, it
3664 must periodically send Hello
3665 Packets to all neighbors that
3666 are also eligible. In
3667 addition, if the router is
3668 itself the
3669 Designated Router or Backup
3670 Designated Router, it must
3671 also
3672 send periodic Hello Packets
3673 to all other neighbors. */
3674
3675 if (nbr->priority == 0
3676 && oi->state == ISM_DROther)
3677 continue;
3678 /* if oi->state == Waiting, send
3679 * hello to all neighbors */
3680 ospf_hello_send_sub(
3681 oi,
3682 nbr->address.u.prefix4
3683 .s_addr);
3684 }
3685 } else {
3686 /* Decide destination address. */
3687 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3688 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3689 else
3690 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3691 }
3692 }
3693
3694 /* Send OSPF Database Description. */
3695 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3696 {
3697 struct ospf_interface *oi;
3698 struct ospf_packet *op;
3699 uint16_t length = OSPF_HEADER_SIZE;
3700
3701 oi = nbr->oi;
3702 op = ospf_packet_new(oi->ifp->mtu);
3703
3704 /* Prepare OSPF common header. */
3705 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3706
3707 /* Prepare OSPF Database Description body. */
3708 length += ospf_make_db_desc(oi, nbr, op->s);
3709
3710 /* Fill OSPF header. */
3711 ospf_fill_header(oi, op->s, length);
3712
3713 /* Set packet length. */
3714 op->length = length;
3715
3716 /* Decide destination address. */
3717 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3718 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3719 else
3720 op->dst = nbr->address.u.prefix4;
3721
3722 /* Add packet to the interface output queue. */
3723 ospf_packet_add(oi, op);
3724
3725 /* Hook thread to write packet. */
3726 OSPF_ISM_WRITE_ON(oi->ospf);
3727
3728 /* Remove old DD packet, then copy new one and keep in neighbor
3729 * structure. */
3730 if (nbr->last_send)
3731 ospf_packet_free(nbr->last_send);
3732 nbr->last_send = ospf_packet_dup(op);
3733 monotime(&nbr->last_send_ts);
3734 }
3735
3736 /* Re-send Database Description. */
3737 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3738 {
3739 struct ospf_interface *oi;
3740
3741 oi = nbr->oi;
3742
3743 /* Add packet to the interface output queue. */
3744 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3745
3746 /* Hook thread to write packet. */
3747 OSPF_ISM_WRITE_ON(oi->ospf);
3748 }
3749
3750 /* Send Link State Request. */
3751 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3752 {
3753 struct ospf_interface *oi;
3754 struct ospf_packet *op;
3755 uint16_t length = OSPF_HEADER_SIZE;
3756
3757 oi = nbr->oi;
3758 op = ospf_packet_new(oi->ifp->mtu);
3759
3760 /* Prepare OSPF common header. */
3761 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3762
3763 /* Prepare OSPF Link State Request body. */
3764 length += ospf_make_ls_req(nbr, op->s);
3765 if (length == OSPF_HEADER_SIZE) {
3766 ospf_packet_free(op);
3767 return;
3768 }
3769
3770 /* Fill OSPF header. */
3771 ospf_fill_header(oi, op->s, length);
3772
3773 /* Set packet length. */
3774 op->length = length;
3775
3776 /* Decide destination address. */
3777 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3778 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3779 else
3780 op->dst = nbr->address.u.prefix4;
3781
3782 /* Add packet to the interface output queue. */
3783 ospf_packet_add(oi, op);
3784
3785 /* Hook thread to write packet. */
3786 OSPF_ISM_WRITE_ON(oi->ospf);
3787
3788 /* Add Link State Request Retransmission Timer. */
3789 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3790 }
3791
3792 /* Send Link State Update with an LSA. */
3793 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3794 int flag)
3795 {
3796 struct list *update;
3797
3798 update = list_new();
3799
3800 listnode_add(update, lsa);
3801
3802 /*ospf instance is going down, send self originated
3803 * MAXAGE LSA update to neighbors to remove from LSDB */
3804 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3805 ospf_ls_upd_send(nbr, update, flag, 1);
3806 else
3807 ospf_ls_upd_send(nbr, update, flag, 0);
3808
3809 list_delete_and_null(&update);
3810 }
3811
3812 /* Determine size for packet. Must be at least big enough to accomodate next
3813 * LSA on list, which may be bigger than MTU size.
3814 *
3815 * Return pointer to new ospf_packet
3816 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3817 * on packet sizes (in which case offending LSA is deleted from update list)
3818 */
3819 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3820 struct ospf_interface *oi)
3821 {
3822 struct ospf_lsa *lsa;
3823 struct listnode *ln;
3824 size_t size;
3825 static char warned = 0;
3826
3827 lsa = listgetdata((ln = listhead(update)));
3828 assert(lsa->data);
3829
3830 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3831 > ospf_packet_max(oi)) {
3832 if (!warned) {
3833 zlog_warn(
3834 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3835 "will need to fragment. Not optimal. Try divide up"
3836 " your network with areas. Use 'debug ospf packet send'"
3837 " to see details, or look at 'show ip ospf database ..'");
3838 warned = 1;
3839 }
3840
3841 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3842 zlog_debug(
3843 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3844 " %d bytes originated by %s, will be fragmented!",
3845 inet_ntoa(lsa->data->id),
3846 ntohs(lsa->data->length),
3847 inet_ntoa(lsa->data->adv_router));
3848
3849 /*
3850 * Allocate just enough to fit this LSA only, to avoid including
3851 * other
3852 * LSAs in fragmented LSA Updates.
3853 */
3854 size = ntohs(lsa->data->length)
3855 + (oi->ifp->mtu - ospf_packet_max(oi))
3856 + OSPF_LS_UPD_MIN_SIZE;
3857 } else
3858 size = oi->ifp->mtu;
3859
3860 if (size > OSPF_MAX_PACKET_SIZE) {
3861 zlog_warn(
3862 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3863 " %d bytes, packet size %ld, dropping it completely."
3864 " OSPF routing is broken!",
3865 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3866 (long int)size);
3867 list_delete_node(update, ln);
3868 return NULL;
3869 }
3870
3871 /* IP header is built up separately by ospf_write(). This means, that we
3872 * must
3873 * reduce the "affordable" size just calculated by length of an IP
3874 * header.
3875 * This makes sure, that even if we manage to fill the payload with LSA
3876 * data
3877 * completely, the final packet (our data plus IP header) still fits
3878 * into
3879 * outgoing interface MTU. This correction isn't really meaningful for
3880 * an
3881 * oversized LSA, but for consistency the correction is done for both
3882 * cases.
3883 *
3884 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3885 */
3886 return ospf_packet_new(size - sizeof(struct ip));
3887 }
3888
3889 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3890 struct list *update, struct in_addr addr,
3891 int send_lsupd_now)
3892 {
3893 struct ospf_packet *op;
3894 uint16_t length = OSPF_HEADER_SIZE;
3895
3896 if (IS_DEBUG_OSPF_EVENT)
3897 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3898 IF_NAME(oi), inet_ntoa(addr));
3899
3900 /* Check that we have really something to process */
3901 if (listcount(update) == 0)
3902 return;
3903
3904 op = ospf_ls_upd_packet_new(update, oi);
3905
3906 /* Prepare OSPF common header. */
3907 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3908
3909 /* Prepare OSPF Link State Update body.
3910 * Includes Type-7 translation.
3911 */
3912 length += ospf_make_ls_upd(oi, update, op->s);
3913
3914 /* Fill OSPF header. */
3915 ospf_fill_header(oi, op->s, length);
3916
3917 /* Set packet length. */
3918 op->length = length;
3919
3920 /* Decide destination address. */
3921 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3922 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3923 else
3924 op->dst.s_addr = addr.s_addr;
3925
3926 /* Add packet to the interface output queue. */
3927 ospf_packet_add(oi, op);
3928 /* Call ospf_write() right away to send ospf packets to neighbors */
3929 if (send_lsupd_now) {
3930 struct thread os_packet_thd;
3931
3932 os_packet_thd.arg = (void *)oi->ospf;
3933 if (oi->on_write_q == 0) {
3934 listnode_add(oi->ospf->oi_write_q, oi);
3935 oi->on_write_q = 1;
3936 }
3937 ospf_write(&os_packet_thd);
3938 } else {
3939 /* Hook thread to write packet. */
3940 OSPF_ISM_WRITE_ON(oi->ospf);
3941 }
3942 }
3943
3944 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3945 {
3946 struct ospf_interface *oi = THREAD_ARG(thread);
3947 struct route_node *rn;
3948 struct route_node *rnext;
3949 struct list *update;
3950 char again = 0;
3951
3952 oi->t_ls_upd_event = NULL;
3953
3954 if (IS_DEBUG_OSPF_EVENT)
3955 zlog_debug("ospf_ls_upd_send_queue start");
3956
3957 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3958 rnext = route_next(rn);
3959
3960 if (rn->info == NULL)
3961 continue;
3962
3963 update = (struct list *)rn->info;
3964
3965 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
3966
3967 /* list might not be empty. */
3968 if (listcount(update) == 0) {
3969 list_delete_and_null((struct list **)&rn->info);
3970 route_unlock_node(rn);
3971 } else
3972 again = 1;
3973 }
3974
3975 if (again != 0) {
3976 if (IS_DEBUG_OSPF_EVENT)
3977 zlog_debug(
3978 "ospf_ls_upd_send_queue: update lists not cleared,"
3979 " %d nodes to try again, raising new event",
3980 again);
3981 oi->t_ls_upd_event = NULL;
3982 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3983 &oi->t_ls_upd_event);
3984 }
3985
3986 if (IS_DEBUG_OSPF_EVENT)
3987 zlog_debug("ospf_ls_upd_send_queue stop");
3988
3989 return 0;
3990 }
3991
3992 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
3993 int send_lsupd_now)
3994 {
3995 struct ospf_interface *oi;
3996 struct ospf_lsa *lsa;
3997 struct prefix_ipv4 p;
3998 struct route_node *rn;
3999 struct listnode *node;
4000
4001 oi = nbr->oi;
4002
4003 p.family = AF_INET;
4004 p.prefixlen = IPV4_MAX_BITLEN;
4005
4006 /* Decide destination address. */
4007 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4008 p.prefix = oi->vl_data->peer_addr;
4009 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4010 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4011 else if (flag == OSPF_SEND_PACKET_DIRECT)
4012 p.prefix = nbr->address.u.prefix4;
4013 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4014 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4015 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4016 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4017 else
4018 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4019
4020 if (oi->type == OSPF_IFTYPE_NBMA) {
4021 if (flag == OSPF_SEND_PACKET_INDIRECT)
4022 zlog_warn(
4023 "* LS-Update is directly sent on NBMA network.");
4024 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4025 zlog_warn("* LS-Update is sent to myself.");
4026 }
4027
4028 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4029
4030 if (rn->info == NULL)
4031 rn->info = list_new();
4032 else
4033 route_unlock_node(rn);
4034
4035 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4036 listnode_add(rn->info,
4037 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4038 if (send_lsupd_now) {
4039 struct list *send_update_list;
4040 struct route_node *rn, *rnext;
4041
4042 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4043 rnext = route_next(rn);
4044
4045 if (rn->info == NULL)
4046 continue;
4047
4048 send_update_list = (struct list *)rn->info;
4049
4050 ospf_ls_upd_queue_send(oi, send_update_list,
4051 rn->p.u.prefix4, 1);
4052 }
4053 } else
4054 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4055 &oi->t_ls_upd_event);
4056 }
4057
4058 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4059 struct in_addr dst)
4060 {
4061 struct ospf_packet *op;
4062 uint16_t length = OSPF_HEADER_SIZE;
4063
4064 op = ospf_packet_new(oi->ifp->mtu);
4065
4066 /* Prepare OSPF common header. */
4067 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4068
4069 /* Prepare OSPF Link State Acknowledgment body. */
4070 length += ospf_make_ls_ack(oi, ack, op->s);
4071
4072 /* Fill OSPF header. */
4073 ospf_fill_header(oi, op->s, length);
4074
4075 /* Set packet length. */
4076 op->length = length;
4077
4078 /* Decide destination address. */
4079 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4080 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4081 else
4082 op->dst.s_addr = dst.s_addr;
4083
4084 /* Add packet to the interface output queue. */
4085 ospf_packet_add(oi, op);
4086
4087 /* Hook thread to write packet. */
4088 OSPF_ISM_WRITE_ON(oi->ospf);
4089 }
4090
4091 static int ospf_ls_ack_send_event(struct thread *thread)
4092 {
4093 struct ospf_interface *oi = THREAD_ARG(thread);
4094
4095 oi->t_ls_ack_direct = NULL;
4096
4097 while (listcount(oi->ls_ack_direct.ls_ack))
4098 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4099 oi->ls_ack_direct.dst);
4100
4101 return 0;
4102 }
4103
4104 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4105 {
4106 struct ospf_interface *oi = nbr->oi;
4107
4108 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4109 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4110
4111 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4112
4113 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4114 &oi->t_ls_ack_direct);
4115 }
4116
4117 /* Send Link State Acknowledgment delayed. */
4118 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4119 {
4120 struct in_addr dst;
4121
4122 /* Decide destination address. */
4123 /* RFC2328 Section 13.5 On non-broadcast
4124 networks, delayed Link State Acknowledgment packets must be
4125 unicast separately over each adjacency (i.e., neighbor whose
4126 state is >= Exchange). */
4127 if (oi->type == OSPF_IFTYPE_NBMA) {
4128 struct ospf_neighbor *nbr;
4129 struct route_node *rn;
4130
4131 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4132 if ((nbr = rn->info) != NULL)
4133 if (nbr != oi->nbr_self
4134 && nbr->state >= NSM_Exchange)
4135 while (listcount(oi->ls_ack))
4136 ospf_ls_ack_send_list(
4137 oi, oi->ls_ack,
4138 nbr->address.u.prefix4);
4139 return;
4140 }
4141 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4142 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4143 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4144 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4145 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4146 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4147 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4148 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4149 else
4150 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4151
4152 while (listcount(oi->ls_ack))
4153 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4154 }
4155
4156 /*
4157 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4158 * address. As a result, the kernel does not need to learn the interface
4159 * MAC of the OSPF neighbor. However, in our world, this will delay
4160 * convergence. Take the case when due to a link flap, all routes now
4161 * want to use an interface which was deemed to be costlier prior to this
4162 * event. For routes that will be installed, the missing MAC will have
4163 * punt-to-CPU set on them. This may overload the CPU control path that
4164 * can be avoided if the MAC was known apriori.
4165 */
4166 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4167 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4168 {
4169 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4170 int ret;
4171
4172 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4173 return;
4174
4175 snprintf(ping_nbr, sizeof(ping_nbr),
4176 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4177 inet_ntoa(nbr->address.u.prefix4));
4178
4179 ret = system(ping_nbr);
4180 if (IS_DEBUG_OSPF_EVENT)
4181 zlog_debug("Executed %s %s", ping_nbr,
4182 ((ret == 0) ? "successfully" : "but failed"));
4183 }
FRRouting mirror