]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #3030 from pacovn/fp_type_fixes1
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38 #include "lib_errors.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53 #include "ospfd/ospf_errors.h"
54
55 /*
56 * OSPF Fragmentation / fragmented writes
57 *
58 * ospfd can support writing fragmented packets, for cases where
59 * kernel will not fragment IP_HDRINCL and/or multicast destined
60 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
61 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
62 * flags fields, hence user-space fragmentation will not work.
63 * Only Linux is known to leave IP header unmolested.
64 * Further, fragmentation really should be done the kernel, which already
65 * supports it, and which avoids nasty IP ID state problems.
66 *
67 * Fragmentation of OSPF packets can be required on networks with router
68 * with many many interfaces active in one area, or on networks with links
69 * with low MTUs.
70 */
71 #ifdef GNU_LINUX
72 #define WANT_OSPF_WRITE_FRAGMENT
73 #endif
74
75 /* Packet Type String. */
76 const struct message ospf_packet_type_str[] = {
77 {OSPF_MSG_HELLO, "Hello"},
78 {OSPF_MSG_DB_DESC, "Database Description"},
79 {OSPF_MSG_LS_REQ, "Link State Request"},
80 {OSPF_MSG_LS_UPD, "Link State Update"},
81 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
82 {0}};
83
84 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
85 particular types, offset is the "type" field of a packet. */
86 static const uint16_t ospf_packet_minlen[] = {
87 0,
88 OSPF_HELLO_MIN_SIZE,
89 OSPF_DB_DESC_MIN_SIZE,
90 OSPF_LS_REQ_MIN_SIZE,
91 OSPF_LS_UPD_MIN_SIZE,
92 OSPF_LS_ACK_MIN_SIZE,
93 };
94
95 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
96 types, offset is the "LSA type" field. */
97 static const uint16_t ospf_lsa_minlen[] = {
98 0,
99 OSPF_ROUTER_LSA_MIN_SIZE,
100 OSPF_NETWORK_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_SUMMARY_LSA_MIN_SIZE,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 0,
108 0,
109 0,
110 };
111
112 /* for ospf_check_auth() */
113 static int ospf_check_sum(struct ospf_header *);
114
115 /* OSPF authentication checking function */
116 static int ospf_auth_type(struct ospf_interface *oi)
117 {
118 int auth_type;
119
120 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
121 auth_type = oi->area->auth_type;
122 else
123 auth_type = OSPF_IF_PARAM(oi, auth_type);
124
125 /* Handle case where MD5 key list is not configured aka Cisco */
126 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
127 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
128 return OSPF_AUTH_NULL;
129
130 return auth_type;
131 }
132
133 struct ospf_packet *ospf_packet_new(size_t size)
134 {
135 struct ospf_packet *new;
136
137 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
138 new->s = stream_new(size);
139
140 return new;
141 }
142
143 void ospf_packet_free(struct ospf_packet *op)
144 {
145 if (op->s)
146 stream_free(op->s);
147
148 XFREE(MTYPE_OSPF_PACKET, op);
149 }
150
151 struct ospf_fifo *ospf_fifo_new()
152 {
153 struct ospf_fifo *new;
154
155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
157 }
158
159 /* Add new packet to fifo. */
160 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
161 {
162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
166
167 fifo->tail = op;
168
169 fifo->count++;
170 }
171
172 /* Add new packet to head of fifo. */
173 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
174 {
175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
183 }
184
185 /* Delete first packet from fifo. */
186 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
187 {
188 struct ospf_packet *op;
189
190 op = fifo->head;
191
192 if (op) {
193 fifo->head = op->next;
194
195 if (fifo->head == NULL)
196 fifo->tail = NULL;
197
198 fifo->count--;
199 }
200
201 return op;
202 }
203
204 /* Return first fifo entry. */
205 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
206 {
207 return fifo->head;
208 }
209
210 /* Flush ospf packet fifo. */
211 void ospf_fifo_flush(struct ospf_fifo *fifo)
212 {
213 struct ospf_packet *op;
214 struct ospf_packet *next;
215
216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
222 }
223
224 /* Free ospf packet fifo. */
225 void ospf_fifo_free(struct ospf_fifo *fifo)
226 {
227 ospf_fifo_flush(fifo);
228
229 XFREE(MTYPE_OSPF_FIFO, fifo);
230 }
231
232 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
233 {
234 if (!oi->obuf) {
235 flog_err(
236 EC_OSPF_PKT_PROCESS,
237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
247
248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
250
251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
253 }
254
255 static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
257 {
258 if (!oi->obuf) {
259 flog_err(
260 EC_OSPF_PKT_PROCESS,
261 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
262 "destination %s) called with NULL obuf, ignoring "
263 "(please report this bug)!\n",
264 IF_NAME(oi), oi->state,
265 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
266 lookup_msg(ospf_packet_type_str,
267 stream_getc_from(op->s, 1), NULL),
268 inet_ntoa(op->dst));
269 return;
270 }
271
272 /* Add packet to head of queue. */
273 ospf_fifo_push_head(oi->obuf, op);
274
275 /* Debug of packet fifo*/
276 /* ospf_fifo_debug (oi->obuf); */
277 }
278
279 void ospf_packet_delete(struct ospf_interface *oi)
280 {
281 struct ospf_packet *op;
282
283 op = ospf_fifo_pop(oi->obuf);
284
285 if (op)
286 ospf_packet_free(op);
287 }
288
289 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
290 {
291 struct ospf_packet *new;
292
293 if (stream_get_endp(op->s) != op->length)
294 /* XXX size_t */
295 zlog_debug(
296 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
297 (unsigned long)STREAM_SIZE(op->s), op->length);
298
299 /* Reserve space for MD5 authentication that may be added later. */
300 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
301 stream_copy(new->s, op->s);
302
303 new->dst = op->dst;
304 new->length = op->length;
305
306 return new;
307 }
308
309 /* XXX inline */
310 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
311 {
312 int auth = 0;
313
314 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
315 auth = OSPF_AUTH_MD5_SIZE;
316
317 return auth;
318 }
319
320 static unsigned int ospf_packet_max(struct ospf_interface *oi)
321 {
322 int max;
323
324 max = oi->ifp->mtu - ospf_packet_authspace(oi);
325
326 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
327
328 return max;
329 }
330
331
332 static int ospf_check_md5_digest(struct ospf_interface *oi,
333 struct ospf_header *ospfh)
334 {
335 MD5_CTX ctx;
336 unsigned char digest[OSPF_AUTH_MD5_SIZE];
337 struct crypt_key *ck;
338 struct ospf_neighbor *nbr;
339 uint16_t length = ntohs(ospfh->length);
340
341 /* Get secret key. */
342 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
343 ospfh->u.crypt.key_id);
344 if (ck == NULL) {
345 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
346 IF_NAME(oi), ospfh->u.crypt.key_id);
347 return 0;
348 }
349
350 /* check crypto seqnum. */
351 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
352
353 if (nbr
354 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
355 flog_warn(
356 EC_OSPF_MD5,
357 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
358 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
359 ntohl(nbr->crypt_seqnum));
360 return 0;
361 }
362
363 /* Generate a digest for the ospf packet - their digest + our digest. */
364 memset(&ctx, 0, sizeof(ctx));
365 MD5Init(&ctx);
366 MD5Update(&ctx, ospfh, length);
367 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
368 MD5Final(digest, &ctx);
369
370 /* compare the two */
371 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
372 flog_warn(EC_OSPF_MD5,
373 "interface %s: ospf_check_md5 checksum mismatch",
374 IF_NAME(oi));
375 return 0;
376 }
377
378 /* save neighbor's crypt_seqnum */
379 if (nbr)
380 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
381 return 1;
382 }
383
384 /* This function is called from ospf_write(), it will detect the
385 authentication scheme and if it is MD5, it will change the sequence
386 and update the MD5 digest. */
387 static int ospf_make_md5_digest(struct ospf_interface *oi,
388 struct ospf_packet *op)
389 {
390 struct ospf_header *ospfh;
391 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
392 MD5_CTX ctx;
393 void *ibuf;
394 uint32_t t;
395 struct crypt_key *ck;
396 const uint8_t *auth_key;
397
398 ibuf = STREAM_DATA(op->s);
399 ospfh = (struct ospf_header *)ibuf;
400
401 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
402 return 0;
403
404 /* We do this here so when we dup a packet, we don't have to
405 waste CPU rewriting other headers.
406
407 Note that quagga_time /deliberately/ is not used here */
408 t = (time(NULL) & 0xFFFFFFFF);
409 if (t > oi->crypt_seqnum)
410 oi->crypt_seqnum = t;
411 else
412 oi->crypt_seqnum++;
413
414 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
415
416 /* Get MD5 Authentication key from auth_key list. */
417 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
418 auth_key = (const uint8_t *)digest;
419 else {
420 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
421 auth_key = ck->auth_key;
422 }
423
424 /* Generate a digest for the entire packet + our secret key. */
425 memset(&ctx, 0, sizeof(ctx));
426 MD5Init(&ctx);
427 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
428 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
429 MD5Final(digest, &ctx);
430
431 /* Append md5 digest to the end of the stream. */
432 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
433
434 /* We do *NOT* increment the OSPF header length. */
435 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
436
437 if (stream_get_endp(op->s) != op->length)
438 /* XXX size_t */
439 flog_warn(
440 EC_OSPF_MD5,
441 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
442 (unsigned long)stream_get_endp(op->s), op->length);
443
444 return OSPF_AUTH_MD5_SIZE;
445 }
446
447
448 static int ospf_ls_req_timer(struct thread *thread)
449 {
450 struct ospf_neighbor *nbr;
451
452 nbr = THREAD_ARG(thread);
453 nbr->t_ls_req = NULL;
454
455 /* Send Link State Request. */
456 if (ospf_ls_request_count(nbr))
457 ospf_ls_req_send(nbr);
458
459 /* Set Link State Request retransmission timer. */
460 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
461
462 return 0;
463 }
464
465 void ospf_ls_req_event(struct ospf_neighbor *nbr)
466 {
467 if (nbr->t_ls_req) {
468 thread_cancel(nbr->t_ls_req);
469 nbr->t_ls_req = NULL;
470 }
471 nbr->t_ls_req = NULL;
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
473 }
474
475 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
477 int ospf_ls_upd_timer(struct thread *thread)
478 {
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
524
525 if (listcount(update) > 0)
526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
528 list_delete_and_null(&update);
529 }
530
531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
533
534 return 0;
535 }
536
537 int ospf_ls_ack_timer(struct thread *thread)
538 {
539 struct ospf_interface *oi;
540
541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
543
544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
547
548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
550
551 return 0;
552 }
553
554 #ifdef WANT_OSPF_WRITE_FRAGMENT
555 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
557 unsigned int mtu, int flags, uint8_t type)
558 {
559 #define OSPF_WRITE_FRAG_SHIFT 3
560 uint16_t offset;
561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
603 flog_err(
604 EC_LIB_SOCKET,
605 "*** ospf_write_frags: sendmsg failed to %s,"
606 " id %d, off %d, len %d, mtu %u failed with %s",
607 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
608 iph->ip_len, mtu, safe_strerror(errno));
609
610 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
611 zlog_debug(
612 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
613 iph->ip_id, iph->ip_off, iph->ip_len,
614 inet_ntoa(iph->ip_dst));
615 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
616 zlog_debug(
617 "-----------------IP Header Dump----------------------");
618 ospf_ip_header_dump(iph);
619 zlog_debug(
620 "-----------------------------------------------------");
621 }
622 }
623
624 iph->ip_off += offset;
625 stream_forward_getp(op->s, iovp->iov_len);
626 iovp->iov_base = stream_pnt(op->s);
627 }
628
629 /* setup for final fragment */
630 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
631 iph->ip_len = iovp->iov_len + sizeof(struct ip);
632 iph->ip_off &= (~IP_MF);
633 }
634 #endif /* WANT_OSPF_WRITE_FRAGMENT */
635
636 static int ospf_write(struct thread *thread)
637 {
638 struct ospf *ospf = THREAD_ARG(thread);
639 struct ospf_interface *oi;
640 struct ospf_interface *last_serviced_oi = NULL;
641 struct ospf_packet *op;
642 struct sockaddr_in sa_dst;
643 struct ip iph;
644 struct msghdr msg;
645 struct iovec iov[2];
646 uint8_t type;
647 int ret;
648 int flags = 0;
649 struct listnode *node;
650 #ifdef WANT_OSPF_WRITE_FRAGMENT
651 static uint16_t ipid = 0;
652 uint16_t maxdatasize;
653 #endif /* WANT_OSPF_WRITE_FRAGMENT */
654 #define OSPF_WRITE_IPHL_SHIFT 2
655 int pkt_count = 0;
656
657 #ifdef GNU_LINUX
658 unsigned char cmsgbuf[64] = {};
659 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
660 struct in_pktinfo *pi;
661 #endif
662
663 ospf->t_write = NULL;
664
665 node = listhead(ospf->oi_write_q);
666 assert(node);
667 oi = listgetdata(node);
668 assert(oi);
669
670 #ifdef WANT_OSPF_WRITE_FRAGMENT
671 /* seed ipid static with low order bits of time */
672 if (ipid == 0)
673 ipid = (time(NULL) & 0xffff);
674 #endif /* WANT_OSPF_WRITE_FRAGMENT */
675
676 while ((pkt_count < ospf->write_oi_count) && oi
677 && (last_serviced_oi != oi)) {
678 /* If there is only packet in the queue, the oi is removed from
679 write-q, so fix up the last interface that was serviced */
680 if (last_serviced_oi == NULL) {
681 last_serviced_oi = oi;
682 }
683 pkt_count++;
684 #ifdef WANT_OSPF_WRITE_FRAGMENT
685 /* convenience - max OSPF data per packet */
686 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
687 #endif /* WANT_OSPF_WRITE_FRAGMENT */
688 /* Get one packet from queue. */
689 op = ospf_fifo_head(oi->obuf);
690 assert(op);
691 assert(op->length >= OSPF_HEADER_SIZE);
692
693 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
694 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
695 ospf_if_ipmulticast(ospf, oi->address,
696 oi->ifp->ifindex);
697
698 /* Rewrite the md5 signature & update the seq */
699 ospf_make_md5_digest(oi, op);
700
701 /* Retrieve OSPF packet type. */
702 stream_set_getp(op->s, 1);
703 type = stream_getc(op->s);
704
705 /* reset get pointer */
706 stream_set_getp(op->s, 0);
707
708 memset(&iph, 0, sizeof(struct ip));
709 memset(&sa_dst, 0, sizeof(sa_dst));
710
711 sa_dst.sin_family = AF_INET;
712 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
713 sa_dst.sin_len = sizeof(sa_dst);
714 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
715 sa_dst.sin_addr = op->dst;
716 sa_dst.sin_port = htons(0);
717
718 /* Set DONTROUTE flag if dst is unicast. */
719 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
720 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
721 flags = MSG_DONTROUTE;
722
723 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
724 /* it'd be very strange for header to not be 4byte-word aligned
725 * but.. */
726 if (sizeof(struct ip)
727 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
728 iph.ip_hl++; /* we presume sizeof struct ip cant
729 overflow ip_hl.. */
730
731 iph.ip_v = IPVERSION;
732 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
733 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
734
735 #if defined(__DragonFly__)
736 /*
737 * DragonFly's raw socket expects ip_len/ip_off in network byte
738 * order.
739 */
740 iph.ip_len = htons(iph.ip_len);
741 #endif
742
743 #ifdef WANT_OSPF_WRITE_FRAGMENT
744 /* XXX-MT: not thread-safe at all..
745 * XXX: this presumes this is only programme sending OSPF
746 * packets
747 * otherwise, no guarantee ipid will be unique
748 */
749 iph.ip_id = ++ipid;
750 #endif /* WANT_OSPF_WRITE_FRAGMENT */
751
752 iph.ip_off = 0;
753 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
754 iph.ip_ttl = OSPF_VL_IP_TTL;
755 else
756 iph.ip_ttl = OSPF_IP_TTL;
757 iph.ip_p = IPPROTO_OSPFIGP;
758 iph.ip_sum = 0;
759 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
760 iph.ip_dst.s_addr = op->dst.s_addr;
761
762 memset(&msg, 0, sizeof(msg));
763 msg.msg_name = (caddr_t)&sa_dst;
764 msg.msg_namelen = sizeof(sa_dst);
765 msg.msg_iov = iov;
766 msg.msg_iovlen = 2;
767
768 iov[0].iov_base = (char *)&iph;
769 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
770 iov[1].iov_base = stream_pnt(op->s);
771 iov[1].iov_len = op->length;
772
773 #ifdef GNU_LINUX
774 msg.msg_control = (caddr_t)cm;
775 cm->cmsg_level = SOL_IP;
776 cm->cmsg_type = IP_PKTINFO;
777 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
778 pi = (struct in_pktinfo *)CMSG_DATA(cm);
779 pi->ipi_ifindex = oi->ifp->ifindex;
780
781 msg.msg_controllen = cm->cmsg_len;
782 #endif
783
784 /* Sadly we can not rely on kernels to fragment packets
785 * because of either IP_HDRINCL and/or multicast
786 * destination being set.
787 */
788
789 #ifdef WANT_OSPF_WRITE_FRAGMENT
790 if (op->length > maxdatasize)
791 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
792 oi->ifp->mtu, flags, type);
793 #endif /* WANT_OSPF_WRITE_FRAGMENT */
794
795 /* send final fragment (could be first) */
796 sockopt_iphdrincl_swab_htosys(&iph);
797 ret = sendmsg(ospf->fd, &msg, flags);
798 sockopt_iphdrincl_swab_systoh(&iph);
799 if (IS_DEBUG_OSPF_EVENT)
800 zlog_debug(
801 "ospf_write to %s, "
802 "id %d, off %d, len %d, interface %s, mtu %u:",
803 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
804 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
805
806 if (ret < 0)
807 flog_err(
808 EC_LIB_SOCKET,
809 "*** sendmsg in ospf_write failed to %s, "
810 "id %d, off %d, len %d, interface %s, mtu %u: %s",
811 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
812 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
813 safe_strerror(errno));
814
815 /* Show debug sending packet. */
816 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
817 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
818 zlog_debug(
819 "-----------------------------------------------------");
820 ospf_ip_header_dump(&iph);
821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
825 zlog_debug("%s sent to [%s] via [%s].",
826 lookup_msg(ospf_packet_type_str, type, NULL),
827 inet_ntoa(op->dst), IF_NAME(oi));
828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
834 switch (type) {
835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
852 }
853
854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
866 }
867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
871 assert(node);
872 oi = listgetdata(node);
873 assert(oi);
874 }
875 }
876
877 /* If packets still remain in queue, call write thread. */
878 if (!list_isempty(ospf->oi_write_q)) {
879 ospf->t_write = NULL;
880 thread_add_write(master, ospf_write, ospf, ospf->fd,
881 &ospf->t_write);
882 }
883
884 return 0;
885 }
886
887 /* OSPF Hello message read -- RFC2328 Section 10.5. */
888 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
889 struct stream *s, struct ospf_interface *oi, int size)
890 {
891 struct ospf_hello *hello;
892 struct ospf_neighbor *nbr;
893 int old_state;
894 struct prefix p;
895
896 /* increment statistics. */
897 oi->hello_in++;
898
899 hello = (struct ospf_hello *)stream_pnt(s);
900
901 /* If Hello is myself, silently discard. */
902 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
903 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
904 zlog_debug(
905 "ospf_header[%s/%s]: selforiginated, "
906 "dropping.",
907 lookup_msg(ospf_packet_type_str, ospfh->type,
908 NULL),
909 inet_ntoa(iph->ip_src));
910 }
911 return;
912 }
913
914 /* get neighbor prefix. */
915 p.family = AF_INET;
916 p.prefixlen = ip_masklen(hello->network_mask);
917 p.u.prefix4 = iph->ip_src;
918
919 /* Compare network mask. */
920 /* Checking is ignored for Point-to-Point and Virtual link. */
921 if (oi->type != OSPF_IFTYPE_POINTOPOINT
922 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
923 if (oi->address->prefixlen != p.prefixlen) {
924 flog_warn(
925 EC_OSPF_PACKET,
926 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
927 inet_ntoa(ospfh->router_id), IF_NAME(oi),
928 (int)oi->address->prefixlen, (int)p.prefixlen);
929 return;
930 }
931
932 /* Compare Router Dead Interval. */
933 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
934 flog_warn(EC_OSPF_PACKET,
935 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
936 "(expected %u, but received %u).",
937 inet_ntoa(ospfh->router_id),
938 OSPF_IF_PARAM(oi, v_wait),
939 ntohl(hello->dead_interval));
940 return;
941 }
942
943 /* Compare Hello Interval - ignored if fast-hellos are set. */
944 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
945 if (OSPF_IF_PARAM(oi, v_hello)
946 != ntohs(hello->hello_interval)) {
947 flog_warn(
948 EC_OSPF_PACKET,
949 "Packet %s [Hello:RECV]: HelloInterval mismatch "
950 "(expected %u, but received %u).",
951 inet_ntoa(ospfh->router_id),
952 OSPF_IF_PARAM(oi, v_hello),
953 ntohs(hello->hello_interval));
954 return;
955 }
956 }
957
958 if (IS_DEBUG_OSPF_EVENT)
959 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
960 inet_ntoa(ospfh->router_id),
961 ospf_options_dump(hello->options),
962 ospf_vrf_id_to_name(oi->ospf->vrf_id));
963
964 /* Compare options. */
965 #define REJECT_IF_TBIT_ON 1 /* XXX */
966 #ifdef REJECT_IF_TBIT_ON
967 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
968 /*
969 * This router does not support non-zero TOS.
970 * Drop this Hello packet not to establish neighbor
971 * relationship.
972 */
973 flog_warn(EC_OSPF_PACKET,
974 "Packet %s [Hello:RECV]: T-bit on, drop it.",
975 inet_ntoa(ospfh->router_id));
976 return;
977 }
978 #endif /* REJECT_IF_TBIT_ON */
979
980 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
981 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
982 /*
983 * This router does know the correct usage of O-bit
984 * the bit should be set in DD packet only.
985 */
986 flog_warn(EC_OSPF_PACKET,
987 "Packet %s [Hello:RECV]: O-bit abuse?",
988 inet_ntoa(ospfh->router_id));
989 #ifdef STRICT_OBIT_USAGE_CHECK
990 return; /* Reject this packet. */
991 #else /* STRICT_OBIT_USAGE_CHECK */
992 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
993 #endif /* STRICT_OBIT_USAGE_CHECK */
994 }
995
996 /* new for NSSA is to ensure that NP is on and E is off */
997
998 if (oi->area->external_routing == OSPF_AREA_NSSA) {
999 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
1000 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
1001 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1002 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
1003 flog_warn(
1004 EC_OSPF_PACKET,
1005 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1006 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1007 hello->options);
1008 return;
1009 }
1010 if (IS_DEBUG_OSPF_NSSA)
1011 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1012 inet_ntoa(ospfh->router_id));
1013 } else
1014 /* The setting of the E-bit found in the Hello Packet's Options
1015 field must match this area's ExternalRoutingCapability A
1016 mismatch causes processing to stop and the packet to be
1017 dropped. The setting of the rest of the bits in the Hello
1018 Packet's Options field should be ignored. */
1019 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1020 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1021 flog_warn(
1022 EC_OSPF_PACKET,
1023 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1024 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1025 hello->options);
1026 return;
1027 }
1028
1029 /* get neighbour struct */
1030 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1031
1032 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1033 assert(nbr);
1034
1035 old_state = nbr->state;
1036
1037 /* Add event to thread. */
1038 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1039
1040 /* RFC2328 Section 9.5.1
1041 If the router is not eligible to become Designated Router,
1042 (snip) It must also send an Hello Packet in reply to an
1043 Hello Packet received from any eligible neighbor (other than
1044 the current Designated Router and Backup Designated Router). */
1045 if (oi->type == OSPF_IFTYPE_NBMA)
1046 if (PRIORITY(oi) == 0 && hello->priority > 0
1047 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1048 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1049 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1050 ospf_hello_reply_timer,
1051 OSPF_HELLO_REPLY_DELAY);
1052
1053 /* on NBMA network type, it happens to receive bidirectional Hello
1054 packet
1055 without advance 1-Way Received event.
1056 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1057 if (oi->type == OSPF_IFTYPE_NBMA
1058 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1059 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1060 nbr->priority = hello->priority;
1061 nbr->d_router = hello->d_router;
1062 nbr->bd_router = hello->bd_router;
1063 return;
1064 }
1065
1066 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1067 size - OSPF_HELLO_MIN_SIZE)) {
1068 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1069 nbr->options |= hello->options;
1070 } else {
1071 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1072 /* Set neighbor information. */
1073 nbr->priority = hello->priority;
1074 nbr->d_router = hello->d_router;
1075 nbr->bd_router = hello->bd_router;
1076 return;
1077 }
1078
1079 /* If neighbor itself declares DR and no BDR exists,
1080 cause event BackupSeen */
1081 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1082 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1083 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1084
1085 /* neighbor itself declares BDR. */
1086 if (oi->state == ISM_Waiting
1087 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1088 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1089
1090 /* had not previously. */
1091 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1092 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1093 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1094 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1095 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1096
1097 /* had not previously. */
1098 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1099 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1100 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1101 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1102 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1103
1104 /* Neighbor priority check. */
1105 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1106 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1107
1108 /* Set neighbor information. */
1109 nbr->priority = hello->priority;
1110 nbr->d_router = hello->d_router;
1111 nbr->bd_router = hello->bd_router;
1112 }
1113
1114 /* Save DD flags/options/Seqnum received. */
1115 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1116 struct ospf_db_desc *dd)
1117 {
1118 nbr->last_recv.flags = dd->flags;
1119 nbr->last_recv.options = dd->options;
1120 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1121 }
1122
1123 /* Process rest of DD packet. */
1124 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1125 struct ospf_neighbor *nbr,
1126 struct ospf_db_desc *dd, uint16_t size)
1127 {
1128 struct ospf_lsa *new, *find;
1129 struct lsa_header *lsah;
1130
1131 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1132 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1133 size -= OSPF_LSA_HEADER_SIZE) {
1134 lsah = (struct lsa_header *)stream_pnt(s);
1135 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1136
1137 /* Unknown LS type. */
1138 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1139 flog_warn(EC_OSPF_PACKET,
1140 "Packet [DD:RECV]: Unknown LS type %d.",
1141 lsah->type);
1142 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1143 return;
1144 }
1145
1146 if (IS_OPAQUE_LSA(lsah->type)
1147 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1148 flog_warn(EC_OSPF_PACKET,
1149 "LSA[Type%d:%s]: Opaque capability mismatch?",
1150 lsah->type, inet_ntoa(lsah->id));
1151 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1152 return;
1153 }
1154
1155 switch (lsah->type) {
1156 case OSPF_AS_EXTERNAL_LSA:
1157 case OSPF_OPAQUE_AS_LSA:
1158 /* Check for stub area. Reject if AS-External from stub
1159 but
1160 allow if from NSSA. */
1161 if (oi->area->external_routing == OSPF_AREA_STUB) {
1162 flog_warn(
1163 EC_OSPF_PACKET,
1164 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1165 lsah->type, inet_ntoa(lsah->id),
1166 (oi->area->external_routing
1167 == OSPF_AREA_STUB)
1168 ? "STUB"
1169 : "NSSA");
1170 OSPF_NSM_EVENT_SCHEDULE(nbr,
1171 NSM_SeqNumberMismatch);
1172 return;
1173 }
1174 break;
1175 default:
1176 break;
1177 }
1178
1179 /* Create LS-request object. */
1180 new = ospf_ls_request_new(lsah);
1181
1182 /* Lookup received LSA, then add LS request list. */
1183 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1184
1185 /* ospf_lsa_more_recent is fine with NULL pointers */
1186 switch (ospf_lsa_more_recent(find, new)) {
1187 case -1:
1188 /* Neighbour has a more recent LSA, we must request it
1189 */
1190 ospf_ls_request_add(nbr, new);
1191 /* fallthru */
1192 case 0:
1193 /* If we have a copy of this LSA, it's either less
1194 * recent
1195 * and we're requesting it from neighbour (the case
1196 * above), or
1197 * it's as recent and we both have same copy (this
1198 * case).
1199 *
1200 * In neither of these two cases is there any point in
1201 * describing our copy of the LSA to the neighbour in a
1202 * DB-Summary packet, if we're still intending to do so.
1203 *
1204 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1205 * backward compatible optimisation to OSPF DB Exchange
1206 * /
1207 * DB Description process implemented here.
1208 */
1209 if (find)
1210 ospf_lsdb_delete(&nbr->db_sum, find);
1211 ospf_lsa_discard(new);
1212 break;
1213 default:
1214 /* We have the more recent copy, nothing specific to do:
1215 * - no need to request neighbours stale copy
1216 * - must leave DB summary list copy alone
1217 */
1218 if (IS_DEBUG_OSPF_EVENT)
1219 zlog_debug(
1220 "Packet [DD:RECV]: LSA received Type %d, "
1221 "ID %s is not recent.",
1222 lsah->type, inet_ntoa(lsah->id));
1223 ospf_lsa_discard(new);
1224 }
1225 }
1226
1227 /* Master */
1228 if (IS_SET_DD_MS(nbr->dd_flags)) {
1229 nbr->dd_seqnum++;
1230
1231 /* Both sides have no More, then we're done with Exchange */
1232 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1233 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1234 else
1235 ospf_db_desc_send(nbr);
1236 }
1237 /* Slave */
1238 else {
1239 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1240
1241 /* Send DD packet in reply.
1242 *
1243 * Must be done to acknowledge the Master's DD, regardless of
1244 * whether we have more LSAs ourselves to describe.
1245 *
1246 * This function will clear the 'More' bit, if after this DD
1247 * we have no more LSAs to describe to the master..
1248 */
1249 ospf_db_desc_send(nbr);
1250
1251 /* Slave can raise ExchangeDone now, if master is also done */
1252 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1253 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1254 }
1255
1256 /* Save received neighbor values from DD. */
1257 ospf_db_desc_save_current(nbr, dd);
1258
1259 if (!nbr->t_ls_req)
1260 ospf_ls_req_send(nbr);
1261 }
1262
1263 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1264 struct ospf_neighbor *nbr)
1265 {
1266 /* Is DD duplicated? */
1267 if (dd->options == nbr->last_recv.options
1268 && dd->flags == nbr->last_recv.flags
1269 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1270 return 1;
1271
1272 return 0;
1273 }
1274
1275 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1276 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1277 struct stream *s, struct ospf_interface *oi,
1278 uint16_t size)
1279 {
1280 struct ospf_db_desc *dd;
1281 struct ospf_neighbor *nbr;
1282
1283 /* Increment statistics. */
1284 oi->db_desc_in++;
1285
1286 dd = (struct ospf_db_desc *)stream_pnt(s);
1287
1288 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1289 if (nbr == NULL) {
1290 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
1291 inet_ntoa(ospfh->router_id));
1292 return;
1293 }
1294
1295 /* Check MTU. */
1296 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1297 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1298 flog_warn(
1299 EC_OSPF_PACKET,
1300 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1301 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1302 oi->ifp->mtu);
1303 return;
1304 }
1305
1306 /*
1307 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1308 * not
1309 * required. In fact at least JunOS sends DD packets with P bit clear.
1310 * Until proper solution is developped, this hack should help.
1311 *
1312 * Update: According to the RFCs, N bit is specified /only/ for Hello
1313 * options, unfortunately its use in DD options is not specified. Hence
1314 * some
1315 * implementations follow E-bit semantics and set it in DD options, and
1316 * some
1317 * treat it as unspecified and hence follow the directive "default for
1318 * options is clear", ie unset.
1319 *
1320 * Reset the flag, as ospfd follows E-bit semantics.
1321 */
1322 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1323 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1324 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1325 if (IS_DEBUG_OSPF_EVENT)
1326 zlog_debug(
1327 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1328 inet_ntoa(nbr->router_id));
1329 SET_FLAG(dd->options, OSPF_OPTION_NP);
1330 }
1331
1332 #ifdef REJECT_IF_TBIT_ON
1333 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1334 /*
1335 * In Hello protocol, optional capability must have checked
1336 * to prevent this T-bit enabled router be my neighbor.
1337 */
1338 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
1339 inet_ntoa(nbr->router_id));
1340 return;
1341 }
1342 #endif /* REJECT_IF_TBIT_ON */
1343
1344 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1345 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1346 /*
1347 * This node is not configured to handle O-bit, for now.
1348 * Clear it to ignore unsupported capability proposed by
1349 * neighbor.
1350 */
1351 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1352 }
1353
1354 /* Add event to thread. */
1355 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1356
1357 /* Process DD packet by neighbor status. */
1358 switch (nbr->state) {
1359 case NSM_Down:
1360 case NSM_Attempt:
1361 case NSM_TwoWay:
1362 flog_warn(
1363 EC_OSPF_PACKET,
1364 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1365 inet_ntoa(nbr->router_id),
1366 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1367 break;
1368 case NSM_Init:
1369 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1370 /* If the new state is ExStart, the processing of the current
1371 packet should then continue in this new state by falling
1372 through to case ExStart below. */
1373 if (nbr->state != NSM_ExStart)
1374 break;
1375 /* fallthru */
1376 case NSM_ExStart:
1377 /* Initial DBD */
1378 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1379 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1380 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1381 > 0) {
1382 /* We're Slave---obey */
1383 if (CHECK_FLAG(oi->ospf->config,
1384 OSPF_LOG_ADJACENCY_DETAIL))
1385 zlog_info(
1386 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1387 inet_ntoa(nbr->router_id));
1388
1389 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1390
1391 /* Reset I/MS */
1392 UNSET_FLAG(nbr->dd_flags,
1393 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1394 } else {
1395 /* We're Master, ignore the initial DBD from
1396 * Slave */
1397 if (CHECK_FLAG(oi->ospf->config,
1398 OSPF_LOG_ADJACENCY_DETAIL))
1399 zlog_info(
1400 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1401 "ignoring.",
1402 inet_ntoa(nbr->router_id));
1403 break;
1404 }
1405 }
1406 /* Ack from the Slave */
1407 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1408 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1409 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1410 < 0) {
1411 zlog_info(
1412 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1413 inet_ntoa(nbr->router_id));
1414 /* Reset I, leaving MS */
1415 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1416 } else {
1417 flog_warn(EC_OSPF_PACKET,
1418 "Packet[DD]: Neighbor %s Negotiation fails.",
1419 inet_ntoa(nbr->router_id));
1420 break;
1421 }
1422
1423 /* This is where the real Options are saved */
1424 nbr->options = dd->options;
1425
1426 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1427 if (IS_DEBUG_OSPF_EVENT)
1428 zlog_debug(
1429 "Neighbor[%s] is %sOpaque-capable.",
1430 inet_ntoa(nbr->router_id),
1431 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1432 ? ""
1433 : "NOT ");
1434
1435 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1436 && IPV4_ADDR_SAME(&DR(oi),
1437 &nbr->address.u.prefix4)) {
1438 flog_warn(
1439 EC_OSPF_PACKET,
1440 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1441 inet_ntoa(nbr->router_id));
1442 /* This situation is undesirable, but not a real
1443 * error. */
1444 }
1445 }
1446
1447 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1448
1449 /* continue processing rest of packet. */
1450 ospf_db_desc_proc(s, oi, nbr, dd, size);
1451 break;
1452 case NSM_Exchange:
1453 if (ospf_db_desc_is_dup(dd, nbr)) {
1454 if (IS_SET_DD_MS(nbr->dd_flags))
1455 /* Master: discard duplicated DD packet. */
1456 zlog_info(
1457 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1458 inet_ntoa(nbr->router_id));
1459 else
1460 /* Slave: cause to retransmit the last Database
1461 Description. */
1462 {
1463 zlog_info(
1464 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1465 inet_ntoa(nbr->router_id));
1466 ospf_db_desc_resend(nbr);
1467 }
1468 break;
1469 }
1470
1471 /* Otherwise DD packet should be checked. */
1472 /* Check Master/Slave bit mismatch */
1473 if (IS_SET_DD_MS(dd->flags)
1474 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1475 flog_warn(EC_OSPF_PACKET,
1476 "Packet[DD]: Neighbor %s MS-bit mismatch.",
1477 inet_ntoa(nbr->router_id));
1478 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1479 if (IS_DEBUG_OSPF_EVENT)
1480 zlog_debug(
1481 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1482 dd->flags, nbr->dd_flags);
1483 break;
1484 }
1485
1486 /* Check initialize bit is set. */
1487 if (IS_SET_DD_I(dd->flags)) {
1488 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1489 inet_ntoa(nbr->router_id));
1490 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1491 break;
1492 }
1493
1494 /* Check DD Options. */
1495 if (dd->options != nbr->options) {
1496 #ifdef ORIGINAL_CODING
1497 /* Save the new options for debugging */
1498 nbr->options = dd->options;
1499 #endif /* ORIGINAL_CODING */
1500 flog_warn(EC_OSPF_PACKET,
1501 "Packet[DD]: Neighbor %s options mismatch.",
1502 inet_ntoa(nbr->router_id));
1503 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1504 break;
1505 }
1506
1507 /* Check DD sequence number. */
1508 if ((IS_SET_DD_MS(nbr->dd_flags)
1509 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1510 || (!IS_SET_DD_MS(nbr->dd_flags)
1511 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1512 flog_warn(
1513 EC_OSPF_PACKET,
1514 "Packet[DD]: Neighbor %s sequence number mismatch.",
1515 inet_ntoa(nbr->router_id));
1516 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1517 break;
1518 }
1519
1520 /* Continue processing rest of packet. */
1521 ospf_db_desc_proc(s, oi, nbr, dd, size);
1522 break;
1523 case NSM_Loading:
1524 case NSM_Full:
1525 if (ospf_db_desc_is_dup(dd, nbr)) {
1526 if (IS_SET_DD_MS(nbr->dd_flags)) {
1527 /* Master should discard duplicate DD packet. */
1528 zlog_info(
1529 "Packet[DD]: Neighbor %s duplicated, "
1530 "packet discarded.",
1531 inet_ntoa(nbr->router_id));
1532 break;
1533 } else {
1534 if (monotime_since(&nbr->last_send_ts, NULL)
1535 < nbr->v_inactivity * 1000000LL) {
1536 /* In states Loading and Full the slave
1537 must resend
1538 its last Database Description packet
1539 in response to
1540 duplicate Database Description
1541 packets received
1542 from the master. For this reason the
1543 slave must
1544 wait RouterDeadInterval seconds
1545 before freeing the
1546 last Database Description packet.
1547 Reception of a
1548 Database Description packet from the
1549 master after
1550 this interval will generate a
1551 SeqNumberMismatch
1552 neighbor event. RFC2328 Section 10.8
1553 */
1554 ospf_db_desc_resend(nbr);
1555 break;
1556 }
1557 }
1558 }
1559
1560 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1561 break;
1562 default:
1563 flog_warn(EC_OSPF_PACKET,
1564 "Packet[DD]: Neighbor %s NSM illegal status %u.",
1565 inet_ntoa(nbr->router_id), nbr->state);
1566 break;
1567 }
1568 }
1569
1570 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1571
1572 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1573 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1574 struct stream *s, struct ospf_interface *oi,
1575 uint16_t size)
1576 {
1577 struct ospf_neighbor *nbr;
1578 uint32_t ls_type;
1579 struct in_addr ls_id;
1580 struct in_addr adv_router;
1581 struct ospf_lsa *find;
1582 struct list *ls_upd;
1583 unsigned int length;
1584
1585 /* Increment statistics. */
1586 oi->ls_req_in++;
1587
1588 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1589 if (nbr == NULL) {
1590 flog_warn(EC_OSPF_PACKET,
1591 "Link State Request: Unknown Neighbor %s.",
1592 inet_ntoa(ospfh->router_id));
1593 return;
1594 }
1595
1596 /* Add event to thread. */
1597 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1598
1599 /* Neighbor State should be Exchange or later. */
1600 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1601 && nbr->state != NSM_Full) {
1602 flog_warn(
1603 EC_OSPF_PACKET,
1604 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
1605 inet_ntoa(ospfh->router_id),
1606 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1607 return;
1608 }
1609
1610 /* Send Link State Update for ALL requested LSAs. */
1611 ls_upd = list_new();
1612 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1613
1614 while (size >= OSPF_LSA_KEY_SIZE) {
1615 /* Get one slice of Link State Request. */
1616 ls_type = stream_getl(s);
1617 ls_id.s_addr = stream_get_ipv4(s);
1618 adv_router.s_addr = stream_get_ipv4(s);
1619
1620 /* Verify LSA type. */
1621 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1622 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1623 list_delete_and_null(&ls_upd);
1624 return;
1625 }
1626
1627 /* Search proper LSA in LSDB. */
1628 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1629 adv_router);
1630 if (find == NULL) {
1631 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1632 list_delete_and_null(&ls_upd);
1633 return;
1634 }
1635
1636 /* Packet overflows MTU size, send immediately. */
1637 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1638 if (oi->type == OSPF_IFTYPE_NBMA)
1639 ospf_ls_upd_send(nbr, ls_upd,
1640 OSPF_SEND_PACKET_DIRECT, 0);
1641 else
1642 ospf_ls_upd_send(nbr, ls_upd,
1643 OSPF_SEND_PACKET_INDIRECT, 0);
1644
1645 /* Only remove list contents. Keep ls_upd. */
1646 list_delete_all_node(ls_upd);
1647
1648 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1649 }
1650
1651 /* Append LSA to update list. */
1652 listnode_add(ls_upd, find);
1653 length += ntohs(find->data->length);
1654
1655 size -= OSPF_LSA_KEY_SIZE;
1656 }
1657
1658 /* Send rest of Link State Update. */
1659 if (listcount(ls_upd) > 0) {
1660 if (oi->type == OSPF_IFTYPE_NBMA)
1661 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1662 0);
1663 else
1664 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1665 0);
1666
1667 list_delete_and_null(&ls_upd);
1668 } else
1669 list_delete_and_null(&ls_upd);
1670 }
1671
1672 /* Get the list of LSAs from Link State Update packet.
1673 And process some validation -- RFC2328 Section 13. (1)-(2). */
1674 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1675 struct stream *s,
1676 struct ospf_interface *oi, size_t size)
1677 {
1678 uint16_t count, sum;
1679 uint32_t length;
1680 struct lsa_header *lsah;
1681 struct ospf_lsa *lsa;
1682 struct list *lsas;
1683
1684 lsas = list_new();
1685
1686 count = stream_getl(s);
1687 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1688
1689 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1690 size -= length, stream_forward_getp(s, length), count--) {
1691 lsah = (struct lsa_header *)stream_pnt(s);
1692 length = ntohs(lsah->length);
1693
1694 if (length > size) {
1695 flog_warn(
1696 EC_OSPF_PACKET,
1697 "Link State Update: LSA length exceeds packet size.");
1698 break;
1699 }
1700
1701 /* Validate the LSA's LS checksum. */
1702 sum = lsah->checksum;
1703 if (!ospf_lsa_checksum_valid(lsah)) {
1704 /* (bug #685) more details in a one-line message make it
1705 * possible
1706 * to identify problem source on the one hand and to
1707 * have a better
1708 * chance to compress repeated messages in syslog on the
1709 * other */
1710 flog_warn(
1711 EC_OSPF_PACKET,
1712 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1713 sum, lsah->checksum, inet_ntoa(lsah->id),
1714 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1715 inet_ntoa(lsah->adv_router));
1716 continue;
1717 }
1718
1719 /* Examine the LSA's LS type. */
1720 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1721 flog_warn(EC_OSPF_PACKET,
1722 "Link State Update: Unknown LS type %d",
1723 lsah->type);
1724 continue;
1725 }
1726
1727 /*
1728 * What if the received LSA's age is greater than MaxAge?
1729 * Treat it as a MaxAge case -- endo.
1730 */
1731 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1732 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1733
1734 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1735 #ifdef STRICT_OBIT_USAGE_CHECK
1736 if ((IS_OPAQUE_LSA(lsah->type)
1737 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1738 || (!IS_OPAQUE_LSA(lsah->type)
1739 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1740 /*
1741 * This neighbor must know the exact usage of
1742 * O-bit;
1743 * the bit will be set in Type-9,10,11 LSAs
1744 * only.
1745 */
1746 flog_warn(EC_OSPF_PACKET,
1747 "LSA[Type%d:%s]: O-bit abuse?",
1748 lsah->type, inet_ntoa(lsah->id));
1749 continue;
1750 }
1751 #endif /* STRICT_OBIT_USAGE_CHECK */
1752
1753 /* Do not take in AS External Opaque-LSAs if we are a
1754 * stub. */
1755 if (lsah->type == OSPF_OPAQUE_AS_LSA
1756 && nbr->oi->area->external_routing
1757 != OSPF_AREA_DEFAULT) {
1758 if (IS_DEBUG_OSPF_EVENT)
1759 zlog_debug(
1760 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1761 lsah->type,
1762 inet_ntoa(lsah->id));
1763 continue;
1764 }
1765 } else if (IS_OPAQUE_LSA(lsah->type)) {
1766 flog_warn(EC_OSPF_PACKET,
1767 "LSA[Type%d:%s]: Opaque capability mismatch?",
1768 lsah->type, inet_ntoa(lsah->id));
1769 continue;
1770 }
1771
1772 /* Create OSPF LSA instance. */
1773 lsa = ospf_lsa_new_and_data(length);
1774
1775 lsa->vrf_id = oi->ospf->vrf_id;
1776 /* We may wish to put some error checking if type NSSA comes in
1777 and area not in NSSA mode */
1778 switch (lsah->type) {
1779 case OSPF_AS_EXTERNAL_LSA:
1780 case OSPF_OPAQUE_AS_LSA:
1781 lsa->area = NULL;
1782 break;
1783 case OSPF_OPAQUE_LINK_LSA:
1784 lsa->oi = oi; /* Remember incoming interface for
1785 flooding control. */
1786 /* Fallthrough */
1787 default:
1788 lsa->area = oi->area;
1789 break;
1790 }
1791
1792 memcpy(lsa->data, lsah, length);
1793
1794 if (IS_DEBUG_OSPF_EVENT)
1795 zlog_debug(
1796 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1797 lsa->data->type, inet_ntoa(lsa->data->id),
1798 (void *)lsa);
1799 listnode_add(lsas, lsa);
1800 }
1801
1802 return lsas;
1803 }
1804
1805 /* Cleanup Update list. */
1806 static void ospf_upd_list_clean(struct list *lsas)
1807 {
1808 struct listnode *node, *nnode;
1809 struct ospf_lsa *lsa;
1810
1811 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1812 ospf_lsa_discard(lsa);
1813
1814 list_delete_and_null(&lsas);
1815 }
1816
1817 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1818 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1819 struct ospf_header *ospfh, struct stream *s,
1820 struct ospf_interface *oi, uint16_t size)
1821 {
1822 struct ospf_neighbor *nbr;
1823 struct list *lsas;
1824 struct listnode *node, *nnode;
1825 struct ospf_lsa *lsa = NULL;
1826 /* unsigned long ls_req_found = 0; */
1827
1828 /* Dis-assemble the stream, update each entry, re-encapsulate for
1829 * flooding */
1830
1831 /* Increment statistics. */
1832 oi->ls_upd_in++;
1833
1834 /* Check neighbor. */
1835 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1836 if (nbr == NULL) {
1837 flog_warn(EC_OSPF_PACKET,
1838 "Link State Update: Unknown Neighbor %s on int: %s",
1839 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1840 return;
1841 }
1842
1843 /* Add event to thread. */
1844 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1845
1846 /* Check neighbor state. */
1847 if (nbr->state < NSM_Exchange) {
1848 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1849 zlog_debug(
1850 "Link State Update: "
1851 "Neighbor[%s] state %s is less than Exchange",
1852 inet_ntoa(ospfh->router_id),
1853 lookup_msg(ospf_nsm_state_msg, nbr->state,
1854 NULL));
1855 return;
1856 }
1857
1858 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1859 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1860 * of section 13.
1861 */
1862 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1863
1864 if (lsas == NULL)
1865 return;
1866 #define DISCARD_LSA(L, N) \
1867 { \
1868 if (IS_DEBUG_OSPF_EVENT) \
1869 zlog_debug( \
1870 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1871 " Type-%d", \
1872 N, (void *)lsa, (int)lsa->data->type); \
1873 ospf_lsa_discard(L); \
1874 continue; \
1875 }
1876
1877 /* Process each LSA received in the one packet.
1878 *
1879 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1880 * text below are from the steps in RFC 2328, Section 13.
1881 */
1882 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1883 struct ospf_lsa *ls_ret, *current;
1884 int ret = 1;
1885
1886 if (IS_DEBUG_OSPF_NSSA) {
1887 char buf1[INET_ADDRSTRLEN];
1888 char buf2[INET_ADDRSTRLEN];
1889 char buf3[INET_ADDRSTRLEN];
1890
1891 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1892 lsa->data->type,
1893 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1894 INET_ADDRSTRLEN),
1895 inet_ntop(AF_INET, &lsa->data->id, buf2,
1896 INET_ADDRSTRLEN),
1897 inet_ntop(AF_INET, &lsa->data->adv_router,
1898 buf3, INET_ADDRSTRLEN));
1899 }
1900
1901 listnode_delete(lsas,
1902 lsa); /* We don't need it in list anymore */
1903
1904 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1905 */
1906
1907 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1908
1909 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1910 */
1911
1912 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1913 */
1914
1915 /* Do take in Type-7's if we are an NSSA */
1916
1917 /* If we are also an ABR, later translate them to a Type-5
1918 * packet */
1919
1920 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1921 translate them to a separate Type-5 packet. */
1922
1923 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1924 /* Reject from STUB or NSSA */
1925 if (nbr->oi->area->external_routing
1926 != OSPF_AREA_DEFAULT) {
1927 if (IS_DEBUG_OSPF_NSSA)
1928 zlog_debug(
1929 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1930 DISCARD_LSA(lsa, 1);
1931 }
1932
1933 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1934 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1935 if (IS_DEBUG_OSPF_NSSA)
1936 zlog_debug(
1937 "Incoming NSSA LSA Discarded: Not NSSA Area");
1938 DISCARD_LSA(lsa, 2);
1939 }
1940
1941 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1942 if (lsa->data->type == OSPF_ROUTER_LSA)
1943 if (!IPV4_ADDR_SAME(&lsa->data->id,
1944 &lsa->data->adv_router)) {
1945 char buf1[INET_ADDRSTRLEN];
1946 char buf2[INET_ADDRSTRLEN];
1947 char buf3[INET_ADDRSTRLEN];
1948
1949 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1950 "Incoming Router-LSA from %s with "
1951 "Adv-ID[%s] != LS-ID[%s]",
1952 inet_ntop(AF_INET, &ospfh->router_id,
1953 buf1, INET_ADDRSTRLEN),
1954 inet_ntop(AF_INET, &lsa->data->id,
1955 buf2, INET_ADDRSTRLEN),
1956 inet_ntop(AF_INET,
1957 &lsa->data->adv_router, buf3,
1958 INET_ADDRSTRLEN));
1959 flog_err(
1960 EC_OSPF_DOMAIN_CORRUPT,
1961 "OSPF domain compromised by attack or corruption. "
1962 "Verify correct operation of -ALL- OSPF routers.");
1963 DISCARD_LSA(lsa, 0);
1964 }
1965
1966 /* Find the LSA in the current database. */
1967
1968 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1969
1970 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1971 currently
1972 no instance of the LSA in the router's link state database,
1973 and none of router's neighbors are in states Exchange or
1974 Loading,
1975 then take the following actions: */
1976
1977 if (IS_LSA_MAXAGE(lsa) && !current
1978 && ospf_check_nbr_status(oi->ospf)) {
1979 /* (4a) Response Link State Acknowledgment. */
1980 ospf_ls_ack_send(nbr, lsa);
1981
1982 /* (4b) Discard LSA. */
1983 if (IS_DEBUG_OSPF(lsa, LSA)) {
1984 zlog_debug(
1985 "Link State Update[%s]: LS age is equal to MaxAge.",
1986 dump_lsa_key(lsa));
1987 }
1988 DISCARD_LSA(lsa, 3);
1989 }
1990
1991 if (IS_OPAQUE_LSA(lsa->data->type)
1992 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1993 &oi->ospf->router_id)) {
1994 /*
1995 * Even if initial flushing seems to be completed, there
1996 * might
1997 * be a case that self-originated LSA with MaxAge still
1998 * remain
1999 * in the routing domain.
2000 * Just send an LSAck message to cease retransmission.
2001 */
2002 if (IS_LSA_MAXAGE(lsa)) {
2003 zlog_info("LSA[%s]: Boomerang effect?",
2004 dump_lsa_key(lsa));
2005 ospf_ls_ack_send(nbr, lsa);
2006 ospf_lsa_discard(lsa);
2007
2008 if (current != NULL && !IS_LSA_MAXAGE(current))
2009 ospf_opaque_lsa_refresh_schedule(
2010 current);
2011 continue;
2012 }
2013
2014 /*
2015 * If an instance of self-originated Opaque-LSA is not
2016 * found
2017 * in the LSDB, there are some possible cases here.
2018 *
2019 * 1) This node lost opaque-capability after restart.
2020 * 2) Else, a part of opaque-type is no more supported.
2021 * 3) Else, a part of opaque-id is no more supported.
2022 *
2023 * Anyway, it is still this node's responsibility to
2024 * flush it.
2025 * Otherwise, the LSA instance remains in the routing
2026 * domain
2027 * until its age reaches to MaxAge.
2028 */
2029 /* XXX: We should deal with this for *ALL* LSAs, not
2030 * just opaque */
2031 if (current == NULL) {
2032 if (IS_DEBUG_OSPF_EVENT)
2033 zlog_debug(
2034 "LSA[%s]: Previously originated Opaque-LSA,"
2035 "not found in the LSDB.",
2036 dump_lsa_key(lsa));
2037
2038 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2039
2040 ospf_opaque_self_originated_lsa_received(nbr,
2041 lsa);
2042 ospf_ls_ack_send(nbr, lsa);
2043
2044 continue;
2045 }
2046 }
2047
2048 /* It might be happen that received LSA is self-originated
2049 * network LSA, but
2050 * router ID is changed. So, we should check if LSA is a
2051 * network-LSA whose
2052 * Link State ID is one of the router's own IP interface
2053 * addresses but whose
2054 * Advertising Router is not equal to the router's own Router ID
2055 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2056 * flushed.
2057 */
2058
2059 if (lsa->data->type == OSPF_NETWORK_LSA) {
2060 struct listnode *oinode, *oinnode;
2061 struct ospf_interface *out_if;
2062 int Flag = 0;
2063
2064 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2065 oinnode, out_if)) {
2066 if (out_if == NULL)
2067 break;
2068
2069 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2070 &lsa->data->id))
2071 && (!(IPV4_ADDR_SAME(
2072 &oi->ospf->router_id,
2073 &lsa->data->adv_router)))) {
2074 if (out_if->network_lsa_self) {
2075 ospf_lsa_flush_area(
2076 lsa, out_if->area);
2077 if (IS_DEBUG_OSPF_EVENT)
2078 zlog_debug(
2079 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2080 (void *)lsa,
2081 (int)lsa->data
2082 ->type);
2083 ospf_lsa_discard(lsa);
2084 Flag = 1;
2085 }
2086 break;
2087 }
2088 }
2089 if (Flag)
2090 continue;
2091 }
2092
2093 /* (5) Find the instance of this LSA that is currently contained
2094 in the router's link state database. If there is no
2095 database copy, or the received LSA is more recent than
2096 the database copy the following steps must be performed.
2097 (The sub steps from RFC 2328 section 13 step (5) will be
2098 performed in
2099 ospf_flood() ) */
2100
2101 if (current == NULL
2102 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2103 /* Actual flooding procedure. */
2104 if (ospf_flood(oi->ospf, nbr, current, lsa)
2105 < 0) /* Trap NSSA later. */
2106 DISCARD_LSA(lsa, 4);
2107 continue;
2108 }
2109
2110 /* (6) Else, If there is an instance of the LSA on the sending
2111 neighbor's Link state request list, an error has occurred in
2112 the Database Exchange process. In this case, restart the
2113 Database Exchange process by generating the neighbor event
2114 BadLSReq for the sending neighbor and stop processing the
2115 Link State Update packet. */
2116
2117 if (ospf_ls_request_lookup(nbr, lsa)) {
2118 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2119 flog_warn(
2120 EC_OSPF_PACKET,
2121 "LSA[%s] instance exists on Link state request list",
2122 dump_lsa_key(lsa));
2123
2124 /* Clean list of LSAs. */
2125 ospf_upd_list_clean(lsas);
2126 /* this lsa is not on lsas list already. */
2127 ospf_lsa_discard(lsa);
2128 return;
2129 }
2130
2131 /* If the received LSA is the same instance as the database copy
2132 (i.e., neither one is more recent) the following two steps
2133 should be performed: */
2134
2135 if (ret == 0) {
2136 /* If the LSA is listed in the Link state retransmission
2137 list
2138 for the receiving adjacency, the router itself is
2139 expecting
2140 an acknowledgment for this LSA. The router should
2141 treat the
2142 received LSA as an acknowledgment by removing the LSA
2143 from
2144 the Link state retransmission list. This is termed
2145 an
2146 "implied acknowledgment". */
2147
2148 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2149
2150 if (ls_ret != NULL) {
2151 ospf_ls_retransmit_delete(nbr, ls_ret);
2152
2153 /* Delayed acknowledgment sent if advertisement
2154 received
2155 from Designated Router, otherwise do nothing.
2156 */
2157 if (oi->state == ISM_Backup)
2158 if (NBR_IS_DR(nbr))
2159 listnode_add(
2160 oi->ls_ack,
2161 ospf_lsa_lock(lsa));
2162
2163 DISCARD_LSA(lsa, 5);
2164 } else
2165 /* Acknowledge the receipt of the LSA by sending a
2166 Link State Acknowledgment packet back out the
2167 receiving
2168 interface. */
2169 {
2170 ospf_ls_ack_send(nbr, lsa);
2171 DISCARD_LSA(lsa, 6);
2172 }
2173 }
2174
2175 /* The database copy is more recent. If the database copy
2176 has LS age equal to MaxAge and LS sequence number equal to
2177 MaxSequenceNumber, simply discard the received LSA without
2178 acknowledging it. (In this case, the LSA's LS sequence number
2179 is
2180 wrapping, and the MaxSequenceNumber LSA must be completely
2181 flushed before any new LSA instance can be introduced). */
2182
2183 else if (ret > 0) /* Database copy is more recent */
2184 {
2185 if (IS_LSA_MAXAGE(current)
2186 && current->data->ls_seqnum
2187 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2188 DISCARD_LSA(lsa, 7);
2189 }
2190 /* Otherwise, as long as the database copy has not been
2191 sent in a
2192 Link State Update within the last MinLSArrival
2193 seconds, send the
2194 database copy back to the sending neighbor,
2195 encapsulated within
2196 a Link State Update Packet. The Link State Update
2197 Packet should
2198 be sent directly to the neighbor. In so doing, do not
2199 put the
2200 database copy of the LSA on the neighbor's link state
2201 retransmission list, and do not acknowledge the
2202 received (less
2203 recent) LSA instance. */
2204 else {
2205 if (monotime_since(&current->tv_orig, NULL)
2206 >= ospf->min_ls_arrival * 1000LL)
2207 /* Trap NSSA type later.*/
2208 ospf_ls_upd_send_lsa(
2209 nbr, current,
2210 OSPF_SEND_PACKET_DIRECT);
2211 DISCARD_LSA(lsa, 8);
2212 }
2213 }
2214 }
2215 #undef DISCARD_LSA
2216
2217 assert(listcount(lsas) == 0);
2218 list_delete_and_null(&lsas);
2219 }
2220
2221 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2222 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2223 struct stream *s, struct ospf_interface *oi,
2224 uint16_t size)
2225 {
2226 struct ospf_neighbor *nbr;
2227
2228 /* increment statistics. */
2229 oi->ls_ack_in++;
2230
2231 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2232 if (nbr == NULL) {
2233 flog_warn(EC_OSPF_PACKET,
2234 "Link State Acknowledgment: Unknown Neighbor %s.",
2235 inet_ntoa(ospfh->router_id));
2236 return;
2237 }
2238
2239 /* Add event to thread. */
2240 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2241
2242 if (nbr->state < NSM_Exchange) {
2243 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2244 zlog_debug(
2245 "Link State Acknowledgment: "
2246 "Neighbor[%s] state %s is less than Exchange",
2247 inet_ntoa(ospfh->router_id),
2248 lookup_msg(ospf_nsm_state_msg, nbr->state,
2249 NULL));
2250 return;
2251 }
2252
2253 while (size >= OSPF_LSA_HEADER_SIZE) {
2254 struct ospf_lsa *lsa, *lsr;
2255
2256 lsa = ospf_lsa_new();
2257 lsa->data = (struct lsa_header *)stream_pnt(s);
2258 lsa->vrf_id = oi->ospf->vrf_id;
2259
2260 /* lsah = (struct lsa_header *) stream_pnt (s); */
2261 size -= OSPF_LSA_HEADER_SIZE;
2262 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2263
2264 if (lsa->data->type < OSPF_MIN_LSA
2265 || lsa->data->type >= OSPF_MAX_LSA) {
2266 lsa->data = NULL;
2267 ospf_lsa_discard(lsa);
2268 continue;
2269 }
2270
2271 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2272
2273 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2274 ospf_ls_retransmit_delete(nbr, lsr);
2275
2276 lsa->data = NULL;
2277 ospf_lsa_discard(lsa);
2278 }
2279
2280 return;
2281 }
2282
2283 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2284 struct interface **ifp,
2285 struct stream *ibuf)
2286 {
2287 int ret;
2288 struct ip *iph;
2289 uint16_t ip_len;
2290 ifindex_t ifindex = 0;
2291 struct iovec iov;
2292 /* Header and data both require alignment. */
2293 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2294 struct msghdr msgh;
2295
2296 memset(&msgh, 0, sizeof(struct msghdr));
2297 msgh.msg_iov = &iov;
2298 msgh.msg_iovlen = 1;
2299 msgh.msg_control = (caddr_t)buff;
2300 msgh.msg_controllen = sizeof(buff);
2301
2302 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2303 if (ret < 0) {
2304 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2305 safe_strerror(errno));
2306 return NULL;
2307 }
2308 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2309 {
2310 flog_warn(
2311 EC_OSPF_PACKET,
2312 "ospf_recv_packet: discarding runt packet of length %d "
2313 "(ip header size is %u)",
2314 ret, (unsigned int)sizeof(iph));
2315 return NULL;
2316 }
2317
2318 /* Note that there should not be alignment problems with this assignment
2319 because this is at the beginning of the stream data buffer. */
2320 iph = (struct ip *)STREAM_DATA(ibuf);
2321 sockopt_iphdrincl_swab_systoh(iph);
2322
2323 ip_len = iph->ip_len;
2324
2325 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2326 /*
2327 * Kernel network code touches incoming IP header parameters,
2328 * before protocol specific processing.
2329 *
2330 * 1) Convert byteorder to host representation.
2331 * --> ip_len, ip_id, ip_off
2332 *
2333 * 2) Adjust ip_len to strip IP header size!
2334 * --> If user process receives entire IP packet via RAW
2335 * socket, it must consider adding IP header size to
2336 * the "ip_len" field of "ip" structure.
2337 *
2338 * For more details, see <netinet/ip_input.c>.
2339 */
2340 ip_len = ip_len + (iph->ip_hl << 2);
2341 #endif
2342
2343 #if defined(__DragonFly__)
2344 /*
2345 * in DragonFly's raw socket, ip_len/ip_off are read
2346 * in network byte order.
2347 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2348 */
2349 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2350 #endif
2351
2352 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2353
2354 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2355
2356 if (ret != ip_len) {
2357 flog_warn(
2358 EC_OSPF_PACKET,
2359 "ospf_recv_packet read length mismatch: ip_len is %d, "
2360 "but recvmsg returned %d",
2361 ip_len, ret);
2362 return NULL;
2363 }
2364
2365 return ibuf;
2366 }
2367
2368 static struct ospf_interface *
2369 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2370 struct ip *iph, struct ospf_header *ospfh)
2371 {
2372 struct ospf_interface *rcv_oi;
2373 struct ospf_vl_data *vl_data;
2374 struct ospf_area *vl_area;
2375 struct listnode *node;
2376
2377 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2378 || !OSPF_IS_AREA_BACKBONE(ospfh))
2379 return NULL;
2380
2381 /* look for local OSPF interface matching the destination
2382 * to determine Area ID. We presume therefore the destination address
2383 * is unique, or at least (for "unnumbered" links), not used in other
2384 * areas
2385 */
2386 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2387 == NULL)
2388 return NULL;
2389
2390 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2391 vl_area =
2392 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2393 if (!vl_area)
2394 continue;
2395
2396 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2397 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2398 if (IS_DEBUG_OSPF_EVENT)
2399 zlog_debug("associating packet with %s",
2400 IF_NAME(vl_data->vl_oi));
2401 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2402 if (IS_DEBUG_OSPF_EVENT)
2403 zlog_debug(
2404 "This VL is not up yet, sorry");
2405 return NULL;
2406 }
2407
2408 return vl_data->vl_oi;
2409 }
2410 }
2411
2412 if (IS_DEBUG_OSPF_EVENT)
2413 zlog_debug("couldn't find any VL to associate the packet with");
2414
2415 return NULL;
2416 }
2417
2418 static int ospf_check_area_id(struct ospf_interface *oi,
2419 struct ospf_header *ospfh)
2420 {
2421 /* Check match the Area ID of the receiving interface. */
2422 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2423 return 1;
2424
2425 return 0;
2426 }
2427
2428 /* Unbound socket will accept any Raw IP packets if proto is matched.
2429 To prevent it, compare src IP address and i/f address with masking
2430 i/f network mask. */
2431 static int ospf_check_network_mask(struct ospf_interface *oi,
2432 struct in_addr ip_src)
2433 {
2434 struct in_addr mask, me, him;
2435
2436 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2437 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2438 return 1;
2439
2440 masklen2ip(oi->address->prefixlen, &mask);
2441
2442 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2443 him.s_addr = ip_src.s_addr & mask.s_addr;
2444
2445 if (IPV4_ADDR_SAME(&me, &him))
2446 return 1;
2447
2448 return 0;
2449 }
2450
2451 /* Return 1, if the packet is properly authenticated and checksummed,
2452 0 otherwise. In particular, check that AuType header field is valid and
2453 matches the locally configured AuType, and that D.5 requirements are met. */
2454 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2455 {
2456 struct crypt_key *ck;
2457 uint16_t iface_auth_type;
2458 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2459
2460 switch (pkt_auth_type) {
2461 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2462 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2463 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2464 flog_warn(
2465 EC_OSPF_PACKET,
2466 "interface %s: auth-type mismatch, local %s, rcvd Null",
2467 IF_NAME(oi),
2468 lookup_msg(ospf_auth_type_str,
2469 iface_auth_type, NULL));
2470 return 0;
2471 }
2472 if (!ospf_check_sum(ospfh)) {
2473 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2474 flog_warn(
2475 EC_OSPF_PACKET,
2476 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2477 IF_NAME(oi),
2478 inet_ntoa(ospfh->router_id));
2479 return 0;
2480 }
2481 return 1;
2482 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2483 if (OSPF_AUTH_SIMPLE
2484 != (iface_auth_type = ospf_auth_type(oi))) {
2485 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2486 flog_warn(
2487 EC_OSPF_PACKET,
2488 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2489 IF_NAME(oi),
2490 lookup_msg(ospf_auth_type_str,
2491 iface_auth_type, NULL));
2492 return 0;
2493 }
2494 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2495 OSPF_AUTH_SIMPLE_SIZE)) {
2496 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2497 flog_warn(EC_OSPF_PACKET,
2498 "interface %s: Simple auth failed",
2499 IF_NAME(oi));
2500 return 0;
2501 }
2502 if (!ospf_check_sum(ospfh)) {
2503 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2504 flog_warn(
2505 EC_OSPF_PACKET,
2506 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2507 IF_NAME(oi),
2508 inet_ntoa(ospfh->router_id));
2509 return 0;
2510 }
2511 return 1;
2512 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2513 if (OSPF_AUTH_CRYPTOGRAPHIC
2514 != (iface_auth_type = ospf_auth_type(oi))) {
2515 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2516 flog_warn(
2517 EC_OSPF_PACKET,
2518 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2519 IF_NAME(oi),
2520 lookup_msg(ospf_auth_type_str,
2521 iface_auth_type, NULL));
2522 return 0;
2523 }
2524 if (ospfh->checksum) {
2525 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2526 flog_warn(
2527 EC_OSPF_PACKET,
2528 "interface %s: OSPF header checksum is not 0",
2529 IF_NAME(oi));
2530 return 0;
2531 }
2532 /* only MD5 crypto method can pass ospf_packet_examin() */
2533 if (NULL == (ck = listgetdata(
2534 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2535 || ospfh->u.crypt.key_id != ck->key_id ||
2536 /* Condition above uses the last key ID on the list,
2537 which is
2538 different from what ospf_crypt_key_lookup() does. A
2539 bug? */
2540 !ospf_check_md5_digest(oi, ospfh)) {
2541 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2542 flog_warn(EC_OSPF_MD5,
2543 "interface %s: MD5 auth failed",
2544 IF_NAME(oi));
2545 return 0;
2546 }
2547 return 1;
2548 default:
2549 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2550 flog_warn(
2551 EC_OSPF_PACKET,
2552 "interface %s: invalid packet auth-type (%02x)",
2553 IF_NAME(oi), pkt_auth_type);
2554 return 0;
2555 }
2556 }
2557
2558 static int ospf_check_sum(struct ospf_header *ospfh)
2559 {
2560 uint32_t ret;
2561 uint16_t sum;
2562
2563 /* clear auth_data for checksum. */
2564 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2565
2566 /* keep checksum and clear. */
2567 sum = ospfh->checksum;
2568 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2569
2570 /* calculate checksum. */
2571 ret = in_cksum(ospfh, ntohs(ospfh->length));
2572
2573 if (ret != sum) {
2574 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2575 ret, sum);
2576 return 0;
2577 }
2578
2579 return 1;
2580 }
2581
2582 /* Verify, that given link/TOS records are properly sized/aligned and match
2583 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2584 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2585 uint16_t linkbytes,
2586 const uint16_t num_links)
2587 {
2588 unsigned counted_links = 0, thislinklen;
2589
2590 while (linkbytes) {
2591 thislinklen =
2592 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2593 if (thislinklen > linkbytes) {
2594 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2595 zlog_debug("%s: length error in link block #%u",
2596 __func__, counted_links);
2597 return MSG_NG;
2598 }
2599 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2600 linkbytes -= thislinklen;
2601 counted_links++;
2602 }
2603 if (counted_links != num_links) {
2604 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2605 zlog_debug("%s: %u link blocks declared, %u present",
2606 __func__, num_links, counted_links);
2607 return MSG_NG;
2608 }
2609 return MSG_OK;
2610 }
2611
2612 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2613 minimum length constraint). */
2614 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2615 const uint8_t headeronly)
2616 {
2617 unsigned ret;
2618 struct router_lsa *rlsa;
2619 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2620 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2621 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2622 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2623 lookup_msg(ospf_lsa_type_msg, lsah->type,
2624 NULL));
2625 return MSG_NG;
2626 }
2627 switch (lsah->type) {
2628 case OSPF_ROUTER_LSA:
2629 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2630 * (12+)-byte link blocks */
2631 if (headeronly) {
2632 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2633 - OSPF_ROUTER_LSA_MIN_SIZE)
2634 % 4
2635 ? MSG_NG
2636 : MSG_OK;
2637 break;
2638 }
2639 rlsa = (struct router_lsa *)lsah;
2640 ret = ospf_router_lsa_links_examin(
2641 (struct router_lsa_link *)rlsa->link,
2642 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2643 header, "flags",
2644 0, "# links" */
2645 ntohs(rlsa->links) /* 16 bits */
2646 );
2647 break;
2648 case OSPF_AS_EXTERNAL_LSA:
2649 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2650 * blocks */
2651 case OSPF_AS_NSSA_LSA:
2652 /* RFC3101 C, idem */
2653 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2654 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2655 % 12
2656 ? MSG_NG
2657 : MSG_OK;
2658 break;
2659 /* Following LSA types are considered OK length-wise as soon as their
2660 * minimum
2661 * length constraint is met and length of the whole LSA is a multiple of
2662 * 4
2663 * (basic LSA header size is already a multiple of 4). */
2664 case OSPF_NETWORK_LSA:
2665 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2666 case OSPF_SUMMARY_LSA:
2667 case OSPF_ASBR_SUMMARY_LSA:
2668 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2669 * blocks */
2670 case OSPF_OPAQUE_LINK_LSA:
2671 case OSPF_OPAQUE_AREA_LSA:
2672 case OSPF_OPAQUE_AS_LSA:
2673 /* RFC5250 A.2, "some number of octets (of application-specific
2674 * data) padded to 32-bit alignment." This is considered
2675 * equivalent
2676 * to 4-byte alignment of all other LSA types, see
2677 * OSPF-ALIGNMENT.txt
2678 * file for the detailed analysis of this passage. */
2679 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2680 break;
2681 default:
2682 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2683 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2684 lsah->type);
2685 return MSG_NG;
2686 }
2687 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2688 zlog_debug("%s: alignment error in %s", __func__,
2689 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2690 return ret;
2691 }
2692
2693 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2694 includes verification of LSA blocks length/alignment and dispatching
2695 of deeper-level checks. */
2696 static unsigned
2697 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2698 size_t length, const uint8_t headeronly,
2699 /* When declared_num_lsas is not 0, compare it to the real
2700 number of LSAs
2701 and treat the difference as an error. */
2702 const uint32_t declared_num_lsas)
2703 {
2704 uint32_t counted_lsas = 0;
2705
2706 while (length) {
2707 uint16_t lsalen;
2708 if (length < OSPF_LSA_HEADER_SIZE) {
2709 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2710 zlog_debug(
2711 "%s: undersized (%zu B) trailing (#%u) LSA header",
2712 __func__, length, counted_lsas);
2713 return MSG_NG;
2714 }
2715 /* save on ntohs() calls here and in the LSA validator */
2716 lsalen = ntohs(lsah->length);
2717 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2718 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2719 zlog_debug(
2720 "%s: malformed LSA header #%u, declared length is %u B",
2721 __func__, counted_lsas, lsalen);
2722 return MSG_NG;
2723 }
2724 if (headeronly) {
2725 /* less checks here and in ospf_lsa_examin() */
2726 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2727 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2728 zlog_debug(
2729 "%s: malformed header-only LSA #%u",
2730 __func__, counted_lsas);
2731 return MSG_NG;
2732 }
2733 lsah = (struct lsa_header *)((caddr_t)lsah
2734 + OSPF_LSA_HEADER_SIZE);
2735 length -= OSPF_LSA_HEADER_SIZE;
2736 } else {
2737 /* make sure the input buffer is deep enough before
2738 * further checks */
2739 if (lsalen > length) {
2740 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2741 zlog_debug(
2742 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2743 __func__, counted_lsas, lsalen,
2744 length);
2745 return MSG_NG;
2746 }
2747 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2748 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2749 zlog_debug("%s: malformed LSA #%u",
2750 __func__, counted_lsas);
2751 return MSG_NG;
2752 }
2753 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2754 length -= lsalen;
2755 }
2756 counted_lsas++;
2757 }
2758
2759 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2760 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2761 zlog_debug(
2762 "%s: #LSAs declared (%u) does not match actual (%u)",
2763 __func__, declared_num_lsas, counted_lsas);
2764 return MSG_NG;
2765 }
2766 return MSG_OK;
2767 }
2768
2769 /* Verify a complete OSPF packet for proper sizing/alignment. */
2770 static unsigned ospf_packet_examin(struct ospf_header *oh,
2771 const unsigned bytesonwire)
2772 {
2773 uint16_t bytesdeclared, bytesauth;
2774 unsigned ret;
2775 struct ospf_ls_update *lsupd;
2776
2777 /* Length, 1st approximation. */
2778 if (bytesonwire < OSPF_HEADER_SIZE) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug("%s: undersized (%u B) packet", __func__,
2781 bytesonwire);
2782 return MSG_NG;
2783 }
2784 /* Now it is safe to access header fields. Performing length check,
2785 * allow
2786 * for possible extra bytes of crypto auth/padding, which are not
2787 * counted
2788 * in the OSPF header "length" field. */
2789 if (oh->version != OSPF_VERSION) {
2790 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2791 zlog_debug("%s: invalid (%u) protocol version",
2792 __func__, oh->version);
2793 return MSG_NG;
2794 }
2795 bytesdeclared = ntohs(oh->length);
2796 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2797 bytesauth = 0;
2798 else {
2799 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2800 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2801 zlog_debug(
2802 "%s: unsupported crypto auth length (%u B)",
2803 __func__, oh->u.crypt.auth_data_len);
2804 return MSG_NG;
2805 }
2806 bytesauth = OSPF_AUTH_MD5_SIZE;
2807 }
2808 if (bytesdeclared + bytesauth > bytesonwire) {
2809 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2810 zlog_debug(
2811 "%s: packet length error (%u real, %u+%u declared)",
2812 __func__, bytesonwire, bytesdeclared,
2813 bytesauth);
2814 return MSG_NG;
2815 }
2816 /* Length, 2nd approximation. The type-specific constraint is checked
2817 against declared length, not amount of bytes on wire. */
2818 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2819 && bytesdeclared
2820 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2821 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2822 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2823 bytesdeclared,
2824 lookup_msg(ospf_packet_type_str, oh->type,
2825 NULL));
2826 return MSG_NG;
2827 }
2828 switch (oh->type) {
2829 case OSPF_MSG_HELLO:
2830 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2831 followed
2832 by N>=0 router-IDs. */
2833 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2834 % 4
2835 ? MSG_NG
2836 : MSG_OK;
2837 break;
2838 case OSPF_MSG_DB_DESC:
2839 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2840 followed
2841 by N>=0 header-only LSAs. */
2842 ret = ospf_lsaseq_examin(
2843 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2844 + OSPF_DB_DESC_MIN_SIZE),
2845 bytesdeclared - OSPF_HEADER_SIZE
2846 - OSPF_DB_DESC_MIN_SIZE,
2847 1, /* header-only LSAs */
2848 0);
2849 break;
2850 case OSPF_MSG_LS_REQ:
2851 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2852 * request blocks. */
2853 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2854 % OSPF_LSA_KEY_SIZE
2855 ? MSG_NG
2856 : MSG_OK;
2857 break;
2858 case OSPF_MSG_LS_UPD:
2859 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2860 followed
2861 by N>=0 full LSAs (with N declared beforehand). */
2862 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2863 + OSPF_HEADER_SIZE);
2864 ret = ospf_lsaseq_examin(
2865 (struct lsa_header *)((caddr_t)lsupd
2866 + OSPF_LS_UPD_MIN_SIZE),
2867 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2868 0, /* full LSAs */
2869 ntohl(lsupd->num_lsas) /* 32 bits */
2870 );
2871 break;
2872 case OSPF_MSG_LS_ACK:
2873 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2874 * LSAs. */
2875 ret = ospf_lsaseq_examin(
2876 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2877 + OSPF_LS_ACK_MIN_SIZE),
2878 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2879 1, /* header-only LSAs */
2880 0);
2881 break;
2882 default:
2883 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2884 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2885 oh->type);
2886 return MSG_NG;
2887 }
2888 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2889 zlog_debug("%s: malformed %s packet", __func__,
2890 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2891 return ret;
2892 }
2893
2894 /* OSPF Header verification. */
2895 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2896 struct ip *iph, struct ospf_header *ospfh)
2897 {
2898 /* Check Area ID. */
2899 if (!ospf_check_area_id(oi, ospfh)) {
2900 flog_warn(EC_OSPF_PACKET,
2901 "interface %s: ospf_read invalid Area ID %s.",
2902 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2903 return -1;
2904 }
2905
2906 /* Check network mask, Silently discarded. */
2907 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2908 flog_warn(
2909 EC_OSPF_PACKET,
2910 "interface %s: ospf_read network address is not same [%s]",
2911 IF_NAME(oi), inet_ntoa(iph->ip_src));
2912 return -1;
2913 }
2914
2915 /* Check authentication. The function handles logging actions, where
2916 * required. */
2917 if (!ospf_check_auth(oi, ospfh))
2918 return -1;
2919
2920 return 0;
2921 }
2922
2923 /* Starting point of packet process function. */
2924 int ospf_read(struct thread *thread)
2925 {
2926 int ret;
2927 struct stream *ibuf;
2928 struct ospf *ospf;
2929 struct ospf_interface *oi;
2930 struct ip *iph;
2931 struct ospf_header *ospfh;
2932 uint16_t length;
2933 struct interface *ifp = NULL;
2934 struct connected *c;
2935
2936 /* first of all get interface pointer. */
2937 ospf = THREAD_ARG(thread);
2938
2939 /* prepare for next packet. */
2940 ospf->t_read = NULL;
2941 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2942
2943 stream_reset(ospf->ibuf);
2944 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2945 if (ibuf == NULL)
2946 return -1;
2947 /* This raw packet is known to be at least as big as its IP header. */
2948
2949 /* Note that there should not be alignment problems with this assignment
2950 because this is at the beginning of the stream data buffer. */
2951 iph = (struct ip *)STREAM_DATA(ibuf);
2952 /* Note that sockopt_iphdrincl_swab_systoh was called in
2953 * ospf_recv_packet. */
2954
2955 if (ifp == NULL) {
2956 /* Handle cases where the platform does not support retrieving
2957 the ifindex,
2958 and also platforms (such as Solaris 8) that claim to support
2959 ifindex
2960 retrieval but do not. */
2961 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2962 ospf->vrf_id);
2963 if (c)
2964 ifp = c->ifp;
2965 if (ifp == NULL)
2966 return 0;
2967 }
2968
2969 /* IP Header dump. */
2970 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2971 ospf_ip_header_dump(iph);
2972
2973 /* Self-originated packet should be discarded silently. */
2974 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2975 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2976 zlog_debug(
2977 "ospf_read[%s]: Dropping self-originated packet",
2978 inet_ntoa(iph->ip_src));
2979 }
2980 return 0;
2981 }
2982
2983 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2984 by ospf_recv_packet() to be correct). */
2985 stream_forward_getp(ibuf, iph->ip_hl * 4);
2986
2987 ospfh = (struct ospf_header *)stream_pnt(ibuf);
2988 if (MSG_OK
2989 != ospf_packet_examin(
2990 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2991 return -1;
2992 /* Now it is safe to access all fields of OSPF packet header. */
2993
2994 /* associate packet with ospf interface */
2995 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2996
2997 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2998 only
2999 after the passive/backbone/other checks below are passed. These
3000 checks
3001 in turn access the fields of unverified "ospfh" structure for their
3002 own
3003 purposes and must remain very accurate in doing this. */
3004
3005 /* If incoming interface is passive one, ignore it. */
3006 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3007 char buf[3][INET_ADDRSTRLEN];
3008
3009 if (IS_DEBUG_OSPF_EVENT)
3010 zlog_debug(
3011 "ignoring packet from router %s sent to %s, "
3012 "received on a passive interface, %s",
3013 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3014 sizeof(buf[0])),
3015 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3016 sizeof(buf[1])),
3017 inet_ntop(AF_INET, &oi->address->u.prefix4,
3018 buf[2], sizeof(buf[2])));
3019
3020 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3021 /* Try to fix multicast membership.
3022 * Some OS:es may have problems in this area,
3023 * make sure it is removed.
3024 */
3025 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3026 ospf_if_set_multicast(oi);
3027 }
3028 return 0;
3029 }
3030
3031
3032 /* if no local ospf_interface,
3033 * or header area is backbone but ospf_interface is not
3034 * check for VLINK interface
3035 */
3036 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3037 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3038 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3039 == NULL) {
3040 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3041 zlog_debug(
3042 "Packet from [%s] received on link %s"
3043 " but no ospf_interface",
3044 inet_ntoa(iph->ip_src), ifp->name);
3045 return 0;
3046 }
3047 }
3048
3049 /* else it must be a local ospf interface, check it was received on
3050 * correct link
3051 */
3052 else if (oi->ifp != ifp) {
3053 if (IS_DEBUG_OSPF_EVENT)
3054 flog_warn(EC_OSPF_PACKET,
3055 "Packet from [%s] received on wrong link %s",
3056 inet_ntoa(iph->ip_src), ifp->name);
3057 return 0;
3058 } else if (oi->state == ISM_Down) {
3059 char buf[2][INET_ADDRSTRLEN];
3060 flog_warn(
3061 EC_OSPF_PACKET,
3062 "Ignoring packet from %s to %s received on interface that is "
3063 "down [%s]; interface flags are %s",
3064 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3065 sizeof(buf[0])),
3066 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3067 sizeof(buf[1])),
3068 ifp->name, if_flag_dump(ifp->flags));
3069 /* Fix multicast memberships? */
3070 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3071 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3072 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3073 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3074 if (oi->multicast_memberships)
3075 ospf_if_set_multicast(oi);
3076 return 0;
3077 }
3078
3079 /*
3080 * If the received packet is destined for AllDRouters, the packet
3081 * should be accepted only if the received ospf interface state is
3082 * either DR or Backup -- endo.
3083 */
3084 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3085 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3086 flog_warn(
3087 EC_OSPF_PACKET,
3088 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3089 inet_ntoa(iph->ip_src), IF_NAME(oi),
3090 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3091 /* Try to fix multicast membership. */
3092 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3093 ospf_if_set_multicast(oi);
3094 return 0;
3095 }
3096
3097 /* Verify more OSPF header fields. */
3098 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3099 if (ret < 0) {
3100 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3101 zlog_debug(
3102 "ospf_read[%s]: Header check failed, "
3103 "dropping.",
3104 inet_ntoa(iph->ip_src));
3105 return ret;
3106 }
3107
3108 /* Show debug receiving packet. */
3109 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3110 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3111 zlog_debug(
3112 "-----------------------------------------------------");
3113 ospf_packet_dump(ibuf);
3114 }
3115
3116 zlog_debug("%s received from [%s] via [%s]",
3117 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3118 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3119 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3120 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3121
3122 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3123 zlog_debug(
3124 "-----------------------------------------------------");
3125 }
3126
3127 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3128
3129 /* Adjust size to message length. */
3130 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3131
3132 /* Read rest of the packet and call each sort of packet routine. */
3133 switch (ospfh->type) {
3134 case OSPF_MSG_HELLO:
3135 ospf_hello(iph, ospfh, ibuf, oi, length);
3136 break;
3137 case OSPF_MSG_DB_DESC:
3138 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3139 break;
3140 case OSPF_MSG_LS_REQ:
3141 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3142 break;
3143 case OSPF_MSG_LS_UPD:
3144 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3145 break;
3146 case OSPF_MSG_LS_ACK:
3147 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3148 break;
3149 default:
3150 flog_warn(EC_OSPF_PACKET,
3151 "interface %s: OSPF packet header type %d is illegal",
3152 IF_NAME(oi), ospfh->type);
3153 break;
3154 }
3155
3156 return 0;
3157 }
3158
3159 /* Make OSPF header. */
3160 static void ospf_make_header(int type, struct ospf_interface *oi,
3161 struct stream *s)
3162 {
3163 struct ospf_header *ospfh;
3164
3165 ospfh = (struct ospf_header *)STREAM_DATA(s);
3166
3167 ospfh->version = (uint8_t)OSPF_VERSION;
3168 ospfh->type = (uint8_t)type;
3169
3170 ospfh->router_id = oi->ospf->router_id;
3171
3172 ospfh->checksum = 0;
3173 ospfh->area_id = oi->area->area_id;
3174 ospfh->auth_type = htons(ospf_auth_type(oi));
3175
3176 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3177
3178 stream_forward_endp(s, OSPF_HEADER_SIZE);
3179 }
3180
3181 /* Make Authentication Data. */
3182 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3183 {
3184 struct crypt_key *ck;
3185
3186 switch (ospf_auth_type(oi)) {
3187 case OSPF_AUTH_NULL:
3188 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3189 */
3190 break;
3191 case OSPF_AUTH_SIMPLE:
3192 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3193 OSPF_AUTH_SIMPLE_SIZE);
3194 break;
3195 case OSPF_AUTH_CRYPTOGRAPHIC:
3196 /* If key is not set, then set 0. */
3197 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3198 ospfh->u.crypt.zero = 0;
3199 ospfh->u.crypt.key_id = 0;
3200 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3201 } else {
3202 ck = listgetdata(
3203 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3204 ospfh->u.crypt.zero = 0;
3205 ospfh->u.crypt.key_id = ck->key_id;
3206 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3207 }
3208 /* note: the seq is done in ospf_make_md5_digest() */
3209 break;
3210 default:
3211 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3212 */
3213 break;
3214 }
3215
3216 return 0;
3217 }
3218
3219 /* Fill rest of OSPF header. */
3220 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3221 uint16_t length)
3222 {
3223 struct ospf_header *ospfh;
3224
3225 ospfh = (struct ospf_header *)STREAM_DATA(s);
3226
3227 /* Fill length. */
3228 ospfh->length = htons(length);
3229
3230 /* Calculate checksum. */
3231 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3232 ospfh->checksum = in_cksum(ospfh, length);
3233 else
3234 ospfh->checksum = 0;
3235
3236 /* Add Authentication Data. */
3237 ospf_make_auth(oi, ospfh);
3238 }
3239
3240 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3241 {
3242 struct ospf_neighbor *nbr;
3243 struct route_node *rn;
3244 uint16_t length = OSPF_HELLO_MIN_SIZE;
3245 struct in_addr mask;
3246 unsigned long p;
3247 int flag = 0;
3248
3249 /* Set netmask of interface. */
3250 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3251 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3252 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3253 masklen2ip(oi->address->prefixlen, &mask);
3254 else
3255 memset((char *)&mask, 0, sizeof(struct in_addr));
3256 stream_put_ipv4(s, mask.s_addr);
3257
3258 /* Set Hello Interval. */
3259 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3260 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3261 else
3262 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3263
3264 if (IS_DEBUG_OSPF_EVENT)
3265 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3266 IF_NAME(oi));
3267
3268 /* Set Options. */
3269 stream_putc(s, OPTIONS(oi));
3270
3271 /* Set Router Priority. */
3272 stream_putc(s, PRIORITY(oi));
3273
3274 /* Set Router Dead Interval. */
3275 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3276
3277 /* Set Designated Router. */
3278 stream_put_ipv4(s, DR(oi).s_addr);
3279
3280 p = stream_get_endp(s);
3281
3282 /* Set Backup Designated Router. */
3283 stream_put_ipv4(s, BDR(oi).s_addr);
3284
3285 /* Add neighbor seen. */
3286 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3287 if ((nbr = rn->info))
3288 if (nbr->router_id.s_addr
3289 != 0) /* Ignore 0.0.0.0 node. */
3290 if (nbr->state
3291 != NSM_Attempt) /* Ignore Down neighbor. */
3292 if (nbr->state
3293 != NSM_Down) /* This is myself for
3294 DR election. */
3295 if (!IPV4_ADDR_SAME(
3296 &nbr->router_id,
3297 &oi->ospf->router_id)) {
3298 /* Check neighbor is
3299 * sane? */
3300 if (nbr->d_router.s_addr
3301 != 0
3302 && IPV4_ADDR_SAME(
3303 &nbr->d_router,
3304 &oi->address
3305 ->u
3306 .prefix4)
3307 && IPV4_ADDR_SAME(
3308 &nbr->bd_router,
3309 &oi->address
3310 ->u
3311 .prefix4))
3312 flag = 1;
3313
3314 stream_put_ipv4(
3315 s,
3316 nbr->router_id
3317 .s_addr);
3318 length += 4;
3319 }
3320
3321 /* Let neighbor generate BackupSeen. */
3322 if (flag == 1)
3323 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3324
3325 return length;
3326 }
3327
3328 static int ospf_make_db_desc(struct ospf_interface *oi,
3329 struct ospf_neighbor *nbr, struct stream *s)
3330 {
3331 struct ospf_lsa *lsa;
3332 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3333 uint8_t options;
3334 unsigned long pp;
3335 int i;
3336 struct ospf_lsdb *lsdb;
3337
3338 /* Set Interface MTU. */
3339 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3340 stream_putw(s, 0);
3341 else
3342 stream_putw(s, oi->ifp->mtu);
3343
3344 /* Set Options. */
3345 options = OPTIONS(oi);
3346 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3347 SET_FLAG(options, OSPF_OPTION_O);
3348 stream_putc(s, options);
3349
3350 /* DD flags */
3351 pp = stream_get_endp(s);
3352 stream_putc(s, nbr->dd_flags);
3353
3354 /* Set DD Sequence Number. */
3355 stream_putl(s, nbr->dd_seqnum);
3356
3357 /* shortcut unneeded walk of (empty) summary LSDBs */
3358 if (ospf_db_summary_isempty(nbr))
3359 goto empty;
3360
3361 /* Describe LSA Header from Database Summary List. */
3362 lsdb = &nbr->db_sum;
3363
3364 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3365 struct route_table *table = lsdb->type[i].db;
3366 struct route_node *rn;
3367
3368 for (rn = route_top(table); rn; rn = route_next(rn))
3369 if ((lsa = rn->info) != NULL) {
3370 if (IS_OPAQUE_LSA(lsa->data->type)
3371 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3372 /* Suppress advertising
3373 * opaque-informations. */
3374 /* Remove LSA from DB summary list. */
3375 ospf_lsdb_delete(lsdb, lsa);
3376 continue;
3377 }
3378
3379 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3380 struct lsa_header *lsah;
3381 uint16_t ls_age;
3382
3383 /* DD packet overflows interface MTU. */
3384 if (length + OSPF_LSA_HEADER_SIZE
3385 > ospf_packet_max(oi))
3386 break;
3387
3388 /* Keep pointer to LS age. */
3389 lsah = (struct lsa_header
3390 *)(STREAM_DATA(s)
3391 + stream_get_endp(
3392 s));
3393
3394 /* Proceed stream pointer. */
3395 stream_put(s, lsa->data,
3396 OSPF_LSA_HEADER_SIZE);
3397 length += OSPF_LSA_HEADER_SIZE;
3398
3399 /* Set LS age. */
3400 ls_age = LS_AGE(lsa);
3401 lsah->ls_age = htons(ls_age);
3402 }
3403
3404 /* Remove LSA from DB summary list. */
3405 ospf_lsdb_delete(lsdb, lsa);
3406 }
3407 }
3408
3409 /* Update 'More' bit */
3410 if (ospf_db_summary_isempty(nbr)) {
3411 empty:
3412 if (nbr->state >= NSM_Exchange) {
3413 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3414 /* Rewrite DD flags */
3415 stream_putc_at(s, pp, nbr->dd_flags);
3416 } else {
3417 assert(IS_SET_DD_M(nbr->dd_flags));
3418 }
3419 }
3420 return length;
3421 }
3422
3423 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3424 unsigned long delta, struct ospf_neighbor *nbr,
3425 struct ospf_lsa *lsa)
3426 {
3427 struct ospf_interface *oi;
3428
3429 oi = nbr->oi;
3430
3431 /* LS Request packet overflows interface MTU. */
3432 if (*length + delta > ospf_packet_max(oi))
3433 return 0;
3434
3435 stream_putl(s, lsa->data->type);
3436 stream_put_ipv4(s, lsa->data->id.s_addr);
3437 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3438
3439 ospf_lsa_unlock(&nbr->ls_req_last);
3440 nbr->ls_req_last = ospf_lsa_lock(lsa);
3441
3442 *length += 12;
3443 return 1;
3444 }
3445
3446 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3447 {
3448 struct ospf_lsa *lsa;
3449 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3450 unsigned long delta = stream_get_endp(s) + 12;
3451 struct route_table *table;
3452 struct route_node *rn;
3453 int i;
3454 struct ospf_lsdb *lsdb;
3455
3456 lsdb = &nbr->ls_req;
3457
3458 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3459 table = lsdb->type[i].db;
3460 for (rn = route_top(table); rn; rn = route_next(rn))
3461 if ((lsa = (rn->info)) != NULL)
3462 if (ospf_make_ls_req_func(s, &length, delta,
3463 nbr, lsa)
3464 == 0) {
3465 route_unlock_node(rn);
3466 break;
3467 }
3468 }
3469 return length;
3470 }
3471
3472 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3473 {
3474 int age;
3475
3476 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3477
3478 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3479 }
3480
3481 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3482 struct stream *s)
3483 {
3484 struct ospf_lsa *lsa;
3485 struct listnode *node;
3486 uint16_t length = 0;
3487 unsigned int size_noauth;
3488 unsigned long delta = stream_get_endp(s);
3489 unsigned long pp;
3490 int count = 0;
3491
3492 if (IS_DEBUG_OSPF_EVENT)
3493 zlog_debug("ospf_make_ls_upd: Start");
3494
3495 pp = stream_get_endp(s);
3496 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3497 length += OSPF_LS_UPD_MIN_SIZE;
3498
3499 /* Calculate amount of packet usable for data. */
3500 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3501
3502 while ((node = listhead(update)) != NULL) {
3503 struct lsa_header *lsah;
3504 uint16_t ls_age;
3505
3506 if (IS_DEBUG_OSPF_EVENT)
3507 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3508 count);
3509
3510 lsa = listgetdata(node);
3511
3512 assert(lsa->data);
3513
3514 /* Will it fit? */
3515 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3516 break;
3517
3518 /* Keep pointer to LS age. */
3519 lsah = (struct lsa_header *)(STREAM_DATA(s)
3520 + stream_get_endp(s));
3521
3522 /* Put LSA to Link State Request. */
3523 stream_put(s, lsa->data, ntohs(lsa->data->length));
3524
3525 /* Set LS age. */
3526 /* each hop must increment an lsa_age by transmit_delay
3527 of OSPF interface */
3528 ls_age = ls_age_increment(lsa,
3529 OSPF_IF_PARAM(oi, transmit_delay));
3530 lsah->ls_age = htons(ls_age);
3531
3532 length += ntohs(lsa->data->length);
3533 count++;
3534
3535 list_delete_node(update, node);
3536 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3537 }
3538
3539 /* Now set #LSAs. */
3540 stream_putl_at(s, pp, count);
3541
3542 if (IS_DEBUG_OSPF_EVENT)
3543 zlog_debug("ospf_make_ls_upd: Stop");
3544 return length;
3545 }
3546
3547 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3548 struct stream *s)
3549 {
3550 struct listnode *node, *nnode;
3551 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3552 unsigned long delta = stream_get_endp(s) + 24;
3553 struct ospf_lsa *lsa;
3554
3555 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3556 assert(lsa);
3557
3558 if (length + delta > ospf_packet_max(oi))
3559 break;
3560
3561 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3562 length += OSPF_LSA_HEADER_SIZE;
3563
3564 listnode_delete(ack, lsa);
3565 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3566 }
3567
3568 return length;
3569 }
3570
3571 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3572 {
3573 struct ospf_packet *op;
3574 uint16_t length = OSPF_HEADER_SIZE;
3575
3576 op = ospf_packet_new(oi->ifp->mtu);
3577
3578 /* Prepare OSPF common header. */
3579 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3580
3581 /* Prepare OSPF Hello body. */
3582 length += ospf_make_hello(oi, op->s);
3583
3584 /* Fill OSPF header. */
3585 ospf_fill_header(oi, op->s, length);
3586
3587 /* Set packet length. */
3588 op->length = length;
3589
3590 op->dst.s_addr = addr;
3591
3592 if (IS_DEBUG_OSPF_EVENT) {
3593 if (oi->ospf->vrf_id)
3594 zlog_debug(
3595 "%s: Hello Tx interface %s ospf vrf %s id %u",
3596 __PRETTY_FUNCTION__, oi->ifp->name,
3597 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3598 oi->ospf->vrf_id);
3599 }
3600 /* Add packet to the top of the interface output queue, so that they
3601 * can't get delayed by things like long queues of LS Update packets
3602 */
3603 ospf_packet_add_top(oi, op);
3604
3605 /* Hook thread to write packet. */
3606 OSPF_ISM_WRITE_ON(oi->ospf);
3607 }
3608
3609 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3610 {
3611 struct ospf_interface *oi;
3612
3613 oi = nbr_nbma->oi;
3614 assert(oi);
3615
3616 /* If this is passive interface, do not send OSPF Hello. */
3617 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3618 return;
3619
3620 if (oi->type != OSPF_IFTYPE_NBMA)
3621 return;
3622
3623 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3624 return;
3625
3626 if (PRIORITY(oi) == 0)
3627 return;
3628
3629 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3630 && oi->state != ISM_Backup)
3631 return;
3632
3633 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3634 }
3635
3636 int ospf_poll_timer(struct thread *thread)
3637 {
3638 struct ospf_nbr_nbma *nbr_nbma;
3639
3640 nbr_nbma = THREAD_ARG(thread);
3641 nbr_nbma->t_poll = NULL;
3642
3643 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3644 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3645 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3646
3647 ospf_poll_send(nbr_nbma);
3648
3649 if (nbr_nbma->v_poll > 0)
3650 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3651 nbr_nbma->v_poll);
3652
3653 return 0;
3654 }
3655
3656
3657 int ospf_hello_reply_timer(struct thread *thread)
3658 {
3659 struct ospf_neighbor *nbr;
3660
3661 nbr = THREAD_ARG(thread);
3662 nbr->t_hello_reply = NULL;
3663
3664 assert(nbr->oi);
3665
3666 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3667 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3668 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3669
3670 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3671
3672 return 0;
3673 }
3674
3675 /* Send OSPF Hello. */
3676 void ospf_hello_send(struct ospf_interface *oi)
3677 {
3678 /* If this is passive interface, do not send OSPF Hello. */
3679 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3680 return;
3681
3682 if (oi->type == OSPF_IFTYPE_NBMA) {
3683 struct ospf_neighbor *nbr;
3684 struct route_node *rn;
3685
3686 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3687 if ((nbr = rn->info))
3688 if (nbr != oi->nbr_self)
3689 if (nbr->state != NSM_Down) {
3690 /* RFC 2328 Section 9.5.1
3691 If the router is not
3692 eligible to become Designated
3693 Router,
3694 it must periodically send
3695 Hello Packets to both the
3696 Designated Router and the
3697 Backup Designated Router (if
3698 they
3699 exist). */
3700 if (PRIORITY(oi) == 0
3701 && IPV4_ADDR_CMP(
3702 &DR(oi),
3703 &nbr->address.u
3704 .prefix4)
3705 && IPV4_ADDR_CMP(
3706 &BDR(oi),
3707 &nbr->address.u
3708 .prefix4))
3709 continue;
3710
3711 /* If the router is eligible to
3712 become Designated Router, it
3713 must periodically send Hello
3714 Packets to all neighbors that
3715 are also eligible. In
3716 addition, if the router is
3717 itself the
3718 Designated Router or Backup
3719 Designated Router, it must
3720 also
3721 send periodic Hello Packets
3722 to all other neighbors. */
3723
3724 if (nbr->priority == 0
3725 && oi->state == ISM_DROther)
3726 continue;
3727 /* if oi->state == Waiting, send
3728 * hello to all neighbors */
3729 ospf_hello_send_sub(
3730 oi,
3731 nbr->address.u.prefix4
3732 .s_addr);
3733 }
3734 } else {
3735 /* Decide destination address. */
3736 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3737 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3738 else
3739 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3740 }
3741 }
3742
3743 /* Send OSPF Database Description. */
3744 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3745 {
3746 struct ospf_interface *oi;
3747 struct ospf_packet *op;
3748 uint16_t length = OSPF_HEADER_SIZE;
3749
3750 oi = nbr->oi;
3751 op = ospf_packet_new(oi->ifp->mtu);
3752
3753 /* Prepare OSPF common header. */
3754 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3755
3756 /* Prepare OSPF Database Description body. */
3757 length += ospf_make_db_desc(oi, nbr, op->s);
3758
3759 /* Fill OSPF header. */
3760 ospf_fill_header(oi, op->s, length);
3761
3762 /* Set packet length. */
3763 op->length = length;
3764
3765 /* Decide destination address. */
3766 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3767 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3768 else
3769 op->dst = nbr->address.u.prefix4;
3770
3771 /* Add packet to the interface output queue. */
3772 ospf_packet_add(oi, op);
3773
3774 /* Hook thread to write packet. */
3775 OSPF_ISM_WRITE_ON(oi->ospf);
3776
3777 /* Remove old DD packet, then copy new one and keep in neighbor
3778 * structure. */
3779 if (nbr->last_send)
3780 ospf_packet_free(nbr->last_send);
3781 nbr->last_send = ospf_packet_dup(op);
3782 monotime(&nbr->last_send_ts);
3783 }
3784
3785 /* Re-send Database Description. */
3786 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3787 {
3788 struct ospf_interface *oi;
3789
3790 oi = nbr->oi;
3791
3792 /* Add packet to the interface output queue. */
3793 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3794
3795 /* Hook thread to write packet. */
3796 OSPF_ISM_WRITE_ON(oi->ospf);
3797 }
3798
3799 /* Send Link State Request. */
3800 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3801 {
3802 struct ospf_interface *oi;
3803 struct ospf_packet *op;
3804 uint16_t length = OSPF_HEADER_SIZE;
3805
3806 oi = nbr->oi;
3807 op = ospf_packet_new(oi->ifp->mtu);
3808
3809 /* Prepare OSPF common header. */
3810 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3811
3812 /* Prepare OSPF Link State Request body. */
3813 length += ospf_make_ls_req(nbr, op->s);
3814 if (length == OSPF_HEADER_SIZE) {
3815 ospf_packet_free(op);
3816 return;
3817 }
3818
3819 /* Fill OSPF header. */
3820 ospf_fill_header(oi, op->s, length);
3821
3822 /* Set packet length. */
3823 op->length = length;
3824
3825 /* Decide destination address. */
3826 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3827 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3828 else
3829 op->dst = nbr->address.u.prefix4;
3830
3831 /* Add packet to the interface output queue. */
3832 ospf_packet_add(oi, op);
3833
3834 /* Hook thread to write packet. */
3835 OSPF_ISM_WRITE_ON(oi->ospf);
3836
3837 /* Add Link State Request Retransmission Timer. */
3838 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3839 }
3840
3841 /* Send Link State Update with an LSA. */
3842 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3843 int flag)
3844 {
3845 struct list *update;
3846
3847 update = list_new();
3848
3849 listnode_add(update, lsa);
3850
3851 /*ospf instance is going down, send self originated
3852 * MAXAGE LSA update to neighbors to remove from LSDB */
3853 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3854 ospf_ls_upd_send(nbr, update, flag, 1);
3855 else
3856 ospf_ls_upd_send(nbr, update, flag, 0);
3857
3858 list_delete_and_null(&update);
3859 }
3860
3861 /* Determine size for packet. Must be at least big enough to accomodate next
3862 * LSA on list, which may be bigger than MTU size.
3863 *
3864 * Return pointer to new ospf_packet
3865 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3866 * on packet sizes (in which case offending LSA is deleted from update list)
3867 */
3868 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3869 struct ospf_interface *oi)
3870 {
3871 struct ospf_lsa *lsa;
3872 struct listnode *ln;
3873 size_t size;
3874 static char warned = 0;
3875
3876 lsa = listgetdata((ln = listhead(update)));
3877 assert(lsa->data);
3878
3879 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3880 > ospf_packet_max(oi)) {
3881 if (!warned) {
3882 flog_warn(
3883 EC_OSPF_LARGE_LSA,
3884 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3885 "will need to fragment. Not optimal. Try divide up"
3886 " your network with areas. Use 'debug ospf packet send'"
3887 " to see details, or look at 'show ip ospf database ..'");
3888 warned = 1;
3889 }
3890
3891 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3892 zlog_debug(
3893 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3894 " %d bytes originated by %s, will be fragmented!",
3895 inet_ntoa(lsa->data->id),
3896 ntohs(lsa->data->length),
3897 inet_ntoa(lsa->data->adv_router));
3898
3899 /*
3900 * Allocate just enough to fit this LSA only, to avoid including
3901 * other
3902 * LSAs in fragmented LSA Updates.
3903 */
3904 size = ntohs(lsa->data->length)
3905 + (oi->ifp->mtu - ospf_packet_max(oi))
3906 + OSPF_LS_UPD_MIN_SIZE;
3907 } else
3908 size = oi->ifp->mtu;
3909
3910 if (size > OSPF_MAX_PACKET_SIZE) {
3911 flog_warn(EC_OSPF_LARGE_LSA,
3912 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3913 " %d bytes, packet size %ld, dropping it completely."
3914 " OSPF routing is broken!",
3915 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3916 (long int)size);
3917 list_delete_node(update, ln);
3918 return NULL;
3919 }
3920
3921 /* IP header is built up separately by ospf_write(). This means, that we
3922 * must
3923 * reduce the "affordable" size just calculated by length of an IP
3924 * header.
3925 * This makes sure, that even if we manage to fill the payload with LSA
3926 * data
3927 * completely, the final packet (our data plus IP header) still fits
3928 * into
3929 * outgoing interface MTU. This correction isn't really meaningful for
3930 * an
3931 * oversized LSA, but for consistency the correction is done for both
3932 * cases.
3933 *
3934 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3935 */
3936 return ospf_packet_new(size - sizeof(struct ip));
3937 }
3938
3939 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3940 struct list *update, struct in_addr addr,
3941 int send_lsupd_now)
3942 {
3943 struct ospf_packet *op;
3944 uint16_t length = OSPF_HEADER_SIZE;
3945
3946 if (IS_DEBUG_OSPF_EVENT)
3947 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3948 IF_NAME(oi), inet_ntoa(addr));
3949
3950 /* Check that we have really something to process */
3951 if (listcount(update) == 0)
3952 return;
3953
3954 op = ospf_ls_upd_packet_new(update, oi);
3955
3956 /* Prepare OSPF common header. */
3957 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3958
3959 /* Prepare OSPF Link State Update body.
3960 * Includes Type-7 translation.
3961 */
3962 length += ospf_make_ls_upd(oi, update, op->s);
3963
3964 /* Fill OSPF header. */
3965 ospf_fill_header(oi, op->s, length);
3966
3967 /* Set packet length. */
3968 op->length = length;
3969
3970 /* Decide destination address. */
3971 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3972 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3973 else
3974 op->dst.s_addr = addr.s_addr;
3975
3976 /* Add packet to the interface output queue. */
3977 ospf_packet_add(oi, op);
3978 /* Call ospf_write() right away to send ospf packets to neighbors */
3979 if (send_lsupd_now) {
3980 struct thread os_packet_thd;
3981
3982 os_packet_thd.arg = (void *)oi->ospf;
3983 if (oi->on_write_q == 0) {
3984 listnode_add(oi->ospf->oi_write_q, oi);
3985 oi->on_write_q = 1;
3986 }
3987 ospf_write(&os_packet_thd);
3988 } else {
3989 /* Hook thread to write packet. */
3990 OSPF_ISM_WRITE_ON(oi->ospf);
3991 }
3992 }
3993
3994 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3995 {
3996 struct ospf_interface *oi = THREAD_ARG(thread);
3997 struct route_node *rn;
3998 struct route_node *rnext;
3999 struct list *update;
4000 char again = 0;
4001
4002 oi->t_ls_upd_event = NULL;
4003
4004 if (IS_DEBUG_OSPF_EVENT)
4005 zlog_debug("ospf_ls_upd_send_queue start");
4006
4007 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4008 rnext = route_next(rn);
4009
4010 if (rn->info == NULL)
4011 continue;
4012
4013 update = (struct list *)rn->info;
4014
4015 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
4016
4017 /* list might not be empty. */
4018 if (listcount(update) == 0) {
4019 list_delete_and_null((struct list **)&rn->info);
4020 route_unlock_node(rn);
4021 } else
4022 again = 1;
4023 }
4024
4025 if (again != 0) {
4026 if (IS_DEBUG_OSPF_EVENT)
4027 zlog_debug(
4028 "ospf_ls_upd_send_queue: update lists not cleared,"
4029 " %d nodes to try again, raising new event",
4030 again);
4031 oi->t_ls_upd_event = NULL;
4032 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4033 &oi->t_ls_upd_event);
4034 }
4035
4036 if (IS_DEBUG_OSPF_EVENT)
4037 zlog_debug("ospf_ls_upd_send_queue stop");
4038
4039 return 0;
4040 }
4041
4042 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4043 int send_lsupd_now)
4044 {
4045 struct ospf_interface *oi;
4046 struct ospf_lsa *lsa;
4047 struct prefix_ipv4 p;
4048 struct route_node *rn;
4049 struct listnode *node;
4050
4051 oi = nbr->oi;
4052
4053 p.family = AF_INET;
4054 p.prefixlen = IPV4_MAX_BITLEN;
4055
4056 /* Decide destination address. */
4057 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4058 p.prefix = oi->vl_data->peer_addr;
4059 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4060 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4061 else if (flag == OSPF_SEND_PACKET_DIRECT)
4062 p.prefix = nbr->address.u.prefix4;
4063 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4064 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4065 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4066 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4067 else
4068 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4069
4070 if (oi->type == OSPF_IFTYPE_NBMA) {
4071 if (flag == OSPF_SEND_PACKET_INDIRECT)
4072 flog_warn(
4073 EC_OSPF_PACKET,
4074 "* LS-Update is directly sent on NBMA network.");
4075 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4076 flog_warn(EC_OSPF_PACKET,
4077 "* LS-Update is sent to myself.");
4078 }
4079
4080 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4081
4082 if (rn->info == NULL)
4083 rn->info = list_new();
4084 else
4085 route_unlock_node(rn);
4086
4087 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4088 listnode_add(rn->info,
4089 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4090 if (send_lsupd_now) {
4091 struct list *send_update_list;
4092 struct route_node *rnext;
4093
4094 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4095 rnext = route_next(rn);
4096
4097 if (rn->info == NULL)
4098 continue;
4099
4100 send_update_list = (struct list *)rn->info;
4101
4102 ospf_ls_upd_queue_send(oi, send_update_list,
4103 rn->p.u.prefix4, 1);
4104 }
4105 } else
4106 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4107 &oi->t_ls_upd_event);
4108 }
4109
4110 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4111 struct in_addr dst)
4112 {
4113 struct ospf_packet *op;
4114 uint16_t length = OSPF_HEADER_SIZE;
4115
4116 op = ospf_packet_new(oi->ifp->mtu);
4117
4118 /* Prepare OSPF common header. */
4119 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4120
4121 /* Prepare OSPF Link State Acknowledgment body. */
4122 length += ospf_make_ls_ack(oi, ack, op->s);
4123
4124 /* Fill OSPF header. */
4125 ospf_fill_header(oi, op->s, length);
4126
4127 /* Set packet length. */
4128 op->length = length;
4129
4130 /* Decide destination address. */
4131 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4132 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4133 else
4134 op->dst.s_addr = dst.s_addr;
4135
4136 /* Add packet to the interface output queue. */
4137 ospf_packet_add(oi, op);
4138
4139 /* Hook thread to write packet. */
4140 OSPF_ISM_WRITE_ON(oi->ospf);
4141 }
4142
4143 static int ospf_ls_ack_send_event(struct thread *thread)
4144 {
4145 struct ospf_interface *oi = THREAD_ARG(thread);
4146
4147 oi->t_ls_ack_direct = NULL;
4148
4149 while (listcount(oi->ls_ack_direct.ls_ack))
4150 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4151 oi->ls_ack_direct.dst);
4152
4153 return 0;
4154 }
4155
4156 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4157 {
4158 struct ospf_interface *oi = nbr->oi;
4159
4160 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4161 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4162
4163 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4164
4165 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4166 &oi->t_ls_ack_direct);
4167 }
4168
4169 /* Send Link State Acknowledgment delayed. */
4170 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4171 {
4172 struct in_addr dst;
4173
4174 /* Decide destination address. */
4175 /* RFC2328 Section 13.5 On non-broadcast
4176 networks, delayed Link State Acknowledgment packets must be
4177 unicast separately over each adjacency (i.e., neighbor whose
4178 state is >= Exchange). */
4179 if (oi->type == OSPF_IFTYPE_NBMA) {
4180 struct ospf_neighbor *nbr;
4181 struct route_node *rn;
4182
4183 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4184 if ((nbr = rn->info) != NULL)
4185 if (nbr != oi->nbr_self
4186 && nbr->state >= NSM_Exchange)
4187 while (listcount(oi->ls_ack))
4188 ospf_ls_ack_send_list(
4189 oi, oi->ls_ack,
4190 nbr->address.u.prefix4);
4191 return;
4192 }
4193 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4194 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4195 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4196 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4197 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4198 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4199 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4200 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4201 else
4202 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4203
4204 while (listcount(oi->ls_ack))
4205 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4206 }
4207
4208 /*
4209 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4210 * address. As a result, the kernel does not need to learn the interface
4211 * MAC of the OSPF neighbor. However, in our world, this will delay
4212 * convergence. Take the case when due to a link flap, all routes now
4213 * want to use an interface which was deemed to be costlier prior to this
4214 * event. For routes that will be installed, the missing MAC will have
4215 * punt-to-CPU set on them. This may overload the CPU control path that
4216 * can be avoided if the MAC was known apriori.
4217 */
4218 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4219 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4220 {
4221 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4222 int ret;
4223
4224 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4225 return;
4226
4227 snprintf(ping_nbr, sizeof(ping_nbr),
4228 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4229 inet_ntoa(nbr->address.u.prefix4));
4230
4231 ret = system(ping_nbr);
4232 if (IS_DEBUG_OSPF_EVENT)
4233 zlog_debug("Executed %s %s", ping_nbr,
4234 ((ret == 0) ? "successfully" : "but failed"));
4235 }
FRRouting mirror