]> git.proxmox.com Git - mirror_frr.git/blob - ospfd/ospf_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2810 from chiragshah6/evpn_dev1
[mirror_frr.git] / ospfd / ospf_packet.c
1 /*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "monotime.h"
25 #include "thread.h"
26 #include "memory.h"
27 #include "linklist.h"
28 #include "prefix.h"
29 #include "if.h"
30 #include "table.h"
31 #include "sockunion.h"
32 #include "stream.h"
33 #include "log.h"
34 #include "sockopt.h"
35 #include "checksum.h"
36 #include "md5.h"
37 #include "vrf.h"
38 #include "ospf_errors.h"
39
40 #include "ospfd/ospfd.h"
41 #include "ospfd/ospf_network.h"
42 #include "ospfd/ospf_interface.h"
43 #include "ospfd/ospf_ism.h"
44 #include "ospfd/ospf_asbr.h"
45 #include "ospfd/ospf_lsa.h"
46 #include "ospfd/ospf_lsdb.h"
47 #include "ospfd/ospf_neighbor.h"
48 #include "ospfd/ospf_nsm.h"
49 #include "ospfd/ospf_packet.h"
50 #include "ospfd/ospf_spf.h"
51 #include "ospfd/ospf_flood.h"
52 #include "ospfd/ospf_dump.h"
53
54 /*
55 * OSPF Fragmentation / fragmented writes
56 *
57 * ospfd can support writing fragmented packets, for cases where
58 * kernel will not fragment IP_HDRINCL and/or multicast destined
59 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
60 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
61 * flags fields, hence user-space fragmentation will not work.
62 * Only Linux is known to leave IP header unmolested.
63 * Further, fragmentation really should be done the kernel, which already
64 * supports it, and which avoids nasty IP ID state problems.
65 *
66 * Fragmentation of OSPF packets can be required on networks with router
67 * with many many interfaces active in one area, or on networks with links
68 * with low MTUs.
69 */
70 #ifdef GNU_LINUX
71 #define WANT_OSPF_WRITE_FRAGMENT
72 #endif
73
74 /* Packet Type String. */
75 const struct message ospf_packet_type_str[] = {
76 {OSPF_MSG_HELLO, "Hello"},
77 {OSPF_MSG_DB_DESC, "Database Description"},
78 {OSPF_MSG_LS_REQ, "Link State Request"},
79 {OSPF_MSG_LS_UPD, "Link State Update"},
80 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
81 {0}};
82
83 /* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
84 particular types, offset is the "type" field of a packet. */
85 static const uint16_t ospf_packet_minlen[] = {
86 0,
87 OSPF_HELLO_MIN_SIZE,
88 OSPF_DB_DESC_MIN_SIZE,
89 OSPF_LS_REQ_MIN_SIZE,
90 OSPF_LS_UPD_MIN_SIZE,
91 OSPF_LS_ACK_MIN_SIZE,
92 };
93
94 /* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
95 types, offset is the "LSA type" field. */
96 static const uint16_t ospf_lsa_minlen[] = {
97 0,
98 OSPF_ROUTER_LSA_MIN_SIZE,
99 OSPF_NETWORK_LSA_MIN_SIZE,
100 OSPF_SUMMARY_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
103 0,
104 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
105 0,
106 0,
107 0,
108 0,
109 };
110
111 /* for ospf_check_auth() */
112 static int ospf_check_sum(struct ospf_header *);
113
114 /* OSPF authentication checking function */
115 static int ospf_auth_type(struct ospf_interface *oi)
116 {
117 int auth_type;
118
119 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
120 auth_type = oi->area->auth_type;
121 else
122 auth_type = OSPF_IF_PARAM(oi, auth_type);
123
124 /* Handle case where MD5 key list is not configured aka Cisco */
125 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
126 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
127 return OSPF_AUTH_NULL;
128
129 return auth_type;
130 }
131
132 struct ospf_packet *ospf_packet_new(size_t size)
133 {
134 struct ospf_packet *new;
135
136 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
137 new->s = stream_new(size);
138
139 return new;
140 }
141
142 void ospf_packet_free(struct ospf_packet *op)
143 {
144 if (op->s)
145 stream_free(op->s);
146
147 XFREE(MTYPE_OSPF_PACKET, op);
148 }
149
150 struct ospf_fifo *ospf_fifo_new()
151 {
152 struct ospf_fifo *new;
153
154 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
155 return new;
156 }
157
158 /* Add new packet to fifo. */
159 void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
160 {
161 if (fifo->tail)
162 fifo->tail->next = op;
163 else
164 fifo->head = op;
165
166 fifo->tail = op;
167
168 fifo->count++;
169 }
170
171 /* Add new packet to head of fifo. */
172 static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
173 {
174 op->next = fifo->head;
175
176 if (fifo->tail == NULL)
177 fifo->tail = op;
178
179 fifo->head = op;
180
181 fifo->count++;
182 }
183
184 /* Delete first packet from fifo. */
185 struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
186 {
187 struct ospf_packet *op;
188
189 op = fifo->head;
190
191 if (op) {
192 fifo->head = op->next;
193
194 if (fifo->head == NULL)
195 fifo->tail = NULL;
196
197 fifo->count--;
198 }
199
200 return op;
201 }
202
203 /* Return first fifo entry. */
204 struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
205 {
206 return fifo->head;
207 }
208
209 /* Flush ospf packet fifo. */
210 void ospf_fifo_flush(struct ospf_fifo *fifo)
211 {
212 struct ospf_packet *op;
213 struct ospf_packet *next;
214
215 for (op = fifo->head; op; op = next) {
216 next = op->next;
217 ospf_packet_free(op);
218 }
219 fifo->head = fifo->tail = NULL;
220 fifo->count = 0;
221 }
222
223 /* Free ospf packet fifo. */
224 void ospf_fifo_free(struct ospf_fifo *fifo)
225 {
226 ospf_fifo_flush(fifo);
227
228 XFREE(MTYPE_OSPF_FIFO, fifo);
229 }
230
231 void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
232 {
233 if (!oi->obuf) {
234 flog_err(
235 OSPF_ERR_PKT_PROCESS,
236 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
237 "destination %s) called with NULL obuf, ignoring "
238 "(please report this bug)!\n",
239 IF_NAME(oi), oi->state,
240 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
241 lookup_msg(ospf_packet_type_str,
242 stream_getc_from(op->s, 1), NULL),
243 inet_ntoa(op->dst));
244 return;
245 }
246
247 /* Add packet to end of queue. */
248 ospf_fifo_push(oi->obuf, op);
249
250 /* Debug of packet fifo*/
251 /* ospf_fifo_debug (oi->obuf); */
252 }
253
254 static void ospf_packet_add_top(struct ospf_interface *oi,
255 struct ospf_packet *op)
256 {
257 if (!oi->obuf) {
258 flog_err(
259 OSPF_ERR_PKT_PROCESS,
260 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
261 "destination %s) called with NULL obuf, ignoring "
262 "(please report this bug)!\n",
263 IF_NAME(oi), oi->state,
264 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
265 lookup_msg(ospf_packet_type_str,
266 stream_getc_from(op->s, 1), NULL),
267 inet_ntoa(op->dst));
268 return;
269 }
270
271 /* Add packet to head of queue. */
272 ospf_fifo_push_head(oi->obuf, op);
273
274 /* Debug of packet fifo*/
275 /* ospf_fifo_debug (oi->obuf); */
276 }
277
278 void ospf_packet_delete(struct ospf_interface *oi)
279 {
280 struct ospf_packet *op;
281
282 op = ospf_fifo_pop(oi->obuf);
283
284 if (op)
285 ospf_packet_free(op);
286 }
287
288 struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
289 {
290 struct ospf_packet *new;
291
292 if (stream_get_endp(op->s) != op->length)
293 /* XXX size_t */
294 zlog_warn(
295 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
296 (unsigned long)STREAM_SIZE(op->s), op->length);
297
298 /* Reserve space for MD5 authentication that may be added later. */
299 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
300 stream_copy(new->s, op->s);
301
302 new->dst = op->dst;
303 new->length = op->length;
304
305 return new;
306 }
307
308 /* XXX inline */
309 static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
310 {
311 int auth = 0;
312
313 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
314 auth = OSPF_AUTH_MD5_SIZE;
315
316 return auth;
317 }
318
319 static unsigned int ospf_packet_max(struct ospf_interface *oi)
320 {
321 int max;
322
323 max = oi->ifp->mtu - ospf_packet_authspace(oi);
324
325 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
326
327 return max;
328 }
329
330
331 static int ospf_check_md5_digest(struct ospf_interface *oi,
332 struct ospf_header *ospfh)
333 {
334 MD5_CTX ctx;
335 unsigned char digest[OSPF_AUTH_MD5_SIZE];
336 struct crypt_key *ck;
337 struct ospf_neighbor *nbr;
338 uint16_t length = ntohs(ospfh->length);
339
340 /* Get secret key. */
341 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
342 ospfh->u.crypt.key_id);
343 if (ck == NULL) {
344 zlog_warn("interface %s: ospf_check_md5 no key %d", IF_NAME(oi),
345 ospfh->u.crypt.key_id);
346 return 0;
347 }
348
349 /* check crypto seqnum. */
350 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
351
352 if (nbr
353 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
354 zlog_warn(
355 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
356 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
357 ntohl(nbr->crypt_seqnum));
358 return 0;
359 }
360
361 /* Generate a digest for the ospf packet - their digest + our digest. */
362 memset(&ctx, 0, sizeof(ctx));
363 MD5Init(&ctx);
364 MD5Update(&ctx, ospfh, length);
365 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
366 MD5Final(digest, &ctx);
367
368 /* compare the two */
369 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
370 zlog_warn("interface %s: ospf_check_md5 checksum mismatch",
371 IF_NAME(oi));
372 return 0;
373 }
374
375 /* save neighbor's crypt_seqnum */
376 if (nbr)
377 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
378 return 1;
379 }
380
381 /* This function is called from ospf_write(), it will detect the
382 authentication scheme and if it is MD5, it will change the sequence
383 and update the MD5 digest. */
384 static int ospf_make_md5_digest(struct ospf_interface *oi,
385 struct ospf_packet *op)
386 {
387 struct ospf_header *ospfh;
388 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
389 MD5_CTX ctx;
390 void *ibuf;
391 uint32_t t;
392 struct crypt_key *ck;
393 const uint8_t *auth_key;
394
395 ibuf = STREAM_DATA(op->s);
396 ospfh = (struct ospf_header *)ibuf;
397
398 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
399 return 0;
400
401 /* We do this here so when we dup a packet, we don't have to
402 waste CPU rewriting other headers.
403
404 Note that quagga_time /deliberately/ is not used here */
405 t = (time(NULL) & 0xFFFFFFFF);
406 if (t > oi->crypt_seqnum)
407 oi->crypt_seqnum = t;
408 else
409 oi->crypt_seqnum++;
410
411 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
412
413 /* Get MD5 Authentication key from auth_key list. */
414 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
415 auth_key = (const uint8_t *)digest;
416 else {
417 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
418 auth_key = ck->auth_key;
419 }
420
421 /* Generate a digest for the entire packet + our secret key. */
422 memset(&ctx, 0, sizeof(ctx));
423 MD5Init(&ctx);
424 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
425 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
426 MD5Final(digest, &ctx);
427
428 /* Append md5 digest to the end of the stream. */
429 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
430
431 /* We do *NOT* increment the OSPF header length. */
432 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
433
434 if (stream_get_endp(op->s) != op->length)
435 /* XXX size_t */
436 zlog_warn(
437 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
438 (unsigned long)stream_get_endp(op->s), op->length);
439
440 return OSPF_AUTH_MD5_SIZE;
441 }
442
443
444 static int ospf_ls_req_timer(struct thread *thread)
445 {
446 struct ospf_neighbor *nbr;
447
448 nbr = THREAD_ARG(thread);
449 nbr->t_ls_req = NULL;
450
451 /* Send Link State Request. */
452 if (ospf_ls_request_count(nbr))
453 ospf_ls_req_send(nbr);
454
455 /* Set Link State Request retransmission timer. */
456 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
457
458 return 0;
459 }
460
461 void ospf_ls_req_event(struct ospf_neighbor *nbr)
462 {
463 if (nbr->t_ls_req) {
464 thread_cancel(nbr->t_ls_req);
465 nbr->t_ls_req = NULL;
466 }
467 nbr->t_ls_req = NULL;
468 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
469 }
470
471 /* Cyclic timer function. Fist registered in ospf_nbr_new () in
472 ospf_neighbor.c */
473 int ospf_ls_upd_timer(struct thread *thread)
474 {
475 struct ospf_neighbor *nbr;
476
477 nbr = THREAD_ARG(thread);
478 nbr->t_ls_upd = NULL;
479
480 /* Send Link State Update. */
481 if (ospf_ls_retransmit_count(nbr) > 0) {
482 struct list *update;
483 struct ospf_lsdb *lsdb;
484 int i;
485 int retransmit_interval;
486
487 retransmit_interval =
488 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
489
490 lsdb = &nbr->ls_rxmt;
491 update = list_new();
492
493 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
494 struct route_table *table = lsdb->type[i].db;
495 struct route_node *rn;
496
497 for (rn = route_top(table); rn; rn = route_next(rn)) {
498 struct ospf_lsa *lsa;
499
500 if ((lsa = rn->info) != NULL) {
501 /* Don't retransmit an LSA if we
502 received it within
503 the last RxmtInterval seconds - this
504 is to allow the
505 neighbour a chance to acknowledge the
506 LSA as it may
507 have ben just received before the
508 retransmit timer
509 fired. This is a small tweak to what
510 is in the RFC,
511 but it will cut out out a lot of
512 retransmit traffic
513 - MAG */
514 if (monotime_since(&lsa->tv_recv, NULL)
515 >= retransmit_interval * 1000000LL)
516 listnode_add(update, rn->info);
517 }
518 }
519 }
520
521 if (listcount(update) > 0)
522 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
523 0);
524 list_delete_and_null(&update);
525 }
526
527 /* Set LS Update retransmission timer. */
528 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
529
530 return 0;
531 }
532
533 int ospf_ls_ack_timer(struct thread *thread)
534 {
535 struct ospf_interface *oi;
536
537 oi = THREAD_ARG(thread);
538 oi->t_ls_ack = NULL;
539
540 /* Send Link State Acknowledgment. */
541 if (listcount(oi->ls_ack) > 0)
542 ospf_ls_ack_send_delayed(oi);
543
544 /* Set LS Ack timer. */
545 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
546
547 return 0;
548 }
549
550 #ifdef WANT_OSPF_WRITE_FRAGMENT
551 static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
552 struct msghdr *msg, unsigned int maxdatasize,
553 unsigned int mtu, int flags, uint8_t type)
554 {
555 #define OSPF_WRITE_FRAG_SHIFT 3
556 uint16_t offset;
557 struct iovec *iovp;
558 int ret;
559
560 assert(op->length == stream_get_endp(op->s));
561 assert(msg->msg_iovlen == 2);
562
563 /* we can but try.
564 *
565 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
566 * well as the IP_MF flag, making this all quite pointless.
567 *
568 * However, for a system on which IP_MF is left alone, and ip_id left
569 * alone or else which sets same ip_id for each fragment this might
570 * work, eg linux.
571 *
572 * XXX-TODO: It would be much nicer to have the kernel's use their
573 * existing fragmentation support to do this for us. Bugs/RFEs need to
574 * be raised against the various kernels.
575 */
576
577 /* set More Frag */
578 iph->ip_off |= IP_MF;
579
580 /* ip frag offset is expressed in units of 8byte words */
581 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
582
583 iovp = &msg->msg_iov[1];
584
585 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
586 > maxdatasize) {
587 /* data length of this frag is to next offset value */
588 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
589 iph->ip_len = iovp->iov_len + sizeof(struct ip);
590 assert(iph->ip_len <= mtu);
591
592 sockopt_iphdrincl_swab_htosys(iph);
593
594 ret = sendmsg(fd, msg, flags);
595
596 sockopt_iphdrincl_swab_systoh(iph);
597
598 if (ret < 0)
599 zlog_warn(
600 "*** ospf_write_frags: sendmsg failed to %s,"
601 " id %d, off %d, len %d, mtu %u failed with %s",
602 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
603 iph->ip_len, mtu, safe_strerror(errno));
604
605 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
606 zlog_debug(
607 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
608 iph->ip_id, iph->ip_off, iph->ip_len,
609 inet_ntoa(iph->ip_dst));
610 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
611 zlog_debug(
612 "-----------------IP Header Dump----------------------");
613 ospf_ip_header_dump(iph);
614 zlog_debug(
615 "-----------------------------------------------------");
616 }
617 }
618
619 iph->ip_off += offset;
620 stream_forward_getp(op->s, iovp->iov_len);
621 iovp->iov_base = stream_pnt(op->s);
622 }
623
624 /* setup for final fragment */
625 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
626 iph->ip_len = iovp->iov_len + sizeof(struct ip);
627 iph->ip_off &= (~IP_MF);
628 }
629 #endif /* WANT_OSPF_WRITE_FRAGMENT */
630
631 static int ospf_write(struct thread *thread)
632 {
633 struct ospf *ospf = THREAD_ARG(thread);
634 struct ospf_interface *oi;
635 struct ospf_interface *last_serviced_oi = NULL;
636 struct ospf_packet *op;
637 struct sockaddr_in sa_dst;
638 struct ip iph;
639 struct msghdr msg;
640 struct iovec iov[2];
641 uint8_t type;
642 int ret;
643 int flags = 0;
644 struct listnode *node;
645 #ifdef WANT_OSPF_WRITE_FRAGMENT
646 static uint16_t ipid = 0;
647 uint16_t maxdatasize;
648 #endif /* WANT_OSPF_WRITE_FRAGMENT */
649 #define OSPF_WRITE_IPHL_SHIFT 2
650 int pkt_count = 0;
651
652 #ifdef GNU_LINUX
653 unsigned char cmsgbuf[64] = {};
654 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
655 struct in_pktinfo *pi;
656 #endif
657
658 ospf->t_write = NULL;
659
660 node = listhead(ospf->oi_write_q);
661 assert(node);
662 oi = listgetdata(node);
663 assert(oi);
664
665 #ifdef WANT_OSPF_WRITE_FRAGMENT
666 /* seed ipid static with low order bits of time */
667 if (ipid == 0)
668 ipid = (time(NULL) & 0xffff);
669 #endif /* WANT_OSPF_WRITE_FRAGMENT */
670
671 while ((pkt_count < ospf->write_oi_count) && oi
672 && (last_serviced_oi != oi)) {
673 /* If there is only packet in the queue, the oi is removed from
674 write-q, so fix up the last interface that was serviced */
675 if (last_serviced_oi == NULL) {
676 last_serviced_oi = oi;
677 }
678 pkt_count++;
679 #ifdef WANT_OSPF_WRITE_FRAGMENT
680 /* convenience - max OSPF data per packet */
681 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
682 #endif /* WANT_OSPF_WRITE_FRAGMENT */
683 /* Get one packet from queue. */
684 op = ospf_fifo_head(oi->obuf);
685 assert(op);
686 assert(op->length >= OSPF_HEADER_SIZE);
687
688 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
689 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
690 ospf_if_ipmulticast(ospf, oi->address,
691 oi->ifp->ifindex);
692
693 /* Rewrite the md5 signature & update the seq */
694 ospf_make_md5_digest(oi, op);
695
696 /* Retrieve OSPF packet type. */
697 stream_set_getp(op->s, 1);
698 type = stream_getc(op->s);
699
700 /* reset get pointer */
701 stream_set_getp(op->s, 0);
702
703 memset(&iph, 0, sizeof(struct ip));
704 memset(&sa_dst, 0, sizeof(sa_dst));
705
706 sa_dst.sin_family = AF_INET;
707 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
708 sa_dst.sin_len = sizeof(sa_dst);
709 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
710 sa_dst.sin_addr = op->dst;
711 sa_dst.sin_port = htons(0);
712
713 /* Set DONTROUTE flag if dst is unicast. */
714 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
715 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
716 flags = MSG_DONTROUTE;
717
718 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
719 /* it'd be very strange for header to not be 4byte-word aligned
720 * but.. */
721 if (sizeof(struct ip)
722 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
723 iph.ip_hl++; /* we presume sizeof struct ip cant
724 overflow ip_hl.. */
725
726 iph.ip_v = IPVERSION;
727 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
728 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
729
730 #if defined(__DragonFly__)
731 /*
732 * DragonFly's raw socket expects ip_len/ip_off in network byte
733 * order.
734 */
735 iph.ip_len = htons(iph.ip_len);
736 #endif
737
738 #ifdef WANT_OSPF_WRITE_FRAGMENT
739 /* XXX-MT: not thread-safe at all..
740 * XXX: this presumes this is only programme sending OSPF
741 * packets
742 * otherwise, no guarantee ipid will be unique
743 */
744 iph.ip_id = ++ipid;
745 #endif /* WANT_OSPF_WRITE_FRAGMENT */
746
747 iph.ip_off = 0;
748 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
749 iph.ip_ttl = OSPF_VL_IP_TTL;
750 else
751 iph.ip_ttl = OSPF_IP_TTL;
752 iph.ip_p = IPPROTO_OSPFIGP;
753 iph.ip_sum = 0;
754 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
755 iph.ip_dst.s_addr = op->dst.s_addr;
756
757 memset(&msg, 0, sizeof(msg));
758 msg.msg_name = (caddr_t)&sa_dst;
759 msg.msg_namelen = sizeof(sa_dst);
760 msg.msg_iov = iov;
761 msg.msg_iovlen = 2;
762
763 iov[0].iov_base = (char *)&iph;
764 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
765 iov[1].iov_base = stream_pnt(op->s);
766 iov[1].iov_len = op->length;
767
768 #ifdef GNU_LINUX
769 msg.msg_control = (caddr_t)cm;
770 cm->cmsg_level = SOL_IP;
771 cm->cmsg_type = IP_PKTINFO;
772 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
773 pi = (struct in_pktinfo *)CMSG_DATA(cm);
774 pi->ipi_ifindex = oi->ifp->ifindex;
775
776 msg.msg_controllen = cm->cmsg_len;
777 #endif
778
779 /* Sadly we can not rely on kernels to fragment packets
780 * because of either IP_HDRINCL and/or multicast
781 * destination being set.
782 */
783
784 #ifdef WANT_OSPF_WRITE_FRAGMENT
785 if (op->length > maxdatasize)
786 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
787 oi->ifp->mtu, flags, type);
788 #endif /* WANT_OSPF_WRITE_FRAGMENT */
789
790 /* send final fragment (could be first) */
791 sockopt_iphdrincl_swab_htosys(&iph);
792 ret = sendmsg(ospf->fd, &msg, flags);
793 sockopt_iphdrincl_swab_systoh(&iph);
794 if (IS_DEBUG_OSPF_EVENT)
795 zlog_debug(
796 "ospf_write to %s, "
797 "id %d, off %d, len %d, interface %s, mtu %u:",
798 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
799 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
800
801 if (ret < 0)
802 zlog_warn(
803 "*** sendmsg in ospf_write failed to %s, "
804 "id %d, off %d, len %d, interface %s, mtu %u: %s",
805 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
806 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
807 safe_strerror(errno));
808
809 /* Show debug sending packet. */
810 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
811 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
812 zlog_debug(
813 "-----------------------------------------------------");
814 ospf_ip_header_dump(&iph);
815 stream_set_getp(op->s, 0);
816 ospf_packet_dump(op->s);
817 }
818
819 zlog_debug("%s sent to [%s] via [%s].",
820 lookup_msg(ospf_packet_type_str, type, NULL),
821 inet_ntoa(op->dst), IF_NAME(oi));
822
823 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
824 zlog_debug(
825 "-----------------------------------------------------");
826 }
827
828 switch (type) {
829 case OSPF_MSG_HELLO:
830 oi->hello_out++;
831 break;
832 case OSPF_MSG_DB_DESC:
833 oi->db_desc_out++;
834 break;
835 case OSPF_MSG_LS_REQ:
836 oi->ls_req_out++;
837 break;
838 case OSPF_MSG_LS_UPD:
839 oi->ls_upd_out++;
840 break;
841 case OSPF_MSG_LS_ACK:
842 oi->ls_ack_out++;
843 break;
844 default:
845 break;
846 }
847
848 /* Now delete packet from queue. */
849 ospf_packet_delete(oi);
850
851 /* Move this interface to the tail of write_q to
852 serve everyone in a round robin fashion */
853 list_delete_node(ospf->oi_write_q, node);
854 if (ospf_fifo_head(oi->obuf) == NULL) {
855 oi->on_write_q = 0;
856 last_serviced_oi = NULL;
857 oi = NULL;
858 } else {
859 listnode_add(ospf->oi_write_q, oi);
860 }
861
862 /* Setup to service from the head of the queue again */
863 if (!list_isempty(ospf->oi_write_q)) {
864 node = listhead(ospf->oi_write_q);
865 assert(node);
866 oi = listgetdata(node);
867 assert(oi);
868 }
869 }
870
871 /* If packets still remain in queue, call write thread. */
872 if (!list_isempty(ospf->oi_write_q)) {
873 ospf->t_write = NULL;
874 thread_add_write(master, ospf_write, ospf, ospf->fd,
875 &ospf->t_write);
876 }
877
878 return 0;
879 }
880
881 /* OSPF Hello message read -- RFC2328 Section 10.5. */
882 static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
883 struct stream *s, struct ospf_interface *oi, int size)
884 {
885 struct ospf_hello *hello;
886 struct ospf_neighbor *nbr;
887 int old_state;
888 struct prefix p;
889
890 /* increment statistics. */
891 oi->hello_in++;
892
893 hello = (struct ospf_hello *)stream_pnt(s);
894
895 /* If Hello is myself, silently discard. */
896 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
897 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
898 zlog_debug(
899 "ospf_header[%s/%s]: selforiginated, "
900 "dropping.",
901 lookup_msg(ospf_packet_type_str, ospfh->type,
902 NULL),
903 inet_ntoa(iph->ip_src));
904 }
905 return;
906 }
907
908 /* get neighbor prefix. */
909 p.family = AF_INET;
910 p.prefixlen = ip_masklen(hello->network_mask);
911 p.u.prefix4 = iph->ip_src;
912
913 /* Compare network mask. */
914 /* Checking is ignored for Point-to-Point and Virtual link. */
915 if (oi->type != OSPF_IFTYPE_POINTOPOINT
916 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
917 if (oi->address->prefixlen != p.prefixlen) {
918 zlog_warn(
919 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
920 inet_ntoa(ospfh->router_id), IF_NAME(oi),
921 (int)oi->address->prefixlen, (int)p.prefixlen);
922 return;
923 }
924
925 /* Compare Router Dead Interval. */
926 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
927 zlog_warn(
928 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
929 "(expected %u, but received %u).",
930 inet_ntoa(ospfh->router_id), OSPF_IF_PARAM(oi, v_wait),
931 ntohl(hello->dead_interval));
932 return;
933 }
934
935 /* Compare Hello Interval - ignored if fast-hellos are set. */
936 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
937 if (OSPF_IF_PARAM(oi, v_hello)
938 != ntohs(hello->hello_interval)) {
939 zlog_warn(
940 "Packet %s [Hello:RECV]: HelloInterval mismatch "
941 "(expected %u, but received %u).",
942 inet_ntoa(ospfh->router_id),
943 OSPF_IF_PARAM(oi, v_hello),
944 ntohs(hello->hello_interval));
945 return;
946 }
947 }
948
949 if (IS_DEBUG_OSPF_EVENT)
950 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
951 inet_ntoa(ospfh->router_id),
952 ospf_options_dump(hello->options),
953 ospf_vrf_id_to_name(oi->ospf->vrf_id));
954
955 /* Compare options. */
956 #define REJECT_IF_TBIT_ON 1 /* XXX */
957 #ifdef REJECT_IF_TBIT_ON
958 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
959 /*
960 * This router does not support non-zero TOS.
961 * Drop this Hello packet not to establish neighbor
962 * relationship.
963 */
964 zlog_warn("Packet %s [Hello:RECV]: T-bit on, drop it.",
965 inet_ntoa(ospfh->router_id));
966 return;
967 }
968 #endif /* REJECT_IF_TBIT_ON */
969
970 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
971 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
972 /*
973 * This router does know the correct usage of O-bit
974 * the bit should be set in DD packet only.
975 */
976 zlog_warn("Packet %s [Hello:RECV]: O-bit abuse?",
977 inet_ntoa(ospfh->router_id));
978 #ifdef STRICT_OBIT_USAGE_CHECK
979 return; /* Reject this packet. */
980 #else /* STRICT_OBIT_USAGE_CHECK */
981 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
982 #endif /* STRICT_OBIT_USAGE_CHECK */
983 }
984
985 /* new for NSSA is to ensure that NP is on and E is off */
986
987 if (oi->area->external_routing == OSPF_AREA_NSSA) {
988 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
989 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
990 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
991 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
992 zlog_warn(
993 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
994 inet_ntoa(ospfh->router_id), OPTIONS(oi),
995 hello->options);
996 return;
997 }
998 if (IS_DEBUG_OSPF_NSSA)
999 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1000 inet_ntoa(ospfh->router_id));
1001 } else
1002 /* The setting of the E-bit found in the Hello Packet's Options
1003 field must match this area's ExternalRoutingCapability A
1004 mismatch causes processing to stop and the packet to be
1005 dropped. The setting of the rest of the bits in the Hello
1006 Packet's Options field should be ignored. */
1007 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1008 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
1009 zlog_warn(
1010 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1011 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1012 hello->options);
1013 return;
1014 }
1015
1016 /* get neighbour struct */
1017 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1018
1019 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1020 assert(nbr);
1021
1022 old_state = nbr->state;
1023
1024 /* Add event to thread. */
1025 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1026
1027 /* RFC2328 Section 9.5.1
1028 If the router is not eligible to become Designated Router,
1029 (snip) It must also send an Hello Packet in reply to an
1030 Hello Packet received from any eligible neighbor (other than
1031 the current Designated Router and Backup Designated Router). */
1032 if (oi->type == OSPF_IFTYPE_NBMA)
1033 if (PRIORITY(oi) == 0 && hello->priority > 0
1034 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1035 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1036 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1037 ospf_hello_reply_timer,
1038 OSPF_HELLO_REPLY_DELAY);
1039
1040 /* on NBMA network type, it happens to receive bidirectional Hello
1041 packet
1042 without advance 1-Way Received event.
1043 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1044 if (oi->type == OSPF_IFTYPE_NBMA
1045 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1046 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1047 nbr->priority = hello->priority;
1048 nbr->d_router = hello->d_router;
1049 nbr->bd_router = hello->bd_router;
1050 return;
1051 }
1052
1053 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1054 size - OSPF_HELLO_MIN_SIZE)) {
1055 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1056 nbr->options |= hello->options;
1057 } else {
1058 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1059 /* Set neighbor information. */
1060 nbr->priority = hello->priority;
1061 nbr->d_router = hello->d_router;
1062 nbr->bd_router = hello->bd_router;
1063 return;
1064 }
1065
1066 /* If neighbor itself declares DR and no BDR exists,
1067 cause event BackupSeen */
1068 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1069 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1070 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1071
1072 /* neighbor itself declares BDR. */
1073 if (oi->state == ISM_Waiting
1074 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1075 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1076
1077 /* had not previously. */
1078 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1079 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1080 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1081 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1082 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1083
1084 /* had not previously. */
1085 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1086 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1087 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1088 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1089 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1090
1091 /* Neighbor priority check. */
1092 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1093 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1094
1095 /* Set neighbor information. */
1096 nbr->priority = hello->priority;
1097 nbr->d_router = hello->d_router;
1098 nbr->bd_router = hello->bd_router;
1099 }
1100
1101 /* Save DD flags/options/Seqnum received. */
1102 static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1103 struct ospf_db_desc *dd)
1104 {
1105 nbr->last_recv.flags = dd->flags;
1106 nbr->last_recv.options = dd->options;
1107 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
1108 }
1109
1110 /* Process rest of DD packet. */
1111 static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1112 struct ospf_neighbor *nbr,
1113 struct ospf_db_desc *dd, uint16_t size)
1114 {
1115 struct ospf_lsa *new, *find;
1116 struct lsa_header *lsah;
1117
1118 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1119 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1120 size -= OSPF_LSA_HEADER_SIZE) {
1121 lsah = (struct lsa_header *)stream_pnt(s);
1122 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1123
1124 /* Unknown LS type. */
1125 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1126 zlog_warn("Packet [DD:RECV]: Unknown LS type %d.",
1127 lsah->type);
1128 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1129 return;
1130 }
1131
1132 if (IS_OPAQUE_LSA(lsah->type)
1133 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1134 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1135 lsah->type, inet_ntoa(lsah->id));
1136 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1137 return;
1138 }
1139
1140 switch (lsah->type) {
1141 case OSPF_AS_EXTERNAL_LSA:
1142 case OSPF_OPAQUE_AS_LSA:
1143 /* Check for stub area. Reject if AS-External from stub
1144 but
1145 allow if from NSSA. */
1146 if (oi->area->external_routing == OSPF_AREA_STUB) {
1147 zlog_warn(
1148 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1149 lsah->type, inet_ntoa(lsah->id),
1150 (oi->area->external_routing
1151 == OSPF_AREA_STUB)
1152 ? "STUB"
1153 : "NSSA");
1154 OSPF_NSM_EVENT_SCHEDULE(nbr,
1155 NSM_SeqNumberMismatch);
1156 return;
1157 }
1158 break;
1159 default:
1160 break;
1161 }
1162
1163 /* Create LS-request object. */
1164 new = ospf_ls_request_new(lsah);
1165
1166 /* Lookup received LSA, then add LS request list. */
1167 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1168
1169 /* ospf_lsa_more_recent is fine with NULL pointers */
1170 switch (ospf_lsa_more_recent(find, new)) {
1171 case -1:
1172 /* Neighbour has a more recent LSA, we must request it
1173 */
1174 ospf_ls_request_add(nbr, new);
1175 /* fallthru */
1176 case 0:
1177 /* If we have a copy of this LSA, it's either less
1178 * recent
1179 * and we're requesting it from neighbour (the case
1180 * above), or
1181 * it's as recent and we both have same copy (this
1182 * case).
1183 *
1184 * In neither of these two cases is there any point in
1185 * describing our copy of the LSA to the neighbour in a
1186 * DB-Summary packet, if we're still intending to do so.
1187 *
1188 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1189 * backward compatible optimisation to OSPF DB Exchange
1190 * /
1191 * DB Description process implemented here.
1192 */
1193 if (find)
1194 ospf_lsdb_delete(&nbr->db_sum, find);
1195 ospf_lsa_discard(new);
1196 break;
1197 default:
1198 /* We have the more recent copy, nothing specific to do:
1199 * - no need to request neighbours stale copy
1200 * - must leave DB summary list copy alone
1201 */
1202 if (IS_DEBUG_OSPF_EVENT)
1203 zlog_debug(
1204 "Packet [DD:RECV]: LSA received Type %d, "
1205 "ID %s is not recent.",
1206 lsah->type, inet_ntoa(lsah->id));
1207 ospf_lsa_discard(new);
1208 }
1209 }
1210
1211 /* Master */
1212 if (IS_SET_DD_MS(nbr->dd_flags)) {
1213 nbr->dd_seqnum++;
1214
1215 /* Both sides have no More, then we're done with Exchange */
1216 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1217 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1218 else
1219 ospf_db_desc_send(nbr);
1220 }
1221 /* Slave */
1222 else {
1223 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1224
1225 /* Send DD packet in reply.
1226 *
1227 * Must be done to acknowledge the Master's DD, regardless of
1228 * whether we have more LSAs ourselves to describe.
1229 *
1230 * This function will clear the 'More' bit, if after this DD
1231 * we have no more LSAs to describe to the master..
1232 */
1233 ospf_db_desc_send(nbr);
1234
1235 /* Slave can raise ExchangeDone now, if master is also done */
1236 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1237 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1238 }
1239
1240 /* Save received neighbor values from DD. */
1241 ospf_db_desc_save_current(nbr, dd);
1242
1243 if (!nbr->t_ls_req)
1244 ospf_ls_req_send(nbr);
1245 }
1246
1247 static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1248 struct ospf_neighbor *nbr)
1249 {
1250 /* Is DD duplicated? */
1251 if (dd->options == nbr->last_recv.options
1252 && dd->flags == nbr->last_recv.flags
1253 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1254 return 1;
1255
1256 return 0;
1257 }
1258
1259 /* OSPF Database Description message read -- RFC2328 Section 10.6. */
1260 static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1261 struct stream *s, struct ospf_interface *oi,
1262 uint16_t size)
1263 {
1264 struct ospf_db_desc *dd;
1265 struct ospf_neighbor *nbr;
1266
1267 /* Increment statistics. */
1268 oi->db_desc_in++;
1269
1270 dd = (struct ospf_db_desc *)stream_pnt(s);
1271
1272 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1273 if (nbr == NULL) {
1274 zlog_warn("Packet[DD]: Unknown Neighbor %s",
1275 inet_ntoa(ospfh->router_id));
1276 return;
1277 }
1278
1279 /* Check MTU. */
1280 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1281 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
1282 zlog_warn(
1283 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1284 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1285 oi->ifp->mtu);
1286 return;
1287 }
1288
1289 /*
1290 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1291 * not
1292 * required. In fact at least JunOS sends DD packets with P bit clear.
1293 * Until proper solution is developped, this hack should help.
1294 *
1295 * Update: According to the RFCs, N bit is specified /only/ for Hello
1296 * options, unfortunately its use in DD options is not specified. Hence
1297 * some
1298 * implementations follow E-bit semantics and set it in DD options, and
1299 * some
1300 * treat it as unspecified and hence follow the directive "default for
1301 * options is clear", ie unset.
1302 *
1303 * Reset the flag, as ospfd follows E-bit semantics.
1304 */
1305 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1306 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1307 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1308 if (IS_DEBUG_OSPF_EVENT)
1309 zlog_debug(
1310 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1311 inet_ntoa(nbr->router_id));
1312 SET_FLAG(dd->options, OSPF_OPTION_NP);
1313 }
1314
1315 #ifdef REJECT_IF_TBIT_ON
1316 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1317 /*
1318 * In Hello protocol, optional capability must have checked
1319 * to prevent this T-bit enabled router be my neighbor.
1320 */
1321 zlog_warn("Packet[DD]: Neighbor %s: T-bit on?",
1322 inet_ntoa(nbr->router_id));
1323 return;
1324 }
1325 #endif /* REJECT_IF_TBIT_ON */
1326
1327 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1328 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1329 /*
1330 * This node is not configured to handle O-bit, for now.
1331 * Clear it to ignore unsupported capability proposed by
1332 * neighbor.
1333 */
1334 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1335 }
1336
1337 /* Add event to thread. */
1338 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1339
1340 /* Process DD packet by neighbor status. */
1341 switch (nbr->state) {
1342 case NSM_Down:
1343 case NSM_Attempt:
1344 case NSM_TwoWay:
1345 zlog_warn(
1346 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1347 inet_ntoa(nbr->router_id),
1348 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1349 break;
1350 case NSM_Init:
1351 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1352 /* If the new state is ExStart, the processing of the current
1353 packet should then continue in this new state by falling
1354 through to case ExStart below. */
1355 if (nbr->state != NSM_ExStart)
1356 break;
1357 /* fallthru */
1358 case NSM_ExStart:
1359 /* Initial DBD */
1360 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1361 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1362 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1363 > 0) {
1364 /* We're Slave---obey */
1365 if (CHECK_FLAG(oi->ospf->config,
1366 OSPF_LOG_ADJACENCY_DETAIL))
1367 zlog_info(
1368 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1369 inet_ntoa(nbr->router_id));
1370
1371 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1372
1373 /* Reset I/MS */
1374 UNSET_FLAG(nbr->dd_flags,
1375 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1376 } else {
1377 /* We're Master, ignore the initial DBD from
1378 * Slave */
1379 if (CHECK_FLAG(oi->ospf->config,
1380 OSPF_LOG_ADJACENCY_DETAIL))
1381 zlog_info(
1382 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1383 "ignoring.",
1384 inet_ntoa(nbr->router_id));
1385 break;
1386 }
1387 }
1388 /* Ack from the Slave */
1389 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1390 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1391 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1392 < 0) {
1393 zlog_info(
1394 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1395 inet_ntoa(nbr->router_id));
1396 /* Reset I, leaving MS */
1397 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1398 } else {
1399 zlog_warn("Packet[DD]: Neighbor %s Negotiation fails.",
1400 inet_ntoa(nbr->router_id));
1401 break;
1402 }
1403
1404 /* This is where the real Options are saved */
1405 nbr->options = dd->options;
1406
1407 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1408 if (IS_DEBUG_OSPF_EVENT)
1409 zlog_debug(
1410 "Neighbor[%s] is %sOpaque-capable.",
1411 inet_ntoa(nbr->router_id),
1412 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1413 ? ""
1414 : "NOT ");
1415
1416 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1417 && IPV4_ADDR_SAME(&DR(oi),
1418 &nbr->address.u.prefix4)) {
1419 zlog_warn(
1420 "DR-neighbor[%s] is NOT opaque-capable; "
1421 "Opaque-LSAs cannot be reliably advertised "
1422 "in this network.",
1423 inet_ntoa(nbr->router_id));
1424 /* This situation is undesirable, but not a real
1425 * error. */
1426 }
1427 }
1428
1429 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1430
1431 /* continue processing rest of packet. */
1432 ospf_db_desc_proc(s, oi, nbr, dd, size);
1433 break;
1434 case NSM_Exchange:
1435 if (ospf_db_desc_is_dup(dd, nbr)) {
1436 if (IS_SET_DD_MS(nbr->dd_flags))
1437 /* Master: discard duplicated DD packet. */
1438 zlog_info(
1439 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1440 inet_ntoa(nbr->router_id));
1441 else
1442 /* Slave: cause to retransmit the last Database
1443 Description. */
1444 {
1445 zlog_info(
1446 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1447 inet_ntoa(nbr->router_id));
1448 ospf_db_desc_resend(nbr);
1449 }
1450 break;
1451 }
1452
1453 /* Otherwise DD packet should be checked. */
1454 /* Check Master/Slave bit mismatch */
1455 if (IS_SET_DD_MS(dd->flags)
1456 != IS_SET_DD_MS(nbr->last_recv.flags)) {
1457 zlog_warn("Packet[DD]: Neighbor %s MS-bit mismatch.",
1458 inet_ntoa(nbr->router_id));
1459 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1460 if (IS_DEBUG_OSPF_EVENT)
1461 zlog_debug(
1462 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1463 dd->flags, nbr->dd_flags);
1464 break;
1465 }
1466
1467 /* Check initialize bit is set. */
1468 if (IS_SET_DD_I(dd->flags)) {
1469 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1470 inet_ntoa(nbr->router_id));
1471 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1472 break;
1473 }
1474
1475 /* Check DD Options. */
1476 if (dd->options != nbr->options) {
1477 #ifdef ORIGINAL_CODING
1478 /* Save the new options for debugging */
1479 nbr->options = dd->options;
1480 #endif /* ORIGINAL_CODING */
1481 zlog_warn("Packet[DD]: Neighbor %s options mismatch.",
1482 inet_ntoa(nbr->router_id));
1483 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1484 break;
1485 }
1486
1487 /* Check DD sequence number. */
1488 if ((IS_SET_DD_MS(nbr->dd_flags)
1489 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1490 || (!IS_SET_DD_MS(nbr->dd_flags)
1491 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
1492 zlog_warn(
1493 "Packet[DD]: Neighbor %s sequence number mismatch.",
1494 inet_ntoa(nbr->router_id));
1495 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1496 break;
1497 }
1498
1499 /* Continue processing rest of packet. */
1500 ospf_db_desc_proc(s, oi, nbr, dd, size);
1501 break;
1502 case NSM_Loading:
1503 case NSM_Full:
1504 if (ospf_db_desc_is_dup(dd, nbr)) {
1505 if (IS_SET_DD_MS(nbr->dd_flags)) {
1506 /* Master should discard duplicate DD packet. */
1507 zlog_info(
1508 "Packet[DD]: Neighbor %s duplicated, "
1509 "packet discarded.",
1510 inet_ntoa(nbr->router_id));
1511 break;
1512 } else {
1513 if (monotime_since(&nbr->last_send_ts, NULL)
1514 < nbr->v_inactivity * 1000000LL) {
1515 /* In states Loading and Full the slave
1516 must resend
1517 its last Database Description packet
1518 in response to
1519 duplicate Database Description
1520 packets received
1521 from the master. For this reason the
1522 slave must
1523 wait RouterDeadInterval seconds
1524 before freeing the
1525 last Database Description packet.
1526 Reception of a
1527 Database Description packet from the
1528 master after
1529 this interval will generate a
1530 SeqNumberMismatch
1531 neighbor event. RFC2328 Section 10.8
1532 */
1533 ospf_db_desc_resend(nbr);
1534 break;
1535 }
1536 }
1537 }
1538
1539 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1540 break;
1541 default:
1542 zlog_warn("Packet[DD]: Neighbor %s NSM illegal status %u.",
1543 inet_ntoa(nbr->router_id), nbr->state);
1544 break;
1545 }
1546 }
1547
1548 #define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1549
1550 /* OSPF Link State Request Read -- RFC2328 Section 10.7. */
1551 static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1552 struct stream *s, struct ospf_interface *oi,
1553 uint16_t size)
1554 {
1555 struct ospf_neighbor *nbr;
1556 uint32_t ls_type;
1557 struct in_addr ls_id;
1558 struct in_addr adv_router;
1559 struct ospf_lsa *find;
1560 struct list *ls_upd;
1561 unsigned int length;
1562
1563 /* Increment statistics. */
1564 oi->ls_req_in++;
1565
1566 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1567 if (nbr == NULL) {
1568 zlog_warn("Link State Request: Unknown Neighbor %s.",
1569 inet_ntoa(ospfh->router_id));
1570 return;
1571 }
1572
1573 /* Add event to thread. */
1574 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1575
1576 /* Neighbor State should be Exchange or later. */
1577 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1578 && nbr->state != NSM_Full) {
1579 zlog_warn(
1580 "Link State Request received from %s: "
1581 "Neighbor state is %s, packet discarded.",
1582 inet_ntoa(ospfh->router_id),
1583 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1584 return;
1585 }
1586
1587 /* Send Link State Update for ALL requested LSAs. */
1588 ls_upd = list_new();
1589 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1590
1591 while (size >= OSPF_LSA_KEY_SIZE) {
1592 /* Get one slice of Link State Request. */
1593 ls_type = stream_getl(s);
1594 ls_id.s_addr = stream_get_ipv4(s);
1595 adv_router.s_addr = stream_get_ipv4(s);
1596
1597 /* Verify LSA type. */
1598 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1599 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1600 list_delete_and_null(&ls_upd);
1601 return;
1602 }
1603
1604 /* Search proper LSA in LSDB. */
1605 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1606 adv_router);
1607 if (find == NULL) {
1608 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
1609 list_delete_and_null(&ls_upd);
1610 return;
1611 }
1612
1613 /* Packet overflows MTU size, send immediately. */
1614 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1615 if (oi->type == OSPF_IFTYPE_NBMA)
1616 ospf_ls_upd_send(nbr, ls_upd,
1617 OSPF_SEND_PACKET_DIRECT, 0);
1618 else
1619 ospf_ls_upd_send(nbr, ls_upd,
1620 OSPF_SEND_PACKET_INDIRECT, 0);
1621
1622 /* Only remove list contents. Keep ls_upd. */
1623 list_delete_all_node(ls_upd);
1624
1625 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1626 }
1627
1628 /* Append LSA to update list. */
1629 listnode_add(ls_upd, find);
1630 length += ntohs(find->data->length);
1631
1632 size -= OSPF_LSA_KEY_SIZE;
1633 }
1634
1635 /* Send rest of Link State Update. */
1636 if (listcount(ls_upd) > 0) {
1637 if (oi->type == OSPF_IFTYPE_NBMA)
1638 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1639 0);
1640 else
1641 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1642 0);
1643
1644 list_delete_and_null(&ls_upd);
1645 } else
1646 list_delete_and_null(&ls_upd);
1647 }
1648
1649 /* Get the list of LSAs from Link State Update packet.
1650 And process some validation -- RFC2328 Section 13. (1)-(2). */
1651 static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1652 struct stream *s,
1653 struct ospf_interface *oi, size_t size)
1654 {
1655 uint16_t count, sum;
1656 uint32_t length;
1657 struct lsa_header *lsah;
1658 struct ospf_lsa *lsa;
1659 struct list *lsas;
1660
1661 lsas = list_new();
1662
1663 count = stream_getl(s);
1664 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1665
1666 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1667 size -= length, stream_forward_getp(s, length), count--) {
1668 lsah = (struct lsa_header *)stream_pnt(s);
1669 length = ntohs(lsah->length);
1670
1671 if (length > size) {
1672 zlog_warn(
1673 "Link State Update: LSA length exceeds packet size.");
1674 break;
1675 }
1676
1677 /* Validate the LSA's LS checksum. */
1678 sum = lsah->checksum;
1679 if (!ospf_lsa_checksum_valid(lsah)) {
1680 /* (bug #685) more details in a one-line message make it
1681 * possible
1682 * to identify problem source on the one hand and to
1683 * have a better
1684 * chance to compress repeated messages in syslog on the
1685 * other */
1686 zlog_warn(
1687 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1688 sum, lsah->checksum, inet_ntoa(lsah->id),
1689 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1690 inet_ntoa(lsah->adv_router));
1691 continue;
1692 }
1693
1694 /* Examine the LSA's LS type. */
1695 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
1696 zlog_warn("Link State Update: Unknown LS type %d",
1697 lsah->type);
1698 continue;
1699 }
1700
1701 /*
1702 * What if the received LSA's age is greater than MaxAge?
1703 * Treat it as a MaxAge case -- endo.
1704 */
1705 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1706 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
1707
1708 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1709 #ifdef STRICT_OBIT_USAGE_CHECK
1710 if ((IS_OPAQUE_LSA(lsah->type)
1711 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1712 || (!IS_OPAQUE_LSA(lsah->type)
1713 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1714 /*
1715 * This neighbor must know the exact usage of
1716 * O-bit;
1717 * the bit will be set in Type-9,10,11 LSAs
1718 * only.
1719 */
1720 zlog_warn("LSA[Type%d:%s]: O-bit abuse?",
1721 lsah->type, inet_ntoa(lsah->id));
1722 continue;
1723 }
1724 #endif /* STRICT_OBIT_USAGE_CHECK */
1725
1726 /* Do not take in AS External Opaque-LSAs if we are a
1727 * stub. */
1728 if (lsah->type == OSPF_OPAQUE_AS_LSA
1729 && nbr->oi->area->external_routing
1730 != OSPF_AREA_DEFAULT) {
1731 if (IS_DEBUG_OSPF_EVENT)
1732 zlog_debug(
1733 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1734 lsah->type,
1735 inet_ntoa(lsah->id));
1736 continue;
1737 }
1738 } else if (IS_OPAQUE_LSA(lsah->type)) {
1739 zlog_warn("LSA[Type%d:%s]: Opaque capability mismatch?",
1740 lsah->type, inet_ntoa(lsah->id));
1741 continue;
1742 }
1743
1744 /* Create OSPF LSA instance. */
1745 lsa = ospf_lsa_new();
1746
1747 lsa->vrf_id = oi->ospf->vrf_id;
1748 /* We may wish to put some error checking if type NSSA comes in
1749 and area not in NSSA mode */
1750 switch (lsah->type) {
1751 case OSPF_AS_EXTERNAL_LSA:
1752 case OSPF_OPAQUE_AS_LSA:
1753 lsa->area = NULL;
1754 break;
1755 case OSPF_OPAQUE_LINK_LSA:
1756 lsa->oi = oi; /* Remember incoming interface for
1757 flooding control. */
1758 /* Fallthrough */
1759 default:
1760 lsa->area = oi->area;
1761 break;
1762 }
1763
1764 lsa->data = ospf_lsa_data_new(length);
1765 memcpy(lsa->data, lsah, length);
1766
1767 if (IS_DEBUG_OSPF_EVENT)
1768 zlog_debug(
1769 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1770 lsa->data->type, inet_ntoa(lsa->data->id),
1771 (void *)lsa);
1772 listnode_add(lsas, lsa);
1773 }
1774
1775 return lsas;
1776 }
1777
1778 /* Cleanup Update list. */
1779 static void ospf_upd_list_clean(struct list *lsas)
1780 {
1781 struct listnode *node, *nnode;
1782 struct ospf_lsa *lsa;
1783
1784 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1785 ospf_lsa_discard(lsa);
1786
1787 list_delete_and_null(&lsas);
1788 }
1789
1790 /* OSPF Link State Update message read -- RFC2328 Section 13. */
1791 static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1792 struct ospf_header *ospfh, struct stream *s,
1793 struct ospf_interface *oi, uint16_t size)
1794 {
1795 struct ospf_neighbor *nbr;
1796 struct list *lsas;
1797 struct listnode *node, *nnode;
1798 struct ospf_lsa *lsa = NULL;
1799 /* unsigned long ls_req_found = 0; */
1800
1801 /* Dis-assemble the stream, update each entry, re-encapsulate for
1802 * flooding */
1803
1804 /* Increment statistics. */
1805 oi->ls_upd_in++;
1806
1807 /* Check neighbor. */
1808 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1809 if (nbr == NULL) {
1810 zlog_warn("Link State Update: Unknown Neighbor %s on int: %s",
1811 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1812 return;
1813 }
1814
1815 /* Add event to thread. */
1816 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1817
1818 /* Check neighbor state. */
1819 if (nbr->state < NSM_Exchange) {
1820 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1821 zlog_debug(
1822 "Link State Update: "
1823 "Neighbor[%s] state %s is less than Exchange",
1824 inet_ntoa(ospfh->router_id),
1825 lookup_msg(ospf_nsm_state_msg, nbr->state,
1826 NULL));
1827 return;
1828 }
1829
1830 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1831 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1832 * of section 13.
1833 */
1834 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1835
1836 if (lsas == NULL)
1837 return;
1838 #define DISCARD_LSA(L, N) \
1839 { \
1840 if (IS_DEBUG_OSPF_EVENT) \
1841 zlog_debug( \
1842 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1843 " Type-%d", \
1844 N, (void *)lsa, (int)lsa->data->type); \
1845 ospf_lsa_discard(L); \
1846 continue; \
1847 }
1848
1849 /* Process each LSA received in the one packet.
1850 *
1851 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1852 * text below are from the steps in RFC 2328, Section 13.
1853 */
1854 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1855 struct ospf_lsa *ls_ret, *current;
1856 int ret = 1;
1857
1858 if (IS_DEBUG_OSPF_NSSA) {
1859 char buf1[INET_ADDRSTRLEN];
1860 char buf2[INET_ADDRSTRLEN];
1861 char buf3[INET_ADDRSTRLEN];
1862
1863 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1864 lsa->data->type,
1865 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1866 INET_ADDRSTRLEN),
1867 inet_ntop(AF_INET, &lsa->data->id, buf2,
1868 INET_ADDRSTRLEN),
1869 inet_ntop(AF_INET, &lsa->data->adv_router,
1870 buf3, INET_ADDRSTRLEN));
1871 }
1872
1873 listnode_delete(lsas,
1874 lsa); /* We don't need it in list anymore */
1875
1876 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1877 */
1878
1879 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1880
1881 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1882 */
1883
1884 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1885 */
1886
1887 /* Do take in Type-7's if we are an NSSA */
1888
1889 /* If we are also an ABR, later translate them to a Type-5
1890 * packet */
1891
1892 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1893 translate them to a separate Type-5 packet. */
1894
1895 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1896 /* Reject from STUB or NSSA */
1897 if (nbr->oi->area->external_routing
1898 != OSPF_AREA_DEFAULT) {
1899 if (IS_DEBUG_OSPF_NSSA)
1900 zlog_debug(
1901 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1902 DISCARD_LSA(lsa, 1);
1903 }
1904
1905 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1906 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1907 if (IS_DEBUG_OSPF_NSSA)
1908 zlog_debug(
1909 "Incoming NSSA LSA Discarded: Not NSSA Area");
1910 DISCARD_LSA(lsa, 2);
1911 }
1912
1913 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1914 if (lsa->data->type == OSPF_ROUTER_LSA)
1915 if (!IPV4_ADDR_SAME(&lsa->data->id,
1916 &lsa->data->adv_router)) {
1917 char buf1[INET_ADDRSTRLEN];
1918 char buf2[INET_ADDRSTRLEN];
1919 char buf3[INET_ADDRSTRLEN];
1920
1921 flog_err(OSPF_ERR_ROUTER_LSA_MISMATCH,
1922 "Incoming Router-LSA from %s with "
1923 "Adv-ID[%s] != LS-ID[%s]",
1924 inet_ntop(AF_INET, &ospfh->router_id,
1925 buf1, INET_ADDRSTRLEN),
1926 inet_ntop(AF_INET, &lsa->data->id,
1927 buf2, INET_ADDRSTRLEN),
1928 inet_ntop(AF_INET,
1929 &lsa->data->adv_router,
1930 buf3, INET_ADDRSTRLEN));
1931 flog_err(
1932 OSPF_ERR_DOMAIN_CORRUPT,
1933 "OSPF domain compromised by attack or corruption. "
1934 "Verify correct operation of -ALL- OSPF routers.");
1935 DISCARD_LSA(lsa, 0);
1936 }
1937
1938 /* Find the LSA in the current database. */
1939
1940 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1941
1942 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1943 currently
1944 no instance of the LSA in the router's link state database,
1945 and none of router's neighbors are in states Exchange or
1946 Loading,
1947 then take the following actions: */
1948
1949 if (IS_LSA_MAXAGE(lsa) && !current
1950 && ospf_check_nbr_status(oi->ospf)) {
1951 /* (4a) Response Link State Acknowledgment. */
1952 ospf_ls_ack_send(nbr, lsa);
1953
1954 /* (4b) Discard LSA. */
1955 if (IS_DEBUG_OSPF(lsa, LSA)) {
1956 zlog_debug(
1957 "Link State Update[%s]: LS age is equal to MaxAge.",
1958 dump_lsa_key(lsa));
1959 }
1960 DISCARD_LSA(lsa, 3);
1961 }
1962
1963 if (IS_OPAQUE_LSA(lsa->data->type)
1964 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1965 &oi->ospf->router_id)) {
1966 /*
1967 * Even if initial flushing seems to be completed, there
1968 * might
1969 * be a case that self-originated LSA with MaxAge still
1970 * remain
1971 * in the routing domain.
1972 * Just send an LSAck message to cease retransmission.
1973 */
1974 if (IS_LSA_MAXAGE(lsa)) {
1975 zlog_warn("LSA[%s]: Boomerang effect?",
1976 dump_lsa_key(lsa));
1977 ospf_ls_ack_send(nbr, lsa);
1978 ospf_lsa_discard(lsa);
1979
1980 if (current != NULL && !IS_LSA_MAXAGE(current))
1981 ospf_opaque_lsa_refresh_schedule(
1982 current);
1983 continue;
1984 }
1985
1986 /*
1987 * If an instance of self-originated Opaque-LSA is not
1988 * found
1989 * in the LSDB, there are some possible cases here.
1990 *
1991 * 1) This node lost opaque-capability after restart.
1992 * 2) Else, a part of opaque-type is no more supported.
1993 * 3) Else, a part of opaque-id is no more supported.
1994 *
1995 * Anyway, it is still this node's responsibility to
1996 * flush it.
1997 * Otherwise, the LSA instance remains in the routing
1998 * domain
1999 * until its age reaches to MaxAge.
2000 */
2001 /* XXX: We should deal with this for *ALL* LSAs, not
2002 * just opaque */
2003 if (current == NULL) {
2004 if (IS_DEBUG_OSPF_EVENT)
2005 zlog_debug(
2006 "LSA[%s]: Previously originated Opaque-LSA,"
2007 "not found in the LSDB.",
2008 dump_lsa_key(lsa));
2009
2010 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2011
2012 ospf_opaque_self_originated_lsa_received(nbr,
2013 lsa);
2014 ospf_ls_ack_send(nbr, lsa);
2015
2016 continue;
2017 }
2018 }
2019
2020 /* It might be happen that received LSA is self-originated
2021 * network LSA, but
2022 * router ID is changed. So, we should check if LSA is a
2023 * network-LSA whose
2024 * Link State ID is one of the router's own IP interface
2025 * addresses but whose
2026 * Advertising Router is not equal to the router's own Router ID
2027 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2028 * flushed.
2029 */
2030
2031 if (lsa->data->type == OSPF_NETWORK_LSA) {
2032 struct listnode *oinode, *oinnode;
2033 struct ospf_interface *out_if;
2034 int Flag = 0;
2035
2036 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2037 oinnode, out_if)) {
2038 if (out_if == NULL)
2039 break;
2040
2041 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2042 &lsa->data->id))
2043 && (!(IPV4_ADDR_SAME(
2044 &oi->ospf->router_id,
2045 &lsa->data->adv_router)))) {
2046 if (out_if->network_lsa_self) {
2047 ospf_lsa_flush_area(
2048 lsa, out_if->area);
2049 if (IS_DEBUG_OSPF_EVENT)
2050 zlog_debug(
2051 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2052 (void *)lsa,
2053 (int)lsa->data
2054 ->type);
2055 ospf_lsa_discard(lsa);
2056 Flag = 1;
2057 }
2058 break;
2059 }
2060 }
2061 if (Flag)
2062 continue;
2063 }
2064
2065 /* (5) Find the instance of this LSA that is currently contained
2066 in the router's link state database. If there is no
2067 database copy, or the received LSA is more recent than
2068 the database copy the following steps must be performed.
2069 (The sub steps from RFC 2328 section 13 step (5) will be
2070 performed in
2071 ospf_flood() ) */
2072
2073 if (current == NULL
2074 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2075 /* Actual flooding procedure. */
2076 if (ospf_flood(oi->ospf, nbr, current, lsa)
2077 < 0) /* Trap NSSA later. */
2078 DISCARD_LSA(lsa, 4);
2079 continue;
2080 }
2081
2082 /* (6) Else, If there is an instance of the LSA on the sending
2083 neighbor's Link state request list, an error has occurred in
2084 the Database Exchange process. In this case, restart the
2085 Database Exchange process by generating the neighbor event
2086 BadLSReq for the sending neighbor and stop processing the
2087 Link State Update packet. */
2088
2089 if (ospf_ls_request_lookup(nbr, lsa)) {
2090 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
2091 zlog_warn(
2092 "LSA[%s] instance exists on Link state request list",
2093 dump_lsa_key(lsa));
2094
2095 /* Clean list of LSAs. */
2096 ospf_upd_list_clean(lsas);
2097 /* this lsa is not on lsas list already. */
2098 ospf_lsa_discard(lsa);
2099 return;
2100 }
2101
2102 /* If the received LSA is the same instance as the database copy
2103 (i.e., neither one is more recent) the following two steps
2104 should be performed: */
2105
2106 if (ret == 0) {
2107 /* If the LSA is listed in the Link state retransmission
2108 list
2109 for the receiving adjacency, the router itself is
2110 expecting
2111 an acknowledgment for this LSA. The router should
2112 treat the
2113 received LSA as an acknowledgment by removing the LSA
2114 from
2115 the Link state retransmission list. This is termed
2116 an
2117 "implied acknowledgment". */
2118
2119 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2120
2121 if (ls_ret != NULL) {
2122 ospf_ls_retransmit_delete(nbr, ls_ret);
2123
2124 /* Delayed acknowledgment sent if advertisement
2125 received
2126 from Designated Router, otherwise do nothing.
2127 */
2128 if (oi->state == ISM_Backup)
2129 if (NBR_IS_DR(nbr))
2130 listnode_add(
2131 oi->ls_ack,
2132 ospf_lsa_lock(lsa));
2133
2134 DISCARD_LSA(lsa, 5);
2135 } else
2136 /* Acknowledge the receipt of the LSA by sending a
2137 Link State Acknowledgment packet back out the
2138 receiving
2139 interface. */
2140 {
2141 ospf_ls_ack_send(nbr, lsa);
2142 DISCARD_LSA(lsa, 6);
2143 }
2144 }
2145
2146 /* The database copy is more recent. If the database copy
2147 has LS age equal to MaxAge and LS sequence number equal to
2148 MaxSequenceNumber, simply discard the received LSA without
2149 acknowledging it. (In this case, the LSA's LS sequence number
2150 is
2151 wrapping, and the MaxSequenceNumber LSA must be completely
2152 flushed before any new LSA instance can be introduced). */
2153
2154 else if (ret > 0) /* Database copy is more recent */
2155 {
2156 if (IS_LSA_MAXAGE(current)
2157 && current->data->ls_seqnum
2158 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2159 DISCARD_LSA(lsa, 7);
2160 }
2161 /* Otherwise, as long as the database copy has not been
2162 sent in a
2163 Link State Update within the last MinLSArrival
2164 seconds, send the
2165 database copy back to the sending neighbor,
2166 encapsulated within
2167 a Link State Update Packet. The Link State Update
2168 Packet should
2169 be sent directly to the neighbor. In so doing, do not
2170 put the
2171 database copy of the LSA on the neighbor's link state
2172 retransmission list, and do not acknowledge the
2173 received (less
2174 recent) LSA instance. */
2175 else {
2176 if (monotime_since(&current->tv_orig, NULL)
2177 >= ospf->min_ls_arrival * 1000LL)
2178 /* Trap NSSA type later.*/
2179 ospf_ls_upd_send_lsa(
2180 nbr, current,
2181 OSPF_SEND_PACKET_DIRECT);
2182 DISCARD_LSA(lsa, 8);
2183 }
2184 }
2185 }
2186 #undef DISCARD_LSA
2187
2188 assert(listcount(lsas) == 0);
2189 list_delete_and_null(&lsas);
2190 }
2191
2192 /* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
2193 static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2194 struct stream *s, struct ospf_interface *oi,
2195 uint16_t size)
2196 {
2197 struct ospf_neighbor *nbr;
2198
2199 /* increment statistics. */
2200 oi->ls_ack_in++;
2201
2202 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2203 if (nbr == NULL) {
2204 zlog_warn("Link State Acknowledgment: Unknown Neighbor %s.",
2205 inet_ntoa(ospfh->router_id));
2206 return;
2207 }
2208
2209 /* Add event to thread. */
2210 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2211
2212 if (nbr->state < NSM_Exchange) {
2213 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2214 zlog_debug(
2215 "Link State Acknowledgment: "
2216 "Neighbor[%s] state %s is less than Exchange",
2217 inet_ntoa(ospfh->router_id),
2218 lookup_msg(ospf_nsm_state_msg, nbr->state,
2219 NULL));
2220 return;
2221 }
2222
2223 while (size >= OSPF_LSA_HEADER_SIZE) {
2224 struct ospf_lsa *lsa, *lsr;
2225
2226 lsa = ospf_lsa_new();
2227 lsa->data = (struct lsa_header *)stream_pnt(s);
2228 lsa->vrf_id = oi->ospf->vrf_id;
2229
2230 /* lsah = (struct lsa_header *) stream_pnt (s); */
2231 size -= OSPF_LSA_HEADER_SIZE;
2232 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2233
2234 if (lsa->data->type < OSPF_MIN_LSA
2235 || lsa->data->type >= OSPF_MAX_LSA) {
2236 lsa->data = NULL;
2237 ospf_lsa_discard(lsa);
2238 continue;
2239 }
2240
2241 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2242
2243 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2244 ospf_ls_retransmit_delete(nbr, lsr);
2245
2246 lsa->data = NULL;
2247 ospf_lsa_discard(lsa);
2248 }
2249
2250 return;
2251 }
2252
2253 static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2254 struct interface **ifp,
2255 struct stream *ibuf)
2256 {
2257 int ret;
2258 struct ip *iph;
2259 uint16_t ip_len;
2260 ifindex_t ifindex = 0;
2261 struct iovec iov;
2262 /* Header and data both require alignment. */
2263 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2264 struct msghdr msgh;
2265
2266 memset(&msgh, 0, sizeof(struct msghdr));
2267 msgh.msg_iov = &iov;
2268 msgh.msg_iovlen = 1;
2269 msgh.msg_control = (caddr_t)buff;
2270 msgh.msg_controllen = sizeof(buff);
2271
2272 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2273 if (ret < 0) {
2274 zlog_warn("stream_recvmsg failed: %s", safe_strerror(errno));
2275 return NULL;
2276 }
2277 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
2278 {
2279 zlog_warn(
2280 "ospf_recv_packet: discarding runt packet of length %d "
2281 "(ip header size is %u)",
2282 ret, (unsigned int)sizeof(iph));
2283 return NULL;
2284 }
2285
2286 /* Note that there should not be alignment problems with this assignment
2287 because this is at the beginning of the stream data buffer. */
2288 iph = (struct ip *)STREAM_DATA(ibuf);
2289 sockopt_iphdrincl_swab_systoh(iph);
2290
2291 ip_len = iph->ip_len;
2292
2293 #if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
2294 /*
2295 * Kernel network code touches incoming IP header parameters,
2296 * before protocol specific processing.
2297 *
2298 * 1) Convert byteorder to host representation.
2299 * --> ip_len, ip_id, ip_off
2300 *
2301 * 2) Adjust ip_len to strip IP header size!
2302 * --> If user process receives entire IP packet via RAW
2303 * socket, it must consider adding IP header size to
2304 * the "ip_len" field of "ip" structure.
2305 *
2306 * For more details, see <netinet/ip_input.c>.
2307 */
2308 ip_len = ip_len + (iph->ip_hl << 2);
2309 #endif
2310
2311 #if defined(__DragonFly__)
2312 /*
2313 * in DragonFly's raw socket, ip_len/ip_off are read
2314 * in network byte order.
2315 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2316 */
2317 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
2318 #endif
2319
2320 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2321
2322 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
2323
2324 if (ret != ip_len) {
2325 zlog_warn(
2326 "ospf_recv_packet read length mismatch: ip_len is %d, "
2327 "but recvmsg returned %d",
2328 ip_len, ret);
2329 return NULL;
2330 }
2331
2332 return ibuf;
2333 }
2334
2335 static struct ospf_interface *
2336 ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2337 struct ip *iph, struct ospf_header *ospfh)
2338 {
2339 struct ospf_interface *rcv_oi;
2340 struct ospf_vl_data *vl_data;
2341 struct ospf_area *vl_area;
2342 struct listnode *node;
2343
2344 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2345 || !OSPF_IS_AREA_BACKBONE(ospfh))
2346 return NULL;
2347
2348 /* look for local OSPF interface matching the destination
2349 * to determine Area ID. We presume therefore the destination address
2350 * is unique, or at least (for "unnumbered" links), not used in other
2351 * areas
2352 */
2353 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2354 == NULL)
2355 return NULL;
2356
2357 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2358 vl_area =
2359 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2360 if (!vl_area)
2361 continue;
2362
2363 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2364 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2365 if (IS_DEBUG_OSPF_EVENT)
2366 zlog_debug("associating packet with %s",
2367 IF_NAME(vl_data->vl_oi));
2368 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2369 if (IS_DEBUG_OSPF_EVENT)
2370 zlog_debug(
2371 "This VL is not up yet, sorry");
2372 return NULL;
2373 }
2374
2375 return vl_data->vl_oi;
2376 }
2377 }
2378
2379 if (IS_DEBUG_OSPF_EVENT)
2380 zlog_debug("couldn't find any VL to associate the packet with");
2381
2382 return NULL;
2383 }
2384
2385 static int ospf_check_area_id(struct ospf_interface *oi,
2386 struct ospf_header *ospfh)
2387 {
2388 /* Check match the Area ID of the receiving interface. */
2389 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2390 return 1;
2391
2392 return 0;
2393 }
2394
2395 /* Unbound socket will accept any Raw IP packets if proto is matched.
2396 To prevent it, compare src IP address and i/f address with masking
2397 i/f network mask. */
2398 static int ospf_check_network_mask(struct ospf_interface *oi,
2399 struct in_addr ip_src)
2400 {
2401 struct in_addr mask, me, him;
2402
2403 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2404 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2405 return 1;
2406
2407 masklen2ip(oi->address->prefixlen, &mask);
2408
2409 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2410 him.s_addr = ip_src.s_addr & mask.s_addr;
2411
2412 if (IPV4_ADDR_SAME(&me, &him))
2413 return 1;
2414
2415 return 0;
2416 }
2417
2418 /* Return 1, if the packet is properly authenticated and checksummed,
2419 0 otherwise. In particular, check that AuType header field is valid and
2420 matches the locally configured AuType, and that D.5 requirements are met. */
2421 static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2422 {
2423 struct crypt_key *ck;
2424 uint16_t iface_auth_type;
2425 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
2426
2427 switch (pkt_auth_type) {
2428 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2429 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2430 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2431 zlog_warn(
2432 "interface %s: auth-type mismatch, local %s, rcvd Null",
2433 IF_NAME(oi),
2434 lookup_msg(ospf_auth_type_str,
2435 iface_auth_type, NULL));
2436 return 0;
2437 }
2438 if (!ospf_check_sum(ospfh)) {
2439 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2440 zlog_warn(
2441 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2442 IF_NAME(oi),
2443 inet_ntoa(ospfh->router_id));
2444 return 0;
2445 }
2446 return 1;
2447 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2448 if (OSPF_AUTH_SIMPLE
2449 != (iface_auth_type = ospf_auth_type(oi))) {
2450 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2451 zlog_warn(
2452 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2453 IF_NAME(oi),
2454 lookup_msg(ospf_auth_type_str,
2455 iface_auth_type, NULL));
2456 return 0;
2457 }
2458 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2459 OSPF_AUTH_SIMPLE_SIZE)) {
2460 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2461 zlog_warn("interface %s: Simple auth failed",
2462 IF_NAME(oi));
2463 return 0;
2464 }
2465 if (!ospf_check_sum(ospfh)) {
2466 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2467 zlog_warn(
2468 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2469 IF_NAME(oi),
2470 inet_ntoa(ospfh->router_id));
2471 return 0;
2472 }
2473 return 1;
2474 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2475 if (OSPF_AUTH_CRYPTOGRAPHIC
2476 != (iface_auth_type = ospf_auth_type(oi))) {
2477 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2478 zlog_warn(
2479 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2480 IF_NAME(oi),
2481 lookup_msg(ospf_auth_type_str,
2482 iface_auth_type, NULL));
2483 return 0;
2484 }
2485 if (ospfh->checksum) {
2486 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2487 zlog_warn(
2488 "interface %s: OSPF header checksum is not 0",
2489 IF_NAME(oi));
2490 return 0;
2491 }
2492 /* only MD5 crypto method can pass ospf_packet_examin() */
2493 if (NULL == (ck = listgetdata(
2494 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2495 || ospfh->u.crypt.key_id != ck->key_id ||
2496 /* Condition above uses the last key ID on the list,
2497 which is
2498 different from what ospf_crypt_key_lookup() does. A
2499 bug? */
2500 !ospf_check_md5_digest(oi, ospfh)) {
2501 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2502 zlog_warn("interface %s: MD5 auth failed",
2503 IF_NAME(oi));
2504 return 0;
2505 }
2506 return 1;
2507 default:
2508 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
2509 zlog_warn(
2510 "interface %s: invalid packet auth-type (%02x)",
2511 IF_NAME(oi), pkt_auth_type);
2512 return 0;
2513 }
2514 }
2515
2516 static int ospf_check_sum(struct ospf_header *ospfh)
2517 {
2518 uint32_t ret;
2519 uint16_t sum;
2520
2521 /* clear auth_data for checksum. */
2522 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2523
2524 /* keep checksum and clear. */
2525 sum = ospfh->checksum;
2526 memset(&ospfh->checksum, 0, sizeof(uint16_t));
2527
2528 /* calculate checksum. */
2529 ret = in_cksum(ospfh, ntohs(ospfh->length));
2530
2531 if (ret != sum) {
2532 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2533 ret, sum);
2534 return 0;
2535 }
2536
2537 return 1;
2538 }
2539
2540 /* Verify, that given link/TOS records are properly sized/aligned and match
2541 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
2542 static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
2543 uint16_t linkbytes,
2544 const uint16_t num_links)
2545 {
2546 unsigned counted_links = 0, thislinklen;
2547
2548 while (linkbytes) {
2549 thislinklen =
2550 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2551 if (thislinklen > linkbytes) {
2552 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2553 zlog_debug("%s: length error in link block #%u",
2554 __func__, counted_links);
2555 return MSG_NG;
2556 }
2557 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2558 linkbytes -= thislinklen;
2559 counted_links++;
2560 }
2561 if (counted_links != num_links) {
2562 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2563 zlog_debug("%s: %u link blocks declared, %u present",
2564 __func__, num_links, counted_links);
2565 return MSG_NG;
2566 }
2567 return MSG_OK;
2568 }
2569
2570 /* Verify, that the given LSA is properly sized/aligned (including type-specific
2571 minimum length constraint). */
2572 static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2573 const uint8_t headeronly)
2574 {
2575 unsigned ret;
2576 struct router_lsa *rlsa;
2577 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2578 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2579 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2580 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2581 lookup_msg(ospf_lsa_type_msg, lsah->type,
2582 NULL));
2583 return MSG_NG;
2584 }
2585 switch (lsah->type) {
2586 case OSPF_ROUTER_LSA:
2587 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2588 * (12+)-byte link blocks */
2589 if (headeronly) {
2590 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2591 - OSPF_ROUTER_LSA_MIN_SIZE)
2592 % 4
2593 ? MSG_NG
2594 : MSG_OK;
2595 break;
2596 }
2597 rlsa = (struct router_lsa *)lsah;
2598 ret = ospf_router_lsa_links_examin(
2599 (struct router_lsa_link *)rlsa->link,
2600 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2601 header, "flags",
2602 0, "# links" */
2603 ntohs(rlsa->links) /* 16 bits */
2604 );
2605 break;
2606 case OSPF_AS_EXTERNAL_LSA:
2607 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2608 * blocks */
2609 case OSPF_AS_NSSA_LSA:
2610 /* RFC3101 C, idem */
2611 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2612 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2613 % 12
2614 ? MSG_NG
2615 : MSG_OK;
2616 break;
2617 /* Following LSA types are considered OK length-wise as soon as their
2618 * minimum
2619 * length constraint is met and length of the whole LSA is a multiple of
2620 * 4
2621 * (basic LSA header size is already a multiple of 4). */
2622 case OSPF_NETWORK_LSA:
2623 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2624 case OSPF_SUMMARY_LSA:
2625 case OSPF_ASBR_SUMMARY_LSA:
2626 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2627 * blocks */
2628 case OSPF_OPAQUE_LINK_LSA:
2629 case OSPF_OPAQUE_AREA_LSA:
2630 case OSPF_OPAQUE_AS_LSA:
2631 /* RFC5250 A.2, "some number of octets (of application-specific
2632 * data) padded to 32-bit alignment." This is considered
2633 * equivalent
2634 * to 4-byte alignment of all other LSA types, see
2635 * OSPF-ALIGNMENT.txt
2636 * file for the detailed analysis of this passage. */
2637 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2638 break;
2639 default:
2640 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2641 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2642 lsah->type);
2643 return MSG_NG;
2644 }
2645 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2646 zlog_debug("%s: alignment error in %s", __func__,
2647 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2648 return ret;
2649 }
2650
2651 /* Verify if the provided input buffer is a valid sequence of LSAs. This
2652 includes verification of LSA blocks length/alignment and dispatching
2653 of deeper-level checks. */
2654 static unsigned
2655 ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
2656 size_t length, const uint8_t headeronly,
2657 /* When declared_num_lsas is not 0, compare it to the real
2658 number of LSAs
2659 and treat the difference as an error. */
2660 const uint32_t declared_num_lsas)
2661 {
2662 uint32_t counted_lsas = 0;
2663
2664 while (length) {
2665 uint16_t lsalen;
2666 if (length < OSPF_LSA_HEADER_SIZE) {
2667 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2668 zlog_debug(
2669 "%s: undersized (%zu B) trailing (#%u) LSA header",
2670 __func__, length, counted_lsas);
2671 return MSG_NG;
2672 }
2673 /* save on ntohs() calls here and in the LSA validator */
2674 lsalen = ntohs(lsah->length);
2675 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2676 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2677 zlog_debug(
2678 "%s: malformed LSA header #%u, declared length is %u B",
2679 __func__, counted_lsas, lsalen);
2680 return MSG_NG;
2681 }
2682 if (headeronly) {
2683 /* less checks here and in ospf_lsa_examin() */
2684 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2685 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2686 zlog_debug(
2687 "%s: malformed header-only LSA #%u",
2688 __func__, counted_lsas);
2689 return MSG_NG;
2690 }
2691 lsah = (struct lsa_header *)((caddr_t)lsah
2692 + OSPF_LSA_HEADER_SIZE);
2693 length -= OSPF_LSA_HEADER_SIZE;
2694 } else {
2695 /* make sure the input buffer is deep enough before
2696 * further checks */
2697 if (lsalen > length) {
2698 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2699 zlog_debug(
2700 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2701 __func__, counted_lsas, lsalen,
2702 length);
2703 return MSG_NG;
2704 }
2705 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2706 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2707 zlog_debug("%s: malformed LSA #%u",
2708 __func__, counted_lsas);
2709 return MSG_NG;
2710 }
2711 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2712 length -= lsalen;
2713 }
2714 counted_lsas++;
2715 }
2716
2717 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2718 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2719 zlog_debug(
2720 "%s: #LSAs declared (%u) does not match actual (%u)",
2721 __func__, declared_num_lsas, counted_lsas);
2722 return MSG_NG;
2723 }
2724 return MSG_OK;
2725 }
2726
2727 /* Verify a complete OSPF packet for proper sizing/alignment. */
2728 static unsigned ospf_packet_examin(struct ospf_header *oh,
2729 const unsigned bytesonwire)
2730 {
2731 uint16_t bytesdeclared, bytesauth;
2732 unsigned ret;
2733 struct ospf_ls_update *lsupd;
2734
2735 /* Length, 1st approximation. */
2736 if (bytesonwire < OSPF_HEADER_SIZE) {
2737 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2738 zlog_debug("%s: undersized (%u B) packet", __func__,
2739 bytesonwire);
2740 return MSG_NG;
2741 }
2742 /* Now it is safe to access header fields. Performing length check,
2743 * allow
2744 * for possible extra bytes of crypto auth/padding, which are not
2745 * counted
2746 * in the OSPF header "length" field. */
2747 if (oh->version != OSPF_VERSION) {
2748 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2749 zlog_debug("%s: invalid (%u) protocol version",
2750 __func__, oh->version);
2751 return MSG_NG;
2752 }
2753 bytesdeclared = ntohs(oh->length);
2754 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2755 bytesauth = 0;
2756 else {
2757 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2758 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2759 zlog_debug(
2760 "%s: unsupported crypto auth length (%u B)",
2761 __func__, oh->u.crypt.auth_data_len);
2762 return MSG_NG;
2763 }
2764 bytesauth = OSPF_AUTH_MD5_SIZE;
2765 }
2766 if (bytesdeclared + bytesauth > bytesonwire) {
2767 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2768 zlog_debug(
2769 "%s: packet length error (%u real, %u+%u declared)",
2770 __func__, bytesonwire, bytesdeclared,
2771 bytesauth);
2772 return MSG_NG;
2773 }
2774 /* Length, 2nd approximation. The type-specific constraint is checked
2775 against declared length, not amount of bytes on wire. */
2776 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2777 && bytesdeclared
2778 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2779 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2780 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2781 bytesdeclared,
2782 lookup_msg(ospf_packet_type_str, oh->type,
2783 NULL));
2784 return MSG_NG;
2785 }
2786 switch (oh->type) {
2787 case OSPF_MSG_HELLO:
2788 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2789 followed
2790 by N>=0 router-IDs. */
2791 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2792 % 4
2793 ? MSG_NG
2794 : MSG_OK;
2795 break;
2796 case OSPF_MSG_DB_DESC:
2797 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2798 followed
2799 by N>=0 header-only LSAs. */
2800 ret = ospf_lsaseq_examin(
2801 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2802 + OSPF_DB_DESC_MIN_SIZE),
2803 bytesdeclared - OSPF_HEADER_SIZE
2804 - OSPF_DB_DESC_MIN_SIZE,
2805 1, /* header-only LSAs */
2806 0);
2807 break;
2808 case OSPF_MSG_LS_REQ:
2809 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2810 * request blocks. */
2811 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2812 % OSPF_LSA_KEY_SIZE
2813 ? MSG_NG
2814 : MSG_OK;
2815 break;
2816 case OSPF_MSG_LS_UPD:
2817 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2818 followed
2819 by N>=0 full LSAs (with N declared beforehand). */
2820 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2821 + OSPF_HEADER_SIZE);
2822 ret = ospf_lsaseq_examin(
2823 (struct lsa_header *)((caddr_t)lsupd
2824 + OSPF_LS_UPD_MIN_SIZE),
2825 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2826 0, /* full LSAs */
2827 ntohl(lsupd->num_lsas) /* 32 bits */
2828 );
2829 break;
2830 case OSPF_MSG_LS_ACK:
2831 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2832 * LSAs. */
2833 ret = ospf_lsaseq_examin(
2834 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2835 + OSPF_LS_ACK_MIN_SIZE),
2836 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2837 1, /* header-only LSAs */
2838 0);
2839 break;
2840 default:
2841 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2842 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2843 oh->type);
2844 return MSG_NG;
2845 }
2846 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2847 zlog_debug("%s: malformed %s packet", __func__,
2848 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2849 return ret;
2850 }
2851
2852 /* OSPF Header verification. */
2853 static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2854 struct ip *iph, struct ospf_header *ospfh)
2855 {
2856 /* Check Area ID. */
2857 if (!ospf_check_area_id(oi, ospfh)) {
2858 zlog_warn("interface %s: ospf_read invalid Area ID %s.",
2859 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2860 return -1;
2861 }
2862
2863 /* Check network mask, Silently discarded. */
2864 if (!ospf_check_network_mask(oi, iph->ip_src)) {
2865 zlog_warn(
2866 "interface %s: ospf_read network address is not same [%s]",
2867 IF_NAME(oi), inet_ntoa(iph->ip_src));
2868 return -1;
2869 }
2870
2871 /* Check authentication. The function handles logging actions, where
2872 * required. */
2873 if (!ospf_check_auth(oi, ospfh))
2874 return -1;
2875
2876 return 0;
2877 }
2878
2879 /* Starting point of packet process function. */
2880 int ospf_read(struct thread *thread)
2881 {
2882 int ret;
2883 struct stream *ibuf;
2884 struct ospf *ospf;
2885 struct ospf_interface *oi;
2886 struct ip *iph;
2887 struct ospf_header *ospfh;
2888 uint16_t length;
2889 struct interface *ifp = NULL;
2890 struct connected *c;
2891
2892 /* first of all get interface pointer. */
2893 ospf = THREAD_ARG(thread);
2894
2895 /* prepare for next packet. */
2896 ospf->t_read = NULL;
2897 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2898
2899 stream_reset(ospf->ibuf);
2900 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2901 if (ibuf == NULL)
2902 return -1;
2903 /* This raw packet is known to be at least as big as its IP header. */
2904
2905 /* Note that there should not be alignment problems with this assignment
2906 because this is at the beginning of the stream data buffer. */
2907 iph = (struct ip *)STREAM_DATA(ibuf);
2908 /* Note that sockopt_iphdrincl_swab_systoh was called in
2909 * ospf_recv_packet. */
2910
2911 if (ifp == NULL) {
2912 /* Handle cases where the platform does not support retrieving
2913 the ifindex,
2914 and also platforms (such as Solaris 8) that claim to support
2915 ifindex
2916 retrieval but do not. */
2917 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2918 ospf->vrf_id);
2919 if (c)
2920 ifp = c->ifp;
2921 if (ifp == NULL)
2922 return 0;
2923 }
2924
2925 /* IP Header dump. */
2926 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2927 ospf_ip_header_dump(iph);
2928
2929 /* Self-originated packet should be discarded silently. */
2930 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2931 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2932 zlog_debug(
2933 "ospf_read[%s]: Dropping self-originated packet",
2934 inet_ntoa(iph->ip_src));
2935 }
2936 return 0;
2937 }
2938
2939 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2940 by ospf_recv_packet() to be correct). */
2941 stream_forward_getp(ibuf, iph->ip_hl * 4);
2942
2943 ospfh = (struct ospf_header *)stream_pnt(ibuf);
2944 if (MSG_OK
2945 != ospf_packet_examin(
2946 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
2947 return -1;
2948 /* Now it is safe to access all fields of OSPF packet header. */
2949
2950 /* associate packet with ospf interface */
2951 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2952
2953 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2954 only
2955 after the passive/backbone/other checks below are passed. These
2956 checks
2957 in turn access the fields of unverified "ospfh" structure for their
2958 own
2959 purposes and must remain very accurate in doing this. */
2960
2961 /* If incoming interface is passive one, ignore it. */
2962 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
2963 char buf[3][INET_ADDRSTRLEN];
2964
2965 if (IS_DEBUG_OSPF_EVENT)
2966 zlog_debug(
2967 "ignoring packet from router %s sent to %s, "
2968 "received on a passive interface, %s",
2969 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
2970 sizeof(buf[0])),
2971 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
2972 sizeof(buf[1])),
2973 inet_ntop(AF_INET, &oi->address->u.prefix4,
2974 buf[2], sizeof(buf[2])));
2975
2976 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
2977 /* Try to fix multicast membership.
2978 * Some OS:es may have problems in this area,
2979 * make sure it is removed.
2980 */
2981 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
2982 ospf_if_set_multicast(oi);
2983 }
2984 return 0;
2985 }
2986
2987
2988 /* if no local ospf_interface,
2989 * or header area is backbone but ospf_interface is not
2990 * check for VLINK interface
2991 */
2992 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
2993 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
2994 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
2995 == NULL) {
2996 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
2997 zlog_debug(
2998 "Packet from [%s] received on link %s"
2999 " but no ospf_interface",
3000 inet_ntoa(iph->ip_src), ifp->name);
3001 return 0;
3002 }
3003 }
3004
3005 /* else it must be a local ospf interface, check it was received on
3006 * correct link
3007 */
3008 else if (oi->ifp != ifp) {
3009 if (IS_DEBUG_OSPF_EVENT)
3010 zlog_warn("Packet from [%s] received on wrong link %s",
3011 inet_ntoa(iph->ip_src), ifp->name);
3012 return 0;
3013 } else if (oi->state == ISM_Down) {
3014 char buf[2][INET_ADDRSTRLEN];
3015 zlog_warn(
3016 "Ignoring packet from %s to %s received on interface that is "
3017 "down [%s]; interface flags are %s",
3018 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3019 sizeof(buf[0])),
3020 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3021 sizeof(buf[1])),
3022 ifp->name, if_flag_dump(ifp->flags));
3023 /* Fix multicast memberships? */
3024 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3025 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3026 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3027 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3028 if (oi->multicast_memberships)
3029 ospf_if_set_multicast(oi);
3030 return 0;
3031 }
3032
3033 /*
3034 * If the received packet is destined for AllDRouters, the packet
3035 * should be accepted only if the received ospf interface state is
3036 * either DR or Backup -- endo.
3037 */
3038 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3039 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3040 zlog_warn(
3041 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3042 inet_ntoa(iph->ip_src), IF_NAME(oi),
3043 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3044 /* Try to fix multicast membership. */
3045 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3046 ospf_if_set_multicast(oi);
3047 return 0;
3048 }
3049
3050 /* Verify more OSPF header fields. */
3051 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3052 if (ret < 0) {
3053 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3054 zlog_debug(
3055 "ospf_read[%s]: Header check failed, "
3056 "dropping.",
3057 inet_ntoa(iph->ip_src));
3058 return ret;
3059 }
3060
3061 /* Show debug receiving packet. */
3062 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3063 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3064 zlog_debug(
3065 "-----------------------------------------------------");
3066 ospf_packet_dump(ibuf);
3067 }
3068
3069 zlog_debug("%s received from [%s] via [%s]",
3070 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3071 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3072 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3073 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3074
3075 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3076 zlog_debug(
3077 "-----------------------------------------------------");
3078 }
3079
3080 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3081
3082 /* Adjust size to message length. */
3083 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3084
3085 /* Read rest of the packet and call each sort of packet routine. */
3086 switch (ospfh->type) {
3087 case OSPF_MSG_HELLO:
3088 ospf_hello(iph, ospfh, ibuf, oi, length);
3089 break;
3090 case OSPF_MSG_DB_DESC:
3091 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3092 break;
3093 case OSPF_MSG_LS_REQ:
3094 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3095 break;
3096 case OSPF_MSG_LS_UPD:
3097 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3098 break;
3099 case OSPF_MSG_LS_ACK:
3100 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3101 break;
3102 default:
3103 zlog_warn("interface %s: OSPF packet header type %d is illegal",
3104 IF_NAME(oi), ospfh->type);
3105 break;
3106 }
3107
3108 return 0;
3109 }
3110
3111 /* Make OSPF header. */
3112 static void ospf_make_header(int type, struct ospf_interface *oi,
3113 struct stream *s)
3114 {
3115 struct ospf_header *ospfh;
3116
3117 ospfh = (struct ospf_header *)STREAM_DATA(s);
3118
3119 ospfh->version = (uint8_t)OSPF_VERSION;
3120 ospfh->type = (uint8_t)type;
3121
3122 ospfh->router_id = oi->ospf->router_id;
3123
3124 ospfh->checksum = 0;
3125 ospfh->area_id = oi->area->area_id;
3126 ospfh->auth_type = htons(ospf_auth_type(oi));
3127
3128 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
3129
3130 stream_forward_endp(s, OSPF_HEADER_SIZE);
3131 }
3132
3133 /* Make Authentication Data. */
3134 static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3135 {
3136 struct crypt_key *ck;
3137
3138 switch (ospf_auth_type(oi)) {
3139 case OSPF_AUTH_NULL:
3140 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3141 */
3142 break;
3143 case OSPF_AUTH_SIMPLE:
3144 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3145 OSPF_AUTH_SIMPLE_SIZE);
3146 break;
3147 case OSPF_AUTH_CRYPTOGRAPHIC:
3148 /* If key is not set, then set 0. */
3149 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3150 ospfh->u.crypt.zero = 0;
3151 ospfh->u.crypt.key_id = 0;
3152 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3153 } else {
3154 ck = listgetdata(
3155 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3156 ospfh->u.crypt.zero = 0;
3157 ospfh->u.crypt.key_id = ck->key_id;
3158 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3159 }
3160 /* note: the seq is done in ospf_make_md5_digest() */
3161 break;
3162 default:
3163 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3164 */
3165 break;
3166 }
3167
3168 return 0;
3169 }
3170
3171 /* Fill rest of OSPF header. */
3172 static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
3173 uint16_t length)
3174 {
3175 struct ospf_header *ospfh;
3176
3177 ospfh = (struct ospf_header *)STREAM_DATA(s);
3178
3179 /* Fill length. */
3180 ospfh->length = htons(length);
3181
3182 /* Calculate checksum. */
3183 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3184 ospfh->checksum = in_cksum(ospfh, length);
3185 else
3186 ospfh->checksum = 0;
3187
3188 /* Add Authentication Data. */
3189 ospf_make_auth(oi, ospfh);
3190 }
3191
3192 static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3193 {
3194 struct ospf_neighbor *nbr;
3195 struct route_node *rn;
3196 uint16_t length = OSPF_HELLO_MIN_SIZE;
3197 struct in_addr mask;
3198 unsigned long p;
3199 int flag = 0;
3200
3201 /* Set netmask of interface. */
3202 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3203 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3204 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3205 masklen2ip(oi->address->prefixlen, &mask);
3206 else
3207 memset((char *)&mask, 0, sizeof(struct in_addr));
3208 stream_put_ipv4(s, mask.s_addr);
3209
3210 /* Set Hello Interval. */
3211 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3212 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3213 else
3214 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3215
3216 if (IS_DEBUG_OSPF_EVENT)
3217 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3218 IF_NAME(oi));
3219
3220 /* Set Options. */
3221 stream_putc(s, OPTIONS(oi));
3222
3223 /* Set Router Priority. */
3224 stream_putc(s, PRIORITY(oi));
3225
3226 /* Set Router Dead Interval. */
3227 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3228
3229 /* Set Designated Router. */
3230 stream_put_ipv4(s, DR(oi).s_addr);
3231
3232 p = stream_get_endp(s);
3233
3234 /* Set Backup Designated Router. */
3235 stream_put_ipv4(s, BDR(oi).s_addr);
3236
3237 /* Add neighbor seen. */
3238 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3239 if ((nbr = rn->info))
3240 if (nbr->router_id.s_addr
3241 != 0) /* Ignore 0.0.0.0 node. */
3242 if (nbr->state
3243 != NSM_Attempt) /* Ignore Down neighbor. */
3244 if (nbr->state
3245 != NSM_Down) /* This is myself for
3246 DR election. */
3247 if (!IPV4_ADDR_SAME(
3248 &nbr->router_id,
3249 &oi->ospf->router_id)) {
3250 /* Check neighbor is
3251 * sane? */
3252 if (nbr->d_router.s_addr
3253 != 0
3254 && IPV4_ADDR_SAME(
3255 &nbr->d_router,
3256 &oi->address
3257 ->u
3258 .prefix4)
3259 && IPV4_ADDR_SAME(
3260 &nbr->bd_router,
3261 &oi->address
3262 ->u
3263 .prefix4))
3264 flag = 1;
3265
3266 stream_put_ipv4(
3267 s,
3268 nbr->router_id
3269 .s_addr);
3270 length += 4;
3271 }
3272
3273 /* Let neighbor generate BackupSeen. */
3274 if (flag == 1)
3275 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3276
3277 return length;
3278 }
3279
3280 static int ospf_make_db_desc(struct ospf_interface *oi,
3281 struct ospf_neighbor *nbr, struct stream *s)
3282 {
3283 struct ospf_lsa *lsa;
3284 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3285 uint8_t options;
3286 unsigned long pp;
3287 int i;
3288 struct ospf_lsdb *lsdb;
3289
3290 /* Set Interface MTU. */
3291 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3292 stream_putw(s, 0);
3293 else
3294 stream_putw(s, oi->ifp->mtu);
3295
3296 /* Set Options. */
3297 options = OPTIONS(oi);
3298 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3299 SET_FLAG(options, OSPF_OPTION_O);
3300 stream_putc(s, options);
3301
3302 /* DD flags */
3303 pp = stream_get_endp(s);
3304 stream_putc(s, nbr->dd_flags);
3305
3306 /* Set DD Sequence Number. */
3307 stream_putl(s, nbr->dd_seqnum);
3308
3309 /* shortcut unneeded walk of (empty) summary LSDBs */
3310 if (ospf_db_summary_isempty(nbr))
3311 goto empty;
3312
3313 /* Describe LSA Header from Database Summary List. */
3314 lsdb = &nbr->db_sum;
3315
3316 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3317 struct route_table *table = lsdb->type[i].db;
3318 struct route_node *rn;
3319
3320 for (rn = route_top(table); rn; rn = route_next(rn))
3321 if ((lsa = rn->info) != NULL) {
3322 if (IS_OPAQUE_LSA(lsa->data->type)
3323 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3324 /* Suppress advertising
3325 * opaque-informations. */
3326 /* Remove LSA from DB summary list. */
3327 ospf_lsdb_delete(lsdb, lsa);
3328 continue;
3329 }
3330
3331 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3332 struct lsa_header *lsah;
3333 uint16_t ls_age;
3334
3335 /* DD packet overflows interface MTU. */
3336 if (length + OSPF_LSA_HEADER_SIZE
3337 > ospf_packet_max(oi))
3338 break;
3339
3340 /* Keep pointer to LS age. */
3341 lsah = (struct lsa_header
3342 *)(STREAM_DATA(s)
3343 + stream_get_endp(
3344 s));
3345
3346 /* Proceed stream pointer. */
3347 stream_put(s, lsa->data,
3348 OSPF_LSA_HEADER_SIZE);
3349 length += OSPF_LSA_HEADER_SIZE;
3350
3351 /* Set LS age. */
3352 ls_age = LS_AGE(lsa);
3353 lsah->ls_age = htons(ls_age);
3354 }
3355
3356 /* Remove LSA from DB summary list. */
3357 ospf_lsdb_delete(lsdb, lsa);
3358 }
3359 }
3360
3361 /* Update 'More' bit */
3362 if (ospf_db_summary_isempty(nbr)) {
3363 empty:
3364 if (nbr->state >= NSM_Exchange) {
3365 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3366 /* Rewrite DD flags */
3367 stream_putc_at(s, pp, nbr->dd_flags);
3368 } else {
3369 assert(IS_SET_DD_M(nbr->dd_flags));
3370 }
3371 }
3372 return length;
3373 }
3374
3375 static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
3376 unsigned long delta, struct ospf_neighbor *nbr,
3377 struct ospf_lsa *lsa)
3378 {
3379 struct ospf_interface *oi;
3380
3381 oi = nbr->oi;
3382
3383 /* LS Request packet overflows interface MTU. */
3384 if (*length + delta > ospf_packet_max(oi))
3385 return 0;
3386
3387 stream_putl(s, lsa->data->type);
3388 stream_put_ipv4(s, lsa->data->id.s_addr);
3389 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
3390
3391 ospf_lsa_unlock(&nbr->ls_req_last);
3392 nbr->ls_req_last = ospf_lsa_lock(lsa);
3393
3394 *length += 12;
3395 return 1;
3396 }
3397
3398 static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3399 {
3400 struct ospf_lsa *lsa;
3401 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
3402 unsigned long delta = stream_get_endp(s) + 12;
3403 struct route_table *table;
3404 struct route_node *rn;
3405 int i;
3406 struct ospf_lsdb *lsdb;
3407
3408 lsdb = &nbr->ls_req;
3409
3410 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3411 table = lsdb->type[i].db;
3412 for (rn = route_top(table); rn; rn = route_next(rn))
3413 if ((lsa = (rn->info)) != NULL)
3414 if (ospf_make_ls_req_func(s, &length, delta,
3415 nbr, lsa)
3416 == 0) {
3417 route_unlock_node(rn);
3418 break;
3419 }
3420 }
3421 return length;
3422 }
3423
3424 static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3425 {
3426 int age;
3427
3428 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
3429
3430 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
3431 }
3432
3433 static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3434 struct stream *s)
3435 {
3436 struct ospf_lsa *lsa;
3437 struct listnode *node;
3438 uint16_t length = 0;
3439 unsigned int size_noauth;
3440 unsigned long delta = stream_get_endp(s);
3441 unsigned long pp;
3442 int count = 0;
3443
3444 if (IS_DEBUG_OSPF_EVENT)
3445 zlog_debug("ospf_make_ls_upd: Start");
3446
3447 pp = stream_get_endp(s);
3448 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3449 length += OSPF_LS_UPD_MIN_SIZE;
3450
3451 /* Calculate amount of packet usable for data. */
3452 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3453
3454 while ((node = listhead(update)) != NULL) {
3455 struct lsa_header *lsah;
3456 uint16_t ls_age;
3457
3458 if (IS_DEBUG_OSPF_EVENT)
3459 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3460 count);
3461
3462 lsa = listgetdata(node);
3463
3464 assert(lsa->data);
3465
3466 /* Will it fit? */
3467 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3468 break;
3469
3470 /* Keep pointer to LS age. */
3471 lsah = (struct lsa_header *)(STREAM_DATA(s)
3472 + stream_get_endp(s));
3473
3474 /* Put LSA to Link State Request. */
3475 stream_put(s, lsa->data, ntohs(lsa->data->length));
3476
3477 /* Set LS age. */
3478 /* each hop must increment an lsa_age by transmit_delay
3479 of OSPF interface */
3480 ls_age = ls_age_increment(lsa,
3481 OSPF_IF_PARAM(oi, transmit_delay));
3482 lsah->ls_age = htons(ls_age);
3483
3484 length += ntohs(lsa->data->length);
3485 count++;
3486
3487 list_delete_node(update, node);
3488 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3489 }
3490
3491 /* Now set #LSAs. */
3492 stream_putl_at(s, pp, count);
3493
3494 if (IS_DEBUG_OSPF_EVENT)
3495 zlog_debug("ospf_make_ls_upd: Stop");
3496 return length;
3497 }
3498
3499 static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3500 struct stream *s)
3501 {
3502 struct listnode *node, *nnode;
3503 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
3504 unsigned long delta = stream_get_endp(s) + 24;
3505 struct ospf_lsa *lsa;
3506
3507 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3508 assert(lsa);
3509
3510 if (length + delta > ospf_packet_max(oi))
3511 break;
3512
3513 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3514 length += OSPF_LSA_HEADER_SIZE;
3515
3516 listnode_delete(ack, lsa);
3517 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3518 }
3519
3520 return length;
3521 }
3522
3523 static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3524 {
3525 struct ospf_packet *op;
3526 uint16_t length = OSPF_HEADER_SIZE;
3527
3528 op = ospf_packet_new(oi->ifp->mtu);
3529
3530 /* Prepare OSPF common header. */
3531 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
3532
3533 /* Prepare OSPF Hello body. */
3534 length += ospf_make_hello(oi, op->s);
3535
3536 /* Fill OSPF header. */
3537 ospf_fill_header(oi, op->s, length);
3538
3539 /* Set packet length. */
3540 op->length = length;
3541
3542 op->dst.s_addr = addr;
3543
3544 if (IS_DEBUG_OSPF_EVENT) {
3545 if (oi->ospf->vrf_id)
3546 zlog_debug(
3547 "%s: Hello Tx interface %s ospf vrf %s id %u",
3548 __PRETTY_FUNCTION__, oi->ifp->name,
3549 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3550 oi->ospf->vrf_id);
3551 }
3552 /* Add packet to the top of the interface output queue, so that they
3553 * can't get delayed by things like long queues of LS Update packets
3554 */
3555 ospf_packet_add_top(oi, op);
3556
3557 /* Hook thread to write packet. */
3558 OSPF_ISM_WRITE_ON(oi->ospf);
3559 }
3560
3561 static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
3562 {
3563 struct ospf_interface *oi;
3564
3565 oi = nbr_nbma->oi;
3566 assert(oi);
3567
3568 /* If this is passive interface, do not send OSPF Hello. */
3569 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3570 return;
3571
3572 if (oi->type != OSPF_IFTYPE_NBMA)
3573 return;
3574
3575 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3576 return;
3577
3578 if (PRIORITY(oi) == 0)
3579 return;
3580
3581 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3582 && oi->state != ISM_Backup)
3583 return;
3584
3585 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
3586 }
3587
3588 int ospf_poll_timer(struct thread *thread)
3589 {
3590 struct ospf_nbr_nbma *nbr_nbma;
3591
3592 nbr_nbma = THREAD_ARG(thread);
3593 nbr_nbma->t_poll = NULL;
3594
3595 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3596 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3597 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
3598
3599 ospf_poll_send(nbr_nbma);
3600
3601 if (nbr_nbma->v_poll > 0)
3602 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3603 nbr_nbma->v_poll);
3604
3605 return 0;
3606 }
3607
3608
3609 int ospf_hello_reply_timer(struct thread *thread)
3610 {
3611 struct ospf_neighbor *nbr;
3612
3613 nbr = THREAD_ARG(thread);
3614 nbr->t_hello_reply = NULL;
3615
3616 assert(nbr->oi);
3617
3618 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3619 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3620 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
3621
3622 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
3623
3624 return 0;
3625 }
3626
3627 /* Send OSPF Hello. */
3628 void ospf_hello_send(struct ospf_interface *oi)
3629 {
3630 /* If this is passive interface, do not send OSPF Hello. */
3631 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3632 return;
3633
3634 if (oi->type == OSPF_IFTYPE_NBMA) {
3635 struct ospf_neighbor *nbr;
3636 struct route_node *rn;
3637
3638 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3639 if ((nbr = rn->info))
3640 if (nbr != oi->nbr_self)
3641 if (nbr->state != NSM_Down) {
3642 /* RFC 2328 Section 9.5.1
3643 If the router is not
3644 eligible to become Designated
3645 Router,
3646 it must periodically send
3647 Hello Packets to both the
3648 Designated Router and the
3649 Backup Designated Router (if
3650 they
3651 exist). */
3652 if (PRIORITY(oi) == 0
3653 && IPV4_ADDR_CMP(
3654 &DR(oi),
3655 &nbr->address.u
3656 .prefix4)
3657 && IPV4_ADDR_CMP(
3658 &BDR(oi),
3659 &nbr->address.u
3660 .prefix4))
3661 continue;
3662
3663 /* If the router is eligible to
3664 become Designated Router, it
3665 must periodically send Hello
3666 Packets to all neighbors that
3667 are also eligible. In
3668 addition, if the router is
3669 itself the
3670 Designated Router or Backup
3671 Designated Router, it must
3672 also
3673 send periodic Hello Packets
3674 to all other neighbors. */
3675
3676 if (nbr->priority == 0
3677 && oi->state == ISM_DROther)
3678 continue;
3679 /* if oi->state == Waiting, send
3680 * hello to all neighbors */
3681 ospf_hello_send_sub(
3682 oi,
3683 nbr->address.u.prefix4
3684 .s_addr);
3685 }
3686 } else {
3687 /* Decide destination address. */
3688 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3689 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3690 else
3691 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3692 }
3693 }
3694
3695 /* Send OSPF Database Description. */
3696 void ospf_db_desc_send(struct ospf_neighbor *nbr)
3697 {
3698 struct ospf_interface *oi;
3699 struct ospf_packet *op;
3700 uint16_t length = OSPF_HEADER_SIZE;
3701
3702 oi = nbr->oi;
3703 op = ospf_packet_new(oi->ifp->mtu);
3704
3705 /* Prepare OSPF common header. */
3706 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
3707
3708 /* Prepare OSPF Database Description body. */
3709 length += ospf_make_db_desc(oi, nbr, op->s);
3710
3711 /* Fill OSPF header. */
3712 ospf_fill_header(oi, op->s, length);
3713
3714 /* Set packet length. */
3715 op->length = length;
3716
3717 /* Decide destination address. */
3718 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3719 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3720 else
3721 op->dst = nbr->address.u.prefix4;
3722
3723 /* Add packet to the interface output queue. */
3724 ospf_packet_add(oi, op);
3725
3726 /* Hook thread to write packet. */
3727 OSPF_ISM_WRITE_ON(oi->ospf);
3728
3729 /* Remove old DD packet, then copy new one and keep in neighbor
3730 * structure. */
3731 if (nbr->last_send)
3732 ospf_packet_free(nbr->last_send);
3733 nbr->last_send = ospf_packet_dup(op);
3734 monotime(&nbr->last_send_ts);
3735 }
3736
3737 /* Re-send Database Description. */
3738 void ospf_db_desc_resend(struct ospf_neighbor *nbr)
3739 {
3740 struct ospf_interface *oi;
3741
3742 oi = nbr->oi;
3743
3744 /* Add packet to the interface output queue. */
3745 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
3746
3747 /* Hook thread to write packet. */
3748 OSPF_ISM_WRITE_ON(oi->ospf);
3749 }
3750
3751 /* Send Link State Request. */
3752 void ospf_ls_req_send(struct ospf_neighbor *nbr)
3753 {
3754 struct ospf_interface *oi;
3755 struct ospf_packet *op;
3756 uint16_t length = OSPF_HEADER_SIZE;
3757
3758 oi = nbr->oi;
3759 op = ospf_packet_new(oi->ifp->mtu);
3760
3761 /* Prepare OSPF common header. */
3762 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
3763
3764 /* Prepare OSPF Link State Request body. */
3765 length += ospf_make_ls_req(nbr, op->s);
3766 if (length == OSPF_HEADER_SIZE) {
3767 ospf_packet_free(op);
3768 return;
3769 }
3770
3771 /* Fill OSPF header. */
3772 ospf_fill_header(oi, op->s, length);
3773
3774 /* Set packet length. */
3775 op->length = length;
3776
3777 /* Decide destination address. */
3778 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3779 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3780 else
3781 op->dst = nbr->address.u.prefix4;
3782
3783 /* Add packet to the interface output queue. */
3784 ospf_packet_add(oi, op);
3785
3786 /* Hook thread to write packet. */
3787 OSPF_ISM_WRITE_ON(oi->ospf);
3788
3789 /* Add Link State Request Retransmission Timer. */
3790 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
3791 }
3792
3793 /* Send Link State Update with an LSA. */
3794 void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3795 int flag)
3796 {
3797 struct list *update;
3798
3799 update = list_new();
3800
3801 listnode_add(update, lsa);
3802
3803 /*ospf instance is going down, send self originated
3804 * MAXAGE LSA update to neighbors to remove from LSDB */
3805 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3806 ospf_ls_upd_send(nbr, update, flag, 1);
3807 else
3808 ospf_ls_upd_send(nbr, update, flag, 0);
3809
3810 list_delete_and_null(&update);
3811 }
3812
3813 /* Determine size for packet. Must be at least big enough to accomodate next
3814 * LSA on list, which may be bigger than MTU size.
3815 *
3816 * Return pointer to new ospf_packet
3817 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3818 * on packet sizes (in which case offending LSA is deleted from update list)
3819 */
3820 static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3821 struct ospf_interface *oi)
3822 {
3823 struct ospf_lsa *lsa;
3824 struct listnode *ln;
3825 size_t size;
3826 static char warned = 0;
3827
3828 lsa = listgetdata((ln = listhead(update)));
3829 assert(lsa->data);
3830
3831 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3832 > ospf_packet_max(oi)) {
3833 if (!warned) {
3834 zlog_warn(
3835 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3836 "will need to fragment. Not optimal. Try divide up"
3837 " your network with areas. Use 'debug ospf packet send'"
3838 " to see details, or look at 'show ip ospf database ..'");
3839 warned = 1;
3840 }
3841
3842 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3843 zlog_debug(
3844 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3845 " %d bytes originated by %s, will be fragmented!",
3846 inet_ntoa(lsa->data->id),
3847 ntohs(lsa->data->length),
3848 inet_ntoa(lsa->data->adv_router));
3849
3850 /*
3851 * Allocate just enough to fit this LSA only, to avoid including
3852 * other
3853 * LSAs in fragmented LSA Updates.
3854 */
3855 size = ntohs(lsa->data->length)
3856 + (oi->ifp->mtu - ospf_packet_max(oi))
3857 + OSPF_LS_UPD_MIN_SIZE;
3858 } else
3859 size = oi->ifp->mtu;
3860
3861 if (size > OSPF_MAX_PACKET_SIZE) {
3862 zlog_warn(
3863 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3864 " %d bytes, packet size %ld, dropping it completely."
3865 " OSPF routing is broken!",
3866 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3867 (long int)size);
3868 list_delete_node(update, ln);
3869 return NULL;
3870 }
3871
3872 /* IP header is built up separately by ospf_write(). This means, that we
3873 * must
3874 * reduce the "affordable" size just calculated by length of an IP
3875 * header.
3876 * This makes sure, that even if we manage to fill the payload with LSA
3877 * data
3878 * completely, the final packet (our data plus IP header) still fits
3879 * into
3880 * outgoing interface MTU. This correction isn't really meaningful for
3881 * an
3882 * oversized LSA, but for consistency the correction is done for both
3883 * cases.
3884 *
3885 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3886 */
3887 return ospf_packet_new(size - sizeof(struct ip));
3888 }
3889
3890 static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
3891 struct list *update, struct in_addr addr,
3892 int send_lsupd_now)
3893 {
3894 struct ospf_packet *op;
3895 uint16_t length = OSPF_HEADER_SIZE;
3896
3897 if (IS_DEBUG_OSPF_EVENT)
3898 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3899 IF_NAME(oi), inet_ntoa(addr));
3900
3901 /* Check that we have really something to process */
3902 if (listcount(update) == 0)
3903 return;
3904
3905 op = ospf_ls_upd_packet_new(update, oi);
3906
3907 /* Prepare OSPF common header. */
3908 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
3909
3910 /* Prepare OSPF Link State Update body.
3911 * Includes Type-7 translation.
3912 */
3913 length += ospf_make_ls_upd(oi, update, op->s);
3914
3915 /* Fill OSPF header. */
3916 ospf_fill_header(oi, op->s, length);
3917
3918 /* Set packet length. */
3919 op->length = length;
3920
3921 /* Decide destination address. */
3922 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3923 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3924 else
3925 op->dst.s_addr = addr.s_addr;
3926
3927 /* Add packet to the interface output queue. */
3928 ospf_packet_add(oi, op);
3929 /* Call ospf_write() right away to send ospf packets to neighbors */
3930 if (send_lsupd_now) {
3931 struct thread os_packet_thd;
3932
3933 os_packet_thd.arg = (void *)oi->ospf;
3934 if (oi->on_write_q == 0) {
3935 listnode_add(oi->ospf->oi_write_q, oi);
3936 oi->on_write_q = 1;
3937 }
3938 ospf_write(&os_packet_thd);
3939 } else {
3940 /* Hook thread to write packet. */
3941 OSPF_ISM_WRITE_ON(oi->ospf);
3942 }
3943 }
3944
3945 static int ospf_ls_upd_send_queue_event(struct thread *thread)
3946 {
3947 struct ospf_interface *oi = THREAD_ARG(thread);
3948 struct route_node *rn;
3949 struct route_node *rnext;
3950 struct list *update;
3951 char again = 0;
3952
3953 oi->t_ls_upd_event = NULL;
3954
3955 if (IS_DEBUG_OSPF_EVENT)
3956 zlog_debug("ospf_ls_upd_send_queue start");
3957
3958 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
3959 rnext = route_next(rn);
3960
3961 if (rn->info == NULL)
3962 continue;
3963
3964 update = (struct list *)rn->info;
3965
3966 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
3967
3968 /* list might not be empty. */
3969 if (listcount(update) == 0) {
3970 list_delete_and_null((struct list **)&rn->info);
3971 route_unlock_node(rn);
3972 } else
3973 again = 1;
3974 }
3975
3976 if (again != 0) {
3977 if (IS_DEBUG_OSPF_EVENT)
3978 zlog_debug(
3979 "ospf_ls_upd_send_queue: update lists not cleared,"
3980 " %d nodes to try again, raising new event",
3981 again);
3982 oi->t_ls_upd_event = NULL;
3983 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
3984 &oi->t_ls_upd_event);
3985 }
3986
3987 if (IS_DEBUG_OSPF_EVENT)
3988 zlog_debug("ospf_ls_upd_send_queue stop");
3989
3990 return 0;
3991 }
3992
3993 void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
3994 int send_lsupd_now)
3995 {
3996 struct ospf_interface *oi;
3997 struct ospf_lsa *lsa;
3998 struct prefix_ipv4 p;
3999 struct route_node *rn;
4000 struct listnode *node;
4001
4002 oi = nbr->oi;
4003
4004 p.family = AF_INET;
4005 p.prefixlen = IPV4_MAX_BITLEN;
4006
4007 /* Decide destination address. */
4008 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4009 p.prefix = oi->vl_data->peer_addr;
4010 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4011 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4012 else if (flag == OSPF_SEND_PACKET_DIRECT)
4013 p.prefix = nbr->address.u.prefix4;
4014 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4015 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4016 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4017 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4018 else
4019 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4020
4021 if (oi->type == OSPF_IFTYPE_NBMA) {
4022 if (flag == OSPF_SEND_PACKET_INDIRECT)
4023 zlog_warn(
4024 "* LS-Update is directly sent on NBMA network.");
4025 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
4026 zlog_warn("* LS-Update is sent to myself.");
4027 }
4028
4029 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4030
4031 if (rn->info == NULL)
4032 rn->info = list_new();
4033 else
4034 route_unlock_node(rn);
4035
4036 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4037 listnode_add(rn->info,
4038 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
4039 if (send_lsupd_now) {
4040 struct list *send_update_list;
4041 struct route_node *rn, *rnext;
4042
4043 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4044 rnext = route_next(rn);
4045
4046 if (rn->info == NULL)
4047 continue;
4048
4049 send_update_list = (struct list *)rn->info;
4050
4051 ospf_ls_upd_queue_send(oi, send_update_list,
4052 rn->p.u.prefix4, 1);
4053 }
4054 } else
4055 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4056 &oi->t_ls_upd_event);
4057 }
4058
4059 static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4060 struct in_addr dst)
4061 {
4062 struct ospf_packet *op;
4063 uint16_t length = OSPF_HEADER_SIZE;
4064
4065 op = ospf_packet_new(oi->ifp->mtu);
4066
4067 /* Prepare OSPF common header. */
4068 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4069
4070 /* Prepare OSPF Link State Acknowledgment body. */
4071 length += ospf_make_ls_ack(oi, ack, op->s);
4072
4073 /* Fill OSPF header. */
4074 ospf_fill_header(oi, op->s, length);
4075
4076 /* Set packet length. */
4077 op->length = length;
4078
4079 /* Decide destination address. */
4080 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4081 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4082 else
4083 op->dst.s_addr = dst.s_addr;
4084
4085 /* Add packet to the interface output queue. */
4086 ospf_packet_add(oi, op);
4087
4088 /* Hook thread to write packet. */
4089 OSPF_ISM_WRITE_ON(oi->ospf);
4090 }
4091
4092 static int ospf_ls_ack_send_event(struct thread *thread)
4093 {
4094 struct ospf_interface *oi = THREAD_ARG(thread);
4095
4096 oi->t_ls_ack_direct = NULL;
4097
4098 while (listcount(oi->ls_ack_direct.ls_ack))
4099 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4100 oi->ls_ack_direct.dst);
4101
4102 return 0;
4103 }
4104
4105 void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4106 {
4107 struct ospf_interface *oi = nbr->oi;
4108
4109 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4110 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4111
4112 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4113
4114 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4115 &oi->t_ls_ack_direct);
4116 }
4117
4118 /* Send Link State Acknowledgment delayed. */
4119 void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4120 {
4121 struct in_addr dst;
4122
4123 /* Decide destination address. */
4124 /* RFC2328 Section 13.5 On non-broadcast
4125 networks, delayed Link State Acknowledgment packets must be
4126 unicast separately over each adjacency (i.e., neighbor whose
4127 state is >= Exchange). */
4128 if (oi->type == OSPF_IFTYPE_NBMA) {
4129 struct ospf_neighbor *nbr;
4130 struct route_node *rn;
4131
4132 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4133 if ((nbr = rn->info) != NULL)
4134 if (nbr != oi->nbr_self
4135 && nbr->state >= NSM_Exchange)
4136 while (listcount(oi->ls_ack))
4137 ospf_ls_ack_send_list(
4138 oi, oi->ls_ack,
4139 nbr->address.u.prefix4);
4140 return;
4141 }
4142 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4143 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4144 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4145 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4146 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4147 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4148 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4149 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4150 else
4151 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4152
4153 while (listcount(oi->ls_ack))
4154 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
4155 }
4156
4157 /*
4158 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4159 * address. As a result, the kernel does not need to learn the interface
4160 * MAC of the OSPF neighbor. However, in our world, this will delay
4161 * convergence. Take the case when due to a link flap, all routes now
4162 * want to use an interface which was deemed to be costlier prior to this
4163 * event. For routes that will be installed, the missing MAC will have
4164 * punt-to-CPU set on them. This may overload the CPU control path that
4165 * can be avoided if the MAC was known apriori.
4166 */
4167 #define OSPF_PING_NBR_STR_MAX (BUFSIZ)
4168 void ospf_proactively_arp(struct ospf_neighbor *nbr)
4169 {
4170 char ping_nbr[OSPF_PING_NBR_STR_MAX];
4171 int ret;
4172
4173 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4174 return;
4175
4176 snprintf(ping_nbr, sizeof(ping_nbr),
4177 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4178 inet_ntoa(nbr->address.u.prefix4));
4179
4180 ret = system(ping_nbr);
4181 if (IS_DEBUG_OSPF_EVENT)
4182 zlog_debug("Executed %s %s", ping_nbr,
4183 ((ret == 0) ? "successfully" : "but failed"));
4184 }
FRRouting mirror