]> git.proxmox.com Git - mirror_frr.git/blame - isisd/isis_pdu.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
isisd: do remove ipv6 routes from Zebra
[mirror_frr.git] / isisd / isis_pdu.c
CommitLineData
eb5d44eb 1/*
2 * IS-IS Rout(e)ing protocol - isis_pdu.c
3 * PDU processing
4 *
5 * Copyright (C) 2001,2002 Sampo Saaristo
6 * Tampere University of Technology
7 * Institute of Communications Engineering
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public Licenseas published by the Free
11 * Software Foundation; either version 2 of the License, or (at your option)
12 * any later version.
13 *
14 * This program is distributed in the hope that it will be useful,but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * more details.
18
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 */
23
eb5d44eb 24#include <zebra.h>
eb5d44eb 25
26#include "memory.h"
27#include "thread.h"
28#include "linklist.h"
29#include "log.h"
30#include "stream.h"
31#include "vty.h"
3f045a08 32#include "hash.h"
eb5d44eb 33#include "prefix.h"
34#include "if.h"
6a270cd9 35#include "checksum.h"
3f045a08 36#include "md5.h"
eb5d44eb 37
38#include "isisd/dict.h"
39#include "isisd/include-netbsd/iso.h"
40#include "isisd/isis_constants.h"
41#include "isisd/isis_common.h"
3f045a08 42#include "isisd/isis_flags.h"
eb5d44eb 43#include "isisd/isis_adjacency.h"
44#include "isisd/isis_circuit.h"
45#include "isisd/isis_network.h"
46#include "isisd/isis_misc.h"
47#include "isisd/isis_dr.h"
eb5d44eb 48#include "isisd/isis_tlv.h"
49#include "isisd/isisd.h"
50#include "isisd/isis_dynhn.h"
51#include "isisd/isis_lsp.h"
52#include "isisd/isis_pdu.h"
53#include "isisd/iso_checksum.h"
54#include "isisd/isis_csm.h"
55#include "isisd/isis_events.h"
56
eb5d44eb 57#define ISIS_MINIMUM_FIXED_HDR_LEN 15
f390d2c7 58#define ISIS_MIN_PDU_LEN 13 /* partial seqnum pdu with id_len=2 */
eb5d44eb 59
60#ifndef PNBBY
61#define PNBBY 8
62#endif /* PNBBY */
63
64/* Utility mask array. */
e38e0df0 65static u_char maskbit[] = {
eb5d44eb 66 0x00, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff
67};
68
69/*
70 * HELPER FUNCS
71 */
72
73/*
74 * Compares two sets of area addresses
75 */
f390d2c7 76static int
eb5d44eb 77area_match (struct list *left, struct list *right)
78{
79 struct area_addr *addr1, *addr2;
3fdb2dd9 80 struct listnode *node1, *node2;
eb5d44eb 81
3fdb2dd9 82 for (ALL_LIST_ELEMENTS_RO (left, node1, addr1))
f390d2c7 83 {
3fdb2dd9 84 for (ALL_LIST_ELEMENTS_RO (right, node2, addr2))
f390d2c7 85 {
86 if (addr1->addr_len == addr2->addr_len &&
87 !memcmp (addr1->area_addr, addr2->area_addr, (int) addr1->addr_len))
88 return 1; /* match */
eb5d44eb 89 }
90 }
91
f390d2c7 92 return 0; /* mismatch */
eb5d44eb 93}
94
95/*
96 * Check if ip2 is in the ip1's network (function like Prefix.h:prefix_match() )
97 * param ip1 the IS interface ip address structure
98 * param ip2 the IIH's ip address
99 * return 0 the IIH's IP is not in the IS's subnetwork
100 * 1 the IIH's IP is in the IS's subnetwork
101 */
92365889 102static int
f390d2c7 103ip_same_subnet (struct prefix_ipv4 *ip1, struct in_addr *ip2)
eb5d44eb 104{
105 u_char *addr1, *addr2;
53c997c9 106 int shift, offset, offsetloop;
eb5d44eb 107 int len;
f390d2c7 108
109 addr1 = (u_char *) & ip1->prefix.s_addr;
110 addr2 = (u_char *) & ip2->s_addr;
eb5d44eb 111 len = ip1->prefixlen;
112
113 shift = len % PNBBY;
53c997c9 114 offsetloop = offset = len / PNBBY;
eb5d44eb 115
53c997c9 116 while (offsetloop--)
117 if (addr1[offsetloop] != addr2[offsetloop])
118 return 0;
eb5d44eb 119
f390d2c7 120 if (shift)
53c997c9 121 if (maskbit[shift] & (addr1[offset] ^ addr2[offset]))
122 return 0;
eb5d44eb 123
f390d2c7 124 return 1; /* match */
125}
eb5d44eb 126
127/*
128 * Compares two set of ip addresses
129 * param left the local interface's ip addresses
130 * param right the iih interface's ip address
131 * return 0 no match;
132 * 1 match;
133 */
f390d2c7 134static int
eb5d44eb 135ip_match (struct list *left, struct list *right)
136{
137 struct prefix_ipv4 *ip1;
138 struct in_addr *ip2;
3fdb2dd9 139 struct listnode *node1, *node2;
eb5d44eb 140
e082ac1d 141 if ((left == NULL) || (right == NULL))
142 return 0;
143
3fdb2dd9 144 for (ALL_LIST_ELEMENTS_RO (left, node1, ip1))
f390d2c7 145 {
3fdb2dd9 146 for (ALL_LIST_ELEMENTS_RO (right, node2, ip2))
f390d2c7 147 {
148 if (ip_same_subnet (ip1, ip2))
149 {
150 return 1; /* match */
151 }
eb5d44eb 152 }
f390d2c7 153
eb5d44eb 154 }
155 return 0;
156}
157
158/*
159 * Checks whether we should accept a PDU of given level
160 */
161static int
162accept_level (int level, int circuit_t)
163{
f390d2c7 164 int retval = ((circuit_t & level) == level); /* simple approach */
eb5d44eb 165
166 return retval;
167}
168
3f045a08
JB		 169/*
170 * Verify authentication information
171 * Support cleartext and HMAC MD5 authentication
172 */
173static int
174authentication_check (struct isis_passwd *remote, struct isis_passwd *local,
175 struct stream *stream, uint32_t auth_tlv_offset)
eb5d44eb 176{
3f045a08
JB		 177 unsigned char digest[ISIS_AUTH_MD5_SIZE];
178
179 /* Auth fail () - passwd type mismatch */
180 if (local->type != remote->type)
181 return ISIS_ERROR;
182
183 switch (local->type)
184 {
185 /* No authentication required */
186 case ISIS_PASSWD_TYPE_UNUSED:
187 break;
188
189 /* Cleartext (ISO 10589) */
190 case ISIS_PASSWD_TYPE_CLEARTXT:
191 /* Auth fail () - passwd len mismatch */
192 if (remote->len != local->len)
193 return ISIS_ERROR;
194 return memcmp (local->passwd, remote->passwd, local->len);
195
196 /* HMAC MD5 (RFC 3567) */
197 case ISIS_PASSWD_TYPE_HMAC_MD5:
198 /* Auth fail () - passwd len mismatch */
199 if (remote->len != ISIS_AUTH_MD5_SIZE)
200 return ISIS_ERROR;
201 /* Set the authentication value to 0 before the check */
202 memset (STREAM_DATA (stream) + auth_tlv_offset + 3, 0,
203 ISIS_AUTH_MD5_SIZE);
204 /* Compute the digest */
205 hmac_md5 (STREAM_DATA (stream), stream_get_endp (stream),
206 (unsigned char *) &(local->passwd), local->len,
207 (caddr_t) &digest);
208 /* Copy back the authentication value after the check */
209 memcpy (STREAM_DATA (stream) + auth_tlv_offset + 3,
210 remote->passwd, ISIS_AUTH_MD5_SIZE);
211 return memcmp (digest, remote->passwd, ISIS_AUTH_MD5_SIZE);
212
213 default:
214 zlog_err ("Unsupported authentication type");
215 return ISIS_ERROR;
216 }
217
218 /* Authentication pass when no authentication is configured */
219 return ISIS_OK;
220}
221
222static int
223lsp_authentication_check (struct stream *stream, struct isis_area *area,
224 int level, struct isis_passwd *passwd)
225{
226 struct isis_link_state_hdr *hdr;
227 uint32_t expected = 0, found = 0, auth_tlv_offset = 0;
e38e0df0 228 uint16_t checksum, rem_lifetime, pdu_len;
3f045a08
JB		 229 struct tlvs tlvs;
230 int retval = ISIS_OK;
231
232 hdr = (struct isis_link_state_hdr *) (STREAM_PNT (stream));
e38e0df0 233 pdu_len = ntohs (hdr->pdu_len);
3f045a08
JB		 234 expected |= TLVFLAG_AUTH_INFO;
235 auth_tlv_offset = stream_get_getp (stream) + ISIS_LSP_HDR_LEN;
236 retval = parse_tlvs (area->area_tag, STREAM_PNT (stream) + ISIS_LSP_HDR_LEN,
e38e0df0 237 pdu_len - ISIS_FIXED_HDR_LEN - ISIS_LSP_HDR_LEN,
3f045a08
JB		 238 &expected, &found, &tlvs, &auth_tlv_offset);
239
240 if (retval != ISIS_OK)
241 {
242 zlog_err ("ISIS-Upd (%s): Parse failed L%d LSP %s, seq 0x%08x, "
243 "cksum 0x%04x, lifetime %us, len %u",
244 area->area_tag, level, rawlspid_print (hdr->lsp_id),
245 ntohl (hdr->seq_num), ntohs (hdr->checksum),
e38e0df0 246 ntohs (hdr->rem_lifetime), pdu_len);
3f045a08
JB		 247 if ((isis->debugs & DEBUG_UPDATE_PACKETS) &&
248 (isis->debugs & DEBUG_PACKET_DUMP))
249 zlog_dump_data (STREAM_DATA (stream), stream_get_endp (stream));
250 return retval;
251 }
252
253 if (!(found & TLVFLAG_AUTH_INFO))
f390d2c7 254 {
3f045a08
JB		 255 zlog_err ("No authentication tlv in LSP");
256 return ISIS_ERROR;
f390d2c7 257 }
3f045a08
JB		 258
259 if (tlvs.auth_info.type != ISIS_PASSWD_TYPE_CLEARTXT &&
260 tlvs.auth_info.type != ISIS_PASSWD_TYPE_HMAC_MD5)
f390d2c7 261 {
3f045a08
JB		 262 zlog_err ("Unknown authentication type in LSP");
263 return ISIS_ERROR;
f390d2c7 264 }
3f045a08
JB		 265
266 /*
267 * RFC 5304 set checksum and remaining lifetime to zero before
268 * verification and reset to old values after verification.
269 */
270 checksum = hdr->checksum;
271 rem_lifetime = hdr->rem_lifetime;
272 hdr->checksum = 0;
273 hdr->rem_lifetime = 0;
274 retval = authentication_check (&tlvs.auth_info, passwd, stream,
275 auth_tlv_offset);
276 hdr->checksum = checksum;
277 hdr->rem_lifetime = rem_lifetime;
278
279 return retval;
eb5d44eb 280}
281
282/*
283 * Processing helper functions
284 */
3f045a08
JB		 285static void
286del_addr (void *val)
287{
288 XFREE (MTYPE_ISIS_TMP, val);
289}
290
291static void
292tlvs_to_adj_area_addrs (struct tlvs *tlvs, struct isis_adjacency *adj)
293{
294 struct listnode *node;
295 struct area_addr *area_addr, *malloced;
296
297 if (adj->area_addrs)
298 {
299 adj->area_addrs->del = del_addr;
300 list_delete (adj->area_addrs);
301 }
302 adj->area_addrs = list_new ();
303 if (tlvs->area_addrs)
304 {
305 for (ALL_LIST_ELEMENTS_RO (tlvs->area_addrs, node, area_addr))
306 {
307 malloced = XMALLOC (MTYPE_ISIS_TMP, sizeof (struct area_addr));
308 memcpy (malloced, area_addr, sizeof (struct area_addr));
309 listnode_add (adj->area_addrs, malloced);
310 }
311 }
312}
313
655071f4 314static int
f390d2c7 315tlvs_to_adj_nlpids (struct tlvs *tlvs, struct isis_adjacency *adj)
eb5d44eb 316{
317 int i;
318 struct nlpids *tlv_nlpids;
319
f390d2c7 320 if (tlvs->nlpids)
321 {
eb5d44eb 322
f390d2c7 323 tlv_nlpids = tlvs->nlpids;
655071f4
DL		 324 if (tlv_nlpids->count > array_size (adj->nlpids.nlpids))
325 return 1;
eb5d44eb 326
f390d2c7 327 adj->nlpids.count = tlv_nlpids->count;
eb5d44eb 328
f390d2c7 329 for (i = 0; i < tlv_nlpids->count; i++)
330 {
331 adj->nlpids.nlpids[i] = tlv_nlpids->nlpids[i];
332 }
eb5d44eb 333 }
655071f4 334 return 0;
eb5d44eb 335}
336
92365889 337static void
f390d2c7 338tlvs_to_adj_ipv4_addrs (struct tlvs *tlvs, struct isis_adjacency *adj)
eb5d44eb 339{
3fdb2dd9 340 struct listnode *node;
eb5d44eb 341 struct in_addr *ipv4_addr, *malloced;
342
f390d2c7 343 if (adj->ipv4_addrs)
344 {
3f045a08 345 adj->ipv4_addrs->del = del_addr;
f390d2c7 346 list_delete (adj->ipv4_addrs);
347 }
eb5d44eb 348 adj->ipv4_addrs = list_new ();
f390d2c7 349 if (tlvs->ipv4_addrs)
350 {
3fdb2dd9 351 for (ALL_LIST_ELEMENTS_RO (tlvs->ipv4_addrs, node, ipv4_addr))
f390d2c7 352 {
353 malloced = XMALLOC (MTYPE_ISIS_TMP, sizeof (struct in_addr));
354 memcpy (malloced, ipv4_addr, sizeof (struct in_addr));
355 listnode_add (adj->ipv4_addrs, malloced);
356 }
eb5d44eb 357 }
eb5d44eb 358}
359
360#ifdef HAVE_IPV6
92365889 361static void
f390d2c7 362tlvs_to_adj_ipv6_addrs (struct tlvs *tlvs, struct isis_adjacency *adj)
eb5d44eb 363{
3fdb2dd9 364 struct listnode *node;
eb5d44eb 365 struct in6_addr *ipv6_addr, *malloced;
366
f390d2c7 367 if (adj->ipv6_addrs)
368 {
3f045a08 369 adj->ipv6_addrs->del = del_addr;
f390d2c7 370 list_delete (adj->ipv6_addrs);
371 }
eb5d44eb 372 adj->ipv6_addrs = list_new ();
f390d2c7 373 if (tlvs->ipv6_addrs)
374 {
3fdb2dd9 375 for (ALL_LIST_ELEMENTS_RO (tlvs->ipv6_addrs, node, ipv6_addr))
f390d2c7 376 {
377 malloced = XMALLOC (MTYPE_ISIS_TMP, sizeof (struct in6_addr));
378 memcpy (malloced, ipv6_addr, sizeof (struct in6_addr));
379 listnode_add (adj->ipv6_addrs, malloced);
380 }
eb5d44eb 381 }
eb5d44eb 382
383}
384#endif /* HAVE_IPV6 */
385
eb5d44eb 386/*
387 * RECEIVE SIDE
388 */
389
390/*
391 * Process P2P IIH
392 * ISO - 10589
393 * Section 8.2.5 - Receiving point-to-point IIH PDUs
394 *
395 */
396static int
397process_p2p_hello (struct isis_circuit *circuit)
398{
399 int retval = ISIS_OK;
400 struct isis_p2p_hello_hdr *hdr;
401 struct isis_adjacency *adj;
3f045a08 402 u_int32_t expected = 0, found = 0, auth_tlv_offset = 0;
e38e0df0 403 uint16_t pdu_len;
eb5d44eb 404 struct tlvs tlvs;
28a8cfcb 405 int v4_usable = 0, v6_usable = 0;
eb5d44eb 406
3f045a08
JB		 407 if (isis->debugs & DEBUG_ADJ_PACKETS)
408 {
409 zlog_debug ("ISIS-Adj (%s): Rcvd P2P IIH on %s, cirType %s, cirID %u",
410 circuit->area->area_tag, circuit->interface->name,
411 circuit_t2string (circuit->is_type), circuit->circuit_id);
412 if (isis->debugs & DEBUG_PACKET_DUMP)
413 zlog_dump_data (STREAM_DATA (circuit->rcv_stream),
414 stream_get_endp (circuit->rcv_stream));
415 }
416
417 if (circuit->circ_type != CIRCUIT_T_P2P)
418 {
419 zlog_warn ("p2p hello on non p2p circuit");
420 return ISIS_WARNING;
421 }
422
f390d2c7 423 if ((stream_get_endp (circuit->rcv_stream) -
424 stream_get_getp (circuit->rcv_stream)) < ISIS_P2PHELLO_HDRLEN)
425 {
426 zlog_warn ("Packet too short");
427 return ISIS_WARNING;
428 }
eb5d44eb 429
430 /* 8.2.5.1 PDU acceptance tests */
431
432 /* 8.2.5.1 a) external domain untrue */
433 /* FIXME: not useful at all? */
434
435 /* 8.2.5.1 b) ID Length mismatch */
436 /* checked at the handle_pdu */
437
438 /* 8.2.5.2 IIH PDU Processing */
439
440 /* 8.2.5.2 a) 1) Maximum Area Addresses */
441 /* Already checked, and can also be ommited */
442
443 /*
444 * Get the header
445 */
f390d2c7 446 hdr = (struct isis_p2p_hello_hdr *) STREAM_PNT (circuit->rcv_stream);
e38e0df0 447 pdu_len = ntohs (hdr->pdu_len);
eb5d44eb 448
a22ab5a5
AS		 449 if (pdu_len < (ISIS_FIXED_HDR_LEN + ISIS_P2PHELLO_HDRLEN) ||
450 pdu_len > ISO_MTU(circuit) ||
e38e0df0 451 pdu_len > stream_get_endp (circuit->rcv_stream))
f390d2c7 452 {
3f045a08
JB		 453 zlog_warn ("ISIS-Adj (%s): Rcvd P2P IIH from (%s) with "
454 "invalid pdu length %d",
e38e0df0 455 circuit->area->area_tag, circuit->interface->name, pdu_len);
3f045a08 456 return ISIS_WARNING;
f390d2c7 457 }
eb5d44eb 458
e38e0df0
SV		 459 /*
460 * Set the stream endp to PDU length, ignoring additional padding
461 * introduced by transport chips.
462 */
463 if (pdu_len < stream_get_endp (circuit->rcv_stream))
464 stream_set_endp (circuit->rcv_stream, pdu_len);
465
466 stream_forward_getp (circuit->rcv_stream, ISIS_P2PHELLO_HDRLEN);
467
eb5d44eb 468 /*
469 * Lets get the TLVS now
470 */
471 expected |= TLVFLAG_AREA_ADDRS;
472 expected |= TLVFLAG_AUTH_INFO;
473 expected |= TLVFLAG_NLPID;
474 expected |= TLVFLAG_IPV4_ADDR;
475 expected |= TLVFLAG_IPV6_ADDR;
476
3f045a08 477 auth_tlv_offset = stream_get_getp (circuit->rcv_stream);
eb5d44eb 478 retval = parse_tlvs (circuit->area->area_tag,
479 STREAM_PNT (circuit->rcv_stream),
e38e0df0
SV		 480 pdu_len - ISIS_P2PHELLO_HDRLEN - ISIS_FIXED_HDR_LEN,
481 &expected, &found, &tlvs, &auth_tlv_offset);
f390d2c7 482
483 if (retval > ISIS_WARNING)
484 {
3f045a08 485 zlog_warn ("parse_tlvs() failed");
f390d2c7 486 free_tlvs (&tlvs);
487 return retval;
488 };
eb5d44eb 489
3f045a08
JB		 490 if (!(found & TLVFLAG_AREA_ADDRS))
491 {
492 zlog_warn ("No Area addresses TLV in P2P IS to IS hello");
493 free_tlvs (&tlvs);
494 return ISIS_WARNING;
495 }
496
b72f345d
DL		 497 if (!(found & TLVFLAG_NLPID))
498 {
499 zlog_warn ("No supported protocols TLV in P2P IS to IS hello");
500 free_tlvs (&tlvs);
501 return ISIS_WARNING;
502 }
503
eb5d44eb 504 /* 8.2.5.1 c) Authentication */
f390d2c7 505 if (circuit->passwd.type)
506 {
507 if (!(found & TLVFLAG_AUTH_INFO) ||
3f045a08
JB		 508 authentication_check (&tlvs.auth_info, &circuit->passwd,
509 circuit->rcv_stream, auth_tlv_offset))
510 {
511 isis_event_auth_failure (circuit->area->area_tag,
512 "P2P hello authentication failure",
513 hdr->source_id);
514 free_tlvs (&tlvs);
515 return ISIS_OK;
516 }
eb5d44eb 517 }
eb5d44eb 518
3f045a08
JB		 519 /*
520 * check if it's own interface ip match iih ip addrs
521 */
28a8cfcb
DL		 522 if (found & TLVFLAG_IPV4_ADDR)
523 {
524 if (ip_match (circuit->ip_addrs, tlvs.ipv4_addrs))
525 v4_usable = 1;
526 else
527 zlog_warn ("ISIS-Adj: IPv4 addresses present but no overlap "
528 "in P2P IIH from %s\n", circuit->interface->name);
529 }
530#ifndef HAVE_IPV6
531 else /* !(found & TLVFLAG_IPV4_ADDR) */
532 zlog_warn ("ISIS-Adj: no IPv4 in P2P IIH from %s "
533 "(this isisd has no IPv6)\n", circuit->interface->name);
534
535#else
536 if (found & TLVFLAG_IPV6_ADDR)
537 {
538 /* TBA: check that we have a linklocal ourselves? */
539 struct listnode *node;
ad2f92b6 540 struct in6_addr *ip;
28a8cfcb
DL		 541 for (ALL_LIST_ELEMENTS_RO (tlvs.ipv6_addrs, node, ip))
542 if (IN6_IS_ADDR_LINKLOCAL (ip))
543 {
544 v6_usable = 1;
545 break;
546 }
547
548 if (!v6_usable)
549 zlog_warn ("ISIS-Adj: IPv6 addresses present but no link-local "
550 "in P2P IIH from %s\n", circuit->interface->name);
551 }
552
553 if (!(found & (TLVFLAG_IPV4_ADDR | TLVFLAG_IPV6_ADDR)))
554 zlog_warn ("ISIS-Adj: neither IPv4 nor IPv6 addr in P2P IIH from %s\n",
555 circuit->interface->name);
556#endif
557
558 if (!v6_usable && !v4_usable)
3f045a08 559 {
3f045a08
JB		 560 free_tlvs (&tlvs);
561 return ISIS_WARNING;
562 }
563
564 /*
565 * My interpertation of the ISO, if no adj exists we will create one for
566 * the circuit
567 */
568 adj = circuit->u.p2p.neighbor;
569 if (!adj || adj->level != hdr->circuit_t)
570 {
571 if (!adj)
572 {
573 adj = isis_new_adj (hdr->source_id, NULL, hdr->circuit_t, circuit);
574 if (adj == NULL)
575 return ISIS_ERROR;
576 }
577 else
578 {
579 adj->level = hdr->circuit_t;
580 }
581 circuit->u.p2p.neighbor = adj;
582 isis_adj_state_change (adj, ISIS_ADJ_INITIALIZING, NULL);
583 adj->sys_type = ISIS_SYSTYPE_UNKNOWN;
584 }
585
586 /* 8.2.6 Monitoring point-to-point adjacencies */
587 adj->hold_time = ntohs (hdr->hold_time);
588 adj->last_upd = time (NULL);
589
eb5d44eb 590 /* we do this now because the adj may not survive till the end... */
3f045a08
JB		 591 tlvs_to_adj_area_addrs (&tlvs, adj);
592
593 /* which protocol are spoken ??? */
b72f345d
DL		 594 if (tlvs_to_adj_nlpids (&tlvs, adj))
595 {
596 free_tlvs (&tlvs);
597 return ISIS_WARNING;
598 }
eb5d44eb 599
600 /* we need to copy addresses to the adj */
3f045a08
JB		 601 if (found & TLVFLAG_IPV4_ADDR)
602 tlvs_to_adj_ipv4_addrs (&tlvs, adj);
eb5d44eb 603
604#ifdef HAVE_IPV6
3f045a08
JB		 605 if (found & TLVFLAG_IPV6_ADDR)
606 tlvs_to_adj_ipv6_addrs (&tlvs, adj);
eb5d44eb 607#endif /* HAVE_IPV6 */
608
609 /* lets take care of the expiry */
f390d2c7 610 THREAD_TIMER_OFF (adj->t_expire);
611 THREAD_TIMER_ON (master, adj->t_expire, isis_adj_expire, adj,
612 (long) adj->hold_time);
eb5d44eb 613
614 /* 8.2.5.2 a) a match was detected */
f390d2c7 615 if (area_match (circuit->area->area_addrs, tlvs.area_addrs))
616 {
617 /* 8.2.5.2 a) 2) If the system is L1 - table 5 */
618 if (circuit->area->is_type == IS_LEVEL_1)
619 {
620 switch (hdr->circuit_t)
621 {
622 case IS_LEVEL_1:
623 case IS_LEVEL_1_AND_2:
624 if (adj->adj_state != ISIS_ADJ_UP)
625 {
626 /* (4) adj state up */
627 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
628 /* (5) adj usage level 1 */
629 adj->adj_usage = ISIS_ADJ_LEVEL1;
630 }
631 else if (adj->adj_usage == ISIS_ADJ_LEVEL1)
632 {
633 ; /* accept */
634 }
635 break;
636 case IS_LEVEL_2:
637 if (adj->adj_state != ISIS_ADJ_UP)
638 {
639 /* (7) reject - wrong system type event */
640 zlog_warn ("wrongSystemType");
3f045a08 641 free_tlvs (&tlvs);
f390d2c7 642 return ISIS_WARNING; /* Reject */
643 }
644 else if (adj->adj_usage == ISIS_ADJ_LEVEL1)
645 {
646 /* (6) down - wrong system */
647 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
648 }
649 break;
650 }
651 }
eb5d44eb 652
f390d2c7 653 /* 8.2.5.2 a) 3) If the system is L1L2 - table 6 */
654 if (circuit->area->is_type == IS_LEVEL_1_AND_2)
655 {
656 switch (hdr->circuit_t)
657 {
658 case IS_LEVEL_1:
659 if (adj->adj_state != ISIS_ADJ_UP)
660 {
661 /* (6) adj state up */
662 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
663 /* (7) adj usage level 1 */
664 adj->adj_usage = ISIS_ADJ_LEVEL1;
665 }
666 else if (adj->adj_usage == ISIS_ADJ_LEVEL1)
667 {
668 ; /* accept */
669 }
670 else if ((adj->adj_usage == ISIS_ADJ_LEVEL1AND2) ||
671 (adj->adj_usage == ISIS_ADJ_LEVEL2))
672 {
673 /* (8) down - wrong system */
674 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
675 }
676 break;
677 case IS_LEVEL_2:
678 if (adj->adj_state != ISIS_ADJ_UP)
679 {
680 /* (6) adj state up */
681 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
682 /* (9) adj usage level 2 */
683 adj->adj_usage = ISIS_ADJ_LEVEL2;
684 }
685 else if ((adj->adj_usage == ISIS_ADJ_LEVEL1) ||
686 (adj->adj_usage == ISIS_ADJ_LEVEL1AND2))
687 {
688 /* (8) down - wrong system */
689 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
690 }
691 else if (adj->adj_usage == ISIS_ADJ_LEVEL2)
692 {
693 ; /* Accept */
694 }
695 break;
696 case IS_LEVEL_1_AND_2:
697 if (adj->adj_state != ISIS_ADJ_UP)
698 {
699 /* (6) adj state up */
700 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
701 /* (10) adj usage level 1 */
702 adj->adj_usage = ISIS_ADJ_LEVEL1AND2;
703 }
704 else if ((adj->adj_usage == ISIS_ADJ_LEVEL1) ||
705 (adj->adj_usage == ISIS_ADJ_LEVEL2))
706 {
707 /* (8) down - wrong system */
708 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
709 }
710 else if (adj->adj_usage == ISIS_ADJ_LEVEL1AND2)
711 {
712 ; /* Accept */
713 }
714 break;
715 }
716 }
eb5d44eb 717
f390d2c7 718 /* 8.2.5.2 a) 4) If the system is L2 - table 7 */
719 if (circuit->area->is_type == IS_LEVEL_2)
720 {
721 switch (hdr->circuit_t)
722 {
723 case IS_LEVEL_1:
724 if (adj->adj_state != ISIS_ADJ_UP)
725 {
726 /* (5) reject - wrong system type event */
727 zlog_warn ("wrongSystemType");
3f045a08 728 free_tlvs (&tlvs);
f390d2c7 729 return ISIS_WARNING; /* Reject */
730 }
731 else if ((adj->adj_usage == ISIS_ADJ_LEVEL1AND2) ||
732 (adj->adj_usage == ISIS_ADJ_LEVEL2))
733 {
734 /* (6) down - wrong system */
735 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
736 }
737 break;
738 case IS_LEVEL_1_AND_2:
739 case IS_LEVEL_2:
740 if (adj->adj_state != ISIS_ADJ_UP)
741 {
742 /* (7) adj state up */
743 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
744 /* (8) adj usage level 2 */
745 adj->adj_usage = ISIS_ADJ_LEVEL2;
746 }
747 else if (adj->adj_usage == ISIS_ADJ_LEVEL1AND2)
748 {
749 /* (6) down - wrong system */
750 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
751 }
752 else if (adj->adj_usage == ISIS_ADJ_LEVEL2)
753 {
754 ; /* Accept */
755 }
756 break;
757 }
758 }
eb5d44eb 759 }
eb5d44eb 760 /* 8.2.5.2 b) if no match was detected */
3f045a08 761 else if (listcount (circuit->area->area_addrs) > 0)
eb5d44eb 762 {
f390d2c7 763 if (circuit->area->is_type == IS_LEVEL_1)
764 {
765 /* 8.2.5.2 b) 1) is_type L1 and adj is not up */
766 if (adj->adj_state != ISIS_ADJ_UP)
767 {
768 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Area Mismatch");
769 /* 8.2.5.2 b) 2)is_type L1 and adj is up */
770 }
771 else
772 {
773 isis_adj_state_change (adj, ISIS_ADJ_DOWN,
774 "Down - Area Mismatch");
775 }
776 }
777 /* 8.2.5.2 b 3 If the system is L2 or L1L2 - table 8 */
778 else
779 {
780 switch (hdr->circuit_t)
781 {
782 case IS_LEVEL_1:
783 if (adj->adj_state != ISIS_ADJ_UP)
784 {
785 /* (6) reject - Area Mismatch event */
786 zlog_warn ("AreaMismatch");
3f045a08 787 free_tlvs (&tlvs);
f390d2c7 788 return ISIS_WARNING; /* Reject */
789 }
790 else if (adj->adj_usage == ISIS_ADJ_LEVEL1)
791 {
792 /* (7) down - area mismatch */
793 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Area Mismatch");
794
795 }
796 else if ((adj->adj_usage == ISIS_ADJ_LEVEL1AND2) ||
797 (adj->adj_usage == ISIS_ADJ_LEVEL2))
798 {
799 /* (7) down - wrong system */
800 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
801 }
802 break;
803 case IS_LEVEL_1_AND_2:
804 case IS_LEVEL_2:
805 if (adj->adj_state != ISIS_ADJ_UP)
806 {
807 /* (8) adj state up */
808 isis_adj_state_change (adj, ISIS_ADJ_UP, NULL);
809 /* (9) adj usage level 2 */
810 adj->adj_usage = ISIS_ADJ_LEVEL2;
811 }
812 else if (adj->adj_usage == ISIS_ADJ_LEVEL1)
813 {
814 /* (7) down - wrong system */
815 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Wrong System");
816 }
817 else if (adj->adj_usage == ISIS_ADJ_LEVEL1AND2)
818 {
819 if (hdr->circuit_t == IS_LEVEL_2)
820 {
821 /* (7) down - wrong system */
822 isis_adj_state_change (adj, ISIS_ADJ_DOWN,
823 "Wrong System");
824 }
825 else
826 {
827 /* (7) down - area mismatch */
828 isis_adj_state_change (adj, ISIS_ADJ_DOWN,
829 "Area Mismatch");
830 }
831 }
832 else if (adj->adj_usage == ISIS_ADJ_LEVEL2)
833 {
834 ; /* Accept */
835 }
836 break;
837 }
838 }
eb5d44eb 839 }
3f045a08
JB		 840 else
841 {
842 /* down - area mismatch */
843 isis_adj_state_change (adj, ISIS_ADJ_DOWN, "Area Mismatch");
844 }
eb5d44eb 845 /* 8.2.5.2 c) if the action was up - comparing circuit IDs */
846 /* FIXME - Missing parts */
847
eb5d44eb 848 /* some of my own understanding of the ISO, why the heck does
849 * it not say what should I change the system_type to...
850 */
f390d2c7 851 switch (adj->adj_usage)
852 {
eb5d44eb 853 case ISIS_ADJ_LEVEL1:
854 adj->sys_type = ISIS_SYSTYPE_L1_IS;
855 break;
856 case ISIS_ADJ_LEVEL2:
857 adj->sys_type = ISIS_SYSTYPE_L2_IS;
858 break;
859 case ISIS_ADJ_LEVEL1AND2:
860 adj->sys_type = ISIS_SYSTYPE_L2_IS;
861 break;
862 case ISIS_ADJ_NONE:
863 adj->sys_type = ISIS_SYSTYPE_UNKNOWN;
864 break;
f390d2c7 865 }
eb5d44eb 866
867 adj->circuit_t = hdr->circuit_t;
3f045a08
JB		 868
869 if (isis->debugs & DEBUG_ADJ_PACKETS)
870 {
871 zlog_debug ("ISIS-Adj (%s): Rcvd P2P IIH from (%s), cir type %s,"
872 " cir id %02d, length %d",
873 circuit->area->area_tag, circuit->interface->name,
874 circuit_t2string (circuit->is_type),
e38e0df0 875 circuit->circuit_id, pdu_len);
3f045a08 876 }
eb5d44eb 877
878 free_tlvs (&tlvs);
879
880 return retval;
881}
882
eb5d44eb 883/*
884 * Process IS-IS LAN Level 1/2 Hello PDU
885 */
f390d2c7 886static int
02e33d3e 887process_lan_hello (int level, struct isis_circuit *circuit, const u_char *ssnpa)
eb5d44eb 888{
889 int retval = ISIS_OK;
890 struct isis_lan_hello_hdr hdr;
891 struct isis_adjacency *adj;
3f045a08 892 u_int32_t expected = 0, found = 0, auth_tlv_offset = 0;
eb5d44eb 893 struct tlvs tlvs;
894 u_char *snpa;
3fdb2dd9 895 struct listnode *node;
28a8cfcb 896 int v4_usable = 0, v6_usable = 0;
eb5d44eb 897
3f045a08
JB		 898 if (isis->debugs & DEBUG_ADJ_PACKETS)
899 {
900 zlog_debug ("ISIS-Adj (%s): Rcvd L%d LAN IIH on %s, cirType %s, "
901 "cirID %u",
902 circuit->area->area_tag, level, circuit->interface->name,
903 circuit_t2string (circuit->is_type), circuit->circuit_id);
904 if (isis->debugs & DEBUG_PACKET_DUMP)
905 zlog_dump_data (STREAM_DATA (circuit->rcv_stream),
906 stream_get_endp (circuit->rcv_stream));
907 }
908
909 if (circuit->circ_type != CIRCUIT_T_BROADCAST)
910 {
911 zlog_warn ("lan hello on non broadcast circuit");
912 return ISIS_WARNING;
913 }
914
f390d2c7 915 if ((stream_get_endp (circuit->rcv_stream) -
916 stream_get_getp (circuit->rcv_stream)) < ISIS_LANHELLO_HDRLEN)
917 {
918 zlog_warn ("Packet too short");
919 return ISIS_WARNING;
920 }
eb5d44eb 921
f390d2c7 922 if (circuit->ext_domain)
923 {
529d65b3 924 zlog_debug ("level %d LAN Hello received over circuit with "
925 "externalDomain = true", level);
f390d2c7 926 return ISIS_WARNING;
927 }
eb5d44eb 928
3f045a08 929 if (!accept_level (level, circuit->is_type))
f390d2c7 930 {
931 if (isis->debugs & DEBUG_ADJ_PACKETS)
932 {
529d65b3 933 zlog_debug ("ISIS-Adj (%s): Interface level mismatch, %s",
934 circuit->area->area_tag, circuit->interface->name);
f390d2c7 935 }
936 return ISIS_WARNING;
eb5d44eb 937 }
eb5d44eb 938
939#if 0
940 /* Cisco's debug message compatability */
f390d2c7 941 if (!accept_level (level, circuit->area->is_type))
942 {
943 if (isis->debugs & DEBUG_ADJ_PACKETS)
944 {
529d65b3 945 zlog_debug ("ISIS-Adj (%s): is type mismatch",
946 circuit->area->area_tag);
f390d2c7 947 }
948 return ISIS_WARNING;
eb5d44eb 949 }
eb5d44eb 950#endif
951 /*
952 * Fill the header
953 */
954 hdr.circuit_t = stream_getc (circuit->rcv_stream);
955 stream_get (hdr.source_id, circuit->rcv_stream, ISIS_SYS_ID_LEN);
956 hdr.hold_time = stream_getw (circuit->rcv_stream);
f390d2c7 957 hdr.pdu_len = stream_getw (circuit->rcv_stream);
958 hdr.prio = stream_getc (circuit->rcv_stream);
eb5d44eb 959 stream_get (hdr.lan_id, circuit->rcv_stream, ISIS_SYS_ID_LEN + 1);
960
a22ab5a5
AS		 961 if (hdr.pdu_len < (ISIS_FIXED_HDR_LEN + ISIS_LANHELLO_HDRLEN) ||
962 hdr.pdu_len > ISO_MTU(circuit) ||
e38e0df0 963 hdr.pdu_len > stream_get_endp (circuit->rcv_stream))
f390d2c7 964 {
3f045a08
JB		 965 zlog_warn ("ISIS-Adj (%s): Rcvd LAN IIH from (%s) with "
966 "invalid pdu length %d",
967 circuit->area->area_tag, circuit->interface->name,
968 hdr.pdu_len);
e38e0df0 969 return ISIS_WARNING;
3f045a08
JB		 970 }
971
e38e0df0
SV		 972 /*
973 * Set the stream endp to PDU length, ignoring additional padding
974 * introduced by transport chips.
975 */
976 if (hdr.pdu_len < stream_get_endp (circuit->rcv_stream))
977 stream_set_endp (circuit->rcv_stream, hdr.pdu_len);
978
3f045a08
JB		 979 if (hdr.circuit_t != IS_LEVEL_1 &&
980 hdr.circuit_t != IS_LEVEL_2 &&
981 hdr.circuit_t != IS_LEVEL_1_AND_2 &&
982 (level & hdr.circuit_t) == 0)
983 {
984 zlog_err ("Level %d LAN Hello with Circuit Type %d", level,
985 hdr.circuit_t);
f390d2c7 986 return ISIS_ERROR;
987 }
3f045a08 988
eb5d44eb 989 /*
990 * Then get the tlvs
991 */
992 expected |= TLVFLAG_AUTH_INFO;
993 expected |= TLVFLAG_AREA_ADDRS;
994 expected |= TLVFLAG_LAN_NEIGHS;
995 expected |= TLVFLAG_NLPID;
996 expected |= TLVFLAG_IPV4_ADDR;
997 expected |= TLVFLAG_IPV6_ADDR;
998
3f045a08 999 auth_tlv_offset = stream_get_getp (circuit->rcv_stream);
eb5d44eb 1000 retval = parse_tlvs (circuit->area->area_tag,
3f045a08
JB		 1001 STREAM_PNT (circuit->rcv_stream),
1002 hdr.pdu_len - ISIS_LANHELLO_HDRLEN - ISIS_FIXED_HDR_LEN,
1003 &expected, &found, &tlvs,
1004 &auth_tlv_offset);
eb5d44eb 1005
f390d2c7 1006 if (retval > ISIS_WARNING)
1007 {
1008 zlog_warn ("parse_tlvs() failed");
1009 goto out;
1010 }
eb5d44eb 1011
f390d2c7 1012 if (!(found & TLVFLAG_AREA_ADDRS))
1013 {
1014 zlog_warn ("No Area addresses TLV in Level %d LAN IS to IS hello",
1015 level);
eb5d44eb 1016 retval = ISIS_WARNING;
1017 goto out;
1018 }
f390d2c7 1019
b72f345d
DL		 1020 if (!(found & TLVFLAG_NLPID))
1021 {
1022 zlog_warn ("No supported protocols TLV in Level %d LAN IS to IS hello",
1023 level);
1024 retval = ISIS_WARNING;
1025 goto out;
1026 }
1027
3f045a08 1028 /* Verify authentication, either cleartext of HMAC MD5 */
f390d2c7 1029 if (circuit->passwd.type)
1030 {
1031 if (!(found & TLVFLAG_AUTH_INFO) ||
3f045a08
JB		 1032 authentication_check (&tlvs.auth_info, &circuit->passwd,
1033 circuit->rcv_stream, auth_tlv_offset))
1034 {
1035 isis_event_auth_failure (circuit->area->area_tag,
1036 "LAN hello authentication failure",
1037 hdr.source_id);
1038 retval = ISIS_WARNING;
1039 goto out;
1040 }
f390d2c7 1041 }
eb5d44eb 1042
19f78ceb
DL		 1043 if (!memcmp (hdr.source_id, isis->sysid, ISIS_SYS_ID_LEN))
1044 {
1045 zlog_warn ("ISIS-Adj (%s): duplicate system ID on interface %s",
1046 circuit->area->area_tag, circuit->interface->name);
1047 return ISIS_WARNING;
1048 }
1049
eb5d44eb 1050 /*
1051 * Accept the level 1 adjacency only if a match between local and
1052 * remote area addresses is found
1053 */
3f045a08
JB		 1054 if (listcount (circuit->area->area_addrs) == 0 ||
1055 (level == IS_LEVEL_1 &&
1056 area_match (circuit->area->area_addrs, tlvs.area_addrs) == 0))
f390d2c7 1057 {
1058 if (isis->debugs & DEBUG_ADJ_PACKETS)
1059 {
529d65b3 1060 zlog_debug ("ISIS-Adj (%s): Area mismatch, level %d IIH on %s",
1061 circuit->area->area_tag, level,
1062 circuit->interface->name);
f390d2c7 1063 }
1064 retval = ISIS_OK;
1065 goto out;
eb5d44eb 1066 }
eb5d44eb 1067
1068 /*
1069 * it's own IIH PDU - discard silently
f390d2c7 1070 */
1071 if (!memcmp (circuit->u.bc.snpa, ssnpa, ETH_ALEN))
1072 {
529d65b3 1073 zlog_debug ("ISIS-Adj (%s): it's own IIH PDU - discarded",
1074 circuit->area->area_tag);
eb5d44eb 1075
f390d2c7 1076 retval = ISIS_OK;
1077 goto out;
1078 }
eb5d44eb 1079
1080 /*
1081 * check if it's own interface ip match iih ip addrs
1082 */
28a8cfcb 1083 if (found & TLVFLAG_IPV4_ADDR)
f390d2c7 1084 {
28a8cfcb
DL		 1085 if (ip_match (circuit->ip_addrs, tlvs.ipv4_addrs))
1086 v4_usable = 1;
1087 else
1088 zlog_warn ("ISIS-Adj: IPv4 addresses present but no overlap "
1089 "in LAN IIH from %s\n", circuit->interface->name);
f390d2c7 1090 }
28a8cfcb
DL		 1091#ifndef HAVE_IPV6
1092 else /* !(found & TLVFLAG_IPV4_ADDR) */
1093 zlog_warn ("ISIS-Adj: no IPv4 in LAN IIH from %s "
1094 "(this isisd has no IPv6)\n", circuit->interface->name);
1095
1096#else
1097 if (found & TLVFLAG_IPV6_ADDR)
1098 {
1099 /* TBA: check that we have a linklocal ourselves? */
1100 struct listnode *node;
ad2f92b6 1101 struct in6_addr *ip;
28a8cfcb
DL		 1102 for (ALL_LIST_ELEMENTS_RO (tlvs.ipv6_addrs, node, ip))
1103 if (IN6_IS_ADDR_LINKLOCAL (ip))
1104 {
1105 v6_usable = 1;
1106 break;
1107 }
1108
1109 if (!v6_usable)
1110 zlog_warn ("ISIS-Adj: IPv6 addresses present but no link-local "
1111 "in LAN IIH from %s\n", circuit->interface->name);
1112 }
1113
1114 if (!(found & (TLVFLAG_IPV4_ADDR | TLVFLAG_IPV6_ADDR)))
1115 zlog_warn ("ISIS-Adj: neither IPv4 nor IPv6 addr in LAN IIH from %s\n",
1116 circuit->interface->name);
1117#endif
1118
1119 if (!v6_usable && !v4_usable)
1120 {
1121 free_tlvs (&tlvs);
1122 return ISIS_WARNING;
1123 }
1124
eb5d44eb 1125
1126 adj = isis_adj_lookup (hdr.source_id, circuit->u.bc.adjdb[level - 1]);
3f045a08
JB		 1127 if ((adj == NULL) || (memcmp(adj->snpa, ssnpa, ETH_ALEN)) ||
1128 (adj->level != level))
f390d2c7 1129 {
3f045a08
JB		 1130 if (!adj)
1131 {
1132 /*
1133 * Do as in 8.4.2.5
1134 */
1135 adj = isis_new_adj (hdr.source_id, ssnpa, level, circuit);
1136 if (adj == NULL)
1137 {
1138 retval = ISIS_ERROR;
1139 goto out;
1140 }
1141 }
1142 else
1143 {
1144 if (ssnpa) {
1145 memcpy (adj->snpa, ssnpa, 6);
1146 } else {
1147 memset (adj->snpa, ' ', 6);
1148 }
1149 adj->level = level;
1150 }
f390d2c7 1151 isis_adj_state_change (adj, ISIS_ADJ_INITIALIZING, NULL);
eb5d44eb 1152
3f045a08
JB		 1153 if (level == IS_LEVEL_1)
1154 adj->sys_type = ISIS_SYSTYPE_L1_IS;
f390d2c7 1155 else
3f045a08 1156 adj->sys_type = ISIS_SYSTYPE_L2_IS;
f390d2c7 1157 list_delete_all_node (circuit->u.bc.lan_neighs[level - 1]);
1158 isis_adj_build_neigh_list (circuit->u.bc.adjdb[level - 1],
3f045a08 1159 circuit->u.bc.lan_neighs[level - 1]);
eb5d44eb 1160 }
eb5d44eb 1161
a211d65d 1162 if(adj->dis_record[level-1].dis==ISIS_IS_DIS)
1163 switch (level)
1164 {
1165 case 1:
1166 if (memcmp (circuit->u.bc.l1_desig_is, hdr.lan_id, ISIS_SYS_ID_LEN + 1))
1167 {
3f045a08 1168 thread_add_event (master, isis_event_dis_status_change, circuit, 0);
64a7afd6 1169 memcpy (&circuit->u.bc.l1_desig_is, hdr.lan_id,
1170 ISIS_SYS_ID_LEN + 1);
a211d65d 1171 }
1172 break;
1173 case 2:
1174 if (memcmp (circuit->u.bc.l2_desig_is, hdr.lan_id, ISIS_SYS_ID_LEN + 1))
1175 {
3f045a08 1176 thread_add_event (master, isis_event_dis_status_change, circuit, 0);
64a7afd6 1177 memcpy (&circuit->u.bc.l2_desig_is, hdr.lan_id,
1178 ISIS_SYS_ID_LEN + 1);
a211d65d 1179 }
1180 break;
1181 }
eb5d44eb 1182
1183 adj->hold_time = hdr.hold_time;
f390d2c7 1184 adj->last_upd = time (NULL);
1185 adj->prio[level - 1] = hdr.prio;
eb5d44eb 1186
1187 memcpy (adj->lanid, hdr.lan_id, ISIS_SYS_ID_LEN + 1);
1188
3f045a08
JB		 1189 tlvs_to_adj_area_addrs (&tlvs, adj);
1190
eb5d44eb 1191 /* which protocol are spoken ??? */
b72f345d
DL		 1192 if (tlvs_to_adj_nlpids (&tlvs, adj))
1193 {
1194 retval = ISIS_WARNING;
1195 goto out;
1196 }
eb5d44eb 1197
1198 /* we need to copy addresses to the adj */
f390d2c7 1199 if (found & TLVFLAG_IPV4_ADDR)
eb5d44eb 1200 tlvs_to_adj_ipv4_addrs (&tlvs, adj);
1201
1202#ifdef HAVE_IPV6
f390d2c7 1203 if (found & TLVFLAG_IPV6_ADDR)
eb5d44eb 1204 tlvs_to_adj_ipv6_addrs (&tlvs, adj);
1205#endif /* HAVE_IPV6 */
1206
1207 adj->circuit_t = hdr.circuit_t;
1208
1209 /* lets take care of the expiry */
f390d2c7 1210 THREAD_TIMER_OFF (adj->t_expire);
1211 THREAD_TIMER_ON (master, adj->t_expire, isis_adj_expire, adj,
3f045a08 1212 (long) adj->hold_time);
eb5d44eb 1213
1214 /*
1215 * If the snpa for this circuit is found from LAN Neighbours TLV
1216 * we have two-way communication -> adjacency can be put to state "up"
1217 */
1218
f390d2c7 1219 if (found & TLVFLAG_LAN_NEIGHS)
3f045a08
JB		 1220 {
1221 if (adj->adj_state != ISIS_ADJ_UP)
f390d2c7 1222 {
3f045a08
JB		 1223 for (ALL_LIST_ELEMENTS_RO (tlvs.lan_neighs, node, snpa))
1224 {
1225 if (!memcmp (snpa, circuit->u.bc.snpa, ETH_ALEN))
1226 {
1227 isis_adj_state_change (adj, ISIS_ADJ_UP,
1228 "own SNPA found in LAN Neighbours TLV");
1229 }
1230 }
1231 }
1232 else
1233 {
1234 int found = 0;
1235 for (ALL_LIST_ELEMENTS_RO (tlvs.lan_neighs, node, snpa))
1236 if (!memcmp (snpa, circuit->u.bc.snpa, ETH_ALEN))
1237 {
1238 found = 1;
1239 break;
1240 }
1241 if (found == 0)
1242 isis_adj_state_change (adj, ISIS_ADJ_INITIALIZING,
1243 "own SNPA not found in LAN Neighbours TLV");
eb5d44eb 1244 }
3f045a08
JB		 1245 }
1246 else if (adj->adj_state == ISIS_ADJ_UP)
1247 {
1248 isis_adj_state_change (adj, ISIS_ADJ_INITIALIZING,
1249 "no LAN Neighbours TLV found");
1250 }
eb5d44eb 1251
f390d2c7 1252out:
f390d2c7 1253 if (isis->debugs & DEBUG_ADJ_PACKETS)
1254 {
529d65b3 1255 zlog_debug ("ISIS-Adj (%s): Rcvd L%d LAN IIH from %s on %s, cirType %s, "
ee046671 1256 "cirID %u, length %zd",
529d65b3 1257 circuit->area->area_tag,
1258 level, snpa_print (ssnpa), circuit->interface->name,
3f045a08 1259 circuit_t2string (circuit->is_type),
29e50b23 1260 circuit->circuit_id,
3f045a08 1261 stream_get_endp (circuit->rcv_stream));
f390d2c7 1262 }
eb5d44eb 1263
1264 free_tlvs (&tlvs);
1265
1266 return retval;
1267}
1268
1269/*
1270 * Process Level 1/2 Link State
1271 * ISO - 10589
1272 * Section 7.3.15.1 - Action on receipt of a link state PDU
f390d2c7 1273 */
1274static int
02e33d3e 1275process_lsp (int level, struct isis_circuit *circuit, const u_char *ssnpa)
eb5d44eb 1276{
1277 struct isis_link_state_hdr *hdr;
1278 struct isis_adjacency *adj = NULL;
1279 struct isis_lsp *lsp, *lsp0 = NULL;
1280 int retval = ISIS_OK, comp = 0;
1281 u_char lspid[ISIS_SYS_ID_LEN + 2];
1282 struct isis_passwd *passwd;
e38e0df0 1283 uint16_t pdu_len;
eb5d44eb 1284
3f045a08
JB		 1285 if (isis->debugs & DEBUG_UPDATE_PACKETS)
1286 {
1287 zlog_debug ("ISIS-Upd (%s): Rcvd L%d LSP on %s, cirType %s, cirID %u",
1288 circuit->area->area_tag, level, circuit->interface->name,
1289 circuit_t2string (circuit->is_type), circuit->circuit_id);
1290 if (isis->debugs & DEBUG_PACKET_DUMP)
1291 zlog_dump_data (STREAM_DATA (circuit->rcv_stream),
1292 stream_get_endp (circuit->rcv_stream));
1293 }
1294
f390d2c7 1295 if ((stream_get_endp (circuit->rcv_stream) -
1296 stream_get_getp (circuit->rcv_stream)) < ISIS_LSP_HDR_LEN)
1297 {
1298 zlog_warn ("Packet too short");
1299 return ISIS_WARNING;
1300 }
eb5d44eb 1301
1302 /* Reference the header */
f390d2c7 1303 hdr = (struct isis_link_state_hdr *) STREAM_PNT (circuit->rcv_stream);
e38e0df0
SV		 1304 pdu_len = ntohs (hdr->pdu_len);
1305
1306 /* lsp length check */
a22ab5a5 1307 if (pdu_len < (ISIS_FIXED_HDR_LEN + ISIS_LSP_HDR_LEN) ||
e38e0df0
SV		 1308 pdu_len > ISO_MTU(circuit) ||
1309 pdu_len > stream_get_endp (circuit->rcv_stream))
1310 {
1311 zlog_debug ("ISIS-Upd (%s): LSP %s invalid LSP length %d",
1312 circuit->area->area_tag,
1313 rawlspid_print (hdr->lsp_id), pdu_len);
1314
1315 return ISIS_WARNING;
1316 }
1317
1318 /*
1319 * Set the stream endp to PDU length, ignoring additional padding
1320 * introduced by transport chips.
1321 */
1322 if (pdu_len < stream_get_endp (circuit->rcv_stream))
1323 stream_set_endp (circuit->rcv_stream, pdu_len);
f390d2c7 1324
1325 if (isis->debugs & DEBUG_UPDATE_PACKETS)
1326 {
529d65b3 1327 zlog_debug ("ISIS-Upd (%s): Rcvd L%d LSP %s, seq 0x%08x, cksum 0x%04x, "
3f045a08 1328 "lifetime %us, len %u, on %s",
529d65b3 1329 circuit->area->area_tag,
1330 level,
1331 rawlspid_print (hdr->lsp_id),
1332 ntohl (hdr->seq_num),
1333 ntohs (hdr->checksum),
1334 ntohs (hdr->rem_lifetime),
e38e0df0 1335 pdu_len,
15935e9a 1336 circuit->interface->name);
f390d2c7 1337 }
eb5d44eb 1338
e38e0df0
SV		 1339 /* lsp is_type check */
1340 if ((hdr->lsp_bits & IS_LEVEL_1_AND_2) != IS_LEVEL_1 &&
1341 (hdr->lsp_bits & IS_LEVEL_1_AND_2) != IS_LEVEL_1_AND_2)
3f045a08 1342 {
e38e0df0 1343 zlog_debug ("ISIS-Upd (%s): LSP %s invalid LSP is type %x",
3f045a08 1344 circuit->area->area_tag,
e38e0df0
SV		 1345 rawlspid_print (hdr->lsp_id), hdr->lsp_bits);
1346 /* continue as per RFC1122 Be liberal in what you accept, and
1347 * conservative in what you send */
3f045a08 1348 }
eb5d44eb 1349
1350 /* Checksum sanity check - FIXME: move to correct place */
1351 /* 12 = sysid+pdu+remtime */
f390d2c7 1352 if (iso_csum_verify (STREAM_PNT (circuit->rcv_stream) + 4,
e38e0df0 1353 pdu_len - 12, &hdr->checksum))
f390d2c7 1354 {
529d65b3 1355 zlog_debug ("ISIS-Upd (%s): LSP %s invalid LSP checksum 0x%04x",
1356 circuit->area->area_tag,
1357 rawlspid_print (hdr->lsp_id), ntohs (hdr->checksum));
f390d2c7 1358
1359 return ISIS_WARNING;
1360 }
eb5d44eb 1361
1362 /* 7.3.15.1 a) 1 - external domain circuit will discard lsps */
f390d2c7 1363 if (circuit->ext_domain)
1364 {
529d65b3 1365 zlog_debug
f390d2c7 1366 ("ISIS-Upd (%s): LSP %s received at level %d over circuit with "
1367 "externalDomain = true", circuit->area->area_tag,
1368 rawlspid_print (hdr->lsp_id), level);
1369
1370 return ISIS_WARNING;
1371 }
eb5d44eb 1372
1373 /* 7.3.15.1 a) 2,3 - manualL2OnlyMode not implemented */
3f045a08 1374 if (!accept_level (level, circuit->is_type))
f390d2c7 1375 {
529d65b3 1376 zlog_debug ("ISIS-Upd (%s): LSP %s received at level %d over circuit of"
1377 " type %s",
1378 circuit->area->area_tag,
1379 rawlspid_print (hdr->lsp_id),
3f045a08 1380 level, circuit_t2string (circuit->is_type));
f390d2c7 1381
1382 return ISIS_WARNING;
1383 }
eb5d44eb 1384
1385 /* 7.3.15.1 a) 4 - need to make sure IDLength matches */
1386
1387 /* 7.3.15.1 a) 5 - maximum area match, can be ommited since we only use 3 */
1388
1389 /* 7.3.15.1 a) 7 - password check */
3f045a08
JB		 1390 (level == IS_LEVEL_1) ? (passwd = &circuit->area->area_passwd) :
1391 (passwd = &circuit->area->domain_passwd);
f390d2c7 1392 if (passwd->type)
1393 {
3f045a08
JB		 1394 if (lsp_authentication_check (circuit->rcv_stream, circuit->area,
1395 level, passwd))
f390d2c7 1396 {
1397 isis_event_auth_failure (circuit->area->area_tag,
1398 "LSP authentication failure", hdr->lsp_id);
1399 return ISIS_WARNING;
1400 }
eb5d44eb 1401 }
eb5d44eb 1402 /* Find the LSP in our database and compare it to this Link State header */
1403 lsp = lsp_search (hdr->lsp_id, circuit->area->lspdb[level - 1]);
1404 if (lsp)
f390d2c7 1405 comp = lsp_compare (circuit->area->area_tag, lsp, hdr->seq_num,
1406 hdr->checksum, hdr->rem_lifetime);
1407 if (lsp && (lsp->own_lsp
eb5d44eb 1408#ifdef TOPOLOGY_GENERATE
f390d2c7 1409 || lsp->from_topology
eb5d44eb 1410#endif /* TOPOLOGY_GENERATE */
f390d2c7 1411 ))
eb5d44eb 1412 goto dontcheckadj;
1413
1414 /* 7.3.15.1 a) 6 - Must check that we have an adjacency of the same level */
1415 /* for broadcast circuits, snpa should be compared */
eb5d44eb 1416
f390d2c7 1417 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
1418 {
1419 adj = isis_adj_lookup_snpa (ssnpa, circuit->u.bc.adjdb[level - 1]);
1420 if (!adj)
1421 {
529d65b3 1422 zlog_debug ("(%s): DS ======= LSP %s, seq 0x%08x, cksum 0x%04x, "
1423 "lifetime %us on %s",
1424 circuit->area->area_tag,
1425 rawlspid_print (hdr->lsp_id),
1426 ntohl (hdr->seq_num),
1427 ntohs (hdr->checksum),
1428 ntohs (hdr->rem_lifetime), circuit->interface->name);
f390d2c7 1429 return ISIS_WARNING; /* Silently discard */
1430 }
eb5d44eb 1431 }
eb5d44eb 1432 /* for non broadcast, we just need to find same level adj */
f390d2c7 1433 else
1434 {
1435 /* If no adj, or no sharing of level */
1436 if (!circuit->u.p2p.neighbor)
1437 {
1438 return ISIS_OK; /* Silently discard */
1439 }
1440 else
1441 {
3f045a08 1442 if (((level == IS_LEVEL_1) &&
f390d2c7 1443 (circuit->u.p2p.neighbor->adj_usage == ISIS_ADJ_LEVEL2)) ||
3f045a08 1444 ((level == IS_LEVEL_2) &&
f390d2c7 1445 (circuit->u.p2p.neighbor->adj_usage == ISIS_ADJ_LEVEL1)))
1446 return ISIS_WARNING; /* Silently discard */
3f045a08 1447 adj = circuit->u.p2p.neighbor;
f390d2c7 1448 }
eb5d44eb 1449 }
3f045a08 1450
f390d2c7 1451dontcheckadj:
eb5d44eb 1452 /* 7.3.15.1 a) 7 - Passwords for level 1 - not implemented */
1453
1454 /* 7.3.15.1 a) 8 - Passwords for level 2 - not implemented */
1455
f390d2c7 1456 /* 7.3.15.1 a) 9 - OriginatingLSPBufferSize - not implemented FIXME: do it */
1457
1458 /* 7.3.15.1 b) - If the remaining life time is 0, we perform 7.3.16.4 */
1459 if (hdr->rem_lifetime == 0)
1460 {
1461 if (!lsp)
1462 {
1463 /* 7.3.16.4 a) 1) No LSP in db -> send an ack, but don't save */
1464 /* only needed on explicit update, eg - p2p */
1465 if (circuit->circ_type == CIRCUIT_T_P2P)
1466 ack_lsp (hdr, circuit, level);
1467 return retval; /* FIXME: do we need a purge? */
1468 }
1469 else
1470 {
1471 if (memcmp (hdr->lsp_id, isis->sysid, ISIS_SYS_ID_LEN))
1472 {
1473 /* LSP by some other system -> do 7.3.16.4 b) */
1474 /* 7.3.16.4 b) 1) */
1475 if (comp == LSP_NEWER)
1476 {
3f045a08 1477 lsp_update (lsp, circuit->rcv_stream, circuit->area, level);
f390d2c7 1478 /* ii */
3f045a08 1479 lsp_set_all_srmflags (lsp);
f390d2c7 1480 /* iii */
1481 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
1482 /* v */
1483 ISIS_FLAGS_CLEAR_ALL (lsp->SSNflags); /* FIXME: OTHER than c */
1484 /* iv */
1485 if (circuit->circ_type != CIRCUIT_T_BROADCAST)
1486 ISIS_SET_FLAG (lsp->SSNflags, circuit);
1487
1488 } /* 7.3.16.4 b) 2) */
1489 else if (comp == LSP_EQUAL)
1490 {
1491 /* i */
1492 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
1493 /* ii */
1494 if (circuit->circ_type != CIRCUIT_T_BROADCAST)
1495 ISIS_SET_FLAG (lsp->SSNflags, circuit);
1496 } /* 7.3.16.4 b) 3) */
1497 else
1498 {
1499 ISIS_SET_FLAG (lsp->SRMflags, circuit);
1500 ISIS_CLEAR_FLAG (lsp->SSNflags, circuit);
1501 }
1502 }
3f045a08
JB		 1503 else if (lsp->lsp_header->rem_lifetime != 0)
1504 {
1505 /* our own LSP -> 7.3.16.4 c) */
1506 if (comp == LSP_NEWER)
1507 {
1508 lsp_inc_seqnum (lsp, ntohl (hdr->seq_num));
1509 lsp_set_all_srmflags (lsp);
1510 }
1511 else
1512 {
1513 ISIS_SET_FLAG (lsp->SRMflags, circuit);
1514 ISIS_CLEAR_FLAG (lsp->SSNflags, circuit);
1515 }
1516 if (isis->debugs & DEBUG_UPDATE_PACKETS)
1517 zlog_debug ("ISIS-Upd (%s): (1) re-originating LSP %s new "
1518 "seq 0x%08x", circuit->area->area_tag,
1519 rawlspid_print (hdr->lsp_id),
1520 ntohl (lsp->lsp_header->seq_num));
1521 }
f390d2c7 1522 }
1523 return retval;
eb5d44eb 1524 }
eb5d44eb 1525 /* 7.3.15.1 c) - If this is our own lsp and we don't have it initiate a
1526 * purge */
f390d2c7 1527 if (memcmp (hdr->lsp_id, isis->sysid, ISIS_SYS_ID_LEN) == 0)
1528 {
1529 if (!lsp)
1530 {
1531 /* 7.3.16.4: initiate a purge */
1532 lsp_purge_non_exist (hdr, circuit->area);
1533 return ISIS_OK;
1534 }
1535 /* 7.3.15.1 d) - If this is our own lsp and we have it */
1536
1537 /* In 7.3.16.1, If an Intermediate system R somewhere in the domain
1538 * has information that the current sequence number for source S is
1539 * "greater" than that held by S, ... */
1540
e38e0df0 1541 if (ntohl (hdr->seq_num) > ntohl (lsp->lsp_header->seq_num))
f390d2c7 1542 {
1543 /* 7.3.16.1 */
3f045a08 1544 lsp_inc_seqnum (lsp, ntohl (hdr->seq_num));
c89c05dd 1545 if (isis->debugs & DEBUG_UPDATE_PACKETS)
1546 zlog_debug ("ISIS-Upd (%s): (2) re-originating LSP %s new seq "
1547 "0x%08x", circuit->area->area_tag,
1548 rawlspid_print (hdr->lsp_id),
1549 ntohl (lsp->lsp_header->seq_num));
f390d2c7 1550 }
e38e0df0
SV		 1551 /* If the received LSP is older or equal,
1552 * resend the LSP which will act as ACK */
1553 lsp_set_all_srmflags (lsp);
eb5d44eb 1554 }
f390d2c7 1555 else
1556 {
1557 /* 7.3.15.1 e) - This lsp originated on another system */
1558
1559 /* 7.3.15.1 e) 1) LSP newer than the one in db or no LSP in db */
1560 if ((!lsp || comp == LSP_NEWER))
1561 {
f390d2c7 1562 /*
1563 * If this lsp is a frag, need to see if we have zero lsp present
1564 */
1565 if (LSP_FRAGMENT (hdr->lsp_id) != 0)
1566 {
1567 memcpy (lspid, hdr->lsp_id, ISIS_SYS_ID_LEN + 1);
1568 LSP_FRAGMENT (lspid) = 0;
1569 lsp0 = lsp_search (lspid, circuit->area->lspdb[level - 1]);
1570 if (!lsp0)
1571 {
3f045a08 1572 zlog_debug ("Got lsp frag, while zero lsp not in database");
f390d2c7 1573 return ISIS_OK;
1574 }
1575 }
3f045a08
JB		 1576 /* i */
1577 if (!lsp)
1578 {
1579 lsp = lsp_new_from_stream_ptr (circuit->rcv_stream,
e38e0df0 1580 pdu_len, lsp0,
3f045a08
JB		 1581 circuit->area, level);
1582 lsp_insert (lsp, circuit->area->lspdb[level - 1]);
1583 }
1584 else /* exists, so we overwrite */
1585 {
1586 lsp_update (lsp, circuit->rcv_stream, circuit->area, level);
1587 }
f390d2c7 1588 /* ii */
3f045a08 1589 lsp_set_all_srmflags (lsp);
f390d2c7 1590 /* iii */
1591 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
1592
1593 /* iv */
1594 if (circuit->circ_type != CIRCUIT_T_BROADCAST)
1595 ISIS_SET_FLAG (lsp->SSNflags, circuit);
1596 /* FIXME: v) */
1597 }
1598 /* 7.3.15.1 e) 2) LSP equal to the one in db */
1599 else if (comp == LSP_EQUAL)
1600 {
1601 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
3f045a08 1602 lsp_update (lsp, circuit->rcv_stream, circuit->area, level);
f390d2c7 1603 if (circuit->circ_type != CIRCUIT_T_BROADCAST)
3f045a08 1604 ISIS_SET_FLAG (lsp->SSNflags, circuit);
f390d2c7 1605 }
1606 /* 7.3.15.1 e) 3) LSP older than the one in db */
1607 else
1608 {
1609 ISIS_SET_FLAG (lsp->SRMflags, circuit);
1610 ISIS_CLEAR_FLAG (lsp->SSNflags, circuit);
1611 }
eb5d44eb 1612 }
eb5d44eb 1613 return retval;
1614}
1615
1616/*
1617 * Process Sequence Numbers
1618 * ISO - 10589
1619 * Section 7.3.15.2 - Action on receipt of a sequence numbers PDU
1620 */
1621
92365889 1622static int
f390d2c7 1623process_snp (int snp_type, int level, struct isis_circuit *circuit,
02e33d3e 1624 const u_char *ssnpa)
eb5d44eb 1625{
1626 int retval = ISIS_OK;
1627 int cmp, own_lsp;
1628 char typechar = ' ';
e38e0df0 1629 uint16_t pdu_len;
eb5d44eb 1630 struct isis_adjacency *adj;
1631 struct isis_complete_seqnum_hdr *chdr = NULL;
1632 struct isis_partial_seqnum_hdr *phdr = NULL;
3f045a08 1633 uint32_t found = 0, expected = 0, auth_tlv_offset = 0;
eb5d44eb 1634 struct isis_lsp *lsp;
1635 struct lsp_entry *entry;
1eb8ef25 1636 struct listnode *node, *nnode;
1637 struct listnode *node2, *nnode2;
eb5d44eb 1638 struct tlvs tlvs;
1639 struct list *lsp_list = NULL;
1640 struct isis_passwd *passwd;
1641
f390d2c7 1642 if (snp_type == ISIS_SNP_CSNP_FLAG)
1643 {
1644 /* getting the header info */
1645 typechar = 'C';
1646 chdr =
1647 (struct isis_complete_seqnum_hdr *) STREAM_PNT (circuit->rcv_stream);
e38e0df0
SV		 1648 stream_forward_getp (circuit->rcv_stream, ISIS_CSNP_HDRLEN);
1649 pdu_len = ntohs (chdr->pdu_len);
a22ab5a5 1650 if (pdu_len < (ISIS_FIXED_HDR_LEN + ISIS_CSNP_HDRLEN) ||
e38e0df0
SV		 1651 pdu_len > ISO_MTU(circuit) ||
1652 pdu_len > stream_get_endp (circuit->rcv_stream))
f390d2c7 1653 {
e38e0df0
SV		 1654 zlog_warn ("Received a CSNP with bogus length %d", pdu_len);
1655 return ISIS_WARNING;
f390d2c7 1656 }
eb5d44eb 1657 }
f390d2c7 1658 else
1659 {
1660 typechar = 'P';
1661 phdr =
1662 (struct isis_partial_seqnum_hdr *) STREAM_PNT (circuit->rcv_stream);
e38e0df0
SV		 1663 stream_forward_getp (circuit->rcv_stream, ISIS_PSNP_HDRLEN);
1664 pdu_len = ntohs (phdr->pdu_len);
a22ab5a5 1665 if (pdu_len < (ISIS_FIXED_HDR_LEN + ISIS_PSNP_HDRLEN) ||
e38e0df0
SV		 1666 pdu_len > ISO_MTU(circuit) ||
1667 pdu_len > stream_get_endp (circuit->rcv_stream))
f390d2c7 1668 {
ac7d3169 1669 zlog_warn ("Received a PSNP with bogus length %d", pdu_len);
e38e0df0 1670 return ISIS_WARNING;
f390d2c7 1671 }
eb5d44eb 1672 }
eb5d44eb 1673
e38e0df0
SV		 1674 /*
1675 * Set the stream endp to PDU length, ignoring additional padding
1676 * introduced by transport chips.
1677 */
1678 if (pdu_len < stream_get_endp (circuit->rcv_stream))
1679 stream_set_endp (circuit->rcv_stream, pdu_len);
1680
eb5d44eb 1681 /* 7.3.15.2 a) 1 - external domain circuit will discard snp pdu */
f390d2c7 1682 if (circuit->ext_domain)
1683 {
eb5d44eb 1684
529d65b3 1685 zlog_debug ("ISIS-Snp (%s): Rcvd L%d %cSNP on %s, "
1686 "skipping: circuit externalDomain = true",
1687 circuit->area->area_tag,
1688 level, typechar, circuit->interface->name);
eb5d44eb 1689
f390d2c7 1690 return ISIS_OK;
1691 }
eb5d44eb 1692
1693 /* 7.3.15.2 a) 2,3 - manualL2OnlyMode not implemented */
3f045a08 1694 if (!accept_level (level, circuit->is_type))
f390d2c7 1695 {
eb5d44eb 1696
529d65b3 1697 zlog_debug ("ISIS-Snp (%s): Rcvd L%d %cSNP on %s, "
1698 "skipping: circuit type %s does not match level %d",
1699 circuit->area->area_tag,
1700 level,
1701 typechar,
1702 circuit->interface->name,
3f045a08 1703 circuit_t2string (circuit->is_type), level);
eb5d44eb 1704
1705 return ISIS_OK;
1706 }
f390d2c7 1707
1708 /* 7.3.15.2 a) 4 - not applicable for CSNP only PSNPs on broadcast */
1709 if ((snp_type == ISIS_SNP_PSNP_FLAG) &&
3f045a08
JB		 1710 (circuit->circ_type == CIRCUIT_T_BROADCAST) &&
1711 (!circuit->u.bc.is_dr[level - 1]))
f390d2c7 1712 {
3f045a08
JB		 1713 zlog_debug ("ISIS-Snp (%s): Rcvd L%d %cSNP from %s on %s, "
1714 "skipping: we are not the DIS",
1715 circuit->area->area_tag,
1716 level,
1717 typechar, snpa_print (ssnpa), circuit->interface->name);
f390d2c7 1718
3f045a08 1719 return ISIS_OK;
f390d2c7 1720 }
eb5d44eb 1721
1722 /* 7.3.15.2 a) 5 - need to make sure IDLength matches - already checked */
1723
1724 /* 7.3.15.2 a) 6 - maximum area match, can be ommited since we only use 3
1725 * - already checked */
1726
1727 /* 7.3.15.2 a) 7 - Must check that we have an adjacency of the same level */
1728 /* for broadcast circuits, snpa should be compared */
1729 /* FIXME : Do we need to check SNPA? */
f390d2c7 1730 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
1731 {
1732 if (snp_type == ISIS_SNP_CSNP_FLAG)
1733 {
1734 adj =
1735 isis_adj_lookup (chdr->source_id, circuit->u.bc.adjdb[level - 1]);
1736 }
1737 else
1738 {
1739 /* a psnp on a broadcast, how lovely of Juniper :) */
1740 adj =
1741 isis_adj_lookup (phdr->source_id, circuit->u.bc.adjdb[level - 1]);
1742 }
1743 if (!adj)
1744 return ISIS_OK; /* Silently discard */
1745 }
1746 else
1747 {
1748 if (!circuit->u.p2p.neighbor)
3f045a08
JB		 1749 {
1750 zlog_warn ("no p2p neighbor on circuit %s", circuit->interface->name);
1751 return ISIS_OK; /* Silently discard */
1752 }
f390d2c7 1753 }
eb5d44eb 1754
1755 /* 7.3.15.2 a) 8 - Passwords for level 1 - not implemented */
1756
1757 /* 7.3.15.2 a) 9 - Passwords for level 2 - not implemented */
1758
1759 memset (&tlvs, 0, sizeof (struct tlvs));
1760
1761 /* parse the SNP */
1762 expected |= TLVFLAG_LSP_ENTRIES;
1763 expected |= TLVFLAG_AUTH_INFO;
3f045a08
JB		 1764
1765 auth_tlv_offset = stream_get_getp (circuit->rcv_stream);
eb5d44eb 1766 retval = parse_tlvs (circuit->area->area_tag,
f390d2c7 1767 STREAM_PNT (circuit->rcv_stream),
e38e0df0 1768 pdu_len - stream_get_getp (circuit->rcv_stream),
3f045a08 1769 &expected, &found, &tlvs, &auth_tlv_offset);
eb5d44eb 1770
f390d2c7 1771 if (retval > ISIS_WARNING)
1772 {
1773 zlog_warn ("something went very wrong processing SNP");
1774 free_tlvs (&tlvs);
1775 return retval;
1776 }
eb5d44eb 1777
3f045a08 1778 if (level == IS_LEVEL_1)
1cbc562b 1779 passwd = &circuit->area->area_passwd;
1780 else
1781 passwd = &circuit->area->domain_passwd;
1782
1783 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_RECV))
f390d2c7 1784 {
1cbc562b 1785 if (passwd->type)
3f045a08
JB		 1786 {
1787 if (!(found & TLVFLAG_AUTH_INFO) ||
1788 authentication_check (&tlvs.auth_info, passwd,
1789 circuit->rcv_stream, auth_tlv_offset))
1790 {
1791 isis_event_auth_failure (circuit->area->area_tag,
1792 "SNP authentication" " failure",
1793 phdr ? phdr->source_id :
1794 chdr->source_id);
1795 free_tlvs (&tlvs);
1796 return ISIS_OK;
1797 }
1798 }
f390d2c7 1799 }
eb5d44eb 1800
1801 /* debug isis snp-packets */
f390d2c7 1802 if (isis->debugs & DEBUG_SNP_PACKETS)
1803 {
529d65b3 1804 zlog_debug ("ISIS-Snp (%s): Rcvd L%d %cSNP from %s on %s",
1805 circuit->area->area_tag,
1806 level,
1807 typechar, snpa_print (ssnpa), circuit->interface->name);
f390d2c7 1808 if (tlvs.lsp_entries)
1809 {
3fdb2dd9 1810 for (ALL_LIST_ELEMENTS_RO (tlvs.lsp_entries, node, entry))
f390d2c7 1811 {
529d65b3 1812 zlog_debug ("ISIS-Snp (%s): %cSNP entry %s, seq 0x%08x,"
1813 " cksum 0x%04x, lifetime %us",
1814 circuit->area->area_tag,
1815 typechar,
1816 rawlspid_print (entry->lsp_id),
1817 ntohl (entry->seq_num),
1818 ntohs (entry->checksum), ntohs (entry->rem_lifetime));
f390d2c7 1819 }
1820 }
eb5d44eb 1821 }
eb5d44eb 1822
1823 /* 7.3.15.2 b) Actions on LSP_ENTRIES reported */
f390d2c7 1824 if (tlvs.lsp_entries)
1825 {
3fdb2dd9 1826 for (ALL_LIST_ELEMENTS_RO (tlvs.lsp_entries, node, entry))
f390d2c7 1827 {
1828 lsp = lsp_search (entry->lsp_id, circuit->area->lspdb[level - 1]);
1829 own_lsp = !memcmp (entry->lsp_id, isis->sysid, ISIS_SYS_ID_LEN);
1830 if (lsp)
1831 {
1832 /* 7.3.15.2 b) 1) is this LSP newer */
1833 cmp = lsp_compare (circuit->area->area_tag, lsp, entry->seq_num,
1834 entry->checksum, entry->rem_lifetime);
1835 /* 7.3.15.2 b) 2) if it equals, clear SRM on p2p */
1836 if (cmp == LSP_EQUAL)
1837 {
3f045a08
JB		 1838 /* if (circuit->circ_type != CIRCUIT_T_BROADCAST) */
1839 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
f390d2c7 1840 }
3f045a08 1841 /* 7.3.15.2 b) 3) if it is older, clear SSN and set SRM */
f390d2c7 1842 else if (cmp == LSP_OLDER)
1843 {
1844 ISIS_CLEAR_FLAG (lsp->SSNflags, circuit);
1845 ISIS_SET_FLAG (lsp->SRMflags, circuit);
1846 }
3f045a08 1847 /* 7.3.15.2 b) 4) if it is newer, set SSN and clear SRM on p2p */
f390d2c7 1848 else
1849 {
f390d2c7 1850 if (own_lsp)
1851 {
1852 lsp_inc_seqnum (lsp, ntohl (entry->seq_num));
1853 ISIS_SET_FLAG (lsp->SRMflags, circuit);
1854 }
1855 else
1856 {
1857 ISIS_SET_FLAG (lsp->SSNflags, circuit);
3f045a08
JB		 1858 /* if (circuit->circ_type != CIRCUIT_T_BROADCAST) */
1859 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
f390d2c7 1860 }
1861 }
1862 }
1863 else
1864 {
1865 /* 7.3.15.2 b) 5) if it was not found, and all of those are not 0,
1866 * insert it and set SSN on it */
1867 if (entry->rem_lifetime && entry->checksum && entry->seq_num &&
1868 memcmp (entry->lsp_id, isis->sysid, ISIS_SYS_ID_LEN))
1869 {
1870 lsp = lsp_new (entry->lsp_id, ntohs (entry->rem_lifetime),
1871 0, 0, entry->checksum, level);
3f045a08 1872 lsp->area = circuit->area;
f390d2c7 1873 lsp_insert (lsp, circuit->area->lspdb[level - 1]);
3f045a08 1874 ISIS_FLAGS_CLEAR_ALL (lsp->SRMflags);
f390d2c7 1875 ISIS_SET_FLAG (lsp->SSNflags, circuit);
1876 }
1877 }
eb5d44eb 1878 }
1879 }
eb5d44eb 1880
1881 /* 7.3.15.2 c) on CSNP set SRM for all in range which were not reported */
f390d2c7 1882 if (snp_type == ISIS_SNP_CSNP_FLAG)
1883 {
1884 /*
3f045a08
JB		 1885 * Build a list from our own LSP db bounded with
1886 * start_lsp_id and stop_lsp_id
f390d2c7 1887 */
1888 lsp_list = list_new ();
1889 lsp_build_list_nonzero_ht (chdr->start_lsp_id, chdr->stop_lsp_id,
1890 lsp_list, circuit->area->lspdb[level - 1]);
1891
1892 /* Fixme: Find a better solution */
1893 if (tlvs.lsp_entries)
1894 {
1eb8ef25 1895 for (ALL_LIST_ELEMENTS (tlvs.lsp_entries, node, nnode, entry))
f390d2c7 1896 {
1eb8ef25 1897 for (ALL_LIST_ELEMENTS (lsp_list, node2, nnode2, lsp))
f390d2c7 1898 {
1899 if (lsp_id_cmp (lsp->lsp_header->lsp_id, entry->lsp_id) == 0)
1900 {
1901 list_delete_node (lsp_list, node2);
1902 break;
1903 }
1904 }
1905 }
1906 }
1907 /* on remaining LSPs we set SRM (neighbor knew not of) */
3fdb2dd9 1908 for (ALL_LIST_ELEMENTS_RO (lsp_list, node, lsp))
f390d2c7 1909 ISIS_SET_FLAG (lsp->SRMflags, circuit);
f390d2c7 1910 /* lets free it */
3f045a08
JB		 1911 list_delete (lsp_list);
1912
eb5d44eb 1913 }
eb5d44eb 1914
1915 free_tlvs (&tlvs);
1916 return retval;
1917}
1918
92365889 1919static int
02e33d3e 1920process_csnp (int level, struct isis_circuit *circuit, const u_char *ssnpa)
eb5d44eb 1921{
3f045a08
JB		 1922 if (isis->debugs & DEBUG_SNP_PACKETS)
1923 {
1924 zlog_debug ("ISIS-Snp (%s): Rcvd L%d CSNP on %s, cirType %s, cirID %u",
1925 circuit->area->area_tag, level, circuit->interface->name,
1926 circuit_t2string (circuit->is_type), circuit->circuit_id);
1927 if (isis->debugs & DEBUG_PACKET_DUMP)
1928 zlog_dump_data (STREAM_DATA (circuit->rcv_stream),
1929 stream_get_endp (circuit->rcv_stream));
1930 }
1931
eb5d44eb 1932 /* Sanity check - FIXME: move to correct place */
f390d2c7 1933 if ((stream_get_endp (circuit->rcv_stream) -
1934 stream_get_getp (circuit->rcv_stream)) < ISIS_CSNP_HDRLEN)
1935 {
1936 zlog_warn ("Packet too short ( < %d)", ISIS_CSNP_HDRLEN);
1937 return ISIS_WARNING;
1938 }
eb5d44eb 1939
1940 return process_snp (ISIS_SNP_CSNP_FLAG, level, circuit, ssnpa);
1941}
1942
92365889 1943static int
02e33d3e 1944process_psnp (int level, struct isis_circuit *circuit, const u_char *ssnpa)
eb5d44eb 1945{
3f045a08
JB		 1946 if (isis->debugs & DEBUG_SNP_PACKETS)
1947 {
1948 zlog_debug ("ISIS-Snp (%s): Rcvd L%d PSNP on %s, cirType %s, cirID %u",
1949 circuit->area->area_tag, level, circuit->interface->name,
1950 circuit_t2string (circuit->is_type), circuit->circuit_id);
1951 if (isis->debugs & DEBUG_PACKET_DUMP)
1952 zlog_dump_data (STREAM_DATA (circuit->rcv_stream),
1953 stream_get_endp (circuit->rcv_stream));
1954 }
1955
f390d2c7 1956 if ((stream_get_endp (circuit->rcv_stream) -
1957 stream_get_getp (circuit->rcv_stream)) < ISIS_PSNP_HDRLEN)
1958 {
3f045a08 1959 zlog_warn ("Packet too short ( < %d)", ISIS_PSNP_HDRLEN);
f390d2c7 1960 return ISIS_WARNING;
1961 }
eb5d44eb 1962
1963 return process_snp (ISIS_SNP_PSNP_FLAG, level, circuit, ssnpa);
1964}
1965
eb5d44eb 1966/*
1967 * PDU Dispatcher
1968 */
1969
92365889 1970static int
f390d2c7 1971isis_handle_pdu (struct isis_circuit *circuit, u_char * ssnpa)
eb5d44eb 1972{
eb5d44eb 1973 struct isis_fixed_hdr *hdr;
eb5d44eb 1974
f390d2c7 1975 int retval = ISIS_OK;
eb5d44eb 1976
1977 /*
1978 * Let's first read data from stream to the header
1979 */
f390d2c7 1980 hdr = (struct isis_fixed_hdr *) STREAM_DATA (circuit->rcv_stream);
eb5d44eb 1981
f390d2c7 1982 if ((hdr->idrp != ISO10589_ISIS) && (hdr->idrp != ISO9542_ESIS))
1983 {
3f045a08 1984 zlog_err ("Not an IS-IS or ES-IS packet IDRP=%02x", hdr->idrp);
f390d2c7 1985 return ISIS_ERROR;
1986 }
eb5d44eb 1987
1988 /* now we need to know if this is an ISO 9542 packet and
1989 * take real good care of it, waaa!
1990 */
f390d2c7 1991 if (hdr->idrp == ISO9542_ESIS)
1992 {
3f045a08
JB		 1993 zlog_err ("No support for ES-IS packet IDRP=%02x", hdr->idrp);
1994 return ISIS_ERROR;
f390d2c7 1995 }
3f045a08
JB		 1996 stream_set_getp (circuit->rcv_stream, ISIS_FIXED_HDR_LEN);
1997
eb5d44eb 1998 /*
1999 * and then process it
2000 */
2001
f390d2c7 2002 if (hdr->length < ISIS_MINIMUM_FIXED_HDR_LEN)
2003 {
2004 zlog_err ("Fixed header length = %d", hdr->length);
2005 return ISIS_ERROR;
2006 }
eb5d44eb 2007
f390d2c7 2008 if (hdr->version1 != 1)
2009 {
2010 zlog_warn ("Unsupported ISIS version %u", hdr->version1);
2011 return ISIS_WARNING;
2012 }
eb5d44eb 2013 /* either 6 or 0 */
f390d2c7 2014 if ((hdr->id_len != 0) && (hdr->id_len != ISIS_SYS_ID_LEN))
2015 {
2016 zlog_err
2017 ("IDFieldLengthMismatch: ID Length field in a received PDU %u, "
2018 "while the parameter for this IS is %u", hdr->id_len,
2019 ISIS_SYS_ID_LEN);
2020 return ISIS_ERROR;
2021 }
eb5d44eb 2022
f390d2c7 2023 if (hdr->version2 != 1)
2024 {
2025 zlog_warn ("Unsupported ISIS version %u", hdr->version2);
2026 return ISIS_WARNING;
2027 }
3f045a08
JB		 2028
2029 if (circuit->is_passive)
2030 {
2031 zlog_warn ("Received ISIS PDU on passive circuit %s",
2032 circuit->interface->name);
2033 return ISIS_WARNING;
2034 }
2035
eb5d44eb 2036 /* either 3 or 0 */
f390d2c7 2037 if ((hdr->max_area_addrs != 0)
2038 && (hdr->max_area_addrs != isis->max_area_addrs))
2039 {
2040 zlog_err ("maximumAreaAddressesMismatch: maximumAreaAdresses in a "
2041 "received PDU %u while the parameter for this IS is %u",
2042 hdr->max_area_addrs, isis->max_area_addrs);
2043 return ISIS_ERROR;
2044 }
eb5d44eb 2045
f390d2c7 2046 switch (hdr->pdu_type)
2047 {
2048 case L1_LAN_HELLO:
2049 retval = process_lan_hello (ISIS_LEVEL1, circuit, ssnpa);
2050 break;
2051 case L2_LAN_HELLO:
2052 retval = process_lan_hello (ISIS_LEVEL2, circuit, ssnpa);
2053 break;
2054 case P2P_HELLO:
2055 retval = process_p2p_hello (circuit);
2056 break;
2057 case L1_LINK_STATE:
2058 retval = process_lsp (ISIS_LEVEL1, circuit, ssnpa);
2059 break;
2060 case L2_LINK_STATE:
2061 retval = process_lsp (ISIS_LEVEL2, circuit, ssnpa);
2062 break;
2063 case L1_COMPLETE_SEQ_NUM:
2064 retval = process_csnp (ISIS_LEVEL1, circuit, ssnpa);
2065 break;
2066 case L2_COMPLETE_SEQ_NUM:
2067 retval = process_csnp (ISIS_LEVEL2, circuit, ssnpa);
2068 break;
2069 case L1_PARTIAL_SEQ_NUM:
2070 retval = process_psnp (ISIS_LEVEL1, circuit, ssnpa);
2071 break;
2072 case L2_PARTIAL_SEQ_NUM:
2073 retval = process_psnp (ISIS_LEVEL2, circuit, ssnpa);
2074 break;
2075 default:
2076 return ISIS_ERROR;
2077 }
eb5d44eb 2078
2079 return retval;
2080}
2081
eb5d44eb 2082#ifdef GNU_LINUX
2083int
2084isis_receive (struct thread *thread)
2085{
eb5d44eb 2086 struct isis_circuit *circuit;
2087 u_char ssnpa[ETH_ALEN];
2088 int retval;
2089
2090 /*
2091 * Get the circuit
2092 */
2093 circuit = THREAD_ARG (thread);
2094 assert (circuit);
2095
2096 if (circuit->rcv_stream == NULL)
f390d2c7 2097 circuit->rcv_stream = stream_new (ISO_MTU (circuit));
eb5d44eb 2098 else
2099 stream_reset (circuit->rcv_stream);
2100
2101 retval = circuit->rx (circuit, ssnpa);
f390d2c7 2102 circuit->t_read = NULL;
eb5d44eb 2103
2104 if (retval == ISIS_OK)
2105 retval = isis_handle_pdu (circuit, ssnpa);
2106
2107 /*
2108 * prepare for next packet.
2109 */
3f045a08
JB		 2110 if (!circuit->is_passive)
2111 {
2112 THREAD_READ_ON (master, circuit->t_read, isis_receive, circuit,
2113 circuit->fd);
2114 }
eb5d44eb 2115
2116 return retval;
2117}
2118
2119#else
2120int
2121isis_receive (struct thread *thread)
2122{
eb5d44eb 2123 struct isis_circuit *circuit;
2124 u_char ssnpa[ETH_ALEN];
2125 int retval;
2126
2127 /*
2128 * Get the circuit
2129 */
2130 circuit = THREAD_ARG (thread);
2131 assert (circuit);
2132
f390d2c7 2133 circuit->t_read = NULL;
eb5d44eb 2134
2135 if (circuit->rcv_stream == NULL)
f390d2c7 2136 circuit->rcv_stream = stream_new (ISO_MTU (circuit));
eb5d44eb 2137 else
2138 stream_reset (circuit->rcv_stream);
2139
2140 retval = circuit->rx (circuit, ssnpa);
2141
2142 if (retval == ISIS_OK)
2143 retval = isis_handle_pdu (circuit, ssnpa);
2144
2145 /*
2146 * prepare for next packet.
2147 */
3f045a08
JB		 2148 if (!circuit->is_passive)
2149 {
2150 circuit->t_read = thread_add_timer_msec (master, isis_receive, circuit,
2151 listcount
2152 (circuit->area->circuit_list) *
2153 100);
2154 }
eb5d44eb 2155
2156 return retval;
2157}
2158
2159#endif
2160
2161 /* filling of the fixed isis header */
2162void
2163fill_fixed_hdr (struct isis_fixed_hdr *hdr, u_char pdu_type)
2164{
2165 memset (hdr, 0, sizeof (struct isis_fixed_hdr));
2166
2167 hdr->idrp = ISO10589_ISIS;
2168
f390d2c7 2169 switch (pdu_type)
2170 {
2171 case L1_LAN_HELLO:
2172 case L2_LAN_HELLO:
2173 hdr->length = ISIS_LANHELLO_HDRLEN;
2174 break;
2175 case P2P_HELLO:
2176 hdr->length = ISIS_P2PHELLO_HDRLEN;
2177 break;
2178 case L1_LINK_STATE:
2179 case L2_LINK_STATE:
2180 hdr->length = ISIS_LSP_HDR_LEN;
2181 break;
2182 case L1_COMPLETE_SEQ_NUM:
2183 case L2_COMPLETE_SEQ_NUM:
2184 hdr->length = ISIS_CSNP_HDRLEN;
2185 break;
2186 case L1_PARTIAL_SEQ_NUM:
2187 case L2_PARTIAL_SEQ_NUM:
2188 hdr->length = ISIS_PSNP_HDRLEN;
2189 break;
2190 default:
2191 zlog_warn ("fill_fixed_hdr(): unknown pdu type %d", pdu_type);
2192 return;
2193 }
eb5d44eb 2194 hdr->length += ISIS_FIXED_HDR_LEN;
2195 hdr->pdu_type = pdu_type;
2196 hdr->version1 = 1;
f390d2c7 2197 hdr->id_len = 0; /* ISIS_SYS_ID_LEN - 0==6 */
eb5d44eb 2198 hdr->version2 = 1;
f390d2c7 2199 hdr->max_area_addrs = 0; /* isis->max_area_addrs - 0==3 */
eb5d44eb 2200}
2201
eb5d44eb 2202/*
2203 * SEND SIDE
2204 */
92365889 2205static void
eb5d44eb 2206fill_fixed_hdr_andstream (struct isis_fixed_hdr *hdr, u_char pdu_type,
f390d2c7 2207 struct stream *stream)
eb5d44eb 2208{
f390d2c7 2209 fill_fixed_hdr (hdr, pdu_type);
eb5d44eb 2210
2211 stream_putc (stream, hdr->idrp);
2212 stream_putc (stream, hdr->length);
2213 stream_putc (stream, hdr->version1);
2214 stream_putc (stream, hdr->id_len);
2215 stream_putc (stream, hdr->pdu_type);
2216 stream_putc (stream, hdr->version2);
2217 stream_putc (stream, hdr->reserved);
2218 stream_putc (stream, hdr->max_area_addrs);
2219
2220 return;
2221}
2222
eb5d44eb 2223int
2224send_hello (struct isis_circuit *circuit, int level)
2225{
2226 struct isis_fixed_hdr fixed_hdr;
2227 struct isis_lan_hello_hdr hello_hdr;
2228 struct isis_p2p_hello_hdr p2p_hello_hdr;
3f045a08
JB		 2229 unsigned char hmac_md5_hash[ISIS_AUTH_MD5_SIZE];
2230 unsigned long len_pointer, length, auth_tlv_offset = 0;
eb5d44eb 2231 u_int32_t interval;
eb5d44eb 2232 int retval;
2233
3f045a08
JB		 2234 if (circuit->is_passive)
2235 return ISIS_OK;
2236
f390d2c7 2237 if (circuit->interface->mtu == 0)
2238 {
2239 zlog_warn ("circuit has zero MTU");
2240 return ISIS_WARNING;
2241 }
eb5d44eb 2242
2243 if (!circuit->snd_stream)
f390d2c7 2244 circuit->snd_stream = stream_new (ISO_MTU (circuit));
eb5d44eb 2245 else
2246 stream_reset (circuit->snd_stream);
2247
2248 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
3f045a08 2249 if (level == IS_LEVEL_1)
f390d2c7 2250 fill_fixed_hdr_andstream (&fixed_hdr, L1_LAN_HELLO,
2251 circuit->snd_stream);
eb5d44eb 2252 else
f390d2c7 2253 fill_fixed_hdr_andstream (&fixed_hdr, L2_LAN_HELLO,
2254 circuit->snd_stream);
eb5d44eb 2255 else
f390d2c7 2256 fill_fixed_hdr_andstream (&fixed_hdr, P2P_HELLO, circuit->snd_stream);
eb5d44eb 2257
2258 /*
2259 * Fill LAN Level 1 or 2 Hello PDU header
2260 */
2261 memset (&hello_hdr, 0, sizeof (struct isis_lan_hello_hdr));
f390d2c7 2262 interval = circuit->hello_multiplier[level - 1] *
eb5d44eb 2263 circuit->hello_interval[level - 1];
2264 if (interval > USHRT_MAX)
2265 interval = USHRT_MAX;
3f045a08 2266 hello_hdr.circuit_t = circuit->is_type;
eb5d44eb 2267 memcpy (hello_hdr.source_id, isis->sysid, ISIS_SYS_ID_LEN);
f390d2c7 2268 hello_hdr.hold_time = htons ((u_int16_t) interval);
eb5d44eb 2269
f390d2c7 2270 hello_hdr.pdu_len = 0; /* Update the PDU Length later */
9985f83c 2271 len_pointer = stream_get_endp (circuit->snd_stream) + 3 + ISIS_SYS_ID_LEN;
eb5d44eb 2272
2273 /* copy the shared part of the hello to the p2p hello if needed */
f390d2c7 2274 if (circuit->circ_type == CIRCUIT_T_P2P)
2275 {
2276 memcpy (&p2p_hello_hdr, &hello_hdr, 5 + ISIS_SYS_ID_LEN);
2277 p2p_hello_hdr.local_id = circuit->circuit_id;
2278 /* FIXME: need better understanding */
2279 stream_put (circuit->snd_stream, &p2p_hello_hdr, ISIS_P2PHELLO_HDRLEN);
2280 }
2281 else
2282 {
3f045a08
JB		 2283 hello_hdr.prio = circuit->priority[level - 1];
2284 if (level == IS_LEVEL_1)
f390d2c7 2285 {
2286 memcpy (hello_hdr.lan_id, circuit->u.bc.l1_desig_is,
2287 ISIS_SYS_ID_LEN + 1);
2288 }
3f045a08 2289 else if (level == IS_LEVEL_2)
f390d2c7 2290 {
2291 memcpy (hello_hdr.lan_id, circuit->u.bc.l2_desig_is,
2292 ISIS_SYS_ID_LEN + 1);
2293 }
2294 stream_put (circuit->snd_stream, &hello_hdr, ISIS_LANHELLO_HDRLEN);
2295 }
eb5d44eb 2296
2297 /*
3f045a08 2298 * Then the variable length part.
eb5d44eb 2299 */
3f045a08 2300
eb5d44eb 2301 /* add circuit password */
3f045a08
JB		 2302 switch (circuit->passwd.type)
2303 {
2304 /* Cleartext */
2305 case ISIS_PASSWD_TYPE_CLEARTXT:
2306 if (tlv_add_authinfo (circuit->passwd.type, circuit->passwd.len,
2307 circuit->passwd.passwd, circuit->snd_stream))
2308 return ISIS_WARNING;
2309 break;
2310
2311 /* HMAC MD5 */
2312 case ISIS_PASSWD_TYPE_HMAC_MD5:
2313 /* Remember where TLV is written so we can later overwrite the MD5 hash */
2314 auth_tlv_offset = stream_get_endp (circuit->snd_stream);
2315 memset(&hmac_md5_hash, 0, ISIS_AUTH_MD5_SIZE);
2316 if (tlv_add_authinfo (circuit->passwd.type, ISIS_AUTH_MD5_SIZE,
2317 hmac_md5_hash, circuit->snd_stream))
2318 return ISIS_WARNING;
2319 break;
2320
2321 default:
2322 break;
2323 }
2324
eb5d44eb 2325 /* Area Addresses TLV */
3f045a08
JB		 2326 if (listcount (circuit->area->area_addrs) == 0)
2327 return ISIS_WARNING;
2328 if (tlv_add_area_addrs (circuit->area->area_addrs, circuit->snd_stream))
2329 return ISIS_WARNING;
eb5d44eb 2330
2331 /* LAN Neighbors TLV */
f390d2c7 2332 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
2333 {
3f045a08
JB		 2334 if (level == IS_LEVEL_1 && circuit->u.bc.lan_neighs[0] &&
2335 listcount (circuit->u.bc.lan_neighs[0]) > 0)
f390d2c7 2336 if (tlv_add_lan_neighs (circuit->u.bc.lan_neighs[0],
2337 circuit->snd_stream))
2338 return ISIS_WARNING;
3f045a08
JB		 2339 if (level == IS_LEVEL_2 && circuit->u.bc.lan_neighs[1] &&
2340 listcount (circuit->u.bc.lan_neighs[1]) > 0)
f390d2c7 2341 if (tlv_add_lan_neighs (circuit->u.bc.lan_neighs[1],
2342 circuit->snd_stream))
2343 return ISIS_WARNING;
2344 }
eb5d44eb 2345
2346 /* Protocols Supported TLV */
f390d2c7 2347 if (circuit->nlpids.count > 0)
eb5d44eb 2348 if (tlv_add_nlpid (&circuit->nlpids, circuit->snd_stream))
2349 return ISIS_WARNING;
2350 /* IP interface Address TLV */
3f045a08
JB		 2351 if (circuit->ip_router && circuit->ip_addrs &&
2352 listcount (circuit->ip_addrs) > 0)
eb5d44eb 2353 if (tlv_add_ip_addrs (circuit->ip_addrs, circuit->snd_stream))
2354 return ISIS_WARNING;
2355
f390d2c7 2356#ifdef HAVE_IPV6
eb5d44eb 2357 /* IPv6 Interface Address TLV */
f390d2c7 2358 if (circuit->ipv6_router && circuit->ipv6_link &&
3f045a08 2359 listcount (circuit->ipv6_link) > 0)
eb5d44eb 2360 if (tlv_add_ipv6_addrs (circuit->ipv6_link, circuit->snd_stream))
2361 return ISIS_WARNING;
2362#endif /* HAVE_IPV6 */
2363
3f045a08 2364 if (circuit->pad_hellos)
eb5d44eb 2365 if (tlv_add_padding (circuit->snd_stream))
2366 return ISIS_WARNING;
2367
9985f83c 2368 length = stream_get_endp (circuit->snd_stream);
eb5d44eb 2369 /* Update PDU length */
f390d2c7 2370 stream_putw_at (circuit->snd_stream, len_pointer, (u_int16_t) length);
eb5d44eb 2371
3f045a08
JB		 2372 /* For HMAC MD5 we need to compute the md5 hash and store it */
2373 if (circuit->passwd.type == ISIS_PASSWD_TYPE_HMAC_MD5)
2374 {
2375 hmac_md5 (STREAM_DATA (circuit->snd_stream),
2376 stream_get_endp (circuit->snd_stream),
2377 (unsigned char *) &circuit->passwd.passwd, circuit->passwd.len,
2378 (caddr_t) &hmac_md5_hash);
2379 /* Copy the hash into the stream */
2380 memcpy (STREAM_DATA (circuit->snd_stream) + auth_tlv_offset + 3,
2381 hmac_md5_hash, ISIS_AUTH_MD5_SIZE);
2382 }
eb5d44eb 2383
f390d2c7 2384 if (isis->debugs & DEBUG_ADJ_PACKETS)
2385 {
2386 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
2387 {
529d65b3 2388 zlog_debug ("ISIS-Adj (%s): Sent L%d LAN IIH on %s, length %ld",
2389 circuit->area->area_tag, level, circuit->interface->name,
29e50b23 2390 /* FIXME: use %z when we stop supporting old compilers. */
3f045a08 2391 length);
f390d2c7 2392 }
2393 else
2394 {
529d65b3 2395 zlog_debug ("ISIS-Adj (%s): Sent P2P IIH on %s, length %ld",
2396 circuit->area->area_tag, circuit->interface->name,
29e50b23 2397 /* FIXME: use %z when we stop supporting old compilers. */
3f045a08 2398 length);
f390d2c7 2399 }
3f045a08
JB		 2400 if (isis->debugs & DEBUG_PACKET_DUMP)
2401 zlog_dump_data (STREAM_DATA (circuit->snd_stream),
2402 stream_get_endp (circuit->snd_stream));
eb5d44eb 2403 }
eb5d44eb 2404
3f045a08
JB		 2405 retval = circuit->tx (circuit, level);
2406 if (retval != ISIS_OK)
2407 zlog_err ("ISIS-Adj (%s): Send L%d IIH on %s failed",
2408 circuit->area->area_tag, level, circuit->interface->name);
eb5d44eb 2409
3f045a08 2410 return retval;
eb5d44eb 2411}
2412
2413int
2414send_lan_l1_hello (struct thread *thread)
2415{
eb5d44eb 2416 struct isis_circuit *circuit;
2417 int retval;
2418
2419 circuit = THREAD_ARG (thread);
2420 assert (circuit);
2421 circuit->u.bc.t_send_lan_hello[0] = NULL;
2422
2423 if (circuit->u.bc.run_dr_elect[0])
f390d2c7 2424 retval = isis_dr_elect (circuit, 1);
eb5d44eb 2425
3f045a08 2426 retval = send_hello (circuit, 1);
eb5d44eb 2427
2428 /* set next timer thread */
f390d2c7 2429 THREAD_TIMER_ON (master, circuit->u.bc.t_send_lan_hello[0],
2430 send_lan_l1_hello, circuit,
2431 isis_jitter (circuit->hello_interval[0], IIH_JITTER));
eb5d44eb 2432
2433 return retval;
2434}
2435
2436int
2437send_lan_l2_hello (struct thread *thread)
2438{
2439 struct isis_circuit *circuit;
2440 int retval;
2441
2442 circuit = THREAD_ARG (thread);
2443 assert (circuit);
2444 circuit->u.bc.t_send_lan_hello[1] = NULL;
2445
2446 if (circuit->u.bc.run_dr_elect[1])
2447 retval = isis_dr_elect (circuit, 2);
2448
3f045a08 2449 retval = send_hello (circuit, 2);
eb5d44eb 2450
f390d2c7 2451 /* set next timer thread */
2452 THREAD_TIMER_ON (master, circuit->u.bc.t_send_lan_hello[1],
2453 send_lan_l2_hello, circuit,
2454 isis_jitter (circuit->hello_interval[1], IIH_JITTER));
eb5d44eb 2455
2456 return retval;
2457}
2458
2459int
2460send_p2p_hello (struct thread *thread)
2461{
2462 struct isis_circuit *circuit;
2463
2464 circuit = THREAD_ARG (thread);
2465 assert (circuit);
2466 circuit->u.p2p.t_send_p2p_hello = NULL;
2467
f390d2c7 2468 send_hello (circuit, 1);
eb5d44eb 2469
f390d2c7 2470 /* set next timer thread */
2471 THREAD_TIMER_ON (master, circuit->u.p2p.t_send_p2p_hello, send_p2p_hello,
2472 circuit, isis_jitter (circuit->hello_interval[1],
2473 IIH_JITTER));
eb5d44eb 2474
2475 return ISIS_OK;
2476}
2477
92365889 2478static int
f390d2c7 2479build_csnp (int level, u_char * start, u_char * stop, struct list *lsps,
2480 struct isis_circuit *circuit)
eb5d44eb 2481{
2482 struct isis_fixed_hdr fixed_hdr;
2483 struct isis_passwd *passwd;
eb5d44eb 2484 unsigned long lenp;
2485 u_int16_t length;
3f045a08
JB		 2486 unsigned char hmac_md5_hash[ISIS_AUTH_MD5_SIZE];
2487 unsigned long auth_tlv_offset = 0;
2488 int retval = ISIS_OK;
2489
2490 if (circuit->snd_stream == NULL)
2491 circuit->snd_stream = stream_new (ISO_MTU (circuit));
2492 else
2493 stream_reset (circuit->snd_stream);
eb5d44eb 2494
3f045a08 2495 if (level == IS_LEVEL_1)
f390d2c7 2496 fill_fixed_hdr_andstream (&fixed_hdr, L1_COMPLETE_SEQ_NUM,
2497 circuit->snd_stream);
eb5d44eb 2498 else
f390d2c7 2499 fill_fixed_hdr_andstream (&fixed_hdr, L2_COMPLETE_SEQ_NUM,
2500 circuit->snd_stream);
eb5d44eb 2501
2502 /*
2503 * Fill Level 1 or 2 Complete Sequence Numbers header
2504 */
2505
9985f83c 2506 lenp = stream_get_endp (circuit->snd_stream);
f390d2c7 2507 stream_putw (circuit->snd_stream, 0); /* PDU length - when we know it */
eb5d44eb 2508 /* no need to send the source here, it is always us if we csnp */
2509 stream_put (circuit->snd_stream, isis->sysid, ISIS_SYS_ID_LEN);
2510 /* with zero circuit id - ref 9.10, 9.11 */
2511 stream_putc (circuit->snd_stream, 0x00);
2512
2513 stream_put (circuit->snd_stream, start, ISIS_SYS_ID_LEN + 2);
2514 stream_put (circuit->snd_stream, stop, ISIS_SYS_ID_LEN + 2);
2515
2516 /*
2517 * And TLVs
2518 */
3f045a08 2519 if (level == IS_LEVEL_1)
eb5d44eb 2520 passwd = &circuit->area->area_passwd;
2521 else
2522 passwd = &circuit->area->domain_passwd;
2523
1cbc562b 2524 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_SEND))
3f045a08
JB		 2525 {
2526 switch (passwd->type)
2527 {
2528 /* Cleartext */
2529 case ISIS_PASSWD_TYPE_CLEARTXT:
2530 if (tlv_add_authinfo (ISIS_PASSWD_TYPE_CLEARTXT, passwd->len,
2531 passwd->passwd, circuit->snd_stream))
2532 return ISIS_WARNING;
2533 break;
2534
2535 /* HMAC MD5 */
2536 case ISIS_PASSWD_TYPE_HMAC_MD5:
2537 /* Remember where TLV is written so we can later overwrite the MD5 hash */
2538 auth_tlv_offset = stream_get_endp (circuit->snd_stream);
2539 memset(&hmac_md5_hash, 0, ISIS_AUTH_MD5_SIZE);
2540 if (tlv_add_authinfo (ISIS_PASSWD_TYPE_HMAC_MD5, ISIS_AUTH_MD5_SIZE,
2541 hmac_md5_hash, circuit->snd_stream))
2542 return ISIS_WARNING;
2543 break;
2544
2545 default:
2546 break;
f390d2c7 2547 }
3f045a08
JB		 2548 }
2549
2550 retval = tlv_add_lsp_entries (lsps, circuit->snd_stream);
2551 if (retval != ISIS_OK)
2552 return retval;
2553
9985f83c 2554 length = (u_int16_t) stream_get_endp (circuit->snd_stream);
eb5d44eb 2555 /* Update PU length */
2556 stream_putw_at (circuit->snd_stream, lenp, length);
2557
3f045a08
JB		 2558 /* For HMAC MD5 we need to compute the md5 hash and store it */
2559 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_SEND) &&
2560 passwd->type == ISIS_PASSWD_TYPE_HMAC_MD5)
2561 {
2562 hmac_md5 (STREAM_DATA (circuit->snd_stream),
2563 stream_get_endp(circuit->snd_stream),
2564 (unsigned char *) &passwd->passwd, passwd->len,
2565 (caddr_t) &hmac_md5_hash);
2566 /* Copy the hash into the stream */
2567 memcpy (STREAM_DATA (circuit->snd_stream) + auth_tlv_offset + 3,
2568 hmac_md5_hash, ISIS_AUTH_MD5_SIZE);
2569 }
2570
eb5d44eb 2571 return retval;
2572}
2573
3f045a08
JB		 2574/*
2575 * Count the maximum number of lsps that can be accomodated by a given size.
2576 */
2577static uint16_t
2578get_max_lsp_count (uint16_t size)
2579{
2580 uint16_t tlv_count;
2581 uint16_t lsp_count;
2582 uint16_t remaining_size;
2583
2584 /* First count the full size TLVs */
2585 tlv_count = size / MAX_LSP_ENTRIES_TLV_SIZE;
2586 lsp_count = tlv_count * (MAX_LSP_ENTRIES_TLV_SIZE / LSP_ENTRIES_LEN);
2587
2588 /* The last TLV, if any */
2589 remaining_size = size % MAX_LSP_ENTRIES_TLV_SIZE;
2590 if (remaining_size - 2 >= LSP_ENTRIES_LEN)
2591 lsp_count += (remaining_size - 2) / LSP_ENTRIES_LEN;
2592
2593 return lsp_count;
2594}
2595
2596/*
2597 * Calculate the length of Authentication Info. TLV.
2598 */
2599static uint16_t
2600auth_tlv_length (int level, struct isis_circuit *circuit)
2601{
2602 struct isis_passwd *passwd;
2603 uint16_t length;
2604
2605 if (level == IS_LEVEL_1)
2606 passwd = &circuit->area->area_passwd;
2607 else
2608 passwd = &circuit->area->domain_passwd;
2609
2610 /* Also include the length of TLV header */
2611 length = AUTH_INFO_HDRLEN;
2612 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_SEND))
2613 {
2614 switch (passwd->type)
2615 {
2616 /* Cleartext */
2617 case ISIS_PASSWD_TYPE_CLEARTXT:
2618 length += passwd->len;
2619 break;
2620
2621 /* HMAC MD5 */
2622 case ISIS_PASSWD_TYPE_HMAC_MD5:
2623 length += ISIS_AUTH_MD5_SIZE;
2624 break;
2625
2626 default:
2627 break;
2628 }
2629 }
2630
2631 return length;
2632}
2633
2634/*
2635 * Calculate the maximum number of lsps that can be accomodated in a CSNP/PSNP.
2636 */
2637static uint16_t
2638max_lsps_per_snp (int snp_type, int level, struct isis_circuit *circuit)
2639{
2640 int snp_hdr_len;
2641 int auth_tlv_len;
2642 uint16_t lsp_count;
2643
2644 snp_hdr_len = ISIS_FIXED_HDR_LEN;
2645 if (snp_type == ISIS_SNP_CSNP_FLAG)
2646 snp_hdr_len += ISIS_CSNP_HDRLEN;
2647 else
2648 snp_hdr_len += ISIS_PSNP_HDRLEN;
2649
2650 auth_tlv_len = auth_tlv_length (level, circuit);
2651 lsp_count = get_max_lsp_count (
2652 stream_get_size (circuit->snd_stream) - snp_hdr_len - auth_tlv_len);
e38e0df0 2653 return lsp_count;
3f045a08
JB		 2654}
2655
eb5d44eb 2656/*
2657 * FIXME: support multiple CSNPs
2658 */
2659
2660int
2661send_csnp (struct isis_circuit *circuit, int level)
2662{
eb5d44eb 2663 u_char start[ISIS_SYS_ID_LEN + 2];
2664 u_char stop[ISIS_SYS_ID_LEN + 2];
2665 struct list *list = NULL;
3fdb2dd9 2666 struct listnode *node;
eb5d44eb 2667 struct isis_lsp *lsp;
3f045a08
JB		 2668 u_char num_lsps, loop = 1;
2669 int i, retval = ISIS_OK;
2670
2671 if (circuit->area->lspdb[level - 1] == NULL ||
2672 dict_count (circuit->area->lspdb[level - 1]) == 0)
2673 return retval;
eb5d44eb 2674
f390d2c7 2675 memset (start, 0x00, ISIS_SYS_ID_LEN + 2);
eb5d44eb 2676 memset (stop, 0xff, ISIS_SYS_ID_LEN + 2);
2677
3f045a08
JB		 2678 num_lsps = max_lsps_per_snp (ISIS_SNP_CSNP_FLAG, level, circuit);
2679
2680 while (loop)
f390d2c7 2681 {
2682 list = list_new ();
3f045a08
JB		 2683 lsp_build_list (start, stop, num_lsps, list,
2684 circuit->area->lspdb[level - 1]);
2685 /*
2686 * Update the stop lsp_id before encoding this CSNP.
2687 */
2688 if (listcount (list) < num_lsps)
2689 {
2690 memset (stop, 0xff, ISIS_SYS_ID_LEN + 2);
2691 }
f390d2c7 2692 else
3f045a08
JB		 2693 {
2694 node = listtail (list);
2695 lsp = listgetdata (node);
2696 memcpy (stop, lsp->lsp_header->lsp_id, ISIS_SYS_ID_LEN + 2);
2697 }
f390d2c7 2698
2699 retval = build_csnp (level, start, stop, list, circuit);
3f045a08
JB		 2700 if (retval != ISIS_OK)
2701 {
2702 zlog_err ("ISIS-Snp (%s): Build L%d CSNP on %s failed",
2703 circuit->area->area_tag, level, circuit->interface->name);
2704 list_delete (list);
2705 return retval;
2706 }
f390d2c7 2707
2708 if (isis->debugs & DEBUG_SNP_PACKETS)
3f045a08 2709 {
ee046671 2710 zlog_debug ("ISIS-Snp (%s): Sent L%d CSNP on %s, length %zd",
3f045a08
JB		 2711 circuit->area->area_tag, level, circuit->interface->name,
2712 stream_get_endp (circuit->snd_stream));
2713 for (ALL_LIST_ELEMENTS_RO (list, node, lsp))
2714 {
2715 zlog_debug ("ISIS-Snp (%s): CSNP entry %s, seq 0x%08x,"
2716 " cksum 0x%04x, lifetime %us",
2717 circuit->area->area_tag,
2718 rawlspid_print (lsp->lsp_header->lsp_id),
2719 ntohl (lsp->lsp_header->seq_num),
2720 ntohs (lsp->lsp_header->checksum),
2721 ntohs (lsp->lsp_header->rem_lifetime));
2722 }
2723 if (isis->debugs & DEBUG_PACKET_DUMP)
2724 zlog_dump_data (STREAM_DATA (circuit->snd_stream),
2725 stream_get_endp (circuit->snd_stream));
2726 }
2727
2728 retval = circuit->tx (circuit, level);
2729 if (retval != ISIS_OK)
2730 {
2731 zlog_err ("ISIS-Snp (%s): Send L%d CSNP on %s failed",
2732 circuit->area->area_tag, level,
2733 circuit->interface->name);
2734 list_delete (list);
2735 return retval;
2736 }
eb5d44eb 2737
3f045a08
JB		 2738 /*
2739 * Start lsp_id of the next CSNP should be one plus the
2740 * stop lsp_id in this current CSNP.
2741 */
2742 memcpy (start, stop, ISIS_SYS_ID_LEN + 2);
2743 loop = 0;
2744 for (i = ISIS_SYS_ID_LEN + 1; i >= 0; --i)
2745 {
2746 if (start[i] < (u_char)0xff)
2747 {
2748 start[i] += 1;
2749 loop = 1;
2750 break;
2751 }
2752 }
2753 memset (stop, 0xff, ISIS_SYS_ID_LEN + 2);
f390d2c7 2754 list_delete (list);
f390d2c7 2755 }
3f045a08 2756
eb5d44eb 2757 return retval;
2758}
2759
2760int
2761send_l1_csnp (struct thread *thread)
2762{
2763 struct isis_circuit *circuit;
2764 int retval = ISIS_OK;
2765
2766 circuit = THREAD_ARG (thread);
2767 assert (circuit);
2768
2769 circuit->t_send_csnp[0] = NULL;
2770
f390d2c7 2771 if (circuit->circ_type == CIRCUIT_T_BROADCAST && circuit->u.bc.is_dr[0])
2772 {
2773 send_csnp (circuit, 1);
2774 }
eb5d44eb 2775 /* set next timer thread */
f390d2c7 2776 THREAD_TIMER_ON (master, circuit->t_send_csnp[0], send_l1_csnp, circuit,
2777 isis_jitter (circuit->csnp_interval[0], CSNP_JITTER));
eb5d44eb 2778
2779 return retval;
2780}
2781
2782int
2783send_l2_csnp (struct thread *thread)
2784{
2785 struct isis_circuit *circuit;
2786 int retval = ISIS_OK;
2787
2788 circuit = THREAD_ARG (thread);
2789 assert (circuit);
2790
2791 circuit->t_send_csnp[1] = NULL;
2792
f390d2c7 2793 if (circuit->circ_type == CIRCUIT_T_BROADCAST && circuit->u.bc.is_dr[1])
2794 {
2795 send_csnp (circuit, 2);
2796 }
eb5d44eb 2797 /* set next timer thread */
f390d2c7 2798 THREAD_TIMER_ON (master, circuit->t_send_csnp[1], send_l2_csnp, circuit,
2799 isis_jitter (circuit->csnp_interval[1], CSNP_JITTER));
d70f99e1 2800
eb5d44eb 2801 return retval;
2802}
2803
92365889 2804static int
eb5d44eb 2805build_psnp (int level, struct isis_circuit *circuit, struct list *lsps)
2806{
2807 struct isis_fixed_hdr fixed_hdr;
2808 unsigned long lenp;
2809 u_int16_t length;
eb5d44eb 2810 struct isis_lsp *lsp;
2811 struct isis_passwd *passwd;
3fdb2dd9 2812 struct listnode *node;
3f045a08
JB		 2813 unsigned char hmac_md5_hash[ISIS_AUTH_MD5_SIZE];
2814 unsigned long auth_tlv_offset = 0;
2815 int retval = ISIS_OK;
eb5d44eb 2816
3f045a08
JB		 2817 if (circuit->snd_stream == NULL)
2818 circuit->snd_stream = stream_new (ISO_MTU (circuit));
2819 else
2820 stream_reset (circuit->snd_stream);
2821
2822 if (level == IS_LEVEL_1)
f390d2c7 2823 fill_fixed_hdr_andstream (&fixed_hdr, L1_PARTIAL_SEQ_NUM,
2824 circuit->snd_stream);
eb5d44eb 2825 else
2826 fill_fixed_hdr_andstream (&fixed_hdr, L2_PARTIAL_SEQ_NUM,
f390d2c7 2827 circuit->snd_stream);
eb5d44eb 2828
2829 /*
2830 * Fill Level 1 or 2 Partial Sequence Numbers header
2831 */
9985f83c 2832 lenp = stream_get_endp (circuit->snd_stream);
f390d2c7 2833 stream_putw (circuit->snd_stream, 0); /* PDU length - when we know it */
eb5d44eb 2834 stream_put (circuit->snd_stream, isis->sysid, ISIS_SYS_ID_LEN);
2835 stream_putc (circuit->snd_stream, circuit->idx);
2836
2837 /*
2838 * And TLVs
2839 */
2840
3f045a08 2841 if (level == IS_LEVEL_1)
eb5d44eb 2842 passwd = &circuit->area->area_passwd;
2843 else
2844 passwd = &circuit->area->domain_passwd;
2845
1cbc562b 2846 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_SEND))
3f045a08
JB		 2847 {
2848 switch (passwd->type)
2849 {
2850 /* Cleartext */
2851 case ISIS_PASSWD_TYPE_CLEARTXT:
2852 if (tlv_add_authinfo (ISIS_PASSWD_TYPE_CLEARTXT, passwd->len,
2853 passwd->passwd, circuit->snd_stream))
2854 return ISIS_WARNING;
2855 break;
2856
2857 /* HMAC MD5 */
2858 case ISIS_PASSWD_TYPE_HMAC_MD5:
2859 /* Remember where TLV is written so we can later overwrite the MD5 hash */
2860 auth_tlv_offset = stream_get_endp (circuit->snd_stream);
2861 memset(&hmac_md5_hash, 0, ISIS_AUTH_MD5_SIZE);
2862 if (tlv_add_authinfo (ISIS_PASSWD_TYPE_HMAC_MD5, ISIS_AUTH_MD5_SIZE,
2863 hmac_md5_hash, circuit->snd_stream))
2864 return ISIS_WARNING;
2865 break;
2866
2867 default:
2868 break;
f390d2c7 2869 }
3f045a08
JB		 2870 }
2871
2872 retval = tlv_add_lsp_entries (lsps, circuit->snd_stream);
2873 if (retval != ISIS_OK)
2874 return retval;
eb5d44eb 2875
f390d2c7 2876 if (isis->debugs & DEBUG_SNP_PACKETS)
2877 {
3fdb2dd9 2878 for (ALL_LIST_ELEMENTS_RO (lsps, node, lsp))
f390d2c7 2879 {
529d65b3 2880 zlog_debug ("ISIS-Snp (%s): PSNP entry %s, seq 0x%08x,"
2881 " cksum 0x%04x, lifetime %us",
2882 circuit->area->area_tag,
2883 rawlspid_print (lsp->lsp_header->lsp_id),
2884 ntohl (lsp->lsp_header->seq_num),
2885 ntohs (lsp->lsp_header->checksum),
2886 ntohs (lsp->lsp_header->rem_lifetime));
f390d2c7 2887 }
eb5d44eb 2888 }
eb5d44eb 2889
9985f83c 2890 length = (u_int16_t) stream_get_endp (circuit->snd_stream);
eb5d44eb 2891 /* Update PDU length */
2892 stream_putw_at (circuit->snd_stream, lenp, length);
2893
3f045a08
JB		 2894 /* For HMAC MD5 we need to compute the md5 hash and store it */
2895 if (CHECK_FLAG(passwd->snp_auth, SNP_AUTH_SEND) &&
2896 passwd->type == ISIS_PASSWD_TYPE_HMAC_MD5)
2897 {
2898 hmac_md5 (STREAM_DATA (circuit->snd_stream),
2899 stream_get_endp(circuit->snd_stream),
2900 (unsigned char *) &passwd->passwd, passwd->len,
2901 (caddr_t) &hmac_md5_hash);
2902 /* Copy the hash into the stream */
2903 memcpy (STREAM_DATA (circuit->snd_stream) + auth_tlv_offset + 3,
2904 hmac_md5_hash, ISIS_AUTH_MD5_SIZE);
2905 }
2906
eb5d44eb 2907 return ISIS_OK;
2908}
2909
2910/*
2911 * 7.3.15.4 action on expiration of partial SNP interval
2912 * level 1
2913 */
92365889 2914static int
eb5d44eb 2915send_psnp (int level, struct isis_circuit *circuit)
2916{
eb5d44eb 2917 struct isis_lsp *lsp;
2918 struct list *list = NULL;
3fdb2dd9 2919 struct listnode *node;
3f045a08
JB		 2920 u_char num_lsps;
2921 int retval = ISIS_OK;
eb5d44eb 2922
3f045a08
JB		 2923 if (circuit->circ_type == CIRCUIT_T_BROADCAST &&
2924 circuit->u.bc.is_dr[level - 1])
2925 return ISIS_OK;
eb5d44eb 2926
3f045a08
JB		 2927 if (circuit->area->lspdb[level - 1] == NULL ||
2928 dict_count (circuit->area->lspdb[level - 1]) == 0)
2929 return ISIS_OK;
f390d2c7 2930
e38e0df0
SV		 2931 if (! circuit->snd_stream)
2932 return ISIS_ERROR;
2933
3f045a08 2934 num_lsps = max_lsps_per_snp (ISIS_SNP_PSNP_FLAG, level, circuit);
f390d2c7 2935
3f045a08
JB		 2936 while (1)
2937 {
2938 list = list_new ();
2939 lsp_build_list_ssn (circuit, num_lsps, list,
2940 circuit->area->lspdb[level - 1]);
2941
2942 if (listcount (list) == 0)
2943 {
2944 list_delete (list);
2945 return ISIS_OK;
2946 }
2947
2948 retval = build_psnp (level, circuit, list);
2949 if (retval != ISIS_OK)
2950 {
2951 zlog_err ("ISIS-Snp (%s): Build L%d PSNP on %s failed",
2952 circuit->area->area_tag, level, circuit->interface->name);
2953 list_delete (list);
2954 return retval;
2955 }
f390d2c7 2956
3f045a08
JB		 2957 if (isis->debugs & DEBUG_SNP_PACKETS)
2958 {
ee046671 2959 zlog_debug ("ISIS-Snp (%s): Sent L%d PSNP on %s, length %zd",
3f045a08
JB		 2960 circuit->area->area_tag, level,
2961 circuit->interface->name,
2962 stream_get_endp (circuit->snd_stream));
2963 if (isis->debugs & DEBUG_PACKET_DUMP)
2964 zlog_dump_data (STREAM_DATA (circuit->snd_stream),
2965 stream_get_endp (circuit->snd_stream));
2966 }
2967
2968 retval = circuit->tx (circuit, level);
2969 if (retval != ISIS_OK)
2970 {
2971 zlog_err ("ISIS-Snp (%s): Send L%d PSNP on %s failed",
2972 circuit->area->area_tag, level,
2973 circuit->interface->name);
2974 list_delete (list);
2975 return retval;
2976 }
f390d2c7 2977
3f045a08
JB		 2978 /*
2979 * sending succeeded, we can clear SSN flags of this circuit
2980 * for the LSPs in list
2981 */
2982 for (ALL_LIST_ELEMENTS_RO (list, node, lsp))
2983 ISIS_CLEAR_FLAG (lsp->SSNflags, circuit);
2984 list_delete (list);
eb5d44eb 2985 }
eb5d44eb 2986
2987 return retval;
2988}
2989
2990int
2991send_l1_psnp (struct thread *thread)
2992{
2993
2994 struct isis_circuit *circuit;
2995 int retval = ISIS_OK;
2996
2997 circuit = THREAD_ARG (thread);
2998 assert (circuit);
2999
3000 circuit->t_send_psnp[0] = NULL;
3001
3002 send_psnp (1, circuit);
3003 /* set next timer thread */
f390d2c7 3004 THREAD_TIMER_ON (master, circuit->t_send_psnp[0], send_l1_psnp, circuit,
3005 isis_jitter (circuit->psnp_interval[0], PSNP_JITTER));
eb5d44eb 3006
3007 return retval;
3008}
3009
3010/*
3011 * 7.3.15.4 action on expiration of partial SNP interval
3012 * level 2
3013 */
3014int
3015send_l2_psnp (struct thread *thread)
3016{
eb5d44eb 3017 struct isis_circuit *circuit;
3018 int retval = ISIS_OK;
3019
3020 circuit = THREAD_ARG (thread);
3021 assert (circuit);
3022
3023 circuit->t_send_psnp[1] = NULL;
3024
3025 send_psnp (2, circuit);
3026
3027 /* set next timer thread */
f390d2c7 3028 THREAD_TIMER_ON (master, circuit->t_send_psnp[1], send_l2_psnp, circuit,
3029 isis_jitter (circuit->psnp_interval[1], PSNP_JITTER));
eb5d44eb 3030
3031 return retval;
3032}
3033
eb5d44eb 3034/*
3035 * ISO 10589 - 7.3.14.3
3036 */
3037int
3038send_lsp (struct thread *thread)
3039{
3040 struct isis_circuit *circuit;
3041 struct isis_lsp *lsp;
3042 struct listnode *node;
3f045a08 3043 int retval = ISIS_OK;
eb5d44eb 3044
3045 circuit = THREAD_ARG (thread);
3046 assert (circuit);
3047
3f045a08
JB		 3048 if (circuit->state != C_STATE_UP || circuit->is_passive == 1)
3049 {
3050 return retval;
3051 }
eb5d44eb 3052
0fece074
AS		 3053 node = listhead (circuit->lsp_queue);
3054
3055 /*
3056 * Handle case where there are no LSPs on the queue. This can
3057 * happen, for instance, if an adjacency goes down before this
3058 * thread gets a chance to run.
3059 */
3060 if (!node)
3061 {
3062 return retval;
3063 }
3064
3065 lsp = listgetdata(node);
eb5d44eb 3066
3f045a08
JB		 3067 /*
3068 * Do not send if levels do not match
3069 */
3070 if (!(lsp->level & circuit->is_type))
3071 {
3072 list_delete_node (circuit->lsp_queue, node);
3073 return retval;
3074 }
f390d2c7 3075
3f045a08
JB		 3076 /*
3077 * Do not send if we do not have adjacencies in state up on the circuit
3078 */
3079 if (circuit->upadjcount[lsp->level - 1] == 0)
3080 {
3081 list_delete_node (circuit->lsp_queue, node);
3082 return retval;
3083 }
f390d2c7 3084
3f045a08
JB		 3085 /* copy our lsp to the send buffer */
3086 stream_copy (circuit->snd_stream, lsp->pdu);
eb5d44eb 3087
3f045a08
JB		 3088 if (isis->debugs & DEBUG_UPDATE_PACKETS)
3089 {
3090 zlog_debug
3091 ("ISIS-Upd (%s): Sent L%d LSP %s, seq 0x%08x, cksum 0x%04x,"
3092 " lifetime %us on %s", circuit->area->area_tag, lsp->level,
3093 rawlspid_print (lsp->lsp_header->lsp_id),
3094 ntohl (lsp->lsp_header->seq_num),
3095 ntohs (lsp->lsp_header->checksum),
3096 ntohs (lsp->lsp_header->rem_lifetime),
3097 circuit->interface->name);
3098 if (isis->debugs & DEBUG_PACKET_DUMP)
3099 zlog_dump_data (STREAM_DATA (circuit->snd_stream),
3100 stream_get_endp (circuit->snd_stream));
3101 }
3102
3103 retval = circuit->tx (circuit, lsp->level);
3104 if (retval != ISIS_OK)
3105 {
3106 zlog_err ("ISIS-Upd (%s): Send L%d LSP on %s failed",
3107 circuit->area->area_tag, lsp->level,
3108 circuit->interface->name);
3109 return retval;
3110 }
f390d2c7 3111
3f045a08
JB		 3112 /*
3113 * If the sending succeeded, we can del the lsp from circuits
3114 * lsp_queue
3115 */
3116 list_delete_node (circuit->lsp_queue, node);
f390d2c7 3117
3f045a08
JB		 3118 /* Set the last-cleared time if the queue is empty. */
3119 /* TODO: Is is possible that new lsps keep being added to the queue
3120 * that the queue is never empty? */
3121 if (list_isempty (circuit->lsp_queue))
3122 circuit->lsp_queue_last_cleared = time (NULL);
3123
3124 /*
3125 * On broadcast circuits also the SRMflag can be cleared
3126 */
3127 if (circuit->circ_type == CIRCUIT_T_BROADCAST)
3128 ISIS_CLEAR_FLAG (lsp->SRMflags, circuit);
eb5d44eb 3129
3130 return retval;
f390d2c7 3131}
eb5d44eb 3132
3133int
f390d2c7 3134ack_lsp (struct isis_link_state_hdr *hdr, struct isis_circuit *circuit,
3135 int level)
eb5d44eb 3136{
3137 unsigned long lenp;
3138 int retval;
3139 u_int16_t length;
3140 struct isis_fixed_hdr fixed_hdr;
3141
3142 if (!circuit->snd_stream)
f390d2c7 3143 circuit->snd_stream = stream_new (ISO_MTU (circuit));
eb5d44eb 3144 else
3145 stream_reset (circuit->snd_stream);
3146
3f045a08
JB		 3147 // fill_llc_hdr (stream);
3148 if (level == IS_LEVEL_1)
f390d2c7 3149 fill_fixed_hdr_andstream (&fixed_hdr, L1_PARTIAL_SEQ_NUM,
3150 circuit->snd_stream);
eb5d44eb 3151 else
f390d2c7 3152 fill_fixed_hdr_andstream (&fixed_hdr, L2_PARTIAL_SEQ_NUM,
3153 circuit->snd_stream);
eb5d44eb 3154
3155
9985f83c 3156 lenp = stream_get_endp (circuit->snd_stream);
f390d2c7 3157 stream_putw (circuit->snd_stream, 0); /* PDU length */
3158 stream_put (circuit->snd_stream, isis->sysid, ISIS_SYS_ID_LEN);
eb5d44eb 3159 stream_putc (circuit->snd_stream, circuit->idx);
f390d2c7 3160 stream_putc (circuit->snd_stream, 9); /* code */
3161 stream_putc (circuit->snd_stream, 16); /* len */
eb5d44eb 3162
f390d2c7 3163 stream_putw (circuit->snd_stream, ntohs (hdr->rem_lifetime));
3164 stream_put (circuit->snd_stream, hdr->lsp_id, ISIS_SYS_ID_LEN + 2);
3165 stream_putl (circuit->snd_stream, ntohl (hdr->seq_num));
3166 stream_putw (circuit->snd_stream, ntohs (hdr->checksum));
eb5d44eb 3167
9985f83c 3168 length = (u_int16_t) stream_get_endp (circuit->snd_stream);
eb5d44eb 3169 /* Update PDU length */
3170 stream_putw_at (circuit->snd_stream, lenp, length);
3171
3172 retval = circuit->tx (circuit, level);
3f045a08
JB		 3173 if (retval != ISIS_OK)
3174 zlog_err ("ISIS-Upd (%s): Send L%d LSP PSNP on %s failed",
3175 circuit->area->area_tag, level,
3176 circuit->interface->name);
eb5d44eb 3177
3178 return retval;
3179}
FRRouting mirror