]> git.proxmox.com Git - mirror_frr.git/blame - ospfd/ospf_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
zebra: Allow ns delete to happen after under/over flow checks
[mirror_frr.git] / ospfd / ospf_packet.c
CommitLineData
718e3744 1/*
2 * OSPF Sending and Receiving OSPF Packets.
3 * Copyright (C) 1999, 2000 Toshiaki Takada
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
896014f4
DL		 17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
718e3744 20 */
21
22#include <zebra.h>
23
cbf3e3eb 24#include "monotime.h"
718e3744 25#include "thread.h"
26#include "memory.h"
27#include "linklist.h"
28#include "prefix.h"
29#include "if.h"
30#include "table.h"
31#include "sockunion.h"
32#include "stream.h"
33#include "log.h"
2dd8bb4e 34#include "sockopt.h"
484315fd 35#include "checksum.h"
c1a03d47 36#include "md5.h"
7e2b7603 37#include "vrf.h"
c9cc11f6 38#include "lib_errors.h"
718e3744 39
40#include "ospfd/ospfd.h"
41#include "ospfd/ospf_network.h"
42#include "ospfd/ospf_interface.h"
43#include "ospfd/ospf_ism.h"
44#include "ospfd/ospf_asbr.h"
45#include "ospfd/ospf_lsa.h"
46#include "ospfd/ospf_lsdb.h"
47#include "ospfd/ospf_neighbor.h"
48#include "ospfd/ospf_nsm.h"
49#include "ospfd/ospf_packet.h"
50#include "ospfd/ospf_spf.h"
51#include "ospfd/ospf_flood.h"
52#include "ospfd/ospf_dump.h"
c9cc11f6 53#include "ospfd/ospf_errors.h"
718e3744 54
166b75c2
DS		 55/*
56 * OSPF Fragmentation / fragmented writes
57 *
58 * ospfd can support writing fragmented packets, for cases where
59 * kernel will not fragment IP_HDRINCL and/or multicast destined
60 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
61 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
62 * flags fields, hence user-space fragmentation will not work.
63 * Only Linux is known to leave IP header unmolested.
64 * Further, fragmentation really should be done the kernel, which already
65 * supports it, and which avoids nasty IP ID state problems.
66 *
67 * Fragmentation of OSPF packets can be required on networks with router
68 * with many many interfaces active in one area, or on networks with links
69 * with low MTUs.
70 */
71#ifdef GNU_LINUX
72#define WANT_OSPF_WRITE_FRAGMENT
73#endif
74
718e3744 75/* Packet Type String. */
d62a17ae 76const struct message ospf_packet_type_str[] = {
77 {OSPF_MSG_HELLO, "Hello"},
78 {OSPF_MSG_DB_DESC, "Database Description"},
79 {OSPF_MSG_LS_REQ, "Link State Request"},
80 {OSPF_MSG_LS_UPD, "Link State Update"},
81 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
82 {0}};
718e3744 83
75c8eabb
DO		 84/* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
85 particular types, offset is the "type" field of a packet. */
d7c0a89a 86static const uint16_t ospf_packet_minlen[] = {
d62a17ae 87 0,
88 OSPF_HELLO_MIN_SIZE,
89 OSPF_DB_DESC_MIN_SIZE,
90 OSPF_LS_REQ_MIN_SIZE,
91 OSPF_LS_UPD_MIN_SIZE,
92 OSPF_LS_ACK_MIN_SIZE,
75c8eabb
DO		 93};
94
4e31de79
DO		 95/* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
96 types, offset is the "LSA type" field. */
d7c0a89a 97static const uint16_t ospf_lsa_minlen[] = {
d62a17ae 98 0,
99 OSPF_ROUTER_LSA_MIN_SIZE,
100 OSPF_NETWORK_LSA_MIN_SIZE,
101 OSPF_SUMMARY_LSA_MIN_SIZE,
102 OSPF_SUMMARY_LSA_MIN_SIZE,
103 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
104 0,
105 OSPF_AS_EXTERNAL_LSA_MIN_SIZE,
106 0,
107 0,
108 0,
109 0,
4e31de79
DO		 110};
111
bd5651f0 112/* for ospf_check_auth() */
d62a17ae 113static int ospf_check_sum(struct ospf_header *);
bd5651f0 114
718e3744 115/* OSPF authentication checking function */
d62a17ae 116static int ospf_auth_type(struct ospf_interface *oi)
718e3744 117{
d62a17ae 118 int auth_type;
718e3744 119
d62a17ae 120 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
121 auth_type = oi->area->auth_type;
122 else
123 auth_type = OSPF_IF_PARAM(oi, auth_type);
718e3744 124
d62a17ae 125 /* Handle case where MD5 key list is not configured aka Cisco */
126 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
127 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
128 return OSPF_AUTH_NULL;
718e3744 129
d62a17ae 130 return auth_type;
718e3744 131}
132
d62a17ae 133struct ospf_packet *ospf_packet_new(size_t size)
718e3744 134{
d62a17ae 135 struct ospf_packet *new;
718e3744 136
d62a17ae 137 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
138 new->s = stream_new(size);
718e3744 139
d62a17ae 140 return new;
718e3744 141}
142
d62a17ae 143void ospf_packet_free(struct ospf_packet *op)
718e3744 144{
d62a17ae 145 if (op->s)
146 stream_free(op->s);
718e3744 147
d62a17ae 148 XFREE(MTYPE_OSPF_PACKET, op);
718e3744 149}
150
d62a17ae 151struct ospf_fifo *ospf_fifo_new()
718e3744 152{
d62a17ae 153 struct ospf_fifo *new;
718e3744 154
d62a17ae 155 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
156 return new;
718e3744 157}
158
159/* Add new packet to fifo. */
d62a17ae 160void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
718e3744 161{
d62a17ae 162 if (fifo->tail)
163 fifo->tail->next = op;
164 else
165 fifo->head = op;
718e3744 166
d62a17ae 167 fifo->tail = op;
718e3744 168
d62a17ae 169 fifo->count++;
718e3744 170}
171
aa276fd7 172/* Add new packet to head of fifo. */
d62a17ae 173static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
aa276fd7 174{
d62a17ae 175 op->next = fifo->head;
176
177 if (fifo->tail == NULL)
178 fifo->tail = op;
179
180 fifo->head = op;
181
182 fifo->count++;
aa276fd7
PJ		 183}
184
718e3744 185/* Delete first packet from fifo. */
d62a17ae 186struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
718e3744 187{
d62a17ae 188 struct ospf_packet *op;
718e3744 189
d62a17ae 190 op = fifo->head;
718e3744 191
d62a17ae 192 if (op) {
193 fifo->head = op->next;
718e3744 194
d62a17ae 195 if (fifo->head == NULL)
196 fifo->tail = NULL;
718e3744 197
d62a17ae 198 fifo->count--;
199 }
718e3744 200
d62a17ae 201 return op;
718e3744 202}
203
204/* Return first fifo entry. */
d62a17ae 205struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
718e3744 206{
d62a17ae 207 return fifo->head;
718e3744 208}
209
210/* Flush ospf packet fifo. */
d62a17ae 211void ospf_fifo_flush(struct ospf_fifo *fifo)
718e3744 212{
d62a17ae 213 struct ospf_packet *op;
214 struct ospf_packet *next;
718e3744 215
d62a17ae 216 for (op = fifo->head; op; op = next) {
217 next = op->next;
218 ospf_packet_free(op);
219 }
220 fifo->head = fifo->tail = NULL;
221 fifo->count = 0;
718e3744 222}
223
224/* Free ospf packet fifo. */
d62a17ae 225void ospf_fifo_free(struct ospf_fifo *fifo)
718e3744 226{
d62a17ae 227 ospf_fifo_flush(fifo);
718e3744 228
d62a17ae 229 XFREE(MTYPE_OSPF_FIFO, fifo);
718e3744 230}
231
d62a17ae 232void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
718e3744 233{
d62a17ae 234 if (!oi->obuf) {
af4c2728 235 flog_err(
cf444bcf 236 EC_OSPF_PKT_PROCESS,
d62a17ae 237 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
238 "destination %s) called with NULL obuf, ignoring "
239 "(please report this bug)!\n",
240 IF_NAME(oi), oi->state,
241 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
242 lookup_msg(ospf_packet_type_str,
243 stream_getc_from(op->s, 1), NULL),
244 inet_ntoa(op->dst));
245 return;
246 }
c3eab871 247
d62a17ae 248 /* Add packet to end of queue. */
249 ospf_fifo_push(oi->obuf, op);
718e3744 250
d62a17ae 251 /* Debug of packet fifo*/
252 /* ospf_fifo_debug (oi->obuf); */
718e3744 253}
254
d62a17ae 255static void ospf_packet_add_top(struct ospf_interface *oi,
256 struct ospf_packet *op)
aa276fd7 257{
d62a17ae 258 if (!oi->obuf) {
af4c2728 259 flog_err(
cf444bcf 260 EC_OSPF_PKT_PROCESS,
d62a17ae 261 "ospf_packet_add(interface %s in state %d [%s], packet type %s, "
262 "destination %s) called with NULL obuf, ignoring "
263 "(please report this bug)!\n",
264 IF_NAME(oi), oi->state,
265 lookup_msg(ospf_ism_state_msg, oi->state, NULL),
266 lookup_msg(ospf_packet_type_str,
267 stream_getc_from(op->s, 1), NULL),
268 inet_ntoa(op->dst));
269 return;
270 }
aa276fd7 271
d62a17ae 272 /* Add packet to head of queue. */
273 ospf_fifo_push_head(oi->obuf, op);
aa276fd7 274
d62a17ae 275 /* Debug of packet fifo*/
276 /* ospf_fifo_debug (oi->obuf); */
aa276fd7
PJ		 277}
278
d62a17ae 279void ospf_packet_delete(struct ospf_interface *oi)
718e3744 280{
d62a17ae 281 struct ospf_packet *op;
282
283 op = ospf_fifo_pop(oi->obuf);
718e3744 284
d62a17ae 285 if (op)
286 ospf_packet_free(op);
718e3744 287}
288
d62a17ae 289struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
718e3744 290{
d62a17ae 291 struct ospf_packet *new;
718e3744 292
d62a17ae 293 if (stream_get_endp(op->s) != op->length)
294 /* XXX size_t */
c9cc11f6 295 zlog_debug(
d62a17ae 296 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
d7c0a89a 297 (unsigned long)STREAM_SIZE(op->s), op->length);
30961a15 298
d62a17ae 299 /* Reserve space for MD5 authentication that may be added later. */
300 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
301 stream_copy(new->s, op->s);
718e3744 302
d62a17ae 303 new->dst = op->dst;
304 new->length = op->length;
718e3744 305
d62a17ae 306 return new;
718e3744 307}
308
86f1fd96 309/* XXX inline */
d62a17ae 310static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
86f1fd96 311{
d62a17ae 312 int auth = 0;
86f1fd96 313
d62a17ae 314 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
315 auth = OSPF_AUTH_MD5_SIZE;
86f1fd96 316
d62a17ae 317 return auth;
86f1fd96 318}
319
d62a17ae 320static unsigned int ospf_packet_max(struct ospf_interface *oi)
718e3744 321{
d62a17ae 322 int max;
718e3744 323
d62a17ae 324 max = oi->ifp->mtu - ospf_packet_authspace(oi);
86f1fd96 325
d62a17ae 326 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
718e3744 327
d62a17ae 328 return max;
718e3744 329}
330
6b0655a2 331
d62a17ae 332static int ospf_check_md5_digest(struct ospf_interface *oi,
333 struct ospf_header *ospfh)
718e3744 334{
d62a17ae 335 MD5_CTX ctx;
336 unsigned char digest[OSPF_AUTH_MD5_SIZE];
337 struct crypt_key *ck;
338 struct ospf_neighbor *nbr;
d7c0a89a 339 uint16_t length = ntohs(ospfh->length);
d62a17ae 340
341 /* Get secret key. */
342 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
343 ospfh->u.crypt.key_id);
344 if (ck == NULL) {
1c50c1c0
QY		 345 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
346 IF_NAME(oi), ospfh->u.crypt.key_id);
d62a17ae 347 return 0;
348 }
718e3744 349
d62a17ae 350 /* check crypto seqnum. */
351 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
718e3744 352
d62a17ae 353 if (nbr
354 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
c9cc11f6 355 flog_warn(
cf444bcf 356 EC_OSPF_MD5,
d62a17ae 357 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
358 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
359 ntohl(nbr->crypt_seqnum));
360 return 0;
361 }
718e3744 362
d62a17ae 363 /* Generate a digest for the ospf packet - their digest + our digest. */
364 memset(&ctx, 0, sizeof(ctx));
365 MD5Init(&ctx);
366 MD5Update(&ctx, ospfh, length);
367 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
368 MD5Final(digest, &ctx);
369
370 /* compare the two */
371 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
cf444bcf 372 flog_warn(EC_OSPF_MD5,
c9cc11f6 373 "interface %s: ospf_check_md5 checksum mismatch",
d62a17ae 374 IF_NAME(oi));
375 return 0;
376 }
718e3744 377
d62a17ae 378 /* save neighbor's crypt_seqnum */
379 if (nbr)
380 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
381 return 1;
718e3744 382}
383
384/* This function is called from ospf_write(), it will detect the
385 authentication scheme and if it is MD5, it will change the sequence
386 and update the MD5 digest. */
d62a17ae 387static int ospf_make_md5_digest(struct ospf_interface *oi,
388 struct ospf_packet *op)
389{
390 struct ospf_header *ospfh;
391 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
392 MD5_CTX ctx;
393 void *ibuf;
d7c0a89a 394 uint32_t t;
d62a17ae 395 struct crypt_key *ck;
d7c0a89a 396 const uint8_t *auth_key;
d62a17ae 397
398 ibuf = STREAM_DATA(op->s);
399 ospfh = (struct ospf_header *)ibuf;
400
401 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
402 return 0;
403
404 /* We do this here so when we dup a packet, we don't have to
405 waste CPU rewriting other headers.
406
407 Note that quagga_time /deliberately/ is not used here */
408 t = (time(NULL) & 0xFFFFFFFF);
409 if (t > oi->crypt_seqnum)
410 oi->crypt_seqnum = t;
411 else
412 oi->crypt_seqnum++;
413
414 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
415
416 /* Get MD5 Authentication key from auth_key list. */
417 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
d7c0a89a 418 auth_key = (const uint8_t *)digest;
d62a17ae 419 else {
420 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
421 auth_key = ck->auth_key;
422 }
718e3744 423
d62a17ae 424 /* Generate a digest for the entire packet + our secret key. */
425 memset(&ctx, 0, sizeof(ctx));
426 MD5Init(&ctx);
427 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
428 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
429 MD5Final(digest, &ctx);
718e3744 430
d62a17ae 431 /* Append md5 digest to the end of the stream. */
432 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
718e3744 433
d62a17ae 434 /* We do *NOT* increment the OSPF header length. */
435 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
30961a15 436
d62a17ae 437 if (stream_get_endp(op->s) != op->length)
438 /* XXX size_t */
c9cc11f6 439 flog_warn(
cf444bcf 440 EC_OSPF_MD5,
d62a17ae 441 "ospf_make_md5_digest: length mismatch stream %lu ospf_packet %u",
d7c0a89a 442 (unsigned long)stream_get_endp(op->s), op->length);
718e3744 443
d62a17ae 444 return OSPF_AUTH_MD5_SIZE;
718e3744 445}
446
6b0655a2 447
d62a17ae 448static int ospf_ls_req_timer(struct thread *thread)
718e3744 449{
d62a17ae 450 struct ospf_neighbor *nbr;
718e3744 451
d62a17ae 452 nbr = THREAD_ARG(thread);
453 nbr->t_ls_req = NULL;
718e3744 454
d62a17ae 455 /* Send Link State Request. */
456 if (ospf_ls_request_count(nbr))
457 ospf_ls_req_send(nbr);
718e3744 458
d62a17ae 459 /* Set Link State Request retransmission timer. */
460 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 461
d62a17ae 462 return 0;
718e3744 463}
464
d62a17ae 465void ospf_ls_req_event(struct ospf_neighbor *nbr)
718e3744 466{
d62a17ae 467 if (nbr->t_ls_req) {
468 thread_cancel(nbr->t_ls_req);
469 nbr->t_ls_req = NULL;
470 }
471 nbr->t_ls_req = NULL;
472 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
718e3744 473}
474
475/* Cyclic timer function. Fist registered in ospf_nbr_new () in
476 ospf_neighbor.c */
d62a17ae 477int ospf_ls_upd_timer(struct thread *thread)
478{
479 struct ospf_neighbor *nbr;
480
481 nbr = THREAD_ARG(thread);
482 nbr->t_ls_upd = NULL;
483
484 /* Send Link State Update. */
485 if (ospf_ls_retransmit_count(nbr) > 0) {
486 struct list *update;
487 struct ospf_lsdb *lsdb;
488 int i;
489 int retransmit_interval;
490
491 retransmit_interval =
492 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
493
494 lsdb = &nbr->ls_rxmt;
495 update = list_new();
496
497 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
498 struct route_table *table = lsdb->type[i].db;
499 struct route_node *rn;
500
501 for (rn = route_top(table); rn; rn = route_next(rn)) {
502 struct ospf_lsa *lsa;
503
504 if ((lsa = rn->info) != NULL) {
505 /* Don't retransmit an LSA if we
506 received it within
507 the last RxmtInterval seconds - this
508 is to allow the
509 neighbour a chance to acknowledge the
510 LSA as it may
511 have ben just received before the
512 retransmit timer
513 fired. This is a small tweak to what
514 is in the RFC,
515 but it will cut out out a lot of
516 retransmit traffic
517 - MAG */
518 if (monotime_since(&lsa->tv_recv, NULL)
519 >= retransmit_interval * 1000000LL)
520 listnode_add(update, rn->info);
521 }
522 }
523 }
718e3744 524
d62a17ae 525 if (listcount(update) > 0)
996c9314
LB		 526 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
527 0);
6a154c88 528 list_delete(&update);
718e3744 529 }
530
d62a17ae 531 /* Set LS Update retransmission timer. */
532 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
718e3744 533
d62a17ae 534 return 0;
718e3744 535}
536
d62a17ae 537int ospf_ls_ack_timer(struct thread *thread)
718e3744 538{
d62a17ae 539 struct ospf_interface *oi;
718e3744 540
d62a17ae 541 oi = THREAD_ARG(thread);
542 oi->t_ls_ack = NULL;
718e3744 543
d62a17ae 544 /* Send Link State Acknowledgment. */
545 if (listcount(oi->ls_ack) > 0)
546 ospf_ls_ack_send_delayed(oi);
718e3744 547
d62a17ae 548 /* Set LS Ack timer. */
549 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
718e3744 550
d62a17ae 551 return 0;
718e3744 552}
553
0bfeca3f 554#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 555static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
556 struct msghdr *msg, unsigned int maxdatasize,
d7c0a89a 557 unsigned int mtu, int flags, uint8_t type)
0bfeca3f 558{
559#define OSPF_WRITE_FRAG_SHIFT 3
d7c0a89a 560 uint16_t offset;
d62a17ae 561 struct iovec *iovp;
562 int ret;
563
564 assert(op->length == stream_get_endp(op->s));
565 assert(msg->msg_iovlen == 2);
566
567 /* we can but try.
568 *
569 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
570 * well as the IP_MF flag, making this all quite pointless.
571 *
572 * However, for a system on which IP_MF is left alone, and ip_id left
573 * alone or else which sets same ip_id for each fragment this might
574 * work, eg linux.
575 *
576 * XXX-TODO: It would be much nicer to have the kernel's use their
577 * existing fragmentation support to do this for us. Bugs/RFEs need to
578 * be raised against the various kernels.
579 */
580
581 /* set More Frag */
582 iph->ip_off |= IP_MF;
583
584 /* ip frag offset is expressed in units of 8byte words */
585 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
586
587 iovp = &msg->msg_iov[1];
588
589 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
590 > maxdatasize) {
591 /* data length of this frag is to next offset value */
592 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
593 iph->ip_len = iovp->iov_len + sizeof(struct ip);
594 assert(iph->ip_len <= mtu);
595
596 sockopt_iphdrincl_swab_htosys(iph);
597
598 ret = sendmsg(fd, msg, flags);
599
600 sockopt_iphdrincl_swab_systoh(iph);
601
602 if (ret < 0)
c9cc11f6 603 flog_err(
450971aa 604 EC_LIB_SOCKET,
d62a17ae 605 "*** ospf_write_frags: sendmsg failed to %s,"
606 " id %d, off %d, len %d, mtu %u failed with %s",
607 inet_ntoa(iph->ip_dst), iph->ip_id, iph->ip_off,
608 iph->ip_len, mtu, safe_strerror(errno));
609
610 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
611 zlog_debug(
612 "ospf_write_frags: sent id %d, off %d, len %d to %s\n",
613 iph->ip_id, iph->ip_off, iph->ip_len,
614 inet_ntoa(iph->ip_dst));
615 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
616 zlog_debug(
617 "-----------------IP Header Dump----------------------");
618 ospf_ip_header_dump(iph);
619 zlog_debug(
620 "-----------------------------------------------------");
621 }
622 }
623
624 iph->ip_off += offset;
625 stream_forward_getp(op->s, iovp->iov_len);
2d34fb80 626 iovp->iov_base = stream_pnt(op->s);
d62a17ae 627 }
628
629 /* setup for final fragment */
630 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
631 iph->ip_len = iovp->iov_len + sizeof(struct ip);
632 iph->ip_off &= (~IP_MF);
0bfeca3f 633}
634#endif /* WANT_OSPF_WRITE_FRAGMENT */
635
d62a17ae 636static int ospf_write(struct thread *thread)
637{
638 struct ospf *ospf = THREAD_ARG(thread);
639 struct ospf_interface *oi;
640 struct ospf_interface *last_serviced_oi = NULL;
641 struct ospf_packet *op;
642 struct sockaddr_in sa_dst;
643 struct ip iph;
644 struct msghdr msg;
645 struct iovec iov[2];
d7c0a89a 646 uint8_t type;
d62a17ae 647 int ret;
648 int flags = 0;
649 struct listnode *node;
0bfeca3f 650#ifdef WANT_OSPF_WRITE_FRAGMENT
d7c0a89a
QY		 651 static uint16_t ipid = 0;
652 uint16_t maxdatasize;
9d303b37 653#endif /* WANT_OSPF_WRITE_FRAGMENT */
68b7339a 654#define OSPF_WRITE_IPHL_SHIFT 2
d62a17ae 655 int pkt_count = 0;
e1b18df1
CS		 656
657#ifdef GNU_LINUX
3e300703 658 unsigned char cmsgbuf[64] = {};
e7503eab
CS		 659 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
660 struct in_pktinfo *pi;
e1b18df1 661#endif
d62a17ae 662
663 ospf->t_write = NULL;
718e3744 664
d62a17ae 665 node = listhead(ospf->oi_write_q);
666 assert(node);
667 oi = listgetdata(node);
668 assert(oi);
0bfeca3f 669
670#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 671 /* seed ipid static with low order bits of time */
672 if (ipid == 0)
673 ipid = (time(NULL) & 0xffff);
0bfeca3f 674#endif /* WANT_OSPF_WRITE_FRAGMENT */
675
d62a17ae 676 while ((pkt_count < ospf->write_oi_count) && oi
677 && (last_serviced_oi != oi)) {
678 /* If there is only packet in the queue, the oi is removed from
679 write-q, so fix up the last interface that was serviced */
680 if (last_serviced_oi == NULL) {
681 last_serviced_oi = oi;
682 }
683 pkt_count++;
233cc0fb 684#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 685 /* convenience - max OSPF data per packet */
686 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
233cc0fb 687#endif /* WANT_OSPF_WRITE_FRAGMENT */
d62a17ae 688 /* Get one packet from queue. */
689 op = ospf_fifo_head(oi->obuf);
690 assert(op);
691 assert(op->length >= OSPF_HEADER_SIZE);
692
693 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
694 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
695 ospf_if_ipmulticast(ospf, oi->address,
696 oi->ifp->ifindex);
697
698 /* Rewrite the md5 signature & update the seq */
699 ospf_make_md5_digest(oi, op);
700
701 /* Retrieve OSPF packet type. */
702 stream_set_getp(op->s, 1);
703 type = stream_getc(op->s);
704
705 /* reset get pointer */
706 stream_set_getp(op->s, 0);
707
708 memset(&iph, 0, sizeof(struct ip));
709 memset(&sa_dst, 0, sizeof(sa_dst));
710
711 sa_dst.sin_family = AF_INET;
6f0e3f6e 712#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
d62a17ae 713 sa_dst.sin_len = sizeof(sa_dst);
6f0e3f6e 714#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
d62a17ae 715 sa_dst.sin_addr = op->dst;
716 sa_dst.sin_port = htons(0);
717
718 /* Set DONTROUTE flag if dst is unicast. */
719 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
720 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
721 flags = MSG_DONTROUTE;
722
723 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
724 /* it'd be very strange for header to not be 4byte-word aligned
725 * but.. */
726 if (sizeof(struct ip)
727 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
728 iph.ip_hl++; /* we presume sizeof struct ip cant
729 overflow ip_hl.. */
730
731 iph.ip_v = IPVERSION;
732 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
733 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
68b7339a 734
0150c9c9 735#if defined(__DragonFly__)
d62a17ae 736 /*
737 * DragonFly's raw socket expects ip_len/ip_off in network byte
738 * order.
739 */
740 iph.ip_len = htons(iph.ip_len);
0150c9c9
DB		 741#endif
742
0bfeca3f 743#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 744 /* XXX-MT: not thread-safe at all..
745 * XXX: this presumes this is only programme sending OSPF
746 * packets
747 * otherwise, no guarantee ipid will be unique
748 */
749 iph.ip_id = ++ipid;
0bfeca3f 750#endif /* WANT_OSPF_WRITE_FRAGMENT */
751
d62a17ae 752 iph.ip_off = 0;
753 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
754 iph.ip_ttl = OSPF_VL_IP_TTL;
755 else
756 iph.ip_ttl = OSPF_IP_TTL;
757 iph.ip_p = IPPROTO_OSPFIGP;
758 iph.ip_sum = 0;
759 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
760 iph.ip_dst.s_addr = op->dst.s_addr;
761
762 memset(&msg, 0, sizeof(msg));
763 msg.msg_name = (caddr_t)&sa_dst;
764 msg.msg_namelen = sizeof(sa_dst);
765 msg.msg_iov = iov;
766 msg.msg_iovlen = 2;
e7503eab 767
d62a17ae 768 iov[0].iov_base = (char *)&iph;
769 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
2d34fb80 770 iov[1].iov_base = stream_pnt(op->s);
d62a17ae 771 iov[1].iov_len = op->length;
772
e1b18df1
CS		 773#ifdef GNU_LINUX
774 msg.msg_control = (caddr_t)cm;
e7503eab
CS		 775 cm->cmsg_level = SOL_IP;
776 cm->cmsg_type = IP_PKTINFO;
777 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
778 pi = (struct in_pktinfo *)CMSG_DATA(cm);
779 pi->ipi_ifindex = oi->ifp->ifindex;
780
781 msg.msg_controllen = cm->cmsg_len;
e1b18df1 782#endif
e7503eab 783
996c9314
LB		 784/* Sadly we can not rely on kernels to fragment packets
785 * because of either IP_HDRINCL and/or multicast
786 * destination being set.
787 */
e7503eab 788
0bfeca3f 789#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 790 if (op->length > maxdatasize)
791 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
792 oi->ifp->mtu, flags, type);
0bfeca3f 793#endif /* WANT_OSPF_WRITE_FRAGMENT */
718e3744 794
d62a17ae 795 /* send final fragment (could be first) */
796 sockopt_iphdrincl_swab_htosys(&iph);
797 ret = sendmsg(ospf->fd, &msg, flags);
798 sockopt_iphdrincl_swab_systoh(&iph);
799 if (IS_DEBUG_OSPF_EVENT)
800 zlog_debug(
801 "ospf_write to %s, "
802 "id %d, off %d, len %d, interface %s, mtu %u:",
803 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
804 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
805
806 if (ret < 0)
c9cc11f6 807 flog_err(
450971aa 808 EC_LIB_SOCKET,
d62a17ae 809 "*** sendmsg in ospf_write failed to %s, "
810 "id %d, off %d, len %d, interface %s, mtu %u: %s",
811 inet_ntoa(iph.ip_dst), iph.ip_id, iph.ip_off,
812 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
813 safe_strerror(errno));
814
815 /* Show debug sending packet. */
816 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
817 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
818 zlog_debug(
819 "-----------------------------------------------------");
820 ospf_ip_header_dump(&iph);
821 stream_set_getp(op->s, 0);
822 ospf_packet_dump(op->s);
823 }
824
825 zlog_debug("%s sent to [%s] via [%s].",
826 lookup_msg(ospf_packet_type_str, type, NULL),
827 inet_ntoa(op->dst), IF_NAME(oi));
828
829 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
830 zlog_debug(
831 "-----------------------------------------------------");
832 }
833
c9339663 834 switch (type) {
996c9314
LB		 835 case OSPF_MSG_HELLO:
836 oi->hello_out++;
837 break;
838 case OSPF_MSG_DB_DESC:
839 oi->db_desc_out++;
840 break;
841 case OSPF_MSG_LS_REQ:
842 oi->ls_req_out++;
843 break;
844 case OSPF_MSG_LS_UPD:
845 oi->ls_upd_out++;
846 break;
847 case OSPF_MSG_LS_ACK:
848 oi->ls_ack_out++;
849 break;
850 default:
851 break;
c9339663
CS		 852 }
853
d62a17ae 854 /* Now delete packet from queue. */
855 ospf_packet_delete(oi);
856
857 /* Move this interface to the tail of write_q to
858 serve everyone in a round robin fashion */
859 list_delete_node(ospf->oi_write_q, node);
860 if (ospf_fifo_head(oi->obuf) == NULL) {
861 oi->on_write_q = 0;
862 last_serviced_oi = NULL;
863 oi = NULL;
864 } else {
865 listnode_add(ospf->oi_write_q, oi);
e8f45e82 866 }
d62a17ae 867
868 /* Setup to service from the head of the queue again */
869 if (!list_isempty(ospf->oi_write_q)) {
870 node = listhead(ospf->oi_write_q);
871 assert(node);
872 oi = listgetdata(node);
873 assert(oi);
874 }
875 }
876
877 /* If packets still remain in queue, call write thread. */
4bb420ab 878 if (!list_isempty(ospf->oi_write_q))
d62a17ae 879 thread_add_write(master, ospf_write, ospf, ospf->fd,
880 &ospf->t_write);
718e3744 881
d62a17ae 882 return 0;
718e3744 883}
884
885/* OSPF Hello message read -- RFC2328 Section 10.5. */
d62a17ae 886static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
887 struct stream *s, struct ospf_interface *oi, int size)
888{
889 struct ospf_hello *hello;
890 struct ospf_neighbor *nbr;
891 int old_state;
892 struct prefix p;
893
894 /* increment statistics. */
895 oi->hello_in++;
896
2d34fb80 897 hello = (struct ospf_hello *)stream_pnt(s);
d62a17ae 898
899 /* If Hello is myself, silently discard. */
900 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
901 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
902 zlog_debug(
903 "ospf_header[%s/%s]: selforiginated, "
904 "dropping.",
905 lookup_msg(ospf_packet_type_str, ospfh->type,
906 NULL),
907 inet_ntoa(iph->ip_src));
908 }
909 return;
910 }
911
912 /* get neighbor prefix. */
913 p.family = AF_INET;
914 p.prefixlen = ip_masklen(hello->network_mask);
915 p.u.prefix4 = iph->ip_src;
916
917 /* Compare network mask. */
918 /* Checking is ignored for Point-to-Point and Virtual link. */
919 if (oi->type != OSPF_IFTYPE_POINTOPOINT
920 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
921 if (oi->address->prefixlen != p.prefixlen) {
c9cc11f6 922 flog_warn(
cf444bcf 923 EC_OSPF_PACKET,
d62a17ae 924 "Packet %s [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
925 inet_ntoa(ospfh->router_id), IF_NAME(oi),
926 (int)oi->address->prefixlen, (int)p.prefixlen);
927 return;
928 }
929
930 /* Compare Router Dead Interval. */
931 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
cf444bcf 932 flog_warn(EC_OSPF_PACKET,
c9cc11f6
DS		 933 "Packet %s [Hello:RECV]: RouterDeadInterval mismatch "
934 "(expected %u, but received %u).",
935 inet_ntoa(ospfh->router_id),
936 OSPF_IF_PARAM(oi, v_wait),
937 ntohl(hello->dead_interval));
d62a17ae 938 return;
939 }
940
941 /* Compare Hello Interval - ignored if fast-hellos are set. */
942 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
943 if (OSPF_IF_PARAM(oi, v_hello)
944 != ntohs(hello->hello_interval)) {
c9cc11f6 945 flog_warn(
cf444bcf 946 EC_OSPF_PACKET,
d62a17ae 947 "Packet %s [Hello:RECV]: HelloInterval mismatch "
948 "(expected %u, but received %u).",
949 inet_ntoa(ospfh->router_id),
950 OSPF_IF_PARAM(oi, v_hello),
951 ntohs(hello->hello_interval));
952 return;
953 }
954 }
955
956 if (IS_DEBUG_OSPF_EVENT)
b5a8894d 957 zlog_debug("Packet %s [Hello:RECV]: Options %s vrf %s",
d62a17ae 958 inet_ntoa(ospfh->router_id),
b5a8894d
CS		 959 ospf_options_dump(hello->options),
960 ospf_vrf_id_to_name(oi->ospf->vrf_id));
d62a17ae 961
962/* Compare options. */
718e3744 963#define REJECT_IF_TBIT_ON 1 /* XXX */
964#ifdef REJECT_IF_TBIT_ON
d62a17ae 965 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
966 /*
967 * This router does not support non-zero TOS.
968 * Drop this Hello packet not to establish neighbor
969 * relationship.
970 */
cf444bcf 971 flog_warn(EC_OSPF_PACKET,
c9cc11f6 972 "Packet %s [Hello:RECV]: T-bit on, drop it.",
d62a17ae 973 inet_ntoa(ospfh->router_id));
974 return;
975 }
718e3744 976#endif /* REJECT_IF_TBIT_ON */
977
d62a17ae 978 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
979 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
980 /*
981 * This router does know the correct usage of O-bit
982 * the bit should be set in DD packet only.
983 */
cf444bcf 984 flog_warn(EC_OSPF_PACKET,
c9cc11f6 985 "Packet %s [Hello:RECV]: O-bit abuse?",
d62a17ae 986 inet_ntoa(ospfh->router_id));
718e3744 987#ifdef STRICT_OBIT_USAGE_CHECK
d62a17ae 988 return; /* Reject this packet. */
989#else /* STRICT_OBIT_USAGE_CHECK */
990 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
991#endif /* STRICT_OBIT_USAGE_CHECK */
992 }
718e3744 993
d62a17ae 994 /* new for NSSA is to ensure that NP is on and E is off */
995
996 if (oi->area->external_routing == OSPF_AREA_NSSA) {
997 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
998 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
999 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1000 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
c9cc11f6 1001 flog_warn(
cf444bcf 1002 EC_OSPF_PACKET,
d62a17ae 1003 "NSSA-Packet-%s[Hello:RECV]: my options: %x, his options %x",
1004 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1005 hello->options);
1006 return;
1007 }
1008 if (IS_DEBUG_OSPF_NSSA)
1009 zlog_debug("NSSA-Hello:RECV:Packet from %s:",
1010 inet_ntoa(ospfh->router_id));
1011 } else
1012 /* The setting of the E-bit found in the Hello Packet's Options
1013 field must match this area's ExternalRoutingCapability A
1014 mismatch causes processing to stop and the packet to be
1015 dropped. The setting of the rest of the bits in the Hello
1016 Packet's Options field should be ignored. */
1017 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
1018 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
c9cc11f6 1019 flog_warn(
cf444bcf 1020 EC_OSPF_PACKET,
d62a17ae 1021 "Packet %s [Hello:RECV]: my options: %x, his options %x",
1022 inet_ntoa(ospfh->router_id), OPTIONS(oi),
1023 hello->options);
1024 return;
1025 }
718e3744 1026
d62a17ae 1027 /* get neighbour struct */
1028 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
1029
1030 /* neighbour must be valid, ospf_nbr_get creates if none existed */
1031 assert(nbr);
1032
1033 old_state = nbr->state;
1034
1035 /* Add event to thread. */
1036 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1037
1038 /* RFC2328 Section 9.5.1
1039 If the router is not eligible to become Designated Router,
1040 (snip) It must also send an Hello Packet in reply to an
1041 Hello Packet received from any eligible neighbor (other than
1042 the current Designated Router and Backup Designated Router). */
1043 if (oi->type == OSPF_IFTYPE_NBMA)
1044 if (PRIORITY(oi) == 0 && hello->priority > 0
1045 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1046 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1047 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1048 ospf_hello_reply_timer,
1049 OSPF_HELLO_REPLY_DELAY);
1050
1051 /* on NBMA network type, it happens to receive bidirectional Hello
1052 packet
1053 without advance 1-Way Received event.
1054 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1055 if (oi->type == OSPF_IFTYPE_NBMA
1056 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1057 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1058 nbr->priority = hello->priority;
1059 nbr->d_router = hello->d_router;
1060 nbr->bd_router = hello->bd_router;
1061 return;
1062 }
1063
1064 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1065 size - OSPF_HELLO_MIN_SIZE)) {
1066 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1067 nbr->options |= hello->options;
1068 } else {
1069 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1070 /* Set neighbor information. */
1071 nbr->priority = hello->priority;
1072 nbr->d_router = hello->d_router;
1073 nbr->bd_router = hello->bd_router;
1074 return;
1075 }
1076
1077 /* If neighbor itself declares DR and no BDR exists,
1078 cause event BackupSeen */
1079 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1080 if (hello->bd_router.s_addr == 0 && oi->state == ISM_Waiting)
1081 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1082
1083 /* neighbor itself declares BDR. */
1084 if (oi->state == ISM_Waiting
1085 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router))
1086 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1087
1088 /* had not previously. */
1089 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1090 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1091 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1092 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->d_router)))
1093 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1094
1095 /* had not previously. */
1096 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1097 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1098 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->bd_router)
1099 && IPV4_ADDR_SAME(&nbr->address.u.prefix4, &nbr->bd_router)))
1100 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1101
1102 /* Neighbor priority check. */
1103 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1104 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1105
1106 /* Set neighbor information. */
1107 nbr->priority = hello->priority;
1108 nbr->d_router = hello->d_router;
1109 nbr->bd_router = hello->bd_router;
718e3744 1110}
1111
1112/* Save DD flags/options/Seqnum received. */
d62a17ae 1113static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1114 struct ospf_db_desc *dd)
718e3744 1115{
d62a17ae 1116 nbr->last_recv.flags = dd->flags;
1117 nbr->last_recv.options = dd->options;
1118 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
718e3744 1119}
1120
1121/* Process rest of DD packet. */
d62a17ae 1122static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1123 struct ospf_neighbor *nbr,
d7c0a89a 1124 struct ospf_db_desc *dd, uint16_t size)
d62a17ae 1125{
1126 struct ospf_lsa *new, *find;
1127 struct lsa_header *lsah;
1128
1129 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1130 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1131 size -= OSPF_LSA_HEADER_SIZE) {
2d34fb80 1132 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1133 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1134
1135 /* Unknown LS type. */
1136 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1137 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1138 "Packet [DD:RECV]: Unknown LS type %d.",
d62a17ae 1139 lsah->type);
1140 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1141 return;
1142 }
1143
1144 if (IS_OPAQUE_LSA(lsah->type)
1145 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
cf444bcf 1146 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1147 "LSA[Type%d:%s]: Opaque capability mismatch?",
d62a17ae 1148 lsah->type, inet_ntoa(lsah->id));
1149 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1150 return;
1151 }
1152
1153 switch (lsah->type) {
1154 case OSPF_AS_EXTERNAL_LSA:
1155 case OSPF_OPAQUE_AS_LSA:
1156 /* Check for stub area. Reject if AS-External from stub
1157 but
1158 allow if from NSSA. */
1159 if (oi->area->external_routing == OSPF_AREA_STUB) {
c9cc11f6 1160 flog_warn(
cf444bcf 1161 EC_OSPF_PACKET,
d62a17ae 1162 "Packet [DD:RECV]: LSA[Type%d:%s] from %s area.",
1163 lsah->type, inet_ntoa(lsah->id),
1164 (oi->area->external_routing
1165 == OSPF_AREA_STUB)
1166 ? "STUB"
1167 : "NSSA");
1168 OSPF_NSM_EVENT_SCHEDULE(nbr,
1169 NSM_SeqNumberMismatch);
1170 return;
1171 }
1172 break;
1173 default:
1174 break;
1175 }
1176
1177 /* Create LS-request object. */
1178 new = ospf_ls_request_new(lsah);
1179
1180 /* Lookup received LSA, then add LS request list. */
1181 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1182
1183 /* ospf_lsa_more_recent is fine with NULL pointers */
1184 switch (ospf_lsa_more_recent(find, new)) {
1185 case -1:
1186 /* Neighbour has a more recent LSA, we must request it
1187 */
1188 ospf_ls_request_add(nbr, new);
1189 /* fallthru */
1190 case 0:
1191 /* If we have a copy of this LSA, it's either less
1192 * recent
1193 * and we're requesting it from neighbour (the case
1194 * above), or
1195 * it's as recent and we both have same copy (this
1196 * case).
1197 *
1198 * In neither of these two cases is there any point in
1199 * describing our copy of the LSA to the neighbour in a
1200 * DB-Summary packet, if we're still intending to do so.
1201 *
1202 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1203 * backward compatible optimisation to OSPF DB Exchange
1204 * /
1205 * DB Description process implemented here.
1206 */
1207 if (find)
1208 ospf_lsdb_delete(&nbr->db_sum, find);
1209 ospf_lsa_discard(new);
1210 break;
1211 default:
1212 /* We have the more recent copy, nothing specific to do:
1213 * - no need to request neighbours stale copy
1214 * - must leave DB summary list copy alone
1215 */
1216 if (IS_DEBUG_OSPF_EVENT)
1217 zlog_debug(
1218 "Packet [DD:RECV]: LSA received Type %d, "
1219 "ID %s is not recent.",
1220 lsah->type, inet_ntoa(lsah->id));
1221 ospf_lsa_discard(new);
1222 }
1223 }
1224
1225 /* Master */
1226 if (IS_SET_DD_MS(nbr->dd_flags)) {
1227 nbr->dd_seqnum++;
1228
1229 /* Both sides have no More, then we're done with Exchange */
1230 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1231 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1232 else
1233 ospf_db_desc_send(nbr);
1234 }
1235 /* Slave */
1236 else {
1237 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1238
1239 /* Send DD packet in reply.
1240 *
1241 * Must be done to acknowledge the Master's DD, regardless of
1242 * whether we have more LSAs ourselves to describe.
1243 *
1244 * This function will clear the 'More' bit, if after this DD
1245 * we have no more LSAs to describe to the master..
1246 */
1247 ospf_db_desc_send(nbr);
1248
1249 /* Slave can raise ExchangeDone now, if master is also done */
1250 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1251 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1252 }
1253
1254 /* Save received neighbor values from DD. */
1255 ospf_db_desc_save_current(nbr, dd);
1256
1257 if (!nbr->t_ls_req)
1258 ospf_ls_req_send(nbr);
1259}
1260
1261static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1262 struct ospf_neighbor *nbr)
1263{
1264 /* Is DD duplicated? */
1265 if (dd->options == nbr->last_recv.options
1266 && dd->flags == nbr->last_recv.flags
1267 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1268 return 1;
1269
1270 return 0;
718e3744 1271}
1272
1273/* OSPF Database Description message read -- RFC2328 Section 10.6. */
d62a17ae 1274static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1275 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1276 uint16_t size)
d62a17ae 1277{
1278 struct ospf_db_desc *dd;
1279 struct ospf_neighbor *nbr;
d363df2c 1280
d62a17ae 1281 /* Increment statistics. */
1282 oi->db_desc_in++;
718e3744 1283
2d34fb80 1284 dd = (struct ospf_db_desc *)stream_pnt(s);
d62a17ae 1285
1286 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1287 if (nbr == NULL) {
cf444bcf 1288 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %s",
d62a17ae 1289 inet_ntoa(ospfh->router_id));
1290 return;
718e3744 1291 }
d62a17ae 1292
1293 /* Check MTU. */
1294 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1295 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
c9cc11f6 1296 flog_warn(
cf444bcf 1297 EC_OSPF_PACKET,
d62a17ae 1298 "Packet[DD]: Neighbor %s MTU %u is larger than [%s]'s MTU %u",
1299 inet_ntoa(nbr->router_id), ntohs(dd->mtu), IF_NAME(oi),
1300 oi->ifp->mtu);
1301 return;
718e3744 1302 }
1303
d62a17ae 1304 /*
1305 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1306 * not
1307 * required. In fact at least JunOS sends DD packets with P bit clear.
1308 * Until proper solution is developped, this hack should help.
1309 *
1310 * Update: According to the RFCs, N bit is specified /only/ for Hello
1311 * options, unfortunately its use in DD options is not specified. Hence
1312 * some
1313 * implementations follow E-bit semantics and set it in DD options, and
1314 * some
1315 * treat it as unspecified and hence follow the directive "default for
1316 * options is clear", ie unset.
1317 *
1318 * Reset the flag, as ospfd follows E-bit semantics.
1319 */
1320 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1321 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1322 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1323 if (IS_DEBUG_OSPF_EVENT)
1324 zlog_debug(
1325 "Packet[DD]: Neighbour %s: Has NSSA capability, sends with N bit clear in DD options",
1326 inet_ntoa(nbr->router_id));
1327 SET_FLAG(dd->options, OSPF_OPTION_NP);
718e3744 1328 }
1329
d62a17ae 1330#ifdef REJECT_IF_TBIT_ON
1331 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1332 /*
1333 * In Hello protocol, optional capability must have checked
1334 * to prevent this T-bit enabled router be my neighbor.
1335 */
1c50c1c0 1336 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %s: T-bit on?",
d62a17ae 1337 inet_ntoa(nbr->router_id));
1338 return;
1339 }
1340#endif /* REJECT_IF_TBIT_ON */
1341
1342 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1343 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1344 /*
1345 * This node is not configured to handle O-bit, for now.
1346 * Clear it to ignore unsupported capability proposed by
1347 * neighbor.
1348 */
1349 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1350 }
1351
1352 /* Add event to thread. */
1353 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1354
1355 /* Process DD packet by neighbor status. */
1356 switch (nbr->state) {
1357 case NSM_Down:
1358 case NSM_Attempt:
1359 case NSM_TwoWay:
c9cc11f6 1360 flog_warn(
cf444bcf 1361 EC_OSPF_PACKET,
d62a17ae 1362 "Packet[DD]: Neighbor %s state is %s, packet discarded.",
1363 inet_ntoa(nbr->router_id),
1364 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1365 break;
1366 case NSM_Init:
1367 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1368 /* If the new state is ExStart, the processing of the current
1369 packet should then continue in this new state by falling
1370 through to case ExStart below. */
1371 if (nbr->state != NSM_ExStart)
1372 break;
1373 /* fallthru */
1374 case NSM_ExStart:
1375 /* Initial DBD */
1376 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1377 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1378 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1379 > 0) {
1380 /* We're Slave---obey */
05ba78e4
CS		 1381 if (CHECK_FLAG(oi->ospf->config,
1382 OSPF_LOG_ADJACENCY_DETAIL))
996c9314
LB		 1383 zlog_info(
1384 "Packet[DD]: Neighbor %s Negotiation done (Slave).",
1385 inet_ntoa(nbr->router_id));
05ba78e4 1386
d62a17ae 1387 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1388
1389 /* Reset I/MS */
1390 UNSET_FLAG(nbr->dd_flags,
1391 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1392 } else {
1393 /* We're Master, ignore the initial DBD from
1394 * Slave */
05ba78e4
CS		 1395 if (CHECK_FLAG(oi->ospf->config,
1396 OSPF_LOG_ADJACENCY_DETAIL))
1397 zlog_info(
1398 "Packet[DD]: Neighbor %s: Initial DBD from Slave, "
1399 "ignoring.",
1400 inet_ntoa(nbr->router_id));
d62a17ae 1401 break;
1402 }
1403 }
1404 /* Ack from the Slave */
1405 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1406 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1407 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1408 < 0) {
1409 zlog_info(
1410 "Packet[DD]: Neighbor %s Negotiation done (Master).",
1411 inet_ntoa(nbr->router_id));
1412 /* Reset I, leaving MS */
1413 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1414 } else {
cf444bcf 1415 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1416 "Packet[DD]: Neighbor %s Negotiation fails.",
d62a17ae 1417 inet_ntoa(nbr->router_id));
1418 break;
1419 }
1420
1421 /* This is where the real Options are saved */
1422 nbr->options = dd->options;
1423
1424 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1425 if (IS_DEBUG_OSPF_EVENT)
1426 zlog_debug(
1427 "Neighbor[%s] is %sOpaque-capable.",
1428 inet_ntoa(nbr->router_id),
1429 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1430 ? ""
1431 : "NOT ");
1432
1433 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1434 && IPV4_ADDR_SAME(&DR(oi),
1435 &nbr->address.u.prefix4)) {
c9cc11f6 1436 flog_warn(
cf444bcf 1437 EC_OSPF_PACKET,
c9cc11f6 1438 "DR-neighbor[%s] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
d62a17ae 1439 inet_ntoa(nbr->router_id));
1440 /* This situation is undesirable, but not a real
1441 * error. */
1442 }
1443 }
1444
1445 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1446
1447 /* continue processing rest of packet. */
1448 ospf_db_desc_proc(s, oi, nbr, dd, size);
1449 break;
1450 case NSM_Exchange:
1451 if (ospf_db_desc_is_dup(dd, nbr)) {
1452 if (IS_SET_DD_MS(nbr->dd_flags))
1453 /* Master: discard duplicated DD packet. */
1454 zlog_info(
1455 "Packet[DD] (Master): Neighbor %s packet duplicated.",
1456 inet_ntoa(nbr->router_id));
1457 else
1458 /* Slave: cause to retransmit the last Database
1459 Description. */
1460 {
1461 zlog_info(
1462 "Packet[DD] [Slave]: Neighbor %s packet duplicated.",
1463 inet_ntoa(nbr->router_id));
1464 ospf_db_desc_resend(nbr);
1465 }
1466 break;
1467 }
1468
1469 /* Otherwise DD packet should be checked. */
1470 /* Check Master/Slave bit mismatch */
1471 if (IS_SET_DD_MS(dd->flags)
1472 != IS_SET_DD_MS(nbr->last_recv.flags)) {
cf444bcf 1473 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1474 "Packet[DD]: Neighbor %s MS-bit mismatch.",
d62a17ae 1475 inet_ntoa(nbr->router_id));
1476 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1477 if (IS_DEBUG_OSPF_EVENT)
1478 zlog_debug(
1479 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1480 dd->flags, nbr->dd_flags);
1481 break;
1482 }
1483
1484 /* Check initialize bit is set. */
1485 if (IS_SET_DD_I(dd->flags)) {
1486 zlog_info("Packet[DD]: Neighbor %s I-bit set.",
1487 inet_ntoa(nbr->router_id));
1488 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1489 break;
1490 }
1491
1492 /* Check DD Options. */
1493 if (dd->options != nbr->options) {
718e3744 1494#ifdef ORIGINAL_CODING
d62a17ae 1495 /* Save the new options for debugging */
1496 nbr->options = dd->options;
718e3744 1497#endif /* ORIGINAL_CODING */
cf444bcf 1498 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1499 "Packet[DD]: Neighbor %s options mismatch.",
d62a17ae 1500 inet_ntoa(nbr->router_id));
1501 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1502 break;
1503 }
718e3744 1504
d62a17ae 1505 /* Check DD sequence number. */
1506 if ((IS_SET_DD_MS(nbr->dd_flags)
1507 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1508 || (!IS_SET_DD_MS(nbr->dd_flags)
1509 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
c9cc11f6 1510 flog_warn(
cf444bcf 1511 EC_OSPF_PACKET,
d62a17ae 1512 "Packet[DD]: Neighbor %s sequence number mismatch.",
1513 inet_ntoa(nbr->router_id));
1514 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1515 break;
1516 }
1517
1518 /* Continue processing rest of packet. */
1519 ospf_db_desc_proc(s, oi, nbr, dd, size);
1520 break;
1521 case NSM_Loading:
1522 case NSM_Full:
1523 if (ospf_db_desc_is_dup(dd, nbr)) {
1524 if (IS_SET_DD_MS(nbr->dd_flags)) {
1525 /* Master should discard duplicate DD packet. */
1526 zlog_info(
1527 "Packet[DD]: Neighbor %s duplicated, "
1528 "packet discarded.",
1529 inet_ntoa(nbr->router_id));
1530 break;
1531 } else {
1532 if (monotime_since(&nbr->last_send_ts, NULL)
1533 < nbr->v_inactivity * 1000000LL) {
1534 /* In states Loading and Full the slave
1535 must resend
1536 its last Database Description packet
1537 in response to
1538 duplicate Database Description
1539 packets received
1540 from the master. For this reason the
1541 slave must
1542 wait RouterDeadInterval seconds
1543 before freeing the
1544 last Database Description packet.
1545 Reception of a
1546 Database Description packet from the
1547 master after
1548 this interval will generate a
1549 SeqNumberMismatch
1550 neighbor event. RFC2328 Section 10.8
1551 */
1552 ospf_db_desc_resend(nbr);
1553 break;
1554 }
1555 }
718e3744 1556 }
718e3744 1557
d62a17ae 1558 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1559 break;
1560 default:
cf444bcf 1561 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1562 "Packet[DD]: Neighbor %s NSM illegal status %u.",
d62a17ae 1563 inet_ntoa(nbr->router_id), nbr->state);
1564 break;
1565 }
718e3744 1566}
1567
1568#define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1569
1570/* OSPF Link State Request Read -- RFC2328 Section 10.7. */
d62a17ae 1571static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1572 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1573 uint16_t size)
d62a17ae 1574{
1575 struct ospf_neighbor *nbr;
d7c0a89a 1576 uint32_t ls_type;
d62a17ae 1577 struct in_addr ls_id;
1578 struct in_addr adv_router;
1579 struct ospf_lsa *find;
1580 struct list *ls_upd;
1581 unsigned int length;
1582
1583 /* Increment statistics. */
1584 oi->ls_req_in++;
1585
1586 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1587 if (nbr == NULL) {
cf444bcf 1588 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1589 "Link State Request: Unknown Neighbor %s.",
d62a17ae 1590 inet_ntoa(ospfh->router_id));
1591 return;
718e3744 1592 }
1593
d62a17ae 1594 /* Add event to thread. */
1595 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1596
1597 /* Neighbor State should be Exchange or later. */
1598 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1599 && nbr->state != NSM_Full) {
c9cc11f6 1600 flog_warn(
cf444bcf 1601 EC_OSPF_PACKET,
c9cc11f6 1602 "Link State Request received from %s: Neighbor state is %s, packet discarded.",
d62a17ae 1603 inet_ntoa(ospfh->router_id),
1604 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1605 return;
718e3744 1606 }
1607
d62a17ae 1608 /* Send Link State Update for ALL requested LSAs. */
1609 ls_upd = list_new();
1610 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1611
1612 while (size >= OSPF_LSA_KEY_SIZE) {
1613 /* Get one slice of Link State Request. */
1614 ls_type = stream_getl(s);
1615 ls_id.s_addr = stream_get_ipv4(s);
1616 adv_router.s_addr = stream_get_ipv4(s);
1617
1618 /* Verify LSA type. */
1619 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1620 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1621 list_delete(&ls_upd);
d62a17ae 1622 return;
1623 }
718e3744 1624
d62a17ae 1625 /* Search proper LSA in LSDB. */
b5a8894d
CS		 1626 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1627 adv_router);
d62a17ae 1628 if (find == NULL) {
1629 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1630 list_delete(&ls_upd);
d62a17ae 1631 return;
1632 }
718e3744 1633
d62a17ae 1634 /* Packet overflows MTU size, send immediately. */
1635 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1636 if (oi->type == OSPF_IFTYPE_NBMA)
1637 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1638 OSPF_SEND_PACKET_DIRECT, 0);
d62a17ae 1639 else
1640 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1641 OSPF_SEND_PACKET_INDIRECT, 0);
d62a17ae 1642
1643 /* Only remove list contents. Keep ls_upd. */
1644 list_delete_all_node(ls_upd);
718e3744 1645
d62a17ae 1646 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1647 }
1648
1649 /* Append LSA to update list. */
1650 listnode_add(ls_upd, find);
1651 length += ntohs(find->data->length);
718e3744 1652
d62a17ae 1653 size -= OSPF_LSA_KEY_SIZE;
1654 }
718e3744 1655
d62a17ae 1656 /* Send rest of Link State Update. */
1657 if (listcount(ls_upd) > 0) {
1658 if (oi->type == OSPF_IFTYPE_NBMA)
996c9314
LB		 1659 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1660 0);
d62a17ae 1661 else
996c9314
LB		 1662 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1663 0);
718e3744 1664
6a154c88 1665 list_delete(&ls_upd);
d62a17ae 1666 } else
6a154c88 1667 list_delete(&ls_upd);
718e3744 1668}
1669
1670/* Get the list of LSAs from Link State Update packet.
1671 And process some validation -- RFC2328 Section 13. (1)-(2). */
d62a17ae 1672static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1673 struct stream *s,
1674 struct ospf_interface *oi, size_t size)
1675{
d7c0a89a
QY		 1676 uint16_t count, sum;
1677 uint32_t length;
d62a17ae 1678 struct lsa_header *lsah;
1679 struct ospf_lsa *lsa;
1680 struct list *lsas;
1681
1682 lsas = list_new();
1683
1684 count = stream_getl(s);
1685 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1686
1687 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1688 size -= length, stream_forward_getp(s, length), count--) {
2d34fb80 1689 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1690 length = ntohs(lsah->length);
1691
1692 if (length > size) {
c9cc11f6 1693 flog_warn(
cf444bcf 1694 EC_OSPF_PACKET,
d62a17ae 1695 "Link State Update: LSA length exceeds packet size.");
1696 break;
1697 }
718e3744 1698
d62a17ae 1699 /* Validate the LSA's LS checksum. */
1700 sum = lsah->checksum;
1701 if (!ospf_lsa_checksum_valid(lsah)) {
1702 /* (bug #685) more details in a one-line message make it
1703 * possible
1704 * to identify problem source on the one hand and to
1705 * have a better
1706 * chance to compress repeated messages in syslog on the
1707 * other */
c9cc11f6 1708 flog_warn(
cf444bcf 1709 EC_OSPF_PACKET,
d62a17ae 1710 "Link State Update: LSA checksum error %x/%x, ID=%s from: nbr %s, router ID %s, adv router %s",
1711 sum, lsah->checksum, inet_ntoa(lsah->id),
1712 inet_ntoa(nbr->src), inet_ntoa(nbr->router_id),
1713 inet_ntoa(lsah->adv_router));
1714 continue;
1715 }
718e3744 1716
d62a17ae 1717 /* Examine the LSA's LS type. */
1718 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1719 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1720 "Link State Update: Unknown LS type %d",
d62a17ae 1721 lsah->type);
1722 continue;
1723 }
718e3744 1724
d62a17ae 1725 /*
1726 * What if the received LSA's age is greater than MaxAge?
1727 * Treat it as a MaxAge case -- endo.
1728 */
1729 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1730 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
718e3744 1731
d62a17ae 1732 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1733#ifdef STRICT_OBIT_USAGE_CHECK
1734 if ((IS_OPAQUE_LSA(lsah->type)
1735 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1736 || (!IS_OPAQUE_LSA(lsah->type)
1737 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1738 /*
1739 * This neighbor must know the exact usage of
1740 * O-bit;
1741 * the bit will be set in Type-9,10,11 LSAs
1742 * only.
1743 */
cf444bcf 1744 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1745 "LSA[Type%d:%s]: O-bit abuse?",
d62a17ae 1746 lsah->type, inet_ntoa(lsah->id));
1747 continue;
1748 }
1749#endif /* STRICT_OBIT_USAGE_CHECK */
718e3744 1750
d62a17ae 1751 /* Do not take in AS External Opaque-LSAs if we are a
1752 * stub. */
1753 if (lsah->type == OSPF_OPAQUE_AS_LSA
1754 && nbr->oi->area->external_routing
1755 != OSPF_AREA_DEFAULT) {
1756 if (IS_DEBUG_OSPF_EVENT)
1757 zlog_debug(
1758 "LSA[Type%d:%s]: We are a stub, don't take this LSA.",
1759 lsah->type,
1760 inet_ntoa(lsah->id));
1761 continue;
1762 }
1763 } else if (IS_OPAQUE_LSA(lsah->type)) {
cf444bcf 1764 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1765 "LSA[Type%d:%s]: Opaque capability mismatch?",
d62a17ae 1766 lsah->type, inet_ntoa(lsah->id));
1767 continue;
1768 }
718e3744 1769
d62a17ae 1770 /* Create OSPF LSA instance. */
5b3d4186 1771 lsa = ospf_lsa_new_and_data(length);
d62a17ae 1772
b5a8894d 1773 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 1774 /* We may wish to put some error checking if type NSSA comes in
1775 and area not in NSSA mode */
1776 switch (lsah->type) {
1777 case OSPF_AS_EXTERNAL_LSA:
1778 case OSPF_OPAQUE_AS_LSA:
1779 lsa->area = NULL;
1780 break;
1781 case OSPF_OPAQUE_LINK_LSA:
1782 lsa->oi = oi; /* Remember incoming interface for
1783 flooding control. */
1784 /* Fallthrough */
1785 default:
1786 lsa->area = oi->area;
1787 break;
1788 }
718e3744 1789
d62a17ae 1790 memcpy(lsa->data, lsah, length);
1791
1792 if (IS_DEBUG_OSPF_EVENT)
1793 zlog_debug(
1794 "LSA[Type%d:%s]: %p new LSA created with Link State Update",
1795 lsa->data->type, inet_ntoa(lsa->data->id),
1796 (void *)lsa);
1797 listnode_add(lsas, lsa);
1798 }
718e3744 1799
d62a17ae 1800 return lsas;
718e3744 1801}
1802
1803/* Cleanup Update list. */
d62a17ae 1804static void ospf_upd_list_clean(struct list *lsas)
718e3744 1805{
d62a17ae 1806 struct listnode *node, *nnode;
1807 struct ospf_lsa *lsa;
718e3744 1808
d62a17ae 1809 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1810 ospf_lsa_discard(lsa);
718e3744 1811
6a154c88 1812 list_delete(&lsas);
718e3744 1813}
1814
1815/* OSPF Link State Update message read -- RFC2328 Section 13. */
d62a17ae 1816static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1817 struct ospf_header *ospfh, struct stream *s,
d7c0a89a 1818 struct ospf_interface *oi, uint16_t size)
d62a17ae 1819{
1820 struct ospf_neighbor *nbr;
1821 struct list *lsas;
1822 struct listnode *node, *nnode;
1823 struct ospf_lsa *lsa = NULL;
1824 /* unsigned long ls_req_found = 0; */
1825
1826 /* Dis-assemble the stream, update each entry, re-encapsulate for
1827 * flooding */
1828
1829 /* Increment statistics. */
1830 oi->ls_upd_in++;
1831
1832 /* Check neighbor. */
1833 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1834 if (nbr == NULL) {
cf444bcf 1835 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1836 "Link State Update: Unknown Neighbor %s on int: %s",
d62a17ae 1837 inet_ntoa(ospfh->router_id), IF_NAME(oi));
1838 return;
718e3744 1839 }
1840
d62a17ae 1841 /* Add event to thread. */
1842 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
1843
1844 /* Check neighbor state. */
1845 if (nbr->state < NSM_Exchange) {
1846 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1847 zlog_debug(
1848 "Link State Update: "
1849 "Neighbor[%s] state %s is less than Exchange",
1850 inet_ntoa(ospfh->router_id),
1851 lookup_msg(ospf_nsm_state_msg, nbr->state,
1852 NULL));
1853 return;
1854 }
718e3744 1855
d62a17ae 1856 /* Get list of LSAs from Link State Update packet. - Also perorms Stages
1857 * 1 (validate LSA checksum) and 2 (check for LSA consistent type)
1858 * of section 13.
1859 */
1860 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1861
35955c14
CS		 1862 if (lsas == NULL)
1863 return;
d62a17ae 1864#define DISCARD_LSA(L, N) \
1865 { \
1866 if (IS_DEBUG_OSPF_EVENT) \
1867 zlog_debug( \
1868 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1869 " Type-%d", \
1870 N, (void *)lsa, (int)lsa->data->type); \
1871 ospf_lsa_discard(L); \
1872 continue; \
718e3744 1873 }
1874
d62a17ae 1875 /* Process each LSA received in the one packet.
1876 *
1877 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1878 * text below are from the steps in RFC 2328, Section 13.
1879 */
1880 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1881 struct ospf_lsa *ls_ret, *current;
1882 int ret = 1;
1883
1884 if (IS_DEBUG_OSPF_NSSA) {
1885 char buf1[INET_ADDRSTRLEN];
1886 char buf2[INET_ADDRSTRLEN];
1887 char buf3[INET_ADDRSTRLEN];
1888
1889 zlog_debug("LSA Type-%d from %s, ID: %s, ADV: %s",
1890 lsa->data->type,
1891 inet_ntop(AF_INET, &ospfh->router_id, buf1,
1892 INET_ADDRSTRLEN),
1893 inet_ntop(AF_INET, &lsa->data->id, buf2,
1894 INET_ADDRSTRLEN),
1895 inet_ntop(AF_INET, &lsa->data->adv_router,
1896 buf3, INET_ADDRSTRLEN));
1897 }
718e3744 1898
d62a17ae 1899 listnode_delete(lsas,
1900 lsa); /* We don't need it in list anymore */
1901
1902 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1903 */
1904
1905 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1906
1907 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1908 */
1909
1910 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1911 */
1912
1913 /* Do take in Type-7's if we are an NSSA */
1914
1915 /* If we are also an ABR, later translate them to a Type-5
1916 * packet */
1917
1918 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1919 translate them to a separate Type-5 packet. */
1920
1921 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1922 /* Reject from STUB or NSSA */
1923 if (nbr->oi->area->external_routing
1924 != OSPF_AREA_DEFAULT) {
1925 if (IS_DEBUG_OSPF_NSSA)
1926 zlog_debug(
1927 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1928 DISCARD_LSA(lsa, 1);
1929 }
1930
1931 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1932 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1933 if (IS_DEBUG_OSPF_NSSA)
1934 zlog_debug(
1935 "Incoming NSSA LSA Discarded: Not NSSA Area");
1936 DISCARD_LSA(lsa, 2);
1937 }
1938
1939 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1940 if (lsa->data->type == OSPF_ROUTER_LSA)
1941 if (!IPV4_ADDR_SAME(&lsa->data->id,
1942 &lsa->data->adv_router)) {
1943 char buf1[INET_ADDRSTRLEN];
1944 char buf2[INET_ADDRSTRLEN];
1945 char buf3[INET_ADDRSTRLEN];
1946
cf444bcf 1947 flog_err(EC_OSPF_ROUTER_LSA_MISMATCH,
1c50c1c0
QY		 1948 "Incoming Router-LSA from %s with "
1949 "Adv-ID[%s] != LS-ID[%s]",
1950 inet_ntop(AF_INET, &ospfh->router_id,
1951 buf1, INET_ADDRSTRLEN),
1952 inet_ntop(AF_INET, &lsa->data->id,
1953 buf2, INET_ADDRSTRLEN),
1954 inet_ntop(AF_INET,
1955 &lsa->data->adv_router, buf3,
1956 INET_ADDRSTRLEN));
af4c2728 1957 flog_err(
cf444bcf 1958 EC_OSPF_DOMAIN_CORRUPT,
d62a17ae 1959 "OSPF domain compromised by attack or corruption. "
1960 "Verify correct operation of -ALL- OSPF routers.");
1961 DISCARD_LSA(lsa, 0);
1962 }
1963
1964 /* Find the LSA in the current database. */
1965
1966 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1967
1968 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1969 currently
1970 no instance of the LSA in the router's link state database,
1971 and none of router's neighbors are in states Exchange or
1972 Loading,
1973 then take the following actions: */
1974
1975 if (IS_LSA_MAXAGE(lsa) && !current
1976 && ospf_check_nbr_status(oi->ospf)) {
1977 /* (4a) Response Link State Acknowledgment. */
1978 ospf_ls_ack_send(nbr, lsa);
1979
1980 /* (4b) Discard LSA. */
1981 if (IS_DEBUG_OSPF(lsa, LSA)) {
1982 zlog_debug(
1983 "Link State Update[%s]: LS age is equal to MaxAge.",
1984 dump_lsa_key(lsa));
1985 }
1986 DISCARD_LSA(lsa, 3);
1987 }
1988
1989 if (IS_OPAQUE_LSA(lsa->data->type)
1990 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1991 &oi->ospf->router_id)) {
1992 /*
1993 * Even if initial flushing seems to be completed, there
1994 * might
1995 * be a case that self-originated LSA with MaxAge still
1996 * remain
1997 * in the routing domain.
1998 * Just send an LSAck message to cease retransmission.
1999 */
2000 if (IS_LSA_MAXAGE(lsa)) {
c9cc11f6 2001 zlog_info("LSA[%s]: Boomerang effect?",
d62a17ae 2002 dump_lsa_key(lsa));
2003 ospf_ls_ack_send(nbr, lsa);
2004 ospf_lsa_discard(lsa);
2005
2006 if (current != NULL && !IS_LSA_MAXAGE(current))
2007 ospf_opaque_lsa_refresh_schedule(
2008 current);
2009 continue;
2010 }
2011
2012 /*
2013 * If an instance of self-originated Opaque-LSA is not
2014 * found
2015 * in the LSDB, there are some possible cases here.
2016 *
2017 * 1) This node lost opaque-capability after restart.
2018 * 2) Else, a part of opaque-type is no more supported.
2019 * 3) Else, a part of opaque-id is no more supported.
2020 *
2021 * Anyway, it is still this node's responsibility to
2022 * flush it.
2023 * Otherwise, the LSA instance remains in the routing
2024 * domain
2025 * until its age reaches to MaxAge.
2026 */
2027 /* XXX: We should deal with this for *ALL* LSAs, not
2028 * just opaque */
2029 if (current == NULL) {
2030 if (IS_DEBUG_OSPF_EVENT)
2031 zlog_debug(
2032 "LSA[%s]: Previously originated Opaque-LSA,"
2033 "not found in the LSDB.",
2034 dump_lsa_key(lsa));
2035
2036 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2037
2038 ospf_opaque_self_originated_lsa_received(nbr,
2039 lsa);
2040 ospf_ls_ack_send(nbr, lsa);
2041
2042 continue;
2043 }
2044 }
2045
2046 /* It might be happen that received LSA is self-originated
2047 * network LSA, but
2048 * router ID is changed. So, we should check if LSA is a
2049 * network-LSA whose
2050 * Link State ID is one of the router's own IP interface
2051 * addresses but whose
2052 * Advertising Router is not equal to the router's own Router ID
2053 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2054 * flushed.
2055 */
2056
2057 if (lsa->data->type == OSPF_NETWORK_LSA) {
2058 struct listnode *oinode, *oinnode;
2059 struct ospf_interface *out_if;
2060 int Flag = 0;
2061
2062 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2063 oinnode, out_if)) {
2064 if (out_if == NULL)
2065 break;
2066
2067 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2068 &lsa->data->id))
2069 && (!(IPV4_ADDR_SAME(
2070 &oi->ospf->router_id,
2071 &lsa->data->adv_router)))) {
2072 if (out_if->network_lsa_self) {
2073 ospf_lsa_flush_area(
2074 lsa, out_if->area);
2075 if (IS_DEBUG_OSPF_EVENT)
2076 zlog_debug(
2077 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2078 (void *)lsa,
2079 (int)lsa->data
2080 ->type);
2081 ospf_lsa_discard(lsa);
2082 Flag = 1;
2083 }
2084 break;
2085 }
2086 }
2087 if (Flag)
2088 continue;
2089 }
2090
2091 /* (5) Find the instance of this LSA that is currently contained
2092 in the router's link state database. If there is no
2093 database copy, or the received LSA is more recent than
2094 the database copy the following steps must be performed.
2095 (The sub steps from RFC 2328 section 13 step (5) will be
2096 performed in
2097 ospf_flood() ) */
2098
2099 if (current == NULL
2100 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
2101 /* Actual flooding procedure. */
2102 if (ospf_flood(oi->ospf, nbr, current, lsa)
2103 < 0) /* Trap NSSA later. */
2104 DISCARD_LSA(lsa, 4);
2105 continue;
2106 }
2107
2108 /* (6) Else, If there is an instance of the LSA on the sending
2109 neighbor's Link state request list, an error has occurred in
2110 the Database Exchange process. In this case, restart the
2111 Database Exchange process by generating the neighbor event
2112 BadLSReq for the sending neighbor and stop processing the
2113 Link State Update packet. */
2114
2115 if (ospf_ls_request_lookup(nbr, lsa)) {
2116 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
c9cc11f6 2117 flog_warn(
cf444bcf 2118 EC_OSPF_PACKET,
d62a17ae 2119 "LSA[%s] instance exists on Link state request list",
2120 dump_lsa_key(lsa));
2121
2122 /* Clean list of LSAs. */
2123 ospf_upd_list_clean(lsas);
2124 /* this lsa is not on lsas list already. */
2125 ospf_lsa_discard(lsa);
2126 return;
2127 }
2128
2129 /* If the received LSA is the same instance as the database copy
2130 (i.e., neither one is more recent) the following two steps
2131 should be performed: */
2132
2133 if (ret == 0) {
2134 /* If the LSA is listed in the Link state retransmission
2135 list
2136 for the receiving adjacency, the router itself is
2137 expecting
2138 an acknowledgment for this LSA. The router should
2139 treat the
2140 received LSA as an acknowledgment by removing the LSA
2141 from
2142 the Link state retransmission list. This is termed
2143 an
2144 "implied acknowledgment". */
2145
2146 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2147
2148 if (ls_ret != NULL) {
2149 ospf_ls_retransmit_delete(nbr, ls_ret);
2150
2151 /* Delayed acknowledgment sent if advertisement
2152 received
2153 from Designated Router, otherwise do nothing.
2154 */
2155 if (oi->state == ISM_Backup)
2156 if (NBR_IS_DR(nbr))
2157 listnode_add(
2158 oi->ls_ack,
2159 ospf_lsa_lock(lsa));
2160
2161 DISCARD_LSA(lsa, 5);
2162 } else
2163 /* Acknowledge the receipt of the LSA by sending a
2164 Link State Acknowledgment packet back out the
2165 receiving
2166 interface. */
2167 {
2168 ospf_ls_ack_send(nbr, lsa);
2169 DISCARD_LSA(lsa, 6);
2170 }
2171 }
2172
2173 /* The database copy is more recent. If the database copy
2174 has LS age equal to MaxAge and LS sequence number equal to
2175 MaxSequenceNumber, simply discard the received LSA without
2176 acknowledging it. (In this case, the LSA's LS sequence number
2177 is
2178 wrapping, and the MaxSequenceNumber LSA must be completely
2179 flushed before any new LSA instance can be introduced). */
2180
2181 else if (ret > 0) /* Database copy is more recent */
2182 {
2183 if (IS_LSA_MAXAGE(current)
2184 && current->data->ls_seqnum
2185 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
2186 DISCARD_LSA(lsa, 7);
2187 }
2188 /* Otherwise, as long as the database copy has not been
2189 sent in a
2190 Link State Update within the last MinLSArrival
2191 seconds, send the
2192 database copy back to the sending neighbor,
2193 encapsulated within
2194 a Link State Update Packet. The Link State Update
2195 Packet should
2196 be sent directly to the neighbor. In so doing, do not
2197 put the
2198 database copy of the LSA on the neighbor's link state
2199 retransmission list, and do not acknowledge the
2200 received (less
2201 recent) LSA instance. */
2202 else {
2203 if (monotime_since(&current->tv_orig, NULL)
2204 >= ospf->min_ls_arrival * 1000LL)
2205 /* Trap NSSA type later.*/
2206 ospf_ls_upd_send_lsa(
2207 nbr, current,
2208 OSPF_SEND_PACKET_DIRECT);
2209 DISCARD_LSA(lsa, 8);
2210 }
2211 }
2212 }
2cd754de
PJ		 2213#undef DISCARD_LSA
2214
d62a17ae 2215 assert(listcount(lsas) == 0);
6a154c88 2216 list_delete(&lsas);
718e3744 2217}
2218
2219/* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
d62a17ae 2220static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2221 struct stream *s, struct ospf_interface *oi,
d7c0a89a 2222 uint16_t size)
d62a17ae 2223{
2224 struct ospf_neighbor *nbr;
2225
2226 /* increment statistics. */
2227 oi->ls_ack_in++;
2228
2229 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2230 if (nbr == NULL) {
cf444bcf 2231 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2232 "Link State Acknowledgment: Unknown Neighbor %s.",
d62a17ae 2233 inet_ntoa(ospfh->router_id));
2234 return;
2235 }
2236
2237 /* Add event to thread. */
2238 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_PacketReceived);
2239
2240 if (nbr->state < NSM_Exchange) {
2241 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2242 zlog_debug(
2243 "Link State Acknowledgment: "
2244 "Neighbor[%s] state %s is less than Exchange",
2245 inet_ntoa(ospfh->router_id),
2246 lookup_msg(ospf_nsm_state_msg, nbr->state,
2247 NULL));
2248 return;
2249 }
2250
2251 while (size >= OSPF_LSA_HEADER_SIZE) {
2252 struct ospf_lsa *lsa, *lsr;
2253
2254 lsa = ospf_lsa_new();
2d34fb80 2255 lsa->data = (struct lsa_header *)stream_pnt(s);
b5a8894d 2256 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 2257
2d34fb80 2258 /* lsah = (struct lsa_header *) stream_pnt (s); */
d62a17ae 2259 size -= OSPF_LSA_HEADER_SIZE;
2260 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2261
2262 if (lsa->data->type < OSPF_MIN_LSA
2263 || lsa->data->type >= OSPF_MAX_LSA) {
2264 lsa->data = NULL;
2265 ospf_lsa_discard(lsa);
2266 continue;
2267 }
2268
2269 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2270
2271 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0)
2272 ospf_ls_retransmit_delete(nbr, lsr);
2273
2274 lsa->data = NULL;
2275 ospf_lsa_discard(lsa);
2276 }
2277
2278 return;
2279}
2280
b5a8894d
CS		 2281static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2282 struct interface **ifp,
d62a17ae 2283 struct stream *ibuf)
2284{
2285 int ret;
2286 struct ip *iph;
d7c0a89a 2287 uint16_t ip_len;
d62a17ae 2288 ifindex_t ifindex = 0;
2289 struct iovec iov;
2290 /* Header and data both require alignment. */
2291 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2292 struct msghdr msgh;
2293
2294 memset(&msgh, 0, sizeof(struct msghdr));
2295 msgh.msg_iov = &iov;
2296 msgh.msg_iovlen = 1;
2297 msgh.msg_control = (caddr_t)buff;
2298 msgh.msg_controllen = sizeof(buff);
2299
2300 ret = stream_recvmsg(ibuf, fd, &msgh, 0, OSPF_MAX_PACKET_SIZE + 1);
2301 if (ret < 0) {
cf444bcf 2302 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
c9cc11f6 2303 safe_strerror(errno));
d62a17ae 2304 return NULL;
2305 }
2306 if ((unsigned int)ret < sizeof(iph)) /* ret must be > 0 now */
718e3744 2307 {
c9cc11f6 2308 flog_warn(
cf444bcf 2309 EC_OSPF_PACKET,
d62a17ae 2310 "ospf_recv_packet: discarding runt packet of length %d "
2311 "(ip header size is %u)",
d7c0a89a 2312 ret, (unsigned int)sizeof(iph));
d62a17ae 2313 return NULL;
2314 }
2315
2316 /* Note that there should not be alignment problems with this assignment
2317 because this is at the beginning of the stream data buffer. */
2318 iph = (struct ip *)STREAM_DATA(ibuf);
2319 sockopt_iphdrincl_swab_systoh(iph);
2320
2321 ip_len = iph->ip_len;
2322
de5ccb96 2323#if !defined(GNU_LINUX) && (OpenBSD < 200311) && (__FreeBSD_version < 1000000)
d62a17ae 2324 /*
2325 * Kernel network code touches incoming IP header parameters,
2326 * before protocol specific processing.
2327 *
2328 * 1) Convert byteorder to host representation.
2329 * --> ip_len, ip_id, ip_off
2330 *
2331 * 2) Adjust ip_len to strip IP header size!
2332 * --> If user process receives entire IP packet via RAW
2333 * socket, it must consider adding IP header size to
2334 * the "ip_len" field of "ip" structure.
2335 *
2336 * For more details, see <netinet/ip_input.c>.
2337 */
2338 ip_len = ip_len + (iph->ip_hl << 2);
718e3744 2339#endif
d62a17ae 2340
0150c9c9 2341#if defined(__DragonFly__)
d62a17ae 2342 /*
2343 * in DragonFly's raw socket, ip_len/ip_off are read
2344 * in network byte order.
2345 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2346 */
2347 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
0150c9c9
DB		 2348#endif
2349
d62a17ae 2350 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2351
b5a8894d 2352 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
d62a17ae 2353
2354 if (ret != ip_len) {
c9cc11f6 2355 flog_warn(
cf444bcf 2356 EC_OSPF_PACKET,
d62a17ae 2357 "ospf_recv_packet read length mismatch: ip_len is %d, "
2358 "but recvmsg returned %d",
2359 ip_len, ret);
2360 return NULL;
2361 }
718e3744 2362
d62a17ae 2363 return ibuf;
718e3744 2364}
2365
4dadc291 2366static struct ospf_interface *
d62a17ae 2367ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2368 struct ip *iph, struct ospf_header *ospfh)
2369{
2370 struct ospf_interface *rcv_oi;
2371 struct ospf_vl_data *vl_data;
2372 struct ospf_area *vl_area;
2373 struct listnode *node;
2374
2375 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2376 || !OSPF_IS_AREA_BACKBONE(ospfh))
2377 return NULL;
2378
2379 /* look for local OSPF interface matching the destination
2380 * to determine Area ID. We presume therefore the destination address
2381 * is unique, or at least (for "unnumbered" links), not used in other
2382 * areas
2383 */
2384 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2385 == NULL)
2386 return NULL;
2387
2388 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2389 vl_area =
2390 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2391 if (!vl_area)
2392 continue;
2393
2394 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2395 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2396 if (IS_DEBUG_OSPF_EVENT)
2397 zlog_debug("associating packet with %s",
2398 IF_NAME(vl_data->vl_oi));
2399 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2400 if (IS_DEBUG_OSPF_EVENT)
2401 zlog_debug(
2402 "This VL is not up yet, sorry");
2403 return NULL;
2404 }
2405
2406 return vl_data->vl_oi;
2407 }
718e3744 2408 }
718e3744 2409
d62a17ae 2410 if (IS_DEBUG_OSPF_EVENT)
2411 zlog_debug("couldn't find any VL to associate the packet with");
2412
2413 return NULL;
718e3744 2414}
2415
d62a17ae 2416static int ospf_check_area_id(struct ospf_interface *oi,
2417 struct ospf_header *ospfh)
718e3744 2418{
d62a17ae 2419 /* Check match the Area ID of the receiving interface. */
2420 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2421 return 1;
718e3744 2422
d62a17ae 2423 return 0;
718e3744 2424}
2425
2426/* Unbound socket will accept any Raw IP packets if proto is matched.
2427 To prevent it, compare src IP address and i/f address with masking
2428 i/f network mask. */
d62a17ae 2429static int ospf_check_network_mask(struct ospf_interface *oi,
2430 struct in_addr ip_src)
718e3744 2431{
d62a17ae 2432 struct in_addr mask, me, him;
718e3744 2433
d62a17ae 2434 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2435 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2436 return 1;
718e3744 2437
d62a17ae 2438 masklen2ip(oi->address->prefixlen, &mask);
718e3744 2439
d62a17ae 2440 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2441 him.s_addr = ip_src.s_addr & mask.s_addr;
718e3744 2442
d62a17ae 2443 if (IPV4_ADDR_SAME(&me, &him))
2444 return 1;
718e3744 2445
d62a17ae 2446 return 0;
718e3744 2447}
2448
bd5651f0
DO		 2449/* Return 1, if the packet is properly authenticated and checksummed,
2450 0 otherwise. In particular, check that AuType header field is valid and
2451 matches the locally configured AuType, and that D.5 requirements are met. */
d62a17ae 2452static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2453{
2454 struct crypt_key *ck;
d7c0a89a
QY		 2455 uint16_t iface_auth_type;
2456 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
d62a17ae 2457
2458 switch (pkt_auth_type) {
2459 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2460 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2461 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2462 flog_warn(
cf444bcf 2463 EC_OSPF_PACKET,
d62a17ae 2464 "interface %s: auth-type mismatch, local %s, rcvd Null",
2465 IF_NAME(oi),
2466 lookup_msg(ospf_auth_type_str,
2467 iface_auth_type, NULL));
2468 return 0;
2469 }
2470 if (!ospf_check_sum(ospfh)) {
2471 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2472 flog_warn(
cf444bcf 2473 EC_OSPF_PACKET,
d62a17ae 2474 "interface %s: Null auth OK, but checksum error, Router-ID %s",
2475 IF_NAME(oi),
2476 inet_ntoa(ospfh->router_id));
2477 return 0;
2478 }
2479 return 1;
2480 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2481 if (OSPF_AUTH_SIMPLE
2482 != (iface_auth_type = ospf_auth_type(oi))) {
2483 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2484 flog_warn(
cf444bcf 2485 EC_OSPF_PACKET,
d62a17ae 2486 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2487 IF_NAME(oi),
2488 lookup_msg(ospf_auth_type_str,
2489 iface_auth_type, NULL));
2490 return 0;
2491 }
2492 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2493 OSPF_AUTH_SIMPLE_SIZE)) {
2494 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2495 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2496 "interface %s: Simple auth failed",
d62a17ae 2497 IF_NAME(oi));
2498 return 0;
2499 }
2500 if (!ospf_check_sum(ospfh)) {
2501 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2502 flog_warn(
cf444bcf 2503 EC_OSPF_PACKET,
d62a17ae 2504 "interface %s: Simple auth OK, checksum error, Router-ID %s",
2505 IF_NAME(oi),
2506 inet_ntoa(ospfh->router_id));
2507 return 0;
2508 }
2509 return 1;
2510 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2511 if (OSPF_AUTH_CRYPTOGRAPHIC
2512 != (iface_auth_type = ospf_auth_type(oi))) {
2513 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2514 flog_warn(
cf444bcf 2515 EC_OSPF_PACKET,
d62a17ae 2516 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2517 IF_NAME(oi),
2518 lookup_msg(ospf_auth_type_str,
2519 iface_auth_type, NULL));
2520 return 0;
2521 }
2522 if (ospfh->checksum) {
2523 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2524 flog_warn(
cf444bcf 2525 EC_OSPF_PACKET,
d62a17ae 2526 "interface %s: OSPF header checksum is not 0",
2527 IF_NAME(oi));
2528 return 0;
2529 }
2530 /* only MD5 crypto method can pass ospf_packet_examin() */
996c9314
LB		 2531 if (NULL == (ck = listgetdata(
2532 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2533 || ospfh->u.crypt.key_id != ck->key_id ||
2534 /* Condition above uses the last key ID on the list,
2535 which is
2536 different from what ospf_crypt_key_lookup() does. A
2537 bug? */
2538 !ospf_check_md5_digest(oi, ospfh)) {
d62a17ae 2539 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2540 flog_warn(EC_OSPF_MD5,
c9cc11f6 2541 "interface %s: MD5 auth failed",
d62a17ae 2542 IF_NAME(oi));
2543 return 0;
2544 }
2545 return 1;
2546 default:
2547 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2548 flog_warn(
cf444bcf 2549 EC_OSPF_PACKET,
d62a17ae 2550 "interface %s: invalid packet auth-type (%02x)",
2551 IF_NAME(oi), pkt_auth_type);
2552 return 0;
2553 }
2554}
2555
2556static int ospf_check_sum(struct ospf_header *ospfh)
2557{
d7c0a89a
QY		 2558 uint32_t ret;
2559 uint16_t sum;
d62a17ae 2560
2561 /* clear auth_data for checksum. */
2562 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2563
2564 /* keep checksum and clear. */
2565 sum = ospfh->checksum;
d7c0a89a 2566 memset(&ospfh->checksum, 0, sizeof(uint16_t));
d62a17ae 2567
2568 /* calculate checksum. */
2569 ret = in_cksum(ospfh, ntohs(ospfh->length));
2570
2571 if (ret != sum) {
2572 zlog_info("ospf_check_sum(): checksum mismatch, my %X, his %X",
2573 ret, sum);
2574 return 0;
2575 }
2576
2577 return 1;
718e3744 2578}
2579
4e31de79
DO		 2580/* Verify, that given link/TOS records are properly sized/aligned and match
2581 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
d62a17ae 2582static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
d7c0a89a
QY		 2583 uint16_t linkbytes,
2584 const uint16_t num_links)
d62a17ae 2585{
2586 unsigned counted_links = 0, thislinklen;
2587
2588 while (linkbytes) {
2589 thislinklen =
2590 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2591 if (thislinklen > linkbytes) {
2592 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2593 zlog_debug("%s: length error in link block #%u",
2594 __func__, counted_links);
2595 return MSG_NG;
2596 }
2597 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2598 linkbytes -= thislinklen;
2599 counted_links++;
2600 }
2601 if (counted_links != num_links) {
2602 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2603 zlog_debug("%s: %u link blocks declared, %u present",
2604 __func__, num_links, counted_links);
2605 return MSG_NG;
2606 }
2607 return MSG_OK;
4e31de79
DO		 2608}
2609
2610/* Verify, that the given LSA is properly sized/aligned (including type-specific
2611 minimum length constraint). */
d7c0a89a
QY		 2612static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2613 const uint8_t headeronly)
d62a17ae 2614{
2615 unsigned ret;
2616 struct router_lsa *rlsa;
2617 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2618 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2619 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2620 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2621 lookup_msg(ospf_lsa_type_msg, lsah->type,
2622 NULL));
2623 return MSG_NG;
2624 }
2625 switch (lsah->type) {
2626 case OSPF_ROUTER_LSA:
2627 /* RFC2328 A.4.2, LSA header + 4 bytes followed by N>=1
2628 * (12+)-byte link blocks */
2629 if (headeronly) {
2630 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2631 - OSPF_ROUTER_LSA_MIN_SIZE)
2632 % 4
2633 ? MSG_NG
2634 : MSG_OK;
2635 break;
2636 }
2637 rlsa = (struct router_lsa *)lsah;
2638 ret = ospf_router_lsa_links_examin(
2639 (struct router_lsa_link *)rlsa->link,
2640 lsalen - OSPF_LSA_HEADER_SIZE - 4, /* skip: basic
2641 header, "flags",
2642 0, "# links" */
2643 ntohs(rlsa->links) /* 16 bits */
9d303b37 2644 );
d62a17ae 2645 break;
2646 case OSPF_AS_EXTERNAL_LSA:
2647 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2648 * blocks */
2649 case OSPF_AS_NSSA_LSA:
2650 /* RFC3101 C, idem */
2651 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2652 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2653 % 12
2654 ? MSG_NG
2655 : MSG_OK;
2656 break;
2657 /* Following LSA types are considered OK length-wise as soon as their
2658 * minimum
2659 * length constraint is met and length of the whole LSA is a multiple of
2660 * 4
2661 * (basic LSA header size is already a multiple of 4). */
2662 case OSPF_NETWORK_LSA:
2663 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2664 case OSPF_SUMMARY_LSA:
2665 case OSPF_ASBR_SUMMARY_LSA:
2666 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2667 * blocks */
2668 case OSPF_OPAQUE_LINK_LSA:
2669 case OSPF_OPAQUE_AREA_LSA:
2670 case OSPF_OPAQUE_AS_LSA:
2671 /* RFC5250 A.2, "some number of octets (of application-specific
2672 * data) padded to 32-bit alignment." This is considered
2673 * equivalent
2674 * to 4-byte alignment of all other LSA types, see
2675 * OSPF-ALIGNMENT.txt
2676 * file for the detailed analysis of this passage. */
2677 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2678 break;
2679 default:
2680 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2681 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2682 lsah->type);
2683 return MSG_NG;
2684 }
2685 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2686 zlog_debug("%s: alignment error in %s", __func__,
2687 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2688 return ret;
4e31de79
DO		 2689}
2690
2691/* Verify if the provided input buffer is a valid sequence of LSAs. This
2692 includes verification of LSA blocks length/alignment and dispatching
2693 of deeper-level checks. */
2694static unsigned
d62a17ae 2695ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
d7c0a89a 2696 size_t length, const uint8_t headeronly,
d62a17ae 2697 /* When declared_num_lsas is not 0, compare it to the real
2698 number of LSAs
2699 and treat the difference as an error. */
d7c0a89a 2700 const uint32_t declared_num_lsas)
d62a17ae 2701{
d7c0a89a 2702 uint32_t counted_lsas = 0;
d62a17ae 2703
2704 while (length) {
d7c0a89a 2705 uint16_t lsalen;
d62a17ae 2706 if (length < OSPF_LSA_HEADER_SIZE) {
2707 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2708 zlog_debug(
2709 "%s: undersized (%zu B) trailing (#%u) LSA header",
2710 __func__, length, counted_lsas);
2711 return MSG_NG;
2712 }
2713 /* save on ntohs() calls here and in the LSA validator */
2714 lsalen = ntohs(lsah->length);
2715 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2716 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2717 zlog_debug(
2718 "%s: malformed LSA header #%u, declared length is %u B",
2719 __func__, counted_lsas, lsalen);
2720 return MSG_NG;
2721 }
2722 if (headeronly) {
2723 /* less checks here and in ospf_lsa_examin() */
2724 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2725 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2726 zlog_debug(
2727 "%s: malformed header-only LSA #%u",
2728 __func__, counted_lsas);
2729 return MSG_NG;
2730 }
2731 lsah = (struct lsa_header *)((caddr_t)lsah
2732 + OSPF_LSA_HEADER_SIZE);
2733 length -= OSPF_LSA_HEADER_SIZE;
2734 } else {
2735 /* make sure the input buffer is deep enough before
2736 * further checks */
2737 if (lsalen > length) {
2738 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2739 zlog_debug(
2740 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2741 __func__, counted_lsas, lsalen,
2742 length);
2743 return MSG_NG;
2744 }
2745 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2746 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2747 zlog_debug("%s: malformed LSA #%u",
2748 __func__, counted_lsas);
2749 return MSG_NG;
2750 }
2751 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2752 length -= lsalen;
2753 }
2754 counted_lsas++;
2755 }
2756
2757 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2758 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2759 zlog_debug(
2760 "%s: #LSAs declared (%u) does not match actual (%u)",
2761 __func__, declared_num_lsas, counted_lsas);
2762 return MSG_NG;
2763 }
2764 return MSG_OK;
4e31de79
DO		 2765}
2766
75c8eabb 2767/* Verify a complete OSPF packet for proper sizing/alignment. */
d62a17ae 2768static unsigned ospf_packet_examin(struct ospf_header *oh,
2769 const unsigned bytesonwire)
2770{
d7c0a89a 2771 uint16_t bytesdeclared, bytesauth;
d62a17ae 2772 unsigned ret;
2773 struct ospf_ls_update *lsupd;
2774
2775 /* Length, 1st approximation. */
2776 if (bytesonwire < OSPF_HEADER_SIZE) {
2777 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2778 zlog_debug("%s: undersized (%u B) packet", __func__,
2779 bytesonwire);
2780 return MSG_NG;
2781 }
2782 /* Now it is safe to access header fields. Performing length check,
2783 * allow
2784 * for possible extra bytes of crypto auth/padding, which are not
2785 * counted
2786 * in the OSPF header "length" field. */
2787 if (oh->version != OSPF_VERSION) {
2788 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2789 zlog_debug("%s: invalid (%u) protocol version",
2790 __func__, oh->version);
2791 return MSG_NG;
2792 }
2793 bytesdeclared = ntohs(oh->length);
2794 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2795 bytesauth = 0;
2796 else {
2797 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2798 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2799 zlog_debug(
2800 "%s: unsupported crypto auth length (%u B)",
2801 __func__, oh->u.crypt.auth_data_len);
2802 return MSG_NG;
2803 }
2804 bytesauth = OSPF_AUTH_MD5_SIZE;
2805 }
2806 if (bytesdeclared + bytesauth > bytesonwire) {
2807 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2808 zlog_debug(
2809 "%s: packet length error (%u real, %u+%u declared)",
2810 __func__, bytesonwire, bytesdeclared,
2811 bytesauth);
2812 return MSG_NG;
2813 }
2814 /* Length, 2nd approximation. The type-specific constraint is checked
2815 against declared length, not amount of bytes on wire. */
2816 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2817 && bytesdeclared
2818 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2819 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2820 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2821 bytesdeclared,
2822 lookup_msg(ospf_packet_type_str, oh->type,
2823 NULL));
2824 return MSG_NG;
2825 }
2826 switch (oh->type) {
2827 case OSPF_MSG_HELLO:
2828 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2829 followed
2830 by N>=0 router-IDs. */
2831 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2832 % 4
2833 ? MSG_NG
2834 : MSG_OK;
2835 break;
2836 case OSPF_MSG_DB_DESC:
2837 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2838 followed
2839 by N>=0 header-only LSAs. */
2840 ret = ospf_lsaseq_examin(
2841 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2842 + OSPF_DB_DESC_MIN_SIZE),
2843 bytesdeclared - OSPF_HEADER_SIZE
2844 - OSPF_DB_DESC_MIN_SIZE,
2845 1, /* header-only LSAs */
2846 0);
2847 break;
2848 case OSPF_MSG_LS_REQ:
2849 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2850 * request blocks. */
2851 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2852 % OSPF_LSA_KEY_SIZE
2853 ? MSG_NG
2854 : MSG_OK;
2855 break;
2856 case OSPF_MSG_LS_UPD:
2857 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2858 followed
2859 by N>=0 full LSAs (with N declared beforehand). */
2860 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2861 + OSPF_HEADER_SIZE);
2862 ret = ospf_lsaseq_examin(
2863 (struct lsa_header *)((caddr_t)lsupd
2864 + OSPF_LS_UPD_MIN_SIZE),
2865 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2866 0, /* full LSAs */
2867 ntohl(lsupd->num_lsas) /* 32 bits */
9d303b37 2868 );
d62a17ae 2869 break;
2870 case OSPF_MSG_LS_ACK:
2871 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2872 * LSAs. */
2873 ret = ospf_lsaseq_examin(
2874 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2875 + OSPF_LS_ACK_MIN_SIZE),
2876 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2877 1, /* header-only LSAs */
2878 0);
2879 break;
2880 default:
2881 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2882 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2883 oh->type);
2884 return MSG_NG;
2885 }
2886 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2887 zlog_debug("%s: malformed %s packet", __func__,
2888 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2889 return ret;
75c8eabb
DO		 2890}
2891
718e3744 2892/* OSPF Header verification. */
d62a17ae 2893static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2894 struct ip *iph, struct ospf_header *ospfh)
2895{
2896 /* Check Area ID. */
2897 if (!ospf_check_area_id(oi, ospfh)) {
cf444bcf 2898 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2899 "interface %s: ospf_read invalid Area ID %s.",
d62a17ae 2900 IF_NAME(oi), inet_ntoa(ospfh->area_id));
2901 return -1;
2902 }
718e3744 2903
d62a17ae 2904 /* Check network mask, Silently discarded. */
2905 if (!ospf_check_network_mask(oi, iph->ip_src)) {
c9cc11f6 2906 flog_warn(
cf444bcf 2907 EC_OSPF_PACKET,
d62a17ae 2908 "interface %s: ospf_read network address is not same [%s]",
2909 IF_NAME(oi), inet_ntoa(iph->ip_src));
2910 return -1;
2911 }
718e3744 2912
d62a17ae 2913 /* Check authentication. The function handles logging actions, where
2914 * required. */
2915 if (!ospf_check_auth(oi, ospfh))
2916 return -1;
718e3744 2917
d62a17ae 2918 return 0;
718e3744 2919}
2920
2921/* Starting point of packet process function. */
d62a17ae 2922int ospf_read(struct thread *thread)
2923{
2924 int ret;
2925 struct stream *ibuf;
2926 struct ospf *ospf;
2927 struct ospf_interface *oi;
2928 struct ip *iph;
2929 struct ospf_header *ospfh;
d7c0a89a 2930 uint16_t length;
b5a8894d 2931 struct interface *ifp = NULL;
d62a17ae 2932 struct connected *c;
2933
2934 /* first of all get interface pointer. */
2935 ospf = THREAD_ARG(thread);
2936
2937 /* prepare for next packet. */
2938 ospf->t_read = NULL;
2939 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
2940
2941 stream_reset(ospf->ibuf);
b5a8894d
CS		 2942 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2943 if (ibuf == NULL)
d62a17ae 2944 return -1;
2945 /* This raw packet is known to be at least as big as its IP header. */
2946
2947 /* Note that there should not be alignment problems with this assignment
2948 because this is at the beginning of the stream data buffer. */
2949 iph = (struct ip *)STREAM_DATA(ibuf);
2950 /* Note that sockopt_iphdrincl_swab_systoh was called in
2951 * ospf_recv_packet. */
2952
2953 if (ifp == NULL) {
2954 /* Handle cases where the platform does not support retrieving
2955 the ifindex,
2956 and also platforms (such as Solaris 8) that claim to support
2957 ifindex
2958 retrieval but do not. */
2959 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
b5a8894d 2960 ospf->vrf_id);
d62a17ae 2961 if (c)
2962 ifp = c->ifp;
2963 if (ifp == NULL)
2964 return 0;
2965 }
2966
2967 /* IP Header dump. */
2968 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2969 ospf_ip_header_dump(iph);
2970
2971 /* Self-originated packet should be discarded silently. */
2972 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
2973 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
2974 zlog_debug(
2975 "ospf_read[%s]: Dropping self-originated packet",
2976 inet_ntoa(iph->ip_src));
2977 }
2978 return 0;
2979 }
2980
2981 /* Advance from IP header to OSPF header (iph->ip_hl has been verified
2982 by ospf_recv_packet() to be correct). */
2983 stream_forward_getp(ibuf, iph->ip_hl * 4);
2984
2d34fb80 2985 ospfh = (struct ospf_header *)stream_pnt(ibuf);
d62a17ae 2986 if (MSG_OK
9d303b37
DL		 2987 != ospf_packet_examin(
2988 ospfh, stream_get_endp(ibuf) - stream_get_getp(ibuf)))
d62a17ae 2989 return -1;
2990 /* Now it is safe to access all fields of OSPF packet header. */
2991
2992 /* associate packet with ospf interface */
2993 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
2994
2995 /* ospf_verify_header() relies on a valid "oi" and thus can be called
2996 only
2997 after the passive/backbone/other checks below are passed. These
2998 checks
2999 in turn access the fields of unverified "ospfh" structure for their
3000 own
3001 purposes and must remain very accurate in doing this. */
3002
3003 /* If incoming interface is passive one, ignore it. */
3004 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
3005 char buf[3][INET_ADDRSTRLEN];
3006
3007 if (IS_DEBUG_OSPF_EVENT)
3008 zlog_debug(
3009 "ignoring packet from router %s sent to %s, "
3010 "received on a passive interface, %s",
3011 inet_ntop(AF_INET, &ospfh->router_id, buf[0],
3012 sizeof(buf[0])),
3013 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3014 sizeof(buf[1])),
3015 inet_ntop(AF_INET, &oi->address->u.prefix4,
3016 buf[2], sizeof(buf[2])));
3017
3018 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3019 /* Try to fix multicast membership.
3020 * Some OS:es may have problems in this area,
3021 * make sure it is removed.
3022 */
3023 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3024 ospf_if_set_multicast(oi);
3025 }
3026 return 0;
3027 }
3028
3029
3030 /* if no local ospf_interface,
3031 * or header area is backbone but ospf_interface is not
3032 * check for VLINK interface
3033 */
9d303b37
DL		 3034 if ((oi == NULL) || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3035 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
d62a17ae 3036 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3037 == NULL) {
3038 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
3039 zlog_debug(
3040 "Packet from [%s] received on link %s"
3041 " but no ospf_interface",
3042 inet_ntoa(iph->ip_src), ifp->name);
3043 return 0;
3044 }
3045 }
3046
3047 /* else it must be a local ospf interface, check it was received on
3048 * correct link
3049 */
3050 else if (oi->ifp != ifp) {
3051 if (IS_DEBUG_OSPF_EVENT)
cf444bcf 3052 flog_warn(EC_OSPF_PACKET,
c9cc11f6 3053 "Packet from [%s] received on wrong link %s",
d62a17ae 3054 inet_ntoa(iph->ip_src), ifp->name);
3055 return 0;
3056 } else if (oi->state == ISM_Down) {
3057 char buf[2][INET_ADDRSTRLEN];
c9cc11f6 3058 flog_warn(
cf444bcf 3059 EC_OSPF_PACKET,
d62a17ae 3060 "Ignoring packet from %s to %s received on interface that is "
3061 "down [%s]; interface flags are %s",
3062 inet_ntop(AF_INET, &iph->ip_src, buf[0],
3063 sizeof(buf[0])),
3064 inet_ntop(AF_INET, &iph->ip_dst, buf[1],
3065 sizeof(buf[1])),
3066 ifp->name, if_flag_dump(ifp->flags));
3067 /* Fix multicast memberships? */
3068 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3069 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3070 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3071 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3072 if (oi->multicast_memberships)
3073 ospf_if_set_multicast(oi);
3074 return 0;
3075 }
3076
3077 /*
3078 * If the received packet is destined for AllDRouters, the packet
3079 * should be accepted only if the received ospf interface state is
3080 * either DR or Backup -- endo.
3081 */
3082 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3083 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
c9cc11f6 3084 flog_warn(
cf444bcf 3085 EC_OSPF_PACKET,
d62a17ae 3086 "Dropping packet for AllDRouters from [%s] via [%s] (ISM: %s)",
3087 inet_ntoa(iph->ip_src), IF_NAME(oi),
3088 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3089 /* Try to fix multicast membership. */
3090 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3091 ospf_if_set_multicast(oi);
3092 return 0;
3093 }
3094
3095 /* Verify more OSPF header fields. */
3096 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3097 if (ret < 0) {
3098 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3099 zlog_debug(
3100 "ospf_read[%s]: Header check failed, "
3101 "dropping.",
3102 inet_ntoa(iph->ip_src));
3103 return ret;
3104 }
3105
3106 /* Show debug receiving packet. */
3107 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3108 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3109 zlog_debug(
3110 "-----------------------------------------------------");
3111 ospf_packet_dump(ibuf);
3112 }
3113
3114 zlog_debug("%s received from [%s] via [%s]",
3115 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
3116 inet_ntoa(ospfh->router_id), IF_NAME(oi));
3117 zlog_debug(" src [%s],", inet_ntoa(iph->ip_src));
3118 zlog_debug(" dst [%s]", inet_ntoa(iph->ip_dst));
3119
3120 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3121 zlog_debug(
3122 "-----------------------------------------------------");
3123 }
3124
3125 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3126
3127 /* Adjust size to message length. */
3128 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3129
3130 /* Read rest of the packet and call each sort of packet routine. */
3131 switch (ospfh->type) {
3132 case OSPF_MSG_HELLO:
3133 ospf_hello(iph, ospfh, ibuf, oi, length);
3134 break;
3135 case OSPF_MSG_DB_DESC:
3136 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3137 break;
3138 case OSPF_MSG_LS_REQ:
3139 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3140 break;
3141 case OSPF_MSG_LS_UPD:
3142 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3143 break;
3144 case OSPF_MSG_LS_ACK:
3145 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3146 break;
3147 default:
cf444bcf 3148 flog_warn(EC_OSPF_PACKET,
c9cc11f6 3149 "interface %s: OSPF packet header type %d is illegal",
d62a17ae 3150 IF_NAME(oi), ospfh->type);
3151 break;
3152 }
3153
b10ce841 3154 return 0;
718e3744 3155}
3156
3157/* Make OSPF header. */
d62a17ae 3158static void ospf_make_header(int type, struct ospf_interface *oi,
3159 struct stream *s)
718e3744 3160{
d62a17ae 3161 struct ospf_header *ospfh;
718e3744 3162
d62a17ae 3163 ospfh = (struct ospf_header *)STREAM_DATA(s);
718e3744 3164
d7c0a89a
QY		 3165 ospfh->version = (uint8_t)OSPF_VERSION;
3166 ospfh->type = (uint8_t)type;
718e3744 3167
d62a17ae 3168 ospfh->router_id = oi->ospf->router_id;
718e3744 3169
d62a17ae 3170 ospfh->checksum = 0;
3171 ospfh->area_id = oi->area->area_id;
3172 ospfh->auth_type = htons(ospf_auth_type(oi));
718e3744 3173
d62a17ae 3174 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
718e3744 3175
d62a17ae 3176 stream_forward_endp(s, OSPF_HEADER_SIZE);
718e3744 3177}
3178
3179/* Make Authentication Data. */
d62a17ae 3180static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3181{
3182 struct crypt_key *ck;
3183
3184 switch (ospf_auth_type(oi)) {
3185 case OSPF_AUTH_NULL:
3186 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3187 */
3188 break;
3189 case OSPF_AUTH_SIMPLE:
3190 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3191 OSPF_AUTH_SIMPLE_SIZE);
3192 break;
3193 case OSPF_AUTH_CRYPTOGRAPHIC:
3194 /* If key is not set, then set 0. */
3195 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3196 ospfh->u.crypt.zero = 0;
3197 ospfh->u.crypt.key_id = 0;
3198 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3199 } else {
3200 ck = listgetdata(
3201 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3202 ospfh->u.crypt.zero = 0;
3203 ospfh->u.crypt.key_id = ck->key_id;
3204 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3205 }
3206 /* note: the seq is done in ospf_make_md5_digest() */
3207 break;
3208 default:
3209 /* memset (ospfh->u.auth_data, 0, sizeof (ospfh->u.auth_data));
3210 */
3211 break;
718e3744 3212 }
718e3744 3213
d62a17ae 3214 return 0;
718e3744 3215}
3216
3217/* Fill rest of OSPF header. */
d62a17ae 3218static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
d7c0a89a 3219 uint16_t length)
d62a17ae 3220{
3221 struct ospf_header *ospfh;
3222
3223 ospfh = (struct ospf_header *)STREAM_DATA(s);
3224
3225 /* Fill length. */
3226 ospfh->length = htons(length);
3227
3228 /* Calculate checksum. */
3229 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3230 ospfh->checksum = in_cksum(ospfh, length);
3231 else
3232 ospfh->checksum = 0;
3233
3234 /* Add Authentication Data. */
3235 ospf_make_auth(oi, ospfh);
3236}
3237
3238static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3239{
3240 struct ospf_neighbor *nbr;
3241 struct route_node *rn;
d7c0a89a 3242 uint16_t length = OSPF_HELLO_MIN_SIZE;
d62a17ae 3243 struct in_addr mask;
3244 unsigned long p;
3245 int flag = 0;
3246
3247 /* Set netmask of interface. */
3248 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3249 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3250 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3251 masklen2ip(oi->address->prefixlen, &mask);
3252 else
3253 memset((char *)&mask, 0, sizeof(struct in_addr));
3254 stream_put_ipv4(s, mask.s_addr);
3255
3256 /* Set Hello Interval. */
3257 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3258 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3259 else
3260 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3261
3262 if (IS_DEBUG_OSPF_EVENT)
3263 zlog_debug("make_hello: options: %x, int: %s", OPTIONS(oi),
3264 IF_NAME(oi));
3265
3266 /* Set Options. */
3267 stream_putc(s, OPTIONS(oi));
3268
3269 /* Set Router Priority. */
3270 stream_putc(s, PRIORITY(oi));
3271
3272 /* Set Router Dead Interval. */
3273 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3274
3275 /* Set Designated Router. */
3276 stream_put_ipv4(s, DR(oi).s_addr);
3277
3278 p = stream_get_endp(s);
3279
3280 /* Set Backup Designated Router. */
3281 stream_put_ipv4(s, BDR(oi).s_addr);
3282
3283 /* Add neighbor seen. */
3284 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3285 if ((nbr = rn->info))
3286 if (nbr->router_id.s_addr
3287 != 0) /* Ignore 0.0.0.0 node. */
3288 if (nbr->state
3289 != NSM_Attempt) /* Ignore Down neighbor. */
3290 if (nbr->state
3291 != NSM_Down) /* This is myself for
3292 DR election. */
3293 if (!IPV4_ADDR_SAME(
3294 &nbr->router_id,
3295 &oi->ospf->router_id)) {
3296 /* Check neighbor is
3297 * sane? */
3298 if (nbr->d_router.s_addr
3299 != 0
3300 && IPV4_ADDR_SAME(
3301 &nbr->d_router,
3302 &oi->address
3303 ->u
3304 .prefix4)
3305 && IPV4_ADDR_SAME(
3306 &nbr->bd_router,
3307 &oi->address
3308 ->u
3309 .prefix4))
3310 flag = 1;
3311
3312 stream_put_ipv4(
3313 s,
3314 nbr->router_id
3315 .s_addr);
3316 length += 4;
3317 }
3318
3319 /* Let neighbor generate BackupSeen. */
3320 if (flag == 1)
3321 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3322
3323 return length;
3324}
3325
3326static int ospf_make_db_desc(struct ospf_interface *oi,
3327 struct ospf_neighbor *nbr, struct stream *s)
3328{
3329 struct ospf_lsa *lsa;
d7c0a89a
QY		 3330 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3331 uint8_t options;
d62a17ae 3332 unsigned long pp;
3333 int i;
3334 struct ospf_lsdb *lsdb;
3335
3336 /* Set Interface MTU. */
3337 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3338 stream_putw(s, 0);
3339 else
3340 stream_putw(s, oi->ifp->mtu);
3341
3342 /* Set Options. */
3343 options = OPTIONS(oi);
3344 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3345 SET_FLAG(options, OSPF_OPTION_O);
3346 stream_putc(s, options);
3347
3348 /* DD flags */
3349 pp = stream_get_endp(s);
3350 stream_putc(s, nbr->dd_flags);
3351
3352 /* Set DD Sequence Number. */
3353 stream_putl(s, nbr->dd_seqnum);
3354
3355 /* shortcut unneeded walk of (empty) summary LSDBs */
3356 if (ospf_db_summary_isempty(nbr))
3357 goto empty;
3358
3359 /* Describe LSA Header from Database Summary List. */
3360 lsdb = &nbr->db_sum;
3361
3362 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3363 struct route_table *table = lsdb->type[i].db;
3364 struct route_node *rn;
3365
3366 for (rn = route_top(table); rn; rn = route_next(rn))
3367 if ((lsa = rn->info) != NULL) {
3368 if (IS_OPAQUE_LSA(lsa->data->type)
3369 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3370 /* Suppress advertising
0437e105 3371 * opaque-information. */
d62a17ae 3372 /* Remove LSA from DB summary list. */
3373 ospf_lsdb_delete(lsdb, lsa);
3374 continue;
3375 }
3376
3377 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3378 struct lsa_header *lsah;
d7c0a89a 3379 uint16_t ls_age;
d62a17ae 3380
3381 /* DD packet overflows interface MTU. */
3382 if (length + OSPF_LSA_HEADER_SIZE
3383 > ospf_packet_max(oi))
3384 break;
3385
3386 /* Keep pointer to LS age. */
3387 lsah = (struct lsa_header
3388 *)(STREAM_DATA(s)
3389 + stream_get_endp(
3390 s));
3391
3392 /* Proceed stream pointer. */
3393 stream_put(s, lsa->data,
3394 OSPF_LSA_HEADER_SIZE);
3395 length += OSPF_LSA_HEADER_SIZE;
3396
3397 /* Set LS age. */
3398 ls_age = LS_AGE(lsa);
3399 lsah->ls_age = htons(ls_age);
3400 }
3401
3402 /* Remove LSA from DB summary list. */
3403 ospf_lsdb_delete(lsdb, lsa);
3404 }
3405 }
718e3744 3406
d62a17ae 3407 /* Update 'More' bit */
3408 if (ospf_db_summary_isempty(nbr)) {
3409 empty:
3410 if (nbr->state >= NSM_Exchange) {
3411 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3412 /* Rewrite DD flags */
3413 stream_putc_at(s, pp, nbr->dd_flags);
3414 } else {
3415 assert(IS_SET_DD_M(nbr->dd_flags));
3416 }
3417 }
3418 return length;
3419}
86f1fd96 3420
d7c0a89a 3421static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
d62a17ae 3422 unsigned long delta, struct ospf_neighbor *nbr,
3423 struct ospf_lsa *lsa)
3424{
3425 struct ospf_interface *oi;
718e3744 3426
d62a17ae 3427 oi = nbr->oi;
718e3744 3428
d62a17ae 3429 /* LS Request packet overflows interface MTU. */
3430 if (*length + delta > ospf_packet_max(oi))
3431 return 0;
1eb8ef25 3432
d62a17ae 3433 stream_putl(s, lsa->data->type);
3434 stream_put_ipv4(s, lsa->data->id.s_addr);
3435 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
718e3744 3436
d62a17ae 3437 ospf_lsa_unlock(&nbr->ls_req_last);
3438 nbr->ls_req_last = ospf_lsa_lock(lsa);
59ea14c6 3439
d62a17ae 3440 *length += 12;
3441 return 1;
3442}
718e3744 3443
d62a17ae 3444static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3445{
3446 struct ospf_lsa *lsa;
d7c0a89a 3447 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
d62a17ae 3448 unsigned long delta = stream_get_endp(s) + 12;
3449 struct route_table *table;
3450 struct route_node *rn;
3451 int i;
3452 struct ospf_lsdb *lsdb;
718e3744 3453
d62a17ae 3454 lsdb = &nbr->ls_req;
718e3744 3455
d62a17ae 3456 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3457 table = lsdb->type[i].db;
3458 for (rn = route_top(table); rn; rn = route_next(rn))
3459 if ((lsa = (rn->info)) != NULL)
3460 if (ospf_make_ls_req_func(s, &length, delta,
3461 nbr, lsa)
3462 == 0) {
3463 route_unlock_node(rn);
3464 break;
3465 }
3466 }
3467 return length;
3468}
718e3744 3469
d62a17ae 3470static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3471{
3472 int age;
718e3744 3473
d62a17ae 3474 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
718e3744 3475
d62a17ae 3476 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
718e3744 3477}
3478
d62a17ae 3479static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3480 struct stream *s)
718e3744 3481{
d62a17ae 3482 struct ospf_lsa *lsa;
3483 struct listnode *node;
d7c0a89a 3484 uint16_t length = 0;
d62a17ae 3485 unsigned int size_noauth;
3486 unsigned long delta = stream_get_endp(s);
3487 unsigned long pp;
3488 int count = 0;
3489
3490 if (IS_DEBUG_OSPF_EVENT)
3491 zlog_debug("ospf_make_ls_upd: Start");
3492
3493 pp = stream_get_endp(s);
3494 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3495 length += OSPF_LS_UPD_MIN_SIZE;
3496
3497 /* Calculate amount of packet usable for data. */
3498 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3499
3500 while ((node = listhead(update)) != NULL) {
3501 struct lsa_header *lsah;
d7c0a89a 3502 uint16_t ls_age;
d62a17ae 3503
3504 if (IS_DEBUG_OSPF_EVENT)
3505 zlog_debug("ospf_make_ls_upd: List Iteration %d",
3506 count);
3507
3508 lsa = listgetdata(node);
3509
3510 assert(lsa->data);
3511
3512 /* Will it fit? */
3513 if (length + delta + ntohs(lsa->data->length) > size_noauth)
3514 break;
3515
3516 /* Keep pointer to LS age. */
3517 lsah = (struct lsa_header *)(STREAM_DATA(s)
3518 + stream_get_endp(s));
3519
3520 /* Put LSA to Link State Request. */
3521 stream_put(s, lsa->data, ntohs(lsa->data->length));
718e3744 3522
d62a17ae 3523 /* Set LS age. */
3524 /* each hop must increment an lsa_age by transmit_delay
3525 of OSPF interface */
3526 ls_age = ls_age_increment(lsa,
3527 OSPF_IF_PARAM(oi, transmit_delay));
3528 lsah->ls_age = htons(ls_age);
3529
3530 length += ntohs(lsa->data->length);
3531 count++;
3532
3533 list_delete_node(update, node);
3534 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3535 }
3536
3537 /* Now set #LSAs. */
3538 stream_putl_at(s, pp, count);
3539
3540 if (IS_DEBUG_OSPF_EVENT)
3541 zlog_debug("ospf_make_ls_upd: Stop");
3542 return length;
718e3744 3543}
3544
d62a17ae 3545static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3546 struct stream *s)
718e3744 3547{
d62a17ae 3548 struct listnode *node, *nnode;
d7c0a89a 3549 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
d62a17ae 3550 unsigned long delta = stream_get_endp(s) + 24;
3551 struct ospf_lsa *lsa;
718e3744 3552
d62a17ae 3553 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3554 assert(lsa);
718e3744 3555
d62a17ae 3556 if (length + delta > ospf_packet_max(oi))
3557 break;
718e3744 3558
d62a17ae 3559 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3560 length += OSPF_LSA_HEADER_SIZE;
3561
3562 listnode_delete(ack, lsa);
3563 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3564 }
3565
3566 return length;
3567}
3568
3569static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3570{
3571 struct ospf_packet *op;
d7c0a89a 3572 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3573
d62a17ae 3574 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3575
d62a17ae 3576 /* Prepare OSPF common header. */
3577 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
718e3744 3578
d62a17ae 3579 /* Prepare OSPF Hello body. */
3580 length += ospf_make_hello(oi, op->s);
718e3744 3581
d62a17ae 3582 /* Fill OSPF header. */
3583 ospf_fill_header(oi, op->s, length);
718e3744 3584
d62a17ae 3585 /* Set packet length. */
3586 op->length = length;
3587
3588 op->dst.s_addr = addr;
3589
b5a8894d
CS		 3590 if (IS_DEBUG_OSPF_EVENT) {
3591 if (oi->ospf->vrf_id)
996c9314
LB		 3592 zlog_debug(
3593 "%s: Hello Tx interface %s ospf vrf %s id %u",
3594 __PRETTY_FUNCTION__, oi->ifp->name,
3595 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3596 oi->ospf->vrf_id);
b5a8894d 3597 }
d62a17ae 3598 /* Add packet to the top of the interface output queue, so that they
3599 * can't get delayed by things like long queues of LS Update packets
3600 */
3601 ospf_packet_add_top(oi, op);
3602
3603 /* Hook thread to write packet. */
3604 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3605}
3606
d62a17ae 3607static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
718e3744 3608{
d62a17ae 3609 struct ospf_interface *oi;
718e3744 3610
d62a17ae 3611 oi = nbr_nbma->oi;
3612 assert(oi);
718e3744 3613
d62a17ae 3614 /* If this is passive interface, do not send OSPF Hello. */
3615 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3616 return;
718e3744 3617
d62a17ae 3618 if (oi->type != OSPF_IFTYPE_NBMA)
3619 return;
718e3744 3620
d62a17ae 3621 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3622 return;
718e3744 3623
d62a17ae 3624 if (PRIORITY(oi) == 0)
3625 return;
718e3744 3626
d62a17ae 3627 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3628 && oi->state != ISM_Backup)
3629 return;
718e3744 3630
d62a17ae 3631 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
718e3744 3632}
3633
d62a17ae 3634int ospf_poll_timer(struct thread *thread)
718e3744 3635{
d62a17ae 3636 struct ospf_nbr_nbma *nbr_nbma;
718e3744 3637
d62a17ae 3638 nbr_nbma = THREAD_ARG(thread);
3639 nbr_nbma->t_poll = NULL;
718e3744 3640
d62a17ae 3641 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3642 zlog_debug("NSM[%s:%s]: Timer (Poll timer expire)",
3643 IF_NAME(nbr_nbma->oi), inet_ntoa(nbr_nbma->addr));
718e3744 3644
d62a17ae 3645 ospf_poll_send(nbr_nbma);
718e3744 3646
d62a17ae 3647 if (nbr_nbma->v_poll > 0)
3648 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3649 nbr_nbma->v_poll);
718e3744 3650
d62a17ae 3651 return 0;
718e3744 3652}
3653
3654
d62a17ae 3655int ospf_hello_reply_timer(struct thread *thread)
718e3744 3656{
d62a17ae 3657 struct ospf_neighbor *nbr;
718e3744 3658
d62a17ae 3659 nbr = THREAD_ARG(thread);
3660 nbr->t_hello_reply = NULL;
718e3744 3661
d62a17ae 3662 assert(nbr->oi);
718e3744 3663
d62a17ae 3664 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
3665 zlog_debug("NSM[%s:%s]: Timer (hello-reply timer expire)",
3666 IF_NAME(nbr->oi), inet_ntoa(nbr->router_id));
718e3744 3667
d62a17ae 3668 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
718e3744 3669
d62a17ae 3670 return 0;
718e3744 3671}
3672
3673/* Send OSPF Hello. */
d62a17ae 3674void ospf_hello_send(struct ospf_interface *oi)
3675{
3676 /* If this is passive interface, do not send OSPF Hello. */
3677 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3678 return;
3679
3680 if (oi->type == OSPF_IFTYPE_NBMA) {
3681 struct ospf_neighbor *nbr;
3682 struct route_node *rn;
3683
3684 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
3685 if ((nbr = rn->info))
3686 if (nbr != oi->nbr_self)
3687 if (nbr->state != NSM_Down) {
3688 /* RFC 2328 Section 9.5.1
3689 If the router is not
3690 eligible to become Designated
3691 Router,
3692 it must periodically send
3693 Hello Packets to both the
3694 Designated Router and the
3695 Backup Designated Router (if
3696 they
3697 exist). */
3698 if (PRIORITY(oi) == 0
3699 && IPV4_ADDR_CMP(
3700 &DR(oi),
3701 &nbr->address.u
3702 .prefix4)
3703 && IPV4_ADDR_CMP(
3704 &BDR(oi),
3705 &nbr->address.u
3706 .prefix4))
3707 continue;
3708
3709 /* If the router is eligible to
3710 become Designated Router, it
3711 must periodically send Hello
3712 Packets to all neighbors that
3713 are also eligible. In
3714 addition, if the router is
3715 itself the
3716 Designated Router or Backup
3717 Designated Router, it must
3718 also
3719 send periodic Hello Packets
3720 to all other neighbors. */
3721
3722 if (nbr->priority == 0
3723 && oi->state == ISM_DROther)
3724 continue;
3725 /* if oi->state == Waiting, send
3726 * hello to all neighbors */
3727 ospf_hello_send_sub(
3728 oi,
3729 nbr->address.u.prefix4
3730 .s_addr);
3731 }
3732 } else {
3733 /* Decide destination address. */
3734 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3735 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3736 else
3737 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3738 }
718e3744 3739}
3740
3741/* Send OSPF Database Description. */
d62a17ae 3742void ospf_db_desc_send(struct ospf_neighbor *nbr)
718e3744 3743{
d62a17ae 3744 struct ospf_interface *oi;
3745 struct ospf_packet *op;
d7c0a89a 3746 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3747
d62a17ae 3748 oi = nbr->oi;
3749 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3750
d62a17ae 3751 /* Prepare OSPF common header. */
3752 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
718e3744 3753
d62a17ae 3754 /* Prepare OSPF Database Description body. */
3755 length += ospf_make_db_desc(oi, nbr, op->s);
718e3744 3756
d62a17ae 3757 /* Fill OSPF header. */
3758 ospf_fill_header(oi, op->s, length);
718e3744 3759
d62a17ae 3760 /* Set packet length. */
3761 op->length = length;
718e3744 3762
d62a17ae 3763 /* Decide destination address. */
3764 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3765 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3766 else
3767 op->dst = nbr->address.u.prefix4;
718e3744 3768
d62a17ae 3769 /* Add packet to the interface output queue. */
3770 ospf_packet_add(oi, op);
718e3744 3771
d62a17ae 3772 /* Hook thread to write packet. */
3773 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3774
d62a17ae 3775 /* Remove old DD packet, then copy new one and keep in neighbor
3776 * structure. */
3777 if (nbr->last_send)
3778 ospf_packet_free(nbr->last_send);
3779 nbr->last_send = ospf_packet_dup(op);
3780 monotime(&nbr->last_send_ts);
718e3744 3781}
3782
3783/* Re-send Database Description. */
d62a17ae 3784void ospf_db_desc_resend(struct ospf_neighbor *nbr)
718e3744 3785{
d62a17ae 3786 struct ospf_interface *oi;
718e3744 3787
d62a17ae 3788 oi = nbr->oi;
718e3744 3789
d62a17ae 3790 /* Add packet to the interface output queue. */
3791 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
718e3744 3792
d62a17ae 3793 /* Hook thread to write packet. */
3794 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3795}
3796
3797/* Send Link State Request. */
d62a17ae 3798void ospf_ls_req_send(struct ospf_neighbor *nbr)
718e3744 3799{
d62a17ae 3800 struct ospf_interface *oi;
3801 struct ospf_packet *op;
d7c0a89a 3802 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3803
d62a17ae 3804 oi = nbr->oi;
3805 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3806
d62a17ae 3807 /* Prepare OSPF common header. */
3808 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
718e3744 3809
d62a17ae 3810 /* Prepare OSPF Link State Request body. */
3811 length += ospf_make_ls_req(nbr, op->s);
3812 if (length == OSPF_HEADER_SIZE) {
3813 ospf_packet_free(op);
3814 return;
3815 }
718e3744 3816
d62a17ae 3817 /* Fill OSPF header. */
3818 ospf_fill_header(oi, op->s, length);
718e3744 3819
d62a17ae 3820 /* Set packet length. */
3821 op->length = length;
718e3744 3822
d62a17ae 3823 /* Decide destination address. */
3824 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3825 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3826 else
3827 op->dst = nbr->address.u.prefix4;
718e3744 3828
d62a17ae 3829 /* Add packet to the interface output queue. */
3830 ospf_packet_add(oi, op);
718e3744 3831
d62a17ae 3832 /* Hook thread to write packet. */
3833 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3834
d62a17ae 3835 /* Add Link State Request Retransmission Timer. */
3836 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 3837}
3838
3839/* Send Link State Update with an LSA. */
d62a17ae 3840void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3841 int flag)
718e3744 3842{
d62a17ae 3843 struct list *update;
718e3744 3844
d62a17ae 3845 update = list_new();
718e3744 3846
d62a17ae 3847 listnode_add(update, lsa);
046460a1
CS		 3848
3849 /*ospf instance is going down, send self originated
3850 * MAXAGE LSA update to neighbors to remove from LSDB */
3851 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3852 ospf_ls_upd_send(nbr, update, flag, 1);
3853 else
3854 ospf_ls_upd_send(nbr, update, flag, 0);
718e3744 3855
6a154c88 3856 list_delete(&update);
718e3744 3857}
3858
68b7339a 3859/* Determine size for packet. Must be at least big enough to accomodate next
3860 * LSA on list, which may be bigger than MTU size.
3861 *
3862 * Return pointer to new ospf_packet
3863 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3864 * on packet sizes (in which case offending LSA is deleted from update list)
3865 */
d62a17ae 3866static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3867 struct ospf_interface *oi)
3868{
3869 struct ospf_lsa *lsa;
3870 struct listnode *ln;
3871 size_t size;
3872 static char warned = 0;
3873
3874 lsa = listgetdata((ln = listhead(update)));
3875 assert(lsa->data);
3876
3877 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3878 > ospf_packet_max(oi)) {
3879 if (!warned) {
c9cc11f6 3880 flog_warn(
cf444bcf 3881 EC_OSPF_LARGE_LSA,
d62a17ae 3882 "ospf_ls_upd_packet_new: oversized LSA encountered!"
3883 "will need to fragment. Not optimal. Try divide up"
3884 " your network with areas. Use 'debug ospf packet send'"
3885 " to see details, or look at 'show ip ospf database ..'");
3886 warned = 1;
3887 }
3888
3889 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3890 zlog_debug(
3891 "ospf_ls_upd_packet_new: oversized LSA id:%s,"
3892 " %d bytes originated by %s, will be fragmented!",
3893 inet_ntoa(lsa->data->id),
3894 ntohs(lsa->data->length),
3895 inet_ntoa(lsa->data->adv_router));
3896
3897 /*
3898 * Allocate just enough to fit this LSA only, to avoid including
3899 * other
3900 * LSAs in fragmented LSA Updates.
3901 */
3902 size = ntohs(lsa->data->length)
3903 + (oi->ifp->mtu - ospf_packet_max(oi))
3904 + OSPF_LS_UPD_MIN_SIZE;
3905 } else
3906 size = oi->ifp->mtu;
3907
3908 if (size > OSPF_MAX_PACKET_SIZE) {
cf444bcf 3909 flog_warn(EC_OSPF_LARGE_LSA,
c9cc11f6
DS		 3910 "ospf_ls_upd_packet_new: oversized LSA id:%s too big,"
3911 " %d bytes, packet size %ld, dropping it completely."
3912 " OSPF routing is broken!",
3913 inet_ntoa(lsa->data->id), ntohs(lsa->data->length),
3914 (long int)size);
d62a17ae 3915 list_delete_node(update, ln);
3916 return NULL;
3917 }
718e3744 3918
d62a17ae 3919 /* IP header is built up separately by ospf_write(). This means, that we
3920 * must
3921 * reduce the "affordable" size just calculated by length of an IP
3922 * header.
3923 * This makes sure, that even if we manage to fill the payload with LSA
3924 * data
3925 * completely, the final packet (our data plus IP header) still fits
3926 * into
3927 * outgoing interface MTU. This correction isn't really meaningful for
3928 * an
3929 * oversized LSA, but for consistency the correction is done for both
3930 * cases.
3931 *
3932 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
3933 */
3934 return ospf_packet_new(size - sizeof(struct ip));
718e3744 3935}
3936
d62a17ae 3937static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
046460a1
CS		 3938 struct list *update, struct in_addr addr,
3939 int send_lsupd_now)
718e3744 3940{
d62a17ae 3941 struct ospf_packet *op;
d7c0a89a 3942 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 3943
3944 if (IS_DEBUG_OSPF_EVENT)
3945 zlog_debug("listcount = %d, [%s]dst %s", listcount(update),
3946 IF_NAME(oi), inet_ntoa(addr));
3947
19274fe8
OD		 3948 /* Check that we have really something to process */
3949 if (listcount(update) == 0)
3950 return;
3951
d62a17ae 3952 op = ospf_ls_upd_packet_new(update, oi);
718e3744 3953
d62a17ae 3954 /* Prepare OSPF common header. */
3955 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
718e3744 3956
d62a17ae 3957 /* Prepare OSPF Link State Update body.
3958 * Includes Type-7 translation.
3959 */
3960 length += ospf_make_ls_upd(oi, update, op->s);
3961
3962 /* Fill OSPF header. */
3963 ospf_fill_header(oi, op->s, length);
3964
3965 /* Set packet length. */
3966 op->length = length;
3967
3968 /* Decide destination address. */
3969 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3970 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3971 else
3972 op->dst.s_addr = addr.s_addr;
3973
3974 /* Add packet to the interface output queue. */
3975 ospf_packet_add(oi, op);
046460a1
CS		 3976 /* Call ospf_write() right away to send ospf packets to neighbors */
3977 if (send_lsupd_now) {
3978 struct thread os_packet_thd;
3979
3980 os_packet_thd.arg = (void *)oi->ospf;
3981 if (oi->on_write_q == 0) {
3982 listnode_add(oi->ospf->oi_write_q, oi);
3983 oi->on_write_q = 1;
3984 }
3985 ospf_write(&os_packet_thd);
3986 } else {
3987 /* Hook thread to write packet. */
3988 OSPF_ISM_WRITE_ON(oi->ospf);
3989 }
d62a17ae 3990}
3991
3992static int ospf_ls_upd_send_queue_event(struct thread *thread)
3993{
3994 struct ospf_interface *oi = THREAD_ARG(thread);
3995 struct route_node *rn;
3996 struct route_node *rnext;
3997 struct list *update;
3998 char again = 0;
3999
4000 oi->t_ls_upd_event = NULL;
4001
4002 if (IS_DEBUG_OSPF_EVENT)
4003 zlog_debug("ospf_ls_upd_send_queue start");
4004
4005 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4006 rnext = route_next(rn);
4007
4008 if (rn->info == NULL)
4009 continue;
4010
4011 update = (struct list *)rn->info;
4012
046460a1 4013 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
d62a17ae 4014
4015 /* list might not be empty. */
4016 if (listcount(update) == 0) {
6a154c88 4017 list_delete((struct list **)&rn->info);
d62a17ae 4018 route_unlock_node(rn);
4019 } else
4020 again = 1;
4021 }
4022
4023 if (again != 0) {
4024 if (IS_DEBUG_OSPF_EVENT)
4025 zlog_debug(
4026 "ospf_ls_upd_send_queue: update lists not cleared,"
4027 " %d nodes to try again, raising new event",
4028 again);
4029 oi->t_ls_upd_event = NULL;
4030 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4031 &oi->t_ls_upd_event);
4032 }
4033
4034 if (IS_DEBUG_OSPF_EVENT)
4035 zlog_debug("ospf_ls_upd_send_queue stop");
4036
4037 return 0;
4038}
4039
046460a1
CS		 4040void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4041 int send_lsupd_now)
d62a17ae 4042{
4043 struct ospf_interface *oi;
4044 struct ospf_lsa *lsa;
4045 struct prefix_ipv4 p;
4046 struct route_node *rn;
4047 struct listnode *node;
4048
4049 oi = nbr->oi;
4050
4051 p.family = AF_INET;
4052 p.prefixlen = IPV4_MAX_BITLEN;
4053
4054 /* Decide destination address. */
4055 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4056 p.prefix = oi->vl_data->peer_addr;
4057 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4058 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4059 else if (flag == OSPF_SEND_PACKET_DIRECT)
4060 p.prefix = nbr->address.u.prefix4;
4061 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4062 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4063 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4064 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4065 else
4066 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4067
4068 if (oi->type == OSPF_IFTYPE_NBMA) {
4069 if (flag == OSPF_SEND_PACKET_INDIRECT)
c9cc11f6 4070 flog_warn(
cf444bcf 4071 EC_OSPF_PACKET,
d62a17ae 4072 "* LS-Update is directly sent on NBMA network.");
19aad877 4073 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
cf444bcf 4074 flog_warn(EC_OSPF_PACKET,
c9cc11f6 4075 "* LS-Update is sent to myself.");
d62a17ae 4076 }
4077
4078 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4079
4080 if (rn->info == NULL)
4081 rn->info = list_new();
4082 else
4083 route_unlock_node(rn);
4084
4085 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4086 listnode_add(rn->info,
4087 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
046460a1
CS		 4088 if (send_lsupd_now) {
4089 struct list *send_update_list;
f7813c7c 4090 struct route_node *rnext;
d62a17ae 4091
046460a1
CS		 4092 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4093 rnext = route_next(rn);
4094
4095 if (rn->info == NULL)
4096 continue;
4097
4098 send_update_list = (struct list *)rn->info;
4099
4100 ospf_ls_upd_queue_send(oi, send_update_list,
4101 rn->p.u.prefix4, 1);
046460a1
CS		 4102 }
4103 } else
4104 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
996c9314 4105 &oi->t_ls_upd_event);
718e3744 4106}
4107
d62a17ae 4108static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4109 struct in_addr dst)
718e3744 4110{
d62a17ae 4111 struct ospf_packet *op;
d7c0a89a 4112 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4113
4114 op = ospf_packet_new(oi->ifp->mtu);
4115
4116 /* Prepare OSPF common header. */
4117 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4118
4119 /* Prepare OSPF Link State Acknowledgment body. */
4120 length += ospf_make_ls_ack(oi, ack, op->s);
4121
4122 /* Fill OSPF header. */
4123 ospf_fill_header(oi, op->s, length);
718e3744 4124
d62a17ae 4125 /* Set packet length. */
4126 op->length = length;
4127
4128 /* Decide destination address. */
4129 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4130 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4131 else
4132 op->dst.s_addr = dst.s_addr;
4133
4134 /* Add packet to the interface output queue. */
4135 ospf_packet_add(oi, op);
4136
4137 /* Hook thread to write packet. */
4138 OSPF_ISM_WRITE_ON(oi->ospf);
4139}
4140
4141static int ospf_ls_ack_send_event(struct thread *thread)
4142{
4143 struct ospf_interface *oi = THREAD_ARG(thread);
4144
4145 oi->t_ls_ack_direct = NULL;
4146
4147 while (listcount(oi->ls_ack_direct.ls_ack))
4148 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4149 oi->ls_ack_direct.dst);
4150
4151 return 0;
4152}
4153
4154void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4155{
4156 struct ospf_interface *oi = nbr->oi;
4157
4158 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4159 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4160
4161 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4162
4163 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4164 &oi->t_ls_ack_direct);
718e3744 4165}
4166
4167/* Send Link State Acknowledgment delayed. */
d62a17ae 4168void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4169{
4170 struct in_addr dst;
4171
4172 /* Decide destination address. */
4173 /* RFC2328 Section 13.5 On non-broadcast
4174 networks, delayed Link State Acknowledgment packets must be
4175 unicast separately over each adjacency (i.e., neighbor whose
4176 state is >= Exchange). */
4177 if (oi->type == OSPF_IFTYPE_NBMA) {
4178 struct ospf_neighbor *nbr;
4179 struct route_node *rn;
4180
4181 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn))
4182 if ((nbr = rn->info) != NULL)
4183 if (nbr != oi->nbr_self
4184 && nbr->state >= NSM_Exchange)
4185 while (listcount(oi->ls_ack))
4186 ospf_ls_ack_send_list(
4187 oi, oi->ls_ack,
4188 nbr->address.u.prefix4);
4189 return;
4190 }
4191 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4192 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4193 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4194 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4195 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4196 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4197 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4198 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4199 else
4200 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4201
4202 while (listcount(oi->ls_ack))
4203 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
718e3744 4204}
8b6912c2
DS		 4205
4206/*
4207 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4208 * address. As a result, the kernel does not need to learn the interface
4209 * MAC of the OSPF neighbor. However, in our world, this will delay
4210 * convergence. Take the case when due to a link flap, all routes now
4211 * want to use an interface which was deemed to be costlier prior to this
4212 * event. For routes that will be installed, the missing MAC will have
4213 * punt-to-CPU set on them. This may overload the CPU control path that
4214 * can be avoided if the MAC was known apriori.
4215 */
89a48046 4216#define OSPF_PING_NBR_STR_MAX (BUFSIZ)
d62a17ae 4217void ospf_proactively_arp(struct ospf_neighbor *nbr)
4218{
4219 char ping_nbr[OSPF_PING_NBR_STR_MAX];
d62a17ae 4220 int ret;
4221
4222 if (!nbr || !nbr->oi || !nbr->oi->ifp)
4223 return;
4224
89a48046 4225 snprintf(ping_nbr, sizeof(ping_nbr),
996c9314
LB		 4226 "ping -c 1 -I %s %s > /dev/null 2>&1 &", nbr->oi->ifp->name,
4227 inet_ntoa(nbr->address.u.prefix4));
89a48046 4228
d62a17ae 4229 ret = system(ping_nbr);
4230 if (IS_DEBUG_OSPF_EVENT)
4231 zlog_debug("Executed %s %s", ping_nbr,
4232 ((ret == 0) ? "successfully" : "but failed"));
8b6912c2 4233}
FRRouting mirror