]> git.proxmox.com Git - mirror_frr.git/blame - ospfd/ospf_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #12366 from manojvn/ospfv2-flood-reduction
[mirror_frr.git] / ospfd / ospf_packet.c
CommitLineData
acddc0ed 1// SPDX-License-Identifier: GPL-2.0-or-later
718e3744 2/*
3 * OSPF Sending and Receiving OSPF Packets.
4 * Copyright (C) 1999, 2000 Toshiaki Takada
718e3744 5 */
6
7#include <zebra.h>
8
cbf3e3eb 9#include "monotime.h"
718e3744 10#include "thread.h"
11#include "memory.h"
12#include "linklist.h"
13#include "prefix.h"
14#include "if.h"
15#include "table.h"
16#include "sockunion.h"
17#include "stream.h"
18#include "log.h"
2dd8bb4e 19#include "sockopt.h"
484315fd 20#include "checksum.h"
0513a271 21#ifdef CRYPTO_INTERNAL
c1a03d47 22#include "md5.h"
0513a271 23#endif
7e2b7603 24#include "vrf.h"
c9cc11f6 25#include "lib_errors.h"
718e3744 26
27#include "ospfd/ospfd.h"
28#include "ospfd/ospf_network.h"
29#include "ospfd/ospf_interface.h"
30#include "ospfd/ospf_ism.h"
ee09fbc0 31#include "ospfd/ospf_abr.h"
718e3744 32#include "ospfd/ospf_asbr.h"
33#include "ospfd/ospf_lsa.h"
34#include "ospfd/ospf_lsdb.h"
35#include "ospfd/ospf_neighbor.h"
36#include "ospfd/ospf_nsm.h"
37#include "ospfd/ospf_packet.h"
38#include "ospfd/ospf_spf.h"
39#include "ospfd/ospf_flood.h"
40#include "ospfd/ospf_dump.h"
c9cc11f6 41#include "ospfd/ospf_errors.h"
aa530b62 42#include "ospfd/ospf_zebra.h"
cd52c44c 43#include "ospfd/ospf_gr.h"
718e3744 44
166b75c2
DS		 45/*
46 * OSPF Fragmentation / fragmented writes
47 *
48 * ospfd can support writing fragmented packets, for cases where
49 * kernel will not fragment IP_HDRINCL and/or multicast destined
50 * packets (ie TTBOMK all kernels, BSD, SunOS, Linux). However,
51 * SunOS, probably BSD too, clobber the user supplied IP ID and IP
52 * flags fields, hence user-space fragmentation will not work.
53 * Only Linux is known to leave IP header unmolested.
54 * Further, fragmentation really should be done the kernel, which already
55 * supports it, and which avoids nasty IP ID state problems.
56 *
57 * Fragmentation of OSPF packets can be required on networks with router
58 * with many many interfaces active in one area, or on networks with links
59 * with low MTUs.
60 */
61#ifdef GNU_LINUX
62#define WANT_OSPF_WRITE_FRAGMENT
63#endif
64
718e3744 65/* Packet Type String. */
d62a17ae 66const struct message ospf_packet_type_str[] = {
67 {OSPF_MSG_HELLO, "Hello"},
68 {OSPF_MSG_DB_DESC, "Database Description"},
69 {OSPF_MSG_LS_REQ, "Link State Request"},
70 {OSPF_MSG_LS_UPD, "Link State Update"},
71 {OSPF_MSG_LS_ACK, "Link State Acknowledgment"},
72 {0}};
718e3744 73
75c8eabb
DO		 74/* Minimum (besides OSPF_HEADER_SIZE) lengths for OSPF packets of
75 particular types, offset is the "type" field of a packet. */
d7c0a89a 76static const uint16_t ospf_packet_minlen[] = {
d62a17ae 77 0,
78 OSPF_HELLO_MIN_SIZE,
79 OSPF_DB_DESC_MIN_SIZE,
80 OSPF_LS_REQ_MIN_SIZE,
81 OSPF_LS_UPD_MIN_SIZE,
82 OSPF_LS_ACK_MIN_SIZE,
75c8eabb
DO		 83};
84
4e31de79
DO		 85/* Minimum (besides OSPF_LSA_HEADER_SIZE) lengths for LSAs of particular
86 types, offset is the "LSA type" field. */
d7c0a89a 87static const uint16_t ospf_lsa_minlen[] = {
07a62e58
DS		 88 0, /* OSPF_UNKNOWN_LSA */
89 OSPF_ROUTER_LSA_MIN_SIZE, /* OSPF_ROUTER_LSA */
90 OSPF_NETWORK_LSA_MIN_SIZE, /* OSPF_NETWORK_LSA */
91 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_SUMMARY_LSA */
92 OSPF_SUMMARY_LSA_MIN_SIZE, /* OSPF_ASBR_SUMMARY_LSA */
93 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_EXTERNAL_LSA */
94 0, /* Unsupported, OSPF_GROUP_MEMBER_LSA */
95 OSPF_AS_EXTERNAL_LSA_MIN_SIZE, /* OSPF_AS_NSSA_LSA */
96 0, /* Unsupported, OSPF_EXTERNAL_ATTRIBURES_LSA */
97 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_LINK_LSA */
98 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AREA_LSA */
99 OSPF_OPAQUE_LSA_MIN_SIZE, /* OSPF_OPAQUE_AS_LSA */
4e31de79
DO		 100};
101
bd5651f0 102/* for ospf_check_auth() */
d62a17ae 103static int ospf_check_sum(struct ospf_header *);
bd5651f0 104
718e3744 105/* OSPF authentication checking function */
d62a17ae 106static int ospf_auth_type(struct ospf_interface *oi)
718e3744 107{
d62a17ae 108 int auth_type;
718e3744 109
d62a17ae 110 if (OSPF_IF_PARAM(oi, auth_type) == OSPF_AUTH_NOTSET)
111 auth_type = oi->area->auth_type;
112 else
113 auth_type = OSPF_IF_PARAM(oi, auth_type);
718e3744 114
d62a17ae 115 /* Handle case where MD5 key list is not configured aka Cisco */
116 if (auth_type == OSPF_AUTH_CRYPTOGRAPHIC
117 && list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
118 return OSPF_AUTH_NULL;
718e3744 119
d62a17ae 120 return auth_type;
718e3744 121}
122
7cec50a5 123static struct ospf_packet *ospf_packet_new(size_t size)
718e3744 124{
d62a17ae 125 struct ospf_packet *new;
718e3744 126
d62a17ae 127 new = XCALLOC(MTYPE_OSPF_PACKET, sizeof(struct ospf_packet));
128 new->s = stream_new(size);
718e3744 129
d62a17ae 130 return new;
718e3744 131}
132
d62a17ae 133void ospf_packet_free(struct ospf_packet *op)
718e3744 134{
d62a17ae 135 if (op->s)
136 stream_free(op->s);
718e3744 137
d62a17ae 138 XFREE(MTYPE_OSPF_PACKET, op);
718e3744 139}
140
4d762f26 141struct ospf_fifo *ospf_fifo_new(void)
718e3744 142{
d62a17ae 143 struct ospf_fifo *new;
718e3744 144
d62a17ae 145 new = XCALLOC(MTYPE_OSPF_FIFO, sizeof(struct ospf_fifo));
146 return new;
718e3744 147}
148
149/* Add new packet to fifo. */
d62a17ae 150void ospf_fifo_push(struct ospf_fifo *fifo, struct ospf_packet *op)
718e3744 151{
d62a17ae 152 if (fifo->tail)
153 fifo->tail->next = op;
154 else
155 fifo->head = op;
718e3744 156
d62a17ae 157 fifo->tail = op;
718e3744 158
d62a17ae 159 fifo->count++;
718e3744 160}
161
aa276fd7 162/* Add new packet to head of fifo. */
d62a17ae 163static void ospf_fifo_push_head(struct ospf_fifo *fifo, struct ospf_packet *op)
aa276fd7 164{
d62a17ae 165 op->next = fifo->head;
166
167 if (fifo->tail == NULL)
168 fifo->tail = op;
169
170 fifo->head = op;
171
172 fifo->count++;
aa276fd7
PJ		 173}
174
718e3744 175/* Delete first packet from fifo. */
d62a17ae 176struct ospf_packet *ospf_fifo_pop(struct ospf_fifo *fifo)
718e3744 177{
d62a17ae 178 struct ospf_packet *op;
718e3744 179
d62a17ae 180 op = fifo->head;
718e3744 181
d62a17ae 182 if (op) {
183 fifo->head = op->next;
718e3744 184
d62a17ae 185 if (fifo->head == NULL)
186 fifo->tail = NULL;
718e3744 187
d62a17ae 188 fifo->count--;
189 }
718e3744 190
d62a17ae 191 return op;
718e3744 192}
193
194/* Return first fifo entry. */
d62a17ae 195struct ospf_packet *ospf_fifo_head(struct ospf_fifo *fifo)
718e3744 196{
d62a17ae 197 return fifo->head;
718e3744 198}
199
200/* Flush ospf packet fifo. */
d62a17ae 201void ospf_fifo_flush(struct ospf_fifo *fifo)
718e3744 202{
d62a17ae 203 struct ospf_packet *op;
204 struct ospf_packet *next;
718e3744 205
d62a17ae 206 for (op = fifo->head; op; op = next) {
207 next = op->next;
208 ospf_packet_free(op);
209 }
210 fifo->head = fifo->tail = NULL;
211 fifo->count = 0;
718e3744 212}
213
214/* Free ospf packet fifo. */
d62a17ae 215void ospf_fifo_free(struct ospf_fifo *fifo)
718e3744 216{
d62a17ae 217 ospf_fifo_flush(fifo);
718e3744 218
d62a17ae 219 XFREE(MTYPE_OSPF_FIFO, fifo);
718e3744 220}
221
7cec50a5 222static void ospf_packet_add(struct ospf_interface *oi, struct ospf_packet *op)
718e3744 223{
d62a17ae 224 /* Add packet to end of queue. */
225 ospf_fifo_push(oi->obuf, op);
718e3744 226
d62a17ae 227 /* Debug of packet fifo*/
228 /* ospf_fifo_debug (oi->obuf); */
718e3744 229}
230
d62a17ae 231static void ospf_packet_add_top(struct ospf_interface *oi,
232 struct ospf_packet *op)
aa276fd7 233{
d62a17ae 234 /* Add packet to head of queue. */
235 ospf_fifo_push_head(oi->obuf, op);
aa276fd7 236
d62a17ae 237 /* Debug of packet fifo*/
238 /* ospf_fifo_debug (oi->obuf); */
aa276fd7
PJ		 239}
240
7cec50a5 241static void ospf_packet_delete(struct ospf_interface *oi)
718e3744 242{
d62a17ae 243 struct ospf_packet *op;
244
245 op = ospf_fifo_pop(oi->obuf);
718e3744 246
d62a17ae 247 if (op)
248 ospf_packet_free(op);
718e3744 249}
250
7cec50a5 251static struct ospf_packet *ospf_packet_dup(struct ospf_packet *op)
718e3744 252{
d62a17ae 253 struct ospf_packet *new;
718e3744 254
d62a17ae 255 if (stream_get_endp(op->s) != op->length)
256 /* XXX size_t */
c9cc11f6 257 zlog_debug(
d62a17ae 258 "ospf_packet_dup stream %lu ospf_packet %u size mismatch",
d7c0a89a 259 (unsigned long)STREAM_SIZE(op->s), op->length);
30961a15 260
d62a17ae 261 /* Reserve space for MD5 authentication that may be added later. */
262 new = ospf_packet_new(stream_get_endp(op->s) + OSPF_AUTH_MD5_SIZE);
263 stream_copy(new->s, op->s);
718e3744 264
d62a17ae 265 new->dst = op->dst;
266 new->length = op->length;
718e3744 267
d62a17ae 268 return new;
718e3744 269}
270
86f1fd96 271/* XXX inline */
d62a17ae 272static unsigned int ospf_packet_authspace(struct ospf_interface *oi)
86f1fd96 273{
d62a17ae 274 int auth = 0;
86f1fd96 275
d62a17ae 276 if (ospf_auth_type(oi) == OSPF_AUTH_CRYPTOGRAPHIC)
277 auth = OSPF_AUTH_MD5_SIZE;
86f1fd96 278
d62a17ae 279 return auth;
86f1fd96 280}
281
d62a17ae 282static unsigned int ospf_packet_max(struct ospf_interface *oi)
718e3744 283{
d62a17ae 284 int max;
718e3744 285
d62a17ae 286 max = oi->ifp->mtu - ospf_packet_authspace(oi);
86f1fd96 287
d62a17ae 288 max -= (OSPF_HEADER_SIZE + sizeof(struct ip));
718e3744 289
d62a17ae 290 return max;
718e3744 291}
292
6b0655a2 293
d62a17ae 294static int ospf_check_md5_digest(struct ospf_interface *oi,
295 struct ospf_header *ospfh)
718e3744 296{
0513a271
MR		 297#ifdef CRYPTO_OPENSSL
298 EVP_MD_CTX *ctx;
299#elif CRYPTO_INTERNAL
d62a17ae 300 MD5_CTX ctx;
0513a271 301#endif
d62a17ae 302 unsigned char digest[OSPF_AUTH_MD5_SIZE];
303 struct crypt_key *ck;
304 struct ospf_neighbor *nbr;
d7c0a89a 305 uint16_t length = ntohs(ospfh->length);
d62a17ae 306
307 /* Get secret key. */
308 ck = ospf_crypt_key_lookup(OSPF_IF_PARAM(oi, auth_crypt),
309 ospfh->u.crypt.key_id);
310 if (ck == NULL) {
1c50c1c0
QY		 311 flog_warn(EC_OSPF_MD5, "interface %s: ospf_check_md5 no key %d",
312 IF_NAME(oi), ospfh->u.crypt.key_id);
d62a17ae 313 return 0;
314 }
718e3744 315
d62a17ae 316 /* check crypto seqnum. */
317 nbr = ospf_nbr_lookup_by_routerid(oi->nbrs, &ospfh->router_id);
718e3744 318
d62a17ae 319 if (nbr
320 && ntohl(nbr->crypt_seqnum) > ntohl(ospfh->u.crypt.crypt_seqnum)) {
c9cc11f6 321 flog_warn(
cf444bcf 322 EC_OSPF_MD5,
d62a17ae 323 "interface %s: ospf_check_md5 bad sequence %d (expect %d)",
324 IF_NAME(oi), ntohl(ospfh->u.crypt.crypt_seqnum),
325 ntohl(nbr->crypt_seqnum));
326 return 0;
327 }
718e3744 328
d62a17ae 329 /* Generate a digest for the ospf packet - their digest + our digest. */
0513a271
MR		 330#ifdef CRYPTO_OPENSSL
331 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
332 ctx = EVP_MD_CTX_new();
333 EVP_DigestInit(ctx, EVP_md5());
334 EVP_DigestUpdate(ctx, ospfh, length);
335 EVP_DigestUpdate(ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
336 EVP_DigestFinal(ctx, digest, &md5_size);
337 EVP_MD_CTX_free(ctx);
338#elif CRYPTO_INTERNAL
d62a17ae 339 memset(&ctx, 0, sizeof(ctx));
340 MD5Init(&ctx);
341 MD5Update(&ctx, ospfh, length);
342 MD5Update(&ctx, ck->auth_key, OSPF_AUTH_MD5_SIZE);
343 MD5Final(digest, &ctx);
0513a271 344#endif
d62a17ae 345
346 /* compare the two */
347 if (memcmp((caddr_t)ospfh + length, digest, OSPF_AUTH_MD5_SIZE)) {
cf444bcf 348 flog_warn(EC_OSPF_MD5,
c9cc11f6 349 "interface %s: ospf_check_md5 checksum mismatch",
d62a17ae 350 IF_NAME(oi));
351 return 0;
352 }
718e3744 353
d62a17ae 354 /* save neighbor's crypt_seqnum */
355 if (nbr)
356 nbr->crypt_seqnum = ospfh->u.crypt.crypt_seqnum;
357 return 1;
718e3744 358}
359
360/* This function is called from ospf_write(), it will detect the
361 authentication scheme and if it is MD5, it will change the sequence
362 and update the MD5 digest. */
d62a17ae 363static int ospf_make_md5_digest(struct ospf_interface *oi,
364 struct ospf_packet *op)
365{
366 struct ospf_header *ospfh;
367 unsigned char digest[OSPF_AUTH_MD5_SIZE] = {0};
0513a271
MR		 368#ifdef CRYPTO_OPENSSL
369 EVP_MD_CTX *ctx;
370#elif CRYPTO_INTERNAL
d62a17ae 371 MD5_CTX ctx;
0513a271 372#endif
d62a17ae 373 void *ibuf;
d7c0a89a 374 uint32_t t;
d62a17ae 375 struct crypt_key *ck;
d7c0a89a 376 const uint8_t *auth_key;
d62a17ae 377
378 ibuf = STREAM_DATA(op->s);
379 ospfh = (struct ospf_header *)ibuf;
380
381 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
382 return 0;
383
384 /* We do this here so when we dup a packet, we don't have to
385 waste CPU rewriting other headers.
386
b72aae2e 387 Note that frr_time /deliberately/ is not used here */
d62a17ae 388 t = (time(NULL) & 0xFFFFFFFF);
389 if (t > oi->crypt_seqnum)
390 oi->crypt_seqnum = t;
391 else
392 oi->crypt_seqnum++;
393
394 ospfh->u.crypt.crypt_seqnum = htonl(oi->crypt_seqnum);
395
396 /* Get MD5 Authentication key from auth_key list. */
397 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt)))
d7c0a89a 398 auth_key = (const uint8_t *)digest;
d62a17ae 399 else {
400 ck = listgetdata(listtail(OSPF_IF_PARAM(oi, auth_crypt)));
401 auth_key = ck->auth_key;
402 }
718e3744 403
d62a17ae 404 /* Generate a digest for the entire packet + our secret key. */
0513a271
MR		 405#ifdef CRYPTO_OPENSSL
406 unsigned int md5_size = OSPF_AUTH_MD5_SIZE;
407 ctx = EVP_MD_CTX_new();
408 EVP_DigestInit(ctx, EVP_md5());
409 EVP_DigestUpdate(ctx, ibuf, ntohs(ospfh->length));
410 EVP_DigestUpdate(ctx, auth_key, OSPF_AUTH_MD5_SIZE);
411 EVP_DigestFinal(ctx, digest, &md5_size);
412 EVP_MD_CTX_free(ctx);
413#elif CRYPTO_INTERNAL
d62a17ae 414 memset(&ctx, 0, sizeof(ctx));
415 MD5Init(&ctx);
416 MD5Update(&ctx, ibuf, ntohs(ospfh->length));
417 MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
418 MD5Final(digest, &ctx);
0513a271 419#endif
718e3744 420
d62a17ae 421 /* Append md5 digest to the end of the stream. */
422 stream_put(op->s, digest, OSPF_AUTH_MD5_SIZE);
718e3744 423
d62a17ae 424 /* We do *NOT* increment the OSPF header length. */
425 op->length = ntohs(ospfh->length) + OSPF_AUTH_MD5_SIZE;
30961a15 426
d62a17ae 427 if (stream_get_endp(op->s) != op->length)
428 /* XXX size_t */
ea892800 429 flog_warn(EC_OSPF_MD5,
430 "%s: length mismatch stream %lu ospf_packet %u",
431 __func__, (unsigned long)stream_get_endp(op->s),
432 op->length);
718e3744 433
d62a17ae 434 return OSPF_AUTH_MD5_SIZE;
718e3744 435}
436
6b0655a2 437
cc9f21da 438static void ospf_ls_req_timer(struct thread *thread)
718e3744 439{
d62a17ae 440 struct ospf_neighbor *nbr;
718e3744 441
d62a17ae 442 nbr = THREAD_ARG(thread);
443 nbr->t_ls_req = NULL;
718e3744 444
d62a17ae 445 /* Send Link State Request. */
446 if (ospf_ls_request_count(nbr))
447 ospf_ls_req_send(nbr);
718e3744 448
d62a17ae 449 /* Set Link State Request retransmission timer. */
450 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 451}
452
d62a17ae 453void ospf_ls_req_event(struct ospf_neighbor *nbr)
718e3744 454{
bc1f09de 455 THREAD_OFF(nbr->t_ls_req);
d62a17ae 456 thread_add_event(master, ospf_ls_req_timer, nbr, 0, &nbr->t_ls_req);
718e3744 457}
458
459/* Cyclic timer function. Fist registered in ospf_nbr_new () in
460 ospf_neighbor.c */
cc9f21da 461void ospf_ls_upd_timer(struct thread *thread)
d62a17ae 462{
463 struct ospf_neighbor *nbr;
464
465 nbr = THREAD_ARG(thread);
466 nbr->t_ls_upd = NULL;
467
468 /* Send Link State Update. */
469 if (ospf_ls_retransmit_count(nbr) > 0) {
470 struct list *update;
471 struct ospf_lsdb *lsdb;
472 int i;
473 int retransmit_interval;
474
475 retransmit_interval =
476 OSPF_IF_PARAM(nbr->oi, retransmit_interval);
477
478 lsdb = &nbr->ls_rxmt;
479 update = list_new();
480
481 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
482 struct route_table *table = lsdb->type[i].db;
483 struct route_node *rn;
484
485 for (rn = route_top(table); rn; rn = route_next(rn)) {
486 struct ospf_lsa *lsa;
487
488 if ((lsa = rn->info) != NULL) {
489 /* Don't retransmit an LSA if we
490 received it within
491 the last RxmtInterval seconds - this
492 is to allow the
493 neighbour a chance to acknowledge the
494 LSA as it may
495 have ben just received before the
496 retransmit timer
497 fired. This is a small tweak to what
498 is in the RFC,
499 but it will cut out out a lot of
500 retransmit traffic
501 - MAG */
502 if (monotime_since(&lsa->tv_recv, NULL)
503 >= retransmit_interval * 1000000LL)
504 listnode_add(update, rn->info);
505 }
506 }
507 }
718e3744 508
d62a17ae 509 if (listcount(update) > 0)
996c9314
LB		 510 ospf_ls_upd_send(nbr, update, OSPF_SEND_PACKET_DIRECT,
511 0);
6a154c88 512 list_delete(&update);
718e3744 513 }
514
d62a17ae 515 /* Set LS Update retransmission timer. */
516 OSPF_NSM_TIMER_ON(nbr->t_ls_upd, ospf_ls_upd_timer, nbr->v_ls_upd);
718e3744 517}
518
cc9f21da 519void ospf_ls_ack_timer(struct thread *thread)
718e3744 520{
d62a17ae 521 struct ospf_interface *oi;
718e3744 522
d62a17ae 523 oi = THREAD_ARG(thread);
524 oi->t_ls_ack = NULL;
718e3744 525
d62a17ae 526 /* Send Link State Acknowledgment. */
527 if (listcount(oi->ls_ack) > 0)
528 ospf_ls_ack_send_delayed(oi);
718e3744 529
d62a17ae 530 /* Set LS Ack timer. */
531 OSPF_ISM_TIMER_ON(oi->t_ls_ack, ospf_ls_ack_timer, oi->v_ls_ack);
718e3744 532}
533
0bfeca3f 534#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 535static void ospf_write_frags(int fd, struct ospf_packet *op, struct ip *iph,
536 struct msghdr *msg, unsigned int maxdatasize,
d7c0a89a 537 unsigned int mtu, int flags, uint8_t type)
0bfeca3f 538{
539#define OSPF_WRITE_FRAG_SHIFT 3
d7c0a89a 540 uint16_t offset;
d62a17ae 541 struct iovec *iovp;
542 int ret;
543
544 assert(op->length == stream_get_endp(op->s));
545 assert(msg->msg_iovlen == 2);
546
547 /* we can but try.
548 *
549 * SunOS, BSD and BSD derived kernels likely will clear ip_id, as
550 * well as the IP_MF flag, making this all quite pointless.
551 *
552 * However, for a system on which IP_MF is left alone, and ip_id left
553 * alone or else which sets same ip_id for each fragment this might
554 * work, eg linux.
555 *
556 * XXX-TODO: It would be much nicer to have the kernel's use their
557 * existing fragmentation support to do this for us. Bugs/RFEs need to
558 * be raised against the various kernels.
559 */
560
561 /* set More Frag */
562 iph->ip_off |= IP_MF;
563
564 /* ip frag offset is expressed in units of 8byte words */
565 offset = maxdatasize >> OSPF_WRITE_FRAG_SHIFT;
566
567 iovp = &msg->msg_iov[1];
568
569 while ((stream_get_endp(op->s) - stream_get_getp(op->s))
570 > maxdatasize) {
571 /* data length of this frag is to next offset value */
572 iovp->iov_len = offset << OSPF_WRITE_FRAG_SHIFT;
573 iph->ip_len = iovp->iov_len + sizeof(struct ip);
574 assert(iph->ip_len <= mtu);
575
576 sockopt_iphdrincl_swab_htosys(iph);
577
578 ret = sendmsg(fd, msg, flags);
579
580 sockopt_iphdrincl_swab_systoh(iph);
581
582 if (ret < 0)
c9cc11f6 583 flog_err(
450971aa 584 EC_LIB_SOCKET,
ea892800 585 "*** %s: sendmsg failed to %pI4, id %d, off %d, len %d, mtu %u failed with %s",
586 __func__, &iph->ip_dst, iph->ip_id, iph->ip_off,
d62a17ae 587 iph->ip_len, mtu, safe_strerror(errno));
588
589 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
ea892800 590 zlog_debug("%s: sent id %d, off %d, len %d to %pI4",
591 __func__, iph->ip_id, iph->ip_off,
592 iph->ip_len, &iph->ip_dst);
d62a17ae 593 }
594
595 iph->ip_off += offset;
596 stream_forward_getp(op->s, iovp->iov_len);
2d34fb80 597 iovp->iov_base = stream_pnt(op->s);
d62a17ae 598 }
599
600 /* setup for final fragment */
601 iovp->iov_len = stream_get_endp(op->s) - stream_get_getp(op->s);
602 iph->ip_len = iovp->iov_len + sizeof(struct ip);
603 iph->ip_off &= (~IP_MF);
0bfeca3f 604}
605#endif /* WANT_OSPF_WRITE_FRAGMENT */
606
cc9f21da 607static void ospf_write(struct thread *thread)
d62a17ae 608{
609 struct ospf *ospf = THREAD_ARG(thread);
610 struct ospf_interface *oi;
d62a17ae 611 struct ospf_packet *op;
612 struct sockaddr_in sa_dst;
613 struct ip iph;
614 struct msghdr msg;
615 struct iovec iov[2];
d7c0a89a 616 uint8_t type;
d62a17ae 617 int ret;
618 int flags = 0;
619 struct listnode *node;
0bfeca3f 620#ifdef WANT_OSPF_WRITE_FRAGMENT
d7c0a89a
QY		 621 static uint16_t ipid = 0;
622 uint16_t maxdatasize;
9d303b37 623#endif /* WANT_OSPF_WRITE_FRAGMENT */
68b7339a 624#define OSPF_WRITE_IPHL_SHIFT 2
d62a17ae 625 int pkt_count = 0;
e1b18df1
CS		 626
627#ifdef GNU_LINUX
3e300703 628 unsigned char cmsgbuf[64] = {};
e7503eab
CS		 629 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
630 struct in_pktinfo *pi;
e1b18df1 631#endif
d62a17ae 632
c32eba04
CS		 633 if (ospf->fd < 0 || ospf->oi_running == 0) {
634 if (IS_DEBUG_OSPF_EVENT)
ea892800 635 zlog_debug("%s failed to send, fd %d, instance %u",
636 __func__, ospf->fd, ospf->oi_running);
cc9f21da 637 return;
c32eba04
CS		 638 }
639
d62a17ae 640 node = listhead(ospf->oi_write_q);
641 assert(node);
642 oi = listgetdata(node);
0bfeca3f 643
644#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 645 /* seed ipid static with low order bits of time */
646 if (ipid == 0)
647 ipid = (time(NULL) & 0xffff);
0bfeca3f 648#endif /* WANT_OSPF_WRITE_FRAGMENT */
649
812e6c78 650 while ((pkt_count < ospf->write_oi_count) && oi) {
d62a17ae 651 pkt_count++;
233cc0fb 652#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 653 /* convenience - max OSPF data per packet */
654 maxdatasize = oi->ifp->mtu - sizeof(struct ip);
233cc0fb 655#endif /* WANT_OSPF_WRITE_FRAGMENT */
d62a17ae 656 /* Get one packet from queue. */
657 op = ospf_fifo_head(oi->obuf);
658 assert(op);
659 assert(op->length >= OSPF_HEADER_SIZE);
660
661 if (op->dst.s_addr == htonl(OSPF_ALLSPFROUTERS)
662 || op->dst.s_addr == htonl(OSPF_ALLDROUTERS))
663 ospf_if_ipmulticast(ospf, oi->address,
664 oi->ifp->ifindex);
665
666 /* Rewrite the md5 signature & update the seq */
667 ospf_make_md5_digest(oi, op);
668
669 /* Retrieve OSPF packet type. */
670 stream_set_getp(op->s, 1);
671 type = stream_getc(op->s);
672
673 /* reset get pointer */
674 stream_set_getp(op->s, 0);
675
6006b807 676 memset(&iph, 0, sizeof(iph));
d62a17ae 677 memset(&sa_dst, 0, sizeof(sa_dst));
678
679 sa_dst.sin_family = AF_INET;
6f0e3f6e 680#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
d62a17ae 681 sa_dst.sin_len = sizeof(sa_dst);
6f0e3f6e 682#endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
d62a17ae 683 sa_dst.sin_addr = op->dst;
684 sa_dst.sin_port = htons(0);
685
686 /* Set DONTROUTE flag if dst is unicast. */
687 if (oi->type != OSPF_IFTYPE_VIRTUALLINK)
688 if (!IN_MULTICAST(htonl(op->dst.s_addr)))
689 flags = MSG_DONTROUTE;
690
691 iph.ip_hl = sizeof(struct ip) >> OSPF_WRITE_IPHL_SHIFT;
692 /* it'd be very strange for header to not be 4byte-word aligned
693 * but.. */
694 if (sizeof(struct ip)
695 > (unsigned int)(iph.ip_hl << OSPF_WRITE_IPHL_SHIFT))
0d6f7fd6 696 iph.ip_hl++; /* we presume sizeof(struct ip) cant
d62a17ae 697 overflow ip_hl.. */
698
699 iph.ip_v = IPVERSION;
700 iph.ip_tos = IPTOS_PREC_INTERNETCONTROL;
701 iph.ip_len = (iph.ip_hl << OSPF_WRITE_IPHL_SHIFT) + op->length;
68b7339a 702
0150c9c9 703#if defined(__DragonFly__)
d62a17ae 704 /*
705 * DragonFly's raw socket expects ip_len/ip_off in network byte
706 * order.
707 */
708 iph.ip_len = htons(iph.ip_len);
0150c9c9
DB		 709#endif
710
0bfeca3f 711#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 712 /* XXX-MT: not thread-safe at all..
713 * XXX: this presumes this is only programme sending OSPF
714 * packets
715 * otherwise, no guarantee ipid will be unique
716 */
717 iph.ip_id = ++ipid;
0bfeca3f 718#endif /* WANT_OSPF_WRITE_FRAGMENT */
719
d62a17ae 720 iph.ip_off = 0;
721 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
722 iph.ip_ttl = OSPF_VL_IP_TTL;
723 else
724 iph.ip_ttl = OSPF_IP_TTL;
725 iph.ip_p = IPPROTO_OSPFIGP;
726 iph.ip_sum = 0;
727 iph.ip_src.s_addr = oi->address->u.prefix4.s_addr;
728 iph.ip_dst.s_addr = op->dst.s_addr;
729
730 memset(&msg, 0, sizeof(msg));
731 msg.msg_name = (caddr_t)&sa_dst;
732 msg.msg_namelen = sizeof(sa_dst);
733 msg.msg_iov = iov;
734 msg.msg_iovlen = 2;
e7503eab 735
d62a17ae 736 iov[0].iov_base = (char *)&iph;
737 iov[0].iov_len = iph.ip_hl << OSPF_WRITE_IPHL_SHIFT;
2d34fb80 738 iov[1].iov_base = stream_pnt(op->s);
d62a17ae 739 iov[1].iov_len = op->length;
740
e1b18df1
CS		 741#ifdef GNU_LINUX
742 msg.msg_control = (caddr_t)cm;
e7503eab
CS		 743 cm->cmsg_level = SOL_IP;
744 cm->cmsg_type = IP_PKTINFO;
745 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
746 pi = (struct in_pktinfo *)CMSG_DATA(cm);
747 pi->ipi_ifindex = oi->ifp->ifindex;
748
749 msg.msg_controllen = cm->cmsg_len;
e1b18df1 750#endif
e7503eab 751
996c9314
LB		 752/* Sadly we can not rely on kernels to fragment packets
753 * because of either IP_HDRINCL and/or multicast
754 * destination being set.
755 */
e7503eab 756
0bfeca3f 757#ifdef WANT_OSPF_WRITE_FRAGMENT
d62a17ae 758 if (op->length > maxdatasize)
759 ospf_write_frags(ospf->fd, op, &iph, &msg, maxdatasize,
760 oi->ifp->mtu, flags, type);
0bfeca3f 761#endif /* WANT_OSPF_WRITE_FRAGMENT */
718e3744 762
d62a17ae 763 /* send final fragment (could be first) */
764 sockopt_iphdrincl_swab_htosys(&iph);
765 ret = sendmsg(ospf->fd, &msg, flags);
766 sockopt_iphdrincl_swab_systoh(&iph);
767 if (IS_DEBUG_OSPF_EVENT)
768 zlog_debug(
ea892800 769 "%s to %pI4, id %d, off %d, len %d, interface %s, mtu %u:",
770 __func__, &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 771 iph.ip_len, oi->ifp->name, oi->ifp->mtu);
772
68696746
RD		 773 /* sendmsg will return EPERM if firewall is blocking sending.
774 * This is a normal situation when 'ip nhrp map multicast xxx'
775 * is being used to send multicast packets to DMVPN peers. In
776 * that case the original message is blocked with iptables rule
777 * causing the EPERM result
778 */
779 if (ret < 0 && errno != EPERM)
c9cc11f6 780 flog_err(
450971aa 781 EC_LIB_SOCKET,
ea892800 782 "*** sendmsg in %s failed to %pI4, id %d, off %d, len %d, interface %s, mtu %u: %s",
783 __func__, &iph.ip_dst, iph.ip_id, iph.ip_off,
d62a17ae 784 iph.ip_len, oi->ifp->name, oi->ifp->mtu,
785 safe_strerror(errno));
786
787 /* Show debug sending packet. */
788 if (IS_DEBUG_OSPF_PACKET(type - 1, SEND)) {
789 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL)) {
790 zlog_debug(
791 "-----------------------------------------------------");
d62a17ae 792 stream_set_getp(op->s, 0);
793 ospf_packet_dump(op->s);
794 }
795
96b663a3 796 zlog_debug("%s sent to [%pI4] via [%s].",
d62a17ae 797 lookup_msg(ospf_packet_type_str, type, NULL),
96b663a3 798 &op->dst, IF_NAME(oi));
d62a17ae 799
800 if (IS_DEBUG_OSPF_PACKET(type - 1, DETAIL))
801 zlog_debug(
802 "-----------------------------------------------------");
803 }
804
c9339663 805 switch (type) {
996c9314
LB		 806 case OSPF_MSG_HELLO:
807 oi->hello_out++;
808 break;
809 case OSPF_MSG_DB_DESC:
810 oi->db_desc_out++;
811 break;
812 case OSPF_MSG_LS_REQ:
813 oi->ls_req_out++;
814 break;
815 case OSPF_MSG_LS_UPD:
816 oi->ls_upd_out++;
817 break;
818 case OSPF_MSG_LS_ACK:
819 oi->ls_ack_out++;
820 break;
821 default:
822 break;
c9339663
CS		 823 }
824
d62a17ae 825 /* Now delete packet from queue. */
826 ospf_packet_delete(oi);
827
828 /* Move this interface to the tail of write_q to
829 serve everyone in a round robin fashion */
830 list_delete_node(ospf->oi_write_q, node);
831 if (ospf_fifo_head(oi->obuf) == NULL) {
832 oi->on_write_q = 0;
d62a17ae 833 oi = NULL;
812e6c78 834 } else
d62a17ae 835 listnode_add(ospf->oi_write_q, oi);
d62a17ae 836
837 /* Setup to service from the head of the queue again */
838 if (!list_isempty(ospf->oi_write_q)) {
839 node = listhead(ospf->oi_write_q);
d62a17ae 840 oi = listgetdata(node);
d62a17ae 841 }
842 }
843
844 /* If packets still remain in queue, call write thread. */
4bb420ab 845 if (!list_isempty(ospf->oi_write_q))
d62a17ae 846 thread_add_write(master, ospf_write, ospf, ospf->fd,
847 &ospf->t_write);
718e3744 848}
849
850/* OSPF Hello message read -- RFC2328 Section 10.5. */
d62a17ae 851static void ospf_hello(struct ip *iph, struct ospf_header *ospfh,
852 struct stream *s, struct ospf_interface *oi, int size)
853{
854 struct ospf_hello *hello;
855 struct ospf_neighbor *nbr;
856 int old_state;
857 struct prefix p;
858
859 /* increment statistics. */
860 oi->hello_in++;
861
2d34fb80 862 hello = (struct ospf_hello *)stream_pnt(s);
d62a17ae 863
864 /* If Hello is myself, silently discard. */
865 if (IPV4_ADDR_SAME(&ospfh->router_id, &oi->ospf->router_id)) {
866 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
867 zlog_debug(
96b663a3 868 "ospf_header[%s/%pI4]: selforiginated, dropping.",
d62a17ae 869 lookup_msg(ospf_packet_type_str, ospfh->type,
870 NULL),
96b663a3 871 &iph->ip_src);
d62a17ae 872 }
873 return;
874 }
875
876 /* get neighbor prefix. */
877 p.family = AF_INET;
878 p.prefixlen = ip_masklen(hello->network_mask);
879 p.u.prefix4 = iph->ip_src;
880
881 /* Compare network mask. */
882 /* Checking is ignored for Point-to-Point and Virtual link. */
0c5506a8 883 /* Checking is also ignored for Point-to-Multipoint with /32 prefix */
d62a17ae 884 if (oi->type != OSPF_IFTYPE_POINTOPOINT
0c5506a8
AL		 885 && oi->type != OSPF_IFTYPE_VIRTUALLINK
886 && !(oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
887 && oi->address->prefixlen == IPV4_MAX_BITLEN))
d62a17ae 888 if (oi->address->prefixlen != p.prefixlen) {
c9cc11f6 889 flog_warn(
cf444bcf 890 EC_OSPF_PACKET,
96b663a3
MS		 891 "Packet %pI4 [Hello:RECV]: NetworkMask mismatch on %s (configured prefix length is %d, but hello packet indicates %d).",
892 &ospfh->router_id, IF_NAME(oi),
d62a17ae 893 (int)oi->address->prefixlen, (int)p.prefixlen);
894 return;
895 }
896
897 /* Compare Router Dead Interval. */
898 if (OSPF_IF_PARAM(oi, v_wait) != ntohl(hello->dead_interval)) {
cf444bcf 899 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 900 "Packet %pI4 [Hello:RECV]: RouterDeadInterval mismatch (expected %u, but received %u).",
901 &ospfh->router_id,
c9cc11f6
DS		 902 OSPF_IF_PARAM(oi, v_wait),
903 ntohl(hello->dead_interval));
d62a17ae 904 return;
905 }
906
907 /* Compare Hello Interval - ignored if fast-hellos are set. */
908 if (OSPF_IF_PARAM(oi, fast_hello) == 0) {
909 if (OSPF_IF_PARAM(oi, v_hello)
910 != ntohs(hello->hello_interval)) {
c9cc11f6 911 flog_warn(
cf444bcf 912 EC_OSPF_PACKET,
96b663a3
MS		 913 "Packet %pI4 [Hello:RECV]: HelloInterval mismatch (expected %u, but received %u).",
914 &ospfh->router_id,
d62a17ae 915 OSPF_IF_PARAM(oi, v_hello),
916 ntohs(hello->hello_interval));
917 return;
918 }
919 }
920
921 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 922 zlog_debug("Packet %pI4 [Hello:RECV]: Options %s vrf %s",
923 &ospfh->router_id,
b5a8894d
CS		 924 ospf_options_dump(hello->options),
925 ospf_vrf_id_to_name(oi->ospf->vrf_id));
d62a17ae 926
927/* Compare options. */
718e3744 928#define REJECT_IF_TBIT_ON 1 /* XXX */
929#ifdef REJECT_IF_TBIT_ON
d62a17ae 930 if (CHECK_FLAG(hello->options, OSPF_OPTION_MT)) {
931 /*
932 * This router does not support non-zero TOS.
933 * Drop this Hello packet not to establish neighbor
934 * relationship.
935 */
cf444bcf 936 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 937 "Packet %pI4 [Hello:RECV]: T-bit on, drop it.",
938 &ospfh->router_id);
d62a17ae 939 return;
940 }
718e3744 941#endif /* REJECT_IF_TBIT_ON */
942
d62a17ae 943 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)
944 && CHECK_FLAG(hello->options, OSPF_OPTION_O)) {
945 /*
946 * This router does know the correct usage of O-bit
947 * the bit should be set in DD packet only.
948 */
cf444bcf 949 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 950 "Packet %pI4 [Hello:RECV]: O-bit abuse?",
951 &ospfh->router_id);
718e3744 952#ifdef STRICT_OBIT_USAGE_CHECK
d62a17ae 953 return; /* Reject this packet. */
954#else /* STRICT_OBIT_USAGE_CHECK */
955 UNSET_FLAG(hello->options, OSPF_OPTION_O); /* Ignore O-bit. */
956#endif /* STRICT_OBIT_USAGE_CHECK */
957 }
718e3744 958
d62a17ae 959 /* new for NSSA is to ensure that NP is on and E is off */
960
961 if (oi->area->external_routing == OSPF_AREA_NSSA) {
962 if (!(CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_NP)
963 && CHECK_FLAG(hello->options, OSPF_OPTION_NP)
964 && !CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
965 && !CHECK_FLAG(hello->options, OSPF_OPTION_E))) {
c9cc11f6 966 flog_warn(
cf444bcf 967 EC_OSPF_PACKET,
96b663a3
MS		 968 "NSSA-Packet-%pI4[Hello:RECV]: my options: %x, his options %x",
969 &ospfh->router_id, OPTIONS(oi),
d62a17ae 970 hello->options);
971 return;
972 }
973 if (IS_DEBUG_OSPF_NSSA)
96b663a3
MS		 974 zlog_debug("NSSA-Hello:RECV:Packet from %pI4:",
975 &ospfh->router_id);
d62a17ae 976 } else
977 /* The setting of the E-bit found in the Hello Packet's Options
978 field must match this area's ExternalRoutingCapability A
979 mismatch causes processing to stop and the packet to be
980 dropped. The setting of the rest of the bits in the Hello
981 Packet's Options field should be ignored. */
982 if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_E)
983 != CHECK_FLAG(hello->options, OSPF_OPTION_E)) {
c9cc11f6 984 flog_warn(
cf444bcf 985 EC_OSPF_PACKET,
96b663a3
MS		 986 "Packet %pI4 [Hello:RECV]: my options: %x, his options %x",
987 &ospfh->router_id, OPTIONS(oi),
d62a17ae 988 hello->options);
989 return;
990 }
718e3744 991
d62a17ae 992 /* get neighbour struct */
993 nbr = ospf_nbr_get(oi, ospfh, iph, &p);
994
995 /* neighbour must be valid, ospf_nbr_get creates if none existed */
996 assert(nbr);
997
998 old_state = nbr->state;
999
1000 /* Add event to thread. */
874a549d 1001 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_HelloReceived);
d62a17ae 1002
1003 /* RFC2328 Section 9.5.1
1004 If the router is not eligible to become Designated Router,
1005 (snip) It must also send an Hello Packet in reply to an
1006 Hello Packet received from any eligible neighbor (other than
1007 the current Designated Router and Backup Designated Router). */
1008 if (oi->type == OSPF_IFTYPE_NBMA)
1009 if (PRIORITY(oi) == 0 && hello->priority > 0
1010 && IPV4_ADDR_CMP(&DR(oi), &iph->ip_src)
1011 && IPV4_ADDR_CMP(&BDR(oi), &iph->ip_src))
1012 OSPF_NSM_TIMER_ON(nbr->t_hello_reply,
1013 ospf_hello_reply_timer,
1014 OSPF_HELLO_REPLY_DELAY);
1015
1016 /* on NBMA network type, it happens to receive bidirectional Hello
1017 packet
1018 without advance 1-Way Received event.
1019 To avoid incorrect DR-seletion, raise 1-Way Received event.*/
1020 if (oi->type == OSPF_IFTYPE_NBMA
1021 && (old_state == NSM_Down || old_state == NSM_Attempt)) {
1022 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
1023 nbr->priority = hello->priority;
1024 nbr->d_router = hello->d_router;
1025 nbr->bd_router = hello->bd_router;
1026 return;
1027 }
1028
1029 if (ospf_nbr_bidirectional(&oi->ospf->router_id, hello->neighbors,
1030 size - OSPF_HELLO_MIN_SIZE)) {
1031 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_TwoWayReceived);
1032 nbr->options |= hello->options;
1033 } else {
5a77dd8f 1034 /* If the router is DR_OTHER, RESTARTER will not wait
1035 * until it receives the hello from it if it receives
1036 * from DR and BDR.
1037 * So, helper might receives ONW_WAY hello from
1038 * RESTARTER. So not allowing to change the state if it
1039 * receives one_way hellow when it acts as HELPER for
1040 * that specific neighbor.
1041 */
1042 if (!OSPF_GR_IS_ACTIVE_HELPER(nbr))
1043 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_OneWayReceived);
d62a17ae 1044 /* Set neighbor information. */
1045 nbr->priority = hello->priority;
1046 nbr->d_router = hello->d_router;
1047 nbr->bd_router = hello->bd_router;
1048 return;
1049 }
1050
d51715bb
MR		 1051 if (OSPF_GR_IS_ACTIVE_HELPER(nbr)) {
1052 /* As per the GR Conformance Test Case 7.2. Section 3
1053 * "Also, if X was the Designated Router on network segment S
1054 * when the helping relationship began, Y maintains X as the
1055 * Designated Router until the helping relationship is
1056 * terminated."
1057 * When I am helper for this neighbor, I should not trigger the
1058 * ISM Events. Also Intentionally not setting the priority and
1059 * other fields so that when the neighbor exits the Grace
1060 * period, it can handle if there is any change before GR and
1061 * after GR. */
1062 if (IS_DEBUG_OSPF_GR)
1063 zlog_debug(
1064 "%s, Neighbor is under GR Restart, hence ignoring the ISM Events",
1065 __PRETTY_FUNCTION__);
3ebf9d34
RW		 1066 } else {
1067 /* If neighbor itself declares DR and no BDR exists,
1068 cause event BackupSeen */
1069 if (IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router))
1070 if (hello->bd_router.s_addr == INADDR_ANY
1071 && oi->state == ISM_Waiting)
1072 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1073
1074 /* neighbor itself declares BDR. */
1075 if (oi->state == ISM_Waiting
1076 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1077 &hello->bd_router))
d62a17ae 1078 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_BackupSeen);
1079
3ebf9d34
RW		 1080 /* had not previously. */
1081 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->d_router)
1082 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->d_router))
1083 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4, &hello->d_router)
1084 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1085 &nbr->d_router)))
1086 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1087
1088 /* had not previously. */
1089 if ((IPV4_ADDR_SAME(&nbr->address.u.prefix4, &hello->bd_router)
1090 && IPV4_ADDR_CMP(&nbr->address.u.prefix4, &nbr->bd_router))
1091 || (IPV4_ADDR_CMP(&nbr->address.u.prefix4,
1092 &hello->bd_router)
1093 && IPV4_ADDR_SAME(&nbr->address.u.prefix4,
1094 &nbr->bd_router)))
1095 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1096
1097 /* Neighbor priority check. */
1098 if (nbr->priority >= 0 && nbr->priority != hello->priority)
1099 OSPF_ISM_EVENT_SCHEDULE(oi, ISM_NeighborChange);
1100 }
d62a17ae 1101
1102 /* Set neighbor information. */
1103 nbr->priority = hello->priority;
1104 nbr->d_router = hello->d_router;
1105 nbr->bd_router = hello->bd_router;
ab6edbfe
RW		 1106
1107 /*
1108 * RFC 3623 - Section 2:
1109 * "If the restarting router determines that it was the Designated
1110 * Router on a given segment prior to the restart, it elects
1111 * itself as the Designated Router again. The restarting router
1112 * knows that it was the Designated Router if, while the
1113 * associated interface is in Waiting state, a Hello packet is
1114 * received from a neighbor listing the router as the Designated
1115 * Router".
1116 */
1117 if (oi->area->ospf->gr_info.restart_in_progress
1118 && oi->state == ISM_Waiting
1119 && IPV4_ADDR_SAME(&hello->d_router, &oi->address->u.prefix4))
1120 DR(oi) = hello->d_router;
718e3744 1121}
1122
1123/* Save DD flags/options/Seqnum received. */
d62a17ae 1124static void ospf_db_desc_save_current(struct ospf_neighbor *nbr,
1125 struct ospf_db_desc *dd)
718e3744 1126{
d62a17ae 1127 nbr->last_recv.flags = dd->flags;
1128 nbr->last_recv.options = dd->options;
1129 nbr->last_recv.dd_seqnum = ntohl(dd->dd_seqnum);
718e3744 1130}
1131
1132/* Process rest of DD packet. */
d62a17ae 1133static void ospf_db_desc_proc(struct stream *s, struct ospf_interface *oi,
1134 struct ospf_neighbor *nbr,
d7c0a89a 1135 struct ospf_db_desc *dd, uint16_t size)
d62a17ae 1136{
1137 struct ospf_lsa *new, *find;
1138 struct lsa_header *lsah;
1139
1140 stream_forward_getp(s, OSPF_DB_DESC_MIN_SIZE);
1141 for (size -= OSPF_DB_DESC_MIN_SIZE; size >= OSPF_LSA_HEADER_SIZE;
1142 size -= OSPF_LSA_HEADER_SIZE) {
2d34fb80 1143 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1144 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
1145
1146 /* Unknown LS type. */
1147 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1148 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1149 "Packet [DD:RECV]: Unknown LS type %d.",
d62a17ae 1150 lsah->type);
1151 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1152 return;
1153 }
1154
1155 if (IS_OPAQUE_LSA(lsah->type)
1156 && !CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
cf444bcf 1157 flog_warn(EC_OSPF_PACKET,
eab19035
JAG		 1158 "LSA[Type%d:%pI4] from %pI4: Opaque capability mismatch?",
1159 lsah->type, &lsah->id, &lsah->adv_router);
d62a17ae 1160 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1161 return;
1162 }
1163
1164 switch (lsah->type) {
1165 case OSPF_AS_EXTERNAL_LSA:
1166 case OSPF_OPAQUE_AS_LSA:
1167 /* Check for stub area. Reject if AS-External from stub
1168 but
1169 allow if from NSSA. */
1170 if (oi->area->external_routing == OSPF_AREA_STUB) {
c9cc11f6 1171 flog_warn(
cf444bcf 1172 EC_OSPF_PACKET,
96b663a3
MS		 1173 "Packet [DD:RECV]: LSA[Type%d:%pI4] from %s area.",
1174 lsah->type, &lsah->id,
d62a17ae 1175 (oi->area->external_routing
1176 == OSPF_AREA_STUB)
1177 ? "STUB"
1178 : "NSSA");
1179 OSPF_NSM_EVENT_SCHEDULE(nbr,
1180 NSM_SeqNumberMismatch);
1181 return;
1182 }
1183 break;
1184 default:
1185 break;
1186 }
1187
1188 /* Create LS-request object. */
1189 new = ospf_ls_request_new(lsah);
1190
1191 /* Lookup received LSA, then add LS request list. */
1192 find = ospf_lsa_lookup_by_header(oi->area, lsah);
1193
1194 /* ospf_lsa_more_recent is fine with NULL pointers */
1195 switch (ospf_lsa_more_recent(find, new)) {
1196 case -1:
1197 /* Neighbour has a more recent LSA, we must request it
1198 */
1199 ospf_ls_request_add(nbr, new);
1200 /* fallthru */
1201 case 0:
1202 /* If we have a copy of this LSA, it's either less
1203 * recent
1204 * and we're requesting it from neighbour (the case
1205 * above), or
1206 * it's as recent and we both have same copy (this
1207 * case).
1208 *
1209 * In neither of these two cases is there any point in
1210 * describing our copy of the LSA to the neighbour in a
1211 * DB-Summary packet, if we're still intending to do so.
1212 *
1213 * See: draft-ogier-ospf-dbex-opt-00.txt, describing the
1214 * backward compatible optimisation to OSPF DB Exchange
1215 * /
1216 * DB Description process implemented here.
1217 */
1218 if (find)
1219 ospf_lsdb_delete(&nbr->db_sum, find);
1220 ospf_lsa_discard(new);
1221 break;
1222 default:
1223 /* We have the more recent copy, nothing specific to do:
1224 * - no need to request neighbours stale copy
1225 * - must leave DB summary list copy alone
1226 */
1227 if (IS_DEBUG_OSPF_EVENT)
1228 zlog_debug(
96b663a3
MS		 1229 "Packet [DD:RECV]: LSA received Type %d, ID %pI4 is not recent.",
1230 lsah->type, &lsah->id);
d62a17ae 1231 ospf_lsa_discard(new);
1232 }
1233 }
1234
1235 /* Master */
1236 if (IS_SET_DD_MS(nbr->dd_flags)) {
1237 nbr->dd_seqnum++;
1238
1239 /* Both sides have no More, then we're done with Exchange */
1240 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1241 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1242 else
1243 ospf_db_desc_send(nbr);
1244 }
1245 /* Slave */
1246 else {
1247 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1248
1249 /* Send DD packet in reply.
1250 *
1251 * Must be done to acknowledge the Master's DD, regardless of
1252 * whether we have more LSAs ourselves to describe.
1253 *
1254 * This function will clear the 'More' bit, if after this DD
1255 * we have no more LSAs to describe to the master..
1256 */
1257 ospf_db_desc_send(nbr);
1258
1259 /* Slave can raise ExchangeDone now, if master is also done */
1260 if (!IS_SET_DD_M(dd->flags) && !IS_SET_DD_M(nbr->dd_flags))
1261 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_ExchangeDone);
1262 }
1263
1264 /* Save received neighbor values from DD. */
1265 ospf_db_desc_save_current(nbr, dd);
1266
1267 if (!nbr->t_ls_req)
1268 ospf_ls_req_send(nbr);
1269}
1270
1271static int ospf_db_desc_is_dup(struct ospf_db_desc *dd,
1272 struct ospf_neighbor *nbr)
1273{
1274 /* Is DD duplicated? */
1275 if (dd->options == nbr->last_recv.options
1276 && dd->flags == nbr->last_recv.flags
1277 && dd->dd_seqnum == htonl(nbr->last_recv.dd_seqnum))
1278 return 1;
1279
1280 return 0;
718e3744 1281}
1282
1283/* OSPF Database Description message read -- RFC2328 Section 10.6. */
d62a17ae 1284static void ospf_db_desc(struct ip *iph, struct ospf_header *ospfh,
1285 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1286 uint16_t size)
d62a17ae 1287{
1288 struct ospf_db_desc *dd;
1289 struct ospf_neighbor *nbr;
d363df2c 1290
d62a17ae 1291 /* Increment statistics. */
1292 oi->db_desc_in++;
718e3744 1293
2d34fb80 1294 dd = (struct ospf_db_desc *)stream_pnt(s);
d62a17ae 1295
1296 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1297 if (nbr == NULL) {
96b663a3
MS		 1298 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Unknown Neighbor %pI4",
1299 &ospfh->router_id);
d62a17ae 1300 return;
718e3744 1301 }
d62a17ae 1302
1303 /* Check MTU. */
1304 if ((OSPF_IF_PARAM(oi, mtu_ignore) == 0)
1305 && (ntohs(dd->mtu) > oi->ifp->mtu)) {
c9cc11f6 1306 flog_warn(
cf444bcf 1307 EC_OSPF_PACKET,
96b663a3
MS		 1308 "Packet[DD]: Neighbor %pI4 MTU %u is larger than [%s]'s MTU %u",
1309 &nbr->router_id, ntohs(dd->mtu), IF_NAME(oi),
d62a17ae 1310 oi->ifp->mtu);
1311 return;
718e3744 1312 }
1313
d62a17ae 1314 /*
1315 * XXX HACK by Hasso Tepper. Setting N/P bit in NSSA area DD packets is
1316 * not
1317 * required. In fact at least JunOS sends DD packets with P bit clear.
1318 * Until proper solution is developped, this hack should help.
1319 *
1320 * Update: According to the RFCs, N bit is specified /only/ for Hello
1321 * options, unfortunately its use in DD options is not specified. Hence
1322 * some
1323 * implementations follow E-bit semantics and set it in DD options, and
1324 * some
1325 * treat it as unspecified and hence follow the directive "default for
1326 * options is clear", ie unset.
1327 *
1328 * Reset the flag, as ospfd follows E-bit semantics.
1329 */
1330 if ((oi->area->external_routing == OSPF_AREA_NSSA)
1331 && (CHECK_FLAG(nbr->options, OSPF_OPTION_NP))
1332 && (!CHECK_FLAG(dd->options, OSPF_OPTION_NP))) {
1333 if (IS_DEBUG_OSPF_EVENT)
1334 zlog_debug(
96b663a3
MS		 1335 "Packet[DD]: Neighbour %pI4: Has NSSA capability, sends with N bit clear in DD options",
1336 &nbr->router_id);
d62a17ae 1337 SET_FLAG(dd->options, OSPF_OPTION_NP);
718e3744 1338 }
1339
d62a17ae 1340#ifdef REJECT_IF_TBIT_ON
1341 if (CHECK_FLAG(dd->options, OSPF_OPTION_MT)) {
1342 /*
1343 * In Hello protocol, optional capability must have checked
1344 * to prevent this T-bit enabled router be my neighbor.
1345 */
96b663a3
MS		 1346 flog_warn(EC_OSPF_PACKET, "Packet[DD]: Neighbor %pI4: T-bit on?",
1347 &nbr->router_id);
d62a17ae 1348 return;
1349 }
1350#endif /* REJECT_IF_TBIT_ON */
1351
1352 if (CHECK_FLAG(dd->options, OSPF_OPTION_O)
1353 && !CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1354 /*
1355 * This node is not configured to handle O-bit, for now.
1356 * Clear it to ignore unsupported capability proposed by
1357 * neighbor.
1358 */
1359 UNSET_FLAG(dd->options, OSPF_OPTION_O);
1360 }
1361
e6a22aeb
SK		 1362 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1363 zlog_info(
96b663a3 1364 "%s:Packet[DD]: Neighbor %pI4 state is %s, seq_num:0x%x, local:0x%x",
44076f4d 1365 ospf_get_name(oi->ospf), &nbr->router_id,
e6a22aeb
SK		 1366 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL),
1367 ntohl(dd->dd_seqnum), nbr->dd_seqnum);
1368
d62a17ae 1369 /* Process DD packet by neighbor status. */
1370 switch (nbr->state) {
1371 case NSM_Down:
1372 case NSM_Attempt:
1373 case NSM_TwoWay:
96db9cd3
DS		 1374 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
1375 zlog_info(
96b663a3
MS		 1376 "Packet[DD]: Neighbor %pI4 state is %s, packet discarded.",
1377 &nbr->router_id,
96db9cd3
DS		 1378 lookup_msg(ospf_nsm_state_msg, nbr->state,
1379 NULL));
d62a17ae 1380 break;
1381 case NSM_Init:
1382 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_TwoWayReceived);
1383 /* If the new state is ExStart, the processing of the current
1384 packet should then continue in this new state by falling
1385 through to case ExStart below. */
1386 if (nbr->state != NSM_ExStart)
1387 break;
1388 /* fallthru */
1389 case NSM_ExStart:
1390 /* Initial DBD */
1391 if ((IS_SET_DD_ALL(dd->flags) == OSPF_DD_FLAG_ALL)
1392 && (size == OSPF_DB_DESC_MIN_SIZE)) {
1393 if (IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1394 > 0) {
1395 /* We're Slave---obey */
05ba78e4
CS		 1396 if (CHECK_FLAG(oi->ospf->config,
1397 OSPF_LOG_ADJACENCY_DETAIL))
996c9314 1398 zlog_info(
96b663a3
MS		 1399 "Packet[DD]: Neighbor %pI4 Negotiation done (Slave).",
1400 &nbr->router_id);
05ba78e4 1401
d62a17ae 1402 nbr->dd_seqnum = ntohl(dd->dd_seqnum);
1403
1404 /* Reset I/MS */
1405 UNSET_FLAG(nbr->dd_flags,
1406 (OSPF_DD_FLAG_MS | OSPF_DD_FLAG_I));
1407 } else {
1408 /* We're Master, ignore the initial DBD from
1409 * Slave */
05ba78e4
CS		 1410 if (CHECK_FLAG(oi->ospf->config,
1411 OSPF_LOG_ADJACENCY_DETAIL))
1412 zlog_info(
96b663a3
MS		 1413 "Packet[DD]: Neighbor %pI4: Initial DBD from Slave, ignoring.",
1414 &nbr->router_id);
d62a17ae 1415 break;
1416 }
1417 }
1418 /* Ack from the Slave */
1419 else if (!IS_SET_DD_MS(dd->flags) && !IS_SET_DD_I(dd->flags)
1420 && ntohl(dd->dd_seqnum) == nbr->dd_seqnum
1421 && IPV4_ADDR_CMP(&nbr->router_id, &oi->ospf->router_id)
1422 < 0) {
1423 zlog_info(
96b663a3
MS		 1424 "Packet[DD]: Neighbor %pI4 Negotiation done (Master).",
1425 &nbr->router_id);
d62a17ae 1426 /* Reset I, leaving MS */
1427 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_I);
1428 } else {
cf444bcf 1429 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1430 "Packet[DD]: Neighbor %pI4 Negotiation fails.",
1431 &nbr->router_id);
d62a17ae 1432 break;
1433 }
1434
1435 /* This is where the real Options are saved */
1436 nbr->options = dd->options;
1437
1438 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE)) {
1439 if (IS_DEBUG_OSPF_EVENT)
1440 zlog_debug(
96b663a3
MS		 1441 "Neighbor[%pI4] is %sOpaque-capable.",
1442 &nbr->router_id,
d62a17ae 1443 CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1444 ? ""
1445 : "NOT ");
1446
1447 if (!CHECK_FLAG(nbr->options, OSPF_OPTION_O)
1448 && IPV4_ADDR_SAME(&DR(oi),
1449 &nbr->address.u.prefix4)) {
c9cc11f6 1450 flog_warn(
cf444bcf 1451 EC_OSPF_PACKET,
96b663a3
MS		 1452 "DR-neighbor[%pI4] is NOT opaque-capable; Opaque-LSAs cannot be reliably advertised in this network.",
1453 &nbr->router_id);
d62a17ae 1454 /* This situation is undesirable, but not a real
1455 * error. */
1456 }
1457 }
1458
1459 OSPF_NSM_EVENT_EXECUTE(nbr, NSM_NegotiationDone);
1460
1461 /* continue processing rest of packet. */
1462 ospf_db_desc_proc(s, oi, nbr, dd, size);
1463 break;
1464 case NSM_Exchange:
1465 if (ospf_db_desc_is_dup(dd, nbr)) {
1466 if (IS_SET_DD_MS(nbr->dd_flags))
1467 /* Master: discard duplicated DD packet. */
1468 zlog_info(
96b663a3
MS		 1469 "Packet[DD] (Master): Neighbor %pI4 packet duplicated.",
1470 &nbr->router_id);
d62a17ae 1471 else
1472 /* Slave: cause to retransmit the last Database
1473 Description. */
1474 {
1475 zlog_info(
96b663a3
MS		 1476 "Packet[DD] [Slave]: Neighbor %pI4 packet duplicated.",
1477 &nbr->router_id);
d62a17ae 1478 ospf_db_desc_resend(nbr);
1479 }
1480 break;
1481 }
1482
1483 /* Otherwise DD packet should be checked. */
1484 /* Check Master/Slave bit mismatch */
1485 if (IS_SET_DD_MS(dd->flags)
1486 != IS_SET_DD_MS(nbr->last_recv.flags)) {
cf444bcf 1487 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1488 "Packet[DD]: Neighbor %pI4 MS-bit mismatch.",
1489 &nbr->router_id);
d62a17ae 1490 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1491 if (IS_DEBUG_OSPF_EVENT)
1492 zlog_debug(
1493 "Packet[DD]: dd->flags=%d, nbr->dd_flags=%d",
1494 dd->flags, nbr->dd_flags);
1495 break;
1496 }
1497
1498 /* Check initialize bit is set. */
1499 if (IS_SET_DD_I(dd->flags)) {
96b663a3
MS		 1500 zlog_info("Packet[DD]: Neighbor %pI4 I-bit set.",
1501 &nbr->router_id);
d62a17ae 1502 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1503 break;
1504 }
1505
1506 /* Check DD Options. */
1507 if (dd->options != nbr->options) {
cf444bcf 1508 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1509 "Packet[DD]: Neighbor %pI4 options mismatch.",
1510 &nbr->router_id);
d62a17ae 1511 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1512 break;
1513 }
718e3744 1514
d62a17ae 1515 /* Check DD sequence number. */
1516 if ((IS_SET_DD_MS(nbr->dd_flags)
1517 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum)
1518 || (!IS_SET_DD_MS(nbr->dd_flags)
1519 && ntohl(dd->dd_seqnum) != nbr->dd_seqnum + 1)) {
c9cc11f6 1520 flog_warn(
cf444bcf 1521 EC_OSPF_PACKET,
96b663a3
MS		 1522 "Packet[DD]: Neighbor %pI4 sequence number mismatch.",
1523 &nbr->router_id);
d62a17ae 1524 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1525 break;
1526 }
1527
1528 /* Continue processing rest of packet. */
1529 ospf_db_desc_proc(s, oi, nbr, dd, size);
1530 break;
1531 case NSM_Loading:
1532 case NSM_Full:
1533 if (ospf_db_desc_is_dup(dd, nbr)) {
1534 if (IS_SET_DD_MS(nbr->dd_flags)) {
1535 /* Master should discard duplicate DD packet. */
1536 zlog_info(
96b663a3
MS		 1537 "Packet[DD]: Neighbor %pI4 duplicated, packet discarded.",
1538 &nbr->router_id);
d62a17ae 1539 break;
1540 } else {
1541 if (monotime_since(&nbr->last_send_ts, NULL)
1542 < nbr->v_inactivity * 1000000LL) {
1543 /* In states Loading and Full the slave
1544 must resend
1545 its last Database Description packet
1546 in response to
1547 duplicate Database Description
1548 packets received
1549 from the master. For this reason the
1550 slave must
1551 wait RouterDeadInterval seconds
1552 before freeing the
1553 last Database Description packet.
1554 Reception of a
1555 Database Description packet from the
1556 master after
1557 this interval will generate a
1558 SeqNumberMismatch
1559 neighbor event. RFC2328 Section 10.8
1560 */
1561 ospf_db_desc_resend(nbr);
1562 break;
1563 }
1564 }
718e3744 1565 }
718e3744 1566
d62a17ae 1567 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_SeqNumberMismatch);
1568 break;
1569 default:
cf444bcf 1570 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1571 "Packet[DD]: Neighbor %pI4 NSM illegal status %u.",
1572 &nbr->router_id, nbr->state);
d62a17ae 1573 break;
1574 }
718e3744 1575}
1576
1577#define OSPF_LSA_KEY_SIZE 12 /* type(4) + id(4) + ar(4) */
1578
1579/* OSPF Link State Request Read -- RFC2328 Section 10.7. */
d62a17ae 1580static void ospf_ls_req(struct ip *iph, struct ospf_header *ospfh,
1581 struct stream *s, struct ospf_interface *oi,
d7c0a89a 1582 uint16_t size)
d62a17ae 1583{
1584 struct ospf_neighbor *nbr;
d7c0a89a 1585 uint32_t ls_type;
d62a17ae 1586 struct in_addr ls_id;
1587 struct in_addr adv_router;
1588 struct ospf_lsa *find;
1589 struct list *ls_upd;
1590 unsigned int length;
1591
1592 /* Increment statistics. */
1593 oi->ls_req_in++;
1594
1595 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1596 if (nbr == NULL) {
cf444bcf 1597 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1598 "Link State Request: Unknown Neighbor %pI4",
1599 &ospfh->router_id);
d62a17ae 1600 return;
718e3744 1601 }
1602
d62a17ae 1603 /* Neighbor State should be Exchange or later. */
1604 if (nbr->state != NSM_Exchange && nbr->state != NSM_Loading
1605 && nbr->state != NSM_Full) {
c9cc11f6 1606 flog_warn(
cf444bcf 1607 EC_OSPF_PACKET,
96b663a3
MS		 1608 "Link State Request received from %pI4: Neighbor state is %s, packet discarded.",
1609 &ospfh->router_id,
d62a17ae 1610 lookup_msg(ospf_nsm_state_msg, nbr->state, NULL));
1611 return;
718e3744 1612 }
1613
d62a17ae 1614 /* Send Link State Update for ALL requested LSAs. */
1615 ls_upd = list_new();
1616 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1617
1618 while (size >= OSPF_LSA_KEY_SIZE) {
1619 /* Get one slice of Link State Request. */
1620 ls_type = stream_getl(s);
1621 ls_id.s_addr = stream_get_ipv4(s);
1622 adv_router.s_addr = stream_get_ipv4(s);
1623
1624 /* Verify LSA type. */
1625 if (ls_type < OSPF_MIN_LSA || ls_type >= OSPF_MAX_LSA) {
1626 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1627 list_delete(&ls_upd);
d62a17ae 1628 return;
1629 }
718e3744 1630
d62a17ae 1631 /* Search proper LSA in LSDB. */
b5a8894d
CS		 1632 find = ospf_lsa_lookup(oi->ospf, oi->area, ls_type, ls_id,
1633 adv_router);
d62a17ae 1634 if (find == NULL) {
1635 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
6a154c88 1636 list_delete(&ls_upd);
d62a17ae 1637 return;
1638 }
718e3744 1639
d62a17ae 1640 /* Packet overflows MTU size, send immediately. */
1641 if (length + ntohs(find->data->length) > ospf_packet_max(oi)) {
1642 if (oi->type == OSPF_IFTYPE_NBMA)
1643 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1644 OSPF_SEND_PACKET_DIRECT, 0);
d62a17ae 1645 else
1646 ospf_ls_upd_send(nbr, ls_upd,
046460a1 1647 OSPF_SEND_PACKET_INDIRECT, 0);
d62a17ae 1648
1649 /* Only remove list contents. Keep ls_upd. */
1650 list_delete_all_node(ls_upd);
718e3744 1651
d62a17ae 1652 length = OSPF_HEADER_SIZE + OSPF_LS_UPD_MIN_SIZE;
1653 }
1654
1655 /* Append LSA to update list. */
1656 listnode_add(ls_upd, find);
1657 length += ntohs(find->data->length);
718e3744 1658
d62a17ae 1659 size -= OSPF_LSA_KEY_SIZE;
1660 }
718e3744 1661
d62a17ae 1662 /* Send rest of Link State Update. */
1663 if (listcount(ls_upd) > 0) {
1664 if (oi->type == OSPF_IFTYPE_NBMA)
996c9314
LB		 1665 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_DIRECT,
1666 0);
d62a17ae 1667 else
996c9314
LB		 1668 ospf_ls_upd_send(nbr, ls_upd, OSPF_SEND_PACKET_INDIRECT,
1669 0);
718e3744 1670
6a154c88 1671 list_delete(&ls_upd);
d62a17ae 1672 } else
6a154c88 1673 list_delete(&ls_upd);
718e3744 1674}
1675
1676/* Get the list of LSAs from Link State Update packet.
1677 And process some validation -- RFC2328 Section 13. (1)-(2). */
d62a17ae 1678static struct list *ospf_ls_upd_list_lsa(struct ospf_neighbor *nbr,
1679 struct stream *s,
1680 struct ospf_interface *oi, size_t size)
1681{
d7c0a89a
QY		 1682 uint16_t count, sum;
1683 uint32_t length;
d62a17ae 1684 struct lsa_header *lsah;
1685 struct ospf_lsa *lsa;
1686 struct list *lsas;
1687
1688 lsas = list_new();
1689
1690 count = stream_getl(s);
1691 size -= OSPF_LS_UPD_MIN_SIZE; /* # LSAs */
1692
1693 for (; size >= OSPF_LSA_HEADER_SIZE && count > 0;
1694 size -= length, stream_forward_getp(s, length), count--) {
2d34fb80 1695 lsah = (struct lsa_header *)stream_pnt(s);
d62a17ae 1696 length = ntohs(lsah->length);
1697
1698 if (length > size) {
c9cc11f6 1699 flog_warn(
cf444bcf 1700 EC_OSPF_PACKET,
d62a17ae 1701 "Link State Update: LSA length exceeds packet size.");
1702 break;
1703 }
718e3744 1704
53674eab
LB		 1705 if (length < OSPF_LSA_HEADER_SIZE) {
1706 flog_warn(EC_OSPF_PACKET,
1707 "Link State Update: LSA length too small.");
1708 break;
1709 }
1710
d62a17ae 1711 /* Validate the LSA's LS checksum. */
1712 sum = lsah->checksum;
1713 if (!ospf_lsa_checksum_valid(lsah)) {
1714 /* (bug #685) more details in a one-line message make it
1715 * possible
1716 * to identify problem source on the one hand and to
1717 * have a better
1718 * chance to compress repeated messages in syslog on the
1719 * other */
c9cc11f6 1720 flog_warn(
cf444bcf 1721 EC_OSPF_PACKET,
96b663a3
MS		 1722 "Link State Update: LSA checksum error %x/%x, ID=%pI4 from: nbr %pI4, router ID %pI4, adv router %pI4",
1723 sum, lsah->checksum, &lsah->id,
1724 &nbr->src, &nbr->router_id,
1725 &lsah->adv_router);
d62a17ae 1726 continue;
1727 }
718e3744 1728
d62a17ae 1729 /* Examine the LSA's LS type. */
1730 if (lsah->type < OSPF_MIN_LSA || lsah->type >= OSPF_MAX_LSA) {
cf444bcf 1731 flog_warn(EC_OSPF_PACKET,
c9cc11f6 1732 "Link State Update: Unknown LS type %d",
d62a17ae 1733 lsah->type);
1734 continue;
1735 }
718e3744 1736
d62a17ae 1737 /*
1738 * What if the received LSA's age is greater than MaxAge?
1739 * Treat it as a MaxAge case -- endo.
1740 */
1741 if (ntohs(lsah->ls_age) > OSPF_LSA_MAXAGE)
1742 lsah->ls_age = htons(OSPF_LSA_MAXAGE);
718e3744 1743
d62a17ae 1744 if (CHECK_FLAG(nbr->options, OSPF_OPTION_O)) {
1745#ifdef STRICT_OBIT_USAGE_CHECK
1746 if ((IS_OPAQUE_LSA(lsah->type)
1747 && !CHECK_FLAG(lsah->options, OSPF_OPTION_O))
1748 || (!IS_OPAQUE_LSA(lsah->type)
1749 && CHECK_FLAG(lsah->options, OSPF_OPTION_O))) {
1750 /*
1751 * This neighbor must know the exact usage of
1752 * O-bit;
1753 * the bit will be set in Type-9,10,11 LSAs
1754 * only.
1755 */
cf444bcf 1756 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1757 "LSA[Type%d:%pI4]: O-bit abuse?",
1758 lsah->type, &lsah->id);
d62a17ae 1759 continue;
1760 }
1761#endif /* STRICT_OBIT_USAGE_CHECK */
718e3744 1762
d62a17ae 1763 /* Do not take in AS External Opaque-LSAs if we are a
1764 * stub. */
1765 if (lsah->type == OSPF_OPAQUE_AS_LSA
1766 && nbr->oi->area->external_routing
1767 != OSPF_AREA_DEFAULT) {
1768 if (IS_DEBUG_OSPF_EVENT)
1769 zlog_debug(
96b663a3 1770 "LSA[Type%d:%pI4]: We are a stub, don't take this LSA.",
d62a17ae 1771 lsah->type,
96b663a3 1772 &lsah->id);
d62a17ae 1773 continue;
1774 }
1775 } else if (IS_OPAQUE_LSA(lsah->type)) {
8935b0fa
JAG		 1776 flog_warn(
1777 EC_OSPF_PACKET,
1778 "LSA[Type%d:%pI4] from %pI4: Opaque capability mismatch?",
1779 lsah->type, &lsah->id, &lsah->adv_router);
d62a17ae 1780 continue;
1781 }
718e3744 1782
d62a17ae 1783 /* Create OSPF LSA instance. */
5b3d4186 1784 lsa = ospf_lsa_new_and_data(length);
d62a17ae 1785
b5a8894d 1786 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 1787 /* We may wish to put some error checking if type NSSA comes in
1788 and area not in NSSA mode */
1789 switch (lsah->type) {
1790 case OSPF_AS_EXTERNAL_LSA:
1791 case OSPF_OPAQUE_AS_LSA:
1792 lsa->area = NULL;
1793 break;
1794 case OSPF_OPAQUE_LINK_LSA:
1795 lsa->oi = oi; /* Remember incoming interface for
1796 flooding control. */
1797 /* Fallthrough */
1798 default:
1799 lsa->area = oi->area;
1800 break;
1801 }
718e3744 1802
d62a17ae 1803 memcpy(lsa->data, lsah, length);
1804
1805 if (IS_DEBUG_OSPF_EVENT)
1806 zlog_debug(
96b663a3
MS		 1807 "LSA[Type%d:%pI4]: %p new LSA created with Link State Update",
1808 lsa->data->type, &lsa->data->id,
d62a17ae 1809 (void *)lsa);
1810 listnode_add(lsas, lsa);
1811 }
718e3744 1812
d62a17ae 1813 return lsas;
718e3744 1814}
1815
1816/* Cleanup Update list. */
d62a17ae 1817static void ospf_upd_list_clean(struct list *lsas)
718e3744 1818{
d62a17ae 1819 struct listnode *node, *nnode;
1820 struct ospf_lsa *lsa;
718e3744 1821
d62a17ae 1822 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa))
1823 ospf_lsa_discard(lsa);
718e3744 1824
6a154c88 1825 list_delete(&lsas);
718e3744 1826}
1827
1828/* OSPF Link State Update message read -- RFC2328 Section 13. */
d62a17ae 1829static void ospf_ls_upd(struct ospf *ospf, struct ip *iph,
1830 struct ospf_header *ospfh, struct stream *s,
d7c0a89a 1831 struct ospf_interface *oi, uint16_t size)
d62a17ae 1832{
1833 struct ospf_neighbor *nbr;
1834 struct list *lsas;
1835 struct listnode *node, *nnode;
1836 struct ospf_lsa *lsa = NULL;
1837 /* unsigned long ls_req_found = 0; */
1838
1839 /* Dis-assemble the stream, update each entry, re-encapsulate for
1840 * flooding */
1841
1842 /* Increment statistics. */
1843 oi->ls_upd_in++;
1844
1845 /* Check neighbor. */
1846 nbr = ospf_nbr_lookup(oi, iph, ospfh);
1847 if (nbr == NULL) {
cf444bcf 1848 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 1849 "Link State Update: Unknown Neighbor %pI4 on int: %s",
1850 &ospfh->router_id, IF_NAME(oi));
d62a17ae 1851 return;
718e3744 1852 }
1853
d62a17ae 1854 /* Check neighbor state. */
1855 if (nbr->state < NSM_Exchange) {
1856 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
1857 zlog_debug(
96b663a3
MS		 1858 "Link State Update: Neighbor[%pI4] state %s is less than Exchange",
1859 &ospfh->router_id,
d62a17ae 1860 lookup_msg(ospf_nsm_state_msg, nbr->state,
1861 NULL));
1862 return;
1863 }
718e3744 1864
98cb53f9
RW		 1865 /* Get list of LSAs from Link State Update packet. - Also performs
1866 * Stages 1 (validate LSA checksum) and 2 (check for LSA consistent
1867 * type) of section 13.
d62a17ae 1868 */
1869 lsas = ospf_ls_upd_list_lsa(nbr, s, oi, size);
1870
35955c14
CS		 1871 if (lsas == NULL)
1872 return;
d62a17ae 1873#define DISCARD_LSA(L, N) \
1874 { \
1875 if (IS_DEBUG_OSPF_EVENT) \
1876 zlog_debug( \
1877 "ospf_lsa_discard() in ospf_ls_upd() point %d: lsa %p" \
1878 " Type-%d", \
1879 N, (void *)lsa, (int)lsa->data->type); \
1880 ospf_lsa_discard(L); \
1881 continue; \
718e3744 1882 }
1883
d62a17ae 1884 /* Process each LSA received in the one packet.
1885 *
1886 * Numbers in parentheses, e.g. (1), (2), etc., and the corresponding
1887 * text below are from the steps in RFC 2328, Section 13.
1888 */
1889 for (ALL_LIST_ELEMENTS(lsas, node, nnode, lsa)) {
1890 struct ospf_lsa *ls_ret, *current;
1891 int ret = 1;
1892
231af0a5 1893 if (IS_DEBUG_OSPF(lsa, LSA))
c067e23e
DS		 1894 zlog_debug("LSA Type-%d from %pI4, ID: %pI4, ADV: %pI4",
1895 lsa->data->type, &ospfh->router_id,
1896 &lsa->data->id, &lsa->data->adv_router);
718e3744 1897
d62a17ae 1898 listnode_delete(lsas,
1899 lsa); /* We don't need it in list anymore */
1900
1901 /* (1) Validate Checksum - Done above by ospf_ls_upd_list_lsa()
1902 */
1903
1904 /* (2) LSA Type - Done above by ospf_ls_upd_list_lsa() */
1905
1906 /* (3) Do not take in AS External LSAs if we are a stub or NSSA.
1907 */
1908
1909 /* Do not take in AS NSSA if this neighbor and we are not NSSA
1910 */
1911
1912 /* Do take in Type-7's if we are an NSSA */
1913
1914 /* If we are also an ABR, later translate them to a Type-5
1915 * packet */
1916
1917 /* Later, an NSSA Re-fresh can Re-fresh Type-7's and an ABR will
1918 translate them to a separate Type-5 packet. */
1919
1920 if (lsa->data->type == OSPF_AS_EXTERNAL_LSA)
1921 /* Reject from STUB or NSSA */
1922 if (nbr->oi->area->external_routing
1923 != OSPF_AREA_DEFAULT) {
1924 if (IS_DEBUG_OSPF_NSSA)
1925 zlog_debug(
1926 "Incoming External LSA Discarded: We are NSSA/STUB Area");
1927 DISCARD_LSA(lsa, 1);
1928 }
1929
1930 if (lsa->data->type == OSPF_AS_NSSA_LSA)
1931 if (nbr->oi->area->external_routing != OSPF_AREA_NSSA) {
1932 if (IS_DEBUG_OSPF_NSSA)
1933 zlog_debug(
1934 "Incoming NSSA LSA Discarded: Not NSSA Area");
1935 DISCARD_LSA(lsa, 2);
1936 }
1937
1938 /* VU229804: Router-LSA Adv-ID must be equal to LS-ID */
1939 if (lsa->data->type == OSPF_ROUTER_LSA)
1940 if (!IPV4_ADDR_SAME(&lsa->data->id,
1941 &lsa->data->adv_router)) {
c067e23e
DS		 1942 flog_err(
1943 EC_OSPF_ROUTER_LSA_MISMATCH,
1944 "Incoming Router-LSA from %pI4 with Adv-ID[%pI4] != LS-ID[%pI4]",
1945 &ospfh->router_id, &lsa->data->id,
1946 &lsa->data->adv_router);
af4c2728 1947 flog_err(
cf444bcf 1948 EC_OSPF_DOMAIN_CORRUPT,
3efd0893 1949 "OSPF domain compromised by attack or corruption. Verify correct operation of -ALL- OSPF routers.");
d62a17ae 1950 DISCARD_LSA(lsa, 0);
1951 }
1952
1953 /* Find the LSA in the current database. */
1954
1955 current = ospf_lsa_lookup_by_header(oi->area, lsa->data);
1956
1957 /* (4) If the LSA's LS age is equal to MaxAge, and there is
1958 currently
1959 no instance of the LSA in the router's link state database,
1960 and none of router's neighbors are in states Exchange or
1961 Loading,
1962 then take the following actions: */
1963
1964 if (IS_LSA_MAXAGE(lsa) && !current
1965 && ospf_check_nbr_status(oi->ospf)) {
1966 /* (4a) Response Link State Acknowledgment. */
1967 ospf_ls_ack_send(nbr, lsa);
1968
1969 /* (4b) Discard LSA. */
1970 if (IS_DEBUG_OSPF(lsa, LSA)) {
1971 zlog_debug(
1972 "Link State Update[%s]: LS age is equal to MaxAge.",
1973 dump_lsa_key(lsa));
1974 }
1975 DISCARD_LSA(lsa, 3);
1976 }
1977
1978 if (IS_OPAQUE_LSA(lsa->data->type)
1979 && IPV4_ADDR_SAME(&lsa->data->adv_router,
1980 &oi->ospf->router_id)) {
1981 /*
1982 * Even if initial flushing seems to be completed, there
1983 * might
1984 * be a case that self-originated LSA with MaxAge still
1985 * remain
1986 * in the routing domain.
1987 * Just send an LSAck message to cease retransmission.
1988 */
1989 if (IS_LSA_MAXAGE(lsa)) {
c9cc11f6 1990 zlog_info("LSA[%s]: Boomerang effect?",
d62a17ae 1991 dump_lsa_key(lsa));
1992 ospf_ls_ack_send(nbr, lsa);
1993 ospf_lsa_discard(lsa);
1994
1995 if (current != NULL && !IS_LSA_MAXAGE(current))
1996 ospf_opaque_lsa_refresh_schedule(
1997 current);
1998 continue;
1999 }
2000
2001 /*
2002 * If an instance of self-originated Opaque-LSA is not
2003 * found
2004 * in the LSDB, there are some possible cases here.
2005 *
2006 * 1) This node lost opaque-capability after restart.
2007 * 2) Else, a part of opaque-type is no more supported.
2008 * 3) Else, a part of opaque-id is no more supported.
2009 *
2010 * Anyway, it is still this node's responsibility to
2011 * flush it.
2012 * Otherwise, the LSA instance remains in the routing
2013 * domain
2014 * until its age reaches to MaxAge.
2015 */
2016 /* XXX: We should deal with this for *ALL* LSAs, not
2017 * just opaque */
2018 if (current == NULL) {
2019 if (IS_DEBUG_OSPF_EVENT)
2020 zlog_debug(
3efd0893 2021 "LSA[%s]: Previously originated Opaque-LSA,not found in the LSDB.",
d62a17ae 2022 dump_lsa_key(lsa));
2023
2024 SET_FLAG(lsa->flags, OSPF_LSA_SELF);
2025
d62a17ae 2026 ospf_ls_ack_send(nbr, lsa);
2027
10514170
RW		 2028 if (!ospf->gr_info.restart_in_progress) {
2029 ospf_opaque_self_originated_lsa_received(
2030 nbr, lsa);
2031 continue;
2032 }
d62a17ae 2033 }
2034 }
2035
2036 /* It might be happen that received LSA is self-originated
2037 * network LSA, but
2038 * router ID is changed. So, we should check if LSA is a
2039 * network-LSA whose
2040 * Link State ID is one of the router's own IP interface
2041 * addresses but whose
2042 * Advertising Router is not equal to the router's own Router ID
2043 * According to RFC 2328 12.4.2 and 13.4 this LSA should be
2044 * flushed.
2045 */
2046
2047 if (lsa->data->type == OSPF_NETWORK_LSA) {
2048 struct listnode *oinode, *oinnode;
2049 struct ospf_interface *out_if;
2050 int Flag = 0;
2051
2052 for (ALL_LIST_ELEMENTS(oi->ospf->oiflist, oinode,
2053 oinnode, out_if)) {
2054 if (out_if == NULL)
2055 break;
2056
2057 if ((IPV4_ADDR_SAME(&out_if->address->u.prefix4,
2058 &lsa->data->id))
2059 && (!(IPV4_ADDR_SAME(
2060 &oi->ospf->router_id,
2061 &lsa->data->adv_router)))) {
2062 if (out_if->network_lsa_self) {
2063 ospf_lsa_flush_area(
2064 lsa, out_if->area);
2065 if (IS_DEBUG_OSPF_EVENT)
2066 zlog_debug(
2067 "ospf_lsa_discard() in ospf_ls_upd() point 9: lsa %p Type-%d",
2068 (void *)lsa,
2069 (int)lsa->data
2070 ->type);
2071 ospf_lsa_discard(lsa);
2072 Flag = 1;
2073 }
2074 break;
2075 }
2076 }
2077 if (Flag)
2078 continue;
2079 }
2080
2081 /* (5) Find the instance of this LSA that is currently contained
2082 in the router's link state database. If there is no
2083 database copy, or the received LSA is more recent than
2084 the database copy the following steps must be performed.
2085 (The sub steps from RFC 2328 section 13 step (5) will be
2086 performed in
2087 ospf_flood() ) */
2088
2089 if (current == NULL
2090 || (ret = ospf_lsa_more_recent(current, lsa)) < 0) {
76c1efd7 2091 /* CVE-2017-3224 */
44d1115a 2092 if (current && (IS_LSA_MAX_SEQ(current))
3cb62bb3 2093 && (IS_LSA_MAX_SEQ(lsa)) && !IS_LSA_MAXAGE(lsa)) {
76c1efd7 2094 zlog_debug(
44d1115a 2095 "Link State Update[%s]: has Max Seq and higher checksum but not MaxAge. Dropping it",
76c1efd7
CS		 2096 dump_lsa_key(lsa));
2097
2098 DISCARD_LSA(lsa, 4);
76c1efd7
CS		 2099 }
2100
d62a17ae 2101 /* Actual flooding procedure. */
2102 if (ospf_flood(oi->ospf, nbr, current, lsa)
2103 < 0) /* Trap NSSA later. */
76c1efd7 2104 DISCARD_LSA(lsa, 5);
d62a17ae 2105 continue;
2106 }
2107
2108 /* (6) Else, If there is an instance of the LSA on the sending
2109 neighbor's Link state request list, an error has occurred in
2110 the Database Exchange process. In this case, restart the
2111 Database Exchange process by generating the neighbor event
2112 BadLSReq for the sending neighbor and stop processing the
2113 Link State Update packet. */
2114
2115 if (ospf_ls_request_lookup(nbr, lsa)) {
2116 OSPF_NSM_EVENT_SCHEDULE(nbr, NSM_BadLSReq);
c9cc11f6 2117 flog_warn(
cf444bcf 2118 EC_OSPF_PACKET,
d62a17ae 2119 "LSA[%s] instance exists on Link state request list",
2120 dump_lsa_key(lsa));
2121
2122 /* Clean list of LSAs. */
2123 ospf_upd_list_clean(lsas);
2124 /* this lsa is not on lsas list already. */
2125 ospf_lsa_discard(lsa);
2126 return;
2127 }
2128
2129 /* If the received LSA is the same instance as the database copy
2130 (i.e., neither one is more recent) the following two steps
2131 should be performed: */
2132
2133 if (ret == 0) {
2134 /* If the LSA is listed in the Link state retransmission
2135 list
2136 for the receiving adjacency, the router itself is
2137 expecting
2138 an acknowledgment for this LSA. The router should
2139 treat the
2140 received LSA as an acknowledgment by removing the LSA
2141 from
2142 the Link state retransmission list. This is termed
2143 an
2144 "implied acknowledgment". */
2145
2146 ls_ret = ospf_ls_retransmit_lookup(nbr, lsa);
2147
2148 if (ls_ret != NULL) {
2149 ospf_ls_retransmit_delete(nbr, ls_ret);
2150
2151 /* Delayed acknowledgment sent if advertisement
2152 received
2153 from Designated Router, otherwise do nothing.
2154 */
2155 if (oi->state == ISM_Backup)
2156 if (NBR_IS_DR(nbr))
2157 listnode_add(
2158 oi->ls_ack,
2159 ospf_lsa_lock(lsa));
2160
76c1efd7 2161 DISCARD_LSA(lsa, 6);
d62a17ae 2162 } else
2163 /* Acknowledge the receipt of the LSA by sending a
2164 Link State Acknowledgment packet back out the
2165 receiving
2166 interface. */
2167 {
2168 ospf_ls_ack_send(nbr, lsa);
76c1efd7 2169 DISCARD_LSA(lsa, 7);
d62a17ae 2170 }
2171 }
2172
2173 /* The database copy is more recent. If the database copy
2174 has LS age equal to MaxAge and LS sequence number equal to
2175 MaxSequenceNumber, simply discard the received LSA without
2176 acknowledging it. (In this case, the LSA's LS sequence number
2177 is
2178 wrapping, and the MaxSequenceNumber LSA must be completely
2179 flushed before any new LSA instance can be introduced). */
2180
2181 else if (ret > 0) /* Database copy is more recent */
2182 {
2183 if (IS_LSA_MAXAGE(current)
2184 && current->data->ls_seqnum
2185 == htonl(OSPF_MAX_SEQUENCE_NUMBER)) {
76c1efd7 2186 DISCARD_LSA(lsa, 8);
d62a17ae 2187 }
2188 /* Otherwise, as long as the database copy has not been
2189 sent in a
2190 Link State Update within the last MinLSArrival
2191 seconds, send the
2192 database copy back to the sending neighbor,
2193 encapsulated within
2194 a Link State Update Packet. The Link State Update
2195 Packet should
2196 be sent directly to the neighbor. In so doing, do not
2197 put the
2198 database copy of the LSA on the neighbor's link state
2199 retransmission list, and do not acknowledge the
2200 received (less
2201 recent) LSA instance. */
2202 else {
2203 if (monotime_since(&current->tv_orig, NULL)
2204 >= ospf->min_ls_arrival * 1000LL)
2205 /* Trap NSSA type later.*/
2206 ospf_ls_upd_send_lsa(
2207 nbr, current,
2208 OSPF_SEND_PACKET_DIRECT);
76c1efd7 2209 DISCARD_LSA(lsa, 9);
d62a17ae 2210 }
2211 }
2212 }
2cd754de
PJ		 2213#undef DISCARD_LSA
2214
d62a17ae 2215 assert(listcount(lsas) == 0);
6a154c88 2216 list_delete(&lsas);
10514170
RW		 2217
2218 if (ospf->gr_info.restart_in_progress)
2219 ospf_gr_check_lsdb_consistency(oi->ospf, oi->area);
718e3744 2220}
2221
2222/* OSPF Link State Acknowledgment message read -- RFC2328 Section 13.7. */
d62a17ae 2223static void ospf_ls_ack(struct ip *iph, struct ospf_header *ospfh,
2224 struct stream *s, struct ospf_interface *oi,
d7c0a89a 2225 uint16_t size)
d62a17ae 2226{
2227 struct ospf_neighbor *nbr;
2228
2229 /* increment statistics. */
2230 oi->ls_ack_in++;
2231
2232 nbr = ospf_nbr_lookup(oi, iph, ospfh);
2233 if (nbr == NULL) {
cf444bcf 2234 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2235 "Link State Acknowledgment: Unknown Neighbor %pI4",
2236 &ospfh->router_id);
d62a17ae 2237 return;
2238 }
2239
d62a17ae 2240 if (nbr->state < NSM_Exchange) {
2241 if (IS_DEBUG_OSPF(nsm, NSM_EVENTS))
2242 zlog_debug(
96b663a3
MS		 2243 "Link State Acknowledgment: Neighbor[%pI4] state %s is less than Exchange",
2244 &ospfh->router_id,
d62a17ae 2245 lookup_msg(ospf_nsm_state_msg, nbr->state,
2246 NULL));
2247 return;
2248 }
2249
2250 while (size >= OSPF_LSA_HEADER_SIZE) {
2251 struct ospf_lsa *lsa, *lsr;
2252
2253 lsa = ospf_lsa_new();
2d34fb80 2254 lsa->data = (struct lsa_header *)stream_pnt(s);
b5a8894d 2255 lsa->vrf_id = oi->ospf->vrf_id;
d62a17ae 2256
2d34fb80 2257 /* lsah = (struct lsa_header *) stream_pnt (s); */
d62a17ae 2258 size -= OSPF_LSA_HEADER_SIZE;
2259 stream_forward_getp(s, OSPF_LSA_HEADER_SIZE);
2260
2261 if (lsa->data->type < OSPF_MIN_LSA
2262 || lsa->data->type >= OSPF_MAX_LSA) {
2263 lsa->data = NULL;
2264 ospf_lsa_discard(lsa);
2265 continue;
2266 }
2267
2268 lsr = ospf_ls_retransmit_lookup(nbr, lsa);
2269
3cb62bb3 2270 if (lsr != NULL && ospf_lsa_more_recent(lsr, lsa) == 0) {
d62a17ae 2271 ospf_ls_retransmit_delete(nbr, lsr);
3cb62bb3
MR		 2272 ospf_check_and_gen_init_seq_lsa(oi, lsa);
2273 }
d62a17ae 2274
2275 lsa->data = NULL;
2276 ospf_lsa_discard(lsa);
2277 }
2278
2279 return;
2280}
2281
b5a8894d
CS		 2282static struct stream *ospf_recv_packet(struct ospf *ospf, int fd,
2283 struct interface **ifp,
d62a17ae 2284 struct stream *ibuf)
2285{
2286 int ret;
2287 struct ip *iph;
d7c0a89a 2288 uint16_t ip_len;
d62a17ae 2289 ifindex_t ifindex = 0;
2290 struct iovec iov;
2291 /* Header and data both require alignment. */
2292 char buff[CMSG_SPACE(SOPT_SIZE_CMSG_IFINDEX_IPV4())];
2293 struct msghdr msgh;
2294
6006b807 2295 memset(&msgh, 0, sizeof(msgh));
d62a17ae 2296 msgh.msg_iov = &iov;
2297 msgh.msg_iovlen = 1;
2298 msgh.msg_control = (caddr_t)buff;
2299 msgh.msg_controllen = sizeof(buff);
2300
4392cc43
DS		 2301 ret = stream_recvmsg(ibuf, fd, &msgh, MSG_DONTWAIT,
2302 OSPF_MAX_PACKET_SIZE + 1);
d62a17ae 2303 if (ret < 0) {
4392cc43
DS		 2304 if (errno != EAGAIN && errno != EWOULDBLOCK)
2305 flog_warn(EC_OSPF_PACKET, "stream_recvmsg failed: %s",
2306 safe_strerror(errno));
d62a17ae 2307 return NULL;
2308 }
e947b307 2309 if ((unsigned int)ret < sizeof(struct ip)) {
c9cc11f6 2310 flog_warn(
cf444bcf 2311 EC_OSPF_PACKET,
ea892800 2312 "%s: discarding runt packet of length %d (ip header size is %u)",
2313 __func__, ret, (unsigned int)sizeof(iph));
d62a17ae 2314 return NULL;
2315 }
2316
2317 /* Note that there should not be alignment problems with this assignment
2318 because this is at the beginning of the stream data buffer. */
2319 iph = (struct ip *)STREAM_DATA(ibuf);
2320 sockopt_iphdrincl_swab_systoh(iph);
2321
2322 ip_len = iph->ip_len;
2323
bdee8083 2324#if defined(__FreeBSD__) && (__FreeBSD_version < 1000000)
d62a17ae 2325 /*
2326 * Kernel network code touches incoming IP header parameters,
2327 * before protocol specific processing.
2328 *
2329 * 1) Convert byteorder to host representation.
2330 * --> ip_len, ip_id, ip_off
2331 *
2332 * 2) Adjust ip_len to strip IP header size!
2333 * --> If user process receives entire IP packet via RAW
2334 * socket, it must consider adding IP header size to
2335 * the "ip_len" field of "ip" structure.
2336 *
2337 * For more details, see <netinet/ip_input.c>.
2338 */
2339 ip_len = ip_len + (iph->ip_hl << 2);
718e3744 2340#endif
d62a17ae 2341
0150c9c9 2342#if defined(__DragonFly__)
d62a17ae 2343 /*
2344 * in DragonFly's raw socket, ip_len/ip_off are read
2345 * in network byte order.
2346 * As OpenBSD < 200311 adjust ip_len to strip IP header size!
2347 */
2348 ip_len = ntohs(iph->ip_len) + (iph->ip_hl << 2);
0150c9c9
DB		 2349#endif
2350
d62a17ae 2351 ifindex = getsockopt_ifindex(AF_INET, &msgh);
2352
b5a8894d 2353 *ifp = if_lookup_by_index(ifindex, ospf->vrf_id);
d62a17ae 2354
2355 if (ret != ip_len) {
c9cc11f6 2356 flog_warn(
cf444bcf 2357 EC_OSPF_PACKET,
ea892800 2358 "%s read length mismatch: ip_len is %d, but recvmsg returned %d",
2359 __func__, ip_len, ret);
d62a17ae 2360 return NULL;
2361 }
718e3744 2362
868a0861 2363 if (IS_DEBUG_OSPF_PACKET(0, RECV))
15569c58
DA		 2364 zlog_debug("%s: fd %d(%s) on interface %d(%s)", __func__, fd,
2365 ospf_get_name(ospf), ifindex,
2366 *ifp ? (*ifp)->name : "Unknown");
d62a17ae 2367 return ibuf;
718e3744 2368}
2369
4dadc291 2370static struct ospf_interface *
d62a17ae 2371ospf_associate_packet_vl(struct ospf *ospf, struct interface *ifp,
2372 struct ip *iph, struct ospf_header *ospfh)
2373{
2374 struct ospf_interface *rcv_oi;
2375 struct ospf_vl_data *vl_data;
2376 struct ospf_area *vl_area;
2377 struct listnode *node;
2378
2379 if (IN_MULTICAST(ntohl(iph->ip_dst.s_addr))
2380 || !OSPF_IS_AREA_BACKBONE(ospfh))
2381 return NULL;
2382
2383 /* look for local OSPF interface matching the destination
2384 * to determine Area ID. We presume therefore the destination address
2385 * is unique, or at least (for "unnumbered" links), not used in other
2386 * areas
2387 */
2388 if ((rcv_oi = ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_dst))
2389 == NULL)
2390 return NULL;
2391
2392 for (ALL_LIST_ELEMENTS_RO(ospf->vlinks, node, vl_data)) {
2393 vl_area =
2394 ospf_area_lookup_by_area_id(ospf, vl_data->vl_area_id);
2395 if (!vl_area)
2396 continue;
2397
2398 if (OSPF_AREA_SAME(&vl_area, &rcv_oi->area)
2399 && IPV4_ADDR_SAME(&vl_data->vl_peer, &ospfh->router_id)) {
2400 if (IS_DEBUG_OSPF_EVENT)
2401 zlog_debug("associating packet with %s",
2402 IF_NAME(vl_data->vl_oi));
2403 if (!CHECK_FLAG(vl_data->vl_oi->ifp->flags, IFF_UP)) {
2404 if (IS_DEBUG_OSPF_EVENT)
2405 zlog_debug(
2406 "This VL is not up yet, sorry");
2407 return NULL;
2408 }
2409
2410 return vl_data->vl_oi;
2411 }
718e3744 2412 }
718e3744 2413
d62a17ae 2414 if (IS_DEBUG_OSPF_EVENT)
2415 zlog_debug("couldn't find any VL to associate the packet with");
2416
2417 return NULL;
718e3744 2418}
2419
d62a17ae 2420static int ospf_check_area_id(struct ospf_interface *oi,
2421 struct ospf_header *ospfh)
718e3744 2422{
d62a17ae 2423 /* Check match the Area ID of the receiving interface. */
2424 if (OSPF_AREA_SAME(&oi->area, &ospfh))
2425 return 1;
718e3744 2426
d62a17ae 2427 return 0;
718e3744 2428}
2429
2430/* Unbound socket will accept any Raw IP packets if proto is matched.
2431 To prevent it, compare src IP address and i/f address with masking
2432 i/f network mask. */
d62a17ae 2433static int ospf_check_network_mask(struct ospf_interface *oi,
2434 struct in_addr ip_src)
718e3744 2435{
d62a17ae 2436 struct in_addr mask, me, him;
718e3744 2437
d62a17ae 2438 if (oi->type == OSPF_IFTYPE_POINTOPOINT
2439 || oi->type == OSPF_IFTYPE_VIRTUALLINK)
2440 return 1;
718e3744 2441
0c5506a8
AL		 2442 /* Ignore mask check for max prefix length (32) */
2443 if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT
2444 && oi->address->prefixlen == IPV4_MAX_BITLEN)
2445 return 1;
2446
d62a17ae 2447 masklen2ip(oi->address->prefixlen, &mask);
718e3744 2448
d62a17ae 2449 me.s_addr = oi->address->u.prefix4.s_addr & mask.s_addr;
2450 him.s_addr = ip_src.s_addr & mask.s_addr;
718e3744 2451
d62a17ae 2452 if (IPV4_ADDR_SAME(&me, &him))
2453 return 1;
718e3744 2454
d62a17ae 2455 return 0;
718e3744 2456}
2457
bd5651f0
DO		 2458/* Return 1, if the packet is properly authenticated and checksummed,
2459 0 otherwise. In particular, check that AuType header field is valid and
2460 matches the locally configured AuType, and that D.5 requirements are met. */
d62a17ae 2461static int ospf_check_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
2462{
2463 struct crypt_key *ck;
d7c0a89a
QY		 2464 uint16_t iface_auth_type;
2465 uint16_t pkt_auth_type = ntohs(ospfh->auth_type);
d62a17ae 2466
2467 switch (pkt_auth_type) {
2468 case OSPF_AUTH_NULL: /* RFC2328 D.5.1 */
2469 if (OSPF_AUTH_NULL != (iface_auth_type = ospf_auth_type(oi))) {
2470 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2471 flog_warn(
cf444bcf 2472 EC_OSPF_PACKET,
d62a17ae 2473 "interface %s: auth-type mismatch, local %s, rcvd Null",
2474 IF_NAME(oi),
2475 lookup_msg(ospf_auth_type_str,
2476 iface_auth_type, NULL));
2477 return 0;
2478 }
2479 if (!ospf_check_sum(ospfh)) {
2480 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2481 flog_warn(
cf444bcf 2482 EC_OSPF_PACKET,
96b663a3 2483 "interface %s: Null auth OK, but checksum error, Router-ID %pI4",
d62a17ae 2484 IF_NAME(oi),
96b663a3 2485 &ospfh->router_id);
d62a17ae 2486 return 0;
2487 }
2488 return 1;
2489 case OSPF_AUTH_SIMPLE: /* RFC2328 D.5.2 */
2490 if (OSPF_AUTH_SIMPLE
2491 != (iface_auth_type = ospf_auth_type(oi))) {
2492 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2493 flog_warn(
cf444bcf 2494 EC_OSPF_PACKET,
d62a17ae 2495 "interface %s: auth-type mismatch, local %s, rcvd Simple",
2496 IF_NAME(oi),
2497 lookup_msg(ospf_auth_type_str,
2498 iface_auth_type, NULL));
2499 return 0;
2500 }
2501 if (memcmp(OSPF_IF_PARAM(oi, auth_simple), ospfh->u.auth_data,
2502 OSPF_AUTH_SIMPLE_SIZE)) {
2503 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2504 flog_warn(EC_OSPF_PACKET,
c9cc11f6 2505 "interface %s: Simple auth failed",
d62a17ae 2506 IF_NAME(oi));
2507 return 0;
2508 }
2509 if (!ospf_check_sum(ospfh)) {
2510 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2511 flog_warn(
cf444bcf 2512 EC_OSPF_PACKET,
96b663a3 2513 "interface %s: Simple auth OK, checksum error, Router-ID %pI4",
d62a17ae 2514 IF_NAME(oi),
96b663a3 2515 &ospfh->router_id);
d62a17ae 2516 return 0;
2517 }
2518 return 1;
2519 case OSPF_AUTH_CRYPTOGRAPHIC: /* RFC2328 D.5.3 */
2520 if (OSPF_AUTH_CRYPTOGRAPHIC
2521 != (iface_auth_type = ospf_auth_type(oi))) {
2522 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2523 flog_warn(
cf444bcf 2524 EC_OSPF_PACKET,
d62a17ae 2525 "interface %s: auth-type mismatch, local %s, rcvd Cryptographic",
2526 IF_NAME(oi),
2527 lookup_msg(ospf_auth_type_str,
2528 iface_auth_type, NULL));
2529 return 0;
2530 }
2531 if (ospfh->checksum) {
2532 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2533 flog_warn(
cf444bcf 2534 EC_OSPF_PACKET,
d62a17ae 2535 "interface %s: OSPF header checksum is not 0",
2536 IF_NAME(oi));
2537 return 0;
2538 }
2539 /* only MD5 crypto method can pass ospf_packet_examin() */
996c9314
LB		 2540 if (NULL == (ck = listgetdata(
2541 listtail(OSPF_IF_PARAM(oi, auth_crypt))))
2542 || ospfh->u.crypt.key_id != ck->key_id ||
2543 /* Condition above uses the last key ID on the list,
2544 which is
2545 different from what ospf_crypt_key_lookup() does. A
2546 bug? */
2547 !ospf_check_md5_digest(oi, ospfh)) {
d62a17ae 2548 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
cf444bcf 2549 flog_warn(EC_OSPF_MD5,
c9cc11f6 2550 "interface %s: MD5 auth failed",
d62a17ae 2551 IF_NAME(oi));
2552 return 0;
2553 }
2554 return 1;
2555 default:
2556 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV))
c9cc11f6 2557 flog_warn(
cf444bcf 2558 EC_OSPF_PACKET,
d62a17ae 2559 "interface %s: invalid packet auth-type (%02x)",
2560 IF_NAME(oi), pkt_auth_type);
2561 return 0;
2562 }
2563}
2564
2565static int ospf_check_sum(struct ospf_header *ospfh)
2566{
d7c0a89a
QY		 2567 uint32_t ret;
2568 uint16_t sum;
d62a17ae 2569
2570 /* clear auth_data for checksum. */
2571 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
2572
2573 /* keep checksum and clear. */
2574 sum = ospfh->checksum;
d7c0a89a 2575 memset(&ospfh->checksum, 0, sizeof(uint16_t));
d62a17ae 2576
2577 /* calculate checksum. */
2578 ret = in_cksum(ospfh, ntohs(ospfh->length));
2579
2580 if (ret != sum) {
ea892800 2581 zlog_info("%s: checksum mismatch, my %X, his %X", __func__, ret,
2582 sum);
d62a17ae 2583 return 0;
2584 }
2585
2586 return 1;
718e3744 2587}
2588
4e31de79
DO		 2589/* Verify, that given link/TOS records are properly sized/aligned and match
2590 Router-LSA "# links" and "# TOS" fields as specified in RFC2328 A.4.2. */
d62a17ae 2591static unsigned ospf_router_lsa_links_examin(struct router_lsa_link *link,
d7c0a89a
QY		 2592 uint16_t linkbytes,
2593 const uint16_t num_links)
d62a17ae 2594{
2595 unsigned counted_links = 0, thislinklen;
2596
04d6a0f8 2597 while (linkbytes >= OSPF_ROUTER_LSA_LINK_SIZE) {
d62a17ae 2598 thislinklen =
2599 OSPF_ROUTER_LSA_LINK_SIZE + 4 * link->m[0].tos_count;
2600 if (thislinklen > linkbytes) {
2601 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2602 zlog_debug("%s: length error in link block #%u",
2603 __func__, counted_links);
2604 return MSG_NG;
2605 }
2606 link = (struct router_lsa_link *)((caddr_t)link + thislinklen);
2607 linkbytes -= thislinklen;
2608 counted_links++;
2609 }
2610 if (counted_links != num_links) {
2611 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2612 zlog_debug("%s: %u link blocks declared, %u present",
2613 __func__, num_links, counted_links);
2614 return MSG_NG;
2615 }
2616 return MSG_OK;
4e31de79
DO		 2617}
2618
2619/* Verify, that the given LSA is properly sized/aligned (including type-specific
2620 minimum length constraint). */
d7c0a89a
QY		 2621static unsigned ospf_lsa_examin(struct lsa_header *lsah, const uint16_t lsalen,
2622 const uint8_t headeronly)
d62a17ae 2623{
2624 unsigned ret;
2625 struct router_lsa *rlsa;
2626 if (lsah->type < OSPF_MAX_LSA && ospf_lsa_minlen[lsah->type]
2627 && lsalen < OSPF_LSA_HEADER_SIZE + ospf_lsa_minlen[lsah->type]) {
2628 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2629 zlog_debug("%s: undersized (%u B) %s", __func__, lsalen,
2630 lookup_msg(ospf_lsa_type_msg, lsah->type,
2631 NULL));
2632 return MSG_NG;
2633 }
2634 switch (lsah->type) {
04d6a0f8
QY		 2635 case OSPF_ROUTER_LSA: {
2636 /*
2637 * RFC2328 A.4.2, LSA header + 4 bytes followed by N>=0
2638 * (12+)-byte link blocks
2639 */
2640 size_t linkbytes_len = lsalen - OSPF_LSA_HEADER_SIZE
2641 - OSPF_ROUTER_LSA_MIN_SIZE;
2642
2643 /*
2644 * LSA link blocks are variable length but always multiples of
2645 * 4; basic sanity check
2646 */
2647 if (linkbytes_len % 4 != 0)
2648 return MSG_NG;
2649
2650 if (headeronly)
2651 return MSG_OK;
2652
d62a17ae 2653 rlsa = (struct router_lsa *)lsah;
04d6a0f8 2654
d62a17ae 2655 ret = ospf_router_lsa_links_examin(
2656 (struct router_lsa_link *)rlsa->link,
04d6a0f8
QY		 2657 linkbytes_len,
2658 ntohs(rlsa->links));
d62a17ae 2659 break;
04d6a0f8 2660 }
d62a17ae 2661 case OSPF_AS_EXTERNAL_LSA:
2662 /* RFC2328 A.4.5, LSA header + 4 bytes followed by N>=1 12-bytes long
2663 * blocks */
2664 case OSPF_AS_NSSA_LSA:
2665 /* RFC3101 C, idem */
2666 ret = (lsalen - OSPF_LSA_HEADER_SIZE
2667 - OSPF_AS_EXTERNAL_LSA_MIN_SIZE)
2668 % 12
2669 ? MSG_NG
2670 : MSG_OK;
2671 break;
2672 /* Following LSA types are considered OK length-wise as soon as their
2673 * minimum
2674 * length constraint is met and length of the whole LSA is a multiple of
2675 * 4
2676 * (basic LSA header size is already a multiple of 4). */
2677 case OSPF_NETWORK_LSA:
2678 /* RFC2328 A.4.3, LSA header + 4 bytes followed by N>=1 router-IDs */
2679 case OSPF_SUMMARY_LSA:
2680 case OSPF_ASBR_SUMMARY_LSA:
2681 /* RFC2328 A.4.4, LSA header + 4 bytes followed by N>=1 4-bytes TOS
2682 * blocks */
2683 case OSPF_OPAQUE_LINK_LSA:
2684 case OSPF_OPAQUE_AREA_LSA:
2685 case OSPF_OPAQUE_AS_LSA:
2686 /* RFC5250 A.2, "some number of octets (of application-specific
2687 * data) padded to 32-bit alignment." This is considered
2688 * equivalent
2689 * to 4-byte alignment of all other LSA types, see
2690 * OSPF-ALIGNMENT.txt
2691 * file for the detailed analysis of this passage. */
2692 ret = lsalen % 4 ? MSG_NG : MSG_OK;
2693 break;
2694 default:
2695 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2696 zlog_debug("%s: unsupported LSA type 0x%02x", __func__,
2697 lsah->type);
2698 return MSG_NG;
2699 }
2700 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2701 zlog_debug("%s: alignment error in %s", __func__,
2702 lookup_msg(ospf_lsa_type_msg, lsah->type, NULL));
2703 return ret;
4e31de79
DO		 2704}
2705
2706/* Verify if the provided input buffer is a valid sequence of LSAs. This
2707 includes verification of LSA blocks length/alignment and dispatching
2708 of deeper-level checks. */
2709static unsigned
d62a17ae 2710ospf_lsaseq_examin(struct lsa_header *lsah, /* start of buffered data */
d7c0a89a 2711 size_t length, const uint8_t headeronly,
d62a17ae 2712 /* When declared_num_lsas is not 0, compare it to the real
2713 number of LSAs
2714 and treat the difference as an error. */
d7c0a89a 2715 const uint32_t declared_num_lsas)
d62a17ae 2716{
d7c0a89a 2717 uint32_t counted_lsas = 0;
d62a17ae 2718
2719 while (length) {
d7c0a89a 2720 uint16_t lsalen;
d62a17ae 2721 if (length < OSPF_LSA_HEADER_SIZE) {
2722 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2723 zlog_debug(
2724 "%s: undersized (%zu B) trailing (#%u) LSA header",
2725 __func__, length, counted_lsas);
2726 return MSG_NG;
2727 }
2728 /* save on ntohs() calls here and in the LSA validator */
2729 lsalen = ntohs(lsah->length);
2730 if (lsalen < OSPF_LSA_HEADER_SIZE) {
2731 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2732 zlog_debug(
2733 "%s: malformed LSA header #%u, declared length is %u B",
2734 __func__, counted_lsas, lsalen);
2735 return MSG_NG;
2736 }
2737 if (headeronly) {
2738 /* less checks here and in ospf_lsa_examin() */
2739 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 1)) {
2740 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2741 zlog_debug(
2742 "%s: malformed header-only LSA #%u",
2743 __func__, counted_lsas);
2744 return MSG_NG;
2745 }
2746 lsah = (struct lsa_header *)((caddr_t)lsah
2747 + OSPF_LSA_HEADER_SIZE);
2748 length -= OSPF_LSA_HEADER_SIZE;
2749 } else {
2750 /* make sure the input buffer is deep enough before
2751 * further checks */
2752 if (lsalen > length) {
2753 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2754 zlog_debug(
2755 "%s: anomaly in LSA #%u: declared length is %u B, buffered length is %zu B",
2756 __func__, counted_lsas, lsalen,
2757 length);
2758 return MSG_NG;
2759 }
2760 if (MSG_OK != ospf_lsa_examin(lsah, lsalen, 0)) {
2761 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2762 zlog_debug("%s: malformed LSA #%u",
2763 __func__, counted_lsas);
2764 return MSG_NG;
2765 }
2766 lsah = (struct lsa_header *)((caddr_t)lsah + lsalen);
2767 length -= lsalen;
2768 }
2769 counted_lsas++;
2770 }
2771
2772 if (declared_num_lsas && counted_lsas != declared_num_lsas) {
2773 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2774 zlog_debug(
2775 "%s: #LSAs declared (%u) does not match actual (%u)",
2776 __func__, declared_num_lsas, counted_lsas);
2777 return MSG_NG;
2778 }
2779 return MSG_OK;
4e31de79
DO		 2780}
2781
75c8eabb 2782/* Verify a complete OSPF packet for proper sizing/alignment. */
d62a17ae 2783static unsigned ospf_packet_examin(struct ospf_header *oh,
2784 const unsigned bytesonwire)
2785{
d7c0a89a 2786 uint16_t bytesdeclared, bytesauth;
d62a17ae 2787 unsigned ret;
2788 struct ospf_ls_update *lsupd;
2789
2790 /* Length, 1st approximation. */
2791 if (bytesonwire < OSPF_HEADER_SIZE) {
2792 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2793 zlog_debug("%s: undersized (%u B) packet", __func__,
2794 bytesonwire);
2795 return MSG_NG;
2796 }
2797 /* Now it is safe to access header fields. Performing length check,
2798 * allow
2799 * for possible extra bytes of crypto auth/padding, which are not
2800 * counted
2801 * in the OSPF header "length" field. */
2802 if (oh->version != OSPF_VERSION) {
2803 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2804 zlog_debug("%s: invalid (%u) protocol version",
2805 __func__, oh->version);
2806 return MSG_NG;
2807 }
2808 bytesdeclared = ntohs(oh->length);
2809 if (ntohs(oh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
2810 bytesauth = 0;
2811 else {
2812 if (oh->u.crypt.auth_data_len != OSPF_AUTH_MD5_SIZE) {
2813 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2814 zlog_debug(
2815 "%s: unsupported crypto auth length (%u B)",
2816 __func__, oh->u.crypt.auth_data_len);
2817 return MSG_NG;
2818 }
2819 bytesauth = OSPF_AUTH_MD5_SIZE;
2820 }
2821 if (bytesdeclared + bytesauth > bytesonwire) {
2822 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2823 zlog_debug(
2824 "%s: packet length error (%u real, %u+%u declared)",
2825 __func__, bytesonwire, bytesdeclared,
2826 bytesauth);
2827 return MSG_NG;
2828 }
2829 /* Length, 2nd approximation. The type-specific constraint is checked
2830 against declared length, not amount of bytes on wire. */
2831 if (oh->type >= OSPF_MSG_HELLO && oh->type <= OSPF_MSG_LS_ACK
2832 && bytesdeclared
2833 < OSPF_HEADER_SIZE + ospf_packet_minlen[oh->type]) {
2834 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2835 zlog_debug("%s: undersized (%u B) %s packet", __func__,
2836 bytesdeclared,
2837 lookup_msg(ospf_packet_type_str, oh->type,
2838 NULL));
2839 return MSG_NG;
2840 }
2841 switch (oh->type) {
2842 case OSPF_MSG_HELLO:
2843 /* RFC2328 A.3.2, packet header + OSPF_HELLO_MIN_SIZE bytes
2844 followed
2845 by N>=0 router-IDs. */
2846 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_HELLO_MIN_SIZE)
2847 % 4
2848 ? MSG_NG
2849 : MSG_OK;
2850 break;
2851 case OSPF_MSG_DB_DESC:
2852 /* RFC2328 A.3.3, packet header + OSPF_DB_DESC_MIN_SIZE bytes
2853 followed
2854 by N>=0 header-only LSAs. */
2855 ret = ospf_lsaseq_examin(
2856 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2857 + OSPF_DB_DESC_MIN_SIZE),
2858 bytesdeclared - OSPF_HEADER_SIZE
2859 - OSPF_DB_DESC_MIN_SIZE,
2860 1, /* header-only LSAs */
2861 0);
2862 break;
2863 case OSPF_MSG_LS_REQ:
2864 /* RFC2328 A.3.4, packet header followed by N>=0 12-bytes
2865 * request blocks. */
2866 ret = (bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_REQ_MIN_SIZE)
2867 % OSPF_LSA_KEY_SIZE
2868 ? MSG_NG
2869 : MSG_OK;
2870 break;
2871 case OSPF_MSG_LS_UPD:
2872 /* RFC2328 A.3.5, packet header + OSPF_LS_UPD_MIN_SIZE bytes
2873 followed
2874 by N>=0 full LSAs (with N declared beforehand). */
2875 lsupd = (struct ospf_ls_update *)((caddr_t)oh
2876 + OSPF_HEADER_SIZE);
2877 ret = ospf_lsaseq_examin(
2878 (struct lsa_header *)((caddr_t)lsupd
2879 + OSPF_LS_UPD_MIN_SIZE),
2880 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_UPD_MIN_SIZE,
2881 0, /* full LSAs */
2882 ntohl(lsupd->num_lsas) /* 32 bits */
9d303b37 2883 );
d62a17ae 2884 break;
2885 case OSPF_MSG_LS_ACK:
2886 /* RFC2328 A.3.6, packet header followed by N>=0 header-only
2887 * LSAs. */
2888 ret = ospf_lsaseq_examin(
2889 (struct lsa_header *)((caddr_t)oh + OSPF_HEADER_SIZE
2890 + OSPF_LS_ACK_MIN_SIZE),
2891 bytesdeclared - OSPF_HEADER_SIZE - OSPF_LS_ACK_MIN_SIZE,
2892 1, /* header-only LSAs */
2893 0);
2894 break;
2895 default:
2896 if (IS_DEBUG_OSPF_PACKET(0, RECV))
2897 zlog_debug("%s: invalid packet type 0x%02x", __func__,
2898 oh->type);
2899 return MSG_NG;
2900 }
2901 if (ret != MSG_OK && IS_DEBUG_OSPF_PACKET(0, RECV))
2902 zlog_debug("%s: malformed %s packet", __func__,
2903 lookup_msg(ospf_packet_type_str, oh->type, NULL));
2904 return ret;
75c8eabb
DO		 2905}
2906
718e3744 2907/* OSPF Header verification. */
d62a17ae 2908static int ospf_verify_header(struct stream *ibuf, struct ospf_interface *oi,
2909 struct ip *iph, struct ospf_header *ospfh)
2910{
2911 /* Check Area ID. */
2912 if (!ospf_check_area_id(oi, ospfh)) {
cf444bcf 2913 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 2914 "interface %s: ospf_read invalid Area ID %pI4",
2915 IF_NAME(oi), &ospfh->area_id);
d62a17ae 2916 return -1;
2917 }
718e3744 2918
d62a17ae 2919 /* Check network mask, Silently discarded. */
2920 if (!ospf_check_network_mask(oi, iph->ip_src)) {
c9cc11f6 2921 flog_warn(
cf444bcf 2922 EC_OSPF_PACKET,
96b663a3
MS		 2923 "interface %s: ospf_read network address is not same [%pI4]",
2924 IF_NAME(oi), &iph->ip_src);
d62a17ae 2925 return -1;
2926 }
718e3744 2927
d62a17ae 2928 /* Check authentication. The function handles logging actions, where
2929 * required. */
2930 if (!ospf_check_auth(oi, ospfh))
2931 return -1;
718e3744 2932
d62a17ae 2933 return 0;
718e3744 2934}
2935
02637513
DS		 2936enum ospf_read_return_enum {
2937 OSPF_READ_ERROR,
2938 OSPF_READ_CONTINUE,
2939};
2940
2941static enum ospf_read_return_enum ospf_read_helper(struct ospf *ospf)
d62a17ae 2942{
2943 int ret;
2944 struct stream *ibuf;
d62a17ae 2945 struct ospf_interface *oi;
2946 struct ip *iph;
2947 struct ospf_header *ospfh;
d7c0a89a 2948 uint16_t length;
d62a17ae 2949 struct connected *c;
02637513 2950 struct interface *ifp = NULL;
d62a17ae 2951
02637513
DS		 2952 stream_reset(ospf->ibuf);
2953 ibuf = ospf_recv_packet(ospf, ospf->fd, &ifp, ospf->ibuf);
2954 if (ibuf == NULL)
2955 return OSPF_READ_ERROR;
d62a17ae 2956
02637513
DS		 2957 /*
2958 * This raw packet is known to be at least as big as its
2959 * IP header. Note that there should not be alignment problems with
2960 * this assignment because this is at the beginning of the
2961 * stream data buffer.
2962 */
2963 iph = (struct ip *)STREAM_DATA(ibuf);
2964 /*
2965 * Note that sockopt_iphdrincl_swab_systoh was called in
2966 * ospf_recv_packet.
2967 */
2968 if (ifp == NULL) {
4392cc43 2969 /*
02637513
DS		 2970 * Handle cases where the platform does not support
2971 * retrieving the ifindex, and also platforms (such as
2972 * Solaris 8) that claim to support ifindex retrieval but do
2973 * not.
4392cc43 2974 */
02637513
DS		 2975 c = if_lookup_address((void *)&iph->ip_src, AF_INET,
2976 ospf->vrf_id);
2977 if (c)
2978 ifp = c->ifp;
868a0861 2979 if (ifp == NULL) {
02637513 2980 if (IS_DEBUG_OSPF_PACKET(0, RECV))
4392cc43 2981 zlog_debug(
96b663a3
MS		 2982 "%s: Unable to determine incoming interface from: %pI4(%s)",
2983 __func__, &iph->ip_src,
02637513
DS		 2984 ospf_get_name(ospf));
2985 return OSPF_READ_CONTINUE;
d62a17ae 2986 }
02637513 2987 }
d62a17ae 2988
096f7609 2989 if (ospf->vrf_id == VRF_DEFAULT && ospf->vrf_id != ifp->vrf->vrf_id) {
555691e9
DS		 2990 /*
2991 * We may have a situation where l3mdev_accept == 1
2992 * let's just kindly drop the packet and move on.
2993 * ospf really really really does not like when
2994 * we receive the same packet multiple times.
2995 */
2996 return OSPF_READ_CONTINUE;
2997 }
2998
02637513
DS		 2999 /* Self-originated packet should be discarded silently. */
3000 if (ospf_if_lookup_by_local_addr(ospf, NULL, iph->ip_src)) {
3001 if (IS_DEBUG_OSPF_PACKET(0, RECV)) {
3002 zlog_debug(
96b663a3
MS		 3003 "ospf_read[%pI4]: Dropping self-originated packet",
3004 &iph->ip_src);
02637513
DS		 3005 }
3006 return OSPF_READ_CONTINUE;
3007 }
d62a17ae 3008
01e3c376
QY		 3009 /* Check that we have enough for an IP header */
3010 if ((unsigned int)(iph->ip_hl << 2) >= STREAM_READABLE(ibuf)) {
3011 if ((unsigned int)(iph->ip_hl << 2) == STREAM_READABLE(ibuf)) {
3012 flog_warn(
3013 EC_OSPF_PACKET,
3014 "Rx'd IP packet with OSPF protocol number but no payload");
3015 } else {
3016 flog_warn(
3017 EC_OSPF_PACKET,
3018 "IP header length field claims header is %u bytes, but we only have %zu",
3019 (unsigned int)(iph->ip_hl << 2),
3020 STREAM_READABLE(ibuf));
3021 }
3022
3023 return OSPF_READ_ERROR;
3024 }
3025 stream_forward_getp(ibuf, iph->ip_hl << 2);
d62a17ae 3026
02637513
DS		 3027 ospfh = (struct ospf_header *)stream_pnt(ibuf);
3028 if (MSG_OK
3029 != ospf_packet_examin(ospfh, stream_get_endp(ibuf)
3030 - stream_get_getp(ibuf)))
3031 return OSPF_READ_CONTINUE;
3032 /* Now it is safe to access all fields of OSPF packet header. */
4392cc43 3033
02637513
DS		 3034 /* associate packet with ospf interface */
3035 oi = ospf_if_lookup_recv_if(ospf, iph->ip_src, ifp);
4392cc43 3036
02637513
DS		 3037 /*
3038 * ospf_verify_header() relies on a valid "oi" and thus can be called
3039 * only after the passive/backbone/other checks below are passed.
3040 * These checks in turn access the fields of unverified "ospfh"
3041 * structure for their own purposes and must remain very accurate
3042 * in doing this.
3043 */
4392cc43 3044
02637513
DS		 3045 /* If incoming interface is passive one, ignore it. */
3046 if (oi && OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE) {
02637513
DS		 3047 if (IS_DEBUG_OSPF_EVENT)
3048 zlog_debug(
c067e23e
DS		 3049 "ignoring packet from router %pI4 sent to %pI4, received on a passive interface, %pI4",
3050 &ospfh->router_id, &iph->ip_dst,
3051 &oi->address->u.prefix4);
d62a17ae 3052
02637513
DS		 3053 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS)) {
3054 /* Try to fix multicast membership.
3055 * Some OS:es may have problems in this area,
3056 * make sure it is removed.
3057 */
3058 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
d62a17ae 3059 ospf_if_set_multicast(oi);
3060 }
02637513
DS		 3061 return OSPF_READ_CONTINUE;
3062 }
d62a17ae 3063
02637513
DS		 3064
3065 /* if no local ospf_interface,
3066 * or header area is backbone but ospf_interface is not
3067 * check for VLINK interface
3068 */
3069 if ((oi == NULL)
3070 || (OSPF_IS_AREA_ID_BACKBONE(ospfh->area_id)
3071 && !OSPF_IS_AREA_ID_BACKBONE(oi->area->area_id))) {
3072 if ((oi = ospf_associate_packet_vl(ospf, ifp, iph, ospfh))
3073 == NULL) {
3074 if (!ospf->instance && IS_DEBUG_OSPF_EVENT)
d62a17ae 3075 zlog_debug(
96b663a3
MS		 3076 "Packet from [%pI4] received on link %s but no ospf_interface",
3077 &iph->ip_src, ifp->name);
02637513 3078 return OSPF_READ_CONTINUE;
d62a17ae 3079 }
02637513 3080 }
d62a17ae 3081
02637513
DS		 3082 /*
3083 * else it must be a local ospf interface, check it was
3084 * received on correct link
3085 */
3086 else if (oi->ifp != ifp) {
3087 if (IS_DEBUG_OSPF_EVENT)
3088 flog_warn(EC_OSPF_PACKET,
96b663a3
MS		 3089 "Packet from [%pI4] received on wrong link %s",
3090 &iph->ip_src, ifp->name);
02637513
DS		 3091 return OSPF_READ_CONTINUE;
3092 } else if (oi->state == ISM_Down) {
02637513
DS		 3093 flog_warn(
3094 EC_OSPF_PACKET,
c067e23e
DS		 3095 "Ignoring packet from %pI4 to %pI4 received on interface that is down [%s]; interface flags are %s",
3096 &iph->ip_src, &iph->ip_dst, ifp->name,
3097 if_flag_dump(ifp->flags));
02637513
DS		 3098 /* Fix multicast memberships? */
3099 if (iph->ip_dst.s_addr == htonl(OSPF_ALLSPFROUTERS))
3100 OI_MEMBER_JOINED(oi, MEMBER_ALLROUTERS);
3101 else if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS))
3102 OI_MEMBER_JOINED(oi, MEMBER_DROUTERS);
3103 if (oi->multicast_memberships)
3104 ospf_if_set_multicast(oi);
3105 return OSPF_READ_CONTINUE;
3106 }
d62a17ae 3107
02637513
DS		 3108 /*
3109 * If the received packet is destined for AllDRouters, the
3110 * packet should be accepted only if the received ospf
3111 * interface state is either DR or Backup -- endo.
3112 *
3113 * I wonder who endo is?
3114 */
3115 if (iph->ip_dst.s_addr == htonl(OSPF_ALLDROUTERS)
3116 && (oi->state != ISM_DR && oi->state != ISM_Backup)) {
3117 flog_warn(
3118 EC_OSPF_PACKET,
96b663a3
MS		 3119 "Dropping packet for AllDRouters from [%pI4] via [%s] (ISM: %s)",
3120 &iph->ip_src, IF_NAME(oi),
02637513
DS		 3121 lookup_msg(ospf_ism_state_msg, oi->state, NULL));
3122 /* Try to fix multicast membership. */
3123 SET_FLAG(oi->multicast_memberships, MEMBER_DROUTERS);
3124 ospf_if_set_multicast(oi);
3125 return OSPF_READ_CONTINUE;
3126 }
3127
3128 /* Verify more OSPF header fields. */
3129 ret = ospf_verify_header(ibuf, oi, iph, ospfh);
3130 if (ret < 0) {
3131 if (IS_DEBUG_OSPF_PACKET(0, RECV))
3132 zlog_debug(
96b663a3
MS		 3133 "ospf_read[%pI4]: Header check failed, dropping.",
3134 &iph->ip_src);
02637513
DS		 3135 return OSPF_READ_CONTINUE;
3136 }
3137
3138 /* Show debug receiving packet. */
3139 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, RECV)) {
3140 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL)) {
3141 zlog_debug(
3142 "-----------------------------------------------------");
3143 ospf_packet_dump(ibuf);
d62a17ae 3144 }
3145
96b663a3 3146 zlog_debug("%s received from [%pI4] via [%s]",
02637513 3147 lookup_msg(ospf_packet_type_str, ospfh->type, NULL),
96b663a3
MS		 3148 &ospfh->router_id, IF_NAME(oi));
3149 zlog_debug(" src [%pI4],", &iph->ip_src);
3150 zlog_debug(" dst [%pI4]", &iph->ip_dst);
d62a17ae 3151
02637513
DS		 3152 if (IS_DEBUG_OSPF_PACKET(ospfh->type - 1, DETAIL))
3153 zlog_debug(
3154 "-----------------------------------------------------");
3155 }
d62a17ae 3156
02637513
DS		 3157 stream_forward_getp(ibuf, OSPF_HEADER_SIZE);
3158
3159 /* Adjust size to message length. */
3160 length = ntohs(ospfh->length) - OSPF_HEADER_SIZE;
3161
3162 /* Read rest of the packet and call each sort of packet routine.
3163 */
3164 switch (ospfh->type) {
3165 case OSPF_MSG_HELLO:
3166 ospf_hello(iph, ospfh, ibuf, oi, length);
3167 break;
3168 case OSPF_MSG_DB_DESC:
3169 ospf_db_desc(iph, ospfh, ibuf, oi, length);
3170 break;
3171 case OSPF_MSG_LS_REQ:
3172 ospf_ls_req(iph, ospfh, ibuf, oi, length);
3173 break;
3174 case OSPF_MSG_LS_UPD:
3175 ospf_ls_upd(ospf, iph, ospfh, ibuf, oi, length);
3176 break;
3177 case OSPF_MSG_LS_ACK:
3178 ospf_ls_ack(iph, ospfh, ibuf, oi, length);
3179 break;
3180 default:
3181 flog_warn(
3182 EC_OSPF_PACKET,
3183 "interface %s(%s): OSPF packet header type %d is illegal",
3184 IF_NAME(oi), ospf_get_name(ospf), ospfh->type);
3185 break;
3186 }
3187
3188 return OSPF_READ_CONTINUE;
3189}
3190
3191/* Starting point of packet process function. */
cc9f21da 3192void ospf_read(struct thread *thread)
02637513
DS		 3193{
3194 struct ospf *ospf;
3195 int32_t count = 0;
3196 enum ospf_read_return_enum ret;
3197
3198 /* first of all get interface pointer. */
3199 ospf = THREAD_ARG(thread);
3200
3201 /* prepare for next packet. */
3202 thread_add_read(master, ospf_read, ospf, ospf->fd, &ospf->t_read);
3203
3204 while (count < ospf->write_oi_count) {
3205 count++;
3206 ret = ospf_read_helper(ospf);
3207 switch (ret) {
3208 case OSPF_READ_ERROR:
cc9f21da 3209 return;
02637513 3210 case OSPF_READ_CONTINUE:
4392cc43
DS		 3211 break;
3212 }
d62a17ae 3213 }
718e3744 3214}
3215
3216/* Make OSPF header. */
d62a17ae 3217static void ospf_make_header(int type, struct ospf_interface *oi,
3218 struct stream *s)
718e3744 3219{
d62a17ae 3220 struct ospf_header *ospfh;
718e3744 3221
d62a17ae 3222 ospfh = (struct ospf_header *)STREAM_DATA(s);
718e3744 3223
d7c0a89a
QY		 3224 ospfh->version = (uint8_t)OSPF_VERSION;
3225 ospfh->type = (uint8_t)type;
718e3744 3226
d62a17ae 3227 ospfh->router_id = oi->ospf->router_id;
718e3744 3228
d62a17ae 3229 ospfh->checksum = 0;
3230 ospfh->area_id = oi->area->area_id;
3231 ospfh->auth_type = htons(ospf_auth_type(oi));
718e3744 3232
d62a17ae 3233 memset(ospfh->u.auth_data, 0, OSPF_AUTH_SIMPLE_SIZE);
718e3744 3234
d62a17ae 3235 stream_forward_endp(s, OSPF_HEADER_SIZE);
718e3744 3236}
3237
3238/* Make Authentication Data. */
d62a17ae 3239static int ospf_make_auth(struct ospf_interface *oi, struct ospf_header *ospfh)
3240{
3241 struct crypt_key *ck;
3242
3243 switch (ospf_auth_type(oi)) {
3244 case OSPF_AUTH_NULL:
0d6f7fd6 3245 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3246 */
3247 break;
3248 case OSPF_AUTH_SIMPLE:
3249 memcpy(ospfh->u.auth_data, OSPF_IF_PARAM(oi, auth_simple),
3250 OSPF_AUTH_SIMPLE_SIZE);
3251 break;
3252 case OSPF_AUTH_CRYPTOGRAPHIC:
3253 /* If key is not set, then set 0. */
3254 if (list_isempty(OSPF_IF_PARAM(oi, auth_crypt))) {
3255 ospfh->u.crypt.zero = 0;
3256 ospfh->u.crypt.key_id = 0;
3257 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3258 } else {
3259 ck = listgetdata(
3260 listtail(OSPF_IF_PARAM(oi, auth_crypt)));
3261 ospfh->u.crypt.zero = 0;
3262 ospfh->u.crypt.key_id = ck->key_id;
3263 ospfh->u.crypt.auth_data_len = OSPF_AUTH_MD5_SIZE;
3264 }
3265 /* note: the seq is done in ospf_make_md5_digest() */
3266 break;
3267 default:
0d6f7fd6 3268 /* memset (ospfh->u.auth_data, 0, sizeof(ospfh->u.auth_data));
d62a17ae 3269 */
3270 break;
718e3744 3271 }
718e3744 3272
d62a17ae 3273 return 0;
718e3744 3274}
3275
3276/* Fill rest of OSPF header. */
d62a17ae 3277static void ospf_fill_header(struct ospf_interface *oi, struct stream *s,
d7c0a89a 3278 uint16_t length)
d62a17ae 3279{
3280 struct ospf_header *ospfh;
3281
3282 ospfh = (struct ospf_header *)STREAM_DATA(s);
3283
3284 /* Fill length. */
3285 ospfh->length = htons(length);
3286
3287 /* Calculate checksum. */
3288 if (ntohs(ospfh->auth_type) != OSPF_AUTH_CRYPTOGRAPHIC)
3289 ospfh->checksum = in_cksum(ospfh, length);
3290 else
3291 ospfh->checksum = 0;
3292
3293 /* Add Authentication Data. */
3294 ospf_make_auth(oi, ospfh);
3295}
3296
3297static int ospf_make_hello(struct ospf_interface *oi, struct stream *s)
3298{
3299 struct ospf_neighbor *nbr;
3300 struct route_node *rn;
d7c0a89a 3301 uint16_t length = OSPF_HELLO_MIN_SIZE;
d62a17ae 3302 struct in_addr mask;
3303 unsigned long p;
3304 int flag = 0;
3305
3306 /* Set netmask of interface. */
3307 if (!(CHECK_FLAG(oi->connected->flags, ZEBRA_IFA_UNNUMBERED)
3308 && oi->type == OSPF_IFTYPE_POINTOPOINT)
3309 && oi->type != OSPF_IFTYPE_VIRTUALLINK)
3310 masklen2ip(oi->address->prefixlen, &mask);
3311 else
3312 memset((char *)&mask, 0, sizeof(struct in_addr));
3313 stream_put_ipv4(s, mask.s_addr);
3314
3315 /* Set Hello Interval. */
3316 if (OSPF_IF_PARAM(oi, fast_hello) == 0)
3317 stream_putw(s, OSPF_IF_PARAM(oi, v_hello));
3318 else
3319 stream_putw(s, 0); /* hello-interval of 0 for fast-hellos */
3320
ee09fbc0
MN		 3321 /* Check if flood-reduction is enabled,
3322 * if yes set the DC bit in the options.
3323 */
3324 if (OSPF_FR_CONFIG(oi->ospf, oi->area))
3325 SET_FLAG(OPTIONS(oi), OSPF_OPTION_DC);
3326 else if (CHECK_FLAG(OPTIONS(oi), OSPF_OPTION_DC))
3327 UNSET_FLAG(OPTIONS(oi), OSPF_OPTION_DC);
3328
d62a17ae 3329 if (IS_DEBUG_OSPF_EVENT)
ea892800 3330 zlog_debug("%s: options: %x, int: %s", __func__, OPTIONS(oi),
d62a17ae 3331 IF_NAME(oi));
3332
3333 /* Set Options. */
3334 stream_putc(s, OPTIONS(oi));
3335
3336 /* Set Router Priority. */
3337 stream_putc(s, PRIORITY(oi));
3338
3339 /* Set Router Dead Interval. */
3340 stream_putl(s, OSPF_IF_PARAM(oi, v_wait));
3341
3342 /* Set Designated Router. */
3343 stream_put_ipv4(s, DR(oi).s_addr);
3344
3345 p = stream_get_endp(s);
3346
3347 /* Set Backup Designated Router. */
3348 stream_put_ipv4(s, BDR(oi).s_addr);
3349
3350 /* Add neighbor seen. */
fe61ceae
DS		 3351 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
3352 nbr = rn->info;
3353
3354 if (!nbr)
3355 continue;
3356
3357 /* Ignore the 0.0.0.0 node */
3358 if (nbr->router_id.s_addr == INADDR_ANY)
3359 continue;
3360
3361 /* Ignore Down neighbor */
3362 if (nbr->state == NSM_Attempt)
3363 continue;
3364
3365 /* This is myself for DR election */
3366 if (nbr->state == NSM_Down)
3367 continue;
3368
3369 if (IPV4_ADDR_SAME(&nbr->router_id, &oi->ospf->router_id))
3370 continue;
3371 /* Check neighbor is sane? */
3372 if (nbr->d_router.s_addr != INADDR_ANY &&
3373 IPV4_ADDR_SAME(&nbr->d_router, &oi->address->u.prefix4) &&
3374 IPV4_ADDR_SAME(&nbr->bd_router, &oi->address->u.prefix4))
3375 flag = 1;
3376
3377 /* Hello packet overflows interface MTU.
3378 */
3379 if (length + sizeof(uint32_t) > ospf_packet_max(oi)) {
3380 flog_err(
3381 EC_OSPF_LARGE_HELLO,
3382 "Oversized Hello packet! Larger than MTU. Not sending it out");
3383 return 0;
3384 }
3385
3386 stream_put_ipv4(s, nbr->router_id.s_addr);
3387 length += 4;
3388 }
d62a17ae 3389
3390 /* Let neighbor generate BackupSeen. */
3391 if (flag == 1)
3392 stream_putl_at(s, p, 0); /* ipv4 address, normally */
3393
3394 return length;
3395}
3396
3397static int ospf_make_db_desc(struct ospf_interface *oi,
3398 struct ospf_neighbor *nbr, struct stream *s)
3399{
3400 struct ospf_lsa *lsa;
d7c0a89a
QY		 3401 uint16_t length = OSPF_DB_DESC_MIN_SIZE;
3402 uint8_t options;
d62a17ae 3403 unsigned long pp;
3404 int i;
3405 struct ospf_lsdb *lsdb;
3406
3407 /* Set Interface MTU. */
3408 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3409 stream_putw(s, 0);
3410 else
3411 stream_putw(s, oi->ifp->mtu);
3412
3413 /* Set Options. */
3414 options = OPTIONS(oi);
3415 if (CHECK_FLAG(oi->ospf->config, OSPF_OPAQUE_CAPABLE))
3416 SET_FLAG(options, OSPF_OPTION_O);
ee09fbc0
MN		 3417 if (OSPF_FR_CONFIG(oi->ospf, oi->area))
3418 SET_FLAG(options, OSPF_OPTION_DC);
d62a17ae 3419 stream_putc(s, options);
3420
3421 /* DD flags */
3422 pp = stream_get_endp(s);
3423 stream_putc(s, nbr->dd_flags);
3424
3425 /* Set DD Sequence Number. */
3426 stream_putl(s, nbr->dd_seqnum);
3427
3428 /* shortcut unneeded walk of (empty) summary LSDBs */
3429 if (ospf_db_summary_isempty(nbr))
3430 goto empty;
3431
3432 /* Describe LSA Header from Database Summary List. */
3433 lsdb = &nbr->db_sum;
3434
3435 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3436 struct route_table *table = lsdb->type[i].db;
3437 struct route_node *rn;
3438
3439 for (rn = route_top(table); rn; rn = route_next(rn))
3440 if ((lsa = rn->info) != NULL) {
3441 if (IS_OPAQUE_LSA(lsa->data->type)
3442 && (!CHECK_FLAG(options, OSPF_OPTION_O))) {
3443 /* Suppress advertising
0437e105 3444 * opaque-information. */
d62a17ae 3445 /* Remove LSA from DB summary list. */
3446 ospf_lsdb_delete(lsdb, lsa);
3447 continue;
3448 }
3449
3450 if (!CHECK_FLAG(lsa->flags, OSPF_LSA_DISCARD)) {
3451 struct lsa_header *lsah;
d7c0a89a 3452 uint16_t ls_age;
d62a17ae 3453
3454 /* DD packet overflows interface MTU. */
3455 if (length + OSPF_LSA_HEADER_SIZE
3456 > ospf_packet_max(oi))
3457 break;
3458
3459 /* Keep pointer to LS age. */
3460 lsah = (struct lsa_header
3461 *)(STREAM_DATA(s)
3462 + stream_get_endp(
3463 s));
3464
3465 /* Proceed stream pointer. */
3466 stream_put(s, lsa->data,
3467 OSPF_LSA_HEADER_SIZE);
3468 length += OSPF_LSA_HEADER_SIZE;
3469
3470 /* Set LS age. */
3471 ls_age = LS_AGE(lsa);
3472 lsah->ls_age = htons(ls_age);
3473 }
3474
3475 /* Remove LSA from DB summary list. */
3476 ospf_lsdb_delete(lsdb, lsa);
3477 }
3478 }
718e3744 3479
d62a17ae 3480 /* Update 'More' bit */
3481 if (ospf_db_summary_isempty(nbr)) {
3482 empty:
3483 if (nbr->state >= NSM_Exchange) {
3484 UNSET_FLAG(nbr->dd_flags, OSPF_DD_FLAG_M);
3485 /* Rewrite DD flags */
3486 stream_putc_at(s, pp, nbr->dd_flags);
3487 } else {
3488 assert(IS_SET_DD_M(nbr->dd_flags));
3489 }
3490 }
3491 return length;
3492}
86f1fd96 3493
d7c0a89a 3494static int ospf_make_ls_req_func(struct stream *s, uint16_t *length,
d62a17ae 3495 unsigned long delta, struct ospf_neighbor *nbr,
3496 struct ospf_lsa *lsa)
3497{
3498 struct ospf_interface *oi;
718e3744 3499
d62a17ae 3500 oi = nbr->oi;
718e3744 3501
9570f737
S		 3502 /* LS Request packet overflows interface MTU
3503 * delta is just number of bytes required for 1 LS Req
3504 * ospf_packet_max will return the number of bytes can
f5267398 3505 * be accommodated without ospf header. So length+delta
9570f737
S		 3506 * can be compared to ospf_packet_max
3507 * to check if it can fit another lsreq in the same packet.
3508 */
3509
d62a17ae 3510 if (*length + delta > ospf_packet_max(oi))
3511 return 0;
1eb8ef25 3512
d62a17ae 3513 stream_putl(s, lsa->data->type);
3514 stream_put_ipv4(s, lsa->data->id.s_addr);
3515 stream_put_ipv4(s, lsa->data->adv_router.s_addr);
718e3744 3516
d62a17ae 3517 ospf_lsa_unlock(&nbr->ls_req_last);
3518 nbr->ls_req_last = ospf_lsa_lock(lsa);
59ea14c6 3519
d62a17ae 3520 *length += 12;
3521 return 1;
3522}
718e3744 3523
d62a17ae 3524static int ospf_make_ls_req(struct ospf_neighbor *nbr, struct stream *s)
3525{
3526 struct ospf_lsa *lsa;
d7c0a89a 3527 uint16_t length = OSPF_LS_REQ_MIN_SIZE;
9570f737 3528 unsigned long delta = 12;
d62a17ae 3529 struct route_table *table;
3530 struct route_node *rn;
3531 int i;
3532 struct ospf_lsdb *lsdb;
718e3744 3533
d62a17ae 3534 lsdb = &nbr->ls_req;
718e3744 3535
d62a17ae 3536 for (i = OSPF_MIN_LSA; i < OSPF_MAX_LSA; i++) {
3537 table = lsdb->type[i].db;
3538 for (rn = route_top(table); rn; rn = route_next(rn))
3539 if ((lsa = (rn->info)) != NULL)
3540 if (ospf_make_ls_req_func(s, &length, delta,
3541 nbr, lsa)
3542 == 0) {
3543 route_unlock_node(rn);
3544 break;
3545 }
3546 }
3547 return length;
3548}
718e3744 3549
d62a17ae 3550static int ls_age_increment(struct ospf_lsa *lsa, int delay)
3551{
3552 int age;
718e3744 3553
d62a17ae 3554 age = IS_LSA_MAXAGE(lsa) ? OSPF_LSA_MAXAGE : LS_AGE(lsa) + delay;
718e3744 3555
d62a17ae 3556 return (age > OSPF_LSA_MAXAGE ? OSPF_LSA_MAXAGE : age);
718e3744 3557}
3558
d62a17ae 3559static int ospf_make_ls_upd(struct ospf_interface *oi, struct list *update,
3560 struct stream *s)
718e3744 3561{
d62a17ae 3562 struct ospf_lsa *lsa;
3563 struct listnode *node;
d7c0a89a 3564 uint16_t length = 0;
d62a17ae 3565 unsigned int size_noauth;
3566 unsigned long delta = stream_get_endp(s);
3567 unsigned long pp;
3568 int count = 0;
3569
3570 if (IS_DEBUG_OSPF_EVENT)
ea892800 3571 zlog_debug("%s: Start", __func__);
d62a17ae 3572
3573 pp = stream_get_endp(s);
3574 stream_forward_endp(s, OSPF_LS_UPD_MIN_SIZE);
3575 length += OSPF_LS_UPD_MIN_SIZE;
3576
3577 /* Calculate amount of packet usable for data. */
3578 size_noauth = stream_get_size(s) - ospf_packet_authspace(oi);
3579
3580 while ((node = listhead(update)) != NULL) {
3581 struct lsa_header *lsah;
d7c0a89a 3582 uint16_t ls_age;
d62a17ae 3583
d62a17ae 3584 lsa = listgetdata(node);
d62a17ae 3585 assert(lsa->data);
3586
e9505bc6
RW		 3587 if (IS_DEBUG_OSPF_EVENT)
3588 zlog_debug("%s: List Iteration %d LSA[%s]", __func__,
3589 count, dump_lsa_key(lsa));
3590
2ef62909 3591 /* Will it fit? Minimum it has to fit at least one */
9570f737
S		 3592 if ((length + delta + ntohs(lsa->data->length) > size_noauth) &&
3593 (count > 0))
d62a17ae 3594 break;
3595
3596 /* Keep pointer to LS age. */
3597 lsah = (struct lsa_header *)(STREAM_DATA(s)
3598 + stream_get_endp(s));
3599
3600 /* Put LSA to Link State Request. */
3601 stream_put(s, lsa->data, ntohs(lsa->data->length));
718e3744 3602
d62a17ae 3603 /* Set LS age. */
3604 /* each hop must increment an lsa_age by transmit_delay
3605 of OSPF interface */
3606 ls_age = ls_age_increment(lsa,
3607 OSPF_IF_PARAM(oi, transmit_delay));
3608 lsah->ls_age = htons(ls_age);
3609
3610 length += ntohs(lsa->data->length);
3611 count++;
3612
3613 list_delete_node(update, node);
3614 ospf_lsa_unlock(&lsa); /* oi->ls_upd_queue */
3615 }
3616
3617 /* Now set #LSAs. */
3618 stream_putl_at(s, pp, count);
3619
3620 if (IS_DEBUG_OSPF_EVENT)
ea892800 3621 zlog_debug("%s: Stop", __func__);
d62a17ae 3622 return length;
718e3744 3623}
3624
d62a17ae 3625static int ospf_make_ls_ack(struct ospf_interface *oi, struct list *ack,
3626 struct stream *s)
718e3744 3627{
d62a17ae 3628 struct listnode *node, *nnode;
d7c0a89a 3629 uint16_t length = OSPF_LS_ACK_MIN_SIZE;
9570f737 3630 unsigned long delta = OSPF_LSA_HEADER_SIZE;
d62a17ae 3631 struct ospf_lsa *lsa;
718e3744 3632
d62a17ae 3633 for (ALL_LIST_ELEMENTS(ack, node, nnode, lsa)) {
3634 assert(lsa);
718e3744 3635
9570f737
S		 3636 /* LS Ack packet overflows interface MTU
3637 * delta is just number of bytes required for
3638 * 1 LS Ack(1 LS Hdr) ospf_packet_max will return
f5267398 3639 * the number of bytes can be accommodated without
9570f737
S		 3640 * ospf header. So length+delta can be compared
3641 * against ospf_packet_max to check if it can fit
3642 * another ls header in the same packet.
3643 */
3644 if ((length + delta) > ospf_packet_max(oi))
d62a17ae 3645 break;
718e3744 3646
d62a17ae 3647 stream_put(s, lsa->data, OSPF_LSA_HEADER_SIZE);
3648 length += OSPF_LSA_HEADER_SIZE;
3649
3650 listnode_delete(ack, lsa);
3651 ospf_lsa_unlock(&lsa); /* oi->ls_ack_direct.ls_ack */
3652 }
3653
3654 return length;
3655}
3656
3657static void ospf_hello_send_sub(struct ospf_interface *oi, in_addr_t addr)
3658{
3659 struct ospf_packet *op;
d7c0a89a 3660 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3661
d62a17ae 3662 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3663
d62a17ae 3664 /* Prepare OSPF common header. */
3665 ospf_make_header(OSPF_MSG_HELLO, oi, op->s);
718e3744 3666
d62a17ae 3667 /* Prepare OSPF Hello body. */
3668 length += ospf_make_hello(oi, op->s);
9b18d58e
NS		 3669 if (length == OSPF_HEADER_SIZE) {
3670 /* Hello overshooting MTU */
3671 ospf_packet_free(op);
3672 return;
3673 }
718e3744 3674
d62a17ae 3675 /* Fill OSPF header. */
3676 ospf_fill_header(oi, op->s, length);
718e3744 3677
d62a17ae 3678 /* Set packet length. */
3679 op->length = length;
3680
3681 op->dst.s_addr = addr;
3682
b5a8894d
CS		 3683 if (IS_DEBUG_OSPF_EVENT) {
3684 if (oi->ospf->vrf_id)
996c9314
LB		 3685 zlog_debug(
3686 "%s: Hello Tx interface %s ospf vrf %s id %u",
15569c58 3687 __func__, oi->ifp->name,
996c9314
LB		 3688 ospf_vrf_id_to_name(oi->ospf->vrf_id),
3689 oi->ospf->vrf_id);
b5a8894d 3690 }
d62a17ae 3691 /* Add packet to the top of the interface output queue, so that they
3692 * can't get delayed by things like long queues of LS Update packets
3693 */
3694 ospf_packet_add_top(oi, op);
3695
3696 /* Hook thread to write packet. */
3697 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3698}
3699
d62a17ae 3700static void ospf_poll_send(struct ospf_nbr_nbma *nbr_nbma)
718e3744 3701{
d62a17ae 3702 struct ospf_interface *oi;
718e3744 3703
d62a17ae 3704 oi = nbr_nbma->oi;
3705 assert(oi);
718e3744 3706
d62a17ae 3707 /* If this is passive interface, do not send OSPF Hello. */
3708 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3709 return;
718e3744 3710
d62a17ae 3711 if (oi->type != OSPF_IFTYPE_NBMA)
3712 return;
718e3744 3713
d62a17ae 3714 if (nbr_nbma->nbr != NULL && nbr_nbma->nbr->state != NSM_Down)
3715 return;
718e3744 3716
d62a17ae 3717 if (PRIORITY(oi) == 0)
3718 return;
718e3744 3719
d62a17ae 3720 if (nbr_nbma->priority == 0 && oi->state != ISM_DR
3721 && oi->state != ISM_Backup)
3722 return;
718e3744 3723
d62a17ae 3724 ospf_hello_send_sub(oi, nbr_nbma->addr.s_addr);
718e3744 3725}
3726
cc9f21da 3727void ospf_poll_timer(struct thread *thread)
718e3744 3728{
d62a17ae 3729 struct ospf_nbr_nbma *nbr_nbma;
718e3744 3730
d62a17ae 3731 nbr_nbma = THREAD_ARG(thread);
3732 nbr_nbma->t_poll = NULL;
718e3744 3733
d62a17ae 3734 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3735 zlog_debug("NSM[%s:%pI4]: Timer (Poll timer expire)",
3736 IF_NAME(nbr_nbma->oi), &nbr_nbma->addr);
718e3744 3737
d62a17ae 3738 ospf_poll_send(nbr_nbma);
718e3744 3739
d62a17ae 3740 if (nbr_nbma->v_poll > 0)
3741 OSPF_POLL_TIMER_ON(nbr_nbma->t_poll, ospf_poll_timer,
3742 nbr_nbma->v_poll);
718e3744 3743}
3744
3745
cc9f21da 3746void ospf_hello_reply_timer(struct thread *thread)
718e3744 3747{
d62a17ae 3748 struct ospf_neighbor *nbr;
718e3744 3749
d62a17ae 3750 nbr = THREAD_ARG(thread);
3751 nbr->t_hello_reply = NULL;
718e3744 3752
d62a17ae 3753 if (IS_DEBUG_OSPF(nsm, NSM_TIMERS))
96b663a3
MS		 3754 zlog_debug("NSM[%s:%pI4]: Timer (hello-reply timer expire)",
3755 IF_NAME(nbr->oi), &nbr->router_id);
718e3744 3756
d62a17ae 3757 ospf_hello_send_sub(nbr->oi, nbr->address.u.prefix4.s_addr);
718e3744 3758}
3759
3760/* Send OSPF Hello. */
d62a17ae 3761void ospf_hello_send(struct ospf_interface *oi)
3762{
3763 /* If this is passive interface, do not send OSPF Hello. */
3764 if (OSPF_IF_PASSIVE_STATUS(oi) == OSPF_IF_PASSIVE)
3765 return;
3766
3767 if (oi->type == OSPF_IFTYPE_NBMA) {
3768 struct ospf_neighbor *nbr;
3769 struct route_node *rn;
3770
fe61ceae
DS		 3771 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
3772 nbr = rn->info;
3773 if (!nbr)
3774 continue;
3775
3776 if (nbr == oi->nbr_self)
3777 continue;
3778
3779 if (nbr->state == NSM_Down)
3780 continue;
3781
3782 /*
3783 * RFC 2328 Section 9.5.1
3784 * If the router is not eligible to become Designated
3785 * Router, it must periodically send Hello Packets to
3786 * both the Designated Router and the Backup
3787 * Designated Router (if they exist).
3788 */
3789 if (PRIORITY(oi) == 0 &&
3790 IPV4_ADDR_CMP(&DR(oi), &nbr->address.u.prefix4) &&
3791 IPV4_ADDR_CMP(&BDR(oi), &nbr->address.u.prefix4))
3792 continue;
3793
3794 /*
3795 * If the router is eligible to become Designated
3796 * Router, it must periodically send Hello Packets to
3797 * all neighbors that are also eligible. In addition,
3798 * if the router is itself the Designated Router or
3799 * Backup Designated Router, it must also send periodic
3800 * Hello Packets to all other neighbors.
3801 */
3802 if (nbr->priority == 0 && oi->state == ISM_DROther)
3803 continue;
3804
3805 /* if oi->state == Waiting, send
3806 * hello to all neighbors */
3807 ospf_hello_send_sub(oi, nbr->address.u.prefix4.s_addr);
3808 }
d62a17ae 3809 } else {
3810 /* Decide destination address. */
3811 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
3812 ospf_hello_send_sub(oi, oi->vl_data->peer_addr.s_addr);
3813 else
3814 ospf_hello_send_sub(oi, htonl(OSPF_ALLSPFROUTERS));
3815 }
718e3744 3816}
3817
3818/* Send OSPF Database Description. */
d62a17ae 3819void ospf_db_desc_send(struct ospf_neighbor *nbr)
718e3744 3820{
d62a17ae 3821 struct ospf_interface *oi;
3822 struct ospf_packet *op;
d7c0a89a 3823 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3824
d62a17ae 3825 oi = nbr->oi;
3826 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3827
d62a17ae 3828 /* Prepare OSPF common header. */
3829 ospf_make_header(OSPF_MSG_DB_DESC, oi, op->s);
718e3744 3830
d62a17ae 3831 /* Prepare OSPF Database Description body. */
3832 length += ospf_make_db_desc(oi, nbr, op->s);
718e3744 3833
d62a17ae 3834 /* Fill OSPF header. */
3835 ospf_fill_header(oi, op->s, length);
718e3744 3836
d62a17ae 3837 /* Set packet length. */
3838 op->length = length;
718e3744 3839
d62a17ae 3840 /* Decide destination address. */
3841 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3842 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3843 else
3844 op->dst = nbr->address.u.prefix4;
718e3744 3845
d62a17ae 3846 /* Add packet to the interface output queue. */
3847 ospf_packet_add(oi, op);
718e3744 3848
d62a17ae 3849 /* Hook thread to write packet. */
3850 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3851
d62a17ae 3852 /* Remove old DD packet, then copy new one and keep in neighbor
3853 * structure. */
3854 if (nbr->last_send)
3855 ospf_packet_free(nbr->last_send);
3856 nbr->last_send = ospf_packet_dup(op);
3857 monotime(&nbr->last_send_ts);
e6a22aeb
SK		 3858 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3859 zlog_info(
96b663a3 3860 "%s:Packet[DD]: %pI4 DB Desc send with seqnum:%x , flags:%x",
44076f4d
RW		 3861 ospf_get_name(oi->ospf), &nbr->router_id,
3862 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3863}
3864
3865/* Re-send Database Description. */
d62a17ae 3866void ospf_db_desc_resend(struct ospf_neighbor *nbr)
718e3744 3867{
d62a17ae 3868 struct ospf_interface *oi;
718e3744 3869
d62a17ae 3870 oi = nbr->oi;
718e3744 3871
d62a17ae 3872 /* Add packet to the interface output queue. */
3873 ospf_packet_add(oi, ospf_packet_dup(nbr->last_send));
718e3744 3874
d62a17ae 3875 /* Hook thread to write packet. */
3876 OSPF_ISM_WRITE_ON(oi->ospf);
e6a22aeb
SK		 3877 if (CHECK_FLAG(oi->ospf->config, OSPF_LOG_ADJACENCY_DETAIL))
3878 zlog_info(
96b663a3 3879 "%s:Packet[DD]: %pI4 DB Desc resend with seqnum:%x , flags:%x",
44076f4d
RW		 3880 ospf_get_name(oi->ospf), &nbr->router_id,
3881 nbr->dd_seqnum, nbr->dd_flags);
718e3744 3882}
3883
3884/* Send Link State Request. */
d62a17ae 3885void ospf_ls_req_send(struct ospf_neighbor *nbr)
718e3744 3886{
d62a17ae 3887 struct ospf_interface *oi;
3888 struct ospf_packet *op;
d7c0a89a 3889 uint16_t length = OSPF_HEADER_SIZE;
718e3744 3890
d62a17ae 3891 oi = nbr->oi;
3892 op = ospf_packet_new(oi->ifp->mtu);
718e3744 3893
d62a17ae 3894 /* Prepare OSPF common header. */
3895 ospf_make_header(OSPF_MSG_LS_REQ, oi, op->s);
718e3744 3896
d62a17ae 3897 /* Prepare OSPF Link State Request body. */
3898 length += ospf_make_ls_req(nbr, op->s);
3899 if (length == OSPF_HEADER_SIZE) {
3900 ospf_packet_free(op);
3901 return;
3902 }
718e3744 3903
d62a17ae 3904 /* Fill OSPF header. */
3905 ospf_fill_header(oi, op->s, length);
718e3744 3906
d62a17ae 3907 /* Set packet length. */
3908 op->length = length;
718e3744 3909
d62a17ae 3910 /* Decide destination address. */
3911 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
3912 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
3913 else
3914 op->dst = nbr->address.u.prefix4;
718e3744 3915
d62a17ae 3916 /* Add packet to the interface output queue. */
3917 ospf_packet_add(oi, op);
718e3744 3918
d62a17ae 3919 /* Hook thread to write packet. */
3920 OSPF_ISM_WRITE_ON(oi->ospf);
718e3744 3921
d62a17ae 3922 /* Add Link State Request Retransmission Timer. */
3923 OSPF_NSM_TIMER_ON(nbr->t_ls_req, ospf_ls_req_timer, nbr->v_ls_req);
718e3744 3924}
3925
3926/* Send Link State Update with an LSA. */
d62a17ae 3927void ospf_ls_upd_send_lsa(struct ospf_neighbor *nbr, struct ospf_lsa *lsa,
3928 int flag)
718e3744 3929{
d62a17ae 3930 struct list *update;
718e3744 3931
d62a17ae 3932 update = list_new();
718e3744 3933
d62a17ae 3934 listnode_add(update, lsa);
046460a1
CS		 3935
3936 /*ospf instance is going down, send self originated
3937 * MAXAGE LSA update to neighbors to remove from LSDB */
3938 if (nbr->oi->ospf->inst_shutdown && IS_LSA_MAXAGE(lsa))
3939 ospf_ls_upd_send(nbr, update, flag, 1);
3940 else
3941 ospf_ls_upd_send(nbr, update, flag, 0);
718e3744 3942
6a154c88 3943 list_delete(&update);
718e3744 3944}
3945
f5267398 3946/* Determine size for packet. Must be at least big enough to accommodate next
68b7339a 3947 * LSA on list, which may be bigger than MTU size.
3948 *
3949 * Return pointer to new ospf_packet
3950 * NULL if we can not allocate, eg because LSA is bigger than imposed limit
3951 * on packet sizes (in which case offending LSA is deleted from update list)
3952 */
d62a17ae 3953static struct ospf_packet *ospf_ls_upd_packet_new(struct list *update,
3954 struct ospf_interface *oi)
3955{
3956 struct ospf_lsa *lsa;
3957 struct listnode *ln;
3958 size_t size;
3959 static char warned = 0;
3960
3961 lsa = listgetdata((ln = listhead(update)));
3962 assert(lsa->data);
3963
3964 if ((OSPF_LS_UPD_MIN_SIZE + ntohs(lsa->data->length))
3965 > ospf_packet_max(oi)) {
3966 if (!warned) {
c9cc11f6 3967 flog_warn(
cf444bcf 3968 EC_OSPF_LARGE_LSA,
ea892800 3969 "%s: oversized LSA encountered!will need to fragment. Not optimal. Try divide up your network with areas. Use 'debug ospf packet send' to see details, or look at 'show ip ospf database ..'",
3970 __func__);
d62a17ae 3971 warned = 1;
3972 }
3973
3974 if (IS_DEBUG_OSPF_PACKET(0, SEND))
3975 zlog_debug(
ea892800 3976 "%s: oversized LSA id:%pI4, %d bytes originated by %pI4, will be fragmented!",
3977 __func__, &lsa->data->id,
d62a17ae 3978 ntohs(lsa->data->length),
96b663a3 3979 &lsa->data->adv_router);
d62a17ae 3980
3981 /*
3982 * Allocate just enough to fit this LSA only, to avoid including
3983 * other
3984 * LSAs in fragmented LSA Updates.
3985 */
3986 size = ntohs(lsa->data->length)
3987 + (oi->ifp->mtu - ospf_packet_max(oi))
3988 + OSPF_LS_UPD_MIN_SIZE;
3989 } else
3990 size = oi->ifp->mtu;
3991
3992 if (size > OSPF_MAX_PACKET_SIZE) {
ea892800 3993 flog_warn(
3994 EC_OSPF_LARGE_LSA,
3995 "%s: oversized LSA id:%pI4 too big, %d bytes, packet size %ld, dropping it completely. OSPF routing is broken!",
3996 __func__, &lsa->data->id, ntohs(lsa->data->length),
3997 (long int)size);
d62a17ae 3998 list_delete_node(update, ln);
3999 return NULL;
4000 }
718e3744 4001
d62a17ae 4002 /* IP header is built up separately by ospf_write(). This means, that we
4003 * must
4004 * reduce the "affordable" size just calculated by length of an IP
4005 * header.
4006 * This makes sure, that even if we manage to fill the payload with LSA
4007 * data
4008 * completely, the final packet (our data plus IP header) still fits
4009 * into
4010 * outgoing interface MTU. This correction isn't really meaningful for
4011 * an
4012 * oversized LSA, but for consistency the correction is done for both
4013 * cases.
4014 *
4015 * P.S. OSPF_MAX_PACKET_SIZE above already includes IP header size
4016 */
4017 return ospf_packet_new(size - sizeof(struct ip));
718e3744 4018}
4019
d62a17ae 4020static void ospf_ls_upd_queue_send(struct ospf_interface *oi,
046460a1
CS		 4021 struct list *update, struct in_addr addr,
4022 int send_lsupd_now)
718e3744 4023{
d62a17ae 4024 struct ospf_packet *op;
d7c0a89a 4025 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4026
4027 if (IS_DEBUG_OSPF_EVENT)
96b663a3
MS		 4028 zlog_debug("listcount = %d, [%s]dst %pI4", listcount(update),
4029 IF_NAME(oi), &addr);
d62a17ae 4030
19274fe8
OD		 4031 /* Check that we have really something to process */
4032 if (listcount(update) == 0)
4033 return;
4034
d62a17ae 4035 op = ospf_ls_upd_packet_new(update, oi);
718e3744 4036
d62a17ae 4037 /* Prepare OSPF common header. */
4038 ospf_make_header(OSPF_MSG_LS_UPD, oi, op->s);
718e3744 4039
d62a17ae 4040 /* Prepare OSPF Link State Update body.
4041 * Includes Type-7 translation.
4042 */
4043 length += ospf_make_ls_upd(oi, update, op->s);
4044
4045 /* Fill OSPF header. */
4046 ospf_fill_header(oi, op->s, length);
4047
4048 /* Set packet length. */
4049 op->length = length;
4050
4051 /* Decide destination address. */
4052 if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4053 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4054 else
4055 op->dst.s_addr = addr.s_addr;
4056
4057 /* Add packet to the interface output queue. */
4058 ospf_packet_add(oi, op);
046460a1
CS		 4059 /* Call ospf_write() right away to send ospf packets to neighbors */
4060 if (send_lsupd_now) {
4061 struct thread os_packet_thd;
4062
4063 os_packet_thd.arg = (void *)oi->ospf;
4064 if (oi->on_write_q == 0) {
4065 listnode_add(oi->ospf->oi_write_q, oi);
4066 oi->on_write_q = 1;
4067 }
4068 ospf_write(&os_packet_thd);
4173cc8e
DS		 4069 /*
4070 * We are fake calling ospf_write with a fake
4071 * thread. Imagine that we have oi_a already
4072 * enqueued and we have turned on the write
4073 * thread(t_write).
4074 * Now this function calls this for oi_b
4075 * so the on_write_q has oi_a and oi_b on
4076 * it, ospf_write runs and clears the packets
4077 * for both oi_a and oi_b. Removing them from
4078 * the on_write_q. After this thread of execution
4079 * finishes we will execute the t_write thread
4080 * with nothing in the on_write_q causing an
4081 * assert. So just make sure that the t_write
4082 * is actually turned off.
4083 */
4084 if (list_isempty(oi->ospf->oi_write_q))
cccd44f3 4085 THREAD_OFF(oi->ospf->t_write);
046460a1
CS		 4086 } else {
4087 /* Hook thread to write packet. */
4088 OSPF_ISM_WRITE_ON(oi->ospf);
4089 }
d62a17ae 4090}
4091
cc9f21da 4092static void ospf_ls_upd_send_queue_event(struct thread *thread)
d62a17ae 4093{
4094 struct ospf_interface *oi = THREAD_ARG(thread);
4095 struct route_node *rn;
4096 struct route_node *rnext;
4097 struct list *update;
4098 char again = 0;
4099
4100 oi->t_ls_upd_event = NULL;
4101
4102 if (IS_DEBUG_OSPF_EVENT)
ea892800 4103 zlog_debug("%s start", __func__);
d62a17ae 4104
4105 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4106 rnext = route_next(rn);
4107
4108 if (rn->info == NULL)
4109 continue;
4110
4111 update = (struct list *)rn->info;
4112
046460a1 4113 ospf_ls_upd_queue_send(oi, update, rn->p.u.prefix4, 0);
d62a17ae 4114
4115 /* list might not be empty. */
4116 if (listcount(update) == 0) {
6a154c88 4117 list_delete((struct list **)&rn->info);
d62a17ae 4118 route_unlock_node(rn);
4119 } else
4120 again = 1;
4121 }
4122
4123 if (again != 0) {
4124 if (IS_DEBUG_OSPF_EVENT)
4125 zlog_debug(
ea892800 4126 "%s: update lists not cleared, %d nodes to try again, raising new event",
4127 __func__, again);
d62a17ae 4128 oi->t_ls_upd_event = NULL;
4129 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
4130 &oi->t_ls_upd_event);
4131 }
4132
4133 if (IS_DEBUG_OSPF_EVENT)
ea892800 4134 zlog_debug("%s stop", __func__);
d62a17ae 4135}
4136
046460a1
CS		 4137void ospf_ls_upd_send(struct ospf_neighbor *nbr, struct list *update, int flag,
4138 int send_lsupd_now)
d62a17ae 4139{
4140 struct ospf_interface *oi;
4141 struct ospf_lsa *lsa;
4142 struct prefix_ipv4 p;
4143 struct route_node *rn;
4144 struct listnode *node;
4145
4146 oi = nbr->oi;
4147
4148 p.family = AF_INET;
4149 p.prefixlen = IPV4_MAX_BITLEN;
4150
4151 /* Decide destination address. */
4152 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4153 p.prefix = oi->vl_data->peer_addr;
4154 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4155 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4156 else if (flag == OSPF_SEND_PACKET_DIRECT)
4157 p.prefix = nbr->address.u.prefix4;
4158 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4159 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4160 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4161 p.prefix.s_addr = htonl(OSPF_ALLSPFROUTERS);
4162 else
4163 p.prefix.s_addr = htonl(OSPF_ALLDROUTERS);
4164
4165 if (oi->type == OSPF_IFTYPE_NBMA) {
4166 if (flag == OSPF_SEND_PACKET_INDIRECT)
c9cc11f6 4167 flog_warn(
cf444bcf 4168 EC_OSPF_PACKET,
d62a17ae 4169 "* LS-Update is directly sent on NBMA network.");
19aad877 4170 if (IPV4_ADDR_SAME(&oi->address->u.prefix4, &p.prefix))
cf444bcf 4171 flog_warn(EC_OSPF_PACKET,
c9cc11f6 4172 "* LS-Update is sent to myself.");
d62a17ae 4173 }
4174
4175 rn = route_node_get(oi->ls_upd_queue, (struct prefix *)&p);
4176
4177 if (rn->info == NULL)
4178 rn->info = list_new();
4179 else
4180 route_unlock_node(rn);
4181
4182 for (ALL_LIST_ELEMENTS_RO(update, node, lsa))
4183 listnode_add(rn->info,
4184 ospf_lsa_lock(lsa)); /* oi->ls_upd_queue */
046460a1
CS		 4185 if (send_lsupd_now) {
4186 struct list *send_update_list;
f7813c7c 4187 struct route_node *rnext;
d62a17ae 4188
046460a1
CS		 4189 for (rn = route_top(oi->ls_upd_queue); rn; rn = rnext) {
4190 rnext = route_next(rn);
4191
4192 if (rn->info == NULL)
4193 continue;
4194
4195 send_update_list = (struct list *)rn->info;
4196
4197 ospf_ls_upd_queue_send(oi, send_update_list,
4198 rn->p.u.prefix4, 1);
046460a1
CS		 4199 }
4200 } else
4201 thread_add_event(master, ospf_ls_upd_send_queue_event, oi, 0,
996c9314 4202 &oi->t_ls_upd_event);
718e3744 4203}
4204
d62a17ae 4205static void ospf_ls_ack_send_list(struct ospf_interface *oi, struct list *ack,
4206 struct in_addr dst)
718e3744 4207{
d62a17ae 4208 struct ospf_packet *op;
d7c0a89a 4209 uint16_t length = OSPF_HEADER_SIZE;
d62a17ae 4210
4211 op = ospf_packet_new(oi->ifp->mtu);
4212
4213 /* Prepare OSPF common header. */
4214 ospf_make_header(OSPF_MSG_LS_ACK, oi, op->s);
4215
4216 /* Prepare OSPF Link State Acknowledgment body. */
4217 length += ospf_make_ls_ack(oi, ack, op->s);
4218
4219 /* Fill OSPF header. */
4220 ospf_fill_header(oi, op->s, length);
718e3744 4221
d62a17ae 4222 /* Set packet length. */
4223 op->length = length;
4224
4225 /* Decide destination address. */
c706f0e3
LB		 4226 if (oi->type == OSPF_IFTYPE_POINTOPOINT ||
4227 oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
d62a17ae 4228 op->dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4229 else
4230 op->dst.s_addr = dst.s_addr;
4231
4232 /* Add packet to the interface output queue. */
4233 ospf_packet_add(oi, op);
4234
4235 /* Hook thread to write packet. */
4236 OSPF_ISM_WRITE_ON(oi->ospf);
4237}
4238
cc9f21da 4239static void ospf_ls_ack_send_event(struct thread *thread)
d62a17ae 4240{
4241 struct ospf_interface *oi = THREAD_ARG(thread);
4242
4243 oi->t_ls_ack_direct = NULL;
4244
4245 while (listcount(oi->ls_ack_direct.ls_ack))
4246 ospf_ls_ack_send_list(oi, oi->ls_ack_direct.ls_ack,
4247 oi->ls_ack_direct.dst);
d62a17ae 4248}
4249
4250void ospf_ls_ack_send(struct ospf_neighbor *nbr, struct ospf_lsa *lsa)
4251{
4252 struct ospf_interface *oi = nbr->oi;
4253
5a77dd8f 4254 if (IS_GRACE_LSA(lsa)) {
3f87e1d8 4255 if (IS_DEBUG_OSPF_GR)
5a77dd8f 4256 zlog_debug("%s, Sending GRACE ACK to Restarter.",
a4544597 4257 __func__);
5a77dd8f 4258 }
4259
d62a17ae 4260 if (listcount(oi->ls_ack_direct.ls_ack) == 0)
4261 oi->ls_ack_direct.dst = nbr->address.u.prefix4;
4262
4263 listnode_add(oi->ls_ack_direct.ls_ack, ospf_lsa_lock(lsa));
4264
4265 thread_add_event(master, ospf_ls_ack_send_event, oi, 0,
4266 &oi->t_ls_ack_direct);
718e3744 4267}
4268
4269/* Send Link State Acknowledgment delayed. */
d62a17ae 4270void ospf_ls_ack_send_delayed(struct ospf_interface *oi)
4271{
4272 struct in_addr dst;
4273
4274 /* Decide destination address. */
4275 /* RFC2328 Section 13.5 On non-broadcast
4276 networks, delayed Link State Acknowledgment packets must be
4277 unicast separately over each adjacency (i.e., neighbor whose
4278 state is >= Exchange). */
4279 if (oi->type == OSPF_IFTYPE_NBMA) {
4280 struct ospf_neighbor *nbr;
4281 struct route_node *rn;
4282
fe61ceae
DS		 4283 for (rn = route_top(oi->nbrs); rn; rn = route_next(rn)) {
4284 nbr = rn->info;
4285
4286 if (!nbr)
4287 continue;
4288
4289 if (nbr != oi->nbr_self && nbr->state >= NSM_Exchange)
4290 while (listcount(oi->ls_ack))
4291 ospf_ls_ack_send_list(
4292 oi, oi->ls_ack,
4293 nbr->address.u.prefix4);
4294 }
d62a17ae 4295 return;
4296 }
4297 if (oi->type == OSPF_IFTYPE_VIRTUALLINK)
4298 dst.s_addr = oi->vl_data->peer_addr.s_addr;
4299 else if (oi->state == ISM_DR || oi->state == ISM_Backup)
4300 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4301 else if (oi->type == OSPF_IFTYPE_POINTOPOINT)
4302 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4303 else if (oi->type == OSPF_IFTYPE_POINTOMULTIPOINT)
4304 dst.s_addr = htonl(OSPF_ALLSPFROUTERS);
4305 else
4306 dst.s_addr = htonl(OSPF_ALLDROUTERS);
4307
4308 while (listcount(oi->ls_ack))
4309 ospf_ls_ack_send_list(oi, oi->ls_ack, dst);
718e3744 4310}
8b6912c2
DS		 4311
4312/*
4313 * On pt-to-pt links, all OSPF control packets are sent to the multicast
4314 * address. As a result, the kernel does not need to learn the interface
4315 * MAC of the OSPF neighbor. However, in our world, this will delay
4316 * convergence. Take the case when due to a link flap, all routes now
4317 * want to use an interface which was deemed to be costlier prior to this
4318 * event. For routes that will be installed, the missing MAC will have
4319 * punt-to-CPU set on them. This may overload the CPU control path that
4320 * can be avoided if the MAC was known apriori.
4321 */
d62a17ae 4322void ospf_proactively_arp(struct ospf_neighbor *nbr)
4323{
a92706bb 4324 if (!nbr || !nbr->oi->ospf->proactive_arp)
d62a17ae 4325 return;
4326
aa530b62 4327 ospf_zebra_send_arp(nbr->oi->ifp, &nbr->address);
8b6912c2 4328}
FRRouting mirror