packet.c 11.8 KB
Newer Older
1 2 3
/*
 *	BIRD -- OSPF
 *
4
 *	(c) 1999--2005 Ondrej Filip <feela@network.cz>
5 6 7 8 9
 *
 *	Can be freely distributed and used under the terms of the GNU GPL.
 */

#include "ospf.h"
10 11
#include "nest/password.h"
#include "lib/md5.h"
12 13

void
14
ospf_pkt_fill_hdr(struct ospf_iface *ifa, void *buf, u8 h_type)
15 16
{
  struct ospf_packet *pkt;
17
  struct proto *p = (struct proto *) (ifa->oa->po);
18

19
  pkt = (struct ospf_packet *) buf;
20

21
  pkt->version = OSPF_VERSION;
22

23 24
  pkt->type = h_type;

Ondřej Filip's avatar
Ondřej Filip committed
25
  pkt->routerid = htonl(p->cf->global->router_id);
26
  pkt->areaid = htonl(ifa->oa->areaid);
27 28 29 30 31 32

#ifdef OSPFv3
  pkt->instance_id = ifa->instance_id;
#endif

#ifdef OSPFv2
Ondřej Filip's avatar
Ondřej Filip committed
33
  pkt->autype = htons(ifa->autype);
34 35
#endif

36
  pkt->checksum = 0;
37 38
}

39 40 41
unsigned
ospf_pkt_maxsize(struct ospf_iface *ifa)
{
42
  /* For virtual links use mtu=576, can be mtu < 576? */
43
  unsigned mtu = (ifa->type == OSPF_IT_VLINK) ? OSPF_VLINK_MTU : ifa->iface->mtu;
44 45 46 47 48 49
  unsigned add = 0;

#ifdef OSPFv2
  add = ((ifa->autype == OSPF_AUTH_CRYPT) ? OSPF_AUTH_CRYPT_SIZE : 0);
#endif

50
  return ((mtu <=  ifa->iface->mtu) ? mtu : ifa->iface->mtu) -
51
  SIZE_OF_IP_HEADER - add;
52 53
}

54 55 56 57

#ifdef OSPFv2

static void
58
ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
59
{
60
  struct password_item *passwd = NULL;
61 62 63 64
  void *tail;
  struct MD5Context ctxt;
  char password[OSPF_AUTH_CRYPT_SIZE];

Ondřej Filip's avatar
Ondřej Filip committed
65
  pkt->autype = htons(ifa->autype);
66 67 68 69

  switch(ifa->autype)
  {
    case OSPF_AUTH_SIMPLE:
70
      bzero(&pkt->u, sizeof(union ospf_auth));
71
      passwd = password_find(ifa->passwords, 1);
72 73 74 75 76 77
      if (!passwd)
      {
        log( L_ERR "No suitable password found for authentication" );
        return;
      }
      password_cpy(pkt->u.password, passwd->password, sizeof(union ospf_auth));
78
    case OSPF_AUTH_NONE:
79 80
      pkt->checksum = ipsum_calculate(pkt, sizeof(struct ospf_packet) -
                                  sizeof(union ospf_auth), (pkt + 1),
81 82 83 84
				  ntohs(pkt->length) -
				  sizeof(struct ospf_packet), NULL);
      break;
    case OSPF_AUTH_CRYPT:
85
      passwd = password_find(ifa->passwords, 0);
86 87 88 89 90 91 92 93
      if (!passwd)
      {
        log( L_ERR "No suitable password found for authentication" );
        return;
      }

      pkt->checksum = 0;

94 95
      /* Perhaps use random value to prevent replay attacks after
	 reboot when system does not have independent RTC? */
96
      if (!ifa->csn)
97 98 99 100 101 102 103 104 105 106 107
	{
	  ifa->csn = (u32) now;
	  ifa->csn_use = now;
	}

      /* We must have sufficient delay between sending a packet and increasing 
	 CSN to prevent reordering of packets (in a network) with different CSNs */
      if ((now - ifa->csn_use) > 1)
	ifa->csn++;

      ifa->csn_use = now;
108 109 110 111

      pkt->u.md5.keyid = passwd->id;
      pkt->u.md5.len = OSPF_AUTH_CRYPT_SIZE;
      pkt->u.md5.zero = 0;
112
      pkt->u.md5.csn = htonl(ifa->csn);
113 114 115 116 117 118 119 120 121 122
      tail = ((void *)pkt) + ntohs(pkt->length);
      MD5Init(&ctxt);
      MD5Update(&ctxt, (char *) pkt, ntohs(pkt->length));
      password_cpy(password, passwd->password, OSPF_AUTH_CRYPT_SIZE);
      MD5Update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE);
      MD5Final(tail, &ctxt);
      break;
    default:
      bug("Unknown authentication type");
  }
123 124
}

125
static int
126
ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_packet *pkt, int size)
127
{
128
  struct proto_ospf *po = ifa->oa->po;
129 130 131 132 133 134 135 136
  struct proto *p = &po->proto;
  struct password_item *pass = NULL, *ptmp;
  void *tail;
  char md5sum[OSPF_AUTH_CRYPT_SIZE];
  char password[OSPF_AUTH_CRYPT_SIZE];
  struct MD5Context ctxt;


Ondřej Filip's avatar
Ondřej Filip committed
137 138
  if (pkt->autype != htons(ifa->autype))
  {
139 140
    OSPF_TRACE(D_PACKETS, "OSPF_auth: Method differs (%d)", ntohs(pkt->autype));
    return 0;
Ondřej Filip's avatar
Ondřej Filip committed
141
  }
142

143 144 145 146 147 148 149
  if (n && (ifa != n->ifa))
  {
    OSPF_TRACE(D_PACKETS, "OSPF_auth: received packet from strange interface (%s/%s)",
      ifa->iface->name, n->ifa->iface->name);
    return 0;
  }

150 151 152 153 154 155
  switch(ifa->autype)
  {
    case OSPF_AUTH_NONE:
      return 1;
      break;
    case OSPF_AUTH_SIMPLE:
156
      pass = password_find(ifa->passwords, 1);
157
      if (!pass)
158 159 160 161
      {
        OSPF_TRACE(D_PACKETS, "OSPF_auth: no password found");
	return 0;
      }
162
      password_cpy(password, pass->password, sizeof(union ospf_auth));
163

164
      if (memcmp(pkt->u.password, password, sizeof(union ospf_auth)))
165
      {
166 167 168 169
        char ppass[sizeof(union ospf_auth) + 1];
        bzero(ppass, (sizeof(union ospf_auth) + 1));
        memcpy(ppass, pkt->u.password, sizeof(union ospf_auth));
        OSPF_TRACE(D_PACKETS, "OSPF_auth: different passwords (%s)", ppass);
170 171
	return 0;
      }
172
      return 1;
173 174 175 176 177 178 179
      break;
    case OSPF_AUTH_CRYPT:
      if (pkt->u.md5.len != OSPF_AUTH_CRYPT_SIZE)
      {
        OSPF_TRACE(D_PACKETS, "OSPF_auth: wrong size of md5 digest");
        return 0;
      }
180

181 182
      if (ntohs(pkt->length) + OSPF_AUTH_CRYPT_SIZE != size)
      {
Ondřej Filip's avatar
Ondřej Filip committed
183
        OSPF_TRACE(D_PACKETS, "OSPF_auth: size mismatch (%d vs %d)",
184
	  ntohs(pkt->length) + OSPF_AUTH_CRYPT_SIZE, size);
185 186 187 188 189 190 191 192 193 194 195
        return 0;
      }

      if (pkt->u.md5.zero)
      {
        OSPF_TRACE(D_PACKETS, "OSPF_auth: \"zero\" area is non-zero");
        return 0;
      }

      tail = ((void *)pkt) + ntohs(pkt->length);

196
      if (ifa->passwords)
197
      {
198 199 200 201 202 203 204
	WALK_LIST(ptmp, *(ifa->passwords))
	{
	  if (pkt->u.md5.keyid != ptmp->id) continue;
	  if ((ptmp->accfrom > now_real) || (ptmp->accto < now_real)) continue;
	  pass = ptmp;
	  break;
	}
205 206
      }

207
      if (!pass)
208 209 210 211 212
      {
        OSPF_TRACE(D_PACKETS, "OSPF_auth: no suitable md5 password found");
        return 0;
      }

213
      if (n)
214
      {
215 216 217 218 219 220 221 222
	u32 rcv_csn = ntohl(pkt->u.md5.csn);
	if(rcv_csn < n->csn)
	{
	  OSPF_TRACE(D_PACKETS, "OSPF_auth: lower sequence number (rcv %d, old %d)", rcv_csn, n->csn);
	  return 0;
	}

	n->csn = rcv_csn;
223 224 225 226 227 228 229
      }

      MD5Init(&ctxt);
      MD5Update(&ctxt, (char *) pkt, ntohs(pkt->length));
      password_cpy(password, pass->password, OSPF_AUTH_CRYPT_SIZE);
      MD5Update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE);
      MD5Final(md5sum, &ctxt);
230
      if (memcmp(md5sum, tail, OSPF_AUTH_CRYPT_SIZE))
231 232 233 234 235 236 237 238 239 240
      {
        OSPF_TRACE(D_PACKETS, "OSPF_auth: wrong md5 digest");
        return 0;
      }
      return 1;
      break;
    default:
      OSPF_TRACE(D_PACKETS, "OSPF_auth: unknown auth type");
      return 0;
  }
241 242
}

243 244 245 246 247 248 249 250 251 252 253 254 255 256
#else

/* OSPFv3 authentication not yet supported */

static inline void
ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt)
{ }

static int
ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_packet *pkt, int size)
{ return 1; }

#endif

Ondřej Filip's avatar
Ondřej Filip committed
257 258
/**
 * ospf_rx_hook
259
 * @sk: socket we received the packet. Its ignored.
Ondřej Filip's avatar
Ondřej Filip committed
260 261
 * @size: size of the packet
 *
262 263
 * This is the entry point for messages from neighbors. Many checks (like
 * authentication, checksums, size) are done before the packet is passed to
Ondřej Filip's avatar
Ondřej Filip committed
264 265
 * non generic functions.
 */
266
int
Ondřej Filip's avatar
Ondřej Filip committed
267
ospf_rx_hook(sock * sk, int size)
268 269
{
  struct ospf_packet *ps;
270
  struct ospf_iface *ifa = (struct ospf_iface *) (sk->data);
271 272
  struct proto_ospf *po = ifa->oa->po;
  struct proto *p = &po->proto;
273
  struct ospf_neighbor *n;
274
  int osize;
275
  char *mesg = "Bad OSPF packet from ";
276
  struct ospf_iface *iff;
277

278 279 280
  if (ifa->stub)
    return (1);

281
  ps = (struct ospf_packet *) ip_skip_header(sk->rbuf, &size);
282

283 284 285 286 287 288
  if (ps == NULL)
  {
    log(L_ERR "%s%I - bad IP header", mesg, sk->faddr);
    return 1;
  }

289 290 291 292 293 294 295 296 297 298 299 300
  if ((ifa->oa->areaid != 0) && (ntohl(ps->areaid) == 0))
  {
    WALK_LIST(iff, po->iface_list)
    {
      if ((iff->type == OSPF_IT_VLINK) && (iff->iface == ifa->iface) &&
          (iff->voa = ifa->oa) && ipa_equal(sk->faddr, iff->vip))
      {
        return 1;       /* Packet is for VLINK */
      }
    }
  }

Ondřej Filip's avatar
Ondřej Filip committed
301
  DBG("%s: RX_Hook called on interface %s.\n", p->name, sk->iface->name);
302

303
  osize = ntohs(ps->length);
304

Ondřej Filip's avatar
Ondřej Filip committed
305 306
  if ((unsigned) size < sizeof(struct ospf_packet))
  {
307 308
    log(L_ERR "%s%I - too short (%u bytes)", mesg, sk->faddr, size);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
309
  }
310

311
  if ((osize > size) || (osize != (4 * (osize / 4))))
Ondřej Filip's avatar
Ondřej Filip committed
312
  {
313
    log(L_ERR "%s%I - size field does not match (%d/%d)", mesg, sk->faddr, ntohs(ps->length), size );
314
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
315
  }
316 317

  if (ps->version != OSPF_VERSION)
Ondřej Filip's avatar
Ondřej Filip committed
318
  {
319 320
    log(L_ERR "%s%I - version %u", mesg, sk->faddr, ps->version);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
321
  }
322

323 324
  /* FIXME - handle checksums in OSPFv3  */ 
#ifdef OSPFv2
325 326
  if ((ps->autype != htons(OSPF_AUTH_CRYPT)) &&
      (!ipsum_verify(ps, 16, (void *) ps + sizeof(struct ospf_packet),
327
		    ntohs(ps->length) - sizeof(struct ospf_packet), NULL)))
Ondřej Filip's avatar
Ondřej Filip committed
328
  {
329 330
    log(L_ERR "%s%I - bad checksum", mesg, sk->faddr);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
331
  }
332
#endif
333

334
  if (ntohl(ps->areaid) != ifa->oa->areaid)
Ondřej Filip's avatar
Ondřej Filip committed
335
  {
336
    log(L_ERR "%s%I - different area (%u)", mesg, sk->faddr, ntohl(ps->areaid));
337
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
338
  }
339

340 341 342 343 344 345 346 347 348
  /* FIXME - handling of instance id should be better */
#ifdef OSPFv3
  if (ps->instance_id != ifa->instance_id)
  {
    log(L_ERR "%s%I - different instance (%u)", mesg, sk->faddr, ps->instance_id);
    return 1;
  }
#endif

Ondřej Filip's avatar
Ondřej Filip committed
349 350
  if (ntohl(ps->routerid) == p->cf->global->router_id)
  {
351 352
    log(L_ERR "%s%I - received my own router ID!", mesg, sk->faddr);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
353
  }
354

Ondřej Filip's avatar
Ondřej Filip committed
355 356
  if (ntohl(ps->routerid) == 0)
  {
357 358 359 360
    log(L_ERR "%s%I - router id = 0.0.0.0", mesg, sk->faddr);
    return 1;
  }

Ondřej Filip's avatar
Ondřej Filip committed
361
  if (((unsigned) size > sk->rbsize) || (ntohs(ps->length) > sk->rbsize))
362
  {
Ondřej Filip's avatar
Ondřej Filip committed
363 364
    log(L_ERR "%s%I - packet is too large (%d-%d vs %d)",
      mesg, sk->faddr, size, ntohs(ps->length), sk->rbsize);
365 366 367
    return 1;
  }

368 369 370
  /* This is deviation from RFC 2328 - neighbours should be identified by
   * IP address on broadcast and NBMA networks.
   */
371 372 373 374 375 376
  n = find_neigh(ifa, ntohl(((struct ospf_packet *) ps)->routerid));

  if(!n && (ps->type != HELLO_P))
  {
    OSPF_TRACE(D_PACKETS, "Received non-hello packet from uknown neighbor (%I)", sk->faddr);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
377
  }
378

379
  if (!ospf_pkt_checkauth(n, ifa, ps, size))
380 381 382 383 384
  {
    log(L_ERR "%s%I - authentification failed", mesg, sk->faddr);
    return 1;
  }

Ondřej Filip's avatar
Ondřej Filip committed
385
  /* Dump packet 
386 387 388 389 390 391 392 393
     pu8=(u8 *)(sk->rbuf+5*4);
     for(i=0;i<ntohs(ps->length);i+=4)
     DBG("%s: received %u,%u,%u,%u\n",p->name, pu8[i+0], pu8[i+1], pu8[i+2],
     pu8[i+3]);
     DBG("%s: received size: %u\n",p->name,size);
   */

  switch (ps->type)
Ondřej Filip's avatar
Ondřej Filip committed
394 395 396
  {
  case HELLO_P:
    DBG("%s: Hello received.\n", p->name);
397
    ospf_hello_receive(ps, ifa, n, sk->faddr);
Ondřej Filip's avatar
Ondřej Filip committed
398 399 400
    break;
  case DBDES_P:
    DBG("%s: Database description received.\n", p->name);
401
    ospf_dbdes_receive(ps, ifa, n);
Ondřej Filip's avatar
Ondřej Filip committed
402 403 404
    break;
  case LSREQ_P:
    DBG("%s: Link state request received.\n", p->name);
405
    ospf_lsreq_receive(ps, ifa, n);
Ondřej Filip's avatar
Ondřej Filip committed
406 407 408
    break;
  case LSUPD_P:
    DBG("%s: Link state update received.\n", p->name);
409
    ospf_lsupd_receive(ps, ifa, n);
Ondřej Filip's avatar
Ondřej Filip committed
410 411 412
    break;
  case LSACK_P:
    DBG("%s: Link state ack received.\n", p->name);
413
    ospf_lsack_receive(ps, ifa, n);
Ondřej Filip's avatar
Ondřej Filip committed
414 415
    break;
  default:
416 417
    log(L_ERR "%s%I - wrong type %u", mesg, sk->faddr, ps->type);
    return 1;
Ondřej Filip's avatar
Ondřej Filip committed
418
  };
419
  return 1;
420 421 422
}

void
Ondřej Filip's avatar
Ondřej Filip committed
423
ospf_tx_hook(sock * sk)
424
{
425 426
  struct ospf_iface *ifa= (struct ospf_iface *) (sk->data);
  struct proto *p = (struct proto *) (ifa->oa->po);
427
  log(L_ERR "%s: TX_Hook called on interface %s\n", p->name, sk->iface->name);
428 429 430
}

void
Ondřej Filip's avatar
Ondřej Filip committed
431
ospf_err_hook(sock * sk, int err)
432
{
433 434
  struct ospf_iface *ifa= (struct ospf_iface *) (sk->data);
  struct proto *p = (struct proto *) (ifa->oa->po);
Ondřej Filip's avatar
Ondřej Filip committed
435 436
  log(L_ERR "%s: Err_Hook called on interface %s with err=%d\n",
    p->name, sk->iface->name, err);
437 438
}

439
void
440
ospf_send_to_agt(sock * sk, struct ospf_iface *ifa, u8 state)
441 442 443
{
  struct ospf_neighbor *n;

444
  WALK_LIST(n, ifa->neigh_list) if (n->state >= state)
445
    ospf_send_to(sk, n->ip, ifa);
446
}
447 448

void
449
ospf_send_to_bdr(sock * sk, struct ospf_iface *ifa)
450
{
451
  if (!ipa_equal(ifa->drip, IPA_NONE))
452
    ospf_send_to(sk, ifa->drip, ifa);
453
  if (!ipa_equal(ifa->bdrip, IPA_NONE))
454
    ospf_send_to(sk, ifa->bdrip, ifa);
455
}
Ondřej Filip's avatar
Ondřej Filip committed
456 457

void
458
ospf_send_to(sock *sk, ip_addr ip, struct ospf_iface *ifa)
Ondřej Filip's avatar
Ondřej Filip committed
459
{
460
  struct ospf_packet *pkt = (struct ospf_packet *) sk->tbuf;
461
  int len = ntohs(pkt->length);
462

463 464 465 466 467 468
#ifdef OSPFv2
  if (ifa->autype == OSPF_AUTH_CRYPT)
    len += OSPF_AUTH_CRYPT_SIZE;
#endif

  ospf_pkt_finalize(ifa, pkt);
469 470 471
  if (sk->tbuf != sk->tpos)
    log(L_ERR "Aiee, old packet was overwritted in TX buffer");

472 473 474 475
  if (ipa_equal(ip, IPA_NONE))
    sk_send(sk, len);
  else
    sk_send_to(sk, len, ip, OSPF_PROTO);
Ondřej Filip's avatar
Ondřej Filip committed
476 477
}