summaryrefslogtreecommitdiff
path: root/ospfd/ospf_packet.c
AgeCommit message (Collapse)Author
2013-08-06ospfd: protect vs. VU#229804 (malformed Router-LSA)David Lamparter
VU#229804 reports that, by injecting Router LSAs with the Advertising Router ID different from the Link State ID, OSPF implementations can be tricked into retaining and using invalid information. Quagga is not vulnerable to this because it looks up Router LSAs by (Router-ID, LS-ID) pair. The relevant code is in ospf_lsa.c l.3140. Note the double "id" parameter at the end. Still, we can provide an improvement here by discarding such malformed LSAs and providing a warning to the administrator. While we cannot prevent such malformed LSAs from entering the OSPF domain, we can certainly try to limit their distribution. cf. http://www.kb.cert.org/vuls/id/229804 for the vulnerability report. This issue is a specification issue in the OSPF protocol that was discovered by Dr. Gabi Nakibly. Reported-by: CERT Coordination Center <cert@cert.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-04-20ospfd: fix flooding procedureChristian Franke
An ospf router should accept a new maxage LSA into its lsdb if it has any neighbors in state Exchange or Loading. ospfd would however only account for neighbors on the same interface which does not seem to be a valid optimization. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: Joachim Nilsson <troglobit@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
2013-04-09ospfd: fix LSA initialization for build without opaque LSAChristian Franke
If configured without opaque LSA support, the old code would incorrectly associate type 5 LSAs with an area. Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-07ospfd: compile warning cleanupsAndrew Certain
A set of patches to clarify some comments as well as cleanup code that was causing warnings. After these patches, the code can be compiled with -Wall -Wsign-compare -Wpointer-arith -Wbad-function-cast -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wchar-subscripts -Wcast-qual -Wextra -Wno-unused-parameter -Wno-missing-field-initializers (what is current in trunk plus -Wextra -Wno-unused-parameter -Wno-missing-field-initializers). Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
2013-01-07ospfd: Update comments to be more clear in packet processingAndrew Certain
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
2013-01-07ospf: Reduce MaxAge log levelAyan Banerjee
Reduce the log level for the MaxAge LSA reception when such an LSA does not exist in the database. Signed-off-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
2012-10-25lib: improve fletcher checksum validationJR Rivers
OVERVIEW The checksum used in OSPF (rfc2328) is specified in rc905 annex B. There is an sample implementation in rfc1008 which forms the basis of the quagga implementation. This algorithm works perfectly when generating a checksum; however, validation is a bit problematic. The following LSA (generated by a non-quagga implementation) is received by quagga and marked with an invalid checksum; however, it passes both the rfc905 and rfc1008 validation checks. static uint8_t lsa_10_121_233_29[] = { 0x0e, 0x10, 0x02, 0x03, 0x09, 0x00, 0x35, 0x40, 0x0a, 0x79, 0xe9, 0x1d, 0x80, 0x00, 0x00, 0x03, 0x00, 0x8a, 0x00, 0x1c, 0xff, 0xff, 0xff, 0xe0, 0x00, 0x00, 0x36, 0xb0 }; LS Type: Summary-LSA (IP network) LS Age: 3600 seconds Do Not Age: False Options: 0x02 (E) Link-State Advertisement Type: Summary-LSA (IP network) (3) Link State ID: 9.0.53.64 Advertising Router: 10.121.233.29 (10.121.233.29) LS Sequence Number: 0x80000003 LS Checksum: 0x008a Length: 28 Netmask: 255.255.255.224 Metric: 14000 You'll note that one byte of the checksum is 0x00; quagga would calculate the checksum as 0xff8a. It can be argued that the sourcing implementation generates an incorrect checksum; however, rfc905 indicates that, for 1's complement arithmetic, the value 255 shall be regarded as 0, thus either values are valid. EXPLANATION The quagga ospfd and ospf6d implementations operate by copying the PDU's existing checksum in a holding variable, calculating the checksum, and comparing the resulting checksum to the original. As a note, this implementation has the side effect of modifying the contents of the PDU. Evaluation of both rfc905 and rfc1008 shows that checksum validation should involve calculating the sum over the PDU and checking that both resulting C0 and C1 values are zero. This behavior is enacted in the rfc1008 implementation by calling encodecc with k = 0 (checksum offset); however, this functionality had been omitted from the quagga implementation. PATCH This patch adds the ability to call the quagga's fletcher_checksum() with a checksum offset value of 0xffff (aka FLETCHER_CHECKSUM_VALIDATE) which returns the sum over the buffer (a value of 0 indicates a valid checksum). This is similar to the mechanism in rfc1008 when called with k = 0. The patch also introduces ospf_lsa_checksum_valid(). ospf6d had it's own implementation of the fletcher checksum in ospf6_lsa_checksum(); it's the same algorithm as in fletcher_checksum(). This patch removes the local implementation in favor of the library's as well as creates and uses ospf6_lsa_checksum_valid(). quagga's ISIS implementation suffers from the same problem; however, I do not have the facilities to validate a fix to ISIS, thus this change has been left to the ISIS maintainers. The function iso_csum_verify() should be reduced to running the fletcher checksum over the buffer using an offset of 0. Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com> Reviewed-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-03-12ospfd: reduce ospf_verify_header()Denis Ovsienko
Protocol version checks fits ospf_packet_examin() better (like it is implemented in ospf6d), and packet type check is already there.
2012-03-12ospfd: bring ospf_check_auth() into focusDenis Ovsienko
The old ospf_check_auth() function did two different jobs depending on AuType. For Null and Simple cases it actually authenticated the packet, but for Cryptographic case it only checked declared packet size (not taking the actual number of bytes on wire into account). The calling function, ospf_verify_header(), had its own set of MD5/checksum checks dispatched depending on AuType. This commit makes the packet size check work against the real number of bytes and moves it to ospf_packet_examine(). All MD5/checksum verification is now performed in ospf_check_auth() function. * ospf_packet.c * ospf_packet_examin(): check length with MD5 bytes in mind * ospf_verify_header(): remove all AuType-specific code * ospf_check_auth(): completely rewrite
2012-03-12ospfd: fix packet length check for auth/LLS casesDenis Ovsienko
An OSPFv2 packet with trailing data blocks (authentication and/or link-local signaling) failed the recently implemented packet length check, because trailing data length isn't counted in the packet header "length" field. This commit fixes respective check conditions. * ospf_packet.c * ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
2012-03-12ospfd: introduce ospf_lsa_minlen[] (BZ#705)Denis Ovsienko
This commit ports more packet checks to OSPFv2, in particular, LSA size verification and Router-LSA link blocks verification. * ospf_lsa.h: add LSA size macros * ospf_packet.h: add struct ospf_ls_update * ospf_packet.c * ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[] * ospf_router_lsa_links_examin(): new function, verifies trailing part of a Router-LSA * ospf_lsa_examin(): new function like ospf6_lsa_examin() * ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin() * ospf_packet_examin(): add type-specific deeper level checks
2012-03-12ospfd: review ospf_check_md5_digest()Denis Ovsienko
Rewrite some pointer arithmetics without the additional variables and move byte order conversion inside the function.
2012-03-12ospfd: review ospf_check_auth()Denis Ovsienko
1. The only purpose of "ibuf" argument was to get stream size, which was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized in ospf_new(). 2. Fix the packet size check condition, which was incorrect for very large packets, at least in theory.
2012-03-12ospfd: introduce ospf_packet_minlen[] (BZ#705)Denis Ovsienko
This commit ports some of the OSPFv3 packet reception checks to OSPFv2. * ospf_packet.c * ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[] * ospf_packet_examin(): new function designed after the first part of ospf6_packet_examin() * ospf_read(): verify received packet with ospf_packet_examin() * ospf_packet.h: add convenience macros
2012-03-12ospfd: fix ospf_packet_add_top() to use LOOKUP()Denis Ovsienko
2012-03-12ospfd: use LOOKUP() for ospf_packet_type_strDenis Ovsienko
* ospf_packet.h: add proper str/max extern declarations * ospf_packet.c * ospf_packet_type_str: rewrite in "struct message", add max value * ospf_packet_add(): use LOOKUP() * ospf_write(): ditto * ospf_hello(): ditto * ospf_read(): ditto * ospf_dump.h: the declaration does not belong here * ospf_dump.c * ospf_header_dump(): use LOOKUP() * show_debugging_ospf(): ditto
2012-01-06general: remove inline qualifiers and move in-header functions to objectsPaul Jakma
* (general) Move functions in headers into files, to be compiled into shared object files. Remove inline qualifier from functions. Let the compiler do the work.
2012-01-02ospfd: fix packet reception for FreeBSD 10.Dmitrij Tejblum
* ospf_packet.c (ospf_recv_packet): FreeBSD, starting from version 10, will not subtract the IP header size from ip_len. This is the patch from FreeBSD's ports/net/quagga/files/patch-ospfd__ospf_packet.c, by Boris Kovalenko.
2011-12-21ospfd: more info in LSA checksum warning (BZ#685)Jaroslav Fojtik
2011-09-29ospfd: fix regression in recent commitYAMAMOTO Shigeru
commit '717750433839762d23a5f8d88fe0b4d57c8d490a' causes SEGV error, when 'oi = ospf_if_lookup_recv_if (ospf, iph->ip_src, ifp);' returns NULL. * ospf_packet.c * ospf_read(): change a place of calling 'ospf_verify_header()'
2011-09-26ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. The error is reproducible only when ospfd debugging is enabled: * debug ospf packet all * debug ospf zebra When incoming packet header type field is set to 0x0a, ospfd will crash. * ospf_packet.c * ospf_verify_header(): add type field check * ospf_read(): perform input checks early
2011-09-26ospfd: CVE-2011-3325 part 1 (OSPF header underrun)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. When only 14 first bytes of a Hello packet is delivered, ospfd crashes. * ospf_packet.c * ospf_read(): add size check
2011-07-13Merge remote-tracking branch 'polymorf/master'Greg Troxel
2010-12-08ospfd: Prioritise hellos for sending by queueing to head of output bufferPaul Jakma
* It's possible for the packet output buffer to be filled up with a long series of non-Hello packets in between Hellos packets, such that the router's neighbours don't receive the Hello packet in time, even though the hello-timer ran at about the right time. Fix this by prioritising Hello packets, letting them skip the queue and go ahead of any packets already on the queue. This problem can occur when there are lots of LSAs and slow links. * ospf_packet.h: (ospf_hello_send_sub) not used outside of ospf_packet.c * ospf_packet.c: (ospf_fifo_push_head) add packet to head of fifo (so its no longer really a fifo, but hey) (ospf_packet_add_top) add packet to top of the packet output queue. (ospf_hello_send_sub) Put Hello's at the top of the packet output queue. make it take in_addr_t parameter, so that this ospf_hello_send can re-use this code too. (ospf_hello_send) consolidate code by using ospf_hello_send_sub (ospf_poll_send,ospf_hello_reply_timer) adjust for ospf_hello_send_sub.
2010-12-08ospfd: Reset neighbour inactivity timer for any packet arrivalPaul Jakma
* The hello protocol monitors connectivity in 2 different ways: a) local -> remote b) remote -> local Connectivity is required in both directions (2-way) for adjacencies to form. The first requires a round-trip to detect, and is done by advertising which other hosts a router knows about in its hello messages. This allows a host to detect which other routers are and are not receiving its message. If a remote neighbour delists the local router, then the local router raises a "1-Way Received" event. The latter is straight-forward, and is detected by setting a timer for the neighbour. If another Hello packet is not received within this time then the neighbour is dead, and a separate "Inactive" event is raised. These are 2 different and relatively independent measures. Knowing that we can optimise the 2nd, remote->local measure and reset the timer when /any/ packet arrives from that neighbour. For any packet is as good as a Hello packet. This can help in marginal situations, where the number of protocol messages that must be sent sometimes can exceed the capacity of the network to transmit the messages within the configured dead-time. I.e. an OSPF network with lots of LSAs, slow links and/or slow hosts (e.g. O(10k) LSAs, O(100kbit) links, embedded CPUs, and O(10s) dead-times). This optimisation allows an OSPF network to run closer to this margin, and/or allows networks to perhaps better cope with rare periods of exceptional load, where otherwise they would not. It's fully compatible with plain OSPF implementations and doesn't prejudice dead-neighbour detection. * ospf_nsm.h: Rename HelloReceived event to PacketReceived. * ospf_nsm.c: (nsm_hello_received) -> nsm_packet_received * ospf_packet.c: Schedule PacketReceived whenever a valid message is received.
2010-12-08ospfd: OSPF_MIN_LS_ARRIVAL compare should be >= to match ospf_floodPaul Jakma
* ospf_packet.c: (ospf_ls_upd) the corresponding test on the arrival side in (ospf_flood) is <, so this should be >=, not >, purely for consistency. There is no practical effect here though.
2010-05-11Fix ip_len byte order in DragonFly's raw socketDavid BÉRARD
2010-01-14ospfd: Fix debug messages that were masked by DISCARD_LSAPaul Jakma
* ospf_packet.c: (ospf_ls_upd) DISCARD_LSA continues, and so should be after debug messages, not before them.
2009-08-11ospfd: Make "Packet ... received on wrong link" conditional on debugPaul Jakma
* ospf_packet.c: make this message conditional on 'debug ospf event', as it be easily triggered with, e.g., multiple subnets sharing same physical network. E.g, see bug #532.
2009-07-28ospfd: Make ospf_if_lookup_recv_if() find the right unnumbered i/fJoakim Tjernlund
This function will return the interface for the first matching remote address for PtP i/f's. That won't work for multiple unnumbered i/f's as these may all have the same address. Pass in the struct interface pointer, ifp, to find the correct set of oi's to search in. This also reduces the size of the search list, making it faster. * ospfd/ospf_interface.c: Add struct interface * param to ospf_if_lookup_recv_if() to select the right list to search in. * ospfd/ospf_interface.h: ditto. * ospfd/ospf_packet.c: Pass new ifp argument to ospf_if_lookup_recv_if()
2009-06-24[ospfd] discount IP header size from a new LSA pktDmitry Tejblum
2008-09-24[ospfd] Move passive interface checkJoakim Tjernlund
* ospf_packet.c: Apply passive check and drop for all packages and not just Hellos. Signed-off-by: Paul Jakma <paul@quagga.net>
2008-08-25Set destination for PtP links to OSPF_ALLSPFROUTERS.Joakim Tjernlund
Update ospf_db_desc_send(), ospf_ls_upd_queue_send() and ospf_ls_req_send() to always use OSPF_ALLSPFROUTERS for PtP links. See RFC 2328, chap 8.1 for details: "The IP destination address for the packet is selected as follows. On physical point-to-point networks, the IP destination is always set to the address AllSPFRouters." Without this, it won't be possible to establish adjacencies on multiple unnumbered links to the same router. ChangeLog: 2008-07-25 Joakim Tjernlund <Joakim.Tjernlund@transmode.se> * ospfd/ospf_packet.c: Set destination for PtP links to OSPF_ALLSPFROUTERS.
2007-08-21Bug #362 is fixed now.Denis Ovsienko
2007-05-10[autoconf] bugs 162,303,178: Fix 'present but can not be compiled' warningsPaul Jakma
2007-05-09 Paul Jakma <paul.jakma@sun.com> * configure.ac: sys/conf.h depends on sys/param.h, at least on FBSD 6.2. (bug #363) Should check for in_pktinfo for IRDP 2006-05-27 Paul Jakma <paul.jakma@sun.com> * configure.ac: General cleanup of header and type checks, introducing an internal define, QUAGGA_INCLUDES, to build up a list of stuff to include so as to avoid 'present but cant be compiled' warnings. Misc additional checks of things missing according to autoscan. Add LIBM, for bgpd's use of libm, so as to avoid burdening LIBS, and all the binaries, with libm linkage. Remove the bad practice of using m4 changequote(), just quote the []'s in the case statements properly. This should fix bugs 162, 303 and 178. * */*.{c,h}: Update all HAVE_* to the standard autoconf namespaced HAVE_* defines. I.e. HAVE_SA_LEN -> HAVE_STRUCT_SOCKADDR_SA_LEN, * bgpd/Makefile.am: Add LIBM to bgpd's LDADD, for pow().
2006-10-22[ospfd] Add passive-interface default supportPaul Jakma
2006-10-22 Yar Tikhiy <yar@comp.chem.msu.su> * (general) Add support for passive-interface default (with minor edits by Paul Jakma). * ospf_interface.h: Add OSPF_IF_PASSIVE_STATUS macro, looking at configured value, or the global 'default' value, as required. * ospf_interface.c: (ospf_if_new_hook) Leave passive unconfigured per default, allowing global 'default' to take effect for unconfigured interfaces. * ospf_packet.c: (various) use OSPF_IF_PASSIVE_STATUS * ospf_vty.c: (ospf_passive_interface_default) new function, unset passive from all interfaces if default is enabled, as the per-iface settings become redundant. (ospf_passive_interface_update) new func, update passive setting taking global default into account. ({no,}ospf_passive_interface_addr_cmd) Add support for 'default' variant of command. (show_ip_ospf_interface_sub) Update to take global default into account when printing passive status. (ospf_config_write) ditto. * ospfd.c: (ospf_new) set global passive-interface default. * ospfd.h: (struct ospf) Add field for global passive-interface.
2006-09-25[ospfd] Improve some warning messages.Andrew J. Schorr
2006-09-25 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * ospf_packet.c: (ospf_packet_dup, ospf_make_md5_digest) Fix zlog_warn messages to eliminate compiler warnings. (ospf_hello) Improve warning messages to show why we are complaining.
2006-08-30[ospfd] Fix assertion in DB-exchange fix, hit by ogier-db-ex-opt commitPaul Jakma
2006-08-28 Andy Gay <andy@andynet.net> * ospf_packet.c: (ospf_make_db_desc) Assert added with More-bit fixes does not hold up with addition of Ogier DB-Exchange optimisation, which can empty the db-summary list in between sent DD packets. Remove assert, update More-bit always when in Exchange.
2006-08-27[ospfd] Bug #134, ospfd should be more robust to backward time changePaul Jakma
2006-08-25 Paul Jakma <paul.jakma@sun.com> * (general) Bug #134. Be more robust to backward time changes, use the newly added libzebra time functions. In most cases: recent_time -> recent_relative_time() gettimeofday -> quagga_gettime (QUAGGA_CLK_MONOTONIC, ..) time -> quagga_time. (ospf_make_md5_digest) time() call deliberately not changed. (ospf_external_lsa_refresh) remove useless gettimeofday, LSA tv_orig time was already set in ospf_lsa_new, called via ospf_external_lsa_new.
2006-08-27[ospfd] draft-ogier-ospf-dbex-opt DB-exchange optimisationPaul Jakma
2006-08-03 Paul Jakma <paul.jakma@sun.com> * ospf_packet.c: (ospf_make_db_desc) Implement draft-ogier-ospf-dbex-opt DB-exchange optimisation.
2006-08-27[ospfd] Raise ExchangeDone earlier, avoid often needless round of DD packetsPaul Jakma
2006-08-03 Paul Jakma <paul.jakma@sun.com> * ospf_packet.c: (ospf_make_db_desc) Unset the DD More bit after constructing the packet, if appropriate. (ospf_db_desc_proc) Speed up Exchange, slave should raise ExchangeDone earlier, as RFC mandates, by forming its reply before deciding whether both sides are done, avoids a needless round of empty DD packet exchanges at the end of Exchange, hence speeding up ExchangeDone. (ospf_db_desc) use UNSET_FLAG macro.
2006-07-26[ospfd] Allow ospf_lsa_unlock to NULL out callers' LSA pointers upon freePaul Jakma
2006-07-26 Paul Jakma <paul.jakma@sun.com> * ospf_lsa.{c,h}: (ospf_lsa_unlock) Change to take a double pointer to the LSA to be 'unlocked', so that, if the LSA is freed, the callers pointer to the LSA can be NULLed out, allowing any further use of that pointer to provoke a crash sooner rather than later. * ospf_*.c: (general) Adjust callers of ospf_lsa_unlock to match previous. Try annotate 'locking' somewhat to show which 'locks' are protecting what LSA reference, if not obvious. * ospf_opaque.c: (ospf_opaque_lsa_install) Trivial: remove useless goto, replace with return. * ospf_packet.c: (ospf_make_ls_ack) Trivial: merge two list loops, the dual-loop predated the delete-safe list-loop macro.
2006-07-11[ospfd] Improve Hello NetworkMask mismatch warning to give more infoAndrew J. Schorr
2006-07-10 Andrew J. Schorr <ajschorr@alumni.princeton.edu> * ospf_packet.c: (ospf_hello) Improve NetworkMask mismatch warning message to include interface name and conflicting prefix lengths.
2006-06-15[ospfd] Fix multicast membership drop bugPaul Jakma
2006-06-15 Paul Jakma <paul.jakma@sun.com> * Reported by Milan Koci * ospf_interface.h: (struct ospf_if_info) Add reference counts for multicast group memberships. Add various macros to help manipulate/check membership state. * ospf_interface.c: (ospf_if_set_multicast) Maintain the ospf_if_info reference counts, and only actually drop memberships if it hits 0, to avoid losing membership when OSPF is disabled on an interface with multiple active OSPF interfaces. * ospf_packet.c: (ospf_{hello,read}) Use the new macros to check/set multicast membership. * ospf_vty.c: (show_ip_ospf_interface_sub) ditto.
2006-06-15[ospfd] suppres mostly uninteresting debug message unless debug is setPaul Jakma
2006-05-30 Paul Jakma <paul.jakma@sun.com> * ospf_packet.c: (ospf_read) Debug message about packets received on unenabled interfaces should be conditional on debug being set.
2006-01-17[ospfd/zserv] adjust to new formatpaul
2006-01-17 Paul Jakma <paul.jakma@sun.com> * ospf_packet.c: (ospf_verify_header) print out the types involved if there's a mismatch. * ospf_zebra.c: (ospf_zebra_add) Adjust to new zserv format.
2006-01-10[ospfd] fix undefined effect expressionpaul
2006-01-10 Juris Kalnins <juris@mt.lv> * ospf_packet.c: (ospf_make_md5_digest) fix odd, if not undefined effect, assignment of an increment expression.
2005-11-032005-11-03 Paul Jakma <paul.jakma@sun.com>paul
* ospf_packet.c: Change level of some warnings to informational.
2005-11-032005-11-03 Paul Jakma <paul.jakma@sun.com>paul
* ospf_apiserver.c: (apiserver_sync_callback) stray semi-colon * ospf_packet.c: include checksum.h, remove the in_cksum extern * prototypes. * ospf_te.h: Add braces, quell warning.
2005-10-212005-10-21 Paul Jakma <paul.jakma@sun.com>paul
* (general) SPF millisecond resolution timer with adaptive, linear back-off holdtime. Prettification of ospf_timer_dump. * ospf_dump.c: (ospf_timeval_dump) new function. The guts of ospf_timer_dump, but made to be more dynamic in printing out the relative timeval, sliding the precision printed out according to the value. (ospf_timer_dump) guts moved to ospf_timeval_dump. * ospf_dump.h: export ospf_timeval_dump. * ospf_flood.c: (ospf_flood) remove gettimeofday, use the libzebra exported recent_time instead, as it's not terribly critical to have time exactly right - the dropped LSA will be retransmited to us if we don't ACK it. * ospf_packet.c: (ospf_ls_upd_timer) Ditto, but here we're not transmitting, just putting LSA back on update transmit list. * ospfd.h: delay and holdtimes should be unsigned. Add spf_max_holdtime and spf_hold_multiplier. Update default defines for delay and hold time to be in msec. (struct ospf) change the SPF timestamp to a struct timeval. Remove ospf_timers_spf_(un)?set. * ospfd.c: (ospf_timers_spf_{set,unset}) removed. (ospf_new) initialise spf_max_holdtime and spf_hold_multiplier * ospf_spf.c: (ospf_spf_calculate) SPF timestamp is a timeval now, update with gettimeofday. (ospf_spf_calculate_schedule) Change SPF timers to millisecond resolution. Make the holdtime be adaptive, with a linear increase in holdtime ever consecutive SPF run which occurs within holdtime of previous SPF, bounded by spf_max_holdtime. * ospf_vty.c: Update spf timers commands. (ospf_timers_spf_set) trivial helper. (ospf_timers_throttle_spf_cmd) new command to set SPF delay, initial hold and max hold times with millisecond resolution. (ospf_timers_spf_cmd) Deprecated. Accept the old values, convert to msec, truncate to new limits. (no_ospf_timers_throttle_spf_cmd) set timers to defaults. (no_ospf_timers_spf_cmd) deprecated form, same as previous. (show_ip_ospf_cmd) Display SPF parameters and times. (show_ip_ospf_neighbour_header) Centralise the 'sh ip os ne' header. (show_ip_ospf_neighbor_sub) Fix the field widths. Get rid of the multiple spaces which were making the lines even longer. (show_ip_ospf_neighbor_cmd) Use show_ip_ospf_neighbour_header (show_ip_ospf_neighbor_all_cmd) ditto and fix the field widths for NBMA neighbours. (show_ip_ospf_neighbor_int) Use header function. (show_ip_ospf_nbr_nbma_detail_sub) use sizeof for timebuf, local array - safer. (show_ip_ospf_neighbor_detail_sub) ditto (ospf_vty_init) install the new SPF throttle timer commands.