summaryrefslogtreecommitdiff
path: root/ospfd
AgeCommit message (Collapse)Author
2011-09-26ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. The error is reproducible only when ospfd debugging is enabled: * debug ospf packet all * debug ospf zebra When incoming packet header type field is set to 0x0a, ospfd will crash. * ospf_packet.c * ospf_verify_header(): add type field check * ospf_read(): perform input checks early
2011-09-26ospfd: CVE-2011-3325 part 1 (OSPF header underrun)Denis Ovsienko
This vulnerability (CERT-FI #514838) was reported by CROSS project. When only 14 first bytes of a Hello packet is delivered, ospfd crashes. * ospf_packet.c * ospf_read(): add size check
2011-09-26ospfd: CVE-2011-3326 (uknown LSA type segfault)CROSS
This vulnerability (CERT-FI #514837) was reported by CROSS project. They have also suggested a fix to the problem, which was found acceptable. Quagga ospfd does not seem to handle unknown LSA types in a Link State Update message correctly. If LSA type is something else than one supported by Quagga, the default handling of unknown types leads to an error. * ospf_flood.c * ospf_flood(): check return value of ospf_lsa_install()
2011-07-13Merge remote-tracking branch 'polymorf/master'Greg Troxel
2011-04-13ospf: Fix OSPF API and ospf-te LSA refreshers to match recent API changePaul Jakma
* ospf_apiserver.{c,h}: (ospf_apiserver_lsa_refresher) refreshers must now return the refreshed LSA. * ospf_te.{c,h}: (ospf_mpls_te_lsa_refresh) ditto * ospf_api.c: trivial compiler warning fix
2011-03-22ospfd: Compile fix for opaque supportPaul Jakma
* ospfd: Refresher logic cleanup broke OSPF opaque, which does its own thing with regard to refresher logic and which also, in the protocol, requires implementations to keep state of which OI an LSA is received on (rather than providing information in the LSA to allow it to be looked up - as other LSAs requiring such assocation were careful to do). * ospf_lsa.h: (struct ospf_interface) Add back the pointer to oi, but only for type-9 now. * ospf_nsm.c: (ospf_db_summary_add) check the oi actually exists first - doesn't obviate the need for opaque to ensure oi pointers get cleaned up when ospf_interfaces disappear. * ospf_opaque.{c,h}: (ospf_opaque_functab,ospf_opaque_lsa_refresh) Refresher LSA functions now need to return the LSA to the general refresh logic, to indicate whether the LSA was refreshed.
2010-12-08ospfd: Remove oi field from LSA, have network_lsa_refresh look up when neededPaul Jakma
* ospf_lsa.h: (struct ospf_lsa) remove oi pointer * ospf_lsa.c: (ospf_network_lsa_refresh) instead of keeping a pointer, just lookup the oi when it's needed. This decouples network LSA from oi lifetime and avoids having to invalidate pointers in LSAs when an oi changes, simplifying the code.
2010-12-08ospfd: potential fix for router-id change assert on refresh cleanup patchPaul Jakma
* ospf_lsa.c: (various) unregister LSAs from refresher before flushing.
2010-12-08ospfd: Fix maxage/flush to not try flood twice, remember maxages for longerPaul Jakma
2006-05-30 Paul Jakma <paul.jakma@sun.com> * (general) Fix confusion around MaxAge-ing and problem with high-latency networks. Analysis and suggested fixes by Phillip Spagnolo, in [quagga-dev 4132], on which this commit expands slightly. * ospf_flood.{c,h}: (ospf_lsa_flush) new function. Scope-general form of existing flush functions, essentially the dormant ospf_maxage_flood() but without the ambiguity of whether it is responsible for flooding. * ospf_lsa.c: (ospf_lsa_maxage) Role minimised to simply setup LSA on the Maxage list and schedule removal - no more. ospf_lsa_flush* being the primary way to kick-off flushes of LSAs. Don't hardcode the remover-timer value, which was too short for very high-latency networks. (ospf_maxage_lsa_remover) Just do what needs to be done to remove maxage LSAs from the maxage list, remove the call to ospf_flood_through(). Don't hardcode remove-timer value. (ospf_lsa_{install,flush_schedule}) ospf_lsa_flush is the correct entrypoint to flushing maxaged LSAs. (lsa_header_set) Use a define for the initial age, useful for testing. * ospf_opaque.c: (ospf_opaque_lsa_refresh) ditto. (ospf_opaque_lsa_flush_schedule) ditto. * ospfd.h: ({struct ospf,ospf_new}) Add maxage_delay parameter, interval to wait before running the maxage_remover. Supply a suitable default. Add a define for OSPF_LSA_INITIAL_AGE, see lsa_header_set().
2010-12-08ospfd: Unify router and network LSA refresh logic with general refresherPaul Jakma
* (general) Get rid of the router and network LSA specific refresh timers and make the general refresher do this instead. Get rid of the twiddling of timers for router/network LSA that was spread across the code. This lays the foundations for future, general LSA refresh improvements, such as making sequence rollover work, and having generic LSA delays. * ospfd.h: (struct ospf) Bye bye to the router-lsa update timer thread pointer. (struct ospf_area) and to the router-lsa refresh timer. * ospf_interface.h: Remove the network_lsa_self timer thread pointer * ospf_lsa.h: (struct ospf_lsa) oi field should always be there, for benefit of type-2/network LSA processing. (ospf_{router,network}_lsa_{update_timer,timer_add}) no timers for these more (ospf_{router,network}_lsa_update) more generic functions to indicate that some router/network LSAs need updating (ospf_router_lsa_update_area) update router lsa in a particular area alone. (ospf_{summary,summary_asbr,network}_lsa_refresh) replaced by the general ospf_lsa_refresh function. (ospf_lsa_refresh) general LSA refresh function
2010-12-08ospfd: Remember network LSA sequence numbers across up/downs of an interfacePaul Jakma
* ospf_interface.h: (struct ospf_if_params) add field for saved network LSA seqnum * ospf_interfa.c: (ospf_new_if_params) init network_lsa_seqnum field to initial seqnum - doesnt matter though. * ospf_lsa.c: (ospf_network_lsa_new) check for any saved sequence number, and use if it exists. Save the result back. This should help avoid needless round of LSUpdate/LSRequests when a neighbour has to tell the originator "uhm, i have something newer than that already". * ospf_vty.c: (show_ip_ospf_interface_sub) Show the saved network LSA seqnum
2010-12-08ospfd: Prioritise hellos for sending by queueing to head of output bufferPaul Jakma
* It's possible for the packet output buffer to be filled up with a long series of non-Hello packets in between Hellos packets, such that the router's neighbours don't receive the Hello packet in time, even though the hello-timer ran at about the right time. Fix this by prioritising Hello packets, letting them skip the queue and go ahead of any packets already on the queue. This problem can occur when there are lots of LSAs and slow links. * ospf_packet.h: (ospf_hello_send_sub) not used outside of ospf_packet.c * ospf_packet.c: (ospf_fifo_push_head) add packet to head of fifo (so its no longer really a fifo, but hey) (ospf_packet_add_top) add packet to top of the packet output queue. (ospf_hello_send_sub) Put Hello's at the top of the packet output queue. make it take in_addr_t parameter, so that this ospf_hello_send can re-use this code too. (ospf_hello_send) consolidate code by using ospf_hello_send_sub (ospf_poll_send,ospf_hello_reply_timer) adjust for ospf_hello_send_sub.
2010-12-08ospfd: Reset neighbour inactivity timer for any packet arrivalPaul Jakma
* The hello protocol monitors connectivity in 2 different ways: a) local -> remote b) remote -> local Connectivity is required in both directions (2-way) for adjacencies to form. The first requires a round-trip to detect, and is done by advertising which other hosts a router knows about in its hello messages. This allows a host to detect which other routers are and are not receiving its message. If a remote neighbour delists the local router, then the local router raises a "1-Way Received" event. The latter is straight-forward, and is detected by setting a timer for the neighbour. If another Hello packet is not received within this time then the neighbour is dead, and a separate "Inactive" event is raised. These are 2 different and relatively independent measures. Knowing that we can optimise the 2nd, remote->local measure and reset the timer when /any/ packet arrives from that neighbour. For any packet is as good as a Hello packet. This can help in marginal situations, where the number of protocol messages that must be sent sometimes can exceed the capacity of the network to transmit the messages within the configured dead-time. I.e. an OSPF network with lots of LSAs, slow links and/or slow hosts (e.g. O(10k) LSAs, O(100kbit) links, embedded CPUs, and O(10s) dead-times). This optimisation allows an OSPF network to run closer to this margin, and/or allows networks to perhaps better cope with rare periods of exceptional load, where otherwise they would not. It's fully compatible with plain OSPF implementations and doesn't prejudice dead-neighbour detection. * ospf_nsm.h: Rename HelloReceived event to PacketReceived. * ospf_nsm.c: (nsm_hello_received) -> nsm_packet_received * ospf_packet.c: Schedule PacketReceived whenever a valid message is received.
2010-12-08ospfd: the maxage_lsa_remover should check whether it needs to yield the cpuPaul Jakma
2010-12-08ospfd: Fix various route_unlock discrepenciesPaul Jakma
* ospf_ase.c: (ospf_ase_calculate_route) Fix compiler warning about eval needing brackets. (various) add defensive asserts. * ospf_lsdb.c: (ospf_lsdb_add) add missing node unlock if same lsa already was indexed. (ospf_lsdb_delete) check it's actually the same as specified lsa before deleting (ospf_lsdb_lookup_by_id_next) fix another corner case - no result => don't go on.
2010-12-08ospfd: fix lsa_refresh_walker unlock before use bugPaul Jakma
* ospf_lsa.c: (ospf_lsa_refresh_walker) fix an "unlock before use" bug (various) add asserts for lsa refcounting.
2010-12-08ospfd: interface code should leave network_lsa_self alonePaul Jakma
* ospf_interface.c: (ospf_if_{new,cleanup}) don't touch the network_lsa_self, ISM and NSM take care of cleaning it up if needs be + we want to keep network_lsa_self around when possible for the the seqnum. This shouldn't really make much difference though, particularly as we have a separate sequence number memory mechanism.
2010-12-08ospfd: OSPF_MIN_LS_ARRIVAL compare should be >= to match ospf_floodPaul Jakma
* ospf_packet.c: (ospf_ls_upd) the corresponding test on the arrival side in (ospf_flood) is <, so this should be >=, not >, purely for consistency. There is no practical effect here though.
2010-12-08ospfd: ospf_if_free can leave dangling references on ISM events - cancel themPaul Jakma
* ospf_interface.c: (ospf_if_free) events with dangling pointers left scheduled can be seriously bad for ospfd's health. Cancel the event.
2010-12-08ospfd: Lower level of some common messages from info to debugPaul Jakma
* ospf_{ism,network}.c: Certain oft-repeated but trivial messages should be debug log level, not info, to avoid spamming 'terminal monitor'
2010-05-11Fix ip_len byte order in DragonFly's raw socketDavid BÉRARD
2010-04-18ospfd: Only refresh external default route once.Joakim Tjernlund
* ospf_zebra.c: (ospf_distribute_list_update_timer) forces a refresh of default route each time it finds a default prefix. This is suboptimal, just record that it needs to be done and do it once. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-04-18ospfd: Make sure ospf_distribute_list_update_timer() eventually runs.Joakim Tjernlund
* ospf_zebra.c: (ospf_distribute_list_update_timer) If there are updates to the distribute list every 5 second or less, ospf_distribute_list_update_timer() will never run as the timer gets rearmed for each update. This fixes it by never rearming an active distribute list timer. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-04-18ospfd: Make sure all external routes are updated.Joakim Tjernlund
Roman Hoog Antink <rha@open.ch> reports: When adding a connected route (using vtysh, without restart) to the redistribution access list of ospfd, while static routes already exist, the update timer ospf_distribute_list_update_timer() is being run for static routes only. That way, the connected route never appears in the OSPF database, until quagga is completely restarted. The update timer for connected routes is cancelled in ospfd/ospfd_zebra.c:ospf_distribute_list_update():976, were a new timer is scheduled for static routes, caused by the loop in ospf_filter_update(). * ospf_zebra.c: (ospf_distribute_list_update_timer) make it refresh all external routes. This fixes the problem reported by Roman. Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
2010-01-14ospfd: Fix debug messages that were masked by DISCARD_LSAPaul Jakma
* ospf_packet.c: (ospf_ls_upd) DISCARD_LSA continues, and so should be after debug messages, not before them.
2010-01-14ospfd: remove unneeded memset from a very hot functionPaul Jakma
* ospf_lsdb.c: (lsdb_prefix_set) memset is unneeded, as all fields are initialised explicitly, and this function can be in the top-3 of a profile when there are a lot of LSAs.
2009-12-03ospfd: VTY strings cleanupStephen Hemminger
Several bits of text can be local or are unused.
2009-12-03ospfd: comment out unused functionStephen Hemminger
2009-12-03ospfd: make local functions staticStephen Hemminger
This code is only used one place and can be made local. Gcc is smart enough to inline local functions if it wants to. The function also has a big chunk of compatiablity code that is no longer used; since quagga is now in a version control system the source does not need to be used as a historical reference.
2009-09-28[ospfd] enable more OSPF cost command aliasesDenis Ovsienko
The following syntax forms were not historically supported by Quagga, although IOS accepted them w/o a problem: no ip ospf cost <1-65535> no ospf cost <1-65535> no ip ospf cost <1-65535> A.B.C.D no ospf cost <1-65535> A.B.C.D From now on Quagga also supports these variants.
2009-08-28ospfd: Make sure priority is respected.Joakim Tjernlund
* ospf_ism.c (ospf_dr_eligible_routers) should test for priority > 0 instead of != 0 as ospf_nbr_new () initially sets prio to -1
2009-08-28ospfd: Tighten up the connected check for redistributionJoakim Tjernlund
* ospf_zebra.c: (ospf_distribute_check_connected) check to make filter out routes matching connected routes was matching against OSPF networks, which can be far more general than the actual connected interfaces. Fix.
2009-08-13all: check return value from daemon() callStephen Hemminger
* */*main.c: (main) Current versions of Gcc warn if the return value for daemon() is not checked. So add a simple test and exit on failure.
2009-08-13ospfd: fix performance problem with redistribute deleteStephen Hemminger
Doing redistribute delete with full BGP table was taking 30 minutes, this drops it down to less than a second. * ospf_lsa.c: (ospf_lsa_maxage) When flushing lots of entries the performance is terrible because it looks up each LSA entry through ospf_lsa_maxage_exist before deleting causing O(N^2) performance. Use a new OSPF_LSA_MAXAGE flag instead of scan - and maintain it. (ospf_lsa_maxage_exist) removed (ospf_lsa_maxage_delete) maintain OSPF_LSA_MAXAGE flag
2009-08-11ospfd: Make sure route table is recalculated.Joakim Tjernlund
In some cases ospfd does not recalc the route table. This happens when ospfd receives an old LSA which will trigger recalc but the this recalc will fail because all interfaces isn't up yet. Next LSA that is originated matches the old one so no recalc will be performed. This problem has been observed when there are only 2 ppp I/Fs in an area, both go down at the same time, then they come up again with a few seconds apart. * ospf_lsa.c: (ospf_{router,network}_lsa_install) avoid a needless scheduling of SPF. (ospf_lsa_different) fix bug in LSA comparison that would lead to the described failure to schedule SPF.
2009-08-11ospfd: Make "Packet ... received on wrong link" conditional on debugPaul Jakma
* ospf_packet.c: make this message conditional on 'debug ospf event', as it be easily triggered with, e.g., multiple subnets sharing same physical network. E.g, see bug #532.
2009-08-03ospfd: neuter some compiler warningsPaul Jakma
* ospf_lsa.c: (link_info_set) Use %zd for size_t - C99 is old enough now. Lots of similar warnings all over the code. (ospf_lsa_translated_nssa_compare) Unused func - delete.
2009-08-03ospfd: update some commentsPaul Jakma
* ospf_{spf,lsa}.c: remove out of date comment; add comment on some non-obvious code; Make note of a possible scaling problem.
2009-08-03ospfd: Change struct ospf_path *oi to ifindex.Joakim Tjernlund
* global: In struct ospf_path, change struct ospf_interface *oi to int ifindex. It is unsafe to reference *oi as an ospf interface can be deleted under your feet. Use a weak reference instead.
2009-07-30ospfd: Discriminate better when selecting links between vertices in SPFJoakim Tjernlund
* ospf_spf.c: (ospf_get_next_link) One must check the vertex type, Router or Network, to select type link to match against. Link type 1 has neighbour router ID in link_id and link type 2 has IP address of DR. Since router id may have same value as an existing IP address one risks matching a router ID against a DR.
2009-07-28ospfd: Make ospf_if_lookup_recv_if() find the right unnumbered i/fJoakim Tjernlund
This function will return the interface for the first matching remote address for PtP i/f's. That won't work for multiple unnumbered i/f's as these may all have the same address. Pass in the struct interface pointer, ifp, to find the correct set of oi's to search in. This also reduces the size of the search list, making it faster. * ospfd/ospf_interface.c: Add struct interface * param to ospf_if_lookup_recv_if() to select the right list to search in. * ospfd/ospf_interface.h: ditto. * ospfd/ospf_packet.c: Pass new ifp argument to ospf_if_lookup_recv_if()
2009-07-28ospfd: export ospf_if_table_lookup() and use it in ospf_network_run_interface()Joakim Tjernlund
Makes it possible to run OSPF on multiple PtP interfaces with the same remote address. * ospfd/ospf_interface.c: Export ospf_if_table_lookup(). * ospfd/ospf_interface.h: ditto. * ospfd/ospfd.c: (ospf_network_run_interface) Use ospf_if_table_lookup() to determine whether OSPF is already configured for a subnet and interface.
2009-07-28[global] interface flags format warningsStephen Hemminger
*/*: ifp->flags is 64 bit unsigned which can not be handled by %l on 32 bit architectures - requires %ll and the appropriate cast.
2009-06-26[ospfd] Do not use stale Network/Router LSAsJoakim Tjernlund
Should a self originated Network/Router LSA with higher LS seq. nr. be received we should flood and install it in the LSDB but we cannot use it for our internal calculations as it is stale. Reorginate an new LSA to replace the stale one as soon as possible.
2009-06-25[ospfd] compare ifIndex too when matching pathsJoakim Tjernlund
ospf_path_lookup(), ospf_route_match_same() and ospf_ase_route_match_same() needs to compare if the interface matches too.
2009-06-25[ospfd] external LSA route_unlock_node() fixesJoakim Tjernlund
A few route_unlock_node() calls was missing.
2009-06-25[ospfd] Fix a few LSA performance "bugs"Joakim Tjernlund
ospf_lsa_install() will calculate LSA checksum so no need to do it before calling ospf_lsa_install(). Set the OSPF_LSA_SELF_CHECKED flag on own LSA's to save ospf_lsa_is_self_originated() some work. Do not memset() memory that is about to overwritten with memcpy().
2009-06-24Merge remote branch 'origin/master'Paul Jakma
2009-06-24[cleanup] Add log.h includesTomasz Pala
2009-06-24[ospfd] discount IP header size from a new LSA pktDmitry Tejblum