Statistics
| Branch: | Revision:

iof-bird / bird-2.0.1 / proto / rip / packets.c @ 6b3f1a54

History | View | Annotate | Download (20.4 KB)

1
/*
2
 *        BIRD -- Routing Information Protocol (RIP)
3
 *
4
 *        (c) 1998--1999 Pavel Machek <pavel@ucw.cz>
5
 *        (c) 2004--2013 Ondrej Filip <feela@network.cz>
6
 *        (c) 2009--2015 Ondrej Zajicek <santiago@crfreenet.org>
7
 *        (c) 2009--2015 CZ.NIC z.s.p.o.
8
 *
9
 *        Can be freely distributed and used under the terms of the GNU GPL.
10
 */
11

    
12
#undef LOCAL_DEBUG
13

    
14
#include "rip.h"
15
#include "lib/mac.h"
16

    
17

    
18
#define RIP_CMD_REQUEST                1        /* want info */
19
#define RIP_CMD_RESPONSE        2        /* responding to request */
20

    
21
#define RIP_BLOCK_LENGTH        20
22
#define RIP_PASSWD_LENGTH        16
23

    
24
#define RIP_AF_IPV4                2
25
#define RIP_AF_AUTH                0xffff
26

    
27

    
28
/* RIP packet header */
29
struct rip_packet
30
{
31
  u8 command;
32
  u8 version;
33
  u16 unused;
34
};
35

    
36
/* RTE block for RIPv2 */
37
struct rip_block_v2
38
{
39
  u16 family;
40
  u16 tag;
41
  ip4_addr network;
42
  ip4_addr netmask;
43
  ip4_addr next_hop;
44
  u32 metric;
45
};
46

    
47
/* RTE block for RIPng */
48
struct rip_block_ng
49
{
50
  ip6_addr prefix;
51
  u16 tag;
52
  u8 pxlen;
53
  u8 metric;
54
};
55

    
56
/* Authentication block for RIPv2 */
57
struct rip_block_auth
58
{
59
  u16 must_be_ffff;
60
  u16 auth_type;
61
  char password[0];
62
  u16 packet_len;
63
  u8 key_id;
64
  u8 auth_len;
65
  u32 seq_num;
66
  u32 unused1;
67
  u32 unused2;
68
};
69

    
70
/* Authentication tail, RFC 4822 */
71
struct rip_auth_tail
72
{
73
  u16 must_be_ffff;
74
  u16 must_be_0001;
75
  byte auth_data[0];
76
};
77

    
78
/* Internal representation of RTE block data */
79
struct rip_block
80
{
81
  net_addr net;
82
  u32 metric;
83
  u16 tag;
84
  u16 no_af;
85
  ip_addr next_hop;
86
};
87

    
88

    
89
#define DROP(DSC,VAL) do { err_dsc = DSC; err_val = VAL; goto drop; } while(0)
90
#define DROP1(DSC) do { err_dsc = DSC; goto drop; } while(0)
91
#define SKIP(DSC) do { err_dsc = DSC; goto skip; } while(0)
92

    
93
#define LOG_PKT(msg, args...) \
94
  log_rl(&p->log_pkt_tbf, L_REMOTE "%s: " msg, p->p.name, args)
95

    
96
#define LOG_PKT_AUTH(msg, args...) \
97
  log_rl(&p->log_pkt_tbf, L_AUTH "%s: " msg, p->p.name, args)
98

    
99
#define LOG_RTE(msg, args...) \
100
  log_rl(&p->log_rte_tbf, L_REMOTE "%s: " msg, p->p.name, args)
101

    
102

    
103
static inline void * rip_tx_buffer(struct rip_iface *ifa)
104
{ return ifa->sk->tbuf; }
105

    
106
static inline uint rip_pkt_hdrlen(struct rip_iface *ifa)
107
{ return sizeof(struct rip_packet) + (ifa->cf->auth_type ? RIP_BLOCK_LENGTH : 0); }
108

    
109
static inline void
110
rip_put_block(struct rip_proto *p, byte *pos, struct rip_block *rte)
111
{
112
  if (rip_is_v2(p))
113
  {
114
    struct rip_block_v2 *block = (void *) pos;
115
    block->family = rte->no_af ? 0 : htons(RIP_AF_IPV4);
116
    block->tag = htons(rte->tag);
117
    block->network = ip4_hton(net4_prefix(&rte->net));
118
    block->netmask = ip4_hton(ip4_mkmask(net4_pxlen(&rte->net)));
119
    block->next_hop = ip4_hton(ipa_to_ip4(rte->next_hop));
120
    block->metric = htonl(rte->metric);
121
  }
122
  else /* RIPng */
123
  {
124
    struct rip_block_ng *block = (void *) pos;
125
    block->prefix = ip6_hton(net6_prefix(&rte->net));
126
    block->tag = htons(rte->tag);
127
    block->pxlen = net6_pxlen(&rte->net);
128
    block->metric = rte->metric;
129
  }
130
}
131

    
132
static inline void
133
rip_put_next_hop(struct rip_proto *p UNUSED, byte *pos, struct rip_block *rte)
134
{
135
  struct rip_block_ng *block = (void *) pos;
136
  block->prefix = ip6_hton(ipa_to_ip6(rte->next_hop));
137
  block->tag = 0;
138
  block->pxlen = 0;
139
  block->metric = 0xff;
140
}
141

    
142
static inline int
143
rip_get_block(struct rip_proto *p, byte *pos, struct rip_block *rte)
144
{
145
  if (rip_is_v2(p))
146
  {
147
    struct rip_block_v2 *block = (void *) pos;
148

    
149
    /* Skip blocks with strange AF, including authentication blocks */
150
    if (block->family != (rte->no_af ? 0 : htons(RIP_AF_IPV4)))
151
      return 0;
152

    
153
    uint pxlen = ip4_masklen(ip4_ntoh(block->netmask));
154
    net_fill_ip4(&rte->net, ip4_ntoh(block->network), pxlen);
155
    rte->metric = ntohl(block->metric);
156
    rte->tag = ntohs(block->tag);
157
    rte->next_hop = ipa_from_ip4(ip4_ntoh(block->next_hop));
158

    
159
    return 1;
160
  }
161
  else /* RIPng */
162
  {
163
    struct rip_block_ng *block = (void *) pos;
164

    
165
    /* Handle and skip next hop blocks */
166
    if (block->metric == 0xff)
167
    {
168
      rte->next_hop = ipa_from_ip6(ip6_ntoh(block->prefix));
169
      if (!ipa_is_link_local(rte->next_hop)) rte->next_hop = IPA_NONE;
170
      return 0;
171
    }
172

    
173
    uint pxlen = (block->pxlen <= IP6_MAX_PREFIX_LENGTH) ? block->pxlen : 255;
174
    net_fill_ip6(&rte->net, ip6_ntoh(block->prefix), pxlen);
175
    rte->metric = block->metric;
176
    rte->tag = ntohs(block->tag);
177
    /* rte->next_hop is deliberately kept unmodified */;
178

    
179
    return 1;
180
  }
181
}
182

    
183
static inline void
184
rip_update_csn(struct rip_proto *p UNUSED, struct rip_iface *ifa)
185
{
186
  /*
187
   * We update crypto sequence numbers at the beginning of update session to
188
   * avoid issues with packet reordering, so packets inside one update session
189
   * have the same CSN. We are using real time, but enforcing monotonicity.
190
   */
191
  if (ifa->cf->auth_type == RIP_AUTH_CRYPTO)
192
  {
193
    u32 now_real = (u32) (current_real_time() TO_S);
194
    ifa->csn = (ifa->csn < now_real) ? now_real : ifa->csn + 1;
195
  }
196
}
197

    
198
static void
199
rip_fill_authentication(struct rip_proto *p, struct rip_iface *ifa, struct rip_packet *pkt, uint *plen)
200
{
201
  struct rip_block_auth *auth = (void *) (pkt + 1);
202
  struct password_item *pass = password_find(ifa->cf->passwords, 0);
203

    
204
  if (!pass)
205
  {
206
    /* FIXME: This should not happen */
207
    log(L_ERR "%s: No suitable password found for authentication", p->p.name);
208
    memset(auth, 0, sizeof(struct rip_block_auth));
209
    return;
210
  }
211

    
212
  switch (ifa->cf->auth_type)
213
  {
214
  case RIP_AUTH_PLAIN:
215
    auth->must_be_ffff = htons(0xffff);
216
    auth->auth_type = htons(RIP_AUTH_PLAIN);
217
    strncpy(auth->password, pass->password, RIP_PASSWD_LENGTH);
218
    return;
219

    
220
  case RIP_AUTH_CRYPTO:
221
    auth->must_be_ffff = htons(0xffff);
222
    auth->auth_type = htons(RIP_AUTH_CRYPTO);
223
    auth->packet_len = htons(*plen);
224
    auth->key_id = pass->id;
225
    auth->auth_len = mac_type_length(pass->alg);
226
    auth->seq_num = ifa->csn_ready ? htonl(ifa->csn) : 0;
227
    auth->unused1 = 0;
228
    auth->unused2 = 0;
229
    ifa->csn_ready = 1;
230

    
231
    if (pass->alg < ALG_HMAC)
232
      auth->auth_len += sizeof(struct rip_auth_tail);
233

    
234
    /*
235
     * Note that RFC 4822 is unclear whether auth_len should cover whole
236
     * authentication trailer or just auth_data length.
237
     *
238
     * FIXME: We should use just auth_data length by default. Currently we put
239
     * the whole auth trailer length in keyed hash case to keep old behavior,
240
     * but we put just auth_data length in the new HMAC case. Note that Quagga
241
     * has config option for this.
242
     *
243
     * Crypto sequence numbers are increased by sender in rip_update_csn().
244
     * First CSN should be zero, this is handled by csn_ready.
245
     */
246

    
247
    struct rip_auth_tail *tail = (void *) ((byte *) pkt + *plen);
248
    tail->must_be_ffff = htons(0xffff);
249
    tail->must_be_0001 = htons(0x0001);
250

    
251
    uint auth_len = mac_type_length(pass->alg);
252
    *plen += sizeof(struct rip_auth_tail) + auth_len;
253

    
254
    /* Append key for keyed hash, append padding for HMAC (RFC 4822 2.5) */
255
    if (pass->alg < ALG_HMAC)
256
      strncpy(tail->auth_data, pass->password, auth_len);
257
    else
258
      memset32(tail->auth_data, HMAC_MAGIC, auth_len / 4);
259

    
260
    mac_fill(pass->alg, pass->password, pass->length,
261
             (byte *) pkt, *plen, tail->auth_data);
262
    return;
263

    
264
  default:
265
    bug("Unknown authentication type");
266
  }
267
}
268

    
269
static int
270
rip_check_authentication(struct rip_proto *p, struct rip_iface *ifa, struct rip_packet *pkt, uint *plen, struct rip_neighbor *n)
271
{
272
  struct rip_block_auth *auth = (void *) (pkt + 1);
273
  struct password_item *pass = NULL;
274
  const char *err_dsc = NULL;
275
  uint err_val = 0;
276
  uint auth_type = 0;
277

    
278
  /* Check for authentication entry */
279
  if ((*plen >= (sizeof(struct rip_packet) + sizeof(struct rip_block_auth))) &&
280
      (auth->must_be_ffff == htons(0xffff)))
281
    auth_type = ntohs(auth->auth_type);
282

    
283
  if (auth_type != ifa->cf->auth_type)
284
    DROP("authentication method mismatch", auth_type);
285

    
286
  switch (auth_type)
287
  {
288
  case RIP_AUTH_NONE:
289
    return 1;
290

    
291
  case RIP_AUTH_PLAIN:
292
    pass = password_find_by_value(ifa->cf->passwords, auth->password, RIP_PASSWD_LENGTH);
293
    if (!pass)
294
      DROP1("wrong password");
295

    
296
    return 1;
297

    
298
  case RIP_AUTH_CRYPTO:
299
    pass = password_find_by_id(ifa->cf->passwords, auth->key_id);
300
    if (!pass)
301
      DROP("no suitable password found", auth->key_id);
302

    
303
    uint data_len = ntohs(auth->packet_len);
304
    uint auth_len = mac_type_length(pass->alg);
305
    uint auth_len2 = sizeof(struct rip_auth_tail) + auth_len;
306

    
307
    /*
308
     * Ideally, first check should be check for internal consistency:
309
     *   (data_len + sizeof(struct rip_auth_tail) + auth->auth_len) != *plen
310
     *
311
     * Second one should check expected code length:
312
     *   auth->auth_len != auth_len
313
     *
314
     * But as auth->auth_len has two interpretations, we simplify this
315
     */
316

    
317
    if (data_len + auth_len2 != *plen)
318
      DROP("packet length mismatch", *plen);
319

    
320
    /* Warning: two interpretations of auth_len field */
321
    if ((auth->auth_len != auth_len) && (auth->auth_len != auth_len2))
322
      DROP("wrong authentication length", auth->auth_len);
323

    
324
    struct rip_auth_tail *tail = (void *) ((byte *) pkt + data_len);
325
    if ((tail->must_be_ffff != htons(0xffff)) || (tail->must_be_0001 != htons(0x0001)))
326
      DROP1("authentication trailer is missing");
327

    
328
    /* Accept higher sequence number, or zero if connectivity is lost */
329
    /* FIXME: sequence number must be password/SA specific */
330
    u32 rcv_csn = ntohl(auth->seq_num);
331
    if ((rcv_csn < n->csn) && (rcv_csn || n->uc))
332
    {
333
      /* We want to report both new and old CSN */
334
      LOG_PKT_AUTH("Authentication failed for %I on %s - "
335
                   "lower sequence number (rcv %u, old %u)",
336
                   n->nbr->addr, ifa->iface->name, rcv_csn, n->csn);
337
      return 0;
338
    }
339

    
340
    byte *auth_data = alloca(auth_len);
341
    memcpy(auth_data, tail->auth_data, auth_len);
342

    
343
    /* Append key for keyed hash, append padding for HMAC (RFC 4822 2.5) */
344
    if (pass->alg < ALG_HMAC)
345
      strncpy(tail->auth_data, pass->password, auth_len);
346
    else
347
      memset32(tail->auth_data, HMAC_MAGIC, auth_len / 4);
348

    
349
    if (!mac_verify(pass->alg, pass->password, pass->length,
350
                    (byte *) pkt, *plen, auth_data))
351
      DROP("wrong authentication code", pass->id);
352

    
353
    *plen = data_len;
354
    n->csn = rcv_csn;
355

    
356
    return 1;
357
  }
358

    
359
drop:
360
  LOG_PKT_AUTH("Authentication failed for %I on %s - %s (%u)",
361
               n->nbr->addr, ifa->iface->name, err_dsc, err_val);
362

    
363
  return 0;
364
}
365

    
366
static inline int
367
rip_send_to(struct rip_proto *p, struct rip_iface *ifa, struct rip_packet *pkt, uint plen, ip_addr dst)
368
{
369
  if (ifa->cf->auth_type)
370
    rip_fill_authentication(p, ifa, pkt, &plen);
371

    
372
  return sk_send_to(ifa->sk, plen, dst, 0);
373
}
374

    
375

    
376
void
377
rip_send_request(struct rip_proto *p, struct rip_iface *ifa)
378
{
379
  byte *pos = rip_tx_buffer(ifa);
380

    
381
  struct rip_packet *pkt = (void *) pos;
382
  pkt->command = RIP_CMD_REQUEST;
383
  pkt->version = ifa->cf->version;
384
  pkt->unused = 0;
385
  pos += rip_pkt_hdrlen(ifa);
386

    
387
  struct rip_block b = { .no_af = 1, .metric = p->infinity };
388
  rip_put_block(p, pos, &b);
389
  pos += RIP_BLOCK_LENGTH;
390

    
391
  rip_update_csn(p, ifa);
392

    
393
  TRACE(D_PACKETS, "Sending request via %s", ifa->iface->name);
394
  rip_send_to(p, ifa, pkt, pos - (byte *) pkt, ifa->addr);
395
}
396

    
397
static void
398
rip_receive_request(struct rip_proto *p, struct rip_iface *ifa, struct rip_packet *pkt, uint plen, struct rip_neighbor *from)
399
{
400
  TRACE(D_PACKETS, "Request received from %I on %s", from->nbr->addr, ifa->iface->name);
401

    
402
  byte *pos = (byte *) pkt + rip_pkt_hdrlen(ifa);
403

    
404
  /* We expect one regular block */
405
  if (plen != (rip_pkt_hdrlen(ifa) + RIP_BLOCK_LENGTH))
406
    return;
407

    
408
  struct rip_block b = { .no_af = 1 };
409

    
410
  if (!rip_get_block(p, pos, &b))
411
    return;
412

    
413
  /* Special case - infinity metric, for RIPng also zero prefix */
414
  if ((b.metric != p->infinity) ||
415
      (rip_is_ng(p) && !net_zero_ip6((net_addr_ip6 *) &b.net)))
416
    return;
417

    
418
  /* We do nothing if TX is already active */
419
  if (ifa->tx_active)
420
  {
421
    TRACE(D_EVENTS, "Skipping request from %I on %s, TX is busy", from->nbr->addr, ifa->iface->name);
422
    return;
423
  }
424

    
425
  if (!ifa->cf->passive)
426
    rip_send_table(p, ifa, from->nbr->addr, 0);
427
}
428

    
429

    
430
static int
431
rip_send_response(struct rip_proto *p, struct rip_iface *ifa)
432
{
433
  if (! ifa->tx_active)
434
    return 0;
435

    
436
  byte *pos = rip_tx_buffer(ifa);
437
  byte *max = rip_tx_buffer(ifa) + ifa->tx_plen -
438
    (rip_is_v2(p) ? RIP_BLOCK_LENGTH : 2*RIP_BLOCK_LENGTH);
439
  ip_addr last_next_hop = IPA_NONE;
440
  btime now_ = current_time();
441
  int send = 0;
442

    
443
  struct rip_packet *pkt = (void *) pos;
444
  pkt->command = RIP_CMD_RESPONSE;
445
  pkt->version = ifa->cf->version;
446
  pkt->unused = 0;
447
  pos += rip_pkt_hdrlen(ifa);
448

    
449
  FIB_ITERATE_START(&p->rtable, &ifa->tx_fit, struct rip_entry, en)
450
  {
451
    /* Dummy entries */
452
    if (!en->valid)
453
      goto next_entry;
454

    
455
    /* Stale entries that should be removed */
456
    if ((en->valid == RIP_ENTRY_STALE) &&
457
        ((en->changed + ifa->cf->garbage_time) <= now_))
458
      goto next_entry;
459

    
460
    /* Triggered updates */
461
    if (en->changed < ifa->tx_changed)
462
      goto next_entry;
463

    
464
    /* Not enough space for current entry */
465
    if (pos > max)
466
    {
467
      FIB_ITERATE_PUT(&ifa->tx_fit);
468
      goto break_loop;
469
    }
470

    
471
    struct rip_block rte = {
472
      .metric = en->metric,
473
      .tag = en->tag
474
    };
475

    
476
    net_copy(&rte.net, en->n.addr);
477

    
478
    if (en->iface == ifa->iface)
479
      rte.next_hop = en->next_hop;
480

    
481
    if (rip_is_v2(p) && (ifa->cf->version == RIP_V1))
482
    {
483
      /* Skipping subnets (i.e. not hosts, classful networks or default route) */
484
      if (ip4_masklen(ip4_class_mask(net4_prefix(&rte.net))) != rte.net.pxlen)
485
        goto next_entry;
486

    
487
      rte.tag = 0;
488
      rte.net.pxlen = 0;
489
      rte.next_hop = IPA_NONE;
490
    }
491

    
492
    /* Split horizon */
493
    if (en->from == ifa->iface && ifa->cf->split_horizon)
494
    {
495
      if (ifa->cf->poison_reverse)
496
      {
497
        rte.metric = p->infinity;
498
        rte.next_hop = IPA_NONE;
499
      }
500
      else
501
        goto next_entry;
502
    }
503

    
504
    // TRACE(D_PACKETS, "    %N -> %I metric %d", &rte.net, rte.next_hop, rte.metric);
505

    
506
    /* RIPng next hop entry */
507
    if (rip_is_ng(p) && !ipa_equal(rte.next_hop, last_next_hop))
508
    {
509
      last_next_hop = rte.next_hop;
510
      rip_put_next_hop(p, pos, &rte);
511
      pos += RIP_BLOCK_LENGTH;
512
    }
513

    
514
    rip_put_block(p, pos, &rte);
515
    pos += RIP_BLOCK_LENGTH;
516
    send = 1;
517

    
518
  next_entry: ;
519
  }
520
  FIB_ITERATE_END;
521
  ifa->tx_active = 0;
522

    
523
  /* Do not send empty packet */
524
  if (!send)
525
    return 0;
526

    
527
break_loop:
528
  TRACE(D_PACKETS, "Sending response via %s", ifa->iface->name);
529
  return rip_send_to(p, ifa, pkt, pos - (byte *) pkt, ifa->tx_addr);
530
}
531

    
532
/**
533
 * rip_send_table - RIP interface timer hook
534
 * @p: RIP instance
535
 * @ifa: RIP interface
536
 * @addr: destination IP address
537
 * @changed: time limit for triggered updates
538
 *
539
 * The function activates an update session and starts sending routing update
540
 * packets (using rip_send_response()). The session may be finished during the
541
 * call or may continue in rip_tx_hook() until all appropriate routes are
542
 * transmitted. Note that there may be at most one active update session per
543
 * interface, the function will terminate the old active session before
544
 * activating the new one.
545
 */
546
void
547
rip_send_table(struct rip_proto *p, struct rip_iface *ifa, ip_addr addr, btime changed)
548
{
549
  DBG("RIP: Opening TX session to %I on %s\n", addr, ifa->iface->name);
550

    
551
  rip_reset_tx_session(p, ifa);
552

    
553
  ifa->tx_active = 1;
554
  ifa->tx_addr = addr;
555
  ifa->tx_changed = changed;
556
  FIB_ITERATE_INIT(&ifa->tx_fit, &p->rtable);
557

    
558
  rip_update_csn(p, ifa);
559

    
560
  while (rip_send_response(p, ifa) > 0)
561
    ;
562
}
563

    
564
static void
565
rip_tx_hook(sock *sk)
566
{
567
  struct rip_iface *ifa = sk->data;
568
  struct rip_proto *p = ifa->rip;
569

    
570
  DBG("RIP: TX hook called (iface %s, src %I, dst %I)\n",
571
      sk->iface->name, sk->saddr, sk->daddr);
572

    
573
  while (rip_send_response(p, ifa) > 0)
574
    ;
575
}
576

    
577
static void
578
rip_err_hook(sock *sk, int err)
579
{
580
  struct rip_iface *ifa = sk->data;
581
  struct rip_proto *p = ifa->rip;
582

    
583
  log(L_ERR "%s: Socket error on %s: %M", p->p.name, ifa->iface->name, err);
584

    
585
  rip_reset_tx_session(p, ifa);
586
}
587

    
588
static void
589
rip_receive_response(struct rip_proto *p, struct rip_iface *ifa, struct rip_packet *pkt, uint plen, struct rip_neighbor *from)
590
{
591
  struct rip_block rte = {};
592
  const char *err_dsc = NULL;
593

    
594
  TRACE(D_PACKETS, "Response received from %I on %s", from->nbr->addr, ifa->iface->name);
595

    
596
  byte *pos = (byte *) pkt + sizeof(struct rip_packet);
597
  byte *end = (byte *) pkt + plen;
598
  btime now_ = current_time();
599

    
600
  for (; pos < end; pos += RIP_BLOCK_LENGTH)
601
  {
602
    /* Find next regular RTE */
603
    if (!rip_get_block(p, pos, &rte))
604
      continue;
605

    
606
    if (rip_is_v2(p) && (pkt->version == RIP_V1))
607
    {
608
      if (ifa->cf->check_zero && (rte.tag || rte.net.pxlen || ipa_nonzero(rte.next_hop)))
609
        SKIP("RIPv1 reserved field is nonzero");
610

    
611
      rte.tag = 0;
612
      rte.net.pxlen = ip4_masklen(ip4_class_mask(net4_prefix(&rte.net)));
613
      rte.next_hop = IPA_NONE;
614
    }
615

    
616
    if (rte.net.pxlen == 255)
617
      SKIP("invalid prefix length");
618

    
619
    net_normalize(&rte.net);
620

    
621
    int c = net_classify(&rte.net);
622
    if ((c < 0) || !(c & IADDR_HOST) || ((c & IADDR_SCOPE_MASK) <= SCOPE_LINK))
623
      SKIP("invalid prefix");
624

    
625
    if (rte.metric > p->infinity)
626
      SKIP("invalid metric");
627

    
628
    if (ipa_nonzero(rte.next_hop))
629
    {
630
      neighbor *nbr = neigh_find2(&p->p, &rte.next_hop, ifa->iface, 0);
631
      if (!nbr || (nbr->scope <= 0))
632
        rte.next_hop = IPA_NONE;
633
    }
634

    
635
    // TRACE(D_PACKETS, "    %N -> %I metric %d", &rte.net.n, rte.next_hop, rte.metric);
636

    
637
    rte.metric += ifa->cf->metric;
638

    
639
    if (rte.metric < p->infinity)
640
    {
641
      struct rip_rte new = {
642
        .from = from,
643
        .next_hop = ipa_nonzero(rte.next_hop) ? rte.next_hop : from->nbr->addr,
644
        .metric = rte.metric,
645
        .tag = rte.tag,
646
        .expires = now_ + ifa->cf->timeout_time
647
      };
648

    
649
      rip_update_rte(p, &rte.net, &new);
650
    }
651
    else
652
      rip_withdraw_rte(p, &rte.net, from);
653

    
654
    continue;
655

    
656
  skip:
657
    LOG_RTE("Ignoring route %N received from %I - %s",
658
            &rte.net, from->nbr->addr, err_dsc);
659
  }
660
}
661

    
662
static int
663
rip_rx_hook(sock *sk, uint len)
664
{
665
  struct rip_iface *ifa = sk->data;
666
  struct rip_proto *p = ifa->rip;
667
  const char *err_dsc = NULL;
668
  uint err_val = 0;
669

    
670
  if (sk->lifindex != sk->iface->index)
671
    return 1;
672

    
673
  DBG("RIP: RX hook called (iface %s, src %I, dst %I)\n",
674
      sk->iface->name, sk->faddr, sk->laddr);
675

    
676
  /* Silently ignore my own packets */
677
  if (ipa_equal(sk->faddr, sk->saddr))
678
    return 1;
679

    
680
  if (rip_is_ng(p) && !ipa_is_link_local(sk->faddr))
681
    DROP1("wrong src address");
682

    
683
  struct rip_neighbor *n = rip_get_neighbor(p, &sk->faddr, ifa);
684

    
685
  if (!n)
686
    DROP1("not from neighbor");
687

    
688
  if ((ifa->cf->ttl_security == 1) && (sk->rcv_ttl < 255))
689
    DROP("wrong TTL", sk->rcv_ttl);
690

    
691
  if (sk->fport != sk->dport)
692
    DROP("wrong src port", sk->fport);
693

    
694
  if (len < sizeof(struct rip_packet))
695
    DROP("too short", len);
696

    
697
  if (sk->flags & SKF_TRUNCATED)
698
    DROP("truncated", len);
699

    
700
  struct rip_packet *pkt = (struct rip_packet *) sk->rbuf;
701
  uint plen = len;
702

    
703
  if (!pkt->version || (ifa->cf->version_only && (pkt->version != ifa->cf->version)))
704
    DROP("wrong version", pkt->version);
705

    
706
  /* rip_check_authentication() has its own error logging */
707
  if (rip_is_v2(p) && !rip_check_authentication(p, ifa, pkt, &plen, n))
708
    return 1;
709

    
710
  if ((plen - sizeof(struct rip_packet)) % RIP_BLOCK_LENGTH)
711
    DROP("invalid length", plen);
712

    
713
  n->last_seen = current_time();
714
  rip_update_bfd(p, n);
715

    
716
  switch (pkt->command)
717
  {
718
  case RIP_CMD_REQUEST:
719
    rip_receive_request(p, ifa, pkt, plen, n);
720
    break;
721

    
722
  case RIP_CMD_RESPONSE:
723
    rip_receive_response(p, ifa, pkt, plen, n);
724
    break;
725

    
726
  default:
727
    DROP("unknown command", pkt->command);
728
  }
729
  return 1;
730

    
731
drop:
732
  LOG_PKT("Bad packet from %I via %s - %s (%u)",
733
          sk->faddr, sk->iface->name, err_dsc, err_val);
734

    
735
  return 1;
736
}
737

    
738
int
739
rip_open_socket(struct rip_iface *ifa)
740
{
741
  struct rip_proto *p = ifa->rip;
742

    
743
  sock *sk = sk_new(p->p.pool);
744
  sk->type = SK_UDP;
745
  sk->subtype = rip_is_v2(p) ? SK_IPV4 : SK_IPV6;
746
  sk->sport = ifa->cf->port;
747
  sk->dport = ifa->cf->port;
748
  sk->iface = ifa->iface;
749
  sk->saddr = rip_is_v2(p) ? ifa->iface->addr4->ip : ifa->iface->llv6->ip;
750
  sk->vrf = p->p.vrf;
751

    
752
  sk->rx_hook = rip_rx_hook;
753
  sk->tx_hook = rip_tx_hook;
754
  sk->err_hook = rip_err_hook;
755
  sk->data = ifa;
756

    
757
  sk->tos = ifa->cf->tx_tos;
758
  sk->priority = ifa->cf->tx_priority;
759
  sk->ttl = ifa->cf->ttl_security ? 255 : 1;
760
  sk->flags = SKF_LADDR_RX | ((ifa->cf->ttl_security == 1) ? SKF_TTL_RX : 0);
761

    
762
  /* sk->rbsize and sk->tbsize are handled in rip_iface_update_buffers() */
763

    
764
  if (sk_open(sk) < 0)
765
    goto err;
766

    
767
  if (ifa->cf->mode == RIP_IM_MULTICAST)
768
  {
769
    if (sk_setup_multicast(sk) < 0)
770
      goto err;
771

    
772
    if (sk_join_group(sk, ifa->addr) < 0)
773
      goto err;
774
  }
775
  else /* Broadcast */
776
  {
777
    if (sk_setup_broadcast(sk) < 0)
778
      goto err;
779

    
780
    if (ipa_zero(ifa->addr))
781
    {
782
      sk->err = "Missing broadcast address";
783
      goto err;
784
    }
785
  }
786

    
787
  ifa->sk = sk;
788
  return 1;
789

    
790
err:
791
  sk_log_error(sk, p->p.name);
792
  rfree(sk);
793
  return 0;
794
}