struct nhrp_cie_header *cie;
struct nhrp_cache *c;
struct zbuf extpl;
- union sockunion cie_nbma, cie_nbma_nhs, cie_proto, cie_proto_nhs, *proto;
+ union sockunion cie_nbma, cie_nbma_nhs, cie_proto, cie_proto_nhs,
+ *proto;
char buf[64];
int ok = 0, holdtime;
unsigned short mtu = 0;
break;
case NHRP_EXTENSION_RESPONDER_ADDRESS:
/* NHS adds its own record as responder address */
- nhrp_cie_pull(&extpl, p->hdr, &cie_nbma_nhs, &cie_proto_nhs);
+ nhrp_cie_pull(&extpl, p->hdr, &cie_nbma_nhs,
+ &cie_proto_nhs);
break;
}
}
c = nhrp_cache_get(ifp, &p->dst_proto, 1);
if (c)
nhrp_cache_update_binding(c, NHRP_CACHE_NHS, holdtime,
- nhrp_peer_ref(r->peer), mtu, NULL, &cie_nbma_nhs);
+ nhrp_peer_ref(r->peer), mtu, NULL,
+ &cie_nbma_nhs);
}
static int nhrp_reg_timeout(struct thread *t)
/* FIXME: push CIE for each local protocol address */
cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS, NULL, NULL);
/* RFC2332 5.2.1 if unique is set then prefix length must be 0xff */
- cie->prefix_length = (if_ad->flags & NHRP_IFF_REG_NO_UNIQUE) ? 8 * sockunion_get_addrlen(dst_proto) : 0xff;
+ cie->prefix_length = (if_ad->flags & NHRP_IFF_REG_NO_UNIQUE)
+ ? 8 * sockunion_get_addrlen(dst_proto)
+ : 0xff;
cie->holding_time = htons(if_ad->holdtime);
cie->mtu = htons(if_ad->mtu);
hdr->flags |= htons(NHRP_FLAG_REGISTRATION_NAT);
ext = nhrp_ext_push(zb, hdr, NHRP_EXTENSION_NAT_ADDRESS);
/* push NHS details */
- cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS, &r->peer->vc->remote.nbma, &nhs_proto);
+ cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS, &r->peer->vc->remote.nbma,
+ &nhs_proto);
cie->prefix_length = 8 * sockunion_get_addrlen(&if_ad->addr);
cie->mtu = htons(if_ad->mtu);
nhrp_ext_complete(zb, ext);
}
}
-int nhrp_nhs_match_ip(union sockunion *in_ip, struct nhrp_interface *nifp) {
+int nhrp_nhs_match_ip(union sockunion *in_ip, struct nhrp_interface *nifp)
+{
int i;
struct nhrp_nhs *nhs;
struct nhrp_registration *reg;
- for (i=0; i < AFI_MAX; i++)
- {
- list_for_each_entry(nhs, &nifp->afi[i].nhslist_head, nhslist_entry)
+ for (i = 0; i < AFI_MAX; i++) {
+ list_for_each_entry(nhs, &nifp->afi[i].nhslist_head,
+ nhslist_entry)
{
if (!list_empty(&nhs->reglist_head)) {
list_for_each_entry(reg, &nhs->reglist_head,
reglist_entry)
{
- if (!sockunion_cmp(in_ip, ®->peer->vc->remote.nbma))
+ if (!sockunion_cmp(
+ in_ip,
+ ®->peer->vc->remote
+ .nbma))
return 1;
}
}
.ref = 0,
.ifp = key->ifp,
.vc = key->vc,
- .notifier_list =
- NOTIFIER_LIST_INITIALIZER(&p->notifier_list),
+ .notifier_list = NOTIFIER_LIST_INITIALIZER(&p->notifier_list),
};
nhrp_vc_notify_add(p->vc, &p->vc_notifier, nhrp_peer_vc_notify);
nhrp_interface_notify_add(p->ifp, &p->ifp_notifier,
char buf[256];
THREAD_OFF(p->t_timer);
- if(p->online) {
- debugf(NHRP_DEBUG_COMMON, "IPsec connection to %s already established\n", sockunion2str(&vc->remote.nbma, buf, sizeof(buf)) ? buf : "NULL");
- }
- else {
- vici_request_vc(nifp->ipsec_profile, &vc->local.nbma, &vc->remote.nbma,
- p->prio);
- thread_add_timer(master, nhrp_peer_request_timeout, p,
- (nifp->ipsec_fallback_profile && !p->prio) ? 15 : 30,
- &p->t_fallback);
+ if (p->online) {
+ debugf(NHRP_DEBUG_COMMON,
+ "IPsec connection to %s already established\n",
+ sockunion2str(&vc->remote.nbma, buf, sizeof(buf))
+ ? buf
+ : "NULL");
+ } else {
+ vici_request_vc(nifp->ipsec_profile, &vc->local.nbma,
+ &vc->remote.nbma, p->prio);
+ thread_add_timer(
+ master, nhrp_peer_request_timeout, p,
+ (nifp->ipsec_fallback_profile && !p->prio) ? 15 : 30,
+ &p->t_fallback);
}
return 0;
}
p->prio = establish > 1;
p->requested = 1;
- //All NHRP registration requests are prioritized
- if(p->prio)
- {
- vici_request_vc(nifp->ipsec_profile, &vc->local.nbma, &vc->remote.nbma,
- p->prio);
- thread_add_timer(master, nhrp_peer_request_timeout, p,
- (nifp->ipsec_fallback_profile && !p->prio) ? 15 : 30,
- &p->t_fallback);
- }
- else
- {
- int r_time_ms = rand() % 1000; //Maximum timeout is 1 seconds
- debugf(NHRP_DEBUG_COMMON, "Initiating IPsec connection request to %s after %d ms:\n", sockunion2str(&vc->remote.nbma, buf, sizeof(buf)) ? buf : "NULL", r_time_ms);
- thread_add_timer_msec(master, nhrp_peer_defer_vici_request, p, r_time_ms, &p->t_timer);
+ /* All NHRP registration requests are prioritized */
+ if (p->prio) {
+ vici_request_vc(nifp->ipsec_profile, &vc->local.nbma,
+ &vc->remote.nbma, p->prio);
+ thread_add_timer(
+ master, nhrp_peer_request_timeout, p,
+ (nifp->ipsec_fallback_profile && !p->prio) ? 15 : 30,
+ &p->t_fallback);
+ } else {
+ int r_time_ms = rand() % 1000; // Maximum timeout is 1 seconds
+ debugf(NHRP_DEBUG_COMMON,
+ "Initiating IPsec connection request to %s after %d ms:\n",
+ sockunion2str(&vc->remote.nbma, buf, sizeof(buf))
+ ? buf
+ : "NULL",
+ r_time_ms);
+ thread_add_timer_msec(master, nhrp_peer_defer_vici_request,
+ p, r_time_ms, &p->t_timer);
}
return 0;
zbuf_reset(zb);
}
-static void nhrp_process_nat_extension(struct nhrp_packet_parser *pp, union sockunion *proto, union sockunion *cie_nbma)
+static void nhrp_process_nat_extension(struct nhrp_packet_parser *pp,
+ union sockunion *proto,
+ union sockunion *cie_nbma)
{
char buf[2][256];
union sockunion cie_proto;
struct zbuf *extensions;
- if(!proto || !cie_nbma || sockunion_family(proto) == AF_UNSPEC)
+ if (!proto || !cie_nbma || sockunion_family(proto) == AF_UNSPEC)
return;
sockunion_family(cie_nbma) = AF_UNSPEC;
/* Handle extensions */
extensions = zbuf_alloc(zbuf_used(&pp->extensions));
- if(extensions)
- {
- zbuf_copy_peek(extensions, &pp->extensions, zbuf_used(&pp->extensions));
+ if (extensions) {
+ zbuf_copy_peek(extensions, &pp->extensions,
+ zbuf_used(&pp->extensions));
while ((ext = nhrp_ext_pull(extensions, &payload)) != NULL) {
- switch (htons(ext->type) & ~NHRP_EXTENSION_FLAG_COMPULSORY) {
+ switch (htons(ext->type)
+ & ~NHRP_EXTENSION_FLAG_COMPULSORY) {
case NHRP_EXTENSION_NAT_ADDRESS:
- /* Process the NBMA and proto address in NAT extension and update the cache
- * without which the neighbor table in the kernel contains the source NBMA address
- * which is not reachable since it is behind a NAT device */
- debugf(NHRP_DEBUG_COMMON,"Processing NAT Extension for %s", sockunion2str(proto, buf[0], sizeof(buf[0])) ? buf[0] : "NULL");
- while (nhrp_cie_pull(&payload, pp->hdr, cie_nbma, &cie_proto))
- {
- if(sockunion_family(&cie_proto) == AF_UNSPEC)
+ /* Process the NBMA and proto address in NAT
+ * extension and update the cache without which
+ * the neighbor table in the kernel contains the
+ * source NBMA address which is not reachable
+ * since it is behind a NAT device */
+ debugf(NHRP_DEBUG_COMMON,
+ "Processing NAT Extension for %s",
+ sockunion2str(proto, buf[0],
+ sizeof(buf[0]))
+ ? buf[0]
+ : "NULL");
+ while (nhrp_cie_pull(&payload, pp->hdr,
+ cie_nbma, &cie_proto)) {
+ if (sockunion_family(&cie_proto)
+ == AF_UNSPEC)
continue;
- if(!sockunion_cmp(proto, &cie_proto))
- {
- debugf(NHRP_DEBUG_COMMON,"cie_nbma for proto %s is %s", buf[0] ? buf[0] : "NULL", sockunion2str(cie_nbma, buf[1], sizeof(buf[1])) ? buf[1] : "NULL");
+ if (!sockunion_cmp(proto, &cie_proto)) {
+ debugf(NHRP_DEBUG_COMMON,
+ "cie_nbma for proto %s is %s",
+ buf[0] ? buf[0] : "NULL",
+ sockunion2str(
+ cie_nbma, buf[1],
+ sizeof(buf[1]))
+ ? buf[1]
+ : "NULL");
break;
}
}
struct nhrp_cie_header *cie;
struct nhrp_extension_header *ext;
struct nhrp_cache *c;
- union sockunion cie_nbma, cie_nbma_nat, cie_proto, *proto_addr, *nbma_addr, *claimed_nbma_addr;
+ union sockunion cie_nbma, cie_nbma_nat, cie_proto, *proto_addr,
+ *nbma_addr, *claimed_nbma_addr;
int holdtime, prefix_len, hostprefix_len;
struct nhrp_interface *nifp = ifp->info;
struct nhrp_peer *peer;
? &pp->src_proto
: &cie_proto;
- /* Check if there is an entry for this proto_addr in NHRP_NAT_EXTENSION */
+ /* Check if there is an entry for this proto_addr in
+ * NHRP_NAT_EXTENSION */
nhrp_process_nat_extension(pp, proto_addr, &cie_nbma_nat);
- if(sockunion_family(&cie_nbma_nat) == AF_UNSPEC)
- {
- /* It may be possible that this resolution reply is coming directly from NATTED Spoke
- * and there is not NAT Extension present */
- debugf(NHRP_DEBUG_COMMON,"No NAT Extension for %s", sockunion2str(proto_addr, buf, sizeof(buf)) ? buf : "NULL");
-
- if (!sockunion_same(&pp->src_nbma, &pp->peer->vc->remote.nbma) && !nhrp_nhs_match_ip(&pp->peer->vc->remote.nbma, nifp))
- {
- debugf(NHRP_DEBUG_COMMON,"Remote Device is NATTED");
+ if (sockunion_family(&cie_nbma_nat) == AF_UNSPEC) {
+ /* It may be possible that this resolution reply is
+ * coming directly from NATTED Spoke and there is not
+ * NAT Extension present */
+ debugf(NHRP_DEBUG_COMMON, "No NAT Extension for %s",
+ sockunion2str(proto_addr, buf, sizeof(buf))
+ ? buf
+ : "NULL");
+
+ if (!sockunion_same(&pp->src_nbma,
+ &pp->peer->vc->remote.nbma)
+ && !nhrp_nhs_match_ip(&pp->peer->vc->remote.nbma,
+ nifp)) {
+ debugf(NHRP_DEBUG_COMMON,
+ "Remote Device is NATTED");
cie_nbma_nat = pp->peer->vc->remote.nbma;
- debugf(NHRP_DEBUG_COMMON,"Device is natted using %s as cie_nbma", sockunion2str(&cie_nbma_nat, buf, sizeof(buf)) ? buf : "NULL");
+ debugf(NHRP_DEBUG_COMMON,
+ "Device is natted using %s as cie_nbma",
+ sockunion2str(&cie_nbma_nat, buf,
+ sizeof(buf))
+ ? buf
+ : "NULL");
}
}
- if(sockunion_family(&cie_nbma_nat) != AF_UNSPEC)
+ if (sockunion_family(&cie_nbma_nat) != AF_UNSPEC)
nbma_addr = &cie_nbma_nat;
- else if(sockunion_family(&cie_nbma) != AF_UNSPEC)
+ else if (sockunion_family(&cie_nbma) != AF_UNSPEC)
nbma_addr = &cie_nbma;
else
nbma_addr = &pp->src_nbma;
- if(sockunion_family(&cie_nbma) != AF_UNSPEC)
+ if (sockunion_family(&cie_nbma) != AF_UNSPEC)
claimed_nbma_addr = &cie_nbma;
else
claimed_nbma_addr = &pp->src_nbma;
debugf(NHRP_DEBUG_COMMON,
"shortcut res_rep: updating binding for nmba addr %s",
nbma_addr ? buf : "(NULL)");
- if (!nhrp_cache_update_binding(c, NHRP_CACHE_DYNAMIC, holdtime,
- nhrp_peer_get(pp->ifp, nbma_addr),
- htons(cie->mtu), nbma_addr, claimed_nbma_addr)) {
+ if (!nhrp_cache_update_binding(
+ c, NHRP_CACHE_DYNAMIC, holdtime,
+ nhrp_peer_get(pp->ifp, nbma_addr), htons(cie->mtu),
+ nbma_addr, claimed_nbma_addr)) {
cie->code = NHRP_CODE_ADMINISTRATIVELY_PROHIBITED;
continue;
}
goto err;
if (sockunion_family(&nifp->nat_nbma) != AF_UNSPEC) {
cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS,
- &nifp->nat_nbma, &pp->if_ad->addr);
+ &nifp->nat_nbma,
+ &pp->if_ad->addr);
if (!cie)
goto err;
cie->mtu = htons(pp->if_ad->mtu);
: &cie_nbma;
nbma_natoa = NULL;
if (natted) {
- nbma_natoa = (sockunion_family(&p->peer->vc->remote.nbma) == AF_UNSPEC)
- ? nbma_addr
- : &p->peer->vc->remote.nbma;
+ nbma_natoa =
+ (sockunion_family(&p->peer->vc->remote.nbma)
+ == AF_UNSPEC)
+ ? nbma_addr
+ : &p->peer->vc->remote.nbma;
}
holdtime = htons(cie->holding_time);
if (!nhrp_cache_update_binding(c, NHRP_CACHE_DYNAMIC, holdtime,
nhrp_peer_ref(p->peer),
- htons(cie->mtu), nbma_natoa, nbma_addr)) {
+ htons(cie->mtu), nbma_natoa,
+ nbma_addr)) {
cie->code = NHRP_CODE_ADMINISTRATIVELY_PROHIBITED;
continue;
}
zbuf_copy(zb, &payload, zbuf_used(&payload));
if (natted) {
cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS,
- &p->peer->vc->remote.nbma,
- &p->src_proto);
+ &p->peer->vc->remote.nbma,
+ &p->src_proto);
+ cie->prefix_length =
+ 8 * sockunion_get_addrlen(
+ &p->if_ad->addr);
cie->mtu = htons(p->if_ad->mtu);
}
nhrp_ext_complete(zb, ext);
struct nhrp_cie_header *cie;
struct nhrp_interface *nifp = pp->ifp->info;
struct nhrp_afi_data *if_ad = pp->if_ad;
- union sockunion cie_nbma, cie_protocol, cie_protocol_mandatory, *proto = NULL;
+ union sockunion cie_nbma, cie_protocol, cie_protocol_mandatory,
+ *proto = NULL;
uint16_t type, len;
struct nhrp_cache *c;
char buf[SU_ADDRSTRLEN];
}
break;
case NHRP_EXTENSION_NAT_ADDRESS:
- /* if NAT extension is not empty then copy it across else attempt to populate it */
+ /* if NAT extension is not empty then copy it across
+ * else attempt to populate it */
if (len > 0) {
zbuf_copy(zb, &extpl, len);
} else {
- if(packet_types[hdr->type].type == PACKET_REQUEST) {
- debugf(NHRP_DEBUG_COMMON,"Processing NHRP_EXTENSION_NAT_ADDRESS while forwarding the request packet");
+ if (packet_types[hdr->type].type
+ == PACKET_REQUEST) {
+ debugf(NHRP_DEBUG_COMMON,
+ "Processing NHRP_EXTENSION_NAT_ADDRESS while forwarding the request packet");
proto = &pp->src_proto;
- } else if(packet_types[hdr->type].type == PACKET_REPLY) {
- debugf(NHRP_DEBUG_COMMON,"Processing NHRP_EXTENSION_NAT_ADDRESS while forwarding the reply packet");
- /* For reply packet use protocol specified in CIE of mandatory part for cache lookup */
- if(sockunion_family(&cie_protocol_mandatory) != AF_UNSPEC)
+ } else if (packet_types[hdr->type].type
+ == PACKET_REPLY) {
+ debugf(NHRP_DEBUG_COMMON,
+ "Processing NHRP_EXTENSION_NAT_ADDRESS while forwarding the reply packet");
+ /* For reply packet use protocol
+ * specified in CIE of mandatory part
+ * for cache lookup */
+ if (sockunion_family(
+ &cie_protocol_mandatory)
+ != AF_UNSPEC)
proto = &cie_protocol_mandatory;
}
- if(proto) {
- debugf(NHRP_DEBUG_COMMON,"Proto is %s", sockunion2str(proto, buf, sizeof(buf)));
+ if (proto) {
+ debugf(NHRP_DEBUG_COMMON, "Proto is %s",
+ sockunion2str(proto, buf,
+ sizeof(buf)));
c = nhrp_cache_get(nifp->ifp, proto, 0);
- if(c) {
- debugf(NHRP_DEBUG_COMMON,"c->cur.remote_nbma_natoa is %s", sockunion2str(&c->cur.remote_nbma_natoa, buf, sizeof(buf)) ? buf : "NULL");
- if (sockunion_family(&c->cur.remote_nbma_natoa) != AF_UNSPEC) {
- cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS,&c->cur.remote_nbma_natoa, proto);
+ if (c) {
+ debugf(NHRP_DEBUG_COMMON,
+ "c->cur.remote_nbma_natoa is %s",
+ sockunion2str(
+ &c->cur.remote_nbma_natoa,
+ buf, sizeof(buf))
+ ? buf
+ : "NULL");
+ if (sockunion_family(
+ &c->cur.remote_nbma_natoa)
+ != AF_UNSPEC) {
+ cie = nhrp_cie_push(
+ zb,
+ NHRP_CODE_SUCCESS,
+ &c->cur.remote_nbma_natoa,
+ proto);
if (!cie)
goto err;
}
} else {
- debugf(NHRP_DEBUG_COMMON,"No cache entry for Proto is %s", sockunion2str(proto, buf, sizeof(buf)));
+ debugf(NHRP_DEBUG_COMMON,
+ "No cache entry for Proto is %s",
+ sockunion2str(
+ proto, buf,
+ sizeof(buf)));
zbuf_put(zb, extpl.head, len);
}
} else {
union sockunion cie_nat_proto, cie_nat_nbma;
sockunion_family(&cie_nat_proto) = AF_UNSPEC;
sockunion_family(&cie_nat_nbma) = AF_UNSPEC;
- cie_nat = nhrp_cie_pull(&extpl, pp->hdr, &cie_nat_nbma, &cie_nat_proto);
+ cie_nat = nhrp_cie_pull(&extpl, pp->hdr,
+ &cie_nat_nbma,
+ &cie_nat_proto);
/* We are interested only in peer CIE */
- if (cie_nat && sockunion_same(&cie_nat_proto, proto)) {
+ if (cie_nat
+ && sockunion_same(&cie_nat_proto, proto)) {
nat_nbma = cie_nat_nbma;
}
} while (cie_nat);
/* Update cache entry for the protocol to nbma binding */
if (sockunion_family(&nat_nbma) != AF_UNSPEC) {
- debugf(NHRP_DEBUG_COMMON,"Remote Device is NATTED, NHRP NAT Extension present");
- debugf(NHRP_DEBUG_COMMON,"Client NBMA Address %s", sockunion2str(&nat_nbma, buf[1], sizeof(buf[1])));
+ debugf(NHRP_DEBUG_COMMON,
+ "Remote Device is NATTED, NHRP NAT Extension present");
+ debugf(NHRP_DEBUG_COMMON,
+ "Client NBMA Address %s",
+ sockunion2str(&nat_nbma, buf[1], sizeof(buf[1])));
nbma = &nat_nbma;
- }
- /* For NHRP resolution reply the cie_nbma in mandatory part is the address of the actual address of the sender */
- else if (!sockunion_same(&cie_nbma, &pp->peer->vc->remote.nbma) && !nhrp_nhs_match_ip(&pp->peer->vc->remote.nbma, nifp)) {
- debugf(NHRP_DEBUG_COMMON,"Remote Device is NATTED, NHRP NAT Extension not present for proto %s", sockunion2str(proto, buf[0], sizeof(buf[0])));
- debugf(NHRP_DEBUG_COMMON,"cie_nbma %s", sockunion2str(&cie_nbma, buf[1], sizeof(buf[1])));
- debugf(NHRP_DEBUG_COMMON,"remote.nbma %s", sockunion2str(&pp->peer->vc->remote.nbma, buf[1], sizeof(buf[1])));
+ }
+ /* For NHRP resolution reply the cie_nbma in mandatory part is the
+ * address of the actual address of the sender */
+ else if (!sockunion_same(&cie_nbma, &pp->peer->vc->remote.nbma)
+ && !nhrp_nhs_match_ip(&pp->peer->vc->remote.nbma, nifp)) {
+ debugf(NHRP_DEBUG_COMMON,
+ "Remote Device is NATTED, NHRP NAT Extension not present for proto %s",
+ sockunion2str(proto, buf[0], sizeof(buf[0])));
+ debugf(NHRP_DEBUG_COMMON, "cie_nbma %s",
+ sockunion2str(&cie_nbma, buf[1], sizeof(buf[1])));
+ debugf(NHRP_DEBUG_COMMON, "remote.nbma %s",
+ sockunion2str(&pp->peer->vc->remote.nbma, buf[1],
+ sizeof(buf[1])));
nbma = &pp->peer->vc->remote.nbma;
nat_nbma = *nbma;
} else {
/* Cisco NAT detection extension */
hdr->flags |= htons(NHRP_FLAG_RESOLUTION_NAT);
ext = nhrp_ext_push(zb, hdr, NHRP_EXTENSION_NAT_ADDRESS);
- if (sockunion_family(&nifp->nat_nbma) != AF_UNSPEC)
- {
- cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS,
- &nifp->nat_nbma, &if_ad->addr);
+ if (sockunion_family(&nifp->nat_nbma) != AF_UNSPEC) {
+ cie = nhrp_cie_push(zb, NHRP_CODE_SUCCESS, &nifp->nat_nbma,
+ &if_ad->addr);
cie->prefix_length = 8 * sockunion_get_addrlen(&if_ad->addr);
cie->mtu = htons(if_ad->mtu);
nhrp_ext_complete(zb, ext);
projects / mirror / frr.git / commitdiff