1 /* 2 * dhcpcd - DHCP client daemon 3 * Copyright (c) 2006-2015 Roy Marples <roy (at) marples.name> 4 * All rights reserved 5 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 /* TODO: We should decline dupliate addresses detected */ 29 30 #include <sys/stat.h> 31 #include <sys/utsname.h> 32 33 #include <netinet/in.h> 34 35 #include <ctype.h> 36 #include <errno.h> 37 #include <fcntl.h> 38 #include <inttypes.h> 39 #include <stdlib.h> 40 #include <string.h> 41 #include <unistd.h> 42 43 #define ELOOP_QUEUE 4 44 #include "config.h" 45 #include "common.h" 46 #include "dhcp.h" 47 #include "dhcp6.h" 48 #include "duid.h" 49 #include "eloop.h" 50 #include "if.h" 51 #include "if-options.h" 52 #include "ipv6nd.h" 53 #include "rpc-interface.h" 54 #include "script.h" 55 56 #ifndef __UNCONST 57 #define __UNCONST(a) ((void *)(unsigned long)(const void *)(a)) 58 #endif 59 60 /* DHCPCD Project has been assigned an IANA PEN of 40712 */ 61 #define DHCPCD_IANA_PEN 40712 62 63 /* Unsure if I want this */ 64 //#define VENDOR_SPLIT 65 66 /* Support older systems with different defines */ 67 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO) 68 #define IPV6_RECVPKTINFO IPV6_PKTINFO 69 #endif 70 71 struct dhcp6_op { 72 uint16_t type; 73 const char *name; 74 }; 75 76 static const struct dhcp6_op dhcp6_ops[] = { 77 { DHCP6_SOLICIT, "SOLICIT6" }, 78 { DHCP6_ADVERTISE, "ADVERTISE6" }, 79 { DHCP6_REQUEST, "REQUEST6" }, 80 { DHCP6_REPLY, "REPLY6" }, 81 { DHCP6_RENEW, "RENEW6" }, 82 { DHCP6_REBIND, "REBIND6" }, 83 { DHCP6_CONFIRM, "CONFIRM6" }, 84 { DHCP6_INFORMATION_REQ, "INFORM6" }, 85 { DHCP6_RELEASE, "RELEASE6" }, 86 { DHCP6_RECONFIGURE, "RECONFIURE6" }, 87 { 0, NULL } 88 }; 89 90 struct dhcp_compat { 91 uint8_t dhcp_opt; 92 uint16_t dhcp6_opt; 93 }; 94 95 const struct dhcp_compat dhcp_compats[] = { 96 { DHO_DNSSERVER, D6_OPTION_DNS_SERVERS }, 97 { DHO_HOSTNAME, D6_OPTION_FQDN }, 98 { DHO_DNSDOMAIN, D6_OPTION_FQDN }, 99 { DHO_NISSERVER, D6_OPTION_NIS_SERVERS }, 100 { DHO_NTPSERVER, D6_OPTION_SNTP_SERVERS }, 101 { DHO_RAPIDCOMMIT, D6_OPTION_RAPID_COMMIT }, 102 { DHO_FQDN, D6_OPTION_FQDN }, 103 { DHO_VIVCO, D6_OPTION_VENDOR_CLASS }, 104 { DHO_VIVSO, D6_OPTION_VENDOR_OPTS }, 105 { DHO_DNSSEARCH, D6_OPTION_DOMAIN_LIST }, 106 { 0, 0 } 107 }; 108 109 static const char * const dhcp6_statuses[] = { 110 "Success", 111 "Unspecified Failure", 112 "No Addresses Available", 113 "No Binding", 114 "Not On Link", 115 "Use Multicast" 116 }; 117 118 struct dhcp6_ia_addr { 119 struct in6_addr addr; 120 uint32_t pltime; 121 uint32_t vltime; 122 } __packed; 123 124 struct dhcp6_pd_addr { 125 uint32_t pltime; 126 uint32_t vltime; 127 uint8_t prefix_len; 128 struct in6_addr prefix; 129 } __packed; 130 131 void 132 dhcp6_printoptions(const struct dhcpcd_ctx *ctx, 133 const struct dhcp_opt *opts, size_t opts_len) 134 { 135 size_t i, j; 136 const struct dhcp_opt *opt, *opt2; 137 int cols; 138 139 for (i = 0, opt = ctx->dhcp6_opts; 140 i < ctx->dhcp6_opts_len; i++, opt++) 141 { 142 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 143 if (opt2->option == opt->option) 144 break; 145 if (j == opts_len) { 146 cols = printf("%05d %s", opt->option, opt->var); 147 dhcp_print_option_encoding(opt, cols); 148 } 149 } 150 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 151 cols = printf("%05d %s", opt->option, opt->var); 152 dhcp_print_option_encoding(opt, cols); 153 } 154 } 155 156 static size_t 157 dhcp6_makevendor(struct dhcp6_option *o, const struct interface *ifp) 158 { 159 const struct if_options *ifo; 160 size_t len, i; 161 uint8_t *p; 162 uint16_t u16; 163 uint32_t u32; 164 ssize_t vlen; 165 const struct vivco *vivco; 166 char vendor[VENDORCLASSID_MAX_LEN]; 167 168 ifo = ifp->options; 169 len = sizeof(uint32_t); /* IANA PEN */ 170 if (ifo->vivco_en) { 171 for (i = 0, vivco = ifo->vivco; 172 i < ifo->vivco_len; 173 i++, vivco++) 174 len += sizeof(uint16_t) + vivco->len; 175 vlen = 0; /* silence bogus gcc warning */ 176 } else { 177 vlen = dhcp_vendor(vendor, sizeof(vendor)); 178 if (vlen == -1) 179 vlen = 0; 180 else 181 len += sizeof(uint16_t) + (size_t)vlen; 182 } 183 184 if (len > UINT16_MAX) { 185 logger(ifp->ctx, LOG_ERR, 186 "%s: DHCPv6 Vendor Class too big", ifp->name); 187 return 0; 188 } 189 190 if (o) { 191 o->code = htons(D6_OPTION_VENDOR_CLASS); 192 o->len = htons((uint16_t)len); 193 p = D6_OPTION_DATA(o); 194 u32 = htonl(ifo->vivco_en ? ifo->vivco_en : DHCPCD_IANA_PEN); 195 memcpy(p, &u32, sizeof(u32)); 196 p += sizeof(u32); 197 if (ifo->vivco_en) { 198 for (i = 0, vivco = ifo->vivco; 199 i < ifo->vivco_len; 200 i++, vivco++) 201 { 202 u16 = htons((uint16_t)vivco->len); 203 memcpy(p, &u16, sizeof(u16)); 204 p += sizeof(u16); 205 memcpy(p, vivco->data, vivco->len); 206 p += vivco->len; 207 } 208 } else if (vlen) { 209 u16 = htons((uint16_t)vlen); 210 memcpy(p, &u16, sizeof(u16)); 211 p += sizeof(u16); 212 memcpy(p, vendor, (size_t)vlen); 213 } 214 } 215 216 return len; 217 } 218 219 static const struct dhcp6_option * 220 dhcp6_findoption(uint16_t code, const uint8_t *d, size_t len) 221 { 222 const struct dhcp6_option *o; 223 size_t ol; 224 225 code = htons(code); 226 for (o = (const struct dhcp6_option *)d; 227 len >= sizeof(*o); 228 o = D6_CNEXT_OPTION(o)) 229 { 230 ol = sizeof(*o) + ntohs(o->len); 231 if (ol > len) { 232 errno = EINVAL; 233 return NULL; 234 } 235 if (o->code == code) 236 return o; 237 len -= ol; 238 } 239 240 errno = ESRCH; 241 return NULL; 242 } 243 244 static const uint8_t * 245 dhcp6_getoption(struct dhcpcd_ctx *ctx, 246 size_t *os, unsigned int *code, size_t *len, 247 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 248 { 249 const struct dhcp6_option *o; 250 size_t i; 251 struct dhcp_opt *opt; 252 253 if (od) { 254 *os = sizeof(*o); 255 if (ol < *os) { 256 errno = EINVAL; 257 return NULL; 258 } 259 o = (const struct dhcp6_option *)od; 260 *len = ntohs(o->len); 261 if (*len > ol - *os) { 262 errno = EINVAL; 263 return NULL; 264 } 265 *code = ntohs(o->code); 266 } else 267 o = NULL; 268 269 *oopt = NULL; 270 for (i = 0, opt = ctx->dhcp6_opts; 271 i < ctx->dhcp6_opts_len; i++, opt++) 272 { 273 if (opt->option == *code) { 274 *oopt = opt; 275 break; 276 } 277 } 278 279 if (o) 280 return D6_COPTION_DATA(o); 281 return NULL; 282 } 283 284 static const struct dhcp6_option * 285 dhcp6_getmoption(uint16_t code, const struct dhcp6_message *m, size_t len) 286 { 287 288 if (len < sizeof(*m)) { 289 errno = EINVAL; 290 return NULL; 291 } 292 len -= sizeof(*m); 293 return dhcp6_findoption(code, 294 (const uint8_t *)D6_CFIRST_OPTION(m), len); 295 } 296 297 static int 298 dhcp6_updateelapsed(struct interface *ifp, struct dhcp6_message *m, size_t len) 299 { 300 struct dhcp6_state *state; 301 const struct dhcp6_option *co; 302 struct dhcp6_option *o; 303 time_t up; 304 uint16_t u16; 305 306 co = dhcp6_getmoption(D6_OPTION_ELAPSED, m, len); 307 if (co == NULL) 308 return -1; 309 310 o = __UNCONST(co); 311 state = D6_STATE(ifp); 312 up = uptime() - state->start_uptime; 313 if (up < 0 || up > (time_t)UINT16_MAX) 314 up = (time_t)UINT16_MAX; 315 u16 = htons((uint16_t)up); 316 memcpy(D6_OPTION_DATA(o), &u16, sizeof(u16)); 317 return 0; 318 } 319 320 static void 321 dhcp6_newxid(const struct interface *ifp, struct dhcp6_message *m) 322 { 323 uint32_t xid; 324 325 if (ifp->options->options & DHCPCD_XID_HWADDR && 326 ifp->hwlen >= sizeof(xid)) 327 /* The lower bits are probably more unique on the network */ 328 memcpy(&xid, (ifp->hwaddr + ifp->hwlen) - sizeof(xid), 329 sizeof(xid)); 330 else 331 xid = arc4random(); 332 333 m->xid[0] = (xid >> 16) & 0xff; 334 m->xid[1] = (xid >> 8) & 0xff; 335 m->xid[2] = xid & 0xff; 336 } 337 338 static const struct if_sla * 339 dhcp6_findselfsla(struct interface *ifp, const uint8_t *iaid) 340 { 341 size_t i, j; 342 343 for (i = 0; i < ifp->options->ia_len; i++) { 344 if (iaid == NULL || 345 memcmp(&ifp->options->ia[i].iaid, iaid, 346 sizeof(ifp->options->ia[i].iaid)) == 0) 347 { 348 for (j = 0; j < ifp->options->ia[i].sla_len; j++) { 349 if (strcmp(ifp->options->ia[i].sla[j].ifname, 350 ifp->name) == 0) 351 return &ifp->options->ia[i].sla[j]; 352 } 353 } 354 } 355 return NULL; 356 } 357 358 359 #ifndef ffs32 360 static int 361 ffs32(uint32_t n) 362 { 363 int v; 364 365 if (!n) 366 return 0; 367 368 v = 1; 369 if ((n & 0x0000FFFFU) == 0) { 370 n >>= 16; 371 v += 16; 372 } 373 if ((n & 0x000000FFU) == 0) { 374 n >>= 8; 375 v += 8; 376 } 377 if ((n & 0x0000000FU) == 0) { 378 n >>= 4; 379 v += 4; 380 } 381 if ((n & 0x00000003U) == 0) { 382 n >>= 2; 383 v += 2; 384 } 385 if ((n & 0x00000001U) == 0) 386 v += 1; 387 388 return v; 389 } 390 #endif 391 392 static int 393 dhcp6_delegateaddr(struct in6_addr *addr, struct interface *ifp, 394 const struct ipv6_addr *prefix, const struct if_sla *sla, struct if_ia *ia) 395 { 396 struct dhcp6_state *state; 397 struct if_sla asla; 398 char sabuf[INET6_ADDRSTRLEN]; 399 const char *sa; 400 401 state = D6_STATE(ifp); 402 if (state == NULL) { 403 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 404 state = D6_STATE(ifp); 405 if (state == NULL) { 406 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 407 return -1; 408 } 409 410 TAILQ_INIT(&state->addrs); 411 state->state = DH6S_DELEGATED; 412 state->reason = "DELEGATED6"; 413 } 414 415 if (sla == NULL || sla->sla_set == 0) { 416 asla.sla = ifp->index; 417 asla.prefix_len = 0; 418 sla = &asla; 419 } else if (sla->prefix_len == 0) { 420 asla.sla = sla->sla; 421 if (asla.sla == 0) 422 asla.prefix_len = prefix->prefix_len; 423 else 424 asla.prefix_len = 0; 425 sla = &asla; 426 } 427 if (sla->prefix_len == 0) { 428 uint32_t sla_max; 429 int bits; 430 431 if (ia->sla_max == 0) { 432 const struct interface *ifi; 433 434 sla_max = 0; 435 TAILQ_FOREACH(ifi, ifp->ctx->ifaces, next) { 436 if (ifi != ifp && ifi->index > sla_max) 437 sla_max = ifi->index; 438 } 439 } else 440 sla_max = ia->sla_max; 441 442 bits = ffs32(sla_max); 443 444 if (prefix->prefix_len + bits > UINT8_MAX) 445 asla.prefix_len = UINT8_MAX; 446 else { 447 asla.prefix_len = (uint8_t)(prefix->prefix_len + bits); 448 449 /* Make a 64 prefix by default, as this maks SLAAC 450 * possible. Otherwise round up to the nearest octet. */ 451 if (asla.prefix_len <= 64) 452 asla.prefix_len = 64; 453 else 454 asla.prefix_len = (uint8_t)ROUNDUP8(asla.prefix_len); 455 456 } 457 458 #define BIT(n) (1l << (n)) 459 #define BIT_MASK(len) (BIT(len) - 1) 460 if (ia->sla_max == 0) 461 /* Work out the real sla_max from our bits used */ 462 ia->sla_max = (uint32_t)BIT_MASK(asla.prefix_len - 463 prefix->prefix_len); 464 } 465 466 if (ipv6_userprefix(&prefix->prefix, prefix->prefix_len, 467 sla->sla, addr, sla->prefix_len) == -1) 468 { 469 sa = inet_ntop(AF_INET6, &prefix->prefix, 470 sabuf, sizeof(sabuf)); 471 logger(ifp->ctx, LOG_ERR, 472 "%s: invalid prefix %s/%d + %d/%d: %m", 473 ifp->name, sa, prefix->prefix_len, 474 sla->sla, sla->prefix_len); 475 return -1; 476 } 477 478 if (prefix->prefix_exclude_len && 479 IN6_ARE_ADDR_EQUAL(addr, &prefix->prefix_exclude)) 480 { 481 sa = inet_ntop(AF_INET6, &prefix->prefix_exclude, 482 sabuf, sizeof(sabuf)); 483 logger(ifp->ctx, LOG_ERR, 484 "%s: cannot delegate excluded prefix %s/%d", 485 ifp->name, sa, prefix->prefix_exclude_len); 486 return -1; 487 } 488 489 return sla->prefix_len; 490 } 491 492 int 493 dhcp6_has_public_addr(const struct interface *ifp) 494 { 495 const struct dhcp6_state *state = D6_CSTATE(ifp); 496 const struct ipv6_addr *ia; 497 498 if (state == NULL) 499 return 0; 500 TAILQ_FOREACH(ia, &state->addrs, next) { 501 if (ipv6_publicaddr(ia)) 502 return 1; 503 } 504 return 0; 505 } 506 507 static int 508 dhcp6_makemessage(struct interface *ifp) 509 { 510 struct dhcp6_state *state; 511 struct dhcp6_message *m; 512 struct dhcp6_option *o, *so, *eo; 513 const struct dhcp6_option *si, *unicast; 514 size_t l, n, len, ml; 515 uint8_t u8, type; 516 uint16_t u16, n_options, auth_len; 517 struct if_options *ifo; 518 const struct dhcp_opt *opt, *opt2; 519 uint8_t IA, *p; 520 const uint8_t *pp; 521 uint32_t u32; 522 const struct ipv6_addr *ap; 523 char hbuf[HOSTNAME_MAX_LEN + 1]; 524 const char *hostname; 525 int fqdn; 526 struct dhcp6_ia_addr *iap; 527 struct dhcp6_pd_addr *pdp; 528 529 state = D6_STATE(ifp); 530 if (state->send) { 531 free(state->send); 532 state->send = NULL; 533 } 534 535 ifo = ifp->options; 536 fqdn = ifo->fqdn; 537 538 if (fqdn == FQDN_DISABLE && ifo->options & DHCPCD_HOSTNAME) { 539 /* We're sending the DHCPv4 hostname option, so send FQDN as 540 * DHCPv6 has no FQDN option and DHCPv4 must not send 541 * hostname and FQDN according to RFC4702 */ 542 fqdn = FQDN_BOTH; 543 } 544 if (fqdn != FQDN_DISABLE) { 545 if (ifo->hostname[0] == '\0') 546 hostname = get_hostname(hbuf, sizeof(hbuf), 547 ifo->options & DHCPCD_HOSTNAME_SHORT ? 1 : 0); 548 else 549 hostname = ifo->hostname; 550 } else 551 hostname = NULL; /* appearse gcc */ 552 553 /* Work out option size first */ 554 n_options = 0; 555 len = 0; 556 si = NULL; 557 if (state->state != DH6S_RELEASE) { 558 for (l = 0, opt = ifp->ctx->dhcp6_opts; 559 l < ifp->ctx->dhcp6_opts_len; 560 l++, opt++) 561 { 562 for (n = 0, opt2 = ifo->dhcp6_override; 563 n < ifo->dhcp6_override_len; 564 n++, opt2++) 565 { 566 if (opt->option == opt2->option) 567 break; 568 } 569 if (n < ifo->dhcp6_override_len) 570 continue; 571 if (!(opt->type & NOREQ) && 572 (opt->type & REQUEST || 573 has_option_mask(ifo->requestmask6, opt->option))) 574 { 575 n_options++; 576 len += sizeof(u16); 577 } 578 } 579 for (l = 0, opt = ifo->dhcp6_override; 580 l < ifo->dhcp6_override_len; 581 l++, opt++) 582 { 583 if (!(opt->type & NOREQ) && 584 (opt->type & REQUEST || 585 has_option_mask(ifo->requestmask6, opt->option))) 586 { 587 n_options++; 588 len += sizeof(u16); 589 } 590 } 591 if (dhcp6_findselfsla(ifp, NULL)) { 592 n_options++; 593 len += sizeof(u16); 594 } 595 if (len) 596 len += sizeof(*o); 597 598 if (fqdn != FQDN_DISABLE) 599 len += sizeof(*o) + 1 + encode_rfc1035(hostname, NULL); 600 601 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 602 DHCPCD_AUTH_SENDREQUIRE) 603 len += sizeof(*o); /* Reconfigure Accept */ 604 } 605 606 len += sizeof(*state->send); 607 len += sizeof(*o) + ifp->ctx->duid_len; 608 len += sizeof(*o) + sizeof(uint16_t); /* elapsed */ 609 len += sizeof(*o) + dhcp6_makevendor(NULL, ifp); 610 611 /* IA */ 612 m = NULL; 613 ml = 0; 614 switch(state->state) { 615 case DH6S_REQUEST: 616 m = state->recv; 617 ml = state->recv_len; 618 /* FALLTHROUGH */ 619 case DH6S_RELEASE: 620 /* FALLTHROUGH */ 621 case DH6S_RENEW: 622 if (m == NULL) { 623 m = state->new; 624 ml = state->new_len; 625 } 626 si = dhcp6_getmoption(D6_OPTION_SERVERID, m, ml); 627 if (si == NULL) { 628 errno = ESRCH; 629 return -1; 630 } 631 len += sizeof(*si) + ntohs(si->len); 632 /* FALLTHROUGH */ 633 case DH6S_REBIND: 634 /* FALLTHROUGH */ 635 case DH6S_CONFIRM: 636 /* FALLTHROUGH */ 637 case DH6S_DISCOVER: 638 if (m == NULL) { 639 m = state->new; 640 ml = state->new_len; 641 } 642 TAILQ_FOREACH(ap, &state->addrs, next) { 643 if (ap->prefix_vltime == 0 && 644 !(ap->flags & IPV6_AF_REQUEST)) 645 continue; 646 if (ap->ia_type == D6_OPTION_IA_PD) { 647 if (!(ifo->options & DHCPCD_NOPFXDLG)) { 648 len += sizeof(*o) + sizeof(u8) + 649 sizeof(u32) + sizeof(u32) + 650 sizeof(ap->prefix); 651 if (ap->prefix_exclude_len) 652 len += sizeof(*o) + 1 + 653 (uint8_t)((ap->prefix_exclude_len - 654 ap->prefix_len - 1) / NBBY) 655 + 1; 656 657 } 658 } else if (!(ifo->options & DHCPCD_PFXDLGONLY)) 659 len += sizeof(*o) + sizeof(ap->addr) + 660 sizeof(u32) + sizeof(u32); 661 } 662 /* FALLTHROUGH */ 663 case DH6S_INIT: 664 for (l = 0; l < ifo->ia_len; l++) { 665 if (ifo->ia[l].ia_type == D6_OPTION_IA_PD) { 666 if (ifo->options & DHCPCD_NOPFXDLG) 667 continue; 668 } else if (ifo->options & DHCPCD_PFXDLGONLY) 669 continue; 670 len += sizeof(*o) + (sizeof(u32) * 3); 671 } 672 IA = 1; 673 break; 674 default: 675 IA = 0; 676 } 677 678 if (state->state == DH6S_DISCOVER && 679 !(ifp->ctx->options & DHCPCD_TEST) && 680 has_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT)) 681 len += sizeof(*o); 682 683 if (m == NULL) { 684 m = state->new; 685 ml = state->new_len; 686 } 687 unicast = NULL; 688 /* Depending on state, get the unicast address */ 689 switch(state->state) { 690 break; 691 case DH6S_INIT: /* FALLTHROUGH */ 692 case DH6S_DISCOVER: 693 type = DHCP6_SOLICIT; 694 break; 695 case DH6S_REQUEST: 696 type = DHCP6_REQUEST; 697 unicast = dhcp6_getmoption(D6_OPTION_UNICAST, m, ml); 698 break; 699 case DH6S_CONFIRM: 700 type = DHCP6_CONFIRM; 701 break; 702 case DH6S_REBIND: 703 type = DHCP6_REBIND; 704 break; 705 case DH6S_RENEW: 706 type = DHCP6_RENEW; 707 unicast = dhcp6_getmoption(D6_OPTION_UNICAST, m, ml); 708 break; 709 case DH6S_INFORM: 710 type = DHCP6_INFORMATION_REQ; 711 break; 712 case DH6S_RELEASE: 713 type = DHCP6_RELEASE; 714 unicast = dhcp6_getmoption(D6_OPTION_UNICAST, m, ml); 715 break; 716 default: 717 errno = EINVAL; 718 return -1; 719 } 720 721 auth_len = 0; 722 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 723 ssize_t alen = dhcp_auth_encode(&ifo->auth, 724 state->auth.token, NULL, 0, 6, type, NULL, 0); 725 if (alen != -1 && alen > UINT16_MAX) { 726 errno = ERANGE; 727 alen = -1; 728 } 729 if (alen == -1) 730 logger(ifp->ctx, LOG_ERR, 731 "%s: dhcp_auth_encode: %m", ifp->name); 732 else if (alen != 0) { 733 auth_len = (uint16_t)alen; 734 len += sizeof(*o) + auth_len; 735 } 736 } 737 738 state->send = malloc(len); 739 if (state->send == NULL) 740 return -1; 741 742 state->send_len = len; 743 state->send->type = type; 744 745 /* If we found a unicast option, copy it to our state for sending */ 746 if (unicast && ntohs(unicast->len) == sizeof(state->unicast)) 747 memcpy(&state->unicast, D6_COPTION_DATA(unicast), 748 sizeof(state->unicast)); 749 else 750 state->unicast = in6addr_any; 751 752 dhcp6_newxid(ifp, state->send); 753 754 o = D6_FIRST_OPTION(state->send); 755 o->code = htons(D6_OPTION_CLIENTID); 756 o->len = htons((uint16_t)ifp->ctx->duid_len); 757 memcpy(D6_OPTION_DATA(o), ifp->ctx->duid, ifp->ctx->duid_len); 758 759 if (si) { 760 o = D6_NEXT_OPTION(o); 761 memcpy(o, si, sizeof(*si) + ntohs(si->len)); 762 } 763 764 o = D6_NEXT_OPTION(o); 765 o->code = htons(D6_OPTION_ELAPSED); 766 o->len = htons(sizeof(uint16_t)); 767 p = D6_OPTION_DATA(o); 768 memset(p, 0, sizeof(uint16_t)); 769 770 o = D6_NEXT_OPTION(o); 771 dhcp6_makevendor(o, ifp); 772 773 if (state->state == DH6S_DISCOVER && 774 !(ifp->ctx->options & DHCPCD_TEST) && 775 has_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT)) 776 { 777 o = D6_NEXT_OPTION(o); 778 o->code = htons(D6_OPTION_RAPID_COMMIT); 779 o->len = 0; 780 } 781 782 for (l = 0; IA && l < ifo->ia_len; l++) { 783 if (ifo->ia[l].ia_type == D6_OPTION_IA_PD) { 784 if (ifo->options & DHCPCD_NOPFXDLG) 785 continue; 786 } else if (ifo->options & DHCPCD_PFXDLGONLY) 787 continue; 788 o = D6_NEXT_OPTION(o); 789 o->code = htons(ifo->ia[l].ia_type); 790 o->len = htons(sizeof(u32) + sizeof(u32) + sizeof(u32)); 791 p = D6_OPTION_DATA(o); 792 memcpy(p, ifo->ia[l].iaid, sizeof(u32)); 793 p += sizeof(u32); 794 memset(p, 0, sizeof(u32) + sizeof(u32)); 795 TAILQ_FOREACH(ap, &state->addrs, next) { 796 if (ap->prefix_vltime == 0 && 797 !(ap->flags & IPV6_AF_REQUEST)) 798 continue; 799 if (memcmp(ifo->ia[l].iaid, ap->iaid, sizeof(u32))) 800 continue; 801 so = D6_NEXT_OPTION(o); 802 if (ap->ia_type == D6_OPTION_IA_PD) { 803 so->code = htons(D6_OPTION_IAPREFIX); 804 so->len = htons(sizeof(ap->prefix) + 805 sizeof(u32) + sizeof(u32) + sizeof(u8)); 806 pdp = (struct dhcp6_pd_addr *) 807 D6_OPTION_DATA(so); 808 pdp->pltime = htonl(ap->prefix_pltime); 809 pdp->vltime = htonl(ap->prefix_vltime); 810 pdp->prefix_len = ap->prefix_len; 811 pdp->prefix = ap->prefix; 812 813 /* RFC6603 Section 4.2 */ 814 if (ap->prefix_exclude_len) { 815 n = (size_t)((ap->prefix_exclude_len - 816 ap->prefix_len - 1) / NBBY) + 1; 817 eo = D6_NEXT_OPTION(so); 818 eo->code = htons(D6_OPTION_PD_EXCLUDE); 819 eo->len = (uint16_t)(n + 1); 820 p = D6_OPTION_DATA(eo); 821 *p++ = (uint8_t)ap->prefix_exclude_len; 822 pp = ap->prefix_exclude.s6_addr; 823 pp += (size_t)((ap->prefix_len - 1) / NBBY) 824 + (n - 1); 825 u8 = ap->prefix_len % NBBY; 826 if (u8) 827 n--; 828 while (n-- > 0) 829 *p++ = *pp--; 830 if (u8) 831 *p = (uint8_t)(*pp << u8); 832 u16 = (uint16_t)(ntohs(so->len) + 833 sizeof(*eo) + eo->len); 834 so->len = htons(u16); 835 eo->len = htons(eo->len); 836 } 837 838 u16 = (uint16_t)(ntohs(o->len) + sizeof(*so) 839 + ntohs(so->len)); 840 o->len = htons(u16); 841 } else { 842 so->code = htons(D6_OPTION_IA_ADDR); 843 so->len = sizeof(ap->addr) + 844 sizeof(u32) + sizeof(u32); 845 iap = (struct dhcp6_ia_addr *) 846 D6_OPTION_DATA(so); 847 iap->addr = ap->addr; 848 iap->pltime = htonl(ap->prefix_pltime); 849 iap->vltime = htonl(ap->prefix_vltime); 850 u16 = (uint16_t)(ntohs(o->len) + sizeof(*so) 851 + so->len); 852 so->len = htons(so->len); 853 o->len = htons(u16); 854 } 855 } 856 } 857 858 if (state->send->type != DHCP6_RELEASE) { 859 if (fqdn != FQDN_DISABLE) { 860 o = D6_NEXT_OPTION(o); 861 o->code = htons(D6_OPTION_FQDN); 862 p = D6_OPTION_DATA(o); 863 switch (fqdn) { 864 case FQDN_BOTH: 865 *p = D6_FQDN_BOTH; 866 break; 867 case FQDN_PTR: 868 *p = D6_FQDN_PTR; 869 break; 870 default: 871 *p = D6_FQDN_NONE; 872 break; 873 } 874 l = encode_rfc1035(hostname, p + 1); 875 if (l == 0) 876 *p = D6_FQDN_NONE; 877 o->len = htons((uint16_t)(l + 1)); 878 } 879 880 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 881 DHCPCD_AUTH_SENDREQUIRE) 882 { 883 o = D6_NEXT_OPTION(o); 884 o->code = htons(D6_OPTION_RECONF_ACCEPT); 885 o->len = 0; 886 } 887 888 if (n_options) { 889 o = D6_NEXT_OPTION(o); 890 o->code = htons(D6_OPTION_ORO); 891 o->len = 0; 892 p = D6_OPTION_DATA(o); 893 for (l = 0, opt = ifp->ctx->dhcp6_opts; 894 l < ifp->ctx->dhcp6_opts_len; 895 l++, opt++) 896 { 897 for (n = 0, opt2 = ifo->dhcp6_override; 898 n < ifo->dhcp6_override_len; 899 n++, opt2++) 900 { 901 if (opt->option == opt2->option) 902 break; 903 } 904 if (n < ifo->dhcp6_override_len) 905 continue; 906 if (!(opt->type & NOREQ) && 907 (opt->type & REQUEST || 908 has_option_mask(ifo->requestmask6, 909 opt->option))) 910 { 911 u16 = htons((uint16_t)opt->option); 912 memcpy(p, &u16, sizeof(u16)); 913 p += sizeof(u16); 914 o->len = (uint16_t)(o->len + sizeof(u16)); 915 } 916 } 917 for (l = 0, opt = ifo->dhcp6_override; 918 l < ifo->dhcp6_override_len; 919 l++, opt++) 920 { 921 if (!(opt->type & NOREQ) && 922 (opt->type & REQUEST || 923 has_option_mask(ifo->requestmask6, 924 opt->option))) 925 { 926 u16 = htons((uint16_t)opt->option); 927 memcpy(p, &u16, sizeof(u16)); 928 p += sizeof(u16); 929 o->len = (uint16_t)(o->len + sizeof(u16)); 930 } 931 } 932 if (dhcp6_findselfsla(ifp, NULL)) { 933 u16 = htons(D6_OPTION_PD_EXCLUDE); 934 memcpy(p, &u16, sizeof(u16)); 935 o->len = (uint16_t)(o->len + sizeof(u16)); 936 } 937 o->len = htons(o->len); 938 } 939 } 940 941 /* This has to be the last option */ 942 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) { 943 o = D6_NEXT_OPTION(o); 944 o->code = htons(D6_OPTION_AUTH); 945 o->len = htons((uint16_t)auth_len); 946 /* data will be filled at send message time */ 947 } 948 949 return 0; 950 } 951 952 static const char * 953 dhcp6_get_op(uint16_t type) 954 { 955 const struct dhcp6_op *d; 956 957 for (d = dhcp6_ops; d->name; d++) 958 if (d->type == type) 959 return d->name; 960 return NULL; 961 } 962 963 static void 964 dhcp6_freedrop_addrs(struct interface *ifp, int drop, 965 const struct interface *ifd) 966 { 967 struct dhcp6_state *state; 968 969 state = D6_STATE(ifp); 970 if (state) { 971 ipv6_freedrop_addrs(&state->addrs, drop, ifd); 972 if (drop) 973 ipv6_buildroutes(ifp->ctx); 974 } 975 } 976 977 static void dhcp6_delete_delegates(struct interface *ifp) 978 { 979 struct interface *ifp0; 980 981 if (ifp->ctx->ifaces) { 982 TAILQ_FOREACH(ifp0, ifp->ctx->ifaces, next) { 983 if (ifp0 != ifp) 984 dhcp6_freedrop_addrs(ifp0, 1, ifp); 985 } 986 } 987 } 988 989 static ssize_t 990 dhcp6_update_auth(struct interface *ifp, struct dhcp6_message *m, size_t len) 991 { 992 struct dhcp6_state *state; 993 const struct dhcp6_option *co; 994 struct dhcp6_option *o; 995 996 co = dhcp6_getmoption(D6_OPTION_AUTH, m, len); 997 if (co == NULL) 998 return -1; 999 1000 o = __UNCONST(co); 1001 state = D6_STATE(ifp); 1002 1003 return dhcp_auth_encode(&ifp->options->auth, state->auth.token, 1004 (uint8_t *)state->send, state->send_len, 1005 6, state->send->type, 1006 D6_OPTION_DATA(o), ntohs(o->len)); 1007 } 1008 1009 static int 1010 dhcp6_sendmessage(struct interface *ifp, void (*callback)(void *)) 1011 { 1012 struct dhcp6_state *state; 1013 struct ipv6_ctx *ctx; 1014 struct sockaddr_in6 dst; 1015 struct cmsghdr *cm; 1016 struct in6_pktinfo pi; 1017 struct timespec RTprev; 1018 double rnd; 1019 time_t ms; 1020 uint8_t neg; 1021 const char *broad_uni; 1022 const struct in6_addr alldhcp = IN6ADDR_LINKLOCAL_ALLDHCP_INIT; 1023 1024 memset(&dst, 0, sizeof(dst)); 1025 dst.sin6_family = AF_INET6; 1026 dst.sin6_port = htons(DHCP6_SERVER_PORT); 1027 #ifdef SIN6_LEN 1028 dst.sin6_len = sizeof(dst); 1029 #endif 1030 1031 state = D6_STATE(ifp); 1032 /* We need to ensure we have sufficient scope to unicast the address */ 1033 /* XXX FIXME: We should check any added addresses we have like from 1034 * a Router Advertisement */ 1035 if (IN6_IS_ADDR_UNSPECIFIED(&state->unicast) || 1036 (state->state == DH6S_REQUEST && 1037 (!IN6_IS_ADDR_LINKLOCAL(&state->unicast) || !ipv6_linklocal(ifp)))) 1038 { 1039 dst.sin6_addr = alldhcp; 1040 broad_uni = "broadcasting"; 1041 } else { 1042 dst.sin6_addr = state->unicast; 1043 broad_uni = "unicasting"; 1044 } 1045 1046 if (!callback) 1047 logger(ifp->ctx, LOG_DEBUG, 1048 "%s: %s %s with xid 0x%02x%02x%02x", 1049 ifp->name, 1050 broad_uni, 1051 dhcp6_get_op(state->send->type), 1052 state->send->xid[0], 1053 state->send->xid[1], 1054 state->send->xid[2]); 1055 else { 1056 if (state->IMD) { 1057 /* Some buggy PPP servers close the link too early 1058 * after sending an invalid status in their reply 1059 * which means this host won't see it. 1060 * 1 second grace seems to be the sweet spot. */ 1061 if (ifp->flags & IFF_POINTOPOINT) 1062 state->RT.tv_sec = 1; 1063 else 1064 state->RT.tv_sec = 0; 1065 state->RT.tv_nsec = (suseconds_t)arc4random_uniform( 1066 (uint32_t)(state->IMD * NSEC_PER_SEC)); 1067 timespecnorm(&state->RT); 1068 broad_uni = "delaying"; 1069 goto logsend; 1070 } 1071 if (state->RTC == 0) { 1072 RTprev.tv_sec = state->IRT; 1073 RTprev.tv_nsec = 0; 1074 state->RT.tv_sec = RTprev.tv_sec; 1075 state->RT.tv_nsec = 0; 1076 } else { 1077 RTprev = state->RT; 1078 timespecadd(&state->RT, &state->RT, &state->RT); 1079 } 1080 1081 rnd = DHCP6_RAND_MIN; 1082 rnd += (suseconds_t)arc4random_uniform( 1083 DHCP6_RAND_MAX - DHCP6_RAND_MIN); 1084 rnd /= MSEC_PER_SEC; 1085 neg = (rnd < 0.0); 1086 if (neg) 1087 rnd = -rnd; 1088 ts_to_ms(ms, &RTprev); 1089 ms = (time_t)((double)ms * rnd); 1090 ms_to_ts(&RTprev, ms); 1091 if (neg) 1092 timespecsub(&state->RT, &RTprev, &state->RT); 1093 else 1094 timespecadd(&state->RT, &RTprev, &state->RT); 1095 1096 if (state->RT.tv_sec > state->MRT) { 1097 RTprev.tv_sec = state->MRT; 1098 RTprev.tv_nsec = 0; 1099 state->RT.tv_sec = state->MRT; 1100 state->RT.tv_nsec = 0; 1101 ts_to_ms(ms, &RTprev); 1102 ms = (time_t)((double)ms * rnd); 1103 ms_to_ts(&RTprev, ms); 1104 if (neg) 1105 timespecsub(&state->RT, &RTprev, &state->RT); 1106 else 1107 timespecadd(&state->RT, &RTprev, &state->RT); 1108 } 1109 1110 logsend: 1111 logger(ifp->ctx, LOG_DEBUG, 1112 "%s: %s %s (xid 0x%02x%02x%02x)," 1113 " next in %0.1f seconds", 1114 ifp->name, 1115 broad_uni, 1116 dhcp6_get_op(state->send->type), 1117 state->send->xid[0], 1118 state->send->xid[1], 1119 state->send->xid[2], 1120 timespec_to_double(&state->RT)); 1121 1122 /* Wait the initial delay */ 1123 if (state->IMD) { 1124 state->IMD = 0; 1125 eloop_timeout_add_tv(ifp->ctx->eloop, 1126 &state->RT, callback, ifp); 1127 return 0; 1128 } 1129 } 1130 1131 /* Update the elapsed time */ 1132 dhcp6_updateelapsed(ifp, state->send, state->send_len); 1133 if (ifp->options->auth.options & DHCPCD_AUTH_SEND && 1134 dhcp6_update_auth(ifp, state->send, state->send_len) == -1) 1135 { 1136 logger(ifp->ctx, LOG_ERR, 1137 "%s: dhcp6_updateauth: %m", ifp->name); 1138 if (errno != ESRCH) 1139 return -1; 1140 } 1141 1142 ctx = ifp->ctx->ipv6; 1143 dst.sin6_scope_id = ifp->index; 1144 ctx->sndhdr.msg_name = (void *)&dst; 1145 ctx->sndhdr.msg_iov[0].iov_base = state->send; 1146 ctx->sndhdr.msg_iov[0].iov_len = state->send_len; 1147 1148 /* Set the outbound interface */ 1149 cm = CMSG_FIRSTHDR(&ctx->sndhdr); 1150 if (cm == NULL) /* unlikely */ 1151 return -1; 1152 cm->cmsg_level = IPPROTO_IPV6; 1153 cm->cmsg_type = IPV6_PKTINFO; 1154 cm->cmsg_len = CMSG_LEN(sizeof(pi)); 1155 memset(&pi, 0, sizeof(pi)); 1156 pi.ipi6_ifindex = ifp->index; 1157 memcpy(CMSG_DATA(cm), &pi, sizeof(pi)); 1158 1159 if (sendmsg(ctx->dhcp_fd, &ctx->sndhdr, 0) == -1) { 1160 logger(ifp->ctx, LOG_ERR, 1161 "%s: %s: sendmsg: %m", ifp->name, __func__); 1162 ifp->options->options &= ~DHCPCD_IPV6; 1163 dhcp6_drop(ifp, "EXPIRE6"); 1164 return -1; 1165 } 1166 1167 state->RTC++; 1168 if (callback) { 1169 if (state->MRC == 0 || state->RTC < state->MRC) 1170 eloop_timeout_add_tv(ifp->ctx->eloop, 1171 &state->RT, callback, ifp); 1172 else if (state->MRC != 0 && state->MRCcallback) 1173 eloop_timeout_add_tv(ifp->ctx->eloop, 1174 &state->RT, state->MRCcallback, ifp); 1175 else 1176 logger(ifp->ctx, LOG_WARNING, 1177 "%s: sent %d times with no reply", 1178 ifp->name, state->RTC); 1179 } 1180 return 0; 1181 } 1182 1183 static void 1184 dhcp6_sendinform(void *arg) 1185 { 1186 1187 dhcp6_sendmessage(arg, dhcp6_sendinform); 1188 } 1189 1190 static void 1191 dhcp6_senddiscover(void *arg) 1192 { 1193 1194 dhcp6_sendmessage(arg, dhcp6_senddiscover); 1195 } 1196 1197 static void 1198 dhcp6_sendrequest(void *arg) 1199 { 1200 1201 dhcp6_sendmessage(arg, dhcp6_sendrequest); 1202 } 1203 1204 static void 1205 dhcp6_sendrebind(void *arg) 1206 { 1207 1208 dhcp6_sendmessage(arg, dhcp6_sendrebind); 1209 } 1210 1211 static void 1212 dhcp6_sendrenew(void *arg) 1213 { 1214 1215 dhcp6_sendmessage(arg, dhcp6_sendrenew); 1216 } 1217 1218 static void 1219 dhcp6_sendconfirm(void *arg) 1220 { 1221 1222 dhcp6_sendmessage(arg, dhcp6_sendconfirm); 1223 } 1224 1225 /* 1226 static void 1227 dhcp6_sendrelease(void *arg) 1228 { 1229 1230 dhcp6_sendmessage(arg, dhcp6_sendrelease); 1231 } 1232 */ 1233 1234 static void 1235 dhcp6_startrenew(void *arg) 1236 { 1237 struct interface *ifp; 1238 struct dhcp6_state *state; 1239 1240 ifp = arg; 1241 state = D6_STATE(ifp); 1242 state->state = DH6S_RENEW; 1243 state->start_uptime = uptime(); 1244 state->RTC = 0; 1245 state->IRT = REN_TIMEOUT; 1246 state->MRT = REN_MAX_RT; 1247 state->MRC = 0; 1248 1249 if (dhcp6_makemessage(ifp) == -1) 1250 logger(ifp->ctx, LOG_ERR, 1251 "%s: dhcp6_makemessage: %m", ifp->name); 1252 else 1253 dhcp6_sendrenew(ifp); 1254 } 1255 1256 int 1257 dhcp6_dadcompleted(const struct interface *ifp) 1258 { 1259 const struct dhcp6_state *state; 1260 const struct ipv6_addr *ap; 1261 1262 state = D6_CSTATE(ifp); 1263 TAILQ_FOREACH(ap, &state->addrs, next) { 1264 if (ap->flags & IPV6_AF_ADDED && 1265 !(ap->flags & IPV6_AF_DADCOMPLETED)) 1266 return 0; 1267 } 1268 return 1; 1269 } 1270 1271 static void 1272 dhcp6_dadcallback(void *arg) 1273 { 1274 struct ipv6_addr *ap = arg; 1275 struct interface *ifp; 1276 struct dhcp6_state *state; 1277 int wascompleted, valid; 1278 1279 wascompleted = (ap->flags & IPV6_AF_DADCOMPLETED); 1280 ap->flags |= IPV6_AF_DADCOMPLETED; 1281 if (ap->flags & IPV6_AF_DUPLICATED) 1282 /* XXX FIXME 1283 * We should decline the address */ 1284 logger(ap->iface->ctx, LOG_WARNING, "%s: DAD detected %s", 1285 ap->iface->name, ap->saddr); 1286 1287 if (!wascompleted) { 1288 ifp = ap->iface; 1289 state = D6_STATE(ifp); 1290 if (state->state == DH6S_BOUND || 1291 state->state == DH6S_DELEGATED) 1292 { 1293 struct ipv6_addr *ap2; 1294 1295 valid = (ap->delegating_iface == NULL); 1296 TAILQ_FOREACH(ap2, &state->addrs, next) { 1297 if (ap2->flags & IPV6_AF_ADDED && 1298 !(ap2->flags & IPV6_AF_DADCOMPLETED)) 1299 { 1300 wascompleted = 1; 1301 break; 1302 } 1303 } 1304 if (!wascompleted) { 1305 logger(ap->iface->ctx, LOG_DEBUG, 1306 "%s: DHCPv6 DAD completed", ifp->name); 1307 script_runreason(ifp, 1308 ap->delegating_iface ? 1309 "DELEGATED6" : state->reason); 1310 if (valid) 1311 dhcpcd_daemonise(ifp->ctx); 1312 } 1313 } 1314 } 1315 } 1316 1317 static void 1318 dhcp6_addrequestedaddrs(struct interface *ifp) 1319 { 1320 struct dhcp6_state *state; 1321 size_t i; 1322 struct if_ia *ia; 1323 struct ipv6_addr *a; 1324 char iabuf[INET6_ADDRSTRLEN]; 1325 const char *iap; 1326 1327 state = D6_STATE(ifp); 1328 /* Add any requested prefixes / addresses */ 1329 for (i = 0; i < ifp->options->ia_len; i++) { 1330 ia = &ifp->options->ia[i]; 1331 if (!((ia->ia_type == D6_OPTION_IA_PD && ia->prefix_len) || 1332 !IN6_IS_ADDR_UNSPECIFIED(&ia->addr))) 1333 continue; 1334 a = calloc(1, sizeof(*a)); 1335 if (a == NULL) { 1336 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 1337 return; 1338 } 1339 a->flags = IPV6_AF_REQUEST; 1340 a->iface = ifp; 1341 a->dadcallback = dhcp6_dadcallback; 1342 memcpy(&a->iaid, &ia->iaid, sizeof(a->iaid)); 1343 a->ia_type = ia->ia_type; 1344 //a->prefix_pltime = 0; 1345 //a->prefix_vltime = 0; 1346 1347 if (ia->ia_type == D6_OPTION_IA_PD) { 1348 memcpy(&a->prefix, &ia->addr, sizeof(a->addr)); 1349 a->prefix_len = ia->prefix_len; 1350 iap = inet_ntop(AF_INET6, &a->prefix, 1351 iabuf, sizeof(iabuf)); 1352 } else { 1353 memcpy(&a->addr, &ia->addr, sizeof(a->addr)); 1354 /* 1355 * RFC 5942 Section 5 1356 * We cannot assume any prefix length, nor tie the 1357 * address to an existing one as it could expire 1358 * before the address. 1359 * As such we just give it a 128 prefix. 1360 */ 1361 a->prefix_len = 128; 1362 ipv6_makeprefix(&a->prefix, &a->addr, a->prefix_len); 1363 iap = inet_ntop(AF_INET6, &a->addr, 1364 iabuf, sizeof(iabuf)); 1365 } 1366 snprintf(a->saddr, sizeof(a->saddr), 1367 "%s/%d", iap, a->prefix_len); 1368 TAILQ_INSERT_TAIL(&state->addrs, a, next); 1369 } 1370 } 1371 1372 static void 1373 dhcp6_startdiscover(void *arg) 1374 { 1375 struct interface *ifp; 1376 struct dhcp6_state *state; 1377 1378 rpc_signal_status("Discover6"); 1379 ifp = arg; 1380 dhcp6_delete_delegates(ifp); 1381 logger(ifp->ctx, LOG_INFO, "%s: soliciting a DHCPv6 lease", ifp->name); 1382 state = D6_STATE(ifp); 1383 state->state = DH6S_DISCOVER; 1384 state->start_uptime = uptime(); 1385 state->RTC = 0; 1386 state->IMD = SOL_MAX_DELAY; 1387 state->IRT = SOL_TIMEOUT; 1388 state->MRT = state->sol_max_rt; 1389 state->MRC = 0; 1390 1391 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1392 free(state->new); 1393 state->new = NULL; 1394 state->new_len = 0; 1395 1396 dhcp6_freedrop_addrs(ifp, 0, NULL); 1397 unlink(state->leasefile); 1398 1399 dhcp6_addrequestedaddrs(ifp); 1400 1401 if (dhcp6_makemessage(ifp) == -1) 1402 logger(ifp->ctx, LOG_ERR, 1403 "%s: dhcp6_makemessage: %m", ifp->name); 1404 else 1405 dhcp6_senddiscover(ifp); 1406 } 1407 1408 static void 1409 dhcp6_failconfirm(void *arg) 1410 { 1411 struct interface *ifp; 1412 1413 ifp = arg; 1414 logger(ifp->ctx, LOG_ERR, 1415 "%s: failed to confirm prior address", ifp->name); 1416 /* Section 18.1.2 says that we SHOULD use the last known 1417 * IP address(s) and lifetimes if we didn't get a reply. 1418 * I disagree with this. */ 1419 dhcp6_startdiscover(ifp); 1420 } 1421 1422 static void 1423 dhcp6_failrequest(void *arg) 1424 { 1425 struct interface *ifp; 1426 1427 ifp = arg; 1428 logger(ifp->ctx, LOG_ERR, "%s: failed to request address", ifp->name); 1429 /* Section 18.1.1 says that client local policy dictates 1430 * what happens if a REQUEST fails. 1431 * Of the possible scenarios listed, moving back to the 1432 * DISCOVER phase makes more sense for us. */ 1433 dhcp6_startdiscover(ifp); 1434 } 1435 1436 static void 1437 dhcp6_failrebind(void *arg) 1438 { 1439 struct interface *ifp; 1440 1441 ifp = arg; 1442 logger(ifp->ctx, LOG_ERR, 1443 "%s: failed to rebind prior delegation", ifp->name); 1444 dhcp6_delete_delegates(ifp); 1445 /* Section 18.1.2 says that we SHOULD use the last known 1446 * IP address(s) and lifetimes if we didn't get a reply. 1447 * I disagree with this. */ 1448 dhcp6_startdiscover(ifp); 1449 } 1450 1451 1452 static int 1453 dhcp6_hasprefixdelegation(struct interface *ifp) 1454 { 1455 size_t i; 1456 uint16_t t; 1457 1458 if (ifp->options->options & DHCPCD_NOPFXDLG) 1459 return 0; 1460 1461 t = 0; 1462 for (i = 0; i < ifp->options->ia_len; i++) { 1463 if (t && t != ifp->options->ia[i].ia_type) { 1464 if (t == D6_OPTION_IA_PD || 1465 ifp->options->ia[i].ia_type == D6_OPTION_IA_PD) 1466 return 2; 1467 } 1468 t = ifp->options->ia[i].ia_type; 1469 } 1470 return t == D6_OPTION_IA_PD ? 1 : 0; 1471 } 1472 1473 static void 1474 dhcp6_startrebind(void *arg) 1475 { 1476 struct interface *ifp; 1477 struct dhcp6_state *state; 1478 int pd; 1479 1480 rpc_signal_status("Rebind6"); 1481 ifp = arg; 1482 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrenew, ifp); 1483 state = D6_STATE(ifp); 1484 if (state->state == DH6S_RENEW) 1485 logger(ifp->ctx, LOG_WARNING, 1486 "%s: failed to renew DHCPv6, rebinding", ifp->name); 1487 else 1488 logger(ifp->ctx, LOG_INFO, 1489 "%s: rebinding prior DHCPv6 lease", ifp->name); 1490 state->state = DH6S_REBIND; 1491 state->RTC = 0; 1492 state->MRC = 0; 1493 1494 /* RFC 3633 section 12.1 */ 1495 pd = dhcp6_hasprefixdelegation(ifp); 1496 if (pd) { 1497 state->IMD = CNF_MAX_DELAY; 1498 state->IRT = CNF_TIMEOUT; 1499 state->MRT = CNF_MAX_RT; 1500 } else { 1501 state->IRT = REB_TIMEOUT; 1502 state->MRT = REB_MAX_RT; 1503 } 1504 1505 if (dhcp6_makemessage(ifp) == -1) 1506 logger(ifp->ctx, LOG_ERR, 1507 "%s: dhcp6_makemessage: %m", ifp->name); 1508 else 1509 dhcp6_sendrebind(ifp); 1510 1511 /* RFC 3633 section 12.1 */ 1512 if (pd) 1513 eloop_timeout_add_sec(ifp->ctx->eloop, 1514 CNF_MAX_RD, dhcp6_failrebind, ifp); 1515 } 1516 1517 1518 static void 1519 dhcp6_startrequest(struct interface *ifp) 1520 { 1521 struct dhcp6_state *state; 1522 1523 rpc_signal_status("Request6"); 1524 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_senddiscover, ifp); 1525 state = D6_STATE(ifp); 1526 state->state = DH6S_REQUEST; 1527 state->RTC = 0; 1528 state->IRT = REQ_TIMEOUT; 1529 state->MRT = REQ_MAX_RT; 1530 state->MRC = REQ_MAX_RC; 1531 state->MRCcallback = dhcp6_failrequest; 1532 1533 if (dhcp6_makemessage(ifp) == -1) { 1534 logger(ifp->ctx, LOG_ERR, 1535 "%s: dhcp6_makemessage: %m", ifp->name); 1536 return; 1537 } 1538 1539 dhcp6_sendrequest(ifp); 1540 } 1541 1542 static void 1543 dhcp6_startconfirm(struct interface *ifp) 1544 { 1545 struct dhcp6_state *state; 1546 1547 rpc_signal_status("Confirm6"); 1548 state = D6_STATE(ifp); 1549 state->state = DH6S_CONFIRM; 1550 state->start_uptime = uptime(); 1551 state->RTC = 0; 1552 state->IMD = CNF_MAX_DELAY; 1553 state->IRT = CNF_TIMEOUT; 1554 state->MRT = CNF_MAX_RT; 1555 state->MRC = 0; 1556 1557 logger(ifp->ctx, LOG_INFO, 1558 "%s: confirming prior DHCPv6 lease", ifp->name); 1559 if (dhcp6_makemessage(ifp) == -1) { 1560 logger(ifp->ctx, LOG_ERR, 1561 "%s: dhcp6_makemessage: %m", ifp->name); 1562 return; 1563 } 1564 dhcp6_sendconfirm(ifp); 1565 eloop_timeout_add_sec(ifp->ctx->eloop, 1566 CNF_MAX_RD, dhcp6_failconfirm, ifp); 1567 } 1568 1569 static void 1570 dhcp6_startinform(void *arg) 1571 { 1572 struct interface *ifp; 1573 struct dhcp6_state *state; 1574 1575 rpc_signal_status("Inform6"); 1576 ifp = arg; 1577 state = D6_STATE(ifp); 1578 if (state->new == NULL || ifp->options->options & DHCPCD_DEBUG) 1579 logger(ifp->ctx, LOG_INFO, 1580 "%s: requesting DHCPv6 information", ifp->name); 1581 state->state = DH6S_INFORM; 1582 state->start_uptime = uptime(); 1583 state->RTC = 0; 1584 state->IMD = INF_MAX_DELAY; 1585 state->IRT = INF_TIMEOUT; 1586 state->MRT = state->inf_max_rt; 1587 state->MRC = 0; 1588 1589 if (dhcp6_makemessage(ifp) == -1) 1590 logger(ifp->ctx, LOG_ERR, 1591 "%s: dhcp6_makemessage: %m", ifp->name); 1592 else 1593 dhcp6_sendinform(ifp); 1594 } 1595 1596 static void 1597 dhcp6_startexpire(void *arg) 1598 { 1599 struct interface *ifp; 1600 1601 rpc_signal_status("Expire6"); 1602 ifp = arg; 1603 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrebind, ifp); 1604 1605 logger(ifp->ctx, LOG_ERR, "%s: DHCPv6 lease expired", ifp->name); 1606 dhcp6_freedrop_addrs(ifp, 1, NULL); 1607 dhcp6_delete_delegates(ifp); 1608 script_runreason(ifp, "EXPIRE6"); 1609 if (ipv6nd_hasradhcp(ifp) || dhcp6_hasprefixdelegation(ifp)) 1610 dhcp6_startdiscover(ifp); 1611 else 1612 logger(ifp->ctx, LOG_WARNING, 1613 "%s: no advertising IPv6 router wants DHCP", ifp->name); 1614 } 1615 1616 static void 1617 dhcp6_startrelease(struct interface *ifp) 1618 { 1619 struct dhcp6_state *state; 1620 1621 state = D6_STATE(ifp); 1622 if (state->state != DH6S_BOUND) 1623 return; 1624 1625 rpc_signal_status("Release6"); 1626 state->state = DH6S_RELEASE; 1627 state->start_uptime = uptime(); 1628 state->RTC = 0; 1629 state->IRT = REL_TIMEOUT; 1630 state->MRT = 0; 1631 state->MRC = REL_MAX_RC; 1632 //state->MRCcallback = dhcp6_failrelease; 1633 state->MRCcallback = NULL; 1634 1635 if (dhcp6_makemessage(ifp) == -1) 1636 logger(ifp->ctx, LOG_ERR, 1637 "%s: dhcp6_makemessage: %m", ifp->name); 1638 else 1639 /* XXX: We should loop a few times 1640 * Luckily RFC3315 section 18.1.6 says this is optional */ 1641 //dhcp6_sendrelease(ifp); 1642 dhcp6_sendmessage(ifp, NULL); 1643 } 1644 1645 static int 1646 dhcp6_checkstatusok(const struct interface *ifp, 1647 const struct dhcp6_message *m, const uint8_t *p, size_t len) 1648 { 1649 const struct dhcp6_option *o; 1650 uint16_t code; 1651 char *status; 1652 1653 if (p) 1654 o = dhcp6_findoption(D6_OPTION_STATUS_CODE, p, len); 1655 else 1656 o = dhcp6_getmoption(D6_OPTION_STATUS_CODE, m, len); 1657 if (o == NULL) { 1658 //logger(ifp->ctx, LOG_DEBUG, "%s: no status", ifp->name); 1659 return 0; 1660 } 1661 1662 len = ntohs(o->len); 1663 if (len < sizeof(code)) { 1664 logger(ifp->ctx, LOG_ERR, "%s: status truncated", ifp->name); 1665 return -1; 1666 } 1667 1668 p = D6_COPTION_DATA(o); 1669 memcpy(&code, p, sizeof(code)); 1670 code = ntohs(code); 1671 if (code == D6_STATUS_OK) 1672 return 1; 1673 1674 len -= sizeof(code); 1675 1676 if (len == 0) { 1677 if (code < sizeof(dhcp6_statuses) / sizeof(char *)) { 1678 p = (const uint8_t *)dhcp6_statuses[code]; 1679 len = strlen((const char *)p); 1680 } else 1681 p = NULL; 1682 } else 1683 p += sizeof(code); 1684 1685 status = malloc(len + 1); 1686 if (status == NULL) { 1687 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 1688 return -1; 1689 } 1690 if (p) 1691 memcpy(status, p, len); 1692 status[len] = '\0'; 1693 logger(ifp->ctx, LOG_ERR, "%s: DHCPv6 REPLY: %s", ifp->name, status); 1694 free(status); 1695 return -1; 1696 } 1697 1698 static struct ipv6_addr * 1699 dhcp6_iffindaddr(struct interface *ifp, const struct in6_addr *addr, 1700 short flags) 1701 { 1702 struct dhcp6_state *state; 1703 struct ipv6_addr *ap; 1704 1705 state = D6_STATE(ifp); 1706 if (state) { 1707 TAILQ_FOREACH(ap, &state->addrs, next) { 1708 if (addr == NULL) { 1709 if ((ap->flags & 1710 (IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED)) == 1711 (IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED)) 1712 return ap; 1713 } else if (ap->prefix_vltime && 1714 IN6_ARE_ADDR_EQUAL(&ap->addr, addr) && 1715 (!flags || ap->flags & flags)) 1716 return ap; 1717 } 1718 } 1719 return NULL; 1720 } 1721 1722 struct ipv6_addr * 1723 dhcp6_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr, 1724 short flags) 1725 { 1726 struct interface *ifp; 1727 struct ipv6_addr *ap; 1728 1729 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 1730 ap = dhcp6_iffindaddr(ifp, addr, flags); 1731 if (ap) 1732 return ap; 1733 } 1734 return NULL; 1735 } 1736 1737 static int 1738 dhcp6_findna(struct interface *ifp, uint16_t ot, const uint8_t *iaid, 1739 const uint8_t *d, size_t l, const struct timespec *acquired) 1740 { 1741 struct dhcp6_state *state; 1742 const struct dhcp6_option *o; 1743 struct ipv6_addr *a; 1744 char iabuf[INET6_ADDRSTRLEN]; 1745 const char *ia; 1746 int i; 1747 uint32_t u32; 1748 size_t off; 1749 const struct dhcp6_ia_addr *iap; 1750 1751 i = 0; 1752 state = D6_STATE(ifp); 1753 while ((o = dhcp6_findoption(D6_OPTION_IA_ADDR, d, l))) { 1754 off = (size_t)((const uint8_t *)o - d); 1755 l -= off; 1756 d += off; 1757 u32 = ntohs(o->len); 1758 l -= sizeof(*o) + u32; 1759 d += sizeof(*o) + u32; 1760 if (u32 < 24) { 1761 errno = EINVAL; 1762 logger(ifp->ctx, LOG_ERR, 1763 "%s: IA Address option truncated", ifp->name); 1764 continue; 1765 } 1766 iap = (const struct dhcp6_ia_addr *)D6_COPTION_DATA(o); 1767 a = dhcp6_iffindaddr(ifp, &iap->addr, 0); 1768 if (a == NULL) { 1769 a = calloc(1, sizeof(*a)); 1770 if (a == NULL) { 1771 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 1772 break; 1773 } 1774 a->iface = ifp; 1775 a->flags = IPV6_AF_NEW | IPV6_AF_ONLINK; 1776 a->dadcallback = dhcp6_dadcallback; 1777 a->ia_type = ot; 1778 memcpy(a->iaid, iaid, sizeof(a->iaid)); 1779 a->addr = iap->addr; 1780 a->created = *acquired; 1781 1782 /* 1783 * RFC 5942 Section 5 1784 * We cannot assume any prefix length, nor tie the 1785 * address to an existing one as it could expire 1786 * before the address. 1787 * As such we just give it a 128 prefix. 1788 */ 1789 a->prefix_len = 128; 1790 ipv6_makeprefix(&a->prefix, &a->addr, a->prefix_len); 1791 ia = inet_ntop(AF_INET6, &a->addr, 1792 iabuf, sizeof(iabuf)); 1793 snprintf(a->saddr, sizeof(a->saddr), 1794 "%s/%d", ia, a->prefix_len); 1795 1796 TAILQ_INSERT_TAIL(&state->addrs, a, next); 1797 } else { 1798 if (!(a->flags & IPV6_AF_ONLINK)) 1799 a->flags |= IPV6_AF_ONLINK | IPV6_AF_NEW; 1800 a->flags &= ~IPV6_AF_STALE; 1801 } 1802 a->acquired = *acquired; 1803 a->prefix_pltime = ntohl(iap->pltime); 1804 u32 = ntohl(iap->vltime); 1805 if (a->prefix_vltime != u32) { 1806 a->flags |= IPV6_AF_NEW; 1807 a->prefix_vltime = u32; 1808 } 1809 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 1810 state->lowpl = a->prefix_pltime; 1811 if (a->prefix_vltime && a->prefix_vltime > state->expire) 1812 state->expire = a->prefix_vltime; 1813 i++; 1814 } 1815 return i; 1816 } 1817 1818 static int 1819 dhcp6_findpd(struct interface *ifp, const uint8_t *iaid, 1820 const uint8_t *d, size_t l, const struct timespec *acquired) 1821 { 1822 struct dhcp6_state *state; 1823 const struct dhcp6_option *o, *ex; 1824 const uint8_t *p, *op; 1825 struct ipv6_addr *a; 1826 char iabuf[INET6_ADDRSTRLEN]; 1827 const char *ia; 1828 int i; 1829 uint8_t u8, *pw; 1830 size_t off; 1831 uint16_t ol; 1832 const struct dhcp6_pd_addr *pdp; 1833 1834 i = 0; 1835 state = D6_STATE(ifp); 1836 while ((o = dhcp6_findoption(D6_OPTION_IAPREFIX, d, l))) { 1837 off = (size_t)((const uint8_t *)o - d); 1838 l -= off; 1839 d += off; 1840 ol = ntohs(o->len); 1841 l -= sizeof(*o) + ol; 1842 d += sizeof(*o) + ol; 1843 if (ol < sizeof(*pdp)) { 1844 errno = EINVAL; 1845 logger(ifp->ctx, LOG_ERR, 1846 "%s: IA Prefix option truncated", ifp->name); 1847 continue; 1848 } 1849 1850 pdp = (const struct dhcp6_pd_addr *)D6_COPTION_DATA(o); 1851 TAILQ_FOREACH(a, &state->addrs, next) { 1852 if (IN6_ARE_ADDR_EQUAL(&a->prefix, &pdp->prefix)) 1853 break; 1854 } 1855 if (a == NULL) { 1856 a = calloc(1, sizeof(*a)); 1857 if (a == NULL) { 1858 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 1859 break; 1860 } 1861 a->iface = ifp; 1862 a->flags = IPV6_AF_NEW | IPV6_AF_DELEGATEDPFX; 1863 a->created = *acquired; 1864 a->dadcallback = dhcp6_dadcallback; 1865 a->ia_type = D6_OPTION_IA_PD; 1866 memcpy(a->iaid, iaid, sizeof(a->iaid)); 1867 a->prefix = pdp->prefix; 1868 a->prefix_len = pdp->prefix_len; 1869 ia = inet_ntop(AF_INET6, &a->prefix, 1870 iabuf, sizeof(iabuf)); 1871 snprintf(a->saddr, sizeof(a->saddr), 1872 "%s/%d", ia, a->prefix_len); 1873 TAILQ_INSERT_TAIL(&state->addrs, a, next); 1874 } else { 1875 if (!(a->flags & IPV6_AF_DELEGATEDPFX)) 1876 a->flags |= IPV6_AF_NEW | IPV6_AF_DELEGATEDPFX; 1877 a->flags &= ~(IPV6_AF_STALE | IPV6_AF_REQUEST); 1878 if (a->prefix_vltime != ntohl(pdp->vltime)) 1879 a->flags |= IPV6_AF_NEW; 1880 } 1881 1882 a->acquired = *acquired; 1883 a->prefix_pltime = ntohl(pdp->pltime); 1884 a->prefix_vltime = ntohl(pdp->vltime); 1885 1886 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 1887 state->lowpl = a->prefix_pltime; 1888 if (a->prefix_vltime && a->prefix_vltime > state->expire) 1889 state->expire = a->prefix_vltime; 1890 i++; 1891 1892 p = D6_COPTION_DATA(o) + sizeof(pdp); 1893 ol = (uint16_t)(ol - sizeof(pdp)); 1894 ex = dhcp6_findoption(D6_OPTION_PD_EXCLUDE, p, ol); 1895 a->prefix_exclude_len = 0; 1896 memset(&a->prefix_exclude, 0, sizeof(a->prefix_exclude)); 1897 #if 0 1898 if (ex == NULL) { 1899 struct dhcp6_option *w; 1900 uint8_t *wp; 1901 1902 w = calloc(1, 128); 1903 w->len = htons(2); 1904 wp = D6_OPTION_DATA(w); 1905 *wp++ = 64; 1906 *wp++ = 0x78; 1907 ex = w; 1908 } 1909 #endif 1910 if (ex == NULL) 1911 continue; 1912 ol = ntohs(ex->len); 1913 if (ol < 2) { 1914 logger(ifp->ctx, LOG_ERR, 1915 "%s: truncated PD Exclude", ifp->name); 1916 continue; 1917 } 1918 op = D6_COPTION_DATA(ex); 1919 a->prefix_exclude_len = *op++; 1920 ol--; 1921 if (((a->prefix_exclude_len - a->prefix_len - 1) / NBBY) + 1 1922 != ol) 1923 { 1924 logger(ifp->ctx, LOG_ERR, 1925 "%s: PD Exclude length mismatch", ifp->name); 1926 a->prefix_exclude_len = 0; 1927 continue; 1928 } 1929 u8 = a->prefix_len % NBBY; 1930 memcpy(&a->prefix_exclude, &a->prefix, 1931 sizeof(a->prefix_exclude)); 1932 if (u8) 1933 ol--; 1934 pw = a->prefix_exclude.s6_addr + 1935 (a->prefix_exclude_len / NBBY) - 1; 1936 while (ol-- > 0) 1937 *pw-- = *op++; 1938 if (u8) 1939 *pw = (uint8_t)(*pw | (*op >> u8)); 1940 } 1941 return i; 1942 } 1943 1944 static int 1945 dhcp6_findia(struct interface *ifp, const struct dhcp6_message *m, size_t l, 1946 const char *sfrom, const struct timespec *acquired) 1947 { 1948 struct dhcp6_state *state; 1949 const struct if_options *ifo; 1950 const struct dhcp6_option *o; 1951 const uint8_t *p; 1952 int i, e; 1953 size_t j; 1954 uint32_t u32, renew, rebind; 1955 uint16_t code, ol; 1956 uint8_t iaid[4]; 1957 char buf[sizeof(iaid) * 3]; 1958 struct ipv6_addr *ap, *nap; 1959 1960 if (l < sizeof(*m)) { 1961 /* Should be impossible with guards at packet in 1962 * and reading leases */ 1963 errno = EINVAL; 1964 return -1; 1965 } 1966 1967 ifo = ifp->options; 1968 i = e = 0; 1969 state = D6_STATE(ifp); 1970 TAILQ_FOREACH(ap, &state->addrs, next) { 1971 ap->flags |= IPV6_AF_STALE; 1972 } 1973 l -= sizeof(*m); 1974 for (o = D6_CFIRST_OPTION(m); l > sizeof(*o); o = D6_CNEXT_OPTION(o)) { 1975 ol = ntohs(o->len); 1976 if (sizeof(*o) + ol > l) { 1977 errno = EINVAL; 1978 logger(ifp->ctx, LOG_ERR, 1979 "%s: option overflow", ifp->name); 1980 break; 1981 } 1982 l -= sizeof(*o) + ol; 1983 1984 code = ntohs(o->code); 1985 switch(code) { 1986 case D6_OPTION_IA_TA: 1987 u32 = 4; 1988 break; 1989 case D6_OPTION_IA_NA: 1990 case D6_OPTION_IA_PD: 1991 u32 = 12; 1992 break; 1993 default: 1994 continue; 1995 } 1996 if (ol < u32) { 1997 errno = EINVAL; 1998 logger(ifp->ctx, LOG_ERR, 1999 "%s: IA option truncated", ifp->name); 2000 continue; 2001 } 2002 2003 p = D6_COPTION_DATA(o); 2004 memcpy(iaid, p, sizeof(iaid)); 2005 p += sizeof(iaid); 2006 ol = (uint16_t)(ol - sizeof(iaid)); 2007 2008 for (j = 0; j < ifo->ia_len; j++) { 2009 if (memcmp(&ifo->ia[j].iaid, iaid, sizeof(iaid)) == 0) 2010 break; 2011 } 2012 if (j == ifo->ia_len && 2013 !(ifo->ia_len == 0 && ifp->ctx->options & DHCPCD_DUMPLEASE)) 2014 { 2015 logger(ifp->ctx, LOG_DEBUG, 2016 "%s: ignoring unrequested IAID %s", 2017 ifp->name, 2018 hwaddr_ntoa(iaid, sizeof(iaid), buf, sizeof(buf))); 2019 continue; 2020 } 2021 if ( j < ifo->ia_len && ifo->ia[j].ia_type != code) { 2022 logger(ifp->ctx, LOG_ERR, 2023 "%s: IAID %s: option type mismatch", 2024 ifp->name, 2025 hwaddr_ntoa(iaid, sizeof(iaid), buf, sizeof(buf))); 2026 continue; 2027 } 2028 2029 if (code != D6_OPTION_IA_TA) { 2030 memcpy(&u32, p, sizeof(u32)); 2031 renew = ntohl(u32); 2032 p += sizeof(u32); 2033 ol = (uint16_t)(ol - sizeof(u32)); 2034 memcpy(&u32, p, sizeof(u32)); 2035 rebind = ntohl(u32); 2036 p += sizeof(u32); 2037 ol = (uint16_t)(ol - sizeof(u32)); 2038 } else 2039 renew = rebind = 0; /* appease gcc */ 2040 if (dhcp6_checkstatusok(ifp, NULL, p, ol) == -1) { 2041 e = 1; 2042 continue; 2043 } 2044 if (code == D6_OPTION_IA_PD) { 2045 if (!(ifo->options & DHCPCD_NOPFXDLG) && 2046 dhcp6_findpd(ifp, iaid, p, ol, acquired) == 0) 2047 { 2048 logger(ifp->ctx, LOG_WARNING, 2049 "%s: %s: DHCPv6 REPLY missing Prefix", 2050 ifp->name, sfrom); 2051 continue; 2052 } 2053 } else if (!(ifo->options & DHCPCD_PFXDLGONLY)) { 2054 if (dhcp6_findna(ifp, code, iaid, p, ol, acquired) == 0) 2055 { 2056 logger(ifp->ctx, LOG_WARNING, 2057 "%s: %s: DHCPv6 REPLY missing IA Address", 2058 ifp->name, sfrom); 2059 continue; 2060 } 2061 } 2062 if (code != D6_OPTION_IA_TA) { 2063 if (renew > rebind && rebind > 0) { 2064 if (sfrom) 2065 logger(ifp->ctx, LOG_WARNING, 2066 "%s: T1 (%d) > T2 (%d) from %s", 2067 ifp->name, renew, rebind, sfrom); 2068 renew = 0; 2069 rebind = 0; 2070 } 2071 if (renew != 0 && 2072 (renew < state->renew || state->renew == 0)) 2073 state->renew = renew; 2074 if (rebind != 0 && 2075 (rebind < state->rebind || state->rebind == 0)) 2076 state->rebind = rebind; 2077 } 2078 i++; 2079 } 2080 TAILQ_FOREACH_SAFE(ap, &state->addrs, next, nap) { 2081 if (ap->flags & IPV6_AF_STALE) { 2082 eloop_q_timeout_delete(ifp->ctx->eloop, 0, NULL, ap); 2083 if (ap->flags & IPV6_AF_REQUEST) { 2084 ap->prefix_vltime = ap->prefix_pltime = 0; 2085 } else { 2086 TAILQ_REMOVE(&state->addrs, ap, next); 2087 free(ap); 2088 } 2089 } 2090 } 2091 if (i == 0 && e) 2092 return -1; 2093 return i; 2094 } 2095 2096 static int 2097 dhcp6_validatelease(struct interface *ifp, 2098 const struct dhcp6_message *m, size_t len, 2099 const char *sfrom, const struct timespec *acquired) 2100 { 2101 struct dhcp6_state *state; 2102 int nia; 2103 struct timespec aq; 2104 2105 if (len <= sizeof(*m)) { 2106 logger(ifp->ctx, LOG_ERR, 2107 "%s: DHCPv6 lease truncated", ifp->name); 2108 return -1; 2109 } 2110 2111 state = D6_STATE(ifp); 2112 if (dhcp6_checkstatusok(ifp, m, NULL, len) == -1) 2113 return -1; 2114 2115 state->renew = state->rebind = state->expire = 0; 2116 state->lowpl = ND6_INFINITE_LIFETIME; 2117 if (!acquired) { 2118 get_monotonic(&aq); 2119 acquired = &aq; 2120 } 2121 nia = dhcp6_findia(ifp, m, len, sfrom, acquired); 2122 if (nia == 0) { 2123 logger(ifp->ctx, LOG_ERR, 2124 "%s: no useable IA found in lease", ifp->name); 2125 return -1; 2126 } 2127 return nia; 2128 } 2129 2130 static ssize_t 2131 dhcp6_writelease(const struct interface *ifp) 2132 { 2133 const struct dhcp6_state *state; 2134 int fd; 2135 ssize_t bytes; 2136 2137 state = D6_CSTATE(ifp); 2138 logger(ifp->ctx, LOG_DEBUG, 2139 "%s: writing lease `%s'", ifp->name, state->leasefile); 2140 2141 fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644); 2142 if (fd == -1) { 2143 logger(ifp->ctx, LOG_ERR, "%s: dhcp6_writelease: %m", ifp->name); 2144 return -1; 2145 } 2146 bytes = write(fd, state->new, state->new_len); 2147 close(fd); 2148 return bytes; 2149 } 2150 2151 static int 2152 dhcp6_readlease(struct interface *ifp, int validate) 2153 { 2154 struct dhcp6_state *state; 2155 struct stat st; 2156 int fd; 2157 ssize_t bytes; 2158 const struct dhcp6_option *o; 2159 struct timespec acquired; 2160 time_t now; 2161 int retval; 2162 2163 state = D6_STATE(ifp); 2164 if (stat(state->leasefile, &st) == -1) 2165 return -1; 2166 logger(ifp->ctx, LOG_DEBUG, "%s: reading lease `%s'", 2167 ifp->name, state->leasefile); 2168 if (st.st_size > UINT32_MAX) { 2169 errno = E2BIG; 2170 return -1; 2171 } 2172 if ((fd = open(state->leasefile, O_RDONLY)) == -1) 2173 return -1; 2174 if ((state->new = malloc((size_t)st.st_size)) == NULL) 2175 return -1; 2176 retval = -1; 2177 state->new_len = (size_t)st.st_size; 2178 bytes = read(fd, state->new, state->new_len); 2179 close(fd); 2180 if (bytes != (ssize_t)state->new_len) 2181 goto ex; 2182 2183 /* If not validating IA's and if they have expired, 2184 * skip to the auth check. */ 2185 if (!validate) { 2186 fd = 0; 2187 goto auth; 2188 } 2189 2190 if ((now = time(NULL)) == -1) 2191 goto ex; 2192 2193 get_monotonic(&acquired); 2194 acquired.tv_sec -= now - st.st_mtime; 2195 2196 /* Check to see if the lease is still valid */ 2197 fd = dhcp6_validatelease(ifp, state->new, state->new_len, NULL, 2198 &acquired); 2199 if (fd == -1) 2200 goto ex; 2201 2202 if (!(ifp->ctx->options & DHCPCD_DUMPLEASE) && 2203 state->expire != ND6_INFINITE_LIFETIME) 2204 { 2205 if ((time_t)state->expire < now - st.st_mtime) { 2206 logger(ifp->ctx, 2207 LOG_DEBUG,"%s: discarding expired lease", 2208 ifp->name); 2209 retval = 0; 2210 goto ex; 2211 } 2212 } 2213 2214 auth: 2215 2216 retval = 0; 2217 /* Authenticate the message */ 2218 o = dhcp6_getmoption(D6_OPTION_AUTH, state->new, state->new_len); 2219 if (o) { 2220 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 2221 (uint8_t *)state->new, state->new_len, 6, state->new->type, 2222 D6_COPTION_DATA(o), ntohs(o->len)) == NULL) 2223 { 2224 logger(ifp->ctx, LOG_DEBUG, 2225 "%s: dhcp_auth_validate: %m", ifp->name); 2226 logger(ifp->ctx, LOG_ERR, 2227 "%s: authentication failed", ifp->name); 2228 goto ex; 2229 } 2230 if (state->auth.token) 2231 logger(ifp->ctx, LOG_DEBUG, 2232 "%s: validated using 0x%08" PRIu32, 2233 ifp->name, state->auth.token->secretid); 2234 else 2235 logger(ifp->ctx, LOG_DEBUG, 2236 "%s: accepted reconfigure key", ifp->name); 2237 } else if (ifp->options->auth.options & DHCPCD_AUTH_REQUIRE) { 2238 logger(ifp->ctx, LOG_ERR, 2239 "%s: authentication now required", ifp->name); 2240 goto ex; 2241 } 2242 2243 return fd; 2244 2245 ex: 2246 dhcp6_freedrop_addrs(ifp, 0, NULL); 2247 free(state->new); 2248 state->new = NULL; 2249 state->new_len = 0; 2250 if (!(ifp->ctx->options & DHCPCD_DUMPLEASE)) 2251 unlink(state->leasefile); 2252 return retval; 2253 } 2254 2255 static void 2256 dhcp6_startinit(struct interface *ifp) 2257 { 2258 struct dhcp6_state *state; 2259 int r; 2260 uint8_t has_ta, has_non_ta; 2261 size_t i; 2262 2263 state = D6_STATE(ifp); 2264 state->state = DH6S_INIT; 2265 state->expire = ND6_INFINITE_LIFETIME; 2266 state->lowpl = ND6_INFINITE_LIFETIME; 2267 2268 dhcp6_addrequestedaddrs(ifp); 2269 has_ta = has_non_ta = 0; 2270 for (i = 0; i < ifp->options->ia_len; i++) { 2271 switch (ifp->options->ia[i].ia_type) { 2272 case D6_OPTION_IA_TA: 2273 has_ta = 1; 2274 break; 2275 default: 2276 has_non_ta = 1; 2277 } 2278 } 2279 2280 if (!(ifp->ctx->options & DHCPCD_TEST) && 2281 !(has_ta && !has_non_ta) && 2282 ifp->options->reboot != 0) 2283 { 2284 r = dhcp6_readlease(ifp, 1); 2285 if (r == -1) { 2286 if (errno != ENOENT) 2287 logger(ifp->ctx, LOG_ERR, 2288 "%s: dhcp6_readlease: %s: %m", 2289 ifp->name, state->leasefile); 2290 } else if (r != 0) { 2291 /* RFC 3633 section 12.1 */ 2292 if (dhcp6_hasprefixdelegation(ifp)) 2293 dhcp6_startrebind(ifp); 2294 else 2295 dhcp6_startconfirm(ifp); 2296 return; 2297 } 2298 } 2299 dhcp6_startdiscover(ifp); 2300 } 2301 2302 static struct ipv6_addr * 2303 dhcp6_ifdelegateaddr(struct interface *ifp, struct ipv6_addr *prefix, 2304 const struct if_sla *sla, struct if_ia *ia, struct interface *ifs) 2305 { 2306 struct dhcp6_state *state; 2307 struct in6_addr addr; 2308 struct ipv6_addr *a, *ap, *apn; 2309 char sabuf[INET6_ADDRSTRLEN]; 2310 const char *sa; 2311 int pfxlen; 2312 2313 /* RFC6603 Section 4.2 */ 2314 if (strcmp(ifp->name, ifs->name) == 0) { 2315 if (prefix->prefix_exclude_len == 0) { 2316 /* Don't spam the log automatically */ 2317 if (sla) 2318 logger(ifp->ctx, LOG_WARNING, 2319 "%s: DHCPv6 server does not support " 2320 "OPTION_PD_EXCLUDE", 2321 ifp->name); 2322 return NULL; 2323 } 2324 pfxlen = prefix->prefix_exclude_len; 2325 memcpy(&addr, &prefix->prefix_exclude, sizeof(addr)); 2326 } else if ((pfxlen = dhcp6_delegateaddr(&addr, ifp, prefix, 2327 sla, ia)) == -1) 2328 return NULL; 2329 2330 2331 a = calloc(1, sizeof(*a)); 2332 if (a == NULL) { 2333 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 2334 return NULL; 2335 } 2336 a->iface = ifp; 2337 a->flags = IPV6_AF_NEW | IPV6_AF_ONLINK; 2338 a->dadcallback = dhcp6_dadcallback; 2339 a->delegating_iface = ifs; 2340 memcpy(&a->iaid, &prefix->iaid, sizeof(a->iaid)); 2341 a->created = a->acquired = prefix->acquired; 2342 a->prefix_pltime = prefix->prefix_pltime; 2343 a->prefix_vltime = prefix->prefix_vltime; 2344 a->prefix = addr; 2345 a->prefix_len = (uint8_t)pfxlen; 2346 2347 /* Wang a 1 at the end as the prefix could be >64 2348 * making SLAAC impossible. */ 2349 a->addr = a->prefix; 2350 a->addr.s6_addr[sizeof(a->addr.s6_addr) - 1] = 2351 (uint8_t)(a->addr.s6_addr[sizeof(a->addr.s6_addr) - 1] + 1); 2352 2353 state = D6_STATE(ifp); 2354 /* Remove any exiting address */ 2355 TAILQ_FOREACH_SAFE(ap, &state->addrs, next, apn) { 2356 if (IN6_ARE_ADDR_EQUAL(&ap->addr, &a->addr)) { 2357 TAILQ_REMOVE(&state->addrs, ap, next); 2358 /* Keep our flags */ 2359 a->flags |= ap->flags; 2360 a->flags &= ~IPV6_AF_NEW; 2361 a->created = ap->created; 2362 ipv6_freeaddr(ap); 2363 } 2364 } 2365 2366 sa = inet_ntop(AF_INET6, &a->addr, sabuf, sizeof(sabuf)); 2367 snprintf(a->saddr, sizeof(a->saddr), "%s/%d", sa, a->prefix_len); 2368 TAILQ_INSERT_TAIL(&state->addrs, a, next); 2369 return a; 2370 } 2371 2372 static void 2373 dhcp6_script_try_run(struct interface *ifp, int delegated) 2374 { 2375 struct dhcp6_state *state; 2376 struct ipv6_addr *ap; 2377 int completed; 2378 2379 state = D6_STATE(ifp); 2380 completed = 1; 2381 /* If all addresses have completed DAD run the script */ 2382 TAILQ_FOREACH(ap, &state->addrs, next) { 2383 if (!(ap->flags & IPV6_AF_ADDED)) 2384 continue; 2385 if (ap->flags & IPV6_AF_ONLINK) { 2386 if (!(ap->flags & IPV6_AF_DADCOMPLETED) && 2387 ipv6_iffindaddr(ap->iface, &ap->addr)) 2388 ap->flags |= IPV6_AF_DADCOMPLETED; 2389 if ((ap->flags & IPV6_AF_DADCOMPLETED) == 0 && 2390 ((delegated && ap->delegating_iface) || 2391 (!delegated && !ap->delegating_iface))) 2392 { 2393 completed = 0; 2394 break; 2395 } 2396 } 2397 } 2398 if (completed) { 2399 script_runreason(ifp, delegated ? "DELEGATED6" : state->reason); 2400 if (!delegated) 2401 dhcpcd_daemonise(ifp->ctx); 2402 } else 2403 logger(ifp->ctx, LOG_DEBUG, 2404 "%s: waiting for DHCPv6 DAD to complete", ifp->name); 2405 } 2406 2407 static void 2408 dhcp6_delegate_prefix(struct interface *ifp) 2409 { 2410 struct if_options *ifo; 2411 struct dhcp6_state *state, *ifd_state; 2412 struct ipv6_addr *ap; 2413 size_t i, j, k; 2414 struct if_ia *ia; 2415 struct if_sla *sla; 2416 struct interface *ifd; 2417 uint8_t carrier_warned, abrt; 2418 2419 ifo = ifp->options; 2420 state = D6_STATE(ifp); 2421 2422 /* Try to load configured interfaces for delegation that do not exist */ 2423 for (i = 0; i < ifo->ia_len; i++) { 2424 ia = &ifo->ia[i]; 2425 for (j = 0; j < ia->sla_len; j++) { 2426 sla = &ia->sla[j]; 2427 for (k = 0; k < i; j++) 2428 if (strcmp(sla->ifname, ia->sla[j].ifname) == 0) 2429 break; 2430 if (j >= i && 2431 if_find(ifp->ctx->ifaces, sla->ifname) == NULL) 2432 { 2433 logger(ifp->ctx, LOG_INFO, 2434 "%s: loading for delegation", sla->ifname); 2435 if (dhcpcd_handleinterface(ifp->ctx, 2, 2436 sla->ifname) == -1) 2437 logger(ifp->ctx, LOG_ERR, 2438 "%s: interface does not exist" 2439 " for delegation", 2440 sla->ifname); 2441 } 2442 } 2443 } 2444 2445 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 2446 if (ifd->options->options & DHCPCD_NOPFXDLG) 2447 continue; 2448 k = 0; 2449 carrier_warned = abrt = 0; 2450 TAILQ_FOREACH(ap, &state->addrs, next) { 2451 if (!(ap->flags & IPV6_AF_DELEGATEDPFX)) 2452 continue; 2453 if (ap->flags & IPV6_AF_NEW) { 2454 ap->flags &= ~IPV6_AF_NEW; 2455 logger(ifp->ctx, LOG_DEBUG, 2456 "%s: delegated prefix %s", 2457 ifp->name, ap->saddr); 2458 } 2459 for (i = 0; i < ifo->ia_len; i++) { 2460 ia = &ifo->ia[i]; 2461 if (memcmp(ia->iaid, ap->iaid, 2462 sizeof(ia->iaid))) 2463 continue; 2464 if (ia->sla_len == 0) { 2465 /* no SLA configured, so lets 2466 * automate it */ 2467 if (ifd->carrier != LINK_UP) { 2468 logger(ifp->ctx, LOG_DEBUG, 2469 "%s: has no carrier, cannot" 2470 " delegate addresses", 2471 ifd->name); 2472 carrier_warned = 1; 2473 break; 2474 } 2475 if (dhcp6_ifdelegateaddr(ifd, ap, 2476 NULL, ia, ifp)) 2477 k++; 2478 } 2479 for (j = 0; j < ia->sla_len; j++) { 2480 sla = &ia->sla[j]; 2481 if (sla->sla_set && sla->sla == 0) 2482 ap->flags |= 2483 IPV6_AF_DELEGATEDZERO; 2484 if (strcmp(ifd->name, sla->ifname)) 2485 continue; 2486 if (ifd->carrier != LINK_UP) { 2487 logger(ifp->ctx, LOG_DEBUG, 2488 "%s: has no carrier, cannot" 2489 " delegate addresses", 2490 ifd->name); 2491 carrier_warned = 1; 2492 break; 2493 } 2494 if (dhcp6_ifdelegateaddr(ifd, ap, 2495 sla, ia, ifp)) 2496 k++; 2497 } 2498 if (carrier_warned ||abrt) 2499 break; 2500 } 2501 if (carrier_warned || abrt) 2502 break; 2503 } 2504 if (k && !carrier_warned) { 2505 ifd_state = D6_STATE(ifd); 2506 ipv6_addaddrs(&ifd_state->addrs); 2507 if_initrt6(ifd); 2508 dhcp6_script_try_run(ifd, 1); 2509 } 2510 } 2511 } 2512 2513 static void 2514 dhcp6_find_delegates1(void *arg) 2515 { 2516 2517 dhcp6_find_delegates(arg); 2518 } 2519 2520 size_t 2521 dhcp6_find_delegates(struct interface *ifp) 2522 { 2523 struct if_options *ifo; 2524 struct dhcp6_state *state; 2525 struct ipv6_addr *ap; 2526 size_t i, j, k; 2527 struct if_ia *ia; 2528 struct if_sla *sla; 2529 struct interface *ifd; 2530 2531 k = 0; 2532 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 2533 ifo = ifd->options; 2534 state = D6_STATE(ifd); 2535 if (state == NULL || state->state != DH6S_BOUND) 2536 continue; 2537 TAILQ_FOREACH(ap, &state->addrs, next) { 2538 if (!(ap->flags & IPV6_AF_DELEGATEDPFX)) 2539 continue; 2540 for (i = 0; i < ifo->ia_len; i++) { 2541 ia = &ifo->ia[i]; 2542 if (memcmp(ia->iaid, ap->iaid, 2543 sizeof(ia->iaid))) 2544 continue; 2545 for (j = 0; j < ia->sla_len; j++) { 2546 sla = &ia->sla[j]; 2547 if (strcmp(ifp->name, sla->ifname)) 2548 continue; 2549 if (ipv6_linklocal(ifp) == NULL) { 2550 logger(ifp->ctx, LOG_DEBUG, 2551 "%s: delaying adding" 2552 " delegated addresses for" 2553 " LL address", 2554 ifp->name); 2555 ipv6_addlinklocalcallback(ifp, 2556 dhcp6_find_delegates1, ifp); 2557 return 1; 2558 } 2559 if (dhcp6_ifdelegateaddr(ifp, ap, 2560 sla, ia, ifd)) 2561 k++; 2562 } 2563 } 2564 } 2565 } 2566 2567 if (k) { 2568 logger(ifp->ctx, LOG_INFO, 2569 "%s: adding delegated prefixes", ifp->name); 2570 state = D6_STATE(ifp); 2571 state->state = DH6S_DELEGATED; 2572 ipv6_addaddrs(&state->addrs); 2573 if_initrt6(ifp); 2574 ipv6_buildroutes(ifp->ctx); 2575 dhcp6_script_try_run(ifp, 1); 2576 } 2577 return k; 2578 } 2579 2580 static struct interface * 2581 dhcp6_findpfxdlgif(struct interface *ifp) 2582 { 2583 struct interface *ifn; 2584 2585 if (ifp->options && ifp->options->options & DHCPCD_PFXDLGONLY) 2586 return NULL; 2587 2588 if (ifp->ctx && ifp->ctx->ifaces) { 2589 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) { 2590 if (strcmp(ifn->name, ifp->name) == 0 && 2591 ifn->options->options & DHCPCD_PFXDLGONLY) 2592 return ifn; 2593 } 2594 } 2595 return NULL; 2596 } 2597 2598 /* ARGSUSED */ 2599 static void 2600 dhcp6_handledata(void *arg) 2601 { 2602 struct dhcpcd_ctx *dctx; 2603 struct ipv6_ctx *ctx; 2604 size_t i, len; 2605 ssize_t bytes; 2606 struct cmsghdr *cm; 2607 struct in6_pktinfo pkt; 2608 struct interface *ifp, *ifpx; 2609 const char *op; 2610 struct dhcp6_message *r; 2611 struct dhcp6_state *state; 2612 const struct dhcp6_option *o, *auth; 2613 const struct dhcp_opt *opt; 2614 const struct if_options *ifo; 2615 struct ipv6_addr *ap; 2616 uint8_t has_new; 2617 int error; 2618 uint32_t u32; 2619 2620 dctx = arg; 2621 ctx = dctx->ipv6; 2622 ctx->rcvhdr.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)); 2623 bytes = recvmsg(ctx->dhcp_fd, &ctx->rcvhdr, 0); 2624 if (bytes == -1) { 2625 logger(dctx, LOG_ERR, "%s: recvmsg: %m", __func__); 2626 close(ctx->dhcp_fd); 2627 eloop_event_delete(dctx->eloop, ctx->dhcp_fd, 0); 2628 ctx->dhcp_fd = -1; 2629 return; 2630 } 2631 len = (size_t)bytes; 2632 ctx->sfrom = inet_ntop(AF_INET6, &ctx->from.sin6_addr, 2633 ctx->ntopbuf, sizeof(ctx->ntopbuf)); 2634 if (len < sizeof(struct dhcp6_message)) { 2635 logger(dctx, LOG_ERR, 2636 "DHCPv6 packet too short from %s", ctx->sfrom); 2637 return; 2638 } 2639 2640 pkt.ipi6_ifindex = 0; 2641 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&ctx->rcvhdr); 2642 cm; 2643 cm = (struct cmsghdr *)CMSG_NXTHDR(&ctx->rcvhdr, cm)) 2644 { 2645 if (cm->cmsg_level != IPPROTO_IPV6) 2646 continue; 2647 switch(cm->cmsg_type) { 2648 case IPV6_PKTINFO: 2649 if (cm->cmsg_len == CMSG_LEN(sizeof(pkt))) 2650 memcpy(&pkt, CMSG_DATA(cm), sizeof(pkt)); 2651 break; 2652 } 2653 } 2654 if (pkt.ipi6_ifindex == 0) { 2655 logger(dctx, LOG_ERR, 2656 "DHCPv6 reply did not contain index from %s", ctx->sfrom); 2657 return; 2658 } 2659 2660 TAILQ_FOREACH(ifp, dctx->ifaces, next) { 2661 /* Ensure we work on the master interface */ 2662 if (ifp->index == (unsigned int)pkt.ipi6_ifindex && 2663 !(ifp->options->options & DHCPCD_PFXDLGONLY)) 2664 break; 2665 } 2666 if (ifp == NULL) { 2667 logger(dctx, LOG_DEBUG, 2668 "DHCPv6 reply for unexpected interface from %s", 2669 ctx->sfrom); 2670 return; 2671 } 2672 2673 r = (struct dhcp6_message *)ctx->rcvhdr.msg_iov[0].iov_base; 2674 2675 /* Which interface state is the IAID for? */ 2676 ifpx = dhcp6_findpfxdlgif(ifp); 2677 if (ifpx && D6_STATE(ifpx)) { 2678 state = D6_STATE(ifpx); 2679 if (r->xid[0] == state->send->xid[0] && 2680 r->xid[1] == state->send->xid[1] && 2681 r->xid[2] == state->send->xid[2]) 2682 ifp = ifpx; 2683 } 2684 2685 state = D6_STATE(ifp); 2686 if (state == NULL || state->send == NULL) { 2687 logger(ifp->ctx, LOG_DEBUG, 2688 "%s: DHCPv6 reply received but not running", ifp->name); 2689 return; 2690 } 2691 2692 /* We're already bound and this message is for another machine */ 2693 /* XXX DELEGATED? */ 2694 if (r->type != DHCP6_RECONFIGURE && 2695 (state->state == DH6S_BOUND || state->state == DH6S_INFORMED)) 2696 { 2697 logger(ifp->ctx, LOG_DEBUG, 2698 "%s: DHCPv6 reply received but already bound", ifp->name); 2699 return; 2700 } 2701 2702 if (r->type != DHCP6_RECONFIGURE && 2703 (r->xid[0] != state->send->xid[0] || 2704 r->xid[1] != state->send->xid[1] || 2705 r->xid[2] != state->send->xid[2])) 2706 { 2707 logger(dctx, LOG_DEBUG, 2708 "%s: wrong xid 0x%02x%02x%02x" 2709 " (expecting 0x%02x%02x%02x) from %s", 2710 ifp->name, 2711 r->xid[0], r->xid[1], r->xid[2], 2712 state->send->xid[0], state->send->xid[1], 2713 state->send->xid[2], 2714 ctx->sfrom); 2715 return; 2716 } 2717 2718 if (dhcp6_getmoption(D6_OPTION_SERVERID, r, len) == NULL) { 2719 logger(ifp->ctx, LOG_DEBUG, "%s: no DHCPv6 server ID from %s", 2720 ifp->name, ctx->sfrom); 2721 return; 2722 } 2723 2724 o = dhcp6_getmoption(D6_OPTION_CLIENTID, r, len); 2725 if (o == NULL || ntohs(o->len) != dctx->duid_len || 2726 memcmp(D6_COPTION_DATA(o), dctx->duid, dctx->duid_len) != 0) 2727 { 2728 logger(ifp->ctx, LOG_DEBUG, "%s: incorrect client ID from %s", 2729 ifp->name, ctx->sfrom); 2730 return; 2731 } 2732 2733 ifo = ifp->options; 2734 for (i = 0, opt = dctx->dhcp6_opts; 2735 i < dctx->dhcp6_opts_len; 2736 i++, opt++) 2737 { 2738 if (has_option_mask(ifo->requiremask6, opt->option) && 2739 dhcp6_getmoption((uint16_t)opt->option, r, len) == NULL) 2740 { 2741 logger(ifp->ctx, LOG_WARNING, 2742 "%s: reject DHCPv6 (no option %s) from %s", 2743 ifp->name, opt->var, ctx->sfrom); 2744 return; 2745 } 2746 if (has_option_mask(ifo->rejectmask6, opt->option) && 2747 dhcp6_getmoption((uint16_t)opt->option, r, len)) 2748 { 2749 logger(ifp->ctx, LOG_WARNING, 2750 "%s: reject DHCPv6 (option %s) from %s", 2751 ifp->name, opt->var, ctx->sfrom); 2752 return; 2753 } 2754 } 2755 2756 /* Authenticate the message */ 2757 auth = dhcp6_getmoption(D6_OPTION_AUTH, r, len); 2758 if (auth) { 2759 if (dhcp_auth_validate(&state->auth, &ifo->auth, 2760 (uint8_t *)r, len, 6, r->type, 2761 D6_COPTION_DATA(auth), ntohs(auth->len)) == NULL) 2762 { 2763 logger(ifp->ctx, LOG_DEBUG, "dhcp_auth_validate: %m"); 2764 logger(ifp->ctx, LOG_ERR, 2765 "%s: authentication failed from %s", 2766 ifp->name, ctx->sfrom); 2767 return; 2768 } 2769 if (state->auth.token) 2770 logger(ifp->ctx, LOG_DEBUG, 2771 "%s: validated using 0x%08" PRIu32, 2772 ifp->name, state->auth.token->secretid); 2773 else 2774 logger(ifp->ctx, LOG_DEBUG, 2775 "%s: accepted reconfigure key", ifp->name); 2776 } else if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 2777 logger(ifp->ctx, LOG_ERR, 2778 "%s: no authentication from %s", ifp->name, ctx->sfrom); 2779 return; 2780 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) 2781 logger(ifp->ctx, LOG_WARNING, 2782 "%s: no authentication from %s", ifp->name, ctx->sfrom); 2783 2784 op = dhcp6_get_op(r->type); 2785 switch(r->type) { 2786 case DHCP6_REPLY: 2787 switch(state->state) { 2788 case DH6S_INFORM: 2789 if (dhcp6_checkstatusok(ifp, r, NULL, len) == -1) 2790 return; 2791 /* RFC4242 */ 2792 o = dhcp6_getmoption(D6_OPTION_INFO_REFRESH_TIME, 2793 r, len); 2794 if (o == NULL || ntohs(o->len) != sizeof(u32)) 2795 state->renew = IRT_DEFAULT; 2796 else { 2797 memcpy(&u32, D6_COPTION_DATA(o), sizeof(u32)); 2798 state->renew = ntohl(u32); 2799 if (state->renew < IRT_MINIMUM) 2800 state->renew = IRT_MINIMUM; 2801 } 2802 break; 2803 case DH6S_CONFIRM: 2804 error = dhcp6_checkstatusok(ifp, r, NULL, len); 2805 /* If we got an OK status the chances are that we 2806 * didn't get the IA's returned, so preserve them 2807 * from our saved response */ 2808 if (error == 1) 2809 goto recv; 2810 if (error == -1 || 2811 dhcp6_validatelease(ifp, r, len, 2812 ctx->sfrom, NULL) == -1) 2813 { 2814 dhcp6_startdiscover(ifp); 2815 return; 2816 } 2817 break; 2818 case DH6S_DISCOVER: 2819 if (has_option_mask(ifo->requestmask6, 2820 D6_OPTION_RAPID_COMMIT) && 2821 dhcp6_getmoption(D6_OPTION_RAPID_COMMIT, r, len)) 2822 state->state = DH6S_REQUEST; 2823 else 2824 op = NULL; 2825 case DH6S_REQUEST: /* FALLTHROUGH */ 2826 case DH6S_RENEW: /* FALLTHROUGH */ 2827 case DH6S_REBIND: 2828 if (dhcp6_validatelease(ifp, r, len, 2829 ctx->sfrom, NULL) == -1) 2830 { 2831 /* PD doesn't use CONFIRM, so REBIND could 2832 * throw up an invalid prefix if we 2833 * changed link */ 2834 if (dhcp6_hasprefixdelegation(ifp)) 2835 dhcp6_startdiscover(ifp); 2836 return; 2837 } 2838 break; 2839 default: 2840 op = NULL; 2841 } 2842 break; 2843 case DHCP6_ADVERTISE: 2844 if (state->state != DH6S_DISCOVER) { 2845 op = NULL; 2846 break; 2847 } 2848 /* RFC7083 */ 2849 o = dhcp6_getmoption(D6_OPTION_SOL_MAX_RT, r, len); 2850 if (o && ntohs(o->len) >= sizeof(u32)) { 2851 memcpy(&u32, D6_COPTION_DATA(o), sizeof(u32)); 2852 u32 = ntohl(u32); 2853 if (u32 >= 60 && u32 <= 86400) { 2854 logger(ifp->ctx, LOG_DEBUG, 2855 "%s: SOL_MAX_RT %llu -> %d", ifp->name, 2856 (unsigned long long)state->sol_max_rt, u32); 2857 state->sol_max_rt = (time_t)u32; 2858 } else 2859 logger(ifp->ctx, LOG_ERR, 2860 "%s: invalid SOL_MAX_RT %d", 2861 ifp->name, u32); 2862 } 2863 o = dhcp6_getmoption(D6_OPTION_INF_MAX_RT, r, len); 2864 if (o && ntohs(o->len) >= sizeof(u32)) { 2865 memcpy(&u32, D6_COPTION_DATA(o), sizeof(u32)); 2866 u32 = ntohl(u32); 2867 if (u32 >= 60 && u32 <= 86400) { 2868 logger(ifp->ctx, LOG_DEBUG, 2869 "%s: INF_MAX_RT %llu -> %d", 2870 ifp->name, 2871 (unsigned long long)state->inf_max_rt, u32); 2872 state->inf_max_rt = (time_t)u32; 2873 } else 2874 logger(ifp->ctx, LOG_ERR, 2875 "%s: invalid INF_MAX_RT %d", 2876 ifp->name, u32); 2877 } 2878 if (dhcp6_validatelease(ifp, r, len, ctx->sfrom, NULL) == -1) 2879 return; 2880 break; 2881 case DHCP6_RECONFIGURE: 2882 if (auth == NULL) { 2883 logger(ifp->ctx, LOG_ERR, 2884 "%s: unauthenticated %s from %s", 2885 ifp->name, op, ctx->sfrom); 2886 return; 2887 } 2888 logger(ifp->ctx, LOG_INFO, "%s: %s from %s", 2889 ifp->name, op, ctx->sfrom); 2890 o = dhcp6_getmoption(D6_OPTION_RECONF_MSG, r, len); 2891 if (o == NULL) { 2892 logger(ifp->ctx, LOG_ERR, 2893 "%s: missing Reconfigure Message option", 2894 ifp->name); 2895 return; 2896 } 2897 if (ntohs(o->len) != 1) { 2898 logger(ifp->ctx, LOG_ERR, 2899 "%s: missing Reconfigure Message type", ifp->name); 2900 return; 2901 } 2902 switch(*D6_COPTION_DATA(o)) { 2903 case DHCP6_RENEW: 2904 if (state->state != DH6S_BOUND) { 2905 logger(ifp->ctx, LOG_ERR, 2906 "%s: not bound, ignoring %s", 2907 ifp->name, op); 2908 return; 2909 } 2910 eloop_timeout_delete(ifp->ctx->eloop, 2911 dhcp6_startrenew, ifp); 2912 dhcp6_startrenew(ifp); 2913 break; 2914 case DHCP6_INFORMATION_REQ: 2915 if (state->state != DH6S_INFORMED) { 2916 logger(ifp->ctx, LOG_ERR, 2917 "%s: not informed, ignoring %s", 2918 ifp->name, op); 2919 return; 2920 } 2921 eloop_timeout_delete(ifp->ctx->eloop, 2922 dhcp6_sendinform, ifp); 2923 dhcp6_startinform(ifp); 2924 break; 2925 default: 2926 logger(ifp->ctx, LOG_ERR, 2927 "%s: unsupported %s type %d", 2928 ifp->name, op, *D6_COPTION_DATA(o)); 2929 break; 2930 } 2931 return; 2932 default: 2933 logger(ifp->ctx, LOG_ERR, "%s: invalid DHCP6 type %s (%d)", 2934 ifp->name, op, r->type); 2935 return; 2936 } 2937 if (op == NULL) { 2938 logger(ifp->ctx, LOG_WARNING, 2939 "%s: invalid state for DHCP6 type %s (%d)", 2940 ifp->name, op, r->type); 2941 return; 2942 } 2943 2944 if (state->recv_len < (size_t)len) { 2945 free(state->recv); 2946 state->recv = malloc(len); 2947 if (state->recv == NULL) { 2948 logger(ifp->ctx, LOG_ERR, 2949 "%s: malloc recv: %m", ifp->name); 2950 return; 2951 } 2952 } 2953 memcpy(state->recv, r, len); 2954 state->recv_len = len; 2955 2956 switch(r->type) { 2957 case DHCP6_ADVERTISE: 2958 if (state->state == DH6S_REQUEST) /* rapid commit */ 2959 break; 2960 ap = TAILQ_FIRST(&state->addrs); 2961 logger(ifp->ctx, LOG_INFO, "%s: ADV %s from %s", 2962 ifp->name, ap->saddr, ctx->sfrom); 2963 if (ifp->ctx->options & DHCPCD_TEST) 2964 break; 2965 dhcp6_startrequest(ifp); 2966 return; 2967 } 2968 2969 recv: 2970 has_new = 0; 2971 TAILQ_FOREACH(ap, &state->addrs, next) { 2972 if (ap->flags & IPV6_AF_NEW) { 2973 has_new = 1; 2974 break; 2975 } 2976 } 2977 logger(ifp->ctx, has_new ? LOG_INFO : LOG_DEBUG, 2978 "%s: %s received from %s", ifp->name, op, ctx->sfrom); 2979 2980 state->reason = NULL; 2981 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2982 switch(state->state) { 2983 case DH6S_INFORM: 2984 state->rebind = 0; 2985 state->expire = ND6_INFINITE_LIFETIME; 2986 state->lowpl = ND6_INFINITE_LIFETIME; 2987 state->reason = "INFORM6"; 2988 break; 2989 case DH6S_REQUEST: 2990 if (state->reason == NULL) 2991 state->reason = "BOUND6"; 2992 /* FALLTHROUGH */ 2993 case DH6S_RENEW: 2994 if (state->reason == NULL) 2995 state->reason = "RENEW6"; 2996 /* FALLTHROUGH */ 2997 case DH6S_REBIND: 2998 if (state->reason == NULL) 2999 state->reason = "REBIND6"; 3000 /* FALLTHROUGH */ 3001 case DH6S_CONFIRM: 3002 if (state->reason == NULL) 3003 state->reason = "REBOOT6"; 3004 if (state->renew == 0) { 3005 if (state->expire == ND6_INFINITE_LIFETIME) 3006 state->renew = ND6_INFINITE_LIFETIME; 3007 else if (state->lowpl != ND6_INFINITE_LIFETIME) 3008 state->renew = (uint32_t)(state->lowpl * 0.5); 3009 } 3010 if (state->rebind == 0) { 3011 if (state->expire == ND6_INFINITE_LIFETIME) 3012 state->rebind = ND6_INFINITE_LIFETIME; 3013 else if (state->lowpl != ND6_INFINITE_LIFETIME) 3014 state->rebind = (uint32_t)(state->lowpl * 0.8); 3015 } 3016 break; 3017 default: 3018 state->reason = "UNKNOWN6"; 3019 break; 3020 } 3021 3022 if (state->state != DH6S_CONFIRM) { 3023 free(state->old); 3024 state->old = state->new; 3025 state->old_len = state->new_len; 3026 state->new = state->recv; 3027 state->new_len = state->recv_len; 3028 state->recv = NULL; 3029 state->recv_len = 0; 3030 } 3031 3032 if (ifp->ctx->options & DHCPCD_TEST) 3033 script_runreason(ifp, "TEST"); 3034 else { 3035 if (state->state == DH6S_INFORM) 3036 state->state = DH6S_INFORMED; 3037 else 3038 state->state = DH6S_BOUND; 3039 if (state->renew && state->renew != ND6_INFINITE_LIFETIME) 3040 eloop_timeout_add_sec(ifp->ctx->eloop, 3041 (time_t)state->renew, 3042 state->state == DH6S_INFORMED ? 3043 dhcp6_startinform : dhcp6_startrenew, ifp); 3044 if (state->rebind && state->rebind != ND6_INFINITE_LIFETIME) 3045 eloop_timeout_add_sec(ifp->ctx->eloop, 3046 (time_t)state->rebind, dhcp6_startrebind, ifp); 3047 if (state->expire != ND6_INFINITE_LIFETIME) 3048 eloop_timeout_add_sec(ifp->ctx->eloop, 3049 (time_t)state->expire, dhcp6_startexpire, ifp); 3050 3051 #ifndef PASSIVE_MODE 3052 ipv6nd_runignoredra(ifp); 3053 ipv6_addaddrs(&state->addrs); 3054 dhcp6_delegate_prefix(ifp); 3055 #else 3056 rpc_update_ipv6(ifp); 3057 #endif /* PASSIVE_MODE */ 3058 3059 if (state->state == DH6S_INFORMED) 3060 logger(ifp->ctx, has_new ? LOG_INFO : LOG_DEBUG, 3061 "%s: refresh in %"PRIu32" seconds", 3062 ifp->name, state->renew); 3063 else if (state->renew || state->rebind) 3064 logger(ifp->ctx, has_new ? LOG_INFO : LOG_DEBUG, 3065 "%s: renew in %"PRIu32" seconds," 3066 " rebind in %"PRIu32" seconds", 3067 ifp->name, state->renew, state->rebind); 3068 else if (state->expire == 0) 3069 logger(ifp->ctx, has_new ? LOG_INFO : LOG_DEBUG, 3070 "%s: will expire", ifp->name); 3071 if_initrt6(ifp); 3072 ipv6_buildroutes(ifp->ctx); 3073 dhcp6_writelease(ifp); 3074 dhcp6_script_try_run(ifp, 0); 3075 } 3076 3077 if (ifp->ctx->options & DHCPCD_TEST || 3078 (ifp->options->options & DHCPCD_INFORM && 3079 !(ifp->ctx->options & DHCPCD_MASTER))) 3080 { 3081 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3082 } 3083 } 3084 3085 static int 3086 dhcp6_open(struct dhcpcd_ctx *dctx) 3087 { 3088 struct ipv6_ctx *ctx; 3089 struct sockaddr_in6 sa; 3090 int n; 3091 3092 memset(&sa, 0, sizeof(sa)); 3093 sa.sin6_family = AF_INET6; 3094 sa.sin6_port = htons(DHCP6_CLIENT_PORT); 3095 #ifdef BSD 3096 sa.sin6_len = sizeof(sa); 3097 #endif 3098 3099 ctx = dctx->ipv6; 3100 #ifdef SOCK_CLOEXEC 3101 ctx->dhcp_fd = socket(PF_INET6, 3102 SOCK_DGRAM | SOCK_CLOEXEC | SOCK_NONBLOCK, 3103 IPPROTO_UDP); 3104 if (ctx->dhcp_fd == -1) 3105 return -1; 3106 #else 3107 if ((ctx->dhcp_fd = socket(PF_INET6, SOCK_DGRAM, IPPROTO_UDP)) == -1) 3108 return -1; 3109 if ((n = fcntl(ctx->dhcp_fd, F_GETFD, 0)) == -1 || 3110 fcntl(ctx->dhcp_fd, F_SETFD, n | FD_CLOEXEC) == -1) 3111 { 3112 close(ctx->dhcp_fd); 3113 ctx->dhcp_fd = -1; 3114 return -1; 3115 } 3116 if ((n = fcntl(ctx->dhcp_fd, F_GETFL, 0)) == -1 || 3117 fcntl(ctx->dhcp_fd, F_SETFL, n | O_NONBLOCK) == -1) 3118 { 3119 close(ctx->dhcp_fd); 3120 ctx->dhcp_fd = -1; 3121 return -1; 3122 } 3123 #endif 3124 3125 n = 1; 3126 if (setsockopt(ctx->dhcp_fd, SOL_SOCKET, SO_REUSEADDR, 3127 &n, sizeof(n)) == -1) 3128 goto errexit; 3129 3130 n = 1; 3131 if (setsockopt(ctx->dhcp_fd, SOL_SOCKET, SO_BROADCAST, 3132 &n, sizeof(n)) == -1) 3133 goto errexit; 3134 3135 #ifdef SO_REUSEPORT 3136 n = 1; 3137 if (setsockopt(ctx->dhcp_fd, SOL_SOCKET, SO_REUSEPORT, 3138 &n, sizeof(n)) == -1) 3139 logger(dctx, LOG_WARNING, "setsockopt: SO_REUSEPORT: %m"); 3140 #endif 3141 3142 if (bind(ctx->dhcp_fd, (struct sockaddr *)&sa, sizeof(sa)) == -1) 3143 goto errexit; 3144 3145 n = 1; 3146 if (setsockopt(ctx->dhcp_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, 3147 &n, sizeof(n)) == -1) 3148 goto errexit; 3149 3150 eloop_event_add(dctx->eloop, ctx->dhcp_fd, 3151 dhcp6_handledata, dctx, NULL, NULL); 3152 return 0; 3153 3154 errexit: 3155 close(ctx->dhcp_fd); 3156 ctx->dhcp_fd = -1; 3157 return -1; 3158 } 3159 3160 static void 3161 dhcp6_start1(void *arg) 3162 { 3163 struct interface *ifp = arg; 3164 struct if_options *ifo = ifp->options; 3165 struct dhcp6_state *state; 3166 size_t i; 3167 const struct dhcp_compat *dhc; 3168 3169 state = D6_STATE(ifp); 3170 /* Match any DHCPv4 opton to DHCPv6 options if given for easy 3171 * configuration */ 3172 for (i = 0; i < sizeof(ifo->requestmask6); i++) { 3173 if (ifo->requestmask6[i] != '\0') 3174 break; 3175 } 3176 if (i == sizeof(ifo->requestmask6)) { 3177 for (dhc = dhcp_compats; dhc->dhcp_opt; dhc++) { 3178 if (has_option_mask(ifo->requestmask, dhc->dhcp_opt)) 3179 add_option_mask(ifo->requestmask6, 3180 dhc->dhcp6_opt); 3181 } 3182 if (ifo->fqdn != FQDN_DISABLE || 3183 ifo->options & DHCPCD_HOSTNAME) 3184 add_option_mask(ifo->requestmask6, D6_OPTION_FQDN); 3185 } 3186 3187 /* Rapid commit won't wor with Prefix Delegation Exclusion */ 3188 if (dhcp6_findselfsla(ifp, NULL)) 3189 del_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT); 3190 3191 /* Create a 2nd interface to handle the PD state */ 3192 if (!(ifo->options & (DHCPCD_PFXDLGONLY | DHCPCD_PFXDLGMIX)) && 3193 dhcp6_hasprefixdelegation(ifp) > 1) 3194 { 3195 const char * const argv[] = { ifp->name }; 3196 struct if_head *ifs; 3197 struct interface *ifn; 3198 3199 ifn = dhcp6_findpfxdlgif(ifp); 3200 if (ifn == NULL) { 3201 ifs = if_discover(ifp->ctx, -1, UNCONST(argv)); 3202 if (ifs) { 3203 ifn = TAILQ_FIRST(ifs); 3204 if (ifn) { 3205 logger(ifp->ctx, LOG_INFO, 3206 "%s: creating pseudo interface" 3207 " to handle Prefix Delegation", 3208 ifp->name); 3209 ifp->options->options |= 3210 DHCPCD_NOPFXDLG; 3211 /* 3212 * Maintain the same lease identifier 3213 * for the pseudo interface for 3214 * obtaining prefix delegation. 3215 */ 3216 strlcpy(ifn->lease_identifier, 3217 ifp->lease_identifier, 3218 sizeof(ifn->lease_identifier)); 3219 TAILQ_REMOVE(ifs, ifn, next); 3220 TAILQ_INSERT_AFTER(ifp->ctx->ifaces, 3221 ifp, ifn, next); 3222 dhcpcd_initstate(ifn, 3223 DHCPCD_PFXDLGONLY); 3224 eloop_timeout_add_sec(ifp->ctx->eloop, 3225 0, dhcpcd_startinterface, ifn); 3226 } 3227 while ((ifn = TAILQ_FIRST(ifs))) { 3228 TAILQ_REMOVE(ifs, ifn, next); 3229 if_free(ifn); 3230 } 3231 free(ifs); 3232 } 3233 } 3234 } 3235 3236 if (state->state == DH6S_INFORM) { 3237 add_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 3238 dhcp6_startinform(ifp); 3239 } else { 3240 del_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 3241 dhcp6_startinit(ifp); 3242 } 3243 } 3244 3245 int 3246 dhcp6_start(struct interface *ifp, enum DH6S init_state) 3247 { 3248 struct dhcp6_state *state; 3249 3250 state = D6_STATE(ifp); 3251 if (state) { 3252 if (state->state == DH6S_INFORMED && 3253 init_state == DH6S_INFORM) 3254 { 3255 dhcp6_startinform(ifp); 3256 return 0; 3257 } 3258 if (init_state == DH6S_INIT && 3259 ifp->options->options & DHCPCD_DHCP6 && 3260 (state->state == DH6S_INFORM || 3261 state->state == DH6S_INFORMED || 3262 state->state == DH6S_DELEGATED)) 3263 { 3264 /* Change from stateless to stateful */ 3265 goto gogogo; 3266 } 3267 /* We're already running DHCP6 */ 3268 /* XXX: What if the managed flag vanishes from all RA? */ 3269 return 0; 3270 } 3271 3272 if (!(ifp->options->options & DHCPCD_DHCP6)) 3273 return 0; 3274 3275 if (ifp->ctx->ipv6->dhcp_fd == -1 && dhcp6_open(ifp->ctx) == -1) 3276 return -1; 3277 3278 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 3279 state = D6_STATE(ifp); 3280 if (state == NULL) 3281 return -1; 3282 3283 state->sol_max_rt = SOL_MAX_RT; 3284 state->inf_max_rt = INF_MAX_RT; 3285 TAILQ_INIT(&state->addrs); 3286 3287 gogogo: 3288 state->state = init_state; 3289 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3290 AF_INET6, ifp, 3291 ifp->options->options & DHCPCD_PFXDLGONLY ? ".pd" : ""); 3292 if (ipv6_linklocal(ifp) == NULL) { 3293 logger(ifp->ctx, LOG_DEBUG, 3294 "%s: delaying DHCPv6 soliciation for LL address", 3295 ifp->name); 3296 ipv6_addlinklocalcallback(ifp, dhcp6_start1, ifp); 3297 return 0; 3298 } 3299 3300 dhcp6_start1(ifp); 3301 return 0; 3302 } 3303 3304 void 3305 dhcp6_reboot(struct interface *ifp) 3306 { 3307 struct dhcp6_state *state; 3308 3309 state = D6_STATE(ifp); 3310 if (state) { 3311 switch (state->state) { 3312 case DH6S_BOUND: 3313 dhcp6_startrebind(ifp); 3314 break; 3315 case DH6S_INFORMED: 3316 dhcp6_startinform(ifp); 3317 break; 3318 default: 3319 dhcp6_startdiscover(ifp); 3320 break; 3321 } 3322 } 3323 } 3324 3325 static void 3326 dhcp6_freedrop(struct interface *ifp, int drop, const char *reason) 3327 { 3328 struct interface *ifpx; 3329 struct dhcp6_state *state; 3330 struct dhcpcd_ctx *ctx; 3331 unsigned long long options; 3332 int dropdele; 3333 3334 /* 3335 * As the interface is going away from dhcpcd we need to 3336 * remove the delegated addresses, otherwise we lose track 3337 * of which interface is delegating as we remeber it by pointer. 3338 * So if we need to change this behaviour, we need to change 3339 * how we remember which interface delegated. 3340 * 3341 * XXX The below is no longer true due to the change of the 3342 * default IAID, but do PPP links have stable ethernet 3343 * addresses? 3344 * 3345 * To make it more interesting, on some OS's with PPP links 3346 * there is no guarantee the delegating interface will have 3347 * the same name or index so think very hard before changing 3348 * this. 3349 */ 3350 if (ifp->options) 3351 options = ifp->options->options; 3352 else 3353 options = 0; 3354 dropdele = (options & (DHCPCD_STOPPING | DHCPCD_RELEASE) && 3355 (options & 3356 (DHCPCD_EXITING | DHCPCD_PERSISTENT)) != 3357 (DHCPCD_EXITING | DHCPCD_PERSISTENT)); 3358 3359 ifpx = dhcp6_findpfxdlgif(ifp); 3360 if (ifpx) { 3361 if (options & DHCPCD_EXITING) 3362 ifpx->options->options |= DHCPCD_EXITING; 3363 dhcp6_freedrop(ifpx, dropdele ? 1 : drop, reason); 3364 TAILQ_REMOVE(ifp->ctx->ifaces, ifpx, next); 3365 if_free(ifpx); 3366 } 3367 3368 if (ifp->ctx->eloop) 3369 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3370 3371 if (dropdele) 3372 dhcp6_delete_delegates(ifp); 3373 3374 state = D6_STATE(ifp); 3375 if (state) { 3376 dhcp_auth_reset(&state->auth); 3377 if (drop && options & DHCPCD_RELEASE) { 3378 if (ifp->carrier == LINK_UP) 3379 dhcp6_startrelease(ifp); 3380 unlink(state->leasefile); 3381 } 3382 dhcp6_freedrop_addrs(ifp, drop, NULL); 3383 free(state->old); 3384 state->old = state->new; 3385 state->old_len = state->new_len; 3386 state->new = NULL; 3387 state->new_len = 0; 3388 if (drop && state->old && 3389 (options & 3390 (DHCPCD_EXITING | DHCPCD_PERSISTENT)) != 3391 (DHCPCD_EXITING | DHCPCD_PERSISTENT)) 3392 { 3393 if (reason == NULL) 3394 reason = "STOP6"; 3395 script_runreason(ifp, reason); 3396 } 3397 free(state->old); 3398 free(state->send); 3399 free(state->recv); 3400 free(state); 3401 ifp->if_data[IF_DATA_DHCP6] = NULL; 3402 } 3403 3404 /* If we don't have any more DHCP6 enabled interfaces, 3405 * close the global socket and release resources */ 3406 ctx = ifp->ctx; 3407 if (ctx->ifaces) { 3408 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3409 if (D6_STATE(ifp)) 3410 break; 3411 } 3412 } 3413 if (ifp == NULL && ctx->ipv6) { 3414 if (ctx->ipv6->dhcp_fd != -1) { 3415 eloop_event_delete(ctx->eloop, ctx->ipv6->dhcp_fd, 0); 3416 close(ctx->ipv6->dhcp_fd); 3417 ctx->ipv6->dhcp_fd = -1; 3418 } 3419 } 3420 } 3421 3422 void 3423 dhcp6_drop(struct interface *ifp, const char *reason) 3424 { 3425 3426 dhcp6_freedrop(ifp, 1, reason); 3427 } 3428 3429 void 3430 dhcp6_free(struct interface *ifp) 3431 { 3432 3433 dhcp6_freedrop(ifp, 0, NULL); 3434 } 3435 3436 void 3437 dhcp6_handleifa(struct dhcpcd_ctx *ctx, int cmd, const char *ifname, 3438 const struct in6_addr *addr, int flags) 3439 { 3440 struct interface *ifp; 3441 struct dhcp6_state *state; 3442 3443 if (ctx->ifaces == NULL) 3444 return; 3445 3446 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3447 state = D6_STATE(ifp); 3448 if (state == NULL || strcmp(ifp->name, ifname)) 3449 continue; 3450 ipv6_handleifa_addrs(cmd, &state->addrs, addr, flags); 3451 } 3452 3453 } 3454 3455 ssize_t 3456 dhcp6_env(char **env, const char *prefix, const struct interface *ifp, 3457 const struct dhcp6_message *m, size_t len) 3458 { 3459 const struct if_options *ifo; 3460 struct dhcp_opt *opt, *vo; 3461 const struct dhcp6_option *o; 3462 size_t i, n; 3463 uint16_t ol, oc; 3464 char *pfx; 3465 uint32_t en; 3466 const struct dhcpcd_ctx *ctx; 3467 const struct dhcp6_state *state; 3468 const struct ipv6_addr *ap; 3469 char *v, *val; 3470 3471 n = 0; 3472 if (m == NULL) 3473 goto delegated; 3474 3475 if (len < sizeof(*m)) { 3476 /* Should be impossible with guards at packet in 3477 * and reading leases */ 3478 errno = EINVAL; 3479 return -1; 3480 } 3481 3482 ifo = ifp->options; 3483 ctx = ifp->ctx; 3484 3485 /* Zero our indexes */ 3486 if (env) { 3487 for (i = 0, opt = ctx->dhcp6_opts; 3488 i < ctx->dhcp6_opts_len; 3489 i++, opt++) 3490 dhcp_zero_index(opt); 3491 for (i = 0, opt = ifp->options->dhcp6_override; 3492 i < ifp->options->dhcp6_override_len; 3493 i++, opt++) 3494 dhcp_zero_index(opt); 3495 for (i = 0, opt = ctx->vivso; 3496 i < ctx->vivso_len; 3497 i++, opt++) 3498 dhcp_zero_index(opt); 3499 i = strlen(prefix) + strlen("_dhcp6") + 1; 3500 pfx = malloc(i); 3501 if (pfx == NULL) { 3502 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 3503 return -1; 3504 } 3505 snprintf(pfx, i, "%s_dhcp6", prefix); 3506 } else 3507 pfx = NULL; 3508 3509 /* Unlike DHCP, DHCPv6 options *may* occur more than once. 3510 * There is also no provision for option concatenation unlike DHCP. */ 3511 for (o = D6_CFIRST_OPTION(m); 3512 len > (ssize_t)sizeof(*o); 3513 o = D6_CNEXT_OPTION(o)) 3514 { 3515 ol = ntohs(o->len); 3516 if (sizeof(*o) + ol > len) { 3517 errno = EINVAL; 3518 break; 3519 } 3520 len -= sizeof(*o) + ol; 3521 oc = ntohs(o->code); 3522 if (has_option_mask(ifo->nomask6, oc)) 3523 continue; 3524 for (i = 0, opt = ifo->dhcp6_override; 3525 i < ifo->dhcp6_override_len; 3526 i++, opt++) 3527 if (opt->option == oc) 3528 break; 3529 if (i == ifo->dhcp6_override_len && 3530 oc == D6_OPTION_VENDOR_OPTS && 3531 ol > sizeof(en)) 3532 { 3533 memcpy(&en, D6_COPTION_DATA(o), sizeof(en)); 3534 en = ntohl(en); 3535 vo = vivso_find(en, ifp); 3536 } else 3537 vo = NULL; 3538 if (i == ifo->dhcp6_override_len) { 3539 for (i = 0, opt = ctx->dhcp6_opts; 3540 i < ctx->dhcp6_opts_len; 3541 i++, opt++) 3542 if (opt->option == oc) 3543 break; 3544 if (i == ctx->dhcp6_opts_len) 3545 opt = NULL; 3546 } 3547 if (opt) { 3548 n += dhcp_envoption(ifp->ctx, 3549 env == NULL ? NULL : &env[n], 3550 pfx, ifp->name, 3551 opt, dhcp6_getoption, D6_COPTION_DATA(o), ol); 3552 } 3553 if (vo) { 3554 n += dhcp_envoption(ifp->ctx, 3555 env == NULL ? NULL : &env[n], 3556 pfx, ifp->name, 3557 vo, dhcp6_getoption, 3558 D6_COPTION_DATA(o) + sizeof(en), 3559 ol - sizeof(en)); 3560 } 3561 } 3562 free(pfx); 3563 3564 delegated: 3565 /* Needed for Delegated Prefixes */ 3566 state = D6_CSTATE(ifp); 3567 i = 0; 3568 TAILQ_FOREACH(ap, &state->addrs, next) { 3569 if (ap->delegating_iface) { 3570 i += strlen(ap->saddr) + 1; 3571 } 3572 } 3573 if (env && i) { 3574 i += strlen(prefix) + strlen("_delegated_dhcp6_prefix="); 3575 v = val = env[n] = malloc(i); 3576 if (v == NULL) { 3577 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 3578 return -1; 3579 } 3580 v += snprintf(val, i, "%s_delegated_dhcp6_prefix=", prefix); 3581 TAILQ_FOREACH(ap, &state->addrs, next) { 3582 if (ap->delegating_iface) { 3583 /* Can't use stpcpy(3) due to "security" */ 3584 const char *sap = ap->saddr; 3585 3586 do 3587 *v++ = *sap; 3588 while (*++sap != '\0'); 3589 *v++ = ' '; 3590 } 3591 } 3592 *--v = '\0'; 3593 } 3594 if (i) 3595 n++; 3596 3597 return (ssize_t)n; 3598 } 3599 3600 int 3601 dhcp6_dump(struct interface *ifp) 3602 { 3603 struct dhcp6_state *state; 3604 3605 ifp->if_data[IF_DATA_DHCP6] = state = calloc(1, sizeof(*state)); 3606 if (state == NULL) { 3607 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__); 3608 return -1; 3609 } 3610 TAILQ_INIT(&state->addrs); 3611 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3612 AF_INET6, ifp, 3613 ifp->options->options & DHCPCD_PFXDLGONLY ? ".pd" : ""); 3614 if (dhcp6_readlease(ifp, 0) == -1) { 3615 logger(ifp->ctx, LOG_ERR, "%s: %s: %m", 3616 *ifp->name ? ifp->name : state->leasefile, __func__); 3617 return -1; 3618 } 3619 state->reason = "DUMP6"; 3620 return script_runreason(ifp, state->reason); 3621 } 3622
