X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fodhcpd.git;a=blobdiff_plain;f=src%2Fdhcpv6.c;h=e092c1076b73b9df0bf4e292a49128e51388996a;hp=aaefa5e4126764f30cf0636a7c94bcfad08c4688;hb=HEAD;hpb=fc7fb637811089b4f26fb00ca81a0d05c09076bd diff --git a/src/dhcpv6.c b/src/dhcpv6.c index aaefa5e..e092c10 100644 --- a/src/dhcpv6.c +++ b/src/dhcpv6.c @@ -18,6 +18,7 @@ #include #include #include +#include #include "odhcpd.h" #include "dhcpv6.h" @@ -28,21 +29,19 @@ static void relay_client_request(struct sockaddr_in6 *source, static void relay_server_response(uint8_t *data, size_t len); static void handle_dhcpv6(void *addr, void *data, size_t len, - struct interface *iface); + struct interface *iface, void *dest); static void handle_client_request(void *addr, void *data, size_t len, - struct interface *iface); - + struct interface *iface, void *dest_addr); // Create socket and register events -int init_dhcpv6(void) +int dhcpv6_init(void) { dhcpv6_ia_init(); return 0; } - -int setup_dhcpv6_interface(struct interface *iface, bool enable) +int dhcpv6_setup_interface(struct interface *iface, bool enable) { if (iface->dhcpv6_event.uloop.fd > 0) { uloop_fd_delete(&iface->dhcpv6_event.uloop); @@ -51,11 +50,10 @@ int setup_dhcpv6_interface(struct interface *iface, bool enable) } // Configure multicast settings - if (enable && iface->dhcpv6 && !iface->master) { + if (enable && iface->dhcpv6) { int sock = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP); if (sock < 0) { - syslog(LOG_ERR, "Failed to create DHCPv6 server socket: %s", - strerror(errno)); + syslog(LOG_ERR, "Failed to create DHCPv6 server socket: %m"); return -1; } @@ -77,8 +75,7 @@ int setup_dhcpv6_interface(struct interface *iface, bool enable) 0, IN6ADDR_ANY_INIT, 0}; if (bind(sock, (struct sockaddr*)&bind_addr, sizeof(bind_addr))) { - syslog(LOG_ERR, "Failed to open DHCPv6 server socket: %s", - strerror(errno)); + syslog(LOG_ERR, "Failed to open DHCPv6 server socket: %m"); return -1; } @@ -86,7 +83,7 @@ int setup_dhcpv6_interface(struct interface *iface, bool enable) struct ipv6_mreq server = {ALL_DHCPV6_SERVERS, iface->ifindex}; setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &relay, sizeof(relay)); - if (iface->dhcpv6 == RELAYD_SERVER) + if (iface->dhcpv6 == MODE_SERVER) setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &server, sizeof(server)); iface->dhcpv6_event.uloop.fd = sock; @@ -94,24 +91,40 @@ int setup_dhcpv6_interface(struct interface *iface, bool enable) odhcpd_register(&iface->dhcpv6_event); } - return setup_dhcpv6_ia_interface(iface, enable); + return dhcpv6_setup_ia_interface(iface, enable); } +enum { + IOV_NESTED = 0, + IOV_DEST, + IOV_MAXRT, +#define IOV_STAT IOV_MAXRT + IOV_DNS, + IOV_DNS_ADDR, + IOV_SEARCH, + IOV_SEARCH_DOMAIN, + IOV_PDBUF, +#define IOV_REFRESH IOV_PDBUF + IOV_CERID, + IOV_DHCPV6_RAW, + IOV_RELAY_MSG, + IOV_TOTAL +}; static void handle_nested_message(uint8_t *data, size_t len, - uint8_t **opts, uint8_t **end, struct iovec iov[9]) + uint8_t **opts, uint8_t **end, struct iovec iov[IOV_TOTAL - 1]) { struct dhcpv6_relay_header *hdr = (struct dhcpv6_relay_header*)data; - if (iov[0].iov_base == NULL) { - iov[0].iov_base = data; - iov[0].iov_len = len; + if (iov[IOV_NESTED].iov_base == NULL) { + iov[IOV_NESTED].iov_base = data; + iov[IOV_NESTED].iov_len = len; } if (len < sizeof(struct dhcpv6_client_header)) return; if (hdr->msg_type != DHCPV6_MSG_RELAY_FORW) { - iov[0].iov_len = data - (uint8_t*)iov[0].iov_base; + iov[IOV_NESTED].iov_len = data - (uint8_t*)iov[IOV_NESTED].iov_base; struct dhcpv6_client_header *hdr = (void*)data; *opts = (uint8_t*)&hdr[1]; *end = data + len; @@ -122,9 +135,9 @@ static void handle_nested_message(uint8_t *data, size_t len, uint8_t *odata; dhcpv6_for_each_option(hdr->options, data + len, otype, olen, odata) { if (otype == DHCPV6_OPT_RELAY_MSG) { - iov[9].iov_base = odata + olen; - iov[9].iov_len = (((uint8_t*)iov[0].iov_base) + iov[0].iov_len) - - (odata + olen); + iov[IOV_RELAY_MSG].iov_base = odata + olen; + iov[IOV_RELAY_MSG].iov_len = (((uint8_t*)iov[IOV_NESTED].iov_base) + + iov[IOV_NESTED].iov_len) - (odata + olen); handle_nested_message(odata, olen, opts, end, iov); return; } @@ -153,12 +166,12 @@ static void update_nested_message(uint8_t *data, size_t len, ssize_t pdiff) } } - // Simple DHCPv6-server for information requests static void handle_client_request(void *addr, void *data, size_t len, - struct interface *iface) + struct interface *iface, void *dest_addr) { struct dhcpv6_client_header *hdr = data; + if (len < sizeof(*hdr)) return; @@ -173,9 +186,6 @@ static void handle_client_request(void *addr, void *data, size_t len, uint16_t duid_type; uint16_t hardware_type; uint8_t mac[6]; - uint16_t solmaxrt_type; - uint16_t solmaxrt_length; - uint32_t solmaxrt_value; uint16_t clientid_type; uint16_t clientid_length; uint8_t clientid_buf[130]; @@ -185,9 +195,6 @@ static void handle_client_request(void *addr, void *data, size_t len, .serverid_length = htons(10), .duid_type = htons(3), .hardware_type = htons(1), - .solmaxrt_type = htons(DHCPV6_OPT_SOL_MAX_RT), - .solmaxrt_length = htons(4), - .solmaxrt_value = htonl(60), .clientid_type = htons(DHCPV6_OPT_CLIENTID), .clientid_buf = {0} }; @@ -196,9 +203,16 @@ static void handle_client_request(void *addr, void *data, size_t len, struct __attribute__((packed)) { uint16_t type; uint16_t len; + uint32_t value; + } maxrt = {htons(DHCPV6_OPT_SOL_MAX_RT), htons(sizeof(maxrt) - 4), + htonl(60)}; + + struct __attribute__((packed)) { + uint16_t type; + uint16_t len; uint16_t value; } stat = {htons(DHCPV6_OPT_STATUS), htons(sizeof(stat) - 4), - htons(DHCPV6_STATUS_NOADDRSAVAIL)}; + htons(DHCPV6_STATUS_USEMULTICAST)}; struct __attribute__((packed)) { uint16_t type; @@ -207,19 +221,19 @@ static void handle_client_request(void *addr, void *data, size_t len, } refresh = {htons(DHCPV6_OPT_INFO_REFRESH), htons(sizeof(uint32_t)), htonl(600)}; - struct odhcpd_ipaddr ipaddr; - struct in6_addr *dns_addr = iface->dns; + struct in6_addr dns_addr, *dns_addr_ptr = iface->dns; size_t dns_cnt = iface->dns_cnt; - if (dns_cnt == 0 && odhcpd_get_interface_addresses(iface->ifindex, &ipaddr, 1) == 1) { - dns_addr = &ipaddr.addr; + if ((dns_cnt == 0) && + !odhcpd_get_interface_dns_addr(iface, &dns_addr)) { + dns_addr_ptr = &dns_addr; dns_cnt = 1; } struct { uint16_t type; uint16_t len; - } dns = {htons(DHCPV6_OPT_DNS_SERVERS), htons(dns_cnt * sizeof(*dns_addr))}; + } dns = {htons(DHCPV6_OPT_DNS_SERVERS), htons(dns_cnt * sizeof(*dns_addr_ptr))}; @@ -252,16 +266,19 @@ static void handle_client_request(void *addr, void *data, size_t len, uint8_t pdbuf[512]; - struct iovec iov[] = {{NULL, 0}, - {&dest, (uint8_t*)&dest.clientid_type - (uint8_t*)&dest}, - {&dns, (dns_cnt) ? sizeof(dns) : 0}, - {dns_addr, dns_cnt * sizeof(*dns_addr)}, - {&search, (search_len) ? sizeof(search) : 0}, - {search_domain, search_len}, - {pdbuf, 0}, - {&cerid, 0}, - {iface->dhcpv6_raw, iface->dhcpv6_raw_len}, - {NULL, 0}}; + struct iovec iov[IOV_TOTAL] = { + [IOV_NESTED] = {NULL, 0}, + [IOV_DEST] = {&dest, (uint8_t*)&dest.clientid_type - (uint8_t*)&dest}, + [IOV_MAXRT] = {&maxrt, sizeof(maxrt)}, + [IOV_DNS] = {&dns, (dns_cnt) ? sizeof(dns) : 0}, + [IOV_DNS_ADDR] = {dns_addr_ptr, dns_cnt * sizeof(*dns_addr_ptr)}, + [IOV_SEARCH] = {&search, (search_len) ? sizeof(search) : 0}, + [IOV_SEARCH_DOMAIN] = {search_domain, search_len}, + [IOV_PDBUF] = {pdbuf, 0}, + [IOV_CERID] = {&cerid, 0}, + [IOV_DHCPV6_RAW] = {iface->dhcpv6_raw, iface->dhcpv6_raw_len}, + [IOV_RELAY_MSG] = {NULL, 0} + }; uint8_t *opts = (uint8_t*)&hdr[1], *opts_end = (uint8_t*)data + len; if (hdr->msg_type == DHCPV6_MSG_RELAY_FORW) @@ -272,11 +289,19 @@ static void handle_client_request(void *addr, void *data, size_t len, if (opts[-4] == DHCPV6_MSG_ADVERTISE || opts[-4] == DHCPV6_MSG_REPLY || opts[-4] == DHCPV6_MSG_RELAY_REPL) return; + if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && + (opts[-4] == DHCPV6_MSG_SOLICIT || opts[-4] == DHCPV6_MSG_CONFIRM || + opts[-4] == DHCPV6_MSG_REBIND || opts[-4] == DHCPV6_MSG_INFORMATION_REQUEST)) + return; + if (opts[-4] == DHCPV6_MSG_SOLICIT) { dest.msg_type = DHCPV6_MSG_ADVERTISE; } else if (opts[-4] == DHCPV6_MSG_INFORMATION_REQUEST) { - iov[6].iov_base = &refresh; - iov[6].iov_len = sizeof(refresh); + iov[IOV_REFRESH].iov_base = &refresh; + iov[IOV_REFRESH].iov_len = sizeof(refresh); + + // Return inf max rt option in reply to information request + maxrt.type = htons(DHCPV6_OPT_INF_MAX_RT); } // Go through options and find what we need @@ -286,7 +311,7 @@ static void handle_client_request(void *addr, void *data, size_t len, if (otype == DHCPV6_OPT_CLIENTID && olen <= 130) { dest.clientid_length = htons(olen); memcpy(dest.clientid_buf, odata, olen); - iov[1].iov_len += 4 + olen; + iov[IOV_DEST].iov_len += 4 + olen; } else if (otype == DHCPV6_OPT_SERVERID) { if (olen != ntohs(dest.serverid_length) || memcmp(odata, &dest.duid_type, olen)) @@ -300,33 +325,49 @@ static void handle_client_request(void *addr, void *data, size_t len, } } else if (otype == DHCPV6_OPT_IA_PD) { #ifdef EXT_CER_ID - iov[7].iov_len = sizeof(cerid); + iov[IOV_CERID].iov_len = sizeof(cerid); if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr)) { - struct odhcpd_ipaddr addrs[32]; - ssize_t len = odhcpd_get_interface_addresses(0, addrs, - sizeof(addrs) / sizeof(*addrs)); + struct odhcpd_ipaddr *addrs; + ssize_t len = netlink_get_interface_addrs(0, true, &addrs); for (ssize_t i = 0; i < len; ++i) if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr) || memcmp(&addrs[i].addr, &cerid.addr, sizeof(cerid.addr)) < 0) - cerid.addr = addrs[i].addr; + cerid.addr = addrs[i].addr.in6; + + free(addrs); } #endif } } + if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && + (opts[-4] == DHCPV6_MSG_REQUEST || opts[-4] == DHCPV6_MSG_RENEW || + opts[-4] == DHCPV6_MSG_RELEASE || opts[-4] == DHCPV6_MSG_DECLINE)) { + iov[IOV_STAT].iov_base = &stat; + iov[IOV_STAT].iov_len = sizeof(stat); + + for (ssize_t i = IOV_STAT + 1; i < IOV_TOTAL; ++i) + iov[i].iov_len = 0; + + odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); + return; + } + if (opts[-4] != DHCPV6_MSG_INFORMATION_REQUEST) { ssize_t ialen = dhcpv6_handle_ia(pdbuf, sizeof(pdbuf), iface, addr, &opts[-4], opts_end); - iov[6].iov_len = ialen; + iov[IOV_PDBUF].iov_len = ialen; if (ialen < 0 || (ialen == 0 && (opts[-4] == DHCPV6_MSG_REBIND || opts[-4] == DHCPV6_MSG_CONFIRM))) return; } - if (iov[0].iov_len > 0) // Update length - update_nested_message(data, len, iov[1].iov_len + iov[2].iov_len + - iov[3].iov_len + iov[4].iov_len + iov[5].iov_len + - iov[6].iov_len + iov[7].iov_len - (4 + opts_end - opts)); + if (iov[IOV_NESTED].iov_len > 0) // Update length + update_nested_message(data, len, iov[IOV_DEST].iov_len + iov[IOV_MAXRT].iov_len + + iov[IOV_DNS].iov_len + iov[IOV_DNS_ADDR].iov_len + + iov[IOV_SEARCH].iov_len + iov[IOV_SEARCH_DOMAIN].iov_len + + iov[IOV_PDBUF].iov_len + iov[IOV_CERID].iov_len + + iov[IOV_DHCPV6_RAW].iov_len - (4 + opts_end - opts)); odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); } @@ -334,11 +375,11 @@ static void handle_client_request(void *addr, void *data, size_t len, // Central DHCPv6-relay handler static void handle_dhcpv6(void *addr, void *data, size_t len, - struct interface *iface) + struct interface *iface, void *dest_addr) { - if (iface->dhcpv6 == RELAYD_SERVER) { - handle_client_request(addr, data, len, iface); - } else if (iface->dhcpv6 == RELAYD_RELAY) { + if (iface->dhcpv6 == MODE_SERVER) { + handle_client_request(addr, data, len, iface, dest_addr); + } else if (iface->dhcpv6 == MODE_RELAY) { if (iface->master) relay_server_response(data, len); else @@ -412,15 +453,15 @@ static void relay_server_response(uint8_t *data, size_t len) if (is_authenticated) return; // Impossible to rewrite - struct odhcpd_ipaddr ip; const struct in6_addr *rewrite = iface->dns; + struct in6_addr addr; size_t rewrite_cnt = iface->dns_cnt; if (rewrite_cnt == 0) { - if (odhcpd_get_interface_addresses(iface->ifindex, &ip, 1) < 1) + if (odhcpd_get_interface_dns_addr(iface, &addr)) return; // Unable to get interface address - rewrite = &ip.addr; + rewrite = &addr; rewrite_cnt = 1; } @@ -435,6 +476,26 @@ static void relay_server_response(uint8_t *data, size_t len) odhcpd_send(iface->dhcpv6_event.uloop.fd, &target, &iov, 1, iface); } +static struct odhcpd_ipaddr *relay_link_address(struct interface *iface) +{ + struct odhcpd_ipaddr *addr = NULL; + time_t now = odhcpd_time(); + + for (size_t i = 0; i < iface->addr6_len; i++) { + if (iface->addr6[i].valid <= (uint32_t)now) + continue; + + if (iface->addr6[i].preferred > (uint32_t)now) { + addr = &iface->addr6[i]; + break; + } + + if (!addr || (iface->addr6[i].valid > addr->valid)) + addr = &iface->addr6[i]; + } + + return addr; +} // Relay client request (regular DHCPv6-relay) static void relay_client_request(struct sockaddr_in6 *source, @@ -442,7 +503,7 @@ static void relay_client_request(struct sockaddr_in6 *source, { struct interface *master = odhcpd_get_master_interface(); const struct dhcpv6_relay_header *h = data; - if (!master || master->dhcpv6 != RELAYD_RELAY || + if (!master || master->dhcpv6 != MODE_RELAY || h->msg_type == DHCPV6_MSG_RELAY_REPL || h->msg_type == DHCPV6_MSG_RECONFIGURE || h->msg_type == DHCPV6_MSG_REPLY || @@ -474,20 +535,22 @@ static void relay_client_request(struct sockaddr_in6 *source, memcpy(&hdr.interface_id_data, &ifindex, sizeof(ifindex)); // Detect public IP of slave interface to use as link-address - struct odhcpd_ipaddr ip; - if (odhcpd_get_interface_addresses(iface->ifindex, &ip, 1) < 1) { + struct odhcpd_ipaddr *ip = relay_link_address(iface); + if (!ip) { // No suitable address! Is the slave not configured yet? // Detect public IP of master interface and use it instead // This is WRONG and probably violates the RFC. However // otherwise we have a hen and egg problem because the // slave-interface cannot be auto-configured. - if (odhcpd_get_interface_addresses(master->ifindex, &ip, 1) < 1) + ip = relay_link_address(master); + if (!ip) return; // Could not obtain a suitable address } - memcpy(&hdr.link_address, &ip.addr, sizeof(hdr.link_address)); + + memcpy(&hdr.link_address, &ip->addr.in6, sizeof(hdr.link_address)); struct sockaddr_in6 dhcpv6_servers = {AF_INET6, htons(DHCPV6_SERVER_PORT), 0, ALL_DHCPV6_SERVERS, 0}; struct iovec iov[2] = {{&hdr, sizeof(hdr)}, {(void*)data, len}}; - odhcpd_send(iface->dhcpv6_event.uloop.fd, &dhcpv6_servers, iov, 2, master); + odhcpd_send(master->dhcpv6_event.uloop.fd, &dhcpv6_servers, iov, 2, master); }