1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * dhcpcd - DHCP client daemon 4 * Copyright (c) 2006-2020 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/param.h> 30 #include <sys/socket.h> 31 32 #include <arpa/inet.h> 33 #include <net/if.h> 34 #include <net/route.h> 35 #include <netinet/if_ether.h> 36 #include <netinet/in_systm.h> 37 #include <netinet/in.h> 38 #include <netinet/ip.h> 39 #define __FAVOR_BSD /* Nasty glibc hack so we can use BSD semantics for UDP */ 40 #include <netinet/udp.h> 41 #undef __FAVOR_BSD 42 43 #ifdef AF_LINK 44 # include <net/if_dl.h> 45 #endif 46 47 #include <assert.h> 48 #include <ctype.h> 49 #include <errno.h> 50 #include <fcntl.h> 51 #include <inttypes.h> 52 #include <stdbool.h> 53 #include <stddef.h> 54 #include <stdio.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <unistd.h> 58 #include <syslog.h> 59 60 #define ELOOP_QUEUE ELOOP_DHCP 61 #include "config.h" 62 #include "arp.h" 63 #include "bpf.h" 64 #include "common.h" 65 #include "dhcp.h" 66 #include "dhcpcd.h" 67 #include "dhcp-common.h" 68 #include "duid.h" 69 #include "eloop.h" 70 #include "if.h" 71 #include "ipv4.h" 72 #include "ipv4ll.h" 73 #include "logerr.h" 74 #include "privsep.h" 75 #include "sa.h" 76 #include "script.h" 77 78 #define DAD "Duplicate address detected" 79 #define DHCP_MIN_LEASE 20 80 81 #define IPV4A ADDRIPV4 | ARRAY 82 #define IPV4R ADDRIPV4 | REQUEST 83 84 /* We should define a maximum for the NAK exponential backoff */ 85 #define NAKOFF_MAX 60 86 87 /* Wait N nanoseconds between sending a RELEASE and dropping the address. 88 * This gives the kernel enough time to actually send it. */ 89 #define RELEASE_DELAY_S 0 90 #define RELEASE_DELAY_NS 10000000 91 92 #ifndef IPDEFTTL 93 #define IPDEFTTL 64 /* RFC1340 */ 94 #endif 95 96 /* Support older systems with different defines */ 97 #if !defined(IP_RECVPKTINFO) && defined(IP_PKTINFO) 98 #define IP_RECVPKTINFO IP_PKTINFO 99 #endif 100 101 /* Assert the correct structure size for on wire */ 102 __CTASSERT(sizeof(struct ip) == 20); 103 __CTASSERT(sizeof(struct udphdr) == 8); 104 __CTASSERT(sizeof(struct bootp) == 300); 105 106 struct dhcp_op { 107 uint8_t value; 108 const char *name; 109 }; 110 111 static const struct dhcp_op dhcp_ops[] = { 112 { DHCP_DISCOVER, "DISCOVER" }, 113 { DHCP_OFFER, "OFFER" }, 114 { DHCP_REQUEST, "REQUEST" }, 115 { DHCP_DECLINE, "DECLINE" }, 116 { DHCP_ACK, "ACK" }, 117 { DHCP_NAK, "NAK" }, 118 { DHCP_RELEASE, "RELEASE" }, 119 { DHCP_INFORM, "INFORM" }, 120 { DHCP_FORCERENEW, "FORCERENEW"}, 121 { 0, NULL } 122 }; 123 124 static const char * const dhcp_params[] = { 125 "ip_address", 126 "subnet_cidr", 127 "network_number", 128 "filename", 129 "server_name", 130 NULL 131 }; 132 133 static int dhcp_openbpf(struct interface *); 134 static void dhcp_start1(void *); 135 #if defined(ARP) && (!defined(KERNEL_RFC5227) || defined(ARPING)) 136 static void dhcp_arp_found(struct arp_state *, const struct arp_msg *); 137 #endif 138 static void dhcp_handledhcp(struct interface *, struct bootp *, size_t, 139 const struct in_addr *); 140 static void dhcp_handleifudp(void *); 141 static int dhcp_initstate(struct interface *); 142 143 void 144 dhcp_printoptions(const struct dhcpcd_ctx *ctx, 145 const struct dhcp_opt *opts, size_t opts_len) 146 { 147 const char * const *p; 148 size_t i, j; 149 const struct dhcp_opt *opt, *opt2; 150 int cols; 151 152 for (p = dhcp_params; *p; p++) 153 printf(" %s\n", *p); 154 155 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 156 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 157 if (opt->option == opt2->option) 158 break; 159 if (j == opts_len) { 160 cols = printf("%03d %s", opt->option, opt->var); 161 dhcp_print_option_encoding(opt, cols); 162 } 163 } 164 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 165 cols = printf("%03d %s", opt->option, opt->var); 166 dhcp_print_option_encoding(opt, cols); 167 } 168 } 169 170 static const uint8_t * 171 get_option(struct dhcpcd_ctx *ctx, 172 const struct bootp *bootp, size_t bootp_len, 173 unsigned int opt, size_t *opt_len) 174 { 175 const uint8_t *p, *e; 176 uint8_t l, o, ol, overl, *bp; 177 const uint8_t *op; 178 size_t bl; 179 180 if (bootp == NULL || bootp_len < DHCP_MIN_LEN) { 181 errno = EINVAL; 182 return NULL; 183 } 184 185 /* Check we have the magic cookie */ 186 if (!IS_DHCP(bootp)) { 187 errno = ENOTSUP; 188 return NULL; 189 } 190 191 p = bootp->vend + 4; /* options after the 4 byte cookie */ 192 e = (const uint8_t *)bootp + bootp_len; 193 ol = o = overl = 0; 194 bp = NULL; 195 op = NULL; 196 bl = 0; 197 while (p < e) { 198 o = *p++; 199 switch (o) { 200 case DHO_PAD: 201 /* No length to read */ 202 continue; 203 case DHO_END: 204 if (overl & 1) { 205 /* bit 1 set means parse boot file */ 206 overl = (uint8_t)(overl & ~1); 207 p = bootp->file; 208 e = p + sizeof(bootp->file); 209 } else if (overl & 2) { 210 /* bit 2 set means parse server name */ 211 overl = (uint8_t)(overl & ~2); 212 p = bootp->sname; 213 e = p + sizeof(bootp->sname); 214 } else 215 goto exit; 216 /* No length to read */ 217 continue; 218 } 219 220 /* Check we can read the length */ 221 if (p == e) { 222 errno = EINVAL; 223 return NULL; 224 } 225 l = *p++; 226 227 /* Check we can read the option data, if present */ 228 if (p + l > e) { 229 errno = EINVAL; 230 return NULL; 231 } 232 233 if (o == DHO_OPTSOVERLOADED) { 234 /* Ensure we only get this option once by setting 235 * the last bit as well as the value. 236 * This is valid because only the first two bits 237 * actually mean anything in RFC2132 Section 9.3 */ 238 if (l == 1 && !overl) 239 overl = 0x80 | p[0]; 240 } 241 242 if (o == opt) { 243 if (op) { 244 /* We must concatonate the options. */ 245 if (bl + l > ctx->opt_buffer_len) { 246 size_t pos; 247 uint8_t *nb; 248 249 if (bp) 250 pos = (size_t) 251 (bp - ctx->opt_buffer); 252 else 253 pos = 0; 254 nb = realloc(ctx->opt_buffer, bl + l); 255 if (nb == NULL) 256 return NULL; 257 ctx->opt_buffer = nb; 258 ctx->opt_buffer_len = bl + l; 259 bp = ctx->opt_buffer + pos; 260 } 261 if (bp == NULL) 262 bp = ctx->opt_buffer; 263 memcpy(bp, op, ol); 264 bp += ol; 265 } 266 ol = l; 267 op = p; 268 bl += ol; 269 } 270 p += l; 271 } 272 273 exit: 274 if (opt_len) 275 *opt_len = bl; 276 if (bp) { 277 memcpy(bp, op, ol); 278 return (const uint8_t *)ctx->opt_buffer; 279 } 280 if (op) 281 return op; 282 errno = ENOENT; 283 return NULL; 284 } 285 286 static int 287 get_option_addr(struct dhcpcd_ctx *ctx, 288 struct in_addr *a, const struct bootp *bootp, size_t bootp_len, 289 uint8_t option) 290 { 291 const uint8_t *p; 292 size_t len; 293 294 p = get_option(ctx, bootp, bootp_len, option, &len); 295 if (!p || len < (ssize_t)sizeof(a->s_addr)) 296 return -1; 297 memcpy(&a->s_addr, p, sizeof(a->s_addr)); 298 return 0; 299 } 300 301 static int 302 get_option_uint32(struct dhcpcd_ctx *ctx, 303 uint32_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 304 { 305 const uint8_t *p; 306 size_t len; 307 uint32_t d; 308 309 p = get_option(ctx, bootp, bootp_len, option, &len); 310 if (!p || len < (ssize_t)sizeof(d)) 311 return -1; 312 memcpy(&d, p, sizeof(d)); 313 if (i) 314 *i = ntohl(d); 315 return 0; 316 } 317 318 static int 319 get_option_uint16(struct dhcpcd_ctx *ctx, 320 uint16_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 321 { 322 const uint8_t *p; 323 size_t len; 324 uint16_t d; 325 326 p = get_option(ctx, bootp, bootp_len, option, &len); 327 if (!p || len < (ssize_t)sizeof(d)) 328 return -1; 329 memcpy(&d, p, sizeof(d)); 330 if (i) 331 *i = ntohs(d); 332 return 0; 333 } 334 335 static int 336 get_option_uint8(struct dhcpcd_ctx *ctx, 337 uint8_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 338 { 339 const uint8_t *p; 340 size_t len; 341 342 p = get_option(ctx, bootp, bootp_len, option, &len); 343 if (!p || len < (ssize_t)sizeof(*p)) 344 return -1; 345 if (i) 346 *i = *(p); 347 return 0; 348 } 349 350 ssize_t 351 print_rfc3442(FILE *fp, const uint8_t *data, size_t data_len) 352 { 353 const uint8_t *p = data, *e; 354 size_t ocets; 355 uint8_t cidr; 356 struct in_addr addr; 357 358 /* Minimum is 5 -first is CIDR and a router length of 4 */ 359 if (data_len < 5) { 360 errno = EINVAL; 361 return -1; 362 } 363 364 e = p + data_len; 365 while (p < e) { 366 if (p != data) { 367 if (fputc(' ', fp) == EOF) 368 return -1; 369 } 370 cidr = *p++; 371 if (cidr > 32) { 372 errno = EINVAL; 373 return -1; 374 } 375 ocets = (size_t)(cidr + 7) / NBBY; 376 if (p + 4 + ocets > e) { 377 errno = ERANGE; 378 return -1; 379 } 380 /* If we have ocets then we have a destination and netmask */ 381 addr.s_addr = 0; 382 if (ocets > 0) { 383 memcpy(&addr.s_addr, p, ocets); 384 p += ocets; 385 } 386 if (fprintf(fp, "%s/%d", inet_ntoa(addr), cidr) == -1) 387 return -1; 388 389 /* Finally, snag the router */ 390 memcpy(&addr.s_addr, p, 4); 391 p += 4; 392 if (fprintf(fp, " %s", inet_ntoa(addr)) == -1) 393 return -1; 394 } 395 396 if (fputc('\0', fp) == EOF) 397 return -1; 398 return 1; 399 } 400 401 static int 402 decode_rfc3442_rt(rb_tree_t *routes, struct interface *ifp, 403 const uint8_t *data, size_t dl, const struct bootp *bootp) 404 { 405 const uint8_t *p = data; 406 const uint8_t *e; 407 uint8_t cidr; 408 size_t ocets; 409 struct rt *rt = NULL; 410 struct in_addr dest, netmask, gateway; 411 int n; 412 413 /* Minimum is 5 -first is CIDR and a router length of 4 */ 414 if (dl < 5) { 415 errno = EINVAL; 416 return -1; 417 } 418 419 n = 0; 420 e = p + dl; 421 while (p < e) { 422 cidr = *p++; 423 if (cidr > 32) { 424 errno = EINVAL; 425 return -1; 426 } 427 428 ocets = (size_t)(cidr + 7) / NBBY; 429 if (p + 4 + ocets > e) { 430 errno = ERANGE; 431 return -1; 432 } 433 434 if ((rt = rt_new(ifp)) == NULL) 435 return -1; 436 437 /* If we have ocets then we have a destination and netmask */ 438 dest.s_addr = 0; 439 if (ocets > 0) { 440 memcpy(&dest.s_addr, p, ocets); 441 p += ocets; 442 netmask.s_addr = htonl(~0U << (32 - cidr)); 443 } else 444 netmask.s_addr = 0; 445 446 /* Finally, snag the router */ 447 memcpy(&gateway.s_addr, p, 4); 448 p += 4; 449 450 /* An on-link host route is normally set by having the 451 * gateway match the destination or assigned address */ 452 if (gateway.s_addr == dest.s_addr || 453 (gateway.s_addr == bootp->yiaddr || 454 gateway.s_addr == bootp->ciaddr)) 455 { 456 gateway.s_addr = INADDR_ANY; 457 netmask.s_addr = INADDR_BROADCAST; 458 } 459 if (netmask.s_addr == INADDR_BROADCAST) 460 rt->rt_flags = RTF_HOST; 461 462 sa_in_init(&rt->rt_dest, &dest); 463 sa_in_init(&rt->rt_netmask, &netmask); 464 sa_in_init(&rt->rt_gateway, &gateway); 465 if (rt_proto_add(routes, rt)) 466 n = 1; 467 } 468 return n; 469 } 470 471 ssize_t 472 print_rfc3361(FILE *fp, const uint8_t *data, size_t dl) 473 { 474 uint8_t enc; 475 char sip[NS_MAXDNAME]; 476 struct in_addr addr; 477 478 if (dl < 2) { 479 errno = EINVAL; 480 return 0; 481 } 482 483 enc = *data++; 484 dl--; 485 switch (enc) { 486 case 0: 487 if (decode_rfc1035(sip, sizeof(sip), data, dl) == -1) 488 return -1; 489 if (efprintf(fp, "%s", sip) == -1) 490 return -1; 491 break; 492 case 1: 493 if (dl % 4 != 0) { 494 errno = EINVAL; 495 break; 496 } 497 addr.s_addr = INADDR_BROADCAST; 498 for (; 499 dl != 0; 500 data += sizeof(addr.s_addr), dl -= sizeof(addr.s_addr)) 501 { 502 memcpy(&addr.s_addr, data, sizeof(addr.s_addr)); 503 if (fprintf(fp, "%s", inet_ntoa(addr)) == -1) 504 return -1; 505 if (dl != sizeof(addr.s_addr)) { 506 if (fputc(' ', fp) == EOF) 507 return -1; 508 } 509 } 510 if (fputc('\0', fp) == EOF) 511 return -1; 512 break; 513 default: 514 errno = EINVAL; 515 return 0; 516 } 517 518 return 1; 519 } 520 521 static char * 522 get_option_string(struct dhcpcd_ctx *ctx, 523 const struct bootp *bootp, size_t bootp_len, uint8_t option) 524 { 525 size_t len; 526 const uint8_t *p; 527 char *s; 528 529 p = get_option(ctx, bootp, bootp_len, option, &len); 530 if (!p || len == 0 || *p == '\0') 531 return NULL; 532 533 s = malloc(sizeof(char) * (len + 1)); 534 if (s) { 535 memcpy(s, p, len); 536 s[len] = '\0'; 537 } 538 return s; 539 } 540 541 /* This calculates the netmask that we should use for static routes. 542 * This IS different from the calculation used to calculate the netmask 543 * for an interface address. */ 544 static uint32_t 545 route_netmask(uint32_t ip_in) 546 { 547 /* used to be unsigned long - check if error */ 548 uint32_t p = ntohl(ip_in); 549 uint32_t t; 550 551 if (IN_CLASSA(p)) 552 t = ~IN_CLASSA_NET; 553 else { 554 if (IN_CLASSB(p)) 555 t = ~IN_CLASSB_NET; 556 else { 557 if (IN_CLASSC(p)) 558 t = ~IN_CLASSC_NET; 559 else 560 t = 0; 561 } 562 } 563 564 while (t & p) 565 t >>= 1; 566 567 return (htonl(~t)); 568 } 569 570 /* We need to obey routing options. 571 * If we have a CSR then we only use that. 572 * Otherwise we add static routes and then routers. */ 573 static int 574 get_option_routes(rb_tree_t *routes, struct interface *ifp, 575 const struct bootp *bootp, size_t bootp_len) 576 { 577 struct if_options *ifo = ifp->options; 578 const uint8_t *p; 579 const uint8_t *e; 580 struct rt *rt = NULL; 581 struct in_addr dest, netmask, gateway; 582 size_t len; 583 const char *csr = ""; 584 int n; 585 586 /* If we have CSR's then we MUST use these only */ 587 if (!has_option_mask(ifo->nomask, DHO_CSR)) 588 p = get_option(ifp->ctx, bootp, bootp_len, DHO_CSR, &len); 589 else 590 p = NULL; 591 /* Check for crappy MS option */ 592 if (!p && !has_option_mask(ifo->nomask, DHO_MSCSR)) { 593 p = get_option(ifp->ctx, bootp, bootp_len, DHO_MSCSR, &len); 594 if (p) 595 csr = "MS "; 596 } 597 if (p && (n = decode_rfc3442_rt(routes, ifp, p, len, bootp)) != -1) { 598 const struct dhcp_state *state; 599 600 state = D_CSTATE(ifp); 601 if (!(ifo->options & DHCPCD_CSR_WARNED) && 602 !(state->added & STATE_FAKE)) 603 { 604 logdebugx("%s: using %sClassless Static Routes", 605 ifp->name, csr); 606 ifo->options |= DHCPCD_CSR_WARNED; 607 } 608 return n; 609 } 610 611 n = 0; 612 /* OK, get our static routes first. */ 613 if (!has_option_mask(ifo->nomask, DHO_STATICROUTE)) 614 p = get_option(ifp->ctx, bootp, bootp_len, 615 DHO_STATICROUTE, &len); 616 else 617 p = NULL; 618 /* RFC 2131 Section 5.8 states length MUST be in multiples of 8 */ 619 if (p && len % 8 == 0) { 620 e = p + len; 621 while (p < e) { 622 memcpy(&dest.s_addr, p, sizeof(dest.s_addr)); 623 p += 4; 624 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 625 p += 4; 626 /* RFC 2131 Section 5.8 states default route is 627 * illegal */ 628 if (gateway.s_addr == INADDR_ANY) 629 continue; 630 if ((rt = rt_new(ifp)) == NULL) 631 return -1; 632 633 /* A on-link host route is normally set by having the 634 * gateway match the destination or assigned address */ 635 if (gateway.s_addr == dest.s_addr || 636 (gateway.s_addr == bootp->yiaddr || 637 gateway.s_addr == bootp->ciaddr)) 638 { 639 gateway.s_addr = INADDR_ANY; 640 netmask.s_addr = INADDR_BROADCAST; 641 } else 642 netmask.s_addr = route_netmask(dest.s_addr); 643 if (netmask.s_addr == INADDR_BROADCAST) 644 rt->rt_flags = RTF_HOST; 645 646 sa_in_init(&rt->rt_dest, &dest); 647 sa_in_init(&rt->rt_netmask, &netmask); 648 sa_in_init(&rt->rt_gateway, &gateway); 649 if (rt_proto_add(routes, rt)) 650 n++; 651 } 652 } 653 654 /* Now grab our routers */ 655 if (!has_option_mask(ifo->nomask, DHO_ROUTER)) 656 p = get_option(ifp->ctx, bootp, bootp_len, DHO_ROUTER, &len); 657 else 658 p = NULL; 659 if (p && len % 4 == 0) { 660 e = p + len; 661 dest.s_addr = INADDR_ANY; 662 netmask.s_addr = INADDR_ANY; 663 while (p < e) { 664 if ((rt = rt_new(ifp)) == NULL) 665 return -1; 666 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 667 p += 4; 668 sa_in_init(&rt->rt_dest, &dest); 669 sa_in_init(&rt->rt_netmask, &netmask); 670 sa_in_init(&rt->rt_gateway, &gateway); 671 if (rt_proto_add(routes, rt)) 672 n++; 673 } 674 } 675 676 return n; 677 } 678 679 uint16_t 680 dhcp_get_mtu(const struct interface *ifp) 681 { 682 const struct dhcp_state *state; 683 uint16_t mtu; 684 685 if (ifp->options->mtu) 686 return (uint16_t)ifp->options->mtu; 687 mtu = 0; /* bogus gcc warning */ 688 if ((state = D_CSTATE(ifp)) == NULL || 689 has_option_mask(ifp->options->nomask, DHO_MTU) || 690 get_option_uint16(ifp->ctx, &mtu, 691 state->new, state->new_len, DHO_MTU) == -1) 692 return 0; 693 return mtu; 694 } 695 696 /* Grab our routers from the DHCP message and apply any MTU value 697 * the message contains */ 698 int 699 dhcp_get_routes(rb_tree_t *routes, struct interface *ifp) 700 { 701 const struct dhcp_state *state; 702 703 if ((state = D_CSTATE(ifp)) == NULL || !(state->added & STATE_ADDED)) 704 return 0; 705 return get_option_routes(routes, ifp, state->new, state->new_len); 706 } 707 708 /* Assumes DHCP options */ 709 static int 710 dhcp_message_add_addr(struct bootp *bootp, 711 uint8_t type, struct in_addr addr) 712 { 713 uint8_t *p; 714 size_t len; 715 716 p = bootp->vend; 717 while (*p != DHO_END) { 718 p++; 719 p += *p + 1; 720 } 721 722 len = (size_t)(p - bootp->vend); 723 if (len + 6 > sizeof(bootp->vend)) { 724 errno = ENOMEM; 725 return -1; 726 } 727 728 *p++ = type; 729 *p++ = 4; 730 memcpy(p, &addr.s_addr, 4); 731 p += 4; 732 *p = DHO_END; 733 return 0; 734 } 735 736 static ssize_t 737 make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type) 738 { 739 struct bootp *bootp; 740 uint8_t *lp, *p, *e; 741 uint8_t *n_params = NULL; 742 uint32_t ul; 743 uint16_t sz; 744 size_t len, i; 745 const struct dhcp_opt *opt; 746 struct if_options *ifo = ifp->options; 747 const struct dhcp_state *state = D_CSTATE(ifp); 748 const struct dhcp_lease *lease = &state->lease; 749 char hbuf[HOSTNAME_MAX_LEN + 1]; 750 const char *hostname; 751 const struct vivco *vivco; 752 int mtu; 753 #ifdef AUTH 754 uint8_t *auth, auth_len; 755 #endif 756 757 if ((mtu = if_getmtu(ifp)) == -1) 758 logerr("%s: if_getmtu", ifp->name); 759 else if (mtu < MTU_MIN) { 760 if (if_setmtu(ifp, MTU_MIN) == -1) 761 logerr("%s: if_setmtu", ifp->name); 762 mtu = MTU_MIN; 763 } 764 765 if (ifo->options & DHCPCD_BOOTP) 766 bootp = calloc(1, sizeof (*bootp)); 767 else 768 /* Make the maximal message we could send */ 769 bootp = calloc(1, (size_t)(mtu - IP_UDP_SIZE)); 770 771 if (bootp == NULL) 772 return -1; 773 *bootpm = bootp; 774 775 if (state->addr != NULL && 776 (type == DHCP_INFORM || type == DHCP_RELEASE || 777 (type == DHCP_REQUEST && 778 state->addr->mask.s_addr == lease->mask.s_addr && 779 (state->new == NULL || IS_DHCP(state->new)) && 780 !(state->added & (STATE_FAKE | STATE_EXPIRED))))) 781 bootp->ciaddr = state->addr->addr.s_addr; 782 783 bootp->op = BOOTREQUEST; 784 bootp->htype = (uint8_t)ifp->hwtype; 785 if (ifp->hwlen != 0 && ifp->hwlen < sizeof(bootp->chaddr)) { 786 bootp->hlen = (uint8_t)ifp->hwlen; 787 memcpy(&bootp->chaddr, &ifp->hwaddr, ifp->hwlen); 788 } 789 790 if (ifo->options & DHCPCD_BROADCAST && 791 bootp->ciaddr == 0 && 792 type != DHCP_DECLINE && 793 type != DHCP_RELEASE) 794 bootp->flags = htons(BROADCAST_FLAG); 795 796 if (type != DHCP_DECLINE && type != DHCP_RELEASE) { 797 struct timespec tv; 798 unsigned long long secs; 799 800 clock_gettime(CLOCK_MONOTONIC, &tv); 801 secs = eloop_timespec_diff(&tv, &state->started, NULL); 802 if (secs > UINT16_MAX) 803 bootp->secs = htons((uint16_t)UINT16_MAX); 804 else 805 bootp->secs = htons((uint16_t)secs); 806 } 807 808 bootp->xid = htonl(state->xid); 809 810 if (ifo->options & DHCPCD_BOOTP) 811 return sizeof(*bootp); 812 813 p = bootp->vend; 814 e = (uint8_t *)bootp + (mtu - IP_UDP_SIZE) - 1; /* -1 for DHO_END */ 815 816 ul = htonl(MAGIC_COOKIE); 817 memcpy(p, &ul, sizeof(ul)); 818 p += sizeof(ul); 819 820 #define AREA_LEFT (size_t)(e - p) 821 #define AREA_FIT(s) if ((s) > AREA_LEFT) goto toobig 822 #define AREA_CHECK(s) if ((s) + 2UL > AREA_LEFT) goto toobig 823 #define PUT_ADDR(o, a) do { \ 824 AREA_CHECK(4); \ 825 *p++ = (o); \ 826 *p++ = 4; \ 827 memcpy(p, &(a)->s_addr, 4); \ 828 p += 4; \ 829 } while (0 /* CONSTCOND */) 830 831 /* Options are listed in numerical order as per RFC 7844 Section 3.1 832 * XXX: They should be randomised. */ 833 834 bool putip = false; 835 if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) { 836 if (type == DHCP_DECLINE || 837 (type == DHCP_REQUEST && 838 (state->addr == NULL || 839 state->added & (STATE_FAKE | STATE_EXPIRED) || 840 lease->addr.s_addr != state->addr->addr.s_addr))) 841 { 842 putip = true; 843 PUT_ADDR(DHO_IPADDRESS, &lease->addr); 844 } 845 } 846 847 AREA_CHECK(3); 848 *p++ = DHO_MESSAGETYPE; 849 *p++ = 1; 850 *p++ = type; 851 852 if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) { 853 if (type == DHCP_RELEASE || putip) { 854 if (lease->server.s_addr) 855 PUT_ADDR(DHO_SERVERID, &lease->server); 856 } 857 } 858 859 if (type == DHCP_DECLINE) { 860 len = strlen(DAD); 861 if (len > AREA_LEFT) { 862 *p++ = DHO_MESSAGE; 863 *p++ = (uint8_t)len; 864 memcpy(p, DAD, len); 865 p += len; 866 } 867 } 868 869 #define DHCP_DIR(type) ((type) == DHCP_DISCOVER || (type) == DHCP_INFORM || \ 870 (type) == DHCP_REQUEST) 871 872 if (DHCP_DIR(type)) { 873 /* vendor is already encoded correctly, so just add it */ 874 if (ifo->vendor[0]) { 875 AREA_CHECK(ifo->vendor[0]); 876 *p++ = DHO_VENDOR; 877 memcpy(p, ifo->vendor, (size_t)ifo->vendor[0] + 1); 878 p += ifo->vendor[0] + 1; 879 } 880 } 881 882 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_REQUEST) 883 PUT_ADDR(DHO_IPADDRESS, &ifo->req_addr); 884 885 if (DHCP_DIR(type)) { 886 if (type != DHCP_INFORM) { 887 if (ifo->leasetime != 0) { 888 AREA_CHECK(4); 889 *p++ = DHO_LEASETIME; 890 *p++ = 4; 891 ul = htonl(ifo->leasetime); 892 memcpy(p, &ul, 4); 893 p += 4; 894 } 895 } 896 897 AREA_CHECK(0); 898 *p++ = DHO_PARAMETERREQUESTLIST; 899 n_params = p; 900 *p++ = 0; 901 for (i = 0, opt = ifp->ctx->dhcp_opts; 902 i < ifp->ctx->dhcp_opts_len; 903 i++, opt++) 904 { 905 if (!DHC_REQOPT(opt, ifo->requestmask, ifo->nomask)) 906 continue; 907 if (type == DHCP_INFORM && 908 (opt->option == DHO_RENEWALTIME || 909 opt->option == DHO_REBINDTIME)) 910 continue; 911 AREA_FIT(1); 912 *p++ = (uint8_t)opt->option; 913 } 914 for (i = 0, opt = ifo->dhcp_override; 915 i < ifo->dhcp_override_len; 916 i++, opt++) 917 { 918 /* Check if added above */ 919 for (lp = n_params + 1; lp < p; lp++) 920 if (*lp == (uint8_t)opt->option) 921 break; 922 if (lp < p) 923 continue; 924 if (!DHC_REQOPT(opt, ifo->requestmask, ifo->nomask)) 925 continue; 926 if (type == DHCP_INFORM && 927 (opt->option == DHO_RENEWALTIME || 928 opt->option == DHO_REBINDTIME)) 929 continue; 930 AREA_FIT(1); 931 *p++ = (uint8_t)opt->option; 932 } 933 *n_params = (uint8_t)(p - n_params - 1); 934 935 if (mtu != -1 && 936 !(has_option_mask(ifo->nomask, DHO_MAXMESSAGESIZE))) 937 { 938 AREA_CHECK(2); 939 *p++ = DHO_MAXMESSAGESIZE; 940 *p++ = 2; 941 sz = htons((uint16_t)(mtu - IP_UDP_SIZE)); 942 memcpy(p, &sz, 2); 943 p += 2; 944 } 945 946 if (ifo->userclass[0] && 947 !has_option_mask(ifo->nomask, DHO_USERCLASS)) 948 { 949 AREA_CHECK(ifo->userclass[0]); 950 *p++ = DHO_USERCLASS; 951 memcpy(p, ifo->userclass, 952 (size_t)ifo->userclass[0] + 1); 953 p += ifo->userclass[0] + 1; 954 } 955 } 956 957 if (state->clientid) { 958 AREA_CHECK(state->clientid[0]); 959 *p++ = DHO_CLIENTID; 960 memcpy(p, state->clientid, (size_t)state->clientid[0] + 1); 961 p += state->clientid[0] + 1; 962 } 963 964 if (DHCP_DIR(type) && 965 !has_option_mask(ifo->nomask, DHO_VENDORCLASSID) && 966 ifo->vendorclassid[0]) 967 { 968 AREA_CHECK(ifo->vendorclassid[0]); 969 *p++ = DHO_VENDORCLASSID; 970 memcpy(p, ifo->vendorclassid, (size_t)ifo->vendorclassid[0]+1); 971 p += ifo->vendorclassid[0] + 1; 972 } 973 974 if (type == DHCP_DISCOVER && 975 !(ifp->ctx->options & DHCPCD_TEST) && 976 DHC_REQ(ifo->requestmask, ifo->nomask, DHO_RAPIDCOMMIT)) 977 { 978 /* RFC 4039 Section 3 */ 979 AREA_CHECK(0); 980 *p++ = DHO_RAPIDCOMMIT; 981 *p++ = 0; 982 } 983 984 if (DHCP_DIR(type)) { 985 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo); 986 987 /* 988 * RFC4702 3.1 States that if we send the Client FQDN option 989 * then we MUST NOT also send the Host Name option. 990 * Technically we could, but that is not RFC conformant and 991 * also seems to break some DHCP server implemetations such as 992 * Windows. On the other hand, ISC dhcpd is just as non RFC 993 * conformant by not accepting a partially qualified FQDN. 994 */ 995 if (ifo->fqdn != FQDN_DISABLE) { 996 /* IETF DHC-FQDN option (81), RFC4702 */ 997 i = 3; 998 if (hostname) 999 i += encode_rfc1035(hostname, NULL); 1000 AREA_CHECK(i); 1001 *p++ = DHO_FQDN; 1002 *p++ = (uint8_t)i; 1003 /* 1004 * Flags: 0000NEOS 1005 * S: 1 => Client requests Server to update 1006 * a RR in DNS as well as PTR 1007 * O: 1 => Server indicates to client that 1008 * DNS has been updated 1009 * E: 1 => Name data is DNS format 1010 * N: 1 => Client requests Server to not 1011 * update DNS 1012 */ 1013 if (hostname) 1014 *p++ = (uint8_t)((ifo->fqdn & 0x09) | 0x04); 1015 else 1016 *p++ = (FQDN_NONE & 0x09) | 0x04; 1017 *p++ = 0; /* from server for PTR RR */ 1018 *p++ = 0; /* from server for A RR if S=1 */ 1019 if (hostname) { 1020 i = encode_rfc1035(hostname, p); 1021 p += i; 1022 } 1023 } else if (ifo->options & DHCPCD_HOSTNAME && hostname) { 1024 len = strlen(hostname); 1025 AREA_CHECK(len); 1026 *p++ = DHO_HOSTNAME; 1027 *p++ = (uint8_t)len; 1028 memcpy(p, hostname, len); 1029 p += len; 1030 } 1031 } 1032 1033 #ifdef AUTH 1034 auth = NULL; /* appease GCC */ 1035 auth_len = 0; 1036 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 1037 ssize_t alen = dhcp_auth_encode(ifp->ctx, &ifo->auth, 1038 state->auth.token, 1039 NULL, 0, 4, type, NULL, 0); 1040 if (alen != -1 && alen > UINT8_MAX) { 1041 errno = ERANGE; 1042 alen = -1; 1043 } 1044 if (alen == -1) 1045 logerr("%s: dhcp_auth_encode", ifp->name); 1046 else if (alen != 0) { 1047 auth_len = (uint8_t)alen; 1048 AREA_CHECK(auth_len); 1049 *p++ = DHO_AUTHENTICATION; 1050 *p++ = auth_len; 1051 auth = p; 1052 p += auth_len; 1053 } 1054 } 1055 #endif 1056 1057 /* RFC 2563 Auto Configure */ 1058 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_IPV4LL && 1059 !(has_option_mask(ifo->nomask, DHO_AUTOCONFIGURE))) 1060 { 1061 AREA_CHECK(1); 1062 *p++ = DHO_AUTOCONFIGURE; 1063 *p++ = 1; 1064 *p++ = 1; 1065 } 1066 1067 if (DHCP_DIR(type)) { 1068 if (ifo->mudurl[0]) { 1069 AREA_CHECK(ifo->mudurl[0]); 1070 *p++ = DHO_MUDURL; 1071 memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1); 1072 p += ifo->mudurl[0] + 1; 1073 } 1074 1075 if (ifo->vivco_len && 1076 !has_option_mask(ifo->nomask, DHO_VIVCO)) 1077 { 1078 AREA_CHECK(sizeof(ul)); 1079 *p++ = DHO_VIVCO; 1080 lp = p++; 1081 *lp = sizeof(ul); 1082 ul = htonl(ifo->vivco_en); 1083 memcpy(p, &ul, sizeof(ul)); 1084 p += sizeof(ul); 1085 for (i = 0, vivco = ifo->vivco; 1086 i < ifo->vivco_len; 1087 i++, vivco++) 1088 { 1089 AREA_FIT(vivco->len); 1090 if (vivco->len + 2 + *lp > 255) { 1091 logerrx("%s: VIVCO option too big", 1092 ifp->name); 1093 free(bootp); 1094 return -1; 1095 } 1096 *p++ = (uint8_t)vivco->len; 1097 memcpy(p, vivco->data, vivco->len); 1098 p += vivco->len; 1099 *lp = (uint8_t)(*lp + vivco->len + 1); 1100 } 1101 } 1102 1103 #ifdef AUTH 1104 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 1105 DHCPCD_AUTH_SENDREQUIRE && 1106 !has_option_mask(ifo->nomask, DHO_FORCERENEW_NONCE)) 1107 { 1108 /* We support HMAC-MD5 */ 1109 AREA_CHECK(1); 1110 *p++ = DHO_FORCERENEW_NONCE; 1111 *p++ = 1; 1112 *p++ = AUTH_ALG_HMAC_MD5; 1113 } 1114 #endif 1115 } 1116 1117 *p++ = DHO_END; 1118 len = (size_t)(p - (uint8_t *)bootp); 1119 1120 /* Pad out to the BOOTP message length. 1121 * Even if we send a DHCP packet with a variable length vendor area, 1122 * some servers / relay agents don't like packets smaller than 1123 * a BOOTP message which is fine because that's stipulated 1124 * in RFC1542 section 2.1. */ 1125 while (len < sizeof(*bootp)) { 1126 *p++ = DHO_PAD; 1127 len++; 1128 } 1129 1130 #ifdef AUTH 1131 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) 1132 dhcp_auth_encode(ifp->ctx, &ifo->auth, state->auth.token, 1133 (uint8_t *)bootp, len, 4, type, auth, auth_len); 1134 #endif 1135 1136 return (ssize_t)len; 1137 1138 toobig: 1139 logerrx("%s: DHCP message too big", ifp->name); 1140 free(bootp); 1141 return -1; 1142 } 1143 1144 static size_t 1145 read_lease(struct interface *ifp, struct bootp **bootp) 1146 { 1147 union { 1148 struct bootp bootp; 1149 uint8_t buf[FRAMELEN_MAX]; 1150 } buf; 1151 struct dhcp_state *state = D_STATE(ifp); 1152 ssize_t sbytes; 1153 size_t bytes; 1154 uint8_t type; 1155 #ifdef AUTH 1156 const uint8_t *auth; 1157 size_t auth_len; 1158 #endif 1159 1160 /* Safety */ 1161 *bootp = NULL; 1162 1163 if (state->leasefile[0] == '\0') { 1164 logdebugx("reading standard input"); 1165 sbytes = read(fileno(stdin), buf.buf, sizeof(buf.buf)); 1166 } else { 1167 logdebugx("%s: reading lease: %s", 1168 ifp->name, state->leasefile); 1169 sbytes = dhcp_readfile(ifp->ctx, state->leasefile, 1170 buf.buf, sizeof(buf.buf)); 1171 } 1172 if (sbytes == -1) { 1173 if (errno != ENOENT) 1174 logerr("%s: %s", ifp->name, state->leasefile); 1175 return 0; 1176 } 1177 bytes = (size_t)sbytes; 1178 1179 /* Ensure the packet is at lease BOOTP sized 1180 * with a vendor area of 4 octets 1181 * (it should be more, and our read packet enforces this so this 1182 * code should not be needed, but of course people could 1183 * scribble whatever in the stored lease file. */ 1184 if (bytes < DHCP_MIN_LEN) { 1185 logerrx("%s: %s: truncated lease", ifp->name, __func__); 1186 return 0; 1187 } 1188 1189 if (ifp->ctx->options & DHCPCD_DUMPLEASE) 1190 goto out; 1191 1192 /* We may have found a BOOTP server */ 1193 if (get_option_uint8(ifp->ctx, &type, &buf.bootp, bytes, 1194 DHO_MESSAGETYPE) == -1) 1195 type = 0; 1196 1197 #ifdef AUTH 1198 /* Authenticate the message */ 1199 auth = get_option(ifp->ctx, &buf.bootp, bytes, 1200 DHO_AUTHENTICATION, &auth_len); 1201 if (auth) { 1202 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 1203 &buf.bootp, bytes, 4, type, auth, auth_len) == NULL) 1204 { 1205 logerr("%s: authentication failed", ifp->name); 1206 return 0; 1207 } 1208 if (state->auth.token) 1209 logdebugx("%s: validated using 0x%08" PRIu32, 1210 ifp->name, state->auth.token->secretid); 1211 else 1212 logdebugx("%s: accepted reconfigure key", ifp->name); 1213 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) == 1214 DHCPCD_AUTH_SENDREQUIRE) 1215 { 1216 logerrx("%s: authentication now required", ifp->name); 1217 return 0; 1218 } 1219 #endif 1220 1221 out: 1222 *bootp = malloc(bytes); 1223 if (*bootp == NULL) { 1224 logerr(__func__); 1225 return 0; 1226 } 1227 memcpy(*bootp, buf.buf, bytes); 1228 return bytes; 1229 } 1230 1231 static const struct dhcp_opt * 1232 dhcp_getoverride(const struct if_options *ifo, unsigned int o) 1233 { 1234 size_t i; 1235 const struct dhcp_opt *opt; 1236 1237 for (i = 0, opt = ifo->dhcp_override; 1238 i < ifo->dhcp_override_len; 1239 i++, opt++) 1240 { 1241 if (opt->option == o) 1242 return opt; 1243 } 1244 return NULL; 1245 } 1246 1247 static const uint8_t * 1248 dhcp_getoption(struct dhcpcd_ctx *ctx, 1249 size_t *os, unsigned int *code, size_t *len, 1250 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 1251 { 1252 size_t i; 1253 struct dhcp_opt *opt; 1254 1255 if (od) { 1256 if (ol < 2) { 1257 errno = EINVAL; 1258 return NULL; 1259 } 1260 *os = 2; /* code + len */ 1261 *code = (unsigned int)*od++; 1262 *len = (size_t)*od++; 1263 if (*len > ol - *os) { 1264 errno = ERANGE; 1265 return NULL; 1266 } 1267 } 1268 1269 *oopt = NULL; 1270 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 1271 if (opt->option == *code) { 1272 *oopt = opt; 1273 break; 1274 } 1275 } 1276 1277 return od; 1278 } 1279 1280 ssize_t 1281 dhcp_env(FILE *fenv, const char *prefix, const struct interface *ifp, 1282 const struct bootp *bootp, size_t bootp_len) 1283 { 1284 const struct if_options *ifo; 1285 const uint8_t *p; 1286 struct in_addr addr; 1287 struct in_addr net; 1288 struct in_addr brd; 1289 struct dhcp_opt *opt, *vo; 1290 size_t i, pl; 1291 char safe[(BOOTP_FILE_LEN * 4) + 1]; 1292 uint8_t overl = 0; 1293 uint32_t en; 1294 1295 ifo = ifp->options; 1296 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 1297 DHO_OPTSOVERLOADED) == -1) 1298 overl = 0; 1299 1300 if (bootp->yiaddr || bootp->ciaddr) { 1301 /* Set some useful variables that we derive from the DHCP 1302 * message but are not necessarily in the options */ 1303 addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1304 if (efprintf(fenv, "%s_ip_address=%s", 1305 prefix, inet_ntoa(addr)) == -1) 1306 return -1; 1307 if (get_option_addr(ifp->ctx, &net, 1308 bootp, bootp_len, DHO_SUBNETMASK) == -1) { 1309 net.s_addr = ipv4_getnetmask(addr.s_addr); 1310 if (efprintf(fenv, "%s_subnet_mask=%s", 1311 prefix, inet_ntoa(net)) == -1) 1312 return -1; 1313 } 1314 if (efprintf(fenv, "%s_subnet_cidr=%d", 1315 prefix, inet_ntocidr(net))== -1) 1316 return -1; 1317 if (get_option_addr(ifp->ctx, &brd, 1318 bootp, bootp_len, DHO_BROADCAST) == -1) 1319 { 1320 brd.s_addr = addr.s_addr | ~net.s_addr; 1321 if (efprintf(fenv, "%s_broadcast_address=%s", 1322 prefix, inet_ntoa(brd)) == -1) 1323 return -1; 1324 } 1325 addr.s_addr = bootp->yiaddr & net.s_addr; 1326 if (efprintf(fenv, "%s_network_number=%s", 1327 prefix, inet_ntoa(addr)) == -1) 1328 return -1; 1329 } 1330 1331 if (*bootp->file && !(overl & 1)) { 1332 print_string(safe, sizeof(safe), OT_STRING, 1333 bootp->file, sizeof(bootp->file)); 1334 if (efprintf(fenv, "%s_filename=%s", prefix, safe) == -1) 1335 return -1; 1336 } 1337 if (*bootp->sname && !(overl & 2)) { 1338 print_string(safe, sizeof(safe), OT_STRING | OT_DOMAIN, 1339 bootp->sname, sizeof(bootp->sname)); 1340 if (efprintf(fenv, "%s_server_name=%s", prefix, safe) == -1) 1341 return -1; 1342 } 1343 1344 /* Zero our indexes */ 1345 for (i = 0, opt = ifp->ctx->dhcp_opts; 1346 i < ifp->ctx->dhcp_opts_len; 1347 i++, opt++) 1348 dhcp_zero_index(opt); 1349 for (i = 0, opt = ifp->options->dhcp_override; 1350 i < ifp->options->dhcp_override_len; 1351 i++, opt++) 1352 dhcp_zero_index(opt); 1353 for (i = 0, opt = ifp->ctx->vivso; 1354 i < ifp->ctx->vivso_len; 1355 i++, opt++) 1356 dhcp_zero_index(opt); 1357 1358 for (i = 0, opt = ifp->ctx->dhcp_opts; 1359 i < ifp->ctx->dhcp_opts_len; 1360 i++, opt++) 1361 { 1362 if (has_option_mask(ifo->nomask, opt->option)) 1363 continue; 1364 if (dhcp_getoverride(ifo, opt->option)) 1365 continue; 1366 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1367 if (p == NULL) 1368 continue; 1369 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1370 opt, dhcp_getoption, p, pl); 1371 1372 if (opt->option != DHO_VIVSO || pl <= (int)sizeof(uint32_t)) 1373 continue; 1374 memcpy(&en, p, sizeof(en)); 1375 en = ntohl(en); 1376 vo = vivso_find(en, ifp); 1377 if (vo == NULL) 1378 continue; 1379 /* Skip over en + total size */ 1380 p += sizeof(en) + 1; 1381 pl -= sizeof(en) + 1; 1382 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1383 vo, dhcp_getoption, p, pl); 1384 } 1385 1386 for (i = 0, opt = ifo->dhcp_override; 1387 i < ifo->dhcp_override_len; 1388 i++, opt++) 1389 { 1390 if (has_option_mask(ifo->nomask, opt->option)) 1391 continue; 1392 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1393 if (p == NULL) 1394 continue; 1395 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1396 opt, dhcp_getoption, p, pl); 1397 } 1398 1399 return 1; 1400 } 1401 1402 static void 1403 get_lease(struct interface *ifp, 1404 struct dhcp_lease *lease, const struct bootp *bootp, size_t len) 1405 { 1406 struct dhcpcd_ctx *ctx; 1407 1408 assert(bootp != NULL); 1409 1410 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 1411 /* BOOTP does not set yiaddr for replies when ciaddr is set. */ 1412 lease->addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1413 ctx = ifp->ctx; 1414 if (ifp->options->options & (DHCPCD_STATIC | DHCPCD_INFORM)) { 1415 if (ifp->options->req_addr.s_addr != INADDR_ANY) { 1416 lease->mask = ifp->options->req_mask; 1417 if (ifp->options->req_brd.s_addr != INADDR_ANY) 1418 lease->brd = ifp->options->req_brd; 1419 else 1420 lease->brd.s_addr = 1421 lease->addr.s_addr | ~lease->mask.s_addr; 1422 } else { 1423 const struct ipv4_addr *ia; 1424 1425 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 1426 assert(ia != NULL); 1427 lease->mask = ia->mask; 1428 lease->brd = ia->brd; 1429 } 1430 } else { 1431 if (get_option_addr(ctx, &lease->mask, bootp, len, 1432 DHO_SUBNETMASK) == -1) 1433 lease->mask.s_addr = 1434 ipv4_getnetmask(lease->addr.s_addr); 1435 if (get_option_addr(ctx, &lease->brd, bootp, len, 1436 DHO_BROADCAST) == -1) 1437 lease->brd.s_addr = 1438 lease->addr.s_addr | ~lease->mask.s_addr; 1439 } 1440 if (get_option_uint32(ctx, &lease->leasetime, 1441 bootp, len, DHO_LEASETIME) != 0) 1442 lease->leasetime = DHCP_INFINITE_LIFETIME; 1443 if (get_option_uint32(ctx, &lease->renewaltime, 1444 bootp, len, DHO_RENEWALTIME) != 0) 1445 lease->renewaltime = 0; 1446 if (get_option_uint32(ctx, &lease->rebindtime, 1447 bootp, len, DHO_REBINDTIME) != 0) 1448 lease->rebindtime = 0; 1449 if (get_option_addr(ctx, &lease->server, bootp, len, DHO_SERVERID) != 0) 1450 lease->server.s_addr = INADDR_ANY; 1451 } 1452 1453 static const char * 1454 get_dhcp_op(uint8_t type) 1455 { 1456 const struct dhcp_op *d; 1457 1458 for (d = dhcp_ops; d->name; d++) 1459 if (d->value == type) 1460 return d->name; 1461 return NULL; 1462 } 1463 1464 static void 1465 dhcp_fallback(void *arg) 1466 { 1467 struct interface *iface; 1468 1469 iface = (struct interface *)arg; 1470 dhcpcd_selectprofile(iface, iface->options->fallback); 1471 dhcpcd_startinterface(iface); 1472 } 1473 1474 static void 1475 dhcp_new_xid(struct interface *ifp) 1476 { 1477 struct dhcp_state *state; 1478 const struct interface *ifp1; 1479 const struct dhcp_state *state1; 1480 1481 state = D_STATE(ifp); 1482 if (ifp->options->options & DHCPCD_XID_HWADDR && 1483 ifp->hwlen >= sizeof(state->xid)) 1484 /* The lower bits are probably more unique on the network */ 1485 memcpy(&state->xid, 1486 (ifp->hwaddr + ifp->hwlen) - sizeof(state->xid), 1487 sizeof(state->xid)); 1488 else { 1489 again: 1490 state->xid = arc4random(); 1491 } 1492 1493 /* Ensure it's unique */ 1494 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 1495 if (ifp == ifp1) 1496 continue; 1497 if ((state1 = D_CSTATE(ifp1)) == NULL) 1498 continue; 1499 if (state1->xid == state->xid) 1500 break; 1501 } 1502 if (ifp1 != NULL) { 1503 if (ifp->options->options & DHCPCD_XID_HWADDR && 1504 ifp->hwlen >= sizeof(state->xid)) 1505 { 1506 logerrx("%s: duplicate xid on %s", 1507 ifp->name, ifp1->name); 1508 return; 1509 } 1510 goto again; 1511 } 1512 1513 /* We can't do this when sharing leases across interfaes */ 1514 #if 0 1515 /* As the XID changes, re-apply the filter. */ 1516 if (state->bpf_fd != -1) { 1517 if (bpf_bootp(ifp, state->bpf_fd) == -1) 1518 logerr(__func__); /* try to continue */ 1519 } 1520 #endif 1521 } 1522 1523 static void 1524 dhcp_closebpf(struct interface *ifp) 1525 { 1526 struct dhcpcd_ctx *ctx = ifp->ctx; 1527 struct dhcp_state *state = D_STATE(ifp); 1528 1529 #ifdef PRIVSEP 1530 if (IN_PRIVSEP_SE(ctx)) 1531 ps_bpf_closebootp(ifp); 1532 #endif 1533 1534 if (state->bpf != NULL) { 1535 eloop_event_delete(ctx->eloop, state->bpf->bpf_fd); 1536 bpf_close(state->bpf); 1537 state->bpf = NULL; 1538 } 1539 } 1540 1541 static void 1542 dhcp_closeinet(struct interface *ifp) 1543 { 1544 struct dhcpcd_ctx *ctx = ifp->ctx; 1545 struct dhcp_state *state = D_STATE(ifp); 1546 1547 #ifdef PRIVSEP 1548 if (IN_PRIVSEP_SE(ctx)) { 1549 if (state->addr != NULL) 1550 ps_inet_closebootp(state->addr); 1551 } 1552 #endif 1553 1554 if (state->udp_rfd != -1) { 1555 eloop_event_delete(ctx->eloop, state->udp_rfd); 1556 close(state->udp_rfd); 1557 state->udp_rfd = -1; 1558 } 1559 } 1560 1561 void 1562 dhcp_close(struct interface *ifp) 1563 { 1564 struct dhcp_state *state = D_STATE(ifp); 1565 1566 if (state == NULL) 1567 return; 1568 1569 dhcp_closebpf(ifp); 1570 dhcp_closeinet(ifp); 1571 1572 state->interval = 0; 1573 } 1574 1575 int 1576 dhcp_openudp(struct in_addr *ia) 1577 { 1578 int s; 1579 struct sockaddr_in sin; 1580 int n; 1581 1582 if ((s = xsocket(PF_INET, SOCK_DGRAM | SOCK_CXNB, IPPROTO_UDP)) == -1) 1583 return -1; 1584 1585 n = 1; 1586 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(n)) == -1) 1587 goto errexit; 1588 #ifdef IP_RECVIF 1589 if (setsockopt(s, IPPROTO_IP, IP_RECVIF, &n, sizeof(n)) == -1) 1590 goto errexit; 1591 #else 1592 if (setsockopt(s, IPPROTO_IP, IP_RECVPKTINFO, &n, sizeof(n)) == -1) 1593 goto errexit; 1594 #endif 1595 #ifdef SO_RERROR 1596 if (setsockopt(s, SOL_SOCKET, SO_RERROR, &n, sizeof(n)) == -1) 1597 goto errexit; 1598 #endif 1599 1600 memset(&sin, 0, sizeof(sin)); 1601 sin.sin_family = AF_INET; 1602 sin.sin_port = htons(BOOTPC); 1603 if (ia != NULL) 1604 sin.sin_addr = *ia; 1605 if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1) 1606 goto errexit; 1607 1608 return s; 1609 1610 errexit: 1611 close(s); 1612 return -1; 1613 } 1614 1615 static uint16_t 1616 in_cksum(const void *data, size_t len, uint32_t *isum) 1617 { 1618 const uint16_t *word = data; 1619 uint32_t sum = isum != NULL ? *isum : 0; 1620 1621 for (; len > 1; len -= sizeof(*word)) 1622 sum += *word++; 1623 1624 if (len == 1) 1625 sum += htons((uint16_t)(*(const uint8_t *)word << 8)); 1626 1627 if (isum != NULL) 1628 *isum = sum; 1629 1630 sum = (sum >> 16) + (sum & 0xffff); 1631 sum += (sum >> 16); 1632 1633 return (uint16_t)~sum; 1634 } 1635 1636 static struct bootp_pkt * 1637 dhcp_makeudppacket(size_t *sz, const uint8_t *data, size_t length, 1638 struct in_addr source, struct in_addr dest) 1639 { 1640 struct bootp_pkt *udpp; 1641 struct ip *ip; 1642 struct udphdr *udp; 1643 1644 if ((udpp = calloc(1, sizeof(*ip) + sizeof(*udp) + length)) == NULL) 1645 return NULL; 1646 ip = &udpp->ip; 1647 udp = &udpp->udp; 1648 1649 /* OK, this is important :) 1650 * We copy the data to our packet and then create a small part of the 1651 * ip structure and an invalid ip_len (basically udp length). 1652 * We then fill the udp structure and put the checksum 1653 * of the whole packet into the udp checksum. 1654 * Finally we complete the ip structure and ip checksum. 1655 * If we don't do the ordering like so then the udp checksum will be 1656 * broken, so find another way of doing it! */ 1657 1658 memcpy(&udpp->bootp, data, length); 1659 1660 ip->ip_p = IPPROTO_UDP; 1661 ip->ip_src.s_addr = source.s_addr; 1662 if (dest.s_addr == 0) 1663 ip->ip_dst.s_addr = INADDR_BROADCAST; 1664 else 1665 ip->ip_dst.s_addr = dest.s_addr; 1666 1667 udp->uh_sport = htons(BOOTPC); 1668 udp->uh_dport = htons(BOOTPS); 1669 udp->uh_ulen = htons((uint16_t)(sizeof(*udp) + length)); 1670 ip->ip_len = udp->uh_ulen; 1671 udp->uh_sum = in_cksum(udpp, sizeof(*ip) + sizeof(*udp) + length, NULL); 1672 1673 ip->ip_v = IPVERSION; 1674 ip->ip_hl = sizeof(*ip) >> 2; 1675 ip->ip_id = (uint16_t)arc4random_uniform(UINT16_MAX); 1676 ip->ip_ttl = IPDEFTTL; 1677 ip->ip_len = htons((uint16_t)(sizeof(*ip) + sizeof(*udp) + length)); 1678 ip->ip_sum = in_cksum(ip, sizeof(*ip), NULL); 1679 if (ip->ip_sum == 0) 1680 ip->ip_sum = 0xffff; /* RFC 768 */ 1681 1682 *sz = sizeof(*ip) + sizeof(*udp) + length; 1683 return udpp; 1684 } 1685 1686 static ssize_t 1687 dhcp_sendudp(struct interface *ifp, struct in_addr *to, void *data, size_t len) 1688 { 1689 struct sockaddr_in sin = { 1690 .sin_family = AF_INET, 1691 .sin_addr = *to, 1692 .sin_port = htons(BOOTPS), 1693 #ifdef HAVE_SA_LEN 1694 .sin_len = sizeof(sin), 1695 #endif 1696 }; 1697 struct udphdr udp = { 1698 .uh_sport = htons(BOOTPC), 1699 .uh_dport = htons(BOOTPS), 1700 .uh_ulen = htons((uint16_t)(sizeof(udp) + len)), 1701 }; 1702 struct iovec iov[] = { 1703 { .iov_base = &udp, .iov_len = sizeof(udp), }, 1704 { .iov_base = data, .iov_len = len, }, 1705 }; 1706 struct msghdr msg = { 1707 .msg_name = (void *)&sin, 1708 .msg_namelen = sizeof(sin), 1709 .msg_iov = iov, 1710 .msg_iovlen = __arraycount(iov), 1711 }; 1712 struct dhcpcd_ctx *ctx = ifp->ctx; 1713 1714 #ifdef PRIVSEP 1715 if (ctx->options & DHCPCD_PRIVSEP) 1716 return ps_inet_sendbootp(ifp, &msg); 1717 #endif 1718 return sendmsg(ctx->udp_wfd, &msg, 0); 1719 } 1720 1721 static void 1722 send_message(struct interface *ifp, uint8_t type, 1723 void (*callback)(void *)) 1724 { 1725 struct dhcp_state *state = D_STATE(ifp); 1726 struct if_options *ifo = ifp->options; 1727 struct bootp *bootp; 1728 struct bootp_pkt *udp; 1729 size_t len, ulen; 1730 ssize_t r; 1731 struct in_addr from, to; 1732 unsigned int RT; 1733 1734 if (callback == NULL) { 1735 /* No carrier? Don't bother sending the packet. */ 1736 if (!if_is_link_up(ifp)) 1737 return; 1738 logdebugx("%s: sending %s with xid 0x%x", 1739 ifp->name, 1740 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1741 state->xid); 1742 RT = 0; /* bogus gcc warning */ 1743 } else { 1744 if (state->interval == 0) 1745 state->interval = 4; 1746 else { 1747 state->interval *= 2; 1748 if (state->interval > 64) 1749 state->interval = 64; 1750 } 1751 RT = (state->interval * MSEC_PER_SEC) + 1752 (arc4random_uniform(MSEC_PER_SEC * 2) - MSEC_PER_SEC); 1753 /* No carrier? Don't bother sending the packet. 1754 * However, we do need to advance the timeout. */ 1755 if (!if_is_link_up(ifp)) 1756 goto fail; 1757 logdebugx("%s: sending %s (xid 0x%x), next in %0.1f seconds", 1758 ifp->name, 1759 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1760 state->xid, 1761 (float)RT / MSEC_PER_SEC); 1762 } 1763 1764 r = make_message(&bootp, ifp, type); 1765 if (r == -1) 1766 goto fail; 1767 len = (size_t)r; 1768 1769 if (!(state->added & (STATE_FAKE | STATE_EXPIRED)) && 1770 state->addr != NULL && 1771 ipv4_iffindaddr(ifp, &state->lease.addr, NULL) != NULL) 1772 from.s_addr = state->lease.addr.s_addr; 1773 else 1774 from.s_addr = INADDR_ANY; 1775 if (from.s_addr != INADDR_ANY && 1776 state->lease.server.s_addr != INADDR_ANY) 1777 to.s_addr = state->lease.server.s_addr; 1778 else 1779 to.s_addr = INADDR_BROADCAST; 1780 1781 /* 1782 * If not listening on the unspecified address we can 1783 * only receive broadcast messages via BPF. 1784 * Sockets bound to an address cannot receive broadcast messages 1785 * even if they are setup to send them. 1786 * Broadcasting from UDP is only an optimisation for rebinding 1787 * and on BSD, at least, is reliant on the subnet route being 1788 * correctly configured to receive the unicast reply. 1789 * As such, we always broadcast and receive the reply to it via BPF. 1790 * This also guarantees we have a DHCP server attached to the 1791 * interface we want to configure because we can't dictate the 1792 * interface via IP_PKTINFO unlike for IPv6. 1793 */ 1794 if (to.s_addr != INADDR_BROADCAST) { 1795 if (dhcp_sendudp(ifp, &to, bootp, len) != -1) 1796 goto out; 1797 logerr("%s: dhcp_sendudp", ifp->name); 1798 } 1799 1800 if (dhcp_openbpf(ifp) == -1) 1801 goto out; 1802 1803 udp = dhcp_makeudppacket(&ulen, (uint8_t *)bootp, len, from, to); 1804 if (udp == NULL) { 1805 logerr("%s: dhcp_makeudppacket", ifp->name); 1806 r = 0; 1807 #ifdef PRIVSEP 1808 } else if (ifp->ctx->options & DHCPCD_PRIVSEP) { 1809 r = ps_bpf_sendbootp(ifp, udp, ulen); 1810 free(udp); 1811 #endif 1812 } else { 1813 r = bpf_send(state->bpf, ETHERTYPE_IP, udp, ulen); 1814 free(udp); 1815 } 1816 /* If we failed to send a raw packet this normally means 1817 * we don't have the ability to work beneath the IP layer 1818 * for this interface. 1819 * As such we remove it from consideration without actually 1820 * stopping the interface. */ 1821 if (r == -1) { 1822 logerr("%s: bpf_send", ifp->name); 1823 switch(errno) { 1824 case ENETDOWN: 1825 case ENETRESET: 1826 case ENETUNREACH: 1827 case ENOBUFS: 1828 break; 1829 default: 1830 if (!(ifp->ctx->options & DHCPCD_TEST)) 1831 dhcp_drop(ifp, "FAIL"); 1832 eloop_timeout_delete(ifp->ctx->eloop, 1833 NULL, ifp); 1834 callback = NULL; 1835 } 1836 } 1837 1838 out: 1839 free(bootp); 1840 1841 fail: 1842 /* Even if we fail to send a packet we should continue as we are 1843 * as our failure timeouts will change out codepath when needed. */ 1844 if (callback != NULL) 1845 eloop_timeout_add_msec(ifp->ctx->eloop, RT, callback, ifp); 1846 } 1847 1848 static void 1849 send_inform(void *arg) 1850 { 1851 1852 send_message((struct interface *)arg, DHCP_INFORM, send_inform); 1853 } 1854 1855 static void 1856 send_discover(void *arg) 1857 { 1858 1859 send_message((struct interface *)arg, DHCP_DISCOVER, send_discover); 1860 } 1861 1862 static void 1863 send_request(void *arg) 1864 { 1865 1866 send_message((struct interface *)arg, DHCP_REQUEST, send_request); 1867 } 1868 1869 static void 1870 send_renew(void *arg) 1871 { 1872 1873 send_message((struct interface *)arg, DHCP_REQUEST, send_renew); 1874 } 1875 1876 static void 1877 send_rebind(void *arg) 1878 { 1879 1880 send_message((struct interface *)arg, DHCP_REQUEST, send_rebind); 1881 } 1882 1883 void 1884 dhcp_discover(void *arg) 1885 { 1886 struct interface *ifp = arg; 1887 struct dhcp_state *state = D_STATE(ifp); 1888 struct if_options *ifo = ifp->options; 1889 1890 state->state = DHS_DISCOVER; 1891 dhcp_new_xid(ifp); 1892 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1893 if (!(state->added & STATE_EXPIRED)) { 1894 if (ifo->fallback) 1895 eloop_timeout_add_sec(ifp->ctx->eloop, 1896 ifo->reboot, dhcp_fallback, ifp); 1897 #ifdef IPV4LL 1898 else if (ifo->options & DHCPCD_IPV4LL) 1899 eloop_timeout_add_sec(ifp->ctx->eloop, 1900 ifo->reboot, ipv4ll_start, ifp); 1901 #endif 1902 } 1903 if (ifo->options & DHCPCD_REQUEST) 1904 loginfox("%s: soliciting a DHCP lease (requesting %s)", 1905 ifp->name, inet_ntoa(ifo->req_addr)); 1906 else 1907 loginfox("%s: soliciting a %s lease", 1908 ifp->name, ifo->options & DHCPCD_BOOTP ? "BOOTP" : "DHCP"); 1909 send_discover(ifp); 1910 } 1911 1912 static void 1913 dhcp_request(void *arg) 1914 { 1915 struct interface *ifp = arg; 1916 struct dhcp_state *state = D_STATE(ifp); 1917 1918 state->state = DHS_REQUEST; 1919 send_request(ifp); 1920 } 1921 1922 static void 1923 dhcp_expire(void *arg) 1924 { 1925 struct interface *ifp = arg; 1926 struct dhcp_state *state = D_STATE(ifp); 1927 1928 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) { 1929 logwarnx("%s: DHCP lease expired, extending lease", ifp->name); 1930 state->added |= STATE_EXPIRED; 1931 } else { 1932 logerrx("%s: DHCP lease expired", ifp->name); 1933 dhcp_drop(ifp, "EXPIRE"); 1934 dhcp_unlink(ifp->ctx, state->leasefile); 1935 } 1936 state->interval = 0; 1937 dhcp_discover(ifp); 1938 } 1939 1940 #if defined(ARP) || defined(IN_IFF_DUPLICATED) 1941 static void 1942 dhcp_decline(struct interface *ifp) 1943 { 1944 1945 send_message(ifp, DHCP_DECLINE, NULL); 1946 } 1947 #endif 1948 1949 static void 1950 dhcp_startrenew(void *arg) 1951 { 1952 struct interface *ifp = arg; 1953 struct dhcp_state *state; 1954 struct dhcp_lease *lease; 1955 1956 if ((state = D_STATE(ifp)) == NULL) 1957 return; 1958 1959 /* Only renew in the bound or renew states */ 1960 if (state->state != DHS_BOUND && 1961 state->state != DHS_RENEW) 1962 return; 1963 1964 /* Remove the timeout as the renew may have been forced. */ 1965 eloop_timeout_delete(ifp->ctx->eloop, dhcp_startrenew, ifp); 1966 1967 lease = &state->lease; 1968 logdebugx("%s: renewing lease of %s", ifp->name, 1969 inet_ntoa(lease->addr)); 1970 state->state = DHS_RENEW; 1971 dhcp_new_xid(ifp); 1972 state->interval = 0; 1973 send_renew(ifp); 1974 } 1975 1976 void 1977 dhcp_renew(struct interface *ifp) 1978 { 1979 1980 dhcp_startrenew(ifp); 1981 } 1982 1983 static void 1984 dhcp_rebind(void *arg) 1985 { 1986 struct interface *ifp = arg; 1987 struct dhcp_state *state = D_STATE(ifp); 1988 struct dhcp_lease *lease = &state->lease; 1989 1990 logwarnx("%s: failed to renew DHCP, rebinding", ifp->name); 1991 logdebugx("%s: expire in %"PRIu32" seconds", 1992 ifp->name, lease->leasetime - lease->rebindtime); 1993 state->state = DHS_REBIND; 1994 eloop_timeout_delete(ifp->ctx->eloop, send_renew, ifp); 1995 state->lease.server.s_addr = INADDR_ANY; 1996 state->interval = 0; 1997 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 1998 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 1999 send_rebind(ifp); 2000 } 2001 2002 #if defined(ARP) || defined(IN_IFF_DUPLICATED) 2003 static void 2004 dhcp_finish_dad(struct interface *ifp, struct in_addr *ia) 2005 { 2006 struct dhcp_state *state = D_STATE(ifp); 2007 2008 if (state->state != DHS_PROBE) 2009 return; 2010 if (state->offer == NULL || state->offer->yiaddr != ia->s_addr) 2011 return; 2012 2013 logdebugx("%s: DAD completed for %s", ifp->name, inet_ntoa(*ia)); 2014 if (!(ifp->options->options & DHCPCD_INFORM)) 2015 dhcp_bind(ifp); 2016 #ifndef IN_IFF_DUPLICATED 2017 else { 2018 struct bootp *bootp; 2019 size_t len; 2020 2021 bootp = state->new; 2022 len = state->new_len; 2023 state->new = state->offer; 2024 state->new_len = state->offer_len; 2025 get_lease(ifp, &state->lease, state->new, state->new_len); 2026 ipv4_applyaddr(ifp); 2027 state->new = bootp; 2028 state->new_len = len; 2029 } 2030 #endif 2031 2032 #ifdef IPV4LL 2033 /* Stop IPv4LL now we have a working DHCP address */ 2034 ipv4ll_drop(ifp); 2035 #endif 2036 2037 if (ifp->options->options & DHCPCD_INFORM) 2038 dhcp_inform(ifp); 2039 } 2040 2041 2042 static bool 2043 dhcp_addr_duplicated(struct interface *ifp, struct in_addr *ia) 2044 { 2045 struct dhcp_state *state = D_STATE(ifp); 2046 unsigned long long opts = ifp->options->options; 2047 struct dhcpcd_ctx *ctx = ifp->ctx; 2048 bool deleted = false; 2049 #ifdef IN_IFF_DUPLICATED 2050 struct ipv4_addr *iap; 2051 #endif 2052 2053 if ((state->offer == NULL || state->offer->yiaddr != ia->s_addr) && 2054 !IN_ARE_ADDR_EQUAL(ia, &state->lease.addr)) 2055 return deleted; 2056 2057 /* RFC 2131 3.1.5, Client-server interaction */ 2058 logerrx("%s: DAD detected %s", ifp->name, inet_ntoa(*ia)); 2059 dhcp_unlink(ifp->ctx, state->leasefile); 2060 if (!(opts & DHCPCD_STATIC) && !state->lease.frominfo) 2061 dhcp_decline(ifp); 2062 #ifdef IN_IFF_DUPLICATED 2063 if ((iap = ipv4_iffindaddr(ifp, ia, NULL)) != NULL) { 2064 ipv4_deladdr(iap, 0); 2065 deleted = true; 2066 } 2067 #endif 2068 eloop_timeout_delete(ctx->eloop, NULL, ifp); 2069 if (opts & (DHCPCD_STATIC | DHCPCD_INFORM)) { 2070 state->reason = "EXPIRE"; 2071 script_runreason(ifp, state->reason); 2072 #define NOT_ONLY_SELF (DHCPCD_MASTER | DHCPCD_IPV6RS | DHCPCD_DHCP6) 2073 if (!(ctx->options & NOT_ONLY_SELF)) 2074 eloop_exit(ifp->ctx->eloop, EXIT_FAILURE); 2075 return deleted; 2076 } 2077 eloop_timeout_add_sec(ifp->ctx->eloop, 2078 DHCP_RAND_MAX, dhcp_discover, ifp); 2079 return deleted; 2080 } 2081 #endif 2082 2083 #ifdef ARP 2084 #ifdef KERNEL_RFC5227 2085 #ifdef ARPING 2086 static void 2087 dhcp_arp_announced(struct arp_state *state) 2088 { 2089 2090 arp_free(state); 2091 } 2092 #endif 2093 #else 2094 static void 2095 dhcp_arp_defend_failed(struct arp_state *astate) 2096 { 2097 struct interface *ifp = astate->iface; 2098 2099 dhcp_drop(ifp, "EXPIRED"); 2100 dhcp_start1(ifp); 2101 } 2102 #endif 2103 2104 #if !defined(KERNEL_RFC5227) || defined(ARPING) 2105 static void dhcp_arp_not_found(struct arp_state *); 2106 2107 static struct arp_state * 2108 dhcp_arp_new(struct interface *ifp, struct in_addr *addr) 2109 { 2110 struct arp_state *astate; 2111 2112 astate = arp_new(ifp, addr); 2113 if (astate == NULL) 2114 return NULL; 2115 2116 astate->found_cb = dhcp_arp_found; 2117 astate->not_found_cb = dhcp_arp_not_found; 2118 #ifdef KERNEL_RFC5227 2119 astate->announced_cb = dhcp_arp_announced; 2120 #else 2121 astate->announced_cb = NULL; 2122 astate->defend_failed_cb = dhcp_arp_defend_failed; 2123 #endif 2124 return astate; 2125 } 2126 #endif 2127 2128 #ifdef ARPING 2129 static int 2130 dhcp_arping(struct interface *ifp) 2131 { 2132 struct dhcp_state *state; 2133 struct if_options *ifo; 2134 struct arp_state *astate; 2135 struct in_addr addr; 2136 2137 state = D_STATE(ifp); 2138 ifo = ifp->options; 2139 2140 if (ifo->arping_len == 0 || state->arping_index > ifo->arping_len) 2141 return 0; 2142 2143 if (state->arping_index + 1 == ifo->arping_len) { 2144 state->arping_index++; 2145 dhcpcd_startinterface(ifp); 2146 return 1; 2147 } 2148 2149 addr.s_addr = ifo->arping[++state->arping_index]; 2150 astate = dhcp_arp_new(ifp, &addr); 2151 if (astate == NULL) { 2152 logerr(__func__); 2153 return -1; 2154 } 2155 arp_probe(astate); 2156 return 1; 2157 } 2158 #endif 2159 2160 #if !defined(KERNEL_RFC5227) || defined(ARPING) 2161 static void 2162 dhcp_arp_not_found(struct arp_state *astate) 2163 { 2164 struct interface *ifp; 2165 2166 ifp = astate->iface; 2167 #ifdef ARPING 2168 if (dhcp_arping(ifp) == 1) { 2169 arp_free(astate); 2170 return; 2171 } 2172 #endif 2173 2174 dhcp_finish_dad(ifp, &astate->addr); 2175 } 2176 2177 static void 2178 dhcp_arp_found(struct arp_state *astate, const struct arp_msg *amsg) 2179 { 2180 struct in_addr addr; 2181 struct interface *ifp = astate->iface; 2182 #ifdef ARPING 2183 struct dhcp_state *state; 2184 struct if_options *ifo; 2185 2186 state = D_STATE(ifp); 2187 2188 ifo = ifp->options; 2189 if (state->arping_index != -1 && 2190 state->arping_index < ifo->arping_len && 2191 amsg && 2192 amsg->sip.s_addr == ifo->arping[state->arping_index]) 2193 { 2194 char buf[HWADDR_LEN * 3]; 2195 2196 hwaddr_ntoa(amsg->sha, ifp->hwlen, buf, sizeof(buf)); 2197 if (dhcpcd_selectprofile(ifp, buf) == -1 && 2198 dhcpcd_selectprofile(ifp, inet_ntoa(amsg->sip)) == -1) 2199 { 2200 /* We didn't find a profile for this 2201 * address or hwaddr, so move to the next 2202 * arping profile */ 2203 dhcp_arp_not_found(astate); 2204 return; 2205 } 2206 arp_free(astate); 2207 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2208 dhcpcd_startinterface(ifp); 2209 return; 2210 } 2211 #else 2212 UNUSED(amsg); 2213 #endif 2214 2215 addr = astate->addr; 2216 arp_free(astate); 2217 dhcp_addr_duplicated(ifp, &addr); 2218 } 2219 #endif 2220 2221 #endif /* ARP */ 2222 2223 void 2224 dhcp_bind(struct interface *ifp) 2225 { 2226 struct dhcpcd_ctx *ctx = ifp->ctx; 2227 struct dhcp_state *state = D_STATE(ifp); 2228 struct if_options *ifo = ifp->options; 2229 struct dhcp_lease *lease = &state->lease; 2230 uint8_t old_state; 2231 2232 state->reason = NULL; 2233 /* If we don't have an offer, we are re-binding a lease on preference, 2234 * normally when two interfaces have a lease matching IP addresses. */ 2235 if (state->offer) { 2236 free(state->old); 2237 state->old = state->new; 2238 state->old_len = state->new_len; 2239 state->new = state->offer; 2240 state->new_len = state->offer_len; 2241 state->offer = NULL; 2242 state->offer_len = 0; 2243 } 2244 get_lease(ifp, lease, state->new, state->new_len); 2245 if (ifo->options & DHCPCD_STATIC) { 2246 loginfox("%s: using static address %s/%d", 2247 ifp->name, inet_ntoa(lease->addr), 2248 inet_ntocidr(lease->mask)); 2249 lease->leasetime = DHCP_INFINITE_LIFETIME; 2250 state->reason = "STATIC"; 2251 } else if (ifo->options & DHCPCD_INFORM) { 2252 loginfox("%s: received approval for %s", 2253 ifp->name, inet_ntoa(lease->addr)); 2254 lease->leasetime = DHCP_INFINITE_LIFETIME; 2255 state->reason = "INFORM"; 2256 } else { 2257 if (lease->frominfo) 2258 state->reason = "TIMEOUT"; 2259 if (lease->leasetime == DHCP_INFINITE_LIFETIME) { 2260 lease->renewaltime = 2261 lease->rebindtime = 2262 lease->leasetime; 2263 loginfox("%s: leased %s for infinity", 2264 ifp->name, inet_ntoa(lease->addr)); 2265 } else { 2266 if (lease->leasetime < DHCP_MIN_LEASE) { 2267 logwarnx("%s: minimum lease is %d seconds", 2268 ifp->name, DHCP_MIN_LEASE); 2269 lease->leasetime = DHCP_MIN_LEASE; 2270 } 2271 if (lease->rebindtime == 0) 2272 lease->rebindtime = 2273 (uint32_t)(lease->leasetime * T2); 2274 else if (lease->rebindtime >= lease->leasetime) { 2275 lease->rebindtime = 2276 (uint32_t)(lease->leasetime * T2); 2277 logwarnx("%s: rebind time greater than lease " 2278 "time, forcing to %"PRIu32" seconds", 2279 ifp->name, lease->rebindtime); 2280 } 2281 if (lease->renewaltime == 0) 2282 lease->renewaltime = 2283 (uint32_t)(lease->leasetime * T1); 2284 else if (lease->renewaltime > lease->rebindtime) { 2285 lease->renewaltime = 2286 (uint32_t)(lease->leasetime * T1); 2287 logwarnx("%s: renewal time greater than " 2288 "rebind time, forcing to %"PRIu32" seconds", 2289 ifp->name, lease->renewaltime); 2290 } 2291 if (state->state == DHS_RENEW && state->addr && 2292 lease->addr.s_addr == state->addr->addr.s_addr && 2293 !(state->added & STATE_FAKE)) 2294 logdebugx("%s: leased %s for %"PRIu32" seconds", 2295 ifp->name, inet_ntoa(lease->addr), 2296 lease->leasetime); 2297 else 2298 loginfox("%s: leased %s for %"PRIu32" seconds", 2299 ifp->name, inet_ntoa(lease->addr), 2300 lease->leasetime); 2301 } 2302 } 2303 if (ctx->options & DHCPCD_TEST) { 2304 state->reason = "TEST"; 2305 script_runreason(ifp, state->reason); 2306 eloop_exit(ctx->eloop, EXIT_SUCCESS); 2307 return; 2308 } 2309 if (state->reason == NULL) { 2310 if (state->old && 2311 !(state->added & (STATE_FAKE | STATE_EXPIRED))) 2312 { 2313 if (state->old->yiaddr == state->new->yiaddr && 2314 lease->server.s_addr && 2315 state->state != DHS_REBIND) 2316 state->reason = "RENEW"; 2317 else 2318 state->reason = "REBIND"; 2319 } else if (state->state == DHS_REBOOT) 2320 state->reason = "REBOOT"; 2321 else 2322 state->reason = "BOUND"; 2323 } 2324 if (lease->leasetime == DHCP_INFINITE_LIFETIME) 2325 lease->renewaltime = lease->rebindtime = lease->leasetime; 2326 else { 2327 eloop_timeout_add_sec(ctx->eloop, 2328 lease->renewaltime, dhcp_startrenew, ifp); 2329 eloop_timeout_add_sec(ctx->eloop, 2330 lease->rebindtime, dhcp_rebind, ifp); 2331 eloop_timeout_add_sec(ctx->eloop, 2332 lease->leasetime, dhcp_expire, ifp); 2333 logdebugx("%s: renew in %"PRIu32" seconds, rebind in %"PRIu32 2334 " seconds", 2335 ifp->name, lease->renewaltime, lease->rebindtime); 2336 } 2337 state->state = DHS_BOUND; 2338 if (!state->lease.frominfo && 2339 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))) { 2340 logdebugx("%s: writing lease: %s", 2341 ifp->name, state->leasefile); 2342 if (dhcp_writefile(ifp->ctx, state->leasefile, 0640, 2343 state->new, state->new_len) == -1) 2344 logerr("dhcp_writefile: %s", state->leasefile); 2345 } 2346 2347 old_state = state->added; 2348 2349 if (!(ifo->options & DHCPCD_CONFIGURE)) { 2350 struct ipv4_addr *ia; 2351 2352 script_runreason(ifp, state->reason); 2353 dhcpcd_daemonise(ifp->ctx); 2354 2355 /* We we are not configuring the address, we need to keep 2356 * the BPF socket open if the address does not exist. */ 2357 ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL); 2358 if (ia != NULL) { 2359 state->addr = ia; 2360 state->added = STATE_ADDED; 2361 dhcp_closebpf(ifp); 2362 goto openudp; 2363 } 2364 return; 2365 } 2366 2367 /* Add the address */ 2368 if (ipv4_applyaddr(ifp) == NULL) { 2369 /* There was an error adding the address. 2370 * If we are in oneshot, exit with a failure. */ 2371 if (ctx->options & DHCPCD_ONESHOT) { 2372 loginfox("exiting due to oneshot"); 2373 eloop_exit(ctx->eloop, EXIT_FAILURE); 2374 } 2375 return; 2376 } 2377 2378 /* Close the BPF filter as we can now receive DHCP messages 2379 * on a UDP socket. */ 2380 dhcp_closebpf(ifp); 2381 2382 openudp: 2383 /* If not in master mode, open an address specific socket. */ 2384 if (ctx->options & DHCPCD_MASTER || 2385 (state->old != NULL && 2386 state->old->yiaddr == state->new->yiaddr && 2387 old_state & STATE_ADDED && !(old_state & STATE_FAKE))) 2388 return; 2389 2390 dhcp_closeinet(ifp); 2391 #ifdef PRIVSEP 2392 if (IN_PRIVSEP_SE(ctx)) { 2393 if (ps_inet_openbootp(state->addr) == -1) 2394 logerr(__func__); 2395 return; 2396 } 2397 #endif 2398 2399 state->udp_rfd = dhcp_openudp(&state->addr->addr); 2400 if (state->udp_rfd == -1) { 2401 logerr(__func__); 2402 /* Address sharing without master mode is not supported. 2403 * It's also possible another DHCP client could be running, 2404 * which is even worse. 2405 * We still need to work, so re-open BPF. */ 2406 dhcp_openbpf(ifp); 2407 return; 2408 } 2409 eloop_event_add(ctx->eloop, state->udp_rfd, dhcp_handleifudp, ifp); 2410 } 2411 2412 static size_t 2413 dhcp_message_new(struct bootp **bootp, 2414 const struct in_addr *addr, const struct in_addr *mask) 2415 { 2416 uint8_t *p; 2417 uint32_t cookie; 2418 2419 if ((*bootp = calloc(1, sizeof(**bootp))) == NULL) 2420 return 0; 2421 2422 (*bootp)->yiaddr = addr->s_addr; 2423 p = (*bootp)->vend; 2424 2425 cookie = htonl(MAGIC_COOKIE); 2426 memcpy(p, &cookie, sizeof(cookie)); 2427 p += sizeof(cookie); 2428 2429 if (mask->s_addr != INADDR_ANY) { 2430 *p++ = DHO_SUBNETMASK; 2431 *p++ = sizeof(mask->s_addr); 2432 memcpy(p, &mask->s_addr, sizeof(mask->s_addr)); 2433 p+= sizeof(mask->s_addr); 2434 } 2435 2436 *p = DHO_END; 2437 return sizeof(**bootp); 2438 } 2439 2440 #if defined(ARP) || defined(KERNEL_RFC5227) 2441 static int 2442 dhcp_arp_address(struct interface *ifp) 2443 { 2444 struct dhcp_state *state; 2445 struct in_addr addr; 2446 struct ipv4_addr *ia; 2447 2448 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2449 2450 state = D_STATE(ifp); 2451 addr.s_addr = state->offer->yiaddr == INADDR_ANY ? 2452 state->offer->ciaddr : state->offer->yiaddr; 2453 /* If the interface already has the address configured 2454 * then we can't ARP for duplicate detection. */ 2455 ia = ipv4_iffindaddr(ifp, &addr, NULL); 2456 #ifdef IN_IFF_NOTUSEABLE 2457 if (ia == NULL || ia->addr_flags & IN_IFF_NOTUSEABLE) { 2458 state->state = DHS_PROBE; 2459 if (ia == NULL) { 2460 struct dhcp_lease l; 2461 2462 get_lease(ifp, &l, state->offer, state->offer_len); 2463 /* Add the address now, let the kernel handle DAD. */ 2464 ipv4_addaddr(ifp, &l.addr, &l.mask, &l.brd, 2465 l.leasetime, l.rebindtime); 2466 } else if (ia->addr_flags & IN_IFF_DUPLICATED) 2467 dhcp_addr_duplicated(ifp, &ia->addr); 2468 else 2469 loginfox("%s: waiting for DAD on %s", 2470 ifp->name, inet_ntoa(addr)); 2471 return 0; 2472 } 2473 #else 2474 if (!(ifp->flags & IFF_NOARP) && 2475 ifp->options->options & DHCPCD_ARP) 2476 { 2477 struct arp_state *astate; 2478 struct dhcp_lease l; 2479 2480 /* Even if the address exists, we need to defend it. */ 2481 astate = dhcp_arp_new(ifp, &addr); 2482 if (astate == NULL) 2483 return -1; 2484 2485 if (ia == NULL) { 2486 state->state = DHS_PROBE; 2487 get_lease(ifp, &l, state->offer, state->offer_len); 2488 loginfox("%s: probing address %s/%d", 2489 ifp->name, inet_ntoa(l.addr), inet_ntocidr(l.mask)); 2490 /* We need to handle DAD. */ 2491 arp_probe(astate); 2492 return 0; 2493 } 2494 } 2495 #endif 2496 2497 return 1; 2498 } 2499 2500 static void 2501 dhcp_arp_bind(struct interface *ifp) 2502 { 2503 2504 if (ifp->ctx->options & DHCPCD_TEST || 2505 dhcp_arp_address(ifp) == 1) 2506 dhcp_bind(ifp); 2507 } 2508 #endif 2509 2510 static void 2511 dhcp_lastlease(void *arg) 2512 { 2513 struct interface *ifp = arg; 2514 struct dhcp_state *state = D_STATE(ifp); 2515 2516 loginfox("%s: timed out contacting a DHCP server, using last lease", 2517 ifp->name); 2518 #if defined(ARP) || defined(KERNEL_RFC5227) 2519 dhcp_arp_bind(ifp); 2520 #else 2521 dhcp_bind(ifp); 2522 #endif 2523 /* Set expired here because dhcp_bind() -> ipv4_addaddr() will reset 2524 * state */ 2525 state->added |= STATE_EXPIRED; 2526 state->interval = 0; 2527 dhcp_discover(ifp); 2528 } 2529 2530 static void 2531 dhcp_static(struct interface *ifp) 2532 { 2533 struct if_options *ifo; 2534 struct dhcp_state *state; 2535 struct ipv4_addr *ia; 2536 2537 state = D_STATE(ifp); 2538 ifo = ifp->options; 2539 2540 ia = NULL; 2541 if (ifo->req_addr.s_addr == INADDR_ANY && 2542 (ia = ipv4_iffindaddr(ifp, NULL, NULL)) == NULL) 2543 { 2544 loginfox("%s: waiting for 3rd party to " 2545 "configure IP address", ifp->name); 2546 state->reason = "3RDPARTY"; 2547 script_runreason(ifp, state->reason); 2548 return; 2549 } 2550 2551 state->offer_len = dhcp_message_new(&state->offer, 2552 ia ? &ia->addr : &ifo->req_addr, 2553 ia ? &ia->mask : &ifo->req_mask); 2554 if (state->offer_len) 2555 #if defined(ARP) || defined(KERNEL_RFC5227) 2556 dhcp_arp_bind(ifp); 2557 #else 2558 dhcp_bind(ifp); 2559 #endif 2560 } 2561 2562 void 2563 dhcp_inform(struct interface *ifp) 2564 { 2565 struct dhcp_state *state; 2566 struct if_options *ifo; 2567 struct ipv4_addr *ia; 2568 2569 state = D_STATE(ifp); 2570 ifo = ifp->options; 2571 2572 state->state = DHS_INFORM; 2573 free(state->offer); 2574 state->offer = NULL; 2575 state->offer_len = 0; 2576 2577 if (ifo->req_addr.s_addr == INADDR_ANY) { 2578 ia = ipv4_iffindaddr(ifp, NULL, NULL); 2579 if (ia == NULL) { 2580 loginfox("%s: waiting for 3rd party to " 2581 "configure IP address", 2582 ifp->name); 2583 if (!(ifp->ctx->options & DHCPCD_TEST)) { 2584 state->reason = "3RDPARTY"; 2585 script_runreason(ifp, state->reason); 2586 } 2587 return; 2588 } 2589 } else { 2590 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, &ifo->req_mask); 2591 if (ia == NULL) { 2592 if (ifp->ctx->options & DHCPCD_TEST) { 2593 logerrx("%s: cannot add IP address in test mode", 2594 ifp->name); 2595 return; 2596 } 2597 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, NULL); 2598 if (ia != NULL) 2599 /* Netmask must be different, delete it. */ 2600 ipv4_deladdr(ia, 1); 2601 state->offer_len = dhcp_message_new(&state->offer, 2602 &ifo->req_addr, &ifo->req_mask); 2603 #ifdef ARP 2604 if (dhcp_arp_address(ifp) != 1) 2605 return; 2606 #endif 2607 ia = ipv4_iffindaddr(ifp, 2608 &ifo->req_addr, &ifo->req_mask); 2609 assert(ia != NULL); 2610 } 2611 } 2612 2613 state->addr = ia; 2614 state->offer_len = dhcp_message_new(&state->offer, 2615 &ia->addr, &ia->mask); 2616 if (state->offer_len) { 2617 dhcp_new_xid(ifp); 2618 get_lease(ifp, &state->lease, state->offer, state->offer_len); 2619 send_inform(ifp); 2620 } 2621 } 2622 2623 void 2624 dhcp_reboot_newopts(struct interface *ifp, unsigned long long oldopts) 2625 { 2626 struct if_options *ifo; 2627 struct dhcp_state *state = D_STATE(ifp); 2628 2629 if (state == NULL || state->state == DHS_NONE) 2630 return; 2631 ifo = ifp->options; 2632 if ((ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC) && 2633 (state->addr == NULL || 2634 state->addr->addr.s_addr != ifo->req_addr.s_addr)) || 2635 (oldopts & (DHCPCD_INFORM | DHCPCD_STATIC) && 2636 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC)))) 2637 { 2638 dhcp_drop(ifp, "EXPIRE"); 2639 } 2640 } 2641 2642 #ifdef ARP 2643 static int 2644 dhcp_activeaddr(const struct interface *ifp, const struct in_addr *addr) 2645 { 2646 const struct interface *ifp1; 2647 const struct dhcp_state *state; 2648 2649 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 2650 if (ifp1 == ifp) 2651 continue; 2652 if ((state = D_CSTATE(ifp1)) == NULL) 2653 continue; 2654 switch(state->state) { 2655 case DHS_REBOOT: 2656 case DHS_RENEW: 2657 case DHS_REBIND: 2658 case DHS_BOUND: 2659 case DHS_INFORM: 2660 break; 2661 default: 2662 continue; 2663 } 2664 if (state->lease.addr.s_addr == addr->s_addr) 2665 return 1; 2666 } 2667 return 0; 2668 } 2669 #endif 2670 2671 static void 2672 dhcp_reboot(struct interface *ifp) 2673 { 2674 struct if_options *ifo; 2675 struct dhcp_state *state = D_STATE(ifp); 2676 #ifdef ARP 2677 struct ipv4_addr *ia; 2678 #endif 2679 2680 if (state == NULL || state->state == DHS_NONE) 2681 return; 2682 ifo = ifp->options; 2683 state->state = DHS_REBOOT; 2684 state->interval = 0; 2685 2686 if (ifo->options & DHCPCD_LINK && !if_is_link_up(ifp)) { 2687 loginfox("%s: waiting for carrier", ifp->name); 2688 return; 2689 } 2690 if (ifo->options & DHCPCD_STATIC) { 2691 dhcp_static(ifp); 2692 return; 2693 } 2694 if (ifo->options & DHCPCD_INFORM) { 2695 loginfox("%s: informing address of %s", 2696 ifp->name, inet_ntoa(state->lease.addr)); 2697 dhcp_inform(ifp); 2698 return; 2699 } 2700 if (ifo->reboot == 0 || state->offer == NULL) { 2701 dhcp_discover(ifp); 2702 return; 2703 } 2704 if (!IS_DHCP(state->offer)) 2705 return; 2706 2707 loginfox("%s: rebinding lease of %s", 2708 ifp->name, inet_ntoa(state->lease.addr)); 2709 2710 #ifdef ARP 2711 #ifndef KERNEL_RFC5227 2712 /* Create the DHCP ARP state so we can defend it. */ 2713 (void)dhcp_arp_new(ifp, &state->lease.addr); 2714 #endif 2715 2716 /* If the address exists on the interface and no other interface 2717 * is currently using it then announce it to ensure this 2718 * interface gets the reply. */ 2719 ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL); 2720 if (ia != NULL && 2721 !(ifp->ctx->options & DHCPCD_TEST) && 2722 #ifdef IN_IFF_NOTUSEABLE 2723 !(ia->addr_flags & IN_IFF_NOTUSEABLE) && 2724 #endif 2725 dhcp_activeaddr(ifp, &state->lease.addr) == 0) 2726 arp_ifannounceaddr(ifp, &state->lease.addr); 2727 #endif 2728 2729 dhcp_new_xid(ifp); 2730 state->lease.server.s_addr = INADDR_ANY; 2731 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2732 2733 #ifdef IPV4LL 2734 /* Need to add this before dhcp_expire and friends. */ 2735 if (!ifo->fallback && ifo->options & DHCPCD_IPV4LL) 2736 eloop_timeout_add_sec(ifp->ctx->eloop, 2737 ifo->reboot, ipv4ll_start, ifp); 2738 #endif 2739 2740 if (ifo->options & DHCPCD_LASTLEASE && state->lease.frominfo) 2741 eloop_timeout_add_sec(ifp->ctx->eloop, 2742 ifo->reboot, dhcp_lastlease, ifp); 2743 else if (!(ifo->options & DHCPCD_INFORM)) 2744 eloop_timeout_add_sec(ifp->ctx->eloop, 2745 ifo->reboot, dhcp_expire, ifp); 2746 2747 /* Don't bother ARP checking as the server could NAK us first. 2748 * Don't call dhcp_request as that would change the state */ 2749 send_request(ifp); 2750 } 2751 2752 void 2753 dhcp_drop(struct interface *ifp, const char *reason) 2754 { 2755 struct dhcp_state *state; 2756 #ifdef RELEASE_SLOW 2757 struct timespec ts; 2758 #endif 2759 2760 state = D_STATE(ifp); 2761 /* dhcp_start may just have been called and we don't yet have a state 2762 * but we do have a timeout, so punt it. */ 2763 if (state == NULL || state->state == DHS_NONE) { 2764 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2765 return; 2766 } 2767 2768 #ifdef ARP 2769 if (state->addr != NULL) 2770 arp_freeaddr(ifp, &state->addr->addr); 2771 #endif 2772 #ifdef ARPING 2773 state->arping_index = -1; 2774 #endif 2775 2776 if (ifp->options->options & DHCPCD_RELEASE && 2777 !(ifp->options->options & DHCPCD_INFORM)) 2778 { 2779 /* Failure to send the release may cause this function to 2780 * re-enter so guard by setting the state. */ 2781 if (state->state == DHS_RELEASE) 2782 return; 2783 state->state = DHS_RELEASE; 2784 2785 dhcp_unlink(ifp->ctx, state->leasefile); 2786 if (if_is_link_up(ifp) && 2787 state->new != NULL && 2788 state->lease.server.s_addr != INADDR_ANY) 2789 { 2790 loginfox("%s: releasing lease of %s", 2791 ifp->name, inet_ntoa(state->lease.addr)); 2792 dhcp_new_xid(ifp); 2793 send_message(ifp, DHCP_RELEASE, NULL); 2794 #ifdef RELEASE_SLOW 2795 /* Give the packet a chance to go */ 2796 ts.tv_sec = RELEASE_DELAY_S; 2797 ts.tv_nsec = RELEASE_DELAY_NS; 2798 nanosleep(&ts, NULL); 2799 #endif 2800 } 2801 } 2802 #ifdef AUTH 2803 else if (state->auth.reconf != NULL) { 2804 /* 2805 * Drop the lease as the token may only be present 2806 * in the initial reply message and not subsequent 2807 * renewals. 2808 * If dhcpcd is restarted, the token is lost. 2809 * XXX persist this in another file? 2810 */ 2811 dhcp_unlink(ifp->ctx, state->leasefile); 2812 } 2813 #endif 2814 2815 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2816 #ifdef AUTH 2817 dhcp_auth_reset(&state->auth); 2818 #endif 2819 2820 /* Close DHCP ports so a changed interface family is picked 2821 * up by a new BPF state. */ 2822 dhcp_close(ifp); 2823 2824 state->state = DHS_NONE; 2825 free(state->offer); 2826 state->offer = NULL; 2827 state->offer_len = 0; 2828 free(state->old); 2829 state->old = state->new; 2830 state->old_len = state->new_len; 2831 state->new = NULL; 2832 state->new_len = 0; 2833 state->reason = reason; 2834 if (ifp->options->options & DHCPCD_CONFIGURE) 2835 ipv4_applyaddr(ifp); 2836 else { 2837 state->addr = NULL; 2838 state->added = 0; 2839 script_runreason(ifp, state->reason); 2840 } 2841 free(state->old); 2842 state->old = NULL; 2843 state->old_len = 0; 2844 state->lease.addr.s_addr = 0; 2845 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 2846 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 2847 } 2848 2849 static int 2850 blacklisted_ip(const struct if_options *ifo, in_addr_t addr) 2851 { 2852 size_t i; 2853 2854 for (i = 0; i < ifo->blacklist_len; i += 2) 2855 if (ifo->blacklist[i] == (addr & ifo->blacklist[i + 1])) 2856 return 1; 2857 return 0; 2858 } 2859 2860 #define WHTLST_NONE 0 2861 #define WHTLST_MATCH 1 2862 #define WHTLST_NOMATCH 2 2863 static unsigned int 2864 whitelisted_ip(const struct if_options *ifo, in_addr_t addr) 2865 { 2866 size_t i; 2867 2868 if (ifo->whitelist_len == 0) 2869 return WHTLST_NONE; 2870 for (i = 0; i < ifo->whitelist_len; i += 2) 2871 if (ifo->whitelist[i] == (addr & ifo->whitelist[i + 1])) 2872 return WHTLST_MATCH; 2873 return WHTLST_NOMATCH; 2874 } 2875 2876 static void 2877 log_dhcp(int loglevel, const char *msg, 2878 const struct interface *ifp, const struct bootp *bootp, size_t bootp_len, 2879 const struct in_addr *from, int ad) 2880 { 2881 const char *tfrom; 2882 char *a, sname[sizeof(bootp->sname) * 4]; 2883 struct in_addr addr; 2884 int r; 2885 uint8_t overl; 2886 2887 if (strcmp(msg, "NAK:") == 0) { 2888 a = get_option_string(ifp->ctx, bootp, bootp_len, DHO_MESSAGE); 2889 if (a) { 2890 char *tmp; 2891 size_t al, tmpl; 2892 2893 al = strlen(a); 2894 tmpl = (al * 4) + 1; 2895 tmp = malloc(tmpl); 2896 if (tmp == NULL) { 2897 logerr(__func__); 2898 free(a); 2899 return; 2900 } 2901 print_string(tmp, tmpl, OT_STRING, (uint8_t *)a, al); 2902 free(a); 2903 a = tmp; 2904 } 2905 } else if (ad && bootp->yiaddr != 0) { 2906 addr.s_addr = bootp->yiaddr; 2907 a = strdup(inet_ntoa(addr)); 2908 if (a == NULL) { 2909 logerr(__func__); 2910 return; 2911 } 2912 } else 2913 a = NULL; 2914 2915 tfrom = "from"; 2916 r = get_option_addr(ifp->ctx, &addr, bootp, bootp_len, DHO_SERVERID); 2917 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 2918 DHO_OPTSOVERLOADED) == -1) 2919 overl = 0; 2920 if (bootp->sname[0] && r == 0 && !(overl & 2)) { 2921 print_string(sname, sizeof(sname), OT_STRING | OT_DOMAIN, 2922 bootp->sname, sizeof(bootp->sname)); 2923 if (a == NULL) 2924 logmessage(loglevel, "%s: %s %s %s %s", 2925 ifp->name, msg, tfrom, inet_ntoa(addr), sname); 2926 else 2927 logmessage(loglevel, "%s: %s %s %s %s %s", 2928 ifp->name, msg, a, tfrom, inet_ntoa(addr), sname); 2929 } else { 2930 if (r != 0) { 2931 tfrom = "via"; 2932 addr = *from; 2933 } 2934 if (a == NULL) 2935 logmessage(loglevel, "%s: %s %s %s", 2936 ifp->name, msg, tfrom, inet_ntoa(addr)); 2937 else 2938 logmessage(loglevel, "%s: %s %s %s %s", 2939 ifp->name, msg, a, tfrom, inet_ntoa(addr)); 2940 } 2941 free(a); 2942 } 2943 2944 /* If we're sharing the same IP address with another interface on the 2945 * same network, we may receive the DHCP reply on the wrong interface. 2946 * Try and re-direct it here. */ 2947 static void 2948 dhcp_redirect_dhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2949 const struct in_addr *from) 2950 { 2951 struct interface *ifn; 2952 const struct dhcp_state *state; 2953 uint32_t xid; 2954 2955 xid = ntohl(bootp->xid); 2956 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) { 2957 if (ifn == ifp) 2958 continue; 2959 state = D_CSTATE(ifn); 2960 if (state == NULL || state->state == DHS_NONE) 2961 continue; 2962 if (state->xid != xid) 2963 continue; 2964 if (ifn->hwlen <= sizeof(bootp->chaddr) && 2965 memcmp(bootp->chaddr, ifn->hwaddr, ifn->hwlen)) 2966 continue; 2967 logdebugx("%s: redirecting DHCP message to %s", 2968 ifp->name, ifn->name); 2969 dhcp_handledhcp(ifn, bootp, bootp_len, from); 2970 } 2971 } 2972 2973 static void 2974 dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2975 const struct in_addr *from) 2976 { 2977 struct dhcp_state *state = D_STATE(ifp); 2978 struct if_options *ifo = ifp->options; 2979 struct dhcp_lease *lease = &state->lease; 2980 uint8_t type, tmp; 2981 struct in_addr addr; 2982 unsigned int i; 2983 char *msg; 2984 bool bootp_copied; 2985 uint32_t v6only_time = 0; 2986 bool use_v6only = false; 2987 #ifdef AUTH 2988 const uint8_t *auth; 2989 size_t auth_len; 2990 #endif 2991 #ifdef IN_IFF_DUPLICATED 2992 struct ipv4_addr *ia; 2993 #endif 2994 2995 #define LOGDHCP0(l, m) \ 2996 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 0) 2997 #define LOGDHCP(l, m) \ 2998 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 1) 2999 3000 #define IS_STATE_ACTIVE(s) ((s)-state != DHS_NONE && \ 3001 (s)->state != DHS_INIT && (s)->state != DHS_BOUND) 3002 3003 if (bootp->op != BOOTREPLY) { 3004 if (IS_STATE_ACTIVE(state)) 3005 logdebugx("%s: op (%d) is not BOOTREPLY", 3006 ifp->name, bootp->op); 3007 return; 3008 } 3009 3010 if (state->xid != ntohl(bootp->xid)) { 3011 if (IS_STATE_ACTIVE(state)) 3012 logdebugx("%s: wrong xid 0x%x (expecting 0x%x) from %s", 3013 ifp->name, ntohl(bootp->xid), state->xid, 3014 inet_ntoa(*from)); 3015 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 3016 return; 3017 } 3018 3019 if (ifp->hwlen <= sizeof(bootp->chaddr) && 3020 memcmp(bootp->chaddr, ifp->hwaddr, ifp->hwlen)) 3021 { 3022 if (IS_STATE_ACTIVE(state)) { 3023 char buf[sizeof(bootp->chaddr) * 3]; 3024 3025 logdebugx("%s: xid 0x%x is for hwaddr %s", 3026 ifp->name, ntohl(bootp->xid), 3027 hwaddr_ntoa(bootp->chaddr, sizeof(bootp->chaddr), 3028 buf, sizeof(buf))); 3029 } 3030 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 3031 return; 3032 } 3033 3034 if (!ifp->active) 3035 return; 3036 3037 i = whitelisted_ip(ifp->options, from->s_addr); 3038 switch (i) { 3039 case WHTLST_NOMATCH: 3040 logwarnx("%s: non whitelisted DHCP packet from %s", 3041 ifp->name, inet_ntoa(*from)); 3042 return; 3043 case WHTLST_MATCH: 3044 break; 3045 case WHTLST_NONE: 3046 if (blacklisted_ip(ifp->options, from->s_addr) == 1) { 3047 logwarnx("%s: blacklisted DHCP packet from %s", 3048 ifp->name, inet_ntoa(*from)); 3049 return; 3050 } 3051 } 3052 3053 /* We may have found a BOOTP server */ 3054 if (get_option_uint8(ifp->ctx, &type, 3055 bootp, bootp_len, DHO_MESSAGETYPE) == -1) 3056 type = 0; 3057 else if (ifo->options & DHCPCD_BOOTP) { 3058 logdebugx("%s: ignoring DHCP reply (expecting BOOTP)", 3059 ifp->name); 3060 return; 3061 } 3062 3063 #ifdef AUTH 3064 /* Authenticate the message */ 3065 auth = get_option(ifp->ctx, bootp, bootp_len, 3066 DHO_AUTHENTICATION, &auth_len); 3067 if (auth) { 3068 if (dhcp_auth_validate(&state->auth, &ifo->auth, 3069 (uint8_t *)bootp, bootp_len, 4, type, 3070 auth, auth_len) == NULL) 3071 { 3072 LOGDHCP0(LOG_ERR, "authentication failed"); 3073 return; 3074 } 3075 if (state->auth.token) 3076 logdebugx("%s: validated using 0x%08" PRIu32, 3077 ifp->name, state->auth.token->secretid); 3078 else 3079 loginfox("%s: accepted reconfigure key", ifp->name); 3080 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) { 3081 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 3082 LOGDHCP0(LOG_ERR, "no authentication"); 3083 return; 3084 } 3085 LOGDHCP0(LOG_WARNING, "no authentication"); 3086 } 3087 #endif 3088 3089 /* RFC 3203 */ 3090 if (type == DHCP_FORCERENEW) { 3091 if (from->s_addr == INADDR_ANY || 3092 from->s_addr == INADDR_BROADCAST) 3093 { 3094 LOGDHCP(LOG_ERR, "discarding Force Renew"); 3095 return; 3096 } 3097 #ifdef AUTH 3098 if (auth == NULL) { 3099 LOGDHCP(LOG_ERR, "unauthenticated Force Renew"); 3100 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) 3101 return; 3102 } 3103 if (state->state != DHS_BOUND && state->state != DHS_INFORM) { 3104 LOGDHCP(LOG_DEBUG, "not bound, ignoring Force Renew"); 3105 return; 3106 } 3107 LOGDHCP(LOG_INFO, "Force Renew from"); 3108 /* The rebind and expire timings are still the same, we just 3109 * enter the renew state early */ 3110 if (state->state == DHS_BOUND) 3111 dhcp_renew(ifp); 3112 else { 3113 eloop_timeout_delete(ifp->ctx->eloop, 3114 send_inform, ifp); 3115 dhcp_inform(ifp); 3116 } 3117 #else 3118 LOGDHCP(LOG_ERR, "unauthenticated Force Renew"); 3119 #endif 3120 return; 3121 } 3122 3123 if (state->state == DHS_BOUND) { 3124 LOGDHCP(LOG_DEBUG, "bound, ignoring"); 3125 return; 3126 } 3127 3128 if (state->state == DHS_PROBE) { 3129 /* Ignore any DHCP messages whilst probing a lease to bind. */ 3130 LOGDHCP(LOG_DEBUG, "probing, ignoring"); 3131 return; 3132 } 3133 3134 /* reset the message counter */ 3135 state->interval = 0; 3136 3137 /* Ensure that no reject options are present */ 3138 for (i = 1; i < 255; i++) { 3139 if (has_option_mask(ifo->rejectmask, i) && 3140 get_option_uint8(ifp->ctx, &tmp, 3141 bootp, bootp_len, (uint8_t)i) == 0) 3142 { 3143 LOGDHCP(LOG_WARNING, "reject DHCP"); 3144 return; 3145 } 3146 } 3147 3148 if (type == DHCP_NAK) { 3149 /* For NAK, only check if we require the ServerID */ 3150 if (has_option_mask(ifo->requiremask, DHO_SERVERID) && 3151 get_option_addr(ifp->ctx, &addr, 3152 bootp, bootp_len, DHO_SERVERID) == -1) 3153 { 3154 LOGDHCP(LOG_WARNING, "reject NAK"); 3155 return; 3156 } 3157 3158 /* We should restart on a NAK */ 3159 LOGDHCP(LOG_WARNING, "NAK:"); 3160 if ((msg = get_option_string(ifp->ctx, 3161 bootp, bootp_len, DHO_MESSAGE))) 3162 { 3163 logwarnx("%s: message: %s", ifp->name, msg); 3164 free(msg); 3165 } 3166 if (state->state == DHS_INFORM) /* INFORM should not be NAKed */ 3167 return; 3168 if (!(ifp->ctx->options & DHCPCD_TEST)) { 3169 dhcp_drop(ifp, "NAK"); 3170 dhcp_unlink(ifp->ctx, state->leasefile); 3171 } 3172 3173 /* If we constantly get NAKS then we should slowly back off */ 3174 eloop_timeout_add_sec(ifp->ctx->eloop, 3175 state->nakoff, dhcp_discover, ifp); 3176 if (state->nakoff == 0) 3177 state->nakoff = 1; 3178 else { 3179 state->nakoff *= 2; 3180 if (state->nakoff > NAKOFF_MAX) 3181 state->nakoff = NAKOFF_MAX; 3182 } 3183 return; 3184 } 3185 3186 /* Ensure that all required options are present */ 3187 for (i = 1; i < 255; i++) { 3188 if (has_option_mask(ifo->requiremask, i) && 3189 get_option_uint8(ifp->ctx, &tmp, 3190 bootp, bootp_len, (uint8_t)i) != 0) 3191 { 3192 /* If we are BOOTP, then ignore the need for serverid. 3193 * To ignore BOOTP, require dhcp_message_type. 3194 * However, nothing really stops BOOTP from providing 3195 * DHCP style options as well so the above isn't 3196 * always true. */ 3197 if (type == 0 && i == DHO_SERVERID) 3198 continue; 3199 LOGDHCP(LOG_WARNING, "reject DHCP"); 3200 return; 3201 } 3202 } 3203 3204 if (has_option_mask(ifo->requestmask, DHO_IPV6_PREFERRED_ONLY)) { 3205 if (get_option_uint32(ifp->ctx, &v6only_time, bootp, bootp_len, 3206 DHO_IPV6_PREFERRED_ONLY) == 0 && 3207 (state->state == DHS_DISCOVER || state->state == DHS_REBOOT)) 3208 { 3209 char v6msg[128]; 3210 3211 use_v6only = true; 3212 if (v6only_time < MIN_V6ONLY_WAIT) 3213 v6only_time = MIN_V6ONLY_WAIT; 3214 snprintf(v6msg, sizeof(v6msg), 3215 "IPv6-Only Preferred received (%u seconds)", 3216 v6only_time); 3217 LOGDHCP(LOG_INFO, v6msg); 3218 } 3219 } 3220 3221 /* DHCP Auto-Configure, RFC 2563 */ 3222 if (type == DHCP_OFFER && bootp->yiaddr == 0) { 3223 LOGDHCP(LOG_WARNING, "no address given"); 3224 if ((msg = get_option_string(ifp->ctx, 3225 bootp, bootp_len, DHO_MESSAGE))) 3226 { 3227 logwarnx("%s: message: %s", ifp->name, msg); 3228 free(msg); 3229 } 3230 #ifdef IPV4LL 3231 if (state->state == DHS_DISCOVER && 3232 get_option_uint8(ifp->ctx, &tmp, bootp, bootp_len, 3233 DHO_AUTOCONFIGURE) == 0) 3234 { 3235 switch (tmp) { 3236 case 0: 3237 LOGDHCP(LOG_WARNING, "IPv4LL disabled from"); 3238 ipv4ll_drop(ifp); 3239 #ifdef ARP 3240 arp_drop(ifp); 3241 #endif 3242 break; 3243 case 1: 3244 LOGDHCP(LOG_WARNING, "IPv4LL enabled from"); 3245 ipv4ll_start(ifp); 3246 break; 3247 default: 3248 logerrx("%s: unknown auto configuration " 3249 "option %d", 3250 ifp->name, tmp); 3251 break; 3252 } 3253 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3254 eloop_timeout_add_sec(ifp->ctx->eloop, 3255 use_v6only ? v6only_time : DHCP_MAX, 3256 dhcp_discover, ifp); 3257 } 3258 #endif 3259 return; 3260 } 3261 3262 if (use_v6only) { 3263 dhcp_drop(ifp, "EXPIRE"); 3264 dhcp_unlink(ifp->ctx, state->leasefile); 3265 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3266 eloop_timeout_add_sec(ifp->ctx->eloop, v6only_time, 3267 dhcp_discover, ifp); 3268 return; 3269 } 3270 3271 /* Ensure that the address offered is valid */ 3272 if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) && 3273 (bootp->ciaddr == INADDR_ANY || bootp->ciaddr == INADDR_BROADCAST) 3274 && 3275 (bootp->yiaddr == INADDR_ANY || bootp->yiaddr == INADDR_BROADCAST)) 3276 { 3277 LOGDHCP(LOG_WARNING, "reject invalid address"); 3278 return; 3279 } 3280 3281 #ifdef IN_IFF_DUPLICATED 3282 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 3283 if (ia && ia->addr_flags & IN_IFF_DUPLICATED) { 3284 LOGDHCP(LOG_WARNING, "declined duplicate address"); 3285 if (type) 3286 dhcp_decline(ifp); 3287 ipv4_deladdr(ia, 0); 3288 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3289 eloop_timeout_add_sec(ifp->ctx->eloop, 3290 DHCP_RAND_MAX, dhcp_discover, ifp); 3291 return; 3292 } 3293 #endif 3294 3295 bootp_copied = false; 3296 if ((type == 0 || type == DHCP_OFFER) && state->state == DHS_DISCOVER) { 3297 lease->frominfo = 0; 3298 lease->addr.s_addr = bootp->yiaddr; 3299 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 3300 if (type == 0 || 3301 get_option_addr(ifp->ctx, 3302 &lease->server, bootp, bootp_len, DHO_SERVERID) != 0) 3303 lease->server.s_addr = INADDR_ANY; 3304 3305 /* Test for rapid commit in the OFFER */ 3306 if (!(ifp->ctx->options & DHCPCD_TEST) && 3307 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT) && 3308 get_option(ifp->ctx, bootp, bootp_len, 3309 DHO_RAPIDCOMMIT, NULL)) 3310 { 3311 state->state = DHS_REQUEST; 3312 goto rapidcommit; 3313 } 3314 3315 LOGDHCP(LOG_INFO, "offered"); 3316 if (state->offer_len < bootp_len) { 3317 free(state->offer); 3318 if ((state->offer = malloc(bootp_len)) == NULL) { 3319 logerr(__func__); 3320 state->offer_len = 0; 3321 return; 3322 } 3323 } 3324 state->offer_len = bootp_len; 3325 memcpy(state->offer, bootp, bootp_len); 3326 bootp_copied = true; 3327 if (ifp->ctx->options & DHCPCD_TEST) { 3328 free(state->old); 3329 state->old = state->new; 3330 state->old_len = state->new_len; 3331 state->new = state->offer; 3332 state->new_len = state->offer_len; 3333 state->offer = NULL; 3334 state->offer_len = 0; 3335 state->reason = "TEST"; 3336 script_runreason(ifp, state->reason); 3337 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3338 state->bpf->bpf_flags |= BPF_EOF; 3339 return; 3340 } 3341 eloop_timeout_delete(ifp->ctx->eloop, send_discover, ifp); 3342 /* We don't request BOOTP addresses */ 3343 if (type) { 3344 /* We used to ARP check here, but that seems to be in 3345 * violation of RFC2131 where it only describes 3346 * DECLINE after REQUEST. 3347 * It also seems that some MS DHCP servers actually 3348 * ignore DECLINE if no REQUEST, ie we decline a 3349 * DISCOVER. */ 3350 dhcp_request(ifp); 3351 return; 3352 } 3353 } 3354 3355 if (type) { 3356 if (type == DHCP_OFFER) { 3357 LOGDHCP(LOG_WARNING, "ignoring offer of"); 3358 return; 3359 } 3360 3361 /* We should only be dealing with acks */ 3362 if (type != DHCP_ACK) { 3363 LOGDHCP(LOG_ERR, "not ACK or OFFER"); 3364 return; 3365 } 3366 3367 if (state->state == DHS_DISCOVER) { 3368 /* We only allow ACK of rapid commit DISCOVER. */ 3369 if (has_option_mask(ifo->requestmask, 3370 DHO_RAPIDCOMMIT) && 3371 get_option(ifp->ctx, bootp, bootp_len, 3372 DHO_RAPIDCOMMIT, NULL)) 3373 state->state = DHS_REQUEST; 3374 else { 3375 LOGDHCP(LOG_DEBUG, "ignoring ack of"); 3376 return; 3377 } 3378 } 3379 3380 rapidcommit: 3381 if (!(ifo->options & DHCPCD_INFORM)) 3382 LOGDHCP(LOG_DEBUG, "acknowledged"); 3383 else 3384 ifo->options &= ~DHCPCD_STATIC; 3385 } 3386 3387 /* No NAK, so reset the backoff 3388 * We don't reset on an OFFER message because the server could 3389 * potentially NAK the REQUEST. */ 3390 state->nakoff = 0; 3391 3392 /* BOOTP could have already assigned this above. */ 3393 if (!bootp_copied) { 3394 if (state->offer_len < bootp_len) { 3395 free(state->offer); 3396 if ((state->offer = malloc(bootp_len)) == NULL) { 3397 logerr(__func__); 3398 state->offer_len = 0; 3399 return; 3400 } 3401 } 3402 state->offer_len = bootp_len; 3403 memcpy(state->offer, bootp, bootp_len); 3404 } 3405 3406 lease->frominfo = 0; 3407 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3408 3409 #if defined(ARP) || defined(KERNEL_RFC5227) 3410 dhcp_arp_bind(ifp); 3411 #else 3412 dhcp_bind(ifp); 3413 #endif 3414 } 3415 3416 static void * 3417 get_udp_data(void *packet, size_t *len) 3418 { 3419 const struct ip *ip = packet; 3420 size_t ip_hl = (size_t)ip->ip_hl * 4; 3421 char *p = packet; 3422 3423 p += ip_hl + sizeof(struct udphdr); 3424 *len = (size_t)ntohs(ip->ip_len) - sizeof(struct udphdr) - ip_hl; 3425 return p; 3426 } 3427 3428 static bool 3429 is_packet_udp_bootp(void *packet, size_t plen) 3430 { 3431 struct ip *ip = packet; 3432 size_t ip_hlen; 3433 struct udphdr udp; 3434 3435 if (plen < sizeof(*ip)) 3436 return false; 3437 3438 if (ip->ip_v != IPVERSION || ip->ip_p != IPPROTO_UDP) 3439 return false; 3440 3441 /* Sanity. */ 3442 if (ntohs(ip->ip_len) > plen) 3443 return false; 3444 3445 ip_hlen = (size_t)ip->ip_hl * 4; 3446 if (ip_hlen < sizeof(*ip)) 3447 return false; 3448 3449 /* Check we have a UDP header and BOOTP. */ 3450 if (ip_hlen + sizeof(udp) + offsetof(struct bootp, vend) > plen) 3451 return false; 3452 3453 /* Sanity. */ 3454 memcpy(&udp, (char *)ip + ip_hlen, sizeof(udp)); 3455 if (ntohs(udp.uh_ulen) < sizeof(udp)) 3456 return false; 3457 if (ip_hlen + ntohs(udp.uh_ulen) > plen) 3458 return false; 3459 3460 /* Check it's to and from the right ports. */ 3461 if (udp.uh_dport != htons(BOOTPC) || udp.uh_sport != htons(BOOTPS)) 3462 return false; 3463 3464 return true; 3465 } 3466 3467 /* Lengths have already been checked. */ 3468 static bool 3469 checksums_valid(void *packet, 3470 struct in_addr *from, unsigned int flags) 3471 { 3472 struct ip *ip = packet; 3473 union pip { 3474 struct ip ip; 3475 uint16_t w[sizeof(struct ip) / 2]; 3476 } pip = { 3477 .ip = { 3478 .ip_p = IPPROTO_UDP, 3479 .ip_src = ip->ip_src, 3480 .ip_dst = ip->ip_dst, 3481 } 3482 }; 3483 size_t ip_hlen; 3484 struct udphdr udp; 3485 char *udpp, *uh_sump; 3486 uint32_t csum; 3487 3488 if (from != NULL) 3489 from->s_addr = ip->ip_src.s_addr; 3490 3491 ip_hlen = (size_t)ip->ip_hl * 4; 3492 if (in_cksum(ip, ip_hlen, NULL) != 0) 3493 return false; 3494 3495 if (flags & BPF_PARTIALCSUM) 3496 return true; 3497 3498 udpp = (char *)ip + ip_hlen; 3499 memcpy(&udp, udpp, sizeof(udp)); 3500 if (udp.uh_sum == 0) 3501 return true; 3502 3503 /* UDP checksum is based on a pseudo IP header alongside 3504 * the UDP header and payload. */ 3505 pip.ip.ip_len = udp.uh_ulen; 3506 csum = 0; 3507 3508 /* Need to zero the UDP sum in the packet for the checksum to work. */ 3509 uh_sump = udpp + offsetof(struct udphdr, uh_sum); 3510 memset(uh_sump, 0, sizeof(udp.uh_sum)); 3511 3512 /* Checksum pseudo header and then UDP + payload. */ 3513 in_cksum(pip.w, sizeof(pip.w), &csum); 3514 csum = in_cksum(udpp, ntohs(udp.uh_ulen), &csum); 3515 3516 #if 0 /* Not needed, just here for completeness. */ 3517 /* Put the checksum back. */ 3518 memcpy(uh_sump, &udp.uh_sum, sizeof(udp.uh_sum)); 3519 #endif 3520 3521 return csum == udp.uh_sum; 3522 } 3523 3524 static void 3525 dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len, 3526 struct in_addr *from) 3527 { 3528 size_t v; 3529 3530 if (len < offsetof(struct bootp, vend)) { 3531 logerrx("%s: truncated packet (%zu) from %s", 3532 ifp->name, len, inet_ntoa(*from)); 3533 return; 3534 } 3535 3536 /* Unlikely, but appeases sanitizers. */ 3537 if (len > FRAMELEN_MAX) { 3538 logerrx("%s: packet exceeded frame length (%zu) from %s", 3539 ifp->name, len, inet_ntoa(*from)); 3540 return; 3541 } 3542 3543 /* To make our IS_DHCP macro easy, ensure the vendor 3544 * area has at least 4 octets. */ 3545 v = len - offsetof(struct bootp, vend); 3546 while (v < 4) { 3547 bootp->vend[v++] = '\0'; 3548 len++; 3549 } 3550 3551 dhcp_handledhcp(ifp, bootp, len, from); 3552 } 3553 3554 void 3555 dhcp_packet(struct interface *ifp, uint8_t *data, size_t len, 3556 unsigned int bpf_flags) 3557 { 3558 struct bootp *bootp; 3559 struct in_addr from; 3560 size_t udp_len; 3561 size_t fl = bpf_frame_header_len(ifp); 3562 #ifdef PRIVSEP 3563 const struct dhcp_state *state = D_CSTATE(ifp); 3564 3565 /* It's possible that an interface departs and arrives in short 3566 * order to receive a BPF frame out of order. 3567 * There is a similar check in ARP, but much lower down the stack. 3568 * It's not needed for other inet protocols because we send the 3569 * message as a whole and select the interface off that and then 3570 * check state. BPF on the other hand is very interface 3571 * specific and we do need this check. */ 3572 if (state == NULL) 3573 return; 3574 3575 /* Ignore double reads */ 3576 if (IN_PRIVSEP(ifp->ctx)) { 3577 switch (state->state) { 3578 case DHS_BOUND: /* FALLTHROUGH */ 3579 case DHS_RENEW: 3580 return; 3581 default: 3582 break; 3583 } 3584 } 3585 #endif 3586 3587 /* Trim frame header */ 3588 if (fl != 0) { 3589 if (len < fl) { 3590 logerrx("%s: %s: short frame header %zu", 3591 __func__, ifp->name, len); 3592 return; 3593 } 3594 len -= fl; 3595 /* Move the data to avoid alignment errors. */ 3596 memmove(data, data + fl, len); 3597 } 3598 3599 /* Validate filter. */ 3600 if (!is_packet_udp_bootp(data, len)) { 3601 #ifdef BPF_DEBUG 3602 logerrx("%s: DHCP BPF validation failure", ifp->name); 3603 #endif 3604 return; 3605 } 3606 3607 if (!checksums_valid(data, &from, bpf_flags)) { 3608 logerrx("%s: checksum failure from %s", 3609 ifp->name, inet_ntoa(from)); 3610 return; 3611 } 3612 3613 /* 3614 * DHCP has a variable option area rather than a fixed vendor area. 3615 * Because DHCP uses the BOOTP protocol it should still send BOOTP 3616 * sized packets to be RFC compliant. 3617 * However some servers send a truncated vendor area. 3618 * dhcpcd can work fine without the vendor area being sent. 3619 */ 3620 bootp = get_udp_data(data, &udp_len); 3621 dhcp_handlebootp(ifp, bootp, udp_len, &from); 3622 } 3623 3624 static void 3625 dhcp_readbpf(void *arg) 3626 { 3627 struct interface *ifp = arg; 3628 uint8_t buf[FRAMELEN_MAX]; 3629 ssize_t bytes; 3630 struct dhcp_state *state = D_STATE(ifp); 3631 struct bpf *bpf = state->bpf; 3632 3633 bpf->bpf_flags &= ~BPF_EOF; 3634 while (!(bpf->bpf_flags & BPF_EOF)) { 3635 bytes = bpf_read(bpf, buf, sizeof(buf)); 3636 if (bytes == -1) { 3637 if (state->state != DHS_NONE) { 3638 logerr("%s: %s", __func__, ifp->name); 3639 dhcp_close(ifp); 3640 } 3641 break; 3642 } 3643 dhcp_packet(ifp, buf, (size_t)bytes, bpf->bpf_flags); 3644 /* Check we still have a state after processing. */ 3645 if ((state = D_STATE(ifp)) == NULL) 3646 break; 3647 if ((bpf = state->bpf) == NULL) 3648 break; 3649 } 3650 } 3651 3652 void 3653 dhcp_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg) 3654 { 3655 struct sockaddr_in *from = (struct sockaddr_in *)msg->msg_name; 3656 struct iovec *iov = &msg->msg_iov[0]; 3657 struct interface *ifp; 3658 const struct dhcp_state *state; 3659 3660 ifp = if_findifpfromcmsg(ctx, msg, NULL); 3661 if (ifp == NULL) { 3662 logerr(__func__); 3663 return; 3664 } 3665 state = D_CSTATE(ifp); 3666 if (state == NULL) { 3667 /* Try re-directing it to another interface. */ 3668 dhcp_redirect_dhcp(ifp, (struct bootp *)iov->iov_base, 3669 iov->iov_len, &from->sin_addr); 3670 return; 3671 } 3672 3673 if (state->bpf != NULL) { 3674 /* Avoid a duplicate read if BPF is open for the interface. */ 3675 return; 3676 } 3677 #ifdef PRIVSEP 3678 if (IN_PRIVSEP(ctx)) { 3679 switch (state->state) { 3680 case DHS_BOUND: /* FALLTHROUGH */ 3681 case DHS_RENEW: 3682 break; 3683 default: 3684 /* Any other state we ignore it or will receive 3685 * via BPF. */ 3686 return; 3687 } 3688 } 3689 #endif 3690 3691 dhcp_handlebootp(ifp, iov->iov_base, iov->iov_len, 3692 &from->sin_addr); 3693 } 3694 3695 static void 3696 dhcp_readudp(struct dhcpcd_ctx *ctx, struct interface *ifp) 3697 { 3698 const struct dhcp_state *state; 3699 struct sockaddr_in from; 3700 union { 3701 struct bootp bootp; 3702 uint8_t buf[10 * 1024]; /* Maximum MTU */ 3703 } iovbuf; 3704 struct iovec iov = { 3705 .iov_base = iovbuf.buf, 3706 .iov_len = sizeof(iovbuf.buf), 3707 }; 3708 union { 3709 struct cmsghdr hdr; 3710 #ifdef IP_RECVIF 3711 uint8_t buf[CMSG_SPACE(sizeof(struct sockaddr_dl))]; 3712 #else 3713 uint8_t buf[CMSG_SPACE(sizeof(struct in_pktinfo))]; 3714 #endif 3715 } cmsgbuf = { .buf = { 0 } }; 3716 struct msghdr msg = { 3717 .msg_name = &from, .msg_namelen = sizeof(from), 3718 .msg_iov = &iov, .msg_iovlen = 1, 3719 .msg_control = cmsgbuf.buf, .msg_controllen = sizeof(cmsgbuf.buf), 3720 }; 3721 int s; 3722 ssize_t bytes; 3723 3724 if (ifp != NULL) { 3725 state = D_CSTATE(ifp); 3726 s = state->udp_rfd; 3727 } else 3728 s = ctx->udp_rfd; 3729 3730 bytes = recvmsg(s, &msg, 0); 3731 if (bytes == -1) { 3732 logerr(__func__); 3733 return; 3734 } 3735 3736 iov.iov_len = (size_t)bytes; 3737 dhcp_recvmsg(ctx, &msg); 3738 } 3739 3740 static void 3741 dhcp_handleudp(void *arg) 3742 { 3743 struct dhcpcd_ctx *ctx = arg; 3744 3745 dhcp_readudp(ctx, NULL); 3746 } 3747 3748 static void 3749 dhcp_handleifudp(void *arg) 3750 { 3751 struct interface *ifp = arg; 3752 3753 dhcp_readudp(ifp->ctx, ifp); 3754 } 3755 3756 static int 3757 dhcp_openbpf(struct interface *ifp) 3758 { 3759 struct dhcp_state *state; 3760 3761 state = D_STATE(ifp); 3762 3763 #ifdef PRIVSEP 3764 if (IN_PRIVSEP_SE(ifp->ctx)) { 3765 if (ps_bpf_openbootp(ifp) == -1) { 3766 logerr(__func__); 3767 return -1; 3768 } 3769 return 0; 3770 } 3771 #endif 3772 3773 if (state->bpf != NULL) 3774 return 0; 3775 3776 state->bpf = bpf_open(ifp, bpf_bootp, NULL); 3777 if (state->bpf == NULL) { 3778 if (errno == ENOENT) { 3779 logerrx("%s not found", bpf_name); 3780 /* May as well disable IPv4 entirely at 3781 * this point as we really need it. */ 3782 ifp->options->options &= ~DHCPCD_IPV4; 3783 } else 3784 logerr("%s: %s", __func__, ifp->name); 3785 return -1; 3786 } 3787 3788 eloop_event_add(ifp->ctx->eloop, 3789 state->bpf->bpf_fd, dhcp_readbpf, ifp); 3790 return 0; 3791 } 3792 3793 void 3794 dhcp_free(struct interface *ifp) 3795 { 3796 struct dhcp_state *state = D_STATE(ifp); 3797 struct dhcpcd_ctx *ctx; 3798 3799 dhcp_close(ifp); 3800 #ifdef ARP 3801 arp_drop(ifp); 3802 #endif 3803 if (state) { 3804 state->state = DHS_NONE; 3805 free(state->old); 3806 free(state->new); 3807 free(state->offer); 3808 free(state->clientid); 3809 free(state); 3810 } 3811 3812 ctx = ifp->ctx; 3813 /* If we don't have any more DHCP enabled interfaces, 3814 * close the global socket and release resources */ 3815 if (ctx->ifaces) { 3816 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3817 state = D_STATE(ifp); 3818 if (state != NULL && state->state != DHS_NONE) 3819 break; 3820 } 3821 } 3822 if (ifp == NULL) { 3823 if (ctx->udp_rfd != -1) { 3824 eloop_event_delete(ctx->eloop, ctx->udp_rfd); 3825 close(ctx->udp_rfd); 3826 ctx->udp_rfd = -1; 3827 } 3828 if (ctx->udp_wfd != -1) { 3829 close(ctx->udp_wfd); 3830 ctx->udp_wfd = -1; 3831 } 3832 3833 free(ctx->opt_buffer); 3834 ctx->opt_buffer = NULL; 3835 } 3836 } 3837 3838 static int 3839 dhcp_initstate(struct interface *ifp) 3840 { 3841 struct dhcp_state *state; 3842 3843 state = D_STATE(ifp); 3844 if (state != NULL) 3845 return 0; 3846 3847 ifp->if_data[IF_DATA_DHCP] = calloc(1, sizeof(*state)); 3848 state = D_STATE(ifp); 3849 if (state == NULL) 3850 return -1; 3851 3852 state->state = DHS_NONE; 3853 /* 0 is a valid fd, so init to -1 */ 3854 state->udp_rfd = -1; 3855 #ifdef ARPING 3856 state->arping_index = -1; 3857 #endif 3858 return 1; 3859 } 3860 3861 static int 3862 dhcp_init(struct interface *ifp) 3863 { 3864 struct dhcp_state *state; 3865 struct if_options *ifo; 3866 uint8_t len; 3867 char buf[(sizeof(ifo->clientid) - 1) * 3]; 3868 3869 if (dhcp_initstate(ifp) == -1) 3870 return -1; 3871 3872 state = D_STATE(ifp); 3873 state->state = DHS_INIT; 3874 state->reason = "PREINIT"; 3875 state->nakoff = 0; 3876 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3877 AF_INET, ifp); 3878 3879 ifo = ifp->options; 3880 /* We need to drop the leasefile so that dhcp_start 3881 * doesn't load it. */ 3882 if (ifo->options & DHCPCD_REQUEST) 3883 dhcp_unlink(ifp->ctx, state->leasefile); 3884 3885 free(state->clientid); 3886 state->clientid = NULL; 3887 3888 if (ifo->options & DHCPCD_ANONYMOUS) { 3889 uint8_t duid[DUID_LEN]; 3890 uint8_t duid_len; 3891 3892 duid_len = (uint8_t)duid_make(duid, ifp, DUID_LL); 3893 if (duid_len != 0) { 3894 state->clientid = malloc((size_t)duid_len + 6); 3895 if (state->clientid == NULL) 3896 goto eexit; 3897 state->clientid[0] =(uint8_t)(duid_len + 5); 3898 state->clientid[1] = 255; /* RFC 4361 */ 3899 memcpy(state->clientid + 2, ifo->iaid, 4); 3900 memset(state->clientid + 2, 0, 4); /* IAID */ 3901 memcpy(state->clientid + 6, duid, duid_len); 3902 } 3903 } else if (*ifo->clientid) { 3904 state->clientid = malloc((size_t)(ifo->clientid[0] + 1)); 3905 if (state->clientid == NULL) 3906 goto eexit; 3907 memcpy(state->clientid, ifo->clientid, 3908 (size_t)(ifo->clientid[0]) + 1); 3909 } else if (ifo->options & DHCPCD_CLIENTID) { 3910 if (ifo->options & DHCPCD_DUID) { 3911 state->clientid = malloc(ifp->ctx->duid_len + 6); 3912 if (state->clientid == NULL) 3913 goto eexit; 3914 state->clientid[0] =(uint8_t)(ifp->ctx->duid_len + 5); 3915 state->clientid[1] = 255; /* RFC 4361 */ 3916 memcpy(state->clientid + 2, ifo->iaid, 4); 3917 memcpy(state->clientid + 6, ifp->ctx->duid, 3918 ifp->ctx->duid_len); 3919 } else { 3920 len = (uint8_t)(ifp->hwlen + 1); 3921 state->clientid = malloc((size_t)len + 1); 3922 if (state->clientid == NULL) 3923 goto eexit; 3924 state->clientid[0] = len; 3925 state->clientid[1] = (uint8_t)ifp->hwtype; 3926 memcpy(state->clientid + 2, ifp->hwaddr, 3927 ifp->hwlen); 3928 } 3929 } 3930 3931 if (ifo->options & DHCPCD_DUID) 3932 /* Don't bother logging as DUID and IAID are reported 3933 * at device start. */ 3934 return 0; 3935 3936 if (ifo->options & DHCPCD_CLIENTID && state->clientid != NULL) 3937 logdebugx("%s: using ClientID %s", ifp->name, 3938 hwaddr_ntoa(state->clientid + 1, state->clientid[0], 3939 buf, sizeof(buf))); 3940 else if (ifp->hwlen) 3941 logdebugx("%s: using hwaddr %s", ifp->name, 3942 hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf))); 3943 return 0; 3944 3945 eexit: 3946 logerr(__func__); 3947 return -1; 3948 } 3949 3950 static void 3951 dhcp_start1(void *arg) 3952 { 3953 struct interface *ifp = arg; 3954 struct dhcpcd_ctx *ctx = ifp->ctx; 3955 struct if_options *ifo = ifp->options; 3956 struct dhcp_state *state; 3957 uint32_t l; 3958 int nolease; 3959 3960 if (!(ifo->options & DHCPCD_IPV4)) 3961 return; 3962 3963 /* Listen on *.*.*.*:bootpc so that the kernel never sends an 3964 * ICMP port unreachable message back to the DHCP server. 3965 * Only do this in master mode so we don't swallow messages 3966 * for dhcpcd running on another interface. */ 3967 if ((ctx->options & (DHCPCD_MASTER|DHCPCD_PRIVSEP)) == DHCPCD_MASTER 3968 && ctx->udp_rfd == -1) 3969 { 3970 ctx->udp_rfd = dhcp_openudp(NULL); 3971 if (ctx->udp_rfd == -1) { 3972 logerr(__func__); 3973 return; 3974 } 3975 eloop_event_add(ctx->eloop, ctx->udp_rfd, dhcp_handleudp, ctx); 3976 } 3977 if (!IN_PRIVSEP(ctx) && ctx->udp_wfd == -1) { 3978 ctx->udp_wfd = xsocket(PF_INET, SOCK_RAW|SOCK_CXNB,IPPROTO_UDP); 3979 if (ctx->udp_wfd == -1) { 3980 logerr(__func__); 3981 return; 3982 } 3983 } 3984 3985 if (dhcp_init(ifp) == -1) { 3986 logerr("%s: dhcp_init", ifp->name); 3987 return; 3988 } 3989 3990 state = D_STATE(ifp); 3991 clock_gettime(CLOCK_MONOTONIC, &state->started); 3992 state->interval = 0; 3993 free(state->offer); 3994 state->offer = NULL; 3995 state->offer_len = 0; 3996 3997 #ifdef ARPING 3998 if (ifo->arping_len && state->arping_index < ifo->arping_len) { 3999 dhcp_arping(ifp); 4000 return; 4001 } 4002 #endif 4003 4004 if (ifo->options & DHCPCD_STATIC) { 4005 dhcp_static(ifp); 4006 return; 4007 } 4008 4009 if (ifo->options & DHCPCD_INFORM) { 4010 dhcp_inform(ifp); 4011 return; 4012 } 4013 4014 /* We don't want to read the old lease if we NAK an old test */ 4015 nolease = state->offer && ifp->ctx->options & DHCPCD_TEST; 4016 if (!nolease && ifo->options & DHCPCD_DHCP) { 4017 state->offer_len = read_lease(ifp, &state->offer); 4018 /* Check the saved lease matches the type we want */ 4019 if (state->offer) { 4020 #ifdef IN_IFF_DUPLICATED 4021 struct in_addr addr; 4022 struct ipv4_addr *ia; 4023 4024 addr.s_addr = state->offer->yiaddr; 4025 ia = ipv4_iffindaddr(ifp, &addr, NULL); 4026 #endif 4027 4028 if ((!IS_DHCP(state->offer) && 4029 !(ifo->options & DHCPCD_BOOTP)) || 4030 #ifdef IN_IFF_DUPLICATED 4031 (ia && ia->addr_flags & IN_IFF_DUPLICATED) || 4032 #endif 4033 (IS_DHCP(state->offer) && 4034 ifo->options & DHCPCD_BOOTP)) 4035 { 4036 free(state->offer); 4037 state->offer = NULL; 4038 state->offer_len = 0; 4039 } 4040 } 4041 } 4042 if (state->offer) { 4043 struct ipv4_addr *ia; 4044 time_t mtime; 4045 4046 get_lease(ifp, &state->lease, state->offer, state->offer_len); 4047 state->lease.frominfo = 1; 4048 if (state->new == NULL && 4049 (ia = ipv4_iffindaddr(ifp, 4050 &state->lease.addr, &state->lease.mask)) != NULL) 4051 { 4052 /* We still have the IP address from the last lease. 4053 * Fake add the address and routes from it so the lease 4054 * can be cleaned up. */ 4055 state->new = malloc(state->offer_len); 4056 if (state->new) { 4057 memcpy(state->new, 4058 state->offer, state->offer_len); 4059 state->new_len = state->offer_len; 4060 state->addr = ia; 4061 state->added |= STATE_ADDED | STATE_FAKE; 4062 rt_build(ifp->ctx, AF_INET); 4063 } else 4064 logerr(__func__); 4065 } 4066 if (!IS_DHCP(state->offer)) { 4067 free(state->offer); 4068 state->offer = NULL; 4069 state->offer_len = 0; 4070 } else if (!(ifo->options & DHCPCD_LASTLEASE_EXTEND) && 4071 state->lease.leasetime != DHCP_INFINITE_LIFETIME && 4072 dhcp_filemtime(ifp->ctx, state->leasefile, &mtime) == 0) 4073 { 4074 time_t now; 4075 4076 /* Offset lease times and check expiry */ 4077 now = time(NULL); 4078 if (now == -1 || 4079 (time_t)state->lease.leasetime < now - mtime) 4080 { 4081 logdebugx("%s: discarding expired lease", 4082 ifp->name); 4083 free(state->offer); 4084 state->offer = NULL; 4085 state->offer_len = 0; 4086 state->lease.addr.s_addr = 0; 4087 /* Technically we should discard the lease 4088 * as it's expired, just as DHCPv6 addresses 4089 * would be by the kernel. 4090 * However, this may violate POLA so 4091 * we currently leave it be. 4092 * If we get a totally different lease from 4093 * the DHCP server we'll drop it anyway, as 4094 * we will on any other event which would 4095 * trigger a lease drop. 4096 * This should only happen if dhcpcd stops 4097 * running and the lease expires before 4098 * dhcpcd starts again. */ 4099 #if 0 4100 if (state->new) 4101 dhcp_drop(ifp, "EXPIRE"); 4102 #endif 4103 } else { 4104 l = (uint32_t)(now - mtime); 4105 state->lease.leasetime -= l; 4106 state->lease.renewaltime -= l; 4107 state->lease.rebindtime -= l; 4108 } 4109 } 4110 } 4111 4112 #ifdef IPV4LL 4113 if (!(ifo->options & DHCPCD_DHCP)) { 4114 if (ifo->options & DHCPCD_IPV4LL) 4115 ipv4ll_start(ifp); 4116 return; 4117 } 4118 #endif 4119 4120 if (state->offer == NULL || 4121 !IS_DHCP(state->offer) || 4122 ifo->options & DHCPCD_ANONYMOUS) 4123 dhcp_discover(ifp); 4124 else 4125 dhcp_reboot(ifp); 4126 } 4127 4128 void 4129 dhcp_start(struct interface *ifp) 4130 { 4131 unsigned int delay; 4132 #ifdef ARPING 4133 const struct dhcp_state *state; 4134 #endif 4135 4136 if (!(ifp->options->options & DHCPCD_IPV4)) 4137 return; 4138 4139 /* If we haven't been given a netmask for our requested address, 4140 * set it now. */ 4141 if (ifp->options->req_addr.s_addr != INADDR_ANY && 4142 ifp->options->req_mask.s_addr == INADDR_ANY) 4143 ifp->options->req_mask.s_addr = 4144 ipv4_getnetmask(ifp->options->req_addr.s_addr); 4145 4146 /* If we haven't specified a ClientID and our hardware address 4147 * length is greater than BOOTP CHADDR then we enforce a ClientID 4148 * of the hardware address type and the hardware address. 4149 * If there is no hardware address and no ClientID set, 4150 * force a DUID based ClientID. */ 4151 if (ifp->hwlen > 16) 4152 ifp->options->options |= DHCPCD_CLIENTID; 4153 else if (ifp->hwlen == 0 && !(ifp->options->options & DHCPCD_CLIENTID)) 4154 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_DUID; 4155 4156 /* Firewire and InfiniBand interfaces require ClientID and 4157 * the broadcast option being set. */ 4158 switch (ifp->hwtype) { 4159 case ARPHRD_IEEE1394: /* FALLTHROUGH */ 4160 case ARPHRD_INFINIBAND: 4161 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_BROADCAST; 4162 break; 4163 } 4164 4165 /* If we violate RFC2131 section 3.7 then require ARP 4166 * to detect if any other client wants our address. */ 4167 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) 4168 ifp->options->options |= DHCPCD_ARP; 4169 4170 /* No point in delaying a static configuration */ 4171 if (ifp->options->options & DHCPCD_STATIC || 4172 !(ifp->options->options & DHCPCD_INITIAL_DELAY)) 4173 { 4174 dhcp_start1(ifp); 4175 return; 4176 } 4177 4178 #ifdef ARPING 4179 /* If we have arpinged then we have already delayed. */ 4180 state = D_CSTATE(ifp); 4181 if (state != NULL && state->arping_index != -1) { 4182 dhcp_start1(ifp); 4183 return; 4184 } 4185 #endif 4186 delay = MSEC_PER_SEC + 4187 (arc4random_uniform(MSEC_PER_SEC * 2) - MSEC_PER_SEC); 4188 logdebugx("%s: delaying IPv4 for %0.1f seconds", 4189 ifp->name, (float)delay / MSEC_PER_SEC); 4190 4191 eloop_timeout_add_msec(ifp->ctx->eloop, delay, dhcp_start1, ifp); 4192 } 4193 4194 void 4195 dhcp_abort(struct interface *ifp) 4196 { 4197 struct dhcp_state *state; 4198 4199 state = D_STATE(ifp); 4200 #ifdef ARPING 4201 if (state != NULL) 4202 state->arping_index = -1; 4203 #endif 4204 4205 eloop_timeout_delete(ifp->ctx->eloop, dhcp_start1, ifp); 4206 4207 if (state != NULL && state->added) { 4208 rt_build(ifp->ctx, AF_INET); 4209 #ifdef ARP 4210 if (ifp->options->options & DHCPCD_ARP) 4211 arp_announceaddr(ifp->ctx, &state->addr->addr); 4212 #endif 4213 } 4214 } 4215 4216 struct ipv4_addr * 4217 dhcp_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid) 4218 { 4219 struct interface *ifp; 4220 struct dhcp_state *state; 4221 struct if_options *ifo; 4222 uint8_t i; 4223 4224 ifp = ia->iface; 4225 state = D_STATE(ifp); 4226 if (state == NULL || state->state == DHS_NONE) 4227 return ia; 4228 4229 if (cmd == RTM_DELADDR) { 4230 if (state->addr == ia) { 4231 loginfox("%s: pid %d deleted IP address %s", 4232 ifp->name, pid, ia->saddr); 4233 dhcp_close(ifp); 4234 state->addr = NULL; 4235 /* Don't clear the added state as we need 4236 * to drop the lease. */ 4237 dhcp_drop(ifp, "EXPIRE"); 4238 dhcp_start1(ifp); 4239 return ia; 4240 } 4241 } 4242 4243 if (cmd != RTM_NEWADDR) 4244 return ia; 4245 4246 #ifdef IN_IFF_NOTUSEABLE 4247 if (!(ia->addr_flags & IN_IFF_NOTUSEABLE)) 4248 dhcp_finish_dad(ifp, &ia->addr); 4249 else if (ia->addr_flags & IN_IFF_DUPLICATED) 4250 return dhcp_addr_duplicated(ifp, &ia->addr) ? NULL : ia; 4251 #endif 4252 4253 ifo = ifp->options; 4254 4255 #ifdef PRIVSEP 4256 if (IN_PRIVSEP_SE(ifp->ctx) && 4257 !(ifp->ctx->options & (DHCPCD_MASTER | DHCPCD_CONFIGURE)) && 4258 IN_ARE_ADDR_EQUAL(&state->lease.addr, &ia->addr)) 4259 { 4260 state->addr = ia; 4261 state->added = STATE_ADDED; 4262 dhcp_closebpf(ifp); 4263 if (ps_inet_openbootp(ia) == -1) 4264 logerr(__func__); 4265 } 4266 #endif 4267 4268 if (ifo->options & DHCPCD_INFORM) { 4269 if (state->state != DHS_INFORM) 4270 dhcp_inform(ifp); 4271 return ia; 4272 } 4273 4274 if (!(ifo->options & DHCPCD_STATIC)) 4275 return ia; 4276 if (ifo->req_addr.s_addr != INADDR_ANY) 4277 return ia; 4278 4279 free(state->old); 4280 state->old = state->new; 4281 state->new_len = dhcp_message_new(&state->new, &ia->addr, &ia->mask); 4282 if (state->new == NULL) 4283 return ia; 4284 if (ifp->flags & IFF_POINTOPOINT) { 4285 for (i = 1; i < 255; i++) 4286 if (i != DHO_ROUTER && has_option_mask(ifo->dstmask,i)) 4287 dhcp_message_add_addr(state->new, i, ia->brd); 4288 } 4289 state->reason = "STATIC"; 4290 rt_build(ifp->ctx, AF_INET); 4291 script_runreason(ifp, state->reason); 4292 if (ifo->options & DHCPCD_INFORM) { 4293 state->state = DHS_INFORM; 4294 dhcp_new_xid(ifp); 4295 state->lease.server.s_addr = INADDR_ANY; 4296 state->addr = ia; 4297 dhcp_inform(ifp); 4298 } 4299 4300 return ia; 4301 } 4302 4303 #ifndef SMALL 4304 int 4305 dhcp_dump(struct interface *ifp) 4306 { 4307 struct dhcp_state *state; 4308 4309 ifp->if_data[IF_DATA_DHCP] = state = calloc(1, sizeof(*state)); 4310 if (state == NULL) { 4311 logerr(__func__); 4312 return -1; 4313 } 4314 state->new_len = read_lease(ifp, &state->new); 4315 if (state->new == NULL) { 4316 logerr("read_lease"); 4317 return -1; 4318 } 4319 state->reason = "DUMP"; 4320 return script_runreason(ifp, state->reason); 4321 } 4322 #endif 4323