1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * dhcpcd - DHCP client daemon 4 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/param.h> 30 #include <sys/socket.h> 31 #include <sys/stat.h> 32 33 #include <arpa/inet.h> 34 #include <net/if.h> 35 #include <net/route.h> 36 #include <netinet/if_ether.h> 37 #include <netinet/in_systm.h> 38 #include <netinet/in.h> 39 #include <netinet/ip.h> 40 #define __FAVOR_BSD /* Nasty glibc hack so we can use BSD semantics for UDP */ 41 #include <netinet/udp.h> 42 #undef __FAVOR_BSD 43 44 #include <assert.h> 45 #include <ctype.h> 46 #include <errno.h> 47 #include <fcntl.h> 48 #include <inttypes.h> 49 #include <stdbool.h> 50 #include <stddef.h> 51 #include <stdio.h> 52 #include <stdlib.h> 53 #include <string.h> 54 #include <unistd.h> 55 56 #define ELOOP_QUEUE 2 57 #include "config.h" 58 #include "arp.h" 59 #include "bpf.h" 60 #include "common.h" 61 #include "dhcp.h" 62 #include "dhcpcd.h" 63 #include "dhcp-common.h" 64 #include "duid.h" 65 #include "eloop.h" 66 #include "if.h" 67 #include "ipv4.h" 68 #include "ipv4ll.h" 69 #include "logerr.h" 70 #include "sa.h" 71 #include "script.h" 72 73 #define DAD "Duplicate address detected" 74 #define DHCP_MIN_LEASE 20 75 76 #define IPV4A ADDRIPV4 | ARRAY 77 #define IPV4R ADDRIPV4 | REQUEST 78 79 /* We should define a maximum for the NAK exponential backoff */ 80 #define NAKOFF_MAX 60 81 82 /* Wait N nanoseconds between sending a RELEASE and dropping the address. 83 * This gives the kernel enough time to actually send it. */ 84 #define RELEASE_DELAY_S 0 85 #define RELEASE_DELAY_NS 10000000 86 87 #ifndef IPDEFTTL 88 #define IPDEFTTL 64 /* RFC1340 */ 89 #endif 90 91 /* Support older systems with different defines */ 92 #if !defined(IP_RECVPKTINFO) && defined(IP_PKTINFO) 93 #define IP_RECVPKTINFO IP_PKTINFO 94 #endif 95 96 /* Assert the correct structure size for on wire */ 97 __CTASSERT(sizeof(struct ip) == 20); 98 __CTASSERT(sizeof(struct udphdr) == 8); 99 __CTASSERT(sizeof(struct bootp) == 300); 100 101 struct dhcp_op { 102 uint8_t value; 103 const char *name; 104 }; 105 106 static const struct dhcp_op dhcp_ops[] = { 107 { DHCP_DISCOVER, "DISCOVER" }, 108 { DHCP_OFFER, "OFFER" }, 109 { DHCP_REQUEST, "REQUEST" }, 110 { DHCP_DECLINE, "DECLINE" }, 111 { DHCP_ACK, "ACK" }, 112 { DHCP_NAK, "NAK" }, 113 { DHCP_RELEASE, "RELEASE" }, 114 { DHCP_INFORM, "INFORM" }, 115 { DHCP_FORCERENEW, "FORCERENEW"}, 116 { 0, NULL } 117 }; 118 119 static const char * const dhcp_params[] = { 120 "ip_address", 121 "subnet_cidr", 122 "network_number", 123 "filename", 124 "server_name", 125 NULL 126 }; 127 128 static int dhcp_openbpf(struct interface *); 129 static void dhcp_start1(void *); 130 #if defined(ARP) && (!defined(KERNEL_RFC5227) || defined(ARPING)) 131 static void dhcp_arp_found(struct arp_state *, const struct arp_msg *); 132 #endif 133 static void dhcp_handledhcp(struct interface *, struct bootp *, size_t, 134 const struct in_addr *); 135 #ifdef IP_PKTINFO 136 static void dhcp_handleifudp(void *); 137 #endif 138 static int dhcp_initstate(struct interface *); 139 140 void 141 dhcp_printoptions(const struct dhcpcd_ctx *ctx, 142 const struct dhcp_opt *opts, size_t opts_len) 143 { 144 const char * const *p; 145 size_t i, j; 146 const struct dhcp_opt *opt, *opt2; 147 int cols; 148 149 for (p = dhcp_params; *p; p++) 150 printf(" %s\n", *p); 151 152 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 153 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 154 if (opt->option == opt2->option) 155 break; 156 if (j == opts_len) { 157 cols = printf("%03d %s", opt->option, opt->var); 158 dhcp_print_option_encoding(opt, cols); 159 } 160 } 161 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 162 cols = printf("%03d %s", opt->option, opt->var); 163 dhcp_print_option_encoding(opt, cols); 164 } 165 } 166 167 #define get_option_raw(ctx, bootp, bootp_len, opt) \ 168 get_option((ctx), (bootp), (bootp_len), NULL) 169 static const uint8_t * 170 get_option(struct dhcpcd_ctx *ctx, 171 const struct bootp *bootp, size_t bootp_len, 172 unsigned int opt, size_t *opt_len) 173 { 174 const uint8_t *p, *e; 175 uint8_t l, o, ol, overl, *bp; 176 const uint8_t *op; 177 size_t bl; 178 179 /* Check we have the magic cookie */ 180 if (!IS_DHCP(bootp)) { 181 errno = ENOTSUP; 182 return NULL; 183 } 184 185 p = bootp->vend + 4; /* options after the 4 byte cookie */ 186 e = (const uint8_t *)bootp + bootp_len; 187 ol = o = overl = 0; 188 bp = NULL; 189 op = NULL; 190 bl = 0; 191 while (p < e) { 192 o = *p++; 193 switch (o) { 194 case DHO_PAD: 195 /* No length to read */ 196 continue; 197 case DHO_END: 198 if (overl & 1) { 199 /* bit 1 set means parse boot file */ 200 overl = (uint8_t)(overl & ~1); 201 p = bootp->file; 202 e = p + sizeof(bootp->file); 203 } else if (overl & 2) { 204 /* bit 2 set means parse server name */ 205 overl = (uint8_t)(overl & ~2); 206 p = bootp->sname; 207 e = p + sizeof(bootp->sname); 208 } else 209 goto exit; 210 /* No length to read */ 211 continue; 212 } 213 214 /* Check we can read the length */ 215 if (p == e) { 216 errno = EINVAL; 217 return NULL; 218 } 219 l = *p++; 220 221 /* Check we can read the option data, if present */ 222 if (p + l > e) { 223 errno = EINVAL; 224 return NULL; 225 } 226 227 if (o == DHO_OPTSOVERLOADED) { 228 /* Ensure we only get this option once by setting 229 * the last bit as well as the value. 230 * This is valid because only the first two bits 231 * actually mean anything in RFC2132 Section 9.3 */ 232 if (l == 1 && !overl) 233 overl = 0x80 | p[0]; 234 } 235 236 if (o == opt) { 237 if (op) { 238 /* We must concatonate the options. */ 239 if (bl + l > ctx->opt_buffer_len) { 240 size_t pos; 241 uint8_t *nb; 242 243 if (bp) 244 pos = (size_t) 245 (bp - ctx->opt_buffer); 246 else 247 pos = 0; 248 nb = realloc(ctx->opt_buffer, bl + l); 249 if (nb == NULL) 250 return NULL; 251 ctx->opt_buffer = nb; 252 ctx->opt_buffer_len = bl + l; 253 bp = ctx->opt_buffer + pos; 254 } 255 if (bp == NULL) 256 bp = ctx->opt_buffer; 257 memcpy(bp, op, ol); 258 bp += ol; 259 } 260 ol = l; 261 op = p; 262 bl += ol; 263 } 264 p += l; 265 } 266 267 exit: 268 if (opt_len) 269 *opt_len = bl; 270 if (bp) { 271 memcpy(bp, op, ol); 272 return (const uint8_t *)ctx->opt_buffer; 273 } 274 if (op) 275 return op; 276 errno = ENOENT; 277 return NULL; 278 } 279 280 static int 281 get_option_addr(struct dhcpcd_ctx *ctx, 282 struct in_addr *a, const struct bootp *bootp, size_t bootp_len, 283 uint8_t option) 284 { 285 const uint8_t *p; 286 size_t len; 287 288 p = get_option(ctx, bootp, bootp_len, option, &len); 289 if (!p || len < (ssize_t)sizeof(a->s_addr)) 290 return -1; 291 memcpy(&a->s_addr, p, sizeof(a->s_addr)); 292 return 0; 293 } 294 295 static int 296 get_option_uint32(struct dhcpcd_ctx *ctx, 297 uint32_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 298 { 299 const uint8_t *p; 300 size_t len; 301 uint32_t d; 302 303 p = get_option(ctx, bootp, bootp_len, option, &len); 304 if (!p || len < (ssize_t)sizeof(d)) 305 return -1; 306 memcpy(&d, p, sizeof(d)); 307 if (i) 308 *i = ntohl(d); 309 return 0; 310 } 311 312 static int 313 get_option_uint16(struct dhcpcd_ctx *ctx, 314 uint16_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 315 { 316 const uint8_t *p; 317 size_t len; 318 uint16_t d; 319 320 p = get_option(ctx, bootp, bootp_len, option, &len); 321 if (!p || len < (ssize_t)sizeof(d)) 322 return -1; 323 memcpy(&d, p, sizeof(d)); 324 if (i) 325 *i = ntohs(d); 326 return 0; 327 } 328 329 static int 330 get_option_uint8(struct dhcpcd_ctx *ctx, 331 uint8_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 332 { 333 const uint8_t *p; 334 size_t len; 335 336 p = get_option(ctx, bootp, bootp_len, option, &len); 337 if (!p || len < (ssize_t)sizeof(*p)) 338 return -1; 339 if (i) 340 *i = *(p); 341 return 0; 342 } 343 344 ssize_t 345 print_rfc3442(FILE *fp, const uint8_t *data, size_t data_len) 346 { 347 const uint8_t *p = data, *e; 348 size_t ocets; 349 uint8_t cidr; 350 struct in_addr addr; 351 352 /* Minimum is 5 -first is CIDR and a router length of 4 */ 353 if (data_len < 5) { 354 errno = EINVAL; 355 return -1; 356 } 357 358 e = p + data_len; 359 while (p < e) { 360 if (p != data) { 361 if (fputc(' ', fp) == EOF) 362 return -1; 363 } 364 cidr = *p++; 365 if (cidr > 32) { 366 errno = EINVAL; 367 return -1; 368 } 369 ocets = (size_t)(cidr + 7) / NBBY; 370 if (p + 4 + ocets > e) { 371 errno = ERANGE; 372 return -1; 373 } 374 /* If we have ocets then we have a destination and netmask */ 375 addr.s_addr = 0; 376 if (ocets > 0) { 377 memcpy(&addr.s_addr, p, ocets); 378 p += ocets; 379 } 380 if (fprintf(fp, "%s/%d", inet_ntoa(addr), cidr) == -1) 381 return -1; 382 383 /* Finally, snag the router */ 384 memcpy(&addr.s_addr, p, 4); 385 p += 4; 386 if (fprintf(fp, " %s", inet_ntoa(addr)) == -1) 387 return -1; 388 } 389 390 if (fputc('\0', fp) == EOF) 391 return -1; 392 return 1; 393 } 394 395 static int 396 decode_rfc3442_rt(rb_tree_t *routes, struct interface *ifp, 397 const uint8_t *data, size_t dl, const struct bootp *bootp) 398 { 399 const uint8_t *p = data; 400 const uint8_t *e; 401 uint8_t cidr; 402 size_t ocets; 403 struct rt *rt = NULL; 404 struct in_addr dest, netmask, gateway; 405 int n; 406 407 /* Minimum is 5 -first is CIDR and a router length of 4 */ 408 if (dl < 5) { 409 errno = EINVAL; 410 return -1; 411 } 412 413 n = 0; 414 e = p + dl; 415 while (p < e) { 416 cidr = *p++; 417 if (cidr > 32) { 418 errno = EINVAL; 419 return -1; 420 } 421 422 ocets = (size_t)(cidr + 7) / NBBY; 423 if (p + 4 + ocets > e) { 424 errno = ERANGE; 425 return -1; 426 } 427 428 if ((rt = rt_new(ifp)) == NULL) 429 return -1; 430 431 /* If we have ocets then we have a destination and netmask */ 432 dest.s_addr = 0; 433 if (ocets > 0) { 434 memcpy(&dest.s_addr, p, ocets); 435 p += ocets; 436 netmask.s_addr = htonl(~0U << (32 - cidr)); 437 } else 438 netmask.s_addr = 0; 439 440 /* Finally, snag the router */ 441 memcpy(&gateway.s_addr, p, 4); 442 p += 4; 443 444 /* An on-link host route is normally set by having the 445 * gateway match the destination or assigned address */ 446 if (gateway.s_addr == dest.s_addr || 447 (gateway.s_addr == bootp->yiaddr || 448 gateway.s_addr == bootp->ciaddr)) 449 { 450 gateway.s_addr = INADDR_ANY; 451 netmask.s_addr = INADDR_BROADCAST; 452 } 453 if (netmask.s_addr == INADDR_BROADCAST) 454 rt->rt_flags = RTF_HOST; 455 456 sa_in_init(&rt->rt_dest, &dest); 457 sa_in_init(&rt->rt_netmask, &netmask); 458 sa_in_init(&rt->rt_gateway, &gateway); 459 if (rt_proto_add(routes, rt)) 460 n = 1; 461 } 462 return n; 463 } 464 465 ssize_t 466 print_rfc3361(FILE *fp, const uint8_t *data, size_t dl) 467 { 468 uint8_t enc; 469 char sip[NS_MAXDNAME]; 470 struct in_addr addr; 471 472 if (dl < 2) { 473 errno = EINVAL; 474 return 0; 475 } 476 477 enc = *data++; 478 dl--; 479 switch (enc) { 480 case 0: 481 if (decode_rfc1035(sip, sizeof(sip), data, dl) == -1) 482 return -1; 483 if (efprintf(fp, "%s", sip) == -1) 484 return -1; 485 break; 486 case 1: 487 if (dl == 0 || dl % 4 != 0) { 488 errno = EINVAL; 489 break; 490 } 491 addr.s_addr = INADDR_BROADCAST; 492 for (; 493 dl != 0; 494 data += sizeof(addr.s_addr), dl -= sizeof(addr.s_addr)) 495 { 496 memcpy(&addr.s_addr, data, sizeof(addr.s_addr)); 497 if (fprintf(fp, "%s", inet_ntoa(addr)) == -1) 498 return -1; 499 if (dl != 0) { 500 if (fputc(' ', fp) == EOF) 501 return -1; 502 } 503 } 504 if (fputc('\0', fp) == EOF) 505 return -1; 506 break; 507 default: 508 errno = EINVAL; 509 return 0; 510 } 511 512 return 1; 513 } 514 515 static char * 516 get_option_string(struct dhcpcd_ctx *ctx, 517 const struct bootp *bootp, size_t bootp_len, uint8_t option) 518 { 519 size_t len; 520 const uint8_t *p; 521 char *s; 522 523 p = get_option(ctx, bootp, bootp_len, option, &len); 524 if (!p || len == 0 || *p == '\0') 525 return NULL; 526 527 s = malloc(sizeof(char) * (len + 1)); 528 if (s) { 529 memcpy(s, p, len); 530 s[len] = '\0'; 531 } 532 return s; 533 } 534 535 /* This calculates the netmask that we should use for static routes. 536 * This IS different from the calculation used to calculate the netmask 537 * for an interface address. */ 538 static uint32_t 539 route_netmask(uint32_t ip_in) 540 { 541 /* used to be unsigned long - check if error */ 542 uint32_t p = ntohl(ip_in); 543 uint32_t t; 544 545 if (IN_CLASSA(p)) 546 t = ~IN_CLASSA_NET; 547 else { 548 if (IN_CLASSB(p)) 549 t = ~IN_CLASSB_NET; 550 else { 551 if (IN_CLASSC(p)) 552 t = ~IN_CLASSC_NET; 553 else 554 t = 0; 555 } 556 } 557 558 while (t & p) 559 t >>= 1; 560 561 return (htonl(~t)); 562 } 563 564 /* We need to obey routing options. 565 * If we have a CSR then we only use that. 566 * Otherwise we add static routes and then routers. */ 567 static int 568 get_option_routes(rb_tree_t *routes, struct interface *ifp, 569 const struct bootp *bootp, size_t bootp_len) 570 { 571 struct if_options *ifo = ifp->options; 572 const uint8_t *p; 573 const uint8_t *e; 574 struct rt *rt = NULL; 575 struct in_addr dest, netmask, gateway; 576 size_t len; 577 const char *csr = ""; 578 int n; 579 580 /* If we have CSR's then we MUST use these only */ 581 if (!has_option_mask(ifo->nomask, DHO_CSR)) 582 p = get_option(ifp->ctx, bootp, bootp_len, DHO_CSR, &len); 583 else 584 p = NULL; 585 /* Check for crappy MS option */ 586 if (!p && !has_option_mask(ifo->nomask, DHO_MSCSR)) { 587 p = get_option(ifp->ctx, bootp, bootp_len, DHO_MSCSR, &len); 588 if (p) 589 csr = "MS "; 590 } 591 if (p && (n = decode_rfc3442_rt(routes, ifp, p, len, bootp)) != -1) { 592 const struct dhcp_state *state; 593 594 state = D_CSTATE(ifp); 595 if (!(ifo->options & DHCPCD_CSR_WARNED) && 596 !(state->added & STATE_FAKE)) 597 { 598 logdebugx("%s: using %sClassless Static Routes", 599 ifp->name, csr); 600 ifo->options |= DHCPCD_CSR_WARNED; 601 } 602 return n; 603 } 604 605 n = 0; 606 /* OK, get our static routes first. */ 607 if (!has_option_mask(ifo->nomask, DHO_STATICROUTE)) 608 p = get_option(ifp->ctx, bootp, bootp_len, 609 DHO_STATICROUTE, &len); 610 else 611 p = NULL; 612 /* RFC 2131 Section 5.8 states length MUST be in multiples of 8 */ 613 if (p && len % 8 == 0) { 614 e = p + len; 615 while (p < e) { 616 memcpy(&dest.s_addr, p, sizeof(dest.s_addr)); 617 p += 4; 618 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 619 p += 4; 620 /* RFC 2131 Section 5.8 states default route is 621 * illegal */ 622 if (gateway.s_addr == INADDR_ANY) 623 continue; 624 if ((rt = rt_new(ifp)) == NULL) 625 return -1; 626 627 /* A on-link host route is normally set by having the 628 * gateway match the destination or assigned address */ 629 if (gateway.s_addr == dest.s_addr || 630 (gateway.s_addr == bootp->yiaddr || 631 gateway.s_addr == bootp->ciaddr)) 632 { 633 gateway.s_addr = INADDR_ANY; 634 netmask.s_addr = INADDR_BROADCAST; 635 } else 636 netmask.s_addr = route_netmask(dest.s_addr); 637 if (netmask.s_addr == INADDR_BROADCAST) 638 rt->rt_flags = RTF_HOST; 639 640 sa_in_init(&rt->rt_dest, &dest); 641 sa_in_init(&rt->rt_netmask, &netmask); 642 sa_in_init(&rt->rt_gateway, &gateway); 643 if (rt_proto_add(routes, rt)) 644 n++; 645 } 646 } 647 648 /* Now grab our routers */ 649 if (!has_option_mask(ifo->nomask, DHO_ROUTER)) 650 p = get_option(ifp->ctx, bootp, bootp_len, DHO_ROUTER, &len); 651 else 652 p = NULL; 653 if (p && len % 4 == 0) { 654 e = p + len; 655 dest.s_addr = INADDR_ANY; 656 netmask.s_addr = INADDR_ANY; 657 while (p < e) { 658 if ((rt = rt_new(ifp)) == NULL) 659 return -1; 660 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 661 p += 4; 662 sa_in_init(&rt->rt_dest, &dest); 663 sa_in_init(&rt->rt_netmask, &netmask); 664 sa_in_init(&rt->rt_gateway, &gateway); 665 if (rt_proto_add(routes, rt)) 666 n++; 667 } 668 } 669 670 return n; 671 } 672 673 uint16_t 674 dhcp_get_mtu(const struct interface *ifp) 675 { 676 const struct dhcp_state *state; 677 uint16_t mtu; 678 679 if (ifp->options->mtu) 680 return (uint16_t)ifp->options->mtu; 681 mtu = 0; /* bogus gcc warning */ 682 if ((state = D_CSTATE(ifp)) == NULL || 683 has_option_mask(ifp->options->nomask, DHO_MTU) || 684 get_option_uint16(ifp->ctx, &mtu, 685 state->new, state->new_len, DHO_MTU) == -1) 686 return 0; 687 return mtu; 688 } 689 690 /* Grab our routers from the DHCP message and apply any MTU value 691 * the message contains */ 692 int 693 dhcp_get_routes(rb_tree_t *routes, struct interface *ifp) 694 { 695 const struct dhcp_state *state; 696 697 if ((state = D_CSTATE(ifp)) == NULL || !(state->added & STATE_ADDED)) 698 return 0; 699 return get_option_routes(routes, ifp, state->new, state->new_len); 700 } 701 702 /* Assumes DHCP options */ 703 static int 704 dhcp_message_add_addr(struct bootp *bootp, 705 uint8_t type, struct in_addr addr) 706 { 707 uint8_t *p; 708 size_t len; 709 710 p = bootp->vend; 711 while (*p != DHO_END) { 712 p++; 713 p += *p + 1; 714 } 715 716 len = (size_t)(p - bootp->vend); 717 if (len + 6 > sizeof(bootp->vend)) { 718 errno = ENOMEM; 719 return -1; 720 } 721 722 *p++ = type; 723 *p++ = 4; 724 memcpy(p, &addr.s_addr, 4); 725 p += 4; 726 *p = DHO_END; 727 return 0; 728 } 729 730 static ssize_t 731 make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type) 732 { 733 struct bootp *bootp; 734 uint8_t *lp, *p, *e; 735 uint8_t *n_params = NULL; 736 uint32_t ul; 737 uint16_t sz; 738 size_t len, i; 739 const struct dhcp_opt *opt; 740 struct if_options *ifo = ifp->options; 741 const struct dhcp_state *state = D_CSTATE(ifp); 742 const struct dhcp_lease *lease = &state->lease; 743 char hbuf[HOSTNAME_MAX_LEN + 1]; 744 const char *hostname; 745 const struct vivco *vivco; 746 int mtu; 747 #ifdef AUTH 748 uint8_t *auth, auth_len; 749 #endif 750 751 if ((mtu = if_getmtu(ifp)) == -1) 752 logerr("%s: if_getmtu", ifp->name); 753 else if (mtu < MTU_MIN) { 754 if (if_setmtu(ifp, MTU_MIN) == -1) 755 logerr("%s: if_setmtu", ifp->name); 756 mtu = MTU_MIN; 757 } 758 759 if (ifo->options & DHCPCD_BOOTP) 760 bootp = calloc(1, sizeof (*bootp)); 761 else 762 /* Make the maximal message we could send */ 763 bootp = calloc(1, (size_t)(mtu - IP_UDP_SIZE)); 764 765 if (bootp == NULL) 766 return -1; 767 *bootpm = bootp; 768 769 if (state->addr != NULL && 770 (type == DHCP_INFORM || type == DHCP_RELEASE || 771 (type == DHCP_REQUEST && 772 state->addr->mask.s_addr == lease->mask.s_addr && 773 (state->new == NULL || IS_DHCP(state->new)) && 774 !(state->added & STATE_FAKE)))) 775 bootp->ciaddr = state->addr->addr.s_addr; 776 777 bootp->op = BOOTREQUEST; 778 bootp->htype = (uint8_t)ifp->family; 779 switch (ifp->family) { 780 case ARPHRD_ETHER: 781 case ARPHRD_IEEE802: 782 bootp->hlen = (uint8_t)ifp->hwlen; 783 memcpy(&bootp->chaddr, &ifp->hwaddr, ifp->hwlen); 784 break; 785 } 786 787 if (ifo->options & DHCPCD_BROADCAST && 788 bootp->ciaddr == 0 && 789 type != DHCP_DECLINE && 790 type != DHCP_RELEASE) 791 bootp->flags = htons(BROADCAST_FLAG); 792 793 if (type != DHCP_DECLINE && type != DHCP_RELEASE) { 794 struct timespec tv; 795 796 clock_gettime(CLOCK_MONOTONIC, &tv); 797 timespecsub(&tv, &state->started, &tv); 798 if (tv.tv_sec < 0 || tv.tv_sec > (time_t)UINT16_MAX) 799 bootp->secs = htons((uint16_t)UINT16_MAX); 800 else 801 bootp->secs = htons((uint16_t)tv.tv_sec); 802 } 803 804 bootp->xid = htonl(state->xid); 805 806 if (ifo->options & DHCPCD_BOOTP) 807 return sizeof(*bootp); 808 809 p = bootp->vend; 810 e = (uint8_t *)bootp + (mtu - IP_UDP_SIZE) - 1; /* -1 for DHO_END */ 811 812 ul = htonl(MAGIC_COOKIE); 813 memcpy(p, &ul, sizeof(ul)); 814 p += sizeof(ul); 815 816 *p++ = DHO_MESSAGETYPE; 817 *p++ = 1; 818 *p++ = type; 819 820 #define AREA_LEFT (size_t)(e - p) 821 #define AREA_FIT(s) if ((s) > AREA_LEFT) goto toobig 822 #define AREA_CHECK(s) if ((s) + 2UL > AREA_LEFT) goto toobig 823 #define PUT_ADDR(o, a) do { \ 824 AREA_CHECK(4); \ 825 *p++ = (o); \ 826 *p++ = 4; \ 827 memcpy(p, &(a)->s_addr, 4); \ 828 p += 4; \ 829 } while (0 /* CONSTCOND */) 830 831 if (state->clientid) { 832 AREA_CHECK(state->clientid[0]); 833 *p++ = DHO_CLIENTID; 834 memcpy(p, state->clientid, (size_t)state->clientid[0] + 1); 835 p += state->clientid[0] + 1; 836 } 837 838 if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) { 839 if (type == DHCP_DECLINE || 840 (type == DHCP_REQUEST && 841 (state->addr == NULL || 842 state->added & STATE_FAKE || 843 lease->addr.s_addr != state->addr->addr.s_addr))) 844 { 845 PUT_ADDR(DHO_IPADDRESS, &lease->addr); 846 if (lease->server.s_addr) 847 PUT_ADDR(DHO_SERVERID, &lease->server); 848 } 849 850 if (type == DHCP_RELEASE) { 851 if (lease->server.s_addr) 852 PUT_ADDR(DHO_SERVERID, &lease->server); 853 } 854 } 855 856 if (type == DHCP_DECLINE) { 857 len = strlen(DAD); 858 if (len > AREA_LEFT) { 859 *p++ = DHO_MESSAGE; 860 *p++ = (uint8_t)len; 861 memcpy(p, DAD, len); 862 p += len; 863 } 864 } 865 866 if (type == DHCP_DISCOVER && 867 !(ifp->ctx->options & DHCPCD_TEST) && 868 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT)) 869 { 870 /* RFC 4039 Section 3 */ 871 AREA_CHECK(0); 872 *p++ = DHO_RAPIDCOMMIT; 873 *p++ = 0; 874 } 875 876 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_REQUEST) 877 PUT_ADDR(DHO_IPADDRESS, &ifo->req_addr); 878 879 /* RFC 2563 Auto Configure */ 880 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_IPV4LL) { 881 AREA_CHECK(1); 882 *p++ = DHO_AUTOCONFIGURE; 883 *p++ = 1; 884 *p++ = 1; 885 } 886 887 if (type == DHCP_DISCOVER || 888 type == DHCP_INFORM || 889 type == DHCP_REQUEST) 890 { 891 if (mtu != -1) { 892 AREA_CHECK(2); 893 *p++ = DHO_MAXMESSAGESIZE; 894 *p++ = 2; 895 sz = htons((uint16_t)(mtu - IP_UDP_SIZE)); 896 memcpy(p, &sz, 2); 897 p += 2; 898 } 899 900 if (ifo->userclass[0]) { 901 AREA_CHECK(ifo->userclass[0]); 902 *p++ = DHO_USERCLASS; 903 memcpy(p, ifo->userclass, 904 (size_t)ifo->userclass[0] + 1); 905 p += ifo->userclass[0] + 1; 906 } 907 908 if (ifo->vendorclassid[0]) { 909 AREA_CHECK(ifo->vendorclassid[0]); 910 *p++ = DHO_VENDORCLASSID; 911 memcpy(p, ifo->vendorclassid, 912 (size_t)ifo->vendorclassid[0] + 1); 913 p += ifo->vendorclassid[0] + 1; 914 } 915 916 if (ifo->mudurl[0]) { 917 AREA_CHECK(ifo->mudurl[0]); 918 *p++ = DHO_MUDURL; 919 memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1); 920 p += ifo->mudurl[0] + 1; 921 } 922 923 if (type != DHCP_INFORM) { 924 if (ifo->leasetime != 0) { 925 AREA_CHECK(4); 926 *p++ = DHO_LEASETIME; 927 *p++ = 4; 928 ul = htonl(ifo->leasetime); 929 memcpy(p, &ul, 4); 930 p += 4; 931 } 932 } 933 934 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo); 935 936 /* 937 * RFC4702 3.1 States that if we send the Client FQDN option 938 * then we MUST NOT also send the Host Name option. 939 * Technically we could, but that is not RFC conformant and 940 * also seems to break some DHCP server implemetations such as 941 * Windows. On the other hand, ISC dhcpd is just as non RFC 942 * conformant by not accepting a partially qualified FQDN. 943 */ 944 if (ifo->fqdn != FQDN_DISABLE) { 945 /* IETF DHC-FQDN option (81), RFC4702 */ 946 i = 3; 947 if (hostname) 948 i += encode_rfc1035(hostname, NULL); 949 AREA_CHECK(i); 950 *p++ = DHO_FQDN; 951 *p++ = (uint8_t)i; 952 /* 953 * Flags: 0000NEOS 954 * S: 1 => Client requests Server to update 955 * a RR in DNS as well as PTR 956 * O: 1 => Server indicates to client that 957 * DNS has been updated 958 * E: 1 => Name data is DNS format 959 * N: 1 => Client requests Server to not 960 * update DNS 961 */ 962 if (hostname) 963 *p++ = (uint8_t)((ifo->fqdn & 0x09) | 0x04); 964 else 965 *p++ = (FQDN_NONE & 0x09) | 0x04; 966 *p++ = 0; /* from server for PTR RR */ 967 *p++ = 0; /* from server for A RR if S=1 */ 968 if (hostname) { 969 i = encode_rfc1035(hostname, p); 970 p += i; 971 } 972 } else if (ifo->options & DHCPCD_HOSTNAME && hostname) { 973 len = strlen(hostname); 974 AREA_CHECK(len); 975 *p++ = DHO_HOSTNAME; 976 *p++ = (uint8_t)len; 977 memcpy(p, hostname, len); 978 p += len; 979 } 980 981 /* vendor is already encoded correctly, so just add it */ 982 if (ifo->vendor[0]) { 983 AREA_CHECK(ifo->vendor[0]); 984 *p++ = DHO_VENDOR; 985 memcpy(p, ifo->vendor, (size_t)ifo->vendor[0] + 1); 986 p += ifo->vendor[0] + 1; 987 } 988 989 #ifdef AUTH 990 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 991 DHCPCD_AUTH_SENDREQUIRE) 992 { 993 /* We support HMAC-MD5 */ 994 AREA_CHECK(1); 995 *p++ = DHO_FORCERENEW_NONCE; 996 *p++ = 1; 997 *p++ = AUTH_ALG_HMAC_MD5; 998 } 999 #endif 1000 1001 if (ifo->vivco_len) { 1002 AREA_CHECK(sizeof(ul)); 1003 *p++ = DHO_VIVCO; 1004 lp = p++; 1005 *lp = sizeof(ul); 1006 ul = htonl(ifo->vivco_en); 1007 memcpy(p, &ul, sizeof(ul)); 1008 p += sizeof(ul); 1009 for (i = 0, vivco = ifo->vivco; 1010 i < ifo->vivco_len; 1011 i++, vivco++) 1012 { 1013 AREA_FIT(vivco->len); 1014 if (vivco->len + 2 + *lp > 255) { 1015 logerrx("%s: VIVCO option too big", 1016 ifp->name); 1017 free(bootp); 1018 return -1; 1019 } 1020 *p++ = (uint8_t)vivco->len; 1021 memcpy(p, vivco->data, vivco->len); 1022 p += vivco->len; 1023 *lp = (uint8_t)(*lp + vivco->len + 1); 1024 } 1025 } 1026 1027 AREA_CHECK(0); 1028 *p++ = DHO_PARAMETERREQUESTLIST; 1029 n_params = p; 1030 *p++ = 0; 1031 for (i = 0, opt = ifp->ctx->dhcp_opts; 1032 i < ifp->ctx->dhcp_opts_len; 1033 i++, opt++) 1034 { 1035 if (!(opt->type & OT_REQUEST || 1036 has_option_mask(ifo->requestmask, opt->option))) 1037 continue; 1038 if (opt->type & OT_NOREQ) 1039 continue; 1040 if (type == DHCP_INFORM && 1041 (opt->option == DHO_RENEWALTIME || 1042 opt->option == DHO_REBINDTIME)) 1043 continue; 1044 AREA_FIT(1); 1045 *p++ = (uint8_t)opt->option; 1046 } 1047 for (i = 0, opt = ifo->dhcp_override; 1048 i < ifo->dhcp_override_len; 1049 i++, opt++) 1050 { 1051 /* Check if added above */ 1052 for (lp = n_params + 1; lp < p; lp++) 1053 if (*lp == (uint8_t)opt->option) 1054 break; 1055 if (lp < p) 1056 continue; 1057 if (!(opt->type & OT_REQUEST || 1058 has_option_mask(ifo->requestmask, opt->option))) 1059 continue; 1060 if (opt->type & OT_NOREQ) 1061 continue; 1062 if (type == DHCP_INFORM && 1063 (opt->option == DHO_RENEWALTIME || 1064 opt->option == DHO_REBINDTIME)) 1065 continue; 1066 AREA_FIT(1); 1067 *p++ = (uint8_t)opt->option; 1068 } 1069 *n_params = (uint8_t)(p - n_params - 1); 1070 } 1071 1072 #ifdef AUTH 1073 auth = NULL; /* appease GCC */ 1074 auth_len = 0; 1075 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 1076 ssize_t alen = dhcp_auth_encode(&ifo->auth, 1077 state->auth.token, 1078 NULL, 0, 4, type, NULL, 0); 1079 if (alen != -1 && alen > UINT8_MAX) { 1080 errno = ERANGE; 1081 alen = -1; 1082 } 1083 if (alen == -1) 1084 logerr("%s: dhcp_auth_encode", ifp->name); 1085 else if (alen != 0) { 1086 auth_len = (uint8_t)alen; 1087 AREA_CHECK(auth_len); 1088 *p++ = DHO_AUTHENTICATION; 1089 *p++ = auth_len; 1090 auth = p; 1091 p += auth_len; 1092 } 1093 } 1094 #endif 1095 1096 *p++ = DHO_END; 1097 len = (size_t)(p - (uint8_t *)bootp); 1098 1099 /* Pad out to the BOOTP message length. 1100 * Even if we send a DHCP packet with a variable length vendor area, 1101 * some servers / relay agents don't like packets smaller than 1102 * a BOOTP message which is fine because that's stipulated 1103 * in RFC1542 section 2.1. */ 1104 while (len < sizeof(*bootp)) { 1105 *p++ = DHO_PAD; 1106 len++; 1107 } 1108 1109 #ifdef AUTH 1110 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) 1111 dhcp_auth_encode(&ifo->auth, state->auth.token, 1112 (uint8_t *)bootp, len, 4, type, auth, auth_len); 1113 #endif 1114 1115 return (ssize_t)len; 1116 1117 toobig: 1118 logerrx("%s: DHCP message too big", ifp->name); 1119 free(bootp); 1120 return -1; 1121 } 1122 1123 static ssize_t 1124 write_lease(const struct interface *ifp, const struct bootp *bootp, size_t len) 1125 { 1126 int fd; 1127 ssize_t bytes; 1128 const struct dhcp_state *state = D_CSTATE(ifp); 1129 1130 logdebugx("%s: writing lease `%s'", ifp->name, state->leasefile); 1131 1132 fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644); 1133 if (fd == -1) 1134 return -1; 1135 bytes = write(fd, bootp, len); 1136 close(fd); 1137 return bytes; 1138 } 1139 1140 static size_t 1141 read_lease(struct interface *ifp, struct bootp **bootp) 1142 { 1143 int fd; 1144 bool fd_opened; 1145 struct dhcp_state *state = D_STATE(ifp); 1146 struct bootp *lease; 1147 size_t bytes; 1148 uint8_t type; 1149 #ifdef AUTH 1150 const uint8_t *auth; 1151 size_t auth_len; 1152 #endif 1153 1154 /* Safety */ 1155 *bootp = NULL; 1156 1157 if (state->leasefile[0] == '\0') { 1158 fd = fileno(stdin); 1159 fd_opened = false; 1160 } else { 1161 fd = open(state->leasefile, O_RDONLY); 1162 fd_opened = true; 1163 } 1164 if (fd == -1) { 1165 if (errno != ENOENT) 1166 logerr("%s: open `%s'", 1167 ifp->name, state->leasefile); 1168 return 0; 1169 } 1170 if (state->leasefile[0] == '\0') 1171 logdebugx("reading standard input"); 1172 else 1173 logdebugx("%s: reading lease `%s'", 1174 ifp->name, state->leasefile); 1175 1176 bytes = dhcp_read_lease_fd(fd, (void **)&lease); 1177 if (fd_opened) 1178 close(fd); 1179 if (bytes == 0) 1180 return 0; 1181 1182 /* Ensure the packet is at lease BOOTP sized 1183 * with a vendor area of 4 octets 1184 * (it should be more, and our read packet enforces this so this 1185 * code should not be needed, but of course people could 1186 * scribble whatever in the stored lease file. */ 1187 if (bytes < offsetof(struct bootp, vend) + 4) { 1188 free(lease); 1189 logerrx("%s: %s: truncated lease", ifp->name, __func__); 1190 return 0; 1191 } 1192 1193 if (ifp->ctx->options & DHCPCD_DUMPLEASE) 1194 goto out; 1195 1196 /* We may have found a BOOTP server */ 1197 if (get_option_uint8(ifp->ctx, &type, (struct bootp *)lease, bytes, 1198 DHO_MESSAGETYPE) == -1) 1199 type = 0; 1200 1201 #ifdef AUTH 1202 /* Authenticate the message */ 1203 auth = get_option(ifp->ctx, (struct bootp *)lease, bytes, 1204 DHO_AUTHENTICATION, &auth_len); 1205 if (auth) { 1206 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 1207 lease, bytes, 4, type, auth, auth_len) == NULL) 1208 { 1209 logerr("%s: authentication failed", ifp->name); 1210 free(lease); 1211 return 0; 1212 } 1213 if (state->auth.token) 1214 logdebugx("%s: validated using 0x%08" PRIu32, 1215 ifp->name, state->auth.token->secretid); 1216 else 1217 logdebugx("%s: accepted reconfigure key", ifp->name); 1218 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) == 1219 DHCPCD_AUTH_SENDREQUIRE) 1220 { 1221 logerrx("%s: authentication now required", ifp->name); 1222 free(lease); 1223 return 0; 1224 } 1225 #endif 1226 1227 out: 1228 *bootp = (struct bootp *)lease; 1229 return bytes; 1230 } 1231 1232 static const struct dhcp_opt * 1233 dhcp_getoverride(const struct if_options *ifo, unsigned int o) 1234 { 1235 size_t i; 1236 const struct dhcp_opt *opt; 1237 1238 for (i = 0, opt = ifo->dhcp_override; 1239 i < ifo->dhcp_override_len; 1240 i++, opt++) 1241 { 1242 if (opt->option == o) 1243 return opt; 1244 } 1245 return NULL; 1246 } 1247 1248 static const uint8_t * 1249 dhcp_getoption(struct dhcpcd_ctx *ctx, 1250 size_t *os, unsigned int *code, size_t *len, 1251 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 1252 { 1253 size_t i; 1254 struct dhcp_opt *opt; 1255 1256 if (od) { 1257 if (ol < 2) { 1258 errno = EINVAL; 1259 return NULL; 1260 } 1261 *os = 2; /* code + len */ 1262 *code = (unsigned int)*od++; 1263 *len = (size_t)*od++; 1264 if (*len > ol - *os) { 1265 errno = ERANGE; 1266 return NULL; 1267 } 1268 } 1269 1270 *oopt = NULL; 1271 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 1272 if (opt->option == *code) { 1273 *oopt = opt; 1274 break; 1275 } 1276 } 1277 1278 return od; 1279 } 1280 1281 ssize_t 1282 dhcp_env(FILE *fenv, const char *prefix, const struct interface *ifp, 1283 const struct bootp *bootp, size_t bootp_len) 1284 { 1285 const struct if_options *ifo; 1286 const uint8_t *p; 1287 struct in_addr addr; 1288 struct in_addr net; 1289 struct in_addr brd; 1290 struct dhcp_opt *opt, *vo; 1291 size_t i, pl; 1292 char safe[(BOOTP_FILE_LEN * 4) + 1]; 1293 uint8_t overl = 0; 1294 uint32_t en; 1295 1296 ifo = ifp->options; 1297 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 1298 DHO_OPTSOVERLOADED) == -1) 1299 overl = 0; 1300 1301 if (bootp->yiaddr || bootp->ciaddr) { 1302 /* Set some useful variables that we derive from the DHCP 1303 * message but are not necessarily in the options */ 1304 addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1305 if (efprintf(fenv, "%s_ip_address=%s", 1306 prefix, inet_ntoa(addr)) == -1) 1307 return -1; 1308 if (get_option_addr(ifp->ctx, &net, 1309 bootp, bootp_len, DHO_SUBNETMASK) == -1) { 1310 net.s_addr = ipv4_getnetmask(addr.s_addr); 1311 if (efprintf(fenv, "%s_subnet_mask=%s", 1312 prefix, inet_ntoa(net)) == -1) 1313 return -1; 1314 } 1315 if (efprintf(fenv, "%s_subnet_cidr=%d", 1316 prefix, inet_ntocidr(net))== -1) 1317 return -1; 1318 if (get_option_addr(ifp->ctx, &brd, 1319 bootp, bootp_len, DHO_BROADCAST) == -1) 1320 { 1321 brd.s_addr = addr.s_addr | ~net.s_addr; 1322 if (efprintf(fenv, "%s_broadcast_address=%s", 1323 prefix, inet_ntoa(brd)) == -1) 1324 return -1; 1325 } 1326 addr.s_addr = bootp->yiaddr & net.s_addr; 1327 if (efprintf(fenv, "%s_network_number=%s", 1328 prefix, inet_ntoa(addr)) == -1) 1329 return -1; 1330 } 1331 1332 if (*bootp->file && !(overl & 1)) { 1333 print_string(safe, sizeof(safe), OT_STRING, 1334 bootp->file, sizeof(bootp->file)); 1335 if (efprintf(fenv, "%s_filename=%s", prefix, safe) == -1) 1336 return -1; 1337 } 1338 if (*bootp->sname && !(overl & 2)) { 1339 print_string(safe, sizeof(safe), OT_STRING | OT_DOMAIN, 1340 bootp->sname, sizeof(bootp->sname)); 1341 if (efprintf(fenv, "%s_server_name=%s", prefix, safe) == -1) 1342 return -1; 1343 } 1344 1345 /* Zero our indexes */ 1346 for (i = 0, opt = ifp->ctx->dhcp_opts; 1347 i < ifp->ctx->dhcp_opts_len; 1348 i++, opt++) 1349 dhcp_zero_index(opt); 1350 for (i = 0, opt = ifp->options->dhcp_override; 1351 i < ifp->options->dhcp_override_len; 1352 i++, opt++) 1353 dhcp_zero_index(opt); 1354 for (i = 0, opt = ifp->ctx->vivso; 1355 i < ifp->ctx->vivso_len; 1356 i++, opt++) 1357 dhcp_zero_index(opt); 1358 1359 for (i = 0, opt = ifp->ctx->dhcp_opts; 1360 i < ifp->ctx->dhcp_opts_len; 1361 i++, opt++) 1362 { 1363 if (has_option_mask(ifo->nomask, opt->option)) 1364 continue; 1365 if (dhcp_getoverride(ifo, opt->option)) 1366 continue; 1367 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1368 if (p == NULL) 1369 continue; 1370 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1371 opt, dhcp_getoption, p, pl); 1372 1373 if (opt->option != DHO_VIVSO || pl <= (int)sizeof(uint32_t)) 1374 continue; 1375 memcpy(&en, p, sizeof(en)); 1376 en = ntohl(en); 1377 vo = vivso_find(en, ifp); 1378 if (vo == NULL) 1379 continue; 1380 /* Skip over en + total size */ 1381 p += sizeof(en) + 1; 1382 pl -= sizeof(en) + 1; 1383 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1384 vo, dhcp_getoption, p, pl); 1385 } 1386 1387 for (i = 0, opt = ifo->dhcp_override; 1388 i < ifo->dhcp_override_len; 1389 i++, opt++) 1390 { 1391 if (has_option_mask(ifo->nomask, opt->option)) 1392 continue; 1393 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1394 if (p == NULL) 1395 continue; 1396 dhcp_envoption(ifp->ctx, fenv, prefix, ifp->name, 1397 opt, dhcp_getoption, p, pl); 1398 } 1399 1400 return 1; 1401 } 1402 1403 static void 1404 get_lease(struct interface *ifp, 1405 struct dhcp_lease *lease, const struct bootp *bootp, size_t len) 1406 { 1407 struct dhcpcd_ctx *ctx; 1408 1409 assert(bootp != NULL); 1410 1411 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 1412 /* BOOTP does not set yiaddr for replies when ciaddr is set. */ 1413 lease->addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1414 ctx = ifp->ctx; 1415 if (ifp->options->options & (DHCPCD_STATIC | DHCPCD_INFORM)) { 1416 if (ifp->options->req_addr.s_addr != INADDR_ANY) { 1417 lease->mask = ifp->options->req_mask; 1418 if (ifp->options->req_brd.s_addr != INADDR_ANY) 1419 lease->brd = ifp->options->req_brd; 1420 else 1421 lease->brd.s_addr = 1422 lease->addr.s_addr | ~lease->mask.s_addr; 1423 } else { 1424 const struct ipv4_addr *ia; 1425 1426 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 1427 assert(ia != NULL); 1428 lease->mask = ia->mask; 1429 lease->brd = ia->brd; 1430 } 1431 } else { 1432 if (get_option_addr(ctx, &lease->mask, bootp, len, 1433 DHO_SUBNETMASK) == -1) 1434 lease->mask.s_addr = 1435 ipv4_getnetmask(lease->addr.s_addr); 1436 if (get_option_addr(ctx, &lease->brd, bootp, len, 1437 DHO_BROADCAST) == -1) 1438 lease->brd.s_addr = 1439 lease->addr.s_addr | ~lease->mask.s_addr; 1440 } 1441 if (get_option_uint32(ctx, &lease->leasetime, 1442 bootp, len, DHO_LEASETIME) != 0) 1443 lease->leasetime = DHCP_INFINITE_LIFETIME; 1444 if (get_option_uint32(ctx, &lease->renewaltime, 1445 bootp, len, DHO_RENEWALTIME) != 0) 1446 lease->renewaltime = 0; 1447 if (get_option_uint32(ctx, &lease->rebindtime, 1448 bootp, len, DHO_REBINDTIME) != 0) 1449 lease->rebindtime = 0; 1450 if (get_option_addr(ctx, &lease->server, bootp, len, DHO_SERVERID) != 0) 1451 lease->server.s_addr = INADDR_ANY; 1452 } 1453 1454 static const char * 1455 get_dhcp_op(uint8_t type) 1456 { 1457 const struct dhcp_op *d; 1458 1459 for (d = dhcp_ops; d->name; d++) 1460 if (d->value == type) 1461 return d->name; 1462 return NULL; 1463 } 1464 1465 static void 1466 dhcp_fallback(void *arg) 1467 { 1468 struct interface *iface; 1469 1470 iface = (struct interface *)arg; 1471 dhcpcd_selectprofile(iface, iface->options->fallback); 1472 dhcpcd_startinterface(iface); 1473 } 1474 1475 static void 1476 dhcp_new_xid(struct interface *ifp) 1477 { 1478 struct dhcp_state *state; 1479 const struct interface *ifp1; 1480 const struct dhcp_state *state1; 1481 1482 state = D_STATE(ifp); 1483 if (ifp->options->options & DHCPCD_XID_HWADDR && 1484 ifp->hwlen >= sizeof(state->xid)) 1485 /* The lower bits are probably more unique on the network */ 1486 memcpy(&state->xid, 1487 (ifp->hwaddr + ifp->hwlen) - sizeof(state->xid), 1488 sizeof(state->xid)); 1489 else { 1490 again: 1491 state->xid = arc4random(); 1492 } 1493 1494 /* Ensure it's unique */ 1495 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 1496 if (ifp == ifp1) 1497 continue; 1498 if ((state1 = D_CSTATE(ifp1)) == NULL) 1499 continue; 1500 if (state1->xid == state->xid) 1501 break; 1502 } 1503 if (ifp1 != NULL) { 1504 if (ifp->options->options & DHCPCD_XID_HWADDR && 1505 ifp->hwlen >= sizeof(state->xid)) 1506 { 1507 logerrx("%s: duplicate xid on %s", 1508 ifp->name, ifp1->name); 1509 return; 1510 } 1511 goto again; 1512 } 1513 1514 /* We can't do this when sharing leases across interfaes */ 1515 #if 0 1516 /* As the XID changes, re-apply the filter. */ 1517 if (state->bpf_fd != -1) { 1518 if (bpf_bootp(ifp, state->bpf_fd) == -1) 1519 logerr(__func__); /* try to continue */ 1520 } 1521 #endif 1522 } 1523 1524 void 1525 dhcp_close(struct interface *ifp) 1526 { 1527 struct dhcp_state *state = D_STATE(ifp); 1528 1529 if (state == NULL) 1530 return; 1531 1532 if (state->bpf_fd != -1) { 1533 eloop_event_delete(ifp->ctx->eloop, state->bpf_fd); 1534 bpf_close(ifp, state->bpf_fd); 1535 state->bpf_fd = -1; 1536 state->bpf_flags |= BPF_EOF; 1537 } 1538 if (state->udp_fd != -1) { 1539 eloop_event_delete(ifp->ctx->eloop, state->udp_fd); 1540 close(state->udp_fd); 1541 state->udp_fd = -1; 1542 } 1543 1544 state->interval = 0; 1545 } 1546 1547 static int 1548 dhcp_openudp(struct interface *ifp) 1549 { 1550 int s; 1551 struct sockaddr_in sin; 1552 int n; 1553 1554 if ((s = xsocket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_UDP)) == -1) 1555 return -1; 1556 1557 n = 1; 1558 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(n)) == -1) 1559 goto eexit; 1560 #ifdef IP_RECVPKTINFO 1561 if (setsockopt(s, IPPROTO_IP, IP_RECVPKTINFO, &n, sizeof(n)) == -1) 1562 goto eexit; 1563 #endif 1564 memset(&sin, 0, sizeof(sin)); 1565 sin.sin_family = AF_INET; 1566 sin.sin_port = htons(BOOTPC); 1567 if (ifp) { 1568 const struct dhcp_state *state = D_CSTATE(ifp); 1569 1570 if (state->addr) 1571 sin.sin_addr.s_addr = state->addr->addr.s_addr; 1572 } 1573 if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1) 1574 goto eexit; 1575 1576 return s; 1577 1578 eexit: 1579 close(s); 1580 return -1; 1581 } 1582 1583 static uint16_t 1584 in_cksum(const void *data, size_t len, uint32_t *isum) 1585 { 1586 const uint16_t *word = data; 1587 uint32_t sum = isum != NULL ? *isum : 0; 1588 1589 for (; len > 1; len -= sizeof(*word)) 1590 sum += *word++; 1591 1592 if (len == 1) 1593 sum += htons((uint16_t)(*(const uint8_t *)word << 8)); 1594 1595 if (isum != NULL) 1596 *isum = sum; 1597 1598 sum = (sum >> 16) + (sum & 0xffff); 1599 sum += (sum >> 16); 1600 1601 return (uint16_t)~sum; 1602 } 1603 1604 static struct bootp_pkt * 1605 dhcp_makeudppacket(size_t *sz, const uint8_t *data, size_t length, 1606 struct in_addr source, struct in_addr dest) 1607 { 1608 struct bootp_pkt *udpp; 1609 struct ip *ip; 1610 struct udphdr *udp; 1611 1612 if ((udpp = calloc(1, sizeof(*ip) + sizeof(*udp) + length)) == NULL) 1613 return NULL; 1614 ip = &udpp->ip; 1615 udp = &udpp->udp; 1616 1617 /* OK, this is important :) 1618 * We copy the data to our packet and then create a small part of the 1619 * ip structure and an invalid ip_len (basically udp length). 1620 * We then fill the udp structure and put the checksum 1621 * of the whole packet into the udp checksum. 1622 * Finally we complete the ip structure and ip checksum. 1623 * If we don't do the ordering like so then the udp checksum will be 1624 * broken, so find another way of doing it! */ 1625 1626 memcpy(&udpp->bootp, data, length); 1627 1628 ip->ip_p = IPPROTO_UDP; 1629 ip->ip_src.s_addr = source.s_addr; 1630 if (dest.s_addr == 0) 1631 ip->ip_dst.s_addr = INADDR_BROADCAST; 1632 else 1633 ip->ip_dst.s_addr = dest.s_addr; 1634 1635 udp->uh_sport = htons(BOOTPC); 1636 udp->uh_dport = htons(BOOTPS); 1637 udp->uh_ulen = htons((uint16_t)(sizeof(*udp) + length)); 1638 ip->ip_len = udp->uh_ulen; 1639 udp->uh_sum = in_cksum(udpp, sizeof(*ip) + sizeof(*udp) + length, NULL); 1640 1641 ip->ip_v = IPVERSION; 1642 ip->ip_hl = sizeof(*ip) >> 2; 1643 ip->ip_id = (uint16_t)arc4random_uniform(UINT16_MAX); 1644 ip->ip_ttl = IPDEFTTL; 1645 ip->ip_len = htons((uint16_t)(sizeof(*ip) + sizeof(*udp) + length)); 1646 ip->ip_sum = in_cksum(ip, sizeof(*ip), NULL); 1647 if (ip->ip_sum == 0) 1648 ip->ip_sum = 0xffff; /* RFC 768 */ 1649 1650 *sz = sizeof(*ip) + sizeof(*udp) + length; 1651 return udpp; 1652 } 1653 1654 static ssize_t 1655 dhcp_sendudp(struct interface *ifp, struct in_addr *to, void *data, size_t len) 1656 { 1657 int s; 1658 struct msghdr msg; 1659 struct sockaddr_in sin; 1660 struct iovec iov[1]; 1661 struct dhcp_state *state = D_STATE(ifp); 1662 ssize_t r; 1663 1664 iov[0].iov_base = data; 1665 iov[0].iov_len = len; 1666 1667 memset(&sin, 0, sizeof(sin)); 1668 sin.sin_family = AF_INET; 1669 sin.sin_addr = *to; 1670 sin.sin_port = htons(BOOTPS); 1671 #ifdef HAVE_SA_LEN 1672 sin.sin_len = sizeof(sin); 1673 #endif 1674 1675 memset(&msg, 0, sizeof(msg)); 1676 msg.msg_name = (void *)&sin; 1677 msg.msg_namelen = sizeof(sin); 1678 msg.msg_iov = iov; 1679 msg.msg_iovlen = 1; 1680 1681 s = state->udp_fd; 1682 if (s == -1) { 1683 s = dhcp_openudp(ifp); 1684 if (s == -1) 1685 return -1; 1686 } 1687 r = sendmsg(s, &msg, 0); 1688 if (state->udp_fd == -1) 1689 close(s); 1690 return r; 1691 } 1692 1693 static void 1694 send_message(struct interface *ifp, uint8_t type, 1695 void (*callback)(void *)) 1696 { 1697 struct dhcp_state *state = D_STATE(ifp); 1698 struct if_options *ifo = ifp->options; 1699 struct bootp *bootp; 1700 struct bootp_pkt *udp; 1701 size_t len, ulen; 1702 ssize_t r; 1703 struct in_addr from, to; 1704 struct timespec tv; 1705 1706 if (!callback) { 1707 /* No carrier? Don't bother sending the packet. */ 1708 if (ifp->carrier <= LINK_DOWN) 1709 return; 1710 logdebugx("%s: sending %s with xid 0x%x", 1711 ifp->name, 1712 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1713 state->xid); 1714 } else { 1715 if (state->interval == 0) 1716 state->interval = 4; 1717 else { 1718 state->interval *= 2; 1719 if (state->interval > 64) 1720 state->interval = 64; 1721 } 1722 tv.tv_sec = state->interval + DHCP_RAND_MIN; 1723 tv.tv_nsec = (suseconds_t)arc4random_uniform( 1724 (DHCP_RAND_MAX - DHCP_RAND_MIN) * NSEC_PER_SEC); 1725 timespecnorm(&tv); 1726 /* No carrier? Don't bother sending the packet. 1727 * However, we do need to advance the timeout. */ 1728 if (ifp->carrier <= LINK_DOWN) 1729 goto fail; 1730 logdebugx("%s: sending %s (xid 0x%x), next in %0.1f seconds", 1731 ifp->name, 1732 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1733 state->xid, 1734 timespec_to_double(&tv)); 1735 } 1736 1737 r = make_message(&bootp, ifp, type); 1738 if (r == -1) 1739 goto fail; 1740 len = (size_t)r; 1741 from.s_addr = bootp->ciaddr; 1742 if (from.s_addr != INADDR_ANY) 1743 to.s_addr = state->lease.server.s_addr; 1744 else 1745 to.s_addr = INADDR_ANY; 1746 1747 /* If unicasting, try and avoid sending by BPF so we don't 1748 * use a L2 broadcast. */ 1749 if (to.s_addr != INADDR_ANY && to.s_addr != INADDR_BROADCAST) { 1750 if (dhcp_sendudp(ifp, &to, bootp, len) != -1) 1751 goto out; 1752 logerr("%s: dhcp_sendudp", ifp->name); 1753 } 1754 1755 if (dhcp_openbpf(ifp) == -1) 1756 goto out; 1757 1758 udp = dhcp_makeudppacket(&ulen, (uint8_t *)bootp, len, from, to); 1759 if (udp == NULL) { 1760 logerr("%s: dhcp_makeudppacket", ifp->name); 1761 r = 0; 1762 } else { 1763 r = bpf_send(ifp, state->bpf_fd, 1764 ETHERTYPE_IP, (uint8_t *)udp, ulen); 1765 free(udp); 1766 } 1767 /* If we failed to send a raw packet this normally means 1768 * we don't have the ability to work beneath the IP layer 1769 * for this interface. 1770 * As such we remove it from consideration without actually 1771 * stopping the interface. */ 1772 if (r == -1) { 1773 logerr("%s: if_sendraw", ifp->name); 1774 switch(errno) { 1775 case ENETDOWN: 1776 case ENETRESET: 1777 case ENETUNREACH: 1778 case ENOBUFS: 1779 break; 1780 default: 1781 if (!(ifp->ctx->options & DHCPCD_TEST)) 1782 dhcp_drop(ifp, "FAIL"); 1783 eloop_timeout_delete(ifp->ctx->eloop, 1784 NULL, ifp); 1785 callback = NULL; 1786 } 1787 } 1788 1789 out: 1790 free(bootp); 1791 1792 fail: 1793 /* Even if we fail to send a packet we should continue as we are 1794 * as our failure timeouts will change out codepath when needed. */ 1795 if (callback) 1796 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, callback, ifp); 1797 } 1798 1799 static void 1800 send_inform(void *arg) 1801 { 1802 1803 send_message((struct interface *)arg, DHCP_INFORM, send_inform); 1804 } 1805 1806 static void 1807 send_discover(void *arg) 1808 { 1809 1810 send_message((struct interface *)arg, DHCP_DISCOVER, send_discover); 1811 } 1812 1813 static void 1814 send_request(void *arg) 1815 { 1816 1817 send_message((struct interface *)arg, DHCP_REQUEST, send_request); 1818 } 1819 1820 static void 1821 send_renew(void *arg) 1822 { 1823 1824 send_message((struct interface *)arg, DHCP_REQUEST, send_renew); 1825 } 1826 1827 static void 1828 send_rebind(void *arg) 1829 { 1830 1831 send_message((struct interface *)arg, DHCP_REQUEST, send_rebind); 1832 } 1833 1834 void 1835 dhcp_discover(void *arg) 1836 { 1837 struct interface *ifp = arg; 1838 struct dhcp_state *state = D_STATE(ifp); 1839 struct if_options *ifo = ifp->options; 1840 1841 state->state = DHS_DISCOVER; 1842 dhcp_new_xid(ifp); 1843 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1844 if (ifo->fallback) 1845 eloop_timeout_add_sec(ifp->ctx->eloop, 1846 ifo->reboot, dhcp_fallback, ifp); 1847 #ifdef IPV4LL 1848 else if (ifo->options & DHCPCD_IPV4LL) 1849 eloop_timeout_add_sec(ifp->ctx->eloop, 1850 ifo->reboot, ipv4ll_start, ifp); 1851 #endif 1852 if (ifo->options & DHCPCD_REQUEST) 1853 loginfox("%s: soliciting a DHCP lease (requesting %s)", 1854 ifp->name, inet_ntoa(ifo->req_addr)); 1855 else 1856 loginfox("%s: soliciting a %s lease", 1857 ifp->name, ifo->options & DHCPCD_BOOTP ? "BOOTP" : "DHCP"); 1858 send_discover(ifp); 1859 } 1860 1861 static void 1862 dhcp_request(void *arg) 1863 { 1864 struct interface *ifp = arg; 1865 struct dhcp_state *state = D_STATE(ifp); 1866 1867 state->state = DHS_REQUEST; 1868 send_request(ifp); 1869 } 1870 1871 static void 1872 dhcp_expire1(struct interface *ifp) 1873 { 1874 struct dhcp_state *state = D_STATE(ifp); 1875 1876 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1877 dhcp_drop(ifp, "EXPIRE"); 1878 unlink(state->leasefile); 1879 state->interval = 0; 1880 if (!(ifp->options->options & DHCPCD_LINK) || ifp->carrier > LINK_DOWN) 1881 dhcp_discover(ifp); 1882 } 1883 1884 static void 1885 dhcp_expire(void *arg) 1886 { 1887 struct interface *ifp = arg; 1888 1889 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) { 1890 logwarnx("%s: DHCP lease expired, extending lease", ifp->name); 1891 return; 1892 } 1893 1894 logerrx("%s: DHCP lease expired", ifp->name); 1895 dhcp_expire1(ifp); 1896 } 1897 1898 #if defined(ARP) || defined(IN_IFF_DUPLICATED) 1899 static void 1900 dhcp_decline(struct interface *ifp) 1901 { 1902 1903 send_message(ifp, DHCP_DECLINE, NULL); 1904 } 1905 #endif 1906 1907 static void 1908 dhcp_startrenew(void *arg) 1909 { 1910 struct interface *ifp = arg; 1911 struct dhcp_state *state; 1912 struct dhcp_lease *lease; 1913 1914 if ((state = D_STATE(ifp)) == NULL) 1915 return; 1916 1917 /* Only renew in the bound or renew states */ 1918 if (state->state != DHS_BOUND && 1919 state->state != DHS_RENEW) 1920 return; 1921 1922 /* Remove the timeout as the renew may have been forced. */ 1923 eloop_timeout_delete(ifp->ctx->eloop, dhcp_startrenew, ifp); 1924 1925 lease = &state->lease; 1926 logdebugx("%s: renewing lease of %s", ifp->name, 1927 inet_ntoa(lease->addr)); 1928 state->state = DHS_RENEW; 1929 dhcp_new_xid(ifp); 1930 state->interval = 0; 1931 send_renew(ifp); 1932 } 1933 1934 void 1935 dhcp_renew(struct interface *ifp) 1936 { 1937 1938 dhcp_startrenew(ifp); 1939 } 1940 1941 static void 1942 dhcp_rebind(void *arg) 1943 { 1944 struct interface *ifp = arg; 1945 struct dhcp_state *state = D_STATE(ifp); 1946 struct dhcp_lease *lease = &state->lease; 1947 1948 logwarnx("%s: failed to renew DHCP, rebinding", ifp->name); 1949 logdebugx("%s: expire in %"PRIu32" seconds", 1950 ifp->name, lease->leasetime - lease->rebindtime); 1951 state->state = DHS_REBIND; 1952 eloop_timeout_delete(ifp->ctx->eloop, send_renew, ifp); 1953 state->lease.server.s_addr = INADDR_ANY; 1954 state->interval = 0; 1955 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 1956 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 1957 send_rebind(ifp); 1958 } 1959 1960 #if defined(ARP) || defined(IN_IFF_DUPLICATED) 1961 static void 1962 dhcp_finish_dad(struct interface *ifp, struct in_addr *ia) 1963 { 1964 struct dhcp_state *state = D_STATE(ifp); 1965 1966 if (state->state != DHS_PROBE) 1967 return; 1968 if (state->offer == NULL || state->offer->yiaddr != ia->s_addr) 1969 return; 1970 1971 logdebugx("%s: DAD completed for %s", ifp->name, inet_ntoa(*ia)); 1972 if (!(ifp->options->options & DHCPCD_INFORM)) 1973 dhcp_bind(ifp); 1974 #ifndef IN_IFF_DUPLICATED 1975 else { 1976 struct bootp *bootp; 1977 size_t len; 1978 1979 bootp = state->new; 1980 len = state->new_len; 1981 state->new = state->offer; 1982 state->new_len = state->offer_len; 1983 get_lease(ifp, &state->lease, state->new, state->new_len); 1984 ipv4_applyaddr(ifp); 1985 state->new = bootp; 1986 state->new_len = len; 1987 } 1988 #endif 1989 1990 /* If we forked, stop here. */ 1991 if (ifp->ctx->options & DHCPCD_FORKED) 1992 return; 1993 1994 #ifdef IPV4LL 1995 /* Stop IPv4LL now we have a working DHCP address */ 1996 ipv4ll_drop(ifp); 1997 #endif 1998 1999 if (ifp->options->options & DHCPCD_INFORM) 2000 dhcp_inform(ifp); 2001 } 2002 2003 2004 static void 2005 dhcp_addr_duplicated(struct interface *ifp, struct in_addr *ia) 2006 { 2007 struct dhcp_state *state = D_STATE(ifp); 2008 #ifdef IN_IFF_DUPLICATED 2009 struct ipv4_addr *iap; 2010 #endif 2011 2012 if ((state->offer == NULL || state->offer->yiaddr != ia->s_addr) && 2013 !IN_ARE_ADDR_EQUAL(ia, &state->lease.addr)) 2014 return; 2015 2016 /* RFC 2131 3.1.5, Client-server interaction */ 2017 logerrx("%s: DAD detected %s", ifp->name, inet_ntoa(*ia)); 2018 unlink(state->leasefile); 2019 if (!(ifp->options->options & DHCPCD_STATIC) && !state->lease.frominfo) 2020 dhcp_decline(ifp); 2021 #ifdef IN_IFF_DUPLICATED 2022 if ((iap = ipv4_iffindaddr(ifp, ia, NULL)) != NULL) 2023 ipv4_deladdr(iap, 0); 2024 #endif 2025 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2026 eloop_timeout_add_sec(ifp->ctx->eloop, 2027 DHCP_RAND_MAX, dhcp_discover, ifp); 2028 } 2029 #endif 2030 2031 #if defined(ARP) && (!defined(KERNEL_RFC5227) || defined(ARPING)) 2032 static void 2033 dhcp_arp_not_found(struct arp_state *astate) 2034 { 2035 struct interface *ifp; 2036 #ifdef ARPING 2037 struct dhcp_state *state; 2038 struct if_options *ifo; 2039 #endif 2040 2041 ifp = astate->iface; 2042 #ifdef ARPING 2043 state = D_STATE(ifp); 2044 ifo = ifp->options; 2045 if (ifo->arping_len && state->arping_index < ifo->arping_len) { 2046 /* We didn't find a profile for this 2047 * address or hwaddr, so move to the next 2048 * arping profile */ 2049 if (++state->arping_index < ifo->arping_len) { 2050 astate->addr.s_addr = 2051 ifo->arping[state->arping_index]; 2052 arp_probe(astate); 2053 return; 2054 } 2055 arp_free(astate); 2056 dhcpcd_startinterface(ifp); 2057 return; 2058 } 2059 #endif 2060 2061 dhcp_finish_dad(ifp, &astate->addr); 2062 } 2063 2064 static void 2065 dhcp_arp_found(struct arp_state *astate, const struct arp_msg *amsg) 2066 { 2067 struct in_addr addr; 2068 struct interface *ifp = astate->iface; 2069 #ifdef ARPING 2070 struct dhcp_state *state; 2071 struct if_options *ifo; 2072 2073 state = D_STATE(ifp); 2074 2075 ifo = ifp->options; 2076 if (state->arping_index != -1 && 2077 state->arping_index < ifo->arping_len && 2078 amsg && 2079 amsg->sip.s_addr == ifo->arping[state->arping_index]) 2080 { 2081 char buf[HWADDR_LEN * 3]; 2082 2083 hwaddr_ntoa(amsg->sha, ifp->hwlen, buf, sizeof(buf)); 2084 if (dhcpcd_selectprofile(ifp, buf) == -1 && 2085 dhcpcd_selectprofile(ifp, inet_ntoa(amsg->sip)) == -1) 2086 { 2087 /* We didn't find a profile for this 2088 * address or hwaddr, so move to the next 2089 * arping profile */ 2090 dhcp_arp_not_found(astate); 2091 return; 2092 } 2093 arp_free(astate); 2094 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2095 dhcpcd_startinterface(ifp); 2096 return; 2097 } 2098 #else 2099 UNUSED(amsg); 2100 #endif 2101 2102 addr = astate->addr; 2103 arp_free(astate); 2104 dhcp_addr_duplicated(ifp, &addr); 2105 } 2106 2107 #ifdef KERNEL_RFC5227 2108 static void 2109 dhcp_arp_announced(struct arp_state *state) 2110 { 2111 2112 arp_free(state); 2113 } 2114 #endif /* KERNEL_RFC5227 */ 2115 #endif /* ARP */ 2116 2117 void 2118 dhcp_bind(struct interface *ifp) 2119 { 2120 struct dhcpcd_ctx *ctx = ifp->ctx; 2121 struct dhcp_state *state = D_STATE(ifp); 2122 struct if_options *ifo = ifp->options; 2123 struct dhcp_lease *lease = &state->lease; 2124 2125 state->reason = NULL; 2126 /* If we don't have an offer, we are re-binding a lease on preference, 2127 * normally when two interfaces have a lease matching IP addresses. */ 2128 if (state->offer) { 2129 free(state->old); 2130 state->old = state->new; 2131 state->old_len = state->new_len; 2132 state->new = state->offer; 2133 state->new_len = state->offer_len; 2134 state->offer = NULL; 2135 state->offer_len = 0; 2136 } 2137 get_lease(ifp, lease, state->new, state->new_len); 2138 if (ifo->options & DHCPCD_STATIC) { 2139 loginfox("%s: using static address %s/%d", 2140 ifp->name, inet_ntoa(lease->addr), 2141 inet_ntocidr(lease->mask)); 2142 lease->leasetime = DHCP_INFINITE_LIFETIME; 2143 state->reason = "STATIC"; 2144 } else if (ifo->options & DHCPCD_INFORM) { 2145 loginfox("%s: received approval for %s", 2146 ifp->name, inet_ntoa(lease->addr)); 2147 lease->leasetime = DHCP_INFINITE_LIFETIME; 2148 state->reason = "INFORM"; 2149 } else { 2150 if (lease->frominfo) 2151 state->reason = "TIMEOUT"; 2152 if (lease->leasetime == DHCP_INFINITE_LIFETIME) { 2153 lease->renewaltime = 2154 lease->rebindtime = 2155 lease->leasetime; 2156 loginfox("%s: leased %s for infinity", 2157 ifp->name, inet_ntoa(lease->addr)); 2158 } else { 2159 if (lease->leasetime < DHCP_MIN_LEASE) { 2160 logwarnx("%s: minimum lease is %d seconds", 2161 ifp->name, DHCP_MIN_LEASE); 2162 lease->leasetime = DHCP_MIN_LEASE; 2163 } 2164 if (lease->rebindtime == 0) 2165 lease->rebindtime = 2166 (uint32_t)(lease->leasetime * T2); 2167 else if (lease->rebindtime >= lease->leasetime) { 2168 lease->rebindtime = 2169 (uint32_t)(lease->leasetime * T2); 2170 logwarnx("%s: rebind time greater than lease " 2171 "time, forcing to %"PRIu32" seconds", 2172 ifp->name, lease->rebindtime); 2173 } 2174 if (lease->renewaltime == 0) 2175 lease->renewaltime = 2176 (uint32_t)(lease->leasetime * T1); 2177 else if (lease->renewaltime > lease->rebindtime) { 2178 lease->renewaltime = 2179 (uint32_t)(lease->leasetime * T1); 2180 logwarnx("%s: renewal time greater than " 2181 "rebind time, forcing to %"PRIu32" seconds", 2182 ifp->name, lease->renewaltime); 2183 } 2184 if (state->addr && 2185 lease->addr.s_addr == state->addr->addr.s_addr && 2186 !(state->added & STATE_FAKE)) 2187 logdebugx("%s: leased %s for %"PRIu32" seconds", 2188 ifp->name, inet_ntoa(lease->addr), 2189 lease->leasetime); 2190 else 2191 loginfox("%s: leased %s for %"PRIu32" seconds", 2192 ifp->name, inet_ntoa(lease->addr), 2193 lease->leasetime); 2194 } 2195 } 2196 if (ctx->options & DHCPCD_TEST) { 2197 state->reason = "TEST"; 2198 script_runreason(ifp, state->reason); 2199 eloop_exit(ctx->eloop, EXIT_SUCCESS); 2200 return; 2201 } 2202 if (state->reason == NULL) { 2203 if (state->old && !(state->added & STATE_FAKE)) { 2204 if (state->old->yiaddr == state->new->yiaddr && 2205 lease->server.s_addr && 2206 state->state != DHS_REBIND) 2207 state->reason = "RENEW"; 2208 else 2209 state->reason = "REBIND"; 2210 } else if (state->state == DHS_REBOOT) 2211 state->reason = "REBOOT"; 2212 else 2213 state->reason = "BOUND"; 2214 } 2215 if (lease->leasetime == DHCP_INFINITE_LIFETIME) 2216 lease->renewaltime = lease->rebindtime = lease->leasetime; 2217 else { 2218 eloop_timeout_add_sec(ctx->eloop, 2219 (time_t)lease->renewaltime, dhcp_startrenew, ifp); 2220 eloop_timeout_add_sec(ctx->eloop, 2221 (time_t)lease->rebindtime, dhcp_rebind, ifp); 2222 eloop_timeout_add_sec(ctx->eloop, 2223 (time_t)lease->leasetime, dhcp_expire, ifp); 2224 logdebugx("%s: renew in %"PRIu32" seconds, rebind in %"PRIu32 2225 " seconds", 2226 ifp->name, lease->renewaltime, lease->rebindtime); 2227 } 2228 state->state = DHS_BOUND; 2229 if (!state->lease.frominfo && 2230 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))) 2231 if (write_lease(ifp, state->new, state->new_len) == -1) 2232 logerr(__func__); 2233 2234 ipv4_applyaddr(ifp); 2235 2236 #ifdef IP_PKTINFO 2237 /* Close the BPF filter as we can now receive DHCP messages 2238 * on a UDP socket. */ 2239 if (state->udp_fd == -1 || 2240 (state->old != NULL && state->old->yiaddr != state->new->yiaddr)) 2241 { 2242 dhcp_close(ifp); 2243 /* If not in master mode, open an address specific socket. */ 2244 if (ctx->udp_fd == -1) { 2245 state->udp_fd = dhcp_openudp(ifp); 2246 if (state->udp_fd == -1) { 2247 logerr(__func__); 2248 /* Address sharing without master mode is 2249 * not supported. It's also possible another 2250 * DHCP client could be running which is 2251 * even worse. 2252 * We still need to work, so re-open BPF. */ 2253 dhcp_openbpf(ifp); 2254 } else 2255 eloop_event_add(ctx->eloop, 2256 state->udp_fd, dhcp_handleifudp, ifp); 2257 } 2258 } 2259 #endif 2260 } 2261 2262 static void 2263 dhcp_lastlease(void *arg) 2264 { 2265 struct interface *ifp = arg; 2266 struct dhcp_state *state = D_STATE(ifp); 2267 2268 loginfox("%s: timed out contacting a DHCP server, using last lease", 2269 ifp->name); 2270 dhcp_bind(ifp); 2271 /* If we forked, stop here. */ 2272 if (ifp->ctx->options & DHCPCD_FORKED) 2273 return; 2274 state->interval = 0; 2275 dhcp_discover(ifp); 2276 } 2277 2278 static size_t 2279 dhcp_message_new(struct bootp **bootp, 2280 const struct in_addr *addr, const struct in_addr *mask) 2281 { 2282 uint8_t *p; 2283 uint32_t cookie; 2284 2285 if ((*bootp = calloc(1, sizeof(**bootp))) == NULL) 2286 return 0; 2287 2288 (*bootp)->yiaddr = addr->s_addr; 2289 p = (*bootp)->vend; 2290 2291 cookie = htonl(MAGIC_COOKIE); 2292 memcpy(p, &cookie, sizeof(cookie)); 2293 p += sizeof(cookie); 2294 2295 if (mask->s_addr != INADDR_ANY) { 2296 *p++ = DHO_SUBNETMASK; 2297 *p++ = sizeof(mask->s_addr); 2298 memcpy(p, &mask->s_addr, sizeof(mask->s_addr)); 2299 p+= sizeof(mask->s_addr); 2300 } 2301 2302 *p = DHO_END; 2303 return sizeof(**bootp); 2304 } 2305 2306 #ifdef ARP 2307 #ifndef KERNEL_RFC5227 2308 static void 2309 dhcp_arp_defend_failed(struct arp_state *astate) 2310 { 2311 2312 dhcp_drop(astate->iface, "EXPIRED"); 2313 dhcp_start1(astate->iface); 2314 } 2315 #endif 2316 2317 #if !defined(KERNEL_RFC5227) || defined(ARPING) 2318 static struct arp_state * 2319 dhcp_arp_new(struct interface *ifp, struct in_addr *addr) 2320 { 2321 struct arp_state *astate; 2322 2323 astate = arp_new(ifp, addr); 2324 if (astate == NULL) 2325 return NULL; 2326 2327 astate->found_cb = dhcp_arp_found; 2328 astate->not_found_cb = dhcp_arp_not_found; 2329 #ifdef KERNEL_RFC5227 2330 astate->announced_cb = dhcp_arp_announced; 2331 #else 2332 astate->defend_failed_cb = dhcp_arp_defend_failed; 2333 #endif 2334 return astate; 2335 } 2336 #endif 2337 #endif /* ARP */ 2338 2339 #if defined(ARP) || defined(KERNEL_RFC5227) 2340 static int 2341 dhcp_arp_address(struct interface *ifp) 2342 { 2343 struct dhcp_state *state; 2344 struct in_addr addr; 2345 struct ipv4_addr *ia; 2346 2347 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2348 2349 state = D_STATE(ifp); 2350 addr.s_addr = state->offer->yiaddr == INADDR_ANY ? 2351 state->offer->ciaddr : state->offer->yiaddr; 2352 /* If the interface already has the address configured 2353 * then we can't ARP for duplicate detection. */ 2354 ia = ipv4_iffindaddr(ifp, &addr, NULL); 2355 #ifdef IN_IFF_NOTUSEABLE 2356 if (ia == NULL || ia->addr_flags & IN_IFF_NOTUSEABLE) { 2357 state->state = DHS_PROBE; 2358 if (ia == NULL) { 2359 struct dhcp_lease l; 2360 2361 get_lease(ifp, &l, state->offer, state->offer_len); 2362 /* Add the address now, let the kernel handle DAD. */ 2363 ipv4_addaddr(ifp, &l.addr, &l.mask, &l.brd, 2364 l.leasetime, l.rebindtime); 2365 } else 2366 loginfox("%s: waiting for DAD on %s", 2367 ifp->name, inet_ntoa(addr)); 2368 return 0; 2369 } 2370 #else 2371 if (!(ifp->flags & IFF_NOARP) && 2372 ifp->options->options & DHCPCD_ARP && 2373 ia == NULL) 2374 { 2375 struct arp_state *astate; 2376 struct dhcp_lease l; 2377 2378 astate = dhcp_arp_new(ifp, &addr); 2379 if (astate == NULL) 2380 return -1; 2381 2382 state->state = DHS_PROBE; 2383 get_lease(ifp, &l, state->offer, state->offer_len); 2384 loginfox("%s: probing address %s/%d", 2385 ifp->name, inet_ntoa(l.addr), inet_ntocidr(l.mask)); 2386 /* We need to handle DAD. */ 2387 arp_probe(astate); 2388 return 0; 2389 } 2390 #endif 2391 2392 return 1; 2393 } 2394 2395 static void 2396 dhcp_arp_bind(struct interface *ifp) 2397 { 2398 2399 if (ifp->ctx->options & DHCPCD_TEST || 2400 dhcp_arp_address(ifp) == 1) 2401 dhcp_bind(ifp); 2402 } 2403 #endif 2404 2405 static void 2406 dhcp_static(struct interface *ifp) 2407 { 2408 struct if_options *ifo; 2409 struct dhcp_state *state; 2410 struct ipv4_addr *ia; 2411 2412 state = D_STATE(ifp); 2413 ifo = ifp->options; 2414 2415 ia = NULL; 2416 if (ifo->req_addr.s_addr == INADDR_ANY && 2417 (ia = ipv4_iffindaddr(ifp, NULL, NULL)) == NULL) 2418 { 2419 loginfox("%s: waiting for 3rd party to " 2420 "configure IP address", ifp->name); 2421 state->reason = "3RDPARTY"; 2422 script_runreason(ifp, state->reason); 2423 return; 2424 } 2425 2426 state->offer_len = dhcp_message_new(&state->offer, 2427 ia ? &ia->addr : &ifo->req_addr, 2428 ia ? &ia->mask : &ifo->req_mask); 2429 if (state->offer_len) 2430 #if defined(ARP) || defined(KERNEL_RFC5227) 2431 dhcp_arp_bind(ifp); 2432 #else 2433 dhcp_bind(ifp); 2434 #endif 2435 } 2436 2437 void 2438 dhcp_inform(struct interface *ifp) 2439 { 2440 struct dhcp_state *state; 2441 struct if_options *ifo; 2442 struct ipv4_addr *ia; 2443 2444 state = D_STATE(ifp); 2445 ifo = ifp->options; 2446 2447 state->state = DHS_INFORM; 2448 free(state->offer); 2449 state->offer = NULL; 2450 state->offer_len = 0; 2451 2452 if (ifo->req_addr.s_addr == INADDR_ANY) { 2453 ia = ipv4_iffindaddr(ifp, NULL, NULL); 2454 if (ia == NULL) { 2455 loginfox("%s: waiting for 3rd party to " 2456 "configure IP address", 2457 ifp->name); 2458 if (!(ifp->ctx->options & DHCPCD_TEST)) { 2459 state->reason = "3RDPARTY"; 2460 script_runreason(ifp, state->reason); 2461 } 2462 return; 2463 } 2464 } else { 2465 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, &ifo->req_mask); 2466 if (ia == NULL) { 2467 if (ifp->ctx->options & DHCPCD_TEST) { 2468 logerrx("%s: cannot add IP address in test mode", 2469 ifp->name); 2470 return; 2471 } 2472 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, NULL); 2473 if (ia != NULL) 2474 /* Netmask must be different, delete it. */ 2475 ipv4_deladdr(ia, 1); 2476 state->offer_len = dhcp_message_new(&state->offer, 2477 &ifo->req_addr, &ifo->req_mask); 2478 #ifdef ARP 2479 if (dhcp_arp_address(ifp) == 0) 2480 return; 2481 #endif 2482 ia = ipv4_iffindaddr(ifp, 2483 &ifo->req_addr, &ifo->req_mask); 2484 assert(ia != NULL); 2485 } 2486 } 2487 2488 state->addr = ia; 2489 state->offer_len = dhcp_message_new(&state->offer, 2490 &ia->addr, &ia->mask); 2491 if (state->offer_len) { 2492 dhcp_new_xid(ifp); 2493 get_lease(ifp, &state->lease, state->offer, state->offer_len); 2494 send_inform(ifp); 2495 } 2496 } 2497 2498 void 2499 dhcp_reboot_newopts(struct interface *ifp, unsigned long long oldopts) 2500 { 2501 struct if_options *ifo; 2502 struct dhcp_state *state = D_STATE(ifp); 2503 2504 if (state == NULL || state->state == DHS_NONE) 2505 return; 2506 ifo = ifp->options; 2507 if ((ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC) && 2508 (state->addr == NULL || 2509 state->addr->addr.s_addr != ifo->req_addr.s_addr)) || 2510 (oldopts & (DHCPCD_INFORM | DHCPCD_STATIC) && 2511 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC)))) 2512 { 2513 dhcp_drop(ifp, "EXPIRE"); 2514 } 2515 } 2516 2517 #ifdef ARP 2518 static int 2519 dhcp_activeaddr(const struct interface *ifp, const struct in_addr *addr) 2520 { 2521 const struct interface *ifp1; 2522 const struct dhcp_state *state; 2523 2524 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 2525 if (ifp1 == ifp) 2526 continue; 2527 if ((state = D_CSTATE(ifp1)) == NULL) 2528 continue; 2529 switch(state->state) { 2530 case DHS_REBOOT: 2531 case DHS_RENEW: 2532 case DHS_REBIND: 2533 case DHS_BOUND: 2534 case DHS_INFORM: 2535 break; 2536 default: 2537 continue; 2538 } 2539 if (state->lease.addr.s_addr == addr->s_addr) 2540 return 1; 2541 } 2542 return 0; 2543 } 2544 #endif 2545 2546 static void 2547 dhcp_reboot(struct interface *ifp) 2548 { 2549 struct if_options *ifo; 2550 struct dhcp_state *state = D_STATE(ifp); 2551 #ifdef ARP 2552 struct ipv4_addr *ia; 2553 #endif 2554 2555 if (state == NULL || state->state == DHS_NONE) 2556 return; 2557 ifo = ifp->options; 2558 state->state = DHS_REBOOT; 2559 state->interval = 0; 2560 2561 if (ifo->options & DHCPCD_LINK && ifp->carrier <= LINK_DOWN) { 2562 loginfox("%s: waiting for carrier", ifp->name); 2563 return; 2564 } 2565 if (ifo->options & DHCPCD_STATIC) { 2566 dhcp_static(ifp); 2567 return; 2568 } 2569 if (ifo->options & DHCPCD_INFORM) { 2570 loginfox("%s: informing address of %s", 2571 ifp->name, inet_ntoa(state->lease.addr)); 2572 dhcp_inform(ifp); 2573 return; 2574 } 2575 if (ifo->reboot == 0 || state->offer == NULL) { 2576 dhcp_discover(ifp); 2577 return; 2578 } 2579 if (!IS_DHCP(state->offer)) 2580 return; 2581 2582 loginfox("%s: rebinding lease of %s", 2583 ifp->name, inet_ntoa(state->lease.addr)); 2584 2585 #ifdef ARP 2586 /* If the address exists on the interface and no other interface 2587 * is currently using it then announce it to ensure this 2588 * interface gets the reply. */ 2589 ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL); 2590 if (ia != NULL && 2591 !(ifp->ctx->options & DHCPCD_TEST) && 2592 #ifdef IN_IFF_NOTUSEABLE 2593 !(ia->addr_flags & IN_IFF_NOTUSEABLE) && 2594 #endif 2595 dhcp_activeaddr(ifp, &state->lease.addr) == 0) 2596 arp_ifannounceaddr(ifp, &state->lease.addr); 2597 #endif 2598 2599 dhcp_new_xid(ifp); 2600 state->lease.server.s_addr = INADDR_ANY; 2601 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2602 2603 #ifdef IPV4LL 2604 /* Need to add this before dhcp_expire and friends. */ 2605 if (!ifo->fallback && ifo->options & DHCPCD_IPV4LL) 2606 eloop_timeout_add_sec(ifp->ctx->eloop, 2607 ifo->reboot, ipv4ll_start, ifp); 2608 #endif 2609 2610 if (ifo->options & DHCPCD_LASTLEASE && state->lease.frominfo) 2611 eloop_timeout_add_sec(ifp->ctx->eloop, 2612 ifo->reboot, dhcp_lastlease, ifp); 2613 else if (!(ifo->options & DHCPCD_INFORM)) 2614 eloop_timeout_add_sec(ifp->ctx->eloop, 2615 ifo->reboot, dhcp_expire, ifp); 2616 2617 /* Don't bother ARP checking as the server could NAK us first. 2618 * Don't call dhcp_request as that would change the state */ 2619 send_request(ifp); 2620 } 2621 2622 void 2623 dhcp_drop(struct interface *ifp, const char *reason) 2624 { 2625 struct dhcp_state *state; 2626 #ifdef RELEASE_SLOW 2627 struct timespec ts; 2628 #endif 2629 2630 state = D_STATE(ifp); 2631 /* dhcp_start may just have been called and we don't yet have a state 2632 * but we do have a timeout, so punt it. */ 2633 if (state == NULL || state->state == DHS_NONE) { 2634 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2635 return; 2636 } 2637 2638 #ifdef ARP 2639 if (state->addr != NULL) 2640 arp_freeaddr(ifp, &state->addr->addr); 2641 #endif 2642 #ifdef ARPING 2643 state->arping_index = -1; 2644 #endif 2645 2646 if (ifp->options->options & DHCPCD_RELEASE && 2647 !(ifp->options->options & DHCPCD_INFORM)) 2648 { 2649 /* Failure to send the release may cause this function to 2650 * re-enter so guard by setting the state. */ 2651 if (state->state == DHS_RELEASE) 2652 return; 2653 state->state = DHS_RELEASE; 2654 2655 unlink(state->leasefile); 2656 if (ifp->carrier > LINK_DOWN && 2657 state->new != NULL && 2658 state->lease.server.s_addr != INADDR_ANY) 2659 { 2660 loginfox("%s: releasing lease of %s", 2661 ifp->name, inet_ntoa(state->lease.addr)); 2662 dhcp_new_xid(ifp); 2663 send_message(ifp, DHCP_RELEASE, NULL); 2664 #ifdef RELEASE_SLOW 2665 /* Give the packet a chance to go */ 2666 ts.tv_sec = RELEASE_DELAY_S; 2667 ts.tv_nsec = RELEASE_DELAY_NS; 2668 nanosleep(&ts, NULL); 2669 #endif 2670 } 2671 } 2672 2673 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2674 #ifdef AUTH 2675 dhcp_auth_reset(&state->auth); 2676 #endif 2677 2678 state->state = DHS_NONE; 2679 free(state->offer); 2680 state->offer = NULL; 2681 state->offer_len = 0; 2682 free(state->old); 2683 state->old = state->new; 2684 state->old_len = state->new_len; 2685 state->new = NULL; 2686 state->new_len = 0; 2687 state->reason = reason; 2688 ipv4_applyaddr(ifp); 2689 free(state->old); 2690 state->old = NULL; 2691 state->old_len = 0; 2692 state->lease.addr.s_addr = 0; 2693 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 2694 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 2695 } 2696 2697 static int 2698 blacklisted_ip(const struct if_options *ifo, in_addr_t addr) 2699 { 2700 size_t i; 2701 2702 for (i = 0; i < ifo->blacklist_len; i += 2) 2703 if (ifo->blacklist[i] == (addr & ifo->blacklist[i + 1])) 2704 return 1; 2705 return 0; 2706 } 2707 2708 #define WHTLST_NONE 0 2709 #define WHTLST_MATCH 1 2710 #define WHTLST_NOMATCH 2 2711 static unsigned int 2712 whitelisted_ip(const struct if_options *ifo, in_addr_t addr) 2713 { 2714 size_t i; 2715 2716 if (ifo->whitelist_len == 0) 2717 return WHTLST_NONE; 2718 for (i = 0; i < ifo->whitelist_len; i += 2) 2719 if (ifo->whitelist[i] == (addr & ifo->whitelist[i + 1])) 2720 return WHTLST_MATCH; 2721 return WHTLST_NOMATCH; 2722 } 2723 2724 static void 2725 log_dhcp(logfunc_t *logfunc, const char *msg, 2726 const struct interface *ifp, const struct bootp *bootp, size_t bootp_len, 2727 const struct in_addr *from, int ad) 2728 { 2729 const char *tfrom; 2730 char *a, sname[sizeof(bootp->sname) * 4]; 2731 struct in_addr addr; 2732 int r; 2733 uint8_t overl; 2734 2735 if (strcmp(msg, "NAK:") == 0) { 2736 a = get_option_string(ifp->ctx, bootp, bootp_len, DHO_MESSAGE); 2737 if (a) { 2738 char *tmp; 2739 size_t al, tmpl; 2740 2741 al = strlen(a); 2742 tmpl = (al * 4) + 1; 2743 tmp = malloc(tmpl); 2744 if (tmp == NULL) { 2745 logerr(__func__); 2746 free(a); 2747 return; 2748 } 2749 print_string(tmp, tmpl, OT_STRING, (uint8_t *)a, al); 2750 free(a); 2751 a = tmp; 2752 } 2753 } else if (ad && bootp->yiaddr != 0) { 2754 addr.s_addr = bootp->yiaddr; 2755 a = strdup(inet_ntoa(addr)); 2756 if (a == NULL) { 2757 logerr(__func__); 2758 return; 2759 } 2760 } else 2761 a = NULL; 2762 2763 tfrom = "from"; 2764 r = get_option_addr(ifp->ctx, &addr, bootp, bootp_len, DHO_SERVERID); 2765 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 2766 DHO_OPTSOVERLOADED) == -1) 2767 overl = 0; 2768 if (bootp->sname[0] && r == 0 && !(overl & 2)) { 2769 print_string(sname, sizeof(sname), OT_STRING | OT_DOMAIN, 2770 bootp->sname, sizeof(bootp->sname)); 2771 if (a == NULL) 2772 logfunc("%s: %s %s %s `%s'", 2773 ifp->name, msg, tfrom, inet_ntoa(addr), sname); 2774 else 2775 logfunc("%s: %s %s %s %s `%s'", 2776 ifp->name, msg, a, tfrom, inet_ntoa(addr), sname); 2777 } else { 2778 if (r != 0) { 2779 tfrom = "via"; 2780 addr = *from; 2781 } 2782 if (a == NULL) 2783 logfunc("%s: %s %s %s", 2784 ifp->name, msg, tfrom, inet_ntoa(addr)); 2785 else 2786 logfunc("%s: %s %s %s %s", 2787 ifp->name, msg, a, tfrom, inet_ntoa(addr)); 2788 } 2789 free(a); 2790 } 2791 2792 /* If we're sharing the same IP address with another interface on the 2793 * same network, we may receive the DHCP reply on the wrong interface. 2794 * Try and re-direct it here. */ 2795 static void 2796 dhcp_redirect_dhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2797 const struct in_addr *from) 2798 { 2799 struct interface *ifn; 2800 const struct dhcp_state *state; 2801 uint32_t xid; 2802 2803 xid = ntohl(bootp->xid); 2804 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) { 2805 state = D_CSTATE(ifn); 2806 if (state == NULL || state->state == DHS_NONE) 2807 continue; 2808 if (state->xid != xid) 2809 continue; 2810 if (ifn->hwlen <= sizeof(bootp->chaddr) && 2811 memcmp(bootp->chaddr, ifn->hwaddr, ifn->hwlen)) 2812 continue; 2813 logdebugx("%s: redirecting DHCP message to %s", 2814 ifp->name, ifn->name); 2815 dhcp_handledhcp(ifn, bootp, bootp_len, from); 2816 } 2817 } 2818 2819 static void 2820 dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2821 const struct in_addr *from) 2822 { 2823 struct dhcp_state *state = D_STATE(ifp); 2824 struct if_options *ifo = ifp->options; 2825 struct dhcp_lease *lease = &state->lease; 2826 uint8_t type, tmp; 2827 struct in_addr addr; 2828 unsigned int i; 2829 char *msg; 2830 bool bootp_copied; 2831 #ifdef AUTH 2832 const uint8_t *auth; 2833 size_t auth_len; 2834 #endif 2835 #ifdef IN_IFF_DUPLICATED 2836 struct ipv4_addr *ia; 2837 #endif 2838 2839 #define LOGDHCP0(l, m) \ 2840 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 0) 2841 #define LOGDHCP(l, m) \ 2842 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 1) 2843 2844 if (bootp->op != BOOTREPLY) { 2845 logdebugx("%s: op (%d) is not BOOTREPLY", 2846 ifp->name, bootp->op); 2847 return; 2848 } 2849 2850 if (state->xid != ntohl(bootp->xid)) { 2851 if (state->state != DHS_BOUND && state->state != DHS_NONE) 2852 logdebugx("%s: wrong xid 0x%x (expecting 0x%x) from %s", 2853 ifp->name, ntohl(bootp->xid), state->xid, 2854 inet_ntoa(*from)); 2855 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 2856 return; 2857 } 2858 2859 if (ifp->hwlen <= sizeof(bootp->chaddr) && 2860 memcmp(bootp->chaddr, ifp->hwaddr, ifp->hwlen)) 2861 { 2862 char buf[sizeof(bootp->chaddr) * 3]; 2863 2864 logdebugx("%s: xid 0x%x is for hwaddr %s", 2865 ifp->name, ntohl(bootp->xid), 2866 hwaddr_ntoa(bootp->chaddr, sizeof(bootp->chaddr), 2867 buf, sizeof(buf))); 2868 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 2869 return; 2870 } 2871 2872 if (!ifp->active) 2873 return; 2874 2875 i = whitelisted_ip(ifp->options, from->s_addr); 2876 switch (i) { 2877 case WHTLST_NOMATCH: 2878 logwarnx("%s: non whitelisted DHCP packet from %s", 2879 ifp->name, inet_ntoa(*from)); 2880 return; 2881 case WHTLST_MATCH: 2882 break; 2883 case WHTLST_NONE: 2884 if (blacklisted_ip(ifp->options, from->s_addr) == 1) { 2885 logwarnx("%s: blacklisted DHCP packet from %s", 2886 ifp->name, inet_ntoa(*from)); 2887 return; 2888 } 2889 } 2890 2891 /* We may have found a BOOTP server */ 2892 if (get_option_uint8(ifp->ctx, &type, 2893 bootp, bootp_len, DHO_MESSAGETYPE) == -1) 2894 type = 0; 2895 else if (ifo->options & DHCPCD_BOOTP) { 2896 logdebugx("%s: ignoring DHCP reply (expecting BOOTP)", 2897 ifp->name); 2898 return; 2899 } 2900 2901 #ifdef AUTH 2902 /* Authenticate the message */ 2903 auth = get_option(ifp->ctx, bootp, bootp_len, 2904 DHO_AUTHENTICATION, &auth_len); 2905 if (auth) { 2906 if (dhcp_auth_validate(&state->auth, &ifo->auth, 2907 (uint8_t *)bootp, bootp_len, 4, type, 2908 auth, auth_len) == NULL) 2909 { 2910 LOGDHCP0(logerrx, "authentication failed"); 2911 return; 2912 } 2913 if (state->auth.token) 2914 logdebugx("%s: validated using 0x%08" PRIu32, 2915 ifp->name, state->auth.token->secretid); 2916 else 2917 loginfox("%s: accepted reconfigure key", ifp->name); 2918 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) { 2919 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 2920 LOGDHCP0(logerrx, "no authentication"); 2921 return; 2922 } 2923 LOGDHCP0(logwarnx, "no authentication"); 2924 } 2925 #endif 2926 2927 /* RFC 3203 */ 2928 if (type == DHCP_FORCERENEW) { 2929 if (from->s_addr == INADDR_ANY || 2930 from->s_addr == INADDR_BROADCAST) 2931 { 2932 LOGDHCP(logerrx, "discarding Force Renew"); 2933 return; 2934 } 2935 #ifdef AUTH 2936 if (auth == NULL) { 2937 LOGDHCP(logerrx, "unauthenticated Force Renew"); 2938 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) 2939 return; 2940 } 2941 if (state->state != DHS_BOUND && state->state != DHS_INFORM) { 2942 LOGDHCP(logdebugx, "not bound, ignoring Force Renew"); 2943 return; 2944 } 2945 LOGDHCP(loginfox, "Force Renew from"); 2946 /* The rebind and expire timings are still the same, we just 2947 * enter the renew state early */ 2948 if (state->state == DHS_BOUND) 2949 dhcp_renew(ifp); 2950 else { 2951 eloop_timeout_delete(ifp->ctx->eloop, 2952 send_inform, ifp); 2953 dhcp_inform(ifp); 2954 } 2955 #else 2956 LOGDHCP(logerrx, "unauthenticated Force Renew"); 2957 #endif 2958 return; 2959 } 2960 2961 if (state->state == DHS_BOUND) { 2962 /* Before we supported FORCERENEW we closed off the raw 2963 * port so we effectively ignored all messages. 2964 * As such we'll not log by default here. */ 2965 //LOGDHCP(logdebugx, "bound, ignoring"); 2966 return; 2967 } 2968 2969 if (state->state == DHS_PROBE) { 2970 /* Ignore any DHCP messages whilst probing a lease to bind. */ 2971 LOGDHCP(logdebugx, "probing, ignoring"); 2972 return; 2973 } 2974 2975 /* reset the message counter */ 2976 state->interval = 0; 2977 2978 /* Ensure that no reject options are present */ 2979 for (i = 1; i < 255; i++) { 2980 if (has_option_mask(ifo->rejectmask, i) && 2981 get_option_uint8(ifp->ctx, &tmp, 2982 bootp, bootp_len, (uint8_t)i) == 0) 2983 { 2984 LOGDHCP(logwarnx, "reject DHCP"); 2985 return; 2986 } 2987 } 2988 2989 if (type == DHCP_NAK) { 2990 /* For NAK, only check if we require the ServerID */ 2991 if (has_option_mask(ifo->requiremask, DHO_SERVERID) && 2992 get_option_addr(ifp->ctx, &addr, 2993 bootp, bootp_len, DHO_SERVERID) == -1) 2994 { 2995 LOGDHCP(logwarnx, "reject NAK"); 2996 return; 2997 } 2998 2999 /* We should restart on a NAK */ 3000 LOGDHCP(logwarnx, "NAK:"); 3001 if ((msg = get_option_string(ifp->ctx, 3002 bootp, bootp_len, DHO_MESSAGE))) 3003 { 3004 logwarnx("%s: message: %s", ifp->name, msg); 3005 free(msg); 3006 } 3007 if (state->state == DHS_INFORM) /* INFORM should not be NAKed */ 3008 return; 3009 if (!(ifp->ctx->options & DHCPCD_TEST)) { 3010 dhcp_drop(ifp, "NAK"); 3011 unlink(state->leasefile); 3012 } 3013 3014 /* If we constantly get NAKS then we should slowly back off */ 3015 eloop_timeout_add_sec(ifp->ctx->eloop, 3016 state->nakoff, dhcp_discover, ifp); 3017 if (state->nakoff == 0) 3018 state->nakoff = 1; 3019 else { 3020 state->nakoff *= 2; 3021 if (state->nakoff > NAKOFF_MAX) 3022 state->nakoff = NAKOFF_MAX; 3023 } 3024 return; 3025 } 3026 3027 /* Ensure that all required options are present */ 3028 for (i = 1; i < 255; i++) { 3029 if (has_option_mask(ifo->requiremask, i) && 3030 get_option_uint8(ifp->ctx, &tmp, 3031 bootp, bootp_len, (uint8_t)i) != 0) 3032 { 3033 /* If we are BOOTP, then ignore the need for serverid. 3034 * To ignore BOOTP, require dhcp_message_type. 3035 * However, nothing really stops BOOTP from providing 3036 * DHCP style options as well so the above isn't 3037 * always true. */ 3038 if (type == 0 && i == DHO_SERVERID) 3039 continue; 3040 LOGDHCP(logwarnx, "reject DHCP"); 3041 return; 3042 } 3043 } 3044 3045 /* DHCP Auto-Configure, RFC 2563 */ 3046 if (type == DHCP_OFFER && bootp->yiaddr == 0) { 3047 LOGDHCP(logwarnx, "no address given"); 3048 if ((msg = get_option_string(ifp->ctx, 3049 bootp, bootp_len, DHO_MESSAGE))) 3050 { 3051 logwarnx("%s: message: %s", ifp->name, msg); 3052 free(msg); 3053 } 3054 #ifdef IPV4LL 3055 if (state->state == DHS_DISCOVER && 3056 get_option_uint8(ifp->ctx, &tmp, bootp, bootp_len, 3057 DHO_AUTOCONFIGURE) == 0) 3058 { 3059 switch (tmp) { 3060 case 0: 3061 LOGDHCP(logwarnx, "IPv4LL disabled from"); 3062 ipv4ll_drop(ifp); 3063 #ifdef ARP 3064 arp_drop(ifp); 3065 #endif 3066 break; 3067 case 1: 3068 LOGDHCP(logwarnx, "IPv4LL enabled from"); 3069 ipv4ll_start(ifp); 3070 break; 3071 default: 3072 logerrx("%s: unknown auto configuration " 3073 "option %d", 3074 ifp->name, tmp); 3075 break; 3076 } 3077 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3078 eloop_timeout_add_sec(ifp->ctx->eloop, 3079 DHCP_MAX, dhcp_discover, ifp); 3080 } 3081 #endif 3082 return; 3083 } 3084 3085 /* Ensure that the address offered is valid */ 3086 if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) && 3087 (bootp->ciaddr == INADDR_ANY || bootp->ciaddr == INADDR_BROADCAST) 3088 && 3089 (bootp->yiaddr == INADDR_ANY || bootp->yiaddr == INADDR_BROADCAST)) 3090 { 3091 LOGDHCP(logwarnx, "reject invalid address"); 3092 return; 3093 } 3094 3095 #ifdef IN_IFF_DUPLICATED 3096 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 3097 if (ia && ia->addr_flags & IN_IFF_DUPLICATED) { 3098 LOGDHCP(logwarnx, "declined duplicate address"); 3099 if (type) 3100 dhcp_decline(ifp); 3101 ipv4_deladdr(ia, 0); 3102 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3103 eloop_timeout_add_sec(ifp->ctx->eloop, 3104 DHCP_RAND_MAX, dhcp_discover, ifp); 3105 return; 3106 } 3107 #endif 3108 3109 bootp_copied = false; 3110 if ((type == 0 || type == DHCP_OFFER) && state->state == DHS_DISCOVER) { 3111 lease->frominfo = 0; 3112 lease->addr.s_addr = bootp->yiaddr; 3113 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 3114 if (type == 0 || 3115 get_option_addr(ifp->ctx, 3116 &lease->server, bootp, bootp_len, DHO_SERVERID) != 0) 3117 lease->server.s_addr = INADDR_ANY; 3118 3119 /* Test for rapid commit in the OFFER */ 3120 if (!(ifp->ctx->options & DHCPCD_TEST) && 3121 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT) && 3122 get_option(ifp->ctx, bootp, bootp_len, 3123 DHO_RAPIDCOMMIT, NULL)) 3124 { 3125 state->state = DHS_REQUEST; 3126 goto rapidcommit; 3127 } 3128 3129 LOGDHCP(loginfox, "offered"); 3130 if (state->offer_len < bootp_len) { 3131 free(state->offer); 3132 if ((state->offer = malloc(bootp_len)) == NULL) { 3133 logerr(__func__); 3134 state->offer_len = 0; 3135 return; 3136 } 3137 } 3138 state->offer_len = bootp_len; 3139 memcpy(state->offer, bootp, bootp_len); 3140 bootp_copied = true; 3141 if (ifp->ctx->options & DHCPCD_TEST) { 3142 free(state->old); 3143 state->old = state->new; 3144 state->old_len = state->new_len; 3145 state->new = state->offer; 3146 state->new_len = state->offer_len; 3147 state->offer = NULL; 3148 state->offer_len = 0; 3149 state->reason = "TEST"; 3150 script_runreason(ifp, state->reason); 3151 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3152 state->bpf_flags |= BPF_EOF; 3153 return; 3154 } 3155 eloop_timeout_delete(ifp->ctx->eloop, send_discover, ifp); 3156 /* We don't request BOOTP addresses */ 3157 if (type) { 3158 /* We used to ARP check here, but that seems to be in 3159 * violation of RFC2131 where it only describes 3160 * DECLINE after REQUEST. 3161 * It also seems that some MS DHCP servers actually 3162 * ignore DECLINE if no REQUEST, ie we decline a 3163 * DISCOVER. */ 3164 dhcp_request(ifp); 3165 return; 3166 } 3167 } 3168 3169 if (type) { 3170 if (type == DHCP_OFFER) { 3171 LOGDHCP(logwarnx, "ignoring offer of"); 3172 return; 3173 } 3174 3175 /* We should only be dealing with acks */ 3176 if (type != DHCP_ACK) { 3177 LOGDHCP(logerr, "not ACK or OFFER"); 3178 return; 3179 } 3180 3181 if (state->state == DHS_DISCOVER) { 3182 /* We only allow ACK of rapid commit DISCOVER. */ 3183 if (has_option_mask(ifo->requestmask, 3184 DHO_RAPIDCOMMIT) && 3185 get_option(ifp->ctx, bootp, bootp_len, 3186 DHO_RAPIDCOMMIT, NULL)) 3187 state->state = DHS_REQUEST; 3188 else { 3189 LOGDHCP(logdebugx, "ignoring ack of"); 3190 return; 3191 } 3192 } 3193 3194 rapidcommit: 3195 if (!(ifo->options & DHCPCD_INFORM)) 3196 LOGDHCP(logdebugx, "acknowledged"); 3197 else 3198 ifo->options &= ~DHCPCD_STATIC; 3199 } 3200 3201 /* No NAK, so reset the backoff 3202 * We don't reset on an OFFER message because the server could 3203 * potentially NAK the REQUEST. */ 3204 state->nakoff = 0; 3205 3206 /* BOOTP could have already assigned this above. */ 3207 if (!bootp_copied) { 3208 if (state->offer_len < bootp_len) { 3209 free(state->offer); 3210 if ((state->offer = malloc(bootp_len)) == NULL) { 3211 logerr(__func__); 3212 state->offer_len = 0; 3213 return; 3214 } 3215 } 3216 state->offer_len = bootp_len; 3217 memcpy(state->offer, bootp, bootp_len); 3218 } 3219 3220 lease->frominfo = 0; 3221 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3222 3223 #if defined(ARP) || defined(KERNEL_RFC5227) 3224 dhcp_arp_bind(ifp); 3225 #else 3226 dhcp_bind(ifp); 3227 #endif 3228 } 3229 3230 static void * 3231 get_udp_data(void *packet, size_t *len) 3232 { 3233 const struct ip *ip = packet; 3234 size_t ip_hl = (size_t)ip->ip_hl * 4; 3235 char *p = packet; 3236 3237 p += ip_hl + sizeof(struct udphdr); 3238 *len = (size_t)ntohs(ip->ip_len) - sizeof(struct udphdr) - ip_hl; 3239 return p; 3240 } 3241 3242 static int 3243 valid_udp_packet(void *packet, size_t plen, struct in_addr *from, 3244 unsigned int flags) 3245 { 3246 struct ip *ip = packet; 3247 struct ip pseudo_ip = { 3248 .ip_p = IPPROTO_UDP, 3249 .ip_src = ip->ip_src, 3250 .ip_dst = ip->ip_dst 3251 }; 3252 size_t ip_hlen; 3253 uint16_t ip_len, udp_len, uh_sum; 3254 struct udphdr *udp; 3255 uint32_t csum; 3256 3257 if (plen < sizeof(*ip)) { 3258 if (from != NULL) 3259 from->s_addr = INADDR_ANY; 3260 errno = ERANGE; 3261 return -1; 3262 } 3263 3264 if (from != NULL) 3265 from->s_addr = ip->ip_src.s_addr; 3266 3267 /* Check we have the IP header */ 3268 ip_hlen = (size_t)ip->ip_hl * 4; 3269 if (ip_hlen > plen) { 3270 errno = ENOBUFS; 3271 return -1; 3272 } 3273 3274 if (in_cksum(ip, ip_hlen, NULL) != 0) { 3275 errno = EINVAL; 3276 return -1; 3277 } 3278 3279 /* Check we have a payload */ 3280 ip_len = ntohs(ip->ip_len); 3281 if (ip_len <= ip_hlen + sizeof(*udp)) { 3282 errno = ERANGE; 3283 return -1; 3284 } 3285 /* Check IP doesn't go beyond the payload */ 3286 if (ip_len > plen) { 3287 errno = ENOBUFS; 3288 return -1; 3289 } 3290 3291 /* Check UDP doesn't go beyond the payload */ 3292 udp = (struct udphdr *)(void *)((char *)ip + ip_hlen); 3293 udp_len = ntohs(udp->uh_ulen); 3294 if (udp_len > plen - ip_hlen) { 3295 errno = ENOBUFS; 3296 return -1; 3297 } 3298 3299 if (udp->uh_sum == 0 || flags & BPF_PARTIALCSUM) 3300 return 0; 3301 3302 /* UDP checksum is based on a pseudo IP header alongside 3303 * the UDP header and payload. */ 3304 uh_sum = udp->uh_sum; 3305 udp->uh_sum = 0; 3306 pseudo_ip.ip_len = udp->uh_ulen; 3307 csum = 0; 3308 in_cksum(&pseudo_ip, sizeof(pseudo_ip), &csum); 3309 csum = in_cksum(udp, udp_len, &csum); 3310 if (csum != uh_sum) { 3311 errno = EINVAL; 3312 return -1; 3313 } 3314 3315 return 0; 3316 } 3317 3318 static void 3319 dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len, 3320 struct in_addr *from) 3321 { 3322 size_t v; 3323 3324 /* udp_len must be correct because the values are checked in 3325 * valid_udp_packet(). */ 3326 if (len < offsetof(struct bootp, vend)) { 3327 logerrx("%s: truncated packet (%zu) from %s", 3328 ifp->name, len, inet_ntoa(*from)); 3329 return; 3330 } 3331 /* To make our IS_DHCP macro easy, ensure the vendor 3332 * area has at least 4 octets. */ 3333 v = len - offsetof(struct bootp, vend); 3334 while (v < 4) { 3335 bootp->vend[v++] = '\0'; 3336 len++; 3337 } 3338 3339 dhcp_handledhcp(ifp, bootp, len, from); 3340 } 3341 3342 static void 3343 dhcp_handlepacket(struct interface *ifp, uint8_t *data, size_t len) 3344 { 3345 struct bootp *bootp; 3346 struct in_addr from; 3347 size_t udp_len; 3348 const struct dhcp_state *state = D_CSTATE(ifp); 3349 3350 if (valid_udp_packet(data, len, &from, state->bpf_flags) == -1) { 3351 const char *errstr; 3352 3353 if (errno == EINVAL) 3354 errstr = "checksum failure"; 3355 else 3356 errstr = "invalid UDP packet"; 3357 logerrx("%s: %s from %s", errstr, ifp->name, inet_ntoa(from)); 3358 return; 3359 } 3360 3361 /* 3362 * DHCP has a variable option area rather than a fixed vendor area. 3363 * Because DHCP uses the BOOTP protocol it should still send BOOTP 3364 * sized packets to be RFC compliant. 3365 * However some servers send a truncated vendor area. 3366 * dhcpcd can work fine without the vendor area being sent. 3367 */ 3368 bootp = get_udp_data(data, &udp_len); 3369 dhcp_handlebootp(ifp, bootp, udp_len, &from); 3370 } 3371 3372 static void 3373 dhcp_readpacket(void *arg) 3374 { 3375 struct interface *ifp = arg; 3376 uint8_t buf[MTU_MAX]; 3377 ssize_t bytes; 3378 struct dhcp_state *state = D_STATE(ifp); 3379 3380 /* Some RAW mechanisms are generic file descriptors, not sockets. 3381 * This means we have no kernel call to just get one packet, 3382 * so we have to process the entire buffer. */ 3383 state->bpf_flags &= ~BPF_EOF; 3384 state->bpf_flags |= BPF_READING; 3385 while (!(state->bpf_flags & BPF_EOF)) { 3386 bytes = bpf_read(ifp, state->bpf_fd, buf, sizeof(buf), 3387 &state->bpf_flags); 3388 if (bytes == -1) { 3389 if (state->state != DHS_NONE) { 3390 logerr("%s: %s", __func__, ifp->name); 3391 dhcp_close(ifp); 3392 } 3393 break; 3394 } 3395 dhcp_handlepacket(ifp, buf, (size_t)bytes); 3396 /* Check we still have a state after processing. */ 3397 if ((state = D_STATE(ifp)) == NULL) 3398 break; 3399 } 3400 if (state != NULL) 3401 state->bpf_flags &= ~BPF_READING; 3402 } 3403 3404 static void 3405 dhcp_readudp(struct dhcpcd_ctx *ctx, struct interface *ifp) 3406 { 3407 const struct dhcp_state *state; 3408 struct sockaddr_in from; 3409 unsigned char buf[10 * 1024]; /* Maximum MTU */ 3410 struct iovec iov = { 3411 .iov_base = buf, 3412 .iov_len = sizeof(buf), 3413 }; 3414 #ifdef IP_PKTINFO 3415 unsigned char ctl[CMSG_SPACE(sizeof(struct in_pktinfo))] = { 0 }; 3416 char sfrom[INET_ADDRSTRLEN]; 3417 #endif 3418 struct msghdr msg = { 3419 .msg_name = &from, .msg_namelen = sizeof(from), 3420 .msg_iov = &iov, .msg_iovlen = 1, 3421 #ifdef IP_PKTINFO 3422 .msg_control = ctl, .msg_controllen = sizeof(ctl), 3423 #endif 3424 }; 3425 int s; 3426 ssize_t bytes; 3427 3428 if (ifp != NULL) { 3429 state = D_CSTATE(ifp); 3430 s = state->udp_fd; 3431 } else 3432 s = ctx->udp_fd; 3433 3434 bytes = recvmsg(s, &msg, 0); 3435 if (bytes == -1) { 3436 logerr(__func__); 3437 return; 3438 } 3439 3440 #ifdef IP_PKTINFO 3441 inet_ntop(AF_INET, &from.sin_addr, sfrom, sizeof(sfrom)); 3442 3443 if (ifp == NULL) { 3444 ifp = if_findifpfromcmsg(ctx, &msg, NULL); 3445 if (ifp == NULL) { 3446 logerr(__func__); 3447 return; 3448 } 3449 state = D_CSTATE(ifp); 3450 if (state == NULL) { 3451 logdebugx("%s: received BOOTP for inactive interface", 3452 ifp->name); 3453 return; 3454 } 3455 } 3456 3457 if (state->bpf_fd != -1) { 3458 /* Avoid a duplicate read if BPF is open for the interface. */ 3459 return; 3460 } 3461 3462 dhcp_handlebootp(ifp, (struct bootp *)(void *)buf, (size_t)bytes, 3463 &from.sin_addr); 3464 #endif 3465 } 3466 3467 static void 3468 dhcp_handleudp(void *arg) 3469 { 3470 struct dhcpcd_ctx *ctx = arg; 3471 3472 dhcp_readudp(ctx, NULL); 3473 } 3474 3475 #ifdef IP_PKTINFO 3476 static void 3477 dhcp_handleifudp(void *arg) 3478 { 3479 struct interface *ifp = arg; 3480 3481 dhcp_readudp(ifp->ctx, ifp); 3482 3483 } 3484 #endif 3485 3486 static int 3487 dhcp_openbpf(struct interface *ifp) 3488 { 3489 struct dhcp_state *state; 3490 3491 state = D_STATE(ifp); 3492 if (state->bpf_fd != -1) 3493 return 0; 3494 3495 state->bpf_fd = bpf_open(ifp, bpf_bootp); 3496 if (state->bpf_fd == -1) { 3497 if (errno == ENOENT) { 3498 logerrx("%s not found", bpf_name); 3499 /* May as well disable IPv4 entirely at 3500 * this point as we really need it. */ 3501 ifp->options->options &= ~DHCPCD_IPV4; 3502 } else 3503 logerr("%s: %s", __func__, ifp->name); 3504 return -1; 3505 } 3506 3507 eloop_event_add(ifp->ctx->eloop, 3508 state->bpf_fd, dhcp_readpacket, ifp); 3509 return 0; 3510 } 3511 3512 int 3513 dhcp_dump(struct interface *ifp) 3514 { 3515 struct dhcp_state *state; 3516 3517 ifp->if_data[IF_DATA_DHCP] = state = calloc(1, sizeof(*state)); 3518 if (state == NULL) 3519 goto eexit; 3520 state->bpf_fd = -1; 3521 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3522 AF_INET, ifp); 3523 state->new_len = read_lease(ifp, &state->new); 3524 if (state->new == NULL) { 3525 logerr("%s: %s", 3526 *ifp->name ? ifp->name : state->leasefile, __func__); 3527 return -1; 3528 } 3529 state->reason = "DUMP"; 3530 return script_runreason(ifp, state->reason); 3531 3532 eexit: 3533 logerr(__func__); 3534 return -1; 3535 } 3536 3537 void 3538 dhcp_free(struct interface *ifp) 3539 { 3540 struct dhcp_state *state = D_STATE(ifp); 3541 struct dhcpcd_ctx *ctx; 3542 3543 dhcp_close(ifp); 3544 #ifdef ARP 3545 arp_drop(ifp); 3546 #endif 3547 if (state) { 3548 state->state = DHS_NONE; 3549 free(state->old); 3550 free(state->new); 3551 free(state->offer); 3552 free(state->clientid); 3553 free(state); 3554 } 3555 3556 ctx = ifp->ctx; 3557 /* If we don't have any more DHCP enabled interfaces, 3558 * close the global socket and release resources */ 3559 if (ctx->ifaces) { 3560 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3561 state = D_STATE(ifp); 3562 if (state != NULL && state->state != DHS_NONE) 3563 break; 3564 } 3565 } 3566 if (ifp == NULL) { 3567 if (ctx->udp_fd != -1) { 3568 eloop_event_delete(ctx->eloop, ctx->udp_fd); 3569 close(ctx->udp_fd); 3570 ctx->udp_fd = -1; 3571 } 3572 3573 free(ctx->opt_buffer); 3574 ctx->opt_buffer = NULL; 3575 } 3576 } 3577 3578 static int 3579 dhcp_initstate(struct interface *ifp) 3580 { 3581 struct dhcp_state *state; 3582 3583 state = D_STATE(ifp); 3584 if (state != NULL) 3585 return 0; 3586 3587 ifp->if_data[IF_DATA_DHCP] = calloc(1, sizeof(*state)); 3588 state = D_STATE(ifp); 3589 if (state == NULL) 3590 return -1; 3591 3592 state->state = DHS_NONE; 3593 /* 0 is a valid fd, so init to -1 */ 3594 state->bpf_fd = -1; 3595 state->udp_fd = -1; 3596 #ifdef ARPING 3597 state->arping_index = -1; 3598 #endif 3599 return 1; 3600 } 3601 3602 static int 3603 dhcp_init(struct interface *ifp) 3604 { 3605 struct dhcp_state *state; 3606 const struct if_options *ifo; 3607 uint8_t len; 3608 char buf[(sizeof(ifo->clientid) - 1) * 3]; 3609 3610 if (dhcp_initstate(ifp) == -1) 3611 return -1; 3612 3613 state = D_STATE(ifp); 3614 state->state = DHS_INIT; 3615 state->reason = "PREINIT"; 3616 state->nakoff = 0; 3617 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3618 AF_INET, ifp); 3619 3620 ifo = ifp->options; 3621 /* We need to drop the leasefile so that dhcp_start 3622 * doesn't load it. */ 3623 if (ifo->options & DHCPCD_REQUEST) 3624 unlink(state->leasefile); 3625 3626 free(state->clientid); 3627 state->clientid = NULL; 3628 3629 if (*ifo->clientid) { 3630 state->clientid = malloc((size_t)(ifo->clientid[0] + 1)); 3631 if (state->clientid == NULL) 3632 goto eexit; 3633 memcpy(state->clientid, ifo->clientid, 3634 (size_t)(ifo->clientid[0]) + 1); 3635 } else if (ifo->options & DHCPCD_CLIENTID) { 3636 if (ifo->options & DHCPCD_DUID) { 3637 state->clientid = malloc(ifp->ctx->duid_len + 6); 3638 if (state->clientid == NULL) 3639 goto eexit; 3640 state->clientid[0] =(uint8_t)(ifp->ctx->duid_len + 5); 3641 state->clientid[1] = 255; /* RFC 4361 */ 3642 memcpy(state->clientid + 2, ifo->iaid, 4); 3643 memcpy(state->clientid + 6, ifp->ctx->duid, 3644 ifp->ctx->duid_len); 3645 } else { 3646 len = (uint8_t)(ifp->hwlen + 1); 3647 state->clientid = malloc((size_t)len + 1); 3648 if (state->clientid == NULL) 3649 goto eexit; 3650 state->clientid[0] = len; 3651 state->clientid[1] = (uint8_t)ifp->family; 3652 memcpy(state->clientid + 2, ifp->hwaddr, 3653 ifp->hwlen); 3654 } 3655 } 3656 3657 if (ifo->options & DHCPCD_DUID) 3658 /* Don't bother logging as DUID and IAID are reported 3659 * at device start. */ 3660 return 0; 3661 3662 if (ifo->options & DHCPCD_CLIENTID) 3663 logdebugx("%s: using ClientID %s", ifp->name, 3664 hwaddr_ntoa(state->clientid + 1, state->clientid[0], 3665 buf, sizeof(buf))); 3666 else if (ifp->hwlen) 3667 logdebugx("%s: using hwaddr %s", ifp->name, 3668 hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf))); 3669 return 0; 3670 3671 eexit: 3672 logerr(__func__); 3673 return -1; 3674 } 3675 3676 static void 3677 dhcp_start1(void *arg) 3678 { 3679 struct interface *ifp = arg; 3680 struct dhcpcd_ctx *ctx = ifp->ctx; 3681 struct if_options *ifo = ifp->options; 3682 struct dhcp_state *state; 3683 struct stat st; 3684 uint32_t l; 3685 int nolease; 3686 3687 if (!(ifo->options & DHCPCD_IPV4)) 3688 return; 3689 3690 /* Listen on *.*.*.*:bootpc so that the kernel never sends an 3691 * ICMP port unreachable message back to the DHCP server. 3692 * Only do this in master mode so we don't swallow messages 3693 * for dhcpcd running on another interface. */ 3694 if (ctx->udp_fd == -1 && ctx->options & DHCPCD_MASTER) { 3695 ctx->udp_fd = dhcp_openudp(NULL); 3696 if (ctx->udp_fd == -1) { 3697 /* Don't log an error if some other process 3698 * is handling this. */ 3699 if (errno != EADDRINUSE) 3700 logerr("%s: dhcp_openudp", __func__); 3701 } else 3702 eloop_event_add(ctx->eloop, 3703 ctx->udp_fd, dhcp_handleudp, ctx); 3704 } 3705 3706 if (dhcp_init(ifp) == -1) { 3707 logerr("%s: dhcp_init", ifp->name); 3708 return; 3709 } 3710 3711 state = D_STATE(ifp); 3712 clock_gettime(CLOCK_MONOTONIC, &state->started); 3713 state->interval = 0; 3714 free(state->offer); 3715 state->offer = NULL; 3716 state->offer_len = 0; 3717 3718 #ifdef ARPING 3719 if (ifo->arping_len && state->arping_index < ifo->arping_len) { 3720 struct arp_state *astate; 3721 3722 astate = dhcp_arp_new(ifp, NULL); 3723 if (astate) 3724 dhcp_arp_not_found(astate); 3725 return; 3726 } 3727 #endif 3728 3729 if (ifo->options & DHCPCD_STATIC) { 3730 dhcp_static(ifp); 3731 return; 3732 } 3733 3734 if (ifo->options & DHCPCD_INFORM) { 3735 dhcp_inform(ifp); 3736 return; 3737 } 3738 3739 /* We don't want to read the old lease if we NAK an old test */ 3740 nolease = state->offer && ifp->ctx->options & DHCPCD_TEST; 3741 if (!nolease && ifo->options & DHCPCD_DHCP) { 3742 state->offer_len = read_lease(ifp, &state->offer); 3743 /* Check the saved lease matches the type we want */ 3744 if (state->offer) { 3745 #ifdef IN_IFF_DUPLICATED 3746 struct in_addr addr; 3747 struct ipv4_addr *ia; 3748 3749 addr.s_addr = state->offer->yiaddr; 3750 ia = ipv4_iffindaddr(ifp, &addr, NULL); 3751 #endif 3752 3753 if ((!IS_DHCP(state->offer) && 3754 !(ifo->options & DHCPCD_BOOTP)) || 3755 #ifdef IN_IFF_DUPLICATED 3756 (ia && ia->addr_flags & IN_IFF_DUPLICATED) || 3757 #endif 3758 (IS_DHCP(state->offer) && 3759 ifo->options & DHCPCD_BOOTP)) 3760 { 3761 free(state->offer); 3762 state->offer = NULL; 3763 state->offer_len = 0; 3764 } 3765 } 3766 } 3767 if (state->offer) { 3768 struct ipv4_addr *ia; 3769 3770 get_lease(ifp, &state->lease, state->offer, state->offer_len); 3771 state->lease.frominfo = 1; 3772 if (state->new == NULL && 3773 (ia = ipv4_iffindaddr(ifp, 3774 &state->lease.addr, &state->lease.mask)) != NULL) 3775 { 3776 /* We still have the IP address from the last lease. 3777 * Fake add the address and routes from it so the lease 3778 * can be cleaned up. */ 3779 state->new = malloc(state->offer_len); 3780 if (state->new) { 3781 memcpy(state->new, 3782 state->offer, state->offer_len); 3783 state->new_len = state->offer_len; 3784 state->addr = ia; 3785 state->added |= STATE_ADDED | STATE_FAKE; 3786 rt_build(ifp->ctx, AF_INET); 3787 } else 3788 logerr(__func__); 3789 } 3790 if (!IS_DHCP(state->offer)) { 3791 free(state->offer); 3792 state->offer = NULL; 3793 state->offer_len = 0; 3794 } else if (!(ifo->options & DHCPCD_LASTLEASE_EXTEND) && 3795 state->lease.leasetime != DHCP_INFINITE_LIFETIME && 3796 stat(state->leasefile, &st) == 0) 3797 { 3798 time_t now; 3799 3800 /* Offset lease times and check expiry */ 3801 now = time(NULL); 3802 if (now == -1 || 3803 (time_t)state->lease.leasetime < now - st.st_mtime) 3804 { 3805 logdebugx("%s: discarding expired lease", 3806 ifp->name); 3807 free(state->offer); 3808 state->offer = NULL; 3809 state->offer_len = 0; 3810 state->lease.addr.s_addr = 0; 3811 /* Technically we should discard the lease 3812 * as it's expired, just as DHCPv6 addresses 3813 * would be by the kernel. 3814 * However, this may violate POLA so 3815 * we currently leave it be. 3816 * If we get a totally different lease from 3817 * the DHCP server we'll drop it anyway, as 3818 * we will on any other event which would 3819 * trigger a lease drop. 3820 * This should only happen if dhcpcd stops 3821 * running and the lease expires before 3822 * dhcpcd starts again. */ 3823 #if 0 3824 if (state->new) 3825 dhcp_drop(ifp, "EXPIRE"); 3826 #endif 3827 } else { 3828 l = (uint32_t)(now - st.st_mtime); 3829 state->lease.leasetime -= l; 3830 state->lease.renewaltime -= l; 3831 state->lease.rebindtime -= l; 3832 } 3833 } 3834 } 3835 3836 #ifdef IPV4LL 3837 if (!(ifo->options & DHCPCD_DHCP)) { 3838 if (ifo->options & DHCPCD_IPV4LL) 3839 ipv4ll_start(ifp); 3840 return; 3841 } 3842 #endif 3843 3844 if (state->offer == NULL || !IS_DHCP(state->offer)) 3845 dhcp_discover(ifp); 3846 else 3847 dhcp_reboot(ifp); 3848 } 3849 3850 void 3851 dhcp_start(struct interface *ifp) 3852 { 3853 struct timespec tv; 3854 #ifdef ARPING 3855 const struct dhcp_state *state; 3856 #endif 3857 3858 if (!(ifp->options->options & DHCPCD_IPV4)) 3859 return; 3860 3861 /* If we haven't been given a netmask for our requested address, 3862 * set it now. */ 3863 if (ifp->options->req_addr.s_addr != INADDR_ANY && 3864 ifp->options->req_mask.s_addr == INADDR_ANY) 3865 ifp->options->req_mask.s_addr = 3866 ipv4_getnetmask(ifp->options->req_addr.s_addr); 3867 3868 /* If we haven't specified a ClientID and our hardware address 3869 * length is greater than BOOTP CHADDR then we enforce a ClientID 3870 * of the hardware address family and the hardware address. 3871 * If there is no hardware address and no ClientID set, 3872 * force a DUID based ClientID. */ 3873 if (ifp->hwlen > 16) 3874 ifp->options->options |= DHCPCD_CLIENTID; 3875 else if (ifp->hwlen == 0 && !(ifp->options->options & DHCPCD_CLIENTID)) 3876 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_DUID; 3877 3878 /* Firewire and InfiniBand interfaces require ClientID and 3879 * the broadcast option being set. */ 3880 switch (ifp->family) { 3881 case ARPHRD_IEEE1394: /* FALLTHROUGH */ 3882 case ARPHRD_INFINIBAND: 3883 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_BROADCAST; 3884 break; 3885 } 3886 3887 /* If we violate RFC2131 section 3.7 then require ARP 3888 * to detect if any other client wants our address. */ 3889 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) 3890 ifp->options->options |= DHCPCD_ARP; 3891 3892 /* No point in delaying a static configuration */ 3893 if (ifp->options->options & DHCPCD_STATIC || 3894 !(ifp->options->options & DHCPCD_INITIAL_DELAY)) 3895 { 3896 dhcp_start1(ifp); 3897 return; 3898 } 3899 3900 #ifdef ARPING 3901 /* If we have arpinged then we have already delayed. */ 3902 state = D_CSTATE(ifp); 3903 if (state != NULL && state->arping_index != -1) { 3904 dhcp_start1(ifp); 3905 return; 3906 } 3907 #endif 3908 3909 tv.tv_sec = DHCP_MIN_DELAY; 3910 tv.tv_nsec = (suseconds_t)arc4random_uniform( 3911 (DHCP_MAX_DELAY - DHCP_MIN_DELAY) * NSEC_PER_SEC); 3912 timespecnorm(&tv); 3913 logdebugx("%s: delaying IPv4 for %0.1f seconds", 3914 ifp->name, timespec_to_double(&tv)); 3915 3916 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, dhcp_start1, ifp); 3917 } 3918 3919 void 3920 dhcp_abort(struct interface *ifp) 3921 { 3922 struct dhcp_state *state; 3923 3924 state = D_STATE(ifp); 3925 #ifdef ARPING 3926 if (state != NULL) 3927 state->arping_index = -1; 3928 #endif 3929 3930 eloop_timeout_delete(ifp->ctx->eloop, dhcp_start1, ifp); 3931 3932 if (state != NULL && state->added) { 3933 rt_build(ifp->ctx, AF_INET); 3934 #ifdef ARP 3935 arp_announceaddr(ifp->ctx, &state->addr->addr); 3936 #endif 3937 } 3938 } 3939 3940 void 3941 dhcp_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid) 3942 { 3943 struct interface *ifp; 3944 struct dhcp_state *state; 3945 struct if_options *ifo; 3946 uint8_t i; 3947 3948 ifp = ia->iface; 3949 state = D_STATE(ifp); 3950 if (state == NULL || state->state == DHS_NONE) 3951 return; 3952 3953 if (cmd == RTM_DELADDR) { 3954 if (state->addr == ia) { 3955 loginfox("%s: pid %d deleted IP address %s", 3956 ifp->name, pid, ia->saddr); 3957 state->addr = NULL; 3958 /* Don't clear the added state as we need 3959 * to drop the lease. */ 3960 dhcp_drop(ifp, "EXPIRE"); 3961 dhcp_start1(ifp); 3962 } 3963 return; 3964 } 3965 3966 if (cmd != RTM_NEWADDR) 3967 return; 3968 3969 #ifdef IN_IFF_NOTUSEABLE 3970 if (!(ia->addr_flags & IN_IFF_NOTUSEABLE)) 3971 dhcp_finish_dad(ifp, &ia->addr); 3972 else if (ia->addr_flags & IN_IFF_DUPLICATED) 3973 dhcp_addr_duplicated(ifp, &ia->addr); 3974 #endif 3975 3976 ifo = ifp->options; 3977 if (ifo->options & DHCPCD_INFORM) { 3978 if (state->state != DHS_INFORM) 3979 dhcp_inform(ifp); 3980 return; 3981 } 3982 3983 if (!(ifo->options & DHCPCD_STATIC)) 3984 return; 3985 if (ifo->req_addr.s_addr != INADDR_ANY) 3986 return; 3987 3988 free(state->old); 3989 state->old = state->new; 3990 state->new_len = dhcp_message_new(&state->new, &ia->addr, &ia->mask); 3991 if (state->new == NULL) 3992 return; 3993 if (ifp->flags & IFF_POINTOPOINT) { 3994 for (i = 1; i < 255; i++) 3995 if (i != DHO_ROUTER && has_option_mask(ifo->dstmask,i)) 3996 dhcp_message_add_addr(state->new, i, ia->brd); 3997 } 3998 state->reason = "STATIC"; 3999 rt_build(ifp->ctx, AF_INET); 4000 script_runreason(ifp, state->reason); 4001 if (ifo->options & DHCPCD_INFORM) { 4002 state->state = DHS_INFORM; 4003 dhcp_new_xid(ifp); 4004 state->lease.server.s_addr = INADDR_ANY; 4005 state->addr = ia; 4006 dhcp_inform(ifp); 4007 } 4008 } 4009