1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * dhcpcd - DHCP client daemon 4 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 /* TODO: We should decline dupliate addresses detected */ 30 31 #include <sys/stat.h> 32 #include <sys/utsname.h> 33 34 #include <netinet/in.h> 35 36 #include <assert.h> 37 #include <ctype.h> 38 #include <errno.h> 39 #include <fcntl.h> 40 #include <inttypes.h> 41 #include <stdbool.h> 42 #include <stddef.h> 43 #include <stdlib.h> 44 #include <string.h> 45 #include <unistd.h> 46 #include <fcntl.h> 47 48 #define ELOOP_QUEUE 4 49 #include "config.h" 50 #include "common.h" 51 #include "dhcp.h" 52 #include "dhcp6.h" 53 #include "duid.h" 54 #include "eloop.h" 55 #include "if.h" 56 #include "if-options.h" 57 #include "ipv6nd.h" 58 #include "logerr.h" 59 #include "script.h" 60 61 #ifdef HAVE_SYS_BITOPS_H 62 #include <sys/bitops.h> 63 #else 64 #include "compat/bitops.h" 65 #endif 66 67 /* DHCPCD Project has been assigned an IANA PEN of 40712 */ 68 #define DHCPCD_IANA_PEN 40712 69 70 /* Unsure if I want this */ 71 //#define VENDOR_SPLIT 72 73 /* Support older systems with different defines */ 74 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO) 75 #define IPV6_RECVPKTINFO IPV6_PKTINFO 76 #endif 77 78 #ifdef DHCP6 79 80 /* Assert the correct structure size for on wire */ 81 struct dhcp6_message { 82 uint8_t type; 83 uint8_t xid[3]; 84 /* followed by options */ 85 }; 86 __CTASSERT(sizeof(struct dhcp6_message) == 4); 87 88 struct dhcp6_option { 89 uint16_t code; 90 uint16_t len; 91 /* followed by data */ 92 }; 93 __CTASSERT(sizeof(struct dhcp6_option) == 4); 94 95 struct dhcp6_ia_na { 96 uint8_t iaid[4]; 97 uint32_t t1; 98 uint32_t t2; 99 }; 100 __CTASSERT(sizeof(struct dhcp6_ia_na) == 12); 101 102 struct dhcp6_ia_ta { 103 uint8_t iaid[4]; 104 }; 105 __CTASSERT(sizeof(struct dhcp6_ia_ta) == 4); 106 107 struct dhcp6_ia_addr { 108 struct in6_addr addr; 109 uint32_t pltime; 110 uint32_t vltime; 111 }; 112 __CTASSERT(sizeof(struct dhcp6_ia_addr) == 16 + 8); 113 114 /* XXX FIXME: This is the only packed structure and it does not align. 115 * Maybe manually decode it? */ 116 struct dhcp6_pd_addr { 117 uint32_t pltime; 118 uint32_t vltime; 119 uint8_t prefix_len; 120 struct in6_addr prefix; 121 } __packed; 122 __CTASSERT(sizeof(struct dhcp6_pd_addr) == 8 + 1 + 16); 123 124 struct dhcp6_op { 125 uint16_t type; 126 const char *name; 127 }; 128 129 static const struct dhcp6_op dhcp6_ops[] = { 130 { DHCP6_SOLICIT, "SOLICIT6" }, 131 { DHCP6_ADVERTISE, "ADVERTISE6" }, 132 { DHCP6_REQUEST, "REQUEST6" }, 133 { DHCP6_REPLY, "REPLY6" }, 134 { DHCP6_RENEW, "RENEW6" }, 135 { DHCP6_REBIND, "REBIND6" }, 136 { DHCP6_CONFIRM, "CONFIRM6" }, 137 { DHCP6_INFORMATION_REQ, "INFORM6" }, 138 { DHCP6_RELEASE, "RELEASE6" }, 139 { DHCP6_RECONFIGURE, "RECONFIGURE6" }, 140 { 0, NULL } 141 }; 142 143 struct dhcp_compat { 144 uint8_t dhcp_opt; 145 uint16_t dhcp6_opt; 146 }; 147 148 const struct dhcp_compat dhcp_compats[] = { 149 { DHO_DNSSERVER, D6_OPTION_DNS_SERVERS }, 150 { DHO_HOSTNAME, D6_OPTION_FQDN }, 151 { DHO_DNSDOMAIN, D6_OPTION_FQDN }, 152 { DHO_NISSERVER, D6_OPTION_NIS_SERVERS }, 153 { DHO_NTPSERVER, D6_OPTION_SNTP_SERVERS }, 154 { DHO_RAPIDCOMMIT, D6_OPTION_RAPID_COMMIT }, 155 { DHO_FQDN, D6_OPTION_FQDN }, 156 { DHO_VIVCO, D6_OPTION_VENDOR_CLASS }, 157 { DHO_VIVSO, D6_OPTION_VENDOR_OPTS }, 158 { DHO_DNSSEARCH, D6_OPTION_DOMAIN_LIST }, 159 { 0, 0 } 160 }; 161 162 static const char * const dhcp6_statuses[] = { 163 "Success", 164 "Unspecified Failure", 165 "No Addresses Available", 166 "No Binding", 167 "Not On Link", 168 "Use Multicast", 169 "No Prefix Available" 170 }; 171 172 static void dhcp6_bind(struct interface *, const char *, const char *); 173 static void dhcp6_failinform(void *); 174 static int dhcp6_listen(struct dhcpcd_ctx *, struct ipv6_addr *); 175 static void dhcp6_recvaddr(void *); 176 177 void 178 dhcp6_printoptions(const struct dhcpcd_ctx *ctx, 179 const struct dhcp_opt *opts, size_t opts_len) 180 { 181 size_t i, j; 182 const struct dhcp_opt *opt, *opt2; 183 int cols; 184 185 for (i = 0, opt = ctx->dhcp6_opts; 186 i < ctx->dhcp6_opts_len; i++, opt++) 187 { 188 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 189 if (opt2->option == opt->option) 190 break; 191 if (j == opts_len) { 192 cols = printf("%05d %s", opt->option, opt->var); 193 dhcp_print_option_encoding(opt, cols); 194 } 195 } 196 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 197 cols = printf("%05d %s", opt->option, opt->var); 198 dhcp_print_option_encoding(opt, cols); 199 } 200 } 201 202 static size_t 203 dhcp6_makeuser(void *data, const struct interface *ifp) 204 { 205 const struct if_options *ifo = ifp->options; 206 struct dhcp6_option o; 207 uint8_t *p; 208 const uint8_t *up, *ue; 209 uint16_t ulen, unlen; 210 size_t olen; 211 212 /* Convert the DHCPv4 user class option to DHCPv6 */ 213 up = ifo->userclass; 214 ulen = *up++; 215 if (ulen == 0) 216 return 0; 217 218 p = data; 219 olen = 0; 220 if (p != NULL) 221 p += sizeof(o); 222 223 ue = up + ulen; 224 for (; up < ue; up += ulen) { 225 ulen = *up++; 226 olen += sizeof(ulen) + ulen; 227 if (data == NULL) 228 continue; 229 unlen = htons(ulen); 230 memcpy(p, &unlen, sizeof(unlen)); 231 p += sizeof(unlen); 232 memcpy(p, up, ulen); 233 p += ulen; 234 } 235 if (data != NULL) { 236 o.code = htons(D6_OPTION_USER_CLASS); 237 o.len = htons((uint16_t)olen); 238 memcpy(data, &o, sizeof(o)); 239 } 240 241 return sizeof(o) + olen; 242 } 243 244 static size_t 245 dhcp6_makevendor(void *data, const struct interface *ifp) 246 { 247 const struct if_options *ifo; 248 size_t len, i; 249 uint8_t *p; 250 ssize_t vlen; 251 const struct vivco *vivco; 252 char vendor[VENDORCLASSID_MAX_LEN]; 253 struct dhcp6_option o; 254 255 ifo = ifp->options; 256 len = sizeof(uint32_t); /* IANA PEN */ 257 if (ifo->vivco_en) { 258 for (i = 0, vivco = ifo->vivco; 259 i < ifo->vivco_len; 260 i++, vivco++) 261 len += sizeof(uint16_t) + vivco->len; 262 vlen = 0; /* silence bogus gcc warning */ 263 } else { 264 vlen = dhcp_vendor(vendor, sizeof(vendor)); 265 if (vlen == -1) 266 vlen = 0; 267 else 268 len += sizeof(uint16_t) + (size_t)vlen; 269 } 270 271 if (len > UINT16_MAX) { 272 logerrx("%s: DHCPv6 Vendor Class too big", ifp->name); 273 return 0; 274 } 275 276 if (data != NULL) { 277 uint32_t pen; 278 uint16_t hvlen; 279 280 p = data; 281 o.code = htons(D6_OPTION_VENDOR_CLASS); 282 o.len = htons((uint16_t)len); 283 memcpy(p, &o, sizeof(o)); 284 p += sizeof(o); 285 pen = htonl(ifo->vivco_en ? ifo->vivco_en : DHCPCD_IANA_PEN); 286 memcpy(p, &pen, sizeof(pen)); 287 p += sizeof(pen); 288 289 if (ifo->vivco_en) { 290 for (i = 0, vivco = ifo->vivco; 291 i < ifo->vivco_len; 292 i++, vivco++) 293 { 294 hvlen = htons((uint16_t)vivco->len); 295 memcpy(p, &hvlen, sizeof(hvlen)); 296 p += sizeof(hvlen); 297 memcpy(p, vivco->data, vivco->len); 298 p += vivco->len; 299 } 300 } else if (vlen) { 301 hvlen = htons((uint16_t)vlen); 302 memcpy(p, &hvlen, sizeof(hvlen)); 303 p += sizeof(hvlen); 304 memcpy(p, vendor, (size_t)vlen); 305 } 306 } 307 308 return sizeof(o) + len; 309 } 310 311 static void * 312 dhcp6_findoption(void *data, size_t data_len, uint16_t code, uint16_t *len) 313 { 314 uint8_t *d; 315 struct dhcp6_option o; 316 317 code = htons(code); 318 for (d = data; data_len != 0; d += o.len, data_len -= o.len) { 319 if (data_len < sizeof(o)) { 320 errno = EINVAL; 321 return NULL; 322 } 323 memcpy(&o, d, sizeof(o)); 324 d += sizeof(o); 325 data_len -= sizeof(o); 326 o.len = htons(o.len); 327 if (data_len < o.len) { 328 errno = EINVAL; 329 return NULL; 330 } 331 if (o.code == code) { 332 if (len != NULL) 333 *len = o.len; 334 return d; 335 } 336 } 337 338 errno = ENOENT; 339 return NULL; 340 } 341 342 static void * 343 dhcp6_findmoption(void *data, size_t data_len, uint16_t code, 344 uint16_t *len) 345 { 346 uint8_t *d; 347 348 if (data_len < sizeof(struct dhcp6_message)) { 349 errno = EINVAL; 350 return false; 351 } 352 d = data; 353 d += sizeof(struct dhcp6_message); 354 data_len -= sizeof(struct dhcp6_message); 355 return dhcp6_findoption(d, data_len, code, len); 356 } 357 358 static const uint8_t * 359 dhcp6_getoption(struct dhcpcd_ctx *ctx, 360 size_t *os, unsigned int *code, size_t *len, 361 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 362 { 363 struct dhcp6_option o; 364 size_t i; 365 struct dhcp_opt *opt; 366 367 if (od != NULL) { 368 *os = sizeof(o); 369 if (ol < *os) { 370 errno = EINVAL; 371 return NULL; 372 } 373 memcpy(&o, od, sizeof(o)); 374 *len = ntohs(o.len); 375 if (*len > ol - *os) { 376 errno = ERANGE; 377 return NULL; 378 } 379 *code = ntohs(o.code); 380 } 381 382 *oopt = NULL; 383 for (i = 0, opt = ctx->dhcp6_opts; 384 i < ctx->dhcp6_opts_len; i++, opt++) 385 { 386 if (opt->option == *code) { 387 *oopt = opt; 388 break; 389 } 390 } 391 392 if (od != NULL) 393 return od + sizeof(o); 394 return NULL; 395 } 396 397 static bool 398 dhcp6_updateelapsed(struct interface *ifp, struct dhcp6_message *m, size_t len) 399 { 400 uint8_t *opt; 401 uint16_t opt_len; 402 struct dhcp6_state *state; 403 struct timespec tv; 404 time_t hsec; 405 uint16_t sec; 406 407 opt = dhcp6_findmoption(m, len, D6_OPTION_ELAPSED, &opt_len); 408 if (opt == NULL) 409 return false; 410 if (opt_len != sizeof(sec)) { 411 errno = EINVAL; 412 return false; 413 } 414 415 state = D6_STATE(ifp); 416 clock_gettime(CLOCK_MONOTONIC, &tv); 417 if (state->RTC == 0) { 418 /* An RTC of zero means we're the first message 419 * out of the door, so the elapsed time is zero. */ 420 state->started = tv; 421 hsec = 0; 422 } else { 423 timespecsub(&tv, &state->started, &tv); 424 /* Elapsed time is measured in centiseconds. 425 * We need to be sure it will not potentially overflow. */ 426 if (tv.tv_sec >= (UINT16_MAX / CSEC_PER_SEC) + 1) 427 hsec = UINT16_MAX; 428 else { 429 hsec = (tv.tv_sec * CSEC_PER_SEC) + 430 (tv.tv_nsec / NSEC_PER_CSEC); 431 if (hsec > UINT16_MAX) 432 hsec = UINT16_MAX; 433 } 434 } 435 sec = htons((uint16_t)hsec); 436 memcpy(opt, &sec, sizeof(sec)); 437 return true; 438 } 439 440 static void 441 dhcp6_newxid(const struct interface *ifp, struct dhcp6_message *m) 442 { 443 const struct interface *ifp1; 444 const struct dhcp6_state *state1; 445 uint32_t xid; 446 447 if (ifp->options->options & DHCPCD_XID_HWADDR && 448 ifp->hwlen >= sizeof(xid)) 449 /* The lower bits are probably more unique on the network */ 450 memcpy(&xid, (ifp->hwaddr + ifp->hwlen) - sizeof(xid), 451 sizeof(xid)); 452 else { 453 again: 454 xid = arc4random(); 455 } 456 457 m->xid[0] = (xid >> 16) & 0xff; 458 m->xid[1] = (xid >> 8) & 0xff; 459 m->xid[2] = xid & 0xff; 460 461 /* Ensure it's unique */ 462 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 463 if (ifp == ifp1) 464 continue; 465 if ((state1 = D6_CSTATE(ifp1)) == NULL) 466 continue; 467 if (state1->send != NULL && 468 state1->send->xid[0] == m->xid[0] && 469 state1->send->xid[1] == m->xid[1] && 470 state1->send->xid[2] == m->xid[2]) 471 break; 472 } 473 474 if (ifp1 != NULL) { 475 if (ifp->options->options & DHCPCD_XID_HWADDR && 476 ifp->hwlen >= sizeof(xid)) 477 { 478 logerrx("%s: duplicate xid on %s", 479 ifp->name, ifp1->name); 480 return; 481 } 482 goto again; 483 } 484 } 485 486 #ifndef SMALL 487 static const struct if_sla * 488 dhcp6_findselfsla(struct interface *ifp) 489 { 490 size_t i, j; 491 struct if_ia *ia; 492 493 for (i = 0; i < ifp->options->ia_len; i++) { 494 ia = &ifp->options->ia[i]; 495 if (ia->ia_type != D6_OPTION_IA_PD) 496 continue; 497 for (j = 0; j < ia->sla_len; j++) { 498 if (strcmp(ia->sla[j].ifname, ifp->name) == 0) 499 return &ia->sla[j]; 500 } 501 } 502 return NULL; 503 } 504 505 static int 506 dhcp6_delegateaddr(struct in6_addr *addr, struct interface *ifp, 507 const struct ipv6_addr *prefix, const struct if_sla *sla, struct if_ia *ia) 508 { 509 struct dhcp6_state *state; 510 struct if_sla asla; 511 char sabuf[INET6_ADDRSTRLEN]; 512 const char *sa; 513 514 state = D6_STATE(ifp); 515 if (state == NULL) { 516 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 517 state = D6_STATE(ifp); 518 if (state == NULL) { 519 logerr(__func__); 520 return -1; 521 } 522 523 TAILQ_INIT(&state->addrs); 524 state->state = DH6S_DELEGATED; 525 state->reason = "DELEGATED6"; 526 } 527 528 if (sla == NULL || sla->sla_set == 0) { 529 /* No SLA set, so make an assumption of 530 * desired SLA and prefix length. */ 531 asla.sla = ifp->index; 532 asla.prefix_len = 0; 533 asla.sla_set = 0; 534 sla = &asla; 535 } else if (sla->prefix_len == 0) { 536 /* An SLA was given, but prefix length was not. 537 * We need to work out a suitable prefix length for 538 * potentially more than one interface. */ 539 asla.sla = sla->sla; 540 asla.prefix_len = 0; 541 asla.sla_set = 0; 542 sla = &asla; 543 } 544 545 if (sla->prefix_len == 0) { 546 uint32_t sla_max; 547 int bits; 548 549 if (ia->sla_max == 0) { 550 const struct interface *ifi; 551 552 sla_max = 0; 553 TAILQ_FOREACH(ifi, ifp->ctx->ifaces, next) { 554 if (ifi->index > sla_max) 555 sla_max = ifi->index; 556 } 557 } else 558 sla_max = ia->sla_max; 559 560 bits = fls32(sla_max); 561 562 if (prefix->prefix_len + bits > (int)UINT8_MAX) 563 asla.prefix_len = UINT8_MAX; 564 else { 565 asla.prefix_len = (uint8_t)(prefix->prefix_len + bits); 566 567 /* Make a 64 prefix by default, as this makes SLAAC 568 * possible. 569 * Otherwise round up to the nearest 4 bits. */ 570 if (asla.prefix_len <= 64) 571 asla.prefix_len = 64; 572 else 573 asla.prefix_len = 574 (uint8_t)ROUNDUP4(asla.prefix_len); 575 } 576 577 #define BIT(n) (1UL << (n)) 578 #define BIT_MASK(len) (BIT(len) - 1) 579 if (ia->sla_max == 0) { 580 /* Work out the real sla_max from our bits used */ 581 bits = asla.prefix_len - prefix->prefix_len; 582 /* Make static analysis happy. 583 * Bits cannot be bigger than 32 thanks to fls32. */ 584 assert(bits <= 32); 585 ia->sla_max = (uint32_t)BIT_MASK(bits); 586 } 587 } 588 589 if (ipv6_userprefix(&prefix->prefix, prefix->prefix_len, 590 sla->sla, addr, sla->prefix_len) == -1) 591 { 592 sa = inet_ntop(AF_INET6, &prefix->prefix, 593 sabuf, sizeof(sabuf)); 594 logerr("%s: invalid prefix %s/%d + %d/%d", 595 ifp->name, sa, prefix->prefix_len, 596 sla->sla, sla->prefix_len); 597 return -1; 598 } 599 600 if (prefix->prefix_exclude_len && 601 IN6_ARE_ADDR_EQUAL(addr, &prefix->prefix_exclude)) 602 { 603 sa = inet_ntop(AF_INET6, &prefix->prefix_exclude, 604 sabuf, sizeof(sabuf)); 605 logerrx("%s: cannot delegate excluded prefix %s/%d", 606 ifp->name, sa, prefix->prefix_exclude_len); 607 return -1; 608 } 609 610 return sla->prefix_len; 611 } 612 #endif 613 614 static int 615 dhcp6_makemessage(struct interface *ifp) 616 { 617 struct dhcp6_state *state; 618 struct dhcp6_message *m; 619 struct dhcp6_option o; 620 uint8_t *p, *si, *unicast, IA; 621 size_t n, l, len, ml, hl; 622 uint8_t type; 623 uint16_t si_len, uni_len, n_options; 624 uint8_t *o_lenp; 625 struct if_options *ifo; 626 const struct dhcp_opt *opt, *opt2; 627 const struct ipv6_addr *ap; 628 char hbuf[HOSTNAME_MAX_LEN + 1]; 629 const char *hostname; 630 int fqdn; 631 struct dhcp6_ia_na ia_na; 632 uint16_t ia_na_len; 633 struct if_ia *ifia; 634 #ifdef AUTH 635 uint16_t auth_len; 636 #endif 637 638 state = D6_STATE(ifp); 639 if (state->send) { 640 free(state->send); 641 state->send = NULL; 642 } 643 644 ifo = ifp->options; 645 fqdn = ifo->fqdn; 646 647 if (fqdn == FQDN_DISABLE && ifo->options & DHCPCD_HOSTNAME) { 648 /* We're sending the DHCPv4 hostname option, so send FQDN as 649 * DHCPv6 has no FQDN option and DHCPv4 must not send 650 * hostname and FQDN according to RFC4702 */ 651 fqdn = FQDN_BOTH; 652 } 653 if (fqdn != FQDN_DISABLE) 654 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo); 655 else 656 hostname = NULL; /* appearse gcc */ 657 658 /* Work out option size first */ 659 n_options = 0; 660 len = 0; 661 si = NULL; 662 hl = 0; /* Appease gcc */ 663 if (state->state != DH6S_RELEASE) { 664 for (l = 0, opt = ifp->ctx->dhcp6_opts; 665 l < ifp->ctx->dhcp6_opts_len; 666 l++, opt++) 667 { 668 for (n = 0, opt2 = ifo->dhcp6_override; 669 n < ifo->dhcp6_override_len; 670 n++, opt2++) 671 { 672 if (opt->option == opt2->option) 673 break; 674 } 675 if (n < ifo->dhcp6_override_len) 676 continue; 677 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 678 continue; 679 n_options++; 680 len += sizeof(o.len); 681 } 682 #ifndef SMALL 683 for (l = 0, opt = ifo->dhcp6_override; 684 l < ifo->dhcp6_override_len; 685 l++, opt++) 686 { 687 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 688 continue; 689 n_options++; 690 len += sizeof(o.len); 691 } 692 if (dhcp6_findselfsla(ifp)) { 693 n_options++; 694 len += sizeof(o.len); 695 } 696 #endif 697 if (len) 698 len += sizeof(o); 699 700 if (fqdn != FQDN_DISABLE) { 701 hl = encode_rfc1035(hostname, NULL); 702 len += sizeof(o) + 1 + hl; 703 } 704 705 if (ifo->mudurl[0]) 706 len += sizeof(o) + ifo->mudurl[0]; 707 708 #ifdef AUTH 709 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 710 DHCPCD_AUTH_SENDREQUIRE) 711 len += sizeof(o); /* Reconfigure Accept */ 712 #endif 713 } 714 715 len += sizeof(*state->send); 716 len += sizeof(o) + ifp->ctx->duid_len; 717 len += sizeof(o) + sizeof(uint16_t); /* elapsed */ 718 if (!has_option_mask(ifo->nomask6, D6_OPTION_USER_CLASS)) 719 len += dhcp6_makeuser(NULL, ifp); 720 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_CLASS)) 721 len += dhcp6_makevendor(NULL, ifp); 722 723 /* IA */ 724 m = NULL; 725 ml = 0; 726 switch(state->state) { 727 case DH6S_REQUEST: 728 m = state->recv; 729 ml = state->recv_len; 730 /* FALLTHROUGH */ 731 case DH6S_RELEASE: 732 /* FALLTHROUGH */ 733 case DH6S_RENEW: 734 if (m == NULL) { 735 m = state->new; 736 ml = state->new_len; 737 } 738 si = dhcp6_findmoption(m, ml, D6_OPTION_SERVERID, &si_len); 739 if (si == NULL) 740 return -1; 741 len += sizeof(o) + si_len; 742 /* FALLTHROUGH */ 743 case DH6S_REBIND: 744 /* FALLTHROUGH */ 745 case DH6S_CONFIRM: 746 /* FALLTHROUGH */ 747 case DH6S_DISCOVER: 748 if (m == NULL) { 749 m = state->new; 750 ml = state->new_len; 751 } 752 TAILQ_FOREACH(ap, &state->addrs, next) { 753 if (ap->flags & IPV6_AF_STALE) 754 continue; 755 if (ap->prefix_vltime == 0 && 756 !(ap->flags & IPV6_AF_REQUEST)) 757 continue; 758 if (ap->ia_type == D6_OPTION_IA_PD) { 759 #ifndef SMALL 760 len += sizeof(o) + sizeof(struct dhcp6_pd_addr); 761 if (ap->prefix_exclude_len) 762 len += sizeof(o) + 1 + 763 (uint8_t)((ap->prefix_exclude_len - 764 ap->prefix_len - 1) / NBBY) + 1; 765 #endif 766 } else 767 len += sizeof(o) + sizeof(struct dhcp6_ia_addr); 768 } 769 /* FALLTHROUGH */ 770 case DH6S_INIT: 771 for (l = 0; l < ifo->ia_len; l++) { 772 len += sizeof(o) + sizeof(uint32_t); /* IAID */ 773 /* IA_TA does not have T1 or T2 timers */ 774 if (ifo->ia[l].ia_type != D6_OPTION_IA_TA) 775 len += sizeof(uint32_t) + sizeof(uint32_t); 776 } 777 IA = 1; 778 break; 779 default: 780 IA = 0; 781 } 782 783 if (state->state == DH6S_DISCOVER && 784 !(ifp->ctx->options & DHCPCD_TEST) && 785 has_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT)) 786 len += sizeof(o); 787 788 if (m == NULL) { 789 m = state->new; 790 ml = state->new_len; 791 } 792 793 switch(state->state) { 794 case DH6S_INIT: /* FALLTHROUGH */ 795 case DH6S_DISCOVER: 796 type = DHCP6_SOLICIT; 797 break; 798 case DH6S_REQUEST: 799 type = DHCP6_REQUEST; 800 break; 801 case DH6S_CONFIRM: 802 type = DHCP6_CONFIRM; 803 break; 804 case DH6S_REBIND: 805 type = DHCP6_REBIND; 806 break; 807 case DH6S_RENEW: 808 type = DHCP6_RENEW; 809 break; 810 case DH6S_INFORM: 811 type = DHCP6_INFORMATION_REQ; 812 break; 813 case DH6S_RELEASE: 814 type = DHCP6_RELEASE; 815 break; 816 default: 817 errno = EINVAL; 818 return -1; 819 } 820 821 switch(state->state) { 822 case DH6S_REQUEST: /* FALLTHROUGH */ 823 case DH6S_RENEW: /* FALLTHROUGH */ 824 case DH6S_RELEASE: 825 if (has_option_mask(ifo->nomask6, D6_OPTION_UNICAST)) { 826 unicast = NULL; 827 break; 828 } 829 unicast = dhcp6_findmoption(m, ml, D6_OPTION_UNICAST, &uni_len); 830 break; 831 default: 832 unicast = NULL; 833 break; 834 } 835 836 /* In non master mode we listen and send from fixed addresses. 837 * We should try and match an address we have to unicast to, 838 * but for now this is the safest policy. */ 839 if (unicast != NULL && !(ifp->ctx->options & DHCPCD_MASTER)) { 840 logdebugx("%s: ignoring unicast option as not master", 841 ifp->name); 842 unicast = NULL; 843 } 844 845 #ifdef AUTH 846 auth_len = 0; 847 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 848 ssize_t alen = dhcp_auth_encode(&ifo->auth, 849 state->auth.token, NULL, 0, 6, type, NULL, 0); 850 if (alen != -1 && alen > UINT16_MAX) { 851 errno = ERANGE; 852 alen = -1; 853 } 854 if (alen == -1) 855 logerr("%s: %s: dhcp_auth_encode", __func__, ifp->name); 856 else if (alen != 0) { 857 auth_len = (uint16_t)alen; 858 len += sizeof(o) + auth_len; 859 } 860 } 861 #endif 862 863 state->send = malloc(len); 864 if (state->send == NULL) 865 return -1; 866 867 state->send_len = len; 868 state->send->type = type; 869 870 /* If we found a unicast option, copy it to our state for sending */ 871 if (unicast && uni_len == sizeof(state->unicast)) 872 memcpy(&state->unicast, unicast, sizeof(state->unicast)); 873 else 874 state->unicast = in6addr_any; 875 876 dhcp6_newxid(ifp, state->send); 877 878 #define COPYIN1(_code, _len) { \ 879 o.code = htons((_code)); \ 880 o.len = htons((_len)); \ 881 memcpy(p, &o, sizeof(o)); \ 882 p += sizeof(o); \ 883 } 884 #define COPYIN(_code, _data, _len) { \ 885 COPYIN1((_code), (_len)); \ 886 if ((_len) != 0) { \ 887 memcpy(p, (_data), (_len)); \ 888 p += (_len); \ 889 } \ 890 } 891 #define NEXTLEN (p + offsetof(struct dhcp6_option, len)) 892 893 p = (uint8_t *)state->send + sizeof(*state->send); 894 COPYIN(D6_OPTION_CLIENTID, ifp->ctx->duid, 895 (uint16_t)ifp->ctx->duid_len); 896 897 if (si != NULL) 898 COPYIN(D6_OPTION_SERVERID, si, si_len); 899 900 si_len = 0; 901 COPYIN(D6_OPTION_ELAPSED, &si_len, sizeof(si_len)); 902 903 if (!has_option_mask(ifo->nomask6, D6_OPTION_USER_CLASS)) 904 p += dhcp6_makeuser(p, ifp); 905 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_CLASS)) 906 p += dhcp6_makevendor(p, ifp); 907 908 if (state->state == DH6S_DISCOVER && 909 !(ifp->ctx->options & DHCPCD_TEST) && 910 has_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT)) 911 COPYIN1(D6_OPTION_RAPID_COMMIT, 0); 912 913 for (l = 0; IA && l < ifo->ia_len; l++) { 914 ifia = &ifo->ia[l]; 915 o_lenp = NEXTLEN; 916 /* TA structure is the same as the others, 917 * it just lacks the T1 and T2 timers. 918 * These happen to be at the end of the struct, 919 * so we just don't copy them in. */ 920 if (ifia->ia_type == D6_OPTION_IA_TA) 921 ia_na_len = sizeof(struct dhcp6_ia_ta); 922 else 923 ia_na_len = sizeof(ia_na); 924 memcpy(ia_na.iaid, ifia->iaid, sizeof(ia_na.iaid)); 925 ia_na.t1 = 0; 926 ia_na.t2 = 0; 927 COPYIN(ifia->ia_type, &ia_na, ia_na_len); 928 TAILQ_FOREACH(ap, &state->addrs, next) { 929 if (ap->flags & IPV6_AF_STALE) 930 continue; 931 if (ap->prefix_vltime == 0 && 932 !(ap->flags & IPV6_AF_REQUEST)) 933 continue; 934 if (ap->ia_type != ifia->ia_type) 935 continue; 936 if (memcmp(ap->iaid, ifia->iaid, sizeof(ap->iaid))) 937 continue; 938 if (ap->ia_type == D6_OPTION_IA_PD) { 939 #ifndef SMALL 940 struct dhcp6_pd_addr pdp; 941 942 pdp.pltime = htonl(ap->prefix_pltime); 943 pdp.vltime = htonl(ap->prefix_vltime); 944 pdp.prefix_len = ap->prefix_len; 945 /* pdp.prefix is not aligned, so copy it in. */ 946 memcpy(&pdp.prefix, &ap->prefix, sizeof(pdp.prefix)); 947 COPYIN(D6_OPTION_IAPREFIX, &pdp, sizeof(pdp)); 948 ia_na_len = (uint16_t) 949 (ia_na_len + sizeof(o) + sizeof(pdp)); 950 951 /* RFC6603 Section 4.2 */ 952 if (ap->prefix_exclude_len) { 953 uint8_t exb[16], *ep, u8; 954 const uint8_t *pp; 955 956 n = (size_t)((ap->prefix_exclude_len - 957 ap->prefix_len - 1) / NBBY) + 1; 958 ep = exb; 959 *ep++ = (uint8_t)ap->prefix_exclude_len; 960 pp = ap->prefix_exclude.s6_addr; 961 pp += (size_t) 962 ((ap->prefix_len - 1) / NBBY) + 963 (n - 1); 964 u8 = ap->prefix_len % NBBY; 965 if (u8) 966 n--; 967 while (n-- > 0) 968 *ep++ = *pp--; 969 if (u8) 970 *ep = (uint8_t)(*pp << u8); 971 n++; 972 COPYIN(D6_OPTION_PD_EXCLUDE, exb, 973 (uint16_t)n); 974 ia_na_len = (uint16_t) 975 (ia_na_len + sizeof(o) + n); 976 } 977 #endif 978 } else { 979 struct dhcp6_ia_addr ia; 980 981 ia.addr = ap->addr; 982 ia.pltime = htonl(ap->prefix_pltime); 983 ia.vltime = htonl(ap->prefix_vltime); 984 COPYIN(D6_OPTION_IA_ADDR, &ia, sizeof(ia)); 985 ia_na_len = (uint16_t) 986 (ia_na_len + sizeof(o) + sizeof(ia)); 987 } 988 } 989 990 /* Update the total option lenth. */ 991 ia_na_len = htons(ia_na_len); 992 memcpy(o_lenp, &ia_na_len, sizeof(ia_na_len)); 993 } 994 995 if (state->send->type != DHCP6_RELEASE) { 996 if (fqdn != FQDN_DISABLE) { 997 o_lenp = NEXTLEN; 998 COPYIN1(D6_OPTION_FQDN, 0); 999 if (hl == 0) 1000 *p = D6_FQDN_NONE; 1001 else { 1002 switch (fqdn) { 1003 case FQDN_BOTH: 1004 *p = D6_FQDN_BOTH; 1005 break; 1006 case FQDN_PTR: 1007 *p = D6_FQDN_PTR; 1008 break; 1009 default: 1010 *p = D6_FQDN_NONE; 1011 break; 1012 } 1013 } 1014 p++; 1015 encode_rfc1035(hostname, p); 1016 p += hl; 1017 o.len = htons((uint16_t)(hl + 1)); 1018 memcpy(o_lenp, &o.len, sizeof(o.len)); 1019 } 1020 1021 if (ifo->mudurl[0]) 1022 COPYIN(D6_OPTION_MUDURL, 1023 ifo->mudurl + 1, ifo->mudurl[0]); 1024 1025 #ifdef AUTH 1026 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 1027 DHCPCD_AUTH_SENDREQUIRE && 1028 !has_option_mask(ifo->nomask6, D6_OPTION_RECONF_ACCEPT)) 1029 COPYIN1(D6_OPTION_RECONF_ACCEPT, 0); 1030 #endif 1031 1032 if (n_options) { 1033 o_lenp = NEXTLEN; 1034 o.len = 0; 1035 COPYIN1(D6_OPTION_ORO, 0); 1036 for (l = 0, opt = ifp->ctx->dhcp6_opts; 1037 l < ifp->ctx->dhcp6_opts_len; 1038 l++, opt++) 1039 { 1040 #ifndef SMALL 1041 for (n = 0, opt2 = ifo->dhcp6_override; 1042 n < ifo->dhcp6_override_len; 1043 n++, opt2++) 1044 { 1045 if (opt->option == opt2->option) 1046 break; 1047 } 1048 if (n < ifo->dhcp6_override_len) 1049 continue; 1050 #endif 1051 if (!DHC_REQOPT(opt, ifo->requestmask6, 1052 ifo->nomask6)) 1053 continue; 1054 o.code = htons((uint16_t)opt->option); 1055 memcpy(p, &o.code, sizeof(o.code)); 1056 p += sizeof(o.code); 1057 o.len = (uint16_t)(o.len + sizeof(o.code)); 1058 } 1059 #ifndef SMALL 1060 for (l = 0, opt = ifo->dhcp6_override; 1061 l < ifo->dhcp6_override_len; 1062 l++, opt++) 1063 { 1064 if (!DHC_REQOPT(opt, ifo->requestmask6, 1065 ifo->nomask6)) 1066 continue; 1067 o.code = htons((uint16_t)opt->option); 1068 memcpy(p, &o.code, sizeof(o.code)); 1069 p += sizeof(o.code); 1070 o.len = (uint16_t)(o.len + sizeof(o.code)); 1071 } 1072 if (dhcp6_findselfsla(ifp)) { 1073 o.code = htons(D6_OPTION_PD_EXCLUDE); 1074 memcpy(p, &o.code, sizeof(o.code)); 1075 p += sizeof(o.code); 1076 o.len = (uint16_t)(o.len + sizeof(o.code)); 1077 } 1078 #endif 1079 o.len = htons(o.len); 1080 memcpy(o_lenp, &o.len, sizeof(o.len)); 1081 } 1082 } 1083 1084 #ifdef AUTH 1085 /* This has to be the last option */ 1086 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) { 1087 COPYIN1(D6_OPTION_AUTH, auth_len); 1088 /* data will be filled at send message time */ 1089 } 1090 #endif 1091 1092 return 0; 1093 } 1094 1095 static const char * 1096 dhcp6_get_op(uint16_t type) 1097 { 1098 const struct dhcp6_op *d; 1099 1100 for (d = dhcp6_ops; d->name; d++) 1101 if (d->type == type) 1102 return d->name; 1103 return NULL; 1104 } 1105 1106 static void 1107 dhcp6_freedrop_addrs(struct interface *ifp, int drop, 1108 const struct interface *ifd) 1109 { 1110 struct dhcp6_state *state; 1111 1112 state = D6_STATE(ifp); 1113 if (state) { 1114 ipv6_freedrop_addrs(&state->addrs, drop, ifd); 1115 if (drop) 1116 rt_build(ifp->ctx, AF_INET6); 1117 } 1118 } 1119 1120 #ifndef SMALL 1121 static void dhcp6_delete_delegates(struct interface *ifp) 1122 { 1123 struct interface *ifp0; 1124 1125 if (ifp->ctx->ifaces) { 1126 TAILQ_FOREACH(ifp0, ifp->ctx->ifaces, next) { 1127 if (ifp0 != ifp) 1128 dhcp6_freedrop_addrs(ifp0, 1, ifp); 1129 } 1130 } 1131 } 1132 #endif 1133 1134 #ifdef AUTH 1135 static ssize_t 1136 dhcp6_update_auth(struct interface *ifp, struct dhcp6_message *m, size_t len) 1137 { 1138 struct dhcp6_state *state; 1139 uint8_t *opt; 1140 uint16_t opt_len; 1141 1142 opt = dhcp6_findmoption(m, len, D6_OPTION_AUTH, &opt_len); 1143 if (opt == NULL) 1144 return -1; 1145 1146 state = D6_STATE(ifp); 1147 return dhcp_auth_encode(&ifp->options->auth, state->auth.token, 1148 (uint8_t *)state->send, state->send_len, 1149 6, state->send->type, opt, opt_len); 1150 } 1151 #endif 1152 1153 static int 1154 dhcp6_sendmessage(struct interface *ifp, void (*callback)(void *)) 1155 { 1156 struct dhcp6_state *state = D6_STATE(ifp); 1157 struct dhcpcd_ctx *ctx = ifp->ctx; 1158 struct sockaddr_in6 dst = { 1159 .sin6_family = AF_INET6, 1160 .sin6_port = htons(DHCP6_SERVER_PORT), 1161 }; 1162 struct timespec RTprev; 1163 double rnd; 1164 time_t ms; 1165 uint8_t neg; 1166 const char *broad_uni; 1167 const struct in6_addr alldhcp = IN6ADDR_LINKLOCAL_ALLDHCP_INIT; 1168 struct ipv6_addr *lla; 1169 int s; 1170 struct iovec iov = { 1171 .iov_base = state->send, .iov_len = state->send_len, 1172 }; 1173 unsigned char ctl[CMSG_SPACE(sizeof(struct in6_pktinfo))] = { 0 }; 1174 struct msghdr msg = { 1175 .msg_name = &dst, .msg_namelen = sizeof(dst), 1176 .msg_iov = &iov, .msg_iovlen = 1, 1177 }; 1178 1179 if (!callback && ifp->carrier <= LINK_DOWN) 1180 return 0; 1181 1182 #ifdef HAVE_SA_LEN 1183 dst.sin6_len = sizeof(dst); 1184 #endif 1185 1186 lla = ipv6_linklocal(ifp); 1187 /* We need to ensure we have sufficient scope to unicast the address */ 1188 /* XXX FIXME: We should check any added addresses we have like from 1189 * a Router Advertisement */ 1190 if (IN6_IS_ADDR_UNSPECIFIED(&state->unicast) || 1191 (state->state == DH6S_REQUEST && 1192 (!IN6_IS_ADDR_LINKLOCAL(&state->unicast) || lla == NULL))) 1193 { 1194 dst.sin6_addr = alldhcp; 1195 broad_uni = "broadcasting"; 1196 } else { 1197 dst.sin6_addr = state->unicast; 1198 broad_uni = "unicasting"; 1199 } 1200 1201 if (!callback) 1202 logdebugx("%s: %s %s with xid 0x%02x%02x%02x", 1203 ifp->name, 1204 broad_uni, 1205 dhcp6_get_op(state->send->type), 1206 state->send->xid[0], 1207 state->send->xid[1], 1208 state->send->xid[2]); 1209 else { 1210 if (state->IMD && 1211 !(ifp->options->options & DHCPCD_INITIAL_DELAY)) 1212 state->IMD = 0; 1213 if (state->IMD) { 1214 /* Some buggy PPP servers close the link too early 1215 * after sending an invalid status in their reply 1216 * which means this host won't see it. 1217 * 1 second grace seems to be the sweet spot. */ 1218 if (ifp->flags & IFF_POINTOPOINT) 1219 state->RT.tv_sec = 1; 1220 else 1221 state->RT.tv_sec = 0; 1222 state->RT.tv_nsec = (suseconds_t)arc4random_uniform( 1223 (uint32_t)(state->IMD * NSEC_PER_SEC)); 1224 timespecnorm(&state->RT); 1225 broad_uni = "delaying"; 1226 goto logsend; 1227 } 1228 if (state->RTC == 0) { 1229 RTprev.tv_sec = state->IRT; 1230 RTprev.tv_nsec = 0; 1231 state->RT.tv_sec = RTprev.tv_sec; 1232 state->RT.tv_nsec = 0; 1233 } else { 1234 RTprev = state->RT; 1235 timespecadd(&state->RT, &state->RT, &state->RT); 1236 } 1237 1238 rnd = DHCP6_RAND_MIN; 1239 rnd += (suseconds_t)arc4random_uniform( 1240 DHCP6_RAND_MAX - DHCP6_RAND_MIN); 1241 rnd /= MSEC_PER_SEC; 1242 neg = (rnd < 0.0); 1243 if (neg) 1244 rnd = -rnd; 1245 ts_to_ms(ms, &RTprev); 1246 ms = (time_t)((double)ms * rnd); 1247 ms_to_ts(&RTprev, ms); 1248 if (neg) 1249 timespecsub(&state->RT, &RTprev, &state->RT); 1250 else 1251 timespecadd(&state->RT, &RTprev, &state->RT); 1252 1253 if (state->MRT != 0 && state->RT.tv_sec > state->MRT) { 1254 RTprev.tv_sec = state->MRT; 1255 RTprev.tv_nsec = 0; 1256 state->RT.tv_sec = state->MRT; 1257 state->RT.tv_nsec = 0; 1258 ts_to_ms(ms, &RTprev); 1259 ms = (time_t)((double)ms * rnd); 1260 ms_to_ts(&RTprev, ms); 1261 if (neg) 1262 timespecsub(&state->RT, &RTprev, &state->RT); 1263 else 1264 timespecadd(&state->RT, &RTprev, &state->RT); 1265 } 1266 1267 logsend: 1268 if (ifp->carrier > LINK_DOWN) 1269 logdebugx("%s: %s %s (xid 0x%02x%02x%02x)," 1270 " next in %0.1f seconds", 1271 ifp->name, 1272 broad_uni, 1273 dhcp6_get_op(state->send->type), 1274 state->send->xid[0], 1275 state->send->xid[1], 1276 state->send->xid[2], 1277 timespec_to_double(&state->RT)); 1278 1279 /* This sometimes happens when we delegate to this interface 1280 * AND run DHCPv6 on it normally. */ 1281 assert(timespec_to_double(&state->RT) != 0); 1282 1283 /* Wait the initial delay */ 1284 if (state->IMD != 0) { 1285 state->IMD = 0; 1286 eloop_timeout_add_tv(ctx->eloop, 1287 &state->RT, callback, ifp); 1288 return 0; 1289 } 1290 } 1291 1292 if (ifp->carrier <= LINK_DOWN) 1293 return 0; 1294 1295 /* Update the elapsed time */ 1296 dhcp6_updateelapsed(ifp, state->send, state->send_len); 1297 #ifdef AUTH 1298 if (ifp->options->auth.options & DHCPCD_AUTH_SEND && 1299 dhcp6_update_auth(ifp, state->send, state->send_len) == -1) 1300 { 1301 logerr("%s: %s: dhcp6_updateauth", __func__, ifp->name); 1302 if (errno != ESRCH) 1303 return -1; 1304 } 1305 #endif 1306 1307 /* Set the outbound interface */ 1308 if (IN6_ARE_ADDR_EQUAL(&dst.sin6_addr, &alldhcp)) { 1309 struct cmsghdr *cm; 1310 struct in6_pktinfo pi = { .ipi6_ifindex = ifp->index }; 1311 1312 dst.sin6_scope_id = ifp->index; 1313 msg.msg_control = ctl; 1314 msg.msg_controllen = sizeof(ctl); 1315 cm = CMSG_FIRSTHDR(&msg); 1316 if (cm == NULL) /* unlikely */ 1317 return -1; 1318 cm->cmsg_level = IPPROTO_IPV6; 1319 cm->cmsg_type = IPV6_PKTINFO; 1320 cm->cmsg_len = CMSG_LEN(sizeof(pi)); 1321 memcpy(CMSG_DATA(cm), &pi, sizeof(pi)); 1322 } 1323 1324 if (ctx->dhcp6_fd != -1) 1325 s = ctx->dhcp6_fd; 1326 else if (lla != NULL && lla->dhcp6_fd != -1) 1327 s = lla->dhcp6_fd; 1328 else { 1329 logerrx("%s: no socket to send from", ifp->name); 1330 return -1; 1331 } 1332 1333 if (sendmsg(s, &msg, 0) == -1) { 1334 logerr("%s: %s: sendmsg", __func__, ifp->name); 1335 /* Allow DHCPv6 to continue .... the errors 1336 * would be rate limited by the protocol. 1337 * Generally the error is ENOBUFS when struggling to 1338 * associate with an access point. */ 1339 } 1340 1341 state->RTC++; 1342 if (callback) { 1343 if (state->MRC == 0 || state->RTC < state->MRC) 1344 eloop_timeout_add_tv(ctx->eloop, 1345 &state->RT, callback, ifp); 1346 else if (state->MRC != 0 && state->MRCcallback) 1347 eloop_timeout_add_tv(ctx->eloop, 1348 &state->RT, state->MRCcallback, ifp); 1349 else 1350 logwarnx("%s: sent %d times with no reply", 1351 ifp->name, state->RTC); 1352 } 1353 return 0; 1354 } 1355 1356 static void 1357 dhcp6_sendinform(void *arg) 1358 { 1359 1360 dhcp6_sendmessage(arg, dhcp6_sendinform); 1361 } 1362 1363 static void 1364 dhcp6_senddiscover(void *arg) 1365 { 1366 1367 dhcp6_sendmessage(arg, dhcp6_senddiscover); 1368 } 1369 1370 static void 1371 dhcp6_sendrequest(void *arg) 1372 { 1373 1374 dhcp6_sendmessage(arg, dhcp6_sendrequest); 1375 } 1376 1377 static void 1378 dhcp6_sendrebind(void *arg) 1379 { 1380 1381 dhcp6_sendmessage(arg, dhcp6_sendrebind); 1382 } 1383 1384 static void 1385 dhcp6_sendrenew(void *arg) 1386 { 1387 1388 dhcp6_sendmessage(arg, dhcp6_sendrenew); 1389 } 1390 1391 static void 1392 dhcp6_sendconfirm(void *arg) 1393 { 1394 1395 dhcp6_sendmessage(arg, dhcp6_sendconfirm); 1396 } 1397 1398 static void 1399 dhcp6_sendrelease(void *arg) 1400 { 1401 1402 dhcp6_sendmessage(arg, dhcp6_sendrelease); 1403 } 1404 1405 static void 1406 dhcp6_startrenew(void *arg) 1407 { 1408 struct interface *ifp; 1409 struct dhcp6_state *state; 1410 1411 ifp = arg; 1412 if ((state = D6_STATE(ifp)) == NULL) 1413 return; 1414 1415 /* Only renew in the bound or renew states */ 1416 if (state->state != DH6S_BOUND && 1417 state->state != DH6S_RENEW) 1418 return; 1419 1420 /* Remove the timeout as the renew may have been forced. */ 1421 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_startrenew, ifp); 1422 1423 state->state = DH6S_RENEW; 1424 state->RTC = 0; 1425 state->IMD = REN_MAX_DELAY; 1426 state->IRT = REN_TIMEOUT; 1427 state->MRT = REN_MAX_RT; 1428 state->MRC = 0; 1429 1430 if (dhcp6_makemessage(ifp) == -1) 1431 logerr("%s: %s", __func__, ifp->name); 1432 else 1433 dhcp6_sendrenew(ifp); 1434 } 1435 1436 void dhcp6_renew(struct interface *ifp) 1437 { 1438 1439 dhcp6_startrenew(ifp); 1440 } 1441 1442 int 1443 dhcp6_dadcompleted(const struct interface *ifp) 1444 { 1445 const struct dhcp6_state *state; 1446 const struct ipv6_addr *ap; 1447 1448 state = D6_CSTATE(ifp); 1449 TAILQ_FOREACH(ap, &state->addrs, next) { 1450 if (ap->flags & IPV6_AF_ADDED && 1451 !(ap->flags & IPV6_AF_DADCOMPLETED)) 1452 return 0; 1453 } 1454 return 1; 1455 } 1456 1457 static void 1458 dhcp6_dadcallback(void *arg) 1459 { 1460 struct ipv6_addr *ia = arg; 1461 struct interface *ifp; 1462 struct dhcp6_state *state; 1463 int wascompleted, valid; 1464 1465 wascompleted = (ia->flags & IPV6_AF_DADCOMPLETED); 1466 ia->flags |= IPV6_AF_DADCOMPLETED; 1467 if (ia->flags & IPV6_AF_DUPLICATED) { 1468 /* XXX FIXME 1469 * We should decline the address */ 1470 logwarnx("%s: DAD detected %s", ia->iface->name, ia->saddr); 1471 } 1472 1473 if (!wascompleted) { 1474 ifp = ia->iface; 1475 1476 state = D6_STATE(ifp); 1477 if (state->state == DH6S_BOUND || 1478 state->state == DH6S_DELEGATED) 1479 { 1480 struct ipv6_addr *ia2; 1481 1482 #ifdef SMALL 1483 valid = true; 1484 #else 1485 valid = (ia->delegating_prefix == NULL); 1486 #endif 1487 TAILQ_FOREACH(ia2, &state->addrs, next) { 1488 if (ia2->flags & IPV6_AF_ADDED && 1489 !(ia2->flags & IPV6_AF_DADCOMPLETED)) 1490 { 1491 wascompleted = 1; 1492 break; 1493 } 1494 } 1495 if (!wascompleted) { 1496 logdebugx("%s: DHCPv6 DAD completed", 1497 ifp->name); 1498 script_runreason(ifp, 1499 #ifndef SMALL 1500 ia->delegating_prefix ? "DELEGATED6" : 1501 #endif 1502 state->reason); 1503 if (valid) 1504 dhcpcd_daemonise(ifp->ctx); 1505 } 1506 #ifdef ND6_ADVERTISE 1507 ipv6nd_advertise(ia); 1508 #endif 1509 } 1510 } 1511 } 1512 1513 static void 1514 dhcp6_addrequestedaddrs(struct interface *ifp) 1515 { 1516 struct dhcp6_state *state; 1517 size_t i; 1518 struct if_ia *ia; 1519 struct ipv6_addr *a; 1520 1521 state = D6_STATE(ifp); 1522 /* Add any requested prefixes / addresses */ 1523 for (i = 0; i < ifp->options->ia_len; i++) { 1524 ia = &ifp->options->ia[i]; 1525 if (!((ia->ia_type == D6_OPTION_IA_PD && ia->prefix_len) || 1526 !IN6_IS_ADDR_UNSPECIFIED(&ia->addr))) 1527 continue; 1528 a = ipv6_newaddr(ifp, &ia->addr, 1529 /* 1530 * RFC 5942 Section 5 1531 * We cannot assume any prefix length, nor tie the 1532 * address to an existing one as it could expire 1533 * before the address. 1534 * As such we just give it a 128 prefix. 1535 */ 1536 ia->ia_type == D6_OPTION_IA_PD ? ia->prefix_len : 128, 1537 IPV6_AF_REQUEST); 1538 if (a == NULL) 1539 continue; 1540 a->dadcallback = dhcp6_dadcallback; 1541 memcpy(&a->iaid, &ia->iaid, sizeof(a->iaid)); 1542 a->ia_type = ia->ia_type; 1543 TAILQ_INSERT_TAIL(&state->addrs, a, next); 1544 } 1545 } 1546 1547 static void 1548 dhcp6_startdiscover(void *arg) 1549 { 1550 struct interface *ifp; 1551 struct dhcp6_state *state; 1552 1553 ifp = arg; 1554 #ifndef SMALL 1555 dhcp6_delete_delegates(ifp); 1556 #endif 1557 loginfox("%s: soliciting a DHCPv6 lease", ifp->name); 1558 state = D6_STATE(ifp); 1559 state->state = DH6S_DISCOVER; 1560 state->RTC = 0; 1561 state->IMD = SOL_MAX_DELAY; 1562 state->IRT = SOL_TIMEOUT; 1563 state->MRT = state->sol_max_rt; 1564 state->MRC = SOL_MAX_RC; 1565 1566 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1567 free(state->new); 1568 state->new = NULL; 1569 state->new_len = 0; 1570 1571 if (dhcp6_makemessage(ifp) == -1) 1572 logerr("%s: %s", __func__, ifp->name); 1573 else 1574 dhcp6_senddiscover(ifp); 1575 } 1576 1577 static void 1578 dhcp6_startinform(void *arg) 1579 { 1580 struct interface *ifp; 1581 struct dhcp6_state *state; 1582 1583 ifp = arg; 1584 state = D6_STATE(ifp); 1585 if (state->new == NULL || ifp->options->options & DHCPCD_DEBUG) 1586 loginfox("%s: requesting DHCPv6 information", ifp->name); 1587 state->state = DH6S_INFORM; 1588 state->RTC = 0; 1589 state->IMD = INF_MAX_DELAY; 1590 state->IRT = INF_TIMEOUT; 1591 state->MRT = state->inf_max_rt; 1592 state->MRC = 0; 1593 1594 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1595 if (dhcp6_makemessage(ifp) == -1) { 1596 logerr("%s: %s", __func__, ifp->name); 1597 return; 1598 } 1599 dhcp6_sendinform(ifp); 1600 /* RFC3315 18.1.2 says that if CONFIRM failed then the prior addresses 1601 * SHOULD be used. The wording here is poor, because the addresses are 1602 * merely one facet of the lease as a whole. 1603 * This poor wording might explain the lack of similar text for INFORM 1604 * in 18.1.5 because there are no addresses in the INFORM message. */ 1605 eloop_timeout_add_sec(ifp->ctx->eloop, 1606 INF_MAX_RD, dhcp6_failinform, ifp); 1607 } 1608 1609 static void 1610 dhcp6_fail(struct interface *ifp) 1611 { 1612 struct dhcp6_state *state = D6_STATE(ifp); 1613 1614 /* RFC3315 18.1.2 says that prior addresses SHOULD be used on failure. 1615 * RFC2131 3.2.3 says that MAY chose to use the prior address. 1616 * Because dhcpcd was written first for RFC2131, we have the LASTLEASE 1617 * option which defaults to off as that makes the most sense for 1618 * mobile clients. 1619 * dhcpcd also has LASTLEASE_EXTEND to extend this lease past it's 1620 * expiry, but this is strictly not RFC compliant in any way or form. */ 1621 if (state->new == NULL || 1622 !(ifp->options->options & DHCPCD_LASTLEASE)) 1623 { 1624 #ifndef SMALL 1625 dhcp6_delete_delegates(ifp); 1626 #endif 1627 if (state->state != DH6S_INFORM) 1628 dhcp6_startdiscover(ifp); 1629 return; 1630 } 1631 1632 switch (state->state) { 1633 case DH6S_INFORM: 1634 case DH6S_INFORMED: 1635 state->state = DH6S_ITIMEDOUT; 1636 break; 1637 default: 1638 state->state = DH6S_TIMEDOUT; 1639 break; 1640 } 1641 1642 dhcp6_bind(ifp, NULL, NULL); 1643 1644 switch (state->state) { 1645 case DH6S_BOUND: 1646 case DH6S_INFORMED: 1647 break; 1648 default: 1649 dhcp6_startdiscover(ifp); 1650 break; 1651 } 1652 } 1653 1654 static void 1655 dhcp6_failconfirm(void *arg) 1656 { 1657 struct interface *ifp; 1658 1659 ifp = arg; 1660 logerrx("%s: failed to confirm prior address", ifp->name); 1661 dhcp6_fail(ifp); 1662 } 1663 1664 static void 1665 dhcp6_failrequest(void *arg) 1666 { 1667 struct interface *ifp; 1668 1669 ifp = arg; 1670 logerrx("%s: failed to request address", ifp->name); 1671 dhcp6_fail(ifp); 1672 } 1673 1674 static void 1675 dhcp6_failinform(void *arg) 1676 { 1677 struct interface *ifp; 1678 1679 ifp = arg; 1680 logerrx("%s: failed to request information", ifp->name); 1681 dhcp6_fail(ifp); 1682 } 1683 1684 #ifdef SMALL 1685 #define dhcp6_hasprefixdelegation(a) (0) 1686 #else 1687 static void 1688 dhcp6_failrebind(void *arg) 1689 { 1690 struct interface *ifp; 1691 1692 ifp = arg; 1693 logerrx("%s: failed to rebind prior delegation", ifp->name); 1694 dhcp6_fail(ifp); 1695 } 1696 1697 static int 1698 dhcp6_hasprefixdelegation(struct interface *ifp) 1699 { 1700 size_t i; 1701 uint16_t t; 1702 1703 t = 0; 1704 for (i = 0; i < ifp->options->ia_len; i++) { 1705 if (t && t != ifp->options->ia[i].ia_type) { 1706 if (t == D6_OPTION_IA_PD || 1707 ifp->options->ia[i].ia_type == D6_OPTION_IA_PD) 1708 return 2; 1709 } 1710 t = ifp->options->ia[i].ia_type; 1711 } 1712 return t == D6_OPTION_IA_PD ? 1 : 0; 1713 } 1714 #endif 1715 1716 static void 1717 dhcp6_startrebind(void *arg) 1718 { 1719 struct interface *ifp; 1720 struct dhcp6_state *state; 1721 #ifndef SMALL 1722 int pd; 1723 #endif 1724 1725 ifp = arg; 1726 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrenew, ifp); 1727 state = D6_STATE(ifp); 1728 if (state->state == DH6S_RENEW) 1729 logwarnx("%s: failed to renew DHCPv6, rebinding", ifp->name); 1730 else 1731 loginfox("%s: rebinding prior DHCPv6 lease", ifp->name); 1732 state->state = DH6S_REBIND; 1733 state->RTC = 0; 1734 state->MRC = 0; 1735 1736 #ifndef SMALL 1737 /* RFC 3633 section 12.1 */ 1738 pd = dhcp6_hasprefixdelegation(ifp); 1739 if (pd) { 1740 state->IMD = CNF_MAX_DELAY; 1741 state->IRT = CNF_TIMEOUT; 1742 state->MRT = CNF_MAX_RT; 1743 } else 1744 #endif 1745 { 1746 state->IMD = REB_MAX_DELAY; 1747 state->IRT = REB_TIMEOUT; 1748 state->MRT = REB_MAX_RT; 1749 } 1750 1751 if (dhcp6_makemessage(ifp) == -1) 1752 logerr("%s: %s", __func__, ifp->name); 1753 else 1754 dhcp6_sendrebind(ifp); 1755 1756 #ifndef SMALL 1757 /* RFC 3633 section 12.1 */ 1758 if (pd) 1759 eloop_timeout_add_sec(ifp->ctx->eloop, 1760 CNF_MAX_RD, dhcp6_failrebind, ifp); 1761 #endif 1762 } 1763 1764 1765 static void 1766 dhcp6_startrequest(struct interface *ifp) 1767 { 1768 struct dhcp6_state *state; 1769 1770 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_senddiscover, ifp); 1771 state = D6_STATE(ifp); 1772 state->state = DH6S_REQUEST; 1773 state->RTC = 0; 1774 state->IMD = 0; 1775 state->IRT = REQ_TIMEOUT; 1776 state->MRT = REQ_MAX_RT; 1777 state->MRC = REQ_MAX_RC; 1778 state->MRCcallback = dhcp6_failrequest; 1779 1780 if (dhcp6_makemessage(ifp) == -1) { 1781 logerr("%s: %s", __func__, ifp->name); 1782 return; 1783 } 1784 1785 dhcp6_sendrequest(ifp); 1786 } 1787 1788 static void 1789 dhcp6_startconfirm(struct interface *ifp) 1790 { 1791 struct dhcp6_state *state; 1792 1793 state = D6_STATE(ifp); 1794 state->state = DH6S_CONFIRM; 1795 state->RTC = 0; 1796 state->IMD = CNF_MAX_DELAY; 1797 state->IRT = CNF_TIMEOUT; 1798 state->MRT = CNF_MAX_RT; 1799 state->MRC = CNF_MAX_RC; 1800 1801 loginfox("%s: confirming prior DHCPv6 lease", ifp->name); 1802 if (dhcp6_makemessage(ifp) == -1) { 1803 logerr("%s: %s", __func__, ifp->name); 1804 return; 1805 } 1806 dhcp6_sendconfirm(ifp); 1807 eloop_timeout_add_sec(ifp->ctx->eloop, 1808 CNF_MAX_RD, dhcp6_failconfirm, ifp); 1809 } 1810 1811 static void 1812 dhcp6_leaseextend(struct interface *ifp) 1813 { 1814 struct dhcp6_state *state = D6_STATE(ifp); 1815 struct ipv6_addr *ia; 1816 1817 logwarnx("%s: extending DHCPv6 lease", ifp->name); 1818 TAILQ_FOREACH(ia, &state->addrs, next) { 1819 ia->flags |= IPV6_AF_EXTENDED; 1820 /* Set infinite lifetimes. */ 1821 ia->prefix_pltime = ND6_INFINITE_LIFETIME; 1822 ia->prefix_vltime = ND6_INFINITE_LIFETIME; 1823 } 1824 } 1825 1826 static void 1827 dhcp6_startexpire(void *arg) 1828 { 1829 struct interface *ifp; 1830 1831 ifp = arg; 1832 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrebind, ifp); 1833 1834 logerrx("%s: DHCPv6 lease expired", ifp->name); 1835 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) { 1836 struct dhcp6_state *state = D6_STATE(ifp); 1837 1838 dhcp6_leaseextend(ifp); 1839 ipv6_addaddrs(&state->addrs); 1840 } else { 1841 dhcp6_freedrop_addrs(ifp, 1, NULL); 1842 #ifndef SMALL 1843 dhcp6_delete_delegates(ifp); 1844 #endif 1845 script_runreason(ifp, "EXPIRE6"); 1846 } 1847 if (!(ifp->options->options & DHCPCD_IPV6RS) || 1848 ipv6nd_hasradhcp(ifp) || 1849 dhcp6_hasprefixdelegation(ifp)) 1850 dhcp6_startdiscover(ifp); 1851 else 1852 logwarnx("%s: no advertising IPv6 router wants DHCP",ifp->name); 1853 } 1854 1855 static void 1856 dhcp6_finishrelease(void *arg) 1857 { 1858 struct interface *ifp; 1859 struct dhcp6_state *state; 1860 1861 ifp = (struct interface *)arg; 1862 if ((state = D6_STATE(ifp)) != NULL) { 1863 state->state = DH6S_RELEASED; 1864 dhcp6_drop(ifp, "RELEASE6"); 1865 } 1866 } 1867 1868 static void 1869 dhcp6_startrelease(struct interface *ifp) 1870 { 1871 struct dhcp6_state *state; 1872 1873 state = D6_STATE(ifp); 1874 if (state->state != DH6S_BOUND) 1875 return; 1876 1877 state->state = DH6S_RELEASE; 1878 state->RTC = 0; 1879 state->IMD = REL_MAX_DELAY; 1880 state->IRT = REL_TIMEOUT; 1881 state->MRT = REL_MAX_RT; 1882 /* MRC of REL_MAX_RC is optional in RFC 3315 18.1.6 */ 1883 #if 0 1884 state->MRC = REL_MAX_RC; 1885 state->MRCcallback = dhcp6_finishrelease; 1886 #else 1887 state->MRC = 0; 1888 state->MRCcallback = NULL; 1889 #endif 1890 1891 if (dhcp6_makemessage(ifp) == -1) 1892 logerr("%s: %s", __func__, ifp->name); 1893 else { 1894 dhcp6_sendrelease(ifp); 1895 dhcp6_finishrelease(ifp); 1896 } 1897 } 1898 1899 static int 1900 dhcp6_checkstatusok(const struct interface *ifp, 1901 struct dhcp6_message *m, uint8_t *p, size_t len) 1902 { 1903 struct dhcp6_state *state; 1904 uint8_t *opt; 1905 uint16_t opt_len, code; 1906 size_t mlen; 1907 void * (*f)(void *, size_t, uint16_t, uint16_t *), *farg; 1908 char buf[32], *sbuf; 1909 const char *status; 1910 logfunc_t *logfunc; 1911 1912 state = D6_STATE(ifp); 1913 f = p ? dhcp6_findoption : dhcp6_findmoption; 1914 if (p) 1915 farg = p; 1916 else 1917 farg = m; 1918 if ((opt = f(farg, len, D6_OPTION_STATUS_CODE, &opt_len)) == NULL) { 1919 //logdebugx("%s: no status", ifp->name); 1920 state->lerror = 0; 1921 errno = ESRCH; 1922 return 0; 1923 } 1924 1925 if (opt_len < sizeof(code)) { 1926 logerrx("%s: status truncated", ifp->name); 1927 return -1; 1928 } 1929 memcpy(&code, opt, sizeof(code)); 1930 code = ntohs(code); 1931 if (code == D6_STATUS_OK) { 1932 state->lerror = 0; 1933 errno = 0; 1934 return 0; 1935 } 1936 1937 /* Anything after the code is a message. */ 1938 opt += sizeof(code); 1939 mlen = opt_len - sizeof(code); 1940 if (mlen == 0) { 1941 sbuf = NULL; 1942 if (code < sizeof(dhcp6_statuses) / sizeof(char *)) 1943 status = dhcp6_statuses[code]; 1944 else { 1945 snprintf(buf, sizeof(buf), "Unknown Status (%d)", code); 1946 status = buf; 1947 } 1948 } else { 1949 if ((sbuf = malloc(mlen + 1)) == NULL) { 1950 logerr(__func__); 1951 return -1; 1952 } 1953 memcpy(sbuf, opt, mlen); 1954 sbuf[mlen] = '\0'; 1955 status = sbuf; 1956 } 1957 1958 if (state->lerror == code || state->state == DH6S_INIT) 1959 logfunc = logdebugx; 1960 else 1961 logfunc = logerrx; 1962 logfunc("%s: DHCPv6 REPLY: %s", ifp->name, status); 1963 free(sbuf); 1964 state->lerror = code; 1965 errno = 0; 1966 return (int)code; 1967 } 1968 1969 const struct ipv6_addr * 1970 dhcp6_iffindaddr(const struct interface *ifp, const struct in6_addr *addr, 1971 unsigned int flags) 1972 { 1973 const struct dhcp6_state *state; 1974 const struct ipv6_addr *ap; 1975 1976 if ((state = D6_STATE(ifp)) != NULL) { 1977 TAILQ_FOREACH(ap, &state->addrs, next) { 1978 if (ipv6_findaddrmatch(ap, addr, flags)) 1979 return ap; 1980 } 1981 } 1982 return NULL; 1983 } 1984 1985 struct ipv6_addr * 1986 dhcp6_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr, 1987 unsigned int flags) 1988 { 1989 struct interface *ifp; 1990 struct ipv6_addr *ap; 1991 struct dhcp6_state *state; 1992 1993 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 1994 if ((state = D6_STATE(ifp)) != NULL) { 1995 TAILQ_FOREACH(ap, &state->addrs, next) { 1996 if (ipv6_findaddrmatch(ap, addr, flags)) 1997 return ap; 1998 } 1999 } 2000 } 2001 return NULL; 2002 } 2003 2004 static int 2005 dhcp6_findna(struct interface *ifp, uint16_t ot, const uint8_t *iaid, 2006 uint8_t *d, size_t l, const struct timespec *acquired) 2007 { 2008 struct dhcp6_state *state; 2009 uint8_t *o, *nd; 2010 uint16_t ol; 2011 struct ipv6_addr *a; 2012 int i; 2013 struct dhcp6_ia_addr ia; 2014 2015 i = 0; 2016 state = D6_STATE(ifp); 2017 while ((o = dhcp6_findoption(d, l, D6_OPTION_IA_ADDR, &ol))) { 2018 /* Set d and l first to ensure we find the next option. */ 2019 nd = o + ol; 2020 l -= (size_t)(nd - d); 2021 d = nd; 2022 if (ol < sizeof(ia)) { 2023 errno = EINVAL; 2024 logerrx("%s: IA Address option truncated", ifp->name); 2025 continue; 2026 } 2027 memcpy(&ia, o, sizeof(ia)); 2028 ia.pltime = ntohl(ia.pltime); 2029 ia.vltime = ntohl(ia.vltime); 2030 /* RFC 3315 22.6 */ 2031 if (ia.pltime > ia.vltime) { 2032 errno = EINVAL; 2033 logerr("%s: IA Address pltime %"PRIu32 2034 " > vltime %"PRIu32, 2035 ifp->name, ia.pltime, ia.vltime); 2036 continue; 2037 } 2038 TAILQ_FOREACH(a, &state->addrs, next) { 2039 if (ipv6_findaddrmatch(a, &ia.addr, 0)) 2040 break; 2041 } 2042 if (a == NULL) { 2043 /* 2044 * RFC 5942 Section 5 2045 * We cannot assume any prefix length, nor tie the 2046 * address to an existing one as it could expire 2047 * before the address. 2048 * As such we just give it a 128 prefix. 2049 */ 2050 a = ipv6_newaddr(ifp, &ia.addr, 128, IPV6_AF_ONLINK); 2051 a->dadcallback = dhcp6_dadcallback; 2052 a->ia_type = ot; 2053 memcpy(a->iaid, iaid, sizeof(a->iaid)); 2054 a->created = *acquired; 2055 2056 TAILQ_INSERT_TAIL(&state->addrs, a, next); 2057 } else { 2058 if (!(a->flags & IPV6_AF_ONLINK)) 2059 a->flags |= IPV6_AF_ONLINK | IPV6_AF_NEW; 2060 a->flags &= ~(IPV6_AF_STALE | IPV6_AF_EXTENDED); 2061 } 2062 a->acquired = *acquired; 2063 a->prefix_pltime = ia.pltime; 2064 if (a->prefix_vltime != ia.vltime) { 2065 a->flags |= IPV6_AF_NEW; 2066 a->prefix_vltime = ia.vltime; 2067 } 2068 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 2069 state->lowpl = a->prefix_pltime; 2070 if (a->prefix_vltime && a->prefix_vltime > state->expire) 2071 state->expire = a->prefix_vltime; 2072 i++; 2073 } 2074 return i; 2075 } 2076 2077 #ifndef SMALL 2078 static int 2079 dhcp6_findpd(struct interface *ifp, const uint8_t *iaid, 2080 uint8_t *d, size_t l, const struct timespec *acquired) 2081 { 2082 struct dhcp6_state *state; 2083 uint8_t *o, *nd; 2084 struct ipv6_addr *a; 2085 int i; 2086 uint8_t nb, *pw; 2087 uint16_t ol; 2088 struct dhcp6_pd_addr pdp; 2089 struct in6_addr pdp_prefix; 2090 2091 i = 0; 2092 state = D6_STATE(ifp); 2093 while ((o = dhcp6_findoption(d, l, D6_OPTION_IAPREFIX, &ol))) { 2094 /* Set d and l first to ensure we find the next option. */ 2095 nd = o + ol; 2096 l -= (size_t)(nd - d); 2097 d = nd; 2098 if (ol < sizeof(pdp)) { 2099 errno = EINVAL; 2100 logerrx("%s: IA Prefix option truncated", ifp->name); 2101 continue; 2102 } 2103 2104 memcpy(&pdp, o, sizeof(pdp)); 2105 pdp.pltime = ntohl(pdp.pltime); 2106 pdp.vltime = ntohl(pdp.vltime); 2107 /* RFC 3315 22.6 */ 2108 if (pdp.pltime > pdp.vltime) { 2109 errno = EINVAL; 2110 logerrx("%s: IA Prefix pltime %"PRIu32 2111 " > vltime %"PRIu32, 2112 ifp->name, pdp.pltime, pdp.vltime); 2113 continue; 2114 } 2115 2116 o += sizeof(pdp); 2117 ol = (uint16_t)(ol - sizeof(pdp)); 2118 2119 /* pdp.prefix is not aligned so copy it out. */ 2120 memcpy(&pdp_prefix, &pdp.prefix, sizeof(pdp_prefix)); 2121 TAILQ_FOREACH(a, &state->addrs, next) { 2122 if (IN6_ARE_ADDR_EQUAL(&a->prefix, &pdp_prefix)) 2123 break; 2124 } 2125 2126 if (a == NULL) { 2127 a = ipv6_newaddr(ifp, &pdp_prefix, pdp.prefix_len, 2128 IPV6_AF_DELEGATEDPFX); 2129 if (a == NULL) 2130 break; 2131 a->created = *acquired; 2132 a->dadcallback = dhcp6_dadcallback; 2133 a->ia_type = D6_OPTION_IA_PD; 2134 memcpy(a->iaid, iaid, sizeof(a->iaid)); 2135 TAILQ_INIT(&a->pd_pfxs); 2136 TAILQ_INSERT_TAIL(&state->addrs, a, next); 2137 } else { 2138 if (!(a->flags & IPV6_AF_DELEGATEDPFX)) { 2139 a->flags |= IPV6_AF_NEW | IPV6_AF_DELEGATEDPFX; 2140 TAILQ_INIT(&a->pd_pfxs); 2141 } 2142 a->flags &= ~(IPV6_AF_STALE | 2143 IPV6_AF_EXTENDED | 2144 IPV6_AF_REQUEST); 2145 if (a->prefix_vltime != pdp.vltime) 2146 a->flags |= IPV6_AF_NEW; 2147 } 2148 2149 a->acquired = *acquired; 2150 a->prefix_pltime = pdp.pltime; 2151 a->prefix_vltime = pdp.vltime; 2152 2153 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 2154 state->lowpl = a->prefix_pltime; 2155 if (a->prefix_vltime && a->prefix_vltime > state->expire) 2156 state->expire = a->prefix_vltime; 2157 i++; 2158 2159 a->prefix_exclude_len = 0; 2160 memset(&a->prefix_exclude, 0, sizeof(a->prefix_exclude)); 2161 o = dhcp6_findoption(o, ol, D6_OPTION_PD_EXCLUDE, &ol); 2162 if (o == NULL) 2163 continue; 2164 2165 /* RFC 6603 4.2 says option length MUST be between 2 and 17. 2166 * This allows 1 octet for prefix length and 16 for the 2167 * subnet ID. */ 2168 if (ol < 2 || ol > 17) { 2169 logerrx("%s: invalid PD Exclude option", ifp->name); 2170 continue; 2171 } 2172 2173 /* RFC 6603 4.2 says prefix length MUST be between the 2174 * length of the IAPREFIX prefix length + 1 and 128. */ 2175 if (*o < a->prefix_len + 1 || *o > 128) { 2176 logerrx("%s: invalid PD Exclude length", ifp->name); 2177 continue; 2178 } 2179 2180 ol--; 2181 /* Check option length matches prefix length. */ 2182 if (((*o - a->prefix_len - 1) / NBBY) + 1 != ol) { 2183 logerrx("%s: PD Exclude length mismatch", ifp->name); 2184 continue; 2185 } 2186 a->prefix_exclude_len = *o++; 2187 2188 memcpy(&a->prefix_exclude, &a->prefix, 2189 sizeof(a->prefix_exclude)); 2190 nb = a->prefix_len % NBBY; 2191 if (nb) 2192 ol--; 2193 pw = a->prefix_exclude.s6_addr + 2194 (a->prefix_exclude_len / NBBY) - 1; 2195 while (ol-- > 0) 2196 *pw-- = *o++; 2197 if (nb) 2198 *pw = (uint8_t)(*pw | (*o >> nb)); 2199 } 2200 return i; 2201 } 2202 #endif 2203 2204 static int 2205 dhcp6_findia(struct interface *ifp, struct dhcp6_message *m, size_t l, 2206 const char *sfrom, const struct timespec *acquired) 2207 { 2208 struct dhcp6_state *state; 2209 const struct if_options *ifo; 2210 struct dhcp6_option o; 2211 uint8_t *d, *p; 2212 struct dhcp6_ia_na ia; 2213 int i, e, error; 2214 size_t j; 2215 uint16_t nl; 2216 uint8_t iaid[4]; 2217 char buf[sizeof(iaid) * 3]; 2218 struct ipv6_addr *ap; 2219 struct if_ia *ifia; 2220 2221 if (l < sizeof(*m)) { 2222 /* Should be impossible with guards at packet in 2223 * and reading leases */ 2224 errno = EINVAL; 2225 return -1; 2226 } 2227 2228 ifo = ifp->options; 2229 i = e = 0; 2230 state = D6_STATE(ifp); 2231 TAILQ_FOREACH(ap, &state->addrs, next) { 2232 if (!(ap->flags & IPV6_AF_DELEGATED)) 2233 ap->flags |= IPV6_AF_STALE; 2234 } 2235 2236 d = (uint8_t *)m + sizeof(*m); 2237 l -= sizeof(*m); 2238 while (l > sizeof(o)) { 2239 memcpy(&o, d, sizeof(o)); 2240 o.len = ntohs(o.len); 2241 if (o.len > l || sizeof(o) + o.len > l) { 2242 errno = EINVAL; 2243 logerrx("%s: option overflow", ifp->name); 2244 break; 2245 } 2246 p = d + sizeof(o); 2247 d = p + o.len; 2248 l -= sizeof(o) + o.len; 2249 2250 o.code = ntohs(o.code); 2251 switch(o.code) { 2252 case D6_OPTION_IA_TA: 2253 nl = 4; 2254 break; 2255 case D6_OPTION_IA_NA: 2256 case D6_OPTION_IA_PD: 2257 nl = 12; 2258 break; 2259 default: 2260 continue; 2261 } 2262 if (o.len < nl) { 2263 errno = EINVAL; 2264 logerrx("%s: IA option truncated", ifp->name); 2265 continue; 2266 } 2267 2268 memcpy(&ia, p, nl); 2269 p += nl; 2270 o.len = (uint16_t)(o.len - nl); 2271 2272 for (j = 0; j < ifo->ia_len; j++) { 2273 ifia = &ifo->ia[j]; 2274 if (ifia->ia_type == o.code && 2275 memcmp(ifia->iaid, ia.iaid, sizeof(ia.iaid)) == 0) 2276 break; 2277 } 2278 if (j == ifo->ia_len && 2279 !(ifo->ia_len == 0 && ifp->ctx->options & DHCPCD_DUMPLEASE)) 2280 { 2281 logdebugx("%s: ignoring unrequested IAID %s", 2282 ifp->name, 2283 hwaddr_ntoa(ia.iaid, sizeof(ia.iaid), 2284 buf, sizeof(buf))); 2285 continue; 2286 } 2287 2288 if (o.code != D6_OPTION_IA_TA) { 2289 ia.t1 = ntohl(ia.t1); 2290 ia.t2 = ntohl(ia.t2); 2291 /* RFC 3315 22.4 */ 2292 if (ia.t2 > 0 && ia.t1 > ia.t2) { 2293 logwarnx("%s: IAID %s T1(%d) > T2(%d) from %s", 2294 ifp->name, 2295 hwaddr_ntoa(iaid, sizeof(iaid), buf, 2296 sizeof(buf)), 2297 ia.t1, ia.t2, sfrom); 2298 continue; 2299 } 2300 } else 2301 ia.t1 = ia.t2 = 0; /* appease gcc */ 2302 if ((error = dhcp6_checkstatusok(ifp, NULL, p, o.len)) != 0) { 2303 if (error == D6_STATUS_NOBINDING) 2304 state->has_no_binding = true; 2305 e = 1; 2306 continue; 2307 } 2308 if (o.code == D6_OPTION_IA_PD) { 2309 #ifndef SMALL 2310 if (dhcp6_findpd(ifp, ia.iaid, p, o.len, 2311 acquired) == 0) 2312 { 2313 logwarnx("%s: %s: DHCPv6 REPLY missing Prefix", 2314 ifp->name, sfrom); 2315 continue; 2316 } 2317 #endif 2318 } else { 2319 if (dhcp6_findna(ifp, o.code, ia.iaid, p, o.len, 2320 acquired) == 0) 2321 { 2322 logwarnx("%s: %s: DHCPv6 REPLY missing " 2323 "IA Address", 2324 ifp->name, sfrom); 2325 continue; 2326 } 2327 } 2328 if (o.code != D6_OPTION_IA_TA) { 2329 if (ia.t1 != 0 && 2330 (ia.t1 < state->renew || state->renew == 0)) 2331 state->renew = ia.t1; 2332 if (ia.t2 != 0 && 2333 (ia.t2 < state->rebind || state->rebind == 0)) 2334 state->rebind = ia.t2; 2335 } 2336 i++; 2337 } 2338 2339 if (i == 0 && e) 2340 return -1; 2341 return i; 2342 } 2343 2344 static void 2345 dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) 2346 { 2347 struct ipv6_addr *ia, *ian; 2348 2349 TAILQ_FOREACH_SAFE(ia, addrs, next, ian) { 2350 if (ia->flags & IPV6_AF_EXTENDED) 2351 ; 2352 else if (ia->flags & IPV6_AF_STALE) { 2353 if (ia->prefix_vltime != 0) 2354 logdebugx("%s: %s: became stale", 2355 ia->iface->name, ia->saddr); 2356 ia->prefix_pltime = 0; 2357 } else if (ia->prefix_vltime == 0) 2358 loginfox("%s: %s: no valid lifetime", 2359 ia->iface->name, ia->saddr); 2360 else 2361 continue; 2362 2363 #ifndef SMALL 2364 /* If we delegated from this prefix, deprecate or remove 2365 * the delegations. */ 2366 if (ia->flags & IPV6_AF_DELEGATEDPFX) { 2367 struct ipv6_addr *da; 2368 bool touched = false; 2369 2370 TAILQ_FOREACH(da, &ia->pd_pfxs, pd_next) { 2371 if (ia->prefix_vltime == 0) { 2372 if (da->prefix_vltime != 0) { 2373 da->prefix_vltime = 0; 2374 touched = true; 2375 } 2376 } else if (da->prefix_pltime != 0) { 2377 da->prefix_pltime = 0; 2378 touched = true; 2379 } 2380 } 2381 if (touched) 2382 ipv6_addaddrs(&ia->pd_pfxs); 2383 } 2384 #endif 2385 2386 if (ia->flags & IPV6_AF_REQUEST) { 2387 ia->prefix_vltime = ia->prefix_pltime = 0; 2388 eloop_q_timeout_delete(ia->iface->ctx->eloop, 2389 0, NULL, ia); 2390 continue; 2391 } 2392 TAILQ_REMOVE(addrs, ia, next); 2393 if (ia->flags & IPV6_AF_EXTENDED) 2394 ipv6_deleteaddr(ia); 2395 ipv6_freeaddr(ia); 2396 } 2397 } 2398 2399 static int 2400 dhcp6_validatelease(struct interface *ifp, 2401 struct dhcp6_message *m, size_t len, 2402 const char *sfrom, const struct timespec *acquired) 2403 { 2404 struct dhcp6_state *state; 2405 int nia, ok_errno; 2406 struct timespec aq; 2407 2408 if (len <= sizeof(*m)) { 2409 logerrx("%s: DHCPv6 lease truncated", ifp->name); 2410 return -1; 2411 } 2412 2413 state = D6_STATE(ifp); 2414 errno = 0; 2415 if (dhcp6_checkstatusok(ifp, m, NULL, len) != 0) 2416 return -1; 2417 ok_errno = errno; 2418 2419 state->renew = state->rebind = state->expire = 0; 2420 state->lowpl = ND6_INFINITE_LIFETIME; 2421 if (!acquired) { 2422 clock_gettime(CLOCK_MONOTONIC, &aq); 2423 acquired = &aq; 2424 } 2425 state->has_no_binding = false; 2426 nia = dhcp6_findia(ifp, m, len, sfrom, acquired); 2427 if (nia == 0) { 2428 if (state->state != DH6S_CONFIRM && ok_errno != 0) { 2429 logerrx("%s: no useable IA found in lease", ifp->name); 2430 return -1; 2431 } 2432 2433 /* We are confirming and have an OK, 2434 * so look for ia's in our old lease. 2435 * IA's must have existed here otherwise we would 2436 * have rejected it earlier. */ 2437 assert(state->new != NULL && state->new_len != 0); 2438 state->has_no_binding = false; 2439 nia = dhcp6_findia(ifp, state->new, state->new_len, 2440 sfrom, acquired); 2441 } 2442 return nia; 2443 } 2444 2445 static ssize_t 2446 dhcp6_writelease(const struct interface *ifp) 2447 { 2448 const struct dhcp6_state *state; 2449 int fd; 2450 ssize_t bytes; 2451 2452 state = D6_CSTATE(ifp); 2453 logdebugx("%s: writing lease `%s'", ifp->name, state->leasefile); 2454 2455 fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644); 2456 if (fd == -1) { 2457 logerr(__func__); 2458 return -1; 2459 } 2460 bytes = write(fd, state->new, state->new_len); 2461 close(fd); 2462 return bytes; 2463 } 2464 2465 static int 2466 dhcp6_readlease(struct interface *ifp, int validate) 2467 { 2468 struct dhcp6_state *state; 2469 struct stat st; 2470 int fd; 2471 time_t now; 2472 int retval; 2473 bool read_stdin, fd_opened; 2474 #ifdef AUTH 2475 uint8_t *o; 2476 uint16_t ol; 2477 #endif 2478 2479 state = D6_STATE(ifp); 2480 read_stdin = state->leasefile[0] == '\0'; 2481 if (read_stdin) { 2482 logdebugx("reading standard input"); 2483 fd = fileno(stdin); 2484 fd_opened = false; 2485 } else { 2486 logdebugx("%s: reading lease `%s'", ifp->name,state->leasefile); 2487 fd = open(state->leasefile, O_RDONLY); 2488 if (fd != -1 && fstat(fd, &st) == -1) { 2489 close(fd); 2490 fd = -1; 2491 } 2492 fd_opened = true; 2493 } 2494 if (fd == -1) 2495 return -1; 2496 retval = -1; 2497 free(state->new); 2498 state->new_len = dhcp_read_lease_fd(fd, (void **)&state->new); 2499 if (fd_opened) 2500 close(fd); 2501 2502 if (ifp->ctx->options & DHCPCD_DUMPLEASE || read_stdin) 2503 return 0; 2504 2505 if (state->new_len == 0) { 2506 retval = 0; 2507 goto ex; 2508 } 2509 2510 /* If not validating IA's and if they have expired, 2511 * skip to the auth check. */ 2512 if (!validate) { 2513 fd = 0; 2514 goto auth; 2515 } 2516 2517 clock_gettime(CLOCK_MONOTONIC, &state->acquired); 2518 if ((now = time(NULL)) == -1) 2519 goto ex; 2520 state->acquired.tv_sec -= now - st.st_mtime; 2521 2522 /* Check to see if the lease is still valid */ 2523 fd = dhcp6_validatelease(ifp, state->new, state->new_len, NULL, 2524 &state->acquired); 2525 if (fd == -1) 2526 goto ex; 2527 2528 if (state->expire != ND6_INFINITE_LIFETIME && 2529 (time_t)state->expire < now - st.st_mtime && 2530 !(ifp->options->options & DHCPCD_LASTLEASE_EXTEND)) 2531 { 2532 logdebugx("%s: discarding expired lease", ifp->name); 2533 retval = 0; 2534 goto ex; 2535 } 2536 2537 auth: 2538 retval = 0; 2539 #ifdef AUTH 2540 /* Authenticate the message */ 2541 o = dhcp6_findmoption(state->new, state->new_len, D6_OPTION_AUTH, &ol); 2542 if (o) { 2543 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 2544 (uint8_t *)state->new, state->new_len, 6, state->new->type, 2545 o, ol) == NULL) 2546 { 2547 logerr("%s: authentication failed", ifp->name); 2548 goto ex; 2549 } 2550 if (state->auth.token) 2551 logdebugx("%s: validated using 0x%08" PRIu32, 2552 ifp->name, state->auth.token->secretid); 2553 else 2554 loginfox("%s: accepted reconfigure key", ifp->name); 2555 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) == 2556 DHCPCD_AUTH_SENDREQUIRE) 2557 { 2558 logerrx("%s: authentication now required", ifp->name); 2559 goto ex; 2560 } 2561 #endif 2562 2563 return fd; 2564 2565 ex: 2566 dhcp6_freedrop_addrs(ifp, 0, NULL); 2567 unlink(state->leasefile); 2568 free(state->new); 2569 state->new = NULL; 2570 state->new_len = 0; 2571 return retval; 2572 } 2573 2574 static void 2575 dhcp6_startinit(struct interface *ifp) 2576 { 2577 struct dhcp6_state *state; 2578 int r; 2579 uint8_t has_ta, has_non_ta; 2580 size_t i; 2581 2582 state = D6_STATE(ifp); 2583 state->state = DH6S_INIT; 2584 state->expire = ND6_INFINITE_LIFETIME; 2585 state->lowpl = ND6_INFINITE_LIFETIME; 2586 2587 dhcp6_addrequestedaddrs(ifp); 2588 has_ta = has_non_ta = 0; 2589 for (i = 0; i < ifp->options->ia_len; i++) { 2590 switch (ifp->options->ia[i].ia_type) { 2591 case D6_OPTION_IA_TA: 2592 has_ta = 1; 2593 break; 2594 default: 2595 has_non_ta = 1; 2596 } 2597 } 2598 2599 if (!(ifp->ctx->options & DHCPCD_TEST) && 2600 !(has_ta && !has_non_ta) && 2601 ifp->options->reboot != 0) 2602 { 2603 r = dhcp6_readlease(ifp, 1); 2604 if (r == -1) { 2605 if (errno != ENOENT) 2606 logerr("%s: %s", __func__, state->leasefile); 2607 } else if (r != 0) { 2608 /* RFC 3633 section 12.1 */ 2609 #ifndef SMALL 2610 if (dhcp6_hasprefixdelegation(ifp)) 2611 dhcp6_startrebind(ifp); 2612 else 2613 #endif 2614 dhcp6_startconfirm(ifp); 2615 return; 2616 } 2617 } 2618 dhcp6_startdiscover(ifp); 2619 } 2620 2621 #ifndef SMALL 2622 static struct ipv6_addr * 2623 dhcp6_ifdelegateaddr(struct interface *ifp, struct ipv6_addr *prefix, 2624 const struct if_sla *sla, struct if_ia *if_ia) 2625 { 2626 struct dhcp6_state *state; 2627 struct in6_addr addr, daddr; 2628 struct ipv6_addr *ia; 2629 int pfxlen, dadcounter; 2630 uint64_t vl; 2631 2632 /* RFC6603 Section 4.2 */ 2633 if (strcmp(ifp->name, prefix->iface->name) == 0) { 2634 if (prefix->prefix_exclude_len == 0) { 2635 /* Don't spam the log automatically */ 2636 if (sla != NULL) 2637 logwarnx("%s: DHCPv6 server does not support " 2638 "OPTION_PD_EXCLUDE", 2639 ifp->name); 2640 return NULL; 2641 } 2642 pfxlen = prefix->prefix_exclude_len; 2643 memcpy(&addr, &prefix->prefix_exclude, sizeof(addr)); 2644 } else if ((pfxlen = dhcp6_delegateaddr(&addr, ifp, prefix, 2645 sla, if_ia)) == -1) 2646 return NULL; 2647 2648 if (sla != NULL && fls64(sla->suffix) > 128 - pfxlen) { 2649 logerrx("%s: suffix %" PRIu64 " + prefix_len %d > 128", 2650 ifp->name, sla->suffix, pfxlen); 2651 return NULL; 2652 } 2653 2654 /* Add our suffix */ 2655 if (sla != NULL && sla->suffix != 0) { 2656 daddr = addr; 2657 vl = be64dec(addr.s6_addr + 8); 2658 vl |= sla->suffix; 2659 be64enc(daddr.s6_addr + 8, vl); 2660 } else { 2661 dadcounter = ipv6_makeaddr(&daddr, ifp, &addr, pfxlen); 2662 if (dadcounter == -1) { 2663 logerrx("%s: error adding slaac to prefix_len %d", 2664 ifp->name, pfxlen); 2665 return NULL; 2666 } 2667 } 2668 2669 /* Find an existing address */ 2670 state = D6_STATE(ifp); 2671 TAILQ_FOREACH(ia, &state->addrs, next) { 2672 if (IN6_ARE_ADDR_EQUAL(&ia->addr, &daddr)) 2673 break; 2674 } 2675 if (ia == NULL) { 2676 ia = ipv6_newaddr(ifp, &daddr, (uint8_t)pfxlen, IPV6_AF_ONLINK); 2677 if (ia == NULL) 2678 return NULL; 2679 ia->dadcallback = dhcp6_dadcallback; 2680 memcpy(&ia->iaid, &prefix->iaid, sizeof(ia->iaid)); 2681 ia->created = prefix->acquired; 2682 2683 TAILQ_INSERT_TAIL(&state->addrs, ia, next); 2684 TAILQ_INSERT_TAIL(&prefix->pd_pfxs, ia, pd_next); 2685 } 2686 ia->delegating_prefix = prefix; 2687 ia->prefix = addr; 2688 ia->prefix_len = (uint8_t)pfxlen; 2689 ia->acquired = prefix->acquired; 2690 ia->prefix_pltime = prefix->prefix_pltime; 2691 ia->prefix_vltime = prefix->prefix_vltime; 2692 2693 /* If the prefix length hasn't changed, 2694 * don't install a reject route. */ 2695 if (prefix->prefix_len == pfxlen) 2696 prefix->flags |= IPV6_AF_NOREJECT; 2697 else 2698 prefix->flags &= ~IPV6_AF_NOREJECT; 2699 2700 return ia; 2701 } 2702 #endif 2703 2704 static void 2705 dhcp6_script_try_run(struct interface *ifp, int delegated) 2706 { 2707 struct dhcp6_state *state; 2708 struct ipv6_addr *ap; 2709 int completed; 2710 2711 state = D6_STATE(ifp); 2712 completed = 1; 2713 /* If all addresses have completed DAD run the script */ 2714 TAILQ_FOREACH(ap, &state->addrs, next) { 2715 if (!(ap->flags & IPV6_AF_ADDED)) 2716 continue; 2717 if (ap->flags & IPV6_AF_ONLINK) { 2718 if (!(ap->flags & IPV6_AF_DADCOMPLETED) && 2719 ipv6_iffindaddr(ap->iface, &ap->addr, 2720 IN6_IFF_TENTATIVE)) 2721 ap->flags |= IPV6_AF_DADCOMPLETED; 2722 if ((ap->flags & IPV6_AF_DADCOMPLETED) == 0 2723 #ifndef SMALL 2724 && ((delegated && ap->delegating_prefix) || 2725 (!delegated && !ap->delegating_prefix)) 2726 #endif 2727 ) 2728 { 2729 completed = 0; 2730 break; 2731 } 2732 } 2733 } 2734 if (completed) { 2735 script_runreason(ifp, delegated ? "DELEGATED6" : state->reason); 2736 if (!delegated) 2737 dhcpcd_daemonise(ifp->ctx); 2738 } else 2739 logdebugx("%s: waiting for DHCPv6 DAD to complete", ifp->name); 2740 } 2741 2742 #ifdef SMALL 2743 size_t 2744 dhcp6_find_delegates(__unused struct interface *ifp) 2745 { 2746 2747 return 0; 2748 } 2749 #else 2750 static void 2751 dhcp6_delegate_prefix(struct interface *ifp) 2752 { 2753 struct if_options *ifo; 2754 struct dhcp6_state *state; 2755 struct ipv6_addr *ap; 2756 size_t i, j, k; 2757 struct if_ia *ia; 2758 struct if_sla *sla; 2759 struct interface *ifd; 2760 bool carrier_warned; 2761 2762 ifo = ifp->options; 2763 state = D6_STATE(ifp); 2764 2765 /* Clear the logged flag. */ 2766 TAILQ_FOREACH(ap, &state->addrs, next) { 2767 ap->flags &= ~IPV6_AF_DELEGATEDLOG; 2768 } 2769 2770 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 2771 if (!ifd->active) 2772 continue; 2773 k = 0; 2774 carrier_warned = false; 2775 TAILQ_FOREACH(ap, &state->addrs, next) { 2776 if (!(ap->flags & IPV6_AF_DELEGATEDPFX)) 2777 continue; 2778 if (!(ap->flags & IPV6_AF_DELEGATEDLOG)) { 2779 logfunc_t *logfunc; 2780 2781 if (ap->flags & IPV6_AF_NEW) 2782 logfunc = loginfox; 2783 else 2784 logfunc = logdebugx; 2785 /* We only want to log this the once as we loop 2786 * through many interfaces first. */ 2787 ap->flags |= IPV6_AF_DELEGATEDLOG; 2788 logfunc("%s: delegated prefix %s", 2789 ifp->name, ap->saddr); 2790 ap->flags &= ~IPV6_AF_NEW; 2791 } 2792 for (i = 0; i < ifo->ia_len; i++) { 2793 ia = &ifo->ia[i]; 2794 if (ia->ia_type != D6_OPTION_IA_PD) 2795 continue; 2796 if (memcmp(ia->iaid, ap->iaid, 2797 sizeof(ia->iaid))) 2798 continue; 2799 if (ia->sla_len == 0) { 2800 /* no SLA configured, so lets 2801 * automate it */ 2802 if (ifd->carrier != LINK_UP) { 2803 logdebugx( 2804 "%s: has no carrier, cannot" 2805 " delegate addresses", 2806 ifd->name); 2807 carrier_warned = true; 2808 break; 2809 } 2810 if (dhcp6_ifdelegateaddr(ifd, ap, 2811 NULL, ia)) 2812 k++; 2813 } 2814 for (j = 0; j < ia->sla_len; j++) { 2815 sla = &ia->sla[j]; 2816 if (strcmp(ifd->name, sla->ifname)) 2817 continue; 2818 if (ifd->carrier != LINK_UP) { 2819 logdebugx( 2820 "%s: has no carrier, cannot" 2821 " delegate addresses", 2822 ifd->name); 2823 carrier_warned = true; 2824 break; 2825 } 2826 if (dhcp6_ifdelegateaddr(ifd, ap, 2827 sla, ia)) 2828 k++; 2829 } 2830 if (carrier_warned) 2831 break; 2832 } 2833 if (carrier_warned) 2834 break; 2835 } 2836 if (k && !carrier_warned) { 2837 struct dhcp6_state *s = D6_STATE(ifd); 2838 2839 ipv6_addaddrs(&s->addrs); 2840 dhcp6_script_try_run(ifd, 1); 2841 } 2842 } 2843 2844 /* Now all addresses have been added, rebuild the routing table. */ 2845 rt_build(ifp->ctx, AF_INET6); 2846 } 2847 2848 static void 2849 dhcp6_find_delegates1(void *arg) 2850 { 2851 2852 dhcp6_find_delegates(arg); 2853 } 2854 2855 size_t 2856 dhcp6_find_delegates(struct interface *ifp) 2857 { 2858 struct if_options *ifo; 2859 struct dhcp6_state *state; 2860 struct ipv6_addr *ap; 2861 size_t i, j, k; 2862 struct if_ia *ia; 2863 struct if_sla *sla; 2864 struct interface *ifd; 2865 2866 k = 0; 2867 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 2868 ifo = ifd->options; 2869 state = D6_STATE(ifd); 2870 if (state == NULL || state->state != DH6S_BOUND) 2871 continue; 2872 TAILQ_FOREACH(ap, &state->addrs, next) { 2873 if (!(ap->flags & IPV6_AF_DELEGATEDPFX)) 2874 continue; 2875 for (i = 0; i < ifo->ia_len; i++) { 2876 ia = &ifo->ia[i]; 2877 if (ia->ia_type != D6_OPTION_IA_PD) 2878 continue; 2879 if (memcmp(ia->iaid, ap->iaid, 2880 sizeof(ia->iaid))) 2881 continue; 2882 for (j = 0; j < ia->sla_len; j++) { 2883 sla = &ia->sla[j]; 2884 if (strcmp(ifp->name, sla->ifname)) 2885 continue; 2886 if (ipv6_linklocal(ifp) == NULL) { 2887 logdebugx( 2888 "%s: delaying adding" 2889 " delegated addresses for" 2890 " LL address", 2891 ifp->name); 2892 ipv6_addlinklocalcallback(ifp, 2893 dhcp6_find_delegates1, ifp); 2894 return 1; 2895 } 2896 if (dhcp6_ifdelegateaddr(ifp, ap, 2897 sla, ia)) 2898 k++; 2899 } 2900 } 2901 } 2902 } 2903 2904 if (k) { 2905 loginfox("%s: adding delegated prefixes", ifp->name); 2906 state = D6_STATE(ifp); 2907 state->state = DH6S_DELEGATED; 2908 ipv6_addaddrs(&state->addrs); 2909 rt_build(ifp->ctx, AF_INET6); 2910 dhcp6_script_try_run(ifp, 1); 2911 } 2912 return k; 2913 } 2914 #endif 2915 2916 static void 2917 dhcp6_bind(struct interface *ifp, const char *op, const char *sfrom) 2918 { 2919 struct dhcp6_state *state = D6_STATE(ifp); 2920 bool has_new = false; 2921 struct ipv6_addr *ia; 2922 logfunc_t *lognewinfo; 2923 struct timespec now; 2924 2925 TAILQ_FOREACH(ia, &state->addrs, next) { 2926 if (ia->flags & IPV6_AF_NEW) { 2927 has_new = true; 2928 break; 2929 } 2930 } 2931 lognewinfo = has_new ? loginfox : logdebugx; 2932 if (op != NULL) 2933 lognewinfo("%s: %s received from %s", ifp->name, op, sfrom); 2934 2935 state->reason = NULL; 2936 if (state->state != DH6S_ITIMEDOUT) 2937 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2938 switch(state->state) { 2939 case DH6S_INFORM: 2940 if (state->reason == NULL) 2941 state->reason = "INFORM6"; 2942 /* FALLTHROUGH */ 2943 case DH6S_ITIMEDOUT: 2944 { 2945 struct dhcp6_option *o; 2946 uint16_t ol; 2947 2948 if (state->reason == NULL) 2949 state->reason = "ITIMEDOUT"; 2950 o = dhcp6_findmoption(state->new, state->new_len, 2951 D6_OPTION_INFO_REFRESH_TIME, &ol); 2952 if (o == NULL || ol != sizeof(uint32_t)) 2953 state->renew = IRT_DEFAULT; 2954 else { 2955 memcpy(&state->renew, o, ol); 2956 state->renew = ntohl(state->renew); 2957 if (state->renew < IRT_MINIMUM) 2958 state->renew = IRT_MINIMUM; 2959 } 2960 state->rebind = 0; 2961 state->expire = ND6_INFINITE_LIFETIME; 2962 state->lowpl = ND6_INFINITE_LIFETIME; 2963 } 2964 break; 2965 2966 case DH6S_REQUEST: 2967 if (state->reason == NULL) 2968 state->reason = "BOUND6"; 2969 /* FALLTHROUGH */ 2970 case DH6S_RENEW: 2971 if (state->reason == NULL) 2972 state->reason = "RENEW6"; 2973 /* FALLTHROUGH */ 2974 case DH6S_REBIND: 2975 if (state->reason == NULL) 2976 state->reason = "REBIND6"; 2977 /* FALLTHROUGH */ 2978 case DH6S_CONFIRM: 2979 if (state->reason == NULL) 2980 state->reason = "REBOOT6"; 2981 /* FALLTHROUGH */ 2982 case DH6S_TIMEDOUT: 2983 if (state->reason == NULL) 2984 state->reason = "TIMEOUT6"; 2985 if (state->renew != 0) { 2986 bool all_expired = true; 2987 2988 TAILQ_FOREACH(ia, &state->addrs, next) { 2989 if (ia->flags & IPV6_AF_STALE) 2990 continue; 2991 if (!(state->renew == ND6_INFINITE_LIFETIME && 2992 ia->prefix_vltime == ND6_INFINITE_LIFETIME) 2993 && ia->prefix_vltime <= state->renew) 2994 logwarnx( 2995 "%s: %s will expire before renewal", 2996 ifp->name, ia->saddr); 2997 else 2998 all_expired = false; 2999 } 3000 if (all_expired) { 3001 /* All address's vltime happens at or before 3002 * the configured T1 in the IA. 3003 * This is a badly configured server and we 3004 * have to use our own notion of what 3005 * T1 and T2 should be as a result. 3006 * 3007 * Doing this violates RFC 3315 22.4: 3008 * In a message sent by a server to a client, 3009 * the client MUST use the values in the T1 3010 * and T2 fields for the T1 and T2 parameters, 3011 * unless those values in those fields are 0. 3012 */ 3013 logwarnx("%s: ignoring T1 %"PRIu32 3014 " due to address expiry", 3015 ifp->name, state->renew); 3016 state->renew = state->rebind = 0; 3017 } 3018 } 3019 if (state->renew == 0 && state->lowpl != ND6_INFINITE_LIFETIME) 3020 state->renew = (uint32_t)(state->lowpl * 0.5); 3021 if (state->rebind == 0 && state->lowpl != ND6_INFINITE_LIFETIME) 3022 state->rebind = (uint32_t)(state->lowpl * 0.8); 3023 break; 3024 default: 3025 state->reason = "UNKNOWN6"; 3026 break; 3027 } 3028 3029 clock_gettime(CLOCK_MONOTONIC, &now); 3030 if (state->state == DH6S_TIMEDOUT || state->state == DH6S_ITIMEDOUT) { 3031 struct timespec diff; 3032 uint32_t diffsec; 3033 3034 /* Reduce timers */ 3035 timespecsub(&now, &state->acquired, &diff); 3036 diffsec = (uint32_t)diff.tv_sec; 3037 if (state->renew && state->renew != ND6_INFINITE_LIFETIME) { 3038 if (state->renew > diffsec) 3039 state->renew -= diffsec; 3040 else 3041 state->renew = 0; 3042 } 3043 if (state->rebind && state->rebind != ND6_INFINITE_LIFETIME) { 3044 if (state->rebind > diffsec) 3045 state->rebind -= diffsec; 3046 else 3047 state->rebind = 0; 3048 } 3049 if (state->expire && state->expire != ND6_INFINITE_LIFETIME) { 3050 if (state->expire > diffsec) 3051 state->expire -= diffsec; 3052 else { 3053 if (!(ifp->options->options & 3054 DHCPCD_LASTLEASE_EXTEND)) 3055 return; 3056 state->expire = ND6_INFINITE_LIFETIME; 3057 } 3058 } 3059 if (state->expire == ND6_INFINITE_LIFETIME && 3060 ifp->options->options & DHCPCD_LASTLEASE_EXTEND) 3061 dhcp6_leaseextend(ifp); 3062 3063 /* Restart rebind or renew phases in a second. */ 3064 if (state->expire != ND6_INFINITE_LIFETIME) { 3065 if (state->rebind == 0 && 3066 state->rebind != ND6_INFINITE_LIFETIME) 3067 state->rebind = 1; 3068 else if (state->renew == 0 && 3069 state->renew != ND6_INFINITE_LIFETIME) 3070 state->renew = 1; 3071 } 3072 } else 3073 state->acquired = now; 3074 3075 switch (state->state) { 3076 case DH6S_CONFIRM: 3077 case DH6S_TIMEDOUT: 3078 case DH6S_ITIMEDOUT: 3079 break; 3080 default: 3081 free(state->old); 3082 state->old = state->new; 3083 state->old_len = state->new_len; 3084 state->new = state->recv; 3085 state->new_len = state->recv_len; 3086 state->recv = NULL; 3087 state->recv_len = 0; 3088 break; 3089 } 3090 3091 if (ifp->ctx->options & DHCPCD_TEST) 3092 script_runreason(ifp, "TEST"); 3093 else { 3094 bool timed_out; 3095 3096 switch(state->state) { 3097 case DH6S_TIMEDOUT: 3098 case DH6S_ITIMEDOUT: 3099 timed_out = true; 3100 break; 3101 default: 3102 timed_out = false; 3103 break; 3104 } 3105 3106 switch(state->state) { 3107 case DH6S_INFORM: 3108 case DH6S_ITIMEDOUT: 3109 state->state = DH6S_INFORMED; 3110 break; 3111 default: 3112 state->state = DH6S_BOUND; 3113 break; 3114 } 3115 3116 if (state->renew && state->renew != ND6_INFINITE_LIFETIME) 3117 eloop_timeout_add_sec(ifp->ctx->eloop, 3118 (time_t)state->renew, 3119 state->state == DH6S_INFORMED ? 3120 dhcp6_startinform : dhcp6_startrenew, ifp); 3121 if (state->rebind && state->rebind != ND6_INFINITE_LIFETIME) 3122 eloop_timeout_add_sec(ifp->ctx->eloop, 3123 (time_t)state->rebind, dhcp6_startrebind, ifp); 3124 if (state->expire != ND6_INFINITE_LIFETIME) 3125 eloop_timeout_add_sec(ifp->ctx->eloop, 3126 (time_t)state->expire, dhcp6_startexpire, ifp); 3127 else if (timed_out) 3128 eloop_timeout_add_sec(ifp->ctx->eloop, 3129 (time_t)state->expire, dhcp6_startdiscover, ifp); 3130 3131 ipv6_addaddrs(&state->addrs); 3132 dhcp6_deprecateaddrs(&state->addrs); 3133 3134 if (state->state == DH6S_INFORMED) 3135 lognewinfo("%s: refresh in %"PRIu32" seconds", 3136 ifp->name, state->renew); 3137 else if (state->renew == ND6_INFINITE_LIFETIME) 3138 lognewinfo("%s: leased for infinity", ifp->name); 3139 else if (state->renew || state->rebind) 3140 lognewinfo("%s: renew in %"PRIu32", " 3141 "rebind in %"PRIu32", " 3142 "expire in %"PRIu32" seconds", 3143 ifp->name, 3144 state->renew, state->rebind, state->expire); 3145 else if (state->expire == 0) 3146 lognewinfo("%s: will expire", ifp->name); 3147 else 3148 lognewinfo("%s: expire in %"PRIu32" seconds", 3149 ifp->name, state->expire); 3150 rt_build(ifp->ctx, AF_INET6); 3151 if (!timed_out) 3152 dhcp6_writelease(ifp); 3153 #ifndef SMALL 3154 dhcp6_delegate_prefix(ifp); 3155 #endif 3156 dhcp6_script_try_run(ifp, 0); 3157 } 3158 3159 if (ifp->ctx->options & DHCPCD_TEST || 3160 (ifp->options->options & DHCPCD_INFORM && 3161 !(ifp->ctx->options & DHCPCD_MASTER))) 3162 { 3163 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3164 } 3165 } 3166 3167 static void 3168 dhcp6_recvif(struct interface *ifp, const char *sfrom, 3169 struct dhcp6_message *r, size_t len) 3170 { 3171 struct dhcpcd_ctx *ctx; 3172 size_t i; 3173 const char *op; 3174 struct dhcp6_state *state; 3175 uint8_t *o; 3176 uint16_t ol; 3177 const struct dhcp_opt *opt; 3178 const struct if_options *ifo; 3179 bool valid_op; 3180 #ifdef AUTH 3181 uint8_t *auth; 3182 uint16_t auth_len; 3183 #endif 3184 3185 ctx = ifp->ctx; 3186 state = D6_STATE(ifp); 3187 if (state == NULL || state->send == NULL) { 3188 logdebugx("%s: DHCPv6 reply received but not running", 3189 ifp->name); 3190 return; 3191 } 3192 3193 /* We're already bound and this message is for another machine */ 3194 /* XXX DELEGATED? */ 3195 if (r->type != DHCP6_RECONFIGURE && 3196 (state->state == DH6S_BOUND || state->state == DH6S_INFORMED)) 3197 { 3198 logdebugx("%s: DHCPv6 reply received but already bound", 3199 ifp->name); 3200 return; 3201 } 3202 3203 if (dhcp6_findmoption(r, len, D6_OPTION_SERVERID, NULL) == NULL) { 3204 logdebugx("%s: no DHCPv6 server ID from %s", ifp->name, sfrom); 3205 return; 3206 } 3207 3208 ifo = ifp->options; 3209 for (i = 0, opt = ctx->dhcp6_opts; 3210 i < ctx->dhcp6_opts_len; 3211 i++, opt++) 3212 { 3213 if (has_option_mask(ifo->requiremask6, opt->option) && 3214 !dhcp6_findmoption(r, len, (uint16_t)opt->option, NULL)) 3215 { 3216 logwarnx("%s: reject DHCPv6 (no option %s) from %s", 3217 ifp->name, opt->var, sfrom); 3218 return; 3219 } 3220 if (has_option_mask(ifo->rejectmask6, opt->option) && 3221 dhcp6_findmoption(r, len, (uint16_t)opt->option, NULL)) 3222 { 3223 logwarnx("%s: reject DHCPv6 (option %s) from %s", 3224 ifp->name, opt->var, sfrom); 3225 return; 3226 } 3227 } 3228 3229 #ifdef AUTH 3230 /* Authenticate the message */ 3231 auth = dhcp6_findmoption(r, len, D6_OPTION_AUTH, &auth_len); 3232 if (auth != NULL) { 3233 if (dhcp_auth_validate(&state->auth, &ifo->auth, 3234 (uint8_t *)r, len, 6, r->type, auth, auth_len) == NULL) 3235 { 3236 logerr("%s: authentication failed from %s", 3237 ifp->name, sfrom); 3238 return; 3239 } 3240 if (state->auth.token) 3241 logdebugx("%s: validated using 0x%08" PRIu32, 3242 ifp->name, state->auth.token->secretid); 3243 else 3244 loginfox("%s: accepted reconfigure key", ifp->name); 3245 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) { 3246 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 3247 logerr("%s: no authentication from %s", 3248 ifp->name, sfrom); 3249 return; 3250 } 3251 logwarnx("%s: no authentication from %s", ifp->name, sfrom); 3252 } 3253 #endif 3254 3255 op = dhcp6_get_op(r->type); 3256 valid_op = op != NULL; 3257 switch(r->type) { 3258 case DHCP6_REPLY: 3259 switch(state->state) { 3260 case DH6S_INFORM: 3261 if (dhcp6_checkstatusok(ifp, r, NULL, len) != 0) 3262 return; 3263 break; 3264 case DH6S_CONFIRM: 3265 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3266 { 3267 dhcp6_startdiscover(ifp); 3268 return; 3269 } 3270 break; 3271 case DH6S_DISCOVER: 3272 /* Only accept REPLY in DISCOVER for RAPID_COMMIT. 3273 * Normally we get an ADVERTISE for a DISCOVER. */ 3274 if (!has_option_mask(ifo->requestmask6, 3275 D6_OPTION_RAPID_COMMIT) || 3276 !dhcp6_findmoption(r, len, D6_OPTION_RAPID_COMMIT, 3277 NULL)) 3278 { 3279 valid_op = false; 3280 break; 3281 } 3282 /* Validate lease before setting state to REQUEST. */ 3283 /* FALLTHROUGH */ 3284 case DH6S_REQUEST: /* FALLTHROUGH */ 3285 case DH6S_RENEW: /* FALLTHROUGH */ 3286 case DH6S_REBIND: 3287 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3288 { 3289 /* 3290 * If we can't use the lease, fallback to 3291 * DISCOVER and try and get a new one. 3292 * 3293 * This is needed become some servers 3294 * renumber the prefix or address 3295 * and deny the current one before it expires 3296 * rather than sending it back with a zero 3297 * lifetime along with the new prefix or 3298 * address to use. 3299 * This behavior is wrong, but moving to the 3300 * DISCOVER phase works around it. 3301 * 3302 * The currently held lease is still valid 3303 * until a new one is found. 3304 */ 3305 if (state->state != DH6S_DISCOVER) 3306 dhcp6_startdiscover(ifp); 3307 return; 3308 } 3309 /* RFC8415 18.2.10.1 */ 3310 if ((state->state == DH6S_RENEW || 3311 state->state == DH6S_REBIND) && 3312 state->has_no_binding) 3313 { 3314 dhcp6_startrequest(ifp); 3315 return; 3316 } 3317 if (state->state == DH6S_DISCOVER) 3318 state->state = DH6S_REQUEST; 3319 break; 3320 default: 3321 valid_op = false; 3322 break; 3323 } 3324 break; 3325 case DHCP6_ADVERTISE: 3326 if (state->state != DH6S_DISCOVER) { 3327 valid_op = false; 3328 break; 3329 } 3330 /* RFC7083 */ 3331 o = dhcp6_findmoption(r, len, D6_OPTION_SOL_MAX_RT, &ol); 3332 if (o && ol == sizeof(uint32_t)) { 3333 uint32_t max_rt; 3334 3335 memcpy(&max_rt, o, sizeof(max_rt)); 3336 max_rt = ntohl(max_rt); 3337 if (max_rt >= 60 && max_rt <= 86400) { 3338 logdebugx("%s: SOL_MAX_RT %llu -> %u", 3339 ifp->name, 3340 (unsigned long long)state->sol_max_rt, 3341 max_rt); 3342 state->sol_max_rt = (time_t)max_rt; 3343 } else 3344 logerr("%s: invalid SOL_MAX_RT %u", 3345 ifp->name, max_rt); 3346 } 3347 o = dhcp6_findmoption(r, len, D6_OPTION_INF_MAX_RT, &ol); 3348 if (o && ol == sizeof(uint32_t)) { 3349 uint32_t max_rt; 3350 3351 memcpy(&max_rt, o, sizeof(max_rt)); 3352 max_rt = ntohl(max_rt); 3353 if (max_rt >= 60 && max_rt <= 86400) { 3354 logdebugx("%s: INF_MAX_RT %llu -> %u", 3355 ifp->name, 3356 (unsigned long long)state->inf_max_rt, 3357 max_rt); 3358 state->inf_max_rt = (time_t)max_rt; 3359 } else 3360 logerrx("%s: invalid INF_MAX_RT %u", 3361 ifp->name, max_rt); 3362 } 3363 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3364 return; 3365 break; 3366 case DHCP6_RECONFIGURE: 3367 #ifdef AUTH 3368 if (auth == NULL) { 3369 #endif 3370 logerrx("%s: unauthenticated %s from %s", 3371 ifp->name, op, sfrom); 3372 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) 3373 return; 3374 #ifdef AUTH 3375 } 3376 loginfox("%s: %s from %s", ifp->name, op, sfrom); 3377 o = dhcp6_findmoption(r, len, D6_OPTION_RECONF_MSG, &ol); 3378 if (o == NULL) { 3379 logerrx("%s: missing Reconfigure Message option", 3380 ifp->name); 3381 return; 3382 } 3383 if (ol != 1) { 3384 logerrx("%s: missing Reconfigure Message type", 3385 ifp->name); 3386 return; 3387 } 3388 switch(*o) { 3389 case DHCP6_RENEW: 3390 if (state->state != DH6S_BOUND) { 3391 logerrx("%s: not bound, ignoring %s", 3392 ifp->name, op); 3393 return; 3394 } 3395 dhcp6_startrenew(ifp); 3396 break; 3397 case DHCP6_INFORMATION_REQ: 3398 if (state->state != DH6S_INFORMED) { 3399 logerrx("%s: not informed, ignoring %s", 3400 ifp->name, op); 3401 return; 3402 } 3403 eloop_timeout_delete(ifp->ctx->eloop, 3404 dhcp6_sendinform, ifp); 3405 dhcp6_startinform(ifp); 3406 break; 3407 default: 3408 logerr("%s: unsupported %s type %d", 3409 ifp->name, op, *o); 3410 break; 3411 } 3412 return; 3413 #else 3414 break; 3415 #endif 3416 default: 3417 logerrx("%s: invalid DHCP6 type %s (%d)", 3418 ifp->name, op, r->type); 3419 return; 3420 } 3421 if (!valid_op) { 3422 logwarnx("%s: invalid state for DHCP6 type %s (%d)", 3423 ifp->name, op, r->type); 3424 return; 3425 } 3426 3427 if (state->recv_len < (size_t)len) { 3428 free(state->recv); 3429 state->recv = malloc(len); 3430 if (state->recv == NULL) { 3431 logerr(__func__); 3432 return; 3433 } 3434 } 3435 memcpy(state->recv, r, len); 3436 state->recv_len = len; 3437 3438 switch (r->type) { 3439 case DHCP6_ADVERTISE: 3440 { 3441 struct ipv6_addr *ia; 3442 3443 if (state->state == DH6S_REQUEST) /* rapid commit */ 3444 break; 3445 TAILQ_FOREACH(ia, &state->addrs, next) { 3446 if (!(ia->flags & (IPV6_AF_STALE | IPV6_AF_REQUEST))) 3447 break; 3448 } 3449 if (ia == NULL) 3450 ia = TAILQ_FIRST(&state->addrs); 3451 if (ia == NULL) 3452 loginfox("%s: ADV (no address) from %s", 3453 ifp->name, sfrom); 3454 else 3455 loginfox("%s: ADV %s from %s", 3456 ifp->name, ia->saddr, sfrom); 3457 if (ifp->ctx->options & DHCPCD_TEST) 3458 break; 3459 dhcp6_startrequest(ifp); 3460 return; 3461 } 3462 } 3463 3464 dhcp6_bind(ifp, op, sfrom); 3465 } 3466 3467 static void 3468 dhcp6_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg, struct ipv6_addr *ia) 3469 { 3470 struct sockaddr_in6 *from = msg->msg_name; 3471 size_t len = msg->msg_iov[0].iov_len; 3472 char sfrom[INET6_ADDRSTRLEN]; 3473 struct interface *ifp; 3474 struct dhcp6_message *r; 3475 const struct dhcp6_state *state; 3476 uint8_t *o; 3477 uint16_t ol; 3478 3479 inet_ntop(AF_INET6, &from->sin6_addr, sfrom, sizeof(sfrom)); 3480 if (len < sizeof(struct dhcp6_message)) { 3481 logerrx("DHCPv6 packet too short from %s", sfrom); 3482 return; 3483 } 3484 3485 if (ia != NULL) 3486 ifp = ia->iface; 3487 else { 3488 ifp = if_findifpfromcmsg(ctx, msg, NULL); 3489 if (ifp == NULL) { 3490 logerr(__func__); 3491 return; 3492 } 3493 } 3494 3495 r = (struct dhcp6_message *)msg->msg_iov[0].iov_base; 3496 o = dhcp6_findmoption(r, len, D6_OPTION_CLIENTID, &ol); 3497 if (o == NULL || ol != ctx->duid_len || 3498 memcmp(o, ctx->duid, ol) != 0) 3499 { 3500 logdebugx("%s: incorrect client ID from %s", 3501 ifp->name, sfrom); 3502 return; 3503 } 3504 3505 if (dhcp6_findmoption(r, len, D6_OPTION_SERVERID, NULL) == NULL) { 3506 logdebugx("%s: no DHCPv6 server ID from %s", 3507 ifp->name, sfrom); 3508 return; 3509 } 3510 3511 if (r->type == DHCP6_RECONFIGURE) { 3512 logdebugx("%s: RECONFIGURE6 recv from %s," 3513 " sending to all interfaces", 3514 ifp->name, sfrom); 3515 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3516 state = D6_CSTATE(ifp); 3517 if (state != NULL && state->send != NULL) 3518 dhcp6_recvif(ifp, sfrom, r, len); 3519 } 3520 return; 3521 } 3522 3523 state = D6_CSTATE(ifp); 3524 if (state == NULL || 3525 r->xid[0] != state->send->xid[0] || 3526 r->xid[1] != state->send->xid[1] || 3527 r->xid[2] != state->send->xid[2]) 3528 { 3529 struct interface *ifp1; 3530 const struct dhcp6_state *state1; 3531 3532 /* Find an interface with a matching xid. */ 3533 TAILQ_FOREACH(ifp1, ctx->ifaces, next) { 3534 state1 = D6_CSTATE(ifp1); 3535 if (state1 == NULL || state1->send == NULL) 3536 continue; 3537 if (r->xid[0] == state1->send->xid[0] && 3538 r->xid[1] == state1->send->xid[1] && 3539 r->xid[2] == state1->send->xid[2]) 3540 break; 3541 } 3542 3543 if (ifp1 == NULL) { 3544 if (state != NULL) 3545 logdebugx("%s: wrong xid 0x%02x%02x%02x" 3546 " (expecting 0x%02x%02x%02x) from %s", 3547 ifp->name, 3548 r->xid[0], r->xid[1], r->xid[2], 3549 state->send->xid[0], 3550 state->send->xid[1], 3551 state->send->xid[2], 3552 sfrom); 3553 return; 3554 } 3555 logdebugx("%s: redirecting DHCP6 message to %s", 3556 ifp->name, ifp1->name); 3557 ifp = ifp1; 3558 } 3559 3560 dhcp6_recvif(ifp, sfrom, r, len); 3561 } 3562 3563 static void 3564 dhcp6_recv(struct dhcpcd_ctx *ctx, struct ipv6_addr *ia) 3565 { 3566 struct sockaddr_in6 from; 3567 unsigned char buf[64 * 1024]; /* Maximum UDP message size */ 3568 struct iovec iov = { 3569 .iov_base = buf, 3570 .iov_len = sizeof(buf), 3571 }; 3572 unsigned char ctl[CMSG_SPACE(sizeof(struct in6_pktinfo))] = { 0 }; 3573 struct msghdr msg = { 3574 .msg_name = &from, .msg_namelen = sizeof(from), 3575 .msg_iov = &iov, .msg_iovlen = 1, 3576 .msg_control = ctl, .msg_controllen = sizeof(ctl), 3577 }; 3578 int s; 3579 ssize_t bytes; 3580 3581 s = ia != NULL ? ia->dhcp6_fd : ctx->dhcp6_fd; 3582 bytes = recvmsg(s, &msg, 0); 3583 if (bytes == -1) { 3584 logerr(__func__); 3585 return; 3586 } 3587 3588 iov.iov_len = (size_t)bytes; 3589 dhcp6_recvmsg(ctx, &msg, ia); 3590 } 3591 3592 static void 3593 dhcp6_recvaddr(void *arg) 3594 { 3595 struct ipv6_addr *ia = arg; 3596 3597 dhcp6_recv(ia->iface->ctx, ia); 3598 } 3599 3600 static void 3601 dhcp6_recvctx(void *arg) 3602 { 3603 struct dhcpcd_ctx *ctx = arg; 3604 3605 dhcp6_recv(ctx, NULL); 3606 } 3607 3608 static int 3609 dhcp6_listen(struct dhcpcd_ctx *ctx, struct ipv6_addr *ia) 3610 { 3611 struct sockaddr_in6 sa; 3612 int n, s; 3613 3614 #define SOCK_FLAGS SOCK_CLOEXEC | SOCK_NONBLOCK 3615 s = xsocket(PF_INET6, SOCK_DGRAM | SOCK_FLAGS, IPPROTO_UDP); 3616 #undef SOCK_FLAGS 3617 if (s == -1) 3618 goto errexit; 3619 3620 n = 1; 3621 if (setsockopt(s, SOL_SOCKET, SO_BROADCAST, &n, sizeof(n)) == -1) 3622 goto errexit; 3623 3624 memset(&sa, 0, sizeof(sa)); 3625 sa.sin6_family = AF_INET6; 3626 sa.sin6_port = htons(DHCP6_CLIENT_PORT); 3627 #ifdef BSD 3628 sa.sin6_len = sizeof(sa); 3629 #endif 3630 3631 if (ia != NULL) { 3632 memcpy(&sa.sin6_addr, &ia->addr, sizeof(sa.sin6_addr)); 3633 sa.sin6_scope_id = ia->iface->index; 3634 } 3635 3636 if (bind(s, (struct sockaddr *)&sa, sizeof(sa)) == -1) 3637 goto errexit; 3638 3639 n = 1; 3640 if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, &n, sizeof(n)) == -1) 3641 goto errexit; 3642 3643 if (ia != NULL) { 3644 ia->dhcp6_fd = s; 3645 eloop_event_add(ctx->eloop, s, dhcp6_recvaddr, ia); 3646 } 3647 3648 return s; 3649 3650 errexit: 3651 logerr(__func__); 3652 if (s != -1) 3653 close(s); 3654 return -1; 3655 } 3656 3657 #ifndef SMALL 3658 static void 3659 dhcp6_activateinterfaces(struct interface *ifp) 3660 { 3661 struct interface *ifd; 3662 size_t i, j; 3663 struct if_ia *ia; 3664 struct if_sla *sla; 3665 3666 for (i = 0; i < ifp->options->ia_len; i++) { 3667 ia = &ifp->options->ia[i]; 3668 if (ia->ia_type != D6_OPTION_IA_PD) 3669 continue; 3670 for (j = 0; j < ia->sla_len; j++) { 3671 sla = &ia->sla[j]; 3672 ifd = if_find(ifp->ctx->ifaces, sla->ifname); 3673 if (ifd == NULL) { 3674 logwarn("%s: cannot delegate to %s", 3675 ifp->name, sla->ifname); 3676 continue; 3677 } 3678 if (!ifd->active) { 3679 loginfox("%s: activating for delegation", 3680 sla->ifname); 3681 dhcpcd_activateinterface(ifd, 3682 DHCPCD_IPV6 | DHCPCD_DHCP6); 3683 } 3684 } 3685 } 3686 } 3687 #endif 3688 3689 static int 3690 dhcp6_open(struct dhcpcd_ctx *ctx) 3691 { 3692 3693 if (ctx->dhcp6_fd != -1 || 3694 (ctx->dhcp6_fd = dhcp6_listen(ctx, NULL)) == -1) 3695 return ctx->dhcp6_fd; 3696 3697 eloop_event_add(ctx->eloop, ctx->dhcp6_fd, dhcp6_recvctx, ctx); 3698 return ctx->dhcp6_fd; 3699 } 3700 3701 static void 3702 dhcp6_start1(void *arg) 3703 { 3704 struct interface *ifp = arg; 3705 struct dhcpcd_ctx *ctx = ifp->ctx; 3706 struct if_options *ifo = ifp->options; 3707 struct dhcp6_state *state; 3708 size_t i; 3709 const struct dhcp_compat *dhc; 3710 3711 if (ctx->options & DHCPCD_MASTER) { 3712 if (dhcp6_open(ctx) == -1) 3713 return; 3714 } 3715 3716 state = D6_STATE(ifp); 3717 /* If no DHCPv6 options are configured, 3718 match configured DHCPv4 options to DHCPv6 equivalents. */ 3719 for (i = 0; i < sizeof(ifo->requestmask6); i++) { 3720 if (ifo->requestmask6[i] != '\0') 3721 break; 3722 } 3723 if (i == sizeof(ifo->requestmask6)) { 3724 for (dhc = dhcp_compats; dhc->dhcp_opt; dhc++) { 3725 if (has_option_mask(ifo->requestmask, dhc->dhcp_opt)) 3726 add_option_mask(ifo->requestmask6, 3727 dhc->dhcp6_opt); 3728 } 3729 if (ifo->fqdn != FQDN_DISABLE || 3730 ifo->options & DHCPCD_HOSTNAME) 3731 add_option_mask(ifo->requestmask6, D6_OPTION_FQDN); 3732 } 3733 3734 #ifndef SMALL 3735 /* Rapid commit won't work with Prefix Delegation Exclusion */ 3736 if (dhcp6_findselfsla(ifp)) 3737 del_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT); 3738 #endif 3739 3740 if (state->state == DH6S_INFORM) { 3741 add_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 3742 dhcp6_startinform(ifp); 3743 } else { 3744 del_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 3745 dhcp6_startinit(ifp); 3746 } 3747 3748 #ifndef SMALL 3749 dhcp6_activateinterfaces(ifp); 3750 #endif 3751 } 3752 3753 int 3754 dhcp6_start(struct interface *ifp, enum DH6S init_state) 3755 { 3756 struct dhcp6_state *state; 3757 3758 state = D6_STATE(ifp); 3759 if (state != NULL) { 3760 switch (init_state) { 3761 case DH6S_INIT: 3762 goto gogogo; 3763 case DH6S_INFORM: 3764 if (state->state == DH6S_INFORMED) 3765 dhcp6_startinform(ifp); 3766 break; 3767 case DH6S_REQUEST: 3768 if (ifp->options->options & DHCPCD_DHCP6 && 3769 (state->state == DH6S_INFORM || 3770 state->state == DH6S_INFORMED || 3771 state->state == DH6S_DELEGATED)) 3772 { 3773 /* Change from stateless to stateful */ 3774 init_state = DH6S_INIT; 3775 goto gogogo; 3776 } 3777 break; 3778 case DH6S_CONFIRM: 3779 init_state = DH6S_INIT; 3780 goto gogogo; 3781 default: 3782 /* Not possible, but sushes some compiler warnings. */ 3783 break; 3784 } 3785 return 0; 3786 } else { 3787 switch (init_state) { 3788 case DH6S_CONFIRM: 3789 /* No DHCPv6 config, no existing state 3790 * so nothing to do. */ 3791 return 0; 3792 case DH6S_INFORM: 3793 break; 3794 default: 3795 init_state = DH6S_INIT; 3796 break; 3797 } 3798 } 3799 3800 if (!(ifp->options->options & DHCPCD_DHCP6)) 3801 return 0; 3802 3803 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 3804 state = D6_STATE(ifp); 3805 if (state == NULL) 3806 return -1; 3807 3808 state->sol_max_rt = SOL_MAX_RT; 3809 state->inf_max_rt = INF_MAX_RT; 3810 TAILQ_INIT(&state->addrs); 3811 3812 gogogo: 3813 state->state = init_state; 3814 state->lerror = 0; 3815 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3816 AF_INET6, ifp); 3817 if (ipv6_linklocal(ifp) == NULL) { 3818 logdebugx("%s: delaying DHCPv6 soliciation for LL address", 3819 ifp->name); 3820 ipv6_addlinklocalcallback(ifp, dhcp6_start1, ifp); 3821 return 0; 3822 } 3823 3824 dhcp6_start1(ifp); 3825 return 0; 3826 } 3827 3828 void 3829 dhcp6_reboot(struct interface *ifp) 3830 { 3831 struct dhcp6_state *state; 3832 3833 state = D6_STATE(ifp); 3834 if (state == NULL) 3835 return; 3836 3837 state->lerror = 0; 3838 switch (state->state) { 3839 case DH6S_BOUND: 3840 dhcp6_startrebind(ifp); 3841 break; 3842 case DH6S_INFORMED: 3843 dhcp6_startinform(ifp); 3844 break; 3845 default: 3846 dhcp6_startdiscover(ifp); 3847 break; 3848 } 3849 } 3850 3851 static void 3852 dhcp6_freedrop(struct interface *ifp, int drop, const char *reason) 3853 { 3854 struct dhcp6_state *state; 3855 struct dhcpcd_ctx *ctx; 3856 unsigned long long options; 3857 3858 if (ifp->options) 3859 options = ifp->options->options; 3860 else 3861 options = ifp->ctx->options; 3862 3863 if (ifp->ctx->eloop) 3864 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3865 3866 #ifndef SMALL 3867 /* If we're dropping the lease, drop delegated addresses. 3868 * If, for whatever reason, we don't drop them in the future 3869 * then they should at least be marked as deprecated (pltime 0). */ 3870 if (drop && (options & DHCPCD_NODROP) != DHCPCD_NODROP) 3871 dhcp6_delete_delegates(ifp); 3872 #endif 3873 3874 state = D6_STATE(ifp); 3875 if (state) { 3876 /* Failure to send the release may cause this function to 3877 * re-enter */ 3878 if (state->state == DH6S_RELEASE) { 3879 dhcp6_finishrelease(ifp); 3880 return; 3881 } 3882 3883 if (drop && options & DHCPCD_RELEASE && 3884 state->state != DH6S_DELEGATED) 3885 { 3886 if (ifp->carrier == LINK_UP && 3887 state->state != DH6S_RELEASED && 3888 state->state != DH6S_INFORMED) 3889 { 3890 dhcp6_startrelease(ifp); 3891 return; 3892 } 3893 unlink(state->leasefile); 3894 } 3895 dhcp6_freedrop_addrs(ifp, drop, NULL); 3896 free(state->old); 3897 state->old = state->new; 3898 state->old_len = state->new_len; 3899 state->new = NULL; 3900 state->new_len = 0; 3901 if (drop && state->old && 3902 (options & DHCPCD_NODROP) != DHCPCD_NODROP) 3903 { 3904 if (reason == NULL) 3905 reason = "STOP6"; 3906 script_runreason(ifp, reason); 3907 } 3908 free(state->old); 3909 free(state->send); 3910 free(state->recv); 3911 free(state); 3912 ifp->if_data[IF_DATA_DHCP6] = NULL; 3913 } 3914 3915 /* If we don't have any more DHCP6 enabled interfaces, 3916 * close the global socket and release resources */ 3917 ctx = ifp->ctx; 3918 if (ctx->ifaces) { 3919 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3920 if (D6_STATE(ifp)) 3921 break; 3922 } 3923 } 3924 if (ifp == NULL && ctx->dhcp6_fd != -1) { 3925 eloop_event_delete(ctx->eloop, ctx->dhcp6_fd); 3926 close(ctx->dhcp6_fd); 3927 ctx->dhcp6_fd = -1; 3928 } 3929 } 3930 3931 void 3932 dhcp6_drop(struct interface *ifp, const char *reason) 3933 { 3934 3935 dhcp6_freedrop(ifp, 1, reason); 3936 } 3937 3938 void 3939 dhcp6_free(struct interface *ifp) 3940 { 3941 3942 dhcp6_freedrop(ifp, 0, NULL); 3943 } 3944 3945 void 3946 dhcp6_abort(struct interface *ifp) 3947 { 3948 #ifdef ND6_ADVERTISE 3949 struct dhcp6_state *state; 3950 struct ipv6_addr *ia; 3951 #endif 3952 3953 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_start1, ifp); 3954 #ifdef ND6_ADVERTISE 3955 state = D6_STATE(ifp); 3956 if (state == NULL) 3957 return; 3958 TAILQ_FOREACH(ia, &state->addrs, next) { 3959 ipv6nd_advertise(ia); 3960 } 3961 #endif 3962 } 3963 3964 void 3965 dhcp6_handleifa(int cmd, struct ipv6_addr *ia, pid_t pid) 3966 { 3967 struct dhcp6_state *state; 3968 struct interface *ifp = ia->iface; 3969 3970 /* If not running in master mode, listen to this address */ 3971 if (cmd == RTM_NEWADDR && 3972 !(ia->addr_flags & IN6_IFF_NOTUSEABLE) && 3973 ifp->active == IF_ACTIVE_USER && 3974 !(ifp->ctx->options & DHCPCD_MASTER) && 3975 ifp->options->options & DHCPCD_DHCP6 && 3976 ia->dhcp6_fd == -1) 3977 dhcp6_listen(ia->iface->ctx, ia); 3978 3979 if ((state = D6_STATE(ifp)) != NULL) 3980 ipv6_handleifa_addrs(cmd, &state->addrs, ia, pid); 3981 } 3982 3983 ssize_t 3984 dhcp6_env(FILE *fp, const char *prefix, const struct interface *ifp, 3985 const struct dhcp6_message *m, size_t len) 3986 { 3987 const struct if_options *ifo; 3988 struct dhcp_opt *opt, *vo; 3989 const uint8_t *p; 3990 struct dhcp6_option o; 3991 size_t i; 3992 char *pfx; 3993 uint32_t en; 3994 const struct dhcpcd_ctx *ctx; 3995 #ifndef SMALL 3996 const struct dhcp6_state *state; 3997 const struct ipv6_addr *ap; 3998 #endif 3999 4000 if (m == NULL) 4001 goto delegated; 4002 4003 if (len < sizeof(*m)) { 4004 /* Should be impossible with guards at packet in 4005 * and reading leases */ 4006 errno = EINVAL; 4007 return -1; 4008 } 4009 4010 ifo = ifp->options; 4011 ctx = ifp->ctx; 4012 4013 /* Zero our indexes */ 4014 for (i = 0, opt = ctx->dhcp6_opts; 4015 i < ctx->dhcp6_opts_len; 4016 i++, opt++) 4017 dhcp_zero_index(opt); 4018 for (i = 0, opt = ifp->options->dhcp6_override; 4019 i < ifp->options->dhcp6_override_len; 4020 i++, opt++) 4021 dhcp_zero_index(opt); 4022 for (i = 0, opt = ctx->vivso; 4023 i < ctx->vivso_len; 4024 i++, opt++) 4025 dhcp_zero_index(opt); 4026 if (asprintf(&pfx, "%s_dhcp6", prefix) == -1) 4027 return -1; 4028 4029 /* Unlike DHCP, DHCPv6 options *may* occur more than once. 4030 * There is also no provision for option concatenation unlike DHCP. */ 4031 p = (const uint8_t *)m + sizeof(*m); 4032 len -= sizeof(*m); 4033 for (; len != 0; p += o.len, len -= o.len) { 4034 if (len < sizeof(o)) { 4035 errno = EINVAL; 4036 break; 4037 } 4038 memcpy(&o, p, sizeof(o)); 4039 p += sizeof(o); 4040 len -= sizeof(o); 4041 o.len = ntohs(o.len); 4042 if (len < o.len) { 4043 errno = EINVAL; 4044 break; 4045 } 4046 o.code = ntohs(o.code); 4047 if (has_option_mask(ifo->nomask6, o.code)) 4048 continue; 4049 for (i = 0, opt = ifo->dhcp6_override; 4050 i < ifo->dhcp6_override_len; 4051 i++, opt++) 4052 if (opt->option == o.code) 4053 break; 4054 if (i == ifo->dhcp6_override_len && 4055 o.code == D6_OPTION_VENDOR_OPTS && 4056 o.len > sizeof(en)) 4057 { 4058 memcpy(&en, p, sizeof(en)); 4059 en = ntohl(en); 4060 vo = vivso_find(en, ifp); 4061 } else 4062 vo = NULL; 4063 if (i == ifo->dhcp6_override_len) { 4064 for (i = 0, opt = ctx->dhcp6_opts; 4065 i < ctx->dhcp6_opts_len; 4066 i++, opt++) 4067 if (opt->option == o.code) 4068 break; 4069 if (i == ctx->dhcp6_opts_len) 4070 opt = NULL; 4071 } 4072 if (opt) { 4073 dhcp_envoption(ifp->ctx, 4074 fp, pfx, ifp->name, 4075 opt, dhcp6_getoption, p, o.len); 4076 } 4077 if (vo) { 4078 dhcp_envoption(ifp->ctx, 4079 fp, pfx, ifp->name, 4080 vo, dhcp6_getoption, 4081 p + sizeof(en), 4082 o.len - sizeof(en)); 4083 } 4084 } 4085 free(pfx); 4086 4087 delegated: 4088 #ifndef SMALL 4089 /* Needed for Delegated Prefixes */ 4090 state = D6_CSTATE(ifp); 4091 TAILQ_FOREACH(ap, &state->addrs, next) { 4092 if (ap->delegating_prefix) 4093 break; 4094 } 4095 if (ap == NULL) 4096 return 1; 4097 if (fprintf(fp, "%s_delegated_dhcp6_prefix=", prefix) == -1) 4098 return -1; 4099 TAILQ_FOREACH(ap, &state->addrs, next) { 4100 if (ap->delegating_prefix == NULL) 4101 continue; 4102 if (ap != TAILQ_FIRST(&state->addrs)) { 4103 if (fputc(' ', fp) == EOF) 4104 return -1; 4105 } 4106 if (fprintf(fp, "%s", ap->saddr) == -1) 4107 return -1; 4108 } 4109 if (fputc('\0', fp) == EOF) 4110 return -1; 4111 #endif 4112 4113 return 1; 4114 } 4115 4116 int 4117 dhcp6_dump(struct interface *ifp) 4118 { 4119 struct dhcp6_state *state; 4120 4121 ifp->if_data[IF_DATA_DHCP6] = state = calloc(1, sizeof(*state)); 4122 if (state == NULL) { 4123 logerr(__func__); 4124 return -1; 4125 } 4126 TAILQ_INIT(&state->addrs); 4127 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 4128 AF_INET6, ifp); 4129 if (dhcp6_readlease(ifp, 0) == -1) { 4130 logerr("%s: %s", __func__, 4131 *ifp->name ? ifp->name : state->leasefile); 4132 return -1; 4133 } 4134 state->reason = "DUMP6"; 4135 return script_runreason(ifp, state->reason); 4136 } 4137 #endif 4138