1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * BSD interface driver for dhcpcd 4 * Copyright (c) 2006-2020 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/ioctl.h> 30 #include <sys/param.h> 31 #include <sys/socket.h> 32 #include <sys/stat.h> 33 #include <sys/sysctl.h> 34 #include <sys/time.h> 35 #include <sys/types.h> 36 #include <sys/uio.h> 37 #include <sys/utsname.h> 38 39 #include "config.h" 40 41 #include <arpa/inet.h> 42 #include <net/bpf.h> 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 #include <net/route.h> 47 #include <netinet/if_ether.h> 48 #include <netinet/in.h> 49 #include <netinet/in_var.h> 50 #include <netinet6/in6_var.h> 51 #include <netinet6/nd6.h> 52 #ifdef __NetBSD__ 53 #include <net/if_vlanvar.h> /* Needs netinet/if_ether.h */ 54 #elif defined(__DragonFly__) 55 #include <net/vlan/if_vlan_var.h> 56 #else 57 #include <net/if_vlan_var.h> 58 #endif 59 #ifdef __DragonFly__ 60 # include <netproto/802_11/ieee80211_ioctl.h> 61 #else 62 # include <net80211/ieee80211.h> 63 # include <net80211/ieee80211_ioctl.h> 64 #endif 65 66 #include <assert.h> 67 #include <errno.h> 68 #include <fcntl.h> 69 #include <fnmatch.h> 70 #include <paths.h> 71 #include <stddef.h> 72 #include <stdio.h> 73 #include <stdlib.h> 74 #include <string.h> 75 #include <unistd.h> 76 77 #if defined(OpenBSD) && OpenBSD >= 201411 78 /* OpenBSD dropped the global setting from sysctl but left the #define 79 * which causes a EPERM error when trying to use it. 80 * I think both the error and keeping the define are wrong, so we #undef it. */ 81 #undef IPV6CTL_ACCEPT_RTADV 82 #endif 83 84 #include "common.h" 85 #include "dhcp.h" 86 #include "if.h" 87 #include "if-options.h" 88 #include "ipv4.h" 89 #include "ipv4ll.h" 90 #include "ipv6.h" 91 #include "ipv6nd.h" 92 #include "logerr.h" 93 #include "privsep.h" 94 #include "route.h" 95 #include "sa.h" 96 97 #ifndef RT_ROUNDUP 98 #define RT_ROUNDUP(a) \ 99 ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) 100 #define RT_ADVANCE(x, n) (x += RT_ROUNDUP((n)->sa_len)) 101 #endif 102 103 /* Ignore these interface names which look like ethernet but are virtual or 104 * just won't work without explicit configuration. */ 105 static const char * const ifnames_ignore[] = { 106 "bridge", 107 "fwe", /* Firewire */ 108 "fwip", /* Firewire */ 109 "tap", 110 "vether", 111 "xvif", /* XEN DOM0 -> guest interface */ 112 NULL 113 }; 114 115 struct priv { 116 int pf_inet6_fd; 117 }; 118 119 struct rtm 120 { 121 struct rt_msghdr hdr; 122 char buffer[sizeof(struct sockaddr_storage) * RTAX_MAX]; 123 }; 124 125 int 126 os_init(void) 127 { 128 return 0; 129 } 130 131 int 132 if_init(__unused struct interface *iface) 133 { 134 /* BSD promotes secondary address by default */ 135 return 0; 136 } 137 138 int 139 if_conf(__unused struct interface *iface) 140 { 141 /* No extra checks needed on BSD */ 142 return 0; 143 } 144 145 int 146 if_opensockets_os(struct dhcpcd_ctx *ctx) 147 { 148 struct priv *priv; 149 int n; 150 #if defined(RO_MSGFILTER) || defined(ROUTE_MSGFILTER) 151 unsigned char msgfilter[] = { 152 RTM_IFINFO, 153 #ifdef RTM_IFANNOUNCE 154 RTM_IFANNOUNCE, 155 #endif 156 RTM_ADD, RTM_CHANGE, RTM_DELETE, RTM_MISS, 157 #ifdef RTM_CHGADDR 158 RTM_CHGADDR, 159 #endif 160 RTM_NEWADDR, RTM_DELADDR 161 }; 162 #ifdef ROUTE_MSGFILTER 163 unsigned int i, msgfilter_mask; 164 #endif 165 #endif 166 167 if ((priv = malloc(sizeof(*priv))) == NULL) 168 return -1; 169 ctx->priv = priv; 170 171 #ifdef INET6 172 priv->pf_inet6_fd = xsocket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0); 173 #ifdef PRIVSEP_RIGHTS 174 if (IN_PRIVSEP(ctx)) 175 ps_rights_limit_ioctl(priv->pf_inet6_fd); 176 #endif 177 /* Don't return an error so we at least work on kernels witout INET6 178 * even though we expect INET6 support. 179 * We will fail noisily elsewhere anyway. */ 180 #else 181 priv->pf_inet6_fd = -1; 182 #endif 183 184 ctx->link_fd = xsocket(PF_ROUTE, SOCK_RAW | SOCK_CXNB, AF_UNSPEC); 185 if (ctx->link_fd == -1) 186 return -1; 187 188 #ifdef SO_RERROR 189 n = 1; 190 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_RERROR, &n,sizeof(n)) == -1) 191 logerr("%s: SO_RERROR", __func__); 192 #endif 193 194 /* Ignore our own route(4) messages. 195 * Sadly there is no way of doing this for route(4) messages 196 * generated from addresses we add/delete. */ 197 n = 0; 198 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_USELOOPBACK, 199 &n, sizeof(n)) == -1) 200 logerr("%s: SO_USELOOPBACK", __func__); 201 202 #if defined(RO_MSGFILTER) 203 if (setsockopt(ctx->link_fd, PF_ROUTE, RO_MSGFILTER, 204 &msgfilter, sizeof(msgfilter)) == -1) 205 logerr(__func__); 206 #elif defined(ROUTE_MSGFILTER) 207 /* Convert the array into a bitmask. */ 208 msgfilter_mask = 0; 209 for (i = 0; i < __arraycount(msgfilter); i++) 210 msgfilter_mask |= ROUTE_FILTER(msgfilter[i]); 211 if (setsockopt(ctx->link_fd, PF_ROUTE, ROUTE_MSGFILTER, 212 &msgfilter_mask, sizeof(msgfilter_mask)) == -1) 213 logerr(__func__); 214 #else 215 #warning kernel does not support route message filtering 216 #endif 217 218 #ifdef PRIVSEP_RIGHTS 219 /* We need to getsockopt for SO_RCVBUF and 220 * setsockopt for RO_MISSFILTER. */ 221 if (IN_PRIVSEP(ctx)) 222 ps_rights_limit_fd_sockopt(ctx->link_fd); 223 #endif 224 225 return 0; 226 } 227 228 void 229 if_closesockets_os(struct dhcpcd_ctx *ctx) 230 { 231 struct priv *priv; 232 233 priv = (struct priv *)ctx->priv; 234 if (priv->pf_inet6_fd != -1) 235 close(priv->pf_inet6_fd); 236 free(priv); 237 ctx->priv = NULL; 238 } 239 240 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 241 static int 242 if_ioctllink(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len) 243 { 244 int s; 245 int retval; 246 247 #ifdef PRIVSEP 248 if (ctx->options & DHCPCD_PRIVSEP) 249 return (int)ps_root_ioctllink(ctx, req, data, len); 250 #else 251 UNUSED(ctx); 252 #endif 253 254 s = socket(PF_LINK, SOCK_DGRAM, 0); 255 if (s == -1) 256 return -1; 257 retval = ioctl(s, req, data, len); 258 close(s); 259 return retval; 260 } 261 #endif 262 263 int 264 if_setmac(struct interface *ifp, void *mac, uint8_t maclen) 265 { 266 267 if (ifp->hwlen != maclen) { 268 errno = EINVAL; 269 return -1; 270 } 271 272 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 273 struct if_laddrreq iflr = { .flags = IFLR_ACTIVE }; 274 struct sockaddr_dl *sdl = satosdl(&iflr.addr); 275 int retval; 276 277 strlcpy(iflr.iflr_name, ifp->name, sizeof(iflr.iflr_name)); 278 sdl->sdl_family = AF_LINK; 279 sdl->sdl_len = sizeof(*sdl); 280 sdl->sdl_alen = maclen; 281 memcpy(LLADDR(sdl), mac, maclen); 282 retval = if_ioctllink(ifp->ctx, SIOCALIFADDR, &iflr, sizeof(iflr)); 283 284 /* Try and remove the old address */ 285 memcpy(LLADDR(sdl), ifp->hwaddr, ifp->hwlen); 286 if_ioctllink(ifp->ctx, SIOCDLIFADDR, &iflr, sizeof(iflr)); 287 288 return retval; 289 #else 290 struct ifreq ifr = { 291 .ifr_addr.sa_family = AF_LINK, 292 .ifr_addr.sa_len = maclen, 293 }; 294 295 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 296 memcpy(ifr.ifr_addr.sa_data, mac, maclen); 297 return if_ioctl(ifp->ctx, SIOCSIFLLADDR, &ifr, sizeof(ifr)); 298 #endif 299 } 300 301 static bool 302 if_ignore1(const char *drvname) 303 { 304 const char * const *p; 305 306 for (p = ifnames_ignore; *p; p++) { 307 if (strcmp(*p, drvname) == 0) 308 return true; 309 } 310 return false; 311 } 312 313 #ifdef SIOCGIFGROUP 314 int 315 if_ignoregroup(int s, const char *ifname) 316 { 317 struct ifgroupreq ifgr = { .ifgr_len = 0 }; 318 struct ifg_req *ifg; 319 size_t ifg_len; 320 321 /* Sadly it is possible to remove the device name 322 * from the interface groups, but hopefully this 323 * will be very unlikely.... */ 324 325 strlcpy(ifgr.ifgr_name, ifname, sizeof(ifgr.ifgr_name)); 326 if (ioctl(s, SIOCGIFGROUP, &ifgr) == -1 || 327 (ifgr.ifgr_groups = malloc(ifgr.ifgr_len)) == NULL || 328 ioctl(s, SIOCGIFGROUP, &ifgr) == -1) 329 { 330 logerr(__func__); 331 return -1; 332 } 333 334 for (ifg = ifgr.ifgr_groups, ifg_len = ifgr.ifgr_len; 335 ifg && ifg_len >= sizeof(*ifg); 336 ifg++, ifg_len -= sizeof(*ifg)) 337 { 338 if (if_ignore1(ifg->ifgrq_group)) 339 return 1; 340 } 341 return 0; 342 } 343 #endif 344 345 bool 346 if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) 347 { 348 struct if_spec spec; 349 350 if (if_nametospec(ifname, &spec) != 0) 351 return false; 352 353 if (if_ignore1(spec.drvname)) 354 return true; 355 356 #ifdef SIOCGIFGROUP 357 #if defined(PRIVSEP) && defined(HAVE_PLEDGE) 358 if (IN_PRIVSEP(ctx)) 359 return ps_root_ifignoregroup(ctx, ifname) == 1 ? true : false; 360 #endif 361 else 362 return if_ignoregroup(ctx->pf_inet_fd, ifname) == 1 ? 363 true : false; 364 #else 365 UNUSED(ctx); 366 return false; 367 #endif 368 } 369 370 static int if_indirect_ioctl(struct dhcpcd_ctx *ctx, 371 const char *ifname, unsigned long cmd, void *data, size_t len) 372 { 373 struct ifreq ifr = { .ifr_flags = 0 }; 374 375 #if defined(PRIVSEP) && (defined(HAVE_CAPSICUM) || defined(HAVE_PLEDGE)) 376 if (IN_PRIVSEP(ctx)) 377 return (int)ps_root_indirectioctl(ctx, cmd, ifname, data, len); 378 #else 379 UNUSED(len); 380 #endif 381 382 strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); 383 ifr.ifr_data = data; 384 return ioctl(ctx->pf_inet_fd, cmd, &ifr); 385 } 386 387 int 388 if_carrier(struct interface *ifp, const void *ifadata) 389 { 390 const struct if_data *ifi = ifadata; 391 392 /* 393 * Every BSD returns this and it is the sole source of truth. 394 * Not all BSD's support SIOCGIFDATA and not all interfaces 395 * support SIOCGIFMEDIA. 396 */ 397 assert(ifadata != NULL); 398 399 if (ifi->ifi_link_state >= LINK_STATE_UP) 400 return LINK_UP; 401 if (ifi->ifi_link_state == LINK_STATE_UNKNOWN) { 402 /* 403 * Work around net80211 issues in some BSDs. 404 * Wireless MUST support link state change. 405 */ 406 if (ifp->wireless) 407 return LINK_DOWN; 408 return LINK_UNKNOWN; 409 } 410 return LINK_DOWN; 411 } 412 413 static void 414 if_linkaddr(struct sockaddr_dl *sdl, const struct interface *ifp) 415 { 416 417 memset(sdl, 0, sizeof(*sdl)); 418 sdl->sdl_family = AF_LINK; 419 sdl->sdl_len = sizeof(*sdl); 420 sdl->sdl_nlen = sdl->sdl_alen = sdl->sdl_slen = 0; 421 sdl->sdl_index = (unsigned short)ifp->index; 422 } 423 424 static int 425 if_getssid1(struct dhcpcd_ctx *ctx, const char *ifname, void *ssid) 426 { 427 int retval = -1; 428 #if defined(SIOCG80211NWID) 429 struct ieee80211_nwid nwid; 430 #elif defined(IEEE80211_IOC_SSID) 431 struct ieee80211req ireq; 432 char nwid[IEEE80211_NWID_LEN]; 433 #endif 434 435 #if defined(SIOCG80211NWID) /* NetBSD */ 436 memset(&nwid, 0, sizeof(nwid)); 437 if (if_indirect_ioctl(ctx, ifname, SIOCG80211NWID, 438 &nwid, sizeof(nwid)) == 0) 439 { 440 if (ssid == NULL) 441 retval = nwid.i_len; 442 else if (nwid.i_len > IF_SSIDLEN) 443 errno = ENOBUFS; 444 else { 445 retval = nwid.i_len; 446 memcpy(ssid, nwid.i_nwid, nwid.i_len); 447 } 448 } 449 #elif defined(IEEE80211_IOC_SSID) /* FreeBSD */ 450 memset(&ireq, 0, sizeof(ireq)); 451 strlcpy(ireq.i_name, ifname, sizeof(ireq.i_name)); 452 ireq.i_type = IEEE80211_IOC_SSID; 453 ireq.i_val = -1; 454 memset(nwid, 0, sizeof(nwid)); 455 ireq.i_data = &nwid; 456 if (ioctl(ctx->pf_inet_fd, SIOCG80211, &ireq) == 0) { 457 if (ssid == NULL) 458 retval = ireq.i_len; 459 else if (ireq.i_len > IF_SSIDLEN) 460 errno = ENOBUFS; 461 else { 462 retval = ireq.i_len; 463 memcpy(ssid, nwid, ireq.i_len); 464 } 465 } 466 #else 467 errno = ENOSYS; 468 #endif 469 470 return retval; 471 } 472 473 int 474 if_getssid(struct interface *ifp) 475 { 476 int r; 477 478 r = if_getssid1(ifp->ctx, ifp->name, ifp->ssid); 479 if (r != -1) 480 ifp->ssid_len = (unsigned int)r; 481 else 482 ifp->ssid_len = 0; 483 ifp->ssid[ifp->ssid_len] = '\0'; 484 return r; 485 } 486 487 /* 488 * FreeBSD allows for Virtual Access Points 489 * We need to check if the interface is a Virtual Interface Master 490 * and if so, don't use it. 491 * This check is made by virtue of being a IEEE80211 device but 492 * returning the SSID gives an error. 493 */ 494 int 495 if_vimaster(struct dhcpcd_ctx *ctx, const char *ifname) 496 { 497 int r; 498 struct ifmediareq ifmr = { .ifm_active = 0 }; 499 500 strlcpy(ifmr.ifm_name, ifname, sizeof(ifmr.ifm_name)); 501 r = ioctl(ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr); 502 if (r == -1) 503 return -1; 504 if (ifmr.ifm_status & IFM_AVALID && 505 IFM_TYPE(ifmr.ifm_active) == IFM_IEEE80211) 506 { 507 if (if_getssid1(ctx, ifname, NULL) == -1) 508 return 1; 509 } 510 return 0; 511 } 512 513 unsigned short 514 if_vlanid(const struct interface *ifp) 515 { 516 #ifdef SIOCGETVLAN 517 struct vlanreq vlr = { .vlr_tag = 0 }; 518 519 if (if_indirect_ioctl(ifp->ctx, ifp->name, SIOCGETVLAN, 520 &vlr, sizeof(vlr)) != 0) 521 return 0; /* 0 means no VLANID */ 522 return vlr.vlr_tag; 523 #elif defined(SIOCGVNETID) 524 struct ifreq ifr = { .ifr_vnetid = 0 }; 525 526 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 527 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGVNETID, &ifr) != 0) 528 return 0; /* 0 means no VLANID */ 529 return ifr.ifr_vnetid; 530 #else 531 UNUSED(ifp); 532 return 0; /* 0 means no VLANID */ 533 #endif 534 } 535 536 static int 537 get_addrs(int type, const void *data, size_t data_len, 538 const struct sockaddr **sa) 539 { 540 const char *cp, *ep; 541 int i; 542 543 cp = data; 544 ep = cp + data_len; 545 for (i = 0; i < RTAX_MAX; i++) { 546 if (type & (1 << i)) { 547 if (cp >= ep) { 548 errno = EINVAL; 549 return -1; 550 } 551 sa[i] = (const struct sockaddr *)cp; 552 RT_ADVANCE(cp, sa[i]); 553 } else 554 sa[i] = NULL; 555 } 556 557 return 0; 558 } 559 560 static struct interface * 561 if_findsdl(struct dhcpcd_ctx *ctx, const struct sockaddr_dl *sdl) 562 { 563 564 if (sdl->sdl_index) 565 return if_findindex(ctx->ifaces, sdl->sdl_index); 566 567 if (sdl->sdl_nlen) { 568 char ifname[IF_NAMESIZE]; 569 570 memcpy(ifname, sdl->sdl_data, sdl->sdl_nlen); 571 ifname[sdl->sdl_nlen] = '\0'; 572 return if_find(ctx->ifaces, ifname); 573 } 574 if (sdl->sdl_alen) { 575 struct interface *ifp; 576 577 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 578 if (ifp->hwlen == sdl->sdl_alen && 579 memcmp(ifp->hwaddr, 580 sdl->sdl_data, sdl->sdl_alen) == 0) 581 return ifp; 582 } 583 } 584 585 errno = ENOENT; 586 return NULL; 587 } 588 589 static struct interface * 590 if_findsa(struct dhcpcd_ctx *ctx, const struct sockaddr *sa) 591 { 592 if (sa == NULL) { 593 errno = EINVAL; 594 return NULL; 595 } 596 597 switch (sa->sa_family) { 598 case AF_LINK: 599 { 600 const struct sockaddr_dl *sdl; 601 602 sdl = (const void *)sa; 603 return if_findsdl(ctx, sdl); 604 } 605 #ifdef INET 606 case AF_INET: 607 { 608 const struct sockaddr_in *sin; 609 struct ipv4_addr *ia; 610 611 sin = (const void *)sa; 612 if ((ia = ipv4_findmaskaddr(ctx, &sin->sin_addr))) 613 return ia->iface; 614 break; 615 } 616 #endif 617 #ifdef INET6 618 case AF_INET6: 619 { 620 const struct sockaddr_in6 *sin; 621 unsigned int scope; 622 struct ipv6_addr *ia; 623 624 sin = (const void *)sa; 625 scope = ipv6_getscope(sin); 626 if (scope != 0) 627 return if_findindex(ctx->ifaces, scope); 628 if ((ia = ipv6_findmaskaddr(ctx, &sin->sin6_addr))) 629 return ia->iface; 630 break; 631 } 632 #endif 633 default: 634 errno = EAFNOSUPPORT; 635 return NULL; 636 } 637 638 errno = ENOENT; 639 return NULL; 640 } 641 642 static void 643 if_copysa(struct sockaddr *dst, const struct sockaddr *src) 644 { 645 646 assert(dst != NULL); 647 assert(src != NULL); 648 649 memcpy(dst, src, src->sa_len); 650 #if defined(INET6) && defined(__KAME__) 651 if (dst->sa_family == AF_INET6) { 652 struct in6_addr *in6; 653 654 in6 = &satosin6(dst)->sin6_addr; 655 if (IN6_IS_ADDR_LINKLOCAL(in6)) 656 in6->s6_addr[2] = in6->s6_addr[3] = '\0'; 657 } 658 #endif 659 } 660 661 int 662 if_route(unsigned char cmd, const struct rt *rt) 663 { 664 struct dhcpcd_ctx *ctx; 665 struct rtm rtmsg; 666 struct rt_msghdr *rtm = &rtmsg.hdr; 667 char *bp = rtmsg.buffer; 668 struct sockaddr_dl sdl; 669 bool gateway_unspec; 670 671 assert(rt != NULL); 672 assert(rt->rt_ifp != NULL); 673 assert(rt->rt_ifp->ctx != NULL); 674 ctx = rt->rt_ifp->ctx; 675 676 #define ADDSA(sa) do { \ 677 memcpy(bp, (sa), (sa)->sa_len); \ 678 bp += RT_ROUNDUP((sa)->sa_len); \ 679 } while (0 /* CONSTCOND */) 680 681 memset(&rtmsg, 0, sizeof(rtmsg)); 682 rtm->rtm_version = RTM_VERSION; 683 rtm->rtm_type = cmd; 684 #ifdef __OpenBSD__ 685 rtm->rtm_pid = getpid(); 686 #endif 687 rtm->rtm_seq = ++ctx->seq; 688 rtm->rtm_flags = (int)rt->rt_flags; 689 rtm->rtm_addrs = RTA_DST; 690 #ifdef RTF_PINNED 691 if (cmd != RTM_ADD) 692 rtm->rtm_flags |= RTF_PINNED; 693 #endif 694 695 gateway_unspec = sa_is_unspecified(&rt->rt_gateway); 696 697 if (cmd == RTM_ADD || cmd == RTM_CHANGE) { 698 bool netmask_bcast = sa_is_allones(&rt->rt_netmask); 699 700 rtm->rtm_flags |= RTF_UP; 701 rtm->rtm_addrs |= RTA_GATEWAY; 702 if (!(rtm->rtm_flags & RTF_REJECT) && 703 !sa_is_loopback(&rt->rt_gateway)) 704 { 705 rtm->rtm_index = (unsigned short)rt->rt_ifp->index; 706 /* 707 * OpenBSD rejects the message for on-link routes. 708 * FreeBSD-12 kernel apparently panics. 709 * I can't replicate the panic, but better safe than sorry! 710 * https://roy.marples.name/archives/dhcpcd-discuss/0002286.html 711 * 712 * Neither OS currently allows IPv6 address sharing anyway, so let's 713 * try to encourage someone to fix that by logging a waring during compile. 714 */ 715 #if defined(__FreeBSD__) || defined(__OpenBSD__) 716 #warning kernel does not allow IPv6 address sharing 717 if (!gateway_unspec || rt->rt_dest.sa_family!=AF_INET6) 718 #endif 719 rtm->rtm_addrs |= RTA_IFP; 720 if (!sa_is_unspecified(&rt->rt_ifa)) 721 rtm->rtm_addrs |= RTA_IFA; 722 } 723 if (netmask_bcast) 724 rtm->rtm_flags |= RTF_HOST; 725 /* Network routes are cloning or connected if supported. 726 * All other routes are static. */ 727 if (gateway_unspec) { 728 #ifdef RTF_CLONING 729 rtm->rtm_flags |= RTF_CLONING; 730 #endif 731 #ifdef RTF_CONNECTED 732 rtm->rtm_flags |= RTF_CONNECTED; 733 #endif 734 #ifdef RTP_CONNECTED 735 rtm->rtm_priority = RTP_CONNECTED; 736 #endif 737 #ifdef RTF_CLONING 738 if (netmask_bcast) { 739 /* 740 * We add a cloning network route for a single 741 * host. Traffic to the host will generate a 742 * cloned route and the hardware address will 743 * resolve correctly. 744 * It might be more correct to use RTF_HOST 745 * instead of RTF_CLONING, and that does work, 746 * but some OS generate an arp warning 747 * diagnostic which we don't want to do. 748 */ 749 rtm->rtm_flags &= ~RTF_HOST; 750 } 751 #endif 752 } else 753 rtm->rtm_flags |= RTF_GATEWAY; 754 755 if (rt->rt_dflags & RTDF_STATIC) 756 rtm->rtm_flags |= RTF_STATIC; 757 758 if (rt->rt_mtu != 0) { 759 rtm->rtm_inits |= RTV_MTU; 760 rtm->rtm_rmx.rmx_mtu = rt->rt_mtu; 761 } 762 } 763 764 if (!(rtm->rtm_flags & RTF_HOST)) 765 rtm->rtm_addrs |= RTA_NETMASK; 766 767 if_linkaddr(&sdl, rt->rt_ifp); 768 769 ADDSA(&rt->rt_dest); 770 771 if (rtm->rtm_addrs & RTA_GATEWAY) { 772 if (gateway_unspec) 773 ADDSA((struct sockaddr *)&sdl); 774 else { 775 union sa_ss gateway; 776 777 if_copysa(&gateway.sa, &rt->rt_gateway); 778 #ifdef INET6 779 if (gateway.sa.sa_family == AF_INET6) 780 ipv6_setscope(&gateway.sin6, rt->rt_ifp->index); 781 #endif 782 ADDSA(&gateway.sa); 783 } 784 } 785 786 if (rtm->rtm_addrs & RTA_NETMASK) 787 ADDSA(&rt->rt_netmask); 788 789 if (rtm->rtm_addrs & RTA_IFP) 790 ADDSA((struct sockaddr *)&sdl); 791 792 if (rtm->rtm_addrs & RTA_IFA) 793 ADDSA(&rt->rt_ifa); 794 795 #undef ADDSA 796 797 rtm->rtm_msglen = (unsigned short)(bp - (char *)rtm); 798 799 #ifdef PRIVSEP 800 if (ctx->options & DHCPCD_PRIVSEP) { 801 if (ps_root_route(ctx, rtm, rtm->rtm_msglen) == -1) 802 return -1; 803 return 0; 804 } 805 #endif 806 if (write(ctx->link_fd, rtm, rtm->rtm_msglen) == -1) 807 return -1; 808 return 0; 809 } 810 811 static bool 812 if_realroute(const struct rt_msghdr *rtm) 813 { 814 815 #ifdef RTF_CLONED 816 if (rtm->rtm_flags & RTF_CLONED) 817 return false; 818 #endif 819 #ifdef RTF_WASCLONED 820 if (rtm->rtm_flags & RTF_WASCLONED) 821 return false; 822 #endif 823 #ifdef RTF_LOCAL 824 if (rtm->rtm_flags & RTF_LOCAL) 825 return false; 826 #endif 827 #ifdef RTF_BROADCAST 828 if (rtm->rtm_flags & RTF_BROADCAST) 829 return false; 830 #endif 831 return true; 832 } 833 834 static int 835 if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, const struct rt_msghdr *rtm) 836 { 837 const struct sockaddr *rti_info[RTAX_MAX]; 838 839 if (!(rtm->rtm_addrs & RTA_DST)) { 840 errno = EINVAL; 841 return -1; 842 } 843 if (rtm->rtm_type != RTM_MISS && !(rtm->rtm_addrs & RTA_GATEWAY)) { 844 errno = EINVAL; 845 return -1; 846 } 847 848 if (get_addrs(rtm->rtm_addrs, (const char *)rtm + sizeof(*rtm), 849 rtm->rtm_msglen - sizeof(*rtm), rti_info) == -1) 850 return -1; 851 memset(rt, 0, sizeof(*rt)); 852 853 rt->rt_flags = (unsigned int)rtm->rtm_flags; 854 if_copysa(&rt->rt_dest, rti_info[RTAX_DST]); 855 if (rtm->rtm_addrs & RTA_NETMASK) { 856 if_copysa(&rt->rt_netmask, rti_info[RTAX_NETMASK]); 857 if (rt->rt_netmask.sa_family == 255) /* Why? */ 858 rt->rt_netmask.sa_family = rt->rt_dest.sa_family; 859 } 860 861 /* dhcpcd likes an unspecified gateway to indicate via the link. 862 * However we need to know if gateway was a link with an address. */ 863 if (rtm->rtm_addrs & RTA_GATEWAY) { 864 if (rti_info[RTAX_GATEWAY]->sa_family == AF_LINK) { 865 const struct sockaddr_dl *sdl; 866 867 sdl = (const struct sockaddr_dl*) 868 (const void *)rti_info[RTAX_GATEWAY]; 869 if (sdl->sdl_alen != 0) 870 rt->rt_dflags |= RTDF_GATELINK; 871 } else if (rtm->rtm_flags & RTF_GATEWAY) 872 if_copysa(&rt->rt_gateway, rti_info[RTAX_GATEWAY]); 873 } 874 875 if (rtm->rtm_addrs & RTA_IFA) 876 if_copysa(&rt->rt_ifa, rti_info[RTAX_IFA]); 877 878 rt->rt_mtu = (unsigned int)rtm->rtm_rmx.rmx_mtu; 879 880 if (rtm->rtm_index) 881 rt->rt_ifp = if_findindex(ctx->ifaces, rtm->rtm_index); 882 else if (rtm->rtm_addrs & RTA_IFP) 883 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_IFP]); 884 else if (rtm->rtm_addrs & RTA_GATEWAY) 885 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_GATEWAY]); 886 else 887 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_DST]); 888 889 if (rt->rt_ifp == NULL && rtm->rtm_type == RTM_MISS) 890 rt->rt_ifp = if_find(ctx->ifaces, "lo0"); 891 892 if (rt->rt_ifp == NULL) { 893 errno = ESRCH; 894 return -1; 895 } 896 return 0; 897 } 898 899 int 900 if_initrt(struct dhcpcd_ctx *ctx, rb_tree_t *kroutes, int af) 901 { 902 struct rt_msghdr *rtm; 903 int mib[6]; 904 size_t needed; 905 char *buf, *p, *end; 906 struct rt rt, *rtn; 907 908 mib[0] = CTL_NET; 909 mib[1] = PF_ROUTE; 910 mib[2] = 0; 911 mib[3] = af; 912 mib[4] = NET_RT_DUMP; 913 mib[5] = 0; 914 915 if (sysctl(mib, 6, NULL, &needed, NULL, 0) == -1) 916 return -1; 917 if (needed == 0) 918 return 0; 919 if ((buf = malloc(needed)) == NULL) 920 return -1; 921 if (sysctl(mib, 6, buf, &needed, NULL, 0) == -1) { 922 free(buf); 923 return -1; 924 } 925 926 end = buf + needed; 927 for (p = buf; p < end; p += rtm->rtm_msglen) { 928 rtm = (void *)p; 929 if (p + rtm->rtm_msglen >= end) { 930 errno = EINVAL; 931 break; 932 } 933 if (!if_realroute(rtm)) 934 continue; 935 if (if_copyrt(ctx, &rt, rtm) != 0) 936 continue; 937 if ((rtn = rt_new(rt.rt_ifp)) == NULL) { 938 logerr(__func__); 939 break; 940 } 941 memcpy(rtn, &rt, sizeof(*rtn)); 942 if (rb_tree_insert_node(kroutes, rtn) != rtn) 943 rt_free(rtn); 944 } 945 free(buf); 946 return p == end ? 0 : -1; 947 } 948 949 #ifdef INET 950 int 951 if_address(unsigned char cmd, const struct ipv4_addr *ia) 952 { 953 int r; 954 struct in_aliasreq ifra; 955 struct dhcpcd_ctx *ctx = ia->iface->ctx; 956 957 memset(&ifra, 0, sizeof(ifra)); 958 strlcpy(ifra.ifra_name, ia->iface->name, sizeof(ifra.ifra_name)); 959 960 #define ADDADDR(var, addr) do { \ 961 (var)->sin_family = AF_INET; \ 962 (var)->sin_len = sizeof(*(var)); \ 963 (var)->sin_addr = *(addr); \ 964 } while (/*CONSTCOND*/0) 965 ADDADDR(&ifra.ifra_addr, &ia->addr); 966 ADDADDR(&ifra.ifra_mask, &ia->mask); 967 if (cmd == RTM_NEWADDR && ia->brd.s_addr != INADDR_ANY) 968 ADDADDR(&ifra.ifra_broadaddr, &ia->brd); 969 #undef ADDADDR 970 971 r = if_ioctl(ctx, 972 cmd == RTM_DELADDR ? SIOCDIFADDR : SIOCAIFADDR, &ifra,sizeof(ifra)); 973 return r; 974 } 975 976 #if !(defined(HAVE_IFADDRS_ADDRFLAGS) && defined(HAVE_IFAM_ADDRFLAGS)) 977 int 978 if_addrflags(const struct interface *ifp, const struct in_addr *addr, 979 __unused const char *alias) 980 { 981 #ifdef SIOCGIFAFLAG_IN 982 struct ifreq ifr; 983 struct sockaddr_in *sin; 984 985 memset(&ifr, 0, sizeof(ifr)); 986 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 987 sin = (void *)&ifr.ifr_addr; 988 sin->sin_family = AF_INET; 989 sin->sin_addr = *addr; 990 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFAFLAG_IN, &ifr) == -1) 991 return -1; 992 return ifr.ifr_addrflags; 993 #else 994 UNUSED(ifp); 995 UNUSED(addr); 996 return 0; 997 #endif 998 } 999 #endif 1000 #endif /* INET */ 1001 1002 #ifdef INET6 1003 static int 1004 if_ioctl6(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len) 1005 { 1006 struct priv *priv; 1007 1008 #ifdef PRIVSEP 1009 if (ctx->options & DHCPCD_PRIVSEP) 1010 return (int)ps_root_ioctl6(ctx, req, data, len); 1011 #endif 1012 1013 priv = ctx->priv; 1014 return ioctl(priv->pf_inet6_fd, req, data, len); 1015 } 1016 1017 int 1018 if_address6(unsigned char cmd, const struct ipv6_addr *ia) 1019 { 1020 struct in6_aliasreq ifa = { .ifra_flags = 0 }; 1021 struct in6_addr mask; 1022 struct dhcpcd_ctx *ctx = ia->iface->ctx; 1023 1024 strlcpy(ifa.ifra_name, ia->iface->name, sizeof(ifa.ifra_name)); 1025 #if defined(__FreeBSD__) || defined(__DragonFly__) 1026 /* This is a bug - the kernel should work this out. */ 1027 if (ia->addr_flags & IN6_IFF_TENTATIVE) 1028 ifa.ifra_flags |= IN6_IFF_TENTATIVE; 1029 #endif 1030 #if (defined(__NetBSD__) || defined(__OpenBSD__)) && \ 1031 (defined(IPV6CTL_ACCEPT_RTADV) || defined(ND6_IFF_ACCEPT_RTADV)) 1032 /* These kernels don't accept userland setting IN6_IFF_AUTOCONF */ 1033 #else 1034 if (ia->flags & IPV6_AF_AUTOCONF) 1035 ifa.ifra_flags |= IN6_IFF_AUTOCONF; 1036 #endif 1037 #ifdef IPV6_MANAGETEMPADDR 1038 if (ia->flags & IPV6_AF_TEMPORARY) 1039 ifa.ifra_flags |= IN6_IFF_TEMPORARY; 1040 #endif 1041 1042 #define ADDADDR(v, addr) { \ 1043 (v)->sin6_family = AF_INET6; \ 1044 (v)->sin6_len = sizeof(*v); \ 1045 (v)->sin6_addr = *(addr); \ 1046 } 1047 1048 ADDADDR(&ifa.ifra_addr, &ia->addr); 1049 ipv6_setscope(&ifa.ifra_addr, ia->iface->index); 1050 ipv6_mask(&mask, ia->prefix_len); 1051 ADDADDR(&ifa.ifra_prefixmask, &mask); 1052 1053 #undef ADDADDR 1054 1055 /* 1056 * Every BSD kernel wants to add the prefix of the address to it's 1057 * list of RA received prefixes. 1058 * THIS IS WRONG because there (as the comments in the kernel state) 1059 * is no API for managing prefix lifetime and the kernel should not 1060 * pretend it's from a RA either. 1061 * 1062 * The issue is that the very first assigned prefix will inherit the 1063 * lifetime of the address, but any subsequent alteration of the 1064 * address OR it's lifetime will not affect the prefix lifetime. 1065 * As such, we cannot stop the prefix from timing out and then 1066 * constantly removing the prefix route dhcpcd is capable of adding 1067 * in it's absense. 1068 * 1069 * What we can do to mitigate the issue is to add the address with 1070 * infinite lifetimes, so the prefix route will never time out. 1071 * Once done, we can then set lifetimes on the address and all is good. 1072 * The downside of this approach is that we need to manually remove 1073 * the kernel route because it has no lifetime, but this is OK as 1074 * dhcpcd will handle this too. 1075 * 1076 * This issue is discussed on the NetBSD mailing lists here: 1077 * http://mail-index.netbsd.org/tech-net/2016/08/05/msg006044.html 1078 * 1079 * Fixed in NetBSD-7.99.36 1080 * NOT fixed in FreeBSD - bug 195197 1081 * Fixed in OpenBSD-5.9 1082 */ 1083 1084 #if !((defined(__NetBSD_Version__) && __NetBSD_Version__ >= 799003600) || \ 1085 (defined(__OpenBSD__) && OpenBSD >= 201605)) 1086 if (cmd == RTM_NEWADDR && !(ia->flags & IPV6_AF_ADDED)) { 1087 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1088 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1089 (void)if_ioctl6(ctx, SIOCAIFADDR_IN6, &ifa, sizeof(ifa)); 1090 } 1091 #endif 1092 1093 #if defined(__OpenBSD__) && OpenBSD <= 201705 1094 /* BUT OpenBSD older than 6.2 does not reset the address lifetime 1095 * for subsequent calls... 1096 * Luckily dhcpcd will remove the lease when it expires so 1097 * just set an infinite lifetime, unless a temporary address. */ 1098 if (ifa.ifra_flags & IN6_IFF_PRIVACY) { 1099 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime; 1100 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime; 1101 } else { 1102 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1103 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1104 } 1105 #else 1106 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime; 1107 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime; 1108 #endif 1109 1110 return if_ioctl6(ctx, 1111 cmd == RTM_DELADDR ? SIOCDIFADDR_IN6 : SIOCAIFADDR_IN6, 1112 &ifa, sizeof(ifa)); 1113 } 1114 1115 int 1116 if_addrflags6(const struct interface *ifp, const struct in6_addr *addr, 1117 __unused const char *alias) 1118 { 1119 int flags; 1120 struct in6_ifreq ifr6; 1121 struct priv *priv; 1122 1123 memset(&ifr6, 0, sizeof(ifr6)); 1124 strlcpy(ifr6.ifr_name, ifp->name, sizeof(ifr6.ifr_name)); 1125 ifr6.ifr_addr.sin6_family = AF_INET6; 1126 ifr6.ifr_addr.sin6_addr = *addr; 1127 ipv6_setscope(&ifr6.ifr_addr, ifp->index); 1128 priv = (struct priv *)ifp->ctx->priv; 1129 if (ioctl(priv->pf_inet6_fd, SIOCGIFAFLAG_IN6, &ifr6) != -1) 1130 flags = ifr6.ifr_ifru.ifru_flags6; 1131 else 1132 flags = -1; 1133 return flags; 1134 } 1135 1136 int 1137 if_getlifetime6(struct ipv6_addr *ia) 1138 { 1139 struct in6_ifreq ifr6; 1140 time_t t; 1141 struct in6_addrlifetime *lifetime; 1142 struct priv *priv; 1143 1144 memset(&ifr6, 0, sizeof(ifr6)); 1145 strlcpy(ifr6.ifr_name, ia->iface->name, sizeof(ifr6.ifr_name)); 1146 ifr6.ifr_addr.sin6_family = AF_INET6; 1147 ifr6.ifr_addr.sin6_addr = ia->addr; 1148 ipv6_setscope(&ifr6.ifr_addr, ia->iface->index); 1149 priv = (struct priv *)ia->iface->ctx->priv; 1150 if (ioctl(priv->pf_inet6_fd, SIOCGIFALIFETIME_IN6, &ifr6) == -1) 1151 return -1; 1152 clock_gettime(CLOCK_MONOTONIC, &ia->created); 1153 1154 #if defined(__FreeBSD__) || defined(__DragonFly__) 1155 t = ia->created.tv_sec; 1156 #else 1157 t = time(NULL); 1158 #endif 1159 1160 lifetime = &ifr6.ifr_ifru.ifru_lifetime; 1161 if (lifetime->ia6t_preferred) 1162 ia->prefix_pltime = (uint32_t)(lifetime->ia6t_preferred - 1163 MIN(t, lifetime->ia6t_preferred)); 1164 else 1165 ia->prefix_pltime = ND6_INFINITE_LIFETIME; 1166 if (lifetime->ia6t_expire) { 1167 ia->prefix_vltime = (uint32_t)(lifetime->ia6t_expire - 1168 MIN(t, lifetime->ia6t_expire)); 1169 /* Calculate the created time */ 1170 ia->created.tv_sec -= lifetime->ia6t_vltime - ia->prefix_vltime; 1171 } else 1172 ia->prefix_vltime = ND6_INFINITE_LIFETIME; 1173 return 0; 1174 } 1175 #endif 1176 1177 static int 1178 if_announce(struct dhcpcd_ctx *ctx, const struct if_announcemsghdr *ifan) 1179 { 1180 1181 if (ifan->ifan_msglen < sizeof(*ifan)) { 1182 errno = EINVAL; 1183 return -1; 1184 } 1185 1186 switch(ifan->ifan_what) { 1187 case IFAN_ARRIVAL: 1188 return dhcpcd_handleinterface(ctx, 1, ifan->ifan_name); 1189 case IFAN_DEPARTURE: 1190 return dhcpcd_handleinterface(ctx, -1, ifan->ifan_name); 1191 } 1192 1193 return 0; 1194 } 1195 1196 static int 1197 if_ifinfo(struct dhcpcd_ctx *ctx, const struct if_msghdr *ifm) 1198 { 1199 struct interface *ifp; 1200 int link_state; 1201 1202 if (ifm->ifm_msglen < sizeof(*ifm)) { 1203 errno = EINVAL; 1204 return -1; 1205 } 1206 1207 if ((ifp = if_findindex(ctx->ifaces, ifm->ifm_index)) == NULL) 1208 return 0; 1209 1210 link_state = if_carrier(ifp, &ifm->ifm_data); 1211 dhcpcd_handlecarrier(ifp, link_state, (unsigned int)ifm->ifm_flags); 1212 return 0; 1213 } 1214 1215 static int 1216 if_rtm(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm) 1217 { 1218 struct rt rt; 1219 1220 if (rtm->rtm_msglen < sizeof(*rtm)) { 1221 errno = EINVAL; 1222 return -1; 1223 } 1224 1225 /* Ignore errors. */ 1226 if (rtm->rtm_errno != 0) 1227 return 0; 1228 1229 /* Ignore messages from ourself. */ 1230 #ifdef PRIVSEP 1231 if (ctx->ps_root_pid != 0) { 1232 if (rtm->rtm_pid == ctx->ps_root_pid) 1233 return 0; 1234 } 1235 #endif 1236 1237 if (if_copyrt(ctx, &rt, rtm) == -1) 1238 return errno == ENOTSUP ? 0 : -1; 1239 1240 #ifdef INET6 1241 /* 1242 * BSD announces host routes. 1243 * As such, we should be notified of reachability by its 1244 * existance with a hardware address. 1245 * Ensure we don't call this for a newly incomplete state. 1246 */ 1247 if (rt.rt_dest.sa_family == AF_INET6 && 1248 (rt.rt_flags & RTF_HOST || rtm->rtm_type == RTM_MISS) && 1249 !(rtm->rtm_type == RTM_ADD && !(rt.rt_dflags & RTDF_GATELINK))) 1250 { 1251 bool reachable; 1252 1253 reachable = (rtm->rtm_type == RTM_ADD || 1254 rtm->rtm_type == RTM_CHANGE) && 1255 rt.rt_dflags & RTDF_GATELINK; 1256 ipv6nd_neighbour(ctx, &rt.rt_ss_dest.sin6.sin6_addr, reachable); 1257 } 1258 #endif 1259 1260 if (rtm->rtm_type != RTM_MISS && if_realroute(rtm)) 1261 rt_recvrt(rtm->rtm_type, &rt, rtm->rtm_pid); 1262 return 0; 1263 } 1264 1265 static int 1266 if_ifa(struct dhcpcd_ctx *ctx, const struct ifa_msghdr *ifam) 1267 { 1268 struct interface *ifp; 1269 const struct sockaddr *rti_info[RTAX_MAX]; 1270 int flags; 1271 pid_t pid; 1272 1273 if (ifam->ifam_msglen < sizeof(*ifam)) { 1274 errno = EINVAL; 1275 return -1; 1276 } 1277 1278 #ifdef HAVE_IFAM_PID 1279 /* Ignore address deletions from ourself. 1280 * We need to process address flag changes though. */ 1281 if (ifam->ifam_type == RTM_DELADDR) { 1282 #ifdef PRIVSEP 1283 if (ctx->ps_root_pid != 0) { 1284 if (ifam->ifam_pid == ctx->ps_root_pid) 1285 return 0; 1286 } else 1287 #endif 1288 /* address management is done via ioctl, 1289 * so SO_USELOOPBACK has no effect, 1290 * so we do need to check the pid. */ 1291 if (ifam->ifam_pid == getpid()) 1292 return 0; 1293 } 1294 pid = ifam->ifam_pid; 1295 #else 1296 pid = 0; 1297 #endif 1298 1299 if (~ifam->ifam_addrs & RTA_IFA) 1300 return 0; 1301 if ((ifp = if_findindex(ctx->ifaces, ifam->ifam_index)) == NULL) 1302 return 0; 1303 1304 if (get_addrs(ifam->ifam_addrs, (const char *)ifam + sizeof(*ifam), 1305 ifam->ifam_msglen - sizeof(*ifam), rti_info) == -1) 1306 return -1; 1307 1308 switch (rti_info[RTAX_IFA]->sa_family) { 1309 case AF_LINK: 1310 { 1311 struct sockaddr_dl sdl; 1312 1313 #ifdef RTM_CHGADDR 1314 if (ifam->ifam_type != RTM_CHGADDR) 1315 break; 1316 #else 1317 if (ifam->ifam_type != RTM_NEWADDR) 1318 break; 1319 #endif 1320 memcpy(&sdl, rti_info[RTAX_IFA], rti_info[RTAX_IFA]->sa_len); 1321 dhcpcd_handlehwaddr(ifp, ifp->hwtype, 1322 CLLADDR(&sdl), sdl.sdl_alen); 1323 break; 1324 } 1325 #ifdef INET 1326 case AF_INET: 1327 case 255: /* FIXME: Why 255? */ 1328 { 1329 const struct sockaddr_in *sin; 1330 struct in_addr addr, mask, bcast; 1331 1332 sin = (const void *)rti_info[RTAX_IFA]; 1333 addr.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1334 sin->sin_addr.s_addr : INADDR_ANY; 1335 sin = (const void *)rti_info[RTAX_NETMASK]; 1336 mask.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1337 sin->sin_addr.s_addr : INADDR_ANY; 1338 sin = (const void *)rti_info[RTAX_BRD]; 1339 bcast.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1340 sin->sin_addr.s_addr : INADDR_ANY; 1341 1342 /* 1343 * NetBSD-7 and older send an invalid broadcast address. 1344 * So we need to query the actual address to get 1345 * the right one. 1346 * We can also use this to test if the address 1347 * has really been added or deleted. 1348 */ 1349 #ifdef SIOCGIFALIAS 1350 struct in_aliasreq ifra; 1351 1352 memset(&ifra, 0, sizeof(ifra)); 1353 strlcpy(ifra.ifra_name, ifp->name, sizeof(ifra.ifra_name)); 1354 ifra.ifra_addr.sin_family = AF_INET; 1355 ifra.ifra_addr.sin_len = sizeof(ifra.ifra_addr); 1356 ifra.ifra_addr.sin_addr = addr; 1357 if (ioctl(ctx->pf_inet_fd, SIOCGIFALIAS, &ifra) == -1) { 1358 if (errno != ENXIO && errno != EADDRNOTAVAIL) 1359 logerr("%s: SIOCGIFALIAS", __func__); 1360 if (ifam->ifam_type != RTM_DELADDR) 1361 break; 1362 } else { 1363 if (ifam->ifam_type == RTM_DELADDR) 1364 break; 1365 #if defined(__NetBSD_Version__) && __NetBSD_Version__ < 800000000 1366 bcast = ifra.ifra_broadaddr.sin_addr; 1367 #endif 1368 } 1369 #else 1370 #warning No SIOCGIFALIAS support 1371 /* 1372 * No SIOCGIFALIAS? That sucks! 1373 * This makes this call very heavy weight, but we 1374 * really need to know if the message is late or not. 1375 */ 1376 const struct sockaddr *sa; 1377 struct ifaddrs *ifaddrs = NULL, *ifa; 1378 1379 sa = rti_info[RTAX_IFA]; 1380 #ifdef PRIVSEP_GETIFADDRS 1381 if (IN_PRIVSEP(ctx)) { 1382 if (ps_root_getifaddrs(ctx, &ifaddrs) == -1) { 1383 logerr("ps_root_getifaddrs"); 1384 break; 1385 } 1386 } else 1387 #endif 1388 if (getifaddrs(&ifaddrs) == -1) { 1389 logerr("getifaddrs"); 1390 break; 1391 } 1392 for (ifa = ifaddrs; ifa; ifa = ifa->ifa_next) { 1393 if (ifa->ifa_addr == NULL) 1394 continue; 1395 if (sa_cmp(ifa->ifa_addr, sa) == 0 && 1396 strcmp(ifa->ifa_name, ifp->name) == 0) 1397 break; 1398 } 1399 #ifdef PRIVSEP_GETIFADDRS 1400 if (IN_PRIVSEP(ctx)) 1401 free(ifaddrs); 1402 else 1403 #endif 1404 freeifaddrs(ifaddrs); 1405 if (ifam->ifam_type == RTM_DELADDR) { 1406 if (ifa != NULL) 1407 break; 1408 } else { 1409 if (ifa == NULL) 1410 break; 1411 } 1412 #endif 1413 1414 #ifdef HAVE_IFAM_ADDRFLAGS 1415 flags = ifam->ifam_addrflags; 1416 #else 1417 flags = 0; 1418 #endif 1419 1420 ipv4_handleifa(ctx, ifam->ifam_type, NULL, ifp->name, 1421 &addr, &mask, &bcast, flags, pid); 1422 break; 1423 } 1424 #endif 1425 #ifdef INET6 1426 case AF_INET6: 1427 { 1428 struct in6_addr addr6, mask6; 1429 const struct sockaddr_in6 *sin6; 1430 1431 sin6 = (const void *)rti_info[RTAX_IFA]; 1432 addr6 = sin6->sin6_addr; 1433 sin6 = (const void *)rti_info[RTAX_NETMASK]; 1434 mask6 = sin6->sin6_addr; 1435 1436 /* 1437 * If the address was deleted, lets check if it's 1438 * a late message and it still exists (maybe modified). 1439 * If so, ignore it as deleting an address causes 1440 * dhcpcd to drop any lease to which it belongs. 1441 * Also check an added address was really added. 1442 */ 1443 flags = if_addrflags6(ifp, &addr6, NULL); 1444 if (flags == -1) { 1445 if (errno != ENXIO && errno != EADDRNOTAVAIL) 1446 logerr("%s: if_addrflags6", __func__); 1447 if (ifam->ifam_type != RTM_DELADDR) 1448 break; 1449 flags = 0; 1450 } else if (ifam->ifam_type == RTM_DELADDR) 1451 break; 1452 1453 #ifdef __KAME__ 1454 if (IN6_IS_ADDR_LINKLOCAL(&addr6)) 1455 /* Remove the scope from the address */ 1456 addr6.s6_addr[2] = addr6.s6_addr[3] = '\0'; 1457 #endif 1458 1459 ipv6_handleifa(ctx, ifam->ifam_type, NULL, 1460 ifp->name, &addr6, ipv6_prefixlen(&mask6), flags, pid); 1461 break; 1462 } 1463 #endif 1464 } 1465 1466 return 0; 1467 } 1468 1469 static int 1470 if_dispatch(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm) 1471 { 1472 1473 if (rtm->rtm_version != RTM_VERSION) 1474 return 0; 1475 1476 switch(rtm->rtm_type) { 1477 #ifdef RTM_IFANNOUNCE 1478 case RTM_IFANNOUNCE: 1479 return if_announce(ctx, (const void *)rtm); 1480 #endif 1481 case RTM_IFINFO: 1482 return if_ifinfo(ctx, (const void *)rtm); 1483 case RTM_ADD: /* FALLTHROUGH */ 1484 case RTM_CHANGE: /* FALLTHROUGH */ 1485 case RTM_DELETE: /* FALLTHROUGH */ 1486 case RTM_MISS: 1487 return if_rtm(ctx, (const void *)rtm); 1488 #ifdef RTM_CHGADDR 1489 case RTM_CHGADDR: /* FALLTHROUGH */ 1490 #endif 1491 case RTM_DELADDR: /* FALLTHROUGH */ 1492 case RTM_NEWADDR: 1493 return if_ifa(ctx, (const void *)rtm); 1494 #ifdef RTM_DESYNC 1495 case RTM_DESYNC: 1496 dhcpcd_linkoverflow(ctx); 1497 #elif !defined(SO_RERROR) 1498 #warning cannot detect route socket overflow within kernel 1499 #endif 1500 } 1501 1502 return 0; 1503 } 1504 1505 static int 1506 if_missfilter0(struct dhcpcd_ctx *ctx, struct interface *ifp, 1507 struct sockaddr *sa) 1508 { 1509 size_t salen = (size_t)RT_ROUNDUP(sa->sa_len); 1510 size_t newlen = ctx->rt_missfilterlen + salen; 1511 size_t diff = salen - (sa->sa_len); 1512 uint8_t *cp; 1513 1514 if (ctx->rt_missfiltersize < newlen) { 1515 void *n = realloc(ctx->rt_missfilter, newlen); 1516 if (n == NULL) 1517 return -1; 1518 ctx->rt_missfilter = n; 1519 ctx->rt_missfiltersize = newlen; 1520 } 1521 1522 #ifdef INET6 1523 if (sa->sa_family == AF_INET6) 1524 ipv6_setscope(satosin6(sa), ifp->index); 1525 #else 1526 UNUSED(ifp); 1527 #endif 1528 1529 cp = ctx->rt_missfilter + ctx->rt_missfilterlen; 1530 memcpy(cp, sa, sa->sa_len); 1531 if (diff != 0) 1532 memset(cp + sa->sa_len, 0, diff); 1533 ctx->rt_missfilterlen += salen; 1534 1535 #ifdef INET6 1536 if (sa->sa_family == AF_INET6) 1537 ipv6_setscope(satosin6(sa), 0); 1538 #endif 1539 1540 return 0; 1541 } 1542 1543 int 1544 if_missfilter(struct interface *ifp, struct sockaddr *sa) 1545 { 1546 1547 return if_missfilter0(ifp->ctx, ifp, sa); 1548 } 1549 1550 int 1551 if_missfilter_apply(struct dhcpcd_ctx *ctx) 1552 { 1553 #ifdef RO_MISSFILTER 1554 if (ctx->rt_missfilterlen == 0) { 1555 struct sockaddr sa = { 1556 .sa_family = AF_UNSPEC, 1557 .sa_len = sizeof(sa), 1558 }; 1559 1560 if (if_missfilter0(ctx, NULL, &sa) == -1) 1561 return -1; 1562 } 1563 1564 return setsockopt(ctx->link_fd, PF_ROUTE, RO_MISSFILTER, 1565 ctx->rt_missfilter, (socklen_t)ctx->rt_missfilterlen); 1566 #else 1567 #warning kernel does not support RTM_MISS DST filtering 1568 UNUSED(ctx); 1569 errno = ENOTSUP; 1570 return -1; 1571 #endif 1572 } 1573 1574 __CTASSERT(offsetof(struct rt_msghdr, rtm_msglen) == 0); 1575 int 1576 if_handlelink(struct dhcpcd_ctx *ctx) 1577 { 1578 struct rtm rtm; 1579 ssize_t len; 1580 1581 len = read(ctx->link_fd, &rtm, sizeof(rtm)); 1582 if (len == -1) 1583 return -1; 1584 if (len == 0) 1585 return 0; 1586 if ((size_t)len < sizeof(rtm.hdr.rtm_msglen) || 1587 len != rtm.hdr.rtm_msglen) 1588 { 1589 errno = EINVAL; 1590 return -1; 1591 } 1592 /* 1593 * Coverity thinks that the data could be tainted from here. 1594 * I have no idea how because the length of the data we read 1595 * is guarded by len and checked to match rtm_msglen. 1596 * The issue seems to be related to extracting the addresses 1597 * at the end of the header, but seems to have no issues with the 1598 * equivalent call in if_initrt. 1599 */ 1600 /* coverity[tainted_data] */ 1601 return if_dispatch(ctx, &rtm.hdr); 1602 } 1603 1604 #ifndef SYS_NMLN /* OSX */ 1605 # define SYS_NMLN __SYS_NAMELEN 1606 #endif 1607 #ifndef HW_MACHINE_ARCH 1608 # ifdef HW_MODEL /* OpenBSD */ 1609 # define HW_MACHINE_ARCH HW_MODEL 1610 # endif 1611 #endif 1612 int 1613 if_machinearch(char *str, size_t len) 1614 { 1615 int mib[2] = { CTL_HW, HW_MACHINE_ARCH }; 1616 1617 return sysctl(mib, sizeof(mib) / sizeof(mib[0]), str, &len, NULL, 0); 1618 } 1619 1620 #ifdef INET6 1621 #if (defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)) || \ 1622 defined(IPV6CTL_FORWARDING) 1623 #define get_inet6_sysctl(code) inet6_sysctl(code, 0, 0) 1624 #define set_inet6_sysctl(code, val) inet6_sysctl(code, val, 1) 1625 static int 1626 inet6_sysctl(int code, int val, int action) 1627 { 1628 int mib[] = { CTL_NET, PF_INET6, IPPROTO_IPV6, 0 }; 1629 size_t size; 1630 1631 mib[3] = code; 1632 size = sizeof(val); 1633 if (action) { 1634 if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), 1635 NULL, 0, &val, size) == -1) 1636 return -1; 1637 return 0; 1638 } 1639 if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &val, &size, NULL, 0) == -1) 1640 return -1; 1641 return val; 1642 } 1643 #endif 1644 1645 int 1646 if_applyra(const struct ra *rap) 1647 { 1648 #ifdef SIOCSIFINFO_IN6 1649 struct in6_ndireq nd = { .ndi.chlim = 0 }; 1650 struct dhcpcd_ctx *ctx = rap->iface->ctx; 1651 int error; 1652 1653 strlcpy(nd.ifname, rap->iface->name, sizeof(nd.ifname)); 1654 1655 #ifdef IPV6CTL_ACCEPT_RTADV 1656 struct priv *priv = ctx->priv; 1657 1658 /* 1659 * NetBSD changed SIOCSIFINFO_IN6 to NOT set flags when kernel 1660 * RA was removed, however both FreeBSD and DragonFlyBSD still do. 1661 * linkmtu was also removed. 1662 * Hopefully this guard will still work if either remove kernel RA. 1663 */ 1664 if (ioctl(priv->pf_inet6_fd, SIOCGIFINFO_IN6, &nd, sizeof(nd)) == -1) 1665 return -1; 1666 1667 nd.ndi.linkmtu = rap->mtu; 1668 #endif 1669 1670 nd.ndi.chlim = rap->hoplimit; 1671 nd.ndi.retrans = rap->retrans; 1672 nd.ndi.basereachable = rap->reachable; 1673 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd)); 1674 #ifdef IPV6CTL_ACCEPT_RTADV 1675 if (error == -1 && errno == EINVAL) { 1676 /* 1677 * Very likely that this is caused by a dodgy MTU 1678 * setting specific to the interface. 1679 * Let's set it to "unspecified" and try again. 1680 * Doesn't really matter as we fix the MTU against the 1681 * routes we add as not all OS support SIOCSIFINFO_IN6. 1682 */ 1683 nd.ndi.linkmtu = 0; 1684 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd)); 1685 } 1686 #endif 1687 return error; 1688 #else 1689 #warning OS does not allow setting of RA bits hoplimit, retrans or reachable 1690 UNUSED(rap); 1691 return 0; 1692 #endif 1693 } 1694 1695 #ifndef IPV6CTL_FORWARDING 1696 #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0) 1697 #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1) 1698 static int 1699 inet6_sysctlbyname(const char *name, int val, int action) 1700 { 1701 size_t size; 1702 1703 size = sizeof(val); 1704 if (action) { 1705 if (sysctlbyname(name, NULL, 0, &val, size) == -1) 1706 return -1; 1707 return 0; 1708 } 1709 if (sysctlbyname(name, &val, &size, NULL, 0) == -1) 1710 return -1; 1711 return val; 1712 } 1713 #endif 1714 1715 int 1716 ip6_forwarding(__unused const char *ifname) 1717 { 1718 int val; 1719 1720 #ifdef IPV6CTL_FORWARDING 1721 val = get_inet6_sysctl(IPV6CTL_FORWARDING); 1722 #else 1723 val = get_inet6_sysctlbyname("net.inet6.ip6.forwarding"); 1724 #endif 1725 return val < 0 ? 0 : val; 1726 } 1727 1728 #ifdef SIOCIFAFATTACH 1729 static int 1730 if_af_attach(const struct interface *ifp, int af) 1731 { 1732 struct if_afreq ifar; 1733 1734 strlcpy(ifar.ifar_name, ifp->name, sizeof(ifar.ifar_name)); 1735 ifar.ifar_af = af; 1736 return if_ioctl6(ifp->ctx, SIOCIFAFATTACH, &ifar, sizeof(ifar)); 1737 } 1738 #endif 1739 1740 #ifdef SIOCGIFXFLAGS 1741 static int 1742 if_set_ifxflags(const struct interface *ifp) 1743 { 1744 struct ifreq ifr; 1745 int flags; 1746 struct priv *priv = ifp->ctx->priv; 1747 1748 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 1749 if (ioctl(priv->pf_inet6_fd, SIOCGIFXFLAGS, &ifr) == -1) 1750 return -1; 1751 flags = ifr.ifr_flags; 1752 #ifdef IFXF_NOINET6 1753 flags &= ~IFXF_NOINET6; 1754 #endif 1755 /* 1756 * If not doing autoconf, don't disable the kernel from doing it. 1757 * If we need to, we should have another option actively disable it. 1758 * 1759 * OpenBSD moved from kernel based SLAAC to userland via slaacd(8). 1760 * It has a similar featureset to dhcpcd such as stable private 1761 * addresses, but lacks the ability to handle DNS inside the RA 1762 * which is a serious shortfall in this day and age. 1763 * Appease their user base by working alongside slaacd(8) if 1764 * dhcpcd is instructed not to do auto configuration of addresses. 1765 */ 1766 #if defined(ND6_IFF_ACCEPT_RTADV) 1767 #define BSD_AUTOCONF DHCPCD_IPV6RS 1768 #else 1769 #define BSD_AUTOCONF DHCPCD_IPV6RA_AUTOCONF 1770 #endif 1771 if (ifp->options->options & BSD_AUTOCONF) 1772 flags &= ~IFXF_AUTOCONF6; 1773 if (ifr.ifr_flags == flags) 1774 return 0; 1775 ifr.ifr_flags = flags; 1776 return if_ioctl6(ifp->ctx, SIOCSIFXFLAGS, &ifr, sizeof(ifr)); 1777 } 1778 #endif 1779 1780 /* OpenBSD removed ND6 flags entirely, so we need to check for their 1781 * existance. */ 1782 #if defined(ND6_IFF_AUTO_LINKLOCAL) || \ 1783 defined(ND6_IFF_PERFORMNUD) || \ 1784 defined(ND6_IFF_ACCEPT_RTADV) || \ 1785 defined(ND6_IFF_OVERRIDE_RTADV) || \ 1786 defined(ND6_IFF_IFDISABLED) 1787 #define ND6_NDI_FLAGS 1788 #endif 1789 1790 void 1791 if_disable_rtadv(void) 1792 { 1793 #if defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV) 1794 int ra = get_inet6_sysctl(IPV6CTL_ACCEPT_RTADV); 1795 1796 if (ra == -1) { 1797 if (errno != ENOENT) 1798 logerr("IPV6CTL_ACCEPT_RTADV"); 1799 else if (ra != 0) 1800 if (set_inet6_sysctl(IPV6CTL_ACCEPT_RTADV, 0) == -1) 1801 logerr("IPV6CTL_ACCEPT_RTADV"); 1802 } 1803 #endif 1804 } 1805 1806 void 1807 if_setup_inet6(const struct interface *ifp) 1808 { 1809 struct priv *priv; 1810 int s; 1811 #ifdef ND6_NDI_FLAGS 1812 struct in6_ndireq nd; 1813 int flags; 1814 #endif 1815 1816 priv = (struct priv *)ifp->ctx->priv; 1817 s = priv->pf_inet6_fd; 1818 1819 #ifdef ND6_NDI_FLAGS 1820 memset(&nd, 0, sizeof(nd)); 1821 strlcpy(nd.ifname, ifp->name, sizeof(nd.ifname)); 1822 if (ioctl(s, SIOCGIFINFO_IN6, &nd) == -1) 1823 logerr("%s: SIOCGIFINFO_FLAGS", ifp->name); 1824 flags = (int)nd.ndi.flags; 1825 #endif 1826 1827 #ifdef ND6_IFF_AUTO_LINKLOCAL 1828 /* Unlike the kernel, dhcpcd make make a stable private address. */ 1829 flags &= ~ND6_IFF_AUTO_LINKLOCAL; 1830 #endif 1831 1832 #ifdef ND6_IFF_PERFORMNUD 1833 /* NUD is kind of essential. */ 1834 flags |= ND6_IFF_PERFORMNUD; 1835 #endif 1836 1837 #ifdef ND6_IFF_IFDISABLED 1838 /* Ensure the interface is not disabled. */ 1839 flags &= ~ND6_IFF_IFDISABLED; 1840 #endif 1841 1842 /* 1843 * If not doing autoconf, don't disable the kernel from doing it. 1844 * If we need to, we should have another option actively disable it. 1845 */ 1846 #ifdef ND6_IFF_ACCEPT_RTADV 1847 if (ifp->options->options & DHCPCD_IPV6RS) 1848 flags &= ~ND6_IFF_ACCEPT_RTADV; 1849 #ifdef ND6_IFF_OVERRIDE_RTADV 1850 if (ifp->options->options & DHCPCD_IPV6RS) 1851 flags |= ND6_IFF_OVERRIDE_RTADV; 1852 #endif 1853 #endif 1854 1855 #ifdef ND6_NDI_FLAGS 1856 if (nd.ndi.flags != (uint32_t)flags) { 1857 nd.ndi.flags = (uint32_t)flags; 1858 if (if_ioctl6(ifp->ctx, SIOCSIFINFO_FLAGS, 1859 &nd, sizeof(nd)) == -1) 1860 logerr("%s: SIOCSIFINFO_FLAGS", ifp->name); 1861 } 1862 #endif 1863 1864 /* Enabling IPv6 by whatever means must be the 1865 * last action undertaken to ensure kernel RS and 1866 * LLADDR auto configuration are disabled where applicable. */ 1867 #ifdef SIOCIFAFATTACH 1868 if (if_af_attach(ifp, AF_INET6) == -1) 1869 logerr("%s: if_af_attach", ifp->name); 1870 #endif 1871 1872 #ifdef SIOCGIFXFLAGS 1873 if (if_set_ifxflags(ifp) == -1) 1874 logerr("%s: set_ifxflags", ifp->name); 1875 #endif 1876 1877 #ifdef SIOCSRTRFLUSH_IN6 1878 /* Flush the kernel knowledge of advertised routers 1879 * and prefixes so the kernel does not expire prefixes 1880 * and default routes we are trying to own. */ 1881 if (ifp->options->options & DHCPCD_IPV6RS) { 1882 struct in6_ifreq ifr; 1883 1884 memset(&ifr, 0, sizeof(ifr)); 1885 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 1886 if (if_ioctl6(ifp->ctx, SIOCSRTRFLUSH_IN6, 1887 &ifr, sizeof(ifr)) == -1 && 1888 errno != ENOTSUP && errno != ENOTTY) 1889 logwarn("SIOCSRTRFLUSH_IN6 %d", errno); 1890 #ifdef SIOCSPFXFLUSH_IN6 1891 if (if_ioctl6(ifp->ctx, SIOCSPFXFLUSH_IN6, 1892 &ifr, sizeof(ifr)) == -1 && 1893 errno != ENOTSUP && errno != ENOTTY) 1894 logwarn("SIOCSPFXFLUSH_IN6"); 1895 #endif 1896 } 1897 #endif 1898 } 1899 #endif 1900