1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * BSD interface driver for dhcpcd 4 * Copyright (c) 2006-2023 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/ioctl.h> 30 #include <sys/param.h> 31 #include <sys/socket.h> 32 #include <sys/stat.h> 33 #include <sys/sysctl.h> 34 #include <sys/time.h> 35 #include <sys/types.h> 36 #include <sys/uio.h> 37 #include <sys/utsname.h> 38 39 #include "config.h" 40 41 #include <arpa/inet.h> 42 #include <net/bpf.h> 43 #include <net/if.h> 44 #include <net/if_dl.h> 45 #include <net/if_media.h> 46 #include <net/route.h> 47 #include <netinet/if_ether.h> 48 #include <netinet/in.h> 49 #include <netinet/in_var.h> 50 #include <netinet6/in6_var.h> 51 #include <netinet6/nd6.h> 52 #ifdef __NetBSD__ 53 #include <net/if_vlanvar.h> /* Needs netinet/if_ether.h */ 54 #elif defined(__DragonFly__) 55 #include <net/vlan/if_vlan_var.h> 56 #else 57 #include <net/if_vlan_var.h> 58 #endif 59 #ifdef __DragonFly__ 60 # include <netproto/802_11/ieee80211_ioctl.h> 61 #else 62 # include <net80211/ieee80211.h> 63 # include <net80211/ieee80211_ioctl.h> 64 #endif 65 66 #include <assert.h> 67 #include <errno.h> 68 #include <fcntl.h> 69 #include <fnmatch.h> 70 #include <paths.h> 71 #include <stddef.h> 72 #include <stdio.h> 73 #include <stdlib.h> 74 #include <string.h> 75 #include <unistd.h> 76 77 #if defined(OpenBSD) && OpenBSD >= 201411 78 /* OpenBSD dropped the global setting from sysctl but left the #define 79 * which causes a EPERM error when trying to use it. 80 * I think both the error and keeping the define are wrong, so we #undef it. */ 81 #undef IPV6CTL_ACCEPT_RTADV 82 #endif 83 84 #include "common.h" 85 #include "dhcp.h" 86 #include "if.h" 87 #include "if-options.h" 88 #include "ipv4.h" 89 #include "ipv4ll.h" 90 #include "ipv6.h" 91 #include "ipv6nd.h" 92 #include "logerr.h" 93 #include "privsep.h" 94 #include "route.h" 95 #include "sa.h" 96 97 #ifndef RT_ROUNDUP 98 #define RT_ROUNDUP(a) \ 99 ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long)) 100 #define RT_ADVANCE(x, n) (x += RT_ROUNDUP((n)->sa_len)) 101 #endif 102 103 /* Ignore these interface names which look like ethernet but are virtual or 104 * just won't work without explicit configuration. */ 105 static const char * const ifnames_ignore[] = { 106 "bridge", 107 "epair", /* Virtual patch cable */ 108 "fwe", /* Firewire */ 109 "fwip", /* Firewire */ 110 "tap", 111 "vether", 112 "xvif", /* XEN DOM0 -> guest interface */ 113 NULL 114 }; 115 116 struct rtm 117 { 118 struct rt_msghdr hdr; 119 char buffer[sizeof(struct sockaddr_storage) * RTAX_MAX]; 120 }; 121 122 int 123 os_init(void) 124 { 125 return 0; 126 } 127 128 int 129 if_init(__unused struct interface *iface) 130 { 131 /* BSD promotes secondary address by default */ 132 return 0; 133 } 134 135 int 136 if_conf(__unused struct interface *iface) 137 { 138 /* No extra checks needed on BSD */ 139 return 0; 140 } 141 142 int 143 if_opensockets_os(struct dhcpcd_ctx *ctx) 144 { 145 struct priv *priv; 146 int n; 147 #if defined(RO_MSGFILTER) || defined(ROUTE_MSGFILTER) 148 unsigned char msgfilter[] = { 149 RTM_IFINFO, 150 #ifdef RTM_IFANNOUNCE 151 RTM_IFANNOUNCE, 152 #endif 153 RTM_ADD, RTM_CHANGE, RTM_DELETE, RTM_MISS, 154 #ifdef RTM_CHGADDR 155 RTM_CHGADDR, 156 #endif 157 RTM_NEWADDR, RTM_DELADDR 158 }; 159 #ifdef ROUTE_MSGFILTER 160 unsigned int i, msgfilter_mask; 161 #endif 162 #endif 163 164 if ((priv = malloc(sizeof(*priv))) == NULL) 165 return -1; 166 ctx->priv = priv; 167 168 #ifdef INET6 169 priv->pf_inet6_fd = xsocket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0); 170 #ifdef PRIVSEP_RIGHTS 171 if (IN_PRIVSEP(ctx)) 172 ps_rights_limit_ioctl(priv->pf_inet6_fd); 173 #endif 174 /* Don't return an error so we at least work on kernels witout INET6 175 * even though we expect INET6 support. 176 * We will fail noisily elsewhere anyway. */ 177 #else 178 priv->pf_inet6_fd = -1; 179 #endif 180 181 ctx->link_fd = xsocket(PF_ROUTE, SOCK_RAW | SOCK_CXNB, AF_UNSPEC); 182 if (ctx->link_fd == -1) 183 return -1; 184 185 #ifdef SO_RERROR 186 n = 1; 187 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_RERROR, &n,sizeof(n)) == -1) 188 logerr("%s: SO_RERROR", __func__); 189 #endif 190 191 /* Ignore our own route(4) messages. 192 * Sadly there is no way of doing this for route(4) messages 193 * generated from addresses we add/delete. */ 194 n = 0; 195 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_USELOOPBACK, 196 &n, sizeof(n)) == -1) 197 logerr("%s: SO_USELOOPBACK", __func__); 198 199 #if defined(RO_MSGFILTER) 200 if (setsockopt(ctx->link_fd, PF_ROUTE, RO_MSGFILTER, 201 &msgfilter, sizeof(msgfilter)) == -1) 202 logerr(__func__); 203 #elif defined(ROUTE_MSGFILTER) 204 /* Convert the array into a bitmask. */ 205 msgfilter_mask = 0; 206 for (i = 0; i < __arraycount(msgfilter); i++) 207 msgfilter_mask |= ROUTE_FILTER(msgfilter[i]); 208 if (setsockopt(ctx->link_fd, PF_ROUTE, ROUTE_MSGFILTER, 209 &msgfilter_mask, sizeof(msgfilter_mask)) == -1) 210 logerr(__func__); 211 #else 212 #warning kernel does not support route message filtering 213 #endif 214 215 #ifdef PRIVSEP_RIGHTS 216 /* We need to getsockopt for SO_RCVBUF and 217 * setsockopt for RO_MISSFILTER. */ 218 if (IN_PRIVSEP(ctx)) 219 ps_rights_limit_fd_sockopt(ctx->link_fd); 220 #endif 221 222 223 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 224 priv->pf_link_fd = socket(PF_LINK, SOCK_DGRAM, 0); 225 if (priv->pf_link_fd == -1) 226 logerr("%s: socket(PF_LINK)", __func__); 227 #endif 228 return 0; 229 } 230 231 void 232 if_closesockets_os(struct dhcpcd_ctx *ctx) 233 { 234 struct priv *priv; 235 236 priv = (struct priv *)ctx->priv; 237 if (priv->pf_inet6_fd != -1) 238 close(priv->pf_inet6_fd); 239 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 240 if (priv->pf_link_fd != -1) 241 close(priv->pf_link_fd); 242 #endif 243 free(priv); 244 ctx->priv = NULL; 245 free(ctx->rt_missfilter); 246 } 247 248 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 249 static int 250 if_ioctllink(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len) 251 { 252 struct priv *priv = (struct priv *)ctx->priv; 253 254 #ifdef PRIVSEP 255 if (ctx->options & DHCPCD_PRIVSEP) 256 return (int)ps_root_ioctllink(ctx, req, data, len); 257 #endif 258 259 return ioctl(priv->pf_link_fd, req, data, len); 260 } 261 #endif 262 263 int 264 if_setmac(struct interface *ifp, void *mac, uint8_t maclen) 265 { 266 267 if (ifp->hwlen != maclen) { 268 errno = EINVAL; 269 return -1; 270 } 271 272 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */ 273 struct if_laddrreq iflr = { .flags = IFLR_ACTIVE }; 274 struct sockaddr_dl *sdl = satosdl(&iflr.addr); 275 int retval; 276 277 strlcpy(iflr.iflr_name, ifp->name, sizeof(iflr.iflr_name)); 278 sdl->sdl_family = AF_LINK; 279 sdl->sdl_len = sizeof(*sdl); 280 sdl->sdl_alen = maclen; 281 memcpy(LLADDR(sdl), mac, maclen); 282 retval = if_ioctllink(ifp->ctx, SIOCALIFADDR, &iflr, sizeof(iflr)); 283 284 /* Try and remove the old address */ 285 memcpy(LLADDR(sdl), ifp->hwaddr, ifp->hwlen); 286 if_ioctllink(ifp->ctx, SIOCDLIFADDR, &iflr, sizeof(iflr)); 287 288 return retval; 289 #else 290 struct ifreq ifr = { 291 .ifr_addr.sa_family = AF_LINK, 292 .ifr_addr.sa_len = maclen, 293 }; 294 295 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 296 memcpy(ifr.ifr_addr.sa_data, mac, maclen); 297 return if_ioctl(ifp->ctx, SIOCSIFLLADDR, &ifr, sizeof(ifr)); 298 #endif 299 } 300 301 static bool 302 if_ignore1(const char *drvname) 303 { 304 const char * const *p; 305 306 for (p = ifnames_ignore; *p; p++) { 307 if (strcmp(*p, drvname) == 0) 308 return true; 309 } 310 return false; 311 } 312 313 #ifdef SIOCGIFGROUP 314 int 315 if_ignoregroup(int s, const char *ifname) 316 { 317 struct ifgroupreq ifgr = { .ifgr_len = 0 }; 318 struct ifg_req *ifg; 319 size_t ifg_len; 320 321 /* Sadly it is possible to remove the device name 322 * from the interface groups, but hopefully this 323 * will be very unlikely.... */ 324 325 strlcpy(ifgr.ifgr_name, ifname, sizeof(ifgr.ifgr_name)); 326 if (ioctl(s, SIOCGIFGROUP, &ifgr) == -1 || 327 (ifgr.ifgr_groups = malloc(ifgr.ifgr_len)) == NULL || 328 ioctl(s, SIOCGIFGROUP, &ifgr) == -1) 329 { 330 logerr(__func__); 331 return -1; 332 } 333 334 for (ifg = ifgr.ifgr_groups, ifg_len = ifgr.ifgr_len; 335 ifg && ifg_len >= sizeof(*ifg); 336 ifg++, ifg_len -= sizeof(*ifg)) 337 { 338 if (if_ignore1(ifg->ifgrq_group)) 339 return 1; 340 } 341 return 0; 342 } 343 #endif 344 345 bool 346 if_ignore(struct dhcpcd_ctx *ctx, const char *ifname) 347 { 348 struct if_spec spec; 349 350 if (if_nametospec(ifname, &spec) != 0) 351 return false; 352 353 if (if_ignore1(spec.drvname)) 354 return true; 355 356 #ifdef SIOCGIFGROUP 357 #if defined(PRIVSEP) && defined(HAVE_PLEDGE) 358 if (IN_PRIVSEP(ctx)) 359 return ps_root_ifignoregroup(ctx, ifname) == 1 ? true : false; 360 #endif 361 else 362 return if_ignoregroup(ctx->pf_inet_fd, ifname) == 1 ? 363 true : false; 364 #else 365 UNUSED(ctx); 366 return false; 367 #endif 368 } 369 370 static int if_indirect_ioctl(struct dhcpcd_ctx *ctx, 371 const char *ifname, unsigned long cmd, void *data, size_t len) 372 { 373 struct ifreq ifr = { .ifr_flags = 0 }; 374 375 #if defined(PRIVSEP) && (defined(HAVE_CAPSICUM) || defined(HAVE_PLEDGE)) 376 if (IN_PRIVSEP(ctx)) 377 return (int)ps_root_indirectioctl(ctx, cmd, ifname, data, len); 378 #else 379 UNUSED(len); 380 #endif 381 382 strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); 383 ifr.ifr_data = data; 384 return ioctl(ctx->pf_inet_fd, cmd, &ifr); 385 } 386 387 int 388 if_carrier(struct interface *ifp, const void *ifadata) 389 { 390 const struct if_data *ifi = ifadata; 391 392 /* 393 * Every BSD returns this and it is the sole source of truth. 394 * Not all BSD's support SIOCGIFDATA and not all interfaces 395 * support SIOCGIFMEDIA. 396 */ 397 assert(ifadata != NULL); 398 399 if (ifi->ifi_link_state >= LINK_STATE_UP) 400 return LINK_UP; 401 if (ifi->ifi_link_state == LINK_STATE_UNKNOWN) { 402 /* 403 * Work around net80211 issues in some BSDs. 404 * Wireless MUST support link state change. 405 */ 406 if (ifp->wireless) 407 return LINK_DOWN; 408 return LINK_UNKNOWN; 409 } 410 return LINK_DOWN; 411 } 412 413 bool 414 if_roaming(struct interface *ifp) 415 { 416 417 /* Check for NetBSD as a safety measure. 418 * If other BSD's gain IN_IFF_TENTATIVE check they re-do DAD 419 * when the carrier comes up again. */ 420 #if defined(IN_IFF_TENTATIVE) && defined(__NetBSD__) 421 return ifp->flags & IFF_UP && ifp->carrier == LINK_DOWN; 422 #else 423 UNUSED(ifp); 424 return false; 425 #endif 426 } 427 428 static void 429 if_linkaddr(struct sockaddr_dl *sdl, const struct interface *ifp) 430 { 431 432 memset(sdl, 0, sizeof(*sdl)); 433 sdl->sdl_family = AF_LINK; 434 sdl->sdl_len = sizeof(*sdl); 435 sdl->sdl_nlen = sdl->sdl_alen = sdl->sdl_slen = 0; 436 sdl->sdl_index = (unsigned short)ifp->index; 437 } 438 439 static int 440 if_getssid1(struct dhcpcd_ctx *ctx, const char *ifname, void *ssid) 441 { 442 int retval = -1; 443 #if defined(SIOCG80211NWID) 444 struct ieee80211_nwid nwid; 445 #elif defined(IEEE80211_IOC_SSID) 446 struct ieee80211req ireq; 447 char nwid[IEEE80211_NWID_LEN]; 448 #endif 449 450 #if defined(SIOCG80211NWID) /* NetBSD */ 451 memset(&nwid, 0, sizeof(nwid)); 452 if (if_indirect_ioctl(ctx, ifname, SIOCG80211NWID, 453 &nwid, sizeof(nwid)) == 0) 454 { 455 if (ssid == NULL) 456 retval = nwid.i_len; 457 else if (nwid.i_len > IF_SSIDLEN) 458 errno = ENOBUFS; 459 else { 460 retval = nwid.i_len; 461 memcpy(ssid, nwid.i_nwid, nwid.i_len); 462 } 463 } 464 #elif defined(IEEE80211_IOC_SSID) /* FreeBSD */ 465 memset(&ireq, 0, sizeof(ireq)); 466 strlcpy(ireq.i_name, ifname, sizeof(ireq.i_name)); 467 ireq.i_type = IEEE80211_IOC_SSID; 468 ireq.i_val = -1; 469 memset(nwid, 0, sizeof(nwid)); 470 ireq.i_data = &nwid; 471 if (ioctl(ctx->pf_inet_fd, SIOCG80211, &ireq) == 0) { 472 if (ssid == NULL) 473 retval = ireq.i_len; 474 else if (ireq.i_len > IF_SSIDLEN) 475 errno = ENOBUFS; 476 else { 477 retval = ireq.i_len; 478 memcpy(ssid, nwid, ireq.i_len); 479 } 480 } 481 #else 482 errno = ENOSYS; 483 #endif 484 485 return retval; 486 } 487 488 int 489 if_getssid(struct interface *ifp) 490 { 491 int r; 492 493 r = if_getssid1(ifp->ctx, ifp->name, ifp->ssid); 494 if (r != -1) 495 ifp->ssid_len = (unsigned int)r; 496 else 497 ifp->ssid_len = 0; 498 ifp->ssid[ifp->ssid_len] = '\0'; 499 return r; 500 } 501 502 /* 503 * FreeBSD allows for Virtual Access Points 504 * We need to check if the interface is a Virtual Interface Master 505 * and if so, don't use it. 506 * This check is made by virtue of being a IEEE80211 device but 507 * returning the SSID gives an error. 508 */ 509 int 510 if_vimaster(struct dhcpcd_ctx *ctx, const char *ifname) 511 { 512 int r; 513 struct ifmediareq ifmr = { .ifm_active = 0 }; 514 515 strlcpy(ifmr.ifm_name, ifname, sizeof(ifmr.ifm_name)); 516 r = ioctl(ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr); 517 if (r == -1) 518 return -1; 519 if (ifmr.ifm_status & IFM_AVALID && 520 IFM_TYPE(ifmr.ifm_active) == IFM_IEEE80211) 521 { 522 if (if_getssid1(ctx, ifname, NULL) == -1) 523 return 1; 524 } 525 return 0; 526 } 527 528 unsigned short 529 if_vlanid(const struct interface *ifp) 530 { 531 #ifdef SIOCGETVLAN 532 struct vlanreq vlr = { .vlr_tag = 0 }; 533 534 if (if_indirect_ioctl(ifp->ctx, ifp->name, SIOCGETVLAN, 535 &vlr, sizeof(vlr)) != 0) 536 return 0; /* 0 means no VLANID */ 537 return vlr.vlr_tag; 538 #elif defined(SIOCGVNETID) 539 struct ifreq ifr = { .ifr_vnetid = 0 }; 540 541 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 542 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGVNETID, &ifr) != 0) 543 return 0; /* 0 means no VLANID */ 544 return ifr.ifr_vnetid; 545 #else 546 UNUSED(ifp); 547 return 0; /* 0 means no VLANID */ 548 #endif 549 } 550 551 static int 552 get_addrs(int type, const void *data, size_t data_len, 553 const struct sockaddr **sa) 554 { 555 const char *cp, *ep; 556 int i; 557 558 cp = data; 559 ep = cp + data_len; 560 for (i = 0; i < RTAX_MAX; i++) { 561 if (type & (1 << i)) { 562 if (cp >= ep) { 563 errno = EINVAL; 564 return -1; 565 } 566 sa[i] = (const struct sockaddr *)cp; 567 RT_ADVANCE(cp, sa[i]); 568 } else 569 sa[i] = NULL; 570 } 571 572 return 0; 573 } 574 575 static struct interface * 576 if_findsdl(struct dhcpcd_ctx *ctx, const struct sockaddr_dl *sdl) 577 { 578 579 if (sdl->sdl_index) 580 return if_findindex(ctx->ifaces, sdl->sdl_index); 581 582 if (sdl->sdl_nlen) { 583 char ifname[IF_NAMESIZE]; 584 585 memcpy(ifname, sdl->sdl_data, sdl->sdl_nlen); 586 ifname[sdl->sdl_nlen] = '\0'; 587 return if_find(ctx->ifaces, ifname); 588 } 589 if (sdl->sdl_alen) { 590 struct interface *ifp; 591 592 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 593 if (ifp->hwlen == sdl->sdl_alen && 594 memcmp(ifp->hwaddr, 595 sdl->sdl_data, sdl->sdl_alen) == 0) 596 return ifp; 597 } 598 } 599 600 errno = ENOENT; 601 return NULL; 602 } 603 604 static struct interface * 605 if_findsa(struct dhcpcd_ctx *ctx, const struct sockaddr *sa) 606 { 607 if (sa == NULL) { 608 errno = EINVAL; 609 return NULL; 610 } 611 612 switch (sa->sa_family) { 613 case AF_LINK: 614 { 615 const struct sockaddr_dl *sdl; 616 617 sdl = (const void *)sa; 618 return if_findsdl(ctx, sdl); 619 } 620 #ifdef INET 621 case AF_INET: 622 { 623 const struct sockaddr_in *sin; 624 struct ipv4_addr *ia; 625 626 sin = (const void *)sa; 627 if ((ia = ipv4_findmaskaddr(ctx, &sin->sin_addr))) 628 return ia->iface; 629 if ((ia = ipv4_findmaskbrd(ctx, &sin->sin_addr))) 630 return ia->iface; 631 break; 632 } 633 #endif 634 #ifdef INET6 635 case AF_INET6: 636 { 637 const struct sockaddr_in6 *sin; 638 unsigned int scope; 639 struct ipv6_addr *ia; 640 641 sin = (const void *)sa; 642 scope = ipv6_getscope(sin); 643 if (scope != 0) 644 return if_findindex(ctx->ifaces, scope); 645 if ((ia = ipv6_findmaskaddr(ctx, &sin->sin6_addr))) 646 return ia->iface; 647 break; 648 } 649 #endif 650 default: 651 errno = EAFNOSUPPORT; 652 return NULL; 653 } 654 655 errno = ENOENT; 656 return NULL; 657 } 658 659 static void 660 if_copysa(struct sockaddr *dst, const struct sockaddr *src) 661 { 662 663 assert(dst != NULL); 664 assert(src != NULL); 665 666 memcpy(dst, src, src->sa_len); 667 #if defined(INET6) && defined(__KAME__) 668 if (dst->sa_family == AF_INET6) { 669 struct in6_addr *in6; 670 671 in6 = &satosin6(dst)->sin6_addr; 672 if (IN6_IS_ADDR_LINKLOCAL(in6)) 673 in6->s6_addr[2] = in6->s6_addr[3] = '\0'; 674 } 675 #endif 676 } 677 678 int 679 if_route(unsigned char cmd, const struct rt *rt) 680 { 681 struct dhcpcd_ctx *ctx; 682 struct rtm rtmsg; 683 struct rt_msghdr *rtm = &rtmsg.hdr; 684 char *bp = rtmsg.buffer; 685 struct sockaddr_dl sdl; 686 bool gateway_unspec; 687 688 assert(rt != NULL); 689 assert(rt->rt_ifp != NULL); 690 assert(rt->rt_ifp->ctx != NULL); 691 ctx = rt->rt_ifp->ctx; 692 693 #define ADDSA(sa) do { \ 694 memcpy(bp, (sa), (sa)->sa_len); \ 695 bp += RT_ROUNDUP((sa)->sa_len); \ 696 } while (0 /* CONSTCOND */) 697 698 memset(&rtmsg, 0, sizeof(rtmsg)); 699 rtm->rtm_version = RTM_VERSION; 700 rtm->rtm_type = cmd; 701 #ifdef __OpenBSD__ 702 rtm->rtm_pid = getpid(); 703 #endif 704 rtm->rtm_seq = ++ctx->seq; 705 rtm->rtm_flags = (int)rt->rt_flags; 706 rtm->rtm_addrs = RTA_DST; 707 #ifdef RTF_PINNED 708 if (cmd != RTM_ADD) 709 rtm->rtm_flags |= RTF_PINNED; 710 #endif 711 712 gateway_unspec = sa_is_unspecified(&rt->rt_gateway); 713 714 if (cmd == RTM_ADD || cmd == RTM_CHANGE) { 715 bool netmask_bcast = sa_is_allones(&rt->rt_netmask); 716 717 rtm->rtm_flags |= RTF_UP; 718 rtm->rtm_addrs |= RTA_GATEWAY; 719 if (!(rtm->rtm_flags & RTF_REJECT) && 720 !sa_is_loopback(&rt->rt_gateway)) 721 { 722 rtm->rtm_index = (unsigned short)rt->rt_ifp->index; 723 /* 724 * OpenBSD rejects the message for on-link routes. 725 * FreeBSD-12 kernel apparently panics. 726 * I can't replicate the panic, but better safe than sorry! 727 * https://roy.marples.name/archives/dhcpcd-discuss/0002286.html 728 * 729 * Neither OS currently allows IPv6 address sharing anyway, so let's 730 * try to encourage someone to fix that by logging a waring during compile. 731 */ 732 #if defined(__FreeBSD__) || defined(__OpenBSD__) 733 #warning kernel does not allow IPv6 address sharing 734 if (!gateway_unspec || rt->rt_dest.sa_family!=AF_INET6) 735 #endif 736 rtm->rtm_addrs |= RTA_IFP; 737 if (!sa_is_unspecified(&rt->rt_ifa)) 738 rtm->rtm_addrs |= RTA_IFA; 739 } 740 if (netmask_bcast) 741 rtm->rtm_flags |= RTF_HOST; 742 /* Network routes are cloning or connected if supported. 743 * All other routes are static. */ 744 if (gateway_unspec) { 745 #ifdef RTF_CLONING 746 rtm->rtm_flags |= RTF_CLONING; 747 #endif 748 #ifdef RTF_CONNECTED 749 rtm->rtm_flags |= RTF_CONNECTED; 750 #endif 751 #ifdef RTP_CONNECTED 752 rtm->rtm_priority = RTP_CONNECTED; 753 #endif 754 #ifdef RTF_CLONING 755 if (netmask_bcast) { 756 /* 757 * We add a cloning network route for a single 758 * host. Traffic to the host will generate a 759 * cloned route and the hardware address will 760 * resolve correctly. 761 * It might be more correct to use RTF_HOST 762 * instead of RTF_CLONING, and that does work, 763 * but some OS generate an arp warning 764 * diagnostic which we don't want to do. 765 */ 766 rtm->rtm_flags &= ~RTF_HOST; 767 } 768 #endif 769 } else 770 rtm->rtm_flags |= RTF_GATEWAY; 771 772 if (rt->rt_dflags & RTDF_STATIC) 773 rtm->rtm_flags |= RTF_STATIC; 774 775 if (rt->rt_mtu != 0) { 776 rtm->rtm_inits |= RTV_MTU; 777 rtm->rtm_rmx.rmx_mtu = rt->rt_mtu; 778 } 779 } 780 781 if (!(rtm->rtm_flags & RTF_HOST)) 782 rtm->rtm_addrs |= RTA_NETMASK; 783 784 if_linkaddr(&sdl, rt->rt_ifp); 785 786 ADDSA(&rt->rt_dest); 787 788 if (rtm->rtm_addrs & RTA_GATEWAY) { 789 if (gateway_unspec) 790 ADDSA((struct sockaddr *)&sdl); 791 else { 792 union sa_ss gateway; 793 794 if_copysa(&gateway.sa, &rt->rt_gateway); 795 #ifdef INET6 796 if (gateway.sa.sa_family == AF_INET6) 797 ipv6_setscope(&gateway.sin6, rt->rt_ifp->index); 798 #endif 799 ADDSA(&gateway.sa); 800 } 801 } 802 803 if (rtm->rtm_addrs & RTA_NETMASK) 804 ADDSA(&rt->rt_netmask); 805 806 if (rtm->rtm_addrs & RTA_IFP) 807 ADDSA((struct sockaddr *)&sdl); 808 809 if (rtm->rtm_addrs & RTA_IFA) 810 ADDSA(&rt->rt_ifa); 811 812 #undef ADDSA 813 814 rtm->rtm_msglen = (unsigned short)(bp - (char *)rtm); 815 816 #ifdef PRIVSEP 817 if (ctx->options & DHCPCD_PRIVSEP) { 818 if (ps_root_route(ctx, rtm, rtm->rtm_msglen) == -1) 819 return -1; 820 return 0; 821 } 822 #endif 823 if (write(ctx->link_fd, rtm, rtm->rtm_msglen) == -1) 824 return -1; 825 return 0; 826 } 827 828 static bool 829 if_realroute(const struct rt_msghdr *rtm) 830 { 831 832 #ifdef RTF_CLONED 833 if (rtm->rtm_flags & RTF_CLONED) 834 return false; 835 #endif 836 #ifdef RTF_WASCLONED 837 if (rtm->rtm_flags & RTF_WASCLONED) 838 return false; 839 #endif 840 #ifdef RTF_LOCAL 841 if (rtm->rtm_flags & RTF_LOCAL) 842 return false; 843 #endif 844 #ifdef RTF_BROADCAST 845 if (rtm->rtm_flags & RTF_BROADCAST) 846 return false; 847 #endif 848 return true; 849 } 850 851 static int 852 if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, const struct rt_msghdr *rtm) 853 { 854 const struct sockaddr *rti_info[RTAX_MAX]; 855 856 if (!(rtm->rtm_addrs & RTA_DST)) { 857 errno = EINVAL; 858 return -1; 859 } 860 if (rtm->rtm_type != RTM_MISS && !(rtm->rtm_addrs & RTA_GATEWAY)) { 861 errno = EINVAL; 862 return -1; 863 } 864 865 if (get_addrs(rtm->rtm_addrs, (const char *)rtm + sizeof(*rtm), 866 rtm->rtm_msglen - sizeof(*rtm), rti_info) == -1) 867 return -1; 868 memset(rt, 0, sizeof(*rt)); 869 870 rt->rt_flags = (unsigned int)rtm->rtm_flags; 871 if_copysa(&rt->rt_dest, rti_info[RTAX_DST]); 872 if (rtm->rtm_addrs & RTA_NETMASK) { 873 if_copysa(&rt->rt_netmask, rti_info[RTAX_NETMASK]); 874 if (rt->rt_netmask.sa_family == 255) /* Why? */ 875 rt->rt_netmask.sa_family = rt->rt_dest.sa_family; 876 } 877 878 /* dhcpcd likes an unspecified gateway to indicate via the link. 879 * However we need to know if gateway was a link with an address. */ 880 if (rtm->rtm_addrs & RTA_GATEWAY) { 881 if (rti_info[RTAX_GATEWAY]->sa_family == AF_LINK) { 882 const struct sockaddr_dl *sdl; 883 884 sdl = (const struct sockaddr_dl*) 885 (const void *)rti_info[RTAX_GATEWAY]; 886 if (sdl->sdl_alen != 0) 887 rt->rt_dflags |= RTDF_GATELINK; 888 } else if (rtm->rtm_flags & RTF_GATEWAY) 889 if_copysa(&rt->rt_gateway, rti_info[RTAX_GATEWAY]); 890 } 891 892 if (rtm->rtm_addrs & RTA_IFA) 893 if_copysa(&rt->rt_ifa, rti_info[RTAX_IFA]); 894 895 rt->rt_mtu = (unsigned int)rtm->rtm_rmx.rmx_mtu; 896 897 if (rtm->rtm_index) 898 rt->rt_ifp = if_findindex(ctx->ifaces, rtm->rtm_index); 899 else if (rtm->rtm_addrs & RTA_IFP) 900 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_IFP]); 901 else if (rtm->rtm_addrs & RTA_GATEWAY) 902 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_GATEWAY]); 903 else 904 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_DST]); 905 906 if (rt->rt_ifp == NULL && rtm->rtm_type == RTM_MISS) 907 rt->rt_ifp = if_find(ctx->ifaces, "lo0"); 908 909 if (rt->rt_ifp == NULL) { 910 errno = ESRCH; 911 return -1; 912 } 913 return 0; 914 } 915 916 static int 917 if_sysctl(struct dhcpcd_ctx *ctx, 918 const int *name, u_int namelen, 919 void *oldp, size_t *oldlenp, void *newp, size_t newlen) 920 { 921 #if defined(PRIVSEP) && defined(HAVE_CAPSICUM) 922 if (IN_PRIVSEP(ctx)) 923 return (int)ps_root_sysctl(ctx, name, namelen, 924 oldp, oldlenp, newp, newlen); 925 #else 926 UNUSED(ctx); 927 #endif 928 929 return sysctl(name, namelen, oldp, oldlenp, newp, newlen); 930 } 931 932 int 933 if_initrt(struct dhcpcd_ctx *ctx, rb_tree_t *kroutes, int af) 934 { 935 struct rt_msghdr *rtm; 936 int mib[6] = { CTL_NET, PF_ROUTE, 0, af, NET_RT_DUMP, 0 }; 937 size_t bufl; 938 char *buf, *p, *end; 939 struct rt rt, *rtn; 940 941 if (if_sysctl(ctx, mib, __arraycount(mib), NULL, &bufl, NULL, 0) == -1) 942 return -1; 943 if (bufl == 0) 944 return 0; 945 if ((buf = malloc(bufl)) == NULL) 946 return -1; 947 if (if_sysctl(ctx, mib, __arraycount(mib), buf, &bufl, NULL, 0) == -1) 948 { 949 free(buf); 950 return -1; 951 } 952 953 end = buf + bufl; 954 for (p = buf; p < end; p += rtm->rtm_msglen) { 955 rtm = (void *)p; 956 if (p + sizeof(*rtm) > end || p + rtm->rtm_msglen > end) { 957 errno = EINVAL; 958 break; 959 } 960 if (!if_realroute(rtm)) 961 continue; 962 if (if_copyrt(ctx, &rt, rtm) != 0) 963 continue; 964 if ((rtn = rt_new(rt.rt_ifp)) == NULL) { 965 logerr(__func__); 966 break; 967 } 968 memcpy(rtn, &rt, sizeof(*rtn)); 969 if (rb_tree_insert_node(kroutes, rtn) != rtn) 970 rt_free(rtn); 971 } 972 free(buf); 973 return p == end ? 0 : -1; 974 } 975 976 #ifdef INET 977 int 978 if_address(unsigned char cmd, const struct ipv4_addr *ia) 979 { 980 int r; 981 struct in_aliasreq ifra; 982 struct dhcpcd_ctx *ctx = ia->iface->ctx; 983 984 memset(&ifra, 0, sizeof(ifra)); 985 strlcpy(ifra.ifra_name, ia->iface->name, sizeof(ifra.ifra_name)); 986 987 #define ADDADDR(var, addr) do { \ 988 (var)->sin_family = AF_INET; \ 989 (var)->sin_len = sizeof(*(var)); \ 990 (var)->sin_addr = *(addr); \ 991 } while (/*CONSTCOND*/0) 992 ADDADDR(&ifra.ifra_addr, &ia->addr); 993 ADDADDR(&ifra.ifra_mask, &ia->mask); 994 if (cmd == RTM_NEWADDR && ia->brd.s_addr != INADDR_ANY) 995 ADDADDR(&ifra.ifra_broadaddr, &ia->brd); 996 #undef ADDADDR 997 998 r = if_ioctl(ctx, 999 cmd == RTM_DELADDR ? SIOCDIFADDR : SIOCAIFADDR, &ifra,sizeof(ifra)); 1000 return r; 1001 } 1002 1003 #if !(defined(HAVE_IFADDRS_ADDRFLAGS) && defined(HAVE_IFAM_ADDRFLAGS)) 1004 int 1005 if_addrflags(const struct interface *ifp, const struct in_addr *addr, 1006 __unused const char *alias) 1007 { 1008 #ifdef SIOCGIFAFLAG_IN 1009 struct ifreq ifr; 1010 struct sockaddr_in *sin; 1011 1012 memset(&ifr, 0, sizeof(ifr)); 1013 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 1014 sin = (void *)&ifr.ifr_addr; 1015 sin->sin_family = AF_INET; 1016 sin->sin_addr = *addr; 1017 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFAFLAG_IN, &ifr) == -1) 1018 return -1; 1019 return ifr.ifr_addrflags; 1020 #else 1021 UNUSED(ifp); 1022 UNUSED(addr); 1023 return 0; 1024 #endif 1025 } 1026 #endif 1027 #endif /* INET */ 1028 1029 #ifdef INET6 1030 static int 1031 if_ioctl6(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len) 1032 { 1033 struct priv *priv; 1034 1035 #ifdef PRIVSEP 1036 if (ctx->options & DHCPCD_PRIVSEP) 1037 return (int)ps_root_ioctl6(ctx, req, data, len); 1038 #endif 1039 1040 priv = ctx->priv; 1041 return ioctl(priv->pf_inet6_fd, req, data, len); 1042 } 1043 1044 int 1045 if_address6(unsigned char cmd, const struct ipv6_addr *ia) 1046 { 1047 struct in6_aliasreq ifa = { .ifra_flags = 0 }; 1048 struct in6_addr mask; 1049 struct dhcpcd_ctx *ctx = ia->iface->ctx; 1050 1051 strlcpy(ifa.ifra_name, ia->iface->name, sizeof(ifa.ifra_name)); 1052 #if defined(__FreeBSD__) || defined(__DragonFly__) 1053 /* This is a bug - the kernel should work this out. */ 1054 if (ia->addr_flags & IN6_IFF_TENTATIVE) 1055 ifa.ifra_flags |= IN6_IFF_TENTATIVE; 1056 #endif 1057 #if (defined(__NetBSD__) || defined(__OpenBSD__)) && \ 1058 (defined(IPV6CTL_ACCEPT_RTADV) || defined(ND6_IFF_ACCEPT_RTADV)) 1059 /* These kernels don't accept userland setting IN6_IFF_AUTOCONF */ 1060 #else 1061 if (ia->flags & IPV6_AF_AUTOCONF) 1062 ifa.ifra_flags |= IN6_IFF_AUTOCONF; 1063 #endif 1064 #ifdef IPV6_MANAGETEMPADDR 1065 if (ia->flags & IPV6_AF_TEMPORARY) 1066 ifa.ifra_flags |= IN6_IFF_TEMPORARY; 1067 #endif 1068 1069 #define ADDADDR(v, addr) { \ 1070 (v)->sin6_family = AF_INET6; \ 1071 (v)->sin6_len = sizeof(*v); \ 1072 (v)->sin6_addr = *(addr); \ 1073 } 1074 1075 ADDADDR(&ifa.ifra_addr, &ia->addr); 1076 ipv6_setscope(&ifa.ifra_addr, ia->iface->index); 1077 ipv6_mask(&mask, ia->prefix_len); 1078 ADDADDR(&ifa.ifra_prefixmask, &mask); 1079 1080 #undef ADDADDR 1081 1082 /* 1083 * Every BSD kernel wants to add the prefix of the address to it's 1084 * list of RA received prefixes. 1085 * THIS IS WRONG because there (as the comments in the kernel state) 1086 * is no API for managing prefix lifetime and the kernel should not 1087 * pretend it's from a RA either. 1088 * 1089 * The issue is that the very first assigned prefix will inherit the 1090 * lifetime of the address, but any subsequent alteration of the 1091 * address OR it's lifetime will not affect the prefix lifetime. 1092 * As such, we cannot stop the prefix from timing out and then 1093 * constantly removing the prefix route dhcpcd is capable of adding 1094 * in it's absense. 1095 * 1096 * What we can do to mitigate the issue is to add the address with 1097 * infinite lifetimes, so the prefix route will never time out. 1098 * Once done, we can then set lifetimes on the address and all is good. 1099 * The downside of this approach is that we need to manually remove 1100 * the kernel route because it has no lifetime, but this is OK as 1101 * dhcpcd will handle this too. 1102 * 1103 * This issue is discussed on the NetBSD mailing lists here: 1104 * http://mail-index.netbsd.org/tech-net/2016/08/05/msg006044.html 1105 * 1106 * Fixed in NetBSD-7.99.36 1107 * NOT fixed in FreeBSD - bug 195197 1108 * Fixed in OpenBSD-5.9 1109 */ 1110 1111 #if !((defined(__NetBSD_Version__) && __NetBSD_Version__ >= 799003600) || \ 1112 (defined(__OpenBSD__) && OpenBSD >= 201605)) 1113 if (cmd == RTM_NEWADDR && !(ia->flags & IPV6_AF_ADDED)) { 1114 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1115 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1116 (void)if_ioctl6(ctx, SIOCAIFADDR_IN6, &ifa, sizeof(ifa)); 1117 } 1118 #endif 1119 1120 #if defined(__OpenBSD__) && OpenBSD <= 201705 1121 /* BUT OpenBSD older than 6.2 does not reset the address lifetime 1122 * for subsequent calls... 1123 * Luckily dhcpcd will remove the lease when it expires so 1124 * just set an infinite lifetime, unless a temporary address. */ 1125 if (ifa.ifra_flags & IN6_IFF_PRIVACY) { 1126 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime; 1127 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime; 1128 } else { 1129 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; 1130 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; 1131 } 1132 #else 1133 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime; 1134 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime; 1135 #endif 1136 1137 return if_ioctl6(ctx, 1138 cmd == RTM_DELADDR ? SIOCDIFADDR_IN6 : SIOCAIFADDR_IN6, 1139 &ifa, sizeof(ifa)); 1140 } 1141 1142 int 1143 if_addrflags6(const struct interface *ifp, const struct in6_addr *addr, 1144 __unused const char *alias) 1145 { 1146 int flags; 1147 struct in6_ifreq ifr6; 1148 struct priv *priv; 1149 1150 memset(&ifr6, 0, sizeof(ifr6)); 1151 strlcpy(ifr6.ifr_name, ifp->name, sizeof(ifr6.ifr_name)); 1152 ifr6.ifr_addr.sin6_family = AF_INET6; 1153 ifr6.ifr_addr.sin6_addr = *addr; 1154 ipv6_setscope(&ifr6.ifr_addr, ifp->index); 1155 priv = (struct priv *)ifp->ctx->priv; 1156 if (ioctl(priv->pf_inet6_fd, SIOCGIFAFLAG_IN6, &ifr6) != -1) 1157 flags = ifr6.ifr_ifru.ifru_flags6; 1158 else 1159 flags = -1; 1160 return flags; 1161 } 1162 1163 int 1164 if_getlifetime6(struct ipv6_addr *ia) 1165 { 1166 struct in6_ifreq ifr6; 1167 time_t t; 1168 struct in6_addrlifetime *lifetime; 1169 struct priv *priv; 1170 1171 memset(&ifr6, 0, sizeof(ifr6)); 1172 strlcpy(ifr6.ifr_name, ia->iface->name, sizeof(ifr6.ifr_name)); 1173 ifr6.ifr_addr.sin6_family = AF_INET6; 1174 ifr6.ifr_addr.sin6_addr = ia->addr; 1175 ipv6_setscope(&ifr6.ifr_addr, ia->iface->index); 1176 priv = (struct priv *)ia->iface->ctx->priv; 1177 if (ioctl(priv->pf_inet6_fd, SIOCGIFALIFETIME_IN6, &ifr6) == -1) 1178 return -1; 1179 clock_gettime(CLOCK_MONOTONIC, &ia->created); 1180 1181 #if defined(__FreeBSD__) || defined(__DragonFly__) 1182 t = ia->created.tv_sec; 1183 #else 1184 t = time(NULL); 1185 #endif 1186 1187 lifetime = &ifr6.ifr_ifru.ifru_lifetime; 1188 if (lifetime->ia6t_preferred) 1189 ia->prefix_pltime = (uint32_t)(lifetime->ia6t_preferred - 1190 MIN(t, lifetime->ia6t_preferred)); 1191 else 1192 ia->prefix_pltime = ND6_INFINITE_LIFETIME; 1193 if (lifetime->ia6t_expire) { 1194 ia->prefix_vltime = (uint32_t)(lifetime->ia6t_expire - 1195 MIN(t, lifetime->ia6t_expire)); 1196 /* Calculate the created time */ 1197 ia->created.tv_sec -= lifetime->ia6t_vltime - ia->prefix_vltime; 1198 } else 1199 ia->prefix_vltime = ND6_INFINITE_LIFETIME; 1200 return 0; 1201 } 1202 #endif 1203 1204 static int 1205 if_announce(struct dhcpcd_ctx *ctx, const struct if_announcemsghdr *ifan) 1206 { 1207 1208 if (ifan->ifan_msglen < sizeof(*ifan)) { 1209 errno = EINVAL; 1210 return -1; 1211 } 1212 1213 switch(ifan->ifan_what) { 1214 case IFAN_ARRIVAL: 1215 return dhcpcd_handleinterface(ctx, 1, ifan->ifan_name); 1216 case IFAN_DEPARTURE: 1217 return dhcpcd_handleinterface(ctx, -1, ifan->ifan_name); 1218 } 1219 1220 return 0; 1221 } 1222 1223 static int 1224 if_ifinfo(struct dhcpcd_ctx *ctx, const struct if_msghdr *ifm) 1225 { 1226 struct interface *ifp; 1227 int link_state; 1228 1229 if (ifm->ifm_msglen < sizeof(*ifm)) { 1230 errno = EINVAL; 1231 return -1; 1232 } 1233 1234 if ((ifp = if_findindex(ctx->ifaces, ifm->ifm_index)) == NULL) 1235 return 0; 1236 1237 link_state = if_carrier(ifp, &ifm->ifm_data); 1238 dhcpcd_handlecarrier(ifp, link_state, (unsigned int)ifm->ifm_flags); 1239 return 0; 1240 } 1241 1242 static int 1243 if_rtm(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm) 1244 { 1245 struct rt rt; 1246 1247 if (rtm->rtm_msglen < sizeof(*rtm)) { 1248 errno = EINVAL; 1249 return -1; 1250 } 1251 1252 /* Ignore errors. */ 1253 if (rtm->rtm_errno != 0) 1254 return 0; 1255 1256 /* Ignore messages from ourself. */ 1257 #ifdef PRIVSEP 1258 if (ctx->ps_root != NULL) { 1259 if (rtm->rtm_pid == ctx->ps_root->psp_pid) 1260 return 0; 1261 } 1262 #endif 1263 1264 if (if_copyrt(ctx, &rt, rtm) == -1) 1265 return errno == ENOTSUP ? 0 : -1; 1266 1267 #ifdef INET6 1268 /* 1269 * BSD announces host routes. 1270 * As such, we should be notified of reachability by its 1271 * existance with a hardware address. 1272 * Ensure we don't call this for a newly incomplete state. 1273 */ 1274 if (rt.rt_dest.sa_family == AF_INET6 && 1275 (rt.rt_flags & RTF_HOST || rtm->rtm_type == RTM_MISS) && 1276 !(rtm->rtm_type == RTM_ADD && !(rt.rt_dflags & RTDF_GATELINK))) 1277 { 1278 bool reachable; 1279 1280 reachable = (rtm->rtm_type == RTM_ADD || 1281 rtm->rtm_type == RTM_CHANGE) && 1282 rt.rt_dflags & RTDF_GATELINK; 1283 ipv6nd_neighbour(ctx, &rt.rt_ss_dest.sin6.sin6_addr, reachable); 1284 } 1285 #endif 1286 1287 if (rtm->rtm_type != RTM_MISS && if_realroute(rtm)) 1288 rt_recvrt(rtm->rtm_type, &rt, rtm->rtm_pid); 1289 return 0; 1290 } 1291 1292 static int 1293 if_ifa(struct dhcpcd_ctx *ctx, const struct ifa_msghdr *ifam) 1294 { 1295 struct interface *ifp; 1296 const struct sockaddr *rti_info[RTAX_MAX]; 1297 int flags; 1298 pid_t pid; 1299 1300 if (ifam->ifam_msglen < sizeof(*ifam)) { 1301 errno = EINVAL; 1302 return -1; 1303 } 1304 1305 #ifdef HAVE_IFAM_PID 1306 /* Ignore address deletions from ourself. 1307 * We need to process address flag changes though. */ 1308 if (ifam->ifam_type == RTM_DELADDR) { 1309 #ifdef PRIVSEP 1310 if (ctx->ps_root != NULL) { 1311 if (ifam->ifam_pid == ctx->ps_root->psp_pid) 1312 return 0; 1313 } else 1314 #endif 1315 /* address management is done via ioctl, 1316 * so SO_USELOOPBACK has no effect, 1317 * so we do need to check the pid. */ 1318 if (ifam->ifam_pid == getpid()) 1319 return 0; 1320 } 1321 pid = ifam->ifam_pid; 1322 #else 1323 pid = 0; 1324 #endif 1325 1326 if (~ifam->ifam_addrs & RTA_IFA) 1327 return 0; 1328 if ((ifp = if_findindex(ctx->ifaces, ifam->ifam_index)) == NULL) 1329 return 0; 1330 1331 if (get_addrs(ifam->ifam_addrs, (const char *)ifam + sizeof(*ifam), 1332 ifam->ifam_msglen - sizeof(*ifam), rti_info) == -1) 1333 return -1; 1334 1335 switch (rti_info[RTAX_IFA]->sa_family) { 1336 case AF_LINK: 1337 { 1338 struct sockaddr_dl sdl; 1339 1340 #ifdef RTM_CHGADDR 1341 if (ifam->ifam_type != RTM_CHGADDR) 1342 break; 1343 #else 1344 if (ifam->ifam_type != RTM_NEWADDR) 1345 break; 1346 #endif 1347 memcpy(&sdl, rti_info[RTAX_IFA], rti_info[RTAX_IFA]->sa_len); 1348 dhcpcd_handlehwaddr(ifp, ifp->hwtype, 1349 CLLADDR(&sdl), sdl.sdl_alen); 1350 break; 1351 } 1352 #ifdef INET 1353 case AF_INET: 1354 case 255: /* FIXME: Why 255? */ 1355 { 1356 const struct sockaddr_in *sin; 1357 struct in_addr addr, mask, bcast; 1358 1359 sin = (const void *)rti_info[RTAX_IFA]; 1360 addr.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1361 sin->sin_addr.s_addr : INADDR_ANY; 1362 sin = (const void *)rti_info[RTAX_NETMASK]; 1363 mask.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1364 sin->sin_addr.s_addr : INADDR_ANY; 1365 sin = (const void *)rti_info[RTAX_BRD]; 1366 bcast.s_addr = sin != NULL && sin->sin_family == AF_INET ? 1367 sin->sin_addr.s_addr : INADDR_ANY; 1368 1369 /* 1370 * NetBSD-7 and older send an invalid broadcast address. 1371 * So we need to query the actual address to get 1372 * the right one. 1373 * We can also use this to test if the address 1374 * has really been added or deleted. 1375 */ 1376 #ifdef SIOCGIFALIAS 1377 struct in_aliasreq ifra; 1378 1379 memset(&ifra, 0, sizeof(ifra)); 1380 strlcpy(ifra.ifra_name, ifp->name, sizeof(ifra.ifra_name)); 1381 ifra.ifra_addr.sin_family = AF_INET; 1382 ifra.ifra_addr.sin_len = sizeof(ifra.ifra_addr); 1383 ifra.ifra_addr.sin_addr = addr; 1384 if (ioctl(ctx->pf_inet_fd, SIOCGIFALIAS, &ifra) == -1) { 1385 if (errno != ENXIO && errno != EADDRNOTAVAIL) 1386 logerr("%s: SIOCGIFALIAS", __func__); 1387 if (ifam->ifam_type != RTM_DELADDR) 1388 break; 1389 } else { 1390 if (ifam->ifam_type == RTM_DELADDR) 1391 break; 1392 #if defined(__NetBSD_Version__) && __NetBSD_Version__ < 800000000 1393 bcast = ifra.ifra_broadaddr.sin_addr; 1394 #endif 1395 } 1396 #else 1397 #warning No SIOCGIFALIAS support 1398 /* 1399 * No SIOCGIFALIAS? That sucks! 1400 * This makes this call very heavy weight, but we 1401 * really need to know if the message is late or not. 1402 */ 1403 const struct sockaddr *sa; 1404 struct ifaddrs *ifaddrs = NULL, *ifa; 1405 1406 sa = rti_info[RTAX_IFA]; 1407 #ifdef PRIVSEP_GETIFADDRS 1408 if (IN_PRIVSEP(ctx)) { 1409 if (ps_root_getifaddrs(ctx, &ifaddrs) == -1) { 1410 logerr("ps_root_getifaddrs"); 1411 break; 1412 } 1413 } else 1414 #endif 1415 if (getifaddrs(&ifaddrs) == -1) { 1416 logerr("getifaddrs"); 1417 break; 1418 } 1419 for (ifa = ifaddrs; ifa; ifa = ifa->ifa_next) { 1420 if (ifa->ifa_addr == NULL) 1421 continue; 1422 if (sa_cmp(ifa->ifa_addr, sa) == 0 && 1423 strcmp(ifa->ifa_name, ifp->name) == 0) 1424 break; 1425 } 1426 #ifdef PRIVSEP_GETIFADDRS 1427 if (IN_PRIVSEP(ctx)) 1428 free(ifaddrs); 1429 else 1430 #endif 1431 freeifaddrs(ifaddrs); 1432 if (ifam->ifam_type == RTM_DELADDR) { 1433 if (ifa != NULL) 1434 break; 1435 } else { 1436 if (ifa == NULL) 1437 break; 1438 } 1439 #endif 1440 1441 #ifdef HAVE_IFAM_ADDRFLAGS 1442 flags = ifam->ifam_addrflags; 1443 #else 1444 flags = 0; 1445 #endif 1446 1447 ipv4_handleifa(ctx, ifam->ifam_type, NULL, ifp->name, 1448 &addr, &mask, &bcast, flags, pid); 1449 break; 1450 } 1451 #endif 1452 #ifdef INET6 1453 case AF_INET6: 1454 { 1455 struct in6_addr addr6, mask6; 1456 const struct sockaddr_in6 *sin6; 1457 1458 sin6 = (const void *)rti_info[RTAX_IFA]; 1459 addr6 = sin6->sin6_addr; 1460 sin6 = (const void *)rti_info[RTAX_NETMASK]; 1461 mask6 = sin6->sin6_addr; 1462 1463 /* 1464 * If the address was deleted, lets check if it's 1465 * a late message and it still exists (maybe modified). 1466 * If so, ignore it as deleting an address causes 1467 * dhcpcd to drop any lease to which it belongs. 1468 * Also check an added address was really added. 1469 */ 1470 flags = if_addrflags6(ifp, &addr6, NULL); 1471 if (flags == -1) { 1472 if (errno != ENXIO && errno != EADDRNOTAVAIL) 1473 logerr("%s: if_addrflags6", __func__); 1474 if (ifam->ifam_type != RTM_DELADDR) 1475 break; 1476 flags = 0; 1477 } else if (ifam->ifam_type == RTM_DELADDR) 1478 break; 1479 1480 #ifdef __KAME__ 1481 if (IN6_IS_ADDR_LINKLOCAL(&addr6)) 1482 /* Remove the scope from the address */ 1483 addr6.s6_addr[2] = addr6.s6_addr[3] = '\0'; 1484 #endif 1485 1486 ipv6_handleifa(ctx, ifam->ifam_type, NULL, 1487 ifp->name, &addr6, ipv6_prefixlen(&mask6), flags, pid); 1488 break; 1489 } 1490 #endif 1491 } 1492 1493 return 0; 1494 } 1495 1496 static int 1497 if_dispatch(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm) 1498 { 1499 1500 if (rtm->rtm_version != RTM_VERSION) 1501 return 0; 1502 1503 switch(rtm->rtm_type) { 1504 #ifdef RTM_IFANNOUNCE 1505 case RTM_IFANNOUNCE: 1506 return if_announce(ctx, (const void *)rtm); 1507 #endif 1508 case RTM_IFINFO: 1509 return if_ifinfo(ctx, (const void *)rtm); 1510 case RTM_ADD: /* FALLTHROUGH */ 1511 case RTM_CHANGE: /* FALLTHROUGH */ 1512 case RTM_DELETE: /* FALLTHROUGH */ 1513 case RTM_MISS: 1514 return if_rtm(ctx, (const void *)rtm); 1515 #ifdef RTM_CHGADDR 1516 case RTM_CHGADDR: /* FALLTHROUGH */ 1517 #endif 1518 case RTM_DELADDR: /* FALLTHROUGH */ 1519 case RTM_NEWADDR: 1520 return if_ifa(ctx, (const void *)rtm); 1521 #ifdef RTM_DESYNC 1522 case RTM_DESYNC: 1523 dhcpcd_linkoverflow(ctx); 1524 #elif !defined(SO_RERROR) 1525 #warning cannot detect route socket overflow within kernel 1526 #endif 1527 } 1528 1529 return 0; 1530 } 1531 1532 static int 1533 if_missfilter0(struct dhcpcd_ctx *ctx, struct interface *ifp, 1534 struct sockaddr *sa) 1535 { 1536 size_t salen = (size_t)RT_ROUNDUP(sa->sa_len); 1537 size_t newlen = ctx->rt_missfilterlen + salen; 1538 size_t diff = salen - (sa->sa_len); 1539 uint8_t *cp; 1540 1541 if (ctx->rt_missfiltersize < newlen) { 1542 void *n = realloc(ctx->rt_missfilter, newlen); 1543 if (n == NULL) 1544 return -1; 1545 ctx->rt_missfilter = n; 1546 ctx->rt_missfiltersize = newlen; 1547 } 1548 1549 #ifdef INET6 1550 if (sa->sa_family == AF_INET6) 1551 ipv6_setscope(satosin6(sa), ifp->index); 1552 #else 1553 UNUSED(ifp); 1554 #endif 1555 1556 cp = ctx->rt_missfilter + ctx->rt_missfilterlen; 1557 memcpy(cp, sa, sa->sa_len); 1558 if (diff != 0) 1559 memset(cp + sa->sa_len, 0, diff); 1560 ctx->rt_missfilterlen += salen; 1561 1562 #ifdef INET6 1563 if (sa->sa_family == AF_INET6) 1564 ipv6_setscope(satosin6(sa), 0); 1565 #endif 1566 1567 return 0; 1568 } 1569 1570 int 1571 if_missfilter(struct interface *ifp, struct sockaddr *sa) 1572 { 1573 1574 return if_missfilter0(ifp->ctx, ifp, sa); 1575 } 1576 1577 int 1578 if_missfilter_apply(struct dhcpcd_ctx *ctx) 1579 { 1580 #ifdef RO_MISSFILTER 1581 if (ctx->rt_missfilterlen == 0) { 1582 struct sockaddr sa = { 1583 .sa_family = AF_UNSPEC, 1584 .sa_len = sizeof(sa), 1585 }; 1586 1587 if (if_missfilter0(ctx, NULL, &sa) == -1) 1588 return -1; 1589 } 1590 1591 return setsockopt(ctx->link_fd, PF_ROUTE, RO_MISSFILTER, 1592 ctx->rt_missfilter, (socklen_t)ctx->rt_missfilterlen); 1593 #else 1594 #warning kernel does not support RTM_MISS DST filtering 1595 UNUSED(ctx); 1596 errno = ENOTSUP; 1597 return -1; 1598 #endif 1599 } 1600 1601 __CTASSERT(offsetof(struct rt_msghdr, rtm_msglen) == 0); 1602 int 1603 if_handlelink(struct dhcpcd_ctx *ctx) 1604 { 1605 struct rtm rtm; 1606 ssize_t len; 1607 1608 len = read(ctx->link_fd, &rtm, sizeof(rtm)); 1609 if (len == -1) 1610 return -1; 1611 if (len == 0) 1612 return 0; 1613 if ((size_t)len < sizeof(rtm.hdr.rtm_msglen) || 1614 len != rtm.hdr.rtm_msglen) 1615 { 1616 errno = EINVAL; 1617 return -1; 1618 } 1619 /* 1620 * Coverity thinks that the data could be tainted from here. 1621 * I have no idea how because the length of the data we read 1622 * is guarded by len and checked to match rtm_msglen. 1623 * The issue seems to be related to extracting the addresses 1624 * at the end of the header, but seems to have no issues with the 1625 * equivalent call in if_initrt. 1626 */ 1627 /* coverity[tainted_data] */ 1628 return if_dispatch(ctx, &rtm.hdr); 1629 } 1630 1631 #ifndef SYS_NMLN /* OSX */ 1632 # define SYS_NMLN __SYS_NAMELEN 1633 #endif 1634 #ifndef HW_MACHINE_ARCH 1635 # ifdef HW_MODEL /* OpenBSD */ 1636 # define HW_MACHINE_ARCH HW_MODEL 1637 # endif 1638 #endif 1639 int 1640 if_machinearch(char *str, size_t len) 1641 { 1642 int mib[2] = { CTL_HW, HW_MACHINE_ARCH }; 1643 1644 return sysctl(mib, sizeof(mib) / sizeof(mib[0]), str, &len, NULL, 0); 1645 } 1646 1647 #ifdef INET6 1648 #if (defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)) || \ 1649 defined(IPV6CTL_FORWARDING) 1650 #define get_inet6_sysctl(code) inet6_sysctl(code, 0, 0) 1651 #define set_inet6_sysctl(code, val) inet6_sysctl(code, val, 1) 1652 static int 1653 inet6_sysctl(int code, int val, int action) 1654 { 1655 int mib[] = { CTL_NET, PF_INET6, IPPROTO_IPV6, 0 }; 1656 size_t size; 1657 1658 mib[3] = code; 1659 size = sizeof(val); 1660 if (action) { 1661 if (sysctl(mib, __arraycount(mib), NULL, 0, &val, size) == -1) 1662 return -1; 1663 return 0; 1664 } 1665 if (sysctl(mib, __arraycount(mib), &val, &size, NULL, 0) == -1) 1666 return -1; 1667 return val; 1668 } 1669 #endif 1670 1671 int 1672 if_applyra(const struct ra *rap) 1673 { 1674 #ifdef SIOCSIFINFO_IN6 1675 struct in6_ndireq nd = { .ndi.chlim = 0 }; 1676 struct dhcpcd_ctx *ctx = rap->iface->ctx; 1677 int error; 1678 1679 strlcpy(nd.ifname, rap->iface->name, sizeof(nd.ifname)); 1680 1681 #ifdef IPV6CTL_ACCEPT_RTADV 1682 struct priv *priv = ctx->priv; 1683 1684 /* 1685 * NetBSD changed SIOCSIFINFO_IN6 to NOT set flags when kernel 1686 * RA was removed, however both FreeBSD and DragonFlyBSD still do. 1687 * linkmtu was also removed. 1688 * Hopefully this guard will still work if either remove kernel RA. 1689 */ 1690 if (ioctl(priv->pf_inet6_fd, SIOCGIFINFO_IN6, &nd, sizeof(nd)) == -1) 1691 return -1; 1692 1693 nd.ndi.linkmtu = rap->mtu; 1694 #endif 1695 1696 nd.ndi.chlim = rap->hoplimit; 1697 nd.ndi.retrans = rap->retrans; 1698 nd.ndi.basereachable = rap->reachable; 1699 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd)); 1700 #ifdef IPV6CTL_ACCEPT_RTADV 1701 if (error == -1 && errno == EINVAL) { 1702 /* 1703 * Very likely that this is caused by a dodgy MTU 1704 * setting specific to the interface. 1705 * Let's set it to "unspecified" and try again. 1706 * Doesn't really matter as we fix the MTU against the 1707 * routes we add as not all OS support SIOCSIFINFO_IN6. 1708 */ 1709 nd.ndi.linkmtu = 0; 1710 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd)); 1711 } 1712 #endif 1713 return error; 1714 #else 1715 #warning OS does not allow setting of RA bits hoplimit, retrans or reachable 1716 UNUSED(rap); 1717 return 0; 1718 #endif 1719 } 1720 1721 #ifndef IPV6CTL_FORWARDING 1722 #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0) 1723 #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1) 1724 static int 1725 inet6_sysctlbyname(const char *name, int val, int action) 1726 { 1727 size_t size; 1728 1729 size = sizeof(val); 1730 if (action) { 1731 if (sysctlbyname(name, NULL, 0, &val, size) == -1) 1732 return -1; 1733 return 0; 1734 } 1735 if (sysctlbyname(name, &val, &size, NULL, 0) == -1) 1736 return -1; 1737 return val; 1738 } 1739 #endif 1740 1741 int 1742 ip6_forwarding(__unused const char *ifname) 1743 { 1744 int val; 1745 1746 #ifdef IPV6CTL_FORWARDING 1747 val = get_inet6_sysctl(IPV6CTL_FORWARDING); 1748 #else 1749 val = get_inet6_sysctlbyname("net.inet6.ip6.forwarding"); 1750 #endif 1751 return val < 0 ? 0 : val; 1752 } 1753 1754 #ifdef SIOCIFAFATTACH 1755 static int 1756 if_af_attach(const struct interface *ifp, int af) 1757 { 1758 struct if_afreq ifar; 1759 1760 strlcpy(ifar.ifar_name, ifp->name, sizeof(ifar.ifar_name)); 1761 ifar.ifar_af = af; 1762 return if_ioctl6(ifp->ctx, SIOCIFAFATTACH, &ifar, sizeof(ifar)); 1763 } 1764 #endif 1765 1766 #ifdef SIOCGIFXFLAGS 1767 static int 1768 if_set_ifxflags(const struct interface *ifp) 1769 { 1770 struct ifreq ifr; 1771 int flags; 1772 struct priv *priv = ifp->ctx->priv; 1773 1774 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 1775 if (ioctl(priv->pf_inet6_fd, SIOCGIFXFLAGS, &ifr) == -1) 1776 return -1; 1777 flags = ifr.ifr_flags; 1778 #ifdef IFXF_NOINET6 1779 flags &= ~IFXF_NOINET6; 1780 #endif 1781 /* 1782 * If not doing autoconf, don't disable the kernel from doing it. 1783 * If we need to, we should have another option actively disable it. 1784 * 1785 * OpenBSD moved from kernel based SLAAC to userland via slaacd(8). 1786 * It has a similar featureset to dhcpcd such as stable private 1787 * addresses, but lacks the ability to handle DNS inside the RA 1788 * which is a serious shortfall in this day and age. 1789 * Appease their user base by working alongside slaacd(8) if 1790 * dhcpcd is instructed not to do auto configuration of addresses. 1791 */ 1792 #if defined(ND6_IFF_ACCEPT_RTADV) 1793 #define BSD_AUTOCONF DHCPCD_IPV6RS 1794 #else 1795 #define BSD_AUTOCONF DHCPCD_IPV6RA_AUTOCONF 1796 #endif 1797 if (ifp->options->options & BSD_AUTOCONF) 1798 flags &= ~IFXF_AUTOCONF6; 1799 if (ifr.ifr_flags == flags) 1800 return 0; 1801 ifr.ifr_flags = flags; 1802 return if_ioctl6(ifp->ctx, SIOCSIFXFLAGS, &ifr, sizeof(ifr)); 1803 } 1804 #endif 1805 1806 /* OpenBSD removed ND6 flags entirely, so we need to check for their 1807 * existance. */ 1808 #if defined(ND6_IFF_AUTO_LINKLOCAL) || \ 1809 defined(ND6_IFF_PERFORMNUD) || \ 1810 defined(ND6_IFF_ACCEPT_RTADV) || \ 1811 defined(ND6_IFF_OVERRIDE_RTADV) || \ 1812 defined(ND6_IFF_IFDISABLED) 1813 #define ND6_NDI_FLAGS 1814 #endif 1815 1816 void 1817 if_disable_rtadv(void) 1818 { 1819 #if defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV) 1820 int ra = get_inet6_sysctl(IPV6CTL_ACCEPT_RTADV); 1821 1822 if (ra == -1) { 1823 if (errno != ENOENT) 1824 logerr("IPV6CTL_ACCEPT_RTADV"); 1825 else if (ra != 0) 1826 if (set_inet6_sysctl(IPV6CTL_ACCEPT_RTADV, 0) == -1) 1827 logerr("IPV6CTL_ACCEPT_RTADV"); 1828 } 1829 #endif 1830 } 1831 1832 void 1833 if_setup_inet6(const struct interface *ifp) 1834 { 1835 struct priv *priv; 1836 int s; 1837 #ifdef ND6_NDI_FLAGS 1838 struct in6_ndireq nd; 1839 int flags; 1840 #endif 1841 1842 priv = (struct priv *)ifp->ctx->priv; 1843 s = priv->pf_inet6_fd; 1844 1845 #ifdef ND6_NDI_FLAGS 1846 memset(&nd, 0, sizeof(nd)); 1847 strlcpy(nd.ifname, ifp->name, sizeof(nd.ifname)); 1848 if (ioctl(s, SIOCGIFINFO_IN6, &nd) == -1) 1849 logerr("%s: SIOCGIFINFO_FLAGS", ifp->name); 1850 flags = (int)nd.ndi.flags; 1851 #endif 1852 1853 #ifdef ND6_IFF_AUTO_LINKLOCAL 1854 /* Unlike the kernel, dhcpcd make make a stable private address. */ 1855 flags &= ~ND6_IFF_AUTO_LINKLOCAL; 1856 #endif 1857 1858 #ifdef ND6_IFF_PERFORMNUD 1859 /* NUD is kind of essential. */ 1860 flags |= ND6_IFF_PERFORMNUD; 1861 #endif 1862 1863 #ifdef ND6_IFF_IFDISABLED 1864 /* Ensure the interface is not disabled. */ 1865 flags &= ~ND6_IFF_IFDISABLED; 1866 #endif 1867 1868 /* 1869 * If not doing autoconf, don't disable the kernel from doing it. 1870 * If we need to, we should have another option actively disable it. 1871 */ 1872 #ifdef ND6_IFF_ACCEPT_RTADV 1873 if (ifp->options->options & DHCPCD_IPV6RS) 1874 flags &= ~ND6_IFF_ACCEPT_RTADV; 1875 #ifdef ND6_IFF_OVERRIDE_RTADV 1876 if (ifp->options->options & DHCPCD_IPV6RS) 1877 flags |= ND6_IFF_OVERRIDE_RTADV; 1878 #endif 1879 #endif 1880 1881 #ifdef ND6_NDI_FLAGS 1882 if (nd.ndi.flags != (uint32_t)flags) { 1883 nd.ndi.flags = (uint32_t)flags; 1884 if (if_ioctl6(ifp->ctx, SIOCSIFINFO_FLAGS, 1885 &nd, sizeof(nd)) == -1) 1886 logerr("%s: SIOCSIFINFO_FLAGS", ifp->name); 1887 } 1888 #endif 1889 1890 /* Enabling IPv6 by whatever means must be the 1891 * last action undertaken to ensure kernel RS and 1892 * LLADDR auto configuration are disabled where applicable. */ 1893 #ifdef SIOCIFAFATTACH 1894 if (if_af_attach(ifp, AF_INET6) == -1) 1895 logerr("%s: if_af_attach", ifp->name); 1896 #endif 1897 1898 #ifdef SIOCGIFXFLAGS 1899 if (if_set_ifxflags(ifp) == -1) 1900 logerr("%s: set_ifxflags", ifp->name); 1901 #endif 1902 1903 #ifdef SIOCSRTRFLUSH_IN6 1904 /* Flush the kernel knowledge of advertised routers 1905 * and prefixes so the kernel does not expire prefixes 1906 * and default routes we are trying to own. */ 1907 if (ifp->options->options & DHCPCD_IPV6RS) { 1908 struct in6_ifreq ifr; 1909 1910 memset(&ifr, 0, sizeof(ifr)); 1911 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name)); 1912 if (if_ioctl6(ifp->ctx, SIOCSRTRFLUSH_IN6, 1913 &ifr, sizeof(ifr)) == -1 && 1914 errno != ENOTSUP && errno != ENOTTY) 1915 logwarn("SIOCSRTRFLUSH_IN6 %d", errno); 1916 #ifdef SIOCSPFXFLUSH_IN6 1917 if (if_ioctl6(ifp->ctx, SIOCSPFXFLUSH_IN6, 1918 &ifr, sizeof(ifr)) == -1 && 1919 errno != ENOTSUP && errno != ENOTTY) 1920 logwarn("SIOCSPFXFLUSH_IN6"); 1921 #endif 1922 } 1923 #endif 1924 } 1925 #endif 1926