1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * dhcpcd - IPv6 ND handling 4 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/ioctl.h> 30 #include <sys/param.h> 31 #include <sys/socket.h> 32 #include <net/if.h> 33 #include <net/route.h> 34 #include <netinet/in.h> 35 #include <netinet/ip6.h> 36 #include <netinet/icmp6.h> 37 38 #include <assert.h> 39 #include <errno.h> 40 #include <fcntl.h> 41 #include <stddef.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <unistd.h> 45 46 #define ELOOP_QUEUE 3 47 #include "common.h" 48 #include "dhcpcd.h" 49 #include "dhcp-common.h" 50 #include "dhcp6.h" 51 #include "eloop.h" 52 #include "if.h" 53 #include "ipv6.h" 54 #include "ipv6nd.h" 55 #include "logerr.h" 56 #include "route.h" 57 #include "script.h" 58 59 /* Debugging Router Solicitations is a lot of spam, so disable it */ 60 //#define DEBUG_RS 61 62 #ifndef ND_OPT_RDNSS 63 #define ND_OPT_RDNSS 25 64 struct nd_opt_rdnss { /* RDNSS option RFC 6106 */ 65 uint8_t nd_opt_rdnss_type; 66 uint8_t nd_opt_rdnss_len; 67 uint16_t nd_opt_rdnss_reserved; 68 uint32_t nd_opt_rdnss_lifetime; 69 /* followed by list of IP prefixes */ 70 }; 71 __CTASSERT(sizeof(struct nd_opt_rdnss) == 8); 72 #endif 73 74 #ifndef ND_OPT_DNSSL 75 #define ND_OPT_DNSSL 31 76 struct nd_opt_dnssl { /* DNSSL option RFC 6106 */ 77 uint8_t nd_opt_dnssl_type; 78 uint8_t nd_opt_dnssl_len; 79 uint16_t nd_opt_dnssl_reserved; 80 uint32_t nd_opt_dnssl_lifetime; 81 /* followed by list of DNS servers */ 82 }; 83 __CTASSERT(sizeof(struct nd_opt_rdnss) == 8); 84 #endif 85 86 /* Impossible options, so we can easily add extras */ 87 #define _ND_OPT_PREFIX_ADDR 255 + 1 88 89 /* Minimal IPv6 MTU */ 90 #ifndef IPV6_MMTU 91 #define IPV6_MMTU 1280 92 #endif 93 94 #ifndef ND_RA_FLAG_RTPREF_HIGH 95 #define ND_RA_FLAG_RTPREF_MASK 0x18 96 #define ND_RA_FLAG_RTPREF_HIGH 0x08 97 #define ND_RA_FLAG_RTPREF_MEDIUM 0x00 98 #define ND_RA_FLAG_RTPREF_LOW 0x18 99 #define ND_RA_FLAG_RTPREF_RSV 0x10 100 #endif 101 102 /* RTPREF_MEDIUM has to be 0! */ 103 #define RTPREF_HIGH 1 104 #define RTPREF_MEDIUM 0 105 #define RTPREF_LOW (-1) 106 #define RTPREF_RESERVED (-2) 107 #define RTPREF_INVALID (-3) /* internal */ 108 109 #define EXPIRED_MAX 5 /* Remember 5 expired routers to avoid 110 logspam. */ 111 112 #define MIN_RANDOM_FACTOR 500 /* millisecs */ 113 #define MAX_RANDOM_FACTOR 1500 /* millisecs */ 114 #define MIN_RANDOM_FACTOR_U MIN_RANDOM_FACTOR * 1000 /* usecs */ 115 #define MAX_RANDOM_FACTOR_U MAX_RANDOM_FACTOR * 1000 /* usecs */ 116 117 #if BYTE_ORDER == BIG_ENDIAN 118 #define IPV6_ADDR_INT32_ONE 1 119 #define IPV6_ADDR_INT16_MLL 0xff02 120 #elif BYTE_ORDER == LITTLE_ENDIAN 121 #define IPV6_ADDR_INT32_ONE 0x01000000 122 #define IPV6_ADDR_INT16_MLL 0x02ff 123 #endif 124 125 /* Debugging Neighbor Solicitations is a lot of spam, so disable it */ 126 //#define DEBUG_NS 127 // 128 129 static void ipv6nd_handledata(void *); 130 131 /* 132 * Android ships buggy ICMP6 filter headers. 133 * Supply our own until they fix their shit. 134 * References: 135 * https://android-review.googlesource.com/#/c/58438/ 136 * http://code.google.com/p/android/issues/original?id=32621&seq=24 137 */ 138 #ifdef __ANDROID__ 139 #undef ICMP6_FILTER_WILLPASS 140 #undef ICMP6_FILTER_WILLBLOCK 141 #undef ICMP6_FILTER_SETPASS 142 #undef ICMP6_FILTER_SETBLOCK 143 #undef ICMP6_FILTER_SETPASSALL 144 #undef ICMP6_FILTER_SETBLOCKALL 145 #define ICMP6_FILTER_WILLPASS(type, filterp) \ 146 ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) == 0) 147 #define ICMP6_FILTER_WILLBLOCK(type, filterp) \ 148 ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) != 0) 149 #define ICMP6_FILTER_SETPASS(type, filterp) \ 150 ((((filterp)->icmp6_filt[(type) >> 5]) &= ~(1 << ((type) & 31)))) 151 #define ICMP6_FILTER_SETBLOCK(type, filterp) \ 152 ((((filterp)->icmp6_filt[(type) >> 5]) |= (1 << ((type) & 31)))) 153 #define ICMP6_FILTER_SETPASSALL(filterp) \ 154 memset(filterp, 0, sizeof(struct icmp6_filter)); 155 #define ICMP6_FILTER_SETBLOCKALL(filterp) \ 156 memset(filterp, 0xff, sizeof(struct icmp6_filter)); 157 #endif 158 159 /* Support older systems with different defines */ 160 #if !defined(IPV6_RECVHOPLIMIT) && defined(IPV6_HOPLIMIT) 161 #define IPV6_RECVHOPLIMIT IPV6_HOPLIMIT 162 #endif 163 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO) 164 #define IPV6_RECVPKTINFO IPV6_PKTINFO 165 #endif 166 167 /* Handy defines */ 168 #define ipv6nd_free_ra(ra) ipv6nd_freedrop_ra((ra), 0) 169 #define ipv6nd_drop_ra(ra) ipv6nd_freedrop_ra((ra), 1) 170 171 void 172 ipv6nd_printoptions(const struct dhcpcd_ctx *ctx, 173 const struct dhcp_opt *opts, size_t opts_len) 174 { 175 size_t i, j; 176 const struct dhcp_opt *opt, *opt2; 177 int cols; 178 179 for (i = 0, opt = ctx->nd_opts; 180 i < ctx->nd_opts_len; i++, opt++) 181 { 182 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 183 if (opt2->option == opt->option) 184 break; 185 if (j == opts_len) { 186 cols = printf("%03d %s", opt->option, opt->var); 187 dhcp_print_option_encoding(opt, cols); 188 } 189 } 190 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 191 cols = printf("%03d %s", opt->option, opt->var); 192 dhcp_print_option_encoding(opt, cols); 193 } 194 } 195 196 static int 197 ipv6nd_open0(void) 198 { 199 int s, on; 200 struct icmp6_filter filt; 201 202 #define SOCK_FLAGS SOCK_CLOEXEC | SOCK_NONBLOCK 203 s = xsocket(PF_INET6, SOCK_RAW | SOCK_FLAGS, IPPROTO_ICMPV6); 204 #undef SOCK_FLAGS 205 if (s == -1) 206 return -1; 207 208 /* RFC4861 4.1 */ 209 on = 255; 210 if (setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 211 &on, sizeof(on)) == -1) 212 goto eexit; 213 214 on = 1; 215 if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, 216 &on, sizeof(on)) == -1) 217 goto eexit; 218 219 ICMP6_FILTER_SETBLOCKALL(&filt); 220 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt); 221 if (setsockopt(s, IPPROTO_ICMPV6, ICMP6_FILTER, 222 &filt, sizeof(filt)) == -1) 223 goto eexit; 224 225 return s; 226 227 eexit: 228 close(s); 229 return -1; 230 } 231 232 #ifdef __sun 233 static int 234 ipv6nd_open(struct interface *ifp) 235 { 236 int s; 237 struct ipv6_mreq mreq = { 238 .ipv6mr_multiaddr = IN6ADDR_LINKLOCAL_ALLNODES_INIT, 239 .ipv6mr_interface = ifp->index 240 }; 241 struct rs_state *state = RS_STATE(ifp); 242 uint_t ifindex = ifp->index; 243 244 if (state->nd_fd != -1) 245 return state->nd_fd; 246 247 s = ipv6nd_open0(); 248 if (s == -1) 249 return -1; 250 251 if (setsockopt(s, IPPROTO_IPV6, IPV6_BOUND_IF, 252 &ifindex, sizeof(ifindex)) == -1) 253 { 254 close(s); 255 return -1; 256 } 257 258 if (setsockopt(s, IPPROTO_IPV6, IPV6_JOIN_GROUP, 259 &mreq, sizeof(mreq)) == -1) 260 { 261 close(s); 262 return -1; 263 } 264 265 state->nd_fd = s; 266 eloop_event_add(ifp->ctx->eloop, s, ipv6nd_handledata, ifp); 267 return s; 268 } 269 #else 270 static int 271 ipv6nd_open(struct dhcpcd_ctx *ctx) 272 { 273 int s, on; 274 275 if (ctx->nd_fd != -1) 276 return ctx->nd_fd; 277 278 s = ipv6nd_open0(); 279 if (s == -1) 280 return -1; 281 282 on = 1; 283 if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, 284 &on, sizeof(on)) == -1) 285 { 286 close(s); 287 return -1; 288 } 289 290 ctx->nd_fd = s; 291 eloop_event_add(ctx->eloop, s, ipv6nd_handledata, ctx); 292 return s; 293 } 294 #endif 295 296 static int 297 ipv6nd_makersprobe(struct interface *ifp) 298 { 299 struct rs_state *state; 300 struct nd_router_solicit *rs; 301 302 state = RS_STATE(ifp); 303 free(state->rs); 304 state->rslen = sizeof(*rs); 305 if (ifp->hwlen != 0) 306 state->rslen += (size_t)ROUNDUP8(ifp->hwlen + 2); 307 state->rs = calloc(1, state->rslen); 308 if (state->rs == NULL) 309 return -1; 310 rs = state->rs; 311 rs->nd_rs_type = ND_ROUTER_SOLICIT; 312 //rs->nd_rs_code = 0; 313 //rs->nd_rs_cksum = 0; 314 //rs->nd_rs_reserved = 0; 315 316 if (ifp->hwlen != 0) { 317 struct nd_opt_hdr *nd; 318 319 nd = (struct nd_opt_hdr *)(state->rs + 1); 320 nd->nd_opt_type = ND_OPT_SOURCE_LINKADDR; 321 nd->nd_opt_len = (uint8_t)((ROUNDUP8(ifp->hwlen + 2)) >> 3); 322 memcpy(nd + 1, ifp->hwaddr, ifp->hwlen); 323 } 324 return 0; 325 } 326 327 static void 328 ipv6nd_sendrsprobe(void *arg) 329 { 330 struct interface *ifp = arg; 331 struct rs_state *state = RS_STATE(ifp); 332 struct sockaddr_in6 dst = { 333 .sin6_family = AF_INET6, 334 .sin6_addr = IN6ADDR_LINKLOCAL_ALLROUTERS_INIT, 335 .sin6_scope_id = ifp->index, 336 }; 337 struct iovec iov = { .iov_base = state->rs, .iov_len = state->rslen }; 338 unsigned char ctl[CMSG_SPACE(sizeof(struct in6_pktinfo))] = { 0 }; 339 struct msghdr msg = { 340 .msg_name = &dst, .msg_namelen = sizeof(dst), 341 .msg_iov = &iov, .msg_iovlen = 1, 342 .msg_control = ctl, .msg_controllen = sizeof(ctl), 343 }; 344 struct cmsghdr *cm; 345 struct in6_pktinfo pi = { .ipi6_ifindex = ifp->index }; 346 int s; 347 348 if (ipv6_linklocal(ifp) == NULL) { 349 logdebugx("%s: delaying Router Solicitation for LL address", 350 ifp->name); 351 ipv6_addlinklocalcallback(ifp, ipv6nd_sendrsprobe, ifp); 352 return; 353 } 354 355 #ifdef HAVE_SA_LEN 356 dst.sin6_len = sizeof(dst); 357 #endif 358 359 /* Set the outbound interface */ 360 cm = CMSG_FIRSTHDR(&msg); 361 if (cm == NULL) /* unlikely */ 362 return; 363 cm->cmsg_level = IPPROTO_IPV6; 364 cm->cmsg_type = IPV6_PKTINFO; 365 cm->cmsg_len = CMSG_LEN(sizeof(pi)); 366 memcpy(CMSG_DATA(cm), &pi, sizeof(pi)); 367 368 logdebugx("%s: sending Router Solicitation", ifp->name); 369 #ifdef __sun 370 s = state->nd_fd; 371 #else 372 s = ifp->ctx->nd_fd; 373 #endif 374 if (sendmsg(s, &msg, 0) == -1) { 375 logerr(__func__); 376 /* Allow IPv6ND to continue .... at most a few errors 377 * would be logged. 378 * Generally the error is ENOBUFS when struggling to 379 * associate with an access point. */ 380 } 381 382 if (state->rsprobes++ < MAX_RTR_SOLICITATIONS) 383 eloop_timeout_add_sec(ifp->ctx->eloop, 384 RTR_SOLICITATION_INTERVAL, ipv6nd_sendrsprobe, ifp); 385 else { 386 logwarnx("%s: no IPv6 Routers available", ifp->name); 387 ipv6nd_drop(ifp); 388 } 389 } 390 391 #ifdef ND6_ADVERTISE 392 static void 393 ipv6nd_sendadvertisement(void *arg) 394 { 395 struct ipv6_addr *ia = arg; 396 struct interface *ifp = ia->iface; 397 struct dhcpcd_ctx *ctx = ifp->ctx; 398 struct sockaddr_in6 dst = { 399 .sin6_family = AF_INET6, 400 .sin6_addr = IN6ADDR_LINKLOCAL_ALLNODES_INIT, 401 .sin6_scope_id = ifp->index, 402 }; 403 struct iovec iov = { .iov_base = ia->na, .iov_len = ia->na_len }; 404 unsigned char ctl[CMSG_SPACE(sizeof(struct in6_pktinfo))] = { 0 }; 405 struct msghdr msg = { 406 .msg_name = &dst, .msg_namelen = sizeof(dst), 407 .msg_iov = &iov, .msg_iovlen = 1, 408 .msg_control = ctl, .msg_controllen = sizeof(ctl), 409 }; 410 struct cmsghdr *cm; 411 struct in6_pktinfo pi = { .ipi6_ifindex = ifp->index }; 412 const struct rs_state *state = RS_CSTATE(ifp); 413 int s; 414 415 if (state == NULL || ifp->carrier <= LINK_DOWN) 416 goto freeit; 417 418 #ifdef SIN6_LEN 419 dst.sin6_len = sizeof(dst); 420 #endif 421 422 /* Set the outbound interface. */ 423 cm = CMSG_FIRSTHDR(&msg); 424 assert(cm != NULL); 425 cm->cmsg_level = IPPROTO_IPV6; 426 cm->cmsg_type = IPV6_PKTINFO; 427 cm->cmsg_len = CMSG_LEN(sizeof(pi)); 428 memcpy(CMSG_DATA(cm), &pi, sizeof(pi)); 429 logdebugx("%s: sending NA for %s", ifp->name, ia->saddr); 430 #ifdef __sun 431 s = state->nd_fd; 432 #else 433 s = ctx->nd_fd; 434 #endif 435 if (sendmsg(s, &msg, 0) == -1) 436 logerr(__func__); 437 438 if (++ia->na_count < MAX_NEIGHBOR_ADVERTISEMENT) { 439 eloop_timeout_add_sec(ctx->eloop, 440 state->retrans / 1000, ipv6nd_sendadvertisement, ia); 441 return; 442 } 443 444 freeit: 445 free(ia->na); 446 ia->na = NULL; 447 ia->na_count = 0; 448 } 449 450 void 451 ipv6nd_advertise(struct ipv6_addr *ia) 452 { 453 struct dhcpcd_ctx *ctx; 454 struct interface *ifp; 455 struct ipv6_state *state; 456 struct ipv6_addr *iap, *iaf; 457 struct nd_neighbor_advert *na; 458 459 if (IN6_IS_ADDR_MULTICAST(&ia->addr)) 460 return; 461 462 #ifdef __sun 463 if (!(ia->flags & IPV6_AF_AUTOCONF) && ia->flags & IPV6_AF_RAPFX) 464 return; 465 #endif 466 467 ctx = ia->iface->ctx; 468 /* Find the most preferred address to advertise. */ 469 iaf = NULL; 470 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 471 state = IPV6_STATE(ifp); 472 if (state == NULL || ifp->carrier <= LINK_DOWN) 473 continue; 474 475 TAILQ_FOREACH(iap, &state->addrs, next) { 476 if (!IN6_ARE_ADDR_EQUAL(&iap->addr, &ia->addr)) 477 continue; 478 479 /* Cancel any current advertisement. */ 480 eloop_timeout_delete(ctx->eloop, 481 ipv6nd_sendadvertisement, iap); 482 483 /* Don't advertise what we can't use. */ 484 if (iap->prefix_vltime == 0 || 485 iap->addr_flags & IN6_IFF_NOTUSEABLE) 486 continue; 487 488 if (iaf == NULL || 489 iaf->iface->metric > iap->iface->metric) 490 iaf = iap; 491 } 492 } 493 if (iaf == NULL) 494 return; 495 496 /* Make the packet. */ 497 ifp = iaf->iface; 498 iaf->na_len = sizeof(*na); 499 if (ifp->hwlen != 0) 500 iaf->na_len += (size_t)ROUNDUP8(ifp->hwlen + 2); 501 na = calloc(1, iaf->na_len); 502 if (na == NULL) { 503 logerr(__func__); 504 return; 505 } 506 507 na->nd_na_type = ND_NEIGHBOR_ADVERT; 508 na->nd_na_flags_reserved = ND_NA_FLAG_OVERRIDE; 509 if (ip6_forwarding(ifp->name) == 1) 510 na->nd_na_flags_reserved |= ND_NA_FLAG_ROUTER; 511 na->nd_na_target = ia->addr; 512 513 if (ifp->hwlen != 0) { 514 struct nd_opt_hdr *opt; 515 516 opt = (struct nd_opt_hdr *)(na + 1); 517 opt->nd_opt_type = ND_OPT_TARGET_LINKADDR; 518 opt->nd_opt_len = (uint8_t)((ROUNDUP8(ifp->hwlen + 2)) >> 3); 519 memcpy(opt + 1, ifp->hwaddr, ifp->hwlen); 520 } 521 522 iaf->na_count = 0; 523 free(iaf->na); 524 iaf->na = na; 525 eloop_timeout_delete(ctx->eloop, ipv6nd_sendadvertisement, iaf); 526 ipv6nd_sendadvertisement(iaf); 527 } 528 #elif !defined(SMALL) 529 #warning kernel does not support userland sending ND6 advertisements 530 #endif /* ND6_ADVERTISE */ 531 532 static void 533 ipv6nd_expire(void *arg) 534 { 535 struct interface *ifp = arg; 536 struct ra *rap; 537 struct ipv6_addr *ia; 538 struct timespec now = { .tv_sec = 1 }; 539 540 if (ifp->ctx->ra_routers == NULL) 541 return; 542 543 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 544 if (rap->iface == ifp) 545 continue; 546 rap->acquired = now; 547 TAILQ_FOREACH(ia, &rap->addrs, next) { 548 ia->acquired = now; 549 } 550 } 551 ipv6nd_expirera(ifp); 552 } 553 554 void 555 ipv6nd_startexpire(struct interface *ifp) 556 { 557 558 eloop_timeout_add_sec(ifp->ctx->eloop, RTR_CARRIER_EXPIRE, 559 ipv6nd_expire, ifp); 560 } 561 562 /* 563 * Neighbour reachability. 564 * 565 * RFC 4681 6.2.5 says when a node is no longer a router it MUST 566 * send a RA with a zero lifetime. 567 * All OS's I know of set the NA router flag if they are a router 568 * or not and disregard that they are actively advertising or 569 * shutting down. If the interface is disabled, it cant't send a NA at all. 570 * 571 * As such we CANNOT rely on the NA Router flag and MUST use 572 * unreachability or receive a RA with a lifetime of zero to remove 573 * the node as a default router. 574 */ 575 void 576 ipv6nd_neighbour(struct dhcpcd_ctx *ctx, struct in6_addr *addr, bool reachable) 577 { 578 struct ra *rap, *rapr; 579 580 if (ctx->ra_routers == NULL) 581 return; 582 583 TAILQ_FOREACH(rap, ctx->ra_routers, next) { 584 if (IN6_ARE_ADDR_EQUAL(&rap->from, addr)) 585 break; 586 } 587 588 if (rap == NULL || rap->expired) 589 return; 590 591 if (reachable) { 592 if (rap->isreachable) 593 return; 594 loginfox("%s: %s is reachable again", 595 rap->iface->name, rap->sfrom); 596 rap->isreachable = true; 597 return; 598 } else { 599 if (!rap->isreachable) 600 return; 601 logwarnx("%s: %s is unreachable", 602 rap->iface->name, rap->sfrom); 603 rap->isreachable = false; 604 } 605 606 /* If we have no reachable default routers, try and solicit one. */ 607 TAILQ_FOREACH(rapr, ctx->ra_routers, next) { 608 if (rap == rapr || rap->iface != rapr->iface) 609 continue; 610 if (rapr->isreachable && !rapr->expired && rapr->lifetime) 611 break; 612 } 613 614 if (rapr == NULL) 615 ipv6nd_startrs(rap->iface); 616 } 617 618 const struct ipv6_addr * 619 ipv6nd_iffindaddr(const struct interface *ifp, const struct in6_addr *addr, 620 unsigned int flags) 621 { 622 struct ra *rap; 623 struct ipv6_addr *ap; 624 625 if (ifp->ctx->ra_routers == NULL) 626 return NULL; 627 628 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 629 if (rap->iface != ifp) 630 continue; 631 TAILQ_FOREACH(ap, &rap->addrs, next) { 632 if (ipv6_findaddrmatch(ap, addr, flags)) 633 return ap; 634 } 635 } 636 return NULL; 637 } 638 639 struct ipv6_addr * 640 ipv6nd_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr, 641 unsigned int flags) 642 { 643 struct ra *rap; 644 struct ipv6_addr *ap; 645 646 if (ctx->ra_routers == NULL) 647 return NULL; 648 649 TAILQ_FOREACH(rap, ctx->ra_routers, next) { 650 TAILQ_FOREACH(ap, &rap->addrs, next) { 651 if (ipv6_findaddrmatch(ap, addr, flags)) 652 return ap; 653 } 654 } 655 return NULL; 656 } 657 658 static void 659 ipv6nd_removefreedrop_ra(struct ra *rap, int remove_ra, int drop_ra) 660 { 661 662 eloop_timeout_delete(rap->iface->ctx->eloop, NULL, rap->iface); 663 eloop_timeout_delete(rap->iface->ctx->eloop, NULL, rap); 664 if (remove_ra) 665 TAILQ_REMOVE(rap->iface->ctx->ra_routers, rap, next); 666 ipv6_freedrop_addrs(&rap->addrs, drop_ra, NULL); 667 free(rap->data); 668 free(rap); 669 } 670 671 static void 672 ipv6nd_freedrop_ra(struct ra *rap, int drop) 673 { 674 675 ipv6nd_removefreedrop_ra(rap, 1, drop); 676 } 677 678 ssize_t 679 ipv6nd_free(struct interface *ifp) 680 { 681 struct rs_state *state; 682 struct ra *rap, *ran; 683 struct dhcpcd_ctx *ctx; 684 ssize_t n; 685 686 state = RS_STATE(ifp); 687 if (state == NULL) 688 return 0; 689 690 ctx = ifp->ctx; 691 #ifdef __sun 692 eloop_event_delete(ctx->eloop, state->nd_fd); 693 close(state->nd_fd); 694 #endif 695 free(state->rs); 696 free(state); 697 ifp->if_data[IF_DATA_IPV6ND] = NULL; 698 n = 0; 699 TAILQ_FOREACH_SAFE(rap, ifp->ctx->ra_routers, next, ran) { 700 if (rap->iface == ifp) { 701 ipv6nd_free_ra(rap); 702 n++; 703 } 704 } 705 706 #ifndef __sun 707 /* If we don't have any more IPv6 enabled interfaces, 708 * close the global socket and release resources */ 709 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 710 if (RS_STATE(ifp)) 711 break; 712 } 713 if (ifp == NULL) { 714 if (ctx->nd_fd != -1) { 715 eloop_event_delete(ctx->eloop, ctx->nd_fd); 716 close(ctx->nd_fd); 717 ctx->nd_fd = -1; 718 } 719 } 720 #endif 721 722 return n; 723 } 724 725 static int 726 rtpref(struct ra *rap) 727 { 728 729 switch (rap->flags & ND_RA_FLAG_RTPREF_MASK) { 730 case ND_RA_FLAG_RTPREF_HIGH: 731 return (RTPREF_HIGH); 732 case ND_RA_FLAG_RTPREF_MEDIUM: 733 case ND_RA_FLAG_RTPREF_RSV: 734 return (RTPREF_MEDIUM); 735 case ND_RA_FLAG_RTPREF_LOW: 736 return (RTPREF_LOW); 737 default: 738 logerrx("rtpref: impossible RA flag %x", rap->flags); 739 return (RTPREF_INVALID); 740 } 741 /* NOTREACHED */ 742 } 743 744 static void 745 add_router(struct dhcpcd_ctx *ctx, struct ra *router) 746 { 747 struct ra *rap; 748 749 TAILQ_FOREACH(rap, ctx->ra_routers, next) { 750 if (router->iface->metric < rap->iface->metric || 751 (router->iface->metric == rap->iface->metric && 752 rtpref(router) > rtpref(rap))) 753 { 754 TAILQ_INSERT_BEFORE(rap, router, next); 755 return; 756 } 757 } 758 TAILQ_INSERT_TAIL(ctx->ra_routers, router, next); 759 } 760 761 static int 762 ipv6nd_scriptrun(struct ra *rap) 763 { 764 int hasdns, hasaddress, pid; 765 struct ipv6_addr *ap; 766 767 hasaddress = 0; 768 /* If all addresses have completed DAD run the script */ 769 TAILQ_FOREACH(ap, &rap->addrs, next) { 770 if ((ap->flags & (IPV6_AF_AUTOCONF | IPV6_AF_ADDED)) == 771 (IPV6_AF_AUTOCONF | IPV6_AF_ADDED)) 772 { 773 hasaddress = 1; 774 if (!(ap->flags & IPV6_AF_DADCOMPLETED) && 775 ipv6_iffindaddr(ap->iface, &ap->addr, 776 IN6_IFF_TENTATIVE)) 777 ap->flags |= IPV6_AF_DADCOMPLETED; 778 if ((ap->flags & IPV6_AF_DADCOMPLETED) == 0) { 779 logdebugx("%s: waiting for Router Advertisement" 780 " DAD to complete", 781 rap->iface->name); 782 return 0; 783 } 784 } 785 } 786 787 /* If we don't require RDNSS then set hasdns = 1 so we fork */ 788 if (!(rap->iface->options->options & DHCPCD_IPV6RA_REQRDNSS)) 789 hasdns = 1; 790 else { 791 hasdns = rap->hasdns; 792 } 793 794 script_runreason(rap->iface, "ROUTERADVERT"); 795 pid = 0; 796 if (hasdns && (hasaddress || 797 !(rap->flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER)))) 798 pid = dhcpcd_daemonise(rap->iface->ctx); 799 #if 0 800 else if (options & DHCPCD_DAEMONISE && 801 !(options & DHCPCD_DAEMONISED) && new_data) 802 logwarnx("%s: did not fork due to an absent" 803 " RDNSS option in the RA", 804 ifp->name); 805 } 806 #endif 807 return pid; 808 } 809 810 static void 811 ipv6nd_addaddr(void *arg) 812 { 813 struct ipv6_addr *ap = arg; 814 815 ipv6_addaddr(ap, NULL); 816 } 817 818 int 819 ipv6nd_dadcompleted(const struct interface *ifp) 820 { 821 const struct ra *rap; 822 const struct ipv6_addr *ap; 823 824 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 825 if (rap->iface != ifp) 826 continue; 827 TAILQ_FOREACH(ap, &rap->addrs, next) { 828 if (ap->flags & IPV6_AF_AUTOCONF && 829 ap->flags & IPV6_AF_ADDED && 830 !(ap->flags & IPV6_AF_DADCOMPLETED)) 831 return 0; 832 } 833 } 834 return 1; 835 } 836 837 static void 838 ipv6nd_dadcallback(void *arg) 839 { 840 struct ipv6_addr *ia = arg, *rapap; 841 struct interface *ifp; 842 struct ra *rap; 843 int wascompleted, found; 844 struct timespec tv; 845 char buf[INET6_ADDRSTRLEN]; 846 const char *p; 847 int dadcounter; 848 849 ifp = ia->iface; 850 wascompleted = (ia->flags & IPV6_AF_DADCOMPLETED); 851 ia->flags |= IPV6_AF_DADCOMPLETED; 852 if (ia->flags & IPV6_AF_DUPLICATED) { 853 ia->dadcounter++; 854 logwarnx("%s: DAD detected %s", ifp->name, ia->saddr); 855 856 /* Try and make another stable private address. 857 * Because ap->dadcounter is always increamented, 858 * a different address is generated. */ 859 /* XXX Cache DAD counter per prefix/id/ssid? */ 860 if (ifp->options->options & DHCPCD_SLAACPRIVATE) { 861 if (ia->dadcounter >= IDGEN_RETRIES) { 862 logerrx("%s: unable to obtain a" 863 " stable private address", 864 ifp->name); 865 goto try_script; 866 } 867 loginfox("%s: deleting address %s", 868 ifp->name, ia->saddr); 869 if (if_address6(RTM_DELADDR, ia) == -1 && 870 errno != EADDRNOTAVAIL && errno != ENXIO) 871 logerr(__func__); 872 dadcounter = ia->dadcounter; 873 if (ipv6_makestableprivate(&ia->addr, 874 &ia->prefix, ia->prefix_len, 875 ifp, &dadcounter) == -1) 876 { 877 logerr("ipv6_makestableprivate"); 878 return; 879 } 880 ia->dadcounter = dadcounter; 881 ia->flags &= ~(IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED); 882 ia->flags |= IPV6_AF_NEW; 883 p = inet_ntop(AF_INET6, &ia->addr, buf, sizeof(buf)); 884 if (p) 885 snprintf(ia->saddr, 886 sizeof(ia->saddr), 887 "%s/%d", 888 p, ia->prefix_len); 889 else 890 ia->saddr[0] = '\0'; 891 tv.tv_sec = 0; 892 tv.tv_nsec = (suseconds_t) 893 arc4random_uniform(IDGEN_DELAY * NSEC_PER_SEC); 894 timespecnorm(&tv); 895 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, 896 ipv6nd_addaddr, ia); 897 return; 898 } 899 } 900 901 try_script: 902 if (!wascompleted) { 903 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 904 if (rap->iface != ifp) 905 continue; 906 wascompleted = 1; 907 found = 0; 908 TAILQ_FOREACH(rapap, &rap->addrs, next) { 909 if (rapap->flags & IPV6_AF_AUTOCONF && 910 rapap->flags & IPV6_AF_ADDED && 911 (rapap->flags & IPV6_AF_DADCOMPLETED) == 0) 912 { 913 wascompleted = 0; 914 break; 915 } 916 if (rapap == ia) 917 found = 1; 918 } 919 920 if (wascompleted && found) { 921 logdebugx("%s: Router Advertisement DAD " 922 "completed", 923 rap->iface->name); 924 if (ipv6nd_scriptrun(rap)) 925 return; 926 } 927 } 928 #ifdef ND6_ADVERTISE 929 ipv6nd_advertise(ia); 930 #endif 931 } 932 } 933 934 #ifndef DHCP6 935 /* If DHCPv6 is compiled out, supply a shim to provide an error message 936 * if IPv6RA requests DHCPv6. */ 937 enum DH6S { 938 DH6S_REQUEST, 939 DH6S_INFORM, 940 }; 941 static int 942 dhcp6_start(__unused struct interface *ifp, __unused enum DH6S init_state) 943 { 944 945 errno = ENOTSUP; 946 return -1; 947 } 948 #endif 949 950 static void 951 ipv6nd_handlera(struct dhcpcd_ctx *ctx, 952 const struct sockaddr_in6 *from, const char *sfrom, 953 struct interface *ifp, struct icmp6_hdr *icp, size_t len, int hoplimit) 954 { 955 size_t i, olen; 956 struct nd_router_advert *nd_ra; 957 struct nd_opt_hdr ndo; 958 struct nd_opt_prefix_info pi; 959 struct nd_opt_mtu mtu; 960 struct nd_opt_rdnss rdnss; 961 uint8_t *p; 962 struct ra *rap; 963 struct in6_addr pi_prefix; 964 struct ipv6_addr *ap; 965 struct dhcp_opt *dho; 966 bool new_rap, new_data, has_address; 967 uint32_t old_lifetime; 968 __printflike(1, 2) void (*logfunc)(const char *, ...); 969 #ifdef IPV6_MANAGETEMPADDR 970 uint8_t new_ap; 971 #endif 972 973 if (ifp == NULL) { 974 #ifdef DEBUG_RS 975 logdebugx("RA for unexpected interface from %s", sfrom); 976 #endif 977 return; 978 } 979 980 if (len < sizeof(struct nd_router_advert)) { 981 logerrx("IPv6 RA packet too short from %s", sfrom); 982 return; 983 } 984 985 /* RFC 4861 7.1.2 */ 986 if (hoplimit != 255) { 987 logerrx("invalid hoplimit(%d) in RA from %s", hoplimit, sfrom); 988 return; 989 } 990 if (!IN6_IS_ADDR_LINKLOCAL(&from->sin6_addr)) { 991 logerrx("RA from non local address %s", sfrom); 992 return; 993 } 994 995 if (!(ifp->options->options & DHCPCD_IPV6RS)) { 996 #ifdef DEBUG_RS 997 logerrx("%s: unexpected RA from %s", ifp->name, sfrom); 998 #endif 999 return; 1000 } 1001 1002 /* We could receive a RA before we sent a RS*/ 1003 if (ipv6_linklocal(ifp) == NULL) { 1004 #ifdef DEBUG_RS 1005 logdebugx("%s: received RA from %s (no link-local)", 1006 ifp->name, sfrom); 1007 #endif 1008 return; 1009 } 1010 1011 if (ipv6_iffindaddr(ifp, &from->sin6_addr, IN6_IFF_TENTATIVE)) { 1012 logdebugx("%s: ignoring RA from ourself %s", 1013 ifp->name, sfrom); 1014 return; 1015 } 1016 1017 TAILQ_FOREACH(rap, ctx->ra_routers, next) { 1018 if (ifp == rap->iface && 1019 IN6_ARE_ADDR_EQUAL(&rap->from, &from->sin6_addr)) 1020 break; 1021 } 1022 1023 nd_ra = (struct nd_router_advert *)icp; 1024 1025 /* We don't want to spam the log with the fact we got an RA every 1026 * 30 seconds or so, so only spam the log if it's different. */ 1027 if (rap == NULL || (rap->data_len != len || 1028 memcmp(rap->data, (unsigned char *)icp, rap->data_len) != 0)) 1029 { 1030 if (rap) { 1031 free(rap->data); 1032 rap->data_len = 0; 1033 } 1034 new_data = true; 1035 } else 1036 new_data = false; 1037 if (rap == NULL) { 1038 rap = calloc(1, sizeof(*rap)); 1039 if (rap == NULL) { 1040 logerr(__func__); 1041 return; 1042 } 1043 rap->iface = ifp; 1044 rap->from = from->sin6_addr; 1045 strlcpy(rap->sfrom, sfrom, sizeof(rap->sfrom)); 1046 TAILQ_INIT(&rap->addrs); 1047 new_rap = true; 1048 rap->isreachable = true; 1049 } else 1050 new_rap = false; 1051 if (rap->data_len == 0) { 1052 rap->data = malloc(len); 1053 if (rap->data == NULL) { 1054 logerr(__func__); 1055 if (new_rap) 1056 free(rap); 1057 return; 1058 } 1059 memcpy(rap->data, icp, len); 1060 rap->data_len = len; 1061 } 1062 1063 /* We could change the debug level based on new_data, but some 1064 * routers like to decrease the advertised valid and preferred times 1065 * in accordance with the own prefix times which would result in too 1066 * much needless log spam. */ 1067 logfunc = new_data || !rap->isreachable ? loginfox : logdebugx, 1068 logfunc("%s: Router Advertisement from %s", ifp->name, rap->sfrom); 1069 1070 clock_gettime(CLOCK_MONOTONIC, &rap->acquired); 1071 rap->flags = nd_ra->nd_ra_flags_reserved; 1072 old_lifetime = rap->lifetime; 1073 rap->lifetime = ntohs(nd_ra->nd_ra_router_lifetime); 1074 if (!new_rap && rap->lifetime == 0 && old_lifetime != 0) 1075 logwarnx("%s: %s: no longer a default router", 1076 ifp->name, rap->sfrom); 1077 if (nd_ra->nd_ra_reachable) { 1078 rap->reachable = ntohl(nd_ra->nd_ra_reachable); 1079 if (rap->reachable > MAX_REACHABLE_TIME) 1080 rap->reachable = 0; 1081 } 1082 if (nd_ra->nd_ra_retransmit) { 1083 struct rs_state *state = RS_STATE(ifp); 1084 1085 state->retrans = rap->retrans = ntohl(nd_ra->nd_ra_retransmit); 1086 } 1087 rap->expired = false; 1088 rap->hasdns = false; 1089 rap->isreachable = true; 1090 has_address = false; 1091 1092 #ifdef IPV6_AF_TEMPORARY 1093 ipv6_markaddrsstale(ifp, IPV6_AF_TEMPORARY); 1094 #endif 1095 TAILQ_FOREACH(ap, &rap->addrs, next) { 1096 ap->flags |= IPV6_AF_STALE; 1097 } 1098 1099 len -= sizeof(struct nd_router_advert); 1100 p = ((uint8_t *)icp) + sizeof(struct nd_router_advert); 1101 for (; len > 0; p += olen, len -= olen) { 1102 if (len < sizeof(ndo)) { 1103 logerrx("%s: short option", ifp->name); 1104 break; 1105 } 1106 memcpy(&ndo, p, sizeof(ndo)); 1107 olen = (size_t)ndo.nd_opt_len * 8; 1108 if (olen == 0) { 1109 logerrx("%s: zero length option", ifp->name); 1110 break; 1111 } 1112 if (olen > len) { 1113 logerrx("%s: option length exceeds message", 1114 ifp->name); 1115 break; 1116 } 1117 1118 if (has_option_mask(ifp->options->rejectmasknd, 1119 ndo.nd_opt_type)) 1120 { 1121 for (i = 0, dho = ctx->nd_opts; 1122 i < ctx->nd_opts_len; 1123 i++, dho++) 1124 { 1125 if (dho->option == ndo.nd_opt_type) 1126 break; 1127 } 1128 if (dho != NULL) 1129 logwarnx("%s: reject RA (option %s) from %s", 1130 ifp->name, dho->var, rap->sfrom); 1131 else 1132 logwarnx("%s: reject RA (option %d) from %s", 1133 ifp->name, ndo.nd_opt_type, rap->sfrom); 1134 if (new_rap) 1135 ipv6nd_removefreedrop_ra(rap, 0, 0); 1136 else 1137 ipv6nd_free_ra(rap); 1138 return; 1139 } 1140 1141 if (has_option_mask(ifp->options->nomasknd, ndo.nd_opt_type)) 1142 continue; 1143 1144 switch (ndo.nd_opt_type) { 1145 case ND_OPT_PREFIX_INFORMATION: 1146 logfunc = new_data ? logerrx : logdebugx; 1147 if (ndo.nd_opt_len != 4) { 1148 logfunc("%s: invalid option len for prefix", 1149 ifp->name); 1150 continue; 1151 } 1152 memcpy(&pi, p, sizeof(pi)); 1153 if (pi.nd_opt_pi_prefix_len > 128) { 1154 logfunc("%s: invalid prefix len", ifp->name); 1155 continue; 1156 } 1157 /* nd_opt_pi_prefix is not aligned. */ 1158 memcpy(&pi_prefix, &pi.nd_opt_pi_prefix, 1159 sizeof(pi_prefix)); 1160 if (IN6_IS_ADDR_MULTICAST(&pi_prefix) || 1161 IN6_IS_ADDR_LINKLOCAL(&pi_prefix)) 1162 { 1163 logfunc("%s: invalid prefix in RA", ifp->name); 1164 continue; 1165 } 1166 if (ntohl(pi.nd_opt_pi_preferred_time) > 1167 ntohl(pi.nd_opt_pi_valid_time)) 1168 { 1169 logfunc("%s: pltime > vltime", ifp->name); 1170 continue; 1171 } 1172 TAILQ_FOREACH(ap, &rap->addrs, next) 1173 if (ap->prefix_len ==pi.nd_opt_pi_prefix_len && 1174 IN6_ARE_ADDR_EQUAL(&ap->prefix, &pi_prefix)) 1175 break; 1176 if (ap == NULL) { 1177 unsigned int flags; 1178 1179 flags = IPV6_AF_RAPFX; 1180 if (pi.nd_opt_pi_flags_reserved & 1181 ND_OPT_PI_FLAG_AUTO && 1182 rap->iface->options->options & 1183 DHCPCD_IPV6RA_AUTOCONF) 1184 flags |= IPV6_AF_AUTOCONF; 1185 1186 ap = ipv6_newaddr(rap->iface, 1187 &pi_prefix, pi.nd_opt_pi_prefix_len, flags); 1188 if (ap == NULL) 1189 break; 1190 ap->prefix = pi_prefix; 1191 if (flags & IPV6_AF_AUTOCONF) 1192 ap->dadcallback = ipv6nd_dadcallback; 1193 ap->created = ap->acquired = rap->acquired; 1194 TAILQ_INSERT_TAIL(&rap->addrs, ap, next); 1195 1196 #ifdef IPV6_MANAGETEMPADDR 1197 /* New address to dhcpcd RA handling. 1198 * If the address already exists and a valid 1199 * temporary address also exists then 1200 * extend the existing one rather than 1201 * create a new one */ 1202 if (flags & IPV6_AF_AUTOCONF && 1203 ipv6_iffindaddr(ifp, &ap->addr, 1204 IN6_IFF_NOTUSEABLE) && 1205 ipv6_settemptime(ap, 0)) 1206 new_ap = 0; 1207 else 1208 new_ap = 1; 1209 #endif 1210 } else { 1211 #ifdef IPV6_MANAGETEMPADDR 1212 new_ap = 0; 1213 #endif 1214 ap->flags &= ~IPV6_AF_STALE; 1215 ap->acquired = rap->acquired; 1216 } 1217 if (pi.nd_opt_pi_flags_reserved & 1218 ND_OPT_PI_FLAG_ONLINK) 1219 ap->flags |= IPV6_AF_ONLINK; 1220 ap->prefix_vltime = 1221 ntohl(pi.nd_opt_pi_valid_time); 1222 ap->prefix_pltime = 1223 ntohl(pi.nd_opt_pi_preferred_time); 1224 if (ap->prefix_vltime != 0 && 1225 ap->flags & IPV6_AF_AUTOCONF) 1226 has_address = true; 1227 1228 #ifdef IPV6_MANAGETEMPADDR 1229 /* RFC4941 Section 3.3.3 */ 1230 if (ap->flags & IPV6_AF_AUTOCONF && 1231 ip6_use_tempaddr(ap->iface->name)) 1232 { 1233 if (!new_ap) { 1234 if (ipv6_settemptime(ap, 1) == NULL) 1235 new_ap = 1; 1236 } 1237 if (new_ap && ap->prefix_pltime) { 1238 if (ipv6_createtempaddr(ap, 1239 &ap->acquired) == NULL) 1240 logerr("ipv6_createtempaddr"); 1241 } 1242 } 1243 #endif 1244 break; 1245 1246 case ND_OPT_MTU: 1247 if (len < sizeof(mtu)) { 1248 logerrx("%s: short MTU option", ifp->name); 1249 break; 1250 } 1251 memcpy(&mtu, p, sizeof(mtu)); 1252 mtu.nd_opt_mtu_mtu = ntohl(mtu.nd_opt_mtu_mtu); 1253 if (mtu.nd_opt_mtu_mtu < IPV6_MMTU) { 1254 logerrx("%s: invalid MTU %d", 1255 ifp->name, mtu.nd_opt_mtu_mtu); 1256 break; 1257 } 1258 rap->mtu = mtu.nd_opt_mtu_mtu; 1259 break; 1260 1261 case ND_OPT_RDNSS: 1262 if (len < sizeof(rdnss)) { 1263 logerrx("%s: short RDNSS option", ifp->name); 1264 break; 1265 } 1266 memcpy(&rdnss, p, sizeof(rdnss)); 1267 if (rdnss.nd_opt_rdnss_lifetime && 1268 rdnss.nd_opt_rdnss_len > 1) 1269 rap->hasdns = 1; 1270 break; 1271 default: 1272 continue; 1273 } 1274 } 1275 1276 for (i = 0, dho = ctx->nd_opts; 1277 i < ctx->nd_opts_len; 1278 i++, dho++) 1279 { 1280 if (has_option_mask(ifp->options->requiremasknd, 1281 dho->option)) 1282 { 1283 logwarnx("%s: reject RA (no option %s) from %s", 1284 ifp->name, dho->var, rap->sfrom); 1285 if (new_rap) 1286 ipv6nd_removefreedrop_ra(rap, 0, 0); 1287 else 1288 ipv6nd_free_ra(rap); 1289 return; 1290 } 1291 } 1292 1293 if (new_data && !has_address && rap->lifetime && !ipv6_anyglobal(ifp)) 1294 logwarnx("%s: no global addresses for default route", 1295 ifp->name); 1296 1297 if (new_rap) 1298 add_router(ifp->ctx, rap); 1299 1300 if (ifp->ctx->options & DHCPCD_TEST) { 1301 script_runreason(ifp, "TEST"); 1302 goto handle_flag; 1303 } 1304 ipv6_addaddrs(&rap->addrs); 1305 #ifdef IPV6_MANAGETEMPADDR 1306 ipv6_addtempaddrs(ifp, &rap->acquired); 1307 #endif 1308 1309 rt_build(ifp->ctx, AF_INET6); 1310 if (ipv6nd_scriptrun(rap)) 1311 return; 1312 1313 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1314 eloop_timeout_delete(ifp->ctx->eloop, NULL, rap); /* reachable timer */ 1315 1316 handle_flag: 1317 if (!(ifp->options->options & DHCPCD_DHCP6)) 1318 goto nodhcp6; 1319 /* Only log a DHCPv6 start error if compiled in or debugging is enabled. */ 1320 #ifdef DHCP6 1321 #define LOG_DHCP6 logerr 1322 #else 1323 #define LOG_DHCP6 logdebug 1324 #endif 1325 if (rap->flags & ND_RA_FLAG_MANAGED) { 1326 if (new_data && dhcp6_start(ifp, DH6S_REQUEST) == -1) 1327 LOG_DHCP6("dhcp6_start: %s", ifp->name); 1328 } else if (rap->flags & ND_RA_FLAG_OTHER) { 1329 if (new_data && dhcp6_start(ifp, DH6S_INFORM) == -1) 1330 LOG_DHCP6("dhcp6_start: %s", ifp->name); 1331 } else { 1332 #ifdef DHCP6 1333 if (new_data) 1334 logdebugx("%s: No DHCPv6 instruction in RA", ifp->name); 1335 #endif 1336 nodhcp6: 1337 if (ifp->ctx->options & DHCPCD_TEST) { 1338 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 1339 return; 1340 } 1341 } 1342 1343 /* Expire should be called last as the rap object could be destroyed */ 1344 ipv6nd_expirera(ifp); 1345 } 1346 1347 bool 1348 ipv6nd_hasralifetime(const struct interface *ifp, bool lifetime) 1349 { 1350 const struct ra *rap; 1351 1352 if (ifp->ctx->ra_routers) { 1353 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) 1354 if (rap->iface == ifp && !rap->expired && 1355 (!lifetime ||rap->lifetime)) 1356 return true; 1357 } 1358 return false; 1359 } 1360 1361 bool 1362 ipv6nd_hasradhcp(const struct interface *ifp) 1363 { 1364 const struct ra *rap; 1365 1366 if (ifp->ctx->ra_routers) { 1367 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 1368 if (rap->iface == ifp && 1369 !rap->expired && 1370 (rap->flags &(ND_RA_FLAG_MANAGED|ND_RA_FLAG_OTHER))) 1371 return true; 1372 } 1373 } 1374 return false; 1375 } 1376 1377 static const uint8_t * 1378 ipv6nd_getoption(struct dhcpcd_ctx *ctx, 1379 size_t *os, unsigned int *code, size_t *len, 1380 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 1381 { 1382 struct nd_opt_hdr ndo; 1383 size_t i; 1384 struct dhcp_opt *opt; 1385 1386 if (od) { 1387 *os = sizeof(ndo); 1388 if (ol < *os) { 1389 errno = EINVAL; 1390 return NULL; 1391 } 1392 memcpy(&ndo, od, sizeof(ndo)); 1393 i = (size_t)(ndo.nd_opt_len * 8); 1394 if (i > ol) { 1395 errno = EINVAL; 1396 return NULL; 1397 } 1398 *len = i; 1399 *code = ndo.nd_opt_type; 1400 } 1401 1402 for (i = 0, opt = ctx->nd_opts; 1403 i < ctx->nd_opts_len; i++, opt++) 1404 { 1405 if (opt->option == *code) { 1406 *oopt = opt; 1407 break; 1408 } 1409 } 1410 1411 if (od) 1412 return od + sizeof(ndo); 1413 return NULL; 1414 } 1415 1416 ssize_t 1417 ipv6nd_env(FILE *fp, const struct interface *ifp) 1418 { 1419 size_t i, j, n, len, olen; 1420 struct ra *rap; 1421 char ndprefix[32]; 1422 struct dhcp_opt *opt; 1423 uint8_t *p; 1424 struct nd_opt_hdr ndo; 1425 struct ipv6_addr *ia; 1426 struct timespec now; 1427 1428 clock_gettime(CLOCK_MONOTONIC, &now); 1429 i = n = 0; 1430 TAILQ_FOREACH(rap, ifp->ctx->ra_routers, next) { 1431 if (rap->iface != ifp || rap->expired) 1432 continue; 1433 i++; 1434 snprintf(ndprefix, sizeof(ndprefix), "nd%zu", i); 1435 if (efprintf(fp, "%s_from=%s", ndprefix, rap->sfrom) == -1) 1436 return -1; 1437 if (efprintf(fp, "%s_acquired=%lld", ndprefix, 1438 (long long)rap->acquired.tv_sec) == -1) 1439 return -1; 1440 if (efprintf(fp, "%s_now=%lld", ndprefix, 1441 (long long)now.tv_sec) == -1) 1442 return -1; 1443 1444 /* Zero our indexes */ 1445 for (j = 0, opt = rap->iface->ctx->nd_opts; 1446 j < rap->iface->ctx->nd_opts_len; 1447 j++, opt++) 1448 dhcp_zero_index(opt); 1449 for (j = 0, opt = rap->iface->options->nd_override; 1450 j < rap->iface->options->nd_override_len; 1451 j++, opt++) 1452 dhcp_zero_index(opt); 1453 1454 /* Unlike DHCP, ND6 options *may* occur more than once. 1455 * There is also no provision for option concatenation 1456 * unlike DHCP. */ 1457 len = rap->data_len - sizeof(struct nd_router_advert); 1458 for (p = rap->data + sizeof(struct nd_router_advert); 1459 len >= sizeof(ndo); 1460 p += olen, len -= olen) 1461 { 1462 memcpy(&ndo, p, sizeof(ndo)); 1463 olen = (size_t)(ndo.nd_opt_len * 8); 1464 if (olen > len) { 1465 errno = EINVAL; 1466 break; 1467 } 1468 if (has_option_mask(rap->iface->options->nomasknd, 1469 ndo.nd_opt_type)) 1470 continue; 1471 for (j = 0, opt = rap->iface->options->nd_override; 1472 j < rap->iface->options->nd_override_len; 1473 j++, opt++) 1474 if (opt->option == ndo.nd_opt_type) 1475 break; 1476 if (j == rap->iface->options->nd_override_len) { 1477 for (j = 0, opt = rap->iface->ctx->nd_opts; 1478 j < rap->iface->ctx->nd_opts_len; 1479 j++, opt++) 1480 if (opt->option == ndo.nd_opt_type) 1481 break; 1482 if (j == rap->iface->ctx->nd_opts_len) 1483 opt = NULL; 1484 } 1485 if (opt == NULL) 1486 continue; 1487 dhcp_envoption(rap->iface->ctx, fp, 1488 ndprefix, rap->iface->name, 1489 opt, ipv6nd_getoption, 1490 p + sizeof(ndo), olen - sizeof(ndo)); 1491 } 1492 1493 /* We need to output the addresses we actually made 1494 * from the prefix information options as well. */ 1495 j = 0; 1496 TAILQ_FOREACH(ia, &rap->addrs, next) { 1497 if (!(ia->flags & IPV6_AF_AUTOCONF) || 1498 #ifdef IPV6_AF_TEMPORARY 1499 ia->flags & IPV6_AF_TEMPORARY || 1500 #endif 1501 !(ia->flags & IPV6_AF_ADDED) || 1502 ia->prefix_vltime == 0) 1503 continue; 1504 if (efprintf(fp, "%s_addr%zu=%s", 1505 ndprefix, j++, ia->saddr) == -1) 1506 return -1; 1507 } 1508 } 1509 return 1; 1510 } 1511 1512 void 1513 ipv6nd_handleifa(int cmd, struct ipv6_addr *addr, pid_t pid) 1514 { 1515 struct ra *rap; 1516 1517 /* IPv6 init may not have happened yet if we are learning 1518 * existing addresses when dhcpcd starts. */ 1519 if (addr->iface->ctx->ra_routers == NULL) 1520 return; 1521 1522 TAILQ_FOREACH(rap, addr->iface->ctx->ra_routers, next) { 1523 if (rap->iface != addr->iface) 1524 continue; 1525 ipv6_handleifa_addrs(cmd, &rap->addrs, addr, pid); 1526 } 1527 } 1528 1529 void 1530 ipv6nd_expirera(void *arg) 1531 { 1532 struct interface *ifp; 1533 struct ra *rap, *ran; 1534 struct timespec now, lt, expire, next; 1535 bool expired, valid; 1536 struct ipv6_addr *ia; 1537 size_t len, olen; 1538 uint8_t *p; 1539 struct nd_opt_hdr ndo; 1540 #if 0 1541 struct nd_opt_prefix_info pi; 1542 #endif 1543 struct nd_opt_dnssl dnssl; 1544 struct nd_opt_rdnss rdnss; 1545 uint32_t ltime; 1546 size_t nexpired = 0; 1547 1548 ifp = arg; 1549 clock_gettime(CLOCK_MONOTONIC, &now); 1550 expired = false; 1551 timespecclear(&next); 1552 1553 TAILQ_FOREACH_SAFE(rap, ifp->ctx->ra_routers, next, ran) { 1554 if (rap->iface != ifp || rap->expired) 1555 continue; 1556 valid = false; 1557 if (rap->lifetime) { 1558 lt.tv_sec = (time_t)rap->lifetime; 1559 lt.tv_nsec = 0; 1560 timespecadd(&rap->acquired, <, &expire); 1561 if (timespeccmp(&now, &expire, >)) { 1562 if (!rap->expired) { 1563 logwarnx("%s: %s: router expired", 1564 ifp->name, rap->sfrom); 1565 rap->lifetime = 0; 1566 expired = true; 1567 } 1568 } else { 1569 valid = true; 1570 timespecsub(&expire, &now, <); 1571 if (!timespecisset(&next) || 1572 timespeccmp(&next, <, >)) 1573 next = lt; 1574 } 1575 } 1576 1577 /* Not every prefix is tied to an address which 1578 * the kernel can expire, so we need to handle it ourself. 1579 * Also, some OS don't support address lifetimes (Solaris). */ 1580 TAILQ_FOREACH(ia, &rap->addrs, next) { 1581 if (ia->prefix_vltime == 0) 1582 continue; 1583 if (ia->prefix_vltime == ND6_INFINITE_LIFETIME) { 1584 valid = true; 1585 continue; 1586 } 1587 lt.tv_sec = (time_t)ia->prefix_vltime; 1588 lt.tv_nsec = 0; 1589 timespecadd(&ia->acquired, <, &expire); 1590 if (timespeccmp(&now, &expire, >)) { 1591 if (ia->flags & IPV6_AF_ADDED) { 1592 logwarnx("%s: expired address %s", 1593 ia->iface->name, ia->saddr); 1594 if (if_address6(RTM_DELADDR, ia)== -1 && 1595 errno != EADDRNOTAVAIL && 1596 errno != ENXIO) 1597 logerr(__func__); 1598 } 1599 ia->prefix_vltime = ia->prefix_pltime = 0; 1600 ia->flags &= 1601 ~(IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED); 1602 expired = true; 1603 } else { 1604 timespecsub(&expire, &now, <); 1605 if (!timespecisset(&next) || 1606 timespeccmp(&next, <, >)) 1607 next = lt; 1608 valid = true; 1609 } 1610 } 1611 1612 /* Work out expiry for ND options */ 1613 len = rap->data_len - sizeof(struct nd_router_advert); 1614 for (p = rap->data + sizeof(struct nd_router_advert); 1615 len >= sizeof(ndo); 1616 p += olen, len -= olen) 1617 { 1618 memcpy(&ndo, p, sizeof(ndo)); 1619 olen = (size_t)(ndo.nd_opt_len * 8); 1620 if (olen > len) { 1621 errno = EINVAL; 1622 break; 1623 } 1624 1625 if (has_option_mask(rap->iface->options->nomasknd, 1626 ndo.nd_opt_type)) 1627 continue; 1628 1629 switch (ndo.nd_opt_type) { 1630 /* Prefix info is already checked in the above loop. */ 1631 #if 0 1632 case ND_OPT_PREFIX_INFORMATION: 1633 if (len < sizeof(pi)) 1634 break; 1635 memcpy(&pi, p, sizeof(pi)); 1636 ltime = pi.nd_opt_pi_valid_time; 1637 break; 1638 #endif 1639 case ND_OPT_DNSSL: 1640 if (len < sizeof(dnssl)) 1641 continue; 1642 memcpy(&dnssl, p, sizeof(dnssl)); 1643 ltime = dnssl.nd_opt_dnssl_lifetime; 1644 break; 1645 case ND_OPT_RDNSS: 1646 if (len < sizeof(rdnss)) 1647 continue; 1648 memcpy(&rdnss, p, sizeof(rdnss)); 1649 ltime = rdnss.nd_opt_rdnss_lifetime; 1650 break; 1651 default: 1652 continue; 1653 } 1654 1655 if (ltime == 0) 1656 continue; 1657 if (ltime == ND6_INFINITE_LIFETIME) { 1658 valid = true; 1659 continue; 1660 } 1661 1662 lt.tv_sec = (time_t)ntohl(ltime); 1663 lt.tv_nsec = 0; 1664 timespecadd(&rap->acquired, <, &expire); 1665 if (timespeccmp(&now, &expire, >)) { 1666 expired = true; 1667 continue; 1668 } 1669 1670 timespecsub(&expire, &now, <); 1671 if (!timespecisset(&next) || 1672 timespeccmp(&next, <, >)) 1673 { 1674 next = lt; 1675 valid = true; 1676 } 1677 } 1678 1679 if (valid) 1680 continue; 1681 1682 /* Router has expired. Let's not keep a lot of them. */ 1683 rap->expired = true; 1684 if (++nexpired > EXPIRED_MAX) 1685 ipv6nd_free_ra(rap); 1686 } 1687 1688 if (timespecisset(&next)) 1689 eloop_timeout_add_tv(ifp->ctx->eloop, 1690 &next, ipv6nd_expirera, ifp); 1691 if (expired) { 1692 logwarnx("%s: part of Router Advertisement expired", ifp->name); 1693 rt_build(ifp->ctx, AF_INET6); 1694 script_runreason(ifp, "ROUTERADVERT"); 1695 } 1696 } 1697 1698 void 1699 ipv6nd_drop(struct interface *ifp) 1700 { 1701 struct ra *rap, *ran; 1702 bool expired = false; 1703 1704 if (ifp->ctx->ra_routers == NULL) 1705 return; 1706 1707 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1708 TAILQ_FOREACH_SAFE(rap, ifp->ctx->ra_routers, next, ran) { 1709 if (rap->iface == ifp) { 1710 rap->expired = expired = true; 1711 ipv6nd_drop_ra(rap); 1712 } 1713 } 1714 if (expired) { 1715 rt_build(ifp->ctx, AF_INET6); 1716 if ((ifp->options->options & DHCPCD_NODROP) != DHCPCD_NODROP) 1717 script_runreason(ifp, "ROUTERADVERT"); 1718 } 1719 } 1720 1721 static void 1722 ipv6nd_handledata(void *arg) 1723 { 1724 struct dhcpcd_ctx *ctx; 1725 int s; 1726 struct sockaddr_in6 from; 1727 unsigned char buf[64 * 1024]; /* Maximum ICMPv6 size */ 1728 struct iovec iov = { 1729 .iov_base = buf, 1730 .iov_len = sizeof(buf), 1731 }; 1732 unsigned char ctl[CMSG_SPACE(sizeof(struct in6_pktinfo)) + CMSG_SPACE(sizeof(int))] = { 0 }; 1733 struct msghdr msg = { 1734 .msg_name = &from, .msg_namelen = sizeof(from), 1735 .msg_iov = &iov, .msg_iovlen = 1, 1736 .msg_control = ctl, .msg_controllen = sizeof(ctl), 1737 }; 1738 ssize_t len; 1739 char sfrom[INET6_ADDRSTRLEN]; 1740 int hoplimit = 0; 1741 struct icmp6_hdr *icp; 1742 struct interface *ifp; 1743 1744 #ifdef __sun 1745 struct rs_state *state; 1746 1747 ifp = arg; 1748 state = RS_STATE(ifp); 1749 ctx = ifp->ctx; 1750 s = state->nd_fd; 1751 #else 1752 ctx = arg; 1753 s = ctx->nd_fd; 1754 #endif 1755 len = recvmsg(s, &msg, 0); 1756 if (len == -1) { 1757 logerr(__func__); 1758 return; 1759 } 1760 inet_ntop(AF_INET6, &from.sin6_addr, sfrom, sizeof(sfrom)); 1761 if ((size_t)len < sizeof(struct icmp6_hdr)) { 1762 logerrx("IPv6 ICMP packet too short from %s", sfrom); 1763 return; 1764 } 1765 1766 #ifdef __sun 1767 if_findifpfromcmsg(ctx, &msg, &hoplimit); 1768 #else 1769 ifp = if_findifpfromcmsg(ctx, &msg, &hoplimit); 1770 if (ifp == NULL) { 1771 logerr(__func__); 1772 return; 1773 } 1774 #endif 1775 1776 /* Don't do anything if the user hasn't configured it. */ 1777 if (ifp->active != IF_ACTIVE_USER || 1778 !(ifp->options->options & DHCPCD_IPV6)) 1779 return; 1780 1781 icp = (struct icmp6_hdr *)buf; 1782 if (icp->icmp6_code == 0) { 1783 switch(icp->icmp6_type) { 1784 case ND_ROUTER_ADVERT: 1785 ipv6nd_handlera(ctx, &from, sfrom, 1786 ifp, icp, (size_t)len, hoplimit); 1787 return; 1788 } 1789 } 1790 1791 logerrx("invalid IPv6 type %d or code %d from %s", 1792 icp->icmp6_type, icp->icmp6_code, sfrom); 1793 } 1794 1795 static void 1796 ipv6nd_startrs1(void *arg) 1797 { 1798 struct interface *ifp = arg; 1799 struct rs_state *state; 1800 1801 loginfox("%s: soliciting an IPv6 router", ifp->name); 1802 state = RS_STATE(ifp); 1803 if (state == NULL) { 1804 ifp->if_data[IF_DATA_IPV6ND] = calloc(1, sizeof(*state)); 1805 state = RS_STATE(ifp); 1806 if (state == NULL) { 1807 logerr(__func__); 1808 return; 1809 } 1810 #ifdef __sun 1811 state->nd_fd = -1; 1812 #endif 1813 } 1814 1815 #ifdef __sun 1816 if (ipv6nd_open(ifp) == -1) { 1817 logerr(__func__); 1818 return; 1819 } 1820 #else 1821 if (ipv6nd_open(ifp->ctx) == -1) { 1822 logerr(__func__); 1823 return; 1824 } 1825 #endif 1826 1827 /* Always make a new probe as the underlying hardware 1828 * address could have changed. */ 1829 ipv6nd_makersprobe(ifp); 1830 if (state->rs == NULL) { 1831 logerr(__func__); 1832 return; 1833 } 1834 1835 state->retrans = RETRANS_TIMER; 1836 state->rsprobes = 0; 1837 ipv6nd_sendrsprobe(ifp); 1838 } 1839 1840 void 1841 ipv6nd_startrs(struct interface *ifp) 1842 { 1843 struct timespec tv; 1844 1845 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1846 if (!(ifp->options->options & DHCPCD_INITIAL_DELAY)) { 1847 ipv6nd_startrs1(ifp); 1848 return; 1849 } 1850 1851 tv.tv_sec = 0; 1852 tv.tv_nsec = (suseconds_t)arc4random_uniform( 1853 MAX_RTR_SOLICITATION_DELAY * NSEC_PER_SEC); 1854 timespecnorm(&tv); 1855 logdebugx("%s: delaying IPv6 router solicitation for %0.1f seconds", 1856 ifp->name, timespec_to_double(&tv)); 1857 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, ipv6nd_startrs1, ifp); 1858 return; 1859 } 1860