/**
* Copyright (C) 2012-2014 Steven Barth <steven@midlink.org>
+ * Copyright (C) 2017-2018 Hans Dedecker <dedeckeh@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License v2 as published by
*
*/
+#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <signal.h>
#include <net/if.h>
#include <arpa/inet.h>
+#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include "odhcp6c.h"
#include "ra.h"
-
static bool nocarrier = false;
+static bool ptp_link = false;
static int sock = -1, rtnl = -1;
static int if_index = 0;
static char if_name[IF_NAMESIZE] = {0};
static volatile int rs_attempt = 0;
static struct in6_addr lladdr = IN6ADDR_ANY_INIT;
+static unsigned int ra_options = 0;
+static unsigned int ra_holdoff_interval = 0;
+static int ra_hoplimit = 0;
+static int ra_mtu = 0;
+static int ra_reachable = 0;
+static int ra_retransmit = 0;
struct {
struct icmp6_hdr hdr;
.lladdr = {ND_OPT_SOURCE_LINKADDR, 1, {0}},
};
-
static void ra_send_rs(int signal __attribute__((unused)));
-int ra_init(const char *ifname, const struct in6_addr *ifid)
+int ra_init(const char *ifname, const struct in6_addr *ifid,
+ unsigned int options, unsigned int holdoff_interval)
{
+ struct ifreq ifr;
+
+ ra_options = options;
+ ra_holdoff_interval = holdoff_interval;
+
const pid_t ourpid = getpid();
sock = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC, IPPROTO_ICMPV6);
if (sock < 0)
- return -1;
+ goto failure;
+
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name) - 1);
+ if (ioctl(sock, SIOCGIFFLAGS, &ifr) < 0)
+ goto failure;
- if_index = if_nametoindex(ifname);
- if (!if_index)
- return -1;
+ ptp_link = !!(ifr.ifr_flags & IFF_POINTOPOINT);
- strncpy(if_name, ifname, sizeof(if_name) - 1);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name) - 1);
+ if (ioctl(sock, SIOCGIFINDEX, &ifr) < 0)
+ goto failure;
+
+ if_index = ifr.ifr_ifindex;
lladdr = *ifid;
rtnl = socket(AF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, NETLINK_ROUTE);
if (rtnl < 0)
- return -1;
+ goto failure;
struct sockaddr_nl rtnl_kernel = { .nl_family = AF_NETLINK };
if (connect(rtnl, (const struct sockaddr*)&rtnl_kernel, sizeof(rtnl_kernel)) < 0)
- return -1;
+ goto failure;
int val = RTNLGRP_LINK;
- setsockopt(rtnl, SOL_NETLINK, NETLINK_ADD_MEMBERSHIP, &val, sizeof(val));
- fcntl(rtnl, F_SETOWN, ourpid);
- fcntl(rtnl, F_SETFL, fcntl(sock, F_GETFL) | O_ASYNC);
+ if (setsockopt(rtnl, SOL_NETLINK, NETLINK_ADD_MEMBERSHIP, &val, sizeof(val)) < 0)
+ goto failure;
+
+ if (fcntl(rtnl, F_SETOWN, ourpid) < 0)
+ goto failure;
+
+ if (fcntl(rtnl, F_SETFL, fcntl(sock, F_GETFL) | O_ASYNC) < 0)
+ goto failure;
struct {
struct nlmsghdr hdr;
.hdr = {sizeof(req), RTM_GETLINK, NLM_F_REQUEST, 1, 0},
.ifi = {.ifi_index = if_index}
};
- send(rtnl, &req, sizeof(req), 0);
+ if (send(rtnl, &req, sizeof(req), 0) < 0)
+ goto failure;
+
ra_link_up();
// Filter ICMPv6 package types
struct icmp6_filter filt;
ICMP6_FILTER_SETBLOCKALL(&filt);
ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
- setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt));
+ if (setsockopt(sock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt)) < 0)
+ goto failure;
// Bind to all-nodes
struct ipv6_mreq an = {ALL_IPV6_NODES, if_index};
- setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &an, sizeof(an));
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &an, sizeof(an)) < 0)
+ goto failure;
// Let the kernel compute our checksums
val = 2;
- setsockopt(sock, IPPROTO_RAW, IPV6_CHECKSUM, &val, sizeof(val));
+ if (setsockopt(sock, IPPROTO_RAW, IPV6_CHECKSUM, &val, sizeof(val)) < 0)
+ goto failure;
// This is required by RFC 4861
val = 255;
- setsockopt(sock, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &val, sizeof(val));
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &val, sizeof(val)) < 0)
+ goto failure;
// Receive multicast hops
val = 1;
- setsockopt(sock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &val, sizeof(val));
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &val, sizeof(val)) < 0)
+ goto failure;
// Bind to one device
- setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
+ if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname)) < 0)
+ goto failure;
// Add async-mode
- fcntl(sock, F_SETOWN, ourpid);
- fcntl(sock, F_SETFL, fcntl(sock, F_GETFL) | O_ASYNC);
+ if (fcntl(sock, F_SETOWN, ourpid) < 0)
+ goto failure;
+
+ val = fcntl(sock, F_GETFL);
+ if (val < 0)
+ goto failure;
+
+ if (fcntl(sock, F_SETFL, val | O_ASYNC) < 0)
+ goto failure;
// Send RS
signal(SIGALRM, ra_send_rs);
ra_send_rs(SIGALRM);
return 0;
-}
+failure:
+ if (sock >= 0)
+ close(sock);
+
+ if (rtnl >= 0)
+ close(rtnl);
+
+ return -1;
+}
static void ra_send_rs(int signal __attribute__((unused)))
{
else
len = sizeof(struct icmp6_hdr);
- sendto(sock, &rs, len, MSG_DONTWAIT, (struct sockaddr*)&dest, sizeof(dest));
+ if (sendto(sock, &rs, len, MSG_DONTWAIT, (struct sockaddr*)&dest, sizeof(dest)) < 0)
+ syslog(LOG_ERR, "Failed to send RS (%s)", strerror(errno));
if (++rs_attempt <= 3)
alarm(4);
}
-
static int16_t pref_to_priority(uint8_t flags)
{
flags = (flags >> 3) & 0x03;
+
return (flags == 0x0) ? 512 : (flags == 0x1) ? 384 :
(flags == 0x3) ? 640 : -1;
}
-
bool ra_link_up(void)
{
static bool firstcall = true;
struct ifinfomsg msg;
uint8_t pad[4000];
} resp;
-
bool ret = false;
ssize_t read;
do {
read = recv(rtnl, &resp, sizeof(resp), MSG_DONTWAIT);
+
if (read < 0 || !NLMSG_OK(&resp.hdr, (size_t)read) ||
resp.hdr.nlmsg_type != RTM_NEWLINK ||
resp.msg.ifi_index != if_index)
return opt == end;
}
-int ra_conf_hoplimit(int newvalue)
+static bool ra_set_hoplimit(int val)
+{
+ if (val > 0 && val != ra_hoplimit) {
+ ra_hoplimit = val;
+ return true;
+ }
+
+ return false;
+}
+
+static bool ra_set_mtu(int val)
+{
+ if (val >= 1280 && val <= 65535 && ra_mtu != val) {
+ ra_mtu = val;
+ return true;
+ }
+
+ return false;
+}
+
+static bool ra_set_reachable(int val)
+{
+ if (val > 0 && val <= 3600000 && ra_reachable != val) {
+ ra_reachable = val;
+ return true;
+ }
+
+ return false;
+}
+
+static bool ra_set_retransmit(int val)
{
- static int value = 0;
- if (newvalue > 0)
- value = newvalue;
- return value;
+ if (val > 0 && val <= 60000 && ra_retransmit != val) {
+ ra_retransmit = val;
+ return true;
+ }
+
+ return false;
}
-int ra_conf_mtu(int newvalue)
+int ra_get_hoplimit(void)
{
- static int value = 0;
- if (newvalue >= 1280 && newvalue <= 65535)
- value = newvalue;
- return value;
+ return ra_hoplimit;
}
-int ra_conf_reachable(int newvalue)
+int ra_get_mtu(void)
{
- static int value = 0;
- if (newvalue > 0 && newvalue <= 3600000)
- value = newvalue;
- return value;
+ return ra_mtu;
}
-int ra_conf_retransmit(int newvalue)
+int ra_get_reachable(void)
{
- static int value = 0;
- if (newvalue > 0 && newvalue <= 60000)
- value = newvalue;
- return value;
+ return ra_reachable;
+}
+
+int ra_get_retransmit(void)
+{
+ return ra_retransmit;
}
bool ra_process(void)
{
bool found = false;
bool changed = false;
- uint8_t buf[1500] __aligned(4);
- uint8_t cmsg_buf[128] __aligned(__alignof__(struct cmsghdr));
+ uint8_t buf[1500] _aligned(4);
+ union {
+ struct cmsghdr hdr;
+ uint8_t buf[CMSG_SPACE(sizeof(int))];
+ } cmsg_buf;
struct nd_router_advert *adv = (struct nd_router_advert*)buf;
struct odhcp6c_entry *entry = alloca(sizeof(*entry) + 256);
const struct in6_addr any = IN6ADDR_ANY_INIT;
socklen_t alen = sizeof(addr);
int sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
- if (!connect(sock, (struct sockaddr*)&addr, sizeof(addr)) &&
- !getsockname(sock, (struct sockaddr*)&addr, &alen))
- lladdr = addr.sin6_addr;
+ if (sock >= 0) {
+ if (!connect(sock, (struct sockaddr*)&addr, sizeof(addr)) &&
+ !getsockname(sock, (struct sockaddr*)&addr, &alen))
+ lladdr = addr.sin6_addr;
- close(sock);
+ close(sock);
+ }
}
while (true) {
.msg_namelen = sizeof(from),
.msg_iov = &iov,
.msg_iovlen = 1,
- .msg_control = cmsg_buf,
+ .msg_control = cmsg_buf.buf,
.msg_controllen = sizeof(cmsg_buf),
.msg_flags = 0
};
+ struct icmpv6_opt *opt;
+ uint32_t router_valid;
+ int hlim = 0;
ssize_t len = recvmsg(sock, &msg, MSG_DONTWAIT);
if (len <= 0)
if (IN6_IS_ADDR_UNSPECIFIED(&lladdr))
continue;
- int hlim = 0;
for (struct cmsghdr *ch = CMSG_FIRSTHDR(&msg); ch != NULL;
ch = CMSG_NXTHDR(&msg, ch))
if (ch->cmsg_level == IPPROTO_IPV6 &&
if (!ra_icmpv6_valid(&from, hlim, buf, len))
continue;
- // Stop sending solicits
- if (rs_attempt > 0) {
- alarm(0);
- rs_attempt = 0;
- }
-
if (!found) {
- odhcp6c_expire();
+ odhcp6c_expire(false);
found = true;
}
- uint32_t router_valid = ntohs(adv->nd_ra_router_lifetime);
+
+ router_valid = ntohs(adv->nd_ra_router_lifetime);
+
+ /* RFC4861 ยง6.3.7
+ * Once the host sends a Router Solicitation, and receives a valid
+ * Router Advertisement with a non-zero Router Lifetime, the host MUST
+ * desist from sending additional solicitations on that interface
+ * Moreover, a host SHOULD send at least one solicitation in the case
+ * where an advertisement is received prior to having sent a solicitation.
+ */
+ if (rs_attempt > 0 && router_valid > 0) {
+ alarm(0);
+ rs_attempt = 0;
+ }
// Parse default route
entry->target = any;
entry->priority = pref_to_priority(adv->nd_ra_flags_reserved);
if (entry->priority < 0)
entry->priority = pref_to_priority(0);
+
entry->valid = router_valid;
entry->preferred = entry->valid;
- changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry, 0, true);
+ changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry,
+ 0, ra_holdoff_interval);
// Parse hoplimit
- ra_conf_hoplimit(adv->nd_ra_curhoplimit);
+ changed |= ra_set_hoplimit(adv->nd_ra_curhoplimit);
// Parse ND parameters
- ra_conf_reachable(ntohl(adv->nd_ra_reachable));
- ra_conf_retransmit(ntohl(adv->nd_ra_retransmit));
+ changed |= ra_set_reachable(ntohl(adv->nd_ra_reachable));
+ changed |= ra_set_retransmit(ntohl(adv->nd_ra_retransmit));
// Evaluate options
- struct icmpv6_opt *opt;
icmpv6_for_each_option(opt, &adv[1], &buf[len]) {
if (opt->type == ND_OPT_MTU) {
uint32_t *mtu = (uint32_t*)&opt->data[2];
- ra_conf_mtu(ntohl(*mtu));
+ changed |= ra_set_mtu(ntohl(*mtu));
} else if (opt->type == ND_OPT_ROUTE_INFORMATION && opt->len <= 3) {
+ struct icmpv6_opt_route_info *ri = (struct icmpv6_opt_route_info *)opt;
+
+ if (ri->prefix_len > 128) {
+ continue;
+ } else if (ri->prefix_len > 64) {
+ if (ri->len < 2)
+ continue;
+ } else if (ri->prefix_len > 0) {
+ if (ri->len < 1)
+ continue;
+ }
+
entry->router = from.sin6_addr;
entry->target = any;
- entry->priority = pref_to_priority(opt->data[1]);
- entry->length = opt->data[0];
- uint32_t *valid = (uint32_t*)&opt->data[2];
- entry->valid = ntohl(*valid);
- memcpy(&entry->target, &opt->data[6], (opt->len - 1) * 8);
+ entry->priority = pref_to_priority(ri->flags);
+ entry->length = ri->prefix_len;
+ entry->valid = ntohl(ri->lifetime);
+ memcpy(&entry->target, ri->prefix, (ri->len - 1) * 8);
- if (entry->length > 128 || IN6_IS_ADDR_LINKLOCAL(&entry->target)
+ if (IN6_IS_ADDR_LINKLOCAL(&entry->target)
|| IN6_IS_ADDR_LOOPBACK(&entry->target)
|| IN6_IS_ADDR_MULTICAST(&entry->target))
continue;
if (entry->priority > 0)
- changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry, 0, true);
+ changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry,
+ 0, ra_holdoff_interval);
} else if (opt->type == ND_OPT_PREFIX_INFORMATION && opt->len == 4) {
struct nd_opt_prefix_info *pinfo = (struct nd_opt_prefix_info*)opt;
entry->router = any;
|| entry->valid < entry->preferred)
continue;
- if (pinfo->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_ONLINK)
- changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry, 7200, true);
+ if ((pinfo->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_ONLINK) &&
+ !ptp_link)
+ changed |= odhcp6c_update_entry(STATE_RA_ROUTE, entry,
+ 7200, ra_holdoff_interval);
if (!(pinfo->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_AUTO) ||
pinfo->nd_opt_pi_prefix_len != 64)
entry->target.s6_addr32[2] = lladdr.s6_addr32[2];
entry->target.s6_addr32[3] = lladdr.s6_addr32[3];
- changed |= odhcp6c_update_entry(STATE_RA_PREFIX, entry, 7200, true);
+ changed |= odhcp6c_update_entry(STATE_RA_PREFIX, entry,
+ 7200, ra_holdoff_interval);
} else if (opt->type == ND_OPT_RECURSIVE_DNS && opt->len > 2) {
entry->router = from.sin6_addr;
entry->priority = 0;
for (ssize_t i = 0; i < (opt->len - 1) / 2; ++i) {
memcpy(&entry->target, &opt->data[6 + i * sizeof(entry->target)],
sizeof(entry->target));
- changed |= odhcp6c_update_entry(STATE_RA_DNS, entry, 0, true);
+ changed |= odhcp6c_update_entry(STATE_RA_DNS, entry,
+ 0, ra_holdoff_interval);
}
} else if (opt->type == ND_OPT_DNSSL && opt->len > 1) {
uint32_t *valid = (uint32_t*)&opt->data[2];
if (entry->auxlen == 0)
continue;
- changed |= odhcp6c_update_entry(STATE_RA_SEARCH, entry, 0, true);
+ changed |= odhcp6c_update_entry(STATE_RA_SEARCH, entry,
+ 0, ra_holdoff_interval);
entry->auxlen = 0;
}
}
}
- int states[2] = {STATE_RA_DNS, STATE_RA_SEARCH};
- for (size_t i = 0; i < 2; ++i) {
- size_t ra_dns_len;
- uint8_t *start = odhcp6c_get_state(states[i], &ra_dns_len);
- for (struct odhcp6c_entry *c = (struct odhcp6c_entry*)start;
- (uint8_t*)c < &start[ra_dns_len] &&
- (uint8_t*)odhcp6c_next_entry(c) <= &start[ra_dns_len];
- c = odhcp6c_next_entry(c))
- if (IN6_ARE_ADDR_EQUAL(&c->router, &from.sin6_addr) &&
- c->valid > router_valid)
- c->valid = router_valid;
+ if (ra_options & RA_RDNSS_DEFAULT_LIFETIME) {
+ int states[2] = {STATE_RA_DNS, STATE_RA_SEARCH};
+
+ for (size_t i = 0; i < 2; ++i) {
+ size_t ra_dns_len;
+ uint8_t *start = odhcp6c_get_state(states[i], &ra_dns_len);
+
+ for (struct odhcp6c_entry *c = (struct odhcp6c_entry*)start;
+ (uint8_t*)c < &start[ra_dns_len] &&
+ (uint8_t*)odhcp6c_next_entry(c) <= &start[ra_dns_len];
+ c = odhcp6c_next_entry(c)) {
+ if (IN6_ARE_ADDR_EQUAL(&c->router, &from.sin6_addr) &&
+ c->valid > router_valid)
+ c->valid = router_valid;
+ }
+ }
}
}
if (found)
- odhcp6c_expire();
+ odhcp6c_expire(false);
return found && changed;
}
projects / project / odhcp6c.git / blobdiff