2 * Copyright (C) 2013 Steven Barth <steven@midlink.org>
3 * Copyright (C) 2016 Hans Dedecker <dedeckeh@gmail.com>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License v2 as published by
7 * the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
32 #include <arpa/inet.h>
33 #include <sys/timerfd.h>
35 #include <libubox/md5.h>
36 #include <libubox/usock.h>
38 #define ADDR_ENTRY_VALID_IA_ADDR(iface, i, m, addrs) \
39 ((iface)->dhcpv6_assignall || (i) == (m) || \
40 (addrs)[(i)].prefix > 64)
42 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info);
43 static void apply_lease(struct dhcp_assignment *a, bool add);
44 static void set_border_assignment_size(struct interface *iface, struct dhcp_assignment *b);
45 static void handle_addrlist_change(struct netevent_handler_info *info);
46 static void start_reconf(struct dhcp_assignment *a);
47 static void stop_reconf(struct dhcp_assignment *a);
48 static void valid_until_cb(struct uloop_timeout *event);
50 static struct netevent_handler dhcpv6_netevent_handler = { .cb = dhcpv6_netevent_cb, };
51 static struct uloop_timeout valid_until_timeout = {.cb = valid_until_cb};
52 static uint32_t serial = 0;
53 static uint8_t statemd5[16];
55 int dhcpv6_ia_init(void)
57 uloop_timeout_set(&valid_until_timeout, 1000);
59 netlink_add_netevent_handler(&dhcpv6_netevent_handler);
64 int dhcpv6_ia_setup_interface(struct interface *iface, bool enable)
66 enable = enable && (iface->dhcpv6 == MODE_SERVER);
69 struct dhcp_assignment *border;
71 if (list_empty(&iface->ia_assignments)) {
72 border = alloc_assignment(0);
75 syslog(LOG_WARNING, "Failed to alloc border on %s", iface->name);
80 list_add(&border->head, &iface->ia_assignments);
82 border = list_last_entry(&iface->ia_assignments, struct dhcp_assignment, head);
84 set_border_assignment_size(iface, border);
86 struct dhcp_assignment *c;
88 while (!list_empty(&iface->ia_assignments)) {
89 c = list_first_entry(&iface->ia_assignments, struct dhcp_assignment, head);
98 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info)
100 struct interface *iface = info->iface;
102 if (!iface || iface->dhcpv6 != MODE_SERVER)
106 case NETEV_ADDR6LIST_CHANGE:
107 handle_addrlist_change(info);
115 static inline bool valid_prefix_length(const struct dhcp_assignment *a, const uint8_t prefix_length)
117 return (a->managed_size || a->length > prefix_length);
120 static inline bool valid_addr(const struct odhcpd_ipaddr *addr, time_t now)
122 return (addr->prefix <= 96 && addr->preferred > (uint32_t)now);
125 static size_t get_preferred_addr(const struct odhcpd_ipaddr *addrs, const size_t addrlen)
129 for (i = 0, m = 0; i < addrlen; ++i) {
130 if (addrs[i].preferred > addrs[m].preferred ||
131 (addrs[i].preferred == addrs[m].preferred &&
132 memcmp(&addrs[i].addr, &addrs[m].addr, 16) > 0))
139 static int send_reconf(struct dhcp_assignment *assign)
142 struct dhcpv6_client_header hdr;
146 uint16_t hardware_type;
151 struct dhcpv6_auth_reconfigure auth;
154 uint8_t clid_data[128];
155 } __attribute__((packed)) reconf_msg = {
156 .hdr = {DHCPV6_MSG_RECONFIGURE, {0, 0, 0}},
157 .srvid_type = htons(DHCPV6_OPT_SERVERID),
158 .srvid_len = htons(10),
159 .duid_type = htons(3),
160 .hardware_type = htons(1),
161 .msg_type = htons(DHCPV6_OPT_RECONF_MSG),
163 .msg_id = DHCPV6_MSG_RENEW,
164 .auth = {htons(DHCPV6_OPT_AUTH),
165 htons(sizeof(reconf_msg.auth) - 4), 3, 1, 0,
166 {htonl(time(NULL)), htonl(++serial)}, 2, {0}},
167 .clid_type = htons(DHCPV6_OPT_CLIENTID),
168 .clid_len = htons(assign->clid_len),
171 struct interface *iface = assign->iface;
173 odhcpd_get_mac(iface, reconf_msg.mac);
174 memcpy(reconf_msg.clid_data, assign->clid_data, assign->clid_len);
175 struct iovec iov = {&reconf_msg, sizeof(reconf_msg) - 128 + assign->clid_len};
178 uint8_t secretbytes[64];
179 memset(secretbytes, 0, sizeof(secretbytes));
180 memcpy(secretbytes, assign->key, sizeof(assign->key));
182 for (size_t i = 0; i < sizeof(secretbytes); ++i)
183 secretbytes[i] ^= 0x36;
186 md5_hash(secretbytes, sizeof(secretbytes), &md5);
187 md5_hash(iov.iov_base, iov.iov_len, &md5);
188 md5_end(reconf_msg.auth.key, &md5);
190 for (size_t i = 0; i < sizeof(secretbytes); ++i) {
191 secretbytes[i] ^= 0x36;
192 secretbytes[i] ^= 0x5c;
196 md5_hash(secretbytes, sizeof(secretbytes), &md5);
197 md5_hash(reconf_msg.auth.key, 16, &md5);
198 md5_end(reconf_msg.auth.key, &md5);
200 return odhcpd_send(iface->dhcpv6_event.uloop.fd, &assign->peer, &iov, 1, iface);
203 static void dhcpv6_ia_free_assignment(struct dhcp_assignment *a)
205 if (a->managed_sock.fd.registered) {
206 ustream_free(&a->managed_sock.stream);
207 close(a->managed_sock.fd.fd);
210 if ((a->flags & OAF_BOUND) && (a->flags & OAF_DHCPV6_PD))
211 apply_lease(a, false);
219 void dhcpv6_ia_enum_addrs(struct interface *iface, struct dhcp_assignment *c,
220 time_t now, dhcpv6_binding_cb_handler_t func, void *arg)
222 struct odhcpd_ipaddr *addrs = (c->managed) ? c->managed : iface->addr6;
223 size_t addrlen = (c->managed) ? (size_t)c->managed_size : iface->addr6_len;
224 size_t m = get_preferred_addr(addrs, addrlen);
226 for (size_t i = 0; i < addrlen; ++i) {
227 struct in6_addr addr;
228 uint32_t pref, valid;
229 int prefix = c->managed ? addrs[i].prefix : c->length;
231 if (!valid_addr(&addrs[i], now))
234 addr = addrs[i].addr.in6;
235 pref = addrs[i].preferred;
236 valid = addrs[i].valid;
238 if (!ADDR_ENTRY_VALID_IA_ADDR(iface, i, m, addrs))
241 addr.s6_addr32[3] = htonl(c->assigned);
243 if (!valid_prefix_length(c, addrs[i].prefix))
246 addr.s6_addr32[1] |= htonl(c->assigned);
247 addr.s6_addr32[2] = addr.s6_addr32[3] = 0;
250 if (pref != UINT32_MAX)
253 if (valid != UINT32_MAX)
256 func(&addr, prefix, pref, valid, arg);
263 struct dhcp_assignment *c;
264 struct interface *iface;
270 static void dhcpv6_write_ia_addr(struct in6_addr *addr, int prefix, _unused uint32_t pref,
271 _unused uint32_t valid, void *arg)
273 struct write_ctxt *ctxt = (struct write_ctxt *)arg;
274 char ipbuf[INET6_ADDRSTRLEN];
276 inet_ntop(AF_INET6, addr, ipbuf, sizeof(ipbuf) - 1);
278 if ((ctxt->c->flags & OAF_DHCPV6_NA) && ctxt->c->hostname &&
279 !(ctxt->c->flags & OAF_BROKEN_HOSTNAME)) {
280 fputs(ipbuf, ctxt->fp);
283 if (dn_expand(ctxt->iface->search, ctxt->iface->search + ctxt->iface->search_len,
284 ctxt->iface->search, b, sizeof(b)) > 0)
285 fprintf(ctxt->fp, "\t%s.%s", ctxt->c->hostname, b);
287 fprintf(ctxt->fp, "\t%s\n", ctxt->c->hostname);
288 md5_hash(ipbuf, strlen(ipbuf), &ctxt->md5);
289 md5_hash(ctxt->c->hostname, strlen(ctxt->c->hostname), &ctxt->md5);
292 ctxt->buf_idx += snprintf(ctxt->buf + ctxt->buf_idx,ctxt->buf_len - ctxt->buf_idx,
293 "%s/%d ", ipbuf, prefix);
296 void dhcpv6_ia_write_statefile(void)
298 struct write_ctxt ctxt;
300 md5_begin(&ctxt.md5);
302 if (config.dhcp_statefile) {
303 time_t now = odhcpd_time(), wall_time = time(NULL);
304 int fd = open(config.dhcp_statefile, O_CREAT | O_WRONLY | O_CLOEXEC, 0644);
310 ret = lockf(fd, F_LOCK, 0);
315 if (ftruncate(fd, 0) < 0) {}
317 ctxt.fp = fdopen(fd, "w");
324 ctxt.buf_len = sizeof(leasebuf);
326 avl_for_each_element(&interfaces, ctxt.iface, avl) {
327 if (ctxt.iface->dhcpv6 != MODE_SERVER &&
328 ctxt.iface->dhcpv4 != MODE_SERVER)
331 if (ctxt.iface->dhcpv6 == MODE_SERVER) {
332 list_for_each_entry(ctxt.c, &ctxt.iface->ia_assignments, head) {
333 if (!(ctxt.c->flags & OAF_BOUND) || ctxt.c->managed_size < 0)
338 odhcpd_hexlify(duidbuf, ctxt.c->clid_data, ctxt.c->clid_len);
340 /* iface DUID iaid hostname lifetime assigned length [addrs...] */
341 ctxt.buf_idx = snprintf(ctxt.buf, ctxt.buf_len, "# %s %s %x %s%s %ld %x %u ",
342 ctxt.iface->ifname, duidbuf, ntohl(ctxt.c->iaid),
343 (ctxt.c->flags & OAF_BROKEN_HOSTNAME) ? "broken\\x20" : "",
344 (ctxt.c->hostname ? ctxt.c->hostname : "-"),
345 (ctxt.c->valid_until > now ?
346 (ctxt.c->valid_until - now + wall_time) :
347 (INFINITE_VALID(ctxt.c->valid_until) ? -1 : 0)),
348 ctxt.c->assigned, (unsigned)ctxt.c->length);
350 if (INFINITE_VALID(ctxt.c->valid_until) || ctxt.c->valid_until > now)
351 dhcpv6_ia_enum_addrs(ctxt.iface, ctxt.c, now,
352 dhcpv6_write_ia_addr, &ctxt);
354 ctxt.buf[ctxt.buf_idx - 1] = '\n';
355 fwrite(ctxt.buf, 1, ctxt.buf_idx, ctxt.fp);
359 if (ctxt.iface->dhcpv4 == MODE_SERVER) {
360 struct dhcp_assignment *c;
362 list_for_each_entry(c, &ctxt.iface->dhcpv4_assignments, head) {
363 if (!(c->flags & OAF_BOUND))
366 char ipbuf[INET6_ADDRSTRLEN];
368 odhcpd_hexlify(duidbuf, c->hwaddr, sizeof(c->hwaddr));
370 /* iface DUID iaid hostname lifetime assigned length [addrs...] */
371 ctxt.buf_idx = snprintf(ctxt.buf, ctxt.buf_len, "# %s %s ipv4 %s%s %ld %x 32 ",
372 ctxt.iface->ifname, duidbuf,
373 (c->flags & OAF_BROKEN_HOSTNAME) ? "broken\\x20" : "",
374 (c->hostname ? c->hostname : "-"),
375 (c->valid_until > now ?
376 (c->valid_until - now + wall_time) :
377 (INFINITE_VALID(c->valid_until) ? -1 : 0)),
380 struct in_addr addr = {.s_addr = c->addr};
381 inet_ntop(AF_INET, &addr, ipbuf, sizeof(ipbuf) - 1);
383 if (c->hostname && !(c->flags & OAF_BROKEN_HOSTNAME)) {
384 fputs(ipbuf, ctxt.fp);
387 if (dn_expand(ctxt.iface->search,
388 ctxt.iface->search + ctxt.iface->search_len,
389 ctxt.iface->search, b, sizeof(b)) > 0)
390 fprintf(ctxt.fp, "\t%s.%s", c->hostname, b);
392 fprintf(ctxt.fp, "\t%s\n", c->hostname);
393 md5_hash(ipbuf, strlen(ipbuf), &ctxt.md5);
394 md5_hash(c->hostname, strlen(c->hostname), &ctxt.md5);
397 ctxt.buf_idx += snprintf(ctxt.buf + ctxt.buf_idx,
398 ctxt.buf_len - ctxt.buf_idx,
400 ctxt.buf[ctxt.buf_idx - 1] = '\n';
401 fwrite(ctxt.buf, 1, ctxt.buf_idx, ctxt.fp);
410 md5_end(newmd5, &ctxt.md5);
412 if (config.dhcp_cb && memcmp(newmd5, statemd5, sizeof(newmd5))) {
413 memcpy(statemd5, newmd5, sizeof(statemd5));
414 char *argv[2] = {config.dhcp_cb, NULL};
416 execv(argv[0], argv);
422 static void __apply_lease(struct dhcp_assignment *a,
423 struct odhcpd_ipaddr *addrs, ssize_t addr_len, bool add)
425 if (a->flags & OAF_DHCPV6_NA)
428 for (ssize_t i = 0; i < addr_len; ++i) {
429 struct in6_addr prefix = addrs[i].addr.in6;
430 prefix.s6_addr32[1] |= htonl(a->assigned);
431 prefix.s6_addr32[2] = prefix.s6_addr32[3] = 0;
432 netlink_setup_route(&prefix, (a->managed_size) ? addrs[i].prefix : a->length,
433 a->iface->ifindex, &a->peer.sin6_addr, 1024, add);
437 static void apply_lease(struct dhcp_assignment *a, bool add)
439 struct interface *iface = a->iface;
440 struct odhcpd_ipaddr *addrs = (a->managed) ? a->managed : iface->addr6;
441 ssize_t addrlen = (a->managed) ? a->managed_size : (ssize_t)iface->addr6_len;
443 __apply_lease(a, addrs, addrlen, add);
446 /* Set border assignment size based on the IPv6 address prefixes */
447 static void set_border_assignment_size(struct interface *iface, struct dhcp_assignment *b)
449 time_t now = odhcpd_time();
452 for (size_t i = 0; i < iface->addr6_len; ++i) {
453 if (iface->addr6[i].preferred > (uint32_t)now &&
454 iface->addr6[i].prefix < 64 &&
455 iface->addr6[i].prefix > minprefix)
456 minprefix = iface->addr6[i].prefix;
459 if (minprefix > 32 && minprefix <= 64)
460 b->assigned = 1U << (64 - minprefix);
465 /* More data was received from TCP connection */
466 static void managed_handle_pd_data(struct ustream *s, _unused int bytes_new)
468 struct ustream_fd *fd = container_of(s, struct ustream_fd, stream);
469 struct dhcp_assignment *c = container_of(fd, struct dhcp_assignment, managed_sock);
470 time_t now = odhcpd_time();
471 bool first = c->managed_size < 0;
475 char *data = ustream_get_read_buf(s, &pending);
476 char *end = memmem(data, pending, "\n\n", 2);
485 if (c->accept_reconf)
489 for (char *line = strtok_r(data, "\n", &saveptr); line; line = strtok_r(NULL, "\n", &saveptr)) {
490 c->managed = realloc(c->managed, (c->managed_size + 1) * sizeof(*c->managed));
491 struct odhcpd_ipaddr *n = &c->managed[c->managed_size];
493 char *saveptr2, *x = strtok_r(line, "/", &saveptr2);
494 if (!x || inet_pton(AF_INET6, x, &n->addr) < 1)
497 x = strtok_r(NULL, ",", &saveptr2);
498 if (sscanf(x, "%hhu", &n->prefix) < 1)
501 x = strtok_r(NULL, ",", &saveptr2);
502 if (sscanf(x, "%u", &n->preferred) < 1)
505 x = strtok_r(NULL, ",", &saveptr2);
506 if (sscanf(x, "%u", &n->valid) < 1)
509 if (n->preferred > n->valid)
512 if (UINT32_MAX - now < n->preferred)
513 n->preferred = UINT32_MAX;
517 if (UINT32_MAX - now < n->valid)
518 n->valid = UINT32_MAX;
527 ustream_consume(s, end - data);
530 if (first && c->managed_size == 0)
532 else if (first && !(c->flags & OAF_STATIC))
533 c->valid_until = now + 150;
537 /* TCP transmission has ended, either because of success or timeout or other error */
538 static void managed_handle_pd_done(struct ustream *s)
540 struct ustream_fd *fd = container_of(s, struct ustream_fd, stream);
541 struct dhcp_assignment *c = container_of(fd, struct dhcp_assignment, managed_sock);
543 if (!(c->flags & OAF_STATIC))
544 c->valid_until = odhcpd_time() + 15;
548 if (c->accept_reconf)
552 static bool assign_pd(struct interface *iface, struct dhcp_assignment *assign)
554 struct dhcp_assignment *c;
556 if (iface->dhcpv6_pd_manager[0]) {
557 int fd = usock(USOCK_UNIX | USOCK_TCP, iface->dhcpv6_pd_manager, NULL);
559 struct pollfd pfd = { .fd = fd, .events = POLLIN };
562 odhcpd_hexlify(iaidbuf, assign->clid_data, assign->clid_len);
564 assign->managed_sock.stream.notify_read = managed_handle_pd_data;
565 assign->managed_sock.stream.notify_state = managed_handle_pd_done;
566 ustream_fd_init(&assign->managed_sock, fd);
567 ustream_printf(&assign->managed_sock.stream, "%s,%x\n::/%d,0,0\n\n",
568 iaidbuf, assign->iaid, assign->length);
569 ustream_write_pending(&assign->managed_sock.stream);
570 assign->managed_size = -1;
572 if (!(assign->flags & OAF_STATIC))
573 assign->valid_until = odhcpd_time() + 15;
575 list_add(&assign->head, &iface->ia_assignments);
577 /* Wait initial period of up to 250ms for immediate assignment */
578 if (poll(&pfd, 1, 250) < 0) {
579 syslog(LOG_ERR, "poll(): %m");
583 managed_handle_pd_data(&assign->managed_sock.stream, 0);
585 if (fcntl(fd, F_GETFL) >= 0 && assign->managed_size > 0)
590 } else if (iface->addr6_len < 1)
593 /* Try honoring the hint first */
594 uint32_t current = 1, asize = (1 << (64 - assign->length)) - 1;
595 if (assign->assigned) {
596 list_for_each_entry(c, &iface->ia_assignments, head) {
597 if (c->flags & OAF_DHCPV6_NA)
600 if (assign->assigned >= current && assign->assigned + asize < c->assigned) {
601 list_add_tail(&assign->head, &c->head);
603 if (assign->flags & OAF_BOUND)
604 apply_lease(assign, true);
609 if (c->assigned != 0)
610 current = (c->assigned + (1 << (64 - c->length)));
614 /* Fallback to a variable assignment */
616 list_for_each_entry(c, &iface->ia_assignments, head) {
617 if (c->flags & OAF_DHCPV6_NA)
620 current = (current + asize) & (~asize);
621 if (current + asize < c->assigned) {
622 assign->assigned = current;
623 list_add_tail(&assign->head, &c->head);
625 if (assign->flags & OAF_BOUND)
626 apply_lease(assign, true);
631 if (c->assigned != 0)
632 current = (c->assigned + (1 << (64 - c->length)));
638 static bool assign_na(struct interface *iface, struct dhcp_assignment *a)
640 struct dhcp_assignment *c;
643 /* Preconfigured assignment by static lease */
645 list_for_each_entry(c, &iface->ia_assignments, head) {
646 if (c->assigned > a->assigned || !(c->flags & OAF_DHCPV6_NA)) {
647 list_add_tail(&a->head, &c->head);
649 } else if (c->assigned == a->assigned)
654 /* Seed RNG with checksum of DUID */
655 for (size_t i = 0; i < a->clid_len; ++i)
656 seed += a->clid_data[i];
659 /* Try to assign up to 100x */
660 for (size_t i = 0; i < 100; ++i) {
662 do try = ((uint32_t)rand()) % 0x0fff; while (try < 0x100);
664 if (config_find_lease_by_hostid(try))
667 list_for_each_entry(c, &iface->ia_assignments, head) {
668 if (c->assigned > try || !(c->flags & OAF_DHCPV6_NA)) {
670 list_add_tail(&a->head, &c->head);
672 } else if (c->assigned == try)
680 static void handle_addrlist_change(struct netevent_handler_info *info)
682 struct interface *iface = info->iface;
683 struct dhcp_assignment *c, *d, *border = list_last_entry(
684 &iface->ia_assignments, struct dhcp_assignment, head);
685 struct list_head reassign = LIST_HEAD_INIT(reassign);
686 time_t now = odhcpd_time();
688 list_for_each_entry(c, &iface->ia_assignments, head) {
689 if ((c->flags & OAF_DHCPV6_PD) && !(iface->ra_flags & ND_RA_FLAG_MANAGED)
690 && (c->flags & OAF_BOUND))
691 __apply_lease(c, info->addrs_old.addrs,
692 info->addrs_old.len, false);
695 set_border_assignment_size(iface, border);
697 list_for_each_entry_safe(c, d, &iface->ia_assignments, head) {
698 if (c->clid_len == 0 ||
699 !(c->flags & OAF_DHCPV6_PD) ||
700 (!INFINITE_VALID(c->valid_until) && c->valid_until < now) ||
704 if (c->assigned == 0 || c->assigned >= border->assigned)
705 list_move(&c->head, &reassign);
706 else if (c->flags & OAF_BOUND)
707 apply_lease(c, true);
709 if (c->accept_reconf && c->reconf_cnt == 0) {
710 struct dhcp_assignment *a;
714 /* Leave all other assignments of that client alone */
715 list_for_each_entry(a, &iface->ia_assignments, head)
716 if (a != c && a->clid_len == c->clid_len &&
717 !memcmp(a->clid_data, c->clid_data, a->clid_len))
718 a->reconf_cnt = INT_MAX;
722 while (!list_empty(&reassign)) {
723 c = list_first_entry(&reassign, struct dhcp_assignment, head);
724 list_del_init(&c->head);
725 if (!assign_pd(iface, c)) {
727 list_add(&c->head, &iface->ia_assignments);
731 dhcpv6_ia_write_statefile();
734 static void reconf_timeout_cb(struct uloop_timeout *event)
736 struct dhcp_assignment *a = container_of(event, struct dhcp_assignment, reconf_timer);
738 if (a->reconf_cnt > 0 && a->reconf_cnt < DHCPV6_REC_MAX_RC) {
740 uloop_timeout_set(&a->reconf_timer,
741 DHCPV6_REC_TIMEOUT << a->reconf_cnt);
747 static void start_reconf(struct dhcp_assignment *a)
749 uloop_timeout_set(&a->reconf_timer,
750 DHCPV6_REC_TIMEOUT << a->reconf_cnt);
751 a->reconf_timer.cb = reconf_timeout_cb;
757 static void stop_reconf(struct dhcp_assignment *a)
759 uloop_timeout_cancel(&a->reconf_timer);
761 a->reconf_timer.cb = NULL;
764 static void valid_until_cb(struct uloop_timeout *event)
766 struct interface *iface;
767 time_t now = odhcpd_time();
769 avl_for_each_element(&interfaces, iface, avl) {
770 struct dhcp_assignment *a, *n;
772 if (iface->dhcpv6 != MODE_SERVER)
775 list_for_each_entry_safe(a, n, &iface->ia_assignments, head) {
776 if (a->clid_len > 0 && !INFINITE_VALID(a->valid_until) && a->valid_until < now)
780 uloop_timeout_set(event, 1000);
783 static size_t build_ia(uint8_t *buf, size_t buflen, uint16_t status,
784 const struct dhcpv6_ia_hdr *ia, struct dhcp_assignment *a,
785 struct interface *iface, bool request)
787 struct dhcpv6_ia_hdr o_ia = {
794 size_t ia_len = sizeof(o_ia);
795 time_t now = odhcpd_time();
801 struct __attribute__((packed)) {
806 .type = htons(DHCPV6_OPT_STATUS),
807 .len = htons(sizeof(o_status) - 4),
808 .val = htons(status),
811 memcpy(buf + ia_len, &o_status, sizeof(o_status));
812 ia_len += sizeof(o_status);
814 o_ia.len = htons(ia_len - 4);
815 memcpy(buf, &o_ia, sizeof(o_ia));
824 leasetime = a->leasetime;
826 leasetime = iface->dhcp_leasetime;
828 uint32_t pref = leasetime;
829 uint32_t valid = leasetime;
831 struct odhcpd_ipaddr *addrs = (a->managed) ? a->managed : iface->addr6;
832 size_t addrlen = (a->managed) ? (size_t)a->managed_size : iface->addr6_len;
833 size_t m = get_preferred_addr(addrs, addrlen);
835 for (size_t i = 0; i < addrlen; ++i) {
836 uint32_t prefix_pref = addrs[i].preferred;
837 uint32_t prefix_valid = addrs[i].valid;
839 if (!valid_addr(&addrs[i], now))
842 if (prefix_pref != UINT32_MAX)
845 if (prefix_pref > leasetime)
846 prefix_pref = leasetime;
848 if (prefix_valid != UINT32_MAX)
851 if (prefix_valid > leasetime)
852 prefix_valid = leasetime;
854 if (a->flags & OAF_DHCPV6_PD) {
855 struct dhcpv6_ia_prefix o_ia_p = {
856 .type = htons(DHCPV6_OPT_IA_PREFIX),
857 .len = htons(sizeof(o_ia_p) - 4),
858 .preferred = htonl(prefix_pref),
859 .valid = htonl(prefix_valid),
860 .prefix = (a->managed_size) ? addrs[i].prefix : a->length,
861 .addr = addrs[i].addr.in6,
864 o_ia_p.addr.s6_addr32[1] |= htonl(a->assigned);
865 o_ia_p.addr.s6_addr32[2] = o_ia_p.addr.s6_addr32[3] = 0;
867 if ((a->assigned == 0 && a->managed_size == 0) ||
868 !valid_prefix_length(a, addrs[i].prefix))
871 if (buflen < ia_len + sizeof(o_ia_p))
874 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p));
875 ia_len += sizeof(o_ia_p);
878 if (a->flags & OAF_DHCPV6_NA) {
879 struct dhcpv6_ia_addr o_ia_a = {
880 .type = htons(DHCPV6_OPT_IA_ADDR),
881 .len = htons(sizeof(o_ia_a) - 4),
882 .addr = addrs[i].addr.in6,
883 .preferred = htonl(prefix_pref),
884 .valid = htonl(prefix_valid)
887 o_ia_a.addr.s6_addr32[3] = htonl(a->assigned);
889 if (!ADDR_ENTRY_VALID_IA_ADDR(iface, i, m, addrs) ||
893 if (buflen < ia_len + sizeof(o_ia_a))
896 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a));
897 ia_len += sizeof(o_ia_a);
900 /* Calculate T1 / T2 based on non-deprecated addresses */
901 if (prefix_pref > 0) {
902 if (prefix_pref < pref)
905 if (prefix_valid < valid)
906 valid = prefix_valid;
910 if (!INFINITE_VALID(a->valid_until))
911 /* UINT32_MAX is considered as infinite leasetime */
912 a->valid_until = (valid == UINT32_MAX) ? 0 : valid + now;
914 o_ia.t1 = htonl((pref == UINT32_MAX) ? pref : pref * 5 / 10);
915 o_ia.t2 = htonl((pref == UINT32_MAX) ? pref : pref * 8 / 10);
925 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + 4;
926 uint16_t otype, olen;
928 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) {
929 struct dhcpv6_ia_prefix *ia_p = (struct dhcpv6_ia_prefix *)&odata[-4];
930 struct dhcpv6_ia_addr *ia_a = (struct dhcpv6_ia_addr *)&odata[-4];
933 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*ia_p) - 4) &&
934 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*ia_a) - 4))
938 struct odhcpd_ipaddr *addrs = (a->managed) ? a->managed : iface->addr6;
939 size_t addrlen = (a->managed) ? (size_t)a->managed_size : iface->addr6_len;
941 for (size_t i = 0; i < addrlen; ++i) {
942 if (!valid_addr(&addrs[i], now))
945 struct in6_addr addr = addrs[i].addr.in6;
946 if (ia->type == htons(DHCPV6_OPT_IA_PD)) {
947 addr.s6_addr32[1] |= htonl(a->assigned);
948 addr.s6_addr32[2] = addr.s6_addr32[3] = 0;
950 if (!memcmp(&ia_p->addr, &addr, sizeof(addr)) &&
951 ia_p->prefix == ((a->managed) ? addrs[i].prefix : a->length))
954 addr.s6_addr32[3] = htonl(a->assigned);
956 if (!memcmp(&ia_a->addr, &addr, sizeof(addr)))
963 if (otype == DHCPV6_OPT_IA_PREFIX) {
964 struct dhcpv6_ia_prefix o_ia_p = {
965 .type = htons(DHCPV6_OPT_IA_PREFIX),
966 .len = htons(sizeof(o_ia_p) - 4),
969 .prefix = ia_p->prefix,
973 if (buflen < ia_len + sizeof(o_ia_p))
976 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p));
977 ia_len += sizeof(o_ia_p);
979 struct dhcpv6_ia_addr o_ia_a = {
980 .type = htons(DHCPV6_OPT_IA_ADDR),
981 .len = htons(sizeof(o_ia_a) - 4),
987 if (buflen < ia_len + sizeof(o_ia_a))
990 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a));
991 ia_len += sizeof(o_ia_a);
997 o_ia.len = htons(ia_len - 4);
998 memcpy(buf, &o_ia, sizeof(o_ia));
1008 static void dhcpv6_log_ia_addr(struct in6_addr *addr, int prefix, _unused uint32_t pref,
1009 _unused uint32_t valid, void *arg)
1011 struct log_ctxt *ctxt = (struct log_ctxt *)arg;
1012 char addrbuf[INET6_ADDRSTRLEN];
1014 inet_ntop(AF_INET6, addr, addrbuf, sizeof(addrbuf));
1015 ctxt->buf_idx += snprintf(ctxt->buf + ctxt->buf_idx, ctxt->buf_len - ctxt->buf_idx,
1016 "%s/%d ", addrbuf, prefix);
1019 static void dhcpv6_log(uint8_t msgtype, struct interface *iface, time_t now,
1020 const char *duidbuf, bool is_pd, struct dhcp_assignment *a, int code)
1022 const char *type = "UNKNOWN";
1023 const char *status = "UNKNOWN";
1026 case DHCPV6_MSG_SOLICIT:
1029 case DHCPV6_MSG_REQUEST:
1032 case DHCPV6_MSG_CONFIRM:
1035 case DHCPV6_MSG_RENEW:
1038 case DHCPV6_MSG_REBIND:
1041 case DHCPV6_MSG_RELEASE:
1044 case DHCPV6_MSG_DECLINE:
1050 case DHCPV6_STATUS_OK:
1053 case DHCPV6_STATUS_NOADDRSAVAIL:
1054 status = "no addresses available";
1056 case DHCPV6_STATUS_NOBINDING:
1057 status = "no binding";
1059 case DHCPV6_STATUS_NOTONLINK:
1060 status = "not on-link";
1062 case DHCPV6_STATUS_NOPREFIXAVAIL:
1063 status = "no prefix available";
1067 char leasebuf[256] = "";
1070 struct log_ctxt ctxt = {.buf = leasebuf,
1071 .buf_len = sizeof(leasebuf),
1074 dhcpv6_ia_enum_addrs(iface, a, now, dhcpv6_log_ia_addr, &ctxt);
1077 syslog(LOG_INFO, "DHCPV6 %s %s from %s on %s: %s %s", type, (is_pd) ? "IA_PD" : "IA_NA",
1078 duidbuf, iface->name, status, leasebuf);
1081 static bool dhcpv6_ia_on_link(const struct dhcpv6_ia_hdr *ia, struct dhcp_assignment *a,
1082 struct interface *iface)
1084 struct odhcpd_ipaddr *addrs = (a && a->managed) ? a->managed : iface->addr6;
1085 size_t addrlen = (a && a->managed) ? (size_t)a->managed_size : iface->addr6_len;
1086 time_t now = odhcpd_time();
1087 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + 4;
1088 uint16_t otype, olen;
1091 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) {
1092 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix *)&odata[-4];
1093 struct dhcpv6_ia_addr *n = (struct dhcpv6_ia_addr *)&odata[-4];
1095 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*p) - 4) &&
1096 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*n) - 4))
1100 for (size_t i = 0; i < addrlen; ++i) {
1101 if (!valid_addr(&addrs[i], now))
1104 if (ia->type == htons(DHCPV6_OPT_IA_PD)) {
1105 if (p->prefix < addrs[i].prefix ||
1106 odhcpd_bmemcmp(&p->addr, &addrs[i].addr.in6, addrs[i].prefix))
1109 } else if (odhcpd_bmemcmp(&n->addr, &addrs[i].addr.in6, addrs[i].prefix))
1122 ssize_t dhcpv6_ia_handle_IAs(uint8_t *buf, size_t buflen, struct interface *iface,
1123 const struct sockaddr_in6 *addr, const void *data, const uint8_t *end)
1126 struct dhcp_assignment *first = NULL;
1127 const struct dhcpv6_client_header *hdr = data;
1128 time_t now = odhcpd_time();
1129 uint16_t otype, olen, clid_len = 0;
1130 uint8_t *start = (uint8_t *)&hdr[1], *odata;
1131 uint8_t *clid_data = NULL, mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
1132 size_t hostname_len = 0, response_len = 0;
1133 bool notonlink = false, rapid_commit = false, accept_reconf = false;
1134 char duidbuf[261], hostname[256];
1136 dhcpv6_for_each_option(start, end, otype, olen, odata) {
1137 if (otype == DHCPV6_OPT_CLIENTID) {
1141 if (olen == 14 && odata[0] == 0 && odata[1] == 1)
1142 memcpy(mac, &odata[8], sizeof(mac));
1143 else if (olen == 10 && odata[0] == 0 && odata[1] == 3)
1144 memcpy(mac, &odata[4], sizeof(mac));
1147 odhcpd_hexlify(duidbuf, odata, olen);
1148 } else if (otype == DHCPV6_OPT_FQDN && olen >= 2 && olen <= 255) {
1149 uint8_t fqdn_buf[256];
1150 memcpy(fqdn_buf, odata, olen);
1151 fqdn_buf[olen++] = 0;
1153 if (dn_expand(&fqdn_buf[1], &fqdn_buf[olen], &fqdn_buf[1], hostname, sizeof(hostname)) > 0)
1154 hostname_len = strcspn(hostname, ".");
1155 } else if (otype == DHCPV6_OPT_RECONF_ACCEPT)
1156 accept_reconf = true;
1157 else if (otype == DHCPV6_OPT_RAPID_COMMIT && hdr->msg_type == DHCPV6_MSG_SOLICIT)
1158 rapid_commit = true;
1161 if (!clid_data || !clid_len || clid_len > 130)
1164 l = config_find_lease_by_duid(clid_data, clid_len);
1166 l = config_find_lease_by_mac(mac);
1168 dhcpv6_for_each_option(start, end, otype, olen, odata) {
1169 bool is_pd = (otype == DHCPV6_OPT_IA_PD);
1170 bool is_na = (otype == DHCPV6_OPT_IA_NA);
1171 bool ia_addr_present = false;
1172 if (!is_pd && !is_na)
1175 struct dhcpv6_ia_hdr *ia = (struct dhcpv6_ia_hdr*)&odata[-4];
1176 size_t ia_response_len = 0;
1177 uint8_t reqlen = (is_pd) ? 62 : 128;
1178 uint32_t reqhint = 0;
1180 /* Parse request hint for IA-PD */
1183 uint16_t stype, slen;
1184 dhcpv6_for_each_option(&ia[1], odata + olen, stype, slen, sdata) {
1185 if (stype != DHCPV6_OPT_IA_PREFIX || slen < sizeof(struct dhcpv6_ia_prefix) - 4)
1188 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix*)&sdata[-4];
1191 reqhint = ntohl(p->addr.s6_addr32[1]);
1192 if (reqlen > 32 && reqlen <= 64)
1193 reqhint &= (1U << (64 - reqlen)) - 1;
1201 uint16_t stype, slen;
1202 dhcpv6_for_each_option(&ia[1], odata + olen, stype, slen, sdata) {
1203 if (stype != DHCPV6_OPT_IA_ADDR || slen < sizeof(struct dhcpv6_ia_addr) - 4)
1206 ia_addr_present = true;
1210 /* Find assignment */
1211 struct dhcp_assignment *c, *a = NULL;
1212 list_for_each_entry(c, &iface->ia_assignments, head) {
1213 if ((c->clid_len == clid_len && !memcmp(c->clid_data, clid_data, clid_len)) &&
1214 c->iaid == ia->iaid && (INFINITE_VALID(c->valid_until) || now < c->valid_until) &&
1215 ((is_pd && (c->flags & OAF_DHCPV6_PD)) || (is_na && (c->flags & OAF_DHCPV6_NA)))) {
1219 if (a->flags & OAF_BOUND)
1220 apply_lease(a, false);
1227 if (l && a && a->lease != l) {
1232 /* Generic message handling */
1233 uint16_t status = DHCPV6_STATUS_OK;
1234 if (a && a->managed_size < 0)
1237 if (hdr->msg_type == DHCPV6_MSG_SOLICIT ||
1238 hdr->msg_type == DHCPV6_MSG_REQUEST ||
1239 (hdr->msg_type == DHCPV6_MSG_REBIND && !a)) {
1240 bool assigned = !!a;
1243 if ((!iface->no_dynamic_dhcp || (l && is_na)) &&
1244 (iface->dhcpv6_pd || iface->dhcpv6_na)) {
1245 /* Create new binding */
1246 a = alloc_assignment(clid_len);
1249 a->clid_len = clid_len;
1250 memcpy(a->clid_data, clid_data, clid_len);
1254 a->assigned = is_na && l ? l->hostid : reqhint;
1255 /* Set valid time to 0 for static lease indicating */
1256 /* infinite lifetime otherwise current time */
1257 a->valid_until = l ? 0 : now;
1258 a->dhcp_free_cb = dhcpv6_ia_free_assignment;
1260 a->flags = (is_pd ? OAF_DHCPV6_PD : OAF_DHCPV6_NA);
1263 memcpy(a->key, first->key, sizeof(a->key));
1265 odhcpd_urandom(a->key, sizeof(a->key));
1267 if (is_pd && iface->dhcpv6_pd)
1268 while (!(assigned = assign_pd(iface, a)) &&
1269 !a->managed_size && ++a->length <= 64);
1270 else if (is_na && iface->dhcpv6_na)
1271 assigned = assign_na(iface, a);
1273 if (l && assigned) {
1274 a->flags |= OAF_STATIC;
1277 a->hostname = strdup(l->hostname);
1280 a->leasetime = l->leasetime;
1282 list_add(&a->lease_list, &l->assignments);
1286 if (a->managed_size && !assigned)
1292 if (!assigned || iface->addr6_len == 0)
1293 /* Set error status */
1294 status = (is_pd) ? DHCPV6_STATUS_NOPREFIXAVAIL : DHCPV6_STATUS_NOADDRSAVAIL;
1295 else if (hdr->msg_type == DHCPV6_MSG_REQUEST && !dhcpv6_ia_on_link(ia, a, iface)) {
1296 /* Send NOTONLINK staus for the IA */
1297 status = DHCPV6_STATUS_NOTONLINK;
1299 } else if (accept_reconf && assigned && !first &&
1300 hdr->msg_type != DHCPV6_MSG_REBIND) {
1301 size_t handshake_len = 4;
1303 buf[1] = DHCPV6_OPT_RECONF_ACCEPT;
1307 if (hdr->msg_type == DHCPV6_MSG_REQUEST) {
1308 struct dhcpv6_auth_reconfigure auth = {
1309 htons(DHCPV6_OPT_AUTH),
1310 htons(sizeof(auth) - 4),
1312 {htonl(time(NULL)), htonl(++serial)},
1316 memcpy(auth.key, a->key, sizeof(a->key));
1317 memcpy(buf + handshake_len, &auth, sizeof(auth));
1318 handshake_len += sizeof(auth);
1322 buf += handshake_len;
1323 buflen -= handshake_len;
1324 response_len += handshake_len;
1329 ia_response_len = build_ia(buf, buflen, status, ia, a, iface,
1330 hdr->msg_type == DHCPV6_MSG_REBIND ? false : true);
1332 /* Was only a solicitation: mark binding for removal */
1333 if (assigned && hdr->msg_type == DHCPV6_MSG_SOLICIT && !rapid_commit) {
1334 a->flags &= ~OAF_BOUND;
1335 a->flags |= OAF_TENTATIVE;
1337 if (!(a->flags & OAF_STATIC))
1338 /* Keep tentative assignment around for 60 seconds */
1339 a->valid_until = now + 60;
1341 } else if (assigned &&
1342 ((hdr->msg_type == DHCPV6_MSG_SOLICIT && rapid_commit) ||
1343 hdr->msg_type == DHCPV6_MSG_REQUEST ||
1344 hdr->msg_type == DHCPV6_MSG_REBIND)) {
1345 if ((!(a->flags & OAF_STATIC) || !a->hostname) && hostname_len > 0) {
1346 a->hostname = realloc(a->hostname, hostname_len + 1);
1348 memcpy(a->hostname, hostname, hostname_len);
1349 a->hostname[hostname_len] = 0;
1351 if (odhcpd_valid_hostname(a->hostname))
1352 a->flags &= ~OAF_BROKEN_HOSTNAME;
1354 a->flags |= OAF_BROKEN_HOSTNAME;
1357 a->accept_reconf = accept_reconf;
1358 a->flags &= ~OAF_TENTATIVE;
1359 a->flags |= OAF_BOUND;
1360 apply_lease(a, true);
1361 } else if (!assigned && a && a->managed_size == 0) {
1362 /* Cleanup failed assignment */
1366 } else if (hdr->msg_type == DHCPV6_MSG_RENEW ||
1367 hdr->msg_type == DHCPV6_MSG_RELEASE ||
1368 hdr->msg_type == DHCPV6_MSG_REBIND ||
1369 hdr->msg_type == DHCPV6_MSG_DECLINE) {
1370 if (!a && hdr->msg_type != DHCPV6_MSG_REBIND) {
1371 status = DHCPV6_STATUS_NOBINDING;
1372 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false);
1373 } else if (hdr->msg_type == DHCPV6_MSG_RENEW ||
1374 hdr->msg_type == DHCPV6_MSG_REBIND) {
1375 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false);
1377 a->flags |= OAF_BOUND;
1378 apply_lease(a, true);
1380 } else if (hdr->msg_type == DHCPV6_MSG_RELEASE) {
1381 if (a->flags & OAF_STATIC) {
1382 apply_lease(a, false);
1383 a->flags &= ~OAF_BOUND;
1386 a->valid_until = now - 1;
1388 } else if ((a->flags & OAF_DHCPV6_NA) && hdr->msg_type == DHCPV6_MSG_DECLINE) {
1389 a->flags &= ~OAF_BOUND;
1391 if (!(a->flags & OAF_STATIC)) {
1392 memset(a->clid_data, 0, a->clid_len);
1393 a->valid_until = now + 3600; /* Block address for 1h */
1396 } else if (hdr->msg_type == DHCPV6_MSG_CONFIRM) {
1397 if (ia_addr_present && !dhcpv6_ia_on_link(ia, a, iface)) {
1402 if (!ia_addr_present || !a || !(a->flags & OAF_BOUND)) {
1408 buf += ia_response_len;
1409 buflen -= ia_response_len;
1410 response_len += ia_response_len;
1411 dhcpv6_log(hdr->msg_type, iface, now, duidbuf, is_pd, a, status);
1414 switch (hdr->msg_type) {
1415 case DHCPV6_MSG_RELEASE:
1416 case DHCPV6_MSG_DECLINE:
1417 case DHCPV6_MSG_CONFIRM:
1418 if (response_len + 6 < buflen) {
1420 buf[1] = DHCPV6_OPT_STATUS;
1424 buf[5] = (notonlink) ? DHCPV6_STATUS_NOTONLINK : DHCPV6_STATUS_OK;
1433 dhcpv6_ia_write_statefile();
1436 return response_len;
projects / oweals / odhcpd.git / blob