1 /*
2 * dhcpcd - DHCP client daemon
3 * Copyright (c) 2006-2015 Roy Marples <roy@marples.name>
4 * All rights reserved
5
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28 #include <sys/ioctl.h>
29 #include <sys/param.h>
30 #include <sys/socket.h>
31 #include <net/if.h>
32 #include <net/route.h>
33 #include <netinet/in.h>
34 #include <netinet/ip6.h>
35 #include <netinet/icmp6.h>
36
37 #include <errno.h>
38 #include <fcntl.h>
39 #include <stddef.h>
40 #include <stdlib.h>
41 #include <string.h>
42 #include <unistd.h>
43
44 #define ELOOP_QUEUE 3
45 #include "common.h"
46 #include "dhcpcd.h"
47 #include "dhcp6.h"
48 #include "eloop.h"
49 #include "if.h"
50 #include "ipv6.h"
51 #include "ipv6nd.h"
52 #include "script.h"
53
54 /* Debugging Router Solicitations is a lot of spam, so disable it */
55 //#define DEBUG_RS
56
57 #ifndef ND_OPT_RDNSS
58 #define ND_OPT_RDNSS 25
59 struct nd_opt_rdnss { /* RDNSS option RFC 6106 */
60 uint8_t nd_opt_rdnss_type;
61 uint8_t nd_opt_rdnss_len;
62 uint16_t nd_opt_rdnss_reserved;
63 uint32_t nd_opt_rdnss_lifetime;
64 /* followed by list of IP prefixes */
65 } __packed;
66 #endif
67
68 #ifndef ND_OPT_DNSSL
69 #define ND_OPT_DNSSL 31
70 struct nd_opt_dnssl { /* DNSSL option RFC 6106 */
71 uint8_t nd_opt_dnssl_type;
72 uint8_t nd_opt_dnssl_len;
73 uint16_t nd_opt_dnssl_reserved;
74 uint32_t nd_opt_dnssl_lifetime;
75 /* followed by list of DNS servers */
76 } __packed;
77 #endif
78
79 /* Impossible options, so we can easily add extras */
80 #define _ND_OPT_PREFIX_ADDR 255 + 1
81
82 /* Minimal IPv6 MTU */
83 #ifndef IPV6_MMTU
84 #define IPV6_MMTU 1280
85 #endif
86
87 #ifndef ND_RA_FLAG_RTPREF_HIGH
88 #define ND_RA_FLAG_RTPREF_MASK 0x18
89 #define ND_RA_FLAG_RTPREF_HIGH 0x08
90 #define ND_RA_FLAG_RTPREF_MEDIUM 0x00
91 #define ND_RA_FLAG_RTPREF_LOW 0x18
92 #define ND_RA_FLAG_RTPREF_RSV 0x10
93 #endif
94
95 /* RTPREF_MEDIUM has to be 0! */
96 #define RTPREF_HIGH 1
97 #define RTPREF_MEDIUM 0
98 #define RTPREF_LOW (-1)
99 #define RTPREF_RESERVED (-2)
100 #define RTPREF_INVALID (-3) /* internal */
101
102 #define MIN_RANDOM_FACTOR 500 /* millisecs */
103 #define MAX_RANDOM_FACTOR 1500 /* millisecs */
104 #define MIN_RANDOM_FACTOR_U MIN_RANDOM_FACTOR * 1000 /* usecs */
105 #define MAX_RANDOM_FACTOR_U MAX_RANDOM_FACTOR * 1000 /* usecs */
106
107 #if BYTE_ORDER == BIG_ENDIAN
108 #define IPV6_ADDR_INT32_ONE 1
109 #define IPV6_ADDR_INT16_MLL 0xff02
110 #elif BYTE_ORDER == LITTLE_ENDIAN
111 #define IPV6_ADDR_INT32_ONE 0x01000000
112 #define IPV6_ADDR_INT16_MLL 0x02ff
113 #endif
114
115 /* Debugging Neighbor Solicitations is a lot of spam, so disable it */
116 //#define DEBUG_NS
117 //
118
119 static void ipv6nd_handledata(void *);
120
121 /*
122 * Android ships buggy ICMP6 filter headers.
123 * Supply our own until they fix their shit.
124 * References:
125 * https://android-review.googlesource.com/#/c/58438/
126 * http://code.google.com/p/android/issues/original?id=32621&seq=24
127 */
128 #ifdef __ANDROID__
129 #undef ICMP6_FILTER_WILLPASS
130 #undef ICMP6_FILTER_WILLBLOCK
131 #undef ICMP6_FILTER_SETPASS
132 #undef ICMP6_FILTER_SETBLOCK
133 #undef ICMP6_FILTER_SETPASSALL
134 #undef ICMP6_FILTER_SETBLOCKALL
135 #define ICMP6_FILTER_WILLPASS(type, filterp) \
136 ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) == 0)
137 #define ICMP6_FILTER_WILLBLOCK(type, filterp) \
138 ((((filterp)->icmp6_filt[(type) >> 5]) & (1 << ((type) & 31))) != 0)
139 #define ICMP6_FILTER_SETPASS(type, filterp) \
140 ((((filterp)->icmp6_filt[(type) >> 5]) &= ~(1 << ((type) & 31))))
141 #define ICMP6_FILTER_SETBLOCK(type, filterp) \
142 ((((filterp)->icmp6_filt[(type) >> 5]) |= (1 << ((type) & 31))))
143 #define ICMP6_FILTER_SETPASSALL(filterp) \
144 memset(filterp, 0, sizeof(struct icmp6_filter));
145 #define ICMP6_FILTER_SETBLOCKALL(filterp) \
146 memset(filterp, 0xff, sizeof(struct icmp6_filter));
147 #endif
148
149 /* Support older systems with different defines */
150 #if !defined(IPV6_RECVHOPLIMIT) && defined(IPV6_HOPLIMIT)
151 #define IPV6_RECVHOPLIMIT IPV6_HOPLIMIT
152 #endif
153 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO)
154 #define IPV6_RECVPKTINFO IPV6_PKTINFO
155 #endif
156
157 static int
ipv6nd_open(struct dhcpcd_ctx * dctx)158 ipv6nd_open(struct dhcpcd_ctx *dctx)
159 {
160 struct ipv6_ctx *ctx;
161 int on;
162 struct icmp6_filter filt;
163
164 ctx = dctx->ipv6;
165 if (ctx->nd_fd != -1)
166 return ctx->nd_fd;
167 #ifdef SOCK_CLOEXEC
168 ctx->nd_fd = socket(PF_INET6, SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK,
169 IPPROTO_ICMPV6);
170 if (ctx->nd_fd == -1)
171 return -1;
172 #else
173 if ((ctx->nd_fd = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) == -1)
174 return -1;
175 if ((on = fcntl(ctx->nd_fd, F_GETFD, 0)) == -1 ||
176 fcntl(ctx->nd_fd, F_SETFD, on | FD_CLOEXEC) == -1)
177 {
178 close(ctx->nd_fd);
179 ctx->nd_fd = -1;
180 return -1;
181 }
182 if ((on = fcntl(ctx->nd_fd, F_GETFL, 0)) == -1 ||
183 fcntl(ctx->nd_fd, F_SETFL, on | O_NONBLOCK) == -1)
184 {
185 close(ctx->nd_fd);
186 ctx->nd_fd = -1;
187 return -1;
188 }
189 #endif
190
191 /* RFC4861 4.1 */
192 on = 255;
193 if (setsockopt(ctx->nd_fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
194 &on, sizeof(on)) == -1)
195 goto eexit;
196
197 on = 1;
198 if (setsockopt(ctx->nd_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO,
199 &on, sizeof(on)) == -1)
200 goto eexit;
201
202 on = 1;
203 if (setsockopt(ctx->nd_fd, IPPROTO_IPV6, IPV6_RECVHOPLIMIT,
204 &on, sizeof(on)) == -1)
205 goto eexit;
206
207 ICMP6_FILTER_SETBLOCKALL(&filt);
208 ICMP6_FILTER_SETPASS(ND_NEIGHBOR_ADVERT, &filt);
209 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
210 if (setsockopt(ctx->nd_fd, IPPROTO_ICMPV6, ICMP6_FILTER,
211 &filt, sizeof(filt)) == -1)
212 goto eexit;
213
214 eloop_event_add(dctx->eloop, ctx->nd_fd,
215 ipv6nd_handledata, dctx, NULL, NULL);
216 return ctx->nd_fd;
217
218 eexit:
219 if (ctx->nd_fd != -1) {
220 eloop_event_delete(dctx->eloop, ctx->nd_fd, 0);
221 close(ctx->nd_fd);
222 ctx->nd_fd = -1;
223 }
224 return -1;
225 }
226
227 static int
ipv6nd_makersprobe(struct interface * ifp)228 ipv6nd_makersprobe(struct interface *ifp)
229 {
230 struct rs_state *state;
231 struct nd_router_solicit *rs;
232 struct nd_opt_hdr *nd;
233
234 state = RS_STATE(ifp);
235 free(state->rs);
236 state->rslen = sizeof(*rs) + (size_t)ROUNDUP8(ifp->hwlen + 2);
237 state->rs = calloc(1, state->rslen);
238 if (state->rs == NULL)
239 return -1;
240 rs = (struct nd_router_solicit *)(void *)state->rs;
241 rs->nd_rs_type = ND_ROUTER_SOLICIT;
242 rs->nd_rs_code = 0;
243 rs->nd_rs_cksum = 0;
244 rs->nd_rs_reserved = 0;
245 nd = (struct nd_opt_hdr *)(state->rs + sizeof(*rs));
246 nd->nd_opt_type = ND_OPT_SOURCE_LINKADDR;
247 nd->nd_opt_len = (uint8_t)((ROUNDUP8(ifp->hwlen + 2)) >> 3);
248 memcpy(nd + 1, ifp->hwaddr, ifp->hwlen);
249 return 0;
250 }
251
252 static void
ipv6nd_sendrsprobe(void * arg)253 ipv6nd_sendrsprobe(void *arg)
254 {
255 struct interface *ifp = arg;
256 struct ipv6_ctx *ctx;
257 struct rs_state *state;
258 struct sockaddr_in6 dst;
259 struct cmsghdr *cm;
260 struct in6_pktinfo pi;
261
262 if (ipv6_linklocal(ifp) == NULL) {
263 logger(ifp->ctx, LOG_DEBUG,
264 "%s: delaying Router Solicitation for LL address",
265 ifp->name);
266 ipv6_addlinklocalcallback(ifp, ipv6nd_sendrsprobe, ifp);
267 return;
268 }
269
270 memset(&dst, 0, sizeof(dst));
271 dst.sin6_family = AF_INET6;
272 #ifdef SIN6_LEN
273 dst.sin6_len = sizeof(dst);
274 #endif
275 dst.sin6_scope_id = ifp->index;
276 if (inet_pton(AF_INET6, ALLROUTERS, &dst.sin6_addr) != 1) {
277 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
278 return;
279 }
280
281 state = RS_STATE(ifp);
282 ctx = ifp->ctx->ipv6;
283 ctx->sndhdr.msg_name = (void *)&dst;
284 ctx->sndhdr.msg_iov[0].iov_base = state->rs;
285 ctx->sndhdr.msg_iov[0].iov_len = state->rslen;
286
287 /* Set the outbound interface */
288 cm = CMSG_FIRSTHDR(&ctx->sndhdr);
289 if (cm == NULL) /* unlikely */
290 return;
291 cm->cmsg_level = IPPROTO_IPV6;
292 cm->cmsg_type = IPV6_PKTINFO;
293 cm->cmsg_len = CMSG_LEN(sizeof(pi));
294 memset(&pi, 0, sizeof(pi));
295 pi.ipi6_ifindex = ifp->index;
296 memcpy(CMSG_DATA(cm), &pi, sizeof(pi));
297
298 logger(ifp->ctx, LOG_DEBUG,
299 "%s: sending Router Solicitation", ifp->name);
300 if (sendmsg(ctx->nd_fd, &ctx->sndhdr, 0) == -1) {
301 logger(ifp->ctx, LOG_ERR,
302 "%s: %s: sendmsg: %m", ifp->name, __func__);
303 ipv6nd_drop(ifp);
304 ifp->options->options &= ~(DHCPCD_IPV6 | DHCPCD_IPV6RS);
305 return;
306 }
307
308 if (state->rsprobes++ < MAX_RTR_SOLICITATIONS)
309 eloop_timeout_add_sec(ifp->ctx->eloop,
310 RTR_SOLICITATION_INTERVAL, ipv6nd_sendrsprobe, ifp);
311 else {
312 logger(ifp->ctx, LOG_WARNING,
313 "%s: no IPv6 Routers available", ifp->name);
314 ipv6nd_drop(ifp);
315 dhcp6_drop(ifp, "EXPIRE6");
316 }
317 }
318
319 void
ipv6nd_expire(struct interface * ifp,uint32_t seconds)320 ipv6nd_expire(struct interface *ifp, uint32_t seconds)
321 {
322 struct ra *rap;
323 struct timespec now;
324
325 get_monotonic(&now);
326
327 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
328 if (rap->iface == ifp) {
329 rap->received = now;
330 rap->expired = seconds ? 0 : 1;
331 if (seconds) {
332 struct ra_opt *rao;
333 struct ipv6_addr *ap;
334
335 rap->lifetime = seconds;
336 TAILQ_FOREACH(ap, &rap->addrs, next) {
337 if (ap->prefix_vltime) {
338 ap->prefix_vltime = seconds;
339 ap->prefix_pltime = seconds / 2;
340 }
341 }
342 ipv6_addaddrs(&rap->addrs);
343 TAILQ_FOREACH(rao, &rap->options, next) {
344 timespecclear(&rao->expire);
345 }
346 }
347 }
348 }
349 if (seconds)
350 ipv6nd_expirera(ifp);
351 else
352 ipv6_buildroutes(ifp->ctx);
353 }
354
355 static void
ipv6nd_reachable(struct ra * rap,int flags)356 ipv6nd_reachable(struct ra *rap, int flags)
357 {
358
359 if (flags & IPV6ND_REACHABLE) {
360 if (rap->lifetime && rap->expired) {
361 logger(rap->iface->ctx, LOG_INFO,
362 "%s: %s is reachable again",
363 rap->iface->name, rap->sfrom);
364 rap->expired = 0;
365 ipv6_buildroutes(rap->iface->ctx);
366 /* XXX Not really an RA */
367 script_runreason(rap->iface, "ROUTERADVERT");
368 }
369 } else {
370 if (rap->lifetime && !rap->expired) {
371 logger(rap->iface->ctx, LOG_WARNING,
372 "%s: %s is unreachable, expiring it",
373 rap->iface->name, rap->sfrom);
374 rap->expired = 1;
375 ipv6_buildroutes(rap->iface->ctx);
376 /* XXX Not really an RA */
377 script_runreason(rap->iface, "ROUTERADVERT");
378 }
379 }
380 }
381
382 void
ipv6nd_neighbour(struct dhcpcd_ctx * ctx,struct in6_addr * addr,int flags)383 ipv6nd_neighbour(struct dhcpcd_ctx *ctx, struct in6_addr *addr, int flags)
384 {
385 struct ra *rap;
386
387 if (ctx->ipv6) {
388 TAILQ_FOREACH(rap, ctx->ipv6->ra_routers, next) {
389 if (IN6_ARE_ADDR_EQUAL(&rap->from, addr)) {
390 ipv6nd_reachable(rap, flags);
391 break;
392 }
393 }
394 }
395 }
396
397 static void
ipv6nd_free_opts(struct ra * rap)398 ipv6nd_free_opts(struct ra *rap)
399 {
400 struct ra_opt *rao;
401
402 while ((rao = TAILQ_FIRST(&rap->options))) {
403 TAILQ_REMOVE(&rap->options, rao, next);
404 free(rao->option);
405 free(rao);
406 }
407 }
408
409 struct ipv6_addr *
ipv6nd_findaddr(struct dhcpcd_ctx * ctx,const struct in6_addr * addr,short flags)410 ipv6nd_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr,
411 short flags)
412 {
413 struct ra *rap;
414 struct ipv6_addr *ap;
415
416 if (ctx->ipv6 == NULL)
417 return NULL;
418
419 TAILQ_FOREACH(rap, ctx->ipv6->ra_routers, next) {
420 TAILQ_FOREACH(ap, &rap->addrs, next) {
421 if (addr == NULL) {
422 if ((ap->flags &
423 (IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED)) ==
424 (IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED))
425 return ap;
426 } else if (ap->prefix_vltime &&
427 IN6_ARE_ADDR_EQUAL(&ap->addr, addr) &&
428 (!flags || ap->flags & flags))
429 return ap;
430 }
431 }
432 return NULL;
433 }
434
ipv6nd_freedrop_ra(struct ra * rap,int drop)435 void ipv6nd_freedrop_ra(struct ra *rap, int drop)
436 {
437
438 eloop_timeout_delete(rap->iface->ctx->eloop, NULL, rap->iface);
439 eloop_timeout_delete(rap->iface->ctx->eloop, NULL, rap);
440 if (!drop)
441 TAILQ_REMOVE(rap->iface->ctx->ipv6->ra_routers, rap, next);
442 ipv6_freedrop_addrs(&rap->addrs, drop, NULL);
443 ipv6nd_free_opts(rap);
444 free(rap->data);
445 free(rap);
446 }
447
448 ssize_t
ipv6nd_free(struct interface * ifp)449 ipv6nd_free(struct interface *ifp)
450 {
451 struct rs_state *state;
452 struct ra *rap, *ran;
453 struct dhcpcd_ctx *ctx;
454 ssize_t n;
455
456 state = RS_STATE(ifp);
457 if (state == NULL)
458 return 0;
459
460 free(state->rs);
461 free(state);
462 ifp->if_data[IF_DATA_IPV6ND] = NULL;
463 n = 0;
464 TAILQ_FOREACH_SAFE(rap, ifp->ctx->ipv6->ra_routers, next, ran) {
465 if (rap->iface == ifp) {
466 ipv6nd_free_ra(rap);
467 n++;
468 }
469 }
470
471 /* If we don't have any more IPv6 enabled interfaces,
472 * close the global socket and release resources */
473 ctx = ifp->ctx;
474 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
475 if (RS_STATE(ifp))
476 break;
477 }
478 if (ifp == NULL) {
479 if (ctx->ipv6->nd_fd != -1) {
480 eloop_event_delete(ctx->eloop, ctx->ipv6->nd_fd, 0);
481 close(ctx->ipv6->nd_fd);
482 ctx->ipv6->nd_fd = -1;
483 }
484 }
485
486 return n;
487 }
488
489 static int
rtpref(struct ra * rap)490 rtpref(struct ra *rap)
491 {
492
493 switch (rap->flags & ND_RA_FLAG_RTPREF_MASK) {
494 case ND_RA_FLAG_RTPREF_HIGH:
495 return (RTPREF_HIGH);
496 case ND_RA_FLAG_RTPREF_MEDIUM:
497 case ND_RA_FLAG_RTPREF_RSV:
498 return (RTPREF_MEDIUM);
499 case ND_RA_FLAG_RTPREF_LOW:
500 return (RTPREF_LOW);
501 default:
502 logger(rap->iface->ctx, LOG_ERR,
503 "rtpref: impossible RA flag %x", rap->flags);
504 return (RTPREF_INVALID);
505 }
506 /* NOTREACHED */
507 }
508
509 static void
add_router(struct ipv6_ctx * ctx,struct ra * router)510 add_router(struct ipv6_ctx *ctx, struct ra *router)
511 {
512 struct ra *rap;
513
514 TAILQ_FOREACH(rap, ctx->ra_routers, next) {
515 if (router->iface->metric < rap->iface->metric ||
516 (router->iface->metric == rap->iface->metric &&
517 rtpref(router) > rtpref(rap)))
518 {
519 TAILQ_INSERT_BEFORE(rap, router, next);
520 return;
521 }
522 }
523 TAILQ_INSERT_TAIL(ctx->ra_routers, router, next);
524 }
525
526 static int
ipv6nd_scriptrun(struct ra * rap)527 ipv6nd_scriptrun(struct ra *rap)
528 {
529 int hasdns, hasaddress, pid;
530 struct ipv6_addr *ap;
531 const struct ra_opt *rao;
532
533 hasaddress = 0;
534 /* If all addresses have completed DAD run the script */
535 TAILQ_FOREACH(ap, &rap->addrs, next) {
536 if ((ap->flags & (IPV6_AF_AUTOCONF | IPV6_AF_ADDED)) ==
537 (IPV6_AF_AUTOCONF | IPV6_AF_ADDED))
538 {
539 hasaddress = 1;
540 if (!(ap->flags & IPV6_AF_DADCOMPLETED) &&
541 ipv6_iffindaddr(ap->iface, &ap->addr))
542 ap->flags |= IPV6_AF_DADCOMPLETED;
543 if ((ap->flags & IPV6_AF_DADCOMPLETED) == 0) {
544 logger(ap->iface->ctx, LOG_DEBUG,
545 "%s: waiting for Router Advertisement"
546 " DAD to complete",
547 rap->iface->name);
548 return 0;
549 }
550 }
551 }
552
553 /* If we don't require RDNSS then set hasdns = 1 so we fork */
554 if (!(rap->iface->options->options & DHCPCD_IPV6RA_REQRDNSS))
555 hasdns = 1;
556 else {
557 hasdns = 0;
558 TAILQ_FOREACH(rao, &rap->options, next) {
559 if (rao->type == ND_OPT_RDNSS &&
560 rao->option &&
561 timespecisset(&rao->expire))
562 {
563 hasdns = 1;
564 break;
565 }
566 }
567 }
568
569 script_runreason(rap->iface, "ROUTERADVERT");
570 pid = 0;
571 if (hasdns && (hasaddress ||
572 !(rap->flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER))))
573 pid = dhcpcd_daemonise(rap->iface->ctx);
574 #if 0
575 else if (options & DHCPCD_DAEMONISE &&
576 !(options & DHCPCD_DAEMONISED) && new_data)
577 logger(rap->iface->ctx, LOG_WARNING,
578 "%s: did not fork due to an absent"
579 " RDNSS option in the RA",
580 ifp->name);
581 }
582 #endif
583 return pid;
584 }
585
586 static void
ipv6nd_addaddr(void * arg)587 ipv6nd_addaddr(void *arg)
588 {
589 struct ipv6_addr *ap = arg;
590
591 ipv6_addaddr(ap, NULL);
592 }
593
594 int
ipv6nd_dadcompleted(const struct interface * ifp)595 ipv6nd_dadcompleted(const struct interface *ifp)
596 {
597 const struct ra *rap;
598 const struct ipv6_addr *ap;
599
600 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
601 if (rap->iface != ifp)
602 continue;
603 TAILQ_FOREACH(ap, &rap->addrs, next) {
604 if (ap->flags & IPV6_AF_AUTOCONF &&
605 ap->flags & IPV6_AF_ADDED &&
606 !(ap->flags & IPV6_AF_DADCOMPLETED))
607 return 0;
608 }
609 }
610 return 1;
611 }
612
613 static void
ipv6nd_dadcallback(void * arg)614 ipv6nd_dadcallback(void *arg)
615 {
616 struct ipv6_addr *ap = arg, *rapap;
617 struct interface *ifp;
618 struct ra *rap;
619 int wascompleted, found;
620 struct timespec tv;
621 char buf[INET6_ADDRSTRLEN];
622 const char *p;
623 int dadcounter;
624
625 ifp = ap->iface;
626 wascompleted = (ap->flags & IPV6_AF_DADCOMPLETED);
627 ap->flags |= IPV6_AF_DADCOMPLETED;
628 if (ap->flags & IPV6_AF_DUPLICATED) {
629 ap->dadcounter++;
630 logger(ifp->ctx, LOG_WARNING, "%s: DAD detected %s",
631 ifp->name, ap->saddr);
632
633 /* Try and make another stable private address.
634 * Because ap->dadcounter is always increamented,
635 * a different address is generated. */
636 /* XXX Cache DAD counter per prefix/id/ssid? */
637 if (ifp->options->options & DHCPCD_SLAACPRIVATE) {
638 if (ap->dadcounter >= IDGEN_RETRIES) {
639 logger(ifp->ctx, LOG_ERR,
640 "%s: unable to obtain a"
641 " stable private address",
642 ifp->name);
643 goto try_script;
644 }
645 logger(ifp->ctx, LOG_INFO, "%s: deleting address %s",
646 ifp->name, ap->saddr);
647 if (if_deladdress6(ap) == -1 &&
648 errno != EADDRNOTAVAIL && errno != ENXIO)
649 logger(ifp->ctx, LOG_ERR, "if_deladdress6: %m");
650 dadcounter = ap->dadcounter;
651 if (ipv6_makestableprivate(&ap->addr,
652 &ap->prefix, ap->prefix_len,
653 ifp, &dadcounter) == -1)
654 {
655 logger(ifp->ctx, LOG_ERR,
656 "%s: ipv6_makestableprivate: %m",
657 ifp->name);
658 return;
659 }
660 ap->dadcounter = dadcounter;
661 ap->flags &= ~(IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED);
662 ap->flags |= IPV6_AF_NEW;
663 p = inet_ntop(AF_INET6, &ap->addr, buf, sizeof(buf));
664 if (p)
665 snprintf(ap->saddr,
666 sizeof(ap->saddr),
667 "%s/%d",
668 p, ap->prefix_len);
669 else
670 ap->saddr[0] = '\0';
671 tv.tv_sec = 0;
672 tv.tv_nsec = (suseconds_t)
673 arc4random_uniform(IDGEN_DELAY * NSEC_PER_SEC);
674 timespecnorm(&tv);
675 eloop_timeout_add_tv(ifp->ctx->eloop, &tv,
676 ipv6nd_addaddr, ap);
677 return;
678 }
679 }
680
681 try_script:
682 if (!wascompleted) {
683 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
684 if (rap->iface != ifp)
685 continue;
686 wascompleted = 1;
687 found = 0;
688 TAILQ_FOREACH(rapap, &rap->addrs, next) {
689 if (rapap->flags & IPV6_AF_AUTOCONF &&
690 rapap->flags & IPV6_AF_ADDED &&
691 (rapap->flags & IPV6_AF_DADCOMPLETED) == 0)
692 {
693 wascompleted = 0;
694 break;
695 }
696 if (rapap == ap)
697 found = 1;
698 }
699
700 if (wascompleted && found) {
701 logger(rap->iface->ctx, LOG_DEBUG,
702 "%s: Router Advertisement DAD completed",
703 rap->iface->name);
704 if (ipv6nd_scriptrun(rap))
705 return;
706 }
707 }
708 }
709 }
710
711 static int
ipv6nd_ra_has_public_addr(const struct ra * rap)712 ipv6nd_ra_has_public_addr(const struct ra *rap)
713 {
714 const struct ipv6_addr *ia;
715
716 TAILQ_FOREACH(ia, &rap->addrs, next) {
717 if (ia->flags & IPV6_AF_AUTOCONF &&
718 ipv6_publicaddr(ia))
719 return 1;
720 }
721 return 0;
722 }
723
724 static void
ipv6nd_handlera(struct dhcpcd_ctx * dctx,struct interface * ifp,struct icmp6_hdr * icp,size_t len)725 ipv6nd_handlera(struct dhcpcd_ctx *dctx, struct interface *ifp,
726 struct icmp6_hdr *icp, size_t len)
727 {
728 struct ipv6_ctx *ctx = dctx->ipv6;
729 size_t olen, l, n;
730 ssize_t r;
731 struct nd_router_advert *nd_ra;
732 struct nd_opt_prefix_info *pi;
733 struct nd_opt_mtu *mtu;
734 struct nd_opt_rdnss *rdnss;
735 struct nd_opt_dnssl *dnssl;
736 uint32_t lifetime, mtuv;
737 uint8_t *p, *op;
738 struct in6_addr addr;
739 char buf[INET6_ADDRSTRLEN];
740 const char *cbp;
741 struct ra *rap;
742 struct nd_opt_hdr *ndo;
743 struct ra_opt *rao;
744 struct ipv6_addr *ap;
745 char *opt, *opt2, *tmp;
746 struct timespec expire;
747 uint8_t new_rap, new_data;
748 #ifdef IPV6_MANAGETEMPADDR
749 uint8_t new_ap;
750 #endif
751
752 if (len < sizeof(struct nd_router_advert)) {
753 logger(dctx, LOG_ERR,
754 "IPv6 RA packet too short from %s", ctx->sfrom);
755 return;
756 }
757
758 if (!IN6_IS_ADDR_LINKLOCAL(&ctx->from.sin6_addr)) {
759 logger(dctx, LOG_ERR,
760 "RA from non local address %s", ctx->sfrom);
761 return;
762 }
763
764 if (ifp == NULL) {
765 #ifdef DEBUG_RS
766 logger(dctx, LOG_DEBUG,
767 "RA for unexpected interface from %s", ctx->sfrom);
768 #endif
769 return;
770 }
771 if (!(ifp->options->options & DHCPCD_IPV6RS)) {
772 #ifdef DEBUG_RS
773 logger(ifp->ctx, LOG_DEBUG, "%s: unexpected RA from %s",
774 ifp->name, ctx->sfrom);
775 #endif
776 return;
777 }
778
779 /* We could receive a RA before we sent a RS*/
780 if (ipv6_linklocal(ifp) == NULL) {
781 #ifdef DEBUG_RS
782 logger(ifp->ctx, LOG_DEBUG,
783 "%s: received RA from %s (no link-local)",
784 ifp->name, ctx->sfrom);
785 #endif
786 return;
787 }
788
789 if (ipv6_iffindaddr(ifp, &ctx->from.sin6_addr)) {
790 logger(ifp->ctx, LOG_DEBUG,
791 "%s: ignoring RA from ourself %s", ifp->name, ctx->sfrom);
792 return;
793 }
794
795 TAILQ_FOREACH(rap, ctx->ra_routers, next) {
796 if (ifp == rap->iface &&
797 IN6_ARE_ADDR_EQUAL(&rap->from, &ctx->from.sin6_addr))
798 break;
799 }
800
801 nd_ra = (struct nd_router_advert *)icp;
802
803 /* We don't want to spam the log with the fact we got an RA every
804 * 30 seconds or so, so only spam the log if it's different. */
805 if (rap == NULL || (rap->data_len != len ||
806 memcmp(rap->data, (unsigned char *)icp, rap->data_len) != 0))
807 {
808 if (rap) {
809 free(rap->data);
810 rap->data_len = 0;
811 rap->no_public_warned = 0;
812 }
813 new_data = 1;
814 } else
815 new_data = 0;
816 if (new_data || ifp->options->options & DHCPCD_DEBUG)
817 logger(ifp->ctx, LOG_INFO, "%s: Router Advertisement from %s",
818 ifp->name, ctx->sfrom);
819
820 if (rap == NULL) {
821 rap = calloc(1, sizeof(*rap));
822 if (rap == NULL) {
823 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
824 return;
825 }
826 rap->iface = ifp;
827 rap->from = ctx->from.sin6_addr;
828 strlcpy(rap->sfrom, ctx->sfrom, sizeof(rap->sfrom));
829 TAILQ_INIT(&rap->addrs);
830 TAILQ_INIT(&rap->options);
831 new_rap = 1;
832 } else
833 new_rap = 0;
834 if (rap->data_len == 0) {
835 rap->data = malloc(len);
836 if (rap->data == NULL) {
837 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
838 if (new_rap)
839 free(rap);
840 return;
841 }
842 memcpy(rap->data, icp, len);
843 rap->data_len = len;
844 }
845
846 get_monotonic(&rap->received);
847 rap->flags = nd_ra->nd_ra_flags_reserved;
848 if (new_rap == 0 && rap->lifetime == 0)
849 logger(ifp->ctx, LOG_WARNING, "%s: %s router available",
850 ifp->name, rap->sfrom);
851 rap->lifetime = ntohs(nd_ra->nd_ra_router_lifetime);
852 if (nd_ra->nd_ra_reachable) {
853 rap->reachable = ntohl(nd_ra->nd_ra_reachable);
854 if (rap->reachable > MAX_REACHABLE_TIME)
855 rap->reachable = 0;
856 }
857 if (nd_ra->nd_ra_retransmit)
858 rap->retrans = ntohl(nd_ra->nd_ra_retransmit);
859 if (rap->lifetime)
860 rap->expired = 0;
861
862 ipv6_settempstale(ifp);
863 TAILQ_FOREACH(ap, &rap->addrs, next) {
864 ap->flags |= IPV6_AF_STALE;
865 }
866
867 len -= sizeof(struct nd_router_advert);
868 p = ((uint8_t *)icp) + sizeof(struct nd_router_advert);
869 lifetime = ~0U;
870 for (; len > 0; p += olen, len -= olen) {
871 if (len < sizeof(struct nd_opt_hdr)) {
872 logger(ifp->ctx, LOG_ERR,
873 "%s: short option", ifp->name);
874 break;
875 }
876 ndo = (struct nd_opt_hdr *)p;
877 olen = (size_t)ndo->nd_opt_len * 8;
878 if (olen == 0) {
879 logger(ifp->ctx, LOG_ERR,
880 "%s: zero length option", ifp->name);
881 break;
882 }
883 if (olen > len) {
884 logger(ifp->ctx, LOG_ERR,
885 "%s: option length exceeds message", ifp->name);
886 break;
887 }
888
889 opt = opt2 = NULL;
890 switch (ndo->nd_opt_type) {
891 case ND_OPT_PREFIX_INFORMATION:
892 pi = (struct nd_opt_prefix_info *)(void *)ndo;
893 if (pi->nd_opt_pi_len != 4) {
894 logger(ifp->ctx, new_data ? LOG_ERR : LOG_DEBUG,
895 "%s: invalid option len for prefix",
896 ifp->name);
897 continue;
898 }
899 if (pi->nd_opt_pi_prefix_len > 128) {
900 logger(ifp->ctx, new_data ? LOG_ERR : LOG_DEBUG,
901 "%s: invalid prefix len",
902 ifp->name);
903 continue;
904 }
905 if (IN6_IS_ADDR_MULTICAST(&pi->nd_opt_pi_prefix) ||
906 IN6_IS_ADDR_LINKLOCAL(&pi->nd_opt_pi_prefix))
907 {
908 logger(ifp->ctx, new_data ? LOG_ERR : LOG_DEBUG,
909 "%s: invalid prefix in RA", ifp->name);
910 continue;
911 }
912 if (ntohl(pi->nd_opt_pi_preferred_time) >
913 ntohl(pi->nd_opt_pi_valid_time))
914 {
915 logger(ifp->ctx, new_data ? LOG_ERR : LOG_DEBUG,
916 "%s: pltime > vltime", ifp->name);
917 continue;
918 }
919 TAILQ_FOREACH(ap, &rap->addrs, next)
920 if (ap->prefix_len ==pi->nd_opt_pi_prefix_len &&
921 IN6_ARE_ADDR_EQUAL(&ap->prefix,
922 &pi->nd_opt_pi_prefix))
923 break;
924 if (ap == NULL) {
925 if (!(pi->nd_opt_pi_flags_reserved &
926 ND_OPT_PI_FLAG_AUTO) &&
927 !(pi->nd_opt_pi_flags_reserved &
928 ND_OPT_PI_FLAG_ONLINK))
929 continue;
930 ap = calloc(1, sizeof(*ap));
931 if (ap == NULL)
932 break;
933 ap->iface = rap->iface;
934 ap->flags = IPV6_AF_NEW;
935 ap->prefix_len = pi->nd_opt_pi_prefix_len;
936 ap->prefix = pi->nd_opt_pi_prefix;
937 if (pi->nd_opt_pi_flags_reserved &
938 ND_OPT_PI_FLAG_AUTO &&
939 ap->iface->options->options &
940 DHCPCD_IPV6RA_AUTOCONF)
941 {
942 ap->flags |= IPV6_AF_AUTOCONF;
943 ap->dadcounter =
944 ipv6_makeaddr(&ap->addr, ifp,
945 &ap->prefix,
946 pi->nd_opt_pi_prefix_len);
947 if (ap->dadcounter == -1) {
948 free(ap);
949 break;
950 }
951 cbp = inet_ntop(AF_INET6,
952 &ap->addr,
953 buf, sizeof(buf));
954 if (cbp)
955 snprintf(ap->saddr,
956 sizeof(ap->saddr),
957 "%s/%d",
958 cbp, ap->prefix_len);
959 else
960 ap->saddr[0] = '\0';
961 } else {
962 memset(&ap->addr, 0, sizeof(ap->addr));
963 ap->saddr[0] = '\0';
964 }
965 ap->dadcallback = ipv6nd_dadcallback;
966 ap->created = ap->acquired = rap->received;
967 TAILQ_INSERT_TAIL(&rap->addrs, ap, next);
968
969 #ifdef IPV6_MANAGETEMPADDR
970 /* New address to dhcpcd RA handling.
971 * If the address already exists and a valid
972 * temporary address also exists then
973 * extend the existing one rather than
974 * create a new one */
975 if (ipv6_iffindaddr(ifp, &ap->addr) &&
976 ipv6_settemptime(ap, 0))
977 new_ap = 0;
978 else
979 new_ap = 1;
980 #endif
981 } else {
982 #ifdef IPV6_MANAGETEMPADDR
983 new_ap = 0;
984 #endif
985 ap->flags &= ~IPV6_AF_STALE;
986 ap->acquired = rap->received;
987 }
988 if (pi->nd_opt_pi_flags_reserved &
989 ND_OPT_PI_FLAG_ONLINK)
990 ap->flags |= IPV6_AF_ONLINK;
991 ap->prefix_vltime =
992 ntohl(pi->nd_opt_pi_valid_time);
993 ap->prefix_pltime =
994 ntohl(pi->nd_opt_pi_preferred_time);
995 ap->nsprobes = 0;
996 cbp = inet_ntop(AF_INET6, &ap->prefix, buf, sizeof(buf));
997 if (cbp) {
998 l = strlen(cbp);
999 opt = malloc(l + 5);
1000 if (opt) {
1001 snprintf(opt, l + 5, "%s/%d", cbp,
1002 ap->prefix_len);
1003 opt2 = strdup(ap->saddr);
1004 }
1005 }
1006
1007 #ifdef IPV6_MANAGETEMPADDR
1008 /* RFC4941 Section 3.3.3 */
1009 if (ap->flags & IPV6_AF_AUTOCONF &&
1010 ap->iface->options->options & DHCPCD_IPV6RA_OWN &&
1011 ip6_use_tempaddr(ap->iface->name))
1012 {
1013 if (!new_ap) {
1014 if (ipv6_settemptime(ap, 1) == NULL)
1015 new_ap = 1;
1016 }
1017 if (new_ap && ap->prefix_pltime) {
1018 if (ipv6_createtempaddr(ap,
1019 &ap->acquired) == NULL)
1020 logger(ap->iface->ctx, LOG_ERR,
1021 "ipv6_createtempaddr: %m");
1022 }
1023 }
1024 #endif
1025
1026 lifetime = ap->prefix_vltime;
1027 break;
1028
1029 case ND_OPT_MTU:
1030 mtu = (struct nd_opt_mtu *)(void *)p;
1031 mtuv = ntohl(mtu->nd_opt_mtu_mtu);
1032 if (mtuv < IPV6_MMTU) {
1033 logger(ifp->ctx, LOG_ERR, "%s: invalid MTU %d",
1034 ifp->name, mtuv);
1035 break;
1036 }
1037 rap->mtu = mtuv;
1038 snprintf(buf, sizeof(buf), "%d", mtuv);
1039 opt = strdup(buf);
1040 break;
1041
1042 case ND_OPT_RDNSS:
1043 rdnss = (struct nd_opt_rdnss *)p;
1044 lifetime = ntohl(rdnss->nd_opt_rdnss_lifetime);
1045 op = (uint8_t *)ndo;
1046 op += offsetof(struct nd_opt_rdnss,
1047 nd_opt_rdnss_lifetime);
1048 op += sizeof(rdnss->nd_opt_rdnss_lifetime);
1049 l = 0;
1050 for (n = (size_t)ndo->nd_opt_len - 1; n > 1; n -= 2,
1051 op += sizeof(addr))
1052 {
1053 r = ipv6_printaddr(NULL, 0, op, ifp->name);
1054 if (r != -1)
1055 l += (size_t)r + 1;
1056 }
1057 op = (uint8_t *)ndo;
1058 op += offsetof(struct nd_opt_rdnss,
1059 nd_opt_rdnss_lifetime);
1060 op += sizeof(rdnss->nd_opt_rdnss_lifetime);
1061 tmp = opt = malloc(l);
1062 if (opt == NULL)
1063 continue;
1064 for (n = (size_t)ndo->nd_opt_len - 1; n > 1; n -= 2,
1065 op += sizeof(addr))
1066 {
1067 r = ipv6_printaddr(tmp, l, op,
1068 ifp->name);
1069 if (r != -1) {
1070 l -= ((size_t)r + 1);
1071 tmp += (size_t)r;
1072 *tmp++ = ' ';
1073 }
1074 }
1075 if (tmp != opt)
1076 (*--tmp) = '\0';
1077 else
1078 *opt = '\0';
1079 break;
1080
1081 case ND_OPT_DNSSL:
1082 dnssl = (struct nd_opt_dnssl *)p;
1083 lifetime = ntohl(dnssl->nd_opt_dnssl_lifetime);
1084 op = p + offsetof(struct nd_opt_dnssl,
1085 nd_opt_dnssl_lifetime);
1086 op += sizeof(dnssl->nd_opt_dnssl_lifetime);
1087 n = (size_t)(dnssl->nd_opt_dnssl_len - 1) * 8;
1088 r = decode_rfc3397(NULL, 0, op, n);
1089 if (r < 1) {
1090 logger(ifp->ctx, new_data ? LOG_ERR : LOG_DEBUG,
1091 "%s: invalid DNSSL option",
1092 ifp->name);
1093 continue;
1094 } else {
1095 l = (size_t)r + 1;
1096 tmp = malloc(l);
1097 if (tmp) {
1098 decode_rfc3397(tmp, l, op, n);
1099 l -= 1;
1100 n = (size_t)print_string(NULL, 0,
1101 STRING | ARRAY | DOMAIN,
1102 (const uint8_t *)tmp, l);
1103 n++;
1104 opt = malloc(n);
1105 if (opt) {
1106 print_string(opt, n,
1107 STRING | ARRAY | DOMAIN,
1108 (const uint8_t *)tmp, l);
1109 } else
1110 logger(ifp->ctx, LOG_ERR,
1111 "%s: %m", __func__);
1112 free(tmp);
1113 }
1114 }
1115 break;
1116
1117 default:
1118 continue;
1119 }
1120
1121 if (opt == NULL) {
1122 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
1123 continue;
1124 }
1125
1126 n = ndo->nd_opt_type;
1127 extra_opt:
1128 TAILQ_FOREACH(rao, &rap->options, next) {
1129 if (rao->type == n &&
1130 strcmp(rao->option, opt) == 0)
1131 break;
1132 }
1133 if (lifetime == 0 || *opt == '\0') {
1134 if (rao) {
1135 TAILQ_REMOVE(&rap->options, rao, next);
1136 free(rao->option);
1137 free(rao);
1138 }
1139 free(opt);
1140 free(opt2);
1141 continue;
1142 }
1143
1144 if (rao == NULL) {
1145 rao = malloc(sizeof(*rao));
1146 if (rao == NULL) {
1147 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
1148 continue;
1149 }
1150 rao->type = (uint16_t)n;
1151 rao->option = opt;
1152 TAILQ_INSERT_TAIL(&rap->options, rao, next);
1153 } else
1154 free(opt);
1155 if (lifetime == ~0U)
1156 timespecclear(&rao->expire);
1157 else {
1158 expire.tv_sec = (time_t)lifetime;
1159 expire.tv_nsec = 0;
1160 timespecadd(&rap->received, &expire, &rao->expire);
1161 }
1162 if (rao && rao->type == ND_OPT_PREFIX_INFORMATION && opt2) {
1163 n = _ND_OPT_PREFIX_ADDR;
1164 opt = opt2;
1165 opt2 = NULL;
1166 goto extra_opt;
1167 }
1168 }
1169
1170 if (new_rap)
1171 add_router(ifp->ctx->ipv6, rap);
1172 if (!ipv6nd_ra_has_public_addr(rap) &&
1173 !(rap->iface->options->options & DHCPCD_IPV6RA_ACCEPT_NOPUBLIC) &&
1174 (!(rap->flags & ND_RA_FLAG_MANAGED) ||
1175 !dhcp6_has_public_addr(rap->iface)))
1176 {
1177 logger(rap->iface->ctx,
1178 rap->no_public_warned ? LOG_DEBUG : LOG_WARNING,
1179 "%s: ignoring RA from %s"
1180 " (no public prefix, no managed address)",
1181 rap->iface->name, rap->sfrom);
1182 rap->no_public_warned = 1;
1183 return;
1184 }
1185 if (ifp->ctx->options & DHCPCD_TEST) {
1186 script_runreason(ifp, "TEST");
1187 goto handle_flag;
1188 }
1189 ipv6_addaddrs(&rap->addrs);
1190 #ifdef IPV6_MANAGETEMPADDR
1191 ipv6_addtempaddrs(ifp, &rap->received);
1192 #endif
1193
1194 /* Find any freshly added routes, such as the subnet route.
1195 * We do this because we cannot rely on recieving the kernel
1196 * notification right now via our link socket. */
1197 if_initrt6(ifp);
1198
1199 ipv6_buildroutes(ifp->ctx);
1200 if (ipv6nd_scriptrun(rap))
1201 return;
1202
1203 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1204 eloop_timeout_delete(ifp->ctx->eloop, NULL, rap); /* reachable timer */
1205
1206 handle_flag:
1207 if (!(ifp->options->options & DHCPCD_DHCP6))
1208 goto nodhcp6;
1209 if (rap->flags & ND_RA_FLAG_MANAGED) {
1210 if (new_data && dhcp6_start(ifp, DH6S_INIT) == -1)
1211 logger(ifp->ctx, LOG_ERR,
1212 "dhcp6_start: %s: %m", ifp->name);
1213 } else if (rap->flags & ND_RA_FLAG_OTHER) {
1214 if (new_data && dhcp6_start(ifp, DH6S_INFORM) == -1)
1215 logger(ifp->ctx, LOG_ERR,
1216 "dhcp6_start: %s: %m", ifp->name);
1217 } else {
1218 if (new_data)
1219 logger(ifp->ctx, LOG_DEBUG,
1220 "%s: No DHCPv6 instruction in RA", ifp->name);
1221 nodhcp6:
1222 if (ifp->ctx->options & DHCPCD_TEST) {
1223 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS);
1224 return;
1225 }
1226 }
1227
1228 /* Expire should be called last as the rap object could be destroyed */
1229 ipv6nd_expirera(ifp);
1230 }
1231
1232 /* Run RA's we ignored becuase they had no public addresses
1233 * This should only be called when DHCPv6 applies a public address */
1234 void
ipv6nd_runignoredra(struct interface * ifp)1235 ipv6nd_runignoredra(struct interface *ifp)
1236 {
1237 struct ra *rap;
1238
1239 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
1240 if (rap->iface == ifp &&
1241 !rap->expired &&
1242 rap->no_public_warned)
1243 {
1244 rap->no_public_warned = 0;
1245 logger(rap->iface->ctx, LOG_INFO,
1246 "%s: applying ignored RA from %s",
1247 rap->iface->name, rap->sfrom);
1248 if (ifp->ctx->options & DHCPCD_TEST) {
1249 script_runreason(ifp, "TEST");
1250 continue;
1251 }
1252 if (ipv6nd_scriptrun(rap))
1253 return;
1254 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1255 eloop_timeout_delete(ifp->ctx->eloop, NULL, rap);
1256 }
1257 }
1258 }
1259
1260 int
ipv6nd_hasra(const struct interface * ifp)1261 ipv6nd_hasra(const struct interface *ifp)
1262 {
1263 const struct ra *rap;
1264
1265 if (ifp->ctx->ipv6) {
1266 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next)
1267 if (rap->iface == ifp && !rap->expired)
1268 return 1;
1269 }
1270 return 0;
1271 }
1272
1273 int
ipv6nd_hasradhcp(const struct interface * ifp)1274 ipv6nd_hasradhcp(const struct interface *ifp)
1275 {
1276 const struct ra *rap;
1277
1278 if (ifp->ctx->ipv6) {
1279 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
1280 if (rap->iface == ifp &&
1281 !rap->expired &&
1282 (rap->flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER)))
1283 return 1;
1284 }
1285 }
1286 return 0;
1287 }
1288
1289 ssize_t
ipv6nd_env(char ** env,const char * prefix,const struct interface * ifp)1290 ipv6nd_env(char **env, const char *prefix, const struct interface *ifp)
1291 {
1292 size_t i, l, len;
1293 const struct ra *rap;
1294 const struct ra_opt *rao;
1295 char buffer[32];
1296 const char *optn;
1297 char **pref, **addr, **mtu, **rdnss, **dnssl, ***var, *new;
1298
1299 i = l = 0;
1300 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
1301 if (rap->iface != ifp)
1302 continue;
1303 i++;
1304 if (env) {
1305 snprintf(buffer, sizeof(buffer),
1306 "ra%zu_from", i);
1307 setvar(ifp->ctx, &env, prefix, buffer, rap->sfrom);
1308 }
1309 l++;
1310
1311 pref = addr = mtu = rdnss = dnssl = NULL;
1312 TAILQ_FOREACH(rao, &rap->options, next) {
1313 if (rao->option == NULL)
1314 continue;
1315 var = NULL;
1316 switch(rao->type) {
1317 case ND_OPT_PREFIX_INFORMATION:
1318 optn = "prefix";
1319 var = &pref;
1320 break;
1321 case _ND_OPT_PREFIX_ADDR:
1322 optn = "addr";
1323 var = &addr;
1324 break;
1325 case ND_OPT_MTU:
1326 optn = "mtu";
1327 var = &mtu;
1328 break;
1329 case ND_OPT_RDNSS:
1330 optn = "rdnss";
1331 var = &rdnss;
1332 break;
1333 case ND_OPT_DNSSL:
1334 optn = "dnssl";
1335 var = &dnssl;
1336 break;
1337 default:
1338 continue;
1339 }
1340 if (*var == NULL) {
1341 *var = env ? env : &new;
1342 l++;
1343 } else if (env) {
1344 /* With single only options, last one takes
1345 * precedence */
1346 if (rao->type == ND_OPT_MTU) {
1347 new = strchr(**var, '=');
1348 if (new == NULL) {
1349 logger(ifp->ctx, LOG_ERR,
1350 "new is null");
1351 continue;
1352 } else
1353 new++;
1354 len = (size_t)(new - **var) +
1355 strlen(rao->option) + 1;
1356 if (len > strlen(**var))
1357 new = realloc(**var, len);
1358 else
1359 new = **var;
1360 if (new) {
1361 **var = new;
1362 new = strchr(**var, '=');
1363 if (new) {
1364 len -=
1365 (size_t)
1366 (new - **var);
1367 strlcpy(new + 1,
1368 rao->option,
1369 len - 1);
1370 } else
1371 logger(ifp->ctx,
1372 LOG_ERR,
1373 "new is null");
1374 }
1375 continue;
1376 }
1377 len = strlen(rao->option) + 1;
1378 new = realloc(**var, strlen(**var) + 1 + len);
1379 if (new) {
1380 **var = new;
1381 new += strlen(new);
1382 *new++ = ' ';
1383 strlcpy(new, rao->option, len);
1384 } else
1385 logger(ifp->ctx, LOG_ERR,
1386 "%s: %m", __func__);
1387 continue;
1388 }
1389 if (env) {
1390 snprintf(buffer, sizeof(buffer),
1391 "ra%zu_%s", i, optn);
1392 setvar(ifp->ctx, &env,
1393 prefix, buffer, rao->option);
1394 }
1395 }
1396 }
1397
1398 if (env)
1399 setvard(ifp->ctx, &env, prefix, "ra_count", i);
1400 l++;
1401 return (ssize_t)l;
1402 }
1403
1404 void
ipv6nd_handleifa(struct dhcpcd_ctx * ctx,int cmd,const char * ifname,const struct in6_addr * addr,int flags)1405 ipv6nd_handleifa(struct dhcpcd_ctx *ctx, int cmd, const char *ifname,
1406 const struct in6_addr *addr, int flags)
1407 {
1408 struct ra *rap;
1409
1410 if (ctx->ipv6 == NULL)
1411 return;
1412 TAILQ_FOREACH(rap, ctx->ipv6->ra_routers, next) {
1413 if (strcmp(rap->iface->name, ifname))
1414 continue;
1415 ipv6_handleifa_addrs(cmd, &rap->addrs, addr, flags);
1416 }
1417 }
1418
1419 void
ipv6nd_expirera(void * arg)1420 ipv6nd_expirera(void *arg)
1421 {
1422 struct interface *ifp;
1423 struct ra *rap, *ran;
1424 struct ra_opt *rao, *raon;
1425 struct timespec now, lt, expire, next;
1426 uint8_t expired, valid, validone;
1427
1428 ifp = arg;
1429 get_monotonic(&now);
1430 expired = 0;
1431 timespecclear(&next);
1432
1433 validone = 0;
1434 TAILQ_FOREACH_SAFE(rap, ifp->ctx->ipv6->ra_routers, next, ran) {
1435 if (rap->iface != ifp)
1436 continue;
1437 valid = 0;
1438 if (rap->lifetime) {
1439 lt.tv_sec = (time_t)rap->lifetime;
1440 lt.tv_nsec = 0;
1441 timespecadd(&rap->received, <, &expire);
1442 if (rap->lifetime == 0 || timespeccmp(&now, &expire, >))
1443 {
1444 if (!rap->expired) {
1445 logger(ifp->ctx, LOG_WARNING,
1446 "%s: %s: router expired",
1447 ifp->name, rap->sfrom);
1448 rap->expired = expired = 1;
1449 rap->lifetime = 0;
1450 }
1451 } else {
1452 valid = 1;
1453 timespecsub(&expire, &now, <);
1454 if (!timespecisset(&next) ||
1455 timespeccmp(&next, <, >))
1456 next = lt;
1457 }
1458 }
1459
1460 /* Addresses are expired in ipv6_addaddrs
1461 * so that DHCPv6 addresses can be removed also. */
1462 TAILQ_FOREACH_SAFE(rao, &rap->options, next, raon) {
1463 if (rap->expired) {
1464 switch(rao->type) {
1465 case ND_OPT_RDNSS: /* FALLTHROUGH */
1466 case ND_OPT_DNSSL:
1467 /* RFC6018 end of section 5.2 states
1468 * that if tha RA has a lifetime of 0
1469 * then we should expire these
1470 * options */
1471 TAILQ_REMOVE(&rap->options, rao, next);
1472 expired = 1;
1473 free(rao->option);
1474 free(rao);
1475 continue;
1476 }
1477 }
1478 if (!timespecisset(&rao->expire))
1479 continue;
1480 if (timespeccmp(&now, &rao->expire, >)) {
1481 /* Expired prefixes are logged above */
1482 if (rao->type != ND_OPT_PREFIX_INFORMATION)
1483 logger(ifp->ctx, LOG_WARNING,
1484 "%s: %s: expired option %d",
1485 ifp->name, rap->sfrom, rao->type);
1486 TAILQ_REMOVE(&rap->options, rao, next);
1487 expired = 1;
1488 free(rao->option);
1489 free(rao);
1490 continue;
1491 }
1492 valid = 1;
1493 timespecsub(&rao->expire, &now, <);
1494 if (!timespecisset(&next) || timespeccmp(&next, <, >))
1495 next = lt;
1496 }
1497
1498 /* No valid lifetimes are left on the RA, so we might
1499 * as well punt it. */
1500 if (!valid && TAILQ_FIRST(&rap->addrs) == NULL)
1501 ipv6nd_free_ra(rap);
1502 else
1503 validone = 1;
1504 }
1505
1506 if (timespecisset(&next))
1507 eloop_timeout_add_tv(ifp->ctx->eloop,
1508 &next, ipv6nd_expirera, ifp);
1509 if (expired) {
1510 ipv6_buildroutes(ifp->ctx);
1511 script_runreason(ifp, "ROUTERADVERT");
1512 }
1513
1514 /* No valid routers? Kill any DHCPv6. */
1515 if (!validone)
1516 dhcp6_drop(ifp, "EXPIRE6");
1517 }
1518
1519 void
ipv6nd_drop(struct interface * ifp)1520 ipv6nd_drop(struct interface *ifp)
1521 {
1522 struct ra *rap;
1523 uint8_t expired = 0;
1524 TAILQ_HEAD(rahead, ra) rtrs;
1525
1526 if (ifp->ctx->ipv6 == NULL)
1527 return;
1528
1529 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1530 TAILQ_INIT(&rtrs);
1531 TAILQ_FOREACH(rap, ifp->ctx->ipv6->ra_routers, next) {
1532 if (rap->iface == ifp) {
1533 rap->expired = expired = 1;
1534 TAILQ_REMOVE(ifp->ctx->ipv6->ra_routers, rap, next);
1535 TAILQ_INSERT_TAIL(&rtrs, rap, next);
1536 }
1537 }
1538 if (expired) {
1539 while ((rap = TAILQ_FIRST(&rtrs))) {
1540 TAILQ_REMOVE(&rtrs, rap, next);
1541 ipv6nd_drop_ra(rap);
1542 }
1543 ipv6_buildroutes(ifp->ctx);
1544 if ((ifp->options->options &
1545 (DHCPCD_EXITING | DHCPCD_PERSISTENT)) !=
1546 (DHCPCD_EXITING | DHCPCD_PERSISTENT))
1547 script_runreason(ifp, "ROUTERADVERT");
1548 }
1549 }
1550
1551 static void
ipv6nd_handlena(struct dhcpcd_ctx * dctx,struct interface * ifp,struct icmp6_hdr * icp,size_t len)1552 ipv6nd_handlena(struct dhcpcd_ctx *dctx, struct interface *ifp,
1553 struct icmp6_hdr *icp, size_t len)
1554 {
1555 struct ipv6_ctx *ctx = dctx->ipv6;
1556 struct nd_neighbor_advert *nd_na;
1557 struct ra *rap;
1558 uint32_t is_router, is_solicited;
1559 char buf[INET6_ADDRSTRLEN];
1560 const char *taddr;
1561
1562 if (ifp == NULL) {
1563 #ifdef DEBUG_NS
1564 logger(ctx, LOG_DEBUG, "NA for unexpected interface from %s",
1565 dctx->sfrom);
1566 #endif
1567 return;
1568 }
1569
1570 if ((size_t)len < sizeof(struct nd_neighbor_advert)) {
1571 logger(ifp->ctx, LOG_ERR, "%s: IPv6 NA too short from %s",
1572 ifp->name, ctx->sfrom);
1573 return;
1574 }
1575
1576 nd_na = (struct nd_neighbor_advert *)icp;
1577 is_router = nd_na->nd_na_flags_reserved & ND_NA_FLAG_ROUTER;
1578 is_solicited = nd_na->nd_na_flags_reserved & ND_NA_FLAG_SOLICITED;
1579 taddr = inet_ntop(AF_INET6, &nd_na->nd_na_target,
1580 buf, INET6_ADDRSTRLEN);
1581
1582 if (IN6_IS_ADDR_MULTICAST(&nd_na->nd_na_target)) {
1583 logger(ifp->ctx, LOG_ERR, "%s: NA multicast address %s (%s)",
1584 ifp->name, taddr, ctx->sfrom);
1585 return;
1586 }
1587
1588 TAILQ_FOREACH(rap, ctx->ra_routers, next) {
1589 if (rap->iface == ifp &&
1590 IN6_ARE_ADDR_EQUAL(&rap->from, &nd_na->nd_na_target))
1591 break;
1592 }
1593 if (rap == NULL) {
1594 #ifdef DEBUG_NS
1595 logger(ifp->ctx, LOG_DEBUG, "%s: unexpected NA from %s for %s",
1596 ifp->name, ctx->sfrom, taddr);
1597 #endif
1598 return;
1599 }
1600
1601 #ifdef DEBUG_NS
1602 logger(ifp->ctx, LOG_DEBUG, "%s: %sNA for %s from %s",
1603 ifp->name, is_solicited ? "solicited " : "", taddr, ctx->sfrom);
1604 #endif
1605
1606 /* Node is no longer a router, so remove it from consideration */
1607 if (!is_router && !rap->expired) {
1608 logger(ifp->ctx, LOG_INFO, "%s: %s not a router (%s)",
1609 ifp->name, taddr, ctx->sfrom);
1610 rap->expired = 1;
1611 ipv6_buildroutes(ifp->ctx);
1612 script_runreason(ifp, "ROUTERADVERT");
1613 return;
1614 }
1615
1616 if (is_solicited && is_router && rap->lifetime) {
1617 if (rap->expired) {
1618 rap->expired = 0;
1619 logger(ifp->ctx, LOG_INFO, "%s: %s reachable (%s)",
1620 ifp->name, taddr, ctx->sfrom);
1621 ipv6_buildroutes(ifp->ctx);
1622 script_runreason(rap->iface, "ROUTERADVERT"); /* XXX */
1623 }
1624 }
1625 }
1626
1627 static void
ipv6nd_handledata(void * arg)1628 ipv6nd_handledata(void *arg)
1629 {
1630 struct dhcpcd_ctx *dctx;
1631 struct ipv6_ctx *ctx;
1632 ssize_t len;
1633 struct cmsghdr *cm;
1634 int hoplimit;
1635 struct in6_pktinfo pkt;
1636 struct icmp6_hdr *icp;
1637 struct interface *ifp;
1638
1639 dctx = arg;
1640 ctx = dctx->ipv6;
1641 ctx->rcvhdr.msg_controllen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
1642 CMSG_SPACE(sizeof(int));
1643 len = recvmsg(ctx->nd_fd, &ctx->rcvhdr, 0);
1644 if (len == -1) {
1645 logger(dctx, LOG_ERR, "recvmsg: %m");
1646 eloop_event_delete(dctx->eloop, ctx->nd_fd, 0);
1647 close(ctx->nd_fd);
1648 ctx->nd_fd = -1;
1649 return;
1650 }
1651 ctx->sfrom = inet_ntop(AF_INET6, &ctx->from.sin6_addr,
1652 ctx->ntopbuf, INET6_ADDRSTRLEN);
1653 if ((size_t)len < sizeof(struct icmp6_hdr)) {
1654 logger(dctx, LOG_ERR, "IPv6 ICMP packet too short from %s",
1655 ctx->sfrom);
1656 return;
1657 }
1658
1659 pkt.ipi6_ifindex = 0;
1660 hoplimit = 0;
1661 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&ctx->rcvhdr);
1662 cm;
1663 cm = (struct cmsghdr *)CMSG_NXTHDR(&ctx->rcvhdr, cm))
1664 {
1665 if (cm->cmsg_level != IPPROTO_IPV6)
1666 continue;
1667 switch(cm->cmsg_type) {
1668 case IPV6_PKTINFO:
1669 if (cm->cmsg_len == CMSG_LEN(sizeof(pkt)))
1670 memcpy(&pkt, CMSG_DATA(cm), sizeof(pkt));
1671 break;
1672 case IPV6_HOPLIMIT:
1673 if (cm->cmsg_len == CMSG_LEN(sizeof(int)))
1674 memcpy(&hoplimit, CMSG_DATA(cm), sizeof(int));
1675 break;
1676 }
1677 }
1678
1679 if (pkt.ipi6_ifindex == 0 || hoplimit == 0) {
1680 logger(dctx, LOG_ERR,
1681 "IPv6 RA/NA did not contain index or hop limit from %s",
1682 ctx->sfrom);
1683 return;
1684 }
1685
1686 TAILQ_FOREACH(ifp, dctx->ifaces, next) {
1687 if (ifp->index == (unsigned int)pkt.ipi6_ifindex &&
1688 !(ifp->options->options & DHCPCD_PFXDLGONLY))
1689 {
1690 if (!(ifp->options->options & DHCPCD_IPV6))
1691 return;
1692 break;
1693 }
1694 }
1695
1696 icp = (struct icmp6_hdr *)ctx->rcvhdr.msg_iov[0].iov_base;
1697 if (icp->icmp6_code == 0) {
1698 switch(icp->icmp6_type) {
1699 case ND_NEIGHBOR_ADVERT:
1700 ipv6nd_handlena(dctx, ifp, icp, (size_t)len);
1701 return;
1702 case ND_ROUTER_ADVERT:
1703 ipv6nd_handlera(dctx, ifp, icp, (size_t)len);
1704 return;
1705 }
1706 }
1707
1708 logger(dctx, LOG_ERR, "invalid IPv6 type %d or code %d from %s",
1709 icp->icmp6_type, icp->icmp6_code, ctx->sfrom);
1710 }
1711
1712 static void
ipv6nd_startrs1(void * arg)1713 ipv6nd_startrs1(void *arg)
1714 {
1715 struct interface *ifp = arg;
1716 struct rs_state *state;
1717
1718 logger(ifp->ctx, LOG_INFO, "%s: soliciting an IPv6 router", ifp->name);
1719 if (ipv6nd_open(ifp->ctx) == -1) {
1720 logger(ifp->ctx, LOG_ERR, "%s: ipv6nd_open: %m", __func__);
1721 return;
1722 }
1723
1724 state = RS_STATE(ifp);
1725 if (state == NULL) {
1726 ifp->if_data[IF_DATA_IPV6ND] = calloc(1, sizeof(*state));
1727 state = RS_STATE(ifp);
1728 if (state == NULL) {
1729 logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
1730 return;
1731 }
1732 }
1733
1734 /* Always make a new probe as the underlying hardware
1735 * address could have changed. */
1736 ipv6nd_makersprobe(ifp);
1737 if (state->rs == NULL) {
1738 logger(ifp->ctx, LOG_ERR,
1739 "%s: ipv6ns_makersprobe: %m", __func__);
1740 return;
1741 }
1742
1743 state->rsprobes = 0;
1744 ipv6nd_sendrsprobe(ifp);
1745 }
1746
1747 void
ipv6nd_startrs(struct interface * ifp)1748 ipv6nd_startrs(struct interface *ifp)
1749 {
1750 struct timespec tv;
1751
1752 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1753 tv.tv_sec = 0;
1754 tv.tv_nsec = (suseconds_t)arc4random_uniform(
1755 MAX_RTR_SOLICITATION_DELAY * NSEC_PER_SEC);
1756 timespecnorm(&tv);
1757 logger(ifp->ctx, LOG_DEBUG,
1758 "%s: delaying IPv6 router solicitation for %0.1f seconds",
1759 ifp->name, timespec_to_double(&tv));
1760 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, ipv6nd_startrs1, ifp);
1761 return;
1762 }
1763