1 /** 2 * Copyright (C) 2013 Steven Barth <steven@midlink.org> 3 * Copyright (C) 2016 Hans Dedecker <dedeckeh@gmail.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License v2 as published by 7 * the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 */ 15 16 #include "odhcpd.h" 17 #include "dhcpv6.h" 18 #include "dhcpv4.h" 19 #include "dhcpv6-ia.h" 20 #include "statefiles.h" 21 22 #include <time.h> 23 #include <fcntl.h> 24 #include <limits.h> 25 #include <stdio.h> 26 #include <resolv.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <unistd.h> 30 #include <stdbool.h> 31 #include <arpa/inet.h> 32 33 #include <libubox/md5.h> 34 35 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info); 36 static void apply_lease(struct dhcpv6_lease *a, bool add); 37 static void set_border_assignment_size(struct interface *iface, struct dhcpv6_lease *b); 38 static void handle_addrlist_change(struct netevent_handler_info *info); 39 static void start_reconf(struct dhcpv6_lease *a); 40 static void stop_reconf(struct dhcpv6_lease *a); 41 static void valid_until_cb(struct uloop_timeout *event); 42 43 static struct netevent_handler dhcpv6_netevent_handler = { .cb = dhcpv6_netevent_cb, }; 44 static struct uloop_timeout valid_until_timeout = {.cb = valid_until_cb}; 45 static uint32_t serial = 0; 46 47 static struct dhcpv6_lease * 48 dhcpv6_alloc_lease(size_t extra_len) 49 { 50 struct dhcpv6_lease *a = calloc(1, sizeof(*a) + extra_len); 51 52 if (!a) 53 return NULL; 54 55 INIT_LIST_HEAD(&a->head); 56 INIT_LIST_HEAD(&a->lease_cfg_list); 57 58 return a; 59 } 60 61 void dhcpv6_free_lease(struct dhcpv6_lease *a) 62 { 63 if (!a) 64 return; 65 66 list_del(&a->head); 67 list_del(&a->lease_cfg_list); 68 69 if (a->bound && (a->flags & OAF_DHCPV6_PD)) 70 apply_lease(a, false); 71 72 if (a->fr_cnt) 73 stop_reconf(a); 74 75 free(a->hostname); 76 free(a); 77 } 78 79 int dhcpv6_ia_init(void) 80 { 81 uloop_timeout_set(&valid_until_timeout, 1000); 82 83 netlink_add_netevent_handler(&dhcpv6_netevent_handler); 84 85 return 0; 86 } 87 88 int dhcpv6_ia_setup_interface(struct interface *iface, bool enable) 89 { 90 enable = enable && (iface->dhcpv6 == MODE_SERVER); 91 92 if (enable) { 93 struct dhcpv6_lease *border; 94 95 if (list_empty(&iface->ia_assignments)) { 96 border = dhcpv6_alloc_lease(0); 97 98 if (!border) { 99 warn("Failed to alloc border on %s", iface->name); 100 return -1; 101 } 102 103 border->length = 64; 104 list_add(&border->head, &iface->ia_assignments); 105 } else 106 border = list_last_entry(&iface->ia_assignments, struct dhcpv6_lease, head); 107 108 set_border_assignment_size(iface, border); 109 } else { 110 struct dhcpv6_lease *c; 111 112 while (!list_empty(&iface->ia_assignments)) { 113 c = list_first_entry(&iface->ia_assignments, struct dhcpv6_lease, head); 114 dhcpv6_free_lease(c); 115 } 116 } 117 118 return 0; 119 } 120 121 122 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info) 123 { 124 struct interface *iface = info->iface; 125 126 if (!iface || iface->dhcpv6 != MODE_SERVER) 127 return; 128 129 switch (event) { 130 case NETEV_ADDR6LIST_CHANGE: 131 handle_addrlist_change(info); 132 break; 133 default: 134 break; 135 } 136 } 137 138 size_t get_preferred_addr(const struct odhcpd_ipaddr *addrs, const size_t addrlen) 139 { 140 size_t i, m; 141 142 for (i = 0, m = 0; i < addrlen; ++i) { 143 if (addrs[i].preferred_lt > addrs[m].preferred_lt || 144 (addrs[i].preferred_lt == addrs[m].preferred_lt && 145 memcmp(&addrs[i].addr, &addrs[m].addr, 16) > 0)) 146 m = i; 147 } 148 149 return m; 150 } 151 152 enum { 153 IOV_HDR = 0, 154 IOV_SERVERID, 155 IOV_CLIENTID, 156 IOV_MESSAGE, 157 IOV_AUTH, 158 IOV_TOTAL 159 }; 160 161 static int send_reconf(struct dhcpv6_lease *assign) 162 { 163 struct interface *iface = assign->iface; 164 struct dhcpv6_client_header hdr = { 165 .msg_type = DHCPV6_MSG_RECONFIGURE, 166 .transaction_id = { 0, 0, 0 }, 167 }; 168 struct { 169 uint16_t code; 170 uint16_t len; 171 uint8_t data[DUID_MAX_LEN]; 172 } _o_packed serverid = { 173 .code = htons(DHCPV6_OPT_SERVERID), 174 .len = 0, 175 .data = { 0 }, 176 }; 177 struct { 178 uint16_t code; 179 uint16_t len; 180 uint8_t data[DUID_MAX_LEN]; 181 } _o_packed clientid = { 182 .code = htons(DHCPV6_OPT_CLIENTID), 183 .len = htons(assign->duid_len), 184 .data = { 0 }, 185 }; 186 struct { 187 uint16_t code; 188 uint16_t len; 189 uint8_t id; 190 } _o_packed message = { 191 .code = htons(DHCPV6_OPT_RECONF_MSG), 192 .len = htons(1), 193 .id = DHCPV6_MSG_RENEW, 194 }; 195 struct dhcpv6_auth_reconfigure auth = { 196 .type = htons(DHCPV6_OPT_AUTH), 197 .len = htons(sizeof(struct dhcpv6_auth_reconfigure)), 198 .protocol = 3, 199 .algorithm = 1, 200 .rdm = 0, 201 .replay = { htonl(time(NULL)), htonl(++serial) }, 202 .reconf_type = 2, 203 .key = { 0 }, 204 }; 205 206 if (config.default_duid_len > 0) { 207 memcpy(serverid.data, config.default_duid, config.default_duid_len); 208 serverid.len = htons(config.default_duid_len); 209 } else { 210 uint16_t duid_ll_hdr[] = { htons(DUID_TYPE_LL), htons(ARPHRD_ETHER) }; 211 memcpy(serverid.data, duid_ll_hdr, sizeof(duid_ll_hdr)); 212 odhcpd_get_mac(iface, &serverid.data[sizeof(duid_ll_hdr)]); 213 serverid.len = htons(sizeof(duid_ll_hdr) + ETH_ALEN); 214 } 215 216 memcpy(clientid.data, assign->duid, assign->duid_len); 217 218 size_t serverid_len, clientid_len; 219 serverid_len = sizeof(serverid.code) + sizeof(serverid.len) + ntohs(serverid.len); 220 clientid_len = sizeof(clientid.code) + sizeof(clientid.len) + ntohs(clientid.len); 221 222 struct iovec iov[IOV_TOTAL] = { 223 [IOV_HDR] = { &hdr, sizeof(hdr) }, 224 [IOV_SERVERID] = { &serverid, serverid_len }, 225 [IOV_CLIENTID] = { &clientid, clientid_len }, 226 [IOV_MESSAGE] = { &message, sizeof(message) }, 227 [IOV_AUTH] = { &auth, sizeof(auth) }, 228 }; 229 230 md5_ctx_t md5; 231 uint8_t secretbytes[64]; 232 memset(secretbytes, 0, sizeof(secretbytes)); 233 memcpy(secretbytes, assign->key, sizeof(assign->key)); 234 235 for (size_t i = 0; i < sizeof(secretbytes); ++i) 236 secretbytes[i] ^= 0x36; 237 238 md5_begin(&md5); 239 md5_hash(secretbytes, sizeof(secretbytes), &md5); 240 for (size_t i = 0; i < ARRAY_SIZE(iov); i++) 241 md5_hash(iov[i].iov_base, iov[i].iov_len, &md5); 242 md5_end(auth.key, &md5); 243 244 for (size_t i = 0; i < sizeof(secretbytes); ++i) { 245 secretbytes[i] ^= 0x36; 246 secretbytes[i] ^= 0x5c; 247 } 248 249 md5_begin(&md5); 250 md5_hash(secretbytes, sizeof(secretbytes), &md5); 251 md5_hash(auth.key, 16, &md5); 252 md5_end(auth.key, &md5); 253 254 return odhcpd_send(iface->dhcpv6_event.uloop.fd, &assign->peer, iov, ARRAY_SIZE(iov), iface); 255 } 256 257 static void in6_copy_iid(struct in6_addr *dest, uint64_t iid, unsigned n) 258 { 259 uint64_t iid_be = htobe64(iid); 260 uint8_t *iid_bytes = (uint8_t *)&iid_be; 261 unsigned bytes = n / 8; 262 unsigned bits = n % 8; 263 264 if (n == 0 || n > 64) 265 return; 266 267 memcpy(&dest->s6_addr[16 - bytes], &iid_bytes[8 - bytes], bytes); 268 269 if (bits > 0) { 270 unsigned dest_idx = 16 - bytes - 1; 271 unsigned src_idx = 8 - bytes - 1; 272 uint8_t mask = (1 << bits) - 1; 273 dest->s6_addr[dest_idx] = (dest->s6_addr[dest_idx] & ~mask) | 274 (iid_bytes[src_idx] & mask); 275 } 276 } 277 278 struct in6_addr in6_from_prefix_and_iid(const struct odhcpd_ipaddr *prefix, uint64_t iid) 279 { 280 struct in6_addr addr; 281 uint8_t iid_len = min(128 - prefix->prefix_len, 64); 282 283 addr = prefix->addr.in6; 284 in6_copy_iid(&addr, iid, iid_len); 285 286 return addr; 287 } 288 289 static void __apply_lease(struct dhcpv6_lease *a, 290 struct odhcpd_ipaddr *addrs, ssize_t addr_len, bool add) 291 { 292 if (a->flags & OAF_DHCPV6_NA) 293 return; 294 295 for (ssize_t i = 0; i < addr_len; ++i) { 296 struct in6_addr prefix; 297 298 if (ADDR_MATCH_PIO_FILTER(&addrs[i], a->iface)) 299 continue; 300 301 prefix = addrs[i].addr.in6; 302 prefix.s6_addr32[1] |= htonl(a->assigned_subnet_id); 303 prefix.s6_addr32[2] = prefix.s6_addr32[3] = 0; 304 netlink_setup_route(&prefix, a->length, a->iface->ifindex, 305 &a->peer.sin6_addr, 1024, add); 306 } 307 } 308 309 static void apply_lease(struct dhcpv6_lease *a, bool add) 310 { 311 struct interface *iface = a->iface; 312 struct odhcpd_ipaddr *addrs = iface->addr6; 313 ssize_t addrlen = (ssize_t)iface->addr6_len; 314 315 __apply_lease(a, addrs, addrlen, add); 316 } 317 318 /* Set border assignment size based on the IPv6 address prefixes */ 319 static void set_border_assignment_size(struct interface *iface, struct dhcpv6_lease *b) 320 { 321 time_t now = odhcpd_time(); 322 int minprefix = -1; 323 324 for (size_t i = 0; i < iface->addr6_len; ++i) { 325 struct odhcpd_ipaddr *addr = &iface->addr6[i]; 326 327 if (ADDR_MATCH_PIO_FILTER(addr, iface)) 328 continue; 329 330 if (addr->preferred_lt > (uint32_t)now && 331 addr->prefix_len < 64 && 332 addr->prefix_len > minprefix) 333 minprefix = addr->prefix_len; 334 } 335 336 if (minprefix > 32 && minprefix <= 64) 337 b->assigned_subnet_id = 1U << (64 - minprefix); 338 else 339 b->assigned_subnet_id = 0; 340 } 341 342 static bool assign_pd(struct interface *iface, struct dhcpv6_lease *assign) 343 { 344 struct dhcpv6_lease *c; 345 346 if (iface->addr6_len < 1) 347 return false; 348 349 /* Try honoring the hint first */ 350 uint32_t current = 1, asize = (1 << (64 - assign->length)) - 1; 351 if (assign->assigned_subnet_id) { 352 list_for_each_entry(c, &iface->ia_assignments, head) { 353 if (c->flags & OAF_DHCPV6_NA) 354 continue; 355 356 if (assign->assigned_subnet_id >= current && assign->assigned_subnet_id + asize < c->assigned_subnet_id) { 357 list_add_tail(&assign->head, &c->head); 358 359 if (assign->bound) 360 apply_lease(assign, true); 361 362 return true; 363 } 364 365 current = (c->assigned_subnet_id + (1 << (64 - c->length))); 366 } 367 } 368 369 /* Fallback to a variable assignment */ 370 current = 1; 371 list_for_each_entry(c, &iface->ia_assignments, head) { 372 if (c->flags & OAF_DHCPV6_NA) 373 continue; 374 375 current = (current + asize) & (~asize); 376 377 if (current + asize < c->assigned_subnet_id) { 378 assign->assigned_subnet_id = current; 379 list_add_tail(&assign->head, &c->head); 380 381 if (assign->bound) 382 apply_lease(assign, true); 383 384 return true; 385 } 386 387 current = (c->assigned_subnet_id + (1 << (64 - c->length))); 388 } 389 390 return false; 391 } 392 393 /* Check iid against reserved IPv6 interface identifiers. 394 * Refer to: http://www.iana.org/assignments/ipv6-interface-ids 395 */ 396 static bool is_reserved_ipv6_iid(uint64_t iid) 397 { 398 if (iid == 0x0000000000000000) 399 /* Subnet-Router Anycast [RFC4291] */ 400 return true; 401 402 if ((iid & 0xFFFFFFFFFF000000) == 0x02005EFFFE000000) 403 /* Reserved IPv6 Interface Identifiers corresponding 404 * to the IANA Ethernet Block [RFC4291] 405 */ 406 return true; 407 408 if ((iid & 0xFFFFFFFFFFFFFF80) == 0xFDFFFFFFFFFFFF80) 409 /* Reserved Subnet Anycast Addresses [RFC2526] */ 410 return true; 411 412 return false; 413 } 414 415 static bool assign_na(struct interface *iface, struct dhcpv6_lease *a) 416 { 417 struct dhcpv6_lease *c; 418 uint64_t pool_start = 0x100; 419 uint64_t pool_end = (iface->dhcpv6_hostid_len >= 64) ? UINT64_MAX : ((1ULL << iface->dhcpv6_hostid_len) - 1); 420 uint64_t pool_size = pool_end - pool_start + 1; 421 uint64_t try; 422 unsigned short xsubi[3] = { 0 }; 423 424 /* Preconfigured assignment by static lease */ 425 if (a->assigned_host_id) { 426 list_for_each_entry(c, &iface->ia_assignments, head) { 427 if (!(c->flags & OAF_DHCPV6_NA) || c->assigned_host_id > a->assigned_host_id ) { 428 list_add_tail(&a->head, &c->head); 429 return true; 430 } else if (c->assigned_host_id == a->assigned_host_id) 431 return false; 432 } 433 } 434 435 /* Pick a starting point, using the last bytes of the DUID as seed... */ 436 memcpy(xsubi, 437 a->duid + (a->duid_len > sizeof(xsubi) ? a->duid_len - sizeof(xsubi) : 0), 438 min(a->duid_len, sizeof(xsubi))); 439 try = ((uint64_t)jrand48(xsubi) << 32) | (jrand48(xsubi) & UINT32_MAX); 440 try = pool_start + try % pool_size; 441 442 /* ...then try to assign sequentially from that starting point... */ 443 for (size_t i = 0; i < 100; i++, try++) { 444 if (try > pool_end) 445 try = pool_start; 446 447 if (is_reserved_ipv6_iid(try)) 448 continue; 449 450 if (config_find_lease_cfg_by_hostid(try)) 451 continue; 452 453 list_for_each_entry(c, &iface->ia_assignments, head) { 454 if (!(c->flags & OAF_DHCPV6_NA) || c->assigned_host_id > try) { 455 a->assigned_host_id = try; 456 list_add_tail(&a->head, &c->head); 457 return true; 458 } else if (c->assigned_host_id == try) 459 break; 460 } 461 } 462 463 return false; 464 } 465 466 static void handle_addrlist_change(struct netevent_handler_info *info) 467 { 468 struct interface *iface = info->iface; 469 struct dhcpv6_lease *c, *d, *border = list_last_entry( 470 &iface->ia_assignments, struct dhcpv6_lease, head); 471 struct list_head reassign = LIST_HEAD_INIT(reassign); 472 time_t now = odhcpd_time(); 473 474 list_for_each_entry(c, &iface->ia_assignments, head) { 475 if ((c->flags & OAF_DHCPV6_PD) && !(iface->ra_flags & ND_RA_FLAG_MANAGED) 476 && (c->bound)) 477 __apply_lease(c, info->addrs_old.addrs, 478 info->addrs_old.len, false); 479 } 480 481 set_border_assignment_size(iface, border); 482 483 list_for_each_entry_safe(c, d, &iface->ia_assignments, head) { 484 if (c->duid_len == 0 || 485 !(c->flags & OAF_DHCPV6_PD) || 486 (!INFINITE_VALID(c->valid_until) && c->valid_until < now)) 487 continue; 488 489 if (c->assigned_subnet_id >= border->assigned_subnet_id) 490 list_move(&c->head, &reassign); 491 else if (c->bound) 492 apply_lease(c, true); 493 494 if (c->accept_fr_nonce && c->fr_cnt == 0) { 495 struct dhcpv6_lease *a; 496 497 start_reconf(c); 498 499 /* Leave all other assignments of that client alone */ 500 list_for_each_entry(a, &iface->ia_assignments, head) 501 if (a != c && a->duid_len == c->duid_len && 502 !memcmp(a->duid, c->duid, a->duid_len)) 503 a->fr_cnt = INT_MAX; 504 } 505 } 506 507 while (!list_empty(&reassign)) { 508 c = list_first_entry(&reassign, struct dhcpv6_lease, head); 509 list_del_init(&c->head); 510 if (!assign_pd(iface, c)) 511 dhcpv6_free_lease(c); 512 } 513 514 statefiles_write(); 515 } 516 517 static void reconf_timeout_cb(struct uloop_timeout *event) 518 { 519 struct dhcpv6_lease *a = container_of(event, struct dhcpv6_lease, fr_timer); 520 521 if (a->fr_cnt > 0 && a->fr_cnt < DHCPV6_REC_MAX_RC) { 522 send_reconf(a); 523 uloop_timeout_set(&a->fr_timer, 524 DHCPV6_REC_TIMEOUT << a->fr_cnt); 525 a->fr_cnt++; 526 } else 527 stop_reconf(a); 528 } 529 530 static void start_reconf(struct dhcpv6_lease *a) 531 { 532 uloop_timeout_set(&a->fr_timer, 533 DHCPV6_REC_TIMEOUT << a->fr_cnt); 534 a->fr_timer.cb = reconf_timeout_cb; 535 a->fr_cnt++; 536 537 send_reconf(a); 538 } 539 540 static void stop_reconf(struct dhcpv6_lease *a) 541 { 542 uloop_timeout_cancel(&a->fr_timer); 543 a->fr_cnt = 0; 544 a->fr_timer.cb = NULL; 545 } 546 547 static void valid_until_cb(struct uloop_timeout *event) 548 { 549 struct interface *iface; 550 time_t now = odhcpd_time(); 551 552 avl_for_each_element(&interfaces, iface, avl) { 553 struct dhcpv6_lease *a, *n; 554 555 if (iface->dhcpv6 != MODE_SERVER) 556 continue; 557 558 list_for_each_entry_safe(a, n, &iface->ia_assignments, head) { 559 if (a->duid_len > 0 && !INFINITE_VALID(a->valid_until) && a->valid_until < now) 560 dhcpv6_free_lease(a); 561 } 562 } 563 uloop_timeout_set(event, 1000); 564 } 565 566 static size_t build_ia(uint8_t *buf, size_t buflen, uint16_t status, 567 const struct dhcpv6_ia_hdr *ia, struct dhcpv6_lease *a, 568 struct interface *iface, bool request) 569 { 570 struct dhcpv6_ia_hdr o_ia = { 571 .type = ia->type, 572 .len = 0, 573 .iaid = ia->iaid, 574 .t1 = 0, 575 .t2 = 0, 576 }; 577 size_t ia_len = sizeof(o_ia); 578 time_t now = odhcpd_time(); 579 580 if (buflen < ia_len) 581 return 0; 582 583 if (status) { 584 struct _o_packed { 585 uint16_t type; 586 uint16_t len; 587 uint16_t val; 588 } o_status = { 589 .type = htons(DHCPV6_OPT_STATUS), 590 .len = htons(sizeof(o_status) - DHCPV6_OPT_HDR_SIZE), 591 .val = htons(status), 592 }; 593 594 memcpy(buf + ia_len, &o_status, sizeof(o_status)); 595 ia_len += sizeof(o_status); 596 597 o_ia.len = htons(ia_len - DHCPV6_OPT_HDR_SIZE); 598 memcpy(buf, &o_ia, sizeof(o_ia)); 599 600 return ia_len; 601 } 602 603 if (a) { 604 uint32_t leasetime; 605 606 if (a->leasetime) { 607 leasetime = a->leasetime; 608 } else { 609 leasetime = iface->dhcp_leasetime; 610 } 611 612 uint32_t floor_preferred_lifetime, floor_valid_lifetime; /* For calculating T1 / T2 */ 613 614 if (iface->max_preferred_lifetime && iface->max_preferred_lifetime < leasetime) { 615 floor_preferred_lifetime = iface->max_preferred_lifetime; 616 } else { 617 floor_preferred_lifetime = leasetime; 618 } 619 620 if (iface->max_valid_lifetime && iface->max_valid_lifetime < leasetime) { 621 floor_valid_lifetime = iface->max_valid_lifetime; 622 } else { 623 floor_valid_lifetime = leasetime; 624 } 625 626 struct odhcpd_ipaddr *addrs = iface->addr6; 627 size_t addrlen = iface->addr6_len; 628 size_t m = get_preferred_addr(addrs, addrlen); 629 630 for (size_t i = 0; i < addrlen; ++i) { 631 uint32_t prefix_preferred_lt, prefix_valid_lt; 632 633 if (!valid_addr(&addrs[i], now)) 634 continue; 635 636 /* Filter Out Prefixes */ 637 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) { 638 char addrbuf[INET6_ADDRSTRLEN]; 639 info("Address %s filtered out on %s", 640 inet_ntop(AF_INET6, &addrs[i].addr.in6, addrbuf, sizeof(addrbuf)), 641 iface->name); 642 continue; 643 } 644 645 prefix_preferred_lt = addrs[i].preferred_lt; 646 prefix_valid_lt = addrs[i].valid_lt; 647 648 if (prefix_preferred_lt != UINT32_MAX) { 649 prefix_preferred_lt -= now; 650 651 if (iface->max_preferred_lifetime && prefix_preferred_lt > iface->max_preferred_lifetime) 652 prefix_preferred_lt = iface->max_preferred_lifetime; 653 } 654 655 if (prefix_valid_lt != UINT32_MAX) { 656 prefix_valid_lt -= now; 657 658 if (iface->max_valid_lifetime && prefix_valid_lt > iface->max_valid_lifetime) 659 prefix_valid_lt = iface->max_valid_lifetime; 660 } 661 662 if (prefix_valid_lt > leasetime) 663 prefix_valid_lt = leasetime; 664 665 if (prefix_preferred_lt > prefix_valid_lt) 666 prefix_preferred_lt = prefix_valid_lt; 667 668 if (a->flags & OAF_DHCPV6_PD) { 669 struct dhcpv6_ia_prefix o_ia_p = { 670 .type = htons(DHCPV6_OPT_IA_PREFIX), 671 .len = htons(sizeof(o_ia_p) - DHCPV6_OPT_HDR_SIZE), 672 .preferred_lt = htonl(prefix_preferred_lt), 673 .valid_lt = htonl(prefix_valid_lt), 674 .prefix_len = a->length, 675 .addr = addrs[i].addr.in6, 676 }; 677 678 o_ia_p.addr.s6_addr32[1] |= htonl(a->assigned_subnet_id); 679 o_ia_p.addr.s6_addr32[2] = o_ia_p.addr.s6_addr32[3] = 0; 680 681 if (!valid_prefix_length(a, addrs[i].prefix_len)) 682 continue; 683 684 if (buflen < ia_len + sizeof(o_ia_p)) 685 return 0; 686 687 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p)); 688 ia_len += sizeof(o_ia_p); 689 } 690 691 if (a->flags & OAF_DHCPV6_NA) { 692 struct dhcpv6_ia_addr o_ia_a = { 693 .type = htons(DHCPV6_OPT_IA_ADDR), 694 .len = htons(sizeof(o_ia_a) - DHCPV6_OPT_HDR_SIZE), 695 .addr = in6_from_prefix_and_iid(&addrs[i], a->assigned_host_id), 696 .preferred_lt = htonl(prefix_preferred_lt), 697 .valid_lt = htonl(prefix_valid_lt) 698 }; 699 700 if (!ADDR_ENTRY_VALID_IA_ADDR(iface, i, m, addrs)) 701 continue; 702 703 if (buflen < ia_len + sizeof(o_ia_a)) 704 return 0; 705 706 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a)); 707 ia_len += sizeof(o_ia_a); 708 } 709 710 /* Calculate T1 / T2 based on non-deprecated addresses */ 711 if (prefix_preferred_lt > 0) { 712 if (floor_preferred_lifetime > prefix_preferred_lt) 713 floor_preferred_lifetime = prefix_preferred_lt; 714 715 if (floor_valid_lifetime > prefix_valid_lt) 716 floor_valid_lifetime = prefix_valid_lt; 717 } 718 } 719 720 if (!INFINITE_VALID(a->valid_until)) 721 /* UINT32_MAX is RFC defined as infinite lease-time */ 722 a->valid_until = (floor_valid_lifetime == UINT32_MAX) ? 0 : floor_valid_lifetime + now; 723 724 if (!INFINITE_VALID(a->preferred_until)) 725 /* UINT32_MAX is RFC defined as infinite lease-time */ 726 a->preferred_until = (floor_preferred_lifetime == UINT32_MAX) ? 0 : floor_preferred_lifetime + now; 727 728 o_ia.t1 = htonl((floor_preferred_lifetime == UINT32_MAX) ? floor_preferred_lifetime : floor_preferred_lifetime * 5 / 10); 729 o_ia.t2 = htonl((floor_preferred_lifetime == UINT32_MAX) ? floor_preferred_lifetime : floor_preferred_lifetime * 8 / 10); 730 731 if (!o_ia.t1) 732 o_ia.t1 = htonl(1); 733 734 if (!o_ia.t2) 735 o_ia.t2 = htonl(1); 736 } 737 738 if (!request) { 739 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + DHCPV6_OPT_HDR_SIZE; 740 uint16_t otype, olen; 741 742 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) { 743 struct dhcpv6_ia_prefix *ia_p = (struct dhcpv6_ia_prefix *)&odata[-DHCPV6_OPT_HDR_SIZE]; 744 struct dhcpv6_ia_addr *ia_a = (struct dhcpv6_ia_addr *)&odata[-DHCPV6_OPT_HDR_SIZE]; 745 bool found = false; 746 747 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*ia_p) - DHCPV6_OPT_HDR_SIZE) && 748 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*ia_a) - DHCPV6_OPT_HDR_SIZE)) 749 continue; 750 751 if (a) { 752 struct odhcpd_ipaddr *addrs = iface->addr6; 753 size_t addrlen = iface->addr6_len; 754 755 for (size_t i = 0; i < addrlen; ++i) { 756 struct in6_addr addr; 757 758 if (!valid_addr(&addrs[i], now)) 759 continue; 760 761 if (!valid_prefix_length(a, addrs[i].prefix_len)) 762 continue; 763 764 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) 765 continue; 766 767 if (ia->type == htons(DHCPV6_OPT_IA_PD)) { 768 addr = addrs[i].addr.in6; 769 addr.s6_addr32[1] |= htonl(a->assigned_subnet_id); 770 addr.s6_addr32[2] = addr.s6_addr32[3] = 0; 771 772 if (!memcmp(&ia_p->addr, &addr, sizeof(addr)) && 773 ia_p->prefix_len == a->length) 774 found = true; 775 } else { 776 addr = in6_from_prefix_and_iid(&addrs[i], a->assigned_host_id); 777 778 if (!memcmp(&ia_a->addr, &addr, sizeof(addr))) 779 found = true; 780 } 781 } 782 } 783 784 if (!found) { 785 if (otype == DHCPV6_OPT_IA_PREFIX) { 786 struct dhcpv6_ia_prefix o_ia_p = { 787 .type = htons(DHCPV6_OPT_IA_PREFIX), 788 .len = htons(sizeof(o_ia_p) - DHCPV6_OPT_HDR_SIZE), 789 .preferred_lt = 0, 790 .valid_lt = 0, 791 .prefix_len = ia_p->prefix_len, 792 .addr = ia_p->addr, 793 }; 794 795 if (buflen < ia_len + sizeof(o_ia_p)) 796 return 0; 797 798 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p)); 799 ia_len += sizeof(o_ia_p); 800 } else { 801 struct dhcpv6_ia_addr o_ia_a = { 802 .type = htons(DHCPV6_OPT_IA_ADDR), 803 .len = htons(sizeof(o_ia_a) - DHCPV6_OPT_HDR_SIZE), 804 .addr = ia_a->addr, 805 .preferred_lt = 0, 806 .valid_lt = 0, 807 }; 808 809 if (buflen < ia_len + sizeof(o_ia_a)) 810 continue; 811 812 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a)); 813 ia_len += sizeof(o_ia_a); 814 } 815 } 816 } 817 } 818 819 o_ia.len = htons(ia_len - DHCPV6_OPT_HDR_SIZE); 820 memcpy(buf, &o_ia, sizeof(o_ia)); 821 return ia_len; 822 } 823 824 struct log_ctxt { 825 char *buf; 826 int buf_len; 827 int buf_idx; 828 }; 829 830 static void dhcpv6_log_ia_addr(_o_unused struct dhcpv6_lease *lease, struct in6_addr *addr, uint8_t prefix_len, 831 _o_unused uint32_t pref_lt, _o_unused uint32_t valid_lt, void *arg) 832 { 833 struct log_ctxt *ctxt = (struct log_ctxt *)arg; 834 char addrbuf[INET6_ADDRSTRLEN]; 835 836 inet_ntop(AF_INET6, addr, addrbuf, sizeof(addrbuf)); 837 ctxt->buf_idx += snprintf(ctxt->buf + ctxt->buf_idx, ctxt->buf_len - ctxt->buf_idx, 838 " %s/%" PRIu8, addrbuf, prefix_len); 839 } 840 841 static void dhcpv6_log(uint8_t msgtype, struct interface *iface, time_t now, 842 const char *duidbuf, bool is_pd, struct dhcpv6_lease *a, int code) 843 { 844 const char *type = "UNKNOWN"; 845 const char *status = "UNKNOWN"; 846 847 switch (msgtype) { 848 case DHCPV6_MSG_SOLICIT: 849 type = "SOLICIT"; 850 break; 851 case DHCPV6_MSG_REQUEST: 852 type = "REQUEST"; 853 break; 854 case DHCPV6_MSG_CONFIRM: 855 type = "CONFIRM"; 856 break; 857 case DHCPV6_MSG_RENEW: 858 type = "RENEW"; 859 break; 860 case DHCPV6_MSG_REBIND: 861 type = "REBIND"; 862 break; 863 case DHCPV6_MSG_RELEASE: 864 type = "RELEASE"; 865 break; 866 case DHCPV6_MSG_DECLINE: 867 type = "DECLINE"; 868 break; 869 } 870 871 switch (code) { 872 case DHCPV6_STATUS_OK: 873 status = "ok"; 874 break; 875 case DHCPV6_STATUS_NOADDRSAVAIL: 876 status = "no addresses available"; 877 break; 878 case DHCPV6_STATUS_NOBINDING: 879 status = "no binding"; 880 break; 881 case DHCPV6_STATUS_NOTONLINK: 882 status = "not on-link"; 883 break; 884 case DHCPV6_STATUS_NOPREFIXAVAIL: 885 status = "no prefix available"; 886 break; 887 } 888 889 char leasebuf[256] = ""; 890 891 if (a) { 892 struct log_ctxt ctxt = {.buf = leasebuf, 893 .buf_len = sizeof(leasebuf), 894 .buf_idx = 0 }; 895 896 odhcpd_enum_addr6(iface, a, now, dhcpv6_log_ia_addr, &ctxt); 897 } 898 899 info("DHCPV6 %s %s from %s on %s: %s%s", type, (is_pd) ? "IA_PD" : "IA_NA", 900 duidbuf, iface->name, status, leasebuf); 901 } 902 903 static bool dhcpv6_ia_on_link(const struct dhcpv6_ia_hdr *ia, struct dhcpv6_lease *a, 904 struct interface *iface) 905 { 906 struct odhcpd_ipaddr *addrs = iface->addr6; 907 size_t addrlen = iface->addr6_len; 908 time_t now = odhcpd_time(); 909 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + DHCPV6_OPT_HDR_SIZE; 910 uint16_t otype, olen; 911 bool onlink = true; 912 913 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) { 914 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix *)&odata[-DHCPV6_OPT_HDR_SIZE]; 915 struct dhcpv6_ia_addr *n = (struct dhcpv6_ia_addr *)&odata[-DHCPV6_OPT_HDR_SIZE]; 916 917 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*p) - DHCPV6_OPT_HDR_SIZE) && 918 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*n) - DHCPV6_OPT_HDR_SIZE)) 919 continue; 920 921 onlink = false; 922 for (size_t i = 0; i < addrlen; ++i) { 923 if (!valid_addr(&addrs[i], now)) 924 continue; 925 926 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) 927 continue; 928 929 if (ia->type == htons(DHCPV6_OPT_IA_PD)) { 930 if (p->prefix_len < addrs[i].prefix_len || 931 odhcpd_bmemcmp(&p->addr, &addrs[i].addr.in6, addrs[i].prefix_len)) 932 continue; 933 934 } else if (odhcpd_bmemcmp(&n->addr, &addrs[i].addr.in6, addrs[i].prefix_len)) 935 continue; 936 937 onlink = true; 938 } 939 940 if (!onlink) 941 break; 942 } 943 944 return onlink; 945 } 946 947 ssize_t dhcpv6_ia_handle_IAs(uint8_t *buf, size_t buflen, struct interface *iface, 948 const struct sockaddr_in6 *addr, const void *data, const uint8_t *end) 949 { 950 struct dhcpv6_lease *first = NULL; 951 const struct dhcpv6_client_header *hdr = data; 952 time_t now = odhcpd_time(); 953 uint16_t otype, olen, duid_len = 0; 954 uint8_t *start = (uint8_t *)&hdr[1], *odata; 955 uint8_t *duid = NULL, mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 956 size_t hostname_len = 0, response_len = 0; 957 bool notonlink = false, rapid_commit = false, accept_reconf = false; 958 char duidbuf[DUID_HEXSTRLEN], hostname[256]; 959 960 dhcpv6_for_each_option(start, end, otype, olen, odata) { 961 switch (otype) { 962 case DHCPV6_OPT_CLIENTID: 963 duid = odata; 964 duid_len = olen; 965 966 if (olen == 14 && odata[0] == 0 && odata[1] == 1) 967 memcpy(mac, &odata[8], sizeof(mac)); 968 else if (olen == 10 && odata[0] == 0 && odata[1] == 3) 969 memcpy(mac, &odata[4], sizeof(mac)); 970 971 if (olen <= DUID_MAX_LEN) 972 odhcpd_hexlify(duidbuf, odata, olen); 973 break; 974 975 case DHCPV6_OPT_FQDN: 976 if (olen < 2 || olen > 255) 977 break; 978 979 uint8_t fqdn_buf[256]; 980 memcpy(fqdn_buf, odata, olen); 981 fqdn_buf[olen++] = 0; 982 983 if (dn_expand(&fqdn_buf[1], &fqdn_buf[olen], &fqdn_buf[1], hostname, sizeof(hostname)) > 0) 984 hostname_len = strcspn(hostname, "."); 985 986 break; 987 988 case DHCPV6_OPT_RECONF_ACCEPT: 989 accept_reconf = true; 990 break; 991 992 case DHCPV6_OPT_RAPID_COMMIT: 993 if (hdr->msg_type == DHCPV6_MSG_SOLICIT) 994 rapid_commit = true; 995 break; 996 997 default: 998 break; 999 } 1000 } 1001 1002 if (!duid || duid_len < DUID_MIN_LEN || duid_len > DUID_MAX_LEN) 1003 goto out; 1004 1005 dhcpv6_for_each_option(start, end, otype, olen, odata) { 1006 bool is_pd = (otype == DHCPV6_OPT_IA_PD); 1007 bool is_na = (otype == DHCPV6_OPT_IA_NA); 1008 bool ia_addr_present = false; 1009 if (!is_pd && !is_na) 1010 continue; 1011 1012 struct dhcpv6_ia_hdr *ia = (struct dhcpv6_ia_hdr*)&odata[-DHCPV6_OPT_HDR_SIZE]; 1013 size_t ia_response_len = 0; 1014 uint8_t reqlen = (is_pd) ? 62 : 128; 1015 uint32_t reqhint = 0; 1016 struct lease_cfg *lease_cfg; 1017 1018 lease_cfg = config_find_lease_cfg_by_duid_and_iaid(duid, duid_len, ntohl(ia->iaid)); 1019 if (!lease_cfg) 1020 lease_cfg = config_find_lease_cfg_by_mac(mac); 1021 1022 if (lease_cfg && lease_cfg->ignore6) 1023 return -1; 1024 1025 /* Parse request hint for IA-PD */ 1026 if (is_pd) { 1027 uint8_t *sdata; 1028 uint16_t stype, slen; 1029 dhcpv6_for_each_sub_option(&ia[1], odata + olen, stype, slen, sdata) { 1030 if (stype != DHCPV6_OPT_IA_PREFIX || slen < sizeof(struct dhcpv6_ia_prefix) - DHCPV6_OPT_HDR_SIZE) 1031 continue; 1032 1033 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix*)&sdata[-DHCPV6_OPT_HDR_SIZE]; 1034 if (p->prefix_len) { 1035 reqlen = p->prefix_len; 1036 reqhint = ntohl(p->addr.s6_addr32[1]); 1037 if (reqlen > 32 && reqlen <= 64) 1038 reqhint &= (1U << (64 - reqlen)) - 1; 1039 } 1040 } 1041 1042 if (reqlen > 64) 1043 reqlen = 64; 1044 1045 /* 1046 * A requesting router can include a desired prefix length for its 1047 * delegation. The delegating router (us) is not required to honor 1048 * the hint (RFC3633, section 11.2, we MAY choose to use the 1049 * information in the option; RFC8168, section 3.2 has several SHOULDs 1050 * about desired choices for selecting a prefix to delegate). 1051 * 1052 * We support a policy setting to conserve prefix space, which purposely 1053 * assigns prefixes that might not match the requesting router's hint. 1054 * 1055 * If the minimum prefix length is set in this interface's 1056 * configuration, we use it as a floor for the requested (hinted) 1057 * prefix length. This allows us to conserve prefix space so that 1058 * any single router can't grab too much of it. Consider if we have 1059 * an interface with a /56 prefix. A requesting router could ask for 1060 * a /58 and take 1/4 of our total address space. But if we set a 1061 * minimum of /60, we can limit each requesting router to get only 1062 * 1/16 of our total address space. 1063 */ 1064 if (iface->dhcpv6_pd_min_len && reqlen < iface->dhcpv6_pd_min_len) { 1065 info("clamping requested PD from %d to %d", reqlen, 1066 iface->dhcpv6_pd_min_len); 1067 reqlen = iface->dhcpv6_pd_min_len; 1068 } 1069 } else if (is_na) { 1070 uint8_t *sdata; 1071 uint16_t stype, slen; 1072 dhcpv6_for_each_sub_option(&ia[1], odata + olen, stype, slen, sdata) { 1073 if (stype != DHCPV6_OPT_IA_ADDR || slen < sizeof(struct dhcpv6_ia_addr) - DHCPV6_OPT_HDR_SIZE) 1074 continue; 1075 1076 ia_addr_present = true; 1077 } 1078 } 1079 1080 /* Find an existing assignment */ 1081 struct dhcpv6_lease *c, *a = NULL; 1082 list_for_each_entry(c, &iface->ia_assignments, head) { 1083 /* If we're looking for a PD, is this a PD? */ 1084 if (is_pd && !(c->flags & OAF_DHCPV6_PD)) 1085 continue; 1086 1087 /* If we're looking for a NA, is this a NA? */ 1088 if (is_na && !(c->flags & OAF_DHCPV6_NA)) 1089 continue; 1090 1091 /* Is this assignment still valid? */ 1092 if (!INFINITE_VALID(c->valid_until) && now >= c->valid_until) 1093 continue; 1094 1095 /* Does the DUID match? */ 1096 if (c->duid_len != duid_len || memcmp(c->duid, duid, duid_len)) 1097 continue; 1098 1099 /* Does the IAID match? */ 1100 if (c->iaid != ia->iaid) { 1101 if (is_pd) 1102 continue; 1103 1104 if (!lease_cfg) 1105 continue; 1106 1107 /* Does the existing assignment stem from the same static lease cfg? */ 1108 if (c->lease_cfg != lease_cfg) 1109 continue; 1110 1111 /* 1112 * If there's a DUID configured for this static lease, but without 1113 * an IAID, we will proceed under the assumption that a request 1114 * with the right DUID but with *any* IAID should be able to take 1115 * over the assignment. E.g. when switching from WiFi to Ethernet 1116 * on the same client. This is similar to how multiple MAC addresses 1117 * are handled for DHCPv4. 1118 */ 1119 for (size_t i = 0; i < lease_cfg->duid_count; i++) { 1120 if (lease_cfg->duids[i].iaid_set && lease_cfg->duids[i].iaid != htonl(ia->iaid)) 1121 continue; 1122 1123 if (lease_cfg->duids[i].len != duid_len) 1124 continue; 1125 1126 if (memcmp(lease_cfg->duids[i].id, duid, duid_len)) 1127 continue; 1128 1129 /* 1130 * Reconf doesn't specify the IAID, so we have to assume the client 1131 * already knows or doesn't care about the old assignment. 1132 */ 1133 stop_reconf(c); 1134 dhcpv6_free_lease(c); 1135 goto proceed; 1136 } 1137 continue; 1138 } 1139 1140 /* We have a match */ 1141 a = c; 1142 1143 /* Reset state */ 1144 if (a->bound) 1145 apply_lease(a, false); 1146 1147 stop_reconf(a); 1148 break; 1149 } 1150 1151 if (lease_cfg && a && a->lease_cfg != lease_cfg) { 1152 dhcpv6_free_lease(a); 1153 a = NULL; 1154 } 1155 1156 proceed: 1157 /* Generic message handling */ 1158 uint16_t status = DHCPV6_STATUS_OK; 1159 bool assigned = false; 1160 1161 switch (hdr->msg_type) { 1162 case DHCPV6_MSG_SOLICIT: 1163 case DHCPV6_MSG_REQUEST: 1164 case DHCPV6_MSG_REBIND: { 1165 if (hdr->msg_type == DHCPV6_MSG_REBIND && a) 1166 break; 1167 1168 assigned = (a != NULL); 1169 1170 if (!a) { 1171 if ((!iface->no_dynamic_dhcp || (lease_cfg && is_na)) && 1172 (iface->dhcpv6_pd || iface->dhcpv6_na)) { 1173 /* Create new binding */ 1174 a = dhcpv6_alloc_lease(duid_len); 1175 1176 if (a) { 1177 a->duid_len = duid_len; 1178 memcpy(a->duid, duid, duid_len); 1179 a->iaid = ia->iaid; 1180 a->length = reqlen; 1181 a->peer = *addr; 1182 a->iface = iface; 1183 a->flags = is_pd ? OAF_DHCPV6_PD : OAF_DHCPV6_NA; 1184 a->valid_until = now; 1185 a->preferred_until = now; 1186 1187 if (is_na) 1188 a->assigned_host_id = lease_cfg ? lease_cfg->hostid : 0; 1189 else 1190 a->assigned_subnet_id = reqhint; 1191 1192 if (first) 1193 memcpy(a->key, first->key, sizeof(a->key)); 1194 else 1195 odhcpd_urandom(a->key, sizeof(a->key)); 1196 1197 if (is_pd && iface->dhcpv6_pd) { 1198 while (!(assigned = assign_pd(iface, a)) && 1199 ++a->length <= 64); 1200 } else if (is_na && iface->dhcpv6_na) { 1201 assigned = assign_na(iface, a); 1202 } 1203 1204 if (lease_cfg && assigned) { 1205 if (lease_cfg->hostname) { 1206 a->hostname = strdup(lease_cfg->hostname); 1207 a->hostname_valid = true; 1208 } 1209 1210 if (lease_cfg->leasetime) 1211 a->leasetime = lease_cfg->leasetime; 1212 1213 list_add(&a->lease_cfg_list, &lease_cfg->dhcpv6_leases); 1214 a->lease_cfg = lease_cfg; 1215 } 1216 } 1217 } 1218 } 1219 1220 /* Status evaluation */ 1221 if (!assigned || iface->addr6_len == 0) { 1222 /* Set error status */ 1223 status = is_pd ? DHCPV6_STATUS_NOPREFIXAVAIL : DHCPV6_STATUS_NOADDRSAVAIL; 1224 } else if (hdr->msg_type == DHCPV6_MSG_REQUEST && !dhcpv6_ia_on_link(ia, a, iface)) { 1225 /* Send NOTONLINK status for the IA */ 1226 status = DHCPV6_STATUS_NOTONLINK; 1227 assigned = false; 1228 } 1229 1230 /* Reconfigure Accept */ 1231 if (accept_reconf && assigned && !first && 1232 hdr->msg_type != DHCPV6_MSG_REBIND) { 1233 1234 size_t handshake_len = 4; 1235 buf[0] = 0; 1236 buf[1] = DHCPV6_OPT_RECONF_ACCEPT; 1237 buf[2] = 0; 1238 buf[3] = 0; 1239 1240 if (hdr->msg_type == DHCPV6_MSG_REQUEST) { 1241 struct dhcpv6_auth_reconfigure auth = { 1242 htons(DHCPV6_OPT_AUTH), 1243 htons(sizeof(auth) - DHCPV6_OPT_HDR_SIZE), 1244 3, 1, 0, 1245 {htonl(time(NULL)), htonl(++serial)}, 1246 1, 1247 {0} 1248 }; 1249 1250 memcpy(auth.key, a->key, sizeof(a->key)); 1251 memcpy(buf + handshake_len, &auth, sizeof(auth)); 1252 handshake_len += sizeof(auth); 1253 } 1254 1255 buf += handshake_len; 1256 buflen -= handshake_len; 1257 response_len += handshake_len; 1258 1259 first = a; 1260 } 1261 1262 ia_response_len = build_ia( 1263 buf, buflen, status, ia, a, iface, 1264 hdr->msg_type != DHCPV6_MSG_REBIND); 1265 1266 /* Was only a solicitation: mark binding for removal in 60 seconds */ 1267 if (assigned) { 1268 switch (hdr->msg_type) { 1269 case DHCPV6_MSG_SOLICIT: 1270 if (!rapid_commit) { 1271 a->bound = false; 1272 a->valid_until = now + 60; 1273 break; 1274 } 1275 1276 _o_fallthrough; 1277 case DHCPV6_MSG_REQUEST: 1278 case DHCPV6_MSG_REBIND: 1279 if (hostname_len > 0 && (!a->lease_cfg || !a->lease_cfg->hostname)) { 1280 1281 char *tmp = realloc(a->hostname, hostname_len + 1); 1282 if (tmp) { 1283 a->hostname = tmp; 1284 memcpy(a->hostname, hostname, hostname_len); 1285 a->hostname[hostname_len] = 0; 1286 a->hostname_valid = odhcpd_hostname_valid(a->hostname); 1287 } 1288 } 1289 1290 a->accept_fr_nonce = accept_reconf; 1291 a->bound = true; 1292 apply_lease(a, true); 1293 break; 1294 1295 default: 1296 break; 1297 } 1298 } else { 1299 /* Clean up failed assignment */ 1300 dhcpv6_free_lease(a); 1301 a = NULL; 1302 } 1303 1304 break; 1305 } 1306 1307 case DHCPV6_MSG_RENEW: 1308 case DHCPV6_MSG_RELEASE: 1309 case DHCPV6_MSG_DECLINE: { 1310 /* RENEW / RELEASE / DECLINE require an existing binding */ 1311 if (!a) { 1312 status = DHCPV6_STATUS_NOBINDING; 1313 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false); 1314 break; 1315 } 1316 1317 switch (hdr->msg_type) { 1318 case DHCPV6_MSG_RENEW: 1319 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false); 1320 1321 a->bound = true; 1322 apply_lease(a, true); 1323 break; 1324 1325 case DHCPV6_MSG_RELEASE: 1326 /* Immediately expire the lease */ 1327 a->valid_until = now - 1; 1328 break; 1329 1330 case DHCPV6_MSG_DECLINE: 1331 /* DECLINE only applies to non-temporary addresses */ 1332 if (!(a->flags & OAF_DHCPV6_NA)) 1333 break; 1334 1335 a->bound = false; 1336 1337 if (a->lease_cfg && 1338 a->lease_cfg->hostid == a->assigned_host_id) { 1339 /* Static lease: release immediately */ 1340 a->valid_until = now - 1; 1341 } else { 1342 /* Dynamic lease: block address for 1 hour */ 1343 memset(a->duid, 0, a->duid_len); 1344 a->valid_until = now + 3600; 1345 } 1346 break; 1347 } 1348 1349 break; 1350 } 1351 1352 case DHCPV6_MSG_CONFIRM: 1353 if (ia_addr_present && !dhcpv6_ia_on_link(ia, a, iface)) { 1354 notonlink = true; 1355 break; 1356 } 1357 1358 if (!ia_addr_present || !a || !a->bound) { 1359 response_len = 0; 1360 goto out; 1361 } 1362 break; 1363 1364 default: 1365 break; 1366 } 1367 1368 if (hdr->msg_type == DHCPV6_MSG_REBIND && a) { 1369 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false); 1370 a->bound = true; 1371 apply_lease(a, true); 1372 } 1373 1374 buf += ia_response_len; 1375 buflen -= ia_response_len; 1376 response_len += ia_response_len; 1377 dhcpv6_log(hdr->msg_type, iface, now, duidbuf, is_pd, a, status); 1378 } /* end dhcpv6_for_each_option */ 1379 1380 switch (hdr->msg_type) { 1381 case DHCPV6_MSG_RELEASE: 1382 case DHCPV6_MSG_DECLINE: 1383 case DHCPV6_MSG_CONFIRM: 1384 if (response_len + 6 < buflen) { 1385 buf[0] = 0; 1386 buf[1] = DHCPV6_OPT_STATUS; 1387 buf[2] = 0; 1388 buf[3] = 2; 1389 buf[4] = 0; 1390 buf[5] = (notonlink) ? DHCPV6_STATUS_NOTONLINK : DHCPV6_STATUS_OK; 1391 response_len += 6; 1392 } 1393 break; 1394 1395 default: 1396 break; 1397 } 1398 1399 statefiles_write(); 1400 1401 out: 1402 return response_len; 1403 } 1404
This page was automatically generated by LXR 0.3.1. • OpenWrt