1 /** 2 * Copyright (C) 2013 Steven Barth <steven@midlink.org> 3 * Copyright (C) 2016 Hans Dedecker <dedeckeh@gmail.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License v2 as published by 7 * the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 */ 15 16 #include "odhcpd.h" 17 #include "dhcpv6.h" 18 #include "dhcpv4.h" 19 #include "dhcpv6-ia.h" 20 #include "statefiles.h" 21 22 #include <time.h> 23 #include <fcntl.h> 24 #include <limits.h> 25 #include <stdio.h> 26 #include <resolv.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <unistd.h> 30 #include <stdbool.h> 31 #include <arpa/inet.h> 32 33 #include <libubox/md5.h> 34 35 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info); 36 static void apply_lease(struct dhcpv6_lease *a, bool add); 37 static void set_border_assignment_size(struct interface *iface, struct dhcpv6_lease *b); 38 static void handle_addrlist_change(struct netevent_handler_info *info); 39 static void start_reconf(struct dhcpv6_lease *a); 40 static void stop_reconf(struct dhcpv6_lease *a); 41 static void valid_until_cb(struct uloop_timeout *event); 42 43 static struct netevent_handler dhcpv6_netevent_handler = { .cb = dhcpv6_netevent_cb, }; 44 static struct uloop_timeout valid_until_timeout = {.cb = valid_until_cb}; 45 static uint32_t serial = 0; 46 47 static struct dhcpv6_lease * 48 dhcpv6_alloc_lease(size_t extra_len) 49 { 50 struct dhcpv6_lease *a = calloc(1, sizeof(*a) + extra_len); 51 52 if (!a) 53 return NULL; 54 55 INIT_LIST_HEAD(&a->head); 56 INIT_LIST_HEAD(&a->lease_cfg_list); 57 58 return a; 59 } 60 61 void dhcpv6_free_lease(struct dhcpv6_lease *a) 62 { 63 list_del(&a->head); 64 list_del(&a->lease_cfg_list); 65 66 if ((a->flags & OAF_BOUND) && (a->flags & OAF_DHCPV6_PD)) 67 apply_lease(a, false); 68 69 if (a->fr_cnt) 70 stop_reconf(a); 71 72 free(a->hostname); 73 free(a); 74 } 75 76 int dhcpv6_ia_init(void) 77 { 78 uloop_timeout_set(&valid_until_timeout, 1000); 79 80 netlink_add_netevent_handler(&dhcpv6_netevent_handler); 81 82 return 0; 83 } 84 85 int dhcpv6_ia_setup_interface(struct interface *iface, bool enable) 86 { 87 enable = enable && (iface->dhcpv6 == MODE_SERVER); 88 89 if (enable) { 90 struct dhcpv6_lease *border; 91 92 if (list_empty(&iface->ia_assignments)) { 93 border = dhcpv6_alloc_lease(0); 94 95 if (!border) { 96 warn("Failed to alloc border on %s", iface->name); 97 return -1; 98 } 99 100 border->length = 64; 101 list_add(&border->head, &iface->ia_assignments); 102 } else 103 border = list_last_entry(&iface->ia_assignments, struct dhcpv6_lease, head); 104 105 set_border_assignment_size(iface, border); 106 } else { 107 struct dhcpv6_lease *c; 108 109 while (!list_empty(&iface->ia_assignments)) { 110 c = list_first_entry(&iface->ia_assignments, struct dhcpv6_lease, head); 111 dhcpv6_free_lease(c); 112 } 113 } 114 115 return 0; 116 } 117 118 119 static void dhcpv6_netevent_cb(unsigned long event, struct netevent_handler_info *info) 120 { 121 struct interface *iface = info->iface; 122 123 if (!iface || iface->dhcpv6 != MODE_SERVER) 124 return; 125 126 switch (event) { 127 case NETEV_ADDR6LIST_CHANGE: 128 handle_addrlist_change(info); 129 break; 130 default: 131 break; 132 } 133 } 134 135 size_t get_preferred_addr(const struct odhcpd_ipaddr *addrs, const size_t addrlen) 136 { 137 size_t i, m; 138 139 for (i = 0, m = 0; i < addrlen; ++i) { 140 if (addrs[i].preferred_lt > addrs[m].preferred_lt || 141 (addrs[i].preferred_lt == addrs[m].preferred_lt && 142 memcmp(&addrs[i].addr, &addrs[m].addr, 16) > 0)) 143 m = i; 144 } 145 146 return m; 147 } 148 149 enum { 150 IOV_HDR = 0, 151 IOV_SERVERID, 152 IOV_CLIENTID, 153 IOV_MESSAGE, 154 IOV_AUTH, 155 IOV_TOTAL 156 }; 157 158 static int send_reconf(struct dhcpv6_lease *assign) 159 { 160 struct interface *iface = assign->iface; 161 struct dhcpv6_client_header hdr = { 162 .msg_type = DHCPV6_MSG_RECONFIGURE, 163 .transaction_id = { 0, 0, 0 }, 164 }; 165 struct { 166 uint16_t code; 167 uint16_t len; 168 uint8_t data[DUID_MAX_LEN]; 169 } _packed serverid = { 170 .code = htons(DHCPV6_OPT_SERVERID), 171 .len = 0, 172 .data = { 0 }, 173 }; 174 struct { 175 uint16_t code; 176 uint16_t len; 177 uint8_t data[DUID_MAX_LEN]; 178 } _packed clientid = { 179 .code = htons(DHCPV6_OPT_CLIENTID), 180 .len = htons(assign->duid_len), 181 .data = { 0 }, 182 }; 183 struct { 184 uint16_t code; 185 uint16_t len; 186 uint8_t id; 187 } _packed message = { 188 .code = htons(DHCPV6_OPT_RECONF_MSG), 189 .len = htons(1), 190 .id = DHCPV6_MSG_RENEW, 191 }; 192 struct dhcpv6_auth_reconfigure auth = { 193 .type = htons(DHCPV6_OPT_AUTH), 194 .len = htons(sizeof(struct dhcpv6_auth_reconfigure)), 195 .protocol = 3, 196 .algorithm = 1, 197 .rdm = 0, 198 .replay = { htonl(time(NULL)), htonl(++serial) }, 199 .reconf_type = 2, 200 .key = { 0 }, 201 }; 202 203 if (config.default_duid_len > 0) { 204 memcpy(serverid.data, config.default_duid, config.default_duid_len); 205 serverid.len = htons(config.default_duid_len); 206 } else { 207 uint16_t duid_ll_hdr[] = { htons(DUID_TYPE_LL), htons(ARPHRD_ETHER) }; 208 memcpy(serverid.data, duid_ll_hdr, sizeof(duid_ll_hdr)); 209 odhcpd_get_mac(iface, &serverid.data[sizeof(duid_ll_hdr)]); 210 serverid.len = htons(sizeof(duid_ll_hdr) + ETH_ALEN); 211 } 212 213 memcpy(clientid.data, assign->duid, assign->duid_len); 214 215 struct iovec iov[IOV_TOTAL] = { 216 [IOV_HDR] = { &hdr, sizeof(hdr) }, 217 [IOV_SERVERID] = { &serverid, sizeof(serverid) }, 218 [IOV_CLIENTID] = { &clientid, sizeof(clientid) }, 219 [IOV_MESSAGE] = { &message, sizeof(message) }, 220 [IOV_AUTH] = { &auth, sizeof(auth) }, 221 }; 222 223 md5_ctx_t md5; 224 uint8_t secretbytes[64]; 225 memset(secretbytes, 0, sizeof(secretbytes)); 226 memcpy(secretbytes, assign->key, sizeof(assign->key)); 227 228 for (size_t i = 0; i < sizeof(secretbytes); ++i) 229 secretbytes[i] ^= 0x36; 230 231 md5_begin(&md5); 232 md5_hash(secretbytes, sizeof(secretbytes), &md5); 233 for (size_t i = 0; i < ARRAY_SIZE(iov); i++) 234 md5_hash(iov[i].iov_base, iov[i].iov_len, &md5); 235 md5_end(auth.key, &md5); 236 237 for (size_t i = 0; i < sizeof(secretbytes); ++i) { 238 secretbytes[i] ^= 0x36; 239 secretbytes[i] ^= 0x5c; 240 } 241 242 md5_begin(&md5); 243 md5_hash(secretbytes, sizeof(secretbytes), &md5); 244 md5_hash(auth.key, 16, &md5); 245 md5_end(auth.key, &md5); 246 247 return odhcpd_send(iface->dhcpv6_event.uloop.fd, &assign->peer, iov, ARRAY_SIZE(iov), iface); 248 } 249 250 static void in6_copy_iid(struct in6_addr *dest, uint64_t iid, unsigned n) 251 { 252 uint64_t iid_be = htobe64(iid); 253 uint8_t *iid_bytes = (uint8_t *)&iid_be; 254 unsigned bytes = n / 8; 255 unsigned bits = n % 8; 256 257 if (n == 0 || n > 64) 258 return; 259 260 memcpy(&dest->s6_addr[16 - bytes], &iid_bytes[8 - bytes], bytes); 261 262 if (bits > 0) { 263 unsigned dest_idx = 16 - bytes - 1; 264 unsigned src_idx = 8 - bytes - 1; 265 uint8_t mask = (1 << bits) - 1; 266 dest->s6_addr[dest_idx] = (dest->s6_addr[dest_idx] & ~mask) | 267 (iid_bytes[src_idx] & mask); 268 } 269 } 270 271 struct in6_addr in6_from_prefix_and_iid(const struct odhcpd_ipaddr *prefix, uint64_t iid) 272 { 273 struct in6_addr addr; 274 uint8_t iid_len = min(128 - prefix->prefix, 64); 275 276 addr = prefix->addr.in6; 277 in6_copy_iid(&addr, iid, iid_len); 278 279 return addr; 280 } 281 282 static void __apply_lease(struct dhcpv6_lease *a, 283 struct odhcpd_ipaddr *addrs, ssize_t addr_len, bool add) 284 { 285 if (a->flags & OAF_DHCPV6_NA) 286 return; 287 288 for (ssize_t i = 0; i < addr_len; ++i) { 289 struct in6_addr prefix; 290 291 if (ADDR_MATCH_PIO_FILTER(&addrs[i], a->iface)) 292 continue; 293 294 prefix = addrs[i].addr.in6; 295 prefix.s6_addr32[1] |= htonl(a->assigned_subnet_id); 296 prefix.s6_addr32[2] = prefix.s6_addr32[3] = 0; 297 netlink_setup_route(&prefix, a->length, a->iface->ifindex, 298 &a->peer.sin6_addr, 1024, add); 299 } 300 } 301 302 static void apply_lease(struct dhcpv6_lease *a, bool add) 303 { 304 struct interface *iface = a->iface; 305 struct odhcpd_ipaddr *addrs = iface->addr6; 306 ssize_t addrlen = (ssize_t)iface->addr6_len; 307 308 __apply_lease(a, addrs, addrlen, add); 309 } 310 311 /* Set border assignment size based on the IPv6 address prefixes */ 312 static void set_border_assignment_size(struct interface *iface, struct dhcpv6_lease *b) 313 { 314 time_t now = odhcpd_time(); 315 int minprefix = -1; 316 317 for (size_t i = 0; i < iface->addr6_len; ++i) { 318 struct odhcpd_ipaddr *addr = &iface->addr6[i]; 319 320 if (ADDR_MATCH_PIO_FILTER(addr, iface)) 321 continue; 322 323 if (addr->preferred_lt > (uint32_t)now && 324 addr->prefix < 64 && 325 addr->prefix > minprefix) 326 minprefix = addr->prefix; 327 } 328 329 if (minprefix > 32 && minprefix <= 64) 330 b->assigned_subnet_id = 1U << (64 - minprefix); 331 else 332 b->assigned_subnet_id = 0; 333 } 334 335 static bool assign_pd(struct interface *iface, struct dhcpv6_lease *assign) 336 { 337 struct dhcpv6_lease *c; 338 339 if (iface->addr6_len < 1) 340 return false; 341 342 /* Try honoring the hint first */ 343 uint32_t current = 1, asize = (1 << (64 - assign->length)) - 1; 344 if (assign->assigned_subnet_id) { 345 list_for_each_entry(c, &iface->ia_assignments, head) { 346 if (c->flags & OAF_DHCPV6_NA) 347 continue; 348 349 if (assign->assigned_subnet_id >= current && assign->assigned_subnet_id + asize < c->assigned_subnet_id) { 350 list_add_tail(&assign->head, &c->head); 351 352 if (assign->flags & OAF_BOUND) 353 apply_lease(assign, true); 354 355 return true; 356 } 357 358 current = (c->assigned_subnet_id + (1 << (64 - c->length))); 359 } 360 } 361 362 /* Fallback to a variable assignment */ 363 current = 1; 364 list_for_each_entry(c, &iface->ia_assignments, head) { 365 if (c->flags & OAF_DHCPV6_NA) 366 continue; 367 368 current = (current + asize) & (~asize); 369 370 if (current + asize < c->assigned_subnet_id) { 371 assign->assigned_subnet_id = current; 372 list_add_tail(&assign->head, &c->head); 373 374 if (assign->flags & OAF_BOUND) 375 apply_lease(assign, true); 376 377 return true; 378 } 379 380 current = (c->assigned_subnet_id + (1 << (64 - c->length))); 381 } 382 383 return false; 384 } 385 386 /* Check iid against reserved IPv6 interface identifiers. 387 * Refer to: http://www.iana.org/assignments/ipv6-interface-ids 388 */ 389 static bool is_reserved_ipv6_iid(uint64_t iid) 390 { 391 if (iid == 0x0000000000000000) 392 /* Subnet-Router Anycast [RFC4291] */ 393 return true; 394 395 if ((iid & 0xFFFFFFFFFF000000) == 0x02005EFFFE000000) 396 /* Reserved IPv6 Interface Identifiers corresponding 397 * to the IANA Ethernet Block [RFC4291] 398 */ 399 return true; 400 401 if ((iid & 0xFFFFFFFFFFFFFF80) == 0xFDFFFFFFFFFFFF80) 402 /* Reserved Subnet Anycast Addresses [RFC2526] */ 403 return true; 404 405 return false; 406 } 407 408 static bool assign_na(struct interface *iface, struct dhcpv6_lease *a) 409 { 410 struct dhcpv6_lease *c; 411 uint64_t pool_start = 0x100; 412 uint64_t pool_end = (iface->dhcpv6_hostid_len >= 64) ? UINT64_MAX : ((1ULL << iface->dhcpv6_hostid_len) - 1); 413 uint64_t pool_size = pool_end - pool_start + 1; 414 uint64_t try; 415 unsigned short xsubi[3] = { 0 }; 416 417 /* Preconfigured assignment by static lease */ 418 if (a->assigned_host_id) { 419 list_for_each_entry(c, &iface->ia_assignments, head) { 420 if (!(c->flags & OAF_DHCPV6_NA) || c->assigned_host_id > a->assigned_host_id ) { 421 list_add_tail(&a->head, &c->head); 422 return true; 423 } else if (c->assigned_host_id == a->assigned_host_id) 424 return false; 425 } 426 } 427 428 /* Pick a starting point, using the last bytes of the DUID as seed... */ 429 memcpy(xsubi, 430 a->duid + (a->duid_len > sizeof(xsubi) ? a->duid_len - sizeof(xsubi) : 0), 431 min(a->duid_len, sizeof(xsubi))); 432 try = ((uint64_t)jrand48(xsubi) << 32) | (jrand48(xsubi) & UINT32_MAX); 433 try = pool_start + try % pool_size; 434 435 /* ...then try to assign sequentially from that starting point... */ 436 for (size_t i = 0; i < 100; i++, try++) { 437 if (try > pool_end) 438 try = pool_start; 439 440 if (is_reserved_ipv6_iid(try)) 441 continue; 442 443 if (config_find_lease_cfg_by_hostid(try)) 444 continue; 445 446 list_for_each_entry(c, &iface->ia_assignments, head) { 447 if (!(c->flags & OAF_DHCPV6_NA) || c->assigned_host_id > try) { 448 a->assigned_host_id = try; 449 list_add_tail(&a->head, &c->head); 450 return true; 451 } else if (c->assigned_host_id == try) 452 break; 453 } 454 } 455 456 return false; 457 } 458 459 static void handle_addrlist_change(struct netevent_handler_info *info) 460 { 461 struct interface *iface = info->iface; 462 struct dhcpv6_lease *c, *d, *border = list_last_entry( 463 &iface->ia_assignments, struct dhcpv6_lease, head); 464 struct list_head reassign = LIST_HEAD_INIT(reassign); 465 time_t now = odhcpd_time(); 466 467 list_for_each_entry(c, &iface->ia_assignments, head) { 468 if ((c->flags & OAF_DHCPV6_PD) && !(iface->ra_flags & ND_RA_FLAG_MANAGED) 469 && (c->flags & OAF_BOUND)) 470 __apply_lease(c, info->addrs_old.addrs, 471 info->addrs_old.len, false); 472 } 473 474 set_border_assignment_size(iface, border); 475 476 list_for_each_entry_safe(c, d, &iface->ia_assignments, head) { 477 if (c->duid_len == 0 || 478 !(c->flags & OAF_DHCPV6_PD) || 479 (!INFINITE_VALID(c->valid_until) && c->valid_until < now)) 480 continue; 481 482 if (c->assigned_subnet_id >= border->assigned_subnet_id) 483 list_move(&c->head, &reassign); 484 else if (c->flags & OAF_BOUND) 485 apply_lease(c, true); 486 487 if (c->accept_fr_nonce && c->fr_cnt == 0) { 488 struct dhcpv6_lease *a; 489 490 start_reconf(c); 491 492 /* Leave all other assignments of that client alone */ 493 list_for_each_entry(a, &iface->ia_assignments, head) 494 if (a != c && a->duid_len == c->duid_len && 495 !memcmp(a->duid, c->duid, a->duid_len)) 496 a->fr_cnt = INT_MAX; 497 } 498 } 499 500 while (!list_empty(&reassign)) { 501 c = list_first_entry(&reassign, struct dhcpv6_lease, head); 502 list_del_init(&c->head); 503 if (!assign_pd(iface, c)) 504 dhcpv6_free_lease(c); 505 } 506 507 statefiles_write(); 508 } 509 510 static void reconf_timeout_cb(struct uloop_timeout *event) 511 { 512 struct dhcpv6_lease *a = container_of(event, struct dhcpv6_lease, fr_timer); 513 514 if (a->fr_cnt > 0 && a->fr_cnt < DHCPV6_REC_MAX_RC) { 515 send_reconf(a); 516 uloop_timeout_set(&a->fr_timer, 517 DHCPV6_REC_TIMEOUT << a->fr_cnt); 518 a->fr_cnt++; 519 } else 520 stop_reconf(a); 521 } 522 523 static void start_reconf(struct dhcpv6_lease *a) 524 { 525 uloop_timeout_set(&a->fr_timer, 526 DHCPV6_REC_TIMEOUT << a->fr_cnt); 527 a->fr_timer.cb = reconf_timeout_cb; 528 a->fr_cnt++; 529 530 send_reconf(a); 531 } 532 533 static void stop_reconf(struct dhcpv6_lease *a) 534 { 535 uloop_timeout_cancel(&a->fr_timer); 536 a->fr_cnt = 0; 537 a->fr_timer.cb = NULL; 538 } 539 540 static void valid_until_cb(struct uloop_timeout *event) 541 { 542 struct interface *iface; 543 time_t now = odhcpd_time(); 544 545 avl_for_each_element(&interfaces, iface, avl) { 546 struct dhcpv6_lease *a, *n; 547 548 if (iface->dhcpv6 != MODE_SERVER) 549 continue; 550 551 list_for_each_entry_safe(a, n, &iface->ia_assignments, head) { 552 if (a->duid_len > 0 && !INFINITE_VALID(a->valid_until) && a->valid_until < now) 553 dhcpv6_free_lease(a); 554 } 555 } 556 uloop_timeout_set(event, 1000); 557 } 558 559 static size_t build_ia(uint8_t *buf, size_t buflen, uint16_t status, 560 const struct dhcpv6_ia_hdr *ia, struct dhcpv6_lease *a, 561 struct interface *iface, bool request) 562 { 563 struct dhcpv6_ia_hdr o_ia = { 564 .type = ia->type, 565 .len = 0, 566 .iaid = ia->iaid, 567 .t1 = 0, 568 .t2 = 0, 569 }; 570 size_t ia_len = sizeof(o_ia); 571 time_t now = odhcpd_time(); 572 573 if (buflen < ia_len) 574 return 0; 575 576 if (status) { 577 struct __attribute__((packed)) { 578 uint16_t type; 579 uint16_t len; 580 uint16_t val; 581 } o_status = { 582 .type = htons(DHCPV6_OPT_STATUS), 583 .len = htons(sizeof(o_status) - 4), 584 .val = htons(status), 585 }; 586 587 memcpy(buf + ia_len, &o_status, sizeof(o_status)); 588 ia_len += sizeof(o_status); 589 590 o_ia.len = htons(ia_len - 4); 591 memcpy(buf, &o_ia, sizeof(o_ia)); 592 593 return ia_len; 594 } 595 596 if (a) { 597 uint32_t leasetime; 598 599 if (a->leasetime) { 600 leasetime = a->leasetime; 601 } else { 602 leasetime = iface->dhcp_leasetime; 603 } 604 605 uint32_t floor_preferred_lifetime, floor_valid_lifetime; /* For calculating T1 / T2 */ 606 607 if (iface->max_preferred_lifetime && iface->max_preferred_lifetime < leasetime) { 608 floor_preferred_lifetime = iface->max_preferred_lifetime; 609 } else { 610 floor_preferred_lifetime = leasetime; 611 } 612 613 if (iface->max_valid_lifetime && iface->max_valid_lifetime < leasetime) { 614 floor_valid_lifetime = iface->max_valid_lifetime; 615 } else { 616 floor_valid_lifetime = leasetime; 617 } 618 619 struct odhcpd_ipaddr *addrs = iface->addr6; 620 size_t addrlen = iface->addr6_len; 621 size_t m = get_preferred_addr(addrs, addrlen); 622 623 for (size_t i = 0; i < addrlen; ++i) { 624 uint32_t prefix_preferred_lt, prefix_valid_lt; 625 626 if (!valid_addr(&addrs[i], now)) 627 continue; 628 629 /* Filter Out Prefixes */ 630 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) { 631 char addrbuf[INET6_ADDRSTRLEN]; 632 info("Address %s filtered out on %s", 633 inet_ntop(AF_INET6, &addrs[i].addr.in6, addrbuf, sizeof(addrbuf)), 634 iface->name); 635 continue; 636 } 637 638 prefix_preferred_lt = addrs[i].preferred_lt; 639 prefix_valid_lt = addrs[i].valid_lt; 640 641 if (prefix_preferred_lt != UINT32_MAX) { 642 prefix_preferred_lt -= now; 643 644 if (iface->max_preferred_lifetime && prefix_preferred_lt > iface->max_preferred_lifetime) 645 prefix_preferred_lt = iface->max_preferred_lifetime; 646 } 647 648 if (prefix_valid_lt != UINT32_MAX) { 649 prefix_valid_lt -= now; 650 651 if (iface->max_valid_lifetime && prefix_valid_lt > iface->max_valid_lifetime) 652 prefix_valid_lt = iface->max_valid_lifetime; 653 } 654 655 if (prefix_valid_lt > leasetime) 656 prefix_valid_lt = leasetime; 657 658 if (prefix_preferred_lt > prefix_valid_lt) 659 prefix_preferred_lt = prefix_valid_lt; 660 661 if (a->flags & OAF_DHCPV6_PD) { 662 struct dhcpv6_ia_prefix o_ia_p = { 663 .type = htons(DHCPV6_OPT_IA_PREFIX), 664 .len = htons(sizeof(o_ia_p) - 4), 665 .preferred_lt = htonl(prefix_preferred_lt), 666 .valid_lt = htonl(prefix_valid_lt), 667 .prefix = a->length, 668 .addr = addrs[i].addr.in6, 669 }; 670 671 o_ia_p.addr.s6_addr32[1] |= htonl(a->assigned_subnet_id); 672 o_ia_p.addr.s6_addr32[2] = o_ia_p.addr.s6_addr32[3] = 0; 673 674 if (!valid_prefix_length(a, addrs[i].prefix)) 675 continue; 676 677 if (buflen < ia_len + sizeof(o_ia_p)) 678 return 0; 679 680 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p)); 681 ia_len += sizeof(o_ia_p); 682 } 683 684 if (a->flags & OAF_DHCPV6_NA) { 685 struct dhcpv6_ia_addr o_ia_a = { 686 .type = htons(DHCPV6_OPT_IA_ADDR), 687 .len = htons(sizeof(o_ia_a) - 4), 688 .addr = in6_from_prefix_and_iid(&addrs[i], a->assigned_host_id), 689 .preferred_lt = htonl(prefix_preferred_lt), 690 .valid_lt = htonl(prefix_valid_lt) 691 }; 692 693 if (!ADDR_ENTRY_VALID_IA_ADDR(iface, i, m, addrs)) 694 continue; 695 696 if (buflen < ia_len + sizeof(o_ia_a)) 697 return 0; 698 699 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a)); 700 ia_len += sizeof(o_ia_a); 701 } 702 703 /* Calculate T1 / T2 based on non-deprecated addresses */ 704 if (prefix_preferred_lt > 0) { 705 if (floor_preferred_lifetime > prefix_preferred_lt) 706 floor_preferred_lifetime = prefix_preferred_lt; 707 708 if (floor_valid_lifetime > prefix_valid_lt) 709 floor_valid_lifetime = prefix_valid_lt; 710 } 711 } 712 713 if (!INFINITE_VALID(a->valid_until)) 714 /* UINT32_MAX is RFC defined as infinite lease-time */ 715 a->valid_until = (floor_valid_lifetime == UINT32_MAX) ? 0 : floor_valid_lifetime + now; 716 717 if (!INFINITE_VALID(a->preferred_until)) 718 /* UINT32_MAX is RFC defined as infinite lease-time */ 719 a->preferred_until = (floor_preferred_lifetime == UINT32_MAX) ? 0 : floor_preferred_lifetime + now; 720 721 o_ia.t1 = htonl((floor_preferred_lifetime == UINT32_MAX) ? floor_preferred_lifetime : floor_preferred_lifetime * 5 / 10); 722 o_ia.t2 = htonl((floor_preferred_lifetime == UINT32_MAX) ? floor_preferred_lifetime : floor_preferred_lifetime * 8 / 10); 723 724 if (!o_ia.t1) 725 o_ia.t1 = htonl(1); 726 727 if (!o_ia.t2) 728 o_ia.t2 = htonl(1); 729 } 730 731 if (!request) { 732 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + 4; 733 uint16_t otype, olen; 734 735 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) { 736 struct dhcpv6_ia_prefix *ia_p = (struct dhcpv6_ia_prefix *)&odata[-4]; 737 struct dhcpv6_ia_addr *ia_a = (struct dhcpv6_ia_addr *)&odata[-4]; 738 bool found = false; 739 740 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*ia_p) - 4) && 741 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*ia_a) - 4)) 742 continue; 743 744 if (a) { 745 struct odhcpd_ipaddr *addrs = iface->addr6; 746 size_t addrlen = iface->addr6_len; 747 748 for (size_t i = 0; i < addrlen; ++i) { 749 struct in6_addr addr; 750 751 if (!valid_addr(&addrs[i], now)) 752 continue; 753 754 if (!valid_prefix_length(a, addrs[i].prefix)) 755 continue; 756 757 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) 758 continue; 759 760 if (ia->type == htons(DHCPV6_OPT_IA_PD)) { 761 addr = addrs[i].addr.in6; 762 addr.s6_addr32[1] |= htonl(a->assigned_subnet_id); 763 addr.s6_addr32[2] = addr.s6_addr32[3] = 0; 764 765 if (!memcmp(&ia_p->addr, &addr, sizeof(addr)) && 766 ia_p->prefix == a->length) 767 found = true; 768 } else { 769 addr = in6_from_prefix_and_iid(&addrs[i], a->assigned_host_id); 770 771 if (!memcmp(&ia_a->addr, &addr, sizeof(addr))) 772 found = true; 773 } 774 } 775 } 776 777 if (!found) { 778 if (otype == DHCPV6_OPT_IA_PREFIX) { 779 struct dhcpv6_ia_prefix o_ia_p = { 780 .type = htons(DHCPV6_OPT_IA_PREFIX), 781 .len = htons(sizeof(o_ia_p) - 4), 782 .preferred_lt = 0, 783 .valid_lt = 0, 784 .prefix = ia_p->prefix, 785 .addr = ia_p->addr, 786 }; 787 788 if (buflen < ia_len + sizeof(o_ia_p)) 789 return 0; 790 791 memcpy(buf + ia_len, &o_ia_p, sizeof(o_ia_p)); 792 ia_len += sizeof(o_ia_p); 793 } else { 794 struct dhcpv6_ia_addr o_ia_a = { 795 .type = htons(DHCPV6_OPT_IA_ADDR), 796 .len = htons(sizeof(o_ia_a) - 4), 797 .addr = ia_a->addr, 798 .preferred_lt = 0, 799 .valid_lt = 0, 800 }; 801 802 if (buflen < ia_len + sizeof(o_ia_a)) 803 continue; 804 805 memcpy(buf + ia_len, &o_ia_a, sizeof(o_ia_a)); 806 ia_len += sizeof(o_ia_a); 807 } 808 } 809 } 810 } 811 812 o_ia.len = htons(ia_len - 4); 813 memcpy(buf, &o_ia, sizeof(o_ia)); 814 return ia_len; 815 } 816 817 struct log_ctxt { 818 char *buf; 819 int buf_len; 820 int buf_idx; 821 }; 822 823 static void dhcpv6_log_ia_addr(_unused struct dhcpv6_lease *lease, struct in6_addr *addr, int prefix, 824 _unused uint32_t pref_lt, _unused uint32_t valid_lt, void *arg) 825 { 826 struct log_ctxt *ctxt = (struct log_ctxt *)arg; 827 char addrbuf[INET6_ADDRSTRLEN]; 828 829 inet_ntop(AF_INET6, addr, addrbuf, sizeof(addrbuf)); 830 ctxt->buf_idx += snprintf(ctxt->buf + ctxt->buf_idx, ctxt->buf_len - ctxt->buf_idx, 831 "%s/%d ", addrbuf, prefix); 832 } 833 834 static void dhcpv6_log(uint8_t msgtype, struct interface *iface, time_t now, 835 const char *duidbuf, bool is_pd, struct dhcpv6_lease *a, int code) 836 { 837 const char *type = "UNKNOWN"; 838 const char *status = "UNKNOWN"; 839 840 switch (msgtype) { 841 case DHCPV6_MSG_SOLICIT: 842 type = "SOLICIT"; 843 break; 844 case DHCPV6_MSG_REQUEST: 845 type = "REQUEST"; 846 break; 847 case DHCPV6_MSG_CONFIRM: 848 type = "CONFIRM"; 849 break; 850 case DHCPV6_MSG_RENEW: 851 type = "RENEW"; 852 break; 853 case DHCPV6_MSG_REBIND: 854 type = "REBIND"; 855 break; 856 case DHCPV6_MSG_RELEASE: 857 type = "RELEASE"; 858 break; 859 case DHCPV6_MSG_DECLINE: 860 type = "DECLINE"; 861 break; 862 } 863 864 switch (code) { 865 case DHCPV6_STATUS_OK: 866 status = "ok"; 867 break; 868 case DHCPV6_STATUS_NOADDRSAVAIL: 869 status = "no addresses available"; 870 break; 871 case DHCPV6_STATUS_NOBINDING: 872 status = "no binding"; 873 break; 874 case DHCPV6_STATUS_NOTONLINK: 875 status = "not on-link"; 876 break; 877 case DHCPV6_STATUS_NOPREFIXAVAIL: 878 status = "no prefix available"; 879 break; 880 } 881 882 char leasebuf[256] = ""; 883 884 if (a) { 885 struct log_ctxt ctxt = {.buf = leasebuf, 886 .buf_len = sizeof(leasebuf), 887 .buf_idx = 0 }; 888 889 odhcpd_enum_addr6(iface, a, now, dhcpv6_log_ia_addr, &ctxt); 890 } 891 892 info("DHCPV6 %s %s from %s on %s: %s %s", type, (is_pd) ? "IA_PD" : "IA_NA", 893 duidbuf, iface->name, status, leasebuf); 894 } 895 896 static bool dhcpv6_ia_on_link(const struct dhcpv6_ia_hdr *ia, struct dhcpv6_lease *a, 897 struct interface *iface) 898 { 899 struct odhcpd_ipaddr *addrs = iface->addr6; 900 size_t addrlen = iface->addr6_len; 901 time_t now = odhcpd_time(); 902 uint8_t *odata, *end = ((uint8_t*)ia) + htons(ia->len) + 4; 903 uint16_t otype, olen; 904 bool onlink = true; 905 906 dhcpv6_for_each_option((uint8_t*)&ia[1], end, otype, olen, odata) { 907 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix *)&odata[-4]; 908 struct dhcpv6_ia_addr *n = (struct dhcpv6_ia_addr *)&odata[-4]; 909 910 if ((otype != DHCPV6_OPT_IA_PREFIX || olen < sizeof(*p) - 4) && 911 (otype != DHCPV6_OPT_IA_ADDR || olen < sizeof(*n) - 4)) 912 continue; 913 914 onlink = false; 915 for (size_t i = 0; i < addrlen; ++i) { 916 if (!valid_addr(&addrs[i], now)) 917 continue; 918 919 if (ADDR_MATCH_PIO_FILTER(&addrs[i], iface)) 920 continue; 921 922 if (ia->type == htons(DHCPV6_OPT_IA_PD)) { 923 if (p->prefix < addrs[i].prefix || 924 odhcpd_bmemcmp(&p->addr, &addrs[i].addr.in6, addrs[i].prefix)) 925 continue; 926 927 } else if (odhcpd_bmemcmp(&n->addr, &addrs[i].addr.in6, addrs[i].prefix)) 928 continue; 929 930 onlink = true; 931 } 932 933 if (!onlink) 934 break; 935 } 936 937 return onlink; 938 } 939 940 ssize_t dhcpv6_ia_handle_IAs(uint8_t *buf, size_t buflen, struct interface *iface, 941 const struct sockaddr_in6 *addr, const void *data, const uint8_t *end) 942 { 943 struct dhcpv6_lease *first = NULL; 944 const struct dhcpv6_client_header *hdr = data; 945 time_t now = odhcpd_time(); 946 uint16_t otype, olen, duid_len = 0; 947 uint8_t *start = (uint8_t *)&hdr[1], *odata; 948 uint8_t *duid = NULL, mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 949 size_t hostname_len = 0, response_len = 0; 950 bool notonlink = false, rapid_commit = false, accept_reconf = false; 951 char duidbuf[DUID_HEXSTRLEN], hostname[256]; 952 953 dhcpv6_for_each_option(start, end, otype, olen, odata) { 954 if (otype == DHCPV6_OPT_CLIENTID) { 955 duid = odata; 956 duid_len = olen; 957 958 if (olen == 14 && odata[0] == 0 && odata[1] == 1) 959 memcpy(mac, &odata[8], sizeof(mac)); 960 else if (olen == 10 && odata[0] == 0 && odata[1] == 3) 961 memcpy(mac, &odata[4], sizeof(mac)); 962 963 if (olen <= DUID_MAX_LEN) 964 odhcpd_hexlify(duidbuf, odata, olen); 965 } else if (otype == DHCPV6_OPT_FQDN && olen >= 2 && olen <= 255) { 966 uint8_t fqdn_buf[256]; 967 memcpy(fqdn_buf, odata, olen); 968 fqdn_buf[olen++] = 0; 969 970 if (dn_expand(&fqdn_buf[1], &fqdn_buf[olen], &fqdn_buf[1], hostname, sizeof(hostname)) > 0) 971 hostname_len = strcspn(hostname, "."); 972 } else if (otype == DHCPV6_OPT_RECONF_ACCEPT) 973 accept_reconf = true; 974 else if (otype == DHCPV6_OPT_RAPID_COMMIT && hdr->msg_type == DHCPV6_MSG_SOLICIT) 975 rapid_commit = true; 976 } 977 978 if (!duid || duid_len < DUID_MIN_LEN || duid_len > DUID_MAX_LEN) 979 goto out; 980 981 dhcpv6_for_each_option(start, end, otype, olen, odata) { 982 bool is_pd = (otype == DHCPV6_OPT_IA_PD); 983 bool is_na = (otype == DHCPV6_OPT_IA_NA); 984 bool ia_addr_present = false; 985 if (!is_pd && !is_na) 986 continue; 987 988 struct dhcpv6_ia_hdr *ia = (struct dhcpv6_ia_hdr*)&odata[-4]; 989 size_t ia_response_len = 0; 990 uint8_t reqlen = (is_pd) ? 62 : 128; 991 uint32_t reqhint = 0; 992 struct lease_cfg *lease_cfg; 993 994 lease_cfg = config_find_lease_cfg_by_duid_and_iaid(duid, duid_len, ntohl(ia->iaid)); 995 if (!lease_cfg) 996 lease_cfg = config_find_lease_cfg_by_mac(mac); 997 998 if (lease_cfg && lease_cfg->ignore6) 999 return -1; 1000 1001 /* Parse request hint for IA-PD */ 1002 if (is_pd) { 1003 uint8_t *sdata; 1004 uint16_t stype, slen; 1005 dhcpv6_for_each_option(&ia[1], odata + olen, stype, slen, sdata) { 1006 if (stype != DHCPV6_OPT_IA_PREFIX || slen < sizeof(struct dhcpv6_ia_prefix) - 4) 1007 continue; 1008 1009 struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix*)&sdata[-4]; 1010 if (p->prefix) { 1011 reqlen = p->prefix; 1012 reqhint = ntohl(p->addr.s6_addr32[1]); 1013 if (reqlen > 32 && reqlen <= 64) 1014 reqhint &= (1U << (64 - reqlen)) - 1; 1015 } 1016 } 1017 1018 if (reqlen > 64) 1019 reqlen = 64; 1020 1021 /* 1022 * A requesting router can include a desired prefix length for its 1023 * delegation. The delegating router (us) is not required to honor 1024 * the hint (RFC3633, section 11.2, we MAY choose to use the 1025 * information in the option; RFC8168, section 3.2 has several SHOULDs 1026 * about desired choices for selecting a prefix to delegate). 1027 * 1028 * We support a policy setting to conserve prefix space, which purposely 1029 * assigns prefixes that might not match the requesting router's hint. 1030 * 1031 * If the minimum prefix length is set in this interface's 1032 * configuration, we use it as a floor for the requested (hinted) 1033 * prefix length. This allows us to conserve prefix space so that 1034 * any single router can't grab too much of it. Consider if we have 1035 * an interface with a /56 prefix. A requesting router could ask for 1036 * a /58 and take 1/4 of our total address space. But if we set a 1037 * minimum of /60, we can limit each requesting router to get only 1038 * 1/16 of our total address space. 1039 */ 1040 if (iface->dhcpv6_pd_min_len && reqlen < iface->dhcpv6_pd_min_len) { 1041 info("clamping requested PD from %d to %d", reqlen, 1042 iface->dhcpv6_pd_min_len); 1043 reqlen = iface->dhcpv6_pd_min_len; 1044 } 1045 } else if (is_na) { 1046 uint8_t *sdata; 1047 uint16_t stype, slen; 1048 dhcpv6_for_each_option(&ia[1], odata + olen, stype, slen, sdata) { 1049 if (stype != DHCPV6_OPT_IA_ADDR || slen < sizeof(struct dhcpv6_ia_addr) - 4) 1050 continue; 1051 1052 ia_addr_present = true; 1053 } 1054 } 1055 1056 /* Find an existing assignment */ 1057 struct dhcpv6_lease *c, *a = NULL; 1058 list_for_each_entry(c, &iface->ia_assignments, head) { 1059 /* If we're looking for a PD, is this a PD? */ 1060 if (is_pd && !(c->flags & OAF_DHCPV6_PD)) 1061 continue; 1062 1063 /* If we're looking for a NA, is this a NA? */ 1064 if (is_na && !(c->flags & OAF_DHCPV6_NA)) 1065 continue; 1066 1067 /* Is this assignment still valid? */ 1068 if (!INFINITE_VALID(c->valid_until) && now >= c->valid_until) 1069 continue; 1070 1071 /* Does the DUID match? */ 1072 if (c->duid_len != duid_len || memcmp(c->duid, duid, duid_len)) 1073 continue; 1074 1075 /* Does the IAID match? */ 1076 if (c->iaid != ia->iaid) { 1077 if (is_pd) 1078 continue; 1079 1080 /* Does the existing assignment stem from the same static lease cfg? */ 1081 if (c->lease_cfg != lease_cfg) 1082 continue; 1083 1084 /* 1085 * If there's a DUID configured for this static lease, but without 1086 * an IAID, we will proceed under the assumption that a request 1087 * with the right DUID but with *any* IAID should be able to take 1088 * over the assignment. E.g. when switching from WiFi to ethernet 1089 * on the same client. This is similar to how multiple MAC adresses 1090 * are handled for DHCPv4. 1091 */ 1092 for (size_t i = 0; i < lease_cfg->duid_count; i++) { 1093 if (lease_cfg->duids[i].iaid_set && lease_cfg->duids[i].iaid != htonl(ia->iaid)) 1094 continue; 1095 1096 if (lease_cfg->duids[i].len != duid_len) 1097 continue; 1098 1099 if (memcmp(lease_cfg->duids[i].id, duid, duid_len)) 1100 continue; 1101 1102 /* 1103 * Reconf doesn't specify the IAID, so we have to assume the client 1104 * already knows or doesn't care about the old assignment. 1105 */ 1106 stop_reconf(c); 1107 dhcpv6_free_lease(c); 1108 goto proceed; 1109 } 1110 continue; 1111 } 1112 1113 /* We have a match */ 1114 a = c; 1115 1116 /* Reset state */ 1117 if (a->flags & OAF_BOUND) 1118 apply_lease(a, false); 1119 1120 stop_reconf(a); 1121 break; 1122 } 1123 1124 if (lease_cfg && a && a->lease_cfg != lease_cfg) { 1125 dhcpv6_free_lease(a); 1126 a = NULL; 1127 } 1128 1129 proceed: 1130 /* Generic message handling */ 1131 uint16_t status = DHCPV6_STATUS_OK; 1132 1133 if (hdr->msg_type == DHCPV6_MSG_SOLICIT || 1134 hdr->msg_type == DHCPV6_MSG_REQUEST || 1135 (hdr->msg_type == DHCPV6_MSG_REBIND && !a)) { 1136 bool assigned = !!a; 1137 1138 if (!a) { 1139 if ((!iface->no_dynamic_dhcp || (lease_cfg && is_na)) && 1140 (iface->dhcpv6_pd || iface->dhcpv6_na)) { 1141 /* Create new binding */ 1142 a = dhcpv6_alloc_lease(duid_len); 1143 1144 if (a) { 1145 a->duid_len = duid_len; 1146 memcpy(a->duid, duid, duid_len); 1147 a->iaid = ia->iaid; 1148 a->length = reqlen; 1149 a->peer = *addr; 1150 if (is_na) 1151 a->assigned_host_id = lease_cfg ? lease_cfg->hostid : 0; 1152 else 1153 a->assigned_subnet_id = reqhint; 1154 a->valid_until = now; 1155 a->preferred_until = now; 1156 a->iface = iface; 1157 a->flags = (is_pd ? OAF_DHCPV6_PD : OAF_DHCPV6_NA); 1158 1159 if (first) 1160 memcpy(a->key, first->key, sizeof(a->key)); 1161 else 1162 odhcpd_urandom(a->key, sizeof(a->key)); 1163 1164 if (is_pd && iface->dhcpv6_pd) 1165 while (!(assigned = assign_pd(iface, a)) && 1166 ++a->length <= 64); 1167 else if (is_na && iface->dhcpv6_na) 1168 assigned = assign_na(iface, a); 1169 1170 if (lease_cfg && assigned) { 1171 a->flags |= OAF_STATIC; 1172 1173 if (lease_cfg->hostname) 1174 a->hostname = strdup(lease_cfg->hostname); 1175 1176 if (lease_cfg->leasetime) 1177 a->leasetime = lease_cfg->leasetime; 1178 1179 list_add(&a->lease_cfg_list, &lease_cfg->dhcpv6_leases); 1180 a->lease_cfg = lease_cfg; 1181 } 1182 } 1183 } 1184 } 1185 1186 if (!assigned || iface->addr6_len == 0) 1187 /* Set error status */ 1188 status = (is_pd) ? DHCPV6_STATUS_NOPREFIXAVAIL : DHCPV6_STATUS_NOADDRSAVAIL; 1189 else if (hdr->msg_type == DHCPV6_MSG_REQUEST && !dhcpv6_ia_on_link(ia, a, iface)) { 1190 /* Send NOTONLINK status for the IA */ 1191 status = DHCPV6_STATUS_NOTONLINK; 1192 assigned = false; 1193 } else if (accept_reconf && assigned && !first && 1194 hdr->msg_type != DHCPV6_MSG_REBIND) { 1195 size_t handshake_len = 4; 1196 buf[0] = 0; 1197 buf[1] = DHCPV6_OPT_RECONF_ACCEPT; 1198 buf[2] = 0; 1199 buf[3] = 0; 1200 1201 if (hdr->msg_type == DHCPV6_MSG_REQUEST) { 1202 struct dhcpv6_auth_reconfigure auth = { 1203 htons(DHCPV6_OPT_AUTH), 1204 htons(sizeof(auth) - 4), 1205 3, 1, 0, 1206 {htonl(time(NULL)), htonl(++serial)}, 1207 1, 1208 {0} 1209 }; 1210 memcpy(auth.key, a->key, sizeof(a->key)); 1211 memcpy(buf + handshake_len, &auth, sizeof(auth)); 1212 handshake_len += sizeof(auth); 1213 } 1214 1215 1216 buf += handshake_len; 1217 buflen -= handshake_len; 1218 response_len += handshake_len; 1219 1220 first = a; 1221 } 1222 1223 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, 1224 hdr->msg_type == DHCPV6_MSG_REBIND ? false : true); 1225 1226 /* Was only a solicitation: mark binding for removal */ 1227 if (assigned && hdr->msg_type == DHCPV6_MSG_SOLICIT && !rapid_commit) { 1228 a->flags &= ~OAF_BOUND; 1229 a->flags |= OAF_TENTATIVE; 1230 1231 /* Keep tentative assignment around for 60 seconds */ 1232 a->valid_until = now + 60; 1233 1234 } else if (assigned && 1235 ((hdr->msg_type == DHCPV6_MSG_SOLICIT && rapid_commit) || 1236 hdr->msg_type == DHCPV6_MSG_REQUEST || 1237 hdr->msg_type == DHCPV6_MSG_REBIND)) { 1238 if ((!(a->flags & OAF_STATIC) || !a->hostname) && hostname_len > 0) { 1239 a->hostname = realloc(a->hostname, hostname_len + 1); 1240 if (a->hostname) { 1241 memcpy(a->hostname, hostname, hostname_len); 1242 a->hostname[hostname_len] = 0; 1243 1244 if (odhcpd_valid_hostname(a->hostname)) 1245 a->flags &= ~OAF_BROKEN_HOSTNAME; 1246 else 1247 a->flags |= OAF_BROKEN_HOSTNAME; 1248 } 1249 } 1250 a->accept_fr_nonce = accept_reconf; 1251 a->flags &= ~OAF_TENTATIVE; 1252 a->flags |= OAF_BOUND; 1253 apply_lease(a, true); 1254 } else if (!assigned) { 1255 /* Cleanup failed assignment */ 1256 dhcpv6_free_lease(a); 1257 a = NULL; 1258 } 1259 } else if (hdr->msg_type == DHCPV6_MSG_RENEW || 1260 hdr->msg_type == DHCPV6_MSG_RELEASE || 1261 hdr->msg_type == DHCPV6_MSG_REBIND || 1262 hdr->msg_type == DHCPV6_MSG_DECLINE) { 1263 if (!a && hdr->msg_type != DHCPV6_MSG_REBIND) { 1264 status = DHCPV6_STATUS_NOBINDING; 1265 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false); 1266 } else if (hdr->msg_type == DHCPV6_MSG_RENEW || 1267 hdr->msg_type == DHCPV6_MSG_REBIND) { 1268 ia_response_len = build_ia(buf, buflen, status, ia, a, iface, false); 1269 if (a) { 1270 a->flags |= OAF_BOUND; 1271 apply_lease(a, true); 1272 } 1273 } else if (hdr->msg_type == DHCPV6_MSG_RELEASE) { 1274 a->valid_until = now - 1; 1275 } else if ((a->flags & OAF_DHCPV6_NA) && hdr->msg_type == DHCPV6_MSG_DECLINE) { 1276 a->flags &= ~OAF_BOUND; 1277 1278 if (!(a->flags & OAF_STATIC) || a->lease_cfg->hostid != a->assigned_host_id) { 1279 memset(a->duid, 0, a->duid_len); 1280 a->valid_until = now + 3600; /* Block address for 1h */ 1281 } else 1282 a->valid_until = now - 1; 1283 } 1284 } else if (hdr->msg_type == DHCPV6_MSG_CONFIRM) { 1285 if (ia_addr_present && !dhcpv6_ia_on_link(ia, a, iface)) { 1286 notonlink = true; 1287 break; 1288 } 1289 1290 if (!ia_addr_present || !a || !(a->flags & OAF_BOUND)) { 1291 response_len = 0; 1292 goto out; 1293 } 1294 } 1295 1296 buf += ia_response_len; 1297 buflen -= ia_response_len; 1298 response_len += ia_response_len; 1299 dhcpv6_log(hdr->msg_type, iface, now, duidbuf, is_pd, a, status); 1300 } 1301 1302 switch (hdr->msg_type) { 1303 case DHCPV6_MSG_RELEASE: 1304 case DHCPV6_MSG_DECLINE: 1305 case DHCPV6_MSG_CONFIRM: 1306 if (response_len + 6 < buflen) { 1307 buf[0] = 0; 1308 buf[1] = DHCPV6_OPT_STATUS; 1309 buf[2] = 0; 1310 buf[3] = 2; 1311 buf[4] = 0; 1312 buf[5] = (notonlink) ? DHCPV6_STATUS_NOTONLINK : DHCPV6_STATUS_OK; 1313 response_len += 6; 1314 } 1315 break; 1316 1317 default: 1318 break; 1319 } 1320 1321 statefiles_write(); 1322 1323 out: 1324 return response_len; 1325 } 1326
This page was automatically generated by LXR 0.3.1. • OpenWrt