1 /** 2 * Copyright (C) 2012-2013 Steven Barth <steven@midlink.org> 3 * Copyright (C) 2018 Hans Dedecker <dedeckeh@gmail.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License v2 as published by 7 * the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * 15 */ 16 17 #include <errno.h> 18 #include <unistd.h> 19 #include <stddef.h> 20 #include <resolv.h> 21 #include <sys/timerfd.h> 22 #include <arpa/inet.h> 23 24 #include <libubox/utils.h> 25 26 #include "odhcpd.h" 27 #include "dhcpv6.h" 28 #ifdef DHCPV4_SUPPORT 29 #include "dhcpv4.h" 30 #endif 31 32 static void relay_client_request(struct sockaddr_in6 *source, 33 const void *data, size_t len, struct interface *iface); 34 static void relay_server_response(uint8_t *data, size_t len); 35 36 static void handle_dhcpv6(void *addr, void *data, size_t len, 37 struct interface *iface, void *dest); 38 static void handle_client_request(void *addr, void *data, size_t len, 39 struct interface *iface, void *dest_addr); 40 41 42 /* Create socket and register events */ 43 int dhcpv6_init(void) 44 { 45 return dhcpv6_ia_init(); 46 } 47 48 int dhcpv6_setup_interface(struct interface *iface, bool enable) 49 { 50 int ret = 0; 51 52 enable = enable && (iface->dhcpv6 != MODE_DISABLED); 53 54 if (iface->dhcpv6_event.uloop.fd >= 0) { 55 uloop_fd_delete(&iface->dhcpv6_event.uloop); 56 close(iface->dhcpv6_event.uloop.fd); 57 iface->dhcpv6_event.uloop.fd = -1; 58 } 59 60 /* Configure multicast settings */ 61 if (enable) { 62 struct sockaddr_in6 bind_addr = {AF_INET6, htons(DHCPV6_SERVER_PORT), 63 0, IN6ADDR_ANY_INIT, 0}; 64 struct ipv6_mreq mreq; 65 int val = 1; 66 67 iface->dhcpv6_event.uloop.fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP); 68 if (iface->dhcpv6_event.uloop.fd < 0) { 69 syslog(LOG_ERR, "socket(AF_INET6): %m"); 70 ret = -1; 71 goto out; 72 } 73 74 /* Basic IPv6 configuration */ 75 if (setsockopt(iface->dhcpv6_event.uloop.fd, SOL_SOCKET, SO_BINDTODEVICE, 76 iface->ifname, strlen(iface->ifname)) < 0) { 77 syslog(LOG_ERR, "setsockopt(SO_BINDTODEVICE): %m"); 78 ret = -1; 79 goto out; 80 } 81 82 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_V6ONLY, 83 &val, sizeof(val)) < 0) { 84 syslog(LOG_ERR, "setsockopt(IPV6_V6ONLY): %m"); 85 ret = -1; 86 goto out; 87 } 88 89 if (setsockopt(iface->dhcpv6_event.uloop.fd, SOL_SOCKET, SO_REUSEADDR, 90 &val, sizeof(val)) < 0) { 91 syslog(LOG_ERR, "setsockopt(SO_REUSEADDR): %m"); 92 ret = -1; 93 goto out; 94 } 95 96 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, 97 &val, sizeof(val)) < 0) { 98 syslog(LOG_ERR, "setsockopt(IPV6_RECVPKTINFO): %m"); 99 ret = -1; 100 goto out; 101 } 102 103 val = DHCPV6_HOP_COUNT_LIMIT; 104 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 105 &val, sizeof(val)) < 0) { 106 syslog(LOG_ERR, "setsockopt(IPV6_MULTICAST_HOPS): %m"); 107 ret = -1; 108 goto out; 109 } 110 111 val = 0; 112 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, 113 &val, sizeof(val)) < 0) { 114 syslog(LOG_ERR, "setsockopt(IPV6_MULTICAST_LOOP): %m"); 115 ret = -1; 116 goto out; 117 } 118 119 if (bind(iface->dhcpv6_event.uloop.fd, (struct sockaddr*)&bind_addr, 120 sizeof(bind_addr)) < 0) { 121 syslog(LOG_ERR, "bind(): %m"); 122 ret = -1; 123 goto out; 124 } 125 126 memset(&mreq, 0, sizeof(mreq)); 127 inet_pton(AF_INET6, ALL_DHCPV6_RELAYS, &mreq.ipv6mr_multiaddr); 128 mreq.ipv6mr_interface = iface->ifindex; 129 130 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, 131 &mreq, sizeof(mreq)) < 0) { 132 syslog(LOG_ERR, "setsockopt(IPV6_ADD_MEMBERSHIP): %m"); 133 ret = -1; 134 goto out; 135 } 136 137 if (iface->dhcpv6 == MODE_SERVER) { 138 memset(&mreq, 0, sizeof(mreq)); 139 inet_pton(AF_INET6, ALL_DHCPV6_SERVERS, &mreq.ipv6mr_multiaddr); 140 mreq.ipv6mr_interface = iface->ifindex; 141 142 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, 143 &mreq, sizeof(mreq)) < 0) { 144 syslog(LOG_ERR, "setsockopt(IPV6_ADD_MEMBERSHIP): %m"); 145 ret = -1; 146 goto out; 147 } 148 } 149 150 iface->dhcpv6_event.handle_dgram = handle_dhcpv6; 151 odhcpd_register(&iface->dhcpv6_event); 152 } 153 154 ret = dhcpv6_ia_setup_interface(iface, enable); 155 156 out: 157 if (ret < 0 && iface->dhcpv6_event.uloop.fd >= 0) { 158 close(iface->dhcpv6_event.uloop.fd); 159 iface->dhcpv6_event.uloop.fd = -1; 160 } 161 162 return ret; 163 } 164 165 enum { 166 IOV_NESTED = 0, 167 IOV_DEST, 168 IOV_MAXRT, 169 #define IOV_STAT IOV_MAXRT 170 IOV_RAPID_COMMIT, 171 IOV_DNS, 172 IOV_DNS_ADDR, 173 IOV_SEARCH, 174 IOV_SEARCH_DOMAIN, 175 IOV_PDBUF, 176 #define IOV_REFRESH IOV_PDBUF 177 IOV_CERID, 178 IOV_DHCPV6_RAW, 179 IOV_NTP, 180 IOV_NTP_ADDR, 181 IOV_SNTP, 182 IOV_SNTP_ADDR, 183 IOV_RELAY_MSG, 184 IOV_DHCPV4O6_SERVER, 185 IOV_TOTAL 186 }; 187 188 static void handle_nested_message(uint8_t *data, size_t len, 189 struct dhcpv6_client_header **c_hdr, uint8_t **opts, 190 uint8_t **end, struct iovec iov[IOV_TOTAL]) 191 { 192 struct dhcpv6_relay_header *r_hdr = (struct dhcpv6_relay_header *)data; 193 uint16_t otype, olen; 194 uint8_t *odata; 195 196 if (iov[IOV_NESTED].iov_base == NULL) { 197 iov[IOV_NESTED].iov_base = data; 198 iov[IOV_NESTED].iov_len = len; 199 } 200 201 if (len < sizeof(struct dhcpv6_client_header)) 202 return; 203 204 if (r_hdr->msg_type != DHCPV6_MSG_RELAY_FORW) { 205 iov[IOV_NESTED].iov_len = data - (uint8_t *)iov[IOV_NESTED].iov_base; 206 *c_hdr = (void *)data; 207 *opts = (uint8_t *)&(*c_hdr)[1]; 208 *end = data + len; 209 return; 210 } 211 212 dhcpv6_for_each_option(r_hdr->options, data + len, otype, olen, odata) { 213 if (otype == DHCPV6_OPT_RELAY_MSG) { 214 iov[IOV_RELAY_MSG].iov_base = odata + olen; 215 iov[IOV_RELAY_MSG].iov_len = (((uint8_t *)iov[IOV_NESTED].iov_base) + 216 iov[IOV_NESTED].iov_len) - (odata + olen); 217 handle_nested_message(odata, olen, c_hdr, opts, end, iov); 218 return; 219 } 220 } 221 } 222 223 224 static void update_nested_message(uint8_t *data, size_t len, ssize_t pdiff) 225 { 226 struct dhcpv6_relay_header *hdr = (struct dhcpv6_relay_header*)data; 227 if (hdr->msg_type != DHCPV6_MSG_RELAY_FORW) 228 return; 229 230 hdr->msg_type = DHCPV6_MSG_RELAY_REPL; 231 232 uint16_t otype, olen; 233 uint8_t *odata; 234 dhcpv6_for_each_option(hdr->options, data + len, otype, olen, odata) { 235 if (otype == DHCPV6_OPT_RELAY_MSG) { 236 olen += pdiff; 237 odata[-2] = (olen >> 8) & 0xff; 238 odata[-1] = olen & 0xff; 239 update_nested_message(odata, olen - pdiff, pdiff); 240 return; 241 } 242 } 243 } 244 245 #ifdef DHCPV4_SUPPORT 246 247 struct dhcpv4_msg_data { 248 uint8_t *msg; 249 size_t maxsize; 250 ssize_t len; 251 }; 252 253 static int send_reply(_unused const void *buf, size_t len, 254 _unused const struct sockaddr *dest, _unused socklen_t dest_len, 255 _unused void *opaque) 256 { 257 struct dhcpv4_msg_data *reply = opaque; 258 259 if (len > reply->maxsize) { 260 syslog(LOG_ERR, "4o6: reply too large, %zu > %zu", len, reply->maxsize); 261 reply->len = -1; 262 } else { 263 memcpy(reply->msg, buf, len); 264 reply->len = len; 265 } 266 267 return reply->len; 268 } 269 270 static ssize_t dhcpv6_4o6_query(uint8_t *buf, size_t buflen, 271 struct interface *iface, 272 const struct sockaddr_in6 *addr, 273 const void *data, const uint8_t *end) 274 { 275 const struct dhcpv6_client_header *hdr = data; 276 uint16_t otype, olen, msgv4_len = 0; 277 uint8_t *msgv4_data = NULL; 278 uint8_t *start = (uint8_t *)&hdr[1], *odata; 279 struct sockaddr_in addrv4; 280 struct dhcpv4_msg_data reply = { .msg = buf, .maxsize = buflen, .len = -1 }; 281 282 dhcpv6_for_each_option(start, end, otype, olen, odata) { 283 if (otype == DHCPV6_OPT_DHCPV4_MSG) { 284 msgv4_data = odata; 285 msgv4_len = olen; 286 } 287 } 288 289 if (!msgv4_data || msgv4_len == 0) { 290 syslog(LOG_ERR, "4o6: missing DHCPv4 message option (%d)", DHCPV6_OPT_DHCPV4_MSG); 291 return -1; 292 } 293 294 // Dummy IPv4 address 295 memset(&addrv4, 0, sizeof(addrv4)); 296 addrv4.sin_family = AF_INET; 297 addrv4.sin_addr.s_addr = INADDR_ANY; 298 addrv4.sin_port = htons(DHCPV4_CLIENT_PORT); 299 300 dhcpv4_handle_msg(&addrv4, msgv4_data, msgv4_len, 301 iface, NULL, send_reply, &reply); 302 303 return reply.len; 304 } 305 #endif /* DHCPV4_SUPPORT */ 306 307 /* Simple DHCPv6-server for information requests */ 308 static void handle_client_request(void *addr, void *data, size_t len, 309 struct interface *iface, void *dest_addr) 310 { 311 struct dhcpv6_client_header *hdr = data; 312 uint8_t *opts = (uint8_t *)&hdr[1], *opts_end = (uint8_t *)data + len; 313 bool o_rapid_commit = false; 314 315 if (len < sizeof(*hdr)) 316 return; 317 318 syslog(LOG_DEBUG, "Got a DHCPv6-request on %s", iface->name); 319 320 /* Construct reply message */ 321 struct __attribute__((packed)) { 322 uint8_t msg_type; 323 uint8_t tr_id[3]; 324 uint16_t serverid_type; 325 uint16_t serverid_length; 326 uint16_t duid_type; 327 uint16_t hardware_type; 328 uint8_t mac[6]; 329 uint16_t clientid_type; 330 uint16_t clientid_length; 331 uint8_t clientid_buf[130]; 332 } dest = { 333 .msg_type = DHCPV6_MSG_REPLY, 334 .serverid_type = htons(DHCPV6_OPT_SERVERID), 335 .serverid_length = htons(10), 336 .duid_type = htons(3), 337 .hardware_type = htons(1), 338 .clientid_type = htons(DHCPV6_OPT_CLIENTID), 339 .clientid_buf = {0} 340 }; 341 odhcpd_get_mac(iface, dest.mac); 342 343 struct __attribute__((packed)) { 344 uint16_t type; 345 uint16_t len; 346 uint32_t value; 347 } maxrt = {htons(DHCPV6_OPT_SOL_MAX_RT), htons(sizeof(maxrt) - 4), 348 htonl(60)}; 349 350 struct __attribute__((packed)) { 351 uint16_t type; 352 uint16_t len; 353 } rapid_commit = {htons(DHCPV6_OPT_RAPID_COMMIT), 0}; 354 355 struct __attribute__((packed)) { 356 uint16_t type; 357 uint16_t len; 358 uint16_t value; 359 } stat = {htons(DHCPV6_OPT_STATUS), htons(sizeof(stat) - 4), 360 htons(DHCPV6_STATUS_USEMULTICAST)}; 361 362 struct __attribute__((packed)) { 363 uint16_t type; 364 uint16_t len; 365 uint32_t value; 366 } refresh = {htons(DHCPV6_OPT_INFO_REFRESH), htons(sizeof(uint32_t)), 367 htonl(600)}; 368 369 struct in6_addr dns_addr, *dns_addr_ptr = iface->dns; 370 size_t dns_cnt = iface->dns_cnt; 371 372 if ((dns_cnt == 0) && 373 !odhcpd_get_interface_dns_addr(iface, &dns_addr)) { 374 dns_addr_ptr = &dns_addr; 375 dns_cnt = 1; 376 } 377 378 struct { 379 uint16_t type; 380 uint16_t len; 381 } dns = {htons(DHCPV6_OPT_DNS_SERVERS), htons(dns_cnt * sizeof(*dns_addr_ptr))}; 382 383 /* SNTP */ 384 struct in6_addr *sntp_addr_ptr = iface->dhcpv6_sntp; 385 size_t sntp_cnt = 0; 386 387 struct { 388 uint16_t type; 389 uint16_t len; 390 } dhcpv6_sntp; 391 392 /* NTP */ 393 uint8_t *ntp_ptr = iface->dhcpv6_ntp; 394 uint16_t ntp_len = iface->dhcpv6_ntp_len; 395 size_t ntp_cnt = 0; 396 397 struct { 398 uint16_t type; 399 uint16_t len; 400 } ntp; 401 402 uint16_t otype, olen; 403 uint16_t *reqopts = NULL; 404 uint8_t *odata; 405 size_t reqopts_len = 0; 406 407 dhcpv6_for_each_option(opts, opts_end, otype, olen, odata) { 408 if (otype == DHCPV6_OPT_ORO) { 409 reqopts_len = olen; 410 reqopts = (uint16_t *)odata; 411 } 412 } 413 414 for(size_t opt = 0; opt < reqopts_len/2; opt++) { 415 if (iface->dhcpv6_sntp_cnt != 0 && 416 DHCPV6_OPT_SNTP_SERVERS == ntohs(reqopts[opt])) { 417 sntp_cnt = iface->dhcpv6_sntp_cnt; 418 dhcpv6_sntp.type = htons(DHCPV6_OPT_SNTP_SERVERS); 419 dhcpv6_sntp.len = htons(sntp_cnt * sizeof(*sntp_addr_ptr)); 420 } else if (iface->dhcpv6_ntp_cnt != 0 && 421 DHCPV6_OPT_NTP_SERVERS == ntohs(reqopts[opt])) { 422 ntp_cnt = iface->dhcpv6_ntp_cnt; 423 ntp.type = htons(DHCPV6_OPT_NTP_SERVERS); 424 ntp.len = htons(ntp_len); 425 } 426 } 427 428 /* DNS Search options */ 429 uint8_t search_buf[256], *search_domain = iface->search; 430 size_t search_len = iface->search_len; 431 432 if (!search_domain && !res_init() && _res.dnsrch[0] && _res.dnsrch[0][0]) { 433 int len = dn_comp(_res.dnsrch[0], search_buf, 434 sizeof(search_buf), NULL, NULL); 435 if (len > 0) { 436 search_domain = search_buf; 437 search_len = len; 438 } 439 } 440 441 struct { 442 uint16_t type; 443 uint16_t len; 444 } search = {htons(DHCPV6_OPT_DNS_DOMAIN), htons(search_len)}; 445 446 447 struct __attribute__((packed)) dhcpv4o6_server { 448 uint16_t type; 449 uint16_t len; 450 struct in6_addr addr; 451 } dhcpv4o6_server = {htons(DHCPV6_OPT_4O6_SERVER), htons(sizeof(struct in6_addr)), 452 IN6ADDR_ANY_INIT}; 453 454 struct dhcpv6_cer_id cerid = { 455 #ifdef EXT_CER_ID 456 .type = htons(EXT_CER_ID), 457 #endif 458 .len = htons(36), 459 .addr = iface->dhcpv6_pd_cer, 460 }; 461 462 463 uint8_t pdbuf[512]; 464 struct iovec iov[IOV_TOTAL] = { 465 [IOV_NESTED] = {NULL, 0}, 466 [IOV_DEST] = {&dest, (uint8_t*)&dest.clientid_type - (uint8_t*)&dest}, 467 [IOV_MAXRT] = {&maxrt, sizeof(maxrt)}, 468 [IOV_RAPID_COMMIT] = {&rapid_commit, 0}, 469 [IOV_DNS] = {&dns, (dns_cnt) ? sizeof(dns) : 0}, 470 [IOV_DNS_ADDR] = {dns_addr_ptr, dns_cnt * sizeof(*dns_addr_ptr)}, 471 [IOV_SEARCH] = {&search, (search_len) ? sizeof(search) : 0}, 472 [IOV_SEARCH_DOMAIN] = {search_domain, search_len}, 473 [IOV_PDBUF] = {pdbuf, 0}, 474 [IOV_CERID] = {&cerid, 0}, 475 [IOV_DHCPV6_RAW] = {iface->dhcpv6_raw, iface->dhcpv6_raw_len}, 476 [IOV_NTP] = {&ntp, (ntp_cnt) ? sizeof(ntp) : 0}, 477 [IOV_NTP_ADDR] = {ntp_ptr, (ntp_cnt) ? ntp_len : 0}, 478 [IOV_SNTP] = {&dhcpv6_sntp, (sntp_cnt) ? sizeof(dhcpv6_sntp) : 0}, 479 [IOV_SNTP_ADDR] = {sntp_addr_ptr, sntp_cnt * sizeof(*sntp_addr_ptr)}, 480 [IOV_RELAY_MSG] = {NULL, 0}, 481 [IOV_DHCPV4O6_SERVER] = {&dhcpv4o6_server, 0}, 482 }; 483 484 if (hdr->msg_type == DHCPV6_MSG_RELAY_FORW) 485 handle_nested_message(data, len, &hdr, &opts, &opts_end, iov); 486 487 switch (hdr->msg_type) { 488 case DHCPV6_MSG_SOLICIT: 489 case DHCPV6_MSG_REQUEST: 490 case DHCPV6_MSG_CONFIRM: 491 case DHCPV6_MSG_RENEW: 492 case DHCPV6_MSG_REBIND: 493 case DHCPV6_MSG_RELEASE: 494 case DHCPV6_MSG_DECLINE: 495 case DHCPV6_MSG_INFORMATION_REQUEST: 496 case DHCPV6_MSG_RELAY_FORW: 497 #ifdef DHCPV4_SUPPORT 498 case DHCPV6_MSG_DHCPV4_QUERY: 499 #endif 500 break; /* Valid message types for clients */ 501 case DHCPV6_MSG_ADVERTISE: 502 case DHCPV6_MSG_REPLY: 503 case DHCPV6_MSG_RECONFIGURE: 504 case DHCPV6_MSG_RELAY_REPL: 505 case DHCPV6_MSG_DHCPV4_RESPONSE: 506 #ifndef DHCPV4_SUPPORT 507 case DHCPV6_MSG_DHCPV4_QUERY: 508 #endif 509 default: 510 return; /* Invalid message types for clients */ 511 } 512 513 if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && 514 (hdr->msg_type == DHCPV6_MSG_SOLICIT || hdr->msg_type == DHCPV6_MSG_CONFIRM || 515 hdr->msg_type == DHCPV6_MSG_REBIND || hdr->msg_type == DHCPV6_MSG_INFORMATION_REQUEST)) 516 return; 517 518 memcpy(dest.tr_id, hdr->transaction_id, sizeof(dest.tr_id)); 519 520 /* Go through options and find what we need */ 521 dhcpv6_for_each_option(opts, opts_end, otype, olen, odata) { 522 if (otype == DHCPV6_OPT_CLIENTID && olen <= 130) { 523 dest.clientid_length = htons(olen); 524 memcpy(dest.clientid_buf, odata, olen); 525 iov[IOV_DEST].iov_len += 4 + olen; 526 } else if (otype == DHCPV6_OPT_SERVERID) { 527 if (olen != ntohs(dest.serverid_length) || 528 memcmp(odata, &dest.duid_type, olen)) 529 return; /* Not for us */ 530 } else if (iface->filter_class && otype == DHCPV6_OPT_USER_CLASS) { 531 uint8_t *c = odata, *cend = &odata[olen]; 532 for (; &c[2] <= cend && &c[2 + (c[0] << 8) + c[1]] <= cend; c = &c[2 + (c[0] << 8) + c[1]]) { 533 size_t elen = strlen(iface->filter_class); 534 if (((((size_t)c[0]) << 8) | c[1]) == elen && !memcmp(&c[2], iface->filter_class, elen)) 535 return; /* Ignore from homenet */ 536 } 537 } else if (otype == DHCPV6_OPT_IA_PD) { 538 #ifdef EXT_CER_ID 539 iov[IOV_CERID].iov_len = sizeof(cerid); 540 541 if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr)) { 542 struct odhcpd_ipaddr *addrs; 543 ssize_t len = netlink_get_interface_addrs(0, true, &addrs); 544 545 for (ssize_t i = 0; i < len; ++i) 546 if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr) 547 || memcmp(&addrs[i].addr, &cerid.addr, sizeof(cerid.addr)) < 0) 548 cerid.addr = addrs[i].addr.in6; 549 550 free(addrs); 551 } 552 #endif 553 } else if (otype == DHCPV6_OPT_RAPID_COMMIT && hdr->msg_type == DHCPV6_MSG_SOLICIT) { 554 iov[IOV_RAPID_COMMIT].iov_len = sizeof(rapid_commit); 555 o_rapid_commit = true; 556 } else if (otype == DHCPV6_OPT_ORO) { 557 for (int i=0; i < olen/2; i++) { 558 uint16_t option = ntohs(((uint16_t *)odata)[i]); 559 560 switch (option) { 561 #ifdef DHCPV4_SUPPORT 562 case DHCPV6_OPT_4O6_SERVER: 563 if (iface->dhcpv4) { 564 /* According to RFC 7341, 7.2. DHCP 4o6 Server Address Option Format: 565 * This option may also carry no IPv6 addresses, which instructs the 566 * client to use the All_DHCP_Relay_Agents_and_Servers multicast address 567 * as the destination address. 568 * 569 * The ISC dhclient logs a missing IPv6 address as an error but seems to 570 * work anyway: 571 * dhcp4-o-dhcp6-server: expecting at least 16 bytes; got 0 572 * 573 * Include the All_DHCP_Relay_Agents_and_Servers multicast address 574 * to make it explicit which address to use. */ 575 struct dhcpv4o6_server *server = iov[IOV_DHCPV4O6_SERVER].iov_base; 576 577 inet_pton(AF_INET6, ALL_DHCPV6_RELAYS, &server->addr); 578 579 iov[IOV_DHCPV4O6_SERVER].iov_len = sizeof(dhcpv4o6_server); 580 } 581 break; 582 #endif /* DHCPV4_SUPPORT */ 583 default: 584 break; 585 } 586 } 587 } 588 } 589 590 if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && 591 (hdr->msg_type == DHCPV6_MSG_REQUEST || hdr->msg_type == DHCPV6_MSG_RENEW || 592 hdr->msg_type == DHCPV6_MSG_RELEASE || hdr->msg_type == DHCPV6_MSG_DECLINE)) { 593 iov[IOV_STAT].iov_base = &stat; 594 iov[IOV_STAT].iov_len = sizeof(stat); 595 596 for (ssize_t i = IOV_STAT + 1; i < IOV_TOTAL; ++i) 597 iov[i].iov_len = 0; 598 599 odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); 600 return; 601 } 602 603 if (hdr->msg_type == DHCPV6_MSG_SOLICIT && !o_rapid_commit) { 604 dest.msg_type = DHCPV6_MSG_ADVERTISE; 605 } else if (hdr->msg_type == DHCPV6_MSG_INFORMATION_REQUEST) { 606 iov[IOV_REFRESH].iov_base = &refresh; 607 iov[IOV_REFRESH].iov_len = sizeof(refresh); 608 609 /* Return inf max rt option in reply to information request */ 610 maxrt.type = htons(DHCPV6_OPT_INF_MAX_RT); 611 } 612 613 #ifdef DHCPV4_SUPPORT 614 if (hdr->msg_type == DHCPV6_MSG_DHCPV4_QUERY) { 615 struct _packed dhcpv4_msg_data { 616 uint16_t type; 617 uint16_t len; 618 uint8_t msg[1]; 619 } *msg_opt = (struct dhcpv4_msg_data*)pdbuf; 620 ssize_t msglen; 621 622 memset(pdbuf, 0, sizeof(pdbuf)); 623 624 msglen = dhcpv6_4o6_query(msg_opt->msg, sizeof(pdbuf) - sizeof(*msg_opt) + 1, 625 iface, addr, (const void *)hdr, opts_end); 626 if (msglen <= 0) { 627 syslog(LOG_ERR, "4o6: query failed"); 628 return; 629 } 630 631 msg_opt->type = htons(DHCPV6_OPT_DHCPV4_MSG); 632 msg_opt->len = htons(msglen); 633 iov[IOV_PDBUF].iov_len = sizeof(*msg_opt) - 1 + msglen; 634 dest.msg_type = DHCPV6_MSG_DHCPV4_RESPONSE; 635 } else 636 #endif /* DHCPV4_SUPPORT */ 637 if (hdr->msg_type != DHCPV6_MSG_INFORMATION_REQUEST) { 638 ssize_t ialen = dhcpv6_ia_handle_IAs(pdbuf, sizeof(pdbuf), iface, addr, (const void *)hdr, opts_end); 639 640 iov[IOV_PDBUF].iov_len = ialen; 641 if (ialen < 0 || 642 (ialen == 0 && (hdr->msg_type == DHCPV6_MSG_REBIND || hdr->msg_type == DHCPV6_MSG_CONFIRM))) 643 return; 644 } 645 646 if (iov[IOV_NESTED].iov_len > 0) /* Update length */ 647 update_nested_message(data, len, iov[IOV_DEST].iov_len + iov[IOV_MAXRT].iov_len + 648 iov[IOV_RAPID_COMMIT].iov_len + iov[IOV_DNS].iov_len + 649 iov[IOV_DNS_ADDR].iov_len + iov[IOV_SEARCH].iov_len + 650 iov[IOV_SEARCH_DOMAIN].iov_len + iov[IOV_PDBUF].iov_len + 651 iov[IOV_DHCPV4O6_SERVER].iov_len + 652 iov[IOV_CERID].iov_len + iov[IOV_DHCPV6_RAW].iov_len + 653 iov[IOV_NTP].iov_len + iov[IOV_NTP_ADDR].iov_len + 654 iov[IOV_SNTP].iov_len + iov[IOV_SNTP_ADDR].iov_len - 655 (4 + opts_end - opts)); 656 657 syslog(LOG_DEBUG, "Sending a DHCPv6-%s on %s", iov[IOV_NESTED].iov_len ? "relay-reply" : "reply", iface->name); 658 659 odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); 660 } 661 662 663 /* Central DHCPv6-relay handler */ 664 static void handle_dhcpv6(void *addr, void *data, size_t len, 665 struct interface *iface, void *dest_addr) 666 { 667 if (iface->dhcpv6 == MODE_SERVER) { 668 handle_client_request(addr, data, len, iface, dest_addr); 669 } else if (iface->dhcpv6 == MODE_RELAY) { 670 if (iface->master) 671 relay_server_response(data, len); 672 else 673 relay_client_request(addr, data, len, iface); 674 } 675 } 676 677 678 /* Relay server response (regular relay server handling) */ 679 static void relay_server_response(uint8_t *data, size_t len) 680 { 681 /* Information we need to gather */ 682 uint8_t *payload_data = NULL; 683 size_t payload_len = 0; 684 int32_t ifaceidx = 0; 685 struct sockaddr_in6 target = {AF_INET6, htons(DHCPV6_CLIENT_PORT), 686 0, IN6ADDR_ANY_INIT, 0}; 687 int otype, olen; 688 uint8_t *odata, *end = data + len; 689 /* Relay DHCPv6 reply from server to client */ 690 struct dhcpv6_relay_header *h = (void*)data; 691 692 syslog(LOG_DEBUG, "Got a DHCPv6-relay-reply"); 693 694 if (len < sizeof(*h) || h->msg_type != DHCPV6_MSG_RELAY_REPL) 695 return; 696 697 memcpy(&target.sin6_addr, &h->peer_address, sizeof(struct in6_addr)); 698 699 /* Go through options and find what we need */ 700 dhcpv6_for_each_option(h->options, end, otype, olen, odata) { 701 if (otype == DHCPV6_OPT_INTERFACE_ID 702 && olen == sizeof(ifaceidx)) { 703 memcpy(&ifaceidx, odata, sizeof(ifaceidx)); 704 } else if (otype == DHCPV6_OPT_RELAY_MSG) { 705 payload_data = odata; 706 payload_len = olen; 707 } 708 } 709 710 /* Invalid interface-id or basic payload */ 711 struct interface *iface = odhcpd_get_interface_by_index(ifaceidx); 712 if (!iface || iface->master || !payload_data || payload_len < 4) 713 return; 714 715 bool is_authenticated = false; 716 struct in6_addr *dns_ptr = NULL; 717 size_t dns_count = 0; 718 719 /* If the payload is relay-reply we have to send to the server port */ 720 if (payload_data[0] == DHCPV6_MSG_RELAY_REPL) { 721 target.sin6_port = htons(DHCPV6_SERVER_PORT); 722 } else { /* Go through the payload data */ 723 struct dhcpv6_client_header *h = (void*)payload_data; 724 end = payload_data + payload_len; 725 726 dhcpv6_for_each_option(&h[1], end, otype, olen, odata) { 727 if (otype == DHCPV6_OPT_DNS_SERVERS && olen >= 16) { 728 dns_ptr = (struct in6_addr*)odata; 729 dns_count = olen / 16; 730 } else if (otype == DHCPV6_OPT_AUTH) { 731 is_authenticated = true; 732 } 733 } 734 } 735 736 /* Rewrite DNS servers if requested */ 737 if (iface->always_rewrite_dns && dns_ptr && dns_count > 0) { 738 if (is_authenticated) 739 return; /* Impossible to rewrite */ 740 741 const struct in6_addr *rewrite = iface->dns; 742 struct in6_addr addr; 743 size_t rewrite_cnt = iface->dns_cnt; 744 745 if (rewrite_cnt == 0) { 746 if (odhcpd_get_interface_dns_addr(iface, &addr)) 747 return; /* Unable to get interface address */ 748 749 rewrite = &addr; 750 rewrite_cnt = 1; 751 } 752 753 /* Copy over any other addresses */ 754 for (size_t i = 0; i < dns_count; ++i) { 755 size_t j = (i < rewrite_cnt) ? i : rewrite_cnt - 1; 756 memcpy(&dns_ptr[i], &rewrite[j], sizeof(*rewrite)); 757 } 758 } 759 760 struct iovec iov = {payload_data, payload_len}; 761 762 syslog(LOG_DEBUG, "Sending a DHCPv6-reply on %s", iface->name); 763 764 odhcpd_send(iface->dhcpv6_event.uloop.fd, &target, &iov, 1, iface); 765 } 766 767 static struct odhcpd_ipaddr *relay_link_address(struct interface *iface) 768 { 769 struct odhcpd_ipaddr *addr = NULL; 770 time_t now = odhcpd_time(); 771 772 for (size_t i = 0; i < iface->addr6_len; i++) { 773 if (iface->addr6[i].valid <= (uint32_t)now) 774 continue; 775 776 if (iface->addr6[i].preferred > (uint32_t)now) { 777 addr = &iface->addr6[i]; 778 break; 779 } 780 781 if (!addr || (iface->addr6[i].valid > addr->valid)) 782 addr = &iface->addr6[i]; 783 } 784 785 return addr; 786 } 787 788 /* Relay client request (regular DHCPv6-relay) */ 789 static void relay_client_request(struct sockaddr_in6 *source, 790 const void *data, size_t len, struct interface *iface) 791 { 792 const struct dhcpv6_relay_header *h = data; 793 /* Construct our forwarding envelope */ 794 struct dhcpv6_relay_forward_envelope hdr = { 795 .msg_type = DHCPV6_MSG_RELAY_FORW, 796 .hop_count = 0, 797 .interface_id_type = htons(DHCPV6_OPT_INTERFACE_ID), 798 .interface_id_len = htons(sizeof(uint32_t)), 799 .relay_message_type = htons(DHCPV6_OPT_RELAY_MSG), 800 .relay_message_len = htons(len), 801 }; 802 struct iovec iov[2] = {{&hdr, sizeof(hdr)}, {(void *)data, len}}; 803 struct interface *c; 804 struct odhcpd_ipaddr *ip; 805 struct sockaddr_in6 s; 806 807 if (h->msg_type == DHCPV6_MSG_RELAY_REPL || 808 h->msg_type == DHCPV6_MSG_RECONFIGURE || 809 h->msg_type == DHCPV6_MSG_REPLY || 810 h->msg_type == DHCPV6_MSG_ADVERTISE) 811 return; /* Invalid message types for client */ 812 813 syslog(LOG_DEBUG, "Got a DHCPv6-request on %s", iface->name); 814 815 if (h->msg_type == DHCPV6_MSG_RELAY_FORW) { /* handle relay-forward */ 816 if (h->hop_count >= DHCPV6_HOP_COUNT_LIMIT) 817 return; /* Invalid hop count */ 818 819 hdr.hop_count = h->hop_count + 1; 820 } 821 822 /* use memcpy here as the destination fields are unaligned */ 823 memcpy(&hdr.peer_address, &source->sin6_addr, sizeof(struct in6_addr)); 824 memcpy(&hdr.interface_id_data, &iface->ifindex, sizeof(iface->ifindex)); 825 826 /* Detect public IP of slave interface to use as link-address */ 827 ip = relay_link_address(iface); 828 if (ip) 829 memcpy(&hdr.link_address, &ip->addr.in6, sizeof(hdr.link_address)); 830 831 memset(&s, 0, sizeof(s)); 832 s.sin6_family = AF_INET6; 833 s.sin6_port = htons(DHCPV6_SERVER_PORT); 834 inet_pton(AF_INET6, ALL_DHCPV6_SERVERS, &s.sin6_addr); 835 836 avl_for_each_element(&interfaces, c, avl) { 837 if (!c->master || c->dhcpv6 != MODE_RELAY) 838 continue; 839 840 if (!ip) { 841 /* No suitable address! Is the slave not configured yet? 842 * Detect public IP of master interface and use it instead 843 * This is WRONG and probably violates the RFC. However 844 * otherwise we have a hen and egg problem because the 845 * slave-interface cannot be auto-configured. */ 846 ip = relay_link_address(c); 847 if (!ip) 848 continue; /* Could not obtain a suitable address */ 849 850 memcpy(&hdr.link_address, &ip->addr.in6, sizeof(hdr.link_address)); 851 ip = NULL; 852 } 853 854 syslog(LOG_DEBUG, "Sending a DHCPv6-relay-forward on %s", c->name); 855 856 odhcpd_send(c->dhcpv6_event.uloop.fd, &s, iov, 2, c); 857 } 858 } 859
This page was automatically generated by LXR 0.3.1. • OpenWrt