1 /** 2 * Copyright (C) 2012-2013 Steven Barth <steven@midlink.org> 3 * Copyright (C) 2018 Hans Dedecker <dedeckeh@gmail.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License v2 as published by 7 * the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * 15 */ 16 17 #include <errno.h> 18 #include <unistd.h> 19 #include <stddef.h> 20 #include <resolv.h> 21 #include <sys/timerfd.h> 22 #include <arpa/inet.h> 23 24 #include <libubox/utils.h> 25 26 #include "odhcpd.h" 27 #include "dhcpv6.h" 28 #ifdef DHCPV4_SUPPORT 29 #include "dhcpv4.h" 30 #endif 31 32 static void relay_client_request(struct sockaddr_in6 *source, 33 const void *data, size_t len, struct interface *iface); 34 static void relay_server_response(uint8_t *data, size_t len); 35 36 static void handle_dhcpv6(void *addr, void *data, size_t len, 37 struct interface *iface, void *dest); 38 static void handle_client_request(void *addr, void *data, size_t len, 39 struct interface *iface, void *dest_addr); 40 41 42 /* Create socket and register events */ 43 int dhcpv6_init(void) 44 { 45 return dhcpv6_ia_init(); 46 } 47 48 int dhcpv6_setup_interface(struct interface *iface, bool enable) 49 { 50 int ret = 0; 51 52 enable = enable && (iface->dhcpv6 != MODE_DISABLED); 53 54 if (iface->dhcpv6_event.uloop.fd >= 0) { 55 uloop_fd_delete(&iface->dhcpv6_event.uloop); 56 close(iface->dhcpv6_event.uloop.fd); 57 iface->dhcpv6_event.uloop.fd = -1; 58 } 59 60 /* Configure multicast settings */ 61 if (enable) { 62 struct sockaddr_in6 bind_addr = {AF_INET6, htons(DHCPV6_SERVER_PORT), 63 0, IN6ADDR_ANY_INIT, 0}; 64 struct ipv6_mreq mreq; 65 int val = 1; 66 67 iface->dhcpv6_event.uloop.fd = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP); 68 if (iface->dhcpv6_event.uloop.fd < 0) { 69 syslog(LOG_ERR, "socket(AF_INET6): %m"); 70 ret = -1; 71 goto out; 72 } 73 74 /* Basic IPv6 configuration */ 75 if (setsockopt(iface->dhcpv6_event.uloop.fd, SOL_SOCKET, SO_BINDTODEVICE, 76 iface->ifname, strlen(iface->ifname)) < 0) { 77 syslog(LOG_ERR, "setsockopt(SO_BINDTODEVICE): %m"); 78 ret = -1; 79 goto out; 80 } 81 82 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_V6ONLY, 83 &val, sizeof(val)) < 0) { 84 syslog(LOG_ERR, "setsockopt(IPV6_V6ONLY): %m"); 85 ret = -1; 86 goto out; 87 } 88 89 if (setsockopt(iface->dhcpv6_event.uloop.fd, SOL_SOCKET, SO_REUSEADDR, 90 &val, sizeof(val)) < 0) { 91 syslog(LOG_ERR, "setsockopt(SO_REUSEADDR): %m"); 92 ret = -1; 93 goto out; 94 } 95 96 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, 97 &val, sizeof(val)) < 0) { 98 syslog(LOG_ERR, "setsockopt(IPV6_RECVPKTINFO): %m"); 99 ret = -1; 100 goto out; 101 } 102 103 val = DHCPV6_HOP_COUNT_LIMIT; 104 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 105 &val, sizeof(val)) < 0) { 106 syslog(LOG_ERR, "setsockopt(IPV6_MULTICAST_HOPS): %m"); 107 ret = -1; 108 goto out; 109 } 110 111 val = 0; 112 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, 113 &val, sizeof(val)) < 0) { 114 syslog(LOG_ERR, "setsockopt(IPV6_MULTICAST_LOOP): %m"); 115 ret = -1; 116 goto out; 117 } 118 119 if (bind(iface->dhcpv6_event.uloop.fd, (struct sockaddr*)&bind_addr, 120 sizeof(bind_addr)) < 0) { 121 syslog(LOG_ERR, "bind(): %m"); 122 ret = -1; 123 goto out; 124 } 125 126 memset(&mreq, 0, sizeof(mreq)); 127 inet_pton(AF_INET6, ALL_DHCPV6_RELAYS, &mreq.ipv6mr_multiaddr); 128 mreq.ipv6mr_interface = iface->ifindex; 129 130 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, 131 &mreq, sizeof(mreq)) < 0) { 132 syslog(LOG_ERR, "setsockopt(IPV6_ADD_MEMBERSHIP): %m"); 133 ret = -1; 134 goto out; 135 } 136 137 if (iface->dhcpv6 == MODE_SERVER) { 138 memset(&mreq, 0, sizeof(mreq)); 139 inet_pton(AF_INET6, ALL_DHCPV6_SERVERS, &mreq.ipv6mr_multiaddr); 140 mreq.ipv6mr_interface = iface->ifindex; 141 142 if (setsockopt(iface->dhcpv6_event.uloop.fd, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, 143 &mreq, sizeof(mreq)) < 0) { 144 syslog(LOG_ERR, "setsockopt(IPV6_ADD_MEMBERSHIP): %m"); 145 ret = -1; 146 goto out; 147 } 148 } 149 150 iface->dhcpv6_event.handle_dgram = handle_dhcpv6; 151 odhcpd_register(&iface->dhcpv6_event); 152 } 153 154 ret = dhcpv6_ia_setup_interface(iface, enable); 155 156 out: 157 if (ret < 0 && iface->dhcpv6_event.uloop.fd >= 0) { 158 close(iface->dhcpv6_event.uloop.fd); 159 iface->dhcpv6_event.uloop.fd = -1; 160 } 161 162 return ret; 163 } 164 165 enum { 166 IOV_NESTED = 0, 167 IOV_DEST, 168 IOV_MAXRT, 169 #define IOV_STAT IOV_MAXRT 170 IOV_RAPID_COMMIT, 171 IOV_DNS, 172 IOV_DNS_ADDR, 173 IOV_SEARCH, 174 IOV_SEARCH_DOMAIN, 175 IOV_PDBUF, 176 #define IOV_REFRESH IOV_PDBUF 177 IOV_CERID, 178 IOV_DHCPV6_RAW, 179 IOV_RELAY_MSG, 180 IOV_DHCPV4O6_SERVER, 181 IOV_TOTAL 182 }; 183 184 static void handle_nested_message(uint8_t *data, size_t len, 185 struct dhcpv6_client_header **c_hdr, uint8_t **opts, 186 uint8_t **end, struct iovec iov[IOV_TOTAL]) 187 { 188 struct dhcpv6_relay_header *r_hdr = (struct dhcpv6_relay_header *)data; 189 uint16_t otype, olen; 190 uint8_t *odata; 191 192 if (iov[IOV_NESTED].iov_base == NULL) { 193 iov[IOV_NESTED].iov_base = data; 194 iov[IOV_NESTED].iov_len = len; 195 } 196 197 if (len < sizeof(struct dhcpv6_client_header)) 198 return; 199 200 if (r_hdr->msg_type != DHCPV6_MSG_RELAY_FORW) { 201 iov[IOV_NESTED].iov_len = data - (uint8_t *)iov[IOV_NESTED].iov_base; 202 *c_hdr = (void *)data; 203 *opts = (uint8_t *)&(*c_hdr)[1]; 204 *end = data + len; 205 return; 206 } 207 208 dhcpv6_for_each_option(r_hdr->options, data + len, otype, olen, odata) { 209 if (otype == DHCPV6_OPT_RELAY_MSG) { 210 iov[IOV_RELAY_MSG].iov_base = odata + olen; 211 iov[IOV_RELAY_MSG].iov_len = (((uint8_t *)iov[IOV_NESTED].iov_base) + 212 iov[IOV_NESTED].iov_len) - (odata + olen); 213 handle_nested_message(odata, olen, c_hdr, opts, end, iov); 214 return; 215 } 216 } 217 } 218 219 220 static void update_nested_message(uint8_t *data, size_t len, ssize_t pdiff) 221 { 222 struct dhcpv6_relay_header *hdr = (struct dhcpv6_relay_header*)data; 223 if (hdr->msg_type != DHCPV6_MSG_RELAY_FORW) 224 return; 225 226 hdr->msg_type = DHCPV6_MSG_RELAY_REPL; 227 228 uint16_t otype, olen; 229 uint8_t *odata; 230 dhcpv6_for_each_option(hdr->options, data + len, otype, olen, odata) { 231 if (otype == DHCPV6_OPT_RELAY_MSG) { 232 olen += pdiff; 233 odata[-2] = (olen >> 8) & 0xff; 234 odata[-1] = olen & 0xff; 235 update_nested_message(odata, olen - pdiff, pdiff); 236 return; 237 } 238 } 239 } 240 241 #ifdef DHCPV4_SUPPORT 242 243 struct dhcpv4_msg_data { 244 uint8_t *msg; 245 size_t maxsize; 246 ssize_t len; 247 }; 248 249 static int send_reply(_unused const void *buf, size_t len, 250 _unused const struct sockaddr *dest, _unused socklen_t dest_len, 251 _unused void *opaque) 252 { 253 struct dhcpv4_msg_data *reply = opaque; 254 255 if (len > reply->maxsize) { 256 syslog(LOG_ERR, "4o6: reply too large, %zu > %zu", len, reply->maxsize); 257 reply->len = -1; 258 } else { 259 memcpy(reply->msg, buf, len); 260 reply->len = len; 261 } 262 263 return reply->len; 264 } 265 266 static ssize_t dhcpv6_4o6_query(uint8_t *buf, size_t buflen, 267 struct interface *iface, 268 const struct sockaddr_in6 *addr, 269 const void *data, const uint8_t *end) 270 { 271 const struct dhcpv6_client_header *hdr = data; 272 uint16_t otype, olen, msgv4_len = 0; 273 uint8_t *msgv4_data = NULL; 274 uint8_t *start = (uint8_t *)&hdr[1], *odata; 275 struct sockaddr_in addrv4; 276 struct dhcpv4_msg_data reply = { .msg = buf, .maxsize = buflen, .len = -1 }; 277 278 dhcpv6_for_each_option(start, end, otype, olen, odata) { 279 if (otype == DHCPV6_OPT_DHCPV4_MSG) { 280 msgv4_data = odata; 281 msgv4_len = olen; 282 } 283 } 284 285 if (!msgv4_data || msgv4_len == 0) { 286 syslog(LOG_ERR, "4o6: missing DHCPv4 message option (%d)", DHCPV6_OPT_DHCPV4_MSG); 287 return -1; 288 } 289 290 // Dummy IPv4 address 291 memset(&addrv4, 0, sizeof(addrv4)); 292 addrv4.sin_family = AF_INET; 293 addrv4.sin_addr.s_addr = INADDR_ANY; 294 addrv4.sin_port = htons(DHCPV4_CLIENT_PORT); 295 296 dhcpv4_handle_msg(&addrv4, msgv4_data, msgv4_len, 297 iface, NULL, send_reply, &reply); 298 299 return reply.len; 300 } 301 #endif /* DHCPV4_SUPPORT */ 302 303 /* Simple DHCPv6-server for information requests */ 304 static void handle_client_request(void *addr, void *data, size_t len, 305 struct interface *iface, void *dest_addr) 306 { 307 struct dhcpv6_client_header *hdr = data; 308 uint8_t *opts = (uint8_t *)&hdr[1], *opts_end = (uint8_t *)data + len; 309 bool o_rapid_commit = false; 310 311 if (len < sizeof(*hdr)) 312 return; 313 314 syslog(LOG_DEBUG, "Got a DHCPv6-request on %s", iface->name); 315 316 /* Construct reply message */ 317 struct __attribute__((packed)) { 318 uint8_t msg_type; 319 uint8_t tr_id[3]; 320 uint16_t serverid_type; 321 uint16_t serverid_length; 322 uint16_t duid_type; 323 uint16_t hardware_type; 324 uint8_t mac[6]; 325 uint16_t clientid_type; 326 uint16_t clientid_length; 327 uint8_t clientid_buf[130]; 328 } dest = { 329 .msg_type = DHCPV6_MSG_REPLY, 330 .serverid_type = htons(DHCPV6_OPT_SERVERID), 331 .serverid_length = htons(10), 332 .duid_type = htons(3), 333 .hardware_type = htons(1), 334 .clientid_type = htons(DHCPV6_OPT_CLIENTID), 335 .clientid_buf = {0} 336 }; 337 odhcpd_get_mac(iface, dest.mac); 338 339 struct __attribute__((packed)) { 340 uint16_t type; 341 uint16_t len; 342 uint32_t value; 343 } maxrt = {htons(DHCPV6_OPT_SOL_MAX_RT), htons(sizeof(maxrt) - 4), 344 htonl(60)}; 345 346 struct __attribute__((packed)) { 347 uint16_t type; 348 uint16_t len; 349 } rapid_commit = {htons(DHCPV6_OPT_RAPID_COMMIT), 0}; 350 351 struct __attribute__((packed)) { 352 uint16_t type; 353 uint16_t len; 354 uint16_t value; 355 } stat = {htons(DHCPV6_OPT_STATUS), htons(sizeof(stat) - 4), 356 htons(DHCPV6_STATUS_USEMULTICAST)}; 357 358 struct __attribute__((packed)) { 359 uint16_t type; 360 uint16_t len; 361 uint32_t value; 362 } refresh = {htons(DHCPV6_OPT_INFO_REFRESH), htons(sizeof(uint32_t)), 363 htonl(600)}; 364 365 struct in6_addr dns_addr, *dns_addr_ptr = iface->dns; 366 size_t dns_cnt = iface->dns_cnt; 367 368 if ((dns_cnt == 0) && 369 !odhcpd_get_interface_dns_addr(iface, &dns_addr)) { 370 dns_addr_ptr = &dns_addr; 371 dns_cnt = 1; 372 } 373 374 struct { 375 uint16_t type; 376 uint16_t len; 377 } dns = {htons(DHCPV6_OPT_DNS_SERVERS), htons(dns_cnt * sizeof(*dns_addr_ptr))}; 378 379 380 381 /* DNS Search options */ 382 uint8_t search_buf[256], *search_domain = iface->search; 383 size_t search_len = iface->search_len; 384 385 if (!search_domain && !res_init() && _res.dnsrch[0] && _res.dnsrch[0][0]) { 386 int len = dn_comp(_res.dnsrch[0], search_buf, 387 sizeof(search_buf), NULL, NULL); 388 if (len > 0) { 389 search_domain = search_buf; 390 search_len = len; 391 } 392 } 393 394 struct { 395 uint16_t type; 396 uint16_t len; 397 } search = {htons(DHCPV6_OPT_DNS_DOMAIN), htons(search_len)}; 398 399 400 struct __attribute__((packed)) dhcpv4o6_server { 401 uint16_t type; 402 uint16_t len; 403 struct in6_addr addr; 404 } dhcpv4o6_server = {htons(DHCPV6_OPT_4O6_SERVER), htons(sizeof(struct in6_addr)), 405 IN6ADDR_ANY_INIT}; 406 407 struct dhcpv6_cer_id cerid = { 408 #ifdef EXT_CER_ID 409 .type = htons(EXT_CER_ID), 410 #endif 411 .len = htons(36), 412 .addr = iface->dhcpv6_pd_cer, 413 }; 414 415 416 uint8_t pdbuf[512]; 417 struct iovec iov[IOV_TOTAL] = { 418 [IOV_NESTED] = {NULL, 0}, 419 [IOV_DEST] = {&dest, (uint8_t*)&dest.clientid_type - (uint8_t*)&dest}, 420 [IOV_MAXRT] = {&maxrt, sizeof(maxrt)}, 421 [IOV_RAPID_COMMIT] = {&rapid_commit, 0}, 422 [IOV_DNS] = {&dns, (dns_cnt) ? sizeof(dns) : 0}, 423 [IOV_DNS_ADDR] = {dns_addr_ptr, dns_cnt * sizeof(*dns_addr_ptr)}, 424 [IOV_SEARCH] = {&search, (search_len) ? sizeof(search) : 0}, 425 [IOV_SEARCH_DOMAIN] = {search_domain, search_len}, 426 [IOV_PDBUF] = {pdbuf, 0}, 427 [IOV_CERID] = {&cerid, 0}, 428 [IOV_DHCPV6_RAW] = {iface->dhcpv6_raw, iface->dhcpv6_raw_len}, 429 [IOV_RELAY_MSG] = {NULL, 0}, 430 [IOV_DHCPV4O6_SERVER] = {&dhcpv4o6_server, 0}, 431 }; 432 433 if (hdr->msg_type == DHCPV6_MSG_RELAY_FORW) 434 handle_nested_message(data, len, &hdr, &opts, &opts_end, iov); 435 436 switch (hdr->msg_type) { 437 case DHCPV6_MSG_SOLICIT: 438 case DHCPV6_MSG_REQUEST: 439 case DHCPV6_MSG_CONFIRM: 440 case DHCPV6_MSG_RENEW: 441 case DHCPV6_MSG_REBIND: 442 case DHCPV6_MSG_RELEASE: 443 case DHCPV6_MSG_DECLINE: 444 case DHCPV6_MSG_INFORMATION_REQUEST: 445 case DHCPV6_MSG_RELAY_FORW: 446 #ifdef DHCPV4_SUPPORT 447 case DHCPV6_MSG_DHCPV4_QUERY: 448 #endif 449 break; /* Valid message types for clients */ 450 case DHCPV6_MSG_ADVERTISE: 451 case DHCPV6_MSG_REPLY: 452 case DHCPV6_MSG_RECONFIGURE: 453 case DHCPV6_MSG_RELAY_REPL: 454 case DHCPV6_MSG_DHCPV4_RESPONSE: 455 #ifndef DHCPV4_SUPPORT 456 case DHCPV6_MSG_DHCPV4_QUERY: 457 #endif 458 default: 459 return; /* Invalid message types for clients */ 460 } 461 462 if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && 463 (hdr->msg_type == DHCPV6_MSG_SOLICIT || hdr->msg_type == DHCPV6_MSG_CONFIRM || 464 hdr->msg_type == DHCPV6_MSG_REBIND || hdr->msg_type == DHCPV6_MSG_INFORMATION_REQUEST)) 465 return; 466 467 memcpy(dest.tr_id, hdr->transaction_id, sizeof(dest.tr_id)); 468 469 /* Go through options and find what we need */ 470 uint16_t otype, olen; 471 uint8_t *odata; 472 dhcpv6_for_each_option(opts, opts_end, otype, olen, odata) { 473 if (otype == DHCPV6_OPT_CLIENTID && olen <= 130) { 474 dest.clientid_length = htons(olen); 475 memcpy(dest.clientid_buf, odata, olen); 476 iov[IOV_DEST].iov_len += 4 + olen; 477 } else if (otype == DHCPV6_OPT_SERVERID) { 478 if (olen != ntohs(dest.serverid_length) || 479 memcmp(odata, &dest.duid_type, olen)) 480 return; /* Not for us */ 481 } else if (iface->filter_class && otype == DHCPV6_OPT_USER_CLASS) { 482 uint8_t *c = odata, *cend = &odata[olen]; 483 for (; &c[2] <= cend && &c[2 + (c[0] << 8) + c[1]] <= cend; c = &c[2 + (c[0] << 8) + c[1]]) { 484 size_t elen = strlen(iface->filter_class); 485 if (((((size_t)c[0]) << 8) | c[1]) == elen && !memcmp(&c[2], iface->filter_class, elen)) 486 return; /* Ignore from homenet */ 487 } 488 } else if (otype == DHCPV6_OPT_IA_PD) { 489 #ifdef EXT_CER_ID 490 iov[IOV_CERID].iov_len = sizeof(cerid); 491 492 if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr)) { 493 struct odhcpd_ipaddr *addrs; 494 ssize_t len = netlink_get_interface_addrs(0, true, &addrs); 495 496 for (ssize_t i = 0; i < len; ++i) 497 if (IN6_IS_ADDR_UNSPECIFIED(&cerid.addr) 498 || memcmp(&addrs[i].addr, &cerid.addr, sizeof(cerid.addr)) < 0) 499 cerid.addr = addrs[i].addr.in6; 500 501 free(addrs); 502 } 503 #endif 504 } else if (otype == DHCPV6_OPT_RAPID_COMMIT && hdr->msg_type == DHCPV6_MSG_SOLICIT) { 505 iov[IOV_RAPID_COMMIT].iov_len = sizeof(rapid_commit); 506 o_rapid_commit = true; 507 } else if (otype == DHCPV6_OPT_ORO) { 508 for (int i=0; i < olen/2; i++) { 509 uint16_t option = ntohs(((uint16_t *)odata)[i]); 510 511 switch (option) { 512 #ifdef DHCPV4_SUPPORT 513 case DHCPV6_OPT_4O6_SERVER: 514 if (iface->dhcpv4) { 515 /* According to RFC 7341, 7.2. DHCP 4o6 Server Address Option Format: 516 * This option may also carry no IPv6 addresses, which instructs the 517 * client to use the All_DHCP_Relay_Agents_and_Servers multicast address 518 * as the destination address. 519 * 520 * The ISC dhclient logs a missing IPv6 address as an error but seems to 521 * work anyway: 522 * dhcp4-o-dhcp6-server: expecting at least 16 bytes; got 0 523 * 524 * Include the All_DHCP_Relay_Agents_and_Servers multicast address 525 * to make it explicit which address to use. */ 526 struct dhcpv4o6_server *server = iov[IOV_DHCPV4O6_SERVER].iov_base; 527 528 inet_pton(AF_INET6, ALL_DHCPV6_RELAYS, &server->addr); 529 530 iov[IOV_DHCPV4O6_SERVER].iov_len = sizeof(dhcpv4o6_server); 531 } 532 break; 533 #endif /* DHCPV4_SUPPORT */ 534 default: 535 break; 536 } 537 } 538 } 539 } 540 541 if (!IN6_IS_ADDR_MULTICAST((struct in6_addr *)dest_addr) && iov[IOV_NESTED].iov_len == 0 && 542 (hdr->msg_type == DHCPV6_MSG_REQUEST || hdr->msg_type == DHCPV6_MSG_RENEW || 543 hdr->msg_type == DHCPV6_MSG_RELEASE || hdr->msg_type == DHCPV6_MSG_DECLINE)) { 544 iov[IOV_STAT].iov_base = &stat; 545 iov[IOV_STAT].iov_len = sizeof(stat); 546 547 for (ssize_t i = IOV_STAT + 1; i < IOV_TOTAL; ++i) 548 iov[i].iov_len = 0; 549 550 odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); 551 return; 552 } 553 554 if (hdr->msg_type == DHCPV6_MSG_SOLICIT && !o_rapid_commit) { 555 dest.msg_type = DHCPV6_MSG_ADVERTISE; 556 } else if (hdr->msg_type == DHCPV6_MSG_INFORMATION_REQUEST) { 557 iov[IOV_REFRESH].iov_base = &refresh; 558 iov[IOV_REFRESH].iov_len = sizeof(refresh); 559 560 /* Return inf max rt option in reply to information request */ 561 maxrt.type = htons(DHCPV6_OPT_INF_MAX_RT); 562 } 563 564 #ifdef DHCPV4_SUPPORT 565 if (hdr->msg_type == DHCPV6_MSG_DHCPV4_QUERY) { 566 struct _packed dhcpv4_msg_data { 567 uint16_t type; 568 uint16_t len; 569 uint8_t msg[1]; 570 } *msg_opt = (struct dhcpv4_msg_data*)pdbuf; 571 ssize_t msglen; 572 573 memset(pdbuf, 0, sizeof(pdbuf)); 574 575 msglen = dhcpv6_4o6_query(msg_opt->msg, sizeof(pdbuf) - sizeof(*msg_opt) + 1, 576 iface, addr, (const void *)hdr, opts_end); 577 if (msglen <= 0) { 578 syslog(LOG_ERR, "4o6: query failed"); 579 return; 580 } 581 582 msg_opt->type = htons(DHCPV6_OPT_DHCPV4_MSG); 583 msg_opt->len = htons(msglen); 584 iov[IOV_PDBUF].iov_len = sizeof(*msg_opt) - 1 + msglen; 585 dest.msg_type = DHCPV6_MSG_DHCPV4_RESPONSE; 586 } else 587 #endif /* DHCPV4_SUPPORT */ 588 if (hdr->msg_type != DHCPV6_MSG_INFORMATION_REQUEST) { 589 ssize_t ialen = dhcpv6_ia_handle_IAs(pdbuf, sizeof(pdbuf), iface, addr, (const void *)hdr, opts_end); 590 591 iov[IOV_PDBUF].iov_len = ialen; 592 if (ialen < 0 || 593 (ialen == 0 && (hdr->msg_type == DHCPV6_MSG_REBIND || hdr->msg_type == DHCPV6_MSG_CONFIRM))) 594 return; 595 } 596 597 if (iov[IOV_NESTED].iov_len > 0) /* Update length */ 598 update_nested_message(data, len, iov[IOV_DEST].iov_len + iov[IOV_MAXRT].iov_len + 599 iov[IOV_RAPID_COMMIT].iov_len + iov[IOV_DNS].iov_len + 600 iov[IOV_DNS_ADDR].iov_len + iov[IOV_SEARCH].iov_len + 601 iov[IOV_SEARCH_DOMAIN].iov_len + iov[IOV_PDBUF].iov_len + 602 iov[IOV_DHCPV4O6_SERVER].iov_len + 603 iov[IOV_CERID].iov_len + iov[IOV_DHCPV6_RAW].iov_len - 604 (4 + opts_end - opts)); 605 606 syslog(LOG_DEBUG, "Sending a DHCPv6-%s on %s", iov[IOV_NESTED].iov_len ? "relay-reply" : "reply", iface->name); 607 608 odhcpd_send(iface->dhcpv6_event.uloop.fd, addr, iov, ARRAY_SIZE(iov), iface); 609 } 610 611 612 /* Central DHCPv6-relay handler */ 613 static void handle_dhcpv6(void *addr, void *data, size_t len, 614 struct interface *iface, void *dest_addr) 615 { 616 if (iface->dhcpv6 == MODE_SERVER) { 617 handle_client_request(addr, data, len, iface, dest_addr); 618 } else if (iface->dhcpv6 == MODE_RELAY) { 619 if (iface->master) 620 relay_server_response(data, len); 621 else 622 relay_client_request(addr, data, len, iface); 623 } 624 } 625 626 627 /* Relay server response (regular relay server handling) */ 628 static void relay_server_response(uint8_t *data, size_t len) 629 { 630 /* Information we need to gather */ 631 uint8_t *payload_data = NULL; 632 size_t payload_len = 0; 633 int32_t ifaceidx = 0; 634 struct sockaddr_in6 target = {AF_INET6, htons(DHCPV6_CLIENT_PORT), 635 0, IN6ADDR_ANY_INIT, 0}; 636 int otype, olen; 637 uint8_t *odata, *end = data + len; 638 /* Relay DHCPv6 reply from server to client */ 639 struct dhcpv6_relay_header *h = (void*)data; 640 641 syslog(LOG_DEBUG, "Got a DHCPv6-relay-reply"); 642 643 if (len < sizeof(*h) || h->msg_type != DHCPV6_MSG_RELAY_REPL) 644 return; 645 646 memcpy(&target.sin6_addr, &h->peer_address, sizeof(struct in6_addr)); 647 648 /* Go through options and find what we need */ 649 dhcpv6_for_each_option(h->options, end, otype, olen, odata) { 650 if (otype == DHCPV6_OPT_INTERFACE_ID 651 && olen == sizeof(ifaceidx)) { 652 memcpy(&ifaceidx, odata, sizeof(ifaceidx)); 653 } else if (otype == DHCPV6_OPT_RELAY_MSG) { 654 payload_data = odata; 655 payload_len = olen; 656 } 657 } 658 659 /* Invalid interface-id or basic payload */ 660 struct interface *iface = odhcpd_get_interface_by_index(ifaceidx); 661 if (!iface || iface->master || !payload_data || payload_len < 4) 662 return; 663 664 bool is_authenticated = false; 665 struct in6_addr *dns_ptr = NULL; 666 size_t dns_count = 0; 667 668 /* If the payload is relay-reply we have to send to the server port */ 669 if (payload_data[0] == DHCPV6_MSG_RELAY_REPL) { 670 target.sin6_port = htons(DHCPV6_SERVER_PORT); 671 } else { /* Go through the payload data */ 672 struct dhcpv6_client_header *h = (void*)payload_data; 673 end = payload_data + payload_len; 674 675 dhcpv6_for_each_option(&h[1], end, otype, olen, odata) { 676 if (otype == DHCPV6_OPT_DNS_SERVERS && olen >= 16) { 677 dns_ptr = (struct in6_addr*)odata; 678 dns_count = olen / 16; 679 } else if (otype == DHCPV6_OPT_AUTH) { 680 is_authenticated = true; 681 } 682 } 683 } 684 685 /* Rewrite DNS servers if requested */ 686 if (iface->always_rewrite_dns && dns_ptr && dns_count > 0) { 687 if (is_authenticated) 688 return; /* Impossible to rewrite */ 689 690 const struct in6_addr *rewrite = iface->dns; 691 struct in6_addr addr; 692 size_t rewrite_cnt = iface->dns_cnt; 693 694 if (rewrite_cnt == 0) { 695 if (odhcpd_get_interface_dns_addr(iface, &addr)) 696 return; /* Unable to get interface address */ 697 698 rewrite = &addr; 699 rewrite_cnt = 1; 700 } 701 702 /* Copy over any other addresses */ 703 for (size_t i = 0; i < dns_count; ++i) { 704 size_t j = (i < rewrite_cnt) ? i : rewrite_cnt - 1; 705 memcpy(&dns_ptr[i], &rewrite[j], sizeof(*rewrite)); 706 } 707 } 708 709 struct iovec iov = {payload_data, payload_len}; 710 711 syslog(LOG_DEBUG, "Sending a DHCPv6-reply on %s", iface->name); 712 713 odhcpd_send(iface->dhcpv6_event.uloop.fd, &target, &iov, 1, iface); 714 } 715 716 static struct odhcpd_ipaddr *relay_link_address(struct interface *iface) 717 { 718 struct odhcpd_ipaddr *addr = NULL; 719 time_t now = odhcpd_time(); 720 721 for (size_t i = 0; i < iface->addr6_len; i++) { 722 if (iface->addr6[i].valid <= (uint32_t)now) 723 continue; 724 725 if (iface->addr6[i].preferred > (uint32_t)now) { 726 addr = &iface->addr6[i]; 727 break; 728 } 729 730 if (!addr || (iface->addr6[i].valid > addr->valid)) 731 addr = &iface->addr6[i]; 732 } 733 734 return addr; 735 } 736 737 /* Relay client request (regular DHCPv6-relay) */ 738 static void relay_client_request(struct sockaddr_in6 *source, 739 const void *data, size_t len, struct interface *iface) 740 { 741 const struct dhcpv6_relay_header *h = data; 742 /* Construct our forwarding envelope */ 743 struct dhcpv6_relay_forward_envelope hdr = { 744 .msg_type = DHCPV6_MSG_RELAY_FORW, 745 .hop_count = 0, 746 .interface_id_type = htons(DHCPV6_OPT_INTERFACE_ID), 747 .interface_id_len = htons(sizeof(uint32_t)), 748 .relay_message_type = htons(DHCPV6_OPT_RELAY_MSG), 749 .relay_message_len = htons(len), 750 }; 751 struct iovec iov[2] = {{&hdr, sizeof(hdr)}, {(void *)data, len}}; 752 struct interface *c; 753 struct odhcpd_ipaddr *ip; 754 struct sockaddr_in6 s; 755 756 if (h->msg_type == DHCPV6_MSG_RELAY_REPL || 757 h->msg_type == DHCPV6_MSG_RECONFIGURE || 758 h->msg_type == DHCPV6_MSG_REPLY || 759 h->msg_type == DHCPV6_MSG_ADVERTISE) 760 return; /* Invalid message types for client */ 761 762 syslog(LOG_DEBUG, "Got a DHCPv6-request on %s", iface->name); 763 764 if (h->msg_type == DHCPV6_MSG_RELAY_FORW) { /* handle relay-forward */ 765 if (h->hop_count >= DHCPV6_HOP_COUNT_LIMIT) 766 return; /* Invalid hop count */ 767 768 hdr.hop_count = h->hop_count + 1; 769 } 770 771 /* use memcpy here as the destination fields are unaligned */ 772 memcpy(&hdr.peer_address, &source->sin6_addr, sizeof(struct in6_addr)); 773 memcpy(&hdr.interface_id_data, &iface->ifindex, sizeof(iface->ifindex)); 774 775 /* Detect public IP of slave interface to use as link-address */ 776 ip = relay_link_address(iface); 777 if (ip) 778 memcpy(&hdr.link_address, &ip->addr.in6, sizeof(hdr.link_address)); 779 780 memset(&s, 0, sizeof(s)); 781 s.sin6_family = AF_INET6; 782 s.sin6_port = htons(DHCPV6_SERVER_PORT); 783 inet_pton(AF_INET6, ALL_DHCPV6_SERVERS, &s.sin6_addr); 784 785 avl_for_each_element(&interfaces, c, avl) { 786 if (!c->master || c->dhcpv6 != MODE_RELAY) 787 continue; 788 789 if (!ip) { 790 /* No suitable address! Is the slave not configured yet? 791 * Detect public IP of master interface and use it instead 792 * This is WRONG and probably violates the RFC. However 793 * otherwise we have a hen and egg problem because the 794 * slave-interface cannot be auto-configured. */ 795 ip = relay_link_address(c); 796 if (!ip) 797 continue; /* Could not obtain a suitable address */ 798 799 memcpy(&hdr.link_address, &ip->addr.in6, sizeof(hdr.link_address)); 800 ip = NULL; 801 } 802 803 syslog(LOG_DEBUG, "Sending a DHCPv6-relay-forward on %s", c->name); 804 805 odhcpd_send(c->dhcpv6_event.uloop.fd, &s, iov, 2, c); 806 } 807 } 808
This page was automatically generated by LXR 0.3.1. • OpenWrt