1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * dhcpcd - DHCP client daemon 4 * Copyright (c) 2006-2025 Roy Marples <roy (at) marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/utsname.h> 30 #include <sys/types.h> 31 32 #include <netinet/in.h> 33 #include <netinet/ip6.h> 34 35 #include <assert.h> 36 #include <ctype.h> 37 #include <errno.h> 38 #include <fcntl.h> 39 #include <inttypes.h> 40 #include <stdbool.h> 41 #include <stddef.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <unistd.h> 45 #include <fcntl.h> 46 #include <syslog.h> 47 48 #define ELOOP_QUEUE ELOOP_DHCP6 49 #include "config.h" 50 #include "common.h" 51 #include "dhcp.h" 52 #include "dhcp6.h" 53 #include "duid.h" 54 #include "eloop.h" 55 #include "if.h" 56 #include "if-options.h" 57 #include "ipv6nd.h" 58 #include "logerr.h" 59 #include "privsep.h" 60 #include "script.h" 61 62 #ifdef HAVE_SYS_BITOPS_H 63 #include <sys/bitops.h> 64 #else 65 #include "compat/bitops.h" 66 #endif 67 68 /* DHCPCD Project has been assigned an IANA PEN of 40712 */ 69 #define DHCPCD_IANA_PEN 40712 70 71 /* Unsure if I want this */ 72 //#define VENDOR_SPLIT 73 74 /* Support older systems with different defines */ 75 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO) 76 #define IPV6_RECVPKTINFO IPV6_PKTINFO 77 #endif 78 79 #ifdef DHCP6 80 81 /* Assert the correct structure size for on wire */ 82 struct dhcp6_message { 83 uint8_t type; 84 uint8_t xid[3]; 85 /* followed by options */ 86 }; 87 __CTASSERT(sizeof(struct dhcp6_message) == 4); 88 89 struct dhcp6_option { 90 uint16_t code; 91 uint16_t len; 92 /* followed by data */ 93 }; 94 __CTASSERT(sizeof(struct dhcp6_option) == 4); 95 96 struct dhcp6_ia_na { 97 uint8_t iaid[4]; 98 uint32_t t1; 99 uint32_t t2; 100 }; 101 __CTASSERT(sizeof(struct dhcp6_ia_na) == 12); 102 103 struct dhcp6_ia_ta { 104 uint8_t iaid[4]; 105 }; 106 __CTASSERT(sizeof(struct dhcp6_ia_ta) == 4); 107 108 struct dhcp6_ia_addr { 109 struct in6_addr addr; 110 uint32_t pltime; 111 uint32_t vltime; 112 }; 113 __CTASSERT(sizeof(struct dhcp6_ia_addr) == 16 + 8); 114 115 /* Some compilers do not support packed structures. 116 * We manually decode this. */ 117 #if 0 118 struct dhcp6_pd_addr { 119 uint32_t pltime; 120 uint32_t vltime; 121 uint8_t prefix_len; 122 struct in6_addr prefix; 123 } __packed; 124 __CTASSERT(sizeof(struct dhcp6_pd_addr) == 8 + 1 + 16); 125 #endif 126 127 #define DHCP6_PD_ADDR_SIZE (8 + 1 + 16) 128 #define DHCP6_PD_ADDR_PLTIME 0 129 #define DHCP6_PD_ADDR_VLTIME 4 130 #define DHCP6_PD_ADDR_PLEN 8 131 #define DHCP6_PD_ADDR_PREFIX 9 132 133 struct dhcp6_op { 134 uint16_t type; 135 const char *name; 136 }; 137 138 static const struct dhcp6_op dhcp6_ops[] = { 139 { DHCP6_SOLICIT, "SOLICIT6" }, 140 { DHCP6_ADVERTISE, "ADVERTISE6" }, 141 { DHCP6_REQUEST, "REQUEST6" }, 142 { DHCP6_REPLY, "REPLY6" }, 143 { DHCP6_RENEW, "RENEW6" }, 144 { DHCP6_REBIND, "REBIND6" }, 145 { DHCP6_CONFIRM, "CONFIRM6" }, 146 { DHCP6_INFORMATION_REQ, "INFORM6" }, 147 { DHCP6_RELEASE, "RELEASE6" }, 148 { DHCP6_RECONFIGURE, "RECONFIGURE6" }, 149 { DHCP6_DECLINE, "DECLINE6" }, 150 { 0, NULL } 151 }; 152 153 struct dhcp_compat { 154 uint8_t dhcp_opt; 155 uint16_t dhcp6_opt; 156 }; 157 158 /* 159 * RFC 5908 deprecates OPTION_SNTP_SERVERS. 160 * But we can support both as the hook scripts will uniqify the 161 * results if the server returns both options. 162 */ 163 static const struct dhcp_compat dhcp_compats[] = { 164 { DHO_DNSSERVER, D6_OPTION_DNS_SERVERS }, 165 { DHO_HOSTNAME, D6_OPTION_FQDN }, 166 { DHO_DNSDOMAIN, D6_OPTION_FQDN }, 167 { DHO_NISSERVER, D6_OPTION_NIS_SERVERS }, 168 { DHO_NTPSERVER, D6_OPTION_SNTP_SERVERS }, 169 { DHO_NTPSERVER, D6_OPTION_NTP_SERVER }, 170 { DHO_RAPIDCOMMIT, D6_OPTION_RAPID_COMMIT }, 171 { DHO_FQDN, D6_OPTION_FQDN }, 172 { DHO_VIVCO, D6_OPTION_VENDOR_CLASS }, 173 { DHO_VIVSO, D6_OPTION_VENDOR_OPTS }, 174 { DHO_DNSSEARCH, D6_OPTION_DOMAIN_LIST }, 175 { 0, 0 } 176 }; 177 178 static const char * const dhcp6_statuses[] = { 179 "Success", 180 "Unspecified Failure", 181 "No Addresses Available", 182 "No Binding", 183 "Not On Link", 184 "Use Multicast", 185 "No Prefix Available" 186 }; 187 188 static void dhcp6_bind(struct interface *, const char *, const char *); 189 static void dhcp6_failinform(void *); 190 static void dhcp6_startrebind(void *arg); 191 static void dhcp6_recvaddr(void *, unsigned short); 192 static void dhcp6_startdecline(struct interface *); 193 static void dhcp6_startrequest(struct interface *); 194 195 #ifdef SMALL 196 #define dhcp6_hasprefixdelegation(a) (0) 197 #else 198 static int dhcp6_hasprefixdelegation(struct interface *); 199 #endif 200 201 #define DECLINE_IA(ia) \ 202 ((ia)->addr_flags & IN6_IFF_DUPLICATED && \ 203 (ia)->ia_type != 0 && (ia)->ia_type != D6_OPTION_IA_PD && \ 204 !((ia)->flags & IPV6_AF_STALE) && \ 205 (ia)->prefix_vltime != 0) 206 207 208 /* Gets a pointer to the length part of the option to fill it 209 * in later. */ 210 #define NEXTLEN(p) ((p) + offsetof(struct dhcp6_option, len)) 211 212 void 213 dhcp6_printoptions(const struct dhcpcd_ctx *ctx, 214 const struct dhcp_opt *opts, size_t opts_len) 215 { 216 size_t i, j; 217 const struct dhcp_opt *opt, *opt2; 218 int cols; 219 220 for (i = 0, opt = ctx->dhcp6_opts; 221 i < ctx->dhcp6_opts_len; i++, opt++) 222 { 223 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 224 if (opt2->option == opt->option) 225 break; 226 if (j == opts_len) { 227 cols = printf("%05d %s", opt->option, opt->var); 228 dhcp_print_option_encoding(opt, cols); 229 } 230 } 231 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 232 cols = printf("%05d %s", opt->option, opt->var); 233 dhcp_print_option_encoding(opt, cols); 234 } 235 } 236 237 static size_t 238 dhcp6_makeuser(void *data, const struct interface *ifp) 239 { 240 const struct if_options *ifo = ifp->options; 241 struct dhcp6_option o; 242 uint8_t *p; 243 const uint8_t *up, *ue; 244 uint16_t ulen, unlen; 245 size_t olen; 246 247 /* Convert the DHCPv4 user class option to DHCPv6 */ 248 up = ifo->userclass; 249 ulen = *up++; 250 if (ulen == 0) 251 return 0; 252 253 p = data; 254 olen = 0; 255 if (p != NULL) 256 p += sizeof(o); 257 258 ue = up + ulen; 259 for (; up < ue; up += ulen) { 260 ulen = *up++; 261 olen += sizeof(ulen) + ulen; 262 if (data == NULL) 263 continue; 264 unlen = htons(ulen); 265 memcpy(p, &unlen, sizeof(unlen)); 266 p += sizeof(unlen); 267 memcpy(p, up, ulen); 268 p += ulen; 269 } 270 if (data != NULL) { 271 o.code = htons(D6_OPTION_USER_CLASS); 272 o.len = htons((uint16_t)olen); 273 memcpy(data, &o, sizeof(o)); 274 } 275 276 return sizeof(o) + olen; 277 } 278 279 #ifndef SMALL 280 /* DHCPv6 Option 16 (Vendor Class Option) */ 281 static size_t 282 dhcp6_makevendor(void *data, const struct interface *ifp) 283 { 284 const struct if_options *ifo; 285 size_t len = 0, optlen, vlen, i; 286 uint8_t *p; 287 const struct vivco *vivco; 288 struct dhcp6_option o; 289 290 ifo = ifp->options; 291 if (ifo->vivco_len > 0) { 292 for (i = 0, vivco = ifo->vivco; 293 i < ifo->vivco_len; 294 i++, vivco++) 295 len += sizeof(o) + sizeof(uint32_t) + sizeof(uint16_t) + vivco->len; 296 } else if (ifo->vendorclassid[0] != '\0') { 297 /* dhcpcd owns DHCPCD_IANA_PEN. 298 * If you need your own string, get your own IANA PEN. */ 299 vlen = strlen(ifp->ctx->vendor); 300 len += sizeof(o) + sizeof(uint32_t) + sizeof(uint16_t) + vlen; 301 } else 302 return 0; 303 304 if (len > UINT16_MAX) { 305 logerrx("%s: DHCPv6 Vendor Class too big", ifp->name); 306 return 0; 307 } 308 309 if (data != NULL) { 310 uint32_t pen; 311 uint16_t hvlen; 312 313 p = data; 314 315 if (ifo->vivco_len > 0) { 316 for (i = 0, vivco = ifo->vivco; 317 i < ifo->vivco_len; 318 i++, vivco++) { 319 optlen = sizeof(uint32_t) + sizeof(uint16_t) + vivco->len; 320 o.code = htons(D6_OPTION_VENDOR_CLASS); 321 o.len = htons((uint16_t)optlen); 322 memcpy(p, &o, sizeof(o)); 323 p += sizeof(o); 324 pen = htonl(vivco->en); 325 memcpy(p, &pen, sizeof(pen)); 326 p += sizeof(pen); 327 hvlen = htons((uint16_t)vivco->len); 328 memcpy(p, &hvlen, sizeof(hvlen)); 329 p += sizeof(hvlen); 330 memcpy(p, vivco->data, vivco->len); 331 p += vivco->len; 332 } 333 } else if (ifo->vendorclassid[0] != '\0') { 334 optlen = sizeof(uint32_t) + sizeof(uint16_t) + vlen; 335 o.code = htons(D6_OPTION_VENDOR_CLASS); 336 o.len = htons((uint16_t)optlen); 337 memcpy(p, &o, sizeof(o)); 338 p += sizeof(o); 339 pen = htonl(DHCPCD_IANA_PEN); 340 memcpy(p, &pen, sizeof(pen)); 341 p += sizeof(pen); 342 hvlen = htons((uint16_t)vlen); 343 memcpy(p, &hvlen, sizeof(hvlen)); 344 p += sizeof(hvlen); 345 memcpy(p, ifp->ctx->vendor, vlen); 346 } 347 } 348 return len; 349 } 350 351 /* DHCPv6 Option 17 (Vendor-Specific Information Option) */ 352 static size_t 353 dhcp6_makevendoropts(void *data, const struct interface *ifp) 354 { 355 uint8_t *p = data, *olenp; 356 const struct if_options *ifo = ifp->options; 357 size_t len = 0, olen; 358 const struct vsio *vsio, *vsio_endp = ifo->vsio6 + ifo->vsio6_len; 359 const struct vsio_so *so, *so_endp; 360 struct dhcp6_option o; 361 uint32_t en; 362 uint16_t opt, slen; 363 364 for (vsio = ifo->vsio6; vsio != vsio_endp; ++vsio) { 365 if (vsio->so_len == 0) 366 continue; 367 368 if (p != NULL) { 369 olenp = NEXTLEN(p); 370 o.code = htons(D6_OPTION_VENDOR_OPTS); 371 o.len = 0; 372 memcpy(p, &o, sizeof(o)); 373 p += sizeof(o); 374 375 en = htonl(vsio->en); 376 memcpy(p, &en, sizeof(en)); 377 p += sizeof(en); 378 } else 379 olenp = NULL; 380 381 olen = sizeof(en); 382 383 so_endp = vsio->so + vsio->so_len; 384 for (so = vsio->so; so != so_endp; so++) { 385 if (olen + sizeof(opt) + sizeof(slen) 386 + so->len > UINT16_MAX) 387 { 388 logerrx("%s: option too big", __func__); 389 break; 390 } 391 392 if (p != NULL) { 393 opt = htons(so->opt); 394 memcpy(p, &opt, sizeof(opt)); 395 p += sizeof(opt); 396 slen = htons(so->len); 397 memcpy(p, &slen, sizeof(slen)); 398 p += sizeof(slen); 399 memcpy(p, so->data, so->len); 400 p += so->len; 401 } 402 403 olen += sizeof(opt) + sizeof(slen) + so->len; 404 } 405 406 if (olenp != NULL) { 407 slen = htons((uint16_t)olen); 408 memcpy(olenp, &slen, sizeof(slen)); 409 } 410 411 len += sizeof(o) + olen; 412 } 413 414 return len; 415 } 416 #endif 417 418 static void * 419 dhcp6_findoption(void *data, size_t data_len, uint16_t code, uint16_t *len) 420 { 421 uint8_t *d; 422 struct dhcp6_option o; 423 424 code = htons(code); 425 for (d = data; data_len != 0; d += o.len, data_len -= o.len) { 426 if (data_len < sizeof(o)) { 427 errno = EINVAL; 428 return NULL; 429 } 430 memcpy(&o, d, sizeof(o)); 431 d += sizeof(o); 432 data_len -= sizeof(o); 433 o.len = htons(o.len); 434 if (data_len < o.len) { 435 errno = EINVAL; 436 return NULL; 437 } 438 if (o.code == code) { 439 if (len != NULL) 440 *len = o.len; 441 return d; 442 } 443 } 444 445 errno = ENOENT; 446 return NULL; 447 } 448 449 static void * 450 dhcp6_findmoption(void *data, size_t data_len, uint16_t code, 451 uint16_t *len) 452 { 453 uint8_t *d; 454 455 if (data_len < sizeof(struct dhcp6_message)) { 456 errno = EINVAL; 457 return false; 458 } 459 d = data; 460 d += sizeof(struct dhcp6_message); 461 data_len -= sizeof(struct dhcp6_message); 462 return dhcp6_findoption(d, data_len, code, len); 463 } 464 465 static const uint8_t * 466 dhcp6_getoption(struct dhcpcd_ctx *ctx, 467 size_t *os, unsigned int *code, size_t *len, 468 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 469 { 470 struct dhcp6_option o; 471 size_t i; 472 struct dhcp_opt *opt; 473 474 if (od != NULL) { 475 *os = sizeof(o); 476 if (ol < *os) { 477 errno = EINVAL; 478 return NULL; 479 } 480 memcpy(&o, od, sizeof(o)); 481 *len = ntohs(o.len); 482 if (*len > ol - *os) { 483 errno = ERANGE; 484 return NULL; 485 } 486 *code = ntohs(o.code); 487 } 488 489 *oopt = NULL; 490 for (i = 0, opt = ctx->dhcp6_opts; 491 i < ctx->dhcp6_opts_len; i++, opt++) 492 { 493 if (opt->option == *code) { 494 *oopt = opt; 495 break; 496 } 497 } 498 499 if (od != NULL) 500 return od + sizeof(o); 501 return NULL; 502 } 503 504 static bool 505 dhcp6_updateelapsed(struct interface *ifp, struct dhcp6_message *m, size_t len) 506 { 507 uint8_t *opt; 508 uint16_t opt_len; 509 struct dhcp6_state *state; 510 struct timespec tv; 511 unsigned long long hsec; 512 uint16_t sec; 513 514 opt = dhcp6_findmoption(m, len, D6_OPTION_ELAPSED, &opt_len); 515 if (opt == NULL) 516 return false; 517 if (opt_len != sizeof(sec)) { 518 errno = EINVAL; 519 return false; 520 } 521 522 state = D6_STATE(ifp); 523 clock_gettime(CLOCK_MONOTONIC, &tv); 524 if (state->RTC == 0) { 525 /* An RTC of zero means we're the first message 526 * out of the door, so the elapsed time is zero. */ 527 state->started = tv; 528 hsec = 0; 529 } else { 530 unsigned long long secs; 531 unsigned int nsecs; 532 533 secs = eloop_timespec_diff(&tv, &state->started, &nsecs); 534 /* Elapsed time is measured in centiseconds. 535 * We need to be sure it will not potentially overflow. */ 536 if (secs >= (UINT16_MAX / CSEC_PER_SEC) + 1) 537 hsec = UINT16_MAX; 538 else { 539 hsec = (secs * CSEC_PER_SEC) + 540 (nsecs / NSEC_PER_CSEC); 541 if (hsec > UINT16_MAX) 542 hsec = UINT16_MAX; 543 } 544 } 545 sec = htons((uint16_t)hsec); 546 memcpy(opt, &sec, sizeof(sec)); 547 return true; 548 } 549 550 static void 551 dhcp6_newxid(const struct interface *ifp, struct dhcp6_message *m) 552 { 553 const struct interface *ifp1; 554 const struct dhcp6_state *state1; 555 uint32_t xid; 556 557 if (ifp->options->options & DHCPCD_XID_HWADDR && 558 ifp->hwlen >= sizeof(xid)) 559 /* The lower bits are probably more unique on the network */ 560 memcpy(&xid, (ifp->hwaddr + ifp->hwlen) - sizeof(xid), 561 sizeof(xid)); 562 else { 563 again: 564 xid = arc4random(); 565 } 566 567 m->xid[0] = (xid >> 16) & 0xff; 568 m->xid[1] = (xid >> 8) & 0xff; 569 m->xid[2] = xid & 0xff; 570 571 /* Ensure it's unique */ 572 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 573 if (ifp == ifp1) 574 continue; 575 if ((state1 = D6_CSTATE(ifp1)) == NULL) 576 continue; 577 if (state1->send != NULL && 578 state1->send->xid[0] == m->xid[0] && 579 state1->send->xid[1] == m->xid[1] && 580 state1->send->xid[2] == m->xid[2]) 581 break; 582 } 583 584 if (ifp1 != NULL) { 585 if (ifp->options->options & DHCPCD_XID_HWADDR && 586 ifp->hwlen >= sizeof(xid)) 587 { 588 logerrx("%s: duplicate xid on %s", 589 ifp->name, ifp1->name); 590 return; 591 } 592 goto again; 593 } 594 } 595 596 #ifndef SMALL 597 static const struct if_sla * 598 dhcp6_findselfsla(struct interface *ifp) 599 { 600 size_t i, j; 601 struct if_ia *ia; 602 603 for (i = 0; i < ifp->options->ia_len; i++) { 604 ia = &ifp->options->ia[i]; 605 if (ia->ia_type != D6_OPTION_IA_PD) 606 continue; 607 for (j = 0; j < ia->sla_len; j++) { 608 if (strcmp(ia->sla[j].ifname, ifp->name) == 0) 609 return &ia->sla[j]; 610 } 611 } 612 return NULL; 613 } 614 615 static int 616 dhcp6_delegateaddr(struct in6_addr *addr, struct interface *ifp, 617 const struct ipv6_addr *prefix, const struct if_sla *sla, struct if_ia *ia) 618 { 619 struct dhcp6_state *state; 620 struct if_sla asla; 621 char sabuf[INET6_ADDRSTRLEN]; 622 const char *sa; 623 624 state = D6_STATE(ifp); 625 if (state == NULL) { 626 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 627 state = D6_STATE(ifp); 628 if (state == NULL) { 629 logerr(__func__); 630 return -1; 631 } 632 633 TAILQ_INIT(&state->addrs); 634 state->state = DH6S_DELEGATED; 635 state->reason = "DELEGATED6"; 636 } 637 638 if (sla == NULL || !sla->sla_set) { 639 /* No SLA set, so make an assumption of 640 * desired SLA and prefix length. */ 641 asla.sla = ifp->index; 642 asla.prefix_len = 0; 643 asla.sla_set = false; 644 sla = &asla; 645 } else if (sla->prefix_len == 0) { 646 /* An SLA was given, but prefix length was not. 647 * We need to work out a suitable prefix length for 648 * potentially more than one interface. */ 649 asla.sla = sla->sla; 650 asla.prefix_len = 0; 651 asla.sla_set = sla->sla_set; 652 sla = &asla; 653 } 654 655 if (sla->prefix_len == 0) { 656 uint32_t sla_max; 657 int bits; 658 659 sla_max = ia->sla_max; 660 if (sla_max == 0 && (sla == NULL || !sla->sla_set)) { 661 const struct interface *ifi; 662 663 TAILQ_FOREACH(ifi, ifp->ctx->ifaces, next) { 664 if (ifi->index > sla_max) 665 sla_max = ifi->index; 666 } 667 } 668 669 bits = fls32(sla_max); 670 671 if (prefix->prefix_len + bits > (int)UINT8_MAX) 672 asla.prefix_len = UINT8_MAX; 673 else { 674 asla.prefix_len = (uint8_t)(prefix->prefix_len + bits); 675 676 /* Make a 64 prefix by default, as this makes SLAAC 677 * possible. 678 * Otherwise round up to the nearest 4 bits. */ 679 if (asla.prefix_len <= 64) 680 asla.prefix_len = 64; 681 else 682 asla.prefix_len = 683 (uint8_t)ROUNDUP4(asla.prefix_len); 684 } 685 686 #define BIT(n) (1UL << (n)) 687 #define BIT_MASK(len) (BIT(len) - 1) 688 if (ia->sla_max == 0) { 689 /* Work out the real sla_max from our bits used */ 690 bits = asla.prefix_len - prefix->prefix_len; 691 /* Make static analysis happy. 692 * Bits cannot be bigger than 32 thanks to fls32. */ 693 assert(bits <= 32); 694 ia->sla_max = (uint32_t)BIT_MASK(bits); 695 } 696 } 697 698 if (ipv6_userprefix(&prefix->prefix, prefix->prefix_len, 699 sla->sla, addr, sla->prefix_len) == -1) 700 { 701 sa = inet_ntop(AF_INET6, &prefix->prefix, 702 sabuf, sizeof(sabuf)); 703 logerr("%s: invalid prefix %s/%d + %d/%d", 704 ifp->name, sa, prefix->prefix_len, 705 sla->sla, sla->prefix_len); 706 return -1; 707 } 708 709 if (prefix->prefix_exclude_len && 710 IN6_ARE_ADDR_EQUAL(addr, &prefix->prefix_exclude)) 711 { 712 sa = inet_ntop(AF_INET6, &prefix->prefix_exclude, 713 sabuf, sizeof(sabuf)); 714 logerrx("%s: cannot delegate excluded prefix %s/%d", 715 ifp->name, sa, prefix->prefix_exclude_len); 716 return -1; 717 } 718 719 return sla->prefix_len; 720 } 721 #endif 722 723 static int 724 dhcp6_makemessage(struct interface *ifp) 725 { 726 struct dhcp6_state *state; 727 struct dhcp6_message *m; 728 struct dhcp6_option o; 729 uint8_t *p, *si, *unicast, IA; 730 size_t n, l, len, ml, hl; 731 uint8_t type; 732 uint16_t si_len, uni_len, n_options; 733 uint8_t *o_lenp; 734 struct if_options *ifo = ifp->options; 735 const struct dhcp_opt *opt, *opt2; 736 const struct ipv6_addr *ap; 737 char hbuf[HOSTNAME_MAX_LEN + 1]; 738 const char *hostname; 739 int fqdn; 740 struct dhcp6_ia_na ia_na; 741 uint16_t ia_na_len; 742 struct if_ia *ifia; 743 #ifdef AUTH 744 uint16_t auth_len; 745 #endif 746 uint8_t duid[DUID_LEN]; 747 size_t duid_len = 0; 748 749 state = D6_STATE(ifp); 750 if (state->send) { 751 free(state->send); 752 state->send = NULL; 753 } 754 755 switch(state->state) { 756 case DH6S_INIT: /* FALLTHROUGH */ 757 case DH6S_DISCOVER: 758 type = DHCP6_SOLICIT; 759 break; 760 case DH6S_REQUEST: 761 type = DHCP6_REQUEST; 762 break; 763 case DH6S_CONFIRM: 764 type = DHCP6_CONFIRM; 765 break; 766 case DH6S_REBIND: 767 type = DHCP6_REBIND; 768 break; 769 case DH6S_RENEW: 770 type = DHCP6_RENEW; 771 break; 772 case DH6S_INFORM: 773 type = DHCP6_INFORMATION_REQ; 774 break; 775 case DH6S_RELEASE: 776 type = DHCP6_RELEASE; 777 break; 778 case DH6S_DECLINE: 779 type = DHCP6_DECLINE; 780 break; 781 default: 782 errno = EINVAL; 783 return -1; 784 } 785 786 /* RFC 4704 Section 5 says we can only send FQDN for these 787 * message types. */ 788 switch(type) { 789 case DHCP6_SOLICIT: 790 case DHCP6_REQUEST: 791 case DHCP6_RENEW: 792 case DHCP6_REBIND: 793 fqdn = ifo->fqdn; 794 break; 795 default: 796 fqdn = FQDN_DISABLE; 797 break; 798 } 799 800 if (fqdn == FQDN_DISABLE && ifo->options & DHCPCD_HOSTNAME) { 801 /* We're sending the DHCPv4 hostname option, so send FQDN as 802 * DHCPv6 has no FQDN option and DHCPv4 must not send 803 * hostname and FQDN according to RFC4702 */ 804 fqdn = FQDN_BOTH; 805 } 806 if (fqdn != FQDN_DISABLE) 807 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo); 808 else 809 hostname = NULL; /* appearse gcc */ 810 811 /* Work out option size first */ 812 n_options = 0; 813 len = 0; 814 si = NULL; 815 hl = 0; /* Appease gcc */ 816 if (state->state != DH6S_RELEASE && state->state != DH6S_DECLINE) { 817 for (l = 0, opt = ifp->ctx->dhcp6_opts; 818 l < ifp->ctx->dhcp6_opts_len; 819 l++, opt++) 820 { 821 for (n = 0, opt2 = ifo->dhcp6_override; 822 n < ifo->dhcp6_override_len; 823 n++, opt2++) 824 { 825 if (opt->option == opt2->option) 826 break; 827 } 828 if (n < ifo->dhcp6_override_len) 829 continue; 830 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 831 continue; 832 n_options++; 833 len += sizeof(o.len); 834 } 835 #ifndef SMALL 836 for (l = 0, opt = ifo->dhcp6_override; 837 l < ifo->dhcp6_override_len; 838 l++, opt++) 839 { 840 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 841 continue; 842 n_options++; 843 len += sizeof(o.len); 844 } 845 if (dhcp6_findselfsla(ifp)) { 846 n_options++; 847 len += sizeof(o.len); 848 } 849 #endif 850 if (len) 851 len += sizeof(o); 852 853 if (fqdn != FQDN_DISABLE) { 854 hl = encode_rfc1035(hostname, NULL); 855 len += sizeof(o) + 1 + hl; 856 } 857 858 if (!has_option_mask(ifo->nomask6, D6_OPTION_MUDURL) && 859 ifo->mudurl[0]) 860 len += sizeof(o) + ifo->mudurl[0]; 861 862 #ifdef AUTH 863 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 864 DHCPCD_AUTH_SENDREQUIRE && 865 DHC_REQ(ifo->requestmask6, ifo->nomask6, 866 D6_OPTION_RECONF_ACCEPT)) 867 len += sizeof(o); /* Reconfigure Accept */ 868 #endif 869 } 870 871 len += sizeof(*state->send); 872 len += sizeof(o) + sizeof(uint16_t); /* elapsed */ 873 874 if (ifo->options & DHCPCD_ANONYMOUS) { 875 duid_len = duid_make(duid, ifp, DUID_LL); 876 len += sizeof(o) + duid_len; 877 } else { 878 len += sizeof(o) + ifp->ctx->duid_len; 879 } 880 881 if (!has_option_mask(ifo->nomask6, D6_OPTION_USER_CLASS)) 882 len += dhcp6_makeuser(NULL, ifp); 883 884 #ifndef SMALL 885 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_CLASS)) 886 len += dhcp6_makevendor(NULL, ifp); 887 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_OPTS)) 888 len += dhcp6_makevendoropts(NULL, ifp); 889 #endif 890 891 /* IA */ 892 m = NULL; 893 ml = 0; 894 switch(state->state) { 895 case DH6S_REQUEST: 896 m = state->recv; 897 ml = state->recv_len; 898 /* FALLTHROUGH */ 899 case DH6S_DECLINE: 900 /* FALLTHROUGH */ 901 case DH6S_RELEASE: 902 /* FALLTHROUGH */ 903 case DH6S_RENEW: 904 if (m == NULL) { 905 m = state->new; 906 ml = state->new_len; 907 } 908 si = dhcp6_findmoption(m, ml, D6_OPTION_SERVERID, &si_len); 909 if (si == NULL) 910 return -1; 911 len += sizeof(o) + si_len; 912 /* FALLTHROUGH */ 913 case DH6S_REBIND: 914 /* FALLTHROUGH */ 915 case DH6S_CONFIRM: 916 /* FALLTHROUGH */ 917 case DH6S_DISCOVER: 918 if (m == NULL) { 919 m = state->new; 920 ml = state->new_len; 921 } 922 TAILQ_FOREACH(ap, &state->addrs, next) { 923 if (ap->flags & IPV6_AF_STALE) 924 continue; 925 if (!(ap->flags & IPV6_AF_REQUEST) && 926 (ap->prefix_vltime == 0 || 927 state->state == DH6S_DISCOVER)) 928 continue; 929 if (DECLINE_IA(ap) && state->state != DH6S_DECLINE) 930 continue; 931 if (ap->ia_type == D6_OPTION_IA_PD) { 932 #ifndef SMALL 933 len += sizeof(o) + DHCP6_PD_ADDR_SIZE; 934 if (ap->prefix_exclude_len) 935 len += sizeof(o) + 1 + 936 (uint8_t)((ap->prefix_exclude_len - 937 ap->prefix_len - 1) / NBBY) + 1; 938 #endif 939 } else 940 len += sizeof(o) + sizeof(struct dhcp6_ia_addr); 941 } 942 /* FALLTHROUGH */ 943 case DH6S_INIT: 944 for (l = 0; l < ifo->ia_len; l++) { 945 len += sizeof(o) + sizeof(uint32_t); /* IAID */ 946 /* IA_TA does not have T1 or T2 timers */ 947 if (ifo->ia[l].ia_type != D6_OPTION_IA_TA) 948 len += sizeof(uint32_t) + sizeof(uint32_t); 949 } 950 IA = 1; 951 break; 952 default: 953 IA = 0; 954 } 955 956 if (state->state == DH6S_DISCOVER && 957 !(ifp->ctx->options & DHCPCD_TEST) && 958 DHC_REQ(ifo->requestmask6, ifo->nomask6, D6_OPTION_RAPID_COMMIT)) 959 len += sizeof(o); 960 961 if (m == NULL) { 962 m = state->new; 963 ml = state->new_len; 964 } 965 966 switch(state->state) { 967 case DH6S_REQUEST: /* FALLTHROUGH */ 968 case DH6S_RENEW: /* FALLTHROUGH */ 969 case DH6S_RELEASE: 970 if (has_option_mask(ifo->nomask6, D6_OPTION_UNICAST)) { 971 unicast = NULL; 972 break; 973 } 974 unicast = dhcp6_findmoption(m, ml, D6_OPTION_UNICAST, &uni_len); 975 break; 976 default: 977 unicast = NULL; 978 break; 979 } 980 981 /* In non manager mode we listen and send from fixed addresses. 982 * We should try and match an address we have to unicast to, 983 * but for now this is the safest policy. */ 984 if (unicast != NULL && !(ifp->ctx->options & DHCPCD_MANAGER)) { 985 logdebugx("%s: ignoring unicast option as not manager", 986 ifp->name); 987 unicast = NULL; 988 } 989 990 #ifdef AUTH 991 auth_len = 0; 992 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 993 ssize_t alen = dhcp_auth_encode(ifp->ctx, &ifo->auth, 994 state->auth.token, NULL, 0, 6, type, NULL, 0); 995 if (alen != -1 && alen > UINT16_MAX) { 996 errno = ERANGE; 997 alen = -1; 998 } 999 if (alen == -1) 1000 logerr("%s: %s: dhcp_auth_encode", __func__, ifp->name); 1001 else if (alen != 0) { 1002 auth_len = (uint16_t)alen; 1003 len += sizeof(o) + auth_len; 1004 } 1005 } 1006 #endif 1007 1008 state->send = malloc(len); 1009 if (state->send == NULL) 1010 return -1; 1011 1012 state->send_len = len; 1013 state->send->type = type; 1014 1015 /* If we found a unicast option, copy it to our state for sending */ 1016 if (unicast && uni_len == sizeof(state->unicast)) 1017 memcpy(&state->unicast, unicast, sizeof(state->unicast)); 1018 else 1019 state->unicast = in6addr_any; 1020 1021 dhcp6_newxid(ifp, state->send); 1022 1023 #define COPYIN1(_code, _len) { \ 1024 o.code = htons((_code)); \ 1025 o.len = htons((_len)); \ 1026 memcpy(p, &o, sizeof(o)); \ 1027 p += sizeof(o); \ 1028 } 1029 #define COPYIN(_code, _data, _len) do { \ 1030 COPYIN1((_code), (_len)); \ 1031 if ((_len) != 0) { \ 1032 memcpy(p, (_data), (_len)); \ 1033 p += (_len); \ 1034 } \ 1035 } while (0 /* CONSTCOND */) 1036 1037 /* Options are listed in numerical order as per RFC 7844 Section 4.1 1038 * XXX: They should be randomised. */ 1039 1040 p = (uint8_t *)state->send + sizeof(*state->send); 1041 if (ifo->options & DHCPCD_ANONYMOUS) 1042 COPYIN(D6_OPTION_CLIENTID, duid, 1043 (uint16_t)duid_len); 1044 else 1045 COPYIN(D6_OPTION_CLIENTID, ifp->ctx->duid, 1046 (uint16_t)ifp->ctx->duid_len); 1047 1048 if (si != NULL) 1049 COPYIN(D6_OPTION_SERVERID, si, si_len); 1050 1051 for (l = 0; IA && l < ifo->ia_len; l++) { 1052 ifia = &ifo->ia[l]; 1053 o_lenp = NEXTLEN(p); 1054 /* TA structure is the same as the others, 1055 * it just lacks the T1 and T2 timers. 1056 * These happen to be at the end of the struct, 1057 * so we just don't copy them in. */ 1058 if (ifia->ia_type == D6_OPTION_IA_TA) 1059 ia_na_len = sizeof(struct dhcp6_ia_ta); 1060 else 1061 ia_na_len = sizeof(ia_na); 1062 memcpy(ia_na.iaid, ifia->iaid, sizeof(ia_na.iaid)); 1063 /* RFC 8415 21.4 and 21.21 state that T1 and T2 should be zero. 1064 * An RFC compliant server MUST ignore them anyway. */ 1065 ia_na.t1 = 0; 1066 ia_na.t2 = 0; 1067 COPYIN(ifia->ia_type, &ia_na, ia_na_len); 1068 TAILQ_FOREACH(ap, &state->addrs, next) { 1069 if (ap->flags & IPV6_AF_STALE) 1070 continue; 1071 if (!(ap->flags & IPV6_AF_REQUEST) && 1072 (ap->prefix_vltime == 0 || 1073 state->state == DH6S_DISCOVER)) 1074 continue; 1075 if (DECLINE_IA(ap) && state->state != DH6S_DECLINE) 1076 continue; 1077 if (ap->ia_type != ifia->ia_type) 1078 continue; 1079 if (memcmp(ap->iaid, ifia->iaid, sizeof(ap->iaid))) 1080 continue; 1081 if (ap->ia_type == D6_OPTION_IA_PD) { 1082 #ifndef SMALL 1083 uint8_t pdp[DHCP6_PD_ADDR_SIZE]; 1084 1085 memset(pdp, 0, DHCP6_PD_ADDR_PLEN); 1086 pdp[DHCP6_PD_ADDR_PLEN] = (uint8_t)ap->prefix_len; 1087 memcpy(pdp + DHCP6_PD_ADDR_PREFIX, &ap->prefix, 1088 DHCP6_PD_ADDR_SIZE - DHCP6_PD_ADDR_PREFIX); 1089 COPYIN(D6_OPTION_IAPREFIX, pdp, sizeof(pdp)); 1090 1091 ia_na_len = (uint16_t) 1092 (ia_na_len + sizeof(o) + sizeof(pdp)); 1093 1094 /* RFC6603 Section 4.2 */ 1095 if (ap->prefix_exclude_len) { 1096 uint8_t exb[16], *ep, u8; 1097 const uint8_t *pp; 1098 1099 n = (size_t)((ap->prefix_exclude_len - 1100 ap->prefix_len - 1) / NBBY) + 1; 1101 ep = exb; 1102 *ep++ = (uint8_t)ap->prefix_exclude_len; 1103 pp = ap->prefix_exclude.s6_addr; 1104 pp += (size_t) 1105 ((ap->prefix_len - 1) / NBBY) + 1106 (n - 1); 1107 u8 = ap->prefix_len % NBBY; 1108 if (u8) 1109 n--; 1110 while (n-- > 0) 1111 *ep++ = *pp--; 1112 n = (size_t)(ep - exb); 1113 if (u8) { 1114 *ep = (uint8_t)(*pp << u8); 1115 n++; 1116 } 1117 COPYIN(D6_OPTION_PD_EXCLUDE, exb, 1118 (uint16_t)n); 1119 ia_na_len = (uint16_t) 1120 (ia_na_len + sizeof(o) + n); 1121 } 1122 #endif 1123 } else { 1124 struct dhcp6_ia_addr ia = { 1125 .addr = ap->addr, 1126 /* 1127 * RFC 8415 21.6 states that the 1128 * valid and preferred lifetimes sent by 1129 * the client SHOULD be zero and MUST 1130 * be ignored by the server. 1131 */ 1132 }; 1133 1134 COPYIN(D6_OPTION_IA_ADDR, &ia, sizeof(ia)); 1135 ia_na_len = (uint16_t) 1136 (ia_na_len + sizeof(o) + sizeof(ia)); 1137 } 1138 } 1139 1140 /* Update the total option lenth. */ 1141 ia_na_len = htons(ia_na_len); 1142 memcpy(o_lenp, &ia_na_len, sizeof(ia_na_len)); 1143 } 1144 1145 if (state->send->type != DHCP6_RELEASE && 1146 state->send->type != DHCP6_DECLINE && 1147 n_options) 1148 { 1149 o_lenp = NEXTLEN(p); 1150 o.len = 0; 1151 COPYIN1(D6_OPTION_ORO, 0); 1152 for (l = 0, opt = ifp->ctx->dhcp6_opts; 1153 l < ifp->ctx->dhcp6_opts_len; 1154 l++, opt++) 1155 { 1156 #ifndef SMALL 1157 for (n = 0, opt2 = ifo->dhcp6_override; 1158 n < ifo->dhcp6_override_len; 1159 n++, opt2++) 1160 { 1161 if (opt->option == opt2->option) 1162 break; 1163 } 1164 if (n < ifo->dhcp6_override_len) 1165 continue; 1166 #endif 1167 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 1168 continue; 1169 o.code = htons((uint16_t)opt->option); 1170 memcpy(p, &o.code, sizeof(o.code)); 1171 p += sizeof(o.code); 1172 o.len = (uint16_t)(o.len + sizeof(o.code)); 1173 } 1174 #ifndef SMALL 1175 for (l = 0, opt = ifo->dhcp6_override; 1176 l < ifo->dhcp6_override_len; 1177 l++, opt++) 1178 { 1179 if (!DHC_REQOPT(opt, ifo->requestmask6, ifo->nomask6)) 1180 continue; 1181 o.code = htons((uint16_t)opt->option); 1182 memcpy(p, &o.code, sizeof(o.code)); 1183 p += sizeof(o.code); 1184 o.len = (uint16_t)(o.len + sizeof(o.code)); 1185 } 1186 if (dhcp6_findselfsla(ifp)) { 1187 o.code = htons(D6_OPTION_PD_EXCLUDE); 1188 memcpy(p, &o.code, sizeof(o.code)); 1189 p += sizeof(o.code); 1190 o.len = (uint16_t)(o.len + sizeof(o.code)); 1191 } 1192 #endif 1193 o.len = htons(o.len); 1194 memcpy(o_lenp, &o.len, sizeof(o.len)); 1195 } 1196 1197 si_len = 0; 1198 COPYIN(D6_OPTION_ELAPSED, &si_len, sizeof(si_len)); 1199 1200 if (state->state == DH6S_DISCOVER && 1201 !(ifp->ctx->options & DHCPCD_TEST) && 1202 DHC_REQ(ifo->requestmask6, ifo->nomask6, D6_OPTION_RAPID_COMMIT)) 1203 COPYIN1(D6_OPTION_RAPID_COMMIT, 0); 1204 1205 if (!has_option_mask(ifo->nomask6, D6_OPTION_USER_CLASS)) 1206 p += dhcp6_makeuser(p, ifp); 1207 1208 #ifndef SMALL 1209 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_CLASS)) 1210 p += dhcp6_makevendor(p, ifp); 1211 if (!has_option_mask(ifo->nomask6, D6_OPTION_VENDOR_OPTS)) 1212 p += dhcp6_makevendoropts(p, ifp); 1213 #endif 1214 1215 if (state->send->type != DHCP6_RELEASE && 1216 state->send->type != DHCP6_DECLINE) 1217 { 1218 if (fqdn != FQDN_DISABLE) { 1219 o_lenp = NEXTLEN(p); 1220 COPYIN1(D6_OPTION_FQDN, 0); 1221 if (hl == 0) 1222 *p = D6_FQDN_NONE; 1223 else { 1224 switch (fqdn) { 1225 case FQDN_BOTH: 1226 *p = D6_FQDN_BOTH; 1227 break; 1228 case FQDN_PTR: 1229 *p = D6_FQDN_PTR; 1230 break; 1231 default: 1232 *p = D6_FQDN_NONE; 1233 break; 1234 } 1235 } 1236 p++; 1237 encode_rfc1035(hostname, p); 1238 p += hl; 1239 o.len = htons((uint16_t)(hl + 1)); 1240 memcpy(o_lenp, &o.len, sizeof(o.len)); 1241 } 1242 1243 if (!has_option_mask(ifo->nomask6, D6_OPTION_MUDURL) && 1244 ifo->mudurl[0]) 1245 COPYIN(D6_OPTION_MUDURL, 1246 ifo->mudurl + 1, ifo->mudurl[0]); 1247 1248 #ifdef AUTH 1249 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 1250 DHCPCD_AUTH_SENDREQUIRE && 1251 DHC_REQ(ifo->requestmask6, ifo->nomask6, 1252 D6_OPTION_RECONF_ACCEPT)) 1253 COPYIN1(D6_OPTION_RECONF_ACCEPT, 0); 1254 #endif 1255 1256 } 1257 1258 #ifdef AUTH 1259 /* This has to be the last option */ 1260 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) { 1261 COPYIN1(D6_OPTION_AUTH, auth_len); 1262 /* data will be filled at send message time */ 1263 } 1264 #endif 1265 1266 return 0; 1267 } 1268 1269 static const char * 1270 dhcp6_get_op(uint16_t type) 1271 { 1272 const struct dhcp6_op *d; 1273 1274 for (d = dhcp6_ops; d->name; d++) 1275 if (d->type == type) 1276 return d->name; 1277 return NULL; 1278 } 1279 1280 static void 1281 dhcp6_freedrop_addrs(struct interface *ifp, int drop, unsigned int notflags, 1282 const struct interface *ifd) 1283 { 1284 struct dhcp6_state *state; 1285 1286 state = D6_STATE(ifp); 1287 if (state) { 1288 ipv6_freedrop_addrs(&state->addrs, drop, notflags, ifd); 1289 if (drop) 1290 rt_build(ifp->ctx, AF_INET6); 1291 } 1292 } 1293 1294 #ifndef SMALL 1295 static void dhcp6_delete_delegates(struct interface *ifp) 1296 { 1297 struct interface *ifp0; 1298 1299 if (ifp->ctx->ifaces) { 1300 TAILQ_FOREACH(ifp0, ifp->ctx->ifaces, next) { 1301 if (ifp0 != ifp) 1302 dhcp6_freedrop_addrs(ifp0, 1, 0, ifp); 1303 } 1304 } 1305 } 1306 #endif 1307 1308 #ifdef AUTH 1309 static ssize_t 1310 dhcp6_update_auth(struct interface *ifp, struct dhcp6_message *m, size_t len) 1311 { 1312 struct dhcp6_state *state; 1313 uint8_t *opt; 1314 uint16_t opt_len; 1315 1316 opt = dhcp6_findmoption(m, len, D6_OPTION_AUTH, &opt_len); 1317 if (opt == NULL) 1318 return -1; 1319 1320 state = D6_STATE(ifp); 1321 return dhcp_auth_encode(ifp->ctx, &ifp->options->auth, 1322 state->auth.token, (uint8_t *)state->send, state->send_len, 6, 1323 state->send->type, opt, opt_len); 1324 } 1325 #endif 1326 1327 static const struct in6_addr alldhcp = IN6ADDR_LINKLOCAL_ALLDHCP_INIT; 1328 static int 1329 dhcp6_sendmessage(struct interface *ifp, void (*callback)(void *)) 1330 { 1331 struct dhcp6_state *state = D6_STATE(ifp); 1332 struct dhcpcd_ctx *ctx = ifp->ctx; 1333 unsigned int RT; 1334 bool multicast = true; 1335 struct sockaddr_in6 dst = { 1336 .sin6_family = AF_INET6, 1337 /* Setting the port on Linux gives EINVAL when sending. 1338 * This looks like a kernel bug as the equivalent works 1339 * fine with the DHCP counterpart. */ 1340 #ifndef __linux__ 1341 .sin6_port = htons(DHCP6_SERVER_PORT), 1342 #endif 1343 }; 1344 struct udphdr udp = { 1345 .uh_sport = htons(DHCP6_CLIENT_PORT), 1346 .uh_dport = htons(DHCP6_SERVER_PORT), 1347 .uh_ulen = htons((uint16_t)(sizeof(udp) + state->send_len)), 1348 }; 1349 struct iovec iov[] = { 1350 { .iov_base = &udp, .iov_len = sizeof(udp), }, 1351 { .iov_base = state->send, .iov_len = state->send_len, }, 1352 }; 1353 union { 1354 struct cmsghdr hdr; 1355 uint8_t buf[CMSG_SPACE(sizeof(struct in6_pktinfo))]; 1356 } cmsgbuf = { .buf = { 0 } }; 1357 struct msghdr msg = { 1358 .msg_name = &dst, .msg_namelen = sizeof(dst), 1359 .msg_iov = iov, .msg_iovlen = __arraycount(iov), 1360 }; 1361 char uaddr[INET6_ADDRSTRLEN]; 1362 1363 if (!callback && !if_is_link_up(ifp)) 1364 return 0; 1365 1366 if (!IN6_IS_ADDR_UNSPECIFIED(&state->unicast)) { 1367 switch (state->send->type) { 1368 case DHCP6_SOLICIT: /* FALLTHROUGH */ 1369 case DHCP6_CONFIRM: /* FALLTHROUGH */ 1370 case DHCP6_REBIND: 1371 /* Unicasting is denied for these types. */ 1372 break; 1373 default: 1374 multicast = false; 1375 inet_ntop(AF_INET6, &state->unicast, uaddr, 1376 sizeof(uaddr)); 1377 break; 1378 } 1379 } 1380 dst.sin6_addr = multicast ? alldhcp : state->unicast; 1381 1382 if (!callback) { 1383 logdebugx("%s: %s %s with xid 0x%02x%02x%02x%s%s", 1384 ifp->name, 1385 multicast ? "multicasting" : "unicasting", 1386 dhcp6_get_op(state->send->type), 1387 state->send->xid[0], 1388 state->send->xid[1], 1389 state->send->xid[2], 1390 !multicast ? " " : "", 1391 !multicast ? uaddr : ""); 1392 RT = 0; 1393 } else { 1394 if (state->IMD && 1395 !(ifp->options->options & DHCPCD_INITIAL_DELAY)) 1396 state->IMD = 0; 1397 if (state->IMD) { 1398 state->RT = state->IMD * MSEC_PER_SEC; 1399 /* Some buggy PPP servers close the link too early 1400 * after sending an invalid status in their reply 1401 * which means this host won't see it. 1402 * 1 second grace seems to be the sweet spot. */ 1403 if (ifp->flags & IFF_POINTOPOINT) 1404 state->RT += MSEC_PER_SEC; 1405 } else if (state->RTC == 0) 1406 state->RT = state->IRT * MSEC_PER_SEC; 1407 1408 if (state->MRT != 0) { 1409 unsigned int mrt = state->MRT * MSEC_PER_SEC; 1410 1411 if (state->RT > mrt) 1412 state->RT = mrt; 1413 } 1414 1415 /* Add -.1 to .1 * RT randomness as per RFC8415 section 15 */ 1416 uint32_t lru = arc4random_uniform( 1417 state->RTC == 0 ? DHCP6_RAND_MAX 1418 : DHCP6_RAND_MAX - DHCP6_RAND_MIN); 1419 int lr = (int)lru - (state->RTC == 0 ? 0 : DHCP6_RAND_MAX); 1420 RT = state->RT 1421 + (unsigned int)((float)state->RT 1422 * ((float)lr / DHCP6_RAND_DIV)); 1423 1424 if (if_is_link_up(ifp)) 1425 logdebugx("%s: %s %s (xid 0x%02x%02x%02x)%s%s," 1426 " next in %0.1f seconds", 1427 ifp->name, 1428 state->IMD != 0 ? "delaying" : 1429 multicast ? "multicasting" : "unicasting", 1430 dhcp6_get_op(state->send->type), 1431 state->send->xid[0], 1432 state->send->xid[1], 1433 state->send->xid[2], 1434 state->IMD == 0 && !multicast ? " " : "", 1435 state->IMD == 0 && !multicast ? uaddr : "", 1436 (float)RT / MSEC_PER_SEC); 1437 1438 /* Wait the initial delay */ 1439 if (state->IMD != 0) { 1440 state->IMD = 0; 1441 eloop_timeout_add_msec(ctx->eloop, RT, callback, ifp); 1442 return 0; 1443 } 1444 } 1445 1446 if (!if_is_link_up(ifp)) 1447 return 0; 1448 1449 /* Update the elapsed time */ 1450 dhcp6_updateelapsed(ifp, state->send, state->send_len); 1451 #ifdef AUTH 1452 if (ifp->options->auth.options & DHCPCD_AUTH_SEND && 1453 dhcp6_update_auth(ifp, state->send, state->send_len) == -1) 1454 { 1455 logerr("%s: %s: dhcp6_updateauth", __func__, ifp->name); 1456 if (errno != ESRCH) 1457 return -1; 1458 } 1459 #endif 1460 1461 /* Set the outbound interface */ 1462 if (multicast) { 1463 struct cmsghdr *cm; 1464 struct in6_pktinfo pi = { .ipi6_ifindex = ifp->index }; 1465 1466 dst.sin6_scope_id = ifp->index; 1467 msg.msg_control = cmsgbuf.buf; 1468 msg.msg_controllen = sizeof(cmsgbuf.buf); 1469 cm = CMSG_FIRSTHDR(&msg); 1470 if (cm == NULL) /* unlikely */ 1471 return -1; 1472 cm->cmsg_level = IPPROTO_IPV6; 1473 cm->cmsg_type = IPV6_PKTINFO; 1474 cm->cmsg_len = CMSG_LEN(sizeof(pi)); 1475 memcpy(CMSG_DATA(cm), &pi, sizeof(pi)); 1476 } 1477 1478 #ifdef PRIVSEP 1479 if (IN_PRIVSEP(ifp->ctx)) { 1480 if (ps_inet_senddhcp6(ifp, &msg) == -1) 1481 logerr(__func__); 1482 goto sent; 1483 } 1484 #endif 1485 1486 if (sendmsg(ctx->dhcp6_wfd, &msg, 0) == -1) { 1487 logerr("%s: %s: sendmsg", __func__, ifp->name); 1488 /* Allow DHCPv6 to continue .... the errors 1489 * would be rate limited by the protocol. 1490 * Generally the error is ENOBUFS when struggling to 1491 * associate with an access point. */ 1492 } 1493 1494 #ifdef PRIVSEP 1495 sent: 1496 #endif 1497 state->RTC++; 1498 if (callback) { 1499 state->RT = RT * 2; 1500 if (state->RT < RT) /* Check overflow */ 1501 state->RT = RT; 1502 if (state->MRC == 0 || state->RTC <= state->MRC) 1503 eloop_timeout_add_msec(ctx->eloop, 1504 RT, callback, ifp); 1505 else if (state->MRC != 0 && state->MRCcallback) 1506 eloop_timeout_add_msec(ctx->eloop, 1507 RT, state->MRCcallback, ifp); 1508 else 1509 logwarnx("%s: sent %d times with no reply", 1510 ifp->name, state->RTC); 1511 } 1512 return 0; 1513 } 1514 1515 static void 1516 dhcp6_sendinform(void *arg) 1517 { 1518 1519 dhcp6_sendmessage(arg, dhcp6_sendinform); 1520 } 1521 1522 static void 1523 dhcp6_senddiscover2(void *arg) 1524 { 1525 1526 dhcp6_sendmessage(arg, dhcp6_senddiscover2); 1527 } 1528 1529 static void 1530 dhcp6_senddiscover1(void *arg) 1531 { 1532 /* 1533 * So the initial RT has elapsed. 1534 * If we have any ADVERTs we can now REQUEST them. 1535 * RFC 8415 15 and 18.2.1 1536 */ 1537 struct interface *ifp = arg; 1538 struct dhcp6_state *state = D6_STATE(ifp); 1539 1540 if (state->recv == NULL || state->recv->type != DHCP6_ADVERTISE) 1541 dhcp6_sendmessage(arg, dhcp6_senddiscover2); 1542 else 1543 dhcp6_startrequest(ifp); 1544 } 1545 1546 static void 1547 dhcp6_senddiscover(void *arg) 1548 { 1549 struct interface *ifp = arg; 1550 struct dhcp6_state *state = D6_STATE(ifp); 1551 1552 dhcp6_sendmessage(arg, 1553 state->IMD != 0 ? dhcp6_senddiscover : dhcp6_senddiscover1); 1554 } 1555 1556 static void 1557 dhcp6_sendrequest(void *arg) 1558 { 1559 1560 dhcp6_sendmessage(arg, dhcp6_sendrequest); 1561 } 1562 1563 static void 1564 dhcp6_sendrebind(void *arg) 1565 { 1566 1567 dhcp6_sendmessage(arg, dhcp6_sendrebind); 1568 } 1569 1570 static void 1571 dhcp6_sendrenew(void *arg) 1572 { 1573 1574 dhcp6_sendmessage(arg, dhcp6_sendrenew); 1575 } 1576 1577 static void 1578 dhcp6_sendconfirm(void *arg) 1579 { 1580 1581 dhcp6_sendmessage(arg, dhcp6_sendconfirm); 1582 } 1583 1584 static void 1585 dhcp6_senddecline(void *arg) 1586 { 1587 1588 dhcp6_sendmessage(arg, dhcp6_senddecline); 1589 } 1590 1591 static void 1592 dhcp6_sendrelease(void *arg) 1593 { 1594 1595 dhcp6_sendmessage(arg, dhcp6_sendrelease); 1596 } 1597 1598 static void 1599 dhcp6_startrenew(void *arg) 1600 { 1601 struct interface *ifp; 1602 struct dhcp6_state *state; 1603 1604 ifp = arg; 1605 if ((state = D6_STATE(ifp)) == NULL) 1606 return; 1607 1608 /* Only renew in the bound or renew states */ 1609 if (state->state != DH6S_BOUND && 1610 state->state != DH6S_RENEW) 1611 return; 1612 1613 /* Remove the timeout as the renew may have been forced. */ 1614 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_startrenew, ifp); 1615 1616 state->state = DH6S_RENEW; 1617 state->RTC = 0; 1618 state->IMD = REN_MAX_DELAY; 1619 state->IRT = REN_TIMEOUT; 1620 state->MRT = REN_MAX_RT; 1621 state->MRC = 0; 1622 1623 if (dhcp6_makemessage(ifp) == -1) 1624 logerr("%s: %s", __func__, ifp->name); 1625 else 1626 dhcp6_sendrenew(ifp); 1627 } 1628 1629 void dhcp6_renew(struct interface *ifp) 1630 { 1631 1632 dhcp6_startrenew(ifp); 1633 } 1634 1635 bool 1636 dhcp6_dadcompleted(const struct interface *ifp) 1637 { 1638 const struct dhcp6_state *state; 1639 const struct ipv6_addr *ap; 1640 1641 state = D6_CSTATE(ifp); 1642 TAILQ_FOREACH(ap, &state->addrs, next) { 1643 if (ap->flags & IPV6_AF_ADDED && 1644 !(ap->flags & IPV6_AF_DADCOMPLETED)) 1645 return false; 1646 } 1647 return true; 1648 } 1649 1650 static void 1651 dhcp6_dadcallback(void *arg) 1652 { 1653 struct ipv6_addr *ia = arg; 1654 struct interface *ifp; 1655 struct dhcp6_state *state; 1656 struct ipv6_addr *ia2; 1657 bool completed, valid, oneduplicated; 1658 1659 completed = (ia->flags & IPV6_AF_DADCOMPLETED); 1660 ia->flags |= IPV6_AF_DADCOMPLETED; 1661 if (ia->addr_flags & IN6_IFF_DUPLICATED) 1662 logwarnx("%s: DAD detected %s", ia->iface->name, ia->saddr); 1663 1664 if (completed) 1665 return; 1666 1667 ifp = ia->iface; 1668 state = D6_STATE(ifp); 1669 if (state->state != DH6S_BOUND && state->state != DH6S_DELEGATED) 1670 return; 1671 1672 #ifdef SMALL 1673 valid = true; 1674 #else 1675 valid = (ia->delegating_prefix == NULL); 1676 #endif 1677 completed = true; 1678 oneduplicated = false; 1679 TAILQ_FOREACH(ia2, &state->addrs, next) { 1680 if (ia2->flags & IPV6_AF_ADDED && 1681 !(ia2->flags & IPV6_AF_DADCOMPLETED)) 1682 { 1683 completed = false; 1684 break; 1685 } 1686 if (DECLINE_IA(ia)) 1687 oneduplicated = true; 1688 } 1689 if (!completed) 1690 return; 1691 1692 logdebugx("%s: DHCPv6 DAD completed", ifp->name); 1693 1694 if (oneduplicated && state->state == DH6S_BOUND) { 1695 dhcp6_startdecline(ifp); 1696 return; 1697 } 1698 1699 script_runreason(ifp, 1700 #ifndef SMALL 1701 ia->delegating_prefix ? "DELEGATED6" : 1702 #endif 1703 state->reason); 1704 if (valid) 1705 dhcpcd_daemonise(ifp->ctx); 1706 } 1707 1708 static void 1709 dhcp6_addrequestedaddrs(struct interface *ifp) 1710 { 1711 struct dhcp6_state *state; 1712 size_t i; 1713 struct if_ia *ia; 1714 struct ipv6_addr *a; 1715 1716 state = D6_STATE(ifp); 1717 /* Add any requested prefixes / addresses */ 1718 for (i = 0; i < ifp->options->ia_len; i++) { 1719 ia = &ifp->options->ia[i]; 1720 if (!((ia->ia_type == D6_OPTION_IA_PD && ia->prefix_len) || 1721 !IN6_IS_ADDR_UNSPECIFIED(&ia->addr))) 1722 continue; 1723 a = ipv6_newaddr(ifp, &ia->addr, 1724 /* 1725 * RFC 5942 Section 5 1726 * We cannot assume any prefix length, nor tie the 1727 * address to an existing one as it could expire 1728 * before the address. 1729 * As such we just give it a 128 prefix. 1730 */ 1731 ia->ia_type == D6_OPTION_IA_PD ? ia->prefix_len : 128, 1732 IPV6_AF_REQUEST); 1733 if (a == NULL) 1734 continue; 1735 a->dadcallback = dhcp6_dadcallback; 1736 memcpy(&a->iaid, &ia->iaid, sizeof(a->iaid)); 1737 a->ia_type = ia->ia_type; 1738 TAILQ_INSERT_TAIL(&state->addrs, a, next); 1739 } 1740 } 1741 1742 static void 1743 dhcp6_startdiscover(void *arg) 1744 { 1745 struct interface *ifp; 1746 struct if_options *ifo; 1747 struct dhcp6_state *state; 1748 int llevel; 1749 struct ipv6_addr *ia; 1750 1751 ifp = arg; 1752 state = D6_STATE(ifp); 1753 ifo = ifp->options; 1754 #ifndef SMALL 1755 if (state->reason == NULL || strcmp(state->reason, "TIMEOUT6") != 0) 1756 dhcp6_delete_delegates(ifp); 1757 #endif 1758 /* Ensure we never request INFO_REFRESH_TIME, 1759 * this only belongs in Information-Request messages */ 1760 del_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 1761 1762 if (state->new == NULL && !state->failed) 1763 llevel = LOG_INFO; 1764 else 1765 llevel = LOG_DEBUG; 1766 logmessage(llevel, "%s: soliciting a DHCPv6 lease", ifp->name); 1767 state->state = DH6S_DISCOVER; 1768 state->RTC = 0; 1769 state->IMD = SOL_MAX_DELAY; 1770 state->IRT = SOL_TIMEOUT; 1771 state->MRT = state->sol_max_rt; 1772 state->MRC = SOL_MAX_RC; 1773 1774 /* If we fail to renew or confirm, our requested addreses will 1775 * be marked as stale. 1776 To re-request them, just mark them as not stale. */ 1777 TAILQ_FOREACH(ia, &state->addrs, next) { 1778 if (ia->flags & IPV6_AF_REQUEST) 1779 ia->flags &= ~IPV6_AF_STALE; 1780 } 1781 1782 if (dhcp6_makemessage(ifp) == -1) 1783 logerr("%s: %s", __func__, ifp->name); 1784 else 1785 dhcp6_senddiscover(ifp); 1786 } 1787 1788 static void 1789 dhcp6_startinform(void *arg) 1790 { 1791 struct interface *ifp; 1792 struct dhcp6_state *state; 1793 int llevel; 1794 struct if_options *ifo; 1795 1796 ifp = arg; 1797 state = D6_STATE(ifp); 1798 ifo = ifp->options; 1799 llevel = state->failed ? LOG_DEBUG : LOG_INFO; 1800 logmessage(llevel, "%s: requesting DHCPv6 information", ifp->name); 1801 state->state = DH6S_INFORM; 1802 state->RTC = 0; 1803 state->IMD = INF_MAX_DELAY; 1804 state->IRT = INF_TIMEOUT; 1805 state->MRT = state->inf_max_rt; 1806 state->MRC = 0; 1807 1808 /* Ensure we always request INFO_REFRESH_TIME as per rfc8415 */ 1809 add_option_mask(ifo->requestmask6, D6_OPTION_INFO_REFRESH_TIME); 1810 1811 if (dhcp6_makemessage(ifp) == -1) { 1812 logerr("%s: %s", __func__, ifp->name); 1813 return; 1814 } 1815 dhcp6_sendinform(ifp); 1816 /* RFC3315 18.1.2 says that if CONFIRM failed then the prior addresses 1817 * SHOULD be used. The wording here is poor, because the addresses are 1818 * merely one facet of the lease as a whole. 1819 * This poor wording might explain the lack of similar text for INFORM 1820 * in 18.1.5 because there are no addresses in the INFORM message. */ 1821 if (!state->failed) 1822 eloop_timeout_add_sec(ifp->ctx->eloop, 1823 INF_MAX_RD, dhcp6_failinform, ifp); 1824 } 1825 1826 static bool 1827 dhcp6_startdiscoinform(struct interface *ifp) 1828 { 1829 unsigned long long opts = ifp->options->options; 1830 1831 if (opts & DHCPCD_IA_FORCED || ipv6nd_hasradhcp(ifp, true)) 1832 dhcp6_startdiscover(ifp); 1833 else if (opts & DHCPCD_INFORM6 || ipv6nd_hasradhcp(ifp, false)) 1834 dhcp6_startinform(ifp); 1835 else 1836 return false; 1837 return true; 1838 } 1839 1840 static void 1841 dhcp6_fail(struct interface *ifp, bool drop) 1842 { 1843 struct dhcp6_state *state = D6_STATE(ifp); 1844 1845 state->failed = true; 1846 1847 if (drop) { 1848 dhcp6_freedrop_addrs(ifp, 1, 1849 IPV6_AF_DELEGATED | IPV6_AF_PFXDELEGATION, NULL); 1850 #ifndef SMALL 1851 dhcp6_delete_delegates(ifp); 1852 #endif 1853 free(state->old); 1854 state->old = state->new; 1855 state->old_len = state->new_len; 1856 state->new = NULL; 1857 state->new_len = 0; 1858 if (state->old != NULL) 1859 script_runreason(ifp, "EXPIRE6"); 1860 dhcp_unlink(ifp->ctx, state->leasefile); 1861 dhcp6_addrequestedaddrs(ifp); 1862 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1863 } else if ((state->state == DH6S_CONFIRM || state->state == DH6S_REBIND) && 1864 ifp->options->options & DHCPCD_LASTLEASE) { 1865 dhcp6_bind(ifp, NULL, NULL); 1866 state->state = DH6S_REBIND; 1867 dhcp6_startrebind(ifp); 1868 return; 1869 } else if (state->new) { 1870 script_runreason(ifp, "TIMEOUT6"); 1871 // We need to keep the expire timeout alive 1872 } 1873 1874 if (!dhcp6_startdiscoinform(ifp)) { 1875 logwarnx("%s: no advertising IPv6 router wants DHCP",ifp->name); 1876 state->state = DH6S_INIT; 1877 } 1878 } 1879 1880 static int 1881 dhcp6_failloglevel(struct interface *ifp) 1882 { 1883 const struct dhcp6_state *state = D6_CSTATE(ifp); 1884 1885 return state->failed ? LOG_DEBUG : LOG_ERR; 1886 } 1887 1888 static void 1889 dhcp6_failconfirm(void *arg) 1890 { 1891 struct interface *ifp = arg; 1892 int llevel = dhcp6_failloglevel(ifp); 1893 1894 logmessage(llevel, "%s: failed to confirm prior DHCPv6 address", 1895 ifp->name); 1896 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendconfirm, ifp); 1897 1898 /* RFC8415 18.2.3 says that prior addresses SHOULD be used on failure. */ 1899 dhcp6_fail(ifp, false); 1900 } 1901 1902 static void 1903 dhcp6_failrequest(void *arg) 1904 { 1905 struct interface *ifp = arg; 1906 int llevel = dhcp6_failloglevel(ifp); 1907 1908 logmessage(llevel, "%s: failed to request DHCPv6 address", ifp->name); 1909 dhcp6_fail(ifp, true); 1910 } 1911 1912 static void 1913 dhcp6_failinform(void *arg) 1914 { 1915 struct interface *ifp = arg; 1916 int llevel = dhcp6_failloglevel(ifp); 1917 1918 logmessage(llevel, "%s: failed to request DHCPv6 information", 1919 ifp->name); 1920 dhcp6_fail(ifp, true); 1921 } 1922 1923 #ifndef SMALL 1924 static void 1925 dhcp6_failrebindpd(void *arg) 1926 { 1927 struct interface *ifp = arg; 1928 1929 logerrx("%s: failed to rebind prior DHCPv6 delegation", ifp->name); 1930 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrebind, ifp); 1931 1932 /* RFC8415 18.2.3 says that prior addresses SHOULD be used on failure. 1933 * 18.2 says REBIND rather than CONFIRM with PD but use CONFIRM timings. */ 1934 dhcp6_fail(ifp, false); 1935 } 1936 1937 static int 1938 dhcp6_hasprefixdelegation(struct interface *ifp) 1939 { 1940 size_t i; 1941 uint16_t t; 1942 1943 t = 0; 1944 for (i = 0; i < ifp->options->ia_len; i++) { 1945 if (t && t != ifp->options->ia[i].ia_type) { 1946 if (t == D6_OPTION_IA_PD || 1947 ifp->options->ia[i].ia_type == D6_OPTION_IA_PD) 1948 return 2; 1949 } 1950 t = ifp->options->ia[i].ia_type; 1951 } 1952 return t == D6_OPTION_IA_PD ? 1 : 0; 1953 } 1954 #endif 1955 1956 static void 1957 dhcp6_startrebind(void *arg) 1958 { 1959 struct interface *ifp; 1960 struct dhcp6_state *state; 1961 1962 ifp = arg; 1963 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrenew, ifp); 1964 state = D6_STATE(ifp); 1965 1966 state->IMD = REB_MAX_DELAY; 1967 state->IRT = REB_TIMEOUT; 1968 state->MRT = REB_MAX_RT; 1969 state->RTC = 0; 1970 state->MRC = 0; 1971 1972 if (state->state == DH6S_RENEW) 1973 logwarnx("%s: failed to renew DHCPv6, rebinding", ifp->name); 1974 else { 1975 loginfox("%s: rebinding prior DHCPv6 lease", ifp->name); 1976 1977 #ifndef SMALL 1978 /* RFC 8415 18.2.5 */ 1979 if (dhcp6_hasprefixdelegation(ifp)) { 1980 state->IMD = CNF_MAX_DELAY; 1981 state->IRT = CNF_TIMEOUT; 1982 state->MRT = CNF_MAX_RT; 1983 eloop_timeout_add_sec(ifp->ctx->eloop, 1984 CNF_MAX_RD, dhcp6_failrebindpd, ifp); 1985 } 1986 #endif 1987 } 1988 1989 state->state = DH6S_REBIND; 1990 if (dhcp6_makemessage(ifp) == -1) 1991 logerr("%s: %s", __func__, ifp->name); 1992 else 1993 dhcp6_sendrebind(ifp); 1994 } 1995 1996 static void 1997 dhcp6_startrequest(struct interface *ifp) 1998 { 1999 struct dhcp6_state *state; 2000 2001 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_senddiscover, ifp); 2002 state = D6_STATE(ifp); 2003 state->state = DH6S_REQUEST; 2004 state->RTC = 0; 2005 state->IMD = 0; 2006 state->IRT = REQ_TIMEOUT; 2007 state->MRT = REQ_MAX_RT; 2008 state->MRC = REQ_MAX_RC; 2009 state->MRCcallback = dhcp6_failrequest; 2010 2011 if (dhcp6_makemessage(ifp) == -1) { 2012 logerr("%s: %s", __func__, ifp->name); 2013 return; 2014 } 2015 2016 dhcp6_sendrequest(ifp); 2017 } 2018 2019 static void 2020 dhcp6_startconfirm(struct interface *ifp) 2021 { 2022 struct dhcp6_state *state; 2023 struct ipv6_addr *ia; 2024 2025 state = D6_STATE(ifp); 2026 2027 TAILQ_FOREACH(ia, &state->addrs, next) { 2028 if (!DECLINE_IA(ia)) 2029 continue; 2030 logerrx("%s: prior DHCPv6 has a duplicated address", ifp->name); 2031 dhcp6_startdecline(ifp); 2032 return; 2033 } 2034 2035 state->state = DH6S_CONFIRM; 2036 state->RTC = 0; 2037 state->IMD = CNF_MAX_DELAY; 2038 state->IRT = CNF_TIMEOUT; 2039 state->MRT = CNF_MAX_RT; 2040 state->MRC = CNF_MAX_RC; 2041 2042 loginfox("%s: confirming prior DHCPv6 lease", ifp->name); 2043 2044 if (dhcp6_makemessage(ifp) == -1) { 2045 logerr("%s: %s", __func__, ifp->name); 2046 return; 2047 } 2048 dhcp6_sendconfirm(ifp); 2049 eloop_timeout_add_sec(ifp->ctx->eloop, 2050 CNF_MAX_RD, dhcp6_failconfirm, ifp); 2051 } 2052 2053 static void 2054 dhcp6_startexpire(void *arg) 2055 { 2056 struct interface *ifp; 2057 2058 ifp = arg; 2059 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendrebind, ifp); 2060 2061 logerrx("%s: DHCPv6 lease expired", ifp->name); 2062 dhcp6_fail(ifp, true); 2063 } 2064 2065 static void 2066 dhcp6_faildecline(void *arg) 2067 { 2068 struct interface *ifp = arg; 2069 2070 logerrx("%s: failed to decline duplicated DHCPv6 addresses", ifp->name); 2071 dhcp6_fail(ifp, true); 2072 } 2073 2074 static void 2075 dhcp6_startdecline(struct interface *ifp) 2076 { 2077 struct dhcp6_state *state; 2078 2079 state = D6_STATE(ifp); 2080 loginfox("%s: declining failed DHCPv6 addresses", ifp->name); 2081 state->state = DH6S_DECLINE; 2082 state->RTC = 0; 2083 state->IMD = 0; 2084 state->IRT = DEC_TIMEOUT; 2085 state->MRT = 0; 2086 state->MRC = DEC_MAX_RC; 2087 state->MRCcallback = dhcp6_faildecline; 2088 2089 if (dhcp6_makemessage(ifp) == -1) 2090 logerr("%s: %s", __func__, ifp->name); 2091 else 2092 dhcp6_senddecline(ifp); 2093 } 2094 2095 static void 2096 dhcp6_finishrelease(void *arg) 2097 { 2098 struct interface *ifp; 2099 struct dhcp6_state *state; 2100 2101 ifp = (struct interface *)arg; 2102 if ((state = D6_STATE(ifp)) != NULL) { 2103 state->state = DH6S_RELEASED; 2104 dhcp6_drop(ifp, "RELEASE6"); 2105 } 2106 } 2107 2108 static void 2109 dhcp6_startrelease(struct interface *ifp) 2110 { 2111 struct dhcp6_state *state; 2112 2113 state = D6_STATE(ifp); 2114 if (state->state != DH6S_BOUND) { 2115 dhcp6_finishrelease(ifp); 2116 return; 2117 } 2118 2119 state->state = DH6S_RELEASE; 2120 state->RTC = 0; 2121 state->IMD = REL_MAX_DELAY; 2122 state->IRT = REL_TIMEOUT; 2123 state->MRT = REL_MAX_RT; 2124 state->MRC = REL_MAX_RC; 2125 state->MRCcallback = dhcp6_finishrelease; 2126 2127 if (dhcp6_makemessage(ifp) == -1) { 2128 logerr("%s: %s", __func__, ifp->name); 2129 /* not much we can do apart from finish now */ 2130 dhcp6_finishrelease(ifp); 2131 } else 2132 dhcp6_sendrelease(ifp); 2133 } 2134 2135 static int 2136 dhcp6_checkstatusok(const struct interface *ifp, 2137 struct dhcp6_message *m, uint8_t *p, size_t len) 2138 { 2139 struct dhcp6_state *state; 2140 uint8_t *opt; 2141 uint16_t opt_len, code; 2142 size_t mlen; 2143 void * (*f)(void *, size_t, uint16_t, uint16_t *), *farg; 2144 char buf[32], *sbuf; 2145 const char *status; 2146 int loglevel; 2147 2148 state = D6_STATE(ifp); 2149 f = p ? dhcp6_findoption : dhcp6_findmoption; 2150 if (p) 2151 farg = p; 2152 else 2153 farg = m; 2154 if ((opt = f(farg, len, D6_OPTION_STATUS_CODE, &opt_len)) == NULL) { 2155 //logdebugx("%s: no status", ifp->name); 2156 state->lerror = 0; 2157 errno = ESRCH; 2158 return 0; 2159 } 2160 2161 if (opt_len < sizeof(code)) { 2162 logerrx("%s: status truncated", ifp->name); 2163 return -1; 2164 } 2165 memcpy(&code, opt, sizeof(code)); 2166 code = ntohs(code); 2167 if (code == D6_STATUS_OK) { 2168 state->lerror = 0; 2169 errno = 0; 2170 return 0; 2171 } 2172 2173 /* Anything after the code is a message. */ 2174 opt += sizeof(code); 2175 mlen = opt_len - sizeof(code); 2176 if (mlen == 0) { 2177 sbuf = NULL; 2178 if (code < sizeof(dhcp6_statuses) / sizeof(char *)) 2179 status = dhcp6_statuses[code]; 2180 else { 2181 snprintf(buf, sizeof(buf), "Unknown Status (%d)", code); 2182 status = buf; 2183 } 2184 } else { 2185 if ((sbuf = malloc(mlen + 1)) == NULL) { 2186 logerr(__func__); 2187 return -1; 2188 } 2189 memcpy(sbuf, opt, mlen); 2190 sbuf[mlen] = '\0'; 2191 status = sbuf; 2192 } 2193 2194 if (state->lerror == code || state->state == DH6S_INIT) 2195 loglevel = LOG_DEBUG; 2196 else 2197 loglevel = LOG_ERR; 2198 logmessage(loglevel, "%s: DHCPv6 REPLY: %s", ifp->name, status); 2199 free(sbuf); 2200 state->lerror = code; 2201 errno = 0; 2202 2203 /* RFC 8415 18.2.10 */ 2204 if (code == D6_STATUS_USEMULTICAST) { 2205 logdebugx("%s: server sent USEMULTICAST", ifp->name); 2206 state->unicast = in6addr_any; 2207 } 2208 2209 /* code cannot be D6_STATUS_OK, so there is a failure */ 2210 if (ifp->ctx->options & DHCPCD_TEST) 2211 eloop_exit(ifp->ctx->eloop, EXIT_FAILURE); 2212 2213 return (int)code; 2214 } 2215 2216 const struct ipv6_addr * 2217 dhcp6_iffindaddr(const struct interface *ifp, const struct in6_addr *addr, 2218 unsigned int flags) 2219 { 2220 const struct dhcp6_state *state; 2221 const struct ipv6_addr *ap; 2222 2223 if ((state = D6_STATE(ifp)) != NULL) { 2224 TAILQ_FOREACH(ap, &state->addrs, next) { 2225 if (ipv6_findaddrmatch(ap, addr, flags)) 2226 return ap; 2227 } 2228 } 2229 return NULL; 2230 } 2231 2232 struct ipv6_addr * 2233 dhcp6_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr, 2234 unsigned int flags) 2235 { 2236 struct interface *ifp; 2237 struct ipv6_addr *ap; 2238 struct dhcp6_state *state; 2239 2240 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 2241 if ((state = D6_STATE(ifp)) != NULL) { 2242 TAILQ_FOREACH(ap, &state->addrs, next) { 2243 if (ipv6_findaddrmatch(ap, addr, flags)) 2244 return ap; 2245 } 2246 } 2247 } 2248 return NULL; 2249 } 2250 2251 static int 2252 dhcp6_findna(struct interface *ifp, uint16_t ot, const uint8_t *iaid, 2253 uint8_t *d, size_t l, const struct timespec *acquired) 2254 { 2255 struct dhcp6_state *state; 2256 uint8_t *o, *nd; 2257 uint16_t ol; 2258 struct ipv6_addr *a; 2259 int i; 2260 struct dhcp6_ia_addr ia; 2261 2262 i = 0; 2263 state = D6_STATE(ifp); 2264 while ((o = dhcp6_findoption(d, l, D6_OPTION_IA_ADDR, &ol))) { 2265 /* Set d and l first to ensure we find the next option. */ 2266 nd = o + ol; 2267 l -= (size_t)(nd - d); 2268 d = nd; 2269 if (ol < sizeof(ia)) { 2270 errno = EINVAL; 2271 logerrx("%s: IA Address option truncated", ifp->name); 2272 continue; 2273 } 2274 memcpy(&ia, o, sizeof(ia)); 2275 ia.pltime = ntohl(ia.pltime); 2276 ia.vltime = ntohl(ia.vltime); 2277 /* RFC 3315 22.6 */ 2278 if (ia.pltime > ia.vltime) { 2279 errno = EINVAL; 2280 logerr("%s: IA Address pltime %"PRIu32 2281 " > vltime %"PRIu32, 2282 ifp->name, ia.pltime, ia.vltime); 2283 continue; 2284 } 2285 TAILQ_FOREACH(a, &state->addrs, next) { 2286 if (ipv6_findaddrmatch(a, &ia.addr, 0)) 2287 break; 2288 } 2289 if (a == NULL) { 2290 /* 2291 * RFC 5942 Section 5 2292 * We cannot assume any prefix length, nor tie the 2293 * address to an existing one as it could expire 2294 * before the address. 2295 * As such we just give it a 128 prefix. 2296 */ 2297 a = ipv6_newaddr(ifp, &ia.addr, 128, IPV6_AF_ONLINK); 2298 a->dadcallback = dhcp6_dadcallback; 2299 a->ia_type = ot; 2300 memcpy(a->iaid, iaid, sizeof(a->iaid)); 2301 a->created = *acquired; 2302 2303 TAILQ_INSERT_TAIL(&state->addrs, a, next); 2304 } else { 2305 if (!(a->flags & IPV6_AF_ONLINK)) 2306 a->flags |= IPV6_AF_ONLINK | IPV6_AF_NEW; 2307 a->flags &= ~(IPV6_AF_STALE | IPV6_AF_EXTENDED); 2308 } 2309 a->acquired = *acquired; 2310 a->prefix_pltime = ia.pltime; 2311 if (a->prefix_vltime != ia.vltime) { 2312 a->flags |= IPV6_AF_NEW; 2313 a->prefix_vltime = ia.vltime; 2314 } 2315 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 2316 state->lowpl = a->prefix_pltime; 2317 if (a->prefix_vltime && a->prefix_vltime > state->expire) 2318 state->expire = a->prefix_vltime; 2319 i++; 2320 } 2321 return i; 2322 } 2323 2324 #ifndef SMALL 2325 static int 2326 dhcp6_findpd(struct interface *ifp, const uint8_t *iaid, 2327 uint8_t *d, size_t l, const struct timespec *acquired) 2328 { 2329 struct dhcp6_state *state; 2330 uint8_t *o, *nd; 2331 struct ipv6_addr *a; 2332 int i; 2333 uint8_t nb, *pw; 2334 uint16_t ol; 2335 uint32_t pdp_vltime, pdp_pltime; 2336 uint8_t pdp_plen; 2337 struct in6_addr pdp_prefix; 2338 2339 i = 0; 2340 state = D6_STATE(ifp); 2341 while ((o = dhcp6_findoption(d, l, D6_OPTION_IAPREFIX, &ol))) { 2342 /* Set d and l first to ensure we find the next option. */ 2343 nd = o + ol; 2344 l -= (size_t)(nd - d); 2345 d = nd; 2346 if (ol < DHCP6_PD_ADDR_SIZE) { 2347 errno = EINVAL; 2348 logerrx("%s: IA Prefix option truncated", ifp->name); 2349 continue; 2350 } 2351 2352 memcpy(&pdp_pltime, o, sizeof(pdp_pltime)); 2353 o += sizeof(pdp_pltime); 2354 memcpy(&pdp_vltime, o, sizeof(pdp_vltime)); 2355 o += sizeof(pdp_vltime); 2356 memcpy(&pdp_plen, o, sizeof(pdp_plen)); 2357 o += sizeof(pdp_plen); 2358 2359 pdp_pltime = ntohl(pdp_pltime); 2360 pdp_vltime = ntohl(pdp_vltime); 2361 /* RFC 3315 22.6 */ 2362 if (pdp_pltime > pdp_vltime) { 2363 errno = EINVAL; 2364 logerrx("%s: IA Prefix pltime %"PRIu32 2365 " > vltime %"PRIu32, 2366 ifp->name, pdp_pltime, pdp_vltime); 2367 continue; 2368 } 2369 2370 memcpy(&pdp_prefix, o, sizeof(pdp_prefix)); 2371 o += sizeof(pdp_prefix); 2372 ol = (uint16_t)(ol - sizeof(pdp_pltime) - sizeof(pdp_vltime) - 2373 sizeof(pdp_plen) - sizeof(pdp_prefix)); 2374 2375 TAILQ_FOREACH(a, &state->addrs, next) { 2376 if (IN6_ARE_ADDR_EQUAL(&a->prefix, &pdp_prefix)) 2377 break; 2378 } 2379 2380 if (a == NULL) { 2381 a = ipv6_newaddr(ifp, &pdp_prefix, pdp_plen, 2382 IPV6_AF_PFXDELEGATION); 2383 if (a == NULL) 2384 break; 2385 a->created = *acquired; 2386 a->dadcallback = dhcp6_dadcallback; 2387 a->ia_type = D6_OPTION_IA_PD; 2388 memcpy(a->iaid, iaid, sizeof(a->iaid)); 2389 TAILQ_INSERT_TAIL(&state->addrs, a, next); 2390 } else { 2391 if (!(a->flags & IPV6_AF_PFXDELEGATION)) 2392 a->flags |= IPV6_AF_NEW | IPV6_AF_PFXDELEGATION; 2393 a->flags &= ~(IPV6_AF_STALE | IPV6_AF_EXTENDED); 2394 if (a->prefix_vltime != pdp_vltime) 2395 a->flags |= IPV6_AF_NEW; 2396 } 2397 2398 a->acquired = *acquired; 2399 a->prefix_pltime = pdp_pltime; 2400 a->prefix_vltime = pdp_vltime; 2401 2402 if (a->prefix_pltime && a->prefix_pltime < state->lowpl) 2403 state->lowpl = a->prefix_pltime; 2404 if (a->prefix_vltime && a->prefix_vltime > state->expire) 2405 state->expire = a->prefix_vltime; 2406 i++; 2407 2408 a->prefix_exclude_len = 0; 2409 memset(&a->prefix_exclude, 0, sizeof(a->prefix_exclude)); 2410 o = dhcp6_findoption(o, ol, D6_OPTION_PD_EXCLUDE, &ol); 2411 if (o == NULL) 2412 continue; 2413 2414 /* RFC 6603 4.2 says option length MUST be between 2 and 17. 2415 * This allows 1 octet for prefix length and 16 for the 2416 * subnet ID. */ 2417 if (ol < 2 || ol > 17) { 2418 logerrx("%s: invalid PD Exclude option", ifp->name); 2419 continue; 2420 } 2421 2422 /* RFC 6603 4.2 says prefix length MUST be between the 2423 * length of the IAPREFIX prefix length + 1 and 128. */ 2424 if (*o < a->prefix_len + 1 || *o > 128) { 2425 logerrx("%s: invalid PD Exclude length", ifp->name); 2426 continue; 2427 } 2428 2429 ol--; 2430 /* Check option length matches prefix length. */ 2431 if (((*o - a->prefix_len - 1) / NBBY) + 1 != ol) { 2432 logerrx("%s: PD Exclude length mismatch", ifp->name); 2433 continue; 2434 } 2435 a->prefix_exclude_len = *o++; 2436 2437 memcpy(&a->prefix_exclude, &a->prefix, 2438 sizeof(a->prefix_exclude)); 2439 nb = a->prefix_len % NBBY; 2440 if (nb) 2441 ol--; 2442 pw = a->prefix_exclude.s6_addr + 2443 (a->prefix_exclude_len / NBBY) - 1; 2444 while (ol-- > 0) 2445 *pw-- = *o++; 2446 if (nb) 2447 *pw = (uint8_t)(*pw | (*o >> nb)); 2448 } 2449 return i; 2450 } 2451 #endif 2452 2453 static int 2454 dhcp6_findia(struct interface *ifp, struct dhcp6_message *m, size_t l, 2455 const char *sfrom, const struct timespec *acquired) 2456 { 2457 struct dhcp6_state *state; 2458 const struct if_options *ifo; 2459 struct dhcp6_option o; 2460 uint8_t *d, *p; 2461 struct dhcp6_ia_na ia; 2462 int i, e, error; 2463 size_t j; 2464 uint16_t nl; 2465 uint8_t iaid[4]; 2466 char buf[sizeof(iaid) * 3]; 2467 struct ipv6_addr *ap; 2468 struct if_ia *ifia; 2469 2470 if (l < sizeof(*m)) { 2471 /* Should be impossible with guards at packet in 2472 * and reading leases */ 2473 errno = EINVAL; 2474 return -1; 2475 } 2476 2477 ifo = ifp->options; 2478 i = e = 0; 2479 state = D6_STATE(ifp); 2480 TAILQ_FOREACH(ap, &state->addrs, next) { 2481 /* Anything not from a lease for this interface should be 2482 * marked as stale. */ 2483 if (!(ap->flags & IPV6_AF_DELEGATED)) 2484 ap->flags |= IPV6_AF_STALE; 2485 } 2486 2487 d = (uint8_t *)m + sizeof(*m); 2488 l -= sizeof(*m); 2489 while (l > sizeof(o)) { 2490 memcpy(&o, d, sizeof(o)); 2491 o.len = ntohs(o.len); 2492 if (o.len > l || sizeof(o) + o.len > l) { 2493 errno = EINVAL; 2494 logerrx("%s: option overflow", ifp->name); 2495 break; 2496 } 2497 p = d + sizeof(o); 2498 d = p + o.len; 2499 l -= sizeof(o) + o.len; 2500 2501 o.code = ntohs(o.code); 2502 switch(o.code) { 2503 case D6_OPTION_IA_TA: 2504 nl = 4; 2505 break; 2506 case D6_OPTION_IA_NA: 2507 case D6_OPTION_IA_PD: 2508 nl = 12; 2509 break; 2510 default: 2511 continue; 2512 } 2513 if (o.len < nl) { 2514 errno = EINVAL; 2515 logerrx("%s: IA option truncated", ifp->name); 2516 continue; 2517 } 2518 2519 memcpy(&ia, p, nl); 2520 p += nl; 2521 o.len = (uint16_t)(o.len - nl); 2522 2523 for (j = 0; j < ifo->ia_len; j++) { 2524 ifia = &ifo->ia[j]; 2525 if (ifia->ia_type == o.code && 2526 memcmp(ifia->iaid, ia.iaid, sizeof(ia.iaid)) == 0) 2527 break; 2528 } 2529 if (j == ifo->ia_len && 2530 !(ifo->ia_len == 0 && ifp->ctx->options & DHCPCD_DUMPLEASE)) 2531 { 2532 logdebugx("%s: ignoring unrequested IAID %s", 2533 ifp->name, 2534 hwaddr_ntoa(ia.iaid, sizeof(ia.iaid), 2535 buf, sizeof(buf))); 2536 continue; 2537 } 2538 2539 if (o.code != D6_OPTION_IA_TA) { 2540 ia.t1 = ntohl(ia.t1); 2541 ia.t2 = ntohl(ia.t2); 2542 /* RFC 3315 22.4 */ 2543 if (ia.t2 > 0 && ia.t1 > ia.t2) { 2544 logwarnx("%s: IAID %s T1(%d) > T2(%d) from %s", 2545 ifp->name, 2546 hwaddr_ntoa(iaid, sizeof(iaid), buf, 2547 sizeof(buf)), 2548 ia.t1, ia.t2, sfrom); 2549 continue; 2550 } 2551 } else 2552 ia.t1 = ia.t2 = 0; /* appease gcc */ 2553 if ((error = dhcp6_checkstatusok(ifp, NULL, p, o.len)) != 0) { 2554 if (error == D6_STATUS_NOBINDING) 2555 state->has_no_binding = true; 2556 e = 1; 2557 continue; 2558 } 2559 if (o.code == D6_OPTION_IA_PD) { 2560 #ifndef SMALL 2561 if (dhcp6_findpd(ifp, ia.iaid, p, o.len, 2562 acquired) == 0) 2563 { 2564 logwarnx("%s: %s: DHCPv6 REPLY missing Prefix", 2565 ifp->name, sfrom); 2566 continue; 2567 } 2568 #endif 2569 } else { 2570 if (dhcp6_findna(ifp, o.code, ia.iaid, p, o.len, 2571 acquired) == 0) 2572 { 2573 logwarnx("%s: %s: DHCPv6 REPLY missing " 2574 "IA Address", 2575 ifp->name, sfrom); 2576 continue; 2577 } 2578 } 2579 if (o.code != D6_OPTION_IA_TA) { 2580 if (ia.t1 != 0 && 2581 (ia.t1 < state->renew || state->renew == 0)) 2582 state->renew = ia.t1; 2583 if (ia.t2 != 0 && 2584 (ia.t2 < state->rebind || state->rebind == 0)) 2585 state->rebind = ia.t2; 2586 } 2587 i++; 2588 } 2589 2590 if (i == 0 && e) 2591 return -1; 2592 return i; 2593 } 2594 2595 #ifndef SMALL 2596 static void 2597 dhcp6_deprecatedele(struct ipv6_addr *ia) 2598 { 2599 struct ipv6_addr *da, *dan, *dda; 2600 struct timespec now; 2601 struct dhcp6_state *state; 2602 2603 timespecclear(&now); 2604 TAILQ_FOREACH_SAFE(da, &ia->pd_pfxs, pd_next, dan) { 2605 if (ia->prefix_vltime == 0) { 2606 if (da->prefix_vltime != 0) 2607 da->prefix_vltime = 0; 2608 else 2609 continue; 2610 } else if (da->prefix_pltime != 0) 2611 da->prefix_pltime = 0; 2612 else 2613 continue; 2614 2615 if (ipv6_doaddr(da, &now) != -1) 2616 continue; 2617 2618 /* Delegation deleted, forget it. */ 2619 TAILQ_REMOVE(&ia->pd_pfxs, da, pd_next); 2620 2621 /* Delete it from the interface. */ 2622 state = D6_STATE(da->iface); 2623 TAILQ_FOREACH(dda, &state->addrs, next) { 2624 if (IN6_ARE_ADDR_EQUAL(&dda->addr, &da->addr)) 2625 break; 2626 } 2627 if (dda != NULL) { 2628 TAILQ_REMOVE(&state->addrs, dda, next); 2629 ipv6_freeaddr(dda); 2630 } 2631 } 2632 } 2633 #endif 2634 2635 static void 2636 dhcp6_deprecateaddrs(struct ipv6_addrhead *addrs) 2637 { 2638 struct ipv6_addr *ia, *ian; 2639 2640 TAILQ_FOREACH_SAFE(ia, addrs, next, ian) { 2641 if (ia->flags & IPV6_AF_EXTENDED) 2642 ; 2643 else if (ia->flags & IPV6_AF_STALE) { 2644 if (ia->prefix_vltime != 0) 2645 logdebugx("%s: %s: became stale", 2646 ia->iface->name, ia->saddr); 2647 /* Technically this violates RFC 8415 18.2.10.1, 2648 * but we need a mechanism to tell the kernel to 2649 * try and prefer other addresses. */ 2650 ia->prefix_pltime = 0; 2651 } else if (ia->prefix_vltime == 0) 2652 loginfox("%s: %s: no valid lifetime", 2653 ia->iface->name, ia->saddr); 2654 else 2655 continue; 2656 2657 #ifndef SMALL 2658 /* If we delegated from this prefix, deprecate or remove 2659 * the delegations. */ 2660 if (ia->flags & IPV6_AF_PFXDELEGATION) 2661 dhcp6_deprecatedele(ia); 2662 #endif 2663 2664 if (ia->flags & IPV6_AF_REQUEST) { 2665 ia->prefix_vltime = ia->prefix_pltime = 0; 2666 eloop_q_timeout_delete(ia->iface->ctx->eloop, 2667 ELOOP_QUEUE_ALL, NULL, ia); 2668 continue; 2669 } 2670 TAILQ_REMOVE(addrs, ia, next); 2671 if (!(ia->flags & IPV6_AF_EXTENDED)) 2672 ipv6_deleteaddr(ia); 2673 ipv6_freeaddr(ia); 2674 } 2675 } 2676 2677 static int 2678 dhcp6_validatelease(struct interface *ifp, 2679 struct dhcp6_message *m, size_t len, 2680 const char *sfrom, const struct timespec *acquired) 2681 { 2682 struct dhcp6_state *state; 2683 int nia, ok_errno; 2684 struct timespec aq; 2685 2686 if (len <= sizeof(*m)) { 2687 logerrx("%s: DHCPv6 lease truncated", ifp->name); 2688 return -1; 2689 } 2690 2691 state = D6_STATE(ifp); 2692 errno = 0; 2693 if (dhcp6_checkstatusok(ifp, m, NULL, len) != 0) 2694 return -1; 2695 ok_errno = errno; 2696 2697 state->renew = state->rebind = state->expire = 0; 2698 state->lowpl = ND6_INFINITE_LIFETIME; 2699 if (!acquired) { 2700 clock_gettime(CLOCK_MONOTONIC, &aq); 2701 acquired = &aq; 2702 } 2703 state->has_no_binding = false; 2704 nia = dhcp6_findia(ifp, m, len, sfrom, acquired); 2705 if (nia == 0 && state->state == DH6S_CONFIRM && ok_errno == 0 && 2706 state->new && state->new_len) 2707 { 2708 state->has_no_binding = false; 2709 nia = dhcp6_findia(ifp, state->new, state->new_len, 2710 sfrom, acquired); 2711 } 2712 if (nia == 0) { 2713 logerrx("%s: no useable IA found in lease", ifp->name); 2714 return -1; 2715 } 2716 return nia; 2717 } 2718 2719 static ssize_t 2720 dhcp6_readlease(struct interface *ifp, int validate) 2721 { 2722 union { 2723 struct dhcp6_message dhcp6; 2724 uint8_t buf[UDPLEN_MAX]; 2725 } buf; 2726 struct dhcp6_state *state; 2727 ssize_t bytes; 2728 int fd; 2729 time_t mtime, now; 2730 #ifdef AUTH 2731 uint8_t *o; 2732 uint16_t ol; 2733 #endif 2734 2735 state = D6_STATE(ifp); 2736 if (state->leasefile[0] == '\0') { 2737 logdebugx("reading standard input"); 2738 bytes = read(fileno(stdin), buf.buf, sizeof(buf.buf)); 2739 } else { 2740 logdebugx("%s: reading lease: %s", 2741 ifp->name, state->leasefile); 2742 bytes = dhcp_readfile(ifp->ctx, state->leasefile, 2743 buf.buf, sizeof(buf.buf)); 2744 } 2745 if (bytes == -1) 2746 goto ex; 2747 2748 if (ifp->ctx->options & DHCPCD_DUMPLEASE || state->leasefile[0] == '\0') 2749 goto out; 2750 2751 if (bytes == 0) 2752 goto ex; 2753 2754 /* If not validating IA's and if they have expired, 2755 * skip to the auth check. */ 2756 if (!validate) 2757 goto auth; 2758 2759 if (dhcp_filemtime(ifp->ctx, state->leasefile, &mtime) == -1) 2760 goto ex; 2761 clock_gettime(CLOCK_MONOTONIC, &state->acquired); 2762 if ((now = time(NULL)) == -1) 2763 goto ex; 2764 state->acquired.tv_sec -= now - mtime; 2765 2766 /* Check to see if the lease is still valid */ 2767 fd = dhcp6_validatelease(ifp, &buf.dhcp6, (size_t)bytes, NULL, 2768 &state->acquired); 2769 if (fd == -1) { 2770 bytes = 0; /* We have already reported the error */ 2771 goto ex; 2772 } 2773 2774 if (state->expire != ND6_INFINITE_LIFETIME && 2775 (time_t)state->expire < now - mtime) 2776 { 2777 logdebugx("%s: discarding expired lease", ifp->name); 2778 bytes = 0; 2779 goto ex; 2780 } 2781 2782 auth: 2783 #ifdef AUTH 2784 /* Authenticate the message */ 2785 o = dhcp6_findmoption(&buf.dhcp6, (size_t)bytes, D6_OPTION_AUTH, &ol); 2786 if (o) { 2787 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 2788 buf.buf, (size_t)bytes, 6, buf.dhcp6.type, o, ol) == NULL) 2789 { 2790 logerr("%s: authentication failed", ifp->name); 2791 bytes = 0; 2792 goto ex; 2793 } 2794 if (state->auth.token) 2795 logdebugx("%s: validated using 0x%08" PRIu32, 2796 ifp->name, state->auth.token->secretid); 2797 else 2798 loginfox("%s: accepted reconfigure key", ifp->name); 2799 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) == 2800 DHCPCD_AUTH_SENDREQUIRE) 2801 { 2802 logerrx("%s: authentication now required", ifp->name); 2803 goto ex; 2804 } 2805 #endif 2806 2807 out: 2808 free(state->new); 2809 state->new = malloc((size_t)bytes); 2810 if (state->new == NULL) { 2811 logerr(__func__); 2812 goto ex; 2813 } 2814 2815 memcpy(state->new, buf.buf, (size_t)bytes); 2816 state->new_len = (size_t)bytes; 2817 return bytes; 2818 2819 ex: 2820 dhcp6_freedrop_addrs(ifp, 0, IPV6_AF_DELEGATED, NULL); 2821 dhcp_unlink(ifp->ctx, state->leasefile); 2822 free(state->new); 2823 state->new = NULL; 2824 state->new_len = 0; 2825 dhcp6_addrequestedaddrs(ifp); 2826 return bytes == 0 ? 0 : -1; 2827 } 2828 2829 static void 2830 dhcp6_startinit(struct interface *ifp) 2831 { 2832 struct dhcp6_state *state; 2833 struct if_options *ifo; 2834 ssize_t r; 2835 uint8_t has_ta, has_non_ta; 2836 size_t i; 2837 2838 state = D6_STATE(ifp); 2839 ifo = ifp->options; 2840 state->expire = ND6_INFINITE_LIFETIME; 2841 state->lowpl = ND6_INFINITE_LIFETIME; 2842 2843 dhcp6_addrequestedaddrs(ifp); 2844 has_ta = has_non_ta = 0; 2845 for (i = 0; i < ifo->ia_len; i++) { 2846 switch (ifo->ia[i].ia_type) { 2847 case D6_OPTION_IA_TA: 2848 has_ta = 1; 2849 break; 2850 default: 2851 has_non_ta = 1; 2852 } 2853 } 2854 2855 if (!(ifp->ctx->options & DHCPCD_TEST) && 2856 !(has_ta && !has_non_ta) && 2857 ifo->reboot != 0) 2858 { 2859 r = dhcp6_readlease(ifp, 1); 2860 if (r == -1) { 2861 if (errno != ENOENT && errno != ESRCH) 2862 logerr("%s: %s", __func__, state->leasefile); 2863 } else if (r != 0 && 2864 !(ifo->options & DHCPCD_ANONYMOUS)) 2865 { 2866 /* RFC 3633 section 12.1 */ 2867 #ifndef SMALL 2868 if (state->state == DH6S_MANUALREBIND || 2869 dhcp6_hasprefixdelegation(ifp)) 2870 dhcp6_startrebind(ifp); 2871 else 2872 #endif 2873 dhcp6_startconfirm(ifp); 2874 return; 2875 } 2876 } 2877 dhcp6_startdiscoinform(ifp); 2878 } 2879 2880 #ifndef SMALL 2881 static struct ipv6_addr * 2882 dhcp6_ifdelegateaddr(struct interface *ifp, struct ipv6_addr *prefix, 2883 const struct if_sla *sla, struct if_ia *if_ia) 2884 { 2885 struct dhcp6_state *state; 2886 struct in6_addr addr, daddr; 2887 struct ipv6_addr *ia; 2888 int pfxlen, dadcounter; 2889 uint64_t vl; 2890 2891 /* RFC6603 Section 4.2 */ 2892 if (strcmp(ifp->name, prefix->iface->name) == 0) { 2893 if (prefix->prefix_exclude_len == 0) { 2894 /* Don't spam the log automatically */ 2895 if (sla != NULL) 2896 logwarnx("%s: DHCPv6 server does not support " 2897 "OPTION_PD_EXCLUDE", 2898 ifp->name); 2899 return NULL; 2900 } 2901 pfxlen = prefix->prefix_exclude_len; 2902 memcpy(&addr, &prefix->prefix_exclude, sizeof(addr)); 2903 } else if ((pfxlen = dhcp6_delegateaddr(&addr, ifp, prefix, 2904 sla, if_ia)) == -1) 2905 return NULL; 2906 2907 if (sla != NULL && fls64(sla->suffix) > 128 - pfxlen) { 2908 logerrx("%s: suffix %" PRIu64 " + prefix_len %d > 128", 2909 ifp->name, sla->suffix, pfxlen); 2910 return NULL; 2911 } 2912 2913 /* Add our suffix */ 2914 if (sla != NULL && sla->suffix != 0) { 2915 daddr = addr; 2916 vl = be64dec(addr.s6_addr + 8); 2917 vl |= sla->suffix; 2918 be64enc(daddr.s6_addr + 8, vl); 2919 } else { 2920 dadcounter = ipv6_makeaddr(&daddr, ifp, &addr, pfxlen, 0); 2921 if (dadcounter == -1) { 2922 logerrx("%s: error adding slaac to prefix_len %d", 2923 ifp->name, pfxlen); 2924 return NULL; 2925 } 2926 } 2927 2928 /* Find an existing address */ 2929 state = D6_STATE(ifp); 2930 TAILQ_FOREACH(ia, &state->addrs, next) { 2931 if (IN6_ARE_ADDR_EQUAL(&ia->addr, &daddr)) 2932 break; 2933 } 2934 if (ia == NULL) { 2935 ia = ipv6_newaddr(ifp, &daddr, (uint8_t)pfxlen, IPV6_AF_ONLINK); 2936 if (ia == NULL) 2937 return NULL; 2938 ia->dadcallback = dhcp6_dadcallback; 2939 memcpy(&ia->iaid, &prefix->iaid, sizeof(ia->iaid)); 2940 ia->created = prefix->acquired; 2941 2942 TAILQ_INSERT_TAIL(&state->addrs, ia, next); 2943 TAILQ_INSERT_TAIL(&prefix->pd_pfxs, ia, pd_next); 2944 } 2945 ia->delegating_prefix = prefix; 2946 ia->prefix = addr; 2947 ia->prefix_len = (uint8_t)pfxlen; 2948 ia->acquired = prefix->acquired; 2949 ia->prefix_pltime = prefix->prefix_pltime; 2950 ia->prefix_vltime = prefix->prefix_vltime; 2951 2952 /* If the prefix length hasn't changed, 2953 * don't install a reject route. */ 2954 if (prefix->prefix_len == pfxlen) 2955 prefix->flags |= IPV6_AF_NOREJECT; 2956 else 2957 prefix->flags &= ~IPV6_AF_NOREJECT; 2958 2959 return ia; 2960 } 2961 #endif 2962 2963 static void 2964 dhcp6_script_try_run(struct interface *ifp, int delegated) 2965 { 2966 struct dhcp6_state *state; 2967 struct ipv6_addr *ap; 2968 int completed; 2969 2970 state = D6_STATE(ifp); 2971 completed = 1; 2972 /* If all addresses have completed DAD run the script */ 2973 TAILQ_FOREACH(ap, &state->addrs, next) { 2974 if (!(ap->flags & IPV6_AF_ADDED)) 2975 continue; 2976 if (ap->flags & IPV6_AF_ONLINK) { 2977 if (!(ap->flags & IPV6_AF_DADCOMPLETED) && 2978 ipv6_iffindaddr(ap->iface, &ap->addr, 2979 IN6_IFF_TENTATIVE)) 2980 ap->flags |= IPV6_AF_DADCOMPLETED; 2981 if ((ap->flags & IPV6_AF_DADCOMPLETED) == 0 2982 #ifndef SMALL 2983 && ((delegated && ap->delegating_prefix) || 2984 (!delegated && !ap->delegating_prefix)) 2985 #endif 2986 ) 2987 { 2988 completed = 0; 2989 break; 2990 } 2991 } 2992 } 2993 if (completed) { 2994 script_runreason(ifp, delegated ? "DELEGATED6" : state->reason); 2995 if (!delegated) 2996 dhcpcd_daemonise(ifp->ctx); 2997 } else 2998 logdebugx("%s: waiting for DHCPv6 DAD to complete", ifp->name); 2999 } 3000 3001 #ifdef SMALL 3002 size_t 3003 dhcp6_find_delegates(__unused struct interface *ifp) 3004 { 3005 3006 return 0; 3007 } 3008 #else 3009 static void 3010 dhcp6_delegate_prefix(struct interface *ifp) 3011 { 3012 struct if_options *ifo; 3013 struct dhcp6_state *state; 3014 struct ipv6_addr *ap; 3015 size_t i, j, k; 3016 struct if_ia *ia; 3017 struct if_sla *sla; 3018 struct interface *ifd; 3019 bool carrier_warned; 3020 3021 ifo = ifp->options; 3022 state = D6_STATE(ifp); 3023 3024 /* Clear the logged flag. */ 3025 TAILQ_FOREACH(ap, &state->addrs, next) { 3026 ap->flags &= ~IPV6_AF_DELEGATEDLOG; 3027 } 3028 3029 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 3030 if (!ifd->active) 3031 continue; 3032 if (!(ifd->options->options & DHCPCD_CONFIGURE)) 3033 continue; 3034 k = 0; 3035 carrier_warned = false; 3036 TAILQ_FOREACH(ap, &state->addrs, next) { 3037 if (!(ap->flags & IPV6_AF_PFXDELEGATION)) 3038 continue; 3039 if (!(ap->flags & IPV6_AF_DELEGATEDLOG)) { 3040 int loglevel; 3041 3042 if (ap->flags & IPV6_AF_NEW) 3043 loglevel = LOG_INFO; 3044 else 3045 loglevel = LOG_DEBUG; 3046 /* We only want to log this the once as we loop 3047 * through many interfaces first. */ 3048 ap->flags |= IPV6_AF_DELEGATEDLOG; 3049 logmessage(loglevel, "%s: delegated prefix %s", 3050 ifp->name, ap->saddr); 3051 ap->flags &= ~IPV6_AF_NEW; 3052 } 3053 for (i = 0; i < ifo->ia_len; i++) { 3054 ia = &ifo->ia[i]; 3055 if (ia->ia_type != D6_OPTION_IA_PD) 3056 continue; 3057 if (memcmp(ia->iaid, ap->iaid, 3058 sizeof(ia->iaid))) 3059 continue; 3060 if (ia->sla_len == 0) { 3061 /* no SLA configured, so lets 3062 * automate it */ 3063 if (!if_is_link_up(ifd)) { 3064 logdebugx( 3065 "%s: has no carrier, cannot" 3066 " delegate addresses", 3067 ifd->name); 3068 carrier_warned = true; 3069 break; 3070 } 3071 if (dhcp6_ifdelegateaddr(ifd, ap, 3072 NULL, ia)) 3073 k++; 3074 } 3075 for (j = 0; j < ia->sla_len; j++) { 3076 sla = &ia->sla[j]; 3077 if (strcmp(ifd->name, sla->ifname)) 3078 continue; 3079 if (!if_is_link_up(ifd)) { 3080 logdebugx( 3081 "%s: has no carrier, cannot" 3082 " delegate addresses", 3083 ifd->name); 3084 carrier_warned = true; 3085 break; 3086 } 3087 if (dhcp6_ifdelegateaddr(ifd, ap, 3088 sla, ia)) 3089 k++; 3090 } 3091 if (carrier_warned) 3092 break; 3093 } 3094 if (carrier_warned) 3095 break; 3096 } 3097 if (k && !carrier_warned) { 3098 struct dhcp6_state *s = D6_STATE(ifd); 3099 3100 ipv6_addaddrs(&s->addrs); 3101 dhcp6_script_try_run(ifd, 1); 3102 } 3103 } 3104 3105 /* Now all addresses have been added, rebuild the routing table. */ 3106 rt_build(ifp->ctx, AF_INET6); 3107 } 3108 3109 static void 3110 dhcp6_find_delegates1(void *arg) 3111 { 3112 3113 dhcp6_find_delegates(arg); 3114 } 3115 3116 size_t 3117 dhcp6_find_delegates(struct interface *ifp) 3118 { 3119 struct if_options *ifo; 3120 struct dhcp6_state *state; 3121 struct ipv6_addr *ap; 3122 size_t i, j, k; 3123 struct if_ia *ia; 3124 struct if_sla *sla; 3125 struct interface *ifd; 3126 3127 if (ifp->options != NULL && 3128 !(ifp->options->options & DHCPCD_CONFIGURE)) 3129 return 0; 3130 3131 k = 0; 3132 TAILQ_FOREACH(ifd, ifp->ctx->ifaces, next) { 3133 ifo = ifd->options; 3134 state = D6_STATE(ifd); 3135 if (state == NULL || state->state != DH6S_BOUND) 3136 continue; 3137 TAILQ_FOREACH(ap, &state->addrs, next) { 3138 if (!(ap->flags & IPV6_AF_PFXDELEGATION)) 3139 continue; 3140 for (i = 0; i < ifo->ia_len; i++) { 3141 ia = &ifo->ia[i]; 3142 if (ia->ia_type != D6_OPTION_IA_PD) 3143 continue; 3144 if (memcmp(ia->iaid, ap->iaid, 3145 sizeof(ia->iaid))) 3146 continue; 3147 for (j = 0; j < ia->sla_len; j++) { 3148 sla = &ia->sla[j]; 3149 if (strcmp(ifp->name, sla->ifname)) 3150 continue; 3151 if (ipv6_linklocal(ifp) == NULL) { 3152 logdebugx( 3153 "%s: delaying adding" 3154 " delegated addresses for" 3155 " LL address", 3156 ifp->name); 3157 ipv6_addlinklocalcallback(ifp, 3158 dhcp6_find_delegates1, ifp); 3159 return 1; 3160 } 3161 if (dhcp6_ifdelegateaddr(ifp, ap, 3162 sla, ia)) 3163 k++; 3164 } 3165 } 3166 } 3167 } 3168 3169 if (k) { 3170 loginfox("%s: adding delegated prefixes", ifp->name); 3171 state = D6_STATE(ifp); 3172 ipv6_addaddrs(&state->addrs); 3173 rt_build(ifp->ctx, AF_INET6); 3174 dhcp6_script_try_run(ifp, 1); 3175 } 3176 return k; 3177 } 3178 #endif 3179 3180 static void 3181 dhcp6_bind(struct interface *ifp, const char *op, const char *sfrom) 3182 { 3183 struct dhcp6_state *state = D6_STATE(ifp); 3184 bool timedout = (op == NULL), confirmed; 3185 struct ipv6_addr *ia; 3186 int loglevel; 3187 struct timespec now; 3188 3189 if (state->state == DH6S_RENEW) { 3190 loglevel = LOG_DEBUG; 3191 TAILQ_FOREACH(ia, &state->addrs, next) { 3192 if (ia->flags & IPV6_AF_NEW) { 3193 loglevel = LOG_INFO; 3194 break; 3195 } 3196 } 3197 } else if (state->state == DH6S_INFORM) 3198 loglevel = state->new_start ? LOG_INFO : LOG_DEBUG; 3199 else 3200 loglevel = LOG_INFO; 3201 state->new_start = false; 3202 3203 if (!timedout) { 3204 logmessage(loglevel, "%s: %s received from %s", 3205 ifp->name, op, sfrom); 3206 #ifndef SMALL 3207 /* If we delegated from an unconfirmed lease we MUST drop 3208 * them now. Hopefully we have new delegations. */ 3209 if (state->reason != NULL && 3210 strcmp(state->reason, "TIMEOUT6") == 0) 3211 dhcp6_delete_delegates(ifp); 3212 #endif 3213 state->reason = NULL; 3214 } else 3215 state->reason = "TIMEOUT6"; 3216 3217 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3218 clock_gettime(CLOCK_MONOTONIC, &now); 3219 3220 switch(state->state) { 3221 case DH6S_INFORM: 3222 { 3223 struct dhcp6_option *o; 3224 uint16_t ol; 3225 3226 if (state->reason == NULL) 3227 state->reason = "INFORM6"; 3228 o = dhcp6_findmoption(state->recv, state->recv_len, 3229 D6_OPTION_INFO_REFRESH_TIME, &ol); 3230 if (o == NULL || ol != sizeof(uint32_t)) 3231 state->renew = IRT_DEFAULT; 3232 else { 3233 memcpy(&state->renew, o, ol); 3234 state->renew = ntohl(state->renew); 3235 if (state->renew < IRT_MINIMUM) 3236 state->renew = IRT_MINIMUM; 3237 } 3238 state->rebind = 0; 3239 state->expire = ND6_INFINITE_LIFETIME; 3240 state->lowpl = ND6_INFINITE_LIFETIME; 3241 } 3242 break; 3243 3244 case DH6S_REQUEST: 3245 if (state->reason == NULL) 3246 state->reason = "BOUND6"; 3247 /* FALLTHROUGH */ 3248 case DH6S_RENEW: 3249 if (state->reason == NULL) 3250 state->reason = "RENEW6"; 3251 /* FALLTHROUGH */ 3252 case DH6S_REBIND: 3253 if (state->reason == NULL) 3254 state->reason = "REBIND6"; 3255 /* FALLTHROUGH */ 3256 case DH6S_CONFIRM: 3257 if (state->reason == NULL) 3258 state->reason = "REBOOT6"; 3259 if (state->renew != 0) { 3260 bool all_expired = true; 3261 3262 TAILQ_FOREACH(ia, &state->addrs, next) { 3263 if (ia->flags & IPV6_AF_STALE) 3264 continue; 3265 if (!(state->renew == ND6_INFINITE_LIFETIME 3266 && ia->prefix_vltime == ND6_INFINITE_LIFETIME) 3267 && ia->prefix_vltime != 0 3268 && ia->prefix_vltime <= state->renew) 3269 logwarnx( 3270 "%s: %s will expire before renewal", 3271 ifp->name, ia->saddr); 3272 else 3273 all_expired = false; 3274 } 3275 if (all_expired) { 3276 /* All address's vltime happens at or before 3277 * the configured T1 in the IA. 3278 * This is a badly configured server and we 3279 * have to use our own notion of what 3280 * T1 and T2 should be as a result. 3281 * 3282 * Doing this violates RFC 3315 22.4: 3283 * In a message sent by a server to a client, 3284 * the client MUST use the values in the T1 3285 * and T2 fields for the T1 and T2 parameters, 3286 * unless those values in those fields are 0. 3287 */ 3288 logwarnx("%s: ignoring T1 %"PRIu32 3289 " due to address expiry", 3290 ifp->name, state->renew); 3291 state->renew = state->rebind = 0; 3292 } 3293 } 3294 if (state->renew == 0 && state->lowpl != ND6_INFINITE_LIFETIME) 3295 state->renew = (uint32_t)(state->lowpl * 0.5); 3296 if (state->rebind == 0 && state->lowpl != ND6_INFINITE_LIFETIME) 3297 state->rebind = (uint32_t)(state->lowpl * 0.8); 3298 break; 3299 default: 3300 state->reason = "UNKNOWN6"; 3301 break; 3302 } 3303 3304 if (state->state != DH6S_CONFIRM && !timedout) { 3305 state->acquired = now; 3306 free(state->old); 3307 state->old = state->new; 3308 state->old_len = state->new_len; 3309 state->new = state->recv; 3310 state->new_len = state->recv_len; 3311 state->recv = NULL; 3312 state->recv_len = 0; 3313 confirmed = false; 3314 } else { 3315 /* Reduce timers based on when we got the lease. */ 3316 uint32_t elapsed; 3317 3318 elapsed = (uint32_t)eloop_timespec_diff(&now, 3319 &state->acquired, NULL); 3320 if (state->renew && state->renew != ND6_INFINITE_LIFETIME) { 3321 if (state->renew > elapsed) 3322 state->renew -= elapsed; 3323 else 3324 state->renew = 0; 3325 } 3326 if (state->rebind && state->rebind != ND6_INFINITE_LIFETIME) { 3327 if (state->rebind > elapsed) 3328 state->rebind -= elapsed; 3329 else 3330 state->rebind = 0; 3331 } 3332 if (state->expire && state->expire != ND6_INFINITE_LIFETIME) { 3333 if (state->expire > elapsed) 3334 state->expire -= elapsed; 3335 else 3336 state->expire = 0; 3337 } 3338 confirmed = true; 3339 } 3340 3341 if (ifp->ctx->options & DHCPCD_TEST) 3342 script_runreason(ifp, "TEST"); 3343 else { 3344 if (state->state == DH6S_INFORM) 3345 state->state = DH6S_INFORMED; 3346 else 3347 state->state = DH6S_BOUND; 3348 state->failed = false; 3349 3350 /* If we CONFIRM we might need to enter RENEW 3351 * or REBIND right away if the timers have expired */ 3352 if ((state->renew || (state->rebind && confirmed)) && 3353 state->renew != ND6_INFINITE_LIFETIME) 3354 eloop_timeout_add_sec(ifp->ctx->eloop, 3355 state->renew, 3356 state->state == DH6S_INFORMED ? 3357 dhcp6_startinform : dhcp6_startrenew, ifp); 3358 if ((state->rebind || (state->expire && confirmed)) && 3359 state->rebind != ND6_INFINITE_LIFETIME) 3360 eloop_timeout_add_sec(ifp->ctx->eloop, 3361 state->rebind, dhcp6_startrebind, ifp); 3362 if (state->expire != ND6_INFINITE_LIFETIME) 3363 eloop_timeout_add_sec(ifp->ctx->eloop, 3364 state->expire, dhcp6_startexpire, ifp); 3365 3366 if (ifp->options->options & DHCPCD_CONFIGURE) { 3367 ipv6_addaddrs(&state->addrs); 3368 if (!timedout) 3369 dhcp6_deprecateaddrs(&state->addrs); 3370 } 3371 3372 if (state->state == DH6S_INFORMED) 3373 logmessage(loglevel, "%s: refresh in %"PRIu32" seconds", 3374 ifp->name, state->renew); 3375 else if (state->renew == ND6_INFINITE_LIFETIME) 3376 logmessage(loglevel, "%s: leased for infinity", 3377 ifp->name); 3378 else if (state->renew || state->rebind) 3379 logmessage(loglevel, "%s: renew in %"PRIu32", " 3380 "rebind in %"PRIu32", " 3381 "expire in %"PRIu32" seconds", 3382 ifp->name, 3383 state->renew, state->rebind, state->expire); 3384 else if (state->expire == 0) 3385 logmessage(loglevel, "%s: will expire", ifp->name); 3386 else 3387 logmessage(loglevel, "%s: expire in %"PRIu32" seconds", 3388 ifp->name, state->expire); 3389 rt_build(ifp->ctx, AF_INET6); 3390 if (!confirmed && !timedout) { 3391 logdebugx("%s: writing lease: %s", 3392 ifp->name, state->leasefile); 3393 if (dhcp_writefile(ifp->ctx, state->leasefile, 0640, 3394 state->new, state->new_len) == -1) 3395 logerr("dhcp_writefile: %s",state->leasefile); 3396 } 3397 #ifndef SMALL 3398 dhcp6_delegate_prefix(ifp); 3399 #endif 3400 dhcp6_script_try_run(ifp, 0); 3401 } 3402 3403 if (ifp->ctx->options & DHCPCD_TEST) 3404 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3405 } 3406 3407 static void 3408 dhcp6_adjust_max_rt(struct interface *ifp, 3409 struct dhcp6_message *r, size_t len) 3410 { 3411 struct dhcp6_state *state = D6_STATE(ifp); 3412 uint8_t *o; 3413 uint16_t ol; 3414 3415 /* RFC 8415 */ 3416 o = dhcp6_findmoption(r, len, D6_OPTION_SOL_MAX_RT, &ol); 3417 if (o != NULL && ol == sizeof(uint32_t)) { 3418 uint32_t max_rt; 3419 3420 memcpy(&max_rt, o, sizeof(max_rt)); 3421 max_rt = ntohl(max_rt); 3422 if (max_rt >= 60 && max_rt <= 86400) { 3423 logdebugx("%s: SOL_MAX_RT %llu -> %u", 3424 ifp->name, 3425 (unsigned long long)state->sol_max_rt, 3426 max_rt); 3427 state->sol_max_rt = max_rt; 3428 } else 3429 logerrx("%s: invalid SOL_MAX_RT %u", ifp->name, max_rt); 3430 } 3431 3432 o = dhcp6_findmoption(r, len, D6_OPTION_INF_MAX_RT, &ol); 3433 if (o != NULL && ol == sizeof(uint32_t)) { 3434 uint32_t max_rt; 3435 3436 memcpy(&max_rt, o, sizeof(max_rt)); 3437 max_rt = ntohl(max_rt); 3438 if (max_rt >= 60 && max_rt <= 86400) { 3439 logdebugx("%s: INF_MAX_RT %llu -> %u", 3440 ifp->name, 3441 (unsigned long long)state->inf_max_rt, 3442 max_rt); 3443 state->inf_max_rt = max_rt; 3444 } else 3445 logerrx("%s: invalid INF_MAX_RT %u", ifp->name, max_rt); 3446 } 3447 } 3448 3449 static void 3450 dhcp6_recvif(struct interface *ifp, const char *sfrom, 3451 struct dhcp6_message *r, size_t len) 3452 { 3453 struct dhcpcd_ctx *ctx; 3454 size_t i; 3455 const char *op; 3456 struct dhcp6_state *state; 3457 uint8_t *o, preference = 0; 3458 uint16_t ol; 3459 const struct dhcp_opt *opt; 3460 const struct if_options *ifo; 3461 bool valid_op; 3462 #ifdef AUTH 3463 uint8_t *auth; 3464 uint16_t auth_len; 3465 #endif 3466 3467 ctx = ifp->ctx; 3468 state = D6_STATE(ifp); 3469 if (state == NULL || state->send == NULL) { 3470 logdebugx("%s: DHCPv6 reply received but not running", 3471 ifp->name); 3472 return; 3473 } 3474 3475 /* We're already bound and this message is for another machine */ 3476 /* XXX DELEGATED? */ 3477 if (r->type != DHCP6_RECONFIGURE && 3478 (state->state == DH6S_BOUND || state->state == DH6S_INFORMED)) 3479 { 3480 logdebugx("%s: DHCPv6 reply received but already bound", 3481 ifp->name); 3482 return; 3483 } 3484 3485 if (dhcp6_findmoption(r, len, D6_OPTION_SERVERID, NULL) == NULL) { 3486 logdebugx("%s: no DHCPv6 server ID from %s", ifp->name, sfrom); 3487 return; 3488 } 3489 3490 ifo = ifp->options; 3491 for (i = 0, opt = ctx->dhcp6_opts; 3492 i < ctx->dhcp6_opts_len; 3493 i++, opt++) 3494 { 3495 if (has_option_mask(ifo->requiremask6, opt->option) && 3496 !dhcp6_findmoption(r, len, (uint16_t)opt->option, NULL)) 3497 { 3498 logwarnx("%s: reject DHCPv6 (no option %s) from %s", 3499 ifp->name, opt->var, sfrom); 3500 return; 3501 } 3502 if (has_option_mask(ifo->rejectmask6, opt->option) && 3503 dhcp6_findmoption(r, len, (uint16_t)opt->option, NULL)) 3504 { 3505 logwarnx("%s: reject DHCPv6 (option %s) from %s", 3506 ifp->name, opt->var, sfrom); 3507 return; 3508 } 3509 } 3510 3511 #ifdef AUTH 3512 /* Authenticate the message */ 3513 auth = dhcp6_findmoption(r, len, D6_OPTION_AUTH, &auth_len); 3514 if (auth != NULL) { 3515 if (dhcp_auth_validate(&state->auth, &ifo->auth, 3516 (uint8_t *)r, len, 6, r->type, auth, auth_len) == NULL) 3517 { 3518 logerr("%s: authentication failed from %s", 3519 ifp->name, sfrom); 3520 return; 3521 } 3522 if (state->auth.token) 3523 logdebugx("%s: validated using 0x%08" PRIu32, 3524 ifp->name, state->auth.token->secretid); 3525 else 3526 loginfox("%s: accepted reconfigure key", ifp->name); 3527 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) { 3528 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 3529 logerrx("%s: no authentication from %s", 3530 ifp->name, sfrom); 3531 return; 3532 } 3533 logwarnx("%s: no authentication from %s", ifp->name, sfrom); 3534 } 3535 #endif 3536 3537 op = dhcp6_get_op(r->type); 3538 valid_op = op != NULL; 3539 switch(r->type) { 3540 case DHCP6_REPLY: 3541 switch(state->state) { 3542 case DH6S_INFORM: 3543 if (dhcp6_checkstatusok(ifp, r, NULL, len) != 0) 3544 return; 3545 break; 3546 case DH6S_CONFIRM: 3547 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3548 { 3549 dhcp6_startdiscoinform(ifp); 3550 return; 3551 } 3552 break; 3553 case DH6S_DISCOVER: 3554 /* Only accept REPLY in DISCOVER for RAPID_COMMIT. 3555 * Normally we get an ADVERTISE for a DISCOVER. */ 3556 if (!has_option_mask(ifo->requestmask6, 3557 D6_OPTION_RAPID_COMMIT) || 3558 !dhcp6_findmoption(r, len, D6_OPTION_RAPID_COMMIT, 3559 NULL)) 3560 { 3561 valid_op = false; 3562 break; 3563 } 3564 /* Validate lease before setting state to REQUEST. */ 3565 /* FALLTHROUGH */ 3566 case DH6S_REQUEST: /* FALLTHROUGH */ 3567 case DH6S_RENEW: /* FALLTHROUGH */ 3568 case DH6S_REBIND: 3569 dhcp6_adjust_max_rt(ifp, r, len); 3570 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3571 { 3572 /* 3573 * If we can't use the lease, fallback to 3574 * DISCOVER and try and get a new one. 3575 * 3576 * This is needed become some servers 3577 * renumber the prefix or address 3578 * and deny the current one before it expires 3579 * rather than sending it back with a zero 3580 * lifetime along with the new prefix or 3581 * address to use. 3582 * This behavior is wrong, but moving to the 3583 * DISCOVER phase works around it. 3584 * 3585 * The currently held lease is still valid 3586 * until a new one is found. 3587 */ 3588 if (state->state != DH6S_DISCOVER) 3589 dhcp6_startdiscoinform(ifp); 3590 return; 3591 } 3592 /* RFC8415 18.2.10.1 */ 3593 if ((state->state == DH6S_RENEW || 3594 state->state == DH6S_REBIND) && 3595 state->has_no_binding) 3596 { 3597 dhcp6_startrequest(ifp); 3598 return; 3599 } 3600 if (state->state == DH6S_DISCOVER) 3601 state->state = DH6S_REQUEST; 3602 break; 3603 case DH6S_DECLINE: 3604 /* This isnt really a failure, but an 3605 * acknowledgement of one. */ 3606 loginfox("%s: %s acknowledged DECLINE6", 3607 ifp->name, sfrom); 3608 dhcp6_fail(ifp, true); 3609 return; 3610 case DH6S_RELEASE: 3611 loginfox("%s: %s acknowledged RELEASE6", 3612 ifp->name, sfrom); 3613 dhcp6_finishrelease(ifp); 3614 return; 3615 default: 3616 valid_op = false; 3617 break; 3618 } 3619 break; 3620 case DHCP6_ADVERTISE: 3621 if (state->state != DH6S_DISCOVER) { 3622 valid_op = false; 3623 break; 3624 } 3625 3626 o = dhcp6_findmoption(r, len, D6_OPTION_PREFERENCE, &ol); 3627 if (o && ol == sizeof(uint8_t)) 3628 preference = *o; 3629 3630 /* If we already have an advertisement check that this one 3631 * has a higher preference value. */ 3632 if (state->recv_len && state->recv->type == DHCP6_ADVERTISE) { 3633 o = dhcp6_findmoption(state->recv, state->recv_len, 3634 D6_OPTION_PREFERENCE, &ol); 3635 if (o && ol == sizeof(uint8_t) && *o >= preference) { 3636 logdebugx( 3637 "%s: discarding ADVERTISEMENT from %s (%u)", 3638 ifp->name, sfrom, preference); 3639 return; 3640 } 3641 } 3642 3643 dhcp6_adjust_max_rt(ifp, r, len); 3644 if (dhcp6_validatelease(ifp, r, len, sfrom, NULL) == -1) 3645 return; 3646 break; 3647 case DHCP6_RECONFIGURE: 3648 #ifdef AUTH 3649 if (auth == NULL) { 3650 #endif 3651 logerrx("%s: unauthenticated %s from %s", 3652 ifp->name, op, sfrom); 3653 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) 3654 return; 3655 #ifdef AUTH 3656 } 3657 loginfox("%s: %s from %s", ifp->name, op, sfrom); 3658 o = dhcp6_findmoption(r, len, D6_OPTION_RECONF_MSG, &ol); 3659 if (o == NULL) { 3660 logerrx("%s: missing Reconfigure Message option", 3661 ifp->name); 3662 return; 3663 } 3664 if (ol != 1) { 3665 logerrx("%s: missing Reconfigure Message type", 3666 ifp->name); 3667 return; 3668 } 3669 switch(*o) { 3670 case DHCP6_RENEW: 3671 if (state->state != DH6S_BOUND) { 3672 logerrx("%s: not bound, ignoring %s", 3673 ifp->name, op); 3674 return; 3675 } 3676 dhcp6_startrenew(ifp); 3677 break; 3678 case DHCP6_INFORMATION_REQ: 3679 if (state->state != DH6S_INFORMED) { 3680 logerrx("%s: not informed, ignoring %s", 3681 ifp->name, op); 3682 return; 3683 } 3684 eloop_timeout_delete(ifp->ctx->eloop, 3685 dhcp6_sendinform, ifp); 3686 dhcp6_startinform(ifp); 3687 break; 3688 default: 3689 logerr("%s: unsupported %s type %d", 3690 ifp->name, op, *o); 3691 break; 3692 } 3693 return; 3694 #else 3695 break; 3696 #endif 3697 default: 3698 logerrx("%s: invalid DHCP6 type %s (%d)", 3699 ifp->name, op, r->type); 3700 return; 3701 } 3702 if (!valid_op) { 3703 logwarnx("%s: invalid state for DHCP6 type %s (%d)", 3704 ifp->name, op, r->type); 3705 return; 3706 } 3707 3708 if (state->recv_len < (size_t)len) { 3709 free(state->recv); 3710 state->recv = malloc(len); 3711 if (state->recv == NULL) { 3712 logerr(__func__); 3713 return; 3714 } 3715 } 3716 memcpy(state->recv, r, len); 3717 state->recv_len = len; 3718 3719 if (r->type == DHCP6_ADVERTISE) { 3720 struct ipv6_addr *ia; 3721 3722 TAILQ_FOREACH(ia, &state->addrs, next) { 3723 if (!(ia->flags & (IPV6_AF_STALE | IPV6_AF_REQUEST))) 3724 break; 3725 } 3726 if (ia == NULL) 3727 ia = TAILQ_FIRST(&state->addrs); 3728 if (ia == NULL) 3729 loginfox("%s: ADV (no address) from %s (%u)", 3730 ifp->name, sfrom, preference); 3731 else 3732 loginfox("%s: ADV %s from %s (%u)", 3733 ifp->name, ia->saddr, sfrom, preference); 3734 3735 /* 3736 * RFC 8415 18.2.1 says we must collect until ADVERTISEMENTs 3737 * until we get one with a preference of 255 or 3738 * the initial RT has elpased. 3739 */ 3740 if (preference == 255 || state->RTC > 1) 3741 dhcp6_startrequest(ifp); 3742 return; 3743 } 3744 3745 dhcp6_bind(ifp, op, sfrom); 3746 } 3747 3748 void 3749 dhcp6_recvmsg(struct dhcpcd_ctx *ctx, struct msghdr *msg, struct ipv6_addr *ia) 3750 { 3751 struct sockaddr_in6 *from = msg->msg_name; 3752 size_t len = msg->msg_iov[0].iov_len; 3753 char sfrom[INET6_ADDRSTRLEN]; 3754 struct interface *ifp; 3755 struct dhcp6_message *r; 3756 const struct dhcp6_state *state; 3757 uint8_t *o; 3758 uint16_t ol; 3759 3760 inet_ntop(AF_INET6, &from->sin6_addr, sfrom, sizeof(sfrom)); 3761 if (len < sizeof(struct dhcp6_message)) { 3762 logerrx("DHCPv6 packet too short from %s", sfrom); 3763 return; 3764 } 3765 3766 if (ia != NULL) 3767 ifp = ia->iface; 3768 else { 3769 ifp = if_findifpfromcmsg(ctx, msg, NULL); 3770 if (ifp == NULL) { 3771 logerr(__func__); 3772 return; 3773 } 3774 } 3775 3776 r = (struct dhcp6_message *)msg->msg_iov[0].iov_base; 3777 3778 uint8_t duid[DUID_LEN], *dp; 3779 size_t duid_len; 3780 o = dhcp6_findmoption(r, len, D6_OPTION_CLIENTID, &ol); 3781 if (ifp->options->options & DHCPCD_ANONYMOUS) { 3782 duid_len = duid_make(duid, ifp, DUID_LL); 3783 dp = duid; 3784 } else { 3785 duid_len = ctx->duid_len; 3786 dp = ctx->duid; 3787 } 3788 if (o == NULL || ol != duid_len || memcmp(o, dp, ol) != 0) { 3789 logdebugx("%s: incorrect client ID from %s", 3790 ifp->name, sfrom); 3791 return; 3792 } 3793 3794 if (dhcp6_findmoption(r, len, D6_OPTION_SERVERID, NULL) == NULL) { 3795 logdebugx("%s: no DHCPv6 server ID from %s", 3796 ifp->name, sfrom); 3797 return; 3798 } 3799 3800 if (r->type == DHCP6_RECONFIGURE) { 3801 if (!IN6_IS_ADDR_LINKLOCAL(&from->sin6_addr)) { 3802 logerrx("%s: RECONFIGURE6 recv from %s, not LL", 3803 ifp->name, sfrom); 3804 return; 3805 } 3806 goto recvif; 3807 } 3808 3809 state = D6_CSTATE(ifp); 3810 if (state == NULL || 3811 r->xid[0] != state->send->xid[0] || 3812 r->xid[1] != state->send->xid[1] || 3813 r->xid[2] != state->send->xid[2]) 3814 { 3815 struct interface *ifp1; 3816 const struct dhcp6_state *state1; 3817 3818 /* Find an interface with a matching xid. */ 3819 TAILQ_FOREACH(ifp1, ctx->ifaces, next) { 3820 state1 = D6_CSTATE(ifp1); 3821 if (state1 == NULL || state1->send == NULL) 3822 continue; 3823 if (r->xid[0] == state1->send->xid[0] && 3824 r->xid[1] == state1->send->xid[1] && 3825 r->xid[2] == state1->send->xid[2]) 3826 break; 3827 } 3828 3829 if (ifp1 == NULL) { 3830 if (state != NULL) 3831 logdebugx("%s: wrong xid 0x%02x%02x%02x" 3832 " (expecting 0x%02x%02x%02x) from %s", 3833 ifp->name, 3834 r->xid[0], r->xid[1], r->xid[2], 3835 state->send->xid[0], 3836 state->send->xid[1], 3837 state->send->xid[2], 3838 sfrom); 3839 return; 3840 } 3841 logdebugx("%s: redirecting DHCP6 message to %s", 3842 ifp->name, ifp1->name); 3843 ifp = ifp1; 3844 } 3845 3846 #if 0 3847 /* 3848 * Handy code to inject raw DHCPv6 packets over responses 3849 * from our server. 3850 * This allows me to take a 3rd party wireshark trace and 3851 * replay it in my code. 3852 */ 3853 static int replyn = 0; 3854 char fname[PATH_MAX], tbuf[UDPLEN_MAX]; 3855 int fd; 3856 ssize_t tlen; 3857 uint8_t *si1, *si2; 3858 uint16_t si_len1, si_len2; 3859 3860 snprintf(fname, sizeof(fname), 3861 "/tmp/dhcp6.reply%d.raw", replyn++); 3862 fd = open(fname, O_RDONLY, 0); 3863 if (fd == -1) { 3864 logerr("%s: open: %s", __func__, fname); 3865 return; 3866 } 3867 tlen = read(fd, tbuf, sizeof(tbuf)); 3868 if (tlen == -1) 3869 logerr("%s: read: %s", __func__, fname); 3870 close(fd); 3871 3872 /* Copy across ServerID so we can work with our own server. */ 3873 si1 = dhcp6_findmoption(r, len, D6_OPTION_SERVERID, &si_len1); 3874 si2 = dhcp6_findmoption(tbuf, (size_t)tlen, 3875 D6_OPTION_SERVERID, &si_len2); 3876 if (si1 != NULL && si2 != NULL && si_len1 == si_len2) 3877 memcpy(si2, si1, si_len2); 3878 r = (struct dhcp6_message *)tbuf; 3879 len = (size_t)tlen; 3880 #endif 3881 3882 recvif: 3883 dhcp6_recvif(ifp, sfrom, r, len); 3884 } 3885 3886 static void 3887 dhcp6_recv(struct dhcpcd_ctx *ctx, struct ipv6_addr *ia, unsigned short events) 3888 { 3889 struct sockaddr_in6 from; 3890 union { 3891 struct dhcp6_message dhcp6; 3892 uint8_t buf[UDPLEN_MAX]; /* Maximum UDP message size */ 3893 } iovbuf; 3894 struct iovec iov = { 3895 .iov_base = iovbuf.buf, .iov_len = sizeof(iovbuf.buf), 3896 }; 3897 union { 3898 struct cmsghdr hdr; 3899 uint8_t buf[CMSG_SPACE(sizeof(struct in6_pktinfo))]; 3900 } cmsgbuf = { .buf = { 0 } }; 3901 struct msghdr msg = { 3902 .msg_name = &from, .msg_namelen = sizeof(from), 3903 .msg_iov = &iov, .msg_iovlen = 1, 3904 .msg_control = cmsgbuf.buf, .msg_controllen = sizeof(cmsgbuf.buf), 3905 }; 3906 int s; 3907 ssize_t bytes; 3908 3909 if (events != ELE_READ) 3910 logerrx("%s: unexpected event 0x%04x", __func__, events); 3911 3912 s = ia != NULL ? ia->dhcp6_fd : ctx->dhcp6_rfd; 3913 bytes = recvmsg(s, &msg, 0); 3914 if (bytes == -1) { 3915 logerr(__func__); 3916 return; 3917 } 3918 3919 iov.iov_len = (size_t)bytes; 3920 dhcp6_recvmsg(ctx, &msg, ia); 3921 } 3922 3923 static void 3924 3925 dhcp6_recvaddr(void *arg, unsigned short events) 3926 { 3927 struct ipv6_addr *ia = arg; 3928 3929 dhcp6_recv(ia->iface->ctx, ia, events); 3930 } 3931 3932 static void 3933 dhcp6_recvctx(void *arg, unsigned short events) 3934 { 3935 struct dhcpcd_ctx *ctx = arg; 3936 3937 dhcp6_recv(ctx, NULL, events); 3938 } 3939 3940 int 3941 dhcp6_openraw(void) 3942 { 3943 int fd, v; 3944 3945 fd = xsocket(PF_INET6, SOCK_RAW | SOCK_CXNB, IPPROTO_UDP); 3946 if (fd == -1) 3947 return -1; 3948 3949 v = 1; 3950 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &v, sizeof(v)) == -1) 3951 goto errexit; 3952 3953 v = offsetof(struct udphdr, uh_sum); 3954 if (setsockopt(fd, IPPROTO_IPV6, IPV6_CHECKSUM, &v, sizeof(v)) == -1) 3955 goto errexit; 3956 3957 return fd; 3958 3959 errexit: 3960 close(fd); 3961 return -1; 3962 } 3963 3964 int 3965 dhcp6_openudp(unsigned int ifindex, struct in6_addr *ia) 3966 { 3967 struct sockaddr_in6 sa; 3968 int n, s; 3969 3970 s = xsocket(PF_INET6, SOCK_DGRAM | SOCK_CXNB, IPPROTO_UDP); 3971 if (s == -1) 3972 goto errexit; 3973 3974 memset(&sa, 0, sizeof(sa)); 3975 sa.sin6_family = AF_INET6; 3976 sa.sin6_port = htons(DHCP6_CLIENT_PORT); 3977 #ifdef BSD 3978 sa.sin6_len = sizeof(sa); 3979 #endif 3980 3981 if (ia != NULL) { 3982 memcpy(&sa.sin6_addr, ia, sizeof(sa.sin6_addr)); 3983 ipv6_setscope(&sa, ifindex); 3984 } 3985 3986 if (bind(s, (struct sockaddr *)&sa, sizeof(sa)) == -1) 3987 goto errexit; 3988 3989 n = 1; 3990 if (setsockopt(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, &n, sizeof(n)) == -1) 3991 goto errexit; 3992 3993 #ifdef SO_RERROR 3994 n = 1; 3995 if (setsockopt(s, SOL_SOCKET, SO_RERROR, &n, sizeof(n)) == -1) 3996 goto errexit; 3997 #endif 3998 3999 return s; 4000 4001 errexit: 4002 logerr(__func__); 4003 if (s != -1) 4004 close(s); 4005 return -1; 4006 } 4007 4008 #ifndef SMALL 4009 static void 4010 dhcp6_activateinterfaces(struct interface *ifp) 4011 { 4012 struct interface *ifd; 4013 size_t i, j; 4014 struct if_ia *ia; 4015 struct if_sla *sla; 4016 4017 for (i = 0; i < ifp->options->ia_len; i++) { 4018 ia = &ifp->options->ia[i]; 4019 if (ia->ia_type != D6_OPTION_IA_PD) 4020 continue; 4021 for (j = 0; j < ia->sla_len; j++) { 4022 sla = &ia->sla[j]; 4023 ifd = if_find(ifp->ctx->ifaces, sla->ifname); 4024 if (ifd == NULL) { 4025 if (*sla->ifname != '-') 4026 logwarn("%s: cannot delegate to %s", 4027 ifp->name, sla->ifname); 4028 continue; 4029 } 4030 if (!ifd->active) { 4031 loginfox("%s: activating for delegation", 4032 sla->ifname); 4033 dhcpcd_activateinterface(ifd, 4034 DHCPCD_IPV6 | DHCPCD_DHCP6); 4035 } 4036 } 4037 } 4038 } 4039 #endif 4040 4041 static void 4042 dhcp6_start1(void *arg) 4043 { 4044 struct interface *ifp = arg; 4045 struct dhcpcd_ctx *ctx = ifp->ctx; 4046 struct if_options *ifo = ifp->options; 4047 struct dhcp6_state *state; 4048 size_t i; 4049 const struct dhcp_compat *dhc; 4050 4051 if ((ctx->options & (DHCPCD_MANAGER|DHCPCD_PRIVSEP)) == DHCPCD_MANAGER && 4052 ctx->dhcp6_rfd == -1) 4053 { 4054 ctx->dhcp6_rfd = dhcp6_openudp(0, NULL); 4055 if (ctx->dhcp6_rfd == -1) { 4056 logerr(__func__); 4057 return; 4058 } 4059 if (eloop_event_add(ctx->eloop, ctx->dhcp6_rfd, ELE_READ, 4060 dhcp6_recvctx, ctx) == -1) 4061 logerr("%s: eloop_event_add", __func__); 4062 } 4063 4064 if (!IN_PRIVSEP(ctx) && ctx->dhcp6_wfd == -1) { 4065 ctx->dhcp6_wfd = dhcp6_openraw(); 4066 if (ctx->dhcp6_wfd == -1) { 4067 logerr(__func__); 4068 return; 4069 } 4070 } 4071 4072 state = D6_STATE(ifp); 4073 /* If no DHCPv6 options are configured, 4074 match configured DHCPv4 options to DHCPv6 equivalents. */ 4075 for (i = 0; i < sizeof(ifo->requestmask6); i++) { 4076 if (ifo->requestmask6[i] != '\0') 4077 break; 4078 } 4079 if (i == sizeof(ifo->requestmask6)) { 4080 for (dhc = dhcp_compats; dhc->dhcp_opt; dhc++) { 4081 if (DHC_REQ(ifo->requestmask, ifo->nomask, dhc->dhcp_opt)) 4082 add_option_mask(ifo->requestmask6, 4083 dhc->dhcp6_opt); 4084 } 4085 if (ifo->fqdn != FQDN_DISABLE || ifo->options & DHCPCD_HOSTNAME) 4086 add_option_mask(ifo->requestmask6, D6_OPTION_FQDN); 4087 } 4088 4089 #ifndef SMALL 4090 /* Rapid commit won't work with Prefix Delegation Exclusion */ 4091 if (dhcp6_findselfsla(ifp)) 4092 del_option_mask(ifo->requestmask6, D6_OPTION_RAPID_COMMIT); 4093 #endif 4094 4095 if (state->state == DH6S_INFORM) 4096 dhcp6_startinform(ifp); 4097 else 4098 dhcp6_startinit(ifp); 4099 4100 #ifndef SMALL 4101 dhcp6_activateinterfaces(ifp); 4102 #endif 4103 } 4104 4105 int 4106 dhcp6_start(struct interface *ifp, enum DH6S init_state) 4107 { 4108 struct dhcp6_state *state; 4109 4110 state = D6_STATE(ifp); 4111 if (state != NULL) { 4112 switch (init_state) { 4113 case DH6S_INIT: 4114 goto gogogo; 4115 case DH6S_INFORM: 4116 /* RFC 8415 21.23 4117 * If D6_OPTION_INFO_REFRESH_TIME does not exist 4118 * then we MUST refresh by IRT_DEFAULT seconds 4119 * and should not be influenced by only the 4120 * pl/vl time of the RA changing. */ 4121 if (state->state == DH6S_INIT || 4122 (state->state == DH6S_DISCOVER && 4123 !(ifp->options->options & DHCPCD_IA_FORCED) && 4124 !ipv6nd_hasradhcp(ifp, true))) 4125 dhcp6_startinform(ifp); 4126 break; 4127 case DH6S_REQUEST: 4128 if (ifp->options->options & DHCPCD_DHCP6 && 4129 (state->state == DH6S_INIT || 4130 state->state == DH6S_INFORM || 4131 state->state == DH6S_INFORMED || 4132 state->state == DH6S_DELEGATED)) 4133 { 4134 /* Change from stateless to stateful */ 4135 init_state = DH6S_INIT; 4136 goto gogogo; 4137 } 4138 break; 4139 case DH6S_CONFIRM: 4140 /* 4141 * CONFIRM a prior lease from a RA. 4142 * This could be triggered by a roaming interface. 4143 * We could also get here if we are delegated to. 4144 * Now that we don't remove delegated addresses when 4145 * reading the lease file this is the safe path. 4146 */ 4147 if (state->state == DH6S_MANUALREBIND) 4148 init_state = DH6S_MANUALREBIND; 4149 else 4150 init_state = DH6S_INIT; 4151 goto gogogo; 4152 default: 4153 /* Not possible, but sushes some compiler warnings. */ 4154 break; 4155 } 4156 return 0; 4157 } else { 4158 switch (init_state) { 4159 case DH6S_CONFIRM: 4160 /* No DHCPv6 config, no existing state 4161 * so nothing to do. */ 4162 return 0; 4163 case DH6S_INFORM: 4164 break; 4165 default: 4166 init_state = DH6S_INIT; 4167 break; 4168 } 4169 } 4170 4171 if (!(ifp->options->options & DHCPCD_DHCP6)) 4172 return 0; 4173 4174 ifp->if_data[IF_DATA_DHCP6] = calloc(1, sizeof(*state)); 4175 state = D6_STATE(ifp); 4176 if (state == NULL) 4177 return -1; 4178 4179 state->sol_max_rt = SOL_MAX_RT; 4180 state->inf_max_rt = INF_MAX_RT; 4181 TAILQ_INIT(&state->addrs); 4182 4183 gogogo: 4184 state->state = init_state; 4185 state->new_start = true; 4186 state->lerror = 0; 4187 state->failed = false; 4188 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 4189 AF_INET6, ifp); 4190 if (ipv6_linklocal(ifp) == NULL) { 4191 logdebugx("%s: delaying DHCPv6 for LL address", ifp->name); 4192 ipv6_addlinklocalcallback(ifp, dhcp6_start1, ifp); 4193 return 0; 4194 } 4195 4196 dhcp6_start1(ifp); 4197 return 0; 4198 } 4199 4200 void 4201 dhcp6_reboot(struct interface *ifp) 4202 { 4203 struct dhcp6_state *state; 4204 4205 state = D6_STATE(ifp); 4206 if (state == NULL) 4207 return; 4208 4209 switch (state->state) { 4210 case DH6S_RENEW: /* FALLTHROUGH */ 4211 case DH6S_BOUND: /* FALLTHROUGH */ 4212 case DH6S_REBIND: 4213 state->state = DH6S_MANUALREBIND; 4214 break; 4215 default: /* Appease compilers */ 4216 break; 4217 } 4218 4219 /* Do nothing. On confirming the next lease we will REBIND instead. */ 4220 } 4221 4222 static void 4223 dhcp6_freedrop(struct interface *ifp, int drop, const char *reason) 4224 { 4225 struct dhcp6_state *state; 4226 struct dhcpcd_ctx *ctx; 4227 unsigned long long options; 4228 4229 if (ifp->options) 4230 options = ifp->options->options; 4231 else 4232 options = ifp->ctx->options; 4233 4234 if (ifp->ctx->eloop) 4235 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 4236 4237 #ifndef SMALL 4238 /* If we're dropping the lease, drop delegated addresses. 4239 * If, for whatever reason, we don't drop them in the future 4240 * then they should at least be marked as deprecated (pltime 0). */ 4241 if (drop && (options & DHCPCD_NODROP) != DHCPCD_NODROP) 4242 dhcp6_delete_delegates(ifp); 4243 #endif 4244 4245 state = D6_STATE(ifp); 4246 if (state) { 4247 /* Failure to send the release may cause this function to 4248 * re-enter */ 4249 if (state->state == DH6S_RELEASE) { 4250 dhcp6_finishrelease(ifp); 4251 return; 4252 } 4253 4254 if (drop && options & DHCPCD_RELEASE && 4255 state->state != DH6S_DELEGATED) 4256 { 4257 if (if_is_link_up(ifp) && 4258 state->state != DH6S_RELEASED && 4259 state->state != DH6S_INFORMED) 4260 { 4261 dhcp6_startrelease(ifp); 4262 return; 4263 } 4264 dhcp_unlink(ifp->ctx, state->leasefile); 4265 } 4266 #ifdef AUTH 4267 else if (state->auth.reconf != NULL) { 4268 /* 4269 * Drop the lease as the token may only be present 4270 * in the initial reply message and not subsequent 4271 * renewals. 4272 * If dhcpcd is restarted, the token is lost. 4273 * XXX persist this in another file? 4274 */ 4275 dhcp_unlink(ifp->ctx, state->leasefile); 4276 } 4277 #endif 4278 4279 dhcp6_freedrop_addrs(ifp, drop, 0, NULL); 4280 free(state->old); 4281 state->old = state->new; 4282 state->old_len = state->new_len; 4283 state->new = NULL; 4284 state->new_len = 0; 4285 if (drop && state->old && 4286 (options & DHCPCD_NODROP) != DHCPCD_NODROP) 4287 { 4288 if (reason == NULL) 4289 reason = "STOP6"; 4290 script_runreason(ifp, reason); 4291 } 4292 free(state->old); 4293 free(state->send); 4294 free(state->recv); 4295 free(state); 4296 ifp->if_data[IF_DATA_DHCP6] = NULL; 4297 } 4298 dhcpcd_dropped(ifp); 4299 4300 /* If we don't have any more DHCP6 enabled interfaces, 4301 * close the global socket and release resources */ 4302 ctx = ifp->ctx; 4303 if (ctx->ifaces) { 4304 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 4305 if (D6_STATE(ifp)) 4306 break; 4307 } 4308 } 4309 if (ifp == NULL && ctx->dhcp6_rfd != -1) { 4310 eloop_event_delete(ctx->eloop, ctx->dhcp6_rfd); 4311 close(ctx->dhcp6_rfd); 4312 ctx->dhcp6_rfd = -1; 4313 } 4314 } 4315 4316 void 4317 dhcp6_drop(struct interface *ifp, const char *reason) 4318 { 4319 4320 dhcp6_freedrop(ifp, 1, reason); 4321 } 4322 4323 void 4324 dhcp6_free(struct interface *ifp) 4325 { 4326 4327 dhcp6_freedrop(ifp, 0, NULL); 4328 } 4329 4330 void 4331 dhcp6_abort(struct interface *ifp) 4332 { 4333 struct dhcp6_state *state; 4334 4335 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_start1, ifp); 4336 state = D6_STATE(ifp); 4337 if (state == NULL) 4338 return; 4339 4340 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_startdiscover, ifp); 4341 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_senddiscover, ifp); 4342 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_startinform, ifp); 4343 eloop_timeout_delete(ifp->ctx->eloop, dhcp6_sendinform, ifp); 4344 4345 switch (state->state) { 4346 case DH6S_DISCOVER: /* FALLTHROUGH */ 4347 case DH6S_REQUEST: /* FALLTHROUGH */ 4348 case DH6S_INFORM: 4349 state->state = DH6S_INIT; 4350 break; 4351 default: 4352 break; 4353 } 4354 } 4355 4356 void 4357 dhcp6_handleifa(int cmd, struct ipv6_addr *ia, pid_t pid) 4358 { 4359 struct dhcp6_state *state; 4360 struct interface *ifp = ia->iface; 4361 4362 /* If not running in manager mode, listen to this address */ 4363 if (cmd == RTM_NEWADDR && 4364 !(ia->addr_flags & IN6_IFF_NOTUSEABLE) && 4365 ifp->active == IF_ACTIVE_USER && 4366 !(ifp->ctx->options & DHCPCD_MANAGER) && 4367 ifp->options->options & DHCPCD_DHCP6) 4368 { 4369 #ifdef PRIVSEP 4370 if (IN_PRIVSEP_SE(ifp->ctx)) { 4371 if (ps_inet_opendhcp6(ia) == -1) 4372 logerr(__func__); 4373 } else 4374 #endif 4375 { 4376 if (ia->dhcp6_fd == -1) 4377 ia->dhcp6_fd = dhcp6_openudp(ia->iface->index, 4378 &ia->addr); 4379 if (ia->dhcp6_fd != -1 && 4380 eloop_event_add(ia->iface->ctx->eloop, 4381 ia->dhcp6_fd, ELE_READ, dhcp6_recvaddr, ia) == -1) 4382 logerr("%s: eloop_event_add", __func__); 4383 } 4384 } 4385 4386 if ((state = D6_STATE(ifp)) != NULL) 4387 ipv6_handleifa_addrs(cmd, &state->addrs, ia, pid); 4388 } 4389 4390 ssize_t 4391 dhcp6_env(FILE *fp, const char *prefix, const struct interface *ifp, 4392 const struct dhcp6_message *m, size_t len) 4393 { 4394 const struct if_options *ifo; 4395 struct dhcp_opt *opt, *vo; 4396 const uint8_t *p; 4397 struct dhcp6_option o; 4398 size_t i; 4399 char *pfx; 4400 uint32_t en; 4401 const struct dhcpcd_ctx *ctx; 4402 #ifndef SMALL 4403 const struct dhcp6_state *state; 4404 const struct ipv6_addr *ap; 4405 bool first; 4406 #endif 4407 4408 if (m == NULL) 4409 goto delegated; 4410 4411 if (len < sizeof(*m)) { 4412 /* Should be impossible with guards at packet in 4413 * and reading leases */ 4414 errno = EINVAL; 4415 return -1; 4416 } 4417 4418 ifo = ifp->options; 4419 ctx = ifp->ctx; 4420 4421 /* Zero our indexes */ 4422 for (i = 0, opt = ctx->dhcp6_opts; 4423 i < ctx->dhcp6_opts_len; 4424 i++, opt++) 4425 dhcp_zero_index(opt); 4426 for (i = 0, opt = ifp->options->dhcp6_override; 4427 i < ifp->options->dhcp6_override_len; 4428 i++, opt++) 4429 dhcp_zero_index(opt); 4430 for (i = 0, opt = ctx->vivso; 4431 i < ctx->vivso_len; 4432 i++, opt++) 4433 dhcp_zero_index(opt); 4434 if (asprintf(&pfx, "%s_dhcp6", prefix) == -1) 4435 return -1; 4436 4437 /* Unlike DHCP, DHCPv6 options *may* occur more than once. 4438 * There is also no provision for option concatenation unlike DHCP. */ 4439 p = (const uint8_t *)m + sizeof(*m); 4440 len -= sizeof(*m); 4441 for (; len != 0; p += o.len, len -= o.len) { 4442 if (len < sizeof(o)) { 4443 errno = EINVAL; 4444 break; 4445 } 4446 memcpy(&o, p, sizeof(o)); 4447 p += sizeof(o); 4448 len -= sizeof(o); 4449 o.len = ntohs(o.len); 4450 if (len < o.len) { 4451 errno = EINVAL; 4452 break; 4453 } 4454 o.code = ntohs(o.code); 4455 if (has_option_mask(ifo->nomask6, o.code)) 4456 continue; 4457 for (i = 0, opt = ifo->dhcp6_override; 4458 i < ifo->dhcp6_override_len; 4459 i++, opt++) 4460 if (opt->option == o.code) 4461 break; 4462 if (i == ifo->dhcp6_override_len && 4463 o.code == D6_OPTION_VENDOR_OPTS && 4464 o.len > sizeof(en)) 4465 { 4466 memcpy(&en, p, sizeof(en)); 4467 en = ntohl(en); 4468 vo = vivso_find(en, ifp); 4469 } else 4470 vo = NULL; 4471 if (i == ifo->dhcp6_override_len) { 4472 for (i = 0, opt = ctx->dhcp6_opts; 4473 i < ctx->dhcp6_opts_len; 4474 i++, opt++) 4475 if (opt->option == o.code) 4476 break; 4477 if (i == ctx->dhcp6_opts_len) 4478 opt = NULL; 4479 } 4480 if (opt) { 4481 dhcp_envoption(ifp->ctx, 4482 fp, pfx, ifp->name, 4483 opt, dhcp6_getoption, p, o.len); 4484 } 4485 if (vo) { 4486 dhcp_envoption(ifp->ctx, 4487 fp, pfx, ifp->name, 4488 vo, dhcp6_getoption, 4489 p + sizeof(en), 4490 o.len - sizeof(en)); 4491 } 4492 } 4493 free(pfx); 4494 4495 delegated: 4496 #ifndef SMALL 4497 /* Needed for Delegated Prefixes */ 4498 state = D6_CSTATE(ifp); 4499 TAILQ_FOREACH(ap, &state->addrs, next) { 4500 if (ap->delegating_prefix) 4501 break; 4502 } 4503 if (ap == NULL) 4504 return 1; 4505 if (fprintf(fp, "%s_delegated_dhcp6_prefix=", prefix) == -1) 4506 return -1; 4507 first = true; 4508 TAILQ_FOREACH(ap, &state->addrs, next) { 4509 if (ap->delegating_prefix == NULL) 4510 continue; 4511 if (first) 4512 first = false; 4513 else { 4514 if (fputc(' ', fp) == EOF) 4515 return -1; 4516 } 4517 if (fprintf(fp, "%s", ap->saddr) == -1) 4518 return -1; 4519 } 4520 if (fputc('\0', fp) == EOF) 4521 return -1; 4522 #endif 4523 4524 return 1; 4525 } 4526 #endif 4527 4528 #ifndef SMALL 4529 int 4530 dhcp6_dump(struct interface *ifp) 4531 { 4532 struct dhcp6_state *state; 4533 4534 ifp->if_data[IF_DATA_DHCP6] = state = calloc(1, sizeof(*state)); 4535 if (state == NULL) { 4536 logerr(__func__); 4537 return -1; 4538 } 4539 TAILQ_INIT(&state->addrs); 4540 if (dhcp6_readlease(ifp, 0) == -1) { 4541 logerr("dhcp6_readlease"); 4542 return -1; 4543 } 4544 state->reason = "DUMP6"; 4545 return script_runreason(ifp, state->reason); 4546 } 4547 #endif 4548
Indexes created Thu Jun 11 00:25:07 UTC 2026