X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=src%2Fdhcpv6.c;h=7416f6103eac1a9cbc77023e4447231cf70c062d;hb=bbcc9cfa44372f58cb33d556d9b7c57f6ee96b61;hp=7fdf4f68c6fcc46f292c65e19e5998ce858e457f;hpb=8563be22c8d9e3cf38b26d69d52368c68ad3a6dd;p=odhcp6c.git diff --git a/src/dhcpv6.c b/src/dhcpv6.c index 7fdf4f6..7416f61 100644 --- a/src/dhcpv6.c +++ b/src/dhcpv6.c @@ -26,7 +26,6 @@ #include #include #include -#include #include #include @@ -77,19 +76,19 @@ static int dhcpv6_commit_advert(void); // RFC 3315 - 5.5 Timeout and Delay values static struct dhcpv6_retx dhcpv6_retx[_DHCPV6_MSG_MAX] = { [DHCPV6_MSG_UNKNOWN] = {false, 1, 120, 0, "", - dhcpv6_handle_reconfigure, NULL}, + dhcpv6_handle_reconfigure, NULL}, [DHCPV6_MSG_SOLICIT] = {true, 1, DHCPV6_SOL_MAX_RT, 0, "SOLICIT", - dhcpv6_handle_advert, dhcpv6_commit_advert}, + dhcpv6_handle_advert, dhcpv6_commit_advert}, [DHCPV6_MSG_REQUEST] = {true, 1, DHCPV6_REQ_MAX_RT, 10, "REQUEST", - dhcpv6_handle_reply, NULL}, + dhcpv6_handle_reply, NULL}, [DHCPV6_MSG_RENEW] = {false, 10, DHCPV6_REN_MAX_RT, 0, "RENEW", - dhcpv6_handle_reply, NULL}, + dhcpv6_handle_reply, NULL}, [DHCPV6_MSG_REBIND] = {false, 10, DHCPV6_REB_MAX_RT, 0, "REBIND", - dhcpv6_handle_rebind_reply, NULL}, + dhcpv6_handle_rebind_reply, NULL}, [DHCPV6_MSG_RELEASE] = {false, 1, 0, 5, "RELEASE", NULL, NULL}, [DHCPV6_MSG_DECLINE] = {false, 1, 0, 5, "DECLINE", NULL, NULL}, [DHCPV6_MSG_INFO_REQ] = {true, 1, DHCPV6_INF_MAX_RT, 0, "INFOREQ", - dhcpv6_handle_reply, NULL}, + dhcpv6_handle_reply, NULL}, }; @@ -102,14 +101,12 @@ static int64_t t1 = 0, t2 = 0, t3 = 0; static int request_prefix = -1; static enum odhcp6c_ia_mode na_mode = IA_MODE_NONE, pd_mode = IA_MODE_NONE; static bool accept_reconfig = false; -// Server unicast address -static struct in6_addr server_addr = IN6ADDR_ANY_INIT; // Reconfigure key static uint8_t reconf_key[16]; -int init_dhcpv6(const char *ifname, int request_pd, int sol_timeout) +int init_dhcpv6(const char *ifname, int request_pd, bool strict_options, int sol_timeout) { request_prefix = request_pd; dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = sol_timeout; @@ -161,12 +158,13 @@ int init_dhcpv6(const char *ifname, int request_pd, int sol_timeout) } // Create ORO - uint16_t oro[] = { + if (!strict_options) { + uint16_t oro[] = { htons(DHCPV6_OPT_SIP_SERVER_D), htons(DHCPV6_OPT_SIP_SERVER_A), htons(DHCPV6_OPT_DNS_SERVERS), htons(DHCPV6_OPT_DNS_DOMAIN), - htons(DHCPV6_OPT_UNICAST), + htons(DHCPV6_OPT_SNTP_SERVERS), htons(DHCPV6_OPT_NTP_SERVER), htons(DHCPV6_OPT_AFTR_NAME), htons(DHCPV6_OPT_PD_EXCLUDE), @@ -175,8 +173,9 @@ int init_dhcpv6(const char *ifname, int request_pd, int sol_timeout) #ifdef EXT_PREFIX_CLASS htons(DHCPV6_OPT_PREFIX_CLASS), #endif - }; - odhcp6c_add_state(STATE_ORO, oro, sizeof(oro)); + }; + odhcp6c_add_state(STATE_ORO, oro, sizeof(oro)); + } // Configure IPv6-options int val = 1; @@ -374,29 +373,7 @@ static void dhcpv6_send(enum dhcpv6_msg type, uint8_t trid[3], uint32_t ecs) 0, ALL_DHCPV6_RELAYS, ifindex}; struct msghdr msg = {&srv, sizeof(srv), iov, cnt, NULL, 0, 0}; - switch (type) { - case DHCPV6_MSG_REQUEST: - case DHCPV6_MSG_RENEW: - case DHCPV6_MSG_RELEASE: - case DHCPV6_MSG_DECLINE: - if (!IN6_IS_ADDR_UNSPECIFIED(&server_addr) && - odhcp6c_addr_in_scope(&server_addr)) { - srv.sin6_addr = server_addr; - if (!IN6_IS_ADDR_LINKLOCAL(&server_addr)) - srv.sin6_scope_id = 0; - } - break; - default: - break; - } - - if (sendmsg(sock, &msg, 0) < 0) { - char in6_str[INET6_ADDRSTRLEN]; - - syslog(LOG_ERR, "Failed to send DHCPV6 message to %s (%s)", - inet_ntop(AF_INET6, (const void *)&srv.sin6_addr, - in6_str, sizeof(in6_str)), strerror(errno)); - } + sendmsg(sock, &msg, 0); } @@ -564,9 +541,9 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len, return false; } - uint8_t *end = ((uint8_t*)buf) + len, *odata, + uint8_t *end = ((uint8_t*)buf) + len, *odata = NULL, rcmsg = DHCPV6_MSG_UNKNOWN; - uint16_t otype, olen; + uint16_t otype, olen = UINT16_MAX; bool clientid_ok = false, serverid_ok = false, rcauth_ok = false, ia_present = false, options_valid = true; @@ -590,7 +567,7 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len, if (r->protocol != 3 || r->algorithm != 1 || r->reconf_type != 2) continue; - md5_state_t md5; + md5_ctx_t md5; uint8_t serverhash[16], secretbytes[16], hash[16]; memcpy(serverhash, r->key, sizeof(serverhash)); memset(r->key, 0, sizeof(r->key)); @@ -599,20 +576,20 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len, for (size_t i = 0; i < sizeof(secretbytes); ++i) secretbytes[i] ^= 0x36; - md5_init(&md5); - md5_append(&md5, secretbytes, sizeof(secretbytes)); - md5_append(&md5, buf, len); - md5_finish(&md5, hash); + md5_begin(&md5); + md5_hash(secretbytes, sizeof(secretbytes), &md5); + md5_hash(buf, len, &md5); + md5_end(hash, &md5); for (size_t i = 0; i < sizeof(secretbytes); ++i) { secretbytes[i] ^= 0x36; secretbytes[i] ^= 0x5c; } - md5_init(&md5); - md5_append(&md5, secretbytes, sizeof(secretbytes)); - md5_append(&md5, hash, 16); - md5_finish(&md5, hash); + md5_begin(&md5); + md5_hash(secretbytes, sizeof(secretbytes), &md5); + md5_hash(hash, 16, &md5); + md5_end(hash, &md5); rcauth_ok = !memcmp(hash, serverhash, sizeof(hash)); } else if (otype == DHCPV6_OPT_RECONF_MESSAGE && olen == 1) { @@ -679,7 +656,7 @@ static int dhcpv6_handle_advert(enum dhcpv6_msg orig, const int rc, uint16_t olen, otype; uint8_t *odata, pref = 0; struct dhcpv6_server_cand cand = {false, false, 0, 0, {0}, - IN6ADDR_ANY_INIT, DHCPV6_SOL_MAX_RT, + DHCPV6_SOL_MAX_RT, DHCPV6_INF_MAX_RT, NULL, NULL, 0, 0}; bool have_na = false; int have_pd = 0; @@ -710,18 +687,16 @@ static int dhcpv6_handle_advert(enum dhcpv6_msg orig, const int rc, } else if (otype == DHCPV6_OPT_PREF && olen >= 1 && cand.preference >= 0) { cand.preference = pref = odata[0]; - } else if (otype == DHCPV6_OPT_UNICAST && olen == sizeof(cand.server_addr)) { - cand.server_addr = *(struct in6_addr *)odata; } else if (otype == DHCPV6_OPT_RECONF_ACCEPT) { cand.wants_reconfigure = true; } else if (otype == DHCPV6_OPT_SOL_MAX_RT && olen == 4) { uint32_t sol_max_rt = ntohl(*((uint32_t *)odata)); - if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN && + if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN && sol_max_rt <= DHCPV6_SOL_MAX_RT_MAX) cand.sol_max_rt = sol_max_rt; } else if (otype == DHCPV6_OPT_INF_MAX_RT && olen == 4) { uint32_t inf_max_rt = ntohl(*((uint32_t *)odata)); - if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN && + if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN && inf_max_rt <= DHCPV6_INF_MAX_RT_MAX) cand.inf_max_rt = inf_max_rt; } else if (otype == DHCPV6_OPT_IA_PD && request_prefix) { @@ -745,8 +720,8 @@ static int dhcpv6_handle_advert(enum dhcpv6_msg orig, const int rc, if ((!have_na && na_mode == IA_MODE_FORCE) || (!have_pd && pd_mode == IA_MODE_FORCE)) { - /* - * RFC7083 states to process the SOL_MAX_RT and + /* + * RFC7083 states to process the SOL_MAX_RT and * INF_MAX_RT options even if the DHCPv6 server * did not propose any IA_NA and/or IA_PD */ @@ -836,7 +811,8 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc, odhcp6c_clear_state(STATE_DNS); odhcp6c_clear_state(STATE_SEARCH); odhcp6c_clear_state(STATE_SNTP_IP); - odhcp6c_clear_state(STATE_SNTP_FQDN); + odhcp6c_clear_state(STATE_NTP_IP); + odhcp6c_clear_state(STATE_NTP_FQDN); odhcp6c_clear_state(STATE_SIP_IP); odhcp6c_clear_state(STATE_SIP_FQDN); odhcp6c_clear_state(STATE_AFTR_NAME); @@ -881,8 +857,6 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc, continue; dhcpv6_parse_ia(ia_hdr, odata + olen + sizeof(*ia_hdr)); - } else if (otype == DHCPV6_OPT_UNICAST && olen == sizeof(server_addr)) { - server_addr = *(struct in6_addr *)odata; } else if (otype == DHCPV6_OPT_STATUS && olen >= 2) { uint8_t *mdata = (olen > 2) ? &odata[2] : NULL; uint16_t mlen = (olen > 2) ? olen - 2 : 0; @@ -895,6 +869,9 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc, odhcp6c_add_state(STATE_DNS, odata, olen); } else if (otype == DHCPV6_OPT_DNS_DOMAIN) { odhcp6c_add_state(STATE_SEARCH, odata, olen); + } else if (otype == DHCPV6_OPT_SNTP_SERVERS) { + if (olen % 16 == 0) + odhcp6c_add_state(STATE_SNTP_IP, odata, olen); } else if (otype == DHCPV6_OPT_NTP_SERVER) { uint16_t stype, slen; uint8_t *sdata; @@ -903,10 +880,10 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc, stype, slen, sdata) { if (slen == 16 && (stype == NTP_MC_ADDR || stype == NTP_SRV_ADDR)) - odhcp6c_add_state(STATE_SNTP_IP, + odhcp6c_add_state(STATE_NTP_IP, sdata, slen); else if (slen > 0 && stype == NTP_SRV_FQDN) - odhcp6c_add_state(STATE_SNTP_FQDN, + odhcp6c_add_state(STATE_NTP_FQDN, sdata, slen); } } else if (otype == DHCPV6_OPT_SIP_SERVER_A) { @@ -929,12 +906,12 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc, odhcp6c_add_state(STATE_AFTR_NAME, odata, olen); } else if (otype == DHCPV6_OPT_SOL_MAX_RT && olen == 4) { uint32_t sol_max_rt = ntohl(*((uint32_t *)odata)); - if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN && + if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN && sol_max_rt <= DHCPV6_SOL_MAX_RT_MAX) dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = sol_max_rt; } else if (otype == DHCPV6_OPT_INF_MAX_RT && olen == 4) { uint32_t inf_max_rt = ntohl(*((uint32_t *)odata)); - if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN && + if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN && inf_max_rt <= DHCPV6_INF_MAX_RT_MAX) dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = inf_max_rt; }else if (otype != DHCPV6_OPT_CLIENTID && @@ -1022,7 +999,7 @@ static int dhcpv6_parse_ia(void *opt, void *end) uint8_t *sdata; #ifdef EXT_PREFIX_CLASS - // Find prefix class, if any + // Find prefix class, if any dhcpv6_for_each_option(&prefix[1], odata + olen, stype, slen, sdata) if (stype == DHCPV6_OPT_PREFIX_CLASS && slen == 2) @@ -1146,6 +1123,8 @@ static int dhcpv6_calc_refresh_timers(void) t1 = l_t1; t2 = l_t2; t3 = l_t3; + } else { + t1 = 600; } return (int)(ia_pd_entries + ia_na_entries); @@ -1182,18 +1161,7 @@ static void dhcpv6_handle_status_code(const enum dhcpv6_msg orig, break; case DHCPV6_UseMulticast: - switch(orig) { - case DHCPV6_MSG_REQUEST: - case DHCPV6_MSG_RENEW: - case DHCPV6_MSG_RELEASE: - case DHCPV6_MSG_DECLINE: - // Message needs to be retransmitted according to RFC3315 chapter 18.1.8 - server_addr = in6addr_any; - *ret = 0; - break; - default: - break; - } + // TODO handle multicast status code break; case DHCPV6_NoAddrsAvail: @@ -1259,7 +1227,7 @@ static void dhcpv6_add_server_cand(const struct dhcpv6_server_cand *cand) // Remove identical duid server candidate for (i = 0; i < cand_len / sizeof(*c); ++i) { if (cand->duid_len == c[i].duid_len && - !memcmp(cand->duid, c[i].duid, cand->duid_len)) { + !memcmp(cand->duid, c[i].duid, cand->duid_len)) { free(c[i].ia_na); free(c[i].ia_pd); odhcp6c_remove_state(STATE_SERVER_CAND, i * sizeof(*c), sizeof(*c)); @@ -1283,10 +1251,8 @@ static void dhcpv6_clear_all_server_cand(void) // Server candidates need deep delete for IA_NA/IA_PD for (i = 0; i < cand_len / sizeof(*c); ++i) { - if (c[i].ia_na) - free(c[i].ia_na); - if (c[i].ia_pd) - free(c[i].ia_pd); + free(c[i].ia_na); + free(c[i].ia_pd); } odhcp6c_clear_state(STATE_SERVER_CAND); } @@ -1296,7 +1262,8 @@ int dhcpv6_promote_server_cand(void) size_t cand_len; struct dhcpv6_server_cand *cand = odhcp6c_get_state(STATE_SERVER_CAND, &cand_len); uint16_t hdr[2]; - int ret = DHCPV6_STATELESS; + int ret = (na_mode == IA_MODE_NONE && pd_mode == IA_MODE_NONE) ? + DHCPV6_STATELESS : DHCPV6_STATEFUL; // Clear lingering candidate state info odhcp6c_clear_state(STATE_SERVER_ID); @@ -1335,7 +1302,7 @@ int dhcpv6_promote_server_cand(void) dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = cand->sol_max_rt; dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = cand->inf_max_rt; - + odhcp6c_remove_state(STATE_SERVER_CAND, 0, sizeof(*cand)); return ret;