Enable softwire-support by default
[odhcp6c.git] / src / dhcpv6.c
index 9b4247c..b7fccac 100644 (file)
@@ -1,5 +1,5 @@
 /**
- * Copyright (C) 2012-2013 Steven Barth <steven@midlink.org>
+ * Copyright (C) 2012-2014 Steven Barth <steven@midlink.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License v2 as published by
 #define DHCPV6_DUID_LLADDR 3
 #define DHCPV6_REQ_DELAY 1
 
+#define DHCPV6_SOL_MAX_RT_MIN 60
+#define DHCPV6_SOL_MAX_RT_MAX 86400
+#define DHCPV6_INF_MAX_RT_MIN 60
+#define DHCPV6_INF_MAX_RT_MAX 86400
 
 static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
-               const uint8_t transaction[3], enum dhcpv6_msg type);
-
-static uint32_t dhcpv6_parse_ia(void *opt, void *end);
+               const uint8_t transaction[3], enum dhcpv6_msg type,
+               const struct in6_addr *daddr);
+
+static int dhcpv6_parse_ia(void *opt, void *end);
+
+static int dhcpv6_calc_refresh_timers(void);
+static void dhcpv6_handle_status_code(_unused const enum dhcpv6_msg orig,
+               const uint16_t code, const void *status_msg, const int len,
+               int *ret);
+static void dhcpv6_handle_ia_status_code(const enum dhcpv6_msg orig,
+               const struct dhcpv6_ia_hdr *ia_hdr, const uint16_t code,
+               const void *status_msg, const int len,
+               bool handled_status_codes[_DHCPV6_Status_Max],
+               int *ret);
+static void dhcpv6_add_server_cand(const struct dhcpv6_server_cand *cand);
+static void dhcpv6_clear_all_server_cand(void);
 
 static reply_handler dhcpv6_handle_reply;
 static reply_handler dhcpv6_handle_advert;
@@ -58,19 +75,19 @@ static int dhcpv6_commit_advert(void);
 
 // RFC 3315 - 5.5 Timeout and Delay values
 static struct dhcpv6_retx dhcpv6_retx[_DHCPV6_MSG_MAX] = {
-       [DHCPV6_MSG_UNKNOWN] = {false, 1, 120, "<POLL>",
+       [DHCPV6_MSG_UNKNOWN] = {false, 1, 120, 0, "<POLL>",
                        dhcpv6_handle_reconfigure, NULL},
-       [DHCPV6_MSG_SOLICIT] = {true, 1, 3600, "SOLICIT",
+       [DHCPV6_MSG_SOLICIT] = {true, 1, DHCPV6_SOL_MAX_RT, 0, "SOLICIT",
                        dhcpv6_handle_advert, dhcpv6_commit_advert},
-       [DHCPV6_MSG_REQUEST] = {true, 30, 10, "REQUEST",
+       [DHCPV6_MSG_REQUEST] = {true, 1, DHCPV6_REQ_MAX_RT, 10, "REQUEST",
                        dhcpv6_handle_reply, NULL},
-       [DHCPV6_MSG_RENEW] = {false, 10, 600, "RENEW",
+       [DHCPV6_MSG_RENEW] = {false, 10, DHCPV6_REN_MAX_RT, 0, "RENEW",
                        dhcpv6_handle_reply, NULL},
-       [DHCPV6_MSG_REBIND] = {false, 10, 600, "REBIND",
+       [DHCPV6_MSG_REBIND] = {false, 10, DHCPV6_REB_MAX_RT, 0, "REBIND",
                        dhcpv6_handle_rebind_reply, NULL},
-       [DHCPV6_MSG_RELEASE] = {false, 1, 600, "RELEASE", NULL, NULL},
-       [DHCPV6_MSG_DECLINE] = {false, 1, 3, "DECLINE", NULL, NULL},
-       [DHCPV6_MSG_INFO_REQ] = {true, 1, 120, "INFOREQ",
+       [DHCPV6_MSG_RELEASE] = {false, 1, 0, 5, "RELEASE", NULL, NULL},
+       [DHCPV6_MSG_DECLINE] = {false, 1, 0, 5, "DECLINE", NULL, NULL},
+       [DHCPV6_MSG_INFO_REQ] = {true, 1, DHCPV6_INF_MAX_RT, 0, "INFOREQ",
                        dhcpv6_handle_reply, NULL},
 };
 
@@ -82,24 +99,29 @@ static int64_t t1 = 0, t2 = 0, t3 = 0;
 
 // IA states
 static int request_prefix = -1;
-static enum odhcp6c_ia_mode na_mode = IA_MODE_NONE;
+static enum odhcp6c_ia_mode na_mode = IA_MODE_NONE, pd_mode = IA_MODE_NONE;
 static bool accept_reconfig = false;
 
 // Reconfigure key
 static uint8_t reconf_key[16];
 
+// client options
+static unsigned int client_options = 0;
 
 
-int init_dhcpv6(const char *ifname, int request_pd)
+int init_dhcpv6(const char *ifname, unsigned int options, int sol_timeout)
 {
-       request_prefix = request_pd;
+       client_options = options;
+       dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = sol_timeout;
 
        sock = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP);
+       if (sock < 0)
+               return -1;
 
        // Detect interface
        struct ifreq ifr;
        strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
-       if (ioctl(sock, SIOCGIFINDEX, &ifr))
+       if (ioctl(sock, SIOCGIFINDEX, &ifr) < 0)
                return -1;
        ifindex = ifr.ifr_ifindex;
 
@@ -107,10 +129,11 @@ int init_dhcpv6(const char *ifname, int request_pd)
        size_t client_id_len;
        odhcp6c_get_state(STATE_CLIENT_ID, &client_id_len);
        if (client_id_len == 0) {
-               ioctl(sock, SIOCGIFHWADDR, &ifr);
                uint8_t duid[14] = {0, DHCPV6_OPT_CLIENTID, 0, 10, 0,
                                DHCPV6_DUID_LLADDR, 0, 1};
-               memcpy(&duid[8], ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN);
+
+               if (ioctl(sock, SIOCGIFHWADDR, &ifr) >= 0)
+                       memcpy(&duid[8], ifr.ifr_hwaddr.sa_data, ETHER_ADDR_LEN);
 
                uint8_t zero[ETHER_ADDR_LEN] = {0, 0, 0, 0, 0, 0};
                struct ifreq ifs[100], *ifp, *ifend;
@@ -123,10 +146,12 @@ int init_dhcpv6(const char *ifname, int request_pd)
                        // If our interface doesn't have an address...
                        ifend = ifs + (ifc.ifc_len / sizeof(struct ifreq));
                        for (ifp = ifc.ifc_req; ifp < ifend &&
-                                       !memcmp(&duid[8], zero, 6); ifp++) {
+                                       !memcmp(&duid[8], zero, ETHER_ADDR_LEN); ifp++) {
                                memcpy(ifr.ifr_name, ifp->ifr_name,
                                                sizeof(ifr.ifr_name));
-                               ioctl(sock, SIOCGIFHWADDR, &ifr);
+                               if (ioctl(sock, SIOCGIFHWADDR, &ifr) < 0)
+                                       continue;
+
                                memcpy(&duid[8], ifr.ifr_hwaddr.sa_data,
                                                ETHER_ADDR_LEN);
                        }
@@ -136,39 +161,70 @@ int init_dhcpv6(const char *ifname, int request_pd)
        }
 
        // Create ORO
-       uint16_t oro[] = {
+       if (!(client_options & DHCPV6_STRICT_OPTIONS)) {
+               uint16_t oro[] = {
                        htons(DHCPV6_OPT_SIP_SERVER_D),
                        htons(DHCPV6_OPT_SIP_SERVER_A),
                        htons(DHCPV6_OPT_DNS_SERVERS),
                        htons(DHCPV6_OPT_DNS_DOMAIN),
+                       htons(DHCPV6_OPT_SNTP_SERVERS),
                        htons(DHCPV6_OPT_NTP_SERVER),
                        htons(DHCPV6_OPT_AFTR_NAME),
                        htons(DHCPV6_OPT_PD_EXCLUDE),
-       };
-       odhcp6c_add_state(STATE_ORO, oro, sizeof(oro));
-
+                       htons(DHCPV6_OPT_SOL_MAX_RT),
+                       htons(DHCPV6_OPT_INF_MAX_RT),
+#ifdef EXT_PREFIX_CLASS
+                       htons(DHCPV6_OPT_PREFIX_CLASS),
+#endif
+#ifdef EXT_CER_ID
+                       htons(DHCPV6_OPT_CER_ID),
+#endif
+                       htons(DHCPV6_OPT_S46_CONT_MAPE),
+                       htons(DHCPV6_OPT_S46_CONT_MAPT),
+                       htons(DHCPV6_OPT_S46_CONT_LW),
+               };
+               odhcp6c_add_state(STATE_ORO, oro, sizeof(oro));
+       }
 
        // Configure IPv6-options
        int val = 1;
        setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof(val));
        setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
+       setsockopt(sock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &val, sizeof(val));
        setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, ifname, strlen(ifname));
 
        struct sockaddr_in6 client_addr = { .sin6_family = AF_INET6,
                .sin6_port = htons(DHCPV6_CLIENT_PORT), .sin6_flowinfo = 0 };
-       if (bind(sock, (struct sockaddr*)&client_addr, sizeof(client_addr)))
+       if (bind(sock, (struct sockaddr*)&client_addr, sizeof(client_addr)) < 0)
                return -1;
 
        return 0;
 }
 
+enum {
+       IOV_HDR=0,
+       IOV_ORO,
+       IOV_ORO_REFRESH,
+       IOV_CL_ID,
+       IOV_SRV_ID,
+       IOV_VENDOR_CLASS_HDR,
+       IOV_VENDOR_CLASS,
+       IOV_USER_CLASS_HDR,
+       IOV_USER_CLASS,
+       IOV_RECONF_ACCEPT,
+       IOV_FQDN,
+       IOV_HDR_IA_NA,
+       IOV_IA_NA,
+       IOV_IA_PD,
+       IOV_TOTAL
+};
 
-void dhcpv6_set_ia_na_mode(enum odhcp6c_ia_mode mode)
+void dhcpv6_set_ia_mode(enum odhcp6c_ia_mode na, enum odhcp6c_ia_mode pd)
 {
-       na_mode = mode;
+       na_mode = na;
+       pd_mode = pd;
 }
 
-
 static void dhcpv6_send(enum dhcpv6_msg type, uint8_t trid[3], uint32_t ecs)
 {
        // Build FQDN
@@ -196,71 +252,119 @@ static void dhcpv6_send(enum dhcpv6_msg type, uint8_t trid[3], uint32_t ecs)
        void *srv_id = odhcp6c_get_state(STATE_SERVER_ID, &srv_id_len);
 
        // Build IA_PDs
-       size_t ia_pd_entries, ia_pd_len = 0;
-       struct odhcp6c_entry *e = odhcp6c_get_state(STATE_IA_PD, &ia_pd_entries);
-       ia_pd_entries /= sizeof(*e);
-       struct dhcpv6_ia_hdr hdr_ia_pd = {
-               htons(DHCPV6_OPT_IA_PD),
-               htons(sizeof(hdr_ia_pd) - 4),
-               1, 0, 0
-       };
+       size_t ia_pd_entries = 0, ia_pd_len = 0;
+       uint8_t *ia_pd;
 
+       if (type == DHCPV6_MSG_SOLICIT) {
+               odhcp6c_clear_state(STATE_IA_PD);
+               size_t n_prefixes;
+               struct odhcp6c_request_prefix *request_prefixes = odhcp6c_get_state(STATE_IA_PD_INIT, &n_prefixes);
+               n_prefixes /= sizeof(struct odhcp6c_request_prefix);
+
+               ia_pd = alloca(n_prefixes * (sizeof(struct dhcpv6_ia_hdr) + sizeof(struct dhcpv6_ia_prefix)));
+
+               for (size_t i = 0; i < n_prefixes; i++) {
+                       struct dhcpv6_ia_hdr hdr_ia_pd = {
+                               htons(DHCPV6_OPT_IA_PD),
+                               htons(sizeof(hdr_ia_pd) - 4 + sizeof(struct dhcpv6_ia_prefix)),
+                               request_prefixes[i].iaid, 0, 0
+                       };
+                       struct dhcpv6_ia_prefix pref = {
+                               .type = htons(DHCPV6_OPT_IA_PREFIX),
+                               .len = htons(25), .prefix = request_prefixes[i].length
+                       };
+                       memcpy(ia_pd + ia_pd_len, &hdr_ia_pd, sizeof(hdr_ia_pd));
+                       ia_pd_len += sizeof(hdr_ia_pd);
+                       memcpy(ia_pd + ia_pd_len, &pref, sizeof(pref));
+                       ia_pd_len += sizeof(pref);
+               }
+       } else {
+               struct odhcp6c_entry *e = odhcp6c_get_state(STATE_IA_PD, &ia_pd_entries);
+               ia_pd_entries /= sizeof(*e);
+
+               // we're too lazy to count our distinct IAIDs,
+               // so just allocate maximally needed space
+               ia_pd = alloca(ia_pd_entries * (sizeof(struct dhcpv6_ia_prefix) + 10 +
+                                       sizeof(struct dhcpv6_ia_hdr)));
+
+               for (size_t i = 0; i < ia_pd_entries; ++i) {
+                       uint32_t iaid = e[i].iaid;
+
+                       // check if this is an unprocessed IAID and skip if not.
+                       int new_iaid = 1;
+                       for (int j = i-1; j >= 0; j--) {
+                               if (e[j].iaid == iaid) {
+                                       new_iaid = 0;
+                                       break;
+                               }
+                       }
 
-       uint8_t *ia_pd = alloca(ia_pd_entries * (sizeof(struct dhcpv6_ia_prefix) + 10));
-       for (size_t i = 0; i < ia_pd_entries; ++i) {
-               uint8_t ex_len = 0;
-               if (e[i].priority > 0)
-                       ex_len = ((e[i].priority - e[i].length - 1) / 8) + 6;
+                       if (!new_iaid)
+                               continue;
 
-               struct dhcpv6_ia_prefix p = {
-                       .type = htons(DHCPV6_OPT_IA_PREFIX),
-                       .len = htons(sizeof(p) - 4U + ex_len),
-                       .prefix = e[i].length,
-                       .addr = e[i].target
-               };
+                       // construct header
+                       struct dhcpv6_ia_hdr hdr_ia_pd = {
+                               htons(DHCPV6_OPT_IA_PD),
+                               htons(sizeof(hdr_ia_pd) - 4),
+                               iaid, 0, 0
+                       };
 
-               memcpy(ia_pd + ia_pd_len, &p, sizeof(p));
-               ia_pd_len += sizeof(p);
+                       memcpy(ia_pd + ia_pd_len, &hdr_ia_pd, sizeof(hdr_ia_pd));
+                       struct dhcpv6_ia_hdr *hdr = (struct dhcpv6_ia_hdr *) (ia_pd + ia_pd_len);
+                       ia_pd_len += sizeof(hdr_ia_pd);
 
-               if (ex_len) {
-                       ia_pd[ia_pd_len++] = 0;
-                       ia_pd[ia_pd_len++] = DHCPV6_OPT_PD_EXCLUDE;
-                       ia_pd[ia_pd_len++] = 0;
-                       ia_pd[ia_pd_len++] = ex_len - 4;
-                       ia_pd[ia_pd_len++] = e[i].priority;
+                       for (size_t j = i; j < ia_pd_entries; j++) {
+                               if (e[j].iaid != iaid)
+                                       continue;
 
-                       uint32_t excl = ntohl(e[i].router.s6_addr32[1]);
-                       excl >>= (64 - e[i].priority);
-                       excl <<= 8 - ((e[i].priority - e[i].length) % 8);
+                               uint8_t ex_len = 0;
+                               if (e[j].priority > 0)
+                                       ex_len = ((e[j].priority - e[j].length - 1) / 8) + 6;
+
+                               struct dhcpv6_ia_prefix p = {
+                                       .type = htons(DHCPV6_OPT_IA_PREFIX),
+                                       .len = htons(sizeof(p) - 4U + ex_len),
+                                       .prefix = e[j].length,
+                                       .addr = e[j].target
+                               };
+
+                               memcpy(ia_pd + ia_pd_len, &p, sizeof(p));
+                               ia_pd_len += sizeof(p);
+
+                               if (ex_len) {
+                                       ia_pd[ia_pd_len++] = 0;
+                                       ia_pd[ia_pd_len++] = DHCPV6_OPT_PD_EXCLUDE;
+                                       ia_pd[ia_pd_len++] = 0;
+                                       ia_pd[ia_pd_len++] = ex_len - 4;
+                                       ia_pd[ia_pd_len++] = e[j].priority;
+
+                                       uint32_t excl = ntohl(e[j].router.s6_addr32[1]);
+                                       excl >>= (64 - e[j].priority);
+                                       excl <<= 8 - ((e[j].priority - e[j].length) % 8);
+
+                                       for (size_t i = ex_len - 5; i > 0; --i, excl >>= 8)
+                                               ia_pd[ia_pd_len + i] = excl & 0xff;
+                                       ia_pd_len += ex_len - 5;
+                               }
 
-                       for (size_t i = ex_len - 5; i > 0; --i, excl >>= 8)
-                               ia_pd[ia_pd_len + i] = excl & 0xff;
-                       ia_pd_len += ex_len - 5;
+                               hdr->len = htons(ntohs(hdr->len) + ntohs(p.len) + 4U);
+                       }
                }
        }
 
-       struct dhcpv6_ia_prefix pref = {
-               .type = htons(DHCPV6_OPT_IA_PREFIX),
-               .len = htons(25), .prefix = request_prefix
-       };
-       if (request_prefix > 0 && ia_pd_len == 0 &&
-                       (type == DHCPV6_MSG_SOLICIT ||
-                       type == DHCPV6_MSG_REQUEST)) {
-               ia_pd = (uint8_t*)&pref;
-               ia_pd_len = sizeof(pref);
-       }
-       hdr_ia_pd.len = htons(ntohs(hdr_ia_pd.len) + ia_pd_len);
+       if (ia_pd_entries > 0)
+               request_prefix = 1;
 
        // Build IA_NAs
        size_t ia_na_entries, ia_na_len = 0;
        void *ia_na = NULL;
-       e = odhcp6c_get_state(STATE_IA_NA, &ia_na_entries);
+       struct odhcp6c_entry *e = odhcp6c_get_state(STATE_IA_NA, &ia_na_entries);
        ia_na_entries /= sizeof(*e);
 
        struct dhcpv6_ia_hdr hdr_ia_na = {
                htons(DHCPV6_OPT_IA_NA),
                htons(sizeof(hdr_ia_na) - 4),
-               1, 0, 0
+               htonl(1), 0, 0
        };
 
        struct dhcpv6_ia_addr pa[ia_na_entries];
@@ -285,6 +389,21 @@ static void dhcpv6_send(enum dhcpv6_msg type, uint8_t trid[3], uint32_t ecs)
        // Request Information Refresh
        uint16_t oro_refresh = htons(DHCPV6_OPT_INFO_REFRESH);
 
+       // Build vendor-class option
+       size_t vendor_class_len, user_class_len;
+       struct dhcpv6_vendorclass *vendor_class = odhcp6c_get_state(STATE_VENDORCLASS, &vendor_class_len);
+       void *user_class = odhcp6c_get_state(STATE_USERCLASS, &user_class_len);
+
+       struct {
+               uint16_t type;
+               uint16_t length;
+       } vendor_class_hdr = {htons(DHCPV6_OPT_VENDOR_CLASS), htons(vendor_class_len)};
+
+       struct {
+               uint16_t type;
+               uint16_t length;
+       } user_class_hdr = {htons(DHCPV6_OPT_USER_CLASS), htons(user_class_len)};
+
        // Prepare Header
        size_t oro_len;
        void *oro = odhcp6c_get_state(STATE_ORO, &oro_len);
@@ -303,41 +422,45 @@ static void dhcpv6_send(enum dhcpv6_msg type, uint8_t trid[3], uint32_t ecs)
                htons(DHCPV6_OPT_ORO), htons(oro_len),
        };
 
-       struct iovec iov[] = {
-               {&hdr, sizeof(hdr)},
-               {oro, oro_len},
-               {&oro_refresh, 0},
-               {cl_id, cl_id_len},
-               {srv_id, srv_id_len},
-               {&reconf_accept, 0},
-               {&fqdn, fqdn_len},
-               {&hdr_ia_na, sizeof(hdr_ia_na)},
-               {ia_na, ia_na_len},
-               {&hdr_ia_pd, sizeof(hdr_ia_pd)},
-               {ia_pd, ia_pd_len},
+       struct iovec iov[IOV_TOTAL] = {
+               [IOV_HDR] = {&hdr, sizeof(hdr)},
+               [IOV_ORO] = {oro, oro_len},
+               [IOV_ORO_REFRESH] = {&oro_refresh, 0},
+               [IOV_CL_ID] = {cl_id, cl_id_len},
+               [IOV_SRV_ID] = {srv_id, srv_id_len},
+               [IOV_VENDOR_CLASS_HDR] = {&vendor_class_hdr, vendor_class_len ? sizeof(vendor_class_hdr) : 0},
+               [IOV_VENDOR_CLASS] = {vendor_class, vendor_class_len},
+               [IOV_USER_CLASS_HDR] = {&user_class_hdr, user_class_len ? sizeof(user_class_hdr) : 0},
+               [IOV_USER_CLASS] = {user_class, user_class_len},
+               [IOV_RECONF_ACCEPT] = {&reconf_accept, sizeof(reconf_accept)},
+               [IOV_FQDN] = {&fqdn, fqdn_len},
+               [IOV_HDR_IA_NA] = {&hdr_ia_na, sizeof(hdr_ia_na)},
+               [IOV_IA_NA] = {ia_na, ia_na_len},
+               [IOV_IA_PD] = {ia_pd, ia_pd_len},
        };
 
-       size_t cnt = ARRAY_SIZE(iov);
+       size_t cnt = IOV_TOTAL;
        if (type == DHCPV6_MSG_INFO_REQ) {
-               cnt = 5;
-               iov[2].iov_len = sizeof(oro_refresh);
+               cnt = 9;
+               iov[IOV_ORO_REFRESH].iov_len = sizeof(oro_refresh);
                hdr.oro_len = htons(oro_len + sizeof(oro_refresh));
        } else if (!request_prefix) {
-               cnt = 9;
+               cnt = 13;
        }
 
        // Disable IAs if not used
-       if (type == DHCPV6_MSG_SOLICIT) {
-               iov[5].iov_len = sizeof(reconf_accept);
-       } else if (type != DHCPV6_MSG_REQUEST) {
-               if (ia_na_len == 0)
-                       iov[7].iov_len = 0;
-               if (ia_pd_len == 0)
-                       iov[9].iov_len = 0;
-       }
+       if (type != DHCPV6_MSG_SOLICIT && ia_na_len == 0)
+               iov[IOV_HDR_IA_NA].iov_len = 0;
 
        if (na_mode == IA_MODE_NONE)
-               iov[7].iov_len = 0;
+               iov[IOV_HDR_IA_NA].iov_len = 0;
+
+       if ((type != DHCPV6_MSG_SOLICIT && type != DHCPV6_MSG_REQUEST) ||
+                       !(client_options & DHCPV6_ACCEPT_RECONFIGURE))
+               iov[IOV_RECONF_ACCEPT].iov_len = 0;
+
+       if (!(client_options & DHCPV6_CLIENT_FQDN))
+               iov[IOV_FQDN].iov_len = 0;
 
        struct sockaddr_in6 srv = {AF_INET6, htons(DHCPV6_SERVER_PORT),
                0, ALL_DHCPV6_RELAYS, ifindex};
@@ -351,14 +474,14 @@ static int64_t dhcpv6_rand_delay(int64_t time)
 {
        int random;
        odhcp6c_random(&random, sizeof(random));
-       return (time * (random % 1000)) / 10000;
+       return (time * ((int64_t)random % 1000LL)) / 10000LL;
 }
 
 
 int dhcpv6_request(enum dhcpv6_msg type)
 {
-       uint8_t buf[1536];
-       uint32_t timeout = UINT32_MAX;
+       uint8_t rc = 0;
+       uint64_t timeout = UINT32_MAX;
        struct dhcpv6_retx *retx = &dhcpv6_retx[type];
 
        if (retx->delay) {
@@ -367,19 +490,18 @@ int dhcpv6_request(enum dhcpv6_msg type)
                nanosleep(&ts, NULL);
        }
 
-       if (type == DHCPV6_MSG_RELEASE || type == DHCPV6_MSG_DECLINE)
-               timeout = 3;
-       else if (type == DHCPV6_MSG_UNKNOWN)
+       if (type == DHCPV6_MSG_UNKNOWN)
                timeout = t1;
        else if (type == DHCPV6_MSG_RENEW)
-               timeout = t2 - t1;
+               timeout = (t2 > t1) ? t2 - t1 : ((t1 == UINT32_MAX) ? UINT32_MAX : 0);
        else if (type == DHCPV6_MSG_REBIND)
-               timeout = t3 - t2;
+               timeout = (t3 > t2) ? t3 - t2 : ((t2 == UINT32_MAX) ? UINT32_MAX : 0);
 
        if (timeout == 0)
                return -1;
 
-       syslog(LOG_NOTICE, "Sending %s (timeout %us)", retx->name, timeout);
+       syslog(LOG_NOTICE, "Starting %s transaction (timeout %llus, max rc %d)",
+                       retx->name, (unsigned long long)timeout, retx->max_rc);
 
        uint64_t start = odhcp6c_get_milli_time(), round_start = start, elapsed;
 
@@ -391,11 +513,19 @@ int dhcpv6_request(enum dhcpv6_msg type)
        int64_t rto = 0;
 
        do {
-               rto = (rto == 0) ? (retx->init_timeo * 1000 +
-                               dhcpv6_rand_delay(retx->init_timeo * 1000)) :
-                               (2 * rto + dhcpv6_rand_delay(rto));
+               if (rto == 0) {
+                       int64_t delay = dhcpv6_rand_delay(retx->init_timeo * 1000);
 
-               if (rto >= retx->max_timeo * 1000)
+                       // First RT MUST be strictly greater than IRT for solicit messages (RFC3313 17.1.2)
+                       while (type == DHCPV6_MSG_SOLICIT && delay <= 0)
+                               delay = dhcpv6_rand_delay(retx->init_timeo * 1000);
+
+                       rto = (retx->init_timeo * 1000 + delay);
+               }
+               else
+                       rto = (2 * rto + dhcpv6_rand_delay(rto));
+
+               if (retx->max_timeo && (rto >= retx->max_timeo * 1000))
                        rto = retx->max_timeo * 1000 +
                                dhcpv6_rand_delay(retx->max_timeo * 1000);
 
@@ -403,62 +533,90 @@ int dhcpv6_request(enum dhcpv6_msg type)
                uint64_t round_end = round_start + rto;
                elapsed = round_start - start;
 
-               // Don't wait too long
-               if (round_end - start > timeout * 1000)
+               // Don't wait too long if timeout differs from infinite
+               if ((timeout != UINT32_MAX) && (round_end - start > timeout * 1000))
                        round_end = timeout * 1000 + start;
 
                // Built and send package
-               if (type != DHCPV6_MSG_UNKNOWN)
+               if (type != DHCPV6_MSG_UNKNOWN) {
+                       if (type != DHCPV6_MSG_SOLICIT)
+                               syslog(LOG_NOTICE, "Send %s message (elapsed %llums, rc %d)",
+                                               retx->name, (unsigned long long)elapsed, rc);
                        dhcpv6_send(type, trid, elapsed / 10);
+                       rc++;
+               }
 
                // Receive rounds
-               for (; len < 0 && round_start < round_end;
+               for (; len < 0 && (round_start < round_end);
                                round_start = odhcp6c_get_milli_time()) {
+                       uint8_t buf[1536], cmsg_buf[CMSG_SPACE(sizeof(struct in6_pktinfo))];
+                       struct iovec iov = {buf, sizeof(buf)};
+                       struct msghdr msg = {NULL, 0, &iov, 1,
+                                       cmsg_buf, sizeof(cmsg_buf), 0};
+                       struct in6_pktinfo *pktinfo = NULL;
+
                        // Check for pending signal
                        if (odhcp6c_signal_process())
                                return -1;
 
                        // Set timeout for receiving
                        uint64_t t = round_end - round_start;
-                       struct timeval timeout = {t / 1000, (t % 1000) * 1000};
+                       struct timeval tv = {t / 1000, (t % 1000) * 1000};
                        setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO,
-                                       &timeout, sizeof(timeout));
+                                       &tv, sizeof(tv));
 
                        // Receive cycle
-                       len = recv(sock, buf, sizeof(buf), 0);
+                       len = recvmsg(sock, &msg, 0);
+                       if (len < 0)
+                               continue;
+
+                       for (struct cmsghdr *ch = CMSG_FIRSTHDR(&msg); ch != NULL;
+                               ch = CMSG_NXTHDR(&msg, ch)) {
+                               if (ch->cmsg_level == SOL_IPV6 &&
+                                       ch->cmsg_type == IPV6_PKTINFO) {
+                                       pktinfo = (struct in6_pktinfo *)CMSG_DATA(ch);
+                                       break;
+                               }
+                       }
+
+                       if (pktinfo == NULL) {
+                               len = -1;
+                               continue;
+                       }
 
-                       if (!dhcpv6_response_is_valid(buf, len, trid, type))
+                       if (!dhcpv6_response_is_valid(buf, len, trid,
+                                                       type, &pktinfo->ipi6_addr)) {
                                len = -1;
+                               continue;
+                       }
 
-                       if (len > 0) {
-                               uint8_t *opt = &buf[4];
-                               uint8_t *opt_end = opt + len - 4;
+                       uint8_t *opt = &buf[4];
+                       uint8_t *opt_end = opt + len - 4;
 
-                               round_start = odhcp6c_get_milli_time();
-                               elapsed = round_start - start;
-                               syslog(LOG_NOTICE, "Got a valid reply after "
-                                               "%ums", (unsigned)elapsed);
+                       round_start = odhcp6c_get_milli_time();
+                       elapsed = round_start - start;
+                       syslog(LOG_NOTICE, "Got a valid reply after "
+                                       "%llums", (unsigned long long)elapsed);
 
-                               if (retx->handler_reply)
-                                       len = retx->handler_reply(
-                                                       type, opt, opt_end);
+                       if (retx->handler_reply)
+                               len = retx->handler_reply(type, rc, opt, opt_end);
 
-                               if (round_end - round_start > 1000)
-                                       round_end = 1000 + round_start;
-                       }
+                       if (len > 0 && round_end - round_start > 1000)
+                               round_end = 1000 + round_start;
                }
 
                // Allow
                if (retx->handler_finish)
                        len = retx->handler_finish();
-       } while (len < 0 && elapsed / 1000 < timeout);
-
+       } while (len < 0 && ((timeout == UINT32_MAX) || (elapsed / 1000 < timeout)) && 
+                       (!retx->max_rc || rc < retx->max_rc));
        return len;
 }
 
-
+// Message validation checks according to RFC3315 chapter 15
 static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
-               const uint8_t transaction[3], enum dhcpv6_msg type)
+               const uint8_t transaction[3], enum dhcpv6_msg type,
+               const struct in6_addr *daddr)
 {
        const struct dhcpv6_header *rep = buf;
        if (len < (ssize_t)sizeof(*rep) || memcmp(rep->tr_id,
@@ -476,9 +634,11 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
                return false;
        }
 
-       uint8_t *end = ((uint8_t*)buf) + len, *odata;
-       uint16_t otype, olen;
-       bool clientid_ok = false, serverid_ok = false, rcauth_ok = false;
+       uint8_t *end = ((uint8_t*)buf) + len, *odata = NULL,
+               rcmsg = DHCPV6_MSG_UNKNOWN;
+       uint16_t otype, olen = UINT16_MAX;
+       bool clientid_ok = false, serverid_ok = false, rcauth_ok = false,
+               ia_present = false, options_valid = true;
 
        size_t client_id_len, server_id_len;
        void *client_id = odhcp6c_get_state(STATE_CLIENT_ID, &client_id_len);
@@ -489,46 +649,72 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
                        clientid_ok = (olen + 4U == client_id_len) && !memcmp(
                                        &odata[-4], client_id, client_id_len);
                } else if (otype == DHCPV6_OPT_SERVERID) {
-                       serverid_ok = (olen + 4U == server_id_len) && !memcmp(
-                                       &odata[-4], server_id, server_id_len);
+                       if (server_id_len)
+                               serverid_ok = (olen + 4U == server_id_len) && !memcmp(
+                                               &odata[-4], server_id, server_id_len);
+                       else
+                               serverid_ok = true;
                } else if (otype == DHCPV6_OPT_AUTH && olen == -4 +
                                sizeof(struct dhcpv6_auth_reconfigure)) {
                        struct dhcpv6_auth_reconfigure *r = (void*)&odata[-4];
                        if (r->protocol != 3 || r->algorithm != 1 || r->reconf_type != 2)
                                continue;
 
-                       md5_state_t md5;
-                       uint8_t serverhash[16], secretbytes[16], hash[16];
+                       md5_ctx_t md5;
+                       uint8_t serverhash[16], secretbytes[64], hash[16];
                        memcpy(serverhash, r->key, sizeof(serverhash));
                        memset(r->key, 0, sizeof(r->key));
-                       memcpy(secretbytes, reconf_key, sizeof(secretbytes));
+
+                       memset(secretbytes, 0, sizeof(secretbytes));
+                       memcpy(secretbytes, reconf_key, sizeof(reconf_key));
 
                        for (size_t i = 0; i < sizeof(secretbytes); ++i)
                                secretbytes[i] ^= 0x36;
 
-                       md5_init(&md5);
-                       md5_append(&md5, secretbytes, sizeof(secretbytes));
-                       md5_append(&md5, buf, len);
-                       md5_finish(&md5, hash);
+                       md5_begin(&md5);
+                       md5_hash(secretbytes, sizeof(secretbytes), &md5);
+                       md5_hash(buf, len, &md5);
+                       md5_end(hash, &md5);
 
                        for (size_t i = 0; i < sizeof(secretbytes); ++i) {
                                secretbytes[i] ^= 0x36;
                                secretbytes[i] ^= 0x5c;
                        }
 
-                       md5_init(&md5);
-                       md5_append(&md5, secretbytes, sizeof(secretbytes));
-                       md5_append(&md5, hash, 16);
-                       md5_finish(&md5, hash);
+                       md5_begin(&md5);
+                       md5_hash(secretbytes, sizeof(secretbytes), &md5);
+                       md5_hash(hash, 16, &md5);
+                       md5_end(hash, &md5);
 
                        rcauth_ok = !memcmp(hash, serverhash, sizeof(hash));
+               } else if (otype == DHCPV6_OPT_RECONF_MESSAGE && olen == 1) {
+                       rcmsg = odata[0];
+               } else if ((otype == DHCPV6_OPT_IA_PD || otype == DHCPV6_OPT_IA_NA)) {
+                       ia_present = true;
+                       if (olen < sizeof(struct dhcpv6_ia_hdr))
+                               options_valid = false;
+               }
+               else if ((otype == DHCPV6_OPT_IA_ADDR) || (otype == DHCPV6_OPT_IA_PREFIX) ||
+                               (otype == DHCPV6_OPT_PD_EXCLUDE)) {
+                       // Options are not allowed on global level
+                       options_valid = false;
                }
        }
 
-       if (rep->msg_type == DHCPV6_MSG_RECONF && !rcauth_ok)
+       if (!options_valid || ((odata + olen) > end))
+               return false;
+
+       if (type == DHCPV6_MSG_INFO_REQ && ia_present)
                return false;
 
-       return clientid_ok && (serverid_ok || server_id_len == 0);
+       if (rep->msg_type == DHCPV6_MSG_RECONF) {
+               if ((rcmsg != DHCPV6_MSG_RENEW && rcmsg != DHCPV6_MSG_INFO_REQ) ||
+                       (rcmsg == DHCPV6_MSG_INFO_REQ && ia_present) ||
+                       !rcauth_ok || IN6_IS_ADDR_MULTICAST(daddr))
+                       return false;
+       }
+
+       return clientid_ok && serverid_ok;
 }
 
 
@@ -542,10 +728,9 @@ int dhcpv6_poll_reconfigure(void)
 }
 
 
-static int dhcpv6_handle_reconfigure(_unused enum dhcpv6_msg orig,
+static int dhcpv6_handle_reconfigure(_unused enum dhcpv6_msg orig, const int rc,
                const void *opt, const void *end)
 {
-       // TODO: should verify the reconfigure message
        uint16_t otype, olen;
        uint8_t *odata, msg = DHCPV6_MSG_RENEW;
        dhcpv6_for_each_option(opt, end, otype, olen, odata)
@@ -554,118 +739,139 @@ static int dhcpv6_handle_reconfigure(_unused enum dhcpv6_msg orig,
                                odata[0] == DHCPV6_MSG_INFO_REQ))
                        msg = odata[0];
 
-       dhcpv6_handle_reply(DHCPV6_MSG_UNKNOWN, NULL, NULL);
+       dhcpv6_handle_reply(DHCPV6_MSG_UNKNOWN, rc, NULL, NULL);
        return msg;
 }
 
 
 // Collect all advertised servers
-static int dhcpv6_handle_advert(_unused enum dhcpv6_msg orig,
+static int dhcpv6_handle_advert(enum dhcpv6_msg orig, const int rc,
                const void *opt, const void *end)
 {
        uint16_t olen, otype;
-       uint8_t *odata;
-       struct dhcpv6_server_cand cand = {false, false, 0, 0, {0}};
+       uint8_t *odata, pref = 0;
+       struct dhcpv6_server_cand cand = {false, false, 0, 0, {0},
+                                       DHCPV6_SOL_MAX_RT,
+                                       DHCPV6_INF_MAX_RT, NULL, NULL, 0, 0};
+       bool have_na = false;
+       int have_pd = 0;
 
        dhcpv6_for_each_option(opt, end, otype, olen, odata) {
+               if (orig == DHCPV6_MSG_SOLICIT &&
+                               (otype == DHCPV6_OPT_IA_PD || otype == DHCPV6_OPT_IA_NA) &&
+                               olen > sizeof(struct dhcpv6_ia_hdr)) {
+                       struct dhcpv6_ia_hdr *ia_hdr = (void*)(&odata[-4]);
+                       dhcpv6_parse_ia(ia_hdr, odata + olen + sizeof(*ia_hdr));
+               }
+
                if (otype == DHCPV6_OPT_SERVERID && olen <= 130) {
                        memcpy(cand.duid, odata, olen);
                        cand.duid_len = olen;
-               } else if (otype == DHCPV6_OPT_STATUS && olen >= 2 && !odata[0]
-                               && odata[1] == DHCPV6_NoAddrsAvail) {
-                       if (na_mode == IA_MODE_FORCE) {
-                               return -1;
-                       } else {
-                               cand.has_noaddravail = true;
-                               cand.preference -= 1000;
+               } else if (otype == DHCPV6_OPT_STATUS && olen >= 2) {
+                       int error = ((int)odata[0] << 8 | (int)odata[1]);
+
+                       switch (error) {
+                       case DHCPV6_NoPrefixAvail:
+                               // Status code on global level
+                               cand.preference -= 2000;
+                               break;
+
+                       default :
+                               break;
                        }
-               } else if (otype == DHCPV6_OPT_STATUS && olen >= 2 && !odata[0]
-                               && odata[1] == DHCPV6_NoPrefixAvail) {
-                       cand.preference -= 2000;
                } else if (otype == DHCPV6_OPT_PREF && olen >= 1 &&
                                cand.preference >= 0) {
-                       cand.preference = odata[0];
+                       cand.preference = pref = odata[0];
                } else if (otype == DHCPV6_OPT_RECONF_ACCEPT) {
                        cand.wants_reconfigure = true;
+               } else if (otype == DHCPV6_OPT_SOL_MAX_RT && olen == 4) {
+                       uint32_t sol_max_rt = ntohl(*((uint32_t *)odata));
+                       if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN &&
+                                       sol_max_rt <= DHCPV6_SOL_MAX_RT_MAX)
+                               cand.sol_max_rt = sol_max_rt;
+               } else if (otype == DHCPV6_OPT_INF_MAX_RT && olen == 4) {
+                       uint32_t inf_max_rt = ntohl(*((uint32_t *)odata));
+                       if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN &&
+                                       inf_max_rt <= DHCPV6_INF_MAX_RT_MAX)
+                               cand.inf_max_rt = inf_max_rt;
                } else if (otype == DHCPV6_OPT_IA_PD && request_prefix) {
                        struct dhcpv6_ia_hdr *h = (struct dhcpv6_ia_hdr*)&odata[-4];
                        uint8_t *oend = odata + olen, *d;
                        dhcpv6_for_each_option(&h[1], oend, otype, olen, d) {
-                               if (otype == DHCPV6_OPT_IA_PREFIX)
-                                       cand.preference += 2000;
-                               else if (otype == DHCPV6_OPT_STATUS &&
-                                               olen >= 2 && d[0] == 0 &&
-                                               d[1] == DHCPV6_NoPrefixAvail)
-                                       cand.preference -= 2000;
+                               if (otype == DHCPV6_OPT_IA_PREFIX && (olen + 4) >=
+                                               (uint16_t)sizeof(struct dhcpv6_ia_prefix)) {
+                                       struct dhcpv6_ia_prefix *p = (struct dhcpv6_ia_prefix*)&d[-4];
+                                       have_pd = p->prefix;
+                               }
                        }
+               } else if (otype == DHCPV6_OPT_IA_NA) {
+                       struct dhcpv6_ia_hdr *h = (struct dhcpv6_ia_hdr*)&odata[-4];
+                       uint8_t *oend = odata + olen, *d;
+                       dhcpv6_for_each_option(&h[1], oend, otype, olen, d)
+                               if (otype == DHCPV6_OPT_IA_ADDR)
+                                       have_na = true;
                }
        }
 
-       if (cand.duid_len > 0)
-               odhcp6c_add_state(STATE_SERVER_CAND, &cand, sizeof(cand));
-
-       return -1;
-}
-
-
-static int dhcpv6_commit_advert(void)
-{
-       size_t cand_len;
-       struct dhcpv6_server_cand *c = NULL, *cand =
-                       odhcp6c_get_state(STATE_SERVER_CAND, &cand_len);
-
-       bool retry = false;
-       for (size_t i = 0; i < cand_len / sizeof(*c); ++i) {
-               if (cand[i].has_noaddravail)
-                       retry = true; // We want to try again
+       if ((!have_na && na_mode == IA_MODE_FORCE) ||
+                       (!have_pd && pd_mode == IA_MODE_FORCE)) {
+               /*
+                * RFC7083 states to process the SOL_MAX_RT and
+                * INF_MAX_RT options even if the DHCPv6 server
+                * did not propose any IA_NA and/or IA_PD
+                */
+               dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = cand.sol_max_rt;
+               dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = cand.inf_max_rt;
+               return -1;
+       }
 
-               if (!c || c->preference < cand[i].preference)
-                       c = &cand[i];
+       if (na_mode != IA_MODE_NONE && !have_na) {
+               cand.has_noaddravail = true;
+               cand.preference -= 1000;
        }
 
-       if (retry && na_mode == IA_MODE_TRY) {
-               // We give it a second try without the IA_NA
-               na_mode = IA_MODE_NONE;
-               return dhcpv6_request(DHCPV6_MSG_SOLICIT);
+       if (pd_mode != IA_MODE_NONE) {
+               if (have_pd)
+                       cand.preference += 2000 + (128 - have_pd);
+               else
+                       cand.preference -= 2000;
        }
 
-       if (c) {
-               uint16_t hdr[2] = {htons(DHCPV6_OPT_SERVERID),
-                               htons(c->duid_len)};
-               odhcp6c_add_state(STATE_SERVER_ID, hdr, sizeof(hdr));
-               odhcp6c_add_state(STATE_SERVER_ID, c->duid, c->duid_len);
-               accept_reconfig = c->wants_reconfigure;
+       if (cand.duid_len > 0) {
+               cand.ia_na = odhcp6c_move_state(STATE_IA_NA, &cand.ia_na_len);
+               cand.ia_pd = odhcp6c_move_state(STATE_IA_PD, &cand.ia_pd_len);
+               dhcpv6_add_server_cand(&cand);
        }
 
-       odhcp6c_clear_state(STATE_SERVER_CAND);
+       return (rc > 1 || (pref == 255 && cand.preference > 0)) ? 1 : -1;
+}
 
-       if (!c)
-               return -1;
-       else if (request_prefix || na_mode != IA_MODE_NONE)
-               return DHCPV6_STATEFUL;
-       else
-               return DHCPV6_STATELESS;
+
+static int dhcpv6_commit_advert(void)
+{
+       return dhcpv6_promote_server_cand();
 }
 
 
-static int dhcpv6_handle_rebind_reply(enum dhcpv6_msg orig,
+static int dhcpv6_handle_rebind_reply(enum dhcpv6_msg orig, const int rc,
                const void *opt, const void *end)
 {
-       dhcpv6_handle_advert(orig, opt, end);
-       if (dhcpv6_commit_advert() < 0) {
-               dhcpv6_handle_reply(DHCPV6_MSG_UNKNOWN, NULL, NULL);
+       dhcpv6_handle_advert(orig, rc, opt, end);
+       if (dhcpv6_commit_advert() < 0)
                return -1;
-       }
 
-       return dhcpv6_handle_reply(orig, opt, end);
+       return dhcpv6_handle_reply(orig, rc, opt, end);
 }
 
 
-static int dhcpv6_handle_reply(enum dhcpv6_msg orig,
+static int dhcpv6_handle_reply(enum dhcpv6_msg orig, _unused const int rc,
                const void *opt, const void *end)
 {
        uint8_t *odata;
        uint16_t otype, olen;
+       uint32_t refresh = UINT32_MAX;
+       int ret = 1;
+       bool handled_status_codes[_DHCPV6_Status_Max] = { false, };
 
        odhcp6c_expire();
 
@@ -676,9 +882,14 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig,
                uint32_t elapsed = (last_update > 0) ? now - last_update : 0;
                last_update = now;
 
-               t1 -= elapsed;
-               t2 -= elapsed;
-               t3 -= elapsed;
+               if (t1 != UINT32_MAX)
+                       t1 -= elapsed;
+
+               if (t2 != UINT32_MAX)
+                       t2 -= elapsed;
+
+               if (t3 != UINT32_MAX)
+                       t3 -= elapsed;
 
                if (t1 < 0)
                        t1 = 0;
@@ -688,74 +899,89 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig,
 
                if (t3 < 0)
                        t3 = 0;
-       } else {
-               t1 = t2 = t3 = UINT32_MAX;
+       }
+
+       if (orig == DHCPV6_MSG_REQUEST && !odhcp6c_is_bound()) {
+               // Delete NA and PD we have in the state from the Advert
+               odhcp6c_clear_state(STATE_IA_NA);
+               odhcp6c_clear_state(STATE_IA_PD);
        }
 
        if (opt) {
                odhcp6c_clear_state(STATE_DNS);
                odhcp6c_clear_state(STATE_SEARCH);
                odhcp6c_clear_state(STATE_SNTP_IP);
-               odhcp6c_clear_state(STATE_SNTP_FQDN);
+               odhcp6c_clear_state(STATE_NTP_IP);
+               odhcp6c_clear_state(STATE_NTP_FQDN);
                odhcp6c_clear_state(STATE_SIP_IP);
                odhcp6c_clear_state(STATE_SIP_FQDN);
                odhcp6c_clear_state(STATE_AFTR_NAME);
+               odhcp6c_clear_state(STATE_CER);
+               odhcp6c_clear_state(STATE_S46_MAPT);
+               odhcp6c_clear_state(STATE_S46_MAPE);
+               odhcp6c_clear_state(STATE_S46_LW);
+               odhcp6c_clear_state(STATE_PASSTHRU);
        }
 
        // Parse and find all matching IAs
        dhcpv6_for_each_option(opt, end, otype, olen, odata) {
+               bool passthru = true;
+
                if ((otype == DHCPV6_OPT_IA_PD || otype == DHCPV6_OPT_IA_NA)
                                && olen > sizeof(struct dhcpv6_ia_hdr)) {
                        struct dhcpv6_ia_hdr *ia_hdr = (void*)(&odata[-4]);
-                       uint32_t l_t1 = ntohl(ia_hdr->t1);
-                       uint32_t l_t2 = ntohl(ia_hdr->t2);
 
-                       // Test ID and T1-T2 validity
-                       if (ia_hdr->iaid != 1 || l_t2 < l_t1)
+                       // Test ID
+                       if (ia_hdr->iaid != htonl(1) && otype == DHCPV6_OPT_IA_NA)
                                continue;
 
-                       bool error = false;
+                       uint16_t code = DHCPV6_Success;
                        uint16_t stype, slen;
                        uint8_t *sdata;
-                       // Test status and bail if error
+                       // Get and handle status code
                        dhcpv6_for_each_option(&ia_hdr[1], odata + olen,
-                                       stype, slen, sdata)
-                               if (stype == DHCPV6_OPT_STATUS && slen >= 2 &&
-                                               (sdata[0] || sdata[1]))
-                                       error = true;
-
-                       if (error)
-                               continue;
-
-                       // Update times
-                       if (l_t1 > 0 && t1 > l_t1)
-                               t1 = l_t1;
+                                       stype, slen, sdata) {
+                               if (stype == DHCPV6_OPT_STATUS && slen >= 2) {
+                                       uint8_t *mdata = (slen > 2) ? &sdata[2] : NULL;
+                                       uint16_t mlen = (slen > 2) ? slen - 2 : 0;
 
-                       if (l_t2 > 0 && t2 > l_t2)
-                               t2 = l_t2;
+                                       code = ((int)sdata[0]) << 8 | ((int)sdata[1]);
 
-                       uint32_t n = dhcpv6_parse_ia(&ia_hdr[1], odata + olen);
+                                       if (code == DHCPV6_Success)
+                                               continue;
 
-                       if (n < t1)
-                               t1 = n;
+                                       dhcpv6_handle_ia_status_code(orig, ia_hdr,
+                                               code, mdata, mlen, handled_status_codes, &ret);
 
-                       if (n < t2)
-                               t2 = n;
 
-                       if (n < t3)
-                               t3 = n;
+                                       if (ret > 0)
+                                               return ret;
+                                       break;
+                               }
+                       }
 
-                       if (t2 >= t3)
-                               t2 = 8 * t3 / 10;
+                       if (code != DHCPV6_Success)
+                               continue;
 
-                       if (t1 >= t2)
-                               t1 = 5 * t2 / 8;
+                       dhcpv6_parse_ia(ia_hdr, odata + olen + sizeof(*ia_hdr));
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_STATUS && olen >= 2) {
+                       uint8_t *mdata = (olen > 2) ? &odata[2] : NULL;
+                       uint16_t mlen = (olen > 2) ? olen - 2 : 0;
+                       uint16_t code = ((int)odata[0]) << 8 | ((int)odata[1]);
 
-               } else if (otype == DHCPV6_OPT_DNS_SERVERS) {
+                       dhcpv6_handle_status_code(orig, code, mdata, mlen, &ret);
+                       passthru = false;
+               }
+               else if (otype == DHCPV6_OPT_DNS_SERVERS) {
                        if (olen % 16 == 0)
                                odhcp6c_add_state(STATE_DNS, odata, olen);
                } else if (otype == DHCPV6_OPT_DNS_DOMAIN) {
                        odhcp6c_add_state(STATE_SEARCH, odata, olen);
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_SNTP_SERVERS) {
+                       if (olen % 16 == 0)
+                               odhcp6c_add_state(STATE_SNTP_IP, odata, olen);
                } else if (otype == DHCPV6_OPT_NTP_SERVER) {
                        uint16_t stype, slen;
                        uint8_t *sdata;
@@ -764,10 +990,10 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig,
                                        stype, slen, sdata) {
                                if (slen == 16 && (stype == NTP_MC_ADDR ||
                                                stype == NTP_SRV_ADDR))
-                                       odhcp6c_add_state(STATE_SNTP_IP,
+                                       odhcp6c_add_state(STATE_NTP_IP,
                                                        sdata, slen);
                                else if (slen > 0 && stype == NTP_SRV_FQDN)
-                                       odhcp6c_add_state(STATE_SNTP_FQDN,
+                                       odhcp6c_add_state(STATE_NTP_FQDN,
                                                        sdata, slen);
                        }
                } else if (otype == DHCPV6_OPT_SIP_SERVER_A) {
@@ -776,42 +1002,129 @@ static int dhcpv6_handle_reply(enum dhcpv6_msg orig,
                } else if (otype == DHCPV6_OPT_SIP_SERVER_D) {
                        odhcp6c_add_state(STATE_SIP_FQDN, odata, olen);
                } else if (otype == DHCPV6_OPT_INFO_REFRESH && olen >= 4) {
-                       uint32_t refresh = ntohl(*((uint32_t*)odata));
-                       if (refresh < (uint32_t)t1)
-                               t1 = refresh;
-               } else if (otype == DHCPV6_OPT_AUTH && olen == -4 +
-                               sizeof(struct dhcpv6_auth_reconfigure)) {
-                       struct dhcpv6_auth_reconfigure *r = (void*)&odata[-4];
-                       if (r->protocol == 3 && r->algorithm == 1 &&
-                                       r->reconf_type == 1)
-                               memcpy(reconf_key, r->key, sizeof(r->key));
+                       refresh = ntohl(*((uint32_t*)odata));
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_AUTH) {
+                       if (olen == -4 + sizeof(struct dhcpv6_auth_reconfigure)) {
+                               struct dhcpv6_auth_reconfigure *r = (void*)&odata[-4];
+                               if (r->protocol == 3 && r->algorithm == 1 &&
+                                               r->reconf_type == 1)
+                                       memcpy(reconf_key, r->key, sizeof(r->key));
+                       }
+                       passthru = false;
                } else if (otype == DHCPV6_OPT_AFTR_NAME && olen > 3) {
                        size_t cur_len;
                        odhcp6c_get_state(STATE_AFTR_NAME, &cur_len);
                        if (cur_len == 0)
                                odhcp6c_add_state(STATE_AFTR_NAME, odata, olen);
-               } else if (otype != DHCPV6_OPT_CLIENTID &&
-                               otype != DHCPV6_OPT_SERVERID) {
-                       odhcp6c_add_state(STATE_CUSTOM_OPTS,
-                                       &odata[-4], olen + 4);
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_SOL_MAX_RT && olen == 4) {
+                       uint32_t sol_max_rt = ntohl(*((uint32_t *)odata));
+                       if (sol_max_rt >= DHCPV6_SOL_MAX_RT_MIN &&
+                                       sol_max_rt <= DHCPV6_SOL_MAX_RT_MAX)
+                               dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = sol_max_rt;
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_INF_MAX_RT && olen == 4) {
+                       uint32_t inf_max_rt = ntohl(*((uint32_t *)odata));
+                       if (inf_max_rt >= DHCPV6_INF_MAX_RT_MIN &&
+                                       inf_max_rt <= DHCPV6_INF_MAX_RT_MAX)
+                               dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = inf_max_rt;
+                       passthru = false;
+#ifdef EXT_CER_ID
+               } else if (otype == DHCPV6_OPT_CER_ID && olen == -4 +
+                               sizeof(struct dhcpv6_cer_id)) {
+                       struct dhcpv6_cer_id *cer_id = (void*)&odata[-4];
+                       struct in6_addr any = IN6ADDR_ANY_INIT;
+                       if (memcmp(&cer_id->addr, &any, sizeof(any)))
+                               odhcp6c_add_state(STATE_CER, &cer_id->addr, sizeof(any));
+                       passthru = false;
+#endif
+               } else if (otype == DHCPV6_OPT_S46_CONT_MAPT) {
+                       odhcp6c_add_state(STATE_S46_MAPT, odata, olen);
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_S46_CONT_MAPE) {
+                       size_t mape_len;
+                       odhcp6c_get_state(STATE_S46_MAPE, &mape_len);
+                       if (mape_len == 0)
+                               odhcp6c_add_state(STATE_S46_MAPE, odata, olen);
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_S46_CONT_LW) {
+                       odhcp6c_add_state(STATE_S46_LW, odata, olen);
+                       passthru = false;
+               } else if (otype == DHCPV6_OPT_CLIENTID ||
+                               otype == DHCPV6_OPT_SERVERID ||
+                               otype == DHCPV6_OPT_IA_TA ||
+                               otype == DHCPV6_OPT_PREF ||
+                               otype == DHCPV6_OPT_UNICAST ||
+                               otype == DHCPV6_OPT_FQDN ||
+                               otype == DHCPV6_OPT_RECONF_ACCEPT) {
+                       passthru = false;
+               } else {
+                       odhcp6c_add_state(STATE_CUSTOM_OPTS, &odata[-4], olen + 4);
                }
+
+               if (passthru)
+                       odhcp6c_add_state(STATE_PASSTHRU, &odata[-4], olen + 4);
        }
 
-       return true;
+       if (orig != DHCPV6_MSG_INFO_REQ) {
+               // Update refresh timers if no fatal status code was received
+               if ((ret > 0) && dhcpv6_calc_refresh_timers()) {
+                       switch (orig) {
+                       case DHCPV6_MSG_RENEW:
+                               // Send further renews if T1 is not set
+                               if (!t1)
+                                       ret = -1;
+                               break;
+                       case DHCPV6_MSG_REBIND:
+                               // Send further rebinds if T1 and T2 is not set
+                               if (!t1 && !t2)
+                                       ret = -1;
+                               break;
+
+                       case DHCPV6_MSG_REQUEST:
+                               // All server candidates can be cleared if not yet bound
+                               if (!odhcp6c_is_bound())
+                                       dhcpv6_clear_all_server_cand();
+
+                       default :
+                               break;
+                       }
+               }
+       }
+       else if (ret > 0) {
+               // All server candidates can be cleared if not yet bound
+               if (!odhcp6c_is_bound())
+                       dhcpv6_clear_all_server_cand();
+
+               t1 = refresh;
+       }
+
+       return ret;
 }
 
 
-static uint32_t dhcpv6_parse_ia(void *opt, void *end)
+static int dhcpv6_parse_ia(void *opt, void *end)
 {
-       uint32_t timeout = UINT32_MAX; // Minimum timeout
+       struct dhcpv6_ia_hdr *ia_hdr = (struct dhcpv6_ia_hdr *)opt;
+       int parsed_ia = 0;
+       uint32_t t1, t2;
        uint16_t otype, olen;
        uint8_t *odata;
 
-       struct odhcp6c_entry entry = {IN6ADDR_ANY_INIT,
-                       0, 0, IN6ADDR_ANY_INIT, 0, 0};
+       t1 = ntohl(ia_hdr->t1);
+       t2 = ntohl(ia_hdr->t2);
+
+       if (t1 > t2)
+               return 0;
 
        // Update address IA
-       dhcpv6_for_each_option(opt, end, otype, olen, odata) {
+       dhcpv6_for_each_option(&ia_hdr[1], end, otype, olen, odata) {
+               struct odhcp6c_entry entry = {IN6ADDR_ANY_INIT, 0, 0,
+                               IN6ADDR_ANY_INIT, 0, 0, 0, 0, 0, 0};
+
+               entry.iaid = ia_hdr->iaid;
+
                if (otype == DHCPV6_OPT_IA_PREFIX) {
                        struct dhcpv6_ia_prefix *prefix = (void*)&odata[-4];
                        if (olen + 4U < sizeof(*prefix))
@@ -823,13 +1136,26 @@ static uint32_t dhcpv6_parse_ia(void *opt, void *end)
                        if (entry.preferred > entry.valid)
                                continue;
 
+                       entry.t1 = (t1 ? t1 : (entry.preferred != UINT32_MAX ? 0.5 * entry.preferred : UINT32_MAX));
+                       entry.t2 = (t2 ? t2 : (entry.preferred != UINT32_MAX ? 0.8 * entry.preferred : UINT32_MAX));
+                       if (entry.t1 > entry.t2)
+                               entry.t1 = entry.t2;
+
                        entry.length = prefix->prefix;
                        entry.target = prefix->addr;
+                       uint16_t stype, slen;
+                       uint8_t *sdata;
+
+#ifdef EXT_PREFIX_CLASS
+                       // Find prefix class, if any
+                       dhcpv6_for_each_option(&prefix[1], odata + olen,
+                                       stype, slen, sdata)
+                               if (stype == DHCPV6_OPT_PREFIX_CLASS && slen == 2)
+                                       entry.class = sdata[0] << 8 | sdata[1];
+#endif
 
                        // Parse PD-exclude
                        bool ok = true;
-                       uint16_t stype, slen;
-                       uint8_t *sdata;
                        dhcpv6_for_each_option(odata + sizeof(*prefix) - 4U,
                                        odata + olen, stype, slen, sdata) {
                                if (stype != DHCPV6_OPT_PD_EXCLUDE || slen < 2)
@@ -865,8 +1191,10 @@ static uint32_t dhcpv6_parse_ia(void *opt, void *end)
                                entry.priority = elen;
                        }
 
-                       if (ok)
+                       if (ok) {
                                odhcp6c_update_entry(STATE_IA_PD, &entry);
+                               parsed_ia++;
+                       }
 
                        entry.priority = 0;
                        memset(&entry.router, 0, sizeof(entry.router));
@@ -881,15 +1209,248 @@ static uint32_t dhcpv6_parse_ia(void *opt, void *end)
                        if (entry.preferred > entry.valid)
                                continue;
 
+                       entry.t1 = (t1 ? t1 : (entry.preferred != UINT32_MAX ? 0.5 * entry.preferred : UINT32_MAX));
+                       entry.t2 = (t2 ? t2 : (entry.preferred != UINT32_MAX ? 0.8 * entry.preferred : UINT32_MAX));
+                       if (entry.t1 > entry.t2)
+                               entry.t1 = entry.t2;
+
                        entry.length = 128;
                        entry.target = addr->addr;
 
+#ifdef EXT_PREFIX_CLASS
+                       uint16_t stype, slen;
+                       uint8_t *sdata;
+                       // Find prefix class, if any
+                       dhcpv6_for_each_option(&addr[1], odata + olen,
+                                       stype, slen, sdata)
+                               if (stype == DHCPV6_OPT_PREFIX_CLASS && slen == 2)
+                                       entry.class = sdata[0] << 8 | sdata[1];
+#endif
+
                        odhcp6c_update_entry(STATE_IA_NA, &entry);
+                       parsed_ia++;
+               }
+       }
+       return parsed_ia;
+}
+
+
+static int dhcpv6_calc_refresh_timers(void)
+{
+       struct odhcp6c_entry *e;
+       size_t ia_na_entries, ia_pd_entries, i;
+       int64_t l_t1 = UINT32_MAX, l_t2 = UINT32_MAX, l_t3 = 0;
+
+       e = odhcp6c_get_state(STATE_IA_NA, &ia_na_entries);
+       ia_na_entries /= sizeof(*e);
+       for (i = 0; i < ia_na_entries; i++) {
+               if (e[i].t1 < l_t1)
+                       l_t1 = e[i].t1;
+
+               if (e[i].t2 < l_t2)
+                       l_t2 = e[i].t2;
+
+               if (e[i].valid > l_t3)
+                       l_t3 = e[i].valid;
+       }
+
+       e = odhcp6c_get_state(STATE_IA_PD, &ia_pd_entries);
+       ia_pd_entries /= sizeof(*e);
+       for (i = 0; i < ia_pd_entries; i++) {
+               if (e[i].t1 < l_t1)
+                       l_t1 = e[i].t1;
+
+               if (e[i].t2 < l_t2)
+                       l_t2 = e[i].t2;
+
+               if (e[i].valid > l_t3)
+                       l_t3 = e[i].valid;
+       }
+
+       if (ia_pd_entries || ia_na_entries) {
+               t1 = l_t1;
+               t2 = l_t2;
+               t3 = l_t3;
+       } else {
+               t1 = 600;
+       }
+
+       return (int)(ia_pd_entries + ia_na_entries);
+}
+
+
+static void dhcpv6_log_status_code(const uint16_t code, const char *scope,
+               const void *status_msg, const int len)
+{
+       uint8_t buf[len + 3];
+
+       memset(buf, 0, sizeof(buf));
+       if (len) {
+               buf[0] = '(';
+               memcpy(&buf[1], status_msg, len);
+               buf[len + 1] = ')';
+       }
+
+       syslog(LOG_WARNING, "Server returned %s status %i %s",
+               scope, code, buf);
+}
+
+
+static void dhcpv6_handle_status_code(const enum dhcpv6_msg orig,
+               const uint16_t code, const void *status_msg, const int len,
+               int *ret)
+{
+       dhcpv6_log_status_code(code, "message", status_msg, len);
+
+       switch (code) {
+       case DHCPV6_UnspecFail:
+               // Generic failure
+               *ret = 0;
+               break;
+
+       case DHCPV6_UseMulticast:
+               // TODO handle multicast status code
+               break;
+
+       case DHCPV6_NoAddrsAvail:
+       case DHCPV6_NoPrefixAvail:
+               if (orig == DHCPV6_MSG_REQUEST)
+                       *ret = 0; // Failure
+               break;
+
+       default:
+               break;
+       }
+}
+
+
+static void dhcpv6_handle_ia_status_code(const enum dhcpv6_msg orig,
+               const struct dhcpv6_ia_hdr *ia_hdr, const uint16_t code,
+               const void *status_msg, const int len,
+               bool handled_status_codes[_DHCPV6_Status_Max], int *ret)
+{
+       dhcpv6_log_status_code(code, ia_hdr->type == DHCPV6_OPT_IA_NA ?
+               "IA_NA" : "IA_PD", status_msg, len);
+
+       switch (code) {
+       case DHCPV6_NoBinding:
+               switch (orig) {
+               case DHCPV6_MSG_RENEW:
+               case DHCPV6_MSG_REBIND:
+                       if ((*ret > 0) && !handled_status_codes[code])
+                               *ret = dhcpv6_request(DHCPV6_MSG_REQUEST);
+                       break;
+
+               default:
+                       break;
+               }
+               break;
+
+       case DHCPV6_NoAddrsAvail:
+       case DHCPV6_NoPrefixAvail:
+               switch (orig) {
+               case DHCPV6_MSG_REQUEST:
+                       if (*ret != 0)
+                               *ret = 0;
+                       break;
+               default:
+                       break;
+               }
+               break;
+
+       case DHCPV6_NotOnLink:
+               // TODO handle not onlink in case of confirm
+               break;
+
+       default:
+               break;
+       }
+}
+
+static void dhcpv6_add_server_cand(const struct dhcpv6_server_cand *cand)
+{
+       size_t cand_len, i;
+       struct dhcpv6_server_cand *c = odhcp6c_get_state(STATE_SERVER_CAND, &cand_len);
+
+       // Remove identical duid server candidate
+       for (i = 0; i < cand_len / sizeof(*c); ++i) {
+               if (cand->duid_len == c[i].duid_len &&
+                               !memcmp(cand->duid, c[i].duid, cand->duid_len)) {
+                       free(c[i].ia_na);
+                       free(c[i].ia_pd);
+                       odhcp6c_remove_state(STATE_SERVER_CAND, i * sizeof(*c), sizeof(*c));
+                       break;
                }
+       }
+
+       for (i = 0, c = odhcp6c_get_state(STATE_SERVER_CAND, &cand_len);
+               i < cand_len / sizeof(*c); ++i) {
+               if (c[i].preference < cand->preference)
+                       break;
+       }
+
+       odhcp6c_insert_state(STATE_SERVER_CAND, i * sizeof(*c), cand, sizeof(*cand));
+}
+
+static void dhcpv6_clear_all_server_cand(void)
+{
+       size_t cand_len, i;
+       struct dhcpv6_server_cand *c = odhcp6c_get_state(STATE_SERVER_CAND, &cand_len);
 
-               if (entry.valid > 0 && timeout > entry.valid)
-                       timeout = entry.valid;
+       // Server candidates need deep delete for IA_NA/IA_PD
+       for (i = 0; i < cand_len / sizeof(*c); ++i) {
+               free(c[i].ia_na);
+               free(c[i].ia_pd);
        }
+       odhcp6c_clear_state(STATE_SERVER_CAND);
+}
 
-       return timeout;
+int dhcpv6_promote_server_cand(void)
+{
+       size_t cand_len;
+       struct dhcpv6_server_cand *cand = odhcp6c_get_state(STATE_SERVER_CAND, &cand_len);
+       uint16_t hdr[2];
+       int ret = DHCPV6_STATELESS;
+
+       // Clear lingering candidate state info
+       odhcp6c_clear_state(STATE_SERVER_ID);
+       odhcp6c_clear_state(STATE_IA_NA);
+       odhcp6c_clear_state(STATE_IA_PD);
+
+       if (!cand_len)
+               return -1;
+
+       if (cand->has_noaddravail && na_mode == IA_MODE_TRY) {
+               na_mode = IA_MODE_NONE;
+
+               dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = cand->sol_max_rt;
+               dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = cand->inf_max_rt;
+
+               return dhcpv6_request(DHCPV6_MSG_SOLICIT);
+       }
+
+       hdr[0] = htons(DHCPV6_OPT_SERVERID);
+       hdr[1] = htons(cand->duid_len);
+       odhcp6c_add_state(STATE_SERVER_ID, hdr, sizeof(hdr));
+       odhcp6c_add_state(STATE_SERVER_ID, cand->duid, cand->duid_len);
+       accept_reconfig = cand->wants_reconfigure;
+       if (cand->ia_na_len) {
+               odhcp6c_add_state(STATE_IA_NA, cand->ia_na, cand->ia_na_len);
+               free(cand->ia_na);
+               if (na_mode != IA_MODE_NONE)
+                       ret = DHCPV6_STATEFUL;
+       }
+       if (cand->ia_pd_len) {
+               odhcp6c_add_state(STATE_IA_PD, cand->ia_pd, cand->ia_pd_len);
+               free(cand->ia_pd);
+               if (request_prefix)
+                       ret = DHCPV6_STATEFUL;
+       }
+
+       dhcpv6_retx[DHCPV6_MSG_SOLICIT].max_timeo = cand->sol_max_rt;
+       dhcpv6_retx[DHCPV6_MSG_INFO_REQ].max_timeo = cand->inf_max_rt;
+
+       odhcp6c_remove_state(STATE_SERVER_CAND, 0, sizeof(*cand));
+
+       return ret;
 }