X-Git-Url: https://git.decadent.org.uk/gitweb/?p=odhcp6c.git;a=blobdiff_plain;f=src%2Fra.c;h=bc5b225e87b0596bf1e4cde73738bf1ba48053ae;hp=c8ccb888f8856172ff58f280625b5005b61ab356;hb=456288f9af45cf094be4ca8160ff186867dec8ff;hpb=c570ee307de12e47e8a370fb66d8f99f14d4b064

diff --git a/src/ra.c b/src/ra.c
index c8ccb88..bc5b225 100644
--- a/src/ra.c
+++ b/src/ra.c
@@ -59,13 +59,23 @@ int ra_init(const char *ifname, const struct in6_addr *ifid)
 {
 	const pid_t ourpid = getpid();
 	sock = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC, IPPROTO_ICMPV6);
+	if (sock < 0)
+		return -1;
+
 	if_index = if_nametoindex(ifname);
+	if (!if_index)
+		return -1;
+
 	strncpy(if_name, ifname, sizeof(if_name) - 1);
 	lladdr = *ifid;
 
 	rtnl = socket(AF_NETLINK, SOCK_DGRAM | SOCK_CLOEXEC, NETLINK_ROUTE);
+	if (rtnl < 0)
+		return -1;
+
 	struct sockaddr_nl rtnl_kernel = { .nl_family = AF_NETLINK };
-	connect(rtnl, (const struct sockaddr*)&rtnl_kernel, sizeof(rtnl_kernel));
+	if (connect(rtnl, (const struct sockaddr*)&rtnl_kernel, sizeof(rtnl_kernel)) < 0)
+		return -1;
 
 	int val = RTNLGRP_LINK;
 	setsockopt(rtnl, SOL_NETLINK, NETLINK_ADD_MEMBERSHIP, &val, sizeof(val));
@@ -185,6 +195,51 @@ bool ra_link_up(void)
 	return ret;
 }
 
+static int ra_icmpv6_valid(struct sockaddr_in6 *source, int hlim, uint8_t *data, size_t len)
+{
+	struct icmp6_hdr *hdr = (struct icmp6_hdr *)data;
+	struct icmpv6_opt *opt;
+	size_t optlen;
+
+	if (hlim != 255)
+		return 0;
+
+	if (len < sizeof(*hdr))
+		return 0;
+
+	if (hdr->icmp6_code)
+		return 0;
+
+	switch (hdr->icmp6_type) {
+	case ND_ROUTER_ADVERT:
+		if (!IN6_IS_ADDR_LINKLOCAL(&source->sin6_addr))
+			return 0;
+
+		opt = (struct icmpv6_opt *)((struct nd_router_advert *)data + 1);
+		optlen = len - sizeof(struct nd_router_advert);
+		break;
+
+	default:
+		return 0;
+	}
+
+	while (optlen > 0) {
+		size_t l = opt->len << 3;
+
+		if (optlen < sizeof(*opt))
+			return 0;
+
+		if (l > optlen || l == 0)
+			return 0;
+
+		opt = (struct icmpv6_opt *)(((uint8_t *)opt) + l);
+
+		optlen -= l;
+	}
+
+	return 1;
+}
+
 bool ra_process(void)
 {
 	bool found = false;
@@ -216,10 +271,8 @@ bool ra_process(void)
 				cmsg_buf, sizeof(cmsg_buf), 0};
 
 		ssize_t len = recvmsg(sock, &msg, MSG_DONTWAIT);
-		if (len < 0)
+		if (len <= 0)
 			break;
-		else if (len < (ssize_t)sizeof(*adv))
-			continue;
 
 		int hlim = 0;
 		for (struct cmsghdr *ch = CMSG_FIRSTHDR(&msg); ch != NULL;
@@ -228,7 +281,7 @@ bool ra_process(void)
 					ch->cmsg_type == IPV6_HOPLIMIT)
 				memcpy(&hlim, CMSG_DATA(ch), sizeof(hlim));
 
-		if (hlim != 255)
+		if (!ra_icmpv6_valid(&from, hlim, buf, len))
 			continue;
 
 		// Stop sending solicits
@@ -254,6 +307,10 @@ bool ra_process(void)
 		entry.preferred = entry.valid;
 		changed |= odhcp6c_update_entry(STATE_RA_ROUTE, &entry);
 
+		// Parse hoplimit
+		if (adv->nd_ra_curhoplimit)
+			update_proc("conf", "hop_limit", adv->nd_ra_curhoplimit);
+
 		// Parse ND parameters
 		if (ntohl(adv->nd_ra_reachable) <= 3600000)
 			update_proc("neigh", "base_reachable_time_ms", ntohl(adv->nd_ra_reachable));
@@ -266,17 +323,17 @@ bool ra_process(void)
 		struct icmpv6_opt *opt;
 		icmpv6_for_each_option(opt, &adv[1], &buf[len]) {
 			if (opt->type == ND_OPT_MTU) {
-				uint32_t *mtu = (uint32_t*)&opt->data[2];
-				if (ntohl(*mtu) >= 1280 && ntohl(*mtu) <= 65535)
-					update_proc("conf", "mtu", ntohl(*mtu));
+				struct nd_opt_mtu *mtu = (struct nd_opt_mtu *)opt;
+				if (ntohl(mtu->nd_opt_mtu_mtu) >= 1280 && ntohl(mtu->nd_opt_mtu_mtu) <= 65535)
+					update_proc("conf", "mtu", ntohl(mtu->nd_opt_mtu_mtu));
 			} else if (opt->type == ND_OPT_ROUTE_INFORMATION && opt->len <= 3) {
+				struct nd_opt_route_info *rinfo = (struct nd_opt_route_info *)opt;
 				entry.router = from.sin6_addr;
 				entry.target = any;
-				entry.priority = pref_to_priority(opt->data[1]);
-				entry.length = opt->data[0];
-				uint32_t *valid = (uint32_t*)&opt->data[2];
-				entry.valid = ntohl(*valid);
-				memcpy(&entry.target, &opt->data[6], (opt->len - 1) * 8);
+				entry.priority = pref_to_priority(rinfo->nd_opt_ri_prf);
+				entry.length = rinfo->nd_opt_ri_prefix_len;
+				entry.valid = ntohl(rinfo->nd_opt_ri_route_lifetime);
+				memcpy(&entry.target, &rinfo->nd_opt_ri_prefix[0], (rinfo->nd_opt_ri_len - 1) * 8);
 
 				if (entry.length > 128 || IN6_IS_ADDR_LINKLOCAL(&entry.target)
 						|| IN6_IS_ADDR_LOOPBACK(&entry.target)
@@ -286,7 +343,7 @@ bool ra_process(void)
 				if (entry.priority > 0)
 					changed |= odhcp6c_update_entry(STATE_RA_ROUTE, &entry);
 			} else if (opt->type == ND_OPT_PREFIX_INFORMATION && opt->len == 4) {
-				struct nd_opt_prefix_info *pinfo = (struct nd_opt_prefix_info*)opt;
+				struct nd_opt_prefix_info *pinfo = (struct nd_opt_prefix_info *)opt;
 				entry.router = any;
 				entry.target = pinfo->nd_opt_pi_prefix;
 				entry.priority = 256;
@@ -312,15 +369,15 @@ bool ra_process(void)
 
 				changed |= odhcp6c_update_entry_safe(STATE_RA_PREFIX, &entry, 7200);
 			} else if (opt->type == ND_OPT_RECURSIVE_DNS && opt->len > 2) {
+				struct nd_opt_recursive_dns *rdns = (struct nd_opt_recursive_dns *)opt;
 				entry.router = from.sin6_addr;
 				entry.priority = 0;
 				entry.length = 128;
-				uint32_t *valid = (uint32_t*)&opt->data[2];
-				entry.valid = ntohl(*valid);
+				entry.valid = ntohl(rdns->lifetime);
 				entry.preferred = 0;
 
 				for (ssize_t i = 0; i < (opt->len - 1) / 2; ++i) {
-					memcpy(&entry.target, &opt->data[6 + i * sizeof(entry.target)],
+					memcpy(&entry.target, &rdns->servers[i],
 							sizeof(entry.target));
 					changed |= odhcp6c_update_entry(STATE_RA_DNS, &entry);
 				}