1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * dhcpcd - DHCP client daemon
4 * Copyright (c) 2006-2020 Roy Marples <roy@marples.name>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/utsname.h>
30 #include <sys/types.h>
32 #include <netinet/in.h>
33 #include <netinet/ip6.h>
48 #define ELOOP_QUEUE ELOOP_DHCP6
56 #include "if-options.h"
62 #ifdef HAVE_SYS_BITOPS_H
63 #include <sys/bitops.h>
65 #include "compat/bitops.h"
68 /* DHCPCD Project has been assigned an IANA PEN of 40712 */
69 #define DHCPCD_IANA_PEN 40712
71 /* Unsure if I want this */
72 //#define VENDOR_SPLIT
74 /* Support older systems with different defines */
75 #if !defined(IPV6_RECVPKTINFO) && defined(IPV6_PKTINFO)
76 #define IPV6_RECVPKTINFO IPV6_PKTINFO
81 /* Assert the correct structure size for on wire */
82 struct dhcp6_message
{
85 /* followed by options */
87 __CTASSERT(sizeof(struct dhcp6_message
) == 4);
92 /* followed by data */
94 __CTASSERT(sizeof(struct dhcp6_option
) == 4);
101 __CTASSERT(sizeof(struct dhcp6_ia_na
) == 12);
106 __CTASSERT(sizeof(struct dhcp6_ia_ta
) == 4);
108 struct dhcp6_ia_addr
{
109 struct in6_addr addr
;
113 __CTASSERT(sizeof(struct dhcp6_ia_addr
) == 16 + 8);
115 /* XXX FIXME: This is the only packed structure and it does not align.
116 * Maybe manually decode it? */
117 struct dhcp6_pd_addr
{
121 struct in6_addr prefix
;
123 __CTASSERT(sizeof(struct dhcp6_pd_addr
) == 8 + 1 + 16);
130 static const struct dhcp6_op dhcp6_ops
[] = {
131 { DHCP6_SOLICIT
, "SOLICIT6" },
132 { DHCP6_ADVERTISE
, "ADVERTISE6" },
133 { DHCP6_REQUEST
, "REQUEST6" },
134 { DHCP6_REPLY
, "REPLY6" },
135 { DHCP6_RENEW
, "RENEW6" },
136 { DHCP6_REBIND
, "REBIND6" },
137 { DHCP6_CONFIRM
, "CONFIRM6" },
138 { DHCP6_INFORMATION_REQ
, "INFORM6" },
139 { DHCP6_RELEASE
, "RELEASE6" },
140 { DHCP6_RECONFIGURE
, "RECONFIGURE6" },
141 { DHCP6_DECLINE
, "DECLINE6" },
150 static const struct dhcp_compat dhcp_compats
[] = {
151 { DHO_DNSSERVER
, D6_OPTION_DNS_SERVERS
},
152 { DHO_HOSTNAME
, D6_OPTION_FQDN
},
153 { DHO_DNSDOMAIN
, D6_OPTION_FQDN
},
154 { DHO_NISSERVER
, D6_OPTION_NIS_SERVERS
},
155 { DHO_NTPSERVER
, D6_OPTION_SNTP_SERVERS
},
156 { DHO_RAPIDCOMMIT
, D6_OPTION_RAPID_COMMIT
},
157 { DHO_FQDN
, D6_OPTION_FQDN
},
158 { DHO_VIVCO
, D6_OPTION_VENDOR_CLASS
},
159 { DHO_VIVSO
, D6_OPTION_VENDOR_OPTS
},
160 { DHO_DNSSEARCH
, D6_OPTION_DOMAIN_LIST
},
164 static const char * const dhcp6_statuses
[] = {
166 "Unspecified Failure",
167 "No Addresses Available",
171 "No Prefix Available"
174 static void dhcp6_bind(struct interface
*, const char *, const char *);
175 static void dhcp6_failinform(void *);
176 static void dhcp6_recvaddr(void *);
177 static void dhcp6_startdecline(struct interface
*);
180 #define dhcp6_hasprefixdelegation(a) (0)
182 static int dhcp6_hasprefixdelegation(struct interface
*);
185 #define DECLINE_IA(ia) \
186 ((ia)->addr_flags & IN6_IFF_DUPLICATED && \
187 (ia)->ia_type != 0 && (ia)->ia_type != D6_OPTION_IA_PD && \
188 !((ia)->flags & IPV6_AF_STALE) && \
189 (ia)->prefix_vltime != 0)
192 dhcp6_printoptions(const struct dhcpcd_ctx
*ctx
,
193 const struct dhcp_opt
*opts
, size_t opts_len
)
196 const struct dhcp_opt
*opt
, *opt2
;
199 for (i
= 0, opt
= ctx
->dhcp6_opts
;
200 i
< ctx
->dhcp6_opts_len
; i
++, opt
++)
202 for (j
= 0, opt2
= opts
; j
< opts_len
; j
++, opt2
++)
203 if (opt2
->option
== opt
->option
)
206 cols
= printf("%05d %s", opt
->option
, opt
->var
);
207 dhcp_print_option_encoding(opt
, cols
);
210 for (i
= 0, opt
= opts
; i
< opts_len
; i
++, opt
++) {
211 cols
= printf("%05d %s", opt
->option
, opt
->var
);
212 dhcp_print_option_encoding(opt
, cols
);
217 dhcp6_makeuser(void *data
, const struct interface
*ifp
)
219 const struct if_options
*ifo
= ifp
->options
;
220 struct dhcp6_option o
;
222 const uint8_t *up
, *ue
;
223 uint16_t ulen
, unlen
;
226 /* Convert the DHCPv4 user class option to DHCPv6 */
238 for (; up
< ue
; up
+= ulen
) {
240 olen
+= sizeof(ulen
) + ulen
;
244 memcpy(p
, &unlen
, sizeof(unlen
));
250 o
.code
= htons(D6_OPTION_USER_CLASS
);
251 o
.len
= htons((uint16_t)olen
);
252 memcpy(data
, &o
, sizeof(o
));
255 return sizeof(o
) + olen
;
259 dhcp6_makevendor(void *data
, const struct interface
*ifp
)
261 const struct if_options
*ifo
;
264 const struct vivco
*vivco
;
265 struct dhcp6_option o
;
268 len
= sizeof(uint32_t); /* IANA PEN */
271 for (i
= 0, vivco
= ifo
->vivco
;
274 vlen
+= sizeof(uint16_t) + vivco
->len
;
276 } else if (ifo
->vendorclassid
[0] != '\0') {
277 /* dhcpcd owns DHCPCD_IANA_PEN.
278 * If you need your own string, get your own IANA PEN. */
279 vlen
= strlen(ifp
->ctx
->vendor
);
280 len
+= sizeof(uint16_t) + vlen
;
284 if (len
> UINT16_MAX
) {
285 logerrx("%s: DHCPv6 Vendor Class too big", ifp
->name
);
294 o
.code
= htons(D6_OPTION_VENDOR_CLASS
);
295 o
.len
= htons((uint16_t)len
);
296 memcpy(p
, &o
, sizeof(o
));
298 pen
= htonl(ifo
->vivco_en
? ifo
->vivco_en
: DHCPCD_IANA_PEN
);
299 memcpy(p
, &pen
, sizeof(pen
));
303 for (i
= 0, vivco
= ifo
->vivco
;
307 hvlen
= htons((uint16_t)vivco
->len
);
308 memcpy(p
, &hvlen
, sizeof(hvlen
));
310 memcpy(p
, vivco
->data
, vivco
->len
);
313 } else if (ifo
->vendorclassid
[0] != '\0') {
314 hvlen
= htons((uint16_t)vlen
);
315 memcpy(p
, &hvlen
, sizeof(hvlen
));
317 memcpy(p
, ifp
->ctx
->vendor
, vlen
);
321 return sizeof(o
) + len
;
325 dhcp6_findoption(void *data
, size_t data_len
, uint16_t code
, uint16_t *len
)
328 struct dhcp6_option o
;
331 for (d
= data
; data_len
!= 0; d
+= o
.len
, data_len
-= o
.len
) {
332 if (data_len
< sizeof(o
)) {
336 memcpy(&o
, d
, sizeof(o
));
338 data_len
-= sizeof(o
);
339 o
.len
= htons(o
.len
);
340 if (data_len
< o
.len
) {
344 if (o
.code
== code
) {
356 dhcp6_findmoption(void *data
, size_t data_len
, uint16_t code
,
361 if (data_len
< sizeof(struct dhcp6_message
)) {
366 d
+= sizeof(struct dhcp6_message
);
367 data_len
-= sizeof(struct dhcp6_message
);
368 return dhcp6_findoption(d
, data_len
, code
, len
);
371 static const uint8_t *
372 dhcp6_getoption(struct dhcpcd_ctx
*ctx
,
373 size_t *os
, unsigned int *code
, size_t *len
,
374 const uint8_t *od
, size_t ol
, struct dhcp_opt
**oopt
)
376 struct dhcp6_option o
;
378 struct dhcp_opt
*opt
;
386 memcpy(&o
, od
, sizeof(o
));
388 if (*len
> ol
- *os
) {
392 *code
= ntohs(o
.code
);
396 for (i
= 0, opt
= ctx
->dhcp6_opts
;
397 i
< ctx
->dhcp6_opts_len
; i
++, opt
++)
399 if (opt
->option
== *code
) {
406 return od
+ sizeof(o
);
411 dhcp6_updateelapsed(struct interface
*ifp
, struct dhcp6_message
*m
, size_t len
)
415 struct dhcp6_state
*state
;
417 unsigned long long hsec
;
420 opt
= dhcp6_findmoption(m
, len
, D6_OPTION_ELAPSED
, &opt_len
);
423 if (opt_len
!= sizeof(sec
)) {
428 state
= D6_STATE(ifp
);
429 clock_gettime(CLOCK_MONOTONIC
, &tv
);
430 if (state
->RTC
== 0) {
431 /* An RTC of zero means we're the first message
432 * out of the door, so the elapsed time is zero. */
436 unsigned long long secs
;
439 secs
= eloop_timespec_diff(&tv
, &state
->started
, &nsecs
);
440 /* Elapsed time is measured in centiseconds.
441 * We need to be sure it will not potentially overflow. */
442 if (secs
>= (UINT16_MAX
/ CSEC_PER_SEC
) + 1)
445 hsec
= (secs
* CSEC_PER_SEC
) +
446 (nsecs
/ NSEC_PER_CSEC
);
447 if (hsec
> UINT16_MAX
)
451 sec
= htons((uint16_t)hsec
);
452 memcpy(opt
, &sec
, sizeof(sec
));
457 dhcp6_newxid(const struct interface
*ifp
, struct dhcp6_message
*m
)
459 const struct interface
*ifp1
;
460 const struct dhcp6_state
*state1
;
463 if (ifp
->options
->options
& DHCPCD_XID_HWADDR
&&
464 ifp
->hwlen
>= sizeof(xid
))
465 /* The lower bits are probably more unique on the network */
466 memcpy(&xid
, (ifp
->hwaddr
+ ifp
->hwlen
) - sizeof(xid
),
473 m
->xid
[0] = (xid
>> 16) & 0xff;
474 m
->xid
[1] = (xid
>> 8) & 0xff;
475 m
->xid
[2] = xid
& 0xff;
477 /* Ensure it's unique */
478 TAILQ_FOREACH(ifp1
, ifp
->ctx
->ifaces
, next
) {
481 if ((state1
= D6_CSTATE(ifp1
)) == NULL
)
483 if (state1
->send
!= NULL
&&
484 state1
->send
->xid
[0] == m
->xid
[0] &&
485 state1
->send
->xid
[1] == m
->xid
[1] &&
486 state1
->send
->xid
[2] == m
->xid
[2])
491 if (ifp
->options
->options
& DHCPCD_XID_HWADDR
&&
492 ifp
->hwlen
>= sizeof(xid
))
494 logerrx("%s: duplicate xid on %s",
495 ifp
->name
, ifp1
->name
);
503 static const struct if_sla
*
504 dhcp6_findselfsla(struct interface
*ifp
)
509 for (i
= 0; i
< ifp
->options
->ia_len
; i
++) {
510 ia
= &ifp
->options
->ia
[i
];
511 if (ia
->ia_type
!= D6_OPTION_IA_PD
)
513 for (j
= 0; j
< ia
->sla_len
; j
++) {
514 if (strcmp(ia
->sla
[j
].ifname
, ifp
->name
) == 0)
522 dhcp6_delegateaddr(struct in6_addr
*addr
, struct interface
*ifp
,
523 const struct ipv6_addr
*prefix
, const struct if_sla
*sla
, struct if_ia
*ia
)
525 struct dhcp6_state
*state
;
527 char sabuf
[INET6_ADDRSTRLEN
];
530 state
= D6_STATE(ifp
);
532 ifp
->if_data
[IF_DATA_DHCP6
] = calloc(1, sizeof(*state
));
533 state
= D6_STATE(ifp
);
539 TAILQ_INIT(&state
->addrs
);
540 state
->state
= DH6S_DELEGATED
;
541 state
->reason
= "DELEGATED6";
544 if (sla
== NULL
|| !sla
->sla_set
) {
545 /* No SLA set, so make an assumption of
546 * desired SLA and prefix length. */
547 asla
.sla
= ifp
->index
;
549 asla
.sla_set
= false;
551 } else if (sla
->prefix_len
== 0) {
552 /* An SLA was given, but prefix length was not.
553 * We need to work out a suitable prefix length for
554 * potentially more than one interface. */
557 asla
.sla_set
= sla
->sla_set
;
561 if (sla
->prefix_len
== 0) {
565 sla_max
= ia
->sla_max
;
566 if (sla_max
== 0 && (sla
== NULL
|| !sla
->sla_set
)) {
567 const struct interface
*ifi
;
569 TAILQ_FOREACH(ifi
, ifp
->ctx
->ifaces
, next
) {
570 if (ifi
->index
> sla_max
)
571 sla_max
= ifi
->index
;
575 bits
= fls32(sla_max
);
577 if (prefix
->prefix_len
+ bits
> (int)UINT8_MAX
)
578 asla
.prefix_len
= UINT8_MAX
;
580 asla
.prefix_len
= (uint8_t)(prefix
->prefix_len
+ bits
);
582 /* Make a 64 prefix by default, as this makes SLAAC
584 * Otherwise round up to the nearest 4 bits. */
585 if (asla
.prefix_len
<= 64)
586 asla
.prefix_len
= 64;
589 (uint8_t)ROUNDUP4(asla
.prefix_len
);
592 #define BIT(n) (1UL << (n))
593 #define BIT_MASK(len) (BIT(len) - 1)
594 if (ia
->sla_max
== 0) {
595 /* Work out the real sla_max from our bits used */
596 bits
= asla
.prefix_len
- prefix
->prefix_len
;
597 /* Make static analysis happy.
598 * Bits cannot be bigger than 32 thanks to fls32. */
600 ia
->sla_max
= (uint32_t)BIT_MASK(bits
);
604 if (ipv6_userprefix(&prefix
->prefix
, prefix
->prefix_len
,
605 sla
->sla
, addr
, sla
->prefix_len
) == -1)
607 sa
= inet_ntop(AF_INET6
, &prefix
->prefix
,
608 sabuf
, sizeof(sabuf
));
609 logerr("%s: invalid prefix %s/%d + %d/%d",
610 ifp
->name
, sa
, prefix
->prefix_len
,
611 sla
->sla
, sla
->prefix_len
);
615 if (prefix
->prefix_exclude_len
&&
616 IN6_ARE_ADDR_EQUAL(addr
, &prefix
->prefix_exclude
))
618 sa
= inet_ntop(AF_INET6
, &prefix
->prefix_exclude
,
619 sabuf
, sizeof(sabuf
));
620 logerrx("%s: cannot delegate excluded prefix %s/%d",
621 ifp
->name
, sa
, prefix
->prefix_exclude_len
);
625 return sla
->prefix_len
;
630 dhcp6_makemessage(struct interface
*ifp
)
632 struct dhcp6_state
*state
;
633 struct dhcp6_message
*m
;
634 struct dhcp6_option o
;
635 uint8_t *p
, *si
, *unicast
, IA
;
636 size_t n
, l
, len
, ml
, hl
;
638 uint16_t si_len
, uni_len
, n_options
;
640 struct if_options
*ifo
;
641 const struct dhcp_opt
*opt
, *opt2
;
642 const struct ipv6_addr
*ap
;
643 char hbuf
[HOSTNAME_MAX_LEN
+ 1];
644 const char *hostname
;
646 struct dhcp6_ia_na ia_na
;
652 uint8_t duid
[DUID_LEN
];
655 state
= D6_STATE(ifp
);
664 if (fqdn
== FQDN_DISABLE
&& ifo
->options
& DHCPCD_HOSTNAME
) {
665 /* We're sending the DHCPv4 hostname option, so send FQDN as
666 * DHCPv6 has no FQDN option and DHCPv4 must not send
667 * hostname and FQDN according to RFC4702 */
670 if (fqdn
!= FQDN_DISABLE
)
671 hostname
= dhcp_get_hostname(hbuf
, sizeof(hbuf
), ifo
);
673 hostname
= NULL
; /* appearse gcc */
675 /* Work out option size first */
679 hl
= 0; /* Appease gcc */
680 if (state
->state
!= DH6S_RELEASE
&& state
->state
!= DH6S_DECLINE
) {
681 for (l
= 0, opt
= ifp
->ctx
->dhcp6_opts
;
682 l
< ifp
->ctx
->dhcp6_opts_len
;
685 for (n
= 0, opt2
= ifo
->dhcp6_override
;
686 n
< ifo
->dhcp6_override_len
;
689 if (opt
->option
== opt2
->option
)
692 if (n
< ifo
->dhcp6_override_len
)
694 if (!DHC_REQOPT(opt
, ifo
->requestmask6
, ifo
->nomask6
))
697 len
+= sizeof(o
.len
);
700 for (l
= 0, opt
= ifo
->dhcp6_override
;
701 l
< ifo
->dhcp6_override_len
;
704 if (!DHC_REQOPT(opt
, ifo
->requestmask6
, ifo
->nomask6
))
707 len
+= sizeof(o
.len
);
709 if (dhcp6_findselfsla(ifp
)) {
711 len
+= sizeof(o
.len
);
717 if (fqdn
!= FQDN_DISABLE
) {
718 hl
= encode_rfc1035(hostname
, NULL
);
719 len
+= sizeof(o
) + 1 + hl
;
722 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_MUDURL
) &&
724 len
+= sizeof(o
) + ifo
->mudurl
[0];
727 if ((ifo
->auth
.options
& DHCPCD_AUTH_SENDREQUIRE
) !=
728 DHCPCD_AUTH_SENDREQUIRE
&&
729 DHC_REQ(ifo
->requestmask6
, ifo
->nomask6
,
730 D6_OPTION_RECONF_ACCEPT
))
731 len
+= sizeof(o
); /* Reconfigure Accept */
735 len
+= sizeof(*state
->send
);
736 len
+= sizeof(o
) + sizeof(uint16_t); /* elapsed */
738 if (ifo
->options
& DHCPCD_ANONYMOUS
) {
739 duid_len
= duid_make(duid
, ifp
, DUID_LL
);
740 len
+= sizeof(o
) + duid_len
;
742 len
+= sizeof(o
) + ifp
->ctx
->duid_len
;
745 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_USER_CLASS
))
746 len
+= dhcp6_makeuser(NULL
, ifp
);
747 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_VENDOR_CLASS
))
748 len
+= dhcp6_makevendor(NULL
, ifp
);
753 switch(state
->state
) {
756 ml
= state
->recv_len
;
767 si
= dhcp6_findmoption(m
, ml
, D6_OPTION_SERVERID
, &si_len
);
770 len
+= sizeof(o
) + si_len
;
781 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
782 if (ap
->flags
& IPV6_AF_STALE
)
784 if (!(ap
->flags
& IPV6_AF_REQUEST
) &&
785 (ap
->prefix_vltime
== 0 ||
786 state
->state
== DH6S_DISCOVER
))
788 if (DECLINE_IA(ap
) && state
->state
!= DH6S_DECLINE
)
790 if (ap
->ia_type
== D6_OPTION_IA_PD
) {
792 len
+= sizeof(o
) + sizeof(struct dhcp6_pd_addr
);
793 if (ap
->prefix_exclude_len
)
794 len
+= sizeof(o
) + 1 +
795 (uint8_t)((ap
->prefix_exclude_len
-
796 ap
->prefix_len
- 1) / NBBY
) + 1;
799 len
+= sizeof(o
) + sizeof(struct dhcp6_ia_addr
);
803 for (l
= 0; l
< ifo
->ia_len
; l
++) {
804 len
+= sizeof(o
) + sizeof(uint32_t); /* IAID */
805 /* IA_TA does not have T1 or T2 timers */
806 if (ifo
->ia
[l
].ia_type
!= D6_OPTION_IA_TA
)
807 len
+= sizeof(uint32_t) + sizeof(uint32_t);
815 if (state
->state
== DH6S_DISCOVER
&&
816 !(ifp
->ctx
->options
& DHCPCD_TEST
) &&
817 DHC_REQ(ifo
->requestmask6
, ifo
->nomask6
, D6_OPTION_RAPID_COMMIT
))
825 switch(state
->state
) {
826 case DH6S_INIT
: /* FALLTHROUGH */
828 type
= DHCP6_SOLICIT
;
831 type
= DHCP6_REQUEST
;
834 type
= DHCP6_CONFIRM
;
843 type
= DHCP6_INFORMATION_REQ
;
846 type
= DHCP6_RELEASE
;
849 type
= DHCP6_DECLINE
;
856 switch(state
->state
) {
857 case DH6S_REQUEST
: /* FALLTHROUGH */
858 case DH6S_RENEW
: /* FALLTHROUGH */
860 if (has_option_mask(ifo
->nomask6
, D6_OPTION_UNICAST
)) {
864 unicast
= dhcp6_findmoption(m
, ml
, D6_OPTION_UNICAST
, &uni_len
);
871 /* In non master mode we listen and send from fixed addresses.
872 * We should try and match an address we have to unicast to,
873 * but for now this is the safest policy. */
874 if (unicast
!= NULL
&& !(ifp
->ctx
->options
& DHCPCD_MASTER
)) {
875 logdebugx("%s: ignoring unicast option as not master",
882 if (ifo
->auth
.options
& DHCPCD_AUTH_SEND
) {
883 ssize_t alen
= dhcp_auth_encode(ifp
->ctx
, &ifo
->auth
,
884 state
->auth
.token
, NULL
, 0, 6, type
, NULL
, 0);
885 if (alen
!= -1 && alen
> UINT16_MAX
) {
890 logerr("%s: %s: dhcp_auth_encode", __func__
, ifp
->name
);
891 else if (alen
!= 0) {
892 auth_len
= (uint16_t)alen
;
893 len
+= sizeof(o
) + auth_len
;
898 state
->send
= malloc(len
);
899 if (state
->send
== NULL
)
902 state
->send_len
= len
;
903 state
->send
->type
= type
;
905 /* If we found a unicast option, copy it to our state for sending */
906 if (unicast
&& uni_len
== sizeof(state
->unicast
))
907 memcpy(&state
->unicast
, unicast
, sizeof(state
->unicast
));
909 state
->unicast
= in6addr_any
;
911 dhcp6_newxid(ifp
, state
->send
);
913 #define COPYIN1(_code, _len) { \
914 o.code = htons((_code)); \
915 o.len = htons((_len)); \
916 memcpy(p, &o, sizeof(o)); \
919 #define COPYIN(_code, _data, _len) do { \
920 COPYIN1((_code), (_len)); \
922 memcpy(p, (_data), (_len)); \
925 } while (0 /* CONSTCOND */)
926 #define NEXTLEN (p + offsetof(struct dhcp6_option, len))
928 /* Options are listed in numerical order as per RFC 7844 Section 4.1
929 * XXX: They should be randomised. */
931 p
= (uint8_t *)state
->send
+ sizeof(*state
->send
);
932 if (ifo
->options
& DHCPCD_ANONYMOUS
)
933 COPYIN(D6_OPTION_CLIENTID
, duid
,
936 COPYIN(D6_OPTION_CLIENTID
, ifp
->ctx
->duid
,
937 (uint16_t)ifp
->ctx
->duid_len
);
940 COPYIN(D6_OPTION_SERVERID
, si
, si_len
);
942 for (l
= 0; IA
&& l
< ifo
->ia_len
; l
++) {
945 /* TA structure is the same as the others,
946 * it just lacks the T1 and T2 timers.
947 * These happen to be at the end of the struct,
948 * so we just don't copy them in. */
949 if (ifia
->ia_type
== D6_OPTION_IA_TA
)
950 ia_na_len
= sizeof(struct dhcp6_ia_ta
);
952 ia_na_len
= sizeof(ia_na
);
953 memcpy(ia_na
.iaid
, ifia
->iaid
, sizeof(ia_na
.iaid
));
956 COPYIN(ifia
->ia_type
, &ia_na
, ia_na_len
);
957 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
958 if (ap
->flags
& IPV6_AF_STALE
)
960 if (!(ap
->flags
& IPV6_AF_REQUEST
) &&
961 (ap
->prefix_vltime
== 0 ||
962 state
->state
== DH6S_DISCOVER
))
964 if (DECLINE_IA(ap
) && state
->state
!= DH6S_DECLINE
)
966 if (ap
->ia_type
!= ifia
->ia_type
)
968 if (memcmp(ap
->iaid
, ifia
->iaid
, sizeof(ap
->iaid
)))
970 if (ap
->ia_type
== D6_OPTION_IA_PD
) {
972 struct dhcp6_pd_addr pdp
;
974 pdp
.pltime
= htonl(ap
->prefix_pltime
);
975 pdp
.vltime
= htonl(ap
->prefix_vltime
);
976 pdp
.prefix_len
= ap
->prefix_len
;
977 /* pdp.prefix is not aligned, so copy it in. */
978 memcpy(&pdp
.prefix
, &ap
->prefix
, sizeof(pdp
.prefix
));
979 COPYIN(D6_OPTION_IAPREFIX
, &pdp
, sizeof(pdp
));
980 ia_na_len
= (uint16_t)
981 (ia_na_len
+ sizeof(o
) + sizeof(pdp
));
983 /* RFC6603 Section 4.2 */
984 if (ap
->prefix_exclude_len
) {
985 uint8_t exb
[16], *ep
, u8
;
988 n
= (size_t)((ap
->prefix_exclude_len
-
989 ap
->prefix_len
- 1) / NBBY
) + 1;
991 *ep
++ = (uint8_t)ap
->prefix_exclude_len
;
992 pp
= ap
->prefix_exclude
.s6_addr
;
994 ((ap
->prefix_len
- 1) / NBBY
) +
996 u8
= ap
->prefix_len
% NBBY
;
1002 *ep
= (uint8_t)(*pp
<< u8
);
1004 COPYIN(D6_OPTION_PD_EXCLUDE
, exb
,
1006 ia_na_len
= (uint16_t)
1007 (ia_na_len
+ sizeof(o
) + n
);
1011 struct dhcp6_ia_addr ia
;
1014 ia
.pltime
= htonl(ap
->prefix_pltime
);
1015 ia
.vltime
= htonl(ap
->prefix_vltime
);
1016 COPYIN(D6_OPTION_IA_ADDR
, &ia
, sizeof(ia
));
1017 ia_na_len
= (uint16_t)
1018 (ia_na_len
+ sizeof(o
) + sizeof(ia
));
1022 /* Update the total option lenth. */
1023 ia_na_len
= htons(ia_na_len
);
1024 memcpy(o_lenp
, &ia_na_len
, sizeof(ia_na_len
));
1027 if (state
->send
->type
!= DHCP6_RELEASE
&&
1028 state
->send
->type
!= DHCP6_DECLINE
&&
1033 COPYIN1(D6_OPTION_ORO
, 0);
1034 for (l
= 0, opt
= ifp
->ctx
->dhcp6_opts
;
1035 l
< ifp
->ctx
->dhcp6_opts_len
;
1039 for (n
= 0, opt2
= ifo
->dhcp6_override
;
1040 n
< ifo
->dhcp6_override_len
;
1043 if (opt
->option
== opt2
->option
)
1046 if (n
< ifo
->dhcp6_override_len
)
1049 if (!DHC_REQOPT(opt
, ifo
->requestmask6
, ifo
->nomask6
))
1051 o
.code
= htons((uint16_t)opt
->option
);
1052 memcpy(p
, &o
.code
, sizeof(o
.code
));
1053 p
+= sizeof(o
.code
);
1054 o
.len
= (uint16_t)(o
.len
+ sizeof(o
.code
));
1057 for (l
= 0, opt
= ifo
->dhcp6_override
;
1058 l
< ifo
->dhcp6_override_len
;
1061 if (!DHC_REQOPT(opt
, ifo
->requestmask6
, ifo
->nomask6
))
1063 o
.code
= htons((uint16_t)opt
->option
);
1064 memcpy(p
, &o
.code
, sizeof(o
.code
));
1065 p
+= sizeof(o
.code
);
1066 o
.len
= (uint16_t)(o
.len
+ sizeof(o
.code
));
1068 if (dhcp6_findselfsla(ifp
)) {
1069 o
.code
= htons(D6_OPTION_PD_EXCLUDE
);
1070 memcpy(p
, &o
.code
, sizeof(o
.code
));
1071 p
+= sizeof(o
.code
);
1072 o
.len
= (uint16_t)(o
.len
+ sizeof(o
.code
));
1075 o
.len
= htons(o
.len
);
1076 memcpy(o_lenp
, &o
.len
, sizeof(o
.len
));
1080 COPYIN(D6_OPTION_ELAPSED
, &si_len
, sizeof(si_len
));
1082 if (state
->state
== DH6S_DISCOVER
&&
1083 !(ifp
->ctx
->options
& DHCPCD_TEST
) &&
1084 DHC_REQ(ifo
->requestmask6
, ifo
->nomask6
, D6_OPTION_RAPID_COMMIT
))
1085 COPYIN1(D6_OPTION_RAPID_COMMIT
, 0);
1087 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_USER_CLASS
))
1088 p
+= dhcp6_makeuser(p
, ifp
);
1089 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_VENDOR_CLASS
))
1090 p
+= dhcp6_makevendor(p
, ifp
);
1092 if (state
->send
->type
!= DHCP6_RELEASE
&&
1093 state
->send
->type
!= DHCP6_DECLINE
)
1095 if (fqdn
!= FQDN_DISABLE
) {
1097 COPYIN1(D6_OPTION_FQDN
, 0);
1114 encode_rfc1035(hostname
, p
);
1116 o
.len
= htons((uint16_t)(hl
+ 1));
1117 memcpy(o_lenp
, &o
.len
, sizeof(o
.len
));
1120 if (!has_option_mask(ifo
->nomask6
, D6_OPTION_MUDURL
) &&
1122 COPYIN(D6_OPTION_MUDURL
,
1123 ifo
->mudurl
+ 1, ifo
->mudurl
[0]);
1126 if ((ifo
->auth
.options
& DHCPCD_AUTH_SENDREQUIRE
) !=
1127 DHCPCD_AUTH_SENDREQUIRE
&&
1128 DHC_REQ(ifo
->requestmask6
, ifo
->nomask6
,
1129 D6_OPTION_RECONF_ACCEPT
))
1130 COPYIN1(D6_OPTION_RECONF_ACCEPT
, 0);
1136 /* This has to be the last option */
1137 if (ifo
->auth
.options
& DHCPCD_AUTH_SEND
&& auth_len
!= 0) {
1138 COPYIN1(D6_OPTION_AUTH
, auth_len
);
1139 /* data will be filled at send message time */
1147 dhcp6_get_op(uint16_t type
)
1149 const struct dhcp6_op
*d
;
1151 for (d
= dhcp6_ops
; d
->name
; d
++)
1152 if (d
->type
== type
)
1158 dhcp6_freedrop_addrs(struct interface
*ifp
, int drop
,
1159 const struct interface
*ifd
)
1161 struct dhcp6_state
*state
;
1163 state
= D6_STATE(ifp
);
1165 ipv6_freedrop_addrs(&state
->addrs
, drop
, ifd
);
1167 rt_build(ifp
->ctx
, AF_INET6
);
1172 static void dhcp6_delete_delegates(struct interface
*ifp
)
1174 struct interface
*ifp0
;
1176 if (ifp
->ctx
->ifaces
) {
1177 TAILQ_FOREACH(ifp0
, ifp
->ctx
->ifaces
, next
) {
1179 dhcp6_freedrop_addrs(ifp0
, 1, ifp
);
1187 dhcp6_update_auth(struct interface
*ifp
, struct dhcp6_message
*m
, size_t len
)
1189 struct dhcp6_state
*state
;
1193 opt
= dhcp6_findmoption(m
, len
, D6_OPTION_AUTH
, &opt_len
);
1197 state
= D6_STATE(ifp
);
1198 return dhcp_auth_encode(ifp
->ctx
, &ifp
->options
->auth
,
1199 state
->auth
.token
, (uint8_t *)state
->send
, state
->send_len
, 6,
1200 state
->send
->type
, opt
, opt_len
);
1204 static const struct in6_addr alldhcp
= IN6ADDR_LINKLOCAL_ALLDHCP_INIT
;
1206 dhcp6_sendmessage(struct interface
*ifp
, void (*callback
)(void *))
1208 struct dhcp6_state
*state
= D6_STATE(ifp
);
1209 struct dhcpcd_ctx
*ctx
= ifp
->ctx
;
1211 bool broadcast
= true;
1212 struct sockaddr_in6 dst
= {
1213 .sin6_family
= AF_INET6
,
1214 /* Setting the port on Linux gives EINVAL when sending.
1215 * This looks like a kernel bug as the equivalent works
1216 * fine with the DHCP counterpart. */
1218 .sin6_port
= htons(DHCP6_SERVER_PORT
),
1221 struct udphdr udp
= {
1222 .uh_sport
= htons(DHCP6_CLIENT_PORT
),
1223 .uh_dport
= htons(DHCP6_SERVER_PORT
),
1224 .uh_ulen
= htons((uint16_t)(sizeof(udp
) + state
->send_len
)),
1226 struct iovec iov
[] = {
1227 { .iov_base
= &udp
, .iov_len
= sizeof(udp
), },
1228 { .iov_base
= state
->send
, .iov_len
= state
->send_len
, },
1232 uint8_t buf
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
1233 } cmsgbuf
= { .buf
= { 0 } };
1234 struct msghdr msg
= {
1235 .msg_name
= &dst
, .msg_namelen
= sizeof(dst
),
1236 .msg_iov
= iov
, .msg_iovlen
= __arraycount(iov
),
1238 char uaddr
[INET6_ADDRSTRLEN
];
1240 if (!callback
&& ifp
->carrier
<= LINK_DOWN
)
1243 if (!IN6_IS_ADDR_UNSPECIFIED(&state
->unicast
)) {
1244 switch (state
->send
->type
) {
1245 case DHCP6_SOLICIT
: /* FALLTHROUGH */
1246 case DHCP6_CONFIRM
: /* FALLTHROUGH */
1248 /* Unicasting is denied for these types. */
1252 inet_ntop(AF_INET6
, &state
->unicast
, uaddr
,
1257 dst
.sin6_addr
= broadcast
? alldhcp
: state
->unicast
;
1260 logdebugx("%s: %s %s with xid 0x%02x%02x%02x%s%s",
1262 broadcast
? "broadcasting" : "unicasting",
1263 dhcp6_get_op(state
->send
->type
),
1264 state
->send
->xid
[0],
1265 state
->send
->xid
[1],
1266 state
->send
->xid
[2],
1267 !broadcast
? " " : "",
1268 !broadcast
? uaddr
: "");
1272 !(ifp
->options
->options
& DHCPCD_INITIAL_DELAY
))
1275 state
->RT
= state
->IMD
* MSEC_PER_SEC
;
1276 /* Some buggy PPP servers close the link too early
1277 * after sending an invalid status in their reply
1278 * which means this host won't see it.
1279 * 1 second grace seems to be the sweet spot. */
1280 if (ifp
->flags
& IFF_POINTOPOINT
)
1281 state
->RT
+= MSEC_PER_SEC
;
1282 } else if (state
->RTC
== 0)
1283 state
->RT
= state
->IRT
* MSEC_PER_SEC
;
1285 if (state
->MRT
!= 0) {
1286 unsigned int mrt
= state
->MRT
* MSEC_PER_SEC
;
1288 if (state
->RT
> mrt
)
1292 /* Add -.1 to .1 * RT randomness as per RFC8415 section 15 */
1293 uint32_t lru
= arc4random_uniform(
1294 state
->RTC
== 0 ? DHCP6_RAND_MAX
1295 : DHCP6_RAND_MAX
- DHCP6_RAND_MIN
);
1296 int lr
= (int)lru
- (state
->RTC
== 0 ? 0 : DHCP6_RAND_MAX
);
1298 + (unsigned int)((float)state
->RT
1299 * ((float)lr
/ DHCP6_RAND_DIV
));
1301 if (ifp
->carrier
> LINK_DOWN
)
1302 logdebugx("%s: %s %s (xid 0x%02x%02x%02x)%s%s,"
1303 " next in %0.1f seconds",
1305 state
->IMD
!= 0 ? "delaying" :
1306 broadcast
? "broadcasting" : "unicasting",
1307 dhcp6_get_op(state
->send
->type
),
1308 state
->send
->xid
[0],
1309 state
->send
->xid
[1],
1310 state
->send
->xid
[2],
1311 state
->IMD
== 0 && !broadcast
? " " : "",
1312 state
->IMD
== 0 && !broadcast
? uaddr
: "",
1313 (float)RT
/ MSEC_PER_SEC
);
1315 /* Wait the initial delay */
1316 if (state
->IMD
!= 0) {
1318 eloop_timeout_add_msec(ctx
->eloop
, RT
, callback
, ifp
);
1323 if (ifp
->carrier
<= LINK_DOWN
)
1326 /* Update the elapsed time */
1327 dhcp6_updateelapsed(ifp
, state
->send
, state
->send_len
);
1329 if (ifp
->options
->auth
.options
& DHCPCD_AUTH_SEND
&&
1330 dhcp6_update_auth(ifp
, state
->send
, state
->send_len
) == -1)
1332 logerr("%s: %s: dhcp6_updateauth", __func__
, ifp
->name
);
1338 /* Set the outbound interface */
1341 struct in6_pktinfo pi
= { .ipi6_ifindex
= ifp
->index
};
1343 dst
.sin6_scope_id
= ifp
->index
;
1344 msg
.msg_control
= cmsgbuf
.buf
;
1345 msg
.msg_controllen
= sizeof(cmsgbuf
.buf
);
1346 cm
= CMSG_FIRSTHDR(&msg
);
1347 if (cm
== NULL
) /* unlikely */
1349 cm
->cmsg_level
= IPPROTO_IPV6
;
1350 cm
->cmsg_type
= IPV6_PKTINFO
;
1351 cm
->cmsg_len
= CMSG_LEN(sizeof(pi
));
1352 memcpy(CMSG_DATA(cm
), &pi
, sizeof(pi
));
1356 if (IN_PRIVSEP(ifp
->ctx
)) {
1357 if (ps_inet_senddhcp6(ifp
, &msg
) == -1)
1363 if (sendmsg(ctx
->dhcp6_wfd
, &msg
, 0) == -1) {
1364 logerr("%s: %s: sendmsg", __func__
, ifp
->name
);
1365 /* Allow DHCPv6 to continue .... the errors
1366 * would be rate limited by the protocol.
1367 * Generally the error is ENOBUFS when struggling to
1368 * associate with an access point. */
1377 if (state
->RT
< RT
) /* Check overflow */
1379 if (state
->MRC
== 0 || state
->RTC
< state
->MRC
)
1380 eloop_timeout_add_msec(ctx
->eloop
,
1382 else if (state
->MRC
!= 0 && state
->MRCcallback
)
1383 eloop_timeout_add_msec(ctx
->eloop
,
1384 RT
, state
->MRCcallback
, ifp
);
1386 logwarnx("%s: sent %d times with no reply",
1387 ifp
->name
, state
->RTC
);
1393 dhcp6_sendinform(void *arg
)
1396 dhcp6_sendmessage(arg
, dhcp6_sendinform
);
1400 dhcp6_senddiscover(void *arg
)
1403 dhcp6_sendmessage(arg
, dhcp6_senddiscover
);
1407 dhcp6_sendrequest(void *arg
)
1410 dhcp6_sendmessage(arg
, dhcp6_sendrequest
);
1414 dhcp6_sendrebind(void *arg
)
1417 dhcp6_sendmessage(arg
, dhcp6_sendrebind
);
1421 dhcp6_sendrenew(void *arg
)
1424 dhcp6_sendmessage(arg
, dhcp6_sendrenew
);
1428 dhcp6_sendconfirm(void *arg
)
1431 dhcp6_sendmessage(arg
, dhcp6_sendconfirm
);
1435 dhcp6_senddecline(void *arg
)
1438 dhcp6_sendmessage(arg
, dhcp6_senddecline
);
1442 dhcp6_sendrelease(void *arg
)
1445 dhcp6_sendmessage(arg
, dhcp6_sendrelease
);
1449 dhcp6_startrenew(void *arg
)
1451 struct interface
*ifp
;
1452 struct dhcp6_state
*state
;
1455 if ((state
= D6_STATE(ifp
)) == NULL
)
1458 /* Only renew in the bound or renew states */
1459 if (state
->state
!= DH6S_BOUND
&&
1460 state
->state
!= DH6S_RENEW
)
1463 /* Remove the timeout as the renew may have been forced. */
1464 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_startrenew
, ifp
);
1466 state
->state
= DH6S_RENEW
;
1468 state
->IMD
= REN_MAX_DELAY
;
1469 state
->IRT
= REN_TIMEOUT
;
1470 state
->MRT
= REN_MAX_RT
;
1473 if (dhcp6_makemessage(ifp
) == -1)
1474 logerr("%s: %s", __func__
, ifp
->name
);
1476 dhcp6_sendrenew(ifp
);
1479 void dhcp6_renew(struct interface
*ifp
)
1482 dhcp6_startrenew(ifp
);
1486 dhcp6_dadcompleted(const struct interface
*ifp
)
1488 const struct dhcp6_state
*state
;
1489 const struct ipv6_addr
*ap
;
1491 state
= D6_CSTATE(ifp
);
1492 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
1493 if (ap
->flags
& IPV6_AF_ADDED
&&
1494 !(ap
->flags
& IPV6_AF_DADCOMPLETED
))
1501 dhcp6_dadcallback(void *arg
)
1503 struct ipv6_addr
*ia
= arg
;
1504 struct interface
*ifp
;
1505 struct dhcp6_state
*state
;
1506 struct ipv6_addr
*ia2
;
1507 bool completed
, valid
, oneduplicated
;
1509 completed
= (ia
->flags
& IPV6_AF_DADCOMPLETED
);
1510 ia
->flags
|= IPV6_AF_DADCOMPLETED
;
1511 if (ia
->addr_flags
& IN6_IFF_DUPLICATED
)
1512 logwarnx("%s: DAD detected %s", ia
->iface
->name
, ia
->saddr
);
1514 #ifdef ND6_ADVERTISE
1516 ipv6nd_advertise(ia
);
1522 state
= D6_STATE(ifp
);
1523 if (state
->state
!= DH6S_BOUND
&& state
->state
!= DH6S_DELEGATED
)
1529 valid
= (ia
->delegating_prefix
== NULL
);
1532 oneduplicated
= false;
1533 TAILQ_FOREACH(ia2
, &state
->addrs
, next
) {
1534 if (ia2
->flags
& IPV6_AF_ADDED
&&
1535 !(ia2
->flags
& IPV6_AF_DADCOMPLETED
))
1541 oneduplicated
= true;
1546 logdebugx("%s: DHCPv6 DAD completed", ifp
->name
);
1548 if (oneduplicated
&& state
->state
== DH6S_BOUND
) {
1549 dhcp6_startdecline(ifp
);
1553 script_runreason(ifp
,
1555 ia
->delegating_prefix
? "DELEGATED6" :
1559 dhcpcd_daemonise(ifp
->ctx
);
1563 dhcp6_addrequestedaddrs(struct interface
*ifp
)
1565 struct dhcp6_state
*state
;
1568 struct ipv6_addr
*a
;
1570 state
= D6_STATE(ifp
);
1571 /* Add any requested prefixes / addresses */
1572 for (i
= 0; i
< ifp
->options
->ia_len
; i
++) {
1573 ia
= &ifp
->options
->ia
[i
];
1574 if (!((ia
->ia_type
== D6_OPTION_IA_PD
&& ia
->prefix_len
) ||
1575 !IN6_IS_ADDR_UNSPECIFIED(&ia
->addr
)))
1577 a
= ipv6_newaddr(ifp
, &ia
->addr
,
1579 * RFC 5942 Section 5
1580 * We cannot assume any prefix length, nor tie the
1581 * address to an existing one as it could expire
1582 * before the address.
1583 * As such we just give it a 128 prefix.
1585 ia
->ia_type
== D6_OPTION_IA_PD
? ia
->prefix_len
: 128,
1589 a
->dadcallback
= dhcp6_dadcallback
;
1590 memcpy(&a
->iaid
, &ia
->iaid
, sizeof(a
->iaid
));
1591 a
->ia_type
= ia
->ia_type
;
1592 TAILQ_INSERT_TAIL(&state
->addrs
, a
, next
);
1597 dhcp6_startdiscover(void *arg
)
1599 struct interface
*ifp
;
1600 struct dhcp6_state
*state
;
1604 state
= D6_STATE(ifp
);
1606 if (state
->reason
== NULL
|| strcmp(state
->reason
, "TIMEOUT6") != 0)
1607 dhcp6_delete_delegates(ifp
);
1609 if (state
->new == NULL
&& !state
->failed
)
1613 logmessage(llevel
, "%s: soliciting a DHCPv6 lease", ifp
->name
);
1614 state
->state
= DH6S_DISCOVER
;
1616 state
->IMD
= SOL_MAX_DELAY
;
1617 state
->IRT
= SOL_TIMEOUT
;
1618 state
->MRT
= state
->sol_max_rt
;
1619 state
->MRC
= SOL_MAX_RC
;
1621 eloop_timeout_delete(ifp
->ctx
->eloop
, NULL
, ifp
);
1626 if (dhcp6_makemessage(ifp
) == -1)
1627 logerr("%s: %s", __func__
, ifp
->name
);
1629 dhcp6_senddiscover(ifp
);
1633 dhcp6_startinform(void *arg
)
1635 struct interface
*ifp
;
1636 struct dhcp6_state
*state
;
1640 state
= D6_STATE(ifp
);
1641 if (state
->new == NULL
&& !state
->failed
)
1645 logmessage(llevel
, "%s: requesting DHCPv6 information", ifp
->name
);
1646 state
->state
= DH6S_INFORM
;
1648 state
->IMD
= INF_MAX_DELAY
;
1649 state
->IRT
= INF_TIMEOUT
;
1650 state
->MRT
= state
->inf_max_rt
;
1653 eloop_timeout_delete(ifp
->ctx
->eloop
, NULL
, ifp
);
1654 if (dhcp6_makemessage(ifp
) == -1) {
1655 logerr("%s: %s", __func__
, ifp
->name
);
1658 dhcp6_sendinform(ifp
);
1659 /* RFC3315 18.1.2 says that if CONFIRM failed then the prior addresses
1660 * SHOULD be used. The wording here is poor, because the addresses are
1661 * merely one facet of the lease as a whole.
1662 * This poor wording might explain the lack of similar text for INFORM
1663 * in 18.1.5 because there are no addresses in the INFORM message. */
1664 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
1665 INF_MAX_RD
, dhcp6_failinform
, ifp
);
1669 dhcp6_startdiscoinform(struct interface
*ifp
)
1671 unsigned long long opts
= ifp
->options
->options
;
1673 if (opts
& DHCPCD_IA_FORCED
|| ipv6nd_hasradhcp(ifp
, true))
1674 dhcp6_startdiscover(ifp
);
1675 else if (opts
& DHCPCD_INFORM6
|| ipv6nd_hasradhcp(ifp
, false))
1676 dhcp6_startinform(ifp
);
1683 dhcp6_leaseextend(struct interface
*ifp
)
1685 struct dhcp6_state
*state
= D6_STATE(ifp
);
1686 struct ipv6_addr
*ia
;
1688 logwarnx("%s: extending DHCPv6 lease", ifp
->name
);
1689 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
1690 ia
->flags
|= IPV6_AF_EXTENDED
;
1691 /* Set infinite lifetimes. */
1692 ia
->prefix_pltime
= ND6_INFINITE_LIFETIME
;
1693 ia
->prefix_vltime
= ND6_INFINITE_LIFETIME
;
1698 dhcp6_fail(struct interface
*ifp
)
1700 struct dhcp6_state
*state
= D6_STATE(ifp
);
1702 state
->failed
= true;
1704 /* RFC3315 18.1.2 says that prior addresses SHOULD be used on failure.
1705 * RFC2131 3.2.3 says that MAY chose to use the prior address.
1706 * Because dhcpcd was written first for RFC2131, we have the LASTLEASE
1707 * option which defaults to off as that makes the most sense for
1709 * dhcpcd also has LASTLEASE_EXTEND to extend this lease past it's
1710 * expiry, but this is strictly not RFC compliant in any way or form. */
1711 if (state
->new != NULL
&&
1712 ifp
->options
->options
& DHCPCD_LASTLEASE_EXTEND
)
1714 dhcp6_leaseextend(ifp
);
1715 dhcp6_bind(ifp
, NULL
, NULL
);
1717 dhcp6_freedrop_addrs(ifp
, 1, NULL
);
1719 dhcp6_delete_delegates(ifp
);
1722 state
->old
= state
->new;
1723 state
->old_len
= state
->new_len
;
1726 if (state
->old
!= NULL
)
1727 script_runreason(ifp
, "EXPIRE6");
1728 dhcp_unlink(ifp
->ctx
, state
->leasefile
);
1729 dhcp6_addrequestedaddrs(ifp
);
1732 if (!dhcp6_startdiscoinform(ifp
)) {
1733 logwarnx("%s: no advertising IPv6 router wants DHCP",ifp
->name
);
1734 state
->state
= DH6S_INIT
;
1735 eloop_timeout_delete(ifp
->ctx
->eloop
, NULL
, ifp
);
1740 dhcp6_failloglevel(struct interface
*ifp
)
1742 const struct dhcp6_state
*state
= D6_CSTATE(ifp
);
1744 return state
->failed
? LOG_DEBUG
: LOG_ERR
;
1748 dhcp6_failconfirm(void *arg
)
1750 struct interface
*ifp
= arg
;
1751 int llevel
= dhcp6_failloglevel(ifp
);
1753 logmessage(llevel
, "%s: failed to confirm prior DHCPv6 address",
1759 dhcp6_failrequest(void *arg
)
1761 struct interface
*ifp
= arg
;
1762 int llevel
= dhcp6_failloglevel(ifp
);
1764 logmessage(llevel
, "%s: failed to request DHCPv6 address", ifp
->name
);
1769 dhcp6_failinform(void *arg
)
1771 struct interface
*ifp
= arg
;
1772 int llevel
= dhcp6_failloglevel(ifp
);
1774 logmessage(llevel
, "%s: failed to request DHCPv6 information",
1781 dhcp6_failrebind(void *arg
)
1783 struct interface
*ifp
= arg
;
1785 logerrx("%s: failed to rebind prior DHCPv6 delegation", ifp
->name
);
1790 dhcp6_hasprefixdelegation(struct interface
*ifp
)
1796 for (i
= 0; i
< ifp
->options
->ia_len
; i
++) {
1797 if (t
&& t
!= ifp
->options
->ia
[i
].ia_type
) {
1798 if (t
== D6_OPTION_IA_PD
||
1799 ifp
->options
->ia
[i
].ia_type
== D6_OPTION_IA_PD
)
1802 t
= ifp
->options
->ia
[i
].ia_type
;
1804 return t
== D6_OPTION_IA_PD
? 1 : 0;
1809 dhcp6_startrebind(void *arg
)
1811 struct interface
*ifp
;
1812 struct dhcp6_state
*state
;
1818 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_sendrenew
, ifp
);
1819 state
= D6_STATE(ifp
);
1820 if (state
->state
== DH6S_RENEW
)
1821 logwarnx("%s: failed to renew DHCPv6, rebinding", ifp
->name
);
1823 loginfox("%s: rebinding prior DHCPv6 lease", ifp
->name
);
1824 state
->state
= DH6S_REBIND
;
1829 /* RFC 3633 section 12.1 */
1830 pd
= dhcp6_hasprefixdelegation(ifp
);
1832 state
->IMD
= CNF_MAX_DELAY
;
1833 state
->IRT
= CNF_TIMEOUT
;
1834 state
->MRT
= CNF_MAX_RT
;
1838 state
->IMD
= REB_MAX_DELAY
;
1839 state
->IRT
= REB_TIMEOUT
;
1840 state
->MRT
= REB_MAX_RT
;
1843 if (dhcp6_makemessage(ifp
) == -1)
1844 logerr("%s: %s", __func__
, ifp
->name
);
1846 dhcp6_sendrebind(ifp
);
1849 /* RFC 3633 section 12.1 */
1851 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
1852 CNF_MAX_RD
, dhcp6_failrebind
, ifp
);
1858 dhcp6_startrequest(struct interface
*ifp
)
1860 struct dhcp6_state
*state
;
1862 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_senddiscover
, ifp
);
1863 state
= D6_STATE(ifp
);
1864 state
->state
= DH6S_REQUEST
;
1867 state
->IRT
= REQ_TIMEOUT
;
1868 state
->MRT
= REQ_MAX_RT
;
1869 state
->MRC
= REQ_MAX_RC
;
1870 state
->MRCcallback
= dhcp6_failrequest
;
1872 if (dhcp6_makemessage(ifp
) == -1) {
1873 logerr("%s: %s", __func__
, ifp
->name
);
1877 dhcp6_sendrequest(ifp
);
1881 dhcp6_startconfirm(struct interface
*ifp
)
1883 struct dhcp6_state
*state
;
1884 struct ipv6_addr
*ia
;
1886 state
= D6_STATE(ifp
);
1888 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
1889 if (!DECLINE_IA(ia
))
1891 logerrx("%s: prior DHCPv6 has a duplicated address", ifp
->name
);
1892 dhcp6_startdecline(ifp
);
1896 state
->state
= DH6S_CONFIRM
;
1898 state
->IMD
= CNF_MAX_DELAY
;
1899 state
->IRT
= CNF_TIMEOUT
;
1900 state
->MRT
= CNF_MAX_RT
;
1901 state
->MRC
= CNF_MAX_RC
;
1903 loginfox("%s: confirming prior DHCPv6 lease", ifp
->name
);
1905 if (dhcp6_makemessage(ifp
) == -1) {
1906 logerr("%s: %s", __func__
, ifp
->name
);
1909 dhcp6_sendconfirm(ifp
);
1910 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
1911 CNF_MAX_RD
, dhcp6_failconfirm
, ifp
);
1915 dhcp6_startexpire(void *arg
)
1917 struct interface
*ifp
;
1920 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_sendrebind
, ifp
);
1922 logerrx("%s: DHCPv6 lease expired", ifp
->name
);
1927 dhcp6_faildecline(void *arg
)
1929 struct interface
*ifp
= arg
;
1931 logerrx("%s: failed to decline duplicated DHCPv6 addresses", ifp
->name
);
1936 dhcp6_startdecline(struct interface
*ifp
)
1938 struct dhcp6_state
*state
;
1940 state
= D6_STATE(ifp
);
1941 loginfox("%s: declining failed DHCPv6 addresses", ifp
->name
);
1942 state
->state
= DH6S_DECLINE
;
1945 state
->IRT
= DEC_TIMEOUT
;
1947 state
->MRC
= DEC_MAX_RC
;
1948 state
->MRCcallback
= dhcp6_faildecline
;
1950 if (dhcp6_makemessage(ifp
) == -1)
1951 logerr("%s: %s", __func__
, ifp
->name
);
1953 dhcp6_senddecline(ifp
);
1957 dhcp6_finishrelease(void *arg
)
1959 struct interface
*ifp
;
1960 struct dhcp6_state
*state
;
1962 ifp
= (struct interface
*)arg
;
1963 if ((state
= D6_STATE(ifp
)) != NULL
) {
1964 state
->state
= DH6S_RELEASED
;
1965 dhcp6_drop(ifp
, "RELEASE6");
1970 dhcp6_startrelease(struct interface
*ifp
)
1972 struct dhcp6_state
*state
;
1974 state
= D6_STATE(ifp
);
1975 if (state
->state
!= DH6S_BOUND
)
1978 state
->state
= DH6S_RELEASE
;
1980 state
->IMD
= REL_MAX_DELAY
;
1981 state
->IRT
= REL_TIMEOUT
;
1982 state
->MRT
= REL_MAX_RT
;
1983 /* MRC of REL_MAX_RC is optional in RFC 3315 18.1.6 */
1985 state
->MRC
= REL_MAX_RC
;
1986 state
->MRCcallback
= dhcp6_finishrelease
;
1989 state
->MRCcallback
= NULL
;
1992 if (dhcp6_makemessage(ifp
) == -1)
1993 logerr("%s: %s", __func__
, ifp
->name
);
1995 dhcp6_sendrelease(ifp
);
1996 dhcp6_finishrelease(ifp
);
2001 dhcp6_checkstatusok(const struct interface
*ifp
,
2002 struct dhcp6_message
*m
, uint8_t *p
, size_t len
)
2004 struct dhcp6_state
*state
;
2006 uint16_t opt_len
, code
;
2008 void * (*f
)(void *, size_t, uint16_t, uint16_t *), *farg
;
2009 char buf
[32], *sbuf
;
2013 state
= D6_STATE(ifp
);
2014 f
= p
? dhcp6_findoption
: dhcp6_findmoption
;
2019 if ((opt
= f(farg
, len
, D6_OPTION_STATUS_CODE
, &opt_len
)) == NULL
) {
2020 //logdebugx("%s: no status", ifp->name);
2026 if (opt_len
< sizeof(code
)) {
2027 logerrx("%s: status truncated", ifp
->name
);
2030 memcpy(&code
, opt
, sizeof(code
));
2032 if (code
== D6_STATUS_OK
) {
2038 /* Anything after the code is a message. */
2039 opt
+= sizeof(code
);
2040 mlen
= opt_len
- sizeof(code
);
2043 if (code
< sizeof(dhcp6_statuses
) / sizeof(char *))
2044 status
= dhcp6_statuses
[code
];
2046 snprintf(buf
, sizeof(buf
), "Unknown Status (%d)", code
);
2050 if ((sbuf
= malloc(mlen
+ 1)) == NULL
) {
2054 memcpy(sbuf
, opt
, mlen
);
2059 if (state
->lerror
== code
|| state
->state
== DH6S_INIT
)
2060 loglevel
= LOG_DEBUG
;
2063 logmessage(loglevel
, "%s: DHCPv6 REPLY: %s", ifp
->name
, status
);
2065 state
->lerror
= code
;
2070 const struct ipv6_addr
*
2071 dhcp6_iffindaddr(const struct interface
*ifp
, const struct in6_addr
*addr
,
2074 const struct dhcp6_state
*state
;
2075 const struct ipv6_addr
*ap
;
2077 if ((state
= D6_STATE(ifp
)) != NULL
) {
2078 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2079 if (ipv6_findaddrmatch(ap
, addr
, flags
))
2087 dhcp6_findaddr(struct dhcpcd_ctx
*ctx
, const struct in6_addr
*addr
,
2090 struct interface
*ifp
;
2091 struct ipv6_addr
*ap
;
2092 struct dhcp6_state
*state
;
2094 TAILQ_FOREACH(ifp
, ctx
->ifaces
, next
) {
2095 if ((state
= D6_STATE(ifp
)) != NULL
) {
2096 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2097 if (ipv6_findaddrmatch(ap
, addr
, flags
))
2106 dhcp6_findna(struct interface
*ifp
, uint16_t ot
, const uint8_t *iaid
,
2107 uint8_t *d
, size_t l
, const struct timespec
*acquired
)
2109 struct dhcp6_state
*state
;
2112 struct ipv6_addr
*a
;
2114 struct dhcp6_ia_addr ia
;
2117 state
= D6_STATE(ifp
);
2118 while ((o
= dhcp6_findoption(d
, l
, D6_OPTION_IA_ADDR
, &ol
))) {
2119 /* Set d and l first to ensure we find the next option. */
2121 l
-= (size_t)(nd
- d
);
2123 if (ol
< sizeof(ia
)) {
2125 logerrx("%s: IA Address option truncated", ifp
->name
);
2128 memcpy(&ia
, o
, sizeof(ia
));
2129 ia
.pltime
= ntohl(ia
.pltime
);
2130 ia
.vltime
= ntohl(ia
.vltime
);
2132 if (ia
.pltime
> ia
.vltime
) {
2134 logerr("%s: IA Address pltime %"PRIu32
2135 " > vltime %"PRIu32
,
2136 ifp
->name
, ia
.pltime
, ia
.vltime
);
2139 TAILQ_FOREACH(a
, &state
->addrs
, next
) {
2140 if (ipv6_findaddrmatch(a
, &ia
.addr
, 0))
2145 * RFC 5942 Section 5
2146 * We cannot assume any prefix length, nor tie the
2147 * address to an existing one as it could expire
2148 * before the address.
2149 * As such we just give it a 128 prefix.
2151 a
= ipv6_newaddr(ifp
, &ia
.addr
, 128, IPV6_AF_ONLINK
);
2152 a
->dadcallback
= dhcp6_dadcallback
;
2154 memcpy(a
->iaid
, iaid
, sizeof(a
->iaid
));
2155 a
->created
= *acquired
;
2157 TAILQ_INSERT_TAIL(&state
->addrs
, a
, next
);
2159 if (!(a
->flags
& IPV6_AF_ONLINK
))
2160 a
->flags
|= IPV6_AF_ONLINK
| IPV6_AF_NEW
;
2161 a
->flags
&= ~(IPV6_AF_STALE
| IPV6_AF_EXTENDED
);
2163 a
->acquired
= *acquired
;
2164 a
->prefix_pltime
= ia
.pltime
;
2165 if (a
->prefix_vltime
!= ia
.vltime
) {
2166 a
->flags
|= IPV6_AF_NEW
;
2167 a
->prefix_vltime
= ia
.vltime
;
2169 if (a
->prefix_pltime
&& a
->prefix_pltime
< state
->lowpl
)
2170 state
->lowpl
= a
->prefix_pltime
;
2171 if (a
->prefix_vltime
&& a
->prefix_vltime
> state
->expire
)
2172 state
->expire
= a
->prefix_vltime
;
2180 dhcp6_findpd(struct interface
*ifp
, const uint8_t *iaid
,
2181 uint8_t *d
, size_t l
, const struct timespec
*acquired
)
2183 struct dhcp6_state
*state
;
2185 struct ipv6_addr
*a
;
2189 struct dhcp6_pd_addr pdp
;
2190 struct in6_addr pdp_prefix
;
2193 state
= D6_STATE(ifp
);
2194 while ((o
= dhcp6_findoption(d
, l
, D6_OPTION_IAPREFIX
, &ol
))) {
2195 /* Set d and l first to ensure we find the next option. */
2197 l
-= (size_t)(nd
- d
);
2199 if (ol
< sizeof(pdp
)) {
2201 logerrx("%s: IA Prefix option truncated", ifp
->name
);
2205 memcpy(&pdp
, o
, sizeof(pdp
));
2206 pdp
.pltime
= ntohl(pdp
.pltime
);
2207 pdp
.vltime
= ntohl(pdp
.vltime
);
2209 if (pdp
.pltime
> pdp
.vltime
) {
2211 logerrx("%s: IA Prefix pltime %"PRIu32
2212 " > vltime %"PRIu32
,
2213 ifp
->name
, pdp
.pltime
, pdp
.vltime
);
2218 ol
= (uint16_t)(ol
- sizeof(pdp
));
2220 /* pdp.prefix is not aligned so copy it out. */
2221 memcpy(&pdp_prefix
, &pdp
.prefix
, sizeof(pdp_prefix
));
2222 TAILQ_FOREACH(a
, &state
->addrs
, next
) {
2223 if (IN6_ARE_ADDR_EQUAL(&a
->prefix
, &pdp_prefix
))
2228 a
= ipv6_newaddr(ifp
, &pdp_prefix
, pdp
.prefix_len
,
2229 IPV6_AF_DELEGATEDPFX
);
2232 a
->created
= *acquired
;
2233 a
->dadcallback
= dhcp6_dadcallback
;
2234 a
->ia_type
= D6_OPTION_IA_PD
;
2235 memcpy(a
->iaid
, iaid
, sizeof(a
->iaid
));
2236 TAILQ_INSERT_TAIL(&state
->addrs
, a
, next
);
2238 if (!(a
->flags
& IPV6_AF_DELEGATEDPFX
))
2239 a
->flags
|= IPV6_AF_NEW
| IPV6_AF_DELEGATEDPFX
;
2240 a
->flags
&= ~(IPV6_AF_STALE
|
2243 if (a
->prefix_vltime
!= pdp
.vltime
)
2244 a
->flags
|= IPV6_AF_NEW
;
2247 a
->acquired
= *acquired
;
2248 a
->prefix_pltime
= pdp
.pltime
;
2249 a
->prefix_vltime
= pdp
.vltime
;
2251 if (a
->prefix_pltime
&& a
->prefix_pltime
< state
->lowpl
)
2252 state
->lowpl
= a
->prefix_pltime
;
2253 if (a
->prefix_vltime
&& a
->prefix_vltime
> state
->expire
)
2254 state
->expire
= a
->prefix_vltime
;
2257 a
->prefix_exclude_len
= 0;
2258 memset(&a
->prefix_exclude
, 0, sizeof(a
->prefix_exclude
));
2259 o
= dhcp6_findoption(o
, ol
, D6_OPTION_PD_EXCLUDE
, &ol
);
2263 /* RFC 6603 4.2 says option length MUST be between 2 and 17.
2264 * This allows 1 octet for prefix length and 16 for the
2266 if (ol
< 2 || ol
> 17) {
2267 logerrx("%s: invalid PD Exclude option", ifp
->name
);
2271 /* RFC 6603 4.2 says prefix length MUST be between the
2272 * length of the IAPREFIX prefix length + 1 and 128. */
2273 if (*o
< a
->prefix_len
+ 1 || *o
> 128) {
2274 logerrx("%s: invalid PD Exclude length", ifp
->name
);
2279 /* Check option length matches prefix length. */
2280 if (((*o
- a
->prefix_len
- 1) / NBBY
) + 1 != ol
) {
2281 logerrx("%s: PD Exclude length mismatch", ifp
->name
);
2284 a
->prefix_exclude_len
= *o
++;
2286 memcpy(&a
->prefix_exclude
, &a
->prefix
,
2287 sizeof(a
->prefix_exclude
));
2288 nb
= a
->prefix_len
% NBBY
;
2291 pw
= a
->prefix_exclude
.s6_addr
+
2292 (a
->prefix_exclude_len
/ NBBY
) - 1;
2296 *pw
= (uint8_t)(*pw
| (*o
>> nb
));
2303 dhcp6_findia(struct interface
*ifp
, struct dhcp6_message
*m
, size_t l
,
2304 const char *sfrom
, const struct timespec
*acquired
)
2306 struct dhcp6_state
*state
;
2307 const struct if_options
*ifo
;
2308 struct dhcp6_option o
;
2310 struct dhcp6_ia_na ia
;
2315 char buf
[sizeof(iaid
) * 3];
2316 struct ipv6_addr
*ap
;
2319 if (l
< sizeof(*m
)) {
2320 /* Should be impossible with guards at packet in
2321 * and reading leases */
2328 state
= D6_STATE(ifp
);
2329 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2330 if (!(ap
->flags
& IPV6_AF_DELEGATED
))
2331 ap
->flags
|= IPV6_AF_STALE
;
2334 d
= (uint8_t *)m
+ sizeof(*m
);
2336 while (l
> sizeof(o
)) {
2337 memcpy(&o
, d
, sizeof(o
));
2338 o
.len
= ntohs(o
.len
);
2339 if (o
.len
> l
|| sizeof(o
) + o
.len
> l
) {
2341 logerrx("%s: option overflow", ifp
->name
);
2346 l
-= sizeof(o
) + o
.len
;
2348 o
.code
= ntohs(o
.code
);
2350 case D6_OPTION_IA_TA
:
2353 case D6_OPTION_IA_NA
:
2354 case D6_OPTION_IA_PD
:
2362 logerrx("%s: IA option truncated", ifp
->name
);
2368 o
.len
= (uint16_t)(o
.len
- nl
);
2370 for (j
= 0; j
< ifo
->ia_len
; j
++) {
2372 if (ifia
->ia_type
== o
.code
&&
2373 memcmp(ifia
->iaid
, ia
.iaid
, sizeof(ia
.iaid
)) == 0)
2376 if (j
== ifo
->ia_len
&&
2377 !(ifo
->ia_len
== 0 && ifp
->ctx
->options
& DHCPCD_DUMPLEASE
))
2379 logdebugx("%s: ignoring unrequested IAID %s",
2381 hwaddr_ntoa(ia
.iaid
, sizeof(ia
.iaid
),
2386 if (o
.code
!= D6_OPTION_IA_TA
) {
2387 ia
.t1
= ntohl(ia
.t1
);
2388 ia
.t2
= ntohl(ia
.t2
);
2390 if (ia
.t2
> 0 && ia
.t1
> ia
.t2
) {
2391 logwarnx("%s: IAID %s T1(%d) > T2(%d) from %s",
2393 hwaddr_ntoa(iaid
, sizeof(iaid
), buf
,
2395 ia
.t1
, ia
.t2
, sfrom
);
2399 ia
.t1
= ia
.t2
= 0; /* appease gcc */
2400 if ((error
= dhcp6_checkstatusok(ifp
, NULL
, p
, o
.len
)) != 0) {
2401 if (error
== D6_STATUS_NOBINDING
)
2402 state
->has_no_binding
= true;
2406 if (o
.code
== D6_OPTION_IA_PD
) {
2408 if (dhcp6_findpd(ifp
, ia
.iaid
, p
, o
.len
,
2411 logwarnx("%s: %s: DHCPv6 REPLY missing Prefix",
2417 if (dhcp6_findna(ifp
, o
.code
, ia
.iaid
, p
, o
.len
,
2420 logwarnx("%s: %s: DHCPv6 REPLY missing "
2426 if (o
.code
!= D6_OPTION_IA_TA
) {
2428 (ia
.t1
< state
->renew
|| state
->renew
== 0))
2429 state
->renew
= ia
.t1
;
2431 (ia
.t2
< state
->rebind
|| state
->rebind
== 0))
2432 state
->rebind
= ia
.t2
;
2444 dhcp6_deprecatedele(struct ipv6_addr
*ia
)
2446 struct ipv6_addr
*da
, *dan
, *dda
;
2447 struct timespec now
;
2448 struct dhcp6_state
*state
;
2450 timespecclear(&now
);
2451 TAILQ_FOREACH_SAFE(da
, &ia
->pd_pfxs
, pd_next
, dan
) {
2452 if (ia
->prefix_vltime
== 0) {
2453 if (da
->prefix_vltime
!= 0)
2454 da
->prefix_vltime
= 0;
2457 } else if (da
->prefix_pltime
!= 0)
2458 da
->prefix_pltime
= 0;
2462 if (ipv6_doaddr(da
, &now
) != -1)
2465 /* Delegation deleted, forget it. */
2466 TAILQ_REMOVE(&ia
->pd_pfxs
, da
, pd_next
);
2468 /* Delete it from the interface. */
2469 state
= D6_STATE(da
->iface
);
2470 TAILQ_FOREACH(dda
, &state
->addrs
, next
) {
2471 if (IN6_ARE_ADDR_EQUAL(&dda
->addr
, &da
->addr
))
2475 TAILQ_REMOVE(&state
->addrs
, dda
, next
);
2483 dhcp6_deprecateaddrs(struct ipv6_addrhead
*addrs
)
2485 struct ipv6_addr
*ia
, *ian
;
2487 TAILQ_FOREACH_SAFE(ia
, addrs
, next
, ian
) {
2488 if (ia
->flags
& IPV6_AF_EXTENDED
)
2490 else if (ia
->flags
& IPV6_AF_STALE
) {
2491 if (ia
->prefix_vltime
!= 0)
2492 logdebugx("%s: %s: became stale",
2493 ia
->iface
->name
, ia
->saddr
);
2494 /* Technically this violates RFC 8415 18.2.10.1,
2495 * but we need a mechanism to tell the kernel to
2496 * try and prefer other addresses. */
2497 ia
->prefix_pltime
= 0;
2498 } else if (ia
->prefix_vltime
== 0)
2499 loginfox("%s: %s: no valid lifetime",
2500 ia
->iface
->name
, ia
->saddr
);
2505 /* If we delegated from this prefix, deprecate or remove
2506 * the delegations. */
2507 if (ia
->flags
& IPV6_AF_DELEGATEDPFX
)
2508 dhcp6_deprecatedele(ia
);
2511 if (ia
->flags
& IPV6_AF_REQUEST
) {
2512 ia
->prefix_vltime
= ia
->prefix_pltime
= 0;
2513 eloop_q_timeout_delete(ia
->iface
->ctx
->eloop
,
2514 ELOOP_QUEUE_ALL
, NULL
, ia
);
2517 TAILQ_REMOVE(addrs
, ia
, next
);
2518 if (ia
->flags
& IPV6_AF_EXTENDED
)
2519 ipv6_deleteaddr(ia
);
2525 dhcp6_validatelease(struct interface
*ifp
,
2526 struct dhcp6_message
*m
, size_t len
,
2527 const char *sfrom
, const struct timespec
*acquired
)
2529 struct dhcp6_state
*state
;
2533 if (len
<= sizeof(*m
)) {
2534 logerrx("%s: DHCPv6 lease truncated", ifp
->name
);
2538 state
= D6_STATE(ifp
);
2540 if (dhcp6_checkstatusok(ifp
, m
, NULL
, len
) != 0)
2544 state
->renew
= state
->rebind
= state
->expire
= 0;
2545 state
->lowpl
= ND6_INFINITE_LIFETIME
;
2547 clock_gettime(CLOCK_MONOTONIC
, &aq
);
2550 state
->has_no_binding
= false;
2551 nia
= dhcp6_findia(ifp
, m
, len
, sfrom
, acquired
);
2553 if (state
->state
!= DH6S_CONFIRM
&& ok_errno
!= 0) {
2554 logerrx("%s: no useable IA found in lease", ifp
->name
);
2558 /* We are confirming and have an OK,
2559 * so look for ia's in our old lease.
2560 * IA's must have existed here otherwise we would
2561 * have rejected it earlier. */
2562 assert(state
->new != NULL
&& state
->new_len
!= 0);
2563 state
->has_no_binding
= false;
2564 nia
= dhcp6_findia(ifp
, state
->new, state
->new_len
,
2571 dhcp6_readlease(struct interface
*ifp
, int validate
)
2574 struct dhcp6_message dhcp6
;
2575 uint8_t buf
[UDPLEN_MAX
];
2577 struct dhcp6_state
*state
;
2586 state
= D6_STATE(ifp
);
2587 if (state
->leasefile
[0] == '\0') {
2588 logdebugx("reading standard input");
2589 bytes
= read(fileno(stdin
), buf
.buf
, sizeof(buf
.buf
));
2591 logdebugx("%s: reading lease: %s",
2592 ifp
->name
, state
->leasefile
);
2593 bytes
= dhcp_readfile(ifp
->ctx
, state
->leasefile
,
2594 buf
.buf
, sizeof(buf
.buf
));
2599 if (ifp
->ctx
->options
& DHCPCD_DUMPLEASE
|| state
->leasefile
[0] == '\0')
2605 /* If not validating IA's and if they have expired,
2606 * skip to the auth check. */
2610 if (dhcp_filemtime(ifp
->ctx
, state
->leasefile
, &mtime
) == -1)
2612 clock_gettime(CLOCK_MONOTONIC
, &state
->acquired
);
2613 if ((now
= time(NULL
)) == -1)
2615 state
->acquired
.tv_sec
-= now
- mtime
;
2617 /* Check to see if the lease is still valid */
2618 fd
= dhcp6_validatelease(ifp
, &buf
.dhcp6
, (size_t)bytes
, NULL
,
2623 if (state
->expire
!= ND6_INFINITE_LIFETIME
&&
2624 (time_t)state
->expire
< now
- mtime
&&
2625 !(ifp
->options
->options
& DHCPCD_LASTLEASE_EXTEND
))
2627 logdebugx("%s: discarding expired lease", ifp
->name
);
2634 /* Authenticate the message */
2635 o
= dhcp6_findmoption(&buf
.dhcp6
, (size_t)bytes
, D6_OPTION_AUTH
, &ol
);
2637 if (dhcp_auth_validate(&state
->auth
, &ifp
->options
->auth
,
2638 buf
.buf
, (size_t)bytes
, 6, buf
.dhcp6
.type
, o
, ol
) == NULL
)
2640 logerr("%s: authentication failed", ifp
->name
);
2644 if (state
->auth
.token
)
2645 logdebugx("%s: validated using 0x%08" PRIu32
,
2646 ifp
->name
, state
->auth
.token
->secretid
);
2648 loginfox("%s: accepted reconfigure key", ifp
->name
);
2649 } else if ((ifp
->options
->auth
.options
& DHCPCD_AUTH_SENDREQUIRE
) ==
2650 DHCPCD_AUTH_SENDREQUIRE
)
2652 logerrx("%s: authentication now required", ifp
->name
);
2659 state
->new = malloc((size_t)bytes
);
2660 if (state
->new == NULL
) {
2665 memcpy(state
->new, buf
.buf
, (size_t)bytes
);
2666 state
->new_len
= (size_t)bytes
;
2670 dhcp6_freedrop_addrs(ifp
, 0, NULL
);
2671 dhcp_unlink(ifp
->ctx
, state
->leasefile
);
2675 dhcp6_addrequestedaddrs(ifp
);
2676 return bytes
== 0 ? 0 : -1;
2680 dhcp6_startinit(struct interface
*ifp
)
2682 struct dhcp6_state
*state
;
2684 uint8_t has_ta
, has_non_ta
;
2687 state
= D6_STATE(ifp
);
2688 state
->state
= DH6S_INIT
;
2689 state
->expire
= ND6_INFINITE_LIFETIME
;
2690 state
->lowpl
= ND6_INFINITE_LIFETIME
;
2692 dhcp6_addrequestedaddrs(ifp
);
2693 has_ta
= has_non_ta
= 0;
2694 for (i
= 0; i
< ifp
->options
->ia_len
; i
++) {
2695 switch (ifp
->options
->ia
[i
].ia_type
) {
2696 case D6_OPTION_IA_TA
:
2704 if (!(ifp
->ctx
->options
& DHCPCD_TEST
) &&
2705 !(has_ta
&& !has_non_ta
) &&
2706 ifp
->options
->reboot
!= 0)
2708 r
= dhcp6_readlease(ifp
, 1);
2710 if (errno
!= ENOENT
&& errno
!= ESRCH
)
2711 logerr("%s: %s", __func__
, state
->leasefile
);
2712 } else if (r
!= 0 &&
2713 !(ifp
->options
->options
& DHCPCD_ANONYMOUS
))
2715 /* RFC 3633 section 12.1 */
2717 if (dhcp6_hasprefixdelegation(ifp
))
2718 dhcp6_startrebind(ifp
);
2721 dhcp6_startconfirm(ifp
);
2725 dhcp6_startdiscoinform(ifp
);
2729 static struct ipv6_addr
*
2730 dhcp6_ifdelegateaddr(struct interface
*ifp
, struct ipv6_addr
*prefix
,
2731 const struct if_sla
*sla
, struct if_ia
*if_ia
)
2733 struct dhcp6_state
*state
;
2734 struct in6_addr addr
, daddr
;
2735 struct ipv6_addr
*ia
;
2736 int pfxlen
, dadcounter
;
2739 /* RFC6603 Section 4.2 */
2740 if (strcmp(ifp
->name
, prefix
->iface
->name
) == 0) {
2741 if (prefix
->prefix_exclude_len
== 0) {
2742 /* Don't spam the log automatically */
2744 logwarnx("%s: DHCPv6 server does not support "
2745 "OPTION_PD_EXCLUDE",
2749 pfxlen
= prefix
->prefix_exclude_len
;
2750 memcpy(&addr
, &prefix
->prefix_exclude
, sizeof(addr
));
2751 } else if ((pfxlen
= dhcp6_delegateaddr(&addr
, ifp
, prefix
,
2755 if (sla
!= NULL
&& fls64(sla
->suffix
) > 128 - pfxlen
) {
2756 logerrx("%s: suffix %" PRIu64
" + prefix_len %d > 128",
2757 ifp
->name
, sla
->suffix
, pfxlen
);
2761 /* Add our suffix */
2762 if (sla
!= NULL
&& sla
->suffix
!= 0) {
2764 vl
= be64dec(addr
.s6_addr
+ 8);
2766 be64enc(daddr
.s6_addr
+ 8, vl
);
2768 dadcounter
= ipv6_makeaddr(&daddr
, ifp
, &addr
, pfxlen
, 0);
2769 if (dadcounter
== -1) {
2770 logerrx("%s: error adding slaac to prefix_len %d",
2776 /* Find an existing address */
2777 state
= D6_STATE(ifp
);
2778 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
2779 if (IN6_ARE_ADDR_EQUAL(&ia
->addr
, &daddr
))
2783 ia
= ipv6_newaddr(ifp
, &daddr
, (uint8_t)pfxlen
, IPV6_AF_ONLINK
);
2786 ia
->dadcallback
= dhcp6_dadcallback
;
2787 memcpy(&ia
->iaid
, &prefix
->iaid
, sizeof(ia
->iaid
));
2788 ia
->created
= prefix
->acquired
;
2790 TAILQ_INSERT_TAIL(&state
->addrs
, ia
, next
);
2791 TAILQ_INSERT_TAIL(&prefix
->pd_pfxs
, ia
, pd_next
);
2793 ia
->delegating_prefix
= prefix
;
2795 ia
->prefix_len
= (uint8_t)pfxlen
;
2796 ia
->acquired
= prefix
->acquired
;
2797 ia
->prefix_pltime
= prefix
->prefix_pltime
;
2798 ia
->prefix_vltime
= prefix
->prefix_vltime
;
2800 /* If the prefix length hasn't changed,
2801 * don't install a reject route. */
2802 if (prefix
->prefix_len
== pfxlen
)
2803 prefix
->flags
|= IPV6_AF_NOREJECT
;
2805 prefix
->flags
&= ~IPV6_AF_NOREJECT
;
2812 dhcp6_script_try_run(struct interface
*ifp
, int delegated
)
2814 struct dhcp6_state
*state
;
2815 struct ipv6_addr
*ap
;
2818 state
= D6_STATE(ifp
);
2820 /* If all addresses have completed DAD run the script */
2821 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2822 if (!(ap
->flags
& IPV6_AF_ADDED
))
2824 if (ap
->flags
& IPV6_AF_ONLINK
) {
2825 if (!(ap
->flags
& IPV6_AF_DADCOMPLETED
) &&
2826 ipv6_iffindaddr(ap
->iface
, &ap
->addr
,
2828 ap
->flags
|= IPV6_AF_DADCOMPLETED
;
2829 if ((ap
->flags
& IPV6_AF_DADCOMPLETED
) == 0
2831 && ((delegated
&& ap
->delegating_prefix
) ||
2832 (!delegated
&& !ap
->delegating_prefix
))
2842 script_runreason(ifp
, delegated
? "DELEGATED6" : state
->reason
);
2844 dhcpcd_daemonise(ifp
->ctx
);
2846 logdebugx("%s: waiting for DHCPv6 DAD to complete", ifp
->name
);
2851 dhcp6_find_delegates(__unused
struct interface
*ifp
)
2858 dhcp6_delegate_prefix(struct interface
*ifp
)
2860 struct if_options
*ifo
;
2861 struct dhcp6_state
*state
;
2862 struct ipv6_addr
*ap
;
2866 struct interface
*ifd
;
2867 bool carrier_warned
;
2870 state
= D6_STATE(ifp
);
2872 /* Clear the logged flag. */
2873 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2874 ap
->flags
&= ~IPV6_AF_DELEGATEDLOG
;
2877 TAILQ_FOREACH(ifd
, ifp
->ctx
->ifaces
, next
) {
2881 carrier_warned
= false;
2882 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2883 if (!(ap
->flags
& IPV6_AF_DELEGATEDPFX
))
2885 if (!(ap
->flags
& IPV6_AF_DELEGATEDLOG
)) {
2888 if (ap
->flags
& IPV6_AF_NEW
)
2889 loglevel
= LOG_INFO
;
2891 loglevel
= LOG_DEBUG
;
2892 /* We only want to log this the once as we loop
2893 * through many interfaces first. */
2894 ap
->flags
|= IPV6_AF_DELEGATEDLOG
;
2895 logmessage(loglevel
, "%s: delegated prefix %s",
2896 ifp
->name
, ap
->saddr
);
2897 ap
->flags
&= ~IPV6_AF_NEW
;
2899 for (i
= 0; i
< ifo
->ia_len
; i
++) {
2901 if (ia
->ia_type
!= D6_OPTION_IA_PD
)
2903 if (memcmp(ia
->iaid
, ap
->iaid
,
2906 if (ia
->sla_len
== 0) {
2907 /* no SLA configured, so lets
2909 if (ifd
->carrier
!= LINK_UP
) {
2911 "%s: has no carrier, cannot"
2912 " delegate addresses",
2914 carrier_warned
= true;
2917 if (dhcp6_ifdelegateaddr(ifd
, ap
,
2921 for (j
= 0; j
< ia
->sla_len
; j
++) {
2923 if (strcmp(ifd
->name
, sla
->ifname
))
2925 if (ifd
->carrier
!= LINK_UP
) {
2927 "%s: has no carrier, cannot"
2928 " delegate addresses",
2930 carrier_warned
= true;
2933 if (dhcp6_ifdelegateaddr(ifd
, ap
,
2943 if (k
&& !carrier_warned
) {
2944 struct dhcp6_state
*s
= D6_STATE(ifd
);
2946 ipv6_addaddrs(&s
->addrs
);
2947 dhcp6_script_try_run(ifd
, 1);
2951 /* Now all addresses have been added, rebuild the routing table. */
2952 rt_build(ifp
->ctx
, AF_INET6
);
2956 dhcp6_find_delegates1(void *arg
)
2959 dhcp6_find_delegates(arg
);
2963 dhcp6_find_delegates(struct interface
*ifp
)
2965 struct if_options
*ifo
;
2966 struct dhcp6_state
*state
;
2967 struct ipv6_addr
*ap
;
2971 struct interface
*ifd
;
2974 TAILQ_FOREACH(ifd
, ifp
->ctx
->ifaces
, next
) {
2976 state
= D6_STATE(ifd
);
2977 if (state
== NULL
|| state
->state
!= DH6S_BOUND
)
2979 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
2980 if (!(ap
->flags
& IPV6_AF_DELEGATEDPFX
))
2982 for (i
= 0; i
< ifo
->ia_len
; i
++) {
2984 if (ia
->ia_type
!= D6_OPTION_IA_PD
)
2986 if (memcmp(ia
->iaid
, ap
->iaid
,
2989 for (j
= 0; j
< ia
->sla_len
; j
++) {
2991 if (strcmp(ifp
->name
, sla
->ifname
))
2993 if (ipv6_linklocal(ifp
) == NULL
) {
2995 "%s: delaying adding"
2996 " delegated addresses for"
2999 ipv6_addlinklocalcallback(ifp
,
3000 dhcp6_find_delegates1
, ifp
);
3003 if (dhcp6_ifdelegateaddr(ifp
, ap
,
3012 loginfox("%s: adding delegated prefixes", ifp
->name
);
3013 state
= D6_STATE(ifp
);
3014 state
->state
= DH6S_DELEGATED
;
3015 ipv6_addaddrs(&state
->addrs
);
3016 rt_build(ifp
->ctx
, AF_INET6
);
3017 dhcp6_script_try_run(ifp
, 1);
3024 dhcp6_bind(struct interface
*ifp
, const char *op
, const char *sfrom
)
3026 struct dhcp6_state
*state
= D6_STATE(ifp
);
3027 bool timedout
= (op
== NULL
), has_new
= false, confirmed
;
3028 struct ipv6_addr
*ia
;
3030 struct timespec now
;
3032 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
3033 if (ia
->flags
& IPV6_AF_NEW
) {
3038 loglevel
= has_new
|| state
->state
!= DH6S_RENEW
? LOG_INFO
: LOG_DEBUG
;
3040 logmessage(loglevel
, "%s: %s received from %s",
3041 ifp
->name
, op
, sfrom
);
3043 /* If we delegated from an unconfirmed lease we MUST drop
3044 * them now. Hopefully we have new delegations. */
3045 if (state
->reason
!= NULL
&&
3046 strcmp(state
->reason
, "TIMEOUT6") == 0)
3047 dhcp6_delete_delegates(ifp
);
3049 state
->reason
= NULL
;
3051 state
->reason
= "TIMEOUT6";
3053 eloop_timeout_delete(ifp
->ctx
->eloop
, NULL
, ifp
);
3054 clock_gettime(CLOCK_MONOTONIC
, &now
);
3056 switch(state
->state
) {
3059 struct dhcp6_option
*o
;
3062 if (state
->reason
== NULL
)
3063 state
->reason
= "INFORM6";
3064 o
= dhcp6_findmoption(state
->new, state
->new_len
,
3065 D6_OPTION_INFO_REFRESH_TIME
, &ol
);
3066 if (o
== NULL
|| ol
!= sizeof(uint32_t))
3067 state
->renew
= IRT_DEFAULT
;
3069 memcpy(&state
->renew
, o
, ol
);
3070 state
->renew
= ntohl(state
->renew
);
3071 if (state
->renew
< IRT_MINIMUM
)
3072 state
->renew
= IRT_MINIMUM
;
3075 state
->expire
= ND6_INFINITE_LIFETIME
;
3076 state
->lowpl
= ND6_INFINITE_LIFETIME
;
3081 if (state
->reason
== NULL
)
3082 state
->reason
= "BOUND6";
3085 if (state
->reason
== NULL
)
3086 state
->reason
= "RENEW6";
3089 if (state
->reason
== NULL
)
3090 state
->reason
= "REBIND6";
3093 if (state
->reason
== NULL
)
3094 state
->reason
= "REBOOT6";
3095 if (state
->renew
!= 0) {
3096 bool all_expired
= true;
3098 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
3099 if (ia
->flags
& IPV6_AF_STALE
)
3101 if (!(state
->renew
== ND6_INFINITE_LIFETIME
3102 && ia
->prefix_vltime
== ND6_INFINITE_LIFETIME
)
3103 && ia
->prefix_vltime
!= 0
3104 && ia
->prefix_vltime
<= state
->renew
)
3106 "%s: %s will expire before renewal",
3107 ifp
->name
, ia
->saddr
);
3109 all_expired
= false;
3112 /* All address's vltime happens at or before
3113 * the configured T1 in the IA.
3114 * This is a badly configured server and we
3115 * have to use our own notion of what
3116 * T1 and T2 should be as a result.
3118 * Doing this violates RFC 3315 22.4:
3119 * In a message sent by a server to a client,
3120 * the client MUST use the values in the T1
3121 * and T2 fields for the T1 and T2 parameters,
3122 * unless those values in those fields are 0.
3124 logwarnx("%s: ignoring T1 %"PRIu32
3125 " due to address expiry",
3126 ifp
->name
, state
->renew
);
3127 state
->renew
= state
->rebind
= 0;
3130 if (state
->renew
== 0 && state
->lowpl
!= ND6_INFINITE_LIFETIME
)
3131 state
->renew
= (uint32_t)(state
->lowpl
* 0.5);
3132 if (state
->rebind
== 0 && state
->lowpl
!= ND6_INFINITE_LIFETIME
)
3133 state
->rebind
= (uint32_t)(state
->lowpl
* 0.8);
3136 state
->reason
= "UNKNOWN6";
3140 if (state
->state
!= DH6S_CONFIRM
&& !timedout
) {
3141 state
->acquired
= now
;
3143 state
->old
= state
->new;
3144 state
->old_len
= state
->new_len
;
3145 state
->new = state
->recv
;
3146 state
->new_len
= state
->recv_len
;
3148 state
->recv_len
= 0;
3151 /* Reduce timers based on when we got the lease. */
3154 elapsed
= (uint32_t)eloop_timespec_diff(&now
,
3155 &state
->acquired
, NULL
);
3156 if (state
->renew
&& state
->renew
!= ND6_INFINITE_LIFETIME
) {
3157 if (state
->renew
> elapsed
)
3158 state
->renew
-= elapsed
;
3162 if (state
->rebind
&& state
->rebind
!= ND6_INFINITE_LIFETIME
) {
3163 if (state
->rebind
> elapsed
)
3164 state
->rebind
-= elapsed
;
3168 if (state
->expire
&& state
->expire
!= ND6_INFINITE_LIFETIME
) {
3169 if (state
->expire
> elapsed
)
3170 state
->expire
-= elapsed
;
3177 if (ifp
->ctx
->options
& DHCPCD_TEST
)
3178 script_runreason(ifp
, "TEST");
3180 if (state
->state
== DH6S_INFORM
)
3181 state
->state
= DH6S_INFORMED
;
3183 state
->state
= DH6S_BOUND
;
3184 state
->failed
= false;
3186 if (state
->renew
&& state
->renew
!= ND6_INFINITE_LIFETIME
)
3187 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
3189 state
->state
== DH6S_INFORMED
?
3190 dhcp6_startinform
: dhcp6_startrenew
, ifp
);
3191 if (state
->rebind
&& state
->rebind
!= ND6_INFINITE_LIFETIME
)
3192 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
3193 state
->rebind
, dhcp6_startrebind
, ifp
);
3194 if (state
->expire
!= ND6_INFINITE_LIFETIME
)
3195 eloop_timeout_add_sec(ifp
->ctx
->eloop
,
3196 state
->expire
, dhcp6_startexpire
, ifp
);
3198 ipv6_addaddrs(&state
->addrs
);
3200 dhcp6_deprecateaddrs(&state
->addrs
);
3202 if (state
->state
== DH6S_INFORMED
)
3203 logmessage(loglevel
, "%s: refresh in %"PRIu32
" seconds",
3204 ifp
->name
, state
->renew
);
3205 else if (state
->renew
== ND6_INFINITE_LIFETIME
)
3206 logmessage(loglevel
, "%s: leased for infinity",
3208 else if (state
->renew
|| state
->rebind
)
3209 logmessage(loglevel
, "%s: renew in %"PRIu32
", "
3210 "rebind in %"PRIu32
", "
3211 "expire in %"PRIu32
" seconds",
3213 state
->renew
, state
->rebind
, state
->expire
);
3214 else if (state
->expire
== 0)
3215 logmessage(loglevel
, "%s: will expire", ifp
->name
);
3217 logmessage(loglevel
, "%s: expire in %"PRIu32
" seconds",
3218 ifp
->name
, state
->expire
);
3219 rt_build(ifp
->ctx
, AF_INET6
);
3220 if (!confirmed
&& !timedout
) {
3221 logdebugx("%s: writing lease: %s",
3222 ifp
->name
, state
->leasefile
);
3223 if (dhcp_writefile(ifp
->ctx
, state
->leasefile
, 0640,
3224 state
->new, state
->new_len
) == -1)
3225 logerr("dhcp_writefile: %s",state
->leasefile
);
3228 dhcp6_delegate_prefix(ifp
);
3230 dhcp6_script_try_run(ifp
, 0);
3233 if (ifp
->ctx
->options
& DHCPCD_TEST
||
3234 (ifp
->options
->options
& DHCPCD_INFORM
&&
3235 !(ifp
->ctx
->options
& DHCPCD_MASTER
)))
3237 eloop_exit(ifp
->ctx
->eloop
, EXIT_SUCCESS
);
3242 dhcp6_recvif(struct interface
*ifp
, const char *sfrom
,
3243 struct dhcp6_message
*r
, size_t len
)
3245 struct dhcpcd_ctx
*ctx
;
3248 struct dhcp6_state
*state
;
3251 const struct dhcp_opt
*opt
;
3252 const struct if_options
*ifo
;
3260 state
= D6_STATE(ifp
);
3261 if (state
== NULL
|| state
->send
== NULL
) {
3262 logdebugx("%s: DHCPv6 reply received but not running",
3267 /* We're already bound and this message is for another machine */
3268 /* XXX DELEGATED? */
3269 if (r
->type
!= DHCP6_RECONFIGURE
&&
3270 (state
->state
== DH6S_BOUND
|| state
->state
== DH6S_INFORMED
))
3272 logdebugx("%s: DHCPv6 reply received but already bound",
3277 if (dhcp6_findmoption(r
, len
, D6_OPTION_SERVERID
, NULL
) == NULL
) {
3278 logdebugx("%s: no DHCPv6 server ID from %s", ifp
->name
, sfrom
);
3283 for (i
= 0, opt
= ctx
->dhcp6_opts
;
3284 i
< ctx
->dhcp6_opts_len
;
3287 if (has_option_mask(ifo
->requiremask6
, opt
->option
) &&
3288 !dhcp6_findmoption(r
, len
, (uint16_t)opt
->option
, NULL
))
3290 logwarnx("%s: reject DHCPv6 (no option %s) from %s",
3291 ifp
->name
, opt
->var
, sfrom
);
3294 if (has_option_mask(ifo
->rejectmask6
, opt
->option
) &&
3295 dhcp6_findmoption(r
, len
, (uint16_t)opt
->option
, NULL
))
3297 logwarnx("%s: reject DHCPv6 (option %s) from %s",
3298 ifp
->name
, opt
->var
, sfrom
);
3304 /* Authenticate the message */
3305 auth
= dhcp6_findmoption(r
, len
, D6_OPTION_AUTH
, &auth_len
);
3307 if (dhcp_auth_validate(&state
->auth
, &ifo
->auth
,
3308 (uint8_t *)r
, len
, 6, r
->type
, auth
, auth_len
) == NULL
)
3310 logerr("%s: authentication failed from %s",
3314 if (state
->auth
.token
)
3315 logdebugx("%s: validated using 0x%08" PRIu32
,
3316 ifp
->name
, state
->auth
.token
->secretid
);
3318 loginfox("%s: accepted reconfigure key", ifp
->name
);
3319 } else if (ifo
->auth
.options
& DHCPCD_AUTH_SEND
) {
3320 if (ifo
->auth
.options
& DHCPCD_AUTH_REQUIRE
) {
3321 logerrx("%s: no authentication from %s",
3325 logwarnx("%s: no authentication from %s", ifp
->name
, sfrom
);
3329 op
= dhcp6_get_op(r
->type
);
3330 valid_op
= op
!= NULL
;
3333 switch(state
->state
) {
3335 if (dhcp6_checkstatusok(ifp
, r
, NULL
, len
) != 0)
3339 if (dhcp6_validatelease(ifp
, r
, len
, sfrom
, NULL
) == -1)
3341 dhcp6_startdiscoinform(ifp
);
3346 /* Only accept REPLY in DISCOVER for RAPID_COMMIT.
3347 * Normally we get an ADVERTISE for a DISCOVER. */
3348 if (!has_option_mask(ifo
->requestmask6
,
3349 D6_OPTION_RAPID_COMMIT
) ||
3350 !dhcp6_findmoption(r
, len
, D6_OPTION_RAPID_COMMIT
,
3356 /* Validate lease before setting state to REQUEST. */
3358 case DH6S_REQUEST
: /* FALLTHROUGH */
3359 case DH6S_RENEW
: /* FALLTHROUGH */
3361 if (dhcp6_validatelease(ifp
, r
, len
, sfrom
, NULL
) == -1)
3364 * If we can't use the lease, fallback to
3365 * DISCOVER and try and get a new one.
3367 * This is needed become some servers
3368 * renumber the prefix or address
3369 * and deny the current one before it expires
3370 * rather than sending it back with a zero
3371 * lifetime along with the new prefix or
3373 * This behavior is wrong, but moving to the
3374 * DISCOVER phase works around it.
3376 * The currently held lease is still valid
3377 * until a new one is found.
3379 if (state
->state
!= DH6S_DISCOVER
)
3380 dhcp6_startdiscoinform(ifp
);
3383 /* RFC8415 18.2.10.1 */
3384 if ((state
->state
== DH6S_RENEW
||
3385 state
->state
== DH6S_REBIND
) &&
3386 state
->has_no_binding
)
3388 dhcp6_startrequest(ifp
);
3391 if (state
->state
== DH6S_DISCOVER
)
3392 state
->state
= DH6S_REQUEST
;
3395 /* This isnt really a failure, but an
3396 * acknowledgement of one. */
3397 loginfox("%s: %s acknowledged DECLINE6",
3406 case DHCP6_ADVERTISE
:
3407 if (state
->state
!= DH6S_DISCOVER
) {
3412 o
= dhcp6_findmoption(r
, len
, D6_OPTION_SOL_MAX_RT
, &ol
);
3413 if (o
&& ol
== sizeof(uint32_t)) {
3416 memcpy(&max_rt
, o
, sizeof(max_rt
));
3417 max_rt
= ntohl(max_rt
);
3418 if (max_rt
>= 60 && max_rt
<= 86400) {
3419 logdebugx("%s: SOL_MAX_RT %llu -> %u",
3421 (unsigned long long)state
->sol_max_rt
,
3423 state
->sol_max_rt
= max_rt
;
3425 logerr("%s: invalid SOL_MAX_RT %u",
3428 o
= dhcp6_findmoption(r
, len
, D6_OPTION_INF_MAX_RT
, &ol
);
3429 if (o
&& ol
== sizeof(uint32_t)) {
3432 memcpy(&max_rt
, o
, sizeof(max_rt
));
3433 max_rt
= ntohl(max_rt
);
3434 if (max_rt
>= 60 && max_rt
<= 86400) {
3435 logdebugx("%s: INF_MAX_RT %llu -> %u",
3437 (unsigned long long)state
->inf_max_rt
,
3439 state
->inf_max_rt
= max_rt
;
3441 logerrx("%s: invalid INF_MAX_RT %u",
3444 if (dhcp6_validatelease(ifp
, r
, len
, sfrom
, NULL
) == -1)
3447 case DHCP6_RECONFIGURE
:
3451 logerrx("%s: unauthenticated %s from %s",
3452 ifp
->name
, op
, sfrom
);
3453 if (ifo
->auth
.options
& DHCPCD_AUTH_REQUIRE
)
3457 loginfox("%s: %s from %s", ifp
->name
, op
, sfrom
);
3458 o
= dhcp6_findmoption(r
, len
, D6_OPTION_RECONF_MSG
, &ol
);
3460 logerrx("%s: missing Reconfigure Message option",
3465 logerrx("%s: missing Reconfigure Message type",
3471 if (state
->state
!= DH6S_BOUND
) {
3472 logerrx("%s: not bound, ignoring %s",
3476 dhcp6_startrenew(ifp
);
3478 case DHCP6_INFORMATION_REQ
:
3479 if (state
->state
!= DH6S_INFORMED
) {
3480 logerrx("%s: not informed, ignoring %s",
3484 eloop_timeout_delete(ifp
->ctx
->eloop
,
3485 dhcp6_sendinform
, ifp
);
3486 dhcp6_startinform(ifp
);
3489 logerr("%s: unsupported %s type %d",
3498 logerrx("%s: invalid DHCP6 type %s (%d)",
3499 ifp
->name
, op
, r
->type
);
3503 logwarnx("%s: invalid state for DHCP6 type %s (%d)",
3504 ifp
->name
, op
, r
->type
);
3508 if (state
->recv_len
< (size_t)len
) {
3510 state
->recv
= malloc(len
);
3511 if (state
->recv
== NULL
) {
3516 memcpy(state
->recv
, r
, len
);
3517 state
->recv_len
= len
;
3519 if (r
->type
== DHCP6_ADVERTISE
) {
3520 struct ipv6_addr
*ia
;
3522 if (state
->state
== DH6S_REQUEST
) /* rapid commit */
3524 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
3525 if (!(ia
->flags
& (IPV6_AF_STALE
| IPV6_AF_REQUEST
)))
3529 ia
= TAILQ_FIRST(&state
->addrs
);
3531 loginfox("%s: ADV (no address) from %s",
3534 loginfox("%s: ADV %s from %s",
3535 ifp
->name
, ia
->saddr
, sfrom
);
3536 dhcp6_startrequest(ifp
);
3541 dhcp6_bind(ifp
, op
, sfrom
);
3545 dhcp6_recvmsg(struct dhcpcd_ctx
*ctx
, struct msghdr
*msg
, struct ipv6_addr
*ia
)
3547 struct sockaddr_in6
*from
= msg
->msg_name
;
3548 size_t len
= msg
->msg_iov
[0].iov_len
;
3549 char sfrom
[INET6_ADDRSTRLEN
];
3550 struct interface
*ifp
;
3551 struct dhcp6_message
*r
;
3552 const struct dhcp6_state
*state
;
3556 inet_ntop(AF_INET6
, &from
->sin6_addr
, sfrom
, sizeof(sfrom
));
3557 if (len
< sizeof(struct dhcp6_message
)) {
3558 logerrx("DHCPv6 packet too short from %s", sfrom
);
3565 ifp
= if_findifpfromcmsg(ctx
, msg
, NULL
);
3572 r
= (struct dhcp6_message
*)msg
->msg_iov
[0].iov_base
;
3574 uint8_t duid
[DUID_LEN
], *dp
;
3576 o
= dhcp6_findmoption(r
, len
, D6_OPTION_CLIENTID
, &ol
);
3577 if (ifp
->options
->options
& DHCPCD_ANONYMOUS
) {
3578 duid_len
= duid_make(duid
, ifp
, DUID_LL
);
3581 duid_len
= ctx
->duid_len
;
3584 if (o
== NULL
|| ol
!= duid_len
|| memcmp(o
, dp
, ol
) != 0) {
3585 logdebugx("%s: incorrect client ID from %s",
3590 if (dhcp6_findmoption(r
, len
, D6_OPTION_SERVERID
, NULL
) == NULL
) {
3591 logdebugx("%s: no DHCPv6 server ID from %s",
3596 if (r
->type
== DHCP6_RECONFIGURE
) {
3597 if (!IN6_IS_ADDR_LINKLOCAL(&from
->sin6_addr
)) {
3598 logerrx("%s: RECONFIGURE6 recv from %s, not LL",
3605 state
= D6_CSTATE(ifp
);
3606 if (state
== NULL
||
3607 r
->xid
[0] != state
->send
->xid
[0] ||
3608 r
->xid
[1] != state
->send
->xid
[1] ||
3609 r
->xid
[2] != state
->send
->xid
[2])
3611 struct interface
*ifp1
;
3612 const struct dhcp6_state
*state1
;
3614 /* Find an interface with a matching xid. */
3615 TAILQ_FOREACH(ifp1
, ctx
->ifaces
, next
) {
3616 state1
= D6_CSTATE(ifp1
);
3617 if (state1
== NULL
|| state1
->send
== NULL
)
3619 if (r
->xid
[0] == state1
->send
->xid
[0] &&
3620 r
->xid
[1] == state1
->send
->xid
[1] &&
3621 r
->xid
[2] == state1
->send
->xid
[2])
3627 logdebugx("%s: wrong xid 0x%02x%02x%02x"
3628 " (expecting 0x%02x%02x%02x) from %s",
3630 r
->xid
[0], r
->xid
[1], r
->xid
[2],
3631 state
->send
->xid
[0],
3632 state
->send
->xid
[1],
3633 state
->send
->xid
[2],
3637 logdebugx("%s: redirecting DHCP6 message to %s",
3638 ifp
->name
, ifp1
->name
);
3644 * Handy code to inject raw DHCPv6 packets over responses
3646 * This allows me to take a 3rd party wireshark trace and
3647 * replay it in my code.
3649 static int replyn
= 0;
3650 char fname
[PATH_MAX
], tbuf
[UDPLEN_MAX
];
3654 uint16_t si_len1
, si_len2
;
3656 snprintf(fname
, sizeof(fname
),
3657 "/tmp/dhcp6.reply%d.raw", replyn
++);
3658 fd
= open(fname
, O_RDONLY
, 0);
3660 logerr("%s: open: %s", __func__
, fname
);
3663 tlen
= read(fd
, tbuf
, sizeof(tbuf
));
3665 logerr("%s: read: %s", __func__
, fname
);
3668 /* Copy across ServerID so we can work with our own server. */
3669 si1
= dhcp6_findmoption(r
, len
, D6_OPTION_SERVERID
, &si_len1
);
3670 si2
= dhcp6_findmoption(tbuf
, (size_t)tlen
,
3671 D6_OPTION_SERVERID
, &si_len2
);
3672 if (si1
!= NULL
&& si2
!= NULL
&& si_len1
== si_len2
)
3673 memcpy(si2
, si1
, si_len2
);
3674 r
= (struct dhcp6_message
*)tbuf
;
3679 dhcp6_recvif(ifp
, sfrom
, r
, len
);
3683 dhcp6_recv(struct dhcpcd_ctx
*ctx
, struct ipv6_addr
*ia
)
3685 struct sockaddr_in6 from
;
3687 struct dhcp6_message dhcp6
;
3688 uint8_t buf
[UDPLEN_MAX
]; /* Maximum UDP message size */
3690 struct iovec iov
= {
3691 .iov_base
= iovbuf
.buf
, .iov_len
= sizeof(iovbuf
.buf
),
3695 uint8_t buf
[CMSG_SPACE(sizeof(struct in6_pktinfo
))];
3696 } cmsgbuf
= { .buf
= { 0 } };
3697 struct msghdr msg
= {
3698 .msg_name
= &from
, .msg_namelen
= sizeof(from
),
3699 .msg_iov
= &iov
, .msg_iovlen
= 1,
3700 .msg_control
= cmsgbuf
.buf
, .msg_controllen
= sizeof(cmsgbuf
.buf
),
3705 s
= ia
!= NULL
? ia
->dhcp6_fd
: ctx
->dhcp6_rfd
;
3706 bytes
= recvmsg(s
, &msg
, 0);
3712 iov
.iov_len
= (size_t)bytes
;
3713 dhcp6_recvmsg(ctx
, &msg
, ia
);
3717 dhcp6_recvaddr(void *arg
)
3719 struct ipv6_addr
*ia
= arg
;
3721 dhcp6_recv(ia
->iface
->ctx
, ia
);
3725 dhcp6_recvctx(void *arg
)
3727 struct dhcpcd_ctx
*ctx
= arg
;
3729 dhcp6_recv(ctx
, NULL
);
3737 fd
= socket(PF_INET6
, SOCK_RAW
| SOCK_CXNB
, IPPROTO_UDP
);
3742 if (setsockopt(fd
, SOL_SOCKET
, SO_BROADCAST
, &v
, sizeof(v
)) == -1)
3745 v
= offsetof(struct udphdr
, uh_sum
);
3746 if (setsockopt(fd
, IPPROTO_IPV6
, IPV6_CHECKSUM
, &v
, sizeof(v
)) == -1)
3757 dhcp6_openudp(unsigned int ifindex
, struct in6_addr
*ia
)
3759 struct sockaddr_in6 sa
;
3762 s
= xsocket(PF_INET6
, SOCK_DGRAM
| SOCK_CXNB
, IPPROTO_UDP
);
3766 memset(&sa
, 0, sizeof(sa
));
3767 sa
.sin6_family
= AF_INET6
;
3768 sa
.sin6_port
= htons(DHCP6_CLIENT_PORT
);
3770 sa
.sin6_len
= sizeof(sa
);
3774 memcpy(&sa
.sin6_addr
, ia
, sizeof(sa
.sin6_addr
));
3775 ipv6_setscope(&sa
, ifindex
);
3778 if (bind(s
, (struct sockaddr
*)&sa
, sizeof(sa
)) == -1)
3782 if (setsockopt(s
, IPPROTO_IPV6
, IPV6_RECVPKTINFO
, &n
, sizeof(n
)) == -1)
3787 if (setsockopt(s
, SOL_SOCKET
, SO_RERROR
, &n
, sizeof(n
)) == -1)
3802 dhcp6_activateinterfaces(struct interface
*ifp
)
3804 struct interface
*ifd
;
3809 for (i
= 0; i
< ifp
->options
->ia_len
; i
++) {
3810 ia
= &ifp
->options
->ia
[i
];
3811 if (ia
->ia_type
!= D6_OPTION_IA_PD
)
3813 for (j
= 0; j
< ia
->sla_len
; j
++) {
3815 ifd
= if_find(ifp
->ctx
->ifaces
, sla
->ifname
);
3817 logwarn("%s: cannot delegate to %s",
3818 ifp
->name
, sla
->ifname
);
3822 loginfox("%s: activating for delegation",
3824 dhcpcd_activateinterface(ifd
,
3825 DHCPCD_IPV6
| DHCPCD_DHCP6
);
3833 dhcp6_start1(void *arg
)
3835 struct interface
*ifp
= arg
;
3836 struct dhcpcd_ctx
*ctx
= ifp
->ctx
;
3837 struct if_options
*ifo
= ifp
->options
;
3838 struct dhcp6_state
*state
;
3840 const struct dhcp_compat
*dhc
;
3842 if ((ctx
->options
& (DHCPCD_MASTER
|DHCPCD_PRIVSEP
)) == DHCPCD_MASTER
&&
3843 ctx
->dhcp6_rfd
== -1)
3845 ctx
->dhcp6_rfd
= dhcp6_openudp(0, NULL
);
3846 if (ctx
->dhcp6_rfd
== -1) {
3850 eloop_event_add(ctx
->eloop
, ctx
->dhcp6_rfd
, dhcp6_recvctx
, ctx
);
3853 if (!IN_PRIVSEP(ctx
) && ctx
->dhcp6_wfd
== -1) {
3854 ctx
->dhcp6_wfd
= dhcp6_openraw();
3855 if (ctx
->dhcp6_wfd
== -1) {
3861 state
= D6_STATE(ifp
);
3862 /* If no DHCPv6 options are configured,
3863 match configured DHCPv4 options to DHCPv6 equivalents. */
3864 for (i
= 0; i
< sizeof(ifo
->requestmask6
); i
++) {
3865 if (ifo
->requestmask6
[i
] != '\0')
3868 if (i
== sizeof(ifo
->requestmask6
)) {
3869 for (dhc
= dhcp_compats
; dhc
->dhcp_opt
; dhc
++) {
3870 if (DHC_REQ(ifo
->requestmask
, ifo
->nomask
, dhc
->dhcp_opt
))
3871 add_option_mask(ifo
->requestmask6
,
3874 if (ifo
->fqdn
!= FQDN_DISABLE
|| ifo
->options
& DHCPCD_HOSTNAME
)
3875 add_option_mask(ifo
->requestmask6
, D6_OPTION_FQDN
);
3879 /* Rapid commit won't work with Prefix Delegation Exclusion */
3880 if (dhcp6_findselfsla(ifp
))
3881 del_option_mask(ifo
->requestmask6
, D6_OPTION_RAPID_COMMIT
);
3884 if (state
->state
== DH6S_INFORM
) {
3885 add_option_mask(ifo
->requestmask6
, D6_OPTION_INFO_REFRESH_TIME
);
3886 dhcp6_startinform(ifp
);
3888 del_option_mask(ifo
->requestmask6
, D6_OPTION_INFO_REFRESH_TIME
);
3889 dhcp6_startinit(ifp
);
3893 dhcp6_activateinterfaces(ifp
);
3898 dhcp6_start(struct interface
*ifp
, enum DH6S init_state
)
3900 struct dhcp6_state
*state
;
3902 state
= D6_STATE(ifp
);
3903 if (state
!= NULL
) {
3904 switch (init_state
) {
3908 if (state
->state
== DH6S_INIT
||
3909 state
->state
== DH6S_INFORMED
||
3910 (state
->state
== DH6S_DISCOVER
&&
3911 !(ifp
->options
->options
& DHCPCD_IA_FORCED
) &&
3912 !ipv6nd_hasradhcp(ifp
, true)))
3913 dhcp6_startinform(ifp
);
3916 if (ifp
->options
->options
& DHCPCD_DHCP6
&&
3917 (state
->state
== DH6S_INIT
||
3918 state
->state
== DH6S_INFORM
||
3919 state
->state
== DH6S_INFORMED
||
3920 state
->state
== DH6S_DELEGATED
))
3922 /* Change from stateless to stateful */
3923 init_state
= DH6S_INIT
;
3928 init_state
= DH6S_INIT
;
3931 /* Not possible, but sushes some compiler warnings. */
3936 switch (init_state
) {
3938 /* No DHCPv6 config, no existing state
3939 * so nothing to do. */
3944 init_state
= DH6S_INIT
;
3949 if (!(ifp
->options
->options
& DHCPCD_DHCP6
))
3952 ifp
->if_data
[IF_DATA_DHCP6
] = calloc(1, sizeof(*state
));
3953 state
= D6_STATE(ifp
);
3957 state
->sol_max_rt
= SOL_MAX_RT
;
3958 state
->inf_max_rt
= INF_MAX_RT
;
3959 TAILQ_INIT(&state
->addrs
);
3962 state
->state
= init_state
;
3964 state
->failed
= false;
3965 dhcp_set_leasefile(state
->leasefile
, sizeof(state
->leasefile
),
3967 if (ipv6_linklocal(ifp
) == NULL
) {
3968 logdebugx("%s: delaying DHCPv6 for LL address", ifp
->name
);
3969 ipv6_addlinklocalcallback(ifp
, dhcp6_start1
, ifp
);
3978 dhcp6_reboot(struct interface
*ifp
)
3980 struct dhcp6_state
*state
;
3982 state
= D6_STATE(ifp
);
3987 switch (state
->state
) {
3989 dhcp6_startrebind(ifp
);
3992 dhcp6_startdiscoinform(ifp
);
3998 dhcp6_freedrop(struct interface
*ifp
, int drop
, const char *reason
)
4000 struct dhcp6_state
*state
;
4001 struct dhcpcd_ctx
*ctx
;
4002 unsigned long long options
;
4005 options
= ifp
->options
->options
;
4007 options
= ifp
->ctx
->options
;
4009 if (ifp
->ctx
->eloop
)
4010 eloop_timeout_delete(ifp
->ctx
->eloop
, NULL
, ifp
);
4013 /* If we're dropping the lease, drop delegated addresses.
4014 * If, for whatever reason, we don't drop them in the future
4015 * then they should at least be marked as deprecated (pltime 0). */
4016 if (drop
&& (options
& DHCPCD_NODROP
) != DHCPCD_NODROP
)
4017 dhcp6_delete_delegates(ifp
);
4020 state
= D6_STATE(ifp
);
4022 /* Failure to send the release may cause this function to
4024 if (state
->state
== DH6S_RELEASE
) {
4025 dhcp6_finishrelease(ifp
);
4029 if (drop
&& options
& DHCPCD_RELEASE
&&
4030 state
->state
!= DH6S_DELEGATED
)
4032 if (ifp
->carrier
== LINK_UP
&&
4033 state
->state
!= DH6S_RELEASED
&&
4034 state
->state
!= DH6S_INFORMED
)
4036 dhcp6_startrelease(ifp
);
4039 dhcp_unlink(ifp
->ctx
, state
->leasefile
);
4042 else if (state
->auth
.reconf
!= NULL
) {
4044 * Drop the lease as the token may only be present
4045 * in the initial reply message and not subsequent
4047 * If dhcpcd is restarted, the token is lost.
4048 * XXX persist this in another file?
4050 dhcp_unlink(ifp
->ctx
, state
->leasefile
);
4054 dhcp6_freedrop_addrs(ifp
, drop
, NULL
);
4056 state
->old
= state
->new;
4057 state
->old_len
= state
->new_len
;
4060 if (drop
&& state
->old
&&
4061 (options
& DHCPCD_NODROP
) != DHCPCD_NODROP
)
4065 script_runreason(ifp
, reason
);
4071 ifp
->if_data
[IF_DATA_DHCP6
] = NULL
;
4074 /* If we don't have any more DHCP6 enabled interfaces,
4075 * close the global socket and release resources */
4078 TAILQ_FOREACH(ifp
, ctx
->ifaces
, next
) {
4083 if (ifp
== NULL
&& ctx
->dhcp6_rfd
!= -1) {
4084 eloop_event_delete(ctx
->eloop
, ctx
->dhcp6_rfd
);
4085 close(ctx
->dhcp6_rfd
);
4086 ctx
->dhcp6_rfd
= -1;
4091 dhcp6_drop(struct interface
*ifp
, const char *reason
)
4094 dhcp6_freedrop(ifp
, 1, reason
);
4098 dhcp6_free(struct interface
*ifp
)
4101 dhcp6_freedrop(ifp
, 0, NULL
);
4105 dhcp6_abort(struct interface
*ifp
)
4107 struct dhcp6_state
*state
;
4108 #ifdef ND6_ADVERTISE
4109 struct ipv6_addr
*ia
;
4112 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_start1
, ifp
);
4113 state
= D6_STATE(ifp
);
4117 #ifdef ND6_ADVERTISE
4118 TAILQ_FOREACH(ia
, &state
->addrs
, next
) {
4119 ipv6nd_advertise(ia
);
4123 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_startdiscover
, ifp
);
4124 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_senddiscover
, ifp
);
4125 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_startinform
, ifp
);
4126 eloop_timeout_delete(ifp
->ctx
->eloop
, dhcp6_sendinform
, ifp
);
4128 switch (state
->state
) {
4129 case DH6S_DISCOVER
: /* FALLTHROUGH */
4130 case DH6S_REQUEST
: /* FALLTHROUGH */
4132 state
->state
= DH6S_INIT
;
4140 dhcp6_handleifa(int cmd
, struct ipv6_addr
*ia
, pid_t pid
)
4142 struct dhcp6_state
*state
;
4143 struct interface
*ifp
= ia
->iface
;
4145 /* If not running in master mode, listen to this address */
4146 if (cmd
== RTM_NEWADDR
&&
4147 !(ia
->addr_flags
& IN6_IFF_NOTUSEABLE
) &&
4148 ifp
->active
== IF_ACTIVE_USER
&&
4149 !(ifp
->ctx
->options
& DHCPCD_MASTER
) &&
4150 ifp
->options
->options
& DHCPCD_DHCP6
)
4153 if (IN_PRIVSEP_SE(ifp
->ctx
)) {
4154 if (ps_inet_opendhcp6(ia
) == -1)
4159 if (ia
->dhcp6_fd
== -1)
4160 ia
->dhcp6_fd
= dhcp6_openudp(ia
->iface
->index
,
4162 if (ia
->dhcp6_fd
!= -1)
4163 eloop_event_add(ia
->iface
->ctx
->eloop
,
4164 ia
->dhcp6_fd
, dhcp6_recvaddr
, ia
);
4169 if ((state
= D6_STATE(ifp
)) != NULL
)
4170 ipv6_handleifa_addrs(cmd
, &state
->addrs
, ia
, pid
);
4174 dhcp6_env(FILE *fp
, const char *prefix
, const struct interface
*ifp
,
4175 const struct dhcp6_message
*m
, size_t len
)
4177 const struct if_options
*ifo
;
4178 struct dhcp_opt
*opt
, *vo
;
4180 struct dhcp6_option o
;
4184 const struct dhcpcd_ctx
*ctx
;
4186 const struct dhcp6_state
*state
;
4187 const struct ipv6_addr
*ap
;
4193 if (len
< sizeof(*m
)) {
4194 /* Should be impossible with guards at packet in
4195 * and reading leases */
4203 /* Zero our indexes */
4204 for (i
= 0, opt
= ctx
->dhcp6_opts
;
4205 i
< ctx
->dhcp6_opts_len
;
4207 dhcp_zero_index(opt
);
4208 for (i
= 0, opt
= ifp
->options
->dhcp6_override
;
4209 i
< ifp
->options
->dhcp6_override_len
;
4211 dhcp_zero_index(opt
);
4212 for (i
= 0, opt
= ctx
->vivso
;
4215 dhcp_zero_index(opt
);
4216 if (asprintf(&pfx
, "%s_dhcp6", prefix
) == -1)
4219 /* Unlike DHCP, DHCPv6 options *may* occur more than once.
4220 * There is also no provision for option concatenation unlike DHCP. */
4221 p
= (const uint8_t *)m
+ sizeof(*m
);
4223 for (; len
!= 0; p
+= o
.len
, len
-= o
.len
) {
4224 if (len
< sizeof(o
)) {
4228 memcpy(&o
, p
, sizeof(o
));
4231 o
.len
= ntohs(o
.len
);
4236 o
.code
= ntohs(o
.code
);
4237 if (has_option_mask(ifo
->nomask6
, o
.code
))
4239 for (i
= 0, opt
= ifo
->dhcp6_override
;
4240 i
< ifo
->dhcp6_override_len
;
4242 if (opt
->option
== o
.code
)
4244 if (i
== ifo
->dhcp6_override_len
&&
4245 o
.code
== D6_OPTION_VENDOR_OPTS
&&
4248 memcpy(&en
, p
, sizeof(en
));
4250 vo
= vivso_find(en
, ifp
);
4253 if (i
== ifo
->dhcp6_override_len
) {
4254 for (i
= 0, opt
= ctx
->dhcp6_opts
;
4255 i
< ctx
->dhcp6_opts_len
;
4257 if (opt
->option
== o
.code
)
4259 if (i
== ctx
->dhcp6_opts_len
)
4263 dhcp_envoption(ifp
->ctx
,
4265 opt
, dhcp6_getoption
, p
, o
.len
);
4268 dhcp_envoption(ifp
->ctx
,
4270 vo
, dhcp6_getoption
,
4272 o
.len
- sizeof(en
));
4279 /* Needed for Delegated Prefixes */
4280 state
= D6_CSTATE(ifp
);
4281 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
4282 if (ap
->delegating_prefix
)
4287 if (fprintf(fp
, "%s_delegated_dhcp6_prefix=", prefix
) == -1)
4289 TAILQ_FOREACH(ap
, &state
->addrs
, next
) {
4290 if (ap
->delegating_prefix
== NULL
)
4292 if (ap
!= TAILQ_FIRST(&state
->addrs
)) {
4293 if (fputc(' ', fp
) == EOF
)
4296 if (fprintf(fp
, "%s", ap
->saddr
) == -1)
4299 if (fputc('\0', fp
) == EOF
)
4309 dhcp6_dump(struct interface
*ifp
)
4311 struct dhcp6_state
*state
;
4313 ifp
->if_data
[IF_DATA_DHCP6
] = state
= calloc(1, sizeof(*state
));
4314 if (state
== NULL
) {
4318 TAILQ_INIT(&state
->addrs
);
4319 if (dhcp6_readlease(ifp
, 0) == -1) {
4320 logerr("dhcp6_readlease");
4323 state
->reason
= "DUMP6";
4324 return script_runreason(ifp
, state
->reason
);