search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import dhcpcd-10.0.2 with the following changes:
[dragonfly.git] / contrib / dhcpcd / src / if-bsd.c
blobbab33c2ca6a9df1db6048fe9faaa49e230d76e8a
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3 * BSD interface driver for dhcpcd
4 * Copyright (c) 2006-2023 Roy Marples <roy@marples.name>
5 * All rights reserved
6
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <sys/ioctl.h>
30 #include <sys/param.h>
31 #include <sys/socket.h>
32 #include <sys/stat.h>
33 #include <sys/sysctl.h>
34 #include <sys/time.h>
35 #include <sys/types.h>
36 #include <sys/uio.h>
37 #include <sys/utsname.h>
38
39 #include "config.h"
40
41 #include <arpa/inet.h>
42 #include <net/bpf.h>
43 #include <net/if.h>
44 #include <net/if_dl.h>
45 #include <net/if_media.h>
46 #include <net/route.h>
47 #include <netinet/if_ether.h>
48 #include <netinet/in.h>
49 #include <netinet/in_var.h>
50 #include <netinet6/in6_var.h>
51 #include <netinet6/nd6.h>
52 #ifdef __NetBSD__
53 #include <net/if_vlanvar.h> /* Needs netinet/if_ether.h */
54 #elif defined(__DragonFly__)
55 #include <net/vlan/if_vlan_var.h>
56 #else
57 #include <net/if_vlan_var.h>
58 #endif
59 #ifdef __DragonFly__
60 # include <netproto/802_11/ieee80211_ioctl.h>
61 #else
62 # include <net80211/ieee80211.h>
63 # include <net80211/ieee80211_ioctl.h>
64 #endif
65
66 #include <assert.h>
67 #include <errno.h>
68 #include <fcntl.h>
69 #include <fnmatch.h>
70 #include <paths.h>
71 #include <stddef.h>
72 #include <stdio.h>
73 #include <stdlib.h>
74 #include <string.h>
75 #include <unistd.h>
76
77 #if defined(OpenBSD) && OpenBSD >= 201411
78 /* OpenBSD dropped the global setting from sysctl but left the #define
79 * which causes a EPERM error when trying to use it.
80 * I think both the error and keeping the define are wrong, so we #undef it. */
81 #undef IPV6CTL_ACCEPT_RTADV
82 #endif
83
84 #include "common.h"
85 #include "dhcp.h"
86 #include "if.h"
87 #include "if-options.h"
88 #include "ipv4.h"
89 #include "ipv4ll.h"
90 #include "ipv6.h"
91 #include "ipv6nd.h"
92 #include "logerr.h"
93 #include "privsep.h"
94 #include "route.h"
95 #include "sa.h"
96
97 #ifndef RT_ROUNDUP
98 #define RT_ROUNDUP(a) \
99 ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
100 #define RT_ADVANCE(x, n) (x += RT_ROUNDUP((n)->sa_len))
101 #endif
102
103 /* Ignore these interface names which look like ethernet but are virtual or
104 * just won't work without explicit configuration. */
105 static const char * const ifnames_ignore[] = {
106 "bridge",
107 "epair", /* Virtual patch cable */
108 "fwe", /* Firewire */
109 "fwip", /* Firewire */
110 "tap",
111 "vether",
112 "xvif", /* XEN DOM0 -> guest interface */
113 NULL
114 };
115
116 struct rtm
117 {
118 struct rt_msghdr hdr;
119 char buffer[sizeof(struct sockaddr_storage) * RTAX_MAX];
120 };
121
122 int
123 os_init(void)
124 {
125 return 0;
126 }
127
128 int
129 if_init(__unused struct interface *iface)
130 {
131 /* BSD promotes secondary address by default */
132 return 0;
133 }
134
135 int
136 if_conf(__unused struct interface *iface)
137 {
138 /* No extra checks needed on BSD */
139 return 0;
140 }
141
142 int
143 if_opensockets_os(struct dhcpcd_ctx *ctx)
144 {
145 struct priv *priv;
146 int n;
147 #if defined(RO_MSGFILTER) || defined(ROUTE_MSGFILTER)
148 unsigned char msgfilter[] = {
149 RTM_IFINFO,
150 #ifdef RTM_IFANNOUNCE
151 RTM_IFANNOUNCE,
152 #endif
153 RTM_ADD, RTM_CHANGE, RTM_DELETE, RTM_MISS,
154 #ifdef RTM_CHGADDR
155 RTM_CHGADDR,
156 #endif
157 #ifdef RTM_DESYNC
158 RTM_DESYNC,
159 #endif
160 RTM_NEWADDR, RTM_DELADDR
161 };
162 #ifdef ROUTE_MSGFILTER
163 unsigned int i, msgfilter_mask;
164 #endif
165 #endif
166
167 if ((priv = malloc(sizeof(*priv))) == NULL)
168 return -1;
169 ctx->priv = priv;
170
171 #ifdef INET6
172 priv->pf_inet6_fd = xsocket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
173 /* Don't return an error so we at least work on kernels witout INET6
174 * even though we expect INET6 support.
175 * We will fail noisily elsewhere anyway. */
176 #ifdef PRIVSEP_RIGHTS
177 if (priv->pf_inet6_fd != -1 && IN_PRIVSEP(ctx))
178 ps_rights_limit_ioctl(priv->pf_inet6_fd);
179 #endif
180 #endif
181
182 ctx->link_fd = xsocket(PF_ROUTE, SOCK_RAW | SOCK_CXNB, AF_UNSPEC);
183 if (ctx->link_fd == -1)
184 return -1;
185
186 #ifdef SO_RERROR
187 n = 1;
188 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_RERROR, &n,sizeof(n)) == -1)
189 logerr("%s: SO_RERROR", __func__);
190 #endif
191
192 /* Ignore our own route(4) messages.
193 * Sadly there is no way of doing this for route(4) messages
194 * generated from addresses we add/delete. */
195 n = 0;
196 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_USELOOPBACK,
197 &n, sizeof(n)) == -1)
198 logerr("%s: SO_USELOOPBACK", __func__);
199
200 #if defined(RO_MSGFILTER)
201 if (setsockopt(ctx->link_fd, PF_ROUTE, RO_MSGFILTER,
202 &msgfilter, sizeof(msgfilter)) == -1)
203 logerr(__func__);
204 #elif defined(ROUTE_MSGFILTER)
205 /* Convert the array into a bitmask. */
206 msgfilter_mask = 0;
207 for (i = 0; i < __arraycount(msgfilter); i++)
208 msgfilter_mask |= ROUTE_FILTER(msgfilter[i]);
209 if (setsockopt(ctx->link_fd, PF_ROUTE, ROUTE_MSGFILTER,
210 &msgfilter_mask, sizeof(msgfilter_mask)) == -1)
211 logerr(__func__);
212 #else
213 #warning kernel does not support route message filtering
214 #endif
215
216 #ifdef PRIVSEP_RIGHTS
217 /* We need to getsockopt for SO_RCVBUF and
218 * setsockopt for RO_MISSFILTER. */
219 if (IN_PRIVSEP(ctx))
220 ps_rights_limit_fd_sockopt(ctx->link_fd);
221 #endif
222
223
224 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */
225 priv->pf_link_fd = socket(PF_LINK, SOCK_DGRAM, 0);
226 if (priv->pf_link_fd == -1)
227 logerr("%s: socket(PF_LINK)", __func__);
228 #endif
229 return 0;
230 }
231
232 void
233 if_closesockets_os(struct dhcpcd_ctx *ctx)
234 {
235 struct priv *priv;
236
237 priv = (struct priv *)ctx->priv;
238 #ifdef INET6
239 if (priv->pf_inet6_fd != -1)
240 close(priv->pf_inet6_fd);
241 #endif
242 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */
243 if (priv->pf_link_fd != -1)
244 close(priv->pf_link_fd);
245 #endif
246 free(priv);
247 ctx->priv = NULL;
248 free(ctx->rt_missfilter);
249 }
250
251 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */
252 static int
253 if_ioctllink(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len)
254 {
255 struct priv *priv = (struct priv *)ctx->priv;
256
257 #ifdef PRIVSEP
258 if (ctx->options & DHCPCD_PRIVSEP)
259 return (int)ps_root_ioctllink(ctx, req, data, len);
260 #endif
261
262 return ioctl(priv->pf_link_fd, req, data, len);
263 }
264 #endif
265
266 int
267 if_setmac(struct interface *ifp, void *mac, uint8_t maclen)
268 {
269
270 if (ifp->hwlen != maclen) {
271 errno = EINVAL;
272 return -1;
273 }
274
275 #if defined(SIOCALIFADDR) && defined(IFLR_ACTIVE) /*NetBSD */
276 struct if_laddrreq iflr = { .flags = IFLR_ACTIVE };
277 struct sockaddr_dl *sdl = satosdl(&iflr.addr);
278 int retval;
279
280 strlcpy(iflr.iflr_name, ifp->name, sizeof(iflr.iflr_name));
281 sdl->sdl_family = AF_LINK;
282 sdl->sdl_len = sizeof(*sdl);
283 sdl->sdl_alen = maclen;
284 memcpy(LLADDR(sdl), mac, maclen);
285 retval = if_ioctllink(ifp->ctx, SIOCALIFADDR, &iflr, sizeof(iflr));
286
287 /* Try and remove the old address */
288 memcpy(LLADDR(sdl), ifp->hwaddr, ifp->hwlen);
289 if_ioctllink(ifp->ctx, SIOCDLIFADDR, &iflr, sizeof(iflr));
290
291 return retval;
292 #else
293 struct ifreq ifr = {
294 .ifr_addr.sa_family = AF_LINK,
295 .ifr_addr.sa_len = maclen,
296 };
297
298 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
299 memcpy(ifr.ifr_addr.sa_data, mac, maclen);
300 return if_ioctl(ifp->ctx, SIOCSIFLLADDR, &ifr, sizeof(ifr));
301 #endif
302 }
303
304 static bool
305 if_ignore1(const char *drvname)
306 {
307 const char * const *p;
308
309 for (p = ifnames_ignore; *p; p++) {
310 if (strcmp(*p, drvname) == 0)
311 return true;
312 }
313 return false;
314 }
315
316 #ifdef SIOCGIFGROUP
317 int
318 if_ignoregroup(int s, const char *ifname)
319 {
320 struct ifgroupreq ifgr = { .ifgr_len = 0 };
321 struct ifg_req *ifg;
322 size_t ifg_len;
323
324 /* Sadly it is possible to remove the device name
325 * from the interface groups, but hopefully this
326 * will be very unlikely.... */
327
328 strlcpy(ifgr.ifgr_name, ifname, sizeof(ifgr.ifgr_name));
329 if (ioctl(s, SIOCGIFGROUP, &ifgr) == -1 ||
330 (ifgr.ifgr_groups = malloc(ifgr.ifgr_len)) == NULL ||
331 ioctl(s, SIOCGIFGROUP, &ifgr) == -1)
332 {
333 logerr(__func__);
334 return -1;
335 }
336
337 for (ifg = ifgr.ifgr_groups, ifg_len = ifgr.ifgr_len;
338 ifg && ifg_len >= sizeof(*ifg);
339 ifg++, ifg_len -= sizeof(*ifg))
340 {
341 if (if_ignore1(ifg->ifgrq_group))
342 return 1;
343 }
344 return 0;
345 }
346 #endif
347
348 bool
349 if_ignore(struct dhcpcd_ctx *ctx, const char *ifname)
350 {
351 struct if_spec spec;
352
353 if (if_nametospec(ifname, &spec) != 0)
354 return false;
355
356 if (if_ignore1(spec.drvname))
357 return true;
358
359 #ifdef SIOCGIFGROUP
360 #if defined(PRIVSEP) && defined(HAVE_PLEDGE)
361 if (IN_PRIVSEP(ctx))
362 return ps_root_ifignoregroup(ctx, ifname) == 1 ? true : false;
363 #endif
364 else
365 return if_ignoregroup(ctx->pf_inet_fd, ifname) == 1 ?
366 true : false;
367 #else
368 UNUSED(ctx);
369 return false;
370 #endif
371 }
372
373 static int if_indirect_ioctl(struct dhcpcd_ctx *ctx,
374 const char *ifname, unsigned long cmd, void *data, size_t len)
375 {
376 struct ifreq ifr = { .ifr_flags = 0 };
377
378 #if defined(PRIVSEP) && (defined(HAVE_CAPSICUM) || defined(HAVE_PLEDGE))
379 if (IN_PRIVSEP(ctx))
380 return (int)ps_root_indirectioctl(ctx, cmd, ifname, data, len);
381 #else
382 UNUSED(len);
383 #endif
384
385 strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
386 ifr.ifr_data = data;
387 return ioctl(ctx->pf_inet_fd, cmd, &ifr);
388 }
389
390 int
391 if_carrier(struct interface *ifp, const void *ifadata)
392 {
393 const struct if_data *ifi = ifadata;
394
395 /*
396 * Every BSD returns this and it is the sole source of truth.
397 * Not all BSD's support SIOCGIFDATA and not all interfaces
398 * support SIOCGIFMEDIA.
399 */
400 assert(ifadata != NULL);
401
402 if (ifi->ifi_link_state >= LINK_STATE_UP)
403 return LINK_UP;
404 if (ifi->ifi_link_state == LINK_STATE_UNKNOWN) {
405 /*
406 * Work around net80211 issues in some BSDs.
407 * Wireless MUST support link state change.
408 */
409 if (ifp->wireless)
410 return LINK_DOWN;
411 return LINK_UNKNOWN;
412 }
413 return LINK_DOWN;
414 }
415
416 bool
417 if_roaming(struct interface *ifp)
418 {
419
420 /* Check for NetBSD as a safety measure.
421 * If other BSD's gain IN_IFF_TENTATIVE check they re-do DAD
422 * when the carrier comes up again. */
423 #if defined(IN_IFF_TENTATIVE) && defined(__NetBSD__)
424 return ifp->flags & IFF_UP && ifp->carrier == LINK_DOWN;
425 #else
426 UNUSED(ifp);
427 return false;
428 #endif
429 }
430
431 static void
432 if_linkaddr(struct sockaddr_dl *sdl, const struct interface *ifp)
433 {
434
435 memset(sdl, 0, sizeof(*sdl));
436 sdl->sdl_family = AF_LINK;
437 sdl->sdl_len = sizeof(*sdl);
438 sdl->sdl_nlen = sdl->sdl_alen = sdl->sdl_slen = 0;
439 sdl->sdl_index = (unsigned short)ifp->index;
440 }
441
442 static int
443 if_getssid1(struct dhcpcd_ctx *ctx, const char *ifname, void *ssid)
444 {
445 int retval = -1;
446 #if defined(SIOCG80211NWID)
447 struct ieee80211_nwid nwid;
448 #elif defined(IEEE80211_IOC_SSID)
449 struct ieee80211req ireq;
450 char nwid[IEEE80211_NWID_LEN];
451 #endif
452
453 #if defined(SIOCG80211NWID) /* NetBSD */
454 memset(&nwid, 0, sizeof(nwid));
455 if (if_indirect_ioctl(ctx, ifname, SIOCG80211NWID,
456 &nwid, sizeof(nwid)) == 0)
457 {
458 if (ssid == NULL)
459 retval = nwid.i_len;
460 else if (nwid.i_len > IF_SSIDLEN)
461 errno = ENOBUFS;
462 else {
463 retval = nwid.i_len;
464 memcpy(ssid, nwid.i_nwid, nwid.i_len);
465 }
466 }
467 #elif defined(IEEE80211_IOC_SSID) /* FreeBSD */
468 memset(&ireq, 0, sizeof(ireq));
469 strlcpy(ireq.i_name, ifname, sizeof(ireq.i_name));
470 ireq.i_type = IEEE80211_IOC_SSID;
471 ireq.i_val = -1;
472 memset(nwid, 0, sizeof(nwid));
473 ireq.i_data = &nwid;
474 if (ioctl(ctx->pf_inet_fd, SIOCG80211, &ireq) == 0) {
475 if (ssid == NULL)
476 retval = ireq.i_len;
477 else if (ireq.i_len > IF_SSIDLEN)
478 errno = ENOBUFS;
479 else {
480 retval = ireq.i_len;
481 memcpy(ssid, nwid, ireq.i_len);
482 }
483 }
484 #else
485 errno = ENOSYS;
486 #endif
487
488 return retval;
489 }
490
491 int
492 if_getssid(struct interface *ifp)
493 {
494 int r;
495
496 r = if_getssid1(ifp->ctx, ifp->name, ifp->ssid);
497 if (r != -1)
498 ifp->ssid_len = (unsigned int)r;
499 else
500 ifp->ssid_len = 0;
501 ifp->ssid[ifp->ssid_len] = '\0';
502 return r;
503 }
504
505 /*
506 * FreeBSD allows for Virtual Access Points
507 * We need to check if the interface is a Virtual Interface Master
508 * and if so, don't use it.
509 * This check is made by virtue of being a IEEE80211 device but
510 * returning the SSID gives an error.
511 */
512 int
513 if_vimaster(struct dhcpcd_ctx *ctx, const char *ifname)
514 {
515 int r;
516 struct ifmediareq ifmr = { .ifm_active = 0 };
517
518 strlcpy(ifmr.ifm_name, ifname, sizeof(ifmr.ifm_name));
519 r = ioctl(ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr);
520 if (r == -1)
521 return -1;
522 if (ifmr.ifm_status & IFM_AVALID &&
523 IFM_TYPE(ifmr.ifm_active) == IFM_IEEE80211)
524 {
525 if (if_getssid1(ctx, ifname, NULL) == -1)
526 return 1;
527 }
528 return 0;
529 }
530
531 unsigned short
532 if_vlanid(const struct interface *ifp)
533 {
534 #ifdef SIOCGETVLAN
535 struct vlanreq vlr = { .vlr_tag = 0 };
536
537 if (if_indirect_ioctl(ifp->ctx, ifp->name, SIOCGETVLAN,
538 &vlr, sizeof(vlr)) != 0)
539 return 0; /* 0 means no VLANID */
540 return vlr.vlr_tag;
541 #elif defined(SIOCGVNETID)
542 struct ifreq ifr = { .ifr_vnetid = 0 };
543
544 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
545 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGVNETID, &ifr) != 0)
546 return 0; /* 0 means no VLANID */
547 return ifr.ifr_vnetid;
548 #else
549 UNUSED(ifp);
550 return 0; /* 0 means no VLANID */
551 #endif
552 }
553
554 static int
555 get_addrs(int type, const void *data, size_t data_len,
556 const struct sockaddr **sa)
557 {
558 const char *cp, *ep;
559 int i;
560
561 cp = data;
562 ep = cp + data_len;
563 for (i = 0; i < RTAX_MAX; i++) {
564 if (type & (1 << i)) {
565 if (cp >= ep) {
566 errno = EINVAL;
567 return -1;
568 }
569 sa[i] = (const struct sockaddr *)cp;
570 RT_ADVANCE(cp, sa[i]);
571 } else
572 sa[i] = NULL;
573 }
574
575 return 0;
576 }
577
578 static struct interface *
579 if_findsdl(struct dhcpcd_ctx *ctx, const struct sockaddr_dl *sdl)
580 {
581
582 if (sdl->sdl_index)
583 return if_findindex(ctx->ifaces, sdl->sdl_index);
584
585 if (sdl->sdl_nlen) {
586 char ifname[IF_NAMESIZE];
587
588 memcpy(ifname, sdl->sdl_data, sdl->sdl_nlen);
589 ifname[sdl->sdl_nlen] = '\0';
590 return if_find(ctx->ifaces, ifname);
591 }
592 if (sdl->sdl_alen) {
593 struct interface *ifp;
594
595 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
596 if (ifp->hwlen == sdl->sdl_alen &&
597 memcmp(ifp->hwaddr,
598 sdl->sdl_data, sdl->sdl_alen) == 0)
599 return ifp;
600 }
601 }
602
603 errno = ENOENT;
604 return NULL;
605 }
606
607 static struct interface *
608 if_findsa(struct dhcpcd_ctx *ctx, const struct sockaddr *sa)
609 {
610 if (sa == NULL) {
611 errno = EINVAL;
612 return NULL;
613 }
614
615 switch (sa->sa_family) {
616 case AF_LINK:
617 {
618 const struct sockaddr_dl *sdl;
619
620 sdl = (const void *)sa;
621 return if_findsdl(ctx, sdl);
622 }
623 #ifdef INET
624 case AF_INET:
625 {
626 const struct sockaddr_in *sin;
627 struct ipv4_addr *ia;
628
629 sin = (const void *)sa;
630 if ((ia = ipv4_findmaskaddr(ctx, &sin->sin_addr)))
631 return ia->iface;
632 if ((ia = ipv4_findmaskbrd(ctx, &sin->sin_addr)))
633 return ia->iface;
634 break;
635 }
636 #endif
637 #ifdef INET6
638 case AF_INET6:
639 {
640 const struct sockaddr_in6 *sin;
641 unsigned int scope;
642 struct ipv6_addr *ia;
643
644 sin = (const void *)sa;
645 scope = ipv6_getscope(sin);
646 if (scope != 0)
647 return if_findindex(ctx->ifaces, scope);
648 if ((ia = ipv6_findmaskaddr(ctx, &sin->sin6_addr)))
649 return ia->iface;
650 break;
651 }
652 #endif
653 default:
654 errno = EAFNOSUPPORT;
655 return NULL;
656 }
657
658 errno = ENOENT;
659 return NULL;
660 }
661
662 static void
663 if_copysa(struct sockaddr *dst, const struct sockaddr *src)
664 {
665
666 assert(dst != NULL);
667 assert(src != NULL);
668
669 memcpy(dst, src, src->sa_len);
670 #if defined(INET6) && defined(__KAME__)
671 if (dst->sa_family == AF_INET6) {
672 struct in6_addr *in6;
673
674 in6 = &satosin6(dst)->sin6_addr;
675 if (IN6_IS_ADDR_LINKLOCAL(in6))
676 in6->s6_addr[2] = in6->s6_addr[3] = '\0';
677 }
678 #endif
679 }
680
681 int
682 if_route(unsigned char cmd, const struct rt *rt)
683 {
684 struct dhcpcd_ctx *ctx;
685 struct rtm rtmsg;
686 struct rt_msghdr *rtm = &rtmsg.hdr;
687 char *bp = rtmsg.buffer;
688 struct sockaddr_dl sdl;
689 bool gateway_unspec;
690
691 assert(rt != NULL);
692 assert(rt->rt_ifp != NULL);
693 assert(rt->rt_ifp->ctx != NULL);
694 ctx = rt->rt_ifp->ctx;
695
696 #define ADDSA(sa) do { \
697 memcpy(bp, (sa), (sa)->sa_len); \
698 bp += RT_ROUNDUP((sa)->sa_len); \
699 } while (0 /* CONSTCOND */)
700
701 memset(&rtmsg, 0, sizeof(rtmsg));
702 rtm->rtm_version = RTM_VERSION;
703 rtm->rtm_type = cmd;
704 #ifdef __OpenBSD__
705 rtm->rtm_pid = getpid();
706 #endif
707 rtm->rtm_seq = ++ctx->seq;
708 rtm->rtm_flags = (int)rt->rt_flags;
709 rtm->rtm_addrs = RTA_DST;
710 #ifdef RTF_PINNED
711 if (cmd != RTM_ADD)
712 rtm->rtm_flags |= RTF_PINNED;
713 #endif
714
715 gateway_unspec = sa_is_unspecified(&rt->rt_gateway);
716
717 if (cmd == RTM_ADD || cmd == RTM_CHANGE) {
718 bool netmask_bcast = sa_is_allones(&rt->rt_netmask);
719
720 rtm->rtm_flags |= RTF_UP;
721 rtm->rtm_addrs |= RTA_GATEWAY;
722 if (!(rtm->rtm_flags & RTF_REJECT) &&
723 !sa_is_loopback(&rt->rt_gateway))
724 {
725 rtm->rtm_index = (unsigned short)rt->rt_ifp->index;
726 /*
727 * OpenBSD rejects the message for on-link routes.
728 * FreeBSD-12 kernel apparently panics.
729 * I can't replicate the panic, but better safe than sorry!
730 * https://roy.marples.name/archives/dhcpcd-discuss/0002286.html
731 *
732 * Neither OS currently allows IPv6 address sharing anyway, so let's
733 * try to encourage someone to fix that by logging a waring during compile.
734 */
735 #if defined(__FreeBSD__) || defined(__OpenBSD__)
736 #warning kernel does not allow IPv6 address sharing
737 if (!gateway_unspec || rt->rt_dest.sa_family!=AF_INET6)
738 #endif
739 rtm->rtm_addrs |= RTA_IFP;
740 if (!sa_is_unspecified(&rt->rt_ifa))
741 rtm->rtm_addrs |= RTA_IFA;
742 }
743 if (netmask_bcast)
744 rtm->rtm_flags |= RTF_HOST;
745 /* Network routes are cloning or connected if supported.
746 * All other routes are static. */
747 if (gateway_unspec) {
748 #ifdef RTF_CLONING
749 rtm->rtm_flags |= RTF_CLONING;
750 #endif
751 #ifdef RTF_CONNECTED
752 rtm->rtm_flags |= RTF_CONNECTED;
753 #endif
754 #ifdef RTP_CONNECTED
755 rtm->rtm_priority = RTP_CONNECTED;
756 #endif
757 #ifdef RTF_CLONING
758 if (netmask_bcast) {
759 /*
760 * We add a cloning network route for a single
761 * host. Traffic to the host will generate a
762 * cloned route and the hardware address will
763 * resolve correctly.
764 * It might be more correct to use RTF_HOST
765 * instead of RTF_CLONING, and that does work,
766 * but some OS generate an arp warning
767 * diagnostic which we don't want to do.
768 */
769 rtm->rtm_flags &= ~RTF_HOST;
770 }
771 #endif
772 } else
773 rtm->rtm_flags |= RTF_GATEWAY;
774
775 if (rt->rt_dflags & RTDF_STATIC)
776 rtm->rtm_flags |= RTF_STATIC;
777
778 if (rt->rt_mtu != 0) {
779 rtm->rtm_inits |= RTV_MTU;
780 rtm->rtm_rmx.rmx_mtu = rt->rt_mtu;
781 }
782 }
783
784 if (!(rtm->rtm_flags & RTF_HOST))
785 rtm->rtm_addrs |= RTA_NETMASK;
786
787 if_linkaddr(&sdl, rt->rt_ifp);
788
789 ADDSA(&rt->rt_dest);
790
791 if (rtm->rtm_addrs & RTA_GATEWAY) {
792 if (gateway_unspec)
793 ADDSA((struct sockaddr *)&sdl);
794 else {
795 union sa_ss gateway;
796
797 if_copysa(&gateway.sa, &rt->rt_gateway);
798 #ifdef INET6
799 if (gateway.sa.sa_family == AF_INET6)
800 ipv6_setscope(&gateway.sin6, rt->rt_ifp->index);
801 #endif
802 ADDSA(&gateway.sa);
803 }
804 }
805
806 if (rtm->rtm_addrs & RTA_NETMASK)
807 ADDSA(&rt->rt_netmask);
808
809 if (rtm->rtm_addrs & RTA_IFP)
810 ADDSA((struct sockaddr *)&sdl);
811
812 if (rtm->rtm_addrs & RTA_IFA)
813 ADDSA(&rt->rt_ifa);
814
815 #undef ADDSA
816
817 rtm->rtm_msglen = (unsigned short)(bp - (char *)rtm);
818
819 #ifdef PRIVSEP
820 if (ctx->options & DHCPCD_PRIVSEP) {
821 if (ps_root_route(ctx, rtm, rtm->rtm_msglen) == -1)
822 return -1;
823 return 0;
824 }
825 #endif
826 if (write(ctx->link_fd, rtm, rtm->rtm_msglen) == -1)
827 return -1;
828 return 0;
829 }
830
831 static bool
832 if_realroute(const struct rt_msghdr *rtm)
833 {
834
835 #ifdef RTF_CLONED
836 if (rtm->rtm_flags & RTF_CLONED)
837 return false;
838 #endif
839 #ifdef RTF_WASCLONED
840 if (rtm->rtm_flags & RTF_WASCLONED)
841 return false;
842 #endif
843 #ifdef RTF_LOCAL
844 if (rtm->rtm_flags & RTF_LOCAL)
845 return false;
846 #endif
847 #ifdef RTF_BROADCAST
848 if (rtm->rtm_flags & RTF_BROADCAST)
849 return false;
850 #endif
851 return true;
852 }
853
854 static int
855 if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, const struct rt_msghdr *rtm)
856 {
857 const struct sockaddr *rti_info[RTAX_MAX];
858
859 if (!(rtm->rtm_addrs & RTA_DST)) {
860 errno = EINVAL;
861 return -1;
862 }
863 if (rtm->rtm_type != RTM_MISS && !(rtm->rtm_addrs & RTA_GATEWAY)) {
864 errno = EINVAL;
865 return -1;
866 }
867
868 if (get_addrs(rtm->rtm_addrs, (const char *)rtm + sizeof(*rtm),
869 rtm->rtm_msglen - sizeof(*rtm), rti_info) == -1)
870 return -1;
871 memset(rt, 0, sizeof(*rt));
872
873 rt->rt_flags = (unsigned int)rtm->rtm_flags;
874 if_copysa(&rt->rt_dest, rti_info[RTAX_DST]);
875 if (rtm->rtm_addrs & RTA_NETMASK) {
876 if_copysa(&rt->rt_netmask, rti_info[RTAX_NETMASK]);
877 if (rt->rt_netmask.sa_family == 255) /* Why? */
878 rt->rt_netmask.sa_family = rt->rt_dest.sa_family;
879 }
880
881 /* dhcpcd likes an unspecified gateway to indicate via the link.
882 * However we need to know if gateway was a link with an address. */
883 if (rtm->rtm_addrs & RTA_GATEWAY) {
884 if (rti_info[RTAX_GATEWAY]->sa_family == AF_LINK) {
885 const struct sockaddr_dl *sdl;
886
887 sdl = (const struct sockaddr_dl*)
888 (const void *)rti_info[RTAX_GATEWAY];
889 if (sdl->sdl_alen != 0)
890 rt->rt_dflags |= RTDF_GATELINK;
891 } else if (rtm->rtm_flags & RTF_GATEWAY)
892 if_copysa(&rt->rt_gateway, rti_info[RTAX_GATEWAY]);
893 }
894
895 if (rtm->rtm_addrs & RTA_IFA)
896 if_copysa(&rt->rt_ifa, rti_info[RTAX_IFA]);
897
898 rt->rt_mtu = (unsigned int)rtm->rtm_rmx.rmx_mtu;
899
900 if (rtm->rtm_index)
901 rt->rt_ifp = if_findindex(ctx->ifaces, rtm->rtm_index);
902 else if (rtm->rtm_addrs & RTA_IFP)
903 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_IFP]);
904 else if (rtm->rtm_addrs & RTA_GATEWAY)
905 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_GATEWAY]);
906 else
907 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_DST]);
908
909 if (rt->rt_ifp == NULL && rtm->rtm_type == RTM_MISS)
910 rt->rt_ifp = if_find(ctx->ifaces, "lo0");
911
912 if (rt->rt_ifp == NULL) {
913 errno = ESRCH;
914 return -1;
915 }
916 return 0;
917 }
918
919 static int
920 if_sysctl(struct dhcpcd_ctx *ctx,
921 const int *name, u_int namelen,
922 void *oldp, size_t *oldlenp, void *newp, size_t newlen)
923 {
924 #if defined(PRIVSEP) && defined(HAVE_CAPSICUM)
925 if (IN_PRIVSEP(ctx))
926 return (int)ps_root_sysctl(ctx, name, namelen,
927 oldp, oldlenp, newp, newlen);
928 #else
929 UNUSED(ctx);
930 #endif
931
932 return sysctl(name, namelen, oldp, oldlenp, newp, newlen);
933 }
934
935 int
936 if_initrt(struct dhcpcd_ctx *ctx, rb_tree_t *kroutes, int af)
937 {
938 struct rt_msghdr *rtm;
939 int mib[6] = { CTL_NET, PF_ROUTE, 0, af, NET_RT_DUMP, 0 };
940 size_t bufl;
941 char *buf, *p, *end;
942 struct rt rt, *rtn;
943
944 if (if_sysctl(ctx, mib, __arraycount(mib), NULL, &bufl, NULL, 0) == -1)
945 return -1;
946 if (bufl == 0)
947 return 0;
948 if ((buf = malloc(bufl)) == NULL)
949 return -1;
950 if (if_sysctl(ctx, mib, __arraycount(mib), buf, &bufl, NULL, 0) == -1)
951 {
952 free(buf);
953 return -1;
954 }
955
956 end = buf + bufl;
957 for (p = buf; p < end; p += rtm->rtm_msglen) {
958 rtm = (void *)p;
959 if (p + sizeof(*rtm) > end || p + rtm->rtm_msglen > end) {
960 errno = EINVAL;
961 break;
962 }
963 if (!if_realroute(rtm))
964 continue;
965 if (if_copyrt(ctx, &rt, rtm) != 0)
966 continue;
967 if ((rtn = rt_new(rt.rt_ifp)) == NULL) {
968 logerr(__func__);
969 break;
970 }
971 memcpy(rtn, &rt, sizeof(*rtn));
972 if (rb_tree_insert_node(kroutes, rtn) != rtn)
973 rt_free(rtn);
974 }
975 free(buf);
976 return p == end ? 0 : -1;
977 }
978
979 #ifdef INET
980 int
981 if_address(unsigned char cmd, const struct ipv4_addr *ia)
982 {
983 int r;
984 struct in_aliasreq ifra;
985 struct dhcpcd_ctx *ctx = ia->iface->ctx;
986
987 memset(&ifra, 0, sizeof(ifra));
988 strlcpy(ifra.ifra_name, ia->iface->name, sizeof(ifra.ifra_name));
989
990 #define ADDADDR(var, addr) do { \
991 (var)->sin_family = AF_INET; \
992 (var)->sin_len = sizeof(*(var)); \
993 (var)->sin_addr = *(addr); \
994 } while (/*CONSTCOND*/0)
995 ADDADDR(&ifra.ifra_addr, &ia->addr);
996 ADDADDR(&ifra.ifra_mask, &ia->mask);
997 if (cmd == RTM_NEWADDR && ia->brd.s_addr != INADDR_ANY)
998 ADDADDR(&ifra.ifra_broadaddr, &ia->brd);
999 #undef ADDADDR
1000
1001 r = if_ioctl(ctx,
1002 cmd == RTM_DELADDR ? SIOCDIFADDR : SIOCAIFADDR, &ifra,sizeof(ifra));
1003 return r;
1004 }
1005
1006 #if !(defined(HAVE_IFADDRS_ADDRFLAGS) && defined(HAVE_IFAM_ADDRFLAGS))
1007 int
1008 if_addrflags(const struct interface *ifp, const struct in_addr *addr,
1009 __unused const char *alias)
1010 {
1011 #ifdef SIOCGIFAFLAG_IN
1012 struct ifreq ifr;
1013 struct sockaddr_in *sin;
1014
1015 memset(&ifr, 0, sizeof(ifr));
1016 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
1017 sin = (void *)&ifr.ifr_addr;
1018 sin->sin_family = AF_INET;
1019 sin->sin_addr = *addr;
1020 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFAFLAG_IN, &ifr) == -1)
1021 return -1;
1022 return ifr.ifr_addrflags;
1023 #else
1024 UNUSED(ifp);
1025 UNUSED(addr);
1026 return 0;
1027 #endif
1028 }
1029 #endif
1030 #endif /* INET */
1031
1032 #ifdef INET6
1033 static int
1034 if_ioctl6(struct dhcpcd_ctx *ctx, unsigned long req, void *data, size_t len)
1035 {
1036 struct priv *priv;
1037
1038 #ifdef PRIVSEP
1039 if (ctx->options & DHCPCD_PRIVSEP)
1040 return (int)ps_root_ioctl6(ctx, req, data, len);
1041 #endif
1042
1043 priv = ctx->priv;
1044 return ioctl(priv->pf_inet6_fd, req, data, len);
1045 }
1046
1047 int
1048 if_address6(unsigned char cmd, const struct ipv6_addr *ia)
1049 {
1050 struct in6_aliasreq ifa = { .ifra_flags = 0 };
1051 struct in6_addr mask;
1052 struct dhcpcd_ctx *ctx = ia->iface->ctx;
1053
1054 strlcpy(ifa.ifra_name, ia->iface->name, sizeof(ifa.ifra_name));
1055 #if defined(__FreeBSD__) || defined(__DragonFly__)
1056 /* This is a bug - the kernel should work this out. */
1057 if (ia->addr_flags & IN6_IFF_TENTATIVE)
1058 ifa.ifra_flags |= IN6_IFF_TENTATIVE;
1059 #endif
1060 #if (defined(__NetBSD__) || defined(__OpenBSD__)) && \
1061 (defined(IPV6CTL_ACCEPT_RTADV) || defined(ND6_IFF_ACCEPT_RTADV))
1062 /* These kernels don't accept userland setting IN6_IFF_AUTOCONF */
1063 #else
1064 if (ia->flags & IPV6_AF_AUTOCONF)
1065 ifa.ifra_flags |= IN6_IFF_AUTOCONF;
1066 #endif
1067 #ifdef IPV6_MANAGETEMPADDR
1068 if (ia->flags & IPV6_AF_TEMPORARY)
1069 ifa.ifra_flags |= IN6_IFF_TEMPORARY;
1070 #endif
1071
1072 #define ADDADDR(v, addr) { \
1073 (v)->sin6_family = AF_INET6; \
1074 (v)->sin6_len = sizeof(*v); \
1075 (v)->sin6_addr = *(addr); \
1076 }
1077
1078 ADDADDR(&ifa.ifra_addr, &ia->addr);
1079 ipv6_setscope(&ifa.ifra_addr, ia->iface->index);
1080 ipv6_mask(&mask, ia->prefix_len);
1081 ADDADDR(&ifa.ifra_prefixmask, &mask);
1082
1083 #undef ADDADDR
1084
1085 /*
1086 * Every BSD kernel wants to add the prefix of the address to it's
1087 * list of RA received prefixes.
1088 * THIS IS WRONG because there (as the comments in the kernel state)
1089 * is no API for managing prefix lifetime and the kernel should not
1090 * pretend it's from a RA either.
1091 *
1092 * The issue is that the very first assigned prefix will inherit the
1093 * lifetime of the address, but any subsequent alteration of the
1094 * address OR it's lifetime will not affect the prefix lifetime.
1095 * As such, we cannot stop the prefix from timing out and then
1096 * constantly removing the prefix route dhcpcd is capable of adding
1097 * in it's absense.
1098 *
1099 * What we can do to mitigate the issue is to add the address with
1100 * infinite lifetimes, so the prefix route will never time out.
1101 * Once done, we can then set lifetimes on the address and all is good.
1102 * The downside of this approach is that we need to manually remove
1103 * the kernel route because it has no lifetime, but this is OK as
1104 * dhcpcd will handle this too.
1105 *
1106 * This issue is discussed on the NetBSD mailing lists here:
1107 * http://mail-index.netbsd.org/tech-net/2016/08/05/msg006044.html
1108 *
1109 * Fixed in NetBSD-7.99.36
1110 * NOT fixed in FreeBSD - bug 195197
1111 * Fixed in OpenBSD-5.9
1112 */
1113
1114 #if !((defined(__NetBSD_Version__) && __NetBSD_Version__ >= 799003600) || \
1115 (defined(__OpenBSD__) && OpenBSD >= 201605))
1116 if (cmd == RTM_NEWADDR && !(ia->flags & IPV6_AF_ADDED)) {
1117 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
1118 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
1119 (void)if_ioctl6(ctx, SIOCAIFADDR_IN6, &ifa, sizeof(ifa));
1120 }
1121 #endif
1122
1123 #if defined(__OpenBSD__) && OpenBSD <= 201705
1124 /* BUT OpenBSD older than 6.2 does not reset the address lifetime
1125 * for subsequent calls...
1126 * Luckily dhcpcd will remove the lease when it expires so
1127 * just set an infinite lifetime, unless a temporary address. */
1128 if (ifa.ifra_flags & IN6_IFF_PRIVACY) {
1129 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime;
1130 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime;
1131 } else {
1132 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
1133 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
1134 }
1135 #else
1136 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime;
1137 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime;
1138 #endif
1139
1140 return if_ioctl6(ctx,
1141 cmd == RTM_DELADDR ? SIOCDIFADDR_IN6 : SIOCAIFADDR_IN6,
1142 &ifa, sizeof(ifa));
1143 }
1144
1145 int
1146 if_addrflags6(const struct interface *ifp, const struct in6_addr *addr,
1147 __unused const char *alias)
1148 {
1149 int flags;
1150 struct in6_ifreq ifr6;
1151 struct priv *priv;
1152
1153 memset(&ifr6, 0, sizeof(ifr6));
1154 strlcpy(ifr6.ifr_name, ifp->name, sizeof(ifr6.ifr_name));
1155 ifr6.ifr_addr.sin6_family = AF_INET6;
1156 ifr6.ifr_addr.sin6_addr = *addr;
1157 ipv6_setscope(&ifr6.ifr_addr, ifp->index);
1158 priv = (struct priv *)ifp->ctx->priv;
1159 if (ioctl(priv->pf_inet6_fd, SIOCGIFAFLAG_IN6, &ifr6) != -1)
1160 flags = ifr6.ifr_ifru.ifru_flags6;
1161 else
1162 flags = -1;
1163 return flags;
1164 }
1165
1166 int
1167 if_getlifetime6(struct ipv6_addr *ia)
1168 {
1169 struct in6_ifreq ifr6;
1170 time_t t;
1171 struct in6_addrlifetime *lifetime;
1172 struct priv *priv;
1173
1174 memset(&ifr6, 0, sizeof(ifr6));
1175 strlcpy(ifr6.ifr_name, ia->iface->name, sizeof(ifr6.ifr_name));
1176 ifr6.ifr_addr.sin6_family = AF_INET6;
1177 ifr6.ifr_addr.sin6_addr = ia->addr;
1178 ipv6_setscope(&ifr6.ifr_addr, ia->iface->index);
1179 priv = (struct priv *)ia->iface->ctx->priv;
1180 if (ioctl(priv->pf_inet6_fd, SIOCGIFALIFETIME_IN6, &ifr6) == -1)
1181 return -1;
1182 clock_gettime(CLOCK_MONOTONIC, &ia->created);
1183
1184 #if defined(__FreeBSD__) || defined(__DragonFly__)
1185 t = ia->created.tv_sec;
1186 #else
1187 t = time(NULL);
1188 #endif
1189
1190 lifetime = &ifr6.ifr_ifru.ifru_lifetime;
1191 if (lifetime->ia6t_preferred)
1192 ia->prefix_pltime = (uint32_t)(lifetime->ia6t_preferred -
1193 MIN(t, lifetime->ia6t_preferred));
1194 else
1195 ia->prefix_pltime = ND6_INFINITE_LIFETIME;
1196 if (lifetime->ia6t_expire) {
1197 ia->prefix_vltime = (uint32_t)(lifetime->ia6t_expire -
1198 MIN(t, lifetime->ia6t_expire));
1199 /* Calculate the created time */
1200 ia->created.tv_sec -= lifetime->ia6t_vltime - ia->prefix_vltime;
1201 } else
1202 ia->prefix_vltime = ND6_INFINITE_LIFETIME;
1203 return 0;
1204 }
1205 #endif
1206
1207 static int
1208 if_announce(struct dhcpcd_ctx *ctx, const struct if_announcemsghdr *ifan)
1209 {
1210
1211 if (ifan->ifan_msglen < sizeof(*ifan)) {
1212 errno = EINVAL;
1213 return -1;
1214 }
1215
1216 switch(ifan->ifan_what) {
1217 case IFAN_ARRIVAL:
1218 return dhcpcd_handleinterface(ctx, 1, ifan->ifan_name);
1219 case IFAN_DEPARTURE:
1220 return dhcpcd_handleinterface(ctx, -1, ifan->ifan_name);
1221 }
1222
1223 return 0;
1224 }
1225
1226 static int
1227 if_ifinfo(struct dhcpcd_ctx *ctx, const struct if_msghdr *ifm)
1228 {
1229 struct interface *ifp;
1230 int link_state;
1231
1232 if (ifm->ifm_msglen < sizeof(*ifm)) {
1233 errno = EINVAL;
1234 return -1;
1235 }
1236
1237 if ((ifp = if_findindex(ctx->ifaces, ifm->ifm_index)) == NULL)
1238 return 0;
1239
1240 link_state = if_carrier(ifp, &ifm->ifm_data);
1241 dhcpcd_handlecarrier(ifp, link_state, (unsigned int)ifm->ifm_flags);
1242 return 0;
1243 }
1244
1245 static int
1246 if_rtm(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm)
1247 {
1248 struct rt rt;
1249
1250 if (rtm->rtm_msglen < sizeof(*rtm)) {
1251 errno = EINVAL;
1252 return -1;
1253 }
1254
1255 /* Ignore errors. */
1256 if (rtm->rtm_errno != 0)
1257 return 0;
1258
1259 /* Ignore messages from ourself. */
1260 #ifdef PRIVSEP
1261 if (ctx->ps_root != NULL) {
1262 if (rtm->rtm_pid == ctx->ps_root->psp_pid)
1263 return 0;
1264 }
1265 #endif
1266
1267 if (if_copyrt(ctx, &rt, rtm) == -1)
1268 return errno == ENOTSUP ? 0 : -1;
1269
1270 #ifdef INET6
1271 /*
1272 * BSD announces host routes.
1273 * As such, we should be notified of reachability by its
1274 * existance with a hardware address.
1275 * Ensure we don't call this for a newly incomplete state.
1276 */
1277 if (rt.rt_dest.sa_family == AF_INET6 &&
1278 (rt.rt_flags & RTF_HOST || rtm->rtm_type == RTM_MISS) &&
1279 !(rtm->rtm_type == RTM_ADD && !(rt.rt_dflags & RTDF_GATELINK)))
1280 {
1281 bool reachable;
1282
1283 reachable = (rtm->rtm_type == RTM_ADD ||
1284 rtm->rtm_type == RTM_CHANGE) &&
1285 rt.rt_dflags & RTDF_GATELINK;
1286 ipv6nd_neighbour(ctx, &rt.rt_ss_dest.sin6.sin6_addr, reachable);
1287 }
1288 #endif
1289
1290 if (rtm->rtm_type != RTM_MISS && if_realroute(rtm))
1291 rt_recvrt(rtm->rtm_type, &rt, rtm->rtm_pid);
1292 return 0;
1293 }
1294
1295 static int
1296 if_ifa(struct dhcpcd_ctx *ctx, const struct ifa_msghdr *ifam)
1297 {
1298 struct interface *ifp;
1299 const struct sockaddr *rti_info[RTAX_MAX];
1300 int flags;
1301 pid_t pid;
1302
1303 if (ifam->ifam_msglen < sizeof(*ifam)) {
1304 errno = EINVAL;
1305 return -1;
1306 }
1307
1308 #ifdef HAVE_IFAM_PID
1309 /* Ignore address deletions from ourself.
1310 * We need to process address flag changes though. */
1311 if (ifam->ifam_type == RTM_DELADDR) {
1312 #ifdef PRIVSEP
1313 if (ctx->ps_root != NULL) {
1314 if (ifam->ifam_pid == ctx->ps_root->psp_pid)
1315 return 0;
1316 } else
1317 #endif
1318 /* address management is done via ioctl,
1319 * so SO_USELOOPBACK has no effect,
1320 * so we do need to check the pid. */
1321 if (ifam->ifam_pid == getpid())
1322 return 0;
1323 }
1324 pid = ifam->ifam_pid;
1325 #else
1326 pid = 0;
1327 #endif
1328
1329 if (~ifam->ifam_addrs & RTA_IFA)
1330 return 0;
1331 if ((ifp = if_findindex(ctx->ifaces, ifam->ifam_index)) == NULL)
1332 return 0;
1333
1334 if (get_addrs(ifam->ifam_addrs, (const char *)ifam + sizeof(*ifam),
1335 ifam->ifam_msglen - sizeof(*ifam), rti_info) == -1)
1336 return -1;
1337
1338 /* All BSD's set IFF_UP on the interface when adding an address.
1339 * But not all BSD's emit this via RTM_IFINFO when they do this ... */
1340 if (ifam->ifam_type == RTM_NEWADDR && !(ifp->flags & IFF_UP))
1341 dhcpcd_handlecarrier(ifp, ifp->carrier, ifp->flags | IFF_UP);
1342
1343 switch (rti_info[RTAX_IFA]->sa_family) {
1344 case AF_LINK:
1345 {
1346 struct sockaddr_dl sdl;
1347
1348 #ifdef RTM_CHGADDR
1349 if (ifam->ifam_type != RTM_CHGADDR)
1350 break;
1351 #else
1352 if (ifam->ifam_type != RTM_NEWADDR)
1353 break;
1354 #endif
1355 memcpy(&sdl, rti_info[RTAX_IFA], rti_info[RTAX_IFA]->sa_len);
1356 dhcpcd_handlehwaddr(ifp, ifp->hwtype,
1357 CLLADDR(&sdl), sdl.sdl_alen);
1358 break;
1359 }
1360 #ifdef INET
1361 case AF_INET:
1362 case 255: /* FIXME: Why 255? */
1363 {
1364 const struct sockaddr_in *sin;
1365 struct in_addr addr, mask, bcast;
1366
1367 sin = (const void *)rti_info[RTAX_IFA];
1368 addr.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1369 sin->sin_addr.s_addr : INADDR_ANY;
1370 sin = (const void *)rti_info[RTAX_NETMASK];
1371 mask.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1372 sin->sin_addr.s_addr : INADDR_ANY;
1373 sin = (const void *)rti_info[RTAX_BRD];
1374 bcast.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1375 sin->sin_addr.s_addr : INADDR_ANY;
1376
1377 /*
1378 * NetBSD-7 and older send an invalid broadcast address.
1379 * So we need to query the actual address to get
1380 * the right one.
1381 * We can also use this to test if the address
1382 * has really been added or deleted.
1383 */
1384 #ifdef SIOCGIFALIAS
1385 struct in_aliasreq ifra;
1386
1387 memset(&ifra, 0, sizeof(ifra));
1388 strlcpy(ifra.ifra_name, ifp->name, sizeof(ifra.ifra_name));
1389 ifra.ifra_addr.sin_family = AF_INET;
1390 ifra.ifra_addr.sin_len = sizeof(ifra.ifra_addr);
1391 ifra.ifra_addr.sin_addr = addr;
1392 if (ioctl(ctx->pf_inet_fd, SIOCGIFALIAS, &ifra) == -1) {
1393 if (errno != ENXIO && errno != EADDRNOTAVAIL)
1394 logerr("%s: SIOCGIFALIAS", __func__);
1395 if (ifam->ifam_type != RTM_DELADDR)
1396 break;
1397 } else {
1398 if (ifam->ifam_type == RTM_DELADDR)
1399 break;
1400 #if defined(__NetBSD_Version__) && __NetBSD_Version__ < 800000000
1401 bcast = ifra.ifra_broadaddr.sin_addr;
1402 #endif
1403 }
1404 #else
1405 #warning No SIOCGIFALIAS support
1406 /*
1407 * No SIOCGIFALIAS? That sucks!
1408 * This makes this call very heavy weight, but we
1409 * really need to know if the message is late or not.
1410 */
1411 const struct sockaddr *sa;
1412 struct ifaddrs *ifaddrs = NULL, *ifa;
1413
1414 sa = rti_info[RTAX_IFA];
1415 #ifdef PRIVSEP_GETIFADDRS
1416 if (IN_PRIVSEP(ctx)) {
1417 if (ps_root_getifaddrs(ctx, &ifaddrs) == -1) {
1418 logerr("ps_root_getifaddrs");
1419 break;
1420 }
1421 } else
1422 #endif
1423 if (getifaddrs(&ifaddrs) == -1) {
1424 logerr("getifaddrs");
1425 break;
1426 }
1427 for (ifa = ifaddrs; ifa; ifa = ifa->ifa_next) {
1428 if (ifa->ifa_addr == NULL)
1429 continue;
1430 if (sa_cmp(ifa->ifa_addr, sa) == 0 &&
1431 strcmp(ifa->ifa_name, ifp->name) == 0)
1432 break;
1433 }
1434 #ifdef PRIVSEP_GETIFADDRS
1435 if (IN_PRIVSEP(ctx))
1436 free(ifaddrs);
1437 else
1438 #endif
1439 freeifaddrs(ifaddrs);
1440 if (ifam->ifam_type == RTM_DELADDR) {
1441 if (ifa != NULL)
1442 break;
1443 } else {
1444 if (ifa == NULL)
1445 break;
1446 }
1447 #endif
1448
1449 #ifdef HAVE_IFAM_ADDRFLAGS
1450 flags = ifam->ifam_addrflags;
1451 #else
1452 flags = 0;
1453 #endif
1454
1455 ipv4_handleifa(ctx, ifam->ifam_type, NULL, ifp->name,
1456 &addr, &mask, &bcast, flags, pid);
1457 break;
1458 }
1459 #endif
1460 #ifdef INET6
1461 case AF_INET6:
1462 {
1463 struct in6_addr addr6, mask6;
1464 const struct sockaddr_in6 *sin6;
1465
1466 sin6 = (const void *)rti_info[RTAX_IFA];
1467 addr6 = sin6->sin6_addr;
1468 sin6 = (const void *)rti_info[RTAX_NETMASK];
1469 mask6 = sin6->sin6_addr;
1470
1471 /*
1472 * If the address was deleted, lets check if it's
1473 * a late message and it still exists (maybe modified).
1474 * If so, ignore it as deleting an address causes
1475 * dhcpcd to drop any lease to which it belongs.
1476 * Also check an added address was really added.
1477 */
1478 flags = if_addrflags6(ifp, &addr6, NULL);
1479 if (flags == -1) {
1480 if (errno != ENXIO && errno != EADDRNOTAVAIL)
1481 logerr("%s: if_addrflags6", __func__);
1482 if (ifam->ifam_type != RTM_DELADDR)
1483 break;
1484 flags = 0;
1485 } else if (ifam->ifam_type == RTM_DELADDR)
1486 break;
1487
1488 #ifdef __KAME__
1489 if (IN6_IS_ADDR_LINKLOCAL(&addr6))
1490 /* Remove the scope from the address */
1491 addr6.s6_addr[2] = addr6.s6_addr[3] = '\0';
1492 #endif
1493
1494 ipv6_handleifa(ctx, ifam->ifam_type, NULL,
1495 ifp->name, &addr6, ipv6_prefixlen(&mask6), flags, pid);
1496 break;
1497 }
1498 #endif
1499 }
1500
1501 return 0;
1502 }
1503
1504 static int
1505 if_dispatch(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm)
1506 {
1507
1508 if (rtm->rtm_version != RTM_VERSION)
1509 return 0;
1510
1511 switch(rtm->rtm_type) {
1512 #ifdef RTM_IFANNOUNCE
1513 case RTM_IFANNOUNCE:
1514 return if_announce(ctx, (const void *)rtm);
1515 #endif
1516 case RTM_IFINFO:
1517 return if_ifinfo(ctx, (const void *)rtm);
1518 case RTM_ADD: /* FALLTHROUGH */
1519 case RTM_CHANGE: /* FALLTHROUGH */
1520 case RTM_DELETE: /* FALLTHROUGH */
1521 case RTM_MISS:
1522 return if_rtm(ctx, (const void *)rtm);
1523 #ifdef RTM_CHGADDR
1524 case RTM_CHGADDR: /* FALLTHROUGH */
1525 #endif
1526 case RTM_DELADDR: /* FALLTHROUGH */
1527 case RTM_NEWADDR:
1528 return if_ifa(ctx, (const void *)rtm);
1529 #ifdef RTM_DESYNC
1530 case RTM_DESYNC:
1531 dhcpcd_linkoverflow(ctx);
1532 #elif !defined(SO_RERROR)
1533 #warning cannot detect route socket overflow within kernel
1534 #endif
1535 }
1536
1537 return 0;
1538 }
1539
1540 static int
1541 if_missfilter0(struct dhcpcd_ctx *ctx, struct interface *ifp,
1542 struct sockaddr *sa)
1543 {
1544 size_t salen = (size_t)RT_ROUNDUP(sa->sa_len);
1545 size_t newlen = ctx->rt_missfilterlen + salen;
1546 size_t diff = salen - (sa->sa_len);
1547 uint8_t *cp;
1548
1549 if (ctx->rt_missfiltersize < newlen) {
1550 void *n = realloc(ctx->rt_missfilter, newlen);
1551 if (n == NULL)
1552 return -1;
1553 ctx->rt_missfilter = n;
1554 ctx->rt_missfiltersize = newlen;
1555 }
1556
1557 #ifdef INET6
1558 if (sa->sa_family == AF_INET6)
1559 ipv6_setscope(satosin6(sa), ifp->index);
1560 #else
1561 UNUSED(ifp);
1562 #endif
1563
1564 cp = ctx->rt_missfilter + ctx->rt_missfilterlen;
1565 memcpy(cp, sa, sa->sa_len);
1566 if (diff != 0)
1567 memset(cp + sa->sa_len, 0, diff);
1568 ctx->rt_missfilterlen += salen;
1569
1570 #ifdef INET6
1571 if (sa->sa_family == AF_INET6)
1572 ipv6_setscope(satosin6(sa), 0);
1573 #endif
1574
1575 return 0;
1576 }
1577
1578 int
1579 if_missfilter(struct interface *ifp, struct sockaddr *sa)
1580 {
1581
1582 return if_missfilter0(ifp->ctx, ifp, sa);
1583 }
1584
1585 int
1586 if_missfilter_apply(struct dhcpcd_ctx *ctx)
1587 {
1588 #ifdef RO_MISSFILTER
1589 if (ctx->rt_missfilterlen == 0) {
1590 struct sockaddr sa = {
1591 .sa_family = AF_UNSPEC,
1592 .sa_len = sizeof(sa),
1593 };
1594
1595 if (if_missfilter0(ctx, NULL, &sa) == -1)
1596 return -1;
1597 }
1598
1599 return setsockopt(ctx->link_fd, PF_ROUTE, RO_MISSFILTER,
1600 ctx->rt_missfilter, (socklen_t)ctx->rt_missfilterlen);
1601 #else
1602 #warning kernel does not support RTM_MISS DST filtering
1603 UNUSED(ctx);
1604 errno = ENOTSUP;
1605 return -1;
1606 #endif
1607 }
1608
1609 __CTASSERT(offsetof(struct rt_msghdr, rtm_msglen) == 0);
1610 int
1611 if_handlelink(struct dhcpcd_ctx *ctx)
1612 {
1613 struct rtm rtm;
1614 ssize_t len;
1615
1616 len = read(ctx->link_fd, &rtm, sizeof(rtm));
1617 if (len == -1)
1618 return -1;
1619 if (len == 0)
1620 return 0;
1621 if ((size_t)len < sizeof(rtm.hdr.rtm_msglen) ||
1622 len != rtm.hdr.rtm_msglen)
1623 {
1624 errno = EINVAL;
1625 return -1;
1626 }
1627 /*
1628 * Coverity thinks that the data could be tainted from here.
1629 * I have no idea how because the length of the data we read
1630 * is guarded by len and checked to match rtm_msglen.
1631 * The issue seems to be related to extracting the addresses
1632 * at the end of the header, but seems to have no issues with the
1633 * equivalent call in if_initrt.
1634 */
1635 /* coverity[tainted_data] */
1636 return if_dispatch(ctx, &rtm.hdr);
1637 }
1638
1639 #ifndef SYS_NMLN /* OSX */
1640 # define SYS_NMLN __SYS_NAMELEN
1641 #endif
1642 #ifndef HW_MACHINE_ARCH
1643 # ifdef HW_MODEL /* OpenBSD */
1644 # define HW_MACHINE_ARCH HW_MODEL
1645 # endif
1646 #endif
1647 int
1648 if_machinearch(char *str, size_t len)
1649 {
1650 int mib[2] = { CTL_HW, HW_MACHINE_ARCH };
1651
1652 return sysctl(mib, sizeof(mib) / sizeof(mib[0]), str, &len, NULL, 0);
1653 }
1654
1655 #ifdef INET6
1656 #if (defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)) || \
1657 defined(IPV6CTL_FORWARDING)
1658 #define get_inet6_sysctl(code) inet6_sysctl(code, 0, 0)
1659 #define set_inet6_sysctl(code, val) inet6_sysctl(code, val, 1)
1660 static int
1661 inet6_sysctl(int code, int val, int action)
1662 {
1663 int mib[] = { CTL_NET, PF_INET6, IPPROTO_IPV6, 0 };
1664 size_t size;
1665
1666 mib[3] = code;
1667 size = sizeof(val);
1668 if (action) {
1669 if (sysctl(mib, __arraycount(mib), NULL, 0, &val, size) == -1)
1670 return -1;
1671 return 0;
1672 }
1673 if (sysctl(mib, __arraycount(mib), &val, &size, NULL, 0) == -1)
1674 return -1;
1675 return val;
1676 }
1677 #endif
1678
1679 int
1680 if_applyra(const struct ra *rap)
1681 {
1682 #ifdef SIOCSIFINFO_IN6
1683 struct in6_ndireq nd = { .ndi.chlim = 0 };
1684 struct dhcpcd_ctx *ctx = rap->iface->ctx;
1685 int error;
1686
1687 strlcpy(nd.ifname, rap->iface->name, sizeof(nd.ifname));
1688
1689 #ifdef IPV6CTL_ACCEPT_RTADV
1690 struct priv *priv = ctx->priv;
1691
1692 /*
1693 * NetBSD changed SIOCSIFINFO_IN6 to NOT set flags when kernel
1694 * RA was removed, however both FreeBSD and DragonFlyBSD still do.
1695 * linkmtu was also removed.
1696 * Hopefully this guard will still work if either remove kernel RA.
1697 */
1698 if (ioctl(priv->pf_inet6_fd, SIOCGIFINFO_IN6, &nd, sizeof(nd)) == -1)
1699 return -1;
1700
1701 nd.ndi.linkmtu = rap->mtu;
1702 #endif
1703
1704 nd.ndi.chlim = rap->hoplimit;
1705 nd.ndi.retrans = rap->retrans;
1706 nd.ndi.basereachable = rap->reachable;
1707 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd));
1708 #ifdef IPV6CTL_ACCEPT_RTADV
1709 if (error == -1 && errno == EINVAL) {
1710 /*
1711 * Very likely that this is caused by a dodgy MTU
1712 * setting specific to the interface.
1713 * Let's set it to "unspecified" and try again.
1714 * Doesn't really matter as we fix the MTU against the
1715 * routes we add as not all OS support SIOCSIFINFO_IN6.
1716 */
1717 nd.ndi.linkmtu = 0;
1718 error = if_ioctl6(ctx, SIOCSIFINFO_IN6, &nd, sizeof(nd));
1719 }
1720 #endif
1721 return error;
1722 #else
1723 #warning OS does not allow setting of RA bits hoplimit, retrans or reachable
1724 UNUSED(rap);
1725 return 0;
1726 #endif
1727 }
1728
1729 #ifndef IPV6CTL_FORWARDING
1730 #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0)
1731 #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1)
1732 static int
1733 inet6_sysctlbyname(const char *name, int val, int action)
1734 {
1735 size_t size;
1736
1737 size = sizeof(val);
1738 if (action) {
1739 if (sysctlbyname(name, NULL, 0, &val, size) == -1)
1740 return -1;
1741 return 0;
1742 }
1743 if (sysctlbyname(name, &val, &size, NULL, 0) == -1)
1744 return -1;
1745 return val;
1746 }
1747 #endif
1748
1749 int
1750 ip6_forwarding(__unused const char *ifname)
1751 {
1752 int val;
1753
1754 #ifdef IPV6CTL_FORWARDING
1755 val = get_inet6_sysctl(IPV6CTL_FORWARDING);
1756 #else
1757 val = get_inet6_sysctlbyname("net.inet6.ip6.forwarding");
1758 #endif
1759 return val < 0 ? 0 : val;
1760 }
1761
1762 #ifdef SIOCIFAFATTACH
1763 static int
1764 if_af_attach(const struct interface *ifp, int af)
1765 {
1766 struct if_afreq ifar = { .ifar_af = af };
1767
1768 strlcpy(ifar.ifar_name, ifp->name, sizeof(ifar.ifar_name));
1769 return if_ioctl6(ifp->ctx, SIOCIFAFATTACH, &ifar, sizeof(ifar));
1770 }
1771 #endif
1772
1773 #ifdef SIOCGIFXFLAGS
1774 static int
1775 if_set_ifxflags(const struct interface *ifp)
1776 {
1777 struct ifreq ifr;
1778 int flags;
1779 struct priv *priv = ifp->ctx->priv;
1780
1781 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
1782 if (ioctl(priv->pf_inet6_fd, SIOCGIFXFLAGS, &ifr) == -1)
1783 return -1;
1784 flags = ifr.ifr_flags;
1785 #ifdef IFXF_NOINET6
1786 flags &= ~IFXF_NOINET6;
1787 #endif
1788 /*
1789 * If not doing autoconf, don't disable the kernel from doing it.
1790 * If we need to, we should have another option actively disable it.
1791 *
1792 * OpenBSD moved from kernel based SLAAC to userland via slaacd(8).
1793 * It has a similar featureset to dhcpcd such as stable private
1794 * addresses, but lacks the ability to handle DNS inside the RA
1795 * which is a serious shortfall in this day and age.
1796 * Appease their user base by working alongside slaacd(8) if
1797 * dhcpcd is instructed not to do auto configuration of addresses.
1798 */
1799 #if defined(ND6_IFF_ACCEPT_RTADV)
1800 #define BSD_AUTOCONF DHCPCD_IPV6RS
1801 #else
1802 #define BSD_AUTOCONF DHCPCD_IPV6RA_AUTOCONF
1803 #endif
1804 if (ifp->options->options & BSD_AUTOCONF)
1805 flags &= ~IFXF_AUTOCONF6;
1806 if (ifr.ifr_flags == flags)
1807 return 0;
1808 ifr.ifr_flags = flags;
1809 return if_ioctl6(ifp->ctx, SIOCSIFXFLAGS, &ifr, sizeof(ifr));
1810 }
1811 #endif
1812
1813 /* OpenBSD removed ND6 flags entirely, so we need to check for their
1814 * existance. */
1815 #if defined(ND6_IFF_AUTO_LINKLOCAL) || \
1816 defined(ND6_IFF_PERFORMNUD) || \
1817 defined(ND6_IFF_ACCEPT_RTADV) || \
1818 defined(ND6_IFF_OVERRIDE_RTADV) || \
1819 defined(ND6_IFF_IFDISABLED)
1820 #define ND6_NDI_FLAGS
1821 #endif
1822
1823 void
1824 if_disable_rtadv(void)
1825 {
1826 #if defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)
1827 int ra = get_inet6_sysctl(IPV6CTL_ACCEPT_RTADV);
1828
1829 if (ra == -1) {
1830 if (errno != ENOENT)
1831 logerr("IPV6CTL_ACCEPT_RTADV");
1832 else if (ra != 0)
1833 if (set_inet6_sysctl(IPV6CTL_ACCEPT_RTADV, 0) == -1)
1834 logerr("IPV6CTL_ACCEPT_RTADV");
1835 }
1836 #endif
1837 }
1838
1839 void
1840 if_setup_inet6(const struct interface *ifp)
1841 {
1842 #ifdef ND6_NDI_FLAGS
1843 struct priv *priv;
1844 int s;
1845 struct in6_ndireq nd;
1846 int flags;
1847
1848 priv = (struct priv *)ifp->ctx->priv;
1849 s = priv->pf_inet6_fd;
1850
1851 memset(&nd, 0, sizeof(nd));
1852 strlcpy(nd.ifname, ifp->name, sizeof(nd.ifname));
1853 if (ioctl(s, SIOCGIFINFO_IN6, &nd) == -1)
1854 logerr("%s: SIOCGIFINFO_FLAGS", ifp->name);
1855 flags = (int)nd.ndi.flags;
1856
1857 #ifdef ND6_IFF_AUTO_LINKLOCAL
1858 /* Unlike the kernel, dhcpcd make make a stable private address. */
1859 flags &= ~ND6_IFF_AUTO_LINKLOCAL;
1860 #endif
1861
1862 #ifdef ND6_IFF_PERFORMNUD
1863 /* NUD is kind of essential. */
1864 flags |= ND6_IFF_PERFORMNUD;
1865 #endif
1866
1867 #ifdef ND6_IFF_IFDISABLED
1868 /* Ensure the interface is not disabled. */
1869 flags &= ~ND6_IFF_IFDISABLED;
1870 #endif
1871
1872 /*
1873 * If not doing autoconf, don't disable the kernel from doing it.
1874 * If we need to, we should have another option actively disable it.
1875 */
1876 #ifdef ND6_IFF_ACCEPT_RTADV
1877 if (ifp->options->options & DHCPCD_IPV6RS)
1878 flags &= ~ND6_IFF_ACCEPT_RTADV;
1879 #ifdef ND6_IFF_OVERRIDE_RTADV
1880 if (ifp->options->options & DHCPCD_IPV6RS)
1881 flags |= ND6_IFF_OVERRIDE_RTADV;
1882 #endif
1883 #endif
1884
1885 if (nd.ndi.flags != (uint32_t)flags) {
1886 nd.ndi.flags = (uint32_t)flags;
1887 if (if_ioctl6(ifp->ctx, SIOCSIFINFO_FLAGS,
1888 &nd, sizeof(nd)) == -1)
1889 logerr("%s: SIOCSIFINFO_FLAGS", ifp->name);
1890 }
1891 #endif /* ND6_NDI_FLAGS */
1892
1893 /* Enabling IPv6 by whatever means must be the
1894 * last action undertaken to ensure kernel RS and
1895 * LLADDR auto configuration are disabled where applicable. */
1896 #ifdef SIOCIFAFATTACH
1897 if (if_af_attach(ifp, AF_INET6) == -1)
1898 logerr("%s: if_af_attach", ifp->name);
1899 #endif
1900
1901 #ifdef SIOCGIFXFLAGS
1902 if (if_set_ifxflags(ifp) == -1)
1903 logerr("%s: set_ifxflags", ifp->name);
1904 #endif
1905
1906 #ifdef SIOCSRTRFLUSH_IN6
1907 /* Flush the kernel knowledge of advertised routers
1908 * and prefixes so the kernel does not expire prefixes
1909 * and default routes we are trying to own. */
1910 if (ifp->options->options & DHCPCD_IPV6RS) {
1911 struct in6_ifreq ifr;
1912
1913 memset(&ifr, 0, sizeof(ifr));
1914 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
1915 if (if_ioctl6(ifp->ctx, SIOCSRTRFLUSH_IN6,
1916 &ifr, sizeof(ifr)) == -1 &&
1917 errno != ENOTSUP && errno != ENOTTY)
1918 logwarn("SIOCSRTRFLUSH_IN6 %d", errno);
1919 #ifdef SIOCSPFXFLUSH_IN6
1920 if (if_ioctl6(ifp->ctx, SIOCSPFXFLUSH_IN6,
1921 &ifr, sizeof(ifr)) == -1 &&
1922 errno != ENOTSUP && errno != ENOTTY)
1923 logwarn("SIOCSPFXFLUSH_IN6");
1924 #endif
1925 }
1926 #endif
1927 }
1928 #endif
DragonFly BSD