usr.sbin/relayd/pfe_route.c

*1577142dSclaudio/*	$OpenBSD: pfe_route.c,v 1.14 2023/06/29 16:24:53 claudio Exp $	*/
34438db4Sreyk
34438db4Sreyk/*
d535e21cSreyk * Copyright (c) 2009 - 2011 Reyk Floeter <reyk@openbsd.org>
34438db4Sreyk *
34438db4Sreyk * Permission to use, copy, modify, and distribute this software for any
34438db4Sreyk * purpose with or without fee is hereby granted, provided that the above
34438db4Sreyk * copyright notice and this permission notice appear in all copies.
34438db4Sreyk *
34438db4Sreyk * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
34438db4Sreyk * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
34438db4Sreyk * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
34438db4Sreyk * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
34438db4Sreyk * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
34438db4Sreyk * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
34438db4Sreyk * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
34438db4Sreyk */
34438db4Sreyk
34438db4Sreyk#include <sys/types.h>
34438db4Sreyk#include <sys/queue.h>
34438db4Sreyk#include <sys/socket.h>
137f9002Sclaudio#include <sys/uio.h>
34438db4Sreyk
34438db4Sreyk#include <netinet/in.h>
34438db4Sreyk#include <net/route.h>
f04ff968Sreyk#include <arpa/inet.h>
34438db4Sreyk
f04ff968Sreyk#include <limits.h>
137f9002Sclaudio#include <stddef.h>
34438db4Sreyk#include <stdio.h>
34438db4Sreyk#include <unistd.h>
34438db4Sreyk#include <string.h>
34438db4Sreyk#include <errno.h>
34438db4Sreyk
34438db4Sreyk#include "relayd.h"
34438db4Sreyk
34438db4Sreykvoid
34438db4Sreykinit_routes(struct relayd *env)
34438db4Sreyk{
34438db4Sreyk	u_int	 rtfilter;
34438db4Sreyk
586b5f8aSreyk	if (!(env->sc_conf.flags & F_NEEDRT))
34438db4Sreyk		return;
34438db4Sreyk
34438db4Sreyk	if ((env->sc_rtsock = socket(AF_ROUTE, SOCK_RAW, 0)) == -1)
efc39811Sbenno		fatal("%s: failed to open routing socket", __func__);
34438db4Sreyk
34438db4Sreyk	rtfilter = ROUTE_FILTER(0);
34438db4Sreyk	if (setsockopt(env->sc_rtsock, AF_ROUTE, ROUTE_MSGFILTER,
34438db4Sreyk	    &rtfilter, sizeof(rtfilter)) == -1)
efc39811Sbenno		fatal("%s: ROUTE_MSGFILTER", __func__);
34438db4Sreyk}
34438db4Sreyk
34438db4Sreykvoid
34438db4Sreyksync_routes(struct relayd *env, struct router *rt)
34438db4Sreyk{
34438db4Sreyk	struct netroute		*nr;
34438db4Sreyk	struct host		*host;
e2318a52Sderaadt	char			 buf[HOST_NAME_MAX+1];
34438db4Sreyk	struct ctl_netroute	 crt;
34438db4Sreyk
586b5f8aSreyk	if (!(env->sc_conf.flags & F_NEEDRT))
34438db4Sreyk		return;
34438db4Sreyk
34438db4Sreyk	TAILQ_FOREACH(nr, &rt->rt_netroutes, nr_entry) {
34438db4Sreyk		print_host(&nr->nr_conf.ss, buf, sizeof(buf));
34438db4Sreyk		TAILQ_FOREACH(host, &rt->rt_gwtable->hosts, entry) {
34438db4Sreyk			if (host->up == HOST_UNKNOWN)
34438db4Sreyk				continue;
34438db4Sreyk
85a8c65fSreyk			log_debug("%s: "
41835f22Sphessler			    "router %s route %s/%d gateway %s %s priority %d",
85a8c65fSreyk			    __func__,
34438db4Sreyk			    rt->rt_conf.name, buf, nr->nr_conf.prefixlen,
34438db4Sreyk			    host->conf.name,
41835f22Sphessler			    HOST_ISUP(host->up) ? "up" : "down",
41835f22Sphessler			    host->conf.priority);
34438db4Sreyk
34438db4Sreyk			crt.up = host->up;
a2195becSreyk			memcpy(&crt.nr, &nr->nr_conf, sizeof(nr->nr_conf));
a2195becSreyk			memcpy(&crt.host, &host->conf, sizeof(host->conf));
a2195becSreyk			memcpy(&crt.rt, &rt->rt_conf, sizeof(rt->rt_conf));
34438db4Sreyk
c2c37c5dSreyk			proc_compose(env->sc_ps, PROC_PARENT,
c2c37c5dSreyk			    IMSG_RTMSG, &crt, sizeof(crt));
34438db4Sreyk		}
34438db4Sreyk	}
34438db4Sreyk}
34438db4Sreyk
137f9002Sclaudiostatic void
137f9002Sclaudiopfe_apply_prefixlen(struct sockaddr_storage *ss, int af, int len)
137f9002Sclaudio{
137f9002Sclaudio	int q, r, off;
137f9002Sclaudio	uint8_t *b = (uint8_t *)ss;
137f9002Sclaudio
137f9002Sclaudio	q = len >> 3;
137f9002Sclaudio	r = len & 7;
137f9002Sclaudio
137f9002Sclaudio	bzero(ss, sizeof(*ss));
137f9002Sclaudio	ss->ss_family = af;
137f9002Sclaudio	switch (af) {
137f9002Sclaudio	case AF_INET:
137f9002Sclaudio		ss->ss_len = sizeof(struct sockaddr_in);
137f9002Sclaudio		off = offsetof(struct sockaddr_in, sin_addr);
137f9002Sclaudio		break;
137f9002Sclaudio	case AF_INET6:
137f9002Sclaudio		ss->ss_len = sizeof(struct sockaddr_in6);
137f9002Sclaudio		off = offsetof(struct sockaddr_in6, sin6_addr);
137f9002Sclaudio		break;
137f9002Sclaudio	default:
137f9002Sclaudio		fatal("%s: invalid address family", __func__);
137f9002Sclaudio	}
137f9002Sclaudio	if (q > 0)
137f9002Sclaudio		memset(b + off, 0xff, q);
137f9002Sclaudio	if (r > 0)
137f9002Sclaudio		b[off + q] = (0xff00 >> r) & 0xff;
137f9002Sclaudio}
137f9002Sclaudio
137f9002Sclaudio#define ROUNDUP(a) \
137f9002Sclaudio	((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
137f9002Sclaudio
34438db4Sreykint
34438db4Sreykpfe_route(struct relayd *env, struct ctl_netroute *crt)
34438db4Sreyk{
137f9002Sclaudio	struct iovec			 iov[5];
137f9002Sclaudio	struct rt_msghdr		 hdr;
137f9002Sclaudio	struct sockaddr_storage		 dst, gw, mask, label;
137f9002Sclaudio	struct sockaddr_rtlabel		*sr = (struct sockaddr_rtlabel *)&label;
137f9002Sclaudio	int				 iovcnt = 0;
34438db4Sreyk	char				*gwname;
34438db4Sreyk
137f9002Sclaudio	bzero(&hdr, sizeof(hdr));
137f9002Sclaudio	hdr.rtm_msglen = sizeof(hdr);
137f9002Sclaudio	hdr.rtm_version = RTM_VERSION;
137f9002Sclaudio	hdr.rtm_type = HOST_ISUP(crt->up) ? RTM_ADD : RTM_DELETE;
137f9002Sclaudio	hdr.rtm_flags = RTF_STATIC | RTF_GATEWAY | RTF_MPATH;
137f9002Sclaudio	hdr.rtm_seq = env->sc_rtseq++;
137f9002Sclaudio	hdr.rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK;
137f9002Sclaudio	hdr.rtm_tableid = crt->rt.rtable;
137f9002Sclaudio	hdr.rtm_priority = crt->host.priority;
137f9002Sclaudio
137f9002Sclaudio	iov[iovcnt].iov_base = &hdr;
137f9002Sclaudio	iov[iovcnt++].iov_len = sizeof(hdr);
137f9002Sclaudio
137f9002Sclaudio	dst = crt->nr.ss;
137f9002Sclaudio	gw = crt->host.ss;
a2195becSreyk	gwname = crt->host.name;
137f9002Sclaudio	pfe_apply_prefixlen(&mask, dst.ss_family, crt->nr.prefixlen);
34438db4Sreyk
137f9002Sclaudio	iov[iovcnt].iov_base = &dst;
137f9002Sclaudio	iov[iovcnt++].iov_len = ROUNDUP(dst.ss_len);
137f9002Sclaudio	hdr.rtm_msglen += ROUNDUP(dst.ss_len);
34438db4Sreyk
137f9002Sclaudio	iov[iovcnt].iov_base = &gw;
137f9002Sclaudio	iov[iovcnt++].iov_len = ROUNDUP(gw.ss_len);
137f9002Sclaudio	hdr.rtm_msglen += ROUNDUP(gw.ss_len);
137f9002Sclaudio
137f9002Sclaudio	iov[iovcnt].iov_base = &mask;
137f9002Sclaudio	iov[iovcnt++].iov_len = ROUNDUP(mask.ss_len);
137f9002Sclaudio	hdr.rtm_msglen += ROUNDUP(mask.ss_len);
34438db4Sreyk
a2195becSreyk	if (strlen(crt->rt.label)) {
137f9002Sclaudio		sr->sr_len = sizeof(*sr);
137f9002Sclaudio		strlcpy(sr->sr_label, crt->rt.label, sizeof(sr->sr_label));
137f9002Sclaudio
137f9002Sclaudio		iov[iovcnt].iov_base = &label;
137f9002Sclaudio		iov[iovcnt++].iov_len = ROUNDUP(label.ss_len);
137f9002Sclaudio		hdr.rtm_msglen += ROUNDUP(label.ss_len);
137f9002Sclaudio		hdr.rtm_addrs |= RTA_LABEL;
34438db4Sreyk	}
34438db4Sreyk
34438db4Sreyk retry:
137f9002Sclaudio	if (writev(env->sc_rtsock, iov, iovcnt) == -1) {
34438db4Sreyk		switch (errno) {
34438db4Sreyk		case EEXIST:
34438db4Sreyk		case ESRCH:
137f9002Sclaudio			if (hdr.rtm_type == RTM_ADD) {
137f9002Sclaudio				hdr.rtm_type = RTM_CHANGE;
34438db4Sreyk				goto retry;
137f9002Sclaudio			} else if (hdr.rtm_type == RTM_DELETE) {
34438db4Sreyk				/* Ignore */
34438db4Sreyk				break;
34438db4Sreyk			}
34438db4Sreyk			/* FALLTHROUGH */
34438db4Sreyk		default:
34438db4Sreyk			goto bad;
34438db4Sreyk		}
34438db4Sreyk	}
34438db4Sreyk
85a8c65fSreyk	log_debug("%s: gateway %s %s", __func__, gwname,
34438db4Sreyk	    HOST_ISUP(crt->up) ? "added" : "deleted");
34438db4Sreyk
34438db4Sreyk	return (0);
34438db4Sreyk
34438db4Sreyk bad:
85a8c65fSreyk	log_debug("%s: failed to %s gateway %s: %d %s", __func__,
34438db4Sreyk	    HOST_ISUP(crt->up) ? "add" : "delete", gwname,
34438db4Sreyk	    errno, strerror(errno));
34438db4Sreyk
34438db4Sreyk	return (-1);
34438db4Sreyk}