1 /* 2 * dhcpcd - DHCP client daemon 3 * Copyright (c) 2006-2018 Roy Marples <roy@marples.name> 4 * All rights reserved 5 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28 #include <sys/param.h> 29 #include <sys/socket.h> 30 #include <sys/stat.h> 31 32 #include <arpa/inet.h> 33 #include <net/if.h> 34 #include <net/route.h> 35 #include <netinet/if_ether.h> 36 #include <netinet/in_systm.h> 37 #include <netinet/in.h> 38 #include <netinet/ip.h> 39 #define __FAVOR_BSD /* Nasty glibc hack so we can use BSD semantics for UDP */ 40 #include <netinet/udp.h> 41 #undef __FAVOR_BSD 42 43 #include <assert.h> 44 #include <ctype.h> 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <inttypes.h> 48 #include <stdbool.h> 49 #include <stddef.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <unistd.h> 53 54 #define ELOOP_QUEUE 2 55 #include "config.h" 56 #include "arp.h" 57 #include "bpf.h" 58 #include "common.h" 59 #include "dhcp.h" 60 #include "dhcpcd.h" 61 #include "dhcp-common.h" 62 #include "duid.h" 63 #include "eloop.h" 64 #include "if.h" 65 #include "ipv4.h" 66 #include "ipv4ll.h" 67 #include "logerr.h" 68 #include "sa.h" 69 #include "script.h" 70 71 #define DAD "Duplicate address detected" 72 #define DHCP_MIN_LEASE 20 73 74 #define IPV4A ADDRIPV4 | ARRAY 75 #define IPV4R ADDRIPV4 | REQUEST 76 77 /* We should define a maximum for the NAK exponential backoff */ 78 #define NAKOFF_MAX 60 79 80 /* Wait N nanoseconds between sending a RELEASE and dropping the address. 81 * This gives the kernel enough time to actually send it. */ 82 #define RELEASE_DELAY_S 0 83 #define RELEASE_DELAY_NS 10000000 84 85 #ifndef IPDEFTTL 86 #define IPDEFTTL 64 /* RFC1340 */ 87 #endif 88 89 /* Assert the correct structure size for on wire */ 90 __CTASSERT(sizeof(struct ip) == 20); 91 __CTASSERT(sizeof(struct udphdr) == 8); 92 __CTASSERT(sizeof(struct bootp) == 300); 93 94 struct dhcp_op { 95 uint8_t value; 96 const char *name; 97 }; 98 99 static const struct dhcp_op dhcp_ops[] = { 100 { DHCP_DISCOVER, "DISCOVER" }, 101 { DHCP_OFFER, "OFFER" }, 102 { DHCP_REQUEST, "REQUEST" }, 103 { DHCP_DECLINE, "DECLINE" }, 104 { DHCP_ACK, "ACK" }, 105 { DHCP_NAK, "NAK" }, 106 { DHCP_RELEASE, "RELEASE" }, 107 { DHCP_INFORM, "INFORM" }, 108 { DHCP_FORCERENEW, "FORCERENEW"}, 109 { 0, NULL } 110 }; 111 112 static const char * const dhcp_params[] = { 113 "ip_address", 114 "subnet_cidr", 115 "network_number", 116 "filename", 117 "server_name", 118 NULL 119 }; 120 121 static int dhcp_openbpf(struct interface *); 122 #ifdef ARP 123 static void dhcp_arp_conflicted(struct arp_state *, const struct arp_msg *); 124 #endif 125 static void dhcp_handledhcp(struct interface *, struct bootp *, size_t, 126 const struct in_addr *); 127 static int dhcp_initstate(struct interface *); 128 129 void 130 dhcp_printoptions(const struct dhcpcd_ctx *ctx, 131 const struct dhcp_opt *opts, size_t opts_len) 132 { 133 const char * const *p; 134 size_t i, j; 135 const struct dhcp_opt *opt, *opt2; 136 int cols; 137 138 for (p = dhcp_params; *p; p++) 139 printf(" %s\n", *p); 140 141 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 142 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++) 143 if (opt->option == opt2->option) 144 break; 145 if (j == opts_len) { 146 cols = printf("%03d %s", opt->option, opt->var); 147 dhcp_print_option_encoding(opt, cols); 148 } 149 } 150 for (i = 0, opt = opts; i < opts_len; i++, opt++) { 151 cols = printf("%03d %s", opt->option, opt->var); 152 dhcp_print_option_encoding(opt, cols); 153 } 154 } 155 156 #define get_option_raw(ctx, bootp, bootp_len, opt) \ 157 get_option((ctx), (bootp), (bootp_len), NULL) 158 static const uint8_t * 159 get_option(struct dhcpcd_ctx *ctx, 160 const struct bootp *bootp, size_t bootp_len, 161 unsigned int opt, size_t *opt_len) 162 { 163 const uint8_t *p, *e; 164 uint8_t l, o, ol, overl, *bp; 165 const uint8_t *op; 166 size_t bl; 167 168 /* Check we have the magic cookie */ 169 if (!IS_DHCP(bootp)) { 170 errno = ENOTSUP; 171 return NULL; 172 } 173 174 p = bootp->vend + 4; /* options after the 4 byte cookie */ 175 e = (const uint8_t *)bootp + bootp_len; 176 ol = o = overl = 0; 177 bp = NULL; 178 op = NULL; 179 bl = 0; 180 while (p < e) { 181 o = *p++; 182 switch (o) { 183 case DHO_PAD: 184 /* No length to read */ 185 continue; 186 case DHO_END: 187 if (overl & 1) { 188 /* bit 1 set means parse boot file */ 189 overl = (uint8_t)(overl & ~1); 190 p = bootp->file; 191 e = p + sizeof(bootp->file); 192 } else if (overl & 2) { 193 /* bit 2 set means parse server name */ 194 overl = (uint8_t)(overl & ~2); 195 p = bootp->sname; 196 e = p + sizeof(bootp->sname); 197 } else 198 goto exit; 199 /* No length to read */ 200 continue; 201 } 202 203 /* Check we can read the length */ 204 if (p == e) { 205 errno = EINVAL; 206 return NULL; 207 } 208 l = *p++; 209 210 if (o == DHO_OPTSOVERLOADED) { 211 /* Ensure we only get this option once by setting 212 * the last bit as well as the value. 213 * This is valid because only the first two bits 214 * actually mean anything in RFC2132 Section 9.3 */ 215 if (l == 1 && !overl) 216 overl = 0x80 | p[0]; 217 } 218 219 if (o == opt) { 220 if (op) { 221 /* We must concatonate the options. */ 222 if (bl + l > ctx->opt_buffer_len) { 223 size_t pos; 224 uint8_t *nb; 225 226 if (bp) 227 pos = (size_t) 228 (bp - ctx->opt_buffer); 229 else 230 pos = 0; 231 nb = realloc(ctx->opt_buffer, bl + l); 232 if (nb == NULL) 233 return NULL; 234 ctx->opt_buffer = nb; 235 ctx->opt_buffer_len = bl + l; 236 bp = ctx->opt_buffer + pos; 237 } 238 if (bp == NULL) 239 bp = ctx->opt_buffer; 240 memcpy(bp, op, ol); 241 bp += ol; 242 } 243 ol = l; 244 if (p + ol >= e) { 245 errno = EINVAL; 246 return NULL; 247 } 248 op = p; 249 bl += ol; 250 } 251 p += l; 252 } 253 254 exit: 255 if (opt_len) 256 *opt_len = bl; 257 if (bp) { 258 memcpy(bp, op, ol); 259 return (const uint8_t *)ctx->opt_buffer; 260 } 261 if (op) 262 return op; 263 errno = ENOENT; 264 return NULL; 265 } 266 267 static int 268 get_option_addr(struct dhcpcd_ctx *ctx, 269 struct in_addr *a, const struct bootp *bootp, size_t bootp_len, 270 uint8_t option) 271 { 272 const uint8_t *p; 273 size_t len; 274 275 p = get_option(ctx, bootp, bootp_len, option, &len); 276 if (!p || len < (ssize_t)sizeof(a->s_addr)) 277 return -1; 278 memcpy(&a->s_addr, p, sizeof(a->s_addr)); 279 return 0; 280 } 281 282 static int 283 get_option_uint32(struct dhcpcd_ctx *ctx, 284 uint32_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 285 { 286 const uint8_t *p; 287 size_t len; 288 uint32_t d; 289 290 p = get_option(ctx, bootp, bootp_len, option, &len); 291 if (!p || len < (ssize_t)sizeof(d)) 292 return -1; 293 memcpy(&d, p, sizeof(d)); 294 if (i) 295 *i = ntohl(d); 296 return 0; 297 } 298 299 static int 300 get_option_uint16(struct dhcpcd_ctx *ctx, 301 uint16_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 302 { 303 const uint8_t *p; 304 size_t len; 305 uint16_t d; 306 307 p = get_option(ctx, bootp, bootp_len, option, &len); 308 if (!p || len < (ssize_t)sizeof(d)) 309 return -1; 310 memcpy(&d, p, sizeof(d)); 311 if (i) 312 *i = ntohs(d); 313 return 0; 314 } 315 316 static int 317 get_option_uint8(struct dhcpcd_ctx *ctx, 318 uint8_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option) 319 { 320 const uint8_t *p; 321 size_t len; 322 323 p = get_option(ctx, bootp, bootp_len, option, &len); 324 if (!p || len < (ssize_t)sizeof(*p)) 325 return -1; 326 if (i) 327 *i = *(p); 328 return 0; 329 } 330 331 ssize_t 332 decode_rfc3442(char *out, size_t len, const uint8_t *p, size_t pl) 333 { 334 const uint8_t *e; 335 size_t bytes = 0, ocets; 336 int b; 337 uint8_t cidr; 338 struct in_addr addr; 339 char *o = out; 340 341 /* Minimum is 5 -first is CIDR and a router length of 4 */ 342 if (pl < 5) { 343 errno = EINVAL; 344 return -1; 345 } 346 347 e = p + pl; 348 while (p < e) { 349 cidr = *p++; 350 if (cidr > 32) { 351 errno = EINVAL; 352 return -1; 353 } 354 ocets = (size_t)(cidr + 7) / NBBY; 355 if (p + 4 + ocets > e) { 356 errno = ERANGE; 357 return -1; 358 } 359 if (!out) { 360 p += 4 + ocets; 361 bytes += ((4 * 4) * 2) + 4; 362 continue; 363 } 364 if ((((4 * 4) * 2) + 4) > len) { 365 errno = ENOBUFS; 366 return -1; 367 } 368 if (o != out) { 369 *o++ = ' '; 370 len--; 371 } 372 /* If we have ocets then we have a destination and netmask */ 373 if (ocets > 0) { 374 addr.s_addr = 0; 375 memcpy(&addr.s_addr, p, ocets); 376 b = snprintf(o, len, "%s/%d", inet_ntoa(addr), cidr); 377 p += ocets; 378 } else 379 b = snprintf(o, len, "0.0.0.0/0"); 380 o += b; 381 len -= (size_t)b; 382 383 /* Finally, snag the router */ 384 memcpy(&addr.s_addr, p, 4); 385 p += 4; 386 b = snprintf(o, len, " %s", inet_ntoa(addr)); 387 o += b; 388 len -= (size_t)b; 389 } 390 391 if (out) 392 return o - out; 393 return (ssize_t)bytes; 394 } 395 396 static int 397 decode_rfc3442_rt(struct rt_head *routes, struct interface *ifp, 398 const uint8_t *data, size_t dl, const struct bootp *bootp) 399 { 400 const uint8_t *p = data; 401 const uint8_t *e; 402 uint8_t cidr; 403 size_t ocets; 404 struct rt *rt = NULL; 405 struct in_addr dest, netmask, gateway; 406 int n; 407 408 /* Minimum is 5 -first is CIDR and a router length of 4 */ 409 if (dl < 5) { 410 errno = EINVAL; 411 return -1; 412 } 413 414 n = 0; 415 e = p + dl; 416 while (p < e) { 417 cidr = *p++; 418 if (cidr > 32) { 419 errno = EINVAL; 420 return -1; 421 } 422 423 ocets = (size_t)(cidr + 7) / NBBY; 424 if (p + 4 + ocets > e) { 425 errno = ERANGE; 426 return -1; 427 } 428 429 if ((rt = rt_new(ifp)) == NULL) 430 return -1; 431 432 /* If we have ocets then we have a destination and netmask */ 433 dest.s_addr = 0; 434 if (ocets > 0) { 435 memcpy(&dest.s_addr, p, ocets); 436 p += ocets; 437 netmask.s_addr = htonl(~0U << (32 - cidr)); 438 } else 439 netmask.s_addr = 0; 440 441 /* Finally, snag the router */ 442 memcpy(&gateway.s_addr, p, 4); 443 p += 4; 444 445 /* A host route is normally set by having the 446 * gateway match the destination or assigned address */ 447 if (gateway.s_addr == dest.s_addr || 448 (gateway.s_addr == bootp->yiaddr || 449 gateway.s_addr == bootp->ciaddr)) 450 { 451 gateway.s_addr = INADDR_ANY; 452 netmask.s_addr = INADDR_BROADCAST; 453 rt->rt_flags = RTF_HOST; 454 } 455 456 sa_in_init(&rt->rt_dest, &dest); 457 sa_in_init(&rt->rt_netmask, &netmask); 458 sa_in_init(&rt->rt_gateway, &gateway); 459 460 /* If CIDR is 32 then it's a host route. */ 461 if (cidr == 32) 462 rt->rt_flags = RTF_HOST; 463 464 TAILQ_INSERT_TAIL(routes, rt, rt_next); 465 n++; 466 } 467 return n; 468 } 469 470 char * 471 decode_rfc3361(const uint8_t *data, size_t dl) 472 { 473 uint8_t enc; 474 size_t l; 475 ssize_t r; 476 char *sip = NULL; 477 struct in_addr addr; 478 char *p; 479 480 if (dl < 2) { 481 errno = EINVAL; 482 return 0; 483 } 484 485 enc = *data++; 486 dl--; 487 switch (enc) { 488 case 0: 489 if ((r = decode_rfc1035(NULL, 0, data, dl)) > 0) { 490 l = (size_t)r + 1; 491 sip = malloc(l); 492 if (sip == NULL) 493 return 0; 494 decode_rfc1035(sip, l, data, dl); 495 } 496 break; 497 case 1: 498 if (dl == 0 || dl % 4 != 0) { 499 errno = EINVAL; 500 break; 501 } 502 addr.s_addr = INADDR_BROADCAST; 503 l = ((dl / sizeof(addr.s_addr)) * ((4 * 4) + 1)) + 1; 504 sip = p = malloc(l); 505 if (sip == NULL) 506 return 0; 507 while (dl != 0) { 508 memcpy(&addr.s_addr, data, sizeof(addr.s_addr)); 509 data += sizeof(addr.s_addr); 510 p += snprintf(p, l - (size_t)(p - sip), 511 "%s ", inet_ntoa(addr)); 512 dl -= sizeof(addr.s_addr); 513 } 514 *--p = '\0'; 515 break; 516 default: 517 errno = EINVAL; 518 return 0; 519 } 520 521 return sip; 522 } 523 524 static char * 525 get_option_string(struct dhcpcd_ctx *ctx, 526 const struct bootp *bootp, size_t bootp_len, uint8_t option) 527 { 528 size_t len; 529 const uint8_t *p; 530 char *s; 531 532 p = get_option(ctx, bootp, bootp_len, option, &len); 533 if (!p || len == 0 || *p == '\0') 534 return NULL; 535 536 s = malloc(sizeof(char) * (len + 1)); 537 if (s) { 538 memcpy(s, p, len); 539 s[len] = '\0'; 540 } 541 return s; 542 } 543 544 /* This calculates the netmask that we should use for static routes. 545 * This IS different from the calculation used to calculate the netmask 546 * for an interface address. */ 547 static uint32_t 548 route_netmask(uint32_t ip_in) 549 { 550 /* used to be unsigned long - check if error */ 551 uint32_t p = ntohl(ip_in); 552 uint32_t t; 553 554 if (IN_CLASSA(p)) 555 t = ~IN_CLASSA_NET; 556 else { 557 if (IN_CLASSB(p)) 558 t = ~IN_CLASSB_NET; 559 else { 560 if (IN_CLASSC(p)) 561 t = ~IN_CLASSC_NET; 562 else 563 t = 0; 564 } 565 } 566 567 while (t & p) 568 t >>= 1; 569 570 return (htonl(~t)); 571 } 572 573 /* We need to obey routing options. 574 * If we have a CSR then we only use that. 575 * Otherwise we add static routes and then routers. */ 576 static int 577 get_option_routes(struct rt_head *routes, struct interface *ifp, 578 const struct bootp *bootp, size_t bootp_len) 579 { 580 struct if_options *ifo = ifp->options; 581 const uint8_t *p; 582 const uint8_t *e; 583 struct rt *rt = NULL; 584 struct in_addr dest, netmask, gateway; 585 size_t len; 586 const char *csr = ""; 587 int n; 588 589 /* If we have CSR's then we MUST use these only */ 590 if (!has_option_mask(ifo->nomask, DHO_CSR)) 591 p = get_option(ifp->ctx, bootp, bootp_len, DHO_CSR, &len); 592 else 593 p = NULL; 594 /* Check for crappy MS option */ 595 if (!p && !has_option_mask(ifo->nomask, DHO_MSCSR)) { 596 p = get_option(ifp->ctx, bootp, bootp_len, DHO_MSCSR, &len); 597 if (p) 598 csr = "MS "; 599 } 600 if (p && (n = decode_rfc3442_rt(routes, ifp, p, len, bootp)) != -1) { 601 const struct dhcp_state *state; 602 603 state = D_CSTATE(ifp); 604 if (!(ifo->options & DHCPCD_CSR_WARNED) && 605 !(state->added & STATE_FAKE)) 606 { 607 logdebugx("%s: using %sClassless Static Routes", 608 ifp->name, csr); 609 ifo->options |= DHCPCD_CSR_WARNED; 610 } 611 return n; 612 } 613 614 n = 0; 615 /* OK, get our static routes first. */ 616 if (!has_option_mask(ifo->nomask, DHO_STATICROUTE)) 617 p = get_option(ifp->ctx, bootp, bootp_len, 618 DHO_STATICROUTE, &len); 619 else 620 p = NULL; 621 /* RFC 2131 Section 5.8 states length MUST be in multiples of 8 */ 622 if (p && len % 8 == 0) { 623 e = p + len; 624 while (p < e) { 625 memcpy(&dest.s_addr, p, sizeof(dest.s_addr)); 626 p += 4; 627 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 628 p += 4; 629 /* RFC 2131 Section 5.8 states default route is 630 * illegal */ 631 if (gateway.s_addr == INADDR_ANY) 632 continue; 633 if ((rt = rt_new(ifp)) == NULL) 634 return -1; 635 636 /* A host route is normally set by having the 637 * gateway match the destination or assigned address */ 638 if (gateway.s_addr == dest.s_addr || 639 (gateway.s_addr == bootp->yiaddr || 640 gateway.s_addr == bootp->ciaddr)) 641 { 642 gateway.s_addr = INADDR_ANY; 643 netmask.s_addr = INADDR_BROADCAST; 644 rt->rt_flags = RTF_HOST; 645 } else 646 netmask.s_addr = route_netmask(dest.s_addr); 647 sa_in_init(&rt->rt_dest, &dest); 648 sa_in_init(&rt->rt_netmask, &netmask); 649 sa_in_init(&rt->rt_gateway, &gateway); 650 TAILQ_INSERT_TAIL(routes, rt, rt_next); 651 n++; 652 } 653 } 654 655 /* Now grab our routers */ 656 if (!has_option_mask(ifo->nomask, DHO_ROUTER)) 657 p = get_option(ifp->ctx, bootp, bootp_len, DHO_ROUTER, &len); 658 else 659 p = NULL; 660 if (p) { 661 e = p + len; 662 dest.s_addr = INADDR_ANY; 663 netmask.s_addr = INADDR_ANY; 664 while (p < e) { 665 if ((rt = rt_new(ifp)) == NULL) 666 return -1; 667 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr)); 668 p += 4; 669 sa_in_init(&rt->rt_dest, &dest); 670 sa_in_init(&rt->rt_netmask, &netmask); 671 sa_in_init(&rt->rt_gateway, &gateway); 672 TAILQ_INSERT_TAIL(routes, rt, rt_next); 673 n++; 674 } 675 } 676 677 return n; 678 } 679 680 uint16_t 681 dhcp_get_mtu(const struct interface *ifp) 682 { 683 const struct dhcp_state *state; 684 uint16_t mtu; 685 686 if (ifp->options->mtu) 687 return (uint16_t)ifp->options->mtu; 688 mtu = 0; /* bogus gcc warning */ 689 if ((state = D_CSTATE(ifp)) == NULL || 690 has_option_mask(ifp->options->nomask, DHO_MTU) || 691 get_option_uint16(ifp->ctx, &mtu, 692 state->new, state->new_len, DHO_MTU) == -1) 693 return 0; 694 return mtu; 695 } 696 697 /* Grab our routers from the DHCP message and apply any MTU value 698 * the message contains */ 699 int 700 dhcp_get_routes(struct rt_head *routes, struct interface *ifp) 701 { 702 const struct dhcp_state *state; 703 704 if ((state = D_CSTATE(ifp)) == NULL || !(state->added & STATE_ADDED)) 705 return 0; 706 return get_option_routes(routes, ifp, state->new, state->new_len); 707 } 708 709 /* Assumes DHCP options */ 710 static int 711 dhcp_message_add_addr(struct bootp *bootp, 712 uint8_t type, struct in_addr addr) 713 { 714 uint8_t *p; 715 size_t len; 716 717 p = bootp->vend; 718 while (*p != DHO_END) { 719 p++; 720 p += *p + 1; 721 } 722 723 len = (size_t)(p - bootp->vend); 724 if (len + 6 > sizeof(bootp->vend)) { 725 errno = ENOMEM; 726 return -1; 727 } 728 729 *p++ = type; 730 *p++ = 4; 731 memcpy(p, &addr.s_addr, 4); 732 p += 4; 733 *p = DHO_END; 734 return 0; 735 } 736 737 static ssize_t 738 make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type) 739 { 740 struct bootp *bootp; 741 uint8_t *lp, *p, *e; 742 uint8_t *n_params = NULL; 743 uint32_t ul; 744 uint16_t sz; 745 size_t len, i; 746 const struct dhcp_opt *opt; 747 struct if_options *ifo = ifp->options; 748 const struct dhcp_state *state = D_CSTATE(ifp); 749 const struct dhcp_lease *lease = &state->lease; 750 char hbuf[HOSTNAME_MAX_LEN + 1]; 751 const char *hostname; 752 const struct vivco *vivco; 753 int mtu; 754 #ifdef AUTH 755 uint8_t *auth, auth_len; 756 #endif 757 758 if ((mtu = if_getmtu(ifp)) == -1) 759 logerr("%s: if_getmtu", ifp->name); 760 else if (mtu < MTU_MIN) { 761 if (if_setmtu(ifp, MTU_MIN) == -1) 762 logerr("%s: if_setmtu", ifp->name); 763 mtu = MTU_MIN; 764 } 765 766 if (ifo->options & DHCPCD_BOOTP) 767 bootp = calloc(1, sizeof (*bootp)); 768 else 769 /* Make the maximal message we could send */ 770 bootp = calloc(1, (size_t)(mtu - IP_UDP_SIZE)); 771 772 if (bootp == NULL) 773 return -1; 774 *bootpm = bootp; 775 776 if (state->addr != NULL && 777 (type == DHCP_INFORM || type == DHCP_RELEASE || 778 (type == DHCP_REQUEST && 779 state->addr->mask.s_addr == lease->mask.s_addr && 780 (state->new == NULL || IS_DHCP(state->new)) && 781 !(state->added & STATE_FAKE)))) 782 bootp->ciaddr = state->addr->addr.s_addr; 783 784 bootp->op = BOOTREQUEST; 785 bootp->htype = (uint8_t)ifp->family; 786 switch (ifp->family) { 787 case ARPHRD_ETHER: 788 case ARPHRD_IEEE802: 789 bootp->hlen = (uint8_t)ifp->hwlen; 790 memcpy(&bootp->chaddr, &ifp->hwaddr, ifp->hwlen); 791 break; 792 } 793 794 if (ifo->options & DHCPCD_BROADCAST && 795 bootp->ciaddr == 0 && 796 type != DHCP_DECLINE && 797 type != DHCP_RELEASE) 798 bootp->flags = htons(BROADCAST_FLAG); 799 800 if (type != DHCP_DECLINE && type != DHCP_RELEASE) { 801 struct timespec tv; 802 803 clock_gettime(CLOCK_MONOTONIC, &tv); 804 timespecsub(&tv, &state->started, &tv); 805 if (tv.tv_sec < 0 || tv.tv_sec > (time_t)UINT16_MAX) 806 bootp->secs = htons((uint16_t)UINT16_MAX); 807 else 808 bootp->secs = htons((uint16_t)tv.tv_sec); 809 } 810 811 bootp->xid = htonl(state->xid); 812 813 if (ifo->options & DHCPCD_BOOTP) 814 return sizeof(*bootp); 815 816 p = bootp->vend; 817 e = (uint8_t *)bootp + (mtu - IP_UDP_SIZE) - 1; /* -1 for DHO_END */ 818 819 ul = htonl(MAGIC_COOKIE); 820 memcpy(p, &ul, sizeof(ul)); 821 p += sizeof(ul); 822 823 *p++ = DHO_MESSAGETYPE; 824 *p++ = 1; 825 *p++ = type; 826 827 #define AREA_LEFT (size_t)(e - p) 828 #define AREA_FIT(s) if ((s) > AREA_LEFT) goto toobig 829 #define AREA_CHECK(s) if ((s) + 2UL > AREA_LEFT) goto toobig 830 #define PUT_ADDR(o, a) do { \ 831 AREA_CHECK(4); \ 832 *p++ = (o); \ 833 *p++ = 4; \ 834 memcpy(p, &(a)->s_addr, 4); \ 835 p += 4; \ 836 } while (0 /* CONSTCOND */) 837 838 if (state->clientid) { 839 AREA_CHECK(state->clientid[0]); 840 *p++ = DHO_CLIENTID; 841 memcpy(p, state->clientid, (size_t)state->clientid[0] + 1); 842 p += state->clientid[0] + 1; 843 } 844 845 if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) { 846 if (type == DHCP_DECLINE || 847 (type == DHCP_REQUEST && 848 (state->addr == NULL || 849 state->added & STATE_FAKE || 850 lease->addr.s_addr != state->addr->addr.s_addr))) 851 { 852 PUT_ADDR(DHO_IPADDRESS, &lease->addr); 853 if (lease->server.s_addr) 854 PUT_ADDR(DHO_SERVERID, &lease->server); 855 } 856 857 if (type == DHCP_RELEASE) { 858 if (lease->server.s_addr) 859 PUT_ADDR(DHO_SERVERID, &lease->server); 860 } 861 } 862 863 if (type == DHCP_DECLINE) { 864 len = strlen(DAD); 865 if (len > AREA_LEFT) { 866 *p++ = DHO_MESSAGE; 867 *p++ = (uint8_t)len; 868 memcpy(p, DAD, len); 869 p += len; 870 } 871 } 872 873 if (type == DHCP_DISCOVER && 874 !(ifp->ctx->options & DHCPCD_TEST) && 875 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT)) 876 { 877 /* RFC 4039 Section 3 */ 878 AREA_CHECK(0); 879 *p++ = DHO_RAPIDCOMMIT; 880 *p++ = 0; 881 } 882 883 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_REQUEST) 884 PUT_ADDR(DHO_IPADDRESS, &ifo->req_addr); 885 886 /* RFC 2563 Auto Configure */ 887 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_IPV4LL) { 888 AREA_CHECK(1); 889 *p++ = DHO_AUTOCONFIGURE; 890 *p++ = 1; 891 *p++ = 1; 892 } 893 894 if (type == DHCP_DISCOVER || 895 type == DHCP_INFORM || 896 type == DHCP_REQUEST) 897 { 898 if (mtu != -1) { 899 AREA_CHECK(2); 900 *p++ = DHO_MAXMESSAGESIZE; 901 *p++ = 2; 902 sz = htons((uint16_t)(mtu - IP_UDP_SIZE)); 903 memcpy(p, &sz, 2); 904 p += 2; 905 } 906 907 if (ifo->userclass[0]) { 908 AREA_CHECK(ifo->userclass[0]); 909 *p++ = DHO_USERCLASS; 910 memcpy(p, ifo->userclass, 911 (size_t)ifo->userclass[0] + 1); 912 p += ifo->userclass[0] + 1; 913 } 914 915 if (ifo->vendorclassid[0]) { 916 AREA_CHECK(ifo->vendorclassid[0]); 917 *p++ = DHO_VENDORCLASSID; 918 memcpy(p, ifo->vendorclassid, 919 (size_t)ifo->vendorclassid[0] + 1); 920 p += ifo->vendorclassid[0] + 1; 921 } 922 923 if (ifo->mudurl[0]) { 924 AREA_CHECK(ifo->mudurl[0]); 925 *p++ = DHO_MUDURL; 926 memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1); 927 p += ifo->mudurl[0] + 1; 928 } 929 930 if (type != DHCP_INFORM) { 931 if (ifo->leasetime != 0) { 932 AREA_CHECK(4); 933 *p++ = DHO_LEASETIME; 934 *p++ = 4; 935 ul = htonl(ifo->leasetime); 936 memcpy(p, &ul, 4); 937 p += 4; 938 } 939 } 940 941 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo); 942 943 /* 944 * RFC4702 3.1 States that if we send the Client FQDN option 945 * then we MUST NOT also send the Host Name option. 946 * Technically we could, but that is not RFC conformant and 947 * also seems to break some DHCP server implemetations such as 948 * Windows. On the other hand, ISC dhcpd is just as non RFC 949 * conformant by not accepting a partially qualified FQDN. 950 */ 951 if (ifo->fqdn != FQDN_DISABLE) { 952 /* IETF DHC-FQDN option (81), RFC4702 */ 953 i = 3; 954 if (hostname) 955 i += encode_rfc1035(hostname, NULL); 956 AREA_CHECK(i); 957 *p++ = DHO_FQDN; 958 *p++ = (uint8_t)i; 959 /* 960 * Flags: 0000NEOS 961 * S: 1 => Client requests Server to update 962 * a RR in DNS as well as PTR 963 * O: 1 => Server indicates to client that 964 * DNS has been updated 965 * E: 1 => Name data is DNS format 966 * N: 1 => Client requests Server to not 967 * update DNS 968 */ 969 if (hostname) 970 *p++ = (uint8_t)((ifo->fqdn & 0x09) | 0x04); 971 else 972 *p++ = (FQDN_NONE & 0x09) | 0x04; 973 *p++ = 0; /* from server for PTR RR */ 974 *p++ = 0; /* from server for A RR if S=1 */ 975 if (hostname) { 976 i = encode_rfc1035(hostname, p); 977 p += i; 978 } 979 } else if (ifo->options & DHCPCD_HOSTNAME && hostname) { 980 len = strlen(hostname); 981 AREA_CHECK(len); 982 *p++ = DHO_HOSTNAME; 983 *p++ = (uint8_t)len; 984 memcpy(p, hostname, len); 985 p += len; 986 } 987 988 /* vendor is already encoded correctly, so just add it */ 989 if (ifo->vendor[0]) { 990 AREA_CHECK(ifo->vendor[0]); 991 *p++ = DHO_VENDOR; 992 memcpy(p, ifo->vendor, (size_t)ifo->vendor[0] + 1); 993 p += ifo->vendor[0] + 1; 994 } 995 996 #ifdef AUTH 997 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != 998 DHCPCD_AUTH_SENDREQUIRE) 999 { 1000 /* We support HMAC-MD5 */ 1001 AREA_CHECK(1); 1002 *p++ = DHO_FORCERENEW_NONCE; 1003 *p++ = 1; 1004 *p++ = AUTH_ALG_HMAC_MD5; 1005 } 1006 #endif 1007 1008 if (ifo->vivco_len) { 1009 AREA_CHECK(sizeof(ul)); 1010 *p++ = DHO_VIVCO; 1011 lp = p++; 1012 *lp = sizeof(ul); 1013 ul = htonl(ifo->vivco_en); 1014 memcpy(p, &ul, sizeof(ul)); 1015 p += sizeof(ul); 1016 for (i = 0, vivco = ifo->vivco; 1017 i < ifo->vivco_len; 1018 i++, vivco++) 1019 { 1020 AREA_FIT(vivco->len); 1021 if (vivco->len + 2 + *lp > 255) { 1022 logerrx("%s: VIVCO option too big", 1023 ifp->name); 1024 free(bootp); 1025 return -1; 1026 } 1027 *p++ = (uint8_t)vivco->len; 1028 memcpy(p, vivco->data, vivco->len); 1029 p += vivco->len; 1030 *lp = (uint8_t)(*lp + vivco->len + 1); 1031 } 1032 } 1033 1034 AREA_CHECK(0); 1035 *p++ = DHO_PARAMETERREQUESTLIST; 1036 n_params = p; 1037 *p++ = 0; 1038 for (i = 0, opt = ifp->ctx->dhcp_opts; 1039 i < ifp->ctx->dhcp_opts_len; 1040 i++, opt++) 1041 { 1042 if (!(opt->type & OT_REQUEST || 1043 has_option_mask(ifo->requestmask, opt->option))) 1044 continue; 1045 if (opt->type & OT_NOREQ) 1046 continue; 1047 if (type == DHCP_INFORM && 1048 (opt->option == DHO_RENEWALTIME || 1049 opt->option == DHO_REBINDTIME)) 1050 continue; 1051 AREA_FIT(1); 1052 *p++ = (uint8_t)opt->option; 1053 } 1054 for (i = 0, opt = ifo->dhcp_override; 1055 i < ifo->dhcp_override_len; 1056 i++, opt++) 1057 { 1058 /* Check if added above */ 1059 for (lp = n_params + 1; lp < p; lp++) 1060 if (*lp == (uint8_t)opt->option) 1061 break; 1062 if (lp < p) 1063 continue; 1064 if (!(opt->type & OT_REQUEST || 1065 has_option_mask(ifo->requestmask, opt->option))) 1066 continue; 1067 if (opt->type & OT_NOREQ) 1068 continue; 1069 if (type == DHCP_INFORM && 1070 (opt->option == DHO_RENEWALTIME || 1071 opt->option == DHO_REBINDTIME)) 1072 continue; 1073 AREA_FIT(1); 1074 *p++ = (uint8_t)opt->option; 1075 } 1076 *n_params = (uint8_t)(p - n_params - 1); 1077 } 1078 1079 #ifdef AUTH 1080 auth = NULL; /* appease GCC */ 1081 auth_len = 0; 1082 if (ifo->auth.options & DHCPCD_AUTH_SEND) { 1083 ssize_t alen = dhcp_auth_encode(&ifo->auth, 1084 state->auth.token, 1085 NULL, 0, 4, type, NULL, 0); 1086 if (alen != -1 && alen > UINT8_MAX) { 1087 errno = ERANGE; 1088 alen = -1; 1089 } 1090 if (alen == -1) 1091 logerr("%s: dhcp_auth_encode", ifp->name); 1092 else if (alen != 0) { 1093 auth_len = (uint8_t)alen; 1094 AREA_CHECK(auth_len); 1095 *p++ = DHO_AUTHENTICATION; 1096 *p++ = auth_len; 1097 auth = p; 1098 p += auth_len; 1099 } 1100 } 1101 #endif 1102 1103 *p++ = DHO_END; 1104 len = (size_t)(p - (uint8_t *)bootp); 1105 1106 /* Pad out to the BOOTP message length. 1107 * Even if we send a DHCP packet with a variable length vendor area, 1108 * some servers / relay agents don't like packets smaller than 1109 * a BOOTP message which is fine because that's stipulated 1110 * in RFC1542 section 2.1. */ 1111 while (len < sizeof(*bootp)) { 1112 *p++ = DHO_PAD; 1113 len++; 1114 } 1115 1116 #ifdef AUTH 1117 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) 1118 dhcp_auth_encode(&ifo->auth, state->auth.token, 1119 (uint8_t *)bootp, len, 4, type, auth, auth_len); 1120 #endif 1121 1122 return (ssize_t)len; 1123 1124 toobig: 1125 logerrx("%s: DHCP message too big", ifp->name); 1126 free(bootp); 1127 return -1; 1128 } 1129 1130 static ssize_t 1131 write_lease(const struct interface *ifp, const struct bootp *bootp, size_t len) 1132 { 1133 int fd; 1134 ssize_t bytes; 1135 const struct dhcp_state *state = D_CSTATE(ifp); 1136 1137 logdebugx("%s: writing lease `%s'", ifp->name, state->leasefile); 1138 1139 fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644); 1140 if (fd == -1) 1141 return -1; 1142 bytes = write(fd, bootp, len); 1143 close(fd); 1144 return bytes; 1145 } 1146 1147 static size_t 1148 read_lease(struct interface *ifp, struct bootp **bootp) 1149 { 1150 int fd; 1151 bool fd_opened; 1152 struct dhcp_state *state = D_STATE(ifp); 1153 struct bootp *lease; 1154 size_t bytes; 1155 uint8_t type; 1156 #ifdef AUTH 1157 const uint8_t *auth; 1158 size_t auth_len; 1159 #endif 1160 1161 /* Safety */ 1162 *bootp = NULL; 1163 1164 if (state->leasefile[0] == '\0') { 1165 fd = fileno(stdin); 1166 fd_opened = false; 1167 } else { 1168 fd = open(state->leasefile, O_RDONLY); 1169 fd_opened = true; 1170 } 1171 if (fd == -1) { 1172 if (errno != ENOENT) 1173 logerr("%s: open `%s'", 1174 ifp->name, state->leasefile); 1175 return 0; 1176 } 1177 if (state->leasefile[0] == '\0') 1178 logdebugx("reading standard input"); 1179 else 1180 logdebugx("%s: reading lease `%s'", 1181 ifp->name, state->leasefile); 1182 1183 bytes = dhcp_read_lease_fd(fd, (void **)&lease); 1184 if (fd_opened) 1185 close(fd); 1186 if (bytes == 0) { 1187 free(lease); 1188 logerr("%s: dhcp_read_lease_fd", __func__); 1189 return 0; 1190 } 1191 1192 /* Ensure the packet is at lease BOOTP sized 1193 * with a vendor area of 4 octets 1194 * (it should be more, and our read packet enforces this so this 1195 * code should not be needed, but of course people could 1196 * scribble whatever in the stored lease file. */ 1197 if (bytes < offsetof(struct bootp, vend) + 4) { 1198 free(lease); 1199 logerrx("%s: %s: truncated lease", ifp->name, __func__); 1200 return 0; 1201 } 1202 1203 if (ifp->ctx->options & DHCPCD_DUMPLEASE) 1204 goto out; 1205 1206 /* We may have found a BOOTP server */ 1207 if (get_option_uint8(ifp->ctx, &type, (struct bootp *)lease, bytes, 1208 DHO_MESSAGETYPE) == -1) 1209 type = 0; 1210 1211 #ifdef AUTH 1212 /* Authenticate the message */ 1213 auth = get_option(ifp->ctx, (struct bootp *)lease, bytes, 1214 DHO_AUTHENTICATION, &auth_len); 1215 if (auth) { 1216 if (dhcp_auth_validate(&state->auth, &ifp->options->auth, 1217 lease, bytes, 4, type, auth, auth_len) == NULL) 1218 { 1219 logerr("%s: authentication failed", ifp->name); 1220 free(lease); 1221 return 0; 1222 } 1223 if (state->auth.token) 1224 logdebugx("%s: validated using 0x%08" PRIu32, 1225 ifp->name, state->auth.token->secretid); 1226 else 1227 logdebugx("%s: accepted reconfigure key", ifp->name); 1228 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) == 1229 DHCPCD_AUTH_SENDREQUIRE) 1230 { 1231 logerrx("%s: authentication now required", ifp->name); 1232 free(lease); 1233 return 0; 1234 } 1235 #endif 1236 1237 out: 1238 *bootp = (struct bootp *)lease; 1239 return bytes; 1240 } 1241 1242 static const struct dhcp_opt * 1243 dhcp_getoverride(const struct if_options *ifo, unsigned int o) 1244 { 1245 size_t i; 1246 const struct dhcp_opt *opt; 1247 1248 for (i = 0, opt = ifo->dhcp_override; 1249 i < ifo->dhcp_override_len; 1250 i++, opt++) 1251 { 1252 if (opt->option == o) 1253 return opt; 1254 } 1255 return NULL; 1256 } 1257 1258 static const uint8_t * 1259 dhcp_getoption(struct dhcpcd_ctx *ctx, 1260 size_t *os, unsigned int *code, size_t *len, 1261 const uint8_t *od, size_t ol, struct dhcp_opt **oopt) 1262 { 1263 size_t i; 1264 struct dhcp_opt *opt; 1265 1266 if (od) { 1267 if (ol < 2) { 1268 errno = EINVAL; 1269 return NULL; 1270 } 1271 *os = 2; /* code + len */ 1272 *code = (unsigned int)*od++; 1273 *len = (size_t)*od++; 1274 if (*len > ol - *os) { 1275 errno = ERANGE; 1276 return NULL; 1277 } 1278 } 1279 1280 *oopt = NULL; 1281 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) { 1282 if (opt->option == *code) { 1283 *oopt = opt; 1284 break; 1285 } 1286 } 1287 1288 return od; 1289 } 1290 1291 ssize_t 1292 dhcp_env(char **env, const char *prefix, 1293 const struct bootp *bootp, size_t bootp_len, 1294 const struct interface *ifp) 1295 { 1296 const struct if_options *ifo; 1297 const uint8_t *p; 1298 struct in_addr addr; 1299 struct in_addr net; 1300 struct in_addr brd; 1301 struct dhcp_opt *opt, *vo; 1302 size_t e, i, pl; 1303 char **ep; 1304 char cidr[4], safe[(BOOTP_FILE_LEN * 4) + 1]; 1305 uint8_t overl = 0; 1306 uint32_t en; 1307 1308 e = 0; 1309 ifo = ifp->options; 1310 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 1311 DHO_OPTSOVERLOADED) == -1) 1312 overl = 0; 1313 1314 if (env == NULL) { 1315 if (bootp->yiaddr || bootp->ciaddr) 1316 e += 5; 1317 if (*bootp->file && !(overl & 1)) 1318 e++; 1319 if (*bootp->sname && !(overl & 2)) 1320 e++; 1321 for (i = 0, opt = ifp->ctx->dhcp_opts; 1322 i < ifp->ctx->dhcp_opts_len; 1323 i++, opt++) 1324 { 1325 if (has_option_mask(ifo->nomask, opt->option)) 1326 continue; 1327 if (dhcp_getoverride(ifo, opt->option)) 1328 continue; 1329 p = get_option(ifp->ctx, bootp, bootp_len, 1330 opt->option, &pl); 1331 if (!p) 1332 continue; 1333 e += dhcp_envoption(ifp->ctx, NULL, NULL, ifp->name, 1334 opt, dhcp_getoption, p, pl); 1335 } 1336 for (i = 0, opt = ifo->dhcp_override; 1337 i < ifo->dhcp_override_len; 1338 i++, opt++) 1339 { 1340 if (has_option_mask(ifo->nomask, opt->option)) 1341 continue; 1342 p = get_option(ifp->ctx, bootp, bootp_len, 1343 opt->option, &pl); 1344 if (!p) 1345 continue; 1346 e += dhcp_envoption(ifp->ctx, NULL, NULL, ifp->name, 1347 opt, dhcp_getoption, p, pl); 1348 } 1349 return (ssize_t)e; 1350 } 1351 1352 ep = env; 1353 if (bootp->yiaddr || bootp->ciaddr) { 1354 /* Set some useful variables that we derive from the DHCP 1355 * message but are not necessarily in the options */ 1356 addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1357 addvar(&ep, prefix, "ip_address", inet_ntoa(addr)); 1358 if (get_option_addr(ifp->ctx, &net, 1359 bootp, bootp_len, DHO_SUBNETMASK) == -1) 1360 { 1361 net.s_addr = ipv4_getnetmask(addr.s_addr); 1362 addvar(&ep, prefix, 1363 "subnet_mask", inet_ntoa(net)); 1364 } 1365 snprintf(cidr, sizeof(cidr), "%d", inet_ntocidr(net)); 1366 addvar(&ep, prefix, "subnet_cidr", cidr); 1367 if (get_option_addr(ifp->ctx, &brd, 1368 bootp, bootp_len, DHO_BROADCAST) == -1) 1369 { 1370 brd.s_addr = addr.s_addr | ~net.s_addr; 1371 addvar(&ep, prefix, 1372 "broadcast_address", inet_ntoa(brd)); 1373 } 1374 addr.s_addr = bootp->yiaddr & net.s_addr; 1375 addvar(&ep, prefix, 1376 "network_number", inet_ntoa(addr)); 1377 } 1378 1379 if (*bootp->file && !(overl & 1)) { 1380 print_string(safe, sizeof(safe), OT_STRING, 1381 bootp->file, sizeof(bootp->file)); 1382 addvar(&ep, prefix, "filename", safe); 1383 } 1384 if (*bootp->sname && !(overl & 2)) { 1385 print_string(safe, sizeof(safe), OT_STRING | OT_DOMAIN, 1386 bootp->sname, sizeof(bootp->sname)); 1387 addvar(&ep, prefix, "server_name", safe); 1388 } 1389 1390 /* Zero our indexes */ 1391 if (env) { 1392 for (i = 0, opt = ifp->ctx->dhcp_opts; 1393 i < ifp->ctx->dhcp_opts_len; 1394 i++, opt++) 1395 dhcp_zero_index(opt); 1396 for (i = 0, opt = ifp->options->dhcp_override; 1397 i < ifp->options->dhcp_override_len; 1398 i++, opt++) 1399 dhcp_zero_index(opt); 1400 for (i = 0, opt = ifp->ctx->vivso; 1401 i < ifp->ctx->vivso_len; 1402 i++, opt++) 1403 dhcp_zero_index(opt); 1404 } 1405 1406 for (i = 0, opt = ifp->ctx->dhcp_opts; 1407 i < ifp->ctx->dhcp_opts_len; 1408 i++, opt++) 1409 { 1410 if (has_option_mask(ifo->nomask, opt->option)) 1411 continue; 1412 if (dhcp_getoverride(ifo, opt->option)) 1413 continue; 1414 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1415 if (p == NULL) 1416 continue; 1417 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name, 1418 opt, dhcp_getoption, p, pl); 1419 1420 if (opt->option != DHO_VIVSO || pl <= (int)sizeof(uint32_t)) 1421 continue; 1422 memcpy(&en, p, sizeof(en)); 1423 en = ntohl(en); 1424 vo = vivso_find(en, ifp); 1425 if (vo == NULL) 1426 continue; 1427 /* Skip over en + total size */ 1428 p += sizeof(en) + 1; 1429 pl -= sizeof(en) + 1; 1430 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name, 1431 vo, dhcp_getoption, p, pl); 1432 } 1433 1434 for (i = 0, opt = ifo->dhcp_override; 1435 i < ifo->dhcp_override_len; 1436 i++, opt++) 1437 { 1438 if (has_option_mask(ifo->nomask, opt->option)) 1439 continue; 1440 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl); 1441 if (p == NULL) 1442 continue; 1443 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name, 1444 opt, dhcp_getoption, p, pl); 1445 } 1446 1447 return ep - env; 1448 } 1449 1450 static void 1451 get_lease(struct interface *ifp, 1452 struct dhcp_lease *lease, const struct bootp *bootp, size_t len) 1453 { 1454 struct dhcpcd_ctx *ctx; 1455 1456 assert(bootp != NULL); 1457 1458 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 1459 /* BOOTP does not set yiaddr for replies when ciaddr is set. */ 1460 lease->addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr; 1461 ctx = ifp->ctx; 1462 if (ifp->options->options & (DHCPCD_STATIC | DHCPCD_INFORM)) { 1463 if (ifp->options->req_addr.s_addr != INADDR_ANY) { 1464 lease->mask = ifp->options->req_mask; 1465 if (ifp->options->req_brd.s_addr != INADDR_ANY) 1466 lease->brd = ifp->options->req_brd; 1467 else 1468 lease->brd.s_addr = 1469 lease->addr.s_addr | ~lease->mask.s_addr; 1470 } else { 1471 const struct ipv4_addr *ia; 1472 1473 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 1474 assert(ia != NULL); 1475 lease->mask = ia->mask; 1476 lease->brd = ia->brd; 1477 } 1478 } else { 1479 if (get_option_addr(ctx, &lease->mask, bootp, len, 1480 DHO_SUBNETMASK) == -1) 1481 lease->mask.s_addr = 1482 ipv4_getnetmask(lease->addr.s_addr); 1483 if (get_option_addr(ctx, &lease->brd, bootp, len, 1484 DHO_BROADCAST) == -1) 1485 lease->brd.s_addr = 1486 lease->addr.s_addr | ~lease->mask.s_addr; 1487 } 1488 if (get_option_uint32(ctx, &lease->leasetime, 1489 bootp, len, DHO_LEASETIME) != 0) 1490 lease->leasetime = ~0U; /* Default to infinite lease */ 1491 if (get_option_uint32(ctx, &lease->renewaltime, 1492 bootp, len, DHO_RENEWALTIME) != 0) 1493 lease->renewaltime = 0; 1494 if (get_option_uint32(ctx, &lease->rebindtime, 1495 bootp, len, DHO_REBINDTIME) != 0) 1496 lease->rebindtime = 0; 1497 if (get_option_addr(ctx, &lease->server, bootp, len, DHO_SERVERID) != 0) 1498 lease->server.s_addr = INADDR_ANY; 1499 } 1500 1501 static const char * 1502 get_dhcp_op(uint8_t type) 1503 { 1504 const struct dhcp_op *d; 1505 1506 for (d = dhcp_ops; d->name; d++) 1507 if (d->value == type) 1508 return d->name; 1509 return NULL; 1510 } 1511 1512 static void 1513 dhcp_fallback(void *arg) 1514 { 1515 struct interface *iface; 1516 1517 iface = (struct interface *)arg; 1518 dhcpcd_selectprofile(iface, iface->options->fallback); 1519 dhcpcd_startinterface(iface); 1520 } 1521 1522 static void 1523 dhcp_new_xid(struct interface *ifp) 1524 { 1525 struct dhcp_state *state; 1526 const struct interface *ifp1; 1527 const struct dhcp_state *state1; 1528 1529 state = D_STATE(ifp); 1530 if (ifp->options->options & DHCPCD_XID_HWADDR && 1531 ifp->hwlen >= sizeof(state->xid)) 1532 /* The lower bits are probably more unique on the network */ 1533 memcpy(&state->xid, 1534 (ifp->hwaddr + ifp->hwlen) - sizeof(state->xid), 1535 sizeof(state->xid)); 1536 else { 1537 again: 1538 state->xid = arc4random(); 1539 } 1540 1541 /* Ensure it's unique */ 1542 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 1543 if (ifp == ifp1) 1544 continue; 1545 if ((state1 = D_CSTATE(ifp1)) == NULL) 1546 continue; 1547 if (state1->xid == state->xid) 1548 break; 1549 } 1550 if (ifp1 != NULL) { 1551 if (ifp->options->options & DHCPCD_XID_HWADDR && 1552 ifp->hwlen >= sizeof(state->xid)) 1553 { 1554 logerrx("%s: duplicate xid on %s", 1555 ifp->name, ifp1->name); 1556 return; 1557 } 1558 goto again; 1559 } 1560 1561 /* We can't do this when sharing leases across interfaes */ 1562 #if 0 1563 /* As the XID changes, re-apply the filter. */ 1564 if (state->bpf_fd != -1) { 1565 if (bpf_bootp(ifp, state->bpf_fd) == -1) 1566 logerr(__func__); /* try to continue */ 1567 } 1568 #endif 1569 } 1570 1571 void 1572 dhcp_close(struct interface *ifp) 1573 { 1574 struct dhcp_state *state = D_STATE(ifp); 1575 1576 if (state == NULL) 1577 return; 1578 1579 if (state->bpf_fd != -1) { 1580 eloop_event_delete(ifp->ctx->eloop, state->bpf_fd); 1581 bpf_close(ifp, state->bpf_fd); 1582 state->bpf_fd = -1; 1583 state->bpf_flags |= BPF_EOF; 1584 } 1585 1586 state->interval = 0; 1587 } 1588 1589 static int 1590 dhcp_openudp(struct interface *ifp) 1591 { 1592 int s; 1593 struct sockaddr_in sin; 1594 int n; 1595 1596 if ((s = xsocket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_UDP)) == -1) 1597 return -1; 1598 1599 n = 1; 1600 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(n)) == -1) 1601 goto eexit; 1602 memset(&sin, 0, sizeof(sin)); 1603 sin.sin_family = AF_INET; 1604 sin.sin_port = htons(BOOTPC); 1605 if (ifp) { 1606 struct dhcp_state *state = D_STATE(ifp); 1607 1608 if (state->addr) 1609 sin.sin_addr.s_addr = state->addr->addr.s_addr; 1610 } 1611 if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1) 1612 goto eexit; 1613 1614 return s; 1615 1616 eexit: 1617 close(s); 1618 return -1; 1619 } 1620 1621 static uint16_t 1622 checksum(const void *data, size_t len) 1623 { 1624 const uint8_t *addr = data; 1625 uint32_t sum = 0; 1626 1627 while (len > 1) { 1628 sum += (uint32_t)(addr[0] * 256 + addr[1]); 1629 addr += 2; 1630 len -= 2; 1631 } 1632 1633 if (len == 1) 1634 sum += (uint32_t)(*addr * 256); 1635 1636 sum = (sum >> 16) + (sum & 0xffff); 1637 sum += (sum >> 16); 1638 1639 return (uint16_t)~htons((uint16_t)sum); 1640 } 1641 1642 static struct bootp_pkt * 1643 dhcp_makeudppacket(size_t *sz, const uint8_t *data, size_t length, 1644 struct in_addr source, struct in_addr dest) 1645 { 1646 struct bootp_pkt *udpp; 1647 struct ip *ip; 1648 struct udphdr *udp; 1649 1650 if ((udpp = calloc(1, sizeof(*ip) + sizeof(*udp) + length)) == NULL) 1651 return NULL; 1652 ip = &udpp->ip; 1653 udp = &udpp->udp; 1654 1655 /* OK, this is important :) 1656 * We copy the data to our packet and then create a small part of the 1657 * ip structure and an invalid ip_len (basically udp length). 1658 * We then fill the udp structure and put the checksum 1659 * of the whole packet into the udp checksum. 1660 * Finally we complete the ip structure and ip checksum. 1661 * If we don't do the ordering like so then the udp checksum will be 1662 * broken, so find another way of doing it! */ 1663 1664 memcpy(&udpp->bootp, data, length); 1665 1666 ip->ip_p = IPPROTO_UDP; 1667 ip->ip_src.s_addr = source.s_addr; 1668 if (dest.s_addr == 0) 1669 ip->ip_dst.s_addr = INADDR_BROADCAST; 1670 else 1671 ip->ip_dst.s_addr = dest.s_addr; 1672 1673 udp->uh_sport = htons(BOOTPC); 1674 udp->uh_dport = htons(BOOTPS); 1675 udp->uh_ulen = htons((uint16_t)(sizeof(*udp) + length)); 1676 ip->ip_len = udp->uh_ulen; 1677 udp->uh_sum = checksum(udpp, sizeof(*ip) + sizeof(*udp) + length); 1678 1679 ip->ip_v = IPVERSION; 1680 ip->ip_hl = sizeof(*ip) >> 2; 1681 ip->ip_id = (uint16_t)arc4random_uniform(UINT16_MAX); 1682 ip->ip_ttl = IPDEFTTL; 1683 ip->ip_len = htons((uint16_t)(sizeof(*ip) + sizeof(*udp) + length)); 1684 ip->ip_sum = checksum(ip, sizeof(*ip)); 1685 1686 *sz = sizeof(*ip) + sizeof(*udp) + length; 1687 return udpp; 1688 } 1689 1690 static ssize_t 1691 dhcp_sendudp(struct interface *ifp, struct in_addr *to, void *data, size_t len) 1692 { 1693 int s; 1694 struct msghdr msg; 1695 struct sockaddr_in sin; 1696 struct iovec iov[1]; 1697 ssize_t r; 1698 #ifdef IP_PKTINFO 1699 uint8_t cmsg[CMSG_SPACE(sizeof(struct in_pktinfo))]; 1700 struct cmsghdr *cm; 1701 struct in_pktinfo ipi; 1702 #endif 1703 1704 iov[0].iov_base = data; 1705 iov[0].iov_len = len; 1706 1707 memset(&sin, 0, sizeof(sin)); 1708 sin.sin_family = AF_INET; 1709 sin.sin_addr = *to; 1710 sin.sin_port = htons(BOOTPS); 1711 #ifdef HAVE_SA_LEN 1712 sin.sin_len = sizeof(sin); 1713 #endif 1714 1715 memset(&msg, 0, sizeof(msg)); 1716 msg.msg_name = (void *)&sin; 1717 msg.msg_namelen = sizeof(sin); 1718 msg.msg_iov = iov; 1719 msg.msg_iovlen = 1; 1720 1721 #ifdef IP_PKTINFO 1722 /* Set the outbound interface */ 1723 msg.msg_control = cmsg; 1724 msg.msg_controllen = sizeof(cmsg); 1725 1726 memset(&ipi, 0, sizeof(ipi)); 1727 ipi.ipi_ifindex = ifp->index; 1728 cm = CMSG_FIRSTHDR(&msg); 1729 if (cm == NULL) { 1730 errno = ESRCH; 1731 return -1; 1732 } 1733 cm->cmsg_level = IPPROTO_IP; 1734 cm->cmsg_type = IP_PKTINFO; 1735 cm->cmsg_len = CMSG_LEN(sizeof(ipi)); 1736 memcpy(CMSG_DATA(cm), &ipi, sizeof(ipi)); 1737 #endif 1738 1739 s = dhcp_openudp(ifp); 1740 if (s == -1) 1741 return -1; 1742 r = sendmsg(s, &msg, 0); 1743 close(s); 1744 return r; 1745 } 1746 1747 static void 1748 send_message(struct interface *ifp, uint8_t type, 1749 void (*callback)(void *)) 1750 { 1751 struct dhcp_state *state = D_STATE(ifp); 1752 struct if_options *ifo = ifp->options; 1753 struct bootp *bootp; 1754 struct bootp_pkt *udp; 1755 size_t len, ulen; 1756 ssize_t r; 1757 struct in_addr from, to; 1758 struct timespec tv; 1759 1760 if (!callback) { 1761 /* No carrier? Don't bother sending the packet. */ 1762 if (ifp->carrier == LINK_DOWN) 1763 return; 1764 logdebugx("%s: sending %s with xid 0x%x", 1765 ifp->name, 1766 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1767 state->xid); 1768 } else { 1769 if (state->interval == 0) 1770 state->interval = 4; 1771 else { 1772 state->interval *= 2; 1773 if (state->interval > 64) 1774 state->interval = 64; 1775 } 1776 tv.tv_sec = state->interval + DHCP_RAND_MIN; 1777 tv.tv_nsec = (suseconds_t)arc4random_uniform( 1778 (DHCP_RAND_MAX - DHCP_RAND_MIN) * NSEC_PER_SEC); 1779 timespecnorm(&tv); 1780 /* No carrier? Don't bother sending the packet. 1781 * However, we do need to advance the timeout. */ 1782 if (ifp->carrier == LINK_DOWN) 1783 goto fail; 1784 logdebugx("%s: sending %s (xid 0x%x), next in %0.1f seconds", 1785 ifp->name, 1786 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type), 1787 state->xid, 1788 timespec_to_double(&tv)); 1789 } 1790 1791 r = make_message(&bootp, ifp, type); 1792 if (r == -1) 1793 goto fail; 1794 len = (size_t)r; 1795 from.s_addr = bootp->ciaddr; 1796 if (from.s_addr != INADDR_ANY) 1797 to.s_addr = state->lease.server.s_addr; 1798 else 1799 to.s_addr = INADDR_ANY; 1800 1801 /* If unicasting, try and void sending by BPF so we don't 1802 * use a L2 broadcast. */ 1803 if (to.s_addr != INADDR_ANY && to.s_addr != INADDR_BROADCAST) { 1804 if (dhcp_sendudp(ifp, &to, bootp, len) != -1) 1805 goto out; 1806 logerr("%s: dhcp_sendudp", ifp->name); 1807 } 1808 1809 if (dhcp_openbpf(ifp) == -1) 1810 goto out; 1811 1812 udp = dhcp_makeudppacket(&ulen, (uint8_t *)bootp, len, from, to); 1813 if (udp == NULL) { 1814 logerr("%s: dhcp_makeudppacket", ifp->name); 1815 r = 0; 1816 } else { 1817 r = bpf_send(ifp, state->bpf_fd, 1818 ETHERTYPE_IP, (uint8_t *)udp, ulen); 1819 free(udp); 1820 } 1821 /* If we failed to send a raw packet this normally means 1822 * we don't have the ability to work beneath the IP layer 1823 * for this interface. 1824 * As such we remove it from consideration without actually 1825 * stopping the interface. */ 1826 if (r == -1) { 1827 logerr("%s: if_sendraw", ifp->name); 1828 switch(errno) { 1829 case ENETDOWN: 1830 case ENETRESET: 1831 case ENETUNREACH: 1832 case ENOBUFS: 1833 break; 1834 default: 1835 if (!(ifp->ctx->options & DHCPCD_TEST)) 1836 dhcp_drop(ifp, "FAIL"); 1837 eloop_timeout_delete(ifp->ctx->eloop, 1838 NULL, ifp); 1839 callback = NULL; 1840 } 1841 } 1842 1843 out: 1844 free(bootp); 1845 1846 fail: 1847 /* Even if we fail to send a packet we should continue as we are 1848 * as our failure timeouts will change out codepath when needed. */ 1849 if (callback) 1850 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, callback, ifp); 1851 } 1852 1853 static void 1854 send_inform(void *arg) 1855 { 1856 1857 send_message((struct interface *)arg, DHCP_INFORM, send_inform); 1858 } 1859 1860 static void 1861 send_discover(void *arg) 1862 { 1863 1864 send_message((struct interface *)arg, DHCP_DISCOVER, send_discover); 1865 } 1866 1867 static void 1868 send_request(void *arg) 1869 { 1870 1871 send_message((struct interface *)arg, DHCP_REQUEST, send_request); 1872 } 1873 1874 static void 1875 send_renew(void *arg) 1876 { 1877 1878 send_message((struct interface *)arg, DHCP_REQUEST, send_renew); 1879 } 1880 1881 static void 1882 send_rebind(void *arg) 1883 { 1884 1885 send_message((struct interface *)arg, DHCP_REQUEST, send_rebind); 1886 } 1887 1888 void 1889 dhcp_discover(void *arg) 1890 { 1891 struct interface *ifp = arg; 1892 struct dhcp_state *state = D_STATE(ifp); 1893 struct if_options *ifo = ifp->options; 1894 1895 state->state = DHS_DISCOVER; 1896 dhcp_new_xid(ifp); 1897 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1898 if (ifo->fallback) 1899 eloop_timeout_add_sec(ifp->ctx->eloop, 1900 ifo->reboot, dhcp_fallback, ifp); 1901 #ifdef IPV4LL 1902 else if (ifo->options & DHCPCD_IPV4LL) 1903 eloop_timeout_add_sec(ifp->ctx->eloop, 1904 ifo->reboot, ipv4ll_start, ifp); 1905 #endif 1906 if (ifo->options & DHCPCD_REQUEST) 1907 loginfox("%s: soliciting a DHCP lease (requesting %s)", 1908 ifp->name, inet_ntoa(ifo->req_addr)); 1909 else 1910 loginfox("%s: soliciting a %s lease", 1911 ifp->name, ifo->options & DHCPCD_BOOTP ? "BOOTP" : "DHCP"); 1912 send_discover(ifp); 1913 } 1914 1915 static void 1916 dhcp_request(void *arg) 1917 { 1918 struct interface *ifp = arg; 1919 struct dhcp_state *state = D_STATE(ifp); 1920 1921 state->state = DHS_REQUEST; 1922 send_request(ifp); 1923 } 1924 1925 static int 1926 dhcp_leaseextend(struct interface *ifp) 1927 { 1928 1929 #ifdef ARP 1930 if (ifp->options->options & DHCPCD_ARP) { 1931 const struct dhcp_state *state; 1932 struct arp_state *astate; 1933 1934 state = D_CSTATE(ifp); 1935 if ((astate = arp_new(ifp, &state->lease.addr)) == NULL) 1936 return -1; 1937 astate->conflicted_cb = dhcp_arp_conflicted; 1938 1939 #ifndef KERNEL_RFC5227 1940 if (arp_open(ifp) == -1) 1941 return -1; 1942 #endif 1943 1944 logwarnx("%s: extending lease until DaD failure or DHCP", 1945 ifp->name); 1946 return 0; 1947 } 1948 #endif 1949 1950 logwarnx("%s: extending lease", ifp->name); 1951 return 0; 1952 } 1953 1954 static void 1955 dhcp_expire1(struct interface *ifp) 1956 { 1957 struct dhcp_state *state = D_STATE(ifp); 1958 1959 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 1960 dhcp_drop(ifp, "EXPIRE"); 1961 unlink(state->leasefile); 1962 state->interval = 0; 1963 if (!(ifp->options->options & DHCPCD_LINK) || ifp->carrier != LINK_DOWN) 1964 dhcp_discover(ifp); 1965 } 1966 1967 static void 1968 dhcp_expire(void *arg) 1969 { 1970 struct interface *ifp = arg; 1971 1972 logerrx("%s: DHCP lease expired", ifp->name); 1973 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) { 1974 if (dhcp_leaseextend(ifp) == 0) 1975 return; 1976 logerr(__func__); 1977 } 1978 dhcp_expire1(ifp); 1979 } 1980 1981 #if defined(ARP) || defined(IN_IFF_DUPLICATED) 1982 static void 1983 dhcp_decline(struct interface *ifp) 1984 { 1985 1986 send_message(ifp, DHCP_DECLINE, NULL); 1987 } 1988 #endif 1989 1990 static void 1991 dhcp_startrenew(void *arg) 1992 { 1993 struct interface *ifp = arg; 1994 struct dhcp_state *state; 1995 struct dhcp_lease *lease; 1996 1997 if ((state = D_STATE(ifp)) == NULL) 1998 return; 1999 2000 /* Only renew in the bound or renew states */ 2001 if (state->state != DHS_BOUND && 2002 state->state != DHS_RENEW) 2003 return; 2004 2005 /* Remove the timeout as the renew may have been forced. */ 2006 eloop_timeout_delete(ifp->ctx->eloop, dhcp_startrenew, ifp); 2007 2008 lease = &state->lease; 2009 logdebugx("%s: renewing lease of %s", ifp->name, 2010 inet_ntoa(lease->addr)); 2011 state->state = DHS_RENEW; 2012 dhcp_new_xid(ifp); 2013 state->interval = 0; 2014 send_renew(ifp); 2015 } 2016 2017 void 2018 dhcp_renew(struct interface *ifp) 2019 { 2020 2021 dhcp_startrenew(ifp); 2022 } 2023 2024 static void 2025 dhcp_rebind(void *arg) 2026 { 2027 struct interface *ifp = arg; 2028 struct dhcp_state *state = D_STATE(ifp); 2029 struct dhcp_lease *lease = &state->lease; 2030 2031 logwarnx("%s: failed to renew DHCP, rebinding", ifp->name); 2032 logdebugx("%s: expire in %"PRIu32" seconds", 2033 ifp->name, lease->leasetime - lease->rebindtime); 2034 state->state = DHS_REBIND; 2035 eloop_timeout_delete(ifp->ctx->eloop, send_renew, ifp); 2036 state->lease.server.s_addr = INADDR_ANY; 2037 state->interval = 0; 2038 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 2039 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 2040 send_rebind(ifp); 2041 } 2042 2043 #ifdef ARP 2044 static void 2045 dhcp_arp_probed(struct arp_state *astate) 2046 { 2047 struct interface *ifp; 2048 struct dhcp_state *state; 2049 struct if_options *ifo; 2050 2051 ifp = astate->iface; 2052 state = D_STATE(ifp); 2053 ifo = ifp->options; 2054 #ifdef ARPING 2055 if (ifo->arping_len && state->arping_index < ifo->arping_len) { 2056 /* We didn't find a profile for this 2057 * address or hwaddr, so move to the next 2058 * arping profile */ 2059 if (++state->arping_index < ifo->arping_len) { 2060 astate->addr.s_addr = 2061 ifo->arping[state->arping_index]; 2062 arp_probe(astate); 2063 return; 2064 } 2065 arp_free(astate); 2066 #ifdef KERNEL_RFC5227 2067 /* As arping is finished, close the ARP socket. 2068 * The kernel will handle ACD from here. */ 2069 arp_close(ifp); 2070 #endif 2071 dhcpcd_startinterface(ifp); 2072 return; 2073 } 2074 #endif 2075 2076 /* Already bound so DAD has worked */ 2077 if (state->state == DHS_BOUND) 2078 return; 2079 2080 logdebugx("%s: DAD completed for %s", 2081 ifp->name, inet_ntoa(astate->addr)); 2082 if (!(ifo->options & DHCPCD_INFORM)) 2083 dhcp_bind(ifp); 2084 #ifndef IN_IFF_TENTATIVE 2085 else { 2086 struct bootp *bootp; 2087 size_t len; 2088 2089 bootp = state->new; 2090 len = state->new_len; 2091 state->new = state->offer; 2092 state->new_len = state->offer_len; 2093 get_lease(ifp, &state->lease, state->new, state->new_len); 2094 ipv4_applyaddr(astate->iface); 2095 state->new = bootp; 2096 state->new_len = len; 2097 } 2098 #endif 2099 2100 /* If we forked, stop here. */ 2101 if (ifp->ctx->options & DHCPCD_FORKED) 2102 return; 2103 2104 #ifdef IPV4LL 2105 /* Stop IPv4LL now we have a working DHCP address */ 2106 ipv4ll_drop(ifp); 2107 #endif 2108 2109 if (ifo->options & DHCPCD_INFORM) 2110 dhcp_inform(ifp); 2111 } 2112 2113 static void 2114 dhcp_arp_conflicted(struct arp_state *astate, const struct arp_msg *amsg) 2115 { 2116 struct interface *ifp; 2117 struct dhcp_state *state; 2118 #ifdef ARPING 2119 struct if_options *ifo; 2120 #endif 2121 2122 ifp = astate->iface; 2123 state = D_STATE(ifp); 2124 2125 #ifdef ARPING 2126 ifo = ifp->options; 2127 if (state->arping_index != -1 && 2128 state->arping_index < ifo->arping_len && 2129 amsg && 2130 amsg->sip.s_addr == ifo->arping[state->arping_index]) 2131 { 2132 char buf[HWADDR_LEN * 3]; 2133 2134 astate->failed.s_addr = ifo->arping[state->arping_index]; 2135 arp_report_conflicted(astate, amsg); 2136 hwaddr_ntoa(amsg->sha, ifp->hwlen, buf, sizeof(buf)); 2137 if (dhcpcd_selectprofile(ifp, buf) == -1 && 2138 dhcpcd_selectprofile(ifp, 2139 inet_ntoa(astate->failed)) == -1) 2140 { 2141 /* We didn't find a profile for this 2142 * address or hwaddr, so move to the next 2143 * arping profile */ 2144 dhcp_arp_probed(astate); 2145 return; 2146 } 2147 arp_free(astate); 2148 #ifdef KERNEL_RFC5227 2149 /* As arping is finished, close the ARP socket. 2150 * The kernel will handle ACD from here. */ 2151 arp_close(ifp); 2152 #endif 2153 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2154 dhcpcd_startinterface(ifp); 2155 return; 2156 } 2157 #endif 2158 2159 /* RFC 2131 3.1.5, Client-server interaction 2160 * NULL amsg means IN_IFF_DUPLICATED */ 2161 if (amsg == NULL || (state->offer && 2162 (amsg->sip.s_addr == state->offer->yiaddr || 2163 (amsg->sip.s_addr == 0 && 2164 amsg->tip.s_addr == state->offer->yiaddr)))) 2165 { 2166 #ifdef IN_IFF_DUPLICATED 2167 struct ipv4_addr *ia; 2168 #endif 2169 2170 if (amsg) 2171 astate->failed.s_addr = state->offer->yiaddr; 2172 else 2173 astate->failed = astate->addr; 2174 arp_report_conflicted(astate, amsg); 2175 unlink(state->leasefile); 2176 #ifdef ARP 2177 if (!(ifp->options->options & DHCPCD_STATIC) && 2178 !state->lease.frominfo) 2179 dhcp_decline(ifp); 2180 #endif 2181 #ifdef IN_IFF_DUPLICATED 2182 if ((ia = ipv4_iffindaddr(ifp, &astate->addr, NULL)) != NULL) 2183 ipv4_deladdr(ia, 1); 2184 #endif 2185 arp_free(astate); 2186 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2187 eloop_timeout_add_sec(ifp->ctx->eloop, 2188 DHCP_RAND_MAX, dhcp_discover, ifp); 2189 return; 2190 } 2191 2192 /* Bound address */ 2193 if (amsg && state->addr && 2194 amsg->sip.s_addr == state->addr->addr.s_addr) 2195 { 2196 astate->failed = state->addr->addr; 2197 arp_report_conflicted(astate, amsg); 2198 if (state->state == DHS_BOUND) { 2199 /* For now, just report the duplicated address */ 2200 } else { 2201 arp_free(astate); 2202 dhcp_expire1(ifp); 2203 } 2204 return; 2205 } 2206 } 2207 #endif 2208 2209 void 2210 dhcp_bind(struct interface *ifp) 2211 { 2212 struct dhcp_state *state = D_STATE(ifp); 2213 struct if_options *ifo = ifp->options; 2214 struct dhcp_lease *lease = &state->lease; 2215 2216 state->reason = NULL; 2217 /* If we don't have an offer, we are re-binding a lease on preference, 2218 * normally when two interfaces have a lease matching IP addresses. */ 2219 if (state->offer) { 2220 free(state->old); 2221 state->old = state->new; 2222 state->old_len = state->new_len; 2223 state->new = state->offer; 2224 state->new_len = state->offer_len; 2225 state->offer = NULL; 2226 state->offer_len = 0; 2227 } 2228 get_lease(ifp, lease, state->new, state->new_len); 2229 if (ifo->options & DHCPCD_STATIC) { 2230 loginfox("%s: using static address %s/%d", 2231 ifp->name, inet_ntoa(lease->addr), 2232 inet_ntocidr(lease->mask)); 2233 lease->leasetime = ~0U; 2234 state->reason = "STATIC"; 2235 } else if (ifo->options & DHCPCD_INFORM) { 2236 loginfox("%s: received approval for %s", 2237 ifp->name, inet_ntoa(lease->addr)); 2238 lease->leasetime = ~0U; 2239 state->reason = "INFORM"; 2240 } else { 2241 if (lease->frominfo) 2242 state->reason = "TIMEOUT"; 2243 if (lease->leasetime == ~0U) { 2244 lease->renewaltime = 2245 lease->rebindtime = 2246 lease->leasetime; 2247 loginfox("%s: leased %s for infinity", 2248 ifp->name, inet_ntoa(lease->addr)); 2249 } else { 2250 if (lease->leasetime < DHCP_MIN_LEASE) { 2251 logwarnx("%s: minimum lease is %d seconds", 2252 ifp->name, DHCP_MIN_LEASE); 2253 lease->leasetime = DHCP_MIN_LEASE; 2254 } 2255 if (lease->rebindtime == 0) 2256 lease->rebindtime = 2257 (uint32_t)(lease->leasetime * T2); 2258 else if (lease->rebindtime >= lease->leasetime) { 2259 lease->rebindtime = 2260 (uint32_t)(lease->leasetime * T2); 2261 logwarnx("%s: rebind time greater than lease " 2262 "time, forcing to %"PRIu32" seconds", 2263 ifp->name, lease->rebindtime); 2264 } 2265 if (lease->renewaltime == 0) 2266 lease->renewaltime = 2267 (uint32_t)(lease->leasetime * T1); 2268 else if (lease->renewaltime > lease->rebindtime) { 2269 lease->renewaltime = 2270 (uint32_t)(lease->leasetime * T1); 2271 logwarnx("%s: renewal time greater than " 2272 "rebind time, forcing to %"PRIu32" seconds", 2273 ifp->name, lease->renewaltime); 2274 } 2275 if (state->addr && 2276 lease->addr.s_addr == state->addr->addr.s_addr && 2277 !(state->added & STATE_FAKE)) 2278 logdebugx("%s: leased %s for %"PRIu32" seconds", 2279 ifp->name, inet_ntoa(lease->addr), 2280 lease->leasetime); 2281 else 2282 loginfox("%s: leased %s for %"PRIu32" seconds", 2283 ifp->name, inet_ntoa(lease->addr), 2284 lease->leasetime); 2285 } 2286 } 2287 if (ifp->ctx->options & DHCPCD_TEST) { 2288 state->reason = "TEST"; 2289 script_runreason(ifp, state->reason); 2290 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 2291 return; 2292 } 2293 if (state->reason == NULL) { 2294 if (state->old && !(state->added & STATE_FAKE)) { 2295 if (state->old->yiaddr == state->new->yiaddr && 2296 lease->server.s_addr && 2297 state->state != DHS_REBIND) 2298 state->reason = "RENEW"; 2299 else 2300 state->reason = "REBIND"; 2301 } else if (state->state == DHS_REBOOT) 2302 state->reason = "REBOOT"; 2303 else 2304 state->reason = "BOUND"; 2305 } 2306 if (lease->leasetime == ~0U) 2307 lease->renewaltime = lease->rebindtime = lease->leasetime; 2308 else { 2309 eloop_timeout_add_sec(ifp->ctx->eloop, 2310 (time_t)lease->renewaltime, dhcp_startrenew, ifp); 2311 eloop_timeout_add_sec(ifp->ctx->eloop, 2312 (time_t)lease->rebindtime, dhcp_rebind, ifp); 2313 eloop_timeout_add_sec(ifp->ctx->eloop, 2314 (time_t)lease->leasetime, dhcp_expire, ifp); 2315 logdebugx("%s: renew in %"PRIu32" seconds, rebind in %"PRIu32 2316 " seconds", 2317 ifp->name, lease->renewaltime, lease->rebindtime); 2318 } 2319 state->state = DHS_BOUND; 2320 /* Re-apply the filter because we need to accept any XID anymore. */ 2321 if (bpf_bootp(ifp, state->bpf_fd) == -1) 2322 logerr(__func__); /* try to continue */ 2323 if (!state->lease.frominfo && 2324 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))) 2325 if (write_lease(ifp, state->new, state->new_len) == -1) 2326 logerr(__func__); 2327 2328 ipv4_applyaddr(ifp); 2329 } 2330 2331 static void 2332 dhcp_lastlease(void *arg) 2333 { 2334 struct interface *ifp = arg; 2335 struct dhcp_state *state = D_STATE(ifp); 2336 2337 loginfox("%s: timed out contacting a DHCP server, using last lease", 2338 ifp->name); 2339 dhcp_bind(ifp); 2340 /* If we forked, stop here. */ 2341 if (ifp->ctx->options & DHCPCD_FORKED) 2342 return; 2343 state->interval = 0; 2344 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND && 2345 dhcp_leaseextend(ifp) == -1) 2346 { 2347 logerr("%s: %s", ifp->name, __func__); 2348 dhcp_expire(ifp); 2349 } 2350 dhcp_discover(ifp); 2351 } 2352 2353 static size_t 2354 dhcp_message_new(struct bootp **bootp, 2355 const struct in_addr *addr, const struct in_addr *mask) 2356 { 2357 uint8_t *p; 2358 uint32_t cookie; 2359 2360 if ((*bootp = calloc(1, sizeof(**bootp))) == NULL) 2361 return 0; 2362 2363 (*bootp)->yiaddr = addr->s_addr; 2364 p = (*bootp)->vend; 2365 2366 cookie = htonl(MAGIC_COOKIE); 2367 memcpy(p, &cookie, sizeof(cookie)); 2368 p += sizeof(cookie); 2369 2370 if (mask->s_addr != INADDR_ANY) { 2371 *p++ = DHO_SUBNETMASK; 2372 *p++ = sizeof(mask->s_addr); 2373 memcpy(p, &mask->s_addr, sizeof(mask->s_addr)); 2374 p+= sizeof(mask->s_addr); 2375 } 2376 2377 *p = DHO_END; 2378 return sizeof(**bootp); 2379 } 2380 2381 #ifdef ARP 2382 static int 2383 dhcp_arp_address(struct interface *ifp) 2384 { 2385 struct dhcp_state *state; 2386 struct in_addr addr; 2387 struct ipv4_addr *ia; 2388 struct arp_state *astate; 2389 2390 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2391 2392 state = D_STATE(ifp); 2393 addr.s_addr = state->offer->yiaddr == INADDR_ANY ? 2394 state->offer->ciaddr : state->offer->yiaddr; 2395 /* If the interface already has the address configured 2396 * then we can't ARP for duplicate detection. */ 2397 ia = ipv4_iffindaddr(ifp, &addr, NULL); 2398 if ((astate = arp_new(ifp, &addr)) == NULL) 2399 return -1; 2400 astate->probed_cb = dhcp_arp_probed; 2401 astate->conflicted_cb = dhcp_arp_conflicted; 2402 2403 #ifdef IN_IFF_TENTATIVE 2404 if (ia == NULL || ia->addr_flags & IN_IFF_NOTUSEABLE) { 2405 state->state = DHS_PROBE; 2406 if (ia == NULL) { 2407 struct dhcp_lease l; 2408 2409 get_lease(ifp, &l, state->offer, state->offer_len); 2410 /* Add the address now, let the kernel handle DAD. */ 2411 ipv4_addaddr(ifp, &l.addr, &l.mask, &l.brd); 2412 } else 2413 loginfox("%s: waiting for DAD on %s", 2414 ifp->name, inet_ntoa(addr)); 2415 return 0; 2416 } 2417 #else 2418 if (ifp->options->options & DHCPCD_ARP && ia == NULL) { 2419 struct dhcp_lease l; 2420 2421 state->state = DHS_PROBE; 2422 get_lease(ifp, &l, state->offer, state->offer_len); 2423 loginfox("%s: probing address %s/%d", 2424 ifp->name, inet_ntoa(l.addr), inet_ntocidr(l.mask)); 2425 /* We need to handle DAD. */ 2426 arp_probe(astate); 2427 return 0; 2428 } 2429 #endif 2430 2431 return 1; 2432 } 2433 2434 static void 2435 dhcp_arp_bind(struct interface *ifp) 2436 { 2437 2438 if (dhcp_arp_address(ifp) == 1) 2439 dhcp_bind(ifp); 2440 } 2441 #endif 2442 2443 static void 2444 dhcp_static(struct interface *ifp) 2445 { 2446 struct if_options *ifo; 2447 struct dhcp_state *state; 2448 struct ipv4_addr *ia; 2449 2450 state = D_STATE(ifp); 2451 ifo = ifp->options; 2452 2453 ia = NULL; 2454 if (ifo->req_addr.s_addr == INADDR_ANY && 2455 (ia = ipv4_iffindaddr(ifp, NULL, NULL)) == NULL) 2456 { 2457 loginfox("%s: waiting for 3rd party to " 2458 "configure IP address", ifp->name); 2459 state->reason = "3RDPARTY"; 2460 script_runreason(ifp, state->reason); 2461 return; 2462 } 2463 2464 state->offer_len = dhcp_message_new(&state->offer, 2465 ia ? &ia->addr : &ifo->req_addr, 2466 ia ? &ia->mask : &ifo->req_mask); 2467 if (state->offer_len) 2468 #ifdef ARP 2469 dhcp_arp_bind(ifp); 2470 #else 2471 dhcp_bind(ifp); 2472 #endif 2473 } 2474 2475 void 2476 dhcp_inform(struct interface *ifp) 2477 { 2478 struct dhcp_state *state; 2479 struct if_options *ifo; 2480 struct ipv4_addr *ia; 2481 2482 state = D_STATE(ifp); 2483 ifo = ifp->options; 2484 2485 state->state = DHS_INFORM; 2486 free(state->offer); 2487 state->offer = NULL; 2488 state->offer_len = 0; 2489 2490 if (ifo->req_addr.s_addr == INADDR_ANY) { 2491 ia = ipv4_iffindaddr(ifp, NULL, NULL); 2492 if (ia == NULL) { 2493 loginfox("%s: waiting for 3rd party to " 2494 "configure IP address", 2495 ifp->name); 2496 if (!(ifp->ctx->options & DHCPCD_TEST)) { 2497 state->reason = "3RDPARTY"; 2498 script_runreason(ifp, state->reason); 2499 } 2500 return; 2501 } 2502 } else { 2503 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, &ifo->req_mask); 2504 if (ia == NULL) { 2505 if (ifp->ctx->options & DHCPCD_TEST) { 2506 logerrx("%s: cannot add IP address in test mode", 2507 ifp->name); 2508 return; 2509 } 2510 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, NULL); 2511 if (ia != NULL) 2512 /* Netmask must be different, delete it. */ 2513 ipv4_deladdr(ia, 1); 2514 state->offer_len = dhcp_message_new(&state->offer, 2515 &ifo->req_addr, &ifo->req_mask); 2516 #ifdef ARP 2517 if (dhcp_arp_address(ifp) == 0) 2518 return; 2519 #endif 2520 ia = ipv4_iffindaddr(ifp, 2521 &ifo->req_addr, &ifo->req_mask); 2522 assert(ia != NULL); 2523 } 2524 } 2525 2526 state->addr = ia; 2527 state->offer_len = dhcp_message_new(&state->offer, 2528 &ia->addr, &ia->mask); 2529 if (state->offer_len) { 2530 dhcp_new_xid(ifp); 2531 get_lease(ifp, &state->lease, state->offer, state->offer_len); 2532 send_inform(ifp); 2533 } 2534 } 2535 2536 void 2537 dhcp_reboot_newopts(struct interface *ifp, unsigned long long oldopts) 2538 { 2539 struct if_options *ifo; 2540 struct dhcp_state *state = D_STATE(ifp); 2541 2542 if (state == NULL || state->state == DHS_NONE) 2543 return; 2544 ifo = ifp->options; 2545 if ((ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC) && 2546 (state->addr == NULL || 2547 state->addr->addr.s_addr != ifo->req_addr.s_addr)) || 2548 (oldopts & (DHCPCD_INFORM | DHCPCD_STATIC) && 2549 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC)))) 2550 { 2551 dhcp_drop(ifp, "EXPIRE"); 2552 } 2553 } 2554 2555 #ifdef ARP 2556 static int 2557 dhcp_activeaddr(const struct interface *ifp, const struct in_addr *addr) 2558 { 2559 const struct interface *ifp1; 2560 const struct dhcp_state *state; 2561 2562 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) { 2563 if (ifp1 == ifp) 2564 continue; 2565 if ((state = D_CSTATE(ifp1)) == NULL) 2566 continue; 2567 switch(state->state) { 2568 case DHS_REBOOT: 2569 case DHS_RENEW: 2570 case DHS_REBIND: 2571 case DHS_BOUND: 2572 case DHS_INFORM: 2573 break; 2574 default: 2575 continue; 2576 } 2577 if (state->lease.addr.s_addr == addr->s_addr) 2578 return 1; 2579 } 2580 return 0; 2581 } 2582 #endif 2583 2584 static void 2585 dhcp_reboot(struct interface *ifp) 2586 { 2587 struct if_options *ifo; 2588 struct dhcp_state *state = D_STATE(ifp); 2589 #ifdef ARP 2590 struct ipv4_addr *ia; 2591 #endif 2592 2593 if (state == NULL || state->state == DHS_NONE) 2594 return; 2595 ifo = ifp->options; 2596 state->state = DHS_REBOOT; 2597 state->interval = 0; 2598 2599 if (ifo->options & DHCPCD_LINK && ifp->carrier == LINK_DOWN) { 2600 loginfox("%s: waiting for carrier", ifp->name); 2601 return; 2602 } 2603 if (ifo->options & DHCPCD_STATIC) { 2604 dhcp_static(ifp); 2605 return; 2606 } 2607 if (ifo->options & DHCPCD_INFORM) { 2608 loginfox("%s: informing address of %s", 2609 ifp->name, inet_ntoa(state->lease.addr)); 2610 dhcp_inform(ifp); 2611 return; 2612 } 2613 if (ifo->reboot == 0 || state->offer == NULL) { 2614 dhcp_discover(ifp); 2615 return; 2616 } 2617 if (!IS_DHCP(state->offer)) 2618 return; 2619 2620 loginfox("%s: rebinding lease of %s", 2621 ifp->name, inet_ntoa(state->lease.addr)); 2622 2623 #ifdef ARP 2624 /* If the address exists on the interface and no other interface 2625 * is currently using it then announce it to ensure this 2626 * interface gets the reply. */ 2627 ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL); 2628 if (ia != NULL && 2629 #ifdef IN_IFF_NOTUSEABLE 2630 !(ia->addr_flags & IN_IFF_NOTUSEABLE) && 2631 #endif 2632 dhcp_activeaddr(ifp, &state->lease.addr) == 0) 2633 arp_ifannounceaddr(ifp, &state->lease.addr); 2634 #endif 2635 2636 dhcp_new_xid(ifp); 2637 state->lease.server.s_addr = INADDR_ANY; 2638 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2639 2640 #ifdef IPV4LL 2641 /* Need to add this before dhcp_expire and friends. */ 2642 if (!ifo->fallback && ifo->options & DHCPCD_IPV4LL) 2643 eloop_timeout_add_sec(ifp->ctx->eloop, 2644 ifo->reboot, ipv4ll_start, ifp); 2645 #endif 2646 2647 if (ifo->options & DHCPCD_LASTLEASE && state->lease.frominfo) 2648 eloop_timeout_add_sec(ifp->ctx->eloop, 2649 ifo->reboot, dhcp_lastlease, ifp); 2650 else if (!(ifo->options & DHCPCD_INFORM)) 2651 eloop_timeout_add_sec(ifp->ctx->eloop, 2652 ifo->reboot, dhcp_expire, ifp); 2653 2654 /* Don't bother ARP checking as the server could NAK us first. 2655 * Don't call dhcp_request as that would change the state */ 2656 send_request(ifp); 2657 } 2658 2659 void 2660 dhcp_drop(struct interface *ifp, const char *reason) 2661 { 2662 struct dhcp_state *state; 2663 #ifdef RELEASE_SLOW 2664 struct timespec ts; 2665 #endif 2666 2667 state = D_STATE(ifp); 2668 /* dhcp_start may just have been called and we don't yet have a state 2669 * but we do have a timeout, so punt it. */ 2670 if (state == NULL || state->state == DHS_NONE) { 2671 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2672 return; 2673 } 2674 2675 #ifdef ARPING 2676 state->arping_index = -1; 2677 #endif 2678 if (ifp->options->options & DHCPCD_RELEASE && 2679 !(ifp->options->options & DHCPCD_INFORM)) 2680 { 2681 /* Failure to send the release may cause this function to 2682 * re-enter so guard by setting the state. */ 2683 if (state->state == DHS_RELEASE) 2684 return; 2685 state->state = DHS_RELEASE; 2686 2687 unlink(state->leasefile); 2688 if (ifp->carrier != LINK_DOWN && 2689 state->new != NULL && 2690 state->lease.server.s_addr != INADDR_ANY) 2691 { 2692 loginfox("%s: releasing lease of %s", 2693 ifp->name, inet_ntoa(state->lease.addr)); 2694 dhcp_new_xid(ifp); 2695 send_message(ifp, DHCP_RELEASE, NULL); 2696 #ifdef RELEASE_SLOW 2697 /* Give the packet a chance to go */ 2698 ts.tv_sec = RELEASE_DELAY_S; 2699 ts.tv_nsec = RELEASE_DELAY_NS; 2700 nanosleep(&ts, NULL); 2701 #endif 2702 } 2703 } 2704 2705 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 2706 #ifdef AUTH 2707 dhcp_auth_reset(&state->auth); 2708 #endif 2709 2710 state->state = DHS_NONE; 2711 free(state->offer); 2712 state->offer = NULL; 2713 state->offer_len = 0; 2714 free(state->old); 2715 state->old = state->new; 2716 state->old_len = state->new_len; 2717 state->new = NULL; 2718 state->new_len = 0; 2719 state->reason = reason; 2720 ipv4_applyaddr(ifp); 2721 free(state->old); 2722 state->old = NULL; 2723 state->old_len = 0; 2724 state->lease.addr.s_addr = 0; 2725 ifp->options->options &= ~(DHCPCD_CSR_WARNED | 2726 DHCPCD_ROUTER_HOST_ROUTE_WARNED); 2727 } 2728 2729 static int 2730 blacklisted_ip(const struct if_options *ifo, in_addr_t addr) 2731 { 2732 size_t i; 2733 2734 for (i = 0; i < ifo->blacklist_len; i += 2) 2735 if (ifo->blacklist[i] == (addr & ifo->blacklist[i + 1])) 2736 return 1; 2737 return 0; 2738 } 2739 2740 #define WHTLST_NONE 0 2741 #define WHTLST_MATCH 1 2742 #define WHTLST_NOMATCH 2 2743 static unsigned int 2744 whitelisted_ip(const struct if_options *ifo, in_addr_t addr) 2745 { 2746 size_t i; 2747 2748 if (ifo->whitelist_len == 0) 2749 return WHTLST_NONE; 2750 for (i = 0; i < ifo->whitelist_len; i += 2) 2751 if (ifo->whitelist[i] == (addr & ifo->whitelist[i + 1])) 2752 return WHTLST_MATCH; 2753 return WHTLST_NOMATCH; 2754 } 2755 2756 static void 2757 log_dhcp(logfunc_t *logfunc, const char *msg, 2758 const struct interface *ifp, const struct bootp *bootp, size_t bootp_len, 2759 const struct in_addr *from, int ad) 2760 { 2761 const char *tfrom; 2762 char *a, sname[sizeof(bootp->sname) * 4]; 2763 struct in_addr addr; 2764 int r; 2765 uint8_t overl; 2766 2767 if (strcmp(msg, "NAK:") == 0) { 2768 a = get_option_string(ifp->ctx, bootp, bootp_len, DHO_MESSAGE); 2769 if (a) { 2770 char *tmp; 2771 size_t al, tmpl; 2772 2773 al = strlen(a); 2774 tmpl = (al * 4) + 1; 2775 tmp = malloc(tmpl); 2776 if (tmp == NULL) { 2777 logerr(__func__); 2778 free(a); 2779 return; 2780 } 2781 print_string(tmp, tmpl, OT_STRING, (uint8_t *)a, al); 2782 free(a); 2783 a = tmp; 2784 } 2785 } else if (ad && bootp->yiaddr != 0) { 2786 addr.s_addr = bootp->yiaddr; 2787 a = strdup(inet_ntoa(addr)); 2788 if (a == NULL) { 2789 logerr(__func__); 2790 return; 2791 } 2792 } else 2793 a = NULL; 2794 2795 tfrom = "from"; 2796 r = get_option_addr(ifp->ctx, &addr, bootp, bootp_len, DHO_SERVERID); 2797 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len, 2798 DHO_OPTSOVERLOADED) == -1) 2799 overl = 0; 2800 if (bootp->sname[0] && r == 0 && !(overl & 2)) { 2801 print_string(sname, sizeof(sname), OT_STRING | OT_DOMAIN, 2802 bootp->sname, sizeof(bootp->sname)); 2803 if (a == NULL) 2804 logfunc("%s: %s %s %s `%s'", 2805 ifp->name, msg, tfrom, inet_ntoa(addr), sname); 2806 else 2807 logfunc("%s: %s %s %s %s `%s'", 2808 ifp->name, msg, a, tfrom, inet_ntoa(addr), sname); 2809 } else { 2810 if (r != 0) { 2811 tfrom = "via"; 2812 addr = *from; 2813 } 2814 if (a == NULL) 2815 logfunc("%s: %s %s %s", 2816 ifp->name, msg, tfrom, inet_ntoa(addr)); 2817 else 2818 logfunc("%s: %s %s %s %s", 2819 ifp->name, msg, a, tfrom, inet_ntoa(addr)); 2820 } 2821 free(a); 2822 } 2823 2824 /* If we're sharing the same IP address with another interface on the 2825 * same network, we may receive the DHCP reply on the wrong interface. 2826 * Try and re-direct it here. */ 2827 static void 2828 dhcp_redirect_dhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2829 const struct in_addr *from) 2830 { 2831 struct interface *ifn; 2832 const struct dhcp_state *state; 2833 uint32_t xid; 2834 2835 xid = ntohl(bootp->xid); 2836 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) { 2837 state = D_CSTATE(ifn); 2838 if (state == NULL || state->state == DHS_NONE) 2839 continue; 2840 if (state->xid != xid) 2841 continue; 2842 if (ifn->hwlen <= sizeof(bootp->chaddr) && 2843 memcmp(bootp->chaddr, ifn->hwaddr, ifn->hwlen)) 2844 continue; 2845 logdebugx("%s: redirecting DHCP message to %s", 2846 ifp->name, ifn->name); 2847 dhcp_handledhcp(ifn, bootp, bootp_len, from); 2848 } 2849 } 2850 2851 static void 2852 dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len, 2853 const struct in_addr *from) 2854 { 2855 struct dhcp_state *state = D_STATE(ifp); 2856 struct if_options *ifo = ifp->options; 2857 struct dhcp_lease *lease = &state->lease; 2858 uint8_t type, tmp; 2859 struct in_addr addr; 2860 unsigned int i; 2861 char *msg; 2862 bool bootp_copied; 2863 #ifdef AUTH 2864 const uint8_t *auth; 2865 size_t auth_len; 2866 #endif 2867 #ifdef IN_IFF_DUPLICATED 2868 struct ipv4_addr *ia; 2869 #endif 2870 2871 #define LOGDHCP0(l, m) \ 2872 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 0) 2873 #define LOGDHCP(l, m) \ 2874 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 1) 2875 2876 /* Handled in our BPF filter. */ 2877 #if 0 2878 if (bootp->op != BOOTREPLY) { 2879 logdebugx("%s: op (%d) is not BOOTREPLY", 2880 ifp->name, bootp->op); 2881 return; 2882 } 2883 #endif 2884 2885 if (state->xid != ntohl(bootp->xid)) { 2886 if (state->state != DHS_BOUND && state->state != DHS_NONE) 2887 logdebugx("%s: wrong xid 0x%x (expecting 0x%x) from %s", 2888 ifp->name, ntohl(bootp->xid), state->xid, 2889 inet_ntoa(*from)); 2890 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 2891 return; 2892 } 2893 2894 if (ifp->hwlen <= sizeof(bootp->chaddr) && 2895 memcmp(bootp->chaddr, ifp->hwaddr, ifp->hwlen)) 2896 { 2897 char buf[sizeof(bootp->chaddr) * 3]; 2898 2899 logdebugx("%s: xid 0x%x is for hwaddr %s", 2900 ifp->name, ntohl(bootp->xid), 2901 hwaddr_ntoa(bootp->chaddr, sizeof(bootp->chaddr), 2902 buf, sizeof(buf))); 2903 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from); 2904 return; 2905 } 2906 2907 if (!ifp->active) 2908 return; 2909 2910 i = whitelisted_ip(ifp->options, from->s_addr); 2911 switch (i) { 2912 case WHTLST_NOMATCH: 2913 logwarnx("%s: non whitelisted DHCP packet from %s", 2914 ifp->name, inet_ntoa(*from)); 2915 return; 2916 case WHTLST_MATCH: 2917 break; 2918 case WHTLST_NONE: 2919 if (blacklisted_ip(ifp->options, from->s_addr) == 1) { 2920 logwarnx("%s: blacklisted DHCP packet from %s", 2921 ifp->name, inet_ntoa(*from)); 2922 return; 2923 } 2924 } 2925 2926 /* We may have found a BOOTP server */ 2927 if (get_option_uint8(ifp->ctx, &type, 2928 bootp, bootp_len, DHO_MESSAGETYPE) == -1) 2929 type = 0; 2930 else if (ifo->options & DHCPCD_BOOTP) { 2931 logdebugx("%s: ignoring DHCP reply (expecting BOOTP)", 2932 ifp->name); 2933 return; 2934 } 2935 2936 #ifdef AUTH 2937 /* Authenticate the message */ 2938 auth = get_option(ifp->ctx, bootp, bootp_len, 2939 DHO_AUTHENTICATION, &auth_len); 2940 if (auth) { 2941 if (dhcp_auth_validate(&state->auth, &ifo->auth, 2942 (uint8_t *)bootp, bootp_len, 4, type, 2943 auth, auth_len) == NULL) 2944 { 2945 LOGDHCP0(logerrx, "authentication failed"); 2946 return; 2947 } 2948 if (state->auth.token) 2949 logdebugx("%s: validated using 0x%08" PRIu32, 2950 ifp->name, state->auth.token->secretid); 2951 else 2952 loginfox("%s: accepted reconfigure key", ifp->name); 2953 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) { 2954 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) { 2955 LOGDHCP0(logerrx, "no authentication"); 2956 return; 2957 } 2958 LOGDHCP0(logwarnx, "no authentication"); 2959 } 2960 #endif 2961 2962 /* RFC 3203 */ 2963 if (type == DHCP_FORCERENEW) { 2964 if (from->s_addr == INADDR_ANY || 2965 from->s_addr == INADDR_BROADCAST) 2966 { 2967 LOGDHCP(logerrx, "discarding Force Renew"); 2968 return; 2969 } 2970 #ifdef AUTH 2971 if (auth == NULL) { 2972 LOGDHCP(logerrx, "unauthenticated Force Renew"); 2973 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) 2974 return; 2975 } 2976 if (state->state != DHS_BOUND && state->state != DHS_INFORM) { 2977 LOGDHCP(logdebugx, "not bound, ignoring Force Renew"); 2978 return; 2979 } 2980 LOGDHCP(loginfox, "Force Renew from"); 2981 /* The rebind and expire timings are still the same, we just 2982 * enter the renew state early */ 2983 if (state->state == DHS_BOUND) 2984 dhcp_renew(ifp); 2985 else { 2986 eloop_timeout_delete(ifp->ctx->eloop, 2987 send_inform, ifp); 2988 dhcp_inform(ifp); 2989 } 2990 #else 2991 LOGDHCP(logerrx, "unauthenticated Force Renew"); 2992 #endif 2993 return; 2994 } 2995 2996 if (state->state == DHS_BOUND) { 2997 /* Before we supported FORCERENEW we closed off the raw 2998 * port so we effectively ignored all messages. 2999 * As such we'll not log by default here. */ 3000 //LOGDHCP(logdebugx, "bound, ignoring"); 3001 return; 3002 } 3003 3004 if (state->state == DHS_PROBE) { 3005 /* Ignore any DHCP messages whilst probing a lease to bind. */ 3006 LOGDHCP(logdebugx, "probing, ignoring"); 3007 return; 3008 } 3009 3010 /* reset the message counter */ 3011 state->interval = 0; 3012 3013 /* Ensure that no reject options are present */ 3014 for (i = 1; i < 255; i++) { 3015 if (has_option_mask(ifo->rejectmask, i) && 3016 get_option_uint8(ifp->ctx, &tmp, 3017 bootp, bootp_len, (uint8_t)i) == 0) 3018 { 3019 LOGDHCP(logwarnx, "reject DHCP"); 3020 return; 3021 } 3022 } 3023 3024 if (type == DHCP_NAK) { 3025 /* For NAK, only check if we require the ServerID */ 3026 if (has_option_mask(ifo->requiremask, DHO_SERVERID) && 3027 get_option_addr(ifp->ctx, &addr, 3028 bootp, bootp_len, DHO_SERVERID) == -1) 3029 { 3030 LOGDHCP(logwarnx, "reject NAK"); 3031 return; 3032 } 3033 3034 /* We should restart on a NAK */ 3035 LOGDHCP(logwarnx, "NAK:"); 3036 if ((msg = get_option_string(ifp->ctx, 3037 bootp, bootp_len, DHO_MESSAGE))) 3038 { 3039 logwarnx("%s: message: %s", ifp->name, msg); 3040 free(msg); 3041 } 3042 if (state->state == DHS_INFORM) /* INFORM should not be NAKed */ 3043 return; 3044 if (!(ifp->ctx->options & DHCPCD_TEST)) { 3045 dhcp_drop(ifp, "NAK"); 3046 unlink(state->leasefile); 3047 } 3048 3049 /* If we constantly get NAKS then we should slowly back off */ 3050 eloop_timeout_add_sec(ifp->ctx->eloop, 3051 state->nakoff, dhcp_discover, ifp); 3052 if (state->nakoff == 0) 3053 state->nakoff = 1; 3054 else { 3055 state->nakoff *= 2; 3056 if (state->nakoff > NAKOFF_MAX) 3057 state->nakoff = NAKOFF_MAX; 3058 } 3059 return; 3060 } 3061 3062 /* Ensure that all required options are present */ 3063 for (i = 1; i < 255; i++) { 3064 if (has_option_mask(ifo->requiremask, i) && 3065 get_option_uint8(ifp->ctx, &tmp, 3066 bootp, bootp_len, (uint8_t)i) != 0) 3067 { 3068 /* If we are BOOTP, then ignore the need for serverid. 3069 * To ignore BOOTP, require dhcp_message_type. 3070 * However, nothing really stops BOOTP from providing 3071 * DHCP style options as well so the above isn't 3072 * always true. */ 3073 if (type == 0 && i == DHO_SERVERID) 3074 continue; 3075 LOGDHCP(logwarnx, "reject DHCP"); 3076 return; 3077 } 3078 } 3079 3080 /* DHCP Auto-Configure, RFC 2563 */ 3081 if (type == DHCP_OFFER && bootp->yiaddr == 0) { 3082 LOGDHCP(logwarnx, "no address given"); 3083 if ((msg = get_option_string(ifp->ctx, 3084 bootp, bootp_len, DHO_MESSAGE))) 3085 { 3086 logwarnx("%s: message: %s", ifp->name, msg); 3087 free(msg); 3088 } 3089 #ifdef IPV4LL 3090 if (state->state == DHS_DISCOVER && 3091 get_option_uint8(ifp->ctx, &tmp, bootp, bootp_len, 3092 DHO_AUTOCONFIGURE) == 0) 3093 { 3094 switch (tmp) { 3095 case 0: 3096 LOGDHCP(logwarnx, "IPv4LL disabled from"); 3097 ipv4ll_drop(ifp); 3098 #ifdef ARP 3099 arp_drop(ifp); 3100 #endif 3101 break; 3102 case 1: 3103 LOGDHCP(logwarnx, "IPv4LL enabled from"); 3104 ipv4ll_start(ifp); 3105 break; 3106 default: 3107 logerrx("%s: unknown auto configuration " 3108 "option %d", 3109 ifp->name, tmp); 3110 break; 3111 } 3112 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3113 eloop_timeout_add_sec(ifp->ctx->eloop, 3114 DHCP_MAX, dhcp_discover, ifp); 3115 } 3116 #endif 3117 return; 3118 } 3119 3120 /* Ensure that the address offered is valid */ 3121 if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) && 3122 (bootp->ciaddr == INADDR_ANY || bootp->ciaddr == INADDR_BROADCAST) 3123 && 3124 (bootp->yiaddr == INADDR_ANY || bootp->yiaddr == INADDR_BROADCAST)) 3125 { 3126 LOGDHCP(logwarnx, "reject invalid address"); 3127 return; 3128 } 3129 3130 #ifdef IN_IFF_DUPLICATED 3131 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL); 3132 if (ia && ia->addr_flags & IN_IFF_DUPLICATED) { 3133 LOGDHCP(logwarnx, "declined duplicate address"); 3134 if (type) 3135 dhcp_decline(ifp); 3136 ipv4_deladdr(ia, 0); 3137 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3138 eloop_timeout_add_sec(ifp->ctx->eloop, 3139 DHCP_RAND_MAX, dhcp_discover, ifp); 3140 return; 3141 } 3142 #endif 3143 3144 bootp_copied = false; 3145 if ((type == 0 || type == DHCP_OFFER) && state->state == DHS_DISCOVER) { 3146 lease->frominfo = 0; 3147 lease->addr.s_addr = bootp->yiaddr; 3148 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie)); 3149 if (type == 0 || 3150 get_option_addr(ifp->ctx, 3151 &lease->server, bootp, bootp_len, DHO_SERVERID) != 0) 3152 lease->server.s_addr = INADDR_ANY; 3153 3154 /* Test for rapid commit in the OFFER */ 3155 if (!(ifp->ctx->options & DHCPCD_TEST) && 3156 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT) && 3157 get_option(ifp->ctx, bootp, bootp_len, 3158 DHO_RAPIDCOMMIT, NULL)) 3159 { 3160 state->state = DHS_REQUEST; 3161 goto rapidcommit; 3162 } 3163 3164 LOGDHCP(loginfox, "offered"); 3165 if (state->offer_len < bootp_len) { 3166 free(state->offer); 3167 if ((state->offer = malloc(bootp_len)) == NULL) { 3168 logerr(__func__); 3169 state->offer_len = 0; 3170 return; 3171 } 3172 } 3173 state->offer_len = bootp_len; 3174 memcpy(state->offer, bootp, bootp_len); 3175 bootp_copied = true; 3176 if (ifp->ctx->options & DHCPCD_TEST) { 3177 free(state->old); 3178 state->old = state->new; 3179 state->old_len = state->new_len; 3180 state->new = state->offer; 3181 state->new_len = state->offer_len; 3182 state->offer = NULL; 3183 state->offer_len = 0; 3184 state->reason = "TEST"; 3185 script_runreason(ifp, state->reason); 3186 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS); 3187 return; 3188 } 3189 eloop_timeout_delete(ifp->ctx->eloop, send_discover, ifp); 3190 /* We don't request BOOTP addresses */ 3191 if (type) { 3192 /* We used to ARP check here, but that seems to be in 3193 * violation of RFC2131 where it only describes 3194 * DECLINE after REQUEST. 3195 * It also seems that some MS DHCP servers actually 3196 * ignore DECLINE if no REQUEST, ie we decline a 3197 * DISCOVER. */ 3198 dhcp_request(ifp); 3199 return; 3200 } 3201 } 3202 3203 if (type) { 3204 if (type == DHCP_OFFER) { 3205 LOGDHCP(logwarnx, "ignoring offer of"); 3206 return; 3207 } 3208 3209 /* We should only be dealing with acks */ 3210 if (type != DHCP_ACK) { 3211 LOGDHCP(logerr, "not ACK or OFFER"); 3212 return; 3213 } 3214 3215 if (state->state == DHS_DISCOVER) { 3216 /* We only allow ACK of rapid commit DISCOVER. */ 3217 if (has_option_mask(ifo->requestmask, 3218 DHO_RAPIDCOMMIT) && 3219 get_option(ifp->ctx, bootp, bootp_len, 3220 DHO_RAPIDCOMMIT, NULL)) 3221 state->state = DHS_REQUEST; 3222 else { 3223 LOGDHCP(logdebugx, "ignoring ack of"); 3224 return; 3225 } 3226 } 3227 3228 rapidcommit: 3229 if (!(ifo->options & DHCPCD_INFORM)) 3230 LOGDHCP(logdebugx, "acknowledged"); 3231 else 3232 ifo->options &= ~DHCPCD_STATIC; 3233 } 3234 3235 /* No NAK, so reset the backoff 3236 * We don't reset on an OFFER message because the server could 3237 * potentially NAK the REQUEST. */ 3238 state->nakoff = 0; 3239 3240 /* BOOTP could have already assigned this above. */ 3241 if (!bootp_copied) { 3242 if (state->offer_len < bootp_len) { 3243 free(state->offer); 3244 if ((state->offer = malloc(bootp_len)) == NULL) { 3245 logerr(__func__); 3246 state->offer_len = 0; 3247 return; 3248 } 3249 } 3250 state->offer_len = bootp_len; 3251 memcpy(state->offer, bootp, bootp_len); 3252 } 3253 3254 lease->frominfo = 0; 3255 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3256 3257 #ifdef ARP 3258 dhcp_arp_bind(ifp); 3259 #else 3260 dhcp_bind(ifp); 3261 #endif 3262 } 3263 3264 static void * 3265 get_udp_data(void *udp, size_t *len) 3266 { 3267 struct bootp_pkt *p; 3268 3269 p = (struct bootp_pkt *)udp; 3270 *len = ntohs(p->ip.ip_len) - sizeof(p->ip) - sizeof(p->udp); 3271 return (char *)udp + offsetof(struct bootp_pkt, bootp); 3272 } 3273 3274 static int 3275 valid_udp_packet(void *data, size_t data_len, struct in_addr *from, 3276 int noudpcsum) 3277 { 3278 struct bootp_pkt *p; 3279 uint16_t bytes; 3280 3281 if (data_len < sizeof(p->ip)) { 3282 if (from) 3283 from->s_addr = INADDR_ANY; 3284 errno = ERANGE; 3285 return -1; 3286 } 3287 p = (struct bootp_pkt *)data; 3288 if (from) 3289 from->s_addr = p->ip.ip_src.s_addr; 3290 if (checksum(&p->ip, sizeof(p->ip)) != 0) { 3291 errno = EINVAL; 3292 return -1; 3293 } 3294 3295 bytes = ntohs(p->ip.ip_len); 3296 /* Check we have a payload */ 3297 if (bytes <= sizeof(p->ip) + sizeof(p->udp)) { 3298 errno = ERANGE; 3299 return -1; 3300 } 3301 /* Check we don't go beyond the payload */ 3302 if (bytes > data_len) { 3303 errno = ENOBUFS; 3304 return -1; 3305 } 3306 3307 if (noudpcsum == 0) { 3308 uint16_t udpsum, iplen; 3309 3310 /* This does scribble on the packet, but at this point 3311 * we don't care to keep it. */ 3312 iplen = p->ip.ip_len; 3313 udpsum = p->udp.uh_sum; 3314 p->udp.uh_sum = 0; 3315 p->ip.ip_hl = 0; 3316 p->ip.ip_v = 0; 3317 p->ip.ip_tos = 0; 3318 p->ip.ip_len = p->udp.uh_ulen; 3319 p->ip.ip_id = 0; 3320 p->ip.ip_off = 0; 3321 p->ip.ip_ttl = 0; 3322 p->ip.ip_sum = 0; 3323 if (udpsum && checksum(p, bytes) != udpsum) { 3324 errno = EINVAL; 3325 return -1; 3326 } 3327 p->ip.ip_len = iplen; 3328 } 3329 3330 return 0; 3331 } 3332 3333 static void 3334 dhcp_handlepacket(struct interface *ifp, uint8_t *data, size_t len) 3335 { 3336 struct bootp *bootp; 3337 struct in_addr from; 3338 size_t udp_len; 3339 const struct dhcp_state *state = D_CSTATE(ifp); 3340 3341 if (valid_udp_packet(data, len, &from, 3342 state->bpf_flags & RAW_PARTIALCSUM) == -1) 3343 { 3344 if (errno == EINVAL) 3345 logerrx("%s: checksum failure from %s", 3346 ifp->name, inet_ntoa(from)); 3347 else 3348 logerr("%s: invalid UDP packet from %s", 3349 ifp->name, inet_ntoa(from)); 3350 return; 3351 } 3352 if (ifp->flags & IFF_POINTOPOINT && 3353 (state->addr == NULL || state->addr->brd.s_addr != from.s_addr)) 3354 { 3355 logwarnx("%s: server %s is not destination", 3356 ifp->name, inet_ntoa(from)); 3357 } 3358 3359 /* 3360 * DHCP has a variable option area rather than a fixed vendor area. 3361 * Because DHCP uses the BOOTP protocol it should still send BOOTP 3362 * sized packets to be RFC compliant. 3363 * However some servers send a truncated vendor area. 3364 * dhcpcd can work fine without the vendor area being sent. 3365 */ 3366 bootp = get_udp_data(data, &udp_len); 3367 /* udp_len must be correct because the values are checked in 3368 * valid_udp_packet(). */ 3369 if (udp_len < offsetof(struct bootp, vend)) { 3370 logerrx("%s: truncated packet (%zu) from %s", 3371 ifp->name, udp_len, inet_ntoa(from)); 3372 return; 3373 } 3374 /* To make our IS_DHCP macro easy, ensure the vendor 3375 * area has at least 4 octets. */ 3376 len = udp_len - offsetof(struct bootp, vend); 3377 while (len < 4) { 3378 bootp->vend[len++] = '\0'; 3379 udp_len++; 3380 } 3381 3382 dhcp_handledhcp(ifp, bootp, udp_len, &from); 3383 } 3384 3385 static void 3386 dhcp_readpacket(void *arg) 3387 { 3388 struct interface *ifp = arg; 3389 uint8_t buf[MTU_MAX]; 3390 ssize_t bytes; 3391 struct dhcp_state *state = D_STATE(ifp); 3392 3393 /* Some RAW mechanisms are generic file descriptors, not sockets. 3394 * This means we have no kernel call to just get one packet, 3395 * so we have to process the entire buffer. */ 3396 state->bpf_flags &= ~BPF_EOF; 3397 state->bpf_flags |= BPF_READING; 3398 while (!(state->bpf_flags & BPF_EOF)) { 3399 bytes = bpf_read(ifp, state->bpf_fd, buf, sizeof(buf), 3400 &state->bpf_flags); 3401 if (bytes == -1) { 3402 if (state->state != DHS_NONE) { 3403 logerr("%s: %s", __func__, ifp->name); 3404 dhcp_close(ifp); 3405 } 3406 break; 3407 } 3408 dhcp_handlepacket(ifp, buf, (size_t)bytes); 3409 /* Check we still have a state after processing. */ 3410 if ((state = D_STATE(ifp)) == NULL) 3411 break; 3412 } 3413 if (state != NULL) 3414 state->bpf_flags &= ~BPF_READING; 3415 } 3416 3417 static void 3418 dhcp_handleudp(void *arg) 3419 { 3420 struct dhcpcd_ctx *ctx; 3421 uint8_t buffer[MTU_MAX]; 3422 3423 ctx = arg; 3424 3425 /* Just read what's in the UDP fd and discard it as we always read 3426 * from the raw fd */ 3427 if (read(ctx->udp_fd, buffer, sizeof(buffer)) == -1) { 3428 logerr(__func__); 3429 eloop_event_delete(ctx->eloop, ctx->udp_fd); 3430 close(ctx->udp_fd); 3431 ctx->udp_fd = -1; 3432 } 3433 } 3434 3435 static int 3436 dhcp_openbpf(struct interface *ifp) 3437 { 3438 struct dhcp_state *state; 3439 3440 state = D_STATE(ifp); 3441 if (state->bpf_fd != -1) 3442 return 0; 3443 3444 state->bpf_fd = bpf_open(ifp, bpf_bootp); 3445 if (state->bpf_fd == -1) { 3446 if (errno == ENOENT) { 3447 logerrx("%s not found", bpf_name); 3448 /* May as well disable IPv4 entirely at 3449 * this point as we really need it. */ 3450 ifp->options->options &= ~DHCPCD_IPV4; 3451 } else 3452 logerr("%s: %s", __func__, ifp->name); 3453 return -1; 3454 } 3455 3456 eloop_event_add(ifp->ctx->eloop, 3457 state->bpf_fd, dhcp_readpacket, ifp); 3458 return 0; 3459 } 3460 3461 int 3462 dhcp_dump(struct interface *ifp) 3463 { 3464 struct dhcp_state *state; 3465 3466 ifp->if_data[IF_DATA_DHCP] = state = calloc(1, sizeof(*state)); 3467 if (state == NULL) 3468 goto eexit; 3469 state->bpf_fd = -1; 3470 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3471 AF_INET, ifp); 3472 state->new_len = read_lease(ifp, &state->new); 3473 if (state->new == NULL) { 3474 logerr("%s: %s", 3475 *ifp->name ? ifp->name : state->leasefile, __func__); 3476 return -1; 3477 } 3478 state->reason = "DUMP"; 3479 return script_runreason(ifp, state->reason); 3480 3481 eexit: 3482 logerr(__func__); 3483 return -1; 3484 } 3485 3486 void 3487 dhcp_free(struct interface *ifp) 3488 { 3489 struct dhcp_state *state = D_STATE(ifp); 3490 struct dhcpcd_ctx *ctx; 3491 3492 dhcp_close(ifp); 3493 #ifdef ARP 3494 arp_drop(ifp); 3495 #endif 3496 if (state) { 3497 state->state = DHS_NONE; 3498 free(state->old); 3499 free(state->new); 3500 free(state->offer); 3501 free(state->clientid); 3502 free(state); 3503 } 3504 3505 ctx = ifp->ctx; 3506 /* If we don't have any more DHCP enabled interfaces, 3507 * close the global socket and release resources */ 3508 if (ctx->ifaces) { 3509 TAILQ_FOREACH(ifp, ctx->ifaces, next) { 3510 state = D_STATE(ifp); 3511 if (state != NULL && state->state != DHS_NONE) 3512 break; 3513 } 3514 } 3515 if (ifp == NULL) { 3516 if (ctx->udp_fd != -1) { 3517 eloop_event_delete(ctx->eloop, ctx->udp_fd); 3518 close(ctx->udp_fd); 3519 ctx->udp_fd = -1; 3520 } 3521 3522 free(ctx->opt_buffer); 3523 ctx->opt_buffer = NULL; 3524 } 3525 } 3526 3527 static int 3528 dhcp_initstate(struct interface *ifp) 3529 { 3530 struct dhcp_state *state; 3531 3532 state = D_STATE(ifp); 3533 if (state != NULL) 3534 return 0; 3535 3536 ifp->if_data[IF_DATA_DHCP] = calloc(1, sizeof(*state)); 3537 state = D_STATE(ifp); 3538 if (state == NULL) 3539 return -1; 3540 3541 state->state = DHS_NONE; 3542 /* 0 is a valid fd, so init to -1 */ 3543 state->bpf_fd = -1; 3544 #ifdef ARPING 3545 state->arping_index = -1; 3546 #endif 3547 return 1; 3548 } 3549 3550 static int 3551 dhcp_init(struct interface *ifp) 3552 { 3553 struct dhcp_state *state; 3554 const struct if_options *ifo; 3555 uint8_t len; 3556 char buf[(sizeof(ifo->clientid) - 1) * 3]; 3557 int r; 3558 3559 r = dhcp_initstate(ifp); 3560 if (r == -1) 3561 return -1; 3562 else if (r == 1) { 3563 /* Now is a good time to find IPv4 routes */ 3564 if_initrt(ifp->ctx, AF_INET); 3565 } 3566 3567 state = D_STATE(ifp); 3568 state->state = DHS_INIT; 3569 state->reason = "PREINIT"; 3570 state->nakoff = 0; 3571 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile), 3572 AF_INET, ifp); 3573 3574 ifo = ifp->options; 3575 /* We need to drop the leasefile so that dhcp_start 3576 * doesn't load it. */ 3577 if (ifo->options & DHCPCD_REQUEST) 3578 unlink(state->leasefile); 3579 3580 free(state->clientid); 3581 state->clientid = NULL; 3582 3583 if (*ifo->clientid) { 3584 state->clientid = malloc((size_t)(ifo->clientid[0] + 1)); 3585 if (state->clientid == NULL) 3586 goto eexit; 3587 memcpy(state->clientid, ifo->clientid, 3588 (size_t)(ifo->clientid[0]) + 1); 3589 } else if (ifo->options & DHCPCD_CLIENTID) { 3590 if (ifo->options & DHCPCD_DUID) { 3591 state->clientid = malloc(ifp->ctx->duid_len + 6); 3592 if (state->clientid == NULL) 3593 goto eexit; 3594 state->clientid[0] =(uint8_t)(ifp->ctx->duid_len + 5); 3595 state->clientid[1] = 255; /* RFC 4361 */ 3596 memcpy(state->clientid + 2, ifo->iaid, 4); 3597 memcpy(state->clientid + 6, ifp->ctx->duid, 3598 ifp->ctx->duid_len); 3599 } else { 3600 len = (uint8_t)(ifp->hwlen + 1); 3601 state->clientid = malloc((size_t)len + 1); 3602 if (state->clientid == NULL) 3603 goto eexit; 3604 state->clientid[0] = len; 3605 state->clientid[1] = (uint8_t)ifp->family; 3606 memcpy(state->clientid + 2, ifp->hwaddr, 3607 ifp->hwlen); 3608 } 3609 } 3610 3611 if (ifo->options & DHCPCD_DUID) 3612 /* Don't bother logging as DUID and IAID are reported 3613 * at device start. */ 3614 return 0; 3615 3616 if (ifo->options & DHCPCD_CLIENTID) 3617 logdebugx("%s: using ClientID %s", ifp->name, 3618 hwaddr_ntoa(state->clientid + 1, state->clientid[0], 3619 buf, sizeof(buf))); 3620 else if (ifp->hwlen) 3621 logdebugx("%s: using hwaddr %s", ifp->name, 3622 hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf))); 3623 return 0; 3624 3625 eexit: 3626 logerr(__func__); 3627 return -1; 3628 } 3629 3630 static void 3631 dhcp_start1(void *arg) 3632 { 3633 struct interface *ifp = arg; 3634 struct if_options *ifo = ifp->options; 3635 struct dhcp_state *state; 3636 struct stat st; 3637 uint32_t l; 3638 int nolease; 3639 3640 if (!(ifo->options & DHCPCD_IPV4)) 3641 return; 3642 3643 /* Listen on *.*.*.*:bootpc so that the kernel never sends an 3644 * ICMP port unreachable message back to the DHCP server */ 3645 if (ifp->ctx->udp_fd == -1) { 3646 ifp->ctx->udp_fd = dhcp_openudp(NULL); 3647 if (ifp->ctx->udp_fd == -1) { 3648 /* Don't log an error if some other process 3649 * is handling this. */ 3650 if (errno != EADDRINUSE) 3651 logerr("%s: dhcp_openudp", __func__); 3652 } else 3653 eloop_event_add(ifp->ctx->eloop, 3654 ifp->ctx->udp_fd, dhcp_handleudp, ifp->ctx); 3655 } 3656 3657 if (dhcp_init(ifp) == -1) { 3658 logerr("%s: dhcp_init", ifp->name); 3659 return; 3660 } 3661 3662 state = D_STATE(ifp); 3663 clock_gettime(CLOCK_MONOTONIC, &state->started); 3664 state->interval = 0; 3665 free(state->offer); 3666 state->offer = NULL; 3667 state->offer_len = 0; 3668 3669 #ifdef ARPING 3670 if (ifo->arping_len && state->arping_index < ifo->arping_len) { 3671 struct arp_state *astate; 3672 3673 astate = arp_new(ifp, NULL); 3674 if (astate) { 3675 astate->probed_cb = dhcp_arp_probed; 3676 astate->conflicted_cb = dhcp_arp_conflicted; 3677 dhcp_arp_probed(astate); 3678 } 3679 return; 3680 } 3681 #endif 3682 3683 if (ifo->options & DHCPCD_STATIC) { 3684 dhcp_static(ifp); 3685 return; 3686 } 3687 3688 if (ifo->options & DHCPCD_DHCP && dhcp_openbpf(ifp) == -1) 3689 return; 3690 3691 if (ifo->options & DHCPCD_INFORM) { 3692 dhcp_inform(ifp); 3693 return; 3694 } 3695 if (ifp->hwlen == 0 && ifo->clientid[0] == '\0') { 3696 logwarnx("%s: needs a clientid to configure", ifp->name); 3697 dhcp_drop(ifp, "FAIL"); 3698 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp); 3699 return; 3700 } 3701 /* We don't want to read the old lease if we NAK an old test */ 3702 nolease = state->offer && ifp->ctx->options & DHCPCD_TEST; 3703 if (!nolease && ifo->options & DHCPCD_DHCP) { 3704 state->offer_len = read_lease(ifp, &state->offer); 3705 /* Check the saved lease matches the type we want */ 3706 if (state->offer) { 3707 #ifdef IN_IFF_DUPLICATED 3708 struct in_addr addr; 3709 struct ipv4_addr *ia; 3710 3711 addr.s_addr = state->offer->yiaddr; 3712 ia = ipv4_iffindaddr(ifp, &addr, NULL); 3713 #endif 3714 3715 if ((!IS_DHCP(state->offer) && 3716 !(ifo->options & DHCPCD_BOOTP)) || 3717 #ifdef IN_IFF_DUPLICATED 3718 (ia && ia->addr_flags & IN_IFF_DUPLICATED) || 3719 #endif 3720 (IS_DHCP(state->offer) && 3721 ifo->options & DHCPCD_BOOTP)) 3722 { 3723 free(state->offer); 3724 state->offer = NULL; 3725 state->offer_len = 0; 3726 } 3727 } 3728 } 3729 if (state->offer) { 3730 struct ipv4_addr *ia; 3731 3732 get_lease(ifp, &state->lease, state->offer, state->offer_len); 3733 state->lease.frominfo = 1; 3734 if (state->new == NULL && 3735 (ia = ipv4_iffindaddr(ifp, 3736 &state->lease.addr, &state->lease.mask)) != NULL) 3737 { 3738 /* We still have the IP address from the last lease. 3739 * Fake add the address and routes from it so the lease 3740 * can be cleaned up. */ 3741 state->new = malloc(state->offer_len); 3742 if (state->new) { 3743 memcpy(state->new, 3744 state->offer, state->offer_len); 3745 state->new_len = state->offer_len; 3746 state->addr = ia; 3747 state->added |= STATE_ADDED | STATE_FAKE; 3748 rt_build(ifp->ctx, AF_INET); 3749 } else 3750 logerr(__func__); 3751 } 3752 if (!IS_DHCP(state->offer)) { 3753 free(state->offer); 3754 state->offer = NULL; 3755 state->offer_len = 0; 3756 } else if (!(ifo->options & DHCPCD_LASTLEASE_EXTEND) && 3757 state->lease.leasetime != ~0U && 3758 stat(state->leasefile, &st) == 0) 3759 { 3760 time_t now; 3761 3762 /* Offset lease times and check expiry */ 3763 now = time(NULL); 3764 if (now == -1 || 3765 (time_t)state->lease.leasetime < now - st.st_mtime) 3766 { 3767 logdebugx("%s: discarding expired lease", 3768 ifp->name); 3769 free(state->offer); 3770 state->offer = NULL; 3771 state->offer_len = 0; 3772 state->lease.addr.s_addr = 0; 3773 /* Technically we should discard the lease 3774 * as it's expired, just as DHCPv6 addresses 3775 * would be by the kernel. 3776 * However, this may violate POLA so 3777 * we currently leave it be. 3778 * If we get a totally different lease from 3779 * the DHCP server we'll drop it anyway, as 3780 * we will on any other event which would 3781 * trigger a lease drop. 3782 * This should only happen if dhcpcd stops 3783 * running and the lease expires before 3784 * dhcpcd starts again. */ 3785 #if 0 3786 if (state->new) 3787 dhcp_drop(ifp, "EXPIRE"); 3788 #endif 3789 } else { 3790 l = (uint32_t)(now - st.st_mtime); 3791 state->lease.leasetime -= l; 3792 state->lease.renewaltime -= l; 3793 state->lease.rebindtime -= l; 3794 } 3795 } 3796 } 3797 3798 #ifdef IPV4LL 3799 if (!(ifo->options & DHCPCD_DHCP)) { 3800 if (ifo->options & DHCPCD_IPV4LL) 3801 ipv4ll_start(ifp); 3802 return; 3803 } 3804 #endif 3805 3806 if (state->offer == NULL || !IS_DHCP(state->offer)) 3807 dhcp_discover(ifp); 3808 else 3809 dhcp_reboot(ifp); 3810 } 3811 3812 void 3813 dhcp_start(struct interface *ifp) 3814 { 3815 struct timespec tv; 3816 #ifdef ARPING 3817 const struct dhcp_state *state; 3818 #endif 3819 3820 if (!(ifp->options->options & DHCPCD_IPV4)) 3821 return; 3822 3823 /* If we haven't been given a netmask for our requested address, 3824 * set it now. */ 3825 if (ifp->options->req_addr.s_addr != INADDR_ANY && 3826 ifp->options->req_mask.s_addr == INADDR_ANY) 3827 ifp->options->req_mask.s_addr = 3828 ipv4_getnetmask(ifp->options->req_addr.s_addr); 3829 3830 /* If we haven't specified a ClientID and our hardware address 3831 * length is greater than BOOTP CHADDR then we enforce a ClientID 3832 * of the hardware address family and the hardware address. 3833 * If there is no hardware address and no ClientID set, 3834 * force a DUID based ClientID. */ 3835 if (ifp->hwlen > 16) 3836 ifp->options->options |= DHCPCD_CLIENTID; 3837 else if (ifp->hwlen == 0 && !(ifp->options->options & DHCPCD_CLIENTID)) 3838 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_DUID; 3839 3840 /* Firewire and InfiniBand interfaces require ClientID and 3841 * the broadcast option being set. */ 3842 switch (ifp->family) { 3843 case ARPHRD_IEEE1394: /* FALLTHROUGH */ 3844 case ARPHRD_INFINIBAND: 3845 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_BROADCAST; 3846 break; 3847 } 3848 3849 /* If we violate RFC2131 section 3.7 then require ARP 3850 * to detect if any other client wants our address. */ 3851 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) 3852 ifp->options->options |= DHCPCD_ARP; 3853 3854 /* No point in delaying a static configuration */ 3855 if (ifp->options->options & DHCPCD_STATIC || 3856 !(ifp->options->options & DHCPCD_INITIAL_DELAY)) 3857 { 3858 dhcp_start1(ifp); 3859 return; 3860 } 3861 3862 #ifdef ARPING 3863 /* If we have arpinged then we have already delayed. */ 3864 state = D_CSTATE(ifp); 3865 if (state != NULL && state->arping_index != -1) { 3866 dhcp_start1(ifp); 3867 return; 3868 } 3869 #endif 3870 3871 tv.tv_sec = DHCP_MIN_DELAY; 3872 tv.tv_nsec = (suseconds_t)arc4random_uniform( 3873 (DHCP_MAX_DELAY - DHCP_MIN_DELAY) * NSEC_PER_SEC); 3874 timespecnorm(&tv); 3875 logdebugx("%s: delaying IPv4 for %0.1f seconds", 3876 ifp->name, timespec_to_double(&tv)); 3877 3878 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, dhcp_start1, ifp); 3879 } 3880 3881 void 3882 dhcp_abort(struct interface *ifp) 3883 { 3884 struct dhcp_state *state; 3885 3886 state = D_STATE(ifp); 3887 #ifdef ARPING 3888 if (state != NULL) 3889 state->arping_index = -1; 3890 #endif 3891 3892 eloop_timeout_delete(ifp->ctx->eloop, dhcp_start1, ifp); 3893 3894 if (state != NULL && state->added) { 3895 rt_build(ifp->ctx, AF_INET); 3896 #ifdef ARP 3897 arp_announceaddr(ifp->ctx, &state->addr->addr); 3898 #endif 3899 } 3900 } 3901 3902 void 3903 dhcp_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid) 3904 { 3905 struct interface *ifp; 3906 struct dhcp_state *state; 3907 struct if_options *ifo; 3908 uint8_t i; 3909 3910 ifp = ia->iface; 3911 state = D_STATE(ifp); 3912 if (state == NULL || state->state == DHS_NONE) 3913 return; 3914 3915 if (cmd == RTM_DELADDR) { 3916 if (state->addr == ia) { 3917 loginfox("%s: pid %d deleted IP address %s", 3918 ifp->name, pid, ia->saddr); 3919 state->addr = NULL; 3920 /* Don't clear the added state as we need 3921 * to drop the lease. */ 3922 dhcp_drop(ifp, "EXPIRE"); 3923 dhcp_start1(ifp); 3924 } 3925 return; 3926 } 3927 3928 if (cmd != RTM_NEWADDR) 3929 return; 3930 3931 #ifdef IN_IFF_NOTUSEABLE 3932 if (ia->addr_flags & IN_IFF_NOTUSEABLE) 3933 return; 3934 #endif 3935 3936 ifo = ifp->options; 3937 if (ifo->options & DHCPCD_INFORM) { 3938 if (state->state != DHS_INFORM) 3939 dhcp_inform(ifp); 3940 return; 3941 } 3942 3943 if (!(ifo->options & DHCPCD_STATIC)) 3944 return; 3945 if (ifo->req_addr.s_addr != INADDR_ANY) 3946 return; 3947 3948 free(state->old); 3949 state->old = state->new; 3950 state->new_len = dhcp_message_new(&state->new, &ia->addr, &ia->mask); 3951 if (state->new == NULL) 3952 return; 3953 if (ifp->flags & IFF_POINTOPOINT) { 3954 for (i = 1; i < 255; i++) 3955 if (i != DHO_ROUTER && has_option_mask(ifo->dstmask,i)) 3956 dhcp_message_add_addr(state->new, i, ia->brd); 3957 } 3958 state->reason = "STATIC"; 3959 rt_build(ifp->ctx, AF_INET); 3960 script_runreason(ifp, state->reason); 3961 if (ifo->options & DHCPCD_INFORM) { 3962 state->state = DHS_INFORM; 3963 dhcp_new_xid(ifp); 3964 state->lease.server.s_addr = INADDR_ANY; 3965 state->addr = ia; 3966 dhcp_inform(ifp); 3967 } 3968 } 3969