packets.c 9.77 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
/*
 *	BIRD -- RAdv Packet Processing
 *
 *
 *	Can be freely distributed and used under the terms of the GNU GPL.
 */


#include <stdlib.h>
#include "radv.h"

struct radv_ra_packet
{
  u8 type;
  u8 code;
  u16 checksum;
  u8 current_hop_limit;
  u8 flags;
  u16 router_lifetime;
  u32 reachable_time;
  u32 retrans_timer;
};

#define OPT_RA_MANAGED 0x80
#define OPT_RA_OTHER_CFG 0x40

27 28 29 30
#define OPT_PREFIX	3
#define OPT_MTU		5
#define OPT_RDNSS	25
#define OPT_DNSSL	31
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54

struct radv_opt_prefix
{
  u8 type;
  u8 length;
  u8 pxlen;
  u8 flags;
  u32 valid_lifetime;
  u32 preferred_lifetime;
  u32 reserved;
  ip_addr prefix;
};

#define OPT_PX_ONLINK 0x80
#define OPT_PX_AUTONOMOUS 0x40

struct radv_opt_mtu
{
  u8 type;
  u8 length;
  u16 reserved;
  u32 mtu;
};

55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73
struct radv_opt_rdnss
{
  u8 type;
  u8 length;
  u16 reserved;
  u32 lifetime;
  ip_addr servers[];
};

struct radv_opt_dnssl
{
  u8 type;
  u8 length;
  u16 reserved;
  u32 lifetime;
  char domain[];
};


74 75 76 77 78 79 80
static struct radv_prefix_config default_prefix = {
  .onlink = 1,
  .autonomous = 1,
  .valid_lifetime = DEFAULT_VALID_LIFETIME,
  .preferred_lifetime = DEFAULT_PREFERRED_LIFETIME
};

81

82 83 84
static struct radv_prefix_config *
radv_prefix_match(struct radv_iface *ifa, struct ifa *a)
{
85 86
  struct radv_proto *p = ifa->ra;
  struct radv_config *cf = (struct radv_config *) (p->p.cf);
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102
  struct radv_prefix_config *pc;

  if (a->scope <= SCOPE_LINK)
    return NULL;

  WALK_LIST(pc, ifa->cf->pref_list)
    if ((a->pxlen >= pc->pxlen) && ipa_in_net(a->prefix, pc->prefix, pc->pxlen))
      return pc;

  WALK_LIST(pc, cf->pref_list)
    if ((a->pxlen >= pc->pxlen) && ipa_in_net(a->prefix, pc->prefix, pc->pxlen))
      return pc;

  return &default_prefix;
}

103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
static int
radv_prepare_rdnss(struct radv_iface *ifa, list *rdnss_list, char **buf, char *bufend)
{
  struct radv_rdnss_config *rcf = HEAD(*rdnss_list);

  while(NODE_VALID(rcf))
  {
    struct radv_rdnss_config *rcf_base = rcf;
    struct radv_opt_rdnss *op = (void *) *buf;
    int max_i = (bufend - *buf - sizeof(struct radv_opt_rdnss)) / sizeof(ip_addr);
    int i = 0;

    if (max_i < 1)
      goto too_much;

    op->type = OPT_RDNSS;
    op->reserved = 0;

    if (rcf->lifetime_mult)
      op->lifetime = htonl(rcf->lifetime_mult * ifa->cf->max_ra_int);
    else
      op->lifetime = htonl(rcf->lifetime);

126
    while(NODE_VALID(rcf) &&
127 128 129 130 131 132 133 134 135 136 137 138
	  (rcf->lifetime == rcf_base->lifetime) &&
	  (rcf->lifetime_mult == rcf_base->lifetime_mult))
      {
	if (i >= max_i)
	  goto too_much;

	op->servers[i] = rcf->server;
	ipa_hton(op->servers[i]);
	i++;

	rcf = NODE_NEXT(rcf);
      }
139

140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159
    op->length = 1+2*i;
    *buf += 8 * op->length;
  }

  return 0;

 too_much:
  log(L_WARN "%s: Too many RA options on interface %s",
      ifa->ra->p.name, ifa->iface->name);
  return -1;
}

int
radv_process_domain(struct radv_dnssl_config *cf)
{
  /* Format of domain in search list is <size> <label> <size> <label> ... 0 */

  char *dom = cf->domain;
  char *dom_end = dom; /* Just to  */
  u8 *dlen_save = &cf->dlen_first;
160
  uint len;
161 162 163 164

  while (dom_end)
  {
    dom_end = strchr(dom, '.');
165
    len = dom_end ? (uint)(dom_end - dom) : strlen(dom);
166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209

    if (len < 1 || len > 63)
      return -1;

    *dlen_save = len;
    dlen_save = (u8 *) dom_end;

    dom += len + 1;
  }

  len = dom - cf->domain;
  if (len > 254)
    return -1;

  cf->dlen_all = len;

  return 0;
}

static int
radv_prepare_dnssl(struct radv_iface *ifa, list *dnssl_list, char **buf, char *bufend)
{
  struct radv_dnssl_config *dcf = HEAD(*dnssl_list);

  while(NODE_VALID(dcf))
  {
    struct radv_dnssl_config *dcf_base = dcf;
    struct radv_opt_dnssl *op = (void *) *buf;
    int bsize = bufend - *buf - sizeof(struct radv_opt_dnssl);
    int bpos = 0;

    if (bsize < 0)
      goto too_much;

    bsize = bsize & ~7; /* Round down to multiples of 8 */

    op->type = OPT_DNSSL;
    op->reserved = 0;

    if (dcf->lifetime_mult)
      op->lifetime = htonl(dcf->lifetime_mult * ifa->cf->max_ra_int);
    else
      op->lifetime = htonl(dcf->lifetime);

210
    while(NODE_VALID(dcf) &&
211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
	  (dcf->lifetime == dcf_base->lifetime) &&
	  (dcf->lifetime_mult == dcf_base->lifetime_mult))
      {
	if (bpos + dcf->dlen_all + 1 > bsize)
	  goto too_much;

	op->domain[bpos++] = dcf->dlen_first;
	memcpy(op->domain + bpos, dcf->domain, dcf->dlen_all);
	bpos += dcf->dlen_all;

	dcf = NODE_NEXT(dcf);
      }

    int blen = (bpos + 7) / 8;
    bzero(op->domain + bpos, 8 * blen - bpos);
    op->length = 1 + blen;
    *buf += 8 * op->length;
  }

  return 0;

 too_much:
  log(L_WARN "%s: Too many RA options on interface %s",
      ifa->ra->p.name, ifa->iface->name);
  return -1;
}

238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267
static int
radv_prepare_prefix(struct radv_iface *ifa, struct radv_prefix_config *pc,
  struct ifa *addr, char **buf, char *bufend)
{
  struct radv_opt_prefix *op = (void *) *buf;

  if (*buf + sizeof(*op) > bufend)
  {
    log(L_WARN "%s: Too many prefixes on interface %s", ifa->ra->p.name,
      ifa->iface->name);
    return -1;
  }

  op->type = OPT_PREFIX;
  op->length = 4;
  op->pxlen = addr->pxlen;
  op->flags = (pc->onlink ? OPT_PX_ONLINK : 0) |
    (pc->autonomous ? OPT_PX_AUTONOMOUS : 0);
  op->valid_lifetime = (ifa->ra->active || !pc->valid_lifetime_sensitive) ?
    htonl(pc->valid_lifetime) : 0;
  op->preferred_lifetime = (ifa->ra->active || !pc->preferred_lifetime_sensitive) ?
    htonl(pc->preferred_lifetime) : 0;
  op->reserved = 0;
  op->prefix = addr->prefix;
  ipa_hton(op->prefix);
  *buf += sizeof(*op);

  return 0;
}

268 269 270
static void
radv_prepare_ra(struct radv_iface *ifa)
{
271 272
  struct radv_proto *p = ifa->ra;
  struct radv_config *cf = (struct radv_config *) (p->p.cf);
273
  struct radv_iface_config *ic = ifa->cf;
274 275 276 277 278 279 280 281 282

  char *buf = ifa->sk->tbuf;
  char *bufstart = buf;
  char *bufend = buf + ifa->sk->tbsize;

  struct radv_ra_packet *pkt = (void *) buf;
  pkt->type = ICMPV6_RA;
  pkt->code = 0;
  pkt->checksum = 0;
283
  pkt->current_hop_limit = ic->current_hop_limit;
284
  pkt->router_lifetime = (p->active || !ic->default_lifetime_sensitive) ?
285
    htons(ic->default_lifetime) : 0;
286 287 288
  pkt->flags = (ic->managed ? OPT_RA_MANAGED : 0) |
    (ic->other_config ? OPT_RA_OTHER_CFG : 0) |
    (pkt->router_lifetime ? ic->default_preference : 0);
289 290
  pkt->reachable_time = htonl(ic->reachable_time);
  pkt->retrans_timer = htonl(ic->retrans_timer);
291 292
  buf += sizeof(*pkt);

293
  if (ic->link_mtu)
294 295 296 297 298
  {
    struct radv_opt_mtu *om = (void *) buf;
    om->type = OPT_MTU;
    om->length = 1;
    om->reserved = 0;
299
    om->mtu = htonl(ic->link_mtu);
300 301 302 303 304 305 306 307 308 309 310 311
    buf += sizeof (*om);
  }

  struct ifa *addr;
  WALK_LIST(addr, ifa->iface->addrs)
  {
    struct radv_prefix_config *pc;
    pc = radv_prefix_match(ifa, addr);

    if (!pc || pc->skip)
      continue;

312
    if (radv_prepare_prefix(ifa, pc, addr, &buf, bufend) < 0)
313
      goto done;
314
  }
315

316
  if (! ic->rdnss_local)
317 318 319
    if (radv_prepare_rdnss(ifa, &cf->rdnss_list, &buf, bufend) < 0)
      goto done;

320
  if (radv_prepare_rdnss(ifa, &ic->rdnss_list, &buf, bufend) < 0)
321 322
    goto done;

323
  if (! ic->dnssl_local)
324 325 326
    if (radv_prepare_dnssl(ifa, &cf->dnssl_list, &buf, bufend) < 0)
      goto done;

327
  if (radv_prepare_dnssl(ifa, &ic->dnssl_list, &buf, bufend) < 0)
328 329 330
    goto done;

 done:
331 332 333 334 335 336 337
  ifa->plen = buf - bufstart;
}


void
radv_send_ra(struct radv_iface *ifa, int shutdown)
{
338
  struct radv_proto *p = ifa->ra;
339 340 341 342 343 344 345

  /* We store prepared RA in tbuf */
  if (!ifa->plen)
    radv_prepare_ra(ifa);

  if (shutdown)
  {
346 347 348 349 350 351
    /*
     * Modify router lifetime to 0, it is not restored because we suppose that
     * the iface will be removed. The preference value also has to be zeroed.
     * (RFC 4191 2.2: If router lifetime is 0, the preference value must be 0.)
     */

352 353
    struct radv_ra_packet *pkt = (void *) ifa->sk->tbuf;
    pkt->router_lifetime = 0;
354
    pkt->flags &= ~RA_PREF_MASK;
355 356 357
  }

  RADV_TRACE(D_PACKETS, "Sending RA via %s", ifa->iface->name);
358
  sk_send_to(ifa->sk, ifa->plen, IP6_ALL_NODES, 0);
359 360 361 362
}


static int
363
radv_rx_hook(sock *sk, uint size)
364 365
{
  struct radv_iface *ifa = sk->data;
366
  struct radv_proto *p = ifa->ra;
367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415

  /* We want just packets from sk->iface */
  if (sk->lifindex != sk->iface->index)
    return 1;

  if (ipa_equal(sk->faddr, ifa->addr->ip))
    return 1;

  if (size < 8)
    return 1;

  byte *buf = sk->rbuf;

  if (buf[1] != 0)
    return 1;

  /* Validation is a bit sloppy - Hop Limit is not checked and
     length of options is ignored for RS and left to later for RA */

  switch (buf[0])
  {
  case ICMPV6_RS:
    RADV_TRACE(D_PACKETS, "Received RS from %I via %s",
	       sk->faddr, ifa->iface->name);
    radv_iface_notify(ifa, RA_EV_RS);
    return 1;

  case ICMPV6_RA:
    RADV_TRACE(D_PACKETS, "Received RA from %I via %s",
	       sk->faddr, ifa->iface->name);
    /* FIXME - there should be some checking of received RAs, but we just ignore them */
    return 1;

  default:
    return 1;
  }
}

static void
radv_tx_hook(sock *sk)
{
  struct radv_iface *ifa = sk->data;
  log(L_WARN "%s: TX hook called", ifa->ra->p.name);
}

static void
radv_err_hook(sock *sk, int err)
{
  struct radv_iface *ifa = sk->data;
416
  log(L_ERR "%s: Socket error on %s: %M", ifa->ra->p.name, ifa->iface->name, err);
417 418 419 420 421 422 423 424
}

int
radv_sk_open(struct radv_iface *ifa)
{
  sock *sk = sk_new(ifa->ra->p.pool);
  sk->type = SK_IP;
  sk->dport = ICMPV6_PROTO;
425
  sk->saddr = ifa->addr->ip;
426 427 428 429 430 431 432 433 434 435 436

  sk->ttl = 255; /* Mandatory for Neighbor Discovery packets */
  sk->rx_hook = radv_rx_hook;
  sk->tx_hook = radv_tx_hook;
  sk->err_hook = radv_err_hook;
  sk->iface = ifa->iface;
  sk->rbsize = 1024; // bufsize(ifa);
  sk->tbsize = 1024; // bufsize(ifa);
  sk->data = ifa;
  sk->flags = SKF_LADDR_RX;

437
  if (sk_open(sk) < 0)
438 439 440
    goto err;

  /* We want listen just to ICMPv6 messages of type RS and RA */
441
  if (sk_set_icmp6_filter(sk, ICMPV6_RS, ICMPV6_RA) < 0)
442 443 444 445 446
    goto err;

  if (sk_setup_multicast(sk) < 0)
    goto err;

447
  if (sk_join_group(sk, IP6_ALL_ROUTERS) < 0)
448 449 450 451 452 453
    goto err;

  ifa->sk = sk;
  return 1;

 err:
454
  sk_log_error(sk, ifa->ra->p.name);
455 456 457 458
  rfree(sk);
  return 0;
}