28
28
#include <sys/param.h>
29
29
#include <sys/types.h>
30
30
#include <sys/socket.h>
32
34
#include <net/route.h>
33
35
#include <netinet/in.h>
36
# include <asm/types.h> /* for systems with broken headers */
37
# include <linux/rtnetlink.h>
38
/* Match Linux defines to BSD */
39
# define IN6_IFF_TENTATIVE (IFA_F_TENTATIVE | IFA_F_OPTIMISTIC)
40
# define IN6_IFF_DUPLICATED IFA_F_DADFAILED
42
#ifdef __FreeBSD__ /* Needed so that including netinet6/in6_var.h works */
44
# include <net/if_var.h>
46
# include <netinet6/in6_var.h>
36
#include <netinet/if_ether.h>
50
39
#include <ifaddrs.h>
51
40
#include <inttypes.h>
52
41
#include <stdlib.h>
53
42
#include <string.h>
55
43
#include <unistd.h>
57
46
#include "common.h"
58
48
#include "dhcpcd.h"
68
#ifndef SHA256_DIGEST_LENGTH
69
# define SHA256_DIGEST_LENGTH 32
72
#ifdef IPV6_POLLADDRFLAG
73
# warning kernel does not report IPv6 address flag changes
74
# warning polling tentative address flags periodically
78
/* Match Linux defines to BSD */
79
# define IN6_IFF_TEMPORARY IFA_F_TEMPORARY
80
# ifdef IFA_F_OPTIMISTIC
81
# define IN6_IFF_TENTATIVE (IFA_F_TENTATIVE | IFA_F_OPTIMISTIC)
83
# define IN6_IFF_TENTATIVE (IFA_F_TENTATIVE | 0x04)
85
# ifdef IF_F_DADFAILED
86
# define IN6_IFF_DUPLICATED IFA_F_DADFAILED
88
# define IN6_IFF_DUPLICATED 0x08
90
# define IN6_IFF_DETACHED 0
93
#define IN6_IFF_NOTUSEABLE \
94
(IN6_IFF_TENTATIVE | IN6_IFF_DUPLICATED | IN6_IFF_DETACHED)
64
96
/* Hackery at it's finest. */
66
# define s6_addr32 __u6_addr.__u6_addr32
69
#define EUI64_GBIT 0x01
70
#define EUI64_UBIT 0x02
71
#define EUI64_TO_IFID(in6) do {(in6)->s6_addr[8] ^= EUI64_UBIT; } \
72
while (/*CONSTCOND*/ 0)
73
#define EUI64_GROUP(in6) ((in6)->s6_addr[8] & EUI64_GBIT)
75
static struct rt6head *routes;
83
while ((rt = TAILQ_FIRST(routes))) {
84
TAILQ_REMOVE(routes, rt, next);
96
routes = malloc(sizeof(*routes));
101
atexit(ipv6_cleanup);
99
# define s6_addr32 _S6_un._S6_u32
101
# define s6_addr32 __u6_addr.__u6_addr32
106
#ifdef IPV6_MANAGETEMPADDR
107
static void ipv6_regentempifid(void *);
108
static void ipv6_regentempaddr(void *);
110
#define ipv6_regentempifid(a) {}
114
ipv6_init(struct dhcpcd_ctx *dhcpcd_ctx)
116
struct ipv6_ctx *ctx;
118
if (dhcpcd_ctx->ipv6)
119
return dhcpcd_ctx->ipv6;
121
ctx = calloc(1, sizeof(*ctx));
125
ctx->routes = malloc(sizeof(*ctx->routes));
126
if (ctx->routes == NULL) {
130
TAILQ_INIT(ctx->routes);
132
ctx->ra_routers = malloc(sizeof(*ctx->ra_routers));
133
if (ctx->ra_routers == NULL) {
138
TAILQ_INIT(ctx->ra_routers);
140
TAILQ_INIT(&ctx->kroutes);
142
ctx->sndhdr.msg_namelen = sizeof(struct sockaddr_in6);
143
ctx->sndhdr.msg_iov = ctx->sndiov;
144
ctx->sndhdr.msg_iovlen = 1;
145
ctx->sndhdr.msg_control = ctx->sndbuf;
146
ctx->sndhdr.msg_controllen = sizeof(ctx->sndbuf);
147
ctx->rcvhdr.msg_name = &ctx->from;
148
ctx->rcvhdr.msg_namelen = sizeof(ctx->from);
149
ctx->rcvhdr.msg_iov = ctx->rcviov;
150
ctx->rcvhdr.msg_iovlen = 1;
151
ctx->rcvhdr.msg_control = ctx->rcvbuf;
152
// controllen is set at recieve
153
//ctx->rcvhdr.msg_controllen = sizeof(ctx->rcvbuf);
154
ctx->rcviov[0].iov_base = ctx->ansbuf;
155
ctx->rcviov[0].iov_len = sizeof(ctx->ansbuf);
160
dhcpcd_ctx->ipv6 = ctx;
108
ipv6_printaddr(char *s, ssize_t sl, const uint8_t *d, const char *ifname)
166
ipv6_printaddr(char *s, size_t sl, const uint8_t *d, const char *ifname)
110
168
char buf[INET6_ADDRSTRLEN];
114
172
p = inet_ntop(AF_INET6, d, buf, sizeof(buf));
133
191
s += strlcpy(s, ifname, sl);
198
ipv6_readsecret(struct dhcpcd_ctx *ctx)
207
if ((fp = fopen(SECRET, "r"))) {
209
while (fgets(line, sizeof(line), fp)) {
212
if (line[len - 1] == '\n')
213
line[len - 1] = '\0';
215
len = hwaddr_aton(NULL, line);
217
ctx->secret_len = hwaddr_aton(ctx->secret,
229
"error reading secret: %s: %m", SECRET);
232
/* Chaining arc4random should be good enough.
233
* RFC7217 section 5.1 states the key SHOULD be at least 128 bits.
234
* To attempt and future proof ourselves, we'll generate a key of
235
* 512 bits (64 bytes). */
238
for (len = 0; len < 512 / NBBY; len += sizeof(r)) {
240
memcpy(p, &r, sizeof(r));
242
ctx->secret_len += sizeof(r);
246
/* Ensure that only the dhcpcd user can read the secret.
247
* Write permission is also denied as chaning it would remove
249
if ((fp = fopen(SECRET, "w")) == NULL ||
250
chmod(SECRET, S_IRUSR) == -1)
252
x = fprintf(fp, "%s\n",
253
hwaddr_ntoa(ctx->secret, ctx->secret_len, line, sizeof(line)));
256
return (ssize_t)ctx->secret_len;
259
logger(ctx, LOG_ERR, "error writing secret: %s: %m", SECRET);
265
/* http://www.iana.org/assignments/ipv6-interface-ids/ipv6-interface-ids.xhtml
267
static const struct reslowhigh {
268
const uint8_t high[8];
269
const uint8_t low[8];
271
/* RFC4291 + RFC6543 */
272
{ { 0x02, 0x00, 0x5e, 0xff, 0xfe, 0x00, 0x00, 0x00 },
273
{ 0x02, 0x00, 0x5e, 0xff, 0xfe, 0xff, 0xff, 0xff } },
275
{ { 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80 },
276
{ 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff } }
280
ipv6_reserved(const struct in6_addr *addr)
282
uint64_t id, low, high;
284
const struct reslowhigh *r;
286
id = be64dec(addr->s6_addr + sizeof(id));
287
if (id == 0) /* RFC4291 */
289
for (i = 0; i < sizeof(reslowhigh) / sizeof(reslowhigh[0]); i++) {
291
low = be64dec(r->low);
292
high = be64dec(r->high);
293
if (id >= low && id <= high)
301
ipv6_makestableprivate1(struct in6_addr *addr,
302
const struct in6_addr *prefix, int prefix_len,
303
const unsigned char *netiface, size_t netiface_len,
304
const unsigned char *netid, size_t netid_len,
305
uint32_t *dad_counter,
306
const unsigned char *secret, size_t secret_len)
308
unsigned char buf[2048], *p, digest[SHA256_DIGEST_LENGTH];
312
if (prefix_len < 0 || prefix_len > 120) {
317
l = (size_t)(ROUNDUP8(prefix_len) / NBBY);
318
len = l + netiface_len + netid_len + sizeof(*dad_counter) + secret_len;
319
if (len > sizeof(buf)) {
324
for (;; (*dad_counter)++) {
325
/* Combine all parameters into one buffer */
327
memcpy(p, prefix, l);
329
memcpy(p, netiface, netiface_len);
331
memcpy(p, netid, netid_len);
333
memcpy(p, dad_counter, sizeof(*dad_counter));
334
p += sizeof(*dad_counter);
335
memcpy(p, secret, secret_len);
337
/* Make an address using the digest of the above.
338
* RFC7217 Section 5.1 states that we shouldn't use MD5.
339
* Pity as we use that for HMAC-MD5 which is still deemed OK.
340
* SHA-256 is recommended */
342
SHA256_Update(&ctx, buf, len);
343
SHA256_Final(digest, &ctx);
346
memcpy(p, prefix, l);
347
/* RFC7217 section 5.2 says we need to start taking the id from
348
* the least significant bit */
349
len = sizeof(addr->s6_addr) - l;
350
memcpy(p + l, digest + (sizeof(digest) - len), len);
352
/* Ensure that the Interface ID does not match a reserved one,
353
* if it does then treat it as a DAD failure.
354
* RFC7217 section 5.2 */
355
if (prefix_len != 64)
357
if (!ipv6_reserved(addr))
365
ipv6_makestableprivate(struct in6_addr *addr,
366
const struct in6_addr *prefix, int prefix_len,
367
const struct interface *ifp,
373
dad = (uint32_t)*dad_counter;
375
/* For our implementation, we shall set the hardware address
376
* as the interface identifier */
377
r = ipv6_makestableprivate1(addr, prefix, prefix_len,
378
ifp->hwaddr, ifp->hwlen,
379
ifp->ssid, ifp->ssid_len,
381
ifp->ctx->secret, ifp->ctx->secret_len);
384
*dad_counter = (int)dad;
140
389
ipv6_makeaddr(struct in6_addr *addr, const struct interface *ifp,
141
390
const struct in6_addr *prefix, int prefix_len)
143
const struct ipv6_addr_l *ap;
145
static u_int8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
146
static u_int8_t allone[8] =
147
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
150
if (prefix_len < 0 || prefix_len > 64) {
392
const struct ipv6_addr *ap;
395
if (prefix_len < 0 || prefix_len > 120) {
400
if (ifp->options->options & DHCPCD_SLAACPRIVATE) {
401
if (ifp->ctx->secret_len == 0) {
402
if (ipv6_readsecret(ifp->ctx) == -1)
406
if (ipv6_makestableprivate(addr,
407
prefix, prefix_len, ifp, &dad) == -1)
412
if (prefix_len > 64) {
416
if ((ap = ipv6_linklocal(ifp)) == NULL) {
417
/* We delay a few functions until we get a local-link address
418
* so this should never be hit. */
423
/* Make the address from the first local-link address */
155
424
memcpy(addr, prefix, sizeof(*prefix));
157
/* Try and make the address from the first local-link address */
158
ap = ipv6_linklocal(ifp);
160
addr->s6_addr32[2] = ap->addr.s6_addr32[2];
161
addr->s6_addr32[3] = ap->addr.s6_addr32[3];
165
/* Because we delay a few functions until we get a local-link address
166
* there is little point in the below code.
167
* It exists in-case we need to create local-link addresses
168
* ourselves, but then we would need to be able to send RFC
169
* conformant DAD requests.
170
* See ipv6ns.c for why we need the kernel to do this. */
175
/* Make an EUI64 based off our hardware address */
176
switch (ifp->family) {
178
/* Check for a valid hardware address */
179
if (ifp->hwlen != 8 && ifp->hwlen != 6) {
183
if (memcmp(ifp->hwaddr, allzero, ifp->hwlen) == 0 ||
184
memcmp(ifp->hwaddr, allone, ifp->hwlen) == 0)
190
/* make a EUI64 address */
192
memcpy(&addr->s6_addr[8], ifp->hwaddr, 8);
193
else if (ifp->hwlen == 6) {
194
addr->s6_addr[8] = ifp->hwaddr[0];
195
addr->s6_addr[9] = ifp->hwaddr[1];
196
addr->s6_addr[10] = ifp->hwaddr[2];
197
addr->s6_addr[11] = 0xff;
198
addr->s6_addr[12] = 0xfe;
199
addr->s6_addr[13] = ifp->hwaddr[3];
200
addr->s6_addr[14] = ifp->hwaddr[4];
201
addr->s6_addr[15] = ifp->hwaddr[5];
209
/* sanity check: g bit must not indicate "group" */
210
if (EUI64_GROUP(addr)) {
217
/* sanity check: ifid must not be all zero, avoid conflict with
218
* subnet router anycast */
219
if ((addr->s6_addr[8] & ~(EUI64_GBIT | EUI64_UBIT)) == 0x00 &&
220
memcmp(&addr->s6_addr[9], allzero, 7) == 0)
425
addr->s6_addr32[2] = ap->addr.s6_addr32[2];
426
addr->s6_addr32[3] = ap->addr.s6_addr32[3];
392
557
/* convert to two 64bit host order values */
393
in6_to_h64(prefix, &vh, &vl);
558
in6_to_h64(&vh, &vl, prefix);
398
563
/* copy back result */
399
h64_to_in6(vh, vl, result);
564
h64_to_in6(result, vh, vl);
569
#ifdef IPV6_POLLADDRFLAG
571
ipv6_checkaddrflags(void *arg)
573
struct ipv6_addr *ap;
577
ifa_flags = if_addrflags6(&ap->addr, ap->iface);
579
logger(ap->iface->ctx, LOG_ERR,
580
"%s: if_addrflags6: %m", ap->iface->name);
581
else if (!(ifa_flags & IN6_IFF_TENTATIVE)) {
582
ipv6_handleifa(ap->iface->ctx, RTM_NEWADDR,
583
ap->iface->ctx->ifaces, ap->iface->name,
584
&ap->addr, ap->prefix_len, ifa_flags);
588
ms_to_ts(&tv, RETRANS_TIMER / 2);
589
eloop_timeout_add_tv(ap->iface->ctx->eloop, &tv,
590
ipv6_checkaddrflags, ap);
597
ipv6_deleteaddr(struct ipv6_addr *ia)
599
struct ipv6_state *state;
600
struct ipv6_addr *ap;
602
logger(ia->iface->ctx, LOG_INFO, "%s: deleting address %s",
603
ia->iface->name, ia->saddr);
604
if (if_deladdress6(ia) == -1 &&
605
errno != EADDRNOTAVAIL && errno != ENXIO && errno != ENODEV)
606
logger(ia->iface->ctx, LOG_ERR, "if_deladdress6: :%m");
608
state = IPV6_STATE(ia->iface);
609
TAILQ_FOREACH(ap, &state->addrs, next) {
610
if (IN6_ARE_ADDR_EQUAL(&ap->addr, &ia->addr)) {
611
TAILQ_REMOVE(&state->addrs, ap, next);
405
ipv6_addaddr(struct ipv6_addr *ap)
619
ipv6_addaddr(struct ipv6_addr *ap, const struct timespec *now)
408
syslog(ap->flags & IPV6_AF_NEW ? LOG_INFO : LOG_DEBUG,
409
"%s: adding address %s", ap->iface->name, ap->saddr);
621
struct interface *ifp;
622
struct ipv6_state *state;
623
struct ipv6_addr *nap;
624
uint32_t pltime, vltime;
626
/* Ensure no other interface has this address */
627
TAILQ_FOREACH(ifp, ap->iface->ctx->ifaces, next) {
628
if (ifp == ap->iface || strcmp(ifp->name, ap->iface->name) == 0)
630
state = IPV6_STATE(ifp);
633
TAILQ_FOREACH(nap, &state->addrs, next) {
634
if (IN6_ARE_ADDR_EQUAL(&nap->addr, &ap->addr)) {
635
ipv6_deleteaddr(nap);
410
641
if (!(ap->flags & IPV6_AF_DADCOMPLETED) &&
411
ipv6_findaddr(ap->iface, &ap->addr))
642
ipv6_iffindaddr(ap->iface, &ap->addr))
412
643
ap->flags |= IPV6_AF_DADCOMPLETED;
413
if (add_address6(ap) == -1) {
414
syslog(LOG_ERR, "add_address6 %m");
417
ap->flags &= ~IPV6_AF_NEW;
418
ap->flags |= IPV6_AF_ADDED;
419
if (ap->delegating_iface)
420
ap->flags |= IPV6_AF_DELEGATED;
421
if (ap->iface->options->options & DHCPCD_IPV6RA_OWN &&
422
ipv6_removesubnet(ap->iface, ap) == -1)
423
syslog(LOG_ERR,"ipv6_removesubnet %m");
645
logger(ap->iface->ctx, ap->flags & IPV6_AF_NEW ? LOG_INFO : LOG_DEBUG,
646
"%s: adding address %s", ap->iface->name, ap->saddr);
424
647
if (ap->prefix_pltime == ND6_INFINITE_LIFETIME &&
425
648
ap->prefix_vltime == ND6_INFINITE_LIFETIME)
427
"%s: vltime infinity, pltime infinity",
649
logger(ap->iface->ctx, LOG_DEBUG,
650
"%s: pltime infinity, vltime infinity",
428
651
ap->iface->name);
429
652
else if (ap->prefix_pltime == ND6_INFINITE_LIFETIME)
431
"%s: vltime %"PRIu32" seconds, pltime infinity",
653
logger(ap->iface->ctx, LOG_DEBUG,
654
"%s: pltime infinity, vltime %"PRIu32" seconds",
432
655
ap->iface->name, ap->prefix_vltime);
433
656
else if (ap->prefix_vltime == ND6_INFINITE_LIFETIME)
435
"%s: vltime infinity, pltime %"PRIu32"seconds",
657
logger(ap->iface->ctx, LOG_DEBUG,
658
"%s: pltime %"PRIu32"seconds, vltime infinity",
436
659
ap->iface->name, ap->prefix_pltime);
439
"%s: vltime %"PRIu32" seconds, pltime %"PRIu32" seconds",
440
ap->iface->name, ap->prefix_vltime, ap->prefix_pltime);
661
logger(ap->iface->ctx, LOG_DEBUG,
662
"%s: pltime %"PRIu32" seconds, vltime %"PRIu32" seconds",
663
ap->iface->name, ap->prefix_pltime, ap->prefix_vltime);
665
/* Adjust plftime and vltime based on acquired time */
666
pltime = ap->prefix_pltime;
667
vltime = ap->prefix_vltime;
668
if (timespecisset(&ap->acquired) &&
669
(ap->prefix_pltime != ND6_INFINITE_LIFETIME ||
670
ap->prefix_vltime != ND6_INFINITE_LIFETIME))
675
clock_gettime(CLOCK_MONOTONIC, &n);
678
timespecsub(now, &ap->acquired, &n);
679
if (ap->prefix_pltime != ND6_INFINITE_LIFETIME) {
680
ap->prefix_pltime -= (uint32_t)n.tv_sec;
681
/* This can happen when confirming a
682
* deprecated but still valid lease. */
683
if (ap->prefix_pltime > pltime)
684
ap->prefix_pltime = 0;
686
if (ap->prefix_vltime != ND6_INFINITE_LIFETIME)
687
ap->prefix_vltime -= (uint32_t)n.tv_sec;
690
logger(ap->iface->ctx, LOG_DEBUG,
691
"%s: acquired %lld.%.9ld, now %lld.%.9ld, diff %lld.%.9ld",
693
(long long)ap->acquired.tv_sec, ap->acquired.tv_nsec,
694
(long long)now->tv_sec, now->tv_nsec,
695
(long long)n.tv_sec, n.tv_nsec);
696
logger(ap->iface->ctx, LOG_DEBUG,
697
"%s: adj pltime %"PRIu32" seconds, "
698
"vltime %"PRIu32" seconds",
699
ap->iface->name, ap->prefix_pltime, ap->prefix_vltime);
703
if (if_addaddress6(ap) == -1) {
704
logger(ap->iface->ctx, LOG_ERR, "if_addaddress6: %m");
705
/* Restore real pltime and vltime */
706
ap->prefix_pltime = pltime;
707
ap->prefix_vltime = vltime;
711
#ifdef IPV6_MANAGETEMPADDR
712
/* RFC4941 Section 3.4 */
713
if (ap->flags & IPV6_AF_TEMPORARY &&
716
ap->iface->options->options & DHCPCD_IPV6RA_OWN &&
717
ip6_use_tempaddr(ap->iface->name))
718
eloop_timeout_add_sec(ap->iface->ctx->eloop,
719
(time_t)ap->prefix_pltime - REGEN_ADVANCE,
720
ipv6_regentempaddr, ap);
723
/* Restore real pltime and vltime */
724
ap->prefix_pltime = pltime;
725
ap->prefix_vltime = vltime;
727
ap->flags &= ~IPV6_AF_NEW;
728
ap->flags |= IPV6_AF_ADDED;
729
if (ap->delegating_iface)
730
ap->flags |= IPV6_AF_DELEGATED;
732
#ifdef IPV6_POLLADDRFLAG
733
eloop_timeout_delete(ap->iface->ctx->eloop,
734
ipv6_checkaddrflags, ap);
735
if (!(ap->flags & IPV6_AF_DADCOMPLETED)) {
738
ms_to_ts(&tv, RETRANS_TIMER / 2);
739
eloop_timeout_add_tv(ap->iface->ctx->eloop,
740
&tv, ipv6_checkaddrflags, ap);
748
ipv6_publicaddr(const struct ipv6_addr *ia)
750
return (ia->prefix_pltime &&
751
(ia->addr.s6_addr[0] & 0xfe) != 0xc &&
752
!(ia->addr_flags & IN6_IFF_NOTUSEABLE));
756
ipv6_findaddr(struct dhcpcd_ctx *ctx, const struct in6_addr *addr, short flags)
758
struct ipv6_addr *dap, *nap;
760
dap = dhcp6_findaddr(ctx, addr, flags);
761
nap = ipv6nd_findaddr(ctx, addr, flags);
768
if (nap->iface->metric < dap->iface->metric)
774
ipv6_addaddrs(struct ipv6_addrhead *addrs)
776
struct ipv6_addr *ap, *apn, *apf;
782
TAILQ_FOREACH_SAFE(ap, addrs, next, apn) {
783
if (ap->prefix_vltime == 0) {
784
if (ap->flags & IPV6_AF_ADDED) {
788
eloop_q_timeout_delete(ap->iface->ctx->eloop,
790
if (ap->flags & IPV6_AF_REQUEST) {
791
ap->flags &= ~IPV6_AF_ADDED;
793
TAILQ_REMOVE(addrs, ap, next);
796
} else if (!(ap->flags & IPV6_AF_STALE) &&
797
!IN6_IS_ADDR_UNSPECIFIED(&ap->addr))
799
apf = ipv6_findaddr(ap->iface->ctx,
800
&ap->addr, IPV6_AF_ADDED);
801
if (apf && apf->iface != ap->iface &&
802
strcmp(apf->iface->name, ap->iface->name))
804
if (apf->iface->metric <= ap->iface->metric) {
805
logger(apf->iface->ctx, LOG_INFO,
806
"%s: preferring %s on %s",
812
logger(apf->iface->ctx, LOG_INFO,
813
"%s: preferring %s on %s",
817
if (if_deladdress6(apf) == -1 &&
818
errno != EADDRNOTAVAIL && errno != ENXIO)
819
logger(apf->iface->ctx, LOG_ERR,
820
"if_deladdress6: %m");
822
~(IPV6_AF_ADDED | IPV6_AF_DADCOMPLETED);
824
apf->flags &= ~IPV6_AF_ADDED;
825
if (ap->flags & IPV6_AF_NEW)
827
if (!timespecisset(&now))
828
clock_gettime(CLOCK_MONOTONIC, &now);
829
ipv6_addaddr(ap, &now);
837
ipv6_freeaddr(struct ipv6_addr *ap)
840
eloop_q_timeout_delete(ap->iface->ctx->eloop, 0, NULL, ap);
445
845
ipv6_freedrop_addrs(struct ipv6_addrhead *addrs, int drop,
446
846
const struct interface *ifd)
448
struct ipv6_addr *ap, *apn;
848
struct ipv6_addr *ap, *apn, *apf;
450
852
TAILQ_FOREACH_SAFE(ap, addrs, next, apn) {
451
853
if (ifd && ap->delegating_iface != ifd)
453
TAILQ_REMOVE(addrs, ap, next);
455
eloop_q_timeout_delete(0, NULL, ap->dadcallback);
456
/* Only drop the address if no other RAs have assigned it.
457
* This is safe because the RA is removed from the list
458
* before we are called. */
856
TAILQ_REMOVE(addrs, ap, next);
459
857
if (drop && ap->flags & IPV6_AF_ADDED &&
460
!ipv6rs_addrexists(ap) && !dhcp6_addrexists(ap))
858
(ap->iface->options->options &
859
(DHCPCD_EXITING | DHCPCD_PERSISTENT)) !=
860
(DHCPCD_EXITING | DHCPCD_PERSISTENT))
462
syslog(LOG_INFO, "%s: deleting address %s",
463
ap->iface->name, ap->saddr);
464
if (del_address6(ap) == -1 &&
465
errno != EADDRNOTAVAIL && errno != ENXIO)
466
syslog(LOG_ERR, "del_address6 %m");
863
TAILQ_REMOVE(addrs, ap, next);
864
/* Find the same address somewhere else */
865
apf = ipv6_findaddr(ap->iface->ctx, &ap->addr, 0);
867
(apf->iface != ap->iface &&
868
strcmp(apf->iface->name, ap->iface->name)))
870
if (!(ap->iface->options->options &
871
DHCPCD_EXITING) && apf)
873
if (!timespecisset(&now))
874
clock_gettime(CLOCK_MONOTONIC, &now);
875
ipv6_addaddr(apf, &now);
477
890
state = IPV6_STATE(ifp);
478
891
if (state == NULL) {
479
ifp->if_data[IF_DATA_IPV6] = malloc(sizeof(*state));
892
ifp->if_data[IF_DATA_IPV6] = calloc(1, sizeof(*state));
480
893
state = IPV6_STATE(ifp);
481
894
if (state == NULL) {
482
syslog(LOG_ERR, "%s: %m", __func__);
895
logger(ifp->ctx, LOG_ERR, "%s: %m", __func__);
485
898
TAILQ_INIT(&state->addrs);
486
899
TAILQ_INIT(&state->ll_callbacks);
901
/* Regenerate new ids */
903
ifp->options->options & DHCPCD_IPV6RA_OWN &&
904
ip6_use_tempaddr(ifp->name))
905
ipv6_regentempifid(ifp);
492
ipv6_handleifa(int cmd, struct if_head *ifs, const char *ifname,
493
const struct in6_addr *addr, int flags)
911
ipv6_handleifa(struct dhcpcd_ctx *ctx,
912
int cmd, struct if_head *ifs, const char *ifname,
913
const struct in6_addr *addr, uint8_t prefix_len, int flags)
495
915
struct interface *ifp;
496
916
struct ipv6_state *state;
497
struct ipv6_addr_l *ap;
917
struct ipv6_addr *ap;
498
918
struct ll_callback *cb;
501
921
char buf[INET6_ADDRSTRLEN];
502
922
inet_ntop(AF_INET6, &addr->s6_addr,
503
923
buf, INET6_ADDRSTRLEN);
504
syslog(LOG_DEBUG, "%s: cmd %d addr %s flags %d",
924
logger(ctx, LOG_DEBUG, "%s: cmd %d addr %s flags %d",
505
925
ifname, cmd, buf, flags);
508
/* Safety, remove tentative addresses */
509
if (cmd == RTM_NEWADDR) {
510
if (flags & IN6_IFF_TENTATIVE)
512
#ifdef IN6_IFF_DETACHED
513
if (flags & IN6_IFF_DETACHED)
520
930
if (ifs == NULL) {
524
934
TAILQ_FOREACH(ifp, ifs, next) {
525
if (strcmp(ifp->name, ifname) == 0)
533
state = ipv6_getstate(ifp);
537
if (!IN6_IS_ADDR_LINKLOCAL(addr)) {
538
ipv6rs_handleifa(cmd, ifname, addr, flags);
539
dhcp6_handleifa(cmd, ifname, addr, flags);
542
/* We don't care about duplicated addresses, so remove them */
543
if (flags & IN6_IFF_DUPLICATED)
546
TAILQ_FOREACH(ap, &state->addrs, next) {
547
if (IN6_ARE_ADDR_EQUAL(&ap->addr, addr))
554
TAILQ_REMOVE(&state->addrs, ap, next);
560
ap = calloc(1, sizeof(*ap));
561
memcpy(ap->addr.s6_addr, addr->s6_addr,
562
sizeof(ap->addr.s6_addr));
563
TAILQ_INSERT_TAIL(&state->addrs,
935
/* Each psuedo interface also stores addresses */
936
if (strcmp(ifp->name, ifname))
938
state = ipv6_getstate(ifp);
942
if (!IN6_IS_ADDR_LINKLOCAL(addr)) {
943
ipv6nd_handleifa(ctx, cmd, ifname, addr, flags);
944
dhcp6_handleifa(ctx, cmd, ifname, addr, flags);
947
TAILQ_FOREACH(ap, &state->addrs, next) {
948
if (IN6_ARE_ADDR_EQUAL(&ap->addr, addr))
955
TAILQ_REMOVE(&state->addrs, ap, next);
961
char buf[INET6_ADDRSTRLEN];
964
ap = calloc(1, sizeof(*ap));
967
ap->prefix_len = prefix_len;
968
ipv6_makeprefix(&ap->prefix, &ap->addr,
970
cbp = inet_ntop(AF_INET6, &addr->s6_addr,
973
snprintf(ap->saddr, sizeof(ap->saddr),
974
"%s/%d", cbp, prefix_len);
975
if (if_getlifetime6(ap) == -1) {
976
/* No support or address vanished.
977
* Either way, just set a deprecated
978
* infinite time lifetime and continue.
979
* This is fine because we only want
980
* to know this when trying to extend
981
* temporary addresses.
982
* As we can't extend infinite, we'll
983
* create a new temporary address. */
984
ap->prefix_pltime = 0;
986
ND6_INFINITE_LIFETIME;
988
/* This is a minor regression against RFC 4941
989
* because the kernel only knows when the
990
* lifetimes were last updated, not when the
991
* address was initially created.
992
* Provided dhcpcd is not restarted, this
993
* won't be a problem.
994
* If we don't like it, we can always
995
* pretend lifetimes are infinite and always
996
* generate a new temporary address on
998
ap->acquired = ap->created;
999
TAILQ_INSERT_TAIL(&state->addrs,
1002
ap->addr_flags = flags;
1003
#ifdef IPV6_MANAGETEMPADDR
1004
if (ap->addr_flags & IN6_IFF_TEMPORARY)
1005
ap->flags |= IPV6_AF_TEMPORARY;
566
1007
if (IN6_IS_ADDR_LINKLOCAL(&ap->addr)) {
567
/* Now run any callbacks.
568
* Typically IPv6RS or DHCPv6 */
570
TAILQ_FIRST(&state->ll_callbacks)))
572
TAILQ_REMOVE(&state->ll_callbacks,
574
cb->callback(cb->arg);
583
const struct ipv6_addr_l *
584
ipv6_linklocal(const struct interface *ifp)
586
const struct ipv6_state *state;
587
const struct ipv6_addr_l *ap;
589
state = IPV6_CSTATE(ifp);
591
TAILQ_FOREACH(ap, &state->addrs, next) {
592
if (IN6_IS_ADDR_LINKLOCAL(&ap->addr))
599
const struct ipv6_addr_l *
600
ipv6_findaddr(const struct interface *ifp, const struct in6_addr *addr)
602
const struct ipv6_state *state;
603
const struct ipv6_addr_l *ap;
605
state = IPV6_CSTATE(ifp);
607
TAILQ_FOREACH(ap, &state->addrs, next) {
608
if (IN6_ARE_ADDR_EQUAL(&ap->addr, addr))
615
int ipv6_addlinklocalcallback(struct interface *ifp,
1008
#ifdef IPV6_POLLADDRFLAG
1009
if (ap->addr_flags & IN6_IFF_TENTATIVE) {
1012
ms_to_ts(&tv, RETRANS_TIMER / 2);
1013
eloop_timeout_add_tv(
1014
ap->iface->ctx->eloop,
1015
&tv, ipv6_checkaddrflags, ap);
1020
if (!(ap->addr_flags & IN6_IFF_NOTUSEABLE)) {
1021
/* Now run any callbacks.
1022
* Typically IPv6RS or DHCPv6 */
1024
TAILQ_FIRST(&state->ll_callbacks)))
1027
&state->ll_callbacks,
1029
cb->callback(cb->arg);
1039
const struct ipv6_addr *
1040
ipv6_iffindaddr(const struct interface *ifp, const struct in6_addr *addr)
1042
const struct ipv6_state *state;
1043
const struct ipv6_addr *ap;
1045
state = IPV6_CSTATE(ifp);
1047
TAILQ_FOREACH(ap, &state->addrs, next) {
1049
if (IN6_IS_ADDR_LINKLOCAL(&ap->addr) &&
1050
!(ap->addr_flags & IN6_IFF_NOTUSEABLE))
1053
if (IN6_ARE_ADDR_EQUAL(&ap->addr, addr) &&
1054
!(ap->addr_flags & IN6_IFF_TENTATIVE))
1063
ipv6_addlinklocalcallback(struct interface *ifp,
616
1064
void (*callback)(void *), void *arg)
618
1066
struct ipv6_state *state;
1087
static struct ipv6_addr *
1088
ipv6_newlinklocal(struct interface *ifp)
1090
struct ipv6_addr *ap;
1092
ap = calloc(1, sizeof(*ap));
1095
ap->prefix.s6_addr32[0] = htonl(0xfe800000);
1096
ap->prefix.s6_addr32[1] = 0;
1097
ap->prefix_len = 64;
1099
ap->prefix_pltime = ND6_INFINITE_LIFETIME;
1100
ap->prefix_vltime = ND6_INFINITE_LIFETIME;
1101
ap->flags = IPV6_AF_NEW;
1102
ap->addr_flags = IN6_IFF_TENTATIVE;
1107
static const uint8_t allzero[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
1108
static const uint8_t allone[8] =
1109
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
1112
ipv6_addlinklocal(struct interface *ifp)
1114
struct ipv6_state *state;
1115
struct ipv6_addr *ap, *ap2;
1118
/* Check sanity before malloc */
1119
if (!(ifp->options->options & DHCPCD_SLAACPRIVATE)) {
1120
switch (ifp->family) {
1122
/* Check for a valid hardware address */
1123
if (ifp->hwlen != 6 && ifp->hwlen != 8) {
1127
if (memcmp(ifp->hwaddr, allzero, ifp->hwlen) == 0 ||
1128
memcmp(ifp->hwaddr, allone, ifp->hwlen) == 0)
1140
state = ipv6_getstate(ifp);
1144
ap = ipv6_newlinklocal(ifp);
1148
if (ifp->options->options & DHCPCD_SLAACPRIVATE) {
1151
if (ipv6_makestableprivate(&ap->addr,
1152
&ap->prefix, ap->prefix_len, ifp, &dadcounter) == -1)
1157
ap->dadcounter = dadcounter;
1159
memcpy(ap->addr.s6_addr, ap->prefix.s6_addr, 8);
1160
switch (ifp->family) {
1162
if (ifp->hwlen == 6) {
1163
ap->addr.s6_addr[ 8] = ifp->hwaddr[0];
1164
ap->addr.s6_addr[ 9] = ifp->hwaddr[1];
1165
ap->addr.s6_addr[10] = ifp->hwaddr[2];
1166
ap->addr.s6_addr[11] = 0xff;
1167
ap->addr.s6_addr[12] = 0xfe;
1168
ap->addr.s6_addr[13] = ifp->hwaddr[3];
1169
ap->addr.s6_addr[14] = ifp->hwaddr[4];
1170
ap->addr.s6_addr[15] = ifp->hwaddr[5];
1171
} else if (ifp->hwlen == 8)
1172
memcpy(&ap->addr.s6_addr[8], ifp->hwaddr, 8);
1181
/* Sanity check: g bit must not indciate "group" */
1182
if (EUI64_GROUP(&ap->addr)) {
1187
EUI64_TO_IFID(&ap->addr);
1190
/* Do we already have this address? */
1191
TAILQ_FOREACH(ap2, &state->addrs, next) {
1192
if (IN6_ARE_ADDR_EQUAL(&ap->addr, &ap2->addr)) {
1193
if (ap2->addr_flags & IN6_IFF_DUPLICATED) {
1194
if (ifp->options->options &
1195
DHCPCD_SLAACPRIVATE)
1198
goto nextslaacprivate;
1201
errno = EADDRNOTAVAIL;
1205
logger(ap2->iface->ctx, LOG_WARNING,
1206
"%s: waiting for %s to complete",
1207
ap2->iface->name, ap2->saddr);
1214
inet_ntop(AF_INET6, &ap->addr, ap->saddr, sizeof(ap->saddr));
1215
TAILQ_INSERT_TAIL(&state->addrs, ap, next);
1216
ipv6_addaddr(ap, NULL);
1220
/* Ensure the interface has a link-local address */
1222
ipv6_start(struct interface *ifp)
1224
const struct ipv6_state *state;
1225
const struct ipv6_addr *ap;
1227
/* We can't assign a link-locak address to this,
1228
* the ppp process has to. */
1229
if (ifp->flags & IFF_POINTOPOINT)
1232
state = IPV6_CSTATE(ifp);
1234
TAILQ_FOREACH(ap, &state->addrs, next) {
1235
if (IN6_IS_ADDR_LINKLOCAL(&ap->addr) &&
1236
!(ap->addr_flags & IN6_IFF_DUPLICATED))
1239
/* Regenerate new ids */
1240
if (ifp->options->options & DHCPCD_IPV6RA_OWN &&
1241
ip6_use_tempaddr(ifp->name))
1242
ipv6_regentempifid(ifp);
1246
if (ap == NULL && ipv6_addlinklocal(ifp) == -1)
1249
/* Load existing routes */
640
ipv6_free_ll_callbacks(struct interface *ifp)
1255
ipv6_freedrop(struct interface *ifp, int drop)
642
1257
struct ipv6_state *state;
643
1258
struct ll_callback *cb;
645
state = IPV6_STATE(ifp);
1263
if ((state = IPV6_STATE(ifp)) == NULL)
1266
ipv6_freedrop_addrs(&state->addrs, drop ? 2 : 0, NULL);
1268
/* Becuase we need to cache the addresses we don't control,
1269
* we only free the state on when NOT dropping addresses. */
647
1271
while ((cb = TAILQ_FIRST(&state->ll_callbacks))) {
648
1272
TAILQ_REMOVE(&state->ll_callbacks, cb, next);
655
ipv6_free(struct interface *ifp)
657
struct ipv6_state *state;
658
struct ipv6_addr_l *ap;
660
ipv6_free_ll_callbacks(ifp);
661
state = IPV6_STATE(ifp);
663
while ((ap = TAILQ_FIRST(&state->addrs))) {
664
TAILQ_REMOVE(&state->addrs, ap, next);
668
1276
ifp->if_data[IF_DATA_IPV6] = NULL;
1277
eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1282
ipv6_ctxfree(struct dhcpcd_ctx *ctx)
1285
if (ctx->ipv6 == NULL)
1288
ipv6_freerts(ctx->ipv6->routes);
1289
free(ctx->ipv6->routes);
1290
free(ctx->ipv6->ra_routers);
1291
ipv6_freerts(&ctx->ipv6->kroutes);
673
1296
ipv6_handleifa_addrs(int cmd,
674
1297
struct ipv6_addrhead *addrs, const struct in6_addr *addr, int flags)
714
1340
return alldadcompleted ? found : 0;
1343
#ifdef IPV6_MANAGETEMPADDR
1344
static const struct ipv6_addr *
1345
ipv6_findaddrid(struct dhcpcd_ctx *ctx, uint8_t *addr)
1347
const struct interface *ifp;
1348
const struct ipv6_state *state;
1349
const struct ipv6_addr *ia;
1351
TAILQ_FOREACH(ifp, ctx->ifaces, next) {
1352
if ((state = IPV6_CSTATE(ifp))) {
1353
TAILQ_FOREACH(ia, &state->addrs, next) {
1354
if (memcmp(&ia->addr.s6_addr[8], addr, 8) == 0)
1362
static const uint8_t nullid[8];
1363
static const uint8_t anycastid[8] = {
1364
0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80 };
1365
static const uint8_t isatapid[4] = { 0x00, 0x00, 0x5e, 0xfe };
1368
ipv6_regen_desync(struct interface *ifp, int force)
1370
struct ipv6_state *state;
1373
state = IPV6_STATE(ifp);
1375
/* RFC4941 Section 5 states that DESYNC_FACTOR must never be
1376
* greater than TEMP_VALID_LIFETIME - REGEN_ADVANCE.
1377
* I believe this is an error and it should be never be greateter than
1378
* TEMP_PREFERRED_LIFETIME - REGEN_ADVANCE. */
1379
max = ip6_temp_preferred_lifetime(ifp->name) - REGEN_ADVANCE;
1380
if (state->desync_factor && !force && state->desync_factor < max)
1382
if (state->desync_factor == 0)
1383
state->desync_factor =
1384
(time_t)arc4random_uniform(MIN(MAX_DESYNC_FACTOR,
1386
max = ip6_temp_preferred_lifetime(ifp->name) -
1387
state->desync_factor - REGEN_ADVANCE;
1388
eloop_timeout_add_sec(ifp->ctx->eloop, max, ipv6_regentempifid, ifp);
1392
ipv6_gentempifid(struct interface *ifp)
1394
struct ipv6_state *state;
1396
uint8_t seed[16], digest[16];
1399
if ((state = IPV6_STATE(ifp)) == NULL)
1403
if (memcmp(nullid, state->randomseed0, sizeof(nullid)) == 0) {
1407
memcpy(seed, &r, sizeof(r));
1409
memcpy(seed + sizeof(r), &r, sizeof(r));
1411
memcpy(seed, state->randomseed0, sizeof(state->randomseed0));
1413
memcpy(seed + sizeof(state->randomseed0),
1414
state->randomseed1, sizeof(state->randomseed1));
1417
/* RFC4941 Section 3.2.1.1
1418
* Take the left-most 64bits and set bit 6 to zero */
1420
MD5Update(&md5, seed, sizeof(seed));
1421
MD5Final(digest, &md5);
1423
/* RFC4941 Section 3.2.1.1
1424
* Take the left-most 64bits and set bit 6 to zero */
1425
memcpy(state->randomid, digest, sizeof(state->randomid));
1426
state->randomid[0] = (uint8_t)(state->randomid[0] & ~EUI64_UBIT);
1428
/* RFC4941 Section 3.2.1.4
1429
* Reject reserved or existing id's */
1430
if (memcmp(nullid, state->randomid, sizeof(nullid)) == 0 ||
1431
(memcmp(anycastid, state->randomid, 7) == 0 &&
1432
(anycastid[7] & state->randomid[7]) == anycastid[7]) ||
1433
memcmp(isatapid, state->randomid, sizeof(isatapid)) == 0 ||
1434
ipv6_findaddrid(ifp->ctx, state->randomid))
1436
if (++retry < GEN_TEMPID_RETRY_MAX) {
1437
memcpy(seed, digest + 8, 8);
1440
memset(state->randomid, 0, sizeof(state->randomid));
1443
/* RFC4941 Section 3.2.1.6
1444
* Save the right-most 64bits of the digest */
1445
memcpy(state->randomseed0, digest + 8,
1446
sizeof(state->randomseed0));
1449
/* RFC4941 Section 3.3.7 */
1451
ipv6_tempdadcallback(void *arg)
1453
struct ipv6_addr *ia = arg;
1455
if (ia->flags & IPV6_AF_DUPLICATED) {
1456
struct ipv6_addr *ia1;
1459
if (++ia->dadcounter == TEMP_IDGEN_RETRIES) {
1460
logger(ia->iface->ctx, LOG_ERR,
1461
"%s: too many duplicate temporary addresses",
1465
clock_gettime(CLOCK_MONOTONIC, &tv);
1466
if ((ia1 = ipv6_createtempaddr(ia, &tv)) == NULL)
1467
logger(ia->iface->ctx, LOG_ERR,
1468
"ipv6_createtempaddr: %m");
1470
ia1->dadcounter = ia->dadcounter;
1471
ipv6_deleteaddr(ia);
1473
ipv6_addaddr(ia1, &ia1->acquired);
1478
ipv6_createtempaddr(struct ipv6_addr *ia0, const struct timespec *now)
1480
struct ipv6_state *state;
1481
const struct ipv6_state *cstate;
1483
struct in6_addr addr, mask;
1485
const struct interface *ifp;
1486
const struct ipv6_addr *ap;
1487
struct ipv6_addr *ia;
1488
uint32_t i, trylimit;
1489
char buf[INET6_ADDRSTRLEN];
1492
trylimit = TEMP_IDGEN_RETRIES;
1493
state = IPV6_STATE(ia0->iface);
1497
ipv6_mask(&mask, ia0->prefix_len);
1498
/* clear the old ifid */
1499
for (i = 0; i < 4; i++)
1500
addr.s6_addr32[i] &= mask.s6_addr32[i];
1503
if (memcmp(state->randomid, nullid, sizeof(nullid)) == 0)
1506
memcpy(state->randomseed1, &ia0->addr.s6_addr[8],
1507
sizeof(state->randomseed1));
1508
ipv6_gentempifid(ia0->iface);
1509
if (memcmp(state->randomid, nullid, sizeof(nullid)) == 0) {
1514
memcpy(&randid[0], state->randomid, sizeof(randid[0]));
1515
memcpy(&randid[1], state->randomid + sizeof(randid[1]),
1517
addr.s6_addr32[2] |= randid[0] & ~mask.s6_addr32[2];
1518
addr.s6_addr32[3] |= randid[1] & ~mask.s6_addr32[3];
1520
/* Ensure we don't already have it */
1521
TAILQ_FOREACH(ifp, ia0->iface->ctx->ifaces, next) {
1522
cstate = IPV6_CSTATE(ifp);
1524
TAILQ_FOREACH(ap, &cstate->addrs, next) {
1525
if (IN6_ARE_ADDR_EQUAL(&ap->addr, &addr)) {
1526
if (--trylimit == 0) {
1537
if ((ia = calloc(1, sizeof(*ia))) == NULL)
1540
ia->iface = ia0->iface;
1542
/* Must be made tentative, for our DaD to work */
1543
ia->addr_flags = IN6_IFF_TENTATIVE;
1544
ia->dadcallback = ipv6_tempdadcallback;
1545
ia->flags = IPV6_AF_NEW | IPV6_AF_AUTOCONF | IPV6_AF_TEMPORARY;
1546
ia->prefix = ia0->prefix;
1547
ia->prefix_len = ia0->prefix_len;
1548
ia->created = ia->acquired = now ? *now : ia0->acquired;
1550
/* Ensure desync is still valid */
1551
ipv6_regen_desync(ia->iface, 0);
1553
/* RFC4941 Section 3.3.4 */
1554
i = (uint32_t)(ip6_temp_preferred_lifetime(ia0->iface->name) -
1555
state->desync_factor);
1556
ia->prefix_pltime = MIN(ia0->prefix_pltime, i);
1557
i = (uint32_t)ip6_temp_valid_lifetime(ia0->iface->name);
1558
ia->prefix_vltime = MIN(ia0->prefix_vltime, i);
1559
if (ia->prefix_pltime <= REGEN_ADVANCE ||
1560
ia->prefix_pltime > ia0->prefix_vltime)
1567
cbp = inet_ntop(AF_INET6, &ia->addr, buf, sizeof(buf));
1569
snprintf(ia->saddr, sizeof(ia->saddr), "%s/%d",
1570
cbp, ia->prefix_len); else ia->saddr[0] = '\0';
1572
TAILQ_INSERT_TAIL(&state->addrs, ia, next);
1577
ipv6_settempstale(struct interface *ifp)
1579
struct ipv6_state *state;
1580
struct ipv6_addr *ia;
1582
state = IPV6_STATE(ifp);
1583
TAILQ_FOREACH(ia, &state->addrs, next) {
1584
if (ia->flags & IPV6_AF_TEMPORARY)
1585
ia->flags |= IPV6_AF_STALE;
1590
ipv6_settemptime(struct ipv6_addr *ia, int flags)
1592
struct ipv6_state *state;
1593
struct ipv6_addr *ap, *first;
1595
state = IPV6_STATE(ia->iface);
1597
TAILQ_FOREACH_REVERSE(ap, &state->addrs, ipv6_addrhead, next) {
1598
if (ap->flags & IPV6_AF_TEMPORARY &&
1599
ap->prefix_pltime &&
1600
IN6_ARE_ADDR_EQUAL(&ia->prefix, &ap->prefix))
1605
if (ap->prefix_pltime -
1606
(uint32_t)(ia->acquired.tv_sec -
1607
ap->acquired.tv_sec)
1614
if (!(ap->flags & IPV6_AF_ADDED))
1615
ap->flags |= IPV6_AF_NEW | IPV6_AF_AUTOCONF;
1616
ap->flags &= ~IPV6_AF_STALE;
1618
/* RFC4941 Section 3.4
1619
* Deprecated prefix, deprecate the temporary address */
1620
if (ia->prefix_pltime == 0) {
1621
ap->prefix_pltime = 0;
1625
/* Ensure desync is still valid */
1626
ipv6_regen_desync(ap->iface, 0);
1628
/* RFC4941 Section 3.3.2
1629
* Extend temporary times, but ensure that they
1630
* never last beyond the system limit. */
1631
ext = ia->acquired.tv_sec + (time_t)ia->prefix_pltime;
1632
max = ap->created.tv_sec +
1633
ip6_temp_preferred_lifetime(ap->iface->name) -
1634
state->desync_factor;
1636
ap->prefix_pltime = ia->prefix_pltime;
1639
(uint32_t)(max - ia->acquired.tv_sec);
1642
ext = ia->acquired.tv_sec + (time_t)ia->prefix_vltime;
1643
max = ap->created.tv_sec +
1644
ip6_temp_valid_lifetime(ap->iface->name);
1646
ap->prefix_vltime = ia->prefix_vltime;
1649
(uint32_t)(max - ia->acquired.tv_sec);
1651
/* Just extend the latest matching prefix */
1652
ap->acquired = ia->acquired;
1654
/* If extending return the last match as
1655
* it's the most current.
1656
* If deprecating, deprecate any other addresses we
1657
* may have, although this should not be needed */
1658
if (ia->prefix_pltime)
1668
ipv6_addtempaddrs(struct interface *ifp, const struct timespec *now)
1670
struct ipv6_state *state;
1671
struct ipv6_addr *ia;
1673
state = IPV6_STATE(ifp);
1674
TAILQ_FOREACH(ia, &state->addrs, next) {
1675
if (ia->flags & IPV6_AF_TEMPORARY &&
1676
!(ia->flags & IPV6_AF_STALE))
1677
ipv6_addaddr(ia, now);
1682
ipv6_regentempaddr(void *arg)
1684
struct ipv6_addr *ia = arg, *ia1;
1687
logger(ia->iface->ctx, LOG_DEBUG, "%s: regen temp addr %s",
1688
ia->iface->name, ia->saddr);
1689
clock_gettime(CLOCK_MONOTONIC, &tv);
1690
ia1 = ipv6_createtempaddr(ia, &tv);
1692
ipv6_addaddr(ia1, &tv);
1694
logger(ia->iface->ctx, LOG_ERR, "ipv6_createtempaddr: %m");
1698
ipv6_regentempifid(void *arg)
1700
struct interface *ifp = arg;
1701
struct ipv6_state *state;
1703
state = IPV6_STATE(ifp);
1704
if (memcmp(state->randomid, nullid, sizeof(state->randomid)))
1705
ipv6_gentempifid(ifp);
1707
ipv6_regen_desync(ifp, 1);
1709
#endif /* IPV6_MANAGETEMPADDR */
717
1711
static struct rt6 *
718
find_route6(struct rt6head *rts, const struct rt6 *r)
1712
find_route6(struct rt6_head *rts, const struct rt6 *r)
722
1716
TAILQ_FOREACH(rt, rts, next) {
723
1717
if (IN6_ARE_ADDR_EQUAL(&rt->dest, &r->dest) &&
724
#if HAVE_ROUTE_METRIC
725
rt->iface->metric == r->iface->metric &&
1718
#ifdef HAVE_ROUTE_METRIC
1719
(r->iface == NULL || rt->iface == NULL ||
1720
rt->iface->metric == r->iface->metric) &&
727
1722
IN6_ARE_ADDR_EQUAL(&rt->net, &r->net))
736
1731
char destbuf[INET6_ADDRSTRLEN];
737
1732
char gatebuf[INET6_ADDRSTRLEN];
738
const char *ifname = rt->iface->name, *dest, *gate;
1733
const char *ifname, *dest, *gate;
1734
struct dhcpcd_ctx *ctx;
740
dest = inet_ntop(AF_INET6, &rt->dest.s6_addr,
741
destbuf, INET6_ADDRSTRLEN);
742
gate = inet_ntop(AF_INET6, &rt->gate.s6_addr,
743
gatebuf, INET6_ADDRSTRLEN);
1736
ctx = rt->iface ? rt->iface->ctx : NULL;
1737
ifname = rt->iface ? rt->iface->name : "(no iface)";
1738
dest = inet_ntop(AF_INET6, &rt->dest, destbuf, INET6_ADDRSTRLEN);
1739
gate = inet_ntop(AF_INET6, &rt->gate, gatebuf, INET6_ADDRSTRLEN);
744
1740
if (IN6_ARE_ADDR_EQUAL(&rt->gate, &in6addr_any))
745
syslog(LOG_INFO, "%s: %s route to %s/%d", ifname, cmd,
746
dest, ipv6_prefixlen(&rt->net));
1741
logger(ctx, LOG_INFO, "%s: %s route to %s/%d",
1742
ifname, cmd, dest, ipv6_prefixlen(&rt->net));
747
1743
else if (IN6_ARE_ADDR_EQUAL(&rt->dest, &in6addr_any) &&
748
1744
IN6_ARE_ADDR_EQUAL(&rt->net, &in6addr_any))
749
syslog(LOG_INFO, "%s: %s default route via %s", ifname, cmd,
1745
logger(ctx, LOG_INFO, "%s: %s default route via %s",
752
syslog(LOG_INFO, "%s: %s route to %s/%d via %s", ifname, cmd,
1748
logger(ctx, LOG_INFO, "%s: %s%s route to %s/%d via %s",
1750
rt->flags & RTF_REJECT ? " reject" : "",
753
1751
dest, ipv6_prefixlen(&rt->net), gate);
756
#define n_route(a) nc_route(1, a, a)
757
#define c_route(a, b) nc_route(0, a, b)
1755
ipv6_findrt(struct dhcpcd_ctx *ctx, const struct rt6 *rt, int flags)
1759
TAILQ_FOREACH(r, &ctx->ipv6->kroutes, next) {
1760
if (IN6_ARE_ADDR_EQUAL(&rt->dest, &r->dest) &&
1761
#ifdef HAVE_ROUTE_METRIC
1762
(rt->iface == r->iface ||
1763
(rt->flags & RTF_REJECT && r->flags & RTF_REJECT)) &&
1764
(!flags || rt->metric == r->metric) &&
1766
(!flags || rt->iface == r->iface ||
1767
(rt->flags & RTF_REJECT && r->flags & RTF_REJECT)) &&
1769
IN6_ARE_ADDR_EQUAL(&rt->net, &r->net))
1776
ipv6_freerts(struct rt6_head *routes)
1780
while ((rt = TAILQ_FIRST(routes))) {
1781
TAILQ_REMOVE(routes, rt, next);
1786
/* If something other than dhcpcd removes a route,
1787
* we need to remove it from our internal table. */
1789
ipv6_handlert(struct dhcpcd_ctx *ctx, int cmd, struct rt6 *rt)
1793
if (ctx->ipv6 == NULL)
1796
f = ipv6_findrt(ctx, rt, 1);
1800
if ((f = malloc(sizeof(*f))) == NULL)
1803
TAILQ_INSERT_TAIL(&ctx->ipv6->kroutes, f, next);
1808
TAILQ_REMOVE(&ctx->ipv6->kroutes, f, next);
1811
/* If we manage the route, remove it */
1812
if ((f = find_route6(ctx->ipv6->routes, rt))) {
1813
desc_route("removing", f);
1814
TAILQ_REMOVE(ctx->ipv6->routes, f, next);
1822
#define n_route(a) nc_route(NULL, a)
1823
#define c_route(a, b) nc_route(a, b)
759
nc_route(int add, struct rt6 *ort, struct rt6 *nrt)
1825
nc_route(struct rt6 *ort, struct rt6 *nrt)
762
1828
/* Don't set default routes if not asked to */