1/*
2 * dhcpcd - DHCP client daemon
3 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name>
4 * All rights reserved
5
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27
28#include <sys/param.h>
29#include <sys/socket.h>
30#include <sys/stat.h>
31
32#include <arpa/inet.h>
33#include <net/if.h>
34#include <net/route.h>
35#include <netinet/if_ether.h>
36#include <netinet/in_systm.h>
37#include <netinet/in.h>
38#include <netinet/ip.h>
39#define __FAVOR_BSD /* Nasty glibc hack so we can use BSD semantics for UDP */
40#include <netinet/udp.h>
41#undef __FAVOR_BSD
42
43#include <assert.h>
44#include <ctype.h>
45#include <errno.h>
46#include <fcntl.h>
47#include <inttypes.h>
48#include <stdbool.h>
49#include <stddef.h>
50#include <stdlib.h>
51#include <string.h>
52#include <unistd.h>
53
54#define ELOOP_QUEUE 2
55#include "config.h"
56#include "arp.h"
57#include "bpf.h"
58#include "common.h"
59#include "dhcp.h"
60#include "dhcpcd.h"
61#include "dhcp-common.h"
62#include "duid.h"
63#include "eloop.h"
64#include "if.h"
65#include "ipv4.h"
66#include "ipv4ll.h"
67#include "logerr.h"
68#include "sa.h"
69#include "script.h"
70
71#define DAD "Duplicate address detected"
72#define DHCP_MIN_LEASE 20
73
74#define IPV4A ADDRIPV4 | ARRAY
75#define IPV4R ADDRIPV4 | REQUEST
76
77/* We should define a maximum for the NAK exponential backoff */
78#define NAKOFF_MAX 60
79
80/* Wait N nanoseconds between sending a RELEASE and dropping the address.
81 * This gives the kernel enough time to actually send it. */
82#define RELEASE_DELAY_S 0
83#define RELEASE_DELAY_NS 10000000
84
85#ifndef IPDEFTTL
86#define IPDEFTTL 64 /* RFC1340 */
87#endif
88
89/* Support older systems with different defines */
90#if !defined(IP_RECVPKTINFO) && defined(IP_PKTINFO)
91#define IP_RECVPKTINFO IP_PKTINFO
92#endif
93
94/* Assert the correct structure size for on wire */
95__CTASSERT(sizeof(struct ip) == 20);
96__CTASSERT(sizeof(struct udphdr) == 8);
97__CTASSERT(sizeof(struct bootp) == 300);
98
99struct dhcp_op {
100 uint8_t value;
101 const char *name;
102};
103
104static const struct dhcp_op dhcp_ops[] = {
105 { DHCP_DISCOVER, "DISCOVER" },
106 { DHCP_OFFER, "OFFER" },
107 { DHCP_REQUEST, "REQUEST" },
108 { DHCP_DECLINE, "DECLINE" },
109 { DHCP_ACK, "ACK" },
110 { DHCP_NAK, "NAK" },
111 { DHCP_RELEASE, "RELEASE" },
112 { DHCP_INFORM, "INFORM" },
113 { DHCP_FORCERENEW, "FORCERENEW"},
114 { 0, NULL }
115};
116
117static const char * const dhcp_params[] = {
118 "ip_address",
119 "subnet_cidr",
120 "network_number",
121 "filename",
122 "server_name",
123 NULL
124};
125
126static int dhcp_openbpf(struct interface *);
127#ifdef ARP
128static void dhcp_arp_conflicted(struct arp_state *, const struct arp_msg *);
129#endif
130static void dhcp_handledhcp(struct interface *, struct bootp *, size_t,
131 const struct in_addr *);
132#ifdef IP_PKTINFO
133static void dhcp_handleifudp(void *);
134#endif
135static int dhcp_initstate(struct interface *);
136
137void
138dhcp_printoptions(const struct dhcpcd_ctx *ctx,
139 const struct dhcp_opt *opts, size_t opts_len)
140{
141 const char * const *p;
142 size_t i, j;
143 const struct dhcp_opt *opt, *opt2;
144 int cols;
145
146 for (p = dhcp_params; *p; p++)
147 printf(" %s\n", *p);
148
149 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) {
150 for (j = 0, opt2 = opts; j < opts_len; j++, opt2++)
151 if (opt->option == opt2->option)
152 break;
153 if (j == opts_len) {
154 cols = printf("%03d %s", opt->option, opt->var);
155 dhcp_print_option_encoding(opt, cols);
156 }
157 }
158 for (i = 0, opt = opts; i < opts_len; i++, opt++) {
159 cols = printf("%03d %s", opt->option, opt->var);
160 dhcp_print_option_encoding(opt, cols);
161 }
162}
163
164#define get_option_raw(ctx, bootp, bootp_len, opt) \
165 get_option((ctx), (bootp), (bootp_len), NULL)
166static const uint8_t *
167get_option(struct dhcpcd_ctx *ctx,
168 const struct bootp *bootp, size_t bootp_len,
169 unsigned int opt, size_t *opt_len)
170{
171 const uint8_t *p, *e;
172 uint8_t l, o, ol, overl, *bp;
173 const uint8_t *op;
174 size_t bl;
175
176 /* Check we have the magic cookie */
177 if (!IS_DHCP(bootp)) {
178 errno = ENOTSUP;
179 return NULL;
180 }
181
182 p = bootp->vend + 4; /* options after the 4 byte cookie */
183 e = (const uint8_t *)bootp + bootp_len;
184 ol = o = overl = 0;
185 bp = NULL;
186 op = NULL;
187 bl = 0;
188 while (p < e) {
189 o = *p++;
190 switch (o) {
191 case DHO_PAD:
192 /* No length to read */
193 continue;
194 case DHO_END:
195 if (overl & 1) {
196 /* bit 1 set means parse boot file */
197 overl = (uint8_t)(overl & ~1);
198 p = bootp->file;
199 e = p + sizeof(bootp->file);
200 } else if (overl & 2) {
201 /* bit 2 set means parse server name */
202 overl = (uint8_t)(overl & ~2);
203 p = bootp->sname;
204 e = p + sizeof(bootp->sname);
205 } else
206 goto exit;
207 /* No length to read */
208 continue;
209 }
210
211 /* Check we can read the length */
212 if (p == e) {
213 errno = EINVAL;
214 return NULL;
215 }
216 l = *p++;
217
218 /* Check we can read the option data, if present */
219 if (p + l > e) {
220 errno = EINVAL;
221 return NULL;
222 }
223
224 if (o == DHO_OPTSOVERLOADED) {
225 /* Ensure we only get this option once by setting
226 * the last bit as well as the value.
227 * This is valid because only the first two bits
228 * actually mean anything in RFC2132 Section 9.3 */
229 if (l == 1 && !overl)
230 overl = 0x80 | p[0];
231 }
232
233 if (o == opt) {
234 if (op) {
235 /* We must concatonate the options. */
236 if (bl + l > ctx->opt_buffer_len) {
237 size_t pos;
238 uint8_t *nb;
239
240 if (bp)
241 pos = (size_t)
242 (bp - ctx->opt_buffer);
243 else
244 pos = 0;
245 nb = realloc(ctx->opt_buffer, bl + l);
246 if (nb == NULL)
247 return NULL;
248 ctx->opt_buffer = nb;
249 ctx->opt_buffer_len = bl + l;
250 bp = ctx->opt_buffer + pos;
251 }
252 if (bp == NULL)
253 bp = ctx->opt_buffer;
254 memcpy(bp, op, ol);
255 bp += ol;
256 }
257 ol = l;
258 op = p;
259 bl += ol;
260 }
261 p += l;
262 }
263
264exit:
265 if (opt_len)
266 *opt_len = bl;
267 if (bp) {
268 memcpy(bp, op, ol);
269 return (const uint8_t *)ctx->opt_buffer;
270 }
271 if (op)
272 return op;
273 errno = ENOENT;
274 return NULL;
275}
276
277static int
278get_option_addr(struct dhcpcd_ctx *ctx,
279 struct in_addr *a, const struct bootp *bootp, size_t bootp_len,
280 uint8_t option)
281{
282 const uint8_t *p;
283 size_t len;
284
285 p = get_option(ctx, bootp, bootp_len, option, &len);
286 if (!p || len < (ssize_t)sizeof(a->s_addr))
287 return -1;
288 memcpy(&a->s_addr, p, sizeof(a->s_addr));
289 return 0;
290}
291
292static int
293get_option_uint32(struct dhcpcd_ctx *ctx,
294 uint32_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option)
295{
296 const uint8_t *p;
297 size_t len;
298 uint32_t d;
299
300 p = get_option(ctx, bootp, bootp_len, option, &len);
301 if (!p || len < (ssize_t)sizeof(d))
302 return -1;
303 memcpy(&d, p, sizeof(d));
304 if (i)
305 *i = ntohl(d);
306 return 0;
307}
308
309static int
310get_option_uint16(struct dhcpcd_ctx *ctx,
311 uint16_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option)
312{
313 const uint8_t *p;
314 size_t len;
315 uint16_t d;
316
317 p = get_option(ctx, bootp, bootp_len, option, &len);
318 if (!p || len < (ssize_t)sizeof(d))
319 return -1;
320 memcpy(&d, p, sizeof(d));
321 if (i)
322 *i = ntohs(d);
323 return 0;
324}
325
326static int
327get_option_uint8(struct dhcpcd_ctx *ctx,
328 uint8_t *i, const struct bootp *bootp, size_t bootp_len, uint8_t option)
329{
330 const uint8_t *p;
331 size_t len;
332
333 p = get_option(ctx, bootp, bootp_len, option, &len);
334 if (!p || len < (ssize_t)sizeof(*p))
335 return -1;
336 if (i)
337 *i = *(p);
338 return 0;
339}
340
341ssize_t
342decode_rfc3442(char *out, size_t len, const uint8_t *p, size_t pl)
343{
344 const uint8_t *e;
345 size_t bytes = 0, ocets;
346 int b;
347 uint8_t cidr;
348 struct in_addr addr;
349 char *o = out;
350
351 /* Minimum is 5 -first is CIDR and a router length of 4 */
352 if (pl < 5) {
353 errno = EINVAL;
354 return -1;
355 }
356
357 e = p + pl;
358 while (p < e) {
359 cidr = *p++;
360 if (cidr > 32) {
361 errno = EINVAL;
362 return -1;
363 }
364 ocets = (size_t)(cidr + 7) / NBBY;
365 if (p + 4 + ocets > e) {
366 errno = ERANGE;
367 return -1;
368 }
369 if (!out) {
370 p += 4 + ocets;
371 bytes += ((4 * 4) * 2) + 4;
372 continue;
373 }
374 if ((((4 * 4) * 2) + 4) > len) {
375 errno = ENOBUFS;
376 return -1;
377 }
378 if (o != out) {
379 *o++ = ' ';
380 len--;
381 }
382 /* If we have ocets then we have a destination and netmask */
383 if (ocets > 0) {
384 addr.s_addr = 0;
385 memcpy(&addr.s_addr, p, ocets);
386 b = snprintf(o, len, "%s/%d", inet_ntoa(addr), cidr);
387 p += ocets;
388 } else
389 b = snprintf(o, len, "0.0.0.0/0");
390 o += b;
391 len -= (size_t)b;
392
393 /* Finally, snag the router */
394 memcpy(&addr.s_addr, p, 4);
395 p += 4;
396 b = snprintf(o, len, " %s", inet_ntoa(addr));
397 o += b;
398 len -= (size_t)b;
399 }
400
401 if (out)
402 return o - out;
403 return (ssize_t)bytes;
404}
405
406static int
407decode_rfc3442_rt(struct rt_head *routes, struct interface *ifp,
408 const uint8_t *data, size_t dl, const struct bootp *bootp)
409{
410 const uint8_t *p = data;
411 const uint8_t *e;
412 uint8_t cidr;
413 size_t ocets;
414 struct rt *rt = NULL;
415 struct in_addr dest, netmask, gateway;
416 int n;
417
418 /* Minimum is 5 -first is CIDR and a router length of 4 */
419 if (dl < 5) {
420 errno = EINVAL;
421 return -1;
422 }
423
424 n = 0;
425 e = p + dl;
426 while (p < e) {
427 cidr = *p++;
428 if (cidr > 32) {
429 errno = EINVAL;
430 return -1;
431 }
432
433 ocets = (size_t)(cidr + 7) / NBBY;
434 if (p + 4 + ocets > e) {
435 errno = ERANGE;
436 return -1;
437 }
438
439 if ((rt = rt_new(ifp)) == NULL)
440 return -1;
441
442 /* If we have ocets then we have a destination and netmask */
443 dest.s_addr = 0;
444 if (ocets > 0) {
445 memcpy(&dest.s_addr, p, ocets);
446 p += ocets;
447 netmask.s_addr = htonl(~0U << (32 - cidr));
448 } else
449 netmask.s_addr = 0;
450
451 /* Finally, snag the router */
452 memcpy(&gateway.s_addr, p, 4);
453 p += 4;
454
455 /* An on-link host route is normally set by having the
456 * gateway match the destination or assigned address */
457 if (gateway.s_addr == dest.s_addr ||
458 (gateway.s_addr == bootp->yiaddr ||
459 gateway.s_addr == bootp->ciaddr))
460 {
461 gateway.s_addr = INADDR_ANY;
462 netmask.s_addr = INADDR_BROADCAST;
463 }
464 if (netmask.s_addr == INADDR_BROADCAST)
465 rt->rt_flags = RTF_HOST;
466
467 sa_in_init(&rt->rt_dest, &dest);
468 sa_in_init(&rt->rt_netmask, &netmask);
469 sa_in_init(&rt->rt_gateway, &gateway);
470
471 TAILQ_INSERT_TAIL(routes, rt, rt_next);
472 n++;
473 }
474 return n;
475}
476
477char *
478decode_rfc3361(const uint8_t *data, size_t dl)
479{
480 uint8_t enc;
481 size_t l;
482 ssize_t r;
483 char *sip = NULL;
484 struct in_addr addr;
485 char *p;
486
487 if (dl < 2) {
488 errno = EINVAL;
489 return 0;
490 }
491
492 enc = *data++;
493 dl--;
494 switch (enc) {
495 case 0:
496 if ((r = decode_rfc1035(NULL, 0, data, dl)) > 0) {
497 l = (size_t)r + 1;
498 sip = malloc(l);
499 if (sip == NULL)
500 return 0;
501 decode_rfc1035(sip, l, data, dl);
502 }
503 break;
504 case 1:
505 if (dl == 0 || dl % 4 != 0) {
506 errno = EINVAL;
507 break;
508 }
509 addr.s_addr = INADDR_BROADCAST;
510 l = ((dl / sizeof(addr.s_addr)) * ((4 * 4) + 1)) + 1;
511 sip = p = malloc(l);
512 if (sip == NULL)
513 return 0;
514 while (dl != 0) {
515 memcpy(&addr.s_addr, data, sizeof(addr.s_addr));
516 data += sizeof(addr.s_addr);
517 p += snprintf(p, l - (size_t)(p - sip),
518 "%s ", inet_ntoa(addr));
519 dl -= sizeof(addr.s_addr);
520 }
521 *--p = '\0';
522 break;
523 default:
524 errno = EINVAL;
525 return 0;
526 }
527
528 return sip;
529}
530
531static char *
532get_option_string(struct dhcpcd_ctx *ctx,
533 const struct bootp *bootp, size_t bootp_len, uint8_t option)
534{
535 size_t len;
536 const uint8_t *p;
537 char *s;
538
539 p = get_option(ctx, bootp, bootp_len, option, &len);
540 if (!p || len == 0 || *p == '\0')
541 return NULL;
542
543 s = malloc(sizeof(char) * (len + 1));
544 if (s) {
545 memcpy(s, p, len);
546 s[len] = '\0';
547 }
548 return s;
549}
550
551/* This calculates the netmask that we should use for static routes.
552 * This IS different from the calculation used to calculate the netmask
553 * for an interface address. */
554static uint32_t
555route_netmask(uint32_t ip_in)
556{
557 /* used to be unsigned long - check if error */
558 uint32_t p = ntohl(ip_in);
559 uint32_t t;
560
561 if (IN_CLASSA(p))
562 t = ~IN_CLASSA_NET;
563 else {
564 if (IN_CLASSB(p))
565 t = ~IN_CLASSB_NET;
566 else {
567 if (IN_CLASSC(p))
568 t = ~IN_CLASSC_NET;
569 else
570 t = 0;
571 }
572 }
573
574 while (t & p)
575 t >>= 1;
576
577 return (htonl(~t));
578}
579
580/* We need to obey routing options.
581 * If we have a CSR then we only use that.
582 * Otherwise we add static routes and then routers. */
583static int
584get_option_routes(struct rt_head *routes, struct interface *ifp,
585 const struct bootp *bootp, size_t bootp_len)
586{
587 struct if_options *ifo = ifp->options;
588 const uint8_t *p;
589 const uint8_t *e;
590 struct rt *rt = NULL;
591 struct in_addr dest, netmask, gateway;
592 size_t len;
593 const char *csr = "";
594 int n;
595
596 /* If we have CSR's then we MUST use these only */
597 if (!has_option_mask(ifo->nomask, DHO_CSR))
598 p = get_option(ifp->ctx, bootp, bootp_len, DHO_CSR, &len);
599 else
600 p = NULL;
601 /* Check for crappy MS option */
602 if (!p && !has_option_mask(ifo->nomask, DHO_MSCSR)) {
603 p = get_option(ifp->ctx, bootp, bootp_len, DHO_MSCSR, &len);
604 if (p)
605 csr = "MS ";
606 }
607 if (p && (n = decode_rfc3442_rt(routes, ifp, p, len, bootp)) != -1) {
608 const struct dhcp_state *state;
609
610 state = D_CSTATE(ifp);
611 if (!(ifo->options & DHCPCD_CSR_WARNED) &&
612 !(state->added & STATE_FAKE))
613 {
614 logdebugx("%s: using %sClassless Static Routes",
615 ifp->name, csr);
616 ifo->options |= DHCPCD_CSR_WARNED;
617 }
618 return n;
619 }
620
621 n = 0;
622 /* OK, get our static routes first. */
623 if (!has_option_mask(ifo->nomask, DHO_STATICROUTE))
624 p = get_option(ifp->ctx, bootp, bootp_len,
625 DHO_STATICROUTE, &len);
626 else
627 p = NULL;
628 /* RFC 2131 Section 5.8 states length MUST be in multiples of 8 */
629 if (p && len % 8 == 0) {
630 e = p + len;
631 while (p < e) {
632 memcpy(&dest.s_addr, p, sizeof(dest.s_addr));
633 p += 4;
634 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr));
635 p += 4;
636 /* RFC 2131 Section 5.8 states default route is
637 * illegal */
638 if (gateway.s_addr == INADDR_ANY)
639 continue;
640 if ((rt = rt_new(ifp)) == NULL)
641 return -1;
642
643 /* A on-link host route is normally set by having the
644 * gateway match the destination or assigned address */
645 if (gateway.s_addr == dest.s_addr ||
646 (gateway.s_addr == bootp->yiaddr ||
647 gateway.s_addr == bootp->ciaddr))
648 {
649 gateway.s_addr = INADDR_ANY;
650 netmask.s_addr = INADDR_BROADCAST;
651 } else
652 netmask.s_addr = route_netmask(dest.s_addr);
653 if (netmask.s_addr == INADDR_BROADCAST)
654 rt->rt_flags = RTF_HOST;
655
656 sa_in_init(&rt->rt_dest, &dest);
657 sa_in_init(&rt->rt_netmask, &netmask);
658 sa_in_init(&rt->rt_gateway, &gateway);
659
660 TAILQ_INSERT_TAIL(routes, rt, rt_next);
661 n++;
662 }
663 }
664
665 /* Now grab our routers */
666 if (!has_option_mask(ifo->nomask, DHO_ROUTER))
667 p = get_option(ifp->ctx, bootp, bootp_len, DHO_ROUTER, &len);
668 else
669 p = NULL;
670 if (p) {
671 e = p + len;
672 dest.s_addr = INADDR_ANY;
673 netmask.s_addr = INADDR_ANY;
674 while (p < e) {
675 if ((rt = rt_new(ifp)) == NULL)
676 return -1;
677 memcpy(&gateway.s_addr, p, sizeof(gateway.s_addr));
678 p += 4;
679 sa_in_init(&rt->rt_dest, &dest);
680 sa_in_init(&rt->rt_netmask, &netmask);
681 sa_in_init(&rt->rt_gateway, &gateway);
682 TAILQ_INSERT_TAIL(routes, rt, rt_next);
683 n++;
684 }
685 }
686
687 return n;
688}
689
690uint16_t
691dhcp_get_mtu(const struct interface *ifp)
692{
693 const struct dhcp_state *state;
694 uint16_t mtu;
695
696 if (ifp->options->mtu)
697 return (uint16_t)ifp->options->mtu;
698 mtu = 0; /* bogus gcc warning */
699 if ((state = D_CSTATE(ifp)) == NULL ||
700 has_option_mask(ifp->options->nomask, DHO_MTU) ||
701 get_option_uint16(ifp->ctx, &mtu,
702 state->new, state->new_len, DHO_MTU) == -1)
703 return 0;
704 return mtu;
705}
706
707/* Grab our routers from the DHCP message and apply any MTU value
708 * the message contains */
709int
710dhcp_get_routes(struct rt_head *routes, struct interface *ifp)
711{
712 const struct dhcp_state *state;
713
714 if ((state = D_CSTATE(ifp)) == NULL || !(state->added & STATE_ADDED))
715 return 0;
716 return get_option_routes(routes, ifp, state->new, state->new_len);
717}
718
719/* Assumes DHCP options */
720static int
721dhcp_message_add_addr(struct bootp *bootp,
722 uint8_t type, struct in_addr addr)
723{
724 uint8_t *p;
725 size_t len;
726
727 p = bootp->vend;
728 while (*p != DHO_END) {
729 p++;
730 p += *p + 1;
731 }
732
733 len = (size_t)(p - bootp->vend);
734 if (len + 6 > sizeof(bootp->vend)) {
735 errno = ENOMEM;
736 return -1;
737 }
738
739 *p++ = type;
740 *p++ = 4;
741 memcpy(p, &addr.s_addr, 4);
742 p += 4;
743 *p = DHO_END;
744 return 0;
745}
746
747static ssize_t
748make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type)
749{
750 struct bootp *bootp;
751 uint8_t *lp, *p, *e;
752 uint8_t *n_params = NULL;
753 uint32_t ul;
754 uint16_t sz;
755 size_t len, i;
756 const struct dhcp_opt *opt;
757 struct if_options *ifo = ifp->options;
758 const struct dhcp_state *state = D_CSTATE(ifp);
759 const struct dhcp_lease *lease = &state->lease;
760 char hbuf[HOSTNAME_MAX_LEN + 1];
761 const char *hostname;
762 const struct vivco *vivco;
763 int mtu;
764#ifdef AUTH
765 uint8_t *auth, auth_len;
766#endif
767
768 if ((mtu = if_getmtu(ifp)) == -1)
769 logerr("%s: if_getmtu", ifp->name);
770 else if (mtu < MTU_MIN) {
771 if (if_setmtu(ifp, MTU_MIN) == -1)
772 logerr("%s: if_setmtu", ifp->name);
773 mtu = MTU_MIN;
774 }
775
776 if (ifo->options & DHCPCD_BOOTP)
777 bootp = calloc(1, sizeof (*bootp));
778 else
779 /* Make the maximal message we could send */
780 bootp = calloc(1, (size_t)(mtu - IP_UDP_SIZE));
781
782 if (bootp == NULL)
783 return -1;
784 *bootpm = bootp;
785
786 if (state->addr != NULL &&
787 (type == DHCP_INFORM || type == DHCP_RELEASE ||
788 (type == DHCP_REQUEST &&
789 state->addr->mask.s_addr == lease->mask.s_addr &&
790 (state->new == NULL || IS_DHCP(state->new)) &&
791 !(state->added & STATE_FAKE))))
792 bootp->ciaddr = state->addr->addr.s_addr;
793
794 bootp->op = BOOTREQUEST;
795 bootp->htype = (uint8_t)ifp->family;
796 switch (ifp->family) {
797 case ARPHRD_ETHER:
798 case ARPHRD_IEEE802:
799 bootp->hlen = (uint8_t)ifp->hwlen;
800 memcpy(&bootp->chaddr, &ifp->hwaddr, ifp->hwlen);
801 break;
802 }
803
804 if (ifo->options & DHCPCD_BROADCAST &&
805 bootp->ciaddr == 0 &&
806 type != DHCP_DECLINE &&
807 type != DHCP_RELEASE)
808 bootp->flags = htons(BROADCAST_FLAG);
809
810 if (type != DHCP_DECLINE && type != DHCP_RELEASE) {
811 struct timespec tv;
812
813 clock_gettime(CLOCK_MONOTONIC, &tv);
814 timespecsub(&tv, &state->started, &tv);
815 if (tv.tv_sec < 0 || tv.tv_sec > (time_t)UINT16_MAX)
816 bootp->secs = htons((uint16_t)UINT16_MAX);
817 else
818 bootp->secs = htons((uint16_t)tv.tv_sec);
819 }
820
821 bootp->xid = htonl(state->xid);
822
823 if (ifo->options & DHCPCD_BOOTP)
824 return sizeof(*bootp);
825
826 p = bootp->vend;
827 e = (uint8_t *)bootp + (mtu - IP_UDP_SIZE) - 1; /* -1 for DHO_END */
828
829 ul = htonl(MAGIC_COOKIE);
830 memcpy(p, &ul, sizeof(ul));
831 p += sizeof(ul);
832
833 *p++ = DHO_MESSAGETYPE;
834 *p++ = 1;
835 *p++ = type;
836
837#define AREA_LEFT (size_t)(e - p)
838#define AREA_FIT(s) if ((s) > AREA_LEFT) goto toobig
839#define AREA_CHECK(s) if ((s) + 2UL > AREA_LEFT) goto toobig
840#define PUT_ADDR(o, a) do { \
841 AREA_CHECK(4); \
842 *p++ = (o); \
843 *p++ = 4; \
844 memcpy(p, &(a)->s_addr, 4); \
845 p += 4; \
846} while (0 /* CONSTCOND */)
847
848 if (state->clientid) {
849 AREA_CHECK(state->clientid[0]);
850 *p++ = DHO_CLIENTID;
851 memcpy(p, state->clientid, (size_t)state->clientid[0] + 1);
852 p += state->clientid[0] + 1;
853 }
854
855 if (lease->addr.s_addr && lease->cookie == htonl(MAGIC_COOKIE)) {
856 if (type == DHCP_DECLINE ||
857 (type == DHCP_REQUEST &&
858 (state->addr == NULL ||
859 state->added & STATE_FAKE ||
860 lease->addr.s_addr != state->addr->addr.s_addr)))
861 {
862 PUT_ADDR(DHO_IPADDRESS, &lease->addr);
863 if (lease->server.s_addr)
864 PUT_ADDR(DHO_SERVERID, &lease->server);
865 }
866
867 if (type == DHCP_RELEASE) {
868 if (lease->server.s_addr)
869 PUT_ADDR(DHO_SERVERID, &lease->server);
870 }
871 }
872
873 if (type == DHCP_DECLINE) {
874 len = strlen(DAD);
875 if (len > AREA_LEFT) {
876 *p++ = DHO_MESSAGE;
877 *p++ = (uint8_t)len;
878 memcpy(p, DAD, len);
879 p += len;
880 }
881 }
882
883 if (type == DHCP_DISCOVER &&
884 !(ifp->ctx->options & DHCPCD_TEST) &&
885 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT))
886 {
887 /* RFC 4039 Section 3 */
888 AREA_CHECK(0);
889 *p++ = DHO_RAPIDCOMMIT;
890 *p++ = 0;
891 }
892
893 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_REQUEST)
894 PUT_ADDR(DHO_IPADDRESS, &ifo->req_addr);
895
896 /* RFC 2563 Auto Configure */
897 if (type == DHCP_DISCOVER && ifo->options & DHCPCD_IPV4LL) {
898 AREA_CHECK(1);
899 *p++ = DHO_AUTOCONFIGURE;
900 *p++ = 1;
901 *p++ = 1;
902 }
903
904 if (type == DHCP_DISCOVER ||
905 type == DHCP_INFORM ||
906 type == DHCP_REQUEST)
907 {
908 if (mtu != -1) {
909 AREA_CHECK(2);
910 *p++ = DHO_MAXMESSAGESIZE;
911 *p++ = 2;
912 sz = htons((uint16_t)(mtu - IP_UDP_SIZE));
913 memcpy(p, &sz, 2);
914 p += 2;
915 }
916
917 if (ifo->userclass[0]) {
918 AREA_CHECK(ifo->userclass[0]);
919 *p++ = DHO_USERCLASS;
920 memcpy(p, ifo->userclass,
921 (size_t)ifo->userclass[0] + 1);
922 p += ifo->userclass[0] + 1;
923 }
924
925 if (ifo->vendorclassid[0]) {
926 AREA_CHECK(ifo->vendorclassid[0]);
927 *p++ = DHO_VENDORCLASSID;
928 memcpy(p, ifo->vendorclassid,
929 (size_t)ifo->vendorclassid[0] + 1);
930 p += ifo->vendorclassid[0] + 1;
931 }
932
933 if (ifo->mudurl[0]) {
934 AREA_CHECK(ifo->mudurl[0]);
935 *p++ = DHO_MUDURL;
936 memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1);
937 p += ifo->mudurl[0] + 1;
938 }
939
940 if (type != DHCP_INFORM) {
941 if (ifo->leasetime != 0) {
942 AREA_CHECK(4);
943 *p++ = DHO_LEASETIME;
944 *p++ = 4;
945 ul = htonl(ifo->leasetime);
946 memcpy(p, &ul, 4);
947 p += 4;
948 }
949 }
950
951 hostname = dhcp_get_hostname(hbuf, sizeof(hbuf), ifo);
952
953 /*
954 * RFC4702 3.1 States that if we send the Client FQDN option
955 * then we MUST NOT also send the Host Name option.
956 * Technically we could, but that is not RFC conformant and
957 * also seems to break some DHCP server implemetations such as
958 * Windows. On the other hand, ISC dhcpd is just as non RFC
959 * conformant by not accepting a partially qualified FQDN.
960 */
961 if (ifo->fqdn != FQDN_DISABLE) {
962 /* IETF DHC-FQDN option (81), RFC4702 */
963 i = 3;
964 if (hostname)
965 i += encode_rfc1035(hostname, NULL);
966 AREA_CHECK(i);
967 *p++ = DHO_FQDN;
968 *p++ = (uint8_t)i;
969 /*
970 * Flags: 0000NEOS
971 * S: 1 => Client requests Server to update
972 * a RR in DNS as well as PTR
973 * O: 1 => Server indicates to client that
974 * DNS has been updated
975 * E: 1 => Name data is DNS format
976 * N: 1 => Client requests Server to not
977 * update DNS
978 */
979 if (hostname)
980 *p++ = (uint8_t)((ifo->fqdn & 0x09) | 0x04);
981 else
982 *p++ = (FQDN_NONE & 0x09) | 0x04;
983 *p++ = 0; /* from server for PTR RR */
984 *p++ = 0; /* from server for A RR if S=1 */
985 if (hostname) {
986 i = encode_rfc1035(hostname, p);
987 p += i;
988 }
989 } else if (ifo->options & DHCPCD_HOSTNAME && hostname) {
990 len = strlen(hostname);
991 AREA_CHECK(len);
992 *p++ = DHO_HOSTNAME;
993 *p++ = (uint8_t)len;
994 memcpy(p, hostname, len);
995 p += len;
996 }
997
998 /* vendor is already encoded correctly, so just add it */
999 if (ifo->vendor[0]) {
1000 AREA_CHECK(ifo->vendor[0]);
1001 *p++ = DHO_VENDOR;
1002 memcpy(p, ifo->vendor, (size_t)ifo->vendor[0] + 1);
1003 p += ifo->vendor[0] + 1;
1004 }
1005
1006#ifdef AUTH
1007 if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) !=
1008 DHCPCD_AUTH_SENDREQUIRE)
1009 {
1010 /* We support HMAC-MD5 */
1011 AREA_CHECK(1);
1012 *p++ = DHO_FORCERENEW_NONCE;
1013 *p++ = 1;
1014 *p++ = AUTH_ALG_HMAC_MD5;
1015 }
1016#endif
1017
1018 if (ifo->vivco_len) {
1019 AREA_CHECK(sizeof(ul));
1020 *p++ = DHO_VIVCO;
1021 lp = p++;
1022 *lp = sizeof(ul);
1023 ul = htonl(ifo->vivco_en);
1024 memcpy(p, &ul, sizeof(ul));
1025 p += sizeof(ul);
1026 for (i = 0, vivco = ifo->vivco;
1027 i < ifo->vivco_len;
1028 i++, vivco++)
1029 {
1030 AREA_FIT(vivco->len);
1031 if (vivco->len + 2 + *lp > 255) {
1032 logerrx("%s: VIVCO option too big",
1033 ifp->name);
1034 free(bootp);
1035 return -1;
1036 }
1037 *p++ = (uint8_t)vivco->len;
1038 memcpy(p, vivco->data, vivco->len);
1039 p += vivco->len;
1040 *lp = (uint8_t)(*lp + vivco->len + 1);
1041 }
1042 }
1043
1044 AREA_CHECK(0);
1045 *p++ = DHO_PARAMETERREQUESTLIST;
1046 n_params = p;
1047 *p++ = 0;
1048 for (i = 0, opt = ifp->ctx->dhcp_opts;
1049 i < ifp->ctx->dhcp_opts_len;
1050 i++, opt++)
1051 {
1052 if (!(opt->type & OT_REQUEST ||
1053 has_option_mask(ifo->requestmask, opt->option)))
1054 continue;
1055 if (opt->type & OT_NOREQ)
1056 continue;
1057 if (type == DHCP_INFORM &&
1058 (opt->option == DHO_RENEWALTIME ||
1059 opt->option == DHO_REBINDTIME))
1060 continue;
1061 AREA_FIT(1);
1062 *p++ = (uint8_t)opt->option;
1063 }
1064 for (i = 0, opt = ifo->dhcp_override;
1065 i < ifo->dhcp_override_len;
1066 i++, opt++)
1067 {
1068 /* Check if added above */
1069 for (lp = n_params + 1; lp < p; lp++)
1070 if (*lp == (uint8_t)opt->option)
1071 break;
1072 if (lp < p)
1073 continue;
1074 if (!(opt->type & OT_REQUEST ||
1075 has_option_mask(ifo->requestmask, opt->option)))
1076 continue;
1077 if (opt->type & OT_NOREQ)
1078 continue;
1079 if (type == DHCP_INFORM &&
1080 (opt->option == DHO_RENEWALTIME ||
1081 opt->option == DHO_REBINDTIME))
1082 continue;
1083 AREA_FIT(1);
1084 *p++ = (uint8_t)opt->option;
1085 }
1086 *n_params = (uint8_t)(p - n_params - 1);
1087 }
1088
1089#ifdef AUTH
1090 auth = NULL; /* appease GCC */
1091 auth_len = 0;
1092 if (ifo->auth.options & DHCPCD_AUTH_SEND) {
1093 ssize_t alen = dhcp_auth_encode(&ifo->auth,
1094 state->auth.token,
1095 NULL, 0, 4, type, NULL, 0);
1096 if (alen != -1 && alen > UINT8_MAX) {
1097 errno = ERANGE;
1098 alen = -1;
1099 }
1100 if (alen == -1)
1101 logerr("%s: dhcp_auth_encode", ifp->name);
1102 else if (alen != 0) {
1103 auth_len = (uint8_t)alen;
1104 AREA_CHECK(auth_len);
1105 *p++ = DHO_AUTHENTICATION;
1106 *p++ = auth_len;
1107 auth = p;
1108 p += auth_len;
1109 }
1110 }
1111#endif
1112
1113 *p++ = DHO_END;
1114 len = (size_t)(p - (uint8_t *)bootp);
1115
1116 /* Pad out to the BOOTP message length.
1117 * Even if we send a DHCP packet with a variable length vendor area,
1118 * some servers / relay agents don't like packets smaller than
1119 * a BOOTP message which is fine because that's stipulated
1120 * in RFC1542 section 2.1. */
1121 while (len < sizeof(*bootp)) {
1122 *p++ = DHO_PAD;
1123 len++;
1124 }
1125
1126#ifdef AUTH
1127 if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0)
1128 dhcp_auth_encode(&ifo->auth, state->auth.token,
1129 (uint8_t *)bootp, len, 4, type, auth, auth_len);
1130#endif
1131
1132 return (ssize_t)len;
1133
1134toobig:
1135 logerrx("%s: DHCP message too big", ifp->name);
1136 free(bootp);
1137 return -1;
1138}
1139
1140static ssize_t
1141write_lease(const struct interface *ifp, const struct bootp *bootp, size_t len)
1142{
1143 int fd;
1144 ssize_t bytes;
1145 const struct dhcp_state *state = D_CSTATE(ifp);
1146
1147 logdebugx("%s: writing lease `%s'", ifp->name, state->leasefile);
1148
1149 fd = open(state->leasefile, O_WRONLY | O_CREAT | O_TRUNC, 0644);
1150 if (fd == -1)
1151 return -1;
1152 bytes = write(fd, bootp, len);
1153 close(fd);
1154 return bytes;
1155}
1156
1157static size_t
1158read_lease(struct interface *ifp, struct bootp **bootp)
1159{
1160 int fd;
1161 bool fd_opened;
1162 struct dhcp_state *state = D_STATE(ifp);
1163 struct bootp *lease;
1164 size_t bytes;
1165 uint8_t type;
1166#ifdef AUTH
1167 const uint8_t *auth;
1168 size_t auth_len;
1169#endif
1170
1171 /* Safety */
1172 *bootp = NULL;
1173
1174 if (state->leasefile[0] == '\0') {
1175 fd = fileno(stdin);
1176 fd_opened = false;
1177 } else {
1178 fd = open(state->leasefile, O_RDONLY);
1179 fd_opened = true;
1180 }
1181 if (fd == -1) {
1182 if (errno != ENOENT)
1183 logerr("%s: open `%s'",
1184 ifp->name, state->leasefile);
1185 return 0;
1186 }
1187 if (state->leasefile[0] == '\0')
1188 logdebugx("reading standard input");
1189 else
1190 logdebugx("%s: reading lease `%s'",
1191 ifp->name, state->leasefile);
1192
1193 bytes = dhcp_read_lease_fd(fd, (void **)&lease);
1194 if (fd_opened)
1195 close(fd);
1196 if (bytes == 0) {
1197 free(lease);
1198 logerr("%s: dhcp_read_lease_fd", __func__);
1199 return 0;
1200 }
1201
1202 /* Ensure the packet is at lease BOOTP sized
1203 * with a vendor area of 4 octets
1204 * (it should be more, and our read packet enforces this so this
1205 * code should not be needed, but of course people could
1206 * scribble whatever in the stored lease file. */
1207 if (bytes < offsetof(struct bootp, vend) + 4) {
1208 free(lease);
1209 logerrx("%s: %s: truncated lease", ifp->name, __func__);
1210 return 0;
1211 }
1212
1213 if (ifp->ctx->options & DHCPCD_DUMPLEASE)
1214 goto out;
1215
1216 /* We may have found a BOOTP server */
1217 if (get_option_uint8(ifp->ctx, &type, (struct bootp *)lease, bytes,
1218 DHO_MESSAGETYPE) == -1)
1219 type = 0;
1220
1221#ifdef AUTH
1222 /* Authenticate the message */
1223 auth = get_option(ifp->ctx, (struct bootp *)lease, bytes,
1224 DHO_AUTHENTICATION, &auth_len);
1225 if (auth) {
1226 if (dhcp_auth_validate(&state->auth, &ifp->options->auth,
1227 lease, bytes, 4, type, auth, auth_len) == NULL)
1228 {
1229 logerr("%s: authentication failed", ifp->name);
1230 free(lease);
1231 return 0;
1232 }
1233 if (state->auth.token)
1234 logdebugx("%s: validated using 0x%08" PRIu32,
1235 ifp->name, state->auth.token->secretid);
1236 else
1237 logdebugx("%s: accepted reconfigure key", ifp->name);
1238 } else if ((ifp->options->auth.options & DHCPCD_AUTH_SENDREQUIRE) ==
1239 DHCPCD_AUTH_SENDREQUIRE)
1240 {
1241 logerrx("%s: authentication now required", ifp->name);
1242 free(lease);
1243 return 0;
1244 }
1245#endif
1246
1247out:
1248 *bootp = (struct bootp *)lease;
1249 return bytes;
1250}
1251
1252static const struct dhcp_opt *
1253dhcp_getoverride(const struct if_options *ifo, unsigned int o)
1254{
1255 size_t i;
1256 const struct dhcp_opt *opt;
1257
1258 for (i = 0, opt = ifo->dhcp_override;
1259 i < ifo->dhcp_override_len;
1260 i++, opt++)
1261 {
1262 if (opt->option == o)
1263 return opt;
1264 }
1265 return NULL;
1266}
1267
1268static const uint8_t *
1269dhcp_getoption(struct dhcpcd_ctx *ctx,
1270 size_t *os, unsigned int *code, size_t *len,
1271 const uint8_t *od, size_t ol, struct dhcp_opt **oopt)
1272{
1273 size_t i;
1274 struct dhcp_opt *opt;
1275
1276 if (od) {
1277 if (ol < 2) {
1278 errno = EINVAL;
1279 return NULL;
1280 }
1281 *os = 2; /* code + len */
1282 *code = (unsigned int)*od++;
1283 *len = (size_t)*od++;
1284 if (*len > ol - *os) {
1285 errno = ERANGE;
1286 return NULL;
1287 }
1288 }
1289
1290 *oopt = NULL;
1291 for (i = 0, opt = ctx->dhcp_opts; i < ctx->dhcp_opts_len; i++, opt++) {
1292 if (opt->option == *code) {
1293 *oopt = opt;
1294 break;
1295 }
1296 }
1297
1298 return od;
1299}
1300
1301ssize_t
1302dhcp_env(char **env, const char *prefix,
1303 const struct bootp *bootp, size_t bootp_len,
1304 const struct interface *ifp)
1305{
1306 const struct if_options *ifo;
1307 const uint8_t *p;
1308 struct in_addr addr;
1309 struct in_addr net;
1310 struct in_addr brd;
1311 struct dhcp_opt *opt, *vo;
1312 size_t e, i, pl;
1313 char **ep;
1314 char cidr[4], safe[(BOOTP_FILE_LEN * 4) + 1];
1315 uint8_t overl = 0;
1316 uint32_t en;
1317
1318 e = 0;
1319 ifo = ifp->options;
1320 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len,
1321 DHO_OPTSOVERLOADED) == -1)
1322 overl = 0;
1323
1324 if (env == NULL) {
1325 if (bootp->yiaddr || bootp->ciaddr)
1326 e += 5;
1327 if (*bootp->file && !(overl & 1))
1328 e++;
1329 if (*bootp->sname && !(overl & 2))
1330 e++;
1331 for (i = 0, opt = ifp->ctx->dhcp_opts;
1332 i < ifp->ctx->dhcp_opts_len;
1333 i++, opt++)
1334 {
1335 if (has_option_mask(ifo->nomask, opt->option))
1336 continue;
1337 if (dhcp_getoverride(ifo, opt->option))
1338 continue;
1339 p = get_option(ifp->ctx, bootp, bootp_len,
1340 opt->option, &pl);
1341 if (!p)
1342 continue;
1343 e += dhcp_envoption(ifp->ctx, NULL, NULL, ifp->name,
1344 opt, dhcp_getoption, p, pl);
1345 }
1346 for (i = 0, opt = ifo->dhcp_override;
1347 i < ifo->dhcp_override_len;
1348 i++, opt++)
1349 {
1350 if (has_option_mask(ifo->nomask, opt->option))
1351 continue;
1352 p = get_option(ifp->ctx, bootp, bootp_len,
1353 opt->option, &pl);
1354 if (!p)
1355 continue;
1356 e += dhcp_envoption(ifp->ctx, NULL, NULL, ifp->name,
1357 opt, dhcp_getoption, p, pl);
1358 }
1359 return (ssize_t)e;
1360 }
1361
1362 ep = env;
1363 if (bootp->yiaddr || bootp->ciaddr) {
1364 /* Set some useful variables that we derive from the DHCP
1365 * message but are not necessarily in the options */
1366 addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr;
1367 addvar(&ep, prefix, "ip_address", inet_ntoa(addr));
1368 if (get_option_addr(ifp->ctx, &net,
1369 bootp, bootp_len, DHO_SUBNETMASK) == -1)
1370 {
1371 net.s_addr = ipv4_getnetmask(addr.s_addr);
1372 addvar(&ep, prefix,
1373 "subnet_mask", inet_ntoa(net));
1374 }
1375 snprintf(cidr, sizeof(cidr), "%d", inet_ntocidr(net));
1376 addvar(&ep, prefix, "subnet_cidr", cidr);
1377 if (get_option_addr(ifp->ctx, &brd,
1378 bootp, bootp_len, DHO_BROADCAST) == -1)
1379 {
1380 brd.s_addr = addr.s_addr | ~net.s_addr;
1381 addvar(&ep, prefix,
1382 "broadcast_address", inet_ntoa(brd));
1383 }
1384 addr.s_addr = bootp->yiaddr & net.s_addr;
1385 addvar(&ep, prefix,
1386 "network_number", inet_ntoa(addr));
1387 }
1388
1389 if (*bootp->file && !(overl & 1)) {
1390 print_string(safe, sizeof(safe), OT_STRING,
1391 bootp->file, sizeof(bootp->file));
1392 addvar(&ep, prefix, "filename", safe);
1393 }
1394 if (*bootp->sname && !(overl & 2)) {
1395 print_string(safe, sizeof(safe), OT_STRING | OT_DOMAIN,
1396 bootp->sname, sizeof(bootp->sname));
1397 addvar(&ep, prefix, "server_name", safe);
1398 }
1399
1400 /* Zero our indexes */
1401 if (env) {
1402 for (i = 0, opt = ifp->ctx->dhcp_opts;
1403 i < ifp->ctx->dhcp_opts_len;
1404 i++, opt++)
1405 dhcp_zero_index(opt);
1406 for (i = 0, opt = ifp->options->dhcp_override;
1407 i < ifp->options->dhcp_override_len;
1408 i++, opt++)
1409 dhcp_zero_index(opt);
1410 for (i = 0, opt = ifp->ctx->vivso;
1411 i < ifp->ctx->vivso_len;
1412 i++, opt++)
1413 dhcp_zero_index(opt);
1414 }
1415
1416 for (i = 0, opt = ifp->ctx->dhcp_opts;
1417 i < ifp->ctx->dhcp_opts_len;
1418 i++, opt++)
1419 {
1420 if (has_option_mask(ifo->nomask, opt->option))
1421 continue;
1422 if (dhcp_getoverride(ifo, opt->option))
1423 continue;
1424 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl);
1425 if (p == NULL)
1426 continue;
1427 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name,
1428 opt, dhcp_getoption, p, pl);
1429
1430 if (opt->option != DHO_VIVSO || pl <= (int)sizeof(uint32_t))
1431 continue;
1432 memcpy(&en, p, sizeof(en));
1433 en = ntohl(en);
1434 vo = vivso_find(en, ifp);
1435 if (vo == NULL)
1436 continue;
1437 /* Skip over en + total size */
1438 p += sizeof(en) + 1;
1439 pl -= sizeof(en) + 1;
1440 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name,
1441 vo, dhcp_getoption, p, pl);
1442 }
1443
1444 for (i = 0, opt = ifo->dhcp_override;
1445 i < ifo->dhcp_override_len;
1446 i++, opt++)
1447 {
1448 if (has_option_mask(ifo->nomask, opt->option))
1449 continue;
1450 p = get_option(ifp->ctx, bootp, bootp_len, opt->option, &pl);
1451 if (p == NULL)
1452 continue;
1453 ep += dhcp_envoption(ifp->ctx, ep, prefix, ifp->name,
1454 opt, dhcp_getoption, p, pl);
1455 }
1456
1457 return ep - env;
1458}
1459
1460static void
1461get_lease(struct interface *ifp,
1462 struct dhcp_lease *lease, const struct bootp *bootp, size_t len)
1463{
1464 struct dhcpcd_ctx *ctx;
1465
1466 assert(bootp != NULL);
1467
1468 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie));
1469 /* BOOTP does not set yiaddr for replies when ciaddr is set. */
1470 lease->addr.s_addr = bootp->yiaddr ? bootp->yiaddr : bootp->ciaddr;
1471 ctx = ifp->ctx;
1472 if (ifp->options->options & (DHCPCD_STATIC | DHCPCD_INFORM)) {
1473 if (ifp->options->req_addr.s_addr != INADDR_ANY) {
1474 lease->mask = ifp->options->req_mask;
1475 if (ifp->options->req_brd.s_addr != INADDR_ANY)
1476 lease->brd = ifp->options->req_brd;
1477 else
1478 lease->brd.s_addr =
1479 lease->addr.s_addr | ~lease->mask.s_addr;
1480 } else {
1481 const struct ipv4_addr *ia;
1482
1483 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL);
1484 assert(ia != NULL);
1485 lease->mask = ia->mask;
1486 lease->brd = ia->brd;
1487 }
1488 } else {
1489 if (get_option_addr(ctx, &lease->mask, bootp, len,
1490 DHO_SUBNETMASK) == -1)
1491 lease->mask.s_addr =
1492 ipv4_getnetmask(lease->addr.s_addr);
1493 if (get_option_addr(ctx, &lease->brd, bootp, len,
1494 DHO_BROADCAST) == -1)
1495 lease->brd.s_addr =
1496 lease->addr.s_addr | ~lease->mask.s_addr;
1497 }
1498 if (get_option_uint32(ctx, &lease->leasetime,
1499 bootp, len, DHO_LEASETIME) != 0)
1500 lease->leasetime = ~0U; /* Default to infinite lease */
1501 if (get_option_uint32(ctx, &lease->renewaltime,
1502 bootp, len, DHO_RENEWALTIME) != 0)
1503 lease->renewaltime = 0;
1504 if (get_option_uint32(ctx, &lease->rebindtime,
1505 bootp, len, DHO_REBINDTIME) != 0)
1506 lease->rebindtime = 0;
1507 if (get_option_addr(ctx, &lease->server, bootp, len, DHO_SERVERID) != 0)
1508 lease->server.s_addr = INADDR_ANY;
1509}
1510
1511static const char *
1512get_dhcp_op(uint8_t type)
1513{
1514 const struct dhcp_op *d;
1515
1516 for (d = dhcp_ops; d->name; d++)
1517 if (d->value == type)
1518 return d->name;
1519 return NULL;
1520}
1521
1522static void
1523dhcp_fallback(void *arg)
1524{
1525 struct interface *iface;
1526
1527 iface = (struct interface *)arg;
1528 dhcpcd_selectprofile(iface, iface->options->fallback);
1529 dhcpcd_startinterface(iface);
1530}
1531
1532static void
1533dhcp_new_xid(struct interface *ifp)
1534{
1535 struct dhcp_state *state;
1536 const struct interface *ifp1;
1537 const struct dhcp_state *state1;
1538
1539 state = D_STATE(ifp);
1540 if (ifp->options->options & DHCPCD_XID_HWADDR &&
1541 ifp->hwlen >= sizeof(state->xid))
1542 /* The lower bits are probably more unique on the network */
1543 memcpy(&state->xid,
1544 (ifp->hwaddr + ifp->hwlen) - sizeof(state->xid),
1545 sizeof(state->xid));
1546 else {
1547again:
1548 state->xid = arc4random();
1549 }
1550
1551 /* Ensure it's unique */
1552 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) {
1553 if (ifp == ifp1)
1554 continue;
1555 if ((state1 = D_CSTATE(ifp1)) == NULL)
1556 continue;
1557 if (state1->xid == state->xid)
1558 break;
1559 }
1560 if (ifp1 != NULL) {
1561 if (ifp->options->options & DHCPCD_XID_HWADDR &&
1562 ifp->hwlen >= sizeof(state->xid))
1563 {
1564 logerrx("%s: duplicate xid on %s",
1565 ifp->name, ifp1->name);
1566 return;
1567 }
1568 goto again;
1569 }
1570
1571 /* We can't do this when sharing leases across interfaes */
1572#if 0
1573 /* As the XID changes, re-apply the filter. */
1574 if (state->bpf_fd != -1) {
1575 if (bpf_bootp(ifp, state->bpf_fd) == -1)
1576 logerr(__func__); /* try to continue */
1577 }
1578#endif
1579}
1580
1581void
1582dhcp_close(struct interface *ifp)
1583{
1584 struct dhcp_state *state = D_STATE(ifp);
1585
1586 if (state == NULL)
1587 return;
1588
1589 if (state->bpf_fd != -1) {
1590 eloop_event_delete(ifp->ctx->eloop, state->bpf_fd);
1591 bpf_close(ifp, state->bpf_fd);
1592 state->bpf_fd = -1;
1593 state->bpf_flags |= BPF_EOF;
1594 }
1595 if (state->udp_fd != -1) {
1596 eloop_event_delete(ifp->ctx->eloop, state->udp_fd);
1597 close(state->udp_fd);
1598 state->udp_fd = -1;
1599 }
1600
1601 state->interval = 0;
1602}
1603
1604static int
1605dhcp_openudp(struct interface *ifp)
1606{
1607 int s;
1608 struct sockaddr_in sin;
1609 int n;
1610
1611 if ((s = xsocket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_UDP)) == -1)
1612 return -1;
1613
1614 n = 1;
1615 if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &n, sizeof(n)) == -1)
1616 goto eexit;
1617#ifdef IP_RECVPKTINFO
1618 if (setsockopt(s, IPPROTO_IP, IP_RECVPKTINFO, &n, sizeof(n)) == -1)
1619 goto eexit;
1620#endif
1621 memset(&sin, 0, sizeof(sin));
1622 sin.sin_family = AF_INET;
1623 sin.sin_port = htons(BOOTPC);
1624 if (ifp) {
1625 const struct dhcp_state *state = D_CSTATE(ifp);
1626
1627 if (state->addr)
1628 sin.sin_addr.s_addr = state->addr->addr.s_addr;
1629 }
1630 if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) == -1)
1631 goto eexit;
1632
1633 return s;
1634
1635eexit:
1636 close(s);
1637 return -1;
1638}
1639
1640static uint16_t
1641checksum(const void *data, size_t len)
1642{
1643 const uint8_t *addr = data;
1644 uint32_t sum = 0;
1645
1646 while (len > 1) {
1647 sum += (uint32_t)(addr[0] * 256 + addr[1]);
1648 addr += 2;
1649 len -= 2;
1650 }
1651
1652 if (len == 1)
1653 sum += (uint32_t)(*addr * 256);
1654
1655 sum = (sum >> 16) + (sum & 0xffff);
1656 sum += (sum >> 16);
1657
1658 return (uint16_t)~htons((uint16_t)sum);
1659}
1660
1661static struct bootp_pkt *
1662dhcp_makeudppacket(size_t *sz, const uint8_t *data, size_t length,
1663 struct in_addr source, struct in_addr dest)
1664{
1665 struct bootp_pkt *udpp;
1666 struct ip *ip;
1667 struct udphdr *udp;
1668
1669 if ((udpp = calloc(1, sizeof(*ip) + sizeof(*udp) + length)) == NULL)
1670 return NULL;
1671 ip = &udpp->ip;
1672 udp = &udpp->udp;
1673
1674 /* OK, this is important :)
1675 * We copy the data to our packet and then create a small part of the
1676 * ip structure and an invalid ip_len (basically udp length).
1677 * We then fill the udp structure and put the checksum
1678 * of the whole packet into the udp checksum.
1679 * Finally we complete the ip structure and ip checksum.
1680 * If we don't do the ordering like so then the udp checksum will be
1681 * broken, so find another way of doing it! */
1682
1683 memcpy(&udpp->bootp, data, length);
1684
1685 ip->ip_p = IPPROTO_UDP;
1686 ip->ip_src.s_addr = source.s_addr;
1687 if (dest.s_addr == 0)
1688 ip->ip_dst.s_addr = INADDR_BROADCAST;
1689 else
1690 ip->ip_dst.s_addr = dest.s_addr;
1691
1692 udp->uh_sport = htons(BOOTPC);
1693 udp->uh_dport = htons(BOOTPS);
1694 udp->uh_ulen = htons((uint16_t)(sizeof(*udp) + length));
1695 ip->ip_len = udp->uh_ulen;
1696 udp->uh_sum = checksum(udpp, sizeof(*ip) + sizeof(*udp) + length);
1697
1698 ip->ip_v = IPVERSION;
1699 ip->ip_hl = sizeof(*ip) >> 2;
1700 ip->ip_id = (uint16_t)arc4random_uniform(UINT16_MAX);
1701 ip->ip_ttl = IPDEFTTL;
1702 ip->ip_len = htons((uint16_t)(sizeof(*ip) + sizeof(*udp) + length));
1703 ip->ip_sum = checksum(ip, sizeof(*ip));
1704
1705 *sz = sizeof(*ip) + sizeof(*udp) + length;
1706 return udpp;
1707}
1708
1709static ssize_t
1710dhcp_sendudp(struct interface *ifp, struct in_addr *to, void *data, size_t len)
1711{
1712 int s;
1713 struct msghdr msg;
1714 struct sockaddr_in sin;
1715 struct iovec iov[1];
1716 struct dhcp_state *state = D_STATE(ifp);
1717 ssize_t r;
1718
1719 iov[0].iov_base = data;
1720 iov[0].iov_len = len;
1721
1722 memset(&sin, 0, sizeof(sin));
1723 sin.sin_family = AF_INET;
1724 sin.sin_addr = *to;
1725 sin.sin_port = htons(BOOTPS);
1726#ifdef HAVE_SA_LEN
1727 sin.sin_len = sizeof(sin);
1728#endif
1729
1730 memset(&msg, 0, sizeof(msg));
1731 msg.msg_name = (void *)&sin;
1732 msg.msg_namelen = sizeof(sin);
1733 msg.msg_iov = iov;
1734 msg.msg_iovlen = 1;
1735
1736 s = state->udp_fd;
1737 if (s == -1) {
1738 s = dhcp_openudp(ifp);
1739 if (s == -1)
1740 return -1;
1741 }
1742 r = sendmsg(s, &msg, 0);
1743 if (state->udp_fd == -1)
1744 close(s);
1745 return r;
1746}
1747
1748static void
1749send_message(struct interface *ifp, uint8_t type,
1750 void (*callback)(void *))
1751{
1752 struct dhcp_state *state = D_STATE(ifp);
1753 struct if_options *ifo = ifp->options;
1754 struct bootp *bootp;
1755 struct bootp_pkt *udp;
1756 size_t len, ulen;
1757 ssize_t r;
1758 struct in_addr from, to;
1759 struct timespec tv;
1760
1761 if (!callback) {
1762 /* No carrier? Don't bother sending the packet. */
1763 if (ifp->carrier <= LINK_DOWN)
1764 return;
1765 logdebugx("%s: sending %s with xid 0x%x",
1766 ifp->name,
1767 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type),
1768 state->xid);
1769 } else {
1770 if (state->interval == 0)
1771 state->interval = 4;
1772 else {
1773 state->interval *= 2;
1774 if (state->interval > 64)
1775 state->interval = 64;
1776 }
1777 tv.tv_sec = state->interval + DHCP_RAND_MIN;
1778 tv.tv_nsec = (suseconds_t)arc4random_uniform(
1779 (DHCP_RAND_MAX - DHCP_RAND_MIN) * NSEC_PER_SEC);
1780 timespecnorm(&tv);
1781 /* No carrier? Don't bother sending the packet.
1782 * However, we do need to advance the timeout. */
1783 if (ifp->carrier <= LINK_DOWN)
1784 goto fail;
1785 logdebugx("%s: sending %s (xid 0x%x), next in %0.1f seconds",
1786 ifp->name,
1787 ifo->options & DHCPCD_BOOTP ? "BOOTP" : get_dhcp_op(type),
1788 state->xid,
1789 timespec_to_double(&tv));
1790 }
1791
1792 r = make_message(&bootp, ifp, type);
1793 if (r == -1)
1794 goto fail;
1795 len = (size_t)r;
1796 from.s_addr = bootp->ciaddr;
1797 if (from.s_addr != INADDR_ANY)
1798 to.s_addr = state->lease.server.s_addr;
1799 else
1800 to.s_addr = INADDR_ANY;
1801
1802 /* If unicasting, try and avoid sending by BPF so we don't
1803 * use a L2 broadcast. */
1804 if (to.s_addr != INADDR_ANY && to.s_addr != INADDR_BROADCAST) {
1805 if (dhcp_sendudp(ifp, &to, bootp, len) != -1)
1806 goto out;
1807 logerr("%s: dhcp_sendudp", ifp->name);
1808 }
1809
1810 if (dhcp_openbpf(ifp) == -1)
1811 goto out;
1812
1813 udp = dhcp_makeudppacket(&ulen, (uint8_t *)bootp, len, from, to);
1814 if (udp == NULL) {
1815 logerr("%s: dhcp_makeudppacket", ifp->name);
1816 r = 0;
1817 } else {
1818 r = bpf_send(ifp, state->bpf_fd,
1819 ETHERTYPE_IP, (uint8_t *)udp, ulen);
1820 free(udp);
1821 }
1822 /* If we failed to send a raw packet this normally means
1823 * we don't have the ability to work beneath the IP layer
1824 * for this interface.
1825 * As such we remove it from consideration without actually
1826 * stopping the interface. */
1827 if (r == -1) {
1828 logerr("%s: if_sendraw", ifp->name);
1829 switch(errno) {
1830 case ENETDOWN:
1831 case ENETRESET:
1832 case ENETUNREACH:
1833 case ENOBUFS:
1834 break;
1835 default:
1836 if (!(ifp->ctx->options & DHCPCD_TEST))
1837 dhcp_drop(ifp, "FAIL");
1838 eloop_timeout_delete(ifp->ctx->eloop,
1839 NULL, ifp);
1840 callback = NULL;
1841 }
1842 }
1843
1844out:
1845 free(bootp);
1846
1847fail:
1848 /* Even if we fail to send a packet we should continue as we are
1849 * as our failure timeouts will change out codepath when needed. */
1850 if (callback)
1851 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, callback, ifp);
1852}
1853
1854static void
1855send_inform(void *arg)
1856{
1857
1858 send_message((struct interface *)arg, DHCP_INFORM, send_inform);
1859}
1860
1861static void
1862send_discover(void *arg)
1863{
1864
1865 send_message((struct interface *)arg, DHCP_DISCOVER, send_discover);
1866}
1867
1868static void
1869send_request(void *arg)
1870{
1871
1872 send_message((struct interface *)arg, DHCP_REQUEST, send_request);
1873}
1874
1875static void
1876send_renew(void *arg)
1877{
1878
1879 send_message((struct interface *)arg, DHCP_REQUEST, send_renew);
1880}
1881
1882static void
1883send_rebind(void *arg)
1884{
1885
1886 send_message((struct interface *)arg, DHCP_REQUEST, send_rebind);
1887}
1888
1889void
1890dhcp_discover(void *arg)
1891{
1892 struct interface *ifp = arg;
1893 struct dhcp_state *state = D_STATE(ifp);
1894 struct if_options *ifo = ifp->options;
1895
1896 state->state = DHS_DISCOVER;
1897 dhcp_new_xid(ifp);
1898 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1899 if (ifo->fallback)
1900 eloop_timeout_add_sec(ifp->ctx->eloop,
1901 ifo->reboot, dhcp_fallback, ifp);
1902#ifdef IPV4LL
1903 else if (ifo->options & DHCPCD_IPV4LL)
1904 eloop_timeout_add_sec(ifp->ctx->eloop,
1905 ifo->reboot, ipv4ll_start, ifp);
1906#endif
1907 if (ifo->options & DHCPCD_REQUEST)
1908 loginfox("%s: soliciting a DHCP lease (requesting %s)",
1909 ifp->name, inet_ntoa(ifo->req_addr));
1910 else
1911 loginfox("%s: soliciting a %s lease",
1912 ifp->name, ifo->options & DHCPCD_BOOTP ? "BOOTP" : "DHCP");
1913 send_discover(ifp);
1914}
1915
1916static void
1917dhcp_request(void *arg)
1918{
1919 struct interface *ifp = arg;
1920 struct dhcp_state *state = D_STATE(ifp);
1921
1922 state->state = DHS_REQUEST;
1923 send_request(ifp);
1924}
1925
1926static int
1927dhcp_leaseextend(struct interface *ifp)
1928{
1929
1930#ifdef ARP
1931 if (ifp->options->options & DHCPCD_ARP) {
1932 const struct dhcp_state *state;
1933 struct arp_state *astate;
1934
1935 state = D_CSTATE(ifp);
1936 if ((astate = arp_new(ifp, &state->lease.addr)) == NULL)
1937 return -1;
1938 astate->conflicted_cb = dhcp_arp_conflicted;
1939
1940#ifndef KERNEL_RFC5227
1941 if (arp_open(ifp) == -1)
1942 return -1;
1943#endif
1944
1945 logwarnx("%s: extending lease until DaD failure or DHCP",
1946 ifp->name);
1947 return 0;
1948 }
1949#endif
1950
1951 logwarnx("%s: extending lease", ifp->name);
1952 return 0;
1953}
1954
1955static void
1956dhcp_expire1(struct interface *ifp)
1957{
1958 struct dhcp_state *state = D_STATE(ifp);
1959
1960 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
1961 dhcp_drop(ifp, "EXPIRE");
1962 unlink(state->leasefile);
1963 state->interval = 0;
1964 if (!(ifp->options->options & DHCPCD_LINK) || ifp->carrier > LINK_DOWN)
1965 dhcp_discover(ifp);
1966}
1967
1968static void
1969dhcp_expire(void *arg)
1970{
1971 struct interface *ifp = arg;
1972
1973 logerrx("%s: DHCP lease expired", ifp->name);
1974 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND) {
1975 if (dhcp_leaseextend(ifp) == 0)
1976 return;
1977 logerr(__func__);
1978 }
1979 dhcp_expire1(ifp);
1980}
1981
1982#if defined(ARP) || defined(IN_IFF_DUPLICATED)
1983static void
1984dhcp_decline(struct interface *ifp)
1985{
1986
1987 send_message(ifp, DHCP_DECLINE, NULL);
1988}
1989#endif
1990
1991static void
1992dhcp_startrenew(void *arg)
1993{
1994 struct interface *ifp = arg;
1995 struct dhcp_state *state;
1996 struct dhcp_lease *lease;
1997
1998 if ((state = D_STATE(ifp)) == NULL)
1999 return;
2000
2001 /* Only renew in the bound or renew states */
2002 if (state->state != DHS_BOUND &&
2003 state->state != DHS_RENEW)
2004 return;
2005
2006 /* Remove the timeout as the renew may have been forced. */
2007 eloop_timeout_delete(ifp->ctx->eloop, dhcp_startrenew, ifp);
2008
2009 lease = &state->lease;
2010 logdebugx("%s: renewing lease of %s", ifp->name,
2011 inet_ntoa(lease->addr));
2012 state->state = DHS_RENEW;
2013 dhcp_new_xid(ifp);
2014 state->interval = 0;
2015 send_renew(ifp);
2016}
2017
2018void
2019dhcp_renew(struct interface *ifp)
2020{
2021
2022 dhcp_startrenew(ifp);
2023}
2024
2025static void
2026dhcp_rebind(void *arg)
2027{
2028 struct interface *ifp = arg;
2029 struct dhcp_state *state = D_STATE(ifp);
2030 struct dhcp_lease *lease = &state->lease;
2031
2032 logwarnx("%s: failed to renew DHCP, rebinding", ifp->name);
2033 logdebugx("%s: expire in %"PRIu32" seconds",
2034 ifp->name, lease->leasetime - lease->rebindtime);
2035 state->state = DHS_REBIND;
2036 eloop_timeout_delete(ifp->ctx->eloop, send_renew, ifp);
2037 state->lease.server.s_addr = INADDR_ANY;
2038 state->interval = 0;
2039 ifp->options->options &= ~(DHCPCD_CSR_WARNED |
2040 DHCPCD_ROUTER_HOST_ROUTE_WARNED);
2041 send_rebind(ifp);
2042}
2043
2044#ifdef ARP
2045static void
2046dhcp_arp_probed(struct arp_state *astate)
2047{
2048 struct interface *ifp;
2049 struct dhcp_state *state;
2050 struct if_options *ifo;
2051
2052 ifp = astate->iface;
2053 state = D_STATE(ifp);
2054 ifo = ifp->options;
2055#ifdef ARPING
2056 if (ifo->arping_len && state->arping_index < ifo->arping_len) {
2057 /* We didn't find a profile for this
2058 * address or hwaddr, so move to the next
2059 * arping profile */
2060 if (++state->arping_index < ifo->arping_len) {
2061 astate->addr.s_addr =
2062 ifo->arping[state->arping_index];
2063 arp_probe(astate);
2064 return;
2065 }
2066 arp_free(astate);
2067 dhcpcd_startinterface(ifp);
2068 return;
2069 }
2070#endif
2071
2072 /* Already bound so DAD has worked */
2073 if (state->state == DHS_BOUND)
2074 return;
2075
2076 logdebugx("%s: DAD completed for %s",
2077 ifp->name, inet_ntoa(astate->addr));
2078 if (!(ifo->options & DHCPCD_INFORM))
2079 dhcp_bind(ifp);
2080#ifndef IN_IFF_DUPLICATED
2081 else {
2082 struct bootp *bootp;
2083 size_t len;
2084
2085 bootp = state->new;
2086 len = state->new_len;
2087 state->new = state->offer;
2088 state->new_len = state->offer_len;
2089 get_lease(ifp, &state->lease, state->new, state->new_len);
2090 ipv4_applyaddr(astate->iface);
2091 state->new = bootp;
2092 state->new_len = len;
2093 }
2094#endif
2095
2096 /* If we forked, stop here. */
2097 if (ifp->ctx->options & DHCPCD_FORKED)
2098 return;
2099
2100#ifdef IPV4LL
2101 /* Stop IPv4LL now we have a working DHCP address */
2102 ipv4ll_drop(ifp);
2103#endif
2104
2105 if (ifo->options & DHCPCD_INFORM)
2106 dhcp_inform(ifp);
2107}
2108
2109static void
2110dhcp_arp_conflicted(struct arp_state *astate, const struct arp_msg *amsg)
2111{
2112 struct interface *ifp;
2113 struct dhcp_state *state;
2114#ifdef ARPING
2115 struct if_options *ifo;
2116#endif
2117
2118 ifp = astate->iface;
2119 state = D_STATE(ifp);
2120
2121#ifdef ARPING
2122 ifo = ifp->options;
2123 if (state->arping_index != -1 &&
2124 state->arping_index < ifo->arping_len &&
2125 amsg &&
2126 amsg->sip.s_addr == ifo->arping[state->arping_index])
2127 {
2128 char buf[HWADDR_LEN * 3];
2129
2130 astate->failed.s_addr = ifo->arping[state->arping_index];
2131 arp_report_conflicted(astate, amsg);
2132 hwaddr_ntoa(amsg->sha, ifp->hwlen, buf, sizeof(buf));
2133 if (dhcpcd_selectprofile(ifp, buf) == -1 &&
2134 dhcpcd_selectprofile(ifp,
2135 inet_ntoa(astate->failed)) == -1)
2136 {
2137 /* We didn't find a profile for this
2138 * address or hwaddr, so move to the next
2139 * arping profile */
2140 dhcp_arp_probed(astate);
2141 return;
2142 }
2143 arp_free(astate);
2144 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2145 dhcpcd_startinterface(ifp);
2146 return;
2147 }
2148#endif
2149
2150 /* RFC 2131 3.1.5, Client-server interaction
2151 * NULL amsg means IN_IFF_DUPLICATED */
2152 if (amsg == NULL || (state->offer &&
2153 (amsg->sip.s_addr == state->offer->yiaddr ||
2154 (amsg->sip.s_addr == 0 &&
2155 amsg->tip.s_addr == state->offer->yiaddr))))
2156 {
2157#ifdef IN_IFF_DUPLICATED
2158 struct ipv4_addr *ia;
2159#endif
2160
2161 if (amsg)
2162 astate->failed.s_addr = state->offer->yiaddr;
2163 else
2164 astate->failed = astate->addr;
2165 arp_report_conflicted(astate, amsg);
2166 unlink(state->leasefile);
2167#ifdef ARP
2168 if (!(ifp->options->options & DHCPCD_STATIC) &&
2169 !state->lease.frominfo)
2170 dhcp_decline(ifp);
2171#endif
2172#ifdef IN_IFF_DUPLICATED
2173 if ((ia = ipv4_iffindaddr(ifp, &astate->addr, NULL)) != NULL)
2174 ipv4_deladdr(ia, 1);
2175#endif
2176 arp_free(astate);
2177 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2178 eloop_timeout_add_sec(ifp->ctx->eloop,
2179 DHCP_RAND_MAX, dhcp_discover, ifp);
2180 return;
2181 }
2182
2183 /* Bound address */
2184 if (amsg && state->addr &&
2185 amsg->sip.s_addr == state->addr->addr.s_addr)
2186 {
2187 astate->failed = state->addr->addr;
2188 arp_report_conflicted(astate, amsg);
2189 if (state->state == DHS_BOUND) {
2190 /* For now, just report the duplicated address */
2191 } else {
2192 arp_free(astate);
2193 dhcp_expire1(ifp);
2194 }
2195 return;
2196 }
2197}
2198
2199static void
2200dhcp_arp_announced(struct arp_state *state)
2201{
2202
2203// TODO: DHCP addresses handle ACD?
2204//#ifdef KERNEL_RFC5227
2205 arp_free(state);
2206//#endif
2207}
2208#endif
2209
2210void
2211dhcp_bind(struct interface *ifp)
2212{
2213 struct dhcpcd_ctx *ctx = ifp->ctx;
2214 struct dhcp_state *state = D_STATE(ifp);
2215 struct if_options *ifo = ifp->options;
2216 struct dhcp_lease *lease = &state->lease;
2217
2218 state->reason = NULL;
2219 /* If we don't have an offer, we are re-binding a lease on preference,
2220 * normally when two interfaces have a lease matching IP addresses. */
2221 if (state->offer) {
2222 free(state->old);
2223 state->old = state->new;
2224 state->old_len = state->new_len;
2225 state->new = state->offer;
2226 state->new_len = state->offer_len;
2227 state->offer = NULL;
2228 state->offer_len = 0;
2229 }
2230 get_lease(ifp, lease, state->new, state->new_len);
2231 if (ifo->options & DHCPCD_STATIC) {
2232 loginfox("%s: using static address %s/%d",
2233 ifp->name, inet_ntoa(lease->addr),
2234 inet_ntocidr(lease->mask));
2235 lease->leasetime = ~0U;
2236 state->reason = "STATIC";
2237 } else if (ifo->options & DHCPCD_INFORM) {
2238 loginfox("%s: received approval for %s",
2239 ifp->name, inet_ntoa(lease->addr));
2240 lease->leasetime = ~0U;
2241 state->reason = "INFORM";
2242 } else {
2243 if (lease->frominfo)
2244 state->reason = "TIMEOUT";
2245 if (lease->leasetime == ~0U) {
2246 lease->renewaltime =
2247 lease->rebindtime =
2248 lease->leasetime;
2249 loginfox("%s: leased %s for infinity",
2250 ifp->name, inet_ntoa(lease->addr));
2251 } else {
2252 if (lease->leasetime < DHCP_MIN_LEASE) {
2253 logwarnx("%s: minimum lease is %d seconds",
2254 ifp->name, DHCP_MIN_LEASE);
2255 lease->leasetime = DHCP_MIN_LEASE;
2256 }
2257 if (lease->rebindtime == 0)
2258 lease->rebindtime =
2259 (uint32_t)(lease->leasetime * T2);
2260 else if (lease->rebindtime >= lease->leasetime) {
2261 lease->rebindtime =
2262 (uint32_t)(lease->leasetime * T2);
2263 logwarnx("%s: rebind time greater than lease "
2264 "time, forcing to %"PRIu32" seconds",
2265 ifp->name, lease->rebindtime);
2266 }
2267 if (lease->renewaltime == 0)
2268 lease->renewaltime =
2269 (uint32_t)(lease->leasetime * T1);
2270 else if (lease->renewaltime > lease->rebindtime) {
2271 lease->renewaltime =
2272 (uint32_t)(lease->leasetime * T1);
2273 logwarnx("%s: renewal time greater than "
2274 "rebind time, forcing to %"PRIu32" seconds",
2275 ifp->name, lease->renewaltime);
2276 }
2277 if (state->addr &&
2278 lease->addr.s_addr == state->addr->addr.s_addr &&
2279 !(state->added & STATE_FAKE))
2280 logdebugx("%s: leased %s for %"PRIu32" seconds",
2281 ifp->name, inet_ntoa(lease->addr),
2282 lease->leasetime);
2283 else
2284 loginfox("%s: leased %s for %"PRIu32" seconds",
2285 ifp->name, inet_ntoa(lease->addr),
2286 lease->leasetime);
2287 }
2288 }
2289 if (ctx->options & DHCPCD_TEST) {
2290 state->reason = "TEST";
2291 script_runreason(ifp, state->reason);
2292 eloop_exit(ctx->eloop, EXIT_SUCCESS);
2293 return;
2294 }
2295 if (state->reason == NULL) {
2296 if (state->old && !(state->added & STATE_FAKE)) {
2297 if (state->old->yiaddr == state->new->yiaddr &&
2298 lease->server.s_addr &&
2299 state->state != DHS_REBIND)
2300 state->reason = "RENEW";
2301 else
2302 state->reason = "REBIND";
2303 } else if (state->state == DHS_REBOOT)
2304 state->reason = "REBOOT";
2305 else
2306 state->reason = "BOUND";
2307 }
2308 if (lease->leasetime == ~0U)
2309 lease->renewaltime = lease->rebindtime = lease->leasetime;
2310 else {
2311 eloop_timeout_add_sec(ctx->eloop,
2312 (time_t)lease->renewaltime, dhcp_startrenew, ifp);
2313 eloop_timeout_add_sec(ctx->eloop,
2314 (time_t)lease->rebindtime, dhcp_rebind, ifp);
2315 eloop_timeout_add_sec(ctx->eloop,
2316 (time_t)lease->leasetime, dhcp_expire, ifp);
2317 logdebugx("%s: renew in %"PRIu32" seconds, rebind in %"PRIu32
2318 " seconds",
2319 ifp->name, lease->renewaltime, lease->rebindtime);
2320 }
2321 state->state = DHS_BOUND;
2322 if (!state->lease.frominfo &&
2323 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC)))
2324 if (write_lease(ifp, state->new, state->new_len) == -1)
2325 logerr(__func__);
2326
2327 ipv4_applyaddr(ifp);
2328
2329#ifdef IP_PKTINFO
2330 /* Close the BPF filter as we can now receive the DHCP renew messages
2331 * on a UDP socket. */
2332 if (state->udp_fd == -1 ||
2333 (state->old != NULL && state->old->yiaddr != state->new->yiaddr))
2334 {
2335 dhcp_close(ifp);
2336 /* If not in master mode, open an address specific socket. */
2337 if (ctx->udp_fd == -1) {
2338 state->udp_fd = dhcp_openudp(ifp);
2339 if (state->udp_fd == -1)
2340 logerr(__func__);
2341 else
2342 eloop_event_add(ctx->eloop,
2343 state->udp_fd, dhcp_handleifudp, ifp);
2344 }
2345 }
2346#endif
2347}
2348
2349static void
2350dhcp_lastlease(void *arg)
2351{
2352 struct interface *ifp = arg;
2353 struct dhcp_state *state = D_STATE(ifp);
2354
2355 loginfox("%s: timed out contacting a DHCP server, using last lease",
2356 ifp->name);
2357 dhcp_bind(ifp);
2358 /* If we forked, stop here. */
2359 if (ifp->ctx->options & DHCPCD_FORKED)
2360 return;
2361 state->interval = 0;
2362 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND &&
2363 dhcp_leaseextend(ifp) == -1)
2364 {
2365 logerr("%s: %s", ifp->name, __func__);
2366 dhcp_expire(ifp);
2367 }
2368 dhcp_discover(ifp);
2369}
2370
2371static size_t
2372dhcp_message_new(struct bootp **bootp,
2373 const struct in_addr *addr, const struct in_addr *mask)
2374{
2375 uint8_t *p;
2376 uint32_t cookie;
2377
2378 if ((*bootp = calloc(1, sizeof(**bootp))) == NULL)
2379 return 0;
2380
2381 (*bootp)->yiaddr = addr->s_addr;
2382 p = (*bootp)->vend;
2383
2384 cookie = htonl(MAGIC_COOKIE);
2385 memcpy(p, &cookie, sizeof(cookie));
2386 p += sizeof(cookie);
2387
2388 if (mask->s_addr != INADDR_ANY) {
2389 *p++ = DHO_SUBNETMASK;
2390 *p++ = sizeof(mask->s_addr);
2391 memcpy(p, &mask->s_addr, sizeof(mask->s_addr));
2392 p+= sizeof(mask->s_addr);
2393 }
2394
2395 *p = DHO_END;
2396 return sizeof(**bootp);
2397}
2398
2399#ifdef ARP
2400static struct arp_state *
2401dhcp_arp_new(struct interface *ifp, struct in_addr *addr)
2402{
2403 struct arp_state *astate;
2404 astate = arp_new(ifp, addr);
2405 if (astate == NULL)
2406 return NULL;
2407
2408 astate->probed_cb = dhcp_arp_probed;
2409 astate->conflicted_cb = dhcp_arp_conflicted;
2410 astate->announced_cb = dhcp_arp_announced;
2411 return astate;
2412}
2413
2414static int
2415dhcp_arp_address(struct interface *ifp)
2416{
2417 struct dhcp_state *state;
2418 struct in_addr addr;
2419 struct ipv4_addr *ia;
2420 struct arp_state *astate;
2421
2422 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2423
2424 state = D_STATE(ifp);
2425 addr.s_addr = state->offer->yiaddr == INADDR_ANY ?
2426 state->offer->ciaddr : state->offer->yiaddr;
2427 /* If the interface already has the address configured
2428 * then we can't ARP for duplicate detection. */
2429 ia = ipv4_iffindaddr(ifp, &addr, NULL);
2430 astate = dhcp_arp_new(ifp, &addr);
2431 if (astate == NULL)
2432 return -1;
2433
2434#ifdef IN_IFF_NOTUSEABLE
2435 if (ia == NULL || ia->addr_flags & IN_IFF_NOTUSEABLE) {
2436 state->state = DHS_PROBE;
2437 if (ia == NULL) {
2438 struct dhcp_lease l;
2439
2440 get_lease(ifp, &l, state->offer, state->offer_len);
2441 /* Add the address now, let the kernel handle DAD. */
2442 ipv4_addaddr(ifp, &l.addr, &l.mask, &l.brd);
2443 } else
2444 loginfox("%s: waiting for DAD on %s",
2445 ifp->name, inet_ntoa(addr));
2446 return 0;
2447 }
2448#else
2449 if (ifp->options->options & DHCPCD_ARP && ia == NULL) {
2450 struct dhcp_lease l;
2451
2452 state->state = DHS_PROBE;
2453 get_lease(ifp, &l, state->offer, state->offer_len);
2454 loginfox("%s: probing address %s/%d",
2455 ifp->name, inet_ntoa(l.addr), inet_ntocidr(l.mask));
2456 /* We need to handle DAD. */
2457 arp_probe(astate);
2458 return 0;
2459 }
2460#endif
2461
2462 return 1;
2463}
2464
2465static void
2466dhcp_arp_bind(struct interface *ifp)
2467{
2468
2469 if (ifp->ctx->options & DHCPCD_TEST ||
2470 dhcp_arp_address(ifp) == 1)
2471 dhcp_bind(ifp);
2472}
2473#endif
2474
2475static void
2476dhcp_static(struct interface *ifp)
2477{
2478 struct if_options *ifo;
2479 struct dhcp_state *state;
2480 struct ipv4_addr *ia;
2481
2482 state = D_STATE(ifp);
2483 ifo = ifp->options;
2484
2485 ia = NULL;
2486 if (ifo->req_addr.s_addr == INADDR_ANY &&
2487 (ia = ipv4_iffindaddr(ifp, NULL, NULL)) == NULL)
2488 {
2489 loginfox("%s: waiting for 3rd party to "
2490 "configure IP address", ifp->name);
2491 state->reason = "3RDPARTY";
2492 script_runreason(ifp, state->reason);
2493 return;
2494 }
2495
2496 state->offer_len = dhcp_message_new(&state->offer,
2497 ia ? &ia->addr : &ifo->req_addr,
2498 ia ? &ia->mask : &ifo->req_mask);
2499 if (state->offer_len)
2500#ifdef ARP
2501 dhcp_arp_bind(ifp);
2502#else
2503 dhcp_bind(ifp);
2504#endif
2505}
2506
2507void
2508dhcp_inform(struct interface *ifp)
2509{
2510 struct dhcp_state *state;
2511 struct if_options *ifo;
2512 struct ipv4_addr *ia;
2513
2514 state = D_STATE(ifp);
2515 ifo = ifp->options;
2516
2517 state->state = DHS_INFORM;
2518 free(state->offer);
2519 state->offer = NULL;
2520 state->offer_len = 0;
2521
2522 if (ifo->req_addr.s_addr == INADDR_ANY) {
2523 ia = ipv4_iffindaddr(ifp, NULL, NULL);
2524 if (ia == NULL) {
2525 loginfox("%s: waiting for 3rd party to "
2526 "configure IP address",
2527 ifp->name);
2528 if (!(ifp->ctx->options & DHCPCD_TEST)) {
2529 state->reason = "3RDPARTY";
2530 script_runreason(ifp, state->reason);
2531 }
2532 return;
2533 }
2534 } else {
2535 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, &ifo->req_mask);
2536 if (ia == NULL) {
2537 if (ifp->ctx->options & DHCPCD_TEST) {
2538 logerrx("%s: cannot add IP address in test mode",
2539 ifp->name);
2540 return;
2541 }
2542 ia = ipv4_iffindaddr(ifp, &ifo->req_addr, NULL);
2543 if (ia != NULL)
2544 /* Netmask must be different, delete it. */
2545 ipv4_deladdr(ia, 1);
2546 state->offer_len = dhcp_message_new(&state->offer,
2547 &ifo->req_addr, &ifo->req_mask);
2548#ifdef ARP
2549 if (dhcp_arp_address(ifp) == 0)
2550 return;
2551#endif
2552 ia = ipv4_iffindaddr(ifp,
2553 &ifo->req_addr, &ifo->req_mask);
2554 assert(ia != NULL);
2555 }
2556 }
2557
2558 state->addr = ia;
2559 state->offer_len = dhcp_message_new(&state->offer,
2560 &ia->addr, &ia->mask);
2561 if (state->offer_len) {
2562 dhcp_new_xid(ifp);
2563 get_lease(ifp, &state->lease, state->offer, state->offer_len);
2564 send_inform(ifp);
2565 }
2566}
2567
2568void
2569dhcp_reboot_newopts(struct interface *ifp, unsigned long long oldopts)
2570{
2571 struct if_options *ifo;
2572 struct dhcp_state *state = D_STATE(ifp);
2573
2574 if (state == NULL || state->state == DHS_NONE)
2575 return;
2576 ifo = ifp->options;
2577 if ((ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC) &&
2578 (state->addr == NULL ||
2579 state->addr->addr.s_addr != ifo->req_addr.s_addr)) ||
2580 (oldopts & (DHCPCD_INFORM | DHCPCD_STATIC) &&
2581 !(ifo->options & (DHCPCD_INFORM | DHCPCD_STATIC))))
2582 {
2583 dhcp_drop(ifp, "EXPIRE");
2584 }
2585}
2586
2587#ifdef ARP
2588static int
2589dhcp_activeaddr(const struct interface *ifp, const struct in_addr *addr)
2590{
2591 const struct interface *ifp1;
2592 const struct dhcp_state *state;
2593
2594 TAILQ_FOREACH(ifp1, ifp->ctx->ifaces, next) {
2595 if (ifp1 == ifp)
2596 continue;
2597 if ((state = D_CSTATE(ifp1)) == NULL)
2598 continue;
2599 switch(state->state) {
2600 case DHS_REBOOT:
2601 case DHS_RENEW:
2602 case DHS_REBIND:
2603 case DHS_BOUND:
2604 case DHS_INFORM:
2605 break;
2606 default:
2607 continue;
2608 }
2609 if (state->lease.addr.s_addr == addr->s_addr)
2610 return 1;
2611 }
2612 return 0;
2613}
2614#endif
2615
2616static void
2617dhcp_reboot(struct interface *ifp)
2618{
2619 struct if_options *ifo;
2620 struct dhcp_state *state = D_STATE(ifp);
2621#ifdef ARP
2622 struct ipv4_addr *ia;
2623#endif
2624
2625 if (state == NULL || state->state == DHS_NONE)
2626 return;
2627 ifo = ifp->options;
2628 state->state = DHS_REBOOT;
2629 state->interval = 0;
2630
2631 if (ifo->options & DHCPCD_LINK && ifp->carrier <= LINK_DOWN) {
2632 loginfox("%s: waiting for carrier", ifp->name);
2633 return;
2634 }
2635 if (ifo->options & DHCPCD_STATIC) {
2636 dhcp_static(ifp);
2637 return;
2638 }
2639 if (ifo->options & DHCPCD_INFORM) {
2640 loginfox("%s: informing address of %s",
2641 ifp->name, inet_ntoa(state->lease.addr));
2642 dhcp_inform(ifp);
2643 return;
2644 }
2645 if (ifo->reboot == 0 || state->offer == NULL) {
2646 dhcp_discover(ifp);
2647 return;
2648 }
2649 if (!IS_DHCP(state->offer))
2650 return;
2651
2652 loginfox("%s: rebinding lease of %s",
2653 ifp->name, inet_ntoa(state->lease.addr));
2654
2655#ifdef ARP
2656 /* If the address exists on the interface and no other interface
2657 * is currently using it then announce it to ensure this
2658 * interface gets the reply. */
2659 ia = ipv4_iffindaddr(ifp, &state->lease.addr, NULL);
2660 if (ia != NULL &&
2661 !(ifp->ctx->options & DHCPCD_TEST) &&
2662#ifdef IN_IFF_NOTUSEABLE
2663 !(ia->addr_flags & IN_IFF_NOTUSEABLE) &&
2664#endif
2665 dhcp_activeaddr(ifp, &state->lease.addr) == 0)
2666 arp_ifannounceaddr(ifp, &state->lease.addr);
2667#endif
2668
2669 dhcp_new_xid(ifp);
2670 state->lease.server.s_addr = INADDR_ANY;
2671 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2672
2673#ifdef IPV4LL
2674 /* Need to add this before dhcp_expire and friends. */
2675 if (!ifo->fallback && ifo->options & DHCPCD_IPV4LL)
2676 eloop_timeout_add_sec(ifp->ctx->eloop,
2677 ifo->reboot, ipv4ll_start, ifp);
2678#endif
2679
2680 if (ifo->options & DHCPCD_LASTLEASE && state->lease.frominfo)
2681 eloop_timeout_add_sec(ifp->ctx->eloop,
2682 ifo->reboot, dhcp_lastlease, ifp);
2683 else if (!(ifo->options & DHCPCD_INFORM))
2684 eloop_timeout_add_sec(ifp->ctx->eloop,
2685 ifo->reboot, dhcp_expire, ifp);
2686
2687 /* Don't bother ARP checking as the server could NAK us first.
2688 * Don't call dhcp_request as that would change the state */
2689 send_request(ifp);
2690}
2691
2692void
2693dhcp_drop(struct interface *ifp, const char *reason)
2694{
2695 struct dhcp_state *state;
2696#ifdef RELEASE_SLOW
2697 struct timespec ts;
2698#endif
2699
2700 state = D_STATE(ifp);
2701 /* dhcp_start may just have been called and we don't yet have a state
2702 * but we do have a timeout, so punt it. */
2703 if (state == NULL || state->state == DHS_NONE) {
2704 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2705 return;
2706 }
2707
2708#ifdef ARPING
2709 state->arping_index = -1;
2710#endif
2711 if (ifp->options->options & DHCPCD_RELEASE &&
2712 !(ifp->options->options & DHCPCD_INFORM))
2713 {
2714 /* Failure to send the release may cause this function to
2715 * re-enter so guard by setting the state. */
2716 if (state->state == DHS_RELEASE)
2717 return;
2718 state->state = DHS_RELEASE;
2719
2720 unlink(state->leasefile);
2721 if (ifp->carrier > LINK_DOWN &&
2722 state->new != NULL &&
2723 state->lease.server.s_addr != INADDR_ANY)
2724 {
2725 loginfox("%s: releasing lease of %s",
2726 ifp->name, inet_ntoa(state->lease.addr));
2727 dhcp_new_xid(ifp);
2728 send_message(ifp, DHCP_RELEASE, NULL);
2729#ifdef RELEASE_SLOW
2730 /* Give the packet a chance to go */
2731 ts.tv_sec = RELEASE_DELAY_S;
2732 ts.tv_nsec = RELEASE_DELAY_NS;
2733 nanosleep(&ts, NULL);
2734#endif
2735 }
2736 }
2737
2738 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
2739#ifdef AUTH
2740 dhcp_auth_reset(&state->auth);
2741#endif
2742
2743 state->state = DHS_NONE;
2744 free(state->offer);
2745 state->offer = NULL;
2746 state->offer_len = 0;
2747 free(state->old);
2748 state->old = state->new;
2749 state->old_len = state->new_len;
2750 state->new = NULL;
2751 state->new_len = 0;
2752 state->reason = reason;
2753 ipv4_applyaddr(ifp);
2754 free(state->old);
2755 state->old = NULL;
2756 state->old_len = 0;
2757 state->lease.addr.s_addr = 0;
2758 ifp->options->options &= ~(DHCPCD_CSR_WARNED |
2759 DHCPCD_ROUTER_HOST_ROUTE_WARNED);
2760}
2761
2762static int
2763blacklisted_ip(const struct if_options *ifo, in_addr_t addr)
2764{
2765 size_t i;
2766
2767 for (i = 0; i < ifo->blacklist_len; i += 2)
2768 if (ifo->blacklist[i] == (addr & ifo->blacklist[i + 1]))
2769 return 1;
2770 return 0;
2771}
2772
2773#define WHTLST_NONE 0
2774#define WHTLST_MATCH 1
2775#define WHTLST_NOMATCH 2
2776static unsigned int
2777whitelisted_ip(const struct if_options *ifo, in_addr_t addr)
2778{
2779 size_t i;
2780
2781 if (ifo->whitelist_len == 0)
2782 return WHTLST_NONE;
2783 for (i = 0; i < ifo->whitelist_len; i += 2)
2784 if (ifo->whitelist[i] == (addr & ifo->whitelist[i + 1]))
2785 return WHTLST_MATCH;
2786 return WHTLST_NOMATCH;
2787}
2788
2789static void
2790log_dhcp(logfunc_t *logfunc, const char *msg,
2791 const struct interface *ifp, const struct bootp *bootp, size_t bootp_len,
2792 const struct in_addr *from, int ad)
2793{
2794 const char *tfrom;
2795 char *a, sname[sizeof(bootp->sname) * 4];
2796 struct in_addr addr;
2797 int r;
2798 uint8_t overl;
2799
2800 if (strcmp(msg, "NAK:") == 0) {
2801 a = get_option_string(ifp->ctx, bootp, bootp_len, DHO_MESSAGE);
2802 if (a) {
2803 char *tmp;
2804 size_t al, tmpl;
2805
2806 al = strlen(a);
2807 tmpl = (al * 4) + 1;
2808 tmp = malloc(tmpl);
2809 if (tmp == NULL) {
2810 logerr(__func__);
2811 free(a);
2812 return;
2813 }
2814 print_string(tmp, tmpl, OT_STRING, (uint8_t *)a, al);
2815 free(a);
2816 a = tmp;
2817 }
2818 } else if (ad && bootp->yiaddr != 0) {
2819 addr.s_addr = bootp->yiaddr;
2820 a = strdup(inet_ntoa(addr));
2821 if (a == NULL) {
2822 logerr(__func__);
2823 return;
2824 }
2825 } else
2826 a = NULL;
2827
2828 tfrom = "from";
2829 r = get_option_addr(ifp->ctx, &addr, bootp, bootp_len, DHO_SERVERID);
2830 if (get_option_uint8(ifp->ctx, &overl, bootp, bootp_len,
2831 DHO_OPTSOVERLOADED) == -1)
2832 overl = 0;
2833 if (bootp->sname[0] && r == 0 && !(overl & 2)) {
2834 print_string(sname, sizeof(sname), OT_STRING | OT_DOMAIN,
2835 bootp->sname, sizeof(bootp->sname));
2836 if (a == NULL)
2837 logfunc("%s: %s %s %s `%s'",
2838 ifp->name, msg, tfrom, inet_ntoa(addr), sname);
2839 else
2840 logfunc("%s: %s %s %s %s `%s'",
2841 ifp->name, msg, a, tfrom, inet_ntoa(addr), sname);
2842 } else {
2843 if (r != 0) {
2844 tfrom = "via";
2845 addr = *from;
2846 }
2847 if (a == NULL)
2848 logfunc("%s: %s %s %s",
2849 ifp->name, msg, tfrom, inet_ntoa(addr));
2850 else
2851 logfunc("%s: %s %s %s %s",
2852 ifp->name, msg, a, tfrom, inet_ntoa(addr));
2853 }
2854 free(a);
2855}
2856
2857/* If we're sharing the same IP address with another interface on the
2858 * same network, we may receive the DHCP reply on the wrong interface.
2859 * Try and re-direct it here. */
2860static void
2861dhcp_redirect_dhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
2862 const struct in_addr *from)
2863{
2864 struct interface *ifn;
2865 const struct dhcp_state *state;
2866 uint32_t xid;
2867
2868 xid = ntohl(bootp->xid);
2869 TAILQ_FOREACH(ifn, ifp->ctx->ifaces, next) {
2870 state = D_CSTATE(ifn);
2871 if (state == NULL || state->state == DHS_NONE)
2872 continue;
2873 if (state->xid != xid)
2874 continue;
2875 if (ifn->hwlen <= sizeof(bootp->chaddr) &&
2876 memcmp(bootp->chaddr, ifn->hwaddr, ifn->hwlen))
2877 continue;
2878 logdebugx("%s: redirecting DHCP message to %s",
2879 ifp->name, ifn->name);
2880 dhcp_handledhcp(ifn, bootp, bootp_len, from);
2881 }
2882}
2883
2884static void
2885dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
2886 const struct in_addr *from)
2887{
2888 struct dhcp_state *state = D_STATE(ifp);
2889 struct if_options *ifo = ifp->options;
2890 struct dhcp_lease *lease = &state->lease;
2891 uint8_t type, tmp;
2892 struct in_addr addr;
2893 unsigned int i;
2894 char *msg;
2895 bool bootp_copied;
2896#ifdef AUTH
2897 const uint8_t *auth;
2898 size_t auth_len;
2899#endif
2900#ifdef IN_IFF_DUPLICATED
2901 struct ipv4_addr *ia;
2902#endif
2903
2904#define LOGDHCP0(l, m) \
2905 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 0)
2906#define LOGDHCP(l, m) \
2907 log_dhcp((l), (m), ifp, bootp, bootp_len, from, 1)
2908
2909 if (bootp->op != BOOTREPLY) {
2910 logdebugx("%s: op (%d) is not BOOTREPLY",
2911 ifp->name, bootp->op);
2912 return;
2913 }
2914
2915 if (state->xid != ntohl(bootp->xid)) {
2916 if (state->state != DHS_BOUND && state->state != DHS_NONE)
2917 logdebugx("%s: wrong xid 0x%x (expecting 0x%x) from %s",
2918 ifp->name, ntohl(bootp->xid), state->xid,
2919 inet_ntoa(*from));
2920 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from);
2921 return;
2922 }
2923
2924 if (ifp->hwlen <= sizeof(bootp->chaddr) &&
2925 memcmp(bootp->chaddr, ifp->hwaddr, ifp->hwlen))
2926 {
2927 char buf[sizeof(bootp->chaddr) * 3];
2928
2929 logdebugx("%s: xid 0x%x is for hwaddr %s",
2930 ifp->name, ntohl(bootp->xid),
2931 hwaddr_ntoa(bootp->chaddr, sizeof(bootp->chaddr),
2932 buf, sizeof(buf)));
2933 dhcp_redirect_dhcp(ifp, bootp, bootp_len, from);
2934 return;
2935 }
2936
2937 if (!ifp->active)
2938 return;
2939
2940 i = whitelisted_ip(ifp->options, from->s_addr);
2941 switch (i) {
2942 case WHTLST_NOMATCH:
2943 logwarnx("%s: non whitelisted DHCP packet from %s",
2944 ifp->name, inet_ntoa(*from));
2945 return;
2946 case WHTLST_MATCH:
2947 break;
2948 case WHTLST_NONE:
2949 if (blacklisted_ip(ifp->options, from->s_addr) == 1) {
2950 logwarnx("%s: blacklisted DHCP packet from %s",
2951 ifp->name, inet_ntoa(*from));
2952 return;
2953 }
2954 }
2955
2956 /* We may have found a BOOTP server */
2957 if (get_option_uint8(ifp->ctx, &type,
2958 bootp, bootp_len, DHO_MESSAGETYPE) == -1)
2959 type = 0;
2960 else if (ifo->options & DHCPCD_BOOTP) {
2961 logdebugx("%s: ignoring DHCP reply (expecting BOOTP)",
2962 ifp->name);
2963 return;
2964 }
2965
2966#ifdef AUTH
2967 /* Authenticate the message */
2968 auth = get_option(ifp->ctx, bootp, bootp_len,
2969 DHO_AUTHENTICATION, &auth_len);
2970 if (auth) {
2971 if (dhcp_auth_validate(&state->auth, &ifo->auth,
2972 (uint8_t *)bootp, bootp_len, 4, type,
2973 auth, auth_len) == NULL)
2974 {
2975 LOGDHCP0(logerrx, "authentication failed");
2976 return;
2977 }
2978 if (state->auth.token)
2979 logdebugx("%s: validated using 0x%08" PRIu32,
2980 ifp->name, state->auth.token->secretid);
2981 else
2982 loginfox("%s: accepted reconfigure key", ifp->name);
2983 } else if (ifo->auth.options & DHCPCD_AUTH_SEND) {
2984 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE) {
2985 LOGDHCP0(logerrx, "no authentication");
2986 return;
2987 }
2988 LOGDHCP0(logwarnx, "no authentication");
2989 }
2990#endif
2991
2992 /* RFC 3203 */
2993 if (type == DHCP_FORCERENEW) {
2994 if (from->s_addr == INADDR_ANY ||
2995 from->s_addr == INADDR_BROADCAST)
2996 {
2997 LOGDHCP(logerrx, "discarding Force Renew");
2998 return;
2999 }
3000#ifdef AUTH
3001 if (auth == NULL) {
3002 LOGDHCP(logerrx, "unauthenticated Force Renew");
3003 if (ifo->auth.options & DHCPCD_AUTH_REQUIRE)
3004 return;
3005 }
3006 if (state->state != DHS_BOUND && state->state != DHS_INFORM) {
3007 LOGDHCP(logdebugx, "not bound, ignoring Force Renew");
3008 return;
3009 }
3010 LOGDHCP(loginfox, "Force Renew from");
3011 /* The rebind and expire timings are still the same, we just
3012 * enter the renew state early */
3013 if (state->state == DHS_BOUND)
3014 dhcp_renew(ifp);
3015 else {
3016 eloop_timeout_delete(ifp->ctx->eloop,
3017 send_inform, ifp);
3018 dhcp_inform(ifp);
3019 }
3020#else
3021 LOGDHCP(logerrx, "unauthenticated Force Renew");
3022#endif
3023 return;
3024 }
3025
3026 if (state->state == DHS_BOUND) {
3027 /* Before we supported FORCERENEW we closed off the raw
3028 * port so we effectively ignored all messages.
3029 * As such we'll not log by default here. */
3030 //LOGDHCP(logdebugx, "bound, ignoring");
3031 return;
3032 }
3033
3034 if (state->state == DHS_PROBE) {
3035 /* Ignore any DHCP messages whilst probing a lease to bind. */
3036 LOGDHCP(logdebugx, "probing, ignoring");
3037 return;
3038 }
3039
3040 /* reset the message counter */
3041 state->interval = 0;
3042
3043 /* Ensure that no reject options are present */
3044 for (i = 1; i < 255; i++) {
3045 if (has_option_mask(ifo->rejectmask, i) &&
3046 get_option_uint8(ifp->ctx, &tmp,
3047 bootp, bootp_len, (uint8_t)i) == 0)
3048 {
3049 LOGDHCP(logwarnx, "reject DHCP");
3050 return;
3051 }
3052 }
3053
3054 if (type == DHCP_NAK) {
3055 /* For NAK, only check if we require the ServerID */
3056 if (has_option_mask(ifo->requiremask, DHO_SERVERID) &&
3057 get_option_addr(ifp->ctx, &addr,
3058 bootp, bootp_len, DHO_SERVERID) == -1)
3059 {
3060 LOGDHCP(logwarnx, "reject NAK");
3061 return;
3062 }
3063
3064 /* We should restart on a NAK */
3065 LOGDHCP(logwarnx, "NAK:");
3066 if ((msg = get_option_string(ifp->ctx,
3067 bootp, bootp_len, DHO_MESSAGE)))
3068 {
3069 logwarnx("%s: message: %s", ifp->name, msg);
3070 free(msg);
3071 }
3072 if (state->state == DHS_INFORM) /* INFORM should not be NAKed */
3073 return;
3074 if (!(ifp->ctx->options & DHCPCD_TEST)) {
3075 dhcp_drop(ifp, "NAK");
3076 unlink(state->leasefile);
3077 }
3078
3079 /* If we constantly get NAKS then we should slowly back off */
3080 eloop_timeout_add_sec(ifp->ctx->eloop,
3081 state->nakoff, dhcp_discover, ifp);
3082 if (state->nakoff == 0)
3083 state->nakoff = 1;
3084 else {
3085 state->nakoff *= 2;
3086 if (state->nakoff > NAKOFF_MAX)
3087 state->nakoff = NAKOFF_MAX;
3088 }
3089 return;
3090 }
3091
3092 /* Ensure that all required options are present */
3093 for (i = 1; i < 255; i++) {
3094 if (has_option_mask(ifo->requiremask, i) &&
3095 get_option_uint8(ifp->ctx, &tmp,
3096 bootp, bootp_len, (uint8_t)i) != 0)
3097 {
3098 /* If we are BOOTP, then ignore the need for serverid.
3099 * To ignore BOOTP, require dhcp_message_type.
3100 * However, nothing really stops BOOTP from providing
3101 * DHCP style options as well so the above isn't
3102 * always true. */
3103 if (type == 0 && i == DHO_SERVERID)
3104 continue;
3105 LOGDHCP(logwarnx, "reject DHCP");
3106 return;
3107 }
3108 }
3109
3110 /* DHCP Auto-Configure, RFC 2563 */
3111 if (type == DHCP_OFFER && bootp->yiaddr == 0) {
3112 LOGDHCP(logwarnx, "no address given");
3113 if ((msg = get_option_string(ifp->ctx,
3114 bootp, bootp_len, DHO_MESSAGE)))
3115 {
3116 logwarnx("%s: message: %s", ifp->name, msg);
3117 free(msg);
3118 }
3119#ifdef IPV4LL
3120 if (state->state == DHS_DISCOVER &&
3121 get_option_uint8(ifp->ctx, &tmp, bootp, bootp_len,
3122 DHO_AUTOCONFIGURE) == 0)
3123 {
3124 switch (tmp) {
3125 case 0:
3126 LOGDHCP(logwarnx, "IPv4LL disabled from");
3127 ipv4ll_drop(ifp);
3128#ifdef ARP
3129 arp_drop(ifp);
3130#endif
3131 break;
3132 case 1:
3133 LOGDHCP(logwarnx, "IPv4LL enabled from");
3134 ipv4ll_start(ifp);
3135 break;
3136 default:
3137 logerrx("%s: unknown auto configuration "
3138 "option %d",
3139 ifp->name, tmp);
3140 break;
3141 }
3142 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
3143 eloop_timeout_add_sec(ifp->ctx->eloop,
3144 DHCP_MAX, dhcp_discover, ifp);
3145 }
3146#endif
3147 return;
3148 }
3149
3150 /* Ensure that the address offered is valid */
3151 if ((type == 0 || type == DHCP_OFFER || type == DHCP_ACK) &&
3152 (bootp->ciaddr == INADDR_ANY || bootp->ciaddr == INADDR_BROADCAST)
3153 &&
3154 (bootp->yiaddr == INADDR_ANY || bootp->yiaddr == INADDR_BROADCAST))
3155 {
3156 LOGDHCP(logwarnx, "reject invalid address");
3157 return;
3158 }
3159
3160#ifdef IN_IFF_DUPLICATED
3161 ia = ipv4_iffindaddr(ifp, &lease->addr, NULL);
3162 if (ia && ia->addr_flags & IN_IFF_DUPLICATED) {
3163 LOGDHCP(logwarnx, "declined duplicate address");
3164 if (type)
3165 dhcp_decline(ifp);
3166 ipv4_deladdr(ia, 0);
3167 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
3168 eloop_timeout_add_sec(ifp->ctx->eloop,
3169 DHCP_RAND_MAX, dhcp_discover, ifp);
3170 return;
3171 }
3172#endif
3173
3174 bootp_copied = false;
3175 if ((type == 0 || type == DHCP_OFFER) && state->state == DHS_DISCOVER) {
3176 lease->frominfo = 0;
3177 lease->addr.s_addr = bootp->yiaddr;
3178 memcpy(&lease->cookie, bootp->vend, sizeof(lease->cookie));
3179 if (type == 0 ||
3180 get_option_addr(ifp->ctx,
3181 &lease->server, bootp, bootp_len, DHO_SERVERID) != 0)
3182 lease->server.s_addr = INADDR_ANY;
3183
3184 /* Test for rapid commit in the OFFER */
3185 if (!(ifp->ctx->options & DHCPCD_TEST) &&
3186 has_option_mask(ifo->requestmask, DHO_RAPIDCOMMIT) &&
3187 get_option(ifp->ctx, bootp, bootp_len,
3188 DHO_RAPIDCOMMIT, NULL))
3189 {
3190 state->state = DHS_REQUEST;
3191 goto rapidcommit;
3192 }
3193
3194 LOGDHCP(loginfox, "offered");
3195 if (state->offer_len < bootp_len) {
3196 free(state->offer);
3197 if ((state->offer = malloc(bootp_len)) == NULL) {
3198 logerr(__func__);
3199 state->offer_len = 0;
3200 return;
3201 }
3202 }
3203 state->offer_len = bootp_len;
3204 memcpy(state->offer, bootp, bootp_len);
3205 bootp_copied = true;
3206 if (ifp->ctx->options & DHCPCD_TEST) {
3207 free(state->old);
3208 state->old = state->new;
3209 state->old_len = state->new_len;
3210 state->new = state->offer;
3211 state->new_len = state->offer_len;
3212 state->offer = NULL;
3213 state->offer_len = 0;
3214 state->reason = "TEST";
3215 script_runreason(ifp, state->reason);
3216 eloop_exit(ifp->ctx->eloop, EXIT_SUCCESS);
3217 state->bpf_flags |= BPF_EOF;
3218 return;
3219 }
3220 eloop_timeout_delete(ifp->ctx->eloop, send_discover, ifp);
3221 /* We don't request BOOTP addresses */
3222 if (type) {
3223 /* We used to ARP check here, but that seems to be in
3224 * violation of RFC2131 where it only describes
3225 * DECLINE after REQUEST.
3226 * It also seems that some MS DHCP servers actually
3227 * ignore DECLINE if no REQUEST, ie we decline a
3228 * DISCOVER. */
3229 dhcp_request(ifp);
3230 return;
3231 }
3232 }
3233
3234 if (type) {
3235 if (type == DHCP_OFFER) {
3236 LOGDHCP(logwarnx, "ignoring offer of");
3237 return;
3238 }
3239
3240 /* We should only be dealing with acks */
3241 if (type != DHCP_ACK) {
3242 LOGDHCP(logerr, "not ACK or OFFER");
3243 return;
3244 }
3245
3246 if (state->state == DHS_DISCOVER) {
3247 /* We only allow ACK of rapid commit DISCOVER. */
3248 if (has_option_mask(ifo->requestmask,
3249 DHO_RAPIDCOMMIT) &&
3250 get_option(ifp->ctx, bootp, bootp_len,
3251 DHO_RAPIDCOMMIT, NULL))
3252 state->state = DHS_REQUEST;
3253 else {
3254 LOGDHCP(logdebugx, "ignoring ack of");
3255 return;
3256 }
3257 }
3258
3259rapidcommit:
3260 if (!(ifo->options & DHCPCD_INFORM))
3261 LOGDHCP(logdebugx, "acknowledged");
3262 else
3263 ifo->options &= ~DHCPCD_STATIC;
3264 }
3265
3266 /* No NAK, so reset the backoff
3267 * We don't reset on an OFFER message because the server could
3268 * potentially NAK the REQUEST. */
3269 state->nakoff = 0;
3270
3271 /* BOOTP could have already assigned this above. */
3272 if (!bootp_copied) {
3273 if (state->offer_len < bootp_len) {
3274 free(state->offer);
3275 if ((state->offer = malloc(bootp_len)) == NULL) {
3276 logerr(__func__);
3277 state->offer_len = 0;
3278 return;
3279 }
3280 }
3281 state->offer_len = bootp_len;
3282 memcpy(state->offer, bootp, bootp_len);
3283 }
3284
3285 lease->frominfo = 0;
3286 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
3287
3288#ifdef ARP
3289 dhcp_arp_bind(ifp);
3290#else
3291 dhcp_bind(ifp);
3292#endif
3293}
3294
3295static void *
3296get_udp_data(void *udp, size_t *len)
3297{
3298 struct bootp_pkt *p;
3299
3300 p = (struct bootp_pkt *)udp;
3301 *len = (size_t)ntohs(p->ip.ip_len) - sizeof(p->ip) - sizeof(p->udp);
3302 return (char *)udp + offsetof(struct bootp_pkt, bootp);
3303}
3304
3305static int
3306valid_udp_packet(void *data, size_t data_len, struct in_addr *from,
3307 int noudpcsum)
3308{
3309 struct bootp_pkt *p;
3310 uint16_t bytes;
3311
3312 if (data_len < sizeof(p->ip)) {
3313 if (from)
3314 from->s_addr = INADDR_ANY;
3315 errno = ERANGE;
3316 return -1;
3317 }
3318 p = (struct bootp_pkt *)data;
3319 if (from)
3320 from->s_addr = p->ip.ip_src.s_addr;
3321 if (checksum(&p->ip, sizeof(p->ip)) != 0) {
3322 errno = EINVAL;
3323 return -1;
3324 }
3325
3326 bytes = ntohs(p->ip.ip_len);
3327 /* Check we have a payload */
3328 if (bytes <= sizeof(p->ip) + sizeof(p->udp)) {
3329 errno = ERANGE;
3330 return -1;
3331 }
3332 /* Check we don't go beyond the payload */
3333 if (bytes > data_len) {
3334 errno = ENOBUFS;
3335 return -1;
3336 }
3337
3338 if (noudpcsum == 0) {
3339 uint16_t udpsum, iplen;
3340
3341 /* This does scribble on the packet, but at this point
3342 * we don't care to keep it. */
3343 iplen = p->ip.ip_len;
3344 udpsum = p->udp.uh_sum;
3345 p->udp.uh_sum = 0;
3346 p->ip.ip_hl = 0;
3347 p->ip.ip_v = 0;
3348 p->ip.ip_tos = 0;
3349 p->ip.ip_len = p->udp.uh_ulen;
3350 p->ip.ip_id = 0;
3351 p->ip.ip_off = 0;
3352 p->ip.ip_ttl = 0;
3353 p->ip.ip_sum = 0;
3354 if (udpsum && checksum(p, bytes) != udpsum) {
3355 errno = EINVAL;
3356 return -1;
3357 }
3358 p->ip.ip_len = iplen;
3359 }
3360
3361 return 0;
3362}
3363
3364static void
3365dhcp_handlebootp(struct interface *ifp, struct bootp *bootp, size_t len,
3366 struct in_addr *from)
3367{
3368 size_t v;
3369
3370 /* udp_len must be correct because the values are checked in
3371 * valid_udp_packet(). */
3372 if (len < offsetof(struct bootp, vend)) {
3373 logerrx("%s: truncated packet (%zu) from %s",
3374 ifp->name, len, inet_ntoa(*from));
3375 return;
3376 }
3377 /* To make our IS_DHCP macro easy, ensure the vendor
3378 * area has at least 4 octets. */
3379 v = len - offsetof(struct bootp, vend);
3380 while (v < 4) {
3381 bootp->vend[v++] = '\0';
3382 len++;
3383 }
3384
3385 dhcp_handledhcp(ifp, bootp, len, from);
3386}
3387
3388static void
3389dhcp_handlepacket(struct interface *ifp, uint8_t *data, size_t len)
3390{
3391 struct bootp *bootp;
3392 struct in_addr from;
3393 size_t udp_len;
3394 const struct dhcp_state *state = D_CSTATE(ifp);
3395
3396 if (valid_udp_packet(data, len, &from,
3397 state->bpf_flags & RAW_PARTIALCSUM) == -1)
3398 {
3399 if (errno == EINVAL)
3400 logerrx("%s: checksum failure from %s",
3401 ifp->name, inet_ntoa(from));
3402 else
3403 logerr("%s: invalid UDP packet from %s",
3404 ifp->name, inet_ntoa(from));
3405 return;
3406 }
3407 if (ifp->flags & IFF_POINTOPOINT &&
3408 (state->addr == NULL || state->addr->brd.s_addr != from.s_addr))
3409 {
3410 logwarnx("%s: server %s is not destination",
3411 ifp->name, inet_ntoa(from));
3412 }
3413
3414 /*
3415 * DHCP has a variable option area rather than a fixed vendor area.
3416 * Because DHCP uses the BOOTP protocol it should still send BOOTP
3417 * sized packets to be RFC compliant.
3418 * However some servers send a truncated vendor area.
3419 * dhcpcd can work fine without the vendor area being sent.
3420 */
3421 bootp = get_udp_data(data, &udp_len);
3422 dhcp_handlebootp(ifp, bootp, udp_len, &from);
3423}
3424
3425static void
3426dhcp_readpacket(void *arg)
3427{
3428 struct interface *ifp = arg;
3429 uint8_t buf[MTU_MAX];
3430 ssize_t bytes;
3431 struct dhcp_state *state = D_STATE(ifp);
3432
3433 /* Some RAW mechanisms are generic file descriptors, not sockets.
3434 * This means we have no kernel call to just get one packet,
3435 * so we have to process the entire buffer. */
3436 state->bpf_flags &= ~BPF_EOF;
3437 state->bpf_flags |= BPF_READING;
3438 while (!(state->bpf_flags & BPF_EOF)) {
3439 bytes = bpf_read(ifp, state->bpf_fd, buf, sizeof(buf),
3440 &state->bpf_flags);
3441 if (bytes == -1) {
3442 if (state->state != DHS_NONE) {
3443 logerr("%s: %s", __func__, ifp->name);
3444 dhcp_close(ifp);
3445 }
3446 break;
3447 }
3448 dhcp_handlepacket(ifp, buf, (size_t)bytes);
3449 /* Check we still have a state after processing. */
3450 if ((state = D_STATE(ifp)) == NULL)
3451 break;
3452 }
3453 if (state != NULL)
3454 state->bpf_flags &= ~BPF_READING;
3455}
3456
3457static void
3458dhcp_readudp(struct dhcpcd_ctx *ctx, struct interface *ifp)
3459{
3460 struct sockaddr_in from;
3461 unsigned char buf[10 * 1024]; /* Maximum MTU */
3462 struct iovec iov = {
3463 .iov_base = buf,
3464 .iov_len = sizeof(buf),
3465 };
3466#ifdef IP_PKTINFO
3467 unsigned char ctl[CMSG_SPACE(sizeof(struct in_pktinfo))] = { 0 };
3468 char sfrom[INET_ADDRSTRLEN];
3469#endif
3470 struct msghdr msg = {
3471 .msg_name = &from, .msg_namelen = sizeof(from),
3472 .msg_iov = &iov, .msg_iovlen = 1,
3473#ifdef IP_PKTINFO
3474 .msg_control = ctl, .msg_controllen = sizeof(ctl),
3475#endif
3476 };
3477 int s;
3478 ssize_t bytes;
3479
3480 if (ifp != NULL) {
3481 const struct dhcp_state *state = D_CSTATE(ifp);
3482
3483 s = state->udp_fd;
3484 } else
3485 s = ctx->udp_fd;
3486
3487 bytes = recvmsg(s, &msg, 0);
3488 if (bytes == -1) {
3489 logerr(__func__);
3490 return;
3491 }
3492
3493#ifdef IP_PKTINFO
3494 inet_ntop(AF_INET, &from.sin_addr, sfrom, sizeof(sfrom));
3495
3496 if (ifp == NULL) {
3497 ifp = if_findifpfromcmsg(ctx, &msg, NULL);
3498 if (ifp == NULL) {
3499 logerr(__func__);
3500 return;
3501 }
3502 if (D_CSTATE(ifp) == NULL) {
3503 logdebugx("%s: received BOOTP for inactive interface",
3504 ifp->name);
3505 return;
3506 }
3507 }
3508
3509 dhcp_handlebootp(ifp, (struct bootp *)(void *)buf, (size_t)bytes,
3510 &from.sin_addr);
3511#endif
3512}
3513
3514static void
3515dhcp_handleudp(void *arg)
3516{
3517 struct dhcpcd_ctx *ctx = arg;
3518
3519 dhcp_readudp(ctx, NULL);
3520}
3521
3522#ifdef IP_PKTINFO
3523static void
3524dhcp_handleifudp(void *arg)
3525{
3526 struct interface *ifp = arg;
3527
3528 dhcp_readudp(ifp->ctx, ifp);
3529
3530}
3531#endif
3532
3533static int
3534dhcp_openbpf(struct interface *ifp)
3535{
3536 struct dhcp_state *state;
3537
3538 state = D_STATE(ifp);
3539 if (state->bpf_fd != -1)
3540 return 0;
3541
3542 state->bpf_fd = bpf_open(ifp, bpf_bootp);
3543 if (state->bpf_fd == -1) {
3544 if (errno == ENOENT) {
3545 logerrx("%s not found", bpf_name);
3546 /* May as well disable IPv4 entirely at
3547 * this point as we really need it. */
3548 ifp->options->options &= ~DHCPCD_IPV4;
3549 } else
3550 logerr("%s: %s", __func__, ifp->name);
3551 return -1;
3552 }
3553
3554 eloop_event_add(ifp->ctx->eloop,
3555 state->bpf_fd, dhcp_readpacket, ifp);
3556 return 0;
3557}
3558
3559int
3560dhcp_dump(struct interface *ifp)
3561{
3562 struct dhcp_state *state;
3563
3564 ifp->if_data[IF_DATA_DHCP] = state = calloc(1, sizeof(*state));
3565 if (state == NULL)
3566 goto eexit;
3567 state->bpf_fd = -1;
3568 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile),
3569 AF_INET, ifp);
3570 state->new_len = read_lease(ifp, &state->new);
3571 if (state->new == NULL) {
3572 logerr("%s: %s",
3573 *ifp->name ? ifp->name : state->leasefile, __func__);
3574 return -1;
3575 }
3576 state->reason = "DUMP";
3577 return script_runreason(ifp, state->reason);
3578
3579eexit:
3580 logerr(__func__);
3581 return -1;
3582}
3583
3584void
3585dhcp_free(struct interface *ifp)
3586{
3587 struct dhcp_state *state = D_STATE(ifp);
3588 struct dhcpcd_ctx *ctx;
3589
3590 dhcp_close(ifp);
3591#ifdef ARP
3592 arp_drop(ifp);
3593#endif
3594 if (state) {
3595 state->state = DHS_NONE;
3596 free(state->old);
3597 free(state->new);
3598 free(state->offer);
3599 free(state->clientid);
3600 free(state);
3601 }
3602
3603 ctx = ifp->ctx;
3604 /* If we don't have any more DHCP enabled interfaces,
3605 * close the global socket and release resources */
3606 if (ctx->ifaces) {
3607 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
3608 state = D_STATE(ifp);
3609 if (state != NULL && state->state != DHS_NONE)
3610 break;
3611 }
3612 }
3613 if (ifp == NULL) {
3614 if (ctx->udp_fd != -1) {
3615 eloop_event_delete(ctx->eloop, ctx->udp_fd);
3616 close(ctx->udp_fd);
3617 ctx->udp_fd = -1;
3618 }
3619
3620 free(ctx->opt_buffer);
3621 ctx->opt_buffer = NULL;
3622 }
3623}
3624
3625static int
3626dhcp_initstate(struct interface *ifp)
3627{
3628 struct dhcp_state *state;
3629
3630 state = D_STATE(ifp);
3631 if (state != NULL)
3632 return 0;
3633
3634 ifp->if_data[IF_DATA_DHCP] = calloc(1, sizeof(*state));
3635 state = D_STATE(ifp);
3636 if (state == NULL)
3637 return -1;
3638
3639 state->state = DHS_NONE;
3640 /* 0 is a valid fd, so init to -1 */
3641 state->bpf_fd = -1;
3642 state->udp_fd = -1;
3643#ifdef ARPING
3644 state->arping_index = -1;
3645#endif
3646 return 1;
3647}
3648
3649static int
3650dhcp_init(struct interface *ifp)
3651{
3652 struct dhcp_state *state;
3653 const struct if_options *ifo;
3654 uint8_t len;
3655 char buf[(sizeof(ifo->clientid) - 1) * 3];
3656 int r;
3657
3658 r = dhcp_initstate(ifp);
3659 if (r == -1)
3660 return -1;
3661 else if (r == 1) {
3662 /* Now is a good time to find IPv4 routes */
3663 if_initrt(ifp->ctx, AF_INET);
3664 }
3665
3666 state = D_STATE(ifp);
3667 state->state = DHS_INIT;
3668 state->reason = "PREINIT";
3669 state->nakoff = 0;
3670 dhcp_set_leasefile(state->leasefile, sizeof(state->leasefile),
3671 AF_INET, ifp);
3672
3673 ifo = ifp->options;
3674 /* We need to drop the leasefile so that dhcp_start
3675 * doesn't load it. */
3676 if (ifo->options & DHCPCD_REQUEST)
3677 unlink(state->leasefile);
3678
3679 free(state->clientid);
3680 state->clientid = NULL;
3681
3682 if (*ifo->clientid) {
3683 state->clientid = malloc((size_t)(ifo->clientid[0] + 1));
3684 if (state->clientid == NULL)
3685 goto eexit;
3686 memcpy(state->clientid, ifo->clientid,
3687 (size_t)(ifo->clientid[0]) + 1);
3688 } else if (ifo->options & DHCPCD_CLIENTID) {
3689 if (ifo->options & DHCPCD_DUID) {
3690 state->clientid = malloc(ifp->ctx->duid_len + 6);
3691 if (state->clientid == NULL)
3692 goto eexit;
3693 state->clientid[0] =(uint8_t)(ifp->ctx->duid_len + 5);
3694 state->clientid[1] = 255; /* RFC 4361 */
3695 memcpy(state->clientid + 2, ifo->iaid, 4);
3696 memcpy(state->clientid + 6, ifp->ctx->duid,
3697 ifp->ctx->duid_len);
3698 } else {
3699 len = (uint8_t)(ifp->hwlen + 1);
3700 state->clientid = malloc((size_t)len + 1);
3701 if (state->clientid == NULL)
3702 goto eexit;
3703 state->clientid[0] = len;
3704 state->clientid[1] = (uint8_t)ifp->family;
3705 memcpy(state->clientid + 2, ifp->hwaddr,
3706 ifp->hwlen);
3707 }
3708 }
3709
3710 if (ifo->options & DHCPCD_DUID)
3711 /* Don't bother logging as DUID and IAID are reported
3712 * at device start. */
3713 return 0;
3714
3715 if (ifo->options & DHCPCD_CLIENTID)
3716 logdebugx("%s: using ClientID %s", ifp->name,
3717 hwaddr_ntoa(state->clientid + 1, state->clientid[0],
3718 buf, sizeof(buf)));
3719 else if (ifp->hwlen)
3720 logdebugx("%s: using hwaddr %s", ifp->name,
3721 hwaddr_ntoa(ifp->hwaddr, ifp->hwlen, buf, sizeof(buf)));
3722 return 0;
3723
3724eexit:
3725 logerr(__func__);
3726 return -1;
3727}
3728
3729static void
3730dhcp_start1(void *arg)
3731{
3732 struct interface *ifp = arg;
3733 struct if_options *ifo = ifp->options;
3734 struct dhcp_state *state;
3735 struct stat st;
3736 uint32_t l;
3737 int nolease;
3738
3739 if (!(ifo->options & DHCPCD_IPV4))
3740 return;
3741
3742 /* Listen on *.*.*.*:bootpc so that the kernel never sends an
3743 * ICMP port unreachable message back to the DHCP server */
3744 if (ifp->ctx->udp_fd == -1) {
3745 ifp->ctx->udp_fd = dhcp_openudp(NULL);
3746 if (ifp->ctx->udp_fd == -1) {
3747 /* Don't log an error if some other process
3748 * is handling this. */
3749 if (errno != EADDRINUSE)
3750 logerr("%s: dhcp_openudp", __func__);
3751 } else
3752 eloop_event_add(ifp->ctx->eloop,
3753 ifp->ctx->udp_fd, dhcp_handleudp, ifp->ctx);
3754 }
3755
3756 if (dhcp_init(ifp) == -1) {
3757 logerr("%s: dhcp_init", ifp->name);
3758 return;
3759 }
3760
3761 state = D_STATE(ifp);
3762 clock_gettime(CLOCK_MONOTONIC, &state->started);
3763 state->interval = 0;
3764 free(state->offer);
3765 state->offer = NULL;
3766 state->offer_len = 0;
3767
3768#ifdef ARPING
3769 if (ifo->arping_len && state->arping_index < ifo->arping_len) {
3770 struct arp_state *astate;
3771
3772 astate = dhcp_arp_new(ifp, NULL);
3773 if (astate)
3774 dhcp_arp_probed(astate);
3775 return;
3776 }
3777#endif
3778
3779 if (ifo->options & DHCPCD_STATIC) {
3780 dhcp_static(ifp);
3781 return;
3782 }
3783
3784 if (ifo->options & DHCPCD_INFORM) {
3785 dhcp_inform(ifp);
3786 return;
3787 }
3788
3789 if (ifp->hwlen == 0 && ifo->clientid[0] == '\0') {
3790 logwarnx("%s: needs a clientid to configure", ifp->name);
3791 dhcp_drop(ifp, "FAIL");
3792 eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
3793 return;
3794 }
3795 /* We don't want to read the old lease if we NAK an old test */
3796 nolease = state->offer && ifp->ctx->options & DHCPCD_TEST;
3797 if (!nolease && ifo->options & DHCPCD_DHCP) {
3798 state->offer_len = read_lease(ifp, &state->offer);
3799 /* Check the saved lease matches the type we want */
3800 if (state->offer) {
3801#ifdef IN_IFF_DUPLICATED
3802 struct in_addr addr;
3803 struct ipv4_addr *ia;
3804
3805 addr.s_addr = state->offer->yiaddr;
3806 ia = ipv4_iffindaddr(ifp, &addr, NULL);
3807#endif
3808
3809 if ((!IS_DHCP(state->offer) &&
3810 !(ifo->options & DHCPCD_BOOTP)) ||
3811#ifdef IN_IFF_DUPLICATED
3812 (ia && ia->addr_flags & IN_IFF_DUPLICATED) ||
3813#endif
3814 (IS_DHCP(state->offer) &&
3815 ifo->options & DHCPCD_BOOTP))
3816 {
3817 free(state->offer);
3818 state->offer = NULL;
3819 state->offer_len = 0;
3820 }
3821 }
3822 }
3823 if (state->offer) {
3824 struct ipv4_addr *ia;
3825
3826 get_lease(ifp, &state->lease, state->offer, state->offer_len);
3827 state->lease.frominfo = 1;
3828 if (state->new == NULL &&
3829 (ia = ipv4_iffindaddr(ifp,
3830 &state->lease.addr, &state->lease.mask)) != NULL)
3831 {
3832 /* We still have the IP address from the last lease.
3833 * Fake add the address and routes from it so the lease
3834 * can be cleaned up. */
3835 state->new = malloc(state->offer_len);
3836 if (state->new) {
3837 memcpy(state->new,
3838 state->offer, state->offer_len);
3839 state->new_len = state->offer_len;
3840 state->addr = ia;
3841 state->added |= STATE_ADDED | STATE_FAKE;
3842 rt_build(ifp->ctx, AF_INET);
3843 } else
3844 logerr(__func__);
3845 }
3846 if (!IS_DHCP(state->offer)) {
3847 free(state->offer);
3848 state->offer = NULL;
3849 state->offer_len = 0;
3850 } else if (!(ifo->options & DHCPCD_LASTLEASE_EXTEND) &&
3851 state->lease.leasetime != ~0U &&
3852 stat(state->leasefile, &st) == 0)
3853 {
3854 time_t now;
3855
3856 /* Offset lease times and check expiry */
3857 now = time(NULL);
3858 if (now == -1 ||
3859 (time_t)state->lease.leasetime < now - st.st_mtime)
3860 {
3861 logdebugx("%s: discarding expired lease",
3862 ifp->name);
3863 free(state->offer);
3864 state->offer = NULL;
3865 state->offer_len = 0;
3866 state->lease.addr.s_addr = 0;
3867 /* Technically we should discard the lease
3868 * as it's expired, just as DHCPv6 addresses
3869 * would be by the kernel.
3870 * However, this may violate POLA so
3871 * we currently leave it be.
3872 * If we get a totally different lease from
3873 * the DHCP server we'll drop it anyway, as
3874 * we will on any other event which would
3875 * trigger a lease drop.
3876 * This should only happen if dhcpcd stops
3877 * running and the lease expires before
3878 * dhcpcd starts again. */
3879#if 0
3880 if (state->new)
3881 dhcp_drop(ifp, "EXPIRE");
3882#endif
3883 } else {
3884 l = (uint32_t)(now - st.st_mtime);
3885 state->lease.leasetime -= l;
3886 state->lease.renewaltime -= l;
3887 state->lease.rebindtime -= l;
3888 }
3889 }
3890 }
3891
3892#ifdef IPV4LL
3893 if (!(ifo->options & DHCPCD_DHCP)) {
3894 if (ifo->options & DHCPCD_IPV4LL)
3895 ipv4ll_start(ifp);
3896 return;
3897 }
3898#endif
3899
3900 if (state->offer == NULL || !IS_DHCP(state->offer))
3901 dhcp_discover(ifp);
3902 else
3903 dhcp_reboot(ifp);
3904}
3905
3906void
3907dhcp_start(struct interface *ifp)
3908{
3909 struct timespec tv;
3910#ifdef ARPING
3911 const struct dhcp_state *state;
3912#endif
3913
3914 if (!(ifp->options->options & DHCPCD_IPV4))
3915 return;
3916
3917 /* If we haven't been given a netmask for our requested address,
3918 * set it now. */
3919 if (ifp->options->req_addr.s_addr != INADDR_ANY &&
3920 ifp->options->req_mask.s_addr == INADDR_ANY)
3921 ifp->options->req_mask.s_addr =
3922 ipv4_getnetmask(ifp->options->req_addr.s_addr);
3923
3924 /* If we haven't specified a ClientID and our hardware address
3925 * length is greater than BOOTP CHADDR then we enforce a ClientID
3926 * of the hardware address family and the hardware address.
3927 * If there is no hardware address and no ClientID set,
3928 * force a DUID based ClientID. */
3929 if (ifp->hwlen > 16)
3930 ifp->options->options |= DHCPCD_CLIENTID;
3931 else if (ifp->hwlen == 0 && !(ifp->options->options & DHCPCD_CLIENTID))
3932 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_DUID;
3933
3934 /* Firewire and InfiniBand interfaces require ClientID and
3935 * the broadcast option being set. */
3936 switch (ifp->family) {
3937 case ARPHRD_IEEE1394: /* FALLTHROUGH */
3938 case ARPHRD_INFINIBAND:
3939 ifp->options->options |= DHCPCD_CLIENTID | DHCPCD_BROADCAST;
3940 break;
3941 }
3942
3943 /* If we violate RFC2131 section 3.7 then require ARP
3944 * to detect if any other client wants our address. */
3945 if (ifp->options->options & DHCPCD_LASTLEASE_EXTEND)
3946 ifp->options->options |= DHCPCD_ARP;
3947
3948 /* No point in delaying a static configuration */
3949 if (ifp->options->options & DHCPCD_STATIC ||
3950 !(ifp->options->options & DHCPCD_INITIAL_DELAY))
3951 {
3952 dhcp_start1(ifp);
3953 return;
3954 }
3955
3956#ifdef ARPING
3957 /* If we have arpinged then we have already delayed. */
3958 state = D_CSTATE(ifp);
3959 if (state != NULL && state->arping_index != -1) {
3960 dhcp_start1(ifp);
3961 return;
3962 }
3963#endif
3964
3965 tv.tv_sec = DHCP_MIN_DELAY;
3966 tv.tv_nsec = (suseconds_t)arc4random_uniform(
3967 (DHCP_MAX_DELAY - DHCP_MIN_DELAY) * NSEC_PER_SEC);
3968 timespecnorm(&tv);
3969 logdebugx("%s: delaying IPv4 for %0.1f seconds",
3970 ifp->name, timespec_to_double(&tv));
3971
3972 eloop_timeout_add_tv(ifp->ctx->eloop, &tv, dhcp_start1, ifp);
3973}
3974
3975void
3976dhcp_abort(struct interface *ifp)
3977{
3978 struct dhcp_state *state;
3979
3980 state = D_STATE(ifp);
3981#ifdef ARPING
3982 if (state != NULL)
3983 state->arping_index = -1;
3984#endif
3985
3986 eloop_timeout_delete(ifp->ctx->eloop, dhcp_start1, ifp);
3987
3988 if (state != NULL && state->added) {
3989 rt_build(ifp->ctx, AF_INET);
3990#ifdef ARP
3991 arp_announceaddr(ifp->ctx, &state->addr->addr);
3992#endif
3993 }
3994}
3995
3996void
3997dhcp_handleifa(int cmd, struct ipv4_addr *ia, pid_t pid)
3998{
3999 struct interface *ifp;
4000 struct dhcp_state *state;
4001 struct if_options *ifo;
4002 uint8_t i;
4003
4004 ifp = ia->iface;
4005 state = D_STATE(ifp);
4006 if (state == NULL || state->state == DHS_NONE)
4007 return;
4008
4009 if (cmd == RTM_DELADDR) {
4010 if (state->addr == ia) {
4011 loginfox("%s: pid %d deleted IP address %s",
4012 ifp->name, pid, ia->saddr);
4013 state->addr = NULL;
4014 /* Don't clear the added state as we need
4015 * to drop the lease. */
4016 dhcp_drop(ifp, "EXPIRE");
4017 dhcp_start1(ifp);
4018 }
4019 return;
4020 }
4021
4022 if (cmd != RTM_NEWADDR)
4023 return;
4024
4025#ifdef IN_IFF_NOTUSEABLE
4026 if (ia->addr_flags & IN_IFF_NOTUSEABLE)
4027 return;
4028#endif
4029
4030 ifo = ifp->options;
4031 if (ifo->options & DHCPCD_INFORM) {
4032 if (state->state != DHS_INFORM)
4033 dhcp_inform(ifp);
4034 return;
4035 }
4036
4037 if (!(ifo->options & DHCPCD_STATIC))
4038 return;
4039 if (ifo->req_addr.s_addr != INADDR_ANY)
4040 return;
4041
4042 free(state->old);
4043 state->old = state->new;
4044 state->new_len = dhcp_message_new(&state->new, &ia->addr, &ia->mask);
4045 if (state->new == NULL)
4046 return;
4047 if (ifp->flags & IFF_POINTOPOINT) {
4048 for (i = 1; i < 255; i++)
4049 if (i != DHO_ROUTER && has_option_mask(ifo->dstmask,i))
4050 dhcp_message_add_addr(state->new, i, ia->brd);
4051 }
4052 state->reason = "STATIC";
4053 rt_build(ifp->ctx, AF_INET);
4054 script_runreason(ifp, state->reason);
4055 if (ifo->options & DHCPCD_INFORM) {
4056 state->state = DHS_INFORM;
4057 dhcp_new_xid(ifp);
4058 state->lease.server.s_addr = INADDR_ANY;
4059 state->addr = ia;
4060 dhcp_inform(ifp);
4061 }
4062}
4063