diff options
author | Patrik Flykt <patrik.flykt@linux.intel.com> | 2014-06-19 15:38:55 +0300 |
---|---|---|
committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2014-06-19 15:44:43 +0300 |
commit | e3169126793f43be3d840874ffb3935a51097001 (patch) | |
tree | 561a32f301cdb77cc09e82fade829857b2bf02ab /src | |
parent | 139b011ab81ccea1d51f09e0261a1c390115c6ff (diff) |
sd-icmp6-nd: Add Router Solicitation and Advertisement support
Provide functions to bind the ICMPv6 socket to the approriate interface
and set multicast sending and receiving according to RFC 3493, section
5.2. and RFC 3542, sections 3. and 3.3. Filter out all ICMPv6 messages
except Router Advertisements for the socket in question according to
RFC 3542, section 3.2.
Send Router Solicitations to the all routers multicast group as
described in RFC 4861, section 6. and act on the received Router
Advertisments according to section 6.3.7.
Implement a similar API for ICMPv6 handling as is done for DHCPv4 and
DHCPv6.
Diffstat (limited to 'src')
-rw-r--r-- | src/libsystemd-network/dhcp6-internal.h | 29 | ||||
-rw-r--r-- | src/libsystemd-network/dhcp6-network.c | 131 | ||||
-rw-r--r-- | src/libsystemd-network/sd-icmp6-nd.c | 325 | ||||
-rw-r--r-- | src/systemd/sd-icmp6-nd.h | 56 |
4 files changed, 541 insertions, 0 deletions
diff --git a/src/libsystemd-network/dhcp6-internal.h b/src/libsystemd-network/dhcp6-internal.h new file mode 100644 index 0000000000..52283d7f6d --- /dev/null +++ b/src/libsystemd-network/dhcp6-internal.h @@ -0,0 +1,29 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +#pragma once + +/*** + This file is part of systemd. + + Copyright (C) 2014 Intel Corporation. All rights reserved. + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <net/ethernet.h> + +#define log_dhcp6_client(p, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "DHCPv6 CLIENT: " fmt, ##__VA_ARGS__) + +int dhcp_network_icmp6_bind_router_solicitation(int index); +int dhcp_network_icmp6_send_router_solicitation(int s, const struct ether_addr *ether_addr); diff --git a/src/libsystemd-network/dhcp6-network.c b/src/libsystemd-network/dhcp6-network.c new file mode 100644 index 0000000000..53ce23d16c --- /dev/null +++ b/src/libsystemd-network/dhcp6-network.c @@ -0,0 +1,131 @@ +/*** + This file is part of systemd. + + Copyright (C) 2014 Intel Corporation. All rights reserved. + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <errno.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <string.h> +#include <linux/if_packet.h> +#include <stdio.h> +#include <unistd.h> +#include <netinet/ip6.h> +#include <netinet/icmp6.h> +#include <netinet/in.h> + +#include "socket-util.h" + +#include "dhcp6-internal.h" + +#define IN6ADDR_ALL_ROUTERS_MULTICAST_INIT \ + { { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 } } } + +#define IN6ADDR_ALL_NODES_MULTICAST_INIT \ + { { { 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 } } } + +int dhcp_network_icmp6_bind_router_solicitation(int index) +{ + struct icmp6_filter filter = { }; + struct ipv6_mreq mreq = { + .ipv6mr_multiaddr = IN6ADDR_ALL_NODES_MULTICAST_INIT, + .ipv6mr_interface = index, + }; + _cleanup_close_ int s = -1; + int r, zero = 0, hops = 255; + + s = socket(AF_INET6, SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK, + IPPROTO_ICMPV6); + if (s < 0) + return -errno; + + ICMP6_FILTER_SETBLOCKALL(&filter); + ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filter); + r = setsockopt(s, IPPROTO_ICMPV6, ICMP6_FILTER, &filter, + sizeof(filter)); + if (r < 0) + return -errno; + + /* RFC 3315, section 6.7, bullet point 2 may indicate that an + IPV6_PKTINFO socket option also applies for ICMPv6 multicast. + Empirical experiments indicates otherwise and therefore an + IPV6_MULTICAST_IF socket option is used here instead */ + r = setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_IF, &index, + sizeof(index)); + if (r < 0) + return -errno; + + r = setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &zero, + sizeof(zero)); + if (r < 0) + return -errno; + + r = setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &hops, + sizeof(hops)); + if (r < 0) + return -errno; + + r = setsockopt(s, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &mreq, + sizeof(mreq)); + if (r < 0) + return -errno; + + r = s; + s = -1; + return r; +} + +int dhcp_network_icmp6_send_router_solicitation(int s, const struct ether_addr *ether_addr) +{ + struct sockaddr_in6 dst = { + .sin6_family = AF_INET6, + .sin6_addr = IN6ADDR_ALL_ROUTERS_MULTICAST_INIT, + }; + struct { + struct nd_router_solicit rs; + struct nd_opt_hdr rs_opt; + struct ether_addr rs_opt_mac; + } _packed_ rs = { + .rs.nd_rs_type = ND_ROUTER_SOLICIT, + }; + struct iovec iov[1] = { + { &rs, }, + }; + struct msghdr msg = { + .msg_name = &dst, + .msg_namelen = sizeof(dst), + .msg_iov = iov, + .msg_iovlen = 1, + }; + int r; + + if (ether_addr) { + memcpy(&rs.rs_opt_mac, ether_addr, ETH_ALEN); + rs.rs_opt.nd_opt_type = ND_OPT_SOURCE_LINKADDR; + rs.rs_opt.nd_opt_len = 1; + iov[0].iov_len = sizeof(rs); + } else + iov[0].iov_len = sizeof(rs.rs); + + r = sendmsg(s, &msg, 0); + if (r < 0) + return -errno; + + return 0; +} diff --git a/src/libsystemd-network/sd-icmp6-nd.c b/src/libsystemd-network/sd-icmp6-nd.c new file mode 100644 index 0000000000..f820a9c8f0 --- /dev/null +++ b/src/libsystemd-network/sd-icmp6-nd.c @@ -0,0 +1,325 @@ +/*** + This file is part of systemd. + + Copyright (C) 2014 Intel Corporation. All rights reserved. + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <netinet/icmp6.h> +#include <string.h> +#include <stdbool.h> +#include <netinet/in.h> + +#include "socket-util.h" +#include "refcnt.h" +#include "async.h" + +#include "dhcp6-internal.h" +#include "sd-icmp6-nd.h" + +#define ICMP6_ROUTER_SOLICITATION_INTERVAL 4 * USEC_PER_SEC +#define ICMP6_MAX_ROUTER_SOLICITATIONS 3 + +enum icmp6_nd_state { + ICMP6_NEIGHBOR_DISCOVERY_IDLE = 0, + ICMP6_ROUTER_SOLICITATION_SENT = 10, + ICMP6_ROUTER_ADVERTISMENT_LISTEN = 11, +}; + +struct sd_icmp6_nd { + RefCount n_ref; + + enum icmp6_nd_state state; + sd_event *event; + int event_priority; + int index; + struct ether_addr mac_addr; + int fd; + sd_event_source *recv; + sd_event_source *timeout; + int nd_sent; + sd_icmp6_nd_callback_t callback; + void *userdata; +}; + +#define log_icmp6_nd(p, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "ICMPv6 CLIENT: " fmt, ##__VA_ARGS__) + +static void icmp6_nd_notify(sd_icmp6_nd *nd, int event) +{ + if (nd->callback) + nd->callback(nd, event, nd->userdata); +} + +int sd_icmp6_nd_set_callback(sd_icmp6_nd *nd, sd_icmp6_nd_callback_t callback, + void *userdata) { + assert(nd); + + nd->callback = callback; + nd->userdata = userdata; + + return 0; +} + +int sd_icmp6_nd_set_index(sd_icmp6_nd *nd, int interface_index) { + assert(nd); + assert(interface_index >= -1); + + nd->index = interface_index; + + return 0; +} + +int sd_icmp6_nd_set_mac(sd_icmp6_nd *nd, const struct ether_addr *mac_addr) { + assert(nd); + + if (mac_addr) + memcpy(&nd->mac_addr, mac_addr, sizeof(nd->mac_addr)); + else + memset(&nd->mac_addr, 0x00, sizeof(nd->mac_addr)); + + return 0; + +} + +int sd_icmp6_nd_attach_event(sd_icmp6_nd *nd, sd_event *event, int priority) { + int r; + + assert_return(nd, -EINVAL); + assert_return(!nd->event, -EBUSY); + + if (event) + nd->event = sd_event_ref(event); + else { + r = sd_event_default(&nd->event); + if (r < 0) + return 0; + } + + nd->event_priority = priority; + + return 0; +} + +int sd_icmp6_nd_detach_event(sd_icmp6_nd *nd) { + assert_return(nd, -EINVAL); + + nd->event = sd_event_unref(nd->event); + + return 0; +} + +sd_event *sd_icmp6_nd_get_event(sd_icmp6_nd *nd) { + assert(nd); + + return nd->event; +} + +sd_icmp6_nd *sd_icmp6_nd_ref(sd_icmp6_nd *nd) { + assert (nd); + + assert_se(REFCNT_INC(nd->n_ref) >= 2); + + return nd; +} + +static int icmp6_nd_init(sd_icmp6_nd *nd) { + assert(nd); + + nd->recv = sd_event_source_unref(nd->recv); + nd->fd = asynchronous_close(nd->fd); + nd->timeout = sd_event_source_unref(nd->timeout); + + return 0; +} + +sd_icmp6_nd *sd_icmp6_nd_unref(sd_icmp6_nd *nd) { + if (nd && REFCNT_DEC(nd->n_ref) <= 0) { + + icmp6_nd_init(nd); + sd_icmp6_nd_detach_event(nd); + + free(nd); + } + + return NULL; +} + +DEFINE_TRIVIAL_CLEANUP_FUNC(sd_icmp6_nd*, sd_icmp6_nd_unref); +#define _cleanup_sd_icmp6_nd_free_ _cleanup_(sd_icmp6_nd_unrefp) + +int sd_icmp6_nd_new(sd_icmp6_nd **ret) { + _cleanup_sd_icmp6_nd_free_ sd_icmp6_nd *nd = NULL; + + assert(ret); + + nd = new0(sd_icmp6_nd, 1); + if (!nd) + return -ENOMEM; + + nd->n_ref = REFCNT_INIT; + + nd->index = -1; + + *ret = nd; + nd = NULL; + + return 0; +} + +static int icmp6_router_advertisment_recv(sd_event_source *s, int fd, + uint32_t revents, void *userdata) +{ + sd_icmp6_nd *nd = userdata; + ssize_t len; + struct nd_router_advert ra; + int event = ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE; + + assert(s); + assert(nd); + assert(nd->event); + + /* only interested in Managed/Other flag */ + len = read(fd, &ra, sizeof(ra)); + if ((size_t)len < sizeof(ra)) + return 0; + + if (ra.nd_ra_type != ND_ROUTER_ADVERT) + return 0; + + if (ra.nd_ra_code != 0) + return 0; + + nd->timeout = sd_event_source_unref(nd->timeout); + + nd->state = ICMP6_ROUTER_ADVERTISMENT_LISTEN; + + if (ra.nd_ra_flags_reserved & ND_RA_FLAG_OTHER ) + event = ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER; + + if (ra.nd_ra_flags_reserved & ND_RA_FLAG_MANAGED) + event = ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED; + + log_icmp6_nd(nd, "Received Router Advertisment flags %s/%s", + (ra.nd_ra_flags_reserved & ND_RA_FLAG_MANAGED)? "MANAGED": + "none", + (ra.nd_ra_flags_reserved & ND_RA_FLAG_OTHER)? "OTHER": + "none"); + + icmp6_nd_notify(nd, event); + + return 0; +} + +static int icmp6_router_solicitation_timeout(sd_event_source *s, uint64_t usec, + void *userdata) +{ + sd_icmp6_nd *nd = userdata; + uint64_t time_now, next_timeout; + struct ether_addr unset = { }; + struct ether_addr *addr = NULL; + int r; + + assert(s); + assert(nd); + assert(nd->event); + + nd->timeout = sd_event_source_unref(nd->timeout); + + if (nd->nd_sent >= ICMP6_MAX_ROUTER_SOLICITATIONS) { + icmp6_nd_notify(nd, ICMP6_EVENT_ROUTER_ADVERTISMENT_TIMEOUT); + nd->state = ICMP6_ROUTER_ADVERTISMENT_LISTEN; + } else { + if (memcmp(&nd->mac_addr, &unset, sizeof(struct ether_addr))) + addr = &nd->mac_addr; + + r = dhcp_network_icmp6_send_router_solicitation(nd->fd, addr); + if (r < 0) + log_icmp6_nd(nd, "Error sending Router Solicitation"); + else { + nd->state = ICMP6_ROUTER_SOLICITATION_SENT; + log_icmp6_nd(nd, "Sent Router Solicitation"); + } + + nd->nd_sent++; + + r = sd_event_now(nd->event, CLOCK_MONOTONIC, &time_now); + if (r < 0) { + icmp6_nd_notify(nd, r); + return 0; + } + + next_timeout = time_now + ICMP6_ROUTER_SOLICITATION_INTERVAL; + + r = sd_event_add_time(nd->event, &nd->timeout, CLOCK_MONOTONIC, + next_timeout, 0, + icmp6_router_solicitation_timeout, nd); + if (r < 0) { + icmp6_nd_notify(nd, r); + return 0; + } + + r = sd_event_source_set_priority(nd->timeout, + nd->event_priority); + if (r < 0) { + icmp6_nd_notify(nd, r); + return 0; + } + } + + return 0; +} + +int sd_icmp6_router_solicitation_start(sd_icmp6_nd *nd) { + int r; + + assert(nd); + assert(nd->event); + + if (nd->state != ICMP6_NEIGHBOR_DISCOVERY_IDLE) + return -EINVAL; + + if (nd->index < 1) + return -EINVAL; + + r = dhcp_network_icmp6_bind_router_solicitation(nd->index); + if (r < 0) + return r; + + nd->fd = r; + + r = sd_event_add_io(nd->event, &nd->recv, nd->fd, EPOLLIN, + icmp6_router_advertisment_recv, nd); + if (r < 0) + goto error; + + r = sd_event_source_set_priority(nd->recv, nd->event_priority); + if (r < 0) + goto error; + + r = sd_event_add_time(nd->event, &nd->timeout, CLOCK_MONOTONIC, + 0, 0, icmp6_router_solicitation_timeout, nd); + if (r < 0) + goto error; + + r = sd_event_source_set_priority(nd->timeout, nd->event_priority); + +error: + if (r < 0) + icmp6_nd_init(nd); + else + log_icmp6_nd(client, "Start Router Solicitation"); + + return r; +} diff --git a/src/systemd/sd-icmp6-nd.h b/src/systemd/sd-icmp6-nd.h new file mode 100644 index 0000000000..5e9dc0aa26 --- /dev/null +++ b/src/systemd/sd-icmp6-nd.h @@ -0,0 +1,56 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +#ifndef foosdicmp6ndfoo +#define foosdicmp6ndfoo + +/*** + This file is part of systemd. + + Copyright (C) 2014 Intel Corporation. All rights reserved. + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <net/ethernet.h> + +#include "sd-event.h" + +enum { + ICMP6_EVENT_ROUTER_ADVERTISMENT_NONE = 0, + ICMP6_EVENT_ROUTER_ADVERTISMENT_TIMEOUT = 1, + ICMP6_EVENT_ROUTER_ADVERTISMENT_OTHER = 2, + ICMP6_EVENT_ROUTER_ADVERTISMENT_MANAGED = 3, +}; + +typedef struct sd_icmp6_nd sd_icmp6_nd; + +typedef void(*sd_icmp6_nd_callback_t)(sd_icmp6_nd *nd, int event, + void *userdata); + +int sd_icmp6_nd_set_callback(sd_icmp6_nd *nd, sd_icmp6_nd_callback_t cb, + void *userdata); +int sd_icmp6_nd_set_index(sd_icmp6_nd *nd, int interface_index); +int sd_icmp6_nd_set_mac(sd_icmp6_nd *nd, const struct ether_addr *mac_addr); + +int sd_icmp6_nd_attach_event(sd_icmp6_nd *nd, sd_event *event, int priority); +int sd_icmp6_nd_detach_event(sd_icmp6_nd *nd); +sd_event *sd_icmp6_nd_get_event(sd_icmp6_nd *nd); + +sd_icmp6_nd *sd_icmp6_nd_ref(sd_icmp6_nd *nd); +sd_icmp6_nd *sd_icmp6_nd_unref(sd_icmp6_nd *nd); +int sd_icmp6_nd_new(sd_icmp6_nd **ret); + +int sd_icmp6_router_solicitation_start(sd_icmp6_nd *nd); + +#endif |