1 /* $OpenBSD: rtsol.c,v 1.10 2003/10/05 15:29:28 deraadt Exp $ */
2 /* $KAME: rtsol.c,v 1.15 2002/05/31 10:10:03 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 #include <sys/param.h>
34 #include <sys/socket.h>
35 #include <sys/uio.h>
36 #include <sys/time.h>
37 #include <sys/queue.h>
38
39 #include <net/if.h>
40 #include <net/route.h>
41 #include <net/if_dl.h>
42
43 #include <netinet/in.h>
44 #include <netinet/ip6.h>
45 #include <netinet6/ip6_var.h>
46 #include <netinet/icmp6.h>
47
48 #include <arpa/inet.h>
49
50 #include <time.h>
51 #include <unistd.h>
52 #include <stdio.h>
53 #include <err.h>
54 #include <errno.h>
55 #include <string.h>
56 #include <stdlib.h>
57 #include <syslog.h>
58 #include "rtsold.h"
59
60 __RCSID("$MirOS: src/usr.sbin/rtsold/rtsol.c,v 1.2 2006/11/04 05:57:44 tg Exp $");
61
62 #define ALLROUTER "ff02::2"
63
64 static struct msghdr rcvmhdr;
65 static struct msghdr sndmhdr;
66 static struct iovec rcviov[2];
67 static struct iovec sndiov[2];
68 static struct sockaddr_in6 from;
69
70 int rssock;
71
72 static struct sockaddr_in6 sin6_allrouters = {sizeof(sin6_allrouters), AF_INET6};
73
74 int
sockopen(void)75 sockopen(void)
76 {
77 static u_char *rcvcmsgbuf = NULL, *sndcmsgbuf = NULL;
78 int rcvcmsglen, sndcmsglen, on;
79 static u_char answer[1500];
80 struct icmp6_filter filt;
81
82 sndcmsglen = rcvcmsglen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
83 CMSG_SPACE(sizeof(int));
84 if (rcvcmsgbuf == NULL && (rcvcmsgbuf = malloc(rcvcmsglen)) == NULL) {
85 warnmsg(LOG_ERR, __func__,
86 "malloc for receive msghdr failed");
87 return(-1);
88 }
89 if (sndcmsgbuf == NULL && (sndcmsgbuf = malloc(sndcmsglen)) == NULL) {
90 warnmsg(LOG_ERR, __func__,
91 "malloc for send msghdr failed");
92 return(-1);
93 }
94 memset(&sin6_allrouters, 0, sizeof(struct sockaddr_in6));
95 sin6_allrouters.sin6_family = AF_INET6;
96 sin6_allrouters.sin6_len = sizeof(sin6_allrouters);
97 if (inet_pton(AF_INET6, ALLROUTER,
98 &sin6_allrouters.sin6_addr.s6_addr) != 1) {
99 warnmsg(LOG_ERR, __func__, "inet_pton failed for %s",
100 ALLROUTER);
101 return(-1);
102 }
103
104 if ((rssock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
105 warnmsg(LOG_ERR, __func__, "socket: %s", strerror(errno));
106 return(-1);
107 }
108
109 /* specify to tell receiving interface */
110 on = 1;
111 #ifdef IPV6_RECVPKTINFO
112 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
113 sizeof(on)) < 0) {
114 warnmsg(LOG_ERR, __func__, "IPV6_RECVPKTINFO: %s",
115 strerror(errno));
116 exit(1);
117 }
118 #else /* old adv. API */
119 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_PKTINFO, &on,
120 sizeof(on)) < 0) {
121 warnmsg(LOG_ERR, __func__, "IPV6_PKTINFO: %s",
122 strerror(errno));
123 exit(1);
124 }
125 #endif
126
127 on = 1;
128 /* specify to tell value of hoplimit field of received IP6 hdr */
129 #ifdef IPV6_RECVHOPLIMIT
130 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
131 sizeof(on)) < 0) {
132 warnmsg(LOG_ERR, __func__, "IPV6_RECVHOPLIMIT: %s",
133 strerror(errno));
134 exit(1);
135 }
136 #else /* old adv. API */
137 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on,
138 sizeof(on)) < 0) {
139 warnmsg(LOG_ERR, __func__, "IPV6_HOPLIMIT: %s",
140 strerror(errno));
141 exit(1);
142 }
143 #endif
144
145 /* specfiy to accept only router advertisements on the socket */
146 ICMP6_FILTER_SETBLOCKALL(&filt);
147 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
148 if (setsockopt(rssock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt,
149 sizeof(filt)) == -1) {
150 warnmsg(LOG_ERR, __func__, "setsockopt(ICMP6_FILTER): %s",
151 strerror(errno));
152 return(-1);
153 }
154
155 /* initialize msghdr for receiving packets */
156 rcviov[0].iov_base = (caddr_t)answer;
157 rcviov[0].iov_len = sizeof(answer);
158 rcvmhdr.msg_name = (caddr_t)&from;
159 rcvmhdr.msg_namelen = sizeof(from);
160 rcvmhdr.msg_iov = rcviov;
161 rcvmhdr.msg_iovlen = 1;
162 rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
163 rcvmhdr.msg_controllen = rcvcmsglen;
164
165 /* initialize msghdr for sending packets */
166 sndmhdr.msg_namelen = sizeof(struct sockaddr_in6);
167 sndmhdr.msg_iov = sndiov;
168 sndmhdr.msg_iovlen = 1;
169 sndmhdr.msg_control = (caddr_t)sndcmsgbuf;
170 sndmhdr.msg_controllen = sndcmsglen;
171
172 return(rssock);
173 }
174
175 void
sendpacket(struct ifinfo * ifinfo)176 sendpacket(struct ifinfo *ifinfo)
177 {
178 struct in6_pktinfo *pi;
179 struct cmsghdr *cm;
180 int hoplimit = 255;
181 struct sockaddr_in6 dst;
182 ssize_t i;
183
184 dst = sin6_allrouters;
185 dst.sin6_scope_id = ifinfo->linkid;
186
187 sndmhdr.msg_name = (caddr_t)&dst;
188 sndmhdr.msg_iov[0].iov_base = (caddr_t)ifinfo->rs_data;
189 sndmhdr.msg_iov[0].iov_len = ifinfo->rs_datalen;
190
191 cm = CMSG_FIRSTHDR(&sndmhdr);
192 /* specify the outgoing interface */
193 cm->cmsg_level = IPPROTO_IPV6;
194 cm->cmsg_type = IPV6_PKTINFO;
195 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
196 pi = (struct in6_pktinfo *)CMSG_DATA(cm);
197 memset(&pi->ipi6_addr, 0, sizeof(pi->ipi6_addr)); /*XXX*/
198 pi->ipi6_ifindex = ifinfo->sdl->sdl_index;
199
200 /* specify the hop limit of the packet */
201 cm = CMSG_NXTHDR(&sndmhdr, cm);
202 cm->cmsg_level = IPPROTO_IPV6;
203 cm->cmsg_type = IPV6_HOPLIMIT;
204 cm->cmsg_len = CMSG_LEN(sizeof(int));
205 memcpy(CMSG_DATA(cm), &hoplimit, sizeof(int));
206
207 warnmsg(LOG_DEBUG, __func__,
208 "send RS on %s, whose state is %d",
209 ifinfo->ifname, ifinfo->state);
210
211 i = sendmsg(rssock, &sndmhdr, 0);
212
213 if (i < 0 || i != ifinfo->rs_datalen) {
214 /*
215 * ENETDOWN is not so serious, especially when using several
216 * network cards on a mobile node. We ignore it.
217 */
218 if (errno != ENETDOWN || dflag > 0)
219 warnmsg(LOG_ERR, __func__, "sendmsg on %s: %s",
220 ifinfo->ifname, strerror(errno));
221 }
222
223 /* update counter */
224 ifinfo->probes++;
225 }
226
227 void
rtsol_input(int s)228 rtsol_input(int s)
229 {
230 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
231 int ifindex = 0, *hlimp = NULL;
232 struct in6_pktinfo *pi = NULL;
233 struct ifinfo *ifi = NULL;
234 struct icmp6_hdr *icp;
235 struct cmsghdr *cm;
236 ssize_t i;
237
238 /* get message */
239 if ((i = recvmsg(s, &rcvmhdr, 0)) < 0) {
240 warnmsg(LOG_ERR, __func__, "recvmsg: %s", strerror(errno));
241 return;
242 }
243
244 /* extract optional information via Advanced API */
245 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&rcvmhdr); cm;
246 cm = (struct cmsghdr *)CMSG_NXTHDR(&rcvmhdr, cm)) {
247 if (cm->cmsg_level == IPPROTO_IPV6 &&
248 cm->cmsg_type == IPV6_PKTINFO &&
249 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) {
250 pi = (struct in6_pktinfo *)(CMSG_DATA(cm));
251 ifindex = pi->ipi6_ifindex;
252 }
253 if (cm->cmsg_level == IPPROTO_IPV6 &&
254 cm->cmsg_type == IPV6_HOPLIMIT &&
255 cm->cmsg_len == CMSG_LEN(sizeof(int)))
256 hlimp = (int *)CMSG_DATA(cm);
257 }
258
259 if (ifindex == 0) {
260 warnmsg(LOG_ERR, __func__,
261 "failed to get receiving interface");
262 return;
263 }
264 if (hlimp == NULL) {
265 warnmsg(LOG_ERR, __func__,
266 "failed to get receiving hop limit");
267 return;
268 }
269
270 if (i < sizeof(struct nd_router_advert)) {
271 warnmsg(LOG_ERR, __func__,
272 "packet size(%zd) is too short", i);
273 return;
274 }
275
276 icp = (struct icmp6_hdr *)rcvmhdr.msg_iov[0].iov_base;
277
278 if (icp->icmp6_type != ND_ROUTER_ADVERT) {
279 warnmsg(LOG_ERR, __func__,
280 "invalid icmp type(%d) from %s on %s", icp->icmp6_type,
281 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
282 INET6_ADDRSTRLEN),
283 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
284 return;
285 }
286
287 if (icp->icmp6_code != 0) {
288 warnmsg(LOG_ERR, __func__,
289 "invalid icmp code(%d) from %s on %s", icp->icmp6_code,
290 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
291 INET6_ADDRSTRLEN),
292 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
293 return;
294 }
295
296 if (*hlimp != 255) {
297 warnmsg(LOG_NOTICE, __func__,
298 "invalid RA with hop limit(%d) from %s on %s",
299 *hlimp,
300 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
301 INET6_ADDRSTRLEN),
302 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
303 return;
304 }
305
306 if (pi && !IN6_IS_ADDR_LINKLOCAL(&from.sin6_addr)) {
307 warnmsg(LOG_NOTICE, __func__,
308 "invalid RA with non link-local source from %s on %s",
309 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
310 INET6_ADDRSTRLEN),
311 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
312 return;
313 }
314
315 /* xxx: more validation? */
316
317 if ((ifi = find_ifinfo(pi->ipi6_ifindex)) == NULL) {
318 warnmsg(LOG_NOTICE, __func__,
319 "received RA from %s on an unexpeced IF(%s)",
320 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
321 INET6_ADDRSTRLEN),
322 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
323 return;
324 }
325
326 warnmsg(LOG_DEBUG, __func__,
327 "received RA from %s on %s, state is %d",
328 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, INET6_ADDRSTRLEN),
329 ifi->ifname, ifi->state);
330
331 ifi->racnt++;
332
333 switch (ifi->state) {
334 case IFS_IDLE: /* should be ignored */
335 case IFS_DELAY: /* right? */
336 break;
337 case IFS_PROBE:
338 ifi->state = IFS_IDLE;
339 ifi->probes = 0;
340 rtsol_timer_update(ifi);
341 break;
342 }
343 }
344