[thirdparty/systemd.git] / src / libsystemd-network / dhcp-packet.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */
/***
  Copyright © 2013 Intel Corporation. All rights reserved.
***/

#include <errno.h>
#include <net/ethernet.h>
#include <net/if_arp.h>
#include <string.h>

#include "dhcp-internal.h"
#include "dhcp-protocol.h"
#include "memory-util.h"

#define DHCP_CLIENT_MIN_OPTIONS_SIZE            312

int dhcp_message_init(
                DHCPMessage *message,
                uint8_t op,
                uint32_t xid,
                uint8_t type,
                uint16_t arp_type,
                uint8_t hlen,
                const uint8_t *chaddr,
                size_t optlen,
                size_t *optoffset) {

        size_t offset = 0;
        int r;

        assert(IN_SET(op, BOOTREQUEST, BOOTREPLY));
        assert(chaddr || hlen == 0);

        message->op = op;
        message->htype = arp_type;

        /* RFC2131 section 4.1.1:
           The client MUST include its hardware address in the ’chaddr’ field, if
           necessary for delivery of DHCP reply messages.

           RFC 4390 section 2.1:
           A DHCP client, when working over an IPoIB interface, MUST follow the
           following rules:
           "htype" (hardware address type) MUST be 32 [ARPPARAM].
           "hlen" (hardware address length) MUST be 0.
           "chaddr" (client hardware address) field MUST be zeroed.
         */
        message->hlen = (arp_type == ARPHRD_INFINIBAND) ? 0 : hlen;
        memcpy_safe(message->chaddr, chaddr, message->hlen);

        message->xid = htobe32(xid);
        message->magic = htobe32(DHCP_MAGIC_COOKIE);

        r = dhcp_option_append(message, optlen, &offset, 0,
                               SD_DHCP_OPTION_MESSAGE_TYPE, 1, &type);
        if (r < 0)
                return r;

        *optoffset = offset;

        return 0;
}

uint16_t dhcp_packet_checksum(uint8_t *buf, size_t len) {
        uint64_t *buf_64 = (uint64_t*)buf;
        uint64_t *end_64 = buf_64 + (len / sizeof(uint64_t));
        uint64_t sum = 0;

        /* See RFC1071 */

        while (buf_64 < end_64) {
                sum += *buf_64;
                if (sum < *buf_64)
                        /* wrap around in one's complement */
                        sum++;

                buf_64++;
        }

        if (len % sizeof(uint64_t)) {
                /* If the buffer is not aligned to 64-bit, we need
                   to zero-pad the last few bytes and add them in */
                uint64_t buf_tail = 0;

                memcpy(&buf_tail, buf_64, len % sizeof(uint64_t));

                sum += buf_tail;
                if (sum < buf_tail)
                        /* wrap around */
                        sum++;
        }

        while (sum >> 16)
                sum = (sum & 0xffff) + (sum >> 16);

        return ~sum;
}

void dhcp_packet_append_ip_headers(DHCPPacket *packet, be32_t source_addr,
                                   uint16_t source_port, be32_t destination_addr,
                                   uint16_t destination_port, uint16_t len, int ip_service_type) {
        packet->ip.version = IPVERSION;
        packet->ip.ihl = DHCP_IP_SIZE / 4;
        packet->ip.tot_len = htobe16(len);

        if (ip_service_type >= 0)
                packet->ip.tos = ip_service_type;
        else
                packet->ip.tos = IPTOS_CLASS_CS6;

        packet->ip.protocol = IPPROTO_UDP;
        packet->ip.saddr = source_addr;
        packet->ip.daddr = destination_addr;

        packet->udp.source = htobe16(source_port);
        packet->udp.dest = htobe16(destination_port);

        packet->udp.len = htobe16(len - DHCP_IP_SIZE);

        packet->ip.check = packet->udp.len;
        packet->udp.check = dhcp_packet_checksum((uint8_t*)&packet->ip.ttl, len - 8);

        packet->ip.ttl = IPDEFTTL;
        packet->ip.check = 0;
        packet->ip.check = dhcp_packet_checksum((uint8_t*)&packet->ip, DHCP_IP_SIZE);
}

int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, uint16_t port) {
        size_t hdrlen;

        assert(packet);

        /* IP */

        if (packet->ip.version != IPVERSION)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: not IPv4");

        if (packet->ip.ihl < 5)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: IPv4 IHL (%u words) invalid",
                                       packet->ip.ihl);

        hdrlen = packet->ip.ihl * 4;
        if (hdrlen < 20)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: IPv4 IHL (%zu bytes) "
                                       "smaller than minimum (20 bytes)",
                                       hdrlen);

        if (len < hdrlen)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: packet (%zu bytes) "
                                       "smaller than expected (%zu) by IP header",
                                       len, hdrlen);

        /* UDP */

        if (packet->ip.protocol != IPPROTO_UDP)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: not UDP");

        if (len < hdrlen + be16toh(packet->udp.len))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: packet (%zu bytes) "
                                       "smaller than expected (%zu) by UDP header",
                                       len, hdrlen + be16toh(packet->udp.len));

        if (be16toh(packet->udp.dest) != port)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: to port %u, which "
                                       "is not the DHCP client port (%u)",
                                       be16toh(packet->udp.dest), port);

        /* checksums - computing these is relatively expensive, so only do it
           if all the other checks have passed
         */

        if (dhcp_packet_checksum((uint8_t*)&packet->ip, hdrlen))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: invalid IP checksum");

        if (checksum && packet->udp.check) {
                packet->ip.check = packet->udp.len;
                packet->ip.ttl = 0;

                if (dhcp_packet_checksum((uint8_t*)&packet->ip.ttl,
                                  be16toh(packet->udp.len) + 12))
                        return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "ignoring packet: invalid UDP checksum");
        }

        return 0;
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
cf597f65	2	/***
810adae9	3	Copyright © 2013 Intel Corporation. All rights reserved.
cf597f65 TG	4	***/
cf597f65 TG	5
cf597f65	6	#include <errno.h>
cf597f65 TG	7	#include <net/ethernet.h>
cf597f65 TG	8	#include <net/if_arp.h>
cf0fbc49	9	#include <string.h>
cf597f65	10
cf597f65	11	#include "dhcp-internal.h"
cf0fbc49	12	#include "dhcp-protocol.h"
97fa338d	13	#include "memory-util.h"
cf597f65 TG	14
	15	#define DHCP_CLIENT_MIN_OPTIONS_SIZE 312
	16
97fa338d YW	17	int dhcp_message_init(
	18	DHCPMessage *message,
	19	uint8_t op,
	20	uint32_t xid,
	21	uint8_t type,
	22	uint16_t arp_type,
	23	uint8_t hlen,
	24	const uint8_t *chaddr,
	25	size_t optlen,
	26	size_t *optoffset) {
	27
20b958bf TG	28	size_t offset = 0;
20b958bf TG	29	int r;
cf597f65	30
3742095b	31	assert(IN_SET(op, BOOTREQUEST, BOOTREPLY));
97fa338d	32	assert(chaddr \|\| hlen == 0);
0a1b6da8	33
cf597f65	34	message->op = op;
76253e73	35	message->htype = arp_type;
97fa338d YW	36
	37	/* RFC2131 section 4.1.1:
	38	The client MUST include its hardware address in the ’chaddr’ field, if
	39	necessary for delivery of DHCP reply messages.
	40
	41	RFC 4390 section 2.1:
	42	A DHCP client, when working over an IPoIB interface, MUST follow the
	43	following rules:
	44	"htype" (hardware address type) MUST be 32 [ARPPARAM].
	45	"hlen" (hardware address length) MUST be 0.
	46	"chaddr" (client hardware address) field MUST be zeroed.
	47	*/
	48	message->hlen = (arp_type == ARPHRD_INFINIBAND) ? 0 : hlen;
	49	memcpy_safe(message->chaddr, chaddr, message->hlen);
	50
cf597f65	51	message->xid = htobe32(xid);
3b7ca119	52	message->magic = htobe32(DHCP_MAGIC_COOKIE);
cf597f65	53
04b28be1	54	r = dhcp_option_append(message, optlen, &offset, 0,
22805d92	55	SD_DHCP_OPTION_MESSAGE_TYPE, 1, &type);
20b958bf TG	56	if (r < 0)
20b958bf TG	57	return r;
cf597f65	58
20b958bf	59	*optoffset = offset;
cf597f65 TG	60
	61	return 0;
	62	}
	63
0bbc2c1f TG	64	uint16_t dhcp_packet_checksum(uint8_t *buf, size_t len) {
	65	uint64_t buf_64 = (uint64_t)buf;
	66	uint64_t *end_64 = buf_64 + (len / sizeof(uint64_t));
d5761274 TG	67	uint64_t sum = 0;
d5761274 TG	68
0bbc2c1f TG	69	/* See RFC1071 */
0bbc2c1f TG	70
d5761274 TG	71	while (buf_64 < end_64) {
	72	sum += *buf_64;
	73	if (sum < *buf_64)
0bbc2c1f	74	/* wrap around in one's complement */
d5761274 TG	75	sum++;
d5761274 TG	76
313cefa1	77	buf_64++;
d5761274 TG	78	}
d5761274 TG	79
0bbc2c1f TG	80	if (len % sizeof(uint64_t)) {
	81	/* If the buffer is not aligned to 64-bit, we need
	82	to zero-pad the last few bytes and add them in */
	83	uint64_t buf_tail = 0;
cf597f65	84
0bbc2c1f	85	memcpy(&buf_tail, buf_64, len % sizeof(uint64_t));
cf597f65	86
0bbc2c1f TG	87	sum += buf_tail;
	88	if (sum < buf_tail)
	89	/* wrap around */
d5761274	90	sum++;
cf597f65 TG	91	}
	92
	93	while (sum >> 16)
	94	sum = (sum & 0xffff) + (sum >> 16);
	95
	96	return ~sum;
	97	}
	98
63edaa62 TG	99	void dhcp_packet_append_ip_headers(DHCPPacket *packet, be32_t source_addr,
63edaa62 TG	100	uint16_t source_port, be32_t destination_addr,
afe42aef	101	uint16_t destination_port, uint16_t len, int ip_service_type) {
cf597f65 TG	102	packet->ip.version = IPVERSION;
	103	packet->ip.ihl = DHCP_IP_SIZE / 4;
	104	packet->ip.tot_len = htobe16(len);
	105
afe42aef SC	106	if (ip_service_type >= 0)
	107	packet->ip.tos = ip_service_type;
	108	else
	109	packet->ip.tos = IPTOS_CLASS_CS6;
85923f79	110
cf597f65	111	packet->ip.protocol = IPPROTO_UDP;
63edaa62 TG	112	packet->ip.saddr = source_addr;
63edaa62 TG	113	packet->ip.daddr = destination_addr;
cf597f65	114
63edaa62 TG	115	packet->udp.source = htobe16(source_port);
63edaa62 TG	116	packet->udp.dest = htobe16(destination_port);
cf597f65 TG	117
	118	packet->udp.len = htobe16(len - DHCP_IP_SIZE);
	119
	120	packet->ip.check = packet->udp.len;
0bbc2c1f	121	packet->udp.check = dhcp_packet_checksum((uint8_t*)&packet->ip.ttl, len - 8);
cf597f65 TG	122
	123	packet->ip.ttl = IPDEFTTL;
	124	packet->ip.check = 0;
0bbc2c1f	125	packet->ip.check = dhcp_packet_checksum((uint8_t*)&packet->ip, DHCP_IP_SIZE);
cf597f65 TG	126	}
cf597f65 TG	127
9faed222	128	int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, uint16_t port) {
cf597f65 TG	129	size_t hdrlen;
cf597f65 TG	130
5266a81e TG	131	assert(packet);
5266a81e TG	132
06b44be7	133	/* IP */
cf597f65	134
baaa35ad ZJS	135	if (packet->ip.version != IPVERSION)
	136	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	137	"ignoring packet: not IPv4");
6e34949d	138
baaa35ad ZJS	139	if (packet->ip.ihl < 5)
	140	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	141	"ignoring packet: IPv4 IHL (%u words) invalid",
	142	packet->ip.ihl);
cf597f65 TG	143
cf597f65 TG	144	hdrlen = packet->ip.ihl * 4;
baaa35ad ZJS	145	if (hdrlen < 20)
	146	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	147	"ignoring packet: IPv4 IHL (%zu bytes) "
	148	"smaller than minimum (20 bytes)",
	149	hdrlen);
	150
	151	if (len < hdrlen)
	152	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	153	"ignoring packet: packet (%zu bytes) "
	154	"smaller than expected (%zu) by IP header",
	155	len, hdrlen);
cf597f65	156
06b44be7 TG	157	/* UDP */
06b44be7 TG	158
baaa35ad ZJS	159	if (packet->ip.protocol != IPPROTO_UDP)
	160	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	161	"ignoring packet: not UDP");
d454a674	162
baaa35ad ZJS	163	if (len < hdrlen + be16toh(packet->udp.len))
	164	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	165	"ignoring packet: packet (%zu bytes) "
	166	"smaller than expected (%zu) by UDP header",
	167	len, hdrlen + be16toh(packet->udp.len));
cf597f65	168
baaa35ad ZJS	169	if (be16toh(packet->udp.dest) != port)
	170	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	171	"ignoring packet: to port %u, which "
	172	"is not the DHCP client port (%u)",
	173	be16toh(packet->udp.dest), port);
2ad7561f TG	174
	175	/* checksums - computing these is relatively expensive, so only do it
	176	if all the other checks have passed
	177	*/
	178
baaa35ad ZJS	179	if (dhcp_packet_checksum((uint8_t*)&packet->ip, hdrlen))
	180	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	181	"ignoring packet: invalid IP checksum");
2ad7561f	182
55dab2ed	183	if (checksum && packet->udp.check) {
cf597f65 TG	184	packet->ip.check = packet->udp.len;
	185	packet->ip.ttl = 0;
	186
0bbc2c1f	187	if (dhcp_packet_checksum((uint8_t*)&packet->ip.ttl,
baaa35ad ZJS	188	be16toh(packet->udp.len) + 12))
	189	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	190	"ignoring packet: invalid UDP checksum");
cf597f65 TG	191	}
cf597f65 TG	192
cf597f65 TG	193	return 0;
cf597f65 TG	194	}