[people/ms/dnsmasq.git] / src / radv.c

/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; version 2 dated June, 1991, or
   (at your option) version 3 dated 29 June, 2007.
 
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
     
   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/


/* NB. This code may be called during a DHCPv4 or transaction which is in ping-wait
   It therefore cannot use any DHCP buffer resources except outpacket, which is
   not used by DHCPv4 code. This code may also be called when DHCP 4 or 6 isn't
   active, so we ensure that outpacket is allocated here too */

#include "dnsmasq.h"

#ifdef HAVE_DHCP6

#include <netinet/icmp6.h>

struct ra_param {
  int ind, managed, other, found_context, first;
  char *if_name;
  struct in6_addr link_local;
};

struct search_param {
  time_t now; int iface;
};

static void send_ra(int iface, char *iface_name, struct in6_addr *dest);
static int add_prefixes(struct in6_addr *local,  int prefix,
			int scope, int if_index, int dad, void *vparam);
static int iface_search(struct in6_addr *local,  int prefix,
			int scope, int if_index, int dad, void *vparam);
static int add_lla(int index, unsigned int type, char *mac, size_t maclen, void *parm);

static int hop_limit;
static time_t ra_short_period_start;

void ra_init(time_t now)
{
  struct icmp6_filter filter;
  int fd;
#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
  int class = IPTOS_CLASS_CS6;
#endif
  int val = 255; /* radvd uses this value */
  socklen_t len = sizeof(int);
  struct dhcp_context *context;
  
  /* ensure this is around even if we're not doing DHCPv6 */
  expand_buf(&daemon->outpacket, sizeof(struct dhcp_packet));
 
  /* See if we're guessing SLAAC addresses, if so we need to recieve ping replies */
  for (context = daemon->ra_contexts; context; context = context->next)
    if ((context->flags & CONTEXT_RA_NAME))
      break;
  
  ICMP6_FILTER_SETBLOCKALL(&filter);
  ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter);
  if (context)
    ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filter);
  
  if ((fd = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) == -1 ||
      getsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &hop_limit, &len) ||
#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
      setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, &class, sizeof(class)) == -1 ||
#endif
      !fix_fd(fd) ||
      !set_ipv6pktinfo(fd) ||
      setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &val, sizeof(val)) ||
      setsockopt(fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &val, sizeof(val)) ||
      setsockopt(fd, IPPROTO_ICMPV6, ICMP6_FILTER, &filter, sizeof(filter)) == -1)
    die (_("cannot create ICMPv6 socket: %s"), NULL, EC_BADNET);
  
   daemon->icmp6fd = fd;
   
   ra_start_unsolicted(now, NULL);
}

void ra_start_unsolicted(time_t now, struct dhcp_context *context)
{   
   /* init timers so that we do ra's for some/all soon. some ra_times will end up zeroed
     if it's not appropriate to advertise those contexts.
     This gets re-called on a netlink route-change to re-do the advertisement
     and pick up new interfaces */

  if (context)
     context->ra_time = now;
  else
    for (context = daemon->ra_contexts; context; context = context->next)
      context->ra_time = now + (rand16()/13000); /* range 0 - 5 */

   /* re-do frequently for a minute or so, in case the first gets lost. */
   ra_short_period_start = now;
}

void icmp6_packet(void)
{
  char interface[IF_NAMESIZE+1];
  ssize_t sz; 
  int if_index = 0;
  struct cmsghdr *cmptr;
  struct msghdr msg;
  union {
    struct cmsghdr align; /* this ensures alignment */
    char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
  } control_u;
  struct sockaddr_in6 from;
  unsigned char *p;
  char *mac = "";
  struct iname *tmp;
  struct dhcp_context *context;

  /* Note: use outpacket for input buffer */
  msg.msg_control = control_u.control6;
  msg.msg_controllen = sizeof(control_u);
  msg.msg_flags = 0;
  msg.msg_name = &from;
  msg.msg_namelen = sizeof(from);
  msg.msg_iov = &daemon->outpacket;
  msg.msg_iovlen = 1;
  
  if ((sz = recv_dhcp_packet(daemon->icmp6fd, &msg)) == -1 || sz < 8)
    return;
  
  for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
    if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
      {
	union {
	  unsigned char *c;
	  struct in6_pktinfo *p;
	} p;
	p.c = CMSG_DATA(cmptr);
        
	if_index = p.p->ipi6_ifindex;
      }
  
  if (!indextoname(daemon->icmp6fd, if_index, interface))
    return;
    
  if (!iface_check(AF_LOCAL, NULL, interface))
    return;
  
  for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
    if (tmp->name && (strcmp(tmp->name, interface) == 0))
      return;
 
  /* weird libvirt-inspired access control */
  for (context = daemon->dhcp6; context; context = context->next)
    if (!context->interface || strcmp(context->interface, interface) == 0)
      break;
  
  if (!context)
    return;

  p = (unsigned char *)daemon->outpacket.iov_base;
  
  if (p[1] != 0)
    return;

  if (p[0] == ICMP6_ECHO_REPLY)
    {
      /* We may be doing RA but not DHCPv4, in which case the lease
	 database may not exist and we have nothing to do anyway */
      if (daemon->dhcp)
	lease_ping_reply(&from.sin6_addr, p, interface);
      return;
    }

  if (p[0] != ND_ROUTER_SOLICIT)
    return;
  
  /* look for link-layer address option for logging */
  if (sz >= 16 && p[8] == ICMP6_OPT_SOURCE_MAC && (p[9] * 8) + 8 <= sz)
    {
      print_mac(daemon->namebuff, &p[10], (p[9] * 8) - 2);
      mac = daemon->namebuff;
    }
  
  my_syslog(MS_DHCP | LOG_INFO, "RTR-SOLICIT(%s) %s", interface, mac);
  
  send_ra(if_index, interface, &from.sin6_addr);
}

static void send_ra(int iface, char *iface_name, struct in6_addr *dest)
{
  struct ra_packet *ra;
  struct ra_param parm;
  struct ifreq ifr;
  struct sockaddr_in6 addr;
  struct dhcp_context *context;

  save_counter(0);
  ra = expand(sizeof(struct ra_packet));
  
  ra->type = ND_ROUTER_ADVERT;
  ra->code = 0;
  ra->hop_limit = hop_limit;
  ra->flags = 0x00;
  ra->lifetime = htons(1800); /* AdvDefaultLifetime*/
  ra->reachable_time = 0;
  ra->retrans_time = 0;

  parm.ind = iface;
  parm.managed = 0;
  parm.other = 0;
  parm.found_context = 0;
  parm.if_name = iface_name;
  parm.first = 1;

  for (context = daemon->ra_contexts; context; context = context->next)
    context->flags &= ~CONTEXT_RA_DONE;
  
  if (!iface_enumerate(AF_INET6, &parm, add_prefixes) ||
      !parm.found_context)
    return;

  strncpy(ifr.ifr_name, iface_name, IF_NAMESIZE);
  
  if (ioctl(daemon->icmp6fd, SIOCGIFMTU, &ifr) != -1)
    {
      put_opt6_char(ICMP6_OPT_MTU);
      put_opt6_char(1);
      put_opt6_short(0);
      put_opt6_long(ifr.ifr_mtu);
    }
     
  iface_enumerate(AF_LOCAL, &iface, add_lla);
  
  /* RDNSS, RFC 6106 */
  put_opt6_char(ICMP6_OPT_RDNSS);
  put_opt6_char(3);
  put_opt6_short(0);
  put_opt6_long(1800); /* lifetime - twice RA retransmit */
  put_opt6(&parm.link_local, IN6ADDRSZ);


  /* set managed bits unless we're providing only RA on this link */
  if (parm.managed)
    ra->flags |= 0x80; /* M flag, managed, */
   if (parm.other)
    ra->flags |= 0x40; /* O flag, other */ 
			
  /* decide where we're sending */
  memset(&addr, 0, sizeof(addr));
#ifdef HAVE_SOCKADDR_SA_LEN
  addr.sin6_len = sizeof(struct sockaddr_in6);
#endif
  addr.sin6_family = AF_INET6;
  addr.sin6_port = htons(IPPROTO_ICMPV6);
  if (dest)
    {
      addr.sin6_addr = *dest;
      if (IN6_IS_ADDR_LINKLOCAL(dest) ||
	  IN6_IS_ADDR_MC_LINKLOCAL(dest))
	addr.sin6_scope_id = iface;
    }
  else
    inet_pton(AF_INET6, ALL_HOSTS, &addr.sin6_addr); 
  
  send_from(daemon->icmp6fd, 0, daemon->outpacket.iov_base, save_counter(0),
	    (union mysockaddr *)&addr, (struct all_addr *)&parm.link_local, iface, NULL); 
  
}

static int add_prefixes(struct in6_addr *local,  int prefix,
			int scope, int if_index, int dad, void *vparam)
{
  struct dhcp_context *context, *tmp;
  struct ra_param *param = vparam;
  struct prefix_opt *opt;

  (void)scope; /* warning */
  (void)dad;

  if (if_index == param->ind)
    {
      if (IN6_IS_ADDR_LINKLOCAL(local))
	param->link_local = *local;
      else if (!IN6_IS_ADDR_LOOPBACK(local) &&
	       !IN6_IS_ADDR_LINKLOCAL(local) &&
	       !IN6_IS_ADDR_MULTICAST(local))
	{
	  for (context = daemon->ra_contexts; context; context = context->next)
	    if (prefix == context->prefix &&
		is_same_net6(local, &context->start6, prefix) &&
		is_same_net6(local, &context->end6, prefix))
	      {
		int do_slaac = 0;

		if ((context->flags & 
		     (CONTEXT_RA_ONLY | CONTEXT_RA_NAME | CONTEXT_RA_STATELESS)))
		  {
		    do_slaac = 1;
		    if (context->flags & CONTEXT_RA_STATELESS)
		      param->other = 1; 
		  }
		else
		  {
		    /* don't do RA for non-ra-only unless --enable-ra is set */
		    if (!option_bool(OPT_RA))
		      continue;
		    param->managed = 1;
		    param->other = 1;
		  }

		if (context->flags & CONTEXT_RA_DONE)
		  continue;
		
		/* subsequent prefixes on the same interface don't need timers */
		if (!param->first)
		  context->ra_time = 0;
		param->first = 0;
		param->found_context = 1;
		context->flags |= CONTEXT_RA_DONE;

		/* mark this subnet and duplicates: as done. */
		for (tmp = context->next; tmp; tmp = tmp->next)
		  if (tmp->prefix == prefix &&
		      is_same_net6(local, &tmp->start6, prefix) &&
		      is_same_net6(local, &tmp->end6, prefix))
		    {
		      tmp->flags |= CONTEXT_RA_DONE;
		      context->ra_time = 0;
		      /* if any dhcp-range with ra-only on this subnet
			 set the "do_slaac" bit */
		      if (tmp->flags & 
			  (CONTEXT_RA_ONLY | CONTEXT_RA_NAME | CONTEXT_RA_STATELESS))
			{
			  do_slaac = 1;
			  if (context->flags & CONTEXT_RA_STATELESS)
			    param->other = 1; 
			}
		      else
			{
			  /* don't do RA for non-ra-only unless --enable-ra is set */
			  if (!option_bool(OPT_RA))
			    continue;
			  param->managed = 1;
			  param->other = 1;
			}
		    }
		
		if ((opt = expand(sizeof(struct prefix_opt))))
		  {
		    u64 addrpart = addr6part(&context->start6);
		    u64 mask = (prefix == 64) ? (u64)-1LL : (1LLU << (128 - prefix)) - 1LLU;
		    unsigned int time = context->lease_time;

		    /* lifetimes must be min 2 hrs, by RFC 2462 */
		    if (time < 7200)
		      time = 7200;

		    opt->type = ICMP6_OPT_PREFIX;
		    opt->len = 4;
		    opt->prefix_len = prefix;
		    /* autonomous only is we're not doing dhcp */
		    opt->flags = do_slaac ? 0x40 : 0x00;
		    opt->valid_lifetime = opt->preferred_lifetime = htonl(time);
		    opt->reserved = 0;
		    
		    opt->prefix = context->start6;
		    setaddr6part(&opt->prefix, addrpart & ~mask);
		    
		    inet_ntop(AF_INET6, &opt->prefix, daemon->addrbuff, ADDRSTRLEN);
		    my_syslog(MS_DHCP | LOG_INFO, "RTR-ADVERT(%s) %s", param->if_name, daemon->addrbuff); 		    
		  }
	      }
	}
    }          
  return 1;
}

static int add_lla(int index, unsigned int type, char *mac, size_t maclen, void *parm)
{
  (void)type;

  if (index == *((int *)parm))
    {
      /* size is in units of 8 octets and includes type and length (2 bytes)
	 add 7 to round up */
      int len = (maclen + 9) >> 3;
      unsigned char *p = expand(len << 3);
      memset(p, 0, len << 3);
      *p++ = ICMP6_OPT_SOURCE_MAC;
      *p++ = len;
      memcpy(p, mac, maclen);

      return 0;
    }

  return 1;
}

time_t periodic_ra(time_t now)
{
  struct search_param param;
  struct dhcp_context *context;
  time_t next_event;
  char interface[IF_NAMESIZE+1];
  
  param.now = now;

  while (1)
    {
      /* find overdue events, and time of first future event */
      for (next_event = 0, context = daemon->ra_contexts; context; context = context->next)
	if (context->ra_time != 0)
	  {
	    if (difftime(context->ra_time, now) <= 0.0)
	      break; /* overdue */
	    
	    if (next_event == 0 || difftime(next_event, context->ra_time) > 0.0)
	      next_event = context->ra_time;
	  }
      
      /* none overdue */
      if (!context)
	break;
      
      /* There's a context overdue, but we can't find an interface
	 associated with it, because it's for a subnet we dont 
	 have an interface on. Probably we're doing DHCP on
	 a remote subnet via a relay. Zero the timer, since we won't
	 ever be able to send ra's and satistfy it. */
      if (iface_enumerate(AF_INET6, &param, iface_search))
	context->ra_time = 0;
      else if (indextoname(daemon->icmp6fd, param.iface, interface))
	send_ra(param.iface, interface, NULL); 
    }
  
  return next_event;
}

static int iface_search(struct in6_addr *local,  int prefix,
			int scope, int if_index, int dad, void *vparam)
{
  struct search_param *param = vparam;
  struct dhcp_context *context;

  (void)scope;
  (void)dad;
 
  for (context = daemon->ra_contexts; context; context = context->next)
    if (prefix == context->prefix &&
	is_same_net6(local, &context->start6, prefix) &&
	is_same_net6(local, &context->end6, prefix))
      if (context->ra_time != 0 && difftime(context->ra_time, param->now) <= 0.0)
	{
	  /* found an interface that's overdue for RA determine new 
	     timeout value and zap other contexts on the same interface 
	     so they don't timeout independently .*/
	  param->iface = if_index;
	  
	  if (difftime(param->now, ra_short_period_start) < 60.0)
	    /* range 5 - 20 */
	    context->ra_time = param->now + 5 + (rand16()/4400);
	  else
	    /* range 450 - 600 */
	    context->ra_time = param->now + 450 + (rand16()/440);
	  
	  return 0; /* found, abort */
	}
  
  return 1; /* keep searching */
}


#endif
Commit	Line	Data
c5ad4e79 SK	1	/* dnsmasq is Copyright (c) 2000-2012 Simon Kelley
	2
	3	This program is free software; you can redistribute it and/or modify
	4	it under the terms of the GNU General Public License as published by
	5	the Free Software Foundation; version 2 dated June, 1991, or
	6	(at your option) version 3 dated 29 June, 2007.
	7
	8	This program is distributed in the hope that it will be useful,
	9	but WITHOUT ANY WARRANTY; without even the implied warranty of
	10	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	11	GNU General Public License for more details.
	12
	13	You should have received a copy of the GNU General Public License
	14	along with this program. If not, see <http://www.gnu.org/licenses/>.
	15	*/
	16
	17
843c96b4	18	/* NB. This code may be called during a DHCPv4 or transaction which is in ping-wait
c5ad4e79	19	It therefore cannot use any DHCP buffer resources except outpacket, which is
843c96b4 SK	20	not used by DHCPv4 code. This code may also be called when DHCP 4 or 6 isn't
843c96b4 SK	21	active, so we ensure that outpacket is allocated here too */
c5ad4e79 SK	22
c5ad4e79 SK	23	#include "dnsmasq.h"
c5ad4e79 SK	24
	25	#ifdef HAVE_DHCP6
	26
22d904db SK	27	#include <netinet/icmp6.h>
22d904db SK	28
c5ad4e79	29	struct ra_param {
30cd9666	30	int ind, managed, other, found_context, first;
c5ad4e79 SK	31	char *if_name;
	32	struct in6_addr link_local;
	33	};
	34
	35	struct search_param {
	36	time_t now; int iface;
	37	};
	38
	39	static void send_ra(int iface, char iface_name, struct in6_addr dest);
	40	static int add_prefixes(struct in6_addr *local, int prefix,
	41	int scope, int if_index, int dad, void *vparam);
	42	static int iface_search(struct in6_addr *local, int prefix,
	43	int scope, int if_index, int dad, void *vparam);
	44	static int add_lla(int index, unsigned int type, char mac, size_t maclen, void parm);
	45
c5379c1a	46	static int hop_limit;
c5ad4e79 SK	47	static time_t ra_short_period_start;
	48
	49	void ra_init(time_t now)
	50	{
c5ad4e79 SK	51	struct icmp6_filter filter;
	52	int fd;
	53	#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
	54	int class = IPTOS_CLASS_CS6;
	55	#endif
	56	int val = 255; /* radvd uses this value */
7b6dd880	57	socklen_t len = sizeof(int);
353ae4d2 SK	58	struct dhcp_context *context;
353ae4d2 SK	59
843c96b4 SK	60	/* ensure this is around even if we're not doing DHCPv6 */
843c96b4 SK	61	expand_buf(&daemon->outpacket, sizeof(struct dhcp_packet));
353ae4d2 SK	62
	63	/* See if we're guessing SLAAC addresses, if so we need to recieve ping replies */
	64	for (context = daemon->ra_contexts; context; context = context->next)
	65	if ((context->flags & CONTEXT_RA_NAME))
	66	break;
	67
c5ad4e79 SK	68	ICMP6_FILTER_SETBLOCKALL(&filter);
c5ad4e79 SK	69	ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filter);
353ae4d2 SK	70	if (context)
353ae4d2 SK	71	ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filter);
c5ad4e79 SK	72
c5ad4e79 SK	73	if ((fd = socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) == -1 \|\|
c5379c1a	74	getsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &hop_limit, &len) \|\|
c5ad4e79 SK	75	#if defined(IP_TOS) && defined(IPTOS_CLASS_CS6)
	76	setsockopt(fd, IPPROTO_IPV6, IPV6_TCLASS, &class, sizeof(class)) == -1 \|\|
	77	#endif
	78	!fix_fd(fd) \|\|
	79	!set_ipv6pktinfo(fd) \|\|
	80	setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &val, sizeof(val)) \|\|
	81	setsockopt(fd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &val, sizeof(val)) \|\|
	82	setsockopt(fd, IPPROTO_ICMPV6, ICMP6_FILTER, &filter, sizeof(filter)) == -1)
	83	die (_("cannot create ICMPv6 socket: %s"), NULL, EC_BADNET);
	84
	85	daemon->icmp6fd = fd;
	86
353ae4d2	87	ra_start_unsolicted(now, NULL);
c5ad4e79 SK	88	}
c5ad4e79 SK	89
353ae4d2	90	void ra_start_unsolicted(time_t now, struct dhcp_context *context)
c5ad4e79	91	{
353ae4d2	92	/* init timers so that we do ra's for some/all soon. some ra_times will end up zeroed
c5ad4e79 SK	93	if it's not appropriate to advertise those contexts.
	94	This gets re-called on a netlink route-change to re-do the advertisement
	95	and pick up new interfaces */
	96
353ae4d2 SK	97	if (context)
	98	context->ra_time = now;
	99	else
	100	for (context = daemon->ra_contexts; context; context = context->next)
	101	context->ra_time = now + (rand16()/13000); /* range 0 - 5 */
c5ad4e79	102
22d904db	103	/* re-do frequently for a minute or so, in case the first gets lost. */
c5ad4e79 SK	104	ra_short_period_start = now;
	105	}
	106
	107	void icmp6_packet(void)
	108	{
	109	char interface[IF_NAMESIZE+1];
	110	ssize_t sz;
	111	int if_index = 0;
	112	struct cmsghdr *cmptr;
	113	struct msghdr msg;
	114	union {
	115	struct cmsghdr align; /* this ensures alignment */
	116	char control6[CMSG_SPACE(sizeof(struct in6_pktinfo))];
	117	} control_u;
	118	struct sockaddr_in6 from;
	119	unsigned char *p;
	120	char *mac = "";
	121	struct iname *tmp;
	122	struct dhcp_context *context;
	123
	124	/* Note: use outpacket for input buffer */
	125	msg.msg_control = control_u.control6;
	126	msg.msg_controllen = sizeof(control_u);
	127	msg.msg_flags = 0;
	128	msg.msg_name = &from;
	129	msg.msg_namelen = sizeof(from);
	130	msg.msg_iov = &daemon->outpacket;
	131	msg.msg_iovlen = 1;
	132
	133	if ((sz = recv_dhcp_packet(daemon->icmp6fd, &msg)) == -1 \|\| sz < 8)
	134	return;
	135
	136	for (cmptr = CMSG_FIRSTHDR(&msg); cmptr; cmptr = CMSG_NXTHDR(&msg, cmptr))
	137	if (cmptr->cmsg_level == IPPROTO_IPV6 && cmptr->cmsg_type == daemon->v6pktinfo)
	138	{
	139	union {
	140	unsigned char *c;
	141	struct in6_pktinfo *p;
	142	} p;
	143	p.c = CMSG_DATA(cmptr);
	144
	145	if_index = p.p->ipi6_ifindex;
	146	}
	147
	148	if (!indextoname(daemon->icmp6fd, if_index, interface))
	149	return;
	150
	151	if (!iface_check(AF_LOCAL, NULL, interface))
	152	return;
	153
	154	for (tmp = daemon->dhcp_except; tmp; tmp = tmp->next)
	155	if (tmp->name && (strcmp(tmp->name, interface) == 0))
	156	return;
	157
	158	/* weird libvirt-inspired access control */
	159	for (context = daemon->dhcp6; context; context = context->next)
	160	if (!context->interface \|\| strcmp(context->interface, interface) == 0)
	161	break;
	162
	163	if (!context)
	164	return;
	165
	166	p = (unsigned char *)daemon->outpacket.iov_base;
	167
353ae4d2 SK	168	if (p[1] != 0)
	169	return;
	170
	171	if (p[0] == ICMP6_ECHO_REPLY)
	172	{
	173	/* We may be doing RA but not DHCPv4, in which case the lease
	174	database may not exist and we have nothing to do anyway */
	175	if (daemon->dhcp)
	176	lease_ping_reply(&from.sin6_addr, p, interface);
	177	return;
	178	}
	179
	180	if (p[0] != ND_ROUTER_SOLICIT)
c5ad4e79 SK	181	return;
	182
	183	/* look for link-layer address option for logging */
	184	if (sz >= 16 && p[8] == ICMP6_OPT_SOURCE_MAC && (p[9] * 8) + 8 <= sz)
	185	{
	186	print_mac(daemon->namebuff, &p[10], (p[9] * 8) - 2);
	187	mac = daemon->namebuff;
	188	}
	189
	190	my_syslog(MS_DHCP \| LOG_INFO, "RTR-SOLICIT(%s) %s", interface, mac);
	191
	192	send_ra(if_index, interface, &from.sin6_addr);
	193	}
	194
	195	static void send_ra(int iface, char iface_name, struct in6_addr dest)
	196	{
	197	struct ra_packet *ra;
	198	struct ra_param parm;
	199	struct ifreq ifr;
	200	struct sockaddr_in6 addr;
	201	struct dhcp_context *context;
29689cfa	202
c5ad4e79 SK	203	save_counter(0);
	204	ra = expand(sizeof(struct ra_packet));
	205
353ae4d2	206	ra->type = ND_ROUTER_ADVERT;
c5ad4e79	207	ra->code = 0;
c5379c1a	208	ra->hop_limit = hop_limit;
884a6dfe	209	ra->flags = 0x00;
c5ad4e79 SK	210	ra->lifetime = htons(1800); /* AdvDefaultLifetime*/
	211	ra->reachable_time = 0;
	212	ra->retrans_time = 0;
	213
	214	parm.ind = iface;
	215	parm.managed = 0;
30cd9666	216	parm.other = 0;
c5ad4e79 SK	217	parm.found_context = 0;
	218	parm.if_name = iface_name;
	219	parm.first = 1;
	220
	221	for (context = daemon->ra_contexts; context; context = context->next)
	222	context->flags &= ~CONTEXT_RA_DONE;
	223
	224	if (!iface_enumerate(AF_INET6, &parm, add_prefixes) \|\|
	225	!parm.found_context)
	226	return;
	227
	228	strncpy(ifr.ifr_name, iface_name, IF_NAMESIZE);
	229
	230	if (ioctl(daemon->icmp6fd, SIOCGIFMTU, &ifr) != -1)
	231	{
	232	put_opt6_char(ICMP6_OPT_MTU);
	233	put_opt6_char(1);
	234	put_opt6_short(0);
	235	put_opt6_long(ifr.ifr_mtu);
	236	}
	237
	238	iface_enumerate(AF_LOCAL, &iface, add_lla);
	239
	240	/* RDNSS, RFC 6106 */
	241	put_opt6_char(ICMP6_OPT_RDNSS);
	242	put_opt6_char(3);
	243	put_opt6_short(0);
	244	put_opt6_long(1800); /* lifetime - twice RA retransmit */
	245	put_opt6(&parm.link_local, IN6ADDRSZ);
	246
	247
	248	/* set managed bits unless we're providing only RA on this link */
	249	if (parm.managed)
30cd9666 SK	250	ra->flags \|= 0x80; /* M flag, managed, */
	251	if (parm.other)
	252	ra->flags \|= 0x40; /* O flag, other */
	253
c5ad4e79 SK	254	/* decide where we're sending */
c5ad4e79 SK	255	memset(&addr, 0, sizeof(addr));
22d904db SK	256	#ifdef HAVE_SOCKADDR_SA_LEN
	257	addr.sin6_len = sizeof(struct sockaddr_in6);
	258	#endif
c5ad4e79 SK	259	addr.sin6_family = AF_INET6;
	260	addr.sin6_port = htons(IPPROTO_ICMPV6);
	261	if (dest)
	262	{
353ae4d2	263	addr.sin6_addr = *dest;
c5ad4e79 SK	264	if (IN6_IS_ADDR_LINKLOCAL(dest) \|\|
	265	IN6_IS_ADDR_MC_LINKLOCAL(dest))
	266	addr.sin6_scope_id = iface;
	267	}
	268	else
22d904db SK	269	inet_pton(AF_INET6, ALL_HOSTS, &addr.sin6_addr);
22d904db SK	270
c5ad4e79	271	send_from(daemon->icmp6fd, 0, daemon->outpacket.iov_base, save_counter(0),
29689cfa	272	(union mysockaddr )&addr, (struct all_addr )&parm.link_local, iface, NULL);
c5ad4e79 SK	273
	274	}
	275
	276	static int add_prefixes(struct in6_addr *local, int prefix,
	277	int scope, int if_index, int dad, void *vparam)
	278	{
	279	struct dhcp_context context, tmp;
	280	struct ra_param *param = vparam;
	281	struct prefix_opt *opt;
	282
	283	(void)scope; /* warning */
	284	(void)dad;
	285
	286	if (if_index == param->ind)
	287	{
	288	if (IN6_IS_ADDR_LINKLOCAL(local))
	289	param->link_local = *local;
	290	else if (!IN6_IS_ADDR_LOOPBACK(local) &&
	291	!IN6_IS_ADDR_LINKLOCAL(local) &&
	292	!IN6_IS_ADDR_MULTICAST(local))
	293	{
	294	for (context = daemon->ra_contexts; context; context = context->next)
	295	if (prefix == context->prefix &&
	296	is_same_net6(local, &context->start6, prefix) &&
	297	is_same_net6(local, &context->end6, prefix))
	298	{
884a6dfe SK	299	int do_slaac = 0;
884a6dfe SK	300
30cd9666 SK	301	if ((context->flags &
	302	(CONTEXT_RA_ONLY \| CONTEXT_RA_NAME \| CONTEXT_RA_STATELESS)))
	303	{
	304	do_slaac = 1;
	305	if (context->flags & CONTEXT_RA_STATELESS)
	306	param->other = 1;
	307	}
884a6dfe	308	else
0010b474 SK	309	{
	310	/* don't do RA for non-ra-only unless --enable-ra is set */
	311	if (!option_bool(OPT_RA))
	312	continue;
	313	param->managed = 1;
30cd9666	314	param->other = 1;
0010b474 SK	315	}
0010b474 SK	316
c5ad4e79 SK	317	if (context->flags & CONTEXT_RA_DONE)
	318	continue;
	319
	320	/* subsequent prefixes on the same interface don't need timers */
	321	if (!param->first)
	322	context->ra_time = 0;
	323	param->first = 0;
	324	param->found_context = 1;
	325	context->flags \|= CONTEXT_RA_DONE;
	326
	327	/* mark this subnet and duplicates: as done. */
	328	for (tmp = context->next; tmp; tmp = tmp->next)
	329	if (tmp->prefix == prefix &&
	330	is_same_net6(local, &tmp->start6, prefix) &&
	331	is_same_net6(local, &tmp->end6, prefix))
	332	{
	333	tmp->flags \|= CONTEXT_RA_DONE;
	334	context->ra_time = 0;
30cd9666 SK	335	/* if any dhcp-range with ra-only on this subnet
	336	set the "do_slaac" bit */
	337	if (tmp->flags &
	338	(CONTEXT_RA_ONLY \| CONTEXT_RA_NAME \| CONTEXT_RA_STATELESS))
	339	{
	340	do_slaac = 1;
	341	if (context->flags & CONTEXT_RA_STATELESS)
	342	param->other = 1;
	343	}
	344	else
	345	{
	346	/* don't do RA for non-ra-only unless --enable-ra is set */
	347	if (!option_bool(OPT_RA))
	348	continue;
	349	param->managed = 1;
	350	param->other = 1;
	351	}
c5ad4e79	352	}
30cd9666	353
c5ad4e79 SK	354	if ((opt = expand(sizeof(struct prefix_opt))))
	355	{
	356	u64 addrpart = addr6part(&context->start6);
	357	u64 mask = (prefix == 64) ? (u64)-1LL : (1LLU << (128 - prefix)) - 1LLU;
	358	unsigned int time = context->lease_time;
	359
	360	/* lifetimes must be min 2 hrs, by RFC 2462 */
	361	if (time < 7200)
	362	time = 7200;
	363
	364	opt->type = ICMP6_OPT_PREFIX;
	365	opt->len = 4;
	366	opt->prefix_len = prefix;
	367	/* autonomous only is we're not doing dhcp */
884a6dfe	368	opt->flags = do_slaac ? 0x40 : 0x00;
c5ad4e79 SK	369	opt->valid_lifetime = opt->preferred_lifetime = htonl(time);
	370	opt->reserved = 0;
	371
	372	opt->prefix = context->start6;
	373	setaddr6part(&opt->prefix, addrpart & ~mask);
	374
	375	inet_ntop(AF_INET6, &opt->prefix, daemon->addrbuff, ADDRSTRLEN);
	376	my_syslog(MS_DHCP \| LOG_INFO, "RTR-ADVERT(%s) %s", param->if_name, daemon->addrbuff);
	377	}
	378	}
	379	}
	380	}
	381	return 1;
	382	}
	383
	384	static int add_lla(int index, unsigned int type, char mac, size_t maclen, void parm)
	385	{
	386	(void)type;
	387
	388	if (index == ((int )parm))
	389	{
	390	/* size is in units of 8 octets and includes type and length (2 bytes)
	391	add 7 to round up */
	392	int len = (maclen + 9) >> 3;
	393	unsigned char *p = expand(len << 3);
	394	memset(p, 0, len << 3);
	395	*p++ = ICMP6_OPT_SOURCE_MAC;
	396	*p++ = len;
	397	memcpy(p, mac, maclen);
	398
	399	return 0;
	400	}
	401
	402	return 1;
	403	}
	404
	405	time_t periodic_ra(time_t now)
	406	{
	407	struct search_param param;
	408	struct dhcp_context *context;
	409	time_t next_event;
	410	char interface[IF_NAMESIZE+1];
	411
	412	param.now = now;
	413
	414	while (1)
	415	{
	416	/* find overdue events, and time of first future event */
	417	for (next_event = 0, context = daemon->ra_contexts; context; context = context->next)
	418	if (context->ra_time != 0)
	419	{
7dbe9814	420	if (difftime(context->ra_time, now) <= 0.0)
c5ad4e79 SK	421	break; /* overdue */
c5ad4e79 SK	422
7dbe9814 SK	423	if (next_event == 0 \|\| difftime(next_event, context->ra_time) > 0.0)
7dbe9814 SK	424	next_event = context->ra_time;
c5ad4e79 SK	425	}
	426
	427	/* none overdue */
	428	if (!context)
	429	break;
	430
	431	/* There's a context overdue, but we can't find an interface
	432	associated with it, because it's for a subnet we dont
	433	have an interface on. Probably we're doing DHCP on
	434	a remote subnet via a relay. Zero the timer, since we won't
	435	ever be able to send ra's and satistfy it. */
	436	if (iface_enumerate(AF_INET6, &param, iface_search))
	437	context->ra_time = 0;
	438	else if (indextoname(daemon->icmp6fd, param.iface, interface))
	439	send_ra(param.iface, interface, NULL);
	440	}
	441
	442	return next_event;
	443	}
	444
	445	static int iface_search(struct in6_addr *local, int prefix,
	446	int scope, int if_index, int dad, void *vparam)
	447	{
	448	struct search_param *param = vparam;
741c2952	449	struct dhcp_context *context;
c5ad4e79 SK	450
	451	(void)scope;
	452	(void)dad;
	453
	454	for (context = daemon->ra_contexts; context; context = context->next)
	455	if (prefix == context->prefix &&
	456	is_same_net6(local, &context->start6, prefix) &&
	457	is_same_net6(local, &context->end6, prefix))
353ae4d2	458	if (context->ra_time != 0 && difftime(context->ra_time, param->now) <= 0.0)
c5ad4e79 SK	459	{
	460	/* found an interface that's overdue for RA determine new
	461	timeout value and zap other contexts on the same interface
	462	so they don't timeout independently .*/
	463	param->iface = if_index;
	464
	465	if (difftime(param->now, ra_short_period_start) < 60.0)
	466	/* range 5 - 20 */
	467	context->ra_time = param->now + 5 + (rand16()/4400);
	468	else
	469	/* range 450 - 600 */
	470	context->ra_time = param->now + 450 + (rand16()/440);
	471
	472	return 0; /* found, abort */
	473	}
	474
	475	return 1; /* keep searching */
	476	}
	477
801ca9a7	478
c5ad4e79	479	#endif