]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/libsystemd-network/dhcp6-option.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
strv: make iterator in STRV_FOREACH() declaread in the loop
[thirdparty/systemd.git] / src / libsystemd-network / dhcp6-option.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
f12ed3bf 2/***
810adae9 3 Copyright © 2014-2015 Intel Corporation. All rights reserved.
f12ed3bf
PF		 4***/
5
f12ed3bf 6#include <errno.h>
cf0fbc49 7#include <netinet/in.h>
f12ed3bf 8
2c1ab8ca
BG		 9#include "sd-dhcp6-client.h"
10
b5efdb8a 11#include "alloc-util.h"
f12ed3bf 12#include "dhcp6-internal.h"
3f09d563 13#include "dhcp6-option.h"
f12ed3bf 14#include "dhcp6-protocol.h"
f96ccab7 15#include "dns-domain.h"
4af39cb8 16#include "escape.h"
0a970718 17#include "memory-util.h"
b5efdb8a
LP		 18#include "strv.h"
19#include "unaligned.h"
f12ed3bf 20
990668aa
LP		 21#define DHCP6_OPTION_IA_NA_LEN (sizeof(struct ia_na))
22#define DHCP6_OPTION_IA_PD_LEN (sizeof(struct ia_pd))
23#define DHCP6_OPTION_IA_TA_LEN (sizeof(struct ia_ta))
f12ed3bf 24
fea8c180
YW		 25bool dhcp6_option_can_request(uint16_t option) {
26 /* See Client ORO field in
27 * https://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml#dhcpv6-parameters-2 */
28
29 switch (option) {
30 case SD_DHCP6_OPTION_CLIENTID:
31 case SD_DHCP6_OPTION_SERVERID:
32 case SD_DHCP6_OPTION_IA_NA:
33 case SD_DHCP6_OPTION_IA_TA:
34 case SD_DHCP6_OPTION_IAADDR:
35 case SD_DHCP6_OPTION_ORO:
36 case SD_DHCP6_OPTION_PREFERENCE:
37 case SD_DHCP6_OPTION_ELAPSED_TIME:
38 case SD_DHCP6_OPTION_RELAY_MSG:
39 case SD_DHCP6_OPTION_AUTH:
40 case SD_DHCP6_OPTION_UNICAST:
41 case SD_DHCP6_OPTION_STATUS_CODE:
42 case SD_DHCP6_OPTION_RAPID_COMMIT:
43 case SD_DHCP6_OPTION_USER_CLASS:
44 case SD_DHCP6_OPTION_VENDOR_CLASS:
45 return false;
46 case SD_DHCP6_OPTION_VENDOR_OPTS:
47 return true;
48 case SD_DHCP6_OPTION_INTERFACE_ID:
49 case SD_DHCP6_OPTION_RECONF_MSG:
50 case SD_DHCP6_OPTION_RECONF_ACCEPT:
51 return false;
52 case SD_DHCP6_OPTION_SIP_SERVER_DOMAIN_NAME:
53 case SD_DHCP6_OPTION_SIP_SERVER_ADDRESS:
54 case SD_DHCP6_OPTION_DNS_SERVERS:
55 case SD_DHCP6_OPTION_DOMAIN_LIST:
56 return true;
57 case SD_DHCP6_OPTION_IA_PD:
58 case SD_DHCP6_OPTION_IA_PD_PREFIX:
59 return false;
60 case SD_DHCP6_OPTION_NIS_SERVERS:
61 case SD_DHCP6_OPTION_NISP_SERVERS:
62 case SD_DHCP6_OPTION_NIS_DOMAIN_NAME:
63 case SD_DHCP6_OPTION_NISP_DOMAIN_NAME:
64 case SD_DHCP6_OPTION_SNTP_SERVERS:
65 case SD_DHCP6_OPTION_INFORMATION_REFRESH_TIME:
66 case SD_DHCP6_OPTION_BCMCS_SERVER_D:
67 case SD_DHCP6_OPTION_BCMCS_SERVER_A:
68 case SD_DHCP6_OPTION_GEOCONF_CIVIC:
69 return true;
70 case SD_DHCP6_OPTION_REMOTE_ID:
71 case SD_DHCP6_OPTION_SUBSCRIBER_ID:
72 return false;
73 case SD_DHCP6_OPTION_CLIENT_FQDN:
74 case SD_DHCP6_OPTION_PANA_AGENT:
3d80c57b
YW		 75 case SD_DHCP6_OPTION_POSIX_TIMEZONE:
76 case SD_DHCP6_OPTION_TZDB_TIMEZONE:
fea8c180
YW		 77 return true;
78 case SD_DHCP6_OPTION_ERO:
79 case SD_DHCP6_OPTION_LQ_QUERY:
80 case SD_DHCP6_OPTION_CLIENT_DATA:
81 case SD_DHCP6_OPTION_CLT_TIME:
82 case SD_DHCP6_OPTION_LQ_RELAY_DATA:
83 case SD_DHCP6_OPTION_LQ_CLIENT_LINK:
84 return false;
85 case SD_DHCP6_OPTION_MIP6_HNIDF:
86 case SD_DHCP6_OPTION_MIP6_VDINF:
87 case SD_DHCP6_OPTION_V6_LOST:
88 case SD_DHCP6_OPTION_CAPWAP_AC_V6:
89 return true;
90 case SD_DHCP6_OPTION_RELAY_ID:
91 return false;
92 case SD_DHCP6_OPTION_IPV6_ADDRESS_MOS:
93 case SD_DHCP6_OPTION_IPV6_FQDN_MOS:
94 case SD_DHCP6_OPTION_NTP_SERVER:
95 case SD_DHCP6_OPTION_V6_ACCESS_DOMAIN:
96 case SD_DHCP6_OPTION_SIP_UA_CS_LIST:
97 case SD_DHCP6_OPTION_BOOTFILE_URL:
98 case SD_DHCP6_OPTION_BOOTFILE_PARAM:
99 return true;
100 case SD_DHCP6_OPTION_CLIENT_ARCH_TYPE:
101 return false;
102 case SD_DHCP6_OPTION_NII:
103 case SD_DHCP6_OPTION_GEOLOCATION:
104 case SD_DHCP6_OPTION_AFTR_NAME:
105 case SD_DHCP6_OPTION_ERP_LOCAL_DOMAIN_NAME:
106 return true;
107 case SD_DHCP6_OPTION_RSOO:
108 return false;
109 case SD_DHCP6_OPTION_PD_EXCLUDE:
110 return true;
111 case SD_DHCP6_OPTION_VSS:
112 return false;
113 case SD_DHCP6_OPTION_MIP6_IDINF:
114 case SD_DHCP6_OPTION_MIP6_UDINF:
115 case SD_DHCP6_OPTION_MIP6_HNP:
116 case SD_DHCP6_OPTION_MIP6_HAA:
117 case SD_DHCP6_OPTION_MIP6_HAF:
118 case SD_DHCP6_OPTION_RDNSS_SELECTION:
119 case SD_DHCP6_OPTION_KRB_PRINCIPAL_NAME:
120 case SD_DHCP6_OPTION_KRB_REALM_NAME:
121 case SD_DHCP6_OPTION_KRB_DEFAULT_REALM_NAME:
122 case SD_DHCP6_OPTION_KRB_KDC:
123 return true;
124 case SD_DHCP6_OPTION_CLIENT_LINKLAYER_ADDR:
125 case SD_DHCP6_OPTION_LINK_ADDRESS:
126 case SD_DHCP6_OPTION_RADIUS:
127 return false;
128 case SD_DHCP6_OPTION_SOL_MAX_RT:
129 case SD_DHCP6_OPTION_INF_MAX_RT:
130 case SD_DHCP6_OPTION_ADDRSEL:
131 case SD_DHCP6_OPTION_ADDRSEL_TABLE:
132 case SD_DHCP6_OPTION_V6_PCP_SERVER:
133 return true;
134 case SD_DHCP6_OPTION_DHCPV4_MSG:
135 return false;
136 case SD_DHCP6_OPTION_DHCP4_O_DHCP6_SERVER:
137 return true;
138 case SD_DHCP6_OPTION_S46_RULE:
139 return false;
140 case SD_DHCP6_OPTION_S46_BR:
141 return true;
142 case SD_DHCP6_OPTION_S46_DMR:
143 case SD_DHCP6_OPTION_S46_V4V6BIND:
144 case SD_DHCP6_OPTION_S46_PORTPARAMS:
145 return false;
146 case SD_DHCP6_OPTION_S46_CONT_MAPE:
147 case SD_DHCP6_OPTION_S46_CONT_MAPT:
148 case SD_DHCP6_OPTION_S46_CONT_LW:
149 case SD_DHCP6_OPTION_4RD:
150 case SD_DHCP6_OPTION_4RD_MAP_RULE:
151 case SD_DHCP6_OPTION_4RD_NON_MAP_RULE:
152 return true;
153 case SD_DHCP6_OPTION_LQ_BASE_TIME:
154 case SD_DHCP6_OPTION_LQ_START_TIME:
155 case SD_DHCP6_OPTION_LQ_END_TIME:
156 return false;
157 case SD_DHCP6_OPTION_CAPTIVE_PORTAL:
158 case SD_DHCP6_OPTION_MPL_PARAMETERS:
159 return true;
160 case SD_DHCP6_OPTION_ANI_ATT:
161 case SD_DHCP6_OPTION_ANI_NETWORK_NAME:
162 case SD_DHCP6_OPTION_ANI_AP_NAME:
163 case SD_DHCP6_OPTION_ANI_AP_BSSID:
164 case SD_DHCP6_OPTION_ANI_OPERATOR_ID:
165 case SD_DHCP6_OPTION_ANI_OPERATOR_REALM:
166 return false;
167 case SD_DHCP6_OPTION_S46_PRIORITY:
168 return true;
169 case SD_DHCP6_OPTION_MUD_URL_V6:
170 return false;
171 case SD_DHCP6_OPTION_V6_PREFIX64:
172 return true;
173 case SD_DHCP6_OPTION_F_BINDING_STATUS:
174 case SD_DHCP6_OPTION_F_CONNECT_FLAGS:
175 case SD_DHCP6_OPTION_F_DNS_REMOVAL_INFO:
176 case SD_DHCP6_OPTION_F_DNS_HOST_NAME:
177 case SD_DHCP6_OPTION_F_DNS_ZONE_NAME:
178 case SD_DHCP6_OPTION_F_DNS_FLAGS:
179 case SD_DHCP6_OPTION_F_EXPIRATION_TIME:
180 case SD_DHCP6_OPTION_F_MAX_UNACKED_BNDUPD:
181 case SD_DHCP6_OPTION_F_MCLT:
182 case SD_DHCP6_OPTION_F_PARTNER_LIFETIME:
183 case SD_DHCP6_OPTION_F_PARTNER_LIFETIME_SENT:
184 case SD_DHCP6_OPTION_F_PARTNER_DOWN_TIME:
185 case SD_DHCP6_OPTION_F_PARTNER_RAW_CLT_TIME:
186 case SD_DHCP6_OPTION_F_PROTOCOL_VERSION:
187 case SD_DHCP6_OPTION_F_KEEPALIVE_TIME:
188 case SD_DHCP6_OPTION_F_RECONFIGURE_DATA:
189 case SD_DHCP6_OPTION_F_RELATIONSHIP_NAME:
190 case SD_DHCP6_OPTION_F_SERVER_FLAGS:
191 case SD_DHCP6_OPTION_F_SERVER_STATE:
192 case SD_DHCP6_OPTION_F_START_TIME_OF_STATE:
193 case SD_DHCP6_OPTION_F_STATE_EXPIRATION_TIME:
194 case SD_DHCP6_OPTION_RELAY_PORT:
195 return false;
196 case SD_DHCP6_OPTION_V6_SZTP_REDIRECT:
197 case SD_DHCP6_OPTION_S46_BIND_IPV6_PREFIX:
198 return true;
199 case SD_DHCP6_OPTION_IA_LL:
200 case SD_DHCP6_OPTION_LLADDR:
201 case SD_DHCP6_OPTION_SLAP_QUAD:
202 return false;
203 case SD_DHCP6_OPTION_V6_DOTS_RI:
204 case SD_DHCP6_OPTION_V6_DOTS_ADDRESS:
205 case SD_DHCP6_OPTION_IPV6_ADDRESS_ANDSF:
206 return true;
207 default:
208 return false;
209 }
210}
211
cf6c33bd 212static int option_append_hdr(uint8_t **buf, size_t *buflen, uint16_t optcode, size_t optlen) {
f12ed3bf
PF		 213 assert_return(buf, -EINVAL);
214 assert_return(*buf, -EINVAL);
215 assert_return(buflen, -EINVAL);
216
20b55f85 217 if (optlen > 0xffff || *buflen < optlen + offsetof(DHCP6Option, data))
f12ed3bf
PF		 218 return -ENOBUFS;
219
0123b2db
YW		 220 unaligned_write_be16(*buf + offsetof(DHCP6Option, code), optcode);
221 unaligned_write_be16(*buf + offsetof(DHCP6Option, len), optlen);
f12ed3bf 222
20b55f85
LP		 223 *buf += offsetof(DHCP6Option, data);
224 *buflen -= offsetof(DHCP6Option, data);
f12ed3bf
PF		 225
226 return 0;
227}
228
229int dhcp6_option_append(uint8_t **buf, size_t *buflen, uint16_t code,
230 size_t optlen, const void *optval) {
231 int r;
232
ed6ee219 233 assert_return(optval || optlen == 0, -EINVAL);
f12ed3bf
PF		 234
235 r = option_append_hdr(buf, buflen, code, optlen);
236 if (r < 0)
237 return r;
238
37598ac6 239 *buf = mempcpy_safe(*buf, optval, optlen);
f12ed3bf
PF		 240 *buflen -= optlen;
241
242 return 0;
243}
244
9e4dee4c 245int dhcp6_option_append_vendor_option(uint8_t **buf, size_t *buflen, OrderedSet *vendor_options) {
99ccb8ff 246 sd_dhcp6_option *options;
99ccb8ff
SS		 247 int r;
248
249 assert(buf);
250 assert(*buf);
251 assert(buflen);
252 assert(vendor_options);
253
9e4dee4c 254 ORDERED_SET_FOREACH(options, vendor_options) {
99ccb8ff
SS		 255 _cleanup_free_ uint8_t *p = NULL;
256 size_t total;
257
258 total = 4 + 2 + 2 + options->length;
259
260 p = malloc(total);
261 if (!p)
262 return -ENOMEM;
263
264 unaligned_write_be32(p, options->enterprise_identifier);
265 unaligned_write_be16(p + 4, options->option);
266 unaligned_write_be16(p + 6, options->length);
267 memcpy(p + 8, options->data, options->length);
268
269 r = dhcp6_option_append(buf, buflen, SD_DHCP6_OPTION_VENDOR_OPTS, total, p);
270 if (r < 0)
271 return r;
272 }
273
274 return 0;
275}
276
29858a0f
YW		 277static int option_append_ia_address(uint8_t **buf, size_t *buflen, const struct iaaddr *address) {
278 struct iaaddr a;
f12ed3bf
PF		 279 int r;
280
29858a0f
YW		 281 assert(buf);
282 assert(*buf);
283 assert(buflen);
284 assert(address);
e7613578 285
29858a0f
YW		 286 /* Do not append T1 and T2. */
287 a = (struct iaaddr) {
288 .address = address->address,
289 };
f12ed3bf 290
29858a0f
YW		 291 r = option_append_hdr(buf, buflen, SD_DHCP6_OPTION_IAADDR, sizeof(struct iaaddr));
292 if (r < 0)
293 return r;
f12ed3bf 294
37598ac6 295 *buf = mempcpy(*buf, &a, sizeof(struct iaaddr));
29858a0f 296 *buflen -= sizeof(struct iaaddr);
f12ed3bf 297
29858a0f 298 return offsetof(DHCP6Option, data) + sizeof(struct iaaddr);
f12ed3bf
PF		 299}
300
29858a0f 301static int option_append_pd_prefix(uint8_t **buf, size_t *buflen, const struct iapdprefix *prefix) {
73b49d43
YW		 302 struct iapdprefix p;
303 int r;
304
305 assert(buf);
306 assert(*buf);
307 assert(buflen);
308 assert(prefix);
309
29858a0f 310 if (prefix->prefixlen == 0)
73b49d43
YW		 311 return -EINVAL;
312
313 /* Do not append T1 and T2. */
73b49d43 314 p = (struct iapdprefix) {
29858a0f
YW		 315 .prefixlen = prefix->prefixlen,
316 .address = prefix->address,
73b49d43
YW		 317 };
318
319 r = option_append_hdr(buf, buflen, SD_DHCP6_OPTION_IA_PD_PREFIX, sizeof(struct iapdprefix));
320 if (r < 0)
321 return r;
322
37598ac6 323 *buf = mempcpy(*buf, &p, sizeof(struct iapdprefix));
73b49d43
YW		 324 *buflen -= sizeof(struct iapdprefix);
325
326 return offsetof(DHCP6Option, data) + sizeof(struct iapdprefix);
327}
328
29858a0f 329int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, const DHCP6IA *ia) {
4b0f2717 330 struct ia_header header;
29858a0f
YW		 331 size_t ia_buflen;
332 uint8_t *ia_hdr;
333 uint16_t len;
73b49d43
YW		 334 int r;
335
336 assert_return(buf, -EINVAL);
337 assert_return(*buf, -EINVAL);
338 assert_return(buflen, -EINVAL);
29858a0f 339 assert_return(ia, -EINVAL);
73b49d43 340
29858a0f
YW		 341 /* client should not send set T1 and T2. See, RFC 8415, and issue #18090. */
342
343 switch (ia->type) {
344 case SD_DHCP6_OPTION_IA_NA:
345 case SD_DHCP6_OPTION_IA_PD:
346 len = sizeof(struct ia_header);
347 header = (struct ia_header) {
348 .id = ia->header.id,
349 };
350 break;
351
352 case SD_DHCP6_OPTION_IA_TA:
37598ac6 353 len = sizeof(header.id); /* IA_TA does not have lifetime. */
29858a0f
YW		 354 header = (struct ia_header) {
355 .id = ia->header.id,
356 };
357 break;
358
359 default:
360 assert_not_reached();
361 }
73b49d43
YW		 362
363 if (*buflen < offsetof(DHCP6Option, data) + len)
364 return -ENOBUFS;
365
29858a0f
YW		 366 ia_hdr = *buf;
367 ia_buflen = *buflen;
73b49d43
YW		 368
369 /* The header will be written at the end of this function. */
370 *buf += offsetof(DHCP6Option, data);
371 *buflen -= offsetof(DHCP6Option, data);
372
37598ac6 373 *buf = mempcpy(*buf, &header, len);
4b0f2717 374 *buflen -= len;
73b49d43 375
29858a0f
YW		 376 LIST_FOREACH(addresses, addr, ia->addresses) {
377 if (ia->type == SD_DHCP6_OPTION_IA_PD)
378 r = option_append_pd_prefix(buf, buflen, &addr->iapdprefix);
379 else
380 r = option_append_ia_address(buf, buflen, &addr->iaaddr);
73b49d43 381 if (r < 0)
73b49d43
YW		 382 return r;
383
384 len += r;
385 }
386
29858a0f 387 return option_append_hdr(&ia_hdr, &ia_buflen, ia->type, len);
73b49d43
YW		 388}
389
8006aa32 390int dhcp6_option_append_fqdn(uint8_t **buf, size_t *buflen, const char *fqdn) {
5e55cde9 391 uint8_t buffer[1 + DNS_WIRE_FORMAT_HOSTNAME_MAX];
8006aa32
SA		 392 int r;
393
394 assert_return(buf && *buf && buflen && fqdn, -EINVAL);
395
396 buffer[0] = DHCP6_FQDN_FLAG_S; /* Request server to perform AAAA RR DNS updates */
397
398 /* Store domain name after flags field */
399 r = dns_name_to_wire_format(fqdn, buffer + 1, sizeof(buffer) - 1, false);
400 if (r <= 0)
401 return r;
402
403 /*
404 * According to RFC 4704, chapter 4.2 only add terminating zero-length
405 * label in case a FQDN is provided. Since dns_name_to_wire_format
406 * always adds terminating zero-length label remove if only a hostname
407 * is provided.
408 */
409 if (dns_name_is_single_label(fqdn))
410 r--;
411
f5e3619b 412 r = dhcp6_option_append(buf, buflen, SD_DHCP6_OPTION_CLIENT_FQDN, 1 + r, buffer);
8006aa32
SA		 413
414 return r;
415}
416
5a99444e 417int dhcp6_option_append_user_class(uint8_t **buf, size_t *buflen, char * const *user_class) {
33923925
SS		 418 _cleanup_free_ uint8_t *p = NULL;
419 size_t total = 0, offset = 0;
33923925 420
5a99444e
YW		 421 assert(buf);
422 assert(*buf);
423 assert(buflen);
424 assert(!strv_isempty(user_class));
33923925
SS		 425
426 STRV_FOREACH(s, user_class) {
427 size_t len = strlen(*s);
428 uint8_t *q;
429
5a99444e
YW		 430 if (len > 0xffff || len == 0)
431 return -EINVAL;
33923925
SS		 432 q = realloc(p, total + len + 2);
433 if (!q)
434 return -ENOMEM;
435
436 p = q;
437
438 unaligned_write_be16(&p[offset], len);
439 memcpy(&p[offset + 2], *s, len);
440
441 offset += 2 + len;
442 total += 2 + len;
443 }
444
445 return dhcp6_option_append(buf, buflen, SD_DHCP6_OPTION_USER_CLASS, total, p);
446}
447
019951ec 448int dhcp6_option_append_vendor_class(uint8_t **buf, size_t *buflen, char * const *vendor_class) {
73c8ced7
SS		 449 _cleanup_free_ uint8_t *p = NULL;
450 uint32_t enterprise_identifier;
451 size_t total, offset;
73c8ced7
SS		 452
453 assert(buf);
454 assert(*buf);
455 assert(buflen);
019951ec 456 assert(!strv_isempty(vendor_class));
73c8ced7
SS		 457
458 enterprise_identifier = htobe32(SYSTEMD_PEN);
459
460 p = memdup(&enterprise_identifier, sizeof(enterprise_identifier));
461 if (!p)
462 return -ENOMEM;
463
464 total = sizeof(enterprise_identifier);
465 offset = total;
466
467 STRV_FOREACH(s, vendor_class) {
468 size_t len = strlen(*s);
469 uint8_t *q;
470
019951ec
YW		 471 if (len > UINT16_MAX || len == 0)
472 return -EINVAL;
473
73c8ced7
SS		 474 q = realloc(p, total + len + 2);
475 if (!q)
476 return -ENOMEM;
477
478 p = q;
479
480 unaligned_write_be16(&p[offset], len);
481 memcpy(&p[offset + 2], *s, len);
482
483 offset += 2 + len;
484 total += 2 + len;
485 }
486
487 return dhcp6_option_append(buf, buflen, SD_DHCP6_OPTION_VENDOR_CLASS, total, p);
488}
489
b89a3758
YW		 490int dhcp6_option_parse(
491 const uint8_t *buf,
492 size_t buflen,
493 size_t *offset,
494 uint16_t *ret_option_code,
495 size_t *ret_option_data_len,
496 const uint8_t **ret_option_data) {
c6affce8 497
b89a3758 498 size_t len;
c6affce8 499
b89a3758
YW		 500 assert(buf);
501 assert(offset);
502 assert(ret_option_code);
503 assert(ret_option_data_len);
504 assert(ret_option_data);
c6affce8 505
b89a3758
YW		 506 if (buflen < offsetof(DHCP6Option, data))
507 return -EBADMSG;
f12ed3bf 508
b89a3758
YW		 509 if (*offset >= buflen - offsetof(DHCP6Option, data))
510 return -EBADMSG;
f12ed3bf 511
0123b2db 512 len = unaligned_read_be16(buf + *offset + offsetof(DHCP6Option, len));
f12ed3bf 513
b89a3758
YW		 514 if (len > buflen - offsetof(DHCP6Option, data) - *offset)
515 return -EBADMSG;
f12ed3bf 516
0123b2db 517 *ret_option_code = unaligned_read_be16(buf + *offset + offsetof(DHCP6Option, code));
b89a3758 518 *ret_option_data_len = len;
0123b2db
YW		 519 *ret_option_data = buf + *offset + offsetof(DHCP6Option, data);
520 *offset += offsetof(DHCP6Option, data) + len;
f12ed3bf
PF		 521
522 return 0;
523}
c6affce8 524
4af39cb8
YW		 525int dhcp6_option_parse_status(const uint8_t *data, size_t data_len, char **ret_status_message) {
526 assert(data);
c6b4f32a 527
4af39cb8
YW		 528 if (data_len < sizeof(uint16_t))
529 return -EBADMSG;
530
531 if (ret_status_message) {
532 char *msg;
c6b4f32a 533
4af39cb8
YW		 534 /* The status message MUST NOT be null-terminated. See section 21.13 of RFC8415.
535 * Let's escape unsafe characters for safety. */
536 msg = cescape_length((const char*) (data + sizeof(uint16_t)), data_len - sizeof(uint16_t));
537 if (!msg)
538 return -ENOMEM;
539
540 *ret_status_message = msg;
541 }
542
543 return unaligned_read_be16(data);
544}
545
546static int dhcp6_option_parse_ia_options(sd_dhcp6_client *client, const uint8_t *buf, size_t buflen) {
547 int r;
548
4b0f2717 549 assert(buf || buflen == 0);
4af39cb8
YW		 550
551 for(size_t offset = 0; offset < buflen;) {
552 const uint8_t *data;
553 size_t data_len;
554 uint16_t code;
555
556 r = dhcp6_option_parse(buf, buflen, &offset, &code, &data_len, &data);
557 if (r < 0)
558 return r;
559
560 switch(code) {
561 case SD_DHCP6_OPTION_STATUS_CODE: {
562 _cleanup_free_ char *msg = NULL;
563
564 r = dhcp6_option_parse_status(data, data_len, &msg);
565 if (r == -ENOMEM)
566 return r;
4b0f2717 567 if (r > 0)
4af39cb8
YW		 568 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
569 "Received an IA address or PD prefix option with non-zero status: %s%s%s",
570 strempty(msg), isempty(msg) ? "" : ": ",
571 dhcp6_message_status_to_string(r));
4b0f2717
YW		 572 if (r < 0)
573 /* Let's log but ignore the invalid status option. */
574 log_dhcp6_client_errno(client, r,
575 "Received an IA address or PD prefix option with an invalid status sub option, ignoring: %m");
4af39cb8
YW		 576 break;
577 }
578 default:
579 log_dhcp6_client(client, "Received an unknown sub option %u in IA address or PD prefix, ignoring.", code);
580 }
581 }
582
583 return 0;
c6b4f32a
PF		 584}
585
4b0f2717
YW		 586static int dhcp6_option_parse_ia_address(sd_dhcp6_client *client, DHCP6IA *ia, const uint8_t *data, size_t len) {
587 _cleanup_free_ DHCP6Address *a = NULL;
0dfe2a4b
PF		 588 uint32_t lt_valid, lt_pref;
589 int r;
590
4b0f2717
YW		 591 assert(ia);
592 assert(data || len == 0);
593
594 if (!IN_SET(ia->type, SD_DHCP6_OPTION_IA_NA, SD_DHCP6_OPTION_IA_TA))
595 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
596 "Received an IA address sub-option in an invalid option, ignoring.");
0dfe2a4b 597
8a895550
YW		 598 if (len < sizeof(struct iaaddr))
599 return -EBADMSG;
0dfe2a4b 600
4b0f2717
YW		 601 a = new(DHCP6Address, 1);
602 if (!a)
603 return -ENOMEM;
604
605 memcpy(&a->iaaddr, data, sizeof(struct iaaddr));
606
607 lt_valid = be32toh(a->iaaddr.lifetime_valid);
608 lt_pref = be32toh(a->iaaddr.lifetime_preferred);
8a895550
YW		 609
610 if (lt_valid == 0)
611 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
612 "Received an IA address with zero valid lifetime, ignoring.");
613 if (lt_pref > lt_valid)
35388783 614 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
8a895550
YW		 615 "Received an IA address with preferred lifetime %"PRIu32
616 " larger than valid lifetime %"PRIu32", ignoring.",
35388783 617 lt_pref, lt_valid);
0dfe2a4b 618
8a895550
YW		 619 if (len > sizeof(struct iaaddr)) {
620 r = dhcp6_option_parse_ia_options(client, data + sizeof(struct iaaddr), len - sizeof(struct iaaddr));
1e84213a
YW		 621 if (r < 0)
622 return r;
0dfe2a4b
PF		 623 }
624
4b0f2717 625 LIST_PREPEND(addresses, ia->addresses, TAKE_PTR(a));
0dfe2a4b
PF		 626 return 0;
627}
628
4b0f2717
YW		 629static int dhcp6_option_parse_ia_pdprefix(sd_dhcp6_client *client, DHCP6IA *ia, const uint8_t *data, size_t len) {
630 _cleanup_free_ DHCP6Address *a = NULL;
f8ad4dd4
PF		 631 uint32_t lt_valid, lt_pref;
632 int r;
633
4b0f2717
YW		 634 assert(ia);
635 assert(data || len == 0);
636
637 if (ia->type != SD_DHCP6_OPTION_IA_PD)
638 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
639 "Received an PD prefix sub-option in an invalid option, ignoring");
640
8a895550 641 if (len < sizeof(struct iapdprefix))
4b0f2717
YW		 642 return -EBADMSG;
643
644 a = new(DHCP6Address, 1);
645 if (!a)
646 return -ENOMEM;
f8ad4dd4 647
4b0f2717
YW		 648 memcpy(&a->iapdprefix, data, sizeof(struct iapdprefix));
649
650 lt_valid = be32toh(a->iapdprefix.lifetime_valid);
651 lt_pref = be32toh(a->iapdprefix.lifetime_preferred);
f8ad4dd4 652
8a895550 653 if (lt_valid == 0)
35388783 654 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
8a895550
YW		 655 "Received a PD prefix with zero valid lifetime, ignoring.");
656 if (lt_pref > lt_valid)
657 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
658 "Received a PD prefix with preferred lifetime %"PRIu32
659 " larger than valid lifetime %"PRIu32", ignoring.",
35388783 660 lt_pref, lt_valid);
f8ad4dd4 661
8a895550
YW		 662 if (len > sizeof(struct iapdprefix)) {
663 r = dhcp6_option_parse_ia_options(client, data + sizeof(struct iapdprefix), len - sizeof(struct iapdprefix));
1e84213a
YW		 664 if (r < 0)
665 return r;
f8ad4dd4
PF		 666 }
667
4b0f2717 668 LIST_PREPEND(addresses, ia->addresses, TAKE_PTR(a));
f8ad4dd4
PF		 669 return 0;
670}
671
469fd57f
YW		 672int dhcp6_option_parse_ia(
673 sd_dhcp6_client *client,
469fd57f 674 be32_t iaid,
8a895550
YW		 675 uint16_t option_code,
676 size_t option_data_len,
677 const uint8_t *option_data,
e5b0b87f 678 DHCP6IA **ret) {
8a895550 679
e5b0b87f 680 _cleanup_(dhcp6_ia_freep) DHCP6IA *ia = NULL;
f4fbea7a 681 uint32_t lt_t1, lt_t2;
4b0f2717 682 size_t header_len;
4af39cb8 683 int r;
c6affce8 684
8a895550 685 assert(IN_SET(option_code, SD_DHCP6_OPTION_IA_NA, SD_DHCP6_OPTION_IA_TA, SD_DHCP6_OPTION_IA_PD));
4b0f2717 686 assert(option_data || option_data_len == 0);
8a895550 687 assert(ret);
c6affce8 688
8a895550
YW		 689 /* This will return the following:
690 * -ENOMEM: memory allocation error,
691 * -ENOANO: unmatching IAID,
692 * -EINVAL: non-zero status code, or invalid lifetime,
693 * -EBADMSG: invalid message format,
694 * -ENODATA: no valid address or PD prefix,
695 * 0: success. */
3bc424a3 696
8a895550 697 switch (option_code) {
2c1ab8ca 698 case SD_DHCP6_OPTION_IA_NA:
f8ad4dd4 699 case SD_DHCP6_OPTION_IA_PD:
4b0f2717 700 header_len = sizeof(struct ia_header);
c6affce8
PF		 701 break;
702
2c1ab8ca 703 case SD_DHCP6_OPTION_IA_TA:
4b0f2717 704 header_len = sizeof(be32_t); /* IA_TA does not have lifetime. */
c6affce8
PF		 705 break;
706
707 default:
8a895550 708 assert_not_reached();
c6affce8
PF		 709 }
710
4b0f2717
YW		 711 if (option_data_len < header_len)
712 return -EBADMSG;
713
e5b0b87f
YW		 714 ia = new(DHCP6IA, 1);
715 if (!ia)
716 return -ENOMEM;
717
718 *ia = (DHCP6IA) {
719 .type = option_code,
720 };
721 memcpy(&ia->header, option_data, header_len);
4b0f2717 722
8a895550
YW		 723 /* According to RFC8415, IAs which do not match the client's IAID should be ignored,
724 * but not necessary to ignore or refuse the whole message. */
e5b0b87f 725 if (ia->header.id != iaid)
8a895550
YW		 726 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(ENOANO),
727 "Received an IA option with a different IAID "
728 "from the one chosen by the client, ignoring.");
3bc424a3 729
4b0f2717 730 /* It is not necessary to check if the lifetime_t2 is zero here, as in that case it will be updated later. */
e5b0b87f
YW		 731 lt_t1 = be32toh(ia->header.lifetime_t1);
732 lt_t2 = be32toh(ia->header.lifetime_t2);
4b0f2717 733
8a895550
YW		 734 if (lt_t1 > lt_t2)
735 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
736 "Received an IA option with T1 %"PRIu32"sec > T2 %"PRIu32"sec, ignoring.",
737 lt_t1, lt_t2);
4b0f2717
YW		 738 if (lt_t1 == 0 && lt_t2 > 0)
739 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
740 "Received an IA option with zero T1 and non-zero T2 (%"PRIu32"sec), ignoring.",
741 lt_t2);
c6affce8 742
4b0f2717 743 for (size_t offset = header_len; offset < option_data_len;) {
8a895550
YW		 744 const uint8_t *subdata;
745 size_t subdata_len;
746 uint16_t subopt;
c6affce8 747
8a895550
YW		 748 r = dhcp6_option_parse(option_data, option_data_len, &offset, &subopt, &subdata_len, &subdata);
749 if (r < 0)
750 return r;
c6affce8 751
8a895550
YW		 752 switch (subopt) {
753 case SD_DHCP6_OPTION_IAADDR: {
e5b0b87f 754 r = dhcp6_option_parse_ia_address(client, ia, subdata, subdata_len);
8a895550 755 if (r == -ENOMEM)
aae1fa5c 756 return r;
c6affce8 757
f4fbea7a 758 /* Ignore non-critical errors in the sub-option. */
c6affce8 759 break;
8a895550
YW		 760 }
761 case SD_DHCP6_OPTION_IA_PD_PREFIX: {
e5b0b87f 762 r = dhcp6_option_parse_ia_pdprefix(client, ia, subdata, subdata_len);
8a895550 763 if (r == -ENOMEM)
aae1fa5c 764 return r;
f8ad4dd4 765
f4fbea7a 766 /* Ignore non-critical errors in the sub-option. */
f8ad4dd4 767 break;
8a895550 768 }
4af39cb8
YW		 769 case SD_DHCP6_OPTION_STATUS_CODE: {
770 _cleanup_free_ char *msg = NULL;
5c95a913 771
8a895550
YW		 772 r = dhcp6_option_parse_status(subdata, subdata_len, &msg);
773 if (r == -ENOMEM)
4af39cb8 774 return r;
4b0f2717 775 if (r > 0)
8a895550
YW		 776 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(EINVAL),
777 "Received an IA option with non-zero status: %s%s%s",
778 strempty(msg), isempty(msg) ? "" : ": ",
779 dhcp6_message_status_to_string(r));
4b0f2717
YW		 780 if (r < 0)
781 log_dhcp6_client_errno(client, r,
782 "Received an IA option with an invalid status sub option, ignoring: %m");
c6affce8 783 break;
4af39cb8 784 }
c6affce8 785 default:
8a895550 786 log_dhcp6_client(client, "Received an IA option with an unknown sub-option %u, ignoring", subopt);
c6affce8 787 }
8a895550 788 }
c6affce8 789
e5b0b87f 790 if (!ia->addresses)
8a895550
YW		 791 return log_dhcp6_client_errno(client, SYNTHETIC_ERRNO(ENODATA),
792 "Received an IA option without valid IA addresses or PD prefixes, ignoring.");
793
e5b0b87f 794 *ret = TAKE_PTR(ia);
8a895550 795 return 0;
c6affce8 796}
b553817c 797
ad3c8420
YW		 798int dhcp6_option_parse_addresses(
799 const uint8_t *optval,
800 size_t optlen,
801 struct in6_addr **addrs,
802 size_t *count) {
803
804 assert(optval);
805 assert(addrs);
806 assert(count);
b553817c
PF		 807
808 if (optlen == 0 || optlen % sizeof(struct in6_addr) != 0)
ad3c8420 809 return -EBADMSG;
b553817c 810
ad3c8420 811 if (!GREEDY_REALLOC(*addrs, *count + optlen / sizeof(struct in6_addr)))
b553817c
PF		 812 return -ENOMEM;
813
ad3c8420
YW		 814 memcpy(*addrs + *count, optval, optlen);
815 *count += optlen / sizeof(struct in6_addr);
b553817c 816
ad3c8420 817 return 0;
b553817c 818}
f96ccab7 819
b27dcf08
YW		 820static int parse_domain(const uint8_t **data, size_t *len, char **ret) {
821 _cleanup_free_ char *domain = NULL;
822 const uint8_t *optval;
823 size_t optlen, n = 0;
f96ccab7
PF		 824 int r;
825
b27dcf08
YW		 826 assert(data);
827 assert(*data);
828 assert(len);
829 assert(ret);
830
831 optval = *data;
832 optlen = *len;
833
af710b53
BG		 834 if (optlen <= 1)
835 return -ENODATA;
f96ccab7 836
c43eea9f
BG		 837 for (;;) {
838 const char *label;
839 uint8_t c;
f96ccab7 840
c43eea9f
BG		 841 if (optlen == 0)
842 break;
f96ccab7 843
c43eea9f
BG		 844 c = *optval;
845 optval++;
846 optlen--;
3c72b6ed 847
c43eea9f
BG		 848 if (c == 0)
849 /* End label */
850 break;
851 if (c > 63)
852 return -EBADMSG;
853 if (c > optlen)
854 return -EMSGSIZE;
3c72b6ed 855
c43eea9f 856 /* Literal label */
b27dcf08 857 label = (const char*) optval;
c43eea9f
BG		 858 optval += c;
859 optlen -= c;
3c72b6ed 860
b27dcf08 861 if (!GREEDY_REALLOC(domain, n + (n != 0) + DNS_LABEL_ESCAPED_MAX))
c43eea9f 862 return -ENOMEM;
3c72b6ed 863
b27dcf08
YW		 864 if (n != 0)
865 domain[n++] = '.';
f96ccab7 866
b27dcf08 867 r = dns_label_escape(label, c, domain + n, DNS_LABEL_ESCAPED_MAX);
c43eea9f
BG		 868 if (r < 0)
869 return r;
f96ccab7 870
c43eea9f
BG		 871 n += r;
872 }
3c72b6ed 873
b27dcf08
YW		 874 if (n > 0) {
875 if (!GREEDY_REALLOC(domain, n + 1))
3c72b6ed 876 return -ENOMEM;
b27dcf08
YW		 877
878 domain[n] = '\0';
c43eea9f
BG		 879 }
880
b27dcf08 881 *ret = TAKE_PTR(domain);
c43eea9f
BG		 882 *data = optval;
883 *len = optlen;
884
885 return n;
886}
887
b27dcf08 888int dhcp6_option_parse_domainname(const uint8_t *optval, size_t optlen, char **ret) {
c43eea9f
BG		 889 _cleanup_free_ char *domain = NULL;
890 int r;
891
b27dcf08
YW		 892 assert(optval);
893 assert(ret);
894
c43eea9f
BG		 895 r = parse_domain(&optval, &optlen, &domain);
896 if (r < 0)
897 return r;
898 if (r == 0)
899 return -ENODATA;
900 if (optlen != 0)
901 return -EINVAL;
902
b27dcf08 903 *ret = TAKE_PTR(domain);
c43eea9f
BG		 904 return 0;
905}
906
b27dcf08 907int dhcp6_option_parse_domainname_list(const uint8_t *optval, size_t optlen, char ***ret) {
c43eea9f 908 _cleanup_strv_free_ char **names = NULL;
edeee50b 909 int r;
b27dcf08
YW		 910
911 assert(optval);
912 assert(ret);
c43eea9f
BG		 913
914 if (optlen <= 1)
915 return -ENODATA;
916 if (optval[optlen - 1] != '\0')
917 return -EINVAL;
918
919 while (optlen > 0) {
b27dcf08 920 _cleanup_free_ char *name = NULL;
c43eea9f 921
b27dcf08 922 r = parse_domain(&optval, &optlen, &name);
c43eea9f
BG		 923 if (r < 0)
924 return r;
925 if (r == 0)
926 continue;
f96ccab7 927
b27dcf08 928 r = strv_consume(&names, TAKE_PTR(name));
f96ccab7 929 if (r < 0)
3c72b6ed 930 return r;
f96ccab7
PF		 931 }
932
b27dcf08 933 *ret = TAKE_PTR(names);
edeee50b 934 return 0;
f96ccab7 935}
e7d5fe17
AD		 936
937static sd_dhcp6_option* dhcp6_option_free(sd_dhcp6_option *i) {
938 if (!i)
939 return NULL;
940
941 free(i->data);
942 return mfree(i);
943}
944
99ccb8ff 945int sd_dhcp6_option_new(uint16_t option, const void *data, size_t length, uint32_t enterprise_identifier, sd_dhcp6_option **ret) {
e7d5fe17
AD		 946 assert_return(ret, -EINVAL);
947 assert_return(length == 0 || data, -EINVAL);
948
949 _cleanup_free_ void *q = memdup(data, length);
950 if (!q)
951 return -ENOMEM;
952
953 sd_dhcp6_option *p = new(sd_dhcp6_option, 1);
954 if (!p)
955 return -ENOMEM;
956
957 *p = (sd_dhcp6_option) {
958 .n_ref = 1,
959 .option = option,
99ccb8ff 960 .enterprise_identifier = enterprise_identifier,
e7d5fe17
AD		 961 .length = length,
962 .data = TAKE_PTR(q),
963 };
964
965 *ret = p;
966 return 0;
967}
968
969DEFINE_TRIVIAL_REF_UNREF_FUNC(sd_dhcp6_option, sd_dhcp6_option, dhcp6_option_free);
970DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
971 dhcp6_option_hash_ops,
972 void,
973 trivial_hash_func,
974 trivial_compare_func,
975 sd_dhcp6_option,
976 sd_dhcp6_option_unref);
Unnamed repository; edit this file 'description' to name the repository.