[thirdparty/systemd.git] / src / libsystemd-network / sd-radv.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  Copyright © 2017 Intel Corporation. All rights reserved.
***/

#include <netinet/icmp6.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include "sd-radv.h"

#include "macro.h"
#include "alloc-util.h"
#include "dns-domain.h"
#include "ether-addr-util.h"
#include "event-util.h"
#include "fd-util.h"
#include "icmp6-util.h"
#include "in-addr-util.h"
#include "radv-internal.h"
#include "socket-util.h"
#include "string-util.h"
#include "strv.h"
#include "util.h"
#include "random-util.h"

_public_ int sd_radv_new(sd_radv **ret) {
        _cleanup_(sd_radv_unrefp) sd_radv *ra = NULL;

        assert_return(ret, -EINVAL);

        ra = new(sd_radv, 1);
        if (!ra)
                return -ENOMEM;

        *ra = (sd_radv) {
                .n_ref = 1,
                .fd = -1,
        };

        *ret = TAKE_PTR(ra);

        return 0;
}

_public_ int sd_radv_attach_event(sd_radv *ra, sd_event *event, int64_t priority) {
        int r;

        assert_return(ra, -EINVAL);
        assert_return(!ra->event, -EBUSY);

        if (event)
                ra->event = sd_event_ref(event);
        else {
                r = sd_event_default(&ra->event);
                if (r < 0)
                        return 0;
        }

        ra->event_priority = priority;

        return 0;
}

_public_ int sd_radv_detach_event(sd_radv *ra) {

        assert_return(ra, -EINVAL);

        ra->event = sd_event_unref(ra->event);
        return 0;
}

_public_ sd_event *sd_radv_get_event(sd_radv *ra) {
        assert_return(ra, NULL);

        return ra->event;
}

static void radv_reset(sd_radv *ra) {
        assert(ra);

        (void) event_source_disable(ra->timeout_event_source);

        ra->recv_event_source =
                sd_event_source_unref(ra->recv_event_source);

        ra->ra_sent = 0;
}

static sd_radv *radv_free(sd_radv *ra) {
        if (!ra)
                return NULL;

        while (ra->prefixes) {
                sd_radv_prefix *p = ra->prefixes;

                LIST_REMOVE(prefix, ra->prefixes, p);
                sd_radv_prefix_unref(p);
        }

        free(ra->rdnss);
        free(ra->dnssl);

        ra->timeout_event_source = sd_event_source_unref(ra->timeout_event_source);

        radv_reset(ra);

        sd_radv_detach_event(ra);

        ra->fd = safe_close(ra->fd);

        return mfree(ra);
}

DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv, sd_radv, radv_free);

static int radv_send(sd_radv *ra, const struct in6_addr *dst, uint32_t router_lifetime) {
        sd_radv_prefix *p;
        struct sockaddr_in6 dst_addr = {
                .sin6_family = AF_INET6,
                .sin6_addr = IN6ADDR_ALL_NODES_MULTICAST_INIT,
        };
        struct nd_router_advert adv = {};
        struct {
                struct nd_opt_hdr opthdr;
                struct ether_addr slladdr;
        } _packed_ opt_mac = {
                .opthdr = {
                        .nd_opt_type = ND_OPT_SOURCE_LINKADDR,
                        .nd_opt_len = (sizeof(struct nd_opt_hdr) +
                                       sizeof(struct ether_addr) - 1) /8 + 1,
                },
        };
        struct nd_opt_mtu opt_mtu =  {
                .nd_opt_mtu_type = ND_OPT_MTU,
                .nd_opt_mtu_len = 1,
        };
        /* Reserve iov space for RA header, linkaddr, MTU, N prefixes, RDNSS
           and DNSSL */
        struct iovec iov[5 + ra->n_prefixes];
        struct msghdr msg = {
                .msg_name = &dst_addr,
                .msg_namelen = sizeof(dst_addr),
                .msg_iov = iov,
        };
        usec_t time_now;
        int r;

        assert(ra);

        r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
        if (r < 0)
                return r;

        if (dst && !IN6_IS_ADDR_UNSPECIFIED(dst))
                dst_addr.sin6_addr = *dst;

        adv.nd_ra_type = ND_ROUTER_ADVERT;
        adv.nd_ra_curhoplimit = ra->hop_limit;
        adv.nd_ra_flags_reserved = ra->flags;
        adv.nd_ra_router_lifetime = htobe16(router_lifetime);
        iov[msg.msg_iovlen].iov_base = &adv;
        iov[msg.msg_iovlen].iov_len = sizeof(adv);
        msg.msg_iovlen++;

        /* MAC address is optional, either because the link does not use L2
           addresses or load sharing is desired. See RFC 4861, Section 4.2 */
        if (!ether_addr_is_null(&ra->mac_addr)) {
                opt_mac.slladdr = ra->mac_addr;
                iov[msg.msg_iovlen].iov_base = &opt_mac;
                iov[msg.msg_iovlen].iov_len = sizeof(opt_mac);
                msg.msg_iovlen++;
        }

        if (ra->mtu) {
                opt_mtu.nd_opt_mtu_mtu = htobe32(ra->mtu);
                iov[msg.msg_iovlen].iov_base = &opt_mtu;
                iov[msg.msg_iovlen].iov_len = sizeof(opt_mtu);
                msg.msg_iovlen++;
        }

        LIST_FOREACH(prefix, p, ra->prefixes) {
                if (p->valid_until) {

                        if (time_now > p->valid_until)
                                p->opt.valid_lifetime = 0;
                        else
                                p->opt.valid_lifetime = htobe32((p->valid_until - time_now) / USEC_PER_SEC);

                        if (time_now > p->preferred_until)
                                p->opt.preferred_lifetime = 0;
                        else
                                p->opt.preferred_lifetime = htobe32((p->preferred_until - time_now) / USEC_PER_SEC);
                }
                iov[msg.msg_iovlen].iov_base = &p->opt;
                iov[msg.msg_iovlen].iov_len = sizeof(p->opt);
                msg.msg_iovlen++;
        }

        if (ra->rdnss) {
                iov[msg.msg_iovlen].iov_base = ra->rdnss;
                iov[msg.msg_iovlen].iov_len = ra->rdnss->length * 8;
                msg.msg_iovlen++;
        }

        if (ra->dnssl) {
                iov[msg.msg_iovlen].iov_base = ra->dnssl;
                iov[msg.msg_iovlen].iov_len = ra->dnssl->length * 8;
                msg.msg_iovlen++;
        }

        if (sendmsg(ra->fd, &msg, 0) < 0)
                return -errno;

        return 0;
}

static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
        sd_radv *ra = userdata;
        _cleanup_free_ char *addr = NULL;
        struct in6_addr src;
        triple_timestamp timestamp;
        int r;
        ssize_t buflen;
        _cleanup_free_ char *buf = NULL;

        assert(s);
        assert(ra);
        assert(ra->event);

        buflen = next_datagram_size_fd(fd);

        if ((unsigned) buflen < sizeof(struct nd_router_solicit))
                return log_radv("Too short packet received");

        buf = new0(char, buflen);
        if (!buf)
                return 0;

        r = icmp6_receive(fd, buf, buflen, &src, &timestamp);
        if (r < 0) {
                switch (r) {
                case -EADDRNOTAVAIL:
                        (void) in_addr_to_string(AF_INET6, (union in_addr_union*) &src, &addr);
                        log_radv("Received RS from non-link-local address %s. Ignoring", addr);
                        break;

                case -EMULTIHOP:
                        log_radv("Received RS with invalid hop limit. Ignoring.");
                        break;

                case -EPFNOSUPPORT:
                        log_radv("Received invalid source address from ICMPv6 socket. Ignoring.");
                        break;

                case -EAGAIN: /* ignore spurious wakeups */
                        break;

                default:
                        log_radv_errno(r, "Unexpected error receiving from ICMPv6 socket: %m");
                        break;
                }

                return 0;
        }

        (void) in_addr_to_string(AF_INET6, (union in_addr_union*) &src, &addr);

        r = radv_send(ra, &src, ra->lifetime);
        if (r < 0)
                log_radv_errno(r, "Unable to send solicited Router Advertisement to %s: %m", addr);
        else
                log_radv("Sent solicited Router Advertisement to %s", addr);

        return 0;
}

static usec_t radv_compute_timeout(usec_t min, usec_t max) {
        assert_return(min <= max, SD_RADV_DEFAULT_MIN_TIMEOUT_USEC);

        return min + (random_u32() % (max - min));
}

static int radv_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
        int r;
        sd_radv *ra = userdata;
        usec_t min_timeout = SD_RADV_DEFAULT_MIN_TIMEOUT_USEC;
        usec_t max_timeout = SD_RADV_DEFAULT_MAX_TIMEOUT_USEC;
        usec_t time_now, timeout;
        char time_string[FORMAT_TIMESPAN_MAX];

        assert(s);
        assert(ra);
        assert(ra->event);

        r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
        if (r < 0)
                goto fail;

        r = radv_send(ra, NULL, ra->lifetime);
        if (r < 0)
                log_radv_errno(r, "Unable to send Router Advertisement: %m");

        /* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
        if (ra->ra_sent < SD_RADV_MAX_INITIAL_RTR_ADVERTISEMENTS) {
                max_timeout = SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC;
                min_timeout = SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC / 3;
        }

        timeout = radv_compute_timeout(min_timeout, max_timeout);

        log_radv("Next Router Advertisement in %s",
                 format_timespan(time_string, FORMAT_TIMESPAN_MAX,
                                 timeout, USEC_PER_SEC));

        r = event_reset_time(ra->event, &ra->timeout_event_source,
                             clock_boottime_or_monotonic(),
                             time_now + timeout, MSEC_PER_SEC,
                             radv_timeout, ra,
                             ra->event_priority, "radv-timeout", true);
        if (r < 0)
                goto fail;

        ra->ra_sent++;

        return 0;

fail:
        sd_radv_stop(ra);

        return 0;
}

_public_ int sd_radv_stop(sd_radv *ra) {
        int r;

        assert_return(ra, -EINVAL);

        if (ra->state == SD_RADV_STATE_IDLE)
                return 0;

        log_radv("Stopping IPv6 Router Advertisement daemon");

        /* RFC 4861, Section 6.2.5, send at least one Router Advertisement
           with zero lifetime  */
        r = radv_send(ra, NULL, 0);
        if (r < 0)
                log_radv_errno(r, "Unable to send last Router Advertisement with router lifetime set to zero: %m");

        radv_reset(ra);
        ra->fd = safe_close(ra->fd);
        ra->state = SD_RADV_STATE_IDLE;

        return 0;
}

_public_ int sd_radv_start(sd_radv *ra) {
        int r = 0;

        assert_return(ra, -EINVAL);
        assert_return(ra->event, -EINVAL);
        assert_return(ra->ifindex > 0, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return 0;

        r = event_reset_time(ra->event, &ra->timeout_event_source,
                             clock_boottime_or_monotonic(),
                             0, 0,
                             radv_timeout, ra,
                             ra->event_priority, "radv-timeout", true);
        if (r < 0)
                goto fail;

        r = icmp6_bind_router_advertisement(ra->ifindex);
        if (r < 0)
                goto fail;

        ra->fd = r;

        r = sd_event_add_io(ra->event, &ra->recv_event_source, ra->fd, EPOLLIN, radv_recv, ra);
        if (r < 0)
                goto fail;

        r = sd_event_source_set_priority(ra->recv_event_source, ra->event_priority);
        if (r < 0)
                goto fail;

        (void) sd_event_source_set_description(ra->recv_event_source, "radv-receive-message");

        ra->state = SD_RADV_STATE_ADVERTISING;

        log_radv("Started IPv6 Router Advertisement daemon");

        return 0;

 fail:
        radv_reset(ra);

        return r;
}

_public_ int sd_radv_set_ifindex(sd_radv *ra, int ifindex) {
        assert_return(ra, -EINVAL);
        assert_return(ifindex >= -1, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        ra->ifindex = ifindex;

        return 0;
}

_public_ int sd_radv_set_mac(sd_radv *ra, const struct ether_addr *mac_addr) {
        assert_return(ra, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        if (mac_addr)
                ra->mac_addr = *mac_addr;
        else
                zero(ra->mac_addr);

        return 0;
}

_public_ int sd_radv_set_mtu(sd_radv *ra, uint32_t mtu) {
        assert_return(ra, -EINVAL);
        assert_return(mtu >= 1280, -EINVAL);

        ra->mtu = mtu;

        return 0;
}

_public_ int sd_radv_set_hop_limit(sd_radv *ra, uint8_t hop_limit) {
        assert_return(ra, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        ra->hop_limit = hop_limit;

        return 0;
}

_public_ int sd_radv_set_router_lifetime(sd_radv *ra, uint32_t router_lifetime) {
        assert_return(ra, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        /* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the
           preference value MUST be set to (00) by the sender..." */
        if (router_lifetime == 0 &&
            (ra->flags & (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM << 3))
                return -ETIME;

        ra->lifetime = router_lifetime;

        return 0;
}

_public_ int sd_radv_set_managed_information(sd_radv *ra, int managed) {
        assert_return(ra, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        SET_FLAG(ra->flags, ND_RA_FLAG_MANAGED, managed);

        return 0;
}

_public_ int sd_radv_set_other_information(sd_radv *ra, int other) {
        assert_return(ra, -EINVAL);

        if (ra->state != SD_RADV_STATE_IDLE)
                return -EBUSY;

        SET_FLAG(ra->flags, ND_RA_FLAG_OTHER, other);

        return 0;
}

_public_ int sd_radv_set_preference(sd_radv *ra, unsigned preference) {
        int r = 0;

        assert_return(ra, -EINVAL);
        assert_return(IN_SET(preference,
                             SD_NDISC_PREFERENCE_LOW,
                             SD_NDISC_PREFERENCE_MEDIUM,
                             SD_NDISC_PREFERENCE_HIGH), -EINVAL);

        ra->flags = (ra->flags & ~(0x3 << 3)) | (preference << 3);

        return r;
}

_public_ int sd_radv_add_prefix(sd_radv *ra, sd_radv_prefix *p, bool dynamic) {
        sd_radv_prefix *cur;
        int r;
        _cleanup_free_ char *addr_p = NULL;
        char time_string_preferred[FORMAT_TIMESPAN_MAX];
        char time_string_valid[FORMAT_TIMESPAN_MAX];
        usec_t time_now, valid, preferred, valid_until, preferred_until;

        assert_return(ra, -EINVAL);

        if (!p)
                return -EINVAL;

        LIST_FOREACH(prefix, cur, ra->prefixes) {

                r = in_addr_prefix_intersect(AF_INET6,
                                             (union in_addr_union*) &cur->opt.in6_addr,
                                             cur->opt.prefixlen,
                                             (union in_addr_union*) &p->opt.in6_addr,
                                             p->opt.prefixlen);
                if (r > 0) {
                        _cleanup_free_ char *addr_cur = NULL;

                        (void) in_addr_to_string(AF_INET6,
                                                 (union in_addr_union*) &p->opt.in6_addr,
                                                 &addr_p);

                        if (dynamic && cur->opt.prefixlen == p->opt.prefixlen)
                                goto update;

                        (void) in_addr_to_string(AF_INET6,
                                                 (union in_addr_union*) &cur->opt.in6_addr,
                                                 &addr_cur);
                        log_radv("IPv6 prefix %s/%u already configured, ignoring %s/%u",
                                 addr_cur, cur->opt.prefixlen,
                                 addr_p, p->opt.prefixlen);

                        return -EEXIST;
                }
        }

        p = sd_radv_prefix_ref(p);

        LIST_APPEND(prefix, ra->prefixes, p);

        ra->n_prefixes++;

        (void) in_addr_to_string(AF_INET6, (union in_addr_union*) &p->opt.in6_addr, &addr_p);

        if (!dynamic) {
                log_radv("Added prefix %s/%d", addr_p, p->opt.prefixlen);
                return 0;
        }

        cur = p;

 update:
        r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
        if (r < 0)
                return r;

        valid = be32toh(p->opt.valid_lifetime) * USEC_PER_SEC;
        valid_until = usec_add(valid, time_now);
        if (valid_until == USEC_INFINITY)
                return -EOVERFLOW;

        preferred = be32toh(p->opt.preferred_lifetime) * USEC_PER_SEC;
        preferred_until = usec_add(preferred, time_now);
        if (preferred_until == USEC_INFINITY)
                return -EOVERFLOW;

        cur->valid_until = valid_until;
        cur->preferred_until = preferred_until;

        log_radv("%s prefix %s/%u preferred %s valid %s",
                 cur? "Updated": "Added",
                 addr_p, p->opt.prefixlen,
                 format_timespan(time_string_preferred, FORMAT_TIMESPAN_MAX,
                                 preferred, USEC_PER_SEC),
                 format_timespan(time_string_valid, FORMAT_TIMESPAN_MAX,
                                 valid, USEC_PER_SEC));

        return 0;
}

_public_ sd_radv_prefix *sd_radv_remove_prefix(sd_radv *ra,
                                               const struct in6_addr *prefix,
                                               unsigned char prefixlen) {
        sd_radv_prefix *cur, *next;

        assert_return(ra, NULL);
        assert_return(prefix, NULL);

        LIST_FOREACH_SAFE(prefix, cur, next, ra->prefixes) {
                if (prefixlen != cur->opt.prefixlen)
                        continue;

                if (!in_addr_equal(AF_INET6,
                                   (union in_addr_union *)prefix,
                                   (union in_addr_union *)&cur->opt.in6_addr))
                        continue;

                LIST_REMOVE(prefix, ra->prefixes, cur);
                ra->n_prefixes--;

                break;
        }

        return cur;
}

_public_ int sd_radv_set_rdnss(sd_radv *ra, uint32_t lifetime,
                               const struct in6_addr *dns, size_t n_dns) {
        _cleanup_free_ struct sd_radv_opt_dns *opt_rdnss = NULL;
        size_t len;

        assert_return(ra, -EINVAL);
        assert_return(n_dns < 128, -EINVAL);

        if (!dns || n_dns == 0) {
                ra->rdnss = mfree(ra->rdnss);
                ra->n_rdnss = 0;

                return 0;
        }

        len = sizeof(struct sd_radv_opt_dns) + sizeof(struct in6_addr) * n_dns;

        opt_rdnss = malloc0(len);
        if (!opt_rdnss)
                return -ENOMEM;

        opt_rdnss->type = SD_RADV_OPT_RDNSS;
        opt_rdnss->length = len / 8;
        opt_rdnss->lifetime = htobe32(lifetime);

        memcpy(opt_rdnss + 1, dns, n_dns * sizeof(struct in6_addr));

        free_and_replace(ra->rdnss, opt_rdnss);

        ra->n_rdnss = n_dns;

        return 0;
}

_public_ int sd_radv_set_dnssl(sd_radv *ra, uint32_t lifetime,
                               char **search_list) {
        _cleanup_free_ struct sd_radv_opt_dns *opt_dnssl = NULL;
        size_t len = 0;
        char **s;
        uint8_t *p;

        assert_return(ra, -EINVAL);

        if (strv_isempty(search_list)) {
                ra->dnssl = mfree(ra->dnssl);
                return 0;
        }

        STRV_FOREACH(s, search_list)
                len += strlen(*s) + 2;

        len = (sizeof(struct sd_radv_opt_dns) + len + 7) & ~0x7;

        opt_dnssl = malloc0(len);
        if (!opt_dnssl)
                return -ENOMEM;

        opt_dnssl->type = SD_RADV_OPT_DNSSL;
        opt_dnssl->length = len / 8;
        opt_dnssl->lifetime = htobe32(lifetime);

        p = (uint8_t *)(opt_dnssl + 1);
        len -= sizeof(struct sd_radv_opt_dns);

        STRV_FOREACH(s, search_list) {
                int r;

                r = dns_name_to_wire_format(*s, p, len, false);
                if (r < 0)
                        return r;

                if (len < (size_t)r)
                        return -ENOBUFS;

                p += r;
                len -= r;
        }

        free_and_replace(ra->dnssl, opt_dnssl);

        return 0;
}

_public_ int sd_radv_prefix_new(sd_radv_prefix **ret) {
        _cleanup_(sd_radv_prefix_unrefp) sd_radv_prefix *p = NULL;

        assert_return(ret, -EINVAL);

        p = new0(sd_radv_prefix, 1);
        if (!p)
                return -ENOMEM;

        p->n_ref = 1;

        p->opt.type = ND_OPT_PREFIX_INFORMATION;
        p->opt.length = (sizeof(p->opt) - 1) /8 + 1;

        p->opt.prefixlen = 64;

        /* RFC 4861, Section 6.2.1 */
        SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, true);
        SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, true);
        p->opt.preferred_lifetime = htobe32(604800);
        p->opt.valid_lifetime = htobe32(2592000);

        LIST_INIT(prefix, p);

        *ret = TAKE_PTR(p);

        return 0;
}

DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_prefix, sd_radv_prefix, mfree);

_public_ int sd_radv_prefix_set_prefix(sd_radv_prefix *p, const struct in6_addr *in6_addr,
                                       unsigned char prefixlen) {
        assert_return(p, -EINVAL);
        assert_return(in6_addr, -EINVAL);

        if (prefixlen < 3 || prefixlen > 128)
                return -EINVAL;

        if (prefixlen > 64)
                /* unusual but allowed, log it */
                log_radv("Unusual prefix length %d greater than 64", prefixlen);

        p->opt.in6_addr = *in6_addr;
        p->opt.prefixlen = prefixlen;

        return 0;
}

_public_ int sd_radv_prefix_set_onlink(sd_radv_prefix *p, int onlink) {
        assert_return(p, -EINVAL);

        SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, onlink);

        return 0;
}

_public_ int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix *p,
                                                          int address_autoconfiguration) {
        assert_return(p, -EINVAL);

        SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, address_autoconfiguration);

        return 0;
}

_public_ int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix *p,
                                               uint32_t valid_lifetime) {
        assert_return(p, -EINVAL);

        p->opt.valid_lifetime = htobe32(valid_lifetime);

        return 0;
}

_public_ int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix *p,
                                                   uint32_t preferred_lifetime) {
        assert_return(p, -EINVAL);

        p->opt.preferred_lifetime = htobe32(preferred_lifetime);

        return 0;
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
04473969	2	/***
810adae9	3	Copyright © 2017 Intel Corporation. All rights reserved.
04473969 PF	4	***/
	5
	6	#include <netinet/icmp6.h>
	7	#include <netinet/in.h>
204f99d2	8	#include <arpa/inet.h>
04473969 PF	9
	10	#include "sd-radv.h"
	11
204f99d2	12	#include "macro.h"
04473969	13	#include "alloc-util.h"
e965d6ab	14	#include "dns-domain.h"
ae25915d	15	#include "ether-addr-util.h"
807a8ede	16	#include "event-util.h"
04473969 PF	17	#include "fd-util.h"
	18	#include "icmp6-util.h"
	19	#include "in-addr-util.h"
	20	#include "radv-internal.h"
	21	#include "socket-util.h"
	22	#include "string-util.h"
e965d6ab	23	#include "strv.h"
04473969	24	#include "util.h"
204fb681	25	#include "random-util.h"
04473969	26
204f99d2 PF	27	_public_ int sd_radv_new(sd_radv **ret) {
	28	_cleanup_(sd_radv_unrefp) sd_radv *ra = NULL;
	29
	30	assert_return(ret, -EINVAL);
	31
78f9d24f	32	ra = new(sd_radv, 1);
204f99d2 PF	33	if (!ra)
	34	return -ENOMEM;
	35
78f9d24f YW	36	*ra = (sd_radv) {
	37	.n_ref = 1,
	38	.fd = -1,
	39	};
204f99d2	40
1cc6c93a	41	*ret = TAKE_PTR(ra);
204f99d2 PF	42
	43	return 0;
	44	}
	45
	46	_public_ int sd_radv_attach_event(sd_radv ra, sd_event event, int64_t priority) {
	47	int r;
	48
	49	assert_return(ra, -EINVAL);
	50	assert_return(!ra->event, -EBUSY);
	51
	52	if (event)
	53	ra->event = sd_event_ref(event);
	54	else {
	55	r = sd_event_default(&ra->event);
	56	if (r < 0)
	57	return 0;
	58	}
	59
	60	ra->event_priority = priority;
	61
	62	return 0;
	63	}
	64
	65	_public_ int sd_radv_detach_event(sd_radv *ra) {
	66
	67	assert_return(ra, -EINVAL);
	68
	69	ra->event = sd_event_unref(ra->event);
	70	return 0;
	71	}
	72
	73	_public_ sd_event sd_radv_get_event(sd_radv ra) {
	74	assert_return(ra, NULL);
	75
	76	return ra->event;
	77	}
	78
204fb681	79	static void radv_reset(sd_radv *ra) {
c4b6dda0	80	assert(ra);
204fb681	81
807a8ede	82	(void) event_source_disable(ra->timeout_event_source);
204fb681	83
88d5a3db PF	84	ra->recv_event_source =
	85	sd_event_source_unref(ra->recv_event_source);
	86
204fb681 PF	87	ra->ra_sent = 0;
	88	}
	89
8301aa0b	90	static sd_radv radv_free(sd_radv ra) {
e866e17b LP	91	if (!ra)
e866e17b LP	92	return NULL;
204f99d2 PF	93
	94	while (ra->prefixes) {
	95	sd_radv_prefix *p = ra->prefixes;
	96
	97	LIST_REMOVE(prefix, ra->prefixes, p);
	98	sd_radv_prefix_unref(p);
	99	}
	100
e9c6da38	101	free(ra->rdnss);
f9aa5417	102	free(ra->dnssl);
e9c6da38	103
807a8ede YW	104	ra->timeout_event_source = sd_event_source_unref(ra->timeout_event_source);
807a8ede YW	105
204fb681 PF	106	radv_reset(ra);
204fb681 PF	107
204f99d2	108	sd_radv_detach_event(ra);
c4b6dda0 LP	109
	110	ra->fd = safe_close(ra->fd);
	111
204f99d2 PF	112	return mfree(ra);
	113	}
	114
8301aa0b YW	115	DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv, sd_radv, radv_free);
8301aa0b YW	116
83ef9d14	117	static int radv_send(sd_radv ra, const struct in6_addr dst, uint32_t router_lifetime) {
77baf5ae PF	118	sd_radv_prefix *p;
	119	struct sockaddr_in6 dst_addr = {
	120	.sin6_family = AF_INET6,
	121	.sin6_addr = IN6ADDR_ALL_NODES_MULTICAST_INIT,
	122	};
	123	struct nd_router_advert adv = {};
	124	struct {
	125	struct nd_opt_hdr opthdr;
	126	struct ether_addr slladdr;
	127	} _packed_ opt_mac = {
	128	.opthdr = {
	129	.nd_opt_type = ND_OPT_SOURCE_LINKADDR,
	130	.nd_opt_len = (sizeof(struct nd_opt_hdr) +
	131	sizeof(struct ether_addr) - 1) /8 + 1,
	132	},
	133	};
	134	struct nd_opt_mtu opt_mtu = {
	135	.nd_opt_mtu_type = ND_OPT_MTU,
	136	.nd_opt_mtu_len = 1,
	137	};
6852c0f6 PF	138	/* Reserve iov space for RA header, linkaddr, MTU, N prefixes, RDNSS
	139	and DNSSL */
	140	struct iovec iov[5 + ra->n_prefixes];
77baf5ae PF	141	struct msghdr msg = {
	142	.msg_name = &dst_addr,
	143	.msg_namelen = sizeof(dst_addr),
	144	.msg_iov = iov,
	145	};
d601b566 PF	146	usec_t time_now;
	147	int r;
	148
dc0ec5e2 LP	149	assert(ra);
dc0ec5e2 LP	150
d601b566 PF	151	r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
	152	if (r < 0)
	153	return r;
77baf5ae	154
dc0ec5e2	155	if (dst && !IN6_IS_ADDR_UNSPECIFIED(dst))
77baf5ae	156	dst_addr.sin6_addr = *dst;
88d5a3db	157
77baf5ae PF	158	adv.nd_ra_type = ND_ROUTER_ADVERT;
	159	adv.nd_ra_curhoplimit = ra->hop_limit;
	160	adv.nd_ra_flags_reserved = ra->flags;
	161	adv.nd_ra_router_lifetime = htobe16(router_lifetime);
	162	iov[msg.msg_iovlen].iov_base = &adv;
	163	iov[msg.msg_iovlen].iov_len = sizeof(adv);
	164	msg.msg_iovlen++;
	165
	166	/* MAC address is optional, either because the link does not use L2
	167	addresses or load sharing is desired. See RFC 4861, Section 4.2 */
ae25915d	168	if (!ether_addr_is_null(&ra->mac_addr)) {
77baf5ae PF	169	opt_mac.slladdr = ra->mac_addr;
	170	iov[msg.msg_iovlen].iov_base = &opt_mac;
	171	iov[msg.msg_iovlen].iov_len = sizeof(opt_mac);
	172	msg.msg_iovlen++;
	173	}
	174
	175	if (ra->mtu) {
	176	opt_mtu.nd_opt_mtu_mtu = htobe32(ra->mtu);
	177	iov[msg.msg_iovlen].iov_base = &opt_mtu;
	178	iov[msg.msg_iovlen].iov_len = sizeof(opt_mtu);
	179	msg.msg_iovlen++;
	180	}
	181
	182	LIST_FOREACH(prefix, p, ra->prefixes) {
d601b566 PF	183	if (p->valid_until) {
	184
	185	if (time_now > p->valid_until)
	186	p->opt.valid_lifetime = 0;
	187	else
	188	p->opt.valid_lifetime = htobe32((p->valid_until - time_now) / USEC_PER_SEC);
	189
	190	if (time_now > p->preferred_until)
	191	p->opt.preferred_lifetime = 0;
	192	else
	193	p->opt.preferred_lifetime = htobe32((p->preferred_until - time_now) / USEC_PER_SEC);
	194	}
77baf5ae PF	195	iov[msg.msg_iovlen].iov_base = &p->opt;
	196	iov[msg.msg_iovlen].iov_len = sizeof(p->opt);
	197	msg.msg_iovlen++;
	198	}
	199
e9c6da38 PF	200	if (ra->rdnss) {
	201	iov[msg.msg_iovlen].iov_base = ra->rdnss;
	202	iov[msg.msg_iovlen].iov_len = ra->rdnss->length * 8;
	203	msg.msg_iovlen++;
	204	}
	205
e965d6ab PF	206	if (ra->dnssl) {
	207	iov[msg.msg_iovlen].iov_base = ra->dnssl;
	208	iov[msg.msg_iovlen].iov_len = ra->dnssl->length * 8;
	209	msg.msg_iovlen++;
	210	}
	211
77baf5ae PF	212	if (sendmsg(ra->fd, &msg, 0) < 0)
77baf5ae PF	213	return -errno;
204fb681	214
77baf5ae	215	return 0;
204fb681 PF	216	}
204fb681 PF	217
88d5a3db PF	218	static int radv_recv(sd_event_source s, int fd, uint32_t revents, void userdata) {
	219	sd_radv *ra = userdata;
	220	_cleanup_free_ char *addr = NULL;
	221	struct in6_addr src;
	222	triple_timestamp timestamp;
	223	int r;
	224	ssize_t buflen;
	225	_cleanup_free_ char *buf = NULL;
	226
	227	assert(s);
	228	assert(ra);
	229	assert(ra->event);
	230
	231	buflen = next_datagram_size_fd(fd);
	232
	233	if ((unsigned) buflen < sizeof(struct nd_router_solicit))
	234	return log_radv("Too short packet received");
	235
	236	buf = new0(char, buflen);
	237	if (!buf)
	238	return 0;
	239
	240	r = icmp6_receive(fd, buf, buflen, &src, &timestamp);
	241	if (r < 0) {
	242	switch (r) {
	243	case -EADDRNOTAVAIL:
	244	(void) in_addr_to_string(AF_INET6, (union in_addr_union*) &src, &addr);
	245	log_radv("Received RS from non-link-local address %s. Ignoring", addr);
	246	break;
	247
	248	case -EMULTIHOP:
	249	log_radv("Received RS with invalid hop limit. Ignoring.");
	250	break;
	251
	252	case -EPFNOSUPPORT:
	253	log_radv("Received invalid source address from ICMPv6 socket. Ignoring.");
	254	break;
	255
8eb41f4c LP	256	case -EAGAIN: /* ignore spurious wakeups */
	257	break;
	258
88d5a3db	259	default:
8eb41f4c	260	log_radv_errno(r, "Unexpected error receiving from ICMPv6 socket: %m");
88d5a3db PF	261	break;
	262	}
	263
	264	return 0;
	265	}
	266
	267	(void) in_addr_to_string(AF_INET6, (union in_addr_union*) &src, &addr);
	268
	269	r = radv_send(ra, &src, ra->lifetime);
	270	if (r < 0)
fdc2afc1	271	log_radv_errno(r, "Unable to send solicited Router Advertisement to %s: %m", addr);
88d5a3db PF	272	else
	273	log_radv("Sent solicited Router Advertisement to %s", addr);
	274
	275	return 0;
	276	}
	277
204fb681 PF	278	static usec_t radv_compute_timeout(usec_t min, usec_t max) {
	279	assert_return(min <= max, SD_RADV_DEFAULT_MIN_TIMEOUT_USEC);
	280
	281	return min + (random_u32() % (max - min));
	282	}
	283
	284	static int radv_timeout(sd_event_source s, uint64_t usec, void userdata) {
	285	int r;
	286	sd_radv *ra = userdata;
	287	usec_t min_timeout = SD_RADV_DEFAULT_MIN_TIMEOUT_USEC;
	288	usec_t max_timeout = SD_RADV_DEFAULT_MAX_TIMEOUT_USEC;
	289	usec_t time_now, timeout;
	290	char time_string[FORMAT_TIMESPAN_MAX];
	291
	292	assert(s);
	293	assert(ra);
	294	assert(ra->event);
	295
204fb681 PF	296	r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
	297	if (r < 0)
	298	goto fail;
	299
	300	r = radv_send(ra, NULL, ra->lifetime);
	301	if (r < 0)
fdc2afc1	302	log_radv_errno(r, "Unable to send Router Advertisement: %m");
204fb681 PF	303
	304	/* RFC 4861, Section 6.2.4, sending initial Router Advertisements */
	305	if (ra->ra_sent < SD_RADV_MAX_INITIAL_RTR_ADVERTISEMENTS) {
	306	max_timeout = SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC;
	307	min_timeout = SD_RADV_MAX_INITIAL_RTR_ADVERT_INTERVAL_USEC / 3;
	308	}
	309
	310	timeout = radv_compute_timeout(min_timeout, max_timeout);
	311
	312	log_radv("Next Router Advertisement in %s",
	313	format_timespan(time_string, FORMAT_TIMESPAN_MAX,
	314	timeout, USEC_PER_SEC));
	315
807a8ede YW	316	r = event_reset_time(ra->event, &ra->timeout_event_source,
	317	clock_boottime_or_monotonic(),
	318	time_now + timeout, MSEC_PER_SEC,
	319	radv_timeout, ra,
	320	ra->event_priority, "radv-timeout", true);
204fb681 PF	321	if (r < 0)
	322	goto fail;
	323
	324	ra->ra_sent++;
	325
807a8ede YW	326	return 0;
807a8ede YW	327
204fb681	328	fail:
807a8ede	329	sd_radv_stop(ra);
204fb681 PF	330
	331	return 0;
	332	}
	333
204f99d2	334	_public_ int sd_radv_stop(sd_radv *ra) {
204fb681 PF	335	int r;
204fb681 PF	336
204f99d2 PF	337	assert_return(ra, -EINVAL);
204f99d2 PF	338
6f8a8b84 SS	339	if (ra->state == SD_RADV_STATE_IDLE)
	340	return 0;
	341
204f99d2 PF	342	log_radv("Stopping IPv6 Router Advertisement daemon");
204f99d2 PF	343
204fb681 PF	344	/* RFC 4861, Section 6.2.5, send at least one Router Advertisement
	345	with zero lifetime */
	346	r = radv_send(ra, NULL, 0);
	347	if (r < 0)
fdc2afc1	348	log_radv_errno(r, "Unable to send last Router Advertisement with router lifetime set to zero: %m");
204fb681 PF	349
204fb681 PF	350	radv_reset(ra);
77baf5ae	351	ra->fd = safe_close(ra->fd);
204f99d2 PF	352	ra->state = SD_RADV_STATE_IDLE;
	353
	354	return 0;
	355	}
	356
	357	_public_ int sd_radv_start(sd_radv *ra) {
204fb681 PF	358	int r = 0;
204fb681 PF	359
204f99d2 PF	360	assert_return(ra, -EINVAL);
	361	assert_return(ra->event, -EINVAL);
	362	assert_return(ra->ifindex > 0, -EINVAL);
	363
	364	if (ra->state != SD_RADV_STATE_IDLE)
	365	return 0;
	366
807a8ede YW	367	r = event_reset_time(ra->event, &ra->timeout_event_source,
	368	clock_boottime_or_monotonic(),
	369	0, 0,
	370	radv_timeout, ra,
	371	ra->event_priority, "radv-timeout", true);
204fb681 PF	372	if (r < 0)
	373	goto fail;
	374
77baf5ae PF	375	r = icmp6_bind_router_advertisement(ra->ifindex);
	376	if (r < 0)
	377	goto fail;
	378
	379	ra->fd = r;
88d5a3db PF	380
	381	r = sd_event_add_io(ra->event, &ra->recv_event_source, ra->fd, EPOLLIN, radv_recv, ra);
	382	if (r < 0)
	383	goto fail;
	384
	385	r = sd_event_source_set_priority(ra->recv_event_source, ra->event_priority);
	386	if (r < 0)
	387	goto fail;
	388
	389	(void) sd_event_source_set_description(ra->recv_event_source, "radv-receive-message");
77baf5ae	390
204f99d2 PF	391	ra->state = SD_RADV_STATE_ADVERTISING;
	392
	393	log_radv("Started IPv6 Router Advertisement daemon");
	394
	395	return 0;
204fb681 PF	396
	397	fail:
	398	radv_reset(ra);
	399
	400	return r;
204f99d2 PF	401	}
	402
	403	_public_ int sd_radv_set_ifindex(sd_radv *ra, int ifindex) {
	404	assert_return(ra, -EINVAL);
	405	assert_return(ifindex >= -1, -EINVAL);
	406
	407	if (ra->state != SD_RADV_STATE_IDLE)
	408	return -EBUSY;
	409
	410	ra->ifindex = ifindex;
	411
	412	return 0;
	413	}
	414
	415	_public_ int sd_radv_set_mac(sd_radv ra, const struct ether_addr mac_addr) {
	416	assert_return(ra, -EINVAL);
	417
	418	if (ra->state != SD_RADV_STATE_IDLE)
	419	return -EBUSY;
	420
	421	if (mac_addr)
	422	ra->mac_addr = *mac_addr;
	423	else
	424	zero(ra->mac_addr);
	425
	426	return 0;
	427	}
	428
	429	_public_ int sd_radv_set_mtu(sd_radv *ra, uint32_t mtu) {
	430	assert_return(ra, -EINVAL);
	431	assert_return(mtu >= 1280, -EINVAL);
	432
204f99d2 PF	433	ra->mtu = mtu;
	434
	435	return 0;
	436	}
	437
	438	_public_ int sd_radv_set_hop_limit(sd_radv *ra, uint8_t hop_limit) {
	439	assert_return(ra, -EINVAL);
	440
	441	if (ra->state != SD_RADV_STATE_IDLE)
	442	return -EBUSY;
	443
	444	ra->hop_limit = hop_limit;
	445
	446	return 0;
	447	}
	448
	449	_public_ int sd_radv_set_router_lifetime(sd_radv *ra, uint32_t router_lifetime) {
	450	assert_return(ra, -EINVAL);
	451
	452	if (ra->state != SD_RADV_STATE_IDLE)
	453	return -EBUSY;
	454
	455	/* RFC 4191, Section 2.2, "...If the Router Lifetime is zero, the
	456	preference value MUST be set to (00) by the sender..." */
	457	if (router_lifetime == 0 &&
	458	(ra->flags & (0x3 << 3)) != (SD_NDISC_PREFERENCE_MEDIUM << 3))
	459	return -ETIME;
	460
	461	ra->lifetime = router_lifetime;
	462
	463	return 0;
	464	}
	465
	466	_public_ int sd_radv_set_managed_information(sd_radv *ra, int managed) {
	467	assert_return(ra, -EINVAL);
	468
	469	if (ra->state != SD_RADV_STATE_IDLE)
	470	return -EBUSY;
	471
	472	SET_FLAG(ra->flags, ND_RA_FLAG_MANAGED, managed);
	473
	474	return 0;
	475	}
	476
	477	_public_ int sd_radv_set_other_information(sd_radv *ra, int other) {
	478	assert_return(ra, -EINVAL);
	479
	480	if (ra->state != SD_RADV_STATE_IDLE)
	481	return -EBUSY;
	482
	483	SET_FLAG(ra->flags, ND_RA_FLAG_OTHER, other);
	484
	485	return 0;
	486	}
	487
	488	_public_ int sd_radv_set_preference(sd_radv *ra, unsigned preference) {
	489	int r = 0;
	490
	491	assert_return(ra, -EINVAL);
	492	assert_return(IN_SET(preference,
	493	SD_NDISC_PREFERENCE_LOW,
	494	SD_NDISC_PREFERENCE_MEDIUM,
	495	SD_NDISC_PREFERENCE_HIGH), -EINVAL);
	496
497	ra->flags = (ra->flags & ~(0x3 << 3)) \| (preference << 3);
498
499	return r;
500	}
501
d601b566	502	_public_ int sd_radv_add_prefix(sd_radv ra, sd_radv_prefix p, bool dynamic) {
204f99d2	503	sd_radv_prefix *cur;
d601b566	504	int r;
204f99d2	505	_cleanup_free_ char *addr_p = NULL;
d601b566 PF	506	char time_string_preferred[FORMAT_TIMESPAN_MAX];
	507	char time_string_valid[FORMAT_TIMESPAN_MAX];
	508	usec_t time_now, valid, preferred, valid_until, preferred_until;
204f99d2 PF	509
	510	assert_return(ra, -EINVAL);
	511
	512	if (!p)
	513	return -EINVAL;
	514
	515	LIST_FOREACH(prefix, cur, ra->prefixes) {
204f99d2 PF	516
	517	r = in_addr_prefix_intersect(AF_INET6,
	518	(union in_addr_union*) &cur->opt.in6_addr,
	519	cur->opt.prefixlen,
	520	(union in_addr_union*) &p->opt.in6_addr,
	521	p->opt.prefixlen);
	522	if (r > 0) {
	523	_cleanup_free_ char *addr_cur = NULL;
	524
204f99d2 PF	525	(void) in_addr_to_string(AF_INET6,
	526	(union in_addr_union*) &p->opt.in6_addr,
	527	&addr_p);
	528
d601b566 PF	529	if (dynamic && cur->opt.prefixlen == p->opt.prefixlen)
	530	goto update;
	531
	532	(void) in_addr_to_string(AF_INET6,
	533	(union in_addr_union*) &cur->opt.in6_addr,
	534	&addr_cur);
204f99d2 PF	535	log_radv("IPv6 prefix %s/%u already configured, ignoring %s/%u",
	536	addr_cur, cur->opt.prefixlen,
	537	addr_p, p->opt.prefixlen);
	538
	539	return -EEXIST;
	540	}
	541	}
	542
	543	p = sd_radv_prefix_ref(p);
	544
	545	LIST_APPEND(prefix, ra->prefixes, p);
	546
	547	ra->n_prefixes++;
	548
	549	(void) in_addr_to_string(AF_INET6, (union in_addr_union*) &p->opt.in6_addr, &addr_p);
d601b566 PF	550
	551	if (!dynamic) {
	552	log_radv("Added prefix %s/%d", addr_p, p->opt.prefixlen);
	553	return 0;
	554	}
	555
	556	cur = p;
	557
	558	update:
	559	r = sd_event_now(ra->event, clock_boottime_or_monotonic(), &time_now);
	560	if (r < 0)
	561	return r;
	562
	563	valid = be32toh(p->opt.valid_lifetime) * USEC_PER_SEC;
	564	valid_until = usec_add(valid, time_now);
	565	if (valid_until == USEC_INFINITY)
	566	return -EOVERFLOW;
	567
	568	preferred = be32toh(p->opt.preferred_lifetime) * USEC_PER_SEC;
	569	preferred_until = usec_add(preferred, time_now);
	570	if (preferred_until == USEC_INFINITY)
	571	return -EOVERFLOW;
	572
	573	cur->valid_until = valid_until;
	574	cur->preferred_until = preferred_until;
	575
	576	log_radv("%s prefix %s/%u preferred %s valid %s",
	577	cur? "Updated": "Added",
	578	addr_p, p->opt.prefixlen,
	579	format_timespan(time_string_preferred, FORMAT_TIMESPAN_MAX,
	580	preferred, USEC_PER_SEC),
	581	format_timespan(time_string_valid, FORMAT_TIMESPAN_MAX,
	582	valid, USEC_PER_SEC));
204f99d2 PF	583
	584	return 0;
	585	}
	586
34c169c4	587	_public_ sd_radv_prefix sd_radv_remove_prefix(sd_radv ra,
f5a5706a LP	588	const struct in6_addr *prefix,
f5a5706a LP	589	unsigned char prefixlen) {
34c169c4 PF	590	sd_radv_prefix cur, next;
	591
	592	assert_return(ra, NULL);
	593	assert_return(prefix, NULL);
	594
	595	LIST_FOREACH_SAFE(prefix, cur, next, ra->prefixes) {
	596	if (prefixlen != cur->opt.prefixlen)
	597	continue;
	598
	599	if (!in_addr_equal(AF_INET6,
	600	(union in_addr_union *)prefix,
	601	(union in_addr_union *)&cur->opt.in6_addr))
	602	continue;
	603
	604	LIST_REMOVE(prefix, ra->prefixes, cur);
	605	ra->n_prefixes--;
	606
	607	break;
	608	}
	609
	610	return cur;
	611	}
	612
e9c6da38 PF	613	_public_ int sd_radv_set_rdnss(sd_radv *ra, uint32_t lifetime,
	614	const struct in6_addr *dns, size_t n_dns) {
	615	_cleanup_free_ struct sd_radv_opt_dns *opt_rdnss = NULL;
	616	size_t len;
	617
	618	assert_return(ra, -EINVAL);
	619	assert_return(n_dns < 128, -EINVAL);
	620
	621	if (!dns \|\| n_dns == 0) {
	622	ra->rdnss = mfree(ra->rdnss);
	623	ra->n_rdnss = 0;
	624
	625	return 0;
	626	}
	627
	628	len = sizeof(struct sd_radv_opt_dns) + sizeof(struct in6_addr) * n_dns;
	629
	630	opt_rdnss = malloc0(len);
	631	if (!opt_rdnss)
	632	return -ENOMEM;
	633
	634	opt_rdnss->type = SD_RADV_OPT_RDNSS;
	635	opt_rdnss->length = len / 8;
	636	opt_rdnss->lifetime = htobe32(lifetime);
	637
	638	memcpy(opt_rdnss + 1, dns, n_dns * sizeof(struct in6_addr));
	639
1cc6c93a	640	free_and_replace(ra->rdnss, opt_rdnss);
e9c6da38 PF	641
	642	ra->n_rdnss = n_dns;
	643
	644	return 0;
	645	}
	646
e965d6ab PF	647	_public_ int sd_radv_set_dnssl(sd_radv *ra, uint32_t lifetime,
	648	char **search_list) {
	649	_cleanup_free_ struct sd_radv_opt_dns *opt_dnssl = NULL;
	650	size_t len = 0;
	651	char **s;
	652	uint8_t *p;
	653
	654	assert_return(ra, -EINVAL);
	655
97d7974b	656	if (strv_isempty(search_list)) {
e965d6ab	657	ra->dnssl = mfree(ra->dnssl);
e965d6ab PF	658	return 0;
	659	}
	660
	661	STRV_FOREACH(s, search_list)
	662	len += strlen(*s) + 2;
	663
	664	len = (sizeof(struct sd_radv_opt_dns) + len + 7) & ~0x7;
	665
	666	opt_dnssl = malloc0(len);
	667	if (!opt_dnssl)
	668	return -ENOMEM;
	669
	670	opt_dnssl->type = SD_RADV_OPT_DNSSL;
	671	opt_dnssl->length = len / 8;
	672	opt_dnssl->lifetime = htobe32(lifetime);
	673
	674	p = (uint8_t *)(opt_dnssl + 1);
	675	len -= sizeof(struct sd_radv_opt_dns);
	676
	677	STRV_FOREACH(s, search_list) {
	678	int r;
	679
	680	r = dns_name_to_wire_format(*s, p, len, false);
	681	if (r < 0)
	682	return r;
	683
	684	if (len < (size_t)r)
	685	return -ENOBUFS;
	686
	687	p += r;
	688	len -= r;
	689	}
	690
1cc6c93a	691	free_and_replace(ra->dnssl, opt_dnssl);
e965d6ab PF	692
	693	return 0;
	694	}
	695
04473969 PF	696	_public_ int sd_radv_prefix_new(sd_radv_prefix **ret) {
	697	_cleanup_(sd_radv_prefix_unrefp) sd_radv_prefix *p = NULL;
	698
	699	assert_return(ret, -EINVAL);
	700
	701	p = new0(sd_radv_prefix, 1);
	702	if (!p)
	703	return -ENOMEM;
	704
	705	p->n_ref = 1;
	706
	707	p->opt.type = ND_OPT_PREFIX_INFORMATION;
	708	p->opt.length = (sizeof(p->opt) - 1) /8 + 1;
	709
	710	p->opt.prefixlen = 64;
	711
	712	/* RFC 4861, Section 6.2.1 */
	713	SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, true);
	714	SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, true);
	715	p->opt.preferred_lifetime = htobe32(604800);
	716	p->opt.valid_lifetime = htobe32(2592000);
	717
204f99d2 PF	718	LIST_INIT(prefix, p);
204f99d2 PF	719
1cc6c93a	720	*ret = TAKE_PTR(p);
04473969 PF	721
	722	return 0;
	723	}
	724
8301aa0b	725	DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(sd_radv_prefix, sd_radv_prefix, mfree);
04473969	726
f5a5706a	727	_public_ int sd_radv_prefix_set_prefix(sd_radv_prefix p, const struct in6_addr in6_addr,
04473969 PF	728	unsigned char prefixlen) {
	729	assert_return(p, -EINVAL);
	730	assert_return(in6_addr, -EINVAL);
	731
	732	if (prefixlen < 3 \|\| prefixlen > 128)
	733	return -EINVAL;
	734
	735	if (prefixlen > 64)
	736	/* unusual but allowed, log it */
	737	log_radv("Unusual prefix length %d greater than 64", prefixlen);
	738
	739	p->opt.in6_addr = *in6_addr;
	740	p->opt.prefixlen = prefixlen;
	741
	742	return 0;
	743	}
	744
	745	_public_ int sd_radv_prefix_set_onlink(sd_radv_prefix *p, int onlink) {
	746	assert_return(p, -EINVAL);
	747
	748	SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_ONLINK, onlink);
	749
	750	return 0;
	751	}
	752
	753	_public_ int sd_radv_prefix_set_address_autoconfiguration(sd_radv_prefix *p,
	754	int address_autoconfiguration) {
	755	assert_return(p, -EINVAL);
	756
	757	SET_FLAG(p->opt.flags, ND_OPT_PI_FLAG_AUTO, address_autoconfiguration);
	758
	759	return 0;
	760	}
	761
	762	_public_ int sd_radv_prefix_set_valid_lifetime(sd_radv_prefix *p,
	763	uint32_t valid_lifetime) {
	764	assert_return(p, -EINVAL);
	765
	766	p->opt.valid_lifetime = htobe32(valid_lifetime);
	767
	768	return 0;
	769	}
	770
	771	_public_ int sd_radv_prefix_set_preferred_lifetime(sd_radv_prefix *p,
	772	uint32_t preferred_lifetime) {
	773	assert_return(p, -EINVAL);
	774
	775	p->opt.preferred_lifetime = htobe32(preferred_lifetime);
	776
	777	return 0;
	778	}