[thirdparty/systemd.git] / src / libsystemd-network / dhcp-packet.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */
/***
  Copyright © 2013 Intel Corporation. All rights reserved.
***/

#include <net/if_arp.h>
#include <string.h>

#include "dhcp-option.h"
#include "dhcp-packet.h"
#include "log.h"
#include "memory-util.h"

#define DHCP_CLIENT_MIN_OPTIONS_SIZE            312

int bootp_message_init(
                DHCPMessage *message,
                uint8_t op,
                uint32_t xid,
                uint16_t arp_type,
                uint8_t hlen,
                const uint8_t *chaddr) {

        assert(message);
        assert(IN_SET(op, BOOTREQUEST, BOOTREPLY));
        assert(chaddr || hlen == 0);

        message->op = op;
        message->htype = arp_type;

        /* RFC2131 section 4.1.1:
           The client MUST include its hardware address in the ’chaddr’ field, if
           necessary for delivery of DHCP reply messages.

           RFC 4390 section 2.1:
           A DHCP client, when working over an IPoIB interface, MUST follow the
           following rules:
           "htype" (hardware address type) MUST be 32 [ARPPARAM].
           "hlen" (hardware address length) MUST be 0.
           "chaddr" (client hardware address) field MUST be zeroed.
         */
        message->hlen = arp_type == ARPHRD_INFINIBAND ? 0 : hlen;
        memcpy_safe(message->chaddr, chaddr, message->hlen);

        message->xid = htobe32(xid);
        message->magic = htobe32(DHCP_MAGIC_COOKIE);

        return 0;
}

int dhcp_message_init(
                DHCPMessage *message,
                uint8_t op,
                uint32_t xid,
                uint16_t arp_type,
                uint8_t hlen,
                const uint8_t *chaddr,
                uint8_t type,
                size_t optlen,
                size_t *ret_optoffset) {

        size_t offset = 0;
        int r;

        assert(message);
        assert(chaddr || hlen == 0);
        assert(ret_optoffset);

        r = bootp_message_init(message, op, xid, arp_type, hlen, chaddr);
        if (r < 0)
                return r;

        r = dhcp_option_append(message, optlen, &offset, 0,
                               SD_DHCP_OPTION_MESSAGE_TYPE, 1, &type);
        if (r < 0)
                return r;

        *ret_optoffset = offset;
        return 0;
}

uint16_t dhcp_packet_checksum(uint8_t *buf, size_t len) {
        uint64_t *buf_64 = (uint64_t*)buf;
        uint64_t *end_64 = buf_64 + (len / sizeof(uint64_t));
        uint64_t sum = 0;

        /* See RFC1071 */

        while (buf_64 < end_64) {
                sum += *buf_64;
                if (sum < *buf_64)
                        /* wrap around in one's complement */
                        sum++;

                buf_64++;
        }

        if (len % sizeof(uint64_t)) {
                /* If the buffer is not aligned to 64-bit, we need
                   to zero-pad the last few bytes and add them in */
                uint64_t buf_tail = 0;

                memcpy(&buf_tail, buf_64, len % sizeof(uint64_t));

                sum += buf_tail;
                if (sum < buf_tail)
                        /* wrap around */
                        sum++;
        }

        while (sum >> 16)
                sum = (sum & 0xffff) + (sum >> 16);

        return ~sum;
}

void dhcp_packet_append_ip_headers(DHCPPacket *packet, be32_t source_addr,
                                   uint16_t source_port, be32_t destination_addr,
                                   uint16_t destination_port, uint16_t len, int ip_service_type) {
        packet->ip.version = IPVERSION;
        packet->ip.ihl = DHCP_IP_SIZE / 4;
        packet->ip.tot_len = htobe16(len);

        if (ip_service_type >= 0)
                packet->ip.tos = ip_service_type;
        else
                packet->ip.tos = IPTOS_CLASS_CS6;

        packet->ip.protocol = IPPROTO_UDP;
        packet->ip.saddr = source_addr;
        packet->ip.daddr = destination_addr;

        packet->udp.source = htobe16(source_port);
        packet->udp.dest = htobe16(destination_port);

        packet->udp.len = htobe16(len - DHCP_IP_SIZE);

        packet->ip.check = packet->udp.len;
        packet->udp.check = dhcp_packet_checksum((uint8_t*)&packet->ip.ttl, len - 8);

        packet->ip.ttl = IPDEFTTL;
        packet->ip.check = 0;
        packet->ip.check = dhcp_packet_checksum((uint8_t*)&packet->ip, DHCP_IP_SIZE);
}

int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, uint16_t port) {
        size_t hdrlen;

        assert(packet);

        if (len < sizeof(DHCPPacket))
                return 0;

        /* IP */

        if (packet->ip.version != IPVERSION)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: not IPv4");

        if (packet->ip.ihl < 5)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: IPv4 IHL (%i words) invalid",
                                       packet->ip.ihl);

        hdrlen = packet->ip.ihl * 4;
        if (hdrlen < 20)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: IPv4 IHL (%zu bytes) smaller than minimum (20 bytes)",
                                       hdrlen);

        if (len < hdrlen)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by IP header",
                                       len, hdrlen);

        /* UDP */

        if (packet->ip.protocol != IPPROTO_UDP)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: not UDP");

        if (len < hdrlen + be16toh(packet->udp.len))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: packet (%zu bytes) smaller than expected (%zu) by UDP header",
                                       len, hdrlen + be16toh(packet->udp.len));

        if (be16toh(packet->udp.dest) != port)
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: to port %u, which is not the DHCP client port (%u)",
                                       be16toh(packet->udp.dest), port);

        /* checksums - computing these is relatively expensive, so only do it
           if all the other checks have passed
         */

        if (dhcp_packet_checksum((uint8_t*)&packet->ip, hdrlen))
                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "ignoring packet: invalid IP checksum");

        if (checksum && packet->udp.check) {
                packet->ip.check = packet->udp.len;
                packet->ip.ttl = 0;

                if (dhcp_packet_checksum((uint8_t*)&packet->ip.ttl,
                                  be16toh(packet->udp.len) + 12))
                        return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "ignoring packet: invalid UDP checksum");
        }

        return 0;
}
Commit	Line	Data
	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
	2	/***
	3	Copyright © 2013 Intel Corporation. All rights reserved.
	4	***/
	5
	6	#include <net/if_arp.h>
	7	#include <string.h>
	8
	9	#include "dhcp-option.h"
	10	#include "dhcp-packet.h"
	11	#include "log.h"
	12	#include "memory-util.h"
	13
	14	#define DHCP_CLIENT_MIN_OPTIONS_SIZE 312
	15
	16	int bootp_message_init(
	17	DHCPMessage *message,
	18	uint8_t op,
	19	uint32_t xid,
	20	uint16_t arp_type,
	21	uint8_t hlen,
	22	const uint8_t *chaddr) {
	23
	24	assert(message);
	25	assert(IN_SET(op, BOOTREQUEST, BOOTREPLY));
	26	assert(chaddr \|\| hlen == 0);
	27
	28	message->op = op;
	29	message->htype = arp_type;
	30
	31	/* RFC2131 section 4.1.1:
	32	The client MUST include its hardware address in the ’chaddr’ field, if
	33	necessary for delivery of DHCP reply messages.
	34
	35	RFC 4390 section 2.1:
	36	A DHCP client, when working over an IPoIB interface, MUST follow the
	37	following rules:
	38	"htype" (hardware address type) MUST be 32 [ARPPARAM].
	39	"hlen" (hardware address length) MUST be 0.
	40	"chaddr" (client hardware address) field MUST be zeroed.
	41	*/
	42	message->hlen = arp_type == ARPHRD_INFINIBAND ? 0 : hlen;
	43	memcpy_safe(message->chaddr, chaddr, message->hlen);
	44
	45	message->xid = htobe32(xid);
	46	message->magic = htobe32(DHCP_MAGIC_COOKIE);
	47
	48	return 0;
	49	}
	50
	51	int dhcp_message_init(
	52	DHCPMessage *message,
	53	uint8_t op,
	54	uint32_t xid,
	55	uint16_t arp_type,
	56	uint8_t hlen,
	57	const uint8_t *chaddr,
	58	uint8_t type,
	59	size_t optlen,
	60	size_t *ret_optoffset) {
	61
	62	size_t offset = 0;
	63	int r;
	64
	65	assert(message);
	66	assert(chaddr \|\| hlen == 0);
	67	assert(ret_optoffset);
	68
	69	r = bootp_message_init(message, op, xid, arp_type, hlen, chaddr);
	70	if (r < 0)
	71	return r;
	72
	73	r = dhcp_option_append(message, optlen, &offset, 0,
	74	SD_DHCP_OPTION_MESSAGE_TYPE, 1, &type);
	75	if (r < 0)
	76	return r;
	77
	78	*ret_optoffset = offset;
	79	return 0;
	80	}
	81
	82	uint16_t dhcp_packet_checksum(uint8_t *buf, size_t len) {
	83	uint64_t buf_64 = (uint64_t)buf;
	84	uint64_t *end_64 = buf_64 + (len / sizeof(uint64_t));
	85	uint64_t sum = 0;
	86
	87	/* See RFC1071 */
	88
	89	while (buf_64 < end_64) {
	90	sum += *buf_64;
	91	if (sum < *buf_64)
	92	/* wrap around in one's complement */
	93	sum++;
	94
	95	buf_64++;
	96	}
	97
	98	if (len % sizeof(uint64_t)) {
	99	/* If the buffer is not aligned to 64-bit, we need
	100	to zero-pad the last few bytes and add them in */
	101	uint64_t buf_tail = 0;
	102
	103	memcpy(&buf_tail, buf_64, len % sizeof(uint64_t));
	104
	105	sum += buf_tail;
	106	if (sum < buf_tail)
	107	/* wrap around */
	108	sum++;
	109	}
	110
	111	while (sum >> 16)
	112	sum = (sum & 0xffff) + (sum >> 16);
	113
	114	return ~sum;
	115	}
	116
	117	void dhcp_packet_append_ip_headers(DHCPPacket *packet, be32_t source_addr,
	118	uint16_t source_port, be32_t destination_addr,
	119	uint16_t destination_port, uint16_t len, int ip_service_type) {
	120	packet->ip.version = IPVERSION;
	121	packet->ip.ihl = DHCP_IP_SIZE / 4;
	122	packet->ip.tot_len = htobe16(len);
	123
	124	if (ip_service_type >= 0)
	125	packet->ip.tos = ip_service_type;
	126	else
	127	packet->ip.tos = IPTOS_CLASS_CS6;
	128
	129	packet->ip.protocol = IPPROTO_UDP;
	130	packet->ip.saddr = source_addr;
	131	packet->ip.daddr = destination_addr;
	132
	133	packet->udp.source = htobe16(source_port);
	134	packet->udp.dest = htobe16(destination_port);
	135
	136	packet->udp.len = htobe16(len - DHCP_IP_SIZE);
	137
	138	packet->ip.check = packet->udp.len;
	139	packet->udp.check = dhcp_packet_checksum((uint8_t*)&packet->ip.ttl, len - 8);
	140
	141	packet->ip.ttl = IPDEFTTL;
	142	packet->ip.check = 0;
	143	packet->ip.check = dhcp_packet_checksum((uint8_t*)&packet->ip, DHCP_IP_SIZE);
	144	}
	145
	146	int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum, uint16_t port) {
	147	size_t hdrlen;
	148
	149	assert(packet);
	150
	151	if (len < sizeof(DHCPPacket))
	152	return 0;
	153
	154	/* IP */
	155
	156	if (packet->ip.version != IPVERSION)
	157	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	158	"ignoring packet: not IPv4");
	159
	160	if (packet->ip.ihl < 5)
	161	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	162	"ignoring packet: IPv4 IHL (%i words) invalid",
	163	packet->ip.ihl);
	164
	165	hdrlen = packet->ip.ihl * 4;
	166	if (hdrlen < 20)
	167	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	168	"ignoring packet: IPv4 IHL (%zu bytes) smaller than minimum (20 bytes)",
	169	hdrlen);
	170
	171	if (len < hdrlen)
	172	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	173	"ignoring packet: packet (%zu bytes) smaller than expected (%zu) by IP header",
	174	len, hdrlen);
	175
	176	/* UDP */
	177
	178	if (packet->ip.protocol != IPPROTO_UDP)
	179	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	180	"ignoring packet: not UDP");
	181
	182	if (len < hdrlen + be16toh(packet->udp.len))
	183	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	184	"ignoring packet: packet (%zu bytes) smaller than expected (%zu) by UDP header",
	185	len, hdrlen + be16toh(packet->udp.len));
	186
	187	if (be16toh(packet->udp.dest) != port)
	188	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	189	"ignoring packet: to port %u, which is not the DHCP client port (%u)",
	190	be16toh(packet->udp.dest), port);
	191
	192	/* checksums - computing these is relatively expensive, so only do it
	193	if all the other checks have passed
	194	*/
	195
	196	if (dhcp_packet_checksum((uint8_t*)&packet->ip, hdrlen))
	197	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	198	"ignoring packet: invalid IP checksum");
	199
	200	if (checksum && packet->udp.check) {
	201	packet->ip.check = packet->udp.len;
	202	packet->ip.ttl = 0;
	203
	204	if (dhcp_packet_checksum((uint8_t*)&packet->ip.ttl,
	205	be16toh(packet->udp.len) + 12))
	206	return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
	207	"ignoring packet: invalid UDP checksum");
	208	}
	209
	210	return 0;
	211	}