]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-dhcp-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network: dhcp-server: introduce special value DNS=_server_address
[thirdparty/systemd.git] / src / network / networkd-dhcp-server.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <netinet/in.h>
4 #include <linux/if_arp.h>
5 #include <linux/if.h>
6
7 #include "sd-dhcp-server.h"
8
9 #include "fd-util.h"
10 #include "fileio.h"
11 #include "networkd-address.h"
12 #include "networkd-dhcp-server-bus.h"
13 #include "networkd-dhcp-server-static-lease.h"
14 #include "networkd-dhcp-server.h"
15 #include "networkd-link.h"
16 #include "networkd-manager.h"
17 #include "networkd-network.h"
18 #include "networkd-queue.h"
19 #include "networkd-route-util.h"
20 #include "parse-util.h"
21 #include "socket-netlink.h"
22 #include "string-table.h"
23 #include "string-util.h"
24 #include "strv.h"
25
26 static bool link_dhcp4_server_enabled(Link *link) {
27 assert(link);
28
29 if (link->flags & IFF_LOOPBACK)
30 return false;
31
32 if (!link->network)
33 return false;
34
35 if (link->iftype == ARPHRD_CAN)
36 return false;
37
38 return link->network->dhcp_server;
39 }
40
41 void network_adjust_dhcp_server(Network *network) {
42 assert(network);
43
44 if (!network->dhcp_server)
45 return;
46
47 if (network->bond) {
48 log_warning("%s: DHCPServer= is enabled for bond slave. Disabling DHCP server.",
49 network->filename);
50 network->dhcp_server = false;
51 return;
52 }
53
54 if (!in4_addr_is_set(&network->dhcp_server_address)) {
55 Address *address;
56 bool have = false;
57
58 ORDERED_HASHMAP_FOREACH(address, network->addresses_by_section) {
59 if (section_is_invalid(address->section))
60 continue;
61 if (address->family == AF_INET &&
62 !in4_addr_is_localhost(&address->in_addr.in) &&
63 in4_addr_is_null(&address->in_addr_peer.in)) {
64 have = true;
65 break;
66 }
67 }
68 if (!have) {
69 log_warning("%s: DHCPServer= is enabled, but no static address configured. "
70 "Disabling DHCP server.",
71 network->filename);
72 network->dhcp_server = false;
73 return;
74 }
75 }
76 }
77
78 int link_request_dhcp_server_address(Link *link) {
79 _cleanup_(address_freep) Address *address = NULL;
80 Address *existing;
81 int r;
82
83 assert(link);
84 assert(link->network);
85
86 if (!link_dhcp4_server_enabled(link))
87 return 0;
88
89 if (!in4_addr_is_set(&link->network->dhcp_server_address))
90 return 0;
91
92 r = address_new(&address);
93 if (r < 0)
94 return r;
95
96 address->source = NETWORK_CONFIG_SOURCE_STATIC;
97 address->family = AF_INET;
98 address->in_addr.in = link->network->dhcp_server_address;
99 address->prefixlen = link->network->dhcp_server_address_prefixlen;
100 address_set_broadcast(address);
101
102 if (address_get(link, address, &existing) >= 0 &&
103 address_exists(existing) &&
104 existing->source == NETWORK_CONFIG_SOURCE_STATIC)
105 /* The same address seems explicitly configured in [Address] or [Network] section.
106 * Configure the DHCP server address only when it is not. */
107 return 0;
108
109 return link_request_static_address(link, TAKE_PTR(address), true);
110 }
111
112 static int link_find_dhcp_server_address(Link *link, Address **ret) {
113 Address *address;
114
115 assert(link);
116 assert(link->network);
117
118 /* If ServerAddress= is specified, then use the address. */
119 if (in4_addr_is_set(&link->network->dhcp_server_address))
120 return link_get_ipv4_address(link, &link->network->dhcp_server_address,
121 link->network->dhcp_server_address_prefixlen, ret);
122
123 /* If not, then select one from static addresses. */
124 SET_FOREACH(address, link->addresses) {
125 if (address->source != NETWORK_CONFIG_SOURCE_STATIC)
126 continue;
127 if (!address_exists(address))
128 continue;
129 if (address->family != AF_INET)
130 continue;
131 if (in4_addr_is_localhost(&address->in_addr.in))
132 continue;
133 if (in4_addr_is_set(&address->in_addr_peer.in))
134 continue;
135
136 *ret = address;
137 return 0;
138 }
139
140 return -ENOENT;
141 }
142
143 static int dhcp_server_find_uplink(Link *link, Link **ret) {
144 assert(link);
145
146 if (link->network->dhcp_server_uplink_name)
147 return link_get_by_name(link->manager, link->network->dhcp_server_uplink_name, ret);
148
149 if (link->network->dhcp_server_uplink_index > 0)
150 return link_get_by_index(link->manager, link->network->dhcp_server_uplink_index, ret);
151
152 if (link->network->dhcp_server_uplink_index == UPLINK_INDEX_AUTO) {
153 /* It is not necessary to propagate error in automatic selection. */
154 if (manager_find_uplink(link->manager, AF_INET, link, ret) < 0)
155 *ret = NULL;
156 return 0;
157 }
158
159 *ret = NULL;
160 return 0;
161 }
162
163 static int link_push_uplink_to_dhcp_server(
164 Link *link,
165 sd_dhcp_lease_server_type_t what,
166 sd_dhcp_server *s) {
167
168 _cleanup_free_ struct in_addr *addresses = NULL;
169 bool use_dhcp_lease_data = true;
170 size_t n_addresses = 0;
171
172 assert(link);
173
174 if (!link->network)
175 return 0;
176 assert(link->network);
177
178 log_link_debug(link, "Copying %s from link", dhcp_lease_server_type_to_string(what));
179
180 switch (what) {
181
182 case SD_DHCP_LEASE_DNS:
183 /* For DNS we have a special case. We the data configured explicitly locally along with the
184 * data from the DHCP lease. */
185
186 for (unsigned i = 0; i < link->network->n_dns; i++) {
187 struct in_addr ia;
188
189 /* Only look for IPv4 addresses */
190 if (link->network->dns[i]->family != AF_INET)
191 continue;
192
193 ia = link->network->dns[i]->address.in;
194
195 /* Never propagate obviously borked data */
196 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
197 continue;
198
199 if (!GREEDY_REALLOC(addresses, n_addresses + 1))
200 return log_oom();
201
202 addresses[n_addresses++] = ia;
203 }
204
205 use_dhcp_lease_data = link->network->dhcp_use_dns;
206 break;
207
208 case SD_DHCP_LEASE_NTP: {
209 char **i;
210
211 /* For NTP things are similar, but for NTP hostnames can be configured too, which we cannot
212 * propagate via DHCP. Hence let's only propagate those which are IP addresses. */
213
214 STRV_FOREACH(i, link->network->ntp) {
215 union in_addr_union ia;
216
217 if (in_addr_from_string(AF_INET, *i, &ia) < 0)
218 continue;
219
220 /* Never propagate obviously borked data */
221 if (in4_addr_is_null(&ia.in) || in4_addr_is_localhost(&ia.in))
222 continue;
223
224 if (!GREEDY_REALLOC(addresses, n_addresses + 1))
225 return log_oom();
226
227 addresses[n_addresses++] = ia.in;
228 }
229
230 use_dhcp_lease_data = link->network->dhcp_use_ntp;
231 break;
232 }
233
234 case SD_DHCP_LEASE_SIP:
235
236 /* For SIP we don't allow explicit, local configuration, but there's control whether to use the data */
237 use_dhcp_lease_data = link->network->dhcp_use_sip;
238 break;
239
240 case SD_DHCP_LEASE_POP3:
241 case SD_DHCP_LEASE_SMTP:
242 case SD_DHCP_LEASE_LPR:
243 /* For the other server types we currently do not allow local configuration of server data,
244 * since there are typically no local consumers of the data. */
245 break;
246
247 default:
248 assert_not_reached();
249 }
250
251 if (use_dhcp_lease_data && link->dhcp_lease) {
252 const struct in_addr *da;
253
254 int n = sd_dhcp_lease_get_servers(link->dhcp_lease, what, &da);
255 if (n > 0) {
256 if (!GREEDY_REALLOC(addresses, n_addresses + n))
257 return log_oom();
258
259 for (int j = 0; j < n; j++)
260 if (in4_addr_is_non_local(&da[j]))
261 addresses[n_addresses++] = da[j];
262 }
263 }
264
265 if (n_addresses <= 0)
266 return 0;
267
268 return sd_dhcp_server_set_servers(s, what, addresses, n_addresses);
269 }
270
271 static int dhcp4_server_parse_dns_server_string_and_warn(
272 const char *string,
273 struct in_addr **addresses,
274 size_t *n_addresses) {
275
276 for (;;) {
277 _cleanup_free_ char *word = NULL, *server_name = NULL;
278 union in_addr_union address;
279 int family, r, ifindex = 0;
280
281 r = extract_first_word(&string, &word, NULL, 0);
282 if (r < 0)
283 return r;
284 if (r == 0)
285 break;
286
287 r = in_addr_ifindex_name_from_string_auto(word, &family, &address, &ifindex, &server_name);
288 if (r < 0) {
289 log_warning_errno(r, "Failed to parse DNS server address '%s', ignoring: %m", word);
290 continue;
291 }
292
293 /* Only look for IPv4 addresses */
294 if (family != AF_INET)
295 continue;
296
297 /* Never propagate obviously borked data */
298 if (in4_addr_is_null(&address.in) || in4_addr_is_localhost(&address.in))
299 continue;
300
301 if (!GREEDY_REALLOC(*addresses, *n_addresses + 1))
302 return log_oom();
303
304 (*addresses)[(*n_addresses)++] = address.in;
305 }
306
307 return 0;
308 }
309
310 static int dhcp4_server_set_dns_from_resolve_conf(Link *link) {
311 _cleanup_free_ struct in_addr *addresses = NULL;
312 _cleanup_fclose_ FILE *f = NULL;
313 size_t n_addresses = 0;
314 int n = 0, r;
315
316 f = fopen(PRIVATE_UPLINK_RESOLV_CONF, "re");
317 if (!f) {
318 if (errno == ENOENT)
319 return 0;
320
321 return log_warning_errno(errno, "Failed to open " PRIVATE_UPLINK_RESOLV_CONF ": %m");
322 }
323
324 for (;;) {
325 _cleanup_free_ char *line = NULL;
326 const char *a;
327 char *l;
328
329 r = read_line(f, LONG_LINE_MAX, &line);
330 if (r < 0)
331 return log_error_errno(r, "Failed to read " PRIVATE_UPLINK_RESOLV_CONF ": %m");
332 if (r == 0)
333 break;
334
335 n++;
336
337 l = strstrip(line);
338 if (IN_SET(*l, '#', ';', 0))
339 continue;
340
341 a = first_word(l, "nameserver");
342 if (!a)
343 continue;
344
345 r = dhcp4_server_parse_dns_server_string_and_warn(a, &addresses, &n_addresses);
346 if (r < 0)
347 log_warning_errno(r, "Failed to parse DNS server address '%s', ignoring.", a);
348 }
349
350 if (n_addresses <= 0)
351 return 0;
352
353 return sd_dhcp_server_set_dns(link->dhcp_server, addresses, n_addresses);
354 }
355
356 static int dhcp4_server_configure(Link *link) {
357 bool acquired_uplink = false;
358 sd_dhcp_option *p;
359 DHCPStaticLease *static_lease;
360 Link *uplink = NULL;
361 Address *address;
362 bool bind_to_interface;
363 int r;
364
365 assert(link);
366
367 log_link_debug(link, "Configuring DHCP Server.");
368
369 if (link->dhcp_server)
370 return -EBUSY;
371
372 r = sd_dhcp_server_new(&link->dhcp_server, link->ifindex);
373 if (r < 0)
374 return r;
375
376 r = sd_dhcp_server_attach_event(link->dhcp_server, link->manager->event, 0);
377 if (r < 0)
378 return r;
379
380 r = sd_dhcp_server_set_callback(link->dhcp_server, dhcp_server_callback, link);
381 if (r < 0)
382 return log_link_warning_errno(link, r, "Failed to set callback for DHCPv4 server instance: %m");
383
384 r = link_find_dhcp_server_address(link, &address);
385 if (r < 0)
386 return log_link_error_errno(link, r, "Failed to find suitable address for DHCPv4 server instance: %m");
387
388 /* use the server address' subnet as the pool */
389 r = sd_dhcp_server_configure_pool(link->dhcp_server, &address->in_addr.in, address->prefixlen,
390 link->network->dhcp_server_pool_offset, link->network->dhcp_server_pool_size);
391 if (r < 0)
392 return log_link_error_errno(link, r, "Failed to configure address pool for DHCPv4 server instance: %m");
393
394 if (link->network->dhcp_server_max_lease_time_usec > 0) {
395 r = sd_dhcp_server_set_max_lease_time(link->dhcp_server,
396 DIV_ROUND_UP(link->network->dhcp_server_max_lease_time_usec, USEC_PER_SEC));
397 if (r < 0)
398 return log_link_error_errno(link, r, "Failed to set maximum lease time for DHCPv4 server instance: %m");
399 }
400
401 if (link->network->dhcp_server_default_lease_time_usec > 0) {
402 r = sd_dhcp_server_set_default_lease_time(link->dhcp_server,
403 DIV_ROUND_UP(link->network->dhcp_server_default_lease_time_usec, USEC_PER_SEC));
404 if (r < 0)
405 return log_link_error_errno(link, r, "Failed to set default lease time for DHCPv4 server instance: %m");
406 }
407
408 for (sd_dhcp_lease_server_type_t type = 0; type < _SD_DHCP_LEASE_SERVER_TYPE_MAX; type ++) {
409
410 if (!link->network->dhcp_server_emit[type].emit)
411 continue;
412
413 if (link->network->dhcp_server_emit[type].n_addresses > 0)
414 /* Explicitly specified servers to emit */
415 r = sd_dhcp_server_set_servers(
416 link->dhcp_server,
417 type,
418 link->network->dhcp_server_emit[type].addresses,
419 link->network->dhcp_server_emit[type].n_addresses);
420 else {
421 /* Emission is requested, but nothing explicitly configured. Let's find a suitable upling */
422 if (!acquired_uplink) {
423 (void) dhcp_server_find_uplink(link, &uplink);
424 acquired_uplink = true;
425 }
426
427 if (uplink && uplink->network)
428 r = link_push_uplink_to_dhcp_server(uplink, type, link->dhcp_server);
429 else if (type == SD_DHCP_LEASE_DNS)
430 r = dhcp4_server_set_dns_from_resolve_conf(link);
431 else {
432 log_link_debug(link,
433 "Not emitting %s on link, couldn't find suitable uplink.",
434 dhcp_lease_server_type_to_string(type));
435 continue;
436 }
437 }
438
439 if (r < 0)
440 log_link_warning_errno(link, r,
441 "Failed to set %s for DHCP server, ignoring: %m",
442 dhcp_lease_server_type_to_string(type));
443 }
444
445 if (link->network->dhcp_server_emit_router) {
446 r = sd_dhcp_server_set_router(link->dhcp_server, &link->network->dhcp_server_router);
447 if (r < 0)
448 return log_link_error_errno(link, r, "Failed to set router address for DHCP server: %m");
449 }
450
451 r = sd_dhcp_server_set_relay_target(link->dhcp_server, &link->network->dhcp_server_relay_target);
452 if (r < 0)
453 return log_link_error_errno(link, r, "Failed to set relay target for DHCP server: %m");
454
455 bind_to_interface = sd_dhcp_server_is_in_relay_mode(link->dhcp_server) ? false : link->network->dhcp_server_bind_to_interface;
456 r = sd_dhcp_server_set_bind_to_interface(link->dhcp_server, bind_to_interface);
457 if (r < 0)
458 return log_link_error_errno(link, r, "Failed to set interface binding for DHCP server: %m");
459
460 r = sd_dhcp_server_set_relay_agent_information(link->dhcp_server, link->network->dhcp_server_relay_agent_circuit_id, link->network->dhcp_server_relay_agent_remote_id);
461 if (r < 0)
462 return log_link_error_errno(link, r, "Failed to set agent circuit/remote id for DHCP server: %m");
463
464 if (link->network->dhcp_server_emit_timezone) {
465 _cleanup_free_ char *buffer = NULL;
466 const char *tz = NULL;
467
468 if (link->network->dhcp_server_timezone)
469 tz = link->network->dhcp_server_timezone;
470 else {
471 r = get_timezone(&buffer);
472 if (r < 0)
473 log_link_warning_errno(link, r, "Failed to determine timezone, not sending timezone: %m");
474 else
475 tz = buffer;
476 }
477
478 if (tz) {
479 r = sd_dhcp_server_set_timezone(link->dhcp_server, tz);
480 if (r < 0)
481 return log_link_error_errno(link, r, "Failed to set timezone for DHCP server: %m");
482 }
483 }
484
485 ORDERED_HASHMAP_FOREACH(p, link->network->dhcp_server_send_options) {
486 r = sd_dhcp_server_add_option(link->dhcp_server, p);
487 if (r == -EEXIST)
488 continue;
489 if (r < 0)
490 return log_link_error_errno(link, r, "Failed to set DHCPv4 option: %m");
491 }
492
493 ORDERED_HASHMAP_FOREACH(p, link->network->dhcp_server_send_vendor_options) {
494 r = sd_dhcp_server_add_vendor_option(link->dhcp_server, p);
495 if (r == -EEXIST)
496 continue;
497 if (r < 0)
498 return log_link_error_errno(link, r, "Failed to set DHCPv4 option: %m");
499 }
500
501 HASHMAP_FOREACH(static_lease, link->network->dhcp_static_leases_by_section) {
502 r = sd_dhcp_server_set_static_lease(link->dhcp_server, &static_lease->address, static_lease->client_id, static_lease->client_id_size);
503 if (r < 0)
504 return log_link_error_errno(link, r, "Failed to set DHCPv4 static lease for DHCP server: %m");
505 }
506
507 r = sd_dhcp_server_start(link->dhcp_server);
508 if (r < 0)
509 return log_link_error_errno(link, r, "Could not start DHCPv4 server instance: %m");
510
511 log_link_debug(link, "Offering DHCPv4 leases");
512
513 return 1;
514 }
515
516 int link_request_dhcp_server(Link *link) {
517 assert(link);
518
519 if (!link_dhcp4_server_enabled(link))
520 return 0;
521
522 if (link->dhcp_server)
523 return 0;
524
525 log_link_debug(link, "Requesting DHCP server.");
526 return link_queue_request(link, REQUEST_TYPE_DHCP_SERVER, NULL, false, NULL, NULL, NULL);
527 }
528
529 static bool dhcp_server_is_ready_to_configure(Link *link) {
530 Link *uplink = NULL;
531 Address *a;
532
533 assert(link);
534
535 if (!link->network)
536 return false;
537
538 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
539 return false;
540
541 if (link->set_flags_messages > 0)
542 return false;
543
544 if (!link_has_carrier(link))
545 return false;
546
547 if (!link->static_addresses_configured)
548 return false;
549
550 if (link_find_dhcp_server_address(link, &a) < 0)
551 return false;
552
553 if (!address_is_ready(a))
554 return false;
555
556 if (dhcp_server_find_uplink(link, &uplink) < 0)
557 return false;
558
559 if (uplink && !uplink->network)
560 return false;
561
562 return true;
563 }
564
565 int request_process_dhcp_server(Request *req) {
566 assert(req);
567 assert(req->link);
568 assert(req->type == REQUEST_TYPE_DHCP_SERVER);
569
570 if (!dhcp_server_is_ready_to_configure(req->link))
571 return 0;
572
573 return dhcp4_server_configure(req->link);
574 }
575
576 int config_parse_dhcp_server_relay_agent_suboption(
577 const char *unit,
578 const char *filename,
579 unsigned line,
580 const char *section,
581 unsigned section_line,
582 const char *lvalue,
583 int ltype,
584 const char *rvalue,
585 void *data,
586 void *userdata) {
587
588 char **suboption_value = data;
589 char* p;
590
591 assert(filename);
592 assert(lvalue);
593 assert(rvalue);
594
595 if (isempty(rvalue)) {
596 *suboption_value = mfree(*suboption_value);
597 return 0;
598 }
599
600 p = startswith(rvalue, "string:");
601 if (!p) {
602 log_syntax(unit, LOG_WARNING, filename, line, 0,
603 "Failed to parse %s=%s'. Invalid format, ignoring.", lvalue, rvalue);
604 return 0;
605 }
606 return free_and_strdup(suboption_value, empty_to_null(p));
607 }
608
609 int config_parse_dhcp_server_emit(
610 const char *unit,
611 const char *filename,
612 unsigned line,
613 const char *section,
614 unsigned section_line,
615 const char *lvalue,
616 int ltype,
617 const char *rvalue,
618 void *data,
619 void *userdata) {
620
621 NetworkDHCPServerEmitAddress *emit = data;
622
623 assert(emit);
624 assert(rvalue);
625
626 for (const char *p = rvalue;;) {
627 _cleanup_free_ char *w = NULL;
628 union in_addr_union a;
629 int r;
630
631 r = extract_first_word(&p, &w, NULL, 0);
632 if (r == -ENOMEM)
633 return log_oom();
634 if (r < 0) {
635 log_syntax(unit, LOG_WARNING, filename, line, r,
636 "Failed to extract word, ignoring: %s", rvalue);
637 return 0;
638 }
639 if (r == 0)
640 return 0;
641
642 if (streq(w, "_server_address"))
643 a = IN_ADDR_NULL; /* null address will be converted to the server address. */
644 else {
645 r = in_addr_from_string(AF_INET, w, &a);
646 if (r < 0) {
647 log_syntax(unit, LOG_WARNING, filename, line, r,
648 "Failed to parse %s= address '%s', ignoring: %m", lvalue, w);
649 continue;
650 }
651
652 if (in4_addr_is_null(&a.in)) {
653 log_syntax(unit, LOG_WARNING, filename, line, 0,
654 "Found a null address in %s=, ignoring.", lvalue);
655 continue;
656 }
657 }
658
659 if (!GREEDY_REALLOC(emit->addresses, emit->n_addresses + 1))
660 return log_oom();
661
662 emit->addresses[emit->n_addresses++] = a.in;
663 }
664 }
665
666 int config_parse_dhcp_server_address(
667 const char *unit,
668 const char *filename,
669 unsigned line,
670 const char *section,
671 unsigned section_line,
672 const char *lvalue,
673 int ltype,
674 const char *rvalue,
675 void *data,
676 void *userdata) {
677
678 Network *network = userdata;
679 union in_addr_union a;
680 unsigned char prefixlen;
681 int r;
682
683 assert(filename);
684 assert(lvalue);
685 assert(rvalue);
686
687 if (isempty(rvalue)) {
688 network->dhcp_server_address = (struct in_addr) {};
689 network->dhcp_server_address_prefixlen = 0;
690 return 0;
691 }
692
693 r = in_addr_prefix_from_string(rvalue, AF_INET, &a, &prefixlen);
694 if (r < 0) {
695 log_syntax(unit, LOG_WARNING, filename, line, r,
696 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
697 return 0;
698 }
699 if (in4_addr_is_null(&a.in) || in4_addr_is_localhost(&a.in)) {
700 log_syntax(unit, LOG_WARNING, filename, line, 0,
701 "DHCP server address cannot be the ANY address or a localhost address, "
702 "ignoring assignment: %s", rvalue);
703 return 0;
704 }
705
706 network->dhcp_server_address = a.in;
707 network->dhcp_server_address_prefixlen = prefixlen;
708 return 0;
709 }
Unnamed repository; edit this file 'description' to name the repository.