]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/networkd-dhcp-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #22331 from yuwata/network-xfrm-interface-id
[thirdparty/systemd.git] / src / network / networkd-dhcp-server.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <netinet/in.h>
4 #include <linux/if_arp.h>
5 #include <linux/if.h>
6
7 #include "sd-dhcp-server.h"
8
9 #include "fd-util.h"
10 #include "fileio.h"
11 #include "networkd-address.h"
12 #include "networkd-dhcp-server-bus.h"
13 #include "networkd-dhcp-server-static-lease.h"
14 #include "networkd-dhcp-server.h"
15 #include "networkd-link.h"
16 #include "networkd-manager.h"
17 #include "networkd-network.h"
18 #include "networkd-queue.h"
19 #include "networkd-route-util.h"
20 #include "parse-util.h"
21 #include "socket-netlink.h"
22 #include "string-table.h"
23 #include "string-util.h"
24 #include "strv.h"
25
26 static bool link_dhcp4_server_enabled(Link *link) {
27 assert(link);
28
29 if (link->flags & IFF_LOOPBACK)
30 return false;
31
32 if (!link->network)
33 return false;
34
35 if (link->iftype == ARPHRD_CAN)
36 return false;
37
38 return link->network->dhcp_server;
39 }
40
41 void network_adjust_dhcp_server(Network *network) {
42 assert(network);
43
44 if (!network->dhcp_server)
45 return;
46
47 if (network->bond) {
48 log_warning("%s: DHCPServer= is enabled for bond slave. Disabling DHCP server.",
49 network->filename);
50 network->dhcp_server = false;
51 return;
52 }
53
54 if (!in4_addr_is_set(&network->dhcp_server_address)) {
55 Address *address;
56 bool have = false;
57
58 ORDERED_HASHMAP_FOREACH(address, network->addresses_by_section) {
59 if (section_is_invalid(address->section))
60 continue;
61
62 if (address->family != AF_INET)
63 continue;
64
65 if (in4_addr_is_localhost(&address->in_addr.in))
66 continue;
67
68 if (in4_addr_is_link_local(&address->in_addr.in))
69 continue;
70
71 if (in4_addr_is_set(&address->in_addr_peer.in))
72 continue;
73
74 have = true;
75 break;
76 }
77 if (!have) {
78 log_warning("%s: DHCPServer= is enabled, but no static address configured. "
79 "Disabling DHCP server.",
80 network->filename);
81 network->dhcp_server = false;
82 return;
83 }
84 }
85 }
86
87 int link_request_dhcp_server_address(Link *link) {
88 _cleanup_(address_freep) Address *address = NULL;
89 Address *existing;
90 int r;
91
92 assert(link);
93 assert(link->network);
94
95 if (!link_dhcp4_server_enabled(link))
96 return 0;
97
98 if (!in4_addr_is_set(&link->network->dhcp_server_address))
99 return 0;
100
101 r = address_new(&address);
102 if (r < 0)
103 return r;
104
105 address->source = NETWORK_CONFIG_SOURCE_STATIC;
106 address->family = AF_INET;
107 address->in_addr.in = link->network->dhcp_server_address;
108 address->prefixlen = link->network->dhcp_server_address_prefixlen;
109 address_set_broadcast(address);
110
111 if (address_get(link, address, &existing) >= 0 &&
112 address_exists(existing) &&
113 existing->source == NETWORK_CONFIG_SOURCE_STATIC)
114 /* The same address seems explicitly configured in [Address] or [Network] section.
115 * Configure the DHCP server address only when it is not. */
116 return 0;
117
118 return link_request_static_address(link, TAKE_PTR(address), true);
119 }
120
121 static int link_find_dhcp_server_address(Link *link, Address **ret) {
122 Address *address;
123
124 assert(link);
125 assert(link->network);
126
127 /* If ServerAddress= is specified, then use the address. */
128 if (in4_addr_is_set(&link->network->dhcp_server_address))
129 return link_get_ipv4_address(link, &link->network->dhcp_server_address,
130 link->network->dhcp_server_address_prefixlen, ret);
131
132 /* If not, then select one from static addresses. */
133 SET_FOREACH(address, link->addresses) {
134 if (address->source != NETWORK_CONFIG_SOURCE_STATIC)
135 continue;
136 if (!address_exists(address))
137 continue;
138 if (address->family != AF_INET)
139 continue;
140 if (in4_addr_is_localhost(&address->in_addr.in))
141 continue;
142 if (in4_addr_is_link_local(&address->in_addr.in))
143 continue;
144 if (in4_addr_is_set(&address->in_addr_peer.in))
145 continue;
146
147 *ret = address;
148 return 0;
149 }
150
151 return -ENOENT;
152 }
153
154 static int dhcp_server_find_uplink(Link *link, Link **ret) {
155 assert(link);
156
157 if (link->network->dhcp_server_uplink_name)
158 return link_get_by_name(link->manager, link->network->dhcp_server_uplink_name, ret);
159
160 if (link->network->dhcp_server_uplink_index > 0)
161 return link_get_by_index(link->manager, link->network->dhcp_server_uplink_index, ret);
162
163 if (link->network->dhcp_server_uplink_index == UPLINK_INDEX_AUTO) {
164 /* It is not necessary to propagate error in automatic selection. */
165 if (manager_find_uplink(link->manager, AF_INET, link, ret) < 0)
166 *ret = NULL;
167 return 0;
168 }
169
170 *ret = NULL;
171 return 0;
172 }
173
174 static int link_push_uplink_to_dhcp_server(
175 Link *link,
176 sd_dhcp_lease_server_type_t what,
177 sd_dhcp_server *s) {
178
179 _cleanup_free_ struct in_addr *addresses = NULL;
180 bool use_dhcp_lease_data = true;
181 size_t n_addresses = 0;
182
183 assert(link);
184
185 if (!link->network)
186 return 0;
187 assert(link->network);
188
189 log_link_debug(link, "Copying %s from link", dhcp_lease_server_type_to_string(what));
190
191 switch (what) {
192
193 case SD_DHCP_LEASE_DNS:
194 /* For DNS we have a special case. We the data configured explicitly locally along with the
195 * data from the DHCP lease. */
196
197 for (unsigned i = 0; i < link->network->n_dns; i++) {
198 struct in_addr ia;
199
200 /* Only look for IPv4 addresses */
201 if (link->network->dns[i]->family != AF_INET)
202 continue;
203
204 ia = link->network->dns[i]->address.in;
205
206 /* Never propagate obviously borked data */
207 if (in4_addr_is_null(&ia) || in4_addr_is_localhost(&ia))
208 continue;
209
210 if (!GREEDY_REALLOC(addresses, n_addresses + 1))
211 return log_oom();
212
213 addresses[n_addresses++] = ia;
214 }
215
216 use_dhcp_lease_data = link->network->dhcp_use_dns;
217 break;
218
219 case SD_DHCP_LEASE_NTP: {
220 char **i;
221
222 /* For NTP things are similar, but for NTP hostnames can be configured too, which we cannot
223 * propagate via DHCP. Hence let's only propagate those which are IP addresses. */
224
225 STRV_FOREACH(i, link->network->ntp) {
226 union in_addr_union ia;
227
228 if (in_addr_from_string(AF_INET, *i, &ia) < 0)
229 continue;
230
231 /* Never propagate obviously borked data */
232 if (in4_addr_is_null(&ia.in) || in4_addr_is_localhost(&ia.in))
233 continue;
234
235 if (!GREEDY_REALLOC(addresses, n_addresses + 1))
236 return log_oom();
237
238 addresses[n_addresses++] = ia.in;
239 }
240
241 use_dhcp_lease_data = link->network->dhcp_use_ntp;
242 break;
243 }
244
245 case SD_DHCP_LEASE_SIP:
246
247 /* For SIP we don't allow explicit, local configuration, but there's control whether to use the data */
248 use_dhcp_lease_data = link->network->dhcp_use_sip;
249 break;
250
251 case SD_DHCP_LEASE_POP3:
252 case SD_DHCP_LEASE_SMTP:
253 case SD_DHCP_LEASE_LPR:
254 /* For the other server types we currently do not allow local configuration of server data,
255 * since there are typically no local consumers of the data. */
256 break;
257
258 default:
259 assert_not_reached();
260 }
261
262 if (use_dhcp_lease_data && link->dhcp_lease) {
263 const struct in_addr *da;
264
265 int n = sd_dhcp_lease_get_servers(link->dhcp_lease, what, &da);
266 if (n > 0) {
267 if (!GREEDY_REALLOC(addresses, n_addresses + n))
268 return log_oom();
269
270 for (int j = 0; j < n; j++)
271 if (in4_addr_is_non_local(&da[j]))
272 addresses[n_addresses++] = da[j];
273 }
274 }
275
276 if (n_addresses <= 0)
277 return 0;
278
279 return sd_dhcp_server_set_servers(s, what, addresses, n_addresses);
280 }
281
282 static int dhcp4_server_parse_dns_server_string_and_warn(
283 const char *string,
284 struct in_addr **addresses,
285 size_t *n_addresses) {
286
287 for (;;) {
288 _cleanup_free_ char *word = NULL, *server_name = NULL;
289 union in_addr_union address;
290 int family, r, ifindex = 0;
291
292 r = extract_first_word(&string, &word, NULL, 0);
293 if (r < 0)
294 return r;
295 if (r == 0)
296 break;
297
298 r = in_addr_ifindex_name_from_string_auto(word, &family, &address, &ifindex, &server_name);
299 if (r < 0) {
300 log_warning_errno(r, "Failed to parse DNS server address '%s', ignoring: %m", word);
301 continue;
302 }
303
304 /* Only look for IPv4 addresses */
305 if (family != AF_INET)
306 continue;
307
308 /* Never propagate obviously borked data */
309 if (in4_addr_is_null(&address.in) || in4_addr_is_localhost(&address.in))
310 continue;
311
312 if (!GREEDY_REALLOC(*addresses, *n_addresses + 1))
313 return log_oom();
314
315 (*addresses)[(*n_addresses)++] = address.in;
316 }
317
318 return 0;
319 }
320
321 static int dhcp4_server_set_dns_from_resolve_conf(Link *link) {
322 _cleanup_free_ struct in_addr *addresses = NULL;
323 _cleanup_fclose_ FILE *f = NULL;
324 size_t n_addresses = 0;
325 int n = 0, r;
326
327 f = fopen(PRIVATE_UPLINK_RESOLV_CONF, "re");
328 if (!f) {
329 if (errno == ENOENT)
330 return 0;
331
332 return log_warning_errno(errno, "Failed to open " PRIVATE_UPLINK_RESOLV_CONF ": %m");
333 }
334
335 for (;;) {
336 _cleanup_free_ char *line = NULL;
337 const char *a;
338 char *l;
339
340 r = read_line(f, LONG_LINE_MAX, &line);
341 if (r < 0)
342 return log_error_errno(r, "Failed to read " PRIVATE_UPLINK_RESOLV_CONF ": %m");
343 if (r == 0)
344 break;
345
346 n++;
347
348 l = strstrip(line);
349 if (IN_SET(*l, '#', ';', 0))
350 continue;
351
352 a = first_word(l, "nameserver");
353 if (!a)
354 continue;
355
356 r = dhcp4_server_parse_dns_server_string_and_warn(a, &addresses, &n_addresses);
357 if (r < 0)
358 log_warning_errno(r, "Failed to parse DNS server address '%s', ignoring.", a);
359 }
360
361 if (n_addresses <= 0)
362 return 0;
363
364 return sd_dhcp_server_set_dns(link->dhcp_server, addresses, n_addresses);
365 }
366
367 static int dhcp4_server_configure(Link *link) {
368 bool acquired_uplink = false;
369 sd_dhcp_option *p;
370 DHCPStaticLease *static_lease;
371 Link *uplink = NULL;
372 Address *address;
373 bool bind_to_interface;
374 int r;
375
376 assert(link);
377
378 log_link_debug(link, "Configuring DHCP Server.");
379
380 if (link->dhcp_server)
381 return -EBUSY;
382
383 r = sd_dhcp_server_new(&link->dhcp_server, link->ifindex);
384 if (r < 0)
385 return r;
386
387 r = sd_dhcp_server_attach_event(link->dhcp_server, link->manager->event, 0);
388 if (r < 0)
389 return r;
390
391 r = sd_dhcp_server_set_callback(link->dhcp_server, dhcp_server_callback, link);
392 if (r < 0)
393 return log_link_warning_errno(link, r, "Failed to set callback for DHCPv4 server instance: %m");
394
395 r = link_find_dhcp_server_address(link, &address);
396 if (r < 0)
397 return log_link_error_errno(link, r, "Failed to find suitable address for DHCPv4 server instance: %m");
398
399 /* use the server address' subnet as the pool */
400 r = sd_dhcp_server_configure_pool(link->dhcp_server, &address->in_addr.in, address->prefixlen,
401 link->network->dhcp_server_pool_offset, link->network->dhcp_server_pool_size);
402 if (r < 0)
403 return log_link_error_errno(link, r, "Failed to configure address pool for DHCPv4 server instance: %m");
404
405 /* TODO:
406 r = sd_dhcp_server_set_router(link->dhcp_server, &main_address->in_addr.in);
407 if (r < 0)
408 return r;
409 */
410
411 if (link->network->dhcp_server_max_lease_time_usec > 0) {
412 r = sd_dhcp_server_set_max_lease_time(link->dhcp_server,
413 DIV_ROUND_UP(link->network->dhcp_server_max_lease_time_usec, USEC_PER_SEC));
414 if (r < 0)
415 return log_link_error_errno(link, r, "Failed to set maximum lease time for DHCPv4 server instance: %m");
416 }
417
418 if (link->network->dhcp_server_default_lease_time_usec > 0) {
419 r = sd_dhcp_server_set_default_lease_time(link->dhcp_server,
420 DIV_ROUND_UP(link->network->dhcp_server_default_lease_time_usec, USEC_PER_SEC));
421 if (r < 0)
422 return log_link_error_errno(link, r, "Failed to set default lease time for DHCPv4 server instance: %m");
423 }
424
425 for (sd_dhcp_lease_server_type_t type = 0; type < _SD_DHCP_LEASE_SERVER_TYPE_MAX; type ++) {
426
427 if (!link->network->dhcp_server_emit[type].emit)
428 continue;
429
430 if (link->network->dhcp_server_emit[type].n_addresses > 0)
431 /* Explicitly specified servers to emit */
432 r = sd_dhcp_server_set_servers(
433 link->dhcp_server,
434 type,
435 link->network->dhcp_server_emit[type].addresses,
436 link->network->dhcp_server_emit[type].n_addresses);
437 else {
438 /* Emission is requested, but nothing explicitly configured. Let's find a suitable upling */
439 if (!acquired_uplink) {
440 (void) dhcp_server_find_uplink(link, &uplink);
441 acquired_uplink = true;
442 }
443
444 if (uplink && uplink->network)
445 r = link_push_uplink_to_dhcp_server(uplink, type, link->dhcp_server);
446 else if (type == SD_DHCP_LEASE_DNS)
447 r = dhcp4_server_set_dns_from_resolve_conf(link);
448 else {
449 log_link_debug(link,
450 "Not emitting %s on link, couldn't find suitable uplink.",
451 dhcp_lease_server_type_to_string(type));
452 continue;
453 }
454 }
455
456 if (r < 0)
457 log_link_warning_errno(link, r,
458 "Failed to set %s for DHCP server, ignoring: %m",
459 dhcp_lease_server_type_to_string(type));
460 }
461
462 if (link->network->dhcp_server_emit_router) {
463 r = sd_dhcp_server_set_router(link->dhcp_server, &link->network->dhcp_server_router);
464 if (r < 0)
465 return log_link_error_errno(link, r, "Failed to set router address for DHCP server: %m");
466 }
467
468 r = sd_dhcp_server_set_relay_target(link->dhcp_server, &link->network->dhcp_server_relay_target);
469 if (r < 0)
470 return log_link_error_errno(link, r, "Failed to set relay target for DHCP server: %m");
471
472 bind_to_interface = sd_dhcp_server_is_in_relay_mode(link->dhcp_server) ? false : link->network->dhcp_server_bind_to_interface;
473 r = sd_dhcp_server_set_bind_to_interface(link->dhcp_server, bind_to_interface);
474 if (r < 0)
475 return log_link_error_errno(link, r, "Failed to set interface binding for DHCP server: %m");
476
477 r = sd_dhcp_server_set_relay_agent_information(link->dhcp_server, link->network->dhcp_server_relay_agent_circuit_id, link->network->dhcp_server_relay_agent_remote_id);
478 if (r < 0)
479 return log_link_error_errno(link, r, "Failed to set agent circuit/remote id for DHCP server: %m");
480
481 if (link->network->dhcp_server_emit_timezone) {
482 _cleanup_free_ char *buffer = NULL;
483 const char *tz = NULL;
484
485 if (link->network->dhcp_server_timezone)
486 tz = link->network->dhcp_server_timezone;
487 else {
488 r = get_timezone(&buffer);
489 if (r < 0)
490 log_link_warning_errno(link, r, "Failed to determine timezone, not sending timezone: %m");
491 else
492 tz = buffer;
493 }
494
495 if (tz) {
496 r = sd_dhcp_server_set_timezone(link->dhcp_server, tz);
497 if (r < 0)
498 return log_link_error_errno(link, r, "Failed to set timezone for DHCP server: %m");
499 }
500 }
501
502 ORDERED_HASHMAP_FOREACH(p, link->network->dhcp_server_send_options) {
503 r = sd_dhcp_server_add_option(link->dhcp_server, p);
504 if (r == -EEXIST)
505 continue;
506 if (r < 0)
507 return log_link_error_errno(link, r, "Failed to set DHCPv4 option: %m");
508 }
509
510 ORDERED_HASHMAP_FOREACH(p, link->network->dhcp_server_send_vendor_options) {
511 r = sd_dhcp_server_add_vendor_option(link->dhcp_server, p);
512 if (r == -EEXIST)
513 continue;
514 if (r < 0)
515 return log_link_error_errno(link, r, "Failed to set DHCPv4 option: %m");
516 }
517
518 HASHMAP_FOREACH(static_lease, link->network->dhcp_static_leases_by_section) {
519 r = sd_dhcp_server_set_static_lease(link->dhcp_server, &static_lease->address, static_lease->client_id, static_lease->client_id_size);
520 if (r < 0)
521 return log_link_error_errno(link, r, "Failed to set DHCPv4 static lease for DHCP server: %m");
522 }
523
524 r = sd_dhcp_server_start(link->dhcp_server);
525 if (r < 0)
526 return log_link_error_errno(link, r, "Could not start DHCPv4 server instance: %m");
527
528 log_link_debug(link, "Offering DHCPv4 leases");
529
530 return 1;
531 }
532
533 int link_request_dhcp_server(Link *link) {
534 assert(link);
535
536 if (!link_dhcp4_server_enabled(link))
537 return 0;
538
539 if (link->dhcp_server)
540 return 0;
541
542 log_link_debug(link, "Requesting DHCP server.");
543 return link_queue_request(link, REQUEST_TYPE_DHCP_SERVER, NULL, false, NULL, NULL, NULL);
544 }
545
546 static bool dhcp_server_is_ready_to_configure(Link *link) {
547 Link *uplink = NULL;
548 Address *a;
549
550 assert(link);
551
552 if (!link->network)
553 return false;
554
555 if (!IN_SET(link->state, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
556 return false;
557
558 if (link->set_flags_messages > 0)
559 return false;
560
561 if (!link_has_carrier(link))
562 return false;
563
564 if (!link->static_addresses_configured)
565 return false;
566
567 if (link_find_dhcp_server_address(link, &a) < 0)
568 return false;
569
570 if (!address_is_ready(a))
571 return false;
572
573 if (dhcp_server_find_uplink(link, &uplink) < 0)
574 return false;
575
576 if (uplink && !uplink->network)
577 return false;
578
579 return true;
580 }
581
582 int request_process_dhcp_server(Request *req) {
583 assert(req);
584 assert(req->link);
585 assert(req->type == REQUEST_TYPE_DHCP_SERVER);
586
587 if (!dhcp_server_is_ready_to_configure(req->link))
588 return 0;
589
590 return dhcp4_server_configure(req->link);
591 }
592
593 int config_parse_dhcp_server_relay_agent_suboption(
594 const char *unit,
595 const char *filename,
596 unsigned line,
597 const char *section,
598 unsigned section_line,
599 const char *lvalue,
600 int ltype,
601 const char *rvalue,
602 void *data,
603 void *userdata) {
604
605 char **suboption_value = data;
606 char* p;
607
608 assert(filename);
609 assert(lvalue);
610 assert(rvalue);
611
612 if (isempty(rvalue)) {
613 *suboption_value = mfree(*suboption_value);
614 return 0;
615 }
616
617 p = startswith(rvalue, "string:");
618 if (!p) {
619 log_syntax(unit, LOG_WARNING, filename, line, 0,
620 "Failed to parse %s=%s'. Invalid format, ignoring.", lvalue, rvalue);
621 return 0;
622 }
623 return free_and_strdup(suboption_value, empty_to_null(p));
624 }
625
626 int config_parse_dhcp_server_emit(
627 const char *unit,
628 const char *filename,
629 unsigned line,
630 const char *section,
631 unsigned section_line,
632 const char *lvalue,
633 int ltype,
634 const char *rvalue,
635 void *data,
636 void *userdata) {
637
638 NetworkDHCPServerEmitAddress *emit = data;
639
640 assert(emit);
641 assert(rvalue);
642
643 for (const char *p = rvalue;;) {
644 _cleanup_free_ char *w = NULL;
645 union in_addr_union a;
646 int r;
647
648 r = extract_first_word(&p, &w, NULL, 0);
649 if (r == -ENOMEM)
650 return log_oom();
651 if (r < 0) {
652 log_syntax(unit, LOG_WARNING, filename, line, r,
653 "Failed to extract word, ignoring: %s", rvalue);
654 return 0;
655 }
656 if (r == 0)
657 return 0;
658
659 r = in_addr_from_string(AF_INET, w, &a);
660 if (r < 0) {
661 log_syntax(unit, LOG_WARNING, filename, line, r,
662 "Failed to parse %s= address '%s', ignoring: %m", lvalue, w);
663 continue;
664 }
665
666 struct in_addr *m = reallocarray(emit->addresses, emit->n_addresses + 1, sizeof(struct in_addr));
667 if (!m)
668 return log_oom();
669
670 emit->addresses = m;
671 emit->addresses[emit->n_addresses++] = a.in;
672 }
673 }
674
675 int config_parse_dhcp_server_address(
676 const char *unit,
677 const char *filename,
678 unsigned line,
679 const char *section,
680 unsigned section_line,
681 const char *lvalue,
682 int ltype,
683 const char *rvalue,
684 void *data,
685 void *userdata) {
686
687 Network *network = userdata;
688 union in_addr_union a;
689 unsigned char prefixlen;
690 int r;
691
692 assert(filename);
693 assert(lvalue);
694 assert(rvalue);
695
696 if (isempty(rvalue)) {
697 network->dhcp_server_address = (struct in_addr) {};
698 network->dhcp_server_address_prefixlen = 0;
699 return 0;
700 }
701
702 r = in_addr_prefix_from_string(rvalue, AF_INET, &a, &prefixlen);
703 if (r < 0) {
704 log_syntax(unit, LOG_WARNING, filename, line, r,
705 "Failed to parse %s=, ignoring assignment: %s", lvalue, rvalue);
706 return 0;
707 }
708 if (in4_addr_is_null(&a.in) || in4_addr_is_localhost(&a.in)) {
709 log_syntax(unit, LOG_WARNING, filename, line, 0,
710 "DHCP server address cannot be the ANY address or a localhost address, "
711 "ignoring assignment: %s", rvalue);
712 return 0;
713 }
714
715 network->dhcp_server_address = a.in;
716 network->dhcp_server_address_prefixlen = prefixlen;
717 return 0;
718 }
Unnamed repository; edit this file 'description' to name the repository.