]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
a13c50e7 | 2 | /*** |
810adae9 | 3 | Copyright © 2014 Intel Corporation. All rights reserved. |
a13c50e7 TG |
4 | ***/ |
5 | ||
9d96e6c3 | 6 | #include <netinet/icmp6.h> |
23f53b99 | 7 | #include <arpa/inet.h> |
a13c50e7 | 8 | |
a13c50e7 TG |
9 | #include "sd-ndisc.h" |
10 | ||
1e7a0e21 | 11 | #include "networkd-ndisc.h" |
23f53b99 | 12 | #include "networkd-route.h" |
51517f9e | 13 | #include "strv.h" |
1e7a0e21 LP |
14 | |
15 | #define NDISC_DNSSL_MAX 64U | |
16 | #define NDISC_RDNSS_MAX 64U | |
6554550f | 17 | #define NDISC_PREFIX_LFT_MIN 7200U |
fe307276 | 18 | |
c6de4729 | 19 | static int ndisc_route_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { |
1046bf9b | 20 | Link *link = userdata; |
3b015d40 TG |
21 | int r; |
22 | ||
23 | assert(link); | |
24 | assert(link->ndisc_messages > 0); | |
25 | ||
313cefa1 | 26 | link->ndisc_messages--; |
3b015d40 TG |
27 | |
28 | r = sd_netlink_message_get_errno(m); | |
7f676aa3 | 29 | if (r < 0 && r != -EEXIST) |
3b015d40 | 30 | log_link_error_errno(link, r, "Could not set NDisc route or address: %m"); |
3b015d40 TG |
31 | |
32 | if (link->ndisc_messages == 0) { | |
33 | link->ndisc_configured = true; | |
34 | link_check_ready(link); | |
35 | } | |
36 | ||
37 | return 1; | |
38 | } | |
39 | ||
d5017c84 | 40 | static int ndisc_router_process_default(Link *link, sd_ndisc_router *rt) { |
8e766630 | 41 | _cleanup_(route_freep) Route *route = NULL; |
1e7a0e21 LP |
42 | struct in6_addr gateway; |
43 | uint16_t lifetime; | |
44 | unsigned preference; | |
d6fceaf1 | 45 | uint32_t mtu; |
3b015d40 TG |
46 | usec_t time_now; |
47 | int r; | |
6d7c7615 PF |
48 | Address *address; |
49 | Iterator i; | |
3b015d40 | 50 | |
3b015d40 | 51 | assert(link); |
1e7a0e21 | 52 | assert(rt); |
3b015d40 | 53 | |
1e7a0e21 | 54 | r = sd_ndisc_router_get_lifetime(rt, &lifetime); |
d5017c84 YW |
55 | if (r < 0) |
56 | return log_link_warning_errno(link, r, "Failed to get gateway address from RA: %m"); | |
57 | ||
1e7a0e21 | 58 | if (lifetime == 0) /* not a default router */ |
d5017c84 | 59 | return 0; |
1e7a0e21 LP |
60 | |
61 | r = sd_ndisc_router_get_address(rt, &gateway); | |
d5017c84 YW |
62 | if (r < 0) |
63 | return log_link_warning_errno(link, r, "Failed to get gateway address from RA: %m"); | |
1e7a0e21 | 64 | |
d5017c84 YW |
65 | SET_FOREACH(address, link->addresses, i) |
66 | if (!memcmp(&gateway, &address->in_addr.in6, sizeof(address->in_addr.in6))) { | |
6d7c7615 PF |
67 | char buffer[INET6_ADDRSTRLEN]; |
68 | ||
69 | log_link_debug(link, "No NDisc route added, gateway %s matches local address", | |
70 | inet_ntop(AF_INET6, | |
71 | &address->in_addr.in6, | |
72 | buffer, sizeof(buffer))); | |
d5017c84 | 73 | return 0; |
6d7c7615 | 74 | } |
6d7c7615 | 75 | |
d5017c84 YW |
76 | SET_FOREACH(address, link->addresses_foreign, i) |
77 | if (!memcmp(&gateway, &address->in_addr.in6, sizeof(address->in_addr.in6))) { | |
6d7c7615 PF |
78 | char buffer[INET6_ADDRSTRLEN]; |
79 | ||
80 | log_link_debug(link, "No NDisc route added, gateway %s matches local address", | |
81 | inet_ntop(AF_INET6, | |
82 | &address->in_addr.in6, | |
83 | buffer, sizeof(buffer))); | |
d5017c84 | 84 | return 0; |
6d7c7615 | 85 | } |
6d7c7615 | 86 | |
1e7a0e21 | 87 | r = sd_ndisc_router_get_preference(rt, &preference); |
d5017c84 YW |
88 | if (r < 0) |
89 | return log_link_warning_errno(link, r, "Failed to get default router preference from RA: %m"); | |
1e7a0e21 LP |
90 | |
91 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); | |
d5017c84 YW |
92 | if (r < 0) |
93 | return log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
1e7a0e21 | 94 | |
d6fceaf1 | 95 | r = sd_ndisc_router_get_mtu(rt, &mtu); |
29b5ad08 JT |
96 | if (r == -ENODATA) |
97 | mtu = 0; | |
d5017c84 YW |
98 | else if (r < 0) |
99 | return log_link_warning_errno(link, r, "Failed to get default router MTU from RA: %m"); | |
d6fceaf1 | 100 | |
1e7a0e21 | 101 | r = route_new(&route); |
d5017c84 YW |
102 | if (r < 0) |
103 | return log_link_error_errno(link, r, "Could not allocate route: %m"); | |
1e7a0e21 LP |
104 | |
105 | route->family = AF_INET6; | |
2ba31d29 | 106 | route->table = link->network->ipv6_accept_ra_route_table; |
91b8fd3c | 107 | route->priority = link->network->dhcp_route_metric; |
1e7a0e21 LP |
108 | route->protocol = RTPROT_RA; |
109 | route->pref = preference; | |
110 | route->gw.in6 = gateway; | |
111 | route->lifetime = time_now + lifetime * USEC_PER_SEC; | |
d6fceaf1 | 112 | route->mtu = mtu; |
1e7a0e21 | 113 | |
c6de4729 | 114 | r = route_configure(route, link, ndisc_route_handler); |
1e7a0e21 LP |
115 | if (r < 0) { |
116 | log_link_warning_errno(link, r, "Could not set default route: %m"); | |
117 | link_enter_failed(link); | |
d5017c84 | 118 | return r; |
1e7a0e21 LP |
119 | } |
120 | ||
121 | link->ndisc_messages++; | |
d5017c84 YW |
122 | |
123 | return 0; | |
1e7a0e21 LP |
124 | } |
125 | ||
d5017c84 | 126 | static int ndisc_router_process_autonomous_prefix(Link *link, sd_ndisc_router *rt) { |
8e766630 | 127 | _cleanup_(address_freep) Address *address = NULL; |
6554550f HW |
128 | Address *existing_address; |
129 | uint32_t lifetime_valid, lifetime_preferred, lifetime_remaining; | |
130 | usec_t time_now; | |
1e7a0e21 LP |
131 | unsigned prefixlen; |
132 | int r; | |
133 | ||
134 | assert(link); | |
135 | assert(rt); | |
136 | ||
6554550f | 137 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); |
d5017c84 YW |
138 | if (r < 0) |
139 | return log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
6554550f | 140 | |
1e7a0e21 | 141 | r = sd_ndisc_router_prefix_get_prefixlen(rt, &prefixlen); |
d5017c84 YW |
142 | if (r < 0) |
143 | return log_link_error_errno(link, r, "Failed to get prefix length: %m"); | |
1e7a0e21 LP |
144 | |
145 | r = sd_ndisc_router_prefix_get_valid_lifetime(rt, &lifetime_valid); | |
d5017c84 YW |
146 | if (r < 0) |
147 | return log_link_error_errno(link, r, "Failed to get prefix valid lifetime: %m"); | |
1e7a0e21 LP |
148 | |
149 | r = sd_ndisc_router_prefix_get_preferred_lifetime(rt, &lifetime_preferred); | |
d5017c84 YW |
150 | if (r < 0) |
151 | return log_link_error_errno(link, r, "Failed to get prefix preferred lifetime: %m"); | |
3b015d40 | 152 | |
92bdc3ff SS |
153 | /* The preferred lifetime is never greater than the valid lifetime */ |
154 | if (lifetime_preferred > lifetime_valid) | |
d5017c84 | 155 | return 0; |
92bdc3ff | 156 | |
3b015d40 | 157 | r = address_new(&address); |
d5017c84 YW |
158 | if (r < 0) |
159 | return log_link_error_errno(link, r, "Could not allocate address: %m"); | |
3b015d40 | 160 | |
3b015d40 | 161 | address->family = AF_INET6; |
1e7a0e21 | 162 | r = sd_ndisc_router_prefix_get_address(rt, &address->in_addr.in6); |
d5017c84 YW |
163 | if (r < 0) |
164 | return log_link_error_errno(link, r, "Failed to get prefix address: %m"); | |
1e7a0e21 | 165 | |
3b015d40 | 166 | if (in_addr_is_null(AF_INET6, (const union in_addr_union *) &link->network->ipv6_token) == 0) |
fb84d896 | 167 | memcpy(((char *)&address->in_addr.in6) + 8, ((char *)&link->network->ipv6_token) + 8, 8); |
3b015d40 | 168 | else { |
fe307276 | 169 | /* see RFC4291 section 2.5.1 */ |
3a437557 NM |
170 | address->in_addr.in6.s6_addr[8] = link->mac.ether_addr_octet[0]; |
171 | address->in_addr.in6.s6_addr[8] ^= 1 << 1; | |
172 | address->in_addr.in6.s6_addr[9] = link->mac.ether_addr_octet[1]; | |
173 | address->in_addr.in6.s6_addr[10] = link->mac.ether_addr_octet[2]; | |
174 | address->in_addr.in6.s6_addr[11] = 0xff; | |
175 | address->in_addr.in6.s6_addr[12] = 0xfe; | |
176 | address->in_addr.in6.s6_addr[13] = link->mac.ether_addr_octet[3]; | |
177 | address->in_addr.in6.s6_addr[14] = link->mac.ether_addr_octet[4]; | |
178 | address->in_addr.in6.s6_addr[15] = link->mac.ether_addr_octet[5]; | |
3b015d40 TG |
179 | } |
180 | address->prefixlen = prefixlen; | |
f217be19 | 181 | address->flags = IFA_F_NOPREFIXROUTE|IFA_F_MANAGETEMPADDR; |
3b015d40 | 182 | address->cinfo.ifa_prefered = lifetime_preferred; |
6554550f HW |
183 | |
184 | /* see RFC4862 section 5.5.3.e */ | |
185 | r = address_get(link, address->family, &address->in_addr, address->prefixlen, &existing_address); | |
186 | if (r > 0) { | |
187 | lifetime_remaining = existing_address->cinfo.tstamp / 100 + existing_address->cinfo.ifa_valid - time_now / USEC_PER_SEC; | |
188 | if (lifetime_valid > NDISC_PREFIX_LFT_MIN || lifetime_valid > lifetime_remaining) | |
189 | address->cinfo.ifa_valid = lifetime_valid; | |
190 | else if (lifetime_remaining <= NDISC_PREFIX_LFT_MIN) | |
191 | address->cinfo.ifa_valid = lifetime_remaining; | |
192 | else | |
193 | address->cinfo.ifa_valid = NDISC_PREFIX_LFT_MIN; | |
194 | } else if (lifetime_valid > 0) | |
195 | address->cinfo.ifa_valid = lifetime_valid; | |
196 | else | |
d5017c84 | 197 | return 0; /* see RFC4862 section 5.5.3.d */ |
6554550f HW |
198 | |
199 | if (address->cinfo.ifa_valid == 0) | |
d5017c84 | 200 | return 0; |
3b015d40 | 201 | |
c6de4729 | 202 | r = address_configure(address, link, ndisc_route_handler, true); |
3b015d40 TG |
203 | if (r < 0) { |
204 | log_link_warning_errno(link, r, "Could not set SLAAC address: %m"); | |
205 | link_enter_failed(link); | |
d5017c84 | 206 | return r; |
3b015d40 TG |
207 | } |
208 | ||
313cefa1 | 209 | link->ndisc_messages++; |
d5017c84 YW |
210 | |
211 | return 0; | |
3b015d40 TG |
212 | } |
213 | ||
d5017c84 | 214 | static int ndisc_router_process_onlink_prefix(Link *link, sd_ndisc_router *rt) { |
8e766630 | 215 | _cleanup_(route_freep) Route *route = NULL; |
3b015d40 | 216 | usec_t time_now; |
1e7a0e21 LP |
217 | uint32_t lifetime; |
218 | unsigned prefixlen; | |
3b015d40 TG |
219 | int r; |
220 | ||
3b015d40 | 221 | assert(link); |
1e7a0e21 | 222 | assert(rt); |
3b015d40 | 223 | |
1e7a0e21 | 224 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); |
d5017c84 YW |
225 | if (r < 0) |
226 | return log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
1e7a0e21 LP |
227 | |
228 | r = sd_ndisc_router_prefix_get_prefixlen(rt, &prefixlen); | |
d5017c84 YW |
229 | if (r < 0) |
230 | return log_link_error_errno(link, r, "Failed to get prefix length: %m"); | |
1e7a0e21 LP |
231 | |
232 | r = sd_ndisc_router_prefix_get_valid_lifetime(rt, &lifetime); | |
d5017c84 YW |
233 | if (r < 0) |
234 | return log_link_error_errno(link, r, "Failed to get prefix lifetime: %m"); | |
3b015d40 TG |
235 | |
236 | r = route_new(&route); | |
d5017c84 YW |
237 | if (r < 0) |
238 | return log_link_error_errno(link, r, "Could not allocate route: %m"); | |
3b015d40 | 239 | |
3b015d40 | 240 | route->family = AF_INET6; |
2ba31d29 | 241 | route->table = link->network->ipv6_accept_ra_route_table; |
91b8fd3c | 242 | route->priority = link->network->dhcp_route_metric; |
3b015d40 TG |
243 | route->protocol = RTPROT_RA; |
244 | route->flags = RTM_F_PREFIX; | |
3b015d40 TG |
245 | route->dst_prefixlen = prefixlen; |
246 | route->lifetime = time_now + lifetime * USEC_PER_SEC; | |
247 | ||
1e7a0e21 | 248 | r = sd_ndisc_router_prefix_get_address(rt, &route->dst.in6); |
d5017c84 YW |
249 | if (r < 0) |
250 | return log_link_error_errno(link, r, "Failed to get prefix address: %m"); | |
1e7a0e21 | 251 | |
c6de4729 | 252 | r = route_configure(route, link, ndisc_route_handler); |
3b015d40 TG |
253 | if (r < 0) { |
254 | log_link_warning_errno(link, r, "Could not set prefix route: %m"); | |
255 | link_enter_failed(link); | |
d5017c84 | 256 | return r; |
3b015d40 TG |
257 | } |
258 | ||
313cefa1 | 259 | link->ndisc_messages++; |
d5017c84 YW |
260 | |
261 | return 0; | |
3b015d40 TG |
262 | } |
263 | ||
d5017c84 | 264 | static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) { |
8e766630 | 265 | _cleanup_(route_freep) Route *route = NULL; |
1e7a0e21 LP |
266 | struct in6_addr gateway; |
267 | uint32_t lifetime; | |
268 | unsigned preference, prefixlen; | |
fe307276 | 269 | usec_t time_now; |
7a695d8e | 270 | int r; |
a13c50e7 TG |
271 | |
272 | assert(link); | |
a13c50e7 | 273 | |
1e7a0e21 | 274 | r = sd_ndisc_router_route_get_lifetime(rt, &lifetime); |
d5017c84 YW |
275 | if (r < 0) |
276 | return log_link_warning_errno(link, r, "Failed to get gateway address from RA: %m"); | |
277 | ||
1e7a0e21 | 278 | if (lifetime == 0) |
d5017c84 | 279 | return 0; |
a13c50e7 | 280 | |
1e7a0e21 | 281 | r = sd_ndisc_router_get_address(rt, &gateway); |
d5017c84 YW |
282 | if (r < 0) |
283 | return log_link_warning_errno(link, r, "Failed to get gateway address from RA: %m"); | |
3b015d40 | 284 | |
1e7a0e21 | 285 | r = sd_ndisc_router_route_get_prefixlen(rt, &prefixlen); |
d5017c84 YW |
286 | if (r < 0) |
287 | return log_link_warning_errno(link, r, "Failed to get route prefix length: %m"); | |
1e7a0e21 LP |
288 | |
289 | r = sd_ndisc_router_route_get_preference(rt, &preference); | |
d5017c84 YW |
290 | if (r < 0) |
291 | return log_link_warning_errno(link, r, "Failed to get default router preference from RA: %m"); | |
1e7a0e21 LP |
292 | |
293 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); | |
d5017c84 YW |
294 | if (r < 0) |
295 | return log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
3b015d40 TG |
296 | |
297 | r = route_new(&route); | |
d5017c84 YW |
298 | if (r < 0) |
299 | return log_link_error_errno(link, r, "Could not allocate route: %m"); | |
3b015d40 | 300 | |
3b015d40 | 301 | route->family = AF_INET6; |
2ba31d29 | 302 | route->table = link->network->ipv6_accept_ra_route_table; |
3b015d40 | 303 | route->protocol = RTPROT_RA; |
1e7a0e21 LP |
304 | route->pref = preference; |
305 | route->gw.in6 = gateway; | |
306 | route->dst_prefixlen = prefixlen; | |
3b015d40 TG |
307 | route->lifetime = time_now + lifetime * USEC_PER_SEC; |
308 | ||
1e7a0e21 | 309 | r = sd_ndisc_router_route_get_address(rt, &route->dst.in6); |
d5017c84 YW |
310 | if (r < 0) |
311 | return log_link_error_errno(link, r, "Failed to get route address: %m"); | |
1e7a0e21 | 312 | |
c6de4729 | 313 | r = route_configure(route, link, ndisc_route_handler); |
3b015d40 | 314 | if (r < 0) { |
1e7a0e21 | 315 | log_link_warning_errno(link, r, "Could not set additional route: %m"); |
3b015d40 | 316 | link_enter_failed(link); |
d5017c84 | 317 | return r; |
3b015d40 TG |
318 | } |
319 | ||
313cefa1 | 320 | link->ndisc_messages++; |
d5017c84 YW |
321 | |
322 | return 0; | |
9d96e6c3 | 323 | } |
a13c50e7 | 324 | |
7a08d314 | 325 | static void ndisc_rdnss_hash_func(const NDiscRDNSS *x, struct siphash *state) { |
1e7a0e21 LP |
326 | siphash24_compress(&x->address, sizeof(x->address), state); |
327 | } | |
328 | ||
7a08d314 | 329 | static int ndisc_rdnss_compare_func(const NDiscRDNSS *a, const NDiscRDNSS *b) { |
1e7a0e21 LP |
330 | return memcmp(&a->address, &b->address, sizeof(a->address)); |
331 | } | |
332 | ||
7a08d314 | 333 | DEFINE_PRIVATE_HASH_OPS(ndisc_rdnss_hash_ops, NDiscRDNSS, ndisc_rdnss_hash_func, ndisc_rdnss_compare_func); |
1e7a0e21 | 334 | |
d5017c84 | 335 | static int ndisc_router_process_rdnss(Link *link, sd_ndisc_router *rt) { |
1e7a0e21 LP |
336 | uint32_t lifetime; |
337 | const struct in6_addr *a; | |
338 | usec_t time_now; | |
339 | int i, n, r; | |
340 | ||
341 | assert(link); | |
342 | assert(rt); | |
343 | ||
344 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); | |
d5017c84 YW |
345 | if (r < 0) |
346 | return log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
1e7a0e21 LP |
347 | |
348 | r = sd_ndisc_router_rdnss_get_lifetime(rt, &lifetime); | |
d5017c84 YW |
349 | if (r < 0) |
350 | return log_link_warning_errno(link, r, "Failed to get RDNSS lifetime: %m"); | |
1e7a0e21 LP |
351 | |
352 | n = sd_ndisc_router_rdnss_get_addresses(rt, &a); | |
d5017c84 YW |
353 | if (n < 0) |
354 | return log_link_warning_errno(link, n, "Failed to get RDNSS addresses: %m"); | |
1e7a0e21 LP |
355 | |
356 | for (i = 0; i < n; i++) { | |
d5017c84 | 357 | _cleanup_free_ NDiscRDNSS *x = NULL; |
1e7a0e21 | 358 | NDiscRDNSS d = { |
d5017c84 YW |
359 | .address = a[i], |
360 | }, *y; | |
1e7a0e21 LP |
361 | |
362 | if (lifetime == 0) { | |
363 | (void) set_remove(link->ndisc_rdnss, &d); | |
364 | link_dirty(link); | |
365 | continue; | |
366 | } | |
367 | ||
d5017c84 YW |
368 | y = set_get(link->ndisc_rdnss, &d); |
369 | if (y) { | |
370 | y->valid_until = time_now + lifetime * USEC_PER_SEC; | |
1e7a0e21 LP |
371 | continue; |
372 | } | |
373 | ||
374 | ndisc_vacuum(link); | |
375 | ||
376 | if (set_size(link->ndisc_rdnss) >= NDISC_RDNSS_MAX) { | |
377 | log_link_warning(link, "Too many RDNSS records per link, ignoring."); | |
378 | continue; | |
379 | } | |
380 | ||
381 | r = set_ensure_allocated(&link->ndisc_rdnss, &ndisc_rdnss_hash_ops); | |
d5017c84 YW |
382 | if (r < 0) |
383 | return log_oom(); | |
1e7a0e21 | 384 | |
d5017c84 YW |
385 | x = new(NDiscRDNSS, 1); |
386 | if (!x) | |
387 | return log_oom(); | |
1e7a0e21 | 388 | |
d5017c84 YW |
389 | *x = (NDiscRDNSS) { |
390 | .address = a[i], | |
391 | .valid_until = time_now + lifetime * USEC_PER_SEC, | |
392 | }; | |
1e7a0e21 LP |
393 | |
394 | r = set_put(link->ndisc_rdnss, x); | |
d5017c84 YW |
395 | if (r < 0) |
396 | return log_oom(); | |
397 | ||
398 | TAKE_PTR(x); | |
1e7a0e21 LP |
399 | |
400 | assert(r > 0); | |
401 | link_dirty(link); | |
402 | } | |
d5017c84 YW |
403 | |
404 | return 0; | |
1e7a0e21 LP |
405 | } |
406 | ||
7a08d314 | 407 | static void ndisc_dnssl_hash_func(const NDiscDNSSL *x, struct siphash *state) { |
1e7a0e21 LP |
408 | siphash24_compress(NDISC_DNSSL_DOMAIN(x), strlen(NDISC_DNSSL_DOMAIN(x)), state); |
409 | } | |
410 | ||
7a08d314 | 411 | static int ndisc_dnssl_compare_func(const NDiscDNSSL *a, const NDiscDNSSL *b) { |
1e7a0e21 LP |
412 | return strcmp(NDISC_DNSSL_DOMAIN(a), NDISC_DNSSL_DOMAIN(b)); |
413 | } | |
414 | ||
7a08d314 | 415 | DEFINE_PRIVATE_HASH_OPS(ndisc_dnssl_hash_ops, NDiscDNSSL, ndisc_dnssl_hash_func, ndisc_dnssl_compare_func); |
1e7a0e21 LP |
416 | |
417 | static void ndisc_router_process_dnssl(Link *link, sd_ndisc_router *rt) { | |
418 | _cleanup_strv_free_ char **l = NULL; | |
419 | uint32_t lifetime; | |
420 | usec_t time_now; | |
421 | char **i; | |
422 | int r; | |
423 | ||
424 | assert(link); | |
425 | assert(rt); | |
426 | ||
427 | r = sd_ndisc_router_get_timestamp(rt, clock_boottime_or_monotonic(), &time_now); | |
428 | if (r < 0) { | |
429 | log_link_warning_errno(link, r, "Failed to get RA timestamp: %m"); | |
430 | return; | |
431 | } | |
432 | ||
433 | r = sd_ndisc_router_dnssl_get_lifetime(rt, &lifetime); | |
434 | if (r < 0) { | |
435 | log_link_warning_errno(link, r, "Failed to get RDNSS lifetime: %m"); | |
436 | return; | |
437 | } | |
438 | ||
439 | r = sd_ndisc_router_dnssl_get_domains(rt, &l); | |
440 | if (r < 0) { | |
441 | log_link_warning_errno(link, r, "Failed to get RDNSS addresses: %m"); | |
442 | return; | |
443 | } | |
444 | ||
445 | STRV_FOREACH(i, l) { | |
a34349e7 | 446 | _cleanup_free_ NDiscDNSSL *s; |
1e7a0e21 LP |
447 | NDiscDNSSL *x; |
448 | ||
a34349e7 DM |
449 | s = malloc0(ALIGN(sizeof(NDiscDNSSL)) + strlen(*i) + 1); |
450 | if (!s) { | |
451 | log_oom(); | |
452 | return; | |
453 | } | |
454 | ||
455 | strcpy(NDISC_DNSSL_DOMAIN(s), *i); | |
1e7a0e21 LP |
456 | |
457 | if (lifetime == 0) { | |
a34349e7 | 458 | (void) set_remove(link->ndisc_dnssl, s); |
1e7a0e21 LP |
459 | link_dirty(link); |
460 | continue; | |
461 | } | |
462 | ||
a34349e7 | 463 | x = set_get(link->ndisc_dnssl, s); |
1e7a0e21 LP |
464 | if (x) { |
465 | x->valid_until = time_now + lifetime * USEC_PER_SEC; | |
466 | continue; | |
467 | } | |
468 | ||
469 | ndisc_vacuum(link); | |
470 | ||
471 | if (set_size(link->ndisc_dnssl) >= NDISC_DNSSL_MAX) { | |
472 | log_link_warning(link, "Too many DNSSL records per link, ignoring."); | |
473 | continue; | |
474 | } | |
475 | ||
476 | r = set_ensure_allocated(&link->ndisc_dnssl, &ndisc_dnssl_hash_ops); | |
477 | if (r < 0) { | |
478 | log_oom(); | |
479 | return; | |
480 | } | |
481 | ||
a34349e7 | 482 | s->valid_until = time_now + lifetime * USEC_PER_SEC; |
1e7a0e21 | 483 | |
a34349e7 | 484 | r = set_put(link->ndisc_dnssl, s); |
1e7a0e21 | 485 | if (r < 0) { |
1e7a0e21 LP |
486 | log_oom(); |
487 | return; | |
488 | } | |
489 | ||
a34349e7 | 490 | s = NULL; |
1e7a0e21 LP |
491 | assert(r > 0); |
492 | link_dirty(link); | |
493 | } | |
494 | } | |
495 | ||
496 | static void ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { | |
497 | int r; | |
498 | ||
499 | assert(link); | |
500 | assert(rt); | |
501 | ||
502 | r = sd_ndisc_router_option_rewind(rt); | |
503 | for (;;) { | |
504 | uint8_t type; | |
505 | ||
506 | if (r < 0) { | |
507 | log_link_warning_errno(link, r, "Failed to iterate through options: %m"); | |
508 | return; | |
509 | } | |
510 | if (r == 0) /* EOF */ | |
511 | break; | |
512 | ||
513 | r = sd_ndisc_router_option_get_type(rt, &type); | |
514 | if (r < 0) { | |
515 | log_link_warning_errno(link, r, "Failed to get RA option type: %m"); | |
516 | return; | |
517 | } | |
518 | ||
519 | switch (type) { | |
520 | ||
521 | case SD_NDISC_OPTION_PREFIX_INFORMATION: { | |
522 | uint8_t flags; | |
523 | ||
524 | r = sd_ndisc_router_prefix_get_flags(rt, &flags); | |
525 | if (r < 0) { | |
526 | log_link_warning_errno(link, r, "Failed to get RA prefix flags: %m"); | |
527 | return; | |
528 | } | |
529 | ||
530 | if (flags & ND_OPT_PI_FLAG_ONLINK) | |
d5017c84 | 531 | (void) ndisc_router_process_onlink_prefix(link, rt); |
1e7a0e21 | 532 | if (flags & ND_OPT_PI_FLAG_AUTO) |
d5017c84 | 533 | (void) ndisc_router_process_autonomous_prefix(link, rt); |
1e7a0e21 LP |
534 | |
535 | break; | |
536 | } | |
537 | ||
538 | case SD_NDISC_OPTION_ROUTE_INFORMATION: | |
d5017c84 | 539 | (void) ndisc_router_process_route(link, rt); |
1e7a0e21 LP |
540 | break; |
541 | ||
542 | case SD_NDISC_OPTION_RDNSS: | |
fe0252e5 | 543 | if (link->network->ipv6_accept_ra_use_dns) |
d5017c84 | 544 | (void) ndisc_router_process_rdnss(link, rt); |
1e7a0e21 LP |
545 | break; |
546 | ||
547 | case SD_NDISC_OPTION_DNSSL: | |
fe0252e5 | 548 | if (link->network->ipv6_accept_ra_use_dns) |
d5017c84 | 549 | (void) ndisc_router_process_dnssl(link, rt); |
1e7a0e21 LP |
550 | break; |
551 | } | |
552 | ||
553 | r = sd_ndisc_router_option_next(rt); | |
554 | } | |
555 | } | |
556 | ||
d5017c84 | 557 | static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { |
1e7a0e21 | 558 | uint64_t flags; |
d5017c84 | 559 | int r = 0; |
1e7a0e21 LP |
560 | |
561 | assert(link); | |
562 | assert(link->network); | |
563 | assert(link->manager); | |
564 | assert(rt); | |
565 | ||
566 | r = sd_ndisc_router_get_flags(rt, &flags); | |
d5017c84 YW |
567 | if (r < 0) |
568 | return log_link_warning_errno(link, r, "Failed to get RA flags: %m"); | |
1e7a0e21 LP |
569 | |
570 | if (flags & (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER)) { | |
571 | /* (re)start DHCPv6 client in stateful or stateless mode according to RA flags */ | |
572 | r = dhcp6_request_address(link, !(flags & ND_RA_FLAG_MANAGED)); | |
573 | if (r < 0 && r != -EBUSY) | |
574 | log_link_warning_errno(link, r, "Could not acquire DHCPv6 lease on NDisc request: %m"); | |
d5017c84 | 575 | else { |
1e7a0e21 | 576 | log_link_debug(link, "Acquiring DHCPv6 lease on NDisc request"); |
d5017c84 YW |
577 | r = 0; |
578 | } | |
1e7a0e21 LP |
579 | } |
580 | ||
581 | ndisc_router_process_default(link, rt); | |
582 | ndisc_router_process_options(link, rt); | |
d5017c84 YW |
583 | |
584 | return r; | |
1e7a0e21 LP |
585 | } |
586 | ||
587 | static void ndisc_handler(sd_ndisc *nd, sd_ndisc_event event, sd_ndisc_router *rt, void *userdata) { | |
9d96e6c3 | 588 | Link *link = userdata; |
a13c50e7 | 589 | |
9d96e6c3 | 590 | assert(link); |
a13c50e7 | 591 | |
9d96e6c3 TG |
592 | if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER)) |
593 | return; | |
a13c50e7 | 594 | |
9d96e6c3 | 595 | switch (event) { |
1e7a0e21 LP |
596 | |
597 | case SD_NDISC_EVENT_ROUTER: | |
d5017c84 | 598 | (void) ndisc_router_handler(link, rt); |
1e7a0e21 LP |
599 | break; |
600 | ||
9d96e6c3 | 601 | case SD_NDISC_EVENT_TIMEOUT: |
962b0647 TG |
602 | link->ndisc_configured = true; |
603 | link_check_ready(link); | |
604 | ||
9d96e6c3 TG |
605 | break; |
606 | default: | |
607 | log_link_warning(link, "IPv6 Neighbor Discovery unknown event: %d", event); | |
a13c50e7 TG |
608 | } |
609 | } | |
610 | ||
611 | int ndisc_configure(Link *link) { | |
612 | int r; | |
613 | ||
1e7a0e21 LP |
614 | assert(link); |
615 | ||
616 | r = sd_ndisc_new(&link->ndisc); | |
617 | if (r < 0) | |
618 | return r; | |
a13c50e7 | 619 | |
1e7a0e21 | 620 | r = sd_ndisc_attach_event(link->ndisc, NULL, 0); |
a13c50e7 TG |
621 | if (r < 0) |
622 | return r; | |
623 | ||
1e7a0e21 | 624 | r = sd_ndisc_set_mac(link->ndisc, &link->mac); |
a13c50e7 TG |
625 | if (r < 0) |
626 | return r; | |
627 | ||
1e7a0e21 | 628 | r = sd_ndisc_set_ifindex(link->ndisc, link->ifindex); |
a13c50e7 TG |
629 | if (r < 0) |
630 | return r; | |
631 | ||
1e7a0e21 | 632 | r = sd_ndisc_set_callback(link->ndisc, ndisc_handler, link); |
a13c50e7 TG |
633 | if (r < 0) |
634 | return r; | |
635 | ||
1e7a0e21 LP |
636 | return 0; |
637 | } | |
638 | ||
639 | void ndisc_vacuum(Link *link) { | |
640 | NDiscRDNSS *r; | |
641 | NDiscDNSSL *d; | |
642 | Iterator i; | |
643 | usec_t time_now; | |
644 | ||
645 | assert(link); | |
646 | ||
647 | /* Removes all RDNSS and DNSSL entries whose validity time has passed */ | |
648 | ||
649 | time_now = now(clock_boottime_or_monotonic()); | |
650 | ||
651 | SET_FOREACH(r, link->ndisc_rdnss, i) | |
652 | if (r->valid_until < time_now) { | |
02affb4e | 653 | free(set_remove(link->ndisc_rdnss, r)); |
1e7a0e21 LP |
654 | link_dirty(link); |
655 | } | |
a13c50e7 | 656 | |
1e7a0e21 LP |
657 | SET_FOREACH(d, link->ndisc_dnssl, i) |
658 | if (d->valid_until < time_now) { | |
02affb4e | 659 | free(set_remove(link->ndisc_dnssl, d)); |
1e7a0e21 LP |
660 | link_dirty(link); |
661 | } | |
a13c50e7 | 662 | } |
c69305ff LP |
663 | |
664 | void ndisc_flush(Link *link) { | |
665 | assert(link); | |
666 | ||
667 | /* Removes all RDNSS and DNSSL entries, without exception */ | |
668 | ||
669 | link->ndisc_rdnss = set_free_free(link->ndisc_rdnss); | |
670 | link->ndisc_dnssl = set_free_free(link->ndisc_dnssl); | |
671 | } |