From: Roy Marples Date: Sun, 19 Apr 2020 06:52:47 +0000 (+0100) Subject: inet6: Add 'temporary' directive to the slaac option X-Git-Tag: v9.0.2~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=628167b10574e83805b6a1b67b89ddc53ea231c5;p=thirdparty%2Fdhcpcd.git inet6: Add 'temporary' directive to the slaac option This instructs dhcpcd to create a temporary address for each address generated from a RA. As such, dhcpcd no longer looks at the kernel option for it as the functionality is being removed from some or never existed in the first place. --- diff --git a/src/dhcpcd.conf.5.in b/src/dhcpcd.conf.5.in index 71c70499..974e9518 100644 --- a/src/dhcpcd.conf.5.in +++ b/src/dhcpcd.conf.5.in @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd February 19, 2020 +.Dd April 19, 2020 .Dt DHCPCD.CONF 5 .Os .Sh NAME @@ -442,7 +442,7 @@ will only fork to the background if the RA contains at least one unexpired RDNSS option and a valid prefix or no DHCPv6 instruction. Set this option so to make .Nm dhcpcd -always fork on an RA. +always fork on a RA. .It Ic ipv6rs Enables IPv6 Router Advertisement solicitation. This is on by default, but is documented here in the case where it is disabled @@ -626,11 +626,14 @@ instead of the default .It Ic ssid Ar ssid Subsequent options are only parsed for this wireless .Ar ssid . -.It Ic slaac Op Ar hwaddr | Ar private +.It Ic slaac Ar hwaddr | Ar private Op Ar temp | Ar temporary Selects the interface identifier used for SLAAC generated IPv6 addresses. If .Ar private -is used, an RFC 7217 address is generated. +is used, a RFC 7217 address is generated. +The +.Ar temporary +directive will create a temporary address for the prefix as well. .It Ic static Ar value Configures a static .Ar value . diff --git a/src/if-bsd.c b/src/if-bsd.c index 7361669a..973fca1a 100644 --- a/src/if-bsd.c +++ b/src/if-bsd.c @@ -1626,7 +1626,6 @@ if_machinearch(char *str, size_t len) #ifdef INET6 #if (defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)) || \ - defined(IPV6CTL_USETEMPADDR) || defined(IPV6CTL_TEMPVLTIME) || \ defined(IPV6CTL_FORWARDING) #define get_inet6_sysctl(code) inet6_sysctl(code, 0, 0) #define set_inet6_sysctl(code, val) inet6_sysctl(code, val, 1) @@ -1687,8 +1686,7 @@ if_applyra(const struct ra *rap) #endif } -#ifdef IPV6_MANAGETEMPADDR -#if !defined(IPV6CTL_TEMPVLTIME) && !defined(__OpenBSD__) +#ifndef IPV6CTL_FORWARDING #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0) #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1) static int @@ -1708,81 +1706,6 @@ inet6_sysctlbyname(const char *name, int val, int action) } #endif -#ifdef __OpenBSD__ -int -ip6_use_tempaddr(const char *ifname) -{ - int s, r; - struct ifreq ifr; - - s = socket(PF_INET6, SOCK_DGRAM, 0); /* XXX Not efficient */ - if (s == -1) - return -1; - strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)); - r = ioctl(s, SIOCGIFXFLAGS, &ifr); - close(s); - if (r == -1) - return -1; - return ifr.ifr_flags & IFXF_INET6_NOPRIVACY ? 0 : 1; -} - -int -ip6_temp_preferred_lifetime(__unused const char *ifname) -{ - - return TEMP_PREFERRED_LIFETIME; -} - -int -ip6_temp_valid_lifetime(__unused const char *ifname) -{ - - return TEMP_VALID_LIFETIME; -} - -#else /* __OpenBSD__ */ - -int -ip6_use_tempaddr(__unused const char *ifname) -{ - int val; - -#ifdef IPV6CTL_USETEMPADDR - val = get_inet6_sysctl(IPV6CTL_USETEMPADDR); -#else - val = get_inet6_sysctlbyname("net.inet6.ip6.use_tempaddr"); -#endif - return val == -1 ? 0 : val; -} - -int -ip6_temp_preferred_lifetime(__unused const char *ifname) -{ - int val; - -#ifdef IPV6CTL_TEMPPLTIME - val = get_inet6_sysctl(IPV6CTL_TEMPPLTIME); -#else - val = get_inet6_sysctlbyname("net.inet6.ip6.temppltime"); -#endif - return val < 0 ? TEMP_PREFERRED_LIFETIME : val; -} - -int -ip6_temp_valid_lifetime(__unused const char *ifname) -{ - int val; - -#ifdef IPV6CTL_TEMPVLTIME - val = get_inet6_sysctl(IPV6CTL_TEMPVLTIME); -#else - val = get_inet6_sysctlbyname("net.inet6.ip6.tempvltime"); -#endif - return val < 0 ? TEMP_VALID_LIFETIME : val; -} -#endif /* !__OpenBSD__ */ -#endif - int ip6_forwarding(__unused const char *ifname) { diff --git a/src/if-linux.c b/src/if-linux.c index 9cc6c527..5f069c1f 100644 --- a/src/if-linux.c +++ b/src/if-linux.c @@ -2019,48 +2019,6 @@ if_applyra(const struct ra *rap) return error; } -#ifdef IPV6_MANAGETEMPADDR -int -ip6_use_tempaddr(const char *ifname) -{ - char path[256]; - int val; - - if (ifname == NULL) - ifname = "all"; - snprintf(path, sizeof(path), "%s/%s/use_tempaddr", p_conf, ifname); - val = check_proc_int(path); - return val == -1 ? 0 : val; -} - -int -ip6_temp_preferred_lifetime(const char *ifname) -{ - char path[256]; - int val; - - if (ifname == NULL) - ifname = "all"; - snprintf(path, sizeof(path), "%s/%s/temp_prefered_lft", p_conf, - ifname); - val = check_proc_int(path); - return val < 0 ? TEMP_PREFERRED_LIFETIME : val; -} - -int -ip6_temp_valid_lifetime(const char *ifname) -{ - char path[256]; - int val; - - if (ifname == NULL) - ifname = "all"; - snprintf(path, sizeof(path), "%s/%s/temp_valid_lft", p_conf, ifname); - val = check_proc_int(path); - return val < 0 ? TEMP_VALID_LIFETIME : val; -} -#endif /* IPV6_MANAGETEMPADDR */ - int ip6_forwarding(const char *ifname) { diff --git a/src/if-options.c b/src/if-options.c index 1280cfbd..79b2f6bf 100644 --- a/src/if-options.c +++ b/src/if-options.c @@ -2193,12 +2193,20 @@ invalid_token: break; case O_SLAAC: ARG_REQUIRED; + np = strwhite(arg); + if (np != NULL) { + *np++ = '\0'; + np = strskipwhite(np); + } if (strcmp(arg, "private") == 0 || strcmp(arg, "stableprivate") == 0 || strcmp(arg, "stable") == 0) ifo->options |= DHCPCD_SLAACPRIVATE; else ifo->options &= ~DHCPCD_SLAACPRIVATE; + if (np != NULL && + (strcmp(np, "temp") == 0 || strcmp(np, "temporary") == 0)) + ifo->options |= DHCPCD_SLAACTEMP; break; case O_BOOTP: ifo->options |= DHCPCD_BOOTP; diff --git a/src/if-options.h b/src/if-options.h index 9c3c0f57..f9d47713 100644 --- a/src/if-options.h +++ b/src/if-options.h @@ -119,6 +119,7 @@ #define DHCPCD_PRINT_PIDFILE (1ULL << 59) #define DHCPCD_ONESHOT (1ULL << 60) #define DHCPCD_INACTIVE (1ULL << 61) +#define DHCPCD_SLAACTEMP (1ULL << 62) #define DHCPCD_NODROP (DHCPCD_EXITING | DHCPCD_PERSISTENT) diff --git a/src/if.h b/src/if.h index df1cb92c..0a2fc6cb 100644 --- a/src/if.h +++ b/src/if.h @@ -220,13 +220,6 @@ int if_addrflags(const struct interface *, const struct in_addr *, #ifdef INET6 void if_disable_rtadv(void); void if_setup_inet6(const struct interface *); -#ifdef IPV6_MANAGETEMPADDR -int ip6_use_tempaddr(const char *ifname); -int ip6_temp_preferred_lifetime(const char *ifname); -int ip6_temp_valid_lifetime(const char *ifname); -#else -#define ip6_use_tempaddr(a) (0) -#endif int ip6_forwarding(const char *ifname); struct ra; diff --git a/src/ipv6.c b/src/ipv6.c index 3e0dcc0c..954f47f0 100644 --- a/src/ipv6.c +++ b/src/ipv6.c @@ -744,7 +744,7 @@ ipv6_addaddr1(struct ipv6_addr *ia, const struct timespec *now) if (ia->flags & IPV6_AF_TEMPORARY && ia->prefix_pltime && ia->prefix_vltime && - ip6_use_tempaddr(ifp->name)) + ifp->options->options & DHCPCD_SLAACTEMP) eloop_timeout_add_sec(ifp->ctx->eloop, ia->prefix_pltime - REGEN_ADVANCE, ipv6_regentempaddr, ia); @@ -1866,7 +1866,7 @@ static void ipv6_regen_desync(struct interface *ifp, bool force) { struct ipv6_state *state; - unsigned int max, pref; + unsigned int max; state = IPV6_STATE(ifp); @@ -1874,14 +1874,13 @@ ipv6_regen_desync(struct interface *ifp, bool force) * greater than TEMP_VALID_LIFETIME - REGEN_ADVANCE. * I believe this is an error and it should be never be greater than * TEMP_PREFERRED_LIFETIME - REGEN_ADVANCE. */ - pref = (unsigned int)ip6_temp_preferred_lifetime(ifp->name); - max = pref - REGEN_ADVANCE; + max = TEMP_PREFERRED_LIFETIME - REGEN_ADVANCE; if (state->desync_factor && !force && state->desync_factor < max) return; if (state->desync_factor == 0) state->desync_factor = arc4random_uniform(MIN(MAX_DESYNC_FACTOR, max)); - max = pref - state->desync_factor - REGEN_ADVANCE; + max = TEMP_PREFERRED_LIFETIME - state->desync_factor - REGEN_ADVANCE; eloop_timeout_add_sec(ifp->ctx->eloop, max, ipv6_regentempaddrs, ifp); } @@ -1917,7 +1916,6 @@ ipv6_createtempaddr(struct ipv6_addr *ia0, const struct timespec *now) struct ipv6_state *state; struct interface *ifp = ia0->iface; struct ipv6_addr *ia; - uint32_t i; ia = ipv6_newaddr(ifp, &ia0->prefix, ia0->prefix_len, IPV6_AF_AUTOCONF | IPV6_AF_TEMPORARY); @@ -1932,11 +1930,9 @@ ipv6_createtempaddr(struct ipv6_addr *ia0, const struct timespec *now) /* RFC4941 Section 3.3.4 */ state = IPV6_STATE(ia->iface); - i = (uint32_t)ip6_temp_preferred_lifetime(ifp->name) - - state->desync_factor; - ia->prefix_pltime = MIN(ia0->prefix_pltime, i); - i = (uint32_t)ip6_temp_valid_lifetime(ifp->name); - ia->prefix_vltime = MIN(ia0->prefix_vltime, i); + ia->prefix_pltime = MIN(ia0->prefix_pltime, + TEMP_PREFERRED_LIFETIME - state->desync_factor); + ia->prefix_vltime = MIN(ia0->prefix_vltime, TEMP_VALID_LIFETIME); if (ia->prefix_pltime <= REGEN_ADVANCE || ia->prefix_pltime > ia0->prefix_vltime) { @@ -1994,7 +1990,7 @@ ipv6_settemptime(struct ipv6_addr *ia, int flags) ext = (unsigned int)ia->acquired.tv_sec + ia->prefix_pltime; max = (unsigned int)(ap->created.tv_sec + - ip6_temp_preferred_lifetime(ap->iface->name) - + TEMP_PREFERRED_LIFETIME - state->desync_factor); if (ext < max) ap->prefix_pltime = ia->prefix_pltime; @@ -2006,7 +2002,7 @@ valid: ext = (unsigned int)ia->acquired.tv_sec + ia->prefix_vltime; max = (unsigned int)(ap->created.tv_sec + - ip6_temp_valid_lifetime(ap->iface->name)); + TEMP_VALID_LIFETIME); if (ext < max) ap->prefix_vltime = ia->prefix_vltime; else diff --git a/src/ipv6nd.c b/src/ipv6nd.c index 6f5ce35b..1b048db9 100644 --- a/src/ipv6nd.c +++ b/src/ipv6nd.c @@ -1338,7 +1338,7 @@ ipv6nd_handlera(struct dhcpcd_ctx *ctx, #ifdef IPV6_MANAGETEMPADDR /* RFC4941 Section 3.3.3 */ if (ia->flags & IPV6_AF_AUTOCONF && - ip6_use_tempaddr(ia->iface->name) && + ia->iface->options->options & DHCPCD_SLAACTEMP && IA6_CANAUTOCONF(ia)) { if (!new_ia) {