The FreeRADIUS server $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Loading...
Searching...
No Matches
proto_dhcpv4_udp.c
Go to the documentation of this file.
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
15 */
16
17/**
18 * $Id: 467e237e61b9a1a689566b2d0cdd19913754e8aa $
19 * @file proto_dhcpv4_udp.c
20 * @brief DHCPv4 handler for UDP.
21 *
22 * @copyright 2018 The FreeRADIUS server project.
23 * @copyright 2018 Alan DeKok (aland@deployingradius.com)
24 */
25#define LOG_PREFIX "proto_dhcpv4_udp"
26
27#include <netdb.h>
28#include <freeradius-devel/arp/arp.h>
29#include <freeradius-devel/server/protocol.h>
30#include <freeradius-devel/util/udp.h>
31#include <freeradius-devel/util/trie.h>
32#include <freeradius-devel/io/application.h>
33#include <freeradius-devel/io/listen.h>
34#include <freeradius-devel/io/schedule.h>
35#include <freeradius-devel/protocol/dhcpv4/freeradius.internal.h>
36#include <freeradius-devel/util/pcap.h>
37#include "proto_dhcpv4.h"
38
39extern fr_app_io_t proto_dhcpv4_udp;
40
41#ifdef HAVE_LIBPCAP
42typedef struct {
43 fr_rb_node_t node; //!< in tree of handles.
44 char const *interface; //!< name for the handle.
45 fr_pcap_t *pcap; //!< pcap handle.
46} proto_dhcpv4_pcap_t;
47#endif
48
49typedef struct {
50 char const *name; //!< socket name
51 int sockfd;
52
53 fr_io_address_t *connection; //!< for connected sockets.
54
55 fr_stats_t stats; //!< statistics for this socket
56
57#ifdef HAVE_LIBPCAP
58 fr_rb_tree_t pcaps; //!< Tree of available pcap handles
59#endif
60} proto_dhcpv4_udp_thread_t;
61
62typedef struct {
63 CONF_SECTION *cs; //!< our configuration
64
65 fr_ipaddr_t ipaddr; //!< IP address to listen on.
66
67 fr_ipaddr_t src_ipaddr; //!< IP address to source replies
68
69 char const *interface; //!< Interface to bind to.
70 char const *port_name; //!< Name of the port for getservent().
71
72 uint32_t recv_buff; //!< How big the kernel's receive buffer should be.
73
74 uint32_t max_packet_size; //!< for message ring buffer.
75 uint32_t max_attributes; //!< Limit maximum decodable attributes.
76
77 uint16_t port; //!< Port to listen on.
78 uint16_t client_port; //!< Client port to reply to.
79
80 bool broadcast; //!< whether we listen for broadcast packets
81
82 bool recv_buff_is_set; //!< Whether we were provided with a receive
83 //!< buffer value.
84 bool dynamic_clients; //!< whether we have dynamic clients
85
86 fr_client_list_t *clients; //!< local clients
87 fr_client_t *default_client; //!< default 0/0 client
88
89 fr_trie_t *trie; //!< for parsed networks
90 fr_ipaddr_t *allow; //!< allowed networks for dynamic clients
91 fr_ipaddr_t *deny; //!< denied networks for dynamic clients
92
93#ifdef HAVE_LIBPCAP
94 bool use_pcap; //!< use libpcap for unicast replies to broadcast requests.
95#endif
96} proto_dhcpv4_udp_t;
97
98
105
106
107static const conf_parser_t udp_listen_config[] = {
108 { FR_CONF_OFFSET_TYPE_FLAGS("ipaddr", FR_TYPE_IPV4_ADDR, 0, proto_dhcpv4_udp_t, ipaddr) },
109 { FR_CONF_OFFSET_TYPE_FLAGS("ipv4addr", FR_TYPE_IPV4_ADDR, 0, proto_dhcpv4_udp_t, ipaddr) },
110
111 { FR_CONF_OFFSET_TYPE_FLAGS("src_ipaddr", FR_TYPE_COMBO_IP_ADDR, 0, proto_dhcpv4_udp_t, src_ipaddr) },
112
113 { FR_CONF_OFFSET("interface", proto_dhcpv4_udp_t, interface) },
114 { FR_CONF_OFFSET("port_name", proto_dhcpv4_udp_t, port_name) },
115
116 { FR_CONF_OFFSET("port", proto_dhcpv4_udp_t, port) },
117 { FR_CONF_OFFSET("client_port", proto_dhcpv4_udp_t, client_port) },
118 { FR_CONF_OFFSET_IS_SET("recv_buff", FR_TYPE_UINT32, 0, proto_dhcpv4_udp_t, recv_buff) },
119
120 { FR_CONF_OFFSET("broadcast", proto_dhcpv4_udp_t, broadcast) } ,
121
122 { FR_CONF_OFFSET("dynamic_clients", proto_dhcpv4_udp_t, dynamic_clients) } ,
123 { FR_CONF_POINTER("networks", 0, CONF_FLAG_SUBSECTION, NULL), .subcs = (void const *) networks_config },
124
125 { FR_CONF_OFFSET("max_packet_size", proto_dhcpv4_udp_t, max_packet_size), .dflt = "4096" } ,
126 { FR_CONF_OFFSET("max_attributes", proto_dhcpv4_udp_t, max_attributes), .dflt = STRINGIFY(DHCPV4_MAX_ATTRIBUTES) } ,
127
128#ifdef HAVE_LIBPCAP
129 { FR_CONF_OFFSET_FLAGS("use_pcap", CONF_FLAG_HIDDEN, proto_dhcpv4_udp_t, use_pcap) },
130#endif
131 CONF_PARSER_TERMINATOR
132};
133
134static fr_dict_t const *dict_dhcpv4;
135
136extern fr_dict_autoload_t proto_dhcpv4_udp_dict[];
137fr_dict_autoload_t proto_dhcpv4_udp_dict[] = {
138 { .out = &dict_dhcpv4, .proto = "dhcpv4" },
139 { NULL }
140};
141
142static fr_dict_attr_t const *attr_message_type;
143static fr_dict_attr_t const *attr_dhcp_server_identifier;
144
145extern fr_dict_attr_autoload_t proto_dhcpv4_udp_dict_attr[];
146fr_dict_attr_autoload_t proto_dhcpv4_udp_dict_attr[] = {
147 { .out = &attr_message_type, .name = "Message-Type", .type = FR_TYPE_UINT8, .dict = &dict_dhcpv4},
148 { .out = &attr_dhcp_server_identifier, .name = "Server-Identifier", .type = FR_TYPE_IPV4_ADDR, .dict = &dict_dhcpv4},
149 { NULL }
150};
151
152#ifdef HAVE_LIBPCAP
153static int8_t dhcpv4_pcap_cmp(void const *a, void const *b)
154{
155 proto_dhcpv4_pcap_t const *one = a, *two = b;
156 return CMP(strcmp(one->interface, two->interface), 0);
157}
158
159static proto_dhcpv4_pcap_t *dhcpv4_pcap_find(proto_dhcpv4_udp_thread_t *thread, char const *interface)
160{
161 proto_dhcpv4_pcap_t find, *pcap;
162
163 find = (proto_dhcpv4_pcap_t) {
164 .interface = interface
165 };
166
167 pcap = fr_rb_find(&thread->pcaps, &find);
168 if (pcap) return pcap;
169
170 MEM(pcap = talloc_zero(thread, proto_dhcpv4_pcap_t));
171
172 pcap->pcap = fr_pcap_init(pcap, interface, PCAP_INTERFACE_OUT);
173
174 if (!pcap->pcap) {
175 ERROR("Failed creating pcap for interface %s", interface);
176 return NULL;
177 }
178
179 if (fr_pcap_open(pcap->pcap) < 0) {
180 ERROR("Failed opening pcap on interface %s", interface);
181 error:
182 talloc_free(pcap);
183 return NULL;
184 }
185
186 /*
187 * Use a filter which will match nothing - so we don't capture any packets
188 */
189 if (fr_pcap_apply_filter(pcap->pcap, "tcp and udp") < 0) {
190 ERROR("Failed adding filter to pcap on interface %s", interface);
191 goto error;
192 }
193
194 pcap->interface = pcap->pcap->name;
195 fr_rb_insert(&thread->pcaps, pcap);
196
197 return pcap;
198}
199
200static void dhcpv4_pcap_free(proto_dhcpv4_udp_thread_t *thread, proto_dhcpv4_pcap_t *pcap)
201{
202 fr_rb_remove(&thread->pcaps, pcap);
203 talloc_free(pcap);
204}
205#endif
206
207static ssize_t mod_read(fr_listen_t *li, void **packet_ctx, fr_time_t *recv_time_p, uint8_t *buffer, size_t buffer_len,
208 size_t *leftover)
209{
210 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
211 fr_io_address_t *address, **address_p;
212
213 int flags;
214 ssize_t data_size;
215 size_t packet_len;
216 uint8_t message_type;
217 uint32_t xid, ipaddr;
218 dhcp_packet_t *packet;
219
220 *leftover = 0; /* always for UDP */
221
222 /*
223 * Where the addresses should go. This is a special case
224 * for proto_dhcpv4.
225 */
226 address_p = (fr_io_address_t **) packet_ctx;
227 address = *address_p;
228
229 /*
230 * Tell udp_recv if we're connected or not.
231 */
232 flags = UDP_FLAGS_CONNECTED * (thread->connection != NULL);
233
234 data_size = udp_recv(thread->sockfd, flags, &address->socket, buffer, buffer_len, recv_time_p);
235 if (data_size < 0) {
236 RATE_LIMIT_GLOBAL(PERROR, "Read error (%zd)", data_size);
237 return data_size;
238 }
239
240 if (!data_size) {
241 RATE_LIMIT_GLOBAL(WARN, "Got no data - ignoring");
242 return 0;
243 }
244
245 /*
246 * @todo - make this take "&packet_len", as the DHCPv4
247 * packet may be smaller than the parent UDP packet.
248 */
249 if (!fr_dhcpv4_ok(buffer, data_size, &message_type, &xid)) {
250 RATE_LIMIT_GLOBAL(PWARN, "Invalid packet - ignoring");
251 return 0;
252 }
253
254 packet_len = data_size;
255
256 /*
257 * We've seen a server reply to this port, but the giaddr
258 * is *not* our address. Drop it.
259 */
260 packet = (dhcp_packet_t *) buffer;
261 memcpy(&ipaddr, &packet->giaddr, 4);
262 if ((packet->opcode == 2) && (ipaddr != address->socket.inet.dst_ipaddr.addr.v4.s_addr)) {
263 DEBUG2("Ignoring server reply which was not meant for us (was for %pV).",
264 fr_box_ipaddr(address->socket.inet.dst_ipaddr));
265 return 0;
266 }
267
268 /*
269 * proto_dhcpv4 sets the priority
270 */
271
272 /*
273 * Print out what we received.
274 */
275 DEBUG2("Received %s XID %08x length %d %s", dhcp_message_types[message_type], xid,
276 (int) packet_len, thread->name);
277
278 return packet_len;
279}
280
281
282static ssize_t mod_write(fr_listen_t *li, void *packet_ctx, UNUSED fr_time_t request_time,
283 uint8_t *buffer, size_t buffer_len, UNUSED size_t written)
284{
285 proto_dhcpv4_udp_t const *inst = talloc_get_type_abort_const(li->app_io_instance, proto_dhcpv4_udp_t);
286 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
287
288 fr_io_track_t *track = talloc_get_type_abort(packet_ctx, fr_io_track_t);
289 proto_dhcpv4_track_t *request = talloc_get_type_abort(track->packet, proto_dhcpv4_track_t);
290 fr_socket_t socket;
291
292 int flags;
293 ssize_t data_size;
294
295 /*
296 * @todo - share a stats interface with the parent? or
297 * put the stats in the listener, so that proto_dhcpv4
298 * can update them, too.. <sigh>
299 */
300 thread->stats.total_responses++;
301
302 flags = UDP_FLAGS_CONNECTED * (thread->connection != NULL);
303
304 /*
305 * Swap src/dst IP/port
306 */
307 fr_socket_addr_swap(&socket, &track->address->socket);
308
309 /*
310 * Figure out which kind of packet we're sending.
311 */
312 if (!thread->connection) {
313 uint8_t const *code, *sid;
314 dhcp_packet_t *packet = (dhcp_packet_t *) buffer;
315#ifdef WITH_IFINDEX_IPADDR_RESOLUTION
316 fr_ipaddr_t primary;
317#endif
318
319 /*
320 * This isn't available in the packet header.
321 */
322 code = fr_dhcpv4_packet_get_option(packet, buffer_len, attr_message_type);
323 if (!code || (code[1] < 1) || (code[2] == 0) || (code[2] > FR_DHCP_LEASE_ACTIVE)) {
324 WARN("Silently discarding reply due to invalid or missing message type");
325 return 0;
326 }
327
328 /*
329 * Set the source IP we'll use for sending the packets.
330 *
331 * - if src_ipaddr is unicast, use that
332 * - else if socket wasn't bound to *, then use that
333 * - else if we have ifindex, get main IP from that interface and use that.
334 * - else for offer/ack, look at option 54, for Server Identification and use that
335 * - else leave source IP as whatever is already in "socket.inet.src_ipaddr".
336 */
337 if (!fr_ipaddr_is_inaddr_any(&inst->src_ipaddr)) {
338 socket.inet.src_ipaddr = inst->src_ipaddr;
339 } else if (!fr_ipaddr_is_inaddr_any(&inst->ipaddr)) {
340 socket.inet.src_ipaddr = inst->ipaddr;
341#ifdef WITH_IFINDEX_IPADDR_RESOLUTION
342 } else if ((address->socket.inet.ifindex > 0) &&
343 (fr_ipaddr_from_ifindex(&primary, thread->sockfd, &socket.inet.dst_ipaddr.af,
344 &socket.inet.ifindex) == 0)) {
345 socket.inet.src_ipaddr = primary;
346#endif
347 } else if (((code[2] == FR_DHCP_OFFER) || (code[2] == FR_DHCP_ACK)) &&
348 ((sid = fr_dhcpv4_packet_get_option(packet, buffer_len, attr_dhcp_server_identifier)) != NULL) &&
349 (sid[1] == 4)) {
350 memcpy(&socket.inet.src_ipaddr.addr.v4.s_addr, sid + 2, 4);
351 }
352
353 /*
354 * If we're forwarding the Discover or Request,
355 * then we need to figure out where to forward it
356 * to?
357 */
358 if ((code[2] == FR_DHCP_DISCOVER) || (code[2] == FR_DHCP_REQUEST)) {
359 WARN("Silently discarding client request, as we do not know where to send it");
360 return 0;
361 }
362
363 /*
364 * We have GIADDR in the packet, so send it
365 * there. The packet is FROM our IP address and
366 * port, TO the destination IP address, at the
367 * same (i.e. server) port.
368 *
369 * RFC 2131 page 23
370 *
371 * "If the 'giaddr' field in a DHCP message from
372 * a client is non-zero, the server sends any
373 * return messages to the 'DHCP server' port on
374 * the BOOTP relay agent whose address appears in
375 * 'giaddr'.
376 */
377 if (packet->giaddr != INADDR_ANY) {
378 DEBUG("Reply will be sent to giaddr.");
379 socket.inet.dst_ipaddr.addr.v4.s_addr = packet->giaddr;
380 socket.inet.dst_port = inst->port;
381 socket.inet.src_port = inst->port;
382
383 /*
384 * Increase the hop count for client
385 * packets sent to the next gateway.
386 */
387 if ((code[2] == FR_DHCP_DISCOVER) ||
388 (code[2] == FR_DHCP_REQUEST)) {
389 packet->opcode = 1; /* client message */
390 packet->hops = request->hops + 1;
391 } else {
392 packet->opcode = 2; /* server message */
393 }
394
395 goto send_reply;
396 }
397
398 packet->opcode = 2; /* server message */
399
400 /*
401 * If the client port is specified, use it.
402 *
403 * RFC 2131 page 23.
404 *
405 * "DHCP messages from a server to a client are sent
406 * to the 'DHCP client' port (68)"
407 */
408 if (inst->client_port) socket.inet.dst_port = inst->client_port;
409
410 /*
411 * NAKs are broadcast when there's no giaddr.
412 *
413 * RFC 2131 page 23.
414 *
415 * "In all cases, when 'giaddr' is zero, the server
416 * broadcasts any DHCPNAK messages to 0xffffffff."
417 */
418 if (code[2] == FR_DHCP_NAK) {
419 DEBUG("Reply will be broadcast due to NAK.");
420 socket.inet.dst_ipaddr.addr.v4.s_addr = INADDR_BROADCAST;
421 goto send_reply;
422 }
423
424 /*
425 * The original packet has CIADDR, so we unicast
426 * the reply there.
427 *
428 * RFC 2131 page 23.
429 *
430 * "If the 'giaddr' field is zero and the
431 * 'ciaddr' field is nonzero, then the server
432 * unicasts DHCPOFFER and DHCPACK messages to the
433 * address in 'ciaddr'."
434 */
435 if (request->ciaddr != INADDR_ANY) {
436 DEBUG("Reply will be unicast to CIADDR from original packet.");
437 memcpy(&socket.inet.dst_ipaddr.addr.v4.s_addr, &request->ciaddr, 4);
438 goto send_reply;
439 }
440
441 /*
442 * The original packet requested a broadcast
443 * reply, so we broadcast the reply.
444 *
445 * RFC 2131 page 23.
446 *
447 * "If 'giaddr' is zero and 'ciaddr' is zero, and
448 * the broadcast bit is set, then the server
449 * broadcasts DHCPOFFER and DHCPACK messages to
450 * 0xffffffff."
451 */
452 if (request->broadcast) {
453 DEBUG("Reply will be broadcast due to client request.");
454 socket.inet.dst_ipaddr.addr.v4.s_addr = INADDR_BROADCAST;
455 goto send_reply;
456 }
457
458 /*
459 * The original packet was unicast to us, such as
460 * via a relay. We have a unicast destination
461 * address, so we just use that.
462 *
463 * This extension isn't in the RFC, but we find it useful.
464 */
465 if ((packet->yiaddr == htonl(INADDR_ANY)) &&
466 (socket.inet.dst_ipaddr.addr.v4.s_addr != htonl(INADDR_BROADCAST))) {
467 DEBUG("Reply will be unicast to source IP from original packet.");
468 goto send_reply;
469 }
470
471 /*
472 * RFC 2131 page 23.
473 *
474 * "If the broadcast bit is not set and 'giaddr'
475 * is zero and 'ciaddr' is zero, then the server
476 * unicasts DHCPOFFER and DHCPACK messages to the
477 * client's hardware address and 'yiaddr'
478 * address."
479 */
480 switch (code[2]) {
481 /*
482 * OFFERs are sent to YIADDR if we
483 * received a unicast packet from YIADDR.
484 * Otherwise, they are unicast to YIADDR
485 * (if we can update ARP), otherwise they
486 * are broadcast.
487 */
488 case FR_DHCP_OFFER:
489 {
490 char if_name[IFNAMSIZ];
491#ifdef HAVE_LIBPCAP
492 offer:
493#endif
494 if_name[0] = '\0';
495#ifdef WITH_IFINDEX_NAME_RESOLUTION
496 if (!inst->interface && socket.inet.ifindex) fr_ifname_from_ifindex(if_name, socket.inet.ifindex);
497#endif
498 /*
499 * If the packet was unicast from the
500 * client, unicast it back without
501 * updating the ARP table. We presume
502 * that the ARP table has been updated by
503 * the OS, since we received a unicast
504 * packet.
505 *
506 * This check simply makes sure that we
507 * don't needlessly update the ARP table.
508 */
509 if (memcmp(&socket.inet.dst_ipaddr.addr.v4.s_addr, &packet->yiaddr, 4) == 0) {
510 DEBUG("Reply will be unicast to YIADDR.");
511
512#ifdef SIOCSARP
513 } else if (inst->broadcast &&
514#ifdef HAVE_LIBPCAP
515 !inst->use_pcap &&
516#endif
517 (inst->interface || if_name[0])) {
518 uint8_t macaddr[6];
519 uint8_t ipaddr[4];
520
521 memcpy(&ipaddr, &packet->yiaddr, 4);
522 memcpy(&macaddr, &packet->chaddr, 6);
523
524 /*
525 * Else the OFFER was broadcast.
526 * This socket is listening for
527 * broadcast packets on a
528 * particular interface. We're
529 * too lazy to write raw UDP
530 * packets, so we update our
531 * local ARP table and then
532 * unicast the reply.
533 */
534 if (fr_arp_entry_add(thread->sockfd, inst->interface ? inst->interface : if_name, ipaddr, macaddr) == 0) {
535 DEBUG("Reply will be unicast to YIADDR, done ARP table updates.");
536 memcpy(&socket.inet.dst_ipaddr.addr.v4.s_addr, &packet->yiaddr, 4);
537 } else {
538 DEBUG("Failed adding ARP entry. Reply will be broadcast.");
539 socket.inet.dst_ipaddr.addr.v4.s_addr = INADDR_BROADCAST;
540 }
541#endif
542#ifdef __FreeBSD__
543 } else if (inst->broadcast &&
544#ifdef HAVE_LIBPCAP
545 !inst->use_pcap &&
546#endif
547 (inst->interface || if_name[0])) {
548 uint8_t macaddr[6];
549 uint8_t ipaddr[4];
550
551 memcpy(&ipaddr, &packet->yiaddr, 4);
552 memcpy(&macaddr, &packet->chaddr, 6);
553
554 /*
555 * FreeBSD version of above using netlink API
556 */
557 if (fr_bsd_arp_entry_add(socket.inet.ifindex, ipaddr, macaddr) == 0) {
558 DEBUG("Reply will be unicast to YADDR, done ARP table updates.");
559 memcpy(&socket.inet.dst_ipaddr.addr.v4.s_addr, &packet->yiaddr, 4);
560 } else {
561 DEBUG("Failed adding ARP table entry. Reply will be broadcast.");
562 socket.inet.dst_ipaddr.addr.v4.s_addr = INADDR_BROADCAST;
563 }
564#endif
565#ifdef HAVE_LIBPCAP
566 } else if (inst->use_pcap && inst->broadcast && (inst->interface || if_name[0])) {
567 proto_dhcpv4_pcap_t *pcap;
568 uint8_t macaddr[6];
569 fr_packet_t tosend;
570
571 pcap = dhcpv4_pcap_find(thread, inst->interface ? inst->interface : if_name);
572 if (!pcap) return -1;
573
574 DEBUG("Reply will be unicast to YIADDR.");
575 memcpy(&macaddr, &packet->chaddr, 6);
576 memcpy(&socket.inet.dst_ipaddr.addr.v4.s_addr, &packet->yiaddr, 4);
577 tosend = (fr_packet_t) {
578 .socket = socket,
579 .data = buffer,
580 .data_len = buffer_len
581 };
582
583 DEBUG("Sending %s XID %08x from %pV:%d to %pV:%d", dhcp_message_types[code[2]], packet->xid,
584 fr_box_ipaddr(socket.inet.src_ipaddr), socket.inet.src_port,
585 fr_box_ipaddr(socket.inet.dst_ipaddr), socket.inet.dst_port);
586 if (fr_dhcpv4_pcap_send(pcap->pcap, macaddr, &tosend) < 0) {
587 ERROR("Failed sending packet");
588 dhcpv4_pcap_free(thread, pcap);
589 return -1;
590 }
591
592 return buffer_len;
593#endif
594 } else {
595 DEBUG("Reply will be broadcast as we do not create raw UDP sockets.");
596 socket.inet.dst_ipaddr.addr.v4.s_addr = INADDR_BROADCAST;
597 }
598 }
599 break;
600
601 /*
602 * ACKs are unicast to YIADDR
603 */
604 case FR_DHCP_ACK:
605#ifdef HAVE_LIBPCAP
606 /*
607 * Are we replying on a system using pcap - if so use the same logic as OFFER
608 */
609 if (inst->use_pcap) goto offer;
610#endif
611 DEBUG("Reply will be unicast to YIADDR.");
612 memcpy(&socket.inet.dst_ipaddr.addr.v4.s_addr, &packet->yiaddr, 4);
613 break;
614
615 default:
616 WARN("Silently discarding reply due to unimplemented message type %d", code[2]);
617 return 0;
618 }
619
620 send_reply:
621 DEBUG("Sending %s XID %08x from %pV:%d to %pV:%d", dhcp_message_types[code[2]], packet->xid,
622 fr_box_ipaddr(socket.inet.src_ipaddr), socket.inet.src_port,
623 fr_box_ipaddr(socket.inet.dst_ipaddr), socket.inet.dst_port);
624 }
625
626 /*
627 * proto_dhcpv4 takes care of suppressing do-not-respond, etc.
628 */
629 data_size = udp_send(&socket, flags, buffer, buffer_len);
630
631 /*
632 * This socket is dead. That's an error...
633 */
634 if (data_size <= 0) return data_size;
635
636 return data_size;
637}
638
639
640static int mod_connection_set(fr_listen_t *li, fr_io_address_t *connection)
641{
642 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
643
644 thread->connection = connection;
645 return 0;
646}
647
648
649static void mod_network_get(int *ipproto, bool *dynamic_clients, fr_trie_t const **trie, void *instance)
650{
651 proto_dhcpv4_udp_t *inst = talloc_get_type_abort(instance, proto_dhcpv4_udp_t);
652
653 *ipproto = IPPROTO_UDP;
654 *dynamic_clients = inst->dynamic_clients;
655 *trie = inst->trie;
656}
657
658
659/** Open a UDP listener for DHCPV4
660 *
661 */
662static int mod_open(fr_listen_t *li)
663{
664 proto_dhcpv4_udp_t const *inst = talloc_get_type_abort_const(li->app_io_instance, proto_dhcpv4_udp_t);
665 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
666
667 int sockfd, rcode;
668 fr_ipaddr_t ipaddr = inst->ipaddr;
669 uint16_t port = inst->port;
670
671 li->fd = sockfd = fr_socket_server_udp(&inst->ipaddr, &port, inst->port_name, true);
672 if (sockfd < 0) {
673 PERROR("Failed opening UDP socket");
674 error:
675 return -1;
676 }
677
678 li->app_io_addr = fr_socket_addr_alloc_inet_src(li, IPPROTO_UDP, 0, &inst->ipaddr, port);
679
680 /*
681 * Set SO_REUSEPORT before bind, so that all packets can
682 * listen on the same destination IP address.
683 */
684 {
685 int on = 1;
686
687 if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)) < 0) {
688 ERROR("Failed to set socket 'reuseport': %s", fr_syserror(errno));
689 close(sockfd);
690 return -1;
691 }
692 }
693
694#ifdef SO_RCVBUF
695 if (inst->recv_buff_is_set) {
696 int opt;
697
698 opt = inst->recv_buff;
699 if (setsockopt(sockfd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(int)) < 0) {
700 WARN("Failed setting 'recv_buf': %s", fr_syserror(errno));
701 }
702 }
703#endif
704
705 if (inst->broadcast) {
706 int on = 1;
707
708 if (setsockopt(sockfd, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)) < 0) {
709 ERROR("Failed to set broadcast option: %s", fr_syserror(errno));
710 close(sockfd);
711 return -1;
712 }
713 }
714
715 rcode = fr_socket_bind(sockfd, inst->interface, &ipaddr, &port);
716 if (rcode < 0) {
717 close(sockfd);
718 PERROR("Failed binding socket");
719 goto error;
720 }
721
722 thread->sockfd = sockfd;
723
724 fr_assert((cf_parent(inst->cs) != NULL) && (cf_parent(cf_parent(inst->cs)) != NULL)); /* listen { ... } */
725
726 thread->name = fr_app_io_socket_name(thread, &proto_dhcpv4_udp,
727 NULL, 0,
728 &inst->ipaddr, inst->port,
729 inst->interface);
730
731#ifdef HAVE_LIBPCAP
732 fr_rb_inline_init(&thread->pcaps, proto_dhcpv4_pcap_t, node, dhcpv4_pcap_cmp, NULL);
733#endif
734 return 0;
735}
736
737#ifdef HAVE_LIBPCAP
738static int mod_close(fr_listen_t *li)
739{
740 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
741 void **pcap_to_free;
742 int i;
743
744 if (fr_rb_flatten_inorder(NULL, &pcap_to_free, &thread->pcaps) < 0) return -1;
745
746 for (i = talloc_array_length(pcap_to_free) - 1; i >= 0; i--) talloc_free(pcap_to_free[i]);
747 talloc_free(pcap_to_free);
748
749 return 0;
750}
751#endif
752
753/** Set the file descriptor for this socket.
754 *
755 */
756static int mod_fd_set(fr_listen_t *li, int fd)
757{
758 proto_dhcpv4_udp_t const *inst = talloc_get_type_abort_const(li->app_io_instance, proto_dhcpv4_udp_t);
759 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
760
761 thread->sockfd = fd;
762
763 thread->name = fr_app_io_socket_name(thread, &proto_dhcpv4_udp,
764 &thread->connection->socket.inet.src_ipaddr,
765 thread->connection->socket.inet.src_port,
766 &inst->ipaddr, inst->port,
767 inst->interface);
768
769 return 0;
770}
771
772
773static void *mod_track_create(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client,
774 fr_io_track_t *track, uint8_t const *packet, size_t packet_len)
775{
776 proto_dhcpv4_track_t *t;
777 dhcp_packet_t const *dhcp = (dhcp_packet_t const *) packet;
778 uint8_t const *option;
779
780 option = fr_dhcpv4_packet_get_option(dhcp, packet_len, attr_message_type);
781 if (!option || (option[1] == 0)) {
782 DEBUG("No %s in the packet - ignoring", attr_message_type->name);
783 return NULL;
784 }
785
786 t = talloc_zero(track, proto_dhcpv4_track_t);
787 if (!t) return NULL;
788
789 memcpy(&t->xid, &dhcp->xid, sizeof(t->xid));
790
791 t->message_type = option[2];
792
793 /*
794 * Track most packets by chaddr. For lease queries, that
795 * field can be the client address being queried, not the
796 * address of the system which sent the packet. So
797 * instead for lease queries, we use giaddr, which MUST
798 * exist according to RFC 4388 Section 6.3
799 */
800 if (option[2] != FR_DHCP_LEASE_QUERY) {
801 if (dhcp->hlen == 6) memcpy(&t->chaddr, &dhcp->chaddr, 6);
802 }
803
804 t->broadcast = ((dhcp->flags & FR_FLAGS_VALUE_BROADCAST) != 0);
805 t->hops = dhcp->hops;
806 memcpy(&t->ciaddr, &dhcp->ciaddr, sizeof(t->ciaddr));
807 memcpy(&t->giaddr, &dhcp->giaddr, sizeof(t->giaddr));
808
809 return t;
810}
811
812static int mod_track_compare(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client,
813 void const *one, void const *two)
814{
815 int ret;
816 proto_dhcpv4_track_t const *a = one;
817 proto_dhcpv4_track_t const *b = two;
818
819 /*
820 * The tree is ordered by XIDs, which are (hopefully)
821 * pseudo-randomly distributed.
822 */
823 ret = memcmp(&a->xid, &b->xid, sizeof(a->xid));
824 if (ret != 0) return ret;
825
826 /*
827 * Hardware addresses should also be randomly distributed.
828 */
829 ret = memcmp(&a->chaddr, &b->chaddr, sizeof(a->chaddr));
830 if (ret != 0) return ret;
831
832 /*
833 * Compare giaddr, but not ciaddr
834 */
835 ret = memcmp(&a->giaddr, &b->giaddr, sizeof(a->giaddr));
836 if (ret != 0) return ret;
837
838 return (a->message_type < b->message_type) - (a->message_type > b->message_type);
839}
840
841static char const *mod_name(fr_listen_t *li)
842{
843 proto_dhcpv4_udp_thread_t *thread = talloc_get_type_abort(li->thread_instance, proto_dhcpv4_udp_thread_t);
844
845 return thread->name;
846}
847
848
849static int mod_instantiate(module_inst_ctx_t const *mctx)
850{
851 proto_dhcpv4_udp_t *inst = talloc_get_type_abort(mctx->mi->data, proto_dhcpv4_udp_t);
852 CONF_SECTION *conf = mctx->mi->conf;
853 size_t num;
854 CONF_ITEM *ci;
855 CONF_SECTION *server_cs;
856 fr_client_t *client;
857
858 inst->cs = conf;
859
860 /*
861 * Complain if no "ipaddr" is set.
862 */
863 if (inst->ipaddr.af == AF_UNSPEC) {
864 cf_log_err(conf, "No 'ipaddr' was specified in the 'udp' section");
865 return -1;
866 }
867
868 if (inst->ipaddr.af != AF_INET) {
869 cf_log_err(conf, "DHCPv4 transport cannot use IPv6 for 'ipaddr'");
870 return -1;
871 }
872
873 /*
874 * If src_ipaddr is defined, it must be of the same address family as "ipaddr"
875 */
876 if ((inst->src_ipaddr.af != AF_UNSPEC) &&
877 (inst->src_ipaddr.af != inst->ipaddr.af)) {
878 cf_log_err(conf, "Both 'ipaddr' and 'src_ipaddr' must be from the same address family");
879 return -1;
880 }
881
882 /*
883 * Set src_ipaddr to INADDR_NONE if not otherwise specified
884 */
885 if (inst->src_ipaddr.af == AF_UNSPEC) {
886 memset(&inst->src_ipaddr, 0, sizeof(inst->src_ipaddr));
887 inst->src_ipaddr.af = AF_INET;
888 }
889
890 if (inst->recv_buff_is_set) {
891 FR_INTEGER_BOUND_CHECK("recv_buff", inst->recv_buff, >=, 32);
892 FR_INTEGER_BOUND_CHECK("recv_buff", inst->recv_buff, <=, INT_MAX);
893 }
894
895 FR_INTEGER_BOUND_CHECK("max_packet_size", inst->max_packet_size, >=, MIN_PACKET_SIZE);
896 FR_INTEGER_BOUND_CHECK("max_packet_size", inst->max_packet_size, <=, 65536);
897
898 if (!inst->port) {
899 struct servent *s;
900
901 if (!inst->port_name) {
902 cf_log_err(conf, "No 'port' was specified in the 'udp' section");
903 return -1;
904 }
905
906 s = getservbyname(inst->port_name, "udp");
907 if (!s) {
908 cf_log_err(conf, "Unknown value for 'port_name = %s", inst->port_name);
909 return -1;
910 }
911
912 inst->port = ntohl(s->s_port);
913 }
914
915#if defined(SIOCSARP) || defined(__FreeBSD__)
916 /*
917 * If we're listening for broadcast requests, we MUST
918 */
919 if (inst->broadcast && !inst->interface) {
920 cf_log_warn(conf, "You SHOULD set 'interface' if you have set 'broadcast = yes'.");
921 cf_log_warn(conf, "All replies will be broadcast, as ARP updates require 'interface' to be set.");
922 }
923#elif defined HAVE_LIBPCAP
924 INFO("libpcap will be used for unicast replies to broadcast requests.");
925 inst->use_pcap = true;
926#endif
927
928 /*
929 * Parse and create the trie for dynamic clients, even if
930 * there's no dynamic clients.
931 */
932 num = talloc_array_length(inst->allow);
933 if (!num) {
934 if (inst->dynamic_clients) {
935 cf_log_err(conf, "The 'allow' subsection MUST contain at least one 'network' entry when 'dynamic_clients = true'.");
936 return -1;
937 }
938 } else {
939 inst->trie = fr_master_io_network(inst, inst->ipaddr.af, inst->allow, inst->deny);
940 if (!inst->trie) {
941 cf_log_perr(conf, "Failed creating list of networks");
942 return -1;
943 }
944 }
945
946 ci = cf_section_to_item(mctx->mi->parent->conf); /* listen { ... } */
947 fr_assert(ci != NULL);
948 ci = cf_parent(ci);
949 fr_assert(ci != NULL);
950
951 server_cs = cf_item_to_section(ci);
952
953 /*
954 * Look up local clients, if they exist.
955 *
956 * @todo - ensure that we only parse clients which are
957 * for IPPROTO_UDP, and don't require a "secret".
958 */
959 if (cf_section_find_next(server_cs, NULL, "client", CF_IDENT_ANY)) {
960 inst->clients = client_list_parse_section(server_cs, IPPROTO_UDP, false);
961 if (!inst->clients) {
962 cf_log_err(conf, "Failed creating local clients");
963 return -1;
964 }
965 }
966
967 /*
968 * Create a fake client.
969 */
970 client = inst->default_client = talloc_zero(inst, fr_client_t);
971 if (!inst->default_client) return 0;
972
973 client->ipaddr.af = AF_INET;
974 client->ipaddr.addr.v4.s_addr = htonl(INADDR_NONE);
975 client->src_ipaddr = client->ipaddr;
976
977 client->longname = client->shortname = client->secret = talloc_strdup(client, "default");
978 client->nas_type = talloc_strdup(client, "other");
979
980 return 0;
981}
982
983static fr_client_t *mod_client_find(fr_listen_t *li, fr_ipaddr_t const *ipaddr, int ipproto)
984{
985 proto_dhcpv4_udp_t const *inst = talloc_get_type_abort_const(li->app_io_instance, proto_dhcpv4_udp_t);
986
987 /*
988 * Prefer local clients.
989 */
990 if (inst->clients) {
991 fr_client_t *client;
992
993 client = client_find(inst->clients, ipaddr, ipproto);
994 if (client) return client;
995 }
996
997 return inst->default_client;
998}
999
1000fr_app_io_t proto_dhcpv4_udp = {
1001 .common = {
1002 .magic = MODULE_MAGIC_INIT,
1003 .name = "dhcpv4_udp",
1004 .config = udp_listen_config,
1005 .inst_size = sizeof(proto_dhcpv4_udp_t),
1006 .thread_inst_size = sizeof(proto_dhcpv4_udp_thread_t),
1007 .instantiate = mod_instantiate,
1008 },
1009 .default_message_size = 4096,
1010 .track_duplicates = true,
1011
1012 .open = mod_open,
1013 .read = mod_read,
1014 .write = mod_write,
1015#ifdef HAVE_LIBPCAP
1016 .close = mod_close,
1017#endif
1018 .fd_set = mod_fd_set,
1019 .track_create = mod_track_create,
1020 .track_compare = mod_track_compare,
1021 .connection_set = mod_connection_set,
1022 .network_get = mod_network_get,
1023 .client_find = mod_client_find,
1024 .get_name = mod_name,
1025};
buffer
static int const char char buffer[256]
Definition acutest.h:576
fr_app_io_socket_name
char const * fr_app_io_socket_name(TALLOC_CTX *ctx, fr_app_io_t const *app_io, fr_ipaddr_t const *src_ipaddr, int src_port, fr_ipaddr_t const *dst_ipaddr, int dst_port, char const *interface)
Definition app_io.c:32
fr_app_io_t::common
module_t common
Common fields to all loadable modules.
Definition app_io.h:34
fr_app_io_t
Public structure describing an I/O path for a protocol.
Definition app_io.h:33
fr_arp_entry_add
int fr_arp_entry_add(int fd, char const *interface, uint8_t ipaddr[static 4], uint8_t macaddr[static 6])
STRINGIFY
#define STRINGIFY(x)
Definition build.h:197
CMP
#define CMP(_a, _b)
Same as CMP_PREFER_SMALLER use when you don't really care about ordering, you just want an ordering.
Definition build.h:112
UNUSED
#define UNUSED
Definition build.h:317
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition cf_parse.h:662
FR_INTEGER_BOUND_CHECK
#define FR_INTEGER_BOUND_CHECK(_name, _var, _op, _bound)
Definition cf_parse.h:522
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:284
FR_CONF_POINTER
#define FR_CONF_POINTER(_name, _type, _flags, _res_p)
conf_parser_t which parses a single CONF_PAIR producing a single global result
Definition cf_parse.h:339
FR_CONF_OFFSET_IS_SET
#define FR_CONF_OFFSET_IS_SET(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct,...
Definition cf_parse.h:298
FR_CONF_OFFSET_FLAGS
#define FR_CONF_OFFSET_FLAGS(_name, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:272
CONF_FLAG_MULTI
@ CONF_FLAG_MULTI
CONF_PAIR can have multiple copies.
Definition cf_parse.h:451
CONF_FLAG_SUBSECTION
@ CONF_FLAG_SUBSECTION
Instead of putting the information into a configuration structure, the configuration file routines MA...
Definition cf_parse.h:428
CONF_FLAG_HIDDEN
@ CONF_FLAG_HIDDEN
Used by scripts to omit items from the generated documentation.
Definition cf_parse.h:460
FR_CONF_OFFSET_TYPE_FLAGS
#define FR_CONF_OFFSET_TYPE_FLAGS(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition cf_parse.h:241
conf_parser_s
Defines a CONF_PAIR to C data type mapping.
Definition cf_parse.h:599
cf_item
Common header for all CONF_* types.
Definition cf_priv.h:49
cf_section
A section grouping multiple CONF_PAIR.
Definition cf_priv.h:101
cf_section_to_item
CONF_ITEM * cf_section_to_item(CONF_SECTION const *cs)
Cast a CONF_SECTION to a CONF_ITEM.
Definition cf_util.c:737
cf_item_to_section
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
Definition cf_util.c:683
cf_section_find_next
CONF_SECTION * cf_section_find_next(CONF_SECTION const *cs, CONF_SECTION const *prev, char const *name1, char const *name2)
Return the next matching section.
Definition cf_util.c:1048
cf_log_err
#define cf_log_err(_cf, _fmt,...)
Definition cf_util.h:289
cf_parent
#define cf_parent(_cf)
Definition cf_util.h:101
cf_log_perr
#define cf_log_perr(_cf, _fmt,...)
Definition cf_util.h:296
cf_log_warn
#define cf_log_warn(_cf, _fmt,...)
Definition cf_util.h:290
CF_IDENT_ANY
#define CF_IDENT_ANY
Definition cf_util.h:78
MEM
#define MEM(x)
Definition debug.h:36
ERROR
#define ERROR(fmt,...)
Definition dhcpclient.c:41
sockfd
static int sockfd
Definition dhcpclient.c:56
DEBUG
#define DEBUG(fmt,...)
Definition dhcpclient.c:39
MIN_PACKET_SIZE
#define MIN_PACKET_SIZE
Definition dhcpv4.h:88
dhcp_packet_t::yiaddr
uint32_t yiaddr
Definition dhcpv4.h:75
fr_dhcpv4_packet_get_option
uint8_t const * fr_dhcpv4_packet_get_option(dhcp_packet_t const *packet, size_t packet_size, fr_dict_attr_t const *da)
Retrieve a DHCP option from a raw packet buffer.
Definition packet.c:37
INADDR_BROADCAST
#define INADDR_BROADCAST
Definition dhcpv4.h:101
dhcp_packet_t::giaddr
uint32_t giaddr
Definition dhcpv4.h:77
FR_DHCP_REQUEST
@ FR_DHCP_REQUEST
Definition dhcpv4.h:47
FR_DHCP_OFFER
@ FR_DHCP_OFFER
Definition dhcpv4.h:46
FR_DHCP_DISCOVER
@ FR_DHCP_DISCOVER
Definition dhcpv4.h:45
FR_DHCP_LEASE_ACTIVE
@ FR_DHCP_LEASE_ACTIVE
Definition dhcpv4.h:57
FR_DHCP_LEASE_QUERY
@ FR_DHCP_LEASE_QUERY
Definition dhcpv4.h:54
FR_DHCP_NAK
@ FR_DHCP_NAK
Definition dhcpv4.h:50
FR_DHCP_ACK
@ FR_DHCP_ACK
Definition dhcpv4.h:49
dhcp_packet_t::opcode
uint8_t opcode
Definition dhcpv4.h:67
dhcp_packet_t::hlen
uint8_t hlen
Definition dhcpv4.h:69
dhcp_packet_t::hops
uint8_t hops
Definition dhcpv4.h:70
dhcp_packet_t::flags
uint16_t flags
Definition dhcpv4.h:73
dhcp_packet_t::xid
uint32_t xid
Definition dhcpv4.h:71
dhcp_packet_t::ciaddr
uint32_t ciaddr
Definition dhcpv4.h:74
DHCPV4_MAX_ATTRIBUTES
#define DHCPV4_MAX_ATTRIBUTES
Definition dhcpv4.h:91
dhcp_packet_t::chaddr
uint8_t chaddr[DHCP_CHADDR_LEN]
Definition dhcpv4.h:78
dhcp_packet_t
Definition dhcpv4.h:66
fr_dict_attr_autoload_t::out
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
Definition dict.h:274
fr_dict_autoload_t::out
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Definition dict.h:287
fr_dict_attr_autoload_t
Specifies an attribute which must be present for the module to function.
Definition dict.h:273
fr_dict_autoload_t
Specifies a dictionary which must be loaded/loadable for the module to function.
Definition dict.h:286
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition dl_module.h:63
fr_ipaddr_is_inaddr_any
int fr_ipaddr_is_inaddr_any(fr_ipaddr_t const *ipaddr)
Determine if an address is the INADDR_ANY address for its address family.
Definition inet.c:63
fr_ipaddr_t::af
int af
Address family.
Definition inet.h:64
fr_ipaddr_t::addr
union fr_ipaddr_t::@136 addr
fr_ipaddr_t
IPv4/6 prefix.
Definition merged_model.c:266
fr_io_address_t::socket
fr_socket_t socket
src/dst ip and port.
Definition base.h:336
fr_io_address_t
Definition base.h:335
fr_listen::app_io_addr
fr_socket_t * app_io_addr
for tracking duplicate sockets
Definition listen.h:36
fr_listen::app_io_instance
void const * app_io_instance
I/O path configuration context.
Definition listen.h:33
fr_listen::thread_instance
void * thread_instance
thread / socket context
Definition listen.h:34
fr_listen::fd
int fd
file descriptor for this socket - set by open
Definition listen.h:28
fr_listen
Definition listen.h:25
fr_client_s::ipaddr
fr_ipaddr_t ipaddr
IPv4/IPv6 address of the host.
Definition client.h:83
fr_client_s::secret
char const * secret
Secret PSK.
Definition client.h:90
fr_client_s::src_ipaddr
fr_ipaddr_t src_ipaddr
IPv4/IPv6 address to send responses from (family must match ipaddr).
Definition client.h:84
fr_client_s::nas_type
char const * nas_type
Type of client (arbitrary).
Definition client.h:126
fr_client_s::longname
char const * longname
Client identifier.
Definition client.h:87
fr_client_s::shortname
char const * shortname
Client nickname.
Definition client.h:88
fr_client_s
Describes a host allowed to send packets to the server.
Definition client.h:80
PERROR
#define PERROR(_fmt,...)
Definition log.h:228
PWARN
#define PWARN(_fmt,...)
Definition log.h:227
RATE_LIMIT_GLOBAL
#define RATE_LIMIT_GLOBAL(_log, _fmt,...)
Rate limit messages using a global limiting entry.
Definition log.h:641
talloc_free
talloc_free(reap)
udp_recv
ssize_t udp_recv(int sockfd, int flags, fr_socket_t *socket_out, void *data, size_t data_len, fr_time_t *when)
Read a UDP packet.
Definition udp.c:144
udp_send
int udp_send(fr_socket_t const *sock, int flags, void *data, size_t data_len)
Send a packet via a UDP socket.
Definition udp.c:42
fr_master_io_network
fr_trie_t * fr_master_io_network(TALLOC_CTX *ctx, int af, fr_ipaddr_t *allow, fr_ipaddr_t *deny)
Create a trie from arrays of allow / deny IP addresses.
Definition master.c:2906
mod_close
static int mod_close(fr_listen_t *li)
Close the socket.
Definition master.c:2764
fr_io_track_s::address
fr_io_address_t const * address
of this packet.. shared between multiple packets
Definition master.h:54
fr_io_track_s::packet
uint8_t * packet
really a tracking structure, not a packet
Definition master.h:56
fr_io_track_s
Definition master.h:40
uint16_t
unsigned short uint16_t
Definition merged_model.c:31
FR_TYPE_IPV4_ADDR
@ FR_TYPE_IPV4_ADDR
32 Bit IPv4 Address.
Definition merged_model.c:86
FR_TYPE_COMBO_IP_PREFIX
@ FR_TYPE_COMBO_IP_PREFIX
IPv4 or IPv6 address prefix depending on length.
Definition merged_model.c:92
FR_TYPE_UINT8
@ FR_TYPE_UINT8
8 Bit unsigned integer.
Definition merged_model.c:97
FR_TYPE_UINT32
@ FR_TYPE_UINT32
32 Bit unsigned integer.
Definition merged_model.c:99
FR_TYPE_COMBO_IP_ADDR
@ FR_TYPE_COMBO_IP_ADDR
IPv4 or IPv6 address depending on length.
Definition merged_model.c:91
uint32_t
unsigned int uint32_t
Definition merged_model.c:33
ssize_t
long int ssize_t
Definition merged_model.c:24
uint8_t
unsigned char uint8_t
Definition merged_model.c:30
fr_dict_attr_t
Definition merged_model.c:133
fr_dict_t
Definition merged_model.c:198
module_inst_ctx_t::mi
module_instance_t * mi
Instance of the module being instantiated.
Definition module_ctx.h:51
module_inst_ctx_t
Temporary structure to hold arguments for instantiation calls.
Definition module_ctx.h:50
proto_dhcpv4.h
proto_dhcpv4_track_t::chaddr
fr_ethernet_t chaddr
Definition proto_dhcpv4.h:50
proto_dhcpv4_track_t::hops
uint8_t hops
Definition proto_dhcpv4.h:52
proto_dhcpv4_track_t::giaddr
uint32_t giaddr
Definition proto_dhcpv4.h:54
proto_dhcpv4_track_t::ciaddr
uint32_t ciaddr
Definition proto_dhcpv4.h:53
proto_dhcpv4_track_t::xid
uint32_t xid
Definition proto_dhcpv4.h:49
proto_dhcpv4_track_t::message_type
int message_type
Definition proto_dhcpv4.h:48
proto_dhcpv4_track_t::broadcast
bool broadcast
Definition proto_dhcpv4.h:51
proto_dhcpv4_track_t
Definition proto_dhcpv4.h:47
proto_dhcpv4_udp_t::default_client
fr_client_t * default_client
default 0/0 client
Definition proto_dhcpv4_udp.c:87
mod_read
static ssize_t mod_read(fr_listen_t *li, void **packet_ctx, fr_time_t *recv_time_p, uint8_t *buffer, size_t buffer_len, size_t *leftover)
Definition proto_dhcpv4_udp.c:207
attr_dhcp_server_identifier
static fr_dict_attr_t const * attr_dhcp_server_identifier
Definition proto_dhcpv4_udp.c:143
proto_dhcpv4_udp_t::allow
fr_ipaddr_t * allow
allowed networks for dynamic clients
Definition proto_dhcpv4_udp.c:90
proto_dhcpv4_udp_t::max_attributes
uint32_t max_attributes
Limit maximum decodable attributes.
Definition proto_dhcpv4_udp.c:75
proto_dhcpv4_udp_t::dynamic_clients
bool dynamic_clients
whether we have dynamic clients
Definition proto_dhcpv4_udp.c:84
proto_dhcpv4_udp_dict
fr_dict_autoload_t proto_dhcpv4_udp_dict[]
Definition proto_dhcpv4_udp.c:137
proto_dhcpv4_udp_t::trie
fr_trie_t * trie
for parsed networks
Definition proto_dhcpv4_udp.c:89
proto_dhcpv4_udp_thread_t::sockfd
int sockfd
Definition proto_dhcpv4_udp.c:51
proto_dhcpv4_udp_t::port
uint16_t port
Port to listen on.
Definition proto_dhcpv4_udp.c:77
proto_dhcpv4_udp_t::src_ipaddr
fr_ipaddr_t src_ipaddr
IP address to source replies.
Definition proto_dhcpv4_udp.c:67
proto_dhcpv4_udp_thread_t::connection
fr_io_address_t * connection
for connected sockets.
Definition proto_dhcpv4_udp.c:53
proto_dhcpv4_udp_t::cs
CONF_SECTION * cs
our configuration
Definition proto_dhcpv4_udp.c:63
proto_dhcpv4_udp_t::port_name
char const * port_name
Name of the port for getservent().
Definition proto_dhcpv4_udp.c:70
mod_client_find
static fr_client_t * mod_client_find(fr_listen_t *li, fr_ipaddr_t const *ipaddr, int ipproto)
Definition proto_dhcpv4_udp.c:983
mod_open
static int mod_open(fr_listen_t *li)
Open a UDP listener for DHCPV4.
Definition proto_dhcpv4_udp.c:662
dict_dhcpv4
static fr_dict_t const * dict_dhcpv4
Definition proto_dhcpv4_udp.c:134
udp_listen_config
static const conf_parser_t udp_listen_config[]
Definition proto_dhcpv4_udp.c:107
mod_network_get
static void mod_network_get(int *ipproto, bool *dynamic_clients, fr_trie_t const **trie, void *instance)
Definition proto_dhcpv4_udp.c:649
mod_track_create
static void * mod_track_create(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client, fr_io_track_t *track, uint8_t const *packet, size_t packet_len)
Definition proto_dhcpv4_udp.c:773
proto_dhcpv4_udp_t::ipaddr
fr_ipaddr_t ipaddr
IP address to listen on.
Definition proto_dhcpv4_udp.c:65
networks_config
static const conf_parser_t networks_config[]
Definition proto_dhcpv4_udp.c:99
proto_dhcpv4_udp
fr_app_io_t proto_dhcpv4_udp
Definition proto_dhcpv4_udp.c:1000
proto_dhcpv4_udp_t::recv_buff_is_set
bool recv_buff_is_set
Whether we were provided with a receive buffer value.
Definition proto_dhcpv4_udp.c:82
proto_dhcpv4_udp_t::deny
fr_ipaddr_t * deny
denied networks for dynamic clients
Definition proto_dhcpv4_udp.c:91
proto_dhcpv4_udp_thread_t::stats
fr_stats_t stats
statistics for this socket
Definition proto_dhcpv4_udp.c:55
proto_dhcpv4_udp_dict_attr
fr_dict_attr_autoload_t proto_dhcpv4_udp_dict_attr[]
Definition proto_dhcpv4_udp.c:146
proto_dhcpv4_udp_t::client_port
uint16_t client_port
Client port to reply to.
Definition proto_dhcpv4_udp.c:78
proto_dhcpv4_udp_t::broadcast
bool broadcast
whether we listen for broadcast packets
Definition proto_dhcpv4_udp.c:80
proto_dhcpv4_udp_t::recv_buff
uint32_t recv_buff
How big the kernel's receive buffer should be.
Definition proto_dhcpv4_udp.c:72
mod_track_compare
static int mod_track_compare(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client, void const *one, void const *two)
Definition proto_dhcpv4_udp.c:812
mod_connection_set
static int mod_connection_set(fr_listen_t *li, fr_io_address_t *connection)
Definition proto_dhcpv4_udp.c:640
mod_fd_set
static int mod_fd_set(fr_listen_t *li, int fd)
Set the file descriptor for this socket.
Definition proto_dhcpv4_udp.c:756
mod_name
static char const * mod_name(fr_listen_t *li)
Definition proto_dhcpv4_udp.c:841
mod_write
static ssize_t mod_write(fr_listen_t *li, void *packet_ctx, UNUSED fr_time_t request_time, uint8_t *buffer, size_t buffer_len, UNUSED size_t written)
Definition proto_dhcpv4_udp.c:282
mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition proto_dhcpv4_udp.c:849
proto_dhcpv4_udp_t::clients
fr_client_list_t * clients
local clients
Definition proto_dhcpv4_udp.c:86
proto_dhcpv4_udp_t::max_packet_size
uint32_t max_packet_size
for message ring buffer.
Definition proto_dhcpv4_udp.c:74
proto_dhcpv4_udp_thread_t::name
char const * name
socket name
Definition proto_dhcpv4_udp.c:50
proto_dhcpv4_udp_t::interface
char const * interface
Interface to bind to.
Definition proto_dhcpv4_udp.c:69
attr_message_type
static fr_dict_attr_t const * attr_message_type
Definition proto_dhcpv4_udp.c:142
proto_dhcpv4_udp_t
Definition proto_dhcpv4_udp.c:62
proto_dhcpv4_udp_thread_t
Definition proto_dhcpv4_udp.c:49
dhcp_message_types
char const * dhcp_message_types[]
Definition base.c:127
fr_dhcpv4_ok
bool fr_dhcpv4_ok(uint8_t const *data, ssize_t data_len, uint8_t *message_type, uint32_t *xid)
Check received DHCP request is valid and build fr_packet_t structure if it is.
Definition base.c:246
fr_assert
#define fr_assert(_expr)
Definition rad_assert.h:38
ipproto
static int ipproto
Definition radclient-ng.c:92
client_port
static uint16_t client_port
Definition radclient.c:86
DEBUG2
#define DEBUG2(fmt,...)
Definition radclient.h:43
WARN
#define WARN(fmt,...)
Definition radclient.h:47
INFO
#define INFO(fmt,...)
Definition radict.c:54
send_reply
static void send_reply(int sockfd, fr_channel_data_t *reply)
Definition radius1_test.c:190
conf
static rs_t * conf
Definition radsniff.c:53
fr_rb_remove
void * fr_rb_remove(fr_rb_tree_t *tree, void const *data)
Remove an entry from the tree, without freeing the data.
Definition rb.c:695
fr_rb_find
void * fr_rb_find(fr_rb_tree_t const *tree, void const *data)
Find an element in the tree, returning the data, not the node.
Definition rb.c:577
fr_rb_insert
bool fr_rb_insert(fr_rb_tree_t *tree, void const *data)
Insert data into a tree.
Definition rb.c:626
fr_rb_inline_init
#define fr_rb_inline_init(_tree, _type, _field, _data_cmp, _data_free)
Initialises a red black tree.
Definition rb.h:180
fr_rb_flatten_inorder
int fr_rb_flatten_inorder(TALLOC_CTX *ctx, void **out[], fr_rb_tree_t *tree)
fr_rb_node_s
Definition rb.h:42
fr_rb_tree_s
The main red black tree structure.
Definition rb.h:73
module_instance_s::conf
CONF_SECTION * conf
Module's instance configuration.
Definition module.h:349
module_instance_s::data
void * data
Module's instance data.
Definition module.h:291
module_instance_s::parent
module_instance_t const * parent
Parent module's instance (if any).
Definition module.h:357
module_s::config
conf_parser_t const * config
How to convert a CONF_SECTION to a module instance.
Definition module.h:206
fr_stats_t::total_responses
uint64_t total_responses
Definition stats.h:38
fr_stats_t
Definition stats.h:34
fr_socket_server_udp
int fr_socket_server_udp(fr_ipaddr_t const *src_ipaddr, uint16_t *src_port, char const *port_name, bool async)
Open an IPv4/IPv6 unconnected UDP socket.
Definition socket.c:865
fr_socket_bind
int fr_socket_bind(int sockfd, char const *ifname, fr_ipaddr_t *src_ipaddr, uint16_t *src_port)
Bind a UDP/TCP v4/v6 socket to a given ipaddr src port, and interface.
Definition socket.c:227
client_find
fr_client_t * client_find(fr_client_list_t const *clients, fr_ipaddr_t const *ipaddr, int proto)
Definition client.c:373
client_list_parse_section
fr_client_list_t * client_list_parse_section(CONF_SECTION *section, int proto, TLS_UNUSED bool tls_required)
Definition client.c:469
fr_client_list_s
Group of clients.
Definition client.c:50
inst
eap_aka_sim_process_conf_t * inst
Definition state_machine.c:3651
fr_syserror
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
Definition syserror.c:243
talloc_get_type_abort_const
#define talloc_get_type_abort_const
Definition talloc.h:287
fr_time_s
"server local" time.
Definition time.h:69
fr_trie_s
Definition trie.c:484
UDP_FLAGS_CONNECTED
#define UDP_FLAGS_CONNECTED
Definition udp.h:38
close
close(uq->fd)
fr_packet_t::socket
fr_socket_t socket
This packet was received on.
Definition packet.h:57
fr_packet_t
Definition packet.h:56
fr_socket_addr_alloc_inet_src
static fr_socket_t * fr_socket_addr_alloc_inet_src(TALLOC_CTX *ctx, int proto, int ifindex, fr_ipaddr_t const *ipaddr, int port)
A variant of fr_socket_addr_init_inet_src will also allocates a fr_socket_t.
Definition socket.h:244
fr_socket_t::af
int af
AF_INET, AF_INET6, or AF_UNIX.
Definition socket.h:78
fr_socket_addr_swap
static void fr_socket_addr_swap(fr_socket_t *dst, fr_socket_t const *src)
Swap src/dst information of a fr_socket_t.
Definition socket.h:121
fr_socket_t
Holds information necessary for binding or connecting to a socket.
Definition socket.h:63
fr_box_ipaddr
#define fr_box_ipaddr(_val)
Definition value.h:316
Generated by   doxygen 1.9.8