24#define LOG_PREFIX "proto_dhcpv6_udp"
26#include <freeradius-devel/server/protocol.h>
27#include <freeradius-devel/util/udp.h>
28#include <freeradius-devel/util/trie.h>
29#include <freeradius-devel/io/application.h>
30#include <freeradius-devel/io/listen.h>
31#include <freeradius-devel/io/schedule.h>
32#include <freeradius-devel/protocol/dhcpv6/freeradius.internal.h>
151 address = *address_p;
169 packet_len = data_size;
185 if (!
inst->multicast) {
204 (
int) packet_len, thread->
name);
252 if (data_size <= 0)
return data_size;
272 *dynamic_clients =
inst->dynamic_clients;
291 PERROR(
"Failed opening UDP socket");
305 if (setsockopt(
sockfd, SOL_SOCKET, SO_REUSEPORT, &on,
sizeof(on)) < 0) {
313 if (
inst->recv_buff_is_set) {
316 opt =
inst->recv_buff;
317 if (setsockopt(
sockfd, SOL_SOCKET, SO_RCVBUF, &opt,
sizeof(
int)) < 0) {
330 PERROR(
"Failed binding socket");
340 if (
inst->multicast) {
341 struct ipv6_mreq mreq;
343 mreq.ipv6mr_multiaddr =
inst->ipaddr.addr.v6;
344 mreq.ipv6mr_interface = if_nametoindex(
inst->interface);
345 if (setsockopt(
sockfd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq,
sizeof(mreq)) < 0) {
350 if (
inst->hop_limit) {
351 int hop_limit =
inst->hop_limit;
353 if (setsockopt(
sockfd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
354 (
char *) &hop_limit,
sizeof(hop_limit)) < 0) {
396 size_t t_size =
sizeof(*t);
403 if (packet_len < (2 + 32))
return NULL;
411 if (!option)
return NULL;
416 packet_len = option_len;
419 if (packet_len <= 4)
return NULL;
425 if (!option)
return NULL;
429 if (option_len > ((packet - option) + packet_len))
return NULL;
434 talloc_set_name_const(t,
"proto_dhcpv6_track_t");
436 memcpy(&t->
header, packet, 4);
438 memcpy(&t->
client_id[0], option + 4, option_len);
446 void const *one,
void const *two)
453 if (ret != 0)
return ret;
456 if (ret != 0)
return ret;
484 if (
inst->ipaddr.af == AF_UNSPEC) {
485 if (!
inst->interface) {
486 cf_log_err(
conf,
"No 'ipaddr' was specified in the 'udp' section");
495 if (
inst->interface &&
497 cf_log_err(
conf,
"No 'ipaddr' specified, and we cannot determine one for interface '%s'",
503 if (
inst->ipaddr.af != AF_INET6) {
516 if (
inst->src_ipaddr.af == AF_UNSPEC) {
517 if (!
inst->multicast) {
526 if (!
inst->interface) {
528 if (!
inst->interface) {
531 "determine one for 'ipaddr = %pV'",
541 if (!
inst->interface)
goto interface_fail;
544 cf_log_err(
conf,
"No 'src_ipaddr' specified, and we cannot determine "
545 "one for 'ipaddr = %pV' and interface '%s'",
555 if (
inst->src_ipaddr.af !=
inst->ipaddr.af) {
556 cf_log_err(
conf,
"Both 'ipaddr' and 'src_ipaddr' must be from the same address family");
566 if (
inst->recv_buff_is_set) {
577 if (!
inst->port_name) {
582 s = getservbyname(
inst->port_name,
"udp");
588 inst->port = ntohl(s->s_port);
595 num = talloc_array_length(
inst->allow);
597 if (
inst->dynamic_clients) {
598 cf_log_err(
conf,
"The 'allow' subsection MUST contain at least one 'network' entry when "
599 "'dynamic_clients = true'.");
625 if (!
inst->clients) {
635 if (!
inst->default_client)
return 0;
644 client->
nas_type = talloc_strdup(client,
"other");
660 if (client)
return client;
663 return inst->default_client;
669 .name =
"dhcpv6_udp",
675 .default_message_size = 4096,
676 .track_duplicates =
true,
static int const char char buffer[256]
char const * fr_app_io_socket_name(TALLOC_CTX *ctx, fr_app_io_t const *app_io, fr_ipaddr_t const *src_ipaddr, int src_port, fr_ipaddr_t const *dst_ipaddr, int dst_port, char const *interface)
module_t common
Common fields to all loadable modules.
Public structure describing an I/O path for a protocol.
#define CONF_PARSER_TERMINATOR
#define FR_INTEGER_BOUND_CHECK(_name, _var, _op, _bound)
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
#define FR_CONF_POINTER(_name, _type, _flags, _res_p)
conf_parser_t which parses a single CONF_PAIR producing a single global result
#define FR_CONF_OFFSET_IS_SET(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct,...
@ CONF_FLAG_MULTI
CONF_PAIR can have multiple copies.
@ CONF_FLAG_SUBSECTION
Instead of putting the information into a configuration structure, the configuration file routines MA...
#define FR_CONF_OFFSET_TYPE_FLAGS(_name, _type, _flags, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Defines a CONF_PAIR to C data type mapping.
Common header for all CONF_* types.
A section grouping multiple CONF_PAIR.
CONF_ITEM * cf_section_to_item(CONF_SECTION const *cs)
Cast a CONF_SECTION to a CONF_ITEM.
CONF_SECTION * cf_item_to_section(CONF_ITEM const *ci)
Cast a CONF_ITEM to a CONF_SECTION.
CONF_SECTION * cf_section_find_next(CONF_SECTION const *cs, CONF_SECTION const *prev, char const *name1, char const *name2)
Return the next matching section.
#define cf_log_err(_cf, _fmt,...)
#define cf_log_perr(_cf, _fmt,...)
@ FR_DHCPV6_RELAY_FORWARD
#define DHCPV6_MAX_ATTRIBUTES
uint8_t transaction_id[3]
subtype values for DHCPv4 and DHCPv6
fr_dict_attr_t const ** out
Where to write a pointer to the resolved fr_dict_attr_t.
fr_dict_t const ** out
Where to write a pointer to the loaded/resolved fr_dict_t.
Specifies an attribute which must be present for the module to function.
Specifies a dictionary which must be loaded/loadable for the module to function.
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
int fr_interface_to_ipaddr(char const *interface, fr_ipaddr_t *ipaddr, int af, bool link_local)
int fr_ipaddr_is_multicast(fr_ipaddr_t const *ipaddr)
Determine if an address is a multicast address.
int fr_ipaddr_is_inaddr_any(fr_ipaddr_t const *ipaddr)
Determine if an address is the INADDR_ANY address for its address family.
char * fr_ipaddr_to_interface(TALLOC_CTX *ctx, fr_ipaddr_t *ipaddr)
int fr_interface_to_ethernet(char const *interface, fr_ethernet_t *ethernet)
Struct to represent an ethernet address.
fr_socket_t socket
src/dst ip and port.
fr_socket_t * app_io_addr
for tracking duplicate sockets
void const * app_io_instance
I/O path configuration context.
void * thread_instance
thread / socket context
int fd
file descriptor for this socket - set by open
fr_ipaddr_t ipaddr
IPv4/IPv6 address of the host.
char const * secret
Secret PSK.
fr_ipaddr_t src_ipaddr
IPv4/IPv6 address to send responses from (family must match ipaddr).
char const * nas_type
Type of client (arbitrary).
char const * longname
Client identifier.
char const * shortname
Client nickname.
Describes a host allowed to send packets to the server.
#define RATE_LIMIT_GLOBAL(_log, _fmt,...)
Rate limit messages using a global limiting entry.
ssize_t udp_recv(int sockfd, int flags, fr_socket_t *socket_out, void *data, size_t data_len, fr_time_t *when)
Read a UDP packet.
int udp_send(fr_socket_t const *sock, int flags, void *data, size_t data_len)
Send a packet via a UDP socket.
fr_trie_t * fr_master_io_network(TALLOC_CTX *ctx, int af, fr_ipaddr_t *allow, fr_ipaddr_t *deny)
Create a trie from arrays of allow / deny IP addresses.
fr_io_address_t const * address
of this packet.. shared between multiple packets
@ FR_TYPE_COMBO_IP_PREFIX
IPv4 or IPv6 address prefix depending on length.
@ FR_TYPE_UINT32
32 Bit unsigned integer.
@ FR_TYPE_STRUCT
like TLV, but without T or L, and fixed-width children
@ FR_TYPE_IPV6_ADDR
128 Bit IPv6 Address.
@ FR_TYPE_COMBO_IP_ADDR
IPv4 or IPv6 address depending on length.
@ FR_TYPE_GROUP
A grouping of other attributes.
module_instance_t * mi
Instance of the module being instantiated.
Temporary structure to hold arguments for instantiation calls.
static uint16_t fr_nbo_to_uint16(uint8_t const data[static sizeof(uint16_t)])
Read an unsigned 16bit integer from wire format (big endian)
static uint32_t fr_nbo_to_uint24(uint8_t const data[static 3])
Read an unsigned 24bit integer from wire format (big endian)
bool dynamic_clients
whether we have dynamic clients
fr_ipaddr_t ipaddr
IP address to listen on.
static fr_dict_attr_t const * attr_packet_type
static ssize_t mod_read(fr_listen_t *li, void **packet_ctx, fr_time_t *recv_time_p, uint8_t *buffer, size_t buffer_len, size_t *leftover)
uint32_t max_attributes
Limit maximum decodable attributes.
fr_ipaddr_t * allow
allowed networks for dynamic clients
fr_dict_attr_autoload_t proto_dhcpv6_udp_dict_attr[]
fr_ethernet_t ethernet
ethernet address associated with the interface
uint32_t max_packet_size
for message ring buffer.
char const * interface
Interface to bind to.
char const * port_name
Name of the port for getservent().
fr_io_address_t * connection
for connected sockets.
fr_client_t * default_client
default 0/0 client
static fr_client_t * mod_client_find(fr_listen_t *li, fr_ipaddr_t const *ipaddr, int ipproto)
static int mod_open(fr_listen_t *li)
Open a UDP listener for DHCPv6.
static const conf_parser_t udp_listen_config[]
static fr_dict_attr_t const * attr_relay_message
uint32_t hop_limit
for multicast addresses
static void mod_network_get(int *ipproto, bool *dynamic_clients, fr_trie_t const **trie, void *instance)
static void * mod_track_create(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client, fr_io_track_t *track, uint8_t const *packet, size_t packet_len)
static const conf_parser_t networks_config[]
bool multicast
whether or not we listen for multicast packets
fr_stats_t stats
statistics for this socket
static fr_dict_t const * dict_dhcpv6
fr_client_list_t * clients
local clients
uint32_t recv_buff
How big the kernel's receive buffer should be.
static int mod_track_compare(UNUSED void const *instance, UNUSED void *thread_instance, UNUSED fr_client_t *client, void const *one, void const *two)
CONF_SECTION * cs
our configuration
static int mod_connection_set(fr_listen_t *li, fr_io_address_t *connection)
uint16_t port
Port to listen on.
bool recv_buff_is_set
Whether we were provided with a receive buffer value.
fr_trie_t * trie
for parsed networks
static fr_dict_attr_t const * attr_client_id
static int mod_fd_set(fr_listen_t *li, int fd)
Set the file descriptor for this socket.
static char const * mod_name(fr_listen_t *li)
static ssize_t mod_write(fr_listen_t *li, void *packet_ctx, UNUSED fr_time_t request_time, uint8_t *buffer, size_t buffer_len, UNUSED size_t written)
static int mod_instantiate(module_inst_ctx_t const *mctx)
fr_ipaddr_t src_ipaddr
IP address to source replies.
fr_ipaddr_t * deny
denied networks for dynamic clients
fr_app_io_t proto_dhcpv6_udp
char const * name
socket name
fr_dict_autoload_t proto_dhcpv6_udp_dict[]
uint8_t const * fr_dhcpv6_option_find(uint8_t const *start, uint8_t const *end, unsigned int option)
char const * fr_dhcpv6_packet_names[FR_DHCPV6_CODE_MAX]
CONF_SECTION * conf
Module's instance configuration.
void * data
Module's instance data.
module_instance_t const * parent
Parent module's instance (if any).
conf_parser_t const * config
How to convert a CONF_SECTION to a module instance.
int fr_socket_server_udp(fr_ipaddr_t const *src_ipaddr, uint16_t *src_port, char const *port_name, bool async)
Open an IPv4/IPv6 unconnected UDP socket.
int fr_socket_bind(int sockfd, char const *ifname, fr_ipaddr_t *src_ipaddr, uint16_t *src_port)
Bind a UDP/TCP v4/v6 socket to a given ipaddr src port, and interface.
fr_client_t * client_find(fr_client_list_t const *clients, fr_ipaddr_t const *ipaddr, int proto)
fr_client_list_t * client_list_parse_section(CONF_SECTION *section, int proto, TLS_UNUSED bool tls_required)
eap_aka_sim_process_conf_t * inst
char const * fr_syserror(int num)
Guaranteed to be thread-safe version of strerror.
#define talloc_get_type_abort_const
#define UDP_FLAGS_CONNECTED
static fr_socket_t * fr_socket_addr_alloc_inet_src(TALLOC_CTX *ctx, int proto, int ifindex, fr_ipaddr_t const *ipaddr, int port)
A variant of fr_socket_addr_init_inet_src will also allocates a fr_socket_t.
static void fr_socket_addr_swap(fr_socket_t *dst, fr_socket_t const *src)
Swap src/dst information of a fr_socket_t.
Holds information necessary for binding or connecting to a socket.
#define fr_box_ipaddr(_val)
1.9.8