1 /* $KAME: rtsol.c,v 1.27 2003/10/05 00:09:36 itojun Exp $ */
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include <sys/param.h>
35 #include <sys/socket.h>
38 #include <sys/queue.h>
43 #include <net/route.h>
44 #include <net/if_dl.h>
46 #include <netinet/in.h>
47 #include <netinet/ip6.h>
48 #include <netinet6/ip6_var.h>
49 #include <netinet/icmp6.h>
51 #include <arpa/inet.h>
64 #define ALLROUTER "ff02::2"
66 static struct msghdr rcvmhdr;
67 static struct msghdr sndmhdr;
68 static struct iovec rcviov[2];
69 static struct iovec sndiov[2];
70 static struct sockaddr_in6 from;
71 static int rcvcmsglen;
75 static struct sockaddr_in6 sin6_allrouters = {
76 .sin6_len = sizeof(sin6_allrouters),
77 .sin6_family = AF_INET6,
80 static void call_script(char *, char *);
81 static int safefile(const char *);
86 static u_char *rcvcmsgbuf = NULL, *sndcmsgbuf = NULL;
88 static u_char answer[1500];
89 struct icmp6_filter filt;
91 sndcmsglen = rcvcmsglen = CMSG_SPACE(sizeof(struct in6_pktinfo)) +
92 CMSG_SPACE(sizeof(int));
93 if (rcvcmsgbuf == NULL && (rcvcmsgbuf = malloc(rcvcmsglen)) == NULL) {
94 warnmsg(LOG_ERR, __func__,
95 "malloc for receive msghdr failed");
98 if (sndcmsgbuf == NULL && (sndcmsgbuf = malloc(sndcmsglen)) == NULL) {
99 warnmsg(LOG_ERR, __func__,
100 "malloc for send msghdr failed");
103 memset(&sin6_allrouters, 0, sizeof(struct sockaddr_in6));
104 sin6_allrouters.sin6_family = AF_INET6;
105 sin6_allrouters.sin6_len = sizeof(sin6_allrouters);
106 if (inet_pton(AF_INET6, ALLROUTER,
107 &sin6_allrouters.sin6_addr.s6_addr) != 1) {
108 warnmsg(LOG_ERR, __func__, "inet_pton failed for %s",
113 if ((rssock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) {
114 warnmsg(LOG_ERR, __func__, "socket: %s", strerror(errno));
118 /* specify to tell receiving interface */
120 #ifdef IPV6_RECVPKTINFO
121 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on,
123 warnmsg(LOG_ERR, __func__, "IPV6_RECVPKTINFO: %s",
127 #else /* old adv. API */
128 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_PKTINFO, &on,
130 warnmsg(LOG_ERR, __func__, "IPV6_PKTINFO: %s",
137 /* specify to tell value of hoplimit field of received IP6 hdr */
138 #ifdef IPV6_RECVHOPLIMIT
139 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on,
141 warnmsg(LOG_ERR, __func__, "IPV6_RECVHOPLIMIT: %s",
145 #else /* old adv. API */
146 if (setsockopt(rssock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on,
148 warnmsg(LOG_ERR, __func__, "IPV6_HOPLIMIT: %s",
154 /* specfiy to accept only router advertisements on the socket */
155 ICMP6_FILTER_SETBLOCKALL(&filt);
156 ICMP6_FILTER_SETPASS(ND_ROUTER_ADVERT, &filt);
157 if (setsockopt(rssock, IPPROTO_ICMPV6, ICMP6_FILTER, &filt,
158 sizeof(filt)) == -1) {
159 warnmsg(LOG_ERR, __func__, "setsockopt(ICMP6_FILTER): %s",
164 /* initialize msghdr for receiving packets */
165 rcviov[0].iov_base = (caddr_t)answer;
166 rcviov[0].iov_len = sizeof(answer);
167 rcvmhdr.msg_name = (caddr_t)&from;
168 rcvmhdr.msg_iov = rcviov;
169 rcvmhdr.msg_iovlen = 1;
170 rcvmhdr.msg_control = (caddr_t) rcvcmsgbuf;
172 /* initialize msghdr for sending packets */
173 sndmhdr.msg_namelen = sizeof(struct sockaddr_in6);
174 sndmhdr.msg_iov = sndiov;
175 sndmhdr.msg_iovlen = 1;
176 sndmhdr.msg_control = (caddr_t)sndcmsgbuf;
177 sndmhdr.msg_controllen = sndcmsglen;
183 sendpacket(struct ifinfo *ifinfo)
185 struct in6_pktinfo *pi;
189 struct sockaddr_in6 dst;
191 dst = sin6_allrouters;
192 dst.sin6_scope_id = ifinfo->linkid;
194 sndmhdr.msg_name = (caddr_t)&dst;
195 sndmhdr.msg_iov[0].iov_base = (caddr_t)ifinfo->rs_data;
196 sndmhdr.msg_iov[0].iov_len = ifinfo->rs_datalen;
198 cm = CMSG_FIRSTHDR(&sndmhdr);
199 /* specify the outgoing interface */
200 cm->cmsg_level = IPPROTO_IPV6;
201 cm->cmsg_type = IPV6_PKTINFO;
202 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
203 pi = (struct in6_pktinfo *)CMSG_DATA(cm);
204 memset(&pi->ipi6_addr, 0, sizeof(pi->ipi6_addr)); /*XXX*/
205 pi->ipi6_ifindex = ifinfo->sdl->sdl_index;
207 /* specify the hop limit of the packet */
208 cm = CMSG_NXTHDR(&sndmhdr, cm);
209 cm->cmsg_level = IPPROTO_IPV6;
210 cm->cmsg_type = IPV6_HOPLIMIT;
211 cm->cmsg_len = CMSG_LEN(sizeof(int));
212 memcpy(CMSG_DATA(cm), &hoplimit, sizeof(int));
214 warnmsg(LOG_DEBUG, __func__,
215 "send RS on %s, whose state is %d",
216 ifinfo->ifname, ifinfo->state);
217 i = sendmsg(rssock, &sndmhdr, 0);
218 if (i < 0 || (size_t)i != ifinfo->rs_datalen) {
220 * ENETDOWN is not so serious, especially when using several
221 * network cards on a mobile node. We ignore it.
223 if (errno != ENETDOWN || dflag > 0)
224 warnmsg(LOG_ERR, __func__, "sendmsg on %s: %s",
225 ifinfo->ifname, strerror(errno));
235 u_char ntopbuf[INET6_ADDRSTRLEN], ifnamebuf[IFNAMSIZ];
236 int ifindex = 0, *hlimp = NULL;
238 struct in6_pktinfo *pi = NULL;
239 struct ifinfo *ifi = NULL;
240 struct icmp6_hdr *icp;
241 struct nd_router_advert *nd_ra;
244 /* get message. namelen and controllen must always be initialized. */
245 rcvmhdr.msg_namelen = sizeof(from);
246 rcvmhdr.msg_controllen = rcvcmsglen;
247 if ((i = recvmsg(s, &rcvmhdr, 0)) < 0) {
248 warnmsg(LOG_ERR, __func__, "recvmsg: %s", strerror(errno));
252 /* extract optional information via Advanced API */
253 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(&rcvmhdr); cm;
254 cm = (struct cmsghdr *)CMSG_NXTHDR(&rcvmhdr, cm)) {
255 if (cm->cmsg_level == IPPROTO_IPV6 &&
256 cm->cmsg_type == IPV6_PKTINFO &&
257 cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) {
258 pi = (struct in6_pktinfo *)(CMSG_DATA(cm));
259 ifindex = pi->ipi6_ifindex;
261 if (cm->cmsg_level == IPPROTO_IPV6 &&
262 cm->cmsg_type == IPV6_HOPLIMIT &&
263 cm->cmsg_len == CMSG_LEN(sizeof(int)))
264 hlimp = (int *)CMSG_DATA(cm);
268 warnmsg(LOG_ERR, __func__,
269 "failed to get receiving interface");
273 warnmsg(LOG_ERR, __func__,
274 "failed to get receiving hop limit");
278 if ((size_t)i < sizeof(struct nd_router_advert)) {
279 warnmsg(LOG_INFO, __func__,
280 "packet size(%zd) is too short", i);
284 icp = (struct icmp6_hdr *)rcvmhdr.msg_iov[0].iov_base;
286 if (icp->icmp6_type != ND_ROUTER_ADVERT) {
288 * this should not happen because we configured a filter
289 * that only passes RAs on the receiving socket.
291 warnmsg(LOG_ERR, __func__,
292 "invalid icmp type(%d) from %s on %s", icp->icmp6_type,
293 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
295 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
299 if (icp->icmp6_code != 0) {
300 warnmsg(LOG_INFO, __func__,
301 "invalid icmp code(%d) from %s on %s", icp->icmp6_code,
302 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
304 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
309 warnmsg(LOG_INFO, __func__,
310 "invalid RA with hop limit(%d) from %s on %s",
312 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
314 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
318 if (pi && !IN6_IS_ADDR_LINKLOCAL(&from.sin6_addr)) {
319 warnmsg(LOG_INFO, __func__,
320 "invalid RA with non link-local source from %s on %s",
321 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
323 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
327 /* xxx: more validation? */
329 if ((ifi = find_ifinfo(pi->ipi6_ifindex)) == NULL) {
330 warnmsg(LOG_INFO, __func__,
331 "received RA from %s on an unexpected IF(%s)",
332 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf,
334 if_indextoname(pi->ipi6_ifindex, ifnamebuf));
338 warnmsg(LOG_DEBUG, __func__,
339 "received RA from %s on %s, state is %d",
340 inet_ntop(AF_INET6, &from.sin6_addr, ntopbuf, INET6_ADDRSTRLEN),
341 ifi->ifname, ifi->state);
343 nd_ra = (struct nd_router_advert *)icp;
346 * Process the "O bit."
347 * If the value of OtherConfigFlag changes from FALSE to TRUE, the
348 * host should invoke the stateful autoconfiguration protocol,
349 * requesting information.
350 * [RFC 2462 Section 5.5.3]
352 if (((nd_ra->nd_ra_flags_reserved) & ND_RA_FLAG_OTHER) &&
354 warnmsg(LOG_DEBUG, __func__,
355 "OtherConfigFlag on %s is turned on", ifi->ifname);
356 ifi->otherconfig = 1;
357 call_script(otherconf_script, ifi->ifname);
362 switch (ifi->state) {
363 case IFS_IDLE: /* should be ignored */
364 case IFS_DELAY: /* right? */
367 ifi->state = IFS_IDLE;
369 rtsol_timer_update(ifi);
375 call_script(char *scriptpath, char *ifname)
379 if (scriptpath == NULL)
382 /* launch the script */
385 warnmsg(LOG_ERR, __func__,
386 "failed to fork: %s", strerror(errno));
392 wpid = wait(&wstatus);
393 } while (wpid != pid && wpid > 0);
396 warnmsg(LOG_ERR, __func__,
397 "wait: %s", strerror(errno));
399 warnmsg(LOG_DEBUG, __func__,
400 "script \"%s\" terminated", scriptpath);
406 argv[0] = scriptpath;
410 if (safefile(scriptpath)) {
411 warnmsg(LOG_ERR, __func__,
412 "script \"%s\" cannot be executed safely",
417 if ((fd = open("/dev/null", O_RDWR)) != -1) {
418 dup2(fd, STDIN_FILENO);
419 dup2(fd, STDOUT_FILENO);
420 dup2(fd, STDERR_FILENO);
421 if (fd > STDERR_FILENO)
425 execv(scriptpath, argv);
427 warnmsg(LOG_ERR, __func__, "child: exec failed: %s",
436 safefile(const char *path)
442 if (getuid() != geteuid()) {
443 warnmsg(LOG_NOTICE, __func__,
444 "setuid'ed execution not allowed\n");
448 if (lstat(path, &s) != 0) {
449 warnmsg(LOG_NOTICE, __func__, "lstat failed: %s",
454 /* the file must be owned by the running uid */
456 if (s.st_uid != myuid) {
457 warnmsg(LOG_NOTICE, __func__,
458 "%s has invalid owner uid\n", path);
462 switch (s.st_mode & S_IFMT) {
466 warnmsg(LOG_NOTICE, __func__,
467 "%s is an invalid file type 0x%o\n",
468 path, (s.st_mode & S_IFMT));