contrib/wpa/src/ap/dhcp_snoop.c

   1 /*
   2  * DHCP snooping for Proxy ARP
   3  * Copyright (c) 2014, Qualcomm Atheros, Inc.
   4  *
   5  * This software may be distributed under the terms of the BSD license.
   6  * See README for more details.
   7  */
   8
   9 #include "utils/includes.h"
  10
  11 #include "utils/common.h"
  12 #include "common/dhcp.h"
  13 #include "l2_packet/l2_packet.h"
  14 #include "hostapd.h"
  15 #include "sta_info.h"
  16 #include "ap_drv_ops.h"
  17 #include "x_snoop.h"
  18 #include "dhcp_snoop.h"
  19
  20
  21 static const char * ipaddr_str(u32 addr)
  22 {
  23         static char buf[17];
  24
  25         os_snprintf(buf, sizeof(buf), "%u.%u.%u.%u",
  26                     (addr >> 24) & 0xff, (addr >> 16) & 0xff,
  27                     (addr >> 8) & 0xff, addr & 0xff);
  28         return buf;
  29 }
  30
  31
  32 static void handle_dhcp(void *ctx, const u8 *src_addr, const u8 *buf,
  33                         size_t len)
  34 {
  35         struct hostapd_data *hapd = ctx;
  36         const struct bootp_pkt *b;
  37         struct sta_info *sta;
  38         int exten_len;
  39         const u8 *end, *pos;
  40         int res, msgtype = 0, prefixlen = 32;
  41         u32 subnet_mask = 0;
  42         u16 tot_len;
  43
  44         exten_len = len - ETH_HLEN - (sizeof(*b) - sizeof(b->exten));
  45         if (exten_len < 4)
  46                 return;
  47
  48         b = (const struct bootp_pkt *) &buf[ETH_HLEN];
  49         tot_len = ntohs(b->iph.tot_len);
  50         if (tot_len > (unsigned int) (len - ETH_HLEN))
  51                 return;
  52
  53         if (WPA_GET_BE32(b->exten) != DHCP_MAGIC)
  54                 return;
  55
  56         /* Parse DHCP options */
  57         end = (const u8 *) b + tot_len;
  58         pos = &b->exten[4];
  59         while (pos < end && *pos != DHCP_OPT_END) {
  60                 const u8 *opt = pos++;
  61
  62                 if (*opt == DHCP_OPT_PAD)
  63                         continue;
  64
  65                 if (pos >= end || 1 + *pos > end - pos)
  66                         break;
  67                 pos += *pos + 1;
  68                 if (pos >= end)
  69                         break;
  70
  71                 switch (*opt) {
  72                 case DHCP_OPT_SUBNET_MASK:
  73                         if (opt[1] == 4)
  74                                 subnet_mask = WPA_GET_BE32(&opt[2]);
  75                         if (subnet_mask == 0)
  76                                 return;
  77                         while (!(subnet_mask & 0x1)) {
  78                                 subnet_mask >>= 1;
  79                                 prefixlen--;
  80                         }
  81                         break;
  82                 case DHCP_OPT_MSG_TYPE:
  83                         if (opt[1])
  84                                 msgtype = opt[2];
  85                         break;
  86                 default:
  87                         break;
  88                 }
  89         }
  90
  91         if (hapd->conf->disable_dgaf && is_broadcast_ether_addr(buf)) {
  92                 for (sta = hapd->sta_list; sta; sta = sta->next) {
  93                         if (!(sta->flags & WLAN_STA_AUTHORIZED))
  94                                 continue;
  95                         x_snoop_mcast_to_ucast_convert_send(hapd, sta,
  96                                                             (u8 *) buf, len);
  97                 }
  98         }
  99
 100         if (msgtype == DHCPACK) {
 101                 if (b->your_ip == 0)
 102                         return;
 103
 104                 /* DHCPACK for DHCPREQUEST */
 105                 sta = ap_get_sta(hapd, b->hw_addr);
 106                 if (!sta)
 107                         return;
 108
 109                 wpa_printf(MSG_DEBUG, "dhcp_snoop: Found DHCPACK for " MACSTR
 110                            " @ IPv4 address %s/%d",
 111                            MAC2STR(sta->addr),
 112                            ipaddr_str(be_to_host32(b->your_ip)),
 113                            prefixlen);
 114
 115                 if (sta->ipaddr == b->your_ip)
 116                         return;
 117
 118                 if (sta->ipaddr != 0) {
 119                         wpa_printf(MSG_DEBUG,
 120                                    "dhcp_snoop: Removing IPv4 address %s from the ip neigh table",
 121                                    ipaddr_str(be_to_host32(sta->ipaddr)));
 122                         hostapd_drv_br_delete_ip_neigh(hapd, 4,
 123                                                        (u8 *) &sta->ipaddr);
 124                 }
 125
 126                 res = hostapd_drv_br_add_ip_neigh(hapd, 4, (u8 *) &b->your_ip,
 127                                                   prefixlen, sta->addr);
 128                 if (res) {
 129                         wpa_printf(MSG_DEBUG,
 130                                    "dhcp_snoop: Adding ip neigh table failed: %d",
 131                                    res);
 132                         return;
 133                 }
 134                 sta->ipaddr = b->your_ip;
 135         }
 136 }
 137
 138
 139 int dhcp_snoop_init(struct hostapd_data *hapd)
 140 {
 141         hapd->sock_dhcp = x_snoop_get_l2_packet(hapd, handle_dhcp,
 142                                                 L2_PACKET_FILTER_DHCP);
 143         if (hapd->sock_dhcp == NULL) {
 144                 wpa_printf(MSG_DEBUG,
 145                            "dhcp_snoop: Failed to initialize L2 packet processing for DHCP packet: %s",
 146                            strerror(errno));
 147                 return -1;
 148         }
 149
 150         return 0;
 151 }
 152
 153
 154 void dhcp_snoop_deinit(struct hostapd_data *hapd)
 155 {
 156         l2_packet_deinit(hapd->sock_dhcp);
 157         hapd->sock_dhcp = NULL;
 158 }