libhydra: Move kernel interface to libcharon
[strongswan.git] / src / libcharon / plugins / dhcp / dhcp_socket.c
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "dhcp_socket.h"
17
18 #include <unistd.h>
19 #include <errno.h>
20 #include <string.h>
21 #include <netinet/in.h>
22 #include <netinet/ip.h>
23 #include <netinet/udp.h>
24 #include <linux/if_arp.h>
25 #include <linux/if_ether.h>
26 #include <linux/filter.h>
27
28 #include <collections/linked_list.h>
29 #include <utils/identification.h>
30 #include <threading/mutex.h>
31 #include <threading/condvar.h>
32 #include <threading/thread.h>
33
34 #include <daemon.h>
35 #include <processing/jobs/callback_job.h>
36
37 #define DHCP_SERVER_PORT 67
38 #define DHCP_CLIENT_PORT 68
39 #define DHCP_TRIES 5
40
41 typedef struct private_dhcp_socket_t private_dhcp_socket_t;
42
43 /**
44 * Private data of an dhcp_socket_t object.
45 */
46 struct private_dhcp_socket_t {
47
48 /**
49 * Public dhcp_socket_t interface.
50 */
51 dhcp_socket_t public;
52
53 /**
54 * Random number generator
55 */
56 rng_t *rng;
57
58 /**
59 * List of transactions in DISCOVER
60 */
61 linked_list_t *discover;
62
63 /**
64 * List of transactions in REQUEST
65 */
66 linked_list_t *request;
67
68 /**
69 * List of successfully completed transactions
70 */
71 linked_list_t *completed;
72
73 /**
74 * Lock for transactions
75 */
76 mutex_t *mutex;
77
78 /**
79 * Condvar to wait for transaction completion
80 */
81 condvar_t *condvar;
82
83 /**
84 * Threads waiting in condvar
85 */
86 int waiting;
87
88 /**
89 * DHCP send socket
90 */
91 int send;
92
93 /**
94 * DHCP receive socket
95 */
96 int receive;
97
98 /**
99 * Do we use per-identity or random leases (and MAC addresses)
100 */
101 bool identity_lease;
102
103 /**
104 * DHCP server address, or broadcast
105 */
106 host_t *dst;
107
108 /**
109 * Force configured destination address
110 */
111 bool force_dst;
112 };
113
114 /**
115 * DHCP opcode (or BOOTP actually)
116 */
117 typedef enum {
118 BOOTREQUEST = 1,
119 BOOTREPLY = 2,
120 } dhcp_opcode_t;
121
122 /**
123 * Some DHCP options used
124 */
125 typedef enum {
126 DHCP_DNS_SERVER = 6,
127 DHCP_HOST_NAME = 12,
128 DHCP_NBNS_SERVER = 44,
129 DHCP_REQUESTED_IP = 50,
130 DHCP_MESSAGE_TYPE = 53,
131 DHCP_SERVER_ID = 54,
132 DHCP_PARAM_REQ_LIST = 55,
133 DHCP_CLIENT_ID = 61,
134 DHCP_OPTEND = 255,
135 } dhcp_option_type_t;
136
137 /**
138 * DHCP messages types in the DHCP_MESSAGE_TYPE option
139 */
140 typedef enum {
141 DHCP_DISCOVER = 1,
142 DHCP_OFFER = 2,
143 DHCP_REQUEST = 3,
144 DHCP_DECLINE = 4,
145 DHCP_ACK = 5,
146 DHCP_NAK = 6,
147 DHCP_RELEASE = 7,
148 DHCP_INFORM = 8,
149 } dhcp_message_type_t;
150 /**
151 * DHCP option encoding, a TLV
152 */
153 typedef struct __attribute__((packed)) {
154 u_int8_t type;
155 u_int8_t len;
156 char data[];
157 } dhcp_option_t;
158
159 /**
160 * DHCP message format, with a maximum size options buffer
161 */
162 typedef struct __attribute__((packed)) {
163 u_int8_t opcode;
164 u_int8_t hw_type;
165 u_int8_t hw_addr_len;
166 u_int8_t hop_count;
167 u_int32_t transaction_id;
168 u_int16_t number_of_seconds;
169 u_int16_t flags;
170 u_int32_t client_address;
171 u_int32_t your_address;
172 u_int32_t server_address;
173 u_int32_t gateway_address;
174 char client_hw_addr[6];
175 char client_hw_padding[10];
176 char server_hostname[64];
177 char boot_filename[128];
178 u_int32_t magic_cookie;
179 char options[252];
180 } dhcp_t;
181
182 /**
183 * Prepare a DHCP message for a given transaction
184 */
185 static int prepare_dhcp(private_dhcp_socket_t *this,
186 dhcp_transaction_t *transaction,
187 dhcp_message_type_t type, dhcp_t *dhcp)
188 {
189 chunk_t chunk, broadcast = chunk_from_chars(0xFF,0xFF,0xFF,0xFF);
190 identification_t *identity;
191 dhcp_option_t *option;
192 int optlen = 0;
193 host_t *src;
194 u_int32_t id;
195
196 memset(dhcp, 0, sizeof(*dhcp));
197 dhcp->opcode = BOOTREQUEST;
198 dhcp->hw_type = ARPHRD_ETHER;
199 dhcp->hw_addr_len = 6;
200 dhcp->transaction_id = transaction->get_id(transaction);
201 if (chunk_equals(broadcast, this->dst->get_address(this->dst)))
202 {
203 /* Set broadcast flag to get broadcasted replies, as we actually
204 * do not own the MAC we request an address for. */
205 dhcp->flags = htons(0x8000);
206 /* TODO: send with 0.0.0.0 source address */
207 }
208 else
209 {
210 /* act as relay agent */
211 src = charon->kernel->get_source_addr(charon->kernel, this->dst, NULL);
212 if (src)
213 {
214 memcpy(&dhcp->gateway_address, src->get_address(src).ptr,
215 sizeof(dhcp->gateway_address));
216 src->destroy(src);
217 }
218 }
219
220 identity = transaction->get_identity(transaction);
221 chunk = identity->get_encoding(identity);
222 /* magic bytes, a locally administered unicast MAC */
223 dhcp->client_hw_addr[0] = 0x7A;
224 dhcp->client_hw_addr[1] = 0xA7;
225 /* with ID specific postfix */
226 if (this->identity_lease)
227 {
228 id = htonl(chunk_hash_static(chunk));
229 }
230 else
231 {
232 id = transaction->get_id(transaction);
233 }
234 memcpy(&dhcp->client_hw_addr[2], &id, sizeof(id));
235
236 dhcp->magic_cookie = htonl(0x63825363);
237
238 option = (dhcp_option_t*)&dhcp->options[optlen];
239 option->type = DHCP_MESSAGE_TYPE;
240 option->len = 1;
241 option->data[0] = type;
242 optlen += sizeof(dhcp_option_t) + option->len;
243
244 if (identity->get_type(identity) == ID_FQDN)
245 {
246 option = (dhcp_option_t*)&dhcp->options[optlen];
247 option->type = DHCP_HOST_NAME;
248 option->len = min(chunk.len, 64);
249 memcpy(option->data, chunk.ptr, option->len);
250 optlen += sizeof(dhcp_option_t) + option->len;
251 }
252
253 option = (dhcp_option_t*)&dhcp->options[optlen];
254 option->type = DHCP_CLIENT_ID;
255 option->len = min(chunk.len, 64);
256 memcpy(option->data, chunk.ptr, option->len);
257 optlen += sizeof(dhcp_option_t) + option->len;
258
259 return optlen;
260 }
261
262 /**
263 * Send a DHCP message with given options length
264 */
265 static bool send_dhcp(private_dhcp_socket_t *this,
266 dhcp_transaction_t *transaction, dhcp_t *dhcp, int optlen)
267 {
268 host_t *dst;
269 ssize_t len;
270
271 dst = transaction->get_server(transaction);
272 if (!dst || this->force_dst)
273 {
274 dst = this->dst;
275 }
276 len = offsetof(dhcp_t, magic_cookie) + ((optlen + 4) / 64 * 64 + 64);
277 return sendto(this->send, dhcp, len, 0, dst->get_sockaddr(dst),
278 *dst->get_sockaddr_len(dst)) == len;
279 }
280
281 /**
282 * Send DHCP discover using a given transaction
283 */
284 static bool discover(private_dhcp_socket_t *this,
285 dhcp_transaction_t *transaction)
286 {
287 dhcp_option_t *option;
288 dhcp_t dhcp;
289 int optlen;
290
291 optlen = prepare_dhcp(this, transaction, DHCP_DISCOVER, &dhcp);
292
293 DBG1(DBG_CFG, "sending DHCP DISCOVER to %H", this->dst);
294
295 option = (dhcp_option_t*)&dhcp.options[optlen];
296 option->type = DHCP_PARAM_REQ_LIST;
297 option->len = 2;
298 option->data[0] = DHCP_DNS_SERVER;
299 option->data[1] = DHCP_NBNS_SERVER;
300 optlen += sizeof(dhcp_option_t) + option->len;
301
302 dhcp.options[optlen++] = DHCP_OPTEND;
303
304 if (!send_dhcp(this, transaction, &dhcp, optlen))
305 {
306 DBG1(DBG_CFG, "sending DHCP DISCOVER failed: %s", strerror(errno));
307 return FALSE;
308 }
309 return TRUE;
310 }
311
312 /**
313 * Send DHCP request using a given transaction
314 */
315 static bool request(private_dhcp_socket_t *this,
316 dhcp_transaction_t *transaction)
317 {
318 dhcp_option_t *option;
319 dhcp_t dhcp;
320 host_t *offer, *server;
321 chunk_t chunk;
322 int optlen;
323
324 optlen = prepare_dhcp(this, transaction, DHCP_REQUEST, &dhcp);
325
326 offer = transaction->get_address(transaction);
327 server = transaction->get_server(transaction);
328 if (!offer || !server)
329 {
330 return FALSE;
331 }
332 DBG1(DBG_CFG, "sending DHCP REQUEST for %H to %H", offer, server);
333
334 option = (dhcp_option_t*)&dhcp.options[optlen];
335 option->type = DHCP_REQUESTED_IP;
336 option->len = 4;
337 chunk = offer->get_address(offer);
338 memcpy(option->data, chunk.ptr, min(chunk.len, option->len));
339 optlen += sizeof(dhcp_option_t) + option->len;
340
341 option = (dhcp_option_t*)&dhcp.options[optlen];
342 option->type = DHCP_SERVER_ID;
343 option->len = 4;
344 chunk = server->get_address(server);
345 memcpy(option->data, chunk.ptr, min(chunk.len, option->len));
346 optlen += sizeof(dhcp_option_t) + option->len;
347
348 option = (dhcp_option_t*)&dhcp.options[optlen];
349 option->type = DHCP_PARAM_REQ_LIST;
350 option->len = 2;
351 option->data[0] = DHCP_DNS_SERVER;
352 option->data[1] = DHCP_NBNS_SERVER;
353 optlen += sizeof(dhcp_option_t) + option->len;
354
355 dhcp.options[optlen++] = DHCP_OPTEND;
356
357 if (!send_dhcp(this, transaction, &dhcp, optlen))
358 {
359 DBG1(DBG_CFG, "sending DHCP REQUEST failed: %s", strerror(errno));
360 return FALSE;
361 }
362 return TRUE;
363 }
364
365 METHOD(dhcp_socket_t, enroll, dhcp_transaction_t*,
366 private_dhcp_socket_t *this, identification_t *identity)
367 {
368 dhcp_transaction_t *transaction;
369 u_int32_t id;
370 int try;
371
372 if (!this->rng->get_bytes(this->rng, sizeof(id), (u_int8_t*)&id))
373 {
374 DBG1(DBG_CFG, "DHCP DISCOVER failed, no transaction ID");
375 return NULL;
376 }
377 transaction = dhcp_transaction_create(id, identity);
378
379 this->mutex->lock(this->mutex);
380 this->discover->insert_last(this->discover, transaction);
381 try = 1;
382 while (try <= DHCP_TRIES && discover(this, transaction))
383 {
384 if (!this->condvar->timed_wait(this->condvar, this->mutex, 1000 * try) &&
385 this->request->find_first(this->request, NULL,
386 (void**)&transaction) == SUCCESS)
387 {
388 break;
389 }
390 try++;
391 }
392 if (this->discover->remove(this->discover, transaction, NULL))
393 { /* no OFFER received */
394 this->mutex->unlock(this->mutex);
395 transaction->destroy(transaction);
396 DBG1(DBG_CFG, "DHCP DISCOVER timed out");
397 return NULL;
398 }
399
400 try = 1;
401 while (try <= DHCP_TRIES && request(this, transaction))
402 {
403 if (!this->condvar->timed_wait(this->condvar, this->mutex, 1000 * try) &&
404 this->completed->remove(this->completed, transaction, NULL))
405 {
406 break;
407 }
408 try++;
409 }
410 if (this->request->remove(this->request, transaction, NULL))
411 { /* no ACK received */
412 this->mutex->unlock(this->mutex);
413 transaction->destroy(transaction);
414 DBG1(DBG_CFG, "DHCP REQUEST timed out");
415 return NULL;
416 }
417 this->mutex->unlock(this->mutex);
418
419 return transaction;
420 }
421
422 METHOD(dhcp_socket_t, release, void,
423 private_dhcp_socket_t *this, dhcp_transaction_t *transaction)
424 {
425 dhcp_option_t *option;
426 dhcp_t dhcp;
427 host_t *release, *server;
428 chunk_t chunk;
429 int optlen;
430
431 optlen = prepare_dhcp(this, transaction, DHCP_RELEASE, &dhcp);
432
433 release = transaction->get_address(transaction);
434 server = transaction->get_server(transaction);
435 if (!release || !server)
436 {
437 return;
438 }
439 DBG1(DBG_CFG, "sending DHCP RELEASE for %H to %H", release, server);
440
441 chunk = release->get_address(release);
442 memcpy(&dhcp.client_address, chunk.ptr,
443 min(chunk.len, sizeof(dhcp.client_address)));
444
445 option = (dhcp_option_t*)&dhcp.options[optlen];
446 option->type = DHCP_SERVER_ID;
447 option->len = 4;
448 chunk = server->get_address(server);
449 memcpy(option->data, chunk.ptr, min(chunk.len, option->len));
450 optlen += sizeof(dhcp_option_t) + option->len;
451
452 dhcp.options[optlen++] = DHCP_OPTEND;
453
454 if (!send_dhcp(this, transaction, &dhcp, optlen))
455 {
456 DBG1(DBG_CFG, "sending DHCP RELEASE failed: %s", strerror(errno));
457 }
458 }
459
460 /**
461 * Handle a DHCP OFFER
462 */
463 static void handle_offer(private_dhcp_socket_t *this, dhcp_t *dhcp, int optlen)
464 {
465 dhcp_transaction_t *transaction = NULL;
466 enumerator_t *enumerator;
467 host_t *offer, *server = NULL;
468
469 offer = host_create_from_chunk(AF_INET,
470 chunk_from_thing(dhcp->your_address), 0);
471
472 this->mutex->lock(this->mutex);
473 enumerator = this->discover->create_enumerator(this->discover);
474 while (enumerator->enumerate(enumerator, &transaction))
475 {
476 if (transaction->get_id(transaction) == dhcp->transaction_id)
477 {
478 this->discover->remove_at(this->discover, enumerator);
479 this->request->insert_last(this->request, transaction);
480 break;
481 }
482 }
483 enumerator->destroy(enumerator);
484
485 if (transaction)
486 {
487 int optsize, optpos = 0, pos;
488 dhcp_option_t *option;
489
490 while (optlen > sizeof(dhcp_option_t))
491 {
492 option = (dhcp_option_t*)&dhcp->options[optpos];
493 optsize = sizeof(dhcp_option_t) + option->len;
494 if (option->type == DHCP_OPTEND || optlen < optsize)
495 {
496 break;
497 }
498 if (option->type == DHCP_DNS_SERVER ||
499 option->type == DHCP_NBNS_SERVER)
500 {
501 for (pos = 0; pos + 4 <= option->len; pos += 4)
502 {
503 transaction->add_attribute(transaction, option->type ==
504 DHCP_DNS_SERVER ? INTERNAL_IP4_DNS : INTERNAL_IP4_NBNS,
505 chunk_create((char*)&option->data[pos], 4));
506 }
507 }
508 if (!server && option->type == DHCP_SERVER_ID && option->len == 4)
509 {
510 server = host_create_from_chunk(AF_INET,
511 chunk_create(option->data, 4), DHCP_SERVER_PORT);
512 }
513 optlen -= optsize;
514 optpos += optsize;
515 }
516 if (!server)
517 {
518 server = host_create_from_chunk(AF_INET,
519 chunk_from_thing(dhcp->server_address), DHCP_SERVER_PORT);
520 }
521 DBG1(DBG_CFG, "received DHCP OFFER %H from %H", offer, server);
522 transaction->set_address(transaction, offer->clone(offer));
523 transaction->set_server(transaction, server);
524 }
525 this->mutex->unlock(this->mutex);
526 this->condvar->broadcast(this->condvar);
527 offer->destroy(offer);
528 }
529
530 /**
531 * Handle a DHCP ACK
532 */
533 static void handle_ack(private_dhcp_socket_t *this, dhcp_t *dhcp, int optlen)
534 {
535 dhcp_transaction_t *transaction;
536 enumerator_t *enumerator;
537 host_t *offer;
538
539 offer = host_create_from_chunk(AF_INET,
540 chunk_from_thing(dhcp->your_address), 0);
541
542 this->mutex->lock(this->mutex);
543 enumerator = this->request->create_enumerator(this->request);
544 while (enumerator->enumerate(enumerator, &transaction))
545 {
546 if (transaction->get_id(transaction) == dhcp->transaction_id)
547 {
548 DBG1(DBG_CFG, "received DHCP ACK for %H", offer);
549 this->request->remove_at(this->request, enumerator);
550 this->completed->insert_last(this->completed, transaction);
551 break;
552 }
553 }
554 enumerator->destroy(enumerator);
555 this->mutex->unlock(this->mutex);
556 this->condvar->broadcast(this->condvar);
557 offer->destroy(offer);
558 }
559
560 /**
561 * Receive DHCP responses
562 */
563 static bool receive_dhcp(private_dhcp_socket_t *this, int fd,
564 watcher_event_t event)
565 {
566 struct sockaddr_ll addr;
567 socklen_t addr_len = sizeof(addr);
568 struct __attribute__((packed)) {
569 struct iphdr ip;
570 struct udphdr udp;
571 dhcp_t dhcp;
572 } packet;
573 int optlen, origoptlen, optsize, optpos = 0;
574 ssize_t len;
575 dhcp_option_t *option;
576
577 len = recvfrom(fd, &packet, sizeof(packet), MSG_DONTWAIT,
578 (struct sockaddr*)&addr, &addr_len);
579
580 if (len >= sizeof(struct iphdr) + sizeof(struct udphdr) +
581 offsetof(dhcp_t, options))
582 {
583 origoptlen = optlen = len - sizeof(struct iphdr) +
584 sizeof(struct udphdr) + offsetof(dhcp_t, options);
585 while (optlen > sizeof(dhcp_option_t))
586 {
587 option = (dhcp_option_t*)&packet.dhcp.options[optpos];
588 optsize = sizeof(dhcp_option_t) + option->len;
589 if (option->type == DHCP_OPTEND || optlen < optsize)
590 {
591 break;
592 }
593 if (option->type == DHCP_MESSAGE_TYPE && option->len == 1)
594 {
595 switch (option->data[0])
596 {
597 case DHCP_OFFER:
598 handle_offer(this, &packet.dhcp, origoptlen);
599 break;
600 case DHCP_ACK:
601 handle_ack(this, &packet.dhcp, origoptlen);
602 default:
603 break;
604 }
605 break;
606 }
607 optlen -= optsize;
608 optpos += optsize;
609 }
610 }
611 return TRUE;
612 }
613
614 METHOD(dhcp_socket_t, destroy, void,
615 private_dhcp_socket_t *this)
616 {
617 while (this->waiting)
618 {
619 this->condvar->signal(this->condvar);
620 }
621 if (this->send > 0)
622 {
623 close(this->send);
624 }
625 if (this->receive > 0)
626 {
627 lib->watcher->remove(lib->watcher, this->receive);
628 close(this->receive);
629 }
630 this->mutex->destroy(this->mutex);
631 this->condvar->destroy(this->condvar);
632 this->discover->destroy_offset(this->discover,
633 offsetof(dhcp_transaction_t, destroy));
634 this->request->destroy_offset(this->request,
635 offsetof(dhcp_transaction_t, destroy));
636 this->completed->destroy_offset(this->completed,
637 offsetof(dhcp_transaction_t, destroy));
638 DESTROY_IF(this->rng);
639 DESTROY_IF(this->dst);
640 free(this);
641 }
642
643 /**
644 * Bind a socket to a particular interface name
645 */
646 static bool bind_to_device(int fd, char *iface)
647 {
648 struct ifreq ifreq;
649
650 if (strlen(iface) > sizeof(ifreq.ifr_name))
651 {
652 DBG1(DBG_CFG, "name for DHCP interface too long: '%s'", iface);
653 return FALSE;
654 }
655 memcpy(ifreq.ifr_name, iface, sizeof(ifreq.ifr_name));
656 if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, &ifreq, sizeof(ifreq)))
657 {
658 DBG1(DBG_CFG, "binding DHCP socket to '%s' failed: %s",
659 iface, strerror(errno));
660 return FALSE;
661 }
662 return TRUE;
663 }
664
665 /**
666 * See header
667 */
668 dhcp_socket_t *dhcp_socket_create()
669 {
670 private_dhcp_socket_t *this;
671 struct sockaddr_in src = {
672 .sin_family = AF_INET,
673 .sin_port = htons(DHCP_CLIENT_PORT),
674 .sin_addr = {
675 .s_addr = INADDR_ANY,
676 },
677 };
678 char *iface;
679 int on = 1;
680 struct sock_filter dhcp_filter_code[] = {
681 BPF_STMT(BPF_LD+BPF_B+BPF_ABS,
682 offsetof(struct iphdr, protocol)),
683 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IPPROTO_UDP, 0, 16),
684 BPF_STMT(BPF_LD+BPF_H+BPF_ABS, sizeof(struct iphdr) +
685 offsetof(struct udphdr, source)),
686 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_SERVER_PORT, 0, 14),
687 BPF_STMT(BPF_LD+BPF_H+BPF_ABS, sizeof(struct iphdr) +
688 offsetof(struct udphdr, dest)),
689 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_CLIENT_PORT, 0, 2),
690 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, DHCP_SERVER_PORT, 0, 1),
691 BPF_JUMP(BPF_JMP+BPF_JA, 0, 0, 10),
692 BPF_STMT(BPF_LD+BPF_B+BPF_ABS, sizeof(struct iphdr) +
693 sizeof(struct udphdr) + offsetof(dhcp_t, opcode)),
694 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, BOOTREPLY, 0, 8),
695 BPF_STMT(BPF_LD+BPF_B+BPF_ABS, sizeof(struct iphdr) +
696 sizeof(struct udphdr) + offsetof(dhcp_t, hw_type)),
697 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ARPHRD_ETHER, 0, 6),
698 BPF_STMT(BPF_LD+BPF_B+BPF_ABS, sizeof(struct iphdr) +
699 sizeof(struct udphdr) + offsetof(dhcp_t, hw_addr_len)),
700 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 6, 0, 4),
701 BPF_STMT(BPF_LD+BPF_W+BPF_ABS, sizeof(struct iphdr) +
702 sizeof(struct udphdr) + offsetof(dhcp_t, magic_cookie)),
703 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 0x63825363, 0, 2),
704 BPF_STMT(BPF_LD+BPF_W+BPF_LEN, 0),
705 BPF_STMT(BPF_RET+BPF_A, 0),
706 BPF_STMT(BPF_RET+BPF_K, 0),
707 };
708 struct sock_fprog dhcp_filter = {
709 sizeof(dhcp_filter_code) / sizeof(struct sock_filter),
710 dhcp_filter_code,
711 };
712
713 INIT(this,
714 .public = {
715 .enroll = _enroll,
716 .release = _release,
717 .destroy = _destroy,
718 },
719 .rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK),
720 .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
721 .condvar = condvar_create(CONDVAR_TYPE_DEFAULT),
722 .discover = linked_list_create(),
723 .request = linked_list_create(),
724 .completed = linked_list_create(),
725 );
726
727 if (!this->rng)
728 {
729 DBG1(DBG_CFG, "unable to create RNG");
730 destroy(this);
731 return NULL;
732 }
733 this->identity_lease = lib->settings->get_bool(lib->settings,
734 "%s.plugins.dhcp.identity_lease", FALSE,
735 lib->ns);
736 this->force_dst = lib->settings->get_str(lib->settings,
737 "%s.plugins.dhcp.force_server_address", FALSE,
738 lib->ns);
739 this->dst = host_create_from_string(lib->settings->get_str(lib->settings,
740 "%s.plugins.dhcp.server", "255.255.255.255",
741 lib->ns), DHCP_SERVER_PORT);
742 iface = lib->settings->get_str(lib->settings, "%s.plugins.dhcp.interface",
743 NULL, lib->ns);
744 if (!this->dst)
745 {
746 DBG1(DBG_CFG, "configured DHCP server address invalid");
747 destroy(this);
748 return NULL;
749 }
750
751 this->send = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
752 if (this->send == -1)
753 {
754 DBG1(DBG_CFG, "unable to create DHCP send socket: %s", strerror(errno));
755 destroy(this);
756 return NULL;
757 }
758 if (setsockopt(this->send, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1)
759 {
760 DBG1(DBG_CFG, "unable to reuse DHCP socket address: %s", strerror(errno));
761 destroy(this);
762 return NULL;
763 }
764 if (setsockopt(this->send, SOL_SOCKET, SO_BROADCAST, &on, sizeof(on)) == -1)
765 {
766 DBG1(DBG_CFG, "unable to broadcast on DHCP socket: %s", strerror(errno));
767 destroy(this);
768 return NULL;
769 }
770 if (bind(this->send, (struct sockaddr*)&src, sizeof(src)) == -1)
771 {
772 DBG1(DBG_CFG, "unable to bind DHCP send socket: %s", strerror(errno));
773 destroy(this);
774 return NULL;
775 }
776
777 this->receive = socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_IP));
778 if (this->receive == -1)
779 {
780 DBG1(DBG_NET, "opening DHCP receive socket failed: %s", strerror(errno));
781 destroy(this);
782 return NULL;
783 }
784 if (setsockopt(this->receive, SOL_SOCKET, SO_ATTACH_FILTER,
785 &dhcp_filter, sizeof(dhcp_filter)) < 0)
786 {
787 DBG1(DBG_CFG, "installing DHCP socket filter failed: %s",
788 strerror(errno));
789 destroy(this);
790 return NULL;
791 }
792 if (iface)
793 {
794 if (!bind_to_device(this->send, iface) ||
795 !bind_to_device(this->receive, iface))
796 {
797 destroy(this);
798 return NULL;
799 }
800 }
801
802 lib->watcher->add(lib->watcher, this->receive, WATCHER_READ,
803 (watcher_cb_t)receive_dhcp, this);
804
805 return &this->public;
806 }