src/vnet/dhcp/dhcp6_client_common_dp.c

   1 /*
   2  * Copyright (c) 2018 Cisco and/or its affiliates.
   3  * Licensed under the Apache License, Version 2.0 (the "License");
   4  * you may not use this file except in compliance with the License.
   5  * You may obtain a copy of the License at:
   6  *
   7  *     http://www.apache.org/licenses/LICENSE-2.0
   8  *
   9  * Unless required by applicable law or agreed to in writing, software
  10  * distributed under the License is distributed on an "AS IS" BASIS,
  11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12  * See the License for the specific language governing permissions and
  13  * limitations under the License.
  14  */
  15
  16 #include <vnet/dhcp/dhcp6_client_common_dp.h>
  17 #include <vnet/dhcp/dhcp6_ia_na_client_dp.h>
  18 #include <vnet/dhcp/dhcp6_pd_client_dp.h>
  19 #include <vnet/dhcp/dhcp6_packet.h>
  20 #include <vnet/udp/udp.h>
  21
  22 dhcp6_client_common_main_t dhcp6_client_common_main;
  23 dhcpv6_duid_ll_string_t client_duid;
  24
  25 u32
  26 server_index_get_or_create (u8 * data, u16 len)
  27 {
  28   dhcp6_client_common_main_t *ccm = &dhcp6_client_common_main;
  29   u32 i;
  30   server_id_t *se;
  31   server_id_t new_se;
  32
  33   for (i = 0; i < vec_len (ccm->server_ids); i++)
  34     {
  35       se = &ccm->server_ids[i];
  36       if (se->len == len && 0 == memcmp (se->data, data, len))
  37         return i;
  38     }
  39
  40   new_se.len = len;
  41   new_se.data = 0;
  42   vec_validate (new_se.data, len - 1);
  43   memcpy (new_se.data, data, len);
  44
  45   vec_add1 (ccm->server_ids, new_se);
  46
  47   return vec_len (ccm->server_ids) - 1;
  48 }
  49
  50 void
  51 vl_api_dhcp6_duid_ll_set_t_handler (vl_api_dhcp6_duid_ll_set_t * mp)
  52 {
  53   vl_api_dhcp6_duid_ll_set_reply_t *rmp;
  54   dhcpv6_duid_ll_string_t *duid;
  55   int rv = 0;
  56
  57   duid = (dhcpv6_duid_ll_string_t *) mp->duid_ll;
  58   if (duid->duid_type != htonl (DHCPV6_DUID_LL))
  59     {
  60       rv = VNET_API_ERROR_INVALID_VALUE;
  61       goto reply;
  62     }
  63   clib_memcpy (&client_duid, &duid, sizeof (client_duid));
  64
  65 reply:
  66   REPLY_MACRO (VL_API_DHCP6_DUID_LL_SET_REPLY);
  67 }
  68
  69 static void
  70 generate_client_duid (void)
  71 {
  72   client_duid.duid_type = htons (DHCPV6_DUID_LL);
  73   client_duid.hardware_type = htons (1);
  74
  75   vnet_main_t *vnm = vnet_get_main ();
  76   vnet_interface_main_t *im = &vnm->interface_main;
  77   vnet_hw_interface_t *hi;
  78   ethernet_interface_t *eth_if = 0;
  79
  80   /* *INDENT-OFF* */
  81   pool_foreach (hi, im->hw_interfaces,
  82   ({
  83     eth_if = ethernet_get_interface (&ethernet_main, hi->hw_if_index);
  84     if (eth_if)
  85       break;
  86   }));
  87   /* *INDENT-ON* */
  88
  89   if (eth_if)
  90     clib_memcpy (client_duid.lla, eth_if->address, 6);
  91   else
  92     {
  93       clib_warning ("Failed to find any Ethernet interface, "
  94                     "setting DHCPv6 DUID link-layer address to random value");
  95       u32 seed = random_default_seed ();
  96       random_u32 (&seed);
  97       client_duid.lla[0] = 0xc2;        /* locally administered unicast */
  98       client_duid.lla[1] = 0x18;
  99       client_duid.lla[2] = 0x44;
 100       client_duid.lla[3] = random_u32 (&seed);
 101       client_duid.lla[4] = random_u32 (&seed);
 102       client_duid.lla[5] = random_u32 (&seed);
 103     }
 104 }
 105
 106 #define foreach_dhcpv6_client \
 107   _(DROP, "error-drop")       \
 108   _(LOOKUP, "ip6-lookup")
 109
 110 typedef enum
 111 {
 112 #define _(sym,str) DHCPV6_CLIENT_NEXT_##sym,
 113   foreach_dhcpv6_client
 114 #undef _
 115     DHCPV6_CLIENT_N_NEXT,
 116 } dhcpv6_client_next_t;
 117
 118 /**
 119  * per-packet trace data
 120  */
 121 typedef struct dhcpv6_client_trace_t_
 122 {
 123 } dhcpv6_client_trace_t;
 124
 125 static u8 *
 126 format_dhcpv6_client_trace (u8 * s, va_list * args)
 127 {
 128   CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
 129   CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
 130   //dhcpv6_client_trace_t *t = va_arg (*args, dhcpv6_client_trace_t *);
 131
 132   s = format (s, "nothing");
 133
 134   return s;
 135 }
 136
 137 static uword
 138 dhcpv6_client_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node,
 139                        vlib_frame_t * frame)
 140 {
 141   dhcp6_ia_na_client_main_t *icm = &dhcp6_ia_na_client_main;
 142   dhcp6_pd_client_main_t *pcm = &dhcp6_pd_client_main;
 143
 144   dhcpv6_client_next_t next_index;
 145   u32 n_left_from, *from, *to_next;
 146   next_index = 0;
 147   n_left_from = frame->n_vectors;
 148   from = vlib_frame_vector_args (frame);
 149
 150   while (n_left_from > 0)
 151     {
 152       u32 n_left_to_next;
 153
 154       vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
 155
 156       while (n_left_from > 0 && n_left_to_next > 0)
 157         {
 158           ip6_header_t *ip0;
 159           u32 options_length;
 160           dhcpv6_header_t *dhcpv60;
 161           dhcpv6_option_t *option;
 162           vlib_buffer_t *b0;
 163           dhcp6_report_common_t report;
 164           dhcp6_address_info_t *addresses = 0;
 165           dhcp6_prefix_info_t *prefixes = 0;
 166           u32 next0 = DHCPV6_CLIENT_NEXT_DROP;
 167           u32 bi0;
 168           u32 xid;
 169           u32 sw_if_index;
 170           u32 iaid;
 171           u8 client_id_present = 0;
 172           u8 discard = 0;
 173           u8 is_pd_packet = 0;
 174
 175           dhcp6_ia_na_client_state_t *ia_na_client_state = NULL;
 176           dhcp6_pd_client_state_t *pd_client_state = NULL;
 177
 178           bi0 = from[0];
 179           to_next[0] = bi0;
 180           from += 1;
 181           to_next += 1;
 182           n_left_from -= 1;
 183           n_left_to_next -= 1;
 184
 185           b0 = vlib_get_buffer (vm, bi0);
 186
 187           dhcpv60 = vlib_buffer_get_current (b0);
 188           ip0 = (void *) (b0->data + vnet_buffer (b0)->l3_hdr_offset);
 189           u32 dhcpv6_ip6_payload_offset =
 190             (u8 *) dhcpv60 - ((u8 *) ip0 + sizeof (*ip0));
 191           options_length =
 192             ntohs (ip0->payload_length) - dhcpv6_ip6_payload_offset -
 193             sizeof (*dhcpv60);
 194
 195           clib_memset (&report, 0, sizeof (report));
 196
 197           sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_RX];
 198           if (sw_if_index >= vec_len (icm->client_state_by_sw_if_index))
 199             ia_na_client_state = 0;
 200           else
 201             ia_na_client_state =
 202               &icm->client_state_by_sw_if_index[sw_if_index];
 203           if (sw_if_index >= vec_len (pcm->client_state_by_sw_if_index))
 204             pd_client_state = 0;
 205           else
 206             pd_client_state = &pcm->client_state_by_sw_if_index[sw_if_index];
 207
 208           xid =
 209             (dhcpv60->xid[0] << 16) + (dhcpv60->xid[1] << 8) +
 210             dhcpv60->xid[2];
 211           if (ia_na_client_state && ia_na_client_state->transaction_id == xid)
 212             is_pd_packet = 0;
 213           else if (pd_client_state && pd_client_state->transaction_id == xid)
 214             is_pd_packet = 1;
 215           else
 216             {
 217               clib_warning
 218                 ("Received DHCPv6 message with wrong Transaction ID");
 219               discard = 1;
 220             }
 221
 222           report.sw_if_index = sw_if_index;
 223           report.msg_type = dhcpv60->msg_type;
 224           report.server_index = ~0;
 225
 226           switch (dhcpv60->msg_type)
 227             {
 228             case DHCPV6_MSG_ADVERTISE:
 229             case DHCPV6_MSG_REPLY:
 230               option = (dhcpv6_option_t *) (dhcpv60 + 1);
 231               while (options_length > 0)
 232                 {
 233                   if (options_length <
 234                       ntohs (option->length) + sizeof (*option))
 235                     {
 236                       clib_warning
 237                         ("remaining payload length < option length (%d < %d)",
 238                          options_length,
 239                          ntohs (option->length) + sizeof (*option));
 240                       break;
 241                     }
 242                   u16 oo = ntohs (option->option);
 243                   if (oo == DHCPV6_OPTION_IA_NA || oo == DHCPV6_OPTION_IA_PD)
 244                     {
 245                       u8 discard_option = 0;
 246                       dhcpv6_ia_header_t *ia_header = (void *) option;
 247                       iaid = ntohl (ia_header->iaid);
 248                       u32 T1 = ntohl (ia_header->t1);
 249                       u32 T2 = ntohl (ia_header->t2);
 250                       if (iaid != DHCPV6_CLIENT_IAID)
 251                         discard_option = 1;
 252                       if (T1 != 0 && T2 != 0 && T1 > T2)
 253                         discard_option = 1;
 254                       if (!discard_option)
 255                         {
 256                           report.T1 = T1;
 257                           report.T2 = T2;
 258                         }
 259                       dhcpv6_option_t *inner_option =
 260                         (void *) ia_header->data;
 261                       u16 inner_options_length =
 262                         ntohs (option->length) - (sizeof (*ia_header) -
 263                                                   sizeof (dhcpv6_option_t));
 264                       while (inner_options_length > 0)
 265                         {
 266                           u16 inner_oo = ntohs (inner_option->option);
 267                           if (discard_option)
 268                             ;
 269                           else if (inner_oo == DHCPV6_OPTION_IAADDR)
 270                             {
 271                               dhcpv6_ia_opt_addr_t *iaaddr =
 272                                 (void *) inner_option;
 273                               u32 n_addresses = vec_len (addresses);
 274                               vec_validate (addresses, n_addresses);
 275                               dhcp6_address_info_t *address_info =
 276                                 &addresses[n_addresses];
 277                               address_info->preferred_time =
 278                                 ntohl (iaaddr->preferred);
 279                               address_info->valid_time =
 280                                 ntohl (iaaddr->valid);
 281                               address_info->address = iaaddr->addr;
 282                             }
 283                           else if (inner_oo == DHCPV6_OPTION_IAPREFIX)
 284                             {
 285                               dhcpv6_ia_opt_pd_t *iaprefix =
 286                                 (void *) inner_option;
 287                               u32 n_prefixes = vec_len (prefixes);
 288                               vec_validate (prefixes, n_prefixes);
 289                               dhcp6_prefix_info_t *prefix_info =
 290                                 &prefixes[n_prefixes];
 291                               prefix_info->preferred_time =
 292                                 ntohl (iaprefix->preferred);
 293                               prefix_info->valid_time =
 294                                 ntohl (iaprefix->valid);
 295                               prefix_info->prefix_length = iaprefix->prefix;
 296                               prefix_info->prefix = iaprefix->addr;
 297                             }
 298                           else if (inner_oo == DHCPV6_OPTION_STATUS_CODE)
 299                             {
 300                               dhcpv6_status_code_t *sc =
 301                                 (void *) inner_option;
 302                               report.inner_status_code =
 303                                 ntohs (sc->status_code);
 304                             }
 305                           inner_options_length -=
 306                             sizeof (*inner_option) +
 307                             ntohs (inner_option->length);
 308                           inner_option =
 309                             (void *) ((u8 *) inner_option +
 310                                       sizeof (*inner_option) +
 311                                       ntohs (inner_option->length));
 312                         }
 313                     }
 314                   else if (oo == DHCPV6_OPTION_CLIENTID)
 315                     {
 316                       if (client_id_present)
 317                         {
 318                           clib_warning
 319                             ("Duplicate Client ID in received DHVPv6 message");
 320                           discard = 1;
 321                         }
 322                       else
 323                         {
 324                           u16 len = ntohs (option->length);
 325                           client_id_present = 1;
 326                           if (len != CLIENT_DUID_LENGTH ||
 327                               0 != memcmp (option->data,
 328                                            client_duid.bin_string,
 329                                            CLIENT_DUID_LENGTH))
 330                             {
 331                               clib_warning
 332                                 ("Unrecognized client DUID inside received DHVPv6 message");
 333                               discard = 1;
 334                             }
 335                         }
 336                     }
 337                   else if (oo == DHCPV6_OPTION_SERVERID)
 338                     {
 339                       if (report.server_index != ~0)
 340                         {
 341                           clib_warning
 342                             ("Duplicate Server ID in received DHVPv6 message");
 343                           discard = 1;
 344                         }
 345                       else
 346                         {
 347                           u16 ol = ntohs (option->length);
 348                           if (ol - 2 /* 2 byte DUID type code */  > 128)
 349                             {
 350                               clib_warning
 351                                 ("Server DUID (without type code) is longer than 128 octets");
 352                               discard = 1;
 353                             }
 354                           else
 355                             {
 356                               report.server_index =
 357                                 server_index_get_or_create (option->data, ol);
 358                             }
 359                         }
 360                     }
 361                   else if (oo == DHCPV6_OPTION_PREFERENCE)
 362                     {
 363                       report.preference = option->data[0];
 364                     }
 365                   else if (oo == DHCPV6_OPTION_STATUS_CODE)
 366                     {
 367                       dhcpv6_status_code_t *sc = (void *) option;
 368                       report.status_code = ntohs (sc->status_code);
 369                     }
 370                   options_length -= sizeof (*option) + ntohs (option->length);
 371                   option =
 372                     (void *) ((u8 *) option + sizeof (*option) +
 373                               ntohs (option->length));
 374                 }
 375
 376               if (!client_id_present)
 377                 {
 378                   clib_warning
 379                     ("Missing Client ID in received DHVPv6 message");
 380                   discard = 1;
 381                 }
 382               if (report.server_index == ~0)
 383                 {
 384                   clib_warning
 385                     ("Missing Server ID in received DHVPv6 message");
 386                   discard = 1;
 387                 }
 388
 389               if (!discard)
 390                 {
 391                   if (!is_pd_packet)
 392                     {
 393                       address_report_t r;
 394                       r.body = report;
 395                       r.n_addresses = vec_len (addresses);
 396                       r.addresses = addresses;
 397                       dhcp6_publish_report (&r);
 398                       /* We just gave addresses to another process! */
 399                       addresses = 0;
 400                     }
 401                   else
 402                     {
 403                       prefix_report_t r;
 404                       r.body = report;
 405                       r.n_prefixes = vec_len (prefixes);
 406                       r.prefixes = prefixes;
 407                       dhcp6_pd_publish_report (&r);
 408                       /* We just gave prefixes to another process! */
 409                       prefixes = 0;
 410                     }
 411                 }
 412               vec_free (addresses);
 413               vec_free (prefixes);
 414
 415               break;
 416             default:
 417               break;
 418             }
 419
 420           if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
 421             {
 422               dhcpv6_client_trace_t *t =
 423                 vlib_add_trace (vm, node, b0, sizeof (*t));
 424             }
 425
 426           /* verify speculative enqueue, maybe switch current next frame */
 427           vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
 428                                            to_next, n_left_to_next,
 429                                            bi0, next0);
 430         }
 431
 432       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 433     }
 434
 435   return frame->n_vectors;
 436 }
 437
 438 /* *INDENT-OFF* */
 439 VLIB_REGISTER_NODE (dhcpv6_client_node, static) = {
 440     .function = dhcpv6_client_node_fn,
 441     .name = "dhcpv6-client",
 442     .vector_size = sizeof (u32),
 443
 444     .n_errors = 0,
 445
 446     .n_next_nodes = DHCPV6_CLIENT_N_NEXT,
 447     .next_nodes = {
 448   #define _(s,n) [DHCPV6_CLIENT_NEXT_##s] = n,
 449       foreach_dhcpv6_client
 450   #undef _
 451     },
 452
 453     .format_trace = format_dhcpv6_client_trace,
 454 };
 455 /* *INDENT-ON* */
 456
 457 void
 458 dhcp6_clients_enable_disable (u8 enable)
 459 {
 460   vlib_main_t *vm = vlib_get_main ();
 461
 462   if (enable)
 463     {
 464       if (client_duid.duid_type == 0)
 465         generate_client_duid ();
 466       udp_register_dst_port (vm, UDP_DST_PORT_dhcpv6_to_client,
 467                              dhcpv6_client_node.index, 0 /* is_ip6 */ );
 468     }
 469   else
 470     udp_unregister_dst_port (vm, UDP_DST_PORT_dhcpv6_to_client,
 471                              0 /* is_ip6 */ );
 472 }
 473
 474 void
 475   vl_api_dhcp6_clients_enable_disable_t_handler
 476   (vl_api_dhcp6_clients_enable_disable_t * mp)
 477 {
 478   vl_api_dhcp6_clients_enable_disable_reply_t *rmp;
 479   int rv = 0;
 480
 481   dhcp6_clients_enable_disable (mp->enable);
 482
 483   REPLY_MACRO (VL_API_DHCP6_CLIENTS_ENABLE_DISABLE_REPLY);
 484 }
 485
 486 /*
 487  * fd.io coding-style-patch-verification: ON
 488  *
 489  * Local Variables:
 490  * eval: (c-set-style "gnu")
 491  * End:
 492  */