/* vim: set expandtab ts=4 sw=4: */ /* * You may redistribute this program and/or modify it under the terms of * the GNU General Public License as published by the Free Software Foundation, * either version 3 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ #include "exception/Except.h" #include "util/platform/netdev/NetPlatform.h" #include "util/AddrTools.h" #include "util/platform/Sockaddr.h" #include "util/Assert.h" #include "util/Bits.h" #include "util/CString.h" #include "wire/Message.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define ArrayList_TYPE struct Sockaddr #define ArrayList_NAME OfSockaddr #include "util/ArrayList.h" Assert_compileTime(sizeof(struct in_addr) == 4); struct RouteMessage4 { struct rt_msghdr header; struct sockaddr_in dest; struct sockaddr_dl link; struct sockaddr_in netmask; }; Assert_compileTime(sizeof(struct rt_msghdr) == 92); Assert_compileTime(sizeof(struct sockaddr_in) == 16); Assert_compileTime(sizeof(struct sockaddr_dl) == 20); Assert_compileTime(sizeof(struct RouteMessage4) == 144); static Er_DEFUN(void mkRouteMsg(struct Message* msg, struct Sockaddr* addRoute, int ifIndex, const char* ifName, int seq, bool delete)) { if (CString_strlen(ifName) >= 12) { Er_raise(msg->alloc, "ifName [%s] too long, limit 11 chars", ifName); } int lengthBegin = msg->length; bool ipv6 = Sockaddr_getFamily(addRoute) == Sockaddr_AF_INET6; if (ipv6) { struct sockaddr_in6 mask = { .sin6_family = AF_INET6, .sin6_len = sizeof(struct sockaddr_in6) }; Bits_memset((void *)&mask.sin6_addr, 0xff, addRoute->prefix >> 3); ((uint8_t*)&mask.sin6_addr)[addRoute->prefix >> 3] = 0xff << (8 - (addRoute->prefix % 8)); Er(Message_epush(msg, &mask, sizeof(struct sockaddr_in6))); } else { struct sockaddr_in mask = { .sin_family = AF_INET, .sin_len = sizeof(struct sockaddr_in) }; mask.sin_addr.s_addr = Endian_hostToBigEndian32(~0u << (32 - addRoute->prefix)); Er(Message_epush(msg, &mask, sizeof(struct sockaddr_in))); } if (!delete) { struct sockaddr_dl link = { .sdl_family = AF_LINK, .sdl_len = sizeof(struct sockaddr_dl), .sdl_type = IFT_OTHER, .sdl_index = ifIndex, .sdl_nlen = CString_strlen(ifName) }; CString_safeStrncpy(link.sdl_data, ifName, 12); Er(Message_epush(msg, &link, sizeof(struct sockaddr_dl))); } void* dest = Sockaddr_asNative(addRoute); int len = (ipv6) ? sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in); ((struct sockaddr*)dest)->sa_len = len; Er(Message_epush(msg, dest, len)); struct rt_msghdr hdr = { .rtm_type = (delete) ? RTM_DELETE : RTM_ADD, .rtm_flags = RTF_UP | RTF_STATIC, .rtm_version = RTM_VERSION, .rtm_seq = seq, .rtm_pid = getpid(), .rtm_addrs = RTA_DST | RTA_NETMASK | ((delete) ? 0 : RTA_GATEWAY), .rtm_msglen = sizeof(struct rt_msghdr) + (msg->length - lengthBegin) }; Er(Message_epush(msg, &hdr, sizeof(struct rt_msghdr))); Er_ret(); } // This is a hack because OSX as of 10.15.4 refuses to a route with prefix /0 static struct ArrayList_OfSockaddr* ipv6DefaultRoute( struct ArrayList_OfSockaddr* list, struct Allocator* alloc) { struct Sockaddr* pfx0 = Sockaddr_fromBytes("\x00\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", Sockaddr_AF_INET6, alloc); struct Sockaddr* pfx1 = Sockaddr_fromBytes("\x80\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", Sockaddr_AF_INET6, alloc); pfx0->prefix = 1; pfx1->prefix = 1; struct ArrayList_OfSockaddr* arr = ArrayList_OfSockaddr_new(alloc); ArrayList_OfSockaddr_add(arr, pfx0); ArrayList_OfSockaddr_add(arr, pfx1); for (int i = 0; i < list->length; i++) { struct Sockaddr* pfx = ArrayList_OfSockaddr_get(list, i); if (Sockaddr_getFamily(pfx) == Sockaddr_AF_INET6) { continue; } ArrayList_OfSockaddr_add(arr, pfx); } return arr; } static bool isDefault6(struct ArrayList_OfSockaddr* prefixes) { // v4 and v6 routes can be mixed together in one request int sixCount = 0; for (int i = 0; i < prefixes->length; i++) { struct Sockaddr* pfx = ArrayList_OfSockaddr_get(prefixes, i); if (Sockaddr_getFamily(pfx) != Sockaddr_AF_INET6) { continue; } sixCount++; if (pfx->prefix) { return false; } } return sixCount == 1; } static Er_DEFUN(void setRoutes(uint32_t ifIndex, const char* ifName, struct ArrayList_OfSockaddr* toRemove, struct ArrayList_OfSockaddr* toAdd, struct Log* logger, struct Allocator* alloc)) { int seq = 0; int sock = socket(PF_ROUTE, SOCK_RAW, 0); if (sock == -1) { int err = errno; close(sock); Er_raise(alloc, "open route socket [%s]", strerror(err)); } bool err = false; ssize_t returnLen = 0; if (isDefault6(toRemove)) { toRemove = ipv6DefaultRoute(toRemove, alloc); } if (isDefault6(toAdd)) { toAdd = ipv6DefaultRoute(toAdd, alloc); } for (int i = 0; !err && i < toRemove->length; i++) { struct Sockaddr* pfx = ArrayList_OfSockaddr_get(toRemove, i); Log_debug(logger, "DELETE ROUTE %s", Sockaddr_print(pfx, alloc)); struct Message* msg = Message_new(0, 1024, alloc); Er(mkRouteMsg(msg, pfx, ifIndex, ifName, seq++, true)); //printf("DELETE ROUTE %s\n", Hex_print(msg->bytes, msg->length, alloc)); returnLen = write(sock, msg->bytes, msg->length); if (returnLen < msg->length) { err = true; break; } } for (int i = 0; !err && i < toAdd->length; i++) { struct Sockaddr* pfx = ArrayList_OfSockaddr_get(toAdd, i); Log_debug(logger, "ADD ROUTE %s", Sockaddr_print(pfx, alloc)); struct Message* msg = Message_new(0, 1024, alloc); Er(mkRouteMsg(msg, pfx, ifIndex, ifName, seq++, false)); //printf("ADD ROUTE %s\n", Hex_print(msg->bytes, msg->length, alloc)); returnLen = write(sock, msg->bytes, msg->length); if (returnLen < msg->length) { err = true; break; } } if (returnLen < 0) { int error = errno; close(sock); Er_raise(alloc, "setRoutes() [%s]", strerror(error)); } else if (err) { close(sock); Er_raise(alloc, "setRoutes() returned short"); } close(sock); Er_ret(); } static int prefixFromWeirdBSDMask(uint8_t* weirdBsdMask, bool ipv6) { uint8_t len = weirdBsdMask[0]; int out; if (ipv6) { Assert_true(len >= 8); out = (len - 9) * 8; } else { Assert_true(len >= 4); out = (len - 5) * 8; } for (int i = 1; i < len - 1; i++) { Assert_true(weirdBsdMask[i] == 0xff); } return out + Bits_popCountx32(weirdBsdMask[len - 1]); } static Er_DEFUN(struct ArrayList_OfSockaddr* getRoutes(uint32_t ifIndex, struct Log* logger, struct Allocator* allocator)) { size_t needed; int mib[] = { CTL_NET, PF_ROUTE, 0, 0, NET_RT_DUMP, 0 }; if (sysctl(mib, 6, NULL, &needed, NULL, 0) < 0) { Er_raise(allocator, "sysctl(net.route.0.0.dump) estimate"); } struct Allocator* tempAlloc = Allocator_child(allocator); uint8_t* buf = Allocator_malloc(tempAlloc, needed); if (sysctl(mib, 6, buf, &needed, NULL, 0) < 0) { Er_raise(allocator, "sysctl(net.route.0.0.dump)"); } struct ArrayList_OfSockaddr* addrList = ArrayList_OfSockaddr_new(allocator); for (int i = 0; i < (int)needed;) { struct rt_msghdr* rtm = (struct rt_msghdr*) (&buf[i]); i += rtm->rtm_msglen; struct sockaddr* sa1 = (struct sockaddr*)(rtm + 1); struct sockaddr* sa2 = (struct sockaddr*)(sa1->sa_len + (char *)sa1); uint8_t* mask = (uint8_t*) (sa2->sa_len + (char*)sa2); Assert_true(&buf[i] >= mask); if (sa2->sa_family != AF_LINK) { continue; } if (rtm->rtm_flags & RTF_LOCAL) { continue; } if (!(rtm->rtm_flags & RTF_STATIC)) { continue; } if (((struct sockaddr_dl*) sa2)->sdl_index != ifIndex) { continue; } bool ipv6 = (sa1->sa_family == AF_INET6); if (!ipv6 && (sa1->sa_family != AF_INET)) { continue; } // printf("GOT ROUTE %s\n", Hex_print(rtm, rtm->rtm_msglen, tempAlloc)); int prefix; if (&buf[i] < &mask[mask[0]] || mask[0] == 0) { //Assert_true(rtm->rtm_flags & RTF_HOST); prefix = (ipv6) ? 128 : 32; } else { prefix = prefixFromWeirdBSDMask(mask, ipv6); } struct Sockaddr* addr = Sockaddr_fromNative(sa1, sa1->sa_len, allocator); addr->flags |= Sockaddr_flags_PREFIX; addr->prefix = prefix; ArrayList_OfSockaddr_add(addrList, addr); } Allocator_free(tempAlloc); Er_ret(addrList); } static Er_DEFUN(void addIp4Address(const char* interfaceName, const uint8_t address[4], int prefixLen, struct Log* logger, struct Allocator* tempAlloc)) { struct ifaliasreq ifarted; Bits_memset(&ifarted, 0, sizeof(struct ifaliasreq)); CString_safeStrncpy(ifarted.ifra_name, interfaceName, IFNAMSIZ); struct sockaddr_in sin = { .sin_family = AF_INET, .sin_len = sizeof(struct sockaddr_in) }; Bits_memcpy(&sin.sin_addr.s_addr, address, 4); Bits_memcpy(&ifarted.ifra_addr, &sin, sizeof(struct sockaddr_in)); sin.sin_addr.s_addr = Endian_hostToBigEndian32(~0u << (32 - prefixLen)); Bits_memcpy(&ifarted.ifra_mask, &sin, sizeof(struct sockaddr_in)); int s = socket(AF_INET, SOCK_DGRAM, 0); if (s < 0) { Er_raise(tempAlloc, "socket() [%s]", strerror(errno)); } // will probably fail, ignore result. struct ifreq ifr = { .ifr_flags = 0 }; CString_safeStrncpy(ifr.ifr_name, interfaceName, IFNAMSIZ); ioctl(s, SIOCDIFADDR, &ifr); if (ioctl(s, SIOCSIFADDR, &ifarted) < 0) { int err = errno; close(s); Er_raise(tempAlloc, "ioctl(SIOCSIFADDR) [%s]", strerror(err)); } //setupRoute4(address, prefixLen, interfaceName, logger, tempAlloc, eh); Log_info(logger, "Configured IPv4 [%u.%u.%u.%u/%i] for [%s]", address[0], address[1], address[2], address[3], prefixLen, interfaceName); close(s); Er_ret(); } static Er_DEFUN(void addIp6Address(const char* interfaceName, const uint8_t address[16], int prefixLen, struct Log* logger, struct Allocator* errAlloc)) { /* stringify our IP address */ char myIp[40]; AddrTools_printIp((uint8_t*)myIp, address); /* set up the interface ip assignment request */ struct in6_aliasreq in6_addreq; memset(&in6_addreq, 0, sizeof(in6_addreq)); in6_addreq.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME; in6_addreq.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME; /* parse the IPv6 address and add it to the request */ struct addrinfo hints, *result; bzero(&hints, sizeof(struct addrinfo)); hints.ai_family = AF_INET6; int err = getaddrinfo((const char *)myIp, NULL, &hints, &result); if (err) { // Should never happen since the address is specified as binary. Er_raise(errAlloc, "bad IPv6 address [%s]", gai_strerror(err)); } bcopy(result->ai_addr, &in6_addreq.ifra_addr, result->ai_addrlen); /* turn the prefixlen into a mask, and add it to the request */ struct sockaddr_in6* mask = &in6_addreq.ifra_prefixmask; mask->sin6_len = sizeof(*mask); if (prefixLen >= 128 || prefixLen <= 0) { memset(&mask->sin6_addr, 0xff, sizeof(struct in6_addr)); } else { memset((void *)&mask->sin6_addr, 0x00, sizeof(mask->sin6_addr)); memset((void *)&mask->sin6_addr, 0xff, prefixLen>>3); ((uint8_t*)&mask->sin6_addr)[prefixLen>>3] = 0xff << (8 - (prefixLen%8)); } CString_safeStrncpy(in6_addreq.ifra_name, interfaceName, sizeof(in6_addreq.ifra_name)); /* do the actual assignment ioctl */ int s = socket(AF_INET6, SOCK_DGRAM, 0); if (s < 0) { Er_raise(errAlloc, "socket() [%s]", strerror(errno)); } if (ioctl(s, SIOCAIFADDR_IN6, &in6_addreq) < 0) { int err = errno; close(s); Er_raise(errAlloc, "ioctl(SIOCAIFADDR) [%s] for [%s]", strerror(err), interfaceName); } Log_info(logger, "Configured IPv6 [%s/%i] for [%s]", myIp, prefixLen, interfaceName); close(s); Er_ret(); } Er_DEFUN(void NetPlatform_addAddress(const char* interfaceName, const uint8_t* address, int prefixLen, int addrFam, struct Log* logger, struct Allocator* tempAlloc)) { if (addrFam == Sockaddr_AF_INET6) { Er(addIp6Address(interfaceName, address, prefixLen, logger, tempAlloc)); } else if (addrFam == Sockaddr_AF_INET) { Er(addIp4Address(interfaceName, address, prefixLen, logger, tempAlloc)); } else { Assert_true(0); } Er_ret(); } Er_DEFUN(void NetPlatform_setMTU(const char* interfaceName, uint32_t mtu, struct Log* logger, struct Allocator* errAlloc)) { int s = socket(AF_INET6, SOCK_DGRAM, 0); if (s < 0) { Er_raise(errAlloc, "socket() [%s]", strerror(errno)); } struct ifreq ifRequest; CString_safeStrncpy(ifRequest.ifr_name, interfaceName, IFNAMSIZ); ifRequest.ifr_mtu = mtu; Log_info(logger, "Setting MTU for device [%s] to [%u] bytes.", interfaceName, mtu); if (ioctl(s, SIOCSIFMTU, &ifRequest) < 0) { int err = errno; close(s); Er_raise(errAlloc, "ioctl(SIOCSIFMTU) [%s]", strerror(err)); } close(s); Er_ret(); } Er_DEFUN(void NetPlatform_setRoutes(const char* ifName, struct Sockaddr** prefixSet, int prefixCount, struct Log* logger, struct Allocator* tempAlloc)) { struct ArrayList_OfSockaddr* newRoutes = ArrayList_OfSockaddr_new(tempAlloc); for (int i = 0; i < prefixCount; i++) { int addrFam = Sockaddr_getFamily(prefixSet[i]); if (addrFam == Sockaddr_AF_INET) { // OK } else if (addrFam == Sockaddr_AF_INET6) { // OK } else { Er_raise(tempAlloc, "Unrecognized address type %d", addrFam); } ArrayList_OfSockaddr_add(newRoutes, prefixSet[i]); } uint32_t ifIndex = if_nametoindex(ifName); if (!ifIndex) { Er_raise(tempAlloc, "tunName not recognized"); } struct ArrayList_OfSockaddr* oldRoutes = Er(getRoutes(ifIndex, logger, tempAlloc)); Er(setRoutes(ifIndex, ifName, oldRoutes, newRoutes, logger, tempAlloc)); Er_ret(); }