1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * BSD interface driver for dhcpcd
4 * Copyright (c) 2006-2019 Roy Marples <roy@marples.name>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/ioctl.h>
30 #include <sys/param.h>
31 #include <sys/socket.h>
33 #include <sys/sysctl.h>
35 #include <sys/types.h>
37 #include <sys/utsname.h>
41 #include <arpa/inet.h>
44 #include <net/if_dl.h>
45 #include <net/if_media.h>
46 #include <net/route.h>
47 #include <netinet/if_ether.h>
48 #include <netinet/in.h>
49 #include <netinet/in_var.h>
50 #include <netinet6/in6_var.h>
51 #include <netinet6/nd6.h>
53 #include <net/if_vlanvar.h> /* Needs netinet/if_ether.h */
54 #elif defined(__DragonFly__)
55 #include <net/vlan/if_vlan_var.h>
57 #include <net/if_vlan_var.h>
60 # include <netproto/802_11/ieee80211_ioctl.h>
62 /* FIXME: Add apple includes so we can work out SSID */
64 # include <net80211/ieee80211.h>
65 # include <net80211/ieee80211_ioctl.h>
79 #if defined(OpenBSD) && OpenBSD >= 201411
80 /* OpenBSD dropped the global setting from sysctl but left the #define
81 * which causes a EPERM error when trying to use it.
82 * I think both the error and keeping the define are wrong, so we #undef it. */
83 #undef IPV6CTL_ACCEPT_RTADV
89 #include "if-options.h"
99 #define RT_ROUNDUP(a) \
100 ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
101 #define RT_ADVANCE(x, n) (x += RT_ROUNDUP((n)->sa_len))
104 /* Ignore these interface names which look like ethernet but are virtual. */
105 static const char * const ifnames_ignore[] = {
107 "fwe", /* Firewire */
113 static void ifa_setscope(struct sockaddr_in6 *, unsigned int);
114 static unsigned int ifa_getscope(const struct sockaddr_in6 *);
123 struct rt_msghdr hdr;
124 char buffer[sizeof(struct sockaddr_storage) * RTAX_MAX];
128 if_init(__unused struct interface *iface)
130 /* BSD promotes secondary address by default */
135 if_conf(__unused struct interface *iface)
137 /* No extra checks needed on BSD */
142 if_opensockets_os(struct dhcpcd_ctx *ctx)
146 #if defined(RO_MSGFILTER) || defined(ROUTE_MSGFILTER)
147 unsigned char msgfilter[] = {
149 #ifdef RTM_IFANNOUNCE
152 RTM_ADD, RTM_CHANGE, RTM_DELETE, RTM_MISS,
156 RTM_NEWADDR, RTM_DELADDR
158 #ifdef ROUTE_MSGFILTER
159 unsigned int i, msgfilter_mask;
163 if ((priv = malloc(sizeof(*priv))) == NULL)
168 priv->pf_inet6_fd = xsocket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
169 /* Don't return an error so we at least work on kernels witout INET6
170 * even though we expect INET6 support.
171 * We will fail noisily elsewhere anyway. */
173 priv->pf_inet6_fd = -1;
176 #define SOCK_FLAGS (SOCK_CLOEXEC | SOCK_NONBLOCK)
177 ctx->link_fd = xsocket(PF_ROUTE, SOCK_RAW | SOCK_FLAGS, AF_UNSPEC);
179 if (ctx->link_fd == -1)
182 /* Ignore our own route(4) messages.
183 * Sadly there is no way of doing this for route(4) messages
184 * generated from addresses we add/delete. */
186 if (setsockopt(ctx->link_fd, SOL_SOCKET, SO_USELOOPBACK,
187 &n, sizeof(n)) == -1)
188 logerr("%s: SO_USELOOPBACK", __func__);
190 #if defined(RO_MSGFILTER)
191 if (setsockopt(ctx->link_fd, PF_ROUTE, RO_MSGFILTER,
192 &msgfilter, sizeof(msgfilter)) == -1)
194 #elif defined(ROUTE_MSGFILTER)
195 /* Convert the array into a bitmask. */
197 for (i = 0; i < __arraycount(msgfilter); i++)
198 msgfilter_mask |= ROUTE_FILTER(msgfilter[i]);
199 if (setsockopt(ctx->link_fd, PF_ROUTE, ROUTE_MSGFILTER,
200 &msgfilter_mask, sizeof(msgfilter_mask)) == -1)
203 #warning kernel does not support route message filtering
210 if_closesockets_os(struct dhcpcd_ctx *ctx)
214 priv = (struct priv *)ctx->priv;
215 if (priv->pf_inet6_fd != -1)
216 close(priv->pf_inet6_fd);
220 if_ignore1(const char *drvname)
222 const char * const *p;
224 for (p = ifnames_ignore; *p; p++) {
225 if (strcmp(*p, drvname) == 0)
232 if_ignore(struct dhcpcd_ctx *ctx, const char *ifname)
236 if (if_nametospec(ifname, &spec) != 0)
239 if (if_ignore1(spec.drvname))
243 struct ifgroupreq ifgr = { .ifgr_len = 0 };
247 /* Sadly it is possible to remove the device name
248 * from the interface groups, but hopefully this
249 * will be very unlikely.... */
251 strlcpy(ifgr.ifgr_name, ifname, sizeof(ifgr.ifgr_name));
252 if (ioctl(ctx->pf_inet_fd, SIOCGIFGROUP, &ifgr) == -1 ||
253 (ifgr.ifgr_groups = malloc(ifgr.ifgr_len)) == NULL ||
254 ioctl(ctx->pf_inet_fd, SIOCGIFGROUP, &ifgr) == -1)
260 for (ifg = ifgr.ifgr_groups, ifg_len = ifgr.ifgr_len;
261 ifg && ifg_len >= sizeof(*ifg);
262 ifg++, ifg_len -= sizeof(*ifg))
264 if (if_ignore1(ifg->ifgrq_group))
275 if_carrier(struct interface *ifp)
277 struct ifmediareq ifmr = { .ifm_status = 0 };
279 strlcpy(ifmr.ifm_name, ifp->name, sizeof(ifmr.ifm_name));
280 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr) == -1 ||
281 !(ifmr.ifm_status & IFM_AVALID))
284 return (ifmr.ifm_status & IFM_ACTIVE) ? LINK_UP : LINK_DOWN;
288 if_linkaddr(struct sockaddr_dl *sdl, const struct interface *ifp)
291 memset(sdl, 0, sizeof(*sdl));
292 sdl->sdl_family = AF_LINK;
293 sdl->sdl_len = sizeof(*sdl);
294 sdl->sdl_nlen = sdl->sdl_alen = sdl->sdl_slen = 0;
295 sdl->sdl_index = (unsigned short)ifp->index;
298 #if defined(SIOCG80211NWID) || defined(SIOCGETVLAN)
299 static int if_direct_ioctl(int s, const char *ifname,
300 unsigned long cmd, void *data)
303 strlcpy(data, ifname, IFNAMSIZ);
304 return ioctl(s, cmd, data);
307 static int if_indirect_ioctl(int s, const char *ifname,
308 unsigned long cmd, void *data)
312 memset(&ifr, 0, sizeof(ifr));
314 return if_direct_ioctl(s, ifname, cmd, &ifr);
319 if_getssid1(int s, const char *ifname, void *ssid)
322 #if defined(SIOCG80211NWID)
323 struct ieee80211_nwid nwid;
324 #elif defined(IEEE80211_IOC_SSID)
325 struct ieee80211req ireq;
326 char nwid[IEEE80211_NWID_LEN];
329 #if defined(SIOCG80211NWID) /* NetBSD */
330 memset(&nwid, 0, sizeof(nwid));
331 if (if_indirect_ioctl(s, ifname, SIOCG80211NWID, &nwid) == 0) {
334 else if (nwid.i_len > IF_SSIDLEN)
338 memcpy(ssid, nwid.i_nwid, nwid.i_len);
341 #elif defined(IEEE80211_IOC_SSID) /* FreeBSD */
342 memset(&ireq, 0, sizeof(ireq));
343 strlcpy(ireq.i_name, ifname, sizeof(ireq.i_name));
344 ireq.i_type = IEEE80211_IOC_SSID;
346 memset(nwid, 0, sizeof(nwid));
348 if (ioctl(s, SIOCG80211, &ireq) == 0) {
351 else if (ireq.i_len > IF_SSIDLEN)
355 memcpy(ssid, nwid, ireq.i_len);
366 if_getssid(struct interface *ifp)
370 r = if_getssid1(ifp->ctx->pf_inet_fd, ifp->name, ifp->ssid);
372 ifp->ssid_len = (unsigned int)r;
375 ifp->ssid[ifp->ssid_len] = '\0';
380 * FreeBSD allows for Virtual Access Points
381 * We need to check if the interface is a Virtual Interface Master
382 * and if so, don't use it.
383 * This check is made by virtue of being a IEEE80211 device but
384 * returning the SSID gives an error.
387 if_vimaster(const struct dhcpcd_ctx *ctx, const char *ifname)
390 struct ifmediareq ifmr;
392 memset(&ifmr, 0, sizeof(ifmr));
393 strlcpy(ifmr.ifm_name, ifname, sizeof(ifmr.ifm_name));
394 r = ioctl(ctx->pf_inet_fd, SIOCGIFMEDIA, &ifmr);
397 if (ifmr.ifm_status & IFM_AVALID &&
398 IFM_TYPE(ifmr.ifm_active) == IFM_IEEE80211)
400 if (if_getssid1(ctx->pf_inet_fd, ifname, NULL) == -1)
407 if_vlanid(const struct interface *ifp)
412 memset(&vlr, 0, sizeof(vlr));
413 if (if_indirect_ioctl(ifp->ctx->pf_inet_fd,
414 ifp->name, SIOCGETVLAN, &vlr) != 0)
415 return 0; /* 0 means no VLANID */
417 #elif defined(SIOCGVNETID)
420 memset(&ifr, 0, sizeof(ifr));
421 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
422 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGVNETID, &ifr) != 0)
423 return 0; /* 0 means no VLANID */
424 return ifr.ifr_vnetid;
427 return 0; /* 0 means no VLANID */
432 get_addrs(int type, const void *data, size_t data_len,
433 const struct sockaddr **sa)
440 for (i = 0; i < RTAX_MAX; i++) {
441 if (type & (1 << i)) {
446 sa[i] = (const struct sockaddr *)cp;
447 RT_ADVANCE(cp, sa[i]);
455 static struct interface *
456 if_findsdl(struct dhcpcd_ctx *ctx, const struct sockaddr_dl *sdl)
460 return if_findindex(ctx->ifaces, sdl->sdl_index);
463 char ifname[IF_NAMESIZE];
465 memcpy(ifname, sdl->sdl_data, sdl->sdl_nlen);
466 ifname[sdl->sdl_nlen] = '\0';
467 return if_find(ctx->ifaces, ifname);
470 struct interface *ifp;
472 TAILQ_FOREACH(ifp, ctx->ifaces, next) {
473 if (ifp->hwlen == sdl->sdl_alen &&
475 sdl->sdl_data, sdl->sdl_alen) == 0)
484 static struct interface *
485 if_findsa(struct dhcpcd_ctx *ctx, const struct sockaddr *sa)
492 switch (sa->sa_family) {
495 const struct sockaddr_dl *sdl;
497 sdl = (const void *)sa;
498 return if_findsdl(ctx, sdl);
503 const struct sockaddr_in *sin;
504 struct ipv4_addr *ia;
506 sin = (const void *)sa;
507 if ((ia = ipv4_findmaskaddr(ctx, &sin->sin_addr)))
515 const struct sockaddr_in6 *sin;
517 struct ipv6_addr *ia;
519 sin = (const void *)sa;
520 scope = ifa_getscope(sin);
522 return if_findindex(ctx->ifaces, scope);
523 if ((ia = ipv6_findmaskaddr(ctx, &sin->sin6_addr)))
529 errno = EAFNOSUPPORT;
538 if_copysa(struct sockaddr *dst, const struct sockaddr *src)
544 memcpy(dst, src, src->sa_len);
545 #if defined(INET6) && defined(__KAME__)
546 if (dst->sa_family == AF_INET6) {
547 struct in6_addr *in6;
549 in6 = &satosin6(dst)->sin6_addr;
550 if (IN6_IS_ADDR_LINKLOCAL(in6))
551 in6->s6_addr[2] = in6->s6_addr[3] = '\0';
557 if_route(unsigned char cmd, const struct rt *rt)
559 struct dhcpcd_ctx *ctx;
561 struct rt_msghdr *rtm = &rtmsg.hdr;
562 char *bp = rtmsg.buffer;
563 struct sockaddr_dl sdl;
567 assert(rt->rt_ifp != NULL);
568 assert(rt->rt_ifp->ctx != NULL);
569 ctx = rt->rt_ifp->ctx;
571 #define ADDSA(sa) do { \
572 memcpy(bp, (sa), (sa)->sa_len); \
573 bp += RT_ROUNDUP((sa)->sa_len); \
574 } while (0 /* CONSTCOND */)
576 memset(&rtmsg, 0, sizeof(rtmsg));
577 rtm->rtm_version = RTM_VERSION;
580 rtm->rtm_pid = getpid();
582 rtm->rtm_seq = ++ctx->seq;
583 rtm->rtm_flags = (int)rt->rt_flags;
584 rtm->rtm_addrs = RTA_DST;
587 rtm->rtm_flags |= RTF_PINNED;
590 gateway_unspec = sa_is_unspecified(&rt->rt_gateway);
592 if (cmd == RTM_ADD || cmd == RTM_CHANGE) {
593 bool netmask_bcast = sa_is_allones(&rt->rt_netmask);
595 rtm->rtm_flags |= RTF_UP;
596 rtm->rtm_addrs |= RTA_GATEWAY;
597 if (!(rtm->rtm_flags & RTF_REJECT) &&
598 !sa_is_loopback(&rt->rt_gateway))
600 rtm->rtm_index = (unsigned short)rt->rt_ifp->index;
602 * OpenBSD rejects the message for on-link routes.
603 * FreeBSD-12 kernel apparently panics.
604 * I can't replicate the panic, but better safe than sorry!
605 * https://roy.marples.name/archives/dhcpcd-discuss/0002286.html
607 * Neither OS currently allows IPv6 address sharing anyway, so let's
608 * try to encourage someone to fix that by logging a waring during compile.
610 #if defined(__FreeBSD__) || defined(__OpenBSD__)
611 #warning kernel does not allow IPv6 address sharing
612 if (!gateway_unspec || rt->rt_dest.sa_family!=AF_INET6)
614 rtm->rtm_addrs |= RTA_IFP;
615 if (!sa_is_unspecified(&rt->rt_ifa))
616 rtm->rtm_addrs |= RTA_IFA;
619 rtm->rtm_flags |= RTF_HOST;
620 /* Network routes are cloning or connected if supported.
621 * All other routes are static. */
622 if (gateway_unspec) {
624 rtm->rtm_flags |= RTF_CLONING;
627 rtm->rtm_flags |= RTF_CONNECTED;
630 rtm->rtm_priority = RTP_CONNECTED;
635 * We add a cloning network route for a single
636 * host. Traffic to the host will generate a
637 * cloned route and the hardware address will
639 * It might be more correct to use RTF_HOST
640 * instead of RTF_CLONING, and that does work,
641 * but some OS generate an arp warning
642 * diagnostic which we don't want to do.
644 rtm->rtm_flags &= ~RTF_HOST;
648 rtm->rtm_flags |= RTF_GATEWAY;
650 /* Emulate the kernel by marking address generated
651 * network routes non-static. */
652 if (!(rt->rt_dflags & RTDF_IFA_ROUTE))
653 rtm->rtm_flags |= RTF_STATIC;
655 if (rt->rt_mtu != 0) {
656 rtm->rtm_inits |= RTV_MTU;
657 rtm->rtm_rmx.rmx_mtu = rt->rt_mtu;
661 if (!(rtm->rtm_flags & RTF_HOST))
662 rtm->rtm_addrs |= RTA_NETMASK;
664 if_linkaddr(&sdl, rt->rt_ifp);
668 if (rtm->rtm_addrs & RTA_GATEWAY) {
670 ADDSA((struct sockaddr *)&sdl);
674 if_copysa(&gateway.sa, &rt->rt_gateway);
676 if (gateway.sa.sa_family == AF_INET6)
677 ifa_setscope(&gateway.sin6, rt->rt_ifp->index);
683 if (rtm->rtm_addrs & RTA_NETMASK)
684 ADDSA(&rt->rt_netmask);
686 if (rtm->rtm_addrs & RTA_IFP)
687 ADDSA((struct sockaddr *)&sdl);
689 if (rtm->rtm_addrs & RTA_IFA)
694 rtm->rtm_msglen = (unsigned short)(bp - (char *)rtm);
695 if (write(ctx->link_fd, rtm, rtm->rtm_msglen) == -1)
701 if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, const struct rt_msghdr *rtm)
703 const struct sockaddr *rti_info[RTAX_MAX];
705 if (!(rtm->rtm_addrs & RTA_DST)) {
709 if (rtm->rtm_type != RTM_MISS && !(rtm->rtm_addrs & RTA_GATEWAY)) {
714 if (rtm->rtm_flags & RTF_CLONED) {
720 if (rtm->rtm_flags & RTF_WASCLONED) {
726 if (rtm->rtm_flags & RTF_LOCAL) {
732 if (rtm->rtm_flags & RTF_BROADCAST) {
738 if (get_addrs(rtm->rtm_addrs, (const char *)rtm + sizeof(*rtm),
739 rtm->rtm_msglen - sizeof(*rtm), rti_info) == -1)
741 memset(rt, 0, sizeof(*rt));
743 rt->rt_flags = (unsigned int)rtm->rtm_flags;
744 if_copysa(&rt->rt_dest, rti_info[RTAX_DST]);
745 if (rtm->rtm_addrs & RTA_NETMASK) {
746 if_copysa(&rt->rt_netmask, rti_info[RTAX_NETMASK]);
747 if (rt->rt_netmask.sa_family == 255) /* Why? */
748 rt->rt_netmask.sa_family = rt->rt_dest.sa_family;
751 /* dhcpcd likes an unspecified gateway to indicate via the link.
752 * However we need to know if gateway was a link with an address. */
753 if (rtm->rtm_addrs & RTA_GATEWAY) {
754 if (rti_info[RTAX_GATEWAY]->sa_family == AF_LINK) {
755 const struct sockaddr_dl *sdl;
757 sdl = (const struct sockaddr_dl*)
758 (const void *)rti_info[RTAX_GATEWAY];
759 if (sdl->sdl_alen != 0)
760 rt->rt_dflags |= RTDF_GATELINK;
761 } else if (rtm->rtm_flags & RTF_GATEWAY)
762 if_copysa(&rt->rt_gateway, rti_info[RTAX_GATEWAY]);
765 if (rtm->rtm_addrs & RTA_IFA)
766 if_copysa(&rt->rt_ifa, rti_info[RTAX_IFA]);
768 rt->rt_mtu = (unsigned int)rtm->rtm_rmx.rmx_mtu;
771 rt->rt_ifp = if_findindex(ctx->ifaces, rtm->rtm_index);
772 else if (rtm->rtm_addrs & RTA_IFP)
773 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_IFP]);
774 else if (rtm->rtm_addrs & RTA_GATEWAY)
775 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_GATEWAY]);
777 rt->rt_ifp = if_findsa(ctx, rti_info[RTAX_DST]);
779 if (rt->rt_ifp == NULL && rtm->rtm_type == RTM_MISS)
780 rt->rt_ifp = if_find(ctx->ifaces, "lo0");
782 if (rt->rt_ifp == NULL) {
790 if_initrt(struct dhcpcd_ctx *ctx, rb_tree_t *kroutes, int af)
792 struct rt_msghdr *rtm;
802 mib[4] = NET_RT_DUMP;
805 if (sysctl(mib, 6, NULL, &needed, NULL, 0) == -1)
809 if ((buf = malloc(needed)) == NULL)
811 if (sysctl(mib, 6, buf, &needed, NULL, 0) == -1) {
817 for (p = buf; p < end; p += rtm->rtm_msglen) {
819 if (p + rtm->rtm_msglen >= end) {
823 if (if_copyrt(ctx, &rt, rtm) != 0)
825 if ((rtn = rt_new(rt.rt_ifp)) == NULL) {
829 memcpy(rtn, &rt, sizeof(*rtn));
830 if (rb_tree_insert_node(kroutes, rtn) != rtn)
834 return p == end ? 0 : -1;
839 if_address(unsigned char cmd, const struct ipv4_addr *ia)
842 struct in_aliasreq ifra;
844 memset(&ifra, 0, sizeof(ifra));
845 strlcpy(ifra.ifra_name, ia->iface->name, sizeof(ifra.ifra_name));
847 #define ADDADDR(var, addr) do { \
848 (var)->sin_family = AF_INET; \
849 (var)->sin_len = sizeof(*(var)); \
850 (var)->sin_addr = *(addr); \
851 } while (/*CONSTCOND*/0)
852 ADDADDR(&ifra.ifra_addr, &ia->addr);
853 ADDADDR(&ifra.ifra_mask, &ia->mask);
854 if (cmd == RTM_NEWADDR && ia->brd.s_addr != INADDR_ANY)
855 ADDADDR(&ifra.ifra_broadaddr, &ia->brd);
858 r = ioctl(ia->iface->ctx->pf_inet_fd,
859 cmd == RTM_DELADDR ? SIOCDIFADDR : SIOCAIFADDR, &ifra);
865 #if !(defined(HAVE_IFADDRS_ADDRFLAGS) && defined(HAVE_IFAM_ADDRFLAGS))
867 if_addrflags(const struct interface *ifp, const struct in_addr *addr,
868 __unused const char *alias)
870 #ifdef SIOCGIFAFLAG_IN
872 struct sockaddr_in *sin;
874 memset(&ifr, 0, sizeof(ifr));
875 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
876 sin = (void *)&ifr.ifr_addr;
877 sin->sin_family = AF_INET;
878 sin->sin_addr = *addr;
879 if (ioctl(ifp->ctx->pf_inet_fd, SIOCGIFAFLAG_IN, &ifr) == -1)
881 return ifr.ifr_addrflags;
893 ifa_setscope(struct sockaddr_in6 *sin, unsigned int ifindex)
897 /* KAME based systems want to store the scope inside the sin6_addr
898 * for link local addresses */
899 if (IN6_IS_ADDR_LINKLOCAL(&sin->sin6_addr)) {
900 uint16_t scope = htons((uint16_t)ifindex);
901 memcpy(&sin->sin6_addr.s6_addr[2], &scope,
904 sin->sin6_scope_id = 0;
906 if (IN6_IS_ADDR_LINKLOCAL(&sin->sin6_addr))
907 sin->sin6_scope_id = ifindex;
909 sin->sin6_scope_id = 0;
914 ifa_getscope(const struct sockaddr_in6 *sin)
920 if (!IN6_IS_ADDR_LINKLOCAL(&sin->sin6_addr))
923 memcpy(&scope, &sin->sin6_addr.s6_addr[2], sizeof(scope));
924 return (unsigned int)ntohs(scope);
926 return (unsigned int)sin->sin6_scope_id;
931 if_address6(unsigned char cmd, const struct ipv6_addr *ia)
933 struct in6_aliasreq ifa;
934 struct in6_addr mask;
937 priv = (struct priv *)ia->iface->ctx->priv;
939 memset(&ifa, 0, sizeof(ifa));
940 strlcpy(ifa.ifra_name, ia->iface->name, sizeof(ifa.ifra_name));
942 * We should not set IN6_IFF_TENTATIVE as the kernel should be
943 * able to work out if it's a new address or not.
945 * We should set IN6_IFF_AUTOCONF, but the kernel won't let us.
946 * This is probably a safety measure, but still it's not entirely right
951 ifa.ifra_flags |= IN6_IFF_AUTOCONF;
953 #if defined(__FreeBSD__) || defined(__DragonFly__)
954 if (ia->addr_flags & IN6_IFF_TENTATIVE)
955 ifa.ifra_flags |= IN6_IFF_TENTATIVE;
957 #ifdef IPV6_MANGETEMPADDR
958 if (ia->flags & IPV6_AF_TEMPORARY)
959 ifa.ifra_flags |= IN6_IFF_TEMPORARY;
962 #define ADDADDR(v, addr) { \
963 (v)->sin6_family = AF_INET6; \
964 (v)->sin6_len = sizeof(*v); \
965 (v)->sin6_addr = *(addr); \
968 ADDADDR(&ifa.ifra_addr, &ia->addr);
969 ifa_setscope(&ifa.ifra_addr, ia->iface->index);
970 ipv6_mask(&mask, ia->prefix_len);
971 ADDADDR(&ifa.ifra_prefixmask, &mask);
976 * Every BSD kernel wants to add the prefix of the address to it's
977 * list of RA received prefixes.
978 * THIS IS WRONG because there (as the comments in the kernel state)
979 * is no API for managing prefix lifetime and the kernel should not
980 * pretend it's from a RA either.
982 * The issue is that the very first assigned prefix will inherit the
983 * lifetime of the address, but any subsequent alteration of the
984 * address OR it's lifetime will not affect the prefix lifetime.
985 * As such, we cannot stop the prefix from timing out and then
986 * constantly removing the prefix route dhcpcd is capable of adding
989 * What we can do to mitigate the issue is to add the address with
990 * infinite lifetimes, so the prefix route will never time out.
991 * Once done, we can then set lifetimes on the address and all is good.
992 * The downside of this approach is that we need to manually remove
993 * the kernel route because it has no lifetime, but this is OK as
994 * dhcpcd will handle this too.
996 * This issue is discussed on the NetBSD mailing lists here:
997 * http://mail-index.netbsd.org/tech-net/2016/08/05/msg006044.html
999 * Fixed in NetBSD-7.99.36
1000 * NOT fixed in FreeBSD - bug 195197
1001 * Fixed in OpenBSD-5.9
1004 #if !((defined(__NetBSD_Version__) && __NetBSD_Version__ >= 799003600) || \
1005 (defined(__OpenBSD__) && OpenBSD >= 201605))
1006 if (cmd == RTM_NEWADDR && !(ia->flags & IPV6_AF_ADDED)) {
1007 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
1008 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
1009 (void)ioctl(priv->pf_inet6_fd, SIOCAIFADDR_IN6, &ifa);
1013 #if defined(__OpenBSD__) && OpenBSD <= 201705
1014 /* BUT OpenBSD older than 6.2 does not reset the address lifetime
1015 * for subsequent calls...
1016 * Luckily dhcpcd will remove the lease when it expires so
1017 * just set an infinite lifetime, unless a temporary address. */
1018 if (ifa.ifra_flags & IN6_IFF_PRIVACY) {
1019 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime;
1020 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime;
1022 ifa.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
1023 ifa.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
1026 ifa.ifra_lifetime.ia6t_vltime = ia->prefix_vltime;
1027 ifa.ifra_lifetime.ia6t_pltime = ia->prefix_pltime;
1030 return ioctl(priv->pf_inet6_fd,
1031 cmd == RTM_DELADDR ? SIOCDIFADDR_IN6 : SIOCAIFADDR_IN6, &ifa);
1035 if_addrflags6(const struct interface *ifp, const struct in6_addr *addr,
1036 __unused const char *alias)
1039 struct in6_ifreq ifr6;
1042 memset(&ifr6, 0, sizeof(ifr6));
1043 strlcpy(ifr6.ifr_name, ifp->name, sizeof(ifr6.ifr_name));
1044 ifr6.ifr_addr.sin6_family = AF_INET6;
1045 ifr6.ifr_addr.sin6_addr = *addr;
1046 ifa_setscope(&ifr6.ifr_addr, ifp->index);
1047 priv = (struct priv *)ifp->ctx->priv;
1048 if (ioctl(priv->pf_inet6_fd, SIOCGIFAFLAG_IN6, &ifr6) != -1)
1049 flags = ifr6.ifr_ifru.ifru_flags6;
1056 if_getlifetime6(struct ipv6_addr *ia)
1058 struct in6_ifreq ifr6;
1060 struct in6_addrlifetime *lifetime;
1063 memset(&ifr6, 0, sizeof(ifr6));
1064 strlcpy(ifr6.ifr_name, ia->iface->name, sizeof(ifr6.ifr_name));
1065 ifr6.ifr_addr.sin6_family = AF_INET6;
1066 ifr6.ifr_addr.sin6_addr = ia->addr;
1067 ifa_setscope(&ifr6.ifr_addr, ia->iface->index);
1068 priv = (struct priv *)ia->iface->ctx->priv;
1069 if (ioctl(priv->pf_inet6_fd, SIOCGIFALIFETIME_IN6, &ifr6) == -1)
1071 clock_gettime(CLOCK_MONOTONIC, &ia->created);
1073 #if defined(__FreeBSD__) || defined(__DragonFly__)
1074 t = ia->created.tv_sec;
1079 lifetime = &ifr6.ifr_ifru.ifru_lifetime;
1080 if (lifetime->ia6t_preferred)
1081 ia->prefix_pltime = (uint32_t)(lifetime->ia6t_preferred -
1082 MIN(t, lifetime->ia6t_preferred));
1084 ia->prefix_pltime = ND6_INFINITE_LIFETIME;
1085 if (lifetime->ia6t_expire) {
1086 ia->prefix_vltime = (uint32_t)(lifetime->ia6t_expire -
1087 MIN(t, lifetime->ia6t_expire));
1088 /* Calculate the created time */
1089 ia->created.tv_sec -= lifetime->ia6t_vltime - ia->prefix_vltime;
1091 ia->prefix_vltime = ND6_INFINITE_LIFETIME;
1097 if_announce(struct dhcpcd_ctx *ctx, const struct if_announcemsghdr *ifan)
1100 if (ifan->ifan_msglen < sizeof(*ifan)) {
1105 switch(ifan->ifan_what) {
1107 return dhcpcd_handleinterface(ctx, 1, ifan->ifan_name);
1108 case IFAN_DEPARTURE:
1109 return dhcpcd_handleinterface(ctx, -1, ifan->ifan_name);
1116 if_ifinfo(struct dhcpcd_ctx *ctx, const struct if_msghdr *ifm)
1118 struct interface *ifp;
1121 if (ifm->ifm_msglen < sizeof(*ifm)) {
1126 if ((ifp = if_findindex(ctx->ifaces, ifm->ifm_index)) == NULL)
1129 switch (ifm->ifm_data.ifi_link_state) {
1130 case LINK_STATE_UNKNOWN:
1131 link_state = LINK_UNKNOWN;
1133 #ifdef LINK_STATE_FULL_DUPLEX
1134 case LINK_STATE_HALF_DUPLEX: /* FALLTHROUGH */
1135 case LINK_STATE_FULL_DUPLEX: /* FALLTHROUGH */
1138 link_state = LINK_UP;
1141 link_state = LINK_DOWN;
1145 dhcpcd_handlecarrier(ctx, link_state,
1146 (unsigned int)ifm->ifm_flags, ifp->name);
1151 if_rtm(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm)
1155 if (rtm->rtm_msglen < sizeof(*rtm)) {
1160 /* Ignore errors. */
1161 if (rtm->rtm_errno != 0)
1164 if (if_copyrt(ctx, &rt, rtm) == -1)
1165 return errno == ENOTSUP ? 0 : -1;
1169 * BSD announces host routes.
1170 * As such, we should be notified of reachability by its
1171 * existance with a hardware address.
1172 * Ensure we don't call this for a newly incomplete state.
1174 if (rt.rt_dest.sa_family == AF_INET6 &&
1175 (rt.rt_flags & RTF_HOST || rtm->rtm_type == RTM_MISS) &&
1176 !(rtm->rtm_type == RTM_ADD && !(rt.rt_dflags & RTDF_GATELINK)))
1180 reachable = (rtm->rtm_type == RTM_ADD ||
1181 rtm->rtm_type == RTM_CHANGE) &&
1182 rt.rt_dflags & RTDF_GATELINK;
1183 ipv6nd_neighbour(ctx, &rt.rt_ss_dest.sin6.sin6_addr, reachable);
1187 if (rtm->rtm_type != RTM_MISS)
1188 rt_recvrt(rtm->rtm_type, &rt, rtm->rtm_pid);
1193 if_ifa(struct dhcpcd_ctx *ctx, const struct ifa_msghdr *ifam)
1195 struct interface *ifp;
1196 const struct sockaddr *rti_info[RTAX_MAX];
1200 if (ifam->ifam_msglen < sizeof(*ifam)) {
1204 if (~ifam->ifam_addrs & RTA_IFA)
1206 if ((ifp = if_findindex(ctx->ifaces, ifam->ifam_index)) == NULL)
1209 if (get_addrs(ifam->ifam_addrs, (const char *)ifam + sizeof(*ifam),
1210 ifam->ifam_msglen - sizeof(*ifam), rti_info) == -1)
1213 #ifdef HAVE_IFAM_PID
1214 pid = ifam->ifam_pid;
1219 #ifdef HAVE_IFAM_ADDRFLAGS
1220 addrflags = ifam->ifam_addrflags;
1222 switch (rti_info[RTAX_IFA]->sa_family) {
1225 struct sockaddr_dl sdl;
1228 if (ifam->ifam_type != RTM_CHGADDR)
1231 if (ifam->ifam_type != RTM_NEWADDR)
1234 memcpy(&sdl, rti_info[RTAX_IFA], rti_info[RTAX_IFA]->sa_len);
1235 dhcpcd_handlehwaddr(ctx, ifp->name, CLLADDR(&sdl),sdl.sdl_alen);
1240 case 255: /* FIXME: Why 255? */
1242 const struct sockaddr_in *sin;
1243 struct in_addr addr, mask, bcast;
1245 sin = (const void *)rti_info[RTAX_IFA];
1246 addr.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1247 sin->sin_addr.s_addr : INADDR_ANY;
1248 sin = (const void *)rti_info[RTAX_NETMASK];
1249 mask.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1250 sin->sin_addr.s_addr : INADDR_ANY;
1251 sin = (const void *)rti_info[RTAX_BRD];
1252 bcast.s_addr = sin != NULL && sin->sin_family == AF_INET ?
1253 sin->sin_addr.s_addr : INADDR_ANY;
1255 #if defined(__NetBSD_Version__) && __NetBSD_Version__ < 800000000
1257 * NetBSD-7 and older send an invalid broadcast address.
1258 * So we need to query the actual address to get
1264 * If the address was deleted, lets check if it's
1265 * a late message and it still exists (maybe modified).
1266 * If so, ignore it as deleting an address causes
1267 * dhcpcd to drop any lease to which it belongs.
1269 if (ifam->ifam_type == RTM_DELADDR) {
1272 struct in_aliasreq ifra;
1274 memset(&ifra, 0, sizeof(ifra));
1275 strlcpy(ifra.ifra_name, ifp->name,
1276 sizeof(ifra.ifra_name));
1277 ifra.ifra_addr.sin_family = AF_INET;
1278 ifra.ifra_addr.sin_len = sizeof(ifra.ifra_addr);
1279 ifra.ifra_addr.sin_addr = addr;
1280 if (ioctl(ctx->pf_inet_fd, SIOCGIFALIAS, &ifra) == -1) {
1281 if (errno != ENXIO && errno != EADDRNOTAVAIL)
1282 logerr("%s: SIOCGIFALIAS", __func__);
1283 if (ifam->ifam_type != RTM_DELADDR)
1286 #if defined(__NetBSD_Version__) && __NetBSD_Version__ < 800000000
1288 bcast = ifra.ifra_broadaddr.sin_addr;
1291 #warning No SIOCGIFALIAS support
1293 * No SIOCGIFALIAS? That sucks!
1294 * This makes this call very heavy weight, but we
1295 * really need to know if the message is late or not.
1297 const struct sockaddr *sa;
1298 struct ifaddrs *ifaddrs = NULL, *ifa;
1300 sa = rti_info[RTAX_IFA];
1301 getifaddrs(&ifaddrs);
1302 for (ifa = ifaddrs; ifa; ifa = ifa->ifa_next) {
1303 if (ifa->ifa_addr == NULL)
1305 if (sa_cmp(ifa->ifa_addr, sa) == 0 &&
1306 strcmp(ifa->ifa_name, ifp->name) == 0)
1309 freeifaddrs(ifaddrs);
1315 #ifndef HAVE_IFAM_ADDRFLAGS
1316 if (ifam->ifam_type == RTM_DELADDR)
1318 else if ((addrflags = if_addrflags(ifp, &addr, NULL)) == -1) {
1319 if (errno != EADDRNOTAVAIL)
1320 logerr("%s: if_addrflags", __func__);
1325 ipv4_handleifa(ctx, ifam->ifam_type, NULL, ifp->name,
1326 &addr, &mask, &bcast, addrflags, pid);
1333 struct in6_addr addr6, mask6;
1334 const struct sockaddr_in6 *sin6;
1337 sin6 = (const void *)rti_info[RTAX_IFA];
1338 addr6 = sin6->sin6_addr;
1339 sin6 = (const void *)rti_info[RTAX_NETMASK];
1340 mask6 = sin6->sin6_addr;
1343 * If the address was deleted, lets check if it's
1344 * a late message and it still exists (maybe modified).
1345 * If so, ignore it as deleting an address causes
1346 * dhcpcd to drop any lease to which it belongs.
1348 if (ifam->ifam_type == RTM_DELADDR) {
1349 flags = if_addrflags6(ifp, &addr6, NULL);
1354 #ifndef HAVE_IFAM_ADDRFLAGS
1355 else if ((addrflags = if_addrflags6(ifp, &addr6, NULL)) == -1) {
1356 if (errno != EADDRNOTAVAIL)
1357 logerr("%s: if_addrflags6", __func__);
1363 if (IN6_IS_ADDR_LINKLOCAL(&addr6))
1364 /* Remove the scope from the address */
1365 addr6.s6_addr[2] = addr6.s6_addr[3] = '\0';
1368 ipv6_handleifa(ctx, ifam->ifam_type, NULL,
1369 ifp->name, &addr6, ipv6_prefixlen(&mask6), addrflags, pid);
1379 if_dispatch(struct dhcpcd_ctx *ctx, const struct rt_msghdr *rtm)
1382 if (rtm->rtm_version != RTM_VERSION)
1385 switch(rtm->rtm_type) {
1386 #ifdef RTM_IFANNOUNCE
1387 case RTM_IFANNOUNCE:
1388 return if_announce(ctx, (const void *)rtm);
1391 return if_ifinfo(ctx, (const void *)rtm);
1392 case RTM_ADD: /* FALLTHROUGH */
1393 case RTM_CHANGE: /* FALLTHROUGH */
1394 case RTM_DELETE: /* FALLTHROUGH */
1396 return if_rtm(ctx, (const void *)rtm);
1398 case RTM_CHGADDR: /* FALLTHROUGH */
1400 case RTM_DELADDR: /* FALLTHROUGH */
1402 return if_ifa(ctx, (const void *)rtm);
1405 dhcpcd_linkoverflow(ctx);
1406 #elif !defined(SO_RERROR)
1407 #warning cannot detect route socket overflow within kernel
1414 __CTASSERT(offsetof(struct rt_msghdr, rtm_msglen) == 0);
1416 if_handlelink(struct dhcpcd_ctx *ctx)
1421 len = read(ctx->link_fd, &rtm, sizeof(rtm));
1426 if ((size_t)len < sizeof(rtm.hdr.rtm_msglen) ||
1427 len != rtm.hdr.rtm_msglen)
1433 * Coverity thinks that the data could be tainted from here.
1434 * I have no idea how because the length of the data we read
1435 * is guarded by len and checked to match rtm_msglen.
1436 * The issue seems to be related to extracting the addresses
1437 * at the end of the header, but seems to have no issues with the
1438 * equivalent call in if_initrt.
1440 /* coverity[tainted_data] */
1441 return if_dispatch(ctx, &rtm.hdr);
1444 #ifndef SYS_NMLN /* OSX */
1445 # define SYS_NMLN 256
1447 #ifndef HW_MACHINE_ARCH
1448 # ifdef HW_MODEL /* OpenBSD */
1449 # define HW_MACHINE_ARCH HW_MODEL
1453 if_machinearch(char *str, size_t len)
1455 int mib[2] = { CTL_HW, HW_MACHINE_ARCH };
1456 char march[SYS_NMLN];
1457 size_t marchlen = sizeof(march);
1459 if (sysctl(mib, sizeof(mib) / sizeof(mib[0]),
1460 march, &marchlen, NULL, 0) != 0)
1462 return snprintf(str, len, ":%s", march);
1466 #if (defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)) || \
1467 defined(IPV6CTL_USETEMPADDR) || defined(IPV6CTL_TEMPVLTIME) || \
1468 defined(IPV6CTL_FORWARDING)
1469 #define get_inet6_sysctl(code) inet6_sysctl(code, 0, 0)
1470 #define set_inet6_sysctl(code, val) inet6_sysctl(code, val, 1)
1472 inet6_sysctl(int code, int val, int action)
1474 int mib[] = { CTL_NET, PF_INET6, IPPROTO_IPV6, 0 };
1480 if (sysctl(mib, sizeof(mib)/sizeof(mib[0]),
1481 NULL, 0, &val, size) == -1)
1485 if (sysctl(mib, sizeof(mib)/sizeof(mib[0]), &val, &size, NULL, 0) == -1)
1492 if_applyra(const struct ra *rap)
1494 #ifdef SIOCSIFINFO_IN6
1495 struct in6_ndireq ndi = { .ndi.chlim = 0 };
1496 struct priv *priv = rap->iface->ctx->priv;
1499 strlcpy(ndi.ifname, rap->iface->name, sizeof(ndi.ifname));
1500 if (ioctl(priv->pf_inet6_fd, SIOCGIFINFO_IN6, &ndi) == -1)
1503 ndi.ndi.linkmtu = rap->mtu;
1504 ndi.ndi.chlim = rap->hoplimit;
1505 ndi.ndi.retrans = rap->retrans;
1506 ndi.ndi.basereachable = rap->reachable;
1507 error = ioctl(priv->pf_inet6_fd, SIOCSIFINFO_IN6, &ndi);
1508 if (error == -1 && errno == EINVAL) {
1510 * Very likely that this is caused by a dodgy MTU
1511 * setting specific to the interface.
1512 * Let's set it to "unspecified" and try again.
1513 * Doesn't really matter as we fix the MTU against the
1514 * routes we add as not all OS support SIOCSIFINFO_IN6.
1516 ndi.ndi.linkmtu = 0;
1517 error = ioctl(priv->pf_inet6_fd, SIOCSIFINFO_IN6, &ndi);
1521 #warning OS does not allow setting of RA bits hoplimit, retrans or reachable
1527 #ifdef IPV6_MANAGETEMPADDR
1528 #ifndef IPV6CTL_TEMPVLTIME
1529 #define get_inet6_sysctlbyname(code) inet6_sysctlbyname(code, 0, 0)
1530 #define set_inet6_sysctlbyname(code, val) inet6_sysctlbyname(code, val, 1)
1532 inet6_sysctlbyname(const char *name, int val, int action)
1538 if (sysctlbyname(name, NULL, 0, &val, size) == -1)
1542 if (sysctlbyname(name, &val, &size, NULL, 0) == -1)
1549 ip6_use_tempaddr(__unused const char *ifname)
1553 #ifdef IPV6CTL_USETEMPADDR
1554 val = get_inet6_sysctl(IPV6CTL_USETEMPADDR);
1556 val = get_inet6_sysctlbyname("net.inet6.ip6.use_tempaddr");
1558 return val == -1 ? 0 : val;
1562 ip6_temp_preferred_lifetime(__unused const char *ifname)
1566 #ifdef IPV6CTL_TEMPPLTIME
1567 val = get_inet6_sysctl(IPV6CTL_TEMPPLTIME);
1569 val = get_inet6_sysctlbyname("net.inet6.ip6.temppltime");
1571 return val < 0 ? TEMP_PREFERRED_LIFETIME : val;
1575 ip6_temp_valid_lifetime(__unused const char *ifname)
1579 #ifdef IPV6CTL_TEMPVLTIME
1580 val = get_inet6_sysctl(IPV6CTL_TEMPVLTIME);
1582 val = get_inet6_sysctlbyname("net.inet6.ip6.tempvltime");
1584 return val < 0 ? TEMP_VALID_LIFETIME : val;
1589 ip6_forwarding(__unused const char *ifname)
1593 #ifdef IPV6CTL_FORWARDING
1594 val = get_inet6_sysctl(IPV6CTL_FORWARDING);
1596 val = get_inet6_sysctlbyname("net.inet6.ip6.forwarding");
1598 return val < 0 ? 0 : val;
1601 #ifdef SIOCIFAFATTACH
1603 af_attach(int s, const struct interface *ifp, int af)
1605 struct if_afreq ifar;
1607 strlcpy(ifar.ifar_name, ifp->name, sizeof(ifar.ifar_name));
1609 return ioctl(s, SIOCIFAFATTACH, (void *)&ifar);
1613 #ifdef SIOCGIFXFLAGS
1615 set_ifxflags(int s, const struct interface *ifp)
1620 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
1621 if (ioctl(s, SIOCGIFXFLAGS, (void *)&ifr) == -1)
1623 flags = ifr.ifr_flags;
1625 flags &= ~IFXF_NOINET6;
1628 * If not doing autoconf, don't disable the kernel from doing it.
1629 * If we need to, we should have another option actively disable it.
1631 * OpenBSD moved from kernel based SLAAC to userland via slaacd(8).
1632 * It has a similar featureset to dhcpcd such as stable private
1633 * addresses, but lacks the ability to handle DNS inside the RA
1634 * which is a serious shortfall in this day and age.
1635 * Appease their user base by working alongside slaacd(8) if
1636 * dhcpcd is instructed not to do auto configuration of addresses.
1638 #if defined(ND6_IFF_ACCEPT_RTADV)
1639 #define BSD_AUTOCONF DHCPCD_IPV6RS
1641 #define BSD_AUTOCONF DHCPCD_IPV6RA_AUTOCONF
1643 if (ifp->options->options & BSD_AUTOCONF)
1644 flags &= ~IFXF_AUTOCONF6;
1645 if (ifr.ifr_flags == flags)
1647 ifr.ifr_flags = flags;
1648 return ioctl(s, SIOCSIFXFLAGS, (void *)&ifr);
1652 /* OpenBSD removed ND6 flags entirely, so we need to check for their
1654 #if defined(ND6_IFF_AUTO_LINKLOCAL) || \
1655 defined(ND6_IFF_PERFORMNUD) || \
1656 defined(ND6_IFF_ACCEPT_RTADV) || \
1657 defined(ND6_IFF_OVERRIDE_RTADV) || \
1658 defined(ND6_IFF_IFDISABLED)
1659 #define ND6_NDI_FLAGS
1663 if_disable_rtadv(void)
1665 #if defined(IPV6CTL_ACCEPT_RTADV) && !defined(ND6_IFF_ACCEPT_RTADV)
1666 int ra = get_inet6_sysctl(IPV6CTL_ACCEPT_RTADV);
1669 if (errno != ENOENT)
1670 logerr("IPV6CTL_ACCEPT_RTADV");
1672 if (set_inet6_sysctl(IPV6CTL_ACCEPT_RTADV, 0) == -1)
1673 logerr("IPV6CTL_ACCEPT_RTADV");
1679 if_setup_inet6(const struct interface *ifp)
1683 #ifdef ND6_NDI_FLAGS
1684 struct in6_ndireq nd;
1688 priv = (struct priv *)ifp->ctx->priv;
1689 s = priv->pf_inet6_fd;
1691 #ifdef ND6_NDI_FLAGS
1692 memset(&nd, 0, sizeof(nd));
1693 strlcpy(nd.ifname, ifp->name, sizeof(nd.ifname));
1694 if (ioctl(s, SIOCGIFINFO_IN6, &nd) == -1)
1695 logerr("%s: SIOCGIFINFO_FLAGS", ifp->name);
1696 flags = (int)nd.ndi.flags;
1699 #ifdef ND6_IFF_AUTO_LINKLOCAL
1700 /* Unlike the kernel,
1701 * dhcpcd make make a stable private address. */
1702 flags &= ~ND6_IFF_AUTO_LINKLOCAL;
1705 #ifdef ND6_IFF_PERFORMNUD
1706 /* NUD is kind of essential. */
1707 flags |= ND6_IFF_PERFORMNUD;
1710 #ifdef ND6_IFF_IFDISABLED
1711 /* Ensure the interface is not disabled. */
1712 flags &= ~ND6_IFF_IFDISABLED;
1716 * If not doing autoconf, don't disable the kernel from doing it.
1717 * If we need to, we should have another option actively disable it.
1719 #ifdef ND6_IFF_ACCEPT_RTADV
1720 if (ifp->options->options & DHCPCD_IPV6RS)
1721 flags &= ~ND6_IFF_ACCEPT_RTADV;
1722 #ifdef ND6_IFF_OVERRIDE_RTADV
1723 if (ifp->options->options & DHCPCD_IPV6RS)
1724 flags |= ND6_IFF_OVERRIDE_RTADV;
1728 #ifdef ND6_NDI_FLAGS
1729 if (nd.ndi.flags != (uint32_t)flags) {
1730 nd.ndi.flags = (uint32_t)flags;
1731 if (ioctl(s, SIOCSIFINFO_FLAGS, &nd) == -1)
1732 logerr("%s: SIOCSIFINFO_FLAGS", ifp->name);
1736 /* Enabling IPv6 by whatever means must be the
1737 * last action undertaken to ensure kernel RS and
1738 * LLADDR auto configuration are disabled where applicable. */
1739 #ifdef SIOCIFAFATTACH
1740 if (af_attach(s, ifp, AF_INET6) == -1)
1741 logerr("%s: af_attach", ifp->name);
1744 #ifdef SIOCGIFXFLAGS
1745 if (set_ifxflags(s, ifp) == -1)
1746 logerr("%s: set_ifxflags", ifp->name);
1749 #if defined(IPV6CTL_ACCEPT_RTADV) || defined(ND6_IFF_ACCEPT_RTADV)
1750 /* Flush the kernel knowledge of advertised routers
1751 * and prefixes so the kernel does not expire prefixes
1752 * and default routes we are trying to own. */
1753 if (ifp->options->options & DHCPCD_IPV6RS) {
1754 struct in6_ifreq ifr;
1756 memset(&ifr, 0, sizeof(ifr));
1757 strlcpy(ifr.ifr_name, ifp->name, sizeof(ifr.ifr_name));
1758 if (ioctl(s, SIOCSRTRFLUSH_IN6, &ifr) == -1 &&
1760 logwarn("SIOCSRTRFLUSH_IN6");
1761 if (ioctl(s, SIOCSPFXFLUSH_IN6, &ifr) == -1 &&
1763 logwarn("SIOCSPFXFLUSH_IN6");