mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2025-01-09 23:47:23 +03:00
ea8d634f65
Merge in DNS/adguard-home from dhcpd-imp-code to master Squashed commit of the following: commit 413403c169bd3f6b5f2ed63b783d078dbb15e054 Merge: eed1838500fec990bcAuthor: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Fri May 26 12:46:25 2023 +0300 Merge remote-tracking branch 'origin/master' into dhcpd-imp-code commit eed1838502add1e16e5d3ada03778f21913fd5e5 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Fri May 26 12:16:46 2023 +0300 dhcpd: imp docs commit fa4fe036f7b1f2b49201bf0b5b904f99989082f0 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Thu May 25 11:32:34 2023 +0300 all: lint script commit a4022b3d4bbfa709e5096397bbe64ea406c8a366 Merge: e08ff3a26cbc7985e7Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Thu May 25 11:29:57 2023 +0300 Merge remote-tracking branch 'origin/master' into dhcpd-imp-code # Conflicts: # scripts/make/go-lint.sh commit e08ff3a26414e201d6e75608363db941fa2f5b39 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed May 24 15:43:11 2023 +0300 dhcpd: imp code commit 970b538f8ea94d3732d77bfb648e402a1d28ab06 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed May 24 15:40:36 2023 +0300 dhcpd: imp code commit 0e5916ddd7514af983e8557080d55d6aeb6fbbc0 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Wed May 24 15:37:17 2023 +0300 dhcpd: imp code commit e06a6c6031b232e76ae2be3e3b8fe1a2ffa715e0 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 16:40:09 2023 +0300 dhcpd: imp code commit eed4ff10ff1b29c71d70fb7978706efde89afee1 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 15:45:06 2023 +0300 all: lint script commit 87f84ace5f6f34dbc28befa8257d1d2492c5e0a4 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 15:44:23 2023 +0300 dhcpd: imp code commit a54c9929d51de1f1e6807d650fd08dd80ddbf147 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 14:29:42 2023 +0300 dhcpd: imp code commit 1bbea342f7f55587724aa9a29d9657e5ce75f5d8 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 14:12:09 2023 +0300 dhcpd: imp code commit 48fb4eff73683e799ddb3076afdcf7b067ca24b6 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 13:57:59 2023 +0300 dhcpd: imp code commit f6cd7fcb8d4c1c815a20875d777ea1eca2c8ea89 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 13:17:54 2023 +0300 dhcpd: imp code commit 2b91dc25bbaa16dba6d9389a4e2224cf91eb4554 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Tue May 23 12:57:46 2023 +0300 dhcpd: imp code commit 34f5dd58764080f6202fc9a1abd751a15dbf7090 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon May 22 15:31:39 2023 +0300 dhcpd: imp code commit 12ef0d225064a1b78adf7b2cfca21a8dba92ca8e Merge: 6b62a766524b41100cAuthor: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon May 22 13:03:41 2023 +0300 Merge remote-tracking branch 'origin/master' into dhcpd-imp-code commit 6b62a7665720b85398d65a1926518a63e6bb6403 Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon May 22 12:55:43 2023 +0300 dhcpd: imp code commit 18c5cdf0480fac7711282027a64d58704c75af5f Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon May 22 12:48:30 2023 +0300 dhcpd: imp code commit e7c1f4324cba3fe86cf56df6b971791a5a8790de Author: Dimitry Kolyshev <dkolyshev@adguard.com> Date: Mon May 22 12:37:15 2023 +0300 dhcpd: imp code ... and 1 more commit
283 lines
6.8 KiB
Go
283 lines
6.8 KiB
Go
package dhcpd
|
|
|
|
import (
|
|
"encoding/binary"
|
|
"fmt"
|
|
"net"
|
|
"sync/atomic"
|
|
"time"
|
|
|
|
"github.com/AdguardTeam/golibs/errors"
|
|
"github.com/AdguardTeam/golibs/log"
|
|
"github.com/AdguardTeam/golibs/netutil"
|
|
"golang.org/x/net/icmp"
|
|
"golang.org/x/net/ipv6"
|
|
)
|
|
|
|
type raCtx struct {
|
|
raAllowSLAAC bool // send RA packets without MO flags
|
|
raSLAACOnly bool // send RA packets with MO flags
|
|
ipAddr net.IP // source IP address (link-local-unicast)
|
|
dnsIPAddr net.IP // IP address for DNS Server option
|
|
prefixIPAddr net.IP // IP address for Prefix option
|
|
ifaceName string
|
|
iface *net.Interface
|
|
packetSendPeriod time.Duration // how often RA packets are sent
|
|
|
|
conn *icmp.PacketConn // ICMPv6 socket
|
|
stop atomic.Value // stop the packet sending loop
|
|
}
|
|
|
|
type icmpv6RA struct {
|
|
managedAddressConfiguration bool
|
|
otherConfiguration bool
|
|
prefix net.IP
|
|
prefixLen int
|
|
sourceLinkLayerAddress net.HardwareAddr
|
|
recursiveDNSServer net.IP
|
|
mtu uint32
|
|
}
|
|
|
|
// hwAddrToLinkLayerAddr converts a hardware address into a form required by
|
|
// RFC4861. That is, a byte slice of length divisible by 8.
|
|
//
|
|
// See https://tools.ietf.org/html/rfc4861#section-4.6.1.
|
|
func hwAddrToLinkLayerAddr(hwa net.HardwareAddr) (lla []byte, err error) {
|
|
err = netutil.ValidateMAC(hwa)
|
|
if err != nil {
|
|
// Don't wrap the error, because it already contains enough
|
|
// context.
|
|
return nil, err
|
|
}
|
|
|
|
if len(hwa) == 6 || len(hwa) == 8 {
|
|
lla = make([]byte, 8)
|
|
copy(lla, hwa)
|
|
|
|
return lla, nil
|
|
}
|
|
|
|
// Assume that netutil.ValidateMAC prevents lengths other than 20 by
|
|
// now.
|
|
lla = make([]byte, 24)
|
|
copy(lla, hwa)
|
|
|
|
return lla, nil
|
|
}
|
|
|
|
// Create an ICMPv6.RouterAdvertisement packet with all necessary options.
|
|
// Data scheme:
|
|
//
|
|
// ICMPv6:
|
|
// - type[1]
|
|
// - code[1]
|
|
// - chksum[2]
|
|
// - body (RouterAdvertisement):
|
|
// - Cur Hop Limit[1]
|
|
// - Flags[1]: MO......
|
|
// - Router Lifetime[2]
|
|
// - Reachable Time[4]
|
|
// - Retrans Timer[4]
|
|
// - Option=Prefix Information(3):
|
|
// - Type[1]
|
|
// - Length * 8bytes[1]
|
|
// - Prefix Length[1]
|
|
// - Flags[1]: LA......
|
|
// - Valid Lifetime[4]
|
|
// - Preferred Lifetime[4]
|
|
// - Reserved[4]
|
|
// - Prefix[16]
|
|
// - Option=MTU(5):
|
|
// - Type[1]
|
|
// - Length * 8bytes[1]
|
|
// - Reserved[2]
|
|
// - MTU[4]
|
|
// - Option=Source link-layer address(1):
|
|
// - Link-Layer Address[8/24]
|
|
// - Option=Recursive DNS Server(25):
|
|
// - Type[1]
|
|
// - Length * 8bytes[1]
|
|
// - Reserved[2]
|
|
// - Lifetime[4]
|
|
// - Addresses of IPv6 Recursive DNS Servers[16]
|
|
//
|
|
// TODO(a.garipov): Replace with an existing implementation from a dependency.
|
|
func createICMPv6RAPacket(params icmpv6RA) (data []byte, err error) {
|
|
var lla []byte
|
|
lla, err = hwAddrToLinkLayerAddr(params.sourceLinkLayerAddress)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("converting source link layer address: %w", err)
|
|
}
|
|
|
|
// TODO(a.garipov): Don't use a magic constant here. Refactor the code
|
|
// and make all constants named instead of all those comments..
|
|
data = make([]byte, 82+len(lla))
|
|
i := 0
|
|
|
|
// ICMPv6:
|
|
|
|
data[i] = 134 // type
|
|
data[i+1] = 0 // code
|
|
data[i+2] = 0 // chksum
|
|
data[i+3] = 0
|
|
i += 4
|
|
|
|
// RouterAdvertisement:
|
|
|
|
data[i] = 64 // Cur Hop Limit[1]
|
|
i++
|
|
|
|
data[i] = 0 // Flags[1]: MO......
|
|
if params.managedAddressConfiguration {
|
|
data[i] |= 0x80
|
|
}
|
|
if params.otherConfiguration {
|
|
data[i] |= 0x40
|
|
}
|
|
i++
|
|
|
|
binary.BigEndian.PutUint16(data[i:], 1800) // Router Lifetime[2]
|
|
i += 2
|
|
binary.BigEndian.PutUint32(data[i:], 0) // Reachable Time[4]
|
|
i += 4
|
|
binary.BigEndian.PutUint32(data[i:], 0) // Retrans Timer[4]
|
|
i += 4
|
|
|
|
// Option=Prefix Information:
|
|
|
|
data[i] = 3 // Type
|
|
data[i+1] = 4 // Length
|
|
i += 2
|
|
data[i] = byte(params.prefixLen) // Prefix Length[1]
|
|
i++
|
|
data[i] = 0xc0 // Flags[1]
|
|
i++
|
|
binary.BigEndian.PutUint32(data[i:], 3600) // Valid Lifetime[4]
|
|
i += 4
|
|
binary.BigEndian.PutUint32(data[i:], 3600) // Preferred Lifetime[4]
|
|
i += 4
|
|
binary.BigEndian.PutUint32(data[i:], 0) // Reserved[4]
|
|
i += 4
|
|
copy(data[i:], params.prefix[:8]) // Prefix[16]
|
|
binary.BigEndian.PutUint32(data[i+8:], 0)
|
|
binary.BigEndian.PutUint32(data[i+12:], 0)
|
|
i += 16
|
|
|
|
// Option=MTU:
|
|
|
|
data[i] = 5 // Type
|
|
data[i+1] = 1 // Length
|
|
i += 2
|
|
binary.BigEndian.PutUint16(data[i:], 0) // Reserved[2]
|
|
i += 2
|
|
binary.BigEndian.PutUint32(data[i:], params.mtu) // MTU[4]
|
|
i += 4
|
|
|
|
// Option=Source link-layer address:
|
|
|
|
data[i] = 1 // Type
|
|
data[i+1] = 1 // Length
|
|
i += 2
|
|
|
|
copy(data[i:], lla) // Link-Layer Address[8/24]
|
|
i += len(lla)
|
|
|
|
// Option=Recursive DNS Server:
|
|
|
|
data[i] = 25 // Type
|
|
data[i+1] = 3 // Length
|
|
i += 2
|
|
binary.BigEndian.PutUint16(data[i:], 0) // Reserved[2]
|
|
i += 2
|
|
binary.BigEndian.PutUint32(data[i:], 3600) // Lifetime[4]
|
|
i += 4
|
|
copy(data[i:], params.recursiveDNSServer) // Addresses of IPv6 Recursive DNS Servers[16]
|
|
|
|
return data, nil
|
|
}
|
|
|
|
// Init initializes RA module.
|
|
func (ra *raCtx) Init() (err error) {
|
|
ra.stop.Store(0)
|
|
ra.conn = nil
|
|
if !(ra.raAllowSLAAC || ra.raSLAACOnly) {
|
|
return nil
|
|
}
|
|
|
|
log.Debug("dhcpv6 ra: source IP address: %s DNS IP address: %s", ra.ipAddr, ra.dnsIPAddr)
|
|
|
|
params := icmpv6RA{
|
|
managedAddressConfiguration: !ra.raSLAACOnly,
|
|
otherConfiguration: !ra.raSLAACOnly,
|
|
mtu: uint32(ra.iface.MTU),
|
|
prefixLen: 64,
|
|
recursiveDNSServer: ra.dnsIPAddr,
|
|
sourceLinkLayerAddress: ra.iface.HardwareAddr,
|
|
}
|
|
params.prefix = make([]byte, 16)
|
|
copy(params.prefix, ra.prefixIPAddr[:8]) // /64
|
|
|
|
var data []byte
|
|
data, err = createICMPv6RAPacket(params)
|
|
if err != nil {
|
|
return fmt.Errorf("creating packet: %w", err)
|
|
}
|
|
|
|
ipAndScope := ra.ipAddr.String() + "%" + ra.ifaceName
|
|
ra.conn, err = icmp.ListenPacket("ip6:ipv6-icmp", ipAndScope)
|
|
if err != nil {
|
|
return fmt.Errorf("dhcpv6 ra: icmp.ListenPacket: %w", err)
|
|
}
|
|
|
|
defer func() {
|
|
if err != nil {
|
|
err = errors.WithDeferred(err, ra.Close())
|
|
}
|
|
}()
|
|
|
|
con6 := ra.conn.IPv6PacketConn()
|
|
|
|
if err = con6.SetHopLimit(255); err != nil {
|
|
return fmt.Errorf("dhcpv6 ra: SetHopLimit: %w", err)
|
|
}
|
|
|
|
if err = con6.SetMulticastHopLimit(255); err != nil {
|
|
return fmt.Errorf("dhcpv6 ra: SetMulticastHopLimit: %w", err)
|
|
}
|
|
|
|
msg := &ipv6.ControlMessage{
|
|
HopLimit: 255,
|
|
Src: ra.ipAddr,
|
|
IfIndex: ra.iface.Index,
|
|
}
|
|
addr := &net.UDPAddr{
|
|
IP: net.ParseIP("ff02::1"),
|
|
}
|
|
|
|
go func() {
|
|
log.Debug("dhcpv6 ra: starting to send periodic RouterAdvertisement packets")
|
|
for ra.stop.Load() == 0 {
|
|
_, err = con6.WriteTo(data, msg, addr)
|
|
if err != nil {
|
|
log.Error("dhcpv6 ra: WriteTo: %s", err)
|
|
}
|
|
time.Sleep(ra.packetSendPeriod)
|
|
}
|
|
log.Debug("dhcpv6 ra: loop exit")
|
|
}()
|
|
|
|
return nil
|
|
}
|
|
|
|
// Close closes the module.
|
|
func (ra *raCtx) Close() (err error) {
|
|
log.Debug("dhcpv6 ra: closing")
|
|
|
|
ra.stop.Store(1)
|
|
|
|
if ra.conn != nil {
|
|
return ra.conn.Close()
|
|
}
|
|
|
|
return nil
|
|
}
|