Systemd/src/libsystemd-network/dhcp-identifier.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include "sd-id128.h"

#include "macro.h"
#include "sparse-endian.h"
#include "time-util.h"
#include "unaligned.h"

#define SYSTEMD_PEN    43793

typedef enum DUIDType {
        DUID_TYPE_LLT       = 1,
        DUID_TYPE_EN        = 2,
        DUID_TYPE_LL        = 3,
        DUID_TYPE_UUID      = 4,
        _DUID_TYPE_MAX,
        _DUID_TYPE_INVALID  = -1,
} DUIDType;

/* RFC 3315 section 9.1:
 *      A DUID can be no more than 128 octets long (not including the type code).
 */
#define MAX_DUID_LEN 128

/* https://tools.ietf.org/html/rfc3315#section-9.1 */
struct duid {
        be16_t type;
        union {
                struct {
                        /* DUID_TYPE_LLT */
                        be16_t htype;
                        be32_t time;
                        uint8_t haddr[0];
                } _packed_ llt;
                struct {
                        /* DUID_TYPE_EN */
                        be32_t pen;
                        uint8_t id[8];
                } _packed_ en;
                struct {
                        /* DUID_TYPE_LL */
                        be16_t htype;
                        uint8_t haddr[0];
                } _packed_ ll;
                struct {
                        /* DUID_TYPE_UUID */
                        sd_id128_t uuid;
                } _packed_ uuid;
                struct {
                        uint8_t data[MAX_DUID_LEN];
                } _packed_ raw;
        };
} _packed_;

int dhcp_validate_duid_len(uint16_t duid_type, size_t duid_len, bool strict);
int dhcp_identifier_set_duid_llt(struct duid *duid, usec_t t, const uint8_t *addr, size_t addr_len, uint16_t arp_type, size_t *len);
int dhcp_identifier_set_duid_ll(struct duid *duid, const uint8_t *addr, size_t addr_len, uint16_t arp_type, size_t *len);
int dhcp_identifier_set_duid_en(struct duid *duid, size_t *len);
int dhcp_identifier_set_duid_uuid(struct duid *duid, size_t *len);
int dhcp_identifier_set_iaid(int ifindex, const uint8_t *mac, size_t mac_len, bool legacy_unstable_byteorder, void *_id);
license: LGPL-2.1+ -> LGPL-2.1-or-later 2020-11-09 05:23:58 +01:00			`/* SPDX-License-Identifier: LGPL-2.1-or-later */`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`#pragma once`

util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files. 2015-10-24 22:58:24 +02:00			`#include "sd-id128.h"`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00
Add missing includes in header files This fixes various issues found by globally reordering the include sections of all .c files. 2015-02-10 12:56:53 +01:00			`#include "macro.h"`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`#include "sparse-endian.h"`
sd-dhcp: use MAC address when DUIDType=link-layer-time or link-layer but DUIDRawData= is not set 2018-08-07 06:35:58 +02:00			`#include "time-util.h"`
dhcp-identifier: fix for unaligned write Reported by Michael Olbrich. 2015-05-19 17:47:19 +02:00			`#include "unaligned.h"`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00
sd-network: DHCPv6 - Add support to send vendor class data ``` 21.16. Vendor Class Option This option is used by a client to identify the vendor that manufactured the hardware on which the client is running. The information contained in the data area of this option is contained in one or more opaque fields that identify details of the hardware configuration. The format of the Vendor Class option is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \| OPTION_VENDOR_CLASS \| option-len \| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \| enterprise-number \| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . vendor-class-data . . . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 28: Vendor Class Option Format option-code OPTION_VENDOR_CLASS (16). option-len 4 + length of vendor-class-data field. enterprise-number The vendor's registered Enterprise Number as maintained by IANA [IANA-PEN]. A 4-octet field containing an unsigned integer. vendor-class-data The hardware configuration of the node on which the client is running. A variable-length field (4 octets less than the value in the option-len field). The vendor-class-data field is composed of a series of separate items, each of which describes some characteristic of the client's hardware configuration. Examples of vendor-class-data instances might include the version of the operating system the client is running or the amount of memory installed on the client. Each instance of vendor-class-data is formatted as follows: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ \| vendor-class-len \| opaque-data \| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+ Figure 29: Format of vendor-class-data Field The vendor-class-len field is 2 octets long and specifies the length of the opaque vendor-class-data in network byte order. Servers and clients MUST NOT include more than one instance of OPTION_VENDOR_CLASS with the same Enterprise Number. Each instance of OPTION_VENDOR_CLASS can carry multiple vendor-class-data instances. ``` 2020-04-20 09:04:58 +02:00			`#define SYSTEMD_PEN 43793`

DHCP DUID, IAID configuration options 2016-03-31 01:33:55 +02:00			`typedef enum DUIDType {`
			`DUID_TYPE_LLT = 1,`
			`DUID_TYPE_EN = 2,`
			`DUID_TYPE_LL = 3,`
			`DUID_TYPE_UUID = 4,`
			`_DUID_TYPE_MAX,`
			`_DUID_TYPE_INVALID = -1,`
			`} DUIDType;`

network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`/* RFC 3315 section 9.1:`
			`* A DUID can be no more than 128 octets long (not including the type code).`
			`*/`
			`#define MAX_DUID_LEN 128`

dhcp-identifier: un-inline dhcp_validate_duid_len After all it is used in more than one place and is not that short. Also tweak the test a bit: - do not check that duid_len > 0, because we want to allow unknown duid types, and there might be some which are fine with 0 length data, (also assert should not be called from library code), - always check that duid_len <= MAX_DUID_LEN, because we could overwrite available buffer space otherwise. 2016-04-30 03:18:02 +02:00			`/* https://tools.ietf.org/html/rfc3315#section-9.1 */`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`struct duid {`
DHCP DUID, IAID configuration options 2016-03-31 01:33:55 +02:00			`be16_t type;`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`union {`
			`struct {`
dhcp-identifier: un-inline dhcp_validate_duid_len After all it is used in more than one place and is not that short. Also tweak the test a bit: - do not check that duid_len > 0, because we want to allow unknown duid types, and there might be some which are fine with 0 length data, (also assert should not be called from library code), - always check that duid_len <= MAX_DUID_LEN, because we could overwrite available buffer space otherwise. 2016-04-30 03:18:02 +02:00			`/* DUID_TYPE_LLT */`
sd-dhcp: adjust type of elements in duid These values should be stored in network byte order. 2018-08-07 05:07:12 +02:00			`be16_t htype;`
			`be32_t time;`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`uint8_t haddr[0];`
			`} _packed_ llt;`
			`struct {`
dhcp-identifier: un-inline dhcp_validate_duid_len After all it is used in more than one place and is not that short. Also tweak the test a bit: - do not check that duid_len > 0, because we want to allow unknown duid types, and there might be some which are fine with 0 length data, (also assert should not be called from library code), - always check that duid_len <= MAX_DUID_LEN, because we could overwrite available buffer space otherwise. 2016-04-30 03:18:02 +02:00			`/* DUID_TYPE_EN */`
sd-dhcp: adjust type of elements in duid These values should be stored in network byte order. 2018-08-07 05:07:12 +02:00			`be32_t pen;`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`uint8_t id[8];`
			`} _packed_ en;`
			`struct {`
dhcp-identifier: un-inline dhcp_validate_duid_len After all it is used in more than one place and is not that short. Also tweak the test a bit: - do not check that duid_len > 0, because we want to allow unknown duid types, and there might be some which are fine with 0 length data, (also assert should not be called from library code), - always check that duid_len <= MAX_DUID_LEN, because we could overwrite available buffer space otherwise. 2016-04-30 03:18:02 +02:00			`/* DUID_TYPE_LL */`
sd-dhcp: adjust type of elements in duid These values should be stored in network byte order. 2018-08-07 05:07:12 +02:00			`be16_t htype;`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`uint8_t haddr[0];`
			`} _packed_ ll;`
			`struct {`
dhcp-identifier: un-inline dhcp_validate_duid_len After all it is used in more than one place and is not that short. Also tweak the test a bit: - do not check that duid_len > 0, because we want to allow unknown duid types, and there might be some which are fine with 0 length data, (also assert should not be called from library code), - always check that duid_len <= MAX_DUID_LEN, because we could overwrite available buffer space otherwise. 2016-04-30 03:18:02 +02:00			`/* DUID_TYPE_UUID */`
network: dhcp - split out the duid structure into a new header file We will use the same in both dhcp4 and dhcp6. 2015-01-21 21:23:47 +01:00			`sd_id128_t uuid;`
			`} _packed_ uuid;`
			`struct {`
			`uint8_t data[MAX_DUID_LEN];`
			`} _packed_ raw;`
			`};`
			`} _packed_;`
network: dhcp - split out dhcp_identifier_set_{iaid,duid_en} from dhcp6-client This will also be used in dhcp4-client. 2015-01-21 22:25:20 +01:00
dhcp6: don't enforce DUID content for sd_dhcp6_client_set_duid() There are various functions to set the DUID of a DHCPv6 client. However, none of them allows to set arbitrary data. The closest is sd_dhcp6_client_set_duid(), which would still do validation of the DUID's content via dhcp_validate_duid_len(). Relax the validation and only log a debug message if the DUID does not validate. Note that dhcp_validate_duid_len() already is not very strict. For example with DUID_TYPE_LLT it only ensures that the length is suitable to contain hwtype and time. It does not further check that the length of hwaddr is non-zero or suitable for hwtype. Also, non-well-known DUID types are accepted for extensibility. Why reject certain DUIDs but allowing clearly wrong formats otherwise? The validation and failure should happen earlier, when accepting the unsuitable DUID. At that point, there is more context of what is wrong, and a better failure reason (or warning) can be reported to the user. Rejecting the DUID when setting up the DHCPv6 client seems not optimal, in particular because the DHCPv6 client does not care about actual content of the DUID and treats it as opaque blob. Also, NetworkManager (which uses this code) allows to configure the entire binary DUID in binary. It intentionally does not validate the binary content any further. Hence, it needs to be able to set _invalid_ DUIDs, provided that some basic constraints are satisfied (like the maximum length). sd_dhcp6_client_set_duid() has two callers: both set the DUID obtained from link_get_duid(), which comes from configuration. `man networkd.conf` says: "The configured DHCP DUID should conform to the specification in RFC 3315, RFC 6355.". It does not not state that it MUST conform. Note that dhcp_validate_duid_len() has another caller: DHCPv4's dhcp_client_set_iaid_duid_internal(). In this case, continue with strict validation, as the callers are more controlled. Also, there is already sd_dhcp_client_set_client_id() which can be used to bypass this check and set arbitrary client identifiers. 2018-12-20 11:56:02 +01:00			`int dhcp_validate_duid_len(uint16_t duid_type, size_t duid_len, bool strict);`
sd-dhcp: use MAC address when DUIDType=link-layer-time or link-layer but DUIDRawData= is not set 2018-08-07 06:35:58 +02:00			`int dhcp_identifier_set_duid_llt(struct duid duid, usec_t t, const uint8_t addr, size_t addr_len, uint16_t arp_type, size_t *len);`
			`int dhcp_identifier_set_duid_ll(struct duid duid, const uint8_t addr, size_t addr_len, uint16_t arp_type, size_t *len);`
network: dhcp - split out dhcp_identifier_set_{iaid,duid_en} from dhcp6-client This will also be used in dhcp4-client. 2015-01-21 22:25:20 +01:00			`int dhcp_identifier_set_duid_en(struct duid duid, size_t len);`
sd-dhcp: use application specific machine ID when DUIDType=uuid but DUIDRawData= is not set 2018-06-25 11:23:13 +02:00			`int dhcp_identifier_set_duid_uuid(struct duid duid, size_t len);`
dhcp: support endianness independent dhcp_identifier_set_iaid() The previous code did htole64() followed by unaligned_write_be32() (the XOR and shift in between is endianness agnostic). That means, on every architeture there is always exactly one byte swap and the iaid is dependent on endianness. Since dhcp_identifier_set_iaid() is part of the DUID generation algorithm, this cannot be fixed without changing the client-id. In particular, as the client-id already depends on the machine-id (and is thus inherrently host-specific), it is better to stick to the current behavior. However, add a parameter to switch between old and new behaviour. Since the new behavior is unused, the only real purpose of this change is to self-document the oddity of the function. Fixes: 933f9caeeb2b3c1b951d330e04beb04226e5a890 2018-11-01 14:43:11 +01:00			`int dhcp_identifier_set_iaid(int ifindex, const uint8_t mac, size_t mac_len, bool legacy_unstable_byteorder, void _id);`