search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
8322 nl: misleading-indentation
[unleashed/tickless.git] / usr / src / cmd / cmd-inet / sbin / dhcpagent / agent.c
blobef25380c323c4dae07eca628090d4eb47fa13f67
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 #include <sys/types.h>
26 #include <stdlib.h>
27 #include <assert.h>
28 #include <errno.h>
29 #include <locale.h>
30 #include <string.h>
31 #include <unistd.h>
32 #include <signal.h>
33 #include <stdio.h>
34 #include <stdio_ext.h>
35 #include <dhcp_hostconf.h>
36 #include <dhcpagent_ipc.h>
37 #include <dhcpagent_util.h>
38 #include <dhcpmsg.h>
39 #include <netinet/dhcp.h>
40 #include <net/route.h>
41 #include <sys/sockio.h>
42 #include <sys/stat.h>
43 #include <stropts.h>
44 #include <fcntl.h>
45 #include <sys/scsi/adapters/iscsi_if.h>
46
47 #include "async.h"
48 #include "agent.h"
49 #include "script_handler.h"
50 #include "util.h"
51 #include "class_id.h"
52 #include "states.h"
53 #include "packet.h"
54 #include "interface.h"
55 #include "defaults.h"
56
57 #ifndef TEXT_DOMAIN
58 #define TEXT_DOMAIN "SYS_TEST"
59 #endif
60
61 iu_timer_id_t inactivity_id;
62 int class_id_len = 0;
63 char *class_id;
64 iu_eh_t *eh;
65 iu_tq_t *tq;
66 pid_t grandparent;
67 int rtsock_fd;
68
69 static boolean_t shutdown_started = B_FALSE;
70 static boolean_t do_adopt = B_FALSE;
71 static unsigned int debug_level = 0;
72 static iu_eh_callback_t accept_event, ipc_event, rtsock_event;
73
74 /*
75 * The ipc_cmd_allowed[] table indicates which IPC commands are allowed in
76 * which states; a non-zero value indicates the command is permitted.
77 *
78 * START is permitted if the state machine is fresh, or if we are in the
79 * process of trying to obtain a lease (as a convenience to save the
80 * administrator from having to do an explicit DROP). EXTEND, RELEASE, and
81 * GET_TAG require a lease to be obtained in order to make sense. INFORM is
82 * permitted if the interface is fresh or has an INFORM in progress or
83 * previously done on it -- otherwise a DROP or RELEASE is first required.
84 * PING and STATUS always make sense and thus are always permitted, as is DROP
85 * in order to permit the administrator to always bail out.
86 */
87 static int ipc_cmd_allowed[DHCP_NSTATES][DHCP_NIPC] = {
88 /* D E P R S S I G */
89 /* R X I E T T N E */
90 /* O T N L A A F T */
91 /* P E G E R T O _ */
92 /* . N . A T U R T */
93 /* . D . S . S M A */
94 /* . . . E . . . G */
95 /* INIT */ { 1, 0, 1, 0, 1, 1, 1, 0 },
96 /* SELECTING */ { 1, 0, 1, 0, 1, 1, 0, 0 },
97 /* REQUESTING */ { 1, 0, 1, 0, 1, 1, 0, 0 },
98 /* PRE_BOUND */ { 1, 1, 1, 1, 0, 1, 0, 1 },
99 /* BOUND */ { 1, 1, 1, 1, 0, 1, 0, 1 },
100 /* RENEWING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
101 /* REBINDING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
102 /* INFORMATION */ { 1, 0, 1, 0, 1, 1, 1, 1 },
103 /* INIT_REBOOT */ { 1, 0, 1, 1, 1, 1, 0, 0 },
104 /* ADOPTING */ { 1, 0, 1, 1, 0, 1, 0, 0 },
105 /* INFORM_SENT */ { 1, 0, 1, 0, 1, 1, 1, 0 },
106 /* DECLINING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
107 /* RELEASING */ { 1, 0, 1, 0, 0, 1, 0, 1 },
108 };
109
110 #define CMD_ISPRIV 0x1 /* Command requires privileges */
111 #define CMD_CREATE 0x2 /* Command creates an interface */
112 #define CMD_BOOTP 0x4 /* Command is valid with BOOTP */
113 #define CMD_IMMED 0x8 /* Reply is immediate (no BUSY state) */
114
115 static uint_t ipc_cmd_flags[DHCP_NIPC] = {
116 /* DHCP_DROP */ CMD_ISPRIV|CMD_BOOTP,
117 /* DHCP_EXTEND */ CMD_ISPRIV,
118 /* DHCP_PING */ CMD_BOOTP|CMD_IMMED,
119 /* DHCP_RELEASE */ CMD_ISPRIV,
120 /* DHCP_START */ CMD_CREATE|CMD_ISPRIV|CMD_BOOTP,
121 /* DHCP_STATUS */ CMD_BOOTP|CMD_IMMED,
122 /* DHCP_INFORM */ CMD_CREATE|CMD_ISPRIV,
123 /* DHCP_GET_TAG */ CMD_BOOTP|CMD_IMMED
124 };
125
126 static boolean_t is_iscsi_active(void);
127
128 int
129 main(int argc, char **argv)
130 {
131 boolean_t is_daemon = B_TRUE;
132 boolean_t is_verbose;
133 int ipc_fd;
134 int c;
135 int aware = RTAW_UNDER_IPMP;
136 struct rlimit rl;
137
138 debug_level = df_get_int("", B_FALSE, DF_DEBUG_LEVEL);
139 is_verbose = df_get_bool("", B_FALSE, DF_VERBOSE);
140
141 /*
142 * -l is ignored for compatibility with old agent.
143 */
144
145 while ((c = getopt(argc, argv, "vd:l:fa")) != EOF) {
146
147 switch (c) {
148
149 case 'a':
150 do_adopt = B_TRUE;
151 grandparent = getpid();
152 break;
153
154 case 'd':
155 debug_level = strtoul(optarg, NULL, 0);
156 break;
157
158 case 'f':
159 is_daemon = B_FALSE;
160 break;
161
162 case 'v':
163 is_verbose = B_TRUE;
164 break;
165
166 case '?':
167 (void) fprintf(stderr, "usage: %s [-a] [-d n] [-f] [-v]"
168 "\n", argv[0]);
169 return (EXIT_FAILURE);
170
171 default:
172 break;
173 }
174 }
175
176 (void) setlocale(LC_ALL, "");
177 (void) textdomain(TEXT_DOMAIN);
178
179 if (geteuid() != 0) {
180 dhcpmsg_init(argv[0], B_FALSE, is_verbose, debug_level);
181 dhcpmsg(MSG_ERROR, "must be super-user");
182 dhcpmsg_fini();
183 return (EXIT_FAILURE);
184 }
185
186 if (is_daemon && daemonize() == 0) {
187 dhcpmsg_init(argv[0], B_FALSE, is_verbose, debug_level);
188 dhcpmsg(MSG_ERR, "cannot become daemon, exiting");
189 dhcpmsg_fini();
190 return (EXIT_FAILURE);
191 }
192
193 /*
194 * Seed the random number generator, since we're going to need it
195 * to set transaction id's and for exponential backoff.
196 */
197 srand48(gethrtime() ^ gethostid() ^ getpid());
198
199 dhcpmsg_init(argv[0], is_daemon, is_verbose, debug_level);
200 (void) atexit(dhcpmsg_fini);
201
202 tq = iu_tq_create();
203 eh = iu_eh_create();
204
205 if (eh == NULL || tq == NULL) {
206 errno = ENOMEM;
207 dhcpmsg(MSG_ERR, "cannot create timer queue or event handler");
208 return (EXIT_FAILURE);
209 }
210
211 /*
212 * ignore most signals that could be reasonably generated.
213 */
214
215 (void) signal(SIGTERM, graceful_shutdown);
216 (void) signal(SIGQUIT, graceful_shutdown);
217 (void) signal(SIGPIPE, SIG_IGN);
218 (void) signal(SIGUSR1, SIG_IGN);
219 (void) signal(SIGUSR2, SIG_IGN);
220 (void) signal(SIGINT, SIG_IGN);
221 (void) signal(SIGHUP, SIG_IGN);
222 (void) signal(SIGCHLD, SIG_IGN);
223
224 /*
225 * upon SIGTHAW we need to refresh any non-infinite leases.
226 */
227
228 (void) iu_eh_register_signal(eh, SIGTHAW, refresh_smachs, NULL);
229
230 class_id = get_class_id();
231 if (class_id != NULL)
232 class_id_len = strlen(class_id);
233 else
234 dhcpmsg(MSG_WARNING, "get_class_id failed, continuing "
235 "with no vendor class id");
236
237 /*
238 * the inactivity timer is enabled any time there are no
239 * interfaces under DHCP control. if DHCP_INACTIVITY_WAIT
240 * seconds transpire without an interface under DHCP control,
241 * the agent shuts down.
242 */
243
244 inactivity_id = iu_schedule_timer(tq, DHCP_INACTIVITY_WAIT,
245 inactivity_shutdown, NULL);
246
247 /*
248 * max out the number available descriptors, just in case..
249 */
250
251 rl.rlim_cur = RLIM_INFINITY;
252 rl.rlim_max = RLIM_INFINITY;
253 if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
254 dhcpmsg(MSG_ERR, "setrlimit failed");
255
256 (void) enable_extended_FILE_stdio(-1, -1);
257
258 /*
259 * Create and bind default IP sockets used to control interfaces and to
260 * catch stray packets.
261 */
262
263 if (!dhcp_ip_default())
264 return (EXIT_FAILURE);
265
266 /*
267 * create the ipc channel that the agent will listen for
268 * requests on, and register it with the event handler so that
269 * `accept_event' will be called back.
270 */
271
272 switch (dhcp_ipc_init(&ipc_fd)) {
273
274 case 0:
275 break;
276
277 case DHCP_IPC_E_BIND:
278 dhcpmsg(MSG_ERROR, "dhcp_ipc_init: cannot bind to port "
279 "%i (agent already running?)", IPPORT_DHCPAGENT);
280 return (EXIT_FAILURE);
281
282 default:
283 dhcpmsg(MSG_ERROR, "dhcp_ipc_init failed");
284 return (EXIT_FAILURE);
285 }
286
287 if (iu_register_event(eh, ipc_fd, POLLIN, accept_event, 0) == -1) {
288 dhcpmsg(MSG_ERR, "cannot register ipc fd for messages");
289 return (EXIT_FAILURE);
290 }
291
292 /*
293 * Create the global routing socket. This is used for monitoring
294 * interface transitions, so that we learn about the kernel's Duplicate
295 * Address Detection status, and for inserting and removing default
296 * routes as learned from DHCP servers. Both v4 and v6 are handed
297 * with this one socket.
298 */
299 rtsock_fd = socket(PF_ROUTE, SOCK_RAW, 0);
300 if (rtsock_fd == -1) {
301 dhcpmsg(MSG_ERR, "cannot open routing socket");
302 return (EXIT_FAILURE);
303 }
304
305 /*
306 * We're IPMP-aware and can manage IPMP test addresses, so issue
307 * RT_AWARE to get routing socket messages for interfaces under IPMP.
308 */
309 if (setsockopt(rtsock_fd, SOL_ROUTE, RT_AWARE, &aware,
310 sizeof (aware)) == -1) {
311 dhcpmsg(MSG_ERR, "cannot set RT_AWARE on routing socket");
312 return (EXIT_FAILURE);
313 }
314
315 if (iu_register_event(eh, rtsock_fd, POLLIN, rtsock_event, 0) == -1) {
316 dhcpmsg(MSG_ERR, "cannot register routing socket for messages");
317 return (EXIT_FAILURE);
318 }
319
320 /*
321 * if the -a (adopt) option was specified, try to adopt the
322 * kernel-managed interface before we start.
323 */
324
325 if (do_adopt && !dhcp_adopt())
326 return (EXIT_FAILURE);
327
328 /*
329 * For DHCPv6, we own all of the interfaces marked DHCPRUNNING. As
330 * we're starting operation here, if there are any of those interfaces
331 * lingering around, they're strays, and need to be removed.
332 *
333 * It might be nice to save these addresses off somewhere -- for both
334 * v4 and v6 -- and use them as hints for later negotiation.
335 */
336 remove_v6_strays();
337
338 /*
339 * enter the main event loop; this is where all the real work
340 * takes place (through registering events and scheduling timers).
341 * this function only returns when the agent is shutting down.
342 */
343
344 switch (iu_handle_events(eh, tq)) {
345
346 case -1:
347 dhcpmsg(MSG_WARNING, "iu_handle_events exited abnormally");
348 break;
349
350 case DHCP_REASON_INACTIVITY:
351 dhcpmsg(MSG_INFO, "no interfaces to manage, shutting down...");
352 break;
353
354 case DHCP_REASON_TERMINATE:
355 dhcpmsg(MSG_INFO, "received SIGTERM, shutting down...");
356 break;
357
358 case DHCP_REASON_SIGNAL:
359 dhcpmsg(MSG_WARNING, "received unexpected signal, shutting "
360 "down...");
361 break;
362 }
363
364 (void) iu_eh_unregister_signal(eh, SIGTHAW, NULL);
365
366 iu_eh_destroy(eh);
367 iu_tq_destroy(tq);
368
369 return (EXIT_SUCCESS);
370 }
371
372 /*
373 * drain_script(): event loop callback during shutdown
374 *
375 * input: eh_t *: unused
376 * void *: unused
377 * output: boolean_t: B_TRUE if event loop should exit; B_FALSE otherwise
378 */
379
380 /* ARGSUSED */
381 boolean_t
382 drain_script(iu_eh_t *ehp, void *arg)
383 {
384 if (shutdown_started == B_FALSE) {
385 shutdown_started = B_TRUE;
386 /*
387 * Check if the system is diskless client and/or
388 * there are active iSCSI sessions
389 *
390 * Do not drop the lease, or the system will be
391 * unable to sync(dump) through nfs/iSCSI driver
392 */
393 if (!do_adopt && !is_iscsi_active()) {
394 nuke_smach_list();
395 }
396 }
397 return (script_count == 0);
398 }
399
400 /*
401 * accept_event(): accepts a new connection on the ipc socket and registers
402 * to receive its messages with the event handler
403 *
404 * input: iu_eh_t *: unused
405 * int: the file descriptor in the iu_eh_t * the connection came in on
406 * (other arguments unused)
407 * output: void
408 */
409
410 /* ARGSUSED */
411 static void
412 accept_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
413 {
414 int client_fd;
415 int is_priv;
416
417 if (dhcp_ipc_accept(fd, &client_fd, &is_priv) != 0) {
418 dhcpmsg(MSG_ERR, "accept_event: accept on ipc socket");
419 return;
420 }
421
422 if (iu_register_event(eh, client_fd, POLLIN, ipc_event,
423 (void *)is_priv) == -1) {
424 dhcpmsg(MSG_ERROR, "accept_event: cannot register ipc socket "
425 "for callback");
426 }
427 }
428
429 /*
430 * ipc_event(): processes incoming ipc requests
431 *
432 * input: iu_eh_t *: unused
433 * int: the file descriptor in the iu_eh_t * the request came in on
434 * short: unused
435 * iu_event_id_t: event ID
436 * void *: indicates whether the request is from a privileged client
437 * output: void
438 */
439
440 /* ARGSUSED */
441 static void
442 ipc_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
443 {
444 ipc_action_t ia, *iap;
445 dhcp_smach_t *dsmp;
446 int error, is_priv = (int)arg;
447 const char *ifname;
448 boolean_t isv6;
449 boolean_t dsm_created = B_FALSE;
450
451 ipc_action_init(&ia);
452 error = dhcp_ipc_recv_request(fd, &ia.ia_request,
453 DHCP_IPC_REQUEST_WAIT);
454 if (error != DHCP_IPC_SUCCESS) {
455 if (error != DHCP_IPC_E_EOF) {
456 dhcpmsg(MSG_ERROR,
457 "ipc_event: dhcp_ipc_recv_request failed: %s",
458 dhcp_ipc_strerror(error));
459 } else {
460 dhcpmsg(MSG_DEBUG, "ipc_event: connection closed");
461 }
462 if ((dsmp = lookup_smach_by_event(id)) != NULL) {
463 ipc_action_finish(dsmp, error);
464 } else {
465 (void) iu_unregister_event(eh, id, NULL);
466 (void) dhcp_ipc_close(fd);
467 }
468 return;
469 }
470
471 /* Fill in temporary ipc_action structure for utility functions */
472 ia.ia_cmd = DHCP_IPC_CMD(ia.ia_request->message_type);
473 ia.ia_fd = fd;
474 ia.ia_eid = id;
475
476 if (ia.ia_cmd >= DHCP_NIPC) {
477 dhcpmsg(MSG_ERROR,
478 "ipc_event: invalid command (%s) attempted on %s",
479 dhcp_ipc_type_to_string(ia.ia_cmd), ia.ia_request->ifname);
480 send_error_reply(&ia, DHCP_IPC_E_CMD_UNKNOWN);
481 return;
482 }
483
484 /* return EPERM for any of the privileged actions */
485
486 if (!is_priv && (ipc_cmd_flags[ia.ia_cmd] & CMD_ISPRIV)) {
487 dhcpmsg(MSG_WARNING,
488 "ipc_event: privileged ipc command (%s) attempted on %s",
489 dhcp_ipc_type_to_string(ia.ia_cmd), ia.ia_request->ifname);
490 send_error_reply(&ia, DHCP_IPC_E_PERM);
491 return;
492 }
493
494 /*
495 * Try to locate the state machine associated with this command. If
496 * the command is DHCP_START or DHCP_INFORM and there isn't a state
497 * machine already, make one (there may already be one from a previous
498 * failed attempt to START or INFORM). Otherwise, verify the reference
499 * is still valid.
500 *
501 * The interface name may be blank. In that case, we look up the
502 * primary interface, and the requested type (v4 or v6) doesn't matter.
503 */
504
505 isv6 = (ia.ia_request->message_type & DHCP_V6) != 0;
506 ifname = ia.ia_request->ifname;
507 if (*ifname == '\0')
508 dsmp = primary_smach(isv6);
509 else
510 dsmp = lookup_smach(ifname, isv6);
511
512 if (dsmp != NULL) {
513 /* Note that verify_smach drops a reference */
514 hold_smach(dsmp);
515 if (!verify_smach(dsmp))
516 dsmp = NULL;
517 }
518
519 if (dsmp == NULL) {
520 /*
521 * If the user asked for the primary DHCP interface by giving
522 * an empty string and there is no primary, then check if we're
523 * handling dhcpinfo. If so, then simulate primary selection.
524 * Otherwise, report failure.
525 */
526 if (ifname[0] == '\0') {
527 if (ia.ia_cmd == DHCP_GET_TAG)
528 dsmp = info_primary_smach(isv6);
529 if (dsmp == NULL)
530 error = DHCP_IPC_E_NOPRIMARY;
531
532 /*
533 * If there's no interface, and we're starting up, then create
534 * it now, along with a state machine for it. Note that if
535 * insert_smach fails, it discards the LIF reference.
536 */
537 } else if (ipc_cmd_flags[ia.ia_cmd] & CMD_CREATE) {
538 dhcp_lif_t *lif;
539
540 lif = attach_lif(ifname, isv6, &error);
541 if (lif != NULL &&
542 (dsmp = insert_smach(lif, &error)) != NULL) {
543 /*
544 * Get client ID for logical interface. (V4
545 * only, because V6 plumbs its own interfaces.)
546 */
547 error = get_smach_cid(dsmp);
548 if (error != DHCP_IPC_SUCCESS) {
549 remove_smach(dsmp);
550 dsmp = NULL;
551 }
552 dsm_created = (dsmp != NULL);
553 }
554
555 /*
556 * Otherwise, this is an operation on an unknown interface.
557 */
558 } else {
559 error = DHCP_IPC_E_UNKIF;
560 }
561 if (dsmp == NULL) {
562 send_error_reply(&ia, error);
563 return;
564 }
565 }
566
567 /*
568 * If this is a request for DHCP to manage a lease on an address,
569 * ensure that IFF_DHCPRUNNING is set (we don't set this when the lif
570 * is created because the lif may have been created for INFORM).
571 */
572 if (ia.ia_cmd == DHCP_START &&
573 (error = set_lif_dhcp(dsmp->dsm_lif)) != DHCP_IPC_SUCCESS) {
574 if (dsm_created)
575 remove_smach(dsmp);
576 send_error_reply(&ia, error);
577 return;
578 }
579
580 if ((dsmp->dsm_dflags & DHCP_IF_BOOTP) &&
581 !(ipc_cmd_flags[ia.ia_cmd] & CMD_BOOTP)) {
582 dhcpmsg(MSG_ERROR, "command %s not valid for BOOTP on %s",
583 dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
584 send_error_reply(&ia, DHCP_IPC_E_BOOTP);
585 return;
586 }
587
588 /*
589 * verify that the state machine is in a state which will allow the
590 * command. we do this up front so that we can return an error
591 * *before* needlessly cancelling an in-progress transaction.
592 */
593
594 if (!check_cmd_allowed(dsmp->dsm_state, ia.ia_cmd)) {
595 dhcpmsg(MSG_DEBUG,
596 "in state %s; not allowing %s command on %s",
597 dhcp_state_to_string(dsmp->dsm_state),
598 dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
599 send_error_reply(&ia,
600 ia.ia_cmd == DHCP_START && dsmp->dsm_state != INIT ?
601 DHCP_IPC_E_RUNNING : DHCP_IPC_E_OUTSTATE);
602 return;
603 }
604
605 dhcpmsg(MSG_DEBUG, "in state %s; allowing %s command on %s",
606 dhcp_state_to_string(dsmp->dsm_state),
607 dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
608
609 if ((ia.ia_request->message_type & DHCP_PRIMARY) && is_priv)
610 make_primary(dsmp);
611
612 /*
613 * The current design dictates that there can be only one outstanding
614 * transaction per state machine -- this simplifies the code
615 * considerably and also fits well with RFCs 2131 and 3315. It is
616 * worth classifying the different DHCP commands into synchronous
617 * (those which we will handle now and reply to immediately) and
618 * asynchronous (those which require transactions and will be completed
619 * at an indeterminate time in the future):
620 *
621 * DROP: removes the agent's management of a state machine.
622 * asynchronous as the script program may be invoked.
623 *
624 * PING: checks to see if the agent has a named state machine.
625 * synchronous, since no packets need to be sent
626 * to the DHCP server.
627 *
628 * STATUS: returns information about a state machine.
629 * synchronous, since no packets need to be sent
630 * to the DHCP server.
631 *
632 * RELEASE: releases the agent's management of a state machine
633 * and brings the associated interfaces down. asynchronous
634 * as the script program may be invoked.
635 *
636 * EXTEND: renews a lease. asynchronous, since the agent
637 * needs to wait for an ACK, etc.
638 *
639 * START: starts DHCP on a named state machine. asynchronous since
640 * the agent needs to wait for OFFERs, ACKs, etc.
641 *
642 * INFORM: obtains configuration parameters for the system using
643 * externally configured interface. asynchronous, since the
644 * agent needs to wait for an ACK.
645 *
646 * Notice that EXTEND, INFORM, START, DROP and RELEASE are
647 * asynchronous. Notice also that asynchronous commands may occur from
648 * within the agent -- for instance, the agent will need to do implicit
649 * EXTENDs to extend the lease. In order to make the code simpler, the
650 * following rules apply for asynchronous commands:
651 *
652 * There can only be one asynchronous command at a time per state
653 * machine. The current asynchronous command is managed by the async_*
654 * api: async_start(), async_finish(), and async_cancel().
655 * async_start() starts management of a new asynchronous command on an
656 * state machine, which should only be done after async_cancel() to
657 * terminate a previous command. When the command is completed,
658 * async_finish() should be called.
659 *
660 * Asynchronous commands started by a user command have an associated
661 * ipc_action which provides the agent with information for how to get
662 * in touch with the user command when the action completes. These
663 * ipc_action records also have an associated timeout which may be
664 * infinite. ipc_action_start() should be called when starting an
665 * asynchronous command requested by a user, which sets up the timer
666 * and keeps track of the ipc information (file descriptor, request
667 * type). When the asynchronous command completes, ipc_action_finish()
668 * should be called to return a command status code to the user and
669 * close the ipc connection). If the command does not complete before
670 * the timer fires, ipc_action_timeout() is called which closes the ipc
671 * connection and returns DHCP_IPC_E_TIMEOUT to the user. Note that
672 * independent of ipc_action_timeout(), ipc_action_finish() should be
673 * called.
674 *
675 * on a case-by-case basis, here is what happens (per state machine):
676 *
677 * o When an asynchronous command is requested, then
678 * async_cancel() is called to terminate any non-user
679 * action in progress. If there's a user action running,
680 * the user command is sent DHCP_IPC_E_PEND.
681 *
682 * o otherwise, the the transaction is started with
683 * async_start(). if the transaction is on behalf
684 * of a user, ipc_action_start() is called to keep
685 * track of the ipc information and set up the
686 * ipc_action timer.
687 *
688 * o if the command completes normally and before a
689 * timeout fires, then async_finish() is called.
690 * if there was an associated ipc_action,
691 * ipc_action_finish() is called to complete it.
692 *
693 * o if the command fails before a timeout fires, then
694 * async_finish() is called, and the state machine is
695 * is returned to a known state based on the command.
696 * if there was an associated ipc_action,
697 * ipc_action_finish() is called to complete it.
698 *
699 * o if the ipc_action timer fires before command
700 * completion, then DHCP_IPC_E_TIMEOUT is returned to
701 * the user. however, the transaction continues to
702 * be carried out asynchronously.
703 */
704
705 if (ipc_cmd_flags[ia.ia_cmd] & CMD_IMMED) {
706 /*
707 * Only immediate commands (ping, status, get_tag) need to
708 * worry about freeing ia through one of the reply functions
709 * before returning.
710 */
711 iap = &ia;
712 } else {
713 /*
714 * if shutdown request has been received, send back an error.
715 */
716 if (shutdown_started) {
717 send_error_reply(&ia, DHCP_IPC_E_OUTSTATE);
718 return;
719 }
720
721 if (dsmp->dsm_dflags & DHCP_IF_BUSY) {
722 send_error_reply(&ia, DHCP_IPC_E_PEND);
723 return;
724 }
725
726 if (!ipc_action_start(dsmp, &ia)) {
727 dhcpmsg(MSG_WARNING, "ipc_event: ipc_action_start "
728 "failed for %s", dsmp->dsm_name);
729 send_error_reply(&ia, DHCP_IPC_E_MEMORY);
730 return;
731 }
732
733 /* Action structure consumed by above function */
734 iap = &dsmp->dsm_ia;
735 }
736
737 switch (iap->ia_cmd) {
738
739 case DHCP_DROP:
740 if (dsmp->dsm_droprelease)
741 break;
742 dsmp->dsm_droprelease = B_TRUE;
743
744 /*
745 * Ensure that a timer associated with the existing state
746 * doesn't pop while we're waiting for the script to complete.
747 * (If so, chaos can result -- e.g., a timer causes us to end
748 * up in dhcp_selecting() would start acquiring a new lease on
749 * dsmp while our DHCP_DROP dismantling is ongoing.)
750 */
751 cancel_smach_timers(dsmp);
752 (void) script_start(dsmp, isv6 ? EVENT_DROP6 : EVENT_DROP,
753 dhcp_drop, NULL, NULL);
754 break; /* not an immediate function */
755
756 case DHCP_EXTEND:
757 (void) dhcp_extending(dsmp);
758 break;
759
760 case DHCP_GET_TAG: {
761 dhcp_optnum_t optnum;
762 void *opt = NULL;
763 uint_t optlen;
764 boolean_t did_alloc = B_FALSE;
765 PKT_LIST *ack = dsmp->dsm_ack;
766 int i;
767
768 /*
769 * verify the request makes sense.
770 */
771
772 if (iap->ia_request->data_type != DHCP_TYPE_OPTNUM ||
773 iap->ia_request->data_length != sizeof (dhcp_optnum_t)) {
774 send_error_reply(iap, DHCP_IPC_E_PROTO);
775 break;
776 }
777
778 (void) memcpy(&optnum, iap->ia_request->buffer,
779 sizeof (dhcp_optnum_t));
780
781 load_option:
782 switch (optnum.category) {
783
784 case DSYM_SITE: /* FALLTHRU */
785 case DSYM_STANDARD:
786 for (i = 0; i < dsmp->dsm_pillen; i++) {
787 if (dsmp->dsm_pil[i] == optnum.code)
788 break;
789 }
790 if (i < dsmp->dsm_pillen)
791 break;
792 if (isv6) {
793 opt = dhcpv6_pkt_option(ack, NULL, optnum.code,
794 NULL);
795 } else {
796 if (optnum.code <= DHCP_LAST_OPT)
797 opt = ack->opts[optnum.code];
798 }
799 break;
800
801 case DSYM_VENDOR:
802 if (isv6) {
803 dhcpv6_option_t *d6o;
804 uint32_t ent;
805
806 /*
807 * Look through vendor options to find our
808 * enterprise number.
809 */
810 d6o = NULL;
811 for (;;) {
812 d6o = dhcpv6_pkt_option(ack, d6o,
813 DHCPV6_OPT_VENDOR_OPT, &optlen);
814 if (d6o == NULL)
815 break;
816 optlen -= sizeof (*d6o);
817 if (optlen < sizeof (ent))
818 continue;
819 (void) memcpy(&ent, d6o + 1,
820 sizeof (ent));
821 if (ntohl(ent) != DHCPV6_SUN_ENT)
822 continue;
823 break;
824 }
825 if (d6o != NULL) {
826 /*
827 * Now find the requested vendor option
828 * within the vendor options block.
829 */
830 opt = dhcpv6_find_option(
831 (char *)(d6o + 1) + sizeof (ent),
832 optlen - sizeof (ent), NULL,
833 optnum.code, NULL);
834 }
835 } else {
836 /*
837 * the test against VS_OPTION_START is broken
838 * up into two tests to avoid compiler warnings
839 * under intel.
840 */
841 if ((optnum.code > VS_OPTION_START ||
842 optnum.code == VS_OPTION_START) &&
843 optnum.code <= VS_OPTION_END)
844 opt = ack->vs[optnum.code];
845 }
846 break;
847
848 case DSYM_FIELD:
849 if (isv6) {
850 dhcpv6_message_t *d6m =
851 (dhcpv6_message_t *)ack->pkt;
852 dhcpv6_option_t *d6o;
853
854 /* Validate the packet field the user wants */
855 optlen = optnum.code + optnum.size;
856 if (d6m->d6m_msg_type ==
857 DHCPV6_MSG_RELAY_FORW ||
858 d6m->d6m_msg_type ==
859 DHCPV6_MSG_RELAY_REPL) {
860 if (optlen > sizeof (dhcpv6_relay_t))
861 break;
862 } else {
863 if (optlen > sizeof (*d6m))
864 break;
865 }
866
867 opt = malloc(sizeof (*d6o) + optnum.size);
868 if (opt != NULL) {
869 d6o = opt;
870 d6o->d6o_code = htons(optnum.code);
871 d6o->d6o_len = htons(optnum.size);
872 (void) memcpy(d6o + 1, (caddr_t)d6m +
873 optnum.code, optnum.size);
874 }
875 } else {
876 if (optnum.code + optnum.size > sizeof (PKT))
877 break;
878
879 /*
880 * + 2 to account for option code and length
881 * byte
882 */
883 opt = malloc(optnum.size + 2);
884 if (opt != NULL) {
885 DHCP_OPT *v4opt = opt;
886
887 v4opt->len = optnum.size;
888 v4opt->code = optnum.code;
889 (void) memcpy(v4opt->value,
890 (caddr_t)ack->pkt + optnum.code,
891 optnum.size);
892 }
893 }
894
895 if (opt == NULL) {
896 send_error_reply(iap, DHCP_IPC_E_MEMORY);
897 return;
898 }
899 did_alloc = B_TRUE;
900 break;
901
902 default:
903 send_error_reply(iap, DHCP_IPC_E_PROTO);
904 return;
905 }
906
907 /*
908 * return the option payload, if there was one. the "+ 2"
909 * accounts for the option code number and length byte.
910 */
911
912 if (opt != NULL) {
913 if (isv6) {
914 dhcpv6_option_t d6ov;
915
916 (void) memcpy(&d6ov, opt, sizeof (d6ov));
917 optlen = ntohs(d6ov.d6o_len) + sizeof (d6ov);
918 } else {
919 optlen = ((DHCP_OPT *)opt)->len + 2;
920 }
921 send_data_reply(iap, 0, DHCP_TYPE_OPTION, opt, optlen);
922
923 if (did_alloc)
924 free(opt);
925 break;
926 } else if (ack != dsmp->dsm_orig_ack) {
927 /*
928 * There wasn't any definition for the option in the
929 * current ack, so now retry with the original ack if
930 * the original ack is not the current ack.
931 */
932 ack = dsmp->dsm_orig_ack;
933 goto load_option;
934 }
935
936 /*
937 * note that an "okay" response is returned either in
938 * the case of an unknown option or a known option
939 * with no payload. this is okay (for now) since
940 * dhcpinfo checks whether an option is valid before
941 * ever performing ipc with the agent.
942 */
943
944 send_ok_reply(iap);
945 break;
946 }
947
948 case DHCP_INFORM:
949 dhcp_inform(dsmp);
950 /* next destination: dhcp_acknak() */
951 break; /* not an immediate function */
952
953 case DHCP_PING:
954 if (dsmp->dsm_dflags & DHCP_IF_FAILED)
955 send_error_reply(iap, DHCP_IPC_E_FAILEDIF);
956 else
957 send_ok_reply(iap);
958 break;
959
960 case DHCP_RELEASE:
961 if (dsmp->dsm_droprelease)
962 break;
963 dsmp->dsm_droprelease = B_TRUE;
964 cancel_smach_timers(dsmp); /* see comment in DHCP_DROP above */
965 (void) script_start(dsmp, isv6 ? EVENT_RELEASE6 :
966 EVENT_RELEASE, dhcp_release, "Finished with lease.", NULL);
967 break; /* not an immediate function */
968
969 case DHCP_START: {
970 PKT_LIST *ack, *oack;
971 PKT_LIST *plp[2];
972
973 deprecate_leases(dsmp);
974
975 /*
976 * if we have a valid hostconf lying around, then jump
977 * into INIT_REBOOT. if it fails, we'll end up going
978 * through the whole selecting() procedure again.
979 */
980
981 error = read_hostconf(dsmp->dsm_name, plp, 2, dsmp->dsm_isv6);
982 ack = error > 0 ? plp[0] : NULL;
983 oack = error > 1 ? plp[1] : NULL;
984
985 /*
986 * If the allocation of the old ack fails, that's fine;
987 * continue without it.
988 */
989 if (oack == NULL)
990 oack = ack;
991
992 /*
993 * As long as we've allocated something, start using it.
994 */
995 if (ack != NULL) {
996 dsmp->dsm_orig_ack = oack;
997 dsmp->dsm_ack = ack;
998 dhcp_init_reboot(dsmp);
999 /* next destination: dhcp_acknak() */
1000 break;
1001 }
1002
1003 /*
1004 * if not debugging, wait for a few seconds before
1005 * going into SELECTING.
1006 */
1007
1008 if (debug_level == 0 && set_start_timer(dsmp)) {
1009 /* next destination: dhcp_start() */
1010 break;
1011 } else {
1012 dhcp_selecting(dsmp);
1013 /* next destination: dhcp_requesting() */
1014 break;
1015 }
1016 }
1017
1018 case DHCP_STATUS: {
1019 dhcp_status_t status;
1020 dhcp_lease_t *dlp;
1021
1022 status.if_began = monosec_to_time(dsmp->dsm_curstart_monosec);
1023
1024 /*
1025 * We return information on just the first lease as being
1026 * representative of the lot. A better status mechanism is
1027 * needed.
1028 */
1029 dlp = dsmp->dsm_leases;
1030
1031 if (dlp == NULL ||
1032 dlp->dl_lifs->lif_expire.dt_start == DHCP_PERM) {
1033 status.if_t1 = DHCP_PERM;
1034 status.if_t2 = DHCP_PERM;
1035 status.if_lease = DHCP_PERM;
1036 } else {
1037 status.if_t1 = status.if_began +
1038 dlp->dl_t1.dt_start;
1039 status.if_t2 = status.if_began +
1040 dlp->dl_t2.dt_start;
1041 status.if_lease = status.if_began +
1042 dlp->dl_lifs->lif_expire.dt_start;
1043 }
1044
1045 status.version = DHCP_STATUS_VER;
1046 status.if_state = dsmp->dsm_state;
1047 status.if_dflags = dsmp->dsm_dflags;
1048 status.if_sent = dsmp->dsm_sent;
1049 status.if_recv = dsmp->dsm_received;
1050 status.if_bad_offers = dsmp->dsm_bad_offers;
1051
1052 (void) strlcpy(status.if_name, dsmp->dsm_name, LIFNAMSIZ);
1053
1054 send_data_reply(iap, 0, DHCP_TYPE_STATUS, &status,
1055 sizeof (dhcp_status_t));
1056 break;
1057 }
1058 }
1059 }
1060
1061 /*
1062 * check_rtm_addr(): determine if routing socket message matches interface
1063 * address
1064 *
1065 * input: const struct if_msghdr *: pointer to routing socket message
1066 * int: routing socket message length
1067 * boolean_t: set to B_TRUE if IPv6
1068 * const in6_addr_t *: pointer to IP address
1069 * output: boolean_t: B_TRUE if address is a match
1070 */
1071
1072 static boolean_t
1073 check_rtm_addr(const struct ifa_msghdr *ifam, int msglen, boolean_t isv6,
1074 const in6_addr_t *addr)
1075 {
1076 const char *cp, *lim;
1077 uint_t flag;
1078 const struct sockaddr *sa;
1079
1080 if (!(ifam->ifam_addrs & RTA_IFA))
1081 return (B_FALSE);
1082
1083 cp = (const char *)(ifam + 1);
1084 lim = (const char *)ifam + msglen;
1085 for (flag = 1; flag < RTA_IFA; flag <<= 1) {
1086 if (ifam->ifam_addrs & flag) {
1087 /* LINTED: alignment */
1088 sa = (const struct sockaddr *)cp;
1089 if ((const char *)(sa + 1) > lim)
1090 return (B_FALSE);
1091 switch (sa->sa_family) {
1092 case AF_INET:
1093 cp += sizeof (struct sockaddr_in);
1094 break;
1095 case AF_LINK:
1096 cp += sizeof (struct sockaddr_dl);
1097 break;
1098 case AF_INET6:
1099 cp += sizeof (struct sockaddr_in6);
1100 break;
1101 default:
1102 cp += sizeof (struct sockaddr);
1103 break;
1104 }
1105 }
1106 }
1107 if (isv6) {
1108 const struct sockaddr_in6 *sin6;
1109
1110 /* LINTED: alignment */
1111 sin6 = (const struct sockaddr_in6 *)cp;
1112 if ((const char *)(sin6 + 1) > lim)
1113 return (B_FALSE);
1114 if (sin6->sin6_family != AF_INET6)
1115 return (B_FALSE);
1116 return (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, addr));
1117 } else {
1118 const struct sockaddr_in *sinp;
1119 ipaddr_t v4addr;
1120
1121 /* LINTED: alignment */
1122 sinp = (const struct sockaddr_in *)cp;
1123 if ((const char *)(sinp + 1) > lim)
1124 return (B_FALSE);
1125 if (sinp->sin_family != AF_INET)
1126 return (B_FALSE);
1127 IN6_V4MAPPED_TO_IPADDR(addr, v4addr);
1128 return (sinp->sin_addr.s_addr == v4addr);
1129 }
1130 }
1131
1132 /*
1133 * is_rtm_v6(): determine if routing socket message is IPv6
1134 *
1135 * input: struct ifa_msghdr *: pointer to routing socket message
1136 * int: message length
1137 * output: boolean_t
1138 */
1139
1140 static boolean_t
1141 is_rtm_v6(const struct ifa_msghdr *ifam, int msglen)
1142 {
1143 const char *cp, *lim;
1144 uint_t flag;
1145 const struct sockaddr *sa;
1146
1147 cp = (const char *)(ifam + 1);
1148 lim = (const char *)ifam + msglen;
1149 for (flag = ifam->ifam_addrs; flag != 0; flag &= flag - 1) {
1150 /* LINTED: alignment */
1151 sa = (const struct sockaddr *)cp;
1152 if ((const char *)(sa + 1) > lim)
1153 return (B_FALSE);
1154 switch (sa->sa_family) {
1155 case AF_INET:
1156 return (B_FALSE);
1157 case AF_LINK:
1158 cp += sizeof (struct sockaddr_dl);
1159 break;
1160 case AF_INET6:
1161 return (B_TRUE);
1162 default:
1163 cp += sizeof (struct sockaddr);
1164 break;
1165 }
1166 }
1167 return (B_FALSE);
1168 }
1169
1170 /*
1171 * check_lif(): check the state of a given logical interface and its DHCP
1172 * lease. We've been told by the routing socket that the
1173 * corresponding ifIndex has changed. This may mean that DAD has
1174 * completed or failed.
1175 *
1176 * input: dhcp_lif_t *: pointer to the LIF
1177 * const struct ifa_msghdr *: routing socket message
1178 * int: size of routing socket message
1179 * output: boolean_t: B_TRUE if DAD has completed on this interface
1180 */
1181
1182 static boolean_t
1183 check_lif(dhcp_lif_t *lif, const struct ifa_msghdr *ifam, int msglen)
1184 {
1185 boolean_t isv6, dad_wait, unplumb;
1186 int fd;
1187 struct lifreq lifr;
1188
1189 isv6 = lif->lif_pif->pif_isv6;
1190 fd = isv6 ? v6_sock_fd : v4_sock_fd;
1191
1192 /*
1193 * Get the real (64 bit) logical interface flags. Note that the
1194 * routing socket message has flags, but these are just the lower 32
1195 * bits.
1196 */
1197 unplumb = B_FALSE;
1198 (void) memset(&lifr, 0, sizeof (lifr));
1199 (void) strlcpy(lifr.lifr_name, lif->lif_name, sizeof (lifr.lifr_name));
1200 if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
1201 /*
1202 * Failing to retrieve flags means that the interface is gone.
1203 * It hasn't failed to verify with DAD, but we still have to
1204 * give up on it.
1205 */
1206 lifr.lifr_flags = 0;
1207 if (errno == ENXIO) {
1208 lif->lif_plumbed = B_FALSE;
1209 dhcpmsg(MSG_INFO, "%s has been removed; abandoning",
1210 lif->lif_name);
1211 if (!isv6)
1212 discard_default_routes(lif->lif_smachs);
1213 } else {
1214 dhcpmsg(MSG_ERR,
1215 "unable to retrieve interface flags on %s",
1216 lif->lif_name);
1217 }
1218 unplumb = B_TRUE;
1219 } else if (!check_rtm_addr(ifam, msglen, isv6, &lif->lif_v6addr)) {
1220 /*
1221 * If the message is not about this logical interface,
1222 * then just ignore it.
1223 */
1224 return (B_FALSE);
1225 } else if (lifr.lifr_flags & IFF_DUPLICATE) {
1226 dhcpmsg(MSG_ERROR, "interface %s has duplicate address",
1227 lif->lif_name);
1228 lif_mark_decline(lif, "duplicate address");
1229 close_ip_lif(lif);
1230 (void) open_ip_lif(lif, INADDR_ANY, B_TRUE);
1231 }
1232
1233 dad_wait = lif->lif_dad_wait;
1234 if (dad_wait) {
1235 dhcpmsg(MSG_VERBOSE, "check_lif: %s has finished DAD",
1236 lif->lif_name);
1237 lif->lif_dad_wait = B_FALSE;
1238 }
1239
1240 if (unplumb)
1241 unplumb_lif(lif);
1242
1243 return (dad_wait);
1244 }
1245
1246 /*
1247 * check_main_lif(): check the state of a main logical interface for a state
1248 * machine. This is used only for DHCPv6.
1249 *
1250 * input: dhcp_smach_t *: pointer to the state machine
1251 * const struct ifa_msghdr *: routing socket message
1252 * int: size of routing socket message
1253 * output: boolean_t: B_TRUE if LIF is ok.
1254 */
1255
1256 static boolean_t
1257 check_main_lif(dhcp_smach_t *dsmp, const struct ifa_msghdr *ifam, int msglen)
1258 {
1259 dhcp_lif_t *lif = dsmp->dsm_lif;
1260 struct lifreq lifr;
1261
1262 /*
1263 * Get the real (64 bit) logical interface flags. Note that the
1264 * routing socket message has flags, but these are just the lower 32
1265 * bits.
1266 */
1267 (void) memset(&lifr, 0, sizeof (lifr));
1268 (void) strlcpy(lifr.lifr_name, lif->lif_name, sizeof (lifr.lifr_name));
1269 if (ioctl(v6_sock_fd, SIOCGLIFFLAGS, &lifr) == -1) {
1270 /*
1271 * Failing to retrieve flags means that the interface is gone.
1272 * Our state machine is now trash.
1273 */
1274 if (errno == ENXIO) {
1275 dhcpmsg(MSG_INFO, "%s has been removed; abandoning",
1276 lif->lif_name);
1277 } else {
1278 dhcpmsg(MSG_ERR,
1279 "unable to retrieve interface flags on %s",
1280 lif->lif_name);
1281 }
1282 return (B_FALSE);
1283 } else if (!check_rtm_addr(ifam, msglen, B_TRUE, &lif->lif_v6addr)) {
1284 /*
1285 * If the message is not about this logical interface,
1286 * then just ignore it.
1287 */
1288 return (B_TRUE);
1289 } else if (lifr.lifr_flags & IFF_DUPLICATE) {
1290 dhcpmsg(MSG_ERROR, "interface %s has duplicate address",
1291 lif->lif_name);
1292 return (B_FALSE);
1293 } else {
1294 return (B_TRUE);
1295 }
1296 }
1297
1298 /*
1299 * process_link_up_down(): check the state of a physical interface for up/down
1300 * transitions; must go through INIT_REBOOT state if
1301 * the link flaps.
1302 *
1303 * input: dhcp_pif_t *: pointer to the physical interface to check
1304 * const struct if_msghdr *: routing socket message
1305 * output: none
1306 */
1307
1308 static void
1309 process_link_up_down(dhcp_pif_t *pif, const struct if_msghdr *ifm)
1310 {
1311 struct lifreq lifr;
1312 boolean_t isv6;
1313 int fd;
1314
1315 /*
1316 * If the message implies no change of flags, then we're done; no need
1317 * to check further. Note that if we have multiple state machines on a
1318 * single physical interface, this test keeps us from issuing an ioctl
1319 * for each one.
1320 */
1321 if ((ifm->ifm_flags & IFF_RUNNING) && pif->pif_running ||
1322 !(ifm->ifm_flags & IFF_RUNNING) && !pif->pif_running)
1323 return;
1324
1325 /*
1326 * We don't know what the real interface flags are, because the
1327 * if_index number is only 16 bits; we must go ask.
1328 */
1329 isv6 = pif->pif_isv6;
1330 fd = isv6 ? v6_sock_fd : v4_sock_fd;
1331 (void) memset(&lifr, 0, sizeof (lifr));
1332 (void) strlcpy(lifr.lifr_name, pif->pif_name, sizeof (lifr.lifr_name));
1333
1334 if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1 ||
1335 !(lifr.lifr_flags & IFF_RUNNING)) {
1336 /*
1337 * If we've lost the interface or it has gone down, then
1338 * nothing special to do; just turn off the running flag.
1339 */
1340 pif_status(pif, B_FALSE);
1341 } else {
1342 /*
1343 * Interface has come back up: go through verification process.
1344 */
1345 pif_status(pif, B_TRUE);
1346 }
1347 }
1348
1349 /*
1350 * rtsock_event(): fetches routing socket messages and updates internal
1351 * interface state based on those messages.
1352 *
1353 * input: iu_eh_t *: unused
1354 * int: the routing socket file descriptor
1355 * (other arguments unused)
1356 * output: void
1357 */
1358
1359 /* ARGSUSED */
1360 static void
1361 rtsock_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
1362 {
1363 dhcp_smach_t *dsmp, *dsmnext;
1364 union {
1365 struct ifa_msghdr ifam;
1366 struct if_msghdr ifm;
1367 char buf[1024];
1368 } msg;
1369 uint16_t ifindex;
1370 int msglen;
1371 boolean_t isv6;
1372
1373 if ((msglen = read(fd, &msg, sizeof (msg))) <= 0)
1374 return;
1375
1376 /* Note that the routing socket interface index is just 16 bits */
1377 if (msg.ifm.ifm_type == RTM_IFINFO) {
1378 ifindex = msg.ifm.ifm_index;
1379 isv6 = (msg.ifm.ifm_flags & IFF_IPV6) ? B_TRUE : B_FALSE;
1380 } else if (msg.ifam.ifam_type == RTM_DELADDR ||
1381 msg.ifam.ifam_type == RTM_NEWADDR) {
1382 ifindex = msg.ifam.ifam_index;
1383 isv6 = is_rtm_v6(&msg.ifam, msglen);
1384 } else {
1385 return;
1386 }
1387
1388 for (dsmp = lookup_smach_by_uindex(ifindex, NULL, isv6);
1389 dsmp != NULL; dsmp = dsmnext) {
1390 DHCPSTATE oldstate;
1391 boolean_t lif_finished;
1392 boolean_t lease_removed;
1393 dhcp_lease_t *dlp, *dlnext;
1394
1395 /*
1396 * Note that script_start can call dhcp_drop directly, and
1397 * that will do release_smach.
1398 */
1399 dsmnext = lookup_smach_by_uindex(ifindex, dsmp, isv6);
1400 oldstate = dsmp->dsm_state;
1401
1402 /*
1403 * Ignore state machines that are currently processing drop or
1404 * release; there is nothing more we can do for them.
1405 */
1406 if (dsmp->dsm_droprelease)
1407 continue;
1408
1409 /*
1410 * Look for link up/down notifications. These occur on a
1411 * physical interface basis.
1412 */
1413 if (msg.ifm.ifm_type == RTM_IFINFO) {
1414 process_link_up_down(dsmp->dsm_lif->lif_pif, &msg.ifm);
1415 continue;
1416 }
1417
1418 /*
1419 * Since we cannot trust the flags reported by the routing
1420 * socket (they're just 32 bits -- and thus never include
1421 * IFF_DUPLICATE), and we can't trust the ifindex (it's only 16
1422 * bits and also doesn't reflect the alias in use), we get
1423 * flags on all matching interfaces, and go by that.
1424 */
1425 lif_finished = B_FALSE;
1426 lease_removed = B_FALSE;
1427 for (dlp = dsmp->dsm_leases; dlp != NULL; dlp = dlnext) {
1428 dhcp_lif_t *lif, *lifnext;
1429 uint_t nlifs = dlp->dl_nlifs;
1430
1431 dlnext = dlp->dl_next;
1432 for (lif = dlp->dl_lifs; lif != NULL && nlifs > 0;
1433 lif = lifnext, nlifs--) {
1434 lifnext = lif->lif_next;
1435 if (check_lif(lif, &msg.ifam, msglen)) {
1436 dsmp->dsm_lif_wait--;
1437 lif_finished = B_TRUE;
1438 }
1439 }
1440 if (dlp->dl_nlifs == 0) {
1441 remove_lease(dlp);
1442 lease_removed = B_TRUE;
1443 }
1444 }
1445
1446 if ((isv6 && !check_main_lif(dsmp, &msg.ifam, msglen)) ||
1447 (!isv6 && !verify_lif(dsmp->dsm_lif))) {
1448 finished_smach(dsmp, DHCP_IPC_E_INVIF);
1449 continue;
1450 }
1451
1452 /*
1453 * Ignore this state machine if nothing interesting has
1454 * happened.
1455 */
1456 if (!lif_finished && dsmp->dsm_lif_down == 0 &&
1457 (dsmp->dsm_leases != NULL || !lease_removed))
1458 continue;
1459
1460 /*
1461 * If we're still waiting for DAD to complete on some of the
1462 * configured LIFs, then don't send a response.
1463 */
1464 if (dsmp->dsm_lif_wait != 0) {
1465 dhcpmsg(MSG_VERBOSE, "rtsock_event: %s still has %d "
1466 "LIFs waiting on DAD", dsmp->dsm_name,
1467 dsmp->dsm_lif_wait);
1468 continue;
1469 }
1470
1471 /*
1472 * If we have some failed LIFs, then handle them now. We'll
1473 * remove them from the list. Any leases that become empty are
1474 * also removed as part of the decline-generation process.
1475 */
1476 if (dsmp->dsm_lif_down != 0)
1477 send_declines(dsmp);
1478
1479 if (dsmp->dsm_leases == NULL) {
1480 dsmp->dsm_bad_offers++;
1481 /*
1482 * For DHCPv6, we'll process the restart once we're
1483 * done sending Decline messages, because these are
1484 * supposed to be acknowledged. With DHCPv4, there's
1485 * no acknowledgment for a DECLINE, so after sending
1486 * it, we just restart right away.
1487 */
1488 if (!dsmp->dsm_isv6) {
1489 dhcpmsg(MSG_VERBOSE, "rtsock_event: %s has no "
1490 "LIFs left", dsmp->dsm_name);
1491 dhcp_restart(dsmp);
1492 }
1493 } else {
1494 /*
1495 * If we're now up on at least some of the leases and
1496 * we were waiting for that, then kick off the rest of
1497 * configuration. Lease validation and DAD are done.
1498 */
1499 dhcpmsg(MSG_VERBOSE, "rtsock_event: all LIFs verified "
1500 "on %s in %s state", dsmp->dsm_name,
1501 dhcp_state_to_string(oldstate));
1502 if (oldstate == PRE_BOUND ||
1503 oldstate == ADOPTING)
1504 dhcp_bound_complete(dsmp);
1505 if (oldstate == ADOPTING)
1506 dhcp_adopt_complete(dsmp);
1507 }
1508 }
1509 }
1510
1511 /*
1512 * check_cmd_allowed(): check whether the requested command is allowed in the
1513 * state specified.
1514 *
1515 * input: DHCPSTATE: current state
1516 * dhcp_ipc_type_t: requested command
1517 * output: boolean_t: B_TRUE if command is allowed in this state
1518 */
1519
1520 boolean_t
1521 check_cmd_allowed(DHCPSTATE state, dhcp_ipc_type_t cmd)
1522 {
1523 return (ipc_cmd_allowed[state][cmd] != 0);
1524 }
1525
1526 static boolean_t
1527 is_iscsi_active(void)
1528 {
1529 int fd;
1530 int active = 0;
1531
1532 if ((fd = open(ISCSI_DRIVER_DEVCTL, O_RDONLY)) != -1) {
1533 if (ioctl(fd, ISCSI_IS_ACTIVE, &active) != 0)
1534 active = 0;
1535 (void) close(fd);
1536 }
1537
1538 return (active != 0);
1539 }
unleashed repo fork