6to4: Add 6to4 tunnel support.
[platform/upstream/connman.git] / src / 6to4.c
1 /*
2  *
3  *  Connection Manager
4  *
5  *  Copyright (C) 2011  Nokia Corporation. All rights reserved.
6  *  Copyright (C) Alexey Kuznetsov et al. from iproute2 package.
7  *
8  *  This program is free software; you can redistribute it and/or modify
9  *  it under the terms of the GNU General Public License version 2 as
10  *  published by the Free Software Foundation.
11  *
12  *  This program is distributed in the hope that it will be useful,
13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  *  GNU General Public License for more details.
16  *
17  *  You should have received a copy of the GNU General Public License
18  *  along with this program; if not, write to the Free Software
19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
20  *
21  */
22
23 #ifdef HAVE_CONFIG_H
24 #include <config.h>
25 #endif
26
27 #include <stdio.h>
28 #include <string.h>
29 #include <sys/socket.h>
30 #include <netinet/in.h>
31 #include <arpa/inet.h>
32 #include <net/if.h>
33 #include <linux/ip.h>
34 #include <linux/if_tunnel.h>
35 #include <linux/netlink.h>
36 #include <linux/rtnetlink.h>
37 #include <sys/ioctl.h>
38 #include <unistd.h>
39
40 #include "connman.h"
41 #include <connman/log.h>
42 #include <connman/ipconfig.h>
43
44 static int tunnel_created;
45 static int tunnel_pending;
46 static char *tunnel_ip_address;
47
48 #define NLMSG_TAIL(nmsg) \
49         ((struct rtattr *) (((void *)(nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
50
51 #ifndef IP_DF
52 #define IP_DF           0x4000          /* Flag: "Don't Fragment"       */
53 #endif
54
55 struct rtnl_handle {
56         int                     fd;
57         struct sockaddr_nl      local;
58         struct sockaddr_nl      peer;
59         __u32                   seq;
60         __u32                   dump;
61 };
62
63 static int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
64 {
65         int len = RTA_LENGTH(4);
66         struct rtattr *rta;
67         if (NLMSG_ALIGN(n->nlmsg_len) + len > (unsigned int)maxlen) {
68                 DBG("Error! max allowed bound %d exceeded", maxlen);
69                 return -1;
70         }
71         rta = NLMSG_TAIL(n);
72         rta->rta_type = type;
73         rta->rta_len = len;
74         memcpy(RTA_DATA(rta), &data, 4);
75         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
76
77         return 0;
78 }
79
80 static int addattr_l(struct nlmsghdr *n, int maxlen, int type,
81                         const void *data, int alen)
82 {
83         int len = RTA_LENGTH(alen);
84         struct rtattr *rta;
85
86         if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) >
87                                         (unsigned int)maxlen) {
88                 DBG("addattr_l message exceeded bound of %d", maxlen);
89                 return -1;
90         }
91         rta = NLMSG_TAIL(n);
92         rta->rta_type = type;
93         rta->rta_len = len;
94         memcpy(RTA_DATA(rta), data, alen);
95         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
96
97         return 0;
98 }
99
100 static void rtnl_close(struct rtnl_handle *rth)
101 {
102         if (rth->fd >= 0) {
103                 close(rth->fd);
104                 rth->fd = -1;
105         }
106 }
107
108 static int rtnl_open(struct rtnl_handle *rth)
109 {
110         socklen_t addr_len;
111         int sndbuf = 1024;
112
113         memset(rth, 0, sizeof(*rth));
114
115         rth->fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
116         if (rth->fd < 0) {
117                 connman_error("Can not open netlink socket: %s",
118                                                 strerror(errno));
119                 return -1;
120         }
121
122         if (setsockopt(rth->fd, SOL_SOCKET, SO_SNDBUF, &sndbuf,
123                         sizeof(sndbuf)) < 0) {
124                 connman_error("SO_SNDBUF: %s", strerror(errno));
125                 return -1;
126         }
127
128         memset(&rth->local, 0, sizeof(rth->local));
129         rth->local.nl_family = AF_NETLINK;
130         rth->local.nl_groups = 0;
131
132         if (bind(rth->fd, (struct sockaddr *)&rth->local,
133                         sizeof(rth->local)) < 0) {
134                 connman_error("Can not bind netlink socket: %s",
135                                                         strerror(errno));
136                 return -1;
137         }
138         addr_len = sizeof(rth->local);
139         if (getsockname(rth->fd, (struct sockaddr *)&rth->local,
140                                 &addr_len) < 0) {
141                 connman_error("Can not getsockname: %s", strerror(errno));
142                 return -1;
143         }
144         if (addr_len != sizeof(rth->local)) {
145                 connman_error("Wrong address length %d", addr_len);
146                 return -1;
147         }
148         if (rth->local.nl_family != AF_NETLINK) {
149                 connman_error("Wrong address family %d", rth->local.nl_family);
150                 return -1;
151         }
152         rth->seq = time(NULL);
153
154         return 0;
155 }
156
157 static int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n)
158 {
159         struct sockaddr_nl nladdr;
160         struct iovec iov = {
161                 .iov_base = (void *)n,
162                 .iov_len = n->nlmsg_len
163         };
164         struct msghdr msg = {
165                 .msg_name = &nladdr,
166                 .msg_namelen = sizeof(nladdr),
167                 .msg_iov = &iov,
168                 .msg_iovlen = 1,
169         };
170         unsigned seq;
171         int err;
172
173         memset(&nladdr, 0, sizeof(nladdr));
174         nladdr.nl_family = AF_NETLINK;
175
176         n->nlmsg_seq = seq = ++rtnl->seq;
177         n->nlmsg_flags |= NLM_F_ACK;
178
179         err = sendmsg(rtnl->fd, &msg, 0);
180         if (err < 0) {
181                 connman_error("Can not talk to rtnetlink");
182                 return err;
183         }
184
185         return 0;
186 }
187
188 static int tunnel_create(struct in_addr *addr)
189 {
190         struct ip_tunnel_parm p;
191         struct ifreq ifr;
192         int fd = -1;
193         int ret;
194
195         /* ip tunnel add tun6to4 mode sit remote any local 1.2.3.4 ttl 64 */
196
197         memset(&p, 0, sizeof(struct ip_tunnel_parm));
198         memset(&ifr, 0, sizeof(struct ifreq));
199
200         p.iph.version = 4;
201         p.iph.ihl = 5;
202         p.iph.frag_off = htons(IP_DF);
203         p.iph.protocol = IPPROTO_IPV6;
204         p.iph.saddr = addr->s_addr;
205         p.iph.ttl = 64;
206         strncpy(p.name, "tun6to4", IFNAMSIZ);
207
208         strncpy(ifr.ifr_name, "sit0", IFNAMSIZ);
209         ifr.ifr_ifru.ifru_data = (void *)&p;
210         fd = socket(AF_INET, SOCK_DGRAM, 0);
211         ret = ioctl(fd, SIOCADDTUNNEL, &ifr);
212         if (ret)
213                 connman_error("add tunnel %s failed: %s", ifr.ifr_name,
214                                                         strerror(errno));
215         close(fd);
216
217         return ret;
218 }
219
220 static void tunnel_destroy()
221 {
222         struct ip_tunnel_parm p;
223         struct ifreq ifr;
224         int fd = -1;
225         int ret;
226
227         if (tunnel_created == 0)
228                 return;
229
230         /* ip tunnel del tun6to4 */
231
232         memset(&p, 0, sizeof(struct ip_tunnel_parm));
233         memset(&ifr, 0, sizeof(struct ifreq));
234
235         p.iph.version = 4;
236         p.iph.ihl = 5;
237         p.iph.protocol = IPPROTO_IPV6;
238         strncpy(p.name, "tun6to4", IFNAMSIZ);
239
240         strncpy(ifr.ifr_name, "tun6to4", IFNAMSIZ);
241         ifr.ifr_ifru.ifru_data = (void *)&p;
242         fd = socket(AF_INET, SOCK_DGRAM, 0);
243         if (fd < 0) {
244                 connman_error("socket failed: %s", strerror(errno));
245                 return;
246         }
247
248         ret = ioctl(fd, SIOCDELTUNNEL, &ifr);
249         if (ret)
250                 connman_error("del tunnel %s failed: %s", ifr.ifr_name,
251                                                         strerror(errno));
252         else
253                 tunnel_created = 0;
254
255         tunnel_pending = 0;
256         close(fd);
257
258         g_free(tunnel_ip_address);
259         tunnel_ip_address = NULL;
260 }
261
262 static int tunnel_add_route()
263 {
264         struct rtnl_handle rth;
265         struct in6_addr addr6;
266         int index;
267         int ret = 0;
268
269         struct {
270                 struct nlmsghdr n;
271                 struct rtmsg    r;
272                 char            buf[1024];
273         } req;
274
275         /* ip -6 route add ::/0 via ::192.88.99.1 dev tun6to4 metric 1 */
276
277         index = if_nametoindex("tun6to4");
278         if (index == 0) {
279                 DBG("Can not find device tun6to4");
280                 return -1;
281         }
282
283         memset(&req, 0, sizeof(req));
284
285         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
286         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
287         req.n.nlmsg_type = RTM_NEWROUTE;
288         req.r.rtm_family = AF_INET6;
289         req.r.rtm_table = RT_TABLE_MAIN;
290         req.r.rtm_protocol = RTPROT_BOOT;
291         req.r.rtm_scope = RT_SCOPE_UNIVERSE;
292         req.r.rtm_type = RTN_UNICAST;
293         req.r.rtm_dst_len = 0;
294
295         inet_pton(AF_INET6, "::192.88.99.1", &addr6);
296
297         addattr_l(&req.n, sizeof(req), RTA_GATEWAY, &addr6.s6_addr, 16);
298         addattr32(&req.n, sizeof(req), RTA_OIF, index);
299         addattr32(&req.n, sizeof(req), RTA_PRIORITY, 1);
300
301         ret = rtnl_open(&rth);
302         if (ret < 0)
303                 goto done;
304
305         ret = rtnl_talk(&rth, &req.n);
306
307 done:
308         rtnl_close(&rth);
309         return ret;
310 }
311
312 static int tunnel_set_addr(unsigned int a, unsigned int b,
313                         unsigned int c, unsigned int d)
314 {
315         struct rtnl_handle rth;
316         struct in6_addr addr6;
317         char *ip6addr;
318         int ret;
319
320         struct {
321                 struct nlmsghdr n;
322                 struct ifaddrmsg ifa;
323                 char buf[256];
324         } req;
325
326         /* ip -6 addr add dev tun6to4 2002:0102:0304::1/64 */
327
328         memset(&req, 0, sizeof(req));
329
330         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
331         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
332         req.n.nlmsg_type = RTM_NEWADDR;
333         req.ifa.ifa_family = AF_INET6;
334         req.ifa.ifa_prefixlen = 64;
335         req.ifa.ifa_index = if_nametoindex("tun6to4");
336         if (req.ifa.ifa_index == 0) {
337                 connman_error("Can not find device tun6to4");
338                 ret = -1;
339                 goto done;
340         }
341
342         ip6addr = g_strdup_printf("2002:%02x%02x:%02x%02x::1", a, b, c, d);
343         inet_pton(AF_INET6, ip6addr, &addr6);
344         DBG("ipv6 address %s", ip6addr);
345         g_free(ip6addr);
346
347         addattr_l(&req.n, sizeof(req), IFA_LOCAL, &addr6.s6_addr, 16);
348         addattr_l(&req.n, sizeof(req), IFA_ADDRESS, &addr6.s6_addr, 16);
349
350         ret = rtnl_open(&rth);
351         if (ret < 0)
352                 goto done;
353
354         ret = rtnl_talk(&rth, &req.n);
355
356 done:
357         rtnl_close(&rth);
358         return ret;
359 }
360
361 static int init_6to4(struct in_addr *ip4addr)
362 {
363         unsigned int a, b, c, d;
364         in_addr_t addr;
365         int ret;
366
367         DBG("");
368
369         addr = ntohl(ip4addr->s_addr);
370
371         a = (addr & 0xff000000) >> 24;
372         b = (addr & 0x00ff0000) >> 16;
373         c = (addr & 0x0000ff00) >> 8;
374         d = addr & 0x000000ff;
375
376         ret = tunnel_create(ip4addr);
377         if (ret)
378                 return -1;
379
380         tunnel_created = 1;
381
382         ret = connman_inet_setup_tunnel("tun6to4", 1472);
383         if (ret)
384                 goto error;
385
386         ret = tunnel_set_addr(a, b, c, d);
387         if (ret)
388                 goto error;
389
390         ret = tunnel_add_route();
391         if (ret)
392                 goto error;
393
394         tunnel_pending = 0;
395         return 0;
396
397 error:
398         tunnel_destroy();
399         return -1;
400 }
401
402 static void receive_rs_reply(struct nd_router_advert *reply, void *user_data)
403 {
404         char *address = user_data;
405         struct in_addr ip4addr;
406
407         DBG("reply %p address %s", reply, address);
408
409         /* We try to create tunnel if autoconfiguration did not work i.e.,
410          * we did not receive any reply to router solicitation message.
411          */
412         if (reply == NULL && inet_aton(address, &ip4addr) != 0)
413                 init_6to4(&ip4addr);
414
415         g_free(address);
416 }
417
418 int __connman_6to4_probe(struct connman_service *service)
419 {
420         struct connman_ipconfig *ip4config, *ip6config;
421         enum connman_ipconfig_method method;
422         unsigned int a, b, c, d;
423         struct in_addr ip4addr;
424         in_addr_t addr;
425         const char *address;
426         char *ip_address;
427         int index;
428
429         DBG("service %p", service);
430
431         if (tunnel_created || tunnel_pending)
432                 return 0;
433
434         if (service == NULL)
435                 return -1;
436
437         ip4config = __connman_service_get_ip4config(service);
438         if (ip4config == NULL)
439                 return -1;
440
441         ip6config = __connman_service_get_ip6config(service);
442         if (ip6config == NULL)
443                 return -1;
444
445         method = __connman_ipconfig_get_method(ip6config);
446         if (method != CONNMAN_IPCONFIG_METHOD_AUTO)
447                 return -1;
448
449         address = __connman_ipconfig_get_local(ip4config);
450         if (address == NULL)
451                 return -1;
452
453         if (inet_aton(address, &ip4addr) == 0)
454                 return -1;
455
456         addr = ntohl(ip4addr.s_addr);
457
458         a = (addr & 0xff000000) >> 24;
459         b = (addr & 0x00ff0000) >> 16;
460         c = (addr & 0x0000ff00) >> 8;
461         d = addr & 0x000000ff;
462
463         /* 6to4 tunnel is only usable if we have a public IPv4 address */
464         if (a == 10 || (a == 192 && b == 168) ||
465                                         (a == 172 && (b >= 16 && b <= 31)))
466                 return -1;
467
468         index = connman_ipconfig_get_index(ip4config);
469         ip_address = g_strdup(address);
470         tunnel_pending = 1;
471
472         g_free(tunnel_ip_address);
473         tunnel_ip_address = g_strdup(address);
474
475         return __connman_inet_ipv6_send_rs(index, 2, receive_rs_reply,
476                                                         ip_address);
477 }
478
479 void __connman_6to4_remove(struct connman_ipconfig *ip4config)
480 {
481         const char *address;
482
483         DBG("tunnel ip address %s", tunnel_ip_address);
484
485         if (ip4config == NULL)
486                 return;
487
488         address = __connman_ipconfig_get_local(ip4config);
489         if (address == NULL)
490                 return;
491
492         if (g_strcmp0(address, tunnel_ip_address) != 0)
493                 return;
494
495         if (tunnel_created)
496                 tunnel_destroy();
497 }