src/6to4.c

   1 /*
   2  *
   3  *  Connection Manager
   4  *
   5  *  Copyright (C) 2011  Nokia Corporation. All rights reserved.
   6  *  Copyright (C) Alexey Kuznetsov et al. from iproute2 package.
   7  *
   8  *  This program is free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License version 2 as
  10  *  published by the Free Software Foundation.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License
  18  *  along with this program; if not, write to the Free Software
  19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20  *
  21  */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include <config.h>
  25 #endif
  26
  27 #include <stdio.h>
  28 #include <string.h>
  29 #include <sys/socket.h>
  30 #include <netinet/in.h>
  31 #include <arpa/inet.h>
  32 #include <net/if.h>
  33 #include <linux/ip.h>
  34 #include <linux/if_tunnel.h>
  35 #include <linux/netlink.h>
  36 #include <linux/rtnetlink.h>
  37 #include <sys/ioctl.h>
  38 #include <unistd.h>
  39
  40 #include "connman.h"
  41 #include <connman/log.h>
  42 #include <connman/ipconfig.h>
  43 #include "gweb/gweb.h"
  44
  45 static int tunnel_created;
  46 static int tunnel_pending;
  47 static char *tunnel_ip_address;
  48 static GWeb *web;
  49 static guint web_request_id;
  50
  51 #define STATUS_URL "http://ipv6.google.com/"
  52
  53 #define NLMSG_TAIL(nmsg) \
  54         ((struct rtattr *) (((void *)(nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
  55
  56 #ifndef IP_DF
  57 #define IP_DF           0x4000          /* Flag: "Don't Fragment"       */
  58 #endif
  59
  60 struct rtnl_handle {
  61         int                     fd;
  62         struct sockaddr_nl      local;
  63         struct sockaddr_nl      peer;
  64         __u32                   seq;
  65         __u32                   dump;
  66 };
  67
  68 static int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
  69 {
  70         int len = RTA_LENGTH(4);
  71         struct rtattr *rta;
  72         if (NLMSG_ALIGN(n->nlmsg_len) + len > (unsigned int)maxlen) {
  73                 DBG("Error! max allowed bound %d exceeded", maxlen);
  74                 return -1;
  75         }
  76         rta = NLMSG_TAIL(n);
  77         rta->rta_type = type;
  78         rta->rta_len = len;
  79         memcpy(RTA_DATA(rta), &data, 4);
  80         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
  81
  82         return 0;
  83 }
  84
  85 static int addattr_l(struct nlmsghdr *n, int maxlen, int type,
  86                         const void *data, int alen)
  87 {
  88         int len = RTA_LENGTH(alen);
  89         struct rtattr *rta;
  90
  91         if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) >
  92                                         (unsigned int)maxlen) {
  93                 DBG("addattr_l message exceeded bound of %d", maxlen);
  94                 return -1;
  95         }
  96         rta = NLMSG_TAIL(n);
  97         rta->rta_type = type;
  98         rta->rta_len = len;
  99         memcpy(RTA_DATA(rta), data, alen);
 100         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
 101
 102         return 0;
 103 }
 104
 105 static void rtnl_close(struct rtnl_handle *rth)
 106 {
 107         if (rth->fd >= 0) {
 108                 close(rth->fd);
 109                 rth->fd = -1;
 110         }
 111 }
 112
 113 static int rtnl_open(struct rtnl_handle *rth)
 114 {
 115         socklen_t addr_len;
 116         int sndbuf = 1024;
 117
 118         memset(rth, 0, sizeof(*rth));
 119
 120         rth->fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
 121         if (rth->fd < 0) {
 122                 connman_error("Can not open netlink socket: %s",
 123                                                 strerror(errno));
 124                 return -1;
 125         }
 126
 127         if (setsockopt(rth->fd, SOL_SOCKET, SO_SNDBUF, &sndbuf,
 128                         sizeof(sndbuf)) < 0) {
 129                 connman_error("SO_SNDBUF: %s", strerror(errno));
 130                 return -1;
 131         }
 132
 133         memset(&rth->local, 0, sizeof(rth->local));
 134         rth->local.nl_family = AF_NETLINK;
 135         rth->local.nl_groups = 0;
 136
 137         if (bind(rth->fd, (struct sockaddr *)&rth->local,
 138                         sizeof(rth->local)) < 0) {
 139                 connman_error("Can not bind netlink socket: %s",
 140                                                         strerror(errno));
 141                 return -1;
 142         }
 143         addr_len = sizeof(rth->local);
 144         if (getsockname(rth->fd, (struct sockaddr *)&rth->local,
 145                                 &addr_len) < 0) {
 146                 connman_error("Can not getsockname: %s", strerror(errno));
 147                 return -1;
 148         }
 149         if (addr_len != sizeof(rth->local)) {
 150                 connman_error("Wrong address length %d", addr_len);
 151                 return -1;
 152         }
 153         if (rth->local.nl_family != AF_NETLINK) {
 154                 connman_error("Wrong address family %d", rth->local.nl_family);
 155                 return -1;
 156         }
 157         rth->seq = time(NULL);
 158
 159         return 0;
 160 }
 161
 162 static int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n)
 163 {
 164         struct sockaddr_nl nladdr;
 165         struct iovec iov = {
 166                 .iov_base = (void *)n,
 167                 .iov_len = n->nlmsg_len
 168         };
 169         struct msghdr msg = {
 170                 .msg_name = &nladdr,
 171                 .msg_namelen = sizeof(nladdr),
 172                 .msg_iov = &iov,
 173                 .msg_iovlen = 1,
 174         };
 175         unsigned seq;
 176         int err;
 177
 178         memset(&nladdr, 0, sizeof(nladdr));
 179         nladdr.nl_family = AF_NETLINK;
 180
 181         n->nlmsg_seq = seq = ++rtnl->seq;
 182         n->nlmsg_flags |= NLM_F_ACK;
 183
 184         err = sendmsg(rtnl->fd, &msg, 0);
 185         if (err < 0) {
 186                 connman_error("Can not talk to rtnetlink");
 187                 return err;
 188         }
 189
 190         return 0;
 191 }
 192
 193 static int tunnel_create(struct in_addr *addr)
 194 {
 195         struct ip_tunnel_parm p;
 196         struct ifreq ifr;
 197         int fd = -1;
 198         int ret;
 199
 200         /* ip tunnel add tun6to4 mode sit remote any local 1.2.3.4 ttl 64 */
 201
 202         memset(&p, 0, sizeof(struct ip_tunnel_parm));
 203         memset(&ifr, 0, sizeof(struct ifreq));
 204
 205         p.iph.version = 4;
 206         p.iph.ihl = 5;
 207         p.iph.frag_off = htons(IP_DF);
 208         p.iph.protocol = IPPROTO_IPV6;
 209         p.iph.saddr = addr->s_addr;
 210         p.iph.ttl = 64;
 211         strncpy(p.name, "tun6to4", IFNAMSIZ);
 212
 213         strncpy(ifr.ifr_name, "sit0", IFNAMSIZ);
 214         ifr.ifr_ifru.ifru_data = (void *)&p;
 215         fd = socket(AF_INET, SOCK_DGRAM, 0);
 216         ret = ioctl(fd, SIOCADDTUNNEL, &ifr);
 217         if (ret)
 218                 connman_error("add tunnel %s failed: %s", ifr.ifr_name,
 219                                                         strerror(errno));
 220         close(fd);
 221
 222         return ret;
 223 }
 224
 225 static void tunnel_destroy()
 226 {
 227         struct ip_tunnel_parm p;
 228         struct ifreq ifr;
 229         int fd = -1;
 230         int ret;
 231
 232         if (tunnel_created == 0)
 233                 return;
 234
 235         /* ip tunnel del tun6to4 */
 236
 237         memset(&p, 0, sizeof(struct ip_tunnel_parm));
 238         memset(&ifr, 0, sizeof(struct ifreq));
 239
 240         p.iph.version = 4;
 241         p.iph.ihl = 5;
 242         p.iph.protocol = IPPROTO_IPV6;
 243         strncpy(p.name, "tun6to4", IFNAMSIZ);
 244
 245         strncpy(ifr.ifr_name, "tun6to4", IFNAMSIZ);
 246         ifr.ifr_ifru.ifru_data = (void *)&p;
 247         fd = socket(AF_INET, SOCK_DGRAM, 0);
 248         if (fd < 0) {
 249                 connman_error("socket failed: %s", strerror(errno));
 250                 return;
 251         }
 252
 253         ret = ioctl(fd, SIOCDELTUNNEL, &ifr);
 254         if (ret)
 255                 connman_error("del tunnel %s failed: %s", ifr.ifr_name,
 256                                                         strerror(errno));
 257         else
 258                 tunnel_created = 0;
 259
 260         tunnel_pending = 0;
 261         close(fd);
 262
 263         g_free(tunnel_ip_address);
 264         tunnel_ip_address = NULL;
 265 }
 266
 267 static int tunnel_add_route()
 268 {
 269         struct rtnl_handle rth;
 270         struct in6_addr addr6;
 271         int index;
 272         int ret = 0;
 273
 274         struct {
 275                 struct nlmsghdr n;
 276                 struct rtmsg    r;
 277                 char            buf[1024];
 278         } req;
 279
 280         /* ip -6 route add ::/0 via ::192.88.99.1 dev tun6to4 metric 1 */
 281
 282         index = if_nametoindex("tun6to4");
 283         if (index == 0) {
 284                 DBG("Can not find device tun6to4");
 285                 return -1;
 286         }
 287
 288         memset(&req, 0, sizeof(req));
 289
 290         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
 291         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 292         req.n.nlmsg_type = RTM_NEWROUTE;
 293         req.r.rtm_family = AF_INET6;
 294         req.r.rtm_table = RT_TABLE_MAIN;
 295         req.r.rtm_protocol = RTPROT_BOOT;
 296         req.r.rtm_scope = RT_SCOPE_UNIVERSE;
 297         req.r.rtm_type = RTN_UNICAST;
 298         req.r.rtm_dst_len = 0;
 299
 300         inet_pton(AF_INET6, "::192.88.99.1", &addr6);
 301
 302         addattr_l(&req.n, sizeof(req), RTA_GATEWAY, &addr6.s6_addr, 16);
 303         addattr32(&req.n, sizeof(req), RTA_OIF, index);
 304         addattr32(&req.n, sizeof(req), RTA_PRIORITY, 1);
 305
 306         ret = rtnl_open(&rth);
 307         if (ret < 0)
 308                 goto done;
 309
 310         ret = rtnl_talk(&rth, &req.n);
 311
 312 done:
 313         rtnl_close(&rth);
 314         return ret;
 315 }
 316
 317 static int tunnel_set_addr(unsigned int a, unsigned int b,
 318                         unsigned int c, unsigned int d)
 319 {
 320         struct rtnl_handle rth;
 321         struct in6_addr addr6;
 322         char *ip6addr;
 323         int ret;
 324
 325         struct {
 326                 struct nlmsghdr n;
 327                 struct ifaddrmsg ifa;
 328                 char buf[256];
 329         } req;
 330
 331         /* ip -6 addr add dev tun6to4 2002:0102:0304::1/64 */
 332
 333         memset(&req, 0, sizeof(req));
 334
 335         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
 336         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 337         req.n.nlmsg_type = RTM_NEWADDR;
 338         req.ifa.ifa_family = AF_INET6;
 339         req.ifa.ifa_prefixlen = 64;
 340         req.ifa.ifa_index = if_nametoindex("tun6to4");
 341         if (req.ifa.ifa_index == 0) {
 342                 connman_error("Can not find device tun6to4");
 343                 ret = -1;
 344                 goto done;
 345         }
 346
 347         ip6addr = g_strdup_printf("2002:%02x%02x:%02x%02x::1", a, b, c, d);
 348         inet_pton(AF_INET6, ip6addr, &addr6);
 349         DBG("ipv6 address %s", ip6addr);
 350         g_free(ip6addr);
 351
 352         addattr_l(&req.n, sizeof(req), IFA_LOCAL, &addr6.s6_addr, 16);
 353         addattr_l(&req.n, sizeof(req), IFA_ADDRESS, &addr6.s6_addr, 16);
 354
 355         ret = rtnl_open(&rth);
 356         if (ret < 0)
 357                 goto done;
 358
 359         ret = rtnl_talk(&rth, &req.n);
 360
 361 done:
 362         rtnl_close(&rth);
 363         return ret;
 364 }
 365
 366 static gboolean unref_web(gpointer user_data)
 367 {
 368         g_web_unref(web);
 369         return FALSE;
 370 }
 371
 372 static gboolean web_result(GWebResult *result, gpointer user_data)
 373 {
 374         guint16 status;
 375
 376         if (web_request_id == 0)
 377                 return FALSE;
 378
 379         status = g_web_result_get_status(result);
 380
 381         DBG("status %u", status);
 382
 383         if (status >= 400 && status < 500)
 384                 tunnel_destroy();
 385         else
 386                 tunnel_pending = 0;
 387
 388         web_request_id = 0;
 389
 390         g_timeout_add_seconds(1, unref_web, NULL);
 391
 392         return FALSE;
 393 }
 394
 395 static int init_6to4(struct in_addr *ip4addr)
 396 {
 397         unsigned int a, b, c, d;
 398         in_addr_t addr;
 399         int ret;
 400
 401         DBG("");
 402
 403         addr = ntohl(ip4addr->s_addr);
 404
 405         a = (addr & 0xff000000) >> 24;
 406         b = (addr & 0x00ff0000) >> 16;
 407         c = (addr & 0x0000ff00) >> 8;
 408         d = addr & 0x000000ff;
 409
 410         ret = tunnel_create(ip4addr);
 411         if (ret)
 412                 return -1;
 413
 414         tunnel_created = 1;
 415
 416         ret = connman_inet_setup_tunnel("tun6to4", 1472);
 417         if (ret)
 418                 goto error;
 419
 420         ret = tunnel_set_addr(a, b, c, d);
 421         if (ret)
 422                 goto error;
 423
 424         ret = tunnel_add_route();
 425         if (ret)
 426                 goto error;
 427
 428         /* We try to verify that connectivity through tunnel works ok.
 429          */
 430         web = g_web_new(0);
 431         if (web == NULL)
 432                 goto error;
 433
 434         g_web_set_accept(web, NULL);
 435         g_web_set_user_agent(web, "ConnMan/%s", VERSION);
 436         g_web_set_close_connection(web, TRUE);
 437
 438         web_request_id = g_web_request_get(web, STATUS_URL, web_result, NULL);
 439
 440         return 0;
 441
 442 error:
 443         tunnel_destroy();
 444         return -1;
 445 }
 446
 447 static void receive_rs_reply(struct nd_router_advert *reply, void *user_data)
 448 {
 449         char *address = user_data;
 450         struct in_addr ip4addr;
 451
 452         DBG("reply %p address %s", reply, address);
 453
 454         /* We try to create tunnel if autoconfiguration did not work i.e.,
 455          * we did not receive any reply to router solicitation message.
 456          */
 457         if (reply == NULL && inet_aton(address, &ip4addr) != 0)
 458                 init_6to4(&ip4addr);
 459
 460         g_free(address);
 461 }
 462
 463 int __connman_6to4_probe(struct connman_service *service)
 464 {
 465         struct connman_ipconfig *ip4config, *ip6config;
 466         enum connman_ipconfig_method method;
 467         unsigned int a, b, c, d;
 468         struct in_addr ip4addr;
 469         in_addr_t addr;
 470         const char *address;
 471         char *ip_address;
 472         int index;
 473
 474         DBG("service %p", service);
 475
 476         if (tunnel_created || tunnel_pending)
 477                 return 0;
 478
 479         if (service == NULL)
 480                 return -1;
 481
 482         ip4config = __connman_service_get_ip4config(service);
 483         if (ip4config == NULL)
 484                 return -1;
 485
 486         ip6config = __connman_service_get_ip6config(service);
 487         if (ip6config == NULL)
 488                 return -1;
 489
 490         method = __connman_ipconfig_get_method(ip6config);
 491         if (method != CONNMAN_IPCONFIG_METHOD_AUTO)
 492                 return -1;
 493
 494         address = __connman_ipconfig_get_local(ip4config);
 495         if (address == NULL)
 496                 return -1;
 497
 498         if (inet_aton(address, &ip4addr) == 0)
 499                 return -1;
 500
 501         addr = ntohl(ip4addr.s_addr);
 502
 503         a = (addr & 0xff000000) >> 24;
 504         b = (addr & 0x00ff0000) >> 16;
 505         c = (addr & 0x0000ff00) >> 8;
 506         d = addr & 0x000000ff;
 507
 508         /* 6to4 tunnel is only usable if we have a public IPv4 address */
 509         if (a == 10 || (a == 192 && b == 168) ||
 510                                         (a == 172 && (b >= 16 && b <= 31)))
 511                 return -1;
 512
 513         index = connman_ipconfig_get_index(ip4config);
 514         ip_address = g_strdup(address);
 515         tunnel_pending = 1;
 516
 517         g_free(tunnel_ip_address);
 518         tunnel_ip_address = g_strdup(address);
 519
 520         return __connman_inet_ipv6_send_rs(index, 2, receive_rs_reply,
 521                                                         ip_address);
 522 }
 523
 524 void __connman_6to4_remove(struct connman_ipconfig *ip4config)
 525 {
 526         const char *address;
 527
 528         DBG("tunnel ip address %s", tunnel_ip_address);
 529
 530         if (ip4config == NULL)
 531                 return;
 532
 533         address = __connman_ipconfig_get_local(ip4config);
 534         if (address == NULL)
 535                 return;
 536
 537         if (g_strcmp0(address, tunnel_ip_address) != 0)
 538                 return;
 539
 540         if (tunnel_created)
 541                 tunnel_destroy();
 542 }
 543
 544 int __connman_6to4_check(struct connman_ipconfig *ip4config)
 545 {
 546         const char *address;
 547
 548         if (ip4config == NULL || tunnel_created == 0 ||
 549                                         tunnel_pending == 1)
 550                 return -1;
 551
 552         DBG("tunnel ip address %s", tunnel_ip_address);
 553
 554         address = __connman_ipconfig_get_local(ip4config);
 555         if (address == NULL)
 556                 return -1;
 557
 558         if (g_strcmp0(address, tunnel_ip_address) == 0)
 559                 return 1;
 560
 561         return 0;
 562 }