src/6to4.c

   1 /*
   2  *
   3  *  Connection Manager
   4  *
   5  *  Copyright (C) 2011  Nokia Corporation. All rights reserved.
   6  *  Copyright (C) Alexey Kuznetsov et al. from iproute2 package.
   7  *
   8  *  This program is free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License version 2 as
  10  *  published by the Free Software Foundation.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License
  18  *  along with this program; if not, write to the Free Software
  19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20  *
  21  */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include <config.h>
  25 #endif
  26
  27 #include <errno.h>
  28 #include <stdio.h>
  29 #include <stdlib.h>
  30 #include <string.h>
  31 #include <sys/socket.h>
  32 #include <netinet/in.h>
  33 #include <arpa/inet.h>
  34 #include <net/if.h>
  35 #include <linux/ip.h>
  36 #include <linux/if_tunnel.h>
  37 #include <linux/netlink.h>
  38 #include <linux/rtnetlink.h>
  39 #include <sys/ioctl.h>
  40 #include <unistd.h>
  41
  42 #include "connman.h"
  43 #include <connman/log.h>
  44 #include <connman/ipconfig.h>
  45 #include "gweb/gweb.h"
  46
  47 static int tunnel_created;
  48 static int tunnel_pending;
  49 static char *tunnel_ip_address;
  50 static GWeb *web;
  51 static guint web_request_id;
  52
  53 #define STATUS_URL "http://ipv6.connman.net/online/status.html"
  54
  55 #ifndef IP_DF
  56 #define IP_DF           0x4000          /* Flag: "Don't Fragment"       */
  57 #endif
  58
  59 static int tunnel_create(struct in_addr *addr)
  60 {
  61         struct ip_tunnel_parm p;
  62         struct ifreq ifr;
  63         int fd = -1;
  64         int ret;
  65
  66         /* ip tunnel add tun6to4 mode sit remote any local 1.2.3.4 ttl 64 */
  67
  68         memset(&p, 0, sizeof(struct ip_tunnel_parm));
  69         memset(&ifr, 0, sizeof(struct ifreq));
  70
  71         p.iph.version = 4;
  72         p.iph.ihl = 5;
  73         p.iph.frag_off = htons(IP_DF);
  74         p.iph.protocol = IPPROTO_IPV6;
  75         p.iph.saddr = addr->s_addr;
  76         p.iph.ttl = 64;
  77         strncpy(p.name, "tun6to4", IFNAMSIZ);
  78
  79         strncpy(ifr.ifr_name, "sit0", IFNAMSIZ);
  80         ifr.ifr_ifru.ifru_data = (void *)&p;
  81         fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
  82         ret = ioctl(fd, SIOCADDTUNNEL, &ifr);
  83         if (ret)
  84                 connman_error("add tunnel %s failed: %s", ifr.ifr_name,
  85                                                         strerror(errno));
  86         close(fd);
  87
  88         return ret;
  89 }
  90
  91 static void tunnel_destroy()
  92 {
  93         struct ip_tunnel_parm p;
  94         struct ifreq ifr;
  95         int fd = -1;
  96         int ret;
  97
  98         if (tunnel_created == 0)
  99                 return;
 100
 101         /* ip tunnel del tun6to4 */
 102
 103         memset(&p, 0, sizeof(struct ip_tunnel_parm));
 104         memset(&ifr, 0, sizeof(struct ifreq));
 105
 106         p.iph.version = 4;
 107         p.iph.ihl = 5;
 108         p.iph.protocol = IPPROTO_IPV6;
 109         strncpy(p.name, "tun6to4", IFNAMSIZ);
 110
 111         strncpy(ifr.ifr_name, "tun6to4", IFNAMSIZ);
 112         ifr.ifr_ifru.ifru_data = (void *)&p;
 113         fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
 114         if (fd < 0) {
 115                 connman_error("socket failed: %s", strerror(errno));
 116                 return;
 117         }
 118
 119         ret = ioctl(fd, SIOCDELTUNNEL, &ifr);
 120         if (ret)
 121                 connman_error("del tunnel %s failed: %s", ifr.ifr_name,
 122                                                         strerror(errno));
 123         else
 124                 tunnel_created = 0;
 125
 126         tunnel_pending = 0;
 127         close(fd);
 128
 129         g_free(tunnel_ip_address);
 130         tunnel_ip_address = NULL;
 131 }
 132
 133 static int tunnel_add_route()
 134 {
 135         struct __connman_inet_rtnl_handle rth;
 136         struct in6_addr addr6;
 137         int index;
 138         int ret = 0;
 139
 140         /* ip -6 route add ::/0 via ::192.88.99.1 dev tun6to4 metric 1 */
 141
 142         index = if_nametoindex("tun6to4");
 143         if (index == 0) {
 144                 DBG("Can not find device tun6to4");
 145                 return -1;
 146         }
 147
 148         memset(&rth, 0, sizeof(rth));
 149
 150         rth.req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
 151         rth.req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 152         rth.req.n.nlmsg_type = RTM_NEWROUTE;
 153         rth.req.u.r.rt.rtm_family = AF_INET6;
 154         rth.req.u.r.rt.rtm_table = RT_TABLE_MAIN;
 155         rth.req.u.r.rt.rtm_protocol = RTPROT_BOOT;
 156         rth.req.u.r.rt.rtm_scope = RT_SCOPE_UNIVERSE;
 157         rth.req.u.r.rt.rtm_type = RTN_UNICAST;
 158         rth.req.u.r.rt.rtm_dst_len = 0;
 159
 160         inet_pton(AF_INET6, "::192.88.99.1", &addr6);
 161
 162         __connman_inet_rtnl_addattr_l(&rth.req.n, sizeof(rth.req), RTA_GATEWAY,
 163                                         &addr6.s6_addr, 16);
 164         __connman_inet_rtnl_addattr32(&rth.req.n, sizeof(rth.req), RTA_OIF,
 165                                         index);
 166         __connman_inet_rtnl_addattr32(&rth.req.n, sizeof(rth.req),
 167                                         RTA_PRIORITY, 1);
 168
 169         ret = __connman_inet_rtnl_open(&rth);
 170         if (ret < 0)
 171                 goto done;
 172
 173         ret = __connman_inet_rtnl_send(&rth, &rth.req.n);
 174
 175 done:
 176         __connman_inet_rtnl_close(&rth);
 177         return ret;
 178 }
 179
 180 static int tunnel_set_addr(unsigned int a, unsigned int b,
 181                         unsigned int c, unsigned int d)
 182 {
 183         struct __connman_inet_rtnl_handle rth;
 184         struct in6_addr addr6;
 185         char *ip6addr;
 186         int ret;
 187
 188         /* ip -6 addr add dev tun6to4 2002:0102:0304::1/64 */
 189
 190         memset(&rth, 0, sizeof(rth));
 191
 192         rth.req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
 193         rth.req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 194         rth.req.n.nlmsg_type = RTM_NEWADDR;
 195         rth.req.u.i.ifa.ifa_family = AF_INET6;
 196         rth.req.u.i.ifa.ifa_prefixlen = 64;
 197         rth.req.u.i.ifa.ifa_index = if_nametoindex("tun6to4");
 198         if (rth.req.u.i.ifa.ifa_index == 0) {
 199                 connman_error("Can not find device tun6to4");
 200                 ret = -1;
 201                 goto done;
 202         }
 203
 204         ip6addr = g_strdup_printf("2002:%02x%02x:%02x%02x::1", a, b, c, d);
 205         inet_pton(AF_INET6, ip6addr, &addr6);
 206         DBG("ipv6 address %s", ip6addr);
 207         g_free(ip6addr);
 208
 209         __connman_inet_rtnl_addattr_l(&rth.req.n, sizeof(rth.req), IFA_LOCAL,
 210                                         &addr6.s6_addr, 16);
 211         __connman_inet_rtnl_addattr_l(&rth.req.n, sizeof(rth.req), IFA_ADDRESS,
 212                                         &addr6.s6_addr, 16);
 213
 214         ret = __connman_inet_rtnl_open(&rth);
 215         if (ret < 0)
 216                 goto done;
 217
 218         ret = __connman_inet_rtnl_send(&rth, &rth.req.n);
 219
 220 done:
 221         __connman_inet_rtnl_close(&rth);
 222         return ret;
 223 }
 224
 225 static gboolean unref_web(gpointer user_data)
 226 {
 227         g_web_unref(web);
 228         return FALSE;
 229 }
 230
 231 static gboolean web_result(GWebResult *result, gpointer user_data)
 232 {
 233         guint16 status;
 234
 235         if (web_request_id == 0)
 236                 return FALSE;
 237
 238         status = g_web_result_get_status(result);
 239
 240         DBG("status %u", status);
 241
 242         if (status >= 400 && status < 500)
 243                 tunnel_destroy();
 244         else
 245                 tunnel_pending = 0;
 246
 247         web_request_id = 0;
 248
 249         g_timeout_add_seconds(1, unref_web, NULL);
 250
 251         return FALSE;
 252 }
 253
 254 static void web_debug(const char *str, void *data)
 255 {
 256         connman_info("%s: %s\n", (const char *) data, str);
 257 }
 258
 259 static int init_6to4(struct in_addr *ip4addr)
 260 {
 261         unsigned int a, b, c, d;
 262         int ret, if_index;
 263         in_addr_t addr;
 264
 265         DBG("");
 266
 267         addr = ntohl(ip4addr->s_addr);
 268
 269         a = (addr & 0xff000000) >> 24;
 270         b = (addr & 0x00ff0000) >> 16;
 271         c = (addr & 0x0000ff00) >> 8;
 272         d = addr & 0x000000ff;
 273
 274         ret = tunnel_create(ip4addr);
 275         if (ret)
 276                 return -1;
 277
 278         tunnel_created = 1;
 279
 280         ret = connman_inet_setup_tunnel("tun6to4", 1472);
 281         if (ret)
 282                 goto error;
 283
 284         ret = tunnel_set_addr(a, b, c, d);
 285         if (ret)
 286                 goto error;
 287
 288         ret = tunnel_add_route();
 289         if (ret)
 290                 goto error;
 291
 292         if_index = connman_inet_ifindex("tun6to4");
 293         if (if_index < 0)
 294                 goto error;
 295
 296         /* We try to verify that connectivity through tunnel works ok.
 297          */
 298         web = g_web_new(if_index);
 299         if (web == NULL)
 300                 goto error;
 301
 302         g_web_set_accept(web, NULL);
 303         g_web_set_user_agent(web, "ConnMan/%s", VERSION);
 304         g_web_set_close_connection(web, TRUE);
 305
 306         if (getenv("CONNMAN_WEB_DEBUG"))
 307                 g_web_set_debug(web, web_debug, "6to4");
 308
 309         web_request_id = g_web_request_get(web, STATUS_URL, web_result, NULL);
 310
 311         return 0;
 312
 313 error:
 314         tunnel_destroy();
 315         return -1;
 316 }
 317
 318 static void receive_rs_reply(struct nd_router_advert *reply,
 319                         unsigned int length, void *user_data)
 320 {
 321         char *address = user_data;
 322         struct in_addr ip4addr;
 323
 324         DBG("reply %p len %d address %s", reply, length, address);
 325
 326         /* We try to create tunnel if autoconfiguration did not work i.e.,
 327          * we did not receive any reply to router solicitation message.
 328          */
 329         if (reply == NULL && inet_aton(address, &ip4addr) != 0)
 330                 init_6to4(&ip4addr);
 331
 332         g_free(address);
 333 }
 334
 335 int __connman_6to4_probe(struct connman_service *service)
 336 {
 337         struct connman_ipconfig *ip4config, *ip6config;
 338         enum connman_ipconfig_method method;
 339         unsigned int a, b;
 340         struct in_addr ip4addr;
 341         in_addr_t addr;
 342         const char *address;
 343         char *ip_address;
 344         int index;
 345
 346         DBG("service %p", service);
 347
 348         if (tunnel_created || tunnel_pending)
 349                 return 0;
 350
 351         if (service == NULL)
 352                 return -1;
 353
 354         ip4config = __connman_service_get_ip4config(service);
 355         if (ip4config == NULL)
 356                 return -1;
 357
 358         ip6config = __connman_service_get_ip6config(service);
 359         if (ip6config == NULL)
 360                 return -1;
 361
 362         method = __connman_ipconfig_get_method(ip6config);
 363         if (method != CONNMAN_IPCONFIG_METHOD_AUTO)
 364                 return -1;
 365
 366         address = __connman_ipconfig_get_local(ip4config);
 367         if (address == NULL)
 368                 return -1;
 369
 370         if (inet_aton(address, &ip4addr) == 0)
 371                 return -1;
 372
 373         addr = ntohl(ip4addr.s_addr);
 374
 375         a = (addr & 0xff000000) >> 24;
 376         b = (addr & 0x00ff0000) >> 16;
 377
 378         /* 6to4 tunnel is only usable if we have a public IPv4 address */
 379         if (a == 10 || (a == 192 && b == 168) ||
 380                                         (a == 172 && (b >= 16 && b <= 31)))
 381                 return -1;
 382
 383         index = __connman_ipconfig_get_index(ip4config);
 384         ip_address = g_strdup(address);
 385         tunnel_pending = 1;
 386
 387         g_free(tunnel_ip_address);
 388         tunnel_ip_address = g_strdup(address);
 389
 390         return __connman_inet_ipv6_send_rs(index, 2, receive_rs_reply,
 391                                                         ip_address);
 392 }
 393
 394 void __connman_6to4_remove(struct connman_ipconfig *ip4config)
 395 {
 396         const char *address;
 397
 398         DBG("tunnel ip address %s", tunnel_ip_address);
 399
 400         if (ip4config == NULL)
 401                 return;
 402
 403         address = __connman_ipconfig_get_local(ip4config);
 404         if (address == NULL)
 405                 return;
 406
 407         if (g_strcmp0(address, tunnel_ip_address) != 0)
 408                 return;
 409
 410         if (tunnel_created)
 411                 tunnel_destroy();
 412 }
 413
 414 int __connman_6to4_check(struct connman_ipconfig *ip4config)
 415 {
 416         const char *address;
 417
 418         if (ip4config == NULL || tunnel_created == 0 ||
 419                                         tunnel_pending == 1)
 420                 return -1;
 421
 422         DBG("tunnel ip address %s", tunnel_ip_address);
 423
 424         address = __connman_ipconfig_get_local(ip4config);
 425         if (address == NULL)
 426                 return -1;
 427
 428         if (g_strcmp0(address, tunnel_ip_address) == 0)
 429                 return 1;
 430
 431         return 0;
 432 }