src/6to4.c

   1 /*
   2  *
   3  *  Connection Manager
   4  *
   5  *  Copyright (C) 2011  Nokia Corporation. All rights reserved.
   6  *  Copyright (C) Alexey Kuznetsov et al. from iproute2 package.
   7  *
   8  *  This program is free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License version 2 as
  10  *  published by the Free Software Foundation.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License
  18  *  along with this program; if not, write to the Free Software
  19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20  *
  21  */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include <config.h>
  25 #endif
  26
  27 #include <errno.h>
  28 #include <stdio.h>
  29 #include <string.h>
  30 #include <sys/socket.h>
  31 #include <netinet/in.h>
  32 #include <arpa/inet.h>
  33 #include <net/if.h>
  34 #include <linux/ip.h>
  35 #include <linux/if_tunnel.h>
  36 #include <linux/netlink.h>
  37 #include <linux/rtnetlink.h>
  38 #include <sys/ioctl.h>
  39 #include <unistd.h>
  40
  41 #include "connman.h"
  42 #include <connman/log.h>
  43 #include <connman/ipconfig.h>
  44 #include "gweb/gweb.h"
  45
  46 static int tunnel_created;
  47 static int tunnel_pending;
  48 static char *tunnel_ip_address;
  49 static GWeb *web;
  50 static guint web_request_id;
  51
  52 #define STATUS_URL "http://ipv6.connman.net/online/status.html"
  53
  54 #define NLMSG_TAIL(nmsg) \
  55         ((struct rtattr *) (((void *)(nmsg)) + NLMSG_ALIGN((nmsg)->nlmsg_len)))
  56
  57 #ifndef IP_DF
  58 #define IP_DF           0x4000          /* Flag: "Don't Fragment"       */
  59 #endif
  60
  61 struct rtnl_handle {
  62         int                     fd;
  63         struct sockaddr_nl      local;
  64         struct sockaddr_nl      peer;
  65         __u32                   seq;
  66         __u32                   dump;
  67 };
  68
  69 static int addattr32(struct nlmsghdr *n, int maxlen, int type, __u32 data)
  70 {
  71         int len = RTA_LENGTH(4);
  72         struct rtattr *rta;
  73         if (NLMSG_ALIGN(n->nlmsg_len) + len > (unsigned int)maxlen) {
  74                 DBG("Error! max allowed bound %d exceeded", maxlen);
  75                 return -1;
  76         }
  77         rta = NLMSG_TAIL(n);
  78         rta->rta_type = type;
  79         rta->rta_len = len;
  80         memcpy(RTA_DATA(rta), &data, 4);
  81         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + len;
  82
  83         return 0;
  84 }
  85
  86 static int addattr_l(struct nlmsghdr *n, int maxlen, int type,
  87                         const void *data, int alen)
  88 {
  89         int len = RTA_LENGTH(alen);
  90         struct rtattr *rta;
  91
  92         if (NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len) >
  93                                         (unsigned int)maxlen) {
  94                 DBG("addattr_l message exceeded bound of %d", maxlen);
  95                 return -1;
  96         }
  97         rta = NLMSG_TAIL(n);
  98         rta->rta_type = type;
  99         rta->rta_len = len;
 100         memcpy(RTA_DATA(rta), data, alen);
 101         n->nlmsg_len = NLMSG_ALIGN(n->nlmsg_len) + RTA_ALIGN(len);
 102
 103         return 0;
 104 }
 105
 106 static void rtnl_close(struct rtnl_handle *rth)
 107 {
 108         if (rth->fd >= 0) {
 109                 close(rth->fd);
 110                 rth->fd = -1;
 111         }
 112 }
 113
 114 static int rtnl_open(struct rtnl_handle *rth)
 115 {
 116         socklen_t addr_len;
 117         int sndbuf = 1024;
 118
 119         memset(rth, 0, sizeof(*rth));
 120
 121         rth->fd = socket(AF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
 122         if (rth->fd < 0) {
 123                 connman_error("Can not open netlink socket: %s",
 124                                                 strerror(errno));
 125                 return -1;
 126         }
 127
 128         if (setsockopt(rth->fd, SOL_SOCKET, SO_SNDBUF, &sndbuf,
 129                         sizeof(sndbuf)) < 0) {
 130                 connman_error("SO_SNDBUF: %s", strerror(errno));
 131                 return -1;
 132         }
 133
 134         memset(&rth->local, 0, sizeof(rth->local));
 135         rth->local.nl_family = AF_NETLINK;
 136         rth->local.nl_groups = 0;
 137
 138         if (bind(rth->fd, (struct sockaddr *)&rth->local,
 139                         sizeof(rth->local)) < 0) {
 140                 connman_error("Can not bind netlink socket: %s",
 141                                                         strerror(errno));
 142                 return -1;
 143         }
 144         addr_len = sizeof(rth->local);
 145         if (getsockname(rth->fd, (struct sockaddr *)&rth->local,
 146                                 &addr_len) < 0) {
 147                 connman_error("Can not getsockname: %s", strerror(errno));
 148                 return -1;
 149         }
 150         if (addr_len != sizeof(rth->local)) {
 151                 connman_error("Wrong address length %d", addr_len);
 152                 return -1;
 153         }
 154         if (rth->local.nl_family != AF_NETLINK) {
 155                 connman_error("Wrong address family %d", rth->local.nl_family);
 156                 return -1;
 157         }
 158         rth->seq = time(NULL);
 159
 160         return 0;
 161 }
 162
 163 static int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n)
 164 {
 165         struct sockaddr_nl nladdr;
 166         struct iovec iov = {
 167                 .iov_base = (void *)n,
 168                 .iov_len = n->nlmsg_len
 169         };
 170         struct msghdr msg = {
 171                 .msg_name = &nladdr,
 172                 .msg_namelen = sizeof(nladdr),
 173                 .msg_iov = &iov,
 174                 .msg_iovlen = 1,
 175         };
 176         unsigned seq;
 177         int err;
 178
 179         memset(&nladdr, 0, sizeof(nladdr));
 180         nladdr.nl_family = AF_NETLINK;
 181
 182         n->nlmsg_seq = seq = ++rtnl->seq;
 183         n->nlmsg_flags |= NLM_F_ACK;
 184
 185         err = sendmsg(rtnl->fd, &msg, 0);
 186         if (err < 0) {
 187                 connman_error("Can not talk to rtnetlink");
 188                 return err;
 189         }
 190
 191         return 0;
 192 }
 193
 194 static int tunnel_create(struct in_addr *addr)
 195 {
 196         struct ip_tunnel_parm p;
 197         struct ifreq ifr;
 198         int fd = -1;
 199         int ret;
 200
 201         /* ip tunnel add tun6to4 mode sit remote any local 1.2.3.4 ttl 64 */
 202
 203         memset(&p, 0, sizeof(struct ip_tunnel_parm));
 204         memset(&ifr, 0, sizeof(struct ifreq));
 205
 206         p.iph.version = 4;
 207         p.iph.ihl = 5;
 208         p.iph.frag_off = htons(IP_DF);
 209         p.iph.protocol = IPPROTO_IPV6;
 210         p.iph.saddr = addr->s_addr;
 211         p.iph.ttl = 64;
 212         strncpy(p.name, "tun6to4", IFNAMSIZ);
 213
 214         strncpy(ifr.ifr_name, "sit0", IFNAMSIZ);
 215         ifr.ifr_ifru.ifru_data = (void *)&p;
 216         fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
 217         ret = ioctl(fd, SIOCADDTUNNEL, &ifr);
 218         if (ret)
 219                 connman_error("add tunnel %s failed: %s", ifr.ifr_name,
 220                                                         strerror(errno));
 221         close(fd);
 222
 223         return ret;
 224 }
 225
 226 static void tunnel_destroy()
 227 {
 228         struct ip_tunnel_parm p;
 229         struct ifreq ifr;
 230         int fd = -1;
 231         int ret;
 232
 233         if (tunnel_created == 0)
 234                 return;
 235
 236         /* ip tunnel del tun6to4 */
 237
 238         memset(&p, 0, sizeof(struct ip_tunnel_parm));
 239         memset(&ifr, 0, sizeof(struct ifreq));
 240
 241         p.iph.version = 4;
 242         p.iph.ihl = 5;
 243         p.iph.protocol = IPPROTO_IPV6;
 244         strncpy(p.name, "tun6to4", IFNAMSIZ);
 245
 246         strncpy(ifr.ifr_name, "tun6to4", IFNAMSIZ);
 247         ifr.ifr_ifru.ifru_data = (void *)&p;
 248         fd = socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
 249         if (fd < 0) {
 250                 connman_error("socket failed: %s", strerror(errno));
 251                 return;
 252         }
 253
 254         ret = ioctl(fd, SIOCDELTUNNEL, &ifr);
 255         if (ret)
 256                 connman_error("del tunnel %s failed: %s", ifr.ifr_name,
 257                                                         strerror(errno));
 258         else
 259                 tunnel_created = 0;
 260
 261         tunnel_pending = 0;
 262         close(fd);
 263
 264         g_free(tunnel_ip_address);
 265         tunnel_ip_address = NULL;
 266 }
 267
 268 static int tunnel_add_route()
 269 {
 270         struct rtnl_handle rth;
 271         struct in6_addr addr6;
 272         int index;
 273         int ret = 0;
 274
 275         struct {
 276                 struct nlmsghdr n;
 277                 struct rtmsg    r;
 278                 char            buf[1024];
 279         } req;
 280
 281         /* ip -6 route add ::/0 via ::192.88.99.1 dev tun6to4 metric 1 */
 282
 283         index = if_nametoindex("tun6to4");
 284         if (index == 0) {
 285                 DBG("Can not find device tun6to4");
 286                 return -1;
 287         }
 288
 289         memset(&req, 0, sizeof(req));
 290
 291         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg));
 292         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 293         req.n.nlmsg_type = RTM_NEWROUTE;
 294         req.r.rtm_family = AF_INET6;
 295         req.r.rtm_table = RT_TABLE_MAIN;
 296         req.r.rtm_protocol = RTPROT_BOOT;
 297         req.r.rtm_scope = RT_SCOPE_UNIVERSE;
 298         req.r.rtm_type = RTN_UNICAST;
 299         req.r.rtm_dst_len = 0;
 300
 301         inet_pton(AF_INET6, "::192.88.99.1", &addr6);
 302
 303         addattr_l(&req.n, sizeof(req), RTA_GATEWAY, &addr6.s6_addr, 16);
 304         addattr32(&req.n, sizeof(req), RTA_OIF, index);
 305         addattr32(&req.n, sizeof(req), RTA_PRIORITY, 1);
 306
 307         ret = rtnl_open(&rth);
 308         if (ret < 0)
 309                 goto done;
 310
 311         ret = rtnl_talk(&rth, &req.n);
 312
 313 done:
 314         rtnl_close(&rth);
 315         return ret;
 316 }
 317
 318 static int tunnel_set_addr(unsigned int a, unsigned int b,
 319                         unsigned int c, unsigned int d)
 320 {
 321         struct rtnl_handle rth;
 322         struct in6_addr addr6;
 323         char *ip6addr;
 324         int ret;
 325
 326         struct {
 327                 struct nlmsghdr n;
 328                 struct ifaddrmsg ifa;
 329                 char buf[256];
 330         } req;
 331
 332         /* ip -6 addr add dev tun6to4 2002:0102:0304::1/64 */
 333
 334         memset(&req, 0, sizeof(req));
 335
 336         req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
 337         req.n.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
 338         req.n.nlmsg_type = RTM_NEWADDR;
 339         req.ifa.ifa_family = AF_INET6;
 340         req.ifa.ifa_prefixlen = 64;
 341         req.ifa.ifa_index = if_nametoindex("tun6to4");
 342         if (req.ifa.ifa_index == 0) {
 343                 connman_error("Can not find device tun6to4");
 344                 ret = -1;
 345                 goto done;
 346         }
 347
 348         ip6addr = g_strdup_printf("2002:%02x%02x:%02x%02x::1", a, b, c, d);
 349         inet_pton(AF_INET6, ip6addr, &addr6);
 350         DBG("ipv6 address %s", ip6addr);
 351         g_free(ip6addr);
 352
 353         addattr_l(&req.n, sizeof(req), IFA_LOCAL, &addr6.s6_addr, 16);
 354         addattr_l(&req.n, sizeof(req), IFA_ADDRESS, &addr6.s6_addr, 16);
 355
 356         ret = rtnl_open(&rth);
 357         if (ret < 0)
 358                 goto done;
 359
 360         ret = rtnl_talk(&rth, &req.n);
 361
 362 done:
 363         rtnl_close(&rth);
 364         return ret;
 365 }
 366
 367 static gboolean unref_web(gpointer user_data)
 368 {
 369         g_web_unref(web);
 370         return FALSE;
 371 }
 372
 373 static gboolean web_result(GWebResult *result, gpointer user_data)
 374 {
 375         guint16 status;
 376
 377         if (web_request_id == 0)
 378                 return FALSE;
 379
 380         status = g_web_result_get_status(result);
 381
 382         DBG("status %u", status);
 383
 384         if (status >= 400 && status < 500)
 385                 tunnel_destroy();
 386         else
 387                 tunnel_pending = 0;
 388
 389         web_request_id = 0;
 390
 391         g_timeout_add_seconds(1, unref_web, NULL);
 392
 393         return FALSE;
 394 }
 395
 396 static int init_6to4(struct in_addr *ip4addr)
 397 {
 398         unsigned int a, b, c, d;
 399         int ret, if_index;
 400         in_addr_t addr;
 401
 402         DBG("");
 403
 404         addr = ntohl(ip4addr->s_addr);
 405
 406         a = (addr & 0xff000000) >> 24;
 407         b = (addr & 0x00ff0000) >> 16;
 408         c = (addr & 0x0000ff00) >> 8;
 409         d = addr & 0x000000ff;
 410
 411         ret = tunnel_create(ip4addr);
 412         if (ret)
 413                 return -1;
 414
 415         tunnel_created = 1;
 416
 417         ret = connman_inet_setup_tunnel("tun6to4", 1472);
 418         if (ret)
 419                 goto error;
 420
 421         ret = tunnel_set_addr(a, b, c, d);
 422         if (ret)
 423                 goto error;
 424
 425         ret = tunnel_add_route();
 426         if (ret)
 427                 goto error;
 428
 429         if_index = connman_inet_ifindex("tun6to4");
 430         if (if_index < 0)
 431                 goto error;
 432
 433         /* We try to verify that connectivity through tunnel works ok.
 434          */
 435         web = g_web_new(if_index);
 436         if (web == NULL)
 437                 goto error;
 438
 439         g_web_set_accept(web, NULL);
 440         g_web_set_user_agent(web, "ConnMan/%s", VERSION);
 441         g_web_set_close_connection(web, TRUE);
 442
 443         web_request_id = g_web_request_get(web, STATUS_URL, web_result, NULL);
 444
 445         return 0;
 446
 447 error:
 448         tunnel_destroy();
 449         return -1;
 450 }
 451
 452 static void receive_rs_reply(struct nd_router_advert *reply, void *user_data)
 453 {
 454         char *address = user_data;
 455         struct in_addr ip4addr;
 456
 457         DBG("reply %p address %s", reply, address);
 458
 459         /* We try to create tunnel if autoconfiguration did not work i.e.,
 460          * we did not receive any reply to router solicitation message.
 461          */
 462         if (reply == NULL && inet_aton(address, &ip4addr) != 0)
 463                 init_6to4(&ip4addr);
 464
 465         g_free(address);
 466 }
 467
 468 int __connman_6to4_probe(struct connman_service *service)
 469 {
 470         struct connman_ipconfig *ip4config, *ip6config;
 471         enum connman_ipconfig_method method;
 472         unsigned int a, b;
 473         struct in_addr ip4addr;
 474         in_addr_t addr;
 475         const char *address;
 476         char *ip_address;
 477         int index;
 478
 479         DBG("service %p", service);
 480
 481         if (tunnel_created || tunnel_pending)
 482                 return 0;
 483
 484         if (service == NULL)
 485                 return -1;
 486
 487         ip4config = __connman_service_get_ip4config(service);
 488         if (ip4config == NULL)
 489                 return -1;
 490
 491         ip6config = __connman_service_get_ip6config(service);
 492         if (ip6config == NULL)
 493                 return -1;
 494
 495         method = __connman_ipconfig_get_method(ip6config);
 496         if (method != CONNMAN_IPCONFIG_METHOD_AUTO)
 497                 return -1;
 498
 499         address = __connman_ipconfig_get_local(ip4config);
 500         if (address == NULL)
 501                 return -1;
 502
 503         if (inet_aton(address, &ip4addr) == 0)
 504                 return -1;
 505
 506         addr = ntohl(ip4addr.s_addr);
 507
 508         a = (addr & 0xff000000) >> 24;
 509         b = (addr & 0x00ff0000) >> 16;
 510
 511         /* 6to4 tunnel is only usable if we have a public IPv4 address */
 512         if (a == 10 || (a == 192 && b == 168) ||
 513                                         (a == 172 && (b >= 16 && b <= 31)))
 514                 return -1;
 515
 516         index = connman_ipconfig_get_index(ip4config);
 517         ip_address = g_strdup(address);
 518         tunnel_pending = 1;
 519
 520         g_free(tunnel_ip_address);
 521         tunnel_ip_address = g_strdup(address);
 522
 523         return __connman_inet_ipv6_send_rs(index, 2, receive_rs_reply,
 524                                                         ip_address);
 525 }
 526
 527 void __connman_6to4_remove(struct connman_ipconfig *ip4config)
 528 {
 529         const char *address;
 530
 531         DBG("tunnel ip address %s", tunnel_ip_address);
 532
 533         if (ip4config == NULL)
 534                 return;
 535
 536         address = __connman_ipconfig_get_local(ip4config);
 537         if (address == NULL)
 538                 return;
 539
 540         if (g_strcmp0(address, tunnel_ip_address) != 0)
 541                 return;
 542
 543         if (tunnel_created)
 544                 tunnel_destroy();
 545 }
 546
 547 int __connman_6to4_check(struct connman_ipconfig *ip4config)
 548 {
 549         const char *address;
 550
 551         if (ip4config == NULL || tunnel_created == 0 ||
 552                                         tunnel_pending == 1)
 553                 return -1;
 554
 555         DBG("tunnel ip address %s", tunnel_ip_address);
 556
 557         address = __connman_ipconfig_get_local(ip4config);
 558         if (address == NULL)
 559                 return -1;
 560
 561         if (g_strcmp0(address, tunnel_ip_address) == 0)
 562                 return 1;
 563
 564         return 0;
 565 }