1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
|
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/types.h>
#include <stdlib.h>
#include <errno.h>
#include <locale.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include <stdio.h>
#include <stdio_ext.h>
#include <dhcp_hostconf.h>
#include <dhcpagent_ipc.h>
#include <dhcpagent_util.h>
#include <dhcpmsg.h>
#include <netinet/dhcp.h>
#include <net/route.h>
#include <sys/sockio.h>
#include "async.h"
#include "agent.h"
#include "script_handler.h"
#include "util.h"
#include "class_id.h"
#include "states.h"
#include "packet.h"
#include "interface.h"
#include "defaults.h"
#ifndef TEXT_DOMAIN
#define TEXT_DOMAIN "SYS_TEST"
#endif
iu_timer_id_t inactivity_id;
int class_id_len = 0;
char *class_id;
iu_eh_t *eh;
iu_tq_t *tq;
pid_t grandparent;
int rtsock_fd;
static boolean_t shutdown_started = B_FALSE;
static boolean_t do_adopt = B_FALSE;
static unsigned int debug_level = 0;
static iu_eh_callback_t accept_event, ipc_event, rtsock_event;
/*
* The ipc_cmd_allowed[] table indicates which IPC commands are allowed in
* which states; a non-zero value indicates the command is permitted.
*
* START is permitted if the state machine is fresh, or if we are in the
* process of trying to obtain a lease (as a convenience to save the
* administrator from having to do an explicit DROP). EXTEND, RELEASE, and
* GET_TAG require a lease to be obtained in order to make sense. INFORM is
* permitted if the interface is fresh or has an INFORM in progress or
* previously done on it -- otherwise a DROP or RELEASE is first required.
* PING and STATUS always make sense and thus are always permitted, as is DROP
* in order to permit the administrator to always bail out.
*/
static int ipc_cmd_allowed[DHCP_NSTATES][DHCP_NIPC] = {
/* D E P R S S I G */
/* R X I E T T N E */
/* O T N L A A F T */
/* P E G E R T O _ */
/* . N . A T U R T */
/* . D . S . S M A */
/* . . . E . . . G */
/* INIT */ { 1, 0, 1, 0, 1, 1, 1, 0 },
/* SELECTING */ { 1, 0, 1, 0, 1, 1, 0, 0 },
/* REQUESTING */ { 1, 0, 1, 0, 1, 1, 0, 0 },
/* PRE_BOUND */ { 1, 1, 1, 1, 0, 1, 0, 1 },
/* BOUND */ { 1, 1, 1, 1, 0, 1, 0, 1 },
/* RENEWING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
/* REBINDING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
/* INFORMATION */ { 1, 0, 1, 0, 1, 1, 1, 1 },
/* INIT_REBOOT */ { 1, 0, 1, 1, 1, 1, 0, 0 },
/* ADOPTING */ { 1, 0, 1, 1, 0, 1, 0, 0 },
/* INFORM_SENT */ { 1, 0, 1, 0, 1, 1, 1, 0 },
/* DECLINING */ { 1, 1, 1, 1, 0, 1, 0, 1 },
/* RELEASING */ { 1, 0, 1, 0, 0, 1, 0, 1 },
};
#define CMD_ISPRIV 0x1 /* Command requires privileges */
#define CMD_CREATE 0x2 /* Command creates an interface */
#define CMD_BOOTP 0x4 /* Command is valid with BOOTP */
#define CMD_IMMED 0x8 /* Reply is immediate (no BUSY state) */
static uint_t ipc_cmd_flags[DHCP_NIPC] = {
/* DHCP_DROP */ CMD_ISPRIV|CMD_BOOTP,
/* DHCP_EXTEND */ CMD_ISPRIV,
/* DHCP_PING */ CMD_BOOTP|CMD_IMMED,
/* DHCP_RELEASE */ CMD_ISPRIV,
/* DHCP_START */ CMD_CREATE|CMD_ISPRIV|CMD_BOOTP,
/* DHCP_STATUS */ CMD_BOOTP|CMD_IMMED,
/* DHCP_INFORM */ CMD_CREATE|CMD_ISPRIV,
/* DHCP_GET_TAG */ CMD_BOOTP|CMD_IMMED
};
int
main(int argc, char **argv)
{
boolean_t is_daemon = B_TRUE;
boolean_t is_verbose;
int ipc_fd;
int c;
struct rlimit rl;
debug_level = df_get_int("", B_FALSE, DF_DEBUG_LEVEL);
is_verbose = df_get_bool("", B_FALSE, DF_VERBOSE);
/*
* -l is ignored for compatibility with old agent.
*/
while ((c = getopt(argc, argv, "vd:l:fa")) != EOF) {
switch (c) {
case 'a':
do_adopt = B_TRUE;
grandparent = getpid();
break;
case 'd':
debug_level = strtoul(optarg, NULL, 0);
break;
case 'f':
is_daemon = B_FALSE;
break;
case 'v':
is_verbose = B_TRUE;
break;
case '?':
(void) fprintf(stderr, "usage: %s [-a] [-d n] [-f] [-v]"
"\n", argv[0]);
return (EXIT_FAILURE);
default:
break;
}
}
(void) setlocale(LC_ALL, "");
(void) textdomain(TEXT_DOMAIN);
if (geteuid() != 0) {
dhcpmsg_init(argv[0], B_FALSE, is_verbose, debug_level);
dhcpmsg(MSG_ERROR, "must be super-user");
dhcpmsg_fini();
return (EXIT_FAILURE);
}
if (is_daemon && daemonize() == 0) {
dhcpmsg_init(argv[0], B_FALSE, is_verbose, debug_level);
dhcpmsg(MSG_ERR, "cannot become daemon, exiting");
dhcpmsg_fini();
return (EXIT_FAILURE);
}
/*
* Seed the random number generator, since we're going to need it
* to set transaction id's and for exponential backoff.
*/
srand48(gethrtime() ^ gethostid() ^ getpid());
dhcpmsg_init(argv[0], is_daemon, is_verbose, debug_level);
(void) atexit(dhcpmsg_fini);
tq = iu_tq_create();
eh = iu_eh_create();
if (eh == NULL || tq == NULL) {
errno = ENOMEM;
dhcpmsg(MSG_ERR, "cannot create timer queue or event handler");
return (EXIT_FAILURE);
}
/*
* ignore most signals that could be reasonably generated.
*/
(void) signal(SIGTERM, graceful_shutdown);
(void) signal(SIGQUIT, graceful_shutdown);
(void) signal(SIGPIPE, SIG_IGN);
(void) signal(SIGUSR1, SIG_IGN);
(void) signal(SIGUSR2, SIG_IGN);
(void) signal(SIGINT, SIG_IGN);
(void) signal(SIGHUP, SIG_IGN);
(void) signal(SIGCHLD, SIG_IGN);
/*
* upon SIGTHAW we need to refresh any non-infinite leases.
*/
(void) iu_eh_register_signal(eh, SIGTHAW, refresh_smachs, NULL);
class_id = get_class_id();
if (class_id != NULL)
class_id_len = strlen(class_id);
else
dhcpmsg(MSG_WARNING, "get_class_id failed, continuing "
"with no vendor class id");
/*
* the inactivity timer is enabled any time there are no
* interfaces under DHCP control. if DHCP_INACTIVITY_WAIT
* seconds transpire without an interface under DHCP control,
* the agent shuts down.
*/
inactivity_id = iu_schedule_timer(tq, DHCP_INACTIVITY_WAIT,
inactivity_shutdown, NULL);
/*
* max out the number available descriptors, just in case..
*/
rl.rlim_cur = RLIM_INFINITY;
rl.rlim_max = RLIM_INFINITY;
if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
dhcpmsg(MSG_ERR, "setrlimit failed");
(void) enable_extended_FILE_stdio(-1, -1);
/*
* Create and bind default IP sockets used to control interfaces and to
* catch stray packets.
*/
if (!dhcp_ip_default())
return (EXIT_FAILURE);
/*
* create the ipc channel that the agent will listen for
* requests on, and register it with the event handler so that
* `accept_event' will be called back.
*/
switch (dhcp_ipc_init(&ipc_fd)) {
case 0:
break;
case DHCP_IPC_E_BIND:
dhcpmsg(MSG_ERROR, "dhcp_ipc_init: cannot bind to port "
"%i (agent already running?)", IPPORT_DHCPAGENT);
return (EXIT_FAILURE);
default:
dhcpmsg(MSG_ERROR, "dhcp_ipc_init failed");
return (EXIT_FAILURE);
}
if (iu_register_event(eh, ipc_fd, POLLIN, accept_event, 0) == -1) {
dhcpmsg(MSG_ERR, "cannot register ipc fd for messages");
return (EXIT_FAILURE);
}
/*
* Create the global routing socket. This is used for monitoring
* interface transitions, so that we learn about the kernel's Duplicate
* Address Detection status, and for inserting and removing default
* routes as learned from DHCP servers. Both v4 and v6 are handed
* with this one socket.
*/
rtsock_fd = socket(PF_ROUTE, SOCK_RAW, 0);
if (rtsock_fd == -1) {
dhcpmsg(MSG_ERR, "cannot open routing socket");
return (EXIT_FAILURE);
}
if (iu_register_event(eh, rtsock_fd, POLLIN, rtsock_event, 0) == -1) {
dhcpmsg(MSG_ERR, "cannot register routing socket for messages");
return (EXIT_FAILURE);
}
/*
* if the -a (adopt) option was specified, try to adopt the
* kernel-managed interface before we start.
*/
if (do_adopt && !dhcp_adopt())
return (EXIT_FAILURE);
/*
* For DHCPv6, we own all of the interfaces marked DHCPRUNNING. As
* we're starting operation here, if there are any of those interfaces
* lingering around, they're strays, and need to be removed.
*
* It might be nice to save these addresses off somewhere -- for both
* v4 and v6 -- and use them as hints for later negotiation.
*/
remove_v6_strays();
/*
* enter the main event loop; this is where all the real work
* takes place (through registering events and scheduling timers).
* this function only returns when the agent is shutting down.
*/
switch (iu_handle_events(eh, tq)) {
case -1:
dhcpmsg(MSG_WARNING, "iu_handle_events exited abnormally");
break;
case DHCP_REASON_INACTIVITY:
dhcpmsg(MSG_INFO, "no interfaces to manage, shutting down...");
break;
case DHCP_REASON_TERMINATE:
dhcpmsg(MSG_INFO, "received SIGTERM, shutting down...");
break;
case DHCP_REASON_SIGNAL:
dhcpmsg(MSG_WARNING, "received unexpected signal, shutting "
"down...");
break;
}
(void) iu_eh_unregister_signal(eh, SIGTHAW, NULL);
iu_eh_destroy(eh);
iu_tq_destroy(tq);
return (EXIT_SUCCESS);
}
/*
* drain_script(): event loop callback during shutdown
*
* input: eh_t *: unused
* void *: unused
* output: boolean_t: B_TRUE if event loop should exit; B_FALSE otherwise
*/
/* ARGSUSED */
boolean_t
drain_script(iu_eh_t *ehp, void *arg)
{
if (shutdown_started == B_FALSE) {
shutdown_started = B_TRUE;
if (do_adopt == B_FALSE) /* see 4291141 */
nuke_smach_list();
}
return (script_count == 0);
}
/*
* accept_event(): accepts a new connection on the ipc socket and registers
* to receive its messages with the event handler
*
* input: iu_eh_t *: unused
* int: the file descriptor in the iu_eh_t * the connection came in on
* (other arguments unused)
* output: void
*/
/* ARGSUSED */
static void
accept_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
{
int client_fd;
int is_priv;
if (dhcp_ipc_accept(fd, &client_fd, &is_priv) != 0) {
dhcpmsg(MSG_ERR, "accept_event: accept on ipc socket");
return;
}
if (iu_register_event(eh, client_fd, POLLIN, ipc_event,
(void *)is_priv) == -1) {
dhcpmsg(MSG_ERROR, "accept_event: cannot register ipc socket "
"for callback");
}
}
/*
* ipc_event(): processes incoming ipc requests
*
* input: iu_eh_t *: unused
* int: the file descriptor in the iu_eh_t * the request came in on
* short: unused
* iu_event_id_t: event ID
* void *: indicates whether the request is from a privileged client
* output: void
*/
/* ARGSUSED */
static void
ipc_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
{
ipc_action_t ia, *iap;
dhcp_smach_t *dsmp;
int error, is_priv = (int)arg;
const char *ifname;
boolean_t isv6;
ipc_action_init(&ia);
error = dhcp_ipc_recv_request(fd, &ia.ia_request,
DHCP_IPC_REQUEST_WAIT);
if (error != DHCP_IPC_SUCCESS) {
if (error != DHCP_IPC_E_EOF) {
dhcpmsg(MSG_ERROR,
"ipc_event: dhcp_ipc_recv_request failed: %s",
dhcp_ipc_strerror(error));
} else {
dhcpmsg(MSG_DEBUG, "ipc_event: connection closed");
}
if ((dsmp = lookup_smach_by_event(id)) != NULL) {
ipc_action_finish(dsmp, error);
} else {
(void) iu_unregister_event(eh, id, NULL);
(void) dhcp_ipc_close(fd);
}
return;
}
/* Fill in temporary ipc_action structure for utility functions */
ia.ia_cmd = DHCP_IPC_CMD(ia.ia_request->message_type);
ia.ia_fd = fd;
ia.ia_eid = id;
if (ia.ia_cmd >= DHCP_NIPC) {
dhcpmsg(MSG_ERROR,
"ipc_event: invalid command (%s) attempted on %s",
dhcp_ipc_type_to_string(ia.ia_cmd), ia.ia_request->ifname);
send_error_reply(&ia, DHCP_IPC_E_CMD_UNKNOWN);
return;
}
/* return EPERM for any of the privileged actions */
if (!is_priv && (ipc_cmd_flags[ia.ia_cmd] & CMD_ISPRIV)) {
dhcpmsg(MSG_WARNING,
"ipc_event: privileged ipc command (%s) attempted on %s",
dhcp_ipc_type_to_string(ia.ia_cmd), ia.ia_request->ifname);
send_error_reply(&ia, DHCP_IPC_E_PERM);
return;
}
/*
* Try to locate the state machine associated with this command. If
* the command is DHCP_START or DHCP_INFORM and there isn't a state
* machine already, make one (there may already be one from a previous
* failed attempt to START or INFORM). Otherwise, verify the reference
* is still valid.
*
* The interface name may be blank. In that case, we look up the
* primary interface, and the requested type (v4 or v6) doesn't matter.
*/
isv6 = (ia.ia_request->message_type & DHCP_V6) != 0;
ifname = ia.ia_request->ifname;
if (*ifname == '\0')
dsmp = primary_smach(isv6);
else
dsmp = lookup_smach(ifname, isv6);
if (dsmp != NULL) {
/* Note that verify_smach drops a reference */
hold_smach(dsmp);
if (!verify_smach(dsmp))
dsmp = NULL;
}
if (dsmp == NULL) {
/*
* If the user asked for the primary DHCP interface, but there
* is none, then report failure.
*/
if (ifname[0] == '\0') {
error = DHCP_IPC_E_NOPRIMARY;
/*
* If there's no interface, and we're starting up, then create
* it now, along with a state machine for it. Note that if
* insert_smach fails, it discards the LIF reference.
*/
} else if (ipc_cmd_flags[ia.ia_cmd] & CMD_CREATE) {
dhcp_lif_t *lif;
lif = attach_lif(ifname, isv6, &error);
if (lif != NULL &&
(dsmp = insert_smach(lif, &error)) != NULL) {
/*
* Get client ID and set "DHCPRUNNING" flag on
* logical interface. (V4 only, because V6
* plumbs its own interfaces.)
*/
error = get_smach_cid(dsmp);
if (error == DHCP_IPC_SUCCESS)
error = set_lif_dhcp(lif, B_FALSE);
if (error != DHCP_IPC_SUCCESS) {
remove_smach(dsmp);
dsmp = NULL;
}
}
/*
* Otherwise, this is an operation on an unknown interface.
*/
} else {
error = DHCP_IPC_E_UNKIF;
}
if (dsmp == NULL) {
send_error_reply(&ia, error);
return;
}
}
if ((dsmp->dsm_dflags & DHCP_IF_BOOTP) &&
!(ipc_cmd_flags[ia.ia_cmd] & CMD_BOOTP)) {
dhcpmsg(MSG_ERROR, "command %s not valid for BOOTP on %s",
dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
send_error_reply(&ia, DHCP_IPC_E_BOOTP);
return;
}
/*
* verify that the state machine is in a state which will allow the
* command. we do this up front so that we can return an error
* *before* needlessly cancelling an in-progress transaction.
*/
if (!check_cmd_allowed(dsmp->dsm_state, ia.ia_cmd)) {
dhcpmsg(MSG_DEBUG,
"in state %s; not allowing %s command on %s",
dhcp_state_to_string(dsmp->dsm_state),
dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
send_error_reply(&ia,
ia.ia_cmd == DHCP_START && dsmp->dsm_state != INIT ?
DHCP_IPC_E_RUNNING : DHCP_IPC_E_OUTSTATE);
return;
}
dhcpmsg(MSG_DEBUG, "in state %s; allowing %s command on %s",
dhcp_state_to_string(dsmp->dsm_state),
dhcp_ipc_type_to_string(ia.ia_cmd), dsmp->dsm_name);
if ((ia.ia_request->message_type & DHCP_PRIMARY) && is_priv)
make_primary(dsmp);
/*
* The current design dictates that there can be only one outstanding
* transaction per state machine -- this simplifies the code
* considerably and also fits well with RFCs 2131 and 3315. It is
* worth classifying the different DHCP commands into synchronous
* (those which we will handle now and reply to immediately) and
* asynchronous (those which require transactions and will be completed
* at an indeterminate time in the future):
*
* DROP: removes the agent's management of a state machine.
* asynchronous as the script program may be invoked.
*
* PING: checks to see if the agent has a named state machine.
* synchronous, since no packets need to be sent
* to the DHCP server.
*
* STATUS: returns information about a state machine.
* synchronous, since no packets need to be sent
* to the DHCP server.
*
* RELEASE: releases the agent's management of a state machine
* and brings the associated interfaces down. asynchronous
* as the script program may be invoked.
*
* EXTEND: renews a lease. asynchronous, since the agent
* needs to wait for an ACK, etc.
*
* START: starts DHCP on a named state machine. asynchronous since
* the agent needs to wait for OFFERs, ACKs, etc.
*
* INFORM: obtains configuration parameters for the system using
* externally configured interface. asynchronous, since the
* agent needs to wait for an ACK.
*
* Notice that EXTEND, INFORM, START, DROP and RELEASE are
* asynchronous. Notice also that asynchronous commands may occur from
* within the agent -- for instance, the agent will need to do implicit
* EXTENDs to extend the lease. In order to make the code simpler, the
* following rules apply for asynchronous commands:
*
* There can only be one asynchronous command at a time per state
* machine. The current asynchronous command is managed by the async_*
* api: async_start(), async_finish(), and async_cancel().
* async_start() starts management of a new asynchronous command on an
* state machine, which should only be done after async_cancel() to
* terminate a previous command. When the command is completed,
* async_finish() should be called.
*
* Asynchronous commands started by a user command have an associated
* ipc_action which provides the agent with information for how to get
* in touch with the user command when the action completes. These
* ipc_action records also have an associated timeout which may be
* infinite. ipc_action_start() should be called when starting an
* asynchronous command requested by a user, which sets up the timer
* and keeps track of the ipc information (file descriptor, request
* type). When the asynchronous command completes, ipc_action_finish()
* should be called to return a command status code to the user and
* close the ipc connection). If the command does not complete before
* the timer fires, ipc_action_timeout() is called which closes the ipc
* connection and returns DHCP_IPC_E_TIMEOUT to the user. Note that
* independent of ipc_action_timeout(), ipc_action_finish() should be
* called.
*
* on a case-by-case basis, here is what happens (per state machine):
*
* o When an asynchronous command is requested, then
* async_cancel() is called to terminate any non-user
* action in progress. If there's a user action running,
* the user command is sent DHCP_IPC_E_PEND.
*
* o otherwise, the the transaction is started with
* async_start(). if the transaction is on behalf
* of a user, ipc_action_start() is called to keep
* track of the ipc information and set up the
* ipc_action timer.
*
* o if the command completes normally and before a
* timeout fires, then async_finish() is called.
* if there was an associated ipc_action,
* ipc_action_finish() is called to complete it.
*
* o if the command fails before a timeout fires, then
* async_finish() is called, and the state machine is
* is returned to a known state based on the command.
* if there was an associated ipc_action,
* ipc_action_finish() is called to complete it.
*
* o if the ipc_action timer fires before command
* completion, then DHCP_IPC_E_TIMEOUT is returned to
* the user. however, the transaction continues to
* be carried out asynchronously.
*/
if (ipc_cmd_flags[ia.ia_cmd] & CMD_IMMED) {
/*
* Only immediate commands (ping, status, get_tag) need to
* worry about freeing ia through one of the reply functions
* before returning.
*/
iap = &ia;
} else {
/*
* if shutdown request has been received, send back an error.
*/
if (shutdown_started) {
send_error_reply(&ia, DHCP_IPC_E_OUTSTATE);
return;
}
if (dsmp->dsm_dflags & DHCP_IF_BUSY) {
send_error_reply(&ia, DHCP_IPC_E_PEND);
return;
}
if (!ipc_action_start(dsmp, &ia)) {
dhcpmsg(MSG_WARNING, "ipc_event: ipc_action_start "
"failed for %s", dsmp->dsm_name);
send_error_reply(&ia, DHCP_IPC_E_MEMORY);
return;
}
/* Action structure consumed by above function */
iap = &dsmp->dsm_ia;
}
switch (iap->ia_cmd) {
case DHCP_DROP:
(void) script_start(dsmp, isv6 ? EVENT_DROP6 : EVENT_DROP,
dhcp_drop, NULL, NULL);
break; /* not an immediate function */
case DHCP_EXTEND:
(void) dhcp_extending(dsmp);
break;
case DHCP_GET_TAG: {
dhcp_optnum_t optnum;
void *opt = NULL;
uint_t optlen;
boolean_t did_alloc = B_FALSE;
PKT_LIST *ack = dsmp->dsm_ack;
/*
* verify the request makes sense.
*/
if (iap->ia_request->data_type != DHCP_TYPE_OPTNUM ||
iap->ia_request->data_length != sizeof (dhcp_optnum_t)) {
send_error_reply(iap, DHCP_IPC_E_PROTO);
break;
}
(void) memcpy(&optnum, iap->ia_request->buffer,
sizeof (dhcp_optnum_t));
load_option:
switch (optnum.category) {
case DSYM_SITE: /* FALLTHRU */
case DSYM_STANDARD:
if (isv6) {
opt = dhcpv6_pkt_option(ack, NULL, optnum.code,
NULL);
} else {
if (optnum.code <= DHCP_LAST_OPT)
opt = ack->opts[optnum.code];
}
break;
case DSYM_VENDOR:
if (isv6) {
dhcpv6_option_t *d6o;
uint32_t ent;
/*
* Look through vendor options to find our
* enterprise number.
*/
d6o = NULL;
for (;;) {
d6o = dhcpv6_pkt_option(ack, d6o,
DHCPV6_OPT_VENDOR_OPT, &optlen);
if (d6o == NULL)
break;
optlen -= sizeof (*d6o);
if (optlen < sizeof (ent))
continue;
(void) memcpy(&ent, d6o + 1,
sizeof (ent));
if (ntohl(ent) != DHCPV6_SUN_ENT)
continue;
break;
}
if (d6o != NULL) {
/*
* Now find the requested vendor option
* within the vendor options block.
*/
opt = dhcpv6_find_option(
(char *)(d6o + 1) + sizeof (ent),
optlen - sizeof (ent), NULL,
optnum.code, NULL);
}
} else {
/*
* the test against VS_OPTION_START is broken
* up into two tests to avoid compiler warnings
* under intel.
*/
if ((optnum.code > VS_OPTION_START ||
optnum.code == VS_OPTION_START) &&
optnum.code <= VS_OPTION_END)
opt = ack->vs[optnum.code];
}
break;
case DSYM_FIELD:
if (isv6) {
dhcpv6_message_t *d6m =
(dhcpv6_message_t *)ack->pkt;
dhcpv6_option_t *d6o;
/* Validate the packet field the user wants */
optlen = optnum.code + optnum.size;
if (d6m->d6m_msg_type ==
DHCPV6_MSG_RELAY_FORW ||
d6m->d6m_msg_type ==
DHCPV6_MSG_RELAY_REPL) {
if (optlen > sizeof (dhcpv6_relay_t))
break;
} else {
if (optlen > sizeof (*d6m))
break;
}
opt = malloc(sizeof (*d6o) + optnum.size);
if (opt != NULL) {
d6o = opt;
d6o->d6o_code = htons(optnum.code);
d6o->d6o_len = htons(optnum.size);
(void) memcpy(d6o + 1, (caddr_t)d6m +
optnum.code, optnum.size);
}
} else {
if (optnum.code + optnum.size > sizeof (PKT))
break;
/*
* + 2 to account for option code and length
* byte
*/
opt = malloc(optnum.size + 2);
if (opt != NULL) {
DHCP_OPT *v4opt = opt;
v4opt->len = optnum.size;
v4opt->code = optnum.code;
(void) memcpy(v4opt->value,
(caddr_t)ack->pkt + optnum.code,
optnum.size);
}
}
if (opt == NULL) {
send_error_reply(iap, DHCP_IPC_E_MEMORY);
return;
}
did_alloc = B_TRUE;
break;
default:
send_error_reply(iap, DHCP_IPC_E_PROTO);
return;
}
/*
* return the option payload, if there was one. the "+ 2"
* accounts for the option code number and length byte.
*/
if (opt != NULL) {
if (isv6) {
dhcpv6_option_t d6ov;
(void) memcpy(&d6ov, opt, sizeof (d6ov));
optlen = ntohs(d6ov.d6o_len) + sizeof (d6ov);
} else {
optlen = ((DHCP_OPT *)opt)->len + 2;
}
send_data_reply(iap, 0, DHCP_TYPE_OPTION, opt, optlen);
if (did_alloc)
free(opt);
break;
} else if (ack != dsmp->dsm_orig_ack) {
/*
* There wasn't any definition for the option in the
* current ack, so now retry with the original ack if
* the original ack is not the current ack.
*/
ack = dsmp->dsm_orig_ack;
goto load_option;
}
/*
* note that an "okay" response is returned either in
* the case of an unknown option or a known option
* with no payload. this is okay (for now) since
* dhcpinfo checks whether an option is valid before
* ever performing ipc with the agent.
*/
send_ok_reply(iap);
break;
}
case DHCP_INFORM:
dhcp_inform(dsmp);
/* next destination: dhcp_acknak() */
break; /* not an immediate function */
case DHCP_PING:
if (dsmp->dsm_dflags & DHCP_IF_FAILED)
send_error_reply(iap, DHCP_IPC_E_FAILEDIF);
else
send_ok_reply(iap);
break;
case DHCP_RELEASE:
(void) script_start(dsmp, isv6 ? EVENT_RELEASE6 :
EVENT_RELEASE, dhcp_release, "Finished with lease.", NULL);
break; /* not an immediate function */
case DHCP_START: {
PKT_LIST *ack, *oack;
PKT_LIST *plp[2];
deprecate_leases(dsmp);
/*
* if we have a valid hostconf lying around, then jump
* into INIT_REBOOT. if it fails, we'll end up going
* through the whole selecting() procedure again.
*/
error = read_hostconf(dsmp->dsm_name, plp, 2, dsmp->dsm_isv6);
ack = error > 0 ? plp[0] : NULL;
oack = error > 1 ? plp[1] : NULL;
/*
* If the allocation of the old ack fails, that's fine;
* continue without it.
*/
if (oack == NULL)
oack = ack;
/*
* As long as we've allocated something, start using it.
*/
if (ack != NULL) {
dsmp->dsm_orig_ack = oack;
dsmp->dsm_ack = ack;
dhcp_init_reboot(dsmp);
/* next destination: dhcp_acknak() */
break;
}
/*
* if not debugging, wait for a few seconds before
* going into SELECTING.
*/
if (debug_level == 0 && set_start_timer(dsmp)) {
/* next destination: dhcp_start() */
break;
} else {
dhcp_selecting(dsmp);
/* next destination: dhcp_requesting() */
break;
}
}
case DHCP_STATUS: {
dhcp_status_t status;
dhcp_lease_t *dlp;
status.if_began = monosec_to_time(dsmp->dsm_curstart_monosec);
/*
* We return information on just the first lease as being
* representative of the lot. A better status mechanism is
* needed.
*/
dlp = dsmp->dsm_leases;
if (dlp == NULL ||
dlp->dl_lifs->lif_expire.dt_start == DHCP_PERM) {
status.if_t1 = DHCP_PERM;
status.if_t2 = DHCP_PERM;
status.if_lease = DHCP_PERM;
} else {
status.if_t1 = status.if_began +
dlp->dl_t1.dt_start;
status.if_t2 = status.if_began +
dlp->dl_t2.dt_start;
status.if_lease = status.if_began +
dlp->dl_lifs->lif_expire.dt_start;
}
status.version = DHCP_STATUS_VER;
status.if_state = dsmp->dsm_state;
status.if_dflags = dsmp->dsm_dflags;
status.if_sent = dsmp->dsm_sent;
status.if_recv = dsmp->dsm_received;
status.if_bad_offers = dsmp->dsm_bad_offers;
(void) strlcpy(status.if_name, dsmp->dsm_name, IFNAMSIZ);
send_data_reply(iap, 0, DHCP_TYPE_STATUS, &status,
sizeof (dhcp_status_t));
break;
}
}
}
/*
* check_rtm_addr(): determine if routing socket message matches interface
* address
*
* input: const struct if_msghdr *: pointer to routing socket message
* int: routing socket message length
* boolean_t: set to B_TRUE if IPv6
* const in6_addr_t *: pointer to IP address
* output: boolean_t: B_TRUE if address is a match
*/
static boolean_t
check_rtm_addr(const struct ifa_msghdr *ifam, int msglen, boolean_t isv6,
const in6_addr_t *addr)
{
const char *cp, *lim;
uint_t flag;
const struct sockaddr *sa;
if (!(ifam->ifam_addrs & RTA_IFA))
return (B_FALSE);
cp = (const char *)(ifam + 1);
lim = (const char *)ifam + msglen;
for (flag = 1; flag < RTA_IFA; flag <<= 1) {
if (ifam->ifam_addrs & flag) {
/* LINTED: alignment */
sa = (const struct sockaddr *)cp;
if ((const char *)(sa + 1) > lim)
return (B_FALSE);
switch (sa->sa_family) {
case AF_INET:
cp += sizeof (struct sockaddr_in);
break;
case AF_LINK:
cp += sizeof (struct sockaddr_dl);
break;
case AF_INET6:
cp += sizeof (struct sockaddr_in6);
break;
default:
cp += sizeof (struct sockaddr);
break;
}
}
}
if (isv6) {
const struct sockaddr_in6 *sin6;
/* LINTED: alignment */
sin6 = (const struct sockaddr_in6 *)cp;
if ((const char *)(sin6 + 1) > lim)
return (B_FALSE);
if (sin6->sin6_family != AF_INET6)
return (B_FALSE);
return (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, addr));
} else {
const struct sockaddr_in *sinp;
ipaddr_t v4addr;
/* LINTED: alignment */
sinp = (const struct sockaddr_in *)cp;
if ((const char *)(sinp + 1) > lim)
return (B_FALSE);
if (sinp->sin_family != AF_INET)
return (B_FALSE);
IN6_V4MAPPED_TO_IPADDR(addr, v4addr);
return (sinp->sin_addr.s_addr == v4addr);
}
}
/*
* is_rtm_v6(): determine if routing socket message is IPv6
*
* input: struct ifa_msghdr *: pointer to routing socket message
* int: message length
* output: boolean_t
*/
static boolean_t
is_rtm_v6(const struct ifa_msghdr *ifam, int msglen)
{
const char *cp, *lim;
uint_t flag;
const struct sockaddr *sa;
cp = (const char *)(ifam + 1);
lim = (const char *)ifam + msglen;
for (flag = ifam->ifam_addrs; flag != 0; flag &= flag - 1) {
/* LINTED: alignment */
sa = (const struct sockaddr *)cp;
if ((const char *)(sa + 1) > lim)
return (B_FALSE);
switch (sa->sa_family) {
case AF_INET:
return (B_FALSE);
case AF_LINK:
cp += sizeof (struct sockaddr_dl);
break;
case AF_INET6:
return (B_TRUE);
default:
cp += sizeof (struct sockaddr);
break;
}
}
return (B_FALSE);
}
/*
* check_lif(): check the state of a given logical interface and its DHCP
* lease. We've been told by the routing socket that the
* corresponding ifIndex has changed. This may mean that DAD has
* completed or failed.
*
* input: dhcp_lif_t *: pointer to the LIF
* const struct ifa_msghdr *: routing socket message
* int: size of routing socket message
* output: boolean_t: B_TRUE if DAD has completed on this interface
*/
static boolean_t
check_lif(dhcp_lif_t *lif, const struct ifa_msghdr *ifam, int msglen)
{
boolean_t isv6, dad_wait, unplumb;
int fd;
struct lifreq lifr;
isv6 = lif->lif_pif->pif_isv6;
fd = isv6 ? v6_sock_fd : v4_sock_fd;
/*
* Get the real (64 bit) logical interface flags. Note that the
* routing socket message has flags, but these are just the lower 32
* bits.
*/
unplumb = B_FALSE;
(void) memset(&lifr, 0, sizeof (lifr));
(void) strlcpy(lifr.lifr_name, lif->lif_name, sizeof (lifr.lifr_name));
if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1) {
/*
* Failing to retrieve flags means that the interface is gone.
* It hasn't failed to verify with DAD, but we still have to
* give up on it.
*/
lifr.lifr_flags = 0;
if (errno == ENXIO) {
lif->lif_plumbed = B_FALSE;
dhcpmsg(MSG_INFO, "%s has been removed; abandoning",
lif->lif_name);
if (!isv6)
discard_default_routes(lif->lif_smachs);
} else {
dhcpmsg(MSG_ERR,
"unable to retrieve interface flags on %s",
lif->lif_name);
}
unplumb = B_TRUE;
} else if (!check_rtm_addr(ifam, msglen, isv6, &lif->lif_v6addr)) {
/*
* If the message is not about this logical interface,
* then just ignore it.
*/
return (B_FALSE);
} else if (lifr.lifr_flags & IFF_DUPLICATE) {
dhcpmsg(MSG_ERROR, "interface %s has duplicate address",
lif->lif_name);
lif_mark_decline(lif, "duplicate address");
close_ip_lif(lif);
}
dad_wait = lif->lif_dad_wait;
if (dad_wait) {
dhcpmsg(MSG_VERBOSE, "check_lif: %s has finished DAD",
lif->lif_name);
lif->lif_dad_wait = B_FALSE;
}
if (unplumb)
unplumb_lif(lif);
return (dad_wait);
}
/*
* check_main_lif(): check the state of a main logical interface for a state
* machine. This is used only for DHCPv6.
*
* input: dhcp_smach_t *: pointer to the state machine
* const struct ifa_msghdr *: routing socket message
* int: size of routing socket message
* output: boolean_t: B_TRUE if LIF is ok.
*/
static boolean_t
check_main_lif(dhcp_smach_t *dsmp, const struct ifa_msghdr *ifam, int msglen)
{
dhcp_lif_t *lif = dsmp->dsm_lif;
struct lifreq lifr;
/*
* Get the real (64 bit) logical interface flags. Note that the
* routing socket message has flags, but these are just the lower 32
* bits.
*/
(void) memset(&lifr, 0, sizeof (lifr));
(void) strlcpy(lifr.lifr_name, lif->lif_name, sizeof (lifr.lifr_name));
if (ioctl(v6_sock_fd, SIOCGLIFFLAGS, &lifr) == -1) {
/*
* Failing to retrieve flags means that the interface is gone.
* Our state machine is now trash.
*/
if (errno == ENXIO) {
dhcpmsg(MSG_INFO, "%s has been removed; abandoning",
lif->lif_name);
} else {
dhcpmsg(MSG_ERR,
"unable to retrieve interface flags on %s",
lif->lif_name);
}
return (B_FALSE);
} else if (!check_rtm_addr(ifam, msglen, B_TRUE, &lif->lif_v6addr)) {
/*
* If the message is not about this logical interface,
* then just ignore it.
*/
return (B_TRUE);
} else if (lifr.lifr_flags & IFF_DUPLICATE) {
dhcpmsg(MSG_ERROR, "interface %s has duplicate address",
lif->lif_name);
return (B_FALSE);
} else {
return (B_TRUE);
}
}
/*
* process_link_up_down(): check the state of a physical interface for up/down
* transitions; must go through INIT_REBOOT state if
* the link flaps.
*
* input: dhcp_pif_t *: pointer to the physical interface to check
* const struct if_msghdr *: routing socket message
* output: none
*/
static void
process_link_up_down(dhcp_pif_t *pif, const struct if_msghdr *ifm)
{
struct lifreq lifr;
boolean_t isv6;
int fd;
/*
* If the message implies no change of flags, then we're done; no need
* to check further. Note that if we have multiple state machines on a
* single physical interface, this test keeps us from issuing an ioctl
* for each one.
*/
if ((ifm->ifm_flags & IFF_RUNNING) && pif->pif_running ||
!(ifm->ifm_flags & IFF_RUNNING) && !pif->pif_running)
return;
/*
* We don't know what the real interface flags are, because the
* if_index number is only 16 bits; we must go ask.
*/
isv6 = pif->pif_isv6;
fd = isv6 ? v6_sock_fd : v4_sock_fd;
(void) memset(&lifr, 0, sizeof (lifr));
(void) strlcpy(lifr.lifr_name, pif->pif_name, sizeof (lifr.lifr_name));
if (ioctl(fd, SIOCGLIFFLAGS, &lifr) == -1 ||
!(lifr.lifr_flags & IFF_RUNNING)) {
/*
* If we've lost the interface or it has gone down, then
* nothing special to do; just turn off the running flag.
*/
pif_status(pif, B_FALSE);
} else {
/*
* Interface has come back up: go through verification process.
*/
pif_status(pif, B_TRUE);
}
}
/*
* rtsock_event(): fetches routing socket messages and updates internal
* interface state based on those messages.
*
* input: iu_eh_t *: unused
* int: the routing socket file descriptor
* (other arguments unused)
* output: void
*/
/* ARGSUSED */
static void
rtsock_event(iu_eh_t *ehp, int fd, short events, iu_event_id_t id, void *arg)
{
dhcp_smach_t *dsmp, *dsmnext;
union {
struct ifa_msghdr ifam;
struct if_msghdr ifm;
char buf[1024];
} msg;
uint16_t ifindex;
int msglen;
boolean_t isv6;
if ((msglen = read(fd, &msg, sizeof (msg))) <= 0)
return;
/* Note that the routing socket interface index is just 16 bits */
if (msg.ifm.ifm_type == RTM_IFINFO) {
ifindex = msg.ifm.ifm_index;
isv6 = (msg.ifm.ifm_flags & IFF_IPV6) ? B_TRUE : B_FALSE;
} else if (msg.ifam.ifam_type == RTM_DELADDR ||
msg.ifam.ifam_type == RTM_NEWADDR) {
ifindex = msg.ifam.ifam_index;
isv6 = is_rtm_v6(&msg.ifam, msglen);
} else {
return;
}
for (dsmp = lookup_smach_by_uindex(ifindex, NULL, isv6);
dsmp != NULL; dsmp = dsmnext) {
DHCPSTATE oldstate;
boolean_t lif_finished;
boolean_t lease_removed;
dhcp_lease_t *dlp, *dlnext;
/*
* Note that script_start can call dhcp_drop directly, and
* that will do release_smach.
*/
dsmnext = lookup_smach_by_uindex(ifindex, dsmp, isv6);
oldstate = dsmp->dsm_state;
/*
* Look for link up/down notifications. These occur on a
* physical interface basis.
*/
if (msg.ifm.ifm_type == RTM_IFINFO) {
process_link_up_down(dsmp->dsm_lif->lif_pif, &msg.ifm);
continue;
}
/*
* Since we cannot trust the flags reported by the routing
* socket (they're just 32 bits -- and thus never include
* IFF_DUPLICATE), and we can't trust the ifindex (it's only 16
* bits and also doesn't reflect the alias in use), we get
* flags on all matching interfaces, and go by that.
*/
lif_finished = B_FALSE;
lease_removed = B_FALSE;
for (dlp = dsmp->dsm_leases; dlp != NULL; dlp = dlnext) {
dhcp_lif_t *lif, *lifnext;
uint_t nlifs = dlp->dl_nlifs;
dlnext = dlp->dl_next;
for (lif = dlp->dl_lifs; lif != NULL && nlifs > 0;
lif = lifnext, nlifs--) {
lifnext = lif->lif_next;
if (check_lif(lif, &msg.ifam, msglen)) {
dsmp->dsm_lif_wait--;
lif_finished = B_TRUE;
}
}
if (dlp->dl_nlifs == 0) {
remove_lease(dlp);
lease_removed = B_TRUE;
}
}
if ((isv6 && !check_main_lif(dsmp, &msg.ifam, msglen)) ||
(!isv6 && !verify_lif(dsmp->dsm_lif))) {
if (dsmp->dsm_script_pid != -1)
script_stop(dsmp);
(void) script_start(dsmp, EVENT_DROP6, dhcp_drop, NULL,
NULL);
continue;
}
/*
* Ignore this state machine if nothing interesting has
* happened.
*/
if (!lif_finished && dsmp->dsm_lif_down == 0 &&
(dsmp->dsm_leases != NULL || !lease_removed))
continue;
/*
* If we're still waiting for DAD to complete on some of the
* configured LIFs, then don't send a response.
*/
if (dsmp->dsm_lif_wait != 0) {
dhcpmsg(MSG_VERBOSE, "rtsock_event: %s still has %d "
"LIFs waiting on DAD", dsmp->dsm_name,
dsmp->dsm_lif_wait);
continue;
}
/*
* If we have some failed LIFs, then handle them now. We'll
* remove them from the list. Any leases that become empty are
* also removed as part of the decline-generation process.
*/
if (dsmp->dsm_lif_down != 0) {
/*
* We need to switch back to PRE_BOUND state so that
* send_pkt_internal() uses DLPI instead of sockets.
* Our logical interface has already been torn down by
* the kernel, and thus we can't send DHCPDECLINE by
* way of regular IP. (Unless we're adopting -- allow
* the grandparent to be handled as expected.)
*/
if (oldstate != ADOPTING) {
(void) set_smach_state(dsmp, PRE_BOUND);
}
send_declines(dsmp);
}
if (dsmp->dsm_leases == NULL) {
dsmp->dsm_bad_offers++;
/*
* For DHCPv6, we'll process the restart once we're
* done sending Decline messages, because these are
* supposed to be acknowledged. With DHCPv4, there's
* no acknowledgment for a DECLINE, so after sending
* it, we just restart right away.
*/
if (!dsmp->dsm_isv6) {
dhcpmsg(MSG_VERBOSE, "rtsock_event: %s has no "
"LIFs left; restarting", dsmp->dsm_name);
dhcp_restart(dsmp);
}
} else {
/*
* If we're now up on at least some of the leases and
* we were waiting for that, then kick off the rest of
* configuration. Lease validation and DAD are done.
*/
dhcpmsg(MSG_VERBOSE, "rtsock_event: all LIFs verified "
"on %s in %s state", dsmp->dsm_name,
dhcp_state_to_string(oldstate));
if (oldstate == PRE_BOUND ||
oldstate == ADOPTING)
dhcp_bound_complete(dsmp);
if (oldstate == ADOPTING)
dhcp_adopt_complete(dsmp);
}
}
}
/*
* check_cmd_allowed(): check whether the requested command is allowed in the
* state specified.
*
* input: DHCPSTATE: current state
* dhcp_ipc_type_t: requested command
* output: boolean_t: B_TRUE if command is allowed in this state
*/
boolean_t
check_cmd_allowed(DHCPSTATE state, dhcp_ipc_type_t cmd)
{
return (ipc_cmd_allowed[state][cmd] != 0);
}
|
