badguardhome/internal/aghnet/dhcp_unix.go
Eugene Burkov 506b459842 Pull request: 3225 bsd dhcp
Merge in DNS/adguard-home from 3225-bsd-dhcp to master

Closes #3225.
Closes #3417.

Squashed commit of the following:

commit e7ea691824c7ebc8cafd8c9e206679346cbc8592
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Aug 12 17:02:02 2021 +0300

    all: imp code, docs

commit 5b598fc18a9b69a0256569f4c691bb6a2193dfbd
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Aug 12 16:28:12 2021 +0300

    all: mv logic, imp code, docs, log changes

commit e3e1577a668fe3e5c61d075c390e4bd7268181ba
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Thu Aug 12 14:15:10 2021 +0300

    dhcpd: imp checkother

commit 3cc8b058195c30a7ef0b7741ee8463270d9e47ff
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Wed Aug 11 13:20:18 2021 +0300

    all: imp bsd support
2021-08-12 17:33:53 +03:00

335 lines
8.8 KiB
Go

//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package aghnet
import (
"bytes"
"fmt"
"net"
"os"
"time"
"github.com/AdguardTeam/golibs/errors"
"github.com/AdguardTeam/golibs/log"
"github.com/AdguardTeam/golibs/netutil"
"github.com/insomniacslk/dhcp/dhcpv4"
"github.com/insomniacslk/dhcp/dhcpv6"
"github.com/insomniacslk/dhcp/dhcpv6/nclient6"
"github.com/insomniacslk/dhcp/iana"
)
// defaultDiscoverTime is the
const defaultDiscoverTime = 3 * time.Second
func checkOtherDHCP(ifaceName string) (ok4, ok6 bool, err4, err6 error) {
iface, err := net.InterfaceByName(ifaceName)
if err != nil {
err = fmt.Errorf("couldn't find interface by name %s: %w", ifaceName, err)
err4, err6 = err, err
return false, false, err4, err6
}
ok4, err4 = checkOtherDHCPv4(iface)
ok6, err6 = checkOtherDHCPv6(iface)
return ok4, ok6, err4, err6
}
// ifaceIPv4Subnet returns the first suitable IPv4 subnetwork iface has.
func ifaceIPv4Subnet(iface *net.Interface) (subnet *net.IPNet, err error) {
var addrs []net.Addr
if addrs, err = iface.Addrs(); err != nil {
return nil, err
}
for _, a := range addrs {
switch a := a.(type) {
case *net.IPAddr:
subnet = &net.IPNet{
IP: a.IP,
Mask: a.IP.DefaultMask(),
}
case *net.IPNet:
subnet = a
default:
continue
}
if ip4 := subnet.IP.To4(); ip4 != nil {
subnet.IP = ip4
return subnet, nil
}
}
return nil, fmt.Errorf("interface %s has no ipv4 addresses", iface.Name)
}
// checkOtherDHCPv4 sends a DHCP request to the specified network interface, and
// waits for a response for a period defined by defaultDiscoverTime.
func checkOtherDHCPv4(iface *net.Interface) (ok bool, err error) {
var subnet *net.IPNet
if subnet, err = ifaceIPv4Subnet(iface); err != nil {
return false, err
}
// Resolve broadcast addr.
dst := netutil.IPPort{
IP: BroadcastFromIPNet(subnet),
Port: 67,
}.String()
var dstAddr *net.UDPAddr
if dstAddr, err = net.ResolveUDPAddr("udp4", dst); err != nil {
return false, fmt.Errorf("couldn't resolve UDP address %s: %w", dst, err)
}
var hostname string
if hostname, err = os.Hostname(); err != nil {
return false, fmt.Errorf("couldn't get hostname: %w", err)
}
return discover4(iface, dstAddr, hostname)
}
func discover4(iface *net.Interface, dstAddr *net.UDPAddr, hostname string) (ok bool, err error) {
var req *dhcpv4.DHCPv4
if req, err = dhcpv4.NewDiscovery(iface.HardwareAddr); err != nil {
return false, fmt.Errorf("dhcpv4.NewDiscovery: %w", err)
}
req.Options.Update(dhcpv4.OptClientIdentifier(iface.HardwareAddr))
req.Options.Update(dhcpv4.OptHostName(hostname))
req.SetBroadcast()
// Bind to 0.0.0.0:68.
//
// On OpenBSD binding to the port 68 competes with dhclient's binding,
// so that all incoming packets are ignored and the discovering process
// is spoiled.
//
// It's also known that listening on the specified interface's address
// ignores broadcasted packets when reading.
var c net.PacketConn
if c, err = net.ListenPacket("udp4", ":68"); err != nil {
return false, fmt.Errorf("couldn't listen on :68: %w", err)
}
defer func() { err = errors.WithDeferred(err, c.Close()) }()
// Send to resolved broadcast.
if _, err = c.WriteTo(req.ToBytes(), dstAddr); err != nil {
return false, fmt.Errorf("couldn't send a packet to %s: %w", dstAddr, err)
}
for {
if err = c.SetDeadline(time.Now().Add(defaultDiscoverTime)); err != nil {
return false, fmt.Errorf("setting deadline: %w", err)
}
var next bool
ok, next, err = tryConn4(req, c, iface)
if next {
if err != nil {
log.Debug("dhcpv4: trying a connection: %s", err)
}
continue
}
if err != nil {
return false, err
}
return ok, nil
}
}
// TODO(a.garipov): Refactor further. Inspect error handling, remove parameter
// next, address the TODO, merge with tryConn6, etc.
func tryConn4(req *dhcpv4.DHCPv4, c net.PacketConn, iface *net.Interface) (ok, next bool, err error) {
// TODO: replicate dhclient's behavior of retrying several times with
// progressively longer timeouts.
log.Tracef("dhcpv4: waiting %v for an answer", defaultDiscoverTime)
b := make([]byte, 1500)
n, _, err := c.ReadFrom(b)
if n > 0 {
log.Debug("received %d bytes: %v", n, b)
}
if err != nil {
if isTimeout(err) {
log.Debug("dhcpv4: didn't receive dhcp response")
return false, false, nil
}
return false, false, fmt.Errorf("receiving packet: %w", err)
}
log.Tracef("dhcpv4: received packet, %d bytes", n)
response, err := dhcpv4.FromBytes(b[:n])
if err != nil {
log.Debug("dhcpv4: encoding: %s", err)
return false, true, err
}
log.Debug("dhcpv4: received message from server: %s", response.Summary())
if !(response.OpCode == dhcpv4.OpcodeBootReply &&
response.HWType == iana.HWTypeEthernet &&
bytes.Equal(response.ClientHWAddr, iface.HardwareAddr) &&
bytes.Equal(response.TransactionID[:], req.TransactionID[:]) &&
response.Options.Has(dhcpv4.OptionDHCPMessageType)) {
log.Debug("dhcpv4: received message from server doesn't match our request")
return false, true, nil
}
log.Tracef("dhcpv4: the packet is from an active dhcp server")
return true, false, nil
}
// checkOtherDHCPv6 sends a DHCP request to the specified network interface, and
// waits for a response for a period defined by defaultDiscoverTime.
func checkOtherDHCPv6(iface *net.Interface) (ok bool, err error) {
ifaceIPNet, err := IfaceIPAddrs(iface, IPVersion6)
if err != nil {
return false, fmt.Errorf("getting ipv6 addrs for iface %s: %w", iface.Name, err)
}
if len(ifaceIPNet) == 0 {
return false, fmt.Errorf("interface %s has no ipv6 addresses", iface.Name)
}
srcIP := ifaceIPNet[0]
src := netutil.JoinHostPort(srcIP.String(), 546)
dst := "[ff02::1:2]:547"
udpAddr, err := net.ResolveUDPAddr("udp6", src)
if err != nil {
return false, fmt.Errorf("dhcpv6: Couldn't resolve UDP address %s: %w", src, err)
}
if !udpAddr.IP.To16().Equal(srcIP) {
return false, fmt.Errorf("dhcpv6: Resolved UDP address is not %s: %w", src, err)
}
dstAddr, err := net.ResolveUDPAddr("udp6", dst)
if err != nil {
return false, fmt.Errorf("dhcpv6: Couldn't resolve UDP address %s: %w", dst, err)
}
return discover6(iface, udpAddr, dstAddr)
}
func discover6(iface *net.Interface, udpAddr, dstAddr *net.UDPAddr) (ok bool, err error) {
req, err := dhcpv6.NewSolicit(iface.HardwareAddr)
if err != nil {
return false, fmt.Errorf("dhcpv6: dhcpv6.NewSolicit: %w", err)
}
log.Debug("DHCPv6: Listening to udp6 %+v", udpAddr)
c, err := nclient6.NewIPv6UDPConn(iface.Name, dhcpv6.DefaultClientPort)
if err != nil {
return false, fmt.Errorf("dhcpv6: Couldn't listen on :546: %w", err)
}
defer func() { err = errors.WithDeferred(err, c.Close()) }()
_, err = c.WriteTo(req.ToBytes(), dstAddr)
if err != nil {
return false, fmt.Errorf("dhcpv6: Couldn't send a packet to %s: %w", dstAddr, err)
}
for {
var next bool
ok, next, err = tryConn6(req, c)
if next {
if err != nil {
log.Debug("dhcpv6: trying a connection: %s", err)
}
continue
}
if err != nil {
return false, err
}
return ok, nil
}
}
// TODO(a.garipov): See the comment on tryConn4. Sigh…
func tryConn6(req *dhcpv6.Message, c net.PacketConn) (ok, next bool, err error) {
// TODO: replicate dhclient's behavior of retrying several times with
// progressively longer timeouts.
log.Tracef("dhcpv6: waiting %v for an answer", defaultDiscoverTime)
b := make([]byte, 4096)
err = c.SetDeadline(time.Now().Add(defaultDiscoverTime))
if err != nil {
return false, false, fmt.Errorf("setting deadline: %w", err)
}
n, _, err := c.ReadFrom(b)
if err != nil {
if isTimeout(err) {
log.Debug("dhcpv6: didn't receive dhcp response")
return false, false, nil
}
return false, false, fmt.Errorf("receiving packet: %w", err)
}
log.Tracef("dhcpv6: received packet, %d bytes", n)
response, err := dhcpv6.FromBytes(b[:n])
if err != nil {
log.Debug("dhcpv6: encoding: %s", err)
return false, true, err
}
log.Debug("dhcpv6: received message from server: %s", response.Summary())
cid := req.Options.ClientID()
msg, err := response.GetInnerMessage()
if err != nil {
log.Debug("dhcpv6: resp.GetInnerMessage(): %s", err)
return false, true, err
}
rcid := msg.Options.ClientID()
if !(response.Type() == dhcpv6.MessageTypeAdvertise &&
msg.TransactionID == req.TransactionID &&
rcid != nil &&
cid.Equal(*rcid)) {
log.Debug("dhcpv6: received message from server doesn't match our request")
return false, true, nil
}
log.Tracef("dhcpv6: the packet is from an active dhcp server")
return true, false, nil
}
// isTimeout returns true if err is an operation timeout error from net package.
//
// TODO(e.burkov): Consider moving into netutil.
func isTimeout(err error) (ok bool) {
var operr *net.OpError
if errors.As(err, &operr) {
return operr.Timeout()
}
return false
}