]>
Commit | Line | Data |
---|---|---|
191b60bd DB |
1 | /* |
2 | * iptoken.c "ip token" | |
3 | * | |
4 | * This program is free software; you can redistribute it and/or | |
5 | * modify it under the terms of the GNU General Public License | |
6 | * as published by the Free Software Foundation; either version | |
7 | * 2 of the License, or (at your option) any later version. | |
8 | * | |
9 | * Authors: Daniel Borkmann, <borkmann@redhat.com> | |
10 | */ | |
11 | ||
12 | #include <stdio.h> | |
13 | #include <stdlib.h> | |
14 | #include <stdbool.h> | |
15 | #include <unistd.h> | |
16 | #include <syslog.h> | |
17 | #include <fcntl.h> | |
18 | #include <string.h> | |
19 | #include <sys/socket.h> | |
20 | #include <netinet/in.h> | |
21 | #include <netinet/ip.h> | |
22 | #include <arpa/inet.h> | |
23 | #include <linux/types.h> | |
24 | #include <linux/if.h> | |
25 | ||
26 | #include "rt_names.h" | |
27 | #include "utils.h" | |
28 | #include "ip_common.h" | |
29 | ||
30 | extern struct rtnl_handle rth; | |
31 | ||
32 | struct rtnl_dump_args { | |
33 | FILE *fp; | |
34 | int ifindex; | |
35 | }; | |
36 | ||
37 | static void usage(void) __attribute__((noreturn)); | |
38 | ||
39 | static void usage(void) | |
40 | { | |
f8daee42 | 41 | fprintf(stderr, "Usage: ip token [ list | set | del | get ] [ TOKEN ] [ dev DEV ]\n"); |
191b60bd DB |
42 | exit(-1); |
43 | } | |
44 | ||
45 | static int print_token(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) | |
46 | { | |
47 | struct rtnl_dump_args *args = arg; | |
48 | FILE *fp = args->fp; | |
49 | int ifindex = args->ifindex; | |
50 | struct ifinfomsg *ifi = NLMSG_DATA(n); | |
51 | int len = n->nlmsg_len; | |
52 | struct rtattr *tb[IFLA_MAX + 1]; | |
53 | struct rtattr *ltb[IFLA_INET6_MAX + 1]; | |
191b60bd DB |
54 | |
55 | if (n->nlmsg_type != RTM_NEWLINK) | |
56 | return -1; | |
57 | ||
58 | len -= NLMSG_LENGTH(sizeof(*ifi)); | |
59 | if (len < 0) | |
60 | return -1; | |
61 | ||
62 | if (ifi->ifi_family != AF_INET6) | |
63 | return -1; | |
64 | if (ifi->ifi_index == 0) | |
65 | return -1; | |
66 | if (ifindex > 0 && ifi->ifi_index != ifindex) | |
67 | return 0; | |
68 | if (ifi->ifi_flags & (IFF_LOOPBACK | IFF_NOARP)) | |
69 | return 0; | |
70 | ||
71 | parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); | |
72 | if (!tb[IFLA_PROTINFO]) | |
73 | return -1; | |
74 | ||
75 | parse_rtattr_nested(ltb, IFLA_INET6_MAX, tb[IFLA_PROTINFO]); | |
76 | if (!ltb[IFLA_INET6_TOKEN]) { | |
77 | fprintf(stderr, "Seems there's no support for IPv6 token!\n"); | |
78 | return -1; | |
79 | } | |
80 | ||
d49f934c PS |
81 | fprintf(fp, "token %s dev %s\n", |
82 | format_host_rta(ifi->ifi_family, ltb[IFLA_INET6_TOKEN]), | |
83 | ll_index_to_name(ifi->ifi_index)); | |
191b60bd DB |
84 | fflush(fp); |
85 | ||
86 | return 0; | |
87 | } | |
88 | ||
89 | static int iptoken_list(int argc, char **argv) | |
90 | { | |
91 | int af = AF_INET6; | |
d17b136f | 92 | struct rtnl_dump_args da = { .fp = stdout }; |
191b60bd DB |
93 | |
94 | while (argc > 0) { | |
95 | if (strcmp(*argv, "dev") == 0) { | |
96 | NEXT_ARG(); | |
97 | if ((da.ifindex = ll_name_to_index(*argv)) == 0) | |
98 | invarg("dev is invalid\n", *argv); | |
99 | break; | |
100 | } | |
101 | argc--; argv++; | |
102 | } | |
103 | ||
104 | if (rtnl_wilddump_request(&rth, af, RTM_GETLINK) < 0) { | |
105 | perror("Cannot send dump request"); | |
106 | return -1; | |
107 | } | |
108 | ||
d81f54d5 | 109 | if (rtnl_dump_filter(&rth, print_token, &da) < 0) { |
191b60bd DB |
110 | fprintf(stderr, "Dump terminated\n"); |
111 | return -1; | |
112 | } | |
113 | ||
114 | return 0; | |
115 | } | |
116 | ||
f8daee42 | 117 | static int iptoken_set(int argc, char **argv, bool delete) |
191b60bd DB |
118 | { |
119 | struct { | |
120 | struct nlmsghdr n; | |
121 | struct ifinfomsg ifi; | |
122 | char buf[512]; | |
d17b136f PS |
123 | } req = { |
124 | .n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)), | |
125 | .n.nlmsg_flags = NLM_F_REQUEST, | |
126 | .n.nlmsg_type = RTM_SETLINK, | |
127 | .ifi.ifi_family = AF_INET6, | |
128 | }; | |
191b60bd | 129 | struct rtattr *afs, *afs6; |
f8daee42 DB |
130 | bool have_token = delete, have_dev = false; |
131 | inet_prefix addr = { .bytelen = 16, }; | |
191b60bd | 132 | |
191b60bd DB |
133 | while (argc > 0) { |
134 | if (strcmp(*argv, "dev") == 0) { | |
135 | NEXT_ARG(); | |
136 | if (!have_dev) { | |
137 | if ((req.ifi.ifi_index = | |
138 | ll_name_to_index(*argv)) == 0) | |
139 | invarg("dev is invalid\n", *argv); | |
140 | have_dev = true; | |
141 | } | |
142 | } else { | |
143 | if (matches(*argv, "help") == 0) | |
144 | usage(); | |
145 | if (!have_token) { | |
191b60bd | 146 | get_prefix(&addr, *argv, req.ifi.ifi_family); |
191b60bd DB |
147 | have_token = true; |
148 | } | |
149 | } | |
150 | argc--; argv++; | |
151 | } | |
152 | ||
153 | if (!have_token) { | |
56f5daac | 154 | fprintf(stderr, "Not enough information: token is required.\n"); |
191b60bd DB |
155 | return -1; |
156 | } | |
157 | if (!have_dev) { | |
56f5daac | 158 | fprintf(stderr, "Not enough information: \"dev\" argument is required.\n"); |
191b60bd DB |
159 | return -1; |
160 | } | |
161 | ||
f8daee42 DB |
162 | afs = addattr_nest(&req.n, sizeof(req), IFLA_AF_SPEC); |
163 | afs6 = addattr_nest(&req.n, sizeof(req), AF_INET6); | |
164 | addattr_l(&req.n, sizeof(req), IFLA_INET6_TOKEN, | |
165 | &addr.data, addr.bytelen); | |
166 | addattr_nest_end(&req.n, afs6); | |
167 | addattr_nest_end(&req.n, afs); | |
168 | ||
c079e121 | 169 | if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) |
191b60bd DB |
170 | return -2; |
171 | ||
172 | return 0; | |
173 | } | |
174 | ||
175 | int do_iptoken(int argc, char **argv) | |
176 | { | |
177 | ll_init_map(&rth); | |
178 | ||
179 | if (argc < 1) { | |
180 | return iptoken_list(0, NULL); | |
181 | } else if (matches(argv[0], "list") == 0 || | |
473544d9 | 182 | matches(argv[0], "lst") == 0 || |
191b60bd DB |
183 | matches(argv[0], "show") == 0) { |
184 | return iptoken_list(argc - 1, argv + 1); | |
185 | } else if (matches(argv[0], "set") == 0 || | |
186 | matches(argv[0], "add") == 0) { | |
f8daee42 DB |
187 | return iptoken_set(argc - 1, argv + 1, false); |
188 | } else if (matches(argv[0], "delete") == 0) { | |
189 | return iptoken_set(argc - 1, argv + 1, true); | |
191b60bd DB |
190 | } else if (matches(argv[0], "get") == 0) { |
191 | return iptoken_list(argc - 1, argv + 1); | |
192 | } else if (matches(argv[0], "help") == 0) | |
193 | usage(); | |
194 | ||
195 | fprintf(stderr, "Command \"%s\" is unknown, try \"ip token help\".\n", *argv); | |
196 | exit(-1); | |
197 | } |