]>
Commit | Line | Data |
---|---|---|
191b60bd DB |
1 | /* |
2 | * iptoken.c "ip token" | |
3 | * | |
4 | * This program is free software; you can redistribute it and/or | |
5 | * modify it under the terms of the GNU General Public License | |
6 | * as published by the Free Software Foundation; either version | |
7 | * 2 of the License, or (at your option) any later version. | |
8 | * | |
9 | * Authors: Daniel Borkmann, <borkmann@redhat.com> | |
10 | */ | |
11 | ||
12 | #include <stdio.h> | |
13 | #include <stdlib.h> | |
14 | #include <stdbool.h> | |
15 | #include <unistd.h> | |
16 | #include <syslog.h> | |
17 | #include <fcntl.h> | |
18 | #include <string.h> | |
19 | #include <sys/socket.h> | |
20 | #include <netinet/in.h> | |
21 | #include <netinet/ip.h> | |
22 | #include <arpa/inet.h> | |
23 | #include <linux/types.h> | |
24 | #include <linux/if.h> | |
25 | ||
26 | #include "rt_names.h" | |
27 | #include "utils.h" | |
28 | #include "ip_common.h" | |
29 | ||
30 | extern struct rtnl_handle rth; | |
31 | ||
32 | struct rtnl_dump_args { | |
33 | FILE *fp; | |
34 | int ifindex; | |
35 | }; | |
36 | ||
37 | static void usage(void) __attribute__((noreturn)); | |
38 | ||
39 | static void usage(void) | |
40 | { | |
41 | fprintf(stderr, "Usage: ip token [ list | set | get ] [ TOKEN ] [ dev DEV ]\n"); | |
42 | exit(-1); | |
43 | } | |
44 | ||
45 | static int print_token(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) | |
46 | { | |
47 | struct rtnl_dump_args *args = arg; | |
48 | FILE *fp = args->fp; | |
49 | int ifindex = args->ifindex; | |
50 | struct ifinfomsg *ifi = NLMSG_DATA(n); | |
51 | int len = n->nlmsg_len; | |
52 | struct rtattr *tb[IFLA_MAX + 1]; | |
53 | struct rtattr *ltb[IFLA_INET6_MAX + 1]; | |
191b60bd DB |
54 | |
55 | if (n->nlmsg_type != RTM_NEWLINK) | |
56 | return -1; | |
57 | ||
58 | len -= NLMSG_LENGTH(sizeof(*ifi)); | |
59 | if (len < 0) | |
60 | return -1; | |
61 | ||
62 | if (ifi->ifi_family != AF_INET6) | |
63 | return -1; | |
64 | if (ifi->ifi_index == 0) | |
65 | return -1; | |
66 | if (ifindex > 0 && ifi->ifi_index != ifindex) | |
67 | return 0; | |
68 | if (ifi->ifi_flags & (IFF_LOOPBACK | IFF_NOARP)) | |
69 | return 0; | |
70 | ||
71 | parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); | |
72 | if (!tb[IFLA_PROTINFO]) | |
73 | return -1; | |
74 | ||
75 | parse_rtattr_nested(ltb, IFLA_INET6_MAX, tb[IFLA_PROTINFO]); | |
76 | if (!ltb[IFLA_INET6_TOKEN]) { | |
77 | fprintf(stderr, "Seems there's no support for IPv6 token!\n"); | |
78 | return -1; | |
79 | } | |
80 | ||
d49f934c PS |
81 | fprintf(fp, "token %s dev %s\n", |
82 | format_host_rta(ifi->ifi_family, ltb[IFLA_INET6_TOKEN]), | |
83 | ll_index_to_name(ifi->ifi_index)); | |
191b60bd DB |
84 | fflush(fp); |
85 | ||
86 | return 0; | |
87 | } | |
88 | ||
89 | static int iptoken_list(int argc, char **argv) | |
90 | { | |
91 | int af = AF_INET6; | |
92 | struct rtnl_dump_args da; | |
191b60bd DB |
93 | |
94 | memset(&da, 0, sizeof(da)); | |
95 | da.fp = stdout; | |
96 | ||
97 | while (argc > 0) { | |
98 | if (strcmp(*argv, "dev") == 0) { | |
99 | NEXT_ARG(); | |
100 | if ((da.ifindex = ll_name_to_index(*argv)) == 0) | |
101 | invarg("dev is invalid\n", *argv); | |
102 | break; | |
103 | } | |
104 | argc--; argv++; | |
105 | } | |
106 | ||
107 | if (rtnl_wilddump_request(&rth, af, RTM_GETLINK) < 0) { | |
108 | perror("Cannot send dump request"); | |
109 | return -1; | |
110 | } | |
111 | ||
d81f54d5 | 112 | if (rtnl_dump_filter(&rth, print_token, &da) < 0) { |
191b60bd DB |
113 | fprintf(stderr, "Dump terminated\n"); |
114 | return -1; | |
115 | } | |
116 | ||
117 | return 0; | |
118 | } | |
119 | ||
120 | static int iptoken_set(int argc, char **argv) | |
121 | { | |
122 | struct { | |
123 | struct nlmsghdr n; | |
124 | struct ifinfomsg ifi; | |
125 | char buf[512]; | |
126 | } req; | |
127 | struct rtattr *afs, *afs6; | |
128 | bool have_token = false, have_dev = false; | |
129 | inet_prefix addr; | |
130 | ||
131 | memset(&addr, 0, sizeof(addr)); | |
132 | memset(&req, 0, sizeof(req)); | |
133 | ||
134 | req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); | |
135 | req.n.nlmsg_flags = NLM_F_REQUEST; | |
136 | req.n.nlmsg_type = RTM_SETLINK; | |
137 | req.ifi.ifi_family = AF_INET6; | |
138 | ||
139 | while (argc > 0) { | |
140 | if (strcmp(*argv, "dev") == 0) { | |
141 | NEXT_ARG(); | |
142 | if (!have_dev) { | |
143 | if ((req.ifi.ifi_index = | |
144 | ll_name_to_index(*argv)) == 0) | |
145 | invarg("dev is invalid\n", *argv); | |
146 | have_dev = true; | |
147 | } | |
148 | } else { | |
149 | if (matches(*argv, "help") == 0) | |
150 | usage(); | |
151 | if (!have_token) { | |
152 | afs = addattr_nest(&req.n, sizeof(req), IFLA_AF_SPEC); | |
153 | afs6 = addattr_nest(&req.n, sizeof(req), AF_INET6); | |
154 | get_prefix(&addr, *argv, req.ifi.ifi_family); | |
155 | addattr_l(&req.n, sizeof(req), IFLA_INET6_TOKEN, | |
156 | &addr.data, addr.bytelen); | |
157 | addattr_nest_end(&req.n, afs6); | |
158 | addattr_nest_end(&req.n, afs); | |
159 | have_token = true; | |
160 | } | |
161 | } | |
162 | argc--; argv++; | |
163 | } | |
164 | ||
165 | if (!have_token) { | |
56f5daac | 166 | fprintf(stderr, "Not enough information: token is required.\n"); |
191b60bd DB |
167 | return -1; |
168 | } | |
169 | if (!have_dev) { | |
56f5daac | 170 | fprintf(stderr, "Not enough information: \"dev\" argument is required.\n"); |
191b60bd DB |
171 | return -1; |
172 | } | |
173 | ||
c079e121 | 174 | if (rtnl_talk(&rth, &req.n, NULL, 0) < 0) |
191b60bd DB |
175 | return -2; |
176 | ||
177 | return 0; | |
178 | } | |
179 | ||
180 | int do_iptoken(int argc, char **argv) | |
181 | { | |
182 | ll_init_map(&rth); | |
183 | ||
184 | if (argc < 1) { | |
185 | return iptoken_list(0, NULL); | |
186 | } else if (matches(argv[0], "list") == 0 || | |
473544d9 | 187 | matches(argv[0], "lst") == 0 || |
191b60bd DB |
188 | matches(argv[0], "show") == 0) { |
189 | return iptoken_list(argc - 1, argv + 1); | |
190 | } else if (matches(argv[0], "set") == 0 || | |
191 | matches(argv[0], "add") == 0) { | |
192 | return iptoken_set(argc - 1, argv + 1); | |
193 | } else if (matches(argv[0], "get") == 0) { | |
194 | return iptoken_list(argc - 1, argv + 1); | |
195 | } else if (matches(argv[0], "help") == 0) | |
196 | usage(); | |
197 | ||
198 | fprintf(stderr, "Command \"%s\" is unknown, try \"ip token help\".\n", *argv); | |
199 | exit(-1); | |
200 | } |