[mirror_iproute2.git] / ip / iptoken.c

/*
 * iptoken.c    "ip token"
 *
 *              This program is free software; you can redistribute it and/or
 *              modify it under the terms of the GNU General Public License
 *              as published by the Free Software Foundation; either version
 *              2 of the License, or (at your option) any later version.
 *
 * Authors:     Daniel Borkmann, <borkmann@redhat.com>
 */

#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <unistd.h>
#include <fcntl.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <linux/types.h>
#include <linux/if.h>

#include "rt_names.h"
#include "utils.h"
#include "ip_common.h"
#include "json_print.h"

extern struct rtnl_handle rth;

struct rtnl_dump_args {
	FILE *fp;
	int ifindex;
};

static void usage(void) __attribute__((noreturn));

static void usage(void)
{
	fprintf(stderr, "Usage: ip token [ list | set | del | get ] [ TOKEN ] [ dev DEV ]\n");
	exit(-1);
}

static int print_token(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg)
{
	struct rtnl_dump_args *args = arg;
	FILE *fp = args->fp;
	int ifindex = args->ifindex;
	struct ifinfomsg *ifi = NLMSG_DATA(n);
	int len = n->nlmsg_len;
	struct rtattr *tb[IFLA_MAX + 1];
	struct rtattr *ltb[IFLA_INET6_MAX + 1];

	if (n->nlmsg_type != RTM_NEWLINK)
		return -1;

	len -= NLMSG_LENGTH(sizeof(*ifi));
	if (len < 0)
		return -1;

	if (ifi->ifi_family != AF_INET6)
		return -1;
	if (ifi->ifi_index == 0)
		return -1;
	if (ifindex > 0 && ifi->ifi_index != ifindex)
		return 0;
	if (ifi->ifi_flags & (IFF_LOOPBACK | IFF_NOARP))
		return 0;

	parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len);
	if (!tb[IFLA_PROTINFO])
		return -1;

	parse_rtattr_nested(ltb, IFLA_INET6_MAX, tb[IFLA_PROTINFO]);
	if (!ltb[IFLA_INET6_TOKEN]) {
		fprintf(stderr, "Seems there's no support for IPv6 token!\n");
		return -1;
	}

	open_json_object(NULL);
	print_string(PRINT_FP, NULL, "token ", NULL);
	print_color_string(PRINT_ANY,
			   ifa_family_color(ifi->ifi_family),
			   "token", "%s",
			   format_host_rta(ifi->ifi_family, ltb[IFLA_INET6_TOKEN]));
	print_string(PRINT_FP, NULL, " dev ", NULL);
	print_color_string(PRINT_ANY, COLOR_IFNAME,
			   "ifname", "%s\n",
			   ll_index_to_name(ifi->ifi_index));
	close_json_object();
	fflush(fp);

	return 0;
}

static int iptoken_list(int argc, char **argv)
{
	int af = AF_INET6;
	struct rtnl_dump_args da = { .fp = stdout };

	while (argc > 0) {
		if (strcmp(*argv, "dev") == 0) {
			NEXT_ARG();
			if ((da.ifindex = ll_name_to_index(*argv)) == 0)
				invarg("dev is invalid\n", *argv);
			break;
		}
		argc--; argv++;
	}

	if (rtnl_wilddump_request(&rth, af, RTM_GETLINK) < 0) {
		perror("Cannot send dump request");
		return -1;
	}

	new_json_obj(json);
	if (rtnl_dump_filter(&rth, print_token, &da) < 0) {
		delete_json_obj();
		fprintf(stderr, "Dump terminated\n");
		return -1;
	}
	delete_json_obj();

	return 0;
}

static int iptoken_set(int argc, char **argv, bool delete)
{
	struct {
		struct nlmsghdr n;
		struct ifinfomsg ifi;
		char buf[512];
	} req = {
		.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)),
		.n.nlmsg_flags = NLM_F_REQUEST,
		.n.nlmsg_type = RTM_SETLINK,
		.ifi.ifi_family = AF_INET6,
	};
	struct rtattr *afs, *afs6;
	bool have_token = delete, have_dev = false;
	inet_prefix addr = { .bytelen = 16, };

	while (argc > 0) {
		if (strcmp(*argv, "dev") == 0) {
			NEXT_ARG();
			if (!have_dev) {
				if ((req.ifi.ifi_index =
				     ll_name_to_index(*argv)) == 0)
					invarg("dev is invalid\n", *argv);
				have_dev = true;
			}
		} else {
			if (matches(*argv, "help") == 0)
				usage();
			if (!have_token) {
				get_prefix(&addr, *argv, req.ifi.ifi_family);
				have_token = true;
			}
		}
		argc--; argv++;
	}

	if (!have_token) {
		fprintf(stderr, "Not enough information: token is required.\n");
		return -1;
	}
	if (!have_dev) {
		fprintf(stderr, "Not enough information: \"dev\" argument is required.\n");
		return -1;
	}

	afs = addattr_nest(&req.n, sizeof(req), IFLA_AF_SPEC);
	afs6 = addattr_nest(&req.n, sizeof(req), AF_INET6);
	addattr_l(&req.n, sizeof(req), IFLA_INET6_TOKEN,
		  &addr.data, addr.bytelen);
	addattr_nest_end(&req.n, afs6);
	addattr_nest_end(&req.n, afs);

	if (rtnl_talk(&rth, &req.n, NULL) < 0)
		return -2;

	return 0;
}

int do_iptoken(int argc, char **argv)
{
	ll_init_map(&rth);

	if (argc < 1) {
		return iptoken_list(0, NULL);
	} else if (matches(argv[0], "list") == 0 ||
		   matches(argv[0], "lst") == 0 ||
		   matches(argv[0], "show") == 0) {
		return iptoken_list(argc - 1, argv + 1);
	} else if (matches(argv[0], "set") == 0 ||
		   matches(argv[0], "add") == 0) {
		return iptoken_set(argc - 1, argv + 1, false);
	} else if (matches(argv[0], "delete") == 0) {
		return iptoken_set(argc - 1, argv + 1, true);
	} else if (matches(argv[0], "get") == 0) {
		return iptoken_list(argc - 1, argv + 1);
	} else if (matches(argv[0], "help") == 0)
		usage();

	fprintf(stderr, "Command \"%s\" is unknown, try \"ip token help\".\n", *argv);
	exit(-1);
}
Commit	Line	Data
191b60bd DB	1	/*
	2	* iptoken.c "ip token"
	3	*
	4	* This program is free software; you can redistribute it and/or
	5	* modify it under the terms of the GNU General Public License
	6	* as published by the Free Software Foundation; either version
	7	* 2 of the License, or (at your option) any later version.
	8	*
	9	* Authors: Daniel Borkmann, <borkmann@redhat.com>
	10	*/
	11
	12	#include <stdio.h>
	13	#include <stdlib.h>
	14	#include <stdbool.h>
	15	#include <unistd.h>
191b60bd DB	16	#include <fcntl.h>
	17	#include <string.h>
	18	#include <sys/socket.h>
	19	#include <netinet/in.h>
	20	#include <netinet/ip.h>
	21	#include <arpa/inet.h>
	22	#include <linux/types.h>
	23	#include <linux/if.h>
	24
	25	#include "rt_names.h"
	26	#include "utils.h"
	27	#include "ip_common.h"
b62ec792	28	#include "json_print.h"
191b60bd DB	29
	30	extern struct rtnl_handle rth;
	31
	32	struct rtnl_dump_args {
	33	FILE *fp;
	34	int ifindex;
	35	};
	36
	37	static void usage(void) __attribute__((noreturn));
	38
	39	static void usage(void)
	40	{
f8daee42	41	fprintf(stderr, "Usage: ip token [ list \| set \| del \| get ] [ TOKEN ] [ dev DEV ]\n");
191b60bd DB	42	exit(-1);
	43	}
	44
	45	static int print_token(const struct sockaddr_nl who, struct nlmsghdr n, void *arg)
	46	{
	47	struct rtnl_dump_args *args = arg;
	48	FILE *fp = args->fp;
	49	int ifindex = args->ifindex;
	50	struct ifinfomsg *ifi = NLMSG_DATA(n);
	51	int len = n->nlmsg_len;
	52	struct rtattr *tb[IFLA_MAX + 1];
	53	struct rtattr *ltb[IFLA_INET6_MAX + 1];
191b60bd DB	54
	55	if (n->nlmsg_type != RTM_NEWLINK)
	56	return -1;
	57
	58	len -= NLMSG_LENGTH(sizeof(*ifi));
	59	if (len < 0)
	60	return -1;
	61
	62	if (ifi->ifi_family != AF_INET6)
	63	return -1;
	64	if (ifi->ifi_index == 0)
	65	return -1;
	66	if (ifindex > 0 && ifi->ifi_index != ifindex)
	67	return 0;
	68	if (ifi->ifi_flags & (IFF_LOOPBACK \| IFF_NOARP))
	69	return 0;
	70
	71	parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len);
	72	if (!tb[IFLA_PROTINFO])
	73	return -1;
	74
	75	parse_rtattr_nested(ltb, IFLA_INET6_MAX, tb[IFLA_PROTINFO]);
	76	if (!ltb[IFLA_INET6_TOKEN]) {
	77	fprintf(stderr, "Seems there's no support for IPv6 token!\n");
	78	return -1;
	79	}
	80
b62ec792 SH	81	open_json_object(NULL);
	82	print_string(PRINT_FP, NULL, "token ", NULL);
	83	print_color_string(PRINT_ANY,
	84	ifa_family_color(ifi->ifi_family),
	85	"token", "%s",
	86	format_host_rta(ifi->ifi_family, ltb[IFLA_INET6_TOKEN]));
	87	print_string(PRINT_FP, NULL, " dev ", NULL);
	88	print_color_string(PRINT_ANY, COLOR_IFNAME,
	89	"ifname", "%s\n",
	90	ll_index_to_name(ifi->ifi_index));
	91	close_json_object();
191b60bd DB	92	fflush(fp);
	93
	94	return 0;
	95	}
	96
	97	static int iptoken_list(int argc, char **argv)
	98	{
	99	int af = AF_INET6;
d17b136f	100	struct rtnl_dump_args da = { .fp = stdout };
191b60bd DB	101
	102	while (argc > 0) {
	103	if (strcmp(*argv, "dev") == 0) {
	104	NEXT_ARG();
	105	if ((da.ifindex = ll_name_to_index(*argv)) == 0)
	106	invarg("dev is invalid\n", *argv);
	107	break;
	108	}
	109	argc--; argv++;
	110	}
	111
	112	if (rtnl_wilddump_request(&rth, af, RTM_GETLINK) < 0) {
	113	perror("Cannot send dump request");
	114	return -1;
	115	}
	116
b62ec792	117	new_json_obj(json);
d81f54d5	118	if (rtnl_dump_filter(&rth, print_token, &da) < 0) {
b62ec792	119	delete_json_obj();
191b60bd DB	120	fprintf(stderr, "Dump terminated\n");
	121	return -1;
	122	}
b62ec792	123	delete_json_obj();
191b60bd DB	124
	125	return 0;
	126	}
	127
f8daee42	128	static int iptoken_set(int argc, char **argv, bool delete)
191b60bd DB	129	{
	130	struct {
	131	struct nlmsghdr n;
	132	struct ifinfomsg ifi;
	133	char buf[512];
d17b136f PS	134	} req = {
	135	.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)),
	136	.n.nlmsg_flags = NLM_F_REQUEST,
	137	.n.nlmsg_type = RTM_SETLINK,
	138	.ifi.ifi_family = AF_INET6,
	139	};
191b60bd	140	struct rtattr afs, afs6;
f8daee42 DB	141	bool have_token = delete, have_dev = false;
f8daee42 DB	142	inet_prefix addr = { .bytelen = 16, };
191b60bd	143
191b60bd DB	144	while (argc > 0) {
	145	if (strcmp(*argv, "dev") == 0) {
	146	NEXT_ARG();
	147	if (!have_dev) {
	148	if ((req.ifi.ifi_index =
	149	ll_name_to_index(*argv)) == 0)
	150	invarg("dev is invalid\n", *argv);
	151	have_dev = true;
	152	}
	153	} else {
	154	if (matches(*argv, "help") == 0)
	155	usage();
	156	if (!have_token) {
191b60bd	157	get_prefix(&addr, *argv, req.ifi.ifi_family);
191b60bd DB	158	have_token = true;
	159	}
	160	}
	161	argc--; argv++;
	162	}
	163
	164	if (!have_token) {
56f5daac	165	fprintf(stderr, "Not enough information: token is required.\n");
191b60bd DB	166	return -1;
	167	}
	168	if (!have_dev) {
56f5daac	169	fprintf(stderr, "Not enough information: \"dev\" argument is required.\n");
191b60bd DB	170	return -1;
	171	}
	172
f8daee42 DB	173	afs = addattr_nest(&req.n, sizeof(req), IFLA_AF_SPEC);
	174	afs6 = addattr_nest(&req.n, sizeof(req), AF_INET6);
	175	addattr_l(&req.n, sizeof(req), IFLA_INET6_TOKEN,
	176	&addr.data, addr.bytelen);
	177	addattr_nest_end(&req.n, afs6);
	178	addattr_nest_end(&req.n, afs);
	179
86bf43c7	180	if (rtnl_talk(&rth, &req.n, NULL) < 0)
191b60bd DB	181	return -2;
	182
	183	return 0;
	184	}
	185
	186	int do_iptoken(int argc, char **argv)
	187	{
	188	ll_init_map(&rth);
	189
	190	if (argc < 1) {
	191	return iptoken_list(0, NULL);
	192	} else if (matches(argv[0], "list") == 0 \|\|
473544d9	193	matches(argv[0], "lst") == 0 \|\|
191b60bd DB	194	matches(argv[0], "show") == 0) {
	195	return iptoken_list(argc - 1, argv + 1);
	196	} else if (matches(argv[0], "set") == 0 \|\|
	197	matches(argv[0], "add") == 0) {
f8daee42 DB	198	return iptoken_set(argc - 1, argv + 1, false);
	199	} else if (matches(argv[0], "delete") == 0) {
	200	return iptoken_set(argc - 1, argv + 1, true);
191b60bd DB	201	} else if (matches(argv[0], "get") == 0) {
	202	return iptoken_list(argc - 1, argv + 1);
	203	} else if (matches(argv[0], "help") == 0)
	204	usage();
	205
	206	fprintf(stderr, "Command \"%s\" is unknown, try \"ip token help\".\n", *argv);
	207	exit(-1);
	208	}