/* SPDX-License-Identifier: LGPL-2.1+ */
#include "nm-sd-adapt-core.h"
#include <arpa/inet.h>
#include <linux/if.h>
#include "sd-id128.h"
#include "sd-ndisc.h"
#include "alloc-util.h"
#include "arphrd-list.h"
#include "condition.h"
#include "conf-parser.h"
#include "device-util.h"
#include "dhcp-lease-internal.h"
#include "env-util.h"
#include "ether-addr-util.h"
#include "hexdecoct.h"
#include "log.h"
#include "network-internal.h"
#include "parse-util.h"
#include "siphash24.h"
#include "socket-util.h"
#include "string-table.h"
#include "string-util.h"
#include "strv.h"
#include "utf8.h"
#include "util.h"
#if 0 /* NM_IGNORED */
const char *net_get_name_persistent(sd_device *device) {
const char *name, *field;
assert(device);
/* fetch some persistent data unique (on this machine) to this device */
FOREACH_STRING(field, "ID_NET_NAME_ONBOARD", "ID_NET_NAME_SLOT", "ID_NET_NAME_PATH", "ID_NET_NAME_MAC")
if (sd_device_get_property_value(device, field, &name) >= 0)
return name;
return NULL;
}
#define HASH_KEY SD_ID128_MAKE(d3,1e,48,fa,90,fe,4b,4c,9d,af,d5,d7,a1,b1,2e,8a)
int net_get_unique_predictable_data(sd_device *device, bool use_sysname, uint64_t *result) {
size_t l, sz = 0;
const char *name;
int r;
uint8_t *v;
assert(device);
/* net_get_name_persistent() will return one of the device names based on stable information about
* the device. If this is not available, we fall back to using the actual device name. */
name = net_get_name_persistent(device);
if (!name && use_sysname)
(void) sd_device_get_sysname(device, &name);
if (!name)
return log_device_debug_errno(device, SYNTHETIC_ERRNO(ENODATA),
"No stable identifying information found");
log_device_debug(device, "Using \"%s\" as stable identifying information", name);
l = strlen(name);
sz = sizeof(sd_id128_t) + l;
v = newa(uint8_t, sz);
/* Fetch some persistent data unique to this machine */
r = sd_id128_get_machine((sd_id128_t*) v);
if (r < 0)
return r;
memcpy(v + sizeof(sd_id128_t), name, l);
/* Let's hash the machine ID plus the device name. We use
* a fixed, but originally randomly created hash key here. */
*result = htole64(siphash24(v, sz, HASH_KEY.bytes));
return 0;
}
static bool net_condition_test_strv(char * const *patterns, const char *string) {
char * const *p;
bool match = false, has_positive_rule = false;
if (strv_isempty(patterns))
return true;
STRV_FOREACH(p, patterns) {
const char *q = *p;
bool invert;
invert = *q == '!';
q += invert;
if (!invert)
has_positive_rule = true;
if (string && fnmatch(q, string, 0) == 0) {
if (invert)
return false;
else
match = true;
}
}
return has_positive_rule ? match : true;
}
static bool net_condition_test_ifname(char * const *patterns, const char *ifname, char * const *alternative_names) {
if (net_condition_test_strv(patterns, ifname))
return true;
char * const *p;
STRV_FOREACH(p, alternative_names)
if (net_condition_test_strv(patterns, *p))
return true;
return false;
}
static int net_condition_test_property(char * const *match_property, sd_device *device) {
char * const *p;
if (strv_isempty(match_property))
return true;
STRV_FOREACH(p, match_property) {
_cleanup_free_ char *key = NULL;
const char *val, *dev_val;
bool invert, v;
invert = **p == '!';
val = strchr(*p + invert, '=');
if (!val)
return -EINVAL;
key = strndup(*p + invert, val - *p - invert);
if (!key)
return -ENOMEM;
val++;
v = device &&
sd_device_get_property_value(device, key, &dev_val) >= 0 &&
fnmatch(val, dev_val, 0) == 0;
if (invert ? v : !v)
return false;
}
return true;
}
static const char *const wifi_iftype_table[NL80211_IFTYPE_MAX+1] = {
[NL80211_IFTYPE_ADHOC] = "ad-hoc",
[NL80211_IFTYPE_STATION] = "station",
[NL80211_IFTYPE_AP] = "ap",
[NL80211_IFTYPE_AP_VLAN] = "ap-vlan",
[NL80211_IFTYPE_WDS] = "wds",
[NL80211_IFTYPE_MONITOR] = "monitor",
[NL80211_IFTYPE_MESH_POINT] = "mesh-point",
[NL80211_IFTYPE_P2P_CLIENT] = "p2p-client",
[NL80211_IFTYPE_P2P_GO] = "p2p-go",
[NL80211_IFTYPE_P2P_DEVICE] = "p2p-device",
[NL80211_IFTYPE_OCB] = "ocb",
[NL80211_IFTYPE_NAN] = "nan",
};
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(wifi_iftype, enum nl80211_iftype);
char *link_get_type_string(unsigned short iftype, sd_device *device) {
const char *t, *devtype;
char *p;
if (device &&
sd_device_get_devtype(device, &devtype) >= 0 &&
!isempty(devtype))
return strdup(devtype);
t = arphrd_to_name(iftype);
if (!t)
return NULL;
p = strdup(t);
if (!p)
return NULL;
ascii_strlower(p);
return p;
}
bool net_match_config(Set *match_mac,
Set *match_permanent_mac,
char * const *match_paths,
char * const *match_drivers,
char * const *match_iftypes,
char * const *match_names,
char * const *match_property,
char * const *match_wifi_iftype,
char * const *match_ssid,
Set *match_bssid,
sd_device *device,
const struct ether_addr *dev_mac,
const struct ether_addr *dev_permanent_mac,
const char *dev_driver,
unsigned short dev_iftype,
const char *dev_name,
char * const *alternative_names,
enum nl80211_iftype dev_wifi_iftype,
const char *dev_ssid,
const struct ether_addr *dev_bssid) {
_cleanup_free_ char *dev_iftype_str;
const char *dev_path = NULL;
dev_iftype_str = link_get_type_string(dev_iftype, device);
if (device) {
const char *mac_str;
(void) sd_device_get_property_value(device, "ID_PATH", &dev_path);
if (!dev_driver)
(void) sd_device_get_property_value(device, "ID_NET_DRIVER", &dev_driver);
if (!dev_name)
(void) sd_device_get_sysname(device, &dev_name);
if (!dev_mac &&
sd_device_get_sysattr_value(device, "address", &mac_str) >= 0)
dev_mac = ether_aton(mac_str);
}
if (match_mac && (!dev_mac || !set_contains(match_mac, dev_mac)))
return false;
if (match_permanent_mac &&
(!dev_permanent_mac ||
ether_addr_is_null(dev_permanent_mac) ||
!set_contains(match_permanent_mac, dev_permanent_mac)))
return false;
if (!net_condition_test_strv(match_paths, dev_path))
return false;
if (!net_condition_test_strv(match_drivers, dev_driver))
return false;
if (!net_condition_test_strv(match_iftypes, dev_iftype_str))
return false;
if (!net_condition_test_ifname(match_names, dev_name, alternative_names))
return false;
if (!net_condition_test_property(match_property, device))
return false;
if (!net_condition_test_strv(match_wifi_iftype, wifi_iftype_to_string(dev_wifi_iftype)))
return false;
if (!net_condition_test_strv(match_ssid, dev_ssid))
return false;
if (match_bssid && (!dev_bssid || !set_contains(match_bssid, dev_bssid)))
return false;
return true;
}
int config_parse_net_condition(const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
ConditionType cond = ltype;
Condition **list = data, *c;
bool negate;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
if (isempty(rvalue)) {
*list = condition_free_list_type(*list, cond);
return 0;
}
negate = rvalue[0] == '!';
if (negate)
rvalue++;
c = condition_new(cond, rvalue, false, negate);
if (!c)
return log_oom();
/* Drop previous assignment. */
*list = condition_free_list_type(*list, cond);
LIST_PREPEND(conditions, *list, c);
return 0;
}
int config_parse_match_strv(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
const char *p = rvalue;
char ***sv = data;
bool invert;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
if (isempty(rvalue)) {
*sv = strv_free(*sv);
return 0;
}
invert = *p == '!';
p += invert;
for (;;) {
_cleanup_free_ char *word = NULL, *k = NULL;
r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE);
if (r == 0)
return 0;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
return 0;
}
if (invert) {
k = strjoin("!", word);
if (!k)
return log_oom();
} else
k = TAKE_PTR(word);
r = strv_consume(sv, TAKE_PTR(k));
if (r < 0)
return log_oom();
}
}
int config_parse_match_ifnames(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
const char *p = rvalue;
char ***sv = data;
bool invert;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
invert = *p == '!';
p += invert;
for (;;) {
_cleanup_free_ char *word = NULL, *k = NULL;
r = extract_first_word(&p, &word, NULL, 0);
if (r == 0)
return 0;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, 0,
"Failed to parse interface name list: %s", rvalue);
return 0;
}
if (!ifname_valid_full(word, ltype)) {
log_syntax(unit, LOG_ERR, filename, line, 0,
"Interface name is not valid or too long, ignoring assignment: %s", word);
continue;
}
if (invert) {
k = strjoin("!", word);
if (!k)
return log_oom();
} else
k = TAKE_PTR(word);
r = strv_consume(sv, TAKE_PTR(k));
if (r < 0)
return log_oom();
}
}
int config_parse_match_property(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
const char *p = rvalue;
char ***sv = data;
bool invert;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
invert = *p == '!';
p += invert;
for (;;) {
_cleanup_free_ char *word = NULL, *k = NULL;
r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
if (r == 0)
return 0;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, 0,
"Invalid syntax, ignoring: %s", rvalue);
return 0;
}
if (!env_assignment_is_valid(word)) {
log_syntax(unit, LOG_ERR, filename, line, 0,
"Invalid property or value, ignoring assignment: %s", word);
continue;
}
if (invert) {
k = strjoin("!", word);
if (!k)
return log_oom();
} else
k = TAKE_PTR(word);
r = strv_consume(sv, TAKE_PTR(k));
if (r < 0)
return log_oom();
}
}
int config_parse_ifalias(const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
char **s = data;
_cleanup_free_ char *n = NULL;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
n = strdup(rvalue);
if (!n)
return log_oom();
if (!ascii_is_valid(n) || strlen(n) >= IFALIASZ) {
log_syntax(unit, LOG_ERR, filename, line, 0, "Interface alias is not ASCII clean or is too long, ignoring assignment: %s", rvalue);
return 0;
}
if (isempty(n))
*s = mfree(*s);
else
free_and_replace(*s, n);
return 0;
}
int config_parse_hwaddr(const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_free_ struct ether_addr *n = NULL;
struct ether_addr **hwaddr = data;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
n = new0(struct ether_addr, 1);
if (!n)
return log_oom();
r = ether_addr_from_string(rvalue, n);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r, "Not a valid MAC address, ignoring assignment: %s", rvalue);
return 0;
}
free_and_replace(*hwaddr, n);
return 0;
}
int config_parse_hwaddrs(const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
_cleanup_set_free_free_ Set *s = NULL;
const char *p = rvalue;
Set **hwaddrs = data;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
if (isempty(rvalue)) {
/* Empty assignment resets the list */
*hwaddrs = set_free_free(*hwaddrs);
return 0;
}
s = set_new(ðer_addr_hash_ops);
if (!s)
return log_oom();
for (;;) {
_cleanup_free_ char *word = NULL;
_cleanup_free_ struct ether_addr *n = NULL;
r = extract_first_word(&p, &word, NULL, 0);
if (r == 0)
break;
if (r == -ENOMEM)
return log_oom();
if (r < 0) {
log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
return 0;
}
n = new(struct ether_addr, 1);
if (!n)
return log_oom();
r = ether_addr_from_string(word, n);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, 0, "Not a valid MAC address, ignoring: %s", word);
continue;
}
r = set_put(s, n);
if (r < 0)
return log_oom();
if (r > 0)
n = NULL; /* avoid cleanup */
}
r = set_ensure_allocated(hwaddrs, ðer_addr_hash_ops);
if (r < 0)
return log_oom();
r = set_move(*hwaddrs, s);
if (r < 0)
return log_oom();
return 0;
}
int config_parse_bridge_port_priority(
const char *unit,
const char *filename,
unsigned line,
const char *section,
unsigned section_line,
const char *lvalue,
int ltype,
const char *rvalue,
void *data,
void *userdata) {
uint16_t i;
int r;
assert(filename);
assert(lvalue);
assert(rvalue);
assert(data);
r = safe_atou16(rvalue, &i);
if (r < 0) {
log_syntax(unit, LOG_ERR, filename, line, r,
"Failed to parse bridge port priority, ignoring: %s", rvalue);
return 0;
}
if (i > LINK_BRIDGE_PORT_PRIORITY_MAX) {
log_syntax(unit, LOG_ERR, filename, line, r,
"Bridge port priority is larger than maximum %u, ignoring: %s", LINK_BRIDGE_PORT_PRIORITY_MAX, rvalue);
return 0;
}
*((uint16_t *)data) = i;
return 0;
}
#endif /* NM_IGNORED */
size_t serialize_in_addrs(FILE *f,
const struct in_addr *addresses,
size_t size,
bool *with_leading_space,
bool (*predicate)(const struct in_addr *addr)) {
assert(f);
assert(addresses);
size_t count = 0;
bool _space = false;
if (!with_leading_space)
with_leading_space = &_space;
for (size_t i = 0; i < size; i++) {
char sbuf[INET_ADDRSTRLEN];
if (predicate && !predicate(&addresses[i]))
continue;
if (*with_leading_space)
fputc(' ', f);
fputs(inet_ntop(AF_INET, &addresses[i], sbuf, sizeof(sbuf)), f);
count++;
*with_leading_space = true;
}
return count;
}
int deserialize_in_addrs(struct in_addr **ret, const char *string) {
_cleanup_free_ struct in_addr *addresses = NULL;
int size = 0;
assert(ret);
assert(string);
for (;;) {
_cleanup_free_ char *word = NULL;
struct in_addr *new_addresses;
int r;
r = extract_first_word(&string, &word, NULL, 0);
if (r < 0)
return r;
if (r == 0)
break;
new_addresses = reallocarray(addresses, size + 1, sizeof(struct in_addr));
if (!new_addresses)
return -ENOMEM;
else
addresses = new_addresses;
r = inet_pton(AF_INET, word, &(addresses[size]));
if (r <= 0)
continue;
size++;
}
*ret = size > 0 ? TAKE_PTR(addresses) : NULL;
return size;
}
void serialize_in6_addrs(FILE *f, const struct in6_addr *addresses, size_t size, bool *with_leading_space) {
assert(f);
assert(addresses);
assert(size);
bool _space = false;
if (!with_leading_space)
with_leading_space = &_space;
for (size_t i = 0; i < size; i++) {
char buffer[INET6_ADDRSTRLEN];
if (*with_leading_space)
fputc(' ', f);
fputs(inet_ntop(AF_INET6, addresses+i, buffer, sizeof(buffer)), f);
*with_leading_space = true;
}
}
int deserialize_in6_addrs(struct in6_addr **ret, const char *string) {
_cleanup_free_ struct in6_addr *addresses = NULL;
int size = 0;
assert(ret);
assert(string);
for (;;) {
_cleanup_free_ char *word = NULL;
struct in6_addr *new_addresses;
int r;
r = extract_first_word(&string, &word, NULL, 0);
if (r < 0)
return r;
if (r == 0)
break;
new_addresses = reallocarray(addresses, size + 1, sizeof(struct in6_addr));
if (!new_addresses)
return -ENOMEM;
else
addresses = new_addresses;
r = inet_pton(AF_INET6, word, &(addresses[size]));
if (r <= 0)
continue;
size++;
}
*ret = TAKE_PTR(addresses);
return size;
}
void serialize_dhcp_routes(FILE *f, const char *key, sd_dhcp_route **routes, size_t size) {
assert(f);
assert(key);
assert(routes);
assert(size);
fprintf(f, "%s=", key);
for (size_t i = 0; i < size; i++) {
char sbuf[INET_ADDRSTRLEN];
struct in_addr dest, gw;
uint8_t length;
assert_se(sd_dhcp_route_get_destination(routes[i], &dest) >= 0);
assert_se(sd_dhcp_route_get_gateway(routes[i], &gw) >= 0);
assert_se(sd_dhcp_route_get_destination_prefix_length(routes[i], &length) >= 0);
fprintf(f, "%s/%" PRIu8, inet_ntop(AF_INET, &dest, sbuf, sizeof sbuf), length);
fprintf(f, ",%s%s", inet_ntop(AF_INET, &gw, sbuf, sizeof sbuf), i < size - 1 ? " ": "");
}
fputs("\n", f);
}
int deserialize_dhcp_routes(struct sd_dhcp_route **ret, size_t *ret_size, size_t *ret_allocated, const char *string) {
_cleanup_free_ struct sd_dhcp_route *routes = NULL;
size_t size = 0, allocated = 0;
assert(ret);
assert(ret_size);
assert(ret_allocated);
assert(string);
/* WORD FORMAT: dst_ip/dst_prefixlen,gw_ip */
for (;;) {
_cleanup_free_ char *word = NULL;
char *tok, *tok_end;
unsigned n;
int r;
r = extract_first_word(&string, &word, NULL, 0);
if (r < 0)
return r;
if (r == 0)
break;
if (!GREEDY_REALLOC(routes, allocated, size + 1))
return -ENOMEM;
tok = word;
/* get the subnet */
tok_end = strchr(tok, '/');
if (!tok_end)
continue;
*tok_end = '\0';
r = inet_aton(tok, &routes[size].dst_addr);
if (r == 0)
continue;
tok = tok_end + 1;
/* get the prefixlen */
tok_end = strchr(tok, ',');
if (!tok_end)
continue;
*tok_end = '\0';
r = safe_atou(tok, &n);
if (r < 0 || n > 32)
continue;
routes[size].dst_prefixlen = (uint8_t) n;
tok = tok_end + 1;
/* get the gateway */
r = inet_aton(tok, &routes[size].gw_addr);
if (r == 0)
continue;
size++;
}
*ret_size = size;
*ret_allocated = allocated;
*ret = TAKE_PTR(routes);
return 0;
}
int serialize_dhcp_option(FILE *f, const char *key, const void *data, size_t size) {
_cleanup_free_ char *hex_buf = NULL;
assert(f);
assert(key);
assert(data);
hex_buf = hexmem(data, size);
if (!hex_buf)
return -ENOMEM;
fprintf(f, "%s=%s\n", key, hex_buf);
return 0;
}