mukesh agrawal | ddc378f | 2012-02-17 18:26:20 -0800 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "shill/connection.h" |
| 6 | |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 7 | #include <arpa/inet.h> |
| 8 | #include <linux/rtnetlink.h> |
| 9 | |
Alex Vakulenko | 8a53229 | 2014-06-16 17:18:44 -0700 | [diff] [blame] | 10 | #include <set> |
| 11 | |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 12 | #include "shill/device_info.h" |
Christopher Wiley | b691efd | 2012-08-09 13:51:51 -0700 | [diff] [blame] | 13 | #include "shill/logging.h" |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 14 | #include "shill/resolver.h" |
| 15 | #include "shill/routing_table.h" |
| 16 | #include "shill/rtnl_handler.h" |
| 17 | |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 18 | using base::Bind; |
| 19 | using base::Closure; |
| 20 | using base::Unretained; |
| 21 | using std::deque; |
Alex Deymo | fddc09a | 2013-07-03 18:41:31 -0700 | [diff] [blame] | 22 | using std::set; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 23 | using std::string; |
Paul Stewart | d62d603 | 2012-09-11 11:35:49 -0700 | [diff] [blame] | 24 | using std::vector; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 25 | |
| 26 | namespace shill { |
| 27 | |
| 28 | // static |
Ben Chan | 7fab897 | 2014-08-10 17:14:46 -0700 | [diff] [blame] | 29 | const uint32_t Connection::kDefaultMetric = 1; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 30 | // static |
Ben Chan | 7fab897 | 2014-08-10 17:14:46 -0700 | [diff] [blame] | 31 | const uint32_t Connection::kNonDefaultMetricBase = 10; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 32 | |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 33 | Connection::Binder::Binder(const string &name, |
| 34 | const Closure &disconnect_callback) |
| 35 | : name_(name), |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 36 | client_disconnect_callback_(disconnect_callback) {} |
| 37 | |
| 38 | Connection::Binder::~Binder() { |
| 39 | Attach(NULL); |
| 40 | } |
| 41 | |
Darin Petkov | ef1f9fe | 2012-05-11 16:51:52 +0200 | [diff] [blame] | 42 | void Connection::Binder::Attach(const ConnectionRefPtr &to_connection) { |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 43 | if (connection_) { |
| 44 | connection_->DetachBinder(this); |
| 45 | LOG(INFO) << name_ << ": unbound from connection: " |
| 46 | << connection_->interface_name(); |
Darin Petkov | ef1f9fe | 2012-05-11 16:51:52 +0200 | [diff] [blame] | 47 | connection_.reset(); |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 48 | } |
Darin Petkov | ef1f9fe | 2012-05-11 16:51:52 +0200 | [diff] [blame] | 49 | if (to_connection) { |
| 50 | connection_ = to_connection->weak_ptr_factory_.GetWeakPtr(); |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 51 | connection_->AttachBinder(this); |
| 52 | LOG(INFO) << name_ << ": bound to connection: " |
| 53 | << connection_->interface_name(); |
| 54 | } |
| 55 | } |
| 56 | |
| 57 | void Connection::Binder::OnDisconnect() { |
| 58 | LOG(INFO) << name_ << ": bound connection disconnected: " |
| 59 | << connection_->interface_name(); |
Darin Petkov | ef1f9fe | 2012-05-11 16:51:52 +0200 | [diff] [blame] | 60 | connection_.reset(); |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 61 | if (!client_disconnect_callback_.is_null()) { |
| 62 | SLOG(Connection, 2) << "Running client disconnect callback."; |
| 63 | client_disconnect_callback_.Run(); |
| 64 | } |
| 65 | } |
| 66 | |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 67 | Connection::Connection(int interface_index, |
| 68 | const std::string& interface_name, |
Paul Stewart | e00600e | 2012-03-16 07:08:00 -0700 | [diff] [blame] | 69 | Technology::Identifier technology, |
mukesh agrawal | 23ac6b7 | 2013-01-31 18:52:37 -0800 | [diff] [blame] | 70 | const DeviceInfo *device_info) |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 71 | : weak_ptr_factory_(this), |
| 72 | is_default_(false), |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 73 | has_broadcast_domain_(false), |
Paul Stewart | c8f4bef | 2011-12-13 09:45:51 -0800 | [diff] [blame] | 74 | routing_request_count_(0), |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 75 | interface_index_(interface_index), |
| 76 | interface_name_(interface_name), |
Paul Stewart | e00600e | 2012-03-16 07:08:00 -0700 | [diff] [blame] | 77 | technology_(technology), |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 78 | local_(IPAddress::kFamilyUnknown), |
| 79 | gateway_(IPAddress::kFamilyUnknown), |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 80 | lower_binder_( |
| 81 | interface_name_, |
| 82 | // Connection owns a single instance of |lower_binder_| so it's safe |
| 83 | // to use an Unretained callback. |
| 84 | Bind(&Connection::OnLowerDisconnect, Unretained(this))), |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 85 | device_info_(device_info), |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 86 | resolver_(Resolver::GetInstance()), |
| 87 | routing_table_(RoutingTable::GetInstance()), |
| 88 | rtnl_handler_(RTNLHandler::GetInstance()) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 89 | SLOG(Connection, 2) << __func__ << "(" << interface_index << ", " |
| 90 | << interface_name << ", " |
| 91 | << Technology::NameFromIdentifier(technology) << ")"; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 92 | } |
| 93 | |
| 94 | Connection::~Connection() { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 95 | SLOG(Connection, 2) << __func__ << " " << interface_name_; |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 96 | |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 97 | NotifyBindersOnDisconnect(); |
| 98 | |
Paul Stewart | c8f4bef | 2011-12-13 09:45:51 -0800 | [diff] [blame] | 99 | DCHECK(!routing_request_count_); |
Thieu Le | fb46caf | 2012-03-08 11:57:15 -0800 | [diff] [blame] | 100 | routing_table_->FlushRoutes(interface_index_); |
Paul Stewart | e93b038 | 2012-04-24 13:11:28 -0700 | [diff] [blame] | 101 | routing_table_->FlushRoutesWithTag(interface_index_); |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 102 | device_info_->FlushAddresses(interface_index_); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 103 | } |
| 104 | |
| 105 | void Connection::UpdateFromIPConfig(const IPConfigRefPtr &config) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 106 | SLOG(Connection, 2) << __func__ << " " << interface_name_; |
Paul Stewart | e613202 | 2011-08-16 09:11:02 -0700 | [diff] [blame] | 107 | |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 108 | const IPConfig::Properties &properties = config->properties(); |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 109 | IPAddress gateway(properties.address_family); |
| 110 | if (!properties.gateway.empty() && |
| 111 | !gateway.SetAddressFromString(properties.gateway)) { |
| 112 | LOG(ERROR) << "Gateway address " << properties.gateway << " is invalid"; |
Paul Stewart | e93b038 | 2012-04-24 13:11:28 -0700 | [diff] [blame] | 113 | return; |
| 114 | } |
| 115 | |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 116 | IPAddress trusted_ip(properties.address_family); |
| 117 | if (!properties.trusted_ip.empty()) { |
| 118 | if (!trusted_ip.SetAddressFromString(properties.trusted_ip)) { |
| 119 | LOG(ERROR) << "Trusted IP address " |
| 120 | << properties.trusted_ip << " is invalid"; |
| 121 | return; |
| 122 | } |
| 123 | if (!PinHostRoute(trusted_ip, gateway)) { |
| 124 | LOG(ERROR) << "Unable to pin host route to " << properties.trusted_ip; |
| 125 | return; |
| 126 | } |
| 127 | } |
| 128 | |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 129 | IPAddress local(properties.address_family); |
| 130 | if (!local.SetAddressFromString(properties.address)) { |
| 131 | LOG(ERROR) << "Local address " << properties.address << " is invalid"; |
| 132 | return; |
| 133 | } |
Paul Stewart | 48100b0 | 2012-03-19 07:53:52 -0700 | [diff] [blame] | 134 | local.set_prefix(properties.subnet_prefix); |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 135 | |
| 136 | IPAddress broadcast(properties.address_family); |
Paul Stewart | 1062d9d | 2012-04-27 10:42:27 -0700 | [diff] [blame] | 137 | if (properties.broadcast_address.empty()) { |
Paul Stewart | fe1c0e1 | 2012-04-30 19:57:04 -0700 | [diff] [blame] | 138 | if (properties.peer_address.empty()) { |
Paul Stewart | 1062d9d | 2012-04-27 10:42:27 -0700 | [diff] [blame] | 139 | LOG(WARNING) << "Broadcast address is not set. Using default."; |
Paul Stewart | fe1c0e1 | 2012-04-30 19:57:04 -0700 | [diff] [blame] | 140 | broadcast = local.GetDefaultBroadcast(); |
Paul Stewart | 1062d9d | 2012-04-27 10:42:27 -0700 | [diff] [blame] | 141 | } |
| 142 | } else if (!broadcast.SetAddressFromString(properties.broadcast_address)) { |
Paul Stewart | 9a90808 | 2011-08-31 12:18:48 -0700 | [diff] [blame] | 143 | LOG(ERROR) << "Broadcast address " << properties.broadcast_address |
| 144 | << " is invalid"; |
| 145 | return; |
| 146 | } |
| 147 | |
Paul Stewart | 48100b0 | 2012-03-19 07:53:52 -0700 | [diff] [blame] | 148 | IPAddress peer(properties.address_family); |
| 149 | if (!properties.peer_address.empty() && |
| 150 | !peer.SetAddressFromString(properties.peer_address)) { |
| 151 | LOG(ERROR) << "Peer address " << properties.peer_address |
| 152 | << " is invalid"; |
| 153 | return; |
| 154 | } |
| 155 | |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 156 | if (!FixGatewayReachability(&local, &peer, &gateway, trusted_ip)) { |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 157 | LOG(WARNING) << "Expect limited network connectivity."; |
| 158 | } |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 159 | |
Paul Stewart | 05a42c2 | 2012-08-02 16:47:21 -0700 | [diff] [blame] | 160 | if (device_info_->HasOtherAddress(interface_index_, local)) { |
| 161 | // The address has changed for this interface. We need to flush |
| 162 | // everything and start over. |
| 163 | LOG(INFO) << __func__ << ": Flushing old addresses and routes."; |
| 164 | routing_table_->FlushRoutes(interface_index_); |
| 165 | device_info_->FlushAddresses(interface_index_); |
| 166 | } |
| 167 | |
Paul Stewart | e78ec54 | 2012-06-08 18:28:50 -0700 | [diff] [blame] | 168 | LOG(INFO) << __func__ << ": Installing with parameters:" |
| 169 | << " local=" << local.ToString() |
| 170 | << " broadcast=" << broadcast.ToString() |
| 171 | << " peer=" << peer.ToString() |
| 172 | << " gateway=" << gateway.ToString(); |
Paul Stewart | 48100b0 | 2012-03-19 07:53:52 -0700 | [diff] [blame] | 173 | rtnl_handler_->AddInterfaceAddress(interface_index_, local, broadcast, peer); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 174 | |
Paul Stewart | e78ec54 | 2012-06-08 18:28:50 -0700 | [diff] [blame] | 175 | if (gateway.IsValid()) { |
| 176 | routing_table_->SetDefaultRoute(interface_index_, gateway, |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 177 | GetMetric(is_default_)); |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 178 | } |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 179 | |
Paul Stewart | 3f68bb1 | 2012-03-15 13:33:10 -0700 | [diff] [blame] | 180 | // Install any explicitly configured routes at the default metric. |
| 181 | routing_table_->ConfigureRoutes(interface_index_, config, kDefaultMetric); |
| 182 | |
Ben Chan | a016312 | 2012-09-25 15:10:52 -0700 | [diff] [blame] | 183 | if (properties.blackhole_ipv6) { |
| 184 | routing_table_->CreateBlackholeRoute(interface_index_, |
| 185 | IPAddress::kFamilyIPv6, |
| 186 | kDefaultMetric); |
| 187 | } |
| 188 | |
Paul Stewart | d62d603 | 2012-09-11 11:35:49 -0700 | [diff] [blame] | 189 | // Save a copy of the last non-null DNS config. |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 190 | if (!config->properties().dns_servers.empty()) { |
| 191 | dns_servers_ = config->properties().dns_servers; |
Paul Stewart | d62d603 | 2012-09-11 11:35:49 -0700 | [diff] [blame] | 192 | } |
| 193 | |
| 194 | if (!config->properties().domain_search.empty()) { |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 195 | dns_domain_search_ = config->properties().domain_search; |
Paul Stewart | d62d603 | 2012-09-11 11:35:49 -0700 | [diff] [blame] | 196 | } |
| 197 | |
| 198 | if (!config->properties().domain_name.empty()) { |
| 199 | dns_domain_name_ = config->properties().domain_name; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 200 | } |
| 201 | |
Paul Stewart | 10241e3 | 2012-04-23 18:15:06 -0700 | [diff] [blame] | 202 | ipconfig_rpc_identifier_ = config->GetRpcIdentifier(); |
| 203 | |
Peter Qiu | a89154b | 2014-05-23 15:45:42 -0700 | [diff] [blame] | 204 | PushDNSConfig(); |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 205 | |
| 206 | local_ = local; |
| 207 | gateway_ = gateway; |
| 208 | has_broadcast_domain_ = !peer.IsValid(); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 209 | } |
| 210 | |
Paul Stewart | c1dec4d | 2011-12-08 15:25:28 -0800 | [diff] [blame] | 211 | void Connection::SetIsDefault(bool is_default) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 212 | SLOG(Connection, 2) << __func__ << " " << interface_name_ |
| 213 | << " (index " << interface_index_ << ") " |
| 214 | << is_default_ << " -> " << is_default; |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 215 | if (is_default == is_default_) { |
| 216 | return; |
| 217 | } |
| 218 | |
Paul Stewart | 7cfca04 | 2011-12-08 14:18:17 -0800 | [diff] [blame] | 219 | routing_table_->SetDefaultMetric(interface_index_, GetMetric(is_default)); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 220 | |
Paul Stewart | c681fa0 | 2012-03-02 19:40:04 -0800 | [diff] [blame] | 221 | is_default_ = is_default; |
| 222 | |
Peter Qiu | a89154b | 2014-05-23 15:45:42 -0700 | [diff] [blame] | 223 | PushDNSConfig(); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 224 | if (is_default) { |
Paul Stewart | c681fa0 | 2012-03-02 19:40:04 -0800 | [diff] [blame] | 225 | DeviceRefPtr device = device_info_->GetDevice(interface_index_); |
| 226 | if (device) { |
| 227 | device->RequestPortalDetection(); |
| 228 | } |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 229 | } |
Paul Stewart | e78ec54 | 2012-06-08 18:28:50 -0700 | [diff] [blame] | 230 | routing_table_->FlushCache(); |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 231 | } |
| 232 | |
Peter Qiu | a89154b | 2014-05-23 15:45:42 -0700 | [diff] [blame] | 233 | void Connection::UpdateDNSServers(const vector<string> &dns_servers) { |
| 234 | dns_servers_ = dns_servers; |
| 235 | PushDNSConfig(); |
| 236 | } |
| 237 | |
Paul Stewart | 6f65c0b | 2012-09-11 14:57:32 -0700 | [diff] [blame] | 238 | void Connection::PushDNSConfig() { |
Peter Qiu | a89154b | 2014-05-23 15:45:42 -0700 | [diff] [blame] | 239 | if (!is_default_) { |
| 240 | return; |
| 241 | } |
| 242 | |
Paul Stewart | 6f65c0b | 2012-09-11 14:57:32 -0700 | [diff] [blame] | 243 | vector<string> domain_search = dns_domain_search_; |
| 244 | if (domain_search.empty() && !dns_domain_name_.empty()) { |
| 245 | SLOG(Connection, 2) << "Setting domain search to domain name " |
| 246 | << dns_domain_name_; |
| 247 | domain_search.push_back(dns_domain_name_ + "."); |
| 248 | } |
mukesh agrawal | 23ac6b7 | 2013-01-31 18:52:37 -0800 | [diff] [blame] | 249 | resolver_->SetDNSFromLists(dns_servers_, domain_search); |
Paul Stewart | 6f65c0b | 2012-09-11 14:57:32 -0700 | [diff] [blame] | 250 | } |
| 251 | |
Paul Stewart | c8f4bef | 2011-12-13 09:45:51 -0800 | [diff] [blame] | 252 | void Connection::RequestRouting() { |
| 253 | if (routing_request_count_++ == 0) { |
| 254 | DeviceRefPtr device = device_info_->GetDevice(interface_index_); |
| 255 | DCHECK(device.get()); |
| 256 | if (!device.get()) { |
| 257 | LOG(ERROR) << "Device is NULL!"; |
| 258 | return; |
| 259 | } |
| 260 | device->DisableReversePathFilter(); |
| 261 | } |
| 262 | } |
| 263 | |
| 264 | void Connection::ReleaseRouting() { |
Alex Vakulenko | 8a53229 | 2014-06-16 17:18:44 -0700 | [diff] [blame] | 265 | DCHECK_GT(routing_request_count_, 0); |
Paul Stewart | c8f4bef | 2011-12-13 09:45:51 -0800 | [diff] [blame] | 266 | if (--routing_request_count_ == 0) { |
| 267 | DeviceRefPtr device = device_info_->GetDevice(interface_index_); |
| 268 | DCHECK(device.get()); |
| 269 | if (!device.get()) { |
| 270 | LOG(ERROR) << "Device is NULL!"; |
| 271 | return; |
| 272 | } |
| 273 | device->EnableReversePathFilter(); |
| 274 | |
| 275 | // Clear any cached routes that might have accumulated while reverse-path |
| 276 | // filtering was disabled. |
| 277 | routing_table_->FlushCache(); |
| 278 | } |
| 279 | } |
| 280 | |
Paul Stewart | f748a36 | 2012-03-07 12:01:20 -0800 | [diff] [blame] | 281 | bool Connection::RequestHostRoute(const IPAddress &address) { |
| 282 | // Set the prefix to be the entire address size. |
| 283 | IPAddress address_prefix(address); |
| 284 | address_prefix.set_prefix(address_prefix.GetLength() * 8); |
| 285 | |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 286 | // Do not set interface_index_ since this may not be the default route through |
| 287 | // which this destination can be found. However, we should tag the created |
| 288 | // route with our interface index so we can clean this route up when this |
| 289 | // connection closes. Also, add route query callback to determine the lower |
| 290 | // connection and bind to it. |
| 291 | if (!routing_table_->RequestRouteToHost( |
| 292 | address_prefix, |
| 293 | -1, |
| 294 | interface_index_, |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 295 | Bind(&Connection::OnRouteQueryResponse, |
| 296 | weak_ptr_factory_.GetWeakPtr()))) { |
Paul Stewart | f748a36 | 2012-03-07 12:01:20 -0800 | [diff] [blame] | 297 | LOG(ERROR) << "Could not request route to " << address.ToString(); |
| 298 | return false; |
| 299 | } |
| 300 | |
| 301 | return true; |
| 302 | } |
| 303 | |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 304 | // static |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 305 | bool Connection::FixGatewayReachability(IPAddress *local, |
Paul Stewart | 4925829 | 2012-05-26 06:37:14 -0700 | [diff] [blame] | 306 | IPAddress *peer, |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 307 | IPAddress *gateway, |
| 308 | const IPAddress &trusted_ip) { |
| 309 | if (!gateway->IsValid()) { |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 310 | LOG(WARNING) << "No gateway address was provided for this connection."; |
| 311 | return false; |
| 312 | } |
| 313 | |
Paul Stewart | 4925829 | 2012-05-26 06:37:14 -0700 | [diff] [blame] | 314 | if (peer->IsValid()) { |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 315 | if (!gateway->Equals(*peer)) { |
| 316 | LOG(WARNING) << "Gateway address " |
| 317 | << gateway->ToString() |
| 318 | << " does not match peer address " |
| 319 | << peer->ToString(); |
| 320 | return false; |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 321 | } |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 322 | if (gateway->Equals(trusted_ip)) { |
| 323 | // In order to send outgoing traffic in a point-to-point network, |
| 324 | // the gateway IP address isn't of significance. As opposed to |
| 325 | // broadcast networks, we never ARP for the gateway IP address, |
| 326 | // but just send the IP packet addressed to the recipient. As |
| 327 | // such, since using the external trusted IP address as the |
| 328 | // gateway or peer wreaks havoc on the routing rules, we choose |
| 329 | // not to supply a gateway address. Here's an example: |
| 330 | // |
| 331 | // Client <-> Internet <-> VPN Gateway <-> Internal Network |
| 332 | // 192.168.1.2 10.0.1.25 172.16.5.0/24 |
| 333 | // |
| 334 | // In this example, a client connects to a VPN gateway on its |
| 335 | // public IP address 10.0.1.25. It gets issued an IP address |
| 336 | // from the VPN internal pool. For some VPN gateways, this |
| 337 | // results in a pushed-down PPP configuration which specifies: |
| 338 | // |
| 339 | // Client local address: 172.16.5.13 |
| 340 | // Client peer address: 10.0.1.25 |
| 341 | // Client default gateway: 10.0.1.25 |
| 342 | // |
| 343 | // If we take this literally, we need to resolve the fact that |
| 344 | // 10.0.1.25 is now listed as the default gateway and interface |
| 345 | // peer address for the point-to-point interface. However, in |
| 346 | // order to route tunneled packets to the VPN gateway we must |
| 347 | // use the external route through the physical interface and |
| 348 | // not the tunnel, or else we end up in an infinite loop |
| 349 | // re-entering the tunnel trying to route towards the VPN server. |
| 350 | // |
| 351 | // We can do this by pinning a route, but we would need to wait |
| 352 | // for the pinning process to complete before assigning this |
| 353 | // address. Currently this process is asynchronous and will |
| 354 | // complete only after returning to the event loop. Additionally, |
| 355 | // since there's no metric associated with assigning an address |
| 356 | // to an interface, it's always possible that having the peer |
| 357 | // address of the interface might still trump a host route. |
| 358 | // |
| 359 | // To solve this problem, we reset the peer and gateway |
| 360 | // addresses. Neither is required in order to perform the |
| 361 | // underlying routing task. A gateway route can be specified |
| 362 | // without an IP endpoint on point-to-point links, and simply |
| 363 | // specify the outbound interface index. Similarly, a peer |
| 364 | // IP address is not necessary either, and will be assigned |
| 365 | // the same IP address as the local IP. This approach |
| 366 | // simplifies routing and doesn't change the desired |
| 367 | // functional behavior. |
| 368 | // |
| 369 | LOG(INFO) << "Removing gateway and peer addresses to preserve " |
| 370 | << "routability to trusted IP address."; |
| 371 | peer->SetAddressToDefault(); |
| 372 | gateway->SetAddressToDefault(); |
| 373 | } |
| 374 | return true; |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 375 | } |
| 376 | |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 377 | if (local->CanReachAddress(*gateway)) { |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 378 | return true; |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 379 | } |
| 380 | |
| 381 | LOG(WARNING) << "Gateway " |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 382 | << gateway->ToString() |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 383 | << " is unreachable from local address/prefix " |
| 384 | << local->ToString() << "/" << local->prefix(); |
| 385 | |
Paul Stewart | 2aa5d7d | 2012-06-21 22:16:54 -0700 | [diff] [blame] | 386 | bool found_new_prefix = false; |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 387 | size_t original_prefix = local->prefix(); |
Paul Stewart | 2aa5d7d | 2012-06-21 22:16:54 -0700 | [diff] [blame] | 388 | // Only try to expand the netmask if the configured prefix is |
| 389 | // less than "all ones". This special-cases the "all-ones" |
| 390 | // prefix as a forced conversion to point-to-point networking. |
| 391 | if (local->prefix() < IPAddress::GetMaxPrefixLength(local->family())) { |
| 392 | size_t prefix = original_prefix - 1; |
| 393 | for (; prefix >= local->GetMinPrefixLength(); --prefix) { |
| 394 | local->set_prefix(prefix); |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 395 | if (local->CanReachAddress(*gateway)) { |
Paul Stewart | 2aa5d7d | 2012-06-21 22:16:54 -0700 | [diff] [blame] | 396 | found_new_prefix = true; |
| 397 | break; |
| 398 | } |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 399 | } |
| 400 | } |
| 401 | |
Paul Stewart | 2aa5d7d | 2012-06-21 22:16:54 -0700 | [diff] [blame] | 402 | if (!found_new_prefix) { |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 403 | // Restore the original prefix since we cannot find a better one. |
| 404 | local->set_prefix(original_prefix); |
Paul Stewart | 4925829 | 2012-05-26 06:37:14 -0700 | [diff] [blame] | 405 | DCHECK(!peer->IsValid()); |
| 406 | LOG(WARNING) << "Assuming point-to-point configuration."; |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 407 | *peer = *gateway; |
Paul Stewart | 4925829 | 2012-05-26 06:37:14 -0700 | [diff] [blame] | 408 | return true; |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 409 | } |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 410 | |
Paul Stewart | 2aa5d7d | 2012-06-21 22:16:54 -0700 | [diff] [blame] | 411 | LOG(WARNING) << "Mitigating this by setting local prefix to " |
| 412 | << local->prefix(); |
Paul Stewart | 53a3038 | 2012-04-26 09:06:59 -0700 | [diff] [blame] | 413 | return true; |
Paul Stewart | 5b7ba8c | 2012-04-18 09:08:00 -0700 | [diff] [blame] | 414 | } |
| 415 | |
Ben Chan | 7fab897 | 2014-08-10 17:14:46 -0700 | [diff] [blame] | 416 | uint32_t Connection::GetMetric(bool is_default) { |
Paul Stewart | 7cfca04 | 2011-12-08 14:18:17 -0800 | [diff] [blame] | 417 | // If this is not the default route, assign a metric based on the interface |
| 418 | // index. This way all non-default routes (even to the same gateway IP) end |
| 419 | // up with unique metrics so they do not collide. |
| 420 | return is_default ? kDefaultMetric : kNonDefaultMetricBase + interface_index_; |
| 421 | } |
| 422 | |
Paul Stewart | 73fcc3f | 2013-02-25 12:16:53 -0800 | [diff] [blame] | 423 | bool Connection::PinHostRoute(const IPAddress &trusted_ip, |
| 424 | const IPAddress &gateway) { |
Paul Stewart | e93b038 | 2012-04-24 13:11:28 -0700 | [diff] [blame] | 425 | SLOG(Connection, 2) << __func__; |
Paul Stewart | e435d34 | 2013-09-27 16:41:00 -0700 | [diff] [blame] | 426 | if (!trusted_ip.IsValid()) { |
| 427 | LOG(ERROR) << "No trusted IP -- unable to pin host route."; |
Paul Stewart | e93b038 | 2012-04-24 13:11:28 -0700 | [diff] [blame] | 428 | return false; |
| 429 | } |
| 430 | |
Paul Stewart | e435d34 | 2013-09-27 16:41:00 -0700 | [diff] [blame] | 431 | if (!gateway.IsValid()) { |
| 432 | // Although we cannot pin a host route, we are also not going to create |
| 433 | // a gateway route that will interfere with our primary connection, so |
| 434 | // it is okay to return success here. |
| 435 | LOG(WARNING) << "No gateway -- unable to pin host route."; |
| 436 | return true; |
| 437 | } |
| 438 | |
Paul Stewart | e93b038 | 2012-04-24 13:11:28 -0700 | [diff] [blame] | 439 | return RequestHostRoute(trusted_ip); |
| 440 | } |
| 441 | |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 442 | void Connection::OnRouteQueryResponse(int interface_index, |
| 443 | const RoutingTableEntry &entry) { |
| 444 | SLOG(Connection, 2) << __func__ << "(" << interface_index << ", " |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 445 | << entry.tag << ")" << " @ " << interface_name_; |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 446 | lower_binder_.Attach(NULL); |
| 447 | DeviceRefPtr device = device_info_->GetDevice(interface_index); |
| 448 | if (!device) { |
| 449 | LOG(ERROR) << "Unable to lookup device for index " << interface_index; |
| 450 | return; |
| 451 | } |
| 452 | ConnectionRefPtr connection = device->connection(); |
| 453 | if (!connection) { |
| 454 | LOG(ERROR) << "Device " << interface_index << " has no connection."; |
| 455 | return; |
| 456 | } |
| 457 | lower_binder_.Attach(connection); |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 458 | connection->CreateGatewayRoute(); |
Paul Stewart | 8596f9f | 2013-03-14 07:58:26 -0700 | [diff] [blame] | 459 | device->OnConnectionUpdated(); |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 460 | } |
| 461 | |
| 462 | bool Connection::CreateGatewayRoute() { |
| 463 | // Ensure that the gateway for the lower connection remains reachable, |
| 464 | // since we may create routes that conflict with it. |
| 465 | if (!has_broadcast_domain_) { |
| 466 | return false; |
| 467 | } |
Paul Stewart | 856b884 | 2013-07-10 11:59:13 -0700 | [diff] [blame] | 468 | |
| 469 | // If there is no gateway, don't try to create a route to it. |
| 470 | if (!gateway_.IsValid()) { |
| 471 | return false; |
| 472 | } |
| 473 | |
Paul Stewart | 4a6748d | 2012-07-17 14:31:36 -0700 | [diff] [blame] | 474 | // It is not worth keeping track of this route, since it is benign, |
| 475 | // and only pins persistent state that was already true of the connection. |
| 476 | // If DHCP parameters change later (without the connection having been |
| 477 | // destroyed and recreated), the binding processes will likely terminate |
| 478 | // and restart, causing a new link route to be created. |
| 479 | return routing_table_->CreateLinkRoute(interface_index_, local_, gateway_); |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 480 | } |
| 481 | |
| 482 | void Connection::OnLowerDisconnect() { |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 483 | SLOG(Connection, 2) << __func__ << " @ " << interface_name_; |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 484 | // Ensures that |this| instance doesn't get destroyed in the middle of |
| 485 | // notifying the binders. This method needs to be separate from |
| 486 | // NotifyBindersOnDisconnect because the latter may be invoked by Connection's |
| 487 | // destructor when |this| instance's reference count is already 0. |
| 488 | ConnectionRefPtr connection(this); |
| 489 | connection->NotifyBindersOnDisconnect(); |
| 490 | } |
| 491 | |
| 492 | void Connection::NotifyBindersOnDisconnect() { |
| 493 | // Note that this method may be invoked by the destructor. |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 494 | SLOG(Connection, 2) << __func__ << " @ " << interface_name_; |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 495 | |
| 496 | // Unbinds the lower connection before notifying the binders. This ensures |
| 497 | // correct behavior in case of circular binding. |
| 498 | lower_binder_.Attach(NULL); |
| 499 | while (!binders_.empty()) { |
| 500 | // Pop the binder first and then notify it to ensure that each binder is |
| 501 | // notified only once. |
| 502 | Binder *binder = binders_.front(); |
| 503 | binders_.pop_front(); |
| 504 | binder->OnDisconnect(); |
| 505 | } |
| 506 | } |
| 507 | |
| 508 | void Connection::AttachBinder(Binder *binder) { |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 509 | SLOG(Connection, 2) << __func__ << "(" << binder->name() << ")" << " @ " |
| 510 | << interface_name_; |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 511 | binders_.push_back(binder); |
| 512 | } |
| 513 | |
| 514 | void Connection::DetachBinder(Binder *binder) { |
Darin Petkov | 5eb0542 | 2012-05-11 15:45:25 +0200 | [diff] [blame] | 515 | SLOG(Connection, 2) << __func__ << "(" << binder->name() << ")" << " @ " |
| 516 | << interface_name_; |
Paul Stewart | 6db7b24 | 2014-05-02 15:34:21 -0700 | [diff] [blame] | 517 | for (auto it = binders_.begin(); it != binders_.end(); ++it) { |
Darin Petkov | 13e6d55 | 2012-05-09 14:22:23 +0200 | [diff] [blame] | 518 | if (binder == *it) { |
| 519 | binders_.erase(it); |
| 520 | return; |
| 521 | } |
| 522 | } |
| 523 | } |
| 524 | |
Alex Deymo | fddc09a | 2013-07-03 18:41:31 -0700 | [diff] [blame] | 525 | ConnectionRefPtr Connection::GetCarrierConnection() { |
| 526 | SLOG(Connection, 2) << __func__ << " @ " << interface_name_; |
| 527 | set<Connection *> visited; |
| 528 | ConnectionRefPtr carrier = this; |
| 529 | while (carrier->GetLowerConnection()) { |
| 530 | if (ContainsKey(visited, carrier.get())) { |
| 531 | LOG(ERROR) << "Circular connection chain starting at: " |
| 532 | << carrier->interface_name(); |
| 533 | // If a loop is detected return a NULL value to signal that the carrier |
| 534 | // connection is unknown. |
| 535 | return NULL; |
| 536 | } |
| 537 | visited.insert(carrier.get()); |
| 538 | carrier = carrier->GetLowerConnection(); |
| 539 | } |
| 540 | SLOG(Connection, 2) << "Carrier connection: " << carrier->interface_name() |
| 541 | << " @ " << interface_name_; |
| 542 | return carrier; |
| 543 | } |
| 544 | |
Peter Qiu | f3a8f90 | 2014-08-20 10:05:42 -0700 | [diff] [blame] | 545 | bool Connection::IsIPv6() { |
| 546 | return local_.family() == IPAddress::kFamilyIPv6; |
| 547 | } |
| 548 | |
Paul Stewart | dd60e45 | 2011-08-08 11:38:36 -0700 | [diff] [blame] | 549 | } // namespace shill |