diff --git a/SOURCES/0003-libndp-add-option-flags-to-send-messages.patch b/SOURCES/0003-libndp-add-option-flags-to-send-messages.patch new file mode 100644 index 0000000..c2f8999 --- /dev/null +++ b/SOURCES/0003-libndp-add-option-flags-to-send-messages.patch @@ -0,0 +1,210 @@ +From cb1ab5fc8b993f23924385ebee42d52ff45e4e8a Mon Sep 17 00:00:00 2001 +From: Jamie Bainbridge +Date: Thu, 10 Mar 2016 16:12:05 +1000 +Subject: [PATCH 3/6] libndp: add option flags to send messages + +Within NA and RA message types, there are flags such as Solicited and Override +(RFC-4861 Section 4). RA flags are currently implemented but not NA flags, so +add remaining NA flag getters/setters. + +Set Solicited/Override flag on NA when appropriate, add a flags interface to +the send API, and implement ability to send Unsolicited NA. + +Signed-off-by: Jamie Bainbridge +Signed-off-by: Jiri Pirko +--- + include/ndp.h | 13 ++++++- + libndp/libndp.c | 114 +++++++++++++++++++++++++++++++++++++++++++++++++++++++- + 2 files changed, 124 insertions(+), 3 deletions(-) + +diff --git a/include/ndp.h b/include/ndp.h +index 4ca33b8..09b234f 100644 +--- a/include/ndp.h ++++ b/include/ndp.h +@@ -53,6 +53,9 @@ enum ndp_msg_type { + NDP_MSG_ALL, /* Matches all */ + }; + ++#define ND_OPT_NORMAL 0x0000 /* default, no change to ND message */ ++#define ND_OPT_NA_UNSOL 0x0001 /* Unsolicited Neighbour Advertisement */ ++ + enum ndp_route_preference { + NDP_ROUTE_PREF_LOW = 3, + NDP_ROUTE_PREF_MEDIUM = 0, +@@ -76,7 +79,7 @@ enum ndp_msg_type ndp_msg_type(struct ndp_msg *msg); + struct in6_addr *ndp_msg_addrto(struct ndp_msg *msg); + uint32_t ndp_msg_ifindex(struct ndp_msg *msg); + void ndp_msg_ifindex_set(struct ndp_msg *msg, uint32_t ifindex); +-int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg); ++int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags); + + uint8_t ndp_msgra_curhoplimit(struct ndp_msgra *msgra); + void ndp_msgra_curhoplimit_set(struct ndp_msgra *msgra, uint8_t curhoplimit); +@@ -100,6 +103,14 @@ uint32_t ndp_msgra_retransmit_time(struct ndp_msgra *msgra); + void ndp_msgra_retransmit_time_set(struct ndp_msgra *msgra, + uint32_t retransmit_time); + ++bool ndp_msgna_flag_router(struct ndp_msgna *msgna); ++void ndp_msgna_flag_router_set(struct ndp_msgna *msgna, bool flag_router); ++bool ndp_msgna_flag_solicited(struct ndp_msgna *msgna); ++void ndp_msgna_flag_solicited_set(struct ndp_msgna *msgna, ++ bool flag_solicited); ++bool ndp_msgna_flag_override(struct ndp_msgna *msgna); ++void ndp_msgna_flag_override_set(struct ndp_msgna *msgna, bool flag_override); ++ + enum ndp_msg_opt_type { + NDP_MSG_OPT_SLLADDR, /* Source Link-layer Address */ + NDP_MSG_OPT_TLLADDR, /* Target Link-layer Address */ +diff --git a/libndp/libndp.c b/libndp/libndp.c +index e75f4f7..899c2b0 100644 +--- a/libndp/libndp.c ++++ b/libndp/libndp.c +@@ -676,7 +676,7 @@ struct in6_addr *ndp_msg_addrto(struct ndp_msg *msg) + * + * Get interface index of message. + * +- * Returns: Inteface index ++ * Returns: Interface index + **/ + NDP_EXPORT + uint32_t ndp_msg_ifindex(struct ndp_msg *msg) +@@ -700,18 +700,34 @@ void ndp_msg_ifindex_set(struct ndp_msg *msg, uint32_t ifindex) + * ndp_msg_send: + * @ndp: libndp library context + * @msg: message structure ++ * @flags: option flags within message type + * + * Send message. + * + * Returns: zero on success or negative number in case of an error. + **/ + NDP_EXPORT +-int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg) ++int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags) + { + enum ndp_msg_type msg_type = ndp_msg_type(msg); + + if (ndp_msg_type_info(msg_type)->addrto_adjust) + ndp_msg_type_info(msg_type)->addrto_adjust(&msg->addrto); ++ ++ switch (msg_type) { ++ case NDP_MSG_NA: ++ if (flags & ND_OPT_NA_UNSOL) { ++ ndp_msgna_flag_override_set((struct ndp_msgna*)&msg->nd_msg, true); ++ ndp_msgna_flag_solicited_set((struct ndp_msgna*)&msg->nd_msg, false); ++ ndp_msg_addrto_adjust_all_nodes(&msg->addrto); ++ } else { ++ ndp_msgna_flag_solicited_set((struct ndp_msgna*)&msg->nd_msg, true); ++ } ++ break; ++ default: ++ break; ++ } ++ + return mysendto6(ndp->sock, msg->buf, msg->len, 0, + &msg->addrto, msg->ifindex); + } +@@ -958,6 +974,100 @@ void ndp_msgra_retransmit_time_set(struct ndp_msgra *msgra, + + + /** ++ * SECTION: msgna getters/setters ++ * @short_description: Getters and setters for NA message ++ */ ++ ++/** ++ * ndp_msgna_flag_router: ++ * @msgna: NA message structure ++ * ++ * Get NA router flag. ++ * ++ * Returns: router flag. ++ **/ ++NDP_EXPORT ++bool ndp_msgna_flag_router(struct ndp_msgna *msgna) ++{ ++ return msgna->na->nd_na_flags_reserved & ND_NA_FLAG_ROUTER; ++} ++ ++/** ++ * ndp_msgna_flag_router_set: ++ * @msgna: NA message structure ++ * ++ * Set NA router flag. ++ **/ ++NDP_EXPORT ++void ndp_msgna_flag_router_set(struct ndp_msgna *msgna, bool flag_router) ++{ ++ if (flag_router) ++ msgna->na->nd_na_flags_reserved |= ND_NA_FLAG_ROUTER; ++ else ++ msgna->na->nd_na_flags_reserved &= ~ND_NA_FLAG_ROUTER; ++} ++ ++/** ++ * ndp_msgna_flag_solicited: ++ * @msgna: NA message structure ++ * ++ * Get NA solicited flag. ++ * ++ * Returns: solicited flag. ++ **/ ++NDP_EXPORT ++bool ndp_msgna_flag_solicited(struct ndp_msgna *msgna) ++{ ++ return msgna->na->nd_na_flags_reserved & ND_NA_FLAG_SOLICITED; ++} ++ ++/** ++ * ndp_msgna_flag_solicited_set: ++ * @msgna: NA message structure ++ * ++ * Set NA managed flag. ++ **/ ++NDP_EXPORT ++void ndp_msgna_flag_solicited_set(struct ndp_msgna *msgna, bool flag_solicited) ++{ ++ if (flag_solicited) ++ msgna->na->nd_na_flags_reserved |= ND_NA_FLAG_SOLICITED; ++ else ++ msgna->na->nd_na_flags_reserved &= ~ND_NA_FLAG_SOLICITED; ++} ++ ++/** ++ * ndp_msgna_flag_override: ++ * @msgna: NA message structure ++ * ++ * Get NA override flag. ++ * ++ * Returns: override flag. ++ **/ ++NDP_EXPORT ++bool ndp_msgna_flag_override(struct ndp_msgna *msgna) ++{ ++ return msgna->na->nd_na_flags_reserved & ND_NA_FLAG_OVERRIDE; ++} ++ ++/** ++ * ndp_msgna_flag_override_set: ++ * @msgra: NA message structure ++ * ++ * Set NA override flag. ++ */ ++ ++NDP_EXPORT ++void ndp_msgna_flag_override_set(struct ndp_msgna *msgna, bool flag_override) ++{ ++ if (flag_override) ++ msgna->na->nd_na_flags_reserved |= ND_NA_FLAG_OVERRIDE; ++ else ++ msgna->na->nd_na_flags_reserved &= ~ND_NA_FLAG_OVERRIDE; ++} ++ ++ ++/** + * SECTION: msg_opt infrastructure + * @short_description: Infrastructure for options + */ +-- +2.5.5 + diff --git a/SOURCES/0004-ndptool-add-option-to-send-messages-types.patch b/SOURCES/0004-ndptool-add-option-to-send-messages-types.patch new file mode 100644 index 0000000..d65a397 --- /dev/null +++ b/SOURCES/0004-ndptool-add-option-to-send-messages-types.patch @@ -0,0 +1,92 @@ +From 8bd97d7548236a29deeca27c94feb94a1cc71149 Mon Sep 17 00:00:00 2001 +From: Jamie Bainbridge +Date: Thu, 10 Mar 2016 16:12:06 +1000 +Subject: [PATCH 4/6] ndptool: add option to send messages types + +Use the new flags interface of message sending, implement sending +Unsolicited NA in ndptool. -U was chosen to mirror established +convention of unsolicited ARP in arping. + +Signed-off-by: Jamie Bainbridge +Signed-off-by: Jiri Pirko +--- + man/ndptool.8 | 4 ++++ + utils/ndptool.c | 12 ++++++++++-- + 2 files changed, 14 insertions(+), 2 deletions(-) + +diff --git a/man/ndptool.8 b/man/ndptool.8 +index b742683..ef765dc 100644 +--- a/man/ndptool.8 ++++ b/man/ndptool.8 +@@ -41,6 +41,10 @@ Neighbor Advertisement. + .B "\-i ifname, \-\-ifname ifname" + Specified interface name. + ++.TP ++.B "\-U, \-\-unsolicited" ++Send Unsolicited NA. ++ + .SH COMMAND + .TP + .B "monitor" +diff --git a/utils/ndptool.c b/utils/ndptool.c +index 04ec4e1..2639f81 100644 +--- a/utils/ndptool.c ++++ b/utils/ndptool.c +@@ -39,6 +39,8 @@ enum verbosity_level { + #define DEFAULT_VERB VERB1 + static int g_verbosity = DEFAULT_VERB; + ++static uint8_t flags = ND_OPT_NORMAL; ++ + #define pr_err(args...) fprintf(stderr, ##args) + #define pr_outx(verb_level, args...) \ + do { \ +@@ -133,6 +135,7 @@ static void print_help(const char *argv0) { + "\t-t --msg-type=TYPE Specify message type\n" + "\t (\"rs\", \"ra\", \"ns\", \"na\")\n" + "\t-i --ifname=IFNAME Specify interface name\n" ++ "\t-U --unsolicited Send Unsolicited NA\n" + "Available commands:\n" + "\tmonitor\n" + "\tsend\n", +@@ -340,7 +343,8 @@ static int run_cmd_send(struct ndp *ndp, enum ndp_msg_type msg_type, + return err; + } + ndp_msg_ifindex_set(msg, ifindex); +- err = ndp_msg_send(ndp, msg); ++ ++ err = ndp_msg_send(ndp, msg, flags); + if (err) { + pr_err("Failed to send message\n"); + goto msg_destroy; +@@ -379,6 +383,7 @@ int main(int argc, char **argv) + { "verbose", no_argument, NULL, 'v' }, + { "msg-type", required_argument, NULL, 't' }, + { "ifname", required_argument, NULL, 'i' }, ++ { "unsolicited",no_argument, NULL, 'U' }, + { NULL, 0, NULL, 0 } + }; + int opt; +@@ -391,7 +396,7 @@ int main(int argc, char **argv) + int err; + int res = EXIT_FAILURE; + +- while ((opt = getopt_long(argc, argv, "hvt:i:", ++ while ((opt = getopt_long(argc, argv, "hvt:i:U", + long_options, NULL)) >= 0) { + + switch(opt) { +@@ -409,6 +414,9 @@ int main(int argc, char **argv) + free(ifname); + ifname = strdup(optarg); + break; ++ case 'U': ++ flags |= ND_OPT_NA_UNSOL; ++ break; + case '?': + pr_err("unknown option.\n"); + print_help(argv0); +-- +2.5.5 + diff --git a/SOURCES/0005-libndp-fix-type-of-field-na-in-struct-ndp_msgna.patch b/SOURCES/0005-libndp-fix-type-of-field-na-in-struct-ndp_msgna.patch new file mode 100644 index 0000000..47f92fc --- /dev/null +++ b/SOURCES/0005-libndp-fix-type-of-field-na-in-struct-ndp_msgna.patch @@ -0,0 +1,37 @@ +From d0ea3eccf42e4cec59b057474f844fc4f616d4de Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Thu, 10 Mar 2016 10:16:05 +0100 +Subject: [PATCH 5/6] libndp: fix type of field "na" in "struct ndp_msgna" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Otherwise, compilation fails since commit cb1ab5fc8b: + + libndp.c: In function ‘ndp_msgna_flag_router’: + libndp.c:992:18: error: ‘struct nd_neighbor_solicit’ has no member named ‘nd_na_hdr’ + return msgna->na->nd_na_flags_reserved & ND_NA_FLAG_ROUTER; + +Fixes: dfed476eee ("lib: setup first pointer in all type-specific structures at once") +Signed-off-by: Thomas Haller +Signed-off-by: Jiri Pirko +--- + libndp/libndp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libndp/libndp.c b/libndp/libndp.c +index 899c2b0..ed72658 100644 +--- a/libndp/libndp.c ++++ b/libndp/libndp.c +@@ -278,7 +278,7 @@ struct ndp_msgns { + }; + + struct ndp_msgna { +- struct nd_neighbor_solicit *na; /* must be first */ ++ struct nd_neighbor_advert *na; /* must be first */ + }; + + struct ndp_msgr { +-- +2.5.5 + diff --git a/SOURCES/0006-libndp-revert-API-change-for-ndp_msg_send-and-add-nd.patch b/SOURCES/0006-libndp-revert-API-change-for-ndp_msg_send-and-add-nd.patch new file mode 100644 index 0000000..253f22b --- /dev/null +++ b/SOURCES/0006-libndp-revert-API-change-for-ndp_msg_send-and-add-nd.patch @@ -0,0 +1,80 @@ +From 9be7e45d57d7c65d01c15819df0e864b25275dbe Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Thu, 10 Mar 2016 11:55:54 +0100 +Subject: [PATCH 6/6] libndp: revert API change for ndp_msg_send() and add + ndp_msg_send_with_flags() + +Fixes: cb1ab5fc8b ("libndp: add option flags to send messages") +Signed-off-by: Thomas Haller +Signed-off-by: Jiri Pirko +--- + include/ndp.h | 3 ++- + libndp/libndp.c | 17 ++++++++++++++++- + utils/ndptool.c | 2 +- + 3 files changed, 19 insertions(+), 3 deletions(-) + +diff --git a/include/ndp.h b/include/ndp.h +index 09b234f..0dc1468 100644 +--- a/include/ndp.h ++++ b/include/ndp.h +@@ -79,7 +79,8 @@ enum ndp_msg_type ndp_msg_type(struct ndp_msg *msg); + struct in6_addr *ndp_msg_addrto(struct ndp_msg *msg); + uint32_t ndp_msg_ifindex(struct ndp_msg *msg); + void ndp_msg_ifindex_set(struct ndp_msg *msg, uint32_t ifindex); +-int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags); ++int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg); ++int ndp_msg_send_with_flags(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags); + + uint8_t ndp_msgra_curhoplimit(struct ndp_msgra *msgra); + void ndp_msgra_curhoplimit_set(struct ndp_msgra *msgra, uint8_t curhoplimit); +diff --git a/libndp/libndp.c b/libndp/libndp.c +index ed72658..8b7e609 100644 +--- a/libndp/libndp.c ++++ b/libndp/libndp.c +@@ -700,6 +700,21 @@ void ndp_msg_ifindex_set(struct ndp_msg *msg, uint32_t ifindex) + * ndp_msg_send: + * @ndp: libndp library context + * @msg: message structure ++ * ++ * Send message. ++ * ++ * Returns: zero on success or negative number in case of an error. ++ **/ ++NDP_EXPORT ++int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg) ++{ ++ return ndp_msg_send_with_flags(ndp, msg, ND_OPT_NORMAL); ++} ++ ++/** ++ * ndp_msg_send_with_flags: ++ * @ndp: libndp library context ++ * @msg: message structure + * @flags: option flags within message type + * + * Send message. +@@ -707,7 +722,7 @@ void ndp_msg_ifindex_set(struct ndp_msg *msg, uint32_t ifindex) + * Returns: zero on success or negative number in case of an error. + **/ + NDP_EXPORT +-int ndp_msg_send(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags) ++int ndp_msg_send_with_flags(struct ndp *ndp, struct ndp_msg *msg, uint8_t flags) + { + enum ndp_msg_type msg_type = ndp_msg_type(msg); + +diff --git a/utils/ndptool.c b/utils/ndptool.c +index 2639f81..1d96f4c 100644 +--- a/utils/ndptool.c ++++ b/utils/ndptool.c +@@ -344,7 +344,7 @@ static int run_cmd_send(struct ndp *ndp, enum ndp_msg_type msg_type, + } + ndp_msg_ifindex_set(msg, ifindex); + +- err = ndp_msg_send(ndp, msg, flags); ++ err = ndp_msg_send_with_flags(ndp, msg, flags); + if (err) { + pr_err("Failed to send message\n"); + goto msg_destroy; +-- +2.5.5 + diff --git a/SPECS/libndp.spec b/SPECS/libndp.spec index c44baa3..286ab69 100644 --- a/SPECS/libndp.spec +++ b/SPECS/libndp.spec @@ -1,6 +1,6 @@ Name: libndp Version: 1.2 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Library for Neighbor Discovery Protocol Group: System Environment/Libraries License: LGPLv2+ @@ -10,6 +10,10 @@ Source: http://www.libndp.org/files/libndp-%{version}.tar.gz Patch0: 0001-libndp-fix-cppcheck-Undefined-behavior-Variable-buf-.patch Patch1: 0001-libndp-validate-the-IPv6-hop-limit.patch Patch2: 0002-libndb-reject-redirect-and-router-advertisements-fro.patch +Patch3: 0003-libndp-add-option-flags-to-send-messages.patch +Patch4: 0004-ndptool-add-option-to-send-messages-types.patch +Patch5: 0005-libndp-fix-type-of-field-na-in-struct-ndp_msgna.patch +Patch6: 0006-libndp-revert-API-change-for-ndp_msg_send-and-add-nd.patch %description This package contains a library which provides a wrapper @@ -30,6 +34,10 @@ necessary for developing programs using libndp. %patch0 -p1 -b .fix_cppcheck_var_buf %patch1 -p1 -b .hop-limit %patch2 -p1 -b .link-local +%patch3 -p1 -b .flags-to-send-msgs +%patch4 -p1 -b .opts-to-send-msgs-types +%patch5 -p1 -b .fix-type-of-na +%patch6 -p1 -b .revert-api-change-for-ndp_msg_send %build %configure --disable-static @@ -55,6 +63,12 @@ find $RPM_BUILD_ROOT -name \*.la -delete %{_libdir}/pkgconfig/*.pc %changelog +* Tue May 17 2016 Eric Garver - 1.2-7 +- libndp: add option flags to send messages +- ndptool: add option to send messages types +- libndp: fix type of field "na" in "struct ndp_msgna" +- libndp: revert API change for ndp_msg_send() and add + * Sat May 14 2016 Lubomir Rintel - 1.2-6 - libndp: fix hop limit validation [CVE-2016-3698]