systemcrash
diff --git a/‎src/config.c‎
Lines changed: 1 addition & 1 deletion b/‎src/config.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/dhcpv6-ia.c‎
Lines changed: 231 additions & 0 deletions b/‎src/dhcpv6-ia.c‎
Lines changed: 231 additions & 0 deletions
diff --git a/‎src/dhcpv6.c‎
Lines changed: 36 additions & 0 deletions b/‎src/dhcpv6.c‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎src/dhcpv6.h‎
Lines changed: 11 additions & 0 deletions b/‎src/dhcpv6.h‎
Lines changed: 11 additions & 0 deletions
@@ -71,7 +71,7 @@ struct sys_conf sys_conf = {
 
 #define PD_MIN_LEN_MAX (64-2) // must delegate at least 2 bits of prefix
 
-#define OAF_DHCPV6	(OAF_DHCPV6_NA | OAF_DHCPV6_PD)
+#define OAF_DHCPV6	(OAF_DHCPV6_NA | OAF_DHCPV6_PD | OAF_DHCPV6_ADDR_REG)
 
 enum {
 	IPV6_PXE_URL,
 
@@ -1322,3 +1322,234 @@ ssize_t dhcpv6_ia_handle_IAs(uint8_t *buf, size_t buflen, struct interface *ifac
 out:
 	return response_len;
 }
+
+/* Register or update address registration in the lease database */
+static bool register_ia_addr_in_lease_db(struct sockaddr_in6 *source,
+		const uint8_t *clientid_data, uint16_t clientid_len,
+		const struct dhcpv6_ia_addr *ia_addr,
+		struct interface *iface)
+{
+	/* RFC9686 §4.2.1: Lease lifetime is the valid-lifetime from IA Address option */
+	time_t now = odhcpd_time();
+	uint32_t valid_lt = ntohl(ia_addr->valid_lt);
+	time_t lease_end = now + valid_lt;
+	bool onlink = false;
+
+	/* Search for existing binding with this address */
+	struct dhcpv6_lease *binding = NULL, *lease = NULL;
+	list_for_each_entry(binding, &iface->ia_assignments, head) {
+		/* Check if this address is already registered by another client */
+		if ((binding->flags & OAF_DHCPV6_ADDR_REG) &&
+		    memcmp(&binding->peer.sin6_addr, &ia_addr->addr, sizeof(struct in6_addr)) == 0) {
+			/* Found address registration for this address */
+			if (binding->duid_len == clientid_len &&
+			    memcmp(binding->duid, clientid_data, clientid_len) == 0) {
+				/* Same client, update the lease */
+				lease = binding;
+				break;
+			} else {
+				/* RFC9686 §4.2.1: Different client, should log and update binding
+				 * We'll update to the new client */
+				char addrbuf[INET6_ADDRSTRLEN];
+				inet_ntop(AF_INET6, &ia_addr->addr, addrbuf, sizeof(addrbuf));
+				debug("ADDR-REG: address collision for %s: was bound to "
+					"different client, updating", addrbuf);
+				lease = binding;
+				break;
+			}
+		}
+	}
+
+	if (!lease) {
+		/* Create new lease for this address registration */
+		lease = dhcpv6_alloc_lease(clientid_len);
+		if (!lease) {
+			char addrbuf[INET6_ADDRSTRLEN];
+			inet_ntop(AF_INET6, &ia_addr->addr, addrbuf, sizeof(addrbuf));
+			error("ADDR-REG: failed to allocate lease for %s", addrbuf);
+			return false;
+		}
+
+		/* Initialize lease structure */
+		lease->iface = iface;
+		lease->peer = *source;
+		lease->peer.sin6_addr = ia_addr->addr;  /* Store full registered address */
+		lease->duid_len = clientid_len;
+		memcpy(lease->duid, clientid_data, clientid_len);
+		lease->length = 128;
+		
+		/* Try to find matching interface prefix and extract host ID */
+		for (size_t i = 0; i < iface->addr6_len; i++) {
+			if (!valid_addr(&iface->addr6[i], now))
+				continue;
+
+			if (ADDR_MATCH_PIO_FILTER(&iface->addr6[i], iface))
+				continue;
+
+			/* RFC9686 §4.2.1: the server SHOULD verify that the address 
+			 * is "appropriate to the link" */
+			if (odhcpd_bmemcmp(&ia_addr->addr, &iface->addr6[i].addr.in6,
+			                   iface->addr6[i].prefix_len) == 0) {
+				/* Address is within this prefix - extract host ID portion */
+				onlink = true;
+				uint64_t host_id = 0;
+				memcpy(&host_id, &ia_addr->addr.s6_addr[8], 8);
+				lease->assigned_host_id = be64toh(host_id);
+				break;
+			}
+		}
+
+		if (onlink) {
+			/* Add to interface's lease list */
+			list_add(&lease->head, &iface->ia_assignments);
+		} else {
+			dhcpv6_free_lease(lease);
+			lease = NULL;
+			return onlink;
+		}
+
+	} else {
+		/* Update existing lease */
+		lease->peer = *source;
+		lease->peer.sin6_addr = ia_addr->addr;  /* Update registered address */
+		lease->duid_len = clientid_len;
+		memcpy(lease->duid, clientid_data, clientid_len);
+	}
+
+	/* Update lifetimes */
+	lease->valid_until = lease_end;
+	lease->preferred_until = now + ntohl(ia_addr->preferred_lt);
+	lease->bound = true;
+	
+	/* Mark flags - RFC9686 Address Registration lease */
+	lease->flags = OAF_DHCPV6_ADDR_REG;
+
+	char addrbuf[INET6_ADDRSTRLEN];
+	inet_ntop(AF_INET6, &ia_addr->addr, addrbuf, sizeof(addrbuf));
+	debug("ADDR-REG: registered %s for client with DUID length %d, "
+		"valid until %ld (in %u seconds)", addrbuf, clientid_len,
+		lease_end, valid_lt);
+
+	return true;
+}
+
+/* Send RFC9686 ADDR-REG-REPLY message to client */
+static void send_ia_addr_reg_reply(struct sockaddr_in6 *source,
+		const struct dhcpv6_client_header *hdr,
+		const struct dhcpv6_ia_addr *ia_addr,
+		struct interface *iface)
+{
+	/* RFC9686 §4.3: Reply MUST contain:
+	 * - msg_type: ADDR-REG-REPLY (37)
+	 * - transaction_id: copied from ADDR-REG-INFORM
+	 * - IA Address option: identical to the one in the request
+	 */
+
+	struct _o_packed {
+		uint8_t msg_type;
+		uint8_t tr_id[3];
+	} reply = {
+		.msg_type = DHCPV6_MSG_ADDR_REG_REPLY,
+	};
+
+	/* Copy transaction ID from request */
+	memcpy(reply.tr_id, hdr->transaction_id, sizeof(reply.tr_id));
+
+	/* Prepare IA Address option (copy from request) */
+	struct iovec iov[2] = {
+		{&reply, sizeof(reply)},
+		{(void *)ia_addr, sizeof(struct dhcpv6_ia_addr)}
+	};
+
+	/* RFC9686 §4.3: If not relayed, destination is the address being registered.
+	 * If relayed, we would construct Relay-reply (handled separately in relay_server_response).
+	 * For direct replies, source is already the registered address. */
+	
+	char addrbuf[INET6_ADDRSTRLEN];
+	inet_ntop(AF_INET6, &ia_addr->addr, addrbuf, sizeof(addrbuf));
+	debug("Sending ADDR-REG-REPLY for %s on %s", addrbuf, iface->name);
+
+	odhcpd_send(iface->dhcpv6_event.uloop.fd, source, iov, ARRAY_SIZE(iov), iface);
+}
+
+/* RFC9686 Address Registration Message Handler */
+void handle_ia_addr_reg_inform(struct sockaddr_in6 *source,
+		const void *data, size_t len, struct interface *iface)
+{
+	const struct dhcpv6_client_header *hdr = data;
+	uint8_t *opts = (uint8_t *)&hdr[1], *opts_end = (uint8_t *)data + len;
+	uint16_t otype, olen;
+	uint8_t *odata;
+	
+	uint8_t *clientid_data = NULL;
+	uint16_t clientid_len = 0;
+	struct dhcpv6_ia_addr *ia_addr = NULL;
+
+	if (len < sizeof(*hdr)) {
+		debug("ADDR-REG-INFORM: message too short");
+		return;
+	}
+
+	/* RFC9686 §4.2: Client MUST include Client Identifier option */
+	/* RFC9686 §4.2: ADDR-REG-INFORM MUST NOT contain Server Identifier */
+	/* RFC9686 §4.2: MUST contain exactly one IA Address option */
+	
+	dhcpv6_for_each_option(opts, opts_end, otype, olen, odata) {
+		switch (otype) {
+		case DHCPV6_OPT_CLIENTID:
+			if (olen > 0) {
+				clientid_data = odata;
+				clientid_len = olen;
+			}
+			break;
+		case DHCPV6_OPT_SERVERID:
+			/* RFC9686 §4.2: Server MUST discard messages with Server ID */
+			debug("ADDR-REG-INFORM: message contains Server Identifier, discarding");
+			return;
+		case DHCPV6_OPT_IA_ADDR:
+			if (olen == sizeof(struct dhcpv6_ia_addr) - 4) {
+				if (ia_addr != NULL) {
+					debug("ADDR-REG-INFORM: message contains more than one IA_ADDR, discarding");
+					return;
+				}
+				ia_addr = (struct dhcpv6_ia_addr *)&odata[-4];
+			}
+			break;
+		case DHCPV6_OPT_ORO:
+			/* RFC9686 §4.2: ADDR-REG-INFORM MUST NOT contain Option Request option */
+			debug("ADDR-REG-INFORM: message contains Option Request, discarding");
+			return;
+		default:
+			break;
+		}
+	}
+
+	/* Validate message contents */
+	if (!clientid_data || clientid_len == 0) {
+		debug("ADDR-REG-INFORM: missing Client Identifier option, discarding");
+		return;
+	}
+
+	if (!ia_addr) {
+		debug("ADDR-REG-INFORM: missing or invalid IA Address option, discarding");
+		return;
+	}
+
+	/* RFC9686 §4.2.1: Verify source address matches the IA Address option
+	 * The message MUST be sent from the address being registered */
+	if (memcmp(&source->sin6_addr, &ia_addr->addr, sizeof(struct in6_addr)) != 0) {
+		debug("ADDR-REG-INFORM: source address does not match IA Address option");
+		return;
+	}
+
+	char addrbuf[INET6_ADDRSTRLEN];
+	inet_ntop(AF_INET6, &ia_addr->addr, addrbuf, sizeof(addrbuf));
+	debug("Got ADDR-REG-INFORM for %s on %s", addrbuf, iface->name);
+
+	/* Register address in lease database */
+	if(!register_ia_addr_in_lease_db(source, clientid_data, clientid_len, ia_addr, iface))
+		return;
+
+	/* Send ADDR-REG-REPLY response */
+	send_ia_addr_reg_reply(source, hdr, ia_addr, iface);
+}
@@ -33,6 +33,9 @@ static void relay_client_request(struct sockaddr_in6 *source,
 		const void *data, size_t len, struct interface *iface);
 static void relay_server_response(uint8_t *data, size_t len);
 
+void handle_ia_addr_reg_inform(struct sockaddr_in6 *source,
+		const void *data, size_t len, struct interface *iface);
+
 static void handle_dhcpv6(void *addr, void *data, size_t len,
 		struct interface *iface, void *dest);
 static void handle_client_request(void *addr, void *data, size_t len,
@@ -169,6 +172,7 @@ enum {
 	IOV_MAXRT,
 #define IOV_STAT IOV_MAXRT
 	IOV_RAPID_COMMIT,
+	IOV_ADDR_REG_ENABLE,
 	IOV_DNS,
 	IOV_DNS_ADDR,
 	IOV_SEARCH,
@@ -347,6 +351,7 @@ static void handle_client_request(void *addr, void *data, size_t len,
 	/* if we include DHCPV4 support, handle this message type */
 	case DHCPV6_MSG_DHCPV4_QUERY:
 #endif
+	case DHCPV6_MSG_ADDR_REG_INFORM:
 		break;
 	/* Invalid message types for clients i.e. server messages */
 	case DHCPV6_MSG_ADVERTISE:
@@ -358,12 +363,21 @@ static void handle_client_request(void *addr, void *data, size_t len,
 	case DHCPV6_MSG_DHCPV4_QUERY:
 #endif
 	case DHCPV6_MSG_DHCPV4_RESPONSE:
+	case DHCPV6_MSG_ADDR_REG_REPLY:
 	default:
 		return;
 	}
 
 	debug("Got a DHCPv6-request on %s", iface->name);
 
+	/* RFC9686 - Handle ADDR-REG-INFORM separately */
+	if (hdr->msg_type == DHCPV6_MSG_ADDR_REG_INFORM) {
+		if (iface->dhcpv6 == MODE_SERVER) {
+			handle_ia_addr_reg_inform((struct sockaddr_in6 *)addr, data, len, iface);
+		}
+		return;
+	}
+
 	/* Construct reply message */
 	struct _o_packed {
 		uint8_t msg_type;
@@ -501,6 +515,16 @@ static void handle_client_request(void *addr, void *data, size_t len,
 		uint16_t len;
 	} capt_portal;
 
+	/* RFC9686 Address Registration Enable option */
+	bool addr_reg_enable_want = false;
+	struct {
+		uint16_t type;
+		uint16_t len;
+	} addr_reg_enable = {
+		htons(DHCPV6_OPT_ADDR_REG_ENABLE),
+		0
+	};
+
 	/* RFC8910 §2:
 	 * DHCP servers MAY send the Captive Portal option without any explicit request
 	 * If it is configured, send it.
@@ -611,6 +635,10 @@ static void handle_client_request(void *addr, void *data, size_t len,
 				memcpy(&d6dnr->len, &d6dnr_len_be, sizeof(d6dnr_len_be));
 			}
 			break;
+		case DHCPV6_OPT_ADDR_REG_ENABLE:
+			/* RFC9686: Signal address registration support */
+			addr_reg_enable_want = true;
+			break;
 		}
 	}
 
@@ -652,6 +680,7 @@ static void handle_client_request(void *addr, void *data, size_t len,
 		[IOV_DNS_ADDR] = { dns_addrs6, dns_addrs6_cnt * sizeof(*dns_addrs6) },
 		[IOV_SEARCH] = { &dns_search_hdr, (dns_search_len) ? sizeof(dns_search_hdr) : 0 },
 		[IOV_SEARCH_DOMAIN] = { dns_search, dns_search_len },
+		[IOV_ADDR_REG_ENABLE] = {&addr_reg_enable, addr_reg_enable_want ? sizeof(addr_reg_enable) : 0},
 		[IOV_PDBUF] = {pdbuf, 0},
 		[IOV_DHCPV6_RAW] = {iface->dhcpv6_raw, iface->dhcpv6_raw_len},
 		[IOV_NTP] = {&ntp, (ntp_cnt) ? sizeof(ntp) : 0},
@@ -798,6 +827,7 @@ static void handle_client_request(void *addr, void *data, size_t len,
 				      iov[IOV_RAPID_COMMIT].iov_len + iov[IOV_DNS].iov_len +
 				      iov[IOV_DNS_ADDR].iov_len + iov[IOV_SEARCH].iov_len +
 				      iov[IOV_SEARCH_DOMAIN].iov_len + iov[IOV_PDBUF].iov_len +
+				      iov[IOV_ADDR_REG_ENABLE].iov_len +
 				      iov[IOV_DHCPV4O6_SERVER].iov_len +
 				      iov[IOV_DHCPV6_RAW].iov_len +
 				      iov[IOV_NTP].iov_len + iov[IOV_NTP_ADDR].iov_len +
@@ -873,6 +903,10 @@ static void relay_server_response(uint8_t *data, size_t len)
 	/* If the payload is relay-reply we have to send to the server port */
 	if (payload_data[0] == DHCPV6_MSG_RELAY_REPL) {
 		target.sin6_port = htons(DHCPV6_SERVER_PORT);
+	} else if (payload_data[0] == DHCPV6_MSG_ADDR_REG_REPLY) {
+		/* RFC9686: Forward ADDR-REG-REPLY back to client */
+		/* The client address is in the peer_address field of the relay message */
+		/* For relayed ADDR-REG-REPLY, just forward as-is to client port */
 	} else { /* Go through the payload data */
 		struct dhcpv6_client_header *dch = (void*)payload_data;
 		end = payload_data + payload_len;
@@ -970,13 +1004,15 @@ static void relay_client_request(struct sockaddr_in6 *source,
 	case DHCPV6_MSG_INFORMATION_REQUEST:
 	case DHCPV6_MSG_RELAY_FORW:
 	case DHCPV6_MSG_DHCPV4_QUERY:
+	case DHCPV6_MSG_ADDR_REG_INFORM:
 		break;
 	/* Invalid message types from clients i.e. server messages */
 	case DHCPV6_MSG_ADVERTISE:
 	case DHCPV6_MSG_REPLY:
 	case DHCPV6_MSG_RECONFIGURE:
 	case DHCPV6_MSG_RELAY_REPL:
 	case DHCPV6_MSG_DHCPV4_RESPONSE:
+	case DHCPV6_MSG_ADDR_REG_REPLY:
 		return;
 	default:
 		break;
 
@@ -41,6 +41,9 @@
 /* RFC7341 */
 #define DHCPV6_MSG_DHCPV4_QUERY 20
 #define DHCPV6_MSG_DHCPV4_RESPONSE 21
+/* RFC9686 */
+#define DHCPV6_MSG_ADDR_REG_INFORM 36
+#define DHCPV6_MSG_ADDR_REG_REPLY 37
 
 #define DHCPV6_OPT_CLIENTID 1
 #define DHCPV6_OPT_SERVERID 2
@@ -77,6 +80,8 @@
 /* RFC8910 */
 #define DHCPV6_OPT_CAPTIVE_PORTAL 103
 #define DHCPV6_OPT_DNR 144
+/* RFC9686 */
+#define DHCPV6_OPT_ADDR_REG_ENABLE 148
 
 #define DHCPV6_DUID_VENDOR 2
 
@@ -158,6 +163,12 @@ struct dhcpv6_ia_addr {
 	uint32_t valid_lt;
 } _o_packed;
 
+/* RFC9686 - Address Registration Option (empty option, no data) */
+struct dhcpv6_addr_reg_enable {
+	uint16_t type;
+	uint16_t len;
+} _o_packed;
+
 struct dhcpv6_cer_id {
 	uint16_t type;
 	uint16_t len;