xref: /illumos-gate/usr/src/cmd/cmd-inet/usr.lib/in.ndpd/ndp.c (revision ddadf64d)

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */

/*
 * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

/*
 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
 */

#include "defs.h"
#include "tables.h"

#include <sys/sysmacros.h>

#include <dhcpagent_ipc.h>
#include <dhcpagent_util.h>

static boolean_t verify_opt_len(struct nd_opt_hdr *opt, int optlen,
		    struct phyint *pi, struct sockaddr_in6 *from);

static void	incoming_rs(struct phyint *pi, struct nd_router_solicit *rs,
		    int len, struct sockaddr_in6 *from);

void		incoming_ra(struct phyint *pi, struct nd_router_advert *ra,
		    int len, struct sockaddr_in6 *from, boolean_t loopback);
static void	incoming_prefix_opt(struct phyint *pi, uchar_t *opt,
		    struct sockaddr_in6 *from, boolean_t loopback);
static void	incoming_prefix_onlink(struct phyint *pi, uchar_t *opt);
void		incoming_prefix_onlink_process(struct prefix *pr,
		    uchar_t *opt);
static void	incoming_prefix_stateful(struct phyint *, uchar_t *);
static boolean_t	incoming_prefix_addrconf(struct phyint *pi,
		    uchar_t *opt, struct sockaddr_in6 *from,
		    boolean_t loopback);
boolean_t	incoming_prefix_addrconf_process(struct phyint *pi,
		    struct prefix *pr, uchar_t *opt,
		    struct sockaddr_in6 *from, boolean_t loopback,
		    boolean_t new_prefix);
static void	incoming_mtu_opt(struct phyint *pi, uchar_t *opt,
		    struct sockaddr_in6 *from);
static void	incoming_lla_opt(struct phyint *pi, uchar_t *opt,
		    struct sockaddr_in6 *from, int isrouter);

static void	verify_ra_consistency(struct phyint *pi,
		    struct nd_router_advert *ra,
		    int len, struct sockaddr_in6 *from);
static void	verify_prefix_opt(struct phyint *pi, uchar_t *opt,
		    char *frombuf);
static void	verify_mtu_opt(struct phyint *pi, uchar_t *opt,
		    char *frombuf);

static void	update_ra_flag(const struct phyint *pi,
		    const struct sockaddr_in6 *from, int isrouter);

/*
 * Return a pointer to the specified option buffer.
 * If not found return NULL.
 */
static void *
find_ancillary(struct msghdr *msg, int cmsg_type)
{
	struct cmsghdr *cmsg;

	for (cmsg = CMSG_FIRSTHDR(msg); cmsg != NULL;
	    cmsg = CMSG_NXTHDR(msg, cmsg)) {
		if (cmsg->cmsg_level == IPPROTO_IPV6 &&
		    cmsg->cmsg_type == cmsg_type) {
			return (CMSG_DATA(cmsg));
		}
	}
	return (NULL);
}

void
in_data(struct phyint *pi)
{
	struct sockaddr_in6 from;
	struct icmp6_hdr *icmp;
	struct nd_router_solicit *rs;
	struct nd_router_advert *ra;
	static uint64_t in_packet[(IP_MAXPACKET + 1)/8];
	static uint64_t ancillary_data[(IP_MAXPACKET + 1)/8];
	int len;
	char abuf[INET6_ADDRSTRLEN];
	const char *msgbuf;
	struct msghdr msg;
	struct iovec iov;
	uchar_t *opt;
	uint_t hoplimit;

	iov.iov_base = (char *)in_packet;
	iov.iov_len = sizeof (in_packet);
	msg.msg_iov = &iov;
	msg.msg_iovlen = 1;
	msg.msg_name = (struct sockaddr *)&from;
	msg.msg_namelen = sizeof (from);
	msg.msg_control = ancillary_data;
	msg.msg_controllen = sizeof (ancillary_data);

	if ((len = recvmsg(pi->pi_sock, &msg, 0)) < 0) {
		logperror_pi(pi, "in_data: recvfrom");
		return;
	}
	if (len == 0)
		return;

	if (inet_ntop(AF_INET6, (void *)&from.sin6_addr,
	    abuf, sizeof (abuf)) == NULL)
		msgbuf = "Unspecified Router";
	else
		msgbuf = abuf;

	/* Ignore packets > 64k or control buffers that don't fit */
	if (msg.msg_flags & (MSG_TRUNC|MSG_CTRUNC)) {
		if (debug & D_PKTBAD) {
			logmsg(LOG_DEBUG, "Truncated message: msg_flags 0x%x "
			    "from %s\n", msg.msg_flags, msgbuf);
		}
		return;
	}

	icmp = (struct icmp6_hdr *)in_packet;

	if (len < ICMP6_MINLEN) {
		logmsg(LOG_INFO, "Too short ICMP packet: %d bytes "
		    "from %s on %s\n",
		    len, msgbuf, pi->pi_name);
		return;
	}

	opt = find_ancillary(&msg, IPV6_HOPLIMIT);
	if (opt == NULL) {
		/* Unknown hoplimit - must drop */
		logmsg(LOG_INFO, "Unknown hop limit from %s on %s\n",
		    msgbuf, pi->pi_name);
		return;
	}
	hoplimit = *(uint_t *)opt;
	opt = find_ancillary(&msg, IPV6_RTHDR);
	if (opt != NULL) {
		/* Can't allow routing headers in ND messages */
		logmsg(LOG_INFO, "ND message with routing header "
		    "from %s on %s\n",
		    msgbuf, pi->pi_name);
		return;
	}
	switch (icmp->icmp6_type) {
	case ND_ROUTER_SOLICIT:
		if (!pi->pi_AdvSendAdvertisements)
			return;
		if (pi->pi_flags & IFF_NORTEXCH) {
			if (debug & D_PKTIN) {
				logmsg(LOG_DEBUG, "Ignore received RS packet "
				    "on %s (no route exchange on interface)\n",
				    pi->pi_name);
			}
			return;
		}

		/*
		 * Assumes that the kernel has verified the AH (if present)
		 * and the ICMP checksum.
		 */
		if (hoplimit != IPV6_MAX_HOPS) {
			logmsg(LOG_DEBUG, "RS hop limit: %d from %s on %s\n",
			    hoplimit, msgbuf, pi->pi_name);
			return;
		}

		if (icmp->icmp6_code != 0) {
			logmsg(LOG_INFO, "RS code: %d from %s on %s\n",
			    icmp->icmp6_code, msgbuf, pi->pi_name);
			return;
		}

		if (len < sizeof (struct nd_router_solicit)) {
			logmsg(LOG_INFO, "RS too short: %d bytes "
			    "from %s on %s\n",
			    len, msgbuf, pi->pi_name);
			return;
		}
		rs = (struct nd_router_solicit *)icmp;
		if (len > sizeof (struct nd_router_solicit)) {
			if (!verify_opt_len((struct nd_opt_hdr *)&rs[1],
			    len - sizeof (struct nd_router_solicit), pi, &from))
				return;
		}
		if (debug & D_PKTIN) {
			print_route_sol("Received valid solicit from ", pi,
			    rs, len, &from);
		}
		incoming_rs(pi, rs, len, &from);
		break;

	case ND_ROUTER_ADVERT:
		if (IN6_IS_ADDR_UNSPECIFIED(&from.sin6_addr)) {
			/*
			 * Router advt. must have address!
			 * Logging the news and returning.
			 */
			logmsg(LOG_DEBUG,
			    "Router's address unspecified in advertisement\n");
			return;
		}
		if (pi->pi_flags & IFF_NORTEXCH) {
			if (debug & D_PKTIN) {
				logmsg(LOG_DEBUG, "Ignore received RA packet "
				    "on %s (no route exchange on interface)\n",
				    pi->pi_name);
			}
			return;
		}

		/*
		 * Assumes that the kernel has verified the AH (if present)
		 * and the ICMP checksum.
		 */
		if (!IN6_IS_ADDR_LINKLOCAL(&from.sin6_addr)) {
			logmsg(LOG_DEBUG, "RA from %s - not link local on %s\n",
			    msgbuf, pi->pi_name);
			return;
		}

		if (hoplimit != IPV6_MAX_HOPS) {
			logmsg(LOG_INFO, "RA hop limit: %d from %s on %s\n",
			    hoplimit, msgbuf, pi->pi_name);
			return;
		}

		if (icmp->icmp6_code != 0) {
			logmsg(LOG_INFO, "RA code: %d from %s on %s\n",
			    icmp->icmp6_code, msgbuf, pi->pi_name);
			return;
		}

		if (len < sizeof (struct nd_router_advert)) {
			logmsg(LOG_INFO, "RA too short: %d bytes "
			    "from %s on %s\n",
			    len, msgbuf, pi->pi_name);
			return;
		}
		ra = (struct nd_router_advert *)icmp;
		if (len > sizeof (struct nd_router_advert)) {
			if (!verify_opt_len((struct nd_opt_hdr *)&ra[1],
			    len - sizeof (struct nd_router_advert), pi, &from))
				return;
		}
		if (debug & D_PKTIN) {
			print_route_adv("Received valid advert from ", pi,
			    ra, len, &from);
		}
		if (pi->pi_AdvSendAdvertisements)
			verify_ra_consistency(pi, ra, len, &from);
		else
			incoming_ra(pi, ra, len, &from, _B_FALSE);
		break;
	}
}

/*
 * Process a received router solicitation.
 * Check for source link-layer address option and check if it
 * is time to advertise.
 */
static void
incoming_rs(struct phyint *pi, struct nd_router_solicit *rs, int len,
    struct sockaddr_in6 *from)
{
	struct nd_opt_hdr *opt;
	int optlen;

	/* Process any options */
	len -= sizeof (struct nd_router_solicit);
	opt = (struct nd_opt_hdr *)&rs[1];
	while (len >= sizeof (struct nd_opt_hdr)) {
		optlen = opt->nd_opt_len * 8;
		switch (opt->nd_opt_type) {
		case ND_OPT_SOURCE_LINKADDR:
			incoming_lla_opt(pi, (uchar_t *)opt,
			    from, NDF_ISROUTER_OFF);
			break;
		default:
			break;
		}
		opt = (struct nd_opt_hdr *)((char *)opt + optlen);
		len -= optlen;
	}
	/* Simple algorithm: treat unicast and multicast RSs the same */
	check_to_advertise(pi, RECEIVED_SOLICIT);
}

/*
 * Function that sends commands to dhcpagent daemon.
 */
int
dhcp_op(struct phyint *pi, int type)
{
	dhcp_ipc_request_t	*request;
	dhcp_ipc_reply_t	*reply	= NULL;
	int			error;

	request = dhcp_ipc_alloc_request(type | DHCP_V6, pi->pi_name, NULL, 0,
	    DHCP_TYPE_NONE);
	if (request == NULL) {
		logmsg(LOG_ERR, "dhcp_op: out of memory\n");
		/* make sure we try again next time there's a chance */
		if (type != DHCP_RELEASE) {
			pi->pi_ra_flags &=
			    ~ND_RA_FLAG_MANAGED & ~ND_RA_FLAG_OTHER;
		}
		return (DHCP_IPC_E_MEMORY);
	}

	error = dhcp_ipc_make_request(request, &reply, 0);
	free(request);
	if (error != 0) {
		logmsg(LOG_ERR, "could not send request to dhcpagent: "
		    "%s: %s\n", pi->pi_name, dhcp_ipc_strerror(error));
		return (error);
	}

	error = reply->return_code;
	free(reply);

	return (error);
}

/*
 * Start up DHCPv6 on a given physical interface. Does not wait for
 * a message to be returned from the daemon.
 */
void
start_dhcp(struct phyint *pi)
{
	int	error;
	int	type;

	if (dhcp_start_agent(DHCP_IPC_MAX_WAIT) == -1) {
		logmsg(LOG_ERR, "unable to start %s\n", DHCP_AGENT_PATH);
		/* make sure we try again next time there's a chance */
		pi->pi_ra_flags &= ~ND_RA_FLAG_MANAGED & ~ND_RA_FLAG_OTHER;
		return;
	}

	else if (pi->pi_ra_flags & ND_RA_FLAG_MANAGED)
		type = DHCP_START;
	else
		type = DHCP_INFORM;

	error = dhcp_op(pi, type);
	/*
	 * Timeout is considered to be "success" because we don't wait for DHCP
	 * to do its exchange.
	 */
	if (error != DHCP_IPC_SUCCESS && error != DHCP_IPC_E_RUNNING &&
	    error != DHCP_IPC_E_TIMEOUT) {
		logmsg(LOG_ERR, "Error in dhcpagent: %s: %s\n",
		    pi->pi_name, dhcp_ipc_strerror(error));
	}
}

/*
 * Release the acquired DHCPv6 lease on a given physical interface.
 * Does not wait for a message to be returned from the daemon.
 */
void
release_dhcp(struct phyint *pi)
{
	int	error;
	int	type;

	type = DHCP_RELEASE;
retry:
	error = dhcp_op(pi, type);
	if (error != DHCP_IPC_SUCCESS && error != DHCP_IPC_E_RUNNING &&
	    error != DHCP_IPC_E_TIMEOUT) {
		if (type == DHCP_RELEASE && error == DHCP_IPC_E_OUTSTATE) {
			/*
			 * Drop the dhcp control if we cannot release it.
			 */
			type = DHCP_DROP;
			goto retry;
		}
		logmsg(LOG_ERR, "Error in dhcpagent: %s: %s\n",
		    pi->pi_name, dhcp_ipc_strerror(error));
	}
}

/*
 * Globals to check if we're seeing unusual hop counts in Router
 * Advertisements (RAs).  We record the hopcounts in the kernel using
 * SIOCSLIFLNKINFO, but the kernel ignores these when actually setting IPv6
 * hop counts for packets.
 *
 * RFC 3756 does mention the possibility of an adversary throttling down
 * hopcounts using unsolicited RAs.  These variables can be tuned with 'mdb -p'
 * to reduce/increase our logging threshholds.
 */
/* Really a boolean... if set, also log the offending sending address. */
int bad_hopcount_record_addr = 0;
/* Anything less triggers a warning.  Set to 0 to disable. */
int bad_hopcount_threshhold = 16;
/* Number of packets received below the threshhold. */
uint64_t bad_hopcount_packets;

/*
 * Process a received router advertisement.
 * Called both when packets arrive as well as when we send RAs.
 * In the latter case 'loopback' is set.
 */
void
incoming_ra(struct phyint *pi, struct nd_router_advert *ra, int len,
    struct sockaddr_in6 *from, boolean_t loopback)
{
	struct nd_opt_hdr *opt;
	int optlen;
	struct lifreq lifr;
	boolean_t set_needed = _B_FALSE;
	struct router *dr;
	uint16_t router_lifetime;
	uint_t reachable, retrans;
	boolean_t reachable_time_changed = _B_FALSE;
	boolean_t slla_opt_present	 = _B_FALSE;

	if (no_loopback && loopback)
		return;

	bzero(&lifr, sizeof (lifr));
	(void) strlcpy(lifr.lifr_name, pi->pi_name, sizeof (lifr.lifr_name));

	if (ra->nd_ra_curhoplimit != CURHOP_UNSPECIFIED &&
	    ra->nd_ra_curhoplimit != pi->pi_CurHopLimit) {
		pi->pi_CurHopLimit = ra->nd_ra_curhoplimit;
		lifr.lifr_ifinfo.lir_maxhops = pi->pi_CurHopLimit;
		set_needed = _B_TRUE;

		if (pi->pi_CurHopLimit < bad_hopcount_threshhold) {
			char abuf[INET6_ADDRSTRLEN];

			bad_hopcount_packets++;
			logmsg(LOG_ALERT,
			    "Low hopcount %d received on %s%s%s\n",
			    pi->pi_CurHopLimit, pi->pi_name,
			    bad_hopcount_record_addr ? " from " : "",
			    bad_hopcount_record_addr ?
			    inet_ntop(AF_INET6, &from->sin6_addr, abuf,
			    INET6_ADDRSTRLEN) : "");
		}
	}

	reachable = ntohl(ra->nd_ra_reachable);
	if (reachable != 0 &&
	    reachable != pi->pi_BaseReachableTime) {
		pi->pi_BaseReachableTime = reachable;
		reachable_time_changed = _B_TRUE;
	}

	if (pi->pi_reach_time_since_random < MIN_REACH_RANDOM_INTERVAL ||
	    reachable_time_changed) {
		phyint_reach_random(pi, _B_FALSE);
		set_needed = _B_TRUE;
	}
	lifr.lifr_ifinfo.lir_reachtime = pi->pi_ReachableTime;

	retrans = ntohl(ra->nd_ra_retransmit);
	if (retrans != 0 &&
	    pi->pi_RetransTimer != retrans) {
		pi->pi_RetransTimer = retrans;
		lifr.lifr_ifinfo.lir_reachretrans = pi->pi_RetransTimer;
		set_needed = _B_TRUE;
	}

	if (set_needed) {
		if (ioctl(pi->pi_sock, SIOCSLIFLNKINFO, (char *)&lifr) < 0) {
			logperror_pi(pi, "incoming_ra: SIOCSLIFLNKINFO");
			return;
		}
	}

	/*
	 * If the "managed" flag is set, then just assume that the "other" flag
	 * is set as well.  It's not legal to get addresses alone without
	 * getting other data.
	 */
	if (ra->nd_ra_flags_reserved & ND_RA_FLAG_MANAGED)
		ra->nd_ra_flags_reserved |= ND_RA_FLAG_OTHER;

	/*
	 * If either the "managed" or "other" bits have turned on, then it's
	 * now time to invoke DHCP.  If only the "other" bit is set, then don't
	 * get addresses via DHCP; only "other" data.  If "managed" is set,
	 * then we must always get both addresses and "other" data.
	 */
	if (pi->pi_autoconf && pi->pi_stateful &&
	    (ra->nd_ra_flags_reserved & ~pi->pi_ra_flags &
	    (ND_RA_FLAG_MANAGED | ND_RA_FLAG_OTHER))) {
		if (debug & D_DHCP) {
			logmsg(LOG_DEBUG,
			    "incoming_ra: trigger dhcp %s on %s\n",
			    (ra->nd_ra_flags_reserved & ~pi->pi_ra_flags &
			    ND_RA_FLAG_MANAGED) ? "MANAGED" : "OTHER",
			    pi->pi_name);
		}
		pi->pi_ra_flags |= ra->nd_ra_flags_reserved;
		start_dhcp(pi);
	}

	/* Skip default router code if sent from ourselves */
	if (!loopback) {
		/* Find and update or add default router in list */
		dr = router_lookup(pi, from->sin6_addr);
		router_lifetime = ntohs(ra->nd_ra_router_lifetime);
		if (dr == NULL) {
			if (router_lifetime != 0) {
				dr = router_create(pi, from->sin6_addr,
				    MILLISEC * router_lifetime);
				timer_schedule(dr->dr_lifetime);
			}
		} else {
			dr->dr_lifetime = MILLISEC * router_lifetime;
			if (dr->dr_lifetime != 0)
				timer_schedule(dr->dr_lifetime);
			if ((dr->dr_lifetime != 0 && !dr->dr_inkernel) ||
			    (dr->dr_lifetime == 0 && dr->dr_inkernel))
				router_update_k(dr);
		}
	}
	/* Process any options */
	len -= sizeof (struct nd_router_advert);
	opt = (struct nd_opt_hdr *)&ra[1];
	while (len >= sizeof (struct nd_opt_hdr)) {
		optlen = opt->nd_opt_len * 8;
		switch (opt->nd_opt_type) {
		case ND_OPT_PREFIX_INFORMATION:
			incoming_prefix_opt(pi, (uchar_t *)opt, from,
			    loopback);
			break;
		case ND_OPT_MTU:
			incoming_mtu_opt(pi, (uchar_t *)opt, from);
			break;
		case ND_OPT_SOURCE_LINKADDR:
			/* skip lla option if sent from ourselves! */
			if (!loopback) {
				incoming_lla_opt(pi, (uchar_t *)opt,
				    from, NDF_ISROUTER_ON);
				slla_opt_present = _B_TRUE;
			}
			break;
		default:
			break;
		}
		opt = (struct nd_opt_hdr *)((char *)opt + optlen);
		len -= optlen;
	}
	if (!loopback && !slla_opt_present)
		update_ra_flag(pi, from, NDF_ISROUTER_ON);
	/* Stop sending solicitations */
	check_to_solicit(pi, SOLICIT_DONE);
}

/*
 * Process a received prefix option.
 * Unless addrconf is turned off we process both the addrconf and the
 * onlink aspects of the prefix option.
 *
 * Note that when a flag (onlink or auto) is turned off we do nothing -
 * the prefix will time out.
 */
static void
incoming_prefix_opt(struct phyint *pi, uchar_t *opt,
    struct sockaddr_in6 *from, boolean_t loopback)
{
	struct nd_opt_prefix_info *po = (struct nd_opt_prefix_info *)opt;
	boolean_t	good_prefix = _B_TRUE;

	if (8 * po->nd_opt_pi_len != sizeof (*po)) {
		char abuf[INET6_ADDRSTRLEN];

		(void) inet_ntop(AF_INET6, (void *)&from->sin6_addr,
		    abuf, sizeof (abuf));
		logmsg(LOG_INFO, "prefix option from %s on %s wrong size "
		    "(%d bytes)\n",
		    abuf, pi->pi_name,
		    8 * (int)po->nd_opt_pi_len);
		return;
	}
	if (IN6_IS_ADDR_LINKLOCAL(&po->nd_opt_pi_prefix)) {
		char abuf[INET6_ADDRSTRLEN];

		(void) inet_ntop(AF_INET6, (void *)&from->sin6_addr,
		    abuf, sizeof (abuf));
		logmsg(LOG_INFO, "RA from %s on %s contains link-local prefix "
		    "- ignored\n",
		    abuf, pi->pi_name);
		return;
	}
	if ((po->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_AUTO) &&
	    pi->pi_stateless && pi->pi_autoconf) {
		good_prefix = incoming_prefix_addrconf(pi, opt, from, loopback);
	}
	if ((po->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_ONLINK) &&
	    good_prefix) {
		incoming_prefix_onlink(pi, opt);
	}
	if (pi->pi_stateful && pi->pi_autoconf)
		incoming_prefix_stateful(pi, opt);
}

/*
 * Process prefix options with the onlink flag set.
 *
 * If there are no routers ndpd will add an onlink
 * default route which will allow communication
 * between neighbors.
 *
 * This function needs to loop to find the same prefix multiple times
 * as if a failover happened earlier, the addresses belonging to
 * a different interface may be found here on this interface.
 */
static void
incoming_prefix_onlink(struct phyint *pi, uchar_t *opt)
{
	struct nd_opt_prefix_info *po = (struct nd_opt_prefix_info *)opt;
	int plen;
	struct prefix *pr;
	uint32_t validtime;	/* Without 2 hour rule */
	boolean_t found_one = _B_FALSE;

	plen = po->nd_opt_pi_prefix_len;
	for (pr = pi->pi_prefix_list; pr != NULL; pr = pr->pr_next) {
		if (pr->pr_prefix_len == plen &&
		    prefix_equal(po->nd_opt_pi_prefix, pr->pr_prefix, plen)) {
			/* Exclude static prefixes */
			if (pr->pr_state & PR_STATIC)
				continue;
			found_one = _B_TRUE;
			incoming_prefix_onlink_process(pr, opt);
		}
	}

	validtime = ntohl(po->nd_opt_pi_valid_time);
	/*
	 * If we have found a matching prefix already or validtime
	 * is zero, we have nothing to do.
	 */
	if (validtime == 0 || found_one)
		return;
	pr = prefix_create(pi, po->nd_opt_pi_prefix, plen, 0);
	if (pr == NULL)
		return;
	incoming_prefix_onlink_process(pr, opt);
}

void
incoming_prefix_onlink_process(struct prefix *pr, uchar_t *opt)
{
	struct nd_opt_prefix_info *po = (struct nd_opt_prefix_info *)opt;
	uint32_t validtime;	/* Without 2 hour rule */
	char abuf[INET6_ADDRSTRLEN];

	validtime = ntohl(po->nd_opt_pi_valid_time);
	if (validtime != 0)
		pr->pr_state |= PR_ONLINK;
	else
		pr->pr_state &= ~PR_ONLINK;

	/*
	 * Convert from seconds to milliseconds avoiding overflow.
	 * If the lifetime in the packet is e.g. PREFIX_INFINITY - 1
	 * (4 billion seconds - about 130 years) we will in fact time
	 * out the prefix after 4 billion milliseconds - 46 days).
	 * Thus the longest lifetime (apart from infinity) is 46 days.
	 * Note that this ensures that PREFIX_INFINITY still means "forever".
	 */
	if (pr->pr_flags & IFF_TEMPORARY) {
		pr->pr_OnLinkLifetime = pr->pr_ValidLifetime;
	} else {
		if (validtime >= PREFIX_INFINITY / MILLISEC)
			pr->pr_OnLinkLifetime = PREFIX_INFINITY - 1;
		else
			pr->pr_OnLinkLifetime = validtime * MILLISEC;
	}
	pr->pr_OnLinkFlag = _B_TRUE;
	if (debug & (D_PREFIX|D_TMP)) {
		logmsg(LOG_DEBUG, "incoming_prefix_onlink_process(%s, %s/%u) "
		    "onlink %u state 0x%x, kstate 0x%x\n",
		    pr->pr_name, inet_ntop(AF_INET6, (void *)&pr->pr_prefix,
		    abuf, sizeof (abuf)), pr->pr_prefix_len,
		    pr->pr_OnLinkLifetime, pr->pr_state, pr->pr_kernel_state);
	}

	if (pr->pr_kernel_state != pr->pr_state) {
		prefix_update_k(pr);
	}

	if (pr->pr_OnLinkLifetime != 0)
		timer_schedule(pr->pr_OnLinkLifetime);
}

/*
 * Process all prefix options by locating the DHCPv6-configured interfaces, and
 * applying the netmasks as needed.
 */
static void
incoming_prefix_stateful(struct phyint *pi, uchar_t *opt)
{
	struct nd_opt_prefix_info *po = (struct nd_opt_prefix_info *)opt;
	struct prefix *pr;
	boolean_t foundpref;
	char abuf[INET6_ADDRSTRLEN];

	/* Make sure it's a valid prefix. */
	if (ntohl(po->nd_opt_pi_valid_time) == 0) {
		if (debug & D_DHCP)
			logmsg(LOG_DEBUG, "incoming_prefix_stateful: ignoring "
			    "prefix with no valid time\n");
		return;
	}

	if (debug & D_DHCP)
		logmsg(LOG_DEBUG, "incoming_prefix_stateful(%s, %s/%d)\n",
		    pi->pi_name, inet_ntop(AF_INET6,
		    (void *)&po->nd_opt_pi_prefix, abuf, sizeof (abuf)),
		    po->nd_opt_pi_prefix_len);
	foundpref = _B_FALSE;
	for (pr = pi->pi_prefix_list; pr != NULL; pr = pr->pr_next) {
		if (prefix_equal(po->nd_opt_pi_prefix, pr->pr_prefix,
		    po->nd_opt_pi_prefix_len)) {
			if ((pr->pr_flags & IFF_DHCPRUNNING) &&
			    pr->pr_prefix_len != po->nd_opt_pi_prefix_len) {
				pr->pr_prefix_len = po->nd_opt_pi_prefix_len;
				if (pr->pr_flags & IFF_UP) {
					if (debug & D_DHCP)
						logmsg(LOG_DEBUG,
						    "incoming_prefix_stateful:"
						    " set mask on DHCP %s\n",
						    pr->pr_name);
					prefix_update_dhcp(pr);
				}
			}
			if (pr->pr_prefix_len == po->nd_opt_pi_prefix_len &&
			    (!(pr->pr_state & PR_STATIC) ||
			    (pr->pr_flags & IFF_DHCPRUNNING)))
				foundpref = _B_TRUE;
		}
	}
	/*
	 * If there's no matching DHCPv6 prefix present, then create an empty
	 * one so that we'll be able to configure it later.
	 */
	if (!foundpref) {
		pr = prefix_create(pi, po->nd_opt_pi_prefix,
		    po->nd_opt_pi_prefix_len, IFF_DHCPRUNNING);
		if (pr != NULL) {
			pr->pr_state = PR_STATIC;
			if (debug & D_DHCP)
				logmsg(LOG_DEBUG,
				    "incoming_prefix_stateful: created dummy "
				    "prefix for later\n");
		}
	}
}

/*
 * Process prefix options with the autonomous flag set.
 * Returns false if this prefix results in a bad address (duplicate)
 * This function needs to loop to find the same prefix multiple times
 * as if a failover happened earlier, the addresses belonging to
 * a different interface may be found here on this interface.
 */
static boolean_t
incoming_prefix_addrconf(struct phyint *pi, uchar_t *opt,
    struct sockaddr_in6 *from, boolean_t loopback)
{
	struct nd_opt_prefix_info *po = (struct nd_opt_prefix_info *)opt;
	int plen;
	struct prefix *pr;
	uint32_t validtime, preftime;	/* In seconds */
	char abuf[INET6_ADDRSTRLEN];
	char pbuf[INET6_ADDRSTRLEN];
	boolean_t found_pub = _B_FALSE;
	boolean_t found_tmp = _B_FALSE;
	boolean_t ret;

	validtime = ntohl(po->nd_opt_pi_valid_time);
	preftime = ntohl(po->nd_opt_pi_preferred_time);
	plen = po->nd_opt_pi_prefix_len;

	/* Sanity checks */
	if (validtime < preftime) {
		(void) inet_ntop(AF_INET6, (void *)&from->sin6_addr,
		    abuf, sizeof (abuf));
		(void) inet_ntop(AF_INET6,
		    (void *)&po->nd_opt_pi_prefix,
		    pbuf, sizeof (pbuf));
		logmsg(LOG_WARNING, "prefix option %s/%u from %s on %s: "
		    "valid %u < pref %u ignored\n",
		    pbuf, plen, abuf, pi->pi_name,
		    validtime, preftime);
		return (_B_FALSE);
	}