rpms/dhcp
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- Discard unicast Request/Renew/Release/Decline message (unless we set

Browse Source 
unicast option) and respond with Reply with UseMulticast Status Code
    option (#573090)
- Remove DHCPV6 OPERATION section from dhclient.conf.5 describing
    deprecated 'send dhcp6.oro' syntax
This commit is contained in:
Jiří Popelka 2010-03-12 20:18:59 +00:00
parent 64b0222678
commit b08ba4ea9a
3 changed files with 242 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
dhcp-4.1.1-UseMulticast.patch Normal file
View File

@ -0,0 +1,210 @@
diff -up dhcp-4.1.1/server/dhcpv6.c.UseMulticast dhcp-4.1.1/server/dhcpv6.c
--- dhcp-4.1.1/server/dhcpv6.c.UseMulticast 2009-09-30 23:01:20.000000000 +0200
+++ dhcp-4.1.1/server/dhcpv6.c 2010-03-12 19:59:50.000000000 +0100
@@ -1206,6 +1206,29 @@ pick_v6_prefix(struct iasubopt **pref, i
}
/*
+ * Is the D6O_UNICAST option defined in dhcpd.conf file.
+ */
+isc_boolean_t
+is_unicast_option_defined(void) {
+ struct option_state *opt_state;
+ struct option_cache *oc;
+
+ opt_state = NULL;
+ if (!option_state_allocate(&opt_state, MDL)) {
+ log_fatal("No memory for unicast option.");
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
+ opt_state, &global_scope, root_group, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+
+ option_state_dereference(&opt_state, MDL);
+
+ return (oc != NULL);
+}
+
+/*
* lease_to_client() is called from several messages to construct a
* reply that contains all that we know about the client's correct lease
* (or projected lease).
@@ -1398,6 +1421,56 @@ lease_to_client(struct data_string *repl
reply.shared->group);
}
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined())
+ /*
+ * RFC3315 section 18.2.1 (Request):
+ *
+ * When the server receives a Request message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Request message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.3 (Renew):
+ *
+ * When the server receives a Renew message via unicast from a client to
+ * which the server has not sent a unicast option, the server discards
+ * the Renew message and responds with a Reply message containing a
+ * Status Code option with the value UseMulticast, a Server Identifier
+ * option containing the server's DUID, the Client Identifier option
+ * from the client message, and no other options.
+ */
+ {
+ /* Set the UseMulticast status code. */
+ if (!set_status_code(STATUS_UseMulticast,
+ "Unicast not allowed by server.",
+ reply.opt_state)) {
+ log_error("lease_to_client: Unable to set "
+ "UseMulticast status code.");
+ goto exit;
+ }
+
+ /* Rewind the cursor to the start. */
+ reply.cursor = REPLY_OPTIONS_INDEX;
+
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply.cursor += store_options6((char *)reply.buf.data +
+ reply.cursor,
+ sizeof(reply.buf) -
+ reply.cursor,
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
+ } else if (no_resources_avail && (reply.ia_count != 0) &&
+ (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
/*
* RFC3315 section 17.2.2 (Solicit):
*
@@ -1422,8 +1495,6 @@ lease_to_client(struct data_string *repl
* the server.
* Sends a Renew/Rebind if the IA is not in the Reply message.
*/
- if (no_resources_avail && (reply.ia_count != 0) &&
- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
{
/* Set the NoAddrsAvail status code. */
if (!set_status_code(STATUS_NoAddrsAvail,
@@ -4097,7 +4168,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
@@ -4412,7 +4482,6 @@ exit:
* except for the error code of when addresses don't match.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
@@ -4653,18 +4722,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
- snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
- if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
- goto exit;
- }
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) {
+ /*
+ * RFC3315 section 18.2.6 (Release):
+ *
+ * When the server receives a Release message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Release message and responds with a Reply message
+ * containing a Status Code option with value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.7 (Decline):
+ *
+ * When the server receives a Decline message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Decline message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ */
+ snprintf(status_msg, sizeof(status_msg),
+ "%s received unicast.", packet_type);
+ if (!set_status_code(STATUS_UseMulticast, status_msg, opt_state)) {
+ goto exit;
+ }
- /*
- * Add our options that are not associated with any IA_NA or IA_TA.
- */
- reply_ofs += store_options6(reply_data+reply_ofs,
- sizeof(reply_data)-reply_ofs,
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
opt_state, packet,
- required_opts, NULL);
+ required_opts_NAA, NULL);
+
+ goto return_reply;
+ } else {
+ snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
+ if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
+ goto exit;
+ }
+
+ /*
+ * Add our options that are not associated with any IA_NA or IA_TA.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
+ opt_state, packet,
+ required_opts, NULL);
+ }
/*
* Loop through the IA_NA reported by the client, and deal with
@@ -4802,6 +4913,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
+return_reply:
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
@@ -4847,7 +4959,6 @@ exit:
* we still need to be aware of this possibility.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
@@ -5314,7 +5425,6 @@ exit:
* Release means a client is done with the leases.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_release(struct data_string *reply, struct packet *packet) {
struct data_string client_id;

18
dhcp-4.1.1-manpages.patch
View File

@ -473,6 +473,24 @@ diff -up dhcp-4.1.1/client/dhclient.conf.5.man dhcp-4.1.1/client/dhclient.conf.5
.PP .PP
In some cases, it may be desirable to send no parameter request list In some cases, it may be desirable to send no parameter request list
at all. To do this, simply write the request statement but specify at all. To do this, simply write the request statement but specify
@@ -239,17 +239,6 @@ than the default requested lease time, w
obvious use for this statement is to send information to the server
that will allow it to differentiate between this client and other
clients or kinds of clients.
-.SH DHCPV6 OPERATION
-The client does not yet have a default DHCPv6 Option Request Option (ORO),
-nor has it been integrated with the 'request' and 'require' syntax above.
-It is neccessary to configure an ORO then.
-.PP
-.nf
- send dhcp6.oro 1, 2, 7, 12, 13, 23, 24, 39;
-.fi
-.PP
-The above ORO will request both identifiers (server, client), the preference,
-unicast, nameservers, domain-search, and FQDN(v6) options.
.SH DYNAMIC DNS
The client now has some very limited support for doing DNS updates
when a lease is acquired. This is prototypical, and probably doesn't
@@ -659,6 +659,18 @@ database and will record the media type @@ -659,6 +659,18 @@ database and will record the media type
Whenever the client tries to renew the lease, it will use that same Whenever the client tries to renew the lease, it will use that same
media type. The lease must expire before the client will go back to media type. The lease must expire before the client will go back to

15
dhcp.spec
View File

@ -13,7 +13,7 @@
Summary: Dynamic host configuration protocol software Summary: Dynamic host configuration protocol software
Name: dhcp Name: dhcp
Version: %{basever} Version: %{basever}
Release: 12%{?dist} Release: 13%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to # NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and # dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was. # that's why it is at 12 now. It should have never been used, but it was.
@ -54,6 +54,7 @@ Patch18: %{name}-4.1.1-add_timeout_when_NULL.patch
Patch19: %{name}-4.1.1-64_bit_lease_parse.patch Patch19: %{name}-4.1.1-64_bit_lease_parse.patch
Patch20: %{name}-4.1.1-capability.patch Patch20: %{name}-4.1.1-capability.patch
Patch21: %{name}-4.1.1-logpid.patch Patch21: %{name}-4.1.1-logpid.patch
Patch22: %{name}-4.1.1-UseMulticast.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: autoconf BuildRequires: autoconf
@ -207,6 +208,11 @@ libdhcpctl and libomapi static libraries are also included in this package.
# with multiple dhclients running easier (#546792) # with multiple dhclients running easier (#546792)
%patch21 -p1 -b .logpid %patch21 -p1 -b .logpid
# Discard unicast Request/Renew/Release/Decline message
# (unless we set unicast option) and respond with Reply
# with UseMulticast Status Code option (#573090)
%patch22 -p1 -b .UseMulticast
# Copy in documentation and example scripts for LDAP patch to dhcpd # Copy in documentation and example scripts for LDAP patch to dhcpd
%{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/ %{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/
@ -489,6 +495,13 @@ fi
%attr(0644,root,root) %{_mandir}/man3/omapi.3.gz %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
%changelog %changelog
* Fri Mar 12 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-13
- Discard unicast Request/Renew/Release/Decline message
(unless we set unicast option) and respond with Reply
with UseMulticast Status Code option (#573090)
- Remove DHCPV6 OPERATION section from dhclient.conf.5
describing deprecated 'send dhcp6.oro' syntax
* Thu Feb 25 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-12 * Thu Feb 25 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-12
- Fix paths in man pages (#568031) - Fix paths in man pages (#568031)
- Remove odd tests in %%preun - Remove odd tests in %%preun