rpms/dhcp/F-12 dhcp-4.1.1-UseMulticast.patch, NONE, 1.1 dhcp-4.1.1-manpages.patch, 1.3, 1.4 dhcp.spec, 1.291, 1.292

Fri Mar 12 20:17:40 UTC 2010

Author: jpopelka

Update of /cvs/pkgs/rpms/dhcp/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2276

Modified Files:
	dhcp-4.1.1-manpages.patch dhcp.spec 
Added Files:
	dhcp-4.1.1-UseMulticast.patch 
Log Message:
* Fri Mar 12 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-10
- Discard unicast Request/Renew/Release/Decline message
  (unless we set unicast option) and respond with Reply
  with UseMulticast Status Code option (#573090)
- Remove DHCPV6 OPERATION section from dhclient.conf.5
  describing deprecated 'send dhcp6.oro' syntax


dhcp-4.1.1-UseMulticast.patch:
 dhcpv6.c |  142 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 126 insertions(+), 16 deletions(-)

--- NEW FILE dhcp-4.1.1-UseMulticast.patch ---
diff -up dhcp-4.1.1/server/dhcpv6.c.UseMulticast dhcp-4.1.1/server/dhcpv6.c
--- dhcp-4.1.1/server/dhcpv6.c.UseMulticast	2009-09-30 23:01:20.000000000 +0200
+++ dhcp-4.1.1/server/dhcpv6.c	2010-03-12 19:59:50.000000000 +0100
@@ -1206,6 +1206,29 @@ pick_v6_prefix(struct iasubopt **pref, i
 }
 
 /*
+ * Is the D6O_UNICAST option defined in dhcpd.conf file.
+ */
+isc_boolean_t
+is_unicast_option_defined(void) {
+	struct option_state *opt_state;
+	struct option_cache *oc;
+
+	opt_state = NULL;
+	if (!option_state_allocate(&opt_state, MDL)) {
+		log_fatal("No memory for unicast option.");
+	}
+
+	execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
+							opt_state, &global_scope, root_group, NULL);
+
+	oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+
+	option_state_dereference(&opt_state, MDL);
+
+	return (oc != NULL);
+}
+
+/*
  * lease_to_client() is called from several messages to construct a
  * reply that contains all that we know about the client's correct lease
  * (or projected lease).
@@ -1398,6 +1421,56 @@ lease_to_client(struct data_string *repl
 						    reply.shared->group);
 	}
 
+	/* reject unicast message, unless we set unicast option */
+	if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined())
+	/*
+	 * RFC3315 section 18.2.1 (Request):
+	 *
+	 * When the server receives a Request message via unicast from a client
+	 * to which the server has not sent a unicast option, the server
+	 * discards the Request message and responds with a Reply message
+	 * containing a Status Code option with the value UseMulticast, a Server
+	 * Identifier option containing the server's DUID, the Client Identifier
+	 * option from the client message, and no other options.
+	 *
+	 * Section 18.2.3 (Renew):
+	 *
+	 * When the server receives a Renew message via unicast from a client to
+	 * which the server has not sent a unicast option, the server discards
+	 * the Renew message and responds with a Reply message containing a
+	 * Status Code option with the value UseMulticast, a Server Identifier
+	 * option containing the server's DUID, the Client Identifier option
+	 * from the client message, and no other options.
+	 */
+	{
+		/* Set the UseMulticast status code. */
+		if (!set_status_code(STATUS_UseMulticast,
+					"Unicast not allowed by server.",
+					reply.opt_state)) {
+			log_error("lease_to_client: Unable to set "
+					"UseMulticast status code.");
+			goto exit;
+		}
+
+		/* Rewind the cursor to the start. */
+		reply.cursor = REPLY_OPTIONS_INDEX;
+
+		/*
+		 * Produce an reply that includes only:
+		 *
+		 * Status code.
+		 * Server DUID.
+		 * Client DUID.
+		 */
+		reply.cursor += store_options6((char *)reply.buf.data +
+					reply.cursor,
+					sizeof(reply.buf) -
+					reply.cursor,
+					reply.opt_state, reply.packet,
+					required_opts_NAA,
+					NULL);
+	} else if (no_resources_avail && (reply.ia_count != 0) &&
+	    (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
 	/*
 	 * RFC3315 section 17.2.2 (Solicit):
 	 *
@@ -1422,8 +1495,6 @@ lease_to_client(struct data_string *repl
 	 * the server.
 	 * Sends a Renew/Rebind if the IA is not in the Reply message.
 	 */
-	if (no_resources_avail && (reply.ia_count != 0) &&
-	    (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
 	{
 		/* Set the NoAddrsAvail status code. */
 		if (!set_status_code(STATUS_NoAddrsAvail,
@@ -4097,7 +4168,6 @@ dhcpv6_solicit(struct data_string *reply
  * Very similar to Solicit handling, except the server DUID is required.
  */
 
-/* TODO: reject unicast messages, unless we set unicast option */
 static void
 dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
 	struct data_string client_id;
@@ -4412,7 +4482,6 @@ exit:
  * except for the error code of when addresses don't match.
  */
 
-/* TODO: reject unicast messages, unless we set unicast option */
 static void
 dhcpv6_renew(struct data_string *reply, struct packet *packet) {
 	struct data_string client_id;
@@ -4653,18 +4722,60 @@ iterate_over_ia_na(struct data_string *r
 		goto exit;
 	}
 
-	snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
-	if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
-		goto exit;
-	}
+	/* reject unicast message, unless we set unicast option */
+	if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) {
+		/*
+		 * RFC3315 section 18.2.6 (Release):
+		 *
+		 * When the server receives a Release message via unicast from a client
+		 * to which the server has not sent a unicast option, the server
+		 * discards the Release message and responds with a Reply message
+		 * containing a Status Code option with value UseMulticast, a Server
+		 * Identifier option containing the server's DUID, the Client Identifier
+		 * option from the client message, and no other options.
+		 *
+		 * Section 18.2.7 (Decline):
+		 *
+		 * When the server receives a Decline message via unicast from a client
+		 * to which the server has not sent a unicast option, the server
+		 * discards the Decline message and responds with a Reply message
+		 * containing a Status Code option with the value UseMulticast, a Server
+		 * Identifier option containing the server's DUID, the Client Identifier
+		 * option from the client message, and no other options.
+		 */
+		snprintf(status_msg, sizeof(status_msg),
+				 "%s received unicast.", packet_type);
+		if (!set_status_code(STATUS_UseMulticast, status_msg, opt_state)) {
+			goto exit;
+		}
 
-	/* 
-	 * Add our options that are not associated with any IA_NA or IA_TA. 
-	 */
-	reply_ofs += store_options6(reply_data+reply_ofs,
-				    sizeof(reply_data)-reply_ofs, 
+		/*
+		 * Produce an reply that includes only:
+		 *
+		 * Status code.
+		 * Server DUID.
+		 * Client DUID.
+		 */
+		reply_ofs += store_options6(reply_data+reply_ofs,
+				    sizeof(reply_data)-reply_ofs,
 				    opt_state, packet,
-				    required_opts, NULL);
+				    required_opts_NAA, NULL);
+
+		goto return_reply;
+	} else {
+		snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
+		if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
+			goto exit;
+		}
+
+		/*
+		 * Add our options that are not associated with any IA_NA or IA_TA.
+		 */
+		reply_ofs += store_options6(reply_data+reply_ofs,
+					    sizeof(reply_data)-reply_ofs,
+					    opt_state, packet,
+					    required_opts, NULL);
+	}
 
 	/*
 	 * Loop through the IA_NA reported by the client, and deal with
@@ -4802,6 +4913,7 @@ iterate_over_ia_na(struct data_string *r
 	/* 
 	 * Return our reply to the caller.
 	 */
+return_reply:
 	reply_ret->len = reply_ofs;
 	reply_ret->buffer = NULL;
 	if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
@@ -4847,7 +4959,6 @@ exit:
  * we still need to be aware of this possibility.
  */
 
-/* TODO: reject unicast messages, unless we set unicast option */
 /* TODO: IA_TA */
 static void
 dhcpv6_decline(struct data_string *reply, struct packet *packet) {
@@ -5314,7 +5425,6 @@ exit:
  * Release means a client is done with the leases.
  */
 
-/* TODO: reject unicast messages, unless we set unicast option */
 static void
 dhcpv6_release(struct data_string *reply, struct packet *packet) {
 	struct data_string client_id;

dhcp-4.1.1-manpages.patch:
 client/dhclient-script.8 |   22 ++
 client/dhclient.8        |  429 ++++++++++++++++++++++++++++++-----------------
 client/dhclient.conf.5   |   33 +--
 common/dhcp-options.5    |   15 +
 server/dhcpd.conf.5      |   24 +-
 5 files changed, 339 insertions(+), 184 deletions(-)

Index: dhcp-4.1.1-manpages.patch
===================================================================
RCS file: /cvs/pkgs/rpms/dhcp/F-12/dhcp-4.1.1-manpages.patch,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- dhcp-4.1.1-manpages.patch	25 Feb 2010 17:16:18 -0000	1.3
+++ dhcp-4.1.1-manpages.patch	12 Mar 2010 20:17:40 -0000	1.4
@@ -473,6 +473,24 @@ diff -up dhcp-4.1.1/client/dhclient.conf
  .PP
  In some cases, it may be desirable to send no parameter request list
  at all.   To do this, simply write the request statement but specify
+@@ -239,17 +239,6 @@ than the default requested lease time, w
+ obvious use for this statement is to send information to the server
+ that will allow it to differentiate between this client and other
+ clients or kinds of clients.
+-.SH DHCPV6 OPERATION
+-The client does not yet have a default DHCPv6 Option Request Option (ORO),
+-nor has it been integrated with the 'request' and 'require' syntax above.
+-It is neccessary to configure an ORO then.
+-.PP
+-.nf
+-  send dhcp6.oro 1, 2, 7, 12, 13, 23, 24, 39;
+-.fi
+-.PP
+-The above ORO will request both identifiers (server, client), the preference,
+-unicast, nameservers, domain-search, and FQDN(v6) options.
+ .SH DYNAMIC DNS
+ The client now has some very limited support for doing DNS updates
+ when a lease is acquired.   This is prototypical, and probably doesn't
 @@ -659,6 +659,18 @@ database and will record the media type 
  Whenever the client tries to renew the lease, it will use that same
  media type.   The lease must expire before the client will go back to


Index: dhcp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dhcp/F-12/dhcp.spec,v
retrieving revision 1.291
retrieving revision 1.292
diff -u -p -r1.291 -r1.292
--- dhcp.spec	25 Feb 2010 17:16:18 -0000	1.291
+++ dhcp.spec	12 Mar 2010 20:17:40 -0000	1.292
@@ -13,7 +13,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  %{basever}
-Release:  9%{?dist}
+Release:  10%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -54,6 +54,7 @@ Patch18:  %{name}-4.1.1-add_timeout_when
 Patch19:  %{name}-4.1.1-64_bit_lease_parse.patch
 Patch20:  %{name}-4.1.1-capability.patch
 Patch21:  %{name}-4.1.1-logpid.patch
+Patch22:  %{name}-4.1.1-UseMulticast.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: autoconf
@@ -207,6 +208,11 @@ libdhcpctl and libomapi static libraries
 # with multiple dhclients running easier (#546792)
 %patch21 -p1 -b .logpid
 
+# Discard unicast Request/Renew/Release/Decline message
+# (unless we set unicast option) and respond with Reply
+# with UseMulticast Status Code option (#573090)
+%patch22 -p1 -b .UseMulticast
+
 # Copy in documentation and example scripts for LDAP patch to dhcpd
 %{__install} -p -m 0755 ldap-for-dhcp-%{ldappatchver}/dhcpd-conf-to-ldap contrib/
 
@@ -489,6 +495,13 @@ fi
 %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
 
 %changelog
+* Fri Mar 12 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-10
+- Discard unicast Request/Renew/Release/Decline message
+  (unless we set unicast option) and respond with Reply
+  with UseMulticast Status Code option (#573090)
+- Remove DHCPV6 OPERATION section from dhclient.conf.5
+  describing deprecated 'send dhcp6.oro' syntax
+
 * Thu Feb 25 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-9
 - Fix paths in man pages (#568031)
 - Remove odd tests in %%preun

