Commit 1d7fceeb authored by Thomas Markwalder's avatar Thomas Markwalder
Browse files

[master] dhclient now enforces require options statement in -6 mode

    Merges in rt41473.
parent 2f5fefd3
......@@ -179,6 +179,13 @@ by Eric Young (eay@cryptsoft.com).
BlueCat Networks for bringing the matter to our attention.
[ISC-Bugs #43592]
- When running in -6 mode, dhclient now enforces the require option statement
and will discard offered leases that do not contain all the required
options specified in the client configuration. Prior to this the client
would still consider such leases. This may be disabled at compile time
(see ENFORCE_DHCPV6_CLIENT_REQUIRE in includes/site.h).
[ISC-Bugs #41473]
Changes since 4.3.0 (bug fixes)
- Tidy up several small tickets.
......
......@@ -141,6 +141,8 @@ static isc_result_t dhc6_check_status(isc_result_t rval,
struct option_state *options,
const char *scope,
unsigned *code);
static int dhc6_score_lease(struct client_state *client,
struct dhc6_lease *lease);
extern int onetry;
extern int stateless;
......@@ -3133,6 +3135,15 @@ init_handler(struct packet *packet, struct client_state *client)
return;
}
int lease_score = dhc6_score_lease(client, lease);
#ifdef ENFORCE_DHCPV6_CLIENT_REQUIRE
if (lease_score == 0) {
log_debug("RCV:Advertised lease scored 0, toss it.");
dhc6_lease_destroy(&lease, MDL);
return;
}
#endif
insert_lease(&client->advertised_leases, lease);
/* According to RFC3315 section 17.1.2, the client MUST wait for
......@@ -3146,8 +3157,7 @@ init_handler(struct packet *packet, struct client_state *client)
* should not if the advertise contains less than one IA and address.
*/
if ((client->txcount > 1) ||
((lease->pref == 255) &&
(dhc6_score_lease(client, lease) > SCORE_MIN))) {
((lease->pref == 255) && (lease_score > SCORE_MIN))) {
log_debug("RCV: Advertisement immediately selected.");
cancel_timeout(do_init6, client);
start_selecting6(client);
......
......@@ -325,6 +325,13 @@
* supported by the configure script. */
/* #define EUI_64 */
/* Enable enforcement of the require option statement as documented
* in man page. Instructs the dhclient, when in -6 mode, to discard
* offered leases that do not contain all options specified as required
* in the client's configuration file. The client already enforces this
* in -4 mode. */
#define ENFORCE_DHCPV6_CLIENT_REQUIRE
/* Include definitions for various options. In general these
should be left as is, but if you have already defined one
of these and prefer your definition you can comment the
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment