Commit 4733e4f1 authored by Shawn Routhier's avatar Shawn Routhier
Browse files

[rt30281]

Modify the renew_lease6() code to properly handle a lease time
that is reduced rather than extended.
Fix the ATF tests for mdb6 and add a new test to check the
above condition.
parent 56730947
......@@ -52,6 +52,22 @@ The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
Changes since 4.1-ESV-R6
- Existing legacy unit-tests have been migrated to Automated Test
Framework (ATF). Several new tests have been developed. To enable
unit-tests, please use --with-atf in configure script. A Developer's
Guide has been added. To generate it, please use make devel in
the doc directory. It is currently in early stages of development,
but is expected to grow in the near future. [ISC-Bugs 25901]
! An issue with the use of lease times was found and fixed. Making
certain changes to the end time of an IPv6 lease could cause the
server to abort. Thanks to Glen Eustace of Massey University,
New Zealand for finding this issue.
[ISC-Bugs #30281]
CVE: CVE-2012-3955
Changes since 4.1-ESV-R5
- Correct code to calculate timing values in client to compare
......@@ -90,13 +106,6 @@ work on other platforms. Please report any problems and suggested fixes to
[ISC-Bugs #30024]
CVE: CVE-2012-3954
- Existing legacy unit-tests have been migrated to Automated Test
Framework (ATF). Several new tests have been developed. To enable
unit-tests, please use --with-atf in configure script. A Developer's
Guide has been added. To generate it, please use make devel in
the doc directory. It is currently in early stages of development,
but is expected to grow in the near future. [ISC-Bugs 25901]
Changes since 4.1-ESV-R5rc2
- None
......
......@@ -8,6 +8,8 @@
http://www.isc.org/software/dhcp website.
@section toc Table Of Contents
- Server
- @subpage ipv6structures
- @subpage tests
- @subpage testsOverview
- @subpage testsAtf
......
......@@ -1830,9 +1830,6 @@ reply_process_ia_na(struct reply_state *reply, struct option_cache *ia) {
ia_reference(&tmp->ia, reply->ia, MDL);
/* Commit 'hard' bindings. */
tmp->hard_lifetime_end_time =
tmp->soft_lifetime_end_time;
tmp->soft_lifetime_end_time = 0;
renew_lease6(tmp->ipv6_pool, tmp);
schedule_lease_timeout(tmp->ipv6_pool);
......@@ -2489,9 +2486,6 @@ reply_process_ia_ta(struct reply_state *reply, struct option_cache *ia) {
ia_reference(&tmp->ia, reply->ia, MDL);
/* Commit 'hard' bindings. */
tmp->hard_lifetime_end_time =
tmp->soft_lifetime_end_time;
tmp->soft_lifetime_end_time = 0;
renew_lease6(tmp->ipv6_pool, tmp);
schedule_lease_timeout(tmp->ipv6_pool);
......@@ -3359,9 +3353,6 @@ reply_process_ia_pd(struct reply_state *reply, struct option_cache *ia) {
ia_reference(&tmp->ia, reply->ia, MDL);
/* Commit 'hard' bindings. */
tmp->hard_lifetime_end_time =
tmp->soft_lifetime_end_time;
tmp->soft_lifetime_end_time = 0;
renew_lease6(tmp->ipv6_pool, tmp);
schedule_lease_timeout(tmp->ipv6_pool);
}
......
......@@ -27,24 +27,26 @@
* A brief description of the IPv6 structures as reverse engineered.
*
* There are three major data strucutes involved in the database:
* ipv6_pool - this contains information about a pool of addresses or prefixes
*
* - ipv6_pool - this contains information about a pool of addresses or prefixes
* that the server is using. This includes a hash table that
* tracks the active items and a pair of heap tables one for
* active items and one for non-active items. The heap tables
* are used to determine the next items to be modified due to
* timing events (expire mostly).
* ia_xx - this contains information about a single IA from a request
* - ia_xx - this contains information about a single IA from a request
* normally it will contain one pointer to a lease for the client
* but it may contain more in some circumstances. There are 3
* hash tables to aid in accessing these one each for NA, TA and PD
* iasubopt - the v6 lease structure. These are creaeted dynamically when
* hash tables to aid in accessing these one each for NA, TA and PD.
* - iasubopt- the v6 lease structure. These are created dynamically when
* a client asks for something and will eventually be destroyed
* if the client doesn't re-ask for that item. A lease has space
* for backpointers to the IA and to the pool to which it belongs.
* The pool backpointer is always filled, the IA pointer may not be
* The pool backpointer is always filled, the IA pointer may not be.
*
* In normal use we then have something like this:
*
* \verbatim
* ia hash tables
* ia_na_active +----------------+
* ia_ta_active +------------+ | pool |
......@@ -54,6 +56,7 @@
* | iasubopt array |<---| iaptr |<--| inactive heap |
* | lease ptr |--->| | | |
* +-----------------+ +------------+ +----------------+
* \endverbatim
*
* For the pool either the inactive heap will have a pointer
* or both the active heap and the active hash will have pointers.
......@@ -935,7 +938,7 @@ create_lease6(struct ipv6_pool *pool, struct iasubopt **addr,
}
/*! \file server/mdb6.c
/*!
*
* \brief Cleans up leases when reading from a lease file
*
......@@ -1236,29 +1239,49 @@ move_lease_to_active(struct ipv6_pool *pool, struct iasubopt *lease) {
return insert_result;
}
/*
* Renew an lease in the pool.
/*!
* \brief Renew a lease in the pool.
*
* The hard_lifetime_end_time of the lease should be set to
* the current expiration time.
* The soft_lifetime_end_time of the lease should be set to
* the desired expiration time.
*
* This routine will compare the two and call the correct
* heap routine to move the lease. If the lease is active
* and the new expiration time is greater (the normal case)
* then we call isc_heap_decreased() as a larger time is a
* lower priority. If the new expiration time is less then
* we call isc_heap_increased().
*
* If the lease is abandoned then it will be on the active list
* and we will always call isc_heap_increased() as the previous
* expiration would have been all 1s (as close as we can get
* to infinite).
*
* To do this, first set the new hard_lifetime_end_time for the resource,
* and then invoke renew_lease6() on it.
* If the lease is moving to active we call that routine
* which will move it from the inactive list to the active list.
*
* WARNING: lease times must only be extended, never reduced!!!
* \param pool a pool the lease belongs to
* \param lease the lease to be renewed
*
* \return result of the renew operation (ISC_R_SUCCESS if successful,
ISC_R_NOMEMORY when run out of memory)
*/
isc_result_t
renew_lease6(struct ipv6_pool *pool, struct iasubopt *lease) {
/*
* If we're already active, then we can just move our expiration
* time down the heap.
*
* If we're abandoned then we are already on the active list
* but we need to retag the lease and move our expiration
* from infinite to the current value
*
* Otherwise, we have to move from the inactive heap to the
* active heap.
*/
time_t old_end_time = lease->hard_lifetime_end_time;
lease->hard_lifetime_end_time = lease->soft_lifetime_end_time;
lease->soft_lifetime_end_time = 0;
if (lease->state == FTS_ACTIVE) {
isc_heap_decreased(pool->active_timeouts, lease->heap_index);
if (old_end_time <= lease->hard_lifetime_end_time) {
isc_heap_decreased(pool->active_timeouts,
lease->heap_index);
} else {
isc_heap_increased(pool->active_timeouts,
lease->heap_index);
}
return ISC_R_SUCCESS;
} else if (lease->state == FTS_ABANDONED) {
char tmp_addr[INET6_ADDRSTRLEN];
......@@ -1924,9 +1947,8 @@ change_leases(struct ia_xx *ia,
/*
* Renew all leases in an IA from all pools.
*
* The new hard_lifetime_end_time should be updated for the addresses/prefixes.
*
* WARNING: lease times must only be extended, never reduced!!!
* The new lifetime should be in the soft_lifetime_end_time
* and will be moved to hard_lifetime_end_time by renew_lease6.
*/
isc_result_t
renew_leases(struct ia_xx *ia) {
......
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment