Commit be2350d5 authored by Francis Dupont's avatar Francis Dupont
Browse files

[master] Merged trac4015 (secure DHCPv6 definitions)

parents ee52a28f 1860ab2b
......@@ -860,6 +860,11 @@ temporarily override a list of interface names and listen on all interfaces.
structures. "Type" designates the format of the data: the meanings of
the various types is given in <xref linkend="dhcp-types"/>.
</para>
<para>
Experimental options (like standard options but with a code
which was not assigned by IANA) are listed in
<xref linkend="dhcp6-exp-options-list"/>.
</para>
<para>
Some options are designated as arrays, which means that more than one
value is allowed in such an option. For example the option dns-servers
......@@ -956,6 +961,27 @@ temporarily override a list of interface names and listen on all interfaces.
</tgroup>
</table>
</para>
<para>
<table frame="all" id="dhcp6-exp-options-list">
<title>List of experimental DHCPv6 options</title>
<tgroup cols='4'>
<colspec colname='name'/>
<colspec colname='code' align='center'/>
<colspec colname='type' align='center'/>
<colspec colname='array' align='center'/>
<thead>
<row><entry>Name</entry><entry>Code</entry><entry>Type</entry><entry>Array?</entry></row>
</thead>
<tbody>
<row><entry>public-key</entry><entry>701</entry><entry>binary</entry><entry>false</entry></row>
<row><entry>certificate</entry><entry>702</entry><entry>binary</entry><entry>false</entry></row>
<row><entry>signature</entry><entry>703</entry><entry>record</entry><entry>false</entry></row>
<row><entry>timestamp</entry><entry>704</entry><entry>binary</entry><entry>false</entry></row>
</tbody>
</tgroup>
</table>
</para>
</section>
<section id="dhcp6-custom-options">
......
......@@ -36,6 +36,13 @@
#include <stdint.h>
/// @note Code points in comments are those assigned by IANA
/// but not yet implemented in Kea.
/// To implement a standard option, remove the comment characters,
/// add an entry in std_option_defs.h, add a stdOptionDefs4 unit test
/// in tests/libdhcp++_unittest.cc and update dhcp4-std-options-list-part2
/// in the dhcp4-srv.xml source file of the user guide.
namespace isc {
namespace dhcp {
......
// Copyright (C) 2006-2011 Internet Systems Consortium, Inc. ("ISC")
// Copyright (C) 2006-2011, 2015 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
......@@ -15,6 +15,13 @@
#ifndef DHCP6_H
#define DHCP6_H
/// @note Code points in comments are those assigned by IANA
/// but not yet implemented in Kea.
/// To implement a standard option, remove the comment characters,
/// add an entry in std_option_defs.h, add a stdOptionDefs6 unit test
/// in tests/libdhcp++_unittest.cc and update dhcp6-std-options-list in
/// the dhcp6-srv.xml source file of the user guide.
/* DHCPv6 Option codes: */
#define D6O_CLIENTID 1 /* RFC3315 */
......@@ -65,24 +72,102 @@
#define D6O_CLT_TIME 46 /* RFC5007 */
#define D6O_LQ_RELAY_DATA 47 /* RFC5007 */
#define D6O_LQ_CLIENT_LINK 48 /* RFC5007 */
//#define D6O_MIP6_HNIDF 49 /* RFC6610 */
//#define D6O_MIP6_VDINF 50 /* RFC6610 */
//#define D6O_V6_LOST 51 /* RFC5223 */
//#define D6O_CAPWAP_AC_V6 52 /* RFC5417 */
//#define D6O_RELAY_ID 53 /* RFC5460 */
//#define D6O_IPV6_ADDRESS_MOS 54 /* RFC5678 */
//#define D6O_IPV6_FQDN_MOS 55 /* RFC5678 */
//#define D6O_NTP_SERVER 56 /* RFC5908 */
//#define D6O_V6_ACCESS_DOMAIN 57 /* RFC5986 */
//#define D6O_SIP_UA_CS_LIST 58 /* RFC6011 */
//#define D6O_BOOTFILE_URL 59 /* RFC5970 */
//#define D6O_BOOTFILE_PARAM 60 /* RFC5970 */
//#define D6O_CLIENT_ARCH_TYPE 61 /* RFC5970 */
//#define D6O_NII 62 /* RFC5970 */
//#define D6O_GEOLOCATION 63 /* RFC6225 */
//#define D6O_AFTR_NAME 64 /* RFC6334 */
#define D6O_ERP_LOCAL_DOMAIN_NAME 65 /* RFC6440 */
#define D6O_RSOO 66 /* RFC6422 */
//#define D6O_PD_EXCLUDE 67 /* RFC6603 */
//#define D6O_VSS 68 /* RFC6607 */
//#define D6O_MIP6_IDINF 69 /* RFC6610 */
//#define D6O_MIP6_UDINF 70 /* RFC6610 */
//#define D6O_MIP6_HNP 71 /* RFC6610 */
//#define D6O_MIP6_HAA 72 /* RFC6610 */
//#define D6O_MIP6_HAF 73 /* RFC6610 */
//#define D6O_RDNSS_SELECTION 74 /* RFC6731 */
//#define D6O_KRB_PRINCIPAL_NAME 75 /* RFC6784 */
//#define D6O_KRB_REALM_NAME 76 /* RFC6784 */
//#define D6O_KRB_DEFAULT_REALM_NAME 77 /* RFC6784 */
//#define D6O_KRB_KDC 78 /* RFC6784 */
#define D6O_CLIENT_LINKLAYER_ADDR 79 /* RFC6939 */
//#define D6O_LINK_ADDRESS 80 /* RFC6977 */
//#define D6O_RADIUS 81 /* RFC7037 */
//#define D6O_SOL_MAX_RT 82 /* RFC7083 */
//#define D6O_INF_MAX_RT 83 /* RFC7083 */
//#define D6O_ADDRSEL 84 /* RFC7078 */
//#define D6O_ADDRSEL_TABLE 85 /* RFC7078 */
//#define D6O_V6_PCP_SERVER 86 /* RFC7291 */
//#define D6O_DHCPV4_MSG 87 /* RFC7341 */
//#define D6O_DHCPV4_O_DHCPV6_SERVER 88 /* RFC7341 */
//#define D6O_S46_RULE 89 /* RFC7598 */
//#define D6O_S46_BR 90 /* RFC7598 */
//#define D6O_S46_DMR 91 /* RFC7598 */
//#define D6O_S46_V4V6BIND 92 /* RFC7598 */
//#define D6O_S46_PORTPARAMS 93 /* RFC7598 */
//#define D6O_S46_CONT_MAPE 94 /* RFC7598 */
//#define D6O_S46_CONT_MAPT 95 /* RFC7598 */
//#define D6O_S46_CONT_LW 96 /* RFC7598 */
//#define D6O_4RD 97 /* RFC7600 */
//#define D6O_4RD_MAP_RULE 98 /* RFC7600 */
//#define D6O_4RD_NON_MAP_RULE 99 /* RFC7600 */
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define D6O_LQ_BASE_TIME 100
//#define D6O_LQ_START_TIME 101
//#define D6O_LQ_END_TIME 102
/* 103-142 unassigned */
//#define D6O_IPV6_ADDRESS_ANDSF 143 /* RFC6153 */
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
/* secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08) */
/* temporary values for hackathon 93 */
#define D6O_PUBLIC_KEY 701
#define D6O_CERTIFICATE 702
#define D6O_SIGNATURE 703
#define D6O_TIMESTAMP 704
/*
* Status Codes, from RFC 3315 section 24.4, and RFC 3633, 5007.
* Status Codes, from RFC 3315 section 24.4, and RFC 3633, 5007, 5460.
*/
#define STATUS_Success 0
#define STATUS_UnspecFail 1
#define STATUS_NoAddrsAvail 2
#define STATUS_NoBinding 3
#define STATUS_NotOnLink 4
#define STATUS_UseMulticast 5
#define STATUS_NoPrefixAvail 6
#define STATUS_UnknownQueryType 7
#define STATUS_MalformedQuery 8
#define STATUS_NotConfigured 9
#define STATUS_NotAllowed 10
#define STATUS_Success 0
#define STATUS_UnspecFail 1
#define STATUS_NoAddrsAvail 2
#define STATUS_NoBinding 3
#define STATUS_NotOnLink 4
#define STATUS_UseMulticast 5
#define STATUS_NoPrefixAvail 6
#define STATUS_UnknownQueryType 7
#define STATUS_MalformedQuery 8
#define STATUS_NotConfigured 9
#define STATUS_NotAllowed 10
//#define STATUS_QueryTerminated 11
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define STATUS_DataMissing 12
//#define STATUS_CatchUpComplete 13
//#define STATUS_NotSupported 14
//#define STATUS_TLSConnectionRefused 15
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
/* secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08) */
/* temporary values for hackathon 93 */
#define STATUS_AlgorithmNotSupported 705
#define STATUS_AuthenticationFail 706
#define STATUS_TimestampFail 707
#define STATUS_SignatureFail 708
/*
* DHCPv6 message types, defined in section 5.3 of RFC 3315
......@@ -100,8 +185,21 @@
#define DHCPV6_INFORMATION_REQUEST 11
#define DHCPV6_RELAY_FORW 12
#define DHCPV6_RELAY_REPL 13
/* RFC 5007 */
#define DHCPV6_LEASEQUERY 14
#define DHCPV6_LEASEQUERY_REPLY 15
/* RFC 5460 */
//#define DHCPV6_LEASEQUERY_DONE 16
//#define DHCPV6_LEASEQUERY_DATA 17
/* RFC 6977 */
//#define DHCPV6_RECONFIGURE_REQUEST 18
//#define DHCPV6_RECONFIGURE_REPLY 19
/* RFC 7341 */
//#define DHCPV6_DHCPV4_QUERY 20
//#define DHCPV6_DHCPV4_RESPONSE 21
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define DHCPV6_ACTIVELEASEQUERY 22
//#define DHCPV6_STARTTLS 23
extern const char *dhcpv6_type_names[];
extern const int dhcpv6_type_name_max;
......@@ -114,6 +212,14 @@ extern const int dhcpv6_type_name_max;
#define HWTYPE_ETHERNET 0x0001
#define HWTYPE_INFINIBAND 0x0020
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
// Secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08.txt)
// (can't use an enum because HashAlgorithm name is already taken)
#define SHA_256 1
#define SHA_512 2
#define RSASSA_PKCS1v1_5 1
// Taken from http://www.iana.org/assignments/enterprise-numbers
#define ENTERPRISE_ID_ISC 2495
......@@ -172,10 +278,13 @@ extern const int dhcpv6_type_name_max;
#define LQ6_MAX_RT 10
#define LQ6_MAX_RC 5
/* Leasequery query-types (RFC 5007) */
/* Leasequery query-types (RFC 5007, RFC 5460) */
#define LQ6QT_BY_ADDRESS 1
#define LQ6QT_BY_CLIENTID 2
//#define LQ6QT_BY_RELAY_ID 3
//#define LQ6QT_BY_LINK_ADDRESS 4
//#define LQ6QT_BY_REMOTE_ID 5
/*
* DUID time starts 2000-01-01.
......
......@@ -236,6 +236,9 @@ RECORD_DECL(REMOTE_ID_RECORDS, OPT_UINT32_TYPE, OPT_BINARY_TYPE);
RECORD_DECL(STATUS_CODE_RECORDS, OPT_UINT16_TYPE, OPT_STRING_TYPE);
// vendor-class
RECORD_DECL(VENDOR_CLASS_RECORDS, OPT_UINT32_TYPE, OPT_BINARY_TYPE);
// sedhcpv6 signature
RECORD_DECL(SIGNATURE_RECORDS, OPT_UINT8_TYPE, OPT_UINT8_TYPE,
OPT_BINARY_TYPE);
/// Standard DHCPv6 option definitions.
///
......@@ -330,7 +333,15 @@ const OptionDefParams OPTION_DEF_PARAMS6[] = {
NO_RECORD_DEF, "" },
{ "rsoo", D6O_RSOO, OPT_EMPTY_TYPE, false, NO_RECORD_DEF, "rsoo-opts" },
{ "client-linklayer-addr", D6O_CLIENT_LINKLAYER_ADDR, OPT_BINARY_TYPE, false,
NO_RECORD_DEF, "" }
NO_RECORD_DEF, "" },
{ "public-key", D6O_PUBLIC_KEY, OPT_BINARY_TYPE, false,
NO_RECORD_DEF, "" },
{ "certificate", D6O_CERTIFICATE, OPT_BINARY_TYPE, false,
NO_RECORD_DEF, "" },
{ "signature", D6O_SIGNATURE, OPT_RECORD_TYPE, false,
RECORD_DEF(SIGNATURE_RECORDS), "" },
{ "timestamp", D6O_TIMESTAMP, OPT_BINARY_TYPE, false,
NO_RECORD_DEF, "" }
// @todo There is still a bunch of options for which we have to provide
// definitions but we don't do it because they are not really
......
......@@ -1168,6 +1168,18 @@ TEST_F(LibDhcpTest, stdOptionDefs6) {
LibDhcpTest::testStdOptionDefs6(D6O_ERP_LOCAL_DOMAIN_NAME,
fqdn_buf.begin(), fqdn_buf.end(),
typeid(OptionCustom));
LibDhcpTest::testStdOptionDefs6(D6O_PUBLIC_KEY, begin, end,
typeid(Option));
LibDhcpTest::testStdOptionDefs6(D6O_CERTIFICATE, begin, end,
typeid(Option));
LibDhcpTest::testStdOptionDefs6(D6O_SIGNATURE, begin, end,
typeid(OptionCustom));
LibDhcpTest::testStdOptionDefs6(D6O_TIMESTAMP, begin, begin + 8,
typeid(Option));
}
// This test checks if the DHCPv6 option definition can be searched by
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment