config-set accepts incorrect "prefix-len" value
name: config-set accepts incorrect "prefix-len" value
about: On kea-dhcp6 version 2.2.1 config-set accepts incorrect "prefix-len"
value and future config-get and config-write calls fail.
Describe the bug Given the following subnet definition ( within a shared-network)
"subnet": "2a02:6b67:fc00:31::/64",
"id": 2,
"pd-pools": [{
"prefix": "2a02:6b67:ed70::",
"prefix-len": 44,
"delegated-len": 56}],
Kea starts correctly and config-* commands function as expected.
Change "prefix-len": 44, to "prefix-len": 38, and run "config-test" with this
invalid configuration. The command returns "result": 0,
[root@blaenau agent]# ./config-test6
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 5776 100 147 100 5629 143 5507 0:00:01 0:00:01 --:--:-- 5662
[
{
"result": 0,
"text": "Configuration seems sane. Control-socket, hook-libraries, and D2 configuration were sanity checked, but not applied."
}
]
Run config-set with this invalid configuration and it also returns 0
[root@blaenau agent]# ./config-set6
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 5684 100 56 100 5628 53 5411 0:00:01 0:00:01 --:--:-- 5475
[
{
"result": 0,
"text": "Configuration successful."
}
]
Now try and retrieve the running configuration with config-get or config-write.
[root@blaenau agent]# ./config-get6
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 191 100 141 100 50 10071 3571 --:--:-- --:--:-- --:--:-- 15916
[
{
"result": 1,
"text": "Error during command processing: invalid prefix range 2a02:6b67:ed70::-2a02:6b67:efff:ffff:ffff:ffff:ffff:ffff"
}
]
[root@blaenau agent]# ./config-write6
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 269 100 134 100 135 13400 13500 --:--:-- --:--:-- --:--:-- 38428
[
{
"result": 1,
"text": "Error during write-config:invalid prefix range 2a02:6b67:ed70::-2a02:6b67:efff:ffff:ffff:ffff:ffff:ffff"
}
]
Strangely after accepting the invalid configuration Kea appears to start sending
logging to stdout. the last message in the Kea log file is:
2024-01-19 01:52:35.014 INFO [kea-dhcp6.commands/97719.140321550017664] COMMAND_RECEIVED Received command 'config-set'
Correcting "prefix-len" and re-runing config-set re-enables the retrieval of the
running config but not the logging issue.
I haven't test if lease processing is affected by this.
To Reproduce Steps to reproduce the behavior:
- Run Kea dhcpv6 with the attached configuration file [
- change the prefix-len to some invalid value via config-set
- The server then appears to accept the configuration but efforts to retrieve
the runing configuration fail - See above
Expected behavior.
When running config-test Kea ought to have discovered the configuration error
and reported it.
When running config-set Kea ought to have discovered the configuration error
and reported it.
Environment:
- Kea version: 2.2.1 tarball linked with: log4cplus 1.2.0 OpenSSL 1.1.1k FIPS 25 Mar 2021 database: Memfile backend 4.0
- OS: Oracle Linux 8"
- none
- none
Additional Information This does not affect 2.5.4 which generates the following error:
2024-01-18 14:53:13.667 ERROR [kea-dhcp6.dhcp6/431892.140413956814720] DHCP6_PARSER_FAIL failed to create or run parser for configuration element shared-networks: Invalid Pool6 address boundaries: 2a02:6b67:ed70:: is not the first address in prefix: 2a02:6b67:ec00::/38 (<wire>:0:3314) (<wire>:0:2401)
SalesForce #00001600