Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Sebastian Schrader
Kea
Commits
be2350d5
Commit
be2350d5
authored
Sep 25, 2015
by
Francis Dupont
Browse files
[master] Merged trac4015 (secure DHCPv6 definitions)
parents
ee52a28f
1860ab2b
Changes
5
Hide whitespace changes
Inline
Side-by-side
doc/guide/dhcp6-srv.xml
View file @
be2350d5
...
...
@@ -860,6 +860,11 @@ temporarily override a list of interface names and listen on all interfaces.
structures. "Type" designates the format of the data: the meanings of
the various types is given in
<xref
linkend=
"dhcp-types"
/>
.
</para>
<para>
Experimental options (like standard options but with a code
which was not assigned by IANA) are listed in
<xref
linkend=
"dhcp6-exp-options-list"
/>
.
</para>
<para>
Some options are designated as arrays, which means that more than one
value is allowed in such an option. For example the option dns-servers
...
...
@@ -956,6 +961,27 @@ temporarily override a list of interface names and listen on all interfaces.
</tgroup>
</table>
</para>
<para>
<table
frame=
"all"
id=
"dhcp6-exp-options-list"
>
<title>
List of experimental DHCPv6 options
</title>
<tgroup
cols=
'4'
>
<colspec
colname=
'name'
/>
<colspec
colname=
'code'
align=
'center'
/>
<colspec
colname=
'type'
align=
'center'
/>
<colspec
colname=
'array'
align=
'center'
/>
<thead>
<row><entry>
Name
</entry><entry>
Code
</entry><entry>
Type
</entry><entry>
Array?
</entry></row>
</thead>
<tbody>
<row><entry>
public-key
</entry><entry>
701
</entry><entry>
binary
</entry><entry>
false
</entry></row>
<row><entry>
certificate
</entry><entry>
702
</entry><entry>
binary
</entry><entry>
false
</entry></row>
<row><entry>
signature
</entry><entry>
703
</entry><entry>
record
</entry><entry>
false
</entry></row>
<row><entry>
timestamp
</entry><entry>
704
</entry><entry>
binary
</entry><entry>
false
</entry></row>
</tbody>
</tgroup>
</table>
</para>
</section>
<section
id=
"dhcp6-custom-options"
>
...
...
src/lib/dhcp/dhcp4.h
View file @
be2350d5
...
...
@@ -36,6 +36,13 @@
#include
<stdint.h>
/// @note Code points in comments are those assigned by IANA
/// but not yet implemented in Kea.
/// To implement a standard option, remove the comment characters,
/// add an entry in std_option_defs.h, add a stdOptionDefs4 unit test
/// in tests/libdhcp++_unittest.cc and update dhcp4-std-options-list-part2
/// in the dhcp4-srv.xml source file of the user guide.
namespace
isc
{
namespace
dhcp
{
...
...
src/lib/dhcp/dhcp6.h
View file @
be2350d5
// Copyright (C) 2006-2011 Internet Systems Consortium, Inc. ("ISC")
// Copyright (C) 2006-2011
, 2015
Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
...
...
@@ -15,6 +15,13 @@
#ifndef DHCP6_H
#define DHCP6_H
/// @note Code points in comments are those assigned by IANA
/// but not yet implemented in Kea.
/// To implement a standard option, remove the comment characters,
/// add an entry in std_option_defs.h, add a stdOptionDefs6 unit test
/// in tests/libdhcp++_unittest.cc and update dhcp6-std-options-list in
/// the dhcp6-srv.xml source file of the user guide.
/* DHCPv6 Option codes: */
#define D6O_CLIENTID 1
/* RFC3315 */
...
...
@@ -65,24 +72,102 @@
#define D6O_CLT_TIME 46
/* RFC5007 */
#define D6O_LQ_RELAY_DATA 47
/* RFC5007 */
#define D6O_LQ_CLIENT_LINK 48
/* RFC5007 */
//#define D6O_MIP6_HNIDF 49 /* RFC6610 */
//#define D6O_MIP6_VDINF 50 /* RFC6610 */
//#define D6O_V6_LOST 51 /* RFC5223 */
//#define D6O_CAPWAP_AC_V6 52 /* RFC5417 */
//#define D6O_RELAY_ID 53 /* RFC5460 */
//#define D6O_IPV6_ADDRESS_MOS 54 /* RFC5678 */
//#define D6O_IPV6_FQDN_MOS 55 /* RFC5678 */
//#define D6O_NTP_SERVER 56 /* RFC5908 */
//#define D6O_V6_ACCESS_DOMAIN 57 /* RFC5986 */
//#define D6O_SIP_UA_CS_LIST 58 /* RFC6011 */
//#define D6O_BOOTFILE_URL 59 /* RFC5970 */
//#define D6O_BOOTFILE_PARAM 60 /* RFC5970 */
//#define D6O_CLIENT_ARCH_TYPE 61 /* RFC5970 */
//#define D6O_NII 62 /* RFC5970 */
//#define D6O_GEOLOCATION 63 /* RFC6225 */
//#define D6O_AFTR_NAME 64 /* RFC6334 */
#define D6O_ERP_LOCAL_DOMAIN_NAME 65
/* RFC6440 */
#define D6O_RSOO 66
/* RFC6422 */
//#define D6O_PD_EXCLUDE 67 /* RFC6603 */
//#define D6O_VSS 68 /* RFC6607 */
//#define D6O_MIP6_IDINF 69 /* RFC6610 */
//#define D6O_MIP6_UDINF 70 /* RFC6610 */
//#define D6O_MIP6_HNP 71 /* RFC6610 */
//#define D6O_MIP6_HAA 72 /* RFC6610 */
//#define D6O_MIP6_HAF 73 /* RFC6610 */
//#define D6O_RDNSS_SELECTION 74 /* RFC6731 */
//#define D6O_KRB_PRINCIPAL_NAME 75 /* RFC6784 */
//#define D6O_KRB_REALM_NAME 76 /* RFC6784 */
//#define D6O_KRB_DEFAULT_REALM_NAME 77 /* RFC6784 */
//#define D6O_KRB_KDC 78 /* RFC6784 */
#define D6O_CLIENT_LINKLAYER_ADDR 79
/* RFC6939 */
//#define D6O_LINK_ADDRESS 80 /* RFC6977 */
//#define D6O_RADIUS 81 /* RFC7037 */
//#define D6O_SOL_MAX_RT 82 /* RFC7083 */
//#define D6O_INF_MAX_RT 83 /* RFC7083 */
//#define D6O_ADDRSEL 84 /* RFC7078 */
//#define D6O_ADDRSEL_TABLE 85 /* RFC7078 */
//#define D6O_V6_PCP_SERVER 86 /* RFC7291 */
//#define D6O_DHCPV4_MSG 87 /* RFC7341 */
//#define D6O_DHCPV4_O_DHCPV6_SERVER 88 /* RFC7341 */
//#define D6O_S46_RULE 89 /* RFC7598 */
//#define D6O_S46_BR 90 /* RFC7598 */
//#define D6O_S46_DMR 91 /* RFC7598 */
//#define D6O_S46_V4V6BIND 92 /* RFC7598 */
//#define D6O_S46_PORTPARAMS 93 /* RFC7598 */
//#define D6O_S46_CONT_MAPE 94 /* RFC7598 */
//#define D6O_S46_CONT_MAPT 95 /* RFC7598 */
//#define D6O_S46_CONT_LW 96 /* RFC7598 */
//#define D6O_4RD 97 /* RFC7600 */
//#define D6O_4RD_MAP_RULE 98 /* RFC7600 */
//#define D6O_4RD_NON_MAP_RULE 99 /* RFC7600 */
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define D6O_LQ_BASE_TIME 100
//#define D6O_LQ_START_TIME 101
//#define D6O_LQ_END_TIME 102
/* 103-142 unassigned */
//#define D6O_IPV6_ADDRESS_ANDSF 143 /* RFC6153 */
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
/* secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08) */
/* temporary values for hackathon 93 */
#define D6O_PUBLIC_KEY 701
#define D6O_CERTIFICATE 702
#define D6O_SIGNATURE 703
#define D6O_TIMESTAMP 704
/*
* Status Codes, from RFC 3315 section 24.4, and RFC 3633, 5007.
* Status Codes, from RFC 3315 section 24.4, and RFC 3633, 5007
, 5460
.
*/
#define STATUS_Success 0
#define STATUS_UnspecFail 1
#define STATUS_NoAddrsAvail 2
#define STATUS_NoBinding 3
#define STATUS_NotOnLink 4
#define STATUS_UseMulticast 5
#define STATUS_NoPrefixAvail 6
#define STATUS_UnknownQueryType 7
#define STATUS_MalformedQuery 8
#define STATUS_NotConfigured 9
#define STATUS_NotAllowed 10
#define STATUS_Success 0
#define STATUS_UnspecFail 1
#define STATUS_NoAddrsAvail 2
#define STATUS_NoBinding 3
#define STATUS_NotOnLink 4
#define STATUS_UseMulticast 5
#define STATUS_NoPrefixAvail 6
#define STATUS_UnknownQueryType 7
#define STATUS_MalformedQuery 8
#define STATUS_NotConfigured 9
#define STATUS_NotAllowed 10
//#define STATUS_QueryTerminated 11
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define STATUS_DataMissing 12
//#define STATUS_CatchUpComplete 13
//#define STATUS_NotSupported 14
//#define STATUS_TLSConnectionRefused 15
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
/* secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08) */
/* temporary values for hackathon 93 */
#define STATUS_AlgorithmNotSupported 705
#define STATUS_AuthenticationFail 706
#define STATUS_TimestampFail 707
#define STATUS_SignatureFail 708
/*
* DHCPv6 message types, defined in section 5.3 of RFC 3315
...
...
@@ -100,8 +185,21 @@
#define DHCPV6_INFORMATION_REQUEST 11
#define DHCPV6_RELAY_FORW 12
#define DHCPV6_RELAY_REPL 13
/* RFC 5007 */
#define DHCPV6_LEASEQUERY 14
#define DHCPV6_LEASEQUERY_REPLY 15
/* RFC 5460 */
//#define DHCPV6_LEASEQUERY_DONE 16
//#define DHCPV6_LEASEQUERY_DATA 17
/* RFC 6977 */
//#define DHCPV6_RECONFIGURE_REQUEST 18
//#define DHCPV6_RECONFIGURE_REPLY 19
/* RFC 7341 */
//#define DHCPV6_DHCPV4_QUERY 20
//#define DHCPV6_DHCPV4_RESPONSE 21
/* draft-ietf-dhc-dhcpv6-active-leasequery-04 */
//#define DHCPV6_ACTIVELEASEQUERY 22
//#define DHCPV6_STARTTLS 23
extern
const
char
*
dhcpv6_type_names
[];
extern
const
int
dhcpv6_type_name_max
;
...
...
@@ -114,6 +212,14 @@ extern const int dhcpv6_type_name_max;
#define HWTYPE_ETHERNET 0x0001
#define HWTYPE_INFINIBAND 0x0020
// The following are EXPERIMENTAL and may change when IANA assigns official
// values.
// Secure DHCPv6 (draft-ietf-dhc-sedhcpv6-08.txt)
// (can't use an enum because HashAlgorithm name is already taken)
#define SHA_256 1
#define SHA_512 2
#define RSASSA_PKCS1v1_5 1
// Taken from http://www.iana.org/assignments/enterprise-numbers
#define ENTERPRISE_ID_ISC 2495
...
...
@@ -172,10 +278,13 @@ extern const int dhcpv6_type_name_max;
#define LQ6_MAX_RT 10
#define LQ6_MAX_RC 5
/* Leasequery query-types (RFC 5007) */
/* Leasequery query-types (RFC 5007
, RFC 5460
) */
#define LQ6QT_BY_ADDRESS 1
#define LQ6QT_BY_CLIENTID 2
//#define LQ6QT_BY_RELAY_ID 3
//#define LQ6QT_BY_LINK_ADDRESS 4
//#define LQ6QT_BY_REMOTE_ID 5
/*
* DUID time starts 2000-01-01.
...
...
src/lib/dhcp/std_option_defs.h
View file @
be2350d5
...
...
@@ -236,6 +236,9 @@ RECORD_DECL(REMOTE_ID_RECORDS, OPT_UINT32_TYPE, OPT_BINARY_TYPE);
RECORD_DECL
(
STATUS_CODE_RECORDS
,
OPT_UINT16_TYPE
,
OPT_STRING_TYPE
);
// vendor-class
RECORD_DECL
(
VENDOR_CLASS_RECORDS
,
OPT_UINT32_TYPE
,
OPT_BINARY_TYPE
);
// sedhcpv6 signature
RECORD_DECL
(
SIGNATURE_RECORDS
,
OPT_UINT8_TYPE
,
OPT_UINT8_TYPE
,
OPT_BINARY_TYPE
);
/// Standard DHCPv6 option definitions.
///
...
...
@@ -330,7 +333,15 @@ const OptionDefParams OPTION_DEF_PARAMS6[] = {
NO_RECORD_DEF
,
""
},
{
"rsoo"
,
D6O_RSOO
,
OPT_EMPTY_TYPE
,
false
,
NO_RECORD_DEF
,
"rsoo-opts"
},
{
"client-linklayer-addr"
,
D6O_CLIENT_LINKLAYER_ADDR
,
OPT_BINARY_TYPE
,
false
,
NO_RECORD_DEF
,
""
}
NO_RECORD_DEF
,
""
},
{
"public-key"
,
D6O_PUBLIC_KEY
,
OPT_BINARY_TYPE
,
false
,
NO_RECORD_DEF
,
""
},
{
"certificate"
,
D6O_CERTIFICATE
,
OPT_BINARY_TYPE
,
false
,
NO_RECORD_DEF
,
""
},
{
"signature"
,
D6O_SIGNATURE
,
OPT_RECORD_TYPE
,
false
,
RECORD_DEF
(
SIGNATURE_RECORDS
),
""
},
{
"timestamp"
,
D6O_TIMESTAMP
,
OPT_BINARY_TYPE
,
false
,
NO_RECORD_DEF
,
""
}
// @todo There is still a bunch of options for which we have to provide
// definitions but we don't do it because they are not really
...
...
src/lib/dhcp/tests/libdhcp++_unittest.cc
View file @
be2350d5
...
...
@@ -1168,6 +1168,18 @@ TEST_F(LibDhcpTest, stdOptionDefs6) {
LibDhcpTest
::
testStdOptionDefs6
(
D6O_ERP_LOCAL_DOMAIN_NAME
,
fqdn_buf
.
begin
(),
fqdn_buf
.
end
(),
typeid
(
OptionCustom
));
LibDhcpTest
::
testStdOptionDefs6
(
D6O_PUBLIC_KEY
,
begin
,
end
,
typeid
(
Option
));
LibDhcpTest
::
testStdOptionDefs6
(
D6O_CERTIFICATE
,
begin
,
end
,
typeid
(
Option
));
LibDhcpTest
::
testStdOptionDefs6
(
D6O_SIGNATURE
,
begin
,
end
,
typeid
(
OptionCustom
));
LibDhcpTest
::
testStdOptionDefs6
(
D6O_TIMESTAMP
,
begin
,
begin
+
8
,
typeid
(
Option
));
}
// This test checks if the DHCPv6 option definition can be searched by
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment