From 1781d6df4e36ef64d8bedf3cbf1aef62e77192cd Mon Sep 17 00:00:00 2001 From: Jacek Konieczny Date: Fri, 3 Jan 2014 21:11:41 +0100 Subject: [PATCH] ignore-client-uids dhcpd configuration option added MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This help in case multiple DHCP clients, using different client-uid values are used on a single machine, sometimes during a single boot process (BIOS PXE client, PXE bootloader, initramfs and final system – four different DHCP clients). Using the 'ignore-client-uids on' option will prevent for allocating several different IP addresses in this case, by slightly breaking the DHCP protocol. Release: 2 --- dhcp-ignore-client-uids.patch | 161 ++++++++++++++++++++++++++++++++++ dhcp.spec | 5 +- 2 files changed, 165 insertions(+), 1 deletion(-) create mode 100644 dhcp-ignore-client-uids.patch diff --git a/dhcp-ignore-client-uids.patch b/dhcp-ignore-client-uids.patch new file mode 100644 index 0000000..77ee1d9 --- /dev/null +++ b/dhcp-ignore-client-uids.patch @@ -0,0 +1,161 @@ +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/common/conflex.c dhcp-4.2.5-P1/common/conflex.c +--- dhcp-4.2.5-P1.orig/common/conflex.c 2014-01-03 20:59:11.105475789 +0100 ++++ dhcp-4.2.5-P1/common/conflex.c 2014-01-03 20:59:51.775476160 +0100 +@@ -1067,6 +1067,8 @@ + return IF; + if (!strcasecmp (atom + 1, "s")) + return IS; ++ if (!strcasecmp (atom + 1, "gnore-client-uids")) ++ return IGNORE_CLIENT_UIDS; + if (!strcasecmp (atom + 1, "gnore")) + return IGNORE; + break; +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/includes/dhcpd.h dhcp-4.2.5-P1/includes/dhcpd.h +--- dhcp-4.2.5-P1.orig/includes/dhcpd.h 2014-01-03 20:59:11.115475790 +0100 ++++ dhcp-4.2.5-P1/includes/dhcpd.h 2014-01-03 20:59:51.775476160 +0100 +@@ -763,6 +763,8 @@ + #endif + #endif + ++#define SV_IGNORE_CLIENT_UIDS 78 ++ + #if !defined (DEFAULT_DEFAULT_LEASE_TIME) + # define DEFAULT_DEFAULT_LEASE_TIME 43200 + #endif +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/includes/dhctoken.h dhcp-4.2.5-P1/includes/dhctoken.h +--- dhcp-4.2.5-P1.orig/includes/dhctoken.h 2014-01-03 20:59:11.105475789 +0100 ++++ dhcp-4.2.5-P1/includes/dhctoken.h 2014-01-03 21:00:27.588809818 +0100 +@@ -365,7 +365,8 @@ + PRIMARY6 = 666, + SECONDARY6 = 667, + TOKEN_INFINIBAND = 668, +- BOOTP_BROADCAST_ALWAYS = 669 ++ BOOTP_BROADCAST_ALWAYS = 669, ++ IGNORE_CLIENT_UIDS = 670 + }; + + #define is_identifier(x) ((x) >= FIRST_TOKEN && \ +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/server/confpars.c dhcp-4.2.5-P1/server/confpars.c +--- dhcp-4.2.5-P1.orig/server/confpars.c 2013-03-04 19:35:09.000000000 +0100 ++++ dhcp-4.2.5-P1/server/confpars.c 2014-01-03 20:59:51.775476160 +0100 +@@ -328,6 +328,7 @@ + | ONE_LEASE_PER_CLIENT boolean + | GET_LEASE_HOSTNAMES boolean + | USE_HOST_DECL_NAME boolean ++ | IGNORE_CLIENT_UIDS boolean + | NEXT_SERVER ip-addr-or-hostname SEMI + | option_parameter + | SERVER-IDENTIFIER ip-addr-or-hostname SEMI +@@ -4104,6 +4105,10 @@ + code = SV_LEASEQUERY; + break; + ++ case IGNORE_CLIENT_UIDS: ++ code = SV_IGNORE_CLIENT_UIDS; ++ break; ++ + default: + parse_warn (cfile, "expecting allow/deny key"); + skip_to_semi (cfile); +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/server/dhcp.c dhcp-4.2.5-P1/server/dhcp.c +--- dhcp-4.2.5-P1.orig/server/dhcp.c 2014-01-03 20:59:11.112142457 +0100 ++++ dhcp-4.2.5-P1/server/dhcp.c 2014-01-03 20:59:51.778809492 +0100 +@@ -2337,31 +2337,42 @@ + /* Update Client Last Transaction Time. */ + lt->cltt = cur_time; + +- /* Record the uid, if given... */ +- oc = lookup_option (&dhcp_universe, packet -> options, +- DHO_DHCP_CLIENT_IDENTIFIER); +- if (oc && +- evaluate_option_cache (&d1, packet, lease, ++ /* Only record the uid if we're not ignoring them */ ++ oc = lookup_option (&server_universe, state -> options, ++ SV_IGNORE_CLIENT_UIDS); ++ if (!oc || ++ !evaluate_boolean_option_cache (&ignorep, packet, lease, + (struct client_state *)0, + packet -> options, state -> options, + &lease -> scope, oc, MDL)) { +- if (d1.len <= sizeof lt -> uid_buf) { +- memcpy (lt -> uid_buf, d1.data, d1.len); +- lt -> uid = lt -> uid_buf; +- lt -> uid_max = sizeof lt -> uid_buf; +- lt -> uid_len = d1.len; +- } else { +- unsigned char *tuid; +- lt -> uid_max = d1.len; +- lt -> uid_len = d1.len; +- tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL); +- /* XXX inelegant */ +- if (!tuid) +- log_fatal ("no memory for large uid."); +- memcpy (tuid, d1.data, lt -> uid_len); +- lt -> uid = tuid; ++ /* Record the uid, if given... */ ++ oc = lookup_option (&dhcp_universe, packet -> options, ++ DHO_DHCP_CLIENT_IDENTIFIER); ++ if (oc && ++ evaluate_option_cache (&d1, packet, lease, ++ (struct client_state *)0, ++ packet -> options, ++ state -> options, ++ &lease -> scope, oc, MDL)) { ++ if (d1.len <= sizeof lt -> uid_buf) { ++ memcpy (lt -> uid_buf, d1.data, d1.len); ++ lt -> uid = lt -> uid_buf; ++ lt -> uid_max = sizeof lt -> uid_buf; ++ lt -> uid_len = d1.len; ++ } else { ++ unsigned char *tuid; ++ lt -> uid_max = d1.len; ++ lt -> uid_len = d1.len; ++ tuid = (unsigned char *) ++ dmalloc (lt -> uid_max, MDL); ++ /* XXX inelegant */ ++ if (!tuid) ++ log_fatal ("no memory for large uid."); ++ memcpy (tuid, d1.data, lt -> uid_len); ++ lt -> uid = tuid; ++ } ++ data_string_forget (&d1, MDL); + } +- data_string_forget (&d1, MDL); + } + + if (host) { +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/server/dhcpd.conf.5 dhcp-4.2.5-P1/server/dhcpd.conf.5 +--- dhcp-4.2.5-P1.orig/server/dhcpd.conf.5 2014-01-03 20:59:11.118809123 +0100 ++++ dhcp-4.2.5-P1/server/dhcpd.conf.5 2014-01-03 20:59:51.778809492 +0100 +@@ -2338,6 +2338,20 @@ + must be a constant value. + .RE + .PP ++The ++.I ignore-client-uids ++statement ++.RS 0.25i ++.PP ++.B ignore-client-uids \fIflag\fB;\fR ++.PP ++If the \fIignore-client-uids\fR statement is present and has a value of ++\fItrue\fR or \fIon\fR, clients will be handled as though they provided no UID ++and the actual provided UID will not be recorded. If this statement is not ++present or has a value of \fIfalse\fR or \fIoff\fR, then client UIDs will be ++parsed and used as normal. ++.RE ++.PP + The + .I infinite-is-reserved + statement +diff -dur -x '*~' -x '*.orig' dhcp-4.2.5-P1.orig/server/stables.c dhcp-4.2.5-P1/server/stables.c +--- dhcp-4.2.5-P1.orig/server/stables.c 2013-03-05 19:26:51.000000000 +0100 ++++ dhcp-4.2.5-P1/server/stables.c 2014-01-03 20:59:51.778809492 +0100 +@@ -266,6 +266,7 @@ + { "ldap-tls-randfile", "t", &server_universe, 77, 1 }, + #endif /* LDAP_USE_SSL */ + #endif /* LDAP_CONFIGURATION */ ++ { "ignore-client-uids", "f", &server_universe, 78, 1 }, + { NULL, NULL, NULL, 0, 0 } + }; + diff --git a/dhcp.spec b/dhcp.spec index 5c11d8c..4e08da8 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -20,7 +20,7 @@ Summary(pl.UTF-8): Serwer DHCP Summary(pt_BR.UTF-8): Servidor DHCP (Protocolo de configuração dinâmica de hosts) Name: dhcp Version: %{ver}%{pverdot} -Release: 1 +Release: 2 Epoch: 4 License: MIT Group: Networking/Daemons @@ -49,6 +49,8 @@ Patch16: %{name}-default-requested-options.patch Patch17: %{name}-xen-checksum.patch Patch19: %{name}-manpages.patch Patch20: %{name}-NetworkManager-crash.patch +# http://www.csupomona.edu/~bldewolf/dhcp-uid/ +Patch21: %{name}-ignore-client-uids.patch URL: http://www.isc.org/sw/dhcp/ BuildRequires: autoconf BuildRequires: automake @@ -213,6 +215,7 @@ komunikacji z działającym serwerem ISC DHCP i jego kontroli. %patch17 -p1 %patch19 -p1 %patch20 -p1 +%patch21 -p1 # Copy in documentation and example scripts for LDAP patch to dhcpd cp -a %{SOURCE11} README.ldap -- 2.44.0