diff options
author | Thomas Markwalder <tmark@isc.org> | 2014-12-08 14:56:40 -0500 |
---|---|---|
committer | Thomas Markwalder <tmark@isc.org> | 2014-12-08 14:56:40 -0500 |
commit | 7116a34fc9b1fb307bcdca22e6963254289ecb80 (patch) | |
tree | f468426e1f01f8b71f50823e6cf7f6500a8a1b86 /server/dhcp.c | |
parent | 2731a82c8369439178f0e1cc7de58f30f0fe8897 (diff) | |
download | isc-dhcp-7116a34fc9b1fb307bcdca22e6963254289ecb80.tar.gz |
[master] Replaced SERVER_ID_CHECK compile switch with runtime config parameter
Merges in rt37551.
Diffstat (limited to 'server/dhcp.c')
-rw-r--r-- | server/dhcp.c | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/server/dhcp.c b/server/dhcp.c index 770dce60..552955c8 100644 --- a/server/dhcp.c +++ b/server/dhcp.c @@ -553,31 +553,28 @@ void dhcprequest (packet, ms_nulltp, ip_lease) goto out; } -#if defined(SERVER_ID_CHECK) - /* Do a quick check on the server source address to see if - it is ours. sip is the incoming servrer id. To avoid - problems with confused clients we do some sanity checks - to verify sip's length and that it isn't all zeros. - We then get the server id we would likely use for this - packet and compare them. If they don't match it we assume - we didn't send the offer and so we don't process the request. - */ - - if ((sip.len == 4) && + /* If server-id-check is enabled, verify that the client's + * server source address (sip from incoming packet) is ours. + * To avoid problems with confused clients we do some sanity + * checks to verify sip's length and that it isn't all zeros. + * We then get the server id we would likely use for this + * packet and compare them. If they don't match it we assume + * we didn't send the offer and so we don't process the + * request. */ + if ((server_id_check == 1) && (sip.len == 4) && (memcmp(sip.iabuf, "\0\0\0\0", sip.len) != 0)) { struct in_addr from; struct option_state *eval_options = NULL; eval_network_statements(&eval_options, packet, NULL); - get_server_source_address(&from, eval_options, NULL, - packet); + get_server_source_address(&from, eval_options, + NULL, packet); option_state_dereference (&eval_options, MDL); if (memcmp(sip.iabuf, &from, sip.len) != 0) { log_debug("%s: not our server id", msgbuf); goto out; } } -#endif /* if defined(SERVER_ID_CHECK) */ /* At this point it's possible that we will get a broadcast DHCPREQUEST for a lease that we didn't offer, because |