diff options
-rw-r--r-- | RELNOTES | 10 | ||||
-rwxr-xr-x | configure | 17 | ||||
-rw-r--r-- | configure.ac | 10 | ||||
-rw-r--r-- | configure.ac+lt | 10 | ||||
-rw-r--r-- | configure.ac-base | 10 | ||||
-rw-r--r-- | configure.ac-lt | 10 | ||||
-rw-r--r-- | includes/config.h.in | 3 | ||||
-rw-r--r-- | includes/dhcpd.h | 3 | ||||
-rw-r--r-- | includes/failover.h | 2 | ||||
-rw-r--r-- | server/dhcpd.c | 9 | ||||
-rw-r--r-- | server/dhcpd.conf.5 | 14 | ||||
-rw-r--r-- | server/failover.c | 6 | ||||
-rw-r--r-- | server/stables.c | 3 | ||||
-rw-r--r-- | server/tests/load_bal_unittest.c | 7 |
14 files changed, 46 insertions, 68 deletions
@@ -227,6 +227,16 @@ dhcp-users@lists.isc.org. [ISC-Bugs #21297] [ISC-Bugs #36966] +- Replaced compilation option, enable-secs-byteorder, with a run-time, server + configuration parameter, check-secs-byte-order. When enabled, the + server will check for clients that do the byte ordering on the secs field + incorrectly. This field should be in network byte order but some clients + get it wrong. When this parameter is enabled the server will examine the + secs field and if it looks wrong (high byte non zero and low byte zero) swap + the bytes. The default is disabled. This parameter is only useful when + doing load balancing within failover. + [ISC-Bugs #45364] + Changes since 4.3.0 (bug fixes) - Tidy up several small tickets. @@ -772,7 +772,6 @@ enable_paranoia enable_early_chroot enable_ipv4_pktinfo enable_use_sockets -enable_secs_byteorder enable_log_pid enable_binary_leases with_atf @@ -1453,8 +1452,6 @@ Optional Features: --enable-ipv4-pktinfo enable use of pktinfo on IPv4 sockets (default is no) --enable-use-sockets use the standard BSD socket API (default is no) - --enable-secs-byteorder Correct bad byteorders in the secs field (default is - no). --enable-log-pid Include PIDs in syslog messages (default is no). --enable-binary-leases enable support for binary insertion of leases (default is no) @@ -5545,20 +5542,6 @@ $as_echo "#define USE_SOCKETS 1" >>confdefs.h fi -# Try to hnadle incorrect byte order for secs field -# This is off by default -# Check whether --enable-secs_byteorder was given. -if test "${enable_secs_byteorder+set}" = set; then : - enableval=$enable_secs_byteorder; -fi - - -if test "$enable_secs_byteorder" = "yes" ; then - -$as_echo "#define SECS_BYTEORDER 1" >>confdefs.h - -fi - # Include the PID in the log messages. This is useful when there may # be multiple instances of a program. # This is off by default diff --git a/configure.ac b/configure.ac index 6162d261..0cec4d22 100644 --- a/configure.ac +++ b/configure.ac @@ -216,16 +216,6 @@ if test "$enable_use_sockets" = "yes"; then [Define to 1 to use the standard BSD socket API.]) fi -# Try to hnadle incorrect byte order for secs field -# This is off by default -AC_ARG_ENABLE(secs_byteorder, - AS_HELP_STRING([--enable-secs-byteorder],[Correct bad byteorders in the secs field (default is no).])) - -if test "$enable_secs_byteorder" = "yes" ; then - AC_DEFINE([SECS_BYTEORDER], [1], - [Define to correct bad byteorders in secs field.]) -fi - # Include the PID in the log messages. This is useful when there may # be multiple instances of a program. # This is off by default diff --git a/configure.ac+lt b/configure.ac+lt index e4299039..f6fa1bb3 100644 --- a/configure.ac+lt +++ b/configure.ac+lt @@ -217,16 +217,6 @@ if test "$enable_use_sockets" = "yes"; then [Define to 1 to use the standard BSD socket API.]) fi -# Try to hnadle incorrect byte order for secs field -# This is off by default -AC_ARG_ENABLE(secs_byteorder, - AS_HELP_STRING([--enable-secs-byteorder],[Correct bad byteorders in the secs field (default is no).])) - -if test "$enable_secs_byteorder" = "yes" ; then - AC_DEFINE([SECS_BYTEORDER], [1], - [Define to correct bad byteorders in secs field.]) -fi - # Include the PID in the log messages. This is useful when there may # be multiple instances of a program. # This is off by default diff --git a/configure.ac-base b/configure.ac-base index a189247a..86bb59a5 100644 --- a/configure.ac-base +++ b/configure.ac-base @@ -222,16 +222,6 @@ if test "$enable_use_sockets" = "yes"; then [Define to 1 to use the standard BSD socket API.]) fi -# Try to hnadle incorrect byte order for secs field -# This is off by default -AC_ARG_ENABLE(secs_byteorder, - AS_HELP_STRING([--enable-secs-byteorder],[Correct bad byteorders in the secs field (default is no).])) - -if test "$enable_secs_byteorder" = "yes" ; then - AC_DEFINE([SECS_BYTEORDER], [1], - [Define to correct bad byteorders in secs field.]) -fi - # Include the PID in the log messages. This is useful when there may # be multiple instances of a program. # This is off by default diff --git a/configure.ac-lt b/configure.ac-lt index 6162d261..0cec4d22 100644 --- a/configure.ac-lt +++ b/configure.ac-lt @@ -216,16 +216,6 @@ if test "$enable_use_sockets" = "yes"; then [Define to 1 to use the standard BSD socket API.]) fi -# Try to hnadle incorrect byte order for secs field -# This is off by default -AC_ARG_ENABLE(secs_byteorder, - AS_HELP_STRING([--enable-secs-byteorder],[Correct bad byteorders in the secs field (default is no).])) - -if test "$enable_secs_byteorder" = "yes" ; then - AC_DEFINE([SECS_BYTEORDER], [1], - [Define to correct bad byteorders in secs field.]) -fi - # Include the PID in the log messages. This is useful when there may # be multiple instances of a program. # This is off by default diff --git a/includes/config.h.in b/includes/config.h.in index 4a3330d8..28a4cfa9 100644 --- a/includes/config.h.in +++ b/includes/config.h.in @@ -157,9 +157,6 @@ /* Define to any value to include Ari's PARANOIA patch. */ #undef PARANOIA -/* Define to correct bad byteorders in secs field. */ -#undef SECS_BYTEORDER - /* The size of `struct iaddr *', as computed by sizeof. */ #undef SIZEOF_STRUCT_IADDR_P diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 48d71737..1a6e8ef3 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -802,6 +802,9 @@ struct lease_state { #ifdef EUI_64 #define SV_USE_EUI_64 90 #endif +#if defined (FAILOVER_PROTOCOL) +#define SV_CHECK_SECS_BYTE_ORDER 91 +#endif #if !defined (DEFAULT_PING_TIMEOUT) # define DEFAULT_PING_TIMEOUT 1 diff --git a/includes/failover.h b/includes/failover.h index f6655f46..135b969f 100644 --- a/includes/failover.h +++ b/includes/failover.h @@ -392,5 +392,7 @@ typedef struct _dhcp_failover_state { u_int32_t updxid; /* XID of UPDREQ* message in action. */ } dhcp_failover_state_t; +extern int check_secs_byte_order; /* check byte order of secs field when true */ + #define DHCP_FAILOVER_VERSION 1 #endif /* FAILOVER_PROTOCOL */ diff --git a/server/dhcpd.c b/server/dhcpd.c index 19c6a687..66944717 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c @@ -1378,6 +1378,15 @@ void postconf_initialization (int quiet) data_string_forget (&db, MDL); } +#if defined (FAILOVER_PROTOCOL) + oc = lookup_option(&server_universe, options, SV_CHECK_SECS_BYTE_ORDER); + if ((oc != NULL) && + evaluate_boolean_option_cache(NULL, NULL, NULL, NULL, options, NULL, + &global_scope, oc, MDL)) { + check_secs_byte_order = 1; + } +#endif + #if defined (BINARY_LEASES) if (local_family == AF_INET) { log_info("Source compiled to use binary-leases"); diff --git a/server/dhcpd.conf.5 b/server/dhcpd.conf.5 index 02f854a9..8251574b 100644 --- a/server/dhcpd.conf.5 +++ b/server/dhcpd.conf.5 @@ -2021,6 +2021,20 @@ addresses, as long as those addresses are not restricted by and \fIdeny\fR statements within their \fIpool\fR declarations. .RE .PP +The \fIcheck-secs-byte-order\fR statement +.RS 0.25i +.PP +.B check-secs-byte-order \fIflag\fB;\fR +.PP +When \fIcheck-secs-byte-order\fR is enabled, the server will check for DHCPv4 +clients that do the byte ordering on the secs field incorrectly. This field +should be in network byte order but some clients get it wrong. When this +parameter is enabled the server will examine the secs field and if it looks +wrong (high byte non zero and low byte zero) swap the bytes. The default +is disabled. This parameter is only useful when doing load balancing within +failover. (Formerly, this behavior had to be enabled during compilation +configuration via --enable-secs-byteorder). +.PP The \fIdb-time-format\fR statement .RS 0.25i .PP diff --git a/server/failover.c b/server/failover.c index 25e1b72b..72f7b00e 100644 --- a/server/failover.c +++ b/server/failover.c @@ -50,6 +50,7 @@ static inline int secondary_not_hoarding(dhcp_failover_state_t *state, struct pool *p); static void scrub_lease(struct lease* lease, const char *file, int line); +int check_secs_byte_order = 0; /* enables byte order check of secs field if 1 */ /*! * \brief Performs a "pre-flight" sanity check of failover configuration @@ -5964,17 +5965,16 @@ int load_balance_mine (struct packet *packet, dhcp_failover_state_t *state) ec = ntohs(packet->raw->secs); -#if defined(SECS_BYTEORDER) /* * If desired check to see if the secs field may have been byte * swapped. We assume it has if the high order byte isn't cleared * while the low order byte is cleared. In this case we swap the * bytes and continue processing. */ - if ((ec > 255) && ((ec & 0xff) == 0)) { + if ((check_secs_byte_order == 1) && + ((ec > 255) && ((ec & 0xff) == 0))) { ec = (ec >> 8) | (ec << 8); } -#endif if ((state->load_balance_max_secs == 0) || (state->load_balance_max_secs < ec)) { diff --git a/server/stables.c b/server/stables.c index b6df9bef..59df5e83 100644 --- a/server/stables.c +++ b/server/stables.c @@ -280,6 +280,9 @@ static struct option server_options[] = { #ifdef EUI_64 { "use-eui-64", "f", &server_universe, SV_USE_EUI_64, 1 }, #endif +#if defined (FAILOVER_PROTOCOL) + { "check-secs-byte-order", "f", &server_universe, SV_CHECK_SECS_BYTE_ORDER, 1 }, +#endif { NULL, NULL, NULL, 0, 0 } }; diff --git a/server/tests/load_bal_unittest.c b/server/tests/load_bal_unittest.c index a1be9761..8d5f8b87 100644 --- a/server/tests/load_bal_unittest.c +++ b/server/tests/load_bal_unittest.c @@ -134,12 +134,13 @@ ATF_TC_HEAD(load_balance_swap, tc) ATF_TC_BODY(load_balance_swap, tc) { #if defined(FAILOVER_PROTOCOL) -#if defined(SECS_BYTEORDER) struct packet packet; struct dhcp_packet raw; dhcp_failover_state_t pstate, sstate; u_int8_t hba[256]; + check_secs_byte_order = 1; + memset(&packet, 0, sizeof(struct packet)); memset(&raw, 0, sizeof(struct dhcp_packet)); packet.raw = &raw; @@ -179,10 +180,6 @@ ATF_TC_BODY(load_balance_swap, tc) if (load_balance_mine(&packet, &sstate) != 1) { atf_tc_fail("ERROR: secondary not accepted %s:%d", MDL); } - -#else - atf_tc_skip("SECS_BYTEORDER not defined"); -#endif #else atf_tc_skip("failover is disabled"); #endif |