mir/isc-dhcp
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/dhcp synced 2025-08-31 14:25:41 +00:00
Code Issues Releases Wiki Activity

- The IO system now tracks all local IP addresses, so that the DHCP

Browse Source 
applications (particularly the dhcrelay) can discern between what frames
  were tranmsitted to it, and what frames are being carried through it which
  it should not intercept. [ISC-Bugs #15573]
This commit is contained in:
David Hankins
2006-02-27 23:56:13 +00:00
parent 00663f8159
commit 25b988c68f
10 changed files with 253 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
common/packet.c
View File

@@ -33,7 +33,7 @@
#ifndef lint
static char copyright[] =
"$Id: packet.c,v 1.42 2005/03/17 20:14:59 dhankins Exp $ Copyright (c) 2004-2005 Internet Systems Consortium. All rights reserved.\n";
"$Id: packet.c,v 1.43 2006/02/27 23:56:13 dhankins Exp $ Copyright (c) 2004-2005 Internet Systems Consortium. All rights reserved.\n";
#endif /* not lint */
#include "dhcpd.h"
@@ -231,6 +231,8 @@ ssize_t decode_udp_ip_header (interface, buf, bufix, from, buflen)
unsigned len;
unsigned ulen;
int ignore = 0;
struct interface_info *ii;
int i;
memcpy(&ip, buf + bufix, sizeof (struct ip));
udp = (struct udphdr *)(buf + bufix + ip_len);
@@ -245,6 +247,38 @@ ssize_t decode_udp_ip_header (interface, buf, bufix, from, buflen)
return -1;
#endif /* USERLAND_FILTER */
/* Eliminate packets that we might have accidentally intercepted because
we are doing routing. */
/* The DHCP client may not have an IP address; in that case, if we
got the packet, we need to look at it. So if address_count is
zero on the interface on which we received the packet, accept the
packet. */
if (!interface -> configured)
goto good;
/* XXX we should handle subnet broadcast addresses here. */
/* XXX we should compare against 255.255.255.255, not limited_broadcast,
XXX because sometimes we tweak limited_broadcast for debugging.
XXX This is only currently a problem on the server. */
if (ip.ip_dst.s_addr == limited_broadcast.s_addr)
goto good;
/* Check IP addresses of _all_ interfaces - it's perfectly okay to send
a packet to an IP address on one interface that happens to arrive
through another interface. */
/* XXX if the user excluded some interfaces, we will not accept packets
XXX for those interfaces. */
for (ii = interfaces; ii; ii = ii -> next) {
for (i = 0; i < ii -> address_count; i++) {
if (ii -> addresses [i].s_addr == ip.ip_dst.s_addr)
goto good;
}
}
/* The IP destination address didn't match any of our addresses. */
return -1;
good:
ulen = ntohs (udp -> uh_ulen);
if (ulen < sizeof *udp ||
((unsigned char *)udp) + ulen > buf + bufix + buflen) {