| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Hu Jun <hujun.work@gmail.com>
|
|
dhcpv4_release
|
|
When parsing a route option with a mask size >32, there would be a panic
at option_routes.go:47 as user-supplied data is used without
verification for a slice bound, causing a read of masksize/8, whic is
possibly >4 bytes. Instead reject the invalid route
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
When there was a 0-length generic option, it would be omitted.
Rapid commit (option 80) is a 0-length option with a length tag.
There could also be 0-length options in the vendor extensions, and the
RFC states that they should be written out:
> Any options defined subsequent to this document should contain a
> length octet even if the length is fixed or zero.
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
There is a special case for when ClientHwAddr is empty, which seems to
only apply when creating a packet with New(), which defaults to
HWType==Ethernet but doesn't assign the ClientHwAddr field.
All the other New*() constructors assign a hardware address and don't
use this codepath
Remove this special case and instead make New() generate an
almost-correct packet in the first place, so that ToBytes() can stay
more generic
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
When BootFileName is longer than 128 bytes or ServerHostName is longer
than 64 bytes, trying to null-terminate the strings when writing out the
packet causes a panic.
Since the ToBytes() function cannot return errors, silently truncate the
string instead (we do the same with ClientHWAddr if it is longer than 16
bytes for example)
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
Those 2 tests did the exact same thing: check that an invalid packet
raises an error when parsed. Merge them into the same test, so that we
can easily add more test cases to the list
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
Signed-off-by: Hu Jun <hujun.work@gmail.com>
|
|
- fix a few more lint complains
Signed-off-by: Hu Jun <hujun.work@gmail.com>
|
|
Signed-off-by: Hu Jun <hujun.work@gmail.com>
|
|
Signed-off-by: Hu Jun <hujun.work@gmail.com>
|
|
Signed-off-by: Pablo Mazzini <pmazzini@gmail.com>
|
|
server6 object
Signed-off-by: Valerio Santinelli <santinelli@altralogica.it>
|
|
Fixes, among other things, u-root pxeserver
Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
This option allows to receive answers DHCP with arbitrary client addresses
Signed-off-by: Dmitrii Okunev <xaionaro@fb.com>
|
|
Signed-off-by: Dmitrii Okunev <xaionaro@fb.com>
|
|
Signed-off-by: kevin <kworm@missouri-telecom.com>
|
|
Signed-off-by: kevin <kworm@missouri-telecom.com>
|
|
Signed-off-by: kevin <kworm@missouri-telecom.com>
|
|
Fix syntax nits
Simplified function as suggested by @pmazzini
Signed-off-by: kevin <kworm@missouri-telecom.com>
|
|
Signed-off-by: kevin <kworm@missouri-telecom.com>
|
|
RFCs).
Signed-off-by: Mantic <mikey.whitaker@gmail.com>
|
|
IPv6 addresses would not cause a crash, but would silently listen on the
wildcard address instead of the passed address, which is surprising at
best. Instead check for the address family and reject non-v4 addresses
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
Tests use a randPort() workaround for not using port 0, as port 0 is not
usable with raw sockets.
We don't actually use raw sockets, so port 0 is fine, this makes use of
it which ensures we avoid port collisions.
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
NewIPv4UDPConn doesn't support listening on a specific address, only on
the wildcard address. This extends it to allow listening on an address,
and at the same time homogenizes the function signature with the
NewIPv6UDPConn server6 equivalent. It modifies NewServer() to pass the
full address given to it instead of just the port as well
Note that listening on a non-wildcard interface is seldom useful as the
socket won't receive broadcasts, so it is useless in a direct-attached
server. It can be useful in a server only used behind relays
This breaks API compatibility for NewIPv4UDPConn, which as far as I know
nobody uses (yet)
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
The concrete type under the interface is known here since we create the
connection in the same function. Since *net.UDPConn implements
net.PacketConn anyway, returning the concrete type here is more powerful
and less risky than having downstream users cast the value themselves
There should be no code change for downstream users, with the exception
of explicit casts (`udpc := conn.(*net.UDPConn)`), which can simply be
removed
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
This moves the implementations of the BindToInterface to the interfaces/
package, since they aren't ipv4-specific.
The BindToInterface function remains in dhcpv4 (simply wraps the one in
interfaces) to keep backwards-compatibility
Additionally, fold bindtodevice_darwin into bindtodevice_bsd: darwin is
mostly a BSD, and happens to support IP_RECVIF, so use that instead of
IP_BOUND_IF, which only affects sends, not receives according to the
code comments in bsd/netinet/ip_output.c as well as being v4-only
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
In DHCPv4, when the ParameterRequestList option is not present in a
request, it should be assumed that the client wants to receive all the
options that the server is able to send. This changes the
IsOptionRequested method of dhcpv4.DHCPv4 to return true for any request
in that situation.
The reasoning is based on this wording in
[RFC2131§3.5](https://tools.ietf.org/html/rfc2131#section-3.5):
> Not all clients require initialization of all parameters listed in
> Appendix A. Two techniques are used to reduce the number of
> parameters transmitted from the server to the client. [...] Second, in
> its initial DHCPDISCOVER or DHCPREQUEST message, a client may provide
> the server with a list of specific parameters the client is interested
> in.
Signed-off-by: Anatole Denis <natolumin@unverle.fr>
|
|
RFC 1700 recommends a value of 64 for the default IP time to live (TTL)
parameter. This is only necessary for the V4 client because it uses
the net.PacketConn, while the IPv6 implementation uses a net.UDPConn instead.
From https://tools.ietf.org/html/rfc1700:
IP TIME TO LIVE PARAMETER
The current recommended default time to live (TTL) for the
Internet Protocol (IP) [45,105] is 64.
Signed-off-by: Ross Hanson <rosshanson@google.com>
|
|
Added a bind to interface functionality.
|
|
Clients without an IP set their source address to 0.0.0.0, so the peer
returned by ReadFrom may not actually be the address to send to.
Clients without an IP should have their response broadcast.
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
No need to convert these types.
|
|
Simple, nit-picky typo fixes.
|
|
Usually this is used for clients that don't know how to receive any
other packets. We can deal with both a unicast or broadcast response
packet, so let's let the server decide on its own.
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
Nobody gives a hoot about the hardware type.
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
Signed-off-by: Chris Koch <chrisko@google.com>
|
|
|
|
When reading raw packets from the network, it can happen that the raw
ethernet packet read has undefined bytes after the end of the ip
packet (either from the network or in some cases from the local
stack).
Those bytes should not be passed to the dhcp-receiver otherwise the
option parser which is picky about final padding byte will silently
discard the dhcp-reply.
Rename ipLen, udpLen variables with more explicit names to avoid
confusion between header, payload, total length possibly considered
in this function.
Tested: ast2500 bmc reproducing the issue + existing go test for coverage.
Signed-off-by: Loic Prylli <lprylli@netflix.com>
|
|
|
|
|
|
- dnsmasq has been seen to null-terminate the bootfile option,
similar treament can occur for tftp-servername (although
tftp-servername option usage is less common).
- for the gateway information to be present in final packet,
the Router option should be queried again in request as
in discover (which matches behavior of udhcpc/dhclient).
Tested: pxeboot with u-root on dnsmask/ipv4 client.
Signed-off-by: Loic Prylli <lprylli@netflix.com>
|
|
|
|
|
|
Relays might drop packets coming from clients if they have the
Gateway IP set. This modifier is supposed to be used by relays:
`WithReply` is used only by clients.
|
