DHCP requests can be relayed through multiple relays. Currently we

drop requests that have already been relayed.  To allow usage in the
middle of a chain, remove this check and only set giaddr if it has not
been set yet.  This giaddr will be used by the DHCP server to identify
which subnet the client is connected to.

RFC 1542 specifies that we should increase the hop counter every time
we relay a request.  If we receive a request whose hop counter exceeds
the value of 16 we must silently drop it.

ok jca@

1 files changed, 14 insertions, 11 deletions

diff --git a/usr.sbin/dhcrelay/dhcrelay.c b/usr.sbin/dhcrelay/dhcrelay.c
index c4e723f1bb4..d27d3e4a551 100644
--- a/usr.sbin/dhcrelay/dhcrelay.c
+++ b/usr.sbin/dhcrelay/dhcrelay.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: dhcrelay.c,v 1.46 2016/12/07 19:51:48 patrick Exp $ */
+/*	$OpenBSD: dhcrelay.c,v 1.47 2016/12/07 20:03:22 patrick Exp $ */
 
 /*
  * Copyright (c) 2004 Henning Brauer <henning@cvs.openbsd.org>
@@ -329,18 +329,21 @@ relay(struct interface_info *ip, struct dhcp_packet *packet, int length,
 		return;
 	}
 
-	/* If giaddr is set on a BOOTREQUEST, ignore it - it's already
-	   been gatewayed. */
-	if (packet->giaddr.s_addr) {
-		note("ignoring BOOTREQUEST with giaddr of %s",
-		    inet_ntoa(packet->giaddr));
+	if (packet->hops > 16) {
+		note("ignoring BOOTREQUEST with hop count of %d",
+		    packet->hops);
 		return;
 	}
-
-	/* Set the giaddr so the server can figure out what net it's
-	   from and so that we can later forward the response to the
-	   correct net. */
-	packet->giaddr = ip->primary_address;
+	packet->hops++;
+
+	/*
+	 * Set the giaddr so the server can figure out what net it's
+	 * from and so that we can later forward the response to the
+	 * correct net.  The RFC specifies that we have to keep the
+	 * initial giaddr (in case we relay over multiple hops).
+	 */
+	if (!packet->giaddr.s_addr)
+		packet->giaddr = ip->primary_address;
 
 	if ((length = relay_agentinfo(ip, packet, length,
 	    (struct in_addr *)from.iabuf, NULL)) == -1) {