diff options
-rw-r--r-- | usr.sbin/dhcpd/conflex.c | 3 | ||||
-rw-r--r-- | usr.sbin/dhcpd/confpars.c | 7 | ||||
-rw-r--r-- | usr.sbin/dhcpd/dhcp.c | 14 | ||||
-rw-r--r-- | usr.sbin/dhcpd/dhcpd.conf.5 | 21 | ||||
-rw-r--r-- | usr.sbin/dhcpd/dhcpd.h | 3 | ||||
-rw-r--r-- | usr.sbin/dhcpd/dhctoken.h | 3 |
6 files changed, 42 insertions, 9 deletions
diff --git a/usr.sbin/dhcpd/conflex.c b/usr.sbin/dhcpd/conflex.c index 73d463ac4e6..c66be485b65 100644 --- a/usr.sbin/dhcpd/conflex.c +++ b/usr.sbin/dhcpd/conflex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conflex.c,v 1.18 2017/04/12 19:12:01 krw Exp $ */ +/* $OpenBSD: conflex.c,v 1.19 2017/04/24 14:58:36 krw Exp $ */ /* Lexical scanner for dhcpd config file... */ @@ -311,6 +311,7 @@ static const struct keywords { { "dynamic-bootp", TOK_DYNAMIC_BOOTP }, { "dynamic-bootp-lease-cutoff", TOK_DYNAMIC_BOOTP_LEASE_CUTOFF }, { "dynamic-bootp-lease-length", TOK_DYNAMIC_BOOTP_LEASE_LENGTH }, + { "echo-client-id", TOK_ECHO_CLIENT_ID }, { "ends", TOK_ENDS }, { "ethernet", TOK_ETHERNET }, { "filename", TOK_FILENAME }, diff --git a/usr.sbin/dhcpd/confpars.c b/usr.sbin/dhcpd/confpars.c index 820556eb7d1..1dd4a55d2a2 100644 --- a/usr.sbin/dhcpd/confpars.c +++ b/usr.sbin/dhcpd/confpars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: confpars.c,v 1.32 2017/04/12 19:12:01 krw Exp $ */ +/* $OpenBSD: confpars.c,v 1.33 2017/04/24 14:58:36 krw Exp $ */ /* * Copyright (c) 1995, 1996, 1997 The Internet Software Consortium. @@ -82,6 +82,7 @@ readconf(void) root_group.allow_bootp = 1; root_group.allow_booting = 1; root_group.authoritative = 1; + root_group.echo_client_id = 1; if ((cfile = fopen(path_dhcpd_conf, "r")) == NULL) fatal("Can't open %s", path_dhcpd_conf); @@ -319,6 +320,10 @@ parse_statement(FILE *cfile, struct group *group, int type, group->always_reply_rfc1048 = parse_boolean(cfile); break; + case TOK_ECHO_CLIENT_ID: + group->echo_client_id = parse_boolean(cfile); + break; + case TOK_USE_HOST_DECL_NAMES: if (type == HOST_DECL) parse_warn("use-host-decl-names not allowed here."); diff --git a/usr.sbin/dhcpd/dhcp.c b/usr.sbin/dhcpd/dhcp.c index 27355ebccab..e55f4d4e40d 100644 --- a/usr.sbin/dhcpd/dhcp.c +++ b/usr.sbin/dhcpd/dhcp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcp.c,v 1.55 2017/02/13 23:04:05 krw Exp $ */ +/* $OpenBSD: dhcp.c,v 1.56 2017/04/24 14:58:36 krw Exp $ */ /* * Copyright (c) 1995, 1996, 1997, 1998, 1999 @@ -708,7 +708,7 @@ ack_lease(struct packet *packet, struct lease *lease, unsigned int offer, struct lease_state *state; time_t lease_time, offered_lease_time, max_lease_time, default_lease_time; struct class *vendor_class, *user_class; - int ulafdr, i; + int ulafdr, echo_client_id, i; /* If we're already acking this lease, don't do it again. */ if (lease->state) { @@ -1239,8 +1239,16 @@ ack_lease(struct packet *packet, struct lease *lease, unsigned int offer, memset(&state->options[i], 0, sizeof(state->options[i])); /* Echo back the client-identifier as RFC 6842 mandates. */ + if (lease->host) + echo_client_id = lease->host->group->echo_client_id; + else if (user_class) + echo_client_id = user_class->group->echo_client_id; + else if (vendor_class) + echo_client_id = vendor_class->group->echo_client_id; + else + echo_client_id = lease->subnet->group->echo_client_id; i = DHO_DHCP_CLIENT_IDENTIFIER; - if (lease->client_identifier) { + if (lease->client_identifier && echo_client_id) { state->options[i] = new_tree_cache("dhcp-client-identifier"); state->options[i]->flags = TC_TEMPORARY; state->options[i]->value = lease->client_identifier; diff --git a/usr.sbin/dhcpd/dhcpd.conf.5 b/usr.sbin/dhcpd/dhcpd.conf.5 index 0910a67c5fd..459756bef14 100644 --- a/usr.sbin/dhcpd/dhcpd.conf.5 +++ b/usr.sbin/dhcpd/dhcpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: dhcpd.conf.5,v 1.18 2017/02/04 22:21:57 jca Exp $ +.\" $OpenBSD: dhcpd.conf.5,v 1.19 2017/04/24 14:58:36 krw Exp $ .\" .\" Copyright (c) 1995, 1996, 1997, 1998, 1998, 1999 .\" The Internet Software Consortium. All rights reserved. @@ -36,7 +36,7 @@ .\" see ``http://www.isc.org/isc''. To learn more about Vixie .\" Enterprises, see ``http://www.vix.com''. .\" -.Dd $Mdocdate: February 4 2017 $ +.Dd $Mdocdate: April 24 2017 $ .Dt DHCPD.CONF 5 .Os .Sh NAME @@ -919,6 +919,23 @@ Supplying a value for the option is equivalent to using the .Ic server-identifier statement. +.Pp +The +.Ic echo-client-id +statement +.Pp +.D1 Ic echo-client-id Ar flag ; +.Pp +is used to enable or disable RFC 6842 compliant behavior. +If the +.Ic echo-client-id +statement is present and has a +value of true or on, and a DHCP DISCOVER or REQUEST is received which contains +the client identifier option (Option code 61), the server will copy the option +into its response (DHCP ACK or NAK) per RFC 6842. +In other words if the client sends the option it will receive it back. +By default, this flag is on +and client identifiers will be echoed back to the client. .Sh REFERENCE: OPTION STATEMENTS DHCP option statements are documented in the .Xr dhcp-options 5 diff --git a/usr.sbin/dhcpd/dhcpd.h b/usr.sbin/dhcpd/dhcpd.h index 94a8d862782..3271b2de115 100644 --- a/usr.sbin/dhcpd/dhcpd.h +++ b/usr.sbin/dhcpd/dhcpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcpd.h,v 1.63 2017/04/18 13:59:09 krw Exp $ */ +/* $OpenBSD: dhcpd.h,v 1.64 2017/04/24 14:58:36 krw Exp $ */ /* * Copyright (c) 1995, 1996, 1997, 1998, 1999 @@ -223,6 +223,7 @@ struct group { int use_lease_addr_for_default_route; int authoritative; int always_reply_rfc1048; + int echo_client_id; struct tree_cache *options[256]; }; diff --git a/usr.sbin/dhcpd/dhctoken.h b/usr.sbin/dhcpd/dhctoken.h index b600ab99bf1..c925a791d94 100644 --- a/usr.sbin/dhcpd/dhctoken.h +++ b/usr.sbin/dhcpd/dhctoken.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dhctoken.h,v 1.7 2013/12/05 22:31:35 krw Exp $ */ +/* $OpenBSD: dhctoken.h,v 1.8 2017/04/24 14:58:36 krw Exp $ */ /* Tokens for config file lexer and parser. */ @@ -91,6 +91,7 @@ #define TOK_TOKEN_NOT 334 #define TOK_ALWAYS_REPLY_RFC1048 335 #define TOK_IPSEC_TUNNEL 336 +#define TOK_ECHO_CLIENT_ID 337 #define is_identifier(x) ((x) >= TOK_FIRST_TOKEN && \ (x) != TOK_STRING && \ |