Bug 163431
| Summary: | [patch] dhclient(8) regression after r228259: leases rejected due to domain search option | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Fabian Keil <fk> | ||||||
| Component: | bin | Assignee: | Jean-Sébastien Pédron <dumbbell> | ||||||
| Status: | Closed FIXED | ||||||||
| Severity: | Affects Only Me | ||||||||
| Priority: | Normal | ||||||||
| Version: | Unspecified | ||||||||
| Hardware: | Any | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
|
Description
Fabian Keil
2011-12-18 14:30:15 UTC
Responsible Changed From-To: freebsd-bugs->dumbbell Over to author of r228259 Hi Fabian,
Thank you for providing a patch with your report. I attached a modified
version to this follow-up. The changes are:
o Change error code of find_search_domain_name_len() from 0 to -1;
just because -1 looks more like an error code :)
o Fix expanded_len handling in expand_domain_search(). Each return
value of find_search_domain_name_len() is added to the previous
one.
o style(9) fixes.
o Update the regression testsuite.
Could you please tell me if this patch works for you?
And just for my curiosity, does your DHCP server runs on Windows?
Because someone else reported invalid DHCP Domain Search option value
like yours and his problem came from an incomplete support for this
feature in Windows' DHCP server.
To be clear (and so that search engines points here), Microsoft's
documentation[1] says that one should specify domains as
"example.com;foobar.net" for "option 119" (Domain Search option). The
problem is that their DHCP server sends this value as is. The following
article describes this issue and explains how to forge a raw value to
work around it:
http://www.mattzuba.com/2011/03/windows-2008-rc2-dhcp-server-option-119/
[1] http://technet.microsoft.com/en-us/library/dd572752%28office.13%29.aspx
--
Jean-Sébastien Pédron
Jean-Sébastien Pédron <jean-sebastien.pedron@dumbbell.fr> wrote: > Thank you for providing a patch with your report. I attached a modified > version to this follow-up. The changes are: > o Change error code of find_search_domain_name_len() from 0 to -1; > just because -1 looks more like an error code :) > o Fix expanded_len handling in expand_domain_search(). Each return > value of find_search_domain_name_len() is added to the previous > one. > o style(9) fixes. > o Update the regression testsuite. > > Could you please tell me if this patch works for you? Looks good to me, thanks. I'll try to test it this weekend. > And just for my curiosity, does your DHCP server runs on Windows? I have no idea. The DHCP server is part of the public WLAN of a bar (Hallmackenreuther, Brüsseler Platz 9, 50674 Cologne, Germany) and outside my control. Fabian Fabian Keil <fk@fabiankeil.de> wrote: > Jean-Sébastien Pédron <jean-sebastien.pedron@dumbbell.fr> wrote: > > > Thank you for providing a patch with your report. I attached a modified > > version to this follow-up. The changes are: > > o Change error code of find_search_domain_name_len() from 0 to -1; > > just because -1 looks more like an error code :) > > o Fix expanded_len handling in expand_domain_search(). Each return > > value of find_search_domain_name_len() is added to the previous > > one. > > o style(9) fixes. > > o Update the regression testsuite. > > > > Could you please tell me if this patch works for you? > > Looks good to me, thanks. I'll try to test it this weekend. The modified patch works as expected: wlan0: no link ...... got link DHCPREQUEST on wlan0 to 255.255.255.255 port 67 DHCPNAK from 192.168.10.1 DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 3 Invalid forward pointer in DHCP Domain Search option compression. DHCPOFFER from 192.168.10.1 Bogus domain search list 119: \015bruesselerplatz\002de (\015bruesselerplatz\002de) DHCPREQUEST on wlan0 to 255.255.255.255 port 67 Invalid forward pointer in DHCP Domain Search option compression. DHCPACK from 192.168.10.1 Bogus domain search list 119: \015bruesselerplatz\002de (\015bruesselerplatz\002de) bound to 192.168.10.183 -- renewal in 3000 seconds. Fabian State Changed From-To: open->analyzed apparently the suggested patch works. Author: dumbbell Date: Fri Dec 30 14:33:08 2011 New Revision: 229000 URL: http://svn.freebsd.org/changeset/base/229000 Log: Invalid Domain Search option isn't considered as a fatal error In the original Domain Search option patch, an invalid option value would cause the whole lease to be rejected. However, DHCP servers who emit such an invalid value are more common than I thought. With this new patch, just the option is rejected, not the entire lease. PR: bin/163431 Submitted by: Fabian Keil <fk@fabiankeil.de> (earlier version) Reviewed by: Fabian Keil <fk@fabiankeil.de> Sponsored by: Yakaz (http://www.yakaz.com) Modified: head/sbin/dhclient/options.c Modified: head/sbin/dhclient/options.c ============================================================================== --- head/sbin/dhclient/options.c Fri Dec 30 14:30:16 2011 (r228999) +++ head/sbin/dhclient/options.c Fri Dec 30 14:33:08 2011 (r229000) @@ -211,7 +211,7 @@ parse_option_buffer(struct packet *packe void expand_domain_search(struct packet *packet) { - int offset, expanded_len; + int offset, expanded_len, next_domain_len; struct option_data *option; unsigned char *domain_search, *cursor; @@ -224,9 +224,13 @@ expand_domain_search(struct packet *pack expanded_len = 0; offset = 0; while (offset < option->len) { + next_domain_len = find_search_domain_name_len(option, &offset); + if (next_domain_len < 0) + /* The Domain Search option value is invalid. */ + return; + /* We add 1 for the space between domain names. */ - expanded_len += - find_search_domain_name_len(option, &offset) + 1; + expanded_len += next_domain_len + 1; } if (expanded_len > 0) /* Remove 1 for the superfluous trailing space. */ @@ -271,8 +275,9 @@ find_search_domain_name_len(struct optio /* This is a pointer to another list of labels. */ if (i + 1 >= option->len) { /* The pointer is truncated. */ - error("Truncated pointer in DHCP Domain " + warning("Truncated pointer in DHCP Domain " "Search option."); + return (-1); } pointer = ((label_len & ~(0xC0)) << 8) + @@ -282,8 +287,9 @@ find_search_domain_name_len(struct optio * The pointer must indicates a prior * occurance. */ - error("Invalid forward pointer in DHCP Domain " - "Search option compression."); + warning("Invalid forward pointer in DHCP " + "Domain Search option compression."); + return (-1); } pointed_len = find_search_domain_name_len(option, @@ -295,7 +301,9 @@ find_search_domain_name_len(struct optio } if (i + label_len >= option->len) { - error("Truncated label in DHCP Domain Search option."); + warning("Truncated label in DHCP Domain Search " + "option."); + return (-1); } /* @@ -308,9 +316,9 @@ find_search_domain_name_len(struct optio i += label_len + 1; } - error("Truncated DHCP Domain Search option."); + warning("Truncated DHCP Domain Search option."); - return (0); + return (-1); } void _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" Author: dumbbell Date: Fri Dec 30 14:41:47 2011 New Revision: 229001 URL: http://svn.freebsd.org/changeset/base/229001 Log: Adapt testsuite following change in Domain Search error handling In this testsuite, warning() and error() have the same behaviour. PR: bin/163431 Sponsored by: Yakaz (http://www.yakaz.com) Modified: head/tools/regression/sbin/dhclient/fake.c Modified: head/tools/regression/sbin/dhclient/fake.c ============================================================================== --- head/tools/regression/sbin/dhclient/fake.c Fri Dec 30 14:33:08 2011 (r229000) +++ head/tools/regression/sbin/dhclient/fake.c Fri Dec 30 14:41:47 2011 (r229001) @@ -32,7 +32,11 @@ warning(char *fmt, ...) va_end(ap); fprintf(stderr, "\n"); - return ret; + /* + * The original warning() would return "ret" here. We do this to + * check warnings explicitely. + */ + longjmp(env, 1); } int _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" State Changed From-To: analyzed->closed Fixed in r229000. Author: dumbbell Date: Thu Jan 26 19:46:13 2012 New Revision: 230597 URL: http://svn.freebsd.org/changeset/base/230597 Log: MFC r228259: Support domain-search in dhclient(8) The "domain-search" option (option 119) allows a DHCP server to publish a list of implicit domain suffixes used during name lookup. This option is described in RFC 3397. For instance, if the domain-search option says: ".example.org .example.com" and one wants to resolve "foobar", the resolver will try: 1. "foobar.example.org" 2. "foobar.example.com" The file /etc/resolv.conf is updated with a "search" directive if the DHCP server provides "domain-search". A regression test suite is included in this patch under tools/regression/sbin/dhclient. PR: bin/151940 Sponsored by: Yakaz (http://www.yakaz.com) MFC r229000: Invalid Domain Search option isn't considered as a fatal error In the original Domain Search option patch, an invalid option value would cause the whole lease to be rejected. However, DHCP servers who emit such an invalid value are more common than I thought. With this new patch, just the option is rejected, not the entire lease. PR: bin/163431 Submitted by: Fabian Keil <fk@fabiankeil.de> (earlier version) Reviewed by: Fabian Keil <fk@fabiankeil.de> Sponsored by: Yakaz (http://www.yakaz.com) MFC r229001: Adapt testsuite following change in Domain Search error handling In this testsuite, warning() and error() have the same behaviour. PR: bin/163431 Sponsored by: Yakaz (http://www.yakaz.com) Added: stable/9/tools/regression/sbin/dhclient/ - copied from r228259, head/tools/regression/sbin/dhclient/ Modified: stable/9/sbin/dhclient/clparse.c stable/9/sbin/dhclient/dhclient-script stable/9/sbin/dhclient/dhclient.c stable/9/sbin/dhclient/dhcp-options.5 stable/9/sbin/dhclient/dhcp.h stable/9/sbin/dhclient/options.c stable/9/sbin/dhclient/tables.c stable/9/tools/regression/sbin/Makefile stable/9/tools/regression/sbin/dhclient/fake.c Directory Properties: stable/9/sbin/dhclient/ (props changed) stable/9/tools/ (props changed) Modified: stable/9/sbin/dhclient/clparse.c ============================================================================== --- stable/9/sbin/dhclient/clparse.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/clparse.c Thu Jan 26 19:46:13 2012 (r230597) @@ -100,6 +100,8 @@ read_client_conf(void) DHO_DOMAIN_NAME_SERVERS; top_level_config.requested_options [top_level_config.requested_option_count++] = DHO_HOST_NAME; + top_level_config.requested_options + [top_level_config.requested_option_count++] = DHO_DOMAIN_SEARCH; if ((cfile = fopen(path_dhclient_conf, "r")) != NULL) { do { Modified: stable/9/sbin/dhclient/dhclient-script ============================================================================== --- stable/9/sbin/dhclient/dhclient-script Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhclient-script Thu Jan 26 19:46:13 2012 (r230597) @@ -201,7 +201,9 @@ add_new_resolv_conf() { local tmpres=/var/run/resolv.conf.${interface} rm -f $tmpres - if [ -n "$new_domain_name" ]; then + if [ -n "$new_domain_search" ]; then + echo "search $new_domain_search" >>$tmpres + elif [ -n "$new_domain_name" ]; then echo "search $new_domain_name" >>$tmpres fi Modified: stable/9/sbin/dhclient/dhclient.c ============================================================================== --- stable/9/sbin/dhclient/dhclient.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhclient.c Thu Jan 26 19:46:13 2012 (r230597) @@ -2368,6 +2368,7 @@ check_option(struct client_lease *l, int } return (1); case DHO_DOMAIN_NAME: + case DHO_DOMAIN_SEARCH: if (!res_hnok(sbuf)) { if (!check_search(sbuf)) { warning("Bogus domain search list %d: %s (%s)", Modified: stable/9/sbin/dhclient/dhcp-options.5 ============================================================================== --- stable/9/sbin/dhclient/dhcp-options.5 Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhcp-options.5 Thu Jan 26 19:46:13 2012 (r230597) @@ -265,6 +265,10 @@ character set. .It Ic option domain-name Ar string ; This option specifies the domain name that the client should use when resolving hostnames via the Domain Name System. +.It Ic option domain-search Ar string ; +This option specifies a list of domain names that the client should use +when resolving hostnames via the Domain Name System. This option is +defined in RFC 3397. .It Ic option swap-server Ar ip-address ; This specifies the IP address of the client's swap server. .It Ic option root-path Ar string ; Modified: stable/9/sbin/dhclient/dhcp.h ============================================================================== --- stable/9/sbin/dhclient/dhcp.h Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhcp.h Thu Jan 26 19:46:13 2012 (r230597) @@ -169,6 +169,7 @@ struct dhcp_packet { #define DHO_STREETTALK_SERVER 75 #define DHO_STREETTALK_DA_SERVER 76 #define DHO_DHCP_USER_CLASS_ID 77 +#define DHO_DOMAIN_SEARCH 119 #define DHO_CLASSLESS_ROUTES 121 #define DHO_END 255 Modified: stable/9/sbin/dhclient/options.c ============================================================================== --- stable/9/sbin/dhclient/options.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/options.c Thu Jan 26 19:46:13 2012 (r230597) @@ -55,6 +55,10 @@ void parse_options(struct packet *); void parse_option_buffer(struct packet *, unsigned char *, int); int store_options(unsigned char *, int, struct tree_cache **, unsigned char *, int, int, int, int); +void expand_domain_search(struct packet *packet); +int find_search_domain_name_len(struct option_data *option, int *offset); +void expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search); /* @@ -94,6 +98,11 @@ parse_options(struct packet *packet) (unsigned char *)packet->raw->sname, sizeof(packet->raw->sname)); } + + /* Expand DHCP Domain Search option. */ + if (packet->options_valid) { + expand_domain_search(packet); + } } /* @@ -194,6 +203,171 @@ parse_option_buffer(struct packet *packe } /* + * Expand DHCP Domain Search option. The value of this option is + * encoded like DNS' list of labels. See: + * RFC 3397 + * RFC 1035 + */ +void +expand_domain_search(struct packet *packet) +{ + int offset, expanded_len, next_domain_len; + struct option_data *option; + unsigned char *domain_search, *cursor; + + if (packet->options[DHO_DOMAIN_SEARCH].data == NULL) + return; + + option = &packet->options[DHO_DOMAIN_SEARCH]; + + /* Compute final expanded length. */ + expanded_len = 0; + offset = 0; + while (offset < option->len) { + next_domain_len = find_search_domain_name_len(option, &offset); + if (next_domain_len < 0) + /* The Domain Search option value is invalid. */ + return; + + /* We add 1 for the space between domain names. */ + expanded_len += next_domain_len + 1; + } + if (expanded_len > 0) + /* Remove 1 for the superfluous trailing space. */ + --expanded_len; + + domain_search = malloc(expanded_len + 1); + if (domain_search == NULL) + error("Can't allocate storage for expanded domain-search\n"); + + offset = 0; + cursor = domain_search; + while (offset < option->len) { + expand_search_domain_name(option, &offset, &cursor); + cursor[0] = ' '; + cursor++; + } + domain_search[expanded_len] = '\0'; + + free(option->data); + option->len = expanded_len; + option->data = domain_search; +} + +int +find_search_domain_name_len(struct option_data *option, int *offset) +{ + int domain_name_len, i, label_len, pointer, pointed_len; + + domain_name_len = 0; + + i = *offset; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + return (domain_name_len); + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + if (i + 1 >= option->len) { + /* The pointer is truncated. */ + warning("Truncated pointer in DHCP Domain " + "Search option."); + return (-1); + } + + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + if (pointer >= *offset) { + /* + * The pointer must indicates a prior + * occurance. + */ + warning("Invalid forward pointer in DHCP " + "Domain Search option compression."); + return (-1); + } + + pointed_len = find_search_domain_name_len(option, + &pointer); + domain_name_len += pointed_len; + + *offset = i + 2; + return (domain_name_len); + } + + if (i + label_len >= option->len) { + warning("Truncated label in DHCP Domain Search " + "option."); + return (-1); + } + + /* + * Update the domain name length with the length of the + * current label, plus a trailing dot ('.'). + */ + domain_name_len += label_len + 1; + + /* Move cursor. */ + i += label_len + 1; + } + + warning("Truncated DHCP Domain Search option."); + + return (-1); +} + +void +expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search) +{ + int i, label_len, pointer; + unsigned char *cursor; + + /* + * This is the same loop than the function above + * (find_search_domain_name_len). Therefore, we remove checks, + * they're already done. Here, we just make the copy. + */ + i = *offset; + cursor = *domain_search; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + *domain_search = cursor; + return; + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + + expand_search_domain_name(option, &pointer, &cursor); + + *offset = i + 2; + *domain_search = cursor; + return; + } + + /* Copy the label found. */ + memcpy(cursor, option->data + i + 1, label_len); + cursor[label_len] = '.'; + + /* Move cursor. */ + i += label_len + 1; + cursor += label_len + 1; + } +} + +/* * cons options into a big buffer, and then split them out into the * three separate buffers if needed. This allows us to cons up a set of * vendor options using the same routine. Modified: stable/9/sbin/dhclient/tables.c ============================================================================== --- stable/9/sbin/dhclient/tables.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/tables.c Thu Jan 26 19:46:13 2012 (r230597) @@ -184,7 +184,7 @@ struct option dhcp_options[256] = { { "option-116", "X", &dhcp_universe, 116 }, { "option-117", "X", &dhcp_universe, 117 }, { "option-118", "X", &dhcp_universe, 118 }, - { "option-119", "X", &dhcp_universe, 119 }, + { "domain-search", "t", &dhcp_universe, 119 }, { "option-120", "X", &dhcp_universe, 120 }, { "classless-routes", "BA", &dhcp_universe, 121 }, { "option-122", "X", &dhcp_universe, 122 }, @@ -400,12 +400,13 @@ unsigned char dhcp_option_default_priori DHO_IRC_SERVER, DHO_STREETTALK_SERVER, DHO_STREETTALK_DA_SERVER, + DHO_DOMAIN_SEARCH, /* Presently-undefined options... */ 62, 63, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, - 118, 119, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, + 118, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, Modified: stable/9/tools/regression/sbin/Makefile ============================================================================== --- stable/9/tools/regression/sbin/Makefile Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/tools/regression/sbin/Makefile Thu Jan 26 19:46:13 2012 (r230597) @@ -1,5 +1,5 @@ # $FreeBSD$ -SUBDIR= growfs +SUBDIR= dhclient growfs .include <bsd.subdir.mk> Modified: stable/9/tools/regression/sbin/dhclient/fake.c ============================================================================== --- head/tools/regression/sbin/dhclient/fake.c Sun Dec 4 14:44:31 2011 (r228259) +++ stable/9/tools/regression/sbin/dhclient/fake.c Thu Jan 26 19:46:13 2012 (r230597) @@ -32,7 +32,11 @@ warning(char *fmt, ...) va_end(ap); fprintf(stderr, "\n"); - return ret; + /* + * The original warning() would return "ret" here. We do this to + * check warnings explicitely. + */ + longjmp(env, 1); } int _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" Author: dumbbell Date: Thu Jan 26 19:46:13 2012 New Revision: 230597 URL: http://svn.freebsd.org/changeset/base/230597 Log: MFC r228259: Support domain-search in dhclient(8) The "domain-search" option (option 119) allows a DHCP server to publish a list of implicit domain suffixes used during name lookup. This option is described in RFC 3397. For instance, if the domain-search option says: ".example.org .example.com" and one wants to resolve "foobar", the resolver will try: 1. "foobar.example.org" 2. "foobar.example.com" The file /etc/resolv.conf is updated with a "search" directive if the DHCP server provides "domain-search". A regression test suite is included in this patch under tools/regression/sbin/dhclient. PR: bin/151940 Sponsored by: Yakaz (http://www.yakaz.com) MFC r229000: Invalid Domain Search option isn't considered as a fatal error In the original Domain Search option patch, an invalid option value would cause the whole lease to be rejected. However, DHCP servers who emit such an invalid value are more common than I thought. With this new patch, just the option is rejected, not the entire lease. PR: bin/163431 Submitted by: Fabian Keil <fk@fabiankeil.de> (earlier version) Reviewed by: Fabian Keil <fk@fabiankeil.de> Sponsored by: Yakaz (http://www.yakaz.com) MFC r229001: Adapt testsuite following change in Domain Search error handling In this testsuite, warning() and error() have the same behaviour. PR: bin/163431 Sponsored by: Yakaz (http://www.yakaz.com) Added: stable/9/tools/regression/sbin/dhclient/ - copied from r228259, head/tools/regression/sbin/dhclient/ Modified: stable/9/sbin/dhclient/clparse.c stable/9/sbin/dhclient/dhclient-script stable/9/sbin/dhclient/dhclient.c stable/9/sbin/dhclient/dhcp-options.5 stable/9/sbin/dhclient/dhcp.h stable/9/sbin/dhclient/options.c stable/9/sbin/dhclient/tables.c stable/9/tools/regression/sbin/Makefile stable/9/tools/regression/sbin/dhclient/fake.c Directory Properties: stable/9/sbin/dhclient/ (props changed) stable/9/tools/ (props changed) Modified: stable/9/sbin/dhclient/clparse.c ============================================================================== --- stable/9/sbin/dhclient/clparse.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/clparse.c Thu Jan 26 19:46:13 2012 (r230597) @@ -100,6 +100,8 @@ read_client_conf(void) DHO_DOMAIN_NAME_SERVERS; top_level_config.requested_options [top_level_config.requested_option_count++] = DHO_HOST_NAME; + top_level_config.requested_options + [top_level_config.requested_option_count++] = DHO_DOMAIN_SEARCH; if ((cfile = fopen(path_dhclient_conf, "r")) != NULL) { do { Modified: stable/9/sbin/dhclient/dhclient-script ============================================================================== --- stable/9/sbin/dhclient/dhclient-script Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhclient-script Thu Jan 26 19:46:13 2012 (r230597) @@ -201,7 +201,9 @@ add_new_resolv_conf() { local tmpres=/var/run/resolv.conf.${interface} rm -f $tmpres - if [ -n "$new_domain_name" ]; then + if [ -n "$new_domain_search" ]; then + echo "search $new_domain_search" >>$tmpres + elif [ -n "$new_domain_name" ]; then echo "search $new_domain_name" >>$tmpres fi Modified: stable/9/sbin/dhclient/dhclient.c ============================================================================== --- stable/9/sbin/dhclient/dhclient.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhclient.c Thu Jan 26 19:46:13 2012 (r230597) @@ -2368,6 +2368,7 @@ check_option(struct client_lease *l, int } return (1); case DHO_DOMAIN_NAME: + case DHO_DOMAIN_SEARCH: if (!res_hnok(sbuf)) { if (!check_search(sbuf)) { warning("Bogus domain search list %d: %s (%s)", Modified: stable/9/sbin/dhclient/dhcp-options.5 ============================================================================== --- stable/9/sbin/dhclient/dhcp-options.5 Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhcp-options.5 Thu Jan 26 19:46:13 2012 (r230597) @@ -265,6 +265,10 @@ character set. .It Ic option domain-name Ar string ; This option specifies the domain name that the client should use when resolving hostnames via the Domain Name System. +.It Ic option domain-search Ar string ; +This option specifies a list of domain names that the client should use +when resolving hostnames via the Domain Name System. This option is +defined in RFC 3397. .It Ic option swap-server Ar ip-address ; This specifies the IP address of the client's swap server. .It Ic option root-path Ar string ; Modified: stable/9/sbin/dhclient/dhcp.h ============================================================================== --- stable/9/sbin/dhclient/dhcp.h Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/dhcp.h Thu Jan 26 19:46:13 2012 (r230597) @@ -169,6 +169,7 @@ struct dhcp_packet { #define DHO_STREETTALK_SERVER 75 #define DHO_STREETTALK_DA_SERVER 76 #define DHO_DHCP_USER_CLASS_ID 77 +#define DHO_DOMAIN_SEARCH 119 #define DHO_CLASSLESS_ROUTES 121 #define DHO_END 255 Modified: stable/9/sbin/dhclient/options.c ============================================================================== --- stable/9/sbin/dhclient/options.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/options.c Thu Jan 26 19:46:13 2012 (r230597) @@ -55,6 +55,10 @@ void parse_options(struct packet *); void parse_option_buffer(struct packet *, unsigned char *, int); int store_options(unsigned char *, int, struct tree_cache **, unsigned char *, int, int, int, int); +void expand_domain_search(struct packet *packet); +int find_search_domain_name_len(struct option_data *option, int *offset); +void expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search); /* @@ -94,6 +98,11 @@ parse_options(struct packet *packet) (unsigned char *)packet->raw->sname, sizeof(packet->raw->sname)); } + + /* Expand DHCP Domain Search option. */ + if (packet->options_valid) { + expand_domain_search(packet); + } } /* @@ -194,6 +203,171 @@ parse_option_buffer(struct packet *packe } /* + * Expand DHCP Domain Search option. The value of this option is + * encoded like DNS' list of labels. See: + * RFC 3397 + * RFC 1035 + */ +void +expand_domain_search(struct packet *packet) +{ + int offset, expanded_len, next_domain_len; + struct option_data *option; + unsigned char *domain_search, *cursor; + + if (packet->options[DHO_DOMAIN_SEARCH].data == NULL) + return; + + option = &packet->options[DHO_DOMAIN_SEARCH]; + + /* Compute final expanded length. */ + expanded_len = 0; + offset = 0; + while (offset < option->len) { + next_domain_len = find_search_domain_name_len(option, &offset); + if (next_domain_len < 0) + /* The Domain Search option value is invalid. */ + return; + + /* We add 1 for the space between domain names. */ + expanded_len += next_domain_len + 1; + } + if (expanded_len > 0) + /* Remove 1 for the superfluous trailing space. */ + --expanded_len; + + domain_search = malloc(expanded_len + 1); + if (domain_search == NULL) + error("Can't allocate storage for expanded domain-search\n"); + + offset = 0; + cursor = domain_search; + while (offset < option->len) { + expand_search_domain_name(option, &offset, &cursor); + cursor[0] = ' '; + cursor++; + } + domain_search[expanded_len] = '\0'; + + free(option->data); + option->len = expanded_len; + option->data = domain_search; +} + +int +find_search_domain_name_len(struct option_data *option, int *offset) +{ + int domain_name_len, i, label_len, pointer, pointed_len; + + domain_name_len = 0; + + i = *offset; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + return (domain_name_len); + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + if (i + 1 >= option->len) { + /* The pointer is truncated. */ + warning("Truncated pointer in DHCP Domain " + "Search option."); + return (-1); + } + + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + if (pointer >= *offset) { + /* + * The pointer must indicates a prior + * occurance. + */ + warning("Invalid forward pointer in DHCP " + "Domain Search option compression."); + return (-1); + } + + pointed_len = find_search_domain_name_len(option, + &pointer); + domain_name_len += pointed_len; + + *offset = i + 2; + return (domain_name_len); + } + + if (i + label_len >= option->len) { + warning("Truncated label in DHCP Domain Search " + "option."); + return (-1); + } + + /* + * Update the domain name length with the length of the + * current label, plus a trailing dot ('.'). + */ + domain_name_len += label_len + 1; + + /* Move cursor. */ + i += label_len + 1; + } + + warning("Truncated DHCP Domain Search option."); + + return (-1); +} + +void +expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search) +{ + int i, label_len, pointer; + unsigned char *cursor; + + /* + * This is the same loop than the function above + * (find_search_domain_name_len). Therefore, we remove checks, + * they're already done. Here, we just make the copy. + */ + i = *offset; + cursor = *domain_search; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + *domain_search = cursor; + return; + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + + expand_search_domain_name(option, &pointer, &cursor); + + *offset = i + 2; + *domain_search = cursor; + return; + } + + /* Copy the label found. */ + memcpy(cursor, option->data + i + 1, label_len); + cursor[label_len] = '.'; + + /* Move cursor. */ + i += label_len + 1; + cursor += label_len + 1; + } +} + +/* * cons options into a big buffer, and then split them out into the * three separate buffers if needed. This allows us to cons up a set of * vendor options using the same routine. Modified: stable/9/sbin/dhclient/tables.c ============================================================================== --- stable/9/sbin/dhclient/tables.c Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/sbin/dhclient/tables.c Thu Jan 26 19:46:13 2012 (r230597) @@ -184,7 +184,7 @@ struct option dhcp_options[256] = { { "option-116", "X", &dhcp_universe, 116 }, { "option-117", "X", &dhcp_universe, 117 }, { "option-118", "X", &dhcp_universe, 118 }, - { "option-119", "X", &dhcp_universe, 119 }, + { "domain-search", "t", &dhcp_universe, 119 }, { "option-120", "X", &dhcp_universe, 120 }, { "classless-routes", "BA", &dhcp_universe, 121 }, { "option-122", "X", &dhcp_universe, 122 }, @@ -400,12 +400,13 @@ unsigned char dhcp_option_default_priori DHO_IRC_SERVER, DHO_STREETTALK_SERVER, DHO_STREETTALK_DA_SERVER, + DHO_DOMAIN_SEARCH, /* Presently-undefined options... */ 62, 63, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, - 118, 119, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, + 118, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, Modified: stable/9/tools/regression/sbin/Makefile ============================================================================== --- stable/9/tools/regression/sbin/Makefile Thu Jan 26 19:18:10 2012 (r230596) +++ stable/9/tools/regression/sbin/Makefile Thu Jan 26 19:46:13 2012 (r230597) @@ -1,5 +1,5 @@ # $FreeBSD$ -SUBDIR= growfs +SUBDIR= dhclient growfs .include <bsd.subdir.mk> Modified: stable/9/tools/regression/sbin/dhclient/fake.c ============================================================================== --- head/tools/regression/sbin/dhclient/fake.c Sun Dec 4 14:44:31 2011 (r228259) +++ stable/9/tools/regression/sbin/dhclient/fake.c Thu Jan 26 19:46:13 2012 (r230597) @@ -32,7 +32,11 @@ warning(char *fmt, ...) va_end(ap); fprintf(stderr, "\n"); - return ret; + /* + * The original warning() would return "ret" here. We do this to + * check warnings explicitely. + */ + longjmp(env, 1); } int _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" Author: dumbbell Date: Thu Jan 26 22:01:05 2012 New Revision: 230603 URL: http://svn.freebsd.org/changeset/base/230603 Log: MFC r228259: Support domain-search in dhclient(8) The "domain-search" option (option 119) allows a DHCP server to publish a list of implicit domain suffixes used during name lookup. This option is described in RFC 3397. For instance, if the domain-search option says: ".example.org .example.com" and one wants to resolve "foobar", the resolver will try: 1. "foobar.example.org" 2. "foobar.example.com" The file /etc/resolv.conf is updated with a "search" directive if the DHCP server provides "domain-search". A regression test suite is included in this patch under tools/regression/sbin/dhclient. PR: bin/151940 Sponsored by: Yakaz (http://www.yakaz.com) MFC r229000: Invalid Domain Search option isn't considered as a fatal error In the original Domain Search option patch, an invalid option value would cause the whole lease to be rejected. However, DHCP servers who emit such an invalid value are more common than I thought. With this new patch, just the option is rejected, not the entire lease. PR: bin/163431 Submitted by: Fabian Keil <fk@fabiankeil.de> (earlier version) Reviewed by: Fabian Keil <fk@fabiankeil.de> Sponsored by: Yakaz (http://www.yakaz.com) MFC r229001: Adapt testsuite following change in Domain Search error handling In this testsuite, warning() and error() have the same behaviour. PR: bin/163431 Sponsored by: Yakaz (http://www.yakaz.com) Added: stable/8/tools/regression/sbin/dhclient/ - copied from r228259, head/tools/regression/sbin/dhclient/ Modified: stable/8/sbin/dhclient/clparse.c stable/8/sbin/dhclient/dhclient-script stable/8/sbin/dhclient/dhclient.c stable/8/sbin/dhclient/dhcp-options.5 stable/8/sbin/dhclient/dhcp.h stable/8/sbin/dhclient/options.c stable/8/sbin/dhclient/tables.c stable/8/tools/regression/sbin/Makefile stable/8/tools/regression/sbin/dhclient/fake.c Directory Properties: stable/8/sbin/dhclient/ (props changed) stable/8/tools/ (props changed) Modified: stable/8/sbin/dhclient/clparse.c ============================================================================== --- stable/8/sbin/dhclient/clparse.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/clparse.c Thu Jan 26 22:01:05 2012 (r230603) @@ -100,6 +100,8 @@ read_client_conf(void) DHO_DOMAIN_NAME_SERVERS; top_level_config.requested_options [top_level_config.requested_option_count++] = DHO_HOST_NAME; + top_level_config.requested_options + [top_level_config.requested_option_count++] = DHO_DOMAIN_SEARCH; if ((cfile = fopen(path_dhclient_conf, "r")) != NULL) { do { Modified: stable/8/sbin/dhclient/dhclient-script ============================================================================== --- stable/8/sbin/dhclient/dhclient-script Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhclient-script Thu Jan 26 22:01:05 2012 (r230603) @@ -201,7 +201,9 @@ add_new_resolv_conf() { local tmpres=/var/run/resolv.conf.${interface} rm -f $tmpres - if [ -n "$new_domain_name" ]; then + if [ -n "$new_domain_search" ]; then + echo "search $new_domain_search" >>$tmpres + elif [ -n "$new_domain_name" ]; then echo "search $new_domain_name" >>$tmpres fi Modified: stable/8/sbin/dhclient/dhclient.c ============================================================================== --- stable/8/sbin/dhclient/dhclient.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhclient.c Thu Jan 26 22:01:05 2012 (r230603) @@ -2368,6 +2368,7 @@ check_option(struct client_lease *l, int } return (1); case DHO_DOMAIN_NAME: + case DHO_DOMAIN_SEARCH: if (!res_hnok(sbuf)) { if (!check_search(sbuf)) { warning("Bogus domain search list %d: %s (%s)", Modified: stable/8/sbin/dhclient/dhcp-options.5 ============================================================================== --- stable/8/sbin/dhclient/dhcp-options.5 Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhcp-options.5 Thu Jan 26 22:01:05 2012 (r230603) @@ -265,6 +265,10 @@ character set. .It Ic option domain-name Ar string ; This option specifies the domain name that the client should use when resolving hostnames via the Domain Name System. +.It Ic option domain-search Ar string ; +This option specifies a list of domain names that the client should use +when resolving hostnames via the Domain Name System. This option is +defined in RFC 3397. .It Ic option swap-server Ar ip-address ; This specifies the IP address of the client's swap server. .It Ic option root-path Ar string ; Modified: stable/8/sbin/dhclient/dhcp.h ============================================================================== --- stable/8/sbin/dhclient/dhcp.h Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhcp.h Thu Jan 26 22:01:05 2012 (r230603) @@ -169,6 +169,7 @@ struct dhcp_packet { #define DHO_STREETTALK_SERVER 75 #define DHO_STREETTALK_DA_SERVER 76 #define DHO_DHCP_USER_CLASS_ID 77 +#define DHO_DOMAIN_SEARCH 119 #define DHO_CLASSLESS_ROUTES 121 #define DHO_END 255 Modified: stable/8/sbin/dhclient/options.c ============================================================================== --- stable/8/sbin/dhclient/options.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/options.c Thu Jan 26 22:01:05 2012 (r230603) @@ -55,6 +55,10 @@ void parse_options(struct packet *); void parse_option_buffer(struct packet *, unsigned char *, int); int store_options(unsigned char *, int, struct tree_cache **, unsigned char *, int, int, int, int); +void expand_domain_search(struct packet *packet); +int find_search_domain_name_len(struct option_data *option, int *offset); +void expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search); /* @@ -94,6 +98,11 @@ parse_options(struct packet *packet) (unsigned char *)packet->raw->sname, sizeof(packet->raw->sname)); } + + /* Expand DHCP Domain Search option. */ + if (packet->options_valid) { + expand_domain_search(packet); + } } /* @@ -194,6 +203,171 @@ parse_option_buffer(struct packet *packe } /* + * Expand DHCP Domain Search option. The value of this option is + * encoded like DNS' list of labels. See: + * RFC 3397 + * RFC 1035 + */ +void +expand_domain_search(struct packet *packet) +{ + int offset, expanded_len, next_domain_len; + struct option_data *option; + unsigned char *domain_search, *cursor; + + if (packet->options[DHO_DOMAIN_SEARCH].data == NULL) + return; + + option = &packet->options[DHO_DOMAIN_SEARCH]; + + /* Compute final expanded length. */ + expanded_len = 0; + offset = 0; + while (offset < option->len) { + next_domain_len = find_search_domain_name_len(option, &offset); + if (next_domain_len < 0) + /* The Domain Search option value is invalid. */ + return; + + /* We add 1 for the space between domain names. */ + expanded_len += next_domain_len + 1; + } + if (expanded_len > 0) + /* Remove 1 for the superfluous trailing space. */ + --expanded_len; + + domain_search = malloc(expanded_len + 1); + if (domain_search == NULL) + error("Can't allocate storage for expanded domain-search\n"); + + offset = 0; + cursor = domain_search; + while (offset < option->len) { + expand_search_domain_name(option, &offset, &cursor); + cursor[0] = ' '; + cursor++; + } + domain_search[expanded_len] = '\0'; + + free(option->data); + option->len = expanded_len; + option->data = domain_search; +} + +int +find_search_domain_name_len(struct option_data *option, int *offset) +{ + int domain_name_len, i, label_len, pointer, pointed_len; + + domain_name_len = 0; + + i = *offset; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + return (domain_name_len); + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + if (i + 1 >= option->len) { + /* The pointer is truncated. */ + warning("Truncated pointer in DHCP Domain " + "Search option."); + return (-1); + } + + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + if (pointer >= *offset) { + /* + * The pointer must indicates a prior + * occurance. + */ + warning("Invalid forward pointer in DHCP " + "Domain Search option compression."); + return (-1); + } + + pointed_len = find_search_domain_name_len(option, + &pointer); + domain_name_len += pointed_len; + + *offset = i + 2; + return (domain_name_len); + } + + if (i + label_len >= option->len) { + warning("Truncated label in DHCP Domain Search " + "option."); + return (-1); + } + + /* + * Update the domain name length with the length of the + * current label, plus a trailing dot ('.'). + */ + domain_name_len += label_len + 1; + + /* Move cursor. */ + i += label_len + 1; + } + + warning("Truncated DHCP Domain Search option."); + + return (-1); +} + +void +expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search) +{ + int i, label_len, pointer; + unsigned char *cursor; + + /* + * This is the same loop than the function above + * (find_search_domain_name_len). Therefore, we remove checks, + * they're already done. Here, we just make the copy. + */ + i = *offset; + cursor = *domain_search; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + *domain_search = cursor; + return; + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + + expand_search_domain_name(option, &pointer, &cursor); + + *offset = i + 2; + *domain_search = cursor; + return; + } + + /* Copy the label found. */ + memcpy(cursor, option->data + i + 1, label_len); + cursor[label_len] = '.'; + + /* Move cursor. */ + i += label_len + 1; + cursor += label_len + 1; + } +} + +/* * cons options into a big buffer, and then split them out into the * three separate buffers if needed. This allows us to cons up a set of * vendor options using the same routine. Modified: stable/8/sbin/dhclient/tables.c ============================================================================== --- stable/8/sbin/dhclient/tables.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/tables.c Thu Jan 26 22:01:05 2012 (r230603) @@ -184,7 +184,7 @@ struct option dhcp_options[256] = { { "option-116", "X", &dhcp_universe, 116 }, { "option-117", "X", &dhcp_universe, 117 }, { "option-118", "X", &dhcp_universe, 118 }, - { "option-119", "X", &dhcp_universe, 119 }, + { "domain-search", "t", &dhcp_universe, 119 }, { "option-120", "X", &dhcp_universe, 120 }, { "classless-routes", "BA", &dhcp_universe, 121 }, { "option-122", "X", &dhcp_universe, 122 }, @@ -400,12 +400,13 @@ unsigned char dhcp_option_default_priori DHO_IRC_SERVER, DHO_STREETTALK_SERVER, DHO_STREETTALK_DA_SERVER, + DHO_DOMAIN_SEARCH, /* Presently-undefined options... */ 62, 63, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, - 118, 119, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, + 118, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, Modified: stable/8/tools/regression/sbin/Makefile ============================================================================== --- stable/8/tools/regression/sbin/Makefile Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/tools/regression/sbin/Makefile Thu Jan 26 22:01:05 2012 (r230603) @@ -1,5 +1,5 @@ # $FreeBSD$ -SUBDIR= growfs +SUBDIR= dhclient growfs .include <bsd.subdir.mk> Modified: stable/8/tools/regression/sbin/dhclient/fake.c ============================================================================== --- head/tools/regression/sbin/dhclient/fake.c Sun Dec 4 14:44:31 2011 (r228259) +++ stable/8/tools/regression/sbin/dhclient/fake.c Thu Jan 26 22:01:05 2012 (r230603) @@ -32,7 +32,11 @@ warning(char *fmt, ...) va_end(ap); fprintf(stderr, "\n"); - return ret; + /* + * The original warning() would return "ret" here. We do this to + * check warnings explicitely. + */ + longjmp(env, 1); } int _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" Author: dumbbell Date: Thu Jan 26 22:01:05 2012 New Revision: 230603 URL: http://svn.freebsd.org/changeset/base/230603 Log: MFC r228259: Support domain-search in dhclient(8) The "domain-search" option (option 119) allows a DHCP server to publish a list of implicit domain suffixes used during name lookup. This option is described in RFC 3397. For instance, if the domain-search option says: ".example.org .example.com" and one wants to resolve "foobar", the resolver will try: 1. "foobar.example.org" 2. "foobar.example.com" The file /etc/resolv.conf is updated with a "search" directive if the DHCP server provides "domain-search". A regression test suite is included in this patch under tools/regression/sbin/dhclient. PR: bin/151940 Sponsored by: Yakaz (http://www.yakaz.com) MFC r229000: Invalid Domain Search option isn't considered as a fatal error In the original Domain Search option patch, an invalid option value would cause the whole lease to be rejected. However, DHCP servers who emit such an invalid value are more common than I thought. With this new patch, just the option is rejected, not the entire lease. PR: bin/163431 Submitted by: Fabian Keil <fk@fabiankeil.de> (earlier version) Reviewed by: Fabian Keil <fk@fabiankeil.de> Sponsored by: Yakaz (http://www.yakaz.com) MFC r229001: Adapt testsuite following change in Domain Search error handling In this testsuite, warning() and error() have the same behaviour. PR: bin/163431 Sponsored by: Yakaz (http://www.yakaz.com) Added: stable/8/tools/regression/sbin/dhclient/ - copied from r228259, head/tools/regression/sbin/dhclient/ Modified: stable/8/sbin/dhclient/clparse.c stable/8/sbin/dhclient/dhclient-script stable/8/sbin/dhclient/dhclient.c stable/8/sbin/dhclient/dhcp-options.5 stable/8/sbin/dhclient/dhcp.h stable/8/sbin/dhclient/options.c stable/8/sbin/dhclient/tables.c stable/8/tools/regression/sbin/Makefile stable/8/tools/regression/sbin/dhclient/fake.c Directory Properties: stable/8/sbin/dhclient/ (props changed) stable/8/tools/ (props changed) Modified: stable/8/sbin/dhclient/clparse.c ============================================================================== --- stable/8/sbin/dhclient/clparse.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/clparse.c Thu Jan 26 22:01:05 2012 (r230603) @@ -100,6 +100,8 @@ read_client_conf(void) DHO_DOMAIN_NAME_SERVERS; top_level_config.requested_options [top_level_config.requested_option_count++] = DHO_HOST_NAME; + top_level_config.requested_options + [top_level_config.requested_option_count++] = DHO_DOMAIN_SEARCH; if ((cfile = fopen(path_dhclient_conf, "r")) != NULL) { do { Modified: stable/8/sbin/dhclient/dhclient-script ============================================================================== --- stable/8/sbin/dhclient/dhclient-script Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhclient-script Thu Jan 26 22:01:05 2012 (r230603) @@ -201,7 +201,9 @@ add_new_resolv_conf() { local tmpres=/var/run/resolv.conf.${interface} rm -f $tmpres - if [ -n "$new_domain_name" ]; then + if [ -n "$new_domain_search" ]; then + echo "search $new_domain_search" >>$tmpres + elif [ -n "$new_domain_name" ]; then echo "search $new_domain_name" >>$tmpres fi Modified: stable/8/sbin/dhclient/dhclient.c ============================================================================== --- stable/8/sbin/dhclient/dhclient.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhclient.c Thu Jan 26 22:01:05 2012 (r230603) @@ -2368,6 +2368,7 @@ check_option(struct client_lease *l, int } return (1); case DHO_DOMAIN_NAME: + case DHO_DOMAIN_SEARCH: if (!res_hnok(sbuf)) { if (!check_search(sbuf)) { warning("Bogus domain search list %d: %s (%s)", Modified: stable/8/sbin/dhclient/dhcp-options.5 ============================================================================== --- stable/8/sbin/dhclient/dhcp-options.5 Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhcp-options.5 Thu Jan 26 22:01:05 2012 (r230603) @@ -265,6 +265,10 @@ character set. .It Ic option domain-name Ar string ; This option specifies the domain name that the client should use when resolving hostnames via the Domain Name System. +.It Ic option domain-search Ar string ; +This option specifies a list of domain names that the client should use +when resolving hostnames via the Domain Name System. This option is +defined in RFC 3397. .It Ic option swap-server Ar ip-address ; This specifies the IP address of the client's swap server. .It Ic option root-path Ar string ; Modified: stable/8/sbin/dhclient/dhcp.h ============================================================================== --- stable/8/sbin/dhclient/dhcp.h Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/dhcp.h Thu Jan 26 22:01:05 2012 (r230603) @@ -169,6 +169,7 @@ struct dhcp_packet { #define DHO_STREETTALK_SERVER 75 #define DHO_STREETTALK_DA_SERVER 76 #define DHO_DHCP_USER_CLASS_ID 77 +#define DHO_DOMAIN_SEARCH 119 #define DHO_CLASSLESS_ROUTES 121 #define DHO_END 255 Modified: stable/8/sbin/dhclient/options.c ============================================================================== --- stable/8/sbin/dhclient/options.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/options.c Thu Jan 26 22:01:05 2012 (r230603) @@ -55,6 +55,10 @@ void parse_options(struct packet *); void parse_option_buffer(struct packet *, unsigned char *, int); int store_options(unsigned char *, int, struct tree_cache **, unsigned char *, int, int, int, int); +void expand_domain_search(struct packet *packet); +int find_search_domain_name_len(struct option_data *option, int *offset); +void expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search); /* @@ -94,6 +98,11 @@ parse_options(struct packet *packet) (unsigned char *)packet->raw->sname, sizeof(packet->raw->sname)); } + + /* Expand DHCP Domain Search option. */ + if (packet->options_valid) { + expand_domain_search(packet); + } } /* @@ -194,6 +203,171 @@ parse_option_buffer(struct packet *packe } /* + * Expand DHCP Domain Search option. The value of this option is + * encoded like DNS' list of labels. See: + * RFC 3397 + * RFC 1035 + */ +void +expand_domain_search(struct packet *packet) +{ + int offset, expanded_len, next_domain_len; + struct option_data *option; + unsigned char *domain_search, *cursor; + + if (packet->options[DHO_DOMAIN_SEARCH].data == NULL) + return; + + option = &packet->options[DHO_DOMAIN_SEARCH]; + + /* Compute final expanded length. */ + expanded_len = 0; + offset = 0; + while (offset < option->len) { + next_domain_len = find_search_domain_name_len(option, &offset); + if (next_domain_len < 0) + /* The Domain Search option value is invalid. */ + return; + + /* We add 1 for the space between domain names. */ + expanded_len += next_domain_len + 1; + } + if (expanded_len > 0) + /* Remove 1 for the superfluous trailing space. */ + --expanded_len; + + domain_search = malloc(expanded_len + 1); + if (domain_search == NULL) + error("Can't allocate storage for expanded domain-search\n"); + + offset = 0; + cursor = domain_search; + while (offset < option->len) { + expand_search_domain_name(option, &offset, &cursor); + cursor[0] = ' '; + cursor++; + } + domain_search[expanded_len] = '\0'; + + free(option->data); + option->len = expanded_len; + option->data = domain_search; +} + +int +find_search_domain_name_len(struct option_data *option, int *offset) +{ + int domain_name_len, i, label_len, pointer, pointed_len; + + domain_name_len = 0; + + i = *offset; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + return (domain_name_len); + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + if (i + 1 >= option->len) { + /* The pointer is truncated. */ + warning("Truncated pointer in DHCP Domain " + "Search option."); + return (-1); + } + + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + if (pointer >= *offset) { + /* + * The pointer must indicates a prior + * occurance. + */ + warning("Invalid forward pointer in DHCP " + "Domain Search option compression."); + return (-1); + } + + pointed_len = find_search_domain_name_len(option, + &pointer); + domain_name_len += pointed_len; + + *offset = i + 2; + return (domain_name_len); + } + + if (i + label_len >= option->len) { + warning("Truncated label in DHCP Domain Search " + "option."); + return (-1); + } + + /* + * Update the domain name length with the length of the + * current label, plus a trailing dot ('.'). + */ + domain_name_len += label_len + 1; + + /* Move cursor. */ + i += label_len + 1; + } + + warning("Truncated DHCP Domain Search option."); + + return (-1); +} + +void +expand_search_domain_name(struct option_data *option, int *offset, + unsigned char **domain_search) +{ + int i, label_len, pointer; + unsigned char *cursor; + + /* + * This is the same loop than the function above + * (find_search_domain_name_len). Therefore, we remove checks, + * they're already done. Here, we just make the copy. + */ + i = *offset; + cursor = *domain_search; + while (i < option->len) { + label_len = option->data[i]; + if (label_len == 0) { + /* + * A zero-length label marks the end of this + * domain name. + */ + *offset = i + 1; + *domain_search = cursor; + return; + } else if (label_len & 0xC0) { + /* This is a pointer to another list of labels. */ + pointer = ((label_len & ~(0xC0)) << 8) + + option->data[i + 1]; + + expand_search_domain_name(option, &pointer, &cursor); + + *offset = i + 2; + *domain_search = cursor; + return; + } + + /* Copy the label found. */ + memcpy(cursor, option->data + i + 1, label_len); + cursor[label_len] = '.'; + + /* Move cursor. */ + i += label_len + 1; + cursor += label_len + 1; + } +} + +/* * cons options into a big buffer, and then split them out into the * three separate buffers if needed. This allows us to cons up a set of * vendor options using the same routine. Modified: stable/8/sbin/dhclient/tables.c ============================================================================== --- stable/8/sbin/dhclient/tables.c Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/sbin/dhclient/tables.c Thu Jan 26 22:01:05 2012 (r230603) @@ -184,7 +184,7 @@ struct option dhcp_options[256] = { { "option-116", "X", &dhcp_universe, 116 }, { "option-117", "X", &dhcp_universe, 117 }, { "option-118", "X", &dhcp_universe, 118 }, - { "option-119", "X", &dhcp_universe, 119 }, + { "domain-search", "t", &dhcp_universe, 119 }, { "option-120", "X", &dhcp_universe, 120 }, { "classless-routes", "BA", &dhcp_universe, 121 }, { "option-122", "X", &dhcp_universe, 122 }, @@ -400,12 +400,13 @@ unsigned char dhcp_option_default_priori DHO_IRC_SERVER, DHO_STREETTALK_SERVER, DHO_STREETTALK_DA_SERVER, + DHO_DOMAIN_SEARCH, /* Presently-undefined options... */ 62, 63, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, - 118, 119, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, + 118, 120, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, Modified: stable/8/tools/regression/sbin/Makefile ============================================================================== --- stable/8/tools/regression/sbin/Makefile Thu Jan 26 21:43:11 2012 (r230602) +++ stable/8/tools/regression/sbin/Makefile Thu Jan 26 22:01:05 2012 (r230603) @@ -1,5 +1,5 @@ # $FreeBSD$ -SUBDIR= growfs +SUBDIR= dhclient growfs .include <bsd.subdir.mk> Modified: stable/8/tools/regression/sbin/dhclient/fake.c ============================================================================== --- head/tools/regression/sbin/dhclient/fake.c Sun Dec 4 14:44:31 2011 (r228259) +++ stable/8/tools/regression/sbin/dhclient/fake.c Thu Jan 26 22:01:05 2012 (r230603) @@ -32,7 +32,11 @@ warning(char *fmt, ...) va_end(ap); fprintf(stderr, "\n"); - return ret; + /* + * The original warning() would return "ret" here. We do this to + * check warnings explicitely. + */ + longjmp(env, 1); } int _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" |
