rpm/dhcp
SHA256
1
0
Fork 0
forked from pool/dhcp
Code Pull Requests Activity

- Added dhcp-4.2.0-xen-checksum.patch by David Cantrell to handle

Browse Source 
xen partial UDP checksums (bnc#668194).

OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=57
This commit is contained in:
Marius Tomaschewski 2011-02-18 10:34:04 +00:00 committed by Git OBS Bridge
parent 6e20855cc5
commit 35b05841a2
3 changed files with 256 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

245
dhcp-4.2.0-xen-checksum.patch Normal file
View File

@ -0,0 +1,245 @@
diff -up dhcp-4.2.0/common/bpf.c.xen dhcp-4.2.0/common/bpf.c
--- dhcp-4.2.0/common/bpf.c.xen 2009-11-20 02:48:59.000000000 +0100
+++ dhcp-4.2.0/common/bpf.c 2010-07-21 13:51:24.000000000 +0200
@@ -485,7 +485,7 @@ ssize_t receive_packet (interface, buf,
offset = decode_udp_ip_header (interface,
interface -> rbuf,
interface -> rbuf_offset,
- from, hdr.bh_caplen, &paylen);
+ from, hdr.bh_caplen, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0) {
diff -up dhcp-4.2.0/common/dlpi.c.xen dhcp-4.2.0/common/dlpi.c
--- dhcp-4.2.0/common/dlpi.c.xen 2009-11-20 02:49:00.000000000 +0100
+++ dhcp-4.2.0/common/dlpi.c 2010-07-21 13:51:24.000000000 +0200
@@ -694,7 +694,7 @@ ssize_t receive_packet (interface, buf,
length -= offset;
#endif
offset = decode_udp_ip_header (interface, dbuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/*
* If the IP or UDP checksum was bad, skip the packet...
diff -up dhcp-4.2.0/common/lpf.c.xen dhcp-4.2.0/common/lpf.c
--- dhcp-4.2.0/common/lpf.c.xen 2009-07-23 20:52:19.000000000 +0200
+++ dhcp-4.2.0/common/lpf.c 2010-07-21 13:51:24.000000000 +0200
@@ -29,18 +29,33 @@
#include "dhcpd.h"
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
#include <sys/ioctl.h>
+#include <sys/socket.h>
#include <sys/uio.h>
#include <errno.h>
#include <asm/types.h>
#include <linux/filter.h>
#include <linux/if_ether.h>
+#include <linux/if_packet.h>
#include <netinet/in_systm.h>
#include "includes/netinet/ip.h"
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
#include <net/if.h>
+#ifndef PACKET_AUXDATA
+#define PACKET_AUXDATA 8
+
+struct tpacket_auxdata
+{
+ __u32 tp_status;
+ __u32 tp_len;
+ __u32 tp_snaplen;
+ __u16 tp_mac;
+ __u16 tp_net;
+};
+#endif
+
/* Reinitializes the specified interface after an address change. This
is not required for packet-filter APIs. */
@@ -66,10 +81,14 @@ int if_register_lpf (info)
struct interface_info *info;
{
int sock;
- struct sockaddr sa;
+ union {
+ struct sockaddr_ll ll;
+ struct sockaddr common;
+ } sa;
+ struct ifreq ifr;
/* Make an LPF socket. */
- if ((sock = socket(PF_PACKET, SOCK_PACKET,
+ if ((sock = socket(PF_PACKET, SOCK_RAW,
htons((short)ETH_P_ALL))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
@@ -84,11 +103,16 @@ int if_register_lpf (info)
log_fatal ("Open a socket for LPF: %m");
}
+ memset (&ifr, 0, sizeof ifr);
+ strncpy (ifr.ifr_name, (const char *)info -> ifp, sizeof ifr.ifr_name);
+ if (ioctl (sock, SIOCGIFINDEX, &ifr))
+ log_fatal ("Failed to get interface index: %m");
+
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
- sa.sa_family = AF_PACKET;
- strncpy (sa.sa_data, (const char *)info -> ifp, sizeof sa.sa_data);
- if (bind (sock, &sa, sizeof sa)) {
+ sa.ll.sll_family = AF_PACKET;
+ sa.ll.sll_ifindex = ifr.ifr_ifindex;
+ if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -170,9 +194,18 @@ static void lpf_gen_filter_setup (struct
void if_register_receive (info)
struct interface_info *info;
{
+ int val;
+
/* Open a LPF device and hang it on this interface... */
info -> rfdesc = if_register_lpf (info);
+ val = 1;
+ if (setsockopt (info -> rfdesc, SOL_PACKET, PACKET_AUXDATA, &val,
+ sizeof val) < 0) {
+ if (errno != ENOPROTOOPT)
+ log_fatal ("Failed to set auxiliary packet data: %m");
+ }
+
#if defined (HAVE_TR_SUPPORT)
if (info -> hw_address.hbuf [0] == HTYPE_IEEE802)
lpf_tr_filter_setup (info);
@@ -294,7 +327,6 @@ ssize_t send_packet (interface, packet,
double hh [16];
double ih [1536 / sizeof (double)];
unsigned char *buf = (unsigned char *)ih;
- struct sockaddr sa;
int result;
int fudge;
@@ -315,15 +347,7 @@ ssize_t send_packet (interface, packet,
(unsigned char *)raw, len);
memcpy (buf + ibufp, raw, len);
- /* For some reason, SOCK_PACKET sockets can't be connected,
- so we have to do a sentdo every time. */
- memset (&sa, 0, sizeof sa);
- sa.sa_family = AF_PACKET;
- strncpy (sa.sa_data,
- (const char *)interface -> ifp, sizeof sa.sa_data);
-
- result = sendto (interface -> wfdesc,
- buf + fudge, ibufp + len - fudge, 0, &sa, sizeof sa);
+ result = write (interface -> wfdesc, buf + fudge, ibufp + len - fudge);
if (result < 0)
log_error ("send_packet: %m");
return result;
@@ -340,14 +364,35 @@ ssize_t receive_packet (interface, buf,
{
int length = 0;
int offset = 0;
+ int nocsum = 0;
unsigned char ibuf [1536];
unsigned bufix = 0;
unsigned paylen;
+ unsigned char cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))];
+ struct iovec iov = {
+ .iov_base = ibuf,
+ .iov_len = sizeof ibuf,
+ };
+ struct msghdr msg = {
+ .msg_iov = &iov,
+ .msg_iovlen = 1,
+ .msg_control = cmsgbuf,
+ .msg_controllen = sizeof(cmsgbuf),
+ };
+ struct cmsghdr *cmsg;
- length = read (interface -> rfdesc, ibuf, sizeof ibuf);
+ length = recvmsg (interface -> rfdesc, &msg, 0);
if (length <= 0)
return length;
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ if (cmsg->cmsg_level == SOL_PACKET &&
+ cmsg->cmsg_type == PACKET_AUXDATA) {
+ struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
+ nocsum = aux->tp_status & TP_STATUS_CSUMNOTREADY;
+ }
+ }
+
bufix = 0;
/* Decode the physical header... */
offset = decode_hw_header (interface, ibuf, bufix, hfrom);
@@ -364,7 +409,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix, from,
- (unsigned)length, &paylen);
+ (unsigned)length, &paylen, nocsum);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.0/common/nit.c.xen dhcp-4.2.0/common/nit.c
--- dhcp-4.2.0/common/nit.c.xen 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.0/common/nit.c 2010-07-21 13:51:24.000000000 +0200
@@ -369,7 +369,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.0/common/packet.c.xen dhcp-4.2.0/common/packet.c
--- dhcp-4.2.0/common/packet.c.xen 2009-07-23 20:52:20.000000000 +0200
+++ dhcp-4.2.0/common/packet.c 2010-07-21 13:51:24.000000000 +0200
@@ -211,7 +211,7 @@ ssize_t
decode_udp_ip_header(struct interface_info *interface,
unsigned char *buf, unsigned bufix,
struct sockaddr_in *from, unsigned buflen,
- unsigned *rbuflen)
+ unsigned *rbuflen, int nocsum)
{
unsigned char *data;
struct ip ip;
@@ -322,7 +322,7 @@ decode_udp_ip_header(struct interface_in
8, IPPROTO_UDP + ulen))));
udp_packets_seen++;
- if (usum && usum != sum) {
+ if (!nocsum && usum && usum != sum) {
udp_packets_bad_checksum++;
if (udp_packets_seen > 4 &&
(udp_packets_seen / udp_packets_bad_checksum) < 2) {
diff -up dhcp-4.2.0/common/upf.c.xen dhcp-4.2.0/common/upf.c
--- dhcp-4.2.0/common/upf.c.xen 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.0/common/upf.c 2010-07-21 13:51:24.000000000 +0200
@@ -320,7 +320,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.0/includes/dhcpd.h.xen dhcp-4.2.0/includes/dhcpd.h
--- dhcp-4.2.0/includes/dhcpd.h.xen 2010-07-21 13:38:31.000000000 +0200
+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 13:51:24.000000000 +0200
@@ -2773,7 +2773,7 @@ ssize_t decode_hw_header PROTO ((struct
unsigned, struct hardware *));
ssize_t decode_udp_ip_header PROTO ((struct interface_info *, unsigned char *,
unsigned, struct sockaddr_in *,
- unsigned, unsigned *));
+ unsigned, unsigned *, int));
/* ethernet.c */
void assemble_ethernet_header PROTO ((struct interface_info *, unsigned char *,

6
dhcp.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Feb 18 10:21:28 UTC 2011 - mt@suse.de
- Added dhcp-4.2.0-xen-checksum.patch by David Cantrell to handle
xen partial UDP checksums (bnc#668194).
-------------------------------------------------------------------
Wed Feb 2 09:12:11 UTC 2011 - mt@suse.de

8
dhcp.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package dhcp (Version 4.2.0.P2)
# spec file for package dhcp
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -36,7 +36,7 @@ License: BSD3c(or similar)
Group: Productivity/Networking/Boot/Servers
AutoReqProv: on
Version: 4.2.0.P2
Release: 1
Release: 2
Summary: Common Files Used by ISC DHCP Software
Url: http://www.isc.org/software/dhcp
Source0: dhcp-%{isc_version}.tar.bz2
@ -84,6 +84,7 @@ Patch40: dhcp-4.1.1-P1-lpf-bind-msg-fix.diff
Patch41: dhcp-4.1.1-P1-relay-no-ip-on-interface.diff
Patch42: dhcp-4.1.1-P1-optional-value-infinite-loop.diff
Patch43: dhcp-4.2.0-P2-CVE-2011-0413.bnc667655.diff
Patch44: dhcp-4.2.0-xen-checksum.patch
##
PreReq: /bin/touch /sbin/chkconfig sysconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -210,6 +211,7 @@ Authors:
%patch41 -p1
%patch42 -p1
%patch43 -p1
%patch44 -p1
##
find . -type f -name \*.cat\* -exec rm -f {} \;
dos2unix contrib/ms2isc/*