]> git.ipfire.org Git - thirdparty/u-boot.git/blob - net/bootp.c
projects / thirdparty / u-boot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
net: reject Bootp/DHCP packets with bad OP value
[thirdparty/u-boot.git] / net / bootp.c
1 /*
2 * Based on LiMon - BOOTP.
3 *
4 * Copyright 1994, 1995, 2000 Neil Russell.
5 * (See License)
6 * Copyright 2000 Roland Borde
7 * Copyright 2000 Paolo Scaffardi
8 * Copyright 2000-2004 Wolfgang Denk, wd@denx.de
9 */
10
11 #include <common.h>
12 #include <command.h>
13 #include <net.h>
14 #include <net/tftp.h>
15 #include "bootp.h"
16 #include "nfs.h"
17 #ifdef CONFIG_STATUS_LED
18 #include <status_led.h>
19 #endif
20 #ifdef CONFIG_BOOTP_RANDOM_DELAY
21 #include "net_rand.h"
22 #endif
23
24 #define BOOTP_VENDOR_MAGIC 0x63825363 /* RFC1048 Magic Cookie */
25
26 /*
27 * The timeout for the initial BOOTP/DHCP request used to be described by a
28 * counter of fixed-length timeout periods. TIMEOUT_COUNT represents
29 * that counter
30 *
31 * Now that the timeout periods are variable (exponential backoff and retry)
32 * we convert the timeout count to the absolute time it would have take to
33 * execute that many retries, and keep sending retry packets until that time
34 * is reached.
35 */
36 #ifndef CONFIG_NET_RETRY_COUNT
37 # define TIMEOUT_COUNT 5 /* # of timeouts before giving up */
38 #else
39 # define TIMEOUT_COUNT (CONFIG_NET_RETRY_COUNT)
40 #endif
41 #define TIMEOUT_MS ((3 + (TIMEOUT_COUNT * 5)) * 1000)
42
43 #define PORT_BOOTPS 67 /* BOOTP server UDP port */
44 #define PORT_BOOTPC 68 /* BOOTP client UDP port */
45
46 #ifndef CONFIG_DHCP_MIN_EXT_LEN /* minimal length of extension list */
47 #define CONFIG_DHCP_MIN_EXT_LEN 64
48 #endif
49
50 #ifndef CONFIG_BOOTP_ID_CACHE_SIZE
51 #define CONFIG_BOOTP_ID_CACHE_SIZE 4
52 #endif
53
54 u32 bootp_ids[CONFIG_BOOTP_ID_CACHE_SIZE];
55 unsigned int bootp_num_ids;
56 int bootp_try;
57 ulong bootp_start;
58 ulong bootp_timeout;
59 char net_nis_domain[32] = {0,}; /* Our NIS domain */
60 char net_hostname[32] = {0,}; /* Our hostname */
61 char net_root_path[64] = {0,}; /* Our bootpath */
62
63 #if defined(CONFIG_CMD_DHCP)
64 static dhcp_state_t dhcp_state = INIT;
65 static u32 dhcp_leasetime;
66 static struct in_addr dhcp_server_ip;
67 static void dhcp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
68 unsigned src, unsigned len);
69
70 /* For Debug */
71 #if 0
72 static char *dhcpmsg2str(int type)
73 {
74 switch (type) {
75 case 1: return "DHCPDISCOVER"; break;
76 case 2: return "DHCPOFFER"; break;
77 case 3: return "DHCPREQUEST"; break;
78 case 4: return "DHCPDECLINE"; break;
79 case 5: return "DHCPACK"; break;
80 case 6: return "DHCPNACK"; break;
81 case 7: return "DHCPRELEASE"; break;
82 default: return "UNKNOWN/INVALID MSG TYPE"; break;
83 }
84 }
85 #endif
86 #endif
87
88 static void bootp_add_id(ulong id)
89 {
90 if (bootp_num_ids >= ARRAY_SIZE(bootp_ids)) {
91 size_t size = sizeof(bootp_ids) - sizeof(id);
92
93 memmove(bootp_ids, &bootp_ids[1], size);
94 bootp_ids[bootp_num_ids - 1] = id;
95 } else {
96 bootp_ids[bootp_num_ids] = id;
97 bootp_num_ids++;
98 }
99 }
100
101 static bool bootp_match_id(ulong id)
102 {
103 unsigned int i;
104
105 for (i = 0; i < bootp_num_ids; i++)
106 if (bootp_ids[i] == id)
107 return true;
108
109 return false;
110 }
111
112 static int check_reply_packet(uchar *pkt, unsigned dest, unsigned src,
113 unsigned len)
114 {
115 struct bootp_hdr *bp = (struct bootp_hdr *)pkt;
116 int retval = 0;
117
118 if (dest != PORT_BOOTPC || src != PORT_BOOTPS)
119 retval = -1;
120 else if (len < sizeof(struct bootp_hdr) - OPT_FIELD_SIZE)
121 retval = -2;
122 else if (bp->bp_op != OP_BOOTREPLY)
123 retval = -3;
124 else if (bp->bp_htype != HWT_ETHER)
125 retval = -4;
126 else if (bp->bp_hlen != HWL_ETHER)
127 retval = -5;
128 else if (!bootp_match_id(net_read_u32(&bp->bp_id)))
129 retval = -6;
130
131 debug("Filtering pkt = %d\n", retval);
132
133 return retval;
134 }
135
136 /*
137 * Copy parameters of interest from BOOTP_REPLY/DHCP_OFFER packet
138 */
139 static void store_net_params(struct bootp_hdr *bp)
140 {
141 #if !defined(CONFIG_BOOTP_SERVERIP)
142 struct in_addr tmp_ip;
143
144 net_copy_ip(&tmp_ip, &bp->bp_siaddr);
145 if (tmp_ip.s_addr != 0)
146 net_copy_ip(&net_server_ip, &bp->bp_siaddr);
147 memcpy(net_server_ethaddr,
148 ((struct ethernet_hdr *)net_rx_packet)->et_src, 6);
149 if (strlen(bp->bp_file) > 0)
150 copy_filename(net_boot_file_name, bp->bp_file,
151 sizeof(net_boot_file_name));
152
153 debug("net_boot_file_name: %s\n", net_boot_file_name);
154
155 /* Propagate to environment:
156 * don't delete exising entry when BOOTP / DHCP reply does
157 * not contain a new value
158 */
159 if (*net_boot_file_name)
160 setenv("bootfile", net_boot_file_name);
161 #endif
162 net_copy_ip(&net_ip, &bp->bp_yiaddr);
163 }
164
165 static int truncate_sz(const char *name, int maxlen, int curlen)
166 {
167 if (curlen >= maxlen) {
168 printf("*** WARNING: %s is too long (%d - max: %d)"
169 " - truncated\n", name, curlen, maxlen);
170 curlen = maxlen - 1;
171 }
172 return curlen;
173 }
174
175 #if !defined(CONFIG_CMD_DHCP)
176
177 static void bootp_process_vendor_field(u8 *ext)
178 {
179 int size = *(ext + 1);
180
181 debug("[BOOTP] Processing extension %d... (%d bytes)\n", *ext,
182 *(ext + 1));
183
184 net_boot_file_expected_size_in_blocks = 0;
185
186 switch (*ext) {
187 /* Fixed length fields */
188 case 1: /* Subnet mask */
189 if (net_netmask.s_addr == 0)
190 net_copy_ip(&net_netmask, (struct in_addr *)(ext + 2));
191 break;
192 case 2: /* Time offset - Not yet supported */
193 break;
194 /* Variable length fields */
195 case 3: /* Gateways list */
196 if (net_gateway.s_addr == 0)
197 net_copy_ip(&net_gateway, (struct in_addr *)(ext + 2));
198 break;
199 case 4: /* Time server - Not yet supported */
200 break;
201 case 5: /* IEN-116 name server - Not yet supported */
202 break;
203 case 6:
204 if (net_dns_server.s_addr == 0)
205 net_copy_ip(&net_dns_server,
206 (struct in_addr *)(ext + 2));
207 #if defined(CONFIG_BOOTP_DNS2)
208 if ((net_dns_server2.s_addr == 0) && (size > 4))
209 net_copy_ip(&net_dns_server2,
210 (struct in_addr *)(ext + 2 + 4));
211 #endif
212 break;
213 case 7: /* Log server - Not yet supported */
214 break;
215 case 8: /* Cookie/Quote server - Not yet supported */
216 break;
217 case 9: /* LPR server - Not yet supported */
218 break;
219 case 10: /* Impress server - Not yet supported */
220 break;
221 case 11: /* RPL server - Not yet supported */
222 break;
223 case 12: /* Host name */
224 if (net_hostname[0] == 0) {
225 size = truncate_sz("Host Name",
226 sizeof(net_hostname), size);
227 memcpy(&net_hostname, ext + 2, size);
228 net_hostname[size] = 0;
229 }
230 break;
231 case 13: /* Boot file size */
232 if (size == 2)
233 net_boot_file_expected_size_in_blocks =
234 ntohs(*(ushort *)(ext + 2));
235 else if (size == 4)
236 net_boot_file_expected_size_in_blocks =
237 ntohl(*(ulong *)(ext + 2));
238 break;
239 case 14: /* Merit dump file - Not yet supported */
240 break;
241 case 15: /* Domain name - Not yet supported */
242 break;
243 case 16: /* Swap server - Not yet supported */
244 break;
245 case 17: /* Root path */
246 if (net_root_path[0] == 0) {
247 size = truncate_sz("Root Path",
248 sizeof(net_root_path), size);
249 memcpy(&net_root_path, ext + 2, size);
250 net_root_path[size] = 0;
251 }
252 break;
253 case 18: /* Extension path - Not yet supported */
254 /*
255 * This can be used to send the information of the
256 * vendor area in another file that the client can
257 * access via TFTP.
258 */
259 break;
260 /* IP host layer fields */
261 case 40: /* NIS Domain name */
262 if (net_nis_domain[0] == 0) {
263 size = truncate_sz("NIS Domain Name",
264 sizeof(net_nis_domain), size);
265 memcpy(&net_nis_domain, ext + 2, size);
266 net_nis_domain[size] = 0;
267 }
268 break;
269 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
270 case 42: /* NTP server IP */
271 net_copy_ip(&net_ntp_server, (struct in_addr *)(ext + 2));
272 break;
273 #endif
274 /* Application layer fields */
275 case 43: /* Vendor specific info - Not yet supported */
276 /*
277 * Binary information to exchange specific
278 * product information.
279 */
280 break;
281 /* Reserved (custom) fields (128..254) */
282 }
283 }
284
285 static void bootp_process_vendor(u8 *ext, int size)
286 {
287 u8 *end = ext + size;
288
289 debug("[BOOTP] Checking extension (%d bytes)...\n", size);
290
291 while ((ext < end) && (*ext != 0xff)) {
292 if (*ext == 0) {
293 ext++;
294 } else {
295 u8 *opt = ext;
296
297 ext += ext[1] + 2;
298 if (ext <= end)
299 bootp_process_vendor_field(opt);
300 }
301 }
302
303 debug("[BOOTP] Received fields:\n");
304 if (net_netmask.s_addr)
305 debug("net_netmask : %pI4\n", &net_netmask);
306
307 if (net_gateway.s_addr)
308 debug("net_gateway : %pI4", &net_gateway);
309
310 if (net_boot_file_expected_size_in_blocks)
311 debug("net_boot_file_expected_size_in_blocks : %d\n",
312 net_boot_file_expected_size_in_blocks);
313
314 if (net_hostname[0])
315 debug("net_hostname : %s\n", net_hostname);
316
317 if (net_root_path[0])
318 debug("net_root_path : %s\n", net_root_path);
319
320 if (net_nis_domain[0])
321 debug("net_nis_domain : %s\n", net_nis_domain);
322
323 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
324 if (net_ntp_server)
325 debug("net_ntp_server : %pI4\n", &net_ntp_server);
326 #endif
327 }
328
329 /*
330 * Handle a BOOTP received packet.
331 */
332 static void bootp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
333 unsigned src, unsigned len)
334 {
335 struct bootp_hdr *bp;
336
337 debug("got BOOTP packet (src=%d, dst=%d, len=%d want_len=%zu)\n",
338 src, dest, len, sizeof(struct bootp_hdr));
339
340 bp = (struct bootp_hdr *)pkt;
341
342 /* Filter out pkts we don't want */
343 if (check_reply_packet(pkt, dest, src, len))
344 return;
345
346 /*
347 * Got a good BOOTP reply. Copy the data into our variables.
348 */
349 #if defined(CONFIG_STATUS_LED) && defined(STATUS_LED_BOOT)
350 status_led_set(STATUS_LED_BOOT, STATUS_LED_OFF);
351 #endif
352
353 store_net_params(bp); /* Store net parameters from reply */
354
355 /* Retrieve extended information (we must parse the vendor area) */
356 if (net_read_u32((u32 *)&bp->bp_vend[0]) == htonl(BOOTP_VENDOR_MAGIC))
357 bootp_process_vendor((uchar *)&bp->bp_vend[4], len);
358
359 net_set_timeout_handler(0, (thand_f *)0);
360 bootstage_mark_name(BOOTSTAGE_ID_BOOTP_STOP, "bootp_stop");
361
362 debug("Got good BOOTP\n");
363
364 net_auto_load();
365 }
366 #endif
367
368 /*
369 * Timeout on BOOTP/DHCP request.
370 */
371 static void bootp_timeout_handler(void)
372 {
373 ulong time_taken = get_timer(bootp_start);
374
375 if (time_taken >= TIMEOUT_MS) {
376 #ifdef CONFIG_BOOTP_MAY_FAIL
377 puts("\nRetry time exceeded\n");
378 net_set_state(NETLOOP_FAIL);
379 #else
380 puts("\nRetry time exceeded; starting again\n");
381 net_start_again();
382 #endif
383 } else {
384 bootp_timeout *= 2;
385 if (bootp_timeout > 2000)
386 bootp_timeout = 2000;
387 net_set_timeout_handler(bootp_timeout, bootp_timeout_handler);
388 bootp_request();
389 }
390 }
391
392 #define put_vci(e, str) \
393 do { \
394 size_t vci_strlen = strlen(str); \
395 *e++ = 60; /* Vendor Class Identifier */ \
396 *e++ = vci_strlen; \
397 memcpy(e, str, vci_strlen); \
398 e += vci_strlen; \
399 } while (0)
400
401 /*
402 * Initialize BOOTP extension fields in the request.
403 */
404 #if defined(CONFIG_CMD_DHCP)
405 static int dhcp_extended(u8 *e, int message_type, struct in_addr server_ip,
406 struct in_addr requested_ip)
407 {
408 u8 *start = e;
409 u8 *cnt;
410 #if defined(CONFIG_BOOTP_PXE)
411 char *uuid;
412 u16 clientarch;
413 #endif
414
415 #if defined(CONFIG_BOOTP_VENDOREX)
416 u8 *x;
417 #endif
418 #if defined(CONFIG_BOOTP_SEND_HOSTNAME)
419 char *hostname;
420 #endif
421
422 *e++ = 99; /* RFC1048 Magic Cookie */
423 *e++ = 130;
424 *e++ = 83;
425 *e++ = 99;
426
427 *e++ = 53; /* DHCP Message Type */
428 *e++ = 1;
429 *e++ = message_type;
430
431 *e++ = 57; /* Maximum DHCP Message Size */
432 *e++ = 2;
433 *e++ = (576 - 312 + OPT_FIELD_SIZE) >> 8;
434 *e++ = (576 - 312 + OPT_FIELD_SIZE) & 0xff;
435
436 if (server_ip.s_addr) {
437 int tmp = ntohl(server_ip.s_addr);
438
439 *e++ = 54; /* ServerID */
440 *e++ = 4;
441 *e++ = tmp >> 24;
442 *e++ = tmp >> 16;
443 *e++ = tmp >> 8;
444 *e++ = tmp & 0xff;
445 }
446
447 if (requested_ip.s_addr) {
448 int tmp = ntohl(requested_ip.s_addr);
449
450 *e++ = 50; /* Requested IP */
451 *e++ = 4;
452 *e++ = tmp >> 24;
453 *e++ = tmp >> 16;
454 *e++ = tmp >> 8;
455 *e++ = tmp & 0xff;
456 }
457 #if defined(CONFIG_BOOTP_SEND_HOSTNAME)
458 hostname = getenv("hostname");
459 if (hostname) {
460 int hostnamelen = strlen(hostname);
461
462 *e++ = 12; /* Hostname */
463 *e++ = hostnamelen;
464 memcpy(e, hostname, hostnamelen);
465 e += hostnamelen;
466 }
467 #endif
468
469 #if defined(CONFIG_BOOTP_PXE)
470 clientarch = CONFIG_BOOTP_PXE_CLIENTARCH;
471 *e++ = 93; /* Client System Architecture */
472 *e++ = 2;
473 *e++ = (clientarch >> 8) & 0xff;
474 *e++ = clientarch & 0xff;
475
476 *e++ = 94; /* Client Network Interface Identifier */
477 *e++ = 3;
478 *e++ = 1; /* type field for UNDI */
479 *e++ = 0; /* major revision */
480 *e++ = 0; /* minor revision */
481
482 uuid = getenv("pxeuuid");
483
484 if (uuid) {
485 if (uuid_str_valid(uuid)) {
486 *e++ = 97; /* Client Machine Identifier */
487 *e++ = 17;
488 *e++ = 0; /* type 0 - UUID */
489
490 uuid_str_to_bin(uuid, e, UUID_STR_FORMAT_STD);
491 e += 16;
492 } else {
493 printf("Invalid pxeuuid: %s\n", uuid);
494 }
495 }
496 #endif
497
498 #if defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_NET_VCI_STRING)
499 put_vci(e, CONFIG_SPL_NET_VCI_STRING);
500 #elif defined(CONFIG_BOOTP_VCI_STRING)
501 put_vci(e, CONFIG_BOOTP_VCI_STRING);
502 #endif
503
504 #if defined(CONFIG_BOOTP_VENDOREX)
505 x = dhcp_vendorex_prep(e);
506 if (x)
507 return x - start;
508 #endif
509
510 *e++ = 55; /* Parameter Request List */
511 cnt = e++; /* Pointer to count of requested items */
512 *cnt = 0;
513 #if defined(CONFIG_BOOTP_SUBNETMASK)
514 *e++ = 1; /* Subnet Mask */
515 *cnt += 1;
516 #endif
517 #if defined(CONFIG_BOOTP_TIMEOFFSET)
518 *e++ = 2;
519 *cnt += 1;
520 #endif
521 #if defined(CONFIG_BOOTP_GATEWAY)
522 *e++ = 3; /* Router Option */
523 *cnt += 1;
524 #endif
525 #if defined(CONFIG_BOOTP_DNS)
526 *e++ = 6; /* DNS Server(s) */
527 *cnt += 1;
528 #endif
529 #if defined(CONFIG_BOOTP_HOSTNAME)
530 *e++ = 12; /* Hostname */
531 *cnt += 1;
532 #endif
533 #if defined(CONFIG_BOOTP_BOOTFILESIZE)
534 *e++ = 13; /* Boot File Size */
535 *cnt += 1;
536 #endif
537 #if defined(CONFIG_BOOTP_BOOTPATH)
538 *e++ = 17; /* Boot path */
539 *cnt += 1;
540 #endif
541 #if defined(CONFIG_BOOTP_NISDOMAIN)
542 *e++ = 40; /* NIS Domain name request */
543 *cnt += 1;
544 #endif
545 #if defined(CONFIG_BOOTP_NTPSERVER)
546 *e++ = 42;
547 *cnt += 1;
548 #endif
549 /* no options, so back up to avoid sending an empty request list */
550 if (*cnt == 0)
551 e -= 2;
552
553 *e++ = 255; /* End of the list */
554
555 /* Pad to minimal length */
556 #ifdef CONFIG_DHCP_MIN_EXT_LEN
557 while ((e - start) < CONFIG_DHCP_MIN_EXT_LEN)
558 *e++ = 0;
559 #endif
560
561 return e - start;
562 }
563
564 #else
565 /*
566 * Warning: no field size check - change CONFIG_BOOTP_* at your own risk!
567 */
568 static int bootp_extended(u8 *e)
569 {
570 u8 *start = e;
571
572 *e++ = 99; /* RFC1048 Magic Cookie */
573 *e++ = 130;
574 *e++ = 83;
575 *e++ = 99;
576
577 #if defined(CONFIG_CMD_DHCP)
578 *e++ = 53; /* DHCP Message Type */
579 *e++ = 1;
580 *e++ = DHCP_DISCOVER;
581
582 *e++ = 57; /* Maximum DHCP Message Size */
583 *e++ = 2;
584 *e++ = (576 - 312 + OPT_FIELD_SIZE) >> 16;
585 *e++ = (576 - 312 + OPT_FIELD_SIZE) & 0xff;
586 #endif
587
588 #if defined(CONFIG_BOOTP_VCI_STRING) || \
589 (defined(CONFIG_SPL_BUILD) && defined(CONFIG_SPL_NET_VCI_STRING))
590 #ifdef CONFIG_SPL_BUILD
591 put_vci(e, CONFIG_SPL_NET_VCI_STRING);
592 #else
593 put_vci(e, CONFIG_BOOTP_VCI_STRING);
594 #endif
595 #endif
596
597 #if defined(CONFIG_BOOTP_SUBNETMASK)
598 *e++ = 1; /* Subnet mask request */
599 *e++ = 4;
600 e += 4;
601 #endif
602
603 #if defined(CONFIG_BOOTP_GATEWAY)
604 *e++ = 3; /* Default gateway request */
605 *e++ = 4;
606 e += 4;
607 #endif
608
609 #if defined(CONFIG_BOOTP_DNS)
610 *e++ = 6; /* Domain Name Server */
611 *e++ = 4;
612 e += 4;
613 #endif
614
615 #if defined(CONFIG_BOOTP_HOSTNAME)
616 *e++ = 12; /* Host name request */
617 *e++ = 32;
618 e += 32;
619 #endif
620
621 #if defined(CONFIG_BOOTP_BOOTFILESIZE)
622 *e++ = 13; /* Boot file size */
623 *e++ = 2;
624 e += 2;
625 #endif
626
627 #if defined(CONFIG_BOOTP_BOOTPATH)
628 *e++ = 17; /* Boot path */
629 *e++ = 32;
630 e += 32;
631 #endif
632
633 #if defined(CONFIG_BOOTP_NISDOMAIN)
634 *e++ = 40; /* NIS Domain name request */
635 *e++ = 32;
636 e += 32;
637 #endif
638 #if defined(CONFIG_BOOTP_NTPSERVER)
639 *e++ = 42;
640 *e++ = 4;
641 e += 4;
642 #endif
643
644 *e++ = 255; /* End of the list */
645
646 return e - start;
647 }
648 #endif
649
650 void bootp_reset(void)
651 {
652 bootp_num_ids = 0;
653 bootp_try = 0;
654 bootp_start = get_timer(0);
655 bootp_timeout = 250;
656 }
657
658 void bootp_request(void)
659 {
660 uchar *pkt, *iphdr;
661 struct bootp_hdr *bp;
662 int extlen, pktlen, iplen;
663 int eth_hdr_size;
664 #ifdef CONFIG_BOOTP_RANDOM_DELAY
665 ulong rand_ms;
666 #endif
667 u32 bootp_id;
668 struct in_addr zero_ip;
669 struct in_addr bcast_ip;
670
671 bootstage_mark_name(BOOTSTAGE_ID_BOOTP_START, "bootp_start");
672 #if defined(CONFIG_CMD_DHCP)
673 dhcp_state = INIT;
674 #endif
675
676 #ifdef CONFIG_BOOTP_RANDOM_DELAY /* Random BOOTP delay */
677 if (bootp_try == 0)
678 srand_mac();
679
680 if (bootp_try <= 2) /* Start with max 1024 * 1ms */
681 rand_ms = rand() >> (22 - bootp_try);
682 else /* After 3rd BOOTP request max 8192 * 1ms */
683 rand_ms = rand() >> 19;
684
685 printf("Random delay: %ld ms...\n", rand_ms);
686 mdelay(rand_ms);
687
688 #endif /* CONFIG_BOOTP_RANDOM_DELAY */
689
690 printf("BOOTP broadcast %d\n", ++bootp_try);
691 pkt = net_tx_packet;
692 memset((void *)pkt, 0, PKTSIZE);
693
694 eth_hdr_size = net_set_ether(pkt, net_bcast_ethaddr, PROT_IP);
695 pkt += eth_hdr_size;
696
697 /*
698 * Next line results in incorrect packet size being transmitted,
699 * resulting in errors in some DHCP servers, reporting missing bytes.
700 * Size must be set in packet header after extension length has been
701 * determined.
702 * C. Hallinan, DS4.COM, Inc.
703 */
704 /* net_set_udp_header(pkt, 0xFFFFFFFFL, PORT_BOOTPS, PORT_BOOTPC,
705 sizeof (struct bootp_hdr)); */
706 iphdr = pkt; /* We need this later for net_set_udp_header() */
707 pkt += IP_UDP_HDR_SIZE;
708
709 bp = (struct bootp_hdr *)pkt;
710 bp->bp_op = OP_BOOTREQUEST;
711 bp->bp_htype = HWT_ETHER;
712 bp->bp_hlen = HWL_ETHER;
713 bp->bp_hops = 0;
714 bp->bp_secs = htons(get_timer(0) / 1000);
715 zero_ip.s_addr = 0;
716 net_write_ip(&bp->bp_ciaddr, zero_ip);
717 net_write_ip(&bp->bp_yiaddr, zero_ip);
718 net_write_ip(&bp->bp_siaddr, zero_ip);
719 net_write_ip(&bp->bp_giaddr, zero_ip);
720 memcpy(bp->bp_chaddr, net_ethaddr, 6);
721 copy_filename(bp->bp_file, net_boot_file_name, sizeof(bp->bp_file));
722
723 /* Request additional information from the BOOTP/DHCP server */
724 #if defined(CONFIG_CMD_DHCP)
725 extlen = dhcp_extended((u8 *)bp->bp_vend, DHCP_DISCOVER, zero_ip,
726 zero_ip);
727 #else
728 extlen = bootp_extended((u8 *)bp->bp_vend);
729 #endif
730
731 /*
732 * Bootp ID is the lower 4 bytes of our ethernet address
733 * plus the current time in ms.
734 */
735 bootp_id = ((u32)net_ethaddr[2] << 24)
736 | ((u32)net_ethaddr[3] << 16)
737 | ((u32)net_ethaddr[4] << 8)
738 | (u32)net_ethaddr[5];
739 bootp_id += get_timer(0);
740 bootp_id = htonl(bootp_id);
741 bootp_add_id(bootp_id);
742 net_copy_u32(&bp->bp_id, &bootp_id);
743
744 /*
745 * Calculate proper packet lengths taking into account the
746 * variable size of the options field
747 */
748 iplen = BOOTP_HDR_SIZE - OPT_FIELD_SIZE + extlen;
749 pktlen = eth_hdr_size + IP_UDP_HDR_SIZE + iplen;
750 bcast_ip.s_addr = 0xFFFFFFFFL;
751 net_set_udp_header(iphdr, bcast_ip, PORT_BOOTPS, PORT_BOOTPC, iplen);
752 net_set_timeout_handler(bootp_timeout, bootp_timeout_handler);
753
754 #if defined(CONFIG_CMD_DHCP)
755 dhcp_state = SELECTING;
756 net_set_udp_handler(dhcp_handler);
757 #else
758 net_set_udp_handler(bootp_handler);
759 #endif
760 net_send_packet(net_tx_packet, pktlen);
761 }
762
763 #if defined(CONFIG_CMD_DHCP)
764 static void dhcp_process_options(uchar *popt, struct bootp_hdr *bp)
765 {
766 uchar *end = popt + BOOTP_HDR_SIZE;
767 int oplen, size;
768 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_TIMEOFFSET)
769 int *to_ptr;
770 #endif
771
772 while (popt < end && *popt != 0xff) {
773 oplen = *(popt + 1);
774 switch (*popt) {
775 case 1:
776 net_copy_ip(&net_netmask, (popt + 2));
777 break;
778 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_TIMEOFFSET)
779 case 2: /* Time offset */
780 to_ptr = &net_ntp_time_offset;
781 net_copy_u32((u32 *)to_ptr, (u32 *)(popt + 2));
782 net_ntp_time_offset = ntohl(net_ntp_time_offset);
783 break;
784 #endif
785 case 3:
786 net_copy_ip(&net_gateway, (popt + 2));
787 break;
788 case 6:
789 net_copy_ip(&net_dns_server, (popt + 2));
790 #if defined(CONFIG_BOOTP_DNS2)
791 if (*(popt + 1) > 4)
792 net_copy_ip(&net_dns_server2, (popt + 2 + 4));
793 #endif
794 break;
795 case 12:
796 size = truncate_sz("Host Name",
797 sizeof(net_hostname), oplen);
798 memcpy(&net_hostname, popt + 2, size);
799 net_hostname[size] = 0;
800 break;
801 case 15: /* Ignore Domain Name Option */
802 break;
803 case 17:
804 size = truncate_sz("Root Path",
805 sizeof(net_root_path), oplen);
806 memcpy(&net_root_path, popt + 2, size);
807 net_root_path[size] = 0;
808 break;
809 case 28: /* Ignore Broadcast Address Option */
810 break;
811 #if defined(CONFIG_CMD_SNTP) && defined(CONFIG_BOOTP_NTPSERVER)
812 case 42: /* NTP server IP */
813 net_copy_ip(&net_ntp_server, (popt + 2));
814 break;
815 #endif
816 case 51:
817 net_copy_u32(&dhcp_leasetime, (u32 *)(popt + 2));
818 break;
819 case 53: /* Ignore Message Type Option */
820 break;
821 case 54:
822 net_copy_ip(&dhcp_server_ip, (popt + 2));
823 break;
824 case 58: /* Ignore Renewal Time Option */
825 break;
826 case 59: /* Ignore Rebinding Time Option */
827 break;
828 case 66: /* Ignore TFTP server name */
829 break;
830 case 67: /* vendor opt bootfile */
831 /*
832 * I can't use dhcp_vendorex_proc here because I need
833 * to write into the bootp packet - even then I had to
834 * pass the bootp packet pointer into here as the
835 * second arg
836 */
837 size = truncate_sz("Opt Boot File",
838 sizeof(bp->bp_file),
839 oplen);
840 if (bp->bp_file[0] == '\0' && size > 0) {
841 /*
842 * only use vendor boot file if we didn't
843 * receive a boot file in the main non-vendor
844 * part of the packet - god only knows why
845 * some vendors chose not to use this perfectly
846 * good spot to store the boot file (join on
847 * Tru64 Unix) it seems mind bogglingly crazy
848 * to me
849 */
850 printf("*** WARNING: using vendor "
851 "optional boot file\n");
852 memcpy(bp->bp_file, popt + 2, size);
853 bp->bp_file[size] = '\0';
854 }
855 break;
856 default:
857 #if defined(CONFIG_BOOTP_VENDOREX)
858 if (dhcp_vendorex_proc(popt))
859 break;
860 #endif
861 printf("*** Unhandled DHCP Option in OFFER/ACK:"
862 " %d\n", *popt);
863 break;
864 }
865 popt += oplen + 2; /* Process next option */
866 }
867 }
868
869 static int dhcp_message_type(unsigned char *popt)
870 {
871 if (net_read_u32((u32 *)popt) != htonl(BOOTP_VENDOR_MAGIC))
872 return -1;
873
874 popt += 4;
875 while (*popt != 0xff) {
876 if (*popt == 53) /* DHCP Message Type */
877 return *(popt + 2);
878 popt += *(popt + 1) + 2; /* Scan through all options */
879 }
880 return -1;
881 }
882
883 static void dhcp_send_request_packet(struct bootp_hdr *bp_offer)
884 {
885 uchar *pkt, *iphdr;
886 struct bootp_hdr *bp;
887 int pktlen, iplen, extlen;
888 int eth_hdr_size;
889 struct in_addr offered_ip;
890 struct in_addr zero_ip;
891 struct in_addr bcast_ip;
892
893 debug("dhcp_send_request_packet: Sending DHCPREQUEST\n");
894 pkt = net_tx_packet;
895 memset((void *)pkt, 0, PKTSIZE);
896
897 eth_hdr_size = net_set_ether(pkt, net_bcast_ethaddr, PROT_IP);
898 pkt += eth_hdr_size;
899
900 iphdr = pkt; /* We'll need this later to set proper pkt size */
901 pkt += IP_UDP_HDR_SIZE;
902
903 bp = (struct bootp_hdr *)pkt;
904 bp->bp_op = OP_BOOTREQUEST;
905 bp->bp_htype = HWT_ETHER;
906 bp->bp_hlen = HWL_ETHER;
907 bp->bp_hops = 0;
908 bp->bp_secs = htons(get_timer(0) / 1000);
909 /* Do not set the client IP, your IP, or server IP yet, since it
910 * hasn't been ACK'ed by the server yet */
911
912 /*
913 * RFC3046 requires Relay Agents to discard packets with
914 * nonzero and offered giaddr
915 */
916 zero_ip.s_addr = 0;
917 net_write_ip(&bp->bp_giaddr, zero_ip);
918
919 memcpy(bp->bp_chaddr, net_ethaddr, 6);
920
921 /*
922 * ID is the id of the OFFER packet
923 */
924
925 net_copy_u32(&bp->bp_id, &bp_offer->bp_id);
926
927 /*
928 * Copy options from OFFER packet if present
929 */
930
931 /* Copy offered IP into the parameters request list */
932 net_copy_ip(&offered_ip, &bp_offer->bp_yiaddr);
933 extlen = dhcp_extended((u8 *)bp->bp_vend, DHCP_REQUEST,
934 dhcp_server_ip, offered_ip);
935
936 iplen = BOOTP_HDR_SIZE - OPT_FIELD_SIZE + extlen;
937 pktlen = eth_hdr_size + IP_UDP_HDR_SIZE + iplen;
938 bcast_ip.s_addr = 0xFFFFFFFFL;
939 net_set_udp_header(iphdr, bcast_ip, PORT_BOOTPS, PORT_BOOTPC, iplen);
940
941 #ifdef CONFIG_BOOTP_DHCP_REQUEST_DELAY
942 udelay(CONFIG_BOOTP_DHCP_REQUEST_DELAY);
943 #endif /* CONFIG_BOOTP_DHCP_REQUEST_DELAY */
944 debug("Transmitting DHCPREQUEST packet: len = %d\n", pktlen);
945 net_send_packet(net_tx_packet, pktlen);
946 }
947
948 /*
949 * Handle DHCP received packets.
950 */
951 static void dhcp_handler(uchar *pkt, unsigned dest, struct in_addr sip,
952 unsigned src, unsigned len)
953 {
954 struct bootp_hdr *bp = (struct bootp_hdr *)pkt;
955
956 debug("DHCPHandler: got packet: (src=%d, dst=%d, len=%d) state: %d\n",
957 src, dest, len, dhcp_state);
958
959 /* Filter out pkts we don't want */
960 if (check_reply_packet(pkt, dest, src, len))
961 return;
962
963 debug("DHCPHandler: got DHCP packet: (src=%d, dst=%d, len=%d) state: "
964 "%d\n", src, dest, len, dhcp_state);
965
966 switch (dhcp_state) {
967 case SELECTING:
968 /*
969 * Wait an appropriate time for any potential DHCPOFFER packets
970 * to arrive. Then select one, and generate DHCPREQUEST
971 * response. If filename is in format we recognize, assume it
972 * is a valid OFFER from a server we want.
973 */
974 debug("DHCP: state=SELECTING bp_file: \"%s\"\n", bp->bp_file);
975 #ifdef CONFIG_SYS_BOOTFILE_PREFIX
976 if (strncmp(bp->bp_file,
977 CONFIG_SYS_BOOTFILE_PREFIX,
978 strlen(CONFIG_SYS_BOOTFILE_PREFIX)) == 0) {
979 #endif /* CONFIG_SYS_BOOTFILE_PREFIX */
980
981 debug("TRANSITIONING TO REQUESTING STATE\n");
982 dhcp_state = REQUESTING;
983
984 if (net_read_u32((u32 *)&bp->bp_vend[0]) ==
985 htonl(BOOTP_VENDOR_MAGIC))
986 dhcp_process_options((u8 *)&bp->bp_vend[4], bp);
987
988 net_set_timeout_handler(5000, bootp_timeout_handler);
989 dhcp_send_request_packet(bp);
990 #ifdef CONFIG_SYS_BOOTFILE_PREFIX
991 }
992 #endif /* CONFIG_SYS_BOOTFILE_PREFIX */
993
994 return;
995 break;
996 case REQUESTING:
997 debug("DHCP State: REQUESTING\n");
998
999 if (dhcp_message_type((u8 *)bp->bp_vend) == DHCP_ACK) {
1000 if (net_read_u32((u32 *)&bp->bp_vend[0]) ==
1001 htonl(BOOTP_VENDOR_MAGIC))
1002 dhcp_process_options((u8 *)&bp->bp_vend[4], bp);
1003 /* Store net params from reply */
1004 store_net_params(bp);
1005 dhcp_state = BOUND;
1006 printf("DHCP client bound to address %pI4 (%lu ms)\n",
1007 &net_ip, get_timer(bootp_start));
1008 bootstage_mark_name(BOOTSTAGE_ID_BOOTP_STOP,
1009 "bootp_stop");
1010
1011 net_auto_load();
1012 return;
1013 }
1014 break;
1015 case BOUND:
1016 /* DHCP client bound to address */
1017 break;
1018 default:
1019 puts("DHCP: INVALID STATE\n");
1020 break;
1021 }
1022 }
1023
1024 void dhcp_request(void)
1025 {
1026 bootp_request();
1027 }
1028 #endif /* CONFIG_CMD_DHCP */
"Das U-Boot" Source Tree