]> git.ipfire.org Git - thirdparty/dhcp.git/blob - server/dhcp.c
projects / thirdparty / dhcp.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
cast to int for * in $.*s
[thirdparty/dhcp.git] / server / dhcp.c
1 /* dhcp.c
2
3 DHCP Protocol engine. */
4
5 /*
6 * Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
7 * Copyright (c) 1995-2003 by Internet Software Consortium
8 *
9 * Permission to use, copy, modify, and distribute this software for any
10 * purpose with or without fee is hereby granted, provided that the above
11 * copyright notice and this permission notice appear in all copies.
12 *
13 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
14 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
16 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
19 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20 *
21 * Internet Systems Consortium, Inc.
22 * 950 Charter Street
23 * Redwood City, CA 94063
24 * <info@isc.org>
25 * https://www.isc.org/
26 *
27 * This software has been written for Internet Systems Consortium
28 * by Ted Lemon in cooperation with Vixie Enterprises and Nominum, Inc.
29 * To learn more about Internet Systems Consortium, see
30 * ``https://www.isc.org/''. To learn more about Vixie Enterprises,
31 * see ``http://www.vix.com''. To learn more about Nominum, Inc., see
32 * ``http://www.nominum.com''.
33 */
34
35 #include "dhcpd.h"
36 #include <errno.h>
37 #include <limits.h>
38 #include <sys/time.h>
39
40 static void commit_leases_ackout(void *foo);
41 static void maybe_return_agent_options(struct packet *packet,
42 struct option_state *options);
43
44 int outstanding_pings;
45
46 struct leasequeue *ackqueue_head, *ackqueue_tail;
47 static struct leasequeue *free_ackqueue;
48 static struct timeval max_fsync;
49
50 int outstanding_acks;
51 int max_outstanding_acks = DEFAULT_DELAYED_ACK;
52 int max_ack_delay_secs = DEFAULT_ACK_DELAY_SECS;
53 int max_ack_delay_usecs = DEFAULT_ACK_DELAY_USECS;
54 int min_ack_delay_usecs = DEFAULT_MIN_ACK_DELAY_USECS;
55
56 static char dhcp_message [256];
57 static int site_code_min;
58
59 static int find_min_site_code(struct universe *);
60 static isc_result_t lowest_site_code(const void *, unsigned, void *);
61
62 static const char *dhcp_type_names [] = {
63 "DHCPDISCOVER",
64 "DHCPOFFER",
65 "DHCPREQUEST",
66 "DHCPDECLINE",
67 "DHCPACK",
68 "DHCPNAK",
69 "DHCPRELEASE",
70 "DHCPINFORM",
71 "type 9",
72 "DHCPLEASEQUERY",
73 "DHCPLEASEUNASSIGNED",
74 "DHCPLEASEUNKNOWN",
75 "DHCPLEASEACTIVE"
76 };
77 const int dhcp_type_name_max = ((sizeof dhcp_type_names) / sizeof (char *));
78
79 #if defined (TRACING)
80 # define send_packet trace_packet_send
81 #endif
82
83 void
84 dhcp (struct packet *packet) {
85 int ms_nulltp = 0;
86 struct option_cache *oc;
87 struct lease *lease = NULL;
88 const char *errmsg;
89 struct data_string data;
90
91 if (!locate_network(packet) &&
92 packet->packet_type != DHCPREQUEST &&
93 packet->packet_type != DHCPINFORM &&
94 packet->packet_type != DHCPLEASEQUERY) {
95 const char *s;
96 char typebuf[32];
97 errmsg = "unknown network segment";
98 bad_packet:
99
100 if (packet->packet_type > 0 &&
101 packet->packet_type <= dhcp_type_name_max) {
102 s = dhcp_type_names[packet->packet_type - 1];
103 } else {
104 /* %Audit% Cannot exceed 28 bytes. %2004.06.17,Safe% */
105 sprintf(typebuf, "type %d", packet->packet_type);
106 s = typebuf;
107 }
108
109 log_info("%s from %s via %s: %s", s,
110 (packet->raw->htype
111 ? print_hw_addr(packet->raw->htype,
112 packet->raw->hlen,
113 packet->raw->chaddr)
114 : "<no identifier>"),
115 packet->raw->giaddr.s_addr
116 ? inet_ntoa(packet->raw->giaddr)
117 : packet->interface->name, errmsg);
118 goto out;
119 }
120
121 /* There is a problem with the relay agent information option,
122 * which is that in order for a normal relay agent to append
123 * this option, the relay agent has to have been involved in
124 * getting the packet from the client to the server. Note
125 * that this is the software entity known as the relay agent,
126 * _not_ the hardware entity known as a router in which the
127 * relay agent may be running, so the fact that a router has
128 * forwarded a packet does not mean that the relay agent in
129 * the router was involved.
130 *
131 * So when the client broadcasts (DHCPDISCOVER, or giaddr is set),
132 * we can be sure that there are either agent options in the
133 * packet, or there aren't supposed to be. When the giaddr is not
134 * set, it's still possible that the client is on a directly
135 * attached subnet, and agent options are being appended by an l2
136 * device that has no address, and so sets no giaddr.
137 *
138 * But in either case it's possible that the packets we receive
139 * from the client in RENEW state may not include the agent options,
140 * so if they are not in the packet we must "pretend" the last values
141 * we observed were provided.
142 */
143 if (packet->packet_type == DHCPREQUEST &&
144 packet->raw->ciaddr.s_addr && !packet->raw->giaddr.s_addr &&
145 (packet->options->universe_count <= agent_universe.index ||
146 packet->options->universes[agent_universe.index] == NULL))
147 {
148 struct iaddr cip;
149
150 cip.len = sizeof packet -> raw -> ciaddr;
151 memcpy (cip.iabuf, &packet -> raw -> ciaddr,
152 sizeof packet -> raw -> ciaddr);
153 if (!find_lease_by_ip_addr (&lease, cip, MDL))
154 goto nolease;
155
156 /* If there are no agent options on the lease, it's not
157 interesting. */
158 if (!lease -> agent_options)
159 goto nolease;
160
161 /* The client should not be unicasting a renewal if its lease
162 has expired, so make it go through the process of getting
163 its agent options legally. */
164 if (lease -> ends < cur_time)
165 goto nolease;
166
167 if (lease -> uid_len) {
168 oc = lookup_option (&dhcp_universe, packet -> options,
169 DHO_DHCP_CLIENT_IDENTIFIER);
170 if (!oc)
171 goto nolease;
172
173 memset (&data, 0, sizeof data);
174 if (!evaluate_option_cache (&data,
175 packet, (struct lease *)0,
176 (struct client_state *)0,
177 packet -> options,
178 (struct option_state *)0,
179 &global_scope, oc, MDL))
180 goto nolease;
181 if (lease -> uid_len != data.len ||
182 memcmp (lease -> uid, data.data, data.len)) {
183 data_string_forget (&data, MDL);
184 goto nolease;
185 }
186 data_string_forget (&data, MDL);
187 } else
188 if ((lease -> hardware_addr.hbuf [0] !=
189 packet -> raw -> htype) ||
190 (lease -> hardware_addr.hlen - 1 !=
191 packet -> raw -> hlen) ||
192 memcmp (&lease -> hardware_addr.hbuf [1],
193 packet -> raw -> chaddr,
194 packet -> raw -> hlen))
195 goto nolease;
196
197 /* Okay, so we found a lease that matches the client. */
198 option_chain_head_reference ((struct option_chain_head **)
199 &(packet -> options -> universes
200 [agent_universe.index]),
201 lease -> agent_options, MDL);
202
203 if (packet->options->universe_count <= agent_universe.index)
204 packet->options->universe_count =
205 agent_universe.index + 1;
206
207 packet->agent_options_stashed = ISC_TRUE;
208 }
209 nolease:
210
211 /* If a client null terminates options it sends, it probably
212 * expects the server to reciprocate.
213 */
214 if ((oc = lookup_option (&dhcp_universe, packet -> options,
215 DHO_HOST_NAME))) {
216 if (!oc -> expression)
217 ms_nulltp = oc->flags & OPTION_HAD_NULLS;
218 }
219
220 /* Classify the client. */
221 classify_client (packet);
222
223 switch (packet -> packet_type) {
224 case DHCPDISCOVER:
225 dhcpdiscover (packet, ms_nulltp);
226 break;
227
228 case DHCPREQUEST:
229 dhcprequest (packet, ms_nulltp, lease);
230 break;
231
232 case DHCPRELEASE:
233 dhcprelease (packet, ms_nulltp);
234 break;
235
236 case DHCPDECLINE:
237 dhcpdecline (packet, ms_nulltp);
238 break;
239
240 case DHCPINFORM:
241 dhcpinform (packet, ms_nulltp);
242 break;
243
244 case DHCPLEASEQUERY:
245 dhcpleasequery(packet, ms_nulltp);
246 break;
247
248 case DHCPACK:
249 case DHCPOFFER:
250 case DHCPNAK:
251 case DHCPLEASEUNASSIGNED:
252 case DHCPLEASEUNKNOWN:
253 case DHCPLEASEACTIVE:
254 break;
255
256 default:
257 errmsg = "unknown packet type";
258 goto bad_packet;
259 }
260 out:
261 if (lease)
262 lease_dereference (&lease, MDL);
263 }
264
265 void dhcpdiscover (packet, ms_nulltp)
266 struct packet *packet;
267 int ms_nulltp;
268 {
269 struct lease *lease = (struct lease *)0;
270 char msgbuf [1024]; /* XXX */
271 TIME when;
272 const char *s;
273 int peer_has_leases = 0;
274 #if defined (FAILOVER_PROTOCOL)
275 dhcp_failover_state_t *peer;
276 #endif
277
278 find_lease (&lease, packet, packet -> shared_network,
279 0, &peer_has_leases, (struct lease *)0, MDL);
280
281 if (lease && lease -> client_hostname) {
282 if ((strlen (lease -> client_hostname) <= 64) &&
283 db_printable((unsigned char *)lease->client_hostname))
284 s = lease -> client_hostname;
285 else
286 s = "Hostname Unsuitable for Printing";
287 } else
288 s = (char *)0;
289
290 /* %Audit% This is log output. %2004.06.17,Safe%
291 * If we truncate we hope the user can get a hint from the log.
292 */
293 snprintf (msgbuf, sizeof msgbuf, "DHCPDISCOVER from %s %s%s%svia %s",
294 (packet -> raw -> htype
295 ? print_hw_addr (packet -> raw -> htype,
296 packet -> raw -> hlen,
297 packet -> raw -> chaddr)
298 : (lease
299 ? print_hex_1(lease->uid_len, lease->uid, 60)
300 : "<no identifier>")),
301 s ? "(" : "", s ? s : "", s ? ") " : "",
302 packet -> raw -> giaddr.s_addr
303 ? inet_ntoa (packet -> raw -> giaddr)
304 : packet -> interface -> name);
305
306 /* Sourceless packets don't make sense here. */
307 if (!packet -> shared_network) {
308 log_info ("Packet from unknown subnet: %s",
309 inet_ntoa (packet -> raw -> giaddr));
310 goto out;
311 }
312
313 #if defined (FAILOVER_PROTOCOL)
314 if (lease && lease -> pool && lease -> pool -> failover_peer) {
315 peer = lease -> pool -> failover_peer;
316
317 /*
318 * If the lease is ours to (re)allocate, then allocate it.
319 *
320 * If the lease is active, it belongs to the client. This
321 * is the right lease, if we are to offer one. We decide
322 * whether or not to offer later on.
323 *
324 * If the lease was last active, and we've reached this
325 * point, then it was last active with the same client. We
326 * can safely re-activate the lease with this client.
327 */
328 if (lease->binding_state == FTS_ACTIVE ||
329 lease->rewind_binding_state == FTS_ACTIVE ||
330 lease_mine_to_reallocate(lease)) {
331 ; /* This space intentionally left blank. */
332
333 /* Otherwise, we can't let the client have this lease. */
334 } else {
335 #if defined (DEBUG_FIND_LEASE)
336 log_debug ("discarding %s - %s",
337 piaddr (lease -> ip_addr),
338 binding_state_print (lease -> binding_state));
339 #endif
340 lease_dereference (&lease, MDL);
341 }
342 }
343 #endif
344
345 /* If we didn't find a lease, try to allocate one... */
346 if (!lease) {
347 if (!allocate_lease (&lease, packet,
348 packet -> shared_network -> pools,
349 &peer_has_leases)) {
350 if (peer_has_leases)
351 log_error ("%s: peer holds all free leases",
352 msgbuf);
353 else
354 log_error ("%s: network %s: no free leases",
355 msgbuf,
356 packet -> shared_network -> name);
357 return;
358 }
359 }
360
361 #if defined (FAILOVER_PROTOCOL)
362 if (lease && lease -> pool && lease -> pool -> failover_peer) {
363 peer = lease -> pool -> failover_peer;
364 if (peer -> service_state == not_responding ||
365 peer -> service_state == service_startup) {
366 log_info ("%s: not responding%s",
367 msgbuf, peer -> nrr);
368 goto out;
369 }
370 } else
371 peer = (dhcp_failover_state_t *)0;
372
373 /* Do load balancing if configured. */
374 if (peer && (peer -> service_state == cooperating) &&
375 !load_balance_mine (packet, peer)) {
376 if (peer_has_leases) {
377 log_debug ("%s: load balance to peer %s",
378 msgbuf, peer -> name);
379 goto out;
380 } else {
381 log_debug ("%s: cancel load balance to peer %s - %s",
382 msgbuf, peer -> name, "no free leases");
383 }
384 }
385 #endif
386
387 /* If it's an expired lease, get rid of any bindings. */
388 if (lease -> ends < cur_time && lease -> scope)
389 binding_scope_dereference (&lease -> scope, MDL);
390
391 /* Set the lease to really expire in 2 minutes, unless it has
392 not yet expired, in which case leave its expiry time alone. */
393 when = cur_time + 120;
394 if (when < lease -> ends)
395 when = lease -> ends;
396
397 ack_lease (packet, lease, DHCPOFFER, when, msgbuf, ms_nulltp,
398 (struct host_decl *)0);
399 out:
400 if (lease)
401 lease_dereference (&lease, MDL);
402 }
403
404 void dhcprequest (packet, ms_nulltp, ip_lease)
405 struct packet *packet;
406 int ms_nulltp;
407 struct lease *ip_lease;
408 {
409 struct lease *lease;
410 struct iaddr cip;
411 struct iaddr sip;
412 struct subnet *subnet;
413 int ours = 0;
414 struct option_cache *oc;
415 struct data_string data;
416 char msgbuf [1024]; /* XXX */
417 const char *s;
418 char smbuf [19];
419 #if defined (FAILOVER_PROTOCOL)
420 dhcp_failover_state_t *peer;
421 #endif
422 int have_server_identifier = 0;
423 int have_requested_addr = 0;
424
425 oc = lookup_option (&dhcp_universe, packet -> options,
426 DHO_DHCP_REQUESTED_ADDRESS);
427 memset (&data, 0, sizeof data);
428 if (oc &&
429 evaluate_option_cache (&data, packet, (struct lease *)0,
430 (struct client_state *)0,
431 packet -> options, (struct option_state *)0,
432 &global_scope, oc, MDL)) {
433 cip.len = 4;
434 memcpy (cip.iabuf, data.data, 4);
435 data_string_forget (&data, MDL);
436 have_requested_addr = 1;
437 } else {
438 oc = (struct option_cache *)0;
439 cip.len = 4;
440 memcpy (cip.iabuf, &packet -> raw -> ciaddr.s_addr, 4);
441 }
442
443 /* Find the lease that matches the address requested by the
444 client. */
445
446 subnet = (struct subnet *)0;
447 lease = (struct lease *)0;
448 if (find_subnet (&subnet, cip, MDL))
449 find_lease (&lease, packet,
450 subnet -> shared_network, &ours, 0, ip_lease, MDL);
451
452 if (lease && lease -> client_hostname) {
453 if ((strlen (lease -> client_hostname) <= 64) &&
454 db_printable((unsigned char *)lease->client_hostname))
455 s = lease -> client_hostname;
456 else
457 s = "Hostname Unsuitable for Printing";
458 } else
459 s = (char *)0;
460
461 oc = lookup_option (&dhcp_universe, packet -> options,
462 DHO_DHCP_SERVER_IDENTIFIER);
463 memset (&data, 0, sizeof data);
464 if (oc &&
465 evaluate_option_cache (&data, packet, (struct lease *)0,
466 (struct client_state *)0,
467 packet -> options, (struct option_state *)0,
468 &global_scope, oc, MDL)) {
469 sip.len = 4;
470 memcpy (sip.iabuf, data.data, 4);
471 data_string_forget (&data, MDL);
472 /* piaddr() should not return more than a 15 byte string.
473 * safe.
474 */
475 sprintf (smbuf, " (%s)", piaddr (sip));
476 have_server_identifier = 1;
477 } else
478 smbuf [0] = 0;
479
480 /* %Audit% This is log output. %2004.06.17,Safe%
481 * If we truncate we hope the user can get a hint from the log.
482 */
483 snprintf (msgbuf, sizeof msgbuf,
484 "DHCPREQUEST for %s%s from %s %s%s%svia %s",
485 piaddr (cip), smbuf,
486 (packet -> raw -> htype
487 ? print_hw_addr (packet -> raw -> htype,
488 packet -> raw -> hlen,
489 packet -> raw -> chaddr)
490 : (lease
491 ? print_hex_1(lease->uid_len, lease->uid, 60)
492 : "<no identifier>")),
493 s ? "(" : "", s ? s : "", s ? ") " : "",
494 packet -> raw -> giaddr.s_addr
495 ? inet_ntoa (packet -> raw -> giaddr)
496 : packet -> interface -> name);
497
498 #if defined (FAILOVER_PROTOCOL)
499 if (lease && lease -> pool && lease -> pool -> failover_peer) {
500 peer = lease -> pool -> failover_peer;
501 if (peer -> service_state == not_responding ||
502 peer -> service_state == service_startup) {
503 log_info ("%s: not responding%s",
504 msgbuf, peer -> nrr);
505 goto out;
506 }
507
508 /* "load balance to peer" - is not done at all for request.
509 *
510 * If it's RENEWING, we are the only server to hear it, so
511 * we have to serve it. If it's REBINDING, it's out of
512 * communication with the other server, so there's no point
513 * in waiting to serve it. However, if the lease we're
514 * offering is not a free lease, then we may be the only
515 * server that can offer it, so we can't load balance if
516 * the lease isn't in the free or backup state. If it is
517 * in the free or backup state, then that state is what
518 * mandates one server or the other should perform the
519 * allocation, not the LBA...we know the peer cannot
520 * allocate a request for an address in our free state.
521 *
522 * So our only compass is lease_mine_to_reallocate(). This
523 * effects both load balancing, and a sanity-check that we
524 * are not going to try to allocate a lease that isn't ours.
525 */
526 if ((lease -> binding_state == FTS_FREE ||
527 lease -> binding_state == FTS_BACKUP) &&
528 !lease_mine_to_reallocate (lease)) {
529 log_debug ("%s: lease owned by peer", msgbuf);
530 goto out;
531 }
532
533 /*
534 * If the lease is in a transitional state, we can't
535 * renew it unless we can rewind it to a non-transitional
536 * state (active, free, or backup). lease_mine_to_reallocate()
537 * checks for free/backup, so we only need to check for active.
538 */
539 if ((lease->binding_state == FTS_RELEASED ||
540 lease->binding_state == FTS_EXPIRED) &&
541 lease->rewind_binding_state != FTS_ACTIVE &&
542 !lease_mine_to_reallocate(lease)) {
543 log_debug("%s: lease in transition state %s", msgbuf,
544 (lease->binding_state == FTS_RELEASED)
545 ? "released" : "expired");
546 goto out;
547 }
548
549 /* It's actually very unlikely that we'll ever get here,
550 but if we do, tell the client to stop using the lease,
551 because the administrator reset it. */
552 if (lease -> binding_state == FTS_RESET &&
553 !lease_mine_to_reallocate (lease)) {
554 log_debug ("%s: lease reset by administrator", msgbuf);
555 nak_lease (packet, &cip);
556 goto out;
557 }
558
559 /* At this point it's possible that we will get a broadcast
560 DHCPREQUEST for a lease that we didn't offer, because
561 both we and the peer are in a position to offer it.
562 In that case, we probably shouldn't answer. In order
563 to not answer, we would have to compare the server
564 identifier sent by the client with the list of possible
565 server identifiers we can send, and if the client's
566 identifier isn't on the list, drop the DHCPREQUEST.
567 We aren't currently doing that for two reasons - first,
568 it's not clear that all clients do the right thing
569 with respect to sending the client identifier, which
570 could mean that we might simply not respond to a client
571 that is depending on us to respond. Secondly, we allow
572 the user to specify the server identifier to send, and
573 we don't enforce that the server identifier should be
574 one of our IP addresses. This is probably not a big
575 deal, but it's theoretically an issue.
576
577 The reason we care about this is that if both servers
578 send a DHCPACK to the DHCPREQUEST, they are then going
579 to send dueling BNDUPD messages, which could cause
580 trouble. I think it causes no harm, but it seems
581 wrong. */
582 } else
583 peer = (dhcp_failover_state_t *)0;
584 #endif
585
586 /* If a client on a given network REQUESTs a lease on an
587 address on a different network, NAK it. If the Requested
588 Address option was used, the protocol says that it must
589 have been broadcast, so we can trust the source network
590 information.
591
592 If ciaddr was specified and Requested Address was not, then
593 we really only know for sure what network a packet came from
594 if it came through a BOOTP gateway - if it came through an
595 IP router, we'll just have to assume that it's cool.
596
597 If we don't think we know where the packet came from, it
598 came through a gateway from an unknown network, so it's not
599 from a RENEWING client. If we recognize the network it
600 *thinks* it's on, we can NAK it even though we don't
601 recognize the network it's *actually* on; otherwise we just
602 have to ignore it.
603
604 We don't currently try to take advantage of access to the
605 raw packet, because it's not available on all platforms.
606 So a packet that was unicast to us through a router from a
607 RENEWING client is going to look exactly like a packet that
608 was broadcast to us from an INIT-REBOOT client.
609
610 Since we can't tell the difference between these two kinds
611 of packets, if the packet appears to have come in off the
612 local wire, we have to treat it as if it's a RENEWING
613 client. This means that we can't NAK a RENEWING client on
614 the local wire that has a bogus address. The good news is
615 that we won't ACK it either, so it should revert to INIT
616 state and send us a DHCPDISCOVER, which we *can* work with.
617
618 Because we can't detect that a RENEWING client is on the
619 wrong wire, it's going to sit there trying to renew until
620 it gets to the REBIND state, when we *can* NAK it because
621 the packet will get to us through a BOOTP gateway. We
622 shouldn't actually see DHCPREQUEST packets from RENEWING
623 clients on the wrong wire anyway, since their idea of their
624 local router will be wrong. In any case, the protocol
625 doesn't really allow us to NAK a DHCPREQUEST from a
626 RENEWING client, so we can punt on this issue. */
627
628 if (!packet -> shared_network ||
629 (packet -> raw -> ciaddr.s_addr &&
630 packet -> raw -> giaddr.s_addr) ||
631 (have_requested_addr && !packet -> raw -> ciaddr.s_addr)) {
632
633 /* If we don't know where it came from but we do know
634 where it claims to have come from, it didn't come
635 from there. */
636 if (!packet -> shared_network) {
637 if (subnet && subnet -> group -> authoritative) {
638 log_info ("%s: wrong network.", msgbuf);
639 nak_lease (packet, &cip);
640 goto out;
641 }
642 /* Otherwise, ignore it. */
643 log_info ("%s: ignored (%s).", msgbuf,
644 (subnet
645 ? "not authoritative" : "unknown subnet"));
646 goto out;
647 }
648
649 /* If we do know where it came from and it asked for an
650 address that is not on that shared network, nak it. */
651 if (subnet)
652 subnet_dereference (&subnet, MDL);
653 if (!find_grouped_subnet (&subnet, packet -> shared_network,
654 cip, MDL)) {
655 if (packet -> shared_network -> group -> authoritative)
656 {
657 log_info ("%s: wrong network.", msgbuf);
658 nak_lease (packet, &cip);
659 goto out;
660 }
661 log_info ("%s: ignored (not authoritative).", msgbuf);
662 return;
663 }
664 }
665
666 /* If the address the client asked for is ours, but it wasn't
667 available for the client, NAK it. */
668 if (!lease && ours) {
669 log_info ("%s: lease %s unavailable.", msgbuf, piaddr (cip));
670 nak_lease (packet, &cip);
671 goto out;
672 }
673
674 /* Otherwise, send the lease to the client if we found one. */
675 if (lease) {
676 ack_lease (packet, lease, DHCPACK, 0, msgbuf, ms_nulltp,
677 (struct host_decl *)0);
678 } else
679 log_info ("%s: unknown lease %s.", msgbuf, piaddr (cip));
680
681 out:
682 if (subnet)
683 subnet_dereference (&subnet, MDL);
684 if (lease)
685 lease_dereference (&lease, MDL);
686 return;
687 }
688
689 void dhcprelease (packet, ms_nulltp)
690 struct packet *packet;
691 int ms_nulltp;
692 {
693 struct lease *lease = (struct lease *)0, *next = (struct lease *)0;
694 struct iaddr cip;
695 struct option_cache *oc;
696 struct data_string data;
697 const char *s;
698 char msgbuf [1024], cstr[16]; /* XXX */
699
700
701 /* DHCPRELEASE must not specify address in requested-address
702 option, but old protocol specs weren't explicit about this,
703 so let it go. */
704 if ((oc = lookup_option (&dhcp_universe, packet -> options,
705 DHO_DHCP_REQUESTED_ADDRESS))) {
706 log_info ("DHCPRELEASE from %s specified requested-address.",
707 print_hw_addr (packet -> raw -> htype,
708 packet -> raw -> hlen,
709 packet -> raw -> chaddr));
710 }
711
712 oc = lookup_option (&dhcp_universe, packet -> options,
713 DHO_DHCP_CLIENT_IDENTIFIER);
714 memset (&data, 0, sizeof data);
715 if (oc &&
716 evaluate_option_cache (&data, packet, (struct lease *)0,
717 (struct client_state *)0,
718 packet -> options, (struct option_state *)0,
719 &global_scope, oc, MDL)) {
720 find_lease_by_uid (&lease, data.data, data.len, MDL);
721 data_string_forget (&data, MDL);
722
723 /* See if we can find a lease that matches the IP address
724 the client is claiming. */
725 while (lease) {
726 if (lease -> n_uid)
727 lease_reference (&next, lease -> n_uid, MDL);
728 if (!memcmp (&packet -> raw -> ciaddr,
729 lease -> ip_addr.iabuf, 4)) {
730 break;
731 }
732 lease_dereference (&lease, MDL);
733 if (next) {
734 lease_reference (&lease, next, MDL);
735 lease_dereference (&next, MDL);
736 }
737 }
738 if (next)
739 lease_dereference (&next, MDL);
740 }
741
742 /* The client is supposed to pass a valid client-identifier,
743 but the spec on this has changed historically, so try the
744 IP address in ciaddr if the client-identifier fails. */
745 if (!lease) {
746 cip.len = 4;
747 memcpy (cip.iabuf, &packet -> raw -> ciaddr, 4);
748 find_lease_by_ip_addr (&lease, cip, MDL);
749 }
750
751
752 /* If the hardware address doesn't match, don't do the release. */
753 if (lease &&
754 (lease -> hardware_addr.hlen != packet -> raw -> hlen + 1 ||
755 lease -> hardware_addr.hbuf [0] != packet -> raw -> htype ||
756 memcmp (&lease -> hardware_addr.hbuf [1],
757 packet -> raw -> chaddr, packet -> raw -> hlen)))
758 lease_dereference (&lease, MDL);
759
760 if (lease && lease -> client_hostname) {
761 if ((strlen (lease -> client_hostname) <= 64) &&
762 db_printable((unsigned char *)lease->client_hostname))
763 s = lease -> client_hostname;
764 else
765 s = "Hostname Unsuitable for Printing";
766 } else
767 s = (char *)0;
768
769 /* %Audit% Cannot exceed 16 bytes. %2004.06.17,Safe%
770 * We copy this out to stack because we actually want to log two
771 * inet_ntoa()'s in this message.
772 */
773 strncpy(cstr, inet_ntoa (packet -> raw -> ciaddr), 15);
774 cstr[15] = '\0';
775
776 /* %Audit% This is log output. %2004.06.17,Safe%
777 * If we truncate we hope the user can get a hint from the log.
778 */
779 snprintf (msgbuf, sizeof msgbuf,
780 "DHCPRELEASE of %s from %s %s%s%svia %s (%sfound)",
781 cstr,
782 (packet -> raw -> htype
783 ? print_hw_addr (packet -> raw -> htype,
784 packet -> raw -> hlen,
785 packet -> raw -> chaddr)
786 : (lease
787 ? print_hex_1(lease->uid_len, lease->uid, 60)
788 : "<no identifier>")),
789 s ? "(" : "", s ? s : "", s ? ") " : "",
790 packet -> raw -> giaddr.s_addr
791 ? inet_ntoa (packet -> raw -> giaddr)
792 : packet -> interface -> name,
793 lease ? "" : "not ");
794
795 #if defined (FAILOVER_PROTOCOL)
796 if (lease && lease -> pool && lease -> pool -> failover_peer) {
797 dhcp_failover_state_t *peer = lease -> pool -> failover_peer;
798 if (peer -> service_state == not_responding ||
799 peer -> service_state == service_startup) {
800 log_info ("%s: ignored%s",
801 peer -> name, peer -> nrr);
802 goto out;
803 }
804
805 /* DHCPRELEASE messages are unicast, so if the client
806 sent the DHCPRELEASE to us, it's not going to send it
807 to the peer. Not sure why this would happen, and
808 if it does happen I think we still have to change the
809 lease state, so that's what we're doing.
810 XXX See what it says in the draft about this. */
811 }
812 #endif
813
814 /* If we found a lease, release it. */
815 if (lease && lease -> ends > cur_time) {
816 release_lease (lease, packet);
817 }
818 log_info ("%s", msgbuf);
819 #if defined(FAILOVER_PROTOCOL)
820 out:
821 #endif
822 if (lease)
823 lease_dereference (&lease, MDL);
824 }
825
826 void dhcpdecline (packet, ms_nulltp)
827 struct packet *packet;
828 int ms_nulltp;
829 {
830 struct lease *lease = (struct lease *)0;
831 struct option_state *options = (struct option_state *)0;
832 int ignorep = 0;
833 int i;
834 const char *status;
835 const char *s;
836 char msgbuf [1024]; /* XXX */
837 struct iaddr cip;
838 struct option_cache *oc;
839 struct data_string data;
840
841 /* DHCPDECLINE must specify address. */
842 if (!(oc = lookup_option (&dhcp_universe, packet -> options,
843 DHO_DHCP_REQUESTED_ADDRESS)))
844 return;
845 memset (&data, 0, sizeof data);
846 if (!evaluate_option_cache (&data, packet, (struct lease *)0,
847 (struct client_state *)0,
848 packet -> options,
849 (struct option_state *)0,
850 &global_scope, oc, MDL))
851 return;
852
853 cip.len = 4;
854 memcpy (cip.iabuf, data.data, 4);
855 data_string_forget (&data, MDL);
856 find_lease_by_ip_addr (&lease, cip, MDL);
857
858 if (lease && lease -> client_hostname) {
859 if ((strlen (lease -> client_hostname) <= 64) &&
860 db_printable((unsigned char *)lease->client_hostname))
861 s = lease -> client_hostname;
862 else
863 s = "Hostname Unsuitable for Printing";
864 } else
865 s = (char *)0;
866
867 /* %Audit% This is log output. %2004.06.17,Safe%
868 * If we truncate we hope the user can get a hint from the log.
869 */
870 snprintf (msgbuf, sizeof msgbuf,
871 "DHCPDECLINE of %s from %s %s%s%svia %s",
872 piaddr (cip),
873 (packet -> raw -> htype
874 ? print_hw_addr (packet -> raw -> htype,
875 packet -> raw -> hlen,
876 packet -> raw -> chaddr)
877 : (lease
878 ? print_hex_1(lease->uid_len, lease->uid, 60)
879 : "<no identifier>")),
880 s ? "(" : "", s ? s : "", s ? ") " : "",
881 packet -> raw -> giaddr.s_addr
882 ? inet_ntoa (packet -> raw -> giaddr)
883 : packet -> interface -> name);
884
885 option_state_allocate (&options, MDL);
886
887 /* Execute statements in scope starting with the subnet scope. */
888 if (lease)
889 execute_statements_in_scope ((struct binding_value **)0,
890 packet, (struct lease *)0,
891 (struct client_state *)0,
892 packet -> options, options,
893 &global_scope,
894 lease -> subnet -> group,
895 (struct group *)0);
896
897 /* Execute statements in the class scopes. */
898 for (i = packet -> class_count; i > 0; i--) {
899 execute_statements_in_scope
900 ((struct binding_value **)0, packet, (struct lease *)0,
901 (struct client_state *)0, packet -> options, options,
902 &global_scope, packet -> classes [i - 1] -> group,
903 lease ? lease -> subnet -> group : (struct group *)0);
904 }
905
906 /* Drop the request if dhcpdeclines are being ignored. */
907 oc = lookup_option (&server_universe, options, SV_DECLINES);
908 if (!oc ||
909 evaluate_boolean_option_cache (&ignorep, packet, lease,
910 (struct client_state *)0,
911 packet -> options, options,
912 &lease -> scope, oc, MDL)) {
913 /* If we found a lease, mark it as unusable and complain. */
914 if (lease) {
915 #if defined (FAILOVER_PROTOCOL)
916 if (lease -> pool && lease -> pool -> failover_peer) {
917 dhcp_failover_state_t *peer =
918 lease -> pool -> failover_peer;
919 if (peer -> service_state == not_responding ||
920 peer -> service_state == service_startup) {
921 if (!ignorep)
922 log_info ("%s: ignored%s",
923 peer -> name, peer -> nrr);
924 goto out;
925 }
926
927 /* DHCPDECLINE messages are broadcast, so we can safely
928 ignore the DHCPDECLINE if the peer has the lease.
929 XXX Of course, at this point that information has been
930 lost. */
931 }
932 #endif
933
934 abandon_lease (lease, "declined.");
935 status = "abandoned";
936 } else {
937 status = "not found";
938 }
939 } else
940 status = "ignored";
941
942 if (!ignorep)
943 log_info ("%s: %s", msgbuf, status);
944
945 #if defined(FAILOVER_PROTOCOL)
946 out:
947 #endif
948 if (options)
949 option_state_dereference (&options, MDL);
950 if (lease)
951 lease_dereference (&lease, MDL);
952 }
953
954 void dhcpinform (packet, ms_nulltp)
955 struct packet *packet;
956 int ms_nulltp;
957 {
958 char msgbuf [1024];
959 struct data_string d1, prl;
960 struct option_cache *oc;
961 struct option_state *options = (struct option_state *)0;
962 struct dhcp_packet raw;
963 struct packet outgoing;
964 unsigned char dhcpack = DHCPACK;
965 struct subnet *subnet = NULL;
966 struct iaddr cip, gip;
967 unsigned i;
968 int nulltp;
969 struct sockaddr_in to;
970 struct in_addr from;
971 isc_boolean_t zeroed_ciaddr;
972
973 /* The client should set ciaddr to its IP address, but apparently
974 it's common for clients not to do this, so we'll use their IP
975 source address if they didn't set ciaddr. */
976 if (!packet -> raw -> ciaddr.s_addr) {
977 zeroed_ciaddr = ISC_TRUE;
978 cip.len = 4;
979 memcpy (cip.iabuf, &packet -> client_addr.iabuf, 4);
980 } else {
981 zeroed_ciaddr = ISC_FALSE;
982 cip.len = 4;
983 memcpy (cip.iabuf, &packet -> raw -> ciaddr, 4);
984 }
985
986 if (packet->raw->giaddr.s_addr) {
987 gip.len = 4;
988 memcpy(gip.iabuf, &packet->raw->giaddr, 4);
989 } else
990 gip.len = 0;
991
992 /* %Audit% This is log output. %2004.06.17,Safe%
993 * If we truncate we hope the user can get a hint from the log.
994 */
995 snprintf (msgbuf, sizeof msgbuf, "DHCPINFORM from %s via %s",
996 piaddr (cip), packet->raw->giaddr.s_addr ?
997 inet_ntoa(packet->raw->giaddr) :
998 packet -> interface -> name);
999
1000 /* If the IP source address is zero, don't respond. */
1001 if (!memcmp (cip.iabuf, "\0\0\0", 4)) {
1002 log_info ("%s: ignored (null source address).", msgbuf);
1003 return;
1004 }
1005
1006 /* Find the subnet that the client is on. */
1007 if (zeroed_ciaddr && (gip.len != 0)) {
1008 /* XXX - do subnet selection relay agent suboption here */
1009 find_subnet(&subnet, gip, MDL);
1010
1011 if (subnet == NULL) {
1012 log_info("%s: unknown subnet for relay address %s",
1013 msgbuf, piaddr(gip));
1014 return;
1015 }
1016 } else {
1017 /* XXX - do subnet selection (not relay agent) option here */
1018 find_subnet(&subnet, cip, MDL);
1019
1020 if (subnet == NULL) {
1021 log_info("%s: unknown subnet for %s address %s",
1022 msgbuf, zeroed_ciaddr ? "source" : "client",
1023 piaddr(cip));
1024 return;
1025 }
1026 }
1027
1028 /* We don't respond to DHCPINFORM packets if we're not authoritative.
1029 It would be nice if a per-host value could override this, but
1030 there's overhead involved in checking this, so let's see how people
1031 react first. */
1032 if (subnet && !subnet -> group -> authoritative) {
1033 static int eso = 0;
1034 log_info ("%s: not authoritative for subnet %s",
1035 msgbuf, piaddr (subnet -> net));
1036 if (!eso) {
1037 log_info ("If this DHCP server is authoritative for%s",
1038 " that subnet,");
1039 log_info ("please write an `authoritative;' directi%s",
1040 "ve either in the");
1041 log_info ("subnet declaration or in some scope that%s",
1042 " encloses the");
1043 log_info ("subnet declaration - for example, write %s",
1044 "it at the top");
1045 log_info ("of the dhcpd.conf file.");
1046 }
1047 if (eso++ == 100)
1048 eso = 0;
1049 subnet_dereference (&subnet, MDL);
1050 return;
1051 }
1052
1053 option_state_allocate (&options, MDL);
1054 memset (&outgoing, 0, sizeof outgoing);
1055 memset (&raw, 0, sizeof raw);
1056 outgoing.raw = &raw;
1057
1058 maybe_return_agent_options(packet, options);
1059
1060 /* Execute statements in scope starting with the subnet scope. */
1061 if (subnet)
1062 execute_statements_in_scope ((struct binding_value **)0,
1063 packet, (struct lease *)0,
1064 (struct client_state *)0,
1065 packet -> options, options,
1066 &global_scope, subnet -> group,
1067 (struct group *)0);
1068
1069 /* Execute statements in the class scopes. */
1070 for (i = packet -> class_count; i > 0; i--) {
1071 execute_statements_in_scope
1072 ((struct binding_value **)0, packet, (struct lease *)0,
1073 (struct client_state *)0, packet -> options, options,
1074 &global_scope, packet -> classes [i - 1] -> group,
1075 subnet ? subnet -> group : (struct group *)0);
1076 }
1077
1078 /* Figure out the filename. */
1079 memset (&d1, 0, sizeof d1);
1080 oc = lookup_option (&server_universe, options, SV_FILENAME);
1081 if (oc &&
1082 evaluate_option_cache (&d1, packet, (struct lease *)0,
1083 (struct client_state *)0,
1084 packet -> options, (struct option_state *)0,
1085 &global_scope, oc, MDL)) {
1086 i = d1.len;
1087 if (i >= sizeof(raw.file)) {
1088 log_info("file name longer than packet field "
1089 "truncated - field: %lu name: %d %.*s",
1090 (unsigned long)sizeof(raw.file), i,
1091 (int)i, d1.data);
1092 i = sizeof(raw.file);
1093 } else
1094 raw.file[i] = 0;
1095 memcpy (raw.file, d1.data, i);
1096 data_string_forget (&d1, MDL);
1097 }
1098
1099 /* Choose a server name as above. */
1100 oc = lookup_option (&server_universe, options, SV_SERVER_NAME);
1101 if (oc &&
1102 evaluate_option_cache (&d1, packet, (struct lease *)0,
1103 (struct client_state *)0,
1104 packet -> options, (struct option_state *)0,
1105 &global_scope, oc, MDL)) {
1106 i = d1.len;
1107 if (i >= sizeof(raw.sname)) {
1108 log_info("server name longer than packet field "
1109 "truncated - field: %lu name: %d %.*s",
1110 (unsigned long)sizeof(raw.sname), i,
1111 (int)i, d1.data);
1112 i = sizeof(raw.sname);
1113 } else
1114 raw.sname[i] = 0;
1115 memcpy (raw.sname, d1.data, i);
1116 data_string_forget (&d1, MDL);
1117 }
1118
1119 /* Set a flag if this client is a lame Microsoft client that NUL
1120 terminates string options and expects us to do likewise. */
1121 nulltp = 0;
1122 if ((oc = lookup_option (&dhcp_universe, packet -> options,
1123 DHO_HOST_NAME))) {
1124 if (!oc->expression)
1125 nulltp = oc->flags & OPTION_HAD_NULLS;
1126 }
1127
1128 /* Put in DHCP-specific options. */
1129 i = DHO_DHCP_MESSAGE_TYPE;
1130 oc = (struct option_cache *)0;
1131 if (option_cache_allocate (&oc, MDL)) {
1132 if (make_const_data (&oc -> expression,
1133 &dhcpack, 1, 0, 0, MDL)) {
1134 option_code_hash_lookup(&oc->option,
1135 dhcp_universe.code_hash,
1136 &i, 0, MDL);
1137 save_option (&dhcp_universe, options, oc);
1138 }
1139 option_cache_dereference (&oc, MDL);
1140 }
1141
1142 get_server_source_address(&from, options, packet);
1143
1144 /* Use the subnet mask from the subnet declaration if no other
1145 mask has been provided. */
1146 i = DHO_SUBNET_MASK;
1147 if (subnet && !lookup_option (&dhcp_universe, options, i)) {
1148 oc = (struct option_cache *)0;
1149 if (option_cache_allocate (&oc, MDL)) {
1150 if (make_const_data (&oc -> expression,
1151 subnet -> netmask.iabuf,
1152 subnet -> netmask.len,
1153 0, 0, MDL)) {
1154 option_code_hash_lookup(&oc->option,
1155 dhcp_universe.code_hash,
1156 &i, 0, MDL);
1157 save_option (&dhcp_universe, options, oc);
1158 }
1159 option_cache_dereference (&oc, MDL);
1160 }
1161 }
1162
1163 /* If a site option space has been specified, use that for
1164 site option codes. */
1165 i = SV_SITE_OPTION_SPACE;
1166 if ((oc = lookup_option (&server_universe, options, i)) &&
1167 evaluate_option_cache (&d1, packet, (struct lease *)0,
1168 (struct client_state *)0,
1169 packet -> options, options,
1170 &global_scope, oc, MDL)) {
1171 struct universe *u = (struct universe *)0;
1172
1173 if (!universe_hash_lookup (&u, universe_hash,
1174 (const char *)d1.data, d1.len,
1175 MDL)) {
1176 log_error ("unknown option space %s.", d1.data);
1177 option_state_dereference (&options, MDL);
1178 if (subnet)
1179 subnet_dereference (&subnet, MDL);
1180 return;
1181 }
1182
1183 options -> site_universe = u -> index;
1184 options->site_code_min = find_min_site_code(u);
1185 data_string_forget (&d1, MDL);
1186 } else {
1187 options -> site_universe = dhcp_universe.index;
1188 options -> site_code_min = 0; /* Trust me, it works. */
1189 }
1190
1191 memset (&prl, 0, sizeof prl);
1192
1193 /* Use the parameter list from the scope if there is one. */
1194 oc = lookup_option (&dhcp_universe, options,
1195 DHO_DHCP_PARAMETER_REQUEST_LIST);
1196
1197 /* Otherwise, if the client has provided a list of options
1198 that it wishes returned, use it to prioritize. Otherwise,
1199 prioritize based on the default priority list. */
1200
1201 if (!oc)
1202 oc = lookup_option (&dhcp_universe, packet -> options,
1203 DHO_DHCP_PARAMETER_REQUEST_LIST);
1204
1205 if (oc)
1206 evaluate_option_cache (&prl, packet, (struct lease *)0,
1207 (struct client_state *)0,
1208 packet -> options, options,
1209 &global_scope, oc, MDL);
1210
1211 #ifdef DEBUG_PACKET
1212 dump_packet (packet);
1213 dump_raw ((unsigned char *)packet -> raw, packet -> packet_length);
1214 #endif
1215
1216 log_info ("%s", msgbuf);
1217
1218 /* Figure out the address of the boot file server. */
1219 if ((oc =
1220 lookup_option (&server_universe, options, SV_NEXT_SERVER))) {
1221 if (evaluate_option_cache (&d1, packet, (struct lease *)0,
1222 (struct client_state *)0,
1223 packet -> options, options,
1224 &global_scope, oc, MDL)) {
1225 /* If there was more than one answer,
1226 take the first. */
1227 if (d1.len >= 4 && d1.data)
1228 memcpy (&raw.siaddr, d1.data, 4);
1229 data_string_forget (&d1, MDL);
1230 }
1231 }
1232
1233 /*
1234 * Remove any time options, per section 3.4 RFC 2131
1235 */
1236 delete_option(&dhcp_universe, options, DHO_DHCP_LEASE_TIME);
1237 delete_option(&dhcp_universe, options, DHO_DHCP_RENEWAL_TIME);
1238 delete_option(&dhcp_universe, options, DHO_DHCP_REBINDING_TIME);
1239
1240 /* Set up the option buffer... */
1241 outgoing.packet_length =
1242 cons_options (packet, outgoing.raw, (struct lease *)0,
1243 (struct client_state *)0,
1244 0, packet -> options, options, &global_scope,
1245 0, nulltp, 0,
1246 prl.len ? &prl : (struct data_string *)0,
1247 (char *)0);
1248 option_state_dereference (&options, MDL);
1249 data_string_forget (&prl, MDL);
1250
1251 /* Make sure that the packet is at least as big as a BOOTP packet. */
1252 if (outgoing.packet_length < BOOTP_MIN_LEN)
1253 outgoing.packet_length = BOOTP_MIN_LEN;
1254
1255 raw.giaddr = packet -> raw -> giaddr;
1256 raw.ciaddr = packet -> raw -> ciaddr;
1257 memcpy (raw.chaddr, packet -> raw -> chaddr, sizeof raw.chaddr);
1258 raw.hlen = packet -> raw -> hlen;
1259 raw.htype = packet -> raw -> htype;
1260
1261 raw.xid = packet -> raw -> xid;
1262 raw.secs = packet -> raw -> secs;
1263 raw.flags = packet -> raw -> flags;
1264 raw.hops = packet -> raw -> hops;
1265 raw.op = BOOTREPLY;
1266
1267 #ifdef DEBUG_PACKET
1268 dump_packet (&outgoing);
1269 dump_raw ((unsigned char *)&raw, outgoing.packet_length);
1270 #endif
1271
1272 /* Set up the common stuff... */
1273 to.sin_family = AF_INET;
1274 #ifdef HAVE_SA_LEN
1275 to.sin_len = sizeof to;
1276 #endif
1277 memset (to.sin_zero, 0, sizeof to.sin_zero);
1278
1279 /* RFC2131 states the server SHOULD unciast to ciaddr.
1280 * There are two wrinkles - relays, and when ciaddr is zero.
1281 * There's actually no mention of relays at all in rfc2131 in
1282 * regard to DHCPINFORM, except to say we might get packets from
1283 * clients via them. Note: relays unicast to clients to the
1284 * "yiaddr" address, which servers are forbidden to set when
1285 * answering an inform.
1286 *
1287 * The solution: If ciaddr is zero, and giaddr is set, go via the
1288 * relay with the broadcast flag set to help the relay (with no
1289 * yiaddr and very likely no chaddr, it will have no idea where to
1290 * send the packet).
1291 *
1292 * If the ciaddr is zero and giaddr is not set, go via the source
1293 * IP address (but you are permitted to barf on their shoes).
1294 *
1295 * If ciaddr is not zero, send the packet there always.
1296 */
1297 if (!raw.ciaddr.s_addr && gip.len) {
1298 memcpy(&to.sin_addr, gip.iabuf, 4);
1299 to.sin_port = local_port;
1300 raw.flags |= htons(BOOTP_BROADCAST);
1301 } else {
1302 gip.len = 0;
1303 memcpy(&to.sin_addr, cip.iabuf, 4);
1304 to.sin_port = remote_port;
1305 }
1306
1307 /* Report what we're sending. */
1308 snprintf(msgbuf, sizeof msgbuf, "DHCPACK to %s (%s) via", piaddr(cip),
1309 (packet->raw->htype && packet->raw->hlen) ?
1310 print_hw_addr(packet->raw->htype, packet->raw->hlen,
1311 packet->raw->chaddr) :
1312 "<no client hardware address>");
1313 log_info("%s %s", msgbuf, gip.len ? piaddr(gip) :
1314 packet->interface->name);
1315
1316 errno = 0;
1317 send_packet ((fallback_interface
1318 ? fallback_interface : packet -> interface),
1319 &outgoing, &raw, outgoing.packet_length,
1320 from, &to, (struct hardware *)0);
1321 if (subnet)
1322 subnet_dereference (&subnet, MDL);
1323 }
1324
1325 void nak_lease (packet, cip)
1326 struct packet *packet;
1327 struct iaddr *cip;
1328 {
1329 struct sockaddr_in to;
1330 struct in_addr from;
1331 int result;
1332 struct dhcp_packet raw;
1333 unsigned char nak = DHCPNAK;
1334 struct packet outgoing;
1335 unsigned i;
1336 struct option_state *options = (struct option_state *)0;
1337 struct option_cache *oc = (struct option_cache *)0;
1338
1339 option_state_allocate (&options, MDL);
1340 memset (&outgoing, 0, sizeof outgoing);
1341 memset (&raw, 0, sizeof raw);
1342 outgoing.raw = &raw;
1343
1344 /* Set DHCP_MESSAGE_TYPE to DHCPNAK */
1345 if (!option_cache_allocate (&oc, MDL)) {
1346 log_error ("No memory for DHCPNAK message type.");
1347 option_state_dereference (&options, MDL);
1348 return;
1349 }
1350 if (!make_const_data (&oc -> expression, &nak, sizeof nak,
1351 0, 0, MDL)) {
1352 log_error ("No memory for expr_const expression.");
1353 option_cache_dereference (&oc, MDL);
1354 option_state_dereference (&options, MDL);
1355 return;
1356 }
1357 i = DHO_DHCP_MESSAGE_TYPE;
1358 option_code_hash_lookup(&oc->option, dhcp_universe.code_hash,
1359 &i, 0, MDL);
1360 save_option (&dhcp_universe, options, oc);
1361 option_cache_dereference (&oc, MDL);
1362
1363 /* Set DHCP_MESSAGE to whatever the message is */
1364 if (!option_cache_allocate (&oc, MDL)) {
1365 log_error ("No memory for DHCPNAK message type.");
1366 option_state_dereference (&options, MDL);
1367 return;
1368 }
1369 if (!make_const_data (&oc -> expression,
1370 (unsigned char *)dhcp_message,
1371 strlen (dhcp_message), 1, 0, MDL)) {
1372 log_error ("No memory for expr_const expression.");
1373 option_cache_dereference (&oc, MDL);
1374 option_state_dereference (&options, MDL);
1375 return;
1376 }
1377 i = DHO_DHCP_MESSAGE;
1378 option_code_hash_lookup(&oc->option, dhcp_universe.code_hash,
1379 &i, 0, MDL);
1380 save_option (&dhcp_universe, options, oc);
1381 option_cache_dereference (&oc, MDL);
1382
1383 get_server_source_address(&from, options, packet);
1384
1385 /* If there were agent options in the incoming packet, return
1386 * them. We do not check giaddr to detect the presence of a
1387 * relay, as this excludes "l2" relay agents which have no
1388 * giaddr to set.
1389 */
1390 if (packet->options->universe_count > agent_universe.index &&
1391 packet->options->universes [agent_universe.index]) {
1392 option_chain_head_reference
1393 ((struct option_chain_head **)
1394 &(options -> universes [agent_universe.index]),
1395 (struct option_chain_head *)
1396 packet -> options -> universes [agent_universe.index],
1397 MDL);
1398 }
1399
1400 /* Do not use the client's requested parameter list. */
1401 delete_option (&dhcp_universe, packet -> options,
1402 DHO_DHCP_PARAMETER_REQUEST_LIST);
1403
1404 /* Set up the option buffer... */
1405 outgoing.packet_length =
1406 cons_options (packet, outgoing.raw, (struct lease *)0,
1407 (struct client_state *)0,
1408 0, packet -> options, options, &global_scope,
1409 0, 0, 0, (struct data_string *)0, (char *)0);
1410 option_state_dereference (&options, MDL);
1411
1412 /* memset (&raw.ciaddr, 0, sizeof raw.ciaddr);*/
1413 if (packet->interface->address_count)
1414 raw.siaddr = packet->interface->addresses[0];
1415 raw.giaddr = packet -> raw -> giaddr;
1416 memcpy (raw.chaddr, packet -> raw -> chaddr, sizeof raw.chaddr);
1417 raw.hlen = packet -> raw -> hlen;
1418 raw.htype = packet -> raw -> htype;
1419
1420 raw.xid = packet -> raw -> xid;
1421 raw.secs = packet -> raw -> secs;
1422 raw.flags = packet -> raw -> flags | htons (BOOTP_BROADCAST);
1423 raw.hops = packet -> raw -> hops;
1424 raw.op = BOOTREPLY;
1425
1426 /* Report what we're sending... */
1427 log_info ("DHCPNAK on %s to %s via %s",
1428 piaddr (*cip),
1429 print_hw_addr (packet -> raw -> htype,
1430 packet -> raw -> hlen,
1431 packet -> raw -> chaddr),
1432 packet -> raw -> giaddr.s_addr
1433 ? inet_ntoa (packet -> raw -> giaddr)
1434 : packet -> interface -> name);
1435
1436 #ifdef DEBUG_PACKET
1437 dump_packet (packet);
1438 dump_raw ((unsigned char *)packet -> raw, packet -> packet_length);
1439 dump_packet (&outgoing);
1440 dump_raw ((unsigned char *)&raw, outgoing.packet_length);
1441 #endif
1442
1443 /* Set up the common stuff... */
1444 to.sin_family = AF_INET;
1445 #ifdef HAVE_SA_LEN
1446 to.sin_len = sizeof to;
1447 #endif
1448 memset (to.sin_zero, 0, sizeof to.sin_zero);
1449
1450 /* Make sure that the packet is at least as big as a BOOTP packet. */
1451 if (outgoing.packet_length < BOOTP_MIN_LEN)
1452 outgoing.packet_length = BOOTP_MIN_LEN;
1453
1454 /* If this was gatewayed, send it back to the gateway.
1455 Otherwise, broadcast it on the local network. */
1456 if (raw.giaddr.s_addr) {
1457 to.sin_addr = raw.giaddr;
1458 if (raw.giaddr.s_addr != htonl (INADDR_LOOPBACK))
1459 to.sin_port = local_port;
1460 else
1461 to.sin_port = remote_port; /* for testing. */
1462
1463 if (fallback_interface) {
1464 result = send_packet(fallback_interface, packet, &raw,
1465 outgoing.packet_length, from, &to,
1466 NULL);
1467 return;
1468 }
1469 } else {
1470 to.sin_addr = limited_broadcast;
1471 to.sin_port = remote_port;
1472 }
1473
1474 errno = 0;
1475 result = send_packet(packet->interface, packet, &raw,
1476 outgoing.packet_length, from, &to, NULL);
1477 }
1478
1479 void ack_lease (packet, lease, offer, when, msg, ms_nulltp, hp)
1480 struct packet *packet;
1481 struct lease *lease;
1482 unsigned int offer;
1483 TIME when;
1484 char *msg;
1485 int ms_nulltp;
1486 struct host_decl *hp;
1487 {
1488 struct lease *lt;
1489 struct lease_state *state;
1490 struct lease *next;
1491 struct host_decl *host = (struct host_decl *)0;
1492 TIME lease_time;
1493 TIME offered_lease_time;
1494 struct data_string d1;
1495 TIME min_lease_time;
1496 TIME max_lease_time;
1497 TIME default_lease_time;
1498 struct option_cache *oc;
1499 isc_result_t result;
1500 TIME ping_timeout;
1501 TIME lease_cltt;
1502 struct in_addr from;
1503 TIME remaining_time;
1504 struct iaddr cip;
1505
1506 unsigned i, j;
1507 int s1;
1508 int ignorep;
1509 struct timeval tv;
1510
1511 /* If we're already acking this lease, don't do it again. */
1512 if (lease -> state)
1513 return;
1514
1515 /* Save original cltt for comparison later. */
1516 lease_cltt = lease->cltt;
1517
1518 /* If the lease carries a host record, remember it. */
1519 if (hp)
1520 host_reference (&host, hp, MDL);
1521 else if (lease -> host)
1522 host_reference (&host, lease -> host, MDL);
1523
1524 /* Allocate a lease state structure... */
1525 state = new_lease_state (MDL);
1526 if (!state)
1527 log_fatal ("unable to allocate lease state!");
1528 state -> got_requested_address = packet -> got_requested_address;
1529 shared_network_reference (&state -> shared_network,
1530 packet -> interface -> shared_network, MDL);
1531
1532 /* See if we got a server identifier option. */
1533 if (lookup_option (&dhcp_universe,
1534 packet -> options, DHO_DHCP_SERVER_IDENTIFIER))
1535 state -> got_server_identifier = 1;
1536
1537 maybe_return_agent_options(packet, state->options);
1538
1539 /* If we are offering a lease that is still currently valid, preserve
1540 the events. We need to do this because if the client does not
1541 REQUEST our offer, it will expire in 2 minutes, overriding the
1542 expire time in the currently in force lease. We want the expire
1543 events to be executed at that point. */
1544 if (lease -> ends <= cur_time && offer != DHCPOFFER) {
1545 /* Get rid of any old expiry or release statements - by
1546 executing the statements below, we will be inserting new
1547 ones if there are any to insert. */
1548 if (lease -> on_expiry)
1549 executable_statement_dereference (&lease -> on_expiry,
1550 MDL);
1551 if (lease -> on_commit)
1552 executable_statement_dereference (&lease -> on_commit,
1553 MDL);
1554 if (lease -> on_release)
1555 executable_statement_dereference (&lease -> on_release,
1556 MDL);
1557 }
1558
1559 /* Execute statements in scope starting with the subnet scope. */
1560 execute_statements_in_scope ((struct binding_value **)0,
1561 packet, lease, (struct client_state *)0,
1562 packet -> options,
1563 state -> options, &lease -> scope,
1564 lease -> subnet -> group,
1565 (struct group *)0);
1566
1567 /* If the lease is from a pool, run the pool scope. */
1568 if (lease -> pool)
1569 (execute_statements_in_scope
1570 ((struct binding_value **)0, packet, lease,
1571 (struct client_state *)0, packet -> options,
1572 state -> options, &lease -> scope, lease -> pool -> group,
1573 lease -> pool -> shared_network -> group));
1574
1575 /* Execute statements from class scopes. */
1576 for (i = packet -> class_count; i > 0; i--) {
1577 execute_statements_in_scope
1578 ((struct binding_value **)0,
1579 packet, lease, (struct client_state *)0,
1580 packet -> options, state -> options,
1581 &lease -> scope, packet -> classes [i - 1] -> group,
1582 (lease -> pool
1583 ? lease -> pool -> group
1584 : lease -> subnet -> group));
1585 }
1586
1587 /* See if the client is only supposed to have one lease at a time,
1588 and if so, find its other leases and release them. We can only
1589 do this on DHCPREQUEST. It's a little weird to do this before
1590 looking at permissions, because the client might not actually
1591 _get_ a lease after we've done the permission check, but the
1592 assumption for this option is that the client has exactly one
1593 network interface, and will only ever remember one lease. So
1594 if it sends a DHCPREQUEST, and doesn't get the lease, it's already
1595 forgotten about its old lease, so we can too. */
1596 if (packet -> packet_type == DHCPREQUEST &&
1597 (oc = lookup_option (&server_universe, state -> options,
1598 SV_ONE_LEASE_PER_CLIENT)) &&
1599 evaluate_boolean_option_cache (&ignorep,
1600 packet, lease,
1601 (struct client_state *)0,
1602 packet -> options,
1603 state -> options, &lease -> scope,
1604 oc, MDL)) {
1605 struct lease *seek;
1606 if (lease -> uid_len) {
1607 do {
1608 seek = (struct lease *)0;
1609 find_lease_by_uid (&seek, lease -> uid,
1610 lease -> uid_len, MDL);
1611 if (!seek)
1612 break;
1613 if (seek == lease && !seek -> n_uid) {
1614 lease_dereference (&seek, MDL);
1615 break;
1616 }
1617 next = (struct lease *)0;
1618
1619 /* Don't release expired leases, and don't
1620 release the lease we're going to assign. */
1621 next = (struct lease *)0;
1622 while (seek) {
1623 if (seek -> n_uid)
1624 lease_reference (&next, seek -> n_uid, MDL);
1625 if (seek != lease &&
1626 seek -> binding_state != FTS_RELEASED &&
1627 seek -> binding_state != FTS_EXPIRED &&
1628 seek -> binding_state != FTS_RESET &&
1629 seek -> binding_state != FTS_FREE &&
1630 seek -> binding_state != FTS_BACKUP)
1631 break;
1632 lease_dereference (&seek, MDL);
1633 if (next) {
1634 lease_reference (&seek, next, MDL);
1635 lease_dereference (&next, MDL);
1636 }
1637 }
1638 if (next)
1639 lease_dereference (&next, MDL);
1640 if (seek) {
1641 release_lease (seek, packet);
1642 lease_dereference (&seek, MDL);
1643 } else
1644 break;
1645 } while (1);
1646 }
1647 if (!lease -> uid_len ||
1648 (host &&
1649 !host -> client_identifier.len &&
1650 (oc = lookup_option (&server_universe, state -> options,
1651 SV_DUPLICATES)) &&
1652 !evaluate_boolean_option_cache (&ignorep, packet, lease,
1653 (struct client_state *)0,
1654 packet -> options,
1655 state -> options,
1656 &lease -> scope,
1657 oc, MDL))) {
1658 do {
1659 seek = (struct lease *)0;
1660 find_lease_by_hw_addr
1661 (&seek, lease -> hardware_addr.hbuf,
1662 lease -> hardware_addr.hlen, MDL);
1663 if (!seek)
1664 break;
1665 if (seek == lease && !seek -> n_hw) {
1666 lease_dereference (&seek, MDL);
1667 break;
1668 }
1669 next = (struct lease *)0;
1670 while (seek) {
1671 if (seek -> n_hw)
1672 lease_reference (&next, seek -> n_hw, MDL);
1673 if (seek != lease &&
1674 seek -> binding_state != FTS_RELEASED &&
1675 seek -> binding_state != FTS_EXPIRED &&
1676 seek -> binding_state != FTS_RESET &&
1677 seek -> binding_state != FTS_FREE &&
1678 seek -> binding_state != FTS_BACKUP)
1679 break;
1680 lease_dereference (&seek, MDL);
1681 if (next) {
1682 lease_reference (&seek, next, MDL);
1683 lease_dereference (&next, MDL);
1684 }
1685 }
1686 if (next)
1687 lease_dereference (&next, MDL);
1688 if (seek) {
1689 release_lease (seek, packet);
1690 lease_dereference (&seek, MDL);
1691 } else
1692 break;
1693 } while (1);
1694 }
1695 }
1696
1697
1698 /* Make sure this packet satisfies the configured minimum
1699 number of seconds. */
1700 memset (&d1, 0, sizeof d1);
1701 if (offer == DHCPOFFER &&
1702 (oc = lookup_option (&server_universe, state -> options,
1703 SV_MIN_SECS))) {
1704 if (evaluate_option_cache (&d1, packet, lease,
1705 (struct client_state *)0,
1706 packet -> options, state -> options,
1707 &lease -> scope, oc, MDL)) {
1708 if (d1.len &&
1709 ntohs (packet -> raw -> secs) < d1.data [0]) {
1710 log_info("%s: configured min-secs value (%d) "
1711 "is greater than secs field (%d). "
1712 "message dropped.", msg, d1.data[0],
1713 ntohs(packet->raw->secs));
1714 data_string_forget (&d1, MDL);
1715 free_lease_state (state, MDL);
1716 if (host)
1717 host_dereference (&host, MDL);
1718 return;
1719 }
1720 data_string_forget (&d1, MDL);
1721 }
1722 }
1723
1724 /* Try to find a matching host declaration for this lease.
1725 */
1726 if (!host) {
1727 struct host_decl *hp = (struct host_decl *)0;
1728 struct host_decl *h;
1729
1730 /* Try to find a host_decl that matches the client
1731 identifier or hardware address on the packet, and
1732 has no fixed IP address. If there is one, hang
1733 it off the lease so that its option definitions
1734 can be used. */
1735 oc = lookup_option (&dhcp_universe, packet -> options,
1736 DHO_DHCP_CLIENT_IDENTIFIER);
1737 if (oc &&
1738 evaluate_option_cache (&d1, packet, lease,
1739 (struct client_state *)0,
1740 packet -> options, state -> options,
1741 &lease -> scope, oc, MDL)) {
1742 find_hosts_by_uid (&hp, d1.data, d1.len, MDL);
1743 data_string_forget (&d1, MDL);
1744 for (h = hp; h; h = h -> n_ipaddr) {
1745 if (!h -> fixed_addr)
1746 break;
1747 }
1748 if (h)
1749 host_reference (&host, h, MDL);
1750 if (hp != NULL)
1751 host_dereference(&hp, MDL);
1752 }
1753 if (!host) {
1754 find_hosts_by_haddr (&hp,
1755 packet -> raw -> htype,
1756 packet -> raw -> chaddr,
1757 packet -> raw -> hlen,
1758 MDL);
1759 for (h = hp; h; h = h -> n_ipaddr) {
1760 if (!h -> fixed_addr)
1761 break;
1762 }
1763 if (h)
1764 host_reference (&host, h, MDL);
1765 if (hp != NULL)
1766 host_dereference(&hp, MDL);
1767 }
1768 if (!host) {
1769 find_hosts_by_option(&hp, packet, packet->options, MDL);
1770 for (h = hp; h; h = h -> n_ipaddr) {
1771 if (!h -> fixed_addr)
1772 break;
1773 }
1774 if (h)
1775 host_reference (&host, h, MDL);
1776 if (hp != NULL)
1777 host_dereference(&hp, MDL);
1778 }
1779 }
1780
1781 /* If we have a host_decl structure, run the options associated
1782 with its group. Whether the host decl struct is old or not. */
1783 if (host)
1784 execute_statements_in_scope ((struct binding_value **)0,
1785 packet, lease,
1786 (struct client_state *)0,
1787 packet -> options,
1788 state -> options, &lease -> scope,
1789 host -> group,
1790 (lease -> pool
1791 ? lease -> pool -> group
1792 : lease -> subnet -> group));
1793
1794 /* Drop the request if it's not allowed for this client. By
1795 default, unknown clients are allowed. */
1796 if (!host &&
1797 (oc = lookup_option (&server_universe, state -> options,
1798 SV_BOOT_UNKNOWN_CLIENTS)) &&
1799 !evaluate_boolean_option_cache (&ignorep,
1800 packet, lease,
1801 (struct client_state *)0,
1802 packet -> options,
1803 state -> options,
1804 &lease -> scope, oc, MDL)) {
1805 if (!ignorep)
1806 log_info ("%s: unknown client", msg);
1807 free_lease_state (state, MDL);
1808 if (host)
1809 host_dereference (&host, MDL);
1810 return;
1811 }
1812
1813 /* Drop the request if it's not allowed for this client. */
1814 if (!offer &&
1815 (oc = lookup_option (&server_universe, state -> options,
1816 SV_ALLOW_BOOTP)) &&
1817 !evaluate_boolean_option_cache (&ignorep,
1818 packet, lease,
1819 (struct client_state *)0,
1820 packet -> options,
1821 state -> options,
1822 &lease -> scope, oc, MDL)) {
1823 if (!ignorep)
1824 log_info ("%s: bootp disallowed", msg);
1825 free_lease_state (state, MDL);
1826 if (host)
1827 host_dereference (&host, MDL);
1828 return;
1829 }
1830
1831 /* Drop the request if booting is specifically denied. */
1832 oc = lookup_option (&server_universe, state -> options,
1833 SV_ALLOW_BOOTING);
1834 if (oc &&
1835 !evaluate_boolean_option_cache (&ignorep,
1836 packet, lease,
1837 (struct client_state *)0,
1838 packet -> options,
1839 state -> options,
1840 &lease -> scope, oc, MDL)) {
1841 if (!ignorep)
1842 log_info ("%s: booting disallowed", msg);
1843 free_lease_state (state, MDL);
1844 if (host)
1845 host_dereference (&host, MDL);
1846 return;
1847 }
1848
1849 /* If we are configured to do per-class billing, do it. */
1850 if (have_billing_classes && !(lease -> flags & STATIC_LEASE)) {
1851 /* See if the lease is currently being billed to a
1852 class, and if so, whether or not it can continue to
1853 be billed to that class. */
1854 if (lease -> billing_class) {
1855 for (i = 0; i < packet -> class_count; i++)
1856 if (packet -> classes [i] ==
1857 lease -> billing_class)
1858 break;
1859 if (i == packet -> class_count)
1860 unbill_class (lease, lease -> billing_class);
1861 }
1862
1863 /* If we don't have an active billing, see if we need
1864 one, and if we do, try to do so. */
1865 if (lease->billing_class == NULL) {
1866 int bill = 0;
1867 for (i = 0; i < packet->class_count; i++) {
1868 if (packet->classes[i]->lease_limit) {
1869 bill++;
1870 if (bill_class(lease,
1871 packet->classes[i]))
1872 break;
1873 }
1874 }
1875 if (bill != 0 && i == packet->class_count) {
1876 log_info("%s: no available billing: lease "
1877 "limit reached in all matching "
1878 "classes", msg);
1879 free_lease_state(state, MDL);
1880 if (host)
1881 host_dereference(&host, MDL);
1882 return;
1883 }
1884
1885 /* If this is an offer, undo the billing. We go
1886 * through all the steps above to bill a class so
1887 * we can hit the 'no available billing' mark and
1888 * abort without offering. But it just doesn't make
1889 * sense to permanently bill a class for a non-active
1890 * lease. This means on REQUEST, we will bill this
1891 * lease again (if there is a REQUEST).
1892 */
1893 if (offer == DHCPOFFER &&
1894 lease->billing_class != NULL &&
1895 lease->binding_state != FTS_ACTIVE)
1896 unbill_class(lease, lease->billing_class);
1897 }
1898 }
1899
1900 /* Figure out the filename. */
1901 oc = lookup_option (&server_universe, state -> options, SV_FILENAME);
1902 if (oc)
1903 evaluate_option_cache (&state -> filename, packet, lease,
1904 (struct client_state *)0,
1905 packet -> options, state -> options,
1906 &lease -> scope, oc, MDL);
1907
1908 /* Choose a server name as above. */
1909 oc = lookup_option (&server_universe, state -> options,
1910 SV_SERVER_NAME);
1911 if (oc)
1912 evaluate_option_cache (&state -> server_name, packet, lease,
1913 (struct client_state *)0,
1914 packet -> options, state -> options,
1915 &lease -> scope, oc, MDL);
1916
1917 /* At this point, we have a lease that we can offer the client.
1918 Now we construct a lease structure that contains what we want,
1919 and call supersede_lease to do the right thing with it. */
1920 lt = (struct lease *)0;
1921 result = lease_allocate (&lt, MDL);
1922 if (result != ISC_R_SUCCESS) {
1923 log_info ("%s: can't allocate temporary lease structure: %s",
1924 msg, isc_result_totext (result));
1925 free_lease_state (state, MDL);
1926 if (host)
1927 host_dereference (&host, MDL);
1928 return;
1929 }
1930
1931 /* Use the ip address of the lease that we finally found in
1932 the database. */
1933 lt -> ip_addr = lease -> ip_addr;
1934
1935 /* Start now. */
1936 lt -> starts = cur_time;
1937
1938 /* Figure out how long a lease to assign. If this is a
1939 dynamic BOOTP lease, its duration must be infinite. */
1940 if (offer) {
1941 lt->flags &= ~BOOTP_LEASE;
1942
1943 default_lease_time = DEFAULT_DEFAULT_LEASE_TIME;
1944 if ((oc = lookup_option (&server_universe, state -> options,
1945 SV_DEFAULT_LEASE_TIME))) {
1946 if (evaluate_option_cache (&d1, packet, lease,
1947 (struct client_state *)0,
1948 packet -> options,
1949 state -> options,
1950 &lease -> scope, oc, MDL)) {
1951 if (d1.len == sizeof (u_int32_t))
1952 default_lease_time =
1953 getULong (d1.data);
1954 data_string_forget (&d1, MDL);
1955 }
1956 }
1957
1958 if ((oc = lookup_option (&dhcp_universe, packet -> options,
1959 DHO_DHCP_LEASE_TIME)))
1960 s1 = evaluate_option_cache (&d1, packet, lease,
1961 (struct client_state *)0,
1962 packet -> options,
1963 state -> options,
1964 &lease -> scope, oc, MDL);
1965 else
1966 s1 = 0;
1967
1968 if (s1 && (d1.len == 4)) {
1969 u_int32_t ones = 0xffffffff;
1970
1971 /* One potential use of reserved leases is to allow
1972 * clients to signal reservation of their lease. They
1973 * can kinda sorta do this, if you squint hard enough,
1974 * by supplying an 'infinite' requested-lease-time
1975 * option. This is generally bad practice...you want
1976 * clients to return to the server on at least some
1977 * period (days, months, years) to get up-to-date
1978 * config state. So;
1979 *
1980 * 1) A client requests 0xffffffff lease-time.
1981 * 2) The server reserves the lease, and assigns a
1982 * <= max_lease_time lease-time to the client, which
1983 * we presume is much smaller than 0xffffffff.
1984 * 3) The client ultimately fails to renew its lease
1985 * (all clients go offline at some point).
1986 * 4) The server retains the reservation, although
1987 * the lease expires and passes through those states
1988 * as normal, it's placed in the 'reserved' queue,
1989 * and is under no circumstances allocated to any
1990 * clients.
1991 *
1992 * Whether the client knows its reserving its lease or
1993 * not, this can be a handy tool for a sysadmin.
1994 */
1995 if ((memcmp(d1.data, &ones, 4) == 0) &&
1996 (oc = lookup_option(&server_universe,
1997 state->options,
1998 SV_RESERVE_INFINITE)) &&
1999 evaluate_boolean_option_cache(&ignorep, packet,
2000 lease, NULL, packet->options,
2001 state->options, &lease->scope,
2002 oc, MDL)) {
2003 lt->flags |= RESERVED_LEASE;
2004 if (!ignorep)
2005 log_info("Infinite-leasetime "
2006 "reservation made on %s.",
2007 piaddr(lt->ip_addr));
2008 }
2009
2010 lease_time = getULong (d1.data);
2011 } else
2012 lease_time = default_lease_time;
2013
2014 if (s1)
2015 data_string_forget(&d1, MDL);
2016
2017 /* See if there's a maximum lease time. */
2018 max_lease_time = DEFAULT_MAX_LEASE_TIME;
2019 if ((oc = lookup_option (&server_universe, state -> options,
2020 SV_MAX_LEASE_TIME))) {
2021 if (evaluate_option_cache (&d1, packet, lease,
2022 (struct client_state *)0,
2023 packet -> options,
2024 state -> options,
2025 &lease -> scope, oc, MDL)) {
2026 if (d1.len == sizeof (u_int32_t))
2027 max_lease_time =
2028 getULong (d1.data);
2029 data_string_forget (&d1, MDL);
2030 }
2031 }
2032
2033 /* Enforce the maximum lease length. */
2034 if (lease_time < 0 /* XXX */
2035 || lease_time > max_lease_time)
2036 lease_time = max_lease_time;
2037
2038 min_lease_time = DEFAULT_MIN_LEASE_TIME;
2039 if (min_lease_time > max_lease_time)
2040 min_lease_time = max_lease_time;
2041
2042 if ((oc = lookup_option (&server_universe, state -> options,
2043 SV_MIN_LEASE_TIME))) {
2044 if (evaluate_option_cache (&d1, packet, lease,
2045 (struct client_state *)0,
2046 packet -> options,
2047 state -> options,
2048 &lease -> scope, oc, MDL)) {
2049 if (d1.len == sizeof (u_int32_t))
2050 min_lease_time = getULong (d1.data);
2051 data_string_forget (&d1, MDL);
2052 }
2053 }
2054
2055 /* CC: If there are less than
2056 adaptive-lease-time-threshold % free leases,
2057 hand out only short term leases */
2058
2059 memset(&d1, 0, sizeof(d1));
2060 if (lease->pool &&
2061 (oc = lookup_option(&server_universe, state->options,
2062 SV_ADAPTIVE_LEASE_TIME_THRESHOLD)) &&
2063 evaluate_option_cache(&d1, packet, lease, NULL,
2064 packet->options, state->options,
2065 &lease->scope, oc, MDL)) {
2066 if (d1.len == 1 && d1.data[0] > 0 &&
2067 d1.data[0] < 100) {
2068 TIME adaptive_time;
2069 int poolfilled, total, count;
2070
2071 if (min_lease_time)
2072 adaptive_time = min_lease_time;
2073 else
2074 adaptive_time = DEFAULT_MIN_LEASE_TIME;
2075
2076 /* Allow the client to keep its lease. */
2077 if (lease->ends - cur_time > adaptive_time)
2078 adaptive_time = lease->ends - cur_time;
2079
2080 count = lease->pool->lease_count;
2081 total = count - (lease->pool->free_leases +
2082 lease->pool->backup_leases);
2083
2084 poolfilled = (total > (INT_MAX / 100)) ?
2085 total / (count / 100) :
2086 (total * 100) / count;
2087
2088 log_debug("Adap-lease: Total: %d, Free: %d, "
2089 "Ends: %d, Adaptive: %d, Fill: %d, "
2090 "Threshold: %d",
2091 lease->pool->lease_count,
2092 lease->pool->free_leases,
2093 (int)(lease->ends - cur_time),
2094 (int)adaptive_time, poolfilled,
2095 d1.data[0]);
2096
2097 if (poolfilled >= d1.data[0] &&
2098 lease_time > adaptive_time) {
2099 log_info("Pool over threshold, time "
2100 "for %s reduced from %d to "
2101 "%d.", piaddr(lease->ip_addr),
2102 (int)lease_time,
2103 (int)adaptive_time);
2104
2105 lease_time = adaptive_time;
2106 }
2107 }
2108 data_string_forget(&d1, MDL);
2109 }
2110
2111 /* a client requests an address which is not yet active*/
2112 if (lease->pool && lease->pool->valid_from &&
2113 cur_time < lease->pool->valid_from) {
2114 /* NAK leases before pool activation date */
2115 cip.len = 4;
2116 memcpy (cip.iabuf, &lt->ip_addr.iabuf, 4);
2117 nak_lease(packet, &cip);
2118 free_lease_state (state, MDL);
2119 lease_dereference (&lt, MDL);
2120 if (host)
2121 host_dereference (&host, MDL);
2122 return;
2123
2124 }
2125
2126 /* CC:
2127 a) NAK current lease if past the expiration date
2128 b) extend lease only up to the expiration date, but not
2129 below min-lease-time
2130 Setting min-lease-time is essential for this to work!
2131 The value of min-lease-time determines the lenght
2132 of the transition window:
2133 A client renewing a second before the deadline will
2134 get a min-lease-time lease. Since the current ip might not
2135 be routable after the deadline, the client will
2136 be offline until it DISCOVERS again. Otherwise it will
2137 receive a NAK at T/2.
2138 A min-lease-time of 6 seconds effectively switches over
2139 all clients in this pool very quickly.
2140 */
2141
2142 if (lease->pool && lease->pool->valid_until) {
2143 if (cur_time >= lease->pool->valid_until) {
2144 /* NAK leases after pool expiration date */
2145 cip.len = 4;
2146 memcpy (cip.iabuf, &lt->ip_addr.iabuf, 4);
2147 nak_lease(packet, &cip);
2148 free_lease_state (state, MDL);
2149 lease_dereference (&lt, MDL);
2150 if (host)
2151 host_dereference (&host, MDL);
2152 return;
2153 }
2154 remaining_time = lease->pool->valid_until - cur_time;
2155 if (lease_time > remaining_time)
2156 lease_time = remaining_time;
2157 }
2158
2159 if (lease_time < min_lease_time) {
2160 if (min_lease_time)
2161 lease_time = min_lease_time;
2162 else
2163 lease_time = default_lease_time;
2164 }
2165
2166
2167 #if defined (FAILOVER_PROTOCOL)
2168 /* Okay, we know the lease duration. Now check the
2169 failover state, if any. */
2170 if (lease -> pool && lease -> pool -> failover_peer) {
2171 TIME new_lease_time = lease_time;
2172 dhcp_failover_state_t *peer =
2173 lease -> pool -> failover_peer;
2174
2175 /* Copy previous lease failover ack-state. */
2176 lt->tsfp = lease->tsfp;
2177 lt->atsfp = lease->atsfp;
2178
2179 /* cltt set below */
2180
2181 /* Lease times less than MCLT are not a concern. */
2182 if (lease_time > peer->mclt) {
2183 /* Each server can only offer a lease time
2184 * that is either equal to MCLT (at least),
2185 * or up to TSFP+MCLT. Only if the desired
2186 * lease time falls within TSFP+MCLT, can
2187 * the server allow it.
2188 */
2189 if (lt->tsfp <= cur_time)
2190 new_lease_time = peer->mclt;
2191 else if ((cur_time + lease_time) >
2192 (lt->tsfp + peer->mclt))
2193 new_lease_time = (lt->tsfp - cur_time)
2194 + peer->mclt;
2195 }
2196
2197 /* Update potential expiry. Allow for the desired
2198 * lease time plus one half the actual (whether
2199 * modified downward or not) lease time, which is
2200 * actually an estimate of when the client will
2201 * renew. This way, the client will be able to get
2202 * the desired lease time upon renewal.
2203 */
2204 if (offer == DHCPACK) {
2205 lt->tstp = cur_time + lease_time +
2206 (new_lease_time / 2);
2207
2208 /* If we reduced the potential expiry time,
2209 * make sure we don't offer an old-expiry-time
2210 * lease for this lease before the change is
2211 * ack'd.
2212 */
2213 if (lt->tstp < lt->tsfp)
2214 lt->tsfp = lt->tstp;
2215 } else
2216 lt->tstp = lease->tstp;
2217
2218 /* Use failover-modified lease time. */
2219 lease_time = new_lease_time;
2220 }
2221 #endif /* FAILOVER_PROTOCOL */
2222
2223 /* If the lease duration causes the time value to wrap,
2224 use the maximum expiry time. */
2225 if (cur_time + lease_time < cur_time)
2226 state -> offered_expiry = MAX_TIME - 1;
2227 else
2228 state -> offered_expiry = cur_time + lease_time;
2229 if (when)
2230 lt -> ends = when;
2231 else
2232 lt -> ends = state -> offered_expiry;
2233
2234 /* Don't make lease active until we actually get a
2235 DHCPREQUEST. */
2236 if (offer == DHCPACK)
2237 lt -> next_binding_state = FTS_ACTIVE;
2238 else
2239 lt -> next_binding_state = lease -> binding_state;
2240 } else {
2241 lt->flags |= BOOTP_LEASE;
2242
2243 lease_time = MAX_TIME - cur_time;
2244
2245 if ((oc = lookup_option (&server_universe, state -> options,
2246 SV_BOOTP_LEASE_LENGTH))) {
2247 if (evaluate_option_cache (&d1, packet, lease,
2248 (struct client_state *)0,
2249 packet -> options,
2250 state -> options,
2251 &lease -> scope, oc, MDL)) {
2252 if (d1.len == sizeof (u_int32_t))
2253 lease_time = getULong (d1.data);
2254 data_string_forget (&d1, MDL);
2255 }
2256 }
2257
2258 if ((oc = lookup_option (&server_universe, state -> options,
2259 SV_BOOTP_LEASE_CUTOFF))) {
2260 if (evaluate_option_cache (&d1, packet, lease,
2261 (struct client_state *)0,
2262 packet -> options,
2263 state -> options,
2264 &lease -> scope, oc, MDL)) {
2265 if (d1.len == sizeof (u_int32_t))
2266 lease_time = (getULong (d1.data) -
2267 cur_time);
2268 data_string_forget (&d1, MDL);
2269 }
2270 }
2271
2272 lt -> ends = state -> offered_expiry = cur_time + lease_time;
2273 lt -> next_binding_state = FTS_ACTIVE;
2274 }
2275
2276 /* Update Client Last Transaction Time. */
2277 lt->cltt = cur_time;
2278
2279 /* Record the uid, if given... */
2280 oc = lookup_option (&dhcp_universe, packet -> options,
2281 DHO_DHCP_CLIENT_IDENTIFIER);
2282 if (oc &&
2283 evaluate_option_cache (&d1, packet, lease,
2284 (struct client_state *)0,
2285 packet -> options, state -> options,
2286 &lease -> scope, oc, MDL)) {
2287 if (d1.len <= sizeof lt -> uid_buf) {
2288 memcpy (lt -> uid_buf, d1.data, d1.len);
2289 lt -> uid = lt -> uid_buf;
2290 lt -> uid_max = sizeof lt -> uid_buf;
2291 lt -> uid_len = d1.len;
2292 } else {
2293 unsigned char *tuid;
2294 lt -> uid_max = d1.len;
2295 lt -> uid_len = d1.len;
2296 tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
2297 /* XXX inelegant */
2298 if (!tuid)
2299 log_fatal ("no memory for large uid.");
2300 memcpy (tuid, d1.data, lt -> uid_len);
2301 lt -> uid = tuid;
2302 }
2303 data_string_forget (&d1, MDL);
2304 }
2305
2306 if (host) {
2307 host_reference (&lt -> host, host, MDL);
2308 host_dereference (&host, MDL);
2309 }
2310 if (lease -> subnet)
2311 subnet_reference (&lt -> subnet, lease -> subnet, MDL);
2312 if (lease -> billing_class)
2313 class_reference (&lt -> billing_class,
2314 lease -> billing_class, MDL);
2315
2316 /* Set a flag if this client is a broken client that NUL
2317 terminates string options and expects us to do likewise. */
2318 if (ms_nulltp)
2319 lease -> flags |= MS_NULL_TERMINATION;
2320 else
2321 lease -> flags &= ~MS_NULL_TERMINATION;
2322
2323 /* Save any bindings. */
2324 if (lease -> scope) {
2325 binding_scope_reference (&lt -> scope, lease -> scope, MDL);
2326 binding_scope_dereference (&lease -> scope, MDL);
2327 }
2328 if (lease -> agent_options)
2329 option_chain_head_reference (&lt -> agent_options,
2330 lease -> agent_options, MDL);
2331
2332 /* If we got relay agent information options from the packet, then
2333 * cache them for renewal in case the relay agent can't supply them
2334 * when the client unicasts. The options may be from an addressed
2335 * "l3" relay, or from an unaddressed "l2" relay which does not set
2336 * giaddr.
2337 */
2338 if (!packet->agent_options_stashed &&
2339 packet->options->universe_count > agent_universe.index &&
2340 packet->options->universes[agent_universe.index] != NULL) {
2341 oc = lookup_option (&server_universe, state -> options,
2342 SV_STASH_AGENT_OPTIONS);
2343 if (!oc ||
2344 evaluate_boolean_option_cache (&ignorep, packet, lease,
2345 (struct client_state *)0,
2346 packet -> options,
2347 state -> options,
2348 &lease -> scope, oc, MDL)) {
2349 if (lt -> agent_options)
2350 option_chain_head_dereference (&lt -> agent_options, MDL);
2351 option_chain_head_reference
2352 (&lt -> agent_options,
2353 (struct option_chain_head *)
2354 packet -> options -> universes [agent_universe.index],
2355 MDL);
2356 }
2357 }
2358
2359 /* Replace the old lease hostname with the new one, if it's changed. */
2360 oc = lookup_option (&dhcp_universe, packet -> options, DHO_HOST_NAME);
2361 if (oc)
2362 s1 = evaluate_option_cache (&d1, packet, (struct lease *)0,
2363 (struct client_state *)0,
2364 packet -> options,
2365 (struct option_state *)0,
2366 &global_scope, oc, MDL);
2367 else
2368 s1 = 0;
2369
2370 if (oc && s1 &&
2371 lease -> client_hostname &&
2372 strlen (lease -> client_hostname) == d1.len &&
2373 !memcmp (lease -> client_hostname, d1.data, d1.len)) {
2374 /* Hasn't changed. */
2375 data_string_forget (&d1, MDL);
2376 lt -> client_hostname = lease -> client_hostname;
2377 lease -> client_hostname = (char *)0;
2378 } else if (oc && s1) {
2379 lt -> client_hostname = dmalloc (d1.len + 1, MDL);
2380 if (!lt -> client_hostname)
2381 log_error ("no memory for client hostname.");
2382 else {
2383 memcpy (lt -> client_hostname, d1.data, d1.len);
2384 lt -> client_hostname [d1.len] = 0;
2385 }
2386 data_string_forget (&d1, MDL);
2387 }
2388
2389 /* Record the hardware address, if given... */
2390 lt -> hardware_addr.hlen = packet -> raw -> hlen + 1;
2391 lt -> hardware_addr.hbuf [0] = packet -> raw -> htype;
2392 memcpy (&lt -> hardware_addr.hbuf [1], packet -> raw -> chaddr,
2393 sizeof packet -> raw -> chaddr);
2394
2395 lt -> flags = lease -> flags & ~PERSISTENT_FLAGS;
2396
2397 /* If there are statements to execute when the lease is
2398 committed, execute them. */
2399 if (lease -> on_commit && (!offer || offer == DHCPACK)) {
2400 execute_statements ((struct binding_value **)0,
2401 packet, lt, (struct client_state *)0,
2402 packet -> options,
2403 state -> options, &lt -> scope,
2404 lease -> on_commit);
2405 if (lease -> on_commit)
2406 executable_statement_dereference (&lease -> on_commit,
2407 MDL);
2408 }
2409
2410 #ifdef NSUPDATE
2411 /* Perform DDNS updates, if configured to. */
2412 if ((!offer || offer == DHCPACK) &&
2413 (!(oc = lookup_option (&server_universe, state -> options,
2414 SV_DDNS_UPDATES)) ||
2415 evaluate_boolean_option_cache (&ignorep, packet, lt,
2416 (struct client_state *)0,
2417 packet -> options,
2418 state -> options,
2419 &lt -> scope, oc, MDL))) {
2420 ddns_updates(packet, lt, lease, NULL, NULL, state->options);
2421 }
2422 #endif /* NSUPDATE */
2423
2424 /* Don't call supersede_lease on a mocked-up lease. */
2425 if (lease -> flags & STATIC_LEASE) {
2426 /* Copy the hardware address into the static lease
2427 structure. */
2428 lease -> hardware_addr.hlen = packet -> raw -> hlen + 1;
2429 lease -> hardware_addr.hbuf [0] = packet -> raw -> htype;
2430 memcpy (&lease -> hardware_addr.hbuf [1],
2431 packet -> raw -> chaddr,
2432 sizeof packet -> raw -> chaddr); /* XXX */
2433 } else {
2434 #if !defined(DELAYED_ACK)
2435 /* Install the new information on 'lt' onto the lease at
2436 * 'lease'. If this is a DHCPOFFER, it is a 'soft' promise,
2437 * if it is a DHCPACK, it is a 'hard' binding, so it needs
2438 * to be recorded and propogated immediately. If the update
2439 * fails, don't ACK it (or BOOTREPLY) either; we may give
2440 * the same lease to another client later, and that would be
2441 * a conflict.
2442 */
2443 if (!supersede_lease(lease, lt, !offer || (offer == DHCPACK),
2444 offer == DHCPACK, offer == DHCPACK)) {
2445 #else /* defined(DELAYED_ACK) */
2446 /* Install the new information on 'lt' onto the lease at
2447 * 'lease'.  We will not 'commit' this information to disk
2448 * yet (fsync()), we will 'propogate' the information if
2449 * this is BOOTP or a DHCPACK, but we will not 'pimmediate'ly
2450 * transmit failover binding updates (this is delayed until
2451 * after the fsync()). If the update fails, don't ACK it (or
2452 * BOOTREPLY either); we may give the same lease out to a
2453 * different client, and that would be a conflict.
2454 */
2455 if (!supersede_lease(lease, lt, 0, !offer || offer == DHCPACK,
2456 0)) {
2457 #endif
2458 log_info ("%s: database update failed", msg);
2459 free_lease_state (state, MDL);
2460 lease_dereference (&lt, MDL);
2461 return;
2462 }
2463 }
2464 lease_dereference (&lt, MDL);
2465
2466 /* Remember the interface on which the packet arrived. */
2467 state -> ip = packet -> interface;
2468
2469 /* Remember the giaddr, xid, secs, flags and hops. */
2470 state -> giaddr = packet -> raw -> giaddr;
2471 state -> ciaddr = packet -> raw -> ciaddr;
2472 state -> xid = packet -> raw -> xid;
2473 state -> secs = packet -> raw -> secs;
2474 state -> bootp_flags = packet -> raw -> flags;
2475 state -> hops = packet -> raw -> hops;
2476 state -> offer = offer;
2477
2478 /* If we're always supposed to broadcast to this client, set
2479 the broadcast bit in the bootp flags field. */
2480 if ((oc = lookup_option (&server_universe, state -> options,
2481 SV_ALWAYS_BROADCAST)) &&
2482 evaluate_boolean_option_cache (&ignorep, packet, lease,
2483 (struct client_state *)0,
2484 packet -> options, state -> options,
2485 &lease -> scope, oc, MDL))
2486 state -> bootp_flags |= htons (BOOTP_BROADCAST);
2487
2488 /* Get the Maximum Message Size option from the packet, if one
2489 was sent. */
2490 oc = lookup_option (&dhcp_universe, packet -> options,
2491 DHO_DHCP_MAX_MESSAGE_SIZE);
2492 if (oc &&
2493 evaluate_option_cache (&d1, packet, lease,
2494 (struct client_state *)0,
2495 packet -> options, state -> options,
2496 &lease -> scope, oc, MDL)) {
2497 if (d1.len == sizeof (u_int16_t))
2498 state -> max_message_size = getUShort (d1.data);
2499 data_string_forget (&d1, MDL);
2500 } else {
2501 oc = lookup_option (&dhcp_universe, state -> options,
2502 DHO_DHCP_MAX_MESSAGE_SIZE);
2503 if (oc &&
2504 evaluate_option_cache (&d1, packet, lease,
2505 (struct client_state *)0,
2506 packet -> options, state -> options,
2507 &lease -> scope, oc, MDL)) {
2508 if (d1.len == sizeof (u_int16_t))
2509 state -> max_message_size =
2510 getUShort (d1.data);
2511 data_string_forget (&d1, MDL);
2512 }
2513 }
2514
2515 /* Get the Subnet Selection option from the packet, if one
2516 was sent. */
2517 if ((oc = lookup_option (&dhcp_universe, packet -> options,
2518 DHO_SUBNET_SELECTION))) {
2519
2520 /* Make a copy of the data. */
2521 struct option_cache *noc = (struct option_cache *)0;
2522 if (option_cache_allocate (&noc, MDL)) {
2523 if (oc -> data.len)
2524 data_string_copy (&noc -> data,
2525 &oc -> data, MDL);
2526 if (oc -> expression)
2527 expression_reference (&noc -> expression,
2528 oc -> expression, MDL);
2529 if (oc -> option)
2530 option_reference(&(noc->option), oc->option,
2531 MDL);
2532 }
2533
2534 save_option (&dhcp_universe, state -> options, noc);
2535 option_cache_dereference (&noc, MDL);
2536 }
2537
2538 /* Now, if appropriate, put in DHCP-specific options that
2539 override those. */
2540 if (state -> offer) {
2541 i = DHO_DHCP_MESSAGE_TYPE;
2542 oc = (struct option_cache *)0;
2543 if (option_cache_allocate (&oc, MDL)) {
2544 if (make_const_data (&oc -> expression,
2545 &state -> offer, 1, 0, 0, MDL)) {
2546 option_code_hash_lookup(&oc->option,
2547 dhcp_universe.code_hash,
2548 &i, 0, MDL);
2549 save_option (&dhcp_universe,
2550 state -> options, oc);
2551 }
2552 option_cache_dereference (&oc, MDL);
2553 }
2554
2555 get_server_source_address(&from, state->options, packet);
2556 memcpy(state->from.iabuf, &from, sizeof(from));
2557 state->from.len = sizeof(from);
2558
2559 offered_lease_time =
2560 state -> offered_expiry - cur_time;
2561
2562 putULong(state->expiry, (u_int32_t)offered_lease_time);
2563 i = DHO_DHCP_LEASE_TIME;
2564 oc = (struct option_cache *)0;
2565 if (option_cache_allocate (&oc, MDL)) {
2566 if (make_const_data(&oc->expression, state->expiry,
2567 4, 0, 0, MDL)) {
2568 option_code_hash_lookup(&oc->option,
2569 dhcp_universe.code_hash,
2570 &i, 0, MDL);
2571 save_option (&dhcp_universe,
2572 state -> options, oc);
2573 }
2574 option_cache_dereference (&oc, MDL);
2575 }
2576
2577 /*
2578 * Validate any configured renew or rebinding times against
2579 * the determined lease time. Do rebinding first so that
2580 * the renew time can be validated against the rebind time.
2581 */
2582 if ((oc = lookup_option(&dhcp_universe, state->options,
2583 DHO_DHCP_REBINDING_TIME)) != NULL &&
2584 evaluate_option_cache(&d1, packet, lease, NULL,
2585 packet->options, state->options,
2586 &lease->scope, oc, MDL)) {
2587 TIME rebind_time = getULong(d1.data);
2588
2589 /* Drop the configured (invalid) rebinding time. */
2590 if (rebind_time >= offered_lease_time)
2591 delete_option(&dhcp_universe, state->options,
2592 DHO_DHCP_REBINDING_TIME);
2593 else /* XXX: variable is reused. */
2594 offered_lease_time = rebind_time;
2595
2596 data_string_forget(&d1, MDL);
2597 }
2598
2599 if ((oc = lookup_option(&dhcp_universe, state->options,
2600 DHO_DHCP_RENEWAL_TIME)) != NULL &&
2601 evaluate_option_cache(&d1, packet, lease, NULL,
2602 packet->options, state->options,
2603 &lease->scope, oc, MDL)) {
2604 if (getULong(d1.data) >= offered_lease_time)
2605 delete_option(&dhcp_universe, state->options,
2606 DHO_DHCP_RENEWAL_TIME);
2607
2608 data_string_forget(&d1, MDL);
2609 }
2610 } else {
2611 /* XXXSK: should we use get_server_source_address() here? */
2612 if (state -> ip -> address_count) {
2613 state -> from.len =
2614 sizeof state -> ip -> addresses [0];
2615 memcpy (state -> from.iabuf,
2616 &state -> ip -> addresses [0],
2617 state -> from.len);
2618 }
2619 }
2620
2621 /* Figure out the address of the boot file server. */
2622 memset (&state -> siaddr, 0, sizeof state -> siaddr);
2623 if ((oc =
2624 lookup_option (&server_universe,
2625 state -> options, SV_NEXT_SERVER))) {
2626 if (evaluate_option_cache (&d1, packet, lease,
2627 (struct client_state *)0,
2628 packet -> options, state -> options,
2629 &lease -> scope, oc, MDL)) {
2630 /* If there was more than one answer,
2631 take the first. */
2632 if (d1.len >= 4 && d1.data)
2633 memcpy (&state -> siaddr, d1.data, 4);
2634 data_string_forget (&d1, MDL);
2635 }
2636 }
2637
2638 /* Use the subnet mask from the subnet declaration if no other
2639 mask has been provided. */
2640 i = DHO_SUBNET_MASK;
2641 if (!lookup_option (&dhcp_universe, state -> options, i)) {
2642 oc = (struct option_cache *)0;
2643 if (option_cache_allocate (&oc, MDL)) {
2644 if (make_const_data (&oc -> expression,
2645 lease -> subnet -> netmask.iabuf,
2646 lease -> subnet -> netmask.len,
2647 0, 0, MDL)) {
2648 option_code_hash_lookup(&oc->option,
2649 dhcp_universe.code_hash,
2650 &i, 0, MDL);
2651 save_option (&dhcp_universe,
2652 state -> options, oc);
2653 }
2654 option_cache_dereference (&oc, MDL);
2655 }
2656 }
2657
2658 /* Use the hostname from the host declaration if there is one
2659 and no hostname has otherwise been provided, and if the
2660 use-host-decl-name flag is set. */
2661 i = DHO_HOST_NAME;
2662 j = SV_USE_HOST_DECL_NAMES;
2663 if (!lookup_option (&dhcp_universe, state -> options, i) &&
2664 lease -> host && lease -> host -> name &&
2665 (evaluate_boolean_option_cache
2666 (&ignorep, packet, lease, (struct client_state *)0,
2667 packet -> options, state -> options, &lease -> scope,
2668 lookup_option (&server_universe, state -> options, j), MDL))) {
2669 oc = (struct option_cache *)0;
2670 if (option_cache_allocate (&oc, MDL)) {
2671 if (make_const_data (&oc -> expression,
2672 ((unsigned char *)
2673 lease -> host -> name),
2674 strlen (lease -> host -> name),
2675 1, 0, MDL)) {
2676 option_code_hash_lookup(&oc->option,
2677 dhcp_universe.code_hash,
2678 &i, 0, MDL);
2679 save_option (&dhcp_universe,
2680 state -> options, oc);
2681 }
2682 option_cache_dereference (&oc, MDL);
2683 }
2684 }
2685
2686 /* If we don't have a hostname yet, and we've been asked to do
2687 a reverse lookup to find the hostname, do it. */
2688 i = DHO_HOST_NAME;
2689 j = SV_GET_LEASE_HOSTNAMES;
2690 if (!lookup_option(&dhcp_universe, state->options, i) &&
2691 evaluate_boolean_option_cache
2692 (&ignorep, packet, lease, NULL,
2693 packet->options, state->options, &lease->scope,
2694 lookup_option (&server_universe, state->options, j), MDL)) {
2695 struct in_addr ia;
2696 struct hostent *h;
2697
2698 memcpy (&ia, lease -> ip_addr.iabuf, 4);
2699
2700 h = gethostbyaddr ((char *)&ia, sizeof ia, AF_INET);
2701 if (!h)
2702 log_error ("No hostname for %s", inet_ntoa (ia));
2703 else {
2704 oc = (struct option_cache *)0;
2705 if (option_cache_allocate (&oc, MDL)) {
2706 if (make_const_data (&oc -> expression,
2707 ((unsigned char *)
2708 h -> h_name),
2709 strlen (h -> h_name) + 1,
2710 1, 1, MDL)) {
2711 option_code_hash_lookup(&oc->option,
2712 dhcp_universe.code_hash,
2713 &i, 0, MDL);
2714 save_option (&dhcp_universe,
2715 state -> options, oc);
2716 }
2717 option_cache_dereference (&oc, MDL);
2718 }
2719 }
2720 }
2721
2722 /* If so directed, use the leased IP address as the router address.
2723 This supposedly makes Win95 machines ARP for all IP addresses,
2724 so if the local router does proxy arp, you win. */
2725
2726 if (evaluate_boolean_option_cache
2727 (&ignorep, packet, lease, (struct client_state *)0,
2728 packet -> options, state -> options, &lease -> scope,
2729 lookup_option (&server_universe, state -> options,
2730 SV_USE_LEASE_ADDR_FOR_DEFAULT_ROUTE), MDL)) {
2731 i = DHO_ROUTERS;
2732 oc = lookup_option (&dhcp_universe, state -> options, i);
2733 if (!oc) {
2734 oc = (struct option_cache *)0;
2735 if (option_cache_allocate (&oc, MDL)) {
2736 if (make_const_data (&oc -> expression,
2737 lease -> ip_addr.iabuf,
2738 lease -> ip_addr.len,
2739 0, 0, MDL)) {
2740 option_code_hash_lookup(&oc->option,
2741 dhcp_universe.code_hash,
2742 &i, 0, MDL);
2743 save_option (&dhcp_universe,
2744 state -> options, oc);
2745 }
2746 option_cache_dereference (&oc, MDL);
2747 }
2748 }
2749 }
2750
2751 /* If a site option space has been specified, use that for
2752 site option codes. */
2753 i = SV_SITE_OPTION_SPACE;
2754 if ((oc = lookup_option (&server_universe, state -> options, i)) &&
2755 evaluate_option_cache (&d1, packet, lease,
2756 (struct client_state *)0,
2757 packet -> options, state -> options,
2758 &lease -> scope, oc, MDL)) {
2759 struct universe *u = (struct universe *)0;
2760
2761 if (!universe_hash_lookup (&u, universe_hash,
2762 (const char *)d1.data, d1.len,
2763 MDL)) {
2764 log_error ("unknown option space %s.", d1.data);
2765 return;
2766 }
2767
2768 state -> options -> site_universe = u -> index;
2769 state->options->site_code_min = find_min_site_code(u);
2770 data_string_forget (&d1, MDL);
2771 } else {
2772 state -> options -> site_code_min = 0;
2773 state -> options -> site_universe = dhcp_universe.index;
2774 }
2775
2776 /* If the client has provided a list of options that it wishes
2777 returned, use it to prioritize. If there's a parameter
2778 request list in scope, use that in preference. Otherwise
2779 use the default priority list. */
2780
2781 oc = lookup_option (&dhcp_universe, state -> options,
2782 DHO_DHCP_PARAMETER_REQUEST_LIST);
2783
2784 if (!oc)
2785 oc = lookup_option (&dhcp_universe, packet -> options,
2786 DHO_DHCP_PARAMETER_REQUEST_LIST);
2787 if (oc)
2788 evaluate_option_cache (&state -> parameter_request_list,
2789 packet, lease, (struct client_state *)0,
2790 packet -> options, state -> options,
2791 &lease -> scope, oc, MDL);
2792
2793 #ifdef DEBUG_PACKET
2794 dump_packet (packet);
2795 dump_raw ((unsigned char *)packet -> raw, packet -> packet_length);
2796 #endif
2797
2798 lease -> state = state;
2799
2800 log_info ("%s", msg);
2801
2802 /* Hang the packet off the lease state. */
2803 packet_reference (&lease -> state -> packet, packet, MDL);
2804
2805 /* If this is a DHCPOFFER, ping the lease address before actually
2806 sending the offer. */
2807 if (offer == DHCPOFFER && !(lease -> flags & STATIC_LEASE) &&
2808 ((cur_time - lease_cltt) > 60) &&
2809 (!(oc = lookup_option (&server_universe, state -> options,
2810 SV_PING_CHECKS)) ||
2811 evaluate_boolean_option_cache (&ignorep, packet, lease,
2812 (struct client_state *)0,
2813 packet -> options,
2814 state -> options,
2815 &lease -> scope, oc, MDL))) {
2816 icmp_echorequest (&lease -> ip_addr);
2817
2818 /* Determine whether to use configured or default ping timeout.
2819 */
2820 if ((oc = lookup_option (&server_universe, state -> options,
2821 SV_PING_TIMEOUT)) &&
2822 evaluate_option_cache (&d1, packet, lease, NULL,
2823 packet -> options,
2824 state -> options,
2825 &lease -> scope, oc, MDL)) {
2826 if (d1.len == sizeof (u_int32_t))
2827 ping_timeout = getULong (d1.data);
2828 else
2829 ping_timeout = DEFAULT_PING_TIMEOUT;
2830
2831 data_string_forget (&d1, MDL);
2832 } else
2833 ping_timeout = DEFAULT_PING_TIMEOUT;
2834
2835 #ifdef DEBUG
2836 log_debug ("Ping timeout: %ld", (long)ping_timeout);
2837 #endif
2838
2839 tv . tv_sec = cur_time + ping_timeout;
2840 tv . tv_usec = 0;
2841 add_timeout (&tv, lease_ping_timeout, lease,
2842 (tvref_t)lease_reference,
2843 (tvunref_t)lease_dereference);
2844 ++outstanding_pings;
2845 } else {
2846 lease->cltt = cur_time;
2847 #if defined(DELAYED_ACK)
2848 if (!(lease->flags & STATIC_LEASE) &&
2849 (!offer || (offer == DHCPACK)))
2850 delayed_ack_enqueue(lease);
2851 else
2852 #endif
2853 dhcp_reply(lease);
2854 }
2855 }
2856
2857 /*
2858 * CC: queue single ACK:
2859 * - write the lease (but do not fsync it yet)
2860 * - add to double linked list
2861 * - commit if more than xx ACKs pending
2862 * - if necessary set the max timer and bump the next timer
2863 * but only up to the max timer value.
2864 */
2865
2866 void
2867 delayed_ack_enqueue(struct lease *lease)
2868 {
2869 struct leasequeue *q;
2870
2871 if (!write_lease(lease))
2872 return;
2873 if (free_ackqueue) {
2874 q = free_ackqueue;
2875 free_ackqueue = q->next;
2876 } else {
2877 q = ((struct leasequeue *)
2878 dmalloc(sizeof(struct leasequeue), MDL));
2879 if (!q)
2880 log_fatal("delayed_ack_enqueue: no memory!");
2881 }
2882 memset(q, 0, sizeof *q);
2883 /* prepend to ackqueue*/
2884 lease_reference(&q->lease, lease, MDL);
2885 q->next = ackqueue_head;
2886 ackqueue_head = q;
2887 if (!ackqueue_tail)
2888 ackqueue_tail = q;
2889 else
2890 q->next->prev = q;
2891
2892 outstanding_acks++;
2893 if (outstanding_acks > max_outstanding_acks) {
2894 commit_leases();
2895
2896 /* Reset max_fsync and cancel any pending timeout. */
2897 memset(&max_fsync, 0, sizeof(max_fsync));
2898 cancel_timeout(commit_leases_ackout, NULL);
2899 } else {
2900 struct timeval next_fsync;
2901
2902 if (max_fsync.tv_sec == 0 && max_fsync.tv_usec == 0) {
2903 /* set the maximum time we'll wait */
2904 max_fsync.tv_sec = cur_tv.tv_sec + max_ack_delay_secs;
2905 max_fsync.tv_usec = cur_tv.tv_usec +
2906 max_ack_delay_usecs;
2907
2908 if (max_fsync.tv_usec >= 1000000) {
2909 max_fsync.tv_sec++;
2910 max_fsync.tv_usec -= 1000000;
2911 }
2912 }
2913
2914 /* Set the timeout */
2915 next_fsync.tv_sec = cur_tv.tv_sec;
2916 next_fsync.tv_usec = cur_tv.tv_usec + min_ack_delay_usecs;
2917 if (next_fsync.tv_usec >= 1000000) {
2918 next_fsync.tv_sec++;
2919 next_fsync.tv_usec -= 1000000;
2920 }
2921 /* but not more than the max */
2922 if ((next_fsync.tv_sec > max_fsync.tv_sec) ||
2923 ((next_fsync.tv_sec == max_fsync.tv_sec) &&
2924 (next_fsync.tv_usec > max_fsync.tv_usec))) {
2925 next_fsync.tv_sec = max_fsync.tv_sec;
2926 next_fsync.tv_usec = max_fsync.tv_usec;
2927 }
2928
2929 add_timeout(&next_fsync, commit_leases_ackout, NULL,
2930 (tvref_t) NULL, (tvunref_t) NULL);
2931 }
2932 }
2933
2934 static void
2935 commit_leases_ackout(void *foo)
2936 {
2937 if (outstanding_acks) {
2938 commit_leases();
2939
2940 memset(&max_fsync, 0, sizeof(max_fsync));
2941 }
2942 }
2943
2944 /* CC: process the delayed ACK responses:
2945 - send out the ACK packets
2946 - move the queue slots to the free list
2947 */
2948 void
2949 flush_ackqueue(void *foo)
2950 {
2951 struct leasequeue *ack, *p;
2952 /* process from bottom to retain packet order */
2953 for (ack = ackqueue_tail ; ack ; ack = p) {
2954 p = ack->prev;
2955
2956 /* dhcp_reply() requires that the reply state still be valid */
2957 if (ack->lease->state == NULL)
2958 log_error("delayed ack for %s has gone stale",
2959 piaddr(ack->lease->ip_addr));
2960 else
2961 dhcp_reply(ack->lease);
2962
2963 lease_dereference(&ack->lease, MDL);
2964 ack->next = free_ackqueue;
2965 free_ackqueue = ack;
2966 }
2967 ackqueue_head = NULL;
2968 ackqueue_tail = NULL;
2969 outstanding_acks = 0;
2970 }
2971
2972 #if defined (DEBUG_MEMORY_LEAKAGE_ON_EXIT)
2973 void
2974 relinquish_ackqueue(void)
2975 {
2976 struct leasequeue *q, *n;
2977
2978 for (q = ackqueue_head ; q ; q = n) {
2979 n = q->next;
2980 dfree(q, MDL);
2981 }
2982 for (q = free_ackqueue ; q ; q = n) {
2983 n = q->next;
2984 dfree(q, MDL);
2985 }
2986 }
2987 #endif
2988
2989 void dhcp_reply (lease)
2990 struct lease *lease;
2991 {
2992 int bufs = 0;
2993 unsigned packet_length;
2994 struct dhcp_packet raw;
2995 struct sockaddr_in to;
2996 struct in_addr from;
2997 struct hardware hto;
2998 int result;
2999 struct lease_state *state = lease -> state;
3000 int nulltp, bootpp, unicastp = 1;
3001 struct data_string d1;
3002 const char *s;
3003
3004 if (!state)
3005 log_fatal ("dhcp_reply was supplied lease with no state!");
3006
3007 /* Compose a response for the client... */
3008 memset (&raw, 0, sizeof raw);
3009 memset (&d1, 0, sizeof d1);
3010
3011 /* Copy in the filename if given; otherwise, flag the filename
3012 buffer as available for options. */
3013 if (state -> filename.len && state -> filename.data) {
3014 memcpy (raw.file,
3015 state -> filename.data,
3016 state -> filename.len > sizeof raw.file
3017 ? sizeof raw.file : state -> filename.len);
3018 if (sizeof raw.file > state -> filename.len)
3019 memset (&raw.file [state -> filename.len], 0,
3020 (sizeof raw.file) - state -> filename.len);
3021 else
3022 log_info("file name longer than packet field "
3023 "truncated - field: %lu name: %d %.*s",
3024 (unsigned long)sizeof(raw.file),
3025 state->filename.len, (int)state->filename.len,
3026 state->filename.data);
3027 } else
3028 bufs |= 1;
3029
3030 /* Copy in the server name if given; otherwise, flag the
3031 server_name buffer as available for options. */
3032 if (state -> server_name.len && state -> server_name.data) {
3033 memcpy (raw.sname,
3034 state -> server_name.data,
3035 state -> server_name.len > sizeof raw.sname
3036 ? sizeof raw.sname : state -> server_name.len);
3037 if (sizeof raw.sname > state -> server_name.len)
3038 memset (&raw.sname [state -> server_name.len], 0,
3039 (sizeof raw.sname) - state -> server_name.len);
3040 else
3041 log_info("server name longer than packet field "
3042 "truncated - field: %lu name: %d %.*s",
3043 (unsigned long)sizeof(raw.sname),
3044 state->server_name.len,
3045 (int)state->server_name.len,
3046 state->server_name.data);
3047 } else
3048 bufs |= 2; /* XXX */
3049
3050 memcpy (raw.chaddr,
3051 &lease -> hardware_addr.hbuf [1], sizeof raw.chaddr);
3052 raw.hlen = lease -> hardware_addr.hlen - 1;
3053 raw.htype = lease -> hardware_addr.hbuf [0];
3054
3055 /* See if this is a Microsoft client that NUL-terminates its
3056 strings and expects us to do likewise... */
3057 if (lease -> flags & MS_NULL_TERMINATION)
3058 nulltp = 1;
3059 else
3060 nulltp = 0;
3061
3062 /* See if this is a bootp client... */
3063 if (state -> offer)
3064 bootpp = 0;
3065 else
3066 bootpp = 1;
3067
3068 /* Insert such options as will fit into the buffer. */
3069 packet_length = cons_options (state -> packet, &raw, lease,
3070 (struct client_state *)0,
3071 state -> max_message_size,
3072 state -> packet -> options,
3073 state -> options, &global_scope,
3074 bufs, nulltp, bootpp,
3075 &state -> parameter_request_list,
3076 (char *)0);
3077
3078 memcpy (&raw.ciaddr, &state -> ciaddr, sizeof raw.ciaddr);
3079 memcpy (&raw.yiaddr, lease -> ip_addr.iabuf, 4);
3080 raw.siaddr = state -> siaddr;
3081 raw.giaddr = state -> giaddr;
3082
3083 raw.xid = state -> xid;
3084 raw.secs = state -> secs;
3085 raw.flags = state -> bootp_flags;
3086 raw.hops = state -> hops;
3087 raw.op = BOOTREPLY;
3088
3089 if (lease -> client_hostname) {
3090 if ((strlen (lease -> client_hostname) <= 64) &&
3091 db_printable((unsigned char *)lease->client_hostname))
3092 s = lease -> client_hostname;
3093 else
3094 s = "Hostname Unsuitable for Printing";
3095 } else
3096 s = (char *)0;
3097
3098 /* Say what we're doing... */
3099 log_info ("%s on %s to %s %s%s%svia %s",
3100 (state -> offer
3101 ? (state -> offer == DHCPACK ? "DHCPACK" : "DHCPOFFER")
3102 : "BOOTREPLY"),
3103 piaddr (lease -> ip_addr),
3104 (lease -> hardware_addr.hlen
3105 ? print_hw_addr (lease -> hardware_addr.hbuf [0],
3106 lease -> hardware_addr.hlen - 1,
3107 &lease -> hardware_addr.hbuf [1])
3108 : print_hex_1(lease->uid_len, lease->uid, 60)),
3109 s ? "(" : "", s ? s : "", s ? ") " : "",
3110 (state -> giaddr.s_addr
3111 ? inet_ntoa (state -> giaddr)
3112 : state -> ip -> name));
3113
3114 /* Set up the hardware address... */
3115 hto.hlen = lease -> hardware_addr.hlen;
3116 memcpy (hto.hbuf, lease -> hardware_addr.hbuf, hto.hlen);
3117
3118 to.sin_family = AF_INET;
3119 #ifdef HAVE_SA_LEN
3120 to.sin_len = sizeof to;
3121 #endif
3122 memset (to.sin_zero, 0, sizeof to.sin_zero);
3123
3124 #ifdef DEBUG_PACKET
3125 dump_raw ((unsigned char *)&raw, packet_length);
3126 #endif
3127
3128 /* Make sure outgoing packets are at least as big
3129 as a BOOTP packet. */
3130 if (packet_length < BOOTP_MIN_LEN)
3131 packet_length = BOOTP_MIN_LEN;
3132
3133 /* If this was gatewayed, send it back to the gateway... */
3134 if (raw.giaddr.s_addr) {
3135 to.sin_addr = raw.giaddr;
3136 if (raw.giaddr.s_addr != htonl (INADDR_LOOPBACK))
3137 to.sin_port = local_port;
3138 else
3139 to.sin_port = remote_port; /* For debugging. */
3140
3141 if (fallback_interface) {
3142 result = send_packet (fallback_interface,
3143 (struct packet *)0,
3144 &raw, packet_length,
3145 raw.siaddr, &to,
3146 (struct hardware *)0);
3147
3148 free_lease_state (state, MDL);
3149 lease -> state = (struct lease_state *)0;
3150 return;
3151 }
3152
3153 /* If the client is RENEWING, unicast to the client using the
3154 regular IP stack. Some clients, particularly those that
3155 follow RFC1541, are buggy, and send both ciaddr and server
3156 identifier. We deal with this situation by assuming that
3157 if we got both dhcp-server-identifier and ciaddr, and
3158 giaddr was not set, then the client is on the local
3159 network, and we can therefore unicast or broadcast to it
3160 successfully. A client in REQUESTING state on another
3161 network that's making this mistake will have set giaddr,
3162 and will therefore get a relayed response from the above
3163 code. */
3164 } else if (raw.ciaddr.s_addr &&
3165 !((state -> got_server_identifier ||
3166 (raw.flags & htons (BOOTP_BROADCAST))) &&
3167 /* XXX This won't work if giaddr isn't zero, but it is: */
3168 (state -> shared_network ==
3169 lease -> subnet -> shared_network)) &&
3170 state -> offer == DHCPACK) {
3171 to.sin_addr = raw.ciaddr;
3172 to.sin_port = remote_port;
3173
3174 if (fallback_interface) {
3175 result = send_packet (fallback_interface,
3176 (struct packet *)0,
3177 &raw, packet_length,
3178 raw.siaddr, &to,
3179 (struct hardware *)0);
3180 free_lease_state (state, MDL);
3181 lease -> state = (struct lease_state *)0;
3182 return;
3183 }
3184
3185 /* If it comes from a client that already knows its address
3186 and is not requesting a broadcast response, and we can
3187 unicast to a client without using the ARP protocol, sent it
3188 directly to that client. */
3189 } else if (!(raw.flags & htons (BOOTP_BROADCAST)) &&
3190 can_unicast_without_arp (state -> ip)) {
3191 to.sin_addr = raw.yiaddr;
3192 to.sin_port = remote_port;
3193
3194 /* Otherwise, broadcast it on the local network. */
3195 } else {
3196 to.sin_addr = limited_broadcast;
3197 to.sin_port = remote_port;
3198 if (!(lease -> flags & UNICAST_BROADCAST_HACK))
3199 unicastp = 0;
3200 }
3201
3202 memcpy (&from, state -> from.iabuf, sizeof from);
3203
3204 result = send_packet (state -> ip,
3205 (struct packet *)0, &raw, packet_length,
3206 from, &to,
3207 unicastp ? &hto : (struct hardware *)0);
3208
3209 /* Free all of the entries in the option_state structure
3210 now that we're done with them. */
3211
3212 free_lease_state (state, MDL);
3213 lease -> state = (struct lease_state *)0;
3214 }
3215
3216 int find_lease (struct lease **lp,
3217 struct packet *packet, struct shared_network *share, int *ours,
3218 int *peer_has_leases, struct lease *ip_lease_in,
3219 const char *file, int line)
3220 {
3221 struct lease *uid_lease = (struct lease *)0;
3222 struct lease *ip_lease = (struct lease *)0;
3223 struct lease *hw_lease = (struct lease *)0;
3224 struct lease *lease = (struct lease *)0;
3225 struct iaddr cip;
3226 struct host_decl *hp = (struct host_decl *)0;
3227 struct host_decl *host = (struct host_decl *)0;
3228 struct lease *fixed_lease = (struct lease *)0;
3229 struct lease *next = (struct lease *)0;
3230 struct option_cache *oc;
3231 struct data_string d1;
3232 int have_client_identifier = 0;
3233 struct data_string client_identifier;
3234 struct hardware h;
3235
3236 #if defined(FAILOVER_PROTOCOL)
3237 /* Quick check to see if the peer has leases. */
3238 if (peer_has_leases) {
3239 struct pool *pool;
3240
3241 for (pool = share->pools ; pool ; pool = pool->next) {
3242 dhcp_failover_state_t *peer = pool->failover_peer;
3243
3244 if (peer &&
3245 ((peer->i_am == primary && pool->backup_leases) ||
3246 (peer->i_am == secondary && pool->free_leases))) {
3247 *peer_has_leases = 1;
3248 break;
3249 }
3250 }
3251 }
3252 #endif /* FAILOVER_PROTOCOL */
3253
3254 if (packet -> raw -> ciaddr.s_addr) {
3255 cip.len = 4;
3256 memcpy (cip.iabuf, &packet -> raw -> ciaddr, 4);
3257 } else {
3258 /* Look up the requested address. */
3259 oc = lookup_option (&dhcp_universe, packet -> options,
3260 DHO_DHCP_REQUESTED_ADDRESS);
3261 memset (&d1, 0, sizeof d1);
3262 if (oc &&
3263 evaluate_option_cache (&d1, packet, (struct lease *)0,
3264 (struct client_state *)0,
3265 packet -> options,
3266 (struct option_state *)0,
3267 &global_scope, oc, MDL)) {
3268 packet -> got_requested_address = 1;
3269 cip.len = 4;
3270 memcpy (cip.iabuf, d1.data, cip.len);
3271 data_string_forget (&d1, MDL);
3272 } else
3273 cip.len = 0;
3274 }
3275
3276 /* Try to find a host or lease that's been assigned to the
3277 specified unique client identifier. */
3278 oc = lookup_option (&dhcp_universe, packet -> options,
3279 DHO_DHCP_CLIENT_IDENTIFIER);
3280 memset (&client_identifier, 0, sizeof client_identifier);
3281 if (oc &&
3282 evaluate_option_cache (&client_identifier,
3283 packet, (struct lease *)0,
3284 (struct client_state *)0,
3285 packet -> options, (struct option_state *)0,
3286 &global_scope, oc, MDL)) {
3287 /* Remember this for later. */
3288 have_client_identifier = 1;
3289
3290 /* First, try to find a fixed host entry for the specified
3291 client identifier... */
3292 if (find_hosts_by_uid (&hp, client_identifier.data,
3293 client_identifier.len, MDL)) {
3294 /* Remember if we know of this client. */
3295 packet -> known = 1;
3296 mockup_lease (&fixed_lease, packet, share, hp);
3297 }
3298
3299 #if defined (DEBUG_FIND_LEASE)
3300 if (fixed_lease) {
3301 log_info ("Found host for client identifier: %s.",
3302 piaddr (fixed_lease -> ip_addr));
3303 }
3304 #endif
3305 if (hp) {
3306 if (!fixed_lease) /* Save the host if we found one. */
3307 host_reference (&host, hp, MDL);
3308 host_dereference (&hp, MDL);
3309 }
3310
3311 find_lease_by_uid (&uid_lease, client_identifier.data,
3312 client_identifier.len, MDL);
3313 }
3314
3315 /* If we didn't find a fixed lease using the uid, try doing
3316 it with the hardware address... */
3317 if (!fixed_lease && !host) {
3318 if (find_hosts_by_haddr (&hp, packet -> raw -> htype,
3319 packet -> raw -> chaddr,
3320 packet -> raw -> hlen, MDL)) {
3321 /* Remember if we know of this client. */
3322 packet -> known = 1;
3323 if (host)
3324 host_dereference (&host, MDL);
3325 host_reference (&host, hp, MDL);
3326 host_dereference (&hp, MDL);
3327 mockup_lease (&fixed_lease, packet, share, host);
3328 #if defined (DEBUG_FIND_LEASE)
3329 if (fixed_lease) {
3330 log_info ("Found host for link address: %s.",
3331 piaddr (fixed_lease -> ip_addr));
3332 }
3333 #endif
3334 }
3335 }
3336
3337 /* Finally, if we haven't found anything yet try again with the
3338 * host-identifier option ... */
3339 if (!fixed_lease && !host) {
3340 if (find_hosts_by_option(&hp, packet,
3341 packet->options, MDL) == 1) {
3342 packet->known = 1;
3343 if (host)
3344 host_dereference(&host, MDL);
3345 host_reference(&host, hp, MDL);
3346 host_dereference(&hp, MDL);
3347 mockup_lease (&fixed_lease, packet, share, host);
3348 #if defined (DEBUG_FIND_LEASE)
3349 if (fixed_lease) {
3350 log_info ("Found host via host-identifier");
3351 }
3352 #endif
3353 }
3354 }
3355
3356 /* If fixed_lease is present but does not match the requested
3357 IP address, and this is a DHCPREQUEST, then we can't return
3358 any other lease, so we might as well return now. */
3359 if (packet -> packet_type == DHCPREQUEST && fixed_lease &&
3360 (fixed_lease -> ip_addr.len != cip.len ||
3361 memcmp (fixed_lease -> ip_addr.iabuf,
3362 cip.iabuf, cip.len))) {
3363 if (ours)
3364 *ours = 1;
3365 strcpy (dhcp_message, "requested address is incorrect");
3366 #if defined (DEBUG_FIND_LEASE)
3367 log_info ("Client's fixed-address %s doesn't match %s%s",
3368 piaddr (fixed_lease -> ip_addr), "request ",
3369 print_dotted_quads (cip.len, cip.iabuf));
3370 #endif
3371 goto out;
3372 }
3373
3374 /*
3375 * If we found leases matching the client identifier, loop through
3376 * the n_uid pointer looking for one that's actually valid. We
3377 * can't do this until we get here because we depend on
3378 * packet -> known, which may be set by either the uid host
3379 * lookup or the haddr host lookup.
3380 *
3381 * Note that the n_uid lease chain is sorted in order of
3382 * preference, so the first one is the best one.
3383 */
3384 while (uid_lease) {
3385 #if defined (DEBUG_FIND_LEASE)
3386 log_info ("trying next lease matching client id: %s",
3387 piaddr (uid_lease -> ip_addr));
3388 #endif
3389
3390 #if defined (FAILOVER_PROTOCOL)
3391 /*
3392 * When we lookup a lease by uid, we know the client identifier
3393 * matches the lease's record. If it is active, or was last
3394 * active with the same client, we can trivially extend it.
3395 * If is not or was not active, we can allocate it to this
3396 * client if it matches the usual free/backup criteria (which
3397 * is contained in lease_mine_to_reallocate()).
3398 */
3399 if (uid_lease->binding_state != FTS_ACTIVE &&
3400 uid_lease->rewind_binding_state != FTS_ACTIVE &&
3401 !lease_mine_to_reallocate(uid_lease)) {
3402 #if defined (DEBUG_FIND_LEASE)
3403 log_info("not active or not mine to allocate: %s",
3404 piaddr(uid_lease->ip_addr));
3405 #endif
3406 goto n_uid;
3407 }
3408 #endif
3409
3410 if (uid_lease -> subnet -> shared_network != share) {
3411 #if defined (DEBUG_FIND_LEASE)
3412 log_info ("wrong network segment: %s",
3413 piaddr (uid_lease -> ip_addr));
3414 #endif
3415 goto n_uid;
3416 }
3417
3418 if ((uid_lease -> pool -> prohibit_list &&
3419 permitted (packet, uid_lease -> pool -> prohibit_list)) ||
3420 (uid_lease -> pool -> permit_list &&
3421 !permitted (packet, uid_lease -> pool -> permit_list))) {
3422 #if defined (DEBUG_FIND_LEASE)
3423 log_info ("not permitted: %s",
3424 piaddr (uid_lease -> ip_addr));
3425 #endif
3426 n_uid:
3427 if (uid_lease -> n_uid)
3428 lease_reference (&next,
3429 uid_lease -> n_uid, MDL);
3430 if (!packet -> raw -> ciaddr.s_addr)
3431 release_lease (uid_lease, packet);
3432 lease_dereference (&uid_lease, MDL);
3433 if (next) {
3434 lease_reference (&uid_lease, next, MDL);
3435 lease_dereference (&next, MDL);
3436 }
3437 continue;
3438 }
3439 break;
3440 }
3441 #if defined (DEBUG_FIND_LEASE)
3442 if (uid_lease)
3443 log_info ("Found lease for client id: %s.",
3444 piaddr (uid_lease -> ip_addr));
3445 #endif
3446
3447 /* Find a lease whose hardware address matches, whose client
3448 * identifier matches (or equally doesn't have one), that's
3449 * permitted, and that's on the correct subnet.
3450 *
3451 * Note that the n_hw chain is sorted in order of preference, so
3452 * the first one found is the best one.
3453 */
3454 h.hlen = packet -> raw -> hlen + 1;
3455 h.hbuf [0] = packet -> raw -> htype;
3456 memcpy (&h.hbuf [1], packet -> raw -> chaddr, packet -> raw -> hlen);
3457 find_lease_by_hw_addr (&hw_lease, h.hbuf, h.hlen, MDL);
3458 while (hw_lease) {
3459 #if defined (DEBUG_FIND_LEASE)
3460 log_info ("trying next lease matching hw addr: %s",
3461 piaddr (hw_lease -> ip_addr));
3462 #endif
3463 #if defined (FAILOVER_PROTOCOL)
3464 /*
3465 * When we lookup a lease by chaddr, we know the MAC address
3466 * matches the lease record (we will check if the lease has a
3467 * client-id the client does not next). If the lease is
3468 * currently active or was last active with this client, we can
3469 * trivially extend it. Otherwise, there are a set of rules
3470 * that govern if we can reallocate this lease to any client
3471 * ("lease_mine_to_reallocate()") including this one.
3472 */
3473 if (hw_lease->binding_state != FTS_ACTIVE &&
3474 hw_lease->rewind_binding_state != FTS_ACTIVE &&
3475 !lease_mine_to_reallocate(hw_lease)) {
3476 #if defined (DEBUG_FIND_LEASE)
3477 log_info("not active or not mine to allocate: %s",
3478 piaddr(hw_lease->ip_addr));
3479 #endif
3480 goto n_hw;
3481 }
3482 #endif
3483
3484 /*
3485 * This conditional skips "potentially active" leases (leases
3486 * we think are expired may be extended by the peer, etc) that
3487 * may be assigned to a differently /client-identified/ client
3488 * with the same MAC address.
3489 */
3490 if (hw_lease -> binding_state != FTS_FREE &&
3491 hw_lease -> binding_state != FTS_BACKUP &&
3492 hw_lease -> uid &&
3493 (!have_client_identifier ||
3494 hw_lease -> uid_len != client_identifier.len ||
3495 memcmp (hw_lease -> uid, client_identifier.data,
3496 hw_lease -> uid_len))) {
3497 #if defined (DEBUG_FIND_LEASE)
3498 log_info ("wrong client identifier: %s",
3499 piaddr (hw_lease -> ip_addr));
3500 #endif
3501 goto n_hw;
3502 }
3503 if (hw_lease -> subnet -> shared_network != share) {
3504 #if defined (DEBUG_FIND_LEASE)
3505 log_info ("wrong network segment: %s",
3506 piaddr (hw_lease -> ip_addr));
3507 #endif
3508 goto n_hw;
3509 }
3510 if ((hw_lease -> pool -> prohibit_list &&
3511 permitted (packet, hw_lease -> pool -> prohibit_list)) ||
3512 (hw_lease -> pool -> permit_list &&
3513 !permitted (packet, hw_lease -> pool -> permit_list))) {
3514 #if defined (DEBUG_FIND_LEASE)
3515 log_info ("not permitted: %s",
3516 piaddr (hw_lease -> ip_addr));
3517 #endif
3518 if (!packet -> raw -> ciaddr.s_addr)
3519 release_lease (hw_lease, packet);
3520 n_hw:
3521 if (hw_lease -> n_hw)
3522 lease_reference (&next, hw_lease -> n_hw, MDL);
3523 lease_dereference (&hw_lease, MDL);
3524 if (next) {
3525 lease_reference (&hw_lease, next, MDL);
3526 lease_dereference (&next, MDL);
3527 }
3528 continue;
3529 }
3530 break;
3531 }
3532 #if defined (DEBUG_FIND_LEASE)
3533 if (hw_lease)
3534 log_info ("Found lease for hardware address: %s.",
3535 piaddr (hw_lease -> ip_addr));
3536 #endif
3537
3538 /* Try to find a lease that's been allocated to the client's
3539 IP address. */
3540 if (ip_lease_in)
3541 lease_reference (&ip_lease, ip_lease_in, MDL);
3542 else if (cip.len)
3543 find_lease_by_ip_addr (&ip_lease, cip, MDL);
3544
3545 #if defined (DEBUG_FIND_LEASE)
3546 if (ip_lease)
3547 log_info ("Found lease for requested address: %s.",
3548 piaddr (ip_lease -> ip_addr));
3549 #endif
3550
3551 /* If ip_lease is valid at this point, set ours to one, so that
3552 even if we choose a different lease, we know that the address
3553 the client was requesting was ours, and thus we can NAK it. */
3554 if (ip_lease && ours)
3555 *ours = 1;
3556
3557 /* If the requested IP address isn't on the network the packet
3558 came from, don't use it. Allow abandoned leases to be matched
3559 here - if the client is requesting it, there's a decent chance
3560 that it's because the lease database got trashed and a client
3561 that thought it had this lease answered an ARP or PING, causing the
3562 lease to be abandoned. If so, this request probably came from
3563 that client. */
3564 if (ip_lease && (ip_lease -> subnet -> shared_network != share)) {
3565 if (ours)
3566 *ours = 1;
3567 #if defined (DEBUG_FIND_LEASE)
3568 log_info ("...but it was on the wrong shared network.");
3569 #endif
3570 strcpy (dhcp_message, "requested address on bad subnet");
3571 lease_dereference (&ip_lease, MDL);
3572 }
3573
3574 /*
3575 * If the requested address is in use (or potentially in use) by
3576 * a different client, it can't be granted.
3577 *
3578 * This first conditional only detects if the lease is currently
3579 * identified to a different client (client-id and/or chaddr
3580 * mismatch). In this case we may not want to give the client the
3581 * lease, if doing so may potentially be an addressing conflict.
3582 */
3583 if (ip_lease &&
3584 (ip_lease -> uid ?
3585 (!have_client_identifier ||
3586 ip_lease -> uid_len != client_identifier.len ||
3587 memcmp (ip_lease -> uid, client_identifier.data,
3588 ip_lease -> uid_len)) :
3589 (ip_lease -> hardware_addr.hbuf [0] != packet -> raw -> htype ||
3590 ip_lease -> hardware_addr.hlen != packet -> raw -> hlen + 1 ||
3591 memcmp (&ip_lease -> hardware_addr.hbuf [1],
3592 packet -> raw -> chaddr,
3593 (unsigned)(ip_lease -> hardware_addr.hlen - 1))))) {
3594 /*
3595 * A lease is unavailable for allocation to a new client if
3596 * it is not in the FREE or BACKUP state. There may be
3597 * leases that are in the expired state with a rewinding
3598 * state that is free or backup, but these will be processed
3599 * into the free or backup states by expiration processes, so
3600 * checking for them here is superfluous.
3601 */
3602 if (ip_lease -> binding_state != FTS_FREE &&
3603 ip_lease -> binding_state != FTS_BACKUP) {
3604 #if defined (DEBUG_FIND_LEASE)
3605 log_info ("rejecting lease for requested address.");
3606 #endif
3607 /* If we're rejecting it because the peer has
3608 it, don't set "ours", because we shouldn't NAK. */
3609 if (ours && ip_lease -> binding_state != FTS_ACTIVE)
3610 *ours = 0;
3611 lease_dereference (&ip_lease, MDL);
3612 }
3613 }
3614
3615 /*
3616 * If we got an ip_lease and a uid_lease or hw_lease, and ip_lease
3617 * is/was not active, and is not ours to reallocate, forget about it.
3618 */
3619 if (ip_lease && (uid_lease || hw_lease) &&
3620 ip_lease->binding_state != FTS_ACTIVE &&
3621 ip_lease->rewind_binding_state != FTS_ACTIVE &&
3622 #if defined(FAILOVER_PROTOCOL)
3623 !lease_mine_to_reallocate(ip_lease) &&
3624 #endif
3625 packet->packet_type == DHCPDISCOVER) {
3626 #if defined (DEBUG_FIND_LEASE)
3627 log_info("ip lease not active or not ours to offer.");
3628 #endif
3629 lease_dereference(&ip_lease, MDL);
3630 }
3631
3632 /* If for some reason the client has more than one lease
3633 on the subnet that matches its uid, pick the one that
3634 it asked for and (if we can) free the other. */
3635 if (ip_lease && ip_lease->binding_state == FTS_ACTIVE &&
3636 ip_lease->uid && ip_lease != uid_lease) {
3637 if (have_client_identifier &&
3638 (ip_lease -> uid_len == client_identifier.len) &&
3639 !memcmp (client_identifier.data,
3640 ip_lease -> uid, ip_lease -> uid_len)) {
3641 if (uid_lease) {
3642 if (uid_lease->binding_state == FTS_ACTIVE) {
3643 log_error ("client %s has duplicate%s on %s",
3644 (print_hw_addr
3645 (packet -> raw -> htype,
3646 packet -> raw -> hlen,
3647 packet -> raw -> chaddr)),
3648 " leases",
3649 (ip_lease -> subnet ->
3650 shared_network -> name));
3651
3652 /* If the client is REQUESTing the lease,
3653 it shouldn't still be using the old
3654 one, so we can free it for allocation. */
3655 if (uid_lease &&
3656 uid_lease->binding_state == FTS_ACTIVE &&
3657 !packet -> raw -> ciaddr.s_addr &&
3658 (share ==
3659 uid_lease -> subnet -> shared_network) &&
3660 packet -> packet_type == DHCPREQUEST)
3661 release_lease (uid_lease, packet);
3662 }
3663 lease_dereference (&uid_lease, MDL);
3664 lease_reference (&uid_lease, ip_lease, MDL);
3665 }
3666 }
3667
3668 /* If we get to here and fixed_lease is not null, that means
3669 that there are both a dynamic lease and a fixed-address
3670 declaration for the same IP address. */
3671 if (packet -> packet_type == DHCPREQUEST && fixed_lease) {
3672 lease_dereference (&fixed_lease, MDL);
3673 db_conflict:
3674 log_error ("Dynamic and static leases present for %s.",
3675 piaddr (cip));
3676 log_error ("Remove host declaration %s or remove %s",
3677 (fixed_lease && fixed_lease -> host
3678 ? (fixed_lease -> host -> name
3679 ? fixed_lease -> host -> name
3680 : piaddr (cip))
3681 : piaddr (cip)),
3682 piaddr (cip));
3683 log_error ("from the dynamic address pool for %s",
3684 ip_lease -> subnet -> shared_network -> name
3685 );
3686 if (fixed_lease)
3687 lease_dereference (&ip_lease, MDL);
3688 strcpy (dhcp_message,
3689 "database conflict - call for help!");
3690 }
3691
3692 if (ip_lease && ip_lease != uid_lease) {
3693 #if defined (DEBUG_FIND_LEASE)
3694 log_info ("requested address not available.");
3695 #endif
3696 lease_dereference (&ip_lease, MDL);
3697 }
3698 }
3699
3700 /* If we get to here with both fixed_lease and ip_lease not
3701 null, then we have a configuration file bug. */
3702 if (packet -> packet_type == DHCPREQUEST && fixed_lease && ip_lease)
3703 goto db_conflict;
3704
3705 /* Toss extra pointers to the same lease... */
3706 if (hw_lease && hw_lease == uid_lease) {
3707 #if defined (DEBUG_FIND_LEASE)
3708 log_info ("hardware lease and uid lease are identical.");
3709 #endif
3710 lease_dereference (&hw_lease, MDL);
3711 }
3712 if (ip_lease && ip_lease == hw_lease) {
3713 lease_dereference (&hw_lease, MDL);
3714 #if defined (DEBUG_FIND_LEASE)
3715 log_info ("hardware lease and ip lease are identical.");
3716 #endif
3717 }
3718 if (ip_lease && ip_lease == uid_lease) {
3719 lease_dereference (&uid_lease, MDL);
3720 #if defined (DEBUG_FIND_LEASE)
3721 log_info ("uid lease and ip lease are identical.");
3722 #endif
3723 }
3724
3725 /* Make sure the client is permitted to use the requested lease. */
3726 if (ip_lease &&
3727 ((ip_lease -> pool -> prohibit_list &&
3728 permitted (packet, ip_lease -> pool -> prohibit_list)) ||
3729 (ip_lease -> pool -> permit_list &&
3730 !permitted (packet, ip_lease -> pool -> permit_list)))) {
3731 if (!packet->raw->ciaddr.s_addr &&
3732 (ip_lease->binding_state == FTS_ACTIVE))
3733 release_lease (ip_lease, packet);
3734
3735 lease_dereference (&ip_lease, MDL);
3736 }
3737
3738 if (uid_lease &&
3739 ((uid_lease -> pool -> prohibit_list &&
3740 permitted (packet, uid_lease -> pool -> prohibit_list)) ||
3741 (uid_lease -> pool -> permit_list &&
3742 !permitted (packet, uid_lease -> pool -> permit_list)))) {
3743 if (!packet -> raw -> ciaddr.s_addr)
3744 release_lease (uid_lease, packet);
3745 lease_dereference (&uid_lease, MDL);
3746 }
3747
3748 if (hw_lease &&
3749 ((hw_lease -> pool -> prohibit_list &&
3750 permitted (packet, hw_lease -> pool -> prohibit_list)) ||
3751 (hw_lease -> pool -> permit_list &&
3752 !permitted (packet, hw_lease -> pool -> permit_list)))) {
3753 if (!packet -> raw -> ciaddr.s_addr)
3754 release_lease (hw_lease, packet);
3755 lease_dereference (&hw_lease, MDL);
3756 }
3757
3758 /* If we've already eliminated the lease, it wasn't there to
3759 begin with. If we have come up with a matching lease,
3760 set the message to bad network in case we have to throw it out. */
3761 if (!ip_lease) {
3762 strcpy (dhcp_message, "requested address not available");
3763 }
3764
3765 /* If this is a DHCPREQUEST, make sure the lease we're going to return
3766 matches the requested IP address. If it doesn't, don't return a
3767 lease at all. */
3768 if (packet -> packet_type == DHCPREQUEST &&
3769 !ip_lease && !fixed_lease) {
3770 #if defined (DEBUG_FIND_LEASE)
3771 log_info ("no applicable lease found for DHCPREQUEST.");
3772 #endif
3773 goto out;
3774 }
3775
3776 /* At this point, if fixed_lease is nonzero, we can assign it to
3777 this client. */
3778 if (fixed_lease) {
3779 lease_reference (&lease, fixed_lease, MDL);
3780 lease_dereference (&fixed_lease, MDL);
3781 #if defined (DEBUG_FIND_LEASE)
3782 log_info ("choosing fixed address.");
3783 #endif
3784 }
3785
3786 /* If we got a lease that matched the ip address and don't have
3787 a better offer, use that; otherwise, release it. */
3788 if (ip_lease) {
3789 if (lease) {
3790 if (!packet -> raw -> ciaddr.s_addr)
3791 release_lease (ip_lease, packet);
3792 #if defined (DEBUG_FIND_LEASE)
3793 log_info ("not choosing requested address (!).");
3794 #endif
3795 } else {
3796 #if defined (DEBUG_FIND_LEASE)
3797 log_info ("choosing lease on requested address.");
3798 #endif
3799 lease_reference (&lease, ip_lease, MDL);
3800 if (lease -> host)
3801 host_dereference (&lease -> host, MDL);
3802 }
3803 lease_dereference (&ip_lease, MDL);
3804 }
3805
3806 /* If we got a lease that matched the client identifier, we may want
3807 to use it, but if we already have a lease we like, we must free
3808 the lease that matched the client identifier. */
3809 if (uid_lease) {
3810 if (lease) {
3811 log_error("uid lease %s for client %s is duplicate "
3812 "on %s",
3813 piaddr(uid_lease->ip_addr),
3814 print_hw_addr(packet->raw->htype,
3815 packet->raw->hlen,
3816 packet->raw->chaddr),
3817 uid_lease->subnet->shared_network->name);
3818
3819 if (!packet -> raw -> ciaddr.s_addr &&
3820 packet -> packet_type == DHCPREQUEST &&
3821 uid_lease -> binding_state == FTS_ACTIVE)
3822 release_lease(uid_lease, packet);
3823 #if defined (DEBUG_FIND_LEASE)
3824 log_info ("not choosing uid lease.");
3825 #endif
3826 } else {
3827 lease_reference (&lease, uid_lease, MDL);
3828 if (lease -> host)
3829 host_dereference (&lease -> host, MDL);
3830 #if defined (DEBUG_FIND_LEASE)
3831 log_info ("choosing uid lease.");
3832 #endif
3833 }
3834 lease_dereference (&uid_lease, MDL);
3835 }
3836
3837 /* The lease that matched the hardware address is treated likewise. */
3838 if (hw_lease) {
3839 if (lease) {
3840 #if defined (DEBUG_FIND_LEASE)
3841 log_info ("not choosing hardware lease.");
3842 #endif
3843 } else {
3844 /* We're a little lax here - if the client didn't
3845 send a client identifier and it's a bootp client,
3846 but the lease has a client identifier, we still
3847 let the client have a lease. */
3848 if (!hw_lease -> uid_len ||
3849 (have_client_identifier
3850 ? (hw_lease -> uid_len ==
3851 client_identifier.len &&
3852 !memcmp (hw_lease -> uid,
3853 client_identifier.data,
3854 client_identifier.len))
3855 : packet -> packet_type == 0)) {
3856 lease_reference (&lease, hw_lease, MDL);
3857 if (lease -> host)
3858 host_dereference (&lease -> host, MDL);
3859 #if defined (DEBUG_FIND_LEASE)
3860 log_info ("choosing hardware lease.");
3861 #endif
3862 } else {
3863 #if defined (DEBUG_FIND_LEASE)
3864 log_info ("not choosing hardware lease: %s.",
3865 "uid mismatch");
3866 #endif
3867 }
3868 }
3869 lease_dereference (&hw_lease, MDL);
3870 }
3871
3872 /*
3873 * If we found a host_decl but no matching address, try to
3874 * find a host_decl that has no address, and if there is one,
3875 * hang it off the lease so that we can use the supplied
3876 * options.
3877 */
3878 if (lease && host && !lease->host) {
3879 struct host_decl *p = NULL;
3880 struct host_decl *n = NULL;
3881
3882 host_reference(&p, host, MDL);
3883 while (p != NULL) {
3884 if (!p->fixed_addr) {
3885 /*
3886 * If the lease is currently active, then it
3887 * must be allocated to the present client.
3888 * We store a reference to the host record on
3889 * the lease to save a lookup later (in
3890 * ack_lease()). We mustn't refer to the host
3891 * record on non-active leases because the
3892 * client may be denied later.
3893 *
3894 * XXX: Not having this reference (such as in
3895 * DHCPDISCOVER/INIT) means ack_lease will have
3896 * to perform this lookup a second time. This
3897 * hopefully isn't a problem as DHCPREQUEST is
3898 * more common than DHCPDISCOVER.
3899 */
3900 if (lease->binding_state == FTS_ACTIVE)
3901 host_reference(&lease->host, p, MDL);
3902
3903 host_dereference(&p, MDL);
3904 break;
3905 }
3906 if (p->n_ipaddr != NULL)
3907 host_reference(&n, p->n_ipaddr, MDL);
3908 host_dereference(&p, MDL);
3909 if (n != NULL) {
3910 host_reference(&p, n, MDL);
3911 host_dereference(&n, MDL);
3912 }
3913 }
3914 }
3915
3916 /* If we find an abandoned lease, but it's the one the client
3917 requested, we assume that previous bugginess on the part
3918 of the client, or a server database loss, caused the lease to
3919 be abandoned, so we reclaim it and let the client have it. */
3920 if (lease &&
3921 (lease -> binding_state == FTS_ABANDONED) &&
3922 lease == ip_lease &&
3923 packet -> packet_type == DHCPREQUEST) {
3924 log_error ("Reclaiming REQUESTed abandoned IP address %s.",
3925 piaddr (lease -> ip_addr));
3926 } else if (lease && (lease -> binding_state == FTS_ABANDONED)) {
3927 /* Otherwise, if it's not the one the client requested, we do not
3928 return it - instead, we claim it's ours, causing a DHCPNAK to be
3929 sent if this lookup is for a DHCPREQUEST, and force the client
3930 to go back through the allocation process. */
3931 if (ours)
3932 *ours = 1;
3933 lease_dereference (&lease, MDL);
3934 }
3935
3936 out:
3937 if (have_client_identifier)
3938 data_string_forget (&client_identifier, MDL);
3939
3940 if (fixed_lease)
3941 lease_dereference (&fixed_lease, MDL);
3942 if (hw_lease)
3943 lease_dereference (&hw_lease, MDL);
3944 if (uid_lease)
3945 lease_dereference (&uid_lease, MDL);
3946 if (ip_lease)
3947 lease_dereference (&ip_lease, MDL);
3948 if (host)
3949 host_dereference (&host, MDL);
3950
3951 if (lease) {
3952 #if defined (DEBUG_FIND_LEASE)
3953 log_info ("Returning lease: %s.",
3954 piaddr (lease -> ip_addr));
3955 #endif
3956 lease_reference (lp, lease, file, line);
3957 lease_dereference (&lease, MDL);
3958 return 1;
3959 }
3960 #if defined (DEBUG_FIND_LEASE)
3961 log_info ("Not returning a lease.");
3962 #endif
3963 return 0;
3964 }
3965
3966 /* Search the provided host_decl structure list for an address that's on
3967 the specified shared network. If one is found, mock up and return a
3968 lease structure for it; otherwise return the null pointer. */
3969
3970 int mockup_lease (struct lease **lp, struct packet *packet,
3971 struct shared_network *share, struct host_decl *hp)
3972 {
3973 struct lease *lease = (struct lease *)0;
3974 struct host_decl *rhp = (struct host_decl *)0;
3975
3976 if (lease_allocate (&lease, MDL) != ISC_R_SUCCESS)
3977 return 0;
3978 if (host_reference (&rhp, hp, MDL) != ISC_R_SUCCESS) {
3979 lease_dereference (&lease, MDL);
3980 return 0;
3981 }
3982 if (!find_host_for_network (&lease -> subnet,
3983 &rhp, &lease -> ip_addr, share)) {
3984 lease_dereference (&lease, MDL);
3985 host_dereference (&rhp, MDL);
3986 return 0;
3987 }
3988 host_reference (&lease -> host, rhp, MDL);
3989 if (rhp -> client_identifier.len > sizeof lease -> uid_buf)
3990 lease -> uid = dmalloc (rhp -> client_identifier.len, MDL);
3991 else
3992 lease -> uid = lease -> uid_buf;
3993 if (!lease -> uid) {
3994 lease_dereference (&lease, MDL);
3995 host_dereference (&rhp, MDL);
3996 return 0;
3997 }
3998 memcpy (lease -> uid, rhp -> client_identifier.data,
3999 rhp -> client_identifier.len);
4000 lease -> uid_len = rhp -> client_identifier.len;
4001 lease -> hardware_addr = rhp -> interface;
4002 lease -> starts = lease -> cltt = lease -> ends = MIN_TIME;
4003 lease -> flags = STATIC_LEASE;
4004 lease -> binding_state = FTS_FREE;
4005
4006 lease_reference (lp, lease, MDL);
4007
4008 lease_dereference (&lease, MDL);
4009 host_dereference (&rhp, MDL);
4010 return 1;
4011 }
4012
4013 /* Look through all the pools in a list starting with the specified pool
4014 for a free lease. We try to find a virgin lease if we can. If we
4015 don't find a virgin lease, we try to find a non-virgin lease that's
4016 free. If we can't find one of those, we try to reclaim an abandoned
4017 lease. If all of these possibilities fail to pan out, we don't return
4018 a lease at all. */
4019
4020 int allocate_lease (struct lease **lp, struct packet *packet,
4021 struct pool *pool, int *peer_has_leases)
4022 {
4023 struct lease *lease = (struct lease *)0;
4024 struct lease *candl = (struct lease *)0;
4025
4026 for (; pool ; pool = pool -> next) {
4027 if ((pool -> prohibit_list &&
4028 permitted (packet, pool -> prohibit_list)) ||
4029 (pool -> permit_list &&
4030 !permitted (packet, pool -> permit_list)))
4031 continue;
4032
4033 #if defined (FAILOVER_PROTOCOL)
4034 /* Peer_has_leases just says that we found at least one
4035 free lease. If no free lease is returned, the caller
4036 can deduce that this means the peer is hogging all the
4037 free leases, so we can print a better error message. */
4038 /* XXX Do we need code here to ignore PEER_IS_OWNER and
4039 * XXX just check tstp if we're in, e.g., PARTNER_DOWN?
4040 * XXX Where do we deal with CONFLICT_DETECTED, et al? */
4041 /* XXX This should be handled by the lease binding "state
4042 * XXX machine" - that is, when we get here, if a lease
4043 * XXX could be allocated, it will have the correct
4044 * XXX binding state so that the following code will
4045 * XXX result in its being allocated. */
4046 /* Skip to the most expired lease in the pool that is not
4047 * owned by a failover peer. */
4048 if (pool->failover_peer != NULL) {
4049 if (pool->failover_peer->i_am == primary) {
4050 candl = pool->free;
4051
4052 /*
4053 * In normal operation, we never want to touch
4054 * the peer's leases. In partner-down
4055 * operation, we need to be able to pick up
4056 * the peer's leases after STOS+MCLT.
4057 */
4058 if (pool->backup != NULL) {
4059 if (((candl == NULL) ||
4060 (candl->ends >
4061 pool->backup->ends)) &&
4062 lease_mine_to_reallocate(
4063 pool->backup)) {
4064 candl = pool->backup;
4065 } else {
4066 *peer_has_leases = 1;
4067 }
4068 }
4069 } else {
4070 candl = pool->backup;
4071
4072 if (pool->free != NULL) {
4073 if (((candl == NULL) ||
4074 (candl->ends >
4075 pool->free->ends)) &&
4076 lease_mine_to_reallocate(
4077 pool->free)) {
4078 candl = pool->free;
4079 } else {
4080 *peer_has_leases = 1;
4081 }
4082 }
4083 }
4084
4085 /* Try abandoned leases as a last resort. */
4086 if ((candl == NULL) &&
4087 (pool->abandoned != NULL) &&
4088 lease_mine_to_reallocate(pool->abandoned))
4089 candl = pool->abandoned;
4090 } else
4091 #endif
4092 {
4093 if (pool -> free)
4094 candl = pool -> free;
4095 else
4096 candl = pool -> abandoned;
4097 }
4098
4099 /*
4100 * XXX: This may not match with documented expectation.
4101 * It's expected that when we OFFER a lease, we set its
4102 * ends time forward 2 minutes so that it gets sorted to
4103 * the end of its free list (avoiding a similar allocation
4104 * to another client). It is not expected that we issue a
4105 * "no free leases" error when the last lease has been
4106 * offered, but it's not exactly broken either.
4107 */
4108 if (!candl || (candl -> ends > cur_time))
4109 continue;
4110
4111 if (!lease) {
4112 lease = candl;
4113 continue;
4114 }
4115
4116 /*
4117 * There are tiers of lease state preference, listed here in
4118 * reverse order (least to most preferential):
4119 *
4120 * ABANDONED
4121 * FREE/BACKUP
4122 *
4123 * If the selected lease and candidate are both of the same
4124 * state, select the oldest (longest ago) expiration time
4125 * between the two. If the candidate lease is of a higher
4126 * preferred grade over the selected lease, use it.
4127 */
4128 if ((lease -> binding_state == FTS_ABANDONED) &&
4129 ((candl -> binding_state != FTS_ABANDONED) ||
4130 (candl -> ends < lease -> ends))) {
4131 lease = candl;
4132 continue;
4133 } else if (candl -> binding_state == FTS_ABANDONED)
4134 continue;
4135
4136 if ((lease -> uid_len || lease -> hardware_addr.hlen) &&
4137 ((!candl -> uid_len && !candl -> hardware_addr.hlen) ||
4138 (candl -> ends < lease -> ends))) {
4139 lease = candl;
4140 continue;
4141 } else if (candl -> uid_len || candl -> hardware_addr.hlen)
4142 continue;
4143
4144 if (candl -> ends < lease -> ends)
4145 lease = candl;
4146 }
4147
4148 if (lease != NULL) {
4149 if (lease->binding_state == FTS_ABANDONED)
4150 log_error("Reclaiming abandoned lease %s.",
4151 piaddr(lease->ip_addr));
4152
4153 /*
4154 * XXX: For reliability, we go ahead and remove the host
4155 * record and try to move on. For correctness, if there
4156 * are any other stale host vectors, we want to find them.
4157 */
4158 if (lease->host != NULL) {
4159 log_debug("soft impossible condition (%s:%d): stale "
4160 "host \"%s\" found on lease %s", MDL,
4161 lease->host->name,
4162 piaddr(lease->ip_addr));
4163 host_dereference(&lease->host, MDL);
4164 }
4165
4166 lease_reference (lp, lease, MDL);
4167 return 1;
4168 }
4169
4170 return 0;
4171 }
4172
4173 /* Determine whether or not a permit exists on a particular permit list
4174 that matches the specified packet, returning nonzero if so, zero if
4175 not. */
4176
4177 int permitted (packet, permit_list)
4178 struct packet *packet;
4179 struct permit *permit_list;
4180 {
4181 struct permit *p;
4182 int i;
4183
4184 for (p = permit_list; p; p = p -> next) {
4185 switch (p -> type) {
4186 case permit_unknown_clients:
4187 if (!packet -> known)
4188 return 1;
4189 break;
4190
4191 case permit_known_clients:
4192 if (packet -> known)
4193 return 1;
4194 break;
4195
4196 case permit_authenticated_clients:
4197 if (packet -> authenticated)
4198 return 1;
4199 break;
4200
4201 case permit_unauthenticated_clients:
4202 if (!packet -> authenticated)
4203 return 1;
4204 break;
4205
4206 case permit_all_clients:
4207 return 1;
4208
4209 case permit_dynamic_bootp_clients:
4210 if (!packet -> options_valid ||
4211 !packet -> packet_type)
4212 return 1;
4213 break;
4214
4215 case permit_class:
4216 for (i = 0; i < packet -> class_count; i++) {
4217 if (p -> class == packet -> classes [i])
4218 return 1;
4219 if (packet -> classes [i] &&
4220 packet -> classes [i] -> superclass &&
4221 (packet -> classes [i] -> superclass ==
4222 p -> class))
4223 return 1;
4224 }
4225 break;
4226
4227 case permit_after:
4228 if (cur_time > p->after)
4229 return 1;
4230 break;
4231 }
4232 }
4233 return 0;
4234 }
4235
4236 int locate_network (packet)
4237 struct packet *packet;
4238 {
4239 struct iaddr ia;
4240 struct data_string data;
4241 struct subnet *subnet = (struct subnet *)0;
4242 struct option_cache *oc;
4243
4244 /* See if there's a Relay Agent Link Selection Option, or a
4245 * Subnet Selection Option. The Link-Select and Subnet-Select
4246 * are formatted and used precisely the same, but we must prefer
4247 * the link-select over the subnet-select.
4248 */
4249 if ((oc = lookup_option(&agent_universe, packet->options,
4250 RAI_LINK_SELECT)) == NULL)
4251 oc = lookup_option(&dhcp_universe, packet->options,
4252 DHO_SUBNET_SELECTION);
4253
4254 /* If there's no SSO and no giaddr, then use the shared_network
4255 from the interface, if there is one. If not, fail. */
4256 if (!oc && !packet -> raw -> giaddr.s_addr) {
4257 if (packet -> interface -> shared_network) {
4258 shared_network_reference
4259 (&packet -> shared_network,
4260 packet -> interface -> shared_network, MDL);
4261 return 1;
4262 }
4263 return 0;
4264 }
4265
4266 /* If there's an option indicating link connection, and it's valid,
4267 * use it to figure out the subnet. If it's not valid, fail.
4268 */
4269 if (oc) {
4270 memset (&data, 0, sizeof data);
4271 if (!evaluate_option_cache (&data, packet, (struct lease *)0,
4272 (struct client_state *)0,
4273 packet -> options,
4274 (struct option_state *)0,
4275 &global_scope, oc, MDL)) {
4276 return 0;
4277 }
4278 if (data.len != 4) {
4279 return 0;
4280 }
4281 ia.len = 4;
4282 memcpy (ia.iabuf, data.data, 4);
4283 data_string_forget (&data, MDL);
4284 } else {
4285 ia.len = 4;
4286 memcpy (ia.iabuf, &packet -> raw -> giaddr, 4);
4287 }
4288
4289 /* If we know the subnet on which the IP address lives, use it. */
4290 if (find_subnet (&subnet, ia, MDL)) {
4291 shared_network_reference (&packet -> shared_network,
4292 subnet -> shared_network, MDL);
4293 subnet_dereference (&subnet, MDL);
4294 return 1;
4295 }
4296
4297 /* Otherwise, fail. */
4298 return 0;
4299 }
4300
4301 /*
4302 * Try to figure out the source address to send packets from.
4303 *
4304 * If the packet we received specified the server address, then we
4305 * will use that.
4306 *
4307 * Otherwise, use the first address from the interface. If we do
4308 * this, we also save this into the option cache as the server
4309 * address.
4310 */
4311 void
4312 get_server_source_address(struct in_addr *from,
4313 struct option_state *options,
4314 struct packet *packet) {
4315 unsigned option_num;
4316 struct option_cache *oc;
4317 struct data_string d;
4318 struct in_addr *a;
4319
4320 memset(&d, 0, sizeof(d));
4321
4322 option_num = DHO_DHCP_SERVER_IDENTIFIER;
4323 oc = lookup_option(&dhcp_universe, options, option_num);
4324 if ((oc != NULL) &&
4325 evaluate_option_cache(&d, packet, NULL, NULL, packet->options,
4326 options, &global_scope, oc, MDL)) {
4327 if (d.len == sizeof(*from)) {
4328 memcpy(from, d.data, sizeof(*from));
4329 data_string_forget(&d, MDL);
4330 return;
4331 }
4332 data_string_forget(&d, MDL);
4333 }
4334
4335 if (packet->interface->address_count > 0) {
4336 if (option_cache_allocate(&oc, MDL)) {
4337 a = &packet->interface->addresses[0];
4338 if (make_const_data(&oc->expression,
4339 (unsigned char *)a, sizeof(*a),
4340 0, 0, MDL)) {
4341 option_code_hash_lookup(&oc->option,
4342 dhcp_universe.code_hash,
4343 &option_num, 0, MDL);
4344 save_option(&dhcp_universe, options, oc);
4345 }
4346 option_cache_dereference(&oc, MDL);
4347 }
4348 *from = packet->interface->addresses[0];
4349 } else {
4350 memset(from, 0, sizeof(*from));
4351 }
4352 }
4353
4354 /*
4355 * Look for the lowest numbered site code number and
4356 * apply a log warning if it is less than 224. Do not
4357 * permit site codes less than 128 (old code never did).
4358 *
4359 * Note that we could search option codes 224 down to 128
4360 * on the hash table, but the table is (probably) smaller
4361 * than that if it was declared as a standalone table with
4362 * defaults. So we traverse the option code hash.
4363 */
4364 static int
4365 find_min_site_code(struct universe *u)
4366 {
4367 if (u->site_code_min)
4368 return u->site_code_min;
4369
4370 /*
4371 * Note that site_code_min has to be global as we can't pass an
4372 * argument through hash_foreach(). The value 224 is taken from
4373 * RFC 3942.
4374 */
4375 site_code_min = 224;
4376 option_code_hash_foreach(u->code_hash, lowest_site_code);
4377
4378 if (site_code_min < 224) {
4379 log_error("WARNING: site-local option codes less than 224 have "
4380 "been deprecated by RFC3942. You have options "
4381 "listed in site local space %s that number as low as "
4382 "%d. Please investigate if these should be declared "
4383 "as regular options rather than site-local options, "
4384 "or migrated up past 224.",
4385 u->name, site_code_min);
4386 }
4387
4388 /*
4389 * don't even bother logging, this is just silly, and never worked
4390 * on any old version of software.
4391 */
4392 if (site_code_min < 128)
4393 site_code_min = 128;
4394
4395 /*
4396 * Cache the determined minimum site code on the universe structure.
4397 * Note that due to the < 128 check above, a value of zero is
4398 * impossible.
4399 */
4400 u->site_code_min = site_code_min;
4401
4402 return site_code_min;
4403 }
4404
4405 static isc_result_t
4406 lowest_site_code(const void *key, unsigned len, void *object)
4407 {
4408 struct option *option = object;
4409
4410 if (option->code < site_code_min)
4411 site_code_min = option->code;
4412
4413 return ISC_R_SUCCESS;
4414 }
4415
4416 static void
4417 maybe_return_agent_options(struct packet *packet, struct option_state *options)
4418 {
4419 /* If there were agent options in the incoming packet, return
4420 * them. Do not return the agent options if they were stashed
4421 * on the lease. We do not check giaddr to detect the presence of
4422 * a relay, as this excludes "l2" relay agents which have no giaddr
4423 * to set.
4424 *
4425 * XXX: If the user configures options for the relay agent information
4426 * (state->options->universes[agent_universe.index] is not NULL),
4427 * we're still required to duplicate other values provided by the
4428 * relay agent. So we need to merge the old values not configured
4429 * by the user into the new state, not just give up.
4430 */
4431 if (!packet->agent_options_stashed &&
4432 packet->options->universe_count > agent_universe.index &&
4433 packet->options->universes[agent_universe.index] != NULL &&
4434 (options->universe_count <= agent_universe.index ||
4435 options->universes[agent_universe.index] == NULL)) {
4436 option_chain_head_reference
4437 ((struct option_chain_head **)
4438 &(options->universes[agent_universe.index]),
4439 (struct option_chain_head *)
4440 packet->options->universes[agent_universe.index], MDL);
4441
4442 if (options->universe_count <= agent_universe.index)
4443 options->universe_count = agent_universe.index + 1;
4444 }
4445 }
Mirror of https://github.com/isc-projects/dhcp.git