Improve documentation for setting up authentication.
auth_len = (size_t)dhcp_auth_encode(&ifo->auth,
state->auth.token,
NULL, 0, 4, type, NULL, 0);
- if (auth_len > 0) {
+ if ((ssize_t)auth_len == -1)
+ syslog(LOG_ERR, "%s: dhcp_auth_encode: %m",
+ iface->name);
+ else if (auth_len > 0) {
len = (size_t)((p + auth_len) - m);
if (auth_len > 255 || len > sizeof(*dhcp))
goto toobig;
*p++ = (uint8_t)auth_len;
auth = p;
p += auth_len;
- } else if ((ssize_t)auth_len == -1)
- syslog(LOG_ERR, "%s: dhcp_auth_encode: %m",
- iface->name);
+ }
}
*p++ = DHO_END;
if (ifo->auth.options & DHCPCD_AUTH_SEND) {
auth_len = (size_t)dhcp_auth_encode(&ifo->auth,
state->auth.token, NULL, 0, 6, type, NULL, 0);
- if ((ssize_t)auth_len == -1)
+ if ((ssize_t)auth_len == -1) {
+ syslog(LOG_ERR, "%s: dhcp_auth_encode: %m",
+ ifp->name);
auth_len = 0;
- else if (auth_len> 0)
+ } else if (auth_len> 0)
len += sizeof(*o) + auth_len;
} else
auth_len = 0; /* appease GCC */
dhcp6_update_auth(ifp, state->send, state->send_len) == -1)
{
syslog(LOG_ERR, "%s: dhcp6_updateauth: %m", ifp->name);
- return -1;
+ if (errno != ESRCH)
+ return -1;
}
ctx = ifp->ctx->ipv6;
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd July 14, 2014
+.Dd August 7, 2014
.Dt DHCPCD.CONF 5
.Os
.Sh NAME
.D1 static ip_address=192.168.0.10/24
.It Ic authprotocol Ar protocol Ar algorithm Ar rdm
Authenticate DHCP messages.
-See the Supported Protocols section.
+See the Supported Authentication Protocols section.
.It Ic authtoken Ar secretid Ar realm Ar expire Ar key
Define a shared key for use in authentication.
.Ar realm can be "" to for use with the
or
.Ar 0
which means the token never expires.
+For the token protocol,
+.Ar secretid
+needs to be 0 and
+.Ar realm
+needs to be "".
+If
+.Nm dhcpcd
+has the error
+.D1 dhcp_auth_encode: Invalid argument
+then it means that
+.Nm dhcpcd
+could not find the correct authentication token in your configuration.
.It Ic background
Background immediately.
This is useful for startup scripts which don't disable link messages for
.D1 embed uint32 enterprise_number
.D1 # Options defined for the enterprise number
.D1 encap 1 ipaddress ipaddress
-.Ss Supported protocols
+.Ss Supported Authentication Protocols
.Bl -tag -width -indent
.It Ic token
-Sends and expects the token with the secretid 0 in each message.
+Sends and expects the token with the secretid 0 and realm of "" in each message.
.It Ic delayedrealm
Delayed Authentication.
.Nm dhcpcd
.It Ic delayed
Same as above, but without a realm.
.El
-.Ss Supported algorithms
+.Ss Supported Authentication Algorithms
If none specified,
.Ic hmac-md5
is the default.
projects / thirdparty / dhcpcd.git / commitdiff
