From: Shawn Routhier <sar@isc.org>
Date: Thu, 11 Oct 2012 21:30:24 +0000 (-0700)
Subject: [master]
X-Git-Tag: v4_3_0a1~64
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dbd65517691c76acab15ab0059ec56d70ff72597;p=thirdparty%2Fdhcp.git

[master]
[ISC-Bugs #26108]
Add a compile time option, enable-secs-byteorder, to deal with
clients that do the byte ordering on the secs field incorrectly.
This field should be in network byte order but some clients
get it wrong.  When this option is enabled the server will examine
the secs field and if it looks wrong (high byte non zero and low
byte zero) swap the bytes.  The default is disabled.  This option
is only useful when doing load balancing within failover.
---

diff --git a/README b/README
index 96944bed2..7e49c4899 100644
--- a/README
+++ b/README
@@ -148,6 +148,11 @@ system; otherwise, it will complain.  If it can't figure out what
 system you are using, that system is not supported - you are on
 your own.
 
+Several options may be enabled or disabled via the configure command.
+You can get a list of these by typing:
+
+	./configure --help
+
 			 DYNAMIC DNS UPDATES
 
 A fully-featured implementation of dynamic DNS updates is included in
diff --git a/RELNOTES b/RELNOTES
index 87894fc21..fa26756ea 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -133,6 +133,15 @@ work on other platforms. Please report any problems and suggested fixes to
   freed in other cases.
   [ISC-Bugs #30320]
 
+- Add a compile time option, enable-secs-byteorder, to deal with
+  clients that do the byte ordering on the secs field incorrectly.
+  This field should be in network byte order but some clients
+  get it wrong.  When this option is enabled the server will examine
+  the secs field and if it looks wrong (high byte non zero and low
+  byte zero) swap the bytes.  The default is disabled.  This option
+  is only useful when doing load balancing within failover.
+  [ISC-Bugs #26108]
+
 			Changes since 4.2.3
 
 ! Add a check for a null pointer before calling the regexec function.
diff --git a/configure.ac b/configure.ac
index e9b1558cd..35833f4eb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -169,6 +169,17 @@ if test "$enable_use_sockets" = "yes"; then
 		[Define to 1 to use the standard BSD socket API.])
 fi
 
+# Try to hnadle incorrect byte order for secs field
+# This is off by default
+AC_ARG_ENABLE(secs_byteorder,
+	AC_HELP_STRING([--enable-secs-byteorder],
+		[Correct bad byteorders in the secs field (default is no).]))
+
+if test "$enable_secs_byteorder" = "yes" ; then
+	AC_DEFINE([SECS_BYTEORDER], [1],
+		[Define to correct bad byteorders in secs field.])
+fi
+
 # Testing section
 
 atf_path="no"
diff --git a/server/failover.c b/server/failover.c
index 5a6d37fc3..56b07aa9d 100644
--- a/server/failover.c
+++ b/server/failover.c
@@ -5840,38 +5840,52 @@ int load_balance_mine (struct packet *packet, dhcp_failover_state_t *state)
 	struct data_string ds;
 	unsigned char hbaix;
 	int hm;
+	u_int16_t ec; 
 
-	if (state -> load_balance_max_secs < ntohs (packet -> raw -> secs)) {
-		return 1;
+	ec = ntohs(packet->raw->secs);
+
+#if defined(SECS_BYTEORDER)
+	/*
+	 * If desired check to see if the secs field may have been byte
+	 * swapped.  We assume it has if the high order byte isn't cleared
+	 * while the low order byte is cleared.  In this case we swap the
+	 * bytes and continue processing.
+	 */
+	if ((ec > 255) && ((ec & 0xff) == 0)) {
+		ec = (ec >> 8) | (ec << 8);
+	}
+#endif
+
+	if (state->load_balance_max_secs < ec) {
+		return (1);
 	}
 
 	/* If we don't have a hash bucket array, we can't tell if this
 	   one's ours, so we assume it's not. */
-	if (!state -> hba)
-		return 0;
+	if (!state->hba)
+		return (0);
 
-	oc = lookup_option (&dhcp_universe, packet -> options,
-			    DHO_DHCP_CLIENT_IDENTIFIER);
-	memset (&ds, 0, sizeof ds);
+	oc = lookup_option(&dhcp_universe, packet->options,
+			   DHO_DHCP_CLIENT_IDENTIFIER);
+	memset(&ds, 0, sizeof ds);
 	if (oc &&
-	    evaluate_option_cache (&ds, packet, (struct lease *)0,
-				   (struct client_state *)0,
-				   packet -> options, (struct option_state *)0,
-				   &global_scope, oc, MDL)) {
-		hbaix = loadb_p_hash (ds.data, ds.len);
+	    evaluate_option_cache(&ds, packet, NULL, NULL,
+				  packet->options, NULL,
+				  &global_scope, oc, MDL)) {
+		hbaix = loadb_p_hash(ds.data, ds.len);
 
 		data_string_forget(&ds, MDL);
 	} else {
-		hbaix = loadb_p_hash (packet -> raw -> chaddr,
-				      packet -> raw -> hlen);
+		hbaix = loadb_p_hash(packet->raw->chaddr,
+				     packet->raw->hlen);
 	}
 
 	hm = state->hba[(hbaix >> 3) & 0x1F] & (1 << (hbaix & 0x07));
 
-	if (state -> i_am == primary)
-		return hm;
+	if (state->i_am == primary)
+		return (hm);
 	else
-		return !hm;
+		return (!hm);
 }
 
 /* The inverse of load_balance_mine ("load balance theirs").  We can't
diff --git a/server/tests/Makefile.am b/server/tests/Makefile.am
index e840fd089..6e5b79e0b 100644
--- a/server/tests/Makefile.am
+++ b/server/tests/Makefile.am
@@ -28,7 +28,7 @@ if HAVE_ATF
 check: $(ATF_TESTS)
 	atf-run | atf-report
 
-ATF_TESTS += dhcpd_unittests legacy_unittests hash_unittests
+ATF_TESTS += dhcpd_unittests legacy_unittests hash_unittests load_bal_unittests
 
 dhcpd_unittests_SOURCES = $(DHCPSRC)
 dhcpd_unittests_SOURCES += simple_unittest.c
@@ -46,6 +46,9 @@ hash_unittests_LDADD = $(DHCPLIBS) $(ATF_LDFLAGS)
 legacy_unittests_SOURCES = $(DHCPSRC) mdb6_unittest.c
 legacy_unittests_LDADD = $(DHCPLIBS) $(ATF_LDFLAGS)
 
+load_bal_unittests_SOURCES = $(DHCPSRC) load_bal_unittest.c
+load_bal_unittests_LDADD = $(DHCPLIBS) $(ATF_LDFLAGS)
+
 endif
 
 check_PROGRAMS = $(ATF_TESTS) $(TESTS)
diff --git a/server/tests/load_bal_unittest.c b/server/tests/load_bal_unittest.c
new file mode 100644
index 000000000..1500f34dc
--- /dev/null
+++ b/server/tests/load_bal_unittest.c
@@ -0,0 +1,191 @@
+/*
+ * Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include "dhcpd.h"
+
+#include <atf-c.h>
+
+/*
+ * Test the load balancing code.  
+ *
+ * The two main variables are:
+ * packet => the "packet" being processed
+ * state  => the "state" of the failover peer
+ * We only fill in the fields necessary for our testing
+ * packet->raw->secs   => amount of time the client has been trying
+ * packet->raw->hlen   => the length of the mac address of the client
+ * packet->raw->chaddr => the mac address of the client
+ * To simplify the tests the mac address will be only 1 byte long and
+ * not really matter.  Instead the hba will be all 1s and the tests
+ * will use the primary/secondary flag to change the expected result.
+ *
+ * state->i_am => primary or secondary
+ * state->load_balance_max_secs => maxixum time for a client to be trying
+ *                                 before the other peer responds
+ *                                 set to 5 for these tests
+ * state->hba = array of hash buckets assigning the hash to primary or secondary
+ *              set to all ones (all primary) for theses tests
+ */
+
+ATF_TC(load_balance);
+
+ATF_TC_HEAD(load_balance, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "This test case checks that "
+			  "load balancing works.");
+}
+
+ATF_TC_BODY(load_balance, tc)
+{
+	struct packet packet;
+	struct dhcp_packet raw;
+	dhcp_failover_state_t pstate, sstate;
+	u_int8_t hba[256];
+
+	memset(&packet, 0, sizeof(struct packet));
+	memset(&raw, 0, sizeof(struct dhcp_packet));
+	packet.raw = &raw;
+	raw.hlen = 1;
+	raw.chaddr[0] = 14;
+
+	memset(hba, 0xFF, 256);
+
+	/* primary state */
+	memset(&pstate, 0, sizeof(dhcp_failover_state_t));
+	pstate.i_am = primary;
+	pstate.load_balance_max_secs = 5;
+	pstate.hba = hba;
+
+	/* secondary state, we can reuse the hba as it doesn't change */
+	memset(&sstate, 0, sizeof(dhcp_failover_state_t));
+	sstate.i_am = secondary;
+	sstate.load_balance_max_secs = 5;
+	sstate.hba = hba;
+
+	/* Basic check, primary accepted, secondary not */
+	raw.secs = htons(0);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 0) {
+		atf_tc_fail("ERROR: secondary accepted %s:%d", MDL);
+	}
+	
+
+	/* Timeout not exceeded, primary accepted, secondary not */
+	raw.secs = htons(2);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 0) {
+		atf_tc_fail("ERROR: secondary accepted %s:%d", MDL);
+	}
+	
+	/* Timeout exceeded, both accepted */
+	raw.secs = htons(6);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 1) {
+		atf_tc_fail("ERROR: secondary not accepted %s:%d", MDL);
+	}
+
+	/* Timeout exeeded with a large value, both accepted */
+	raw.secs = htons(257);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 1) {
+		atf_tc_fail("ERROR: secondary not accepted %s:%d", MDL);
+	}
+	
+}
+
+ATF_TC(load_balance_swap);
+
+ATF_TC_HEAD(load_balance_swap, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "This test case checks that "
+			  "load balancing works with byteswapping.");
+}
+
+ATF_TC_BODY(load_balance_swap, tc)
+{
+#if defined(SECS_BYTEORDER)
+	struct packet packet;
+	struct dhcp_packet raw;
+	dhcp_failover_state_t pstate, sstate;
+	u_int8_t hba[256];
+
+	memset(&packet, 0, sizeof(struct packet));
+	memset(&raw, 0, sizeof(struct dhcp_packet));
+	packet.raw = &raw;
+	raw.hlen = 1;
+	raw.chaddr[0] = 14;
+
+	memset(hba, 0xFF, 256);
+
+	/* primary state */
+	memset(&pstate, 0, sizeof(dhcp_failover_state_t));
+	pstate.i_am = primary;
+	pstate.load_balance_max_secs = 5;
+	pstate.hba = hba;
+
+	/* secondary state, we can reuse the hba as it doesn't change */
+	memset(&sstate, 0, sizeof(dhcp_failover_state_t));
+	sstate.i_am = secondary;
+	sstate.load_balance_max_secs = 5;
+	sstate.hba = hba;
+
+	/* Small byteswapped timeout, primary accepted, secondary not*/
+	raw.secs = htons(256);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 0) {
+		atf_tc_fail("ERROR: secondary accepted %s:%d", MDL);
+	}
+
+	/* Large byteswapped timeout, both accepted*/
+	raw.secs = htons(256 * 6);
+	if (load_balance_mine(&packet, &pstate) != 1) {
+		atf_tc_fail("ERROR: primary not accepted %s:%d", MDL);
+	}
+
+	if (load_balance_mine(&packet, &sstate) != 1) {
+		atf_tc_fail("ERROR: secondary not accepted %s:%d", MDL);
+	}
+	
+#else
+	atf_tc_skip("SECS_BYTEORDER not defined");
+#endif
+}
+
+
+ATF_TP_ADD_TCS(tp)
+{
+	ATF_TP_ADD_TC(tp, load_balance);
+	ATF_TP_ADD_TC(tp, load_balance_swap);
+
+	return (atf_no_error());
+}