DHCP: Split hardware address randomisation out of anonymous option

A 3rd party might want to control the randomisation.

diff --git a/src/dhcpcd.c b/src/dhcpcd.c
index 13480b48637cb1ae532d9ff6c17967bf54dfe8fd..97417e2557c6d683836669bb67f3a042a291aabe 100644 (file)
--- a/src/dhcpcd.c
+++ b/src/dhcpcd.c
@@ -734,9 +734,7 @@ dhcpcd_handlecarrier(struct interface *ifp, int carrier, unsigned int flags)
                 * Preserve the network state until we either disconnect
                 * or re-connect.
                 */
-               if (!(ifp->options->options & DHCPCD_ANONYMOUS) &&
-                   if_roaming(ifp))
-               {
+               if (!ifp->options->randomise_hwaddr && if_roaming(ifp)) {
                        dhcpcd_nocarrier_roaming(ifp);
                        return;
                }
@@ -745,7 +743,7 @@ dhcpcd_handlecarrier(struct interface *ifp, int carrier, unsigned int flags)
                script_runreason(ifp, "NOCARRIER");
                dhcpcd_drop(ifp, 0);
 
-               if (ifp->options->options & DHCPCD_ANONYMOUS) {
+               if (ifp->options->randomise_hwaddr) {
                        bool is_up = ifp->flags & IFF_UP;
 
                        if (is_up)
@@ -971,22 +969,22 @@ dhcpcd_prestartinterface(void *arg)
 {
        struct interface *ifp = arg;
        struct dhcpcd_ctx *ctx = ifp->ctx;
-       bool anondown;
+       bool randmac_down;
 
        if (ifp->carrier <= LINK_DOWN &&
-           ifp->options->options & DHCPCD_ANONYMOUS &&
+           ifp->options->randomise_hwaddr &&
            ifp->flags & IFF_UP)
        {
                if_down(ifp);
-               anondown = true;
+               randmac_down = true;
        } else
-               anondown = false;
+               randmac_down = false;
 
        if ((!(ctx->options & DHCPCD_MASTER) ||
-           ifp->options->options & DHCPCD_IF_UP || anondown) &&
+           ifp->options->options & DHCPCD_IF_UP || randmac_down) &&
            !(ifp->flags & IFF_UP))
        {
-               if (ifp->options->options & DHCPCD_ANONYMOUS &&
+               if (ifp->options->randomise_hwaddr &&
                    if_randomisemac(ifp) == -1)
                        logerr(__func__);
                if (if_up(ifp) == -1)

diff --git a/src/dhcpcd.conf.5.in b/src/dhcpcd.conf.5.in
index 2afb23c0b140954d10f5b24b3ceb44b2d4d2bd6e..fb89580dad5ec71e0daee7f23042c8919ce2e5a2 100644 (file)
--- a/src/dhcpcd.conf.5.in
+++ b/src/dhcpcd.conf.5.in
@@ -24,7 +24,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd November 25, 2020
+.Dd December 27, 2020
 .Dt DHCPCD.CONF 5
 .Os
 .Sh NAME
@@ -61,9 +61,7 @@ which is a space or comma separated list of patterns passed to
 .Xr fnmatch 3 .
 .It Ic anonymous
 Enables Anonymity Profiles for DHCP, RFC 7844.
-This implementation forces a hardware address randomisaton when
-the interface link is down and that ClientID's are only LL.
-Any DUID is ignored.
+Any DUID is ignored and ClientID is set to LL only.
 All non essential options are then masked at this point,
 but they could be unmasked by explicitly requesting the option
 .Sy after
@@ -79,6 +77,10 @@ send something which could identify you.
 .Nm dhcpcd
 will not try and reboot an old lease, it will go straight into
 DISCOVER/SOLICIT.
+.It Ic randomise_hwaddr
+Forces a hardware address randomisation when the interface is brought up
+or when the carrier is lost.
+This is generally used in tandem with the anonymous option.
 .It Ic arping Ar address Op address
 .Nm dhcpcd
 will arping each address in order before attempting DHCP.

diff --git a/src/if-options.c b/src/if-options.c
index 509db378d5b9063aec3003583adca0219a64a4b5..881591a67ed02c1476be41eb70a5ac1908639bd6 100644 (file)
--- a/src/if-options.c
+++ b/src/if-options.c
@@ -120,6 +120,7 @@ const struct option cf_options[] = {
        {"ipv4only",        no_argument,       NULL, '4'},
        {"ipv6only",        no_argument,       NULL, '6'},
        {"anonymous",       no_argument,       NULL, O_ANONYMOUS},
+       {"randomise_hwaddr",no_argument,       NULL, O_RANDOMISE_HWADDR},
        {"arping",          required_argument, NULL, O_ARPING},
        {"destination",     required_argument, NULL, O_DESTINATION},
        {"fallback",        required_argument, NULL, O_FALLBACK},
@@ -1303,6 +1304,9 @@ parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
                del_option_mask(ifo->nomask6, D6_OPTION_INF_MAX_RT);
 #endif
 
+               break;
+       case O_RANDOMISE_HWADDR:
+               ifo->randomise_hwaddr = true;
                break;
 #ifdef INET
        case O_ARPING:

diff --git a/src/if-options.h b/src/if-options.h
index 689d9344ba9e1eb8acbc610ab70dadd0146f4593..e4e39e2820a654fc809ff3f8c92fad79b2af8fe5 100644 (file)
--- a/src/if-options.h
+++ b/src/if-options.h
@@ -182,6 +182,7 @@
 #define O_MSUSERCLASS          O_BASE + 49
 #define O_CONFIGURE            O_BASE + 50
 #define O_NOCONFIGURE          O_BASE + 51
+#define O_RANDOMISE_HWADDR     O_BASE + 52
 
 extern const struct option cf_options[];
 
@@ -234,6 +235,7 @@ struct if_options {
        uint32_t timeout;
        uint32_t reboot;
        unsigned long long options;
+       bool randomise_hwaddr;
 
        struct in_addr req_addr;
        struct in_addr req_mask;