extreme size constraints.
SRCS+= ${DHCPCD_SRCS}
DHCPCD_DEFS?= dhcpcd-definitions.conf
-SRCS+= auth.c
-CPPFLAGS+= -I./crypt
-CRYPT_SRCS= crypt/hmac_md5.c ${MD5_SRC} ${SHA256_SRC}
-
-OBJS+= ${SRCS:.c=.o} ${COMPAT_SRCS:.c=.o} ${CRYPT_SRCS:.c=.o}
+OBJS+= ${SRCS:.c=.o} ${AUTH_SRCS:.c=.o} ${COMPAT_SRCS:.c=.o}
SCRIPT= ${LIBEXECDIR}/dhcpcd-run-hooks
HOOKDIR= ${LIBEXECDIR}/dhcpcd-hooks
dhcpcd-definitions.conf, the custom logger and
support for DHCPv6 Prefix Delegation.
Other features maybe dropped as and when required.
+dhcpcd can also be made smaller by removing Authentication support with
+--disable-auth.
If you're cross compiling you may need set the platform if OS is different
from the host.
struct auth {
int options;
+#ifdef AUTH
uint8_t protocol;
uint8_t algorithm;
uint8_t rdm;
uint64_t last_replay;
uint8_t last_replay_set;
struct token_head tokens;
+#endif
};
struct authstate {
STATIC=
DEVS=
EMBEDDED=
+AUTH=
POLL=
SMALL=
STATUSARG=
--enable-ipv6) INET6=yes;;
--disable-embedded) EMBEDDED=no;;
--enable-embedded) EMBEDDED=yes;;
+ --disable-auth) AUTH=no;;
+ --enable-auth) AUTH=yes;;
--prefix) PREFIX=$var;;
--sysconfdir) SYSCONFDIR=$var;;
--bindir|--sbindir) SBINDIR=$var;;
echo "EMBEDDEDINSTALL= _embeddedinstall" >>$CONFIG_MK
fi
+if [ -z "$AUTH" -o "$AUTH" = yes ]; then
+ echo "Enabling Authentiaction"
+ echo "CPPFLAGS+= -DAUTH" >>$CONFIG_MK
+ echo "AUTH_SRCS= auth.c crypt/hmac_md5.c" >>$CONFIG_MK
+ echo "AUTH_SRCS+= \${MD5_SRC} \${SHA256_SRC}" >>$CONFIG_MK
+fi
+
if [ "$OS" = linux ]; then
printf "Testing for nl80211 ... "
cat <<EOF >_nl80211.c
make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type)
{
struct bootp *bootp;
- uint8_t *lp, *p, *e, *auth;
- uint8_t *n_params = NULL, auth_len;
+ uint8_t *lp, *p, *e;
+ uint8_t *n_params = NULL;
uint32_t ul;
uint16_t sz;
size_t len, i;
const char *hostname;
const struct vivco *vivco;
int mtu;
+#ifdef AUTH
+ uint8_t *auth, auth_len;
+#endif
if ((mtu = if_getmtu(ifp)) == -1)
logger(ifp->ctx, LOG_ERR,
p += ifo->vendor[0] + 1;
}
+#ifdef AUTH
if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) !=
DHCPCD_AUTH_SENDREQUIRE)
{
*p++ = 1;
*p++ = AUTH_ALG_HMAC_MD5;
}
+#endif
if (ifo->vivco_len) {
AREA_CHECK(sizeof(ul));
*n_params = (uint8_t)(p - n_params - 1);
}
- /* silence GCC */
+#ifdef AUTH
+ auth = NULL; /* appease GCC */
auth_len = 0;
- auth = NULL;
-
if (ifo->auth.options & DHCPCD_AUTH_SEND) {
ssize_t alen = dhcp_auth_encode(&ifo->auth,
state->auth.token,
p += auth_len;
}
}
+#endif
*p++ = DHO_END;
len = (size_t)(p - (uint8_t *)bootp);
len++;
}
+#ifdef AUTH
if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0)
dhcp_auth_encode(&ifo->auth, state->auth.token,
(uint8_t *)bootp, len, 4, type, auth, auth_len);
+#endif
return (ssize_t)len;
struct dhcp_state *state = D_STATE(ifp);
uint8_t *lease;
size_t bytes;
- const uint8_t *auth;
uint8_t type;
+#ifdef AUTH
+ const uint8_t *auth;
size_t auth_len;
+#endif
/* Safety */
*bootp = NULL;
DHO_MESSAGETYPE) == -1)
type = 0;
+#ifdef AUTH
/* Authenticate the message */
auth = get_option(ifp->ctx, (struct bootp *)lease, bytes,
DHO_AUTHENTICATION, &auth_len);
free(lease);
return 0;
}
+#endif
out:
*bootp = (struct bootp *)lease;
}
eloop_timeout_delete(ifp->ctx->eloop, NULL, ifp);
+#ifdef AUTH
dhcp_auth_reset(&state->auth);
+#endif
dhcp_close(ifp);
free(state->offer);
struct if_options *ifo = ifp->options;
struct dhcp_lease *lease = &state->lease;
uint8_t type, tmp;
- const uint8_t *auth;
struct in_addr addr;
unsigned int i;
- size_t auth_len;
char *msg;
bool bootp_copied;
+ const uint8_t *auth;
+#ifdef AUTH
+ size_t auth_len;
+#endif
#ifdef IN_IFF_DUPLICATED
struct ipv4_addr *ia;
#endif
return;
}
+#ifdef AUTH
/* Authenticate the message */
auth = get_option(ifp->ctx, bootp, bootp_len,
DHO_AUTHENTICATION, &auth_len);
}
LOGDHCP0(LOG_WARNING, "no authentication");
}
+#else
+ auth = NULL;
+#endif
/* RFC 3203 */
if (type == DHCP_FORCERENEW) {
const struct dhcp6_option *si, *unicast;
size_t l, n, len, ml;
uint8_t type;
- uint16_t u16, n_options, auth_len;
+ uint16_t u16, n_options;
struct if_options *ifo;
const struct dhcp_opt *opt, *opt2;
uint8_t IA, *p;
const char *hostname;
int fqdn;
struct dhcp6_ia_addr *iap;
+#ifdef AUTH
+ uint16_t auth_len;
+#endif
#ifndef SMALL
struct dhcp6_option *eo;
struct dhcp6_pd_addr *pdp;
return -1;
}
+#ifdef AUTH
auth_len = 0;
if (ifo->auth.options & DHCPCD_AUTH_SEND) {
ssize_t alen = dhcp_auth_encode(&ifo->auth,
len += sizeof(*o) + auth_len;
}
}
+#endif
state->send = malloc(len);
if (state->send == NULL)
}
}
+#ifdef AUTH
/* This has to be the last option */
if (ifo->auth.options & DHCPCD_AUTH_SEND && auth_len != 0) {
o = D6_NEXT_OPTION(o);
o->len = htons((uint16_t)auth_len);
/* data will be filled at send message time */
}
+#endif
return 0;
}
}
#endif
+#ifdef AUTH
static ssize_t
dhcp6_update_auth(struct interface *ifp, struct dhcp6_message *m, size_t len)
{
6, state->send->type,
D6_OPTION_DATA(o), ntohs(o->len));
}
+#endif
static int
dhcp6_sendmessage(struct interface *ifp, void (*callback)(void *))
/* Update the elapsed time */
dhcp6_updateelapsed(ifp, state->send, state->send_len);
+#ifdef AUTH
if (ifp->options->auth.options & DHCPCD_AUTH_SEND &&
dhcp6_update_auth(ifp, state->send, state->send_len) == -1)
{
if (errno != ESRCH)
return -1;
}
+#endif
ctx = ifp->ctx->ipv6;
dst.sin6_scope_id = ifp->index;
struct stat st;
int fd;
uint8_t *lease;
- const struct dhcp6_option *o;
struct timespec acquired;
time_t now;
int retval;
bool fd_opened;
+#ifdef AUTH
+ const struct dhcp6_option *o;
+#endif
state = D6_STATE(ifp);
if (state->leasefile[0] == '\0') {
auth:
retval = 0;
+#ifdef AUTH
/* Authenticate the message */
o = dhcp6_getmoption(D6_OPTION_AUTH, state->new, state->new_len);
if (o) {
"%s: authentication now required", ifp->name);
goto ex;
}
+#endif
return fd;
}
}
+#ifdef AUTH
/* Authenticate the message */
auth = dhcp6_getmoption(D6_OPTION_AUTH, r, len);
if (auth) {
logger(ifp->ctx, LOG_WARNING,
"%s: no authentication from %s", ifp->name, ctx->sfrom);
}
+#else
+ auth = NULL;
+#endif
op = dhcp6_get_op(r->type);
switch(r->type) {
return parse_iaid1(iaid, arg, len, 1);
}
+#ifdef AUTH
static int
parse_uint32(uint32_t *i, const char *arg)
{
return parse_iaid1((uint8_t *)i, arg, sizeof(uint32_t), 0);
}
+#endif
static char **
splitv(struct dhcpcd_ctx *ctx, int *argc, char **argv, const char *arg)
return UNCONST(s);
}
+#ifdef AUTH
/* Find the end pointer of a string. */
static char *
strend(const char *s)
}
return UNCONST(++s);
}
+#endif
static int
parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo,
struct dhcp_opt **dop, *ndop;
size_t *dop_len, dl, odl;
struct vivco *vivco;
- struct token *token;
struct group *grp;
+#ifdef AUTH
+ struct token *token;
+#endif
#ifdef _REENTRANT
struct group grpbuf;
#endif
break;
case O_AUTHPROTOCOL:
ARG_REQUIRED;
+#ifdef AUTH
fp = strwhite(arg);
if (fp)
*fp++ = '\0';
}
ifo->auth.options |= DHCPCD_AUTH_SEND;
break;
+#else
+ logger(ctx, LOG_ERR, "no authentication support");
+ return -1;
+#endif
case O_AUTHTOKEN:
ARG_REQUIRED;
+#ifdef AUTH
fp = strwhite(arg);
if (fp == NULL) {
logger(ctx, LOG_ERR, "authtoken requires a realm");
token->key = malloc(token->key_len);
parse_string((char *)token->key, token->key_len, arg);
TAILQ_INSERT_TAIL(&ifo->auth.tokens, token, next);
+#else
+ logger(ctx, LOG_ERR, "no authentication support");
+ return -1;
+#endif
break;
case O_AUTHNOTREQUIRED:
ifo->auth.options &= ~DHCPCD_AUTH_REQUIRE;
ifo->reboot = DEFAULT_REBOOT;
ifo->metric = -1;
ifo->auth.options |= DHCPCD_AUTH_REQUIRE;
+#ifdef AUTH
TAILQ_INIT(&ifo->auth.tokens);
+#endif
/* Inherit some global defaults */
if (ctx->options & DHCPCD_PERSISTENT)
size_t i;
struct dhcp_opt *opt;
struct vivco *vo;
+#ifdef AUTH
struct token *token;
+#endif
if (ifo) {
if (ifo->environ) {
#endif
free(ifo->ia);
+#ifdef AUTH
while ((token = TAILQ_FIRST(&ifo->auth.tokens))) {
TAILQ_REMOVE(&ifo->auth.tokens, token, next);
if (token->realm_len)
free(token->key);
free(token);
}
+#endif
free(ifo);
}
}
projects / thirdparty / dhcpcd.git / commitdiff
