From: Marcin Siodelski Date: Fri, 27 Apr 2018 09:20:36 +0000 (+0200) Subject: [5458] Make sanityCheck call compacted. X-Git-Tag: trac5488_base~2^2~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5bf8dada8e721e8e63fa523f2734247529752aa1;p=thirdparty%2Fkea.git [5458] Make sanityCheck call compacted. --- diff --git a/src/bin/dhcp6/dhcp6_srv.cc b/src/bin/dhcp6/dhcp6_srv.cc index 473039ba55..151a3e274b 100644 --- a/src/bin/dhcp6/dhcp6_srv.cc +++ b/src/bin/dhcp6/dhcp6_srv.cc @@ -647,28 +647,8 @@ Dhcpv6Srv::processPacket(Pkt6Ptr& query, Pkt6Ptr& rsp) { callout_handle->getArgument("query6", query); } - try { - if (!sanityCheck(query)) { - // We received a packet type that we do not recognize. - LOG_DEBUG(bad_packet6_logger, DBG_DHCP6_BASIC, - DHCP6_UNKNOWN_MSG_RECEIVED) - .arg(static_cast(query->getType())) - .arg(query->getIface()); - // Increase the statistic of dropped packets. - StatsMgr::instance().addValue("pkt6-receive-drop", - static_cast(1)); - return; - } - - } catch (const RFCViolation& e) { - LOG_DEBUG(bad_packet6_logger, DBG_DHCP6_BASIC, DHCP6_REQUIRED_OPTIONS_CHECK_FAIL) - .arg(query->getName()) - .arg(query->getRemoteAddr().toText()) - .arg(e.what()); - - // Increase the statistic of dropped packets. - StatsMgr::instance().addValue("pkt6-receive-drop", static_cast(1)); - + // Reject the message if it doesn't pass the sanity check. + if (!sanityCheck(query)) { return; } @@ -1249,28 +1229,44 @@ Dhcpv6Srv::appendRequestedVendorOptions(const Pkt6Ptr& question, bool Dhcpv6Srv::sanityCheck(const Pkt6Ptr& pkt) { - switch (pkt->getType()) { - case DHCPV6_SOLICIT: - case DHCPV6_REBIND: + try { + switch (pkt->getType()) { + case DHCPV6_SOLICIT: + case DHCPV6_REBIND: case DHCPV6_CONFIRM: - sanityCheck(pkt, MANDATORY, FORBIDDEN); - return (true); + sanityCheck(pkt, MANDATORY, FORBIDDEN); + return (true); - case DHCPV6_REQUEST: - case DHCPV6_RENEW: - case DHCPV6_RELEASE: - case DHCPV6_DECLINE: - sanityCheck(pkt, MANDATORY, MANDATORY); - return (true); + case DHCPV6_REQUEST: + case DHCPV6_RENEW: + case DHCPV6_RELEASE: + case DHCPV6_DECLINE: + sanityCheck(pkt, MANDATORY, MANDATORY); + return (true); - case DHCPV6_INFORMATION_REQUEST: - case DHCPV6_DHCPV4_QUERY: - sanityCheck(pkt, OPTIONAL, OPTIONAL); - return (true); + case DHCPV6_INFORMATION_REQUEST: + case DHCPV6_DHCPV4_QUERY: + sanityCheck(pkt, OPTIONAL, OPTIONAL); + return (true); + + default: + LOG_DEBUG(bad_packet6_logger, DBG_DHCP6_BASIC, + DHCP6_UNKNOWN_MSG_RECEIVED) + .arg(static_cast(pkt->getType())) + .arg(pkt->getIface()); + } + + } catch (const RFCViolation& e) { + LOG_DEBUG(bad_packet6_logger, DBG_DHCP6_BASIC, DHCP6_REQUIRED_OPTIONS_CHECK_FAIL) + .arg(pkt->getName()) + .arg(pkt->getRemoteAddr().toText()) + .arg(e.what()); - default: - return (false); } + + // Increase the statistic of dropped packets. + StatsMgr::instance().addValue("pkt6-receive-drop", static_cast(1)); + return (false); } void diff --git a/src/bin/dhcp6/dhcp6_srv.h b/src/bin/dhcp6/dhcp6_srv.h index 8f04aaf503..68bdfadae2 100644 --- a/src/bin/dhcp6/dhcp6_srv.h +++ b/src/bin/dhcp6/dhcp6_srv.h @@ -193,14 +193,14 @@ protected: /// not allowed according to RFC3315, section 15; true otherwise. bool testUnicast(const Pkt6Ptr& pkt) const; - /// @brief verifies if specified packet meets RFC requirements + /// @brief Verifies if specified packet meets RFC requirements /// /// Checks if mandatory option is really there, that forbidden option /// is not there, and that client-id or server-id appears only once. /// /// @param pkt packet to be checked - /// @return false if the message type is not recognized, true otherwise. - /// @throw RFCViolation if any issues are detected + /// @return false if the message should be dropped as a result of the + /// sanity check. bool sanityCheck(const Pkt6Ptr& pkt); /// @brief verifies if specified packet meets RFC requirements diff --git a/src/bin/dhcp6/tests/confirm_unittest.cc b/src/bin/dhcp6/tests/confirm_unittest.cc index 2d3c4160e6..da7bf23063 100644 --- a/src/bin/dhcp6/tests/confirm_unittest.cc +++ b/src/bin/dhcp6/tests/confirm_unittest.cc @@ -96,16 +96,16 @@ TEST_F(ConfirmTest, sanityCheck) { // A message with no client-id should fail Pkt6Ptr confirm = Pkt6Ptr(new Pkt6(DHCPV6_CONFIRM, 1234)); - EXPECT_THROW(srv.sanityCheck(confirm), RFCViolation); + EXPECT_FALSE(srv.sanityCheck(confirm)); // A message with a single client-id should succeed OptionPtr clientid = generateClientId(); confirm->addOption(clientid); - EXPECT_NO_THROW(srv.sanityCheck(confirm)); + EXPECT_TRUE(srv.sanityCheck(confirm)); // A message with server-id present should fail confirm->addOption(srv.getServerID()); - EXPECT_THROW(srv.sanityCheck(confirm), RFCViolation); + EXPECT_FALSE(srv.sanityCheck(confirm)); } // Test that directly connected client's Confirm message is processed and Reply diff --git a/src/bin/dhcp6/tests/rebind_unittest.cc b/src/bin/dhcp6/tests/rebind_unittest.cc index d86eb68625..207db8e0f1 100644 --- a/src/bin/dhcp6/tests/rebind_unittest.cc +++ b/src/bin/dhcp6/tests/rebind_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (C) 2014-2016 Internet Systems Consortium, Inc. ("ISC") +// Copyright (C) 2014-2018 Internet Systems Consortium, Inc. ("ISC") // // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this @@ -348,16 +348,16 @@ TEST_F(RebindTest, sanityCheck) { // A message with no client-id should fail Pkt6Ptr rebind = Pkt6Ptr(new Pkt6(DHCPV6_REBIND, 1234)); - EXPECT_THROW(srv.sanityCheck(rebind), RFCViolation); + EXPECT_FALSE(srv.sanityCheck(rebind)); // A message with a single client-id should succeed OptionPtr clientid = generateClientId(); rebind->addOption(clientid); - EXPECT_NO_THROW(srv.sanityCheck(rebind)); + EXPECT_TRUE(srv.sanityCheck(rebind)); // A message with server-id present should fail rebind->addOption(srv.getServerID()); - EXPECT_THROW(srv.sanityCheck(rebind), RFCViolation); + EXPECT_FALSE(srv.sanityCheck(rebind)); } // Test that directly connected client's Rebind message is processed and Reply