From: Sebastian Schrader <sebastian.schrader@tu-dresden.de>
Date: Fri, 19 Oct 2018 15:25:22 +0000 (+0200)
Subject: [5184] Send NAK to unknown clients if authoritative
X-Git-Tag: 259-libyang-adapt-authoritative_base~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6abedf95016f8274919f3f3f1a8ae3eac37b4609;p=thirdparty%2Fkea.git

[5184] Send NAK to unknown clients if authoritative
---

diff --git a/src/bin/dhcp4/dhcp4_srv.cc b/src/bin/dhcp4/dhcp4_srv.cc
index f8fca028f8..f3f79c7b59 100644
--- a/src/bin/dhcp4/dhcp4_srv.cc
+++ b/src/bin/dhcp4/dhcp4_srv.cc
@@ -1990,8 +1990,10 @@ Dhcpv4Srv::assignLease(Dhcpv4Exchange& ex) {
 
         // Check the first error case: unknown client. We check this before
         // validating the address sent because we don't want to respond if
-        // we don't know this client.
-        if (!lease || !lease->belongsToClient(hwaddr, client_id)) {
+        // we don't know this client, except if we're authoritative.
+        bool authoritative = original_subnet->getAuthoritative();
+        bool known_client = lease && lease->belongsToClient(hwaddr, client_id);
+        if (!authoritative && !known_client) {
             LOG_DEBUG(bad_packet4_logger, DBG_DHCP4_DETAIL,
                       DHCP4_NO_LEASE_INIT_REBOOT)
                 .arg(query->getLabel())
@@ -2001,9 +2003,10 @@ Dhcpv4Srv::assignLease(Dhcpv4Exchange& ex) {
             return;
         }
 
-        // We know this client so we can now check if his notion of the
-        // IP address is correct.
-        if (lease && (lease->addr_ != hint)) {
+        // If we know this client, check if his notion of the IP address is
+        // correct, if we don't know him check, if we are authoritative.
+        if ((known_client && (lease->addr_ != hint))
+            || (!known_client && authoritative)) {
             LOG_DEBUG(bad_packet4_logger, DBG_DHCP4_DETAIL,
                       DHCP4_PACKET_NAK_0002)
                 .arg(query->getLabel())