From: Roy Marples <roy@marples.name>
Date: Sun, 2 Apr 2017 09:55:52 +0000 (+0100)
Subject: If auth is disabled, then disable FORCERENEW and RECONFIGURE_ACCEPT
X-Git-Tag: v7.0.0-beta2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8da83face6bef6039efc45283d2dcc4617b8ea79;p=thirdparty%2Fdhcpcd.git

If auth is disabled, then disable FORCERENEW and RECONFIGURE_ACCEPT
entirely.
---

diff --git a/src/dhcp.c b/src/dhcp.c
index 0e32665e..0761caa8 100644
--- a/src/dhcp.c
+++ b/src/dhcp.c
@@ -2741,8 +2741,8 @@ dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
 	unsigned int i;
 	char *msg;
 	bool bootp_copied;
-	const uint8_t *auth;
 #ifdef AUTH
+	const uint8_t *auth;
 	size_t auth_len;
 #endif
 #ifdef IN_IFF_DUPLICATED
@@ -2812,8 +2812,6 @@ dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
 		}
 		LOGDHCP0(LOG_WARNING, "no authentication");
 	}
-#else
-	auth = NULL;
 #endif
 
 	/* RFC 3203 */
@@ -2824,8 +2822,9 @@ dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
 			LOGDHCP(LOG_ERR, "discarding Force Renew");
 			return;
 		}
+#ifdef AUTH
 		if (auth == NULL) {
-			LOGDHCP(LOG_ERR, "unauthenticated Force Renew");
+			LOGDHCP(LOG_ERR, "unauthenticated force renew");
 			if (ifo->auth.options & DHCPCD_AUTH_REQUIRE)
 				return;
 		}
@@ -2843,6 +2842,9 @@ dhcp_handledhcp(struct interface *ifp, struct bootp *bootp, size_t bootp_len,
 			    send_inform, ifp);
 			dhcp_inform(ifp);
 		}
+#else
+		LOGDHCP(LOG_ERR, "unauthenticated force renew");
+#endif
 		return;
 	}
 
diff --git a/src/dhcp6.c b/src/dhcp6.c
index bda1347b..94b1cd5b 100644
--- a/src/dhcp6.c
+++ b/src/dhcp6.c
@@ -635,9 +635,11 @@ dhcp6_makemessage(struct interface *ifp)
 		if (ifo->mudurl[0])
 			len += sizeof(o) + ifo->mudurl[0];
 
+#ifdef AUTH
 		if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) !=
 		    DHCPCD_AUTH_SENDREQUIRE)
 			len += sizeof(o); /* Reconfigure Accept */
+#endif
 	}
 
 	len += sizeof(*state->send);
@@ -906,11 +908,12 @@ dhcp6_makemessage(struct interface *ifp)
 		if (ifo->mudurl[0])
 			COPYIN(D6_OPTION_MUDURL,
 			    ifo->mudurl + 1, ifo->mudurl[0]);
-		
 
+#ifdef AUTH
 		if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) !=
 		    DHCPCD_AUTH_SENDREQUIRE)
 			COPYIN1(D6_OPTION_RECONF_ACCEPT, 0);
+#endif
 
 		if (n_options) {
 			o_lenp = NEXTLEN;
@@ -2885,8 +2888,6 @@ dhcp6_handledata(void *arg)
 		syslog(LOG_WARNING, "%s: no authentication from %s",
 		    ifp->name, ctx->sfrom);
 	}
-#else
-	auth = NULL;
 #endif
 
 	op = dhcp6_get_op(r->type);
@@ -2996,11 +2997,14 @@ dhcp6_handledata(void *arg)
 			return;
 		break;
 	case DHCP6_RECONFIGURE:
+#ifdef AUTH
 		if (auth == NULL) {
+#endif
 			syslog(LOG_ERR, "%s: unauthenticated %s from %s",
 			    ifp->name, op, ctx->sfrom);
 			if (ifo->auth.options & DHCPCD_AUTH_REQUIRE)
 				return;
+#ifdef AUTH
 		}
 		syslog(LOG_INFO, "%s: %s from %s",
 		    ifp->name, op, ctx->sfrom);
@@ -3041,6 +3045,7 @@ dhcp6_handledata(void *arg)
 			break;
 		}
 		return;
+#endif
 	default:
 		syslog(LOG_ERR, "%s: invalid DHCP6 type %s (%d)",
 		    ifp->name, op, r->type);