From: Thomas Markwalder Date: Wed, 14 Aug 2019 17:26:41 +0000 (-0400) Subject: [#722,!1] Addressed review comments X-Git-Tag: Kea-1.6.0~41^2~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bb1a64b8945950f4439121ce4fef566d37c8630c;p=thirdparty%2Fkea.git [#722,!1] Addressed review comments revamped Dhpc6srv::sanityCheckDuid() per review comments on 1.4.0 version. --- diff --git a/ChangeLog b/ChangeLog index f7b596df48..fabbf685ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -218,6 +218,9 @@ Kea 1.6.0-beta2 released on July 24, 2019 1610. [build] fdupont Removed the obsolete compatcheck top directory. (Gitlab #667,!391, git 8cb113a52f0cf56fbdb5cb0e87464135234c2ac1) +======= + (Gitlab #722,!1-p git TBD) +>>>>>>> [#722,!1] Addressed review comments 1609. [bug] fdupont Fixed the implementation of authentication keys in DHCPv6 diff --git a/src/bin/dhcp6/dhcp6_srv.cc b/src/bin/dhcp6/dhcp6_srv.cc index 64ac1dbc8f..fd761877ef 100644 --- a/src/bin/dhcp6/dhcp6_srv.cc +++ b/src/bin/dhcp6/dhcp6_srv.cc @@ -1411,17 +1411,10 @@ void Dhcpv6Srv::sanityCheckDUID(const OptionPtr& opt, const std::string& opt_nam // The client-id or server-id has to have at least 3 bytes of useful data: // two for duid type and one more for actual duid value. uint16_t len = opt->len() - opt->getHeaderLen(); - if (len < 3) { - isc_throw(RFCViolation, "Received empty or truncated " << opt_name << " option: " - << len << " byte(s) only"); - } - - // We need to make sure we can construct one, if not we're toast later on. - try { - DuidPtr tmp(new DUID(opt->getData())); - } catch (const std::exception& ex) { - isc_throw(RFCViolation, "Received invalid content for " - << opt_name << ", " << ex.what()); + if (len < 3 || len > DUID::MAX_DUID_LEN || opt->getData().empty()) { + isc_throw(RFCViolation, "Received invalid DUID for " << opt_name << ", received " + << len << " byte(s). It must be at least 3 and no more than " + << DUID::MAX_DUID_LEN); } }