From: Roy Marples Date: Fri, 9 Dec 2016 20:28:07 +0000 (+0000) Subject: Add support for MUD URL, draft-lear-ietf-netmod-mud-04. X-Git-Tag: v7.0.0-beta1~91 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d85ad7d0965917acab74fb471b95bdb041576e25;p=thirdparty%2Fdhcpcd.git Add support for MUD URL, draft-lear-ietf-netmod-mud-04. Thanks to Eliot Lear for the patch. --- diff --git a/dhcp.c b/dhcp.c index d222342c..02950f81 100644 --- a/dhcp.c +++ b/dhcp.c @@ -922,6 +922,13 @@ make_message(struct bootp **bootpm, const struct interface *ifp, uint8_t type) p += ifo->vendorclassid[0] + 1; } + if (ifo->mudurl[0]) { + AREA_CHECK(ifo->mudurl[0]); + *p++ = DHO_MUDURL; + memcpy(p, ifo->mudurl, (size_t)ifo->mudurl[0] + 1); + p += ifo->mudurl[0] + 1; + } + if (type != DHCP_INFORM) { if (ifo->leasetime != 0) { AREA_CHECK(4); diff --git a/dhcp.h b/dhcp.h index 64ca34b4..a0836d2d 100644 --- a/dhcp.h +++ b/dhcp.h @@ -115,6 +115,7 @@ enum DHO { DHO_VIVCO = 124, /* RFC 3925 */ DHO_VIVSO = 125, /* RFC 3925 */ DHO_FORCERENEW_NONCE = 145, /* RFC 6704 */ + DHO_MUDURL = 161, /* draft-ietf-opsawg-mud */ DHO_SIXRD = 212, /* RFC 5969 */ DHO_MSCSR = 249, /* MS code for RFC 3442 */ DHO_END = 255 diff --git a/dhcp6.c b/dhcp6.c index 215fa73f..7f5bae2d 100644 --- a/dhcp6.c +++ b/dhcp6.c @@ -634,6 +634,9 @@ dhcp6_makemessage(struct interface *ifp) len += sizeof(o) + 1 + hl; } + if (ifo->mudurl[0]) + len += sizeof(o) + ifo->mudurl[0]; + if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != DHCPCD_AUTH_SENDREQUIRE) len += sizeof(o); /* Reconfigure Accept */ @@ -901,6 +904,11 @@ dhcp6_makemessage(struct interface *ifp) memcpy(o_lenp, &o.len, sizeof(o.len)); } + if (ifo->mudurl[0]) + COPYIN(D6_OPTION_MUDURL, + ifo->mudurl + 1, ifo->mudurl[0]); + + if ((ifo->auth.options & DHCPCD_AUTH_SENDREQUIRE) != DHCPCD_AUTH_SENDREQUIRE) COPYIN1(D6_OPTION_RECONF_ACCEPT, 0); diff --git a/dhcp6.h b/dhcp6.h index e857efa9..bd482c54 100644 --- a/dhcp6.h +++ b/dhcp6.h @@ -92,6 +92,7 @@ #define D6_OPTION_PD_EXCLUDE 67 #define D6_OPTION_SOL_MAX_RT 82 #define D6_OPTION_INF_MAX_RT 83 +#define D6_OPTION_MUDURL 112 #define D6_FQDN_PTR 0x00 #define D6_FQDN_BOTH 0x01 diff --git a/dhcpcd-definitions.conf b/dhcpcd-definitions.conf index e98d3d11..d44a600b 100644 --- a/dhcpcd-definitions.conf +++ b/dhcpcd-definitions.conf @@ -271,8 +271,13 @@ embed array domain domains # DHCP TFTP Server Address, RFC5859 define 150 array ipaddress tftp_servers +# DHCP MUD URL, draft-ietf-opsawg-mud +define 161 string mudurl + +# Apart from 161... # Options 151-157 are used for Lease Query, RFC6926 and not for dhcpcd # Options 158-174 are unused, RFC3942 + # Options 175-177 are tentativel assigned for Etherboot # Options 178-207 are unused, RFC3942 @@ -577,6 +582,9 @@ define6 83 request uint32 inf_max_rt # DHCPv6 Address Selection Policy # Currently not supported +# DHCPv6 MUD URL, draft-ietf-opsawg-mud +define6 112 string mudurl + # Options 86-65535 are unasssinged ############################################################################## diff --git a/dhcpcd.conf.5.in b/dhcpcd.conf.5.in index 4c8d30c0..d8176c0e 100644 --- a/dhcpcd.conf.5.in +++ b/dhcpcd.conf.5.in @@ -439,6 +439,11 @@ Metrics are used to prefer an interface over another one, lowest wins. will supply a default metric of 200 + .Xr if_nametoindex 3 . An extra 100 will be added for wireless interfaces. +.It Ic mudurl Ar url +Specifies the URL for a manufacturer usage description (MUD). +The description is used by upstream network devices to instantiate any +desired access lists. +See draft-ietf-opsawg-mud for more information. .It Ic noalias Any pre-existing IPv4 addresses existing address will be removed from the interface when adding a new IPv4 address. diff --git a/if-options.c b/if-options.c index c832c214..67621235 100644 --- a/if-options.c +++ b/if-options.c @@ -103,6 +103,7 @@ #define O_INFORM6 O_BASE + 45 #define O_LASTLEASE_EXTEND O_BASE + 46 #define O_INACTIVE O_BASE + 47 +#define O_MUDURL O_BASE + 48 const struct option cf_options[] = { {"background", no_argument, NULL, 'b'}, @@ -203,6 +204,7 @@ const struct option cf_options[] = { {"noup", no_argument, NULL, O_NOUP}, {"lastleaseextend", no_argument, NULL, O_LASTLEASE_EXTEND}, {"inactive", no_argument, NULL, O_INACTIVE}, + {"mudurl", required_argument, NULL, O_MUDURL}, {NULL, 0, NULL, '\0'} }; @@ -2135,6 +2137,15 @@ err_sla: case O_INACTIVE: ifo->options |= DHCPCD_INACTIVE; break; + case O_MUDURL: + ARG_REQUIRED; + s = parse_string((char *)ifo->mudurl + 1, MUDURL_MAX_LEN, arg); + if (s == -1) { + logger(ctx, LOG_ERR, "mudurl: %m"); + return -1; + } + *ifo->mudurl = (uint8_t)s; + break; default: return 0; } diff --git a/if-options.h b/if-options.h index 6d35d044..3f2eb04d 100644 --- a/if-options.h +++ b/if-options.h @@ -56,6 +56,7 @@ #define CLIENTID_MAX_LEN 48 #define USERCLASS_MAX_LEN 255 #define VENDOR_MAX_LEN 255 +#define MUDURL_MAX_LEN 255 #define DHCPCD_ARP (1ULL << 0) #define DHCPCD_RELEASE (1ULL << 1) @@ -192,6 +193,7 @@ struct if_options { uint8_t clientid[CLIENTID_MAX_LEN + 2]; uint8_t userclass[USERCLASS_MAX_LEN + 2]; uint8_t vendor[VENDOR_MAX_LEN + 2]; + uint8_t mudurl[MUDURL_MAX_LEN + 2]; size_t blacklist_len; in_addr_t *blacklist;