From 6e127eac6903524d401b31893167e4529b8ab111 Mon Sep 17 00:00:00 2001 From: Roy Marples Date: Mon, 8 May 2023 15:52:11 +0100 Subject: [PATCH] DHCP: Don't enforce the message came port 67 RFC2131 and updates make no mention of what the source port should or must be. Update for #179. --- src/bpf.c | 11 +++++++---- src/dhcp.c | 4 ++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/src/bpf.c b/src/bpf.c index 339f3a01..44b08e6e 100644 --- a/src/bpf.c +++ b/src/bpf.c @@ -612,16 +612,19 @@ static const struct bpf_insn bpf_bootp_base[] = { #define BPF_BOOTP_BASE_LEN __arraycount(bpf_bootp_base) static const struct bpf_insn bpf_bootp_read[] = { - /* Make sure it's from and to the right port. */ - BPF_STMT(BPF_LD + BPF_W + BPF_IND, 0), - BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, (BOOTPS << 16) + BOOTPC, 1, 0), + /* Make sure it's to the right port. + * RFC2131 makes no mention of enforcing a source port. */ + BPF_STMT(BPF_LD + BPF_H + BPF_IND, offsetof(struct udphdr, uh_dport)), + BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, BOOTPC, 1, 0), BPF_STMT(BPF_RET + BPF_K, 0), }; #define BPF_BOOTP_READ_LEN __arraycount(bpf_bootp_read) #ifdef BIOCSETWF static const struct bpf_insn bpf_bootp_write[] = { - /* Make sure it's from and to the right port. */ + /* Make sure it's from and to the right port. + * RFC2131 makes no mention of encforcing a source port, + * but dhcpcd does enforce it for sending. */ BPF_STMT(BPF_LD + BPF_W + BPF_IND, 0), BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, (BOOTPC << 16) + BOOTPS, 1, 0), BPF_STMT(BPF_RET + BPF_K, 0), diff --git a/src/dhcp.c b/src/dhcp.c index f7680760..9a790b50 100644 --- a/src/dhcp.c +++ b/src/dhcp.c @@ -3459,8 +3459,8 @@ is_packet_udp_bootp(void *packet, size_t plen) if (ip_hlen + ntohs(udp.uh_ulen) > plen) return false; - /* Check it's to and from the right ports. */ - if (udp.uh_dport != htons(BOOTPC) || udp.uh_sport != htons(BOOTPS)) + /* Check it's to the right port. */ + if (udp.uh_dport != htons(BOOTPC)) return false; return true; -- 2.47.2