From d40d021ca5e2b178ac542c70052b6621e7baec97 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 7 May 2026 12:19:25 +0900
Subject: [PATCH] dhcp-server-request: check server address in DHCPDECLINE and
 DHCPRELEASE

Otherwise, we may do something wrong by messages for another DHCP server.
Let's silently ignore messages with unmatching server identifier.

Also, logs something when we receive DHCPRELEASE but found lease does
not match the reported address.
---
 src/libsystemd-network/dhcp-server-request.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/libsystemd-network/dhcp-server-request.c b/src/libsystemd-network/dhcp-server-request.c
index 202a8b888cd..6ce68dab40d 100644
--- a/src/libsystemd-network/dhcp-server-request.c
+++ b/src/libsystemd-network/dhcp-server-request.c
@@ -364,10 +364,12 @@ static int dhcp_server_process_decline(sd_dhcp_server *server, DHCPRequest *req,
         assert(server);
         assert(req);
 
-        log_dhcp_server(server, "DECLINE (0x%x): %s", be32toh(req->message->xid), strna(error_message));
+        if (req->server_address != server->address)
+                return 0; /* The message is not for us. Let's silently ignore the packet. */
 
-        /* TODO: make sure we don't offer this address again */
+        /* TODO: make sure we don't offer this address again for a while. */
 
+        log_dhcp_server(server, "DECLINE (0x%x): %s", be32toh(req->message->xid), strna(error_message));
         return 0;
 }
 
@@ -375,19 +377,20 @@ static int dhcp_server_process_release(sd_dhcp_server *server, DHCPRequest *req)
         assert(server);
         assert(req);
 
-        log_dhcp_server(server, "RELEASE (0x%x)",
-                        be32toh(req->message->xid));
+        if (req->server_address != server->address)
+                return 0; /* The message is not for us. Let's silently ignore the packet. */
 
         sd_dhcp_server_lease *existing_lease = hashmap_get(server->bound_leases_by_client_id, &req->client_id);
         if (!existing_lease)
                 return 0;
 
         if (existing_lease->address != req->message->ciaddr)
-                return 0;
+                return -EBADMSG;
 
         sd_dhcp_server_lease_unref(existing_lease);
         dhcp_server_on_lease_change(server);
 
+        log_dhcp_server(server, "RELEASE (0x%x)", be32toh(req->message->xid));
         return 0;
 }
 
-- 
2.47.3