2 * dhcp.c Functions to send/receive dhcp packets.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * Copyright 2008 The FreeRADIUS server project
21 * Copyright 2008 Alan DeKok <aland@deployingradius.com>
26 #include <freeradius-devel/libradius.h>
27 #include <freeradius-devel/udpfromto.h>
28 #include <freeradius-devel/dhcp.h>
31 #include <sys/ioctl.h>
34 #ifdef HAVE_SYS_SOCKET_H
35 #include <sys/socket.h>
37 #ifdef HAVE_SYS_TYPES_H
38 #include <sys/types.h>
42 #include <net/if_arp.h>
45 #define DHCP_CHADDR_LEN (16)
46 #define DHCP_SNAME_LEN (64)
47 #define DHCP_FILE_LEN (128)
48 #define DHCP_VEND_LEN (308)
49 #define DHCP_OPTION_MAGIC_NUMBER (0x63825363)
51 #ifndef INADDR_BROADCAST
52 #define INADDR_BROADCAST INADDR_NONE
55 /* @todo: this is a hack */
56 # define DEBUG if (fr_debug_flag && fr_log_fp) fr_printf_log
57 void fr_strerror_printf(char const *fmt, ...);
58 # define debug_pair(vp) do { if (fr_debug_flag && fr_log_fp) { \
59 vp_print(fr_log_fp, vp); \
63 typedef struct dhcp_packet_t {
69 uint16_t secs; /* 8 */
71 uint32_t ciaddr; /* 12 */
72 uint32_t yiaddr; /* 16 */
73 uint32_t siaddr; /* 20 */
74 uint32_t giaddr; /* 24 */
75 uint8_t chaddr[DHCP_CHADDR_LEN]; /* 28 */
76 uint8_t sname[DHCP_SNAME_LEN]; /* 44 */
77 uint8_t file[DHCP_FILE_LEN]; /* 108 */
78 uint32_t option_format; /* 236 */
79 uint8_t options[DHCP_VEND_LEN];
82 typedef struct dhcp_option_t {
88 * INADDR_ANY : 68 -> INADDR_BROADCAST : 67 DISCOVER
89 * INADDR_BROADCAST : 68 <- SERVER_IP : 67 OFFER
90 * INADDR_ANY : 68 -> INADDR_BROADCAST : 67 REQUEST
91 * INADDR_BROADCAST : 68 <- SERVER_IP : 67 ACK
93 static char const *dhcp_header_names[] = {
96 "DHCP-Hardware-Address-Length",
98 "DHCP-Transaction-Id",
99 "DHCP-Number-of-Seconds",
101 "DHCP-Client-IP-Address",
102 "DHCP-Your-IP-Address",
103 "DHCP-Server-IP-Address",
104 "DHCP-Gateway-IP-Address",
105 "DHCP-Client-Hardware-Address",
106 "DHCP-Server-Host-Name",
107 "DHCP-Boot-Filename",
112 static char const *dhcp_message_types[] = {
125 static int dhcp_header_sizes[] = {
136 * Some clients silently ignore responses less than 300 bytes.
138 #define MIN_PACKET_SIZE (244)
139 #define DEFAULT_PACKET_SIZE (300)
140 #define MAX_PACKET_SIZE (1500 - 40)
142 #define DHCP_OPTION_FIELD (0)
143 #define DHCP_FILE_FIELD (1)
144 #define DHCP_SNAME_FIELD (2)
146 static uint8_t *dhcp_get_option(dhcp_packet_t *packet, size_t packet_size,
150 int field = DHCP_OPTION_FIELD;
155 size = packet_size - offsetof(dhcp_packet_t, options);
156 data = &packet->options[where];
158 while (where < size) {
159 if (data[0] == 0) { /* padding */
164 if (data[0] == 255) { /* end of options */
165 if ((field == DHCP_OPTION_FIELD) &&
166 (overload & DHCP_FILE_FIELD)) {
169 size = sizeof(packet->file);
170 field = DHCP_FILE_FIELD;
173 } else if ((field == DHCP_FILE_FIELD) &&
174 (overload & DHCP_SNAME_FIELD)) {
175 data = packet->sname;
177 size = sizeof(packet->sname);
178 field = DHCP_SNAME_FIELD;
186 * We MUST have a real option here.
188 if ((where + 2) > size) {
189 fr_strerror_printf("Options overflow field at %u",
190 (unsigned int) (data - (uint8_t *) packet));
194 if ((where + 2 + data[1]) > size) {
195 fr_strerror_printf("Option length overflows field at %u",
196 (unsigned int) (data - (uint8_t *) packet));
200 if (data[0] == option) return data;
202 if (data[0] == 52) { /* overload sname and/or file */
206 where += data[1] + 2;
214 * DHCPv4 is only for IPv4. Broadcast only works if udpfromto is
217 RADIUS_PACKET *fr_dhcp_recv(int sockfd)
220 struct sockaddr_storage src;
221 struct sockaddr_storage dst;
222 socklen_t sizeof_src;
223 socklen_t sizeof_dst;
224 RADIUS_PACKET *packet;
228 packet = rad_alloc(NULL, 0);
230 fr_strerror_printf("Failed allocating packet");
234 packet->data = talloc_zero_array(packet, uint8_t, MAX_PACKET_SIZE);
236 fr_strerror_printf("Out of memory");
241 packet->sockfd = sockfd;
242 sizeof_src = sizeof(src);
243 #ifdef WITH_UDPFROMTO
244 sizeof_dst = sizeof(dst);
245 packet->data_len = recvfromto(sockfd, packet->data, MAX_PACKET_SIZE, 0,
246 (struct sockaddr *)&src, &sizeof_src,
247 (struct sockaddr *)&dst, &sizeof_dst);
249 packet->data_len = recvfrom(sockfd, packet->data, MAX_PACKET_SIZE, 0,
250 (struct sockaddr *)&src, &sizeof_src);
253 if (packet->data_len <= 0) {
254 fr_strerror_printf("Failed reading DHCP socket: %s", strerror(errno));
259 if (packet->data_len < MIN_PACKET_SIZE) {
260 fr_strerror_printf("DHCP packet is too small (%zu < %d)",
261 packet->data_len, MIN_PACKET_SIZE);
266 if (packet->data[1] != 1) {
267 fr_strerror_printf("DHCP can only receive ethernet requests, not type %02x",
273 if (packet->data[2] != 6) {
274 fr_strerror_printf("Ethernet HW length is wrong length %d",
280 memcpy(&magic, packet->data + 236, 4);
281 magic = ntohl(magic);
282 if (magic != DHCP_OPTION_MAGIC_NUMBER) {
283 fr_strerror_printf("Cannot do BOOTP");
289 * Create unique keys for the packet.
291 memcpy(&magic, packet->data + 4, 4);
292 packet->id = ntohl(magic);
294 code = dhcp_get_option((dhcp_packet_t *) packet->data,
295 packet->data_len, 53);
297 fr_strerror_printf("No message-type option was found in the packet");
302 if ((code[1] < 1) || (code[2] == 0) || (code[2] > 8)) {
303 fr_strerror_printf("Unknown value for message-type option");
308 packet->code = code[2] | PW_DHCP_OFFSET;
311 * Create a unique vector from the MAC address and the
312 * DHCP opcode. This is a hack for the RADIUS
313 * infrastructure in the rest of the server.
315 * Note: packet->data[2] == 6, which is smaller than
316 * sizeof(packet->vector)
318 * FIXME: Look for client-identifier in packet,
321 memset(packet->vector, 0, sizeof(packet->vector));
322 memcpy(packet->vector, packet->data + 28, packet->data[2]);
323 packet->vector[packet->data[2]] = packet->code & 0xff;
326 * FIXME: for DISCOVER / REQUEST: src_port == dst_port + 1
327 * FIXME: for OFFER / ACK : src_port = dst_port - 1
331 * Unique keys are xid, client mac, and client ID?
335 * FIXME: More checks, like DHCP packet type?
338 sizeof_dst = sizeof(dst);
340 #ifndef WITH_UDPFROMTO
342 * This should never fail...
344 if (getsockname(sockfd, (struct sockaddr *) &dst, &sizeof_dst) < 0) {
345 fr_strerror_printf("getsockname failed: %s", strerror(errno));
351 fr_sockaddr2ipaddr(&dst, sizeof_dst, &packet->dst_ipaddr, &port);
352 packet->dst_port = port;
354 fr_sockaddr2ipaddr(&src, sizeof_src, &packet->src_ipaddr, &port);
355 packet->src_port = port;
357 if (fr_debug_flag > 1) {
359 char const *name = type_buf;
360 char src_ip_buf[256], dst_ip_buf[256];
362 if ((packet->code >= PW_DHCP_DISCOVER) &&
363 (packet->code <= PW_DHCP_INFORM)) {
364 name = dhcp_message_types[packet->code - PW_DHCP_OFFSET];
366 snprintf(type_buf, sizeof(type_buf), "%d",
367 packet->code - PW_DHCP_OFFSET);
370 DEBUG("Received %s of id %08x from %s:%d to %s:%d\n",
371 name, (unsigned int) packet->id,
372 inet_ntop(packet->src_ipaddr.af,
373 &packet->src_ipaddr.ipaddr,
374 src_ip_buf, sizeof(src_ip_buf)),
376 inet_ntop(packet->dst_ipaddr.af,
377 &packet->dst_ipaddr.ipaddr,
378 dst_ip_buf, sizeof(dst_ip_buf)),
387 * Send a DHCP packet.
389 int fr_dhcp_send(RADIUS_PACKET *packet)
391 struct sockaddr_storage dst;
392 socklen_t sizeof_dst;
393 #ifdef WITH_UDPFROMTO
394 struct sockaddr_storage src;
395 socklen_t sizeof_src;
397 fr_ipaddr2sockaddr(&packet->src_ipaddr, packet->src_port,
401 fr_ipaddr2sockaddr(&packet->dst_ipaddr, packet->dst_port,
404 if (fr_debug_flag > 1) {
406 char const *name = type_buf;
407 #ifdef WITH_UDPFROMTO
408 char src_ip_buf[INET6_ADDRSTRLEN];
410 char dst_ip_buf[INET6_ADDRSTRLEN];
412 if ((packet->code >= PW_DHCP_DISCOVER) &&
413 (packet->code <= PW_DHCP_INFORM)) {
414 name = dhcp_message_types[packet->code - PW_DHCP_OFFSET];
416 snprintf(type_buf, sizeof(type_buf), "%d",
417 packet->code - PW_DHCP_OFFSET);
421 #ifdef WITH_UDPFROMTO
422 "Sending %s of id %08x from %s:%d to %s:%d\n",
424 "Sending %s of id %08x to %s:%d\n",
426 name, (unsigned int) packet->id,
427 #ifdef WITH_UDPFROMTO
428 inet_ntop(packet->src_ipaddr.af, &packet->src_ipaddr.ipaddr, src_ip_buf, sizeof(src_ip_buf)),
431 inet_ntop(packet->dst_ipaddr.af, &packet->dst_ipaddr.ipaddr, dst_ip_buf, sizeof(dst_ip_buf)),
435 #ifndef WITH_UDPFROMTO
437 * Assume that the packet is encoded before sending it.
439 return sendto(packet->sockfd, packet->data, packet->data_len, 0,
440 (struct sockaddr *)&dst, sizeof_dst);
443 return sendfromto(packet->sockfd, packet->data, packet->data_len, 0,
444 (struct sockaddr *)&src, sizeof_src,
445 (struct sockaddr *)&dst, sizeof_dst);
449 static int fr_dhcp_attr2vp(RADIUS_PACKET *packet, VALUE_PAIR *vp, uint8_t const *p, size_t alen);
451 static int decode_tlv(RADIUS_PACKET *packet, VALUE_PAIR *tlv, uint8_t const *data, size_t data_len)
454 VALUE_PAIR *head, *vp;
458 * Take a pass at parsing it.
461 while (p < (data + data_len)) {
462 if ((p + 2) > (data + data_len)) goto make_tlv;
464 if ((p + p[1] + 2) > (data + data_len)) goto make_tlv;
469 * Got here... must be well formed.
472 paircursor(&cursor, &head);
475 while (p < (data + data_len)) {
476 vp = paircreate(packet, tlv->da->attr | (p[0] << 8), DHCP_MAGIC_VENDOR);
482 if (fr_dhcp_attr2vp(packet, vp, p + 2, p[1]) < 0) {
487 pairinsert(&cursor, vp);
492 * The caller allocated TLV, so we need to copy the FIRST
493 * attribute over top of that.
496 memcpy(tlv, head, sizeof(*tlv));
504 tlv->vp_tlv = talloc_array(tlv, uint8_t, data_len);
506 fr_strerror_printf("No memory");
509 memcpy(tlv->vp_tlv, data, data_len);
510 tlv->length = data_len;
517 * Decode ONE value into a VP
519 static int fr_dhcp_attr2vp(RADIUS_PACKET *packet, VALUE_PAIR *vp, uint8_t const *p, size_t alen)
523 switch (vp->da->type) {
525 if (alen != 1) goto raw;
526 vp->vp_integer = p[0];
530 if (alen != 2) goto raw;
531 memcpy(&vp->vp_integer, p, 2);
532 vp->vp_integer = ntohs(vp->vp_integer);
535 case PW_TYPE_INTEGER:
536 if (alen != 4) goto raw;
537 memcpy(&vp->vp_integer, p, 4);
538 vp->vp_integer = ntohl(vp->vp_integer);
542 if (alen != 4) goto raw;
544 * Keep value in Network Order!
546 memcpy(&vp->vp_ipaddr, p , 4);
551 vp->vp_strvalue = q = talloc_array(vp, char, alen + 1);
557 case PW_TYPE_ETHERNET:
558 memcpy(vp->vp_ether, p, sizeof(vp->vp_ether));
559 vp->length = sizeof(vp->vp_ether);
563 * Value doesn't match up with attribute type, overwrite the
564 * vp's original DICT_ATTR with an unknown one.
567 if (pair2unknown(vp) < 0) return -1;
570 if (alen > 253) return -1;
571 pairmemcpy(vp, p, alen);
575 return decode_tlv(packet, vp, p, alen);
578 fr_strerror_printf("Internal sanity check %d %d", vp->da->type, __LINE__);
580 } /* switch over type */
586 ssize_t fr_dhcp_decode_options(RADIUS_PACKET *packet,
587 uint8_t const *data, size_t len, VALUE_PAIR **head)
592 uint8_t const *p, *next;
596 paircursor(&cursor, head);
599 * FIXME: This should also check sname && file fields.
600 * See the dhcp_get_option() function above.
602 while (next < (data + len)) {
603 int num_entries, alen;
609 if (*p == 255) break; /* end of options signifier */
610 if ((p + 2) > (data + len)) break;
615 fr_strerror_printf("Attribute too long %u %u",
620 da = dict_attrbyvalue(p[0], DHCP_MAGIC_VENDOR);
622 fr_strerror_printf("Attribute not in our dictionary: %u",
633 * Could be an array of bytes, integers, etc.
635 if (da->flags.array) {
642 case PW_TYPE_SHORT: /* ignore any trailing data */
643 num_entries = alen >> 1;
648 case PW_TYPE_INTEGER:
649 case PW_TYPE_DATE: /* ignore any trailing data */
650 num_entries = alen >> 2;
656 break; /* really an internal sanity failure */
661 * Loop over all of the entries, building VPs
663 for (i = 0; i < num_entries; i++) {
664 vp = pairmake(packet, NULL, da->name, NULL, T_OP_ADD);
666 fr_strerror_printf("Cannot build attribute %s",
673 * Hack for ease of use.
675 if ((da->vendor == DHCP_MAGIC_VENDOR) &&
676 (da->attr == 61) && !da->flags.array &&
677 (alen == 7) && (*p == 1) && (num_entries == 1)) {
678 pairmemcpy(vp, p + 1, 6);
680 } else if (fr_dhcp_attr2vp(packet, vp, p, alen) < 0) {
686 pairinsert(&cursor, vp);
688 for (vp = paircurrent(&cursor);
690 vp = pairnext(&cursor)) {
694 } /* loop over array entries */
695 } /* loop over the entire packet */
700 int fr_dhcp_decode(RADIUS_PACKET *packet)
706 VALUE_PAIR *head = NULL, *vp;
707 VALUE_PAIR *maxms, *mtu;
709 paircursor(&cursor, &head);
712 if ((fr_debug_flag > 2) && fr_log_fp) {
713 for (i = 0; i < packet->data_len; i++) {
714 if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, "%d: ", (int) i);
715 fprintf(fr_log_fp, "%02x ", packet->data[i]);
716 if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n");
718 fprintf(fr_log_fp, "\n");
721 if (packet->data[1] != 1) {
722 fr_strerror_printf("Packet is not Ethernet: %u",
730 for (i = 0; i < 14; i++) {
733 vp = pairmake(packet, NULL, dhcp_header_names[i], NULL, T_OP_EQ);
736 strlcpy(buffer, fr_strerror(), sizeof(buffer));
737 fr_strerror_printf("Cannot decode packet due to internal error: %s", buffer);
743 * If chaddr does != 6 bytes it's probably not ethernet, and we should store
744 * it as an opaque type (octets).
746 if ((i == 11) && (packet->data[1] == 1) && (packet->data[2] != sizeof(vp->vp_ether))) {
747 DICT_ATTR const *da = dict_attrunknown(vp->da->attr, vp->da->vendor, true);
754 switch (vp->da->type) {
756 vp->vp_integer = p[0];
761 vp->vp_integer = (p[0] << 8) | p[1];
765 case PW_TYPE_INTEGER:
766 memcpy(&vp->vp_integer, p, 4);
767 vp->vp_integer = ntohl(vp->vp_integer);
772 memcpy(&vp->vp_ipaddr, p, 4);
777 vp->vp_strvalue = q = talloc_array(vp, char, dhcp_header_sizes[i] + 1);
779 memcpy(q, p, dhcp_header_sizes[i]);
780 q[dhcp_header_sizes[i]] = '\0';
781 vp->length = strlen(vp->vp_strvalue);
782 if (vp->length == 0) {
788 pairmemcpy(vp, p, packet->data[2]);
791 case PW_TYPE_ETHERNET:
792 memcpy(vp->vp_ether, p, sizeof(vp->vp_ether));
793 vp->length = sizeof(vp->vp_ether);
797 fr_strerror_printf("BAD TYPE %d", vp->da->type);
801 p += dhcp_header_sizes[i];
806 pairinsert(&cursor, vp);
810 * Loop over the options.
814 * Nothing uses tail after this call, if it does in the future
815 * it'll need to find the new tail...
818 VALUE_PAIR *options = NULL;
820 if (fr_dhcp_decode_options(packet,
821 packet->data + 240, packet->data_len - 240,
827 pairinsert(&cursor, options);
832 * If DHCP request, set ciaddr to zero.
836 * Set broadcast flag for broken vendors, but only if
839 memcpy(&giaddr, packet->data + 24, sizeof(giaddr));
840 if (giaddr == htonl(INADDR_ANY)) {
842 * DHCP Opcode is request
844 vp = pairfind(head, 256, DHCP_MAGIC_VENDOR, TAG_ANY);
845 if (vp && vp->vp_integer == 3) {
847 * Vendor is "MSFT 98"
849 vp = pairfind(head, 63, DHCP_MAGIC_VENDOR, TAG_ANY);
850 if (vp && (strcmp(vp->vp_strvalue, "MSFT 98") == 0)) {
851 vp = pairfind(head, 262, DHCP_MAGIC_VENDOR, TAG_ANY);
854 * Reply should be broadcast.
856 if (vp) vp->vp_integer |= 0x8000;
857 packet->data[10] |= 0x80;
863 * FIXME: Nuke attributes that aren't used in the normal
864 * header for discover/requests.
869 * Client can request a LARGER size, but not a smaller
870 * one. They also cannot request a size larger than MTU.
872 maxms = pairfind(packet->vps, 57, DHCP_MAGIC_VENDOR, TAG_ANY);
873 mtu = pairfind(packet->vps, 26, DHCP_MAGIC_VENDOR, TAG_ANY);
875 if (mtu && (mtu->vp_integer < DEFAULT_PACKET_SIZE)) {
876 fr_strerror_printf("DHCP Fatal: Client says MTU is smaller than minimum permitted by the specification.");
880 if (maxms && (maxms->vp_integer < DEFAULT_PACKET_SIZE)) {
881 fr_strerror_printf("DHCP WARNING: Client says maximum message size is smaller than minimum permitted by the specification: fixing it");
882 maxms->vp_integer = DEFAULT_PACKET_SIZE;
885 if (maxms && mtu && (maxms->vp_integer > mtu->vp_integer)) {
886 fr_strerror_printf("DHCP WARNING: Client says MTU is smaller than maximum message size: fixing it");
887 maxms->vp_integer = mtu->vp_integer;
890 if (fr_debug_flag) fflush(stdout);
896 static int attr_cmp(void const *one, void const *two)
898 VALUE_PAIR const * const *a = one;
899 VALUE_PAIR const * const *b = two;
902 * DHCP-Message-Type is first, for simplicity.
904 if (((*a)->da->attr == 53) &&
905 (*b)->da->attr != 53) return -1;
908 * Relay-Agent is last
910 if (((*a)->da->attr == 82) &&
911 (*b)->da->attr != 82) return 1;
913 return ((*a)->da->attr - (*b)->da->attr);
919 static size_t fr_dhcp_vp2attr(VALUE_PAIR *vp, uint8_t *p, UNUSED size_t room)
925 * Search for all attributes of the same
926 * type, and pack them into the same
929 switch (vp->da->type) {
932 *p = vp->vp_integer & 0xff;
937 p[0] = (vp->vp_integer >> 8) & 0xff;
938 p[1] = vp->vp_integer & 0xff;
941 case PW_TYPE_INTEGER:
943 lvalue = htonl(vp->vp_integer);
944 memcpy(p, &lvalue, 4);
949 memcpy(p, &vp->vp_ipaddr, 4);
952 case PW_TYPE_ETHERNET:
954 memcpy(p, &vp->vp_ether, 6);
958 memcpy(p, vp->vp_strvalue, vp->length);
962 case PW_TYPE_TLV: /* FIXME: split it on 255? */
963 memcpy(p, vp->vp_tlv, vp->length);
968 memcpy(p, vp->vp_octets, vp->length);
973 fr_strerror_printf("BAD TYPE2 %d", vp->da->type);
981 static VALUE_PAIR *fr_dhcp_vp2suboption(RADIUS_PACKET *packet, VALUE_PAIR *vps)
984 unsigned int attribute;
987 VALUE_PAIR *vp, *tlv;
989 attribute = vps->da->attr & 0xffff00ff;
991 tlv = paircreate(packet, attribute, DHCP_MAGIC_VENDOR);
992 if (!tlv) return NULL;
995 for (vp = paircursor(&cursor, &vps);
997 vp = pairnext(&cursor)) {
999 * Group the attributes ONLY until we see a
1000 * non-TLV attribute.
1002 if (!vp->da->flags.is_tlv ||
1003 vp->da->flags.extended ||
1004 ((vp->da->attr & 0xffff00ff) != attribute)) {
1008 tlv->length += vp->length + 2;
1016 tlv->vp_tlv = talloc_array(tlv, uint8_t, tlv->length);
1023 for (vp = paircursor(&cursor, &vps);
1025 vp = pairnext(&cursor)) {
1026 if (!vp->da->flags.is_tlv ||
1027 vp->da->flags.extended ||
1028 ((vp->da->attr & 0xffff00ff) != attribute)) {
1032 length = fr_dhcp_vp2attr(vp, ptr + 2,
1033 tlv->vp_tlv + tlv->length - ptr);
1040 * Pack the attribute.
1042 ptr[0] = (vp->da->attr & 0xff00) >> 8;
1052 int fr_dhcp_encode(RADIUS_PACKET *packet)
1054 unsigned int i, num_vps;
1059 size_t dhcp_size, length;
1062 # ifdef WITH_UDPFROMTO
1063 char src_ip_buf[256];
1065 char dst_ip_buf[256];
1068 if (packet->data) return 0;
1070 packet->data_len = MAX_PACKET_SIZE;
1071 packet->data = talloc_zero_array(packet, uint8_t, packet->data_len);
1073 /* XXX Ugly ... should be set by the caller */
1074 if (packet->code == 0) packet->code = PW_DHCP_NAK;
1077 if ((packet->code >= PW_DHCP_DISCOVER) &&
1078 (packet->code <= PW_DHCP_INFORM)) {
1079 name = dhcp_message_types[packet->code - PW_DHCP_OFFSET];
1085 #ifdef WITH_UDPFROMTO
1086 "Encoding %s of id %08x from %s:%d to %s:%d\n",
1088 "Encoding %s of id %08x to %s:%d\n",
1090 name, (unsigned int) packet->id,
1091 #ifdef WITH_UDPFROMTO
1092 inet_ntop(packet->src_ipaddr.af,
1093 &packet->src_ipaddr.ipaddr,
1094 src_ip_buf, sizeof(src_ip_buf)),
1097 inet_ntop(packet->dst_ipaddr.af,
1098 &packet->dst_ipaddr.ipaddr,
1099 dst_ip_buf, sizeof(dst_ip_buf)),
1106 * @todo: Make this work again.
1109 mms = DEFAULT_PACKET_SIZE; /* maximum message size */
1112 * Clients can request a LARGER size, but not a
1113 * smaller one. They also cannot request a size
1117 /* DHCP-DHCP-Maximum-Msg-Size */
1118 vp = pairfind(packet->vps, 57, DHCP_MAGIC_VENDOR, TAG_ANY);
1119 if (vp && (vp->vp_integer > mms)) {
1120 mms = vp->vp_integer;
1122 if (mms > MAX_PACKET_SIZE) mms = MAX_PACKET_SIZE;
1126 vp = pairfind(packet->vps, 256, DHCP_MAGIC_VENDOR, TAG_ANY);
1128 *p++ = vp->vp_integer & 0xff;
1130 *p++ = 1; /* client message */
1133 /* DHCP-Hardware-Type */
1134 if ((vp = pairfind(packet->vps, 257, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1135 *p++ = vp->vp_integer & 0xFF;
1137 *p++ = 1; /* hardware type = ethernet */
1140 /* DHCP-Hardware-Address-Length */
1141 if ((vp = pairfind(packet->vps, 258, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1142 *p++ = vp->vp_integer & 0xFF;
1144 *p++ = 6; /* 6 bytes of ethernet */
1147 /* DHCP-Hop-Count */
1148 if ((vp = pairfind(packet->vps, 259, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1149 *p = vp->vp_integer & 0xff;
1153 /* DHCP-Transaction-Id */
1154 if ((vp = pairfind(packet->vps, 260, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1155 lvalue = htonl(vp->vp_integer);
1159 memcpy(p, &lvalue, 4);
1162 /* DHCP-Number-of-Seconds */
1163 if ((vp = pairfind(packet->vps, 261, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1164 lvalue = htonl(vp->vp_integer);
1165 memcpy(p, &lvalue, 2);
1170 if ((vp = pairfind(packet->vps, 262, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1171 lvalue = htons(vp->vp_integer);
1172 memcpy(p, &lvalue, 2);
1176 /* DHCP-Client-IP-Address */
1177 if ((vp = pairfind(packet->vps, 263, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1178 memcpy(p, &vp->vp_ipaddr, 4);
1182 /* DHCP-Your-IP-address */
1183 if ((vp = pairfind(packet->vps, 264, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1184 lvalue = vp->vp_ipaddr;
1186 lvalue = htonl(INADDR_ANY);
1188 memcpy(p, &lvalue, 4);
1191 /* DHCP-Server-IP-Address */
1192 vp = pairfind(packet->vps, 265, DHCP_MAGIC_VENDOR, TAG_ANY);
1194 /* DHCP-DHCP-Server-Identifier */
1195 if (!vp && (vp = pairfind(packet->vps, 54, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1196 lvalue = vp->vp_ipaddr;
1198 lvalue = htonl(INADDR_ANY);
1200 memcpy(p, &lvalue, 4);
1204 * DHCP-Gateway-IP-Address
1206 if ((vp = pairfind(packet->vps, 266, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1207 lvalue = vp->vp_ipaddr;
1209 lvalue = htonl(INADDR_ANY);
1211 memcpy(p, &lvalue, 4);
1214 /* DHCP-Client-Hardware-Address */
1215 if ((vp = pairfind(packet->vps, 267, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1216 if (vp->length > DHCP_CHADDR_LEN) {
1217 memcpy(p, vp->vp_octets, DHCP_CHADDR_LEN);
1219 memcpy(p, vp->vp_octets, vp->length);
1222 p += DHCP_CHADDR_LEN;
1224 /* DHCP-Server-Host-Name */
1225 if ((vp = pairfind(packet->vps, 268, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1226 if (vp->length > DHCP_SNAME_LEN) {
1227 memcpy(p, vp->vp_strvalue, DHCP_SNAME_LEN);
1229 memcpy(p, vp->vp_strvalue, vp->length);
1232 p += DHCP_SNAME_LEN;
1235 * Copy over DHCP-Boot-Filename.
1237 * FIXME: This copy should be delayed until AFTER the options
1238 * have been processed. If there are too many options for
1239 * the packet, then they go into the sname && filename fields.
1240 * When that happens, the boot filename is passed as an option,
1241 * instead of being placed verbatim in the filename field.
1244 /* DHCP-Boot-Filename */
1245 if ((vp = pairfind(packet->vps, 269, DHCP_MAGIC_VENDOR, TAG_ANY))) {
1246 if (vp->length > DHCP_FILE_LEN) {
1247 memcpy(p, vp->vp_strvalue, DHCP_FILE_LEN);
1249 memcpy(p, vp->vp_strvalue, vp->length);
1254 /* DHCP magic number */
1255 lvalue = htonl(DHCP_OPTION_MAGIC_NUMBER);
1256 memcpy(p, &lvalue, 4);
1262 if (fr_debug_flag > 1) {
1267 for (i = 0; i < 14; i++) {
1270 vp = pairmake(packet, NULL,
1271 dhcp_header_names[i], NULL, T_OP_EQ);
1274 strlcpy(buffer, fr_strerror(), sizeof(buffer));
1275 fr_strerror_printf("Cannot decode packet due to internal error: %s", buffer);
1279 switch (vp->da->type) {
1281 vp->vp_integer = p[0];
1286 vp->vp_integer = (p[0] << 8) | p[1];
1290 case PW_TYPE_INTEGER:
1291 memcpy(&vp->vp_integer, p, 4);
1292 vp->vp_integer = ntohl(vp->vp_integer);
1296 case PW_TYPE_IPADDR:
1297 memcpy(&vp->vp_ipaddr, p, 4);
1301 case PW_TYPE_STRING:
1302 vp->vp_strvalue = q = talloc_array(vp, char, dhcp_header_sizes[i]);
1304 memcpy(q, p, dhcp_header_sizes[i]);
1305 q[dhcp_header_sizes[i]] = '\0';
1306 vp->length = strlen(vp->vp_strvalue);
1309 case PW_TYPE_OCTETS: /* only for Client HW Address */
1310 pairmemcpy(vp, p, packet->data[2]);
1313 case PW_TYPE_ETHERNET: /* only for Client HW Address */
1314 memcpy(vp->vp_ether, p, sizeof(vp->vp_ether));
1315 vp->length = sizeof(vp->vp_ether);
1319 fr_strerror_printf("Internal sanity check failed %d %d", vp->da->type, __LINE__);
1324 p += dhcp_header_sizes[i];
1331 * Jump over DHCP magic number, response, etc.
1337 * Before packing the attributes, re-order them so that
1338 * the array ones are all contiguous. This simplifies
1342 for (vp = paircursor(&cursor, &packet->vps);
1344 vp = pairnext(&cursor)) {
1350 array = talloc_array(packet, VALUE_PAIR*, num_vps);
1353 for (vp = paircursor(&cursor, &packet->vps);
1355 vp = pairnext(&cursor)) {
1360 * Sort the attributes.
1362 qsort(array, (size_t) num_vps, sizeof(VALUE_PAIR *), attr_cmp);
1365 paircursor(&cursor, &packet->vps);
1366 for (i = 0; i < num_vps; i++) {
1367 array[i]->next = NULL;
1368 pairinsert(&cursor, array[i]);
1373 p[0] = 0x35; /* DHCP-Message-Type */
1375 p[2] = packet->code - PW_DHCP_OFFSET;
1379 * Pack in the attributes.
1383 unsigned int num_entries = 1;
1387 if (vp->da->vendor != DHCP_MAGIC_VENDOR) goto next;
1388 if (vp->da->attr == 53) goto next; /* already done */
1389 if ((vp->da->attr > 255) &&
1390 (DHCP_BASE_ATTR(vp->da->attr) != PW_DHCP_OPTION_82)) goto next;
1393 if (vp->da->flags.extended) goto next;
1395 for (same = paircursor(&cursor, &vp->next);
1397 same = pairnext(&cursor)) {
1398 if (same->da->attr != vp->da->attr) break;
1403 * For client-identifier
1404 * @todo What's this meant to be doing?!
1407 if ((vp->da->type == PW_TYPE_ETHERNET) &&
1408 (vp->length == 6) &&
1409 (num_entries == 1)) {
1410 vp->da->type = PW_TYPE_OCTETS;
1411 memmove(vp->vp_octets + 1, vp->vp_octets, 6);
1412 vp->vp_octets[0] = 1;
1415 *(p++) = vp->da->attr & 0xff;
1417 *(p++) = 0; /* header isn't included in attr length */
1419 for (i = 0; i < num_entries; i++) {
1420 if (i != 0) debug_pair(vp);
1422 if (vp->da->flags.is_tlv) {
1426 * Should NOT have been encoded yet!
1428 tlv = fr_dhcp_vp2suboption(packet, vp);
1431 * Ignore it if there's an issue
1434 if (!tlv) goto next;
1436 tlv->next = vp->next;
1441 length = fr_dhcp_vp2attr(vp, p, 0);
1444 * This will never happen due to FreeRADIUS
1445 * limitations: sizeof(vp->vp_octets) < 255
1448 fr_strerror_printf("WARNING Ignoring too long attribute %s!", vp->da->name);
1453 * More than one attribute of the same type
1454 * in a row: they are packed together
1455 * into the same TLV. If we overflow,
1458 if ((*plength + length) > 255) {
1459 fr_strerror_printf("WARNING Ignoring too long attribute %s!", vp->da->name);
1467 (vp->next->da->attr == vp->da->attr))
1469 } /* loop over num_entries */
1475 p[0] = 0xff; /* end of option option */
1478 dhcp_size = p - packet->data;
1481 * FIXME: if (dhcp_size > mms),
1482 * then we put the extra options into the "sname" and "file"
1483 * fields, AND set the "end option option" in the "options"
1484 * field. We also set the "overload option",
1485 * and put options into the "file" field, followed by
1486 * the "sname" field. Where each option is completely
1487 * enclosed in the "file" and/or "sname" field, AND
1488 * followed by the "end of option", and MUST be followed
1489 * by padding option.
1491 * Yuck. That sucks...
1493 packet->data_len = dhcp_size;
1495 if (packet->data_len < DEFAULT_PACKET_SIZE) {
1496 memset(packet->data + packet->data_len, 0,
1497 DEFAULT_PACKET_SIZE - packet->data_len);
1498 packet->data_len = DEFAULT_PACKET_SIZE;
1501 if ((fr_debug_flag > 2) && fr_log_fp) {
1502 for (i = 0; i < packet->data_len; i++) {
1503 if ((i & 0x0f) == 0x00) fprintf(fr_log_fp, "%d: ", i);
1504 fprintf(fr_log_fp, "%02x ", packet->data[i]);
1505 if ((i & 0x0f) == 0x0f) fprintf(fr_log_fp, "\n");
1507 fprintf(fr_log_fp, "\n");
1514 int fr_dhcp_add_arp_entry(int fd, char const *interface,
1515 VALUE_PAIR *macaddr, VALUE_PAIR *ip)
1517 struct sockaddr_in *sin;
1520 if (!fr_assert(macaddr) ||
1521 !fr_assert((macaddr->da->type == PW_TYPE_ETHERNET) || (macaddr->da->type == PW_TYPE_OCTETS))) {
1522 fr_strerror_printf("Wrong VP type (%s) for chaddr",
1523 fr_int2str(dict_attr_types, macaddr->da->type, "<invalid>"));
1527 if (macaddr->length > sizeof(req.arp_ha.sa_data)) {
1528 fr_strerror_printf("arp sa_data field too small (%zu octets) to contain chaddr (%zu octets)",
1529 sizeof(req.arp_ha.sa_data), macaddr->length);
1533 memset(&req, 0, sizeof(req));
1534 sin = (struct sockaddr_in *) &req.arp_pa;
1535 sin->sin_family = AF_INET;
1536 sin->sin_addr.s_addr = ip->vp_ipaddr;
1539 strlcpy(req.arp_dev, interface, sizeof(req.arp_dev));
1542 if (macaddr->da->type == PW_TYPE_ETHERNET) {
1543 memcpy(&req.arp_ha.sa_data, &macaddr->vp_ether, sizeof(macaddr->vp_ether));
1545 memcpy(&req.arp_ha.sa_data, macaddr->vp_octets, macaddr->length);
1548 req.arp_flags = ATF_COM;
1549 if (ioctl(fd, SIOCSARP, &req) < 0) {
1550 fr_strerror_printf("Failed to add entry in ARP cache: %s (%d)", strerror(errno), errno);
1557 int fr_dhcp_add_arp_entry(UNUSED int fd, UNUSED char const *interface,
1558 UNUSED VALUE_PAIR *macaddr, UNUSED VALUE_PAIR *ip)
1560 fr_strerror_printf("Adding ARP entry is unsupported on this system");