From c4a283365bdd56e4552e7205fbfba17ca298fc3a Mon Sep 17 00:00:00 2001 From: Shufeng Cao Date: Fri, 14 Dec 2018 20:02:31 +0800 Subject: [PATCH 2/2] binding mac with ipv6: dealing with invalid CONFIRM package --- src/rfc3315.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/rfc3315.c b/src/rfc3315.c index defd966..f8ba7e4 100644 --- a/src/rfc3315.c +++ b/src/rfc3315.c @@ -1087,11 +1087,31 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ case DHCP6CONFIRM: { int good_addr = 0; + int find_bind = 0; + struct dhcp_config *find_config = NULL; /* set reply message type */ *outmsgtypep = DHCP6REPLY; log6_quiet(state, "DHCPCONFIRM", NULL, NULL); + + if(daemon->bind_mac_with_ip6) { + if(state->mac) { + for (find_config = daemon->dhcp_conf; find_config; find_config = find_config->next) + if (config_has_mac(find_config, state->mac, state->mac_len, state->mac_type) && have_config(find_config, CONFIG_ADDR6)) { + find_bind = 1; + break; + } + } + /* requires all mac has binding ipv6 address. */ + if (find_bind == 0) { + o1 = new_opt6(OPTION6_STATUS_CODE); + put_opt6_short(DHCP6NOTONLINK); + put_opt6_string(_("confirm failed, no binding found")); + end_opt6(o1); + return 1; + } + } for (opt = state->packet_options; opt; opt = opt6_next(opt, state->end)) { @@ -1112,6 +1132,16 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ return 1; } + if(daemon->bind_mac_with_ip6) { + if (!is_same_net6(req_addr, &find_config->addr6, 128)) { + o1 = new_opt6(OPTION6_STATUS_CODE); + put_opt6_short(DHCP6NOTONLINK); + put_opt6_string(_("confirm failed, not binding to this address")); + end_opt6(o1); + return 1; + } + } + good_addr = 1; log6_quiet(state, "DHCPREPLY", req_addr, state->hostname); } -- 2.19.1