mirror of
https://github.com/systemd/systemd.git
synced 2024-12-23 21:35:11 +03:00
sd-dhcp-client: respect TP_STATUS_CSUMNOTREADY
If an UDP packet has not passed through a hardware device, its checksum may not have been computed. This is exposed through the TP_STATUS_CSUMNOTREADY sockopt. When using raw sockets, skip checksum validation when TP_STATUS_CSUMNOTREADY is set. This is necessary for dhcp to work directly over a veth tunnel, e.g. as done in systemd-nspawn.
This commit is contained in:
parent
872c2ab3e2
commit
55dab2ed83
@ -50,6 +50,6 @@ int dhcp_message_init(DHCPMessage *message, uint8_t op, uint32_t xid, uint8_t ty
|
||||
|
||||
void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len);
|
||||
|
||||
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len);
|
||||
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum);
|
||||
|
||||
#define log_dhcp_client(client, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "DHCP CLIENT: " fmt, ##__VA_ARGS__)
|
||||
|
@ -32,7 +32,7 @@
|
||||
|
||||
int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
|
||||
{
|
||||
int s;
|
||||
int s, one = 1;
|
||||
|
||||
assert(index > 0);
|
||||
assert(link);
|
||||
@ -48,6 +48,9 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
|
||||
link->ll.sll_halen = ETH_ALEN;
|
||||
memset(link->ll.sll_addr, 0xff, ETH_ALEN);
|
||||
|
||||
if (setsockopt (s, SOL_PACKET, PACKET_AUXDATA, &one, sizeof(one)) < 0)
|
||||
return -errno;
|
||||
|
||||
if (bind(s, &link->sa, sizeof(link->ll)) < 0) {
|
||||
close_nointr_nofail(s);
|
||||
return -errno;
|
||||
|
@ -113,7 +113,7 @@ void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len) {
|
||||
packet->ip.check = dhcp_checksum(&packet->ip, DHCP_IP_SIZE);
|
||||
}
|
||||
|
||||
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
|
||||
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum) {
|
||||
size_t hdrlen;
|
||||
|
||||
assert(packet);
|
||||
@ -168,7 +168,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (packet->udp.check) {
|
||||
if (checksum && packet->udp.check) {
|
||||
packet->ip.check = packet->udp.len;
|
||||
packet->ip.ttl = 0;
|
||||
|
||||
|
@ -886,8 +886,18 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
|
||||
uint32_t revents, void *userdata) {
|
||||
sd_dhcp_client *client = userdata;
|
||||
_cleanup_free_ DHCPPacket *packet = NULL;
|
||||
int buflen = 0, len, r;
|
||||
usec_t time_now;
|
||||
uint8_t cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))];
|
||||
struct iovec iov = {};
|
||||
struct msghdr msg = {
|
||||
.msg_iov = &iov,
|
||||
.msg_iovlen = 1,
|
||||
.msg_control = cmsgbuf,
|
||||
.msg_controllen = sizeof(cmsgbuf),
|
||||
};
|
||||
struct cmsghdr *cmsg;
|
||||
bool checksum = true;
|
||||
int buflen = 0, len, r;
|
||||
|
||||
assert(s);
|
||||
assert(client);
|
||||
@ -901,11 +911,26 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
|
||||
if (!packet)
|
||||
return -ENOMEM;
|
||||
|
||||
len = read(fd, packet, buflen);
|
||||
if (len < 0)
|
||||
return 0;
|
||||
iov.iov_base = packet;
|
||||
iov.iov_len = buflen;
|
||||
|
||||
r = dhcp_packet_verify_headers(packet, len);
|
||||
len = recvmsg(fd, &msg, 0);
|
||||
if (len < 0) {
|
||||
log_dhcp_client(client, "could not receive message from raw "
|
||||
"socket: %s", strerror(errno));
|
||||
return 0;
|
||||
}
|
||||
|
||||
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
|
||||
if (cmsg->cmsg_level == SOL_PACKET && cmsg->cmsg_type == PACKET_AUXDATA) {
|
||||
struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
|
||||
|
||||
checksum = !(aux->tp_status & TP_STATUS_CSUMNOTREADY);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
r = dhcp_packet_verify_headers(packet, len, checksum);
|
||||
if (r < 0)
|
||||
return 0;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user