1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00

sd-dhcp-client: respect TP_STATUS_CSUMNOTREADY

If an UDP packet has not passed through a hardware device, its checksum may not
have been computed. This is exposed through the TP_STATUS_CSUMNOTREADY sockopt.

When using raw sockets, skip checksum validation when TP_STATUS_CSUMNOTREADY
is set.

This is necessary for dhcp to work directly over a veth tunnel, e.g. as done
in systemd-nspawn.
This commit is contained in:
Tom Gundersen 2014-02-24 01:09:21 +01:00
parent 872c2ab3e2
commit 55dab2ed83
4 changed files with 37 additions and 9 deletions

View File

@ -50,6 +50,6 @@ int dhcp_message_init(DHCPMessage *message, uint8_t op, uint32_t xid, uint8_t ty
void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len);
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len);
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum);
#define log_dhcp_client(client, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "DHCP CLIENT: " fmt, ##__VA_ARGS__)

View File

@ -32,7 +32,7 @@
int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
{
int s;
int s, one = 1;
assert(index > 0);
assert(link);
@ -48,6 +48,9 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
link->ll.sll_halen = ETH_ALEN;
memset(link->ll.sll_addr, 0xff, ETH_ALEN);
if (setsockopt (s, SOL_PACKET, PACKET_AUXDATA, &one, sizeof(one)) < 0)
return -errno;
if (bind(s, &link->sa, sizeof(link->ll)) < 0) {
close_nointr_nofail(s);
return -errno;

View File

@ -113,7 +113,7 @@ void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len) {
packet->ip.check = dhcp_checksum(&packet->ip, DHCP_IP_SIZE);
}
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum) {
size_t hdrlen;
assert(packet);
@ -168,7 +168,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
return -EINVAL;
}
if (packet->udp.check) {
if (checksum && packet->udp.check) {
packet->ip.check = packet->udp.len;
packet->ip.ttl = 0;

View File

@ -886,8 +886,18 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
uint32_t revents, void *userdata) {
sd_dhcp_client *client = userdata;
_cleanup_free_ DHCPPacket *packet = NULL;
int buflen = 0, len, r;
usec_t time_now;
uint8_t cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))];
struct iovec iov = {};
struct msghdr msg = {
.msg_iov = &iov,
.msg_iovlen = 1,
.msg_control = cmsgbuf,
.msg_controllen = sizeof(cmsgbuf),
};
struct cmsghdr *cmsg;
bool checksum = true;
int buflen = 0, len, r;
assert(s);
assert(client);
@ -901,11 +911,26 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
if (!packet)
return -ENOMEM;
len = read(fd, packet, buflen);
if (len < 0)
return 0;
iov.iov_base = packet;
iov.iov_len = buflen;
r = dhcp_packet_verify_headers(packet, len);
len = recvmsg(fd, &msg, 0);
if (len < 0) {
log_dhcp_client(client, "could not receive message from raw "
"socket: %s", strerror(errno));
return 0;
}
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
if (cmsg->cmsg_level == SOL_PACKET && cmsg->cmsg_type == PACKET_AUXDATA) {
struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
checksum = !(aux->tp_status & TP_STATUS_CSUMNOTREADY);
break;
}
}
r = dhcp_packet_verify_headers(packet, len, checksum);
if (r < 0)
return 0;