Bug 2169355
| Summary: | Backport - Fix removal of DHCP_CLIENT_MAC options from DHCPv6 relay replies. | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Harald Jensås <hjensas> | |
| Component: | dnsmasq | Assignee: | Petr Menšík <pemensik> | |
| Status: | CLOSED ERRATA | QA Contact: | rhel-cs-infra-services-qe <rhel-cs-infra-services-qe> | |
| Severity: | high | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 8.2 | CC: | aruffin, mmatsuya, psklenar | |
| Target Milestone: | rc | Keywords: | TestCaseProvided, Triaged, ZStream | |
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
|
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | dnsmasq-2.79-26.el8 | Doc Type: | No Doc Update | |
| Doc Text: |
Dnsmasq no longer sends Client Link-Layer Address option in relayed DHCPv6 reply.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 2172357 2172358 2172359 (view as bug list) | Environment: | ||
| Last Closed: | 2023-05-16 08:43:38 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2154717, 2172357, 2172358, 2172359 | |||
|
Description
Harald Jensås
2023-02-13 12:09:24 UTC
commit f8c77edbdffb8ada7753ea9fa104f0f6da70cfe3
Author: Simon Kelley <simon.uk>
Date: Thu Jan 10 21:58:18 2019 +0000
Fix removal of DHCP_CLIENT_MAC options from DHCPv6 relay replies.
diff --git a/src/rfc3315.c b/src/rfc3315.c
index d3c1722..79b2a86 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -219,21 +219,25 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
if (opt6_ptr(opt, 0) + opt6_len(opt) > end)
return 0;
- int o = new_opt6(opt6_type(opt));
- if (opt6_type(opt) == OPTION6_RELAY_MSG)
+ /* Don't copy MAC address into reply. */
+ if (opt6_type(opt) != OPTION6_CLIENT_MAC)
{
- struct in6_addr align;
- /* the packet data is unaligned, copy to aligned storage */
- memcpy(&align, inbuff + 2, IN6ADDRSZ);
- state->link_address = &align;
- /* zero is_unicast since that is now known to refer to the
- relayed packet, not the original sent by the client */
- if (!dhcp6_maybe_relay(state, opt6_ptr(opt, 0), opt6_len(opt), client_addr, 0, now))
- return 0;
+ int o = new_opt6(opt6_type(opt));
+ if (opt6_type(opt) == OPTION6_RELAY_MSG)
+ {
+ struct in6_addr align;
+ /* the packet data is unaligned, copy to aligned storage */
+ memcpy(&align, inbuff + 2, IN6ADDRSZ);
+ state->link_address = &align;
+ /* zero is_unicast since that is now known to refer to the
+ relayed packet, not the original sent by the client */
+ if (!dhcp6_maybe_relay(state, opt6_ptr(opt, 0), opt6_len(opt), client_addr, 0, now))
+ return 0;
+ }
+ else
+ put_opt6(opt6_ptr(opt, 0), opt6_len(opt));
+ end_opt6(o);
}
- else if (opt6_type(opt) != OPTION6_CLIENT_MAC)
- put_opt6(opt6_ptr(opt, 0), opt6_len(opt));
- end_opt6(o);
}
Commit f8c77ed [1] appeared in 2.81 release, it is already present in RHEL9. 1. https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;h=f8c77edbdffb8ada7753ea9fa104f0f6da70cfe3 If I understand correctly how I should test it. It wants OPTION6_CLIENT_MAC(79) on incoming relayed message, but it must not contain that option in the response back. It is not needed for end client and must not be broken as it is. dnsmasq can work as IPv6 relay too, but probably can accept anything it produced as a server. It might be able to reproduce this issue in one of relaying regression test with small modification. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (dnsmasq bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:2929 |