summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Gundersen <teg@jklm.no>2014-02-24 01:09:21 +0100
committerTom Gundersen <teg@jklm.no>2014-02-24 03:28:19 +0100
commit55dab2ed837c17236b7df12decaffbc4388d1dff (patch)
tree44b39f61128131327baf3311277d4694311b7446
parent872c2ab3e2887c1c2b6c9815a201683e246e56fc (diff)
sd-dhcp-client: respect TP_STATUS_CSUMNOTREADY
If an UDP packet has not passed through a hardware device, its checksum may not have been computed. This is exposed through the TP_STATUS_CSUMNOTREADY sockopt. When using raw sockets, skip checksum validation when TP_STATUS_CSUMNOTREADY is set. This is necessary for dhcp to work directly over a veth tunnel, e.g. as done in systemd-nspawn.
-rw-r--r--src/libsystemd-dhcp/dhcp-internal.h2
-rw-r--r--src/libsystemd-dhcp/dhcp-network.c5
-rw-r--r--src/libsystemd-dhcp/dhcp-packet.c4
-rw-r--r--src/libsystemd-dhcp/sd-dhcp-client.c33
4 files changed, 36 insertions, 8 deletions
diff --git a/src/libsystemd-dhcp/dhcp-internal.h b/src/libsystemd-dhcp/dhcp-internal.h
index 7b2e35cac6..ce83b81631 100644
--- a/src/libsystemd-dhcp/dhcp-internal.h
+++ b/src/libsystemd-dhcp/dhcp-internal.h
@@ -50,6 +50,6 @@ int dhcp_message_init(DHCPMessage *message, uint8_t op, uint32_t xid, uint8_t ty
void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len);
-int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len);
+int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum);
#define log_dhcp_client(client, fmt, ...) log_meta(LOG_DEBUG, __FILE__, __LINE__, __func__, "DHCP CLIENT: " fmt, ##__VA_ARGS__)
diff --git a/src/libsystemd-dhcp/dhcp-network.c b/src/libsystemd-dhcp/dhcp-network.c
index 6c9d4ef999..934e8bf13e 100644
--- a/src/libsystemd-dhcp/dhcp-network.c
+++ b/src/libsystemd-dhcp/dhcp-network.c
@@ -32,7 +32,7 @@
int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
{
- int s;
+ int s, one = 1;
assert(index > 0);
assert(link);
@@ -48,6 +48,9 @@ int dhcp_network_bind_raw_socket(int index, union sockaddr_union *link)
link->ll.sll_halen = ETH_ALEN;
memset(link->ll.sll_addr, 0xff, ETH_ALEN);
+ if (setsockopt (s, SOL_PACKET, PACKET_AUXDATA, &one, sizeof(one)) < 0)
+ return -errno;
+
if (bind(s, &link->sa, sizeof(link->ll)) < 0) {
close_nointr_nofail(s);
return -errno;
diff --git a/src/libsystemd-dhcp/dhcp-packet.c b/src/libsystemd-dhcp/dhcp-packet.c
index 1937de4252..8388e56222 100644
--- a/src/libsystemd-dhcp/dhcp-packet.c
+++ b/src/libsystemd-dhcp/dhcp-packet.c
@@ -113,7 +113,7 @@ void dhcp_packet_append_ip_headers(DHCPPacket *packet, uint16_t len) {
packet->ip.check = dhcp_checksum(&packet->ip, DHCP_IP_SIZE);
}
-int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
+int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len, bool checksum) {
size_t hdrlen;
assert(packet);
@@ -168,7 +168,7 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, size_t len) {
return -EINVAL;
}
- if (packet->udp.check) {
+ if (checksum && packet->udp.check) {
packet->ip.check = packet->udp.len;
packet->ip.ttl = 0;
diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c
index ee6e89eacb..0c82260dfd 100644
--- a/src/libsystemd-dhcp/sd-dhcp-client.c
+++ b/src/libsystemd-dhcp/sd-dhcp-client.c
@@ -886,8 +886,18 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
uint32_t revents, void *userdata) {
sd_dhcp_client *client = userdata;
_cleanup_free_ DHCPPacket *packet = NULL;
- int buflen = 0, len, r;
usec_t time_now;
+ uint8_t cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))];
+ struct iovec iov = {};
+ struct msghdr msg = {
+ .msg_iov = &iov,
+ .msg_iovlen = 1,
+ .msg_control = cmsgbuf,
+ .msg_controllen = sizeof(cmsgbuf),
+ };
+ struct cmsghdr *cmsg;
+ bool checksum = true;
+ int buflen = 0, len, r;
assert(s);
assert(client);
@@ -901,11 +911,26 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
if (!packet)
return -ENOMEM;
- len = read(fd, packet, buflen);
- if (len < 0)
+ iov.iov_base = packet;
+ iov.iov_len = buflen;
+
+ len = recvmsg(fd, &msg, 0);
+ if (len < 0) {
+ log_dhcp_client(client, "could not receive message from raw "
+ "socket: %s", strerror(errno));
return 0;
+ }
+
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ if (cmsg->cmsg_level == SOL_PACKET && cmsg->cmsg_type == PACKET_AUXDATA) {
+ struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
+
+ checksum = !(aux->tp_status & TP_STATUS_CSUMNOTREADY);
+ break;
+ }
+ }
- r = dhcp_packet_verify_headers(packet, len);
+ r = dhcp_packet_verify_headers(packet, len, checksum);
if (r < 0)
return 0;