diff options
Diffstat (limited to 'scripts/package-build/wide-dhcpv6/patches')
3 files changed, 402 insertions, 0 deletions
diff --git a/scripts/package-build/wide-dhcpv6/patches/0023-dhcpc6-support-per-interface-client-DUIDs.patch b/scripts/package-build/wide-dhcpv6/patches/0023-dhcpc6-support-per-interface-client-DUIDs.patch new file mode 100644 index 00000000..c1e71f0c --- /dev/null +++ b/scripts/package-build/wide-dhcpv6/patches/0023-dhcpc6-support-per-interface-client-DUIDs.patch @@ -0,0 +1,230 @@ +From 1e4a9a7b61090043924f2aa9359dcbc9f5e11bfc Mon Sep 17 00:00:00 2001 +From: Brandon Stepler <brandon@stepler.net> +Date: Mon, 25 Jan 2021 14:18:57 +0000 +Subject: [PATCH] dhcpc6: support per-interface client DUIDs + +--- + cfparse.y | 13 +++++++++++-- + cftoken.l | 10 ++++++++++ + config.c | 27 +++++++++++++++++++++++++++ + config.h | 3 ++- + dhcp6c.c | 11 ++++++++--- + dhcp6c.conf.5 | 6 ++++++ + 6 files changed, 64 insertions(+), 6 deletions(-) + +diff --git a/cfparse.y b/cfparse.y +index 9e685f4..244987c 100644 +--- a/cfparse.y ++++ b/cfparse.y +@@ -116,6 +116,7 @@ static void cleanup_cflist __P((struct cf_list *)); + %token BCMCS_SERVERS BCMCS_NAME + %token INFO_ONLY + %token SCRIPT DELAYEDKEY ++%token CLIENT_ID CLIENT_ID_DUID + %token AUTHENTICATION PROTOCOL ALGORITHM DELAYED RECONFIG HMACMD5 MONOCOUNTER + %token AUTHNAME RDM KEY + %token KEYINFO REALM KEYID SECRET KEYNAME EXPIRE +@@ -134,8 +135,8 @@ static void cleanup_cflist __P((struct cf_list *)); + struct dhcp6_poolspec *pool; + } + +-%type <str> IFNAME HOSTNAME AUTHNAME KEYNAME DUID_ID STRING QSTRING IAID +-%type <str> POOLNAME PROFILENAME ++%type <str> IFNAME HOSTNAME CLIENT_ID_DUID AUTHNAME KEYNAME DUID_ID ++%type <str> STRING QSTRING IAID POOLNAME PROFILENAME + %type <num> NUMBER duration authproto authalg authrdm + %type <list> declaration declarations dhcpoption ifparam ifparams + %type <list> address_list address_list_ent dhcpoption_list +@@ -639,6 +640,14 @@ dhcpoption: + /* no value */ + $$ = l; + } ++ | CLIENT_ID CLIENT_ID_DUID ++ { ++ struct cf_list *l; ++ ++ MAKE_CFLIST(l, DHCPOPT_CLIENT_ID, NULL, NULL); ++ l->ptr = $2; ++ $$ = l; ++ } + | AUTHENTICATION AUTHNAME + { + struct cf_list *l; +diff --git a/cftoken.l b/cftoken.l +index e266ac2..d7edd1f 100644 +--- a/cftoken.l ++++ b/cftoken.l +@@ -119,6 +119,7 @@ ecl \} + %s S_HOST + %s S_DUID + %s S_IA ++%s S_CID + %s S_AUTH + %s S_KEY + %s S_SECRET +@@ -249,6 +250,15 @@ ecl \} + /* duration */ + <S_CNF>infinity { DECHO; return (INFINITY); } + ++ /* client-id option */ ++<S_CNF>client-id { DECHO; BEGIN S_CID; return (CLIENT_ID); } ++<S_CID>{duid} { ++ DECHO; ++ yylval.str = strdup(yytext); ++ BEGIN S_CNF; ++ return (CLIENT_ID_DUID); ++} ++ + /* authentication option */ + <S_CNF>authentication { DECHO; BEGIN S_AUTH; return (AUTHENTICATION); } + <S_AUTH>{string} { +diff --git a/config.c b/config.c +index 70f6287..0cbe631 100644 +--- a/config.c ++++ b/config.c +@@ -100,6 +100,7 @@ struct dhcp6_ifconf { + struct dhcp6_ifconf *next; + + char *ifname; ++ struct duid duid; + + /* configuration flags */ + u_long send_flags; +@@ -1366,6 +1367,7 @@ configure_commit() + /* commit interface configuration */ + for (ifp = dhcp6_if; ifp; ifp = ifp->next) { + /* re-initialization */ ++ duidfree(&ifp->duid); + ifp->send_flags = 0; + ifp->allow_flags = 0; + dhcp6_clear_list(&ifp->reqopt_list); +@@ -1395,6 +1397,8 @@ configure_commit() + } + + /* copy new configuration */ ++ ifp->duid = ifc->duid; ++ ifc->duid.duid_id = NULL; + ifp->send_flags = ifc->send_flags; + ifp->allow_flags = ifc->allow_flags; + dhcp6_copy_list(&ifp->reqopt_list, &ifc->reqopt_list); +@@ -1505,6 +1509,7 @@ clear_ifconf(iflist) + ifc_next = ifc->next; + + free(ifc->ifname); ++ duidfree(&ifc->duid); + dhcp6_clear_list(&ifc->reqopt_list); + + clear_iaconf(&ifc->iaconf_list); +@@ -1635,6 +1640,28 @@ add_options(opcode, ifc, cfl0) + return (-1); + } + break; ++ case DHCPOPT_CLIENT_ID: ++ if (opcode != DHCPOPTCODE_SEND) { ++ debug_printf(LOG_ERR, FNAME, ++ "invalid operation (%d) " ++ "for option type (%d)", ++ opcode, cfl->type); ++ return (-1); ++ } ++ if (ifc->duid.duid_id != NULL) { ++ debug_printf(LOG_ERR, FNAME, "%s:%d " ++ "client-id is doubly specified on %s", ++ configfilename, cfl->line, ifc->ifname); ++ return (-1); ++ } ++ if ((configure_duid((char *)cfl->ptr, ++ &ifc->duid)) != 0) { ++ debug_printf(LOG_ERR, FNAME, "%s:%d " ++ "failed to configure DUID for %s", ++ configfilename, cfl->line, ifc->ifname); ++ return (-1); ++ } ++ break; + case DHCPOPT_AUTHINFO: + if (opcode != DHCPOPTCODE_SEND) { + debug_printf(LOG_ERR, FNAME, +diff --git a/config.h b/config.h +index 36a5aa3..cfcfdd5 100644 +--- a/config.h ++++ b/config.h +@@ -69,6 +69,7 @@ struct dhcp6_if { + u_int32_t linkid; /* to send link-local packets */ + /* multiple global address configuration is not supported now */ + struct in6_addr addr; /* global address */ ++ struct duid duid; + + /* configuration parameters */ + u_long send_flags; +@@ -267,7 +268,7 @@ enum { DECL_SEND, DECL_ALLOW, DECL_INFO_ONLY, DECL_REQUEST, DECL_DUID, + DECL_ADDRESS, + DECL_RANGE, DECL_ADDRESSPOOL, + IFPARAM_SLA_ID, IFPARAM_SLA_LEN, IFPARAM_IFID, IFPARAM_IFID_RAND, +- DHCPOPT_RAPID_COMMIT, DHCPOPT_AUTHINFO, ++ DHCPOPT_RAPID_COMMIT, DHCPOPT_CLIENT_ID, DHCPOPT_AUTHINFO, + DHCPOPT_DNS, DHCPOPT_DNSNAME, + DHCPOPT_IA_PD, DHCPOPT_IA_NA, DHCPOPT_NTP, + DHCPOPT_REFRESHTIME, +diff --git a/dhcp6c.c b/dhcp6c.c +index 849835e..875a147 100644 +--- a/dhcp6c.c ++++ b/dhcp6c.c +@@ -433,6 +433,11 @@ client6_start(ifp) + } + dhcp6_reset_timer(ev); + ++ if (!ifp->duid.duid_id && duidcpy(&ifp->duid, &client_duid)) { ++ debug_printf(LOG_ERR, FNAME, "failed to copy client DUID"); ++ return (-1); ++ } ++ + return (0); + } + +@@ -1249,7 +1254,7 @@ client6_send(ev) + } + + /* client ID */ +- if (duidcpy(&optinfo.clientID, &client_duid)) { ++ if (duidcpy(&optinfo.clientID, &ifp->duid)) { + debug_printf(LOG_ERR, FNAME, "failed to copy client ID"); + goto end; + } +@@ -1533,7 +1538,7 @@ client6_recvadvert(ifp, dh6, len, optinfo) + debug_printf(LOG_INFO, FNAME, "no client ID option"); + return (-1); + } +- if (duidcmp(&optinfo->clientID, &client_duid)) { ++ if (duidcmp(&optinfo->clientID, &ifp->duid)) { + debug_printf(LOG_INFO, FNAME, "client DUID mismatch"); + return (-1); + } +@@ -1805,7 +1810,7 @@ client6_recvreply(ifp, dh6, len, optinfo) + debug_printf(LOG_INFO, FNAME, "no client ID option"); + return (-1); + } +- if (duidcmp(&optinfo->clientID, &client_duid)) { ++ if (duidcmp(&optinfo->clientID, &ifp->duid)) { + debug_printf(LOG_INFO, FNAME, "client DUID mismatch"); + return (-1); + } +diff --git a/dhcp6c.conf.5 b/dhcp6c.conf.5 +index 5693fb8..589510a 100644 +--- a/dhcp6c.conf.5 ++++ b/dhcp6c.conf.5 +@@ -139,6 +139,12 @@ An + statement for + .Ar authname + must be provided. ++.It Ic client-id Ar ID ++means the client's DHCP unique identifier ++.Pq DUID . ++.Ar ID ++is a colon-separated hexadecimal sequence where each separated part ++must be composed of two hexadecimal values. + .El + .\" + .Sh Interface statement +-- +2.20.1 + diff --git a/scripts/package-build/wide-dhcpv6/patches/0024-bind-to-single-socket.patch b/scripts/package-build/wide-dhcpv6/patches/0024-bind-to-single-socket.patch new file mode 100644 index 00000000..b5751325 --- /dev/null +++ b/scripts/package-build/wide-dhcpv6/patches/0024-bind-to-single-socket.patch @@ -0,0 +1,17 @@ +diff --git a/dhcp6c.c b/dhcp6c.c +index 1caaaa5..04ce9c5 100644 +--- a/dhcp6c.c ++++ b/dhcp6c.c +@@ -217,6 +217,12 @@ main(argc, argv) + argv[0]); + exit(1); + } ++ ++ if (setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, argv[0], strlen(argv[0])) != 0) { ++ debug_printf(LOG_ERR, FNAME, "failed to bind %s", argv[0]); ++ exit(1); ++ } ++ + argv++; + } + diff --git a/scripts/package-build/wide-dhcpv6/patches/0025-option-to-prevent-ia-release.patch b/scripts/package-build/wide-dhcpv6/patches/0025-option-to-prevent-ia-release.patch new file mode 100644 index 00000000..32c15814 --- /dev/null +++ b/scripts/package-build/wide-dhcpv6/patches/0025-option-to-prevent-ia-release.patch @@ -0,0 +1,155 @@ +From: 1vivy <1vivy@tutanota.com> +Date: Sat, 22 Jul 2023 13:07:10 -0600 +Subject: wide-dhcpv6: T5387: Add a no release option '-n'. + +This prevents a release signal from being sent to the ISP causing a new PD or address to be allocated. + +Co-authored-by: MrLenin <909621+MrLenin@users.noreply.github.com> +Co-authored-by: marjohn56 <martin@queens-park.com> +--- wide-dhcpv6.orig/common.h ++++ wide-dhcpv6/common.h +@@ -120,6 +120,7 @@ sysdep_sa_len (const struct sockaddr *sa + extern int foreground; + extern int debug_thresh; + extern char *device; ++extern int opt_norelease; + + /* search option for dhcp6_find_listval() */ + #define MATCHLIST_PREFIXLEN 0x1 +--- wide-dhcpv6.orig/dhcp6c.8 ++++ wide-dhcpv6/dhcp6c.8 +@@ -88,6 +88,10 @@ is terminated. (suits for a use in shel + Since the configuration is internally generated, you cannot provide a configuration in this mode. If you want to have different actions for the stateless DHCPv6 information, you should write an appropriate configuration and invoke + .Nm + without this option. ++.It Fl n ++Prevent Release message from being sent to DHCPv6 server when ++.Nm ++stops. This is useful for preventing a new address from being configured by the DHCPv6 server when restarting the DHCPv6 client. + .It Fl p Ar pid-file + Use + .Ar pid-file +@@ -109,18 +113,22 @@ or + .Fl i + option is specified. + .Pp +-Upon receipt of the +-.Dv SIGHUP ++Upon receipt of a ++.Dv SIGHUP , ++.Dv SIGTERM , + or +-.Dv SIGTERM +-signals, +-.Nm +-will remove all stateful resources from the system. +-In the former case the daemon will then reinvoke itself, +-while it will stop running in the latter case. +-In either case, ++.Dv SIGUSR1 ++signal, + .Nm +-will send DHCPv6 Release messages to release resources assigned from servers. ++will remove all stateful resources from the system. After that, ++.Dv SIGHUP ++reinitializes the daemon, and ++.Dv SIGTERM ++stops the daemon. In both cases, DHCPv6 Release message will be sent to release resources assigned from servers. ++.Dv SIGUSR1 ++stops the daemon as ++.Dv SIGTERM ++does though DHCPv6 Release message will not be sent. + .\" + .Sh FILES + .Bl -tag -width /etc/wide-dhcpv6/dhcp6c.conf -compact +--- wide-dhcpv6.orig/dhcp6c.c ++++ wide-dhcpv6/dhcp6c.c +@@ -84,6 +84,7 @@ static int exit_ok = 0; + static sig_atomic_t sig_flags = 0; + #define SIGF_TERM 0x1 + #define SIGF_HUP 0x2 ++#define SIGF_USR1 0x4 + + const dhcp6_mode_t dhcp6_mode = DHCP6_MODE_CLIENT; + +@@ -108,6 +109,8 @@ static int ctldigestlen; + + static int infreq_mode = 0; + ++int opt_norelease; ++ + static inline int get_val32 __P((char **, int *, u_int32_t *)); + static inline int get_ifname __P((char **, int *, char *, int)); + +@@ -170,7 +173,7 @@ main(argc, argv) + else + progname++; + +- while ((ch = getopt(argc, argv, "c:dDfik:p:P:")) != -1) { ++ while ((ch = getopt(argc, argv, "c:dDfik:np:P:")) != -1) { + switch (ch) { + case 'c': + conffile = optarg; +@@ -190,6 +193,9 @@ main(argc, argv) + case 'k': + ctlkeyfile = optarg; + break; ++ case 'n': ++ opt_norelease = 1; ++ break; + case 'p': + pid_file = optarg; + break; +@@ -395,6 +401,11 @@ client6_init() + strerror(errno)); + exit(1); + } ++ if (signal(SIGUSR1, client6_signal) == SIG_ERR) { ++ debug_printf(LOG_WARNING, FNAME, "failed to set signal: %s", ++ strerror(errno)); ++ exit(1); ++ } + } + + int +@@ -525,6 +536,13 @@ process_signals() + free_resources(NULL); + client6_startall(1); + } ++ if ((sig_flags & SIGF_USR1)) { ++ debug_printf(LOG_INFO, FNAME, "exit without release"); ++ exit_ok = 1; ++ opt_norelease = 1; ++ free_resources(NULL); ++ check_exit(); ++ } + + sig_flags = 0; + } +@@ -1171,6 +1189,9 @@ client6_signal(sig) + case SIGHUP: + sig_flags |= SIGF_HUP; + break; ++ case SIGUSR1: ++ sig_flags |= SIGF_USR1; ++ break; + } + } + +--- wide-dhcpv6.orig/dhcp6c_ia.c ++++ wide-dhcpv6/dhcp6c_ia.c +@@ -420,7 +420,13 @@ release_all_ia(ifp) + for (ia = TAILQ_FIRST(&iac->iadata); ia; ia = ia_next) { + ia_next = TAILQ_NEXT(ia, link); + +- (void)release_ia(ia); ++ if (opt_norelease == 0) { ++ debug_printf(LOG_INFO, FNAME, "Start address " ++ "release"); ++ (void)release_ia(ia); ++ } else ++ debug_printf(LOG_INFO, FNAME, "Bypassing address " ++ "release because of -n flag"); + + /* + * The client MUST stop using all of the addresses |