From patchwork Tue Mar 16 08:24:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Senior X-Patchwork-Id: 1453756 X-Patchwork-Delegate: hauke@hauke-m.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2001:8b0:10b:1:d65d:64ff:fe57:4e05; helo=desiato.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=desiato.20200630 header.b=JNxzRIoC; dkim-atps=neutral Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4F05wk1VbXz9sW5 for ; Tue, 16 Mar 2021 19:26:29 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Transfer-Encoding :Content-Type:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:Message-ID:In-Reply-To:Date:References: Subject:To:From:Reply-To:Cc:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=U5X9+910r9kuj1l5CypW9sxyNf0F31KyIG9O2c1yv9Q=; b=JNxzRIoCIuM3YkD9Y1AVpituS rxY+0sehNcryYMbbTltVmOMZ417Z/OhdK/wfG66G43BwKmCm8qk6f0f3BJfui3aC7W/ITff8/ZIE4 8E9rZhKbrHxWoj9jcypfWBFA0ObwtU8AqqJxoICqJtByRHOesGqJEamkIBLdCI0M94EDuoNmwc4sr SwwynyXxCYEN1PGMj7nY5U3aqJToex33QgWCw0EEuhEcjpWj5u1FNIFP7SYHawljWU/2nRIS2jSzS MKvR3zeC2v0Pk8v4bEuxSq1HqWi9sYbBJPXpxPL6cUuwVplC8UtCTKPL/jTK4XxD3MdQ7yhoUUHPh 5l8tpJuEw==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lM50B-0008Mm-Hr; Tue, 16 Mar 2021 08:24:31 +0000 Received: from mail.klickitat.com ([54.70.207.208]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lM503-0008MN-51 for openwrt-devel@lists.openwrt.org; Tue, 16 Mar 2021 08:24:28 +0000 Received: by mail.klickitat.com (Postfix, from userid 182) id 52E38A644E5; Tue, 16 Mar 2021 01:24:21 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on dodson.localdomain X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Received: from husum (husum.ptp [192.168.80.4]) by mail.klickitat.com (Postfix) with ESMTPS id BD442A63F9B; Tue, 16 Mar 2021 01:24:18 -0700 (PDT) From: Russell Senior To: openwrt-devel@lists.openwrt.org Subject: [PATCH v2] busybox: udhcpc, allow zero length dhcp options References: <87y2eodk3n.fsf@husum.ptp> Date: Tue, 16 Mar 2021 01:24:18 -0700 In-Reply-To: <87y2eodk3n.fsf@husum.ptp> (Russell Senior's message of "Mon, 15 Mar 2021 17:21:16 -0700") Message-ID: <87pmzzcxql.fsf@husum.ptp> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210316_082423_880528_AF9356EF X-CRM114-Status: GOOD ( 18.32 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "desiato.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This patch skips zero length DHCP options instead of failing. v2 changelog: * fix off-by-one * add a warning message * move commit message into patch sent upstream Signed-off-by: Russell Senior --- ...205-udhcpc_allow_zero_length_options.patch | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 package/utils/b [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org This patch skips zero length DHCP options instead of failing. v2 changelog: * fix off-by-one * add a warning message * move commit message into patch sent upstream Signed-off-by: Russell Senior --- ...205-udhcpc_allow_zero_length_options.patch | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 package/utils/busybox/patches/205-udhcpc_allow_zero_length_options.patch diff --git a/package/utils/busybox/patches/205-udhcpc_allow_zero_length_options.patch b/package/utils/busybox/patches/205-udhcpc_allow_zero_length_options.patch new file mode 100644 index 0000000000..abe8baf54f --- /dev/null +++ b/package/utils/busybox/patches/205-udhcpc_allow_zero_length_options.patch @@ -0,0 +1,49 @@ +From 7eed119b84b0f7efb7ef351940dd895dc2379eb3 Mon Sep 17 00:00:00 2001 +From: Russell Senior +Date: Mon, 15 Mar 2021 23:27:58 -0700 +Subject: [PATCH v2] udhcpc: ignore zero-length DHCP options + +Discovered that the DHCP server on a TrendNet router (unknown model) +provides a zero-length option 12 (Host Name) in the DHCP ACK message. This +has the effect of causing udhcpc to drop the rest of the options, including +option 51 (IP Address Lease Time), 3 (Router), and 6 (Domain Name Server), +most importantly leaving the OpenWrt device with no default gateway. + +The TrendNet behavior violates RFC 2132, which in Section 3.14 declares that +option 12 has a miniumum length of 1 octet. It is perhaps not a cosmic coincidence +that I found this behavior on Pi Day. + +This patch allows zero length options without bailing out, by simply skipping them. + +v2 changelog: +* advance the optionptr by two bytes, not one; +* add a message to warn about the rfc violation; + +Signed-off-by: Russell Senior +--- + networking/udhcp/common.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/networking/udhcp/common.c b/networking/udhcp/common.c +index 4bc719001..a16fd85d0 100644 +--- a/networking/udhcp/common.c ++++ b/networking/udhcp/common.c +@@ -277,8 +277,13 @@ uint8_t* FAST_FUNC udhcp_scan_options(struct dhcp_packet *packet, struct dhcp_sc + goto complain; /* complain and return NULL */ + len = 2 + scan_state->optionptr[OPT_LEN]; + scan_state->rem -= len; +- /* So far no valid option with length 0 known. */ +- if (scan_state->rem < 0 || scan_state->optionptr[OPT_LEN] == 0) ++ /* skip any options with zero length */ ++ if (scan_state->optionptr[OPT_LEN] == 0) { ++ scan_state->optionptr += 2; ++ bb_simple_error_msg("warning: zero length DHCP option violates rfc2132, skipping"); ++ continue; ++ } ++ if (scan_state->rem < 0) + goto complain; /* complain and return NULL */ + + if (scan_state->optionptr[OPT_CODE] == DHCP_OPTION_OVERLOAD) { +-- +2.30.1 +