* dhcp: don't process Discover/Request packets with empty client HW address

2019-03-07 14:06:35 +03:00 · 2019-03-07 14:06:35 +03:00 · d832d7ce95
parent 92cf7c1aca
commit d832d7ce95
1 changed files with 19 additions and 0 deletions
--- a/dhcpd/dhcpd.go
+++ b/dhcpd/dhcpd.go
@ -325,6 +325,17 @@ func (s *Server) ServeDHCP(p dhcp4.Packet, msgType dhcp4.MessageType, options dh
 	return nil
 }

+// Return TRUE if DHCP packet is correct
+func isValidPacket(p dhcp4.Packet) bool {
+	hw := p.CHAddr()
+	zeroes := make([]byte, len(hw))
+	if bytes.Equal(hw, zeroes) {
+		log.Tracef("Packet has empty CHAddr")
+		return false
+	}
+	return true
+}
+
 func (s *Server) handleDiscover(p dhcp4.Packet, options dhcp4.Options) dhcp4.Packet {
 	// find a lease, but don't update lease time
 	var lease *Lease
@ -335,6 +346,10 @@ func (s *Server) handleDiscover(p dhcp4.Packet, options dhcp4.Options) dhcp4.Pac
 	log.Tracef("Message from client: Discover.  ReqIP: %s  HW: %s  Hostname: %s",
 		reqIP, p.CHAddr(), hostname)

+	if !isValidPacket(p) {
+		return nil
+	}
+
 	lease = s.findLease(p)
 	for lease == nil {
 		lease, err = s.reserveLease(p)
@ -360,6 +375,10 @@ func (s *Server) handleDHCP4Request(p dhcp4.Packet, options dhcp4.Options) dhcp4
 	log.Tracef("Message from client: Request.  IP: %s  ReqIP: %s  HW: %s",
 		p.CIAddr(), reqIP, p.CHAddr())

+	if !isValidPacket(p) {
+		return nil
+	}
+
 	server := options[dhcp4.OptionServerIdentifier]
 	if server != nil && !net.IP(server).Equal(s.ipnet.IP) {
 		log.Tracef("Request message not for this DHCP server (%v vs %v)", server, s.ipnet.IP)