From 84a6d07cdd7fba5e57c535a87076d732cbb693d9 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Tue, 6 Sep 2022 15:40:42 +0100
Subject: [PATCH] Fix DHCPv6 relay to use a more sensble source address.

Tweak things so that packets relayed towards a server
have source address on the server-facing network, not the
client-facing network. Thanks to Luis Thomas for spotting this
and initial patch.
---
 CHANGELOG     |  5 +++++
 src/rfc3315.c | 20 +++++---------------
 2 files changed, 10 insertions(+), 15 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index f3bd7bd..48ce2dd 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -79,6 +79,11 @@ version 2.87
 	This would return <ip> for queries in some.domain, rather than
 	forwarding the query via the default server.
 
+	Tweak DHCPv6 relay code so that packets relayed towards a server
+	have source address on the server-facing network, not the
+	client facing network. Thanks to Luis Thomas for spotting this
+	and initial patch.
+
 	
 version 2.86
 	Handle DHCPREBIND requests in the DHCPv6 server code.
diff --git a/src/rfc3315.c b/src/rfc3315.c
index 947bf04..8754481 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -2181,10 +2181,7 @@ int relay_upstream6(int iface_index, ssize_t sz,
     if (relay->iface_index != 0 && relay->iface_index == iface_index)
       {
 	union mysockaddr to;
-	union all_addr from;
-	
-	/* source address == relay address */
-	from.addr6 = relay->local.addr6;
+
 	memcpy(&header[2], &relay->local.addr6, IN6ADDRSZ);
 	
 	to.sa.sa_family = AF_INET6;
@@ -2206,18 +2203,11 @@ int relay_upstream6(int iface_index, ssize_t sz,
 	  }
 	
 #ifdef HAVE_DUMPFILE
-	{
-	  union mysockaddr fromsock;
-	  fromsock.in6.sin6_port = htons(DHCPV6_SERVER_PORT);
-	  fromsock.in6.sin6_addr = from.addr6;
-	  fromsock.sa.sa_family = AF_INET6;
-	  fromsock.in6.sin6_flowinfo = 0;
-	  fromsock.in6.sin6_scope_id = 0;
-	  
-	  dump_packet_udp(DUMP_DHCPV6, (void *)daemon->outpacket.iov_base, save_counter(-1), &fromsock, &to, -1);
-	}
+	dump_packet_udp(DUMP_DHCPV6, (void *)daemon->outpacket.iov_base, save_counter(-1), NULL, &to, daemon->dhcp6fd);
 #endif
-	send_from(daemon->dhcp6fd, 0, daemon->outpacket.iov_base, save_counter(-1), &to, &from, 0);
+
+	while (retry_send(sendto(daemon->dhcp6fd, (void *)daemon->outpacket.iov_base, save_counter(-1),
+				 0, (struct sockaddr *)&to, sa_len(&to))));
 	
 	if (option_bool(OPT_LOG_OPTS))
 	  {