Pi-Hole/dnsmasq
1
0
Fork 0
mirror of https://github.com/pi-hole/dnsmasq.git synced 2025-12-19 18:28:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,472 Commits 8 Branches 0 Tags
f8c77edbdffb8ada7753ea9fa104f0f6da70cfe3
Commit Graph

104 Commits

Author SHA1 Message Date
Simon Kelley
f8c77edbdf Fix removal of DHCP_CLIENT_MAC options from DHCPv6 relay replies. 2019-01-10 21:58:18 +00:00
Simon Kelley
cc921df9ce Remove nested struct/union in cache records and all_addr. 2019-01-02 22:48:59 +00:00
Simon Kelley
0fdf3c1f61 Fix dhcp-match-name to match hostname, not complete FQDN. 
Also do name matching for DHCPv6.
 2018-10-05 23:35:54 +01:00
Simon Kelley
c5db8f93ec Tidy 7f876b64c22b2b18412e2e3d8506ee33e42db7c 2018-08-23 23:06:00 +01:00
Simon Kelley
97f876b64c Properly deal with unaligned addresses in DHCPv6 packets. 
Thanks to Vladislav Grishenko for spotting this.
 2018-08-21 22:06:36 +01:00
Simon Kelley
c851c695db Log failure to confirm an address in DHCPv6. 2018-07-20 17:35:24 +01:00
yiwenchen
499d8dde2b Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262 
This fixes breakage of  DHCPv6 relay.
 2018-02-14 22:26:54 +00:00
Ville Skyttä
faaf306a63 Spelling fixes. 2018-01-14 17:32:52 +00:00
Simon Kelley
d1ced3ae38 Update copyrights to 2018. 2018-01-01 22:18:03 +00:00
Simon Kelley
33e3f1029c Security fix, CVE-2017-14494, Infoleak handling DHCPv6 forwarded requests. 
Fix information leak in DHCPv6. A crafted DHCPv6 packet can
cause dnsmasq to forward memory from outside the packet
buffer to a DHCPv6 server when acting as a relay.
 2017-09-25 20:05:11 +01:00
Simon Kelley
3d4ff1ba84 Security fix, CVE-2017-14493, DHCPv6 - Stack buffer overflow. 
Fix stack overflow in DHCPv6 code. An attacker who can send
a DHCPv6 request to dnsmasq can overflow the stack frame and
crash or control dnsmasq.
 2017-09-25 19:59:54 +01:00
Simon Kelley
0549c73b7e Security fix, CVE-2017-14491 DNS heap buffer overflow. 
Fix heap overflow in DNS code. This is a potentially serious
security hole. It allows an attacker who can make DNS
requests to dnsmasq, and who controls the contents of
a domain, which is thereby queried, to overflow
(by 2 bytes) a heap buffer and either crash, or
even take control of, dnsmasq.
 2017-09-25 18:17:11 +01:00
Simon Kelley
50ca85504c Bump year in copyrights. 2017-06-24 22:43:18 +01:00
Simon Kelley
b2a9c571eb Add "known-othernet" DHCP tag. 2017-04-30 18:21:31 +01:00
Josh Soref
730c6745f0 Comprehensive spelling/typo fixes. 
Thanks to Josh Soref for generating these fixes.
 2017-02-06 16:14:04 +00:00
Simon Kelley
bf4e62c19e Compile-time check on buffer sizes for leasefile parsing code. 2016-07-22 21:37:59 +01:00
Simon Kelley
6b1c464d6d Don't reset packet length on transmission, in case of retransmission. 2016-07-22 20:59:16 +01:00
Simon Kelley
fa78573778 Zero packet buffers before building output, to reduce risk of information leakage. 2016-07-22 20:56:01 +01:00
Simon Kelley
c49778df4a Update copyright notices. Happy new year! 2016-01-06 18:52:33 +00:00
Simon Kelley
33702ab1f8 First complete version of DNS-client-id EDNS0 and ARP tracking code. 2015-12-28 23:17:15 +00:00
Simon Kelley
27b78d990b Rationalise 5e3e464ac4 2015-09-26 21:40:45 +01:00
Simon Kelley
5e3e464ac4 Fix behaviour of empty dhcp-option=option6:dns-server, which should inhibit sending option. 2015-08-25 23:08:39 +01:00
Simon Kelley
89130d91d6 DHCPv6: DHCPCONFIRM should be OK for any address on link, not just dynamic addresses. 2015-06-03 22:34:14 +01:00
Simon Kelley
a5ae1f8587 Logs in DHCPv6 not suppressed by dhcp6-quiet. 2015-04-25 21:46:10 +01:00
Simon Kelley
338b340be9 Revert 61b838dd57 and just quieten log instead. 2015-04-20 21:34:05 +01:00
Simon Kelley
aff3396280 Update copyrights for dawn of 2015. 2015-01-31 20:13:40 +00:00
Win King Wan
61b838dd57 Don't reply to DHCPv6 SOLICIT messages when not configured for statefull DHCPv6. 2015-01-21 20:41:48 +00:00
Vladislav Grishenko
b9ff5c8f43 Improve RFC-compliance when unable to supply addresses in DHCPv6 
While testing https://github.com/sbyx/odhcp6c client I have noticed it
permanently crashes after startup.

The reason was it (odhcp6c) doesn't expect empty IA options in ADVERTISE
message without any suboptions.

Despite this validation bug of odhcp6c, dnsmasq should not generate
ADVERTISE messages with IA if there's nothing to advert per  RFC 3315
17.2.2:

   If the server will not assign any addresses to any IAs in a

   subsequent Request from the client, the server MUST send an Advertise

   message to the client that includes only a Status Code option with

   code NoAddrsAvail and a status message for the user, a Server

   Identifier option with the server's DUID, and a Client Identifier

   option with the client's DUID.

Meanwhile it's need to add status code for every IA in REPLY message per
RFC3315 18.2.1:

   If the server cannot assign any addresses to an IA in the message
   from the client, the server MUST include the IA in the Reply message
   with no addresses in the IA and a Status Code option in the IA
   containing status code NoAddrsAvail.

So, I've changed the logic to skip IA completely from ADVERTISE messages and
to add NoAddrsAvail subcode into IA of REPLY messages.

As for overhead, yes, I believe it's ok to return NoAddrsAvail twice in IA
and in global section for compatibility with all old and new clients.
 2014-10-06 14:34:24 +01:00
Ilya Ponetaev
51943369e3 Supply "Success" status code in reply to DHCPDECLINE. 2014-09-13 21:19:01 +01:00
Ilya Ponetaev
2d75f2e4a5 Don't reply to DHCPCONFIRM messages with no addresses in them. 2014-09-13 21:11:16 +01:00
Ilya Ponetaev
976afc93e4 Set DHCPv6 message type when returning "use multicast". 2014-09-13 20:56:14 +01:00
Ilya Ponetaev
7f68f82146 DHCPv6 REBIND messages don't need a server-id. 2014-09-13 20:52:27 +01:00
Simon Kelley
c3a04081ff [fd00::} and [fe80::] special addresses in DHCPv6 options. 2014-01-11 22:18:19 +00:00
Simon Kelley
c47e3ba446 Update copyright for 2014. 2014-01-08 17:07:54 +00:00
Simon Kelley
6586e8352a Use random address allocation for DHCPv6 temporary addresses. 2013-11-07 14:20:13 +00:00
Kevin Darbyshire-Bryant
8c0b73d3a8 Add --quiet-* options. 2013-10-11 11:56:33 +01:00
Tanguy Bouzeloc
ef1d7425e3 Fix problem in DHCPv6 vendorclass/userclass matching code. 2013-10-03 11:06:31 +01:00
Simon Kelley
8939c95fd6 Don't extract MAC address from ND table when DHCPv6 request is from a relay. 2013-09-25 11:49:34 +01:00
Vladislav Grishenko
408c368fa5 Remove unused variable warnings when omitting stuff at compile-time. 2013-09-24 16:18:49 +01:00
Simon Kelley
f1af2bb485 Big ugly refactor in rfc3315.c should be no behaviour changes. 2013-09-24 09:16:28 +01:00
Simon Kelley
d81b42d067 Prod neighbour discovery with ARP instead of PING. 2013-09-23 12:26:34 +01:00
Simon Kelley
8f51a29137 Fix compiler warnings. 2013-09-21 14:07:12 +01:00
Simon Kelley
89500e31f1 Support MAC addresses in dhcp-host and dhcp-mac for DHCPv6. 2013-09-20 16:29:20 +01:00
Simon Kelley
c8f2dd8b53 Cope with DHCPv6 REQUESTs without address options. 2013-09-13 11:22:55 +01:00
Simon Kelley
ff7eea27e7 Add --dhcp-relay config option. 2013-09-04 18:01:38 +01:00
Simon Kelley
cc4baaab0d Fix DHCPv6 lease time calculation when client sends VL==0 or PL==0 2013-08-05 15:03:44 +01:00
Simon Kelley
871d4562f1 Support RFC-4242 information-refresh-time. 2013-07-28 09:37:38 +01:00
Simon Kelley
6bd109aa2f Better job with domain for DHCPv6 information-request. 2013-07-27 15:11:44 +01:00
Simon Kelley
ef1a94abaa Advertise lost prefixes with pref_time == 0 for 2 hours. 2013-07-26 13:59:03 +01:00
Roy Marples
3f3adae6bc DHCP FQDN option tweaks. 2013-07-25 16:22:46 +01:00