From ef45c1c49d672de4b0612bc07349eb250e9a562e Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Thu, 14 Jun 2012 06:21:23 +0000 Subject: [PATCH] add some fixes from upstream for check_dhcp --- debian/changelog | 3 + debian/patches/00list | 2 + ...ck_dhcp_Fix-handling-of-pad-options.dpatch | 50 +++++++++++++++ ...Don-t-misinterpret-the-siaddr-field.dpatch | 62 +++++++++++++++++++ 4 files changed, 117 insertions(+) create mode 100644 debian/patches/10_check_dhcp_Fix-handling-of-pad-options.dpatch create mode 100644 debian/patches/11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch diff --git a/debian/changelog b/debian/changelog index a96ad89..2553f55 100644 --- a/debian/changelog +++ b/debian/changelog @@ -13,6 +13,9 @@ nagios-plugins (1.4.16~pre1-1) UNRELEASED; urgency=low - 17_check_smtp_fix_duplicate_cert_message.dpatch - 18_check_snmp_labels.dpatch - 19_check_http_help.dpatch + * Added the following upstream patches + - 10_check_dhcp_Fix-handling-of-pad-options.dpatch + - 11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch * Add 00_fix_release_version.dpatch to fix release version * Bump Standards-Version to 3.9.3, no changes needed diff --git a/debian/patches/00list b/debian/patches/00list index f97bac6..bd6fb69 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -2,3 +2,5 @@ 00_fix_release_version.dpatch # commited upstream 03_check_disk_smb_perfdata.dpatch +10_check_dhcp_Fix-handling-of-pad-options.dpatch +11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch diff --git a/debian/patches/10_check_dhcp_Fix-handling-of-pad-options.dpatch b/debian/patches/10_check_dhcp_Fix-handling-of-pad-options.dpatch new file mode 100644 index 0000000..daed958 --- /dev/null +++ b/debian/patches/10_check_dhcp_Fix-handling-of-pad-options.dpatch @@ -0,0 +1,50 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_check_dhcp_Fix-handling-of-pad-options.dpatch +## From f091d59e0f9abec9304d9d230fafc2dec001baba Mon Sep 17 00:00:00 2001 +## From: Holger Weiss +## Date: Wed, 13 Jun 2012 12:36:42 +0200 +## Subject: [PATCH] check_dhcp: Fix handling of "pad" options +## X-Git-Url: http://nagiosplug.git.sourceforge.net/git/gitweb.cgi?p=nagiosplug/nagiosplug;a=patch;h=d796c16327e6e315dd528f17e8bd597c5f506730 +## +## DP: Don't let "pad" options[*] terminate the parsing of DHCP options. This bug was triggered by using check_dhcp against Windows 2003 DHCP servers (see #3503921). [*] Cf. RFC 2132, 3.1. + +diff --git a/NEWS b/NEWS +index 7452a6b..b138084 100644 +--- a/NEWS ++++ b/NEWS +@@ -24,6 +24,7 @@ This file documents the major additions and syntax changes between releases. + Fix segfault in check_host when hostname returns multiple IP addresses (Sebastian Harl) + Fix check_smtp and check_tcp where duplicate messages were displayed for certificate errors + Fix check_ping's parsing of the output of Debian's ping6(1) implementation (#1894850 - Matej Vela) ++ Fix a check_dhcp bug which was triggered by using it to check Windows 2003 DHCP servers (#3503921) + Disable RFC4507 support, to work around SSL negotiation issues with (at least) some Tomcat versions + + 1.4.15 27th July 2010 +diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c +index 2a1875c..ac89274 100644 +--- a/plugins-root/check_dhcp.c ++++ b/plugins-root/check_dhcp.c +@@ -839,8 +839,7 @@ int add_dhcp_offer(struct in_addr source,dhcp_packet *offer_packet){ + /* process all DHCP options present in the packet */ + for(x=4;xoptions[x]==-1 || (int)offer_packet->options[x]==0) ++ if((int)offer_packet->options[x]==-1) + break; + + /* get option type */ +@@ -872,7 +871,9 @@ int add_dhcp_offer(struct in_addr source,dhcp_packet *offer_packet){ + } + + /* skip option data we're ignoring */ +- if(option_type!=DHCP_OPTION_REBINDING_TIME) ++ if(option_type==0) /* "pad" option, see RFC 2132 (3.1) */ ++ x+=1; ++ else + x+=option_length; + } + +-- +1.7.10.4 + diff --git a/debian/patches/11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch b/debian/patches/11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch new file mode 100644 index 0000000..efa7900 --- /dev/null +++ b/debian/patches/11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch @@ -0,0 +1,62 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 11_check_dhcp_Don-t-misinterpret-the-siaddr-field.dpatch +## From 4d5276273287ef59881b541ba96279e91974a4b2 Mon Sep 17 00:00:00 2001 +## From: Holger Weiss +## Date: Thu, 14 Jun 2012 00:39:55 +0200 +## Subject: [PATCH] check_dhcp: Don't misinterpret the "siaddr" field +## X-Git-Url: http://nagiosplug.git.sourceforge.net/git/gitweb.cgi?p=nagiosplug/nagiosplug;a=patch;h=d796c16327e6e315dd528f17e8bd597c5f506730 +## +## DP: RFC 2131 (2.) says: "DHCP clarifies the interpretation of the 'siaddr' field as the address of the server to use in the next step of the client's bootstrap process." So, we shouldn't interpret this field as the DHCP server's own address. (#3503921 - Jason Ellison) + +@DPATCH@ + +diff --git a/THANKS.in b/THANKS.in +index 32a8868..943acdb 100644 +--- a/THANKS.in ++++ b/THANKS.in +@@ -273,3 +273,4 @@ Jason Lunn + Alex Griffin + Marc Remy + Matej Vela ++Jason Ellison +diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c +index ac89274..b02ee49 100644 +--- a/plugins-root/check_dhcp.c ++++ b/plugins-root/check_dhcp.c +@@ -141,7 +141,7 @@ typedef struct dhcp_packet_struct{ + u_int16_t flags; /* flags */ + struct in_addr ciaddr; /* IP address of this machine (if we already have one) */ + struct in_addr yiaddr; /* IP address of this machine (offered by the DHCP server) */ +- struct in_addr siaddr; /* IP address of DHCP server */ ++ struct in_addr siaddr; /* IP address of next server */ + struct in_addr giaddr; /* IP address of DHCP relay */ + unsigned char chaddr [MAX_DHCP_CHADDR_LENGTH]; /* hardware address of this machine */ + char sname [MAX_DHCP_SNAME_LENGTH]; /* name of DHCP server */ +@@ -587,11 +587,6 @@ int get_dhcp_offer(int sock){ + /* Save a copy of "source" into "via" even if it's via itself */ + memcpy(&via,&source,sizeof(source)) ; + +- /* If siaddr is non-zero, set "source" to siaddr */ +- if(offer_packet.siaddr.s_addr != 0L){ +- source.sin_addr.s_addr = offer_packet.siaddr.s_addr ; +- } +- + if(verbose){ + printf(_("DHCPOFFER from IP address %s"),inet_ntoa(source.sin_addr)); + printf(_(" via %s\n"),inet_ntoa(via.sin_addr)); +@@ -904,9 +899,9 @@ int add_dhcp_offer(struct in_addr source,dhcp_packet *offer_packet){ + * the next bootstrap service (e.g., delivery of an operating system + * executable image). A DHCP server always returns its own address in + * the 'server identifier' option." 'serv_ident' is the 'server +- * identifier' option, 'source' is the 'siaddr' field or (if 'siaddr' +- * wasn't available) the IP address we received the DHCPOFFER from. If +- * 'serv_ident' isn't available for some reason, we use 'source'. ++ * identifier' option, 'source' is the IP address we received the ++ * DHCPOFFER from. If 'serv_ident' isn't available for some reason, we ++ * use 'source'. + */ + new_offer->server_address=serv_ident.s_addr?serv_ident:source; + new_offer->offered_address=offer_packet->yiaddr; +-- +1.7.10.4 +