From 0507d93b3d06a86f9b41e9fbf83abcdf6514b152 Mon Sep 17 00:00:00 2001 From: Robert Obryk Date: Mon, 23 Nov 2020 09:32:42 +0100 Subject: [PATCH] dhcp4d: ensure that SetHostname operates on the correct lease (#64) Previously SetHostname could operate on an expired lease, or even on a lease for a different hwaddr, if the lease for the correct hwaddr expired and the same lease ID was given away to someone else. That's though mostly a theoretical concern, given the actual usage of SetHostname and the time scales involved. --- cmd/dhcp4d/dhcp4d.go | 5 ++++- internal/dhcp4d/dhcp4d.go | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cmd/dhcp4d/dhcp4d.go b/cmd/dhcp4d/dhcp4d.go index 6babb70..8ed5f64 100644 --- a/cmd/dhcp4d/dhcp4d.go +++ b/cmd/dhcp4d/dhcp4d.go @@ -279,7 +279,10 @@ func newSrv(permDir string) (*srv, error) { http.Error(w, "missing hostname parameter", http.StatusBadRequest) return } - handler.SetHostname(hwaddr, hostname) + if err := handler.SetHostname(hwaddr, hostname); err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + return + } http.Redirect(w, r, "/", http.StatusFound) }) diff --git a/internal/dhcp4d/dhcp4d.go b/internal/dhcp4d/dhcp4d.go index 070dc52..3dc07d3 100644 --- a/internal/dhcp4d/dhcp4d.go +++ b/internal/dhcp4d/dhcp4d.go @@ -18,6 +18,7 @@ package dhcp4d import ( "bytes" "encoding/hex" + "fmt" "log" "math/rand" "net" @@ -137,14 +138,18 @@ func (h *Handler) callLeasesLocked(lease *Lease) { h.Leases(leases, lease) } -func (h *Handler) SetHostname(hwaddr, hostname string) { +func (h *Handler) SetHostname(hwaddr, hostname string) error { h.leasesMu.Lock() defer h.leasesMu.Unlock() leaseNum := h.leasesHW[hwaddr] lease := h.leasesIP[leaseNum] + if lease.HardwareAddr != hwaddr || lease.Expired(h.timeNow()) { + return fmt.Errorf("hwaddr %v does not have a valid lease", hwaddr) + } lease.Hostname = hostname lease.HostnameOverride = hostname h.callLeasesLocked(lease) + return nil } func (h *Handler) findLease() int {