[Bug 3979] udhcpc should filter out malicious hostnames passed in option 0x0c
bugzilla at busybox.net
bugzilla at busybox.net
Thu Apr 17 16:20:59 UTC 2014
https://bugs.busybox.net/show_bug.cgi?id=3979
--- Comment #15 from danny at mellanox.com 2014-04-17 16:20:58 UTC ---
Such dhcpd config (irrelevant lines are skipped):
nis-domain "some";
subnet-mask 255.255.0.0;
broadcast-address 172.*.255;
domain-name "siteX.sub.domain";
domain-search
"siteX.sub.domain","sub.domain","domain","other.sub.domain","other.domain";
domain-name-servers 10.*,10.*,10.*,10.*;
ntp-servers 10.*;
routers 172.*;
Generates following leases on different OS:
from CentOS 6.x:
lease {
interface "eth0";
fixed-address 172.*;
filename "pxelinux.0";
option subnet-mask 255.255.0.0;
option routers 172.*;
option dhcp-lease-time 36000;
option dhcp-message-type 5;
option domain-name-servers 10.*,10.*,10.*,10.*;
option dhcp-server-identifier 10.*;
option domain-search "siteX.sub.domain.", "sub.domain.", "domain.",
"other.sub.domain.", "other.domain.";
option nis-domain "some";
option nis-servers 10.*;
option ntp-servers 10.*;
option broadcast-address 172.*.255;
option host-name "some21";
option domain-name "siteX.sub.domain";
renew 4 2014/04/17 18:31:38;
rebind 4 2014/04/17 23:19:29;
expire 5 2014/04/18 00:34:29;
}
from CentOS 5.x:
lease {
interface "eth0";
fixed-address 172.*;
filename "pxelinux.0";
option subnet-mask 255.255.0.0;
option routers 10.*;
option dhcp-lease-time 1209600;
option dhcp-message-type 5;
option domain-name-servers 10.*,10.*,10.*;
option dhcp-server-identifier 10.*;
option nis-domain "some";
option nis-servers 10.*;
option ntp-servers 10.*;
option broadcast-address 172.*.255;
option host-name "some21";
option domain-name "siteX.sub.domain";
renew 3 2014/04/23 03:08:45;
rebind 2 2014/04/29 21:56:57;
expire 4 2014/05/01 15:56:57;
}
As you can see, 5.x stuff even not asking for domain-search stuff.
Moreover, this command should bring needed, but it won't:
# dhclient -R
subnet-mask,broadcast-address,routers,domain-name,domain-name-servers,host-name,nis-domain,nis-servers,domain-search
eth0
lease {
interface "eth0";
fixed-address 172.*;
filename "pxelinux.0";
option subnet-mask 255.255.0.0;
option routers 10.*;
option dhcp-lease-time 1209600;
option dhcp-message-type 5;
option domain-name-servers 10.*,10.*,10.*;
option dhcp-server-identifier 10.*;
option domain-search ; <=========== empty...
option nis-domain "some";
option nis-servers 10.*;
option ntp-servers 10.*;
option broadcast-address 172.*.255;
option host-name "some21";
option domain-name "siteX.sub.domain";
renew 3 2014/04/23 21:41:26;
rebind 2 2014/04/29 21:52:11;
expire 4 2014/05/01 15:52:11;
}
And, even we add following to dhcpd config, it still ignored all together in
5.x:
option domain-forced-list code 119 = string;
domain-forced-list
"siteX.sub.domain","sub.domain","domain","other.sub.domain","other.domain";
So, following advices to use "right options", we hitting even more problems and
incompatibilities in different OS.
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list