From 5dcfb89a48d773401f314c944202244f96c4cb21 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 Feb 2023 09:44:31 +0100 Subject: [PATCH 1/7] core: reuse _nm_utils_iaid_verify() for parsing There should be one function for parsing the string. Use it everywhere. Also, because we will accept specifying the IAID as hex string so the same parsing code should be used everywhere. (cherry picked from commit 69106d0aef1022bb1959f9badc0515134969e5d5) (cherry picked from commit 99825e727b8df933624b41e566cd92334916ea5f) --- src/core/devices/nm-device.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c index 0728073fd8..56b412b9e2 100644 --- a/src/core/devices/nm-device.c +++ b/src/core/devices/nm-device.c @@ -1804,6 +1804,7 @@ _prop_get_ipvx_dhcp_iaid(NMDevice *self, const char *iface; const char *fail_reason; gboolean is_explicit = TRUE; + gint64 i64; s_ip = nm_connection_get_setting_ip_config(connection, addr_family); iaid_str = nm_setting_ip_config_get_dhcp_iaid(s_ip); @@ -1862,7 +1863,7 @@ _prop_get_ipvx_dhcp_iaid(NMDevice *self, iaid = unaligned_read_be32(&hwaddr_buf[hwaddr_len - 4]); goto out_good; - } else if (nm_streq(iaid_str, "stable")) { + } else if (nm_streq(iaid_str, NM_IAID_STABLE)) { nm_auto_free_checksum GChecksum *sum = NULL; guint8 digest[NM_UTILS_CHECKSUM_LENGTH_SHA1]; NMUtilsStableType stable_type; @@ -1885,14 +1886,21 @@ _prop_get_ipvx_dhcp_iaid(NMDevice *self, iaid = unaligned_read_be32(digest); goto out_good; - } else if ((iaid = _nm_utils_ascii_str_to_int64(iaid_str, 10, 0, G_MAXUINT32, -1)) != -1) { - goto out_good; - } else { + } else if (nm_streq(iaid_str, NM_IAID_IFNAME)) { iface = nm_device_get_ip_iface(self); iaid = nm_utils_create_dhcp_iaid(TRUE, (const guint8 *) iface, strlen(iface)); goto out_good; + } else if (_nm_utils_iaid_verify(iaid_str, &i64)) { + if (i64 < 0) { + fail_reason = nm_assert_unreachable_val("bug handling iaid value"); + goto out_fail; + } + nm_assert(i64 <= G_MAXUINT32); + iaid = (guint32) i64; + goto out_good; } + fail_reason = nm_assert_unreachable_val("bug handling iaid code"); out_fail: nm_assert(fail_reason); if (!log_silent) { From 5f8b0c47132808ebca9fbdd6c83b568b7c0dc1fc Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Mon, 20 Feb 2023 16:17:55 +0100 Subject: [PATCH 2/7] base: add nm_dhcp_iaid_{from,to}_hexstr() helpers (cherry picked from commit 4c18adbc746997e3687cacf11d0129fc87619822) (cherry picked from commit 05c6a0d6fab2aa9afc60b4a9a80a36df3b45d6c4) --- src/libnm-base/nm-base.c | 30 ++++++++++++++++++++++++ src/libnm-base/nm-base.h | 8 +++++++ src/libnm-core-impl/tests/test-general.c | 29 +++++++++++++++++++++++ 3 files changed, 67 insertions(+) diff --git a/src/libnm-base/nm-base.c b/src/libnm-base/nm-base.c index f81b285c4e..fa64372fd8 100644 --- a/src/libnm-base/nm-base.c +++ b/src/libnm-base/nm-base.c @@ -9,3 +9,33 @@ NM_CACHED_QUARK_FCN("nm-crypto-error-quark", _nm_crypto_error_quark); /*****************************************************************************/ + +char * +nm_dhcp_iaid_to_hexstr(guint32 iaid, char buf[static NM_DHCP_IAID_TO_HEXSTR_BUF_LEN]) +{ + iaid = htobe32(iaid); + return nm_utils_bin2hexstr_full(&iaid, sizeof(iaid), ':', FALSE, buf); +} + +gboolean +nm_dhcp_iaid_from_hexstr(const char *str, guint32 *out_value) +{ + union { + guint32 num; + guint8 bin[sizeof(guint32)]; + } iaid; + + if (!nm_utils_hexstr2bin_full(str, + TRUE, + FALSE, + FALSE, + ":", + sizeof(iaid), + iaid.bin, + sizeof(iaid), + NULL)) + return FALSE; + + NM_SET_OUT(out_value, be32toh(iaid.num)); + return TRUE; +} diff --git a/src/libnm-base/nm-base.h b/src/libnm-base/nm-base.h index 86e943ee64..28feb48429 100644 --- a/src/libnm-base/nm-base.h +++ b/src/libnm-base/nm-base.h @@ -417,4 +417,12 @@ typedef enum { NM_DNS_IP_CONFIG_TYPE_VPN, } NMDnsIPConfigType; +/*****************************************************************************/ + +#define NM_DHCP_IAID_TO_HEXSTR_BUF_LEN (3 * sizeof(guint32)) + +char *nm_dhcp_iaid_to_hexstr(guint32 iaid, char buf[static NM_DHCP_IAID_TO_HEXSTR_BUF_LEN]); + +gboolean nm_dhcp_iaid_from_hexstr(const char *str, guint32 *out_value); + #endif /* __NM_LIBNM_BASE_H__ */ diff --git a/src/libnm-core-impl/tests/test-general.c b/src/libnm-core-impl/tests/test-general.c index a21f50db98..1ff3b972a7 100644 --- a/src/libnm-core-impl/tests/test-general.c +++ b/src/libnm-core-impl/tests/test-general.c @@ -10951,6 +10951,34 @@ test_direct_string_is_refstr(void) /*****************************************************************************/ +static void +test_dhcp_iaid_hexstr(void) +{ + char str[NM_DHCP_IAID_TO_HEXSTR_BUF_LEN]; + int i; + + for (i = 0; i < 10; i++) { + guint32 iaid = nmtst_get_rand_uint32(); + guint32 iaid2; + char *s; + gboolean r; + + s = nm_dhcp_iaid_to_hexstr(iaid, str); + g_assert(s == str); + g_assert(strlen(s) < sizeof(str)); + + r = nm_dhcp_iaid_from_hexstr(str, &iaid2); + g_assert(r); + g_assert_cmpint(iaid, ==, iaid2); + } + + g_assert_cmpstr(nm_dhcp_iaid_to_hexstr(0, str), ==, "00:00:00:00"); + g_assert_cmpstr(nm_dhcp_iaid_to_hexstr(1, str), ==, "00:00:00:01"); + g_assert_cmpstr(nm_dhcp_iaid_to_hexstr(0x01002044, str), ==, "01:00:20:44"); +} + +/*****************************************************************************/ + NMTST_DEFINE(); int @@ -11296,6 +11324,7 @@ main(int argc, char **argv) g_test_add_func("/core/general/test_system_encodings", test_system_encodings); g_test_add_func("/core/general/test_direct_string_is_refstr", test_direct_string_is_refstr); + g_test_add_func("/core/general/test_dhcp_iaid_hexstr", test_dhcp_iaid_hexstr); return g_test_run(); } From c45c5c37a49de31c65cbf96038bc5db73a8fdb09 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Mon, 20 Feb 2023 15:58:20 +0100 Subject: [PATCH 3/7] libnm: accept ipv[46].dhcp-iaid as hexstr dhclient exports the currently used IAID in the environment as hex string. We expose this environment in our API, so this is also the format that NetworkManager uses. Accept setting the ipv[46].dhcp-iaid as hex string, so that the same format is accepted on the profile. While at it, also accept a hex number (0x) because it is also convenient, and this change already introduces the precedent that the IAID string is not unique/normalized. (cherry picked from commit e5dc48919721bb41c8acd49e95bc5f174907971a) (cherry picked from commit 0b4446e252e3a686478d7c080265d0f0e7001cc6) --- src/libnm-core-impl/nm-utils.c | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/libnm-core-impl/nm-utils.c b/src/libnm-core-impl/nm-utils.c index 1c6d36c20b..1ff8ada11c 100644 --- a/src/libnm-core-impl/nm-utils.c +++ b/src/libnm-core-impl/nm-utils.c @@ -5592,7 +5592,8 @@ _nm_utils_bridge_vlan_verify_list(GPtrArray *vlans, gboolean _nm_utils_iaid_verify(const char *str, gint64 *out_value) { - gint64 iaid; + gint64 i64; + guint32 u32; NM_SET_OUT(out_value, -1); @@ -5602,10 +5603,16 @@ _nm_utils_iaid_verify(const char *str, gint64 *out_value) if (NM_IAID_IS_SPECIAL(str)) return TRUE; - if (NM_STRCHAR_ALL(str, ch, ch >= '0' && ch <= '9') && (str[0] != '0' || str[1] == '\0') - && (iaid = _nm_utils_ascii_str_to_int64(str, 10, 0, G_MAXUINT32, -1)) != -1) { - NM_SET_OUT(out_value, iaid); - return TRUE; + if (NM_STRCHAR_ALL(str, ch, g_ascii_isxdigit(ch) || NM_IN_SET(ch, 'x', ':'))) { + if ((i64 = _nm_utils_ascii_str_to_int64(str, 0, 0, G_MAXUINT32, -1)) != -1) { + NM_SET_OUT(out_value, i64); + return TRUE; + } + + if (nm_dhcp_iaid_from_hexstr(str, &u32)) { + NM_SET_OUT(out_value, u32); + return TRUE; + } } return FALSE; From c9ecac7098b7ad6ad80bfd865ab844ec923a9857 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 Feb 2023 21:00:11 +0100 Subject: [PATCH 4/7] dhcp: add "static_key" argument to nm_dhcp_option_add_option() etc. Our lease is tracked in a plain string dictionary. For dhclient plugin and similar, the keys are received via the environment, they are thus unlimited. For the internal plugins they are known at compile time and static strings. We thus sometimes need to clone the string, and sometimes not. Unfortunately, we cannot ask the GHashTable whether it has a free function for the key, so we need to explicitly tell it. Add a parameter for that. (cherry picked from commit 5a05ba398bff1b0a2da8f5462a2e85656d2ddc55) (cherry picked from commit 6e80a190592621891912e87301d103c0841991aa) --- src/core/dhcp/nm-dhcp-client.c | 13 +++---- src/core/dhcp/nm-dhcp-nettools.c | 62 +++++++++++++++++--------------- src/core/dhcp/nm-dhcp-options.c | 36 ++++++++++++------- src/core/dhcp/nm-dhcp-options.h | 28 ++++++++++++--- src/core/dhcp/nm-dhcp-systemd.c | 21 ++++++++--- 5 files changed, 102 insertions(+), 58 deletions(-) diff --git a/src/core/dhcp/nm-dhcp-client.c b/src/core/dhcp/nm-dhcp-client.c index 805b42d214..498f77c119 100644 --- a/src/core/dhcp/nm-dhcp-client.c +++ b/src/core/dhcp/nm-dhcp-client.c @@ -256,14 +256,11 @@ nm_dhcp_client_create_options_dict(NMDhcpClient *self, gboolean static_keys) * may send the used client-id/DUID via the environment variables and * overwrite them yet again. */ - if (static_keys) { - nm_dhcp_option_add_option(options, priv->config.addr_family, option, str); - } else { - g_hash_table_insert( - options, - g_strdup(nm_dhcp_option_request_string(priv->config.addr_family, option)), - g_steal_pointer(&str)); - } + nm_dhcp_option_take_option(options, + static_keys, + priv->config.addr_family, + option, + g_steal_pointer(&str)); } return options; diff --git a/src/core/dhcp/nm-dhcp-nettools.c b/src/core/dhcp/nm-dhcp-nettools.c index df88362e62..f14ddfcc32 100644 --- a/src/core/dhcp/nm-dhcp-nettools.c +++ b/src/core/dhcp/nm-dhcp-nettools.c @@ -84,6 +84,11 @@ static void dhcp4_event_pop_all_events_on_idle(NMDhcpNettools *self); /*****************************************************************************/ +#define _add_option(options, option, str) \ + nm_dhcp_option_add_option((options), TRUE, AF_INET, (option), (str)) + +/*****************************************************************************/ + static void set_error_nettools(GError **error, int r, const char *message) { @@ -266,26 +271,34 @@ lease_parse_address(NMDhcpNettools *self /* for logging context only */, } nm_dhcp_option_add_option_in_addr(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_NM_IP_ADDRESS, a_address.s_addr); nm_dhcp_option_add_option_in_addr(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_SUBNET_MASK, a_netmask); nm_dhcp_option_add_option_u64(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_IP_ADDRESS_LEASE_TIME, (guint64) a_lifetime); if (a_expiry != G_MAXUINT64) { - nm_dhcp_option_add_option_u64(options, AF_INET, NM_DHCP_OPTION_DHCP4_NM_EXPIRY, a_expiry); + nm_dhcp_option_add_option_u64(options, + TRUE, + AF_INET, + NM_DHCP_OPTION_DHCP4_NM_EXPIRY, + a_expiry); } n_dhcp4_client_lease_get_siaddr(lease, &a_next_server); if (a_next_server.s_addr != INADDR_ANY) { nm_dhcp_option_add_option_in_addr(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_NM_NEXT_SERVER, a_next_server.s_addr); @@ -368,7 +381,7 @@ lease_parse_address_list(NDhcp4ClientLease *lease, } } - nm_dhcp_option_add_option(options, AF_INET, option, nm_str_buf_get_str(sbuf)); + _add_option(options, option, nm_str_buf_get_str(sbuf)); } static void @@ -446,7 +459,7 @@ lease_parse_routes(NDhcp4ClientLease *lease, } has_classless = TRUE; - nm_dhcp_option_add_option(options, AF_INET, option_code, nm_str_buf_get_str(sbuf)); + _add_option(options, option_code, nm_str_buf_get_str(sbuf)); } r = _client_lease_query(lease, NM_DHCP_OPTION_DHCP4_STATIC_ROUTE, &l_data, &l_data_len); @@ -489,10 +502,7 @@ lease_parse_routes(NDhcp4ClientLease *lease, })); } - nm_dhcp_option_add_option(options, - AF_INET, - NM_DHCP_OPTION_DHCP4_STATIC_ROUTE, - nm_str_buf_get_str(sbuf)); + _add_option(options, NM_DHCP_OPTION_DHCP4_STATIC_ROUTE, nm_str_buf_get_str(sbuf)); } r = _client_lease_query(lease, NM_DHCP_OPTION_DHCP4_ROUTER, &l_data, &l_data_len); @@ -534,10 +544,7 @@ lease_parse_routes(NDhcp4ClientLease *lease, })); } - nm_dhcp_option_add_option(options, - AF_INET, - NM_DHCP_OPTION_DHCP4_ROUTER, - nm_str_buf_get_str(sbuf)); + _add_option(options, NM_DHCP_OPTION_DHCP4_ROUTER, nm_str_buf_get_str(sbuf)); } } @@ -570,6 +577,7 @@ lease_parse_search_domains(NDhcp4ClientLease *lease, nm_l3_config_data_add_search(l3cd, AF_INET, domains[i]); nm_dhcp_option_take_option(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_DOMAIN_SEARCH_LIST, g_strjoinv(" ", domains)); @@ -598,7 +606,7 @@ lease_parse_private_options(NDhcp4ClientLease *lease, GHashTable *options) continue; option_string = nm_utils_bin2hexstr_full(l_data, l_data_len, ':', FALSE, NULL); - nm_dhcp_option_take_option(options, AF_INET, i, g_steal_pointer(&option_string)); + nm_dhcp_option_take_option(options, TRUE, AF_INET, i, g_steal_pointer(&option_string)); } } @@ -632,6 +640,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err r = n_dhcp4_client_lease_get_server_identifier(lease, &v_inaddr_s); if (r == 0) { nm_dhcp_option_add_option_in_addr(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_SERVER_ID, v_inaddr_s.s_addr); @@ -645,6 +654,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err iface, NM_DHCP_OPTION_DHCP4_BROADCAST)) { nm_dhcp_option_add_option_in_addr(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_BROADCAST, v_inaddr); @@ -696,10 +706,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err } if (sbuf.len > 0) { - nm_dhcp_option_add_option(options, - AF_INET, - NM_DHCP_OPTION_DHCP4_DOMAIN_NAME, - nm_str_buf_get_str(&sbuf)); + _add_option(options, NM_DHCP_OPTION_DHCP4_DOMAIN_NAME, nm_str_buf_get_str(&sbuf)); } } @@ -713,7 +720,11 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err iface, AF_INET, NM_DHCP_OPTION_DHCP4_INTERFACE_MTU)) { - nm_dhcp_option_add_option_u64(options, AF_INET, NM_DHCP_OPTION_DHCP4_INTERFACE_MTU, v_u16); + nm_dhcp_option_add_option_u64(options, + TRUE, + AF_INET, + NM_DHCP_OPTION_DHCP4_INTERFACE_MTU, + v_u16); nm_l3_config_data_set_mtu(l3cd, v_u16); } @@ -731,7 +742,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err iface, AF_INET, NM_DHCP_OPTION_DHCP4_HOST_NAME)) { - nm_dhcp_option_add_option(options, AF_INET, NM_DHCP_OPTION_DHCP4_HOST_NAME, s); + _add_option(options, NM_DHCP_OPTION_DHCP4_HOST_NAME, s); } } @@ -755,6 +766,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err /* "Its minimum length is 1." */ } else { nm_dhcp_option_add_option_utf8safe_escape(options, + TRUE, AF_INET, NM_DHCP_OPTION_DHCP4_ROOT_PATH, l_data, @@ -782,10 +794,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err const char *escaped; escaped = nm_utils_buf_utf8safe_escape((char *) l_data, l_data_len, 0, &to_free); - nm_dhcp_option_add_option(options, - AF_INET, - NM_DHCP_OPTION_DHCP4_PRIVATE_PROXY_AUTODISCOVERY, - escaped ?: ""); + _add_option(options, NM_DHCP_OPTION_DHCP4_PRIVATE_PROXY_AUTODISCOVERY, escaped ?: ""); nm_l3_config_data_set_proxy_method(l3cd, NM_PROXY_CONFIG_METHOD_AUTO); nm_l3_config_data_set_proxy_pac_url(l3cd, escaped ?: ""); @@ -808,7 +817,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, &to_free); - nm_dhcp_option_add_option(options, AF_INET, NM_DHCP_OPTION_DHCP4_NIS_DOMAIN, v_str ?: ""); + _add_option(options, NM_DHCP_OPTION_DHCP4_NIS_DOMAIN, v_str ?: ""); nm_l3_config_data_set_nis_domain(l3cd, v_str ?: ""); } @@ -820,7 +829,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err -1, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, &to_free); - nm_dhcp_option_add_option(options, AF_INET, NM_DHCP_OPTION_DHCP4_NM_FILENAME, v_str ?: ""); + _add_option(options, NM_DHCP_OPTION_DHCP4_NM_FILENAME, v_str ?: ""); } r = _client_lease_query(lease, NM_DHCP_OPTION_DHCP4_BOOTFILE_NAME, &l_data, &l_data_len); @@ -837,10 +846,7 @@ lease_to_ip4_config(NMDhcpNettools *self, NDhcp4ClientLease *lease, GError **err l_data_len, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, &to_free); - nm_dhcp_option_add_option(options, - AF_INET, - NM_DHCP_OPTION_DHCP4_BOOTFILE_NAME, - v_str ?: ""); + _add_option(options, NM_DHCP_OPTION_DHCP4_BOOTFILE_NAME, v_str ?: ""); } lease_parse_address_list(lease, l3cd, iface, NM_DHCP_OPTION_DHCP4_NIS_SERVERS, options, &sbuf); diff --git a/src/core/dhcp/nm-dhcp-options.c b/src/core/dhcp/nm-dhcp-options.c index a5bb06d1c7..70a485b8bd 100644 --- a/src/core/dhcp/nm-dhcp-options.c +++ b/src/core/dhcp/nm-dhcp-options.c @@ -383,8 +383,14 @@ nm_dhcp_option_find(int addr_family, guint option) /*****************************************************************************/ void -nm_dhcp_option_take_option(GHashTable *options, int addr_family, guint option, char *value) +nm_dhcp_option_take_option(GHashTable *options, + gboolean static_keys, + int addr_family, + guint option, + char *value) { + const char *key; + nm_assert_addr_family(addr_family); nm_assert(value); nm_assert(g_utf8_validate(value, -1, NULL)); @@ -395,19 +401,13 @@ nm_dhcp_option_take_option(GHashTable *options, int addr_family, guint option, c return; } - g_hash_table_insert(options, - (gpointer) nm_dhcp_option_request_string(addr_family, option), - value); -} - -void -nm_dhcp_option_add_option(GHashTable *options, int addr_family, guint option, const char *value) -{ - nm_dhcp_option_take_option(options, addr_family, option, g_strdup(value)); + key = nm_dhcp_option_request_string(addr_family, option), + g_hash_table_insert(options, static_keys ? (gpointer) key : g_strdup(key), value); } void nm_dhcp_option_add_option_utf8safe_escape(GHashTable *options, + gboolean static_keys, int addr_family, guint option, const guint8 *data, @@ -420,13 +420,18 @@ nm_dhcp_option_add_option_utf8safe_escape(GHashTable *options, n_data, NM_UTILS_STR_UTF8_SAFE_FLAG_ESCAPE_CTRL, &to_free); - nm_dhcp_option_add_option(options, addr_family, option, escaped ?: ""); + nm_dhcp_option_add_option(options, static_keys, addr_family, option, escaped ?: ""); } void -nm_dhcp_option_add_option_u64(GHashTable *options, int addr_family, guint option, guint64 value) +nm_dhcp_option_add_option_u64(GHashTable *options, + gboolean static_keys, + int addr_family, + guint option, + guint64 value) { nm_dhcp_option_take_option(options, + static_keys, addr_family, option, g_strdup_printf("%" G_GUINT64_FORMAT, value)); @@ -434,13 +439,18 @@ nm_dhcp_option_add_option_u64(GHashTable *options, int addr_family, guint option void nm_dhcp_option_add_option_in_addr(GHashTable *options, + gboolean static_keys, int addr_family, guint option, in_addr_t value) { char sbuf[NM_UTILS_INET_ADDRSTRLEN]; - nm_dhcp_option_add_option(options, addr_family, option, _nm_utils_inet4_ntop(value, sbuf)); + nm_dhcp_option_add_option(options, + static_keys, + addr_family, + option, + _nm_utils_inet4_ntop(value, sbuf)); } void diff --git a/src/core/dhcp/nm-dhcp-options.h b/src/core/dhcp/nm-dhcp-options.h index fcc6f9cd08..050080d975 100644 --- a/src/core/dhcp/nm-dhcp-options.h +++ b/src/core/dhcp/nm-dhcp-options.h @@ -208,20 +208,38 @@ nm_dhcp_option_request_string(int addr_family, guint option) return nm_dhcp_option_get_name(nm_dhcp_option_find(addr_family, option)); } -void nm_dhcp_option_take_option(GHashTable *options, int addr_family, guint option, char *value); -void -nm_dhcp_option_add_option(GHashTable *options, int addr_family, guint option, const char *value); +void nm_dhcp_option_take_option(GHashTable *options, + gboolean static_keys, + int addr_family, + guint option, + char *value); + +static inline void +nm_dhcp_option_add_option(GHashTable *options, + gboolean static_keys, + int addr_family, + guint option, + const char *value) +{ + nm_dhcp_option_take_option(options, static_keys, addr_family, option, g_strdup(value)); +} + void nm_dhcp_option_add_option_utf8safe_escape(GHashTable *options, + gboolean static_keys, int addr_family, guint option, const guint8 *data, gsize n_data); void nm_dhcp_option_add_option_in_addr(GHashTable *options, + gboolean static_keys, int addr_family, guint option, in_addr_t value); -void -nm_dhcp_option_add_option_u64(GHashTable *options, int addr_family, guint option, guint64 value); +void nm_dhcp_option_add_option_u64(GHashTable *options, + gboolean static_keys, + int addr_family, + guint option, + guint64 value); void nm_dhcp_option_add_requests_to_options(GHashTable *options, int addr_family); GHashTable *nm_dhcp_option_create_options_dict(gboolean static_keys); diff --git a/src/core/dhcp/nm-dhcp-systemd.c b/src/core/dhcp/nm-dhcp-systemd.c index 7ce15d301e..24bc2b1ef8 100644 --- a/src/core/dhcp/nm-dhcp-systemd.c +++ b/src/core/dhcp/nm-dhcp-systemd.c @@ -115,6 +115,7 @@ lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GErro if (str->len) { nm_dhcp_option_add_option(options, + TRUE, AF_INET6, NM_DHCP_OPTION_DHCP6_NM_IP_ADDRESS, str->str); @@ -137,7 +138,11 @@ lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GErro g_string_append(nm_gstring_add_space_delimiter(str), addr_str); nm_l3_config_data_add_nameserver(l3cd, AF_INET6, &dns[i]); } - nm_dhcp_option_add_option(options, AF_INET6, NM_DHCP_OPTION_DHCP6_DNS_SERVERS, str->str); + nm_dhcp_option_add_option(options, + TRUE, + AF_INET6, + NM_DHCP_OPTION_DHCP6_DNS_SERVERS, + str->str); } num = sd_dhcp6_lease_get_domains(lease, &domains); @@ -147,11 +152,15 @@ lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GErro g_string_append(nm_gstring_add_space_delimiter(str), domains[i]); nm_l3_config_data_add_search(l3cd, AF_INET6, domains[i]); } - nm_dhcp_option_add_option(options, AF_INET6, NM_DHCP_OPTION_DHCP6_DOMAIN_LIST, str->str); + nm_dhcp_option_add_option(options, + TRUE, + AF_INET6, + NM_DHCP_OPTION_DHCP6_DOMAIN_LIST, + str->str); } if (sd_dhcp6_lease_get_fqdn(lease, &s) >= 0) { - nm_dhcp_option_add_option(options, AF_INET6, NM_DHCP_OPTION_DHCP6_FQDN, s); + nm_dhcp_option_add_option(options, TRUE, AF_INET6, NM_DHCP_OPTION_DHCP6_FQDN, s); } /* RFC 5908, section 4 states: "This option MUST include one, and only @@ -175,7 +184,11 @@ lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GErro } } if (str->len) { - nm_dhcp_option_add_option(options, AF_INET6, NM_DHCP_OPTION_DHCP6_NTP_SERVER, str->str); + nm_dhcp_option_add_option(options, + TRUE, + AF_INET6, + NM_DHCP_OPTION_DHCP6_NTP_SERVER, + str->str); } nm_l3_config_data_set_dhcp_lease_from_options(l3cd, AF_INET6, g_steal_pointer(&options)); From bec1b14f447a8d35ef47813cae1ed586642365c3 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 Feb 2023 21:16:05 +0100 Subject: [PATCH 5/7] dhcp: add the DHCPv6 IAID to the lease information We already get the IAID from the dhclient environment. This is actually rather useful, because dhclient plugin does not support setting the value (that is, what we request in "config.v6.iaid" is not actually used). Already previously, was the IAID for dhclient present in the lease information. Now also normalize/verify it. Expose the used IAID also with the internal (systemd) plugin. There we explicitly set the IAID and know it. (cherry picked from commit 07f1789725726506cb3ba379ac53bd9bd720654b) (cherry picked from commit 2e0e38ab17d8183e54a2fdcac090c65e5414e429) --- src/core/dhcp/nm-dhcp-client.c | 22 ++++++++++++++++++---- src/core/dhcp/nm-dhcp-systemd.c | 12 +++++++++++- 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/src/core/dhcp/nm-dhcp-client.c b/src/core/dhcp/nm-dhcp-client.c index 498f77c119..789553aabd 100644 --- a/src/core/dhcp/nm-dhcp-client.c +++ b/src/core/dhcp/nm-dhcp-client.c @@ -240,7 +240,8 @@ nm_dhcp_client_create_l3cd(NMDhcpClient *self) GHashTable * nm_dhcp_client_create_options_dict(NMDhcpClient *self, gboolean static_keys) { - NMDhcpClientPrivate *priv = NM_DHCP_CLIENT_GET_PRIVATE(self); + NMDhcpClientPrivate *priv = NM_DHCP_CLIENT_GET_PRIVATE(self); + const int IS_IPv4 = NM_IS_IPv4(priv->config.addr_family); GHashTable *options; GBytes *effective_client_id; @@ -248,9 +249,8 @@ nm_dhcp_client_create_options_dict(NMDhcpClient *self, gboolean static_keys) effective_client_id = nm_dhcp_client_get_effective_client_id(self); if (effective_client_id) { - guint option = NM_IS_IPv4(priv->config.addr_family) ? NM_DHCP_OPTION_DHCP4_CLIENT_ID - : NM_DHCP_OPTION_DHCP6_CLIENT_ID; - gs_free char *str = nm_dhcp_utils_duid_to_string(effective_client_id); + guint option = IS_IPv4 ? NM_DHCP_OPTION_DHCP4_CLIENT_ID : NM_DHCP_OPTION_DHCP6_CLIENT_ID; + gs_free char *str = nm_dhcp_utils_duid_to_string(effective_client_id); /* Note that for the nm-dhcp-helper based plugins (dhclient), the plugin * may send the used client-id/DUID via the environment variables and @@ -1564,6 +1564,20 @@ maybe_add_option(NMDhcpClient *self, GHashTable *hash, const char *key, GVariant str_value = nm_dhcp_utils_duid_to_string(bytes); } + if (!IS_IPv4 && nm_streq(key, "iaid")) { + gs_free char *str = g_steal_pointer(&str_value); + guint32 iaid; + + /* Validate and normalize the iaid. */ + + if (!nm_dhcp_iaid_from_hexstr(str, &iaid)) { + /* Seems invalid. Ignore */ + return; + } + + str_value = nm_dhcp_iaid_to_hexstr(iaid, g_malloc(NM_DHCP_IAID_TO_HEXSTR_BUF_LEN)); + } + g_hash_table_insert(hash, g_strdup(key), str_value); /* dhclient has no special labels for private dhcp options: it uses "unknown_xyz" diff --git a/src/core/dhcp/nm-dhcp-systemd.c b/src/core/dhcp/nm-dhcp-systemd.c index 24bc2b1ef8..65d987b855 100644 --- a/src/core/dhcp/nm-dhcp-systemd.c +++ b/src/core/dhcp/nm-dhcp-systemd.c @@ -70,11 +70,13 @@ G_DEFINE_TYPE(NMDhcpSystemd, nm_dhcp_systemd, NM_TYPE_DHCP_CLIENT) static NML3ConfigData * lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GError **error) { + const NMDhcpClientConfig *config; nm_auto_unref_l3cd_init NML3ConfigData *l3cd = NULL; gs_unref_hashtable GHashTable *options = NULL; struct in6_addr tmp_addr; const struct in6_addr *dns; char addr_str[NM_UTILS_INET_ADDRSTRLEN]; + char iaid_buf[NM_DHCP_IAID_TO_HEXSTR_BUF_LEN]; char **domains; char **ntp_fqdns; const struct in6_addr *ntp_addrs; @@ -84,11 +86,19 @@ lease_to_ip6_config(NMDhcpSystemd *self, sd_dhcp6_lease *lease, gint32 ts, GErro nm_assert(lease); + config = nm_dhcp_client_get_config(NM_DHCP_CLIENT(self)); + l3cd = nm_dhcp_client_create_l3cd(NM_DHCP_CLIENT(self)); options = nm_dhcp_client_create_options_dict(NM_DHCP_CLIENT(self), TRUE); - if (!nm_dhcp_client_get_config(NM_DHCP_CLIENT(self))->v6.info_only) { + nm_dhcp_option_add_option(options, + TRUE, + AF_INET6, + NM_DHCP_OPTION_DHCP6_NM_IAID, + nm_dhcp_iaid_to_hexstr(config->v6.iaid, iaid_buf)); + + if (!config->v6.info_only) { gboolean has_any_addresses = FALSE; uint32_t lft_pref; uint32_t lft_valid; From 4efd8565a6f7c4be6fae6930b1b801f241e42096 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 Feb 2023 21:38:59 +0100 Subject: [PATCH 6/7] dhcp: log used DHCP IAID as hexstr This is also the format that we will use to expose it in the lease information. It's the format that dhclient uses. (cherry picked from commit 2fe4313b92cea1d09f8da6d58a5e55b4506b8f9a) (cherry picked from commit 657949eacdae4ac6f7f91ed29a237e8fd82dc6af) --- src/core/devices/nm-device.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c index 56b412b9e2..718e6f7d3f 100644 --- a/src/core/devices/nm-device.c +++ b/src/core/devices/nm-device.c @@ -1914,11 +1914,13 @@ out_fail: iaid = nm_utils_create_dhcp_iaid(TRUE, (const guint8 *) iface, strlen(iface)); out_good: if (!log_silent) { + char buf[NM_DHCP_IAID_TO_HEXSTR_BUF_LEN]; + _LOGD(LOGD_DEVICE | LOGD_DHCPX(IS_IPv4) | LOGD_IPX(IS_IPv4), - "ipv%c.dhcp-iaid: using %u (0x%08x) IAID (str: '%s', explicit %d)", + "ipv%c.dhcp-iaid: using %u (%s) IAID (str: '%s', explicit %d)", nm_utils_addr_family_to_char(addr_family), iaid, - iaid, + nm_dhcp_iaid_to_hexstr(iaid, buf), iaid_str, is_explicit); } From bb20948b7ba840195d6ae16623a88b3698269464 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 14 Feb 2023 22:01:57 +0100 Subject: [PATCH 7/7] libnm/docs: improve documentation for ipv[46].dhcp-iaid setting (cherry picked from commit f36fabc0fa5e2c61f55cb595749af17f5e419887) (cherry picked from commit e1d6d72f8e56bbcf605a1885c525ef9b82aed7cc) --- src/libnm-core-impl/nm-setting-ip-config.c | 34 ++++++++++++------- src/libnmc-setting/settings-docs.h.in | 4 +-- .../generate-docs-nm-settings-nmcli.xml.in | 4 +-- 3 files changed, 26 insertions(+), 16 deletions(-) diff --git a/src/libnm-core-impl/nm-setting-ip-config.c b/src/libnm-core-impl/nm-setting-ip-config.c index 73f98ab166..c8fc461396 100644 --- a/src/libnm-core-impl/nm-setting-ip-config.c +++ b/src/libnm-core-impl/nm-setting-ip-config.c @@ -6559,18 +6559,28 @@ nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass) /** * NMSettingIPConfig:dhcp-iaid: * - * A string containing the "Identity Association Identifier" (IAID) used - * by the DHCP client. The property is a 32-bit decimal value or a - * special value among "mac", "perm-mac", "ifname" and "stable". When - * set to "mac" (or "perm-mac"), the last 4 bytes of the current (or - * permanent) MAC address are used as IAID. When set to "ifname", the - * IAID is computed by hashing the interface name. The special value - * "stable" can be used to generate an IAID based on the stable-id (see - * connection.stable-id), a per-host key and the interface name. When - * the property is unset, the value from global configuration is used; - * if no global default is set then the IAID is assumed to be - * "ifname". Note that at the moment this property is ignored for IPv6 - * by dhclient, which always derives the IAID from the MAC address. + * A string containing the "Identity Association Identifier" (IAID) used by + * the DHCP client. The string can be a 32-bit number (either decimal, + * hexadecimal or or as colon separated hexadecimal numbers). Alternatively + * it can be set to the special values "mac", "perm-mac", "ifname" or + * "stable". When set to "mac" (or "perm-mac"), the last 4 bytes of the + * current (or permanent) MAC address are used as IAID. When set to + * "ifname", the IAID is computed by hashing the interface name. The + * special value "stable" can be used to generate an IAID based on the + * stable-id (see connection.stable-id), a per-host key and the interface + * name. When the property is unset, the value from global configuration is + * used; if no global default is set then the IAID is assumed to be + * "ifname". + * + * For DHCPv4, the IAID is only used with "ipv4.dhcp-client-id" + * values "duid" and "ipv6-duid" to generate the client-id. + * + * For DHCPv6, note that at the moment this property is + * only supported by the "internal" DHCPv6 plugin. The "dhclient" DHCPv6 + * plugin always derives the IAID from the MAC address. + * + * The actually used DHCPv6 IAID for a currently activated interface is + * exposed in the lease information of the device. * * Since: 1.22 **/ diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in index 208cad8605..1176a63a36 100644 --- a/src/libnmc-setting/settings-docs.h.in +++ b/src/libnmc-setting/settings-docs.h.in @@ -162,7 +162,7 @@ #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_FQDN N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified FQDN will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-hostname\" are mutually exclusive and cannot be set at the same time.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently, this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.") -#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The property is a 32-bit decimal value or a special value among \"mac\", \"perm-mac\", \"ifname\" and \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". Note that at the moment this property is ignored for IPv6 by dhclient, which always derives the IAID from the MAC address.") +#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The string can be a 32-bit number (either decimal, hexadecimal or or as colon separated hexadecimal numbers). Alternatively it can be set to the special values \"mac\", \"perm-mac\", \"ifname\" or \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". For DHCPv4, the IAID is only used with \"ipv4.dhcp-client-id\" values \"duid\" and \"ipv6-duid\" to generate the client-id. For DHCPv6, note that at the moment this property is only supported by the \"internal\" DHCPv6 plugin. The \"dhclient\" DHCPv6 plugin always derives the IAID from the MAC address. The actually used DHCPv6 IAID for a currently activated interface is exposed in the lease information of the device.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_REJECT_SERVERS N_("Array of servers from which DHCP offers must be rejected. This property is useful to avoid getting a lease from misconfigured or rogue servers. For DHCPv4, each element must be an IPv4 address, optionally followed by a slash and a prefix length (e.g. \"192.168.122.0/24\"). This property is currently not implemented for DHCPv6.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_SEND_HOSTNAME N_("If TRUE, a hostname is sent to the DHCP server when acquiring a lease. Some DHCP servers use this hostname to update DNS databases, essentially providing a static hostname for the computer. If the \"dhcp-hostname\" property is NULL and this property is TRUE, the current persistent hostname of the computer is sent.") #define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_TIMEOUT N_("A timeout for a DHCP transaction in seconds. If zero (the default), a globally configured default is used. If still unspecified, a device specific timeout is used (usually 45 seconds). Set to 2147483647 (MAXINT32) for infinity.") @@ -189,7 +189,7 @@ #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_DUID N_("A string containing the DHCPv6 Unique Identifier (DUID) used by the dhcp client to identify itself to DHCPv6 servers (RFC 3315). The DUID is carried in the Client Identifier option. If the property is a hex string ('aa:bb:cc') it is interpreted as a binary DUID and filled as an opaque value in the Client Identifier option. The special value \"lease\" will retrieve the DUID previously used from the lease file belonging to the connection. If no DUID is found and \"dhclient\" is the configured dhcp client, the DUID is searched in the system-wide dhclient lease file. If still no DUID is found, or another dhcp client is used, a global and permanent DUID-UUID (RFC 6355) will be generated based on the machine-id. The special values \"llt\" and \"ll\" will generate a DUID of type LLT or LL (see RFC 3315) based on the current MAC address of the device. In order to try providing a stable DUID-LLT, the time field will contain a constant timestamp that is used globally (for all profiles) and persisted to disk. The special values \"stable-llt\", \"stable-ll\" and \"stable-uuid\" will generate a DUID of the corresponding type, derived from the connection's stable-id and a per-host unique key. You may want to include the \"${DEVICE}\" or \"${MAC}\" specifier in the stable-id, in case this profile gets activated on multiple devices. So, the link-layer address of \"stable-ll\" and \"stable-llt\" will be a generated address derived from the stable id. The DUID-LLT time value in the \"stable-llt\" option will be picked among a static timespan of three years (the upper bound of the interval is the same constant timestamp used in \"llt\"). When the property is unset, the global value provided for \"ipv6.dhcp-duid\" is used. If no global value is provided, the default \"lease\" value is assumed.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME_FLAGS N_("Flags for the DHCP hostname and FQDN. Currently, this property only includes flags to control the FQDN flags set in the DHCP FQDN option. Supported FQDN flags are NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) and NM_DHCP_HOSTNAME_FLAG_FQDN_NO_UPDATE (0x4). When no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is set, the DHCP FQDN option will contain no flag. Otherwise, if no FQDN flag is set and NM_DHCP_HOSTNAME_FLAG_FQDN_CLEAR_FLAGS (0x8) is not set, the standard FQDN flags are set in the request: NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1), NM_DHCP_HOSTNAME_FLAG_FQDN_ENCODED (0x2) for IPv4 and NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE (0x1) for IPv6. When this property is set to the default value NM_DHCP_HOSTNAME_FLAG_NONE (0x0), a global default is looked up in NetworkManager configuration. If that value is unset or also NM_DHCP_HOSTNAME_FLAG_NONE (0x0), then the standard FQDN flags described above are sent in the DHCP requests.") -#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The property is a 32-bit decimal value or a special value among \"mac\", \"perm-mac\", \"ifname\" and \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". Note that at the moment this property is ignored for IPv6 by dhclient, which always derives the IAID from the MAC address.") +#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_IAID N_("A string containing the \"Identity Association Identifier\" (IAID) used by the DHCP client. The string can be a 32-bit number (either decimal, hexadecimal or or as colon separated hexadecimal numbers). Alternatively it can be set to the special values \"mac\", \"perm-mac\", \"ifname\" or \"stable\". When set to \"mac\" (or \"perm-mac\"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to \"ifname\", the IAID is computed by hashing the interface name. The special value \"stable\" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be \"ifname\". For DHCPv4, the IAID is only used with \"ipv4.dhcp-client-id\" values \"duid\" and \"ipv6-duid\" to generate the client-id. For DHCPv6, note that at the moment this property is only supported by the \"internal\" DHCPv6 plugin. The \"dhclient\" DHCPv6 plugin always derives the IAID from the MAC address. The actually used DHCPv6 IAID for a currently activated interface is exposed in the lease information of the device.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_REJECT_SERVERS N_("Array of servers from which DHCP offers must be rejected. This property is useful to avoid getting a lease from misconfigured or rogue servers. For DHCPv4, each element must be an IPv4 address, optionally followed by a slash and a prefix length (e.g. \"192.168.122.0/24\"). This property is currently not implemented for DHCPv6.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_SEND_HOSTNAME N_("If TRUE, a hostname is sent to the DHCP server when acquiring a lease. Some DHCP servers use this hostname to update DNS databases, essentially providing a static hostname for the computer. If the \"dhcp-hostname\" property is NULL and this property is TRUE, the current persistent hostname of the computer is sent.") #define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_TIMEOUT N_("A timeout for a DHCP transaction in seconds. If zero (the default), a globally configured default is used. If still unspecified, a device specific timeout is used (usually 45 seconds). Set to 2147483647 (MAXINT32) for infinity.") diff --git a/src/nmcli/generate-docs-nm-settings-nmcli.xml.in b/src/nmcli/generate-docs-nm-settings-nmcli.xml.in index f78c5f427a..8147567f2e 100644 --- a/src/nmcli/generate-docs-nm-settings-nmcli.xml.in +++ b/src/nmcli/generate-docs-nm-settings-nmcli.xml.in @@ -679,7 +679,7 @@ + description="A string containing the "Identity Association Identifier" (IAID) used by the DHCP client. The string can be a 32-bit number (either decimal, hexadecimal or or as colon separated hexadecimal numbers). Alternatively it can be set to the special values "mac", "perm-mac", "ifname" or "stable". When set to "mac" (or "perm-mac"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to "ifname", the IAID is computed by hashing the interface name. The special value "stable" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be "ifname". For DHCPv4, the IAID is only used with "ipv4.dhcp-client-id" values "duid" and "ipv6-duid" to generate the client-id. For DHCPv6, note that at the moment this property is only supported by the "internal" DHCPv6 plugin. The "dhclient" DHCPv6 plugin always derives the IAID from the MAC address. The actually used DHCPv6 IAID for a currently activated interface is exposed in the lease information of the device." /> + description="A string containing the "Identity Association Identifier" (IAID) used by the DHCP client. The string can be a 32-bit number (either decimal, hexadecimal or or as colon separated hexadecimal numbers). Alternatively it can be set to the special values "mac", "perm-mac", "ifname" or "stable". When set to "mac" (or "perm-mac"), the last 4 bytes of the current (or permanent) MAC address are used as IAID. When set to "ifname", the IAID is computed by hashing the interface name. The special value "stable" can be used to generate an IAID based on the stable-id (see connection.stable-id), a per-host key and the interface name. When the property is unset, the value from global configuration is used; if no global default is set then the IAID is assumed to be "ifname". For DHCPv4, the IAID is only used with "ipv4.dhcp-client-id" values "duid" and "ipv6-duid" to generate the client-id. For DHCPv6, note that at the moment this property is only supported by the "internal" DHCPv6 plugin. The "dhclient" DHCPv6 plugin always derives the IAID from the MAC address. The actually used DHCPv6 IAID for a currently activated interface is exposed in the lease information of the device." />