sd-dhcp: be more detailed about invalid headers

This may be a common problem, so let's make it simpler to debug,
at least for now.

diff --git a/src/libsystemd-dhcp/dhcp-packet.c b/src/libsystemd-dhcp/dhcp-packet.c
index d606d55a05bfadbe8934d10fdbeb1b9199ac4298..4501d27571ef42a1d8875fa2b10723f20cbe96cb 100644 (file)
--- a/src/libsystemd-dhcp/dhcp-packet.c
+++ b/src/libsystemd-dhcp/dhcp-packet.c
@@ -132,38 +132,58 @@ int dhcp_packet_verify_headers(DHCPPacket *packet, uint8_t op, size_t len) {
 
         assert(op == BOOTREQUEST || op == BOOTREPLY);
 
-        if (len < (DHCP_IP_UDP_SIZE + DHCP_MESSAGE_SIZE))
+        if (len < (DHCP_IP_UDP_SIZE + DHCP_MESSAGE_SIZE)) {
+                log_dhcp_client(client, "ignoring packet: packet too small");
                 return -EINVAL;
+        }
 
         hdrlen = packet->ip.ihl * 4;
-        if (hdrlen < 20 || hdrlen > len || dhcp_checksum(&packet->ip, hdrlen))
+        if (hdrlen < 20 || hdrlen > len) {
+                log_dhcp_client(client, "ignoring packet: header with wrong size");
                 return -EINVAL;
+        }
 
-        if (hdrlen + be16toh(packet->udp.len) > len)
+        if (dhcp_checksum(&packet->ip, hdrlen)) {
+                log_dhcp_client(client, "ignoring packet: invalid ip checksum");
                 return -EINVAL;
+        }
+
+        if (hdrlen + be16toh(packet->udp.len) > len) {
+                log_dhcp_client(client, "ignoring packet: packet too small (udp.len=%u)",
+                                be16toh(packet->udp.len));
+                return -EINVAL;
+        }
 
         if (packet->udp.check) {
                 packet->ip.check = packet->udp.len;
                 packet->ip.ttl = 0;
 
                 if (dhcp_checksum(&packet->ip.ttl,
-                                  be16toh(packet->udp.len) + 12))
+                                  be16toh(packet->udp.len) + 12)) {
+                        log_dhcp_client(client, "ignoring packet: invalid udp checksum");
                         return -EINVAL;
+                }
         }
 
-        if (packet->dhcp.op != op)
+        if (packet->dhcp.op != op) {
+                log_dhcp_client(client, "ignoring packet: wrong operation");
                 return -EINVAL;
+        }
 
         switch (op) {
                 case BOOTREQUEST:
                         if (be16toh(packet->udp.source) != DHCP_PORT_CLIENT ||
-                            be16toh(packet->udp.dest) != DHCP_PORT_SERVER)
+                            be16toh(packet->udp.dest) != DHCP_PORT_SERVER) {
+                                log_dhcp_client(client, "ignoring packet: wrong ports");
                                 return -EINVAL;
+                        }
                         break;
                 case BOOTREPLY:
                         if (be16toh(packet->udp.source) != DHCP_PORT_SERVER ||
-                            be16toh(packet->udp.dest) != DHCP_PORT_CLIENT)
+                            be16toh(packet->udp.dest) != DHCP_PORT_CLIENT) {
+                                log_dhcp_client(client, "ignoring packet: wrong ports");
                                 return -EINVAL;
+                        }
                         break;
         }
 

diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c
index 350675530466f2f472bcd2a5ab7b5a986de79e33..7f86d92fb5bf39788c77f0465388b22311b2e526 100644 (file)
--- a/src/libsystemd-dhcp/sd-dhcp-client.c
+++ b/src/libsystemd-dhcp/sd-dhcp-client.c
@@ -870,10 +870,8 @@ static int client_receive_message_raw(sd_event_source *s, int fd,
         packet = (DHCPPacket *) buf;
 
         r = dhcp_packet_verify_headers(packet, BOOTREPLY, len);
-        if (r < 0) {
-                log_dhcp_client(client, "ignoring DHCP packet with invalid headers");
+        if (r < 0)
                 return 0;
-        }
 
         len -= DHCP_IP_UDP_SIZE;