poky/meta/recipes-core/systemd/systemd/0003-sd-dhcp-client-logs-when-dhcp-client-unexpectedly-ga.patch - openbmc/openbmc - Gitiles

 From 0ad3b0fffe622bffbe9f380c3e4cb99b0961bef5 Mon Sep 17 00:00:00 2001
 From: Yu Watanabe <watanabe.yu+github@gmail.com>
 Date: Thu, 24 Jun 2021 01:14:12 +0900
 Subject: [PATCH] sd-dhcp-client: logs when dhcp client unexpectedly gains a
  new lease

 Previously, such situation is handled silently.

 Upstream-Status: Backport
 CVE: CVE-2020-13529
 Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
 ---
  src/libsystemd-network/sd-dhcp-client.c | 23 ++++++++++++-----------
  1 file changed, 12 insertions(+), 11 deletions(-)

 diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
 index ef3a7d2c6b..04a75c6966 100644
 --- a/src/libsystemd-network/sd-dhcp-client.c
 +++ b/src/libsystemd-network/sd-dhcp-client.c
 @@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
  static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, int len) {
          DHCP_CLIENT_DONT_DESTROY(client);
          char time_string[FORMAT_TIMESPAN_MAX];
 -        int r, notify_event = 0;
 +        int r, notify_event;

          assert(client);
          assert(client->event);
 @@ -1815,16 +1815,16 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i
                  if (r < 0)
                          goto error;

 +                if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
 +                        notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
 +                else
 +                        notify_event = r;
 +
                  client->start_delay = 0;
                  (void) event_source_disable(client->timeout_resend);
                  client->receive_message = sd_event_source_unref(client->receive_message);
                  client->fd = safe_close(client->fd);

 -                if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
 -                        notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
 -                else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
 -                        notify_event = r;
 -
                  client->state = DHCP_STATE_BOUND;
                  client->attempt = 0;

 @@ -1846,12 +1846,13 @@ static int client_handle_message(sd_dhcp_client *client, DHCPMessage *message, i

                  client_initialize_io_events(client, client_receive_message_udp);

 -                if (notify_event) {
 +                if (IN_SET(client->state, DHCP_STATE_RENEWING, DHCP_STATE_REBINDING) &&
 +                    notify_event == SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
 +                        /* FIXME: hmm, maybe this is a bug... */
 +                        log_dhcp_client(client, "client_handle_ack() returned SD_DHCP_CLIENT_EVENT_IP_ACQUIRE while DHCP client is %s the address, skipping callback.",
 +                                        client->state == DHCP_STATE_RENEWING ? "renewing" : "rebinding");
 +                else
                          client_notify(client, notify_event);
 -                        if (client->state == DHCP_STATE_STOPPED)
 -                                return 0;
 -                }
 -
                  break;

          case DHCP_STATE_BOUND:
	From 0ad3b0fffe622bffbe9f380c3e4cb99b0961bef5 Mon Sep 17 00:00:00 2001
	From: Yu Watanabe <watanabe.yu+github@gmail.com>
	Date: Thu, 24 Jun 2021 01:14:12 +0900
	Subject: [PATCH] sd-dhcp-client: logs when dhcp client unexpectedly gains a
	new lease

	Previously, such situation is handled silently.

	Upstream-Status: Backport
	CVE: CVE-2020-13529
	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
	---
	src/libsystemd-network/sd-dhcp-client.c \| 23 ++++++++++++-----------
	1 file changed, 12 insertions(+), 11 deletions(-)

	diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
	index ef3a7d2c6b..04a75c6966 100644
	--- a/src/libsystemd-network/sd-dhcp-client.c
	+++ b/src/libsystemd-network/sd-dhcp-client.c
	@@ -1760,7 +1760,7 @@ static int client_set_lease_timeouts(sd_dhcp_client *client) {
	static int client_handle_message(sd_dhcp_client client, DHCPMessage message, int len) {
	DHCP_CLIENT_DONT_DESTROY(client);
	char time_string[FORMAT_TIMESPAN_MAX];
	- int r, notify_event = 0;
	+ int r, notify_event;

	assert(client);
	assert(client->event);
	@@ -1815,16 +1815,16 @@ static int client_handle_message(sd_dhcp_client client, DHCPMessage message, i
	if (r < 0)
	goto error;

	+ if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
	+ notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
	+ else
	+ notify_event = r;
	+
	client->start_delay = 0;
	(void) event_source_disable(client->timeout_resend);
	client->receive_message = sd_event_source_unref(client->receive_message);
	client->fd = safe_close(client->fd);

	- if (IN_SET(client->state, DHCP_STATE_REQUESTING, DHCP_STATE_REBOOTING))
	- notify_event = SD_DHCP_CLIENT_EVENT_IP_ACQUIRE;
	- else if (r != SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
	- notify_event = r;
	-
	client->state = DHCP_STATE_BOUND;
	client->attempt = 0;

	@@ -1846,12 +1846,13 @@ static int client_handle_message(sd_dhcp_client client, DHCPMessage message, i

	client_initialize_io_events(client, client_receive_message_udp);

	- if (notify_event) {
	+ if (IN_SET(client->state, DHCP_STATE_RENEWING, DHCP_STATE_REBINDING) &&
	+ notify_event == SD_DHCP_CLIENT_EVENT_IP_ACQUIRE)
	+ /* FIXME: hmm, maybe this is a bug... */
	+ log_dhcp_client(client, "client_handle_ack() returned SD_DHCP_CLIENT_EVENT_IP_ACQUIRE while DHCP client is %s the address, skipping callback.",
	+ client->state == DHCP_STATE_RENEWING ? "renewing" : "rebinding");
	+ else
	client_notify(client, notify_event);
	- if (client->state == DHCP_STATE_STOPPED)
	- return 0;
	- }
	-
	break;

	case DHCP_STATE_BOUND: