[Dnsmasq-discuss] [PATCH] RFC8520 (MUD) support in DHCP

Mon, 11 Jul 2022 06:58:39 -0700 

Hi Simon,
my university project for network security has been working with a fork of dnsmasq for some time now. 


I'm submitting the attached 2 patches for dnsmasq master branch to add 
MUD DHCP option and URL extraction. This was requested on the mailing 
list [1] [2].



I'm looking forward to hearing back from you. Thanks for your time and 
efforts.


Best Regards

Jasper Wiegratz



[1] 
https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg12326.html 




[2] 
https://www.mail-archive.com/dnsmasq-discuss@lists.thekelleys.org.uk/msg12116.html 




From bfcf0b0d5cf9511c4bfc0edb2a387bb52a792d79 Mon Sep 17 00:00:00 2001
From: wiegratz <wiegr...@uni-bremen.de>
Date: Sat, 9 Jul 2022 19:46:36 +0000
Subject: [PATCH 2/2] Add MUD (RFC8520) URL extraction for DHCPv4

---
 src/dhcp-protocol.h | 1 +
 src/helper.c        | 1 +
 src/rfc2131.c       | 9 +++++++++
 3 files changed, 11 insertions(+)

diff --git a/src/dhcp-protocol.h b/src/dhcp-protocol.h
index 75c9cd3..e281143 100644
--- a/src/dhcp-protocol.h
+++ b/src/dhcp-protocol.h
@@ -64,6 +64,7 @@
 #define OPTION_SIP_SERVER        120
 #define OPTION_VENDOR_IDENT      124
 #define OPTION_VENDOR_IDENT_OPT  125
+#define OPTION_MUD_URL_V4        161
 #define OPTION_END               255
 
 #define SUBOPT_CIRCUIT_ID        1
diff --git a/src/helper.c b/src/helper.c
index 749e8cc..771a3e9 100644
--- a/src/helper.c
+++ b/src/helper.c
@@ -633,6 +633,7 @@ int create_helper(int event_fd, int err_fd, uid_t uid, 
gid_t gid, long max_fd)
              buf = grab_extradata(buf, end, "DNSMASQ_CIRCUIT_ID", &err);
              buf = grab_extradata(buf, end, "DNSMASQ_SUBSCRIBER_ID", &err);
              buf = grab_extradata(buf, end, "DNSMASQ_REMOTE_ID", &err);
+             buf = grab_extradata(buf, end, "DNSMASQ_MUD_URL", &err);
              buf = grab_extradata(buf, end, "DNSMASQ_REQUESTED_OPTIONS", &err);
            }
          
diff --git a/src/rfc2131.c b/src/rfc2131.c
index ecda2d3..692293e 100644
--- a/src/rfc2131.c
+++ b/src/rfc2131.c
@@ -1417,6 +1417,15 @@ size_t dhcp_reply(struct dhcp_context *context, char 
*iface_name, int int_index,
                      add_extradata_opt(lease, NULL);
                    }
 
+                 if ((opt = option_find(mess, sz, OPTION_MUD_URL_V4, 1)))
+                 {
+                       add_extradata_opt(lease, opt);
+                 }
+                 else
+                 {
+                       add_extradata_opt(lease, NULL);
+                 }
+
                  /* DNSMASQ_REQUESTED_OPTIONS */
                  if ((opt = option_find(mess, sz, OPTION_REQUESTED_OPTIONS, 
1)))
                    {
-- 
2.32.0


From 2e474e25f1e7e54003c59d28b0a1325180caeeeb Mon Sep 17 00:00:00 2001
From: wiegratz <wiegr...@uni-bremen.de>
Date: Sat, 9 Jul 2022 19:45:51 +0000
Subject: [PATCH 1/2] Add MUD (RFC8520) URL extraction for DHCPv6

---
 src/dhcp6-protocol.h |  1 +
 src/helper.c         |  6 ++++--
 src/rfc3315.c        | 10 ++++++++++
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/dhcp6-protocol.h b/src/dhcp6-protocol.h
index 332d536..ce16603 100644
--- a/src/dhcp6-protocol.h
+++ b/src/dhcp6-protocol.h
@@ -63,6 +63,7 @@
 #define OPTION6_FQDN            39
 #define OPTION6_NTP_SERVER      56
 #define OPTION6_CLIENT_MAC      79
+#define OPTION6_MUD_URL         112
 
 #define NTP_SUBOPTION_SRV_ADDR  1
 #define NTP_SUBOPTION_MC_ADDR   2
diff --git a/src/helper.c b/src/helper.c
index 14330f3..749e8cc 100644
--- a/src/helper.c
+++ b/src/helper.c
@@ -638,8 +638,10 @@ int create_helper(int event_fd, int err_fd, uid_t uid, 
gid_t gid, long max_fd)
          
          buf = grab_extradata(buf, end, "DNSMASQ_TAGS", &err);
 
-         if (is6)
-           buf = grab_extradata(buf, end, "DNSMASQ_RELAY_ADDRESS", &err);
+         if (is6) {
+              buf = grab_extradata(buf, end, "DNSMASQ_RELAY_ADDRESS", &err);
+              buf = grab_extradata(buf, end, "DNSMASQ_MUD_URL", &err);
+            }
          else
            {
              const char *giaddr = NULL;
diff --git a/src/rfc3315.c b/src/rfc3315.c
index e218d26..6a5a354 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -1934,6 +1934,16 @@ static void update_leases(struct state *state, struct 
dhcp_context *context, str
          
          lease_add_extradata(lease, (unsigned char *)daemon->addrbuff, 
state->link_address ? strlen(daemon->addrbuff) : 0, 0);
          
+         void *mud_opt;
+         if ((mud_opt = opt6_find(state->packet_options, state->end, 
OPTION6_MUD_URL, 1)))
+           {
+             lease_add_extradata(lease, opt6_ptr(mud_opt, 0), 
opt6_len(mud_opt), NULL);
+           }
+         else
+           {
+             lease_add_extradata(lease, NULL, 0, 0);
+           }
+         
          if ((class_opt = opt6_find(state->packet_options, state->end, 
OPTION6_USER_CLASS, 2)))
            {
              void *enc_opt, *enc_end = opt6_ptr(class_opt, 
opt6_len(class_opt));
-- 
2.32.0


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss






















					Reply via email to