Re: [dhcpd] Too many call to "remove ip from pf's table"

2015-01-31 Thread sven falempin 
 bumping this legit patch.

On Thu, Jan 22, 2015 at 6:48 PM, Bertrand PROVOST
 wrote:
> Hello,
>
> Based on a patch[1] found on the mailing list, I added a link between
> dhcpd and unbound to be able to resolve name of all client that have
> a lease on dhcpd. And I found a bug in the function 'periodic_scan'
> which is called every X second (X = half of the minimum lease duration).
>
> This function check all leases and for each expired leases,
> it call `release_lease' and remove from pf table `leases' the associated
> ip to this lease.
>
> 1) Calling `release_lease' in dhcpd.c, in `periodic_scan' is irrelevant.
> The function `release_lease' would be used to trigger this part of code.
>
> This function check if the leases is NOT yet expired and then change
> the end time of the lease to `cur_time'
> So it do nothing if this condition is false:
>
> if (lt.ends > cur_time)
>
> And this condition cannot be true when it's called in `periodic_scan'
> because we check that the lease has already expire
>
> if (cur_time >= l->ends){
>
> 2) This function would remove an IP address from a pf's  table again
> and again. Then, for example, if the shortest leases time is 10 minutes,
> every 5 minutes, this code will be call:
>
> pfmsg('R', l);
>
> So I choose to add a condition that check this was not called on
> previous scan.
>
> I don't know if this can be a problem because this ip should be handle
> only by one dhcpd server. But in case or we want add manually this ip
> in the table, it will be removed every time that, the function
> `periodic_scan` is called
>
>
> [1] http://marc.info/?l=openbsd-tech&m=118039557923827
>
> --
> Bertrand PROVOST
>
>
> Index: dhcpd.c
> ===
> RCS file: /cvs/src/usr.sbin/dhcpd/dhcpd.c,v
> retrieving revision 1.46
> diff -u -p -r1.46 dhcpd.c
> --- dhcpd.c 16 Jan 2015 06:40:16 -  1.46
> +++ dhcpd.c 22 Jan 2015 19:15:55 -
> @@ -48,6 +48,7 @@
>  void usage(void);
>
>  time_t cur_time;
> +time_t last_periodic_scan_time;
>  struct group root_group;
>
>  u_int16_t server_port;
> @@ -347,10 +348,10 @@ periodic_scan(void *p)
> for (g = n->group; g; g = g->next)
> for (s = g->shared_network; s; s = s->next)
> for (l = s->leases; l && l->ends; l = l->next)
> -   if (cur_time >= l->ends){
> -   release_lease(l);
> +   if (cur_time >= l->ends &&
> l->ends > last_periodic_scan_time){
> pfmsg('R', l);
> }
>
> +   last_periodic_scan_time = cur_time;
> add_timeout(cur_time + y, periodic_scan, NULL);
>  }
>



-- 
-
() ascii ribbon campaign - against html e-mail
/\

[dhcpd] Too many call to "remove ip from pf's table"

2015-01-22 Thread Bertrand PROVOST 
Hello,

Based on a patch[1] found on the mailing list, I added a link between
dhcpd and unbound to be able to resolve name of all client that have
a lease on dhcpd. And I found a bug in the function 'periodic_scan'
which is called every X second (X = half of the minimum lease duration).

This function check all leases and for each expired leases,
it call `release_lease' and remove from pf table `leases' the associated
ip to this lease.

1) Calling `release_lease' in dhcpd.c, in `periodic_scan' is irrelevant.
The function `release_lease' would be used to trigger this part of code.

This function check if the leases is NOT yet expired and then change
the end time of the lease to `cur_time'
So it do nothing if this condition is false:

if (lt.ends > cur_time)

And this condition cannot be true when it's called in `periodic_scan'
because we check that the lease has already expire

if (cur_time >= l->ends){

2) This function would remove an IP address from a pf's  table again
and again. Then, for example, if the shortest leases time is 10 minutes,
every 5 minutes, this code will be call:

pfmsg('R', l);

So I choose to add a condition that check this was not called on
previous scan.

I don't know if this can be a problem because this ip should be handle
only by one dhcpd server. But in case or we want add manually this ip
in the table, it will be removed every time that, the function
`periodic_scan` is called


[1] http://marc.info/?l=openbsd-tech&m=118039557923827

-- 
Bertrand PROVOST


Index: dhcpd.c
===
RCS file: /cvs/src/usr.sbin/dhcpd/dhcpd.c,v
retrieving revision 1.46
diff -u -p -r1.46 dhcpd.c
--- dhcpd.c 16 Jan 2015 06:40:16 -  1.46
+++ dhcpd.c 22 Jan 2015 19:15:55 -
@@ -48,6 +48,7 @@
 void usage(void);

 time_t cur_time;
+time_t last_periodic_scan_time;
 struct group root_group;

 u_int16_t server_port;
@@ -347,10 +348,10 @@ periodic_scan(void *p)
for (g = n->group; g; g = g->next)
for (s = g->shared_network; s; s = s->next)
for (l = s->leases; l && l->ends; l = l->next)
-   if (cur_time >= l->ends){
-   release_lease(l);
+   if (cur_time >= l->ends &&
l->ends > last_periodic_scan_time){
pfmsg('R', l);
}

+   last_periodic_scan_time = cur_time;
add_timeout(cur_time + y, periodic_scan, NULL);
 }