unbound: drop odhcpd leases with wrong field count

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
(cherry pick commit: 59617f076d7cbdd04a341bf7cfb5f3d9772b5765)

diff --git a/net/unbound/Makefile b/net/unbound/Makefile
index c28b2a003e22bb5e1fce15c964b8450f798f473f..ec93dc2fdfaaf9380208434e324210e39d50530a 100644 (file)
--- a/net/unbound/Makefile
+++ b/net/unbound/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=unbound
 PKG_VERSION:=1.6.8
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE

diff --git a/net/unbound/files/odhcpd.awk b/net/unbound/files/odhcpd.awk
index 160950884e39e077946e1cdd0f61abc552b9f8e1..3c5378870025dd0071c9d987e86a24ef600e4134 100644 (file)
--- a/net/unbound/files/odhcpd.awk
+++ b/net/unbound/files/odhcpd.awk
@@ -37,6 +37,12 @@
   sub( /.*\//, "", cdr2 ) ;
 
 
+  if ( hst !~ /^[[:alnum:]]([-[:alnum:]]*[[:alnum:]])?$/ ) {
+    # that is not a valid host name (RFC1123)
+    hst = "-" ;
+  }
+
+
   if ( bisolt == 1 ) {
     # TODO: this might be better with a substituion option,
     # or per DHCP pool do-not-DNS option, but its getting busy here.
@@ -50,81 +56,73 @@
   }
 
 
-  if ( cls == "ipv4" ) {
-    if ( NF == 8 ) {
-      # odhcpd errata in field format without host name
-      adr = $8 ; hst = "-" ; cdr = adr ;
-      sub( /\/.*/, "", adr ) ;
-      sub( /.*\//, "", cdr ) ;
+  if ((cls == "ipv4") && (hst != "-") && (cdr == 32) && (NF == 9)) {
+    # IPV4 ; only for provided hostnames and full /32 assignments
+    # NF=9 ; odhcpd errata in field format without host name
+    ptr = adr ; qpr = "" ; split( ptr, ptr, "." ) ;
+    slaac = slaac_eui64( id ) ;
+
+
+    if ( bconf == 1 ) {
+      x = ( "local-data: \"" fqdn ". 120 IN A " adr "\"" ) ;
+      y = ( "local-data-ptr: \"" adr " 120 " fqdn "\"" ) ;
+      print ( x "\n" y "\n" ) > hostfile ;
     }
 
+    else {
+      for( i=1; i<=4; i++ ) { qpr = ( ptr[i] "." qpr) ; }
+      x = ( fqdn ". 120 IN A " adr ) ;
+      y = ( qpr "in-addr.arpa. 120 IN PTR " fqdn ) ;
+      print ( x "\n" y ) > hostfile ;
+    }
 
-    if (( cdr == 32 ) && ( hst != "-" )) {
-      # only for provided hostnames and full /32 assignments
-      ptr = adr ; qpr = "" ; split( ptr, ptr, "." ) ;
-      slaac = slaac_eui64( id ) ;
 
+    if (( bslaac == 1 ) && ( slaac != 0 )) {
+      # UCI option to discover IPV6 routed SLAAC addresses
+      # NOT TODO - ping probe take too long when added in awk-rule loop
+      cmd = ( "ip -6 --oneline route show dev " net ) ;
 
-      if ( bconf == 1 ) {
-        x = ( "local-data: \"" fqdn ". 120 IN A " adr "\"" ) ;
-        y = ( "local-data-ptr: \"" adr " 120 " fqdn "\"" ) ;
-        print ( x "\n" y ) > hostfile ;
-      }
 
-      else {
-        for( i=1; i<=4; i++ ) { qpr = ( ptr[i] "." qpr) ; }
-        x = ( fqdn ". 120 IN A " adr ) ;
-        y = ( qpr "in-addr.arpa. 120 IN PTR " fqdn ) ;
-        print ( x "\n" y ) > hostfile ;
-      }
+      while ( ( cmd | getline adr ) > 0 ) {
+        if (( substr( adr, 1, 5 ) <= "fdff:" ) \
+        && ( index( adr, "anycast" ) == 0 ) \
+        && ( index( adr, "via" ) == 0 )) {
+          # GA or ULA routed addresses only (not LL or MC)
+          sub( /\/.*/, "", adr ) ;
+          adr = ( adr slaac ) ;
 
 
-      if (( bslaac == 1 ) && ( slaac != 0 )) {
-        # UCI option to discover IPV6 routed SLAAC addresses
-        # NOT TODO - ping probe take too long when added in awk-rule loop
-        cmd = ( "ip -6 --oneline route show dev " net ) ;
-
-
-        while ( ( cmd | getline adr ) > 0 ) {
-          if (( substr( adr, 1, 5 ) <= "fd00:" ) \
-          && ( index( adr, "via" ) == 0 )) {
-            # GA or ULA routed addresses only (not LL or MC)
-            sub( /\/.*/, "", adr ) ;
-            adr = ( adr slaac ) ;
-            
-            
-            if ( split( adr, tmp0, ":" ) >= 8 ) { 
-              sub( "::", ":", adr ) ; 
-            }
-
-
-            if ( bconf == 1 ) {
-              x = ( "local-data: \"" fqdn ". 120 IN AAAA " adr "\"" ) ;
-              y = ( "local-data-ptr: \"" adr " 120 " fqdn "\"" ) ;
-              print ( x "\n" y ) > hostfile ;
-            }
-
-            else {
-              qpr = ipv6_ptr( adr ) ;
-              x = ( fqdn ". 120 IN AAAA " adr ) ;
-              y = ( qpr ". 120 IN PTR " fqdn ) ;
-              print ( x "\n" y ) > hostfile ;
-            }
+          if ( split( adr, tmp0, ":" ) > 8 ) {
+            sub( "::", ":", adr ) ;
           }
-        }
 
 
-        close( cmd ) ;
+          if ( bconf == 1 ) {
+            x = ( "local-data: \"" fqdn ". 120 IN AAAA " adr "\"" ) ;
+            y = ( "local-data-ptr: \"" adr " 120 " fqdn "\"" ) ;
+            print ( x "\n" y "\n" ) > hostfile ;
+          }
+
+          else {
+            qpr = ipv6_ptr( adr ) ;
+            x = ( fqdn ". 120 IN AAAA " adr ) ;
+            y = ( qpr ". 120 IN PTR " fqdn ) ;
+            print ( x "\n" y ) > hostfile ;
+          }
+        }
       }
+
+
+      close( cmd ) ;
     }
   }
 
-  else {
-    if (( cdr == 128 ) && ( hst != "-" )) {
+  else if ((cls != "ipv4") && (hst != "-") && (9 <= NF) && (NF <= 10)) {
+    if (cdr == 128) {
       if ( bconf == 1 ) {
         x = ( "local-data: \"" fqdn ". 120 IN AAAA " adr "\"" ) ;
         y = ( "local-data-ptr: \"" adr " 120 " fqdn "\"" ) ;
-        print ( x "\n" y ) > hostfile ;
+        print ( x "\n" y "\n" ) > hostfile ;
       }
 
       else {
@@ -135,12 +133,12 @@
         print ( x "\n" y ) > hostfile ;
       }
     }
-    
-    if (( cdr2 == 128 ) && ( hst != "-" )) {
+
+    if (cdr2 == 128) {
       if ( bconf == 1 ) {
         x = ( "local-data: \"" fqdn ". 120 IN AAAA " adr2 "\"" ) ;
         y = ( "local-data-ptr: \"" adr2 " 120 " fqdn "\"" ) ;
-        print ( x "\n" y ) > hostfile ;
+        print ( x "\n" y "\n" ) > hostfile ;
       }
 
       else {
@@ -152,6 +150,10 @@
       }
     }
   }
+
+  else {
+    # dump non-conforming lease records
+  }
 }
 
 ##############################################################################