Opened 2 years ago

Last modified 2 years ago

#3894 new defect

Kea is not validating configure values.

Reported by: wlodekwencel Owned by:
Priority: very low Milestone: Outstanding Tasks
Component: configuration Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

During configuration of Kea we can start it with values that are not consider as 'valid'.

  1. Policy Filter option

RFC:

   This option specifies policy filters for non-local source routing.
   The filters consist of a list of IP addresses and masks which specify
   destination/mask pairs with which to filter incoming source routes.

   The code for this option is 21.  The minimum length of this option is
   8, and the length MUST be a multiple of 8.

Kea can be configured with only one address - it makes length = 4

  1. Maximum Datagram Reassembly Size
       This option specifies the maximum size datagram that the client
       should be prepared to reassemble.  The size is specified as a 16-bit
       unsigned integer.  The minimum value legal value is 576.
    
       The code for this option is 22, and its length is 2.
    

Kea can be configured with values smaller than 576

  1. Default IP Time-to-live
       This option specifies the default time-to-live that the client should
       use on outgoing datagrams.  The TTL is specified as an octet with a
       value between 1 and 255.
    

Kea can be configured with 0.

  1. Path MTU Plateau Table Option
       This option specifies a table of MTU sizes to use when performing
       Path MTU Discovery as defined in RFC 1191.  The table is formatted as
       a list of 16-bit unsigned integers, ordered from smallest to largest.
       The minimum MTU value cannot be smaller than 68.
    

Kea can be configured with less than 68.

  1. TCP Default TTL Option
       This option specifies the default TTL that the client should use when
       sending TCP segments.  The value is represented as an 8-bit unsigned
       integer.  The minimum value is 1.
    

Kea can be configured with 0.

  1. Option Overload

Can be configured only with values: 1,2,3. Kea approves everything from 0 to 255

  1. Maximum DHCP Message Size
       The code for this option is 57, and its length is 2.  The minimum
       legal value is 576 octets
    

Kea can be configured with less than 576.

Those are minor things and I'm sure we find such things in Kea6 also.

Subtickets

Change History (3)

comment:1 Changed 2 years ago by hschempf

  • Milestone changed from Kea-proposed to Kea1.1

comment:2 Changed 2 years ago by tomek

  • Milestone changed from Kea1.1 to DHCP Outstanding Tasks

comment:3 Changed 2 years ago by tomek

  • Milestone changed from DHCP Outstanding Tasks to Outstanding Tasks

Milestone renamed

Note: See TracTickets for help on using tickets.