OpenBSD Journal

dhcpleased(8) - DHCP client daemon

Contributed by rueda on from the we-are-pleased-too dept.

With the following commit, Florian Obser (florian@) imported dhcpleased(8), DHCP daemon to acquire IPv4 address leases from servers, plus dhcpleasectl(8), a utility to control the daemon:

CVSROOT:	/cvs
Module name:	src
Changes by:	florian@cvs.openbsd.org	2021/02/26 09:16:37

Added files:
	sbin/dhcpleased: Makefile bpf.c bpf.h checksum.c checksum.h 
	                 control.c control.h dhcpleased.8 dhcpleased.c 
	                 dhcpleased.h engine.c engine.h frontend.c 
	                 frontend.h log.c log.h 
	usr.sbin/dhcpleasectl: Makefile dhcpleasectl.8 dhcpleasectl.c 
	                       parser.c parser.h 

Log message:
Import dhcpleased(8) - a dhcp daemon to acquire IPv4 address leases
from servers.
dhcpleased(8) follows the well known three process design of all our
privsep daemons. It uses pledge(2) and unveil(2) to restrict access
further. In particular the "engine" process, responsible for parsing
of untrusted data, is pledge'd "stdio". It cannot access the outside
world nor the filesystem at all.

Like slaacd(8) for IPv6 it will be always running and acquire addresses
for all interface with the autoconf4 flag set.
The flag can be set by "ifconfig $if inet autoconf" or by adding
"inet autoconf" to /etc/hostname.if. An existing "dhcp" line should
be removed.

Various iterations tested by deraadt@
The hardest part, finding a name, was handled by jmatthew@ & otto@

"get to it :)" deraadt@

The new daemon is (linked to the build and) enabled by default.

(Comments are closed)


Comments
  1. By Damon (oneofthedamons) undeadly@damon.sarahsempire.com on

    What is the use case for this compared with dhclient(8)

    Comments
    1. By Damon (oneofthedamons) undeadly@damon.sarahsempire.com on

      sorry that was a genuine question not a statement — truncated the question mark…

    2. By Daniel Gracia (Paladdin) guardame_el_secreto@yahoo.es on https://www.egracia.es

      Same. Advantage point is: 'dhcpleased(8) follows the well known three process design of all our privsep daemons. It uses pledge(2) and unveil(2) to restrict access further. In particular the "engine" process, responsible for parsing of untrusted data, is pledge'd "stdio". It cannot access the outside world nor the filesystem at all.'

  2. By Brian Marshall (bmwl) brian.marshall@tolko.com on

    Hello,


    Will the rewrite of this daemon deal with the edge-case of ISPs who require DHCP for static addresses? I'm struggling with wiring up a Rube Goldberg collection of ifstated/dhclient/vether to make a CARP interface work somewhat reliably without stomping over the other interfaces or just outright not working...

    I'm willing to help with (any combination of) code/compile/test this use case if there's an appetite to making it possible

    Thanks!


    -Brian

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]