pfSense

/*	$OpenBSD: dhclient.c,v 1.63 2005/02/06 17:10:13 krw Exp $	*/

/*

 * Copyright 2004 Henning Brauer <henning@openbsd.org>

 * Copyright (c) 1995, 1996, 1997, 1998, 1999

 * The Internet Software Consortium.    All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer.

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in the

 *    documentation and/or other materials provided with the distribution.

 * 3. Neither the name of The Internet Software Consortium nor the names

 *    of its contributors may be used to endorse or promote products derived

 *    from this software without specific prior written permission.

 *

 * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND

 * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,

 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF

 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

 * DISCLAIMED.  IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR

 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT

 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

 * SUCH DAMAGE.

 *

 * This software has been written for the Internet Software Consortium

 * by Ted Lemon <mellon@fugue.com> in cooperation with Vixie

 * Enterprises.  To learn more about the Internet Software Consortium,

 * see ``http://www.vix.com/isc''.  To learn more about Vixie

 * Enterprises, see ``http://www.vix.com''.

 *

 * This client was substantially modified and enhanced by Elliot Poger

 * for use on Linux while he was working on the MosquitoNet project at

 * Stanford.

 *

 * The current version owes much to Elliot's Linux enhancements, but

 * was substantially reorganized and partially rewritten by Ted Lemon

 * so as to use the same networking framework that the Internet Software

 * Consortium DHCP server uses.   Much system-specific configuration code

 * was moved into a shell script so that as support for more operating

 * systems is added, it will not be necessary to port and maintain

 * system-specific configuration code to these operating systems - instead,

 * the shell script can invoke the native tools to accomplish the same

 * purpose.

 */

#include <sys/cdefs.h>

__FBSDID("$FreeBSD$");

#include <sys/capsicum.h>

#include "dhcpd.h"

#include "privsep.h"

#include <sys/capsicum.h>

#include <net80211/ieee80211_freebsd.h>

#ifndef _PATH_VAREMPTY

#define	_PATH_VAREMPTY	"/var/empty"

#endif

#define	PERIOD 0x2e

#define	hyphenchar(c) ((c) == 0x2d)

#define	bslashchar(c) ((c) == 0x5c)

#define	periodchar(c) ((c) == PERIOD)

#define	asterchar(c) ((c) == 0x2a)

#define	alphachar(c) (((c) >= 0x41 && (c) <= 0x5a) || \

	    ((c) >= 0x61 && (c) <= 0x7a))

#define	digitchar(c) ((c) >= 0x30 && (c) <= 0x39)

#define	whitechar(c) ((c) == ' ' || (c) == '\t')

#define	borderchar(c) (alphachar(c) || digitchar(c))

#define	middlechar(c) (borderchar(c) || hyphenchar(c))

#define	domainchar(c) ((c) > 0x20 && (c) < 0x7f)

#define	CLIENT_PATH "PATH=/usr/bin:/usr/sbin:/bin:/sbin"

time_t cur_time;

time_t default_lease_time = 43200; /* 12 hours... */

char *path_dhclient_conf = _PATH_DHCLIENT_CONF;

char *path_dhclient_db = NULL;

int log_perror = 1;

int privfd;

int nullfd = -1;

char hostname[_POSIX_HOST_NAME_MAX + 1];

struct iaddr iaddr_broadcast = { 4, { 255, 255, 255, 255 } };

struct in_addr inaddr_any, inaddr_broadcast;

char *path_dhclient_pidfile;

struct pidfh *pidfile;

/*

 * ASSERT_STATE() does nothing now; it used to be

 * assert (state_is == state_shouldbe).

 */

#define ASSERT_STATE(state_is, state_shouldbe) {}

#define TIME_MAX 2147483647

int		log_priority;

int		no_daemon;

int		unknown_ok = 1;

int		routefd;

struct interface_info	*ifi;

int		 findproto(char *, int);

struct sockaddr	*get_ifa(char *, int);

void		 routehandler(struct protocol *);

void		 usage(void);

int		 check_option(struct client_lease *l, int option);

int		 check_classless_option(unsigned char *data, int len);

int		 ipv4addrs(char * buf);

int		 res_hnok(const char *dn);

int		 check_search(const char *srch);

char		*option_as_string(unsigned int code, unsigned char *data, int len);

int		 fork_privchld(int, int);

#define	ROUNDUP(a) \

	    ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))

#define	ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))

static time_t	scripttime;

int

findproto(char *cp, int n)

{

	struct sockaddr *sa;

	int i;

	if (n == 0)

		return -1;

	for (i = 1; i; i <<= 1) {

		if (i & n) {

			sa = (struct sockaddr *)cp;

			switch (i) {

			case RTA_IFA:

			case RTA_DST:

			case RTA_GATEWAY:

			case RTA_NETMASK:

				if (sa->sa_family == AF_INET)

					return AF_INET;

				if (sa->sa_family == AF_INET6)

					return AF_INET6;

				break;

			case RTA_IFP:

				break;

			}

			ADVANCE(cp, sa);

		}

	}

	return (-1);

}

struct sockaddr *

get_ifa(char *cp, int n)

{

	struct sockaddr *sa;

	int i;

	if (n == 0)

		return (NULL);

	for (i = 1; i; i <<= 1)

		if (i & n) {

			sa = (struct sockaddr *)cp;

			if (i == RTA_IFA)

				return (sa);

			ADVANCE(cp, sa);

		}

	return (NULL);

}

struct iaddr defaddr = { 4 };

uint8_t curbssid[6];

static void

disassoc(void *arg)

{

	struct interface_info *ifi = arg;

	/*

	 * Clear existing state.

	 */

	if (ifi->client->active != NULL) {

		script_init("EXPIRE", NULL);

		script_write_params("old_",

		    ifi->client->active);

		if (ifi->client->alias)

			script_write_params("alias_",

				ifi->client->alias);

		script_go();

	}

	ifi->client->state = S_INIT;

}

/* ARGSUSED */

void

routehandler(struct protocol *p)

{

	char msg[2048], *addr;

	struct rt_msghdr *rtm;

	struct if_msghdr *ifm;

	struct ifa_msghdr *ifam;

	struct if_announcemsghdr *ifan;

	struct ieee80211_join_event *jev;

	struct client_lease *l;

	time_t t = time(NULL);

	struct sockaddr *sa;

	struct iaddr a;

	ssize_t n;

	int linkstat;

	n = read(routefd, &msg, sizeof(msg));

	rtm = (struct rt_msghdr *)msg;

	if (n < sizeof(rtm->rtm_msglen) || n < rtm->rtm_msglen ||

	    rtm->rtm_version != RTM_VERSION)

		return;

	switch (rtm->rtm_type) {

	case RTM_NEWADDR:

	case RTM_DELADDR:

		ifam = (struct ifa_msghdr *)rtm;

		if (ifam->ifam_index != ifi->index)

			break;

		if (findproto((char *)(ifam + 1), ifam->ifam_addrs) != AF_INET)

			break;

		if (scripttime == 0 || t < scripttime + 10)

			break;

		sa = get_ifa((char *)(ifam + 1), ifam->ifam_addrs);

		if (sa == NULL)

			break;

		if ((a.len = sizeof(struct in_addr)) > sizeof(a.iabuf))

			error("king bula sez: len mismatch");

		memcpy(a.iabuf, &((struct sockaddr_in *)sa)->sin_addr, a.len);

		if (addr_eq(a, defaddr))

			break;

		for (l = ifi->client->active; l != NULL; l = l->next)

			if (addr_eq(a, l->address))

				break;

		if (l == NULL)	/* added/deleted addr is not the one we set */

			break;

		addr = inet_ntoa(((struct sockaddr_in *)sa)->sin_addr);

		if (rtm->rtm_type == RTM_NEWADDR)  {

			/*

			 * XXX: If someone other than us adds our address,

			 * should we assume they are taking over from us,

			 * delete the lease record, and exit without modifying

			 * the interface?

			 */

			warning("My address (%s) was re-added", addr);

		} else {

			warning("My address (%s) was deleted, dhclient exiting",

			    addr);

			goto die;

		}

		break;

	case RTM_IFINFO:

		ifm = (struct if_msghdr *)rtm;

		if (ifm->ifm_index != ifi->index)

			break;

		if ((rtm->rtm_flags & RTF_UP) == 0) {

			warning("Interface %s is down, dhclient exiting",

			    ifi->name);

			goto die;

		}

		linkstat = interface_link_status(ifi->name);

		if (linkstat != ifi->linkstat) {

			debug("%s link state %s -> %s", ifi->name,

			    ifi->linkstat ? "up" : "down",

			    linkstat ? "up" : "down");

			ifi->linkstat = linkstat;

			if (linkstat)

				state_reboot(ifi);

		}

		break;

	case RTM_IFANNOUNCE:

		ifan = (struct if_announcemsghdr *)rtm;

		if (ifan->ifan_what == IFAN_DEPARTURE &&

		    ifan->ifan_index == ifi->index) {

			warning("Interface %s is gone, dhclient exiting",

			    ifi->name);

			goto die;

		}

		break;

	case RTM_IEEE80211:

		ifan = (struct if_announcemsghdr *)rtm;

		if (ifan->ifan_index != ifi->index)

			break;

		switch (ifan->ifan_what) {

		case RTM_IEEE80211_ASSOC:

		case RTM_IEEE80211_REASSOC:

			/*

			 * Use assoc/reassoc event to kick state machine

			 * in case we roam.  Otherwise fall back to the

			 * normal state machine just like a wired network.

			 */

			jev = (struct ieee80211_join_event *) &ifan[1];

			if (memcmp(curbssid, jev->iev_addr, 6)) {

				disassoc(ifi);

				state_reboot(ifi);

			}

			memcpy(curbssid, jev->iev_addr, 6);

			break;

		}

		break;

	default:

		break;

	}

	return;

die:

	script_init("FAIL", NULL);

	if (ifi->client->alias)

		script_write_params("alias_", ifi->client->alias);

	script_go();

	if (pidfile != NULL)

		pidfile_remove(pidfile);

	exit(1);

}

int

main(int argc, char *argv[])

{

	extern char		*__progname;

	int			 ch, fd, quiet = 0, i = 0;

	int			 pipe_fd[2];

	int			 immediate_daemon = 0;

	struct passwd		*pw;

	pid_t			 otherpid;

	cap_rights_t		 rights;

	/* Initially, log errors to stderr as well as to syslogd. */

	openlog(__progname, LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY);

	setlogmask(LOG_UPTO(LOG_DEBUG));

	while ((ch = getopt(argc, argv, "bc:dl:p:qu")) != -1)

		switch (ch) {

		case 'b':

			immediate_daemon = 1;

			break;

		case 'c':

			path_dhclient_conf = optarg;

			break;

		case 'd':

			no_daemon = 1;

			break;

		case 'l':

			path_dhclient_db = optarg;

			break;

		case 'p':

			path_dhclient_pidfile = optarg;

			break;

		case 'q':

			quiet = 1;

			break;

		case 'u':

			unknown_ok = 0;

			break;

		default:

			usage();

		}

	argc -= optind;

	argv += optind;

	if (argc != 1)

		usage();

	if (path_dhclient_pidfile == NULL) {

		asprintf(&path_dhclient_pidfile,

		    "%sdhclient.%s.pid", _PATH_VARRUN, *argv);

		if (path_dhclient_pidfile == NULL)

			error("asprintf");

	}

	pidfile = pidfile_open(path_dhclient_pidfile, 0600, &otherpid);

	if (pidfile == NULL) {

		if (errno == EEXIST)

			error("dhclient already running, pid: %d.", otherpid);

		if (errno == EAGAIN)

			error("dhclient already running.");

		warning("Cannot open or create pidfile: %m");

	}

	if ((ifi = calloc(1, sizeof(struct interface_info))) == NULL)

		error("calloc");

	if (strlcpy(ifi->name, argv[0], IFNAMSIZ) >= IFNAMSIZ)

		error("Interface name too long");

	if (path_dhclient_db == NULL && asprintf(&path_dhclient_db, "%s.%s",

	    _PATH_DHCLIENT_DB, ifi->name) == -1)

		error("asprintf");

	if (quiet)

		log_perror = 0;

	tzset();

	time(&cur_time);

	inaddr_broadcast.s_addr = INADDR_BROADCAST;

	inaddr_any.s_addr = INADDR_ANY;

	read_client_conf();

	/* The next bit is potentially very time-consuming, so write out

	   the pidfile right away.  We will write it out again with the

	   correct pid after daemonizing. */

	if (pidfile != NULL)

		pidfile_write(pidfile);

	if (!interface_link_status(ifi->name)) {

		fprintf(stderr, "%s: no link ...", ifi->name);

		fflush(stderr);

		sleep(1);

		while (!interface_link_status(ifi->name)) {

			fprintf(stderr, ".");

			fflush(stderr);

			if (++i > 10) {

				fprintf(stderr, " giving up\n");

				exit(1);

			}

			sleep(1);

		}

		fprintf(stderr, " got link\n");

	}

	ifi->linkstat = 1;

	if ((nullfd = open(_PATH_DEVNULL, O_RDWR, 0)) == -1)

		error("cannot open %s: %m", _PATH_DEVNULL);

	if ((pw = getpwnam("_dhcp")) == NULL) {

		warning("no such user: _dhcp, falling back to \"nobody\"");

		if ((pw = getpwnam("nobody")) == NULL)

			error("no such user: nobody");

	}

	/*

	 * Obtain hostname before entering capability mode - it won't be

	 * possible then, as reading kern.hostname is not permitted.

	 */

	if (gethostname(hostname, sizeof(hostname)) < 0)

		hostname[0] = '\0';

	priv_script_init("PREINIT", NULL);

	if (ifi->client->alias)

		priv_script_write_params("alias_", ifi->client->alias);

	priv_script_go();

	/* set up the interface */

	discover_interfaces(ifi);

	if (pipe(pipe_fd) == -1)

		error("pipe");

	fork_privchld(pipe_fd[0], pipe_fd[1]);

	close(ifi->ufdesc);

	ifi->ufdesc = -1;

	close(ifi->wfdesc);

	ifi->wfdesc = -1;

	close(pipe_fd[0]);

	privfd = pipe_fd[1];

	cap_rights_init(&rights, CAP_READ, CAP_WRITE);

	if (cap_rights_limit(privfd, &rights) < 0 && errno != ENOSYS)

		error("can't limit private descriptor: %m");

	if ((fd = open(path_dhclient_db, O_RDONLY|O_EXLOCK|O_CREAT, 0)) == -1)

		error("can't open and lock %s: %m", path_dhclient_db);

	read_client_leases();

	rewrite_client_leases();

	close(fd);

	if ((routefd = socket(PF_ROUTE, SOCK_RAW, 0)) != -1)

		add_protocol("AF_ROUTE", routefd, routehandler, ifi);

	if (shutdown(routefd, SHUT_WR) < 0)

		error("can't shutdown route socket: %m");

	cap_rights_init(&rights, CAP_EVENT, CAP_READ);

	if (cap_rights_limit(routefd, &rights) < 0 && errno != ENOSYS)

		error("can't limit route socket: %m");

	if (chroot(_PATH_VAREMPTY) == -1)

		error("chroot");

	if (chdir("/") == -1)

		error("chdir(\"/\")");

	if (setgroups(1, &pw->pw_gid) ||

	    setegid(pw->pw_gid) || setgid(pw->pw_gid) ||

	    seteuid(pw->pw_uid) || setuid(pw->pw_uid))

		error("can't drop privileges: %m");

	endpwent();

	setproctitle("%s", ifi->name);

	if (cap_enter() < 0 && errno != ENOSYS)

		error("can't enter capability mode: %m");

	if (immediate_daemon)

		go_daemon();

	ifi->client->state = S_INIT;

	state_reboot(ifi);

	bootp_packet_handler = do_packet;

	dispatch();

	/* not reached */

	return (0);

}

void

usage(void)

{

	extern char	*__progname;

	fprintf(stderr, "usage: %s [-bdqu] ", __progname);

	fprintf(stderr, "[-c conffile] [-l leasefile] interface\n");

	exit(1);

}

/*

 * Individual States:

 *

 * Each routine is called from the dhclient_state_machine() in one of

 * these conditions:

 * -> entering INIT state

 * -> recvpacket_flag == 0: timeout in this state

 * -> otherwise: received a packet in this state

 *

 * Return conditions as handled by dhclient_state_machine():

 * Returns 1, sendpacket_flag = 1: send packet, reset timer.

 * Returns 1, sendpacket_flag = 0: just reset the timer (wait for a milestone).

 * Returns 0: finish the nap which was interrupted for no good reason.

 *

 * Several per-interface variables are used to keep track of the process:

 *   active_lease: the lease that is being used on the interface

 *                 (null pointer if not configured yet).

 *   offered_leases: leases corresponding to DHCPOFFER messages that have

 *                   been sent to us by DHCP servers.

 *   acked_leases: leases corresponding to DHCPACK messages that have been

 *                 sent to us by DHCP servers.

 *   sendpacket: DHCP packet we're trying to send.

 *   destination: IP address to send sendpacket to

 * In addition, there are several relevant per-lease variables.

 *   T1_expiry, T2_expiry, lease_expiry: lease milestones

 * In the active lease, these control the process of renewing the lease;

 * In leases on the acked_leases list, this simply determines when we

 * can no longer legitimately use the lease.

 */

void

state_reboot(void *ipp)

{

	struct interface_info *ip = ipp;

	/* If we don't remember an active lease, go straight to INIT. */

	if (!ip->client->active || ip->client->active->is_bootp) {

		state_init(ip);

		return;

	}

	/* We are in the rebooting state. */

	ip->client->state = S_REBOOTING;

	/* make_request doesn't initialize xid because it normally comes

	   from the DHCPDISCOVER, but we haven't sent a DHCPDISCOVER,

	   so pick an xid now. */

	ip->client->xid = arc4random();

	/* Make a DHCPREQUEST packet, and set appropriate per-interface

	   flags. */

	make_request(ip, ip->client->active);

	ip->client->destination = iaddr_broadcast;

	ip->client->first_sending = cur_time;

	ip->client->interval = ip->client->config->initial_interval;

	/* Zap the medium list... */

	ip->client->medium = NULL;

	/* Send out the first DHCPREQUEST packet. */

	send_request(ip);

}

/*

 * Called when a lease has completely expired and we've

 * been unable to renew it.

 */

void

state_init(void *ipp)

{

	struct interface_info *ip = ipp;

	ASSERT_STATE(state, S_INIT);

	/* Make a DHCPDISCOVER packet, and set appropriate per-interface

	   flags. */

	make_discover(ip, ip->client->active);

	ip->client->xid = ip->client->packet.xid;

	ip->client->destination = iaddr_broadcast;

	ip->client->state = S_SELECTING;

	ip->client->first_sending = cur_time;

	ip->client->interval = ip->client->config->initial_interval;

	/* Add an immediate timeout to cause the first DHCPDISCOVER packet

	   to go out. */

	send_discover(ip);

}

/*

 * state_selecting is called when one or more DHCPOFFER packets

 * have been received and a configurable period of time has passed.

 */

void

state_selecting(void *ipp)

{

	struct interface_info *ip = ipp;

	struct client_lease *lp, *next, *picked;

	ASSERT_STATE(state, S_SELECTING);

	/* Cancel state_selecting and send_discover timeouts, since either

	   one could have got us here. */

	cancel_timeout(state_selecting, ip);

	cancel_timeout(send_discover, ip);

	/* We have received one or more DHCPOFFER packets.   Currently,

	   the only criterion by which we judge leases is whether or

	   not we get a response when we arp for them. */

	picked = NULL;

	for (lp = ip->client->offered_leases; lp; lp = next) {

		next = lp->next;

		/* Check to see if we got an ARPREPLY for the address

		   in this particular lease. */

		if (!picked) {

			script_init("ARPCHECK", lp->medium);

			script_write_params("check_", lp);

			/* If the ARPCHECK code detects another

			   machine using the offered address, it exits

			   nonzero.  We need to send a DHCPDECLINE and

			   toss the lease. */

			if (script_go()) {

				make_decline(ip, lp);

				send_decline(ip);

				goto freeit;

			}

			picked = lp;

			picked->next = NULL;

		} else {

freeit:

			free_client_lease(lp);

		}

	}

	ip->client->offered_leases = NULL;

	/* If we just tossed all the leases we were offered, go back

	   to square one. */

	if (!picked) {

		ip->client->state = S_INIT;

		state_init(ip);

		return;

	}

	/* If it was a BOOTREPLY, we can just take the address right now. */

	if (!picked->options[DHO_DHCP_MESSAGE_TYPE].len) {

		ip->client->new = picked;

		/* Make up some lease expiry times

		   XXX these should be configurable. */

		ip->client->new->expiry = cur_time + 12000;

		ip->client->new->renewal += cur_time + 8000;

		ip->client->new->rebind += cur_time + 10000;

		ip->client->state = S_REQUESTING;

		/* Bind to the address we received. */

		bind_lease(ip);

		return;

	}

	/* Go to the REQUESTING state. */

	ip->client->destination = iaddr_broadcast;

	ip->client->state = S_REQUESTING;

	ip->client->first_sending = cur_time;

	ip->client->interval = ip->client->config->initial_interval;

	/* Make a DHCPREQUEST packet from the lease we picked. */

	make_request(ip, picked);

	ip->client->xid = ip->client->packet.xid;

	/* Toss the lease we picked - we'll get it back in a DHCPACK. */

	free_client_lease(picked);

	/* Add an immediate timeout to send the first DHCPREQUEST packet. */

	send_request(ip);

}

/* state_requesting is called when we receive a DHCPACK message after

   having sent out one or more DHCPREQUEST packets. */

void

dhcpack(struct packet *packet)

{

	struct interface_info *ip = packet->interface;

	struct client_lease *lease;

	/* If we're not receptive to an offer right now, or if the offer

	   has an unrecognizable transaction id, then just drop it. */

	if (packet->interface->client->xid != packet->raw->xid ||

	    (packet->interface->hw_address.hlen != packet->raw->hlen) ||

	    (memcmp(packet->interface->hw_address.haddr,

	    packet->raw->chaddr, packet->raw->hlen)))

		return;

	if (ip->client->state != S_REBOOTING &&

	    ip->client->state != S_REQUESTING &&

	    ip->client->state != S_RENEWING &&

	    ip->client->state != S_REBINDING)

		return;

	note("DHCPACK from %s", piaddr(packet->client_addr));

	lease = packet_to_lease(packet);

	if (!lease) {

		note("packet_to_lease failed.");

		return;

	}

	ip->client->new = lease;

	/* Stop resending DHCPREQUEST. */

	cancel_timeout(send_request, ip);

	/* Figure out the lease time. */

	if (ip->client->new->options[DHO_DHCP_LEASE_TIME].data)

		ip->client->new->expiry = getULong(

		    ip->client->new->options[DHO_DHCP_LEASE_TIME].data);

	else

		ip->client->new->expiry = default_lease_time;

	/* A number that looks negative here is really just very large,

	   because the lease expiry offset is unsigned. */

	if (ip->client->new->expiry < 0)

		ip->client->new->expiry = TIME_MAX;

	/* XXX should be fixed by resetting the client state */

	if (ip->client->new->expiry < 60)

		ip->client->new->expiry = 60;

	/* Take the server-provided renewal time if there is one;

	   otherwise figure it out according to the spec. */

	if (ip->client->new->options[DHO_DHCP_RENEWAL_TIME].len)

		ip->client->new->renewal = getULong(

		    ip->client->new->options[DHO_DHCP_RENEWAL_TIME].data);

	else

		ip->client->new->renewal = ip->client->new->expiry / 2;

	/* Same deal with the rebind time. */

	if (ip->client->new->options[DHO_DHCP_REBINDING_TIME].len)

		ip->client->new->rebind = getULong(

		    ip->client->new->options[DHO_DHCP_REBINDING_TIME].data);

	else

		ip->client->new->rebind = ip->client->new->renewal +

		    ip->client->new->renewal / 2 + ip->client->new->renewal / 4;

	ip->client->new->expiry += cur_time;

	/* Lease lengths can never be negative. */

	if (ip->client->new->expiry < cur_time)

		ip->client->new->expiry = TIME_MAX;

	ip->client->new->renewal += cur_time;

	if (ip->client->new->renewal < cur_time)

		ip->client->new->renewal = TIME_MAX;

	ip->client->new->rebind += cur_time;

	if (ip->client->new->rebind < cur_time)

		ip->client->new->rebind = TIME_MAX;

	bind_lease(ip);

}

void

bind_lease(struct interface_info *ip)

{

	/* Remember the medium. */

	ip->client->new->medium = ip->client->medium;

	/* Write out the new lease. */

	write_client_lease(ip, ip->client->new, 0);

	/* Run the client script with the new parameters. */

	script_init((ip->client->state == S_REQUESTING ? "BOUND" :

	    (ip->client->state == S_RENEWING ? "RENEW" :

	    (ip->client->state == S_REBOOTING ? "REBOOT" : "REBIND"))),

	    ip->client->new->medium);

	if (ip->client->active && ip->client->state != S_REBOOTING)

		script_write_params("old_", ip->client->active);

	script_write_params("new_", ip->client->new);

	if (ip->client->alias)

		script_write_params("alias_", ip->client->alias);

	script_go();

	/* Replace the old active lease with the new one. */

	if (ip->client->active)

		free_client_lease(ip->client->active);

	ip->client->active = ip->client->new;

	ip->client->new = NULL;

	/* Set up a timeout to start the renewal process. */

	add_timeout(ip->client->active->renewal, state_bound, ip);

	note("bound to %s -- renewal in %d seconds.",

	    piaddr(ip->client->active->address),

	    (int)(ip->client->active->renewal - cur_time));

	ip->client->state = S_BOUND;

	reinitialize_interfaces();

	go_daemon();

}

/*

 * state_bound is called when we've successfully bound to a particular

 * lease, but the renewal time on that lease has expired.   We are

 * expected to unicast a DHCPREQUEST to the server that gave us our

 * original lease.

 */

void

state_bound(void *ipp)

{

	struct interface_info *ip = ipp;

	ASSERT_STATE(state, S_BOUND);

	/* T1 has expired. */

	make_request(ip, ip->client->active);

	ip->client->xid = ip->client->packet.xid;

/* Start of the updated section. */

	if (ip->client->config->default_actions[DHO_DHCP_SERVER_IDENTIFIER] == ACTION_SUPERSEDE) {

		memcpy(ip->client->destination.iabuf, ip->client->config->defaults[DHO_DHCP_SERVER_IDENTIFIER].data, 4);

		ip->client->config->defaults[DHO_DHCP_SERVER_IDENTIFIER].len = 4;

	} else if (ip->client->active->options[DHO_DHCP_SERVER_IDENTIFIER].len == 4) {

		memcpy(ip->client->destination.iabuf, ip->client->active->

		    options[DHO_DHCP_SERVER_IDENTIFIER].data, 4);

		ip->client->destination.len = 4;

	} else

	ip->client->destination = iaddr_broadcast;

/* End of the updated section */