Project

General

Profile

Bug #9267

dhclient does not handle protocol timeouts or script failures correctly

Added by Nash Kaminski 8 months ago. Updated 4 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Interfaces
Target version:
Start date:
01/10/2019
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:
All

Description

pfSense-dhclient-script fails to return nonzero in the case where a DHCP timeout occurs and the cached gateway address is not pingable. This results in a case where the cached IP is removed from the interface, but dhclient is informed via the exit status of 0 that the IP was added successfully. As a result, the impacted interface remains without an IPv4 address until either the DHCP lease expires, the link flaps, or the DHCP lease is renewed manually, instead of the expected behavior of the DHCP protocol being restarted after the defined retry interval.

After addressing this with the patch 'pfsense-dhclient-script-patch.txt', I uncovered another apparent issue where the function 'priv_script_go' in dhclient.c does not correctly isolate and return the child process exit code from the return value of the wait() call.

This was further confirmed by verifying the current implementation in dhclient.c:

(wstatus & 0xff)

is not functionally equivalent to the definition of the WEXITSTATUS macro, which is defined as
((x) >> 8)

To address this, I have applied patch 'dhclient-patch.txt' to the FreeBSD 11.2 source tree, rebuilt dhclient, and installed the new binary to the pfSense appliance.

After performing both of these actions, dhclient and the associated script now behave as expected when a protocol timeout occurs and the cached gateway IP is not pingable, where a timeout is indicated in the relevant logs and the DHCP protocol restarted after the defined retry interval.

pfsense-dhclient-script-patch.txt (1.5 KB) pfsense-dhclient-script-patch.txt Nash Kaminski, 01/10/2019 06:59 PM
dhclient-patch.txt (327 Bytes) dhclient-patch.txt Nash Kaminski, 01/10/2019 07:38 PM

History

#1 Updated by Nash Kaminski 8 months ago

Also to add, this is seen on version 2.4.4-RELEASE-p1 (amd64),
FreeBSD 11.2-RELEASE-p4, but affects versions back at least as far as 2.4.0.

#3 Updated by Jim Pingle 4 months ago

  • Category set to Interfaces
  • Priority changed from High to Normal
  • Target version set to 2.5.0
  • Affected Version set to All
  • Affected Architecture set to All

Also available in: Atom PDF