[master] Replaced --enable-secs-btyeorder with run-time parameter

    Merges in rt45364

5 files changed, 31 insertions, 8 deletions

diff --git a/server/dhcpd.c b/server/dhcpd.c
index 19c6a687..66944717 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -1378,6 +1378,15 @@ void postconf_initialization (int quiet)
 		data_string_forget (&db, MDL);
         }
 
+#if defined (FAILOVER_PROTOCOL)
+       oc = lookup_option(&server_universe, options, SV_CHECK_SECS_BYTE_ORDER);
+       if ((oc != NULL) &&
+	   evaluate_boolean_option_cache(NULL, NULL, NULL, NULL, options, NULL,
+					 &global_scope, oc, MDL)) {
+		check_secs_byte_order = 1;
+	}
+#endif
+
 #if defined (BINARY_LEASES)
 	if (local_family == AF_INET) {
 		log_info("Source compiled to use binary-leases");
diff --git a/server/dhcpd.conf.5 b/server/dhcpd.conf.5
index 02f854a9..8251574b 100644
--- a/server/dhcpd.conf.5
+++ b/server/dhcpd.conf.5
@@ -2021,6 +2021,20 @@ addresses, as long as those addresses are not restricted by
 and \fIdeny\fR statements within their \fIpool\fR declarations.
 .RE
 .PP
+The \fIcheck-secs-byte-order\fR statement
+.RS 0.25i
+.PP
+.B check-secs-byte-order \fIflag\fB;\fR
+.PP
+When \fIcheck-secs-byte-order\fR is enabled, the server will check for DHCPv4
+clients that do the byte ordering on the secs field incorrectly. This field
+should be in network byte order but some clients get it wrong. When this
+parameter is enabled the server will examine the secs field and if it looks
+wrong (high byte non zero and low byte zero) swap the bytes.  The default
+is disabled. This parameter is only useful when doing load balancing within
+failover. (Formerly, this behavior had to be enabled during compilation
+configuration via --enable-secs-byteorder).
+.PP
 The \fIdb-time-format\fR statement
 .RS 0.25i
 .PP
diff --git a/server/failover.c b/server/failover.c
index 25e1b72b..72f7b00e 100644
--- a/server/failover.c
+++ b/server/failover.c
@@ -50,6 +50,7 @@ static inline int secondary_not_hoarding(dhcp_failover_state_t *state,
 					 struct pool *p);
 static void scrub_lease(struct lease* lease, const char *file, int line);
 
+int check_secs_byte_order = 0; /* enables byte order check of secs field if 1 */
 
 /*!
  * \brief Performs a "pre-flight" sanity check of failover configuration
@@ -5964,17 +5965,16 @@ int load_balance_mine (struct packet *packet, dhcp_failover_state_t *state)
 
 	ec = ntohs(packet->raw->secs);
 
-#if defined(SECS_BYTEORDER)
 	/*
 	 * If desired check to see if the secs field may have been byte
 	 * swapped.  We assume it has if the high order byte isn't cleared
 	 * while the low order byte is cleared.  In this case we swap the
 	 * bytes and continue processing.
 	 */
-	if ((ec > 255) && ((ec & 0xff) == 0)) {
+	if ((check_secs_byte_order == 1) &&
+	    ((ec > 255) && ((ec & 0xff) == 0))) {
 		ec = (ec >> 8) | (ec << 8);
 	}
-#endif
 
 	if ((state->load_balance_max_secs == 0) ||
 	    (state->load_balance_max_secs < ec)) {
diff --git a/server/stables.c b/server/stables.c
index b6df9bef..59df5e83 100644
--- a/server/stables.c
+++ b/server/stables.c
@@ -280,6 +280,9 @@ static struct option server_options[] = {
 #ifdef EUI_64
 	{ "use-eui-64", "f",		&server_universe,  SV_USE_EUI_64, 1 },
 #endif
+#if defined (FAILOVER_PROTOCOL)
+	{ "check-secs-byte-order", "f", &server_universe, SV_CHECK_SECS_BYTE_ORDER, 1 },
+#endif
 	{ NULL, NULL, NULL, 0, 0 }
 };
 
diff --git a/server/tests/load_bal_unittest.c b/server/tests/load_bal_unittest.c
index a1be9761..8d5f8b87 100644
--- a/server/tests/load_bal_unittest.c
+++ b/server/tests/load_bal_unittest.c
@@ -134,12 +134,13 @@ ATF_TC_HEAD(load_balance_swap, tc)
 ATF_TC_BODY(load_balance_swap, tc)
 {
 #if defined(FAILOVER_PROTOCOL) 
-#if defined(SECS_BYTEORDER)
 	struct packet packet;
 	struct dhcp_packet raw;
 	dhcp_failover_state_t pstate, sstate;
 	u_int8_t hba[256];
 
+	check_secs_byte_order = 1;
+
 	memset(&packet, 0, sizeof(struct packet));
 	memset(&raw, 0, sizeof(struct dhcp_packet));
 	packet.raw = &raw;
@@ -179,10 +180,6 @@ ATF_TC_BODY(load_balance_swap, tc)
 	if (load_balance_mine(&packet, &sstate) != 1) {
 		atf_tc_fail("ERROR: secondary not accepted %s:%d", MDL);
 	}
-	
-#else
-	atf_tc_skip("SECS_BYTEORDER not defined");
-#endif
 #else
 	atf_tc_skip("failover is disabled");
 #endif