Index | Thread | Search

From:
Theo Buehler <tb@theobuehler.org>
Subject:
Re: dhcp6leased(8): stricter message validation
To:
tech <tech@openbsd.org>
Date:
Wed, 15 Jul 2026 19:59:16 +0200

Download raw body.

Thread
On Wed, Jul 15, 2026 at 07:51:33PM +0200, Florian Obser wrote:
> Here are three somewhat related diffs that make dhcp6leased(8)'s message
> validation stricter by ensuring that the message we receive came from
> the correct server and they are not spoofed.
> 
> In practice messages can still be spoofed and you have to trust the
> layer 2 network between the DHCPv6 server and client, that's just always
> true with these kinds of protocols.
> 
> OK?

Please do 's/wron/wrong/' in the third diff. Other than that this all
makes sense to me and looks right.

ok tb