Sending DHCP specific vendor options to a Windows server

Question

My goal is send some information (url and a one-time token) to a windows machine. It's working fine for GNU/Linux servers because I get the information from /var/lib/dhcp/dhcp.lease or similar. This is my setup:

dhcp server (GNU/Linux server):

host windows {
            dynamic;
            hardware ethernet XX:XX:XX:XX:XX:XX;
            fixed-address 10.70.10.107;
            supersede vendor-encapsulated-options  "http://URL/TOKEN";
    }

The only way I found to get this information on the windows server is on the registry. As I added here, under HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces{ID} you can find key named DhcpInterfaceOptions.

The problem is that the information on this key is "corrupted". I'll try to explain.

With Wireshark I can see a well formed DHCP answer from my DHCP server with an 43 option set. This option contains exactly what I'm looking for. When I try to read it on the registry contains a lot of trash and some part of the url is missing.

DHCP options RFC 2132 defines the following protocol:

Code   Len   Vendor-specific information
+-----+-----+-----+-----+---
|  43 |  n  |  i1 |  i2 | ...
+-----+-----+-----+-----+---

I observed that Windows is doing something similar after get the option. I mean, if the URL is 'http://URL/TOKEN' that windows does is set 'h' as ID, 't' as the length and starts to read after the second 't'. My url is longer than the last ASCII printable character (~) and I can't do any workaround on that.

Update 1

WireShark capture:

Option: (t=43,l=16) Vendor-Specific Information
  Option: (43) Vendor-Specific Information
  Length: 16
  Value: 687474703a2f2f55524c2f544f4b454e (http://URL/TOKEN)

Windows Registry:

"DhcpInterfaceOptions"=hex:06,00,00,00,00,00,00,00,08,00,00,00,00,00,00,00,52,\
 45,b7,4f,0a,46,0a,01,08,08,08,08,03,00,00,00,00,00,00,00,04,00,00,00,00,00,\
 00,00,52,45,b7,4f,0a,46,0a,01,0f,00,00,00,00,00,00,00,0f,00,00,00,00,00,00,\
 00,52,45,b7,4f,74,50,1f,2b,6f,61,6f,75,75,6a,3f,64,6e,77,2e,00,01,00,00,00,\
 00,00,00,00,04,00,00,00,00,00,00,00,52,45,b7,4f,ff,ff,ff,00,36,00,00,00,00,\
 00,00,00,04,00,00,00,00,00,00,00,52,45,b7,4f,0a,46,0a,01,35,00,00,00,00,00,\
 00,00,01,00,00,00,00,00,00,00,52,45,b7,4f,05,00,00,00,fc,00,00,00,00,00,00,\
 00,00,00,00,00,00,00,00,00,2a,bd,b6,4f,33,00,00,00,00,00,00,00,04,00,00,00,\
 00,00,00,00,52,45,b7,4f,00,00,8c,a0

Update 2

If the url is shorter than the size defined on the Windows protocol, the url is not shown on the registry. In my case 'h' will be the identifier and 't' the size (116). If the url is :

http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

The registry contains something like I pasted previously. The url is exactly 117 characters but we use 2 for id and size. that means that data is 115. Not enough.

if I add one 'A' to my url:

http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Then the registry contains:

"DhcpInterfaceOptions"=hex:68,00,00,00,00,00,00,00,74,00,00,00,01,00,00,00,62,\
0e,bb,4f,74,70,3a,2f,2f,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,06,00,00,00,00,00,\
00,00,08,00,00,00,00,00,00,00,62,0e,bb,4f,0a,46,0a,01,08,08,08,08,03,00,00,\
00,00,00,00,00,04,00,00,00,00,00,00,00,62,0e,bb,4f,0a,46,0a,01,0f,00,00,00,\
00,00,00,00,0f,00,00,00,00,00,00,00,62,0e,bb,4f,75,61,4a,1f,31,4c,ca,11,55,\
6f,2e,63,1f,6d,fe,00,01,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,62,0e,\
bb,4f,ff,ff,ff,00,33,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,62,0e,bb,\
4f,00,00,8c,a0,36,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,62,0e,bb,4f,\
0a,46,0a,01,35,00,00,00,00,00,00,00,01,00,00,00,00,00,00,00,62,0e,bb,4f,05,\
00,00,00

41 is the hex representation of 'A'.

How about you show us exactly what the registry value *does* contain? — MikeyB, May 18 '12 at 18:57
You should be looking under CurrentControlSet, not Set001. What's the value there? — MikeyB, May 19 '12 at 07:34
@MikeyB thanks for your answers. Looking at this registry I can see the same 'trash'. Probably CurrentControlSet is just a symlink to Set001. — Seoman, May 21 '12 at 17:35
What exactly are you trying to accomplish here? There are easier ways to send i formation than abusing dhcp. — Grant, May 21 '12 at 19:17
I don't know where is the abuse. This option is on the RFC and is a standard way to send configuration to the servers. I'm trying to understand why windows is receiving a well formed dhcp answer but puts wrong on the registry. Or just find a better way to get the URL on the windows but DHCP is the key. BTW Thanks for your help @Grant — Seoman, May 21 '12 at 22:25
Since you'll have to write a program to get this url out of the registry, why not get it via http or something? Is there a reason you want to rely on dhcp for this? — Grant, May 22 '12 at 20:55
@Grant via dhcp, the server receives the url (that changes every time) and a one-time token to auth on the server and get some information. — Seoman, May 24 '12 at 00:03

score 2 · Accepted Answer · answered May 23 '12 at 22:38

The implemented solution was:

dhcpd.conf:

option space yourCompany;
    option yourCompany.url code 128 = text;

class "vendor-classes" {
    match option vendor-class-identifier;
}

subclass "vendor-classes" "MSFT 5.0" {
    vendor-option-space yourCompany;
}

On your lease, add the following line:

supersede yourCompany.url = "http://URL"

you can change the .url for whatever you wanted. Just make sure you change the option name on the space of yourCompany.

Using this method I can see the full URL on the registry.

score 1 · Answer 2 · answered May 22 '12 at 21:06

I dont think supersede is correct for server config. Usually that is used by the dhcp client config.

Try adding this to your dhcpd config and see if you can see the options in the registry

option space ISC code width 1 length width 1 hash size 3; 
option ISC.sample code 1 = text; 
option vendor.ISC code 2495 = encapsulate vivso-sample; 
option vendor-class.ISC code 2495 = text;

option ISC.sample "configuration text here"; 
option vendor-class.ISC "vendor class here";

Thanks @Grant. I'll try and I'll come back with the result. – Seoman May 22 '12 at 22:10 — Seoman, May 22 '12 at 22:10

Sending DHCP specific vendor options to a Windows server

2 Answers2