Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Imported Upstream version 4.2.2

  • Loading branch information...
commit 0e3760ae110a506e06d88d1b5132de83c0c8f0e4 1 parent 5b8af02
@andrewpollock andrewpollock authored
Showing with 10,965 additions and 13,535 deletions.
  1. +1 −1  LICENSE
  2. +6 −3 Makefile.am
  3. +8 −3 Makefile.in
  4. +104 −45 README
  5. +547 −115 RELNOTES
  6. +2 −2 aclocal.m4
  7. +75 −0 bind/Makefile
  8. BIN  bind/bind.tar.gz
  9. +10 −0 bind/version.tmp
  10. +4 −4 client/Makefile.am
  11. +8 −6 client/Makefile.in
  12. +47 −49 client/clparse.c
  13. +144 −265 client/dhc6.c
  14. +10 −10 client/dhclient-script.8
  15. +234 −167 client/dhclient.8
  16. +620 −162 client/dhclient.c
  17. +2 −2 client/dhclient.conf
  18. +54 −25 client/dhclient.conf.5
  19. +9 −8 client/dhclient.leases.5
  20. +21 −1 client/scripts/bsdos
  21. +28 −2 client/scripts/freebsd
  22. +33 −1 client/scripts/linux
  23. +9 −2 client/scripts/macos
  24. +23 −3 client/scripts/netbsd
  25. +2 −2 client/scripts/nextstep
  26. +23 −3 client/scripts/openbsd
  27. +30 −1 client/scripts/openwrt
  28. +13 −0 client/scripts/solaris
  29. +4 −3 common/Makefile.am
  30. +11 −8 common/Makefile.in
  31. +3 −0  common/bpf.c
  32. +36 −36 common/comapi.c
  33. +153 −98 common/conflex.c
  34. +17 −6 common/dhcp-eval.5
  35. +46 −26 common/dhcp-options.5
  36. +88 −35 common/discover.c
  37. +260 −66 common/dispatch.c
  38. +44 −51 common/dlpi.c
  39. +1,229 −559 common/dns.c
  40. +0 −242 common/heap.c
  41. +2 −1  common/icmp.c
  42. +13 −12 common/inet.c
  43. +11 −5 common/lpf.c
  44. +3 −3 common/memory.c
  45. +3 −0  common/nit.c
  46. +26 −31 {minires → common}/ns_name.c
  47. +15 −6 common/options.c
  48. +225 −108 common/parse.c
  49. +284 −261 common/print.c
  50. +332 −47 common/socket.c
  51. +10 −5 common/tables.c
  52. +2 −1  common/tests/Makefile.am
  53. +6 −3 common/tests/Makefile.in
  54. +4 −3 common/tr.c
  55. +83 −20 common/tree.c
  56. +3 −0  common/upf.c
  57. +640 −195 configure
  58. +85 −6 configure.ac
  59. +2 −2 contrib/3.0b1-lease-convert
  60. +191 −0 contrib/ldap/README.ldap
  61. +462 −0 contrib/ldap/dhcp.schema
  62. +760 −0 contrib/ldap/dhcpd-conf-to-ldap
  63. +4 −4 dhcpctl/Makefile.am
  64. +8 −6 dhcpctl/Makefile.in
  65. +5 −5 dhcpctl/callback.c
  66. +1 −1  dhcpctl/cltest.c
  67. +11 −6 dhcpctl/dhcpctl.3
  68. +9 −4 dhcpctl/dhcpctl.c
  69. +1 −1  dhcpctl/dhcpctl.h
  70. +1 −1  dhcpctl/omshell.1
  71. +35 −20 dhcpctl/omshell.c
  72. +6 −6 dhcpctl/remote.c
  73. +367 −176 doc/References.html
  74. +497 −217 doc/References.txt
  75. +252 −132 doc/References.xml
  76. +8 −0 doc/examples/dhcpd-dhcpv6.conf
  77. +1 −1  doc/ja_JP.eucJP/dhclient-script.8
  78. +1 −1  doc/ja_JP.eucJP/dhclient.8
  79. +1 −1  doc/ja_JP.eucJP/dhclient.conf.5
  80. +1 −1  doc/ja_JP.eucJP/dhclient.leases.5
  81. +1 −1  doc/ja_JP.eucJP/dhcp-eval.5
  82. +4 −3 doc/ja_JP.eucJP/dhcp-options.5
  83. +2 −0  dst/Makefile.in
  84. +3 −2 dst/base64.c
  85. +3 −2 dst/dst_api.c
  86. +11 −1 dst/dst_internal.h
  87. +4 −3 dst/dst_support.c
  88. +4 −3 dst/hmac_link.c
  89. +1 −2  dst/md5.h
  90. +3 −3 dst/md5_dgst.c
  91. +1 −2  dst/md5_locl.h
  92. +5 −3 dst/prandom.c
  93. +5 −9 includes/Makefile.am
  94. +7 −9 includes/Makefile.in
  95. +1 −1  includes/arpa/nameser.h
  96. +1 −1  includes/arpa/nameser_compat.h
  97. +3 −19 includes/cdefs.h
  98. +34 −0 includes/config.h.in
  99. +3 −3 includes/dhcp6.h
  100. +1,025 −790 includes/dhcpd.h
  101. +11 −3 includes/dhctoken.h
  102. +13 −2 includes/failover.h
  103. +1 −1  includes/heap.h
  104. +0 −38 includes/isc-dhcp/boolean.h
  105. +0 −50 includes/isc-dhcp/commandline.h
  106. +0 −40 includes/isc-dhcp/formatcheck.h
  107. +0 −35 includes/isc-dhcp/lang.h
  108. +0 −122 includes/isc-dhcp/list.h
  109. +0 −552 includes/isc-dhcp/mem.h
  110. +0 −87 includes/isc-dhcp/print.h
  111. +0 −119 includes/isc-dhcp/result.h
  112. +0 −234 includes/isc-dhcp/string.h
  113. +0 −46 includes/isc-dhcp/types.h
  114. +20 −19 includes/{isc-dhcp/int.h → minires.h}
  115. +0 −234 includes/minires/minires.h
  116. +0 −57 includes/minires/res_update.h
  117. +0 −323 includes/minires/resolv.h
  118. +1 −2  includes/netinet/udp.h
  119. +122 −0 includes/omapip/isclib.h
  120. +4 −1 includes/omapip/omapip.h
  121. +18 −8 includes/omapip/omapip_p.h
  122. +120 −0 includes/omapip/result.h
  123. +1 −2  includes/omapip/trace.h
  124. +1 −9 includes/osdep.h
  125. +32 −0 includes/site.h
  126. +5 −5 includes/t_api.h
  127. +6 −4 includes/tree.h
  128. +0 −8 minires/Makefile.am
  129. +0 −413 minires/Makefile.in
  130. +0 −135 minires/ns_date.c
  131. +0 −214 minires/ns_parse.c
  132. +0 −216 minires/ns_samedomain.c
  133. +0 −362 minires/ns_sign.c
  134. +0 −482 minires/ns_verify.c
  135. +0 −243 minires/res_comp.c
  136. +0 −614 minires/res_findzonecut.c
  137. +0 −484 minires/res_init.c
  138. +0 −202 minires/res_mkquery.c
  139. +0 −1,153 minires/res_mkupdate.c
  140. +0 −408 minires/res_query.c
  141. +0 −901 minires/res_send.c
  142. +0 −145 minires/res_sendsigned.c
  143. +0 −225 minires/res_update.c
  144. +3 −2 omapip/Makefile.am
  145. +9 −6 omapip/Makefile.in
  146. +45 −36 omapip/alloc.c
  147. +6 −6 omapip/array.c
  148. +37 −16 omapip/auth.c
  149. +34 −17 omapip/buffer.c
  150. +162 −87 omapip/connection.c
  151. +186 −22 omapip/dispatch.c
  152. +5 −5 omapip/generic.c
  153. +40 −25 omapip/handle.c
  154. +16 −12 omapip/hash.c
  155. +219 −0 omapip/isclib.c
  156. +2 −2 omapip/iscprint.c
  157. +8 −8 omapip/listener.c
  158. +32 −32 omapip/message.c
  159. +0 −480 omapip/mrtrace.c
  160. +10 −11 omapip/omapi.3
  161. +31 −31 omapip/protocol.c
  162. +62 −97 omapip/result.c
  163. +6 −8 omapip/support.c
  164. +13 −2 omapip/test.c
  165. +12 −114 omapip/toisc.c
  166. +116 −116 omapip/trace.c
  167. +2 −1  relay/Makefile.am
  168. +6 −2 relay/Makefile.in
  169. +32 −6 relay/dhcrelay.8
  170. +61 −27 relay/dhcrelay.c
  171. +5 −5 server/Makefile.am
Sorry, we could not display the entire diff because it was too big.
View
2  LICENSE
@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
+# Copyright (c) 2004-2011 by Internet Systems Consortium, Inc. ("ISC")
# Copyright (c) 1995-2003 by Internet Software Consortium
#
# Permission to use, copy, modify, and distribute this software for any
View
9 Makefile.am
@@ -10,15 +10,18 @@ EXTRA_DIST = RELNOTES LICENSE \
contrib/3.0b1-lease-convert contrib/dhclient-tz-exithook.sh \
contrib/dhcp.spec contrib/sethostname.sh contrib/solaris.init \
contrib/ms2isc/Registry.pm contrib/ms2isc/ms2isc.pl \
- contrib/ms2isc/readme.txt \
+ contrib/ms2isc/readme.txt contrib/ldap/dhcpd-conf-to-ldap \
+ contrib/ldap/dhcp.schema contrib/ldap/README.ldap \
doc/IANA-arp-parameters doc/Makefile doc/References.html \
doc/References.txt doc/References.xml doc/api+protocol \
doc/ja_JP.eucJP/dhclient-script.8 doc/ja_JP.eucJP/dhclient.8 \
doc/ja_JP.eucJP/dhclient.conf.5 doc/ja_JP.eucJP/dhclient.leases.5 \
doc/ja_JP.eucJP/dhcp-eval.5 doc/ja_JP.eucJP/dhcp-options.5 \
- doc/examples/dhclient-dhcpv6.conf doc/examples/dhcpd-dhcpv6.conf
+ doc/examples/dhclient-dhcpv6.conf doc/examples/dhcpd-dhcpv6.conf \
+ util/bindvar.sh \
+ bind/Makefile bind/bind.tar.gz bind/version.tmp
-SUBDIRS = includes tests common minires dst omapip client dhcpctl relay server
+SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
View
11 Makefile.in
@@ -102,6 +102,7 @@ INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDAP_CFLAGS = @LDAP_CFLAGS@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
@@ -114,6 +115,7 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
@@ -173,15 +175,18 @@ EXTRA_DIST = RELNOTES LICENSE \
contrib/3.0b1-lease-convert contrib/dhclient-tz-exithook.sh \
contrib/dhcp.spec contrib/sethostname.sh contrib/solaris.init \
contrib/ms2isc/Registry.pm contrib/ms2isc/ms2isc.pl \
- contrib/ms2isc/readme.txt \
+ contrib/ms2isc/readme.txt contrib/ldap/dhcpd-conf-to-ldap \
+ contrib/ldap/dhcp.schema contrib/ldap/README.ldap \
doc/IANA-arp-parameters doc/Makefile doc/References.html \
doc/References.txt doc/References.xml doc/api+protocol \
doc/ja_JP.eucJP/dhclient-script.8 doc/ja_JP.eucJP/dhclient.8 \
doc/ja_JP.eucJP/dhclient.conf.5 doc/ja_JP.eucJP/dhclient.leases.5 \
doc/ja_JP.eucJP/dhcp-eval.5 doc/ja_JP.eucJP/dhcp-options.5 \
- doc/examples/dhclient-dhcpv6.conf doc/examples/dhcpd-dhcpv6.conf
+ doc/examples/dhclient-dhcpv6.conf doc/examples/dhcpd-dhcpv6.conf \
+ util/bindvar.sh \
+ bind/Makefile bind/bind.tar.gz bind/version.tmp
-SUBDIRS = includes tests common minires dst omapip client dhcpctl relay server
+SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
all: all-recursive
View
149 README
@@ -1,6 +1,6 @@
Internet Systems Consortium DHCP Distribution
- Version 4.1.1-P1
- 17 May 2010
+ Version 4.2.2
+ 27 July 2011
README FILE
@@ -33,6 +33,8 @@ the ISC DHCP Distribution.
5.6 FreeBSD
5.7 NeXTSTEP
5.8 SOLARIS
+ 5.8.1 Solaris 11
+ 5.8.2 Other Solaris Items
5.9 AIX
5.10 MacOS X
6 SUPPORT
@@ -46,7 +48,8 @@ client and relay subdirectories. The README file (this file) includes
late-breaking operational and system-specific information that you
should read even if you don't want to read the manual pages, and that
you should *certainly* read if you run into trouble. Internet
-standards relating to the DHCP protocol are stored in the doc
+standards relating to the DHCP protocol are listed in the References
+document that is available in html, txt and xml formats in doc/
subdirectory. You will have the best luck reading the manual pages if
you build this software and then install it, although you can read
them directly out of the distribution if you need to.
@@ -94,10 +97,7 @@ directory, it may not have up-to-date information).
RELEASE STATUS
-This is ISC DHCP 4.1.1-P1, a patch release which fixes a bug that could
-cause the DHCPv6 server to advertise/assign a previously allocated
-(active) lease to a client that has changed subnets, despite being on
-different shared networks.
+This is ISC DHCP 4.2.2, a maintenance release containing patches.
In this release, the DHCPv6 server should be fully functional on Linux,
Solaris, or any BSD. The DHCPv6 client should be similarly functional
@@ -115,10 +115,9 @@ If you wish to run the DHCP Distribution on Linux, please see the
Linux-specific notes later in this document. If you wish to run on an
SCO release, please see the SCO-specific notes later in this document.
You particularly need to read these notes if you intend to support
-Windows 95 clients. If you are running a version of FreeBSD prior to
-2.2, please read the note on FreeBSD. If you are running HP-UX or
-Ultrix, please read the notes for those operating systems below. If
-you are running NeXTSTEP, please see the notes on NeXTSTEP below.
+Windows 95 clients. If you are running HP-UX or Ultrix, please read the
+notes for those operating systems below. If you are running NeXTSTEP,
+please see the notes on NeXTSTEP below.
If you start dhcpd and get a message, "no free bpf", that means you
need to configure the Berkeley Packet Filter into your operating
@@ -133,12 +132,12 @@ information. On Digital Unix, type ``man pfilt''.
To build the DHCP Distribution, unpack the compressed tar file using
the tar utility and the gzip command - type something like:
- gunzip dhcp-4.1.1-P1.tar.gz
- tar xvf dhcp-4.1.1-P1.tar
+ gunzip dhcp-4.2.2.tar.gz
+ tar xvf dhcp-4.2.2.tar
CONFIGURING IT
-Now, cd to the dhcp-4.1.1-P1 subdirectory that you've just created and
+Now, cd to the dhcp-4.2.2 subdirectory that you've just created and
configure the source tree by typing:
./configure
@@ -152,8 +151,12 @@ your own.
DYNAMIC DNS UPDATES
A fully-featured implementation of dynamic DNS updates is included in
-this release. There are no build dependencies with any BIND version
-- this version can and should just use the resolver in your C library.
+this release. It uses libraries from BIND and, to avoid issues with
+different versions, includes the necessary BIND version. The appropriate
+BIND libraries will be compiled and installed in the bind subdirectory
+as part of the make step. In order to build the necessary libraries you
+will need to have "gmake" available on your build system.
+
There is documentation for the DDNS support in the dhcpd.conf manual
page - see the beginning of this document for information on finding
@@ -401,7 +404,7 @@ relay agent) is available from the Ports Collection in
/usr/ports/net/isc-dhcp3, or as a package on FreeBSD installation
CDROMs.
- NeXTSTEP
+ NeXTSTEP
The NeXTSTEP support uses the NeXTSTEP Berkeley Packet Filter
extension, which is not included in the base NextStep system. You
@@ -409,6 +412,46 @@ must install this extension in order to get dhcpd or dhclient to work.
SOLARIS
+There are two known issues seen when compiling using the Sun compiler.
+
+The first is that older Sun compilers generate an error on some of
+our uses of the flexible array option. Newer versions only generate
+a warning, which can be safely ignored. If you run into this error
+("type of struct member "buf" can not be derived from structure with
+flexible array member"), upgrade your tools to Oracle Solaris Studio
+(previously Sun Studio) 12 or something newer.
+
+The second is the interaction between the configure script and the
+makefiles for the Bind libraries. Currently we don't pass all
+environment variables between the DHCP configure and the Bind configure.
+
+If you attempt to specify the compiler you wish to use like this:
+
+ CC=/opt/SUNWspro/bin/cc ./configure
+
+"make" may not build the Bind libraries with that compiler.
+
+In order to use the same compiler for Bind and DHCP we suggest the
+following commands:
+
+ CC=/opt/SUNWspro/bin/cc ./configure
+ CC=/opt/SUNWspro/bin/cc make
+
+ Solaris 11
+
+We have integrated a patch from Oracle to use sockets instead of
+DLPI on Solaris 11. This functionality was written for use with
+Solaris Studio 12.2 and requires the system/header package.
+
+By default this code is disabled in order to minimize disruptions
+for current users. In order to enable this code you will need to
+enable both USE_SOCKETS and USE_V4_PKTINFO as part of the
+configuration step. The command line would be something like:
+
+ ./configure --enable-use-sockets --enable-ipv4-pktinfo
+
+ Other Solaris Items
+
One problem which has been observed and is not fixed in this
patchlevel has to do with using DLPI on Solaris machines. The symptom
of this problem is that the DHCP server never receives any requests.
@@ -451,10 +494,26 @@ server and relay will work only on a single interface. (They do work
on multi-interface machines if configured to listen on only one of the
interfaces.)
+We have reports of Windows XP clients having difficutly retrieving
+addresses from a server running on an AIX machine. This issue
+was traced to the client requiring messages be sent to the all ones
+broadcast address (255.255.255.255) while the AIX server was sending
+to 192.168.0.255.
+
+You may be able to solve this by including a relay between the client
+and server with the relay configured to use a broadcast of all-ones.
+
+A second option that worked for AIX 5.1 but doesn't seem to work for
+AIX 5.3 was to:
+ create a host file entry for all-ones (255.255.255.255)
+and then add a route:
+ route add -host all-ones -interface <local-ip-address>
+
The ISC DHCP distribution does not include a dhclient-script for AIX--
AIX comes with a DHCP client. Contribution of a working dhclient-script
for AIX would be welcome.
+
MacOS X
The MacOS X system uses a TCP/IP stack derived from FreeBSD with a
@@ -522,10 +581,10 @@ has been resolved, then we're still working on it.
PLEASE DO NOT REPORT BUGS IN OLD SOFTWARE RELEASES! Fetch the latest
release and see if the bug is still in that version of the software,
-and if it's not, _then_ report it. ISC release versions always have
-three numbers, for example: 1.2.3. The 'major release' is 1 here,
-the 'minor release' is 2, and the 'maintenance release' is 3. ISC
-will accept bug reports against the most recent two major.minor
+and if it is still present, _then_ report it. ISC release versions
+always have three numbers, for example: 1.2.3. The 'major release' is
+1 here, the 'minor release' is 2, and the 'maintenance release' is 3.
+ISC will accept bug reports against the most recent two major.minor
releases: for example, 1.0.0 and 0.9.0, but not 0.8.* or prior.
PLEASE take a moment to determine where the ISC DHCP distribution
@@ -546,24 +605,24 @@ report. This will save us a great deal of time and more informative
bug reports are more likely to get handled more quickly overall.
1. The specific operating system name and version of the
- machine on which the DHCP server or client is running.
+ machine on which the DHCP server or client is running.
2. The specific operating system name and version of the
- machine on which the client is running, if you are having
- trouble getting a client working with the server.
+ machine on which the client is running, if you are having
+ trouble getting a client working with the server.
3. If you're running Linux, the version number we care about is
- the kernel version and maybe the library version, not the
- distribution version - e.g., while we don't mind knowing
- that you're running Redhat version mumble.foo, we must know
- what kernel version you're running, and it helps if you can
- tell us what version of the C library you're running,
- although if you don't know that off the top of your head it
- may be hard for you to figure it out, so don't go crazy
- trying.
+ the kernel version and maybe the library version, not the
+ distribution version - e.g., while we don't mind knowing
+ that you're running Redhat version mumble.foo, we must know
+ what kernel version you're running, and it helps if you can
+ tell us what version of the C library you're running,
+ although if you don't know that off the top of your head it
+ may be hard for you to figure it out, so don't go crazy
+ trying.
4. The specific version of the DHCP distribution you're
- running, as reported by dhcpd -t.
+ running, as reported by dhcpd -t.
5. Please explain the problem carefully, thinking through what
- you're saying to ensure that you don't assume we know
- something about your situation that we don't know.
+ you're saying to ensure that you don't assume we know
+ something about your situation that we don't know.
6. Include your dhcpd.conf and dhcpd.leases file as MIME attachments
if they're not over 100 kilobytes in size each. If they are
this large, please make them available to us eg via a hidden
@@ -571,17 +630,17 @@ bug reports are more likely to get handled more quickly overall.
this information due to sensitive contents, you may encrypt
the file to our release signing key, available on our website.
7. Include a log of your server or client running until it
- encounters the problem - for example, if you are having
- trouble getting some client to get an address, restart the
- server with the -d flag and then restart the client, and
- send us what the server prints. Likewise, with the client,
- include the output of the client as it fails to get an
- address or otherwise does the wrong thing. Do not leave
- out parts of the output that you think aren't interesting.
+ encounters the problem - for example, if you are having
+ trouble getting some client to get an address, restart the
+ server with the -d flag and then restart the client, and
+ send us what the server prints. Likewise, with the client,
+ include the output of the client as it fails to get an
+ address or otherwise does the wrong thing. Do not leave
+ out parts of the output that you think aren't interesting.
8. If the client or server is dumping core, please run the
- debugger and get a stack trace, and include that in your
- bug report. For example, if your debugger is gdb, do the
- following:
+ debugger and get a stack trace, and include that in your
+ bug report. For example, if your debugger is gdb, do the
+ following:
gdb dhcpd dhcpd.core
(gdb) where
View
662 RELNOTES
@@ -1,34 +1,26 @@
Internet Systems Consortium DHCP Distribution
- Version 4.1.1-P1
- 17 May 2010
+ Version 4.2.2
+ 27 July 2011
Release Notes
NEW FEATURES
-ISC DHCP 4.1.x includes several new DHCPv6 features that were not included
-in DHCP 4.0.x. These include:
+ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
+These include:
-- Support for the rapid-commit option on the client side
-
-- Prefix Delegation support
-
-- IA_TA address support
-
-- A basic DHCPv6 relay agent
-
-- Basic and partial DHCPv6 leasequery support
+Processing the DHCP to DNS server transactions in an asynchronous fashion.
+The DHCP server or client can now continue with it's processing while
+awaiting replies from the DNS server.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
-- Only a single address is supported per IA.
-
-- DHCPv6 includes human-readable text in status code messages. These
- should be configurable, and probably localized via gettext() or the
- like.
+- DHCPv6 includes human-readable text in status code messages, in
+ English. A method to reconfigure or support other languages would
+ be preferable.
- The "host-identifier" option is limited to a simple token.
@@ -47,7 +39,353 @@ The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.
- Changes since 4.1.1
+ Changes since 4.2.2rc1
+
+! Two packets were found that cause a server to halt. The code
+ has been updated to properly process or reject the packets as
+ appropriate. Thanks to David Zych at University of Illinois
+ for reporting this issue. [ISC-Bugs #24960]
+ One CVE number for each class of packet.
+ CVE-2011-2748
+ CVE-2011-2749
+
+ Changes since 4.2.2b1
+
+- Strict checks for content of domain-name DHCPv4 option can now be
+ configured during compilation time. Even though RFC2132 does not allow
+ to store more than one domain in domain-name option, such behavior is
+ now enabled by default, but this may change some time in the future.
+ See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
+ [ISC-Bugs #24167]
+
+- DNS Update fix. A misconfigured server could crash during DNS update
+ processing if the configuration included overlapping pools or
+ multiple fixed-address entries for a single address. This issue
+ affected both IPv4 and IPv6. The fix allows a server to detect such
+ conditions, provides the user with extra information and recommended
+ steps to fix the problem. If the user enables the appropriate option
+ in site.h then server will be terminated
+ [ISC-Bugs #23595]
+
+ Changes since 4.2.1
+
+! In dhclient check the data for some string options for
+ reasonableness before passing it along to the script that
+ interfaces with the OS.
+ [ISC-Bugs #23722]
+ CVE: CVE-2011-0997
+
+- DHCPv6 server now responds properly if client asks for a prefix that
+ is already assigned to a different client. [ISC-Bugs #23948]
+
+- Add the option "--no-pid" to the client, relay and server code,
+ to disable writing a pid file. Add the option "-pf pidfile"
+ to the relay to allow the user to supply the pidfile name at
+ runtime. Add the "with-relay6-pid-file" option to configure
+ to allow the user to supply the pidfile name for the relay
+ in v6 mode at configure time.
+ [ISC-Bugs #23351] [ISC-Bugs #17541]
+
+- 'dhclient' no longer waits a random interval after first starting up to
+ begin in the INIT state. This conforms to RFC 2131, but elects not to
+ implement a 'SHOULD' direction in section 4.1. [ISC-Bugs #19660]
+
+- Added 'initial-delay' parameter that specifies maximum amount of time
+ before client goes to the INIT state. The default value is 0. In previous
+ versions of the code client could wait up to 5 seconds. The old behavior
+ may be restored by using 'initial-delay 5;' in the client config file.
+ [ISC-Bugs #19660]
+
+- ICMP ping-check should now sit closer to precisely the number of seconds
+ configured (or default 1), due to making use of the new microsecond
+ scale timer internally to dhcpd. This corrects a bug where the server
+ may immediately timeout an ICMP ping-check if it was made late in the
+ current second. [ISC-Bugs #19660]
+
+- The DHCP client will schedule renewal and rebinding events in
+ microseconds if the DHCP server provided a lease-time that would result
+ in sub-1-second timers. This corrects a bug where a 2-second or lower
+ lease-time would cause the DHCP client to enter an infinite loop by
+ scheduling renewal at zero seconds. [ISC-Bugs #19660]
+
+- Client lease records are recorded at most once every 15 seconds. This
+ keeps the client from filling the lease database disk quickly on very small
+ lease times. [ISC-Bugs #19660]
+
+- To defend against RFC 2131 non-compliant DHCP servers which fail to
+ advertise a lease-time (either mangled, or zero in value) the DHCP
+ client now adds the server to the reject list ACL and returns to INIT
+ state to hopefully find an RFC 2131 compliant server (or retry in INIT
+ forever). [ISC-Bugs #19660]
+
+- Parameters configured to evaluate from user defined function calls can
+ now be correctly written to dhcpd.leases (as on 'on events' or dynamic
+ host records inserted via OMAPI). [ISC-Bugs #22266]
+
+- If a 'next-server' parameter is configured in a dynamic host record via
+ OMAPI as a domain name, the syntax written to disk is now correctly parsed
+ upon restart. [ISC-Bugs #22266]
+
+- The DHCP server now responds to DHCPLEASEQUERY messages from agents using
+ IP addresses not covered by a subnet in configuration. Whether or not to
+ respond to such an agent is still governed by the 'allow leasequery;'
+ configuration parameter, in the case of an agent not covered by a configured
+ subnet the root configuration area is examined. Server now also returns
+ vendor-class-id option, if client sent it. [ISC-Bugs #21094]
+
+- Documentation fixes
+ [ISC-Bugs #17959] add text to AIX section describing how to have it send
+ responses to the all-ones address.
+ [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
+ [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS
+
+- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
+ rather than sockaddr. Packet etherType is now forced to ETH_P_IP.
+ [ISC-Bugs #18975]
+
+- Minor code cleanups - but note port change for #23196
+ [ISC-Bugs #23470] - Modify when an ignore return macro is defined to
+ handle unsed error return warnings for more versions of gcc.
+ [ISC-Bugs #23196] - Modify the reply handling in the server code to
+ send to a specified port rather than to the source port for the incoming
+ message. Sending to the source port was test code that should have
+ been removed. The previous functionality may be restored by defining
+ REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't
+ enable this except for testing purposes.
+ [ISC-Bugs #22695] - Close a file descriptor in an error path.
+ [ISC-Bugs #19368] - Tidy up variable types in validate_port.
+
+- Code cleanup
+ [ISC-Bugs #13151] remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros
+
+- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831]
+
+- Client Script fixes
+ [ISC-Bugs #23045] Typos in client/scripts/openbsd
+ [ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
+ the domain search address is link local.
+ [ISC-Bugs #1277] In some of the client scripts add code to handle the
+ case of the default router information being changed without the address
+ being changed.
+
+- Documentation cleanup
+ [ISC-Bugs #23326] Updated References document, several man page updates
+
+- Server no longer complains about NULL pointer when configured
+ server-identifier expression fails to evaluate. [ISC-Bugs #24547]
+
+- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
+ than the dispatch handler. This fixes an issue where omshell, when
+ run from the same platform as the server, would appear to fail to
+ connect. This is a companion to #21839. [ISC-Bugs #23592]
+
+- Enlarge the buffer size used by the Omshell code and some of the
+ print routines to allow for greater than 60 characters or, when
+ printing as hex strings, 20 characters. [ISC-Bugs #22743]
+
+- In Solaris 11 switch to using sockets instead of DLPI, thanks
+ to a patch form Oracle. [ISC-Bugs #24634].
+
+ Changes since 4.2.1rc1
+
+- None
+
+ Changes since 4.2.1b1
+
+- Removed the restriction on using IPv6 addresses in IPv4 mode. This
+ allows IPv4 options which contain IPv6 addresses to be specified. For
+ example the 6rd option can be specified and used like this:
+ [ISC-Bugs #23039]
+
+ option 6rd code 212 = { integer 8, integer 8,
+ ip6-address, array of ip-address };
+ option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;
+
+- Handle some DDNS corner cases better. Maintain the DDNS transaction
+ information when updating a lease and cancel any existing transactions
+ when removing the ddns information.
+ [ISC-Bugs #23103]
+
+- Some fixes for LDAP
+ [ISC-Bugs #21783] - Include lber library when building ldap
+ [ISC-Bugs #22888] - Enable the ldap code when buidling common
+ The above fixes are from Jiri Popelka at Red Hat.
+
+- Modify the dlpi code to accept getmsg() returning a positive value.
+ [ISC-Bugs #22824]
+
+ Changes since 4.2.0
+
+- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
+ was also configured. The nature of this repair also fixes another
+ error; the host-name supplied by a client is no longer overridden by a
+ reverse lookup of the lease address. Thanks to a patch from Wilco Baan
+ Hofman supplied to us by the Debian package maintenance team.
+ [ISC-Bugs #21691] {Debian Bug#509445}
+
+- The .TH tag for the dhcp-options manpage was typo repaired
+ thanks to a report from jidanni and the Debian package maintenance
+ team. [ISC-Bugs #21676] {Debian Bug#563613}
+
+- More documentation changes - primarily to put the options in the dhclient
+ and dhcpd man pages into the standard form. Thanks in part to a patch
+ from David Cantrell at Red Hat.
+ [ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes
+
+- Add code to clear the pointer to an object in an OMAPI handle when the
+ object is freed due to a dereference. [ISC-Bugs #21306]
+
+- Fixed a bug that leaks host record references onto lease structures,
+ causing the server to apply configuration intended for one host to any
+ other innocent clients that come along later. [ISC-Bugs #22018]
+
+- Minor code fixes
+ [ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
+ the name to be at the apex of the zone.
+ [ISC-Bugs #19617] Restrict length of interface name read from command line
+ in dhcpd - based on a patch from David Cantrell at Red Hat.
+ [ISC-Bugs #20039] Correct some error messages in dhcpd.c
+ [ISC-Bugs #20070] Better range check on values when creating a DHCID.
+ [ISC-Bugs #20198] Avoid writing past the end of the field when adding
+ overly long file or server names to a packet and add a log message
+ if the configuration supplied overly long names for these fields.
+ Thanks to Martin Pala.
+ [ISC-Bugs #21497] Add a little more randomness to rng seed in client
+ thanks to a patch from Jeremiah Jinno.
+
+- Correct error handling in DLPI [ISC-Bugs #20378]
+
+- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
+ checked in configure. [ISC-Bugs #20443]
+
+- Modify how the cmsg header is allocated the v6 send and received routines
+ to compile on more compilers. [ISC-Bugs #20524]
+
+- When parsing a domain name free the memory for the name after we are
+ done with it. [ISC-Bugs #20824]
+
+- Add an elapsed time option to the release message and refactor the
+ code to move most of the common code to a single routine.
+ [ISC-Bugs #21171].
+
+- Parse date strings more properly - the code now handles semi-colons in
+ date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat.
+ [ISC-Bugs #21501, #20598]
+
+- Fixes to lease input and output.
+ [ISC-Bugs #20418] - Some systems don't support the "%s" argument to
+ strftime, paste together the same string using mktime instead.
+ [ISC-Bugs #19596] - When parsing iaid values accept printable
+ characters.
+ [ISC-Bugs #21585] - Always print time values in omshell as hex
+ instead of ascii if the values happen to be printable characters.
+
+- Minor changes for scripts, configure.ac and Makefiles
+ [ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
+ example conf file. Thanks to a patch from David Cantrell
+ at Red Hat.
+ [ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
+ [ISC-Bugs #19945] Properly close the quote on some arguments.
+ [ISC-Bugs #20952] Add 64 bit types to configure.ac
+ [ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable
+
+- Update the code to parse dhcpv6 lease files to accept a semi-colon at
+ the end of the max-life and preferred-life clauses. In order to be
+ backwards compatible with older lease files not finding a semi-colon
+ is also accepted. [ISC-Bugs #22303].
+
+! Handle a relay forward message with an unspecified address in the
+ link address field. Previously such a message would cause the
+ server to crash. Thanks to a report from John Gibbons. [ISC-Bugs #21992]
+ CERT: VU#102047 CVE: CVE-2010-3611
+
+- ./configure on longer searches for -lcrypto to explicitly link against.
+ This fixes a bug where 'dhclient' would have shared library dependencies
+ on '/usr/lib'. [ISC-Bugs #21967]
+
+- Handle pipe failures more gracefully. Some OSes pass a SIGPIPE
+ signal to a process and will kill the process if the signal isn't
+ caught. This patch adds code to turn off the SIGPIPE signal via
+ a setsockopt() call. The signal is already being ignored as part
+ of the ISC library. [ISC-Bugs #22269]
+
+- Restore printing of values in omshell to the style pre 21585. For
+ 21585 we changed the print routines to always display time values
+ as a hex list. This had a side effect of printing all data strings
+ as a hex list. We shall investigate other ways of displaying time
+ values more usefully. [ISC-Bugs #22626]
+
+! Fix the handling of connection requests on the failover port.
+ Previously a connection request from a source that wasn't
+ listed as a failover peer would cause the server to become
+ non-responsive. Thanks to a report from Brad Bendily, brad@bendily.com.
+ [ISC-Bugs #22679]
+ CERT: VU#159528 CVE: CVE-2010-3616
+
+- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
+ Passing it through to the handlers caused the omshell program to fail
+ to connect to the server. [ISC-Bugs #21839]
+
+- Fix the paranthesis in the code to process configuration statements
+ beginning with "auth". The previous arrangement caused
+ "auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854]
+
+- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
+ Thanks to a report from Jiri Popelka at Red Hat.
+ [ISC-Bugs #22033], [Red Hat Bug #628258]
+
+- When processing the format flags for a given option consume the
+ flag indicating an optional value correctly. A symptom of this
+ bug was an infinite loop when trying to parse the slp-service-scope
+ option. Thanks to a patch from Marius Tomaschewski.
+ [ISC-Bugs #22055]
+
+- Disable the use of kqueue in the ISC library. This avoids a problem
+ between the fork and socket code that caused the dhcpd process to
+ use all available cpu if the program daemonized itself.
+ [ISC-Bugs #21911]
+
+! When processing a request in the DHCPv6 server code that specifies
+ an address that is tagged as abandoned (meaning we received a
+ decline request for it previously) don't attempt to move it from
+ the inactive to active pool as doing so can result in the server
+ crashing on an assert failure. Also retag the lease as active
+ and reset it's timeout value.
+ [ISC-Bugs #21921]
+
+- Relay no longer crashes, when DHCP packet is received over interface without
+ any IPv4 address assigned. [ISC-Bugs #22409]
+
+ Changes since 4.2.0rc1
+
+- Documentation cleanup covering multiple tickets
+ [ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup
+ [ISC-Bugs #20263] add text describing some default values
+ [ISC-Bugs #20193] single quotes at the start of a line indicate a control
+ line to nroff, escape them if we actually want a quote.
+ [ISC-Bugs #18916] sync the pointer to web pages amongst the different docs
+
+ Changes since 4.2.0b2
+
+- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472]
+
+ Changes since 4.2.0b1
+
+- Prohibit including lease time information in a response to a DHCP INFORM.
+ [ISC-Bugs #21092]
+
+! Accept a client id of length 0 while hashing. Previously the server would
+ exit if it attempted to hash a zero length client id, providing attackers
+ with a simple denial of service attack. [ISC-Bugs #21253]
+ CERT: VU#541921 - CVE: CVE-2010-2156
+
+- A memory leak in ddns processing was closed. [ISC-Bugs #21377]
+
+- Modify the exception handling for initial context creation. Previously
+ we would try and clean up before exiting. This could present problems
+ when the cleanup required part of the context that wasn't available. It
+ also didn't do much as we exited afterwards anyway. Now we simply log
+ the error and exit. [ISC-Bugs #21093]
- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
previously allocated (active) lease to a client that has changed subnets,
@@ -55,44 +393,169 @@ work on other platforms. Please report any problems and suggested fixes to
allocated in shared networks also now are not offered if the client has
moved. [ISC-Bugs #21152]
-! Accept a client id of length 0 while hashing. Previously the server would
- exit if it attempted to hash a zero length client id, providing attackers
- with a simple denial of service attack. [ISC-Bugs #21253]
+- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916]
+
+- Fix the trace code to handle timing events better and to truncate a file
+ before using instead of overwriting it. [ISC-Bugs #20969]
+
+- Modify the determination of the default TTL to use for DDNS updates.
+ The user may still configure the ttl via ddns-ttl. The default for
+ both v4 and v6 is now 1/2 the (preferred) lease time with a limit. The
+ previous defaults (1/2 lease time without a limit for v4 and a default
+ value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h
+ [ISC-Bugs #21126]
+
+- libisc/libdns is now brought up to version 9.7.1rc1. This corrects
+ three reported flaws in ISC DHCP;
+
+ o DHCP processes (dhcpd, dhclient) fail to start if one of either the
+ IPv4 or IPv6 address families is not present. [ISC-Bugs #21122]
+
+ o Assertion failure when attempting to cancel a previously running DDNS
+ update. [ISC-Bugs #21133]
+
+ o Compilation failure of libisc/libdns due to the use of a flexible
+ array member. [ISC-Bugs #21316]
- Changes since 4.1.1rc1
+ Changes since 4.2.0a2
+
+- Update the fsync code to work with the changes to the DDNS code. It now
+ uses a timer instead of noticing if there are no more packets to process.
+
+- When constructing the DNS name structure from a text string append
+ the root to relative names. This satisfies a requirement in the DNS
+ library that names be absolute instead of relative and prevents DHCP
+ from crashing. [ISC-Bugs #21054]
+
+- "The LDAP Patch" that has been circulating for some time, written by
+ Brian Masney and S.Kalyanasundraram and maintained for application to
+ the DHCP-4 sources by David Cantrell has been included. Please be
+ advised that these sources were contributed, and do not yet meet the
+ high standards we place on production sources we include by default.
+ As a result, the LDAP features are only included by using a compile-time
+ option which defaults off, and if you enable it you do so under your
+ own recognizance. We will be improving this software over time.
+ [ISC-Bugs #17741]
+
+ Changes since 4.2.0a1
- When using 'ignore client-updates;', the FQDN returned to the client
is no longer truncated to one octet.
- Changes since 4.1.1b3
+- Cleaned up an unused hardware address variable in nak_lease().
-- None.
+- Manpage entries for the ia-pd and ia-prefix options were updated to
+ reflect support for prefix delegation.
- Changes since 4.1.1b2
+- Cleaned up some compiler warnings
-- Fix test in dhcp_interface_signal_handler to check that the inner handler
- has a signal_handler before calling it.
+- An optimization described in the failover protocol draft is now included,
+ which permits a DHCP server operating in communications-interrupted state
+ to 'rewind' a lease to the state most recently transmitted to its peer,
+ greatly increasing a server's endurance in communications-interrupted.
+ This is supported using a new 'rewind state' record on the dhcpd.leases
+ entry for each lease.
-- Both host and subnet6 configuration groups are now included whether a
- fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes
- precedence. This fixes two bugs, one where host scoped configuration
- would not be included from a non-fixed-address6 host record, and the equal
- and opposite bug where subnet6 scoped configuration would not be used when
- over-riding values were not present in a matching fixed-address6 host
- configuration.
+- Fix the trace code which was broken by the changes to the DDNS code.
-- ./configure now checks to ensure the intX_t and u_intX_t types are defined,
- correcting a compilation failure when using Sun's compiler.
+ Changes since 4.1.0 (new features)
-- Modified the handling of a connection to avoid releasing the omapi io
- object for the connection while it is still in use. One symptom from
- this error was a segfault when a failover secondary attempted to connect
- to the failover primary if their clocks were not synchronized.
+- Failover port configuration can now be left to defaults (port 647) as
+ described in the -12 revision of the Failover draft (and assigned by
+ IANA). Thanks in part to a patch from David Cantrell at Red Hat.
+
+- If configured, dhclient may now transmit to an anycast MAC address,
+ rather than using a broadcast address. Thanks to a patch from David
+ Cantrell at Red Hat.
+
+- Added client support for setting interface MTU and metric, thanks to
+ Roy "UberLord" Marples <roy@marples.name>.
+
+- Added client -D option to specify DUID type to send.
- Changes since 4.1.1b1
+- A new failover configuration parameter has been introduced for those
+ environments where DHCP servers can be reasonably guaranteed to be
+ "down" when the failover TCP socket is severed, "auto-partner-down".
+ This parameter is not generally safe, and by default is disabled, so
+ please carefully review the documentation of this parameter in the
+ dhcpd.conf(5) manpage before determining to use it yourself.
+
+- Added a configuration function, 'gethostname()', which calls the system
+ function of the same name and presents the results as a data expression.
+ This function can be used to incorporate the system level hostname of
+ the system the DHCP software is operating on in responses or queries (such
+ as including a failover partner's hostname in a dhcp message or binding
+ scope, or having a DHCP client send any system hostname in the host-name or
+ FQDN options by default).
+
+- The dhcp-renewal-time and dhcp-rebinding-time options may now be configured
+ for DHCPv4 operation and used independently of the dhcp-lease-time
+ calculations. Invalid renew and rebinding times (e.g., greater than the
+ determined lease time) are omitted.
+
+- Processing the DHCP to DNS server transactions in an asyncrhonous fashion.
+ The DHCP server or client can now continue with it's processing while
+ awaiting replies from the DNS server.
+
+- The 'hardware [ethernet|etc] ...;' parameter in host records has been
+ extended to attempt to match DHCPv6 clients by the last octets of a
+ DUID-LL or DUID-LLT provided by the client.
+
+ Changes since 4.1.0 (bug fixes)
- Remove infinite loop in token_print_indent_concat().
+- Validate the argument to the -p option.
+
+- The notorious 'option <unknown> ... larger than buffer' log line,
+ which is seen in some malformed DHCP client packets, was modified.
+ It now logs the universe name, and does not log the length values
+ (which are bogus corruption read from the packet anyway). It also
+ carries a hopefully more useful explanation.
+
+- Suppress spurious warnings from configure about --datarootdir
+
+- A bug was fixed that caused the server not to answer some valid Solicit
+ and Request packets, if the dynamic range covering any requested addresses
+ had been deleted from configuration.
+
+- Update the code to deal with GCC 4.3. This included two sets of changes.
+ The first is to the configuration files to include the use of
+ AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that
+ were being ignored.
+
+- The db-time-format option was documented in manpages.
+
+- Using reserved leases no longer results in 'lease with binding state
+ free not on its queue' error messages, thanks to a patch from Frode
+ Nordahl.
+
+- Fix a build error in dhcrelay, using older versions of gcc with
+ dhcpv6 disabled.
+
+- Two uninitialized stack structures are now memset to zero, thanks to a
+ patch from David Cantrell at Red Hat.
+
+- Fixed a cosmetic bug where pretty-printing valid domain-search options would
+ result in an erroneous error log message ('garbage in format string').
+
+- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server
+ to stop receiving packets is fixed. The same fix also means that the MAC
+ address will no longer appear 'bogus' on DLPI-based systems.
+
+- A bug in select handling was discovered where the results of one select()
+ call were discarded, causing the server to process the next select() call
+ and use more system calls than required. This has been repaired - the
+ sockets will be handled after the first return from select(), resulting in
+ fewer system calls.
+
+- The update-conflict-detection feature would leave an FQDN updated without
+ a DHCID (still currently implemented as a TXT RR). This would cause later
+ expiration or release events to fail to remove the domain name. The feature
+ now also inserts the client's up to date DHCID record, so records may safely
+ be removed at expiration or release time. Thanks to a patch submitted by
+ Christof Chen.
+
- Memory leak in the load_balance_mine() function is fixed. This would
leak ~20-30 octets per DHCPDISCOVER packet while failover was in use
and in normal state.
@@ -106,9 +569,6 @@ work on other platforms. Please report any problems and suggested fixes to
to be double-quoted. Also allow server-provided hostname to
override hostnames 'localhost' and '(none)'.
-- Added client support for setting interface MTU and metric, thanks to
- Roy "UberLord" Marples <roy@marples.name>.
-
- Fixed failover reconnection retry code to continue to retry to reconnect
rather than restarting the listener.
@@ -132,6 +592,9 @@ work on other platforms. Please report any problems and suggested fixes to
or simply terminate the client, by providing an over-long subnet-mask
option. CERT VU#410676 - CVE-2009-0692
+- Fixed a bug where relay agent options would never be returned when
+ processing a DHCPINFORM.
+
- Versions 3.0.x syntax with multiple name->code option definitions is now
supported. Note that, similarly to 3.0.x, for by-code lookups only the
last option definition is used.
@@ -158,65 +621,31 @@ work on other platforms. Please report any problems and suggested fixes to
! Fixed a fenceposting bug when a client had two host records configured,
one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892
- Changes since 4.1.0
-
-- Validate the argument to the -p option.
-
-- The notorious 'option <unknown> ... larger than buffer' log line,
- which is seen in some malformed DHCP client packets, was modified.
- It now logs the universe name, and does not log the length values
- (which are bogus corruption read from the packet anyway). It also
- carries a hopefully more useful explanation.
-
-- A bug was fixed that caused the server not to answer some valid Solicit
- and Request packets, if the dynamic range covering any requested addresses
- had been deleted from configuration.
-
-- Suppress spurious warnings from configure about --datarootdir
-
-- Update the code to deal with GCC 4.3. This included two sets of changes.
- The first is to the configuration files to include the use of
- AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that
- were being ignored.
-
-- The db-time-format option was documented in manpages.
+- Fixed the check in the dhcp_interface_signal_handler routine to verify
+ the existence of the linked signal handler before calling it.
-- Using reserved leases no longer results in 'lease with binding state
- free not on its queue' error messages, thanks to a patch from Frode
- Nordahl.
-
-- DDNS removal routines were updated so that the DHCID is not removed until
- the client has been deprived of all A and AAAA records (not only the last
- one of either of those). This resolves a bug where dual stack clients
- would not be able to regain their names after either expiration event.
-
-- Fix a build error in dhcrelay, using older versions of gcc with
- dhcpv6 disabled.
-
-- Two uninitialized stack structures are now memset to zero, thanks to
- patch from David Cantrell at Red Hat.
-
-- Fixed a cosmetic bug where pretty-printing valid domain-search options would
- result in an erroneous error log message ('garbage in format string').
+- Both host and subnet6 configuration groups are now included whether a
+ fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes
+ precedence. This fixes two bugs, one where host scoped configuration
+ would not be included from a non-fixed-address6 host record, and the equal
+ and opposite bug where subnet6 scoped configuration would not be used when
+ over-riding values were not present in a matching fixed-address6 host
+ configuration.
-- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server
- to stop receiving packets is fixed. The same fix also means that the MAC
- address will no longer appear 'bogus' on DLPI-based systems.
+- ./configure now checks to ensure the intX_t and u_intX_t types are defined,
+ correcting a compilation failure when using Sun's compiler.
-- A bug in select handling was discovered where the results of one select()
- call were discarded, causing the server to process the next select() call
- and use more system calls than required. This has been repaired - the
- sockets will be handled after the first return from select(), resulting in
- fewer system calls.
+- Modified the handling of a connection to avoid releasing the omapi io
+ object for the connection while it is still in use. One symptom from
+ this error was a segfault when a failover secondary attempted to connect
+ to the failover primary if their clocks were not synchronized.
-- The update-conflict-detection feature would leave an FQDN updated without
- a DHCID (still currently implemented as a TXT RR). This would cause later
- expiration or release events to fail to remove the domain name. The feature
- now also inserts the client's up to date DHCID record, so records may safely
- be removed at expiration or release time. Thanks to a patch submitted by
- Christof Chen.
+- Clean up to allow compilation with gcc 2.95.4 on FreeBSD. Remove an
+ extra semi-colon from common/dns.c and moved setting a variable to NULL
+ in server/dhcpv6.c to allow the compiler to decide that the variable
+ was always properly set.
- Changes since 4.1.0b1
+ Changes since 4.1.0b1
- A missing "else" in dhcrelay.c could have caused an interface not to
be recognized.
@@ -251,6 +680,11 @@ work on other platforms. Please report any problems and suggested fixes to
- A dhclient-script for MacOS X has been included, which enables
'dhclient -6' support.
+- DDNS removal routines were updated so that the DHCID is not removed until
+ the client has been deprived of all A and AAAA records (not only the last
+ one of either of those). This resolves a bug where dual stack clients
+ would not be able to regain their names after either expiration event.
+
Changes since 4.1.0a1
- Corrected list of failover state values in dhcpd man page.
@@ -1888,7 +2322,7 @@ work on other platforms. Please report any problems and suggested fixes to
- A minor bug fix in the arguments to a logging function call.
- Documentation update for dhcpd.conf.
- Changes since 3.0.1rc2
+ Changes since 3.0.1rc2
- Allow the primary to send a POOLREQ message. This isn't what the current
failover draft says to do, so we may have to back it out if I can't get the
@@ -1896,7 +2330,7 @@ work on other platforms. Please report any problems and suggested fixes to
current draft seems needlessly hairy, so I'm floating a trial balloon.
The rc1 code did not implement the method described in the draft either.
- Changes since 3.0.1rc1
+ Changes since 3.0.1rc1
- Treat NXDOMAIN and NXRRSET as success when we are trying to delete a
domain or RRSET. This allows the DHCP server to forget about a name
@@ -1931,7 +2365,7 @@ work on other platforms. Please report any problems and suggested fixes to
than a history of all references and dereferences. This code is only used
when extensive additional debugging is enabled.
- Changes since 3.0
+ Changes since 3.0
- Make allocators for hash tables. As a side effect, this fixes a memory
smash in the subclass allocation code.
@@ -2137,7 +2571,6 @@ work on other platforms. Please report any problems and suggested fixes to
- Fix some bugs and omissions in omshell.
-
Changes since 3.0 Release Candidate 5
- Fix a bug in omapi_object_dereference that prevented objects in
@@ -2309,7 +2742,7 @@ work on other platforms. Please report any problems and suggested fixes to
- Support GCC on SCO.
- Changes since 3.0 Beta 2 Patchlevel 23
+ Changes since 3.0 Beta 2 Patchlevel 23
- Fix a bug in the DNS update code where a status code was not being
checked. This may have been causing core dumps.
@@ -2346,18 +2779,18 @@ work on other platforms. Please report any problems and suggested fixes to
- Fix some memory allocation bugs in failover.
- Changes since 3.0 Beta 2 Patchlevel 22
+ Changes since 3.0 Beta 2 Patchlevel 22
- Apply some patches suggested by Cyrille Lefevre, who is maintaining
the FreeBSD ISC DHCP Distribution port.
- Fix a core dump in DHCPRELEASE.
- Changes since 3.0 Beta 2 Patchlevel 21
+ Changes since 3.0 Beta 2 Patchlevel 21
- This time for sure: fix the spin described in the changes for pl20.
- Changes since 3.0 Beta 2 Patchlevel 20
+ Changes since 3.0 Beta 2 Patchlevel 20
- Fix a problem with Linux detecting large numbers of interfaces (Ben)
@@ -2368,7 +2801,7 @@ work on other platforms. Please report any problems and suggested fixes to
previous fix only partially fixed the problem - enough to get it
past the regression test.
- Changes since 3.0 Beta 2 Patchlevel 19
+ Changes since 3.0 Beta 2 Patchlevel 19
- Fix a bug that could cause the server to abort if compiled with
POINTER_DEBUG enabled.
@@ -2382,7 +2815,7 @@ work on other platforms. Please report any problems and suggested fixes to
- Install unformatted man pages on SunOS.
- Changes since 3.0 Beta 2 Patchlevel 18
+ Changes since 3.0 Beta 2 Patchlevel 18
- Allow the server to be placed in partner-down state using OMAPI.
(Damien Neil)
@@ -2436,7 +2869,7 @@ work on other platforms. Please report any problems and suggested fixes to
** there was no pl17 **
- Changes since 3.0 Beta 2 Patchlevel 16
+ Changes since 3.0 Beta 2 Patchlevel 16
- Add support for transaction tracing. This allows the state of the
DHCP server on startup, and all the subsequent transactions, to be
@@ -2481,8 +2914,7 @@ work on other platforms. Please report any problems and suggested fixes to
- Fix a bug in the DHCP client initial startup backoff interval, which
would cause two DHCPDISCOVERS to be sent back-to-back on startup.
-
- Changes since 3.0 Beta 2 Patchlevel 15
+ Changes since 3.0 Beta 2 Patchlevel 15
- Some documentation tweaks.
@@ -2498,7 +2930,7 @@ work on other platforms. Please report any problems and suggested fixes to
- Fix a core dump that would occur if a packet was sent with no
options.
- Changes since 3.0 Beta 2 Patchlevel 14
+ Changes since 3.0 Beta 2 Patchlevel 14
- Finish fixing a long-standing bug in the agent options code. This
was causing core dumps and failing to operate correctly - in
@@ -2522,7 +2954,7 @@ work on other platforms. Please report any problems and suggested fixes to
- Don't send faked-out giaddr when renewing or bound - again, useful
for debugging.
- Changes since 3.0 Beta 2 Patchlevel 13
+ Changes since 3.0 Beta 2 Patchlevel 13
- Fixed a problem where the fqdn decoder would sometimes try to store
an option with an (unsigned) negative length, resulting in a core
@@ -2549,7 +2981,7 @@ work on other platforms. Please report any problems and suggested fixes to
the transition.
- Changes since 3.0 Beta 2 Patchlevel 12
+ Changes since 3.0 Beta 2 Patchlevel 12
- Fixed a couple of silly compile errors.
View
4 aclocal.m4
@@ -13,8 +13,8 @@
m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
-m4_if(AC_AUTOCONF_VERSION, [2.62],,
-[m4_warning([this file was generated for autoconf 2.62.
+m4_if(AC_AUTOCONF_VERSION, [2.67],,
+[m4_warning([this file was generated for autoconf 2.67.
You have another version of autoconf. It may work, but is not guaranteed to.
If you have problems, you may need to regenerate the build system entirely.
To do so, use the procedure documented by the package, typically `autoreconf'.])])
View
75 bind/Makefile
@@ -0,0 +1,75 @@
+#
+# Copyright (C) 2009-2010 by Internet Systems Consortium, Inc. ("ISC")
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: Makefile.bind,v 1.2.2.7 2011-04-06 22:00:40 marka Exp $
+
+# Configure and build the bind libraries for use by DHCP
+
+include ./version.tmp
+version=${MAJORVER}.${MINORVER}.${PATCHVER}${RELEASETYPE}${RELEASEVER}
+
+# bindvar.tmp is constructed by configure, it has the paths for
+# if GMAKE is blank the shell script couldn't find a gmake to use.
+# binddir=
+# GMAKE=
+include ./bindvar.tmp
+
+bindsrcdir=bind-${version}
+
+all:
+# Extract the source from the tarball, if it hasn't been already.
+ @if test -d ${bindsrcdir} ; then \
+ echo ${bindsrcdir} already unpacked... ; \
+ else \
+ gunzip -c bind.tar.gz | tar xf - ; \
+ fi
+
+ @if test -z "${GMAKE}"; then \
+ echo "unable to find gmake" 1>&2 ; \
+ exit 1; \
+ fi
+
+# Configure the export libraries
+# Currently disable the epoll and devpoll options as they don't interact
+# well with the DHCP code.
+ @echo Configuring BIND Export libraries for DHCP.
+ @(cd ${bindsrcdir} && ./configure --disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --enable-threads=no --with-export-includedir=${binddir}/include --with-export-libdir=${binddir}/lib --with-gssapi=no > ${binddir}/configure.log)
+
+# Build the export libraries
+ @echo Building BIND Export libraries - this takes some time.
+ @(cd ${bindsrcdir}/lib/export ; \
+ echo building in `pwd` ; \
+ MAKE=${GMAKE} ${GMAKE} > ${binddir}/build.log)
+
+ @echo Installing BIND Export libraries to ${binddir}.
+ @(cd ${bindsrcdir}/lib/export ; \
+ MAKE=${GMAKE} ${GMAKE} install > ${binddir}/install.log)
+
+clean:
+ @echo Cleaning BIND export library.
+ rm -rf ${bindsrcdir} ./lib ./include ./configure.log ./build.log \
+ ./install.log
+
+# Include the following so that this Makefile is happy when the parent
+# tries to use them.
+
+distdir:
+
+distclean:
+
+install:
+
+check:
+
View
BIN  bind/bind.tar.gz
Binary file not shown
View
10 bind/version.tmp
@@ -0,0 +1,10 @@
+# $Id: version,v 1.53.8.2.2.4 2011-06-21 20:44:01 each Exp $
+#
+# This file must follow /bin/sh rules. It is imported directly via
+# configure.
+#
+MAJORVER=9
+MINORVER=8
+PATCHVER=0
+RELEASETYPE=-P
+RELEASEVER=4
View
8 client/Makefile.am
@@ -4,15 +4,15 @@ dhclient_SOURCES = clparse.c dhclient.c dhc6.c \
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../minires/libres.a \
- ../omapip/libomapi.a ../dst/libdst.a
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+ ../bind/lib/libdns.a ../bind/lib/libisc.a
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
dhclient.o: dhclient.c
- $(COMPILE) -DCLIENT_PATH='"$(sbindir)"' \
+ $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"' -c dhclient.c
dhc6.o: dhc6.c
- $(COMPILE) -DCLIENT_PATH='"$(sbindir)"' \
+ $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"' -c dhc6.c
View
14 client/Makefile.in
@@ -49,8 +49,8 @@ PROGRAMS = $(sbin_PROGRAMS)
am_dhclient_OBJECTS = clparse.$(OBJEXT) dhclient.$(OBJEXT) \
dhc6.$(OBJEXT)
dhclient_OBJECTS = $(am_dhclient_OBJECTS)
-dhclient_DEPENDENCIES = ../common/libdhcp.a ../minires/libres.a \
- ../omapip/libomapi.a ../dst/libdst.a
+dhclient_DEPENDENCIES = ../common/libdhcp.a ../omapip/libomapi.a \
+ ../bind/lib/libdns.a ../bind/lib/libisc.a
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/includes
depcomp = $(SHELL) $(top_srcdir)/depcomp
am__depfiles_maybe = depfiles
@@ -100,6 +100,7 @@ INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDAP_CFLAGS = @LDAP_CFLAGS@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
@@ -112,6 +113,7 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
PACKAGE_NAME = @PACKAGE_NAME@
PACKAGE_STRING = @PACKAGE_STRING@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@
@@ -169,8 +171,8 @@ dhclient_SOURCES = clparse.c dhclient.c dhc6.c \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../minires/libres.a \
- ../omapip/libomapi.a ../dst/libdst.a
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+ ../bind/lib/libdns.a ../bind/lib/libisc.a
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
@@ -548,11 +550,11 @@ uninstall-man: uninstall-man5 uninstall-man8
dhclient.o: dhclient.c
- $(COMPILE) -DCLIENT_PATH='"$(sbindir)"' \
+ $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"' -c dhclient.c
dhc6.o: dhc6.c
- $(COMPILE) -DCLIENT_PATH='"$(sbindir)"' \
+ $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"' -c dhc6.c
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
View
96 client/clparse.c
@@ -3,7 +3,7 @@
Parser for dhclient config and lease files... */
/*
- * Copyright (c) 2004-2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2011 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1996-2003 by Internet Software Consortium
*
* Permission to use, copy, modify, and distribute this software for any
@@ -128,6 +128,16 @@ isc_result_t read_client_conf ()
top_level_config.retry_interval = 300;
top_level_config.backoff_cutoff = 15;
top_level_config.initial_interval = 3;
+
+ /*
+ * RFC 2131, section 4.4.1 specifies that the client SHOULD wait a
+ * random time between 1 and 10 seconds. However, we choose to not
+ * implement this default. If user is inclined to really have that
+ * delay, he is welcome to do so, using 'initial-delay X;' parameter
+ * in config file.
+ */
+ top_level_config.initial_delay = 0;
+
top_level_config.bootp_policy = P_ACCEPT;
top_level_config.script_name = path_dhclient_script;
top_level_config.requested_options = default_requested_options;
@@ -209,7 +219,7 @@ int read_client_conf_file (const char *name, struct interface_info *ip,
const char *val;
int token;
isc_result_t status;
-
+
if ((file = open (name, O_RDONLY)) < 0)
return uerr2isc (errno);
@@ -226,7 +236,7 @@ int read_client_conf_file (const char *name, struct interface_info *ip,
} while (1);
token = next_token (&val, (unsigned *)0, cfile);
status = (cfile -> warnings_occurred
- ? ISC_R_BADPARSE
+ ? DHCP_R_BADPARSE
: ISC_R_SUCCESS);
end_parse (&cfile);
return status;
@@ -554,6 +564,17 @@ void parse_client_statement (cfile, ip, config)
}
return;
+ case ANYCAST_MAC:
+ token = next_token(&val, NULL, cfile);
+ if (ip != NULL) {
+ parse_hardware_param(cfile, &ip->anycast_mac_addr);
+ } else {
+ parse_warn(cfile, "anycast mac address parameter "
+ "not allowed here.");
+ skip_to_semi (cfile);
+ }
+ return;
+
case REQUEST:
token = next_token (&val, (unsigned *)0, cfile);
if (config -> requested_options == default_requested_options)
@@ -634,6 +655,11 @@ void parse_client_statement (cfile, ip, config)
parse_lease_time (cfile, &config -> initial_interval);
return;
+ case INITIAL_DELAY:
+ token = next_token (&val, (unsigned *)0, cfile);
+ parse_lease_time (cfile, &config -> initial_delay);
+ return;
+
case SCRIPT:
token = next_token (&val, (unsigned *)0, cfile);
parse_string (cfile, &config -> script_name, (unsigned *)0);
@@ -1510,12 +1536,12 @@ parse_client6_lease_statement(struct parse *cfile)
static struct dhc6_ia *
parse_client6_ia_na_statement(struct parse *cfile)
{
- struct data_string id;
struct option_cache *oc = NULL;
struct dhc6_ia *ia;
struct dhc6_addr **addr;
const char *val;
- int token, no_semi;
+ int token, no_semi, len;
+ u_int8_t buf[5];
ia = dmalloc(sizeof(*ia), MDL);
if (ia == NULL) {
@@ -1526,20 +1552,11 @@ parse_client6_ia_na_statement(struct parse *cfile)
ia->ia_type = D6O_IA_NA;
/* Get IAID. */
- memset(&id, 0, sizeof(id));
- if (parse_cshl(&id, cfile)) {
- if (id.len == 4)
- memcpy(ia->iaid, id.data, 4);
- else {
- parse_warn(cfile, "Expecting IAID of length 4, got %d.",
- id.len);
- skip_to_semi(cfile);
- dfree(ia, MDL);
- return NULL;
- }
- data_string_forget(&id, MDL);
+ len = parse_X(cfile, buf, 5);
+ if (len == 4) {
+ memcpy(ia->iaid, buf, 4);
} else {
- parse_warn(cfile, "Expecting IAID.");
+ parse_warn(cfile, "Expecting IAID of length 4, got %d.", len);
skip_to_semi(cfile);
dfree(ia, MDL);
return NULL;
@@ -1647,12 +1664,12 @@ parse_client6_ia_na_statement(struct parse *cfile)
static struct dhc6_ia *
parse_client6_ia_ta_statement(struct parse *cfile)
{
- struct data_string id;
struct option_cache *oc = NULL;
struct dhc6_ia *ia;
struct dhc6_addr **addr;
const char *val;
- int token, no_semi;
+ int token, no_semi, len;
+ u_int8_t buf[5];
ia = dmalloc(sizeof(*ia), MDL);
if (ia == NULL) {
@@ -1663,20 +1680,11 @@ parse_client6_ia_ta_statement(struct parse *cfile)
ia->ia_type = D6O_IA_TA;
/* Get IAID. */
- memset(&id, 0, sizeof(id));
- if (parse_cshl(&id, cfile)) {
- if (id.len == 4)
- memcpy(ia->iaid, id.data, 4);
- else {
- parse_warn(cfile, "Expecting IAID of length 4, got %d.",
- id.len);
- skip_to_semi(cfile);
- dfree(ia, MDL);
- return NULL;
- }
- data_string_forget(&id, MDL);
+ len = parse_X(cfile, buf, 5);
+ if (len == 4) {
+ memcpy(ia->iaid, buf, 4);
} else {
- parse_warn(cfile, "Expecting IAID.");
+ parse_warn(cfile, "Expecting IAID of length 4, got %d.", len);
skip_to_semi(cfile);
dfree(ia, MDL);
return NULL;
@@ -1764,12 +1772,12 @@ parse_client6_ia_ta_statement(struct parse *cfile)
static struct dhc6_ia *
parse_client6_ia_pd_statement(struct parse *cfile)
{
- struct data_string id;
struct option_cache *oc = NULL;
struct dhc6_ia *ia;
struct dhc6_addr **pref;
const char *val;
- int token, no_semi;
+ int token, no_semi, len;
+ u_int8_t buf[5];
ia = dmalloc(sizeof(*ia), MDL);
if (ia == NULL) {
@@ -1780,20 +1788,11 @@ parse_client6_ia_pd_statement(struct parse *cfile)
ia->ia_type = D6O_IA_PD;
/* Get IAID. */
- memset(&id, 0, sizeof(id));
- if (parse_cshl(&id, cfile)) {
- if (id.len == 4)
- memcpy(ia->iaid, id.data, 4);
- else {
- parse_warn(cfile, "Expecting IAID of length 4, got %d.",
- id.len);
- skip_to_semi(cfile);
- dfree(ia, MDL);
- return NULL;
- }
- data_string_forget(&id, MDL);
+ len = parse_X(cfile, buf, 5);
+ if (len == 4) {
+ memcpy(ia->iaid, buf, 4);
} else {
- parse_warn(cfile, "Expecting IAID.");
+ parse_warn(cfile, "Expecting IAID of length 4, got %d.", len);
skip_to_semi(cfile);
dfree(ia, MDL);
return NULL;
@@ -2234,4 +2233,3 @@ int parse_allow_deny (oc, cfile, flag)
skip_to_semi (cfile);
return 0;
}
-
View
409 client/dhc6.c
@@ -1,7 +1,7 @@
/* dhc6.c - DHCPv6 client routines. */
/*
- * Copyright (c) 2006-2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2006-2010 by Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -110,6 +110,10 @@ static void script_write_params6(struct client_state *client,
struct option_state *options);
static isc_boolean_t active_prefix(struct client_state *client);
+static int check_timing6(struct client_state *client, u_int8_t msg_type,
+ char *msg_str, struct dhc6_lease *lease,
+ struct data_string *ds);
+
extern int onetry;
extern int stateless;
@@ -143,15 +147,18 @@ form_duid(struct data_string *duid, const char *file, int line)
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
+ if (duid_type == 0)
+ duid_type = stateless ? DUID_LL : DUID_LLT;
+
/*
* 2 bytes for the 'duid type' field.
* 2 bytes for the 'htype' field.
- * (not stateless) 4 bytes for the 'current time'.
+ * (DUID_LLT) 4 bytes for the 'current time'.
* enough bytes for the hardware address (note that hw_address has
* the 'htype' on byte zero).
*/
len = 4 + (ip->hw_address.hlen - 1);
- if (!stateless)
+ if (duid_type == DUID_LLT)
len += 4;
if (!buffer_allocate(&duid->buffer, len, MDL))
log_fatal("no memory for default DUID!");
@@ -159,7 +166,7 @@ form_duid(struct data_string *duid, const char *file, int line)
duid->len = len;
/* Basic Link Local Address type of DUID. */
- if (!stateless) {
+ if (duid_type == DUID_LLT) {
putUShort(duid->buffer->data, DUID_LLT);
putUShort(duid->buffer->data + 2, ip->hw_address.hbuf[0]);
putULong(duid->buffer->data + 4, cur_time - DUID_TIME_EPOCH);
@@ -741,7 +748,7 @@ dhc6_parse_ia_na(struct dhc6_ia **pia, struct packet *packet,
MDL);
dfree(ia, MDL);
data_string_forget(&ds, MDL);
- return ISC_R_BADPARSE;
+ return DHCP_R_BADPARSE;
}
}
data_string_forget(&ds, MDL);
@@ -826,7 +833,7 @@ dhc6_parse_ia_ta(struct dhc6_ia **pia, struct packet *packet,
MDL);
dfree(ia, MDL);
data_string_forget(&ds, MDL);
- return ISC_R_BADPARSE;
+ return DHCP_R_BADPARSE;
}
}
data_string_forget(&ds, MDL);
@@ -930,7 +937,7 @@ dhc6_parse_ia_pd(struct dhc6_ia **pia, struct packet *packet,
MDL);
dfree(ia, MDL);
data_string_forget(&ds, MDL);
- return ISC_R_BADPARSE;
+ return DHCP_R_BADPARSE;
}
}
data_string_forget(&ds, MDL);
@@ -1036,7 +1043,7 @@ dhc6_parse_addrs(struct dhc6_addr **paddr, struct packet *packet,
MDL);
dfree(addr, MDL);
data_string_forget(&ds, MDL);
- return ISC_R_BADPARSE;
+ return DHCP_R_BADPARSE;
}
}
@@ -1142,7 +1149,7 @@ dhc6_parse_prefixes(struct dhc6_addr **ppfx, struct packet *packet,
MDL);
dfree(pfx, MDL);
data_string_forget(&ds, MDL);
- return ISC_R_BADPARSE;
+ return DHCP_R_BADPARSE;
}
}
@@ -1453,36 +1460,20 @@ start_confirm6(struct client_state *client)
}
/*
- * do_init6() marshals and transmits a solicit.
+ * check_timing6() check on the timing for sending a v6 message
+ * and then do the basic initialization for a v6 message.
*/
-void
-do_init6(void *input)
+#define CHK_TIM_SUCCESS 0
+#define CHK_TIM_MRC_EXCEEDED 1
+#define CHK_TIM_MRD_EXCEEDED 2
+#define CHK_TIM_ALLOC_FAILURE 3
+
+int
+check_timing6 (struct client_state *client, u_int8_t msg_type,
+ char *msg_str, struct dhc6_lease *lease,
+ struct data_string *ds)
{
- struct client_state *client;
- struct dhc6_ia *old_ia;
- struct dhc6_addr *old_addr;
- struct data_string ds;
- struct data_string ia;
- struct data_string addr;
- struct timeval elapsed, tv;
- u_int32_t t1, t2;
- int i, idx, len, send_ret;
-
- client = input;
-
- /*
- * In RFC3315 section 17.1.2, the retransmission timer is
- * used as the selecting timer.
- */
- if (client->advertised_leases != NULL) {
- start_selecting6(client);
- return;
- }
-
- if ((client->MRC != 0) && (client->txcount > client->MRC)) {
- log_info("Max retransmission count exceeded.");
- return;
- }
+ struct timeval elapsed;
/*
* Start_time starts at the first transmission.
@@ -1490,6 +1481,9 @@ do_init6(void *input)
if (client->txcount == 0) {
client->start_time.tv_sec = cur_tv.tv_sec;
client->start_time.tv_usec = cur_tv.tv_usec;
+ } else if ((client->MRC != 0) && (client->txcount > client->MRC)) {
+ log_info("Max retransmission count exceeded.");
+ return(CHK_TIM_MRC_EXCEEDED);
}
/* elapsed = cur - start */
@@ -1499,30 +1493,23 @@ do_init6(void *input)
elapsed.tv_sec -= 1;
elapsed.tv_usec += 1000000;
}
+
/* Check if finished (-1 argument). */
if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
log_info("Max retransmission duration exceeded.");
- client->state = S_STOPPED;
- if (client->active_lease != NULL) {
- dhc6_lease_destroy(&client->active_lease, MDL);
- client->active_lease = NULL;
- }
- /* Stop if and only if this is the last client. */
- if (stopping_finished())
- exit(2);
- return;
+ return(CHK_TIM_MRD_EXCEEDED);
}
- memset(&ds, 0, sizeof(ds));
- if (!buffer_allocate(&ds.buffer, 4, MDL)) {
- log_error("Unable to allocate memory for SOLICIT.");
- return;
+ memset(ds, 0, sizeof(*ds));
+ if (!buffer_allocate(&(ds->buffer), 4, MDL)) {
+ log_error("Unable to allocate memory for %s.", msg_str);
+ return(CHK_TIM_ALLOC_FAILURE);
}
- ds.data = ds.buffer->data;
- ds.len = 4;
+ ds->data = ds->buffer->data;
+ ds->len = 4;
- ds.buffer->data[0] = DHCPV6_SOLICIT;
- memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
+ ds->buffer->data[0] = msg_type;
+ memcpy(ds->buffer->data + 1, client->dhcpv6_transaction_id, 3);
/* Form an elapsed option. */
/* Maximum value is 65535 1/100s coded as 0xffff. */
@@ -1535,15 +1522,60 @@ do_init6(void *input)
}
if (client->elapsed == 0)
- log_debug("XMT: Forming Solicit, 0 ms elapsed.");
+ log_debug("XMT: Forming %s, 0 ms elapsed.", msg_str);
else
- log_debug("XMT: Forming Solicit, %u0 ms elapsed.",
+ log_debug("XMT: Forming %s, %u0 ms elapsed.", msg_str,
(unsigned)client->elapsed);
client->elapsed = htons(client->elapsed);
- make_client6_options(client, &client->sent_options, NULL,
- DHCPV6_SOLICIT);
+ make_client6_options(client, &client->sent_options, lease, msg_type);
+
+ return(CHK_TIM_SUCCESS);
+}
+
+/*
+ * do_init6() marshals and transmits a solicit.
+ */
+void
+do_init6(void *input)
+{
+ struct client_state *client;
+ struct dhc6_ia *old_ia;
+ struct dhc6_addr *old_addr;
+ struct data_string ds;
+ struct data_string ia;
+ struct data_string addr;
+ struct timeval tv;
+ u_int32_t t1, t2;
+ int i, idx, len, send_ret;
+
+ client = input;
+
+ /*
+ * In RFC3315 section 17.1.2, the retransmission timer is
+ * used as the selecting timer.
+ */
+ if (client->advertised_leases != NULL) {
+ start_selecting6(client);
+ return;
+ }
+
+ switch(check_timing6(client, DHCPV6_SOLICIT, "Solicit", NULL, &ds)) {
+ case CHK_TIM_MRC_EXCEEDED:
+ case CHK_TIM_ALLOC_FAILURE:
+ return;
+ case CHK_TIM_MRD_EXCEEDED:
+ client->state = S_STOPPED;
+ if (client->active_lease != NULL) {
+ dhc6_lease_destroy(&client->active_lease, MDL);
+ client->active_lease = NULL;
+ }
+ /* Stop if and only if this is the last client. */
+ if (stopping_finished())
+ exit(2);
+ return;
+ }
/*
* Fetch any configured 'sent' options (includes DUID) in wire format.
@@ -1894,69 +1926,22 @@ do_info_request6(void *input)
{
struct client_state *client;
struct data_string ds;
- struct timeval elapsed, tv;
+ struct timeval tv;
int send_ret;
client = input;
- if ((client->MRC != 0) && (client->txcount > client->MRC)) {
- log_info("Max retransmission count exceeded.");
+ switch(check_timing6(client, DHCPV6_INFORMATION_REQUEST,
+ "Info-Request", NULL, &ds)) {
+ case CHK_TIM_MRC_EXCEEDED:
+ case CHK_TIM_ALLOC_FAILURE:
return;
- }
-
- /*
- * Start_time starts at the first transmission.
- */
- if (client->txcount == 0) {
- client->start_time.tv_sec = cur_tv.tv_sec;
- client->start_time.tv_usec = cur_tv.tv_usec;
- }
-
- /* elapsed = cur - start */
- elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
- elapsed.tv_usec = cur_tv.tv_usec - client->start_time.tv_usec;
- if (elapsed.tv_usec < 0) {
- elapsed.tv_sec -= 1;
- elapsed.tv_usec += 1000000;
- }
- /* Check if finished (-1 argument). */
- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
- log_info("Max retransmission duration exceeded.");
+ case CHK_TIM_MRD_EXCEEDED:
exit(2);
+ case CHK_TIM_SUCCESS:
+ break;
}
- memset(&ds, 0, sizeof(ds));
- if (!buffer_allocate(&ds.buffer, 4, MDL)) {
- log_error("Unable to allocate memory for INFO-REQUEST.");
- return;
- }
- ds.data = ds.buffer->data;
- ds.len = 4;
-
- ds.buffer->data[0] = DHCPV6_INFORMATION_REQUEST;
- memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
-
- /* Form an elapsed option. */
- /* Maximum value is 65535 1/100s coded as 0xffff. */
- if ((elapsed.tv_sec < 0) || (elapsed.tv_sec > 655) ||
- ((elapsed.tv_sec == 655) && (elapsed.tv_usec > 350000))) {
- client->elapsed = 0xffff;
- } else {
- client->elapsed = elapsed.tv_sec * 100;
- client->elapsed += elapsed.tv_usec / 10000;
- }
-
- if (client->elapsed == 0)
- log_debug("XMT: Forming Info-Request, 0 ms elapsed.");
- else
- log_debug("XMT: Forming Info-Request, %u0 ms elapsed.",
- (unsigned)client->elapsed);
-
- client->elapsed = htons(client->elapsed);
-
- make_client6_options(client, &client->sent_options, NULL,
- DHCPV6_INFORMATION_REQUEST);
-
/* Fetch any configured 'sent' options (includes DUID) in wire format.
*/
dhcpv6_universe.encapsulate(&ds, NULL, NULL, client,
@@ -1999,7 +1984,7 @@ do_confirm6(void *input)
struct client_state *client;
struct data_string ds;
int send_ret;
- struct timeval elapsed, tv;
+ struct timeval tv;
client = input;
@@ -2020,65 +2005,18 @@ do_confirm6(void *input)
* stick there until we get a reply?
*/
- if ((client->MRC != 0) && (client->txcount > client->MRC)) {
- log_info("Max retransmission count exceeded.");
+ switch(check_timing6(client, DHCPV6_CONFIRM, "Confirm",
+ client->active_lease, &ds)) {
+ case CHK_TIM_MRC_EXCEEDED:
+ case CHK_TIM_MRD_EXCEEDED:
start_bound(client);
return;
- }
-
- /*
- * Start_time starts at the first transmission.
- */
- if (client->txcount == 0) {
- client->start_time.tv_sec = cur_tv.tv_sec;
- client->start_time.tv_usec = cur_tv.tv_usec;
- }
-
- /* elapsed = cur - start */
- elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
- elapsed.tv_usec = cur_tv.tv_usec - client->start_time.tv_usec;
- if (elapsed.tv_usec < 0) {
- elapsed.tv_sec -= 1;
- elapsed.tv_usec += 1000000;
- }
- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
- log_info("Max retransmission duration exceeded.");
- start_bound(client);
- return;
- }
-
- memset(&ds, 0, sizeof(ds));
- if (!buffer_allocate(&ds.buffer, 4, MDL)) {
- log_error("Unable to allocate memory for Confirm.");
+ case CHK_TIM_ALLOC_FAILURE:
return;
- }
- ds.data = ds.buffer->data;
- ds.len = 4;
-
- ds.buffer->data[0] = DHCPV6_CONFIRM;
- memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
-
- /* Form an elapsed option. */
- /* Maximum value is 65535 1/100s coded as 0xffff. */
- if ((elapsed.tv_sec < 0) || (elapsed.tv_sec > 655) ||
- ((elapsed.tv_sec == 655) && (elapsed.tv_usec > 350000))) {
- client->elapsed = 0xffff;
- } else {
- client->elapsed = elapsed.tv_sec * 100;
- client->elapsed += elapsed.tv_usec / 10000;
+ case CHK_TIM_SUCCESS:
+ break;
}
- if (client->elapsed == 0)
- log_debug("XMT: Forming Confirm, 0 ms elapsed.");
- else
- log_debug("XMT: Forming Confirm, %u0 ms elapsed.",
- (unsigned)client->elapsed);
-
- client->elapsed = htons(client->elapsed);
-
- make_client6_options(client, &client->sent_options,
- client->active_lease, DHCPV6_CONFIRM);
-
/* Fetch any configured 'sent' options (includes DUID') in wire format.
*/
dhcpv6_universe.encapsulate(&ds, NULL, NULL, client, NULL,
@@ -2179,17 +2117,14 @@ do_release6(void *input)
if ((client->active_lease == NULL) || !active_prefix(client))
return;
- if ((client->MRC != 0) && (client->txcount > client->MRC)) {
- log_info("Max retransmission count exceeded.");
+ switch(check_timing6(client, DHCPV6_RELEASE, "Release",
+ client->active_lease, &ds)) {
+ case CHK_TIM_MRC_EXCEEDED:
+ case CHK_TIM_ALLOC_FAILURE:
+ case CHK_TIM_MRD_EXCEEDED:
goto release_done;
- }
-
- /*
- * Start_time starts at the first transmission.
- */
- if (client->txcount == 0) {
- client->start_time.tv_sec = cur_tv.tv_sec;
- client->start_time.tv_usec = cur_tv.tv_usec;
+ case CHK_TIM_SUCCESS:
+ break;
}
/*
@@ -2197,20 +2132,6 @@ do_release6(void *input)
* available address with enough scope.
*/
- memset(&ds, 0, sizeof(ds));
- if (!buffer_allocate(&ds.buffer, 4, MDL)) {
- log_error("Unable to allocate memory for Release.");
- goto release_done;
- }
-
- ds.data = ds.buffer->data;
- ds.len = 4;
- ds.buffer->data[0] = DHCPV6_RELEASE;
- memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
-
- log_debug("XMT: Forming Release.");
- make_client6_options(client, &client->sent_options,
- client->active_lease, DHCPV6_RELEASE);
dhcpv6_universe.encapsulate(&ds, NULL, NULL, client, NULL,
client->sent_options, &global_scope,
&dhcpv6_universe);
@@ -2322,10 +2243,10 @@ dhc6_get_status_code(struct option_state *options, unsigned *code,
isc_result_t rval = ISC_R_SUCCESS;
if ((options == NULL) || (code == NULL))
- return ISC_R_INVALIDARG;
+ return DHCP_R_INVALIDARG;
if ((msg != NULL) && (msg->len != 0))
- return ISC_R_INVALIDARG;
+ return DHCP_R_INVALIDARG;
memset(&ds, 0, sizeof(ds));
@@ -2338,7 +2259,7 @@ dhc6_get_status_code(struct option_state *options, unsigned *code,
NULL, &global_scope, oc, MDL)) {
if (ds.len < 2) {
log_error("Invalid status code length %d.", ds.len);
- rval = ISC_R_FORMERR;
+ rval = DHCP_R_FORMERR;
} else
*code = getUShort(ds.data);
@@ -2365,7 +2286,7 @@ dhc6_check_status(isc_result_t rval, struct option_state *options,
isc_result_t status;
if ((scope == NULL) || (code == NULL))
- return ISC_R_INVALIDARG;
+ return DHCP_R_INVALIDARG;
/* If we don't find a code, we assume success. */
*code = STATUS_Success;
@@ -2449,7 +2370,7 @@ dhc6_init_action(struct client_state *client, isc_result_t *rvalp,
log_fatal("Impossible condition at %s:%d.", MDL);
if (client == NULL) {
- *rvalp = ISC_R_INVALIDARG;
+ *rvalp = DHCP_R_INVALIDARG;
return ISC_FALSE;
}
@@ -2475,7 +2396,7 @@ dhc6_select_action(struct client_state *client, isc_result_t *rvalp,
log_fatal("Impossible condition at %s:%d.", MDL);
if (client == NULL) {
- *rvalp = ISC_R_INVALIDARG;