forked from marschap/debian-isc-dhcp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
RELNOTES
3362 lines (2360 loc) · 133 KB
/
RELNOTES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Internet Systems Consortium DHCP Distribution
Version 4.2.4
29 May 2012
Release Notes
NEW FEATURES
ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
These include:
Processing the DHCP to DNS server transactions in an asynchronous fashion.
The DHCP server or client can now continue with its processing while
awaiting replies from the DNS server.
There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:
- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
- DHCPv6 includes human-readable text in status code messages, in
English. A method to reconfigure or support other languages would
be preferable.
- The "host-identifier" option is limited to a simple token.
- The client and server can only operate DHCPv4 or DHCPv6 at a time,
not both. To use both protocols simultaneously, two instances of the
relevant daemon are required, one with the '-6' command line option.
For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
README file.
ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.
The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
Changes since 4.2.4rc1
- Rotate the lease file when running in v6 mode.
Thanks to Christoph Moench-Tegeder at Astaro for the
report and the first version of the patch.
[ISC-Bugs #24887]
Changes since 4.2.4b1
- None
Changes since 4.2.3
! Add a check for a null pointer before calling the regexec function.
Without this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
Thanks to a report from BlueCat Networks.
[ISC-Bugs #26704].
CVE: CVE-2011-4539
! Modify the DDNS handling code. In a previous patch we added logging
code to the DDNS handling. This code included a bug that caused it
to attempt to dereference a NULL pointer and eventually segfault.
While reviewing the code as we addressed this problem, we determined
that some of the updates to the lease structures would not work as
planned since the structures being updated were in the process of
being freed: these updates were removed. In addition we removed an
incorrect call to the DDNS removal function that could cause a failure
during the removal of DDNS information from the DNS server.
Thanks to Jasper Jongmans for reporting this issue.
[ISC-Bugs #27078]
CVE: CVE-2011-4868
- Fixed the code that checks if an address the server is planning
to hand out is in a reserved range. This would appear as
the server being out of addresses in pools with particular ranges.
[ISC-Bugs #26498]
- In the DDNS code handle error conditions more gracefully and add more
logging code. The major change is to handle unexpected cancel events
from the DNS client code.
[ISC-Bugs #26287]
- Tidy up the receive calls and eliminate the need for found_pkt.
[ISC-Bugs #25066]
- Add support for Infiniband over sockets to the server and
relay code. We've tested this on Solaris and hope to expand
support for Infiniband in the future. This patch also corrects
some issues we found in the socket code.
[ISC-Bugs #24245]
- Add a compile time check for the presence of the noreturn attribute
and use it for log_fatal if it's available. This will help code
checking programs to eliminate false positives.
[ISC-Bugs #27539]
- Fixed many compilation problems ("set, but not used" warnings) for
gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588]
- Modify the code that determines if an outstanding DDNS request
should be cancelled. This patch results in cancelling the
outstanding request less often. It fixes the problem caused
by a client doing a release where the TXT and PTR records
weren't removed from the DNS.
[ISC-BUGS #27858]
- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet
and dhcpv6_packet in several more places. Thanks to a report from
Bruno Verstuyft and Vincent Demaertelaere of Excentis.
[ISC-Bugs #27941]
- Remove outdated note in the description of the bootp keyword about the
option not satisfying the requirement of failover peers for denying
dynamic bootp clients.
[ISC-bugs #28574]
- Multiple items to clean up IPv6 address processing.
When processing an IA that we've seen check to see if the
addresses are usable (not in use by somebody else) before
handing it out.
When reading in leases from the file discard expired addresses.
When picking an address for a client include the IA ID in
addition to the client ID to generally pick different addresses
for different IAs.
[ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586]
[ISC-Bugs #27684]
- Remove unnecessary checks in the lease query code and clean up
several compiler issues (some dereferences of NULL and treating
an int as a boolean).
[ISC-Bugs #26203]
- Fix the NA and PD allocation code to handle the case where a client
provides a preference and the server doesn't have any addresses or
prefixes available. Previoulsy the server ignored the request with
this patch it replies with a NoAddrsAvail or NoPrefixAvail response.
By default the code performs according to the errata of August 2010
for RFC 3315 section 17.2.2; to enable the previous style see the
section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option
may be removed in the future.
Thanks to Jiri Popelka at Red Hat for the patch.
[ISC-Bugs #22676]
- Fix up some issues found by static analysis.
A potential memory leak and NULL dereference in omapi.
The use of a boolean test instead of a bitwise test in dst.
[ISC-Bugs #28941]
Changes since 4.2.2
- Fix the code that checks for an existing DDNS transaction to cancel
when removing DDNS information, so that we will continue with the
processing if we have a lease even if it doesn't have an outstanding
transaction. [ISC-Bugs #24682]
- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
configuration files. [ISC-Bugs #24107]
- Add support for passing DDNS information to a DNS server over
an IPv6 address. [ISC-Bugs #22647]
- Enhanced patch for 23595 to handle IPv4 fixed addresses more
cleanly. [ISC-Bugs #23595]
Changes since 4.2.2rc1
! Two packets were found that cause a server to halt. The code
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
Changes since 4.2.2b1
- Strict checks for content of domain-name DHCPv4 option can now be
configured during compilation time. Even though RFC2132 does not allow
to store more than one domain in domain-name option, such behavior is
now enabled by default, but this may change some time in the future.
See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
[ISC-Bugs #24167]
- DNS Update fix. A misconfigured server could crash during DNS update
processing if the configuration included overlapping pools or
multiple fixed-address entries for a single address. This issue
affected both IPv4 and IPv6. The fix allows a server to detect such
conditions, provides the user with extra information and recommended
steps to fix the problem. If the user enables the appropriate option
in site.h then server will be terminated
[ISC-Bugs #23595]
Changes since 4.2.1
! In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS.
[ISC-Bugs #23722]
CVE: CVE-2011-0997
- DHCPv6 server now responds properly if client asks for a prefix that
is already assigned to a different client. [ISC-Bugs #23948]
- Add the option "--no-pid" to the client, relay and server code,
to disable writing a pid file. Add the option "-pf pidfile"
to the relay to allow the user to supply the pidfile name at
runtime. Add the "with-relay6-pid-file" option to configure
to allow the user to supply the pidfile name for the relay
in v6 mode at configure time.
[ISC-Bugs #23351] [ISC-Bugs #17541]
- 'dhclient' no longer waits a random interval after first starting up to
begin in the INIT state. This conforms to RFC 2131, but elects not to
implement a 'SHOULD' direction in section 4.1. [ISC-Bugs #19660]
- Added 'initial-delay' parameter that specifies maximum amount of time
before client goes to the INIT state. The default value is 0. In previous
versions of the code client could wait up to 5 seconds. The old behavior
may be restored by using 'initial-delay 5;' in the client config file.
[ISC-Bugs #19660]
- ICMP ping-check should now sit closer to precisely the number of seconds
configured (or default 1), due to making use of the new microsecond
scale timer internally to dhcpd. This corrects a bug where the server
may immediately timeout an ICMP ping-check if it was made late in the
current second. [ISC-Bugs #19660]
- The DHCP client will schedule renewal and rebinding events in
microseconds if the DHCP server provided a lease-time that would result
in sub-1-second timers. This corrects a bug where a 2-second or lower
lease-time would cause the DHCP client to enter an infinite loop by
scheduling renewal at zero seconds. [ISC-Bugs #19660]
- Client lease records are recorded at most once every 15 seconds. This
keeps the client from filling the lease database disk quickly on very small
lease times. [ISC-Bugs #19660]
- To defend against RFC 2131 non-compliant DHCP servers which fail to
advertise a lease-time (either mangled, or zero in value) the DHCP
client now adds the server to the reject list ACL and returns to INIT
state to hopefully find an RFC 2131 compliant server (or retry in INIT
forever). [ISC-Bugs #19660]
- Parameters configured to evaluate from user defined function calls can
now be correctly written to dhcpd.leases (as on 'on events' or dynamic
host records inserted via OMAPI). [ISC-Bugs #22266]
- If a 'next-server' parameter is configured in a dynamic host record via
OMAPI as a domain name, the syntax written to disk is now correctly parsed
upon restart. [ISC-Bugs #22266]
- The DHCP server now responds to DHCPLEASEQUERY messages from agents using
IP addresses not covered by a subnet in configuration. Whether or not to
respond to such an agent is still governed by the 'allow leasequery;'
configuration parameter, in the case of an agent not covered by a configured
subnet the root configuration area is examined. Server now also returns
vendor-class-id option, if client sent it. [ISC-Bugs #21094]
- Documentation fixes
[ISC-Bugs #17959] add text to AIX section describing how to have it send
responses to the all-ones address.
[ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
[ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS
- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
rather than sockaddr. Packet etherType is now forced to ETH_P_IP.
[ISC-Bugs #18975]
- Minor code cleanups - but note port change for #23196
[ISC-Bugs #23470] - Modify when an ignore return macro is defined to
handle unsed error return warnings for more versions of gcc.
[ISC-Bugs #23196] - Modify the reply handling in the server code to
send to a specified port rather than to the source port for the incoming
message. Sending to the source port was test code that should have
been removed. The previous functionality may be restored by defining
REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't
enable this except for testing purposes.
[ISC-Bugs #22695] - Close a file descriptor in an error path.
[ISC-Bugs #19368] - Tidy up variable types in validate_port.
- Code cleanup
[ISC-Bugs #13151] remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros
- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831]
- Client Script fixes
[ISC-Bugs #23045] Typos in client/scripts/openbsd
[ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
the domain search address is link local.
[ISC-Bugs #1277] In some of the client scripts add code to handle the
case of the default router information being changed without the address
being changed.
- Documentation cleanup
[ISC-Bugs #23326] Updated References document, several man page updates
- Server no longer complains about NULL pointer when configured
server-identifier expression fails to evaluate. [ISC-Bugs #24547]
- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
than the dispatch handler. This fixes an issue where omshell, when
run from the same platform as the server, would appear to fail to
connect. This is a companion to #21839. [ISC-Bugs #23592]
- Enlarge the buffer size used by the Omshell code and some of the
print routines to allow for greater than 60 characters or, when
printing as hex strings, 20 characters. [ISC-Bugs #22743]
- In Solaris 11 switch to using sockets instead of DLPI, thanks
to a patch form Oracle. [ISC-Bugs #24634].
Changes since 4.2.1rc1
- None
Changes since 4.2.1b1
- Removed the restriction on using IPv6 addresses in IPv4 mode. This
allows IPv4 options which contain IPv6 addresses to be specified. For
example the 6rd option can be specified and used like this:
[ISC-Bugs #23039]
option 6rd code 212 = { integer 8, integer 8,
ip6-address, array of ip-address };
option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;
- Handle some DDNS corner cases better. Maintain the DDNS transaction
information when updating a lease and cancel any existing transactions
when removing the ddns information.
[ISC-Bugs #23103]
- Some fixes for LDAP
[ISC-Bugs #21783] - Include lber library when building ldap
[ISC-Bugs #22888] - Enable the ldap code when buidling common
The above fixes are from Jiri Popelka at Red Hat.
- Modify the dlpi code to accept getmsg() returning a positive value.
[ISC-Bugs #22824]
Changes since 4.2.0
- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
was also configured. The nature of this repair also fixes another
error; the host-name supplied by a client is no longer overridden by a
reverse lookup of the lease address. Thanks to a patch from Wilco Baan
Hofman supplied to us by the Debian package maintenance team.
[ISC-Bugs #21691] {Debian Bug#509445}
- The .TH tag for the dhcp-options manpage was typo repaired
thanks to a report from jidanni and the Debian package maintenance
team. [ISC-Bugs #21676] {Debian Bug#563613}
- More documentation changes - primarily to put the options in the dhclient
and dhcpd man pages into the standard form. Thanks in part to a patch
from David Cantrell at Red Hat.
[ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes
- Add code to clear the pointer to an object in an OMAPI handle when the
object is freed due to a dereference. [ISC-Bugs #21306]
- Fixed a bug that leaks host record references onto lease structures,
causing the server to apply configuration intended for one host to any
other innocent clients that come along later. [ISC-Bugs #22018]
- Minor code fixes
[ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
the name to be at the apex of the zone.
[ISC-Bugs #19617] Restrict length of interface name read from command line
in dhcpd - based on a patch from David Cantrell at Red Hat.
[ISC-Bugs #20039] Correct some error messages in dhcpd.c
[ISC-Bugs #20070] Better range check on values when creating a DHCID.
[ISC-Bugs #20198] Avoid writing past the end of the field when adding
overly long file or server names to a packet and add a log message
if the configuration supplied overly long names for these fields.
Thanks to Martin Pala.
[ISC-Bugs #21497] Add a little more randomness to rng seed in client
thanks to a patch from Jeremiah Jinno.
- Correct error handling in DLPI [ISC-Bugs #20378]
- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
checked in configure. [ISC-Bugs #20443]
- Modify how the cmsg header is allocated the v6 send and received routines
to compile on more compilers. [ISC-Bugs #20524]
- When parsing a domain name free the memory for the name after we are
done with it. [ISC-Bugs #20824]
- Add an elapsed time option to the release message and refactor the
code to move most of the common code to a single routine.
[ISC-Bugs #21171].
- Parse date strings more properly - the code now handles semi-colons in
date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat.
[ISC-Bugs #21501, #20598]
- Fixes to lease input and output.
[ISC-Bugs #20418] - Some systems don't support the "%s" argument to
strftime, paste together the same string using mktime instead.
[ISC-Bugs #19596] - When parsing iaid values accept printable
characters.
[ISC-Bugs #21585] - Always print time values in omshell as hex
instead of ascii if the values happen to be printable characters.
- Minor changes for scripts, configure.ac and Makefiles
[ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
example conf file. Thanks to a patch from David Cantrell
at Red Hat.
[ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
[ISC-Bugs #19945] Properly close the quote on some arguments.
[ISC-Bugs #20952] Add 64 bit types to configure.ac
[ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable
- Update the code to parse dhcpv6 lease files to accept a semi-colon at
the end of the max-life and preferred-life clauses. In order to be
backwards compatible with older lease files not finding a semi-colon
is also accepted. [ISC-Bugs #22303].
! Handle a relay forward message with an unspecified address in the
link address field. Previously such a message would cause the
server to crash. Thanks to a report from John Gibbons. [ISC-Bugs #21992]
CERT: VU#102047 CVE: CVE-2010-3611
- ./configure on longer searches for -lcrypto to explicitly link against.
This fixes a bug where 'dhclient' would have shared library dependencies
on '/usr/lib'. [ISC-Bugs #21967]
- Handle pipe failures more gracefully. Some OSes pass a SIGPIPE
signal to a process and will kill the process if the signal isn't
caught. This patch adds code to turn off the SIGPIPE signal via
a setsockopt() call. The signal is already being ignored as part
of the ISC library. [ISC-Bugs #22269]
- Restore printing of values in omshell to the style pre 21585. For
21585 we changed the print routines to always display time values
as a hex list. This had a side effect of printing all data strings
as a hex list. We shall investigate other ways of displaying time
values more usefully. [ISC-Bugs #22626]
! Fix the handling of connection requests on the failover port.
Previously a connection request from a source that wasn't
listed as a failover peer would cause the server to become
non-responsive. Thanks to a report from Brad Bendily, [email protected].
[ISC-Bugs #22679]
CERT: VU#159528 CVE: CVE-2010-3616
- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
Passing it through to the handlers caused the omshell program to fail
to connect to the server. [ISC-Bugs #21839]
- Fix the paranthesis in the code to process configuration statements
beginning with "auth". The previous arrangement caused
"auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854]
- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
Thanks to a report from Jiri Popelka at Red Hat.
[ISC-Bugs #22033], [Red Hat Bug #628258]
- When processing the format flags for a given option consume the
flag indicating an optional value correctly. A symptom of this
bug was an infinite loop when trying to parse the slp-service-scope
option. Thanks to a patch from Marius Tomaschewski.
[ISC-Bugs #22055]
- Disable the use of kqueue in the ISC library. This avoids a problem
between the fork and socket code that caused the dhcpd process to
use all available cpu if the program daemonized itself.
[ISC-Bugs #21911]
! When processing a request in the DHCPv6 server code that specifies
an address that is tagged as abandoned (meaning we received a
decline request for it previously) don't attempt to move it from
the inactive to active pool as doing so can result in the server
crashing on an assert failure. Also retag the lease as active
and reset its timeout value.
[ISC-Bugs #21921]
- Relay no longer crashes, when DHCP packet is received over interface without
any IPv4 address assigned. [ISC-Bugs #22409]
Changes since 4.2.0rc1
- Documentation cleanup covering multiple tickets
[ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup
[ISC-Bugs #20263] add text describing some default values
[ISC-Bugs #20193] single quotes at the start of a line indicate a control
line to nroff, escape them if we actually want a quote.
[ISC-Bugs #18916] sync the pointer to web pages amongst the different docs
Changes since 4.2.0b2
- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472]
Changes since 4.2.0b1
- Prohibit including lease time information in a response to a DHCP INFORM.
[ISC-Bugs #21092]
! Accept a client id of length 0 while hashing. Previously the server would
exit if it attempted to hash a zero length client id, providing attackers
with a simple denial of service attack. [ISC-Bugs #21253]
CERT: VU#541921 - CVE: CVE-2010-2156
- A memory leak in ddns processing was closed. [ISC-Bugs #21377]
- Modify the exception handling for initial context creation. Previously
we would try and clean up before exiting. This could present problems
when the cleanup required part of the context that wasn't available. It
also didn't do much as we exited afterwards anyway. Now we simply log
the error and exit. [ISC-Bugs #21093]
- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
previously allocated (active) lease to a client that has changed subnets,
despite being on different shared networks. Dynamic prefixes specifically
allocated in shared networks also now are not offered if the client has
moved. [ISC-Bugs #21152]
- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916]
- Fix the trace code to handle timing events better and to truncate a file
before using instead of overwriting it. [ISC-Bugs #20969]
- Modify the determination of the default TTL to use for DDNS updates.
The user may still configure the ttl via ddns-ttl. The default for
both v4 and v6 is now 1/2 the (preferred) lease time with a limit. The
previous defaults (1/2 lease time without a limit for v4 and a default
value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h
[ISC-Bugs #21126]
- libisc/libdns is now brought up to version 9.7.1rc1. This corrects
three reported flaws in ISC DHCP;
o DHCP processes (dhcpd, dhclient) fail to start if one of either the
IPv4 or IPv6 address families is not present. [ISC-Bugs #21122]
o Assertion failure when attempting to cancel a previously running DDNS
update. [ISC-Bugs #21133]
o Compilation failure of libisc/libdns due to the use of a flexible
array member. [ISC-Bugs #21316]
Changes since 4.2.0a2
- Update the fsync code to work with the changes to the DDNS code. It now
uses a timer instead of noticing if there are no more packets to process.
- When constructing the DNS name structure from a text string append
the root to relative names. This satisfies a requirement in the DNS
library that names be absolute instead of relative and prevents DHCP
from crashing. [ISC-Bugs #21054]
- "The LDAP Patch" that has been circulating for some time, written by
Brian Masney and S.Kalyanasundraram and maintained for application to
the DHCP-4 sources by David Cantrell has been included. Please be
advised that these sources were contributed, and do not yet meet the
high standards we place on production sources we include by default.
As a result, the LDAP features are only included by using a compile-time
option which defaults off, and if you enable it you do so under your
own recognizance. We will be improving this software over time.
[ISC-Bugs #17741]
Changes since 4.2.0a1
- When using 'ignore client-updates;', the FQDN returned to the client
is no longer truncated to one octet.
- Cleaned up an unused hardware address variable in nak_lease().
- Manpage entries for the ia-pd and ia-prefix options were updated to
reflect support for prefix delegation.
- Cleaned up some compiler warnings
- An optimization described in the failover protocol draft is now included,
which permits a DHCP server operating in communications-interrupted state
to 'rewind' a lease to the state most recently transmitted to its peer,
greatly increasing a server's endurance in communications-interrupted.
This is supported using a new 'rewind state' record on the dhcpd.leases
entry for each lease.
- Fix the trace code which was broken by the changes to the DDNS code.
Changes since 4.1.0 (new features)
- Failover port configuration can now be left to defaults (port 647) as
described in the -12 revision of the Failover draft (and assigned by
IANA). Thanks in part to a patch from David Cantrell at Red Hat.
- If configured, dhclient may now transmit to an anycast MAC address,
rather than using a broadcast address. Thanks to a patch from David
Cantrell at Red Hat.
- Added client support for setting interface MTU and metric, thanks to
Roy "UberLord" Marples <[email protected]>.
- Added client -D option to specify DUID type to send.
- A new failover configuration parameter has been introduced for those
environments where DHCP servers can be reasonably guaranteed to be
"down" when the failover TCP socket is severed, "auto-partner-down".
This parameter is not generally safe, and by default is disabled, so
please carefully review the documentation of this parameter in the
dhcpd.conf(5) manpage before determining to use it yourself.
- Added a configuration function, 'gethostname()', which calls the system
function of the same name and presents the results as a data expression.
This function can be used to incorporate the system level hostname of
the system the DHCP software is operating on in responses or queries (such
as including a failover partner's hostname in a dhcp message or binding
scope, or having a DHCP client send any system hostname in the host-name or
FQDN options by default).
- The dhcp-renewal-time and dhcp-rebinding-time options may now be configured
for DHCPv4 operation and used independently of the dhcp-lease-time
calculations. Invalid renew and rebinding times (e.g., greater than the
determined lease time) are omitted.
- Processing the DHCP to DNS server transactions in an asyncrhonous fashion.
The DHCP server or client can now continue with its processing while
awaiting replies from the DNS server.
- The 'hardware [ethernet|etc] ...;' parameter in host records has been
extended to attempt to match DHCPv6 clients by the last octets of a
DUID-LL or DUID-LLT provided by the client.
Changes since 4.1.0 (bug fixes)
- Remove infinite loop in token_print_indent_concat().
- Validate the argument to the -p option.
- The notorious 'option <unknown> ... larger than buffer' log line,
which is seen in some malformed DHCP client packets, was modified.
It now logs the universe name, and does not log the length values
(which are bogus corruption read from the packet anyway). It also
carries a hopefully more useful explanation.
- Suppress spurious warnings from configure about --datarootdir
- A bug was fixed that caused the server not to answer some valid Solicit
and Request packets, if the dynamic range covering any requested addresses
had been deleted from configuration.
- Update the code to deal with GCC 4.3. This included two sets of changes.
The first is to the configuration files to include the use of
AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that
were being ignored.
- The db-time-format option was documented in manpages.
- Using reserved leases no longer results in 'lease with binding state
free not on its queue' error messages, thanks to a patch from Frode
Nordahl.
- Fix a build error in dhcrelay, using older versions of gcc with
dhcpv6 disabled.
- Two uninitialized stack structures are now memset to zero, thanks to a
patch from David Cantrell at Red Hat.
- Fixed a cosmetic bug where pretty-printing valid domain-search options would
result in an erroneous error log message ('garbage in format string').
- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server
to stop receiving packets is fixed. The same fix also means that the MAC
address will no longer appear 'bogus' on DLPI-based systems.
- A bug in select handling was discovered where the results of one select()
call were discarded, causing the server to process the next select() call
and use more system calls than required. This has been repaired - the
sockets will be handled after the first return from select(), resulting in
fewer system calls.
- The update-conflict-detection feature would leave an FQDN updated without
a DHCID (still currently implemented as a TXT RR). This would cause later
expiration or release events to fail to remove the domain name. The feature
now also inserts the client's up to date DHCID record, so records may safely
be removed at expiration or release time. Thanks to a patch submitted by
Christof Chen.
- Memory leak in the load_balance_mine() function is fixed. This would
leak ~20-30 octets per DHCPDISCOVER packet while failover was in use
and in normal state.
- Various compilation fixes have been included for the memory related
DEBUG #defines in includes/site.h.
- Fixed Linux client script 'unary operator expected' errors with DHCPv6.
- Fixed setting hostname in Linux hosts that require hostname argument
to be double-quoted. Also allow server-provided hostname to
override hostnames 'localhost' and '(none)'.
- Fixed failover reconnection retry code to continue to retry to reconnect
rather than restarting the listener.
- Compilation on Solaris with USE_SOCKETS defined in includes/site.h has
been repaired. Other USE_ overrides should work better.
- A check for the local flavor of IFNAMSIZ had a broken 'else' condition,
that probably still resulted in the correct behaviour (but wouldn't use
a larger defined value provided by the host OS).
- Fixed a bug where an OMAPI socket disconnection message would not result
in scheduling a failover reconnection, if the link had not negotiated a
failover connect yet (e.g.: connection refused, asynch socket connect()
timeouts).
- A bug was fixed that caused the 'conflict-done' state to fail to be parsed
in failover state records.
! A stack overflow vulnerability was fixed in dhclient that could allow
remote attackers to execute arbitrary commands as root on the system,
or simply terminate the client, by providing an over-long subnet-mask
option. CERT VU#410676 - CVE-2009-0692
- Fixed a bug where relay agent options would never be returned when
processing a DHCPINFORM.
- Versions 3.0.x syntax with multiple name->code option definitions is now
supported. Note that, similarly to 3.0.x, for by-code lookups only the
last option definition is used.
- Fixed a bug where a time difference of greater than 60 seconds between a
failover pair could cause the primary to crash on contact with the
secondary. Thanks to a patch from Steinar Haug.
- Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode.
Thanks to patches from Matthew Newton and David Cantrell.
- Secondary servers in a failover pair will now perform ddns removals if
they had performed ddns updates on a lease that is expiring, or was
released through the primary. As part of the same fix, stale binding scopes
will now be removed if a change in identity of a lease's active client is
detected, rather than simply if a lease is noticed to have expired (which it
may have expired without a failover server noticing in some situations).
- A patch supplied by David Cantrell at RedHat was applied that detects
invalid calling parameters given to the ns_name_ntop() function.
Specifically, it detects if the caller passed a pointer and size pair
that causes the pointer to integer-wrap past zero.
! Fixed a fenceposting bug when a client had two host records configured,
one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892
- Fixed the check in the dhcp_interface_signal_handler routine to verify
the existence of the linked signal handler before calling it.
- Both host and subnet6 configuration groups are now included whether a
fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes
precedence. This fixes two bugs, one where host scoped configuration
would not be included from a non-fixed-address6 host record, and the equal
and opposite bug where subnet6 scoped configuration would not be used when
over-riding values were not present in a matching fixed-address6 host
configuration.
- ./configure now checks to ensure the intX_t and u_intX_t types are defined,
correcting a compilation failure when using Sun's compiler.
- Modified the handling of a connection to avoid releasing the omapi io
object for the connection while it is still in use. One symptom from
this error was a segfault when a failover secondary attempted to connect
to the failover primary if their clocks were not synchronized.
- Clean up to allow compilation with gcc 2.95.4 on FreeBSD. Remove an
extra semi-colon from common/dns.c and moved setting a variable to NULL
in server/dhcpv6.c to allow the compiler to decide that the variable
was always properly set.
Changes since 4.1.0b1
- A missing "else" in dhcrelay.c could have caused an interface not to
be recognized.
Changes since 4.1.0a2
- A cosmetic bug in DHCPDECLINE processing was fixed which caused all
successful DHCPDECLINEs to be logged as "not found" rather than
"abandoned".
- Added configuration file examples for DHCPv6.
- Some failover debugging #defines have been better defined and some
high frequency messages moved to a deeper debugging symbol.
- The CLTT parameter in failover is now only updated by client activity,
and not by failover binding updates (taking on the peer's CLTT).
- Failover BNDUPD messages are now discarded if they conflict with an
update that has been transmitted, but not acknowledged.
- A bug cleaning up unknown-xxx temporary option definitions was fixed.
- Delayed-ack is now a compile-time option, compiled out by default.
This feature is simply too experimental for right now, and causes
some problems to some failover installations. We will revisit this
in future releases.
- The !inet_pton() call in res_mkupdrec was adjusted to '<= 0' as
inet_pton returns either 1, 0, or -1.
- A dhclient-script for MacOS X has been included, which enables
'dhclient -6' support.
- DDNS removal routines were updated so that the DHCID is not removed until
the client has been deprived of all A and AAAA records (not only the last
one of either of those). This resolves a bug where dual stack clients
would not be able to regain their names after either expiration event.
Changes since 4.1.0a1
- Corrected list of failover state values in dhcpd man page.
- Fixed a bug that caused some request types to be logged incorrectly.
- Clients that sent a parameter request list containing the
routers option before the subnet mask option were receiving
only the latter. Fixed.
- The server wasn't always sending the FQDN option when it should.
- A partner-down failover server no longer emits 'peer holds all free leases'
if it is able to newly-allocate one of the peer's leases.
- Fixed a coredump when adding a class via OMAPI.
- Check whether files are zero length before trying to parse them.
- Ari Edelkind's PARANOIA patch has been included and may be compiled in
via two ./configure parameters, --enable-paranoia and
--enable-early-chroot.
- ./configure was extended to cover many optional build features, such
as failover, server tracing, debugging, and the execute() command.
- There is now a default 1/4 of a second scheduled delay between delayed
fsync()'s, it can be configured by the max-ack-delay configuration
parameter.
- A bug was fixed where the length of a hostname was miscalculated, so that
hosts were given odd-looking domain names ("foo.bar.ba.example.com").
- Shared network selection should be done from the innermost relay
valid link-address field, rather than the outermost.
- Prefix pools are attached to shared network scopes.
- Merged IA_XX related structures.
- Add DHCPv6 files in configure.
- A memory leak when using omapi has been fixed.
- DHCPv6 vendor-class options (VSIO) are now only sent when they appear
on the DHCPv6 ORO. This resolves a bug where VSIO options were placed
in IA_NA encapsulated options fields.
- Integrated client with stateless, temporary address and prefix delegation
support.
- A double-dereference in dhclient transmission of DHCPDECLINEs was
repaired.
- Fix handling of format code 'Z'.
- Support "-1" argument in DHCPv6.
- Merge DHCPv6-only "dhcrelay6" into general-purpose "dhcrelay" (use
"-6" option to select DHCPv6 mode).
- Fix handling of -A and -a flags in dhcrelay; it was failing to expand
packet size as needed to add relay agent options.
- A bug in subnet6 parsing where options contained in subnet6 clauses would
not be applied to clients addressed within that network was repaired.
- When configuring a "subnet {}" or "subnet6 {}" without an explicit
shared-network enclosing it, the DHCP software would synthesize a
shared-network to contain the subnet. However, all configuration
parameters within the subnet more intuitively belong "to any client
on that interface", or rather the synthesized shared-network. So,
when a shared-network is synthesized, it is used to contain the
configuration present inside the subnet {} clause. This means that
the configuration will be valid for all clients on that network, not
just those addressed out of the stated subnet. If you intended the
opposite, the workaround is to explicitly configure an empty
shared-network.
- A bug was fixed where Information-Request processing was not sourcing
configured option values.
- A warning was added since the DHCPv6 processing software does not yet
support class statements.
- Compliation warnings on GCC 4.3 relating to bootp source address
selection were repaired.
- The v6 BSD socket method was updated to use a single UDP BSD socket
no matter how many interfaces are involved, differentiating the
interfaces the packets were received on by the interface index supplied
by the OS.
- The relay agent no longer listens to the All DHCP Servers Multicast
address.
- A bug was fixed in data_string_sprintfa() where va_start was only called
once for two invocations of vsprintf() variants.
- ERO (RFC 4994) server support.
- Basic and partial DHCPv6 leasequery support.
- Reliable DHCPv6 release (previous behavior, send release and exit, is
still available with dhclient -6 -1 -r).
Changes since 4.0.0 (new features)
- Added DHCPv6 rapid commit support.
- Added explicit parser support for zero-length DHCP options, such as
rapid-commit, via format code 'Z'.
- It's now possible to update the "ends" field of a lease with OMAPI.
This is useful if you want not only to release a lease, but also make
it available for reuse right away. Hat tip to Christof Chen.
- Fixed definition of the iaaddr hash functions to use the correct
functions when referencing and dereferencing memory.
- Some definitions not in phase with the IANA registry were updated.
- Allocated interface IDs are better controlled ('u' bit set to zero,
reserved IDs avoided).
- Unicast options are taken into account only for RENEWs.
- NoAddrsAvail answers to SOLICITs are always ADVERTISEs even when a SOLICIT
carries a rapid-commit option.
- Return in place of raise an impossible condition when one tries to release
an empty active lease.
- Timer granularity is now 1/100s in the DHCPv6 client.
- The dhclient-script was updated to create a host route for the default
gateway if the supplied subnet mask for an IPv4 address was a /32. This
allows the client to work in 'captive' network environments, where the
operator does not want clients to crosstalk directly.
- MINUS tokens should be parseable again.
- Multiple (up to "delayed-ack x;" maximum) DHCPv4 packets are now queued and
released in bursts after single fsync() events when the upper limit is
reached or if the receiving sockets go dry. The practical upshot is
that fsync-coupled server performance is now multiplicitively increased.
The default delayed ack limit is 28. Thanks entirely to a patch from
Christof Chen.
Changes since 4.0.0 (bug fixes)
- DHCP now builds on AIX.
- Exit with warning when DHCPv6-specific statements are used in the
config file but -6 is not specified.
- Fixed "--version" flag in dhcrelay
- The 'min-secs' configuration parameter's log message has been updated to
be more helpful.
- The warning logged when an address range doesn't fit in the subnets
they were declared has been updated to be more helpful and identify the
typo in configuration that created the spanning addresses.
- A bug in failover pool rebalancing that caused POOLREQ message ping-pongs
was repaired.
- A flaw in failover pool rebalancing that could cause POOLREQ messages to
be sent outside of the min-balance/max-balance scheduled intervals has
been repaired.
- A cosmetic bug during potential-conflict recovery that caused the peer's
'conflict-done' state message to be logged as 'unknown-state' has been
repaired. It is now logged correctly.
- A bug was fixed where the 'giaddr' may be used to find the client's subnet
rather than its own 'ciaddr'.
- A log message was introduced to clarify the situation where a failover
'address' parameter (the server's local address) did not resolve to an
IPv4 address.
- The minimum site code value was set to 224 in 3.1.0 to track RFC3942. This
broke a lot of legacy site local configurations. The new code in place will
track site local space minimum option codes and logs a warning to encourage
updates and exploration of site local code migration problems. Option
codes less than 128 in site local spaces remain inaccessible.