1 Internet Systems Consortium DHCP Distribution 2 Version 4.3.0 3 3 February 2014 4 5 Release Notes 6 7 NEW FEATURES 8 9The major "theme" for ISC DHCP 4.3.x was to update the suport for 10DHCPv6 to include several of the features that have been available 11for DHCPv4. These include: 12 13- Support the use of classes 14 15- Support for on_commit, on_expiry and on_release statements 16 17- Better logging of address assignments 18 19- Support for using DHCPv6 relay options in expressions 20 21This release also adds suppport for the standard DDNS as described in the 22current RFCs as well as enhancing support for dynamically adding and removing 23subclasses via OMAPI. 24 25There are a number of DHCPv6 limitations and features missing in this 26release, which will be addressed in the future: 27 28- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported. 29 30- DHCPv6 includes human-readable text in status code messages, in 31 English. A method to reconfigure or support other languages would 32 be preferable. 33 34- The "host-identifier" option is limited to a simple token. 35 36- The client and server can only operate DHCPv4 or DHCPv6 at a time, 37 not both. To use both protocols simultaneously, two instances of the 38 relevant daemon are required, one with the '-6' command line option. 39 40For information on how to install, configure and run this software, as 41well as how to find documentation and report bugs, please consult the 42README file. 43 44ISC DHCP uses standard GNU configure for installation. Please review the 45output of "./configure --help" to see what options are available. 46 47The system has only been tested on Linux, FreeBSD, and Solaris, and may not 48work on other platforms. Please report any problems and suggested fixes to 49<dhcp-users@isc.org>. 50 51ISC DHCP is open source software maintained by Internet Systems 52Consortium. This product includes cryptographic software written 53by Eric Young (eay@cryptsoft.com). 54 55 Changes since 4.2.0 (new features) 56 57- If a client renews before 'dhcp-cache-threshold' percent of its lease 58 has elapsed (default 25%), the server will reuse the allocated lease 59 (provide a lease within the currently allocated lease-time) rather 60 than extend or renew the lease. This absolves the server of needing 61 to perform an fsync() operation on the lease database before reply, 62 which improves performance. [ISC-Bugs #22228] 63 Updated this patch to support asynchronous DDNS. If the server is 64 attempting to do DDNS on a lease it should be udpated and written to 65 disk even if that wouldn't be necessary due to the thresholding. 66 [ISC-Bugs #26311] 67 68- The 'no available billing' log line now also logs the name of the last 69 matching billing class tried before failing to provide a billing. 70 [ISC-Bugs #21759] 71 72- A problem with missing get_hw_addr function when --enable-use-sockets 73 was used is now solved on GNU/Linux, BSD and GNU/Hurd systems. Note 74 that use-sockets feature was not tested on those systems. Client and 75 server code no longer use MAX_PATH constant that is not defined on 76 GNU/Hurd systems. [ISC-Bugs #25979] 77 78- Add a perl script in the contrib directory, dhcp-lease-list.pl, which 79 can parse v4 lease files and output the lease information in a more 80 human friendly manner. This was written by Christian Hammers with 81 some updates by vom and ISC. This is contributed code and is not 82 supported by ISC; however it may be useful to some users. 83 [ISC-Bugs #20680] 84 85- Add support in v6 for on-commit, on-expire and on-release. 86 [ISC-Bugs #27912] 87 88- Add support for using classes with v6. 89 [ISC-Bugs #26510] 90 91- Update the DDNS code to current standards and allow for sharing 92 of DDNS entries between v4 and v6 clients. The new code is used 93 if the ddns-update-style is set to "standard", the older code is 94 still available if ddns-update-style is set to "interim". The 95 oldest DDNS code "ad-hoc" has been removed. Thanks to Thomas Pegeot 96 who submitted a patch for this issue. This patch is based on 97 that work with some modifications. 98 [ISC-Bugs #21139] 99 100- Add a configuration option to the server to suppress using fsync(). 101 Enabling this option will mean that fsync() is never called. This 102 may provide better performance but there is also a risk that a lease 103 will not be properly written to the disk after it has been issued 104 to a client and before the server stops. Using this option is 105 not recommended. 106 [ISC-Bugs #34810] 107 108- Add some logging statements to indicate when the server is ready 109 to serve. One statement is emitted after the server has finished 110 reading its files and is about to enter the dispatch loop. 111 This is "Server starting service.". 112 The second is emitted when a server determines that both it and 113 its failover peer are in the normal state. 114 This is "failover peer <name>: Both servers normal." 115 [ISC-Bugs #33208] 116 117- Add support for accessing options from v6 relays. The v6relay 118 statement allows the administrator to choose which relay to 119 use when searching for an option, see the dhcp-options man page 120 for a description. The host-identifier option has also been 121 updated to support the use of relay options, see the dhcpd.conf 122 man page for a description. 123 [ISC-Bugs #19598] 124 125- When doing DDNS if there isn't an appropriate zone statement attempt 126 to find a reasonable nameserver via a DNS resolver. This restores 127 some functionality that was lost in the transition to asynchronous 128 DDNS. Due to the lack of security and increase in fragility of the 129 system when using this feature we strongly recommend the use of 130 appropriate zone statements rather than using this functionality. 131 [ISC-Bugs #30461] 132 133- Add support for specifying the address from which to send 134 DDNS updates on the DHCP server. There are two new options 135 "ddns-local-address4" and "ddns-local-address6" that each take 136 one instance of their respective address types. 137 [ISC-Bugs #34779] 138 139- Add ignore-client-uids option in the server. This option causes 140 the server to not record a client's uid in its lease. This 141 violates the specification but may also be useful when a client 142 can dual boot using different client ids but the same mac address. 143 Thank you to Brian De Wolf at Cal Poly Pomona for the patch. 144 [ISC-Bugs #32427] 145 [ISC-Bugs #35066] 146 147- Extend the DHCPINFORM processing to honor the subnet selection option 148 and take host declarations into account. 149 Thanks to Christof Chen for testing and submitting the patch. 150 [ISC-Bugs #35015] 151 152- Extend the hardware expression to look into the lease structure 153 for a hardware address if there is no packet. This allows the 154 server to find the hardware address during on-expiry processing. 155 [ISC-Bugs #24584] 156 157- Add definitions for some options that have been specified by the IETF. 158 [ISC-Bugs #29268] 159 [ISC-Bugs #35198] 160 161 Changes since 4.3.0rc1 162 163- None 164 Changes since 4.3.0b1 165 166- Tidy up receive packet processing. 167 Thanks to Brad Plank of GTA for reporting the issue and suggesting 168 a possible patch. 169 [ISC-Bugs #34447] 170 171 Changes since 4.3.0a1 172 173- Modify the message displayed when a process hits a fatal error. 174 The new message is much shorter and simply points to the README 175 and our website for directions on bug submissions. 176 [ISC-Bugs #24789] 177 178- Handle an absent resolv.conf file better. 179 [ISC-Bugs #35194] 180 181 Changes since 4.2.5 182 183- Address static analysis warnings. 184 [ISC-Bugs #33510] [ISC-Bugs #33511] 185 186- Silence benign static analysis warnings. 187 [ISC-Bugs #33428] 188 189- Add check for 64-bit package for atf. 190 [ISC-Bugs #32206] 191 192- Use newer auto* tool packages and turn on RFC_3542 support on Mac OS. 193 [ISC-Bugs #26303] 194 195- Remove a variable when it isn't being used due to #ifdefs to avoid 196 a compiler warning on Solaris using GCC. 197 [ISC-Bugs #33032] 198 199- Add a check for too much whitespace in a config or lease file. 200 Thanks to Paolo Pellegrino for finding the issue and a suggestion 201 for the patch. 202 [ISC-Bugs #33351] 203 204- Fix several problems with using OMAPI to manipulate class and subclass 205 objects. 206 [ISC-Bugs #27452] 207 208- Added a sleep call after killing the old client to allow time 209 for the sockets to be cleaned. This should allow the -r option 210 to work more consistently. 211 [ISC-Bugs #18175] 212 213- Missing files for ISC DHCP Developer's Guide are now included in 214 the release tarballs. To generate this documentation, please use 215 make devel command in doc directory. [ISC-Bugs #32767] 216 217- Update client script for use with openwrt. 218 [ISC-Bugs #29843] 219 220- Fix the socket handling for DHCPv6 clients to allow multiple instances 221 of a client on a single machine to work properly. Previously only 222 one client would receive the packets. Thanks to Jiri Popelka at Red Hat 223 for the bug report and a potential patch. 224 [ISC-Bugs #34784] 225 226- Added support for gentle shutdown after signal is received. 227 [ISC-Bugs #32692] [ISC-Bugs 34945] 228 229- Enhance the DHCPv6 server logging to include the addresses that are assigned 230 to the clients. 231 [ISC-Bugs #26377] 232 233- Fix an operation in the DDNS code to be a bitwise instead of logical or. 234 [ISC-Bugs #35138] 235 236 Changes since 4.2.4 237 238- Correct code to calculate timing values in client to compare 239 rebind value to infinity instead of renew value. 240 Thanks to Chenda Huang from H3C Technologies Co., Limited 241 for reporting this issue. 242 [ISC-Bugs #29062] 243 244- Fix some issues in the code for parsing and printing options. 245 [ISC-Bugs #22625] - properly print options that have several fields 246 followed by an array of something for example "fIa" 247 [ISC-Bugs #27289] - properly parse options in declarations that have 248 several fields followed by an array of something for example "fIa" 249 [ISC-Bugs #27296] - properly determine if we parsed a 16 or 32 bit 250 value in evaluate_numeric_expression (extract-int). 251 [ISC-Bugs #27314] - properly parse a zero length option from 252 a lease file. Thanks to Marius Tomaschewski from SUSE for the report 253 and prototype patch for this ticket as well as ticket 27289. 254 255! Previously the server code was relaxed to allow packets with zero 256 length client ids to be processed. Under some situations use of 257 zero length client ids can cause the server to go into an infinite 258 loop. As such ids are not valid according to RFC 2132 section 9.14 259 the server no longer accepts them. Client ids with a length of 1 260 are also invalid but the server still accepts them in order to 261 minimize disruption. The restriction will likely be tightened in 262 the future to disallow ids with a length of 1. 263 Thanks to Markus Hietava of Codenomicon CROSS project for the 264 finding this issue and CERT-FI for vulnerability coordination. 265 [ISC-Bugs #29851] 266 CVE: CVE-2012-3571 267 268! When attempting to convert a DUID from a client id option 269 into a hardware address handle unexpected client ids properly. 270 Thanks to Markus Hietava of Codenomicon CROSS project for the 271 finding this issue and CERT-FI for vulnerability coordination. 272 [ISC-Bugs #29852] 273 CVE: CVE-2012-3570 274 275! A pair of memory leaks were found and fixed. Thanks to 276 Glen Eustace of Massey University, New Zealand for finding 277 this issue. 278 [ISC-Bugs #30024] 279 CVE: CVE-2012-3954 280 281- Existing legacy unit-tests have been migrated to Automated Test 282 Framework (ATF). Several new tests have been developed. To enable 283 unit-tests, please use --with-atf in configure script. A Developer's 284 Guide has been added. To generate it, please use make devel in 285 the doc directory. It is currently in early stages of development, 286 but is expected to grow in the near future. [ISC-Bugs 25901] 287 288! An issue with the use of lease times was found and fixed. Making 289 certain changes to the end time of an IPv6 lease could cause the 290 server to abort. Thanks to Glen Eustace of Massey University, 291 New Zealand for finding this issue. 292 [ISC-Bugs #30281] 293 CVE: CVE-2012-3955 294 295- Update the memory leakage debug code to work with v6. 296 [ISC-Bugs #30297] 297 298- Relax the requirements for deleting an A or AAAA record. 299 Previously the DDNS removal code required both the A or AAAA 300 record and the TXT record to exist. This requirement could 301 cause problems if something interrupted the removal leaving 302 the TXT record alone. This relaxation was codified in RFC 4703. 303 [ISC-Bugs #30734] 304 305- Modify the failover code to handle incorrect peer names 306 better. Previously the structure holding the name might 307 have been freed inappropriately in some cases and not 308 freed in other cases. 309 [ISC-Bugs #30320] 310 311- Add a configure option, enable-secs-byteorder, to deal with 312 clients that do the byte ordering on the secs field incorrectly. 313 This field should be in network byte order but some clients 314 get it wrong. When this option is enabled the server will examine 315 the secs field and if it looks wrong (high byte non zero and low 316 byte zero) swap the bytes. The default is disabled. This option 317 is only useful when doing load balancing within failover. 318 [ISC-Bugs #26108] 319 320- Fix a set of issues that were discovered via a code inspection 321 tool. Thanks to Jiri Popelka and Tomas Hozza Red Hat for the logs 322 and patches. 323 [ISC-Bugs #23833] 324 325- Parsing unquoted base64 strings improved. Parser now properly handles 326 strings that contain reserved names. [ISC-Bugs #23048] 327 328- Modify the nak_lease function to make some attempts to find a 329 server-identifier option to use for the NAK. 330 [ISC-Bugs #25689] 331 332- The client now passes information about the options it requested 333 from the server to the script code via environment variables. 334 These variables are of the form requested_<option_name>=1 with 335 the option name being the same as used in the new_* and old_* 336 variables. 337 [ISC-Bugs #29068] 338 339- Add support for a simple check that the server id in a request message 340 to a failover peer matches the server id of the server. This support 341 is enabled by editing the file includes/site.h and uncommenting the 342 definition for SERVER_ID_CHECK. The option has several restrictions 343 and issues - please read the comment in the site.h file before 344 enabling it. 345 [ISC-Bugs #31463] 346 347- Tidy up some compiler issues in the debug code. 348 [ISC-Bugs #26460] 349 350- Move the dhcpd.conf exmample file to dhcpd.conf.example to avoid 351 overwriting the dhcpd.conf file when installing a new version of 352 ISC DHCP. The user will now need to manual copy and edit the 353 dhcpd.conf file as desired. 354 [ISC-Bugs #19337] 355 356- Check the status value when trying to read from a connection to 357 see if it may have been closed. If it appears closed don't try 358 to read from it again. This avoids a potential busy-wait like 359 loop when the peer names are mismatched. 360 [ISC-Bugs #31231] 361 362- Remove an unused variable to keep compilers happy. 363 [ISC-Bugs #31983] 364 365- Modify test makefiles to be more similar to standard makefiles 366 and comment out a currently unused test. 367 [ISC-Bugs #32089] 368 369 Changes since 4.2.3 370 371! Add a check for a null pointer before calling the regexec function. 372 Without this check we could, under some circumstances, pass 373 a null pointer to the regexec function causing it to segfault. 374 Thanks to a report from BlueCat Networks. 375 [ISC-Bugs #26704]. 376 CVE: CVE-2011-4539 377 378! Modify the DDNS handling code. In a previous patch we added logging 379 code to the DDNS handling. This code included a bug that caused it 380 to attempt to dereference a NULL pointer and eventually segfault. 381 While reviewing the code as we addressed this problem, we determined 382 that some of the updates to the lease structures would not work as 383 planned since the structures being updated were in the process of 384 being freed: these updates were removed. In addition we removed an 385 incorrect call to the DDNS removal function that could cause a failure 386 during the removal of DDNS information from the DNS server. 387 Thanks to Jasper Jongmans for reporting this issue. 388 [ISC-Bugs #27078] 389 CVE: CVE-2011-4868 390 391- Fixed the code that checks if an address the server is planning 392 to hand out is in a reserved range. This would appear as 393 the server being out of addresses in pools with particular ranges. 394 [ISC-Bugs #26498] 395 396- In the DDNS code handle error conditions more gracefully and add more 397 logging code. The major change is to handle unexpected cancel events 398 from the DNS client code. 399 [ISC-Bugs #26287] 400 401- Tidy up the receive calls and eliminate the need for found_pkt. 402 [ISC-Bugs #25066] 403 404- Add support for Infiniband over sockets to the server and 405 relay code. We've tested this on Solaris and hope to expand 406 support for Infiniband in the future. This patch also corrects 407 some issues we found in the socket code. 408 [ISC-Bugs #24245] 409 410- Add a compile time check for the presence of the noreturn attribute 411 and use it for log_fatal if it's available. This will help code 412 checking programs to eliminate false positives. 413 [ISC-Bugs #27539] 414 415- Fixed many compilation problems ("set, but not used" warnings) for 416 gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588] 417 418- Modify the code that determines if an outstanding DDNS request 419 should be cancelled. This patch results in cancelling the 420 outstanding request less often. It fixes the problem caused 421 by a client doing a release where the TXT and PTR records 422 weren't removed from the DNS. 423 [ISC-BUGS #27858] 424 425- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet 426 and dhcpv6_packet in several more places. Thanks to a report from 427 Bruno Verstuyft and Vincent Demaertelaere of Excentis. 428 [ISC-Bugs #27941] 429 430- Remove outdated note in the description of the bootp keyword about the 431 option not satisfying the requirement of failover peers for denying 432 dynamic bootp clients. 433 [ISC-bugs #28574] 434 435- Multiple items to clean up IPv6 address processing. 436 When processing an IA that we've seen check to see if the 437 addresses are usable (not in use by somebody else) before 438 handing it out. 439 When reading in leases from the file discard expired addresses. 440 When picking an address for a client include the IA ID in 441 addition to the client ID to generally pick different addresses 442 for different IAs. 443 [ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586] 444 [ISC-Bugs #27684] 445 446- Remove unnecessary checks in the lease query code and clean up 447 several compiler issues (some dereferences of NULL and treating 448 an int as a boolean). 449 [ISC-Bugs #26203] 450 451- Fix the NA and PD allocation code to handle the case where a client 452 provides a preference and the server doesn't have any addresses or 453 prefixes available. Previously the server ignored the request with 454 this patch it replies with a NoAddrsAvail or NoPrefixAvail response. 455 By default the code performs according to the errata of August 2010 456 for RFC 3315 section 17.2.2; to enable the previous style see the 457 section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option 458 may be removed in the future. 459 Thanks to Jiri Popelka at Red Hat for the patch. 460 [ISC-Bugs #22676] 461 462- Fix up some issues found by static analysis. 463 A potential memory leak and NULL dereference in omapi. 464 The use of a boolean test instead of a bitwise test in dst. 465 [ISC-Bugs #28941] 466 467- Rotate the lease file when running in v6 mode. 468 Thanks to Christoph Moench-Tegeder at Astaro for the 469 report and the first version of the patch. 470 [ISC-Bugs #24887] 471 472 Changes since 4.2.2 473 474- Fix the code that checks for an existing DDNS transaction to cancel 475 when removing DDNS information, so that we will continue with the 476 processing if we have a lease even if it doesn't have an outstanding 477 transaction. [ISC-Bugs #24682] 478 479- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding 480 configuration files. [ISC-Bugs #24107] 481 482- Add support for passing DDNS information to a DNS server over 483 an IPv6 address. [ISC-Bugs #22647] 484 485- Enhanced patch for 23595 to handle IPv4 fixed addresses more 486 cleanly. [ISC-Bugs #23595] 487 488 Changes since 4.2.1 489 490! In dhclient check the data for some string options for 491 reasonableness before passing it along to the script that 492 interfaces with the OS. 493 [ISC-Bugs #23722] 494 CVE: CVE-2011-0997 495 496- DHCPv6 server now responds properly if client asks for a prefix that 497 is already assigned to a different client. [ISC-Bugs #23948] 498 499- Add the option "--no-pid" to the client, relay and server code, 500 to disable writing a pid file. Add the option "-pf pidfile" 501 to the relay to allow the user to supply the pidfile name at 502 runtime. Add the "with-relay6-pid-file" option to configure 503 to allow the user to supply the pidfile name for the relay 504 in v6 mode at configure time. 505 [ISC-Bugs #23351] [ISC-Bugs #17541] 506 507- 'dhclient' no longer waits a random interval after first starting up to 508 begin in the INIT state. This conforms to RFC 2131, but elects not to 509 implement a 'SHOULD' direction in section 4.1. The goal of this change 510 is to start up faster. [ISC-Bugs #19660] 511 512- Added 'initial-delay' parameter that specifies maximum amount of time 513 before client goes to the INIT state. The default value is 0. In previous 514 versions of the code client could wait up to 5 seconds. The old behavior 515 may be restored by using 'initial-delay 5;' in the client config file. 516 [ISC-Bugs #19660] 517 518- ICMP ping-check should now sit closer to precisely the number of seconds 519 configured (or default 1), due to making use of the new microsecond 520 scale timer internally to dhcpd. This corrects a bug where the server 521 may immediately timeout an ICMP ping-check if it was made late in the 522 current second. [ISC-Bugs #19660] 523 524- The DHCP client will schedule renewal and rebinding events in 525 microseconds if the DHCP server provided a lease-time that would result 526 in sub-1-second timers. This corrects a bug where a 2-second or lower 527 lease-time would cause the DHCP client to enter an infinite loop by 528 scheduling renewal at zero seconds. [ISC-Bugs #19660] 529 530- Client lease records are recorded at most once every 15 seconds. This 531 keeps the client from filling the lease database disk quickly on very small 532 lease times. [ISC-Bugs #19660] 533 534- To defend against RFC 2131 non-compliant DHCP servers which fail to 535 advertise a lease-time (either mangled, or zero in value) the DHCP 536 client now adds the server to the reject list ACL and returns to INIT 537 state to hopefully find an RFC 2131 compliant server (or retry in INIT 538 forever). [ISC-Bugs #19660] 539 540- Parameters configured to evaluate from user defined function calls can 541 now be correctly written to dhcpd.leases (as on 'on events' or dynamic 542 host records inserted via OMAPI). [ISC-Bugs #22266] 543 544- If a 'next-server' parameter is configured in a dynamic host record via 545 OMAPI as a domain name, the syntax written to disk is now correctly parsed 546 upon restart. [ISC-Bugs #22266] 547 548- The DHCP server now responds to DHCPLEASEQUERY messages from agents using 549 IP addresses not covered by a subnet in configuration. Whether or not to 550 respond to such an agent is still governed by the 'allow leasequery;' 551 configuration parameter, in the case of an agent not covered by a configured 552 subnet the root configuration area is examined. Server now also returns 553 vendor-class-id option, if client sent it. [ISC-Bugs #21094] 554 555- Documentation fixes 556 [ISC-Bugs #17959] add text to AIX section describing how to have it send 557 responses to the all-ones address. 558 [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct 559 [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS 560 561- Relay no longer crashes, when DHCP packet is received over interface without 562 any IPv4 address assigned. Also extended logging message about discarding 563 packets with invalid hlen with information about relevant interface name. 564 [ISC-Bugs #22409] 565 566- Relay now properly logs that packet was received over interface without 567 global IPv6 address [ISC-Bugs #24070] 568 569- Linux Packet Filter interface improvement. sockaddr_pkt structure is used, 570 rather than sockaddr. Packet ethertype is now forced to ETH_P_IP. 571 [ISC-Bugs #18975] 572 573- Minor code cleanups - but note port change for #23196 574 [ISC-Bugs #23470] - Modify when an ignore return macro is defined to 575 handle unsed error return warnings for more versions of gcc. 576 [ISC-Bugs #23196] - Modify the reply handling in the server code to 577 send to a specified port rather than to the source port for the incoming 578 message. Sending to the source port was test code that should have 579 been removed. The previous functionality may be restored by defining 580 REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't 581 enable this except for testing purposes. 582 [ISC-Bugs #22695] - Close a file descriptor in an error path. 583 [ISC-Bugs #19368] - Tidy up variable types in validate_port. 584 585- Code cleanup: remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros 586 [ISC-Bugs #13151] 587 588- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831] 589 590- Client Script fixes 591 [ISC-Bugs #23045] Typos in client/scripts/openbsd 592 [ISC-Bugs #23565] In the client scripts add a zone id (interface id) if 593 the domain search address is link local. 594 [ISC-Bugs #1277] In some of the client scripts add code to handle the 595 case of the default router information being changed without the address 596 being changed. 597 598- Documentation cleanup 599 [ISC-Bugs #23326] Updated References document, several man page updates 600 601- Server no longer complains about NULL pointer when configured 602 server-identifier expression fails to evaluate. [ISC-Bugs #24547] 603 604- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other 605 than the dispatch handler. This fixes an issue where omshell, when 606 run from the same platform as the server, would appear to fail to 607 connect. This is a companion to #21839. [ISC-Bugs #23592] 608 609- Enlarge the buffer size used by the Omshell code and some of the 610 print routines to allow for greater than 60 characters or, when 611 printing as hex strings, 20 characters. [ISC-Bugs #22743] 612 613- In Solaris 11 switch to using sockets instead of DLPI, thanks 614 to a patch form Oracle. [ISC-Bugs #24634]. 615 616- Strict checks for content of domain-name DHCPv4 option can now be 617 configured during compilation time. Even though RFC2132 does not allow 618 to store more than one domain in domain-name option, such behavior is 619 now enabled by default, but this may change some time in the future. 620 See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h. 621 [ISC-Bugs #24167] 622 623- DNS Update fix. A misconfigured server could crash during DNS update 624 processing if the configuration included overlapping pools or 625 multiple fixed-address entries for a single address. This issue 626 affected both IPv4 and IPv6. The fix allows a server to detect such 627 conditions, provides the user with extra information and recommended 628 steps to fix the problem. If the user enables the appropriate option 629 in site.h then server will be terminated 630 [ISC-Bugs #23595] 631 632! Two packets were found that cause a server to halt. The code 633 has been updated to properly process or reject the packets as 634 appropriate. Thanks to David Zych at University of Illinois 635 for reporting this issue. [ISC-Bugs #24960] 636 One CVE number for each class of packet. 637 CVE-2011-2748 638 CVE-2011-2749 639 640 Changes since 4.2.0 641 642- Documentation cleanup covering multiple tickets 643 [ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup 644 [ISC-Bugs #20263] add text describing some default values 645 [ISC-Bugs #20193] single quotes at the start of a line indicate a control 646 line to nroff, escape them if we actually want a quote. 647 [ISC-Bugs #18916] sync the pointer to web pages amongst the different docs 648 649- 'get-host-names true;' now also works even if 'use-host-decl-names true;' 650 was also configured. The nature of this repair also fixes another 651 error; the host-name supplied by a client is no longer overridden by a 652 reverse lookup of the lease address. Thanks to a patch from Wilco Baan 653 Hofman supplied to us by the Debian package maintenance team. 654 [ISC-Bugs #21691] {Debian Bug#509445} 655 656- The .TH tag for the dhcp-options manpage was typo repaired 657 thanks to a report from jidanni and the Debian package maintenance 658 team. [ISC-Bugs #21676] {Debian Bug#563613} 659 660- More documentation changes - primarily to put the options in the dhclient 661 and dhcpd man pages into the standard form. Thanks in part to a patch 662 from David Cantrell at Red Hat. 663 [ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes 664 665- Add code to clear the pointer to an object in an OMAPI handle when the 666 object is freed due to a dereference. [ISC-Bugs #21306] 667 668- Fixed a bug that leaks host record references onto lease structures, 669 causing the server to apply configuration intended for one host to any 670 other innocent clients that come along later. [ISC-Bugs #22018] 671 672- Minor code fixes 673 [ISC-Bugs #19566] When trying to find the zone for a name for ddns allow 674 the name to be at the apex of the zone. 675 [ISC-Bugs #19617] Restrict length of interface name read from command line 676 in dhcpd - based on a patch from David Cantrell at Red Hat. 677 [ISC-Bugs #20039] Correct some error messages in dhcpd.c 678 [ISC-Bugs #20070] Better range check on values when creating a DHCID. 679 [ISC-Bugs #20198] Avoid writing past the end of the field when adding 680 overly long file or server names to a packet and add a log message 681 if the configuration supplied overly long names for these fields. 682 Thanks to Martin Pala. 683 [ISC-Bugs #21497] Add a little more randomness to rng seed in client 684 thanks to a patch from Jeremiah Jinno. 685 686- Correct error handling in DLPI [ISC-Bugs #20378] 687 688- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being 689 checked in configure. [ISC-Bugs #20443] 690 691- Modify how the cmsg header is allocated the v6 send and received routines 692 to compile on more compilers. [ISC-Bugs #20524] 693 694- When parsing a domain name free the memory for the name after we are 695 done with it. [ISC-Bugs #20824] 696 697- Add an elapsed time option to the release message and refactor the 698 code to move most of the common code to a single routine. 699 [ISC-Bugs #21171]. 700 701- Two identical log messages for commit_leases() have been disambiguated. 702 [ISC-Bugs #18915] 703 704- Parse date strings more properly - the code now handles semi-colons in 705 date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat. 706 [ISC-Bugs #21501, #20598] 707 708- Fixes to lease input and output. 709 [ISC-Bugs #20418] - Some systems don't support the "%s" argument to 710 strftime, paste together the same string using mktime instead. 711 [ISC-Bugs #19596] - When parsing iaid values accept printable 712 characters. 713 [ISC-Bugs #21585] - Always print time values in omshell as hex 714 instead of ascii if the values happen to be printable characters. 715 716- Minor changes for scripts, configure.ac and Makefiles 717 [ISC-Bugs #19147] Use domain-search instead of domain-name in manual and 718 example conf file. Thanks to a patch from David Cantrell 719 at Red Hat. 720 [ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6 721 [ISC-Bugs #19945] Properly close the quote on some arguments. 722 [ISC-Bugs #20952] Add 64 bit types to configure.ac 723 [ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable 724 725- Update the code to parse dhcpv6 lease files to accept a semi-colon at 726 the end of the max-life and preferred-life clauses. In order to be 727 backwards compatible with older lease files not finding a semi-colon 728 is also accepted. [ISC-Bugs #22303]. 729 730! Handle a relay forward message with an unspecified address in the 731 link address field. Previously such a message would cause the 732 server to crash. Thanks to a report from John Gibbons. [ISC-Bugs #21992] 733 CERT: VU#102047 CVE: CVE-2010-3611 734 735- ./configure on longer searches for -lcrypto to explicitly link against. 736 This fixes a bug where 'dhclient' would have shared library dependencies 737 on '/usr/lib'. [ISC-Bugs #21967] 738 739- Handle pipe failures more gracefully. Some OSes pass a SIGPIPE 740 signal to a process and will kill the process if the signal isn't 741 caught. This patch adds code to turn off the SIGPIPE signal via 742 a setsockopt() call. The signal is already being ignored as part 743 of the ISC library. [ISC-Bugs #22269] 744 745- Restore printing of values in omshell to the style pre 21585. For 746 21585 we changed the print routines to always display time values 747 as a hex list. This had a side effect of printing all data strings 748 as a hex list. We shall investigate other ways of displaying time 749 values more usefully. [ISC-Bugs #22626] 750 751! Fix the handling of connection requests on the failover port. 752 Previously a connection request from a source that wasn't 753 listed as a failover peer would cause the server to become 754 non-responsive. Thanks to a report from Brad Bendily, brad@bendily.com. 755 [ISC-Bugs #22679] 756 CERT: VU#159528 CVE: CVE-2010-3616 757 758- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers. 759 Passing it through to the handlers caused the omshell program to fail 760 to connect to the server. [ISC-Bugs #21839] 761 762- Fix the paranthesis in the code to process configuration statements 763 beginning with "auth". The previous arrangement caused 764 "auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854] 765 766- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds. 767 Thanks to a report from Jiri Popelka at Red Hat. 768 [ISC-Bugs #22033], [Red Hat Bug #628258] 769 770- When processing the format flags for a given option consume the 771 flag indicating an optional value correctly. A symptom of this 772 bug was an infinite loop when trying to parse the slp-service-scope 773 option. Thanks to a patch from Marius Tomaschewski. 774 [ISC-Bugs #22055] 775 776- Disable the use of kqueue in the ISC library. This avoids a problem 777 between the fork and socket code that caused the dhcpd process to 778 use all available cpu if the program daemonized itself. 779 [ISC-Bugs #21911] 780 781! When processing a request in the DHCPv6 server code that specifies 782 an address that is tagged as abandoned (meaning we received a 783 decline request for it previously) don't attempt to move it from 784 the inactive to active pool as doing so can result in the server 785 crashing on an assert failure. Also retag the lease as active 786 and reset its timeout value. 787 [ISC-Bugs #21921] 788 789- Removed the restriction on using IPv6 addresses in IPv4 mode. This 790 allows IPv4 options which contain IPv6 addresses to be specified. For 791 example the 6rd option can be specified and used like this: 792 [ISC-Bugs #23039] 793 794 option 6rd code 212 = { integer 8, integer 8, 795 ip6-address, array of ip-address }; 796 option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8; 797 798- Handle some DDNS corner cases better. Maintain the DDNS transaction 799 information when updating a lease and cancel any existing transactions 800 when removing the ddns information. 801 [ISC-Bugs #23103] 802 803- Some fixes for LDAP 804 [ISC-Bugs #21783] - Include lber library when building ldap 805 [ISC-Bugs #22888] - Enable the ldap code when buidling common 806 The above fixes are from Jiri Popelka at Red Hat. 807 808- Modify the dlpi code to accept getmsg() returning a positive value. 809 [ISC-Bugs #22824] 810 811 Changes since 4.2.0b2 812 813- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472] 814 815 Changes since 4.2.0b1 816 817- Prohibit including lease time information in a response to a DHCP INFORM. 818 [ISC-Bugs #21092] 819 820! Accept a client id of length 0 while hashing. Previously the server would 821 exit if it attempted to hash a zero length client id, providing attackers 822 with a simple denial of service attack. [ISC-Bugs #21253] 823 CERT: VU#541921 - CVE: CVE-2010-2156 824 825- A memory leak in ddns processing was closed. [ISC-Bugs #21377] 826 827- Modify the exception handling for initial context creation. Previously 828 we would try and clean up before exiting. This could present problems 829 when the cleanup required part of the context that wasn't available. It 830 also didn't do much as we exited afterwards anyway. Now we simply log 831 the error and exit. [ISC-Bugs #21093] 832 833- A bug was fixed that could cause the DHCPv6 server to advertise/assign a 834 previously allocated (active) lease to a client that has changed subnets, 835 despite being on different shared networks. Dynamic prefixes specifically 836 allocated in shared networks also now are not offered if the client has 837 moved. [ISC-Bugs #21152] 838 839- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916] 840 841- Fix the trace code to handle timing events better and to truncate a file 842 before using instead of overwriting it. [ISC-Bugs #20969] 843 844- Modify the determination of the default TTL to use for DDNS updates. 845 The user may still configure the ttl via ddns-ttl. The default for 846 both v4 and v6 is now 1/2 the (preferred) lease time with a limit. The 847 previous defaults (1/2 lease time without a limit for v4 and a default 848 value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h 849 [ISC-Bugs #21126] 850 851- libisc/libdns is now brought up to version 9.7.1rc1. This corrects 852 three reported flaws in ISC DHCP; 853 854 o DHCP processes (dhcpd, dhclient) fail to start if one of either the 855 IPv4 or IPv6 address families is not present. [ISC-Bugs #21122] 856 857 o Assertion failure when attempting to cancel a previously running DDNS 858 update. [ISC-Bugs #21133] 859 860 o Compilation failure of libisc/libdns due to the use of a flexible 861 array member. [ISC-Bugs #21316] 862 863 Changes since 4.2.0a2 864 865- Update the fsync code to work with the changes to the DDNS code. It now 866 uses a timer instead of noticing if there are no more packets to process. 867 868- When constructing the DNS name structure from a text string append 869 the root to relative names. This satisfies a requirement in the DNS 870 library that names be absolute instead of relative and prevents DHCP 871 from crashing. [ISC-Bugs #21054] 872 873- "The LDAP Patch" that has been circulating for some time, written by 874 Brian Masney and S.Kalyanasundraram and maintained for application to 875 the DHCP-4 sources by David Cantrell has been included. Please be 876 advised that these sources were contributed, and do not yet meet the 877 high standards we place on production sources we include by default. 878 As a result, the LDAP features are only included by using a compile-time 879 option which defaults off, and if you enable it you do so under your 880 own recognizance. We will be improving this software over time. 881 [ISC-Bugs #17741] 882 883 Changes since 4.2.0a1 884 885- When using 'ignore client-updates;', the FQDN returned to the client 886 is no longer truncated to one octet. 887 888- Cleaned up an unused hardware address variable in nak_lease(). 889 890- Manpage entries for the ia-pd and ia-prefix options were updated to 891 reflect support for prefix delegation. 892 893- Cleaned up some compiler warnings 894 895- An optimization described in the failover protocol draft is now included, 896 which permits a DHCP server operating in communications-interrupted state 897 to 'rewind' a lease to the state most recently transmitted to its peer, 898 greatly increasing a server's endurance in communications-interrupted. 899 This is supported using a new 'rewind state' record on the dhcpd.leases 900 entry for each lease. 901 902- Fix the trace code which was broken by the changes to the DDNS code. 903 904 Changes since 4.1.0 (new features) 905 906- Failover port configuration can now be left to defaults (port 647) as 907 described in the -12 revision of the Failover draft (and assigned by 908 IANA). Thanks in part to a patch from David Cantrell at Red Hat. 909 910- If configured, dhclient may now transmit to an anycast MAC address, 911 rather than using a broadcast address. Thanks to a patch from David 912 Cantrell at Red Hat. 913 914- Added client support for setting interface MTU and metric, thanks to 915 Roy "UberLord" Marples <roy@marples.name>. 916 917- Added client -D option to specify DUID type to send. 918 919- A new failover configuration parameter has been introduced for those 920 environments where DHCP servers can be reasonably guaranteed to be 921 "down" when the failover TCP socket is severed, "auto-partner-down". 922 This parameter is not generally safe, and by default is disabled, so 923 please carefully review the documentation of this parameter in the 924 dhcpd.conf(5) manpage before determining to use it yourself. 925 926- Added a configuration function, 'gethostname()', which calls the system 927 function of the same name and presents the results as a data expression. 928 This function can be used to incorporate the system level hostname of 929 the system the DHCP software is operating on in responses or queries (such 930 as including a failover partner's hostname in a dhcp message or binding 931 scope, or having a DHCP client send any system hostname in the host-name or 932 FQDN options by default). 933 934- The dhcp-renewal-time and dhcp-rebinding-time options may now be configured 935 for DHCPv4 operation and used independently of the dhcp-lease-time 936 calculations. Invalid renew and rebinding times (e.g., greater than the 937 determined lease time) are omitted. 938 939- Processing the DHCP to DNS server transactions in an asyncrhonous fashion. 940 The DHCP server or client can now continue with its processing while 941 awaiting replies from the DNS server. 942 943- The 'hardware [ethernet|etc] ...;' parameter in host records has been 944 extended to attempt to match DHCPv6 clients by the last octets of a 945 DUID-LL or DUID-LLT provided by the client. 946 947 Changes since 4.1.0 (bug fixes) 948 949- Remove infinite loop in token_print_indent_concat(). 950 951- Validate the argument to the -p option. 952 953- The notorious 'option <unknown> ... larger than buffer' log line, 954 which is seen in some malformed DHCP client packets, was modified. 955 It now logs the universe name, and does not log the length values 956 (which are bogus corruption read from the packet anyway). It also 957 carries a hopefully more useful explanation. 958 959- Suppress spurious warnings from configure about --datarootdir 960 961- A bug was fixed that caused the server not to answer some valid Solicit 962 and Request packets, if the dynamic range covering any requested addresses 963 had been deleted from configuration. 964 965- Update the code to deal with GCC 4.3. This included two sets of changes. 966 The first is to the configuration files to include the use of 967 AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that 968 were being ignored. 969 970- The db-time-format option was documented in manpages. 971 972- Using reserved leases no longer results in 'lease with binding state 973 free not on its queue' error messages, thanks to a patch from Frode 974 Nordahl. 975 976- Fix a build error in dhcrelay, using older versions of gcc with 977 dhcpv6 disabled. 978 979- Two uninitialized stack structures are now memset to zero, thanks to a 980 patch from David Cantrell at Red Hat. 981 982- Fixed a cosmetic bug where pretty-printing valid domain-search options would 983 result in an erroneous error log message ('garbage in format string'). 984 985- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server 986 to stop receiving packets is fixed. The same fix also means that the MAC 987 address will no longer appear 'bogus' on DLPI-based systems. 988 989- A bug in select handling was discovered where the results of one select() 990 call were discarded, causing the server to process the next select() call 991 and use more system calls than required. This has been repaired - the 992 sockets will be handled after the first return from select(), resulting in 993 fewer system calls. 994 995- The update-conflict-detection feature would leave an FQDN updated without 996 a DHCID (still currently implemented as a TXT RR). This would cause later 997 expiration or release events to fail to remove the domain name. The feature 998 now also inserts the client's up to date DHCID record, so records may safely 999 be removed at expiration or release time. Thanks to a patch submitted by 1000 Christof Chen. 1001 1002- Memory leak in the load_balance_mine() function is fixed. This would 1003 leak ~20-30 octets per DHCPDISCOVER packet while failover was in use 1004 and in normal state. 1005 1006- Various compilation fixes have been included for the memory related 1007 DEBUG #defines in includes/site.h. 1008 1009- Fixed Linux client script 'unary operator expected' errors with DHCPv6. 1010 1011- Fixed setting hostname in Linux hosts that require hostname argument 1012 to be double-quoted. Also allow server-provided hostname to 1013 override hostnames 'localhost' and '(none)'. 1014 1015- Fixed failover reconnection retry code to continue to retry to reconnect 1016 rather than restarting the listener. 1017 1018- Compilation on Solaris with USE_SOCKETS defined in includes/site.h has 1019 been repaired. Other USE_ overrides should work better. 1020 1021- A check for the local flavor of IFNAMSIZ had a broken 'else' condition, 1022 that probably still resulted in the correct behaviour (but wouldn't use 1023 a larger defined value provided by the host OS). 1024 1025- Fixed a bug where an OMAPI socket disconnection message would not result 1026 in scheduling a failover reconnection, if the link had not negotiated a 1027 failover connect yet (e.g.: connection refused, asynch socket connect() 1028 timeouts). 1029 1030- A bug was fixed that caused the 'conflict-done' state to fail to be parsed 1031 in failover state records. 1032 1033! A stack overflow vulnerability was fixed in dhclient that could allow 1034 remote attackers to execute arbitrary commands as root on the system, 1035 or simply terminate the client, by providing an over-long subnet-mask 1036 option. CERT VU#410676 - CVE-2009-0692 1037 1038- Fixed a bug where relay agent options would never be returned when 1039 processing a DHCPINFORM. 1040 1041- Versions 3.0.x syntax with multiple name->code option definitions is now 1042 supported. Note that, similarly to 3.0.x, for by-code lookups only the 1043 last option definition is used. 1044 1045- Fixed a bug where a time difference of greater than 60 seconds between a 1046 failover pair could cause the primary to crash on contact with the 1047 secondary. Thanks to a patch from Steinar Haug. 1048 1049- Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode. 1050 Thanks to patches from Matthew Newton and David Cantrell. 1051 1052- Secondary servers in a failover pair will now perform ddns removals if 1053 they had performed ddns updates on a lease that is expiring, or was 1054 released through the primary. As part of the same fix, stale binding scopes 1055 will now be removed if a change in identity of a lease's active client is 1056 detected, rather than simply if a lease is noticed to have expired (which it 1057 may have expired without a failover server noticing in some situations). 1058 1059- A patch supplied by David Cantrell at RedHat was applied that detects 1060 invalid calling parameters given to the ns_name_ntop() function. 1061 Specifically, it detects if the caller passed a pointer and size pair 1062 that causes the pointer to integer-wrap past zero. 1063 1064! Fixed a fenceposting bug when a client had two host records configured, 1065 one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892 1066 1067- Fixed the check in the dhcp_interface_signal_handler routine to verify 1068 the existence of the linked signal handler before calling it. 1069 1070- Both host and subnet6 configuration groups are now included whether a 1071 fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes 1072 precedence. This fixes two bugs, one where host scoped configuration 1073 would not be included from a non-fixed-address6 host record, and the equal 1074 and opposite bug where subnet6 scoped configuration would not be used when 1075 over-riding values were not present in a matching fixed-address6 host 1076 configuration. 1077 1078- ./configure now checks to ensure the intX_t and u_intX_t types are defined, 1079 correcting a compilation failure when using Sun's compiler. 1080 1081- Modified the handling of a connection to avoid releasing the omapi io 1082 object for the connection while it is still in use. One symptom from 1083 this error was a segfault when a failover secondary attempted to connect 1084 to the failover primary if their clocks were not synchronized. 1085 1086- Clean up to allow compilation with gcc 2.95.4 on FreeBSD. Remove an 1087 extra semi-colon from common/dns.c and moved setting a variable to NULL 1088 in server/dhcpv6.c to allow the compiler to decide that the variable 1089 was always properly set. 1090 1091 Changes since 4.1.0b1 1092 1093- A missing "else" in dhcrelay.c could have caused an interface not to 1094 be recognized. 1095 1096 Changes since 4.1.0a2 1097 1098- A cosmetic bug in DHCPDECLINE processing was fixed which caused all 1099 successful DHCPDECLINEs to be logged as "not found" rather than 1100 "abandoned". 1101 1102- Added configuration file examples for DHCPv6. 1103 1104- Some failover debugging #defines have been better defined and some 1105 high frequency messages moved to a deeper debugging symbol. 1106 1107- The CLTT parameter in failover is now only updated by client activity, 1108 and not by failover binding updates (taking on the peer's CLTT). 1109 1110- Failover BNDUPD messages are now discarded if they conflict with an 1111 update that has been transmitted, but not acknowledged. 1112 1113- A bug cleaning up unknown-xxx temporary option definitions was fixed. 1114 1115- Delayed-ack is now a compile-time option, compiled out by default. 1116 This feature is simply too experimental for right now, and causes 1117 some problems to some failover installations. We will revisit this 1118 in future releases. 1119 1120- The !inet_pton() call in res_mkupdrec was adjusted to '<= 0' as 1121 inet_pton returns either 1, 0, or -1. 1122 1123- A dhclient-script for MacOS X has been included, which enables 1124 'dhclient -6' support. 1125 1126- DDNS removal routines were updated so that the DHCID is not removed until 1127 the client has been deprived of all A and AAAA records (not only the last 1128 one of either of those). This resolves a bug where dual stack clients 1129 would not be able to regain their names after either expiration event. 1130 1131 Changes since 4.1.0a1 1132 1133- Corrected list of failover state values in dhcpd man page. 1134 1135- Fixed a bug that caused some request types to be logged incorrectly. 1136 1137- Clients that sent a parameter request list containing the 1138 routers option before the subnet mask option were receiving 1139 only the latter. Fixed. 1140 1141- The server wasn't always sending the FQDN option when it should. 1142 1143- A partner-down failover server no longer emits 'peer holds all free leases' 1144 if it is able to newly-allocate one of the peer's leases. 1145 1146- Fixed a coredump when adding a class via OMAPI. 1147 1148- Check whether files are zero length before trying to parse them. 1149 1150- Ari Edelkind's PARANOIA patch has been included and may be compiled in 1151 via two ./configure parameters, --enable-paranoia and 1152 --enable-early-chroot. 1153 1154- ./configure was extended to cover many optional build features, such 1155 as failover, server tracing, debugging, and the execute() command. 1156 1157- There is now a default 1/4 of a second scheduled delay between delayed 1158 fsync()'s, it can be configured by the max-ack-delay configuration 1159 parameter. 1160 1161- A bug was fixed where the length of a hostname was miscalculated, so that 1162 hosts were given odd-looking domain names ("foo.bar.ba.example.com"). 1163 1164- Shared network selection should be done from the innermost relay 1165 valid link-address field, rather than the outermost. 1166 1167- Prefix pools are attached to shared network scopes. 1168 1169- Merged IA_XX related structures. 1170 1171- Add DHCPv6 files in configure. 1172 1173- A memory leak when using omapi has been fixed. 1174 1175- DHCPv6 vendor-class options (VSIO) are now only sent when they appear 1176 on the DHCPv6 ORO. This resolves a bug where VSIO options were placed 1177 in IA_NA encapsulated options fields. 1178 1179- Integrated client with stateless, temporary address and prefix delegation 1180 support. 1181 1182- A double-dereference in dhclient transmission of DHCPDECLINEs was 1183 repaired. 1184 1185- Fix handling of format code 'Z'. 1186 1187- Support "-1" argument in DHCPv6. 1188 1189- Merge DHCPv6-only "dhcrelay6" into general-purpose "dhcrelay" (use 1190 "-6" option to select DHCPv6 mode). 1191 1192- Fix handling of -A and -a flags in dhcrelay; it was failing to expand 1193 packet size as needed to add relay agent options. 1194 1195- A bug in subnet6 parsing where options contained in subnet6 clauses would 1196 not be applied to clients addressed within that network was repaired. 1197 1198- When configuring a "subnet {}" or "subnet6 {}" without an explicit 1199 shared-network enclosing it, the DHCP software would synthesize a 1200 shared-network to contain the subnet. However, all configuration 1201 parameters within the subnet more intuitively belong "to any client 1202 on that interface", or rather the synthesized shared-network. So, 1203 when a shared-network is synthesized, it is used to contain the 1204 configuration present inside the subnet {} clause. This means that 1205 the configuration will be valid for all clients on that network, not 1206 just those addressed out of the stated subnet. If you intended the 1207 opposite, the workaround is to explicitly configure an empty 1208 shared-network. 1209 1210- A bug was fixed where Information-Request processing was not sourcing 1211 configured option values. 1212 1213- A warning was added since the DHCPv6 processing software does not yet 1214 support class statements. 1215 1216- Compliation warnings on GCC 4.3 relating to bootp source address 1217 selection were repaired. 1218 1219- The v6 BSD socket method was updated to use a single UDP BSD socket 1220 no matter how many interfaces are involved, differentiating the 1221 interfaces the packets were received on by the interface index supplied 1222 by the OS. 1223 1224- The relay agent no longer listens to the All DHCP Servers Multicast 1225 address. 1226 1227- A bug was fixed in data_string_sprintfa() where va_start was only called 1228 once for two invocations of vsprintf() variants. 1229 1230- ERO (RFC 4994) server support. 1231 1232- Basic and partial DHCPv6 leasequery support. 1233 1234- Reliable DHCPv6 release (previous behavior, send release and exit, is 1235 still available with dhclient -6 -1 -r). 1236 1237 Changes since 4.0.0 (new features) 1238 1239- Added DHCPv6 rapid commit support. 1240 1241- Added explicit parser support for zero-length DHCP options, such as 1242 rapid-commit, via format code 'Z'. 1243 1244- It's now possible to update the "ends" field of a lease with OMAPI. 1245 This is useful if you want not only to release a lease, but also make 1246 it available for reuse right away. Hat tip to Christof Chen. 1247 1248- Fixed definition of the iaaddr hash functions to use the correct 1249 functions when referencing and dereferencing memory. 1250 1251- Some definitions not in phase with the IANA registry were updated. 1252 1253- Allocated interface IDs are better controlled ('u' bit set to zero, 1254 reserved IDs avoided). 1255 1256- Unicast options are taken into account only for RENEWs. 1257 1258- NoAddrsAvail answers to SOLICITs are always ADVERTISEs even when a SOLICIT 1259 carries a rapid-commit option. 1260 1261- Return in place of raise an impossible condition when one tries to release 1262 an empty active lease. 1263 1264- Timer granularity is now 1/100s in the DHCPv6 client. 1265 1266- The dhclient-script was updated to create a host route for the default 1267 gateway if the supplied subnet mask for an IPv4 address was a /32. This 1268 allows the client to work in 'captive' network environments, where the 1269 operator does not want clients to crosstalk directly. 1270 1271- MINUS tokens should be parseable again. 1272 1273- Multiple (up to "delayed-ack x;" maximum) DHCPv4 packets are now queued and 1274 released in bursts after single fsync() events when the upper limit is 1275 reached or if the receiving sockets go dry. The practical upshot is 1276 that fsync-coupled server performance is now multiplicitively increased. 1277 The default delayed ack limit is 28. Thanks entirely to a patch from 1278 Christof Chen. 1279 1280 Changes since 4.0.0 (bug fixes) 1281 1282- DHCP now builds on AIX. 1283 1284- Exit with warning when DHCPv6-specific statements are used in the 1285 config file but -6 is not specified. 1286 1287- Fixed "--version" flag in dhcrelay 1288 1289- The 'min-secs' configuration parameter's log message has been updated to 1290 be more helpful. 1291 1292- The warning logged when an address range doesn't fit in the subnets 1293 they were declared has been updated to be more helpful and identify the 1294 typo in configuration that created the spanning addresses. 1295 1296- A bug in failover pool rebalancing that caused POOLREQ message ping-pongs 1297 was repaired. 1298 1299- A flaw in failover pool rebalancing that could cause POOLREQ messages to 1300 be sent outside of the min-balance/max-balance scheduled intervals has 1301 been repaired. 1302 1303- A cosmetic bug during potential-conflict recovery that caused the peer's 1304 'conflict-done' state message to be logged as 'unknown-state' has been 1305 repaired. It is now logged correctly. 1306 1307- A bug was fixed where the 'giaddr' may be used to find the client's subnet 1308 rather than its own 'ciaddr'. 1309 1310- A log message was introduced to clarify the situation where a failover 1311 'address' parameter (the server's local address) did not resolve to an 1312 IPv4 address. 1313 1314- The minimum site code value was set to 224 in 3.1.0 to track RFC3942. This 1315 broke a lot of legacy site local configurations. The new code in place will 1316 track site local space minimum option codes and logs a warning to encourage 1317 updates and exploration of site local code migration problems. Option 1318 codes less than 128 in site local spaces remain inaccessible. 1319 1320- A possible relay agent option bug was repaired where random server 1321 initialization state may have been used to signal the relay agent 1322 information options sub-option code for the 'END' of the option space. 1323 1324- Fixes to allow code to compile and run on Solaris 9. 1325 1326- Fixes to allow code to compile on Mac OS X Leopard (10.5). 1327 1328- When server is configured with options that it overrides, a warning is 1329 issued when the configuration file is read, rather than at the time the 1330 option is overridden. This was important, because the warning was given 1331 every time the option was overridden, which could create a lot of 1332 unnecessary logging. 1333 1334- Fixed a compilation problems on platforms that define a value for FDDI, 1335 which conflicts with a dhcp configuration syntax token by the same name. 1336 1337- When a failover server suspects it has encountered a peer running a 1338 version 3.0.x failover server, a warning that the failover wire protocol 1339 is incompatible is printed. 1340 1341- The failover server no longer issues a floating point error if it encounters 1342 a previously undefined option code. 1343 1344- Fix startup error messages to report a missing "subnet6 declaration", rather 1345 than a missing "subnet declaration", when running as a DHCPv6 server. 1346 1347- DHCPv6 client timestamp in DUID was based on the year 1970 rather 1348 than the year 2000. 1349 1350- Warn when attempting to use a hardware parameter in DHCPv6. 1351 1352- DHCPv6 released resources are now marked as released by the client. 1353 1354- 'Soft' bindings have no more side-effects. 1355 1356 Changes since 4.0.0b3 1357 1358- The reverse dns name for PTR updates on IPv6 addresses has been fixed to 1359 use ip6.arpa. rather than default to in-addr.arpa and require user 1360 configuration. 1361 1362- dhc6_lease_destroy() and dhc6_ia_destroy() now set lease and IA pointers 1363 to NULL after freeing, to prevent subsequent accesses to freed memory. 1364 1365- The DHCPv6 server would not send the preference option unless the 1366 client requested it, via the ORO. This has been fixed, so the DHCPv6 1367 server will always send the preference value if it is configured. 1368 1369- When addresses were passed as hints to the server in an IA, they were 1370 incorrectly handled, sometimes being treated as an error. Now the 1371 server will treat these as hints and ignore them if it cannot supply 1372 a requested address. 1373 1374- If the client had multiple addresses, and one expired (was not renewed 1375 by the server), the client would continue to attempt to renew the same 1376 old address over and over. Now, the client will omit any expired 1377 addresses from future Confirm, Renew, or Rebind messages. 1378 1379- dhclient -6 will now select renew/rebind timers based upon the longest 1380 address expiration time rather than the shortest expiration time, in 1381 order to avoid cascading renewals in the event a server elects not to 1382 extend one of multiple IAADDR leases. 1383 1384- The server now limits clients that request multiple addresses to one 1385 address per IA by default, which can be adjusted through the 1386 "limit-addrs-per-ia" configuration option. 1387 1388- The DHCPv6 client now issues fresh transaction IDs on Renew and Rebind 1389 message exchanges, rather than using the most recent ID. 1390 1391- The DHCPv6 server now replies to Information-Request messages. 1392 1393- A bug was fixed in the dhclient-script for BSDs to correctly carry error 1394 codes through some conditions. 1395 1396- The parsing of some options in the dhclient lease file, in particular 1397 the success DHCPv6 status-code, was fixed. 1398 1399- A bug was fixed that caused the DHCPv6 ORO option to be corrupted with 1400 seemingly random values. 1401 1402- A reference overleak in DHCPv6 shared network processing was repaired. 1403 1404- ./configure now autodetects local database locations rather than trying 1405 to put dhcpd.leases and dhclient.leases in /usr/local/var/db, which no 1406 one ever has. 1407 1408- Regression fix for bug where server advertised a IPv6 address in 1409 response to a SOLICIT but would not return the address in response 1410 to a REQUEST. 1411 1412- A bug was fixed where the DHCPv6 server puts the NoAddrsAvail status 1413 code in the IA_NA was fixed. The status code now appears in the root 1414 level. 1415 1416 Changes since 4.0.0b2 1417 1418- Clarified error message when lease limit exceeded 1419 1420- Relative time may now be used as a qualifier for 'allow' and 'deny' access 1421 control lists. These directives may be used to assist in re-addressing 1422 address pools without having to constantly reconfigure the server. Please 1423 see 'man dhcpd.conf' for more information on allow/deny 'after time' syntax. 1424 Thanks to a patch from Christof Chen. 1425 1426- The server will now include multiple IA_NA's and multiple IAADDRs within 1427 them, if advertised by the client. It still only seeks to allocate one 1428 new address. 1429 1430 Changes since 4.0.0b1 1431 1432- Use different paths for PID and lease files when running in DHCPv4 1433 or DHCPv6 mode, so that servers for both protcols can be run 1434 simultaneously on a single interface. 1435 1436- Fixed a buffer overflow error which could have allowed a denial 1437 of service under unusual server configurations 1438 1439- Eliminated a spurious error message from the client 1440 1441- A number of bugs with the internal handling of lease state on the 1442 server have been fixed. Some of these could cause server crashes. 1443 1444- The peer_wants_leases() changes pulled up from 3.1.0 were corrected, 1445 'never used' leases will no longer consistently shift between servers 1446 on every pool rebalance run. 1447 1448- sendmsg()/recvmsg() control buffers are now declared in such a way to 1449 ensure they are correctly aligned on all (esp. 64-bit) architectures. 1450 1451- The client leasing subsystem was streamlined and corrected to account 1452 more closely for changes in client link attachment selection. 1453 1454 Changes since 4.0.0a3 1455 1456- The DHCP server no longer requires a "ddns-update-style" statement, 1457 and now defaults to "none", which means DNS updates are disabled. 1458 1459- Log messages when failover peer names mismatch have been improved to 1460 point out the problem. 1461 1462- Bug where server advertised a IPv6 address in response to a SOLICIT 1463 but would not return the address in response to a REQUEST. Thanks to 1464 Dennis Kou for finding the bug. 1465 1466- Fixed an error causing the server to lock up on lease expiration, 1467 reported independently by Jothilingam Vasu and Dennis Kou. 1468 1469- Fixed a ./configure bug where compile tests were failing due to 1470 "-Werror" (unused variable) rather than the actual test failure. Lead 1471 to inconsistent and unworkable auto-configurations. 1472 1473- Compilation with DLPI and -Werror has been repaired. 1474 1475- Error in decoding IA_NA option if multiple interfaces are present 1476 fixed by Marcus Goller. 1477 1478- DHCPv6 server Confirm message processing has been enhanced - it no 1479 longer replies only to clients with host {} records, it now replies 1480 as directed in RFC3315 section 18.2.2 - that is, to all clients 1481 regardless of the existence of bindings. 1482 1483- A core dump during expired lease cleanup has been repaired. 1484 1485- DDNS updates state information are now stored in 'binding scopes' that 1486 follow the leases through their lifecycles. This enables DDNS teardowns 1487 on leases that are assigned and expired inbetween a server restart (the 1488 state is recovered from dhcpd.leases). Arbitrary user-specified binding 1489 scopes ('set var = "value";') are not yet supported. 1490 1491- Additional compilation problems on HP/UX have been repaired. 1492 1493 Changes since 4.0.0a2 1494 1495- Fix for startup where there are no IPv4 addresses on an interface. 1496 Thanks to Marcus Goller for reporting the bug. 1497 1498- Fixed file descriptor leak on listen failure. Thanks to Tom Clark. 1499 1500- Bug in server configuration parser caused server to get stuck on 1501 startup for certain bad pool declarations. Thanks to Guillaume 1502 Knispel for the bug report and fix. 1503 1504- Code cleaned to remove warnings reported by "gcc -Wall". 1505 1506- DHCPv6 is now the default. You can disable DHCPv6 support using the 1507 "--disable-dhcpv6" flag when you run the configure script. 1508 1509- An internal database inconsistency bug was repaired where the server 1510 would segfault if a client attempted to renew a lease that had been 1511 loaded from persistent storage. 1512 1513- 'request' and 'also request' syntaxes have been added to accommodate 1514 the DHCPv6 client configuration. 'send dhcp6.oro' is no longer 1515 necessary. 1516 1517- Bug fixed where configuration file parsing did not work with 1518 zero-length options; this made it impossible to set the 1519 rapid-commit option. 1520 1521- Bogus messages about host records with IPv4 fixed-addresses being of 1522 non-128-bits in length were removed. 1523 1524 Changes since 4.0.0a1 1525 1526- Bug in octal parsing fixed. Thanks to Bernd Fuhrmann for the report 1527 and fix. 1528 1529- Autoconf now supplies proper flags for Solaris DHCPv6 builds. 1530 1531- Fix for parsing error on some IPv6 addresses. 1532 1533- Invalid CIDR representation for IPv6 subnets or ranges now checked 1534 for when loading configuration. 1535 1536- Compilation on HP/UX has been repaired. The changes should generally 1537 apply to any architecture that supplies SIOCGLIFCONF but does not 1538 use 'struct lifconf' structures to pass values. 1539 1540- Two new operators, ~= and ~~, have been integrated to implement 1541 boolean matches by regular expression (such as may be used in 1542 class matching statements). Thanks to a patch by Alexandr S. 1543 Agranovsky, which underwent slight modification. 1544 1545- Fix for icmp packets on 64-bit systems (bug introduced in 4.0). 1546 1547- A bug was fixed in interface discovery wherein an error identifying 1548 a server-configured interface with no IPv4 addresses would SEGV. 1549 1550- Fixed a bug in which write_lease() might report a failure incorrectly 1551 1552- Added support for DHCPv6 Release messages 1553 1554- Added -x option to dhclient, which triggers dhclient processes 1555 to exit gracefully without releasing leases first 1556 1557- All binaries (client, server, relay) now change directories 1558 to / before going into daemon mode, so as not to hold $CWD open 1559 1560- Fixed a bug parsing DHCPv6 client-id's in host-identifier statements 1561 1562- Fixed a bug with the 'ddns-updates' boolean server configuration 1563 parameter, which caused the server to fail. 1564 1565 Changes since 4.0.0-20070413 1566 1567- Old (expired) leases are now cleaned. 1568 1569- IPv6 subnets now have support for arbitrary allocation ranges via 1570 a new 'range6' configuration directive. 1571 1572- An obviated option code hash lookup to find D6O_CLIENTID was removed. 1573 1574- Corrected some situations where variables might be used without being 1575 initialized. 1576 1577- Silenced several other compiler warnings. 1578 1579- Include the more standard sys/uio.h rather than rely upon other 1580 header files to include it (fixes a BSD 4.2 compile failure). 1581 1582- Duplicate dhclient-script updates for DHCPv6 to all provided scripts. 1583 1584- DHCPv4 I/O methods that failed to sense hardware address were corrected. 1585 1586- DHCPv4 is now the default (as documented) rather than DHCPv6. The default 1587 was set to DHCPv6 to facilitate ease early development, and forgotten. 1588 1589- Corrected a segmentation violation in DHCPv4 socket processing. 1590 1591- dhclient will now fork() into the background once it binds to an 1592 IPv6 address, or immediately if the -n flag is supplied. 1593 1594- -q is now the default behaviour on dhclient, with -d or -v enabling 1595 non-quiet (stderr logging) mode. 1596 1597- Fix documentation of the domain-search atom (quoted, with commas). 1598 1599- Document DHCPv6 options presently in the default table. 1600 1601- Replaced ./configure shellscripting with GNU Autoconf. 1602 1603 Changes since 3.1.0 (NEW FEATURES) 1604 1605- DHCPv6 Client and Server protocol support. Use '-6' to run the daemons 1606 as v6-only. Use '-4' to run the daemons as v4-only (default. There is 1607 no support currently for both. 1608 1609- Server support for multiple IA_NA options, containing at most one 1610 IAADDR option. 1611 1612- Client support for one IA_NA option, containing any number of IAADDR 1613 options. 1614 1615- Server support for the DHCPv6 Information-request message. 1616 1617- Inappropriate unicast DHCPv6 messages sent to the server are now 1618 discarded, and this has rearchitected the IO system slightly. 1619 1620- The DHCPv6 server DUID defaults to type 1, is persistently stored in 1621 the leases database, and can be over-ridden (either completely, or by 1622 specifying type 1 or type 2). 1623 1624- The server only uses Rapid-Commit if it has been configured with the 1625 Rapid-Commit option and the client requests it. 1626 1627- DDNS support. We now update AAAA records in the same place we would 1628 update A records, if we have an IPv6 address. We also generate IP6.ARPA 1629 style names for PTR records if we're dealing with an IPv6 address. Both 1630 A and AAAA updates are done using the same 'fqdn.' virtual option space 1631 (although the DHCPv4 FQDN and DHCPv6 FQDN options are formatted 1632 differently, they both use the same code here). 1633 1634- The Linux dhclient-script attempts to set and remove assigned addresses, 1635 and to configure /etc/resolv.conf from nameserver and domain name 1636 configurations. It can be extended to configure other parameters. 1637 1638- Initial DHCPv6 lease support. 1639 1640- The IO system now tracks all local IP addresses, so that the DHCP 1641 applications (particularly the dhcrelay) can discern between what frames 1642 were transmitted to it, and what frames are being carried through it which 1643 it should not intercept. 1644 1645 Changes since 3.1.0 (Maintenance) 1646 1647- A bug was repaired where MAC Address Affinity for virgin leases always 1648 mapped to the primary. Virgin leases now have an interleaved preference 1649 between primary and secondary. 1650 1651- A bug was repaired where MAC Address Affinity for clients with no client 1652 identifier was sometimes mishashed to the peer. Load balancing during 1653 runtime and pool rebalancing were opposing. 1654 1655- An assertion in lease counting relating to reserved leases was repaired. 1656 1657- The subnet-mask option inclusion now conforms with RFC2132 section 3.3; 1658 it will only appear prior to the routers option if it is present on the 1659 Parameter-Request-List. The subnet-mask option will also only be 1660 included by default (if it is not on the PRL) in response to DISCOVER 1661 or REQUEST messages. 1662 1663- The FQDN option is only supplied if the client supplied an FQDN option or 1664 if the FQDN option was explicitly requested on the PRL. 1665 1666- Dynamic BOOTP leases are now load balanced in failover. 1667 1668 Changes since 3.1.0rc1 1669 1670- The parse warning that 'deny dyanmic bootp;' must be configured for 1671 failover protected subnets was removed. 1672 1673 Changes since 3.1.0b2 1674 1675- Failover rebalance events no longer play ping pong with round errors 1676 (moving leases between free and back to backup where there are an 1677 odd number of leases). 1678 1679- The 'pool' log line has been split into two messages, one before the 1680 rebalance run, and one after. 1681 1682- Any queued BNDACKs are transmitted before transmitting new BNDUPDs. 1683 This enforces the correct sequence of events for the remote server 1684 processing these messages. 1685 1686 Changes since 3.1.0b1 1687 1688- Fixed a bug that caused OMAPI clients to freeze when opening lease 1689 objects. 1690 1691- A new server config option "fqdn-reply" specifies whether the server 1692 should send out option 81 (FQDN). Defaults to "on". If set to "off", 1693 the FQDN option is not sent, even if the client requested it. This is 1694 needed because some clients misbehave otherwise. Thanks to Christof Chen 1695 at Allianz. 1696 1697- Allow trace output files (-tf option) to be overwritten, rather than 1698 crashing dhcpd if the file already exists 1699 1700- A bug was fixed that caused dhcpd to segfault if a pool was declared 1701 outside the scope of a subnet in dhcpd.conf. 1702 1703- Some uninitialized values were repaired in dhcpleasequery.c that 1704 caused the server to abort. 1705 1706- A new server config option, 'do-reverse-updates', has been added 1707 which causes the server to abstain from performing updates on PTR 1708 records. Thanks to a patch from Christof Chen at Allianz. 1709 1710- A bug was repaired in subencapsulation support, where spaces separated 1711 by empty spaces would not get included. 1712 1713- A bug in dhclient was repaired which caused it to send parameter request 1714 lists of 55 bytes in length no matter how long the declared PRL was. 1715 1716- 'dhcp.c(3953): non-null pointer' has been repaired. This fixes a flaw 1717 wherein the DHCPv4 server may ignore a configured server-identifier. 1718 1719- A flaw in failover startup sequences was repaired that sometimes left 1720 the primary DHCP server's pool rebalance schedules unscheduled. 1721 1722- Corrected a flaw that broke encapsulated spaces included due to presence 1723 on the parameter request list. 1724 1725 Changes since 3.1.0a3 1726 1727- Some spelling fixes. 1728 1729 Changes since 3.1.0a2 1730 1731- A bug was fixed where attempting to permit leasequeries results in a 1732 fatal internal error, "Unable to find server option 49". 1733 1734- A bug was fixed in dhclient rendering the textual output form of the 1735 domain-search option syntax. 1736 1737 Changes since 3.1.0a1 1738 1739- A bug in the FQDN universe that added FQDN codes to the NWIP universe's 1740 hash table was repaired. 1741 1742- The servers now try harder to transmit pending binding updates when 1743 entering normal state. 1744 1745- UPDREQ/UPDREQALL handling was optimized - it no longer dequeues and 1746 requeues all pending updates. This should reduce the number of spurious 1747 'xid mismatch' log messages. 1748 1749- An option definition referencing leak was fixed, which resulted in early 1750 termination of dhclient upon the renewal event. 1751 1752- Some default hash table sizes were tweaked, some upwards, some downwards. 1753 3.1.0a1's tables resulted in a reduction in default server memory use. 1754 The new selected values provide more of a zero sum (increasing the size 1755 of tables likely to be populated, decreasing the size of tables unlikely). 1756 1757- Lease structures appear in three separate hashes: by IP address, by UID, 1758 and by hardware address. One type of table was used for all three, and 1759 improvements to IP address hashing were applied to all three (so UID and 1760 hardware addresses were treated like 4-byte integers). There are now two 1761 types of tables, and the uid/hw hashes use functions more appropriate 1762 to their needs. 1763 1764- The max-lease-misbalance percentage no longer causes scheduled rebalance 1765 runs to be skipped: it still governs the schedule, but every scheduled 1766 run will attempt balance. 1767 1768- A segfault bug in recursive encapsulation support has been corrected. 1769 1770 Changes since 3.0 (New Features) 1771 1772- A workaround for certain STSN servers that send a mangled domain-name 1773 option was introduced for dhclient. The client will now accept corrupted 1774 server responses, if they contain a valid DHCP_MESSAGE_TYPE (OFFER, ACK, 1775 or NAK). The server will continue to not accept corrupt client packets. 1776 1777- Support for 'reserved' (pseudo-static) and BOOTP leases via failover 1778 was introduced. 1779 1780- Support for adding, removing, and managing class and subclass statements 1781 via OMAPI. 1782 1783- The failover implementation was updated to comply with revision 12 of 1784 the protocol draft. 1785 1786- 'make install' now creates the initial zero-length dhcpd.leases file if 1787 one does not already exist on the system. 1788 1789- RFC3942 compliance, site-local option spaces start at 224 now, not 128. 1790 1791- The Load Balance Algorithm was misimplemented. The current implementation 1792 matches RFC 3074. 1793 1794- lcase() and ucase() configuration expressions have been added which adjust 1795 their arguments from upper to lower and lower to upper cases respectively. 1796 Thanks to a patch from Albert Herranz. 1797 1798- The dhclient 'reject ...;' statement, which rejects leases given by named 1799 server-identifiers, now permits address ranges to be specified in CIDR 1800 notation. Thanks to a patch from David Boyce. 1801 1802- The subnet-mask option is now supplied by default, but at lowest 1803 priority. This helps a small minority of clients that provide parameter 1804 request lists, but do not list the subnet-mask option because they were 1805 designed to interoperate with a server that behaves in this manner. 1806 1807- The FQDN option is similarly supplied even if it does not appear on the 1808 parameter request list, but not to the exclusion of options that do 1809 appear at the parameter request list. Up until now it had ultimate 1810 priority over the client's parameter request list. 1811 1812- Varying option space code and length bit widths (8/16/32) are now 1813 supported. This is a milestone in achieving RFC 3925 "VIVSO" and 1814 DHCPv6 support. 1815 1816- A new common (server or client) option, 'db-time-format local;', has 1817 been added which prints the local time in /var/db/dhcpd.leases rather 1818 than UTC. Thanks to a patch from Ken Lalonde. 1819 1820- Some patches to improve DHCP Server startup speed from Andrew Matheson 1821 have been incorporated. 1822 1823- Failover pairs now implement 'MAC Affinity' on leases moving from the 1824 active to free states. Leases that belonged to the failover secondary 1825 are moved to BACKUP state rather than FREE upon exiting EXPIRED state. 1826 If lease rebalancing must move leases, it tries first to move leases 1827 that belong to the peer in need. 1828 1829- The server no longer sends POOLREQ messages unless the pool is severely 1830 misbalanced in the peer's favor (see 'man dhcpd.conf' for more details). 1831 1832- Pool rebalance events no longer happen upon successfully allocating a 1833 lease. Instead, they happen on a schedule. See 'man dhcpd.conf' for the 1834 min-balance and max-balance statements for more information. 1835 1836- The DHCP Relay Agent Information Option / Link Selection Sub-Option 1837 is now supported. (See RFC3527 for details). 1838 1839- A new DDNS related server option, update-conflict-detection, has been 1840 added. If this option is enabled, dhcpd will perform normal DHCID 1841 conflict resolution (the default). If this option is disabled, it will 1842 instead trust the assigned name implicitly (removing any other bindings 1843 on that name). This option has not been made available in dhclient. 1844 1845- In those cases where the DHCP software manufactures an IP header (to 1846 transmit via bpf, lpf, etc), the IP TTL the software selects has been 1847 increased from 16 to 128. This is intended to match Microsoft Windows 1848 DHCP Client behaviour, to increase compatibility. 1849 1850- 'ignore client-updates;' now has behaviour that is different from 1851 'deny client-updates;'. The client's request is not truly ignored, 1852 rather it is encouraged. Should this value be configured, the server 1853 updates DNS as though client-updates were set to 'deny'. That is, it 1854 enters into DNS whatever it is configured to do already, provided it is 1855 configured to. Then it sends a response to the client that lets the 1856 client believe it is performing client updates (which it will), probably 1857 for a different name. In essence, this lets the client do as it will, 1858 ignoring this aspect of their request. 1859 1860- Support for compressed 'domain name list' style DHCP option contents, and 1861 in particular the domain search option (#119) was added. 1862 1863- The DHCP LEASEQUERY protocol as defined in RFC4388 is now implemented. 1864 LEASEQUERY lets you query the DHCP server for information about a lease, 1865 using either an IP address, MAC address, or client identifier. Thanks 1866 to a patch from Justin Haddad. 1867 1868- DHCPD is now RFC2131 section 4.1 compliant (broadcast to all-ones ip and 1869 ethernet mac address) on the SCO platform specifically without any strange 1870 ifconfig hacks. Many thanks go to the Kroger Co. for donating the 1871 hardware and funding the development. 1872 1873- A new common configuration executable statement, execute(), has been 1874 added. This permits dhcpd or dhclient to execute a named external 1875 program with command line arguments specified from other configuration 1876 language. Thanks to a patch written by Mattias Ronnblom, gotten to us 1877 via Robin Breathe. 1878 1879- A new dhcp server option 'adaptive-lease-time-threshold' has been added 1880 which causes the server to substantially reduce lease-times if there are 1881 few (configured percentage) remaining leases. Thanks to a patch submitted 1882 from Christof Chen. 1883 1884- Encapsulated option spaces within encapsulated option spaces is now 1885 formally supported. 1886 1887 Changes since 3.0.6rc1 1888 1889- supersede_lease() now requeues leases in their respective hardware 1890 address hash bucket. This mirrors client identifier behaviour. 1891 1892 Changes since 3.0.5 1893 1894- Assorted fixes for broken network devices: Packet length is now 1895 determined from the IP header length field to finally calculate the 1896 UDP payload length, because some NIC drivers return more data than 1897 they actually received. 1898 1899- UDP packets are now stored in aligned data structures. 1900 1901- A logic error in omapi interface code was repaired that might result in 1902 incorrectly indicating 'up' state when any flags were set, rather than 1903 specifically the INTERFACE_REQUESTED flag. Thanks to a patch from 1904 Jochen Voss which got to us via Andrew Pollock at Debian. 1905 1906- A reference leak on binding scopes set by ddns updates was repaired. 1907 1908- A memory leak in the minires_nsendsigned() function call was repaired. 1909 Effectively, this leaked ~176 bytes per DDNS update. 1910 1911- In the case where an "L2" DHCP Relay Agent (one that does not set giaddr) 1912 was directly attached to the same broadcast domain as the DHCP server, 1913 the RFC3046 relay agent information option was not being returned to the 1914 relay in the server's replies. This was fixed; the dhcp server no longer 1915 requires the giaddr to reply with relay agent information. Note that 1916 this also improves compatibility with L2 devices that "intercept" DHCP 1917 packets and expect relay agent information even in unicast (renewal) 1918 replies. Thanks to a patch from Pekka Silvonen. 1919 1920- A bug was fixed where the BOOTP header 'sname' field had a value, the 1921 copy written to persistent storage was actually the contents of the 1922 'file' field. 1923 1924- A bug was fixed where the nwip virtual option space was referencing 1925 the fqdn option's virtual option space's option cache. 1926 1927- Timestamp parsing errors that indicated missing "minutes" fields rather 1928 than the actually missing "seconds" fields have been repaired thanks to 1929 a patch from Kevin Steves. 1930 1931- A grammar error in the dhclient.8 manpage was repaired thanks to a patch 1932 from Chris Wagner. 1933 1934- Several spelling typos were repaired, and some cross-references to other 1935 relevant documents were included in the manpages, thanks to a patch 1936 by Andrew Pollock which got to us via Tomas Pospisek. 1937 1938- Some bugs were fixed in the 'emergency relay agent options hologram' 1939 which is used to retain relay agent option contents from when the 1940 client was in INIT or REBIND states. This should solve problems where 1941 relay agent options were not echoed from the server, even when giaddr 1942 was set. 1943 1944- dhclient now closes its descriptor to dhclient.leases prior to executing 1945 dhclient-script. Thanks to a patch from Tomas Pospisek. 1946 1947- The server's "by client-id" and "by hardware address" hash table lists 1948 are now sorted according to the preference to re-allocate that lease to 1949 returning clients. This should eliminate pool starvation problems 1950 arising when "INIT" clients were given new leases rather than presently 1951 active ones. 1952 1953 Changes since 3.0.5rc1 1954 1955- A bug was repaired in fixes to the dhclient, which sought to run the 1956 dhclient-script with the 'EXPIRE' state should it receive a NAK in 1957 response to a REQUEST. The client now iterates the PREINIT state 1958 after the EXPIRE state, so that interfaces that might be configured 1959 'down' can be brought back 'up' and initialized. 1960 1961- DHCPINFORM handling for clients that properly set ciaddr and come to the 1962 server via a relay aget has been repaired. 1963 1964 Changes since 3.0.4 1965 1966- A warning that host statements declared within subnet or shared-network 1967 scopes are actually global has been added. 1968 1969- The default minimum lease time (if min-lease-time was not specified) 1970 was raised from 0 to 300. 0 is not thought to be sensible, and is 1971 known to be damaging. 1972 1973- Added additional fatal error sanity checks surrounding lease binding 1974 state count calculations (free/active counts used for failover pool 1975 balancing). 1976 1977- Some time value size fixes in 3.0.4 brought on from FreeBSD /usr/ports were 1978 misapplied to server values rather than client values. The server no longer 1979 advertises 8-byte lease-time options when on 64-bit platforms. 1980 1981- A bug where leases not in ACTIVE state would get billed to billed classes 1982 (classes with lease limitations) was fixed. Non-active leases OFFERed 1983 to clients are no longer billed (but billing is checked before offering). 1984 1985- The dhcpd.conf.5 manpage was updated in regard to the ddns-domainname 1986 configuration option - the default configuration and results should be 1987 more clear now. 1988 1989- If the dhclient were to receive a DHCPNAK while it was in the RENEW 1990 state (and consequently, had an active, 'bound' address and related 1991 configuration options), it would fail to 'tear down' this information 1992 before proceeding into INIT state. dhclient now iterates the dhclient- 1993 script with the 'EXPIRE' action to cause these teardowns prior to entering 1994 INIT state. Thanks to a patch from Chris Zimmerman. 1995 1996- The omapi.1 manpage had some formatting errors repaired thanks to a patch 1997 from Yoshihiko Sarumaru. 1998 1999- A few lines of code that were failover-specific were moved within 2000 #if defined() clauses so that compilation without failover could be 2001 made possible. 2002 2003- The log message emitted when the 'leased-address' value was not available 2004 in dhcpd.conf "executable statements" has been updated to be more helpful. 2005 Manpage information for this value has also been updated. 2006 2007- Abandoned or dissociated (err condition) leases now remove any related 2008 dynamic dns bindings. Thanks to a patch from Patrick Schoo. 2009 2010- Attempting to write a new lease file to replace a corrupt (due to 2011 encountering non-retryable errors during writing) lease file should 2012 no longer result in an infinite recursion. 2013 2014- Host declaration hardware addresses and client identifiers may only be 2015 configured once. dhcpd will now fail to load config files that specify 2016 multiple identifiers (previous versions would silently over-ride the 2017 value with the later configured value). 2018 2019- Several option codes that have been allocated since our last release 2020 have been named and documented. 2021 2022- Option names of the form "unknown-123" have been removed from the in- 2023 memory hash tables. In order to support options of these names that 2024 may appear in dhclient.leases or similar in previous versions, the 2025 parser will now find the new option code definition, or mock up a 2026 generic option code definition. This should result in a smooth 2027 transition from one name to the other, as the new name is used to 2028 write new output. 2029 2030 Changes since 3.0.4rc1 2031 2032- The dhcp-options.5 manpage was updated to correct indentation errors 2033 thanks to a patch from Jean Delvare. 2034 2035 Changes since 3.0.4b3 2036 2037- Some manual pages were clarified pursuant to discussion on the dhcp-server 2038 mailing list. 2039 2040 Changes since 3.0.4b2 2041 2042- Null-termination sensing for certain clients that unfortunately require 2043 it in DHCPINFORM processing was repaired. 2044 2045- The host-name option and a few others were moved from "X" format to "t" 2046 format to be compatible with new NULL handling functions. 2047 2048- DHCPINFORM processing is a little more careful about return addressing 2049 its responses, or if responding via a relay. The INFORM related 2050 messages also log the 'effective client ip address' rather than the 2051 client's supplied ciaddr (since some clients produce null ciaddrs). 2052 2053- The server was inappropriately sending leases to the RESET state in the 2054 event that multiple active leases were found to match a singly-identified 2055 client. This was changed to RELEASED (by accepting a different, ACTIVE 2056 binding, the client is implicitly releasing its lease). This repairs a 2057 bug wherein secondary servers in failover pairs detecting this condition 2058 move leases to RESET, and primaries refuse to accept that state 2059 transition (properly). 2060 2061- The memset-after-dmalloc() changes made in 3.0.4b1 have been backed out. 2062 2063 Changes since 3.0.4b1 2064 2065- Command line parsing in omshell was repaired - it no longer closes 2066 STDIN after reading one line. 2067 2068- The resolver library no longer closes the /etc/resolv.conf file 2069 descriptor it opened twice. 2070 2071- Changes to trailing NULL removal in 't' option-atoms has been rethought, 2072 it now includes 'd' (domain name) types, and tries hard not to rewind an 2073 option beyond the start of the text field it is un-terminating. 2074 2075 Changes since 3.0.3 2076 2077- A DDNS update handling function was misusing the DNS error codes, rather 2078 than the internal generic result enumeration. The result is a confusing 2079 syslog line, logging the wrong condition. 2080 2081- The DHCP Server was not checking pool balance in the case where it brought 2082 a non-ACTIVE lease out of storage for a client that was returning to use 2083 a lease it once had long ago, and had since expired. 2084 2085- Failover peers no longer bother to look for free leases to allocate when 2086 they already found the client's ACTIVE lease. DISCOVERs are load balanced 2087 whether freely-allocated or not, unless the server doubts the peer has 2088 leases to allocate. 2089 2090- Fixed a bug in dhcrelay agent addition code that suppressed trailing 2091 PAD options - it was suppressing only one trailing PAD option, rather 2092 than the entire block of them. 2093 2094! Fixed some unlikely overlapping-region memcpy() bugs in dhcrelay agent 2095 option addition and stripping code. Added a few sanity checks. Although 2096 highly improbable, due to requiring the reception of a DHCP datagram well 2097 in excess of all known to be used physical MTU limitations, it is possible 2098 this may have been used in a stack overflow security vulnerability. Thanks 2099 to a patch from infamous42md. 2100 2101! Added some sanity checks to OMAPI connection/authentication code. 2102 Although highly improbable, due to having to deliver in excess of 2^32 2103 bytes of data via the OMAPI channel, not to mention requiring dhcpd to 2104 be able to malloc() a memory region 2^32 bytes in size, it was possible 2105 this might have resulted in a heap overflow security vulnerability. 2106 Thanks to a patch from infamous42md. 2107 2108- dmalloc() memset()'s the non-debug (data) portion of the allocated 2109 memory to zero. Code that memset()'s the result returned by dmalloc() to 2110 zero is redundant. These redundancies were removed. 2111 2112- Some type declaration corrections to u_int16_t were made in common/tr.c 2113 (Token Ring support) thanks to a patch from Jason Vas Dias at Red Hat. 2114 2115- A failover bug that was allowing leases that EXPIRED or were RELEASED 2116 where tsfp and tstp are identical timestamps to languish in these 2117 transitional states has been repaired. As a side effect, lease 2118 databases should be kept more consistent overall, not just for these 2119 transitional states. 2120 2121- If the lease db is deleted out from under the daemon, and it moves to rewrite 2122 the db, it will go ahead with the operation and move the new db into place 2123 once it detects the old db does not exist. 2124 2125- dhclient now ignores IRDA, SIT, and IEEE1394 network interfaces, as it 2126 is either nonsensical or (in the case of IEEE1394) is not known to support 2127 these interfaces. Thanks to Marius Gedminas and Andrew Pollock of Debian. 2128 2129- Some previously undocumented reasons for dhclient-script invoking has 2130 been documented in the dhclient-script.8 manpage. 2131 2132- Failover potential expiry calculations (TSTP) have been corrected. Results 2133 should be substantially more consistent, and proper given the constraints. 2134 2135- Adjusted lease state validation checks in potential-conflict, to 2136 account for possible clock skew similarly to normal state, and several 2137 previously illegal transitions were made legal (ex: active->released). 2138 2139- An impossible sanity check was removed from omapi/buffer.c, thanks to a 2140 patch from 'infamous42md'. 2141 2142- An OMAPI host/network byte order problem in lease time values has been 2143 repaired. 2144 2145- Several minor bugs, largely relating to treating 8-byte time values as 2146 4-byte entities, have been repaired after careful review of the FreeBSD 2147 ports collection's patch set. Thanks to the nameless entities who have 2148 contributed to the FreeBSD ports. 2149 2150- When writing a trace file, the file is now created with permissions 0600, 2151 to help administrators avoid accidentally publicising sensitive config 2152 data. 2153 2154- The calculation of the maximum size of DHCP packets no longer includes 2155 Ethernet framing overhead. The result is that the 'Maximum Message 2156 Size' option advertised by clients, or the default value 576, is no 2157 longer reduced by 14 bytes, and instead directly reflects the IP level 2158 MTU (and the default, minimum allowed IP MTU of 576). 2159 2160- The special status of RELEASED/EXPIRED/RESET leases when a server 2161 is operating in partner-down was fixed. It no longer requires a 2162 lease be twice the MCLT beyond STOS to 'reallocate', and the expiry 2163 event to turn these into FREE leases without peer acknowledgement 2164 (after STOS+MCLT) has been repaired. 2165 2166- Compilation on older Solaris systems (lacking /usr/include/sys/int_types.h) 2167 has been repaired. 2168 2169- "append"ing a string onto the end of a "t" type option (such as the 2170 domain-name field) that had been improperly NULL-terminated by the 2171 DHCP server will no longer result in a truncated string containing 2172 only the option from the server, and not the expected appended value. 2173 Thanks to a patch from Jason Vas Dias at Red Hat. 2174 2175- File handlers on configuration state (config files and lease dbs) should 2176 be treated consistently, regardless of whether TRACING is defined or not. 2177 2178- The Linux build environment has had some minor improvements - better 2179 sensing of 64-bit pointer sizes (only used for establishing an icmp_id), 2180 and corrections to #if operators regarding LINUX_MAJOR should it ever 2181 move to 3.[01].x. 2182 2183- The server now tries harder to survive the condition where it is unable 2184 to open a new lease file to rewrite the lease state database. 2185 2186 Changes since 3.0.3b3 2187 2188- dhclient.conf documentation for interface {} was updated to reflect recent 2189 discussion on the dhcp-hackers mailing list. 2190 2191- In response to reports that the software does not compile on GCC 4.0.0, 2192 -Werror was removed from Makefile.conf for all platforms that used it. 2193 We will address the true problem in a future release; this is a temporary 2194 workaround. 2195 2196 Changes since 3.0.3b2 2197 2198- An error in code changes introduced in 3.0.3b2 was corrected, which caused 2199 static BOOTP clients to receive random addresses. 2200 2201 Changes since 3.0.3b1 2202 2203- A bug was fixed in BOOTPREQUEST handling code wherein stale references to 2204 host records would be left behind on leases that were not allocated to the 2205 client currently booting (eg in the case where the host was denied booting). 2206 2207- The dhcpd.conf.5 manpage was updated to be more clear in regards to 2208 multiple host declarations (thanks to Vincent McIntyre). 'Interim' style 2209 dynamic updates were also retouched. 2210 2211 Changes since 3.0.2 2212 2213- A bug was fixed where a server might load balance a DHCP REQUEST to its 2214 peer after already choosing not to load balance the preceding DISCOVER. 2215 The peer cannot allocate the originating server's lease. 2216 2217- In the case where a secondary server lost its stable storage while the 2218 primary was still in communications-interrupted, and came back online, 2219 the lease databases would not be fully transferred to the secondary. 2220 This was due to the secondary errantly sending an extra UPDREQ message 2221 when the primary made its state transition to PARTNER-DOWN known. 2222 2223- The package will now compile cleanly in gcc 3.3 and 3.4. As a side effect, 2224 lease structures will be 9 bytes smaller on all platforms. Thanks to 2225 Jason Vas Dias at Red Hat. 2226 2227- Interface discovery code in DISCOVER_UNCONFIGURED mode is now 2228 properly restricted to only detecting broadcast interfaces. Thanks 2229 to a patch from Jason Vas Dias at Red Hat. 2230 2231- decode_udp_ip_header was changed so that the IP address was copied out 2232 to a variable, rather than referenced by a pointer. This enforces 4-byte 2233 alignment of the 32-bit IP address value. Thanks to a patch from Dr. 2234 Peter Poeml. 2235 2236- An incorrect log message was corrected thanks to a patch from 2237 Dr. Peter Poeml. 2238 2239- A bug in DDNS was repaired, where if the server's first DDNS action was 2240 a DDNS removal rather than a DDNS update, the resolver library's 2241 retransmit timer and retry timer was set to the default, implying a 2242 15 second timeout interval. Which is a little excessive in a synchronous, 2243 single-threaded system. In all cases, ISC DHCP should now hold fast to 2244 a 1-second timeout, trying only once. 2245 2246- The siaddr field was being improperly set to the server-identifier when 2247 responding to DHCP messages. RFC2131 clarified the siaddr field as 2248 meaning the 'next server in the bootstrap process', eg a tftp server. 2249 The siaddr field is now left zeroed unless next-server is configured. 2250 2251- mockup_lease() could have returned in an error condition (or in the 2252 condition where no fixed-address was found matching the shared 2253 network) with stale references to a host record. This is probably not 2254 a memory leak since host records generally never die anyway. 2255 2256- A bug was repaired where failover servers would let stale client identifiers 2257 persist on leases that were reallocated to new clients not sending an id. 2258 2259- Binding scopes ("set var = value;") are now removed from leases allocated 2260 by failover peers if the lease had expired. This should help reduce the 2261 number of stale binding scopes on leases. 2262 2263- A small memory leak was closed involving client identifiers larger than 2264 7 bytes, and failover. 2265 2266- Configuring a subnet in dhcpd.conf with a subnet mask of 32 bits might 2267 cause an internal function to overflow heap. Thanks to Jason Vas Dias 2268 at Red Hat. 2269 2270- Some inconsistencies in treating numbers that the lexer parsed as 'NUMBER' 2271 or 'NUMBER_OR_NAME' was repaired. Hexadecimal parsing is affected, and 2272 should work better. 2273 2274- In several cases, parse warnings were being issued before the lexical 2275 token had been advanced to the token whose value was causing an error... 2276 causing parse warnings to claim the problem is on the wrong token. 2277 2278- Host declarations matching on client identifier for dynamic leases will 2279 no longer match fixed-address host declarations (this is now identical 2280 to behaviour for host records matching on hardware address). 2281 2282 Changes since 3.0.2rc3 2283 2284- A previously undocumented configuration directive, 'local-address', 2285 was documented in the dhcpd.conf manpage. 2286 2287 Changes since 3.0.2rc2 2288 2289- Two variables introduced in 3.0.2b1 were used without being initialized 2290 in the case where neither the FILE nor SNAME fields were available for 2291 overloading. This was repaired. 2292 2293- A heretofore believed to be impossible corner case of the option 2294 overloading implementation turned out to be possible ("Unable to sort 2295 overloaded options after 10 tries."). The implementation was reworked 2296 to consider the case of an option so large it would require more than 2297 three chunks to fit. 2298 2299- Many other instances of variables being used without being initialized 2300 were repaired. 2301 2302- An uninitialized variable in omapi_io_destroy() led to the discovery 2303 that this function may result in orphaned pointers (and hence, a memory 2304 leak). 2305 2306 Changes since 3.0.2rc1 2307 2308- allocate_lease() was rewritten to repair a bug in which the server would 2309 try to allocate an ABANDONED lease when FREE leases were available. 2310 2311 Changes since 3.0.2b1 2312 2313- Some dhcp-eval.5 manpage formatting was repaired. 2314 2315 Changes since 3.0.1 2316 2317- A bug was fixed in the server's 'option overloading' implementation, 2318 where options loaded into the 'file' and 'sname' packet fields were 2319 not aligned precisely as rfc2131 dictates. 2320 2321- The FreeBSD client script was changed to support the case where a domain 2322 name was not provided by the server. 2323 2324- A memory leak in 'omshell' per each command line parsed was 2325 repaired, thanks to a patch from Jarkko Torppa. 2326 2327- Log functions writing to stderr were adjusted to use the STDERR_FILENO 2328 system definition rather than '2'. This is a no-op for 90% of platforms. 2329 2330- One call to trace_write_packet_iov() counted the number of io vectors 2331 incorrectly, causing inconsistent tracefiles. This was fixed. 2332 2333- Some expression parse failure memory leaks were closed. 2334 2335- A host byte order problem in tracefiles was repaired. 2336 2337- Pools configured in DHCPD for failover possessing permission lists that 2338 previously were assumed to not include dyanmic bootp clients are now 2339 a little more pessimistic. The result is, dhcpd will nag you about just 2340 about most pools that possess a 'allow' statement with no 'deny' that 2341 would definitely match a dynamic bootp client. 2342 2343- The 'ddns-update-style' configuration warning bit now insists that 2344 the configuration be globally scoped. 2345 2346- Two memory leaks in dhclient were closed thanks to a patch from Felix 2347 Farkas. 2348 2349- Some minor but excellently pedantic documentation errors were fixed 2350 thanks to a patch from Thomas Klausner. 2351 2352- Bugs in operator precedence in executable statements have been repaired 2353 once again. More legal syntaxes should be parsed legally. 2354 2355- Failing to initialize a tracefile for any reason if a tracefile was 2356 specified is now a fatal error. Thanks to a patch from Albert Herranz. 2357 2358- Corrected a bug in which the number of leases transferred as calculated 2359 by the failover primary and sent to peers in POOLRESP responses may be 2360 incorrect. This value is not believed to be used by other failover 2361 implementations, excepting perhaps as logged information. 2362 2363- Corrected a bug in which 'dhcp_failover_send_poolresp()' was in fact 2364 sending POOLREQ messages instead of POOLRESP mesasges. This message 2365 was essentially ignored since failover secondaries effectively do not 2366 respond to POOLREQ messages. 2367 2368- Type definitions for various bitwidths of integers in the sunos5-5 2369 build of ISC DHCP have been fixed. It should compile and run more 2370 easily when built in 64-bit for this platform. 2371 2372- "allow known-clients;" is now a legal syntax, to avoid confusion. 2373 2374- If one dhcp server chooses to 'load balance' a request to its failover 2375 peer, it first checks to see if it believes said peer has a free 2376 lease to allocate before ignoring the DISCOVER. 2377 2378- log() was logging a work buffer, rather than the value returned by 2379 executing the statements configured by the user. In some cases, 2380 the work buffer and the intended results were the same. In some other 2381 cases, they were not. This was fixed thanks to a patch from Gunnar 2382 Fjone and directconnect.no. 2383 2384- Compiler warnings for some string type conversions was fixed, thanks 2385 to Andreas Gustafsson. 2386 2387- The netbsd build environments were simplified to one, in which 2388 -Wconversion is not used, thanks to Andreas Gustafsson. 2389 2390- How randomness in the backoff-cutoff dhclient configuration variable 2391 is implemented was better documented in the manpage, and the behaviour 2392 of dhclient in REQUEST timeout handling was changed to match that of 2393 DISCOVER timeout handling. 2394 2395- Omapi was hardened against clients that pass in null values, thanks 2396 to a patch from Mark Jason Dominus. 2397 2398- A bug was fixed in dhclient that kept it from doing client-side 2399 ddns updates. Thanks to a patch from Andreas Gustafsson, which 2400 underwent some modification after review by Jason Vas Dias. 2401 2402- Failover implementations disconnected due to the network between 2403 them (rather than one of the two shutting down) will now try to 2404 re-establish the failover connection every 5 seconds, rather than 2405 to simply try once and give up until one of them is restarted. 2406 Thanks to a patch from Ulf Ekberg from Infoblox, and field testing 2407 by Greger V. Teigre which led to an enhancement to it. 2408 2409- A problem that kept DHCP Failover secondaries from tearing down 2410 ddns records was repaired. Thanks to a patch from Ulf Ekberg from 2411 Infoblox. 2412 2413- 64bit pointer sizes are detected properly on FreeBSD now. 2414 2415- A bug was repaired where the DHCP server would leave stale references 2416 to host records on leases it once thought about offering to certain 2417 clients. The result would be to apply host and 'known' scopes to the 2418 wrong clients (possibly denying booting). NOTE: The 'mis-host' patch 2419 that was being circulated as a workaround is not the way this bug was 2420 fixed. If you were a victim of this bug in 3.0.1, you are cautioned 2421 to proceed carefully and see if it fixes your problem. 2422 2423- A bug was repaired in the server's DHCPINFORM handling, where it 2424 tried to divine the client's address from the source packet and 2425 would get it wrong. Thanks to Anshuman Singh Rawat. 2426 2427- A log message was introduced to help illuminate the case where the 2428 server was unable to find a lease to assign to any BOOTP client. 2429 Thanks to Daniel Baker. 2430 2431- A minor dhcpd.conf.5 manpage error was fixed. 2432 2433 Changes since 3.0.1rc14 2434 2435- The global variable 'cur_time' was centralized and is now uniformly of a 2436 type #defined in system-dependent headers. It had previously been defined 2437 in one of many places as a 32-bit value, and this causes mayhem on 64-bit 2438 big endian systems. It probably wasn't too healthy on little endian 2439 systems either. 2440 2441- A printf format string error introduced in rc14 was repaired. 2442 2443- AIX system-dependent header file was altered to only define NO_SNPRINTF 2444 if the condition used to #ifdef in vsnprintf in AIX' header files 2445 is false. 2446 2447- The Alpha/OSF system-dependent header file was altered to define 2448 NO_SNPRINTF on OS revisions older than 4.0G. 2449 2450- omapip/test.c had string.h added to its includes. 2451 2452 Changes since 3.0.1rc13 2453 2454! CAN-2004-0460 - CERT VU#317350: Five stack overflow exploits were closed 2455 in logging messages with excessively long hostnames provided by the 2456 clients. It is highly probable that these could have been used by 2457 attackers to gain arbitrary root access on systems using ISC DHCP 3.0.1 2458 release candidates 12 or 13. Special thanks to Gregory Duchemin for 2459 both finding and solving the problem. 2460 2461! CAN-2004-0461 - CERT VU#654390: Once the above was closed, an opening 2462 in log_*() functions was evidenced, on some specific platforms where 2463 vsnprintf() was not believed to be available and calls were wrapped to 2464 sprintf() instead. Again, credit goes to Gregory Duchemin for finding 2465 the problem. Calls to snprintf() are now linked to a distribution-local 2466 snprintf implementation, only in those cases where the architecture is 2467 not known to provide one (see includes/cf/[arch].h). If you experience 2468 linking problems with snprintf/vsnprintf or 'isc_print_' functions, this 2469 is where to look. This vulnerability did not exist in any previously 2470 published version of ISC DHCP. 2471 2472- Compilation on hpux 11.11 was repaired. 2473 2474- 'The cross-compile bug fix' was backed out. 2475 2476 Changes since 3.0.1rc12 2477 2478- Fixed a bug in omapi lease lookup function, to form the hardware 2479 address for the hash lookup correctly, thanks to a patch from 2480 Richard Hirst. 2481 2482- Fixed a bug where dhcrelay was sending relayed responses back to the 2483 broadcast address, but with the source's unicast mac address. Should 2484 now conform to rfc2131 section 4.1. 2485 2486- Cross-compile bug fix; use $(AR) instead of ar. Thanks to Morten Brorup. 2487 2488- Fixed a crash bug in dhclient where dhcpd servers that do not provide 2489 renewal times results in an FPE. As a side effect, dhclient can now 2490 properly handle 0xFFFFFFFF (-1) expiry times supplied by servers. Thanks 2491 to a patch from Burt Silverman. 2492 2493- The 'ping timeout' debugs from rc12 were removed to -DDEBUG only, 2494 and reformatted to correct a compilation error on Solaris platforms. 2495 2496- A patch was applied which fixes a case where leases read from the 2497 leases database do not properly over-ride previously read leases. 2498 2499- dhcpctl.3 manpage was tweaked. 2500 2501 Changes since 3.0.1rc11 2502 2503- A patch from Steve Campbell was applied with minor modifications to 2504 permit reverse dns PTR record updates with values containing spaces. 2505 2506- A patch from Florian Lohoff was applied with some modifications to 2507 dhcrelay. It now discards packets whose hop count exceeds 10 by default, 2508 and a command-line option (-c) can be used to set this threshold. 2509 2510- A failover bug relating to identifying peers by name length instead of 2511 by name was fixed. 2512 2513- Declaring failover configs within shared-network statements should no 2514 longer result in error. 2515 2516- The -nw command line option to dhclient now works. 2517 2518- Thanks to a patch from Michael Richardson: 2519 - Some problems with long option processing have been fixed. 2520 - Some fixes to minires so that updates of KEY records will work. 2521 2522- contrib/ms2isc was updated by Shu-Min Chang of the Intel Corporation. 2523 see contrib/ms2isc/readme.txt for revision notes. 2524 2525- Dhclient no longer uses shell commands to kill another instance of 2526 itself, it sends the signal directly. Thanks to a patch from Martin 2527 Blapp. 2528 2529- The FreeBSD dhclient-script was changed so that a failure to write to 2530 /etc/resolv.conf does not prematurely end the script. This keeps dhclient 2531 from looping infinitely when this is the case. Thanks to a patch from 2532 Martin Blapp. 2533 2534- A patch from Bill Stephens was applied which resolves a problem with lease 2535 expiry times in failover configurations. 2536 2537- A memory leak in configuration parsing was closed thanks to a patch from 2538 Steve G. 2539 2540- The function which discovers interfaces will now skip non-broadcast or 2541 point-to-point interfaces, thanks to a patch from David Brownlee. 2542 2543- Options not yet known by the dhcpd or dhclient have had their names 2544 changed such that they do not contain # symbols, in case they should ever 2545 appear in a lease file. An option that might have been named "#144" is 2546 now "unknown-144". 2547 2548- Another patch from Bill Stephens which allows the ping-check timeout to 2549 be configured as 'ping-timeout'. Defaults to 1. 2550 2551 Changes since 3.0.1rc10 2552 2553- Potential buffer overflows in minires repaired. 2554 2555- A change to the linux client script to use /bin/bash, since /bin/sh may 2556 not be bash. 2557 2558- Some missing va_end cleanups thanks to a patch from Thomas Klausner. 2559 2560- A correction of boolean parsing syntax validation - some illegal syntaxes 2561 that worked before are now detected and produce errs, some legal syntaxes 2562 that errored before will now work properly. 2563 2564- Some search-and-replace errors that caused some options to change their 2565 names was repaired. 2566 2567- Shu-min Chang of the Intel corporation has contributed a perl script and 2568 module that converts the MS NT4 DHCP configuration to a ISC DHCP3 2569 configuration file. 2570 2571- Applied the remainder of the dhcpctl memory leak patch provided by Bill 2572 Squier at ReefEdge, Inc. (groo@reefedge.com). 2573 2574- Missing non-optional failover peer configurations will now result in a soft 2575 error rather than a null dereference. 2576 2577 Changes since 3.0.1rc9 2578 2579- A format string was corrected to fix compiler warnings. 2580 2581- A number of spelling corrections were made in the man pages. 2582 2583- The dhclient.conf.5 man page was changed to refer to do-forward-updates 2584 rather than a configuration option that doesn't exist. 2585 2586- A FreeBSD-specific bug in the interface removal handling was fixed. 2587 2588- A Linux-specific Token Ring detection problem was fixed. 2589 2590- Hashes removed from as-yet-unknown agent options, having those options 2591 appear in reality before we know about them will no longer produce 2592 self-corrupting lease databases. 2593 2594- dhclient will use the proper port numbers now when using the -g option. 2595 2596- A order-of-operations bug with 2 match clauses in 1 class statement is 2597 fixed thanks to a patch from Andrew Matheson. 2598 2599- Compilation problems on Solaris were fixed. 2600 2601- Compilation problems when built with DEBUG or DEBUG_PACKET were repaired. 2602 2603- A fix to the dhcp ack process which makes certain group options will be 2604 included in the first DHCPOFFER message was made thanks to a patch from 2605 Ling Gou. 2606 2607- A few memory leaks were repaired thanks to patches from Bill Squier at 2608 ReefEdge, Inc. (groo@reefedge.com). 2609 2610- A fix for shared-networks that sometimes give clients options for the 2611 wrong subnets (in particular, 'option routers') was applied, thanks to 2612 Ted Lemon for the patch. 2613 2614- Omshell's handling of dotted octets as values was changed such that dots 2615 one after the other produce zero values in the integer string. 2616 2617 Changes since 3.0.1rc8 2618 2619- Fix a format string vulnerability in the server that could lead to a 2620 remote root compromise (discovered by NGSEC Research Team, www.ngsec.com). 2621 2622- Add additional support for NetBSD/sparc64. 2623 2624- Fix a bug in the command-line parsing of the client. Also, resolve 2625 a memory leak. 2626 2627- Add better support for shells other than bash in the Linux client 2628 script. 2629 2630- Various build fixes for modern versions of FreeBSD and Linux. 2631 2632- Fix a bad bounds check when printing binding state names. 2633 2634- Clarify documentation about fixed-address and multiple addresses. 2635 2636- Fix a typo in the authoritative error message. 2637 2638- Make a log entry when we can't write a billing class. 2639 2640- Use conversion targets that are the right size on all architectures. 2641 2642- Increment the hop count when relaying. 2643 2644- Log a message when lease state is changed through OMAPI. 2645 2646- Don't rerun the shared_network when evaluating the pool. 2647 2648- Fix a reversed test in the parser. 2649 2650- Change the type of rbuf_max. 2651 2652- Make FTS_LAST a manifest constant to quiet warnings. 2653 2654 Changes since 3.0.1rc7 2655 2656- Fix two compiler warnings that are generated when compiling on Solaris 2657 with gcc. These stop the build, even though they weren't actually 2658 errors, because we prefer that our builds generate no warnings. 2659 2660 Changes since 3.0.1rc6 2661 2662- Don't allow a lease that's in the EXPIRED, RELEASED or RESET state 2663 to be renewed. 2664 2665- Implement lease stealing for cases where the primary has fewer leases 2666 than the secondary, as called for by the standard. 2667 2668- Add a fudge factor to the lease expiry acceptance code, (suggested 2669 by Kevin Miller of CMU). 2670 2671- Fix a bug in permit_list_match that made it much too willing to say 2672 that two permit lists matched. 2673 2674- Unless DEBUG_DNS_UPDATES is defined, print more user-friendly (and 2675 also more compact) messages about DNS updates. 2676 2677- Fix a bug in generating wire-format domain names for the FQDN option. 2678 2679- Fix a bug where the FQDN option would not be returned if the client 2680 requested it, contrary to the standard. 2681 2682- On Darwin, use the FreeBSD DHCP client script. 2683 2684- On NetBSD/sparc, don't check for casting warnings. 2685 2686- Add a flag in the DHCP client to disable updating the client's A 2687 record when sending an FQDN option indicating that the client is 2688 going to update its A record. 2689 2690- In the client, don't attempt a DNS update until one second after 2691 configuring the new IP address, and if the update times out, keep 2692 trying until a response, positive or negative, is received from the 2693 DNS server. 2694 2695- Fix an uninitialized memory bug in the DHCP client. 2696 2697- Apply some FreeBSD-specific bug fixes suggested by Murray Stokely. 2698 2699- Fix a bug in ns_parserr(), where it was returning the wrong sort 2700 of result code in some cases (suggested by Ben Harris of the 2701 NetBSD project). 2702 2703- Fix a bug in is_identifier(), where it was checking against EOF 2704 instead of the END_OF_FILE token (also suggested by Ben Harris). 2705 2706- Fix a bug where if an option universe contained no options, the 2707 DHCP server could dump core (Walter Steiner). 2708 2709- Fix a bug in the handling of encapsulated options. 2710 2711- Fix a bug that prevented NWIP suboptions from being processed. 2712 2713- Delete the FTS_BOOTP and FTS_RESERVED states and implement them 2714 as modifier flags to the FTS_ACTIVE state, as called for in the 2715 failover protocol standard. 2716 2717- Fix bugs in the pool merging code that resulted in references and 2718 dereferences of null pointers. This bug had no impact unless the 2719 POINTER_DEBUG flag was defined. 2720 2721- In the server, added a do-forward-updates flag that can be used to 2722 disable forward updates in all cases, so that sites that want the 2723 clients to take sole responsibility for updating their A record can 2724 do so. 2725 2726- Make it possible to disable optimization of PTR record updates. 2727 2728 Changes since 3.0.1rc5 2729 2730- Include some new documentation and changes provided by Karl Auer. 2731 2732- Add a workaround for some Lexmark printers that send a double-NUL- 2733 terminated host-name option, which would break DNS updates. 2734 2735- Fix an off-by-one error in the MAC-address checking code for 2736 DHCPRELEASE that was added in 3.0.1rc5. 2737 2738- Fix a bug where client-specific information was not being discarded 2739 from the lease when it expired or was released, resulting in 2740 problems if the lease was reallocated to a different client. 2741 2742- If more than one allocation pool is specified that has the same set 2743 of constraints as another allocation pool on the same shared 2744 network, merge the two pools. 2745 2746- Don't print an error in fallback_discard, since this just causes 2747 confusion and does not appear to be helping to encourage anyone to 2748 fix this bug. 2749 2750 Changes since 3.0.1rc4 2751 2752- Fix a bug that would cause the DHCP server to spin if asked to parse 2753 a certain kind of incorrect statement. 2754 2755- Fix a related bug that would prevent an error from being reported in 2756 the same case. 2757 2758- Additional documentation. 2759 2760- Make sure that the hardware address matches the lease when 2761 processing a DHCPRELEASE message. 2762 2763 Changes since 3.0.1rc3 2764 2765- A minor bug fix in the arguments to a logging function call. 2766- Documentation update for dhcpd.conf. 2767 2768 Changes since 3.0.1rc2 2769 2770- Allow the primary to send a POOLREQ message. This isn't what the current 2771 failover draft says to do, so we may have to back it out if I can't get the 2772 authors to relent, but the scheme for balancing that's specified in the 2773 current draft seems needlessly hairy, so I'm floating a trial balloon. 2774 The rc1 code did not implement the method described in the draft either. 2775 2776 Changes since 3.0.1rc1 2777 2778- Treat NXDOMAIN and NXRRSET as success when we are trying to delete a 2779 domain or RRSET. This allows the DHCP server to forget about a name 2780 it added to the DNS once it's been removed, even if the DHCP server 2781 wasn't the one that removed it. 2782 2783- Install defaults for failover maximum outstanding updates and maximum 2784 silent time. This prevents problems that might occur if these values 2785 were not configured. 2786 2787- Don't do DDNS deletes if ddns-update-style is none. 2788 2789- Return relay agent information options in DHCPNAK. This prevents DHCPNAK 2790 messages from being dropped when the relay agent information option contains 2791 routing information. 2792 2793- Fix a problem where coming up in recover wouldn't result in an update 2794 request being sent. 2795 2796- Add some more chatty messages when we start a recovery update and when it's 2797 done. 2798 2799- Fix a possible problem where some state might have been left around 2800 after the peer lost contact and regained contact about how many updates 2801 were pending. 2802 2803- Don't nix a lease update because of a lease conflict. This test has 2804 never (as far as I know) prevented a mistake, and it appears to cause 2805 problems with failover. 2806 2807- Add support in rc history code for keeping a selective history, rather 2808 than a history of all references and dereferences. This code is only used 2809 when extensive additional debugging is enabled. 2810 2811 Changes since 3.0 2812 2813- Make allocators for hash tables. As a side effect, this fixes a memory 2814 smash in the subclass allocation code. 2815 2816- Fix a small bug in omshell where if you try to close an object when 2817 no object is open, it dumps core. 2818 2819- Fix an obscure coredump that could occur on shutdown. 2820 2821- Fix a bug in the recording of host declaration rubouts in the lease file. 2822 2823- Fix two potential spins in the host deletion code. 2824 2825- Fix a core dump that would happen if an application tried to update 2826 a host object attribute with a null value. 2827 2828 Changes since 3.0 Release Candidate 12 2829 2830- Fix a memory leak in the evaluation code. 2831 2832- Fix an obscure core dump. 2833 2834- Print a couple of new warnings when parsing the configuration file 2835 when crucial information is left out. 2836 2837- Log "no free leases" as an error. 2838 2839- Documentation updates. 2840 2841 Changes since 3.0 Release Candidate 11 2842 2843- Always return a subnet selection option if one is sent. 2844 2845- Fix a warning that was being printed because an automatic data 2846 structure wasn't zeroed. 2847 2848- Fix some failover state transitions that were being handled 2849 incorrectly. 2850 2851- When supersede_lease is called on a lease whose end time has already 2852 expired, but for which a state transition has not yet been done, do 2853 a state transition. This fixes the case where if the secondary 2854 allocated a lease to a client and the lease "expired" while the 2855 secondary was in partner-down, no expiry event would actually 2856 happen, so the lease would remain active until the primary was 2857 restarted. 2858 2859 Changes since 3.0 Release Candidate 10 2860 2861- Fix a bug that was preventing released leases from changing state 2862 in failover-enabled pools. 2863 2864- Fix a core dump in the client identifier finder code (for host 2865 declarations). 2866 2867- Finish fixing a bug where bogus data would sometimes get logged to 2868 the dhclient.leases file because it was opened as descriptor 2. 2869 2870- Fix the Linux dhclient-script according to suggestions made by 2871 several people on the dhcp-client mailing list. 2872 2873- Log successful DNS updates at LOG_INFO, not LOG_ERROR. 2874 2875- Print an error message and refuse to run if a failover peer is 2876 defined but not referenced by any pools. 2877 2878- Correct a confusing error message in failover. 2879 2880 Changes since 3.0 Release Candidate 9 2881 2882- Fix a bug in lease allocation for Dynamic BOOTP clients. 2883 2884 Changes since 3.0 Release Candidate 8 Patchlevel 2 2885 2886- Fix a bug that prevented update-static-leases from working. 2887 2888- Document failover-state OMAPI object. 2889 2890- Fix a compilation error on SunOS 4. 2891 2892 Changes since 3.0 Release Candidate 8 Patchlevel 1 2893 2894- Fix a parsing bug that broke dns updates (both interim and ad-hoc). 2895 This was introduced in rc8pl1 as an unintended result of the memory 2896 leakage fixes that were in pl1. 2897 2898- Fix a long-standing bug where the server would record that an update 2899 had been done for a client with no name, even though no update had 2900 been done, and then when the client's lease expired the deletion of 2901 that nonexistant record would time out because the name was the null 2902 string. 2903 2904- Clean up the omshell, dhcpctl and omapi man pages a bit. 2905 2906 Changes since 3.0 Release Candidate 8 2907 2908- Fix a bug that could cause the DHCP server to spin if 2909 one-lease-per-client was enabled. 2910 2911- Fix a bug that was causing core dumps on BSD/os in the presence of 2912 malformed packets. 2913 2914- In partner-down state, don't restrict lease lengths to MCLT. 2915 2916- On the failover secondary, record the MCLT received from the primary 2917 so that if we come up without a connection to the primary we don't 2918 wind up giving out zero-length leases. 2919 2920- Fix some compilation problems on BSD/os. 2921 2922- Fix a bunch of memory leaks. 2923 2924- Fix a couple of bugs in the option printer. 2925 2926- Fix an obscure error reporting bug in the dns update code, and also 2927 make the message clearer when a key algorithm isn't supported. 2928 2929- Fix a bug in the tracing code that prevented trace runs that used 2930 tcp connections from being played back. 2931 2932- Add some additional debugging capability for catching memory leaks 2933 on exit. 2934 2935- Make the client release the lease correctly on shutdown. 2936 2937- Add some configurability to the build system. 2938 2939- Install omshell manual page in man1, not man8. 2940 2941- Craig Gwydir sent in a patch that fixes a long-standing bug in the 2942 DHCP client that could cause core dumps, but that for some reason 2943 hadn't been noticed until now. 2944 2945 Changes since 3.0 Release Candidate 7 2946 2947- Fix a bug in failover where we weren't sending updates after a 2948 transition from communications-interrupted to normal. 2949 2950- Handle expired/released/reset -> free transition according to the 2951 protocol specification (this works - the other way not only wasn't 2952 conformant, but also didn't work). 2953 2954- Add a control object in both client and server that allows either 2955 daemon to be shut down cleanly. 2956 2957- When writing a lease, if we run out of disk space, shut down the 2958 output file and insist on writing a new one before proceeding. 2959 2960- In the server, if the OMAPI listener port is occupied, keep trying 2961 to get it, rather than simply giving up and exiting. 2962 2963- Support fetching variables from leases and also updating and adding 2964 variables to leases via OMAPI. 2965 2966- If two failover peers have wildly different clocks, refuse to start 2967 doing failover. 2968 2969- Fix a bug in the DNS update code that could cause core dumps when 2970 running on alpha processors. 2971 2972- Fixed a bug in ddns updates for static lease entries, thanks to a 2973 patch from Andrey M Linkevitch. 2974 2975- Add support for Darwin/MacOS X 2976 2977- Install omshell (including new documentation). 2978 2979- Support DNS updates in the client (this is a very obscure feature 2980 that most DHCP client users probably will not be able to use). 2981 2982- Somewhat cleaner status logging in the client. 2983 2984- Make OMAPI key naming syntax compatible with the way keys are 2985 actually named (key names are domain names). 2986 2987- Fix a bug in the lease file writer. 2988 2989- Install DHCP ISC headers in a different place than BIND 9 ISC 2990 headers, to avoid causing trouble in BIND 9 builds. 2991 2992- Don't send updates for attributes on an object when the attributes 2993 haven't changed. Support deleting attributes on remote objects. 2994 2995- Fix a number of bugs in omshell, and add the unset and refresh 2996 statements. 2997 2998- Handle disconnects in OMAPI a little bit more intelligently (so that 2999 the caller gets ECONNRESET instead of EINVAL). 3000 3001- Fix a bunch of bugs in the handling of clients that have existing 3002 leases when the try to renew their leases while failover is 3003 operating. 3004 3005 Changes since 3.0 Release Candidate 6 3006 3007- Fix a core dump that could happen when processing a DHCPREQUEST from 3008 a client that had a host declaration that contained both a 3009 fixed-address declaration and a dhcp-client-identifier option 3010 declaration, if the client identifier was longer than nine bytes. 3011 3012- Fix a memory leak that could happen in certain obscure cases when 3013 using omapi to manipulate leases. 3014 3015- Fix some bugs and omissions in omshell. 3016 3017 Changes since 3.0 Release Candidate 5 3018 3019- Fix a bug in omapi_object_dereference that prevented objects in 3020 chains from having their reference counts decreased on dereference. 3021 3022- Fix a bug in omapi_object_dereference that would prevent object 3023 chains from being freed upon removal of the last reference external 3024 to the chain. 3025 3026- Fix a number of other memory leaks in the OMAPI protocol subsystem. 3027 3028- Add code in the OMAPI protocol handler to trace memory leakage. 3029 3030- Clean up the memory allocation/reference history printer. 3031 3032- Support input of dotted quads and colon-separated hex lists as 3033 attribute values in omshell. 3034 3035- Fix a typo in the Linux interface discovery code. 3036 3037- Conditionalize a piece of trace code that wasn't conditional. 3038 3039 Changes since 3.0 Release Candidate 4 3040 3041- Fix a bug that would prevent leases from being abandoned properly on 3042 DHCPDECLINE. 3043 3044- Fix failover peer OMAPI support. 3045 3046- In failover, correctly handle expiration of leases. Previously, 3047 leases would never be reclaimed because they couldn't make the 3048 transition from EXPIRED to FREE. 3049 3050- Fix some broken failover state transitions. 3051 3052- Documentation fixes. 3053 3054- Take out an unnecessary check in DHCP relay agent information option 3055 stashing code that was preventing REBINDING clients from rebinding. 3056 3057- Prevent failover peers from allocating leases in DHCPREQUEST 3058 processing if the lease belongs to the other server. 3059 3060- Record server version in lease file introductory comment. 3061 3062- Correctly report connection errors in OMAPI and failover. 3063 3064- Make authentication signature algorithm name comparisons in OMAPI 3065 case-insensitive. 3066 3067- Fix compile problem on SunOS 4.x 3068 3069- If a signature algorithm is not terminated with '.', terminate it so 3070 that comparisons between fully-qualified names will work 3071 consistently. 3072 3073- Different SIOCGIFCONF probe code, may "fix" problem on some Linux 3074 systems with the probe not working correctly. 3075 3076- Don't allow user to type omapi key on command line of omshell. 3077 3078 Changes since 3.0 Release Candidate 3 3079 3080- Do lease billing on startup in a way that I *think* will finally do 3081 the billing correctly - the previous method could overbill as a 3082 result of duplicate leases. 3083 3084- Document OMAPI server objects. 3085 3086 Changes since 3.0 Release Candidate 2 Patchlevel 1 3087 3088- Fix some problems in the DDNS update code. Thanks to Albert 3089 Herranz for figuring out the main problem. 3090 3091- Fix some reference counting errors on host entries that were causing 3092 core dumps. 3093 3094- Fix a byte-swap bug in the token ring code, thanks to Jochen 3095 Friedrich. 3096 3097- Fix a bug in lease billing, thanks to Jonas Bulow. 3098 3099 Changes since 3.0 Release Candidate 2 3100 3101- Change the conditions under which a DHCPRELEASE is actually 3102 committed to be consistent with lease binding states rather than 3103 using the lease end time. This may fix some problems with the 3104 billing class code. 3105 3106- Fix a bug where lease updates would fail on Digital Unix (and maybe 3107 others) because malloc was called with a size of zero. 3108 3109- Fix a core dump that happens when the DHCP server can't create its 3110 trace file. 3111 3112 Changes since 3.0 Release Candidate 1 Patchlevel 1 3113 3114- Fix the dhcp_failover_put_message to not attempt to allocate a 3115 zero-length buffer. Some versions of malloc() fail if you try to 3116 allocate a zero-length buffer, and this was causing problems on, 3117 e.g., Digital Unix. 3118 3119- Fix a case where the failover code was printing an error message 3120 when no error had occurred. 3121 3122- Fix a problem where when a server went down and back up again, the 3123 peer would not see a state transition and so would stay in the 3124 non-communicating state. 3125 3126- Be smart about going into recover_wait. 3127 3128- Fix a problem in the failover implementation where peers would fail 3129 to come into sync if interrupted in the RECOVER state. This could 3130 have been the cause of some problems people have reported recently. 3131 3132- Fix a problem with billing classes where they would not be unbilled 3133 when the client lease expired. 3134 3135- If select fails, figure out which descriptor is bad, and cut it out 3136 of the I/O loop. This prevents a potentially nasty spin. I 3137 haven't heard any report it in a while, but it came up consistently 3138 in testing. 3139 3140- Fix a bug in the relay agent where if you specified interfaces on 3141 the command line, it would fail. 3142 3143- Fix a couple of small bugs in the omapi connection object (no known 3144 user impact). 3145 3146- Add the missing 3.0 Beta 1 lease conversion script. 3147 3148- Read dhcp client script hooks if they exist, rather than only if 3149 they're executable. 3150 3151 Changes since 3.0 Release Candidate 1 3152 3153- Fix a memory smash that happens when fixed-address leases are used. 3154 ANY SITE AT WHICH FIXED-ADDRESS STATEMENTS ARE BEING USED SHOULD 3155 UPGRADE IMMEDIATELY. This has been a long-standing bug - thanks to 3156 Alvise Nobile for discovering it and helping me to find it! 3157 3158- Fix a small bug in binary-to-ascii, thanks to H. Peter Anvin of 3159 Transmeta. 3160 3161- There is a known problem with the DHCP server doing failover on 3162 Compaq Alpha systems. This patchlevel is not a release candidate 3163 because of this bug. The bug should be straightforward to fix, so 3164 a new release candidate is expected shortly. 3165 3166- There is a known problem in the DDNS update code that is probably a 3167 bug, and is not, as far as we know, fixed in this patchlevel. 3168 3169 Changes since 3.0 Beta 2 Patchlevel 24 3170 3171- Went over problematic failover state transitions and made them all 3172 work, so that failover should now much less fragile. 3173 3174- Add some dhcpctl and omapi documentation 3175 3176- Fix compile errors when compiling with unusual predefines. 3177 3178- Make Token Ring work on Linux 2.4 3179 3180- Fix the Digital Unix BPF_WORDALIGN bug. 3181 3182- Fix some dhcp client documentation errors. 3183 3184- Update some parts of the README file. 3185 3186- Support GCC on SCO. 3187 3188 Changes since 3.0 Beta 2 Patchlevel 23 3189 3190- Fix a bug in the DNS update code where a status code was not being 3191 checked. This may have been causing core dumps. 3192 3193- When parsing the lease file, if a lease declaration includes a 3194 billing class statement, and the lease already has a billing class, 3195 unbill the old class. 3196 3197- When processing failover transactions, where acks will be deferred, 3198 process the state transition immediately. 3199 3200- Don't try to use the new SIOCGIFCONF buffer size detection code on 3201 Linux 2.0, which doesn't provide this functionality. 3202 3203- Apply a patch suggested by Tuan Uong for a problem in dlpi.c. 3204 3205- Fix a problem in using the which command in the configure script. 3206 3207- Fix a parse error in the client when setting up an omapi listener. 3208 3209- Document the -n and -g flags to the client. 3210 3211- Make sure there is always a stdin and stdout on startup. This 3212 prevents shell scripts from accidentally writing error messages into 3213 configuration files that happen to be opened as stderr. 3214 3215- If an interface is removed, the client will now notice that it is 3216 gone rather than spinning. This has only been tested on NetBSD. 3217 3218- The client will attempt to get an address even if it can't create a 3219 lease file. 3220 3221- Don't overwrite tracefiles. 3222 3223- Fix some memory allocation bugs in failover. 3224 3225 Changes since 3.0 Beta 2 Patchlevel 22 3226 3227- Apply some patches suggested by Cyrille Lefevre, who is maintaining 3228 the FreeBSD ISC DHCP Distribution port. 3229 3230- Fix a core dump in DHCPRELEASE. 3231 3232 Changes since 3.0 Beta 2 Patchlevel 21 3233 3234- This time for sure: fix the spin described in the changes for pl20. 3235 3236 Changes since 3.0 Beta 2 Patchlevel 20 3237 3238- Fix a problem with Linux detecting large numbers of interfaces (Ben) 3239 3240- Fix a memory smash in the quotify code, which was introduced in 3241 pl19. 3242 3243- Actually fix the spin described in the changes for pl20. The 3244 previous fix only partially fixed the problem - enough to get it 3245 past the regression test. 3246 3247 Changes since 3.0 Beta 2 Patchlevel 19 3248 3249- Fix a bug that could cause the server to abort if compiled with 3250 POINTER_DEBUG enabled. 3251 3252- Fix a bug that could cause the server to spin when responding to a 3253 DHCPREQUEST. 3254 3255- Apply Joost Mulders' suggested patches for DLPI on x86. 3256 3257- Support NUL characters in quoted strings. 3258 3259- Install unformatted man pages on SunOS. 3260 3261 Changes since 3.0 Beta 2 Patchlevel 18 3262 3263- Allow the server to be placed in partner-down state using OMAPI. 3264 (Damien Neil) 3265 3266- Implement omshell, which can be used to do arbitrary things to the 3267 server (in theory). (Damien Neil) 3268 3269- Fix a case where if a client had two different leases the server could 3270 actually dereference the second one when it hadn't been referenced, 3271 leading to memory corruption and a core dump. (James Brister) 3272 3273- Fix a case where a client could request the address of another client's 3274 lease, but find_lease wouldn't detect that the other client had it, and 3275 would attempt to allocate it to the client, resulting in a lease conflict 3276 message. 3277 3278- Fix a case where a client with more than one client identifier could be 3279 given a lease where the hardware address was correct but the client 3280 identifier was not, resulting in a lease conflict message. 3281 3282- Fix a problem where the server could write out a colon-separated 3283 hex list as a value for a variable, which would then not parse. 3284 The fix is to always write strings as quoted strings, with any 3285 non-printable characters quoted as octal escape sequences. So 3286 a file written the old way still won't work, but new files written 3287 this way will work. 3288 3289- Fix documentation for sending non-standard options. 3290 3291- Use unparsable names for unknown options. WARNING: this will 3292 break any configuration files that use the option-nnn convention. 3293 If you want to continue to use this convention for some options, 3294 please be sure to write a definition, like this: 3295 3296 option option-nnn code nnn = string; 3297 3298 You can use a descriptive name instead of option-nnn if you like. 3299 3300- Fix a problem where we would see a DHCPDISCOVER/DHCPOFFER/ 3301 DHCPREQUEST/DHCPACK/DHCPREQUEST/DHCPNAK sequence. This was the 3302 result of a deceptively silly bug in supersede_lease. 3303 3304- Fix client script exit status check, according to a fix supplied by 3305 Hermann Lauer. 3306 3307- Fix an endianness bug in the tracefile support, regarding ICMP 3308 messages. 3309 3310- Fix a bug in the client where the medium would not work correctly if 3311 it contained quoted strings. 3312 3313 ** there was no pl17 ** 3314 3315 Changes since 3.0 Beta 2 Patchlevel 16 3316 3317- Add support for transaction tracing. This allows the state of the 3318 DHCP server on startup, and all the subsequent transactions, to be 3319 recorded in a file which can then be played back to reproduce the 3320 behaviour of the DHCP server. This can be used to quickly 3321 reproduce bugs that cause core dumps or corruption, and also for 3322 tracking down memory leaks. 3323 3324- Incorporate some bug fixes provided by Joost Mulders for the DLPI 3325 package which should clear up problems people have been seeing on 3326 Solaris. 3327 3328- Fix bugs in the handling of options stored as linked lists (agent 3329 options, fqdn options and nwip options) that could cause memory 3330 corruption and core dumps. 3331 3332- Fix a bug in DHCPREQUEST handling that resulted in DHCPNAK messages 3333 not being send in some cases when they were needed. 3334 3335- Make the lease structure somewhat more compact. 3336 3337- Make initial failover startup *much* faster. This was researched 3338 and implemented by Damien Neil. 3339 3340- Add a --version flag to all executables, which prints the program 3341 name and version to standard output. 3342 3343- Don't rewrite the lease file every thousand leases. 3344 3345- A bug in nit.c for older SunOS machines was fixed by a patch sent in 3346 by Takeshi Hagiwara. 3347 3348- Fix a memory corruption bug in the DHCP client. 3349 3350- Lots of documentation updates. 3351 3352- Add a feature allowing environment variables to be passed to the 3353 DHCP client script on the DHCP client command line. 3354 3355- Fix client medium support, which had been broken for some time. 3356 3357- Fix a bug in the DHCP client initial startup backoff interval, which 3358 would cause two DHCPDISCOVERS to be sent back-to-back on startup. 3359 3360 Changes since 3.0 Beta 2 Patchlevel 15 3361 3362- Some documentation tweaks. 3363 3364- Maybe fix a problem in the DLPI code. 3365 3366- Fix some error code space inconsistencies in ddns update code. 3367 3368- Support relay agents that intercept unicast DHCP messages to stuff 3369 agent options into them. 3370 3371- Fix a small memory leak in the relay agent option support code. 3372 3373- Fix a core dump that would occur if a packet was sent with no 3374 options. 3375 3376 Changes since 3.0 Beta 2 Patchlevel 14 3377 3378- Finish fixing a long-standing bug in the agent options code. This 3379 was causing core dumps and failing to operate correctly - in 3380 particular, agent option stashing wasn't working. Agent option 3381 stashing should now be working, meaning that agent options can be 3382 used in class statements to control address allocation. 3383 3384- Fix up documentation. 3385 3386- Fix a couple of small memory leaks that would have added up 3387 significantly in a high-demand situation. 3388 3389- Add a log-facility configuration parameter. 3390 3391- Fix a compile error on some older operating systems. 3392 3393- Add the ability in the client to execute certain statements before 3394 transmitting packets to the server. Handy for debugging; not much 3395 practical use otherwise. 3396 3397- Don't send faked-out giaddr when renewing or bound - again, useful 3398 for debugging. 3399 3400 Changes since 3.0 Beta 2 Patchlevel 13 3401 3402- Fixed a problem where the fqdn decoder would sometimes try to store 3403 an option with an (unsigned) negative length, resulting in a core 3404 dump on some systems. 3405 3406- Work around the Win98 DHCP client, which NUL-terminates the FQDN 3407 option. 3408 3409- Work around Win98 and Win2k clients that will claim they want to do 3410 the update even when they don't have any way to do it. 3411 3412- Fix some log messages that can be printed when failover is operating 3413 that were not printing enough information. 3414 3415- It was possible for a DHCPDISCOVER to get an allocation even when 3416 the state machine said the server shouldn't be responding. 3417 3418- Don't load balance DHCPREQUESTs from clients in RENEWING and 3419 REBINDING, since in RENEWING, if we heard it, it's for us, and in 3420 REBINDING, the client wouldn't have got to REBINDING if its primary 3421 were answering. 3422 3423- When we get a bogus state lease binding state transition, don't do 3424 the transition. 3425 3426 3427 Changes since 3.0 Beta 2 Patchlevel 12 3428 3429- Fixed a couple of silly compile errors. 3430 3431 Changes since 3.0 Beta 2 Patchlevel 11 3432 3433- Albert Herranz tracked down and fixed a subtle bug in the base64 3434 decoder that would prevent any key with an 'x' in its base64 3435 representation from working correctly. 3436 3437- Thanks to Chris Cheney and Michael Sanders, we have a fix for the 3438 hang that they both spotted in the DHCP server - when 3439 one-lease-per-client was set, the code to release the "other" lease 3440 could spin. 3441 3442- Fix a problem with alignment of the input buffer in bpf in cases 3443 where two packets arrive in the same bpf read. 3444 3445- Fix a problem where the relay agent would crash if you specified an 3446 interface name on the command line. 3447 3448- Add the ability to conditionalize client behaviour based on the 3449 client state. 3450 3451- Add support for the FQDN option, and added support for a new way of 3452 doing ddns updates (ddns update style interim) that allows more than 3453 one DHCP server to update the DNS for the same network(s). This 3454 was implemented by Damien Neil with some additional functionality 3455 added by Ted Lemon. 3456 3457- Damien added a "log" statement, so that the configuration file can 3458 be made to log debugging information and other information. 3459 3460- Fixed a bug that caused option buffers not to be terminated with an 3461 end option. 3462 3463- Fixed a long-standing bug in the support for option spaces where the 3464 options are stored as an ordered list rather than in a hash table, 3465 which could theoretically result in memory pool corruption. 3466 3467- Prevent hardware declarations with no actual hardware address from 3468 being written as something unparsable, and behave correctly in the 3469 face of a null hardware address on input. 3470 3471- Allow key names to be FQDNs, and qualify the algorithm name if it is 3472 specified unqualified. 3473 3474- Modify the DDNS update code so that it never prints the "resolver 3475 failed" message, but instead says *why* the resolver failed. 3476 3477- Officially support the subnet selection option, which now has an 3478 RFC. 3479 3480- Fix a build bug on MacOS X. 3481 3482- Allow administrator to disable ping checking. 3483 3484- Clean up dhcpd.conf documentation and add more information about how 3485 it works. 3486 3487 Changes since 3.0 Beta 2 Patchlevel 10 3488 3489- Fix a bug introduced during debugging (!) and accidentally committed 3490 to CVS. 3491 3492 Changes since 3.0 Beta 2 Patchlevel 9 3493 3494- Fix DHCP client handling of vendor encapsulated options. 3495 3496- Fix a bug in the handling of relay agent information options introduced 3497 in patchlevel 9. 3498 3499- Stash agent options on client leases by default, and use the stashed 3500 options at renewal time. 3501 3502- Add the ability to test the client's binding state in the client 3503 configuration language. 3504 3505- Fix a core dump in the DNS update code. 3506 3507- Fix some expression evaluation bugs that were causing updates to be 3508 done when no client hostname was received. 3509 3510- Fix expression evaluation debugging printfs. 3511 3512- Teach pretty_print_option to print options in option spaces other than 3513 the DHCP option space. 3514 3515- Add a warning message if the RHS of a not is not boolean. 3516 3517- Never select for more than a day, because some implementations of 3518 select will just fail if the timeout is too long (!). 3519 3520- Fix a case where a DHCPDISCOVER from an unknown network would be 3521 silently dropped. 3522 3523- Fix a bug where if a client requested an IP address for which a different 3524 client had the lease, the DHCP server would reallocate it anyway. 3525 3526- Fix the DNS update code so that if the client changes its name, the DNS 3527 will be correctly updated. 3528 3529 Changes since 3.0 Beta 2 Patchlevel 8 3530 3531- Oops, there was another subtle math error in the header-length 3532 bounds-checking. 3533 3534 Changes since 3.0 Beta 2 Patchlevel 7 3535 3536- Oops, forgot to byte-swap udp header length before bounds-checking it. 3537 3538 Changes since 3.0 Beta 2 Patchlevel 6 3539 3540- Fix a possible DoS attack where a client could cause the checksummer 3541 to dump core. This was a read, not a write, so it shouldn't be 3542 possible to exploit it any further than that. 3543 3544- Implement client- and server-side support for using the Client FQDN 3545 option. 3546 3547- Support for other option spaces in the client has been added. This 3548 means that it is now possible to define a vendor option space on the 3549 client, request options in that space from the server (which must 3550 define the same option space), and then use those options in the 3551 client. This also allows NWIP and Client FQDN options to be used 3552 meaningfully. 3553 3554- Add object initializer support. This means that objects can now be 3555 initialized to something other than all-zeros when allocated, which 3556 makes, e.g., the interface object support code a little more robust. 3557 3558- Fix an off-by-one bug in the host stuffer. This was causing host 3559 deletes not the work, and may also have been causing OMAPI 3560 connections to get dropped. Thanks to James Brister for tracking 3561 this one down! 3562 3563- Fixed a core dump in the interface discovery code that is triggered 3564 when there is no subnet declaration for an interface, but the server 3565 decides to continue running. Thanks to Shane Kerr for tracking 3566 down and fixing this problem. 3567 3568 Changes since 3.0 Beta 2 Patchlevel 5 3569 3570- Fix a bug in the recent enhancement to the interface discovery code 3571 to support arbitrary-length interface lists. 3572 3573- Support NUL-terminated DHCP options when initializing client-script 3574 environment. 3575 3576- Fix suffix operator. 3577 3578- Fix NetWare/IP option parsing. 3579 3580- Better error/status checking in dhcpctl initialization and omapi 3581 connection code. 3582 3583- Fix a potential memory smash in dhcpctl code. 3584 3585- Fix SunOS4 and (maybe) Ultrix builds. 3586 3587- Fix a bug where a certain sort of incoming packet could cause a core 3588 dump on Solaris (and probably elsewhere). 3589 3590- Add some more safety checks in error logging code. 3591 3592- Add support for ISC_R_INCOMPLETE in OMAPI protocol connection code. 3593 3594- Fix relay agent so that if an interface is specified on the command 3595 line, the relay agent does not dump core. 3596 3597- Fix class matching so that match if can be combined with match or 3598 spawn with. 3599 3600- Do not allow spurious leases in the lease database to introduce 3601 potentially bogus leases into the in-memory database. 3602 3603- Fix a byte-order problem in the client hardware address type code 3604 for OMAPI. 3605 3606- Be slightly less picky about what sort of hardware addresses OMAPI 3607 can install in host declarations. 3608 3609 Changes since 3.0 Beta 2 Patchlevel 4 3610 3611- Incorporated Peter Marschall's proposed change to array/record 3612 parsing, which allows things like the slp-agent option to be encoded 3613 correctly. Thanks very much to Peter for taking the initiative to 3614 do this, and for doing such a careful job of it (e.g., updating the 3615 comments)! 3616 3617- Added an encoding for the slp-agent option. :') 3618 3619- Fixed SunOS 4 build. Thanks to Robert Elz for responding to my 3620 request for help on this with patches! 3621 3622- Incorporated a change that should fix a problem reported by Philippe 3623 Jumelle where when the network connection between two servers is 3624 lost, they never reconnect. 3625 3626- Fix client script files other than that for NetBSD to actually use 3627 make_resolv_conf as documented in the manual page. 3628 3629- Fix a bug in the packet handling code that could result in a core 3630 dump. 3631 3632- Fix a bug in the bootp code where responses on the local net would 3633 be sent to the wrong MAC address. Thanks to Jerry Schave for 3634 catching this one. 3635 3636 Changes since 3.0 Beta 2 Patchlevel 3 3637 3638- In the DHCP client, execute client statements prior to using the values 3639 of options, so that the client configuration can overridden, e.g., the 3640 lease renewal time. 3641 3642- Fix a reference counting error that would result in very reproducible 3643 failures in updates, as well as occasional core dumps, if a zone was 3644 declared without a key. 3645 3646- Fix some Linux 2.0 compilation problems. 3647 3648- Fix a bug in scope evaluation during execution of "on" statements that 3649 caused values not to be recorded on leases. 3650 3651- If the dhcp-max-message-size option is specified in scope, and the 3652 client didn't send this option, use the one specified in scope to 3653 determine the maximum size of the response. 3654 3655 Changes since 3.0 Beta 2 Patchlevel 2 3656 3657- Fix a case where spawning subclasses were being allocated 3658 incorrectly, resulting in a core dump. 3659 3660- Fix a case where the DHCP server might inappropriately NAK a 3661 RENEWING client. 3662 3663- Fix a place dhcprequest() where static leases could leak. 3664 3665- Include memory.h in omapip_p.h so that we don't get warnings about 3666 using memcmp(). 3667 3668 Changes since 3.0 Beta 2 Patchlevel 1 3669 3670- Notice when SIOCFIGCONF returns more data than fit in the buffer - 3671 allocate a larger buffer, and retry. Thanks to Greg Fausak for 3672 pointing this out. 3673 3674- In the server, if no interfaces were configured, report an error and 3675 exit. 3676 3677- Don't ever record a state of 'startup'. 3678 3679- Don't try to evaluate the local failover binding address if none was 3680 specified. Thanks to Joseph Breu for finding this. 3681