powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity

dhcp package update 

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
master
basebuilder_pel7x64builder0 2019-11-25 13:13:24 +01:00
parent 4015f8acd2
commit db7f8fef00
76 changed files with 14601 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
SOURCES/11-dhclient Normal file
View File

@ -0,0 +1,41 @@
#!/bin/bash
# run dhclient.d scripts in an emulated environment

PATH=/bin:/usr/bin:/sbin
SAVEDIR=/var/lib/dhclient
ETCDIR=/etc/dhcp
interface=$1

eval "$(
declare | LC_ALL=C grep '^DHCP4_[A-Z_]*=' | while read -r opt; do
optname=${opt%%=*}
optname=${optname,,}
optname=new_${optname#dhcp4_}
optvalue=${opt#*=}
echo "export $optname=$optvalue"
done
)"

[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network

[ -f /etc/sysconfig/network-scripts/ifcfg-$interface ] && \
. /etc/sysconfig/network-scripts/ifcfg-$interface

if [ -d $ETCDIR/dhclient.d ]; then
for f in $ETCDIR/dhclient.d/*.sh; do
if [ -x $f ]; then
subsystem="${f%.sh}"
subsystem="${subsystem##*/}"
. ${f}
if [ "$2" = "up" ]; then
"${subsystem}_config"
elif [ "$2" = "dhcp4-change" ]; then
if [ "$subsystem" = "chrony" -o "$subsystem" = "ntp" ]; then
"${subsystem}_config"
fi
elif [ "$2" = "down" ]; then
"${subsystem}_restore"
fi
fi
done
fi

15
SOURCES/12-dhcpd Normal file
View File

@ -0,0 +1,15 @@
#!/bin/bash

INTERFACE=$1 # The interface which is brought up or down
STATUS=$2 # The new state of the interface

# whenever interface is brought up by NM (rhbz #565921)
if [ "$STATUS" = "up" ]; then
# restart the services
# In case this dispatcher script is called several times in a short period of time, it might happen that
# systemd refuses to further restart the units. Therefore we use reset-failed command to prevent it.
systemctl -q is-enabled dhcpd.service && systemctl restart dhcpd.service && systemctl reset-failed dhcpd.service
systemctl -q is-enabled dhcpd6.service && systemctl restart dhcpd6.service && systemctl reset-failed dhcpd6.service
fi

exit 0

61
SOURCES/56dhclient Normal file
View File

@ -0,0 +1,61 @@
#!/bin/sh
# If we are running dhclient, shutdown running instances cleanly and
# bring them back up on resume.

. "${PM_FUNCTIONS}"

PM_DHCLIENT_RUNDIR="${PM_UTILS_RUNDIR}/network"
PM_DHCLIENT_SUSPEND="${PM_DHCLIENT_RUNDIR}/dhclient.suspend"

suspend_dhclient() {
[ ! -d /etc/sysconfig/network-scripts ] && return
[ ! -x /sbin/ifdown ] && return

[ ! -d ${PM_DHCLIENT_RUNDIR} ] && /bin/mkdir -p ${PM_DHCLIENT_RUNDIR}
[ -f ${PM_DHCLIENT_SUSPEND} ] && /bin/rm -f ${PM_DHCLIENT_SUSPEND}

cd /etc/sysconfig/network-scripts
for ifcfg in ifcfg-* ; do
# Clear relevant parameters set by previous interface
# (lo doesn't set them)
NM_CONTROLLED=
BOOTPROTO=

. ./"${ifcfg}"

if [ "${NM_CONTROLLED}" = "no" ] || [ "${NM_CONTROLLED}" = "n" ] || [ "${NM_CONTROLLED}" = "false" ]; then
if [ "${BOOTPROTO}" = "bootp" ] || [ "${BOOTPROTO}" = "dhcp" ] || [ -z "${BOOTPROTO}" ]; then
# device is not NetworkManager controlled and uses dhcp,
# now see if it's actually up at the moment
/sbin/ip link show ${DEVICE} | /bin/grep -qE "state (UP|UNKNOWN)" >/dev/null 2>&1
if [ $? -eq 0 ]; then
echo "${DEVICE}" >> ${PM_DHCLIENT_SUSPEND}
/sbin/ifdown ${DEVICE}
fi
fi
fi
done
}

resume_dhclient() {
[ ! -f ${PM_DHCLIENT_SUSPEND} ] && return
[ ! -x /sbin/ifup ] && return

cd /etc/sysconfig/network-scripts
while read device ; do
/sbin/ifup ${device}
done < ${PM_DHCLIENT_SUSPEND}

/bin/rm -f ${PM_DHCLIENT_SUSPEND}
}

case "$1" in
hibernate|suspend)
suspend_dhclient
;;
thaw|resume)
resume_dhclient
;;
*) exit $NA
;;
esac

47
SOURCES/README.dhclient.d Normal file
View File

@ -0,0 +1,47 @@
The /etc/dhcp/dhclient.d directory allows other packages and system
administrators to create application-specific option handlers for dhclient.

When dhclient is run, any option listed in the dhcp-options(5) man page can
be requested. dhclient-script does not handle every option available
because doing so would make the script unmaintainable as the components
using those options might change over time. The knowledge of how to handle
those options should be under the responsibility of the package maintainer
for that component (e.g., NTP options belong in a handler in the ntp
package).

To make maintenance easier, application specific DHCP options can be handled
by creating a script with two functions and placing it in /etc/dhcp/dhclient.d

The script must follow a specific form:

(1) The script must be named NAME.sh. NAME can be anything, but it makes
sense to name it for the service it handles. e.g., ntp.sh

(2) The script must provide a NAME_config() function to read the options and
do whatever it takes to put those options in place.

(3) The script must provide a NAME_restore() function to restore original
configuration state when dhclient stops.

(4) The script must be 'chmod +x' or dhclient-script will ignore it.

The scripts execute in the same environment as dhclient-script. That means
all of the functions and variables available to it are available to your
NAME.sh script. Things of note:

${SAVEDIR} is where original configuration files are saved. Save your
original configuration files here before you take the DHCP provided
values and generate new files.

Variables set in /etc/sysconfig/network, /etc/sysconfig/networking/network,
and /etc/sysconfig/network-scripts/ifcfg-$interface are available to
you.

See the scripts in /etc/dhcp/dhclient.d for examples.

NOTE: Do not use functions defined in /usr/sbin/dhclient-script. Consider
dhclient-script a black box. This script may change over time, so the
dhclient.d scripts should not be using functions defined in it.

--
David Cantrell <dcantrell@redhat.com>

9
SOURCES/README.scripts Normal file
View File

@ -0,0 +1,9 @@
Please use this directory for on-commit scripts instead of `/etc/dhcp` to
make them work with the system selinux policy.

NOTE: To make dhcpd daemon able to execute the scripts /etc/dhcp directory
MUST be accessible by dhcpd group. Due to huge impact on dhclient users
it was not done during the installation so please adjust access rights accordingly

For example:
# chgrp dhcpd /etc/dhcp

25
SOURCES/azure-cloud.sh Normal file
View File

@ -0,0 +1,25 @@
#!/bin/sh
#
# This script provides support for dynamic DNS update in Microsoft Azure
# cloud. To enable this feature, change the configuration variables below
# and make the script executable.

primary_interface="eth0"
required_domain="mydomain.local"
dns_server="my-dns-server.mydomain.local"

# change the configuration variables above

[ "$interface" == "$primary_interface" ] || exit

case "$reason" in
BOUND|RENEW|REBIND|REBOOT)
fqdn="`hostname`.$required_domain"
nsupdate <<EOF
server $dns_server
update delete $fqdn a
update add $fqdn 3600 a $new_ip_address
send
EOF
;;
esac

877
SOURCES/dhclient-script Normal file
View File

@ -0,0 +1,877 @@
#!/bin/bash
#
# dhclient-script: Network interface configuration script run by
# dhclient based on DHCP client communication
#
# Copyright (C) 2008-2014 Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# Author(s): David Cantrell <dcantrell@redhat.com>
# Jiri Popelka <jpopelka@redhat.com>
#
# ----------
# This script is a rewrite/reworking on dhclient-script originally
# included as part of dhcp-970306:
# dhclient-script for Linux. Dan Halbert, March, 1997.
# Updated for Linux 2.[12] by Brian J. Murrell, January 1999.
# Modified by David Cantrell <dcantrell@redhat.com> for Fedora and RHEL
# ----------
#

PATH=/bin:/usr/bin:/sbin
# scripts in dhclient.d/ use $SAVEDIR (#833054)
SAVEDIR=/var/lib/dhclient

LOGFACILITY="local7"
LOGLEVEL="notice"

ETCDIR="/etc/dhcp"

logmessage() {
msg="${1}"
logger -p ${LOGFACILITY}.${LOGLEVEL} -t "NET" "dhclient: ${msg}"
}

eventually_add_hostnames_domain_to_search() {
# For the case when hostname for this machine has a domain that is not in domain_search list
# 1) get a hostname with `ipcalc --hostname` or `hostname`
# 2) get the domain from this hostname
# 3) add this domain to search line in resolv.conf if it's not already
# there (domain list that we have recently added there is a parameter of this function)
# We can't do this directly when generating resolv.conf in make_resolv_conf(), because
# we need to first save the resolv.conf with obtained values before we can call `ipcalc --hostname`.
# See bug 637763
search="${1}"
if need_hostname; then
status=1
OLD_HOSTNAME=${HOSTNAME}
if [ -n "${new_ip_address}" ]; then
eval $(/bin/ipcalc --silent --hostname ${new_ip_address} ; echo "status=$?")
elif [ -n "${new_ip6_address}" ]; then
eval $(/bin/ipcalc --silent --hostname ${new_ip6_address} ; echo "status=$?")
fi

if [ ${status} -eq 0 ]; then
domain=$(echo $HOSTNAME | cut -s -d "." -f 2-)
fi
HOSTNAME=${OLD_HOSTNAME}
else
domain=$(hostname 2>/dev/null | cut -s -d "." -f 2-)
fi

if [ -n "${domain}" ] &&
[ ! "${domain}" = "localdomain" ] &&
[ ! "${domain}" = "localdomain6" ] &&
[ ! "${domain}" = "(none)" ] &&
[[ ! "${domain}" = *\ * ]]; then
is_in="false"
for s in ${search}; do
if [ "${s}" = "${domain}" ] ||
[ "${s}" = "${domain}." ]; then
is_in="true"
fi
done

if [ "${is_in}" = "false" ]; then
# Add domain name to search list (#637763)
sed -i -e "s/${search}/${search} ${domain}/" /etc/resolv.conf
fi
fi
}

make_resolv_conf() {
[ "${PEERDNS}" = "no" ] && return

if [ "${reason}" = "RENEW" ] &&
[ "${new_domain_name}" = "${old_domain_name}" ] &&
[ "${new_domain_name_servers}" = "${old_domain_name_servers}" ]; then
return
fi

if [ -n "${new_domain_name}" ] ||
[ -n "${new_domain_name_servers}" ] ||
[ -n "${new_domain_search}" ]; then
rscf="$(mktemp ${TMPDIR:-/tmp}/XXXXXX)"
[[ -z "${rscf}" ]] && return
echo "; generated by /usr/sbin/dhclient-script" > ${rscf}

if [ -n "${SEARCH}" ]; then
search="${SEARCH}"
else
if [ -n "${new_domain_search}" ]; then
# Remove instaces of \032 (#450042)
search="${new_domain_search//\\032/ }"
elif [ -n "${new_domain_name}" ]; then
# Note that the DHCP 'Domain Name Option' is really just a domain
# name, and that this practice of using the domain name option as
# a search path is both nonstandard and deprecated.
search="${new_domain_name}"
fi
fi

if [ -n "${search}" ]; then
echo "search ${search}" >> $rscf
fi

if [ -n "${RES_OPTIONS}" ]; then
echo "options ${RES_OPTIONS}" >> ${rscf}
fi

if [ -n "${new_domain_name_servers}" ]; then
for nameserver in ${new_domain_name_servers} ; do
echo "nameserver ${nameserver}" >> "${rscf}"
done
else # keep 'old' nameservers
sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p /etc/resolv.conf >> "${rscf}"
fi

change_resolv_conf ${rscf}
rm -f ${rscf}

if [ -n "${search}" ]; then
eventually_add_hostnames_domain_to_search "${search}"
fi
elif [ -n "${new_dhcp6_name_servers}" ] ||
[ -n "${new_dhcp6_domain_search}" ]; then
rscf="$(mktemp ${TMPDIR:-/tmp}/XXXXXX)"
[[ -z "${rscf}" ]] && return
echo "; generated by /usr/sbin/dhclient-script" > ${rscf}

if [ -n "${SEARCH}" ]; then
search="${SEARCH}"
else
if [ -n "${new_dhcp6_domain_search}" ]; then
search="${new_dhcp6_domain_search//\\032/ }"
fi
fi

if [ -n "${search}" ]; then
echo "search ${search}" >> $rscf
fi

if [ -n "${RES_OPTIONS}" ]; then
echo "options ${RES_OPTIONS}" >> ${rscf}
fi

shopt -s nocasematch
if [ -n "${new_dhcp6_name_servers}" ]; then
for nameserver in ${new_dhcp6_name_servers} ; do
# If the nameserver has a link-local address
# add a <zone_id> (interface name) to it.
if [[ "$nameserver" =~ ^fe80:: ]]
then
zone_id="%${interface}"
else
zone_id=
fi
echo "nameserver ${nameserver}$zone_id" >> "${rscf}"
done
else # keep 'old' nameservers
sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p /etc/resolv.conf >> "${rscf}"
fi
shopt -u nocasematch

change_resolv_conf ${rscf}
rm -f ${rscf}

if [ -n "${search}" ]; then
eventually_add_hostnames_domain_to_search "${search}"
fi
fi
}

exit_with_hooks() {
exit_status="${1}"

if [ -x ${ETCDIR}/dhclient-exit-hooks ]; then
. ${ETCDIR}/dhclient-exit-hooks
fi

if [ -d ${ETCDIR}/dhclient-exit-hooks.d ]; then
for f in ${ETCDIR}/dhclient-exit-hooks.d/*.sh ; do
if [ -x ${f} ]; then
. ${f}
fi
done
fi

exit ${exit_status}
}

quad2num() {
if [ $# -eq 4 ]; then
let n="${1} << 24 | ${2} << 16 | ${3} << 8 | ${4}"
echo "${n}"
return 0
else
echo "0"
return 1
fi
}

ip2num() {
IFS="." quad2num ${1}
}

num2ip() {
let n="${1}"
let o1="(n >> 24) & 0xff"
let o2="(n >> 16) & 0xff"
let o3="(n >> 8) & 0xff"
let o4="n & 0xff"
echo "${o1}.${o2}.${o3}.${o4}"
}

get_network_address() {
# get network address for the given IP address and (netmask or prefix)
ip="${1}"
nm="${2}"

if [ -n "${ip}" -a -n "${nm}" ]; then
if [[ "${nm}" = *.* ]]; then
ipcalc -s -n ${ip} ${nm} | cut -d '=' -f 2
else
ipcalc -s -n ${ip}/${nm} | cut -d '=' -f 2
fi
fi
}

get_prefix() {
# get prefix for the given IP address and mask
ip="${1}"
nm="${2}"

if [ -n "${ip}" -a -n "${nm}" ]; then
ipcalc -s -p ${ip} ${nm} | cut -d '=' -f 2
fi
}

class_bits() {
let ip=$(IFS='.' ip2num $1)
let bits=32
let mask='255'
for ((i=0; i <= 3; i++, 'mask<<=8')); do
let v='ip&mask'
if [ "$v" -eq 0 ] ; then
let bits-=8
else
break
fi
done
echo $bits
}

is_router_reachable() {
# handle DHCP servers that give us a router not on our subnet
router="${1}"
routersubnet="$(get_network_address ${router} ${new_subnet_mask})"
mysubnet="$(get_network_address ${new_ip_address} ${new_subnet_mask})"

if [ ! "${routersubnet}" = "${mysubnet}" ]; then
ip -4 route replace ${router}/32 dev ${interface}
if [ "$?" -ne 0 ]; then
logmessage "failed to create host route for ${router}"
return 1
fi
fi

return 0
}

add_default_gateway() {
router="${1}"

if is_router_reachable ${router} ; then
metric=""
if [ $# -gt 1 ] && [ ${2} -gt 0 ]; then
metric="metric ${2}"
fi
ip -4 route replace default via ${router} dev ${interface} ${metric}
if [ $? -ne 0 ]; then
logmessage "failed to create default route: ${router} dev ${interface} ${metric}"
return 1
else
return 0
fi
fi

return 1
}

execute_client_side_configuration_scripts() {
# execute any additional client side configuration scripts we have
if [ "${1}" == "config" ] || [ "${1}" == "restore" ]; then
for f in ${ETCDIR}/dhclient.d/*.sh ; do
if [ -x ${f} ]; then
subsystem="${f%.sh}"
subsystem="${subsystem##*/}"
. ${f}
"${subsystem}_${1}"
fi
done
fi
}

flush_dev() {
# Instead of bringing the interface down (#574568)
# explicitly clear the ARP cache and flush all addresses & routes.
ip -4 addr flush dev ${1} >/dev/null 2>&1
ip -4 route flush dev ${1} >/dev/null 2>&1
ip -4 neigh flush dev ${1} >/dev/null 2>&1
}

dhconfig() {
if [ -n "${old_ip_address}" ] && [ -n "${alias_ip_address}" ] &&
[ ! "${alias_ip_address}" = "${old_ip_address}" ]; then
# possible new alias, remove old alias first
ip -4 addr del ${old_ip_address} dev ${interface} label ${interface}:0
fi

if [ -n "${old_ip_address}" ] &&
[ ! "${old_ip_address}" = "${new_ip_address}" ]; then
# IP address changed. Delete all routes, and clear the ARP cache.
flush_dev ${interface}
fi

# make sure the interface is up
ip link set dev ${interface} up

# replace = add if it doesn't exist or override (update lifetimes) if it's there
ip -4 addr replace ${new_ip_address}/${new_prefix} broadcast ${new_broadcast_address} dev ${interface} \
valid_lft ${new_dhcp_lease_time} preferred_lft ${new_dhcp_lease_time} >/dev/null 2>&1


if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] ||
[ ! "${old_classless_static_routes}" = "${new_classless_static_routes}" ] ||
[ ! "${old_static_routes}" = "${new_static_routes}" ] ||
[ ! "${old_ip_address}" = "${new_ip_address}" ] ||
[ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] ||
[ ! "${old_network_number}" = "${new_network_number}" ] ||
[ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] ||
[ ! "${old_routers}" = "${new_routers}" ] ||
[ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then
# The 576 MTU is only used for X.25 and dialup connections
# where the admin wants low latency. Such a low MTU can cause
# problems with UDP traffic, among other things. As such,
# disallow MTUs from 576 and below by default, so that broken
# MTUs are ignored, but higher stuff is allowed (1492, 1500, etc).
if [ -n "${new_interface_mtu}" ] && [ ${new_interface_mtu} -gt 576 ]; then
ip link set dev ${interface} mtu ${new_interface_mtu}
fi

# Remove old static routes if no new static routes are provided
if [ -n "${old_classless_static_routes}" ] ||
[ -n "${old_static_routes}" ]; then
remove_routes=0
if [ -n "${old_classless_static_routes}" ]; then
if [ -z "${new_classless_static_routes}" ]; then
IFS=', |' old_static_routes=(${old_classless_static_routes})
remove_routes=1
fi
else
if [ -z "${new_static_routes}" ]; then
IFS=', |' old_static_routes=(${old_static_routes})
remove_routes=1
fi
fi
if [ $remove_routes = "1" ] ; then
for((i=0; i<${#old_static_routes[@]}; i+=2)); do
old_target=${old_static_routes[$i]}
old_prefix=$(echo ${old_target} | cut -d "." -f 1)
old_target=$(echo ${old_target} | cut -d "." -f 2-)
old_gateway=${old_static_routes[$i+1]}
ip -4 route del ${old_target}/${old_prefix} proto static via ${old_gateway} dev ${interface}
done
fi
fi
# static routes
if [ -n "${new_classless_static_routes}" ] ||
[ -n "${new_static_routes}" ]; then
if [ -n "${new_classless_static_routes}" ]; then
IFS=', |' static_routes=(${new_classless_static_routes})
# If the DHCP server returns both a Classless Static Routes option and
# a Router option, the DHCP client MUST ignore the Router option. (RFC3442)
new_routers=""
else
IFS=', |' static_routes=(${new_static_routes})
fi
route_targets=()

# Remove old static routes if no matching target is provided in the new static routes
if [ -n "${old_classless_static_routes}" ] ||
[ -n "${old_static_routes}" ]; then
if [ -n "${old_classless_static_routes}" ]; then
IFS=', |' old_static_routes=(${old_classless_static_routes})
else
IFS=', |' old_static_routes=(${old_static_routes})
fi
for((i=0; i<${#old_static_routes[@]}; i+=2)); do
old_target=${old_static_routes[$i]}
remove_route=1
for((j=0; j<${#static_routes[@]}; j+=2)); do
if [ $old_target = ${static_routes[$j]} ]; then
remove_route=0
fi
done
old_prefix=$(echo ${old_target} | cut -d "." -f 1)
old_target=$(echo ${old_target} | cut -d "." -f 2-)
old_gateway=${old_static_routes[$i+1]}
if [ $remove_route = "1" ]; then
ip -4 route del ${old_target}/${old_prefix} proto static via ${old_gateway} dev ${interface}
fi
done
fi
for((i=0; i<${#static_routes[@]}; i+=2)); do
target=${static_routes[$i]}
if [ -n "${new_classless_static_routes}" ]; then
if [ ${target} = "0" ]; then
new_routers="${static_routes[$i+1]}"
continue
else
prefix=${target%%.*}
target=${target#*.}
IFS="." target_arr=(${target})
unset IFS
((pads=4-${#target_arr[@]}))
for j in $(seq $pads); do
target="${target}.0"
done

# Client MUST zero any bits in the subnet number where the corresponding bit in the mask is zero.
# In other words, the subnet number installed in the routing table is the logical AND of
# the subnet number and subnet mask given in the Classless Static Routes option. (RFC3442)
target="$(get_network_address ${target} ${prefix})"
fi
else
prefix=$(class_bits ${target})
fi
gateway=${static_routes[$i+1]}

# special case 0.0.0.0 to allow static routing for link-local addresses
# (including IPv4 multicast) which will not have a next-hop (#769463, #787318)
if [ "${gateway}" = "0.0.0.0" ]; then
valid_gateway=0
scope='scope link'
else
is_router_reachable ${gateway}
valid_gateway=$?
scope=''
fi
if [ ${valid_gateway} -eq 0 ]; then
metric=''
for t in ${route_targets[@]}; do
if [ ${t} = ${target} ]; then
if [ -z "${metric}" ]; then
metric=1
else
((metric=metric+1))
fi
fi
done

if [ -n "${metric}" ]; then
metric="metric ${metric}"
fi

ip -4 route replace ${target}/${prefix} proto static via ${gateway} dev ${interface} ${metric} ${scope}

if [ $? -ne 0 ]; then
logmessage "failed to create static route: ${target}/${prefix} via ${gateway} dev ${interface} ${metric}"
else
route_targets=(${route_targets[@]} ${target})
fi
fi
done
fi

# gateways
if [[ ( "${DEFROUTE}" != "no" ) &&
(( -z "${GATEWAYDEV}" ) || ( "${GATEWAYDEV}" = "${interface}" )) ]]; then
if [[ ( -z "$GATEWAY" ) ||
(( -n "$DHCLIENT_IGNORE_GATEWAY" ) && ( "$DHCLIENT_IGNORE_GATEWAY" = [Yy]* )) ]]; then
metric="${METRIC:-}"
let i="${METRIC:-0}"
default_routers=()

for router in ${new_routers} ; do
added_router=-

for r in ${default_routers[@]} ; do
if [ "${r}" = "${router}" ]; then
added_router=1
fi
done

if [ -z "${router}" ] ||
[ "${added_router}" = "1" ] ||
[ $(IFS=. ip2num ${router}) -le 0 ] ||
[[ ( "${router}" = "${new_broadcast_address}" ) &&
( "${new_subnet_mask}" != "255.255.255.255" ) ]]; then
continue
fi

default_routers=(${default_routers[@]} ${router})
add_default_gateway ${router} ${metric}
let i=i+1
metric=${i}
done
elif [ -n "${GATEWAY}" ]; then
routersubnet=$(get_network_address ${GATEWAY} ${new_subnet_mask})
mysubnet=$(get_network_address ${new_ip_address} ${new_subnet_mask})

if [ "${routersubnet}" = "${mysubnet}" ]; then
ip -4 route replace default via ${GATEWAY} dev ${interface}
fi
fi
fi
fi

if [ ! "${new_ip_address}" = "${alias_ip_address}" ] &&
[ -n "${alias_ip_address}" ]; then
# Reset the alias address (fix: this should really only do this on changes)
ip -4 addr flush dev ${interface} label ${interface}:0 >/dev/null 2>&1
ip -4 addr replace ${alias_ip_address}/${alias_prefix} broadcast ${alias_broadcast_address} dev ${interface} label ${interface}:0
ip -4 route replace ${alias_ip_address}/32 dev ${interface}
fi
# After dhclient brings an interface UP with a new IP address, subnet mask,
# and routes, in the REBOOT/BOUND states -> search for "dhclient-up-hooks".
if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] ||
[ ! "${old_ip_address}" = "${new_ip_address}" ] ||
[ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] ||
[ ! "${old_network_number}" = "${new_network_number}" ] ||
[ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] ||
[ ! "${old_routers}" = "${new_routers}" ] ||
[ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then
if [ -x ${ETCDIR}/dhclient-${interface}-up-hooks ]; then
. ${ETCDIR}/dhclient-${interface}-up-hooks
elif [ -x ${ETCDIR}/dhclient-up-hooks ]; then
. ${ETCDIR}/dhclient-up-hooks
fi
fi

make_resolv_conf

if [ -n "${new_host_name}" ] && need_hostname; then
hostname ${new_host_name} || echo "See -nc option in dhclient(8) man page."
fi

if [[ ( "${DHCP_TIME_OFFSET_SETS_TIMEZONE}" = [yY1]* ) &&
( -n "${new_time_offset}" ) ]]; then
# DHCP option "time-offset" is requested by default and should be
# handled. The geographical zone abbreviation cannot be determined
# from the GMT offset, but the $ZONEINFO/Etc/GMT$offset file can be
# used - note: this disables DST.
((z=new_time_offset/3600))
((hoursWest=$(printf '%+d' $z)))

if (( $hoursWest < 0 )); then
# tzdata treats negative 'hours west' as positive 'gmtoff'!
((hoursWest*=-1))
fi

tzfile=/usr/share/zoneinfo/Etc/GMT$(printf '%+d' ${hoursWest})
if [ -e ${tzfile} ]; then
cp -fp ${tzfile} /etc/localtime
touch /etc/localtime
fi
fi

execute_client_side_configuration_scripts "config"
}

# Section 18.1.8. (Receipt of Reply Messages) of RFC 3315 says:
# The client SHOULD perform duplicate address detection on each of
# the addresses in any IAs it receives in the Reply message before
# using that address for traffic.
add_ipv6_addr_with_DAD() {
ip -6 addr replace ${new_ip6_address}/${new_ip6_prefixlen} \
dev ${interface} scope global valid_lft ${new_max_life} \
preferred_lft ${new_preferred_life}

# repeatedly test whether newly added address passed
# duplicate address detection (DAD)
for i in $(seq 5); do
sleep 1 # give the DAD some time

addr=$(ip -6 addr show dev ${interface} \
| grep ${new_ip6_address}/${new_ip6_prefixlen})

# tentative flag == DAD is still not complete
tentative=$(echo "${addr}" | grep tentative)
# dadfailed flag == address is already in use somewhere else
dadfailed=$(echo "${addr}" | grep dadfailed)

if [ -n "${dadfailed}" ] ; then
# address was added with valid_lft/preferred_lft 'forever', remove it
ip -6 addr del ${new_ip6_address}/${new_ip6_prefixlen} dev ${interface}
exit_with_hooks 3
fi
if [ -z "${tentative}" ] ; then
if [ -n "${addr}" ]; then
# DAD is over
return 0
else
# address was auto-removed (or not added at all)
exit_with_hooks 3
fi
fi
done
return 0
}

dh6config() {
if [ -n "${old_ip6_prefix}" ] ||
[ -n "${new_ip6_prefix}" ]; then
echo Prefix ${reason} old=${old_ip6_prefix} new=${new_ip6_prefix}
exit_with_hooks 0
fi

case "${reason}" in
BOUND6)
if [ -z "${new_ip6_address}" ] ||
[ -z "${new_ip6_prefixlen}" ]; then
exit_with_hooks 2
fi

add_ipv6_addr_with_DAD

make_resolv_conf
;;

RENEW6|REBIND6)
if [[ -n "${new_ip6_address}" ]] &&
[[ -n "${new_ip6_prefixlen}" ]]; then
if [[ ! "${new_ip6_address}" = "${old_ip6_address}" ]]; then
[[ -n "${old_ip6_address}" ]] && ip -6 addr del ${old_ip6_address} dev ${interface}
add_ipv6_addr_with_DAD
fi
# call it even if new_ip6_address = old_ip6_address to update lifetimes
add_ipv6_addr_with_DAD
fi

if [ ! "${new_dhcp6_name_servers}" = "${old_dhcp6_name_servers}" ] ||
[ ! "${new_dhcp6_domain_search}" = "${old_dhcp6_domain_search}" ]; then
make_resolv_conf
fi
;;

DEPREF6)
if [ -z "${new_ip6_prefixlen}" ]; then
exit_with_hooks 2
fi

ip -6 addr change ${new_ip6_address}/${new_ip6_prefixlen} \
dev ${interface} scope global preferred_lft 0
;;
esac

execute_client_side_configuration_scripts "config"
}


#
# ### MAIN
#

if [ -x ${ETCDIR}/dhclient-enter-hooks ]; then
exit_status=0

# dhclient-enter-hooks can abort dhclient-script by setting
# the exit_status variable to a non-zero value
. ${ETCDIR}/dhclient-enter-hooks
if [ ${exit_status} -ne 0 ]; then
exit ${exit_status}
fi
fi

if [ ! -r /etc/sysconfig/network-scripts/network-functions ]; then
echo "Missing /etc/sysconfig/network-scripts/network-functions, exiting." >&2
exit 1
fi

if [ ! -r /etc/rc.d/init.d/functions ]; then
echo "Missing /etc/rc.d/init.d/functions, exiting." >&2
exit 1
fi

. /etc/sysconfig/network-scripts/network-functions
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/network ]; then
. /etc/sysconfig/network
fi

if [ -f /etc/sysconfig/networking/network ]; then
. /etc/sysconfig/networking/network
fi

cd /etc/sysconfig/network-scripts
CONFIG="${interface}"
need_config ${CONFIG}
source_config >/dev/null 2>&1

new_prefix="$(get_prefix ${new_ip_address} ${new_subnet_mask})"
old_prefix="$(get_prefix ${old_ip_address} ${old_subnet_mask})"
alias_prefix="$(get_prefix ${alias_ip_address} ${alias_subnet_mask})"

case "${reason}" in
MEDIUM|ARPCHECK|ARPSEND)
# Do nothing
exit_with_hooks 0
;;

PREINIT)
if [ -n "${alias_ip_address}" ]; then
# Flush alias, its routes will disappear too.
ip -4 addr flush dev ${interface} label ${interface}:0 >/dev/null 2>&1
fi

# upstream dhclient-script removes (ifconfig $interface 0 up) old adresses in PREINIT,
# but we sometimes (#125298) need (for iSCSI/nfs root to have a dhcp interface) to keep the existing ip
# flush_dev ${interface}
ip link set dev ${interface} up
if [ -n "${DHCLIENT_DELAY}" ] && [ ${DHCLIENT_DELAY} -gt 0 ]; then
# We need to give the kernel some time to get the interface up.
sleep ${DHCLIENT_DELAY}
fi

exit_with_hooks 0
;;

PREINIT6)
# ensure interface is up
ip link set dev ${interface} up

# remove any stale addresses from aborted clients
ip -6 addr flush dev ${interface} scope global permanent

# we need a link-local address to be ready (not tentative)
for i in $(seq 50); do
linklocal=$(ip -6 addr show dev ${interface} scope link)
# tentative flag means DAD is still not complete
tentative=$(echo "${linklocal}" | grep tentative)
[[ -n "${linklocal}" && -z "${tentative}" ]] && exit_with_hooks 0
sleep 0.1
done

exit_with_hooks 0
;;

BOUND|RENEW|REBIND|REBOOT)
if [ -z "${interface}" ] || [ -z "${new_ip_address}" ]; then
exit_with_hooks 2
fi
if arping -D -q -c2 -I ${interface} ${new_ip_address}; then
dhconfig
exit_with_hooks 0
else # DAD failed, i.e. address is already in use
ARP_REPLY=$(arping -D -c2 -I ${interface} ${new_ip_address} | grep reply | awk '{print toupper($5)}' | cut -d "[" -f2 | cut -d "]" -f1)
OUR_MACS=$(ip link show | grep link | awk '{print toupper($2)}' | uniq)
if [[ "${OUR_MACS}" = *"${ARP_REPLY}"* ]]; then
# in RENEW the reply can come from our system, that's OK
dhconfig
exit_with_hooks 0
else
exit_with_hooks 1
fi
fi
;;

BOUND6|RENEW6|REBIND6|DEPREF6)
dh6config
exit_with_hooks 0
;;

EXPIRE6|RELEASE6|STOP6)
if [ -z "${old_ip6_address}" ] || [ -z "${old_ip6_prefixlen}" ]; then
exit_with_hooks 2
fi

ip -6 addr del ${old_ip6_address}/${old_ip6_prefixlen} \
dev ${interface}

execute_client_side_configuration_scripts "restore"

if [ -x ${ETCDIR}/dhclient-${interface}-down-hooks ]; then
. ${ETCDIR}/dhclient-${interface}-down-hooks
elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then
. ${ETCDIR}/dhclient-down-hooks
fi

exit_with_hooks 0
;;

EXPIRE|FAIL|RELEASE|STOP)
execute_client_side_configuration_scripts "restore"

if [ -x ${ETCDIR}/dhclient-${interface}-down-hooks ]; then
. ${ETCDIR}/dhclient-${interface}-down-hooks
elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then
. ${ETCDIR}/dhclient-down-hooks
fi

if [ -n "${alias_ip_address}" ]; then
# Flush alias
ip -4 addr flush dev ${interface} label ${interface}:0 >/dev/null 2>&1
fi

if [ -n "${old_ip_address}" ]; then
# Delete addresses/routes/arp cache.
flush_dev ${interface}
fi

if [ -n "${alias_ip_address}" ]; then
ip -4 addr replace ${alias_ip_address}/${alias_prefix} broadcast ${alias_broadcast_address} dev ${interface} label ${interface}:0
ip -4 route replace ${alias_ip_address}/32 dev ${interface}
fi

exit_with_hooks 0
;;

TIMEOUT)
if [ -n "${new_routers}" ]; then
if [ -n "${alias_ip_address}" ]; then
ip -4 addr flush dev ${interface} label ${interface}:0 >/dev/null 2>&1
fi

ip -4 addr replace ${new_ip_address}/${new_prefix} \
broadcast ${new_broadcast_address} dev ${interface} \
valid_lft ${new_dhcp_lease_time} preferred_lft ${new_dhcp_lease_time}
set ${new_routers}

if ping -q -c 1 -w 10 -I ${interface} ${1}; then
dhconfig
exit_with_hooks 0
fi

flush_dev ${interface}
exit_with_hooks 1
else
exit_with_hooks 1
fi
;;

*)
logmessage "unhandled state: ${reason}"
exit_with_hooks 1
;;
esac

exit_with_hooks 0

14
SOURCES/dhcp-4.2.0-add_timeout_when_NULL.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up dhcp-4.2.0/common/dispatch.c.dracut dhcp-4.2.0/common/dispatch.c
--- dhcp-4.2.0/common/dispatch.c.dracut 2010-06-01 19:29:59.000000000 +0200
+++ dhcp-4.2.0/common/dispatch.c 2010-07-21 16:10:09.000000000 +0200
@@ -189,6 +189,10 @@ void add_timeout (when, where, what, ref
isc_interval_t interval;
isc_time_t expires;
+ if (when == NULL) {
+ return;
+ }
+
/* See if this timeout supersedes an existing timeout. */
t = (struct timeout *)0;
for (q = timeouts; q; q = q->next) {

44
SOURCES/dhcp-4.2.0-default-requested-options.patch Normal file
View File

@ -0,0 +1,44 @@
diff -up dhcp-4.2.0/client/clparse.c.requested dhcp-4.2.0/client/clparse.c
--- dhcp-4.2.0/client/clparse.c.requested 2010-07-21 13:29:05.000000000 +0200
+++ dhcp-4.2.0/client/clparse.c 2010-07-21 13:50:29.000000000 +0200
@@ -37,7 +37,7 @@
struct client_config top_level_config;
-#define NUM_DEFAULT_REQUESTED_OPTS 9
+#define NUM_DEFAULT_REQUESTED_OPTS 14
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
@@ -111,6 +111,31 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
+ /* 10 */
+ code = DHO_NIS_DOMAIN;
+ option_code_hash_lookup(&default_requested_options[9],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
+ /* 11 */
+ code = DHO_NIS_SERVERS;
+ option_code_hash_lookup(&default_requested_options[10],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
+ /* 12 */
+ code = DHO_NTP_SERVERS;
+ option_code_hash_lookup(&default_requested_options[11],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
+ /* 13 */
+ code = DHO_INTERFACE_MTU;
+ option_code_hash_lookup(&default_requested_options[12],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
+ /* 14 */
+ code = DHO_DOMAIN_SEARCH;
+ option_code_hash_lookup(&default_requested_options[13],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "

63
SOURCES/dhcp-4.2.0-dhclient-decline-backoff.patch Normal file
View File

@ -0,0 +1,63 @@
diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
--- dhcp-4.2.0/client/dhclient.c.backoff 2010-07-21 13:37:03.000000000 +0200
+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:38:31.000000000 +0200
@@ -1208,6 +1208,8 @@ void state_init (cpp)
void *cpp;
{
struct client_state *client = cpp;
+ enum dhcp_state init_state = client->state;
+ struct timeval tv;
ASSERT_STATE(state, S_INIT);
@@ -1220,9 +1222,18 @@ void state_init (cpp)
client -> first_sending = cur_time;
client -> interval = client -> config -> initial_interval;
- /* Add an immediate timeout to cause the first DHCPDISCOVER packet
- to go out. */
- send_discover (client);
+ if (init_state != S_DECLINED) {
+ /* Add an immediate timeout to cause the first DHCPDISCOVER packet
+ to go out. */
+ send_discover(client);
+ } else {
+ /* We've received an OFFER and it has been DECLINEd by dhclient-script.
+ * wait for a random time between 1 and backoff_cutoff seconds before
+ * trying again. */
+ tv . tv_sec = cur_time + ((1 + (random() >> 2)) % client->config->backoff_cutoff);
+ tv . tv_usec = 0;
+ add_timeout(&tv, send_discover, client, 0, 0);
+ }
}
/*
@@ -1501,6 +1512,7 @@ void bind_lease (client)
send_decline (client);
destroy_client_lease (client -> new);
client -> new = (struct client_lease *)0;
+ client -> state = S_DECLINED;
state_init (client);
return;
}
@@ -3711,6 +3723,7 @@ void client_location_changed ()
case S_INIT:
case S_REBINDING:
case S_STOPPED:
+ case S_DECLINED:
break;
}
client -> state = S_INIT;
diff -up dhcp-4.2.0/includes/dhcpd.h.backoff dhcp-4.2.0/includes/dhcpd.h
--- dhcp-4.2.0/includes/dhcpd.h.backoff 2010-07-21 13:29:05.000000000 +0200
+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 13:38:31.000000000 +0200
@@ -1056,7 +1056,8 @@ enum dhcp_state {
S_BOUND = 5,
S_RENEWING = 6,
S_REBINDING = 7,
- S_STOPPED = 8
+ S_STOPPED = 8,
+ S_DECLINED = 9
};
/* Authentication and BOOTP policy possibilities (not all values work

30
SOURCES/dhcp-4.2.0-errwarn-message.patch Normal file
View File

@ -0,0 +1,30 @@
diff -up dhcp-4.2.0/omapip/errwarn.c.errwarn dhcp-4.2.0/omapip/errwarn.c
--- dhcp-4.2.0/omapip/errwarn.c.errwarn 2009-07-23 20:52:21.000000000 +0200
+++ dhcp-4.2.0/omapip/errwarn.c 2010-07-21 13:23:47.000000000 +0200
@@ -76,20 +76,13 @@ void log_fatal (const char * fmt, ... )
#if !defined (NOMINUM)
log_error ("%s", "");
- log_error ("If you did not get this software from ftp.isc.org, please");
- log_error ("get the latest from ftp.isc.org and install that before");
- log_error ("requesting help.");
+ log_error ("This version of ISC DHCP is based on the release available");
+ log_error ("on ftp.isc.org. Features have been added and other changes");
+ log_error ("have been made to the base software release in order to make");
+ log_error ("it work better with this distribution.");
log_error ("%s", "");
- log_error ("If you did get this software from ftp.isc.org and have not");
- log_error ("yet read the README, please read it before requesting help.");
- log_error ("If you intend to request help from the dhcp-server@isc.org");
- log_error ("mailing list, please read the section on the README about");
- log_error ("submitting bug reports and requests for help.");
- log_error ("%s", "");
- log_error ("Please do not under any circumstances send requests for");
- log_error ("help directly to the authors of this software - please");
- log_error ("send them to the appropriate mailing list as described in");
- log_error ("the README file.");
+ log_error ("Please report for this software via the Red Hat Bugzilla site:");
+ log_error (" http://bugzilla.redhat.com");
log_error ("%s", "");
log_error ("exiting.");
#endif

12
SOURCES/dhcp-4.2.0-garbage-chars.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up dhcp-4.2.0/common/tables.c.garbage dhcp-4.2.0/common/tables.c
--- dhcp-4.2.0/common/tables.c.garbage 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.0/common/tables.c 2010-07-21 14:40:56.000000000 +0200
@@ -207,7 +207,7 @@ static struct option dhcp_options[] = {
{ "netinfo-server-tag", "t", &dhcp_universe, 113, 1 },
{ "default-url", "t", &dhcp_universe, 114, 1 },
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
+ { "domain-search", "D", &dhcp_universe, 119, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0

49
SOURCES/dhcp-4.2.0-honor-expired.patch Normal file
View File

@ -0,0 +1,49 @@
diff -up dhcp-4.2.0/client/dhc6.c.honor-expired dhcp-4.2.0/client/dhc6.c
--- dhcp-4.2.0/client/dhc6.c.honor-expired 2010-10-07 12:55:37.000000000 +0200
+++ dhcp-4.2.0/client/dhc6.c 2010-10-07 12:56:43.000000000 +0200
@@ -1405,6 +1405,32 @@ start_info_request6(struct client_state
go_daemon();
}
+/* Run through the addresses in lease and return true if there's any unexpired.
+ * Return false otherwise.
+ */
+isc_boolean_t
+unexpired_address_in_lease(struct dhc6_lease *lease)
+{
+ struct dhc6_ia *ia;
+ struct dhc6_addr *addr;
+
+ for (ia = lease->bindings ; ia != NULL ; ia = ia->next) {
+ for (addr = ia->addrs ; addr != NULL ; addr = addr->next) {
+ if (addr->flags & DHC6_ADDR_EXPIRED)
+ continue;
+
+ if (addr->starts + addr->max_life > cur_time) {
+ return ISC_TRUE;
+ }
+ }
+ }
+
+ log_info("PRC: Previous lease is devoid of active addresses."
+ " Re-initializing.");
+
+ return ISC_FALSE;
+}
+
/*
* start_confirm6() kicks off an "init-reboot" version of the process, at
* startup to find out if old bindings are 'fair' and at runtime whenever
@@ -1417,8 +1446,10 @@ start_confirm6(struct client_state *clie
/* If there is no active lease, there is nothing to check. */
if ((client->active_lease == NULL) ||
- !active_prefix(client) ||
- client->active_lease->released) {
+ !active_prefix(client) ||
+ client->active_lease->released ||
+ !unexpired_address_in_lease(client->active_lease)) {
+ dhc6_lease_destroy(&client->active_lease, MDL);
start_init6(client);
return;
}

12
SOURCES/dhcp-4.2.0-logpid.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up dhcp-4.2.0/client/dhclient.c.logpid dhcp-4.2.0/client/dhclient.c
--- dhcp-4.2.0/client/dhclient.c.logpid 2010-07-21 16:13:52.000000000 +0200
+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 16:16:51.000000000 +0200
@@ -154,7 +154,7 @@ main(int argc, char **argv) {
else if (fd != -1)
close(fd);
- openlog("dhclient", LOG_NDELAY, LOG_DAEMON);
+ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
#if !(defined(DEBUG) || defined(__CYGWIN32__))
setlogmask(LOG_UPTO(LOG_INFO));

85
SOURCES/dhcp-4.2.0-release-by-ifup.patch Normal file
View File

@ -0,0 +1,85 @@
diff -up dhcp-4.2.0/client/dhclient.c.ifup dhcp-4.2.0/client/dhclient.c
--- dhcp-4.2.0/client/dhclient.c.ifup 2010-07-21 13:30:10.000000000 +0200
+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:37:03.000000000 +0200
@@ -497,9 +497,81 @@ main(int argc, char **argv) {
kill(oldpid, SIGTERM);
}
fclose(pidfd);
+ } else {
+ /* handle release for interfaces requested with Red Hat
+ * /sbin/ifup - pidfile will be /var/run/dhclient-$interface.pid
+ */
+
+ if ((path_dhclient_pid == NULL) || (*path_dhclient_pid == '\0'))
+ path_dhclient_pid = "/var/run/dhclient.pid";
+
+ char *new_path_dhclient_pid;
+ struct interface_info *ip;
+ int pdp_len = strlen(path_dhclient_pid), pfx, dpfx;
+
+ /* find append point: beginning of any trailing '.pid'
+ * or '-$IF.pid' */
+ for (pfx=pdp_len; (pfx >= 0) && (path_dhclient_pid[pfx] != '.') && (path_dhclient_pid[pfx] != '/'); pfx--);
+ if (pfx == -1)
+ pfx = pdp_len;
+
+ if (path_dhclient_pid[pfx] == '/')
+ pfx += 1;
+
+ for (dpfx=pfx; (dpfx >= 0) && (path_dhclient_pid[dpfx] != '-') && (path_dhclient_pid[dpfx] != '/'); dpfx--);
+ if ((dpfx > -1) && (path_dhclient_pid[dpfx] != '/'))
+ pfx = dpfx;
+
+ for (ip = interfaces; ip; ip = ip->next) {
+ if (interfaces_requested && (ip->flags & (INTERFACE_REQUESTED))) {
+ int n_len = strlen(ip->name);
+
+ new_path_dhclient_pid = (char*) malloc(pfx + n_len + 6);
+ strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
+ sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
+
+ if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) {
+ e = fscanf(pidfd, "%ld\n", &temp);
+ oldpid = (pid_t)temp;
+
+ if (e != 0 && e != EOF) {
+ if (oldpid) {
+ if (kill(oldpid, SIGTERM) == 0)
+ unlink(path_dhclient_pid);
+ }
+ }
+
+ fclose(pidfd);
+ }
+
+ free(new_path_dhclient_pid);
+ }
+ }
+ }
+ } else {
+ FILE *pidfp = NULL;
+ long temp = 0;
+ pid_t dhcpid = 0;
+ int dhc_running = 0;
+ char procfn[256] = "";
+
+ if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
+ snprintf(procfn,256,"/proc/%u",dhcpid);
+ dhc_running = (access(procfn, F_OK) == 0);
+ }
+
+ fclose(pidfp);
+ }
+
+ if (dhc_running) {
+ log_fatal("dhclient(%u) is already running - exiting. ", dhcpid);
+ return(1);
}
}
+ write_client_pid_file();
+
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);

48
SOURCES/dhcp-4.2.1-retransmission.patch Normal file
View File

@ -0,0 +1,48 @@
diff -up dhcp-4.2.1b1/client/dhc6.c.retransmission dhcp-4.2.1b1/client/dhc6.c
--- dhcp-4.2.1b1/client/dhc6.c.retransmission 2011-01-28 08:40:56.000000000 +0100
+++ dhcp-4.2.1b1/client/dhc6.c 2011-01-28 08:39:22.000000000 +0100
@@ -361,7 +361,7 @@ dhc6_retrans_init(struct client_state *c
static void
dhc6_retrans_advance(struct client_state *client)
{
- struct timeval elapsed;
+ struct timeval elapsed, elapsed_after_RT;
/* elapsed = cur - start */
elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
@@ -378,6 +378,8 @@ dhc6_retrans_advance(struct client_state
elapsed.tv_sec += 1;
elapsed.tv_usec -= 1000000;
}
+ elapsed_after_RT.tv_sec = elapsed.tv_sec;
+ elapsed_after_RT.tv_usec = elapsed.tv_usec;
/*
* RT for each subsequent message transmission is based on the previous
@@ -415,13 +417,10 @@ dhc6_retrans_advance(struct client_state
elapsed.tv_usec -= 1000000;
}
if (elapsed.tv_sec >= client->MRD) {
- /*
- * wake at RT + cur = start + MRD
- */
- client->RT = client->MRD +
- (client->start_time.tv_sec - cur_tv.tv_sec);
- client->RT = client->RT * 100 +
- (client->start_time.tv_usec - cur_tv.tv_usec) / 10000;
+ client->RT = client->MRD - elapsed_after_RT.tv_sec;
+ client->RT = client->RT * 100 - elapsed_after_RT.tv_usec / 10000;
+ if (client->RT < 0)
+ client->RT = 0;
}
client->txcount++;
}
@@ -1497,7 +1496,7 @@ check_timing6 (struct client_state *clie
}
/* Check if finished (-1 argument). */
- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
+ if ((client->MRD != 0) && (elapsed.tv_sec >= client->MRD)) {
log_info("Max retransmission duration exceeded.");
return(CHK_TIM_MRD_EXCEEDED);
}

342
SOURCES/dhcp-4.2.2-CLOEXEC.patch Normal file
View File

@ -0,0 +1,342 @@
diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
--- dhcp-4.2.2b1/client/clparse.c.cloexec 2011-07-01 14:13:30.973887714 +0200
+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:15:15.021580693 +0200
@@ -246,7 +246,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
- if ((file = open (name, O_RDONLY)) < 0)
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
return uerr2isc (errno);
cfile = NULL;
@@ -283,7 +283,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
return;
cfile = NULL;
diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
--- dhcp-4.2.2b1/client/dhclient.c.cloexec 2011-07-01 14:13:30.970887717 +0200
+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 14:16:51.485930388 +0200
@@ -148,11 +148,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -506,7 +506,7 @@ main(int argc, char **argv) {
int e;
oldpid = 0;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -548,7 +548,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
- if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(new_path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -573,7 +573,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) {
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
@@ -2995,7 +2995,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
@@ -3105,7 +3105,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
@@ -3285,7 +3285,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
@@ -3772,9 +3772,9 @@ void go_daemon ()
close(2);
/* Reopen them on /dev/null. */
- open("/dev/null", O_RDWR);
- open("/dev/null", O_RDWR);
- open("/dev/null", O_RDWR);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
@@ -3791,14 +3791,14 @@ void write_client_pid_file ()
return;
}
- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error ("Can't create %s: %m", path_dhclient_pid);
return;
}
- pf = fdopen (pfdesc, "w");
+ pf = fdopen (pfdesc, "we");
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
diff -up dhcp-4.2.2b1/common/bpf.c.cloexec dhcp-4.2.2b1/common/bpf.c
--- dhcp-4.2.2b1/common/bpf.c.cloexec 2011-07-01 14:13:30.976887712 +0200
+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:13:31.030887673 +0200
@@ -94,7 +94,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.2.2b1/common/dlpi.c.cloexec dhcp-4.2.2b1/common/dlpi.c
--- dhcp-4.2.2b1/common/dlpi.c.cloexec 2011-07-01 14:13:30.977887712 +0200
+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:13:31.032887673 +0200
@@ -806,7 +806,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
- return open (devname, O_RDWR, 0);
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
}
/*
diff -up dhcp-4.2.2b1/common/nit.c.cloexec dhcp-4.2.2b1/common/nit.c
--- dhcp-4.2.2b1/common/nit.c.cloexec 2011-07-01 14:13:30.978887712 +0200
+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:13:31.033887672 +0200
@@ -81,7 +81,7 @@ int if_register_nit (info)
struct strioctl sio;
/* Open a NIT device */
- sock = open ("/dev/nit", O_RDWR);
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
diff -up dhcp-4.2.2b1/common/resolv.c.cloexec dhcp-4.2.2b1/common/resolv.c
--- dhcp-4.2.2b1/common/resolv.c.cloexec 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.2b1/common/resolv.c 2011-07-01 14:13:31.033887672 +0200
@@ -49,7 +49,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
diff -up dhcp-4.2.2b1/common/upf.c.cloexec dhcp-4.2.2b1/common/upf.c
--- dhcp-4.2.2b1/common/upf.c.cloexec 2011-07-01 14:13:30.979887712 +0200
+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:13:31.034887671 +0200
@@ -77,7 +77,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
--- dhcp-4.2.2b1/omapip/trace.c.cloexec 2010-05-27 02:34:57.000000000 +0200
+++ dhcp-4.2.2b1/omapip/trace.c 2011-07-01 14:13:31.036887669 +0200
@@ -141,10 +141,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
if (traceoutfile < 0 && errno == EEXIST) {
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
0600);
}
@@ -431,7 +431,7 @@ void trace_file_replay (const char *file
isc_result_t result;
int len;
- traceinfile = fopen (filename, "r");
+ traceinfile = fopen (filename, "re");
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
--- dhcp-4.2.2b1/relay/dhcrelay.c.cloexec 2011-05-10 15:07:37.000000000 +0200
+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 14:18:07.630209767 +0200
@@ -183,11 +183,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -540,13 +540,13 @@ main(int argc, char **argv) {
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error("Can't create %s: %m",
path_dhcrelay_pid);
} else {
- pf = fdopen(pfdesc, "w");
+ pf = fdopen(pfdesc, "we");
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
diff -up dhcp-4.2.2b1/server/confpars.c.cloexec dhcp-4.2.2b1/server/confpars.c
--- dhcp-4.2.2b1/server/confpars.c.cloexec 2010-10-14 00:34:45.000000000 +0200
+++ dhcp-4.2.2b1/server/confpars.c 2011-07-01 14:13:31.039887666 +0200
@@ -116,7 +116,7 @@ isc_result_t read_conf_file (const char
}
#endif
- if ((file = open (filename, O_RDONLY)) < 0) {
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
--- dhcp-4.2.2b1/server/db.c.cloexec 2010-09-14 00:15:26.000000000 +0200
+++ dhcp-4.2.2b1/server/db.c 2011-07-01 14:13:31.040887665 +0200
@@ -1035,7 +1035,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
- db_file = fopen (path_dhcpd_db, "a");
+ db_file = fopen (path_dhcpd_db, "ae");
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
@@ -1083,12 +1083,12 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664);
+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664);
if (db_fd < 0) {
log_error ("Can't create new lease file: %m");
return 0;
}
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
--- dhcp-4.2.2b1/server/dhcpd.c.cloexec 2011-04-21 16:08:15.000000000 +0200
+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 14:19:40.354124505 +0200
@@ -270,11 +270,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -793,7 +793,7 @@ main(int argc, char **argv) {
*/
if (no_pid_file == ISC_FALSE) {
/*Read previous pid file. */
- if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
+ if ((i = open (path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) {
status = read(i, pbuf, (sizeof pbuf) - 1);
close (i);
if (status > 0) {
@@ -812,7 +812,7 @@ main(int argc, char **argv) {
}
/* Write new pid file. */
- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET (write(i, pbuf, strlen(pbuf)));
@@ -840,9 +840,9 @@ main(int argc, char **argv) {
close(2);
/* Reopen them on /dev/null. */
- open("/dev/null", O_RDWR);
- open("/dev/null", O_RDWR);
- open("/dev/null", O_RDWR);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
+ open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
diff -up dhcp-4.2.2b1/server/ldap.c.cloexec dhcp-4.2.2b1/server/ldap.c
--- dhcp-4.2.2b1/server/ldap.c.cloexec 2010-03-25 16:26:58.000000000 +0100
+++ dhcp-4.2.2b1/server/ldap.c 2011-07-01 14:13:31.043887665 +0200
@@ -685,7 +685,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
S_IRUSR | S_IWUSR)) < 0)
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
strerror (errno));

250
SOURCES/dhcp-4.2.2-capability.patch Normal file
View File

@ -0,0 +1,250 @@
diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.8
--- dhcp-4.2.2b1/client/dhclient.8.capability 2011-07-01 15:09:06.603784531 +0200
+++ dhcp-4.2.2b1/client/dhclient.8 2011-07-01 15:09:06.663783913 +0200
@@ -118,6 +118,9 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
+.B -nc
+]
+[
.B -B
]
[
@@ -296,6 +299,32 @@ has been added or removed, so that the c
address on that interface.
.TP
+.BI \-nc
+Do not drop capabilities.
+
+Normally, if
+.B dhclient
+was compiled with libcap-ng support,
+.B dhclient
+drops most capabilities immediately upon startup. While more secure,
+this greatly restricts the additional actions that hooks in
+.B dhclient-script (8)
+can take. (For example, any daemons that
+.B dhclient-script (8)
+starts or restarts will inherit the restricted capabilities as well,
+which may interfere with their correct operation.) Thus, the
+.BI \-nc
+option can be used to prevent
+.B dhclient
+from dropping capabilities.
+
+The
+.BI \-nc
+option is ignored if
+.B dhclient
+was not compiled with libcap-ng support.
+
+.TP
.BI \-B
Set the BOOTP broadcast flag in request packets so servers will always
broadcast replies.
diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.c
--- dhcp-4.2.2b1/client/dhclient.c.capability 2011-07-01 15:09:06.644784107 +0200
+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 15:09:06.664783903 +0200
@@ -39,6 +39,10 @@
#include <limits.h>
#include <dns/result.h>
+#ifdef HAVE_LIBCAP_NG
+#include <cap-ng.h>
+#endif
+
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
@@ -141,6 +145,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
+#ifdef HAVE_LIBCAP_NG
+ int keep_capabilities = 0;
+#endif
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -410,6 +417,10 @@ main(int argc, char **argv) {
}
dhclient_request_options = argv[i];
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
+ keep_capabilities = 1;
+#endif
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
@@ -458,6 +469,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
+#ifdef HAVE_LIBCAP_NG
+ /* Drop capabilities */
+ if (!keep_capabilities) {
+ capng_clear(CAPNG_SELECT_CAPS);
+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_DAC_OVERRIDE); // Drop this someday
+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_NET_ADMIN, CAP_NET_RAW,
+ CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1);
+ capng_apply(CAPNG_SELECT_CAPS);
+ }
+#endif
+
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dhclient-script.8
--- dhcp-4.2.2b1/client/dhclient-script.8.capability 2011-07-01 15:09:06.604784521 +0200
+++ dhcp-4.2.2b1/client/dhclient-script.8 2011-07-01 15:09:06.666783883 +0200
@@ -239,6 +239,16 @@ repeatedly initialized to the values pro
the other. Assuming the information provided by both servers is
valid, this shouldn't cause any real problems, but it could be
confusing.
+.PP
+Normally, if dhclient was compiled with libcap-ng support,
+dhclient drops most capabilities immediately upon startup.
+While more secure, this greatly restricts the additional actions that
+hooks in dhclient-script can take. For example, any daemons that
+dhclient-script starts or restarts will inherit the restricted
+capabilities as well, which may interfere with their correct operation.
+Thus, the
+.BI \-nc
+option can be used to prevent dhclient from dropping capabilities.
.SH SEE ALSO
dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
dhclient.leases(5).
diff -up dhcp-4.2.2b1/client/Makefile.am.capability dhcp-4.2.2b1/client/Makefile.am
--- dhcp-4.2.2b1/client/Makefile.am.capability 2011-07-01 15:09:06.526785327 +0200
+++ dhcp-4.2.2b1/client/Makefile.am 2011-07-01 15:09:06.667783873 +0200
@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
--- dhcp-4.2.2b1/configure.ac.capability 2011-07-01 15:09:06.527785317 +0200
+++ dhcp-4.2.2b1/configure.ac 2011-07-01 15:09:06.667783873 +0200
@@ -449,6 +449,41 @@ AC_TRY_LINK(
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
+# look for capabilities library
+AC_ARG_WITH(libcap-ng,
+ [ --with-libcap-ng=[auto/yes/no] Add Libcap-ng support [default=auto]],,
+ with_libcap_ng=auto)
+
+# Check for Libcap-ng API
+#
+# libcap-ng detection
+if test x$with_libcap_ng = xno ; then
+ have_libcap_ng=no;
+else
+ # Start by checking for header file
+ AC_CHECK_HEADER(cap-ng.h, capng_headers=yes, capng_headers=no)
+
+ # See if we have libcap-ng library
+ AC_CHECK_LIB(cap-ng, capng_clear,
+ CAPNG_LDADD=-lcap-ng,)
+
+ # Check results are usable
+ if test x$with_libcap_ng = xyes -a x$CAPNG_LDADD = x ; then
+ AC_MSG_ERROR(libcap-ng support was requested and the library was not found)
+ fi
+ if test x$CAPNG_LDADD != x -a $capng_headers = no ; then
+ AC_MSG_ERROR(libcap-ng libraries found but headers are missing)
+ fi
+fi
+AC_SUBST(CAPNG_LDADD)
+AC_MSG_CHECKING(whether to use libcap-ng)
+if test x$CAPNG_LDADD != x ; then
+ AC_DEFINE(HAVE_LIBCAP_NG,1,[libcap-ng support])
+ AC_MSG_RESULT(yes)
+else
+ AC_MSG_RESULT(no)
+fi
+
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
--- dhcp-4.2.2b1/relay/dhcrelay.c.capability 2011-07-01 15:09:06.626784295 +0200
+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 15:12:05.362223794 +0200
@@ -36,6 +36,11 @@
#include <syslog.h>
#include <sys/time.h>
+#ifdef HAVE_LIBCAP_NG
+# include <cap-ng.h>
+ int keep_capabilities = 0;
+#endif
+
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
@@ -356,6 +361,10 @@ main(int argc, char **argv) {
sl->next = upstreams;
upstreams = sl;
#endif
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
+ keep_capabilities = 1;
+#endif
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
usage();
@@ -426,6 +435,17 @@ main(int argc, char **argv) {
#endif
}
+#ifdef HAVE_LIBCAP_NG
+ /* Drop capabilities */
+ if (!keep_capabilities) {
+ capng_clear(CAPNG_SELECT_BOTH);
+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, -1);
+ capng_apply(CAPNG_SELECT_BOTH);
+ log_info ("Dropped all unnecessary capabilities.");
+ }
+#endif
+
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
@@ -573,6 +593,15 @@ main(int argc, char **argv) {
dhcpv6_packet_handler = do_packet6;
#endif
+#ifdef HAVE_LIBCAP_NG
+ /* Drop all capabilities */
+ if (!keep_capabilities) {
+ capng_clear(CAPNG_SELECT_BOTH);
+ capng_apply(CAPNG_SELECT_BOTH);
+ log_info ("Dropped all capabilities.");
+ }
+#endif
+
/* Start dispatching packets and timeouts... */
dispatch();
diff -up dhcp-4.2.2b1/relay/Makefile.am.capability dhcp-4.2.2b1/relay/Makefile.am
--- dhcp-4.2.2b1/relay/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
+++ dhcp-4.2.2b1/relay/Makefile.am 2011-07-01 15:09:06.670783841 +0200
@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)

72
SOURCES/dhcp-4.2.2-gpxe-cid.patch Normal file
View File

@ -0,0 +1,72 @@
diff -up dhcp-4.2.2/client/dhclient.c.gpxe-cid dhcp-4.2.2/client/dhclient.c
--- dhcp-4.2.2/client/dhclient.c.gpxe-cid 2011-09-16 18:23:20.190453902 +0200
+++ dhcp-4.2.2/client/dhclient.c 2011-09-16 18:27:15.568463599 +0200
@@ -58,6 +58,13 @@ const char *path_dhclient_pid = NULL;
static char path_dhclient_script_array[] = _PATH_DHCLIENT_SCRIPT;
char *path_dhclient_script = path_dhclient_script_array;
+/* Default Prefix */
+static unsigned char default_prefix[12] = {
+ 0xff, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x02, 0x00,
+ 0x00, 0x02, 0xc9, 0x00
+};
+
/* False (default) => we write and use a pid file */
isc_boolean_t no_pid_file = ISC_FALSE;
@@ -1250,6 +1257,12 @@ int find_subnet (struct subnet **sp,
static void setup_ib_interface(struct interface_info *ip)
{
struct group *g;
+ struct hardware *hw = &ip->hw_address;
+ char client_id[64];
+ char *arg_conf = NULL;
+ int arg_conf_len = 0;
+ isc_result_t status;
+ struct parse *cfile = (struct parse *)0;
/* Set the broadcast flag */
ip->client->config->bootp_broadcast_always = 1;
@@ -1266,8 +1279,39 @@ static void setup_ib_interface(struct in
}
}
- /* No client ID specified */
- log_fatal("dhcp-client-identifier must be specified for InfiniBand");
+ /*
+ * No client ID specified, make up one based on a default
+ * "prefix" and the port GUID.
+ *
+ * NOTE: This is compatible with what gpxe does.
+ */
+ sprintf(client_id, "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
+ default_prefix[0], default_prefix[1], default_prefix[2],
+ default_prefix[3], default_prefix[4], default_prefix[5],
+ default_prefix[6], default_prefix[7], default_prefix[8],
+ default_prefix[9], default_prefix[10], default_prefix[11],
+ hw->hbuf[1], hw->hbuf[2], hw->hbuf[3], hw->hbuf[4],
+ hw->hbuf[5], hw->hbuf[6], hw->hbuf[7], hw->hbuf[8]);
+
+ arg_conf_len = asprintf(&arg_conf,
+ "send dhcp-client-identifier %s;",
+ client_id);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send option dhcp-client-identifier");
+
+ status = new_parse(&cfile, -1, arg_conf, arg_conf_len,
+ "Automatic Infiniband client identifier", 0);
+
+ if ((status != ISC_R_SUCCESS) || (cfile->warnings_occurred))
+ log_fatal("Failed to parse Infiniband client identifier");
+
+ parse_client_statement(cfile, NULL, ip->client->config);
+
+ if (cfile->warnings_occurred)
+ log_fatal("Failed to parse Infiniband client identifier");
+
+ end_parse(&cfile);
}
/* Individual States:

249
SOURCES/dhcp-4.2.2-xen-checksum.patch Normal file
View File

@ -0,0 +1,249 @@
diff -up dhcp-4.2.2b1/common/bpf.c.xen dhcp-4.2.2b1/common/bpf.c
--- dhcp-4.2.2b1/common/bpf.c.xen 2009-11-20 02:48:59.000000000 +0100
+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:00:16.936959001 +0200
@@ -485,7 +485,7 @@ ssize_t receive_packet (interface, buf,
offset = decode_udp_ip_header (interface,
interface -> rbuf,
interface -> rbuf_offset,
- from, hdr.bh_caplen, &paylen);
+ from, hdr.bh_caplen, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0) {
diff -up dhcp-4.2.2b1/common/dlpi.c.xen dhcp-4.2.2b1/common/dlpi.c
--- dhcp-4.2.2b1/common/dlpi.c.xen 2011-05-11 16:20:59.000000000 +0200
+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:00:16.937958997 +0200
@@ -693,7 +693,7 @@ ssize_t receive_packet (interface, buf,
length -= offset;
#endif
offset = decode_udp_ip_header (interface, dbuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/*
* If the IP or UDP checksum was bad, skip the packet...
diff -up dhcp-4.2.2b1/common/lpf.c.xen dhcp-4.2.2b1/common/lpf.c
--- dhcp-4.2.2b1/common/lpf.c.xen 2011-05-10 16:38:58.000000000 +0200
+++ dhcp-4.2.2b1/common/lpf.c 2011-07-01 14:11:24.725748028 +0200
@@ -29,19 +29,33 @@
#include "dhcpd.h"
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
#include <sys/ioctl.h>
+#include <sys/socket.h>
#include <sys/uio.h>
#include <errno.h>
#include <asm/types.h>
#include <linux/filter.h>
#include <linux/if_ether.h>
+#include <linux/if_packet.h>
#include <netinet/in_systm.h>
-#include <net/if_packet.h>
#include "includes/netinet/ip.h"
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
#include <net/if.h>
+#ifndef PACKET_AUXDATA
+#define PACKET_AUXDATA 8
+
+struct tpacket_auxdata
+{
+ __u32 tp_status;
+ __u32 tp_len;
+ __u32 tp_snaplen;
+ __u16 tp_mac;
+ __u16 tp_net;
+};
+#endif
+
/* Reinitializes the specified interface after an address change. This
is not required for packet-filter APIs. */
@@ -67,10 +81,14 @@ int if_register_lpf (info)
struct interface_info *info;
{
int sock;
- struct sockaddr sa;
+ union {
+ struct sockaddr_ll ll;
+ struct sockaddr common;
+ } sa;
+ struct ifreq ifr;
/* Make an LPF socket. */
- if ((sock = socket(PF_PACKET, SOCK_PACKET,
+ if ((sock = socket(PF_PACKET, SOCK_RAW,
htons((short)ETH_P_ALL))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
@@ -85,11 +103,17 @@ int if_register_lpf (info)
log_fatal ("Open a socket for LPF: %m");
}
+ memset (&ifr, 0, sizeof ifr);
+ strncpy (ifr.ifr_name, (const char *)info -> ifp, sizeof ifr.ifr_name);
+ ifr.ifr_name[IFNAMSIZ-1] = '\0';
+ if (ioctl (sock, SIOCGIFINDEX, &ifr))
+ log_fatal ("Failed to get interface index: %m");
+
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
- sa.sa_family = AF_PACKET;
- strncpy (sa.sa_data, (const char *)info -> ifp, sizeof sa.sa_data);
- if (bind (sock, &sa, sizeof sa)) {
+ sa.ll.sll_family = AF_PACKET;
+ sa.ll.sll_ifindex = ifr.ifr_ifindex;
+ if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -171,9 +195,18 @@ static void lpf_gen_filter_setup (struct
void if_register_receive (info)
struct interface_info *info;
{
+ int val;
+
/* Open a LPF device and hang it on this interface... */
info -> rfdesc = if_register_lpf (info);
+ val = 1;
+ if (setsockopt (info -> rfdesc, SOL_PACKET, PACKET_AUXDATA, &val,
+ sizeof val) < 0) {
+ if (errno != ENOPROTOOPT)
+ log_fatal ("Failed to set auxiliary packet data: %m");
+ }
+
#if defined (HAVE_TR_SUPPORT)
if (info -> hw_address.hbuf [0] == HTYPE_IEEE802)
lpf_tr_filter_setup (info);
@@ -295,7 +328,6 @@ ssize_t send_packet (interface, packet,
double hh [16];
double ih [1536 / sizeof (double)];
unsigned char *buf = (unsigned char *)ih;
- struct sockaddr_pkt sa;
int result;
int fudge;
@@ -316,17 +348,7 @@ ssize_t send_packet (interface, packet,
(unsigned char *)raw, len);
memcpy (buf + ibufp, raw, len);
- /* For some reason, SOCK_PACKET sockets can't be connected,
- so we have to do a sentdo every time. */
- memset (&sa, 0, sizeof sa);
- sa.spkt_family = AF_PACKET;
- strncpy ((char *)sa.spkt_device,
- (const char *)interface -> ifp, sizeof sa.spkt_device);
- sa.spkt_protocol = htons(ETH_P_IP);
-
- result = sendto (interface -> wfdesc,
- buf + fudge, ibufp + len - fudge, 0,
- (const struct sockaddr *)&sa, sizeof sa);
+ result = write (interface -> wfdesc, buf + fudge, ibufp + len - fudge);
if (result < 0)
log_error ("send_packet: %m");
return result;
@@ -343,14 +365,35 @@ ssize_t receive_packet (interface, buf,
{
int length = 0;
int offset = 0;
+ int nocsum = 0;
unsigned char ibuf [1536];
unsigned bufix = 0;
unsigned paylen;
+ unsigned char cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))];
+ struct iovec iov = {
+ .iov_base = ibuf,
+ .iov_len = sizeof ibuf,
+ };
+ struct msghdr msg = {
+ .msg_iov = &iov,
+ .msg_iovlen = 1,
+ .msg_control = cmsgbuf,
+ .msg_controllen = sizeof(cmsgbuf),
+ };
+ struct cmsghdr *cmsg;
- length = read (interface -> rfdesc, ibuf, sizeof ibuf);
+ length = recvmsg (interface -> rfdesc, &msg, 0);
if (length <= 0)
return length;
+ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+ if (cmsg->cmsg_level == SOL_PACKET &&
+ cmsg->cmsg_type == PACKET_AUXDATA) {
+ struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
+ nocsum = aux->tp_status & TP_STATUS_CSUMNOTREADY;
+ }
+ }
+
bufix = 0;
/* Decode the physical header... */
offset = decode_hw_header (interface, ibuf, bufix, hfrom);
@@ -367,7 +410,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix, from,
- (unsigned)length, &paylen);
+ (unsigned)length, &paylen, nocsum);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.2b1/common/nit.c.xen dhcp-4.2.2b1/common/nit.c
--- dhcp-4.2.2b1/common/nit.c.xen 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:00:16.939958989 +0200
@@ -369,7 +369,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.2b1/common/packet.c.xen dhcp-4.2.2b1/common/packet.c
--- dhcp-4.2.2b1/common/packet.c.xen 2009-07-23 20:52:20.000000000 +0200
+++ dhcp-4.2.2b1/common/packet.c 2011-07-01 14:00:16.939958989 +0200
@@ -211,7 +211,7 @@ ssize_t
decode_udp_ip_header(struct interface_info *interface,
unsigned char *buf, unsigned bufix,
struct sockaddr_in *from, unsigned buflen,
- unsigned *rbuflen)
+ unsigned *rbuflen, int nocsum)
{
unsigned char *data;
struct ip ip;
@@ -322,7 +322,7 @@ decode_udp_ip_header(struct interface_in
8, IPPROTO_UDP + ulen))));
udp_packets_seen++;
- if (usum && usum != sum) {
+ if (!nocsum && usum && usum != sum) {
udp_packets_bad_checksum++;
if (udp_packets_seen > 4 &&
(udp_packets_seen / udp_packets_bad_checksum) < 2) {
diff -up dhcp-4.2.2b1/common/upf.c.xen dhcp-4.2.2b1/common/upf.c
--- dhcp-4.2.2b1/common/upf.c.xen 2009-11-20 02:49:01.000000000 +0100
+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:00:16.940958986 +0200
@@ -320,7 +320,7 @@ ssize_t receive_packet (interface, buf,
/* Decode the IP and UDP headers... */
offset = decode_udp_ip_header (interface, ibuf, bufix,
- from, length, &paylen);
+ from, length, &paylen, 0);
/* If the IP or UDP checksum was bad, skip the packet... */
if (offset < 0)
diff -up dhcp-4.2.2b1/includes/dhcpd.h.xen dhcp-4.2.2b1/includes/dhcpd.h
--- dhcp-4.2.2b1/includes/dhcpd.h.xen 2011-07-01 14:00:16.000000000 +0200
+++ dhcp-4.2.2b1/includes/dhcpd.h 2011-07-01 14:12:18.069642470 +0200
@@ -2796,7 +2796,7 @@ ssize_t decode_hw_header (struct interfa
unsigned, struct hardware *);
ssize_t decode_udp_ip_header (struct interface_info *, unsigned char *,
unsigned, struct sockaddr_in *,
- unsigned, unsigned *);
+ unsigned, unsigned *, int);
/* ethernet.c */
void assemble_ethernet_header (struct interface_info *, unsigned char *,

11
SOURCES/dhcp-4.2.3-P2-log_perror.patch Normal file
View File

@ -0,0 +1,11 @@
diff -up dhcp-4.2.3-P2/server/dhcpd.c.log_perror dhcp-4.2.3-P2/server/dhcpd.c
--- dhcp-4.2.3-P2/server/dhcpd.c.log_perror 2012-02-22 14:24:57.000000000 +0100
+++ dhcp-4.2.3-P2/server/dhcpd.c 2012-02-22 14:29:09.964576687 +0100
@@ -315,6 +315,7 @@ main(int argc, char **argv) {
#ifndef DEBUG
daemon = 0;
#endif
+ log_perror = 0;
} else if (!strcmp (argv [i], "-d")) {
#ifndef DEBUG
daemon = 0;

27
SOURCES/dhcp-4.2.3-dhclient-decline-onetry.patch Normal file
View File

@ -0,0 +1,27 @@
diff -up dhcp-4.2.3/client/dhclient.c.decline-onetry dhcp-4.2.3/client/dhclient.c
--- dhcp-4.2.3/client/dhclient.c.decline-onetry 2011-11-24 14:21:50.000000000 +0100
+++ dhcp-4.2.3/client/dhclient.c 2011-11-24 14:23:44.472893215 +0100
@@ -1704,11 +1704,18 @@ void bind_lease (client)
if (script_go (client)) {
make_decline (client, client -> new);
send_decline (client);
- destroy_client_lease (client -> new);
- client -> new = (struct client_lease *)0;
- client -> state = S_DECLINED;
- state_init (client);
- return;
+ if (onetry) {
+ if (!quiet)
+ log_info ("Unable to obtain a lease on first try.%s",
+ " Exiting.");
+ exit (2);
+ } else {
+ destroy_client_lease (client -> new);
+ client -> new = (struct client_lease *)0;
+ client -> state = S_DECLINED;
+ state_init (client);
+ return;
+ }
}
/* Write out the new lease if it has been long enough. */

84
SOURCES/dhcp-4.2.4-64_bit_lease_parse.patch Normal file
View File

@ -0,0 +1,84 @@
diff -up dhcp-4.2.4b1/common/parse.c.64-bit_lease_parse dhcp-4.2.4b1/common/parse.c
--- dhcp-4.2.4b1/common/parse.c.64-bit_lease_parse 2012-03-09 12:28:10.000000000 +0100
+++ dhcp-4.2.4b1/common/parse.c 2012-04-16 17:30:55.867045149 +0200
@@ -906,8 +906,8 @@ TIME
parse_date_core(cfile)
struct parse *cfile;
{
- int guess;
- int tzoff, year, mon, mday, hour, min, sec;
+ TIME guess;
+ long int tzoff, year, mon, mday, hour, min, sec;
const char *val;
enum dhcp_token token;
static int months[11] = { 31, 59, 90, 120, 151, 181,
@@ -933,7 +933,7 @@ parse_date_core(cfile)
}
token = next_token(&val, NULL, cfile); /* consume number */
- guess = atoi(val);
+ guess = atol(val);
return((TIME)guess);
}
@@ -961,7 +961,7 @@ parse_date_core(cfile)
somebody invents a time machine, I think we can safely disregard
it. This actually works around a stupid Y2K bug that was present
in a very early beta release of dhcpd. */
- year = atoi(val);
+ year = atol(val);
if (year > 1900)
year -= 1900;
@@ -985,7 +985,7 @@ parse_date_core(cfile)
return((TIME)0);
}
token = next_token(&val, NULL, cfile); /* consume month */
- mon = atoi(val) - 1;
+ mon = atol(val) - 1;
/* Slash separating month from day... */
token = peek_token(&val, NULL, cfile);
@@ -1007,7 +1007,7 @@ parse_date_core(cfile)
return((TIME)0);
}
token = next_token(&val, NULL, cfile); /* consume day of month */
- mday = atoi(val);
+ mday = atol(val);
/* Hour... */
token = peek_token(&val, NULL, cfile);
@@ -1018,7 +1018,7 @@ parse_date_core(cfile)
return((TIME)0);
}
token = next_token(&val, NULL, cfile); /* consume hour */
- hour = atoi(val);
+ hour = atol(val);
/* Colon separating hour from minute... */
token = peek_token(&val, NULL, cfile);
@@ -1040,7 +1040,7 @@ parse_date_core(cfile)
return((TIME)0);
}
token = next_token(&val, NULL, cfile); /* consume minute */
- min = atoi(val);
+ min = atol(val);
/* Colon separating minute from second... */
token = peek_token(&val, NULL, cfile);
@@ -1062,13 +1062,13 @@ parse_date_core(cfile)
return((TIME)0);
}
token = next_token(&val, NULL, cfile); /* consume second */
- sec = atoi(val);
+ sec = atol(val);
tzoff = 0;
token = peek_token(&val, NULL, cfile);
if (token == NUMBER) {
token = next_token(&val, NULL, cfile); /* consume tzoff */
- tzoff = atoi(val);
+ tzoff = atol(val);
} else if (token != SEMI) {
token = next_token(&val, NULL, cfile);
parse_warn(cfile,

25
SOURCES/dhcp-4.2.4-P1-interval.patch Normal file
View File

@ -0,0 +1,25 @@
diff -up dhcp-4.2.4/common/dispatch.c.foo dhcp-4.2.4/common/dispatch.c
--- dhcp-4.2.4/common/dispatch.c.foo 2012-07-26 21:31:43.875349675 -0500
+++ dhcp-4.2.4/common/dispatch.c 2012-07-26 21:39:14.961710319 -0500
@@ -324,7 +324,20 @@ void add_timeout (when, where, what, ref
q->next = timeouts;
timeouts = q;
- isc_interval_set(&interval, sec & DHCP_SEC_MAX, usec * 1000);
+ /* isc_time_nowplusinterval() is not safe with 64-bit time_t and will
+ * return an error for sufficiently large intervals. We have to limit
+ * the interval to INT_MAX or less to ensure the interval doesn't
+ * overflow 32 bits, since the returned isc_time_t fields are
+ * 32-bit unsigned ints.
+ *
+ * HACK: The 9 is a magic number of seconds, since some time may have
+ * gone by since the last call to gettimeofday() and the one in
+ * isc_time_nowplusinterval().
+ */
+ if (sec > TIME_MAX)
+ sec = TIME_MAX - 9;
+
+ isc_interval_set(&interval, sec, usec * 1000);
status = isc_time_nowplusinterval(&expires, &interval);
if (status != ISC_R_SUCCESS) {
/*

46
SOURCES/dhcp-4.2.4-P1-remove-dst.patch Normal file
View File

@ -0,0 +1,46 @@
diff -up dhcp-4.2.4-P1/configure.ac.remove-dst dhcp-4.2.4-P1/configure.ac
--- dhcp-4.2.4-P1/configure.ac.remove-dst 2012-08-17 15:24:29.066454140 +0200
+++ dhcp-4.2.4-P1/configure.ac 2012-08-17 15:24:29.071454073 +0200
@@ -608,7 +608,6 @@ AC_OUTPUT([
common/Makefile
common/tests/Makefile
dhcpctl/Makefile
- dst/Makefile
includes/Makefile
omapip/Makefile
relay/Makefile
diff -up dhcp-4.2.4-P1/includes/Makefile.am.remove-dst dhcp-4.2.4-P1/includes/Makefile.am
--- dhcp-4.2.4-P1/includes/Makefile.am.remove-dst 2012-07-13 08:17:54.000000000 +0200
+++ dhcp-4.2.4-P1/includes/Makefile.am 2012-08-17 15:25:08.253922458 +0200
@@ -1,7 +1,6 @@
nobase_include_HEADERS = omapip/alloc.h omapip/buffer.h omapip/convert.h \
omapip/hash.h omapip/isclib.h omapip/omapip.h \
- omapip/omapip_p.h omapip/result.h omapip/trace.h \
- isc-dhcp/dst.h
+ omapip/omapip_p.h omapip/result.h omapip/trace.h
EXTRA_DIST = cdefs.h ctrace.h dhcp.h dhcp6.h dhcpd.h dhctoken.h failover.h \
heap.h inet.h minires.h osdep.h site.h statement.h tree.h \
diff -up dhcp-4.2.4-P1/Makefile.am.remove-dst dhcp-4.2.4-P1/Makefile.am
--- dhcp-4.2.4-P1/Makefile.am.remove-dst 2012-08-17 15:24:29.067454126 +0200
+++ dhcp-4.2.4-P1/Makefile.am 2012-08-17 15:24:29.071454073 +0200
@@ -27,7 +27,7 @@ else
SUBDIRS =
endif
-SUBDIRS += includes tests common dst omapip client dhcpctl relay server
+SUBDIRS += includes tests common omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.2.4-P1/server/ddns.c.remove-dst dhcp-4.2.4-P1/server/ddns.c
--- dhcp-4.2.4-P1/server/ddns.c.remove-dst 2012-07-13 08:18:05.000000000 +0200
+++ dhcp-4.2.4-P1/server/ddns.c 2012-08-17 15:24:29.072454060 +0200
@@ -34,7 +34,6 @@
*/
#include "dhcpd.h"
-#include "dst/md5.h"
#include <dns/result.h>
#ifdef NSUPDATE

12
SOURCES/dhcp-4.2.4-P2-conflex-do-forward-updates.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up dhcp-4.2.4-P2/common/conflex.c.orig dhcp-4.2.4-P2/common/conflex.c
--- dhcp-4.2.4-P2/common/conflex.c.orig 2012-08-28 04:13:03.000000000 +0200
+++ dhcp-4.2.4-P2/common/conflex.c 2012-10-09 14:01:29.922104149 +0200
@@ -889,7 +889,7 @@ intern(char *atom, enum dhcp_token dfv)
if (!strcasecmp(atom + 7, "list"))
return DOMAIN_LIST;
}
- if (!strcasecmp (atom + 1, "o-forward-update"))
+ if (!strcasecmp (atom + 1, "o-forward-updates"))
return DO_FORWARD_UPDATE;
if (!strcasecmp (atom + 1, "ebug"))
return TOKEN_DEBUG;

13
SOURCES/dhcp-4.2.4-P2-dupl-key.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up dhcp-4.2.4-P2/common/parse.c.dupl-key dhcp-4.2.4-P2/common/parse.c
--- dhcp-4.2.4-P2/common/parse.c.dupl-key 2012-11-16 15:31:30.568561745 +0100
+++ dhcp-4.2.4-P2/common/parse.c 2012-11-16 15:31:30.577561619 +0100
@@ -2893,6 +2893,9 @@ int parse_zone (struct dns_zone *zone, s
}
val = key_name;
}
+ if (zone->key)
+ log_fatal("Multiple key definition for zone %s.",
+ zone->name);
if (omapi_auth_key_lookup_name (&zone -> key, val) !=
ISC_R_SUCCESS)
parse_warn (cfile, "unknown key %s", val);

239
SOURCES/dhcp-4.2.4-UseMulticast.patch Normal file
View File

@ -0,0 +1,239 @@
diff -up dhcp-4.2.4b1/server/dhcpv6.c.UseMulticast dhcp-4.2.4b1/server/dhcpv6.c
--- dhcp-4.2.4b1/server/dhcpv6.c.UseMulticast 2012-04-11 00:14:04.000000000 +0200
+++ dhcp-4.2.4b1/server/dhcpv6.c 2012-04-16 19:21:43.575923732 +0200
@@ -346,6 +346,48 @@ generate_new_server_duid(void) {
}
/*
+ * Is the D6O_UNICAST option defined in dhcpd.conf ?
+ */
+static isc_boolean_t unicast_option_defined;
+
+/*
+ * Did we already search dhcpd.conf for D6O_UNICAST option ?
+ * We need to store it here to not parse dhcpd.conf repeatedly.
+ */
+static isc_boolean_t unicast_option_parsed = ISC_FALSE;
+
+
+/*
+ * Is the D6O_UNICAST option defined in dhcpd.conf ?
+ */
+isc_boolean_t
+is_unicast_option_defined(void) {
+ struct option_state *opt_state;
+ struct option_cache *oc;
+
+ /*
+ * If we are looking for the unicast option for the first time
+ */
+ if (unicast_option_parsed == ISC_FALSE) {
+ unicast_option_parsed = ISC_TRUE;
+ opt_state = NULL;
+ if (!option_state_allocate(&opt_state, MDL)) {
+ log_fatal("No memory for option state.");
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
+ opt_state, &global_scope, root_group, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+ unicast_option_defined = (oc != NULL);
+
+ option_state_dereference(&opt_state, MDL);
+ }
+
+ return (unicast_option_defined);
+}
+
+/*
* Get the client identifier from the packet.
*/
isc_result_t
@@ -1404,6 +1446,56 @@ lease_to_client(struct data_string *repl
reply.shared->group);
}
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined())
+ /*
+ * RFC3315 section 18.2.1 (Request):
+ *
+ * When the server receives a Request message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Request message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.3 (Renew):
+ *
+ * When the server receives a Renew message via unicast from a client to
+ * which the server has not sent a unicast option, the server discards
+ * the Renew message and responds with a Reply message containing a
+ * Status Code option with the value UseMulticast, a Server Identifier
+ * option containing the server's DUID, the Client Identifier option
+ * from the client message, and no other options.
+ */
+ {
+ /* Set the UseMulticast status code. */
+ if (!set_status_code(STATUS_UseMulticast,
+ "Unicast not allowed by server.",
+ reply.opt_state)) {
+ log_error("lease_to_client: Unable to set "
+ "UseMulticast status code.");
+ goto exit;
+ }
+
+ /* Rewind the cursor to the start. */
+ reply.cursor = REPLY_OPTIONS_INDEX;
+
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply.cursor += store_options6((char *)reply.buf.data +
+ reply.cursor,
+ sizeof(reply.buf) -
+ reply.cursor,
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
+ }
+
/*
* RFC3315 section 17.2.2 (Solicit):
*
@@ -1429,8 +1521,8 @@ lease_to_client(struct data_string *repl
* Sends a Renew/Rebind if the IA is not in the Reply message.
*/
#if defined (RFC3315_PRE_ERRATA_2010_08)
- if (no_resources_avail && (reply.ia_count != 0) &&
- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
+ else if (no_resources_avail && (reply.ia_count != 0) &&
+ (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
{
/* Set the NoAddrsAvail status code. */
if (!set_status_code(STATUS_NoAddrsAvail,
@@ -1477,6 +1569,7 @@ lease_to_client(struct data_string *repl
* Having stored the client's IA's, store any options that
* will fit in the remaining space.
*/
+ else
reply.cursor += store_options6((char *)reply.buf.data + reply.cursor,
sizeof(reply.buf) - reply.cursor,
reply.opt_state, reply.packet,
@@ -4126,7 +4219,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
@@ -4456,7 +4548,6 @@ exit:
* except for the error code of when addresses don't match.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
@@ -4700,18 +4791,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
- snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
- if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
- goto exit;
- }
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) {
+ /*
+ * RFC3315 section 18.2.6 (Release):
+ *
+ * When the server receives a Release message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Release message and responds with a Reply message
+ * containing a Status Code option with value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.7 (Decline):
+ *
+ * When the server receives a Decline message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Decline message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ */
+ snprintf(status_msg, sizeof(status_msg),
+ "%s received unicast.", packet_type);
+ if (!set_status_code(STATUS_UseMulticast, status_msg, opt_state)) {
+ goto exit;
+ }
- /*
- * Add our options that are not associated with any IA_NA or IA_TA.
- */
- reply_ofs += store_options6(reply_data+reply_ofs,
- sizeof(reply_data)-reply_ofs,
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
opt_state, packet,
- required_opts, NULL);
+ required_opts_NAA, NULL);
+
+ goto return_reply;
+ } else {
+ snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
+ if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
+ goto exit;
+ }
+
+ /*
+ * Add our options that are not associated with any IA_NA or IA_TA.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
+ opt_state, packet,
+ required_opts, NULL);
+ }
/*
* Loop through the IA_NA reported by the client, and deal with
@@ -4849,6 +4982,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
+return_reply:
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
@@ -4894,7 +5028,6 @@ exit:
* we still need to be aware of this possibility.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
@@ -5364,7 +5497,6 @@ exit:
* Release means a client is done with the leases.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_release(struct data_string *reply, struct packet *packet) {
struct data_string client_id;

509
SOURCES/dhcp-4.2.4-dhclient-options.patch Normal file
View File

@ -0,0 +1,509 @@
diff -up dhcp-4.2.1b1/client/dhclient.8.man dhcp-4.2.1b1/client/dhclient.8
--- dhcp-4.2.1b1/client/dhclient.8.man 2010-07-14 22:09:34.000000000 +0200
+++ dhcp-4.2.1b1/client/dhclient.8 2011-01-27 18:19:07.000000000 +0100
@@ -115,6 +115,33 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
+.B -B
+]
+[
+.B -I
+.I dhcp-client-identifier
+]
+[
+.B -H
+.I host-name
+]
+[
+.B -F
+.I fqdn.fqdn
+]
+[
+.B -V
+.I vendor-class-identifier
+]
+[
+.B -R
+.I request-option-list
+]
+[
+.B -timeout
+.I timeout
+]
+[
.B -v
]
[
@@ -264,6 +291,69 @@ not to exit when it doesn't find any suc
program can then be used to notify the client when a network interface
has been added or removed, so that the client can attempt to configure an IP
address on that interface.
+
+.TP
+.BI \-B
+Set the BOOTP broadcast flag in request packets so servers will always
+broadcast replies.
+
+.TP
+.BI \-I\ <dhcp-client-identifier>
+Specify the dhcp-client-identifier option to send to the DHCP server.
+
+.TP
+.BI \-H\ <host-name>
+Specify the host-name option to send to the DHCP server. The host-name
+string only contains the client's hostname prefix, to which the server will
+append the ddns-domainname or domain-name options, if any, to derive the
+fully qualified domain name of the client. The
+.B -H
+option cannot be used with the
+.B -F
+option.
+
+.TP
+.BI \-F\ <fqdn.fqdn>
+Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
+be used with the
+.B -H
+option. The fqdn.fqdn option must specify the complete domain name of the
+client host, which the server may use for dynamic DNS updates.
+
+.TP
+.BI \-V\ <vendor-class-identifier>
+Specify the vendor-class-identifier option to send to the DHCP server.
+
+.TP
+.BI \-R\ <option>[,<option>...]
+Specify the list of options the client is to request from the server. The
+option list must be a single string consisting of option names separated
+by at least one command and optional space characters. The default option
+list is:
+
+.BR
+ subnet-mask, broadcast-address, time-offset, routers,
+.BR
+ domain-search, domain-name, domain-name-servers, host-name,
+.BR
+ nis-domain, nis-servers, ntp-servers, interface-mtu
+
+.TP
+.B -R
+option does not append options to the default request, it overrides the
+default request list. Keep this in mind if you want to request an
+additional option besides the default request list. You will have to
+specify all option names for the
+.B -R
+parameter.
+
+.TP
+.BI \-timeout\ <timeout>
+Specify the time after which
+.B dhclient
+will decide that no DHCP servers can be contacted when no responses have been
+received.
+
.TP
.BI \-n
Do not configure any interfaces. This is most likely to be useful in
diff -up dhcp-4.2.4-P2/client/clparse.c.options dhcp-4.2.4-P2/client/clparse.c
--- dhcp-4.2.4-P2/client/clparse.c.options 2012-08-24 21:11:21.000000000 +0200
+++ dhcp-4.2.4-P2/client/clparse.c 2012-09-26 10:34:27.140049896 +0200
@@ -154,6 +154,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
+ top_level_config.bootp_broadcast_always = 0;
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
@@ -320,7 +321,8 @@ void read_client_leases ()
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
- KEY key-definition */
+ KEY key-definition |
+ BOOTP_BROADCAST_ALWAYS */
void parse_client_statement (cfile, ip, config)
struct parse *cfile;
@@ -739,6 +741,12 @@ void parse_client_statement (cfile, ip,
parse_reject_statement (cfile, config);
return;
+ case BOOTP_BROADCAST_ALWAYS:
+ token = next_token(&val, (unsigned*)0, cfile);
+ config -> bootp_broadcast_always = 1;
+ parse_semi (cfile);
+ return;
+
default:
lose = 0;
stmt = (struct executable_statement *)0;
diff -up dhcp-4.2.4-P2/client/dhclient.c.options dhcp-4.2.4-P2/client/dhclient.c
--- dhcp-4.2.4-P2/client/dhclient.c.options 2012-08-28 04:13:03.000000000 +0200
+++ dhcp-4.2.4-P2/client/dhclient.c 2012-09-26 10:36:10.396967531 +0200
@@ -39,6 +39,12 @@
#include <limits.h>
#include <dns/result.h>
+/*
+ * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
+ * that when building ISC code.
+ */
+extern int asprintf(char **strp, const char *fmt, ...);
+
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
@@ -87,6 +93,9 @@ int wanted_ia_na = -1; /* the absolute
int wanted_ia_ta = 0;
int wanted_ia_pd = 0;
char *mockup_relay = NULL;
+int bootp_broadcast_always = 0;
+
+extern struct option *default_requested_options[];
void run_stateless(int exit_mode);
@@ -123,6 +132,15 @@ main(int argc, char **argv) {
int local_family_set = 0;
#endif /* DHCPv6 */
char *s;
+ char *dhcp_client_identifier_arg = NULL;
+ char *dhcp_host_name_arg = NULL;
+ char *dhcp_fqdn_arg = NULL;
+ char *dhcp_vendor_class_identifier_arg = NULL;
+ char *dhclient_request_options = NULL;
+
+ int timeout_arg = 0;
+ char *arg_conf = NULL;
+ int arg_conf_len = 0;
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -310,6 +328,88 @@ main(int argc, char **argv) {
} else if (!strcmp(argv[i], "--version")) {
log_info("isc-dhclient-%s", PACKAGE_VERSION);
exit(0);
+ } else if (!strcmp(argv[i], "-I")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
+ log_error("-I option dhcp-client-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ dhcp_client_identifier_arg = argv[i];
+ } else if (!strcmp(argv[i], "-B")) {
+ bootp_broadcast_always = 1;
+ } else if (!strcmp(argv[i], "-H")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
+ log_error("-H option host-name string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ if (dhcp_host_name_arg != NULL) {
+ log_error("The -H <host-name> and -F <fqdn> arguments are mutually exclusive");
+ exit(1);
+ }
+
+ dhcp_host_name_arg = argv[i];
+ } else if (!strcmp(argv[i], "-F")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
+ log_error("-F option fqdn.fqdn string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ if (dhcp_fqdn_arg != NULL) {
+ log_error("Only one -F <fqdn> argument can be specified");
+ exit(1);
+ }
+
+ if (dhcp_host_name_arg != NULL) {
+ log_error("The -F <fqdn> and -H <host-name> arguments are mutually exclusive");
+ exit(1);
+ }
+
+ dhcp_fqdn_arg = argv[i];
+ } else if (!strcmp(argv[i], "-timeout")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if ((timeout_arg = atoi(argv[i])) <= 0) {
+ log_error("timeout option must be > 0 - bad value: %s",argv[i]);
+ exit(1);
+ }
+ } else if (!strcmp(argv[i], "-V")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ if (strlen(argv[i]) >= DHCP_MAX_OPTION_LEN) {
+ log_error("-V option vendor-class-identifier string \"%s\" is too long - maximum length is: %d", argv[i], DHCP_MAX_OPTION_LEN-1);
+ exit(1);
+ }
+
+ dhcp_vendor_class_identifier_arg = argv[i];
+ } else if (!strcmp(argv[i], "-R")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage();
+ exit(1);
+ }
+
+ dhclient_request_options = argv[i];
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
@@ -484,6 +584,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
+ /* Parse any extra command line configuration arguments: */
+ if ((dhcp_client_identifier_arg != NULL) && (*dhcp_client_identifier_arg != '\0')) {
+ arg_conf_len = asprintf(&arg_conf, "send dhcp-client-identifier \"%s\";", dhcp_client_identifier_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -I option dhcp-client-identifier");
+ }
+
+ if ((dhcp_host_name_arg != NULL) && (*dhcp_host_name_arg != '\0')) {
+ if (arg_conf == 0) {
+ arg_conf_len = asprintf(&arg_conf, "send host-name \"%s\";", dhcp_host_name_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -H option host-name");
+ } else {
+ char *last_arg_conf = arg_conf;
+ arg_conf = NULL;
+ arg_conf_len = asprintf(&arg_conf, "%s\nsend host-name \"%s\";", last_arg_conf, dhcp_host_name_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -H option host-name");
+
+ free(last_arg_conf);
+ }
+ }
+
+ if ((dhcp_fqdn_arg != NULL) && (*dhcp_fqdn_arg != '\0')) {
+ if (arg_conf == 0) {
+ arg_conf_len = asprintf(&arg_conf, "send fqdn.fqdn \"%s\";", dhcp_fqdn_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -F option fqdn.fqdn");
+ } else {
+ char *last_arg_conf = arg_conf;
+ arg_conf = NULL;
+ arg_conf_len = asprintf(&arg_conf, "%s\nsend fqdn.fqdn \"%s\";", last_arg_conf, dhcp_fqdn_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -F option fqdn.fqdn");
+
+ free(last_arg_conf);
+ }
+ }
+
+ if (timeout_arg) {
+ if (arg_conf == 0) {
+ arg_conf_len = asprintf(&arg_conf, "timeout %d;", timeout_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to process -timeout timeout argument");
+ } else {
+ char *last_arg_conf = arg_conf;
+ arg_conf = NULL;
+ arg_conf_len = asprintf(&arg_conf, "%s\ntimeout %d;", last_arg_conf, timeout_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len == 0))
+ log_fatal("Unable to process -timeout timeout argument");
+
+ free(last_arg_conf);
+ }
+ }
+
+ if ((dhcp_vendor_class_identifier_arg != NULL) && (*dhcp_vendor_class_identifier_arg != '\0')) {
+ if (arg_conf == 0) {
+ arg_conf_len = asprintf(&arg_conf, "send vendor-class-identifier \"%s\";", dhcp_vendor_class_identifier_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -V option vendor-class-identifier");
+ } else {
+ char *last_arg_conf = arg_conf;
+ arg_conf = NULL;
+ arg_conf_len = asprintf(&arg_conf, "%s\nsend vendor-class-identifier \"%s\";", last_arg_conf, dhcp_vendor_class_identifier_arg);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to send -V option vendor-class-identifier");
+
+ free(last_arg_conf);
+ }
+ }
+
+ if (dhclient_request_options != NULL) {
+ if (arg_conf == 0) {
+ arg_conf_len = asprintf(&arg_conf, "request %s;", dhclient_request_options);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to parse -R <request options list> argument");
+ } else {
+ char *last_arg_conf = arg_conf;
+ arg_conf = NULL;
+ arg_conf_len = asprintf(&arg_conf, "%s\nrequest %s;", last_arg_conf, dhclient_request_options);
+
+ if ((arg_conf == 0) || (arg_conf_len <= 0))
+ log_fatal("Unable to parse -R <request options list> argument");
+
+ free(last_arg_conf);
+ }
+ }
+
+ if (arg_conf) {
+ if (arg_conf_len == 0)
+ if ((arg_conf_len = strlen(arg_conf)) == 0)
+ /* huh ? cannot happen ! */
+ log_fatal("Unable to process -I/-H/-F/-timeout/-V/-R configuration arguments");
+
+ /* parse the extra dhclient.conf configuration arguments
+ * into top level config: */
+ struct parse *cfile = (struct parse *)0;
+ const char *val = NULL;
+ int token;
+
+ status = new_parse(&cfile, -1, arg_conf, arg_conf_len, "extra dhclient -I/-H/-F/-timeout/-V/-R configuration arguments", 0);
+
+ if ((status != ISC_R_SUCCESS) || (cfile -> warnings_occurred))
+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
+ /* more detailed parse failures will be logged */
+
+ do {
+ token = peek_token(&val, (unsigned *)0, cfile);
+ if (token == END_OF_FILE)
+ break;
+
+ parse_client_statement(cfile, (struct interface_info *)0, &top_level_config);
+ } while (1);
+
+ if (cfile -> warnings_occurred)
+ log_fatal("Cannot parse -I/-H/-F/-timeout/-V/-R configuration arguments !");
+ end_parse(&cfile);
+
+ if (timeout_arg) {
+ /* we just set the toplevel timeout, but per-client
+ * timeouts may still be at defaults.
+ */
+ for (ip=interfaces; ip; ip = ip->next) {
+ if (ip->client->config->timeout == 60)
+ ip->client->config->timeout = timeout_arg;
+ }
+ }
+
+ if ((dhclient_request_options != 0) && (top_level_config.requested_options != default_requested_options)) {
+ for (ip=interfaces; ip; ip = ip->next) {
+ if (ip->client->config->requested_options == default_requested_options)
+ ip->client->config->requested_options = top_level_config.requested_options;
+ }
+ }
+
+ free(arg_conf);
+ arg_conf = NULL;
+ arg_conf_len = 0;
+ }
+
/* Parse the lease database. */
read_client_leases();
@@ -715,6 +965,10 @@ static void usage()
" [-s server-addr] [-cf config-file] "
"[-lf lease-file]\n"
" [-pf pid-file] [--no-pid] [-e VAR=val]\n"
+ " [-I <dhcp-client-identifier>] [-B]\n"
+ " [-H <host-name> | -F <fqdn.fqdn>] [-timeout <timeout>]\n"
+ " [-V <vendor-class-identifier>]\n"
+ " [-R <request option list>]\n"
" [-sf script-file] [interface]");
}
@@ -2421,7 +2675,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always || client->config->bootp_broadcast_always))
+ && can_receive_unicast_unconfigured(client->interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -2505,7 +2760,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always ||
+ client ->config->bootp_broadcast_always)) &&
+ can_receive_unicast_unconfigured (client -> interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -2567,7 +2824,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always || client->config-> bootp_broadcast_always))
+ && can_receive_unicast_unconfigured (client->interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
diff -up dhcp-4.2.4-P2/common/conflex.c.options dhcp-4.2.4-P2/common/conflex.c
--- dhcp-4.2.4-P2/common/conflex.c.options 2012-08-28 04:13:03.000000000 +0200
+++ dhcp-4.2.4-P2/common/conflex.c 2012-09-26 10:34:27.142049876 +0200
@@ -808,6 +808,8 @@ intern(char *atom, enum dhcp_token dfv)
return BALANCE;
if (!strcasecmp (atom + 1, "ound"))
return BOUND;
+ if (!strcasecmp (atom + 1, "ootp-broadcast-always"))
+ return BOOTP_BROADCAST_ALWAYS;
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
diff -up dhcp-4.2.4-P2/includes/dhcpd.h.options dhcp-4.2.4-P2/includes/dhcpd.h
--- dhcp-4.2.4-P2/includes/dhcpd.h.options 2012-08-28 04:13:22.000000000 +0200
+++ dhcp-4.2.4-P2/includes/dhcpd.h 2012-09-26 10:34:27.143049865 +0200
@@ -1153,6 +1153,9 @@ struct client_config {
int do_forward_update; /* If nonzero, and if we have the
information we need, update the
A record for the address we get. */
+
+ int bootp_broadcast_always; /* If nonzero, always set the BOOTP_BROADCAST
+ flag in requests */
};
/* Per-interface state used in the dhcp client... */
diff -up dhcp-4.2.4-P2/includes/dhctoken.h.options dhcp-4.2.4-P2/includes/dhctoken.h
--- dhcp-4.2.4-P2/includes/dhctoken.h.options 2012-08-28 04:13:03.000000000 +0200
+++ dhcp-4.2.4-P2/includes/dhctoken.h 2012-09-26 10:34:27.144049854 +0200
@@ -364,7 +364,8 @@ enum dhcp_token {
GETHOSTBYNAME = 665,
PRIMARY6 = 666,
SECONDARY6 = 667,
- TOKEN_INFINIBAND = 668
+ TOKEN_INFINIBAND = 668,
+ BOOTP_BROADCAST_ALWAYS = 669
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \

12
SOURCES/dhcp-4.2.4-failOverPeer.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up dhcp-4.2.4/server/ldap.c.failOverPeer dhcp-4.2.4/server/ldap.c
--- dhcp-4.2.4/server/ldap.c.failOverPeer 2012-07-23 12:53:26.815262322 +0200
+++ dhcp-4.2.4/server/ldap.c 2012-07-23 12:54:31.002119299 +0200
@@ -893,7 +893,7 @@ ldap_start (void)
static void
parse_external_dns (LDAPMessage * ent)
{
- char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",
+ char *search[] = {"dhcpFailOverPeerDN", "dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",
"dhcpGroupDN", "dhcpHostDN", "dhcpClassesDN",
"dhcpPoolDN", NULL};
LDAPMessage * newres, * newent;

443
SOURCES/dhcp-4.2.4-getifaddrs.patch Normal file
View File

@ -0,0 +1,443 @@
From c09dd24a7d63988e0acef7d033bd3e088fc005c0 Mon Sep 17 00:00:00 2001
From: Jiri Popelka <jpopelka@redhat.com>
Date: Thu, 24 Jan 2013 12:39:50 +0100
Subject: [PATCH] Linux interface discovery

Use the same discovery code as for *BSD and OS X,
i.e. the getifaddrs() function.
---
common/discover.c | 398 +++---------------------------------------------------
1 file changed, 17 insertions(+), 381 deletions(-)

diff --git a/common/discover.c b/common/discover.c
index 1d84219..f2a8f6d 100644
--- a/common/discover.c
+++ b/common/discover.c
@@ -379,391 +379,13 @@ end_iface_scan(struct iface_conf_list *ifaces) {
ifaces->sock = -1;
}
-#elif __linux /* !HAVE_SIOCGLIFCONF */
-/*
- * Linux support
- * -------------
- *
- * In Linux, we use the /proc pseudo-filesystem to get information
- * about interfaces, along with selected ioctl() calls.
- *
- * Linux low level access is documented in the netdevice man page.
- */
-
-/*
- * Structure holding state about the scan.
- */
-struct iface_conf_list {
- int sock; /* file descriptor used to get information */
- FILE *fp; /* input from /proc/net/dev */
-#ifdef DHCPv6
- FILE *fp6; /* input from /proc/net/if_inet6 */
-#endif
-};
-
-/*
- * Structure used to return information about a specific interface.
- */
-struct iface_info {
- char name[IFNAMSIZ]; /* name of the interface, e.g. "eth0" */
- struct sockaddr_storage addr; /* address information */
- isc_uint64_t flags; /* interface flags, e.g. IFF_LOOPBACK */
-};
-
-/*
- * Start a scan of interfaces.
- *
- * The iface_conf_list structure maintains state for this process.
- */
-int
-begin_iface_scan(struct iface_conf_list *ifaces) {
- char buf[256];
- int len;
- int i;
-
- ifaces->fp = fopen("/proc/net/dev", "r");
- if (ifaces->fp == NULL) {
- log_error("Error opening '/proc/net/dev' to list interfaces");
- return 0;
- }
-
- /*
- * The first 2 lines are header information, so read and ignore them.
- */
- for (i=0; i<2; i++) {
- if (fgets(buf, sizeof(buf), ifaces->fp) == NULL) {
- log_error("Error reading headers from '/proc/net/dev'");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad header line in '/proc/net/dev'");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- }
-
- ifaces->sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
- if (ifaces->sock < 0) {
- log_error("Error creating socket to list interfaces; %m");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
-
-#ifdef DHCPv6
- if (local_family == AF_INET6) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
- close(ifaces->sock);
- ifaces->sock = -1;
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- }
-#endif
-
- return 1;
-}
-
-/*
- * Read our IPv4 interfaces from /proc/net/dev.
- *
- * The file looks something like this:
- *
- * Inter-| Receive ...
- * face |bytes packets errs drop fifo frame ...
- * lo: 1580562 4207 0 0 0 0 ...
- * eth0: 0 0 0 0 0 0 ...
- * eth1:1801552440 37895 0 14 0 ...
- *
- * We only care about the interface name, which is at the start of
- * each line.
- *
- * We use an ioctl() to get the address and flags for each interface.
- */
-static int
-next_iface4(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- char buf[256];
- int len;
- char *p;
- char *name;
- struct ifreq tmp;
-
- /*
- * Loop exits when we find an interface that has an address, or
- * when we run out of interfaces.
- */
- for (;;) {
- do {
- /*
- * Read the next line in the file.
- */
- if (fgets(buf, sizeof(buf), ifaces->fp) == NULL) {
- if (ferror(ifaces->fp)) {
- *err = 1;
- log_error("Error reading interface "
- "information");
- } else {
- *err = 0;
- }
- return 0;
- }
-
- /*
- * Make sure the line is a nice,
- * newline-terminated line.
- */
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad line reading interface "
- "information");
- *err = 1;
- return 0;
- }
-
- /*
- * Figure out our name.
- */
- p = strrchr(buf, ':');
- if (p == NULL) {
- log_error("Bad line reading interface "
- "information (no colon)");
- *err = 1;
- return 0;
- }
- *p = '\0';
- name = buf;
- while (isspace(*name)) {
- name++;
- }
-
- /*
- * Copy our name into our interface structure.
- */
- len = p - name;
- if (len >= sizeof(info->name)) {
- *err = 1;
- log_error("Interface name '%s' too long", name);
- return 0;
- }
- strcpy(info->name, name);
-
-#ifdef ALIAS_NAMED_PERMUTED
- /* interface aliases look like "eth0:1" or "wlan1:3" */
- s = strchr(info->name, ':');
- if (s != NULL) {
- *s = '\0';
- }
-#endif
-
-#ifdef SKIP_DUMMY_INTERFACES
- } while (strncmp(info->name, "dummy", 5) == 0);
-#else
- } while (0);
-#endif
-
- memset(&tmp, 0, sizeof(tmp));
- strcpy(tmp.ifr_name, name);
- if (ioctl(ifaces->sock, SIOCGIFADDR, &tmp) < 0) {
- if (errno == EADDRNOTAVAIL) {
- continue;
- }
- log_error("Error getting interface address "
- "for '%s'; %m", name);
- *err = 1;
- return 0;
- }
- memcpy(&info->addr, &tmp.ifr_addr, sizeof(tmp.ifr_addr));
-
- memset(&tmp, 0, sizeof(tmp));
- strcpy(tmp.ifr_name, name);
- if (ioctl(ifaces->sock, SIOCGIFFLAGS, &tmp) < 0) {
- log_error("Error getting interface flags for '%s'; %m",
- name);
- *err = 1;
- return 0;
- }
- info->flags = tmp.ifr_flags;
-
- *err = 0;
- return 1;
- }
-}
-
-#ifdef DHCPv6
-/*
- * Read our IPv6 interfaces from /proc/net/if_inet6.
- *
- * The file looks something like this:
- *
- * fe80000000000000025056fffec00008 05 40 20 80 vmnet8
- * 00000000000000000000000000000001 01 80 10 80 lo
- * fe80000000000000025056fffec00001 06 40 20 80 vmnet1
- * 200108881936000202166ffffe497d9b 03 40 00 00 eth1
- * fe8000000000000002166ffffe497d9b 03 40 20 80 eth1
- *
- * We get IPv6 address from the start, the interface name from the end,
- * and ioctl() to get flags.
- */
-static int
-next_iface6(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- char buf[256];
- int len;
- char *p;
- char *name;
- int i;
- struct sockaddr_in6 addr;
- struct ifreq tmp;
-
- do {
- /*
- * Read the next line in the file.
- */
- if (fgets(buf, sizeof(buf), ifaces->fp6) == NULL) {
- if (ferror(ifaces->fp6)) {
- *err = 1;
- log_error("Error reading IPv6 "
- "interface information");
- } else {
- *err = 0;
- }
- return 0;
- }
-
- /*
- * Make sure the line is a nice, newline-terminated line.
- */
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad line reading IPv6 "
- "interface information");
- *err = 1;
- return 0;
- }
-
- /*
- * Figure out our name.
- */
- buf[--len] = '\0';
- p = strrchr(buf, ' ');
- if (p == NULL) {
- log_error("Bad line reading IPv6 interface "
- "information (no space)");
- *err = 1;
- return 0;
- }
- name = p+1;
-
- /*
- * Copy our name into our interface structure.
- */
- len = strlen(name);
- if (len >= sizeof(info->name)) {
- *err = 1;
- log_error("IPv6 interface name '%s' too long", name);
- return 0;
- }
- strcpy(info->name, name);
-
-#ifdef SKIP_DUMMY_INTERFACES
- } while (strncmp(info->name, "dummy", 5) == 0);
-#else
- } while (0);
-#endif
-
- /*
- * Double-check we start with the IPv6 address.
- */
- for (i=0; i<32; i++) {
- if (!isxdigit(buf[i]) || isupper(buf[i])) {
- *err = 1;
- log_error("Bad line reading IPv6 interface address "
- "for '%s'", name);
- return 0;
- }
- }
-
- /*
- * Load our socket structure.
- */
- memset(&addr, 0, sizeof(addr));
- addr.sin6_family = AF_INET6;
- for (i=0; i<16; i++) {
- unsigned char byte;
- static const char hex[] = "0123456789abcdef";
- byte = ((index(hex, buf[i * 2]) - hex) << 4) |
- (index(hex, buf[i * 2 + 1]) - hex);
- addr.sin6_addr.s6_addr[i] = byte;
- }
- memcpy(&info->addr, &addr, sizeof(addr));
-
- /*
- * Get our flags.
- */
- memset(&tmp, 0, sizeof(tmp));
- strcpy(tmp.ifr_name, name);
- if (ioctl(ifaces->sock, SIOCGIFFLAGS, &tmp) < 0) {
- log_error("Error getting interface flags for '%s'; %m", name);
- *err = 1;
- return 0;
- }
- info->flags = tmp.ifr_flags;
-
- *err = 0;
- return 1;
-}
-#endif /* DHCPv6 */
-
-/*
- * Retrieve the next interface.
- *
- * Returns information in the info structure.
- * Sets err to 1 if there is an error, otherwise 0.
- */
-int
-next_iface(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- if (next_iface4(info, err, ifaces)) {
- return 1;
- }
-#ifdef DHCPv6
- if (!(*err)) {
- if (local_family == AF_INET6)
- return next_iface6(info, err, ifaces);
- }
-#endif
- return 0;
-}
-
-/*
- * End scan of interfaces.
- */
-void
-end_iface_scan(struct iface_conf_list *ifaces) {
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- close(ifaces->sock);
- ifaces->sock = -1;
-#ifdef DHCPv6
- if (local_family == AF_INET6) {
- fclose(ifaces->fp6);
- ifaces->fp6 = NULL;
- }
-#endif
-}
#else
/*
* BSD support
* -----------
*
- * FreeBSD, NetBSD, OpenBSD, and OS X all have the getifaddrs()
+ * FreeBSD, NetBSD, OpenBSD, OS X and Linux all have the getifaddrs()
* function.
*
* The getifaddrs() man page describes the use.
@@ -811,6 +433,8 @@ begin_iface_scan(struct iface_conf_list *ifaces) {
*/
int
next_iface(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
+ size_t sa_len = 0;
+
if (ifaces->next == NULL) {
*err = 0;
return 0;
@@ -822,8 +446,20 @@ next_iface(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
return 0;
}
strcpy(info->name, ifaces->next->ifa_name);
- memcpy(&info->addr, ifaces->next->ifa_addr,
- ifaces->next->ifa_addr->sa_len);
+
+ memset(&info->addr, 0 , sizeof(info->addr));
+
+ if (ifaces->next->ifa_addr != NULL) {
+#ifdef HAVE_SA_LEN
+ sa_len = ifaces->next->ifa_addr->sa_len;
+#else
+ if (ifaces->next->ifa_addr->sa_family == AF_INET)
+ sa_len = sizeof(struct sockaddr_in);
+ else if (ifaces->next->ifa_addr->sa_family == AF_INET6)
+ sa_len = sizeof(struct sockaddr_in6);
+#endif
+ memcpy(&info->addr, ifaces->next->ifa_addr, sa_len);
+ }
info->flags = ifaces->next->ifa_flags;
ifaces->next = ifaces->next->ifa_next;
*err = 0;
--
1.8.1

138
SOURCES/dhcp-4.2.4-improved-xid.patch Normal file
View File

@ -0,0 +1,138 @@
diff -up dhcp-4.2.4b1/client/dhclient.c.improved-xid dhcp-4.2.4b1/client/dhclient.c
--- dhcp-4.2.4b1/client/dhclient.c.improved-xid 2012-04-16 17:42:37.444217424 +0200
+++ dhcp-4.2.4b1/client/dhclient.c 2012-04-16 17:45:32.105770755 +0200
@@ -888,6 +888,26 @@ main(int argc, char **argv) {
}
}
+ /* We create a backup seed before rediscovering interfaces in order to
+ have a seed built using all of the available interfaces
+ It's interesting if required interfaces doesn't let us defined
+ a really unique seed due to a lack of valid HW addr later
+ (this is the case with DHCP over IB)
+ We only use the last device as using a sum could broke the
+ uniqueness of the seed among multiple nodes
+ */
+ unsigned backup_seed = 0;
+ for (ip = interfaces; ip; ip = ip -> next) {
+ int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
+ memcpy (&junk,
+ &ip -> hw_address.hbuf [ip -> hw_address.hlen -
+ sizeof seed], sizeof seed);
+ backup_seed = junk;
+ }
+
+
/* At this point, all the interfaces that the script thinks
are relevant should be running, so now we once again call
discover_interfaces(), and this time ask it to actually set
@@ -902,14 +922,36 @@ main(int argc, char **argv) {
Not much entropy, but we're booting, so we're not likely to
find anything better. */
seed = 0;
+ int seed_flag = 0;
for (ip = interfaces; ip; ip = ip->next) {
int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
memcpy(&junk,
&ip->hw_address.hbuf[ip->hw_address.hlen -
sizeof seed], sizeof seed);
seed += junk;
+ seed_flag = 1;
}
- srandom(seed + cur_time + (unsigned)getpid());
+ if ( seed_flag == 0 ) {
+ if ( backup_seed != 0 ) {
+ seed = backup_seed;
+ log_info ("xid: rand init seed (0x%x) built using all"
+ " available interfaces",seed);
+ }
+ else {
+ seed = cur_time^((unsigned) gethostid()) ;
+ log_info ("xid: warning: no netdev with useable HWADDR found"
+ " for seed's uniqueness enforcement");
+ log_info ("xid: rand init seed (0x%x) built using gethostid",
+ seed);
+ }
+ /* we only use seed and no current time as a broadcast reply */
+ /* will certainly be used by the hwaddrless interface */
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
+ }
+ else
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
/* Setup specific Infiniband options */
for (ip = interfaces; ip; ip = ip->next) {
@@ -1447,7 +1489,7 @@ void dhcpack (packet)
return;
}
- log_info ("DHCPACK from %s", piaddr (packet -> client_addr));
+ log_info ("DHCPACK from %s (xid=0x%x)", piaddr (packet -> client_addr), client -> xid);
lease = packet_to_lease (packet, client);
if (!lease) {
@@ -2164,7 +2206,7 @@ void dhcpnak (packet)
return;
}
- log_info ("DHCPNAK from %s", piaddr (packet -> client_addr));
+ log_info ("DHCPNAK from %s (xid=0x%x)", piaddr (packet -> client_addr), client -> xid);
if (!client -> active) {
#if defined (DEBUG)
@@ -2290,10 +2332,10 @@ void send_discover (cpp)
client -> packet.secs = htons (65535);
client -> secs = client -> packet.secs;
- log_info ("DHCPDISCOVER on %s to %s port %d interval %ld",
+ log_info ("DHCPDISCOVER on %s to %s port %d interval %ld (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (sockaddr_broadcast.sin_addr),
- ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval));
+ ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval), client -> xid);
/* Send out a packet. */
result = send_packet(client->interface, NULL, &client->packet,
@@ -2577,10 +2619,10 @@ void send_request (cpp)
client -> packet.secs = htons (65535);
}
- log_info ("DHCPREQUEST on %s to %s port %d",
+ log_info ("DHCPREQUEST on %s to %s port %d (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), client -> xid);
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
fallback_interface) {
@@ -2620,10 +2662,10 @@ void send_decline (cpp)
int result;
- log_info ("DHCPDECLINE on %s to %s port %d",
+ log_info ("DHCPDECLINE on %s to %s port %d (xid=0x%x)",
client->name ? client->name : client->interface->name,
inet_ntoa(sockaddr_broadcast.sin_addr),
- ntohs(sockaddr_broadcast.sin_port));
+ ntohs(sockaddr_broadcast.sin_port), client -> xid);
/* Send out a packet. */
result = send_packet(client->interface, NULL, &client->packet,
@@ -2666,10 +2708,10 @@ void send_release (cpp)
return;
}
- log_info ("DHCPRELEASE on %s to %s port %d",
+ log_info ("DHCPRELEASE on %s to %s port %d (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), client -> xid);
if (fallback_interface) {
result = send_packet(fallback_interface, NULL, &client->packet,

38
SOURCES/dhcp-4.2.4-paths.patch Normal file
View File

@ -0,0 +1,38 @@
diff -up dhcp-4.2.4-P2/doc/examples/dhcpd-dhcpv6.conf.paths dhcp-4.2.4-P2/doc/examples/dhcpd-dhcpv6.conf
--- dhcp-4.2.4-P2/doc/examples/dhcpd-dhcpv6.conf.paths 2012-08-24 21:11:21.000000000 +0200
+++ dhcp-4.2.4-P2/doc/examples/dhcpd-dhcpv6.conf 2012-10-26 18:10:08.716560729 +0200
@@ -42,7 +42,7 @@ option dhcp6.domain-search "test.example
option dhcp6.info-refresh-time 21600;
# The path of the lease file
-dhcpv6-lease-file-name "/usr/local/var/db/dhcpd6.leases";
+dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";
# Static definition (must be global)
host myclient {
diff -up dhcp-4.2.4b1/includes/dhcpd.h.paths dhcp-4.2.4b1/includes/dhcpd.h
--- dhcp-4.2.4b1/includes/dhcpd.h.paths 2012-04-18 11:12:34.000000000 +0200
+++ dhcp-4.2.4b1/includes/dhcpd.h 2012-04-18 11:14:38.541272405 +0200
@@ -1420,7 +1420,7 @@ typedef unsigned char option_mask [16];
#else /* !DEBUG */
#ifndef _PATH_DHCPD_CONF
-#define _PATH_DHCPD_CONF "/etc/dhcpd.conf"
+#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf"
#endif /* DEBUG */
#ifndef _PATH_DHCPD_DB
@@ -1442,11 +1442,11 @@ typedef unsigned char option_mask [16];
#endif /* DEBUG */
#ifndef _PATH_DHCLIENT_CONF
-#define _PATH_DHCLIENT_CONF "/etc/dhclient.conf"
+#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf"
#endif
#ifndef _PATH_DHCLIENT_SCRIPT
-#define _PATH_DHCLIENT_SCRIPT "/sbin/dhclient-script"
+#define _PATH_DHCLIENT_SCRIPT "/usr/sbin/dhclient-script"
#endif
#ifndef _PATH_DHCLIENT_PID

101
SOURCES/dhcp-4.2.4-unicast-bootp.patch Normal file
View File

@ -0,0 +1,101 @@
diff -up dhcp-4.2.4b1/server/bootp.c.unicast dhcp-4.2.4b1/server/bootp.c
--- dhcp-4.2.4b1/server/bootp.c.unicast 2012-04-10 23:27:06.000000000 +0200
+++ dhcp-4.2.4b1/server/bootp.c 2012-04-16 17:28:42.095919022 +0200
@@ -59,6 +59,7 @@ void bootp (packet)
char msgbuf [1024];
int ignorep;
int peer_has_leases = 0;
+ int norelay = 0;
if (packet -> raw -> op != BOOTREQUEST)
return;
@@ -74,7 +75,7 @@ void bootp (packet)
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
- if (!locate_network (packet)) {
+ if ((norelay = locate_network (packet)) == 0) {
log_info ("%s: network unknown", msgbuf);
return;
}
@@ -399,6 +400,15 @@ void bootp (packet)
goto out;
}
+ } else if (norelay == 2) {
+ to.sin_addr = raw.ciaddr;
+ to.sin_port = remote_port;
+ if (fallback_interface) {
+ result = send_packet (fallback_interface, NULL, &raw,
+ outgoing.packet_length, from,
+ &to, &hto);
+ goto out;
+ }
/* If it comes from a client that already knows its address
and is not requesting a broadcast response, and we can
diff -up dhcp-4.2.4b1/server/dhcp.c.unicast dhcp-4.2.4b1/server/dhcp.c
--- dhcp-4.2.4b1/server/dhcp.c.unicast 2012-03-09 12:28:12.000000000 +0100
+++ dhcp-4.2.4b1/server/dhcp.c 2012-04-16 17:26:55.067418285 +0200
@@ -4299,6 +4299,7 @@ int locate_network (packet)
struct data_string data;
struct subnet *subnet = (struct subnet *)0;
struct option_cache *oc;
+ int norelay = 0;
/* See if there's a Relay Agent Link Selection Option, or a
* Subnet Selection Option. The Link-Select and Subnet-Select
@@ -4314,12 +4315,24 @@ int locate_network (packet)
from the interface, if there is one. If not, fail. */
if (!oc && !packet -> raw -> giaddr.s_addr) {
if (packet -> interface -> shared_network) {
- shared_network_reference
- (&packet -> shared_network,
- packet -> interface -> shared_network, MDL);
- return 1;
+ struct in_addr any_addr;
+ any_addr.s_addr = INADDR_ANY;
+
+ if (!packet -> packet_type && memcmp(&packet -> raw -> ciaddr, &any_addr, 4)) {
+ struct iaddr cip;
+ memcpy(cip.iabuf, &packet -> raw -> ciaddr, 4);
+ cip.len = 4;
+ if (!find_grouped_subnet(&subnet, packet->interface->shared_network, cip, MDL))
+ norelay = 2;
+ }
+
+ if (!norelay) {
+ shared_network_reference(&packet -> shared_network, packet -> interface -> shared_network, MDL);
+ return 1;
+ }
+ } else {
+ return 0;
}
- return 0;
}
/* If there's an option indicating link connection, and it's valid,
@@ -4342,7 +4355,10 @@ int locate_network (packet)
data_string_forget (&data, MDL);
} else {
ia.len = 4;
- memcpy (ia.iabuf, &packet -> raw -> giaddr, 4);
+ if (norelay)
+ memcpy (ia.iabuf, &packet->raw->ciaddr, 4);
+ else
+ memcpy (ia.iabuf, &packet->raw->giaddr, 4);
}
/* If we know the subnet on which the IP address lives, use it. */
@@ -4350,7 +4366,10 @@ int locate_network (packet)
shared_network_reference (&packet -> shared_network,
subnet -> shared_network, MDL);
subnet_dereference (&subnet, MDL);
- return 1;
+ if (norelay)
+ return norelay;
+ else
+ return 1;
}
/* Otherwise, fail. */

150
SOURCES/dhcp-4.2.5-PPP.patch Normal file
View File

@ -0,0 +1,150 @@
diff -up dhcp-4.2.4b1/client/dhc6.c.PPP dhcp-4.2.4b1/client/dhc6.c
--- dhcp-4.2.4b1/client/dhc6.c.PPP 2012-04-16 17:37:23.243618764 +0200
+++ dhcp-4.2.4b1/client/dhc6.c 2012-04-16 17:37:23.252618638 +0200
@@ -133,7 +133,7 @@ extern int stateless;
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
-void
+isc_result_t
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
@@ -145,6 +145,15 @@ form_duid(struct data_string *duid, cons
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
+ while (ip && ip->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ /* Try the other interfaces */
+ log_debug("Cannot form default DUID from interface %s.", ip->name);
+ ip = ip->next;
+ }
+ if (ip == NULL) {
+ return ISC_R_UNEXPECTED;
+ }
+
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
@@ -180,6 +189,8 @@ form_duid(struct data_string *duid, cons
memcpy(duid->buffer->data + 4, ip->hw_address.hbuf + 1,
ip->hw_address.hlen - 1);
}
+
+ return ISC_R_SUCCESS;
}
/*
@@ -5130,7 +5141,8 @@ make_client6_options(struct client_state
*/
if ((oc = lookup_option(&dhcpv6_universe, *op,
D6O_CLIENTID)) == NULL) {
- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
+ if (default_duid.len == 0 ||
+ !option_cache(&oc, &default_duid, NULL, clientid_option,
MDL))
log_fatal("Failure assembling a DUID.");
diff -up dhcp-4.2.4b1/client/dhclient.c.PPP dhcp-4.2.4b1/client/dhclient.c
--- dhcp-4.2.4b1/client/dhclient.c.PPP 2012-04-16 17:37:23.214619170 +0200
+++ dhcp-4.2.4b1/client/dhclient.c 2012-04-16 17:37:23.254618610 +0200
@@ -919,8 +919,8 @@ main(int argc, char **argv) {
if (default_duid.buffer != NULL)
data_string_forget(&default_duid, MDL);
- form_duid(&default_duid, MDL);
- write_duid(&default_duid);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
+ write_duid(&default_duid);
}
for (ip = interfaces ; ip != NULL ; ip = ip->next) {
diff -up dhcp-4.2.4b1/common/bpf.c.PPP dhcp-4.2.4b1/common/bpf.c
--- dhcp-4.2.4b1/common/bpf.c.PPP 2012-04-16 17:37:23.175619716 +0200
+++ dhcp-4.2.4b1/common/bpf.c 2012-04-16 17:37:23.255618596 +0200
@@ -599,6 +599,22 @@ get_hw_addr(const char *name, struct har
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
+#if defined(IFT_PPP)
+ case IFT_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sdl_type, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
diff -up dhcp-4.2.4b1/common/lpf.c.PPP dhcp-4.2.4b1/common/lpf.c
--- dhcp-4.2.4b1/common/lpf.c.PPP 2012-04-16 17:37:23.155619996 +0200
+++ dhcp-4.2.4b1/common/lpf.c 2012-04-16 17:37:23.256618582 +0200
@@ -503,6 +503,22 @@ get_hw_addr(const char *name, struct har
hw->hbuf[0] = HTYPE_FDDI;
memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sa_family, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
diff -up dhcp-4.2.4b1/includes/dhcpd.h.PPP dhcp-4.2.4b1/includes/dhcpd.h
--- dhcp-4.2.4b1/includes/dhcpd.h.PPP 2012-04-16 17:37:23.239618820 +0200
+++ dhcp-4.2.4b1/includes/dhcpd.h 2012-04-16 17:37:23.257618568 +0200
@@ -2760,7 +2760,7 @@ void dhcpv4_client_assignments(void);
void dhcpv6_client_assignments(void);
/* dhc6.c */
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int line);
void start_init6(struct client_state *client);
void start_info_request6(struct client_state *client);
diff -up dhcp-4.2.4b1/includes/dhcp.h.PPP dhcp-4.2.4b1/includes/dhcp.h
--- dhcp-4.2.4b1/includes/dhcp.h.PPP 2012-04-16 17:37:23.000000000 +0200
+++ dhcp-4.2.4b1/includes/dhcp.h 2012-04-16 17:38:34.675618138 +0200
@@ -85,6 +85,8 @@ struct dhcp_packet {
* is no standard for this so we
* just steal a type */
+#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
diff -up dhcp-4.2.4b1/server/dhcpv6.c.PPP dhcp-4.2.4b1/server/dhcpv6.c
--- dhcp-4.2.4b1/server/dhcpv6.c.PPP 2012-04-16 17:37:23.218619114 +0200
+++ dhcp-4.2.4b1/server/dhcpv6.c 2012-04-16 17:37:23.260618526 +0200
@@ -300,6 +300,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
+ if (p->next == NULL && p->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ log_error("Can not generate DUID from interfaces which do not have hardware addresses, please configure server-duid!");
+ }
}
if (p == NULL) {
return ISC_R_UNEXPECTED;

87
SOURCES/dhcp-4.2.5-additional_hmac_tsig.patch Normal file
View File

@ -0,0 +1,87 @@
commit 71c56235c6fbdeed3ba5a75bb379a34394106619
Author: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon Apr 10 12:59:07 2017 +0200

Backported upstream commit e4a2cb79b2679738f56b3803a44c9899f6982c09

diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h
index ddefeb5..4dffcb9 100644
--- a/includes/omapip/isclib.h
+++ b/includes/omapip/isclib.h
@@ -104,6 +104,11 @@ extern dhcp_context_t dhcp_gbl_ctx;
#define DHCP_MAXDNS_WIRE 256
#define DHCP_MAXNS 3
#define DHCP_HMAC_MD5_NAME "HMAC-MD5.SIG-ALG.REG.INT."
+#define DHCP_HMAC_SHA1_NAME "HMAC-SHA1.SIG-ALG.REG.INT."
+#define DHCP_HMAC_SHA224_NAME "HMAC-SHA224.SIG-ALG.REG.INT."
+#define DHCP_HMAC_SHA256_NAME "HMAC-SHA256.SIG-ALG.REG.INT."
+#define DHCP_HMAC_SHA384_NAME "HMAC-SHA384.SIG-ALG.REG.INT."
+#define DHCP_HMAC_SHA512_NAME "HMAC-SHA512.SIG-ALG.REG.INT."
isc_result_t dhcp_isc_name(unsigned char *namestr,
dns_fixedname_t *namefix,
diff --git a/omapip/isclib.c b/omapip/isclib.c
index 1534dde..be1982e 100644
--- a/omapip/isclib.c
+++ b/omapip/isclib.c
@@ -198,21 +198,34 @@ isclib_make_dst_key(char *inname,
dns_name_t *name;
dns_fixedname_t name0;
isc_buffer_t b;
+ unsigned int algorithm_code;
isc_buffer_init(&b, secret, length);
isc_buffer_add(&b, length);
- /* We only support HMAC_MD5 currently */
- if (strcasecmp(algorithm, DHCP_HMAC_MD5_NAME) != 0) {
+ if (strcasecmp(algorithm, DHCP_HMAC_MD5_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACMD5;
+ } else if (strcasecmp(algorithm, DHCP_HMAC_SHA1_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACSHA1;
+ } else if (strcasecmp(algorithm, DHCP_HMAC_SHA224_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACSHA224;
+ } else if (strcasecmp(algorithm, DHCP_HMAC_SHA256_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACSHA256;
+ } else if (strcasecmp(algorithm, DHCP_HMAC_SHA384_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACSHA384;
+ } else if (strcasecmp(algorithm, DHCP_HMAC_SHA512_NAME) == 0) {
+ algorithm_code = DST_ALG_HMACSHA512;
+ } else {
return(DHCP_R_INVALIDARG);
}
+
result = dhcp_isc_name((unsigned char *)inname, &name0, &name);
if (result != ISC_R_SUCCESS) {
return(result);
}
- return(dst_key_frombuffer(name, DST_ALG_HMACMD5, DNS_KEYOWNER_ENTITY,
+ return(dst_key_frombuffer(name, algorithm_code, DNS_KEYOWNER_ENTITY,
DNS_KEYPROTO_DNSSEC, dns_rdataclass_in,
&b, dhcp_gbl_ctx.mctx, dstkey));
}
diff --git a/server/dhcpd.conf.5 b/server/dhcpd.conf.5
index 0cb50a6..74393c2 100644
--- a/server/dhcpd.conf.5
+++ b/server/dhcpd.conf.5
@@ -1398,6 +1398,18 @@ generate a key as seen above:
dnskeygen -H 128 -u -c -n DHCP_UPDATER
.fi
.PP
+The key name, algorithm, and secret must match that being used by the DNS
+server. The DHCP server currently supports the following algorithms:
+.nf
+
+ HMAC-MD5
+ HMAC-SHA1
+ HMAC-SHA224
+ HMAC-SHA256
+ HMAC-SHA384
+ HMAC-SHA512
+.fi
+.PP
You may wish to enable logging of DNS updates on your DNS server.
To do so, you might write a logging statement like the following:
.PP

14
SOURCES/dhcp-4.2.5-centos-branding.patch Normal file
View File

@ -0,0 +1,14 @@
diff -uNrp dhcp-4.1.1-P1.orig/omapip/errwarn.c dhcp-4.1.1-P1/omapip/errwarn.c
--- dhcp-4.1.1-P1.orig/omapip/errwarn.c 2012-08-15 14:04:33.149141000 +0000
+++ dhcp-4.1.1-P1/omapip/errwarn.c 2012-08-15 14:13:05.582416057 +0000
@@ -81,8 +81,8 @@ void log_fatal (const char * fmt, ... )
log_error ("have been made to the base software release in order to make");
log_error ("it work better with this distribution.");
log_error ("%s", "");
- log_error ("Please report for this software via the Red Hat Bugzilla site:");
- log_error (" http://bugzilla.redhat.com");
+ log_error ("Please report for this software via the CentOS Bugs Database:");
+ log_error (" http://bugs.centos.org/");
log_error ("%s", "");
log_error ("exiting.");
#endif

70
SOURCES/dhcp-4.2.5-ddns_port_lazy_init.patch Normal file
View File

@ -0,0 +1,70 @@
--- a/common/dns.c
+++ a/common/dns.c
@@ -1381,6 +1381,24 @@ void ddns_interlude(isc_task_t *taskp,
}
/*
+ * Moved here from omapip/isclib.c, function dhcp_context_create.
+ * Create dnsclient only before the first use.
+ */
+static isc_result_t
+dns_client_lazy() {
+ if (dhcp_gbl_ctx.dnsclient == NULL)
+ return dns_client_createx(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ dhcp_gbl_ctx.taskmgr,
+ dhcp_gbl_ctx.socketmgr,
+ dhcp_gbl_ctx.timermgr,
+ 0,
+ &dhcp_gbl_ctx.dnsclient);
+ else
+ return ISC_R_SUCCESS;
+}
+
+/*
* This routine does the generic work for sending a ddns message to
* modify the forward record (A or AAAA) and calls one of a set of
* routines to build the specific message.
@@ -1403,6 +1421,10 @@ ddns_modify_fwd(dhcp_ddns_cb_t *ddns_cb, const char *file, int line)
/* Get a pointer to the clientname to make things easier. */
clientname = (unsigned char *)ddns_cb->fwd_name.data;
+ result = dns_client_lazy();
+ if (result != ISC_R_SUCCESS)
+ return result;
+
/* Extract and validate the type of the address. */
if (ddns_cb->address.len == 4) {
ddns_cb->address_type = dns_rdatatype_a;
@@ -1586,6 +1608,10 @@ ddns_modify_ptr(dhcp_ddns_cb_t *ddns_cb, const char *file, int line)
unsigned char buf[256];
int buflen;
+ result = dns_client_lazy();
+ if (result != ISC_R_SUCCESS)
+ return result;
+
/*
* Try to lookup the zone in the zone cache. As with the forward
* case it's okay if we don't have one, the DNS code will try to
--- a/omapip/isclib.c
+++ a/omapip/isclib.c
@@ -130,17 +130,7 @@ dhcp_context_create(void) {
if (result != ISC_R_SUCCESS)
goto cleanup;
-#if defined (NSUPDATE)
- result = dns_client_createx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- dhcp_gbl_ctx.taskmgr,
- dhcp_gbl_ctx.socketmgr,
- dhcp_gbl_ctx.timermgr,
- 0,
- &dhcp_gbl_ctx.dnsclient);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-#else
+#if !defined (NSUPDATE)
/* The dst library is inited as part of dns_lib_init, we don't
* need it if NSUPDATE is enabled */
result = dst_lib_init(dhcp_gbl_ctx.mctx, NULL, 0);

255
SOURCES/dhcp-4.2.5-failover-potential-conflict.patch Normal file
View File

@ -0,0 +1,255 @@
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 7e756e0..52ba677 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -3347,6 +3347,7 @@ isc_result_t dhcp_failover_state_signal (omapi_object_t *,
isc_result_t dhcp_failover_state_transition (dhcp_failover_state_t *,
const char *);
isc_result_t dhcp_failover_set_service_state (dhcp_failover_state_t *state);
+void dhcp_failover_rescind_updates (dhcp_failover_state_t *);
isc_result_t dhcp_failover_set_state (dhcp_failover_state_t *,
enum failover_state);
isc_result_t dhcp_failover_peer_state_changed (dhcp_failover_state_t *,
diff --git a/server/failover.c b/server/failover.c
index 8944102..6083672 100644
--- a/server/failover.c
+++ b/server/failover.c
@@ -1520,8 +1520,16 @@ isc_result_t dhcp_failover_state_transition (dhcp_failover_state_t *state,
/* In these situations, we remain in the current
* state, or if in startup enter those states.
*/
- case communications_interrupted:
case conflict_done:
+ /* As the peer may not have received or may have
+ * lost track of updates we sent previously we
+ * rescind them, causing us to retransmit them
+ * on an update request.
+ */
+ dhcp_failover_rescind_updates(state);
+ /* fall through */
+
+ case communications_interrupted:
case partner_down:
case paused:
case recover:
@@ -1704,6 +1712,52 @@ isc_result_t dhcp_failover_set_service_state (dhcp_failover_state_t *state)
return ISC_R_SUCCESS;
}
+/*!
+ * \brief Return any leases on the ack queue back to the update queue
+ *
+ * Re-schedule any pending updates by moving them from the ack queue
+ * (update sent awaiting response) back to the update queue (need to
+ * send an update for this lease). This will result in a retransmission
+ * of the update.
+ *
+ * \param state is the state block for the failover connection we are
+ * updating.
+ */
+
+void dhcp_failover_rescind_updates (dhcp_failover_state_t *state)
+{
+ struct lease *lp;
+
+ if (state->ack_queue_tail == NULL)
+ return;
+
+ /* Zap the flags. */
+ for (lp = state->ack_queue_head; lp; lp = lp->next_pending)
+ lp->flags = ((lp->flags & ~ON_ACK_QUEUE) | ON_UPDATE_QUEUE);
+
+ /* Now hook the ack queue to the beginning of the update queue. */
+ if (state->update_queue_head) {
+ lease_reference(&state->ack_queue_tail->next_pending,
+ state->update_queue_head, MDL);
+ lease_dereference(&state->update_queue_head, MDL);
+ }
+ lease_reference(&state->update_queue_head, state->ack_queue_head, MDL);
+
+ if (!state->update_queue_tail) {
+#if defined (POINTER_DEBUG)
+ if (state->ack_queue_tail->next_pending) {
+ log_error("next pending on ack queue tail.");
+ abort();
+ }
+#endif
+ lease_reference(&state->update_queue_tail,
+ state->ack_queue_tail, MDL);
+ }
+ lease_dereference(&state->ack_queue_tail, MDL);
+ lease_dereference(&state->ack_queue_head, MDL);
+ state->cur_unacked_updates = 0;
+}
+
isc_result_t dhcp_failover_set_state (dhcp_failover_state_t *state,
enum failover_state new_state)
{
@@ -1724,37 +1778,9 @@ isc_result_t dhcp_failover_set_state (dhcp_failover_state_t *state,
case normal:
case potential_conflict:
case partner_down:
- if (state -> ack_queue_tail) {
- struct lease *lp;
-
- /* Zap the flags. */
- for (lp = state -> ack_queue_head; lp; lp = lp -> next_pending)
- lp -> flags = ((lp -> flags & ~ON_ACK_QUEUE) |
- ON_UPDATE_QUEUE);
-
- /* Now hook the ack queue to the beginning of the update
- queue. */
- if (state -> update_queue_head) {
- lease_reference (&state -> ack_queue_tail -> next_pending,
- state -> update_queue_head, MDL);
- lease_dereference (&state -> update_queue_head, MDL);
- }
- lease_reference (&state -> update_queue_head,
- state -> ack_queue_head, MDL);
- if (!state -> update_queue_tail) {
-#if defined (POINTER_DEBUG)
- if (state -> ack_queue_tail -> next_pending) {
- log_error ("next pending on ack queue tail.");
- abort ();
- }
-#endif
- lease_reference (&state -> update_queue_tail,
- state -> ack_queue_tail, MDL);
- }
- lease_dereference (&state -> ack_queue_tail, MDL);
- lease_dereference (&state -> ack_queue_head, MDL);
- state -> cur_unacked_updates = 0;
- }
+ /* Move the ack queue to the update queue */
+ dhcp_failover_rescind_updates(state);
+
/* We will re-queue a timeout later, if applicable. */
cancel_timeout (dhcp_failover_keepalive, state);
break;
@@ -1858,7 +1884,9 @@ isc_result_t dhcp_failover_set_state (dhcp_failover_state_t *state,
break;
case potential_conflict:
- if (state -> i_am == primary)
+ if ((state->i_am == primary) ||
+ ((state->i_am == secondary) &&
+ (state->partner.state == conflict_done)))
dhcp_failover_send_update_request (state);
break;
@@ -1961,7 +1989,18 @@ isc_result_t dhcp_failover_peer_state_changed (dhcp_failover_state_t *state,
if (state -> partner.state == new_state && state -> me.state) {
switch (state -> me.state) {
case startup:
- dhcp_failover_set_state (state, state -> saved_state);
+ /*
+ * If we have a peer state we must be connected.
+ * If so we should move to potential_conflict
+ * instead of resolution_interrupted, otherwise
+ * back to whereever we were before we stopped.
+ */
+ if (state->saved_state == resolution_interrupted)
+ dhcp_failover_set_state(state,
+ potential_conflict);
+ else
+ dhcp_failover_set_state(state,
+ state->saved_state);
return ISC_R_SUCCESS;
case unknown_state:
@@ -2179,6 +2218,17 @@ isc_result_t dhcp_failover_peer_state_changed (dhcp_failover_state_t *state,
dhcp_failover_set_state(state, new_state);
break;
+ case potential_conflict:
+ case resolution_interrupted:
+ /*
+ * This can happen when the connection is lost and
+ * recovered after the primary has moved to
+ * conflict-done but the secondary is still in
+ * potential-conflict. In that case, we have to
+ * remain in conflict-done.
+ */
+ break;
+
default:
log_fatal("Peer %s: Invalid attempt to move from %s "
"to %s while local state is conflict-done.",
@@ -4867,16 +4917,17 @@ isc_result_t dhcp_failover_send_update_request (dhcp_failover_state_t *state)
if (!link -> outer || link -> outer -> type != omapi_type_connection)
return DHCP_R_INVALIDARG;
- if (state -> curUPD)
- return ISC_R_ALREADYRUNNING;
+ /* We allow an update to be restarted in case we requested an update
+ * and were interrupted by something. If we had an ALL going we need
+ * to restart that. Otherwise we simply continue with the request */
+ if (state -> curUPD == FTM_UPDREQALL) {
+ return (dhcp_failover_send_update_request_all(state));
+ }
- status = (dhcp_failover_put_message
- (link, link -> outer,
- FTM_UPDREQ, link->xid++,
- (failover_option_t *)0));
+ status = (dhcp_failover_put_message(link, link -> outer, FTM_UPDREQ,
+ link -> xid++, NULL));
- if (status == ISC_R_SUCCESS)
- state -> curUPD = FTM_UPDREQ;
+ state -> curUPD = FTM_UPDREQ;
#if defined (DEBUG_FAILOVER_MESSAGES)
if (status != ISC_R_SUCCESS)
@@ -4886,7 +4937,12 @@ isc_result_t dhcp_failover_send_update_request (dhcp_failover_state_t *state)
log_debug ("%s", obuf);
}
#endif
- log_info ("Sent update request message to %s", state -> name);
+ if (status == ISC_R_SUCCESS) {
+ log_info("Sent update request message to %s", state -> name);
+ } else {
+ log_error("Failed to send update request all message to %s: %s",
+ state -> name, isc_result_totext(status));
+ }
return status;
}
@@ -4913,17 +4969,14 @@ isc_result_t dhcp_failover_send_update_request_all (dhcp_failover_state_t
if (!link -> outer || link -> outer -> type != omapi_type_connection)
return DHCP_R_INVALIDARG;
- /* If there is an UPDREQ in progress, then upgrade to UPDREQALL. */
- if (state -> curUPD && (state -> curUPD != FTM_UPDREQ))
- return ISC_R_ALREADYRUNNING;
+ /* We allow an update to be restarted in case we requested an update
+ * and were interrupted by something.
+ */
- status = (dhcp_failover_put_message
- (link, link -> outer,
- FTM_UPDREQALL, link->xid++,
- (failover_option_t *)0));
+ status = (dhcp_failover_put_message(link, link -> outer, FTM_UPDREQALL,
+ link -> xid++, NULL));
- if (status == ISC_R_SUCCESS)
- state -> curUPD = FTM_UPDREQALL;
+ state -> curUPD = FTM_UPDREQALL;
#if defined (DEBUG_FAILOVER_MESSAGES)
if (status != ISC_R_SUCCESS)
@@ -4933,7 +4986,12 @@ isc_result_t dhcp_failover_send_update_request_all (dhcp_failover_state_t
log_debug ("%s", obuf);
}
#endif
- log_info ("Sent update request all message to %s", state -> name);
+ if (status == ISC_R_SUCCESS) {
+ log_info("Sent update request all message to %s", state -> name);
+ } else {
+ log_error("Failed to send update request all message to %s: %s",
+ state -> name, isc_result_totext(status));
+ }
return status;
}

594
SOURCES/dhcp-4.2.5-lpf-ib.patch Normal file
View File

@ -0,0 +1,594 @@
diff -up dhcp-4.2.5/client/dhclient.c.lpf-ib dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.lpf-ib 2015-06-05 16:18:03.387948658 +0200
+++ dhcp-4.2.5/client/dhclient.c 2015-06-05 16:18:03.391948646 +0200
@@ -113,6 +113,8 @@ static int check_domain_name_list(const
static int check_option_values(struct universe *universe, unsigned int opt,
const char *ptr, size_t len);
+static void setup_ib_interface(struct interface_info *ip);
+
int
main(int argc, char **argv) {
int fd;
@@ -909,6 +911,14 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
+ /* Setup specific Infiniband options */
+ for (ip = interfaces; ip; ip = ip->next) {
+ if (ip->client &&
+ (ip->hw_address.hbuf[0] == HTYPE_INFINIBAND)) {
+ setup_ib_interface(ip);
+ }
+ }
+
/* Start a configuration state machine for each interface. */
#ifdef DHCPv6
if (local_family == AF_INET6) {
@@ -1185,6 +1195,29 @@ int find_subnet (struct subnet **sp,
return 0;
}
+static void setup_ib_interface(struct interface_info *ip)
+{
+ struct group *g;
+
+ /* Set the broadcast flag */
+ ip->client->config->bootp_broadcast_always = 1;
+
+ /*
+ * Find out if a dhcp-client-identifier option was specified either
+ * in the config file or on the command line
+ */
+ for (g = ip->client->config->on_transmission; g != NULL; g = g->next) {
+ if ((g->statements != NULL) &&
+ (strcmp(g->statements->data.option->option->name,
+ "dhcp-client-identifier") == 0)) {
+ return;
+ }
+ }
+
+ /* No client ID specified */
+ log_fatal("dhcp-client-identifier must be specified for InfiniBand");
+}
+
/* Individual States:
*
* Each routine is called from the dhclient_state_machine() in one of
diff -up dhcp-4.2.5/common/bpf.c.lpf-ib dhcp-4.2.5/common/bpf.c
--- dhcp-4.2.5/common/bpf.c.lpf-ib 2015-06-05 16:18:03.384948667 +0200
+++ dhcp-4.2.5/common/bpf.c 2015-06-05 16:18:03.392948643 +0200
@@ -198,11 +198,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
BPF_STMT(BPF_RET+BPF_K, 0),
};
+/* Packet filter program for DHCP over Infiniband.
+ *
+ * XXX
+ * Changes to the filter program may require changes to the constant offsets
+ * used in lpf_gen_filter_setup to patch the port in the BPF program!
+ * XXX
+ */
+struct bpf_insn dhcp_ib_bpf_filter [] = {
+ /* Packet filter for Infiniband */
+ /* Make sure it's a UDP packet... */
+ BPF_STMT(BPF_LD + BPF_B + BPF_ABS, 9),
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 0, 6),
+
+ /* Make sure this isn't a fragment... */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 6),
+ BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x1fff, 4, 0),
+
+ /* Get the IP header length... */
+ BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, 0),
+
+ /* Make sure it's to the right port... */
+ BPF_STMT(BPF_LD + BPF_H + BPF_IND, 2),
+ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 67, 0, 1),
+
+ /* If we passed all the tests, ask for the whole packet. */
+ BPF_STMT(BPF_RET + BPF_K, (u_int)-1),
+
+ /* Otherwise, drop it. */
+ BPF_STMT(BPF_RET + BPF_K, 0),
+};
+
#if defined (DEC_FDDI)
struct bpf_insn *bpf_fddi_filter;
#endif
int dhcp_bpf_filter_len = sizeof dhcp_bpf_filter / sizeof (struct bpf_insn);
+int dhcp_ib_bpf_filter_len = sizeof dhcp_ib_bpf_filter / sizeof (struct bpf_insn);
+
#if defined (HAVE_TR_SUPPORT)
struct bpf_insn dhcp_bpf_tr_filter [] = {
/* accept all token ring packets due to variable length header */
diff -up dhcp-4.2.5/common/lpf.c.lpf-ib dhcp-4.2.5/common/lpf.c
--- dhcp-4.2.5/common/lpf.c.lpf-ib 2015-06-05 16:18:03.384948667 +0200
+++ dhcp-4.2.5/common/lpf.c 2015-06-05 16:33:15.183955199 +0200
@@ -43,6 +43,7 @@
#include "includes/netinet/udp.h"
#include "includes/netinet/if_ether.h"
#include <net/if.h>
+#include <ifaddrs.h>
#ifndef PACKET_AUXDATA
#define PACKET_AUXDATA 8
@@ -60,6 +61,15 @@ struct tpacket_auxdata
/* Reinitializes the specified interface after an address change. This
is not required for packet-filter APIs. */
+/* Default broadcast address for IPoIB */
+static unsigned char default_ib_bcast_addr[20] = {
+ 0x00, 0xff, 0xff, 0xff,
+ 0xff, 0x12, 0x40, 0x1b,
+ 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00,
+ 0xff, 0xff, 0xff, 0xff
+};
+
#ifdef USE_LPF_SEND
void if_reinitialize_send (info)
struct interface_info *info;
@@ -87,10 +97,21 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
+ int type;
+ int protocol;
/* Make an LPF socket. */
- if ((sock = socket(PF_PACKET, SOCK_RAW,
- htons((short)ETH_P_ALL))) < 0) {
+ get_hw_addr(info);
+
+ if (info->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ type = SOCK_DGRAM;
+ protocol = ETHERTYPE_IP;
+ } else {
+ type = SOCK_RAW;
+ protocol = ETH_P_ALL;
+ }
+
+ if ((sock = socket(PF_PACKET, type, htons((short)protocol))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -113,6 +134,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
+ sa.ll.sll_protocol = htons(protocol);
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
@@ -128,8 +150,6 @@ int if_register_lpf (info)
log_fatal ("Bind socket to interface: %m");
}
- get_hw_addr(info->name, &info->hw_address);
-
return sock;
}
#endif /* USE_LPF_SEND || USE_LPF_RECEIVE */
@@ -184,6 +204,8 @@ void if_deregister_send (info)
in bpf includes... */
extern struct sock_filter dhcp_bpf_filter [];
extern int dhcp_bpf_filter_len;
+extern struct sock_filter dhcp_ib_bpf_filter [];
+extern int dhcp_ib_bpf_filter_len;
#if defined (HAVE_TR_SUPPORT)
extern struct sock_filter dhcp_bpf_tr_filter [];
@@ -201,11 +223,13 @@ void if_register_receive (info)
/* Open a LPF device and hang it on this interface... */
info -> rfdesc = if_register_lpf (info);
- val = 1;
- if (setsockopt (info -> rfdesc, SOL_PACKET, PACKET_AUXDATA, &val,
- sizeof val) < 0) {
- if (errno != ENOPROTOOPT)
- log_fatal ("Failed to set auxiliary packet data: %m");
+ if (info->hw_address.hbuf[0] != HTYPE_INFINIBAND) {
+ val = 1;
+ if (setsockopt (info -> rfdesc, SOL_PACKET, PACKET_AUXDATA,
+ &val, sizeof val) < 0) {
+ if (errno != ENOPROTOOPT)
+ log_fatal ("Failed to set auxiliary packet data: %m");
+ }
}
#if defined (HAVE_TR_SUPPORT)
@@ -251,15 +275,28 @@ static void lpf_gen_filter_setup (info)
memset(&p, 0, sizeof(p));
- /* Set up the bpf filter program structure. This is defined in
- bpf.c */
- p.len = dhcp_bpf_filter_len;
- p.filter = dhcp_bpf_filter;
-
- /* Patch the server port into the LPF program...
- XXX changes to filter program may require changes
- to the insn number(s) used below! XXX */
- dhcp_bpf_filter [8].k = ntohs ((short)local_port);
+ if (info->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ /* Set up the bpf filter program structure. */
+ p.len = dhcp_ib_bpf_filter_len;
+ p.filter = dhcp_ib_bpf_filter;
+
+ /* Patch the server port into the LPF program...
+ XXX
+ changes to filter program may require changes
+ to the insn number(s) used below!
+ XXX */
+ dhcp_ib_bpf_filter[6].k = ntohs ((short)local_port);
+ } else {
+ /* Set up the bpf filter program structure.
+ This is defined in bpf.c */
+ p.len = dhcp_bpf_filter_len;
+ p.filter = dhcp_bpf_filter;
+
+ /* Patch the server port into the LPF program...
+ XXX changes to filter program may require changes
+ to the insn number(s) used below! XXX */
+ dhcp_bpf_filter [8].k = ntohs ((short)local_port);
+ }
if (setsockopt (info -> rfdesc, SOL_SOCKET, SO_ATTACH_FILTER, &p,
sizeof p) < 0) {
@@ -316,6 +353,54 @@ static void lpf_tr_filter_setup (info)
#endif /* USE_LPF_RECEIVE */
#ifdef USE_LPF_SEND
+ssize_t send_packet_ib(interface, packet, raw, len, from, to, hto)
+ struct interface_info *interface;
+ struct packet *packet;
+ struct dhcp_packet *raw;
+ size_t len;
+ struct in_addr from;
+ struct sockaddr_in *to;
+ struct hardware *hto;
+{
+ unsigned ibufp = 0;
+ double ih [1536 / sizeof (double)];
+ unsigned char *buf = (unsigned char *)ih;
+ ssize_t result;
+
+ union sockunion {
+ struct sockaddr sa;
+ struct sockaddr_ll sll;
+ struct sockaddr_storage ss;
+ } su;
+
+ assemble_udp_ip_header (interface, buf, &ibufp, from.s_addr,
+ to->sin_addr.s_addr, to->sin_port,
+ (unsigned char *)raw, len);
+ memcpy (buf + ibufp, raw, len);
+
+ memset(&su, 0, sizeof(su));
+ su.sll.sll_family = AF_PACKET;
+ su.sll.sll_protocol = htons(ETHERTYPE_IP);
+
+ if (!(su.sll.sll_ifindex = if_nametoindex(interface->name))) {
+ errno = ENOENT;
+ log_error ("send_packet_ib: %m - failed to get if index");
+ return -1;
+ }
+
+ su.sll.sll_hatype = htons(HTYPE_INFINIBAND);
+ su.sll.sll_halen = sizeof(interface->bcast_addr);
+ memcpy(&su.sll.sll_addr, interface->bcast_addr, 20);
+
+ result = sendto(interface->wfdesc, buf, ibufp + len, 0,
+ &su.sa, sizeof(su));
+
+ if (result < 0)
+ log_error ("send_packet_ib: %m");
+
+ return result;
+}
+
ssize_t send_packet (interface, packet, raw, len, from, to, hto)
struct interface_info *interface;
struct packet *packet;
@@ -336,6 +421,11 @@ ssize_t send_packet (interface, packet,
return send_fallback (interface, packet, raw,
len, from, to, hto);
+ if (interface->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ return send_packet_ib(interface, packet, raw, len, from,
+ to, hto);
+ }
+
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
@@ -357,6 +447,42 @@ ssize_t send_packet (interface, packet,
#endif /* USE_LPF_SEND */
#ifdef USE_LPF_RECEIVE
+ssize_t receive_packet_ib (interface, buf, len, from, hfrom)
+ struct interface_info *interface;
+ unsigned char *buf;
+ size_t len;
+ struct sockaddr_in *from;
+ struct hardware *hfrom;
+{
+ int length = 0;
+ int offset = 0;
+ unsigned char ibuf [1536];
+ unsigned bufix = 0;
+ unsigned paylen;
+
+ length = read(interface->rfdesc, ibuf, sizeof(ibuf));
+
+ if (length <= 0)
+ return length;
+
+ offset = decode_udp_ip_header(interface, ibuf, bufix, from,
+ (unsigned)length, &paylen, 0);
+
+ if (offset < 0)
+ return 0;
+
+ bufix += offset;
+ length -= offset;
+
+ if (length < paylen)
+ log_fatal("Internal inconsistency at %s:%d.", MDL);
+
+ /* Copy out the data in the packet... */
+ memcpy(buf, &ibuf[bufix], paylen);
+
+ return (ssize_t)paylen;
+}
+
ssize_t receive_packet (interface, buf, len, from, hfrom)
struct interface_info *interface;
unsigned char *buf;
@@ -383,6 +509,10 @@ ssize_t receive_packet (interface, buf,
};
struct cmsghdr *cmsg;
+ if (interface->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ return receive_packet_ib(interface, buf, len, from, hfrom);
+ }
+
length = recvmsg (interface -> rfdesc, &msg, 0);
if (length <= 0)
return length;
@@ -462,11 +592,33 @@ void maybe_setup_fallback ()
}
}
-void
-get_hw_addr(const char *name, struct hardware *hw) {
+struct sockaddr_ll *
+get_ll (struct ifaddrs *ifaddrs, struct ifaddrs **ifa, char *name)
+{
+ for (*ifa = ifaddrs; *ifa != NULL; *ifa = (*ifa)->ifa_next) {
+ if ((*ifa)->ifa_addr == NULL)
+ continue;
+
+ if ((*ifa)->ifa_addr->sa_family != AF_PACKET)
+ continue;
+
+ if ((*ifa)->ifa_flags & IFF_LOOPBACK)
+ continue;
+
+ if (strcmp((*ifa)->ifa_name, name) == 0)
+ return (struct sockaddr_ll *)(void *)(*ifa)->ifa_addr;
+ }
+ *ifa = NULL;
+ return NULL;
+}
+
+struct sockaddr_ll *
+ioctl_get_ll(char *name)
+{
int sock;
struct ifreq tmp;
- struct sockaddr *sa;
+ struct sockaddr *sa = NULL;
+ struct sockaddr_ll *sll = NULL;
if (strlen(name) >= sizeof(tmp.ifr_name)) {
log_fatal("Device name too long: \"%s\"", name);
@@ -480,16 +632,61 @@ get_hw_addr(const char *name, struct har
memset(&tmp, 0, sizeof(tmp));
strcpy(tmp.ifr_name, name);
if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
- log_fatal("Error getting hardware address for \"%s\": %m",
+ log_fatal("Error getting hardware address for \"%s\": %m",
name);
}
+ close(sock);
sa = &tmp.ifr_hwaddr;
- switch (sa->sa_family) {
+ // needs to be freed outside this function
+ sll = dmalloc (sizeof (struct sockaddr_ll), MDL);
+ if (!sll)
+ log_fatal("Unable to allocate memory for link layer address");
+ memcpy(&sll->sll_hatype, &sa->sa_family, sizeof (sll->sll_hatype));
+ memcpy(sll->sll_addr, sa->sa_data, sizeof (sll->sll_addr));
+ switch (sll->sll_hatype) {
+ case ARPHRD_INFINIBAND:
+ sll->sll_halen = HARDWARE_ADDR_LEN_IOCTL;
+ break;
+ default:
+ break;
+ }
+ return sll;
+}
+
+void
+get_hw_addr(struct interface_info *info)
+{
+ struct hardware *hw = &info->hw_address;
+ char *name = info->name;
+ struct ifaddrs *ifaddrs = NULL;
+ struct ifaddrs *ifa = NULL;
+ struct sockaddr_ll *sll = NULL;
+ int sll_allocated = 0;
+ char *dup = NULL;
+ char *colon = NULL;
+
+ if (getifaddrs(&ifaddrs) == -1)
+ log_fatal("Failed to get interfaces");
+
+ if ((sll = get_ll(ifaddrs, &ifa, name)) == NULL) {
+ /*
+ * We were unable to get link-layer address for name.
+ * Fall back to ioctl(SIOCGIFHWADDR).
+ */
+ sll = ioctl_get_ll(name);
+ if (sll != NULL)
+ sll_allocated = 1;
+ else
+ // shouldn't happen
+ log_fatal("Unexpected internal error");
+ }
+
+ switch (sll->sll_hatype) {
case ARPHRD_ETHER:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_ETHER;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_IEEE802:
#ifdef ARPHRD_IEEE802_TR
@@ -497,18 +694,50 @@ get_hw_addr(const char *name, struct har
#endif /* ARPHRD_IEEE802_TR */
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_FDDI:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
+ break;
+ case ARPHRD_INFINIBAND:
+ dup = strdup(name);
+ /* Aliased infiniband interface is special case where
+ * neither get_ll() nor ioctl_get_ll() get's correct hw
+ * address, so we have to truncate the :0 and run
+ * get_ll() again for the rest.
+ */
+ if ((colon = strchr(dup, ':')) != NULL) {
+ *colon = '\0';
+ if ((sll = get_ll(ifaddrs, &ifa, dup)) == NULL)
+ log_fatal("Error getting hardware address for \"%s\": %m", name);
+ }
+ free (dup);
+ /* For Infiniband, save the broadcast address and store
+ * the port GUID into the hardware address.
+ */
+ if (ifa && (ifa->ifa_flags & IFF_BROADCAST)) {
+ struct sockaddr_ll *bll;
+
+ bll = (struct sockaddr_ll *)ifa->ifa_broadaddr;
+ memcpy(&info->bcast_addr, bll->sll_addr, 20);
+ } else {
+ memcpy(&info->bcast_addr, default_ib_bcast_addr,
+ 20);
+ }
+
+ hw->hlen = HARDWARE_ADDR_LEN_IOCTL + 1;
+ hw->hbuf[0] = HTYPE_INFINIBAND;
+ memcpy(&hw->hbuf[1],
+ &sll->sll_addr[sll->sll_halen - HARDWARE_ADDR_LEN_IOCTL],
+ HARDWARE_ADDR_LEN_IOCTL);
break;
#if defined(ARPHRD_PPP)
case ARPHRD_PPP:
if (local_family != AF_INET6)
- log_fatal("Unsupported device type %d for \"%s\"",
- sa->sa_family, name);
+ log_fatal("local_family != AF_INET6 for \"%s\"",
+ name);
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
@@ -521,10 +750,13 @@ get_hw_addr(const char *name, struct har
break;
#endif
default:
- log_fatal("Unsupported device type %ld for \"%s\"",
- (long int)sa->sa_family, name);
+ freeifaddrs(ifaddrs);
+ log_fatal("Unsupported device type %hu for \"%s\"",
+ sll->sll_hatype, name);
}
- close(sock);
+ if (sll_allocated)
+ dfree(sll, MDL);
+ freeifaddrs(ifaddrs);
}
#endif
diff -up dhcp-4.2.5/common/socket.c.lpf-ib dhcp-4.2.5/common/socket.c
--- dhcp-4.2.5/common/socket.c.lpf-ib 2013-01-03 01:02:24.000000000 +0100
+++ dhcp-4.2.5/common/socket.c 2015-06-05 16:18:03.392948643 +0200
@@ -325,7 +325,7 @@ void if_register_send (info)
info->wfdesc = if_register_socket(info, AF_INET, 0);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
#if defined (USE_SOCKET_FALLBACK)
/* Fallback only registers for send, but may need to receive as
well. */
@@ -388,7 +388,7 @@ void if_register_receive (info)
#endif /* IP_PKTINFO... */
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
if (!quiet_interface_discovery)
log_info ("Listening on Socket/%s%s%s",
@@ -498,7 +498,7 @@ if_register6(struct interface_info *info
if (req_multi)
if_register_multicast(info);
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
diff -up dhcp-4.2.5/includes/dhcpd.h.lpf-ib dhcp-4.2.5/includes/dhcpd.h
--- dhcp-4.2.5/includes/dhcpd.h.lpf-ib 2015-06-05 16:18:03.388948655 +0200
+++ dhcp-4.2.5/includes/dhcpd.h 2015-06-05 16:33:58.988803266 +0200
@@ -440,6 +440,9 @@ struct packet {
#define HARDWARE_ADDR_LEN 20
+/* ioctl limits hardware addresses to 8 bytes */
+#define HARDWARE_ADDR_LEN_IOCTL 8
+
struct hardware {
u_int8_t hlen;
u_int8_t hbuf[HARDWARE_ADDR_LEN + 1];
@@ -1249,6 +1252,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
+ u_int8_t bcast_addr[20]; /* Infiniband broadcast address */
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
@@ -2372,7 +2376,7 @@ void print_dns_status (int, struct dhcp_
#endif
const char *print_time(TIME);
-void get_hw_addr(const char *name, struct hardware *hw);
+void get_hw_addr(struct interface_info *info);
/* socket.c */
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_RECEIVE) \

157
SOURCES/dhcp-4.2.5-manpages.patch Normal file
View File

@ -0,0 +1,157 @@
diff -up dhcp-4.2.5b1/client/dhclient.conf.5.man dhcp-4.2.5b1/client/dhclient.conf.5
--- dhcp-4.2.5b1/client/dhclient.conf.5.man 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/client/dhclient.conf.5 2012-12-17 12:49:52.818451301 +0100
@@ -202,7 +202,8 @@ responding to the client send the client
options. Only the option names should be specified in the request
statement - not option parameters. By default, the DHCPv4 client
requests the subnet-mask, broadcast-address, time-offset, routers,
-domain-name, domain-name-servers and host-name options while the DHCPv6
+domain-search, domain-name, domain-name-servers, host-name, nis-domain,
+nis-servers, ntp-servers and interface-mtu options while the DHCPv6
client requests the dhcp6 name-servers and domain-search options. Note
that if you enter a \'request\' statement, you over-ride these defaults
and these options will not be requested.
@@ -688,6 +689,17 @@ know the DHCP service(s) anycast MAC add
client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
in a similar manner to the \fBhardware\fR statement.
.PP
+ \fBbootp-broadcast-always;\fR
+.PP
+The
+.B bootp-broadcast-always
+statement instructs dhclient to always set the bootp broadcast flag in
+request packets, so that servers will always broadcast replies.
+This is equivalent to supplying the dhclient -B argument, and has
+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
+This option is provided as an extension to enable dhclient to work
+on IBM s390 Linux guests.
+.PP
.SH SAMPLE
The following configuration file is used on a laptop running NetBSD
1.3. The laptop has an IP alias of 192.5.5.213, and has one
@@ -713,7 +725,7 @@ interface "ep0" {
supersede domain-search "fugue.com", "rc.vix.com", "home.vix.com";
prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
- domain-name, domain-name-servers, host-name;
+ domain-search, domain-name, domain-name-servers, host-name;
require subnet-mask, domain-name-servers;
script "CLIENTBINDIR/dhclient-script";
media "media 10baseT/UTP", "media 10base2/BNC";
diff -up dhcp-4.2.5b1/client/dhclient-script.8.man dhcp-4.2.5b1/client/dhclient-script.8
--- dhcp-4.2.5b1/client/dhclient-script.8.man 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/client/dhclient-script.8 2012-12-17 12:47:48.410130998 +0100
@@ -48,7 +48,7 @@ customizations are needed, they should b
exit hooks provided (see HOOKS for details). These hooks will allow the
user to override the default behaviour of the client in creating a
.B /etc/resolv.conf
-file.
+file, and to handle DHCP options not handled by default.
.PP
No standard client script exists for some operating systems, even though
the actual client may work, so a pioneering user may well need to create
@@ -92,6 +92,26 @@ present. The
.B ETCDIR/dhclient-exit-hooks
script can modify the valid of exit_status to change the exit status
of dhclient-script.
+.PP
+Immediately after dhclient brings an interface UP with a new IP address,
+subnet mask, and routes, in the REBOOT/BOUND states, it will check for the
+existence of an executable
+.B ETCDIR/dhclient-up-hooks
+script, and source it if found. This script can handle DHCP options in
+the environment that are not handled by default. A per-interface.
+.B ETCDIR/dhclient-${IF}-up-hooks
+script will override the generic script and be sourced when interface
+$IF has been brought up.
+.PP
+Immediately before dhclient brings an interface DOWN, removing its IP
+address, subnet mask, and routes, in the STOP/RELEASE states, it will
+check for the existence of an executable
+.B ETCDIR/dhclient-down-hooks
+script, and source it if found. This script can handle DHCP options in
+the environment that are not handled by default. A per-interface
+.B ETCDIR/dhclient-${IF}-down-hooks
+script will override the generic script and be sourced when interface
+$IF is about to be brought down.
.SH OPERATION
When dhclient needs to invoke the client configuration script, it
defines a set of variables in the environment, and then invokes
diff -up dhcp-4.2.5b1/common/dhcp-options.5.man dhcp-4.2.5b1/common/dhcp-options.5
--- dhcp-4.2.5b1/common/dhcp-options.5.man 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/common/dhcp-options.5 2012-12-17 12:47:48.411130985 +0100
@@ -914,6 +914,21 @@ classless IP routing - it does not inclu
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
+.PP
+NOTE to Fedora dhclient users:
+.br
+dhclient-script interprets trailing 0 octets of the target as indicating
+the subnet class of the route, so for the following static-routes value:
+.br
+ option static-routes 172.0.0.0 172.16.2.254,
+.br
+ 192.168.0.0 192.168.2.254;
+.br
+dhclient-script will create routes:
+.br
+ 172/8 via 172.16.2.254 dev $interface
+.br
+ 192.168/16 via 192.168.2.254 dev $interface
.RE
.PP
.nf
diff -up dhcp-4.2.5b1/server/dhcpd.conf.5.man dhcp-4.2.5b1/server/dhcpd.conf.5
--- dhcp-4.2.5b1/server/dhcpd.conf.5.man 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/server/dhcpd.conf.5 2012-12-17 12:50:52.117650542 +0100
@@ -519,6 +519,9 @@ pool {
};
.fi
.PP
+Dynamic BOOTP leases are not compatible with failover, and, as such,
+you need to disallow BOOTP in pools that you are using failover for.
+.PP
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
@@ -533,9 +536,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.vix.com;
- port 519;
+ port 647;
peer address trantor.rc.vix.com;
- peer port 520;
+ peer port 847;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
@@ -1318,7 +1321,7 @@ the zone containing PTR records - for IS
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -1341,7 +1344,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -2555,7 +2558,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
\fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
-be a numeric IP address or a domain name.
+be a numeric IP address or a domain name. If no \fInext-server\fR statement
+applies to a given client, the address 0.0.0.0 is used.
.RE
.PP
The

72
SOURCES/dhcp-4.2.5-next-server.patch Normal file
View File

@ -0,0 +1,72 @@
From f113ad7822fcd691e72f61cab7412595951222db Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Wed, 3 Apr 2013 10:20:18 +0200
Subject: [PATCH] Expose next-server DHCPv4 option to dhclient script

Currently dhclient does not exposes next-server option
to the dhclient script. this patch fixes this.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
---
client/dhclient.c | 14 +++++++++++---
includes/dhcpd.h | 2 +-
2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/client/dhclient.c b/client/dhclient.c
index 551ccbf..e8df320 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -993,7 +993,7 @@ void state_selecting (cpp)
client -> state = S_REQUESTING;
/* Bind to the address we received. */
- bind_lease (client);
+ bind_lease (client, NULL);
return;
}
@@ -1183,11 +1183,12 @@ void dhcpack (packet)
if (client -> new -> rebind < cur_time)
client -> new -> rebind = TIME_MAX;
- bind_lease (client);
+ bind_lease (client, &packet -> raw -> siaddr);
}
-void bind_lease (client)
+void bind_lease (client, siaddr)
struct client_state *client;
+ struct in_addr *siaddr;
{
struct timeval tv;
@@ -1209,6 +1210,13 @@ void bind_lease (client)
if (client -> alias)
script_write_params (client, "alias_", client -> alias);
+ if (siaddr) {
+ char buf[INET_ADDRSTRLEN];
+
+ if (inet_ntop (AF_INET, (void *) siaddr, buf, sizeof (buf)))
+ client_envadd (client, "new_", "next_server", "%s", buf);
+ }
+
/* If the BOUND/RENEW code detects another machine using the
offered address, it exits nonzero. We need to send a
DHCPDECLINE and toss the lease. */
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 12ed2ba..4e93e68 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2712,7 +2712,7 @@ void state_bound (void *);
void state_stop (void *);
void state_panic (void *);
-void bind_lease (struct client_state *);
+void bind_lease (struct client_state *, struct in_addr *);
void make_client_options (struct client_state *,
struct client_lease *, u_int8_t *,
--
1.8.1.4

40
SOURCES/dhcp-4.2.5-omapi-leak.patch Normal file
View File

@ -0,0 +1,40 @@
diff -up dhcp-4.2.5/common/comapi.c.leak dhcp-4.2.5/common/comapi.c
diff -up dhcp-4.2.5/server/db.c.leak dhcp-4.2.5/server/db.c
--- dhcp-4.2.5/server/db.c.leak 2013-07-02 13:34:56.000000000 +0200
+++ dhcp-4.2.5/server/db.c 2013-07-02 13:37:06.335729135 +0200
@@ -414,6 +414,7 @@ int write_host (host)
fputc (';', db_file);
if (errno)
++errors;
+ data_string_forget (&ip_addrs, MDL);
}
if (host -> named_group) {
diff -up dhcp-4.2.5/server/omapi.c.leak dhcp-4.2.5/server/omapi.c
--- dhcp-4.2.5/server/omapi.c.leak 2013-01-03 01:02:25.000000000 +0100
+++ dhcp-4.2.5/server/omapi.c 2013-07-02 13:41:05.701429114 +0200
@@ -1179,8 +1179,6 @@ isc_result_t dhcp_host_destroy (omapi_ob
if (h -> type != dhcp_type_host)
return DHCP_R_INVALIDARG;
-#if defined (DEBUG_MEMORY_LEAKAGE) || \
- defined (DEBUG_MEMORY_LEAKAGE_ON_EXIT)
struct host_decl *host = (struct host_decl *)h;
if (host -> n_ipaddr)
host_dereference (&host -> n_ipaddr, file, line);
@@ -1199,7 +1197,6 @@ isc_result_t dhcp_host_destroy (omapi_ob
omapi_object_dereference ((omapi_object_t **)
&host -> named_group, file, line);
data_string_forget (&host -> auth_key_id, file, line);
-#endif
return ISC_R_SUCCESS;
}
@@ -1285,6 +1282,7 @@ isc_result_t dhcp_host_stuff_values (oma
ip_addrs.data, ip_addrs.len);
if (status != ISC_R_SUCCESS)
return status;
+ data_string_forget (&ip_addrs, MDL);
}
if (host -> client_identifier.len) {

41
SOURCES/dhcp-4.2.5-options_overflow.patch Normal file
View File

@ -0,0 +1,41 @@
diff --git a/common/options.c b/common/options.c
index 83e0384..8a1deca 100644
--- a/common/options.c
+++ b/common/options.c
@@ -1672,7 +1672,8 @@ format_min_length(format, oc)
/* Format the specified option so that a human can easily read it. */
-
+/* Maximum pretty printed size */
+#define MAX_OUTPUT_SIZE 32*1024
const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
struct option *option;
const unsigned char *data;
@@ -1680,8 +1681,9 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
int emit_commas;
int emit_quotes;
{
- static char optbuf [32768]; /* XXX */
- static char *endbuf = &optbuf[sizeof(optbuf)];
+ /* We add 128 byte pad so we don't have to add checks everywhere. */
+ static char optbuf [MAX_OUTPUT_SIZE + 128]; /* XXX */
+ static char *endbuf = optbuf + MAX_OUTPUT_SIZE;
int hunksize = 0;
int opthunk = 0;
int hunkinc = 0;
@@ -2132,7 +2134,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
log_error ("Unexpected format code %c",
fmtbuf [j]);
}
+
op += strlen (op);
+ if (op >= endbuf) {
+ log_error ("Option data exceeds"
+ " maximum size %d", MAX_OUTPUT_SIZE);
+ return ("<error>");
+ }
+
if (dp == data + len)
break;
if (j + 1 < numelem && comma != ':')

202
SOURCES/dhcp-4.2.5-paranoia.patch Normal file
View File

@ -0,0 +1,202 @@
diff -up dhcp-4.2.5/client/dhclient.c.paranoia dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.paranoia 2013-03-26 13:14:50.574542083 +0100
+++ dhcp-4.2.5/client/dhclient.c 2013-03-26 13:14:50.584541964 +0100
@@ -1698,11 +1698,6 @@ int write_host (host)
return 0;
}
-void db_startup (testp)
- int testp;
-{
-}
-
void bootp (packet)
struct packet *packet;
{
diff -up dhcp-4.2.5/includes/dhcpd.h.paranoia dhcp-4.2.5/includes/dhcpd.h
--- dhcp-4.2.5/includes/dhcpd.h.paranoia 2013-03-26 13:14:50.576542059 +0100
+++ dhcp-4.2.5/includes/dhcpd.h 2013-03-26 13:14:50.585541952 +0100
@@ -2798,7 +2798,11 @@ void commit_leases_timeout (void *);
void commit_leases_readerdry(void *);
int commit_leases (void);
int commit_leases_timed (void);
+#if defined (PARANOIA)
+void db_startup (int, uid_t, gid_t);
+#else
void db_startup (int);
+#endif /* PARANOIA */
int new_lease_file (void);
int group_writer (struct group_object *);
int write_ia(const struct ia_xx *);
diff -up dhcp-4.2.5/server/confpars.c.paranoia dhcp-4.2.5/server/confpars.c
--- dhcp-4.2.5/server/confpars.c.paranoia 2013-03-26 13:14:50.522542705 +0100
+++ dhcp-4.2.5/server/confpars.c 2013-03-26 13:14:50.587541928 +0100
@@ -224,7 +224,11 @@ void trace_conf_input (trace_type_t *tty
}
if (!leaseconf_initialized && ttype == trace_readleases_type) {
+#if defined (PARANOIA)
+ db_startup (0, 0, 0);
+#else
db_startup (0);
+#endif /* PARANOIA */
leaseconf_initialized = 1;
postdb_startup ();
}
diff -up dhcp-4.2.5/server/db.c.paranoia dhcp-4.2.5/server/db.c
--- dhcp-4.2.5/server/db.c.paranoia 2013-03-26 13:14:50.522542705 +0100
+++ dhcp-4.2.5/server/db.c 2013-03-26 13:14:50.588541916 +0100
@@ -47,6 +47,10 @@ static int counting = 0;
static int count = 0;
TIME write_time;
int lease_file_is_corrupt = 0;
+#if defined (PARANOIA)
+uid_t global_set_uid = 0;
+gid_t global_set_gid = 0;
+#endif /* PARANOIA */
/* Write a single binding scope value in parsable format.
*/
@@ -1026,8 +1030,11 @@ int commit_leases_timed()
return (1);
}
-void db_startup (testp)
- int testp;
+#if defined (PARANOIA)
+void db_startup (int testp, uid_t set_uid, gid_t set_gid)
+#else
+void db_startup (int testp)
+#endif /* PARANOIA */
{
isc_result_t status;
@@ -1046,6 +1053,11 @@ void db_startup (testp)
}
#endif
+#if defined (PARANOIA)
+ global_set_uid = set_uid;
+ global_set_gid = set_gid;
+#endif /* PARANOIA */
+
#if defined (TRACING)
/* If we're playing back, there is no lease file, so we can't
append it, so we create one immediately (maybe this isn't
@@ -1108,6 +1120,17 @@ int new_lease_file ()
log_error ("Can't create new lease file: %m");
return 0;
}
+
+#if defined (PARANOIA)
+ if (global_set_uid && !geteuid() &&
+ global_set_gid && !getegid())
+ if (fchown(db_fd, global_set_uid, global_set_gid)) {
+ log_fatal ("Can't chown new lease file: %m");
+ close(db_fd);
+ goto fdfail;
+ }
+#endif /* PARANOIA */
+
if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
diff -up dhcp-4.2.5/server/dhcpd.8.paranoia dhcp-4.2.5/server/dhcpd.8
--- dhcp-4.2.5/server/dhcpd.8.paranoia 2013-01-03 01:02:25.000000000 +0100
+++ dhcp-4.2.5/server/dhcpd.8 2013-03-26 13:28:16.576604471 +0100
@@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto
.I trace-output-file
]
[
+.B -user
+.I user
+]
+[
+.B -group
+.I group
+]
+[
+.B -chroot
+.I dir
+]
+[
.B -play
.I trace-playback-file
]
@@ -269,6 +281,15 @@ lease file.
.TP
.BI --version
Print version number and exit.
+.TP
+.BI \-user \ user
+Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports.
+.TP
+.BI \-group \ group
+Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports.
+.TP
+.BI \-chroot \ dir
+Chroot to directory after processing the command line arguments, but before reading the configuration file.
.PP
.I Modifying default file locations:
The following options can be used to modify the locations
diff -up dhcp-4.2.5/server/dhcpd.c.paranoia dhcp-4.2.5/server/dhcpd.c
--- dhcp-4.2.5/server/dhcpd.c.paranoia 2013-03-26 13:14:50.523542693 +0100
+++ dhcp-4.2.5/server/dhcpd.c 2013-03-26 13:14:50.589541904 +0100
@@ -702,7 +702,11 @@ main(int argc, char **argv) {
group_write_hook = group_writer;
/* Start up the database... */
+#if defined (PARANOIA)
+ db_startup (lftest, set_uid, set_gid);
+#else
db_startup (lftest);
+#endif /* PARANOIA */
if (lftest)
exit (0);
@@ -773,22 +777,6 @@ main(int argc, char **argv) {
exit (0);
}
-#if defined (PARANOIA)
- /* change uid to the specified one */
-
- if (set_gid) {
- if (setgroups (0, (void *)0))
- log_fatal ("setgroups: %m");
- if (setgid (set_gid))
- log_fatal ("setgid(%d): %m", (int) set_gid);
- }
-
- if (set_uid) {
- if (setuid (set_uid))
- log_fatal ("setuid(%d): %m", (int) set_uid);
- }
-#endif /* PARANOIA */
-
/*
* Deal with pid files. If the user told us
* not to write a file we don't read one either
@@ -825,6 +813,22 @@ main(int argc, char **argv) {
}
}
+#if defined (PARANOIA)
+ /* change uid to the specified one */
+
+ if (set_gid) {
+ if (setgroups (0, (void *)0))
+ log_fatal ("setgroups: %m");
+ if (setgid (set_gid))
+ log_fatal ("setgid(%d): %m", (int) set_gid);
+ }
+
+ if (set_uid) {
+ if (setuid (set_uid))
+ log_fatal ("setuid(%d): %m", (int) set_uid);
+ }
+#endif /* PARANOIA */
+
/* If we were requested to log to stdout on the command line,
keep doing so; otherwise, stop. */
if (log_perror == -1)

14
SOURCES/dhcp-4.2.5-powerel-branding.patch Normal file
View File

@ -0,0 +1,14 @@
diff -uNrp dhcp-4.1.1-P1.orig/omapip/errwarn.c dhcp-4.1.1-P1/omapip/errwarn.c
--- dhcp-4.1.1-P1.orig/omapip/errwarn.c 2012-08-15 14:04:33.149141000 +0000
+++ dhcp-4.1.1-P1/omapip/errwarn.c 2012-08-15 14:13:05.582416057 +0000
@@ -81,8 +81,8 @@ void log_fatal (const char * fmt, ... )
log_error ("have been made to the base software release in order to make");
log_error ("it work better with this distribution.");
log_error ("%s", "");
- log_error ("Please report for this software via the Red Hat Bugzilla site:");
- log_error (" http://bugzilla.redhat.com");
+ log_error ("Please report for this software via the PowerEL Bugzilla system:");
+ log_error (" http://bugzilla.powerel.org/");
log_error ("%s", "");
log_error ("exiting.");
#endif

42
SOURCES/dhcp-4.2.5-range6.patch Normal file
View File

@ -0,0 +1,42 @@
diff --git a/server/confpars.c b/server/confpars.c
index 12ab0e6..4454be9 100644
--- a/server/confpars.c
+++ b/server/confpars.c
@@ -3756,6 +3756,19 @@ add_ipv6_pool_to_subnet(struct subnet *subnet, u_int16_t type,
share->ipv6_pools[num_pools+1] = NULL;
}
+static void
+check_addr_in_subnet(struct subnet *subnet, struct iaddr *addr) {
+ char lowbuf [INET6_ADDRSTRLEN], netbuf [INET6_ADDRSTRLEN];
+
+ if (!addr_eq(subnet->net, subnet_number(*addr, subnet->netmask))) {
+ strcpy(lowbuf, piaddr(*addr));
+ strcpy(netbuf, piaddr(subnet->net));
+ log_fatal("bad range6, address %s not in subnet6 %s/%d",
+ lowbuf, netbuf, subnet->prefix_len);
+ }
+
+}
+
/* address-range6-declaration :== ip-address6 ip-address6 SEMI
| ip-address6 SLASH number SEMI
| ip-address6 [SLASH number] TEMPORARY SEMI */
@@ -3788,6 +3801,8 @@ parse_address_range6(struct parse *cfile, struct group *group) {
return;
}
+ check_addr_in_subnet(group->subnet, &lo);
+
/*
* See if we we're using range or CIDR notation or TEMPORARY
*/
@@ -3855,6 +3870,8 @@ parse_address_range6(struct parse *cfile, struct group *group) {
return;
}
+ check_addr_in_subnet(group->subnet, &hi);
+
/*
* Convert our range to a set of CIDR networks.
*/

52
SOURCES/dhcp-4.2.5-reap_orphan_sockets.patch Normal file
View File

@ -0,0 +1,52 @@
commit ccff9ed69d0b26d33ce9cac8e83dab535b64d627
Author: Thomas Markwalder <tmark@isc.org>
Date: Tue Dec 5 15:12:34 2017 -0500

[46767] Plugged a socket descriptor leak in OMAPI
If disconnect is triggered by the reader closing the socket, while there
is data left to write, the socket would be orphaned.
omapip/buffer.c
omapi_connection_writea() - added logic to recall disconnect once
pending data has been written
omapip/message.c
Removed static declaration from omapi_message_unregister so you can
actually compile when DEBUG_PROTOCOL is defined.
Added a release note

diff --git a/omapip/buffer.c b/omapip/buffer.c
index 6e0621b..a21f0a8 100644
--- a/omapip/buffer.c
+++ b/omapip/buffer.c
@@ -565,6 +565,15 @@ isc_result_t omapi_connection_writer (omapi_object_t *h)
omapi_buffer_dereference (&buffer, MDL);
}
}
+
+ /* If we had data left to write when we're told to disconnect,
+ * we need recall disconnect, now that we're done writing.
+ * See rt46767. */
+ if (c->out_bytes == 0 && c->state == omapi_connection_disconnecting) {
+ omapi_disconnect (h, 1);
+ return ISC_R_SHUTTINGDOWN;
+ }
+
return ISC_R_SUCCESS;
}
diff --git a/omapip/message.c b/omapip/message.c
index ee15d82..37abbd2 100644
--- a/omapip/message.c
+++ b/omapip/message.c
@@ -339,7 +339,7 @@ isc_result_t omapi_message_unregister (omapi_object_t *mo)
}
#ifdef DEBUG_PROTOCOL
-static const char *omapi_message_op_name(int op) {
+const char *omapi_message_op_name(int op) {
switch (op) {
case OMAPI_OP_OPEN: return "OMAPI_OP_OPEN";
case OMAPI_OP_REFRESH: return "OMAPI_OP_REFRESH";

13
SOURCES/dhcp-4.2.5-reference_count_overflow.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/common/options.c b/common/options.c
index 83e0384..a58c5fc 100644
--- a/common/options.c
+++ b/common/options.c
@@ -189,6 +189,8 @@ int parse_option_buffer (options, buffer, length, universe)
/* If the length is outrageous, the options are bad. */
if (offset + len > length) {
+ /* Avoid reference count overflow */
+ option_dereference(&option, MDL);
reason = "option length exceeds option buffer length";
bogus:
log_error("parse_option_buffer: malformed option "

164
SOURCES/dhcp-4.2.5-remove-bind.patch Normal file
View File

@ -0,0 +1,164 @@
diff -up dhcp-4.2.5b1/client/Makefile.am.remove-bind dhcp-4.2.5b1/client/Makefile.am
--- dhcp-4.2.5b1/client/Makefile.am.remove-bind 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/client/Makefile.am 2012-12-17 16:20:58.692538252 +0100
@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../bind/lib/libdns.a ../bind/lib/libisc.a
+ $(BIND9_LIBDIR) -ldns-export -lisc-export
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/common/tests/Makefile.am.remove-bind dhcp-4.2.5b1/common/tests/Makefile.am
--- dhcp-4.2.5b1/common/tests/Makefile.am.remove-bind 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/common/tests/Makefile.am 2012-12-17 16:20:58.693538239 +0100
@@ -13,8 +13,8 @@ ATF_TESTS += alloc_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
alloc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a ../../bind/lib/libdns.a \
- ../../bind/lib/libisc.a
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -ldns-export -lisc-export
check: $(ATF_TESTS)
atf-run | atf-report
diff -up dhcp-4.2.5b1/configure.ac.remove-bind dhcp-4.2.5b1/configure.ac
--- dhcp-4.2.5b1/configure.ac.remove-bind 2012-12-05 02:18:44.000000000 +0100
+++ dhcp-4.2.5b1/configure.ac 2012-12-17 16:20:58.693538239 +0100
@@ -581,20 +581,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
libbind=
AC_ARG_WITH(libbind,
AC_HELP_STRING([--with-libbind=PATH],
- [bind includes and libraries are in PATH
- (default is ./bind)]),
+ [bind includes are in PATH
+ (default is ./bind/includes)]),
use_libbind="$withval", use_libbind="no")
case "$use_libbind" in
+yes|no)
+ libbind="\${top_srcdir}/bind/include"
+ ;;
+*)
+ libbind="$use_libbind"
+ ;;
+esac
+
+BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
+AC_ARG_WITH(libbind-libs,
+ AC_HELP_STRING([--with-libbind-libs=PATH],
+ [bind9 export libraries are in PATH]),
+ [libbind_libs="$withval"], [libbind_libs='no'])
+case "$libbind_libs" in
yes)
- libbind="\${top_srcdir}/bind"
+ AC_MSG_ERROR([Specify path to bind9 libraries])
;;
no)
- libbind="\${top_srcdir}/bind"
+ BUNDLED_BIND=yes
;;
*)
- libbind="$use_libbind"
+ BIND9_LIBDIR="-L$libbind_libs"
+ BUNDLED_BIND=no
;;
esac
+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
+AC_SUBST([BIND9_LIBDIR])
# OpenLDAP support.
AC_ARG_WITH(ldap,
@@ -631,7 +648,7 @@ fi
CFLAGS="$CFLAGS $STD_CWARNINGS"
# Try to add the bind include directory
-CFLAGS="$CFLAGS -I$libbind/include"
+CFLAGS="$CFLAGS -I$libbind"
AC_C_FLEXIBLE_ARRAY_MEMBER
diff -up dhcp-4.2.5b1/dhcpctl/Makefile.am.remove-bind dhcp-4.2.5b1/dhcpctl/Makefile.am
--- dhcp-4.2.5b1/dhcpctl/Makefile.am.remove-bind 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/dhcpctl/Makefile.am 2012-12-17 16:20:58.693538239 +0100
@@ -6,10 +6,10 @@ EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
- ../bind/lib/libdns.a ../bind/lib/libisc.a
+ $(BIND9_LIBDIR) -ldns-export -lisc-export
libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
cltest_SOURCES = cltest.c
cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
- ../bind/lib/libdns.a ../bind/lib/libisc.a
\ No newline at end of file
+ $(BIND9_LIBDIR) -ldns-export -lisc-export
diff -up dhcp-4.2.5b1/Makefile.am.remove-bind dhcp-4.2.5b1/Makefile.am
--- dhcp-4.2.5b1/Makefile.am.remove-bind 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/Makefile.am 2012-12-17 16:20:58.693538239 +0100
@@ -22,7 +22,13 @@ EXTRA_DIST = RELNOTES LICENSE \
bind/Makefile bind/bind.tar.gz bind/version.tmp \
common/tests/Atffile server/tests/Atffile
-SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
+if BUNDLED_BIND
+SUBDIRS = bind
+else
+SUBDIRS =
+endif
+
+SUBDIRS += includes tests common dst omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.2.5b1/omapip/Makefile.am.remove-bind dhcp-4.2.5b1/omapip/Makefile.am
--- dhcp-4.2.5b1/omapip/Makefile.am.remove-bind 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/omapip/Makefile.am 2012-12-17 16:20:58.693538239 +0100
@@ -10,5 +10,5 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
svtest_SOURCES = test.c
-svtest_LDADD = libomapi.a ../bind/lib/libdns.a ../bind/lib/libisc.a
+svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
diff -up dhcp-4.2.5b1/relay/Makefile.am.remove-bind dhcp-4.2.5b1/relay/Makefile.am
--- dhcp-4.2.5b1/relay/Makefile.am.remove-bind 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/relay/Makefile.am 2012-12-17 16:20:58.694538225 +0100
@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../bind/lib/libdns.a ../bind/lib/libisc.a
+ $(BIND9_LIBDIR) -ldns-export -lisc-export
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/server/Makefile.am.remove-bind dhcp-4.2.5b1/server/Makefile.am
--- dhcp-4.2.5b1/server/Makefile.am.remove-bind 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/server/Makefile.am 2012-12-17 16:20:58.694538225 +0100
@@ -14,8 +14,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../dhcpctl/libdhcpctl.a ../bind/lib/libdns.a \
- ../bind/lib/libisc.a
+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/server/tests/Makefile.am.remove-bind dhcp-4.2.5b1/server/tests/Makefile.am
--- dhcp-4.2.5b1/server/tests/Makefile.am.remove-bind 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/server/tests/Makefile.am 2012-12-17 16:26:01.093346768 +0100
@@ -18,8 +18,7 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ldap.c ../ldap_casa.c ../dhcpd.c
DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/bind/lib/libdns.a \
- $(top_builddir)/bind/lib/libisc.a
+ $(top_builddir)/dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
ATF_TESTS =
TESTS =

405
SOURCES/dhcp-4.2.5-rfc3442-classless-static-routes.patch Normal file
View File

@ -0,0 +1,405 @@
diff -up dhcp-4.2.5b1/client/clparse.c.rfc3442 dhcp-4.2.5b1/client/clparse.c
--- dhcp-4.2.5b1/client/clparse.c.rfc3442 2012-12-17 13:23:34.387564654 +0100
+++ dhcp-4.2.5b1/client/clparse.c 2012-12-17 13:23:34.437563996 +0100
@@ -37,7 +37,7 @@
struct client_config top_level_config;
-#define NUM_DEFAULT_REQUESTED_OPTS 14
+#define NUM_DEFAULT_REQUESTED_OPTS 15
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
@@ -90,7 +90,11 @@ isc_result_t read_client_conf ()
dhcp_universe.code_hash, &code, 0, MDL);
/* 4 */
- code = DHO_ROUTERS;
+ /* The Classless Static Routes option code MUST appear in the parameter
+ * request list prior to both the Router option code and the Static
+ * Routes option code, if present. (RFC3442)
+ */
+ code = DHO_CLASSLESS_STATIC_ROUTES;
option_code_hash_lookup(&default_requested_options[3],
dhcp_universe.code_hash, &code, 0, MDL);
@@ -144,6 +148,11 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[13],
dhcp_universe.code_hash, &code, 0, MDL);
+ /* 15 */
+ code = DHO_ROUTERS;
+ option_code_hash_lookup(&default_requested_options[14],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
diff -up dhcp-4.2.5b1/common/dhcp-options.5.rfc3442 dhcp-4.2.5b1/common/dhcp-options.5
--- dhcp-4.2.5b1/common/dhcp-options.5.rfc3442 2012-12-17 13:23:34.376564797 +0100
+++ dhcp-4.2.5b1/common/dhcp-options.5 2012-12-17 13:25:18.435141385 +0100
@@ -116,6 +116,26 @@ hexadecimal, separated by colons. For e
or
option dhcp-client-identifier 43:4c:49:45:54:2d:46:4f:4f;
.fi
+.PP
+The
+.B destination-descriptor
+describe the IP subnet number and subnet mask
+of a particular destination using a compact encoding. This encoding
+consists of one octet describing the width of the subnet mask,
+followed by all the significant octets of the subnet number.
+The following table contains some examples of how various subnet
+number/mask combinations can be encoded:
+.nf
+.sp 1
+Subnet number Subnet mask Destination descriptor
+0 0 0
+10.0.0.0 255.0.0.0 8.10
+10.0.0.0 255.255.255.0 24.10.0.0
+10.17.0.0 255.255.0.0 16.10.17
+10.27.129.0 255.255.255.0 24.10.27.129
+10.229.0.128 255.255.255.128 25.10.229.0.128
+10.198.122.47 255.255.255.255 32.10.198.122.47
+.fi
.SH SETTING OPTION VALUES USING EXPRESSIONS
Sometimes it's helpful to be able to set the value of a DHCP option
based on some value that the client has sent. To do this, you can
@@ -932,6 +952,29 @@ dhclient-script will create routes:
.RE
.PP
.nf
+.B option \fBclassless-static-routes\fR \fIdestination-descriptor ip-address\fR
+ [\fB,\fR \fIdestination-descriptor ip-address\fR...]\fB;\fR
+.fi
+.RS 0.25i
+.PP
+This option (see RFC3442) specifies a list of classless static routes
+that the client should install in its routing cache.
+.PP
+This option can contain one or more static routes, each of which
+consists of a destination descriptor and the IP address of the router
+that should be used to reach that destination.
+.PP
+Many clients may not implement the Classless Static Routes option.
+DHCP server administrators should therefore configure their DHCP
+servers to send both a Router option and a Classless Static Routes
+option, and should specify the default router(s) both in the Router
+option and in the Classless Static Routes option.
+.PP
+If the DHCP server returns both a Classless Static Routes option and
+a Router option, the DHCP client ignores the Router option.
+.RE
+.PP
+.nf
.B option \fBstreettalk-directory-assistance-server\fR \fIip-address\fR
[\fB,\fR \fIip-address\fR...]\fB;\fR
.fi
diff -up dhcp-4.2.5b1/common/inet.c.rfc3442 dhcp-4.2.5b1/common/inet.c
--- dhcp-4.2.5b1/common/inet.c.rfc3442 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/common/inet.c 2012-12-17 13:23:34.440563957 +0100
@@ -528,6 +528,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
return ISC_R_SUCCESS;
}
+static const char *
+inet_ntopdd(const unsigned char *src, unsigned srclen, char *dst, size_t size)
+{
+ char tmp[sizeof("32.255.255.255.255")];
+ int len;
+
+ switch (srclen) {
+ case 2:
+ len = sprintf (tmp, "%u.%u", src[0], src[1]);
+ break;
+ case 3:
+ len = sprintf (tmp, "%u.%u.%u", src[0], src[1], src[2]);
+ break;
+ case 4:
+ len = sprintf (tmp, "%u.%u.%u.%u", src[0], src[1], src[2], src[3]);
+ break;
+ case 5:
+ len = sprintf (tmp, "%u.%u.%u.%u.%u", src[0], src[1], src[2], src[3], src[4]);
+ break;
+ default:
+ return NULL;
+ }
+ if (len < 0)
+ return NULL;
+
+ if (len > size) {
+ errno = ENOSPC;
+ return NULL;
+ }
+
+ return strcpy (dst, tmp);
+}
+
+/* pdestdesc() turns an iaddr structure into a printable dest. descriptor */
+const char *
+pdestdesc(const struct iaddr addr) {
+ static char pbuf[sizeof("255.255.255.255.255")];
+
+ if (addr.len == 0) {
+ return "<null destination descriptor>";
+ }
+ if (addr.len == 1) {
+ return "0";
+ }
+ if ((addr.len >= 2) && (addr.len <= 5)) {
+ return inet_ntopdd(addr.iabuf, addr.len, pbuf, sizeof(pbuf));
+ }
+
+ log_fatal("pdestdesc():%s:%d: Invalid destination descriptor length %d.",
+ MDL, addr.len);
+ /* quell compiler warnings */
+ return NULL;
+}
+
/* piaddr() turns an iaddr structure into a printable address. */
/* XXX: should use a const pointer rather than passing the structure */
const char *
diff -up dhcp-4.2.5b1/common/options.c.rfc3442 dhcp-4.2.5b1/common/options.c
--- dhcp-4.2.5b1/common/options.c.rfc3442 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/common/options.c 2012-12-17 13:29:38.961536040 +0100
@@ -713,7 +713,11 @@ cons_options(struct packet *inpacket, st
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
- priority_list[priority_len++] = DHO_ROUTERS;
+ if (lookup_option(&dhcp_universe, cfg_options,
+ DHO_CLASSLESS_STATIC_ROUTES))
+ priority_list[priority_len++] = DHO_CLASSLESS_STATIC_ROUTES;
+ else
+ priority_list[priority_len++] = DHO_ROUTERS;
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
@@ -1694,6 +1698,7 @@ const char *pretty_print_option (option,
unsigned long tval;
isc_boolean_t a_array = ISC_FALSE;
int len_used;
+ unsigned int octets = 0;
if (emit_commas)
comma = ',';
@@ -1702,6 +1707,7 @@ const char *pretty_print_option (option,
memset (enumbuf, 0, sizeof enumbuf);
+ if (option->format[0] != 'R') { /* see explanation lower */
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
@@ -1876,6 +1882,33 @@ const char *pretty_print_option (option,
if (numhunk < 0)
numhunk = 1;
+ } else { /* option->format[i] == 'R') */
+ /* R (destination descriptor) has variable length.
+ * We can find it only in classless static route option,
+ * so we are for sure parsing classless static route option now.
+ * We go through whole the option to check whether there are no
+ * missing/extra bytes.
+ * I didn't find out how to improve the existing code and that's the
+ * reason for this separate 'else' where I do my own checkings.
+ * I know it's little bit unsystematic, but it works.
+ */
+ numhunk = 0;
+ numelem = 2; /* RI */
+ fmtbuf[0]='R'; fmtbuf[1]='I'; fmtbuf[2]=0;
+ for (i =0; i < len; i = i + octets + 5) {
+ if (data[i] > 32) { /* subnet mask width */
+ log_error ("wrong subnet mask width in destination descriptor");
+ break;
+ }
+ numhunk++;
+ octets = ((data[i]+7) / 8);
+ }
+ if (i != len) {
+ log_error ("classless static routes option has wrong size or "
+ "there's some garbage in format");
+ }
+ }
+
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
@@ -2031,6 +2064,20 @@ const char *pretty_print_option (option,
strcpy(op, piaddr(iaddr));
dp += 4;
break;
+
+ case 'R':
+ if (dp[0] <= 32)
+ iaddr.len = (((dp[0]+7)/8)+1);
+ else {
+ log_error ("wrong subnet mask width in destination descriptor");
+ return "<error>";
+ }
+
+ memcpy(iaddr.iabuf, dp, iaddr.len);
+ strcpy(op, pdestdesc(iaddr));
+ dp += iaddr.len;
+ break;
+
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
diff -up dhcp-4.2.5b1/common/parse.c.rfc3442 dhcp-4.2.5b1/common/parse.c
--- dhcp-4.2.5b1/common/parse.c.rfc3442 2012-12-17 13:23:34.408564378 +0100
+++ dhcp-4.2.5b1/common/parse.c 2012-12-17 13:23:34.444563905 +0100
@@ -341,6 +341,39 @@ int parse_ip_addr (cfile, addr)
}
/*
+ * destination-descriptor :== NUMBER DOT NUMBER |
+ * NUMBER DOT NUMBER DOT NUMBER |
+ * NUMBER DOT NUMBER DOT NUMBER DOT NUMBER |
+ * NUMBER DOT NUMBER DOT NUMBER DOT NUMBER DOT NUMBER
+ */
+
+int parse_destination_descriptor (cfile, addr)
+ struct parse *cfile;
+ struct iaddr *addr;
+{
+ unsigned int mask_width, dest_dest_len;
+ addr -> len = 0;
+ if (parse_numeric_aggregate (cfile, addr -> iabuf,
+ &addr -> len, DOT, 10, 8)) {
+ mask_width = (unsigned int)addr->iabuf[0];
+ dest_dest_len = (((mask_width+7)/8)+1);
+ if (mask_width > 32) {
+ parse_warn (cfile,
+ "subnet mask width (%u) greater than 32.", mask_width);
+ }
+ else if (dest_dest_len != addr->len) {
+ parse_warn (cfile,
+ "destination descriptor with subnet mask width %u "
+ "should have %u octets, but has %u octets.",
+ mask_width, dest_dest_len, addr->len);
+ }
+
+ return 1;
+ }
+ return 0;
+}
+
+/*
* Return true if every character in the string is hexadecimal.
*/
static int
@@ -719,8 +752,10 @@ unsigned char *parse_numeric_aggregate (
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
- if (!*max)
+ if (!*max) {
+ *max = count;
break;
+ }
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
@@ -1660,6 +1695,9 @@ int parse_option_code_definition (cfile,
case IP_ADDRESS:
type = 'I';
break;
+ case DESTINATION_DESCRIPTOR:
+ type = 'R';
+ break;
case IP6_ADDRESS:
type = '6';
break;
@@ -5418,6 +5456,15 @@ int parse_option_token (rv, cfile, fmt,
}
break;
+ case 'R': /* destination descriptor */
+ if (!parse_destination_descriptor (cfile, &addr)) {
+ return 0;
+ }
+ if (!make_const_data (&t, addr.iabuf, addr.len, 0, 1, MDL)) {
+ return 0;
+ }
+ break;
+
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
@@ -5695,6 +5742,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
+ goto alloc;
+
+ case 'R': /* destination descriptor */
+ if (!parse_destination_descriptor (cfile, &ip_addr))
+ goto exit;
+ len = ip_addr.len;
+ dp = ip_addr.iabuf;
alloc:
if (hunkix + len > sizeof hunkbuf) {
diff -up dhcp-4.2.5b1/common/tables.c.rfc3442 dhcp-4.2.5b1/common/tables.c
--- dhcp-4.2.5b1/common/tables.c.rfc3442 2012-12-17 13:23:34.398564508 +0100
+++ dhcp-4.2.5b1/common/tables.c 2012-12-17 13:23:34.445563891 +0100
@@ -52,6 +52,7 @@ HASH_FUNCTIONS (option_code, const unsig
Format codes:
I - IPv4 address
+ R - destination descriptor (RFC3442)
6 - IPv6 address
l - 32-bit signed integer
L - 32-bit unsigned integer
@@ -210,6 +211,7 @@ static struct option dhcp_options[] = {
{ "default-url", "t", &dhcp_universe, 114, 1 },
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
{ "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "classless-static-routes", "RIA", &dhcp_universe, 121, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
diff -up dhcp-4.2.5b1/includes/dhcpd.h.rfc3442 dhcp-4.2.5b1/includes/dhcpd.h
--- dhcp-4.2.5b1/includes/dhcpd.h.rfc3442 2012-12-17 13:23:34.382564719 +0100
+++ dhcp-4.2.5b1/includes/dhcpd.h 2012-12-17 13:23:34.446563877 +0100
@@ -2678,6 +2678,7 @@ isc_result_t range2cidr(struct iaddrcidr
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
+const char *pdestdesc (struct iaddr);
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
@@ -2887,6 +2888,7 @@ void parse_client_lease_declaration (str
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
+int parse_destination_descriptor (struct parse *, struct iaddr *);
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
diff -up dhcp-4.2.5b1/includes/dhcp.h.rfc3442 dhcp-4.2.5b1/includes/dhcp.h
--- dhcp-4.2.5b1/includes/dhcp.h.rfc3442 2012-10-23 21:02:13.000000000 +0200
+++ dhcp-4.2.5b1/includes/dhcp.h 2012-12-17 13:23:34.446563877 +0100
@@ -163,6 +163,7 @@ struct dhcp_packet {
#define DHO_ASSOCIATED_IP 92
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
+#define DHO_CLASSLESS_STATIC_ROUTES 121 /* RFC3442 */
#define DHO_VIVCO_SUBOPTIONS 124
#define DHO_VIVSO_SUBOPTIONS 125
diff -up dhcp-4.2.5b1/includes/dhctoken.h.rfc3442 dhcp-4.2.5b1/includes/dhctoken.h
--- dhcp-4.2.5b1/includes/dhctoken.h.rfc3442 2012-12-17 13:23:34.348565167 +0100
+++ dhcp-4.2.5b1/includes/dhctoken.h 2012-12-17 13:23:34.446563877 +0100
@@ -365,7 +365,8 @@ enum dhcp_token {
PRIMARY6 = 666,
SECONDARY6 = 667,
TOKEN_INFINIBAND = 668,
- BOOTP_BROADCAST_ALWAYS = 669
+ BOOTP_BROADCAST_ALWAYS = 669,
+ DESTINATION_DESCRIPTOR = 670
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \

89
SOURCES/dhcp-4.2.5-rfc5970-dhcpv6-options-for-network-boot.patch Normal file
View File

@ -0,0 +1,89 @@
diff -up dhcp-4.2.5b1/common/dhcp-options.5.rfc5970 dhcp-4.2.5b1/common/dhcp-options.5
--- dhcp-4.2.5b1/common/dhcp-options.5.rfc5970 2012-12-17 13:43:44.000000000 +0100
+++ dhcp-4.2.5b1/common/dhcp-options.5 2012-12-17 13:45:18.777638579 +0100
@@ -1771,7 +1771,48 @@ The \fBlq-relay-data\fR option is used i
The \fBlq-client-link\fR option is used internally by for lease query.
.RE
.PP
+
+.B option
+.B dhcp6.bootfile-url
+.I string
+.B ;
+.RS 0.25i
+.PP
+The server sends this option to inform the client about a URL to a
+boot file. Used primarily for UEFI network booting, it contains an RFC3986
+compliant URI which the client may use to boot an operating system. This option
+is defined in RFC5970
.RE
+.PP
+
+.B option
+.B dhcp6.arch-type
+.I arch-id \fR[\fB,\fR arch-id\fR...]
+.B ;
+.RS 0.25i
+.PP
+A client will send this option to a server so that the server may make decisions
+on what options and addresses to offer the requesting client. The option
+consists of a list of 16 bit unsigned values that represent the architecture of
+the requesting client. These values corespond to the values available to the
+dhcpv4 option architecture-type, as defined in RFC4578, section 2.1.
+This option is defined in RFC5970
+ .RE
+.PP
+
+.B option
+.B dhcp6.net-id
+.I uint8 uint8 uint8
+.B ;
+.RS 0.25i
+.PP
+A client will send this option to a server to inform it about the clients level
+of UNDI support. The option consists of 3 octets (a type, major and minor
+value). Specific meanings of these values are doumented in section 2.2 of
+RFC4578.
+This option is defined in RFC5970
+.RE
+.PP
.SH DEFINING NEW OPTIONS
The Internet Systems Consortium DHCP client and server provide the
capability to define new options. Each DHCP option has a name, a
diff -up dhcp-4.2.5b1/common/tables.c.rfc5970 dhcp-4.2.5b1/common/tables.c
--- dhcp-4.2.5b1/common/tables.c.rfc5970 2012-12-17 13:43:44.204939024 +0100
+++ dhcp-4.2.5b1/common/tables.c 2012-12-17 13:43:44.286937948 +0100
@@ -463,6 +463,18 @@ static struct option dhcpv6_options[] =
{ "lq-relay-data", "6X", &dhcpv6_universe, 47, 1 },
{ "lq-client-link", "6A", &dhcpv6_universe, 48, 1 },
+ /* RFC5970 OPTIONS */
+
+ { "bootfile-url", "t", &dhcpv6_universe, 59, 1},
+#if 0
+ /* Can't implement this until arrays of strings with length "StA"
+ * are implemented
+ */
+ { "bootfile-param", "StA", &dhcpv6_universe, 60, 1},
+#endif
+ { "arch-type", "Sa", &dhcpv6_universe, 61, 1},
+ { "net-id", "BBB", &dhcpv6_universe, 62, 1},
+
{ NULL, NULL, NULL, 0, 0 }
};
diff -up dhcp-4.2.5b1/includes/dhcp6.h.rfc5970 dhcp-4.2.5b1/includes/dhcp6.h
--- dhcp-4.2.5b1/includes/dhcp6.h.rfc5970 2012-12-04 20:45:42.000000000 +0100
+++ dhcp-4.2.5b1/includes/dhcp6.h 2012-12-17 13:43:44.286937948 +0100
@@ -75,6 +75,11 @@
#define D6O_CLT_TIME 46 /* RFC5007 */
#define D6O_LQ_RELAY_DATA 47 /* RFC5007 */
#define D6O_LQ_CLIENT_LINK 48 /* RFC5007 */
+/* 49-58 Not yet assigned */
+#define D60_BOOT_URL 59 /* RFC5970 */
+#define D60_BOOT_PARAMS 60 /* RFC5970 */
+#define D60_CLIENT_ARCH 61 /* RFC5970 */
+#define D60_CLIENT_NII 62 /* RFC5970 */
/*
* Status Codes, from RFC 3315 section 24.4, and RFC 3633, 5007.

44
SOURCES/dhcp-4.2.5-rh1355827.patch Normal file
View File

@ -0,0 +1,44 @@
--- dhcp-4.2.5.orig/server/mdb.c 2016-05-03 12:46:04.933000000 -0400
+++ dhcp-4.2.5/server/mdb.c 2016-05-18 14:38:27.553000000 -0400
@@ -720,8 +720,9 @@ void new_address_range (cfile, low, high
{
#if defined(COMPACT_LEASES)
struct lease *address_range;
+ unsigned s;
#endif
- unsigned min, max, i;
+ unsigned min, max, i, num_addrs;
char lowbuf [16], highbuf [16], netbuf [16];
struct shared_network *share = subnet -> shared_network;
struct lease *lt = (struct lease *)0;
@@ -777,9 +778,29 @@ void new_address_range (cfile, low, high
min = host_addr (high, subnet -> netmask);
}
+ /* get the number of addresses we want, and add it to the pool info
+ * this value is only for use when setting up lease chains and will
+ * be overwritten when expire_all_pools is run
+ */
+ num_addrs = max - min + 1;
+
/* Get a lease structure for each address in the range. */
#if defined (COMPACT_LEASES)
- address_range = new_leases (max - min + 1, MDL);
+ s = (num_addrs + 1) * sizeof (struct lease);
+ /* Check unsigned overflow in new_leases().
+ With 304 byte lease structure (x86_64), this happens at
+ range 10.0.0.0 10.215.148.52; */
+ if (((s % sizeof (struct lease)) != 0) ||
+ ((s / sizeof (struct lease)) != (num_addrs + 1))) {
+ strcpy (lowbuf, piaddr (low));
+ strcpy (highbuf, piaddr (high));
+ parse_warn (cfile, "%s-%s is an overly large address range.",
+ lowbuf, highbuf);
+ log_info ("Consider breaking large address ranges into multiple scopes of less than 14 million IPs each.");
+ log_info ("For more information, please visit: https://support.roguewave.com/resources/blogs/openlogic-blogs/how-to-extend-isc-dhcp/");
+ log_fatal ("Memory overflow.");
+ }
+ address_range = new_leases (num_addrs, MDL);
if (!address_range) {
strcpy (lowbuf, piaddr (low));
strcpy (highbuf, piaddr (high));

231
SOURCES/dhcp-4.2.5-sendDecline.patch Normal file
View File

@ -0,0 +1,231 @@
diff -up dhcp-4.2.5b1/client/dhc6.c.sendDecline dhcp-4.2.5b1/client/dhc6.c
--- dhcp-4.2.5b1/client/dhc6.c.sendDecline 2012-12-05 02:17:38.000000000 +0100
+++ dhcp-4.2.5b1/client/dhc6.c 2012-12-17 13:21:16.922444939 +0100
@@ -96,6 +96,8 @@ void do_select6(void *input);
void do_refresh6(void *input);
static void do_release6(void *input);
static void start_bound(struct client_state *client);
+static void start_decline6(struct client_state *client);
+static void do_decline6(void *input);
static void start_informed(struct client_state *client);
void informed_handler(struct packet *packet, struct client_state *client);
void bound_handler(struct packet *packet, struct client_state *client);
@@ -2080,6 +2082,7 @@ start_release6(struct client_state *clie
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
client->state = S_STOPPED;
/*
@@ -2713,6 +2716,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
+ case S_DECLINED:
action = dhc6_stop_action;
break;
@@ -2814,6 +2818,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
+ case S_DECLINED:
/* Nothing critical to do at this stage. */
break;
@@ -3804,17 +3809,23 @@ reply_handler(struct packet *packet, str
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
/* If this is in response to a Release/Decline, clean up and return. */
- if (client->state == S_STOPPED) {
- if (client->active_lease == NULL)
- return;
+ if ((client->state == S_STOPPED) ||
+ (client->state == S_DECLINED)) {
+
+ if (client->active_lease != NULL) {
+ dhc6_lease_destroy(&client->active_lease, MDL);
+ client->active_lease = NULL;
+ /* We should never wait for nothing!? */
+ if (stopping_finished())
+ exit(0);
+ }
+
+ if (client->state == S_DECLINED)
+ start_init6(client);
- dhc6_lease_destroy(&client->active_lease, MDL);
- client->active_lease = NULL;
- /* We should never wait for nothing!? */
- if (stopping_finished())
- exit(0);
return;
}
@@ -4342,7 +4353,11 @@ start_bound(struct client_state *client)
dhc6_marshall_values("new_", client, lease, ia, addr);
script_write_requested6(client);
- script_go(client);
+ // when script returns 3, DAD failed
+ if (script_go(client) == 3) {
+ start_decline6(client);
+ return;
+ }
}
/* XXX: maybe we should loop on the old values instead? */
@@ -4390,6 +4405,149 @@ start_bound(struct client_state *client)
dhc6_check_times(client);
}
+/*
+ * Decline addresses.
+ */
+void
+start_decline6(struct client_state *client)
+{
+ /* Cancel any pending transmissions */
+ cancel_timeout(do_confirm6, client);
+ cancel_timeout(do_select6, client);
+ cancel_timeout(do_refresh6, client);
+ cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
+ client->state = S_DECLINED;
+
+ if (client->active_lease == NULL)
+ return;
+
+ /* Set timers per RFC3315 section 18.1.7. */
+ client->IRT = DEC_TIMEOUT * 100;
+ client->MRT = 0;
+ client->MRC = DEC_MAX_RC;
+ client->MRD = 0;
+
+ dhc6_retrans_init(client);
+ client->v6_handler = reply_handler;
+
+ client->refresh_type = DHCPV6_DECLINE;
+ do_decline6(client);
+}
+
+/*
+ * do_decline6() creates a Decline packet and transmits it.
+ */
+static void
+do_decline6(void *input)
+{
+ struct client_state *client;
+ struct data_string ds;
+ int send_ret;
+ struct timeval elapsed, tv;
+
+ client = input;
+
+ if ((client->active_lease == NULL) || !active_prefix(client))
+ return;
+
+ if ((client->MRC != 0) && (client->txcount > client->MRC)) {
+ log_info("Max retransmission count exceeded.");
+ goto decline_done;
+ }
+
+ /*
+ * Start_time starts at the first transmission.
+ */
+ if (client->txcount == 0) {
+ client->start_time.tv_sec = cur_tv.tv_sec;
+ client->start_time.tv_usec = cur_tv.tv_usec;
+ }
+
+ /* elapsed = cur - start */
+ elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
+ elapsed.tv_usec = cur_tv.tv_usec - client->start_time.tv_usec;
+ if (elapsed.tv_usec < 0) {
+ elapsed.tv_sec -= 1;
+ elapsed.tv_usec += 1000000;
+ }
+
+ memset(&ds, 0, sizeof(ds));
+ if (!buffer_allocate(&ds.buffer, 4, MDL)) {
+ log_error("Unable to allocate memory for Decline.");
+ goto decline_done;
+ }
+
+ ds.data = ds.buffer->data;
+ ds.len = 4;
+ ds.buffer->data[0] = DHCPV6_DECLINE;
+ memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
+
+ /* Form an elapsed option. */
+ /* Maximum value is 65535 1/100s coded as 0xffff. */
+ if ((elapsed.tv_sec < 0) || (elapsed.tv_sec > 655) ||
+ ((elapsed.tv_sec == 655) && (elapsed.tv_usec > 350000))) {
+ client->elapsed = 0xffff;
+ } else {
+ client->elapsed = elapsed.tv_sec * 100;
+ client->elapsed += elapsed.tv_usec / 10000;
+ }
+
+ client->elapsed = htons(client->elapsed);
+
+ log_debug("XMT: Forming Decline.");
+ make_client6_options(client, &client->sent_options,
+ client->active_lease, DHCPV6_DECLINE);
+ dhcpv6_universe.encapsulate(&ds, NULL, NULL, client, NULL,
+ client->sent_options, &global_scope,
+ &dhcpv6_universe);
+
+ /* Append IA's (but don't release temporary addresses). */
+ if (wanted_ia_na &&
+ dhc6_add_ia_na(client, &ds, client->active_lease,
+ DHCPV6_DECLINE) != ISC_R_SUCCESS) {
+ data_string_forget(&ds, MDL);
+ goto decline_done;
+ }
+ if (wanted_ia_pd &&
+ dhc6_add_ia_pd(client, &ds, client->active_lease,
+ DHCPV6_DECLINE) != ISC_R_SUCCESS) {
+ data_string_forget(&ds, MDL);
+ goto decline_done;
+ }
+
+ /* Transmit and wait. */
+ log_info("XMT: Decline on %s, interval %ld0ms.",
+ client->name ? client->name : client->interface->name,
+ (long int)client->RT);
+
+ send_ret = send_packet6(client->interface, ds.data, ds.len,
+ &DHCPv6DestAddr);
+ if (send_ret != ds.len) {
+ log_error("dhc6: sendpacket6() sent %d of %d bytes",
+ send_ret, ds.len);
+ }
+
+ data_string_forget(&ds, MDL);
+
+ /* Wait RT */
+ tv.tv_sec = cur_tv.tv_sec + client->RT / 100;
+ tv.tv_usec = cur_tv.tv_usec + (client->RT % 100) * 10000;
+ if (tv.tv_usec >= 1000000) {
+ tv.tv_sec += 1;
+ tv.tv_usec -= 1000000;
+ }
+ add_timeout(&tv, do_decline6, client, NULL, NULL);
+ dhc6_retrans_advance(client);
+ return;
+
+decline_done:
+ dhc6_lease_destroy(&client->active_lease, MDL);
+ client->active_lease = NULL;
+ start_init6(client);
+ return;
+}
+
/* While bound, ignore packets. In the future we'll want to answer
* Reconfigure-Request messages and the like.
*/

120
SOURCES/dhcp-4.2.5-sharedlib.patch Normal file
View File

@ -0,0 +1,120 @@
diff -up dhcp-4.2.5b1/client/Makefile.am.sharedlib dhcp-4.2.5b1/client/Makefile.am
--- dhcp-4.2.5b1/client/Makefile.am.sharedlib 2012-12-17 16:26:53.350623790 +0100
+++ dhcp-4.2.5b1/client/Makefile.am 2012-12-17 16:26:53.384623342 +0100
@@ -4,7 +4,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/common/tests/Makefile.am.sharedlib dhcp-4.2.5b1/common/tests/Makefile.am
--- dhcp-4.2.5b1/common/tests/Makefile.am.sharedlib 2012-12-17 16:26:53.271624835 +0100
+++ dhcp-4.2.5b1/common/tests/Makefile.am 2012-12-17 16:26:53.384623342 +0100
@@ -13,7 +13,7 @@ ATF_TESTS += alloc_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
alloc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a \
+ ../../omapip/libomapi.la \
$(BIND9_LIBDIR) -ldns-export -lisc-export
check: $(ATF_TESTS)
diff -up dhcp-4.2.5b1/configure.ac.sharedlib dhcp-4.2.5b1/configure.ac
--- dhcp-4.2.5b1/configure.ac.sharedlib 2012-12-17 16:26:53.350623790 +0100
+++ dhcp-4.2.5b1/configure.ac 2012-12-17 16:26:53.384623342 +0100
@@ -37,7 +37,8 @@ fi
# Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
AC_USE_SYSTEM_EXTENSIONS
-AC_PROG_RANLIB
+# Use libtool to simplify building of shared libraries
+AC_PROG_LIBTOOL
AC_CONFIG_HEADERS([includes/config.h])
# we sometimes need to know byte order for building packets
diff -up dhcp-4.2.5b1/dhcpctl/Makefile.am.sharedlib dhcp-4.2.5b1/dhcpctl/Makefile.am
--- dhcp-4.2.5b1/dhcpctl/Makefile.am.sharedlib 2012-12-17 16:26:53.271624835 +0100
+++ dhcp-4.2.5b1/dhcpctl/Makefile.am 2012-12-17 16:26:53.385623329 +0100
@@ -1,15 +1,15 @@
bin_PROGRAMS = omshell
-lib_LIBRARIES = libdhcpctl.a
+lib_LTLIBRARIES = libdhcpctl.la
noinst_PROGRAMS = cltest
man_MANS = omshell.1 dhcpctl.3
EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
-omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -ldns-export -lisc-export
-libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
cltest_SOURCES = cltest.c
-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -ldns-export -lisc-export
diff -up dhcp-4.2.5b1/omapip/Makefile.am.sharedlib dhcp-4.2.5b1/omapip/Makefile.am
--- dhcp-4.2.5b1/omapip/Makefile.am.sharedlib 2012-12-17 16:26:53.272624822 +0100
+++ dhcp-4.2.5b1/omapip/Makefile.am 2012-12-17 16:26:53.385623329 +0100
@@ -1,7 +1,7 @@
-lib_LIBRARIES = libomapi.a
+lib_LTLIBRARIES = libomapi.la
noinst_PROGRAMS = svtest
-libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
errwarn.c listener.c dispatch.c generic.c support.c \
handle.c message.c convert.c hash.c auth.c inet_addr.c \
array.c trace.c toisc.c iscprint.c isclib.c
@@ -10,5 +10,5 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
svtest_SOURCES = test.c
-svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
+svtest_LDADD = libomapi.la $(BIND9_LIBDIR) -ldns-export -lisc-export
diff -up dhcp-4.2.5b1/relay/Makefile.am.sharedlib dhcp-4.2.5b1/relay/Makefile.am
--- dhcp-4.2.5b1/relay/Makefile.am.sharedlib 2012-12-17 16:26:53.351623777 +0100
+++ dhcp-4.2.5b1/relay/Makefile.am 2012-12-17 16:26:53.385623329 +0100
@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/server/Makefile.am.sharedlib dhcp-4.2.5b1/server/Makefile.am
--- dhcp-4.2.5b1/server/Makefile.am.sharedlib 2012-12-17 16:26:53.272624822 +0100
+++ dhcp-4.2.5b1/server/Makefile.am 2012-12-17 16:26:53.385623329 +0100
@@ -13,8 +13,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
+ ../dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.2.5b1/server/tests/Makefile.am.sharedlib dhcp-4.2.5b1/server/tests/Makefile.am
--- dhcp-4.2.5b1/server/tests/Makefile.am.sharedlib 2012-12-17 16:26:53.000000000 +0100
+++ dhcp-4.2.5b1/server/tests/Makefile.am 2012-12-17 16:28:25.898349545 +0100
@@ -17,8 +17,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
../ldap.c ../ldap_casa.c ../dhcpd.c
-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
+DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
+ $(top_builddir)/dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export
ATF_TESTS =
TESTS =

2774
SOURCES/dhcp-4.2.5-standard_ddns.patch Normal file
View File

File diff suppressed because it is too large Load Diff

822
SOURCES/dhcp-4.2.5-systemtap.patch Normal file
View File

@ -0,0 +1,822 @@
diff -up dhcp-4.2.5b1/configure.ac.systemtap dhcp-4.2.5b1/configure.ac
--- dhcp-4.2.5b1/configure.ac.systemtap 2012-12-17 16:56:40.563881316 +0100
+++ dhcp-4.2.5b1/configure.ac 2012-12-17 16:56:40.597880870 +0100
@@ -554,6 +554,35 @@ else
AC_MSG_RESULT(no)
fi
+AC_MSG_CHECKING([whether to include systemtap tracing support])
+AC_ARG_ENABLE([systemtap],
+ [AS_HELP_STRING([--enable-systemtap],
+ [Enable inclusion of systemtap trace support])],
+ [ENABLE_SYSTEMTAP="${enableval}"], [ENABLE_SYSTEMTAP='no'])
+AM_CONDITIONAL([ENABLE_SYSTEMTAP], [test x$ENABLE_SYSTEMTAP = xyes])
+AC_MSG_RESULT(${ENABLE_SYSTEMTAP})
+
+if test "x${ENABLE_SYSTEMTAP}" = xyes; then
+ # Additional configuration for --enable-systemtap is HERE
+ AC_CHECK_PROGS(DTRACE, dtrace)
+ if test -z "$DTRACE"; then
+ AC_MSG_ERROR([dtrace not found])
+ fi
+ AC_CHECK_HEADER([sys/sdt.h], [SDT_H_FOUND='yes'],
+ [SDT_H_FOUND='no';
+ AC_MSG_ERROR([systemtap support needs sys/sdt.h header])])
+ AC_DEFINE([HAVE_SYSTEMTAP], [1], [Define to 1 if using SystemTap probes.])
+ AC_ARG_WITH([tapset-install-dir],
+ [AS_HELP_STRING([--with-tapset-install-dir],
+ [The absolute path where the tapset dir will be installed])],
+ [if test "x${withval}" = x; then
+ ABS_TAPSET_DIR="\$(datadir)/systemtap/tapset"
+ else
+ ABS_TAPSET_DIR="${withval}"
+ fi], [ABS_TAPSET_DIR="\$(datadir)/systemtap/tapset"])
+ AC_SUBST(ABS_TAPSET_DIR)
+fi
+
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
@@ -701,6 +730,7 @@ AC_OUTPUT([
tests/Makefile
server/tests/Makefile
doc/devel/doxyfile
+ tapset/Makefile
])
sh util/bindvar.sh
diff -up dhcp-4.2.5b1/Makefile.am.systemtap dhcp-4.2.5b1/Makefile.am
--- dhcp-4.2.5b1/Makefile.am.systemtap 2012-12-17 16:56:40.461882654 +0100
+++ dhcp-4.2.5b1/Makefile.am 2012-12-17 16:56:40.597880870 +0100
@@ -30,5 +30,8 @@ endif
SUBDIRS += includes tests common omapip client dhcpctl relay server
+SUBDIRS += tapset
+#DIST_SUBDIRS = $(SUBDIRS)
+
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.2.5b1/server/dhcp.c.systemtap dhcp-4.2.5b1/server/dhcp.c
--- dhcp-4.2.5b1/server/dhcp.c.systemtap 2012-12-17 16:56:40.483882364 +0100
+++ dhcp-4.2.5b1/server/dhcp.c 2012-12-17 16:56:40.599880842 +0100
@@ -36,7 +36,7 @@
#include <errno.h>
#include <limits.h>
#include <sys/time.h>
-
+#include "trace.h"
static void commit_leases_ackout(void *foo);
static void maybe_return_agent_options(struct packet *packet,
struct option_state *options);
@@ -275,6 +275,8 @@ void dhcpdiscover (packet, ms_nulltp)
dhcp_failover_state_t *peer;
#endif
+ TRACE(DHCPD_DISCOVER_START());
+
find_lease (&lease, packet, packet -> shared_network,
0, &peer_has_leases, (struct lease *)0, MDL);
@@ -399,6 +401,8 @@ void dhcpdiscover (packet, ms_nulltp)
out:
if (lease)
lease_dereference (&lease, MDL);
+
+ TRACE(DHCPD_DISCOVER_DONE());
}
void dhcprequest (packet, ms_nulltp, ip_lease)
@@ -421,6 +425,8 @@ void dhcprequest (packet, ms_nulltp, ip_
#endif
int have_requested_addr = 0;
+ TRACE(DHCPD_REQUEST_START());
+
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS);
memset (&data, 0, sizeof data);
@@ -700,6 +706,9 @@ void dhcprequest (packet, ms_nulltp, ip_
log_info ("%s: unknown lease %s.", msgbuf, piaddr (cip));
out:
+
+ TRACE(DHCPD_REQUEST_DONE());
+
if (subnet)
subnet_dereference (&subnet, MDL);
if (lease)
@@ -718,6 +727,7 @@ void dhcprelease (packet, ms_nulltp)
const char *s;
char msgbuf [1024], cstr[16]; /* XXX */
+ TRACE(DHCPD_RELEASE_START());
/* DHCPRELEASE must not specify address in requested-address
option, but old protocol specs weren't explicit about this,
@@ -842,6 +852,8 @@ void dhcprelease (packet, ms_nulltp)
#endif
if (lease)
lease_dereference (&lease, MDL);
+
+ TRACE(DHCPD_RELEASE_DONE());
}
void dhcpdecline (packet, ms_nulltp)
@@ -859,6 +871,8 @@ void dhcpdecline (packet, ms_nulltp)
struct option_cache *oc;
struct data_string data;
+ TRACE(DHCPD_DECLINE_START());
+
/* DHCPDECLINE must specify address. */
if (!(oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS)))
@@ -970,6 +984,8 @@ void dhcpdecline (packet, ms_nulltp)
option_state_dereference (&options, MDL);
if (lease)
lease_dereference (&lease, MDL);
+
+ TRACE(DHCPD_DECLINE_DONE());
}
void dhcpinform (packet, ms_nulltp)
@@ -993,6 +1009,8 @@ void dhcpinform (packet, ms_nulltp)
struct interface_info *interface;
int result;
+ TRACE(DHCPD_INFORM_START());
+
/* The client should set ciaddr to its IP address, but apparently
it's common for clients not to do this, so we'll use their IP
source address if they didn't set ciaddr. */
@@ -1350,6 +1368,8 @@ void dhcpinform (packet, ms_nulltp)
if (subnet)
subnet_dereference (&subnet, MDL);
+
+ TRACE(DHCPD_INFORM_DONE());
}
void nak_lease (packet, cip)
@@ -1366,6 +1386,8 @@ void nak_lease (packet, cip)
struct option_state *options = (struct option_state *)0;
struct option_cache *oc = (struct option_cache *)0;
+ TRACE(DHCPD_NAK_LEASE_START());
+
option_state_allocate (&options, MDL);
memset (&outgoing, 0, sizeof outgoing);
memset (&raw, 0, sizeof raw);
@@ -1532,6 +1554,7 @@ void nak_lease (packet, cip)
packet->interface->name);
}
+ TRACE(DHCPD_NAK_LEASE_DONE());
}
void ack_lease (packet, lease, offer, when, msg, ms_nulltp, hp)
@@ -1573,6 +1596,8 @@ void ack_lease (packet, lease, offer, wh
if (lease -> state)
return;
+ TRACE(DHCPD_ACK_LEASE_START());
+
/* Save original cltt for comparison later. */
lease_cltt = lease->cltt;
@@ -2936,6 +2961,8 @@ void ack_lease (packet, lease, offer, wh
#endif
dhcp_reply(lease);
}
+
+ TRACE(DHCPD_ACK_LEASE_DONE());
}
/*
@@ -3088,6 +3115,8 @@ void dhcp_reply (lease)
if (!state)
log_fatal ("dhcp_reply was supplied lease with no state!");
+ TRACE(DHCPD_REPLY_START());
+
/* Compose a response for the client... */
memset (&raw, 0, sizeof raw);
memset (&d1, 0, sizeof d1);
@@ -3309,6 +3338,8 @@ void dhcp_reply (lease)
free_lease_state (state, MDL);
lease -> state = (struct lease_state *)0;
+
+ TRACE(DHCPD_REPLY_DONE());
}
int find_lease (struct lease **lp,
@@ -3331,6 +3362,8 @@ int find_lease (struct lease **lp,
struct data_string client_identifier;
struct hardware h;
+ TRACE(DHCPD_FIND_LEASE_START());
+
#if defined(FAILOVER_PROTOCOL)
/* Quick check to see if the peer has leases. */
if (peer_has_leases) {
@@ -4058,6 +4091,9 @@ int find_lease (struct lease **lp,
#if defined (DEBUG_FIND_LEASE)
log_info ("Not returning a lease.");
#endif
+
+ TRACE(DHCPD_FIND_LEASE_DONE());
+
return 0;
}
diff -up dhcp-4.2.5b1/server/dhcpd.c.systemtap dhcp-4.2.5b1/server/dhcpd.c
--- dhcp-4.2.5b1/server/dhcpd.c.systemtap 2012-12-17 16:56:40.578881119 +0100
+++ dhcp-4.2.5b1/server/dhcpd.c 2012-12-17 16:56:40.599880842 +0100
@@ -58,6 +58,8 @@ static const char url [] =
# undef group
#endif /* PARANOIA */
+#include "trace.h"
+
#ifndef UNIT_TEST
static void usage(void);
#endif
@@ -865,6 +867,7 @@ main(int argc, char **argv) {
omapi_set_int_value ((omapi_object_t *)dhcp_control_object,
(omapi_object_t *)0, "state", server_running);
+ TRACE(DHCPD_MAIN());
/* Receive packets and dispatch them... */
dispatch ();
diff -up dhcp-4.2.5b1/server/dhcpv6.c.systemtap dhcp-4.2.5b1/server/dhcpv6.c
--- dhcp-4.2.5b1/server/dhcpv6.c.systemtap 2012-12-17 16:56:40.571881210 +0100
+++ dhcp-4.2.5b1/server/dhcpv6.c 2012-12-17 16:56:40.601880816 +0100
@@ -15,6 +15,7 @@
*/
#include "dhcpd.h"
+#include "trace.h"
#ifdef DHCPv6
@@ -4212,6 +4213,8 @@ static void
dhcpv6_solicit(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
+ TRACE(DHCPD_6_SOLICIT_START());
+
/*
* Validate our input.
*/
@@ -4225,6 +4228,8 @@ dhcpv6_solicit(struct data_string *reply
* Clean up.
*/
data_string_forget(&client_id, MDL);
+
+ TRACE(DHCPD_6_SOLICIT_DONE());
}
/*
@@ -4238,6 +4243,8 @@ dhcpv6_request(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
+ TRACE(DHCPD_6_REQUEST_START());
+
/*
* Validate our input.
*/
@@ -4255,6 +4262,8 @@ dhcpv6_request(struct data_string *reply
*/
data_string_forget(&client_id, MDL);
data_string_forget(&server_id, MDL);
+
+ TRACE(DHCPD_6_REQUEST_DONE());
}
/* Find a DHCPv6 packet's shared network from hints in the packet.
@@ -4367,6 +4376,8 @@ dhcpv6_confirm(struct data_string *reply
struct dhcpv6_packet *reply = (struct dhcpv6_packet *)reply_data;
int reply_ofs = (int)(offsetof(struct dhcpv6_packet, options));
+ TRACE(DHCPD_6_CONFIRM_START());
+
/*
* Basic client message validation.
*/
@@ -4553,6 +4564,8 @@ exit:
option_state_dereference(&cli_enc_opt_state, MDL);
if (opt_state != NULL)
option_state_dereference(&opt_state, MDL);
+
+ TRACE(DHCPD_6_CONFIRM_DONE());
}
/*
@@ -4567,6 +4580,8 @@ dhcpv6_renew(struct data_string *reply,
struct data_string client_id;
struct data_string server_id;
+ TRACE(DHCPD_6_RENEW_START());
+
/*
* Validate the request.
*/
@@ -4584,6 +4599,8 @@ dhcpv6_renew(struct data_string *reply,
*/
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
+
+ TRACE(DHCPD_6_RENEW_DONE());
}
/*
@@ -4597,6 +4614,8 @@ static void
dhcpv6_rebind(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
+ TRACE(DHCPD_6_REBIND_START());
+
if (!valid_client_msg(packet, &client_id)) {
return;
}
@@ -4604,6 +4623,8 @@ dhcpv6_rebind(struct data_string *reply,
lease_to_client(reply, packet, &client_id, NULL);
data_string_forget(&client_id, MDL);
+
+ TRACE(DHCPD_6_REBIND_DONE());
}
static void
@@ -5048,6 +5069,8 @@ dhcpv6_decline(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
+ TRACE(DHCPD_6_DECLINE_START());
+
/*
* Validate our input.
*/
@@ -5068,6 +5091,8 @@ dhcpv6_decline(struct data_string *reply
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
+
+ TRACE(DHCPD_6_DECLINE_DONE());
}
static void
@@ -5516,6 +5541,8 @@ dhcpv6_release(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
+ TRACE(DHCPD_6_RELEASE_START());
+
/*
* Validate our input.
*/
@@ -5537,6 +5564,8 @@ dhcpv6_release(struct data_string *reply
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
+
+ TRACE(DHCPD_6_RELEASE_DONE());
}
/*
@@ -5549,6 +5578,8 @@ dhcpv6_information_request(struct data_s
struct data_string client_id;
struct data_string server_id;
+ TRACE(DHCPD_6_INFORMATION_REQUEST_START());
+
/*
* Validate our input.
*/
@@ -5580,6 +5611,8 @@ dhcpv6_information_request(struct data_s
data_string_forget(&client_id, MDL);
}
data_string_forget(&server_id, MDL);
+
+ TRACE(DHCPD_6_INFORMATION_REQUEST_DONE());
}
/*
@@ -5608,6 +5641,8 @@ dhcpv6_relay_forw(struct data_string *re
struct dhcpv6_relay_packet *reply;
int reply_ofs;
+ TRACE(DHCPD_6_RELAY_FORW_START());
+
/*
* Initialize variables for early exit.
*/
@@ -5867,6 +5902,8 @@ exit:
if (enc_packet != NULL) {
packet_dereference(&enc_packet, MDL);
}
+
+ TRACE(DHCPD_6_RELAY_FORW_DONE());
}
static void
diff -up dhcp-4.2.5b1/server/failover.c.systemtap dhcp-4.2.5b1/server/failover.c
--- dhcp-4.2.5b1/server/failover.c.systemtap 2012-12-05 02:17:39.000000000 +0100
+++ dhcp-4.2.5b1/server/failover.c 2012-12-17 16:56:40.603880790 +0100
@@ -36,6 +36,8 @@
#include "dhcpd.h"
#include <omapip/omapip_p.h>
+#include "trace.h"
+
#if defined (FAILOVER_PROTOCOL)
dhcp_failover_state_t *failover_states;
static isc_result_t do_a_failover_option (omapi_object_t *,
@@ -1712,6 +1714,8 @@ isc_result_t dhcp_failover_set_state (dh
struct lease *l;
struct timeval tv;
+ TRACE(DHCPD_FAILOVER_SET_STATE_START(state->me.state, new_state));
+
/* If we're in certain states where we're sending updates, and the peer
* state changes, we need to re-schedule any pending updates just to
* be on the safe side. This results in retransmission.
@@ -1939,6 +1943,8 @@ isc_result_t dhcp_failover_set_state (dh
break;
}
+ TRACE(DHCPD_FAILOVER_SET_STATE_DONE());
+
return ISC_R_SUCCESS;
}
@@ -2422,6 +2428,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
if (state -> me.state != normal)
return 0;
+ TRACE(DHCPD_FAILOVER_POOL_DOBALANCE_START());
+
state->last_balance = cur_time;
for (s = shared_networks ; s ; s = s->next) {
@@ -2582,6 +2590,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
if (leases_queued)
commit_leases();
+ TRACE(DHCPD_FAILOVER_POOL_DOBALANCE_DONE());
+
return leases_queued;
}
diff -up dhcp-4.2.5b1/server/Makefile.am.systemtap dhcp-4.2.5b1/server/Makefile.am
--- dhcp-4.2.5b1/server/Makefile.am.systemtap 2012-12-17 16:56:40.563881316 +0100
+++ dhcp-4.2.5b1/server/Makefile.am 2012-12-17 16:56:40.603880790 +0100
@@ -10,7 +10,7 @@ dist_sysconf_DATA = dhcpd.conf.example
sbin_PROGRAMS = dhcpd
dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c \
- dhcpv6.c mdb6.c ldap.c ldap_casa.c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c probes.d trace.h
dhcpd_CFLAGS = $(LDAP_CFLAGS)
dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
@@ -19,3 +19,13 @@ dhcpd_LDADD = ../common/libdhcp.a ../oma
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
+if ENABLE_SYSTEMTAP
+BUILT_SOURCES = probes.h
+probes.h: probes.d
+ $(DTRACE) -C -h -s $< -o $@
+
+probes.o: probes.d
+ $(DTRACE) -C -G -s $< -o $@
+
+dhcpd_LDADD += probes.o
+endif
diff -up dhcp-4.2.5b1/server/probes.d.systemtap dhcp-4.2.5b1/server/probes.d
--- dhcp-4.2.5b1/server/probes.d.systemtap 2012-12-17 16:56:40.603880790 +0100
+++ dhcp-4.2.5b1/server/probes.d 2012-12-17 16:56:40.603880790 +0100
@@ -0,0 +1,43 @@
+provider dhcpd {
+ probe main();
+ probe discover_start()
+ probe discover_done()
+ probe request_start()
+ probe request_done()
+ probe release_start()
+ probe release_done()
+ probe decline_start()
+ probe decline_done()
+ probe inform_start()
+ probe inform_done()
+ probe nak_lease_start()
+ probe nak_lease_done()
+ probe ack_lease_start()
+ probe ack_lease_done()
+ probe reply_start()
+ probe reply_done()
+ probe find_lease_start()
+ probe find_lease_done()
+ probe 6_solicit_start()
+ probe 6_solicit_done()
+ probe 6_request_start()
+ probe 6_request_done()
+ probe 6_confirm_start()
+ probe 6_confirm_done()
+ probe 6_renew_start()
+ probe 6_renew_done()
+ probe 6_rebind_start()
+ probe 6_rebind_done()
+ probe 6_decline_start()
+ probe 6_decline_done()
+ probe 6_release_start()
+ probe 6_release_done()
+ probe 6_information_request_start()
+ probe 6_information_request_done()
+ probe 6_relay_forw_start()
+ probe 6_relay_forw_done()
+ probe failover_pool_dobalance_start()
+ probe failover_pool_dobalance_done()
+ probe failover_set_state_start(int, int) /* state, new_state */
+ probe failover_set_state_done()
+};
diff -up dhcp-4.2.5b1/server/tests/Makefile.am.systemtap dhcp-4.2.5b1/server/tests/Makefile.am
--- dhcp-4.2.5b1/server/tests/Makefile.am.systemtap 2012-12-17 16:56:40.564881302 +0100
+++ dhcp-4.2.5b1/server/tests/Makefile.am 2012-12-17 16:56:57.505650518 +0100
@@ -20,6 +20,10 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
$(top_builddir)/dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export
+if ENABLE_SYSTEMTAP
+DHCPLIBS += ../probes.o
+endif
+
ATF_TESTS =
TESTS =
if HAVE_ATF
diff -up dhcp-4.2.5b1/server/trace.h.systemtap dhcp-4.2.5b1/server/trace.h
--- dhcp-4.2.5b1/server/trace.h.systemtap 2012-12-17 16:56:40.604880777 +0100
+++ dhcp-4.2.5b1/server/trace.h 2012-12-17 16:56:40.604880777 +0100
@@ -0,0 +1,11 @@
+// trace.h
+
+#include "config.h"
+#ifdef HAVE_SYSTEMTAP
+// include the generated probes header and put markers in code
+#include "probes.h"
+#define TRACE(probe) probe
+#else
+// Wrap the probe to allow it to be removed when no systemtap available
+#define TRACE(probe)
+#endif
diff -up dhcp-4.2.5b1/tapset/dhcpd.stp.systemtap dhcp-4.2.5b1/tapset/dhcpd.stp
--- dhcp-4.2.5b1/tapset/dhcpd.stp.systemtap 2012-12-17 16:56:40.604880777 +0100
+++ dhcp-4.2.5b1/tapset/dhcpd.stp 2012-12-17 16:56:40.604880777 +0100
@@ -0,0 +1,212 @@
+/* dhcpd tapset
+ Copyright (C) 2011, Red Hat Inc.
+ */
+
+probe dhcpd_main = process("dhcpd").mark("main")
+{
+ probestr = sprintf("%s(locals: %s)", $$name, $$locals);
+
+}
+
+probe dhcpd_discover_start = process("dhcpd").mark("discover_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_discover_done = process("dhcpd").mark("discover_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_request_start = process("dhcpd").mark("request_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_request_done = process("dhcpd").mark("request_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_release_start = process("dhcpd").mark("release_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_release_done = process("dhcpd").mark("release_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_decline_start = process("dhcpd").mark("decline_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_decline_done = process("dhcpd").mark("decline_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_inform_start = process("dhcpd").mark("inform_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_inform_done = process("dhcpd").mark("inform_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_nak_lease_start = process("dhcpd").mark("nak_lease_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_nak_lease_done = process("dhcpd").mark("nak_lease_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_ack_lease_start = process("dhcpd").mark("ack_lease_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_ack_lease_done = process("dhcpd").mark("ack_lease_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_reply_start = process("dhcpd").mark("reply_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_reply_done = process("dhcpd").mark("reply_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_find_lease_start = process("dhcpd").mark("find_lease_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_find_lease_done = process("dhcpd").mark("find_lease_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_solicit_start = process("dhcpd").mark("6_solicit_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_solicit_done = process("dhcpd").mark("6_solicit_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_request_start = process("dhcpd").mark("6_request_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_request_done = process("dhcpd").mark("6_request_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_confirm_start = process("dhcpd").mark("6_confirm_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_confirm_done = process("dhcpd").mark("6_confirm_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_renew_start = process("dhcpd").mark("6_renew_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_renew_done = process("dhcpd").mark("6_renew_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_rebind_start = process("dhcpd").mark("6_rebind_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_rebind_done = process("dhcpd").mark("6_rebind_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_decline_start = process("dhcpd").mark("6_decline_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_decline_done = process("dhcpd").mark("6_decline_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_release_start = process("dhcpd").mark("6_release_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_release_done = process("dhcpd").mark("6_release_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_information_request_start = process("dhcpd").mark("6_information_request_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_information_request_done = process("dhcpd").mark("6_information_request_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_relay_forw_start = process("dhcpd").mark("6_relay_forw_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_6_relay_forw_done = process("dhcpd").mark("6_relay_forw_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_failover_pool_dobalance_start = process("dhcpd").mark("failover_pool_dobalance_start")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+probe dhcpd_failover_pool_dobalance_done = process("dhcpd").mark("failover_pool_dobalance_done")
+{
+ probestr = sprintf("%s", $$name);
+}
+
+
+probe dhcpd_failover_set_state_start = process("dhcpd").mark("failover_set_state_start")
+{
+ state = $arg1;
+ new_state = $arg2;
+ probestr = sprintf("%s(state=%d, new_state=%d)", $$name, state, new_state);
+}
+
+probe dhcpd_failover_set_state_done = process("dhcpd").mark("failover_set_state_done")
+{
+ probestr = sprintf("%s", $$name);
+}
diff -up dhcp-4.2.5b1/tapset/Makefile.am.systemtap dhcp-4.2.5b1/tapset/Makefile.am
--- dhcp-4.2.5b1/tapset/Makefile.am.systemtap 2012-12-17 16:56:40.604880777 +0100
+++ dhcp-4.2.5b1/tapset/Makefile.am 2012-12-17 16:56:40.604880777 +0100
@@ -0,0 +1,26 @@
+# Makefile.am for dhcp/tapset
+# Jiri Popelka
+
+.PHONY: clean-local install-data-hook uninstall-local
+
+#
+EXTRA_DIST = dhcpd.stp
+TAPSET_FILES = $(EXTRA_DIST)
+TAPSET_INSTALL_DIR = $(DESTDIR)@ABS_TAPSET_DIR@
+
+if ENABLE_SYSTEMTAP
+all-local: $(TAPSET_FILES)
+
+clean-local:
+
+install-data-hook:
+ $(MKDIR_P) $(TAPSET_INSTALL_DIR)
+ $(INSTALL_DATA) $(TAPSET_FILES) $(TAPSET_INSTALL_DIR)
+
+uninstall-local:
+ @list='$(TAPSET_FILES)'; for p in $$list; do \
+ echo " rm -f '$(TAPSET_INSTALL_DIR)/$$p'"; \
+ rm -f "$(TAPSET_INSTALL_DIR)/$$p"; \
+ done
+endif
+

23
SOURCES/dhcp-4.2.5b1-atf-pkgconfig.patch Normal file
View File

@ -0,0 +1,23 @@
diff -up dhcp-4.2.5b1/configure.ac.pkgconfig dhcp-4.2.5b1/configure.ac
--- dhcp-4.2.5b1/configure.ac.pkgconfig 2012-12-05 02:18:44.000000000 +0100
+++ dhcp-4.2.5b1/configure.ac 2012-12-17 15:45:33.769128387 +0100
@@ -194,6 +194,9 @@ if test "$atf_path" != "no" ; then
if test -f $atf_path/lib/pkgconfig/atf-c.pc ; then
atf_pcp=$atf_path/lib/pkgconfig
fi
+ if test -f $atf_path/lib64/pkgconfig/atf-c.pc ; then
+ atf_pcp=$atf_path/lib64/pkgconfig
+ fi
else
# Not specified, try some common paths
atf_dirs="/usr /usr/local /usr/pkg /opt /opt/local"
@@ -202,6 +205,9 @@ if test "$atf_path" != "no" ; then
if test -f $d/lib/pkgconfig/atf-c.pc ; then
atf_pcp=$d/lib/pkgconfig
fi
+ if test -f $d/lib64/pkgconfig/atf-c.pc ; then
+ atf_pcp=$d/lib64/pkgconfig
+ fi
done
fi
if test "$atf_pcp" = "" ; then

165
SOURCES/dhcp-IPoIB-log-id.patch Normal file
View File

@ -0,0 +1,165 @@
diff -up dhcp-4.2.5/server/dhcp.c.IPoIB-log-id dhcp-4.2.5/server/dhcp.c
--- dhcp-4.2.5/server/dhcp.c.IPoIB-log-id 2014-09-08 14:50:39.000000000 +0200
+++ dhcp-4.2.5/server/dhcp.c 2014-09-08 15:06:28.367697349 +0200
@@ -80,6 +80,42 @@ const int dhcp_type_name_max = ((sizeof
# define send_packet trace_packet_send
#endif
+char *print_client_identifier_from_packet (packet)
+ struct packet *packet;
+{
+ struct option_cache *oc;
+ struct data_string client_identifier;
+ char *ci;
+
+ memset (&client_identifier, 0, sizeof client_identifier);
+
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_DHCP_CLIENT_IDENTIFIER);
+ if (oc &&
+ evaluate_option_cache (&client_identifier,
+ packet, (struct lease *)0,
+ (struct client_state *)0,
+ packet -> options,
+ (struct option_state *)0,
+ &global_scope, oc, MDL)) {
+ ci = print_hw_addr (HTYPE_INFINIBAND, client_identifier.len, client_identifier.data);
+ data_string_forget (&client_identifier, MDL);
+ return ci;
+ } else
+ return "\"no client id\"";
+}
+
+char *print_hw_addr_or_client_id (packet)
+ struct packet *packet;
+{
+ if (packet -> raw -> htype == HTYPE_INFINIBAND)
+ return print_client_identifier_from_packet (packet);
+ else
+ return print_hw_addr (packet -> raw -> htype,
+ packet -> raw -> hlen,
+ packet -> raw -> chaddr);
+}
+
void
dhcp (struct packet *packet) {
int ms_nulltp = 0;
@@ -108,9 +144,7 @@ dhcp (struct packet *packet) {
log_info("%s from %s via %s: %s", s,
(packet->raw->htype
- ? print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr)
+ ? print_hw_addr_or_client_id (packet)
: "<no identifier>"),
packet->raw->giaddr.s_addr
? inet_ntoa(packet->raw->giaddr)
@@ -294,9 +328,7 @@ void dhcpdiscover (packet, ms_nulltp)
*/
snprintf (msgbuf, sizeof msgbuf, "DHCPDISCOVER from %s %s%s%svia %s",
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id (packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -490,9 +522,7 @@ void dhcprequest (packet, ms_nulltp, ip_
"DHCPREQUEST for %s%s from %s %s%s%svia %s",
piaddr (cip), smbuf,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id (packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -735,9 +765,7 @@ void dhcprelease (packet, ms_nulltp)
if ((oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS))) {
log_info ("DHCPRELEASE from %s specified requested-address.",
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr));
+ print_hw_addr_or_client_id (packet));
}
oc = lookup_option (&dhcp_universe, packet -> options,
@@ -811,9 +839,7 @@ void dhcprelease (packet, ms_nulltp)
"DHCPRELEASE of %s from %s %s%s%svia %s (%sfound)",
cstr,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id (packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -906,9 +932,7 @@ void dhcpdecline (packet, ms_nulltp)
"DHCPDECLINE of %s from %s %s%s%svia %s",
piaddr (cip),
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -1348,8 +1372,7 @@ void dhcpinform (packet, ms_nulltp)
/* Report what we're sending. */
snprintf(msgbuf, sizeof msgbuf, "DHCPACK to %s (%s) via", piaddr(cip),
(packet->raw->htype && packet->raw->hlen) ?
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr) :
+ print_hw_addr_or_client_id(packet) :
"<no client hardware address>");
log_info("%s %s", msgbuf, gip.len ? piaddr(gip) :
packet->interface->name);
@@ -1493,9 +1516,7 @@ void nak_lease (packet, cip)
/* Report what we're sending... */
log_info ("DHCPNAK on %s to %s via %s",
piaddr (*cip),
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr),
+ print_hw_addr_or_client_id (packet),
packet -> raw -> giaddr.s_addr
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
@@ -3214,7 +3235,7 @@ void dhcp_reply (lease)
? (state -> offer == DHCPACK ? "DHCPACK" : "DHCPOFFER")
: "BOOTREPLY"),
piaddr (lease -> ip_addr),
- (lease -> hardware_addr.hlen
+ (lease -> hardware_addr.hlen > 1
? print_hw_addr (lease -> hardware_addr.hbuf [0],
lease -> hardware_addr.hlen - 1,
&lease -> hardware_addr.hbuf [1])
@@ -3772,10 +3793,7 @@ int find_lease (struct lease **lp,
if (uid_lease) {
if (uid_lease->binding_state == FTS_ACTIVE) {
log_error ("client %s has duplicate%s on %s",
- (print_hw_addr
- (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)),
+ (print_hw_addr_or_client_id(packet)),
" leases",
(ip_lease -> subnet ->
shared_network -> name));
@@ -3942,9 +3960,7 @@ int find_lease (struct lease **lp,
log_error("uid lease %s for client %s is duplicate "
"on %s",
piaddr(uid_lease->ip_addr),
- print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr),
+ print_hw_addr_or_client_id(packet),
uid_lease->subnet->shared_network->name);
if (!packet -> raw -> ciaddr.s_addr &&

147
SOURCES/dhcp-addignore.patch Normal file
View File

@ -0,0 +1,147 @@
diff -Naur ./common/conflex.c ../dhcp-4.2.5/common/conflex.c
--- ./common/conflex.c 2016-02-11 13:03:38.892135723 +0100
+++ ../dhcp-4.2.5/common/conflex.c 2016-02-11 13:05:18.447135723 +0100
@@ -1067,6 +1067,8 @@
return IF;
if (!strcasecmp (atom + 1, "s"))
return IS;
+ if (!strcasecmp (atom + 1, "gnore-client-uids"))
+ return IGNORE_CLIENT_UIDS;
if (!strcasecmp (atom + 1, "gnore"))
return IGNORE;
break;
diff -Naur ./includes/dhcpd.h ../dhcp-4.2.5/includes/dhcpd.h
--- ./includes/dhcpd.h 2016-02-11 13:03:38.903135723 +0100
+++ ../dhcp-4.2.5/includes/dhcpd.h 2016-02-11 13:12:20.398135723 +0100
@@ -766,6 +766,8 @@
#endif
#endif
+#define SV_IGNORE_CLIENT_UIDS 78
+
#if !defined (DEFAULT_DEFAULT_LEASE_TIME)
# define DEFAULT_DEFAULT_LEASE_TIME 43200
#endif
diff -Naur ./includes/dhctoken.h ../dhcp-4.2.5/includes/dhctoken.h
--- ./includes/dhctoken.h 2016-02-11 13:03:38.901135723 +0100
+++ ../dhcp-4.2.5/includes/dhctoken.h 2016-02-11 13:13:09.958135723 +0100
@@ -366,7 +366,8 @@
SECONDARY6 = 667,
TOKEN_INFINIBAND = 668,
BOOTP_BROADCAST_ALWAYS = 669,
- DESTINATION_DESCRIPTOR = 670
+ DESTINATION_DESCRIPTOR = 670,
+ IGNORE_CLIENT_UIDS = 671
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
diff -Naur ./server/confpars.c ../dhcp-4.2.5/server/confpars.c
--- ./server/confpars.c 2016-02-11 13:03:38.915135723 +0100
+++ ../dhcp-4.2.5/server/confpars.c 2016-02-11 13:15:48.269135723 +0100
@@ -332,6 +332,7 @@
| ONE_LEASE_PER_CLIENT boolean
| GET_LEASE_HOSTNAMES boolean
| USE_HOST_DECL_NAME boolean
+ | IGNORE_CLIENT_UIDS boolean
| NEXT_SERVER ip-addr-or-hostname SEMI
| option_parameter
| SERVER-IDENTIFIER ip-addr-or-hostname SEMI
@@ -4125,6 +4126,10 @@
code = SV_LEASEQUERY;
break;
+ case IGNORE_CLIENT_UIDS:
+ code = SV_IGNORE_CLIENT_UIDS;
+ break;
+
default:
parse_warn (cfile, "expecting allow/deny key");
skip_to_semi (cfile);
@@ -4138,7 +4143,6 @@
status = option_cache(oc, NULL, data, option, MDL);
expression_dereference (&data, MDL);
parse_semi (cfile);
- return status;
}
void
diff -Naur ./server/dhcp.c ../dhcp-4.2.5/server/dhcp.c
--- ./server/dhcp.c 2016-02-11 13:03:38.916135723 +0100
+++ ../dhcp-4.2.5/server/dhcp.c 2016-02-11 13:24:06.173135723 +0100
@@ -2393,34 +2393,39 @@
/* Update Client Last Transaction Time. */
lt->cltt = cur_time;
- /* Record the uid, if given... */
- oc = lookup_option (&dhcp_universe, packet -> options,
- DHO_DHCP_CLIENT_IDENTIFIER);
- if (!oc)
+ /* See if we want to record the uid for this client */
+ oc = lookup_option(&server_universe, state->options,
+ SV_IGNORE_CLIENT_UIDS);
+ if ((oc == NULL) ||
+ !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
+ packet->options, state->options,
+ &lease->scope, oc, MDL)) {
+
+ /* Record the uid, if given... */
oc = lookup_option (&dhcp_universe, packet -> options,
- DHO_PXE_CLIENT_ID);
- if (oc &&
- evaluate_option_cache (&d1, packet, lease,
- (struct client_state *)0,
- packet -> options, state -> options,
- &lease -> scope, oc, MDL)) {
- if (d1.len <= sizeof lt -> uid_buf) {
- memcpy (lt -> uid_buf, d1.data, d1.len);
- lt -> uid = lt -> uid_buf;
- lt -> uid_max = sizeof lt -> uid_buf;
- lt -> uid_len = d1.len;
- } else {
- unsigned char *tuid;
- lt -> uid_max = d1.len;
- lt -> uid_len = d1.len;
- tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
- /* XXX inelegant */
- if (!tuid)
- log_fatal ("no memory for large uid.");
- memcpy (tuid, d1.data, lt -> uid_len);
- lt -> uid = tuid;
+ DHO_DHCP_CLIENT_IDENTIFIER);
+ if (oc &&
+ evaluate_option_cache(&d1, packet, lease, NULL,
+ packet->options, state->options,
+ &lease->scope, oc, MDL)) {
+ if (d1.len <= sizeof(lt->uid_buf)) {
+ memcpy(lt->uid_buf, d1.data, d1.len);
+ lt->uid = lt->uid_buf;
+ lt->uid_max = sizeof(lt->uid_buf);
+ lt->uid_len = d1.len;
+ } else {
+ unsigned char *tuid;
+ lt->uid_max = d1.len;
+ lt->uid_len = d1.len;
+ tuid = (unsigned char *)dmalloc(lt->uid_max, MDL);
+ /* XXX inelegant */
+ if (!tuid)
+ log_fatal ("no memory for large uid.");
+ memcpy(tuid, d1.data, lt->uid_len);
+ lt->uid = tuid;
+ }
+ data_string_forget (&d1, MDL);
}
- data_string_forget (&d1, MDL);
}
if (host) {
diff -Naur ./server/stables.c ../dhcp-4.2.5/server/stables.c
--- ./server/stables.c 2016-02-11 13:03:38.909135723 +0100
+++ ../dhcp-4.2.5/server/stables.c 2016-02-11 13:25:00.081135723 +0100
@@ -266,6 +266,7 @@
{ "ldap-tls-randfile", "t", &server_universe, 77, 1 },
#endif /* LDAP_USE_SSL */
#endif /* LDAP_CONFIGURATION */
+ { "ignore-client-uids", "f", &server_universe, 78, 1 },
{ NULL, NULL, NULL, 0, 0 }
};

61
SOURCES/dhcp-client-request-release-bind-iface.patch Normal file
View File

@ -0,0 +1,61 @@
diff -up dhcp-4.2.5/client/dhclient.c.bind-iface dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.bind-iface 2015-02-03 12:24:08.076213363 +0100
+++ dhcp-4.2.5/client/dhclient.c 2015-02-03 12:25:02.399168410 +0100
@@ -2670,6 +2670,14 @@ void send_request (cpp)
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -2679,6 +2687,13 @@ void send_request (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
}
else {
/* Send out a packet. */
@@ -2758,6 +2773,14 @@ void send_release (cpp)
ntohs (destination.sin_port), client -> xid);
if (fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -2767,6 +2790,13 @@ void send_release (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
} else {
/* Send out a packet. */
result = send_packet(client->interface, NULL, &client->packet,

37
SOURCES/dhcp-dhc6-life.patch Normal file
View File

@ -0,0 +1,37 @@
From 4d5514f9579197a4200a52332a9047da1424b3ee Mon Sep 17 00:00:00 2001
From: Jiri Popelka <jpopelka@redhat.com>
Date: Thu, 4 Sep 2014 16:03:38 +0200
Subject: [PATCH] [dhclient -6] fix lease time exporting

addr->preferred_life and addr->max_life are u_int32_t
so casting them to (int) causes problems with big values,
for example with 'infinity' (0xffffffff), which is
then represented as '-1' in dhclient-script.

Signed-off-by: Jiri Popelka <jpopelka@redhat.com>
---
client/dhc6.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/client/dhc6.c b/client/dhc6.c
index c724b58..04a8fa0 100644
--- a/client/dhc6.c
+++ b/client/dhc6.c
@@ -3862,10 +3862,10 @@ dhc6_marshall_values(const char *prefix, struct client_state *client,
}
client_envadd(client, prefix, "life_starts", "%d",
(int)(addr->starts));
- client_envadd(client, prefix, "preferred_life", "%d",
- (int)(addr->preferred_life));
- client_envadd(client, prefix, "max_life", "%d",
- (int)(addr->max_life));
+ client_envadd(client, prefix, "preferred_life", "%u",
+ addr->preferred_life);
+ client_envadd(client, prefix, "max_life", "%u",
+ addr->max_life);
}
/* ia fields. */
--
2.1.0

69
SOURCES/dhcp-dns_client_cancelupdate.patch Normal file
View File

@ -0,0 +1,69 @@
diff -up dhcp-4.2.5/client/dhclient.c.dns_client_cancelupdate dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.dns_client_cancelupdate 2015-06-25 14:31:27.309035906 +0200
+++ dhcp-4.2.5/client/dhclient.c 2015-06-25 14:34:26.477642016 +0200
@@ -121,6 +121,8 @@ static int check_option_values(struct un
const char *ptr, size_t len);
static void setup_ib_interface(struct interface_info *ip);
+static void dhclient_ddns_cb_free(dhcp_ddns_cb_t *ddns_cb,
+ char* file, int line);
int
main(int argc, char **argv) {
@@ -4306,7 +4308,7 @@ client_dns_remove_action(dhcp_ddns_cb_t
}
/* If we are done or have an error clean up */
- ddns_cb_free(ddns_cb, MDL);
+ dhclient_ddns_cb_free(ddns_cb, MDL);
return;
}
@@ -4335,7 +4337,7 @@ client_dns_remove(struct client_state *c
result = client_dns_update(client, ddns_cb);
if (result != ISC_R_TIMEDOUT) {
- ddns_cb_free(ddns_cb, MDL);
+ dhclient_ddns_cb_free(ddns_cb, MDL);
}
}
}
@@ -4418,10 +4420,7 @@ client_dns_update_timeout (void *cp)
* the control block and should free it.
*/
if (status != ISC_R_TIMEDOUT) {
- if (client != NULL) {
- client->ddns_cb = NULL;
- }
- ddns_cb_free(ddns_cb, MDL);
+ dhclient_ddns_cb_free(ddns_cb, MDL);
}
}
@@ -4510,7 +4509,7 @@ client_dns_update_action(dhcp_ddns_cb_t
return;
}
- ddns_cb_free(ddns_cb, MDL);
+ dhclient_ddns_cb_free(ddns_cb, MDL);
return;
}
@@ -4873,3 +4872,17 @@ add_reject(struct packet *packet) {
*/
log_info("Server added to list of rejected servers.");
}
+
+/* Wrapper function around common ddns_cb_free function that ensures
+ * we set the client_state pointer to the control block to NULL. */
+static void
+dhclient_ddns_cb_free(dhcp_ddns_cb_t *ddns_cb, char* file, int line) {
+ if (ddns_cb) {
+ struct client_state *client = (struct client_state *)ddns_cb->lease;
+ if (client != NULL) {
+ client->ddns_cb = NULL;
+ }
+
+ ddns_cb_free(ddns_cb, file, line);
+ }
+}

11
SOURCES/dhcp-ffff-checksum.patch Normal file
View File

@ -0,0 +1,11 @@
diff -up dhcp-4.2.5/common/packet.c.ffff dhcp-4.2.5/common/packet.c
--- dhcp-4.2.5/common/packet.c.ffff 2013-10-07 17:21:18.000000000 +0200
+++ dhcp-4.2.5/common/packet.c 2013-10-07 17:47:34.689600497 +0200
@@ -326,6 +326,7 @@ decode_udp_ip_header(struct interface_in
len = ulen - sizeof(udp);
usum = udp.uh_sum;
+ if (usum == 0xffff) usum = 0;
udp.uh_sum = 0;
/* XXX: We have to pass &udp, because we have to zero the checksum

117
SOURCES/dhcp-hop-limit.patch Normal file
View File

@ -0,0 +1,117 @@
From accb28721d061f2e06e927bdb1337317db3aa706 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Mon, 19 Jan 2015 13:40:25 -0500
Subject: [PATCH] [v4_2] Fixed inconsistencies in setting hop count limit in
dhcrelay

diff --git a/common/socket.c b/common/socket.c
index c170448..5467a35 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -300,18 +300,24 @@ if_register_socket(struct interface_info *info, int family,
#endif
}
- if ((family == AF_INET6) &&
- ((info->flags & INTERFACE_UPSTREAM) != 0)) {
- int hop_limit = 32;
- if (setsockopt(sock, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
- &hop_limit, sizeof(int)) < 0) {
- log_fatal("setsockopt: IPV6_MULTICAST_HOPS: %m");
- }
- }
#endif /* DHCPv6 */
return sock;
}
+
+#ifdef DHCPv6
+void set_multicast_hop_limit(struct interface_info* info, int hop_limit) {
+ if (setsockopt(info->wfdesc, IPPROTO_IPV6, IPV6_MULTICAST_HOPS,
+ &hop_limit, sizeof(int)) < 0) {
+ log_fatal("setMulticaseHopLimit: IPV6_MULTICAST_HOPS: %m");
+ }
+
+ log_debug("Setting hop count limit to %d for interface %s",
+ hop_limit, info->name);
+
+}
+#endif /* DHCPv6 */
+
#endif /* USE_SOCKET_SEND || USE_SOCKET_RECEIVE || USE_SOCKET_FALLBACK */
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_FALLBACK)
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 2b15430..bd11b48 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2386,6 +2386,8 @@ void get_hw_addr(const char *name, struct hardware *hw);
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_RECEIVE) \
|| defined (USE_SOCKET_FALLBACK)
int if_register_socket(struct interface_info *, int, int *, struct in6_addr *);
+
+void set_multicast_hop_limit(struct interface_info* info, int hop_limit);
#endif
#if defined (USE_SOCKET_FALLBACK) && !defined (USE_SOCKET_SEND)
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index 927e404..ad76d3e 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -1173,8 +1173,8 @@ parse_downstream(char *arg) {
/* Share with up side? */
for (up = upstreams; up; up = up->next) {
if (strcmp(ifname, up->ifp->name) == 0) {
- log_info("Interface '%s' is both down and up.",
- ifname);
+ log_info("parse_downstream: Interface '%s' is "
+ "both down and up.", ifname);
ifp = up->ifp;
break;
}
@@ -1192,8 +1192,8 @@ parse_downstream(char *arg) {
interface_dereference(&interfaces, MDL);
}
interface_reference(&interfaces, ifp, MDL);
- ifp->flags |= INTERFACE_REQUESTED | INTERFACE_DOWNSTREAM;
}
+ ifp->flags |= INTERFACE_REQUESTED | INTERFACE_DOWNSTREAM;
/* New downstream. */
dp = (struct stream_list *) dmalloc(sizeof(*dp), MDL);
@@ -1244,6 +1244,8 @@ parse_upstream(char *arg) {
}
for (dp = downstreams; dp; dp = dp->next) {
if (strcmp(ifname, dp->ifp->name) == 0) {
+ log_info("parse_upstream: Interface '%s' is "
+ "both down and up.", ifname);
ifp = dp->ifp;
break;
}
@@ -1261,8 +1263,8 @@ parse_upstream(char *arg) {
interface_dereference(&interfaces, MDL);
}
interface_reference(&interfaces, ifp, MDL);
- ifp->flags |= INTERFACE_REQUESTED | INTERFACE_UPSTREAM;
}
+ ifp->flags |= INTERFACE_REQUESTED | INTERFACE_UPSTREAM;
/* New upstream. */
up = (struct stream_list *) dmalloc(sizeof(*up), MDL);
@@ -1330,6 +1332,13 @@ setup_streams(void) {
if (up->ifp->v6address_count == 0)
log_fatal("Interface '%s' has no IPv6 addresses.",
up->ifp->name);
+
+ /* RFC 3315 Sec 20 - "If the relay agent relays messages to
+ * the All_DHCP_Servers address or other multicast addresses,
+ * it sets the Hop Limit field to 32." */
+ if (IN6_IS_ADDR_MULTICAST(&up->link.sin6_addr)) {
+ set_multicast_hop_limit(up->ifp, HOP_COUNT_LIMIT);
+ }
}
}
--
2.1.0

30
SOURCES/dhcp-max-fd-value.patch Normal file
View File

@ -0,0 +1,30 @@
diff -up dhcp-4.2.5/includes/site.h.max-fd dhcp-4.2.5/includes/site.h
--- dhcp-4.2.5/includes/site.h.max-fd 2016-04-21 15:15:14.618846830 +0200
+++ dhcp-4.2.5/includes/site.h 2016-04-21 15:17:06.529731652 +0200
@@ -275,3 +275,9 @@
Care should be taken before enabling this option. */
/* #define SERVER_ID_CHECK */
+
+/* Limit the value of a file descriptor the serve will use
+ when accepting a connecting request. This can be used to
+ limit the number of TCP connections that the server will
+ allow at one time. A value of 0 means there is no limit.*/
+#define MAX_FD_VALUE 200
diff -up dhcp-4.2.5/omapip/listener.c.max-fd dhcp-4.2.5/omapip/listener.c
--- dhcp-4.2.5/omapip/listener.c.max-fd 2013-01-03 01:02:24.000000000 +0100
+++ dhcp-4.2.5/omapip/listener.c 2016-04-21 15:15:14.618846830 +0200
@@ -239,7 +239,12 @@ isc_result_t omapi_accept (omapi_object_
return ISC_R_NORESOURCES;
return ISC_R_UNEXPECTED;
}
-
+
+ if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) {
+ close(socket);
+ return (ISC_R_NORESOURCES);
+ }
+
#if defined (TRACING)
/* If we're recording a trace, remember the connection. */
if (trace_record ()) {

323
SOURCES/dhcp-multiple-6-clients.patch Normal file
View File

@ -0,0 +1,323 @@
From 4b8251a0c06b7d8706a28904fdef2414f045cc2c Mon Sep 17 00:00:00 2001
From: Shawn Routhier <sar@isc.org>
Date: Mon, 21 Oct 2013 14:59:41 -0700
Subject: [PATCH] -n [master] Fix the socket handling for DHCPv6 clients to
allow multiple instances of a clinet on a single machine to work properly.
[ISC-Bugs #34784]

---
common/discover.c | 19 ++++-----
common/socket.c | 114 +++++++++++++++++++++++++++++++++++++++++++++---------
includes/dhcpd.h | 6 +--
4 files changed, 112 insertions(+), 33 deletions(-)

diff --git a/common/discover.c b/common/discover.c
index 1d55317..30da566 100644
--- a/common/discover.c
+++ b/common/discover.c
@@ -58,10 +58,6 @@ struct in_addr limited_broadcast;
int local_family = AF_INET;
struct in_addr local_address;
-#ifdef DHCPv6
-struct in6_addr local_address6;
-#endif /* DHCPv6 */
-
void (*bootp_packet_handler) (struct interface_info *,
struct dhcp_packet *, unsigned,
unsigned int,
@@ -1242,7 +1238,7 @@ discover_interfaces(int state) {
(state == DISCOVER_RELAY)) {
if_register6(tmp, 1);
} else {
- if_register6(tmp, 0);
+ if_register_linklocal6(tmp);
}
#endif /* DHCPv6 */
}
@@ -1298,13 +1294,14 @@ discover_interfaces(int state) {
tmp -> name, isc_result_totext (status));
#if defined(DHCPv6)
- /* Only register the first interface for V6, since they all
- * use the same socket. XXX: This has some messy side
- * effects if we start dynamically adding and removing
- * interfaces, but we're well beyond that point in terms of
- * mess.
+ /* Only register the first interface for V6, since
+ * servers and relays all use the same socket.
+ * XXX: This has some messy side effects if we start
+ * dynamically adding and removing interfaces, but
+ * we're well beyond that point in terms of mess.
*/
- if (local_family == AF_INET6)
+ if (((state == DISCOVER_SERVER) || (state == DISCOVER_RELAY)) &&
+ (local_family == AF_INET6))
break;
#endif
} /* for (tmp = interfaces; ... */
diff --git a/common/socket.c b/common/socket.c
index 8a9ebea..2bedd3a 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -67,6 +67,7 @@
* XXX: this is gross. we need to go back and overhaul the API for socket
* handling.
*/
+static int no_global_v6_socket = 0;
static unsigned int global_v6_socket_references = 0;
static int global_v6_socket = -1;
@@ -127,7 +128,7 @@ void if_reinitialize_receive (info)
/* Generic interface registration routine... */
int
if_register_socket(struct interface_info *info, int family,
- int *do_multicast)
+ int *do_multicast, struct in6_addr *linklocal6)
{
struct sockaddr_storage name;
int name_len;
@@ -161,10 +162,12 @@ if_register_socket(struct interface_info *info, int family,
addr6 = (struct sockaddr_in6 *)&name;
addr6->sin6_family = AF_INET6;
addr6->sin6_port = local_port;
- /* XXX: What will happen to multicasts if this is nonzero? */
- memcpy(&addr6->sin6_addr,
- &local_address6,
- sizeof(addr6->sin6_addr));
+ if (linklocal6) {
+ memcpy(&addr6->sin6_addr,
+ linklocal6,
+ sizeof(addr6->sin6_addr));
+ addr6->sin6_scope_id = if_nametoindex(info->name);
+ }
#ifdef HAVE_SA_LEN
addr6->sin6_len = sizeof(*addr6);
#endif
@@ -221,7 +224,7 @@ if_register_socket(struct interface_info *info, int family,
* daemons can bind to their own sockets and get data for their
* respective interfaces. This does not (and should not) affect
* DHCPv4 sockets; we can't yet support BSD sockets well, much
- * less multiple sockets.
+ * less multiple sockets. Make sense only with multicast.
*/
if (local_family == AF_INET6) {
flag = 1;
@@ -322,7 +325,7 @@ void if_register_send (info)
struct interface_info *info;
{
#ifndef USE_SOCKET_RECEIVE
- info->wfdesc = if_register_socket(info, AF_INET, 0);
+ info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
get_hw_addr(info);
@@ -368,7 +371,7 @@ void if_register_receive (info)
#if defined(IP_PKTINFO) && defined(IP_RECVPKTINFO) && defined(USE_V4_PKTINFO)
if (global_v4_socket_references == 0) {
- global_v4_socket = if_register_socket(info, AF_INET, 0);
+ global_v4_socket = if_register_socket(info, AF_INET, 0, NULL);
if (global_v4_socket < 0) {
/*
* if_register_socket() fatally logs if it fails to
@@ -384,7 +387,7 @@ void if_register_receive (info)
#else
/* If we're using the socket API for sending and receiving,
we don't need to register this interface twice. */
- info->rfdesc = if_register_socket(info, AF_INET, 0);
+ info->rfdesc = if_register_socket(info, AF_INET, 0, NULL);
#endif /* IP_PKTINFO... */
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
@@ -477,9 +480,13 @@ if_register6(struct interface_info *info, int do_multicast) {
/* Bounce do_multicast to a stack variable because we may change it. */
int req_multi = do_multicast;
+ if (no_global_v6_socket) {
+ log_fatal("Impossible condition at %s:%d", MDL);
+ }
+
if (global_v6_socket_references == 0) {
global_v6_socket = if_register_socket(info, AF_INET6,
- &req_multi);
+ &req_multi, NULL);
if (global_v6_socket < 0) {
/*
* if_register_socket() fatally logs if it fails to
@@ -515,12 +522,73 @@ if_register6(struct interface_info *info, int do_multicast) {
}
}
+/*
+ * Register an IPv6 socket bound to the link-local address of
+ * the argument interface (used by clients on a multiple interface box,
+ * vs. a server or a relay using the global IPv6 socket and running
+ * *only* in a single instance).
+ */
+void
+if_register_linklocal6(struct interface_info *info) {
+ int sock;
+ int count;
+ struct in6_addr *addr6 = NULL;
+ int req_multi = 0;
+
+ if (global_v6_socket >= 0) {
+ log_fatal("Impossible condition at %s:%d", MDL);
+ }
+
+ no_global_v6_socket = 1;
+
+ /* get the (?) link-local address */
+ for (count = 0; count < info->v6address_count; count++) {
+ addr6 = &info->v6addresses[count];
+ if (IN6_IS_ADDR_LINKLOCAL(addr6))
+ break;
+ }
+
+ if (!addr6) {
+ log_fatal("no link-local IPv6 address for %s", info->name);
+ }
+
+ sock = if_register_socket(info, AF_INET6, &req_multi, addr6);
+
+ if (sock < 0) {
+ log_fatal("if_register_socket for %s fails", info->name);
+ }
+
+ info->rfdesc = sock;
+ info->wfdesc = sock;
+
+ get_hw_addr(info);
+
+ if (!quiet_interface_discovery) {
+ if (info->shared_network != NULL) {
+ log_info("Listening on Socket/%d/%s/%s",
+ global_v6_socket, info->name,
+ info->shared_network->name);
+ log_info("Sending on Socket/%d/%s/%s",
+ global_v6_socket, info->name,
+ info->shared_network->name);
+ } else {
+ log_info("Listening on Socket/%s", info->name);
+ log_info("Sending on Socket/%s", info->name);
+ }
+ }
+}
+
void
if_deregister6(struct interface_info *info) {
- /* Dereference the global v6 socket. */
- if ((info->rfdesc == global_v6_socket) &&
- (info->wfdesc == global_v6_socket) &&
- (global_v6_socket_references > 0)) {
+ /* client case */
+ if (no_global_v6_socket) {
+ close(info->rfdesc);
+ info->rfdesc = -1;
+ info->wfdesc = -1;
+ } else if ((info->rfdesc == global_v6_socket) &&
+ (info->wfdesc == global_v6_socket) &&
+ (global_v6_socket_references > 0)) {
+ /* Dereference the global v6 socket. */
global_v6_socket_references--;
info->rfdesc = -1;
info->wfdesc = -1;
@@ -540,7 +608,8 @@ if_deregister6(struct interface_info *info) {
}
}
- if (global_v6_socket_references == 0) {
+ if (!no_global_v6_socket &&
+ (global_v6_socket_references == 0)) {
close(global_v6_socket);
global_v6_socket = -1;
@@ -692,9 +761,11 @@ ssize_t send_packet6(struct interface_info *interface,
struct sockaddr_in6 *to) {
struct msghdr m;
struct iovec v;
+ struct sockaddr_in6 dst;
int result;
struct in6_pktinfo *pktinfo;
struct cmsghdr *cmsg;
+ unsigned int ifindex;
/*
* If necessary allocate space for the control message header.
@@ -717,9 +788,14 @@ ssize_t send_packet6(struct interface_info *interface,
/*
* Set the target address we're sending to.
+ * Enforce the scope ID for bogus BSDs.
*/
- m.msg_name = to;
- m.msg_namelen = sizeof(*to);
+ memcpy(&dst, to, sizeof(dst));
+ m.msg_name = &dst;
+ m.msg_namelen = sizeof(dst);
+ ifindex = if_nametoindex(interface->name);
+ if (no_global_v6_socket)
+ dst.sin6_scope_id = ifindex;
/*
* Set the data buffer we're sending. (Using this wacky
@@ -748,7 +824,7 @@ ssize_t send_packet6(struct interface_info *interface,
cmsg->cmsg_len = CMSG_LEN(sizeof(*pktinfo));
pktinfo = (struct in6_pktinfo *)CMSG_DATA(cmsg);
memset(pktinfo, 0, sizeof(*pktinfo));
- pktinfo->ipi6_ifindex = if_nametoindex(interface->name);
+ pktinfo->ipi6_ifindex = ifindex;
m.msg_controllen = cmsg->cmsg_len;
result = sendmsg(interface->wfdesc, &m, 0);
@@ -1047,7 +1123,7 @@ void maybe_setup_fallback ()
isc_result_t status;
struct interface_info *fbi = (struct interface_info *)0;
if (setup_fallback (&fbi, MDL)) {
- fbi -> wfdesc = if_register_socket (fbi, AF_INET, 0);
+ fbi -> wfdesc = if_register_socket (fbi, AF_INET, 0, NULL);
fbi -> rfdesc = fbi -> wfdesc;
log_info ("Sending on Socket/%s%s%s",
fbi -> name,
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 73c632f..9e18818 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2414,7 +2414,7 @@ void get_hw_addr(const char *name, struct hardware *hw);
/* socket.c */
#if defined (USE_SOCKET_SEND) || defined (USE_SOCKET_RECEIVE) \
|| defined (USE_SOCKET_FALLBACK)
-int if_register_socket(struct interface_info *, int, int *);
+int if_register_socket(struct interface_info *, int, int *, struct in6_addr *);
#endif
#if defined (USE_SOCKET_FALLBACK) && !defined (USE_SOCKET_SEND)
@@ -2425,7 +2425,7 @@ ssize_t send_fallback (struct interface_info *,
struct in_addr,
struct sockaddr_in *, struct hardware *);
ssize_t send_fallback6(struct interface_info *, struct packet *,
- struct dhcp_packet *, size_t, struct in6_addr,
+ struct dhcp_packet *, size_t, struct in6_addr *,
struct sockaddr_in6 *, struct hardware *);
#endif
@@ -2461,6 +2461,7 @@ void maybe_setup_fallback (void);
#endif
void if_register6(struct interface_info *info, int do_multicast);
+void if_register_linklocal6(struct interface_info *info);
ssize_t receive_packet6(struct interface_info *interface,
unsigned char *buf, size_t len,
struct sockaddr_in6 *from, struct in6_addr *to_addr,
@@ -2606,7 +2607,6 @@ void interface_trace_setup (void);
extern struct in_addr limited_broadcast;
extern int local_family;
extern struct in_addr local_address;
-extern struct in6_addr local_address6;
extern u_int16_t local_port;
extern u_int16_t remote_port;
--
2.1.0

207
SOURCES/dhcp-option97-pxe-client-id.patch Normal file
View File

@ -0,0 +1,207 @@
diff -up dhcp-4.2.5/common/options.c.option97 dhcp-4.2.5/common/options.c
--- dhcp-4.2.5/common/options.c.option97 2015-05-20 16:44:34.958765179 +0200
+++ dhcp-4.2.5/common/options.c 2015-05-20 16:44:35.078763436 +0200
@@ -4222,13 +4222,26 @@ int validate_packet(struct packet *packe
"a future version of ISC DHCP will reject this");
}
} else {
- /*
- * If hlen is 0 we don't have any identifier, we warn the user
- * but continue processing the packet as we can.
- */
- if (packet->raw->hlen == 0) {
- log_debug("Received DHCPv4 packet without client-id"
- " option and empty hlen field.");
+ oc = lookup_option (&dhcp_universe, packet->options,
+ DHO_PXE_CLIENT_ID);
+ if (oc) {
+ /* Let's check if pxe-client-id is sane */
+ if ((oc->data.len < 2) ||
+ (oc->data.data[0] == '\0' &&
+ oc->data.len != 17)) {
+ log_debug("Dropped DHCPv4 packet with wrong "
+ "(len == %d) pxe-client-id", oc->data.len);
+ return (0);
+ }
+ } else {
+ /*
+ * If hlen is 0 we don't have any identifier, we warn the user
+ * but continue processing the packet as we can.
+ */
+ if (packet->raw->hlen == 0) {
+ log_debug("Received DHCPv4 packet without client-id"
+ " option and empty hlen field.");
+ }
}
}
diff -up dhcp-4.2.5/common/tables.c.option97 dhcp-4.2.5/common/tables.c
--- dhcp-4.2.5/common/tables.c.option97 2015-05-20 16:44:35.079763422 +0200
+++ dhcp-4.2.5/common/tables.c 2015-05-20 16:47:50.172931400 +0200
@@ -203,8 +203,9 @@ static struct option dhcp_options[] = {
/* Defined by RFC 4578 */
{ "pxe-system-type", "S", &dhcp_universe, 93, 1 },
{ "pxe-interface-id", "BBB", &dhcp_universe, 94, 1 },
- { "pxe-client-id", "BX", &dhcp_universe, 97, 1 },
#endif
+ { "pxe-client-id", "BX", &dhcp_universe, 97, 1 },
+
{ "uap-servers", "t", &dhcp_universe, 98, 1 },
{ "netinfo-server-address", "Ia", &dhcp_universe, 112, 1 },
{ "netinfo-server-tag", "t", &dhcp_universe, 113, 1 },
diff -up dhcp-4.2.5/includes/dhcp.h.option97 dhcp-4.2.5/includes/dhcp.h
--- dhcp-4.2.5/includes/dhcp.h.option97 2015-05-20 16:44:34.975764932 +0200
+++ dhcp-4.2.5/includes/dhcp.h 2015-05-20 16:44:35.079763422 +0200
@@ -163,6 +163,7 @@ struct dhcp_packet {
#define DHO_AUTHENTICATE 90 /* RFC3118, was 210 */
#define DHO_CLIENT_LAST_TRANSACTION_TIME 91
#define DHO_ASSOCIATED_IP 92
+#define DHO_PXE_CLIENT_ID 97 /* RFC4578 */
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
#define DHO_CLASSLESS_STATIC_ROUTES 121 /* RFC3442 */
diff -up dhcp-4.2.5/server/dhcp.c.option97 dhcp-4.2.5/server/dhcp.c
--- dhcp-4.2.5/server/dhcp.c.option97 2015-05-20 16:44:35.060763698 +0200
+++ dhcp-4.2.5/server/dhcp.c 2015-05-20 16:51:26.718798033 +0200
@@ -202,6 +205,10 @@ dhcp (struct packet *packet) {
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
if (!oc)
+ oc = lookup_option (&dhcp_universe,
+ packet -> options,
+ DHO_PXE_CLIENT_ID);
+ if (!oc)
goto nolease;
memset (&data, 0, sizeof data);
@@ -770,6 +777,9 @@ void dhcprelease (packet, ms_nulltp)
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset (&data, 0, sizeof data);
if (oc &&
evaluate_option_cache (&data, packet, (struct lease *)0,
@@ -1841,6 +1851,9 @@ void ack_lease (packet, lease, offer, wh
can be used. */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
if (oc &&
evaluate_option_cache (&d1, packet, lease,
(struct client_state *)0,
@@ -2386,6 +2399,9 @@ void ack_lease (packet, lease, offer, wh
/* Record the uid, if given... */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
if (oc &&
evaluate_option_cache (&d1, packet, lease,
(struct client_state *)0,
@@ -3429,6 +3445,9 @@ int find_lease (struct lease **lp,
specified unique client identifier. */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset (&client_identifier, 0, sizeof client_identifier);
if (oc &&
evaluate_option_cache (&client_identifier,
diff -up dhcp-4.2.5/server/dhcpd.conf.5.option97 dhcp-4.2.5/server/dhcpd.conf.5
--- dhcp-4.2.5/server/dhcpd.conf.5.option97 2015-05-20 16:44:34.908765906 +0200
+++ dhcp-4.2.5/server/dhcpd.conf.5 2015-05-20 16:44:35.081763393 +0200
@@ -1657,10 +1657,12 @@ should be a name identifying the host.
not specified for the host, \fIhostname\fR is used.
.PP
\fIHost\fR declarations are matched to actual DHCP or BOOTP clients
-by matching the \fRdhcp-client-identifier\fR option specified in the
+by matching the \fIdhcp-client-identifier\fR or \fIpxe-client-id\fR
+options specified in the
\fIhost\fR declaration to the one supplied by the client, or, if the
\fIhost\fR declaration or the client does not provide a
-\fRdhcp-client-identifier\fR option, by matching the \fIhardware\fR
+\fIdhcp-client-identifier\fR or \fIpxe-client-id\fR options,
+by matching the \fIhardware\fR
parameter in the \fIhost\fR declaration to the network hardware
address supplied by the client. BOOTP clients do not normally
provide a \fIdhcp-client-identifier\fR, so the hardware address must
@@ -1672,7 +1674,8 @@ to identify hosts.
.PP
Please be aware that
.B only
-the \fIdhcp-client-identifier\fR option and the hardware address can be
+the \fIdhcp-client-identifier\fR and \fIpxe-client-id\fR
+options and the hardware address can be
used to match a host declaration, or the \fIhost-identifier option\fR
parameter for DHCPv6 servers. For example, it is not possible to
match a host declaration to a \fIhost-name\fR option. This is
diff -up dhcp-4.2.5/server/dhcpleasequery.c.option97 dhcp-4.2.5/server/dhcpleasequery.c
--- dhcp-4.2.5/server/dhcpleasequery.c.option97 2013-01-03 01:02:25.000000000 +0100
+++ dhcp-4.2.5/server/dhcpleasequery.c 2015-05-20 16:44:35.082763378 +0200
@@ -279,7 +279,7 @@ dhcpleasequery(struct packet *packet, in
*/
memset(&uid, 0, sizeof(uid));
- if (get_option(&uid,
+ i = get_option(&uid,
&dhcp_universe,
packet,
NULL,
@@ -289,8 +289,20 @@ dhcpleasequery(struct packet *packet, in
packet->options,
&global_scope,
DHO_DHCP_CLIENT_IDENTIFIER,
- MDL)) {
-
+ MDL);
+ if (!i)
+ i = get_option(&uid,
+ &dhcp_universe,
+ packet,
+ NULL,
+ NULL,
+ packet->options,
+ NULL,
+ packet->options,
+ &global_scope,
+ DHO_PXE_CLIENT_ID,
+ MDL);
+ if (i) {
snprintf(dbg_info,
sizeof(dbg_info),
"client-id %s",
diff -up dhcp-4.2.5/server/failover.c.option97 dhcp-4.2.5/server/failover.c
--- dhcp-4.2.5/server/failover.c.option97 2015-05-20 16:44:35.001764555 +0200
+++ dhcp-4.2.5/server/failover.c 2015-05-20 16:44:35.083763364 +0200
@@ -5875,6 +5875,9 @@ int load_balance_mine (struct packet *pa
oc = lookup_option(&dhcp_universe, packet->options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option(&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset(&ds, 0, sizeof ds);
if (oc &&
evaluate_option_cache(&ds, packet, NULL, NULL,
diff -up dhcp-4.2.5/server/mdb.c.option97 dhcp-4.2.5/server/mdb.c
--- dhcp-4.2.5/server/mdb.c.option97 2013-01-03 01:02:25.000000000 +0100
+++ dhcp-4.2.5/server/mdb.c 2015-05-20 16:44:35.084763349 +0200
@@ -127,8 +127,9 @@ static int find_uid_statement (struct ex
esp -> data.option &&
(esp -> data.option -> option -> universe ==
&dhcp_universe) &&
- (esp -> data.option -> option -> code ==
- DHO_DHCP_CLIENT_IDENTIFIER)) {
+ ((esp -> data.option -> option -> code ==
+ DHO_DHCP_CLIENT_IDENTIFIER) ||
+ (esp -> data.option -> option -> code == DHO_PXE_CLIENT_ID))) {
if (condp) {
log_error ("dhcp client identifier may not be %s",
"specified conditionally.");

65
SOURCES/dhcp-prepend.patch Normal file
View File

@ -0,0 +1,65 @@
diff -up dhcp-4.2.5/client/dhc6.c.prepend dhcp-4.2.5/client/dhc6.c
--- dhcp-4.2.5/client/dhc6.c.prepend 2016-04-18 14:21:41.062502036 +0200
+++ dhcp-4.2.5/client/dhc6.c 2016-04-18 14:25:11.683732506 +0200
@@ -595,7 +595,7 @@ dhc6_dup_addr(struct dhc6_addr *addr, co
* Parsed options are deleted in order to not save them in the lease file.
*/
static struct dhc6_lease *
-dhc6_leaseify(struct packet *packet)
+dhc6_leaseify(struct packet *packet, struct client_state* client)
{
struct data_string ds;
struct dhc6_lease *lease;
@@ -687,6 +687,11 @@ dhc6_leaseify(struct packet *packet)
lease->server_id.data, 52));
}
+ execute_statements_in_scope(NULL, (struct packet *)packet, NULL,
+ client, lease->options, lease->options,
+ &global_scope, client->config->on_receipt,
+ NULL);
+
return lease;
}
@@ -2892,7 +2897,7 @@ init_handler(struct packet *packet, stru
return;
}
- lease = dhc6_leaseify(packet);
+ lease = dhc6_leaseify(packet, client);
if (dhc6_check_advertise(lease) != ISC_R_SUCCESS) {
log_debug("PRC: Lease failed to satisfy.");
@@ -2975,6 +2980,12 @@ info_request_handler(struct packet *pack
option_state_reference(&client->active_lease->options,
packet->options, MDL);
+ execute_statements_in_scope(NULL, (struct packet *)packet, NULL, client,
+ client->active_lease->options,
+ client->active_lease->options,
+ &global_scope, client->config->on_receipt,
+ NULL);
+
start_informed(client);
}
@@ -3009,7 +3020,7 @@ rapid_commit_handler(struct packet *pack
return;
}
- lease = dhc6_leaseify(packet);
+ lease = dhc6_leaseify(packet, client);
/* This is an out of memory condition...hopefully a temporary
* problem. Returning now makes us try to retransmit later.
@@ -3823,7 +3834,7 @@ reply_handler(struct packet *packet, str
return;
}
- lease = dhc6_leaseify(packet);
+ lease = dhc6_leaseify(packet, client);
/* This is an out of memory condition...hopefully a temporary
* problem. Returning now makes us try to retransmit later.
diff -up dhcp-4.2.5/RELNOTES.prepend dhcp-4.2.5/RELNOTES

80
SOURCES/dhcp-sd-daemon.patch Normal file
View File

@ -0,0 +1,80 @@
diff -up dhcp-4.2.5/configure.ac.sd-daemon dhcp-4.2.5/configure.ac
--- dhcp-4.2.5/configure.ac.sd-daemon 2014-07-07 12:13:21.474322606 +0200
+++ dhcp-4.2.5/configure.ac 2014-07-07 12:16:11.320964893 +0200
@@ -714,6 +714,17 @@ if test x$ldap = xyes || test x$ldapcryp
fi
fi
+AC_ARG_WITH(systemd,
+ AC_HELP_STRING([--with-systemd],
+ [enable sending status notifications to systemd daemon (default is no)]),
+ [systemd=$withval],
+ [systemd=no])
+
+if test x$systemd = xyes ; then
+ AC_CHECK_LIB(systemd-daemon, sd_notify, ,
+ AC_MSG_FAILURE([*** sd-daemon library not present - do you need to install systemd-libs package?]))
+fi
+
# Append selected warning levels to CFLAGS before substitution (but after
# AC_TRY_COMPILE & etc).
CFLAGS="$CFLAGS $STD_CWARNINGS"
diff -up dhcp-4.2.5/relay/dhcrelay.c.sd-daemon dhcp-4.2.5/relay/dhcrelay.c
--- dhcp-4.2.5/relay/dhcrelay.c.sd-daemon 2014-07-07 12:13:21.329324619 +0200
+++ dhcp-4.2.5/relay/dhcrelay.c 2014-07-07 12:13:21.475322592 +0200
@@ -41,6 +41,10 @@
int keep_capabilities = 0;
#endif
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+#include <systemd/sd-daemon.h>
+#endif
+
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
@@ -608,6 +612,14 @@ main(int argc, char **argv) {
}
#endif
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+ /* We are ready to process incomming packets. Let's notify systemd */
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Dispatching packets...\n"
+ "MAINPID=%lu",
+ (unsigned long) getpid());
+#endif
+
/* Start dispatching packets and timeouts... */
dispatch();
diff -up dhcp-4.2.5/server/dhcpd.c.sd-daemon dhcp-4.2.5/server/dhcpd.c
--- dhcp-4.2.5/server/dhcpd.c.sd-daemon 2014-07-07 12:13:21.419323370 +0200
+++ dhcp-4.2.5/server/dhcpd.c 2014-07-07 12:16:57.838319165 +0200
@@ -60,6 +60,10 @@ static const char url [] =
#include "trace.h"
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+#include <systemd/sd-daemon.h>
+#endif
+
#ifndef UNIT_TEST
static void usage(void);
#endif
@@ -869,6 +873,15 @@ main(int argc, char **argv) {
(omapi_object_t *)0, "state", server_running);
TRACE(DHCPD_MAIN());
+
+#ifdef HAVE_LIBSYSTEMD_DAEMON
+ /* We are ready to process incomming packets. Let's notify systemd */
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Dispatching packets...\n"
+ "MAINPID=%lu",
+ (unsigned long) getpid());
+#endif
+
/* Receive packets and dispatch them... */
dispatch ();

14
SOURCES/dhcp-stateless-store-duid.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up dhcp-4.2.5/client/dhclient.c.stateless-store-duid dhcp-4.2.5/client/dhclient.c
--- dhcp-4.2.5/client/dhclient.c.stateless-store-duid 2014-12-09 17:29:32.683444318 +0100
+++ dhcp-4.2.5/client/dhclient.c 2014-12-09 17:30:53.917444318 +0100
@@ -1151,7 +1151,9 @@ void run_stateless(int exit_mode)
if (default_duid.buffer != NULL)
data_string_forget(&default_duid, MDL);
- form_duid(&default_duid, MDL);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS &&
+ duid_type == DUID_LLT)
+ write_duid(&default_duid);
}
/* Start a configuration state machine. */

14
SOURCES/dhcp-vlanfilter.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up dhcp-4.2.5/common/lpf.c.vlan dhcp-4.2.5/common/lpf.c
--- dhcp-4.2.5/common/lpf.c.vlan 2015-10-13 18:48:35.180447618 +0200
+++ dhcp-4.2.5/common/lpf.c 2015-10-13 18:51:29.797079032 +0200
@@ -521,6 +521,10 @@ ssize_t receive_packet (interface, buf,
if (cmsg->cmsg_level == SOL_PACKET &&
cmsg->cmsg_type == PACKET_AUXDATA) {
struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg);
+ /* Discard packets with stripped vlan id */
+ /* VLAN ID is only bottom 12-bits of TCI */
+ if (aux->tp_vlan_tci & 0x0fff)
+ return 0;
nocsum = aux->tp_status & TP_STATUS_CSUMNOTREADY;
}
}

13
SOURCES/dhcpd.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=DHCPv4 Server Daemon
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
Wants=network-online.target
After=network-online.target
After=time-sync.target

[Service]
Type=notify
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid

[Install]
WantedBy=multi-user.target

13
SOURCES/dhcpd6.service Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=DHCPv6 Server Daemon
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
Wants=network-online.target
After=network-online.target
After=time-sync.target

[Service]
Type=notify
ExecStart=/usr/sbin/dhcpd -f -6 -cf /etc/dhcp/dhcpd6.conf -user dhcpd -group dhcpd --no-pid

[Install]
WantedBy=multi-user.target

12
SOURCES/dhcrelay.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=DHCP Relay Agent Daemon
Documentation=man:dhcrelay(8)
Wants=network-online.target
After=network-online.target

[Service]
Type=notify
ExecStart=/usr/sbin/dhcrelay -d --no-pid

[Install]
WantedBy=multi-user.target

2705
SPECS/dhcp.spec Normal file
View File

File diff suppressed because it is too large Load Diff