jcronenberg/kea
SHA256
1
0
Fork 0
forked from dhcp/kea
Code Pull Requests Activity

Compare commits

base: jcronenberg:master
Branches Tags
jcronenberg:master jcronenberg:main jcronenberg:factory jcronenberg:devel jengelh:master dhcp:main dhcp:master
..
compare: jengelh:master
Branches Tags
jengelh:master jcronenberg:master jcronenberg:main jcronenberg:factory jcronenberg:devel dhcp:main dhcp:master

1 Commits
master ... master

Author SHA256 Message Date
Jan Engelhardt
46ac77e042 Revert "Dummy commit to test scmsync" 
This reverts commit 59f1a3766a.
 2025-03-27 11:30:28 +01:00
11 changed files with 313 additions and 429 deletions
Expand all files Collapse all files

191
kea-2.6.1-boost_1.87-compat.patch Normal file
View File

@@ -0,0 +1,191 @@
From 81edc181f85395c39964104ef049a195bafb9737 Mon Sep 17 00:00:00 2001
From: q66 <q66@chimera-linux.org>
Date: Sun, 15 Dec 2024 03:04:53 +0100
Subject: [PATCH] [#3696] Update asiolink for boost 1.87
---
src/lib/asiolink/io_address.cc | 4 ++--
src/lib/asiolink/io_service.cc | 8 ++++----
src/lib/asiolink/tcp_endpoint.h | 2 +-
src/lib/asiolink/udp_endpoint.h | 2 +-
src/lib/asiolink/unix_domain_socket.cc | 16 ++++++++--------
src/lib/dhcp/iface_mgr.cc | 2 +-
6 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/src/lib/asiolink/io_address.cc b/src/lib/asiolink/io_address.cc
index 43459bfe5ab..06b7d3d990c 100644
--- a/src/lib/asiolink/io_address.cc
+++ b/src/lib/asiolink/io_address.cc
@@ -37,7 +37,7 @@ IOAddress::Hash::operator()(const IOAddress &io_address) const {
// because we'd like to throw our own exception on failure.
IOAddress::IOAddress(const std::string& address_str) {
boost::system::error_code err;
- asio_address_ = ip::address::from_string(address_str, err);
+ asio_address_ = ip::make_address(address_str, err);
if (err) {
isc_throw(IOError, "Failed to convert string to address '"
<< address_str << "': " << err.message());
@@ -116,7 +116,7 @@ IOAddress::isV6Multicast() const {
uint32_t
IOAddress::toUint32() const {
if (asio_address_.is_v4()) {
- return (asio_address_.to_v4().to_ulong());
+ return (asio_address_.to_v4().to_uint());
} else {
isc_throw(BadValue, "Can't convert " << toText()
<< " address to IPv4.");
diff --git a/src/lib/asiolink/io_service.cc b/src/lib/asiolink/io_service.cc
index 411de641915..cc28d24c19f 100644
--- a/src/lib/asiolink/io_service.cc
+++ b/src/lib/asiolink/io_service.cc
@@ -30,7 +30,7 @@ public:
/// @brief The constructor.
IOServiceImpl() :
io_service_(),
- work_(new boost::asio::io_service::work(io_service_)) {
+ work_(boost::asio::make_work_guard(io_service_)) {
};
/// @brief The destructor.
@@ -92,7 +92,7 @@ public:
/// @brief Restarts the IOService in preparation for a subsequent @ref run() invocation.
void restart() {
- io_service_.reset();
+ io_service_.restart();
}
/// @brief Removes IO service work object to let it finish running
@@ -115,12 +115,12 @@ public:
///
/// @param callback The callback to be run on the IO service.
void post(const std::function<void ()>& callback) {
- io_service_.post(callback);
+ boost::asio::post(io_service_, callback);
}
private:
boost::asio::io_service io_service_;
- boost::shared_ptr<boost::asio::io_service::work> work_;
+ boost::asio::executor_work_guard<boost::asio::io_service::executor_type> work_;
};
IOService::IOService() : io_impl_(new IOServiceImpl()) {
diff --git a/src/lib/asiolink/tcp_endpoint.h b/src/lib/asiolink/tcp_endpoint.h
index 8ebd57551db..7c8cb35535d 100644
--- a/src/lib/asiolink/tcp_endpoint.h
+++ b/src/lib/asiolink/tcp_endpoint.h
@@ -42,7 +42,7 @@ public:
/// \param port The TCP port number of the endpoint.
TCPEndpoint(const IOAddress& address, const unsigned short port) :
asio_endpoint_placeholder_(
- new boost::asio::ip::tcp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+ new boost::asio::ip::tcp::endpoint(boost::asio::ip::make_address(address.toText()),
port)),
asio_endpoint_(*asio_endpoint_placeholder_)
{}
diff --git a/src/lib/asiolink/udp_endpoint.h b/src/lib/asiolink/udp_endpoint.h
index f960bf3ce9f..2a3da9f0464 100644
--- a/src/lib/asiolink/udp_endpoint.h
+++ b/src/lib/asiolink/udp_endpoint.h
@@ -42,7 +42,7 @@ public:
/// \param port The UDP port number of the endpoint.
UDPEndpoint(const IOAddress& address, const unsigned short port) :
asio_endpoint_placeholder_(
- new boost::asio::ip::udp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+ new boost::asio::ip::udp::endpoint(boost::asio::ip::make_address(address.toText()),
port)),
asio_endpoint_(*asio_endpoint_placeholder_)
{}
diff --git a/src/lib/asiolink/unix_domain_socket.cc b/src/lib/asiolink/unix_domain_socket.cc
index f43e1c9e9bb..43ff3c8f241 100644
--- a/src/lib/asiolink/unix_domain_socket.cc
+++ b/src/lib/asiolink/unix_domain_socket.cc
@@ -83,7 +83,7 @@ public:
/// @param buffer Buffers holding the data to be sent.
/// @param handler User supplied callback to be invoked when data have
/// been sent or sending error is signalled.
- void doSend(const boost::asio::const_buffers_1& buffer,
+ void doSend(const boost::asio::const_buffer& buffer,
const UnixDomainSocket::Handler& handler);
@@ -103,7 +103,7 @@ public:
/// @param ec Error code returned as a result of sending the data.
/// @param length Length of the data sent.
void sendHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::const_buffers_1& buffer,
+ const boost::asio::const_buffer& buffer,
const boost::system::error_code& ec,
size_t length);
@@ -127,7 +127,7 @@ public:
/// @param buffer A buffer into which the data should be received.
/// @param handler User supplied callback invoked when data have been
/// received on an error is signalled.
- void doReceive(const boost::asio::mutable_buffers_1& buffer,
+ void doReceive(const boost::asio::mutable_buffer& buffer,
const UnixDomainSocket::Handler& handler);
/// @brief Local handler invoked as a result of asynchronous receive.
@@ -146,7 +146,7 @@ public:
/// @param ec Error code returned as a result of asynchronous receive.
/// @param length Size of the received data.
void receiveHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::mutable_buffers_1& buffer,
+ const boost::asio::mutable_buffer& buffer,
const boost::system::error_code& ec,
size_t length);
@@ -197,7 +197,7 @@ UnixDomainSocketImpl::asyncSend(const void* data, const size_t length,
}
void
-UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
+UnixDomainSocketImpl::doSend(const boost::asio::const_buffer& buffer,
const UnixDomainSocket::Handler& handler) {
auto local_handler = std::bind(&UnixDomainSocketImpl::sendHandler,
shared_from_this(),
@@ -207,7 +207,7 @@ UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
void
UnixDomainSocketImpl::sendHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::const_buffers_1& buffer,
+ const boost::asio::const_buffer& buffer,
const boost::system::error_code& ec,
size_t length) {
// The asynchronous send may return EWOULDBLOCK or EAGAIN on some
@@ -230,7 +230,7 @@ UnixDomainSocketImpl::asyncReceive(void* data, const size_t length,
}
void
-UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
+UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffer& buffer,
const UnixDomainSocket::Handler& handler) {
auto local_handler = std::bind(&UnixDomainSocketImpl::receiveHandler,
shared_from_this(),
@@ -240,7 +240,7 @@ UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
void
UnixDomainSocketImpl::receiveHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::mutable_buffers_1& buffer,
+ const boost::asio::mutable_buffer& buffer,
const boost::system::error_code& ec,
size_t length) {
// The asynchronous receive may return EWOULDBLOCK or EAGAIN on some
diff --git a/src/lib/dhcp/iface_mgr.cc b/src/lib/dhcp/iface_mgr.cc
index 01a1d63da5d..419268bfe5c 100644
--- a/src/lib/dhcp/iface_mgr.cc
+++ b/src/lib/dhcp/iface_mgr.cc
@@ -1034,7 +1034,7 @@ IfaceMgr::getLocalAddress(const IOAddress& remote_addr, const uint16_t port) {
}
// Create socket that will be used to connect to remote endpoint.
- boost::asio::io_service io_service;
+ boost::asio::io_context io_service;
boost::asio::ip::udp::socket sock(io_service);
boost::system::error_code err_code;
--
GitLab

BIN
kea-2.6.2.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
kea-2.6.2.tar.gz.asc Normal file
View File

@@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEECQoqB5I/kltXZ4A6QuXfeMgycdsFAmfdcgEACgkQQuXfeMgy
cdtrbA/+MjIYfXn9nu1CoHtX4pxqh35uFYYU6WxDLgeGdHrUIBZe2xGbsZU44n01
UEJ4u0SJXKpktmnt6R0XZ3R0q5KjQJ1RuOj2nGl/+FupxSYwxZl4ZmT6xivqrPyF
q5XU/Vp3JQLhxbLo2w4uxcCGV00O4BGXc5SWPwiVUhf3IXElZuLryvjeU39FgfBf
0y/PkhugUh/PNavkeHuCALbKD4NH4uhDXlbABWJ3GH4rq1gKpl1NAiHFuah2QWtx
WAstxrR9W0o1SftIrCp2pbmjTXLKEZ2fPxJ4y0hf1ByGrgyN8MIS9JdLQKQdAhDd
LOe59KxYxYF7lpgfbX4bSQU7XsXkYfETlfC0WvfyoEvl+Eg/LeZuUc1PlG5+u3BG
RTep9g0WdkPf3SdmdIKGF6/AOvAo1ovms64KVr9mbKGLrGtkiv/mFCKc59EHkl4Y
MH51YFfE34TB27zi7veGyfsQrKNESnRjVrlnewhWX7WeXkuHkR+Y2cqiYxSCx7Tb
F2K+qOP2m+ICTWS0APxaUfJyETUyuNFTnfaWj+izYbIkE3vv11hAGuG5t7ef/tXF
JY68doC9RFc5bF9q89xt93ePL3qls5ADBo4fZI67fpXFnywENiQGwUhBB5sxsYYs
puVNNq7/nT+05IwpSr1TEpCtPHWDOFHG/lvAjcBYb2AGEnVGdpM=
=h8nL
-----END PGP SIGNATURE-----

BIN
kea-3.0.0.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

16
kea-3.0.0.tar.xz.asc
View File

@@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEECQoqB5I/kltXZ4A6QuXfeMgycdsFAmhbvsIACgkQQuXfeMgy
cdtPVQ//WuPtFbsJ1jEPdjiwue23yo0zCWnc8CTLTs3sNSBuYHklihYZfhEvKzW6
/NhACkJ96BP9x79/kASWTnACRAhqTGXLAmk2qJ1U1js6oJ6/sYigFpyx2SdZxo6V
fY1wybDa4G4FqJ/nCzOPewD7zeJHrUyViz/YE+LyAn3XROlp0LFJygKCw7IqjaHz
CeFpD3fh9X/oqxM8H1OjKt6hpxFlY7eRKB9bjvEbxQbmyh8m9dEMD7V8nVK6SrWZ
icArFP3FhwTgRRjLylgXSRc9zsujAbWtiPmL9dYTew01w4dXs2xni8MuUHbr73X0
xBNCMtu28bIrOcA6sds+ZCJ0/dclJdXJqI5UgxoRtt7ZrboR3uxtjoiYYN4oWD8E
CmXFwjb2++MmCv1ZQQU0ZsoVoe+nKI0/9AFWQe4jjWt5WfwX8Hhxhp5cc43bSito
MKOGnEijm9xaixxwKDeuIBo1LcS0adRV2iY60OWJcyT4ZRVzdu2jpl2AXwwaIwKA
Zb3U3EizlUnM6r8Ih1MZmquV2FSCkhvhKcSarR8g76M5s1NadzwB/5+p7+fiSXXA
x4ssHWf37uU3rI8v4cW54ZvmZK/MqvY50JF+HYRpDS2rXHf49Sq8u7YmtigYCqy/
MMmQniZVnutF+d8akuLILIOCO30Pvwe0w0nD7y/ZFke3V+HiZFU=
=6qEE
-----END PGP SIGNATURE-----

18
kea-ctrl-agent.service
View File

@@ -1,18 +0,0 @@
[Unit]
Description=ISC Kea Control Agent
Before=multi-user.target
Wants=network-online.target
After=remote-fs.target network-online.target nss-lookup.target time-sync.target ldap.service ndsd.service
[Service]
User=keadhcp
Environment=KEA_PIDFILE_DIR=/run/kea
RuntimeDirectory=kea
RuntimeDirectoryMode=0750
RuntimeDirectoryPreserve=yes
ExecStart=/usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf
ExecReload=kill -HUP $MAINPID
ProtectSystem=full
[Install]
WantedBy=multi-user.target

19
kea-dhcp-ddns.service
View File

@@ -1,19 +0,0 @@
[Unit]
Description=ISC Kea DHCP-DDNS server
Before=multi-user.target
Wants=network-online.target
After=remote-fs.target network-online.target nss-lookup.target time-sync.target ldap.service ndsd.service
[Service]
User=keadhcp
AmbientCapabilities=CAP_NET_BIND_SERVICE
Environment=KEA_PIDFILE_DIR=/run/kea
RuntimeDirectory=kea
RuntimeDirectoryMode=0750
RuntimeDirectoryPreserve=yes
ExecStart=/usr/sbin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf
ExecReload=kill -HUP $MAINPID
ProtectSystem=full
[Install]
WantedBy=multi-user.target

19
kea-dhcp4.service
View File

@@ -1,19 +0,0 @@
[Unit]
Description=ISC Kea DHCPv4 server
Before=multi-user.target
Wants=network-online.target
After=remote-fs.target network-online.target nss-lookup.target time-sync.target ldap.service ndsd.service
[Service]
User=keadhcp
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW
Environment=KEA_PIDFILE_DIR=/run/kea
RuntimeDirectory=kea
RuntimeDirectoryMode=0750
RuntimeDirectoryPreserve=yes
ExecStart=/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
ExecReload=kill -HUP $MAINPID
ProtectSystem=full
[Install]
WantedBy=multi-user.target

19
kea-dhcp6.service
View File

@@ -1,19 +0,0 @@
[Unit]
Description=ISC Kea DHCPv6 server
Before=multi-user.target
Wants=network-online.target
After=remote-fs.target network-online.target nss-lookup.target time-sync.target ldap.service ndsd.service
[Service]
User=keadhcp
AmbientCapabilities=CAP_NET_BIND_SERVICE
Environment=KEA_PIDFILE_DIR=/run/kea
RuntimeDirectory=kea
RuntimeDirectoryMode=0750
RuntimeDirectoryPreserve=yes
ExecStart=/usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf
ExecReload=kill -HUP $MAINPID
ProtectSystem=full
[Install]
WantedBy=multi-user.target

163
kea.changes
View File

@@ -1,166 +1,3 @@
-------------------------------------------------------------------
Tue Jul 29 09:44:04 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Remove `/usr/share/kea/meson-info` directory because it contains
non reproducible files.
[bsc#1246670]
-------------------------------------------------------------------
Mon Jul 7 14:40:57 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Use meson install_umask to set binaries and libraries
permissions.
-------------------------------------------------------------------
Tue Jul 1 09:28:14 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Update to release 3.0.0
Noteworthy changes:
* Lease caching is now enabled by default.
* The control-socket.socket-name and control-socket.socket-type
parameters have been removed from the CB.
* Kea now rejects certain default passwords. If you copied your
Kea configuration from the examples in our documentation using
our sample password, change your password to a unique value.
* The kea-control-agent is now deprecated. The individual Kea
services support HTTP/HTTPS control channels, so the Control
Agent (CA) is no longer needed. The CA is still available but
will be removed in a future release.
* The precedence of options specified in a template class and its
spawned classes has been reversed. An option specified in a
spawned class now takes precedence over the same option
specified in the template class.
* The only-if-required and require-client-classes were renamed to
only-in-additional-list and evaluate-additional-classes.
* Classes included in require-client-classes (now called
evaluate-additional-classes) that do not have test expressions
will now be unconditionally added to a client's list of
matching classes; previously, they were ignored.
* Additional classes are now evaluated in the same order as
option-data, i.e. pools, subnets, and shared networks. In
earlier versions, the order was reversed.
* It is now possible to define multiple client classes when
limiting access to networks, subnets, and pools. The parameter
client-class (a single class name) has been replaced with
client-classes (a list of one or more class names). The older
syntax is still accepted but is now deprecated and will be
removed in the future. You cannot specify both client-class and
client-classes within the same scope.
* Options name value pairs specified in option-data have a new
parameter available: client-classes. This allows the
administrator to place a guard on the option requiring
membership in a class or classes before that particular option
data will be added to the packet. This is intended as a
powerful mechanism to bring back some of the functionality from
the conditional (if) statements that were widely used in ISC
DHCP. See Option Class-Tagging in the ARM for further
information.
* The build system has been switched to meson.
Further detailed information of all changes is available at
https://gitlab.isc.org/isc-projects/kea/-/wikis/Release-Notes/release-notes-3.0.0
and
https://kb.isc.org/docs/things-to-be-aware-of-when-upgrading-to-kea-300
- Set RuntimeDirectoryPreserve=yes in services to prevent deletion
of RuntimeDirectory when one service gets stopped.
-------------------------------------------------------------------
Mon Jun 16 12:27:37 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Change After= from network.target to network-online.target and
add Wants=network-online.target to systemd services to prevent
starting up before ip setup is finished.
-------------------------------------------------------------------
Mon May 26 15:07:13 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Update to release 2.6.3
Security Fixes:
* The default configuration for the Kea Control Agent (CA) has
been updated to enable basic HTTP authentication. Access to
the Kea API will thus require a password.
(CVE-2025-32801, CVE-2025-32802, CVE-2025-32803)
[bsc#1243240]
* `kea-dhcp4`, `kea-dhcp6`, `kea-dhcp-ddns`, and
`kea-ctrl-agent` now only load hook libraries from the
default installation directory. For ease of use, the path may
be omitted.
(CVE-2025-32801)
[bsc#1243240]
* The API command `config-write` will now only write to the same
directory as the configuration file used when Kea was started
(passed as a `-c` argument).
(CVE-2025-32802)
[bsc#1243240]
* Lease files can now only be loaded from the data directory
`/var/lib/kea`. This path may be overridden at startup by
setting the environment variable `KEA_DHCP_DATA_DIR` to the
desired path. If a path outside the defined data directory is
used in `lease-database.name`, Kea returns an error and refuses
to start or, if already running, aborts and exits. For ease of
use in specifying a custom file name, simply omit the path
component from `name`.
(CVE-2025-32802)
[bsc#1243240]
* Log files can now only be written to a defined output directory
`/var/log/kea`. This path may be overridden at startup by
setting the environment variable `KEA_LOG_FILE_DIR` to the
desired path. If a path outside the defined output directory is
used in `loggers.output_options.output`, Kea returns an error
and refuses to start or, if already running, aborts and exits.
For ease of use, simply omit the path component from `output`
and specify only the file name.
(CVE-2025-32802)
[bsc#1243240]
* Files created by Kea now have more restrictive file
permissions. Write access by group and any access by others is
now forbidden.
(CVE-2025-32803)
[bsc#1243240]
* Sockets can no longer be created in a world-writable directory,
such as `/tmp`. Sockets must now be created in the more
restricted `/var/run/kea`.
(CVE-2025-32802)
[bsc#1243240]
* Many sample configuration files have been updated to reflect
changes introduced in this release. In the ARM, the Kea
Security section has been moved to a more prominent location,
and a new section concerning securing the Kea Control Agent has
been added.
(CVE-2025-32801, CVE-2025-32802, CVE-2025-32803)
[bsc#1243240]
Other changes:
* Fix build with the latest Boost 1.87.
(Obsoletes patch `kea-2.6.1-boost_1.87-compat.patch`)
* Backported a clarification in the ARM about subnet4-delta-add.
- Remove /run/kea from systemd tmpfiles as the creation of this
directory is handled by the services.
- Replace 'chmod -h' and 'chown -h' with 'find' as the '-h' isn't
present in Leap/SLE.
- /run/kea now has mode 0750 for all services.
-------------------------------------------------------------------
Wed Apr 30 13:21:39 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Update owner and perms in %post on modified config files
-------------------------------------------------------------------
Tue Apr 15 11:01:25 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
- Add logic to %post for switching from kea.service to the new
split units, kea-*.service.
(Inspiration taken from strongswan.spec.)
-------------------------------------------------------------------
Wed Apr 2 15:29:59 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>
- Split off services into separate ones to allow more fine grained
control for e.g. capabilities.
- Tighten access to state and log directories.
-------------------------------------------------------------------
Wed Mar 26 16:01:54 UTC 2025 - Jorik Cronenberg <jorik.cronenberg@suse.com>

275
kea.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package kea
#
# Copyright (c) 2025 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,33 +16,36 @@
#
%define asiodns_sover 62
%define asiolink_sover 87
%define cc_sover 82
%define cfgrpt_sover 3
%define config_sover 83
%define cryptolink_sover 63
%define d2srv_sover 63
%define database_sover 76
%define dhcp_sover 109
%define dhcp_ddns_sover 68
%define dhcpsrv_sover 129
%define dns_sover 71
%define eval_sover 84
%define exceptions_sover 45
%define hooks_sover 118
%define http_sover 87
%define log_interprocess_sover 3
%define log_sover 75
%define mysql_sover 88
%define pgsql_sover 88
%define process_sover 90
%define stats_sover 53
%define tcp_sover 33
%define util_io_sover 12
%define util_sover 101
%define asiodns_sover 48
%define asiolink_sover 71
%define cc_sover 68
%define cfgclient_sover 65
%define cryptolink_sover 50
%define d2srv_sover 46
%define database_sover 62
%define dhcppp_sover 91
%define dhcp_ddns_sover 56
%define dhcpsrv_sover 110
%define dnspp_sover 56
%define eval_sover 69
%define exceptions_sover 33
%define hooks_sover 99
%define http_sover 71
%define log_sover 61
%define mysql_sover 71
%define pgsql_sover 71
%define process_sover 73
%define stats_sover 41
%define tcp_sover 18
%define util_io_sover 0
%define util_sover 85
%if 0%{?suse_version} >= 1600
%bcond_without regen_files
%else
%bcond_with regen_files
%endif
Name: kea
Version: 3.0.0
Version: 2.6.2
Release: 0
Summary: Dynamic Host Configuration Protocol daemon
License: MPL-2.0
@@ -50,15 +53,16 @@ Group: Productivity/Networking/Boot/Servers
URL: https://kea.isc.org/
#Git-Clone: https://gitlab.isc.org/isc-projects/kea
#Github is out of date / abandoned(?)
Source: https://ftp.isc.org/isc/kea/%version/kea-%version.tar.xz
Source2: https://ftp.isc.org/isc/kea/%version/kea-%version.tar.xz.asc
Source: https://ftp.isc.org/isc/kea/%version/kea-%version.tar.gz
Source2: https://ftp.isc.org/isc/kea/%version/kea-%version.tar.gz.asc
# https://www.isc.org/pgpkey/
Source3: kea.keyring
Source4: kea-dhcp4.service
Source5: kea-dhcp6.service
Source6: kea-dhcp-ddns.service
Source7: kea-ctrl-agent.service
BuildRequires: meson
Patch0: kea-2.6.1-boost_1.87-compat.patch
BuildRequires: autoconf >= 2.59
BuildRequires: automake
%if %{with regen_files}
BuildRequires: bison >= 3.3
%endif
BuildRequires: freeradius-server-devel
BuildRequires: gcc-c++
BuildRequires: libmysqlclient-devel
@@ -73,9 +77,11 @@ BuildRequires: python3-sphinx_rtd_theme
BuildRequires: sysuser-tools
BuildRequires: xz
BuildRequires: pkgconfig(libcrypto)
BuildRequires: fdupes
%sysusers_requires
Suggests: %name-hooks = %version
%if %{with regen_files}
BuildRequires: flex
%endif
%if 0%{?suse_version} >= 1500
BuildRequires: libboost_system-devel
%else
@@ -131,20 +137,11 @@ Group: System/Libraries
libkea-cc is used for the control channel protocol between keactrl
and the server.
%package -n libkea-cfgrpt%cfgrpt_sover
Summary: Kea DHCP server config report library
Group: System/Libraries
%description -n libkea-cfgrpt%cfgrpt_sover
The cfgrpt library is used for generating configuration reports for Kea,
providing detailed JSON-formatted summaries of the server's current
configuration.
%package -n libkea-config%config_sover
%package -n libkea-cfgclient%cfgclient_sover
Summary: Kea DHCP server configuration client library
Group: System/Libraries
%description -n libkea-config%config_sover
%description -n libkea-cfgclient%cfgclient_sover
The Kea DHCP server can be managed at runtime via the Control
Channel. The CC allows an external entity (e.g. a tool run by a
sysadmin or a script) to issue commands to the server which can
@@ -177,12 +174,12 @@ Group: System/Libraries
%description -n libkea-database%database_sover
Kea's database abstraction library.
%package -n libkea-dhcp%dhcp_sover
%package -n libkea-dhcp++%dhcppp_sover
Summary: Kea DHCP library
Group: System/Libraries
%description -n libkea-dhcp%dhcp_sover
libdhcp is an all-purpose DHCP-manipulation library, written in
%description -n libkea-dhcp++%dhcppp_sover
libdhcp++ is an all-purpose DHCP-manipulation library, written in
C++. It offers packet parsing and assembly, DHCPv4 and DHCPv6 options
parsing and assembly, interface detection, and socket operations It
can be used by server, client, relay, performance tools and other
@@ -208,11 +205,11 @@ operations, including the "Lease Manager" that manages information
about leases and the "Configuration Manager" that stores the servers'
configuration etc.
%package -n libkea-dns%dns_sover
%package -n libkea-dns++%dnspp_sover
Summary: Kea DHCP server component library
Group: System/Libraries
%description -n libkea-dns%dns_sover
%description -n libkea-dns++%dnspp_sover
One of the many libraries the Kea DHCP server is composed of.
%package -n libkea-eval%eval_sover
@@ -256,14 +253,6 @@ receive messages and send responses over HTTP. This library uses
boost ASIO for creating TCP connections and asynchronously receive
and send the data over the sockets.
%package -n libkea-log-interprocess%log_interprocess_sover
Summary: Kea DHCP log interprocess library
Group: System/Libraries
%description -n libkea-log-interprocess%log_interprocess_sover
The log-interprocess library facilitates the transfer of logging messages
between the different Kea processes.
%package -n libkea-log%log_sover
Summary: Kea DHCP logging system library
Group: System/Libraries
@@ -336,20 +325,18 @@ Group: Development/Libraries/C and C++
Requires: libkea-asiodns%asiodns_sover = %version
Requires: libkea-asiolink%asiolink_sover = %version
Requires: libkea-cc%cc_sover = %version
Requires: libkea-cfgrpt%cfgrpt_sover = %version
Requires: libkea-config%config_sover = %version
Requires: libkea-cfgclient%cfgclient_sover = %version
Requires: libkea-cryptolink%cryptolink_sover = %version
Requires: libkea-d2srv%d2srv_sover = %version
Requires: libkea-database%database_sover = %version
Requires: libkea-dhcp%dhcp_sover = %version
Requires: libkea-dhcp++%dhcppp_sover = %version
Requires: libkea-dhcp_ddns%dhcp_ddns_sover = %version
Requires: libkea-dhcpsrv%dhcpsrv_sover = %version
Requires: libkea-dns%dns_sover = %version
Requires: libkea-dns++%dnspp_sover = %version
Requires: libkea-eval%eval_sover = %version
Requires: libkea-exceptions%exceptions_sover = %version
Requires: libkea-hooks%hooks_sover = %version
Requires: libkea-http%http_sover = %version
Requires: libkea-log-interprocess%log_interprocess_sover = %version
Requires: libkea-log%log_sover = %version
Requires: libkea-mysql%mysql_sover = %version
Requires: libkea-pgsql%pgsql_sover = %version
@@ -371,16 +358,41 @@ Development files for the Kea DHCP server
export FREERADIUS_INCLUDE="%_includedir/freeradius"
export FREERADIUS_LIB=""
export FREERADIUS_DICTIONARY=""
%meson --install-umask 022 -D netconf=disabled
%meson_build
%meson_build doc
autoreconf -fi
%configure \
--disable-rpath --disable-static \
%if %{with regen_files}
--enable-generate-docs --enable-generate-parser \
%endif
--enable-logger-checks \
--with-dhcp-mysql --with-dhcp-pgsql \
--enable-perfdhcp --enable-shell
make %{?_smp_mflags}
%install
b=%buildroot
%meson_install
%make_install
find %buildroot -type f -name "*.la" -delete -print
mkdir -p "$b/%_unitdir" "$b/%_sysusersdir"
cp %_sourcedir/*.service "$b/%_unitdir/"
mkdir -p "$b/%_unitdir" "$b/%_tmpfilesdir" "$b/%_sysusersdir"
cat <<-EOF >"$b/%_unitdir/kea.service"
[Unit]
Description=ISC Kea DHCP server
Before=multi-user.target
After=remote-fs.target network.target nss-lookup.target time-sync.target ldap.service ndsd.service
[Service]
Type=forking
Environment=KEA_PIDFILE_DIR=%_rundir/%name
RuntimeDirectory=kea
ExecStart=%_sbindir/keactrl start
ExecReload=%_sbindir/keactrl reload
ExecStop=%_sbindir/keactrl stop
[Install]
WantedBy=multi-user.target
Alias=dhcp-server.service
EOF
cat <<-EOF >"$b/%_tmpfilesdir/kea.conf"
d /run/kea 0775 keadhcp keadhcp -
EOF
echo 'u keadhcp - "Kea DHCP server" /var/lib/kea' >system-user-keadhcp.conf
cp -a system-user-keadhcp.conf "$b/%_sysusersdir/"
%sysusers_generate_pre system-user-keadhcp.conf random system-user-keadhcp.conf
@@ -391,84 +403,37 @@ perl -i -pe 's{%_localstatedir/log/kea-}{%_localstatedir/log/kea/}' \
mkdir -p "$b%_localstatedir/log/kea"
# Remove unnecessary files
find "%buildroot/%_libdir" -name "*.so.*" -type l -delete
rm -Rf "%buildroot/%python3_sitelib/kea/__pycache__"
# Remove meson-info directory as it contains non reproducable files
rm -Rf "%{buildroot}/%{_datadir}/kea/meson-info"
%fdupes %{buildroot}/%{_datadir}/doc/kea
%pre -f random.pre
%service_add_pre kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
systemd-tmpfiles --create kea.conf || :
%service_add_pre kea.service
%post
%service_add_post kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
if [ "$1" -gt 1 ]; then
chown -R keadhcp:keadhcp "%_localstatedir/lib/kea"
chown -R keadhcp:keadhcp "%_localstatedir/log/kea"
find %_sysconfdir/kea/ -type f -name '*.conf' -exec chown root:keadhcp {} +
find %_sysconfdir/kea/ -type f -name '*.conf' -exec chmod 640 {} +
fi
bigkea_enabled=$(/usr/bin/systemctl is-enabled kea.service 2>/dev/null || :)
bigkea_active=$(/usr/bin/systemctl is-active kea.service 2>/dev/null || :)
use_dhcp4=$(grep -ie ^dhcp4=yes /etc/kea/keactrl.conf 2>/dev/null || :)
use_dhcp6=$(grep -ie ^dhcp6=yes /etc/kea/keactrl.conf 2>/dev/null || :)
use_ddns=$(grep -ie ^dhcp_ddns=yes /etc/kea/keactrl.conf 2>/dev/null || :)
use_agent=$(grep -ie ^ctrl_agent=yes /etc/kea/keactrl.conf 2>/dev/null || :)
if [ "$bigkea_enabled" = "enabled" ]; then
echo "Transferring enablement of kea.service to new split units..."
/usr/bin/systemctl disable kea.service || :
if [ -n "$use_dhcp4" ]; then
/usr/bin/systemctl enable kea-dhcp4.service || :
fi
if [ -n "$use_dhcp6" ]; then
/usr/bin/systemctl enable kea-dhcp6.service || :
fi
if [ -n "$use_ddns" ]; then
/usr/bin/systemctl enable kea-dhcp-ddns.service || :
fi
if [ -n "$use_agent" ]; then
/usr/bin/systemctl enable kea-ctrl-agent.service || :
fi
fi
if [ "$bigkea_active" = "active" ]; then
echo "Transferring active state of kea.service to new split units..."
/usr/bin/systemctl disable --now kea.service || :
if [ -n "$use_dhcp4" ]; then
/usr/bin/systemctl start kea-dhcp4.service || :
fi
if [ -n "$use_dhcp6" ]; then
/usr/bin/systemctl start kea-dhcp6.service || :
fi
if [ -n "$use_ddns" ]; then
/usr/bin/systemctl start kea-dhcp-ddns.service || :
fi
if [ -n "$use_agent" ]; then
/usr/bin/systemctl start kea-ctrl-agent.service || :
fi
fi
%service_add_post kea.service
%preun
%service_del_preun kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
%service_del_preun kea.service
%postun
%service_del_postun kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service kea-ctrl-agent.service
%service_del_postun kea.service
%ldconfig_scriptlets -n libkea-asiodns%asiodns_sover
%ldconfig_scriptlets -n libkea-asiolink%asiolink_sover
%ldconfig_scriptlets -n libkea-cc%cc_sover
%ldconfig_scriptlets -n libkea-cfgrpt%cfgrpt_sover
%ldconfig_scriptlets -n libkea-config%config_sover
%ldconfig_scriptlets -n libkea-cfgclient%cfgclient_sover
%ldconfig_scriptlets -n libkea-cryptolink%cryptolink_sover
%ldconfig_scriptlets -n libkea-d2srv%d2srv_sover
%ldconfig_scriptlets -n libkea-database%database_sover
%ldconfig_scriptlets -n libkea-dhcp%dhcp_sover
%ldconfig_scriptlets -n libkea-dhcp++%dhcppp_sover
%ldconfig_scriptlets -n libkea-dhcp_ddns%dhcp_ddns_sover
%ldconfig_scriptlets -n libkea-dhcpsrv%dhcpsrv_sover
%ldconfig_scriptlets -n libkea-dns%dns_sover
%ldconfig_scriptlets -n libkea-dns++%dnspp_sover
%ldconfig_scriptlets -n libkea-eval%eval_sover
%ldconfig_scriptlets -n libkea-exceptions%exceptions_sover
%ldconfig_scriptlets -n libkea-hooks%hooks_sover
%ldconfig_scriptlets -n libkea-http%http_sover
%ldconfig_scriptlets -n libkea-log-interprocess%log_interprocess_sover
%ldconfig_scriptlets -n libkea-log%log_sover
%ldconfig_scriptlets -n libkea-mysql%mysql_sover
%ldconfig_scriptlets -n libkea-pgsql%pgsql_sover
@@ -479,16 +444,17 @@ fi
%ldconfig_scriptlets -n libkea-util%util_sover
%files
%dir %attr(0755,root,root) %_sysconfdir/kea
%config(noreplace) %attr(0640,root,keadhcp) %_sysconfdir/kea/*.conf
%dir %_sysconfdir/kea
%config(noreplace) %_sysconfdir/kea/*.conf
%_mandir/man8/*.8%{?ext_man}
%_sbindir/kea*
%_sbindir/perfdhcp
%_datadir/kea/
%_unitdir/*.service
%dir %attr(0750,keadhcp,keadhcp) %_localstatedir/lib/kea
%_sysusersdir/*
%attr(0750,keadhcp,keadhcp) %_localstatedir/log/kea/
%dir %_localstatedir/lib/kea
%_tmpfilesdir/
%_sysusersdir/
%attr(0775,keadhcp,keadhcp) %_localstatedir/log/kea/
%files doc
%doc %_datadir/doc/kea/
@@ -497,107 +463,74 @@ fi
%files hooks
%dir %_libdir/kea
%_libdir/kea/hooks/
%dir %{_sysconfdir}/kea/radius
%{_sysconfdir}/kea/radius/dictionary
%files -n libkea-asiodns%asiodns_sover
%_libdir/libkea-asiodns.so.%asiodns_sover
%_libdir/libkea-asiodns.so.%asiodns_sover.*
%files -n libkea-asiolink%asiolink_sover
%_libdir/libkea-asiolink.so.%asiolink_sover
%_libdir/libkea-asiolink.so.%asiolink_sover.*
%files -n libkea-cc%cc_sover
%_libdir/libkea-cc.so.%cc_sover
%_libdir/libkea-cc.so.%cc_sover.*
%files -n libkea-cfgrpt%cfgrpt_sover
%_libdir/libkea-cfgrpt.so.%cfgrpt_sover
%_libdir/libkea-cfgrpt.so.%cfgrpt_sover.*
%files -n libkea-config%config_sover
%_libdir/libkea-config.so.%config_sover
%_libdir/libkea-config.so.%config_sover.*
%files -n libkea-cfgclient%cfgclient_sover
%_libdir/libkea-cfgclient.so.%cfgclient_sover.*
%files -n libkea-cryptolink%cryptolink_sover
%_libdir/libkea-cryptolink.so.%cryptolink_sover
%_libdir/libkea-cryptolink.so.%cryptolink_sover.*
%files -n libkea-d2srv%d2srv_sover
%_libdir/libkea-d2srv.so.%d2srv_sover
%_libdir/libkea-d2srv.so.%d2srv_sover.*
%files -n libkea-database%database_sover
%_libdir/libkea-database.so.%database_sover
%_libdir/libkea-database.so.%database_sover.*
%files -n libkea-dhcp%dhcp_sover
%_libdir/libkea-dhcp.so.%dhcp_sover
%_libdir/libkea-dhcp.so.%dhcp_sover.*
%files -n libkea-dhcp++%dhcppp_sover
%_libdir/libkea-dhcp++.so.%dhcppp_sover.*
%files -n libkea-dhcp_ddns%dhcp_ddns_sover
%_libdir/libkea-dhcp_ddns.so.%dhcp_ddns_sover
%_libdir/libkea-dhcp_ddns.so.%dhcp_ddns_sover.*
%files -n libkea-dhcpsrv%dhcpsrv_sover
%_libdir/libkea-dhcpsrv.so.%dhcpsrv_sover
%_libdir/libkea-dhcpsrv.so.%dhcpsrv_sover.*
%files -n libkea-dns%dns_sover
%_libdir/libkea-dns.so.%dns_sover
%_libdir/libkea-dns.so.%dns_sover.*
%files -n libkea-dns++%dnspp_sover
%_libdir/libkea-dns++.so.%dnspp_sover.*
%files -n libkea-eval%eval_sover
%_libdir/libkea-eval.so.%eval_sover
%_libdir/libkea-eval.so.%eval_sover.*
%files -n libkea-exceptions%exceptions_sover
%_libdir/libkea-exceptions.so.%exceptions_sover
%_libdir/libkea-exceptions.so.%exceptions_sover.*
%files -n libkea-hooks%hooks_sover
%_libdir/libkea-hooks.so.%hooks_sover
%_libdir/libkea-hooks.so.%hooks_sover.*
%files -n libkea-http%http_sover
%_libdir/libkea-http.so.%http_sover
%_libdir/libkea-http.so.%http_sover.*
%files -n libkea-log-interprocess%log_interprocess_sover
%_libdir/libkea-log-interprocess.so.%log_interprocess_sover
%_libdir/libkea-log-interprocess.so.%log_interprocess_sover.*
%files -n libkea-log%log_sover
%_libdir/libkea-log.so.%log_sover
%_libdir/libkea-log.so.%log_sover.*
%files -n libkea-mysql%mysql_sover
%_libdir/libkea-mysql.so.%mysql_sover
%_libdir/libkea-mysql.so.%mysql_sover.*
%files -n libkea-pgsql%pgsql_sover
%_libdir/libkea-pgsql.so.%pgsql_sover
%_libdir/libkea-pgsql.so.%pgsql_sover.*
%files -n libkea-process%process_sover
%_libdir/libkea-process.so.%process_sover
%_libdir/libkea-process.so.%process_sover.*
%files -n libkea-stats%stats_sover
%_libdir/libkea-stats.so.%stats_sover
%_libdir/libkea-stats.so.%stats_sover.*
%files -n libkea-tcp%tcp_sover
%_libdir/libkea-tcp.so.%tcp_sover
%_libdir/libkea-tcp.so.%tcp_sover.*
%files -n libkea-util-io%util_io_sover
%_libdir/libkea-util-io.so.%util_io_sover
%_libdir/libkea-util-io.so.%util_io_sover.*
%files -n libkea-util%util_sover
%_libdir/libkea-util.so.%util_sover
%_libdir/libkea-util.so.%util_sover.*
%files -n python3-kea
@@ -606,7 +539,5 @@ fi
%files devel
%_includedir/kea/
%_libdir/libkea*.so
%{_libdir}/pkgconfig/*.pc
%{_bindir}/kea-msg-compiler
%changelog