- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
From ecb183516cf0b51ebf0a02f3b46248479fa51e43 Mon Sep 17 00:00:00 2001
|
2014-02-10 19:14:12 +01:00
|
|
|
From: Marius Tomaschewski <mt@suse.de>
|
|
|
|
|
Date: Thu, 18 Aug 2011 14:09:06 +0200
|
|
|
|
|
Subject: [PATCH] dhcp-4.2.6-close-on-exec
|
|
|
|
|
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
Merged fixed close-on-exec patch (bnc#732910)
|
|
|
|
|
|
|
|
|
|
References: bnc#732910
|
|
|
|
|
Signed-off-by: Marius Tomaschewski <mt@suse.de>
|
2014-02-10 19:14:12 +01:00
|
|
|
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: client/clparse.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- client/clparse.c.orig
|
|
|
|
|
+++ client/clparse.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -265,7 +265,7 @@ int read_client_conf_file (const char *n
|
2011-05-17 12:54:19 +02:00
|
|
|
int token;
|
|
|
|
|
isc_result_t status;
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
|
2011-05-17 12:54:19 +02:00
|
|
|
- if ((file = open (name, O_RDONLY)) < 0)
|
|
|
|
|
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
|
|
|
|
|
return uerr2isc (errno);
|
|
|
|
|
|
|
|
|
|
cfile = NULL;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -341,7 +341,7 @@ void read_client_leases ()
|
2011-05-17 12:54:19 +02:00
|
|
|
|
|
|
|
|
/* Open the lease file. If we can't open it, just return -
|
|
|
|
|
we can safely trust the server to remember our state. */
|
|
|
|
|
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
|
|
|
|
|
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
cfile = NULL;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: client/dhclient.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- client/dhclient.c.orig
|
|
|
|
|
+++ client/dhclient.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -683,7 +683,7 @@ main(int argc, char **argv) {
|
2014-02-10 19:14:12 +01:00
|
|
|
long temp;
|
2011-05-17 12:54:19 +02:00
|
|
|
int e;
|
|
|
|
|
|
|
|
|
|
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
|
|
|
|
|
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
|
|
|
|
|
e = fscanf(pidfd, "%ld\n", &temp);
|
|
|
|
|
oldpid = (pid_t)temp;
|
|
|
|
|
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -3642,7 +3642,7 @@ void rewrite_client_leases ()
|
2011-05-17 12:54:19 +02:00
|
|
|
|
|
|
|
|
if (leaseFile != NULL)
|
|
|
|
|
fclose (leaseFile);
|
|
|
|
|
- leaseFile = fopen (path_dhclient_db, "w");
|
|
|
|
|
+ leaseFile = fopen (path_dhclient_db, "we");
|
|
|
|
|
if (leaseFile == NULL) {
|
|
|
|
|
log_error ("can't create %s: %m", path_dhclient_db);
|
|
|
|
|
return;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -3837,7 +3837,7 @@ write_duid(struct data_string *duid)
|
2011-05-17 12:54:19 +02:00
|
|
|
return DHCP_R_INVALIDARG;
|
|
|
|
|
|
|
|
|
|
if (leaseFile == NULL) { /* XXX? */
|
|
|
|
|
- leaseFile = fopen(path_dhclient_db, "w");
|
|
|
|
|
+ leaseFile = fopen(path_dhclient_db, "we");
|
|
|
|
|
if (leaseFile == NULL) {
|
|
|
|
|
log_error("can't create %s: %m", path_dhclient_db);
|
|
|
|
|
return ISC_R_IOERROR;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -3882,7 +3882,7 @@ write_client6_lease(struct client_state
|
2011-05-17 12:54:19 +02:00
|
|
|
return DHCP_R_INVALIDARG;
|
|
|
|
|
|
|
|
|
|
if (leaseFile == NULL) { /* XXX? */
|
|
|
|
|
- leaseFile = fopen(path_dhclient_db, "w");
|
|
|
|
|
+ leaseFile = fopen(path_dhclient_db, "we");
|
|
|
|
|
if (leaseFile == NULL) {
|
|
|
|
|
log_error("can't create %s: %m", path_dhclient_db);
|
|
|
|
|
return ISC_R_IOERROR;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -4041,7 +4041,7 @@ int write_client_lease (client, lease, r
|
2011-05-17 12:54:19 +02:00
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
if (leaseFile == NULL) { /* XXX */
|
|
|
|
|
- leaseFile = fopen (path_dhclient_db, "w");
|
|
|
|
|
+ leaseFile = fopen (path_dhclient_db, "we");
|
|
|
|
|
if (leaseFile == NULL) {
|
|
|
|
|
log_error ("can't create %s: %m", path_dhclient_db);
|
|
|
|
|
return 0;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: common/bpf.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- common/bpf.c.orig
|
|
|
|
|
+++ common/bpf.c
|
|
|
|
|
@@ -94,7 +94,7 @@ int if_register_bpf (info)
|
2011-05-17 12:54:19 +02:00
|
|
|
for (b = 0; 1; b++) {
|
|
|
|
|
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
|
|
|
|
|
sprintf(filename, BPF_FORMAT, b);
|
|
|
|
|
- sock = open (filename, O_RDWR, 0);
|
|
|
|
|
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
|
|
|
|
|
if (sock < 0) {
|
|
|
|
|
if (errno == EBUSY) {
|
|
|
|
|
continue;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: common/dlpi.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- common/dlpi.c.orig
|
|
|
|
|
+++ common/dlpi.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -817,7 +817,7 @@ dlpiopen(const char *ifname) {
|
2011-05-17 12:54:19 +02:00
|
|
|
}
|
|
|
|
|
*dp = '\0';
|
|
|
|
|
|
|
|
|
|
- return open (devname, O_RDWR, 0);
|
|
|
|
|
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: common/nit.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- common/nit.c.orig
|
|
|
|
|
+++ common/nit.c
|
2014-02-10 19:14:12 +01:00
|
|
|
@@ -75,7 +75,7 @@ int if_register_nit (info)
|
2011-05-17 12:54:19 +02:00
|
|
|
struct strioctl sio;
|
|
|
|
|
|
|
|
|
|
/* Open a NIT device */
|
|
|
|
|
- sock = open ("/dev/nit", O_RDWR);
|
|
|
|
|
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
|
|
|
|
|
if (sock < 0)
|
|
|
|
|
log_fatal ("Can't open NIT device for %s: %m", info -> name);
|
|
|
|
|
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: common/resolv.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- common/resolv.c.orig
|
|
|
|
|
+++ common/resolv.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -43,7 +43,7 @@ void read_resolv_conf (parse_time)
|
2011-05-17 12:54:19 +02:00
|
|
|
struct domain_search_list *dp, *dl, *nd;
|
|
|
|
|
isc_result_t status;
|
|
|
|
|
|
|
|
|
|
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
|
|
|
|
|
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
|
|
|
|
|
log_error ("Can't open %s: %m", path_resolv_conf);
|
|
|
|
|
return;
|
|
|
|
|
}
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: common/upf.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- common/upf.c.orig
|
|
|
|
|
+++ common/upf.c
|
2014-02-10 19:14:12 +01:00
|
|
|
@@ -71,7 +71,7 @@ int if_register_upf (info)
|
2011-05-17 12:54:19 +02:00
|
|
|
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
|
|
|
|
|
sprintf(filename, "/dev/pf/pfilt%d", b);
|
|
|
|
|
|
|
|
|
|
- sock = open (filename, O_RDWR, 0);
|
|
|
|
|
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
|
|
|
|
|
if (sock < 0) {
|
|
|
|
|
if (errno == EBUSY) {
|
|
|
|
|
continue;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: omapip/trace.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- omapip/trace.c.orig
|
|
|
|
|
+++ omapip/trace.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -136,10 +136,10 @@ isc_result_t trace_begin (const char *fi
|
2011-05-17 12:54:19 +02:00
|
|
|
return DHCP_R_INVALIDARG;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
|
|
|
|
|
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
|
|
|
|
|
if (traceoutfile < 0 && errno == EEXIST) {
|
|
|
|
|
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
|
|
|
|
|
- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
|
|
|
|
|
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
|
|
|
|
|
0600);
|
|
|
|
|
}
|
|
|
|
|
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -427,7 +427,7 @@ void trace_file_replay (const char *file
|
2011-05-17 12:54:19 +02:00
|
|
|
isc_result_t result;
|
|
|
|
|
int len;
|
|
|
|
|
|
|
|
|
|
- traceinfile = fopen (filename, "r");
|
|
|
|
|
+ traceinfile = fopen (filename, "re");
|
|
|
|
|
if (!traceinfile) {
|
|
|
|
|
log_error("Can't open tracefile %s: %m", filename);
|
|
|
|
|
return;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: relay/dhcrelay.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- relay/dhcrelay.c.orig
|
|
|
|
|
+++ relay/dhcrelay.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -783,13 +783,14 @@ main(int argc, char **argv) {
|
|
|
|
|
/* Create the pid file. */
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
if (no_pid_file == ISC_FALSE) {
|
|
|
|
|
pfdesc = open(path_dhcrelay_pid,
|
|
|
|
|
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
|
|
|
|
|
+ O_CREAT | O_TRUNC | O_WRONLY |
|
|
|
|
|
+ O_CLOEXEC, 0644);
|
|
|
|
|
|
|
|
|
|
if (pfdesc < 0) {
|
|
|
|
|
log_error("Can't create %s: %m",
|
|
|
|
|
path_dhcrelay_pid);
|
|
|
|
|
} else {
|
|
|
|
|
- pf = fdopen(pfdesc, "w");
|
|
|
|
|
+ pf = fdopen(pfdesc, "we");
|
|
|
|
|
if (!pf)
|
|
|
|
|
log_error("Can't fdopen %s: %m",
|
|
|
|
|
path_dhcrelay_pid);
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: server/confpars.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- server/confpars.c.orig
|
|
|
|
|
+++ server/confpars.c
|
|
|
|
|
@@ -118,7 +118,7 @@ isc_result_t read_conf_file (const char
|
2011-05-17 12:54:19 +02:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
- if ((file = open (filename, O_RDONLY)) < 0) {
|
|
|
|
|
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
|
|
|
|
|
if (leasep) {
|
|
|
|
|
log_error ("Can't open lease database %s: %m --",
|
|
|
|
|
path_dhcpd_db);
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: server/db.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- server/db.c.orig
|
|
|
|
|
+++ server/db.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -1105,7 +1105,7 @@ void db_startup (int test_mode)
|
|
|
|
|
* Therefore, in test mode we need to point db_file to a disposable
|
|
|
|
|
* file to protect the original lease file. */
|
|
|
|
|
current_db_path = (test_mode ? "/dev/null" : path_dhcpd_db);
|
|
|
|
|
- db_file = fopen (current_db_path, "a");
|
|
|
|
|
+ db_file = fopen (current_db_path, "ae");
|
|
|
|
|
if (!db_file) {
|
|
|
|
|
log_fatal ("Can't open %s for append.", current_db_path);
|
2011-05-17 12:54:19 +02:00
|
|
|
}
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -1154,7 +1154,7 @@ int new_lease_file (int test_mode)
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
path_dhcpd_db) >= sizeof newfname)
|
|
|
|
|
log_fatal("new_lease_file: lease file path too long");
|
2011-05-17 12:54:19 +02:00
|
|
|
|
|
|
|
|
- db_fd = mkstemp (newfname);
|
|
|
|
|
+ db_fd = mkostemp (newfname, O_CLOEXEC);
|
|
|
|
|
if (db_fd < 0) {
|
|
|
|
|
log_error ("Can't create new lease file: %m");
|
|
|
|
|
return 0;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -1179,7 +1179,7 @@ int new_lease_file (int test_mode)
|
2011-05-17 12:54:19 +02:00
|
|
|
}
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
#endif /* PARANOIA */
|
|
|
|
|
|
2011-05-17 12:54:19 +02:00
|
|
|
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
|
|
|
|
|
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
|
|
|
|
|
log_error("Can't fdopen new lease file: %m");
|
|
|
|
|
close(db_fd);
|
|
|
|
|
goto fdfail;
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: server/dhcpd.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- server/dhcpd.c.orig
|
|
|
|
|
+++ server/dhcpd.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -880,7 +880,7 @@ main(int argc, char **argv) {
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
*/
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
if ((lftest == 0) && (no_pid_file == ISC_FALSE)) {
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
/*Read previous pid file. */
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
- if ((i = open(path_dhcpd_pid, O_RDONLY)) >= 0) {
|
|
|
|
|
+ if ((i = open(path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) {
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
status = read(i, pbuf, (sizeof pbuf) - 1);
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
close(i);
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
if (status > 0) {
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -990,7 +990,7 @@ main(int argc, char **argv) {
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
* appropriate.
|
|
|
|
|
*/
|
|
|
|
|
if (no_pid_file == ISC_FALSE) {
|
- Updated to ISC dhcp-4.2.2 release, providing two security fixes
(CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that
allowed remote attackers to cause a denial of service (a daemon
exit) via crafted BOOTP packets. Further also DNS update fix to
detect overlapping pools or misconfigured fixed-address entries,
that caused a server crash during DNS update and other fixes.
For a complete list, please see the RELNOTES file provided in
the package and also available online at http://www.isc.org/.
- Merged/adopted dhclient option-checks, send-hostname-rml, ldap
patch, xen-checksum, close-on-exec patches and removed obsolete
in6_pktinfo-prototype and relay-no-ip-on-interface patches.
- Moved server pid files into chroot directory even chroot is
not used and create a link in /var/run, so it can write one
when started as user without chroot and avoid stop problems
when the chroot sysconfig setting changed (bnc#712438).
- Disabled log-info level messages in dhclient(6) quiet mode to
avoid excessive logging of non-critical messages (bnc#711420).
- Fixed dhclient-script to not remove alias IP when it didn't
changed to not wipe out iptables connmark when renewing the
lease (bnc#700771). Thanks to James Carter for the patch.
- Fixed DDNS-howto.txt reference in the config file; it has been
moved to the dhcp-doc package (bnc#697279).
- Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz
to ensure, they're not used to build non-GPL dhcp (bnc#714004).
- Changed to apply strict-aliasing/RELRO for >= 12.x only
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
|
|
|
- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
|
|
|
|
|
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
|
|
|
|
|
if (i >= 0) {
|
|
|
|
|
sprintf(pbuf, "%d\n", (int) getpid());
|
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes,
features and obsoletes several patches we were using before.
For complete list of the changes, please read the RELNOTES
file shipped along with the package or online:
https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html
- Removed obsolete patches included upstream now:
[- 0007-dhcp-4.2.6-ldap-mt01.patch,
- 0009-dhcp-4.2.6-xen-checksum.patch,
- 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch,
- 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch,
- 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch,
- 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch,
- 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch,
- 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch,
- 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch,
- 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch,
- 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Replaced hostname patch with a dhcpv6 and fqdn aware variant:
[- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch,
+ 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch]
- Replaced infiniband support patch with fixed variant:
[- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch
- 0018-dhcp-4.2.6-improved-xid.patch
- 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch,
+ 0030-infiniband-support.patch]
- Merged/Adopted patches for the dhcp-4.3.3 sources:
[* 0004-dhcp-4.1.1-tmpfile.patch,
* 0011-dhcp-4.2.6-close-on-exec.patch,
* 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch]
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
|
|
|
IGNORE_RET(write(i, pbuf, strlen(pbuf)));
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
Index: server/ldap.c
|
|
|
|
|
===================================================================
|
2018-03-08 14:53:43 +01:00
|
|
|
--- server/ldap.c.orig
|
|
|
|
|
+++ server/ldap.c
|
Accepting request 866365 from home:dirkmueller:branches:network:dhcp
- update to 4.4.2:
* Please note that that ISC DHCP is now licensed under the Mozilla Public
License, MPL 2.0.
In general, the areas of focus for ISC DHCP 4.4 were:
1. Dynamic DNS additions
2. dhclient improvements
3. Support for dynamic shared libraries
* Added the interface name to socket initialization failure log messages.
Prior to this the log messages stated only the error reason without
stating the target interface.
* Corrected buffer pointer logic in dhcrelay functions that manipulate
agent relay options. Thanks to Thomas Imbert of MSRC Vulnerabilities
& Mitigations for reporting the issue.
* Corrected unresolved symbol errors building relay_unittests when
configured to build using libtool.
* A new configuration parameter, ping-cltt-secs (v4 operation only), has
been added to allow the user to specify the number of seconds that must
elapse since CLTT before a ping check is conducted. Prior to this, the
value was hard coded at 60 seconds. Please see the server man pages for
a more detailed discussion.
* A new configuration parameter, ping-timeout-ms (v4 operation only),
has been added that allows the user to specify the amount of time
the server waits for a ping-check response in milliseconds rather
than in seconds (via ping-timeout). When greater than zero, the value
of ping-timeout-ms will override the value of ping-timeout. Thanks
to Jay Doran from Bluecat Networks for suggesting this feature.
* An experimental tool called, Keama (KEA Migration Assistant), which helps
translate ISC DHCP configurations to Kea configurations, is now included
in the distribution.
* Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
OBS-URL: https://build.opensuse.org/request/show/866365
OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=224
2021-02-10 15:21:23 +01:00
|
|
|
@@ -1447,7 +1447,7 @@ ldap_start (void)
|
2011-05-17 12:54:19 +02:00
|
|
|
|
|
|
|
|
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
|
|
|
|
|
{
|
|
|
|
|
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
|
|
|
|
|
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
|
|
|
|
|
S_IRUSR | S_IWUSR)) < 0)
|
|
|
|
|
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
|
|
|
|
|
strerror (errno));
|