SHA256
1
0
forked from pool/dhcp
dhcp/0009-dhcp-4.2.6-close-on-exec.patch

298 lines
9.4 KiB
Diff
Raw Normal View History

- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
From ecb183516cf0b51ebf0a02f3b46248479fa51e43 Mon Sep 17 00:00:00 2001
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
From: Marius Tomaschewski <mt@suse.de>
Date: Thu, 18 Aug 2011 14:09:06 +0200
Subject: [PATCH] dhcp-4.2.6-close-on-exec
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
Merged fixed close-on-exec patch (bnc#732910)
References: bnc#732910
Signed-off-by: Marius Tomaschewski <mt@suse.de>
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/client/clparse.c b/client/clparse.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 320c42f..b7e4251 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/client/clparse.c
+++ b/client/clparse.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -221,7 +221,7 @@ int read_client_conf_file (const char *name, struct interface_info *ip,
int token;
isc_result_t status;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
- if ((file = open (name, O_RDONLY)) < 0)
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
return uerr2isc (errno);
cfile = NULL;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -297,7 +297,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
return;
cfile = NULL;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/client/dhclient.c b/client/dhclient.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index a077b48..ac36e3d 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/client/dhclient.c
+++ b/client/dhclient.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -438,7 +438,7 @@ main(int argc, char **argv) {
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
long temp;
int e;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -2840,7 +2840,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -3033,7 +3033,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -3081,7 +3081,7 @@ write_client6_lease(struct client_state *client, struct dhc6_lease *lease,
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -3213,7 +3213,7 @@ int write_client_lease (client, lease, rewrite, makesure)
return 1;
if (leaseFile == NULL) { /* XXX */
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/bpf.c b/common/bpf.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 39d4f45..df9facc 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/bpf.c
+++ b/common/bpf.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/discover.c b/common/discover.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 3cd64a7..37af780 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/discover.c
+++ b/common/discover.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -415,7 +415,7 @@ begin_iface_scan(struct iface_conf_list *ifaces) {
int len;
int i;
- ifaces->fp = fopen("/proc/net/dev", "r");
+ ifaces->fp = fopen("/proc/net/dev", "re");
if (ifaces->fp == NULL) {
log_error("Error opening '/proc/net/dev' to list interfaces");
return 0;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -450,7 +450,7 @@ begin_iface_scan(struct iface_conf_list *ifaces) {
#ifdef DHCPv6
if (local_family == AF_INET6) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
+ ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
if (ifaces->fp6 == NULL) {
log_error("Error opening '/proc/net/if_inet6' to "
"list IPv6 interfaces; %m");
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/dlpi.c b/common/dlpi.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index c34adc3..944f21c 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/dlpi.c
+++ b/common/dlpi.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
- return open (devname, O_RDWR, 0);
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
}
/*
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/nit.c b/common/nit.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 316e85f..6aa778b 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/nit.c
+++ b/common/nit.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -75,7 +75,7 @@ int if_register_nit (info)
struct strioctl sio;
/* Open a NIT device */
- sock = open ("/dev/nit", O_RDWR);
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/resolv.c b/common/resolv.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
index 526cebf..2ac8d43 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/resolv.c
+++ b/common/resolv.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -44,7 +44,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/common/upf.c b/common/upf.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 34011eb..77d5878 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/common/upf.c
+++ b/common/upf.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -71,7 +71,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/omapip/trace.c b/omapip/trace.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index f4115c1..4410c35 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/omapip/trace.c
+++ b/omapip/trace.c
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -138,10 +138,10 @@ isc_result_t trace_begin (const char *filename,
return DHCP_R_INVALIDARG;
}
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
if (traceoutfile < 0 && errno == EEXIST) {
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
0600);
}
- Initially switched to use systemd service files under systemd and enabled Restart=on-abort (fate#315133). - Update to ISC dhcp-4.2.6 release. See RELNOTES file for the complete list of changes -- digest of fixes not in dhcp-4.2.5: - Tidy up receive packet processing. Thanks to Brad Plank of GTA for reporting the issue and suggesting a possible patch. [ISC-Bugs #34447] - Fix the socket handling for DHCPv6 clients to allow multiple instances of a client on a single machine to work properly. Previously only one client would receive the packets. Thanks to Jiri Popelka at Red Hat for the bug report and a potential patch. [ISC-Bugs #34784] - Added support for gentle shutdown after signal is received. [ISC-Bugs #32692] [ISC-Bugs 34945] - Enhance the DHCPv6 server logging to include the addresses that are assigned to the clients. This can be enabled by defining LOG_V6_ADDRESSES in site.h. [ISC-Bugs #26377] - Fix an operation in the DDNS code to be a bitwise instead of logical or. [ISC-Bugs #35138] - Merged patches for dhcp-4.2.6 version to apply without fuzzy, prepended patch number prefixes to match spec file patch nr, added patch markup tags / bug numbers to the spec file. - Applied contrib-lease-path pach to contrib.tar.gz [- contrib-lease-path.diff] - Changed to require automake and use its config.sub and guess files instead of maintaining a patch. [- config-guess-sub-update.patch] - Enabled to log DHCPv6 addresses assigned by server to clients [+ 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch] - Cleaned up documentation, rpmlint adjustments. OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=121
2014-02-10 19:14:12 +01:00
@@ -429,7 +429,7 @@ void trace_file_replay (const char *filename)
isc_result_t result;
int len;
- traceinfile = fopen (filename, "r");
+ traceinfile = fopen (filename, "re");
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 15b4997..9d39fae 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -558,13 +558,14 @@ main(int argc, char **argv) {
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ O_CREAT | O_TRUNC | O_WRONLY |
+ O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error("Can't create %s: %m",
path_dhcrelay_pid);
} else {
- pf = fdopen(pfdesc, "w");
+ pf = fdopen(pfdesc, "we");
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
diff --git a/server/confpars.c b/server/confpars.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 4b2907d..6aa5b3f 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/server/confpars.c
+++ b/server/confpars.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -111,7 +111,7 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
}
#endif
- if ((file = open (filename, O_RDONLY)) < 0) {
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/server/db.c b/server/db.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 0c642ad..e9a38fe 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/server/db.c
+++ b/server/db.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -1072,7 +1072,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
- db_file = fopen (path_dhcpd_db, "a");
+ db_file = fopen (path_dhcpd_db, "ae");
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -1120,7 +1120,7 @@ int new_lease_file ()
path_dhcpd_db) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
- db_fd = mkstemp (newfname);
+ db_fd = mkostemp (newfname, O_CLOEXEC);
if (db_fd < 0) {
log_error ("Can't create new lease file: %m");
return 0;
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -1145,7 +1145,7 @@ int new_lease_file ()
}
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
#endif /* PARANOIA */
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/server/dhcpd.c b/server/dhcpd.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index eecc89b..afef390 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -658,7 +658,7 @@ main(int argc, char **argv) {
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
*/
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
if ((lftest == 0) && (no_pid_file == ISC_FALSE)) {
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
/*Read previous pid file. */
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
- if ((i = open(path_dhcpd_pid, O_RDONLY)) >= 0) {
+ if ((i = open(path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) {
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
status = read(i, pbuf, (sizeof pbuf) - 1);
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
close(i);
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
if (status > 0) {
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -758,7 +758,7 @@ main(int argc, char **argv) {
* appropriate.
*/
if (no_pid_file == ISC_FALSE) {
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
IGNORE_RET(write(i, pbuf, strlen(pbuf)));
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
diff --git a/server/ldap.c b/server/ldap.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
index 2893b82..9530d9d 100644
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--- a/server/ldap.c
+++ b/server/ldap.c
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
@@ -1442,7 +1442,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
S_IRUSR | S_IWUSR)) < 0)
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
strerror (errno));
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00
--
- Update to dhcp-4.3.3 (fate#319067) provinding many bug fixes, features and obsoletes several patches we were using before. For complete list of the changes, please read the RELNOTES file shipped along with the package or online: https://kb.isc.org/article/AA-01297/82/DHCP-4.3.3-Release-Notes.html - Removed obsolete patches included upstream now: [- 0007-dhcp-4.2.6-ldap-mt01.patch, - 0009-dhcp-4.2.6-xen-checksum.patch, - 0013-dhcp-4.2.3-P1-dhclient-log-pid.patch, - 0015-Ignore-SIGPIPE-to-not-die-in-socket-code.patch, - 0016-server-log-DHCPv6-addresses-assigned-to-clients.patch, - 0019-dhcp-4.2.x-ldap-debug-write.bnc835818.patch, - 0021-dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch, - 0022-dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch, - 0023-dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch, - 0025-dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch, - 0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch] - Replaced hostname patch with a dhcpv6 and fqdn aware variant: [- 0006-dhcp-4.2.5-dhclient-send-hostname-rml.patch, + 0006-dhcp-4.3.2-dhclient-send-hostname-or-fqdn.patch] - Replaced infiniband support patch with fixed variant: [- 0017-dhcp-4.2.6-lpf-ip-over-ib-support.patch - 0018-dhcp-4.2.6-improved-xid.patch - 0027-dhcp-4.2.x-handle-ifa_addr-NULL.909189.patch, + 0030-infiniband-support.patch] - Merged/Adopted patches for the dhcp-4.3.3 sources: [* 0004-dhcp-4.1.1-tmpfile.patch, * 0011-dhcp-4.2.6-close-on-exec.patch, * 0020-dhcp-4.2.x-chown-server-leases.bnc868253.patch] OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=151
2015-09-14 14:11:04 +02:00
2.1.4
- Updated to ISC dhcp-4.2.2 release, providing two security fixes (CVE-2011-2748,CVE-2011-2749,[ISC-Bugs #24960],bnc#712653), that allowed remote attackers to cause a denial of service (a daemon exit) via crafted BOOTP packets. Further also DNS update fix to detect overlapping pools or misconfigured fixed-address entries, that caused a server crash during DNS update and other fixes. For a complete list, please see the RELNOTES file provided in the package and also available online at http://www.isc.org/. - Merged/adopted dhclient option-checks, send-hostname-rml, ldap patch, xen-checksum, close-on-exec patches and removed obsolete in6_pktinfo-prototype and relay-no-ip-on-interface patches. - Moved server pid files into chroot directory even chroot is not used and create a link in /var/run, so it can write one when started as user without chroot and avoid stop problems when the chroot sysconfig setting changed (bnc#712438). - Disabled log-info level messages in dhclient(6) quiet mode to avoid excessive logging of non-critical messages (bnc#711420). - Fixed dhclient-script to not remove alias IP when it didn't changed to not wipe out iptables connmark when renewing the lease (bnc#700771). Thanks to James Carter for the patch. - Fixed DDNS-howto.txt reference in the config file; it has been moved to the dhcp-doc package (bnc#697279). - Removed GPL licensed files (bind-*/contrib/dbus) from bind.tgz to ensure, they're not used to build non-GPL dhcp (bnc#714004). - Changed to apply strict-aliasing/RELRO for >= 12.x only OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=75
2011-08-29 17:37:53 +02:00