SHA256
1
0
forked from pool/dhcp
dhcp/0026-dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch
Marius Tomaschewski 348f524f0a - Applied contrib/ldap/dhcpd-conf-to-ldap patch by Ales Novak to
reorder config to add all global options or option declarations
  to the dhcpService object instead to create new service object
  (bsc#886094,ISC-Bugs#37876).
  [+ dhcp-4.2.x-contrib-conf-to-ldap-reorder.886094.patch]
- Applied an upstream patch by Thomas Markwalder adding missed
  mapping of SHA TSIG algorithm names to their constants to enable
  hmac-sha1, hmac_sha224, hmac_sha256, hmac_sha384 and hmac_sha512
  authenticated dynamic DNS updates (bsc#890731, ISC-Bugs#36947).
  [+ dhcp-4.2.x-ddns-tsig-hmac-sha-support.890731.patch]
- Decline IPv6 addresses on Duplicate Address Detection failure
  and stop client message exchanges on reached MRD rather than
  at some point after it. Applied fedora patches by Jiri Popelka
  and added DAD reporting via exit 3 to the dhclient-script and
  a fix to use correct address variables in the DEPREF6 action
  (bsc#872609,ISC-Bugs#26735,ISC-Bugs#21238).
  [+ dhcp-4.2.x-dhcpv6-decline-on-DAD-failure.872609.patch,
   + dhcp-4.2.x-dhcpv6-retransmission-until-MRD.872609.patch]
- Applied backport patch by William Preston avoiding to bind ddns
  socket in the server when ddns-update-style is none (bsc#891655).
  [+ dhcp-4.2.x-disable-unused-ddns-port-in-server.891655.patch]
- Applied patch for the contrib/ldap/dhcpd-conf-to-ldap script
  fixing subclass statement handling (bnc#878846,[ISC-Bugs #36409])
  [+ dhcp-4.2.4-P2-bnc878846-conf-to-ldap.patch]
- Updated licence statement and FSF address in our scripts.
- Added missed service_add_pre macro calls for dhcrelay services

OBS-URL: https://build.opensuse.org/package/show/network:dhcp/dhcp?expand=0&rev=141
2014-11-21 11:33:30 +00:00

293 lines
8.6 KiB
Diff

Author: William Preston <wpreston@suse.com>
Subject: do not bind ddns socket in server when ddns-update-style is none
References: bsc#891655
Upstream: yes
backported from commit 61ef216b8dc05bc4245b61eee812038757d12ffe
by Shawn Routhier <sar@isc.org> with changes.
diff --git a/client/dhclient.c b/client/dhclient.c
index bfa99fb..93f1dfc 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -171,7 +171,7 @@ main(int argc, char **argv) {
#endif
/* Set up the isc and dns library managers */
- status = dhcp_context_create();
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB);
if (status != ISC_R_SUCCESS)
log_fatal("Can't initialize context: %s",
isc_result_totext(status));
diff --git a/dhcpctl/dhcpctl.c b/dhcpctl/dhcpctl.c
index a4aee7f..2217956 100644
--- a/dhcpctl/dhcpctl.c
+++ b/dhcpctl/dhcpctl.c
@@ -43,7 +43,7 @@ dhcpctl_status dhcpctl_initialize ()
isc_result_t status;
/* Set up the isc and dns library managers */
- status = dhcp_context_create();
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB);
if (status != ISC_R_SUCCESS)
return status;
diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h
index a9df110..05a18f1 100644
--- a/includes/omapip/isclib.h
+++ b/includes/omapip/isclib.h
@@ -121,7 +121,9 @@ isclib_make_dst_key(char *inname,
int length,
dst_key_t **dstkey);
-isc_result_t dhcp_context_create(void);
+#define DHCP_CONTEXT_PRE_DB 1
+#define DHCP_CONTEXT_POST_DB 2
+isc_result_t dhcp_context_create(int flags);
void isclib_cleanup(void);
void dhcp_signal_handler(int signal);
diff --git a/omapip/isclib.c b/omapip/isclib.c
index e9cb321..d833bc9 100644
--- a/omapip/isclib.c
+++ b/omapip/isclib.c
@@ -87,98 +87,102 @@ handle_signal(int sig, void (*handler)(int)) {
}
isc_result_t
-dhcp_context_create(void) {
+dhcp_context_create(int flags) {
isc_result_t result;
- /*
- * Set up the error messages, this isn't the right place
- * for this call but it is convienent for now.
- */
- result = dhcp_result_register();
- if (result != ISC_R_SUCCESS) {
- log_fatal("register_table() %s: %u", "failed", result);
- }
-
- memset(&dhcp_gbl_ctx, 0, sizeof (dhcp_gbl_ctx));
+ if ((flags & DHCP_CONTEXT_PRE_DB) != 0) {
+ /*
+ * Set up the error messages, this isn't the right place
+ * for this call but it is convienent for now.
+ */
+ result = dhcp_result_register();
+ if (result != ISC_R_SUCCESS) {
+ log_fatal("register_table() %s: %u", "failed", result);
+ }
+
+ memset(&dhcp_gbl_ctx, 0, sizeof (dhcp_gbl_ctx));
- isc_lib_register();
+ isc_lib_register();
- /* get the current time for use as the random seed */
- gettimeofday(&cur_tv, (struct timezone *)0);
- isc_random_seed(cur_tv.tv_sec);
+ /* get the current time for use as the random seed */
+ gettimeofday(&cur_tv, (struct timezone *)0);
+ isc_random_seed(cur_tv.tv_sec);
#if defined (NSUPDATE)
- result = dns_lib_init();
- if (result != ISC_R_SUCCESS)
- goto cleanup;
+ result = dns_lib_init();
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+#else
+ /* The dst library is inited as part of dns_lib_init, we don't
+ * need it if NSUPDATE is enabled */
+ result = dst_lib_init(dhcp_gbl_ctx.mctx, NULL, 0);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
#endif
- result = isc_mem_create(0, 0, &dhcp_gbl_ctx.mctx);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- result = isc_appctx_create(dhcp_gbl_ctx.mctx, &dhcp_gbl_ctx.actx);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- result = isc_app_ctxstart(dhcp_gbl_ctx.actx);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- /*
- * Always ignore SIGPIPE.
- * Otherwise we will die before the errno == EPIPE
- * checks in the socket code are reached.
- *
- * Note: unlike isc_app_start(), isc_app_ctxstart()
- * does not set any signal handlers.
- */
- result = handle_signal(SIGPIPE, SIG_IGN);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- dhcp_gbl_ctx.actx_started = ISC_TRUE;
-
- result = isc_taskmgr_createinctx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- 1, 0,
- &dhcp_gbl_ctx.taskmgr);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- result = isc_socketmgr_createinctx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- &dhcp_gbl_ctx.socketmgr);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- result = isc_timermgr_createinctx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- &dhcp_gbl_ctx.timermgr);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- result = isc_task_create(dhcp_gbl_ctx.taskmgr, 0, &dhcp_gbl_ctx.task);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
+ result = isc_mem_create(0, 0, &dhcp_gbl_ctx.mctx);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ result = isc_appctx_create(dhcp_gbl_ctx.mctx, &dhcp_gbl_ctx.actx);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ result = isc_app_ctxstart(dhcp_gbl_ctx.actx);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ /*
+ * Always ignore SIGPIPE.
+ * Otherwise we will die before the errno == EPIPE
+ * checks in the socket code are reached.
+ *
+ * Note: unlike isc_app_start(), isc_app_ctxstart()
+ * does not set any signal handlers.
+ */
+ result = handle_signal(SIGPIPE, SIG_IGN);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ dhcp_gbl_ctx.actx_started = ISC_TRUE;
+
+ result = isc_taskmgr_createinctx(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ 1, 0,
+ &dhcp_gbl_ctx.taskmgr);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ result = isc_socketmgr_createinctx(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ &dhcp_gbl_ctx.socketmgr);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ result = isc_timermgr_createinctx(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ &dhcp_gbl_ctx.timermgr);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+
+ result = isc_task_create(dhcp_gbl_ctx.taskmgr, 0, &dhcp_gbl_ctx.task);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+ }
#if defined (NSUPDATE)
- result = dns_client_createx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- dhcp_gbl_ctx.taskmgr,
- dhcp_gbl_ctx.socketmgr,
- dhcp_gbl_ctx.timermgr,
- 0,
- &dhcp_gbl_ctx.dnsclient);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-#else
- /* The dst library is inited as part of dns_lib_init, we don't
- * need it if NSUPDATE is enabled */
- result = dst_lib_init(dhcp_gbl_ctx.mctx, NULL, 0);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
+ if ((flags & DHCP_CONTEXT_POST_DB) != 0) {
+
+ result = dns_client_createx(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ dhcp_gbl_ctx.taskmgr,
+ dhcp_gbl_ctx.socketmgr,
+ dhcp_gbl_ctx.timermgr,
+ 0,
+ &dhcp_gbl_ctx.dnsclient);
+ if (result != ISC_R_SUCCESS)
+ goto cleanup;
+ }
#endif
return(ISC_R_SUCCESS);
diff --git a/omapip/test.c b/omapip/test.c
index e97a61f..2735716 100644
--- a/omapip/test.c
+++ b/omapip/test.c
@@ -45,7 +45,7 @@ int main (int argc, char **argv)
omapi_object_t *connection = (omapi_object_t*)0;
isc_result_t status;
- status = dhcp_context_create();
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB);
if (status != ISC_R_SUCCESS) {
fprintf(stderr, "Can't initialize context: %s\n",
isc_result_totext(status));
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index 4ef6737..15e5c46 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -195,7 +195,7 @@ main(int argc, char **argv) {
#endif
/* Set up the isc and dns library managers */
- status = dhcp_context_create();
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB);
if (status != ISC_R_SUCCESS)
log_fatal("Can't initialize context: %s",
isc_result_totext(status));
diff --git a/server/dhcpd.c b/server/dhcpd.c
index b28c34c..434db00 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -281,7 +281,7 @@ main(int argc, char **argv) {
close(fd);
/* Set up the isc and dns library managers */
- status = dhcp_context_create();
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB);
if (status != ISC_R_SUCCESS)
log_fatal("Can't initialize context: %s",
isc_result_totext(status));
@@ -1100,6 +1100,11 @@ void postconf_initialization (int quiet)
if (ddns_update_style == DDNS_UPDATE_STYLE_AD_HOC) {
log_fatal("ddns-update-style ad_hoc no longer supported");
}
+
+ if (ddns_update_style != DDNS_UPDATE_STYLE_NONE && dhcp_context_create(DHCP_CONTEXT_POST_DB)
+ != ISC_R_SUCCESS)
+ log_fatal("Unable to complete ddns initialization");
+
#else
/* If we don't have support for updates compiled in tell the user */
if (ddns_update_style != DDNS_UPDATE_STYLE_NONE) {
--
2.1.2