This commit is contained in:
Jiri Popelka 2015-08-10 12:09:24 +02:00
parent 0d29ddb0dd
commit 7406750da5
16 changed files with 372 additions and 1421 deletions

1
.gitignore vendored
View File

@ -25,3 +25,4 @@
/dhcp-4.3.1.tar.gz
/dhcp-4.3.2b1.tar.gz
/dhcp-4.3.2.tar.gz
/dhcp-4.3.3b1.tar.gz

View File

@ -1,6 +1,6 @@
diff -up dhcp-4.3.2b1/client/clparse.c.LzrZDt dhcp-4.3.2b1/client/clparse.c
--- dhcp-4.3.2b1/client/clparse.c.LzrZDt 2015-02-08 15:22:43.305597445 +0100
+++ dhcp-4.3.2b1/client/clparse.c 2015-02-08 15:22:43.381596392 +0100
diff -up dhcp-4.3.3b1/client/clparse.c.cloexec dhcp-4.3.3b1/client/clparse.c
--- dhcp-4.3.3b1/client/clparse.c.cloexec 2015-08-10 10:46:20.264755543 +0200
+++ dhcp-4.3.3b1/client/clparse.c 2015-08-10 10:46:20.274755510 +0200
@@ -247,7 +247,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
@ -19,10 +19,10 @@ diff -up dhcp-4.3.2b1/client/clparse.c.LzrZDt dhcp-4.3.2b1/client/clparse.c
return;
cfile = NULL;
diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
--- dhcp-4.3.2b1/client/dhclient.c.LzrZDt 2015-02-08 15:22:43.259598082 +0100
+++ dhcp-4.3.2b1/client/dhclient.c 2015-02-08 15:22:43.383596364 +0100
@@ -150,11 +150,11 @@ main(int argc, char **argv) {
diff -up dhcp-4.3.3b1/client/dhclient.c.cloexec dhcp-4.3.3b1/client/dhclient.c
--- dhcp-4.3.3b1/client/dhclient.c.cloexec 2015-08-10 10:46:20.260755556 +0200
+++ dhcp-4.3.3b1/client/dhclient.c 2015-08-10 10:46:20.275755506 +0200
@@ -153,11 +153,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
@ -37,7 +37,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -516,7 +516,7 @@ main(int argc, char **argv) {
@@ -519,7 +519,7 @@ main(int argc, char **argv) {
long temp;
int e;
@ -46,7 +46,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -571,7 +571,7 @@ main(int argc, char **argv) {
@@ -574,7 +574,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
@ -55,7 +55,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -596,7 +596,7 @@ main(int argc, char **argv) {
@@ -599,7 +599,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
@ -64,7 +64,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
@@ -3119,7 +3119,7 @@ void rewrite_client_leases ()
@@ -3120,7 +3120,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
@ -73,7 +73,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
@@ -3312,7 +3312,7 @@ write_duid(struct data_string *duid)
@@ -3313,7 +3313,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
@ -82,7 +82,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
@@ -3492,7 +3492,7 @@ int write_client_lease (client, lease, r
@@ -3493,7 +3493,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
@ -91,7 +91,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
@@ -4010,9 +4010,9 @@ void go_daemon ()
@@ -4011,9 +4011,9 @@ void go_daemon ()
(void) close(2);
/* Reopen them on /dev/null. */
@ -104,7 +104,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
write_client_pid_file ();
@@ -4029,14 +4029,14 @@ void write_client_pid_file ()
@@ -4030,14 +4030,14 @@ void write_client_pid_file ()
return;
}
@ -121,9 +121,9 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.LzrZDt dhcp-4.3.2b1/client/dhclient.c
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
diff -up dhcp-4.3.2b1/common/bpf.c.LzrZDt dhcp-4.3.2b1/common/bpf.c
--- dhcp-4.3.2b1/common/bpf.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/bpf.c 2015-02-08 15:22:43.383596364 +0100
diff -up dhcp-4.3.3b1/common/bpf.c.cloexec dhcp-4.3.3b1/common/bpf.c
--- dhcp-4.3.3b1/common/bpf.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/bpf.c 2015-08-10 10:46:20.275755506 +0200
@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
@ -133,9 +133,9 @@ diff -up dhcp-4.3.2b1/common/bpf.c.LzrZDt dhcp-4.3.2b1/common/bpf.c
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.3.2b1/common/dlpi.c.LzrZDt dhcp-4.3.2b1/common/dlpi.c
--- dhcp-4.3.2b1/common/dlpi.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/dlpi.c 2015-02-08 15:22:43.383596364 +0100
diff -up dhcp-4.3.3b1/common/dlpi.c.cloexec dhcp-4.3.3b1/common/dlpi.c
--- dhcp-4.3.3b1/common/dlpi.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/dlpi.c 2015-08-10 10:46:20.275755506 +0200
@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
@ -145,9 +145,9 @@ diff -up dhcp-4.3.2b1/common/dlpi.c.LzrZDt dhcp-4.3.2b1/common/dlpi.c
}
/*
diff -up dhcp-4.3.2b1/common/nit.c.LzrZDt dhcp-4.3.2b1/common/nit.c
--- dhcp-4.3.2b1/common/nit.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/nit.c 2015-02-08 15:22:43.384596350 +0100
diff -up dhcp-4.3.3b1/common/nit.c.cloexec dhcp-4.3.3b1/common/nit.c
--- dhcp-4.3.3b1/common/nit.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/nit.c 2015-08-10 10:46:20.275755506 +0200
@@ -75,7 +75,7 @@ int if_register_nit (info)
struct strioctl sio;
@ -157,9 +157,9 @@ diff -up dhcp-4.3.2b1/common/nit.c.LzrZDt dhcp-4.3.2b1/common/nit.c
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
diff -up dhcp-4.3.2b1/common/resolv.c.LzrZDt dhcp-4.3.2b1/common/resolv.c
--- dhcp-4.3.2b1/common/resolv.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/resolv.c 2015-02-08 15:22:43.384596350 +0100
diff -up dhcp-4.3.3b1/common/resolv.c.cloexec dhcp-4.3.3b1/common/resolv.c
--- dhcp-4.3.3b1/common/resolv.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/resolv.c 2015-08-10 10:46:20.276755503 +0200
@@ -44,7 +44,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
@ -169,9 +169,9 @@ diff -up dhcp-4.3.2b1/common/resolv.c.LzrZDt dhcp-4.3.2b1/common/resolv.c
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
diff -up dhcp-4.3.2b1/common/upf.c.LzrZDt dhcp-4.3.2b1/common/upf.c
--- dhcp-4.3.2b1/common/upf.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/upf.c 2015-02-08 15:22:43.384596350 +0100
diff -up dhcp-4.3.3b1/common/upf.c.cloexec dhcp-4.3.3b1/common/upf.c
--- dhcp-4.3.3b1/common/upf.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/upf.c 2015-08-10 10:46:20.276755503 +0200
@@ -71,7 +71,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
@ -181,9 +181,9 @@ diff -up dhcp-4.3.2b1/common/upf.c.LzrZDt dhcp-4.3.2b1/common/upf.c
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.3.2b1/omapip/trace.c.LzrZDt dhcp-4.3.2b1/omapip/trace.c
--- dhcp-4.3.2b1/omapip/trace.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/omapip/trace.c 2015-02-08 15:22:43.384596350 +0100
diff -up dhcp-4.3.3b1/omapip/trace.c.cloexec dhcp-4.3.3b1/omapip/trace.c
--- dhcp-4.3.3b1/omapip/trace.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/omapip/trace.c 2015-08-10 10:46:20.276755503 +0200
@@ -138,10 +138,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
@ -206,9 +206,9 @@ diff -up dhcp-4.3.2b1/omapip/trace.c.LzrZDt dhcp-4.3.2b1/omapip/trace.c
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
diff -up dhcp-4.3.2b1/relay/dhcrelay.c.LzrZDt dhcp-4.3.2b1/relay/dhcrelay.c
--- dhcp-4.3.2b1/relay/dhcrelay.c.LzrZDt 2015-01-29 15:12:13.000000000 +0100
+++ dhcp-4.3.2b1/relay/dhcrelay.c 2015-02-08 15:22:43.385596336 +0100
diff -up dhcp-4.3.3b1/relay/dhcrelay.c.cloexec dhcp-4.3.3b1/relay/dhcrelay.c
--- dhcp-4.3.3b1/relay/dhcrelay.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/relay/dhcrelay.c 2015-08-10 10:46:20.276755503 +0200
@@ -187,11 +187,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
@ -240,9 +240,9 @@ diff -up dhcp-4.3.2b1/relay/dhcrelay.c.LzrZDt dhcp-4.3.2b1/relay/dhcrelay.c
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
diff -up dhcp-4.3.2b1/server/confpars.c.LzrZDt dhcp-4.3.2b1/server/confpars.c
--- dhcp-4.3.2b1/server/confpars.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/server/confpars.c 2015-02-08 15:22:43.386596322 +0100
diff -up dhcp-4.3.3b1/server/confpars.c.cloexec dhcp-4.3.3b1/server/confpars.c
--- dhcp-4.3.3b1/server/confpars.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/confpars.c 2015-08-10 10:46:20.277755500 +0200
@@ -111,7 +111,7 @@ isc_result_t read_conf_file (const char
}
#endif
@ -252,10 +252,10 @@ diff -up dhcp-4.3.2b1/server/confpars.c.LzrZDt dhcp-4.3.2b1/server/confpars.c
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
diff -up dhcp-4.3.2b1/server/db.c.LzrZDt dhcp-4.3.2b1/server/db.c
--- dhcp-4.3.2b1/server/db.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/server/db.c 2015-02-08 15:22:43.387596309 +0100
@@ -1075,7 +1075,7 @@ void db_startup (testp)
diff -up dhcp-4.3.3b1/server/db.c.cloexec dhcp-4.3.3b1/server/db.c
--- dhcp-4.3.3b1/server/db.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/db.c 2015-08-10 10:47:32.644518358 +0200
@@ -1072,7 +1072,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
@ -264,7 +264,7 @@ diff -up dhcp-4.3.2b1/server/db.c.LzrZDt dhcp-4.3.2b1/server/db.c
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
@@ -1123,12 +1123,12 @@ int new_lease_file ()
@@ -1120,7 +1120,7 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
@ -273,16 +273,19 @@ diff -up dhcp-4.3.2b1/server/db.c.LzrZDt dhcp-4.3.2b1/server/db.c
if (db_fd < 0) {
log_error ("Can't create new lease file: %m");
return 0;
@@ -1141,7 +1141,7 @@ int new_lease_file ()
}
#endif /* PARANOIA */
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
diff -up dhcp-4.3.2b1/server/dhcpd.c.LzrZDt dhcp-4.3.2b1/server/dhcpd.c
--- dhcp-4.3.2b1/server/dhcpd.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/server/dhcpd.c 2015-02-08 15:24:12.505358479 +0100
@@ -188,11 +188,11 @@ main(int argc, char **argv) {
diff -up dhcp-4.3.3b1/server/dhcpd.c.cloexec dhcp-4.3.3b1/server/dhcpd.c
--- dhcp-4.3.3b1/server/dhcpd.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/dhcpd.c 2015-08-10 10:46:20.278755497 +0200
@@ -194,11 +194,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
@ -297,7 +300,7 @@ diff -up dhcp-4.3.2b1/server/dhcpd.c.LzrZDt dhcp-4.3.2b1/server/dhcpd.c
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -735,7 +735,7 @@ main(int argc, char **argv) {
@@ -743,7 +743,7 @@ main(int argc, char **argv) {
* appropriate.
*/
if (no_pid_file == ISC_FALSE) {
@ -306,7 +309,7 @@ diff -up dhcp-4.3.2b1/server/dhcpd.c.LzrZDt dhcp-4.3.2b1/server/dhcpd.c
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET(write(i, pbuf, strlen(pbuf)));
@@ -779,9 +779,9 @@ main(int argc, char **argv) {
@@ -787,9 +787,9 @@ main(int argc, char **argv) {
(void) close(2);
/* Reopen them on /dev/null. */
@ -319,10 +322,10 @@ diff -up dhcp-4.3.2b1/server/dhcpd.c.LzrZDt dhcp-4.3.2b1/server/dhcpd.c
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
diff -up dhcp-4.3.2b1/server/ldap.c.LzrZDt dhcp-4.3.2b1/server/ldap.c
--- dhcp-4.3.2b1/server/ldap.c.LzrZDt 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/server/ldap.c 2015-02-08 15:22:43.388596295 +0100
@@ -684,7 +684,7 @@ ldap_start (void)
diff -up dhcp-4.3.3b1/server/ldap.c.cloexec dhcp-4.3.3b1/server/ldap.c
--- dhcp-4.3.3b1/server/ldap.c.cloexec 2015-07-30 21:03:40.000000000 +0200
+++ dhcp-4.3.3b1/server/ldap.c 2015-08-10 10:46:20.279755493 +0200
@@ -1442,7 +1442,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{

View File

@ -1,241 +0,0 @@
diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp-4.3.1b1/server/dhcpv6.c
--- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 19:58:40.000000000 +0200
+++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200
@@ -376,6 +376,48 @@ generate_new_server_duid(void) {
}
/*
+ * Is the D6O_UNICAST option defined in dhcpd.conf ?
+ */
+static isc_boolean_t unicast_option_defined;
+
+/*
+ * Did we already search dhcpd.conf for D6O_UNICAST option ?
+ * We need to store it here to not parse dhcpd.conf repeatedly.
+ */
+static isc_boolean_t unicast_option_parsed = ISC_FALSE;
+
+
+/*
+ * Is the D6O_UNICAST option defined in dhcpd.conf ?
+ */
+isc_boolean_t
+is_unicast_option_defined(void) {
+ struct option_state *opt_state;
+ struct option_cache *oc;
+
+ /*
+ * If we are looking for the unicast option for the first time
+ */
+ if (unicast_option_parsed == ISC_FALSE) {
+ unicast_option_parsed = ISC_TRUE;
+ opt_state = NULL;
+ if (!option_state_allocate(&opt_state, MDL)) {
+ log_fatal("No memory for option state.");
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
+ opt_state, &global_scope, root_group, NULL, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+ unicast_option_defined = (oc != NULL);
+
+ option_state_dereference(&opt_state, MDL);
+ }
+
+ return (unicast_option_defined);
+}
+
+/*
* Get the client identifier from the packet.
*/
isc_result_t
@@ -706,6 +748,12 @@ static const int required_opts[] = {
D6O_PREFERENCE,
0
};
+static const int required_opts_NAA[] = {
+ D6O_CLIENTID,
+ D6O_SERVERID,
+ D6O_STATUS_CODE,
+ 0
+};
static const int required_opts_solicit[] = {
D6O_CLIENTID,
D6O_SERVERID,
@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl
reply.shared->group, NULL);
}
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined())
+ /*
+ * RFC3315 section 18.2.1 (Request):
+ *
+ * When the server receives a Request message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Request message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.3 (Renew):
+ *
+ * When the server receives a Renew message via unicast from a client to
+ * which the server has not sent a unicast option, the server discards
+ * the Renew message and responds with a Reply message containing a
+ * Status Code option with the value UseMulticast, a Server Identifier
+ * option containing the server's DUID, the Client Identifier option
+ * from the client message, and no other options.
+ */
+ {
+ /* Set the UseMulticast status code. */
+ if (!set_status_code(STATUS_UseMulticast,
+ "Unicast not allowed by server.",
+ reply.opt_state)) {
+ log_error("lease_to_client: Unable to set "
+ "UseMulticast status code.");
+ goto exit;
+ }
+
+ /* Rewind the cursor to the start. */
+ reply.cursor = REPLY_OPTIONS_INDEX;
+
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply.cursor += store_options6((char *)reply.buf.data +
+ reply.cursor,
+ sizeof(reply.buf) -
+ reply.cursor,
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
+ }
+
/*
* RFC3315 section 17.2.2 (Solicit):
*
@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl
* Having stored the client's IA's, store any options that
* will fit in the remaining space.
*/
+ else
reply.cursor += store_options6((char *)reply.buf.data + reply.cursor,
sizeof(reply.buf) - reply.cursor,
reply.opt_state, reply.packet,
@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
@@ -5078,7 +5176,6 @@ exit:
* except for the error code of when addresses don't match.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
- snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
- if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
- goto exit;
- }
+ /* reject unicast message, unless we set unicast option */
+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) {
+ /*
+ * RFC3315 section 18.2.6 (Release):
+ *
+ * When the server receives a Release message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Release message and responds with a Reply message
+ * containing a Status Code option with value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ *
+ * Section 18.2.7 (Decline):
+ *
+ * When the server receives a Decline message via unicast from a client
+ * to which the server has not sent a unicast option, the server
+ * discards the Decline message and responds with a Reply message
+ * containing a Status Code option with the value UseMulticast, a Server
+ * Identifier option containing the server's DUID, the Client Identifier
+ * option from the client message, and no other options.
+ */
+ snprintf(status_msg, sizeof(status_msg),
+ "%s received unicast.", packet_type);
+ if (!set_status_code(STATUS_UseMulticast, status_msg, opt_state)) {
+ goto exit;
+ }
- /*
- * Add our options that are not associated with any IA_NA or IA_TA.
- */
- reply_ofs += store_options6(reply_data+reply_ofs,
- sizeof(reply_data)-reply_ofs,
+ /*
+ * Produce an reply that includes only:
+ *
+ * Status code.
+ * Server DUID.
+ * Client DUID.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
opt_state, packet,
- required_opts, NULL);
+ required_opts_NAA, NULL);
+
+ goto return_reply;
+ } else {
+ snprintf(status_msg, sizeof(status_msg), "%s received.", packet_type);
+ if (!set_status_code(STATUS_Success, status_msg, opt_state)) {
+ goto exit;
+ }
+
+ /*
+ * Add our options that are not associated with any IA_NA or IA_TA.
+ */
+ reply_ofs += store_options6(reply_data+reply_ofs,
+ sizeof(reply_data)-reply_ofs,
+ opt_state, packet,
+ required_opts, NULL);
+ }
/*
* Loop through the IA_NA reported by the client, and deal with
@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
+return_reply:
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
@@ -5516,7 +5656,6 @@ exit:
* we still need to be aware of this possibility.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
@@ -5986,7 +6125,6 @@ exit:
* Release means a client is done with the leases.
*/
-/* TODO: reject unicast messages, unless we set unicast option */
static void
dhcpv6_release(struct data_string *reply, struct packet *packet) {
struct data_string client_id;

View File

@ -1,6 +1,6 @@
diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c
--- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
+++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200
diff -up dhcp-4.3.3b1/client/clparse.c.options dhcp-4.3.3b1/client/clparse.c
--- dhcp-4.3.3b1/client/clparse.c.options 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/client/clparse.c 2015-08-10 10:44:46.958074760 +0200
@@ -148,6 +148,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
@ -32,9 +32,9 @@ diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c
default:
lose = 0;
stmt = (struct executable_statement *)0;
diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8
--- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 19:58:38.000000000 +0200
+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200
diff -up dhcp-4.3.3b1/client/dhclient.8.options dhcp-4.3.3b1/client/dhclient.8
--- dhcp-4.3.3b1/client/dhclient.8.options 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/client/dhclient.8 2015-08-10 10:44:46.958074760 +0200
@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
@ -139,9 +139,9 @@ diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8
.TP
.BI \-n
Do not configure any interfaces. This is most likely to be useful in
diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
--- dhcp-4.3.1b1/client/dhclient.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:38:44.520350055 +0200
diff -up dhcp-4.3.3b1/client/dhclient.c.options dhcp-4.3.3b1/client/dhclient.c
--- dhcp-4.3.3b1/client/dhclient.c.options 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/client/dhclient.c 2015-08-10 10:44:46.959074757 +0200
@@ -39,6 +39,12 @@
#include <limits.h>
#include <dns/result.h>
@ -165,7 +165,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
void run_stateless(int exit_mode);
@@ -125,6 +134,15 @@ main(int argc, char **argv) {
@@ -128,6 +137,15 @@ main(int argc, char **argv) {
int local_family_set = 0;
#endif /* DHCPv6 */
char *s;
@ -181,7 +181,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -325,6 +343,88 @@ main(int argc, char **argv) {
@@ -328,6 +346,88 @@ main(int argc, char **argv) {
strlen(PACKAGE_VERSION)));
IGNORE_RET(write(STDERR_FILENO, "\n", 1));
exit(0);
@ -270,7 +270,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
@@ -507,6 +607,156 @@ main(int argc, char **argv) {
@@ -510,6 +610,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
@ -427,7 +427,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
/* Parse the lease database. */
read_client_leases();
@@ -756,6 +1006,10 @@ static void usage()
@@ -759,6 +1009,10 @@ static void usage()
" [-s server-addr] [-cf config-file]\n"
" [-df duid-file] [-lf lease-file]\n"
" [-pf pid-file] [--no-pid] [-e VAR=val]\n"
@ -438,7 +438,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
" [-sf script-file] [interface]");
}
@@ -2531,7 +2785,8 @@ void make_discover (client, lease)
@@ -2532,7 +2786,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
@ -448,7 +448,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -2615,7 +2870,9 @@ void make_request (client, lease)
@@ -2616,7 +2871,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
@ -459,7 +459,7 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -2677,7 +2934,8 @@ void make_decline (client, lease)
@@ -2678,7 +2935,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
@ -469,10 +469,10 @@ diff -up dhcp-4.3.1b1/client/dhclient.c.fLPqYB dhcp-4.3.1b1/client/dhclient.c
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
diff -up dhcp-4.3.1b1/common/conflex.c.fLPqYB dhcp-4.3.1b1/common/conflex.c
--- dhcp-4.3.1b1/common/conflex.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
+++ dhcp-4.3.1b1/common/conflex.c 2014-07-10 17:38:26.940599374 +0200
@@ -811,6 +811,8 @@ intern(char *atom, enum dhcp_token dfv)
diff -up dhcp-4.3.3b1/common/conflex.c.options dhcp-4.3.3b1/common/conflex.c
--- dhcp-4.3.3b1/common/conflex.c.options 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/conflex.c 2015-08-10 10:44:46.959074757 +0200
@@ -827,6 +827,8 @@ intern(char *atom, enum dhcp_token dfv)
return BALANCE;
if (!strcasecmp (atom + 1, "ound"))
return BOUND;
@ -481,10 +481,10 @@ diff -up dhcp-4.3.1b1/common/conflex.c.fLPqYB dhcp-4.3.1b1/common/conflex.c
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
diff -up dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB dhcp-4.3.1b1/includes/dhcpd.h
--- dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:26.941599360 +0200
@@ -1152,6 +1152,9 @@ struct client_config {
diff -up dhcp-4.3.3b1/includes/dhcpd.h.options dhcp-4.3.3b1/includes/dhcpd.h
--- dhcp-4.3.3b1/includes/dhcpd.h.options 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/includes/dhcpd.h 2015-08-10 10:44:46.960074753 +0200
@@ -1228,6 +1228,9 @@ struct client_config {
int do_forward_update; /* If nonzero, and if we have the
information we need, update the
A record for the address we get. */
@ -494,16 +494,16 @@ diff -up dhcp-4.3.1b1/includes/dhcpd.h.fLPqYB dhcp-4.3.1b1/includes/dhcpd.h
};
/* Per-interface state used in the dhcp client... */
diff -up dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB dhcp-4.3.1b1/includes/dhctoken.h
--- dhcp-4.3.1b1/includes/dhctoken.h.fLPqYB 2014-07-02 19:58:39.000000000 +0200
+++ dhcp-4.3.1b1/includes/dhctoken.h 2014-07-10 17:38:26.942599346 +0200
@@ -367,7 +367,8 @@ enum dhcp_token {
TOKEN_INFINIBAND = 668,
diff -up dhcp-4.3.3b1/includes/dhctoken.h.options dhcp-4.3.3b1/includes/dhctoken.h
--- dhcp-4.3.3b1/includes/dhctoken.h.options 2015-08-10 10:44:46.960074753 +0200
+++ dhcp-4.3.3b1/includes/dhctoken.h 2015-08-10 10:45:58.055829616 +0200
@@ -368,7 +368,8 @@ enum dhcp_token {
POOL6 = 669,
V6RELAY = 670,
- V6RELOPT = 671
+ V6RELOPT = 671,
+ BOOTP_BROADCAST_ALWAYS = 672
V6RELOPT = 671,
- PARSE_VENDOR_OPT = 672
+ PARSE_VENDOR_OPT = 672,
+ BOOTP_BROADCAST_ALWAYS = 673
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \

View File

@ -1,12 +0,0 @@
diff -up dhcp-4.2.4/server/ldap.c.failOverPeer dhcp-4.2.4/server/ldap.c
--- dhcp-4.2.4/server/ldap.c.failOverPeer 2012-07-23 12:53:26.815262322 +0200
+++ dhcp-4.2.4/server/ldap.c 2012-07-23 12:54:31.002119299 +0200
@@ -893,7 +893,7 @@ ldap_start (void)
static void
parse_external_dns (LDAPMessage * ent)
{
- char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",
+ char *search[] = {"dhcpFailOverPeerDN", "dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",
"dhcpGroupDN", "dhcpHostDN", "dhcpClassesDN",
"dhcpPoolDN", NULL};
LDAPMessage * newres, * newent;

View File

@ -1,620 +0,0 @@
diff -up dhcp-4.3.2b1/configure.ac.ldapgssapi dhcp-4.3.2b1/configure.ac
--- dhcp-4.3.2b1/configure.ac.ldapgssapi 2015-02-08 18:01:27.962621131 +0100
+++ dhcp-4.3.2b1/configure.ac 2015-02-08 18:01:27.966621074 +0100
@@ -671,19 +671,40 @@ AC_ARG_WITH(ldapcrypto,
[ldapcrypto=$withval],
[ldapcrypto=no])
+# Gssapi to allow LDAP to authenticate with a keytab
+AC_ARG_WITH(krb5,
+ AC_HELP_STRING([--with-krb5],
+ [enable krb5/gssapi authentication for OpenLDAP in dhcpd (default is no)]),
+ [krb5=$withval],
+ [krb5=no])
+
# OpenLDAP support is disabled by default, if enabled then SSL support is an
# extra optional that is also disabled by default. Enabling LDAP SSL support
-# implies enabling LDAP support.
-if test x$ldap = xyes || test x$ldapcrypto = xyes ; then
+# implies enabling LDAP support. Similarly, KRB5 support implies LDAP support,
+# but doesn't include SSL. The two are not dependant.
+if test x$ldap = xyes || test x$ldapcrypto = xyes || test x$krb5 = xyes; then
AC_SEARCH_LIBS(ldap_initialize, [ldap], ,
AC_MSG_FAILURE([*** Cannot find ldap_initialize with -lldap - do you need to install an OpenLDAP2 Devel package?]))
AC_SEARCH_LIBS(ber_pvt_opt_on, [lber], ,
AC_MSG_FAILURE([*** Cannot find ber_pvt_opt_on with -llber - do you need to install an OpenLDAP2 Devel package?]))
-
+ if test x$krb5 = xyes ; then
+ AC_SEARCH_LIBS(krb5_init_context, [krb5], ,
+ AC_MSG_FAILURE([*** Cannot find krb5_init_context with -lkrb5 - do you need to install a Kerberos Devel package?]))
+ fi
+
+ # Can this be done better?
if test x$ldapcrypto = xyes ; then
- AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION -DLDAP_USE_SSL"])
+ if test x$krb5 = xyes; then
+ AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION -DLDAP_USE_SSL -DLDAP_USE_GSSAPI"])
+ else
+ AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION -DLDAP_USE_SSL"])
+ fi
else
- AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION"])
+ if test x$krb5 = xyes; then
+ AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION -DLDAP_USE_GSSAPI"])
+ else
+ AC_SUBST(LDAP_CFLAGS, ["-DLDAP_CONFIGURATION"])
+ fi
fi
fi
diff -up dhcp-4.3.2b1/includes/dhcpd.h.ldapgssapi dhcp-4.3.2b1/includes/dhcpd.h
--- dhcp-4.3.2b1/includes/dhcpd.h.ldapgssapi 2015-02-08 18:01:27.924621669 +0100
+++ dhcp-4.3.2b1/includes/dhcpd.h 2015-02-08 18:03:03.145273551 +0100
@@ -103,7 +103,14 @@ typedef time_t TIME;
#if defined(LDAP_CONFIGURATION)
# include <ldap.h>
# include <sys/utsname.h> /* for uname() */
-#endif
+# if defined(LDAP_USE_GSSAPI)
+# include <krb5.h>
+# include <string.h>
+# include <stdio.h>
+# include <time.h>
+# include <unistd.h>
+# endif /* GSSAPI */
+#endif /* LDAP CONFIGURATION */
#if !defined (BYTE_NAME_HASH_SIZE)
# define BYTE_NAME_HASH_SIZE 401 /* Default would be ridiculous. */
@@ -743,6 +750,13 @@ struct lease_state {
#define SV_SERVER_ID_CHECK 86
#define SV_PREFIX_LEN_MODE 87
+#if defined(LDAP_CONFIGURATION)
+#if defined (LDAP_USE_GSSAPI)
+# define SV_LDAP_GSSAPI_KEYTAB 88
+# define SV_LDAP_GSSAPI_PRINCIPAL 89
+#endif
+#endif
+
#if !defined (DEFAULT_PING_TIMEOUT)
# define DEFAULT_PING_TIMEOUT 1
#endif
diff -up dhcp-4.3.2b1/server/krb_helper.c.ldapgssapi dhcp-4.3.2b1/server/krb_helper.c
--- dhcp-4.3.2b1/server/krb_helper.c.ldapgssapi 2015-02-08 18:01:27.967621060 +0100
+++ dhcp-4.3.2b1/server/krb_helper.c 2015-02-08 18:01:27.967621060 +0100
@@ -0,0 +1,220 @@
+/* krb_helper.c
+
+ Helper routings for allowing LDAP to read configuration with GSSAPI/krb auth */
+
+/*
+ * Copyright (c) 2014 William B.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of The Internet Software Consortium nor the names
+ * of its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
+ * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * This helper was written by William Brown <william@adelaide.edu.au>,
+ * inspired by krb5_helper.c from bind-dyndb-ldap by Simo Sorce (Redhat)
+ */
+
+#include "dhcpd.h"
+#include "krb_helper.h"
+
+#if defined(LDAP_USE_GSSAPI)
+
+//#include "ktinit.h"
+//#include <string.h>
+//#include <krb5.h>
+//#include <stdio.h>
+//#include <unistd.h>
+//#include <time.h>
+
+#define KRB_DEFAULT_KEYTAB "FILE:/etc/dhcp/dhcp.keytab"
+#define KRB_MIN_TIME 300
+
+#define CHECK_KRB5(ctx, err, msg, ...) \
+ do { \
+ if (err) { \
+ const char * errmsg = krb5_get_error_message(ctx, err); \
+ log_error("Err: %s -> %s\n", msg, errmsg); \
+ result = ISC_R_FAILURE; \
+ goto cleanup; \
+ } \
+ } while (0)
+
+#define CHECK(ret_code, msg) \
+ if (ret_code != 0) { \
+ log_error("Error, %i %s\n", ret_code, msg); \
+ goto cleanup; \
+ }
+
+static isc_result_t
+check_credentials(krb5_context context, krb5_ccache ccache, krb5_principal service)
+{
+ char *realm = NULL;
+ krb5_creds creds;
+ krb5_creds mcreds;
+ krb5_error_code krberr;
+ krb5_timestamp now;
+ isc_result_t result = ISC_R_FAILURE;
+
+ memset(&mcreds, 0, sizeof(mcreds));
+ memset(&creds, 0, sizeof(creds));
+
+ krberr = krb5_get_default_realm(context, &realm);
+ CHECK_KRB5(context, krberr, "Failed to retrieve default realm");
+
+ krberr = krb5_build_principal(context, &mcreds.server,
+ strlen(realm), realm,
+ "krbtgt", realm, NULL);
+ CHECK_KRB5(context, krberr, "Failed to build 'krbtgt/REALM' principal");
+
+ mcreds.client = service;
+
+ krberr = krb5_cc_retrieve_cred(context, ccache, 0, &mcreds, &creds);
+
+ if (krberr) {
+ const char * errmsg = krb5_get_error_message(context, krberr);
+ log_error("Credentials are not present in cache (%s)\n", errmsg);
+ krb5_free_error_message(context, errmsg);
+ result = ISC_R_FAILURE;
+ goto cleanup;
+ }
+ CHECK_KRB5(context, krberr, "Credentials are not present in cache ");
+
+ krberr = krb5_timeofday(context, &now);
+ CHECK_KRB5(context, krberr, "Failed to get time of day");
+
+
+ if (now > (creds.times.endtime + KRB_MIN_TIME)) {
+ log_error("Credentials cache expired");
+ result = ISC_R_FAILURE;
+ goto cleanup;
+ } else {
+ char buf[255];
+ char fill = ' ';
+ krb5_timestamp_to_sfstring(creds.times.endtime, buf, 16, &fill);
+ log_info("Credentials valid til %s\n", buf);
+ }
+
+ result = ISC_R_SUCCESS;
+
+cleanup:
+ krb5_free_cred_contents(context, &creds);
+ if (mcreds.server) krb5_free_principal(context, mcreds.server);
+ if (realm) krb5_free_default_realm(context, realm);
+ return result;
+}
+
+isc_result_t
+krb5_get_tgt(const char *principal, const char *keyfile)
+{
+ isc_result_t result = ISC_R_FAILURE;
+ char *ccname = NULL;
+ krb5_context context = NULL;
+ krb5_error_code krberr;
+ krb5_ccache ccache = NULL;
+ krb5_principal kprincpw = NULL;
+ krb5_creds my_creds;
+ krb5_creds * my_creds_ptr = NULL;
+ krb5_get_init_creds_opt options;
+ krb5_keytab keytab = NULL;
+ int ret;
+
+ if (keyfile == NULL || keyfile[0] == '\0') {
+ keyfile = KRB_DEFAULT_KEYTAB;
+ log_info("Using default keytab %s\n", keyfile);
+ } else {
+ if (strncmp(keyfile, "FILE:", 5) != 0) {
+ log_error("Unknown keytab path format: Does it start with FILE:?\n");
+ return ISC_R_FAILURE;
+ }
+ }
+
+ krberr = krb5_init_context(&context);
+ CHECK_KRB5(NULL, krberr, "Kerberos context initialization failed");
+
+ result = ISC_R_SUCCESS;
+
+ ccname = "MEMORY:dhcp_ld_krb5_cc";
+ log_info("Using ccache %s\n" , ccname);
+
+ ret = setenv("KRB5CCNAME", ccname, 1);
+ if (ret == -1) {
+ log_error("Failed to setup environment\n");
+ result = ISC_R_FAILURE;
+ goto cleanup;
+ }
+
+ krberr = krb5_cc_resolve(context, ccname, &ccache);
+ CHECK_KRB5(context, krberr, "Couldnt resolve ccache '%s'", ccname);
+
+ krberr = krb5_parse_name(context, principal, &kprincpw);
+ CHECK_KRB5(context, krberr, "Failed to parse princ '%s'", princpal);
+
+ result = check_credentials(context, ccache, kprincpw);
+ if (result == ISC_R_SUCCESS) {
+ log_info("Found valid kerberos credentials\n");
+ goto cleanup;
+ } else {
+ log_error("No valid krb5 credentials\n");
+ }
+
+ krberr = krb5_kt_resolve(context, keyfile, &keytab);
+ CHECK_KRB5(context, krberr,
+ "Failed to resolve kt files '%s'\n", keyfile);
+
+ memset(&my_creds, 0, sizeof(my_creds));
+ memset(&options, 0, sizeof(options));
+
+ krb5_get_init_creds_opt_set_tkt_life(&options, KRB_MIN_TIME * 2);
+ krb5_get_init_creds_opt_set_address_list(&options, NULL);
+ krb5_get_init_creds_opt_set_forwardable(&options, 0);
+ krb5_get_init_creds_opt_set_proxiable(&options, 0);
+
+ krberr = krb5_get_init_creds_keytab(context, &my_creds, kprincpw,
+ keytab, 0, NULL, &options);
+ CHECK_KRB5(context, krberr, "Failed to get initial credentials TGT\n");
+
+ my_creds_ptr = &my_creds;
+
+ krberr = krb5_cc_initialize(context, ccache, kprincpw);
+ CHECK_KRB5(context, krberr, "Failed to init ccache\n");
+
+ krberr = krb5_cc_store_cred(context, ccache, &my_creds);
+ CHECK_KRB5(context, krberr, "Failed to store credentials\n");
+
+ result = ISC_R_SUCCESS;
+ log_info("Successfully init krb tgt %s", principal);
+
+cleanup:
+ if (ccache) krb5_cc_close(context, ccache);
+ if (keytab) krb5_kt_close(context, keytab);
+ if (kprincpw) krb5_free_principal(context, kprincpw);
+ if (my_creds_ptr) krb5_free_cred_contents(context, &my_creds);
+ if (context) krb5_free_context(context);
+ return result;
+}
+
+#endif
+
diff -up dhcp-4.3.2b1/server/krb_helper.h.ldapgssapi dhcp-4.3.2b1/server/krb_helper.h
--- dhcp-4.3.2b1/server/krb_helper.h.ldapgssapi 2015-02-08 18:01:27.968621046 +0100
+++ dhcp-4.3.2b1/server/krb_helper.h 2015-02-08 18:01:27.967621060 +0100
@@ -0,0 +1,40 @@
+/* krb_helper.h
+
+ Helper routings for allowing LDAP to read configuration with GSSAPI/krb auth */
+
+/*
+ * Copyright (c) 2014 William B.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of The Internet Software Consortium nor the names
+ * of its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND
+ * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * This helper was written by William Brown <william@adelaide.edu.au>,
+ * inspired by krb5_helper.c from bind-dyndb-ldap by Simo Sorce (Redhat)
+ */
+
+isc_result_t krb5_get_tgt(const char *, const char *);
diff -up dhcp-4.3.2b1/server/ldap.c.ldapgssapi dhcp-4.3.2b1/server/ldap.c
--- dhcp-4.3.2b1/server/ldap.c.ldapgssapi 2015-02-08 18:01:27.955621230 +0100
+++ dhcp-4.3.2b1/server/ldap.c 2015-02-08 18:01:27.968621046 +0100
@@ -39,10 +39,16 @@
#include "dhcpd.h"
#include <signal.h>
-#include <errno.h>
+//#include <errno.h>
+#define LDAP_DEBUG 1
#if defined(LDAP_CONFIGURATION)
+#if defined(LDAP_USE_GSSAPI)
+#include <sasl/sasl.h>
+#include "krb_helper.h"
+#endif
+
#if defined(LDAP_CASA_AUTH)
#include "ldap_casa.h"
#endif
@@ -69,6 +75,20 @@ static char *ldap_tls_ca_file = NULL,
*ldap_tls_ciphers = NULL,
*ldap_tls_randfile = NULL;
#endif
+#if defined (LDAP_USE_GSSAPI)
+static char *ldap_gssapi_keytab = NULL,
+ *ldap_gssapi_principal = NULL;
+
+static struct ldap_sasl_instance {
+ char *sasl_mech;
+ char *sasl_realm;
+ char *sasl_authz_id;
+ char *sasl_authc_id;
+ char *sasl_password;
+};
+
+static struct ldap_sasl_instance *ldap_sasl_inst = NULL;
+#endif
static struct ldap_config_stack *ldap_stack = NULL;
typedef struct ldap_dn_node {
@@ -545,6 +565,62 @@ _do_lookup_dhcp_enum_option (struct opti
return (ret);
}
+#if defined(LDAP_USE_GSSAPI)
+static int
+_ldap_sasl_interact(LDAP *ld, unsigned flags, void *defaults, void *sin)
+{
+ sasl_interact_t *in;
+ struct ldap_sasl_instance *ldap_inst = defaults;
+ int ret = LDAP_OTHER;
+ size_t size;
+
+ if (ld == NULL || sin == NULL)
+ return LDAP_PARAM_ERROR;
+
+ log_info("doing interactive bind");
+ for (in = sin; in != NULL && in->id != SASL_CB_LIST_END; in++) {
+ switch (in->id) {
+ case SASL_CB_USER:
+ log_info("got request for SASL_CB_USER %s", ldap_inst->sasl_authz_id);
+ size = strlen(ldap_inst->sasl_authz_id);
+ in->result = ldap_inst->sasl_authz_id;
+ in->len = size;
+ ret = LDAP_SUCCESS;
+ break;
+ case SASL_CB_GETREALM:
+ log_info("got request for SASL_CB_GETREALM %s", ldap_inst->sasl_realm);
+ size = strlen(ldap_inst->sasl_realm);
+ in->result = ldap_inst->sasl_realm;
+ in->len = size;
+ ret = LDAP_SUCCESS;
+ break;
+ case SASL_CB_AUTHNAME:
+ log_info("got request for SASL_CB_AUTHNAME %s", ldap_inst->sasl_authc_id);
+ size = strlen(ldap_inst->sasl_authc_id);
+ in->result = ldap_inst->sasl_authc_id;
+ in->len = size;
+ ret = LDAP_SUCCESS;
+ break;
+ case SASL_CB_PASS:
+ log_info("got request for SASL_CB_PASS %s", ldap_inst->sasl_password);
+ size = strlen(ldap_inst->sasl_password);
+ in->result = ldap_inst->sasl_password;
+ in->len = size;
+ ret = LDAP_SUCCESS;
+ break;
+ default:
+ goto cleanup;
+ }
+ }
+ return ret;
+
+cleanup:
+ in->result = NULL;
+ in->len = 0;
+ return LDAP_OTHER;
+}
+#endif
+
int
ldap_rebind_cb (LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *parms)
{
@@ -595,20 +671,48 @@ ldap_rebind_cb (LDAP *ld, LDAP_CONST cha
}
#endif
-
- if (ldap_username != NULL || *ldap_username != '\0')
+ if (ldap_username != NULL && *ldap_username != '\0')
{
- who = ldap_username;
+#if defined(LDAP_USE_GSSAPI)
+ if (ldap_gssapi_principal != NULL) {
+ log_error("Cannot use gssapi and username / password simultaneously");
+ ldap_stop();
+ return;
+ }
+#endif
creds.bv_val = strdup(ldap_password);
creds.bv_len = strlen(ldap_password);
- }
- if ((ret = ldap_sasl_bind_s (ld, who, LDAP_SASL_SIMPLE, &creds,
- NULL, NULL, NULL)) != LDAP_SUCCESS)
- {
- log_error ("Error: Cannot login into ldap server %s:%d: %s",
- ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret));
+ if ((ret = ldap_sasl_bind_s (ld, ldap_username, LDAP_SASL_SIMPLE,
+ &creds, NULL, NULL, NULL)) != LDAP_SUCCESS)
+ {
+ log_error ("Error: Cannot login into ldap server %s:%d: %s",
+ ldap_server, ldap_port, ldap_err2string (ret));
+ ldap_stop();
+ return ret;
+ }
+#if defined(LDAP_USE_GSSAPI)
+ } else {
+ if (ldap_gssapi_principal != NULL) {
+ krb5_get_tgt(ldap_gssapi_principal, ldap_gssapi_keytab);
+ if ((ret = ldap_sasl_interactive_bind_s(ld, NULL, ldap_sasl_inst->sasl_mech,
+ NULL, NULL, LDAP_SASL_AUTOMATIC,
+ _ldap_sasl_interact, ldap_sasl_inst)
+ ) != LDAP_SUCCESS)
+ {
+ log_error ("Error: Cannot SASL bind to ldap server %s:%d: %s",
+ ldap_server, ldap_port, ldap_err2string (ret));
+ char *msg=NULL;
+ ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&msg);
+ log_error ("\tAdditional info: %s", msg);
+ ldap_memfree(msg);
+ ldap_stop();
+ return ret;
+ }
+ }
+#endif
}
+
return ret;
}
@@ -618,6 +722,12 @@ ldap_start (void)
struct option_state *options;
int ret, version;
char *uri = NULL;
+#if defined(LDAP_USE_GSSAPI)
+ char *gssapi_realm = NULL;
+ char *gssapi_user = NULL;
+ char *running = NULL;
+ const char *gssapi_delim = "@";
+#endif
struct berval creds;
if (ld != NULL)
@@ -656,6 +766,26 @@ ldap_start (void)
ldap_tls_randfile = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_RANDFILE);
}
#endif
+#if defined (LDAP_USE_GSSAPI)
+ ldap_gssapi_keytab = _do_lookup_dhcp_string_option (options, SV_LDAP_GSSAPI_KEYTAB);
+ ldap_gssapi_principal = _do_lookup_dhcp_string_option (options, SV_LDAP_GSSAPI_PRINCIPAL);
+
+ running = strdup(ldap_gssapi_principal);
+ gssapi_user = strtok(running, gssapi_delim);
+ gssapi_realm = strtok(NULL, gssapi_delim);
+ ldap_sasl_inst = malloc(sizeof(struct ldap_sasl_instance));
+ if (ldap_sasl_inst == NULL) {
+ log_error("Could not allocate memory for sasl instance! Can not run!");
+ ldap_stop();
+ return;
+ }
+ ldap_sasl_inst->sasl_mech = ber_strdup("GSSAPI");
+ ldap_sasl_inst->sasl_realm = ber_strdup(gssapi_realm);
+ ldap_sasl_inst->sasl_authz_id = ber_strdup(gssapi_user);
+ ldap_sasl_inst->sasl_authc_id = NULL;
+ ldap_sasl_inst->sasl_password = NULL; //"" before
+ free(running);
+#endif
#if defined (LDAP_CASA_AUTH)
if (!load_uname_pwd_from_miCASA(&ldap_username,&ldap_password))
@@ -870,6 +1000,13 @@ ldap_start (void)
if (ldap_username != NULL && *ldap_username != '\0')
{
+#if defined(LDAP_USE_GSSAPI)
+ if (ldap_gssapi_principal != NULL) {
+ log_error("Cannot use gssapi and username / password simultaneously");
+ ldap_stop();
+ return;
+ }
+#endif
creds.bv_val = strdup(ldap_password);
creds.bv_len = strlen(ldap_password);
@@ -881,6 +1018,26 @@ ldap_start (void)
ldap_stop();
return;
}
+#if defined(LDAP_USE_GSSAPI)
+ } else {
+ if (ldap_gssapi_principal != NULL) {
+ krb5_get_tgt(ldap_gssapi_principal, ldap_gssapi_keytab);
+ if ((ret = ldap_sasl_interactive_bind_s(ld, NULL, ldap_sasl_inst->sasl_mech,
+ NULL, NULL, LDAP_SASL_AUTOMATIC,
+ _ldap_sasl_interact, ldap_sasl_inst)
+ ) != LDAP_SUCCESS)
+ {
+ log_error ("Error: Cannot SASL bind to ldap server %s:%d: %s",
+ ldap_server, ldap_port, ldap_err2string (ret));
+ char *msg=NULL;
+ ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&msg);
+ log_error ("\tAdditional info: %s", msg);
+ ldap_memfree(msg);
+ ldap_stop();
+ return;
+ }
+ }
+#endif
}
#if defined (DEBUG_LDAP)
diff -up dhcp-4.3.2b1/server/Makefile.am.ldapgssapi dhcp-4.3.2b1/server/Makefile.am
--- dhcp-4.3.2b1/server/Makefile.am.ldapgssapi 2015-02-08 18:01:27.943621400 +0100
+++ dhcp-4.3.2b1/server/Makefile.am 2015-02-08 18:01:27.968621046 +0100
@@ -10,7 +10,7 @@ dist_sysconf_DATA = dhcpd.conf.example
sbin_PROGRAMS = dhcpd
dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c \
- dhcpv6.c mdb6.c ldap.c ldap_casa.c probes.d trace.h
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c krb_helper.c probes.d trace.h
dhcpd_CFLAGS = $(LDAP_CFLAGS)
dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
diff -up dhcp-4.3.2b1/server/stables.c.ldapgssapi dhcp-4.3.2b1/server/stables.c
--- dhcp-4.3.2b1/server/stables.c.ldapgssapi 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/server/stables.c 2015-02-08 18:01:27.969621032 +0100
@@ -259,6 +259,10 @@ static struct option server_options[] =
{ "ldap-tls-ciphers", "t", &server_universe, 76, 1 },
{ "ldap-tls-randfile", "t", &server_universe, 77, 1 },
#endif /* LDAP_USE_SSL */
+#if defined(LDAP_USE_GSSAPI)
+ { "ldap-gssapi-keytab", "t", &server_universe, 78, 1},
+ { "ldap-gssapi-principal", "t", &server_universe, 79, 1},
+#endif /* LDAP_USE_GSSAPI */
#endif /* LDAP_CONFIGURATION */
{ "dhcp-cache-threshold", "B", &server_universe, 78, 1 },
{ "dont-use-fsync", "f", &server_universe, 79, 1 },

View File

@ -1,16 +1,16 @@
diff -up dhcp-4.3.2b1/client/dhclient.c.lpf-ib dhcp-4.3.2b1/client/dhclient.c
--- dhcp-4.3.2b1/client/dhclient.c.lpf-ib 2015-02-26 09:49:40.553785504 +0100
+++ dhcp-4.3.2b1/client/dhclient.c 2015-02-26 09:49:40.561785398 +0100
@@ -114,6 +114,8 @@ static int check_domain_name_list(const
static int check_option_values(struct universe *universe, unsigned int opt,
const char *ptr, size_t len);
diff -up dhcp-4.3.3b1/client/dhclient.c.lpf-ib dhcp-4.3.3b1/client/dhclient.c
--- dhcp-4.3.3b1/client/dhclient.c.lpf-ib 2015-08-10 10:58:17.659350415 +0200
+++ dhcp-4.3.3b1/client/dhclient.c 2015-08-10 11:44:15.428321587 +0200
@@ -117,6 +117,8 @@ static int check_option_values(struct un
static void dhclient_ddns_cb_free(dhcp_ddns_cb_t *ddns_cb,
char* file, int line);
+static void setup_ib_interface(struct interface_info *ip);
+
#ifndef UNIT_TEST
int
main(int argc, char **argv) {
@@ -937,6 +939,13 @@ main(int argc, char **argv) {
@@ -940,6 +942,13 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
@ -24,7 +24,7 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.lpf-ib dhcp-4.3.2b1/client/dhclient.c
/*
* Establish a default DUID. We always do so for v6 and
@@ -1230,6 +1239,29 @@ int find_subnet (struct subnet **sp,
@@ -1231,6 +1240,29 @@ int find_subnet (struct subnet **sp,
return 0;
}
@ -54,9 +54,9 @@ diff -up dhcp-4.3.2b1/client/dhclient.c.lpf-ib dhcp-4.3.2b1/client/dhclient.c
/* Individual States:
*
* Each routine is called from the dhclient_state_machine() in one of
diff -up dhcp-4.3.2b1/common/bpf.c.lpf-ib dhcp-4.3.2b1/common/bpf.c
--- dhcp-4.3.2b1/common/bpf.c.lpf-ib 2015-02-26 09:49:40.546785596 +0100
+++ dhcp-4.3.2b1/common/bpf.c 2015-02-26 09:49:40.561785398 +0100
diff -up dhcp-4.3.3b1/common/bpf.c.lpf-ib dhcp-4.3.3b1/common/bpf.c
--- dhcp-4.3.3b1/common/bpf.c.lpf-ib 2015-08-10 10:58:17.659350415 +0200
+++ dhcp-4.3.3b1/common/bpf.c 2015-08-10 10:58:17.668350384 +0200
@@ -199,11 +199,44 @@ struct bpf_insn dhcp_bpf_filter [] = {
BPF_STMT(BPF_RET+BPF_K, 0),
};
@ -102,9 +102,9 @@ diff -up dhcp-4.3.2b1/common/bpf.c.lpf-ib dhcp-4.3.2b1/common/bpf.c
#if defined (HAVE_TR_SUPPORT)
struct bpf_insn dhcp_bpf_tr_filter [] = {
/* accept all token ring packets due to variable length header */
diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
--- dhcp-4.3.2b1/common/lpf.c.lpf-ib 2015-02-26 09:49:40.546785596 +0100
+++ dhcp-4.3.2b1/common/lpf.c 2015-02-26 09:49:40.562785385 +0100
diff -up dhcp-4.3.3b1/common/lpf.c.lpf-ib dhcp-4.3.3b1/common/lpf.c
--- dhcp-4.3.3b1/common/lpf.c.lpf-ib 2015-08-10 10:58:17.660350412 +0200
+++ dhcp-4.3.3b1/common/lpf.c 2015-08-10 11:45:17.962084958 +0200
@@ -47,6 +47,17 @@
#include <sys/ioctl.h>
#include <sys/socket.h>
@ -123,7 +123,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
#endif
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
@@ -80,10 +94,20 @@ int if_register_lpf (info)
@@ -80,10 +91,20 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
@ -146,7 +146,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -106,6 +130,7 @@ int if_register_lpf (info)
@@ -106,6 +127,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
@ -154,7 +154,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
@@ -122,8 +147,6 @@ int if_register_lpf (info)
@@ -122,8 +144,6 @@ int if_register_lpf (info)
}
@ -163,7 +163,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
return sock;
}
#endif /* USE_LPF_SEND || USE_LPF_RECEIVE */
@@ -178,6 +201,8 @@ void if_deregister_send (info)
@@ -178,6 +198,8 @@ void if_deregister_send (info)
in bpf includes... */
extern struct sock_filter dhcp_bpf_filter [];
extern int dhcp_bpf_filter_len;
@ -172,7 +172,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
#if defined (HAVE_TR_SUPPORT)
extern struct sock_filter dhcp_bpf_tr_filter [];
@@ -196,11 +221,12 @@ void if_register_receive (info)
@@ -196,11 +218,12 @@ void if_register_receive (info)
#ifdef PACKET_AUXDATA
{
int val = 1;
@ -190,7 +190,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
}
}
}
@@ -250,15 +276,28 @@ static void lpf_gen_filter_setup (info)
@@ -250,15 +273,28 @@ static void lpf_gen_filter_setup (info)
memset(&p, 0, sizeof(p));
@ -228,7 +228,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
if (setsockopt (info -> rfdesc, SOL_SOCKET, SO_ATTACH_FILTER, &p,
sizeof p) < 0) {
@@ -315,6 +354,54 @@ static void lpf_tr_filter_setup (info)
@@ -315,6 +351,54 @@ static void lpf_tr_filter_setup (info)
#endif /* USE_LPF_RECEIVE */
#ifdef USE_LPF_SEND
@ -283,7 +283,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
ssize_t send_packet (interface, packet, raw, len, from, to, hto)
struct interface_info *interface;
struct packet *packet;
@@ -335,6 +422,11 @@ ssize_t send_packet (interface, packet,
@@ -335,6 +419,11 @@ ssize_t send_packet (interface, packet,
return send_fallback (interface, packet, raw,
len, from, to, hto);
@ -295,7 +295,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
@@ -355,6 +447,42 @@ ssize_t send_packet (interface, packet,
@@ -355,6 +444,42 @@ ssize_t send_packet (interface, packet,
#endif /* USE_LPF_SEND */
#ifdef USE_LPF_RECEIVE
@ -338,9 +338,9 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
ssize_t receive_packet (interface, buf, len, from, hfrom)
struct interface_info *interface;
unsigned char *buf;
@@ -380,6 +508,10 @@ ssize_t receive_packet (interface, buf,
.msg_controllen = sizeof(cmsgbuf),
@@ -393,6 +518,10 @@ ssize_t receive_packet (interface, buf,
};
#endif /* PACKET_AUXDATA */
+ if (interface->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ return receive_packet_ib(interface, buf, len, from, hfrom);
@ -349,7 +349,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
length = recvmsg (interface->rfdesc, &msg, 0);
if (length <= 0)
return length;
@@ -489,11 +621,33 @@ void maybe_setup_fallback ()
@@ -506,11 +635,33 @@ void maybe_setup_fallback ()
#endif
#if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
@ -386,7 +386,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
if (strlen(name) >= sizeof(tmp.ifr_name)) {
log_fatal("Device name too long: \"%s\"", name);
@@ -507,16 +661,61 @@ get_hw_addr(const char *name, struct har
@@ -524,16 +675,61 @@ get_hw_addr(const char *name, struct har
memset(&tmp, 0, sizeof(tmp));
strcpy(tmp.ifr_name, name);
if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
@ -451,7 +451,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
break;
case ARPHRD_IEEE802:
#ifdef ARPHRD_IEEE802_TR
@@ -524,18 +723,50 @@ get_hw_addr(const char *name, struct har
@@ -541,18 +737,50 @@ get_hw_addr(const char *name, struct har
#endif /* ARPHRD_IEEE802_TR */
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
@ -506,7 +506,7 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
@@ -548,10 +779,13 @@ get_hw_addr(const char *name, struct har
@@ -565,10 +793,13 @@ get_hw_addr(const char *name, struct har
break;
#endif
default:
@ -523,9 +523,9 @@ diff -up dhcp-4.3.2b1/common/lpf.c.lpf-ib dhcp-4.3.2b1/common/lpf.c
+ freeifaddrs(ifaddrs);
}
#endif
diff -up dhcp-4.3.2b1/common/socket.c.lpf-ib dhcp-4.3.2b1/common/socket.c
--- dhcp-4.3.2b1/common/socket.c.lpf-ib 2015-01-29 14:52:57.000000000 +0100
+++ dhcp-4.3.2b1/common/socket.c 2015-02-26 09:49:40.562785385 +0100
diff -up dhcp-4.3.3b1/common/socket.c.lpf-ib dhcp-4.3.3b1/common/socket.c
--- dhcp-4.3.3b1/common/socket.c.lpf-ib 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/socket.c 2015-08-10 10:58:17.669350380 +0200
@@ -328,7 +328,7 @@ void if_register_send (info)
info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
@ -562,10 +562,10 @@ diff -up dhcp-4.3.2b1/common/socket.c.lpf-ib dhcp-4.3.2b1/common/socket.c
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
diff -up dhcp-4.3.2b1/includes/dhcpd.h.lpf-ib dhcp-4.3.2b1/includes/dhcpd.h
--- dhcp-4.3.2b1/includes/dhcpd.h.lpf-ib 2015-02-26 09:49:40.554785491 +0100
+++ dhcp-4.3.2b1/includes/dhcpd.h 2015-02-26 09:50:12.210369312 +0100
@@ -440,6 +440,9 @@ struct packet {
diff -up dhcp-4.3.3b1/includes/dhcpd.h.lpf-ib dhcp-4.3.3b1/includes/dhcpd.h
--- dhcp-4.3.3b1/includes/dhcpd.h.lpf-ib 2015-08-10 10:58:17.660350412 +0200
+++ dhcp-4.3.3b1/includes/dhcpd.h 2015-08-10 10:58:17.669350380 +0200
@@ -476,6 +476,9 @@ struct packet {
#define HARDWARE_ADDR_LEN 20
@ -575,7 +575,7 @@ diff -up dhcp-4.3.2b1/includes/dhcpd.h.lpf-ib dhcp-4.3.2b1/includes/dhcpd.h
struct hardware {
u_int8_t hlen;
u_int8_t hbuf[HARDWARE_ADDR_LEN + 1];
@@ -1264,6 +1267,7 @@ struct interface_info {
@@ -1324,6 +1327,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
@ -583,7 +583,7 @@ diff -up dhcp-4.3.2b1/includes/dhcpd.h.lpf-ib dhcp-4.3.2b1/includes/dhcpd.h
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
@@ -2475,7 +2479,7 @@ void print_dns_status (int, struct dhcp_
@@ -2545,7 +2549,7 @@ void print_dns_status (int, struct dhcp_
#endif
const char *print_time(TIME);

View File

@ -1,118 +0,0 @@
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 378459b..e7ed5a3 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2033,6 +2033,11 @@ extern const char *path_dhcpd_pid;
extern int dhcp_max_agent_option_packet_length;
extern struct eventqueue *rw_queue_empty;
+#if defined (PARANOIA)
+extern uid_t set_uid;
+extern gid_t set_gid;
+#endif
+
int main(int, char **);
void postconf_initialization(int);
void postdb_startup(void);
diff --git a/server/db.c b/server/db.c
index d4d42fe..5238ed8 100644
--- a/server/db.c
+++ b/server/db.c
@@ -1125,6 +1125,22 @@ int new_lease_file ()
log_error ("Can't create new lease file: %m");
return 0;
}
+
+#if defined (PARANOIA)
+ /*
+ * If we are currently root and plan to change the
+ * uid and gid change the file information so we
+ * can manipulate it later, after we've changed
+ * our group and user (that is dropped privileges.)
+ */
+ if ((set_uid != 0) && (geteuid() == 0) &&
+ (set_gid != 0) && (getegid() == 0)) {
+ if (fchown(db_fd, set_uid, set_gid)) {
+ log_fatal ("Can't chown new lease file: %m");
+ }
+ }
+#endif /* PARANOIA */
+
if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
diff --git a/server/dhcpd.8 b/server/dhcpd.8
index f4b13dc..8cf756a 100644
--- a/server/dhcpd.8
+++ b/server/dhcpd.8
@@ -78,6 +78,18 @@ dhcpd - Dynamic Host Configuration Protocol Server
.B --no-pid
]
[
+.B -user
+.I user
+]
+[
+.B -group
+.I group
+]
+[
+.B -chroot
+.I dir
+]
+[
.B -tf
.I trace-output-file
]
@@ -249,6 +261,26 @@ for correct syntax, but will not attempt to perform any network
operations. This can be used to test a new lease file
automatically before installing it.
.TP
+.BI \-user \ user
+Setuid to user after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
+.BI \-group \ group
+Setgid to group after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
+.BI \-chroot \ dir
+Chroot to directory. This may occur before or after
+reading the configuration files depending on whether
+the code was compiled with the EARLY_CHROOT option
+enabled (./configure --enable-early-chroot).
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
.BI \-tf \ tracefile
Specify a file into which the entire startup state of the server and
all the transactions it processes are logged. This can be
diff --git a/server/dhcpd.c b/server/dhcpd.c
index ebb6d3e..ca50178 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -50,6 +50,10 @@ static const char url [] =
# define group real_group
# include <grp.h>
# undef group
+
+/* global values so db.c can look at them */
+uid_t set_uid = 0;
+gid_t set_gid = 0;
#endif /* PARANOIA */
#ifndef UNIT_TEST
@@ -180,9 +184,6 @@ main(int argc, char **argv) {
char *set_user = 0;
char *set_group = 0;
char *set_chroot = 0;
-
- uid_t set_uid = 0;
- gid_t set_gid = 0;
#endif /* PARANOIA */
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and

View File

@ -1,6 +1,6 @@
diff -up dhcp-4.3.2/client/Makefile.am.remove-bind dhcp-4.3.2/client/Makefile.am
--- dhcp-4.3.2/client/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/client/Makefile.am 2015-03-05 19:01:27.748586948 +0100
diff -up dhcp-4.3.3b1/client/Makefile.am.remove-bind dhcp-4.3.3b1/client/Makefile.am
--- dhcp-4.3.3b1/client/Makefile.am.remove-bind 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/client/Makefile.am 2015-08-10 10:20:26.373965596 +0200
@@ -10,8 +10,8 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
@ -12,9 +12,9 @@ diff -up dhcp-4.3.2/client/Makefile.am.remove-bind dhcp-4.3.2/client/Makefile.am
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/common/tests/Makefile.am.remove-bind dhcp-4.3.2/common/tests/Makefile.am
--- dhcp-4.3.2/common/tests/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/common/tests/Makefile.am 2015-03-05 19:03:51.316530568 +0100
diff -up dhcp-4.3.3b1/common/tests/Makefile.am.remove-bind dhcp-4.3.3b1/common/tests/Makefile.am
--- dhcp-4.3.3b1/common/tests/Makefile.am.remove-bind 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/tests/Makefile.am 2015-08-10 10:20:26.373965596 +0200
@@ -13,14 +13,14 @@ ATF_TESTS += alloc_unittest dns_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
@ -45,10 +45,10 @@ diff -up dhcp-4.3.2/common/tests/Makefile.am.remove-bind dhcp-4.3.2/common/tests
check: $(ATF_TESTS)
sh ${top_srcdir}/tests/unittest.sh
diff -up dhcp-4.3.2/configure.ac.remove-bind dhcp-4.3.2/configure.ac
--- dhcp-4.3.2/configure.ac.remove-bind 2015-02-26 20:51:28.000000000 +0100
+++ dhcp-4.3.2/configure.ac 2015-03-05 19:01:27.756586833 +0100
@@ -582,20 +582,37 @@ AC_CHECK_MEMBER(struct tpacket_auxdata.t
diff -up dhcp-4.3.3b1/configure.ac.remove-bind dhcp-4.3.3b1/configure.ac
--- dhcp-4.3.3b1/configure.ac.remove-bind 2015-07-30 21:02:23.000000000 +0200
+++ dhcp-4.3.3b1/configure.ac 2015-08-10 10:31:02.761852511 +0200
@@ -606,23 +606,40 @@ AC_CHECK_MEMBER(struct tpacket_auxdata.t
libbind=
AC_ARG_WITH(libbind,
@ -84,6 +84,9 @@ diff -up dhcp-4.3.2/configure.ac.remove-bind dhcp-4.3.2/configure.ac
- libbind="$use_libbind"
+ BIND9_LIBDIR="-L$libbind_libs"
+ BUNDLED_BIND=no
if test ! -d "bind"; then
AC_MSG_WARN(empty bind directory)
fi
;;
esac
+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
@ -91,7 +94,7 @@ diff -up dhcp-4.3.2/configure.ac.remove-bind dhcp-4.3.2/configure.ac
# OpenLDAP support.
AC_ARG_WITH(ldap,
@@ -630,7 +647,7 @@ fi
@@ -700,7 +717,7 @@ fi
CFLAGS="$CFLAGS $STD_CWARNINGS"
# Try to add the bind include directory
@ -100,9 +103,9 @@ diff -up dhcp-4.3.2/configure.ac.remove-bind dhcp-4.3.2/configure.ac
case "$host" in
*-darwin*)
diff -up dhcp-4.3.2/dhcpctl/Makefile.am.remove-bind dhcp-4.3.2/dhcpctl/Makefile.am
--- dhcp-4.3.2/dhcpctl/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/dhcpctl/Makefile.am 2015-03-05 19:01:27.756586833 +0100
diff -up dhcp-4.3.3b1/dhcpctl/Makefile.am.remove-bind dhcp-4.3.3b1/dhcpctl/Makefile.am
--- dhcp-4.3.3b1/dhcpctl/Makefile.am.remove-bind 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/dhcpctl/Makefile.am 2015-08-10 10:20:26.374965593 +0200
@@ -6,12 +6,9 @@ EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
@ -118,27 +121,27 @@ diff -up dhcp-4.3.2/dhcpctl/Makefile.am.remove-bind dhcp-4.3.2/dhcpctl/Makefile.
- ../bind/lib/libirs.a ../bind/lib/libdns.a \
- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.2/Makefile.am.remove-bind dhcp-4.3.2/Makefile.am
--- dhcp-4.3.2/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/Makefile.am 2015-03-05 19:01:27.757586819 +0100
diff -up dhcp-4.3.3b1/Makefile.am.remove-bind dhcp-4.3.3b1/Makefile.am
--- dhcp-4.3.3b1/Makefile.am.remove-bind 2015-08-10 10:20:26.374965593 +0200
+++ dhcp-4.3.3b1/Makefile.am 2015-08-10 10:32:20.540597417 +0200
@@ -25,7 +25,13 @@ EXTRA_DIST = RELNOTES LICENSE \
bind/Makefile bind/bind.tar.gz bind/version.tmp \
bind/Makefile.in bind/bind.tar.gz bind/version.tmp \
common/tests/Atffile server/tests/Atffile
-SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
-SUBDIRS = bind includes tests common omapip client dhcpctl relay server
+if BUNDLED_BIND
+SUBDIRS = bind
+else
+SUBDIRS =
+endif
+
+SUBDIRS += includes tests common dst omapip client dhcpctl relay server
+SUBDIRS += includes tests common omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.3.2/omapip/Makefile.am.remove-bind dhcp-4.3.2/omapip/Makefile.am
--- dhcp-4.3.2/omapip/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/omapip/Makefile.am 2015-03-05 19:01:27.757586819 +0100
diff -up dhcp-4.3.3b1/omapip/Makefile.am.remove-bind dhcp-4.3.3b1/omapip/Makefile.am
--- dhcp-4.3.3b1/omapip/Makefile.am.remove-bind 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/omapip/Makefile.am 2015-08-10 10:20:26.375965590 +0200
@@ -10,6 +10,5 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
@ -148,9 +151,9 @@ diff -up dhcp-4.3.2/omapip/Makefile.am.remove-bind dhcp-4.3.2/omapip/Makefile.am
-
+svtest_LDADD = libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.2/relay/Makefile.am.remove-bind dhcp-4.3.2/relay/Makefile.am
--- dhcp-4.3.2/relay/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/relay/Makefile.am 2015-03-05 19:01:27.757586819 +0100
diff -up dhcp-4.3.3b1/relay/Makefile.am.remove-bind dhcp-4.3.3b1/relay/Makefile.am
--- dhcp-4.3.3b1/relay/Makefile.am.remove-bind 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/relay/Makefile.am 2015-08-10 10:20:26.375965590 +0200
@@ -3,8 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
@ -161,27 +164,28 @@ diff -up dhcp-4.3.2/relay/Makefile.am.remove-bind dhcp-4.3.2/relay/Makefile.am
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/server/Makefile.am.remove-bind dhcp-4.3.2/server/Makefile.am
--- dhcp-4.3.2/server/Makefile.am.remove-bind 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/server/Makefile.am 2015-03-05 19:01:27.757586819 +0100
@@ -13,10 +13,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c
diff -up dhcp-4.3.3b1/server/Makefile.am.remove-bind dhcp-4.3.3b1/server/Makefile.am
--- dhcp-4.3.3b1/server/Makefile.am.remove-bind 2015-08-10 10:20:26.375965590 +0200
+++ dhcp-4.3.3b1/server/Makefile.am 2015-08-10 10:34:07.597246299 +0200
@@ -13,10 +13,9 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../dhcpctl/libdhcpctl.a ../bind/lib/libirs.a \
- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
-
- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a \
- $(LDAP_LIBS)
+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export \
+ $(LDAP_LIBS)
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/server/tests/Makefile.am.remove-bind dhcp-4.3.2/server/tests/Makefile.am
--- dhcp-4.3.2/server/tests/Makefile.am.remove-bind 2015-03-05 19:01:27.757586819 +0100
+++ dhcp-4.3.2/server/tests/Makefile.am 2015-03-05 19:02:51.949380907 +0100
diff -up dhcp-4.3.3b1/server/tests/Makefile.am.remove-bind dhcp-4.3.3b1/server/tests/Makefile.am
--- dhcp-4.3.3b1/server/tests/Makefile.am.remove-bind 2015-08-10 10:20:26.375965590 +0200
+++ dhcp-4.3.3b1/server/tests/Makefile.am 2015-08-10 10:35:34.931959866 +0200
@@ -18,9 +18,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ldap.c ../ldap_casa.c ../dhcpd.c
../ldap.c ../ldap_casa.c ../dhcpd.c ../leasechain.c
DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/bind/lib/libirs.a \

View File

@ -1,46 +0,0 @@
diff -up dhcp-4.3.0a1/Makefile.am.remove-dst dhcp-4.3.0a1/Makefile.am
--- dhcp-4.3.0a1/Makefile.am.remove-dst 2013-12-19 14:48:03.744033290 +0100
+++ dhcp-4.3.0a1/Makefile.am 2013-12-19 14:48:03.753033163 +0100
@@ -31,7 +31,7 @@ else
SUBDIRS =
endif
-SUBDIRS += includes tests common dst omapip client dhcpctl relay server
+SUBDIRS += includes tests common omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.3.0a1/configure.ac.remove-dst dhcp-4.3.0a1/configure.ac
--- dhcp-4.3.0a1/configure.ac.remove-dst 2013-12-19 14:48:03.745033276 +0100
+++ dhcp-4.3.0a1/configure.ac 2013-12-19 14:48:03.752033177 +0100
@@ -632,7 +632,6 @@ AC_CONFIG_FILES([
common/Makefile
common/tests/Makefile
dhcpctl/Makefile
- dst/Makefile
includes/Makefile
omapip/Makefile
relay/Makefile
diff -up dhcp-4.3.0a1/includes/Makefile.am.remove-dst dhcp-4.3.0a1/includes/Makefile.am
--- dhcp-4.3.0a1/includes/Makefile.am.remove-dst 2013-11-07 20:15:08.000000000 +0100
+++ dhcp-4.3.0a1/includes/Makefile.am 2013-12-19 14:48:03.752033177 +0100
@@ -1,7 +1,6 @@
nobase_include_HEADERS = omapip/alloc.h omapip/buffer.h omapip/convert.h \
omapip/hash.h omapip/isclib.h omapip/omapip.h \
- omapip/omapip_p.h omapip/result.h omapip/trace.h \
- isc-dhcp/dst.h
+ omapip/omapip_p.h omapip/result.h omapip/trace.h
EXTRA_DIST = cdefs.h ctrace.h dhcp.h dhcp6.h dhcpd.h dhctoken.h failover.h \
heap.h inet.h minires.h osdep.h site.h statement.h tree.h \
diff -up dhcp-4.3.0a1/server/ddns.c.remove-dst dhcp-4.3.0a1/server/ddns.c
--- dhcp-4.3.0a1/server/ddns.c.remove-dst 2013-12-19 14:48:03.754033149 +0100
+++ dhcp-4.3.0a1/server/ddns.c 2013-12-19 14:49:14.102046556 +0100
@@ -35,7 +35,6 @@
*/
#include "dhcpd.h"
-#include "dst/md5.h"
#include <dns/result.h>
char *ddns_standard_tag = "ddns-dhcid";

View File

@ -1,6 +1,6 @@
diff -up dhcp-4.3.0rc1/client/clparse.c.rfc3442 dhcp-4.3.0rc1/client/clparse.c
--- dhcp-4.3.0rc1/client/clparse.c.rfc3442 2014-01-29 10:05:48.474400352 +0100
+++ dhcp-4.3.0rc1/client/clparse.c 2014-01-29 10:05:48.517399955 +0100
diff -up dhcp-4.3.3b1/client/clparse.c.rfc3442 dhcp-4.3.3b1/client/clparse.c
--- dhcp-4.3.3b1/client/clparse.c.rfc3442 2015-08-10 10:55:31.711936295 +0200
+++ dhcp-4.3.3b1/client/clparse.c 2015-08-10 10:55:31.735936210 +0200
@@ -31,7 +31,7 @@
struct client_config top_level_config;
@ -35,9 +35,9 @@ diff -up dhcp-4.3.0rc1/client/clparse.c.rfc3442 dhcp-4.3.0rc1/client/clparse.c
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
diff -up dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 dhcp-4.3.0rc1/common/dhcp-options.5
--- dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 2014-01-29 10:05:48.466400426 +0100
+++ dhcp-4.3.0rc1/common/dhcp-options.5 2014-01-29 10:05:48.518399945 +0100
diff -up dhcp-4.3.3b1/common/dhcp-options.5.rfc3442 dhcp-4.3.3b1/common/dhcp-options.5
--- dhcp-4.3.3b1/common/dhcp-options.5.rfc3442 2015-08-10 10:55:31.705936316 +0200
+++ dhcp-4.3.3b1/common/dhcp-options.5 2015-08-10 10:55:31.735936210 +0200
@@ -111,6 +111,26 @@ hexadecimal, separated by colons. For e
or
option dhcp-client-identifier 43:4c:49:45:54:2d:46:4f:4f;
@ -65,7 +65,7 @@ diff -up dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 dhcp-4.3.0rc1/common/dhcp-o
.SH SETTING OPTION VALUES USING EXPRESSIONS
Sometimes it's helpful to be able to set the value of a DHCP option
based on some value that the client has sent. To do this, you can
@@ -972,6 +992,29 @@ dhclient-script will create routes:
@@ -1031,6 +1051,29 @@ dhclient-script will create routes:
.RE
.PP
.nf
@ -95,9 +95,9 @@ diff -up dhcp-4.3.0rc1/common/dhcp-options.5.rfc3442 dhcp-4.3.0rc1/common/dhcp-o
.B option \fBstreettalk-directory-assistance-server\fR \fIip-address\fR
[\fB,\fR \fIip-address\fR...]\fB;\fR
.fi
diff -up dhcp-4.3.0rc1/common/inet.c.rfc3442 dhcp-4.3.0rc1/common/inet.c
--- dhcp-4.3.0rc1/common/inet.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
+++ dhcp-4.3.0rc1/common/inet.c 2014-01-29 10:05:48.519399936 +0100
diff -up dhcp-4.3.3b1/common/inet.c.rfc3442 dhcp-4.3.3b1/common/inet.c
--- dhcp-4.3.3b1/common/inet.c.rfc3442 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/inet.c 2015-08-10 10:55:31.735936210 +0200
@@ -521,6 +521,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
return ISC_R_SUCCESS;
}
@ -159,10 +159,10 @@ diff -up dhcp-4.3.0rc1/common/inet.c.rfc3442 dhcp-4.3.0rc1/common/inet.c
/* piaddr() turns an iaddr structure into a printable address. */
/* XXX: should use a const pointer rather than passing the structure */
const char *
diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
--- dhcp-4.3.0rc1/common/options.c.rfc3442 2014-01-26 19:40:44.000000000 +0100
+++ dhcp-4.3.0rc1/common/options.c 2014-01-29 10:05:48.520399927 +0100
@@ -707,7 +707,11 @@ cons_options(struct packet *inpacket, st
diff -up dhcp-4.3.3b1/common/options.c.rfc3442 dhcp-4.3.3b1/common/options.c
--- dhcp-4.3.3b1/common/options.c.rfc3442 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/options.c 2015-08-10 10:55:31.736936207 +0200
@@ -713,7 +713,11 @@ cons_options(struct packet *inpacket, st
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
@ -175,7 +175,7 @@ diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
@@ -1688,6 +1692,7 @@ const char *pretty_print_option (option,
@@ -1694,6 +1698,7 @@ const char *pretty_print_option (option,
unsigned long tval;
isc_boolean_t a_array = ISC_FALSE;
int len_used;
@ -183,7 +183,7 @@ diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
if (emit_commas)
comma = ',';
@@ -1696,6 +1701,7 @@ const char *pretty_print_option (option,
@@ -1702,6 +1707,7 @@ const char *pretty_print_option (option,
memset (enumbuf, 0, sizeof enumbuf);
@ -191,7 +191,7 @@ diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
@@ -1870,6 +1876,33 @@ const char *pretty_print_option (option,
@@ -1894,6 +1900,33 @@ const char *pretty_print_option (option,
if (numhunk < 0)
numhunk = 1;
@ -225,7 +225,7 @@ diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
@@ -2025,6 +2058,20 @@ const char *pretty_print_option (option,
@@ -2049,6 +2082,20 @@ const char *pretty_print_option (option,
strcpy(op, piaddr(iaddr));
dp += 4;
break;
@ -246,10 +246,10 @@ diff -up dhcp-4.3.0rc1/common/options.c.rfc3442 dhcp-4.3.0rc1/common/options.c
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
--- dhcp-4.3.0rc1/common/parse.c.rfc3442 2014-01-29 10:05:48.491400195 +0100
+++ dhcp-4.3.0rc1/common/parse.c 2014-01-29 10:05:48.522399908 +0100
@@ -335,6 +335,39 @@ int parse_ip_addr (cfile, addr)
diff -up dhcp-4.3.3b1/common/parse.c.rfc3442 dhcp-4.3.3b1/common/parse.c
--- dhcp-4.3.3b1/common/parse.c.rfc3442 2015-08-10 10:55:31.725936246 +0200
+++ dhcp-4.3.3b1/common/parse.c 2015-08-10 10:55:31.741936189 +0200
@@ -341,6 +341,39 @@ int parse_ip_addr (cfile, addr)
}
/*
@ -289,7 +289,7 @@ diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
* Return true if every character in the string is hexadecimal.
*/
static int
@@ -713,8 +746,10 @@ unsigned char *parse_numeric_aggregate (
@@ -720,8 +753,10 @@ unsigned char *parse_numeric_aggregate (
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
@ -301,7 +301,7 @@ diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
@@ -1654,6 +1689,9 @@ int parse_option_code_definition (cfile,
@@ -1668,6 +1703,9 @@ int parse_option_code_definition (cfile,
case IP_ADDRESS:
type = 'I';
break;
@ -311,7 +311,7 @@ diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
case IP6_ADDRESS:
type = '6';
break;
@@ -5071,6 +5109,15 @@ int parse_option_token (rv, cfile, fmt,
@@ -5097,6 +5135,15 @@ int parse_option_token (rv, cfile, fmt,
}
break;
@ -327,7 +327,7 @@ diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
@@ -5348,6 +5395,13 @@ int parse_option_decl (oc, cfile)
@@ -5374,6 +5421,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
@ -341,9 +341,9 @@ diff -up dhcp-4.3.0rc1/common/parse.c.rfc3442 dhcp-4.3.0rc1/common/parse.c
alloc:
if (hunkix + len > sizeof hunkbuf) {
diff -up dhcp-4.3.0rc1/common/tables.c.rfc3442 dhcp-4.3.0rc1/common/tables.c
--- dhcp-4.3.0rc1/common/tables.c.rfc3442 2014-01-29 10:05:48.485400250 +0100
+++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:06:25.724038563 +0100
diff -up dhcp-4.3.3b1/common/tables.c.rfc3442 dhcp-4.3.3b1/common/tables.c
--- dhcp-4.3.3b1/common/tables.c.rfc3442 2015-08-10 10:55:31.719936267 +0200
+++ dhcp-4.3.3b1/common/tables.c 2015-08-10 10:55:31.742936186 +0200
@@ -46,6 +46,7 @@ HASH_FUNCTIONS (option_code, const unsig
Format codes:
@ -360,10 +360,10 @@ diff -up dhcp-4.3.0rc1/common/tables.c.rfc3442 dhcp-4.3.0rc1/common/tables.c
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
diff -up dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 dhcp-4.3.0rc1/includes/dhcpd.h
--- dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 2014-01-29 10:05:48.470400389 +0100
+++ dhcp-4.3.0rc1/includes/dhcpd.h 2014-01-29 10:05:48.525399881 +0100
@@ -2725,6 +2725,7 @@ isc_result_t range2cidr(struct iaddrcidr
diff -up dhcp-4.3.3b1/includes/dhcpd.h.rfc3442 dhcp-4.3.3b1/includes/dhcpd.h
--- dhcp-4.3.3b1/includes/dhcpd.h.rfc3442 2015-08-10 10:55:31.709936302 +0200
+++ dhcp-4.3.3b1/includes/dhcpd.h 2015-08-10 10:55:31.743936182 +0200
@@ -2855,6 +2855,7 @@ isc_result_t range2cidr(struct iaddrcidr
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
@ -371,7 +371,7 @@ diff -up dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 dhcp-4.3.0rc1/includes/dhcpd.h
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
@@ -2934,6 +2935,7 @@ void parse_client_lease_declaration (str
@@ -3065,6 +3066,7 @@ void parse_client_lease_declaration (str
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
@ -379,9 +379,9 @@ diff -up dhcp-4.3.0rc1/includes/dhcpd.h.rfc3442 dhcp-4.3.0rc1/includes/dhcpd.h
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
diff -up dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 dhcp-4.3.0rc1/includes/dhcp.h
--- dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 2014-01-26 19:40:44.000000000 +0100
+++ dhcp-4.3.0rc1/includes/dhcp.h 2014-01-29 10:05:48.524399890 +0100
diff -up dhcp-4.3.3b1/includes/dhcp.h.rfc3442 dhcp-4.3.3b1/includes/dhcp.h
--- dhcp-4.3.3b1/includes/dhcp.h.rfc3442 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/includes/dhcp.h 2015-08-10 10:55:31.743936182 +0200
@@ -159,6 +159,7 @@ struct dhcp_packet {
#define DHO_ASSOCIATED_IP 92
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
@ -390,16 +390,16 @@ diff -up dhcp-4.3.0rc1/includes/dhcp.h.rfc3442 dhcp-4.3.0rc1/includes/dhcp.h
#define DHO_VIVCO_SUBOPTIONS 124
#define DHO_VIVSO_SUBOPTIONS 125
diff -up dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 dhcp-4.3.0rc1/includes/dhctoken.h
--- dhcp-4.3.0rc1/includes/dhctoken.h.rfc3442 2014-01-29 10:05:48.435400713 +0100
+++ dhcp-4.3.0rc1/includes/dhctoken.h 2014-01-29 10:05:48.526399871 +0100
@@ -368,7 +368,8 @@ enum dhcp_token {
POOL6 = 669,
diff -up dhcp-4.3.3b1/includes/dhctoken.h.rfc3442 dhcp-4.3.3b1/includes/dhctoken.h
--- dhcp-4.3.3b1/includes/dhctoken.h.rfc3442 2015-08-10 10:55:31.743936182 +0200
+++ dhcp-4.3.3b1/includes/dhctoken.h 2015-08-10 10:56:19.325768194 +0200
@@ -369,7 +369,8 @@ enum dhcp_token {
V6RELAY = 670,
V6RELOPT = 671,
- BOOTP_BROADCAST_ALWAYS = 672
+ BOOTP_BROADCAST_ALWAYS = 672,
+ DESTINATION_DESCRIPTOR = 673
PARSE_VENDOR_OPT = 672,
- BOOTP_BROADCAST_ALWAYS = 673
+ BOOTP_BROADCAST_ALWAYS = 673,
+ DESTINATION_DESCRIPTOR = 674
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \

View File

@ -1,8 +1,8 @@
diff -up dhcp-4.3.0/configure.ac.sd-daemon dhcp-4.3.0/configure.ac
--- dhcp-4.3.0/configure.ac.sd-daemon 2014-03-18 15:17:11.000000000 +0100
+++ dhcp-4.3.0/configure.ac 2014-03-18 15:35:47.982182345 +0100
@@ -677,6 +677,17 @@ if test x$ldap = xyes || test x$ldapcryp
fi
diff -up dhcp-4.3.3b1/configure.ac.sd_notify dhcp-4.3.3b1/configure.ac
--- dhcp-4.3.3b1/configure.ac.sd_notify 2015-08-10 11:57:24.955325674 +0200
+++ dhcp-4.3.3b1/configure.ac 2015-08-10 11:58:20.024113933 +0200
@@ -777,6 +777,17 @@ if test x$ldap = xyes || test x$ldapcryp
AC_SUBST(LDAP_CFLAGS, [$LDAP_CFLAGS])
fi
+AC_ARG_WITH(systemd,
@ -19,9 +19,9 @@ diff -up dhcp-4.3.0/configure.ac.sd-daemon dhcp-4.3.0/configure.ac
# Append selected warning levels to CFLAGS before substitution (but after
# AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[],[]) & etc).
CFLAGS="$CFLAGS $STD_CWARNINGS"
diff -up dhcp-4.3.0/relay/dhcrelay.c.sd-daemon dhcp-4.3.0/relay/dhcrelay.c
--- dhcp-4.3.0/relay/dhcrelay.c.sd-daemon 2014-03-18 15:17:11.000000000 +0100
+++ dhcp-4.3.0/relay/dhcrelay.c 2014-03-18 15:35:42.063264999 +0100
diff -up dhcp-4.3.3b1/relay/dhcrelay.c.sd_notify dhcp-4.3.3b1/relay/dhcrelay.c
--- dhcp-4.3.3b1/relay/dhcrelay.c.sd_notify 2015-08-10 11:57:24.901325882 +0200
+++ dhcp-4.3.3b1/relay/dhcrelay.c 2015-08-10 11:57:24.956325670 +0200
@@ -36,6 +36,10 @@
int keep_capabilities = 0;
#endif
@ -33,7 +33,7 @@ diff -up dhcp-4.3.0/relay/dhcrelay.c.sd-daemon dhcp-4.3.0/relay/dhcrelay.c
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
@@ -624,6 +628,14 @@ main(int argc, char **argv) {
@@ -627,6 +631,14 @@ main(int argc, char **argv) {
}
#endif
@ -48,10 +48,10 @@ diff -up dhcp-4.3.0/relay/dhcrelay.c.sd-daemon dhcp-4.3.0/relay/dhcrelay.c
/* Start dispatching packets and timeouts... */
dispatch();
diff -up dhcp-4.3.0/server/dhcpd.c.sd-daemon dhcp-4.3.0/server/dhcpd.c
--- dhcp-4.3.0/server/dhcpd.c.sd-daemon 2014-03-18 15:17:11.000000000 +0100
+++ dhcp-4.3.0/server/dhcpd.c 2014-03-18 15:34:59.207863458 +0100
@@ -54,6 +54,10 @@ static const char url [] =
diff -up dhcp-4.3.3b1/server/dhcpd.c.sd_notify dhcp-4.3.3b1/server/dhcpd.c
--- dhcp-4.3.3b1/server/dhcpd.c.sd_notify 2015-08-10 11:57:24.937325743 +0200
+++ dhcp-4.3.3b1/server/dhcpd.c 2015-08-10 11:57:24.956325670 +0200
@@ -58,6 +58,10 @@ gid_t set_gid = 0;
#include "trace.h"
@ -62,7 +62,7 @@ diff -up dhcp-4.3.0/server/dhcpd.c.sd-daemon dhcp-4.3.0/server/dhcpd.c
#ifndef UNIT_TEST
static void usage(void);
#endif
@@ -792,6 +796,13 @@ main(int argc, char **argv) {
@@ -820,6 +824,13 @@ main(int argc, char **argv) {
TRACE(DHCPD_MAIN());

View File

@ -1,6 +1,6 @@
diff -up dhcp-4.3.2/client/Makefile.am.sharedlib dhcp-4.3.2/client/Makefile.am
--- dhcp-4.3.2/client/Makefile.am.sharedlib 2015-03-05 19:03:58.045434187 +0100
+++ dhcp-4.3.2/client/Makefile.am 2015-03-05 19:03:58.053434072 +0100
diff -up dhcp-4.3.3b1/client/Makefile.am.sharedlib dhcp-4.3.3b1/client/Makefile.am
--- dhcp-4.3.3b1/client/Makefile.am.sharedlib 2015-08-10 10:41:25.315770022 +0200
+++ dhcp-4.3.3b1/client/Makefile.am 2015-08-10 10:41:25.317770015 +0200
@@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
@ -10,9 +10,9 @@ diff -up dhcp-4.3.2/client/Makefile.am.sharedlib dhcp-4.3.2/client/Makefile.am
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/common/tests/Makefile.am.sharedlib dhcp-4.3.2/common/tests/Makefile.am
--- dhcp-4.3.2/common/tests/Makefile.am.sharedlib 2015-03-05 19:03:58.045434187 +0100
+++ dhcp-4.3.2/common/tests/Makefile.am 2015-03-05 19:05:00.665537255 +0100
diff -up dhcp-4.3.3b1/common/tests/Makefile.am.sharedlib dhcp-4.3.3b1/common/tests/Makefile.am
--- dhcp-4.3.3b1/common/tests/Makefile.am.sharedlib 2015-08-10 10:41:25.315770022 +0200
+++ dhcp-4.3.3b1/common/tests/Makefile.am 2015-08-10 10:41:25.318770011 +0200
@@ -13,25 +13,25 @@ ATF_TESTS += alloc_unittest dns_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
@ -44,10 +44,10 @@ diff -up dhcp-4.3.2/common/tests/Makefile.am.sharedlib dhcp-4.3.2/common/tests/M
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
check: $(ATF_TESTS)
diff -up dhcp-4.3.2/configure.ac.sharedlib dhcp-4.3.2/configure.ac
--- dhcp-4.3.2/configure.ac.sharedlib 2015-03-05 19:03:58.049434130 +0100
+++ dhcp-4.3.2/configure.ac 2015-03-05 19:03:58.053434072 +0100
@@ -39,7 +39,8 @@ fi
diff -up dhcp-4.3.3b1/configure.ac.sharedlib dhcp-4.3.3b1/configure.ac
--- dhcp-4.3.3b1/configure.ac.sharedlib 2015-08-10 10:41:25.315770022 +0200
+++ dhcp-4.3.3b1/configure.ac 2015-08-10 10:41:25.318770011 +0200
@@ -43,7 +43,8 @@ AC_SUBST(BINDCONFIG)
# Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
AC_USE_SYSTEM_EXTENSIONS
@ -57,9 +57,9 @@ diff -up dhcp-4.3.2/configure.ac.sharedlib dhcp-4.3.2/configure.ac
AC_CONFIG_HEADERS([includes/config.h])
# we sometimes need to know byte order for building packets
diff -up dhcp-4.3.2/dhcpctl/Makefile.am.sharedlib dhcp-4.3.2/dhcpctl/Makefile.am
--- dhcp-4.3.2/dhcpctl/Makefile.am.sharedlib 2015-03-05 19:03:58.046434173 +0100
+++ dhcp-4.3.2/dhcpctl/Makefile.am 2015-03-05 19:03:58.054434058 +0100
diff -up dhcp-4.3.3b1/dhcpctl/Makefile.am.sharedlib dhcp-4.3.3b1/dhcpctl/Makefile.am
--- dhcp-4.3.3b1/dhcpctl/Makefile.am.sharedlib 2015-08-10 10:41:25.315770022 +0200
+++ dhcp-4.3.3b1/dhcpctl/Makefile.am 2015-08-10 10:41:25.318770011 +0200
@@ -1,14 +1,14 @@
bin_PROGRAMS = omshell
-lib_LIBRARIES = libdhcpctl.a
@ -79,9 +79,9 @@ diff -up dhcp-4.3.2/dhcpctl/Makefile.am.sharedlib dhcp-4.3.2/dhcpctl/Makefile.am
-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.2/omapip/Makefile.am.sharedlib dhcp-4.3.2/omapip/Makefile.am
--- dhcp-4.3.2/omapip/Makefile.am.sharedlib 2015-03-05 19:03:58.046434173 +0100
+++ dhcp-4.3.2/omapip/Makefile.am 2015-03-05 19:03:58.054434058 +0100
diff -up dhcp-4.3.3b1/omapip/Makefile.am.sharedlib dhcp-4.3.3b1/omapip/Makefile.am
--- dhcp-4.3.3b1/omapip/Makefile.am.sharedlib 2015-08-10 10:41:25.315770022 +0200
+++ dhcp-4.3.3b1/omapip/Makefile.am 2015-08-10 10:41:25.318770011 +0200
@@ -1,7 +1,7 @@
-lib_LIBRARIES = libomapi.a
+lib_LTLIBRARIES = libomapi.la
@ -99,9 +99,9 @@ diff -up dhcp-4.3.2/omapip/Makefile.am.sharedlib dhcp-4.3.2/omapip/Makefile.am
-svtest_LDADD = libomapi.a \
+svtest_LDADD = libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.2/relay/Makefile.am.sharedlib dhcp-4.3.2/relay/Makefile.am
--- dhcp-4.3.2/relay/Makefile.am.sharedlib 2015-03-05 19:03:58.046434173 +0100
+++ dhcp-4.3.2/relay/Makefile.am 2015-03-05 19:03:58.054434058 +0100
diff -up dhcp-4.3.3b1/relay/Makefile.am.sharedlib dhcp-4.3.3b1/relay/Makefile.am
--- dhcp-4.3.3b1/relay/Makefile.am.sharedlib 2015-08-10 10:41:25.316770018 +0200
+++ dhcp-4.3.3b1/relay/Makefile.am 2015-08-10 10:41:25.318770011 +0200
@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
@ -111,24 +111,24 @@ diff -up dhcp-4.3.2/relay/Makefile.am.sharedlib dhcp-4.3.2/relay/Makefile.am
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/server/Makefile.am.sharedlib dhcp-4.3.2/server/Makefile.am
--- dhcp-4.3.2/server/Makefile.am.sharedlib 2015-03-05 19:03:58.046434173 +0100
+++ dhcp-4.3.2/server/Makefile.am 2015-03-05 19:03:58.054434058 +0100
diff -up dhcp-4.3.3b1/server/Makefile.am.sharedlib dhcp-4.3.3b1/server/Makefile.am
--- dhcp-4.3.3b1/server/Makefile.am.sharedlib 2015-08-10 10:41:25.318770011 +0200
+++ dhcp-4.3.3b1/server/Makefile.am 2015-08-10 10:42:27.642555119 +0200
@@ -13,7 +13,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c
dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.2/server/tests/Makefile.am.sharedlib dhcp-4.3.2/server/tests/Makefile.am
--- dhcp-4.3.2/server/tests/Makefile.am.sharedlib 2015-03-05 19:03:58.054434058 +0100
+++ dhcp-4.3.2/server/tests/Makefile.am 2015-03-05 19:05:54.779762155 +0100
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export \
$(LDAP_LIBS)
diff -up dhcp-4.3.3b1/server/tests/Makefile.am.sharedlib dhcp-4.3.3b1/server/tests/Makefile.am
--- dhcp-4.3.3b1/server/tests/Makefile.am.sharedlib 2015-08-10 10:41:25.318770011 +0200
+++ dhcp-4.3.3b1/server/tests/Makefile.am 2015-08-10 10:42:59.290445998 +0200
@@ -17,8 +17,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
../ldap.c ../ldap_casa.c ../dhcpd.c
../ldap.c ../ldap_casa.c ../dhcpd.c ../leasechain.c
-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a \

View File

@ -1,7 +1,7 @@
diff -up dhcp-4.3.2/configure.ac.systemtap dhcp-4.3.2/configure.ac
--- dhcp-4.3.2/configure.ac.systemtap 2015-03-05 19:06:12.874502977 +0100
+++ dhcp-4.3.2/configure.ac 2015-03-05 19:06:42.786074542 +0100
@@ -550,6 +550,35 @@ else
diff -up dhcp-4.3.3b1/configure.ac.systemtap dhcp-4.3.3b1/configure.ac
--- dhcp-4.3.3b1/configure.ac.systemtap 2015-08-10 11:46:08.876892296 +0200
+++ dhcp-4.3.3b1/configure.ac 2015-08-10 11:46:08.913892156 +0200
@@ -574,6 +574,35 @@ else
AC_MSG_RESULT(no)
fi
@ -37,7 +37,7 @@ diff -up dhcp-4.3.2/configure.ac.systemtap dhcp-4.3.2/configure.ac
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
@@ -707,6 +736,7 @@ AC_CONFIG_FILES([
@@ -778,6 +807,7 @@ AC_CONFIG_FILES([
tests/unittest.sh
server/tests/Makefile
doc/devel/doxyfile
@ -45,9 +45,9 @@ diff -up dhcp-4.3.2/configure.ac.systemtap dhcp-4.3.2/configure.ac
])
AC_OUTPUT
diff -up dhcp-4.3.2/Makefile.am.systemtap dhcp-4.3.2/Makefile.am
--- dhcp-4.3.2/Makefile.am.systemtap 2015-03-05 19:06:12.799504051 +0100
+++ dhcp-4.3.2/Makefile.am 2015-03-05 19:06:12.931502161 +0100
diff -up dhcp-4.3.3b1/Makefile.am.systemtap dhcp-4.3.3b1/Makefile.am
--- dhcp-4.3.3b1/Makefile.am.systemtap 2015-08-10 11:46:08.827892482 +0200
+++ dhcp-4.3.3b1/Makefile.am 2015-08-10 11:46:08.914892153 +0200
@@ -33,5 +33,8 @@ endif
SUBDIRS += includes tests common omapip client dhcpctl relay server
@ -57,19 +57,19 @@ diff -up dhcp-4.3.2/Makefile.am.systemtap dhcp-4.3.2/Makefile.am
+
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
--- dhcp-4.3.2/server/dhcp.c.systemtap 2015-03-05 19:06:12.919502333 +0100
+++ dhcp-4.3.2/server/dhcp.c 2015-03-05 19:06:12.932502146 +0100
@@ -30,7 +30,7 @@
#include <errno.h>
diff -up dhcp-4.3.3b1/server/dhcp.c.systemtap dhcp-4.3.3b1/server/dhcp.c
--- dhcp-4.3.3b1/server/dhcp.c.systemtap 2015-08-10 11:46:08.905892186 +0200
+++ dhcp-4.3.3b1/server/dhcp.c 2015-08-10 11:47:15.969638417 +0200
@@ -31,6 +31,8 @@
#include <limits.h>
#include <sys/time.h>
-
+#include "trace.h"
static void commit_leases_ackout(void *foo);
+
static void maybe_return_agent_options(struct packet *packet,
struct option_state *options);
@@ -306,6 +306,8 @@ void dhcpdiscover (packet, ms_nulltp)
static int reuse_lease (struct packet* packet, struct lease* new_lease,
@@ -311,6 +313,8 @@ void dhcpdiscover (packet, ms_nulltp)
dhcp_failover_state_t *peer;
#endif
@ -78,7 +78,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
find_lease (&lease, packet, packet -> shared_network,
0, &peer_has_leases, (struct lease *)0, MDL);
@@ -428,6 +430,8 @@ void dhcpdiscover (packet, ms_nulltp)
@@ -433,6 +437,8 @@ void dhcpdiscover (packet, ms_nulltp)
out:
if (lease)
lease_dereference (&lease, MDL);
@ -87,7 +87,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
void dhcprequest (packet, ms_nulltp, ip_lease)
@@ -450,6 +454,8 @@ void dhcprequest (packet, ms_nulltp, ip_
@@ -455,6 +461,8 @@ void dhcprequest (packet, ms_nulltp, ip_
#endif
int have_requested_addr = 0;
@ -96,7 +96,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS);
memset (&data, 0, sizeof data);
@@ -729,6 +735,9 @@ void dhcprequest (packet, ms_nulltp, ip_
@@ -734,6 +742,9 @@ void dhcprequest (packet, ms_nulltp, ip_
log_info ("%s: unknown lease %s.", msgbuf, piaddr (cip));
out:
@ -106,7 +106,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
if (subnet)
subnet_dereference (&subnet, MDL);
if (lease)
@@ -747,6 +756,7 @@ void dhcprelease (packet, ms_nulltp)
@@ -752,6 +763,7 @@ void dhcprelease (packet, ms_nulltp)
const char *s;
char msgbuf [1024], cstr[16]; /* XXX */
@ -114,7 +114,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
/* DHCPRELEASE must not specify address in requested-address
option, but old protocol specs weren't explicit about this,
@@ -867,6 +877,8 @@ void dhcprelease (packet, ms_nulltp)
@@ -872,6 +884,8 @@ void dhcprelease (packet, ms_nulltp)
#endif
if (lease)
lease_dereference (&lease, MDL);
@ -123,7 +123,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
void dhcpdecline (packet, ms_nulltp)
@@ -884,6 +896,8 @@ void dhcpdecline (packet, ms_nulltp)
@@ -889,6 +903,8 @@ void dhcpdecline (packet, ms_nulltp)
struct option_cache *oc;
struct data_string data;
@ -132,7 +132,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
/* DHCPDECLINE must specify address. */
if (!(oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS)))
@@ -990,6 +1004,8 @@ void dhcpdecline (packet, ms_nulltp)
@@ -995,6 +1011,8 @@ void dhcpdecline (packet, ms_nulltp)
option_state_dereference (&options, MDL);
if (lease)
lease_dereference (&lease, MDL);
@ -141,7 +141,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
void dhcpinform (packet, ms_nulltp)
@@ -1017,6 +1033,8 @@ void dhcpinform (packet, ms_nulltp)
@@ -1022,6 +1040,8 @@ void dhcpinform (packet, ms_nulltp)
int h_w_fixed_addr = 0;
#endif
@ -150,7 +150,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
/* The client should set ciaddr to its IP address, but apparently
it's common for clients not to do this, so we'll use their IP
source address if they didn't set ciaddr. */
@@ -1587,6 +1605,8 @@ void dhcpinform (packet, ms_nulltp)
@@ -1592,6 +1612,8 @@ void dhcpinform (packet, ms_nulltp)
if (subnet)
subnet_dereference (&subnet, MDL);
@ -159,7 +159,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
/*!
@@ -1617,6 +1637,8 @@ void nak_lease (packet, cip, network_gro
@@ -1622,6 +1644,8 @@ void nak_lease (packet, cip, network_gro
struct option_cache *oc = (struct option_cache *)0;
struct option_state *eval_options = NULL;
@ -168,7 +168,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
option_state_allocate (&options, MDL);
memset (&outgoing, 0, sizeof outgoing);
memset (&raw, 0, sizeof raw);
@@ -1792,7 +1814,8 @@ void nak_lease (packet, cip, network_gro
@@ -1795,7 +1819,8 @@ void nak_lease (packet, cip, network_gro
"interface.", MDL, outgoing.packet_length,
packet->interface->name);
}
@ -178,7 +178,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
/*!
@@ -1997,6 +2020,8 @@ void ack_lease (packet, lease, offer, wh
@@ -2000,6 +2025,8 @@ void ack_lease (packet, lease, offer, wh
if (lease -> state)
return;
@ -187,16 +187,15 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
/* Save original cltt for comparison later. */
lease_cltt = lease->cltt;
@@ -3389,6 +3414,8 @@ void ack_lease (packet, lease, offer, wh
@@ -3392,6 +3419,7 @@ void ack_lease (packet, lease, offer, wh
#endif
dhcp_reply(lease);
}
+
+ TRACE(DHCPD_ACK_LEASE_DONE());
}
/*
@@ -3541,6 +3568,8 @@ void dhcp_reply (lease)
#if defined(DELAYED_ACK)
@@ -3570,6 +3598,8 @@ void dhcp_reply (lease)
if (!state)
log_fatal ("dhcp_reply was supplied lease with no state!");
@ -205,7 +204,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
/* Compose a response for the client... */
memset (&raw, 0, sizeof raw);
memset (&d1, 0, sizeof d1);
@@ -3762,6 +3791,8 @@ void dhcp_reply (lease)
@@ -3791,6 +3821,8 @@ void dhcp_reply (lease)
free_lease_state (state, MDL);
lease -> state = (struct lease_state *)0;
@ -214,7 +213,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
}
int find_lease (struct lease **lp,
@@ -3784,6 +3815,8 @@ int find_lease (struct lease **lp,
@@ -3813,6 +3845,8 @@ int find_lease (struct lease **lp,
struct data_string client_identifier;
struct hardware h;
@ -223,7 +222,7 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
#if defined(FAILOVER_PROTOCOL)
/* Quick check to see if the peer has leases. */
if (peer_has_leases) {
@@ -4506,6 +4539,9 @@ int find_lease (struct lease **lp,
@@ -4535,6 +4569,9 @@ int find_lease (struct lease **lp,
#if defined (DEBUG_FIND_LEASE)
log_info ("Not returning a lease.");
#endif
@ -233,10 +232,10 @@ diff -up dhcp-4.3.2/server/dhcp.c.systemtap dhcp-4.3.2/server/dhcp.c
return 0;
}
diff -up dhcp-4.3.2/server/dhcpd.c.systemtap dhcp-4.3.2/server/dhcpd.c
--- dhcp-4.3.2/server/dhcpd.c.systemtap 2015-03-05 19:06:12.910502462 +0100
+++ dhcp-4.3.2/server/dhcpd.c 2015-03-05 19:06:12.933502132 +0100
@@ -52,6 +52,8 @@ static const char url [] =
diff -up dhcp-4.3.3b1/server/dhcpd.c.systemtap dhcp-4.3.3b1/server/dhcpd.c
--- dhcp-4.3.3b1/server/dhcpd.c.systemtap 2015-08-10 11:46:08.863892345 +0200
+++ dhcp-4.3.3b1/server/dhcpd.c 2015-08-10 11:46:08.915892149 +0200
@@ -56,6 +56,8 @@ uid_t set_uid = 0;
gid_t set_gid = 0;
#endif /* PARANOIA */
@ -245,7 +244,7 @@ diff -up dhcp-4.3.2/server/dhcpd.c.systemtap dhcp-4.3.2/server/dhcpd.c
#ifndef UNIT_TEST
static void usage(void);
#endif
@@ -812,6 +814,8 @@ main(int argc, char **argv) {
@@ -816,6 +818,8 @@ main(int argc, char **argv) {
/* Log that we are about to start working */
log_info("Server starting service.");
@ -254,9 +253,9 @@ diff -up dhcp-4.3.2/server/dhcpd.c.systemtap dhcp-4.3.2/server/dhcpd.c
/*
* Receive packets and dispatch them...
* dispatch() will never return.
diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
--- dhcp-4.3.2/server/dhcpv6.c.systemtap 2015-03-05 19:06:12.904502548 +0100
+++ dhcp-4.3.2/server/dhcpv6.c 2015-03-05 19:06:12.934502118 +0100
diff -up dhcp-4.3.3b1/server/dhcpv6.c.systemtap dhcp-4.3.3b1/server/dhcpv6.c
--- dhcp-4.3.3b1/server/dhcpv6.c.systemtap 2015-08-10 11:46:08.896892221 +0200
+++ dhcp-4.3.3b1/server/dhcpv6.c 2015-08-10 11:51:44.835621025 +0200
@@ -17,6 +17,7 @@
/*! \file server/dhcpv6.c */
@ -265,7 +264,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
#ifdef DHCPv6
@@ -4999,6 +5000,8 @@ static void
@@ -4972,6 +4973,8 @@ static void
dhcpv6_solicit(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
@ -274,7 +273,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate our input.
*/
@@ -5012,6 +5015,8 @@ dhcpv6_solicit(struct data_string *reply
@@ -4985,6 +4988,8 @@ dhcpv6_solicit(struct data_string *reply
* Clean up.
*/
data_string_forget(&client_id, MDL);
@ -283,7 +282,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/*
@@ -5025,6 +5030,8 @@ dhcpv6_request(struct data_string *reply
@@ -4998,6 +5003,8 @@ dhcpv6_request(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
@ -292,7 +291,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate our input.
*/
@@ -5042,6 +5049,8 @@ dhcpv6_request(struct data_string *reply
@@ -5022,6 +5029,8 @@ dhcpv6_request(struct data_string *reply
*/
data_string_forget(&client_id, MDL);
data_string_forget(&server_id, MDL);
@ -301,7 +300,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/* Find a DHCPv6 packet's shared network from hints in the packet.
@@ -5154,6 +5163,8 @@ dhcpv6_confirm(struct data_string *reply
@@ -5134,6 +5143,8 @@ dhcpv6_confirm(struct data_string *reply
struct dhcpv6_packet *reply = (struct dhcpv6_packet *)reply_data;
int reply_ofs = (int)(offsetof(struct dhcpv6_packet, options));
@ -310,7 +309,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Basic client message validation.
*/
@@ -5340,6 +5351,8 @@ exit:
@@ -5320,6 +5331,8 @@ exit:
option_state_dereference(&cli_enc_opt_state, MDL);
if (opt_state != NULL)
option_state_dereference(&opt_state, MDL);
@ -319,7 +318,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/*
@@ -5354,6 +5367,8 @@ dhcpv6_renew(struct data_string *reply,
@@ -5334,6 +5347,8 @@ dhcpv6_renew(struct data_string *reply,
struct data_string client_id;
struct data_string server_id;
@ -328,7 +327,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate the request.
*/
@@ -5371,6 +5386,8 @@ dhcpv6_renew(struct data_string *reply,
@@ -5358,6 +5373,8 @@ dhcpv6_renew(struct data_string *reply,
*/
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
@ -337,7 +336,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/*
@@ -5384,6 +5401,8 @@ static void
@@ -5371,6 +5388,8 @@ static void
dhcpv6_rebind(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
@ -346,7 +345,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
if (!valid_client_msg(packet, &client_id)) {
return;
}
@@ -5391,6 +5410,8 @@ dhcpv6_rebind(struct data_string *reply,
@@ -5378,6 +5397,8 @@ dhcpv6_rebind(struct data_string *reply,
lease_to_client(reply, packet, &client_id, NULL);
data_string_forget(&client_id, MDL);
@ -355,7 +354,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
static void
@@ -5835,6 +5856,8 @@ dhcpv6_decline(struct data_string *reply
@@ -5779,6 +5800,8 @@ dhcpv6_decline(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
@ -364,7 +363,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate our input.
*/
@@ -5855,6 +5878,8 @@ dhcpv6_decline(struct data_string *reply
@@ -5808,6 +5831,8 @@ dhcpv6_decline(struct data_string *reply
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
@ -373,7 +372,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
static void
@@ -6303,6 +6328,8 @@ dhcpv6_release(struct data_string *reply
@@ -6256,6 +6281,8 @@ dhcpv6_release(struct data_string *reply
struct data_string client_id;
struct data_string server_id;
@ -382,7 +381,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate our input.
*/
@@ -6324,6 +6351,8 @@ dhcpv6_release(struct data_string *reply
@@ -6286,6 +6313,8 @@ dhcpv6_release(struct data_string *reply
data_string_forget(&server_id, MDL);
data_string_forget(&client_id, MDL);
@ -391,7 +390,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/*
@@ -6336,6 +6365,8 @@ dhcpv6_information_request(struct data_s
@@ -6298,6 +6327,8 @@ dhcpv6_information_request(struct data_s
struct data_string client_id;
struct data_string server_id;
@ -400,7 +399,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Validate our input.
*/
@@ -6367,6 +6398,8 @@ dhcpv6_information_request(struct data_s
@@ -6329,6 +6360,8 @@ dhcpv6_information_request(struct data_s
data_string_forget(&client_id, MDL);
}
data_string_forget(&server_id, MDL);
@ -409,7 +408,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
/*
@@ -6395,6 +6428,8 @@ dhcpv6_relay_forw(struct data_string *re
@@ -6357,6 +6390,8 @@ dhcpv6_relay_forw(struct data_string *re
struct dhcpv6_relay_packet *reply;
int reply_ofs;
@ -418,7 +417,7 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
/*
* Initialize variables for early exit.
*/
@@ -6654,6 +6689,8 @@ exit:
@@ -6616,6 +6651,8 @@ exit:
if (enc_packet != NULL) {
packet_dereference(&enc_packet, MDL);
}
@ -427,9 +426,9 @@ diff -up dhcp-4.3.2/server/dhcpv6.c.systemtap dhcp-4.3.2/server/dhcpv6.c
}
static void
diff -up dhcp-4.3.2/server/failover.c.systemtap dhcp-4.3.2/server/failover.c
--- dhcp-4.3.2/server/failover.c.systemtap 2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.2/server/failover.c 2015-03-05 19:06:12.936502089 +0100
diff -up dhcp-4.3.3b1/server/failover.c.systemtap dhcp-4.3.3b1/server/failover.c
--- dhcp-4.3.3b1/server/failover.c.systemtap 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/failover.c 2015-08-10 11:46:08.919892134 +0200
@@ -30,6 +30,8 @@
#include "dhcpd.h"
#include <omapip/omapip_p.h>
@ -448,7 +447,7 @@ diff -up dhcp-4.3.2/server/failover.c.systemtap dhcp-4.3.2/server/failover.c
/* If we're in certain states where we're sending updates, and the peer
* state changes, we need to re-schedule any pending updates just to
* be on the safe side. This results in retransmission.
@@ -1972,6 +1976,8 @@ isc_result_t dhcp_failover_set_state (dh
@@ -1986,6 +1990,8 @@ isc_result_t dhcp_failover_set_state (dh
break;
}
@ -457,7 +456,7 @@ diff -up dhcp-4.3.2/server/failover.c.systemtap dhcp-4.3.2/server/failover.c
return ISC_R_SUCCESS;
}
@@ -2484,6 +2490,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
@@ -2499,6 +2505,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
if (state -> me.state != normal)
return 0;
@ -466,7 +465,7 @@ diff -up dhcp-4.3.2/server/failover.c.systemtap dhcp-4.3.2/server/failover.c
state->last_balance = cur_time;
for (s = shared_networks ; s ; s = s->next) {
@@ -2644,6 +2652,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
@@ -2660,6 +2668,8 @@ dhcp_failover_pool_dobalance(dhcp_failov
if (leases_queued)
commit_leases();
@ -475,19 +474,20 @@ diff -up dhcp-4.3.2/server/failover.c.systemtap dhcp-4.3.2/server/failover.c
return leases_queued;
}
diff -up dhcp-4.3.2/server/Makefile.am.systemtap dhcp-4.3.2/server/Makefile.am
--- dhcp-4.3.2/server/Makefile.am.systemtap 2015-03-05 19:06:12.805503966 +0100
+++ dhcp-4.3.2/server/Makefile.am 2015-03-05 19:06:12.936502089 +0100
@@ -10,7 +10,7 @@ dist_sysconf_DATA = dhcpd.conf.example
diff -up dhcp-4.3.3b1/server/Makefile.am.systemtap dhcp-4.3.3b1/server/Makefile.am
--- dhcp-4.3.3b1/server/Makefile.am.systemtap 2015-08-10 11:46:08.831892467 +0200
+++ dhcp-4.3.3b1/server/Makefile.am 2015-08-10 11:52:34.278433933 +0200
@@ -10,7 +10,8 @@ dist_sysconf_DATA = dhcpd.conf.example
sbin_PROGRAMS = dhcpd
dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c \
- dhcpv6.c mdb6.c ldap.c ldap_casa.c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c probes.d trace.h
- dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
+ dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c \
+ probes.d trace.h
dhcpd_CFLAGS = $(LDAP_CFLAGS)
dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
@@ -18,3 +18,13 @@ dhcpd_LDADD = ../common/libdhcp.a ../oma
@@ -20,3 +21,13 @@ dhcpd_LDADD = ../common/libdhcp.a ../oma
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
@ -501,9 +501,9 @@ diff -up dhcp-4.3.2/server/Makefile.am.systemtap dhcp-4.3.2/server/Makefile.am
+
+dhcpd_LDADD += probes.o
+endif
diff -up dhcp-4.3.2/server/probes.d.systemtap dhcp-4.3.2/server/probes.d
--- dhcp-4.3.2/server/probes.d.systemtap 2015-03-05 19:06:12.936502089 +0100
+++ dhcp-4.3.2/server/probes.d 2015-03-05 19:06:12.936502089 +0100
diff -up dhcp-4.3.3b1/server/probes.d.systemtap dhcp-4.3.3b1/server/probes.d
--- dhcp-4.3.3b1/server/probes.d.systemtap 2015-08-10 11:46:08.920892130 +0200
+++ dhcp-4.3.3b1/server/probes.d 2015-08-10 11:46:08.920892130 +0200
@@ -0,0 +1,43 @@
+provider dhcpd {
+ probe main();
@ -548,9 +548,9 @@ diff -up dhcp-4.3.2/server/probes.d.systemtap dhcp-4.3.2/server/probes.d
+ probe failover_set_state_start(int, int);
+ probe failover_set_state_done();
+};
diff -up dhcp-4.3.2/server/tests/Makefile.am.systemtap dhcp-4.3.2/server/tests/Makefile.am
--- dhcp-4.3.2/server/tests/Makefile.am.systemtap 2015-03-05 19:06:12.936502089 +0100
+++ dhcp-4.3.2/server/tests/Makefile.am 2015-03-05 19:07:12.581647768 +0100
diff -up dhcp-4.3.3b1/server/tests/Makefile.am.systemtap dhcp-4.3.3b1/server/tests/Makefile.am
--- dhcp-4.3.3b1/server/tests/Makefile.am.systemtap 2015-08-10 11:46:08.831892467 +0200
+++ dhcp-4.3.3b1/server/tests/Makefile.am 2015-08-10 11:46:08.920892130 +0200
@@ -21,6 +21,10 @@ DHCPLIBS = $(top_builddir)/common/libdhc
$(top_builddir)/dhcpctl/libdhcpctl.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
@ -562,9 +562,9 @@ diff -up dhcp-4.3.2/server/tests/Makefile.am.systemtap dhcp-4.3.2/server/tests/M
ATF_TESTS =
if HAVE_ATF
diff -up dhcp-4.3.2/server/trace.h.systemtap dhcp-4.3.2/server/trace.h
--- dhcp-4.3.2/server/trace.h.systemtap 2015-03-05 19:06:12.937502075 +0100
+++ dhcp-4.3.2/server/trace.h 2015-03-05 19:06:12.937502075 +0100
diff -up dhcp-4.3.3b1/server/trace.h.systemtap dhcp-4.3.3b1/server/trace.h
--- dhcp-4.3.3b1/server/trace.h.systemtap 2015-08-10 11:46:08.921892126 +0200
+++ dhcp-4.3.3b1/server/trace.h 2015-08-10 11:46:08.921892126 +0200
@@ -0,0 +1,11 @@
+// trace.h
+
@ -577,9 +577,9 @@ diff -up dhcp-4.3.2/server/trace.h.systemtap dhcp-4.3.2/server/trace.h
+// Wrap the probe to allow it to be removed when no systemtap available
+#define TRACE(probe)
+#endif
diff -up dhcp-4.3.2/tapset/dhcpd.stp.systemtap dhcp-4.3.2/tapset/dhcpd.stp
--- dhcp-4.3.2/tapset/dhcpd.stp.systemtap 2015-03-05 19:06:12.937502075 +0100
+++ dhcp-4.3.2/tapset/dhcpd.stp 2015-03-05 19:06:12.937502075 +0100
diff -up dhcp-4.3.3b1/tapset/dhcpd.stp.systemtap dhcp-4.3.3b1/tapset/dhcpd.stp
--- dhcp-4.3.3b1/tapset/dhcpd.stp.systemtap 2015-08-10 11:46:08.921892126 +0200
+++ dhcp-4.3.3b1/tapset/dhcpd.stp 2015-08-10 11:46:08.921892126 +0200
@@ -0,0 +1,212 @@
+/* dhcpd tapset
+ Copyright (C) 2011, Red Hat Inc.
@ -793,9 +793,9 @@ diff -up dhcp-4.3.2/tapset/dhcpd.stp.systemtap dhcp-4.3.2/tapset/dhcpd.stp
+{
+ probestr = sprintf("%s", $$name);
+}
diff -up dhcp-4.3.2/tapset/Makefile.am.systemtap dhcp-4.3.2/tapset/Makefile.am
--- dhcp-4.3.2/tapset/Makefile.am.systemtap 2015-03-05 19:06:12.937502075 +0100
+++ dhcp-4.3.2/tapset/Makefile.am 2015-03-05 19:06:12.937502075 +0100
diff -up dhcp-4.3.3b1/tapset/Makefile.am.systemtap dhcp-4.3.3b1/tapset/Makefile.am
--- dhcp-4.3.3b1/tapset/Makefile.am.systemtap 2015-08-10 11:46:08.921892126 +0200
+++ dhcp-4.3.3b1/tapset/Makefile.am 2015-08-10 11:46:08.921892126 +0200
@@ -0,0 +1,26 @@
+# Makefile.am for dhcp/tapset
+# Jiri Popelka

View File

@ -9,16 +9,16 @@
#%%global patchver P2
#%%global prever b1
%global prever b1
#%%global VERSION %{version}-%{patchver}
#%%global VERSION %{version}%{prever}
%global VERSION %{version}
#%%global VERSION %{version}
%global VERSION %{version}%{prever}
Summary: Dynamic host configuration protocol software
Name: dhcp
Version: 4.3.2
Release: 12%{?dist}
Version: 4.3.3
Release: 0.1%{prever}%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was.
@ -37,7 +37,7 @@ Source7: dhcpd6.service
Source8: dhcrelay.service
Patch0: dhcp-remove-bind.patch
Patch1: dhcp-remove-dst.patch
Patch2: dhcp-sharedlib.patch
Patch3: dhcp-errwarn-message.patch
Patch4: dhcp-dhclient-options.patch
@ -53,12 +53,12 @@ Patch13: dhcp-garbage-chars.patch
Patch14: dhcp-add_timeout_when_NULL.patch
Patch15: dhcp-64_bit_lease_parse.patch
Patch16: dhcp-capability.patch
Patch17: dhcp-UseMulticast.patch
Patch18: dhcp-sendDecline.patch
Patch19: dhcp-rfc3442-classless-static-routes.patch
Patch20: dhcp-honor-expired.patch
Patch21: dhcp-PPP.patch
Patch22: dhcp-paranoia.patch
Patch23: dhcp-lpf-ib.patch
Patch24: dhcp-IPoIB-log-id.patch
Patch25: dhcp-improved-xid.patch
@ -67,11 +67,11 @@ Patch27: dhcp-duidv4.patch
Patch28: dhcp-systemtap.patch
Patch29: dhcp-getifaddrs.patch
Patch30: dhcp-omapi-leak.patch
Patch31: dhcp-failOverPeer.patch
Patch32: dhcp-interval.patch
Patch33: dhcp-no-subnet-error2info.patch
Patch34: dhcp-sd_notify.patch
Patch35: dhcp-ldapgssapi.patch
Patch36: dhcp-option97-pxe-client-id.patch
Patch37: dhcp-stateless-DUID-LLT.patch
Patch38: dhcp-client-request-release-bind-iface.patch
@ -212,17 +212,9 @@ This package contains doxygen-generated documentation.
# Remove bundled BIND source
rm bind/bind.tar.gz
# Remove libdst
rm -rf dst/
rm -rf includes/isc-dhcp
# Fire away bundled BIND source.
%patch0 -p1 -b .remove-bind %{?_rawbuild}
# Fire away libdst
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #30692])
%patch1 -p1 -b .remove-dst %{?_rawbuild}
#Build dhcp's libraries as shared libs instead of static libs.
%patch2 -p1 -b .sharedlib
@ -277,12 +269,6 @@ rm -rf includes/isc-dhcp
# dhclient (#517649, #546765), dhcpd/dhcrelay (#699713)
%patch16 -p1 -b .capability
# Discard unicast Request/Renew/Release/Decline message
# (unless we set unicast option) and respond with Reply
# with UseMulticast Status Code option (#573090)
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #21235])
%patch17 -p1 -b .UseMulticast
# If any of the bound addresses are found to be in use on the link,
# the dhcpv6 client sends a Decline message to the server
# as described in section 18.1.7 of RFC-3315 (#559147)
@ -301,10 +287,6 @@ rm -rf includes/isc-dhcp
# DHCPv6 over PPP support (#626514)
%patch21 -p1 -b .PPP
# dhcpd: BEFORE changing of the effective user/group ID:
# - chown leases file (#866714)
%patch22 -p1 -b .paranoia
# IPoIB support (#660681)
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #24249])
%patch23 -p1 -b .lpf-ib
@ -327,10 +309,6 @@ rm -rf includes/isc-dhcp
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #33990])
%patch30 -p1 -b .leak
# Dhcpd does not correctly follow DhcpFailOverPeerDN (#838400)
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #30402])
%patch31 -p1 -b .failOverPeer
# isc_time_nowplusinterval() is not safe with 64-bit time_t (#662254, #789601)
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #28038])
%patch32 -p1 -b .interval
@ -341,9 +319,6 @@ rm -rf includes/isc-dhcp
# support for sending startup notification to systemd (#1077666)
%patch34 -p1 -b .sd_notify
# GSSAPI support for ldap authentication (#1150542)
%patch35 -p1 -b .ldapgssapi
# option 97 - pxe-client-id (#1058674)
# (Submitted to dhcp-bugs@isc.org - [ISC-Bugs #38110])
%patch36 -p1 -b .option97
@ -515,6 +490,8 @@ install -D -p -m 0644 contrib/ldap/dhcp.schema %{buildroot}%{_sysconfdir}/openld
# Don't package libtool *.la files
find %{buildroot} -type f -name "*.la" -delete -print
rm %{buildroot}%{_includedir}/isc-dhcp/dst.h
%pre server
# /usr/share/doc/setup/uidgid
%global gid_uid 177
@ -675,6 +652,9 @@ done
%doc doc/html/
%changelog
* Mon Aug 10 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.3-0.1b1
- 4.3.3b1
* Wed Jul 15 2015 Jiri Popelka <jpopelka@redhat.com> - 12:4.3.2-12
- fix ipcalc requires

View File

@ -1 +1 @@
5a284875dd2c12ddd388416d69156a67 dhcp-4.3.2.tar.gz
a4c239bcf752b9b32f92d13f1b7cfa6a dhcp-4.3.3b1.tar.gz