opensourcemirror
/
ipfire-3.x
mirror of git://git.ipfire.org/ipfire-3.x.git
1
0
Fork 0
Code Issues Releases Wiki Activity

dhcp: Update to 4.4.1 

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This commit is contained in:
Stefan Schantl 2019-06-22 12:18:07 +02:00
parent 3c91321ff7
commit 530cba5e04
46 changed files with 2457 additions and 3618 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
dhcp/dhcp.nm
View File

@ -4,7 +4,7 @@
###############################################################################
name = dhcp
version = 4.3.5b1
version = 4.4.1
release = 1
groups = Networking/Daemons
@ -37,6 +37,8 @@ build
CFLAGS += -fno-strict-aliasing
PARALLELISMFLAGS = # No parallel build.
configure_options += \
--sysconfdir=%{sysconfdir}/dhcp \
--with-srv-lease-file=/var/lib/dhcpd/dhcpd.leases \
@ -50,8 +52,6 @@ build
--with-relay-pid-file=/run/dhcrelay.pid \
--with-ldap \
--with-ldapcrypto \
--with-libbind=/usr/include/ \
--with-libbind-libs=/usr/lib/ \
--disable-static \
--enable-paranoia \
--enable-early-chroot \
@ -59,9 +59,6 @@ build
--with-systemd
prepare_cmds
# Remove bundled BIND source
rm -rvf %{DIR_APP}/bind/bind.tar.gz
# Regenerate build environment
autoreconf --verbose --force --install

33
dhcp/patches/0003-dhcp-errwarn-message.patch → dhcp/patches/0001-change-bug-url.patch
View File

@ -1,10 +1,21 @@
diff -up dhcp-4.3.5/omapip/errwarn.c.errwarn dhcp-4.3.5/omapip/errwarn.c
--- dhcp-4.3.5/omapip/errwarn.c.errwarn 2016-09-27 21:16:50.000000000 +0200
+++ dhcp-4.3.5/omapip/errwarn.c 2016-11-29 19:44:03.515031147 +0100
@@ -49,6 +49,41 @@ void (*log_cleanup) (void);
From 31ef6eadb15c3773b81256a8617eccc7657fd2fd Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:09:57 +0100
Subject: [PATCH 01/21] change bug url
Cc: pzhukov@redhat.com
---
omapip/errwarn.c | 47 ++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 42 insertions(+), 5 deletions(-)
diff --git a/omapip/errwarn.c b/omapip/errwarn.c
index e30f8a0..09a3004 100644
--- a/omapip/errwarn.c
+++ b/omapip/errwarn.c
@@ -48,6 +48,41 @@ void (*log_cleanup) (void);
static char mbuf [CVT_BUF_MAX + 1];
static char fbuf [CVT_BUF_MAX + 1];
+// get BUG_REPORT_URL from /etc/os-release
+char * bug_report_url(void) {
+ FILE * file = fopen("/etc/os-release", "r");
@ -41,17 +52,17 @@ diff -up dhcp-4.3.5/omapip/errwarn.c.errwarn dhcp-4.3.5/omapip/errwarn.c
+
+
/* Log an error message, then exit... */
void log_fatal (const char * fmt, ... )
@@ -75,11 +110,13 @@ void log_fatal (const char * fmt, ... )
@@ -74,11 +109,13 @@ void log_fatal (const char * fmt, ... )
}
log_error ("%s", "");
- log_error ("If you think you have received this message due to a bug rather");
- log_error ("than a configuration issue please read the section on submitting");
- log_error ("bugs on either our web page at www.isc.org or in the README file");
- log_error ("before submitting a bug. These pages explain the proper");
- log_error ("process and the information we find helpful for debugging..");
- log_error ("process and the information we find helpful for debugging.");
+ log_error ("This version of ISC DHCP is based on the release available");
+ log_error ("on ftp.isc.org. Features have been added and other changes");
+ log_error ("have been made to the base software release in order to make");
@ -61,4 +72,6 @@ diff -up dhcp-4.3.5/omapip/errwarn.c.errwarn dhcp-4.3.5/omapip/errwarn.c
+ log_error ("%s", bug_report_url());
log_error ("%s", "");
log_error ("exiting.");
--
2.14.5

261
dhcp/patches/0001-dhcp-remove-bind.patch
View File

@ -1,261 +0,0 @@
diff -up dhcp-4.3.5b1/client/Makefile.am.remove-bind dhcp-4.3.5b1/client/Makefile.am
--- dhcp-4.3.5b1/client/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/client/Makefile.am 2016-09-12 17:00:22.797902248 +0200
@@ -4,8 +4,6 @@
# production code. Sadly, we are not there yet.
SUBDIRS = . tests
-BINDLIBDIR = @BINDDIR@/lib
-
AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"'
@@ -15,7 +13,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.5b1/common/tests/Makefile.am.remove-bind dhcp-4.3.5b1/common/tests/Makefile.am
--- dhcp-4.3.5b1/common/tests/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/common/tests/Makefile.am 2016-09-12 17:07:42.168232452 +0200
@@ -1,7 +1,5 @@
SUBDIRS = .
-BINDLIBDIR = @BINDDIR@/lib
-
AM_CPPFLAGS = $(ATF_CFLAGS) -I$(top_srcdir)/includes
EXTRA_DIST = Atffile
@@ -15,26 +13,26 @@ ATF_TESTS += alloc_unittest dns_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
alloc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
dns_unittest_LDADD = $(ATF_LDFLAGS)
dns_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
misc_unittest_LDADD = $(ATF_LDFLAGS)
misc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
ns_name_unittest_SOURCES = ns_name_test.c $(top_srcdir)/tests/t_api_dhcp.c
ns_name_unittest_LDADD = $(ATF_LDFLAGS)
ns_name_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ ../../omapip/libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
check: $(ATF_TESTS)
@if test $(top_srcdir) != ${top_builddir}; then \
diff -up dhcp-4.3.5b1/configure.ac.remove-bind dhcp-4.3.5b1/configure.ac
--- dhcp-4.3.5b1/configure.ac.remove-bind 2016-08-26 20:24:41.000000000 +0200
+++ dhcp-4.3.5b1/configure.ac 2016-09-12 17:00:22.798902249 +0200
@@ -682,20 +682,33 @@ AC_CHECK_MEMBER(struct tpacket_auxdata.t
BINDDIR=
BINDSRCDIR=
AC_ARG_WITH(libbind,
- AS_HELP_STRING([--with-libbind=PATH],[bind includes and libraries are in PATH
- (default is ./bind)]),
+ AS_HELP_STRING([--with-libbind=PATH],[bind includes are in PATH
+ (default is ./bind/includes)]),
use_libbind="$withval", use_libbind="no")
case "$use_libbind" in
+yes|no)
+ libbind="\${top_srcdir}/bind/include"
+ ;;
+*)
+ libbind="$use_libbind"
+ ;;
+esac
+
+BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
+AC_ARG_WITH(libbind-libs,
+ AC_HELP_STRING([--with-libbind-libs=PATH],
+ [bind9 export libraries are in PATH]),
+ [libbind_libs="$withval"], [libbind_libs='no'])
+case "$libbind_libs" in
yes)
- BINDDIR="\${top_srcdir}/bind"
- BINDSRCDIR="\${top_srcdir}/bind"
+ AC_MSG_ERROR([Specify path to bind9 libraries])
;;
no)
- BINDDIR="\${top_srcdir}/bind"
- BINDSRCDIR="\${top_srcdir}/bind"
+ BUNDLED_BIND=yes
;;
*)
- BINDDIR="$use_libbind"
+ BIND9_LIBDIR="-L$libbind_libs"
+ BUNDLED_BIND=no
if test ! -d "$srcdir/bind"; then
# no bind directory, create it with a fake Makefile.in
# (AC_CONFIG_FILES and top Makefile refer to it so
@@ -709,8 +722,8 @@ EOF
fi
;;
esac
-AC_SUBST(BINDDIR)
-AC_SUBST(BINDSRCDIR)
+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
+AC_SUBST([BIND9_LIBDIR])
# OpenLDAP support.
AC_ARG_WITH(ldap,
@@ -788,7 +801,7 @@ fi
CFLAGS="$CFLAGS $STD_CWARNINGS"
# Try to add the bind and dhcp include directories
-CFLAGS="$CFLAGS -I\$(top_srcdir)/includes -I$BINDDIR/include"
+CFLAGS="$CFLAGS -I$libbind"
case "$host" in
*-darwin*)
diff -up dhcp-4.3.5b1/dhcpctl/Makefile.am.remove-bind dhcp-4.3.5b1/dhcpctl/Makefile.am
--- dhcp-4.3.5b1/dhcpctl/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/dhcpctl/Makefile.am 2016-09-12 17:00:22.798902249 +0200
@@ -1,5 +1,3 @@
-BINDLIBDIR = @BINDDIR@/lib
-
bin_PROGRAMS = omshell
lib_LIBRARIES = libdhcpctl.a
noinst_PROGRAMS = cltest
@@ -8,12 +6,10 @@ EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
cltest_SOURCES = cltest.c
cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.5b1/Makefile.am.remove-bind dhcp-4.3.5b1/Makefile.am
--- dhcp-4.3.5b1/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/Makefile.am 2016-09-12 17:00:22.798902249 +0200
@@ -26,7 +26,13 @@ EXTRA_DIST = RELNOTES LICENSE \
bind/Makefile.in bind/bind.tar.gz bind/version.tmp \
common/tests/Atffile server/tests/Atffile
-SUBDIRS = @BINDSRCDIR@ includes tests common omapip client dhcpctl relay server
+if BUNDLED_BIND
+SUBDIRS = bind
+else
+SUBDIRS =
+endif
+
+SUBDIRS += includes tests common omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
diff -up dhcp-4.3.5b1/omapip/Makefile.am.remove-bind dhcp-4.3.5b1/omapip/Makefile.am
--- dhcp-4.3.5b1/omapip/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/omapip/Makefile.am 2016-09-12 17:00:22.798902249 +0200
@@ -1,5 +1,3 @@
-BINDLIBDIR = @BINDDIR@/lib
-
lib_LIBRARIES = libomapi.a
noinst_PROGRAMS = svtest
@@ -12,6 +10,6 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
svtest_SOURCES = test.c
-svtest_LDADD = libomapi.a $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+svtest_LDADD = libomapi.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.5b1/relay/Makefile.am.remove-bind dhcp-4.3.5b1/relay/Makefile.am
--- dhcp-4.3.5b1/relay/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/relay/Makefile.am 2016-09-12 17:00:22.798902249 +0200
@@ -1,12 +1,9 @@
-BINDLIBDIR = @BINDDIR@/lib
-
AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"'
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.5b1/server/Makefile.am.remove-bind dhcp-4.3.5b1/server/Makefile.am
--- dhcp-4.3.5b1/server/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/Makefile.am 2016-09-12 17:00:22.798902249 +0200
@@ -4,8 +4,6 @@
# production code. Sadly, we are not there yet.
SUBDIRS = . tests
-BINDLIBDIR = @BINDDIR@/lib
-
AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"'
dist_sysconf_DATA = dhcpd.conf.example
@@ -15,10 +13,9 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../dhcpctl/libdhcpctl.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a \
- $(BINDLIBDIR)/libisc.a $(LDAP_LIBS)
+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export \
+ $(LDAP_LIBS)
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.5b1/server/tests/Makefile.am.remove-bind dhcp-4.3.5b1/server/tests/Makefile.am
--- dhcp-4.3.5b1/server/tests/Makefile.am.remove-bind 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/tests/Makefile.am 2016-09-12 17:00:22.799902249 +0200
@@ -1,9 +1,7 @@
SUBDIRS = .
-BINDLIBDIR = @BINDDIR@/lib
-
AM_CPPFLAGS = $(ATF_CFLAGS) -DUNIT_TEST -I$(top_srcdir)/includes
-AM_CPPFLAGS += -I@BINDDIR@/include -I$(top_srcdir)
+AM_CPPFLAGS += -I$(top_srcdir)
AM_CPPFLAGS += -DLOCALSTATEDIR='"."'
EXTRA_DIST = Atffile
@@ -20,9 +18,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ldap.c ../ldap_casa.c ../dhcpd.c ../leasechain.c
DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a $(BINDLIBDIR)/libirs.a \
- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a \
- $(BINDLIBDIR)/libisc.a
+ $(top_builddir)/dhcpctl/libdhcpctl.a \
+ $(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
ATF_TESTS =
if HAVE_ATF

342
dhcp/patches/0004-dhcp-dhclient-options.patch → dhcp/patches/0002-additional-dhclient-options.patch
View File

@ -1,41 +1,58 @@
diff -up dhcp-4.3.4/client/clparse.c.options dhcp-4.3.4/client/clparse.c
--- dhcp-4.3.4/client/clparse.c.options 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/client/clparse.c 2016-04-29 12:06:13.485470579 +0200
From 3a86bcb58a7c081df22b6f55e973d5e3c99065d8 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:19:47 +0100
Subject: [PATCH 02/21] additional dhclient options
Cc: pzhukov@redhat.com
---
client/clparse.c | 10 +-
client/dhclient.8 | 27 ++++++
client/dhclient.c | 271 +++++++++++++++++++++++++++++++++++++++++++++++++++-
common/conflex.c | 2 +
includes/dhcpd.h | 3 +
includes/dhctoken.h | 1 +
6 files changed, 308 insertions(+), 6 deletions(-)
diff --git a/client/clparse.c b/client/clparse.c
index eaf48a8..7212e3a 100644
--- a/client/clparse.c
+++ b/client/clparse.c
@@ -189,6 +189,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
+ top_level_config.bootp_broadcast_always = 0;
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
@@ -394,7 +395,8 @@ void read_client_leases ()
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
- KEY key-definition */
+ KEY key-definition |
+ BOOTP_BROADCAST_ALWAYS */
void parse_client_statement (cfile, ip, config)
struct parse *cfile;
@@ -817,6 +819,12 @@ void parse_client_statement (cfile, ip,
parse_lease_id_format(cfile);
break;
struct parse *cfile;
@@ -817,6 +819,12 @@ void parse_client_statement (cfile, ip, config)
parse_lease_id_format(cfile);
break;
+ case BOOTP_BROADCAST_ALWAYS:
+ token = next_token(&val, (unsigned*)0, cfile);
+ config -> bootp_broadcast_always = 1;
+ parse_semi (cfile);
+ return;
+
default:
lose = 0;
diff -up dhcp-4.3.4/client/dhclient.8.options dhcp-4.3.4/client/dhclient.8
--- dhcp-4.3.4/client/dhclient.8.options 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/client/dhclient.8 2016-04-29 11:59:50.446590077 +0200
@@ -134,6 +134,33 @@ dhclient - Dynamic Host Configuration Pr
default:
lose = 0;
diff --git a/client/dhclient.8 b/client/dhclient.8
index ebc750f..6d7fbdb 100644
--- a/client/dhclient.8
+++ b/client/dhclient.8
@@ -134,6 +134,33 @@ dhclient - Dynamic Host Configuration Protocol Client
.B -w
]
[
@ -66,86 +83,17 @@ diff -up dhcp-4.3.4/client/dhclient.8.options dhcp-4.3.4/client/dhclient.8
+.I timeout
+]
+[
.B -v
.B --dad-wait-time
.I seconds
]
[
@@ -289,6 +316,69 @@ not to exit when it doesn't find any suc
program can then be used to notify the client when a network interface
has been added or removed, so that the client can attempt to configure an IP
address on that interface.
+
+.TP
+.BI \-B
+Set the BOOTP broadcast flag in request packets so servers will always
+broadcast replies.
+
+.TP
+.BI \-C\ <dhcp-client-identifier>
+Specify the dhcp-client-identifier option to send to the DHCP server.
+
+.TP
+.BI \-H\ <host-name>
+Specify the host-name option to send to the DHCP server. The host-name
+string only contains the client's hostname prefix, to which the server will
+append the ddns-domainname or domain-name options, if any, to derive the
+fully qualified domain name of the client. The
+.B -H
+option cannot be used with the
+.B -F
+option.
+
+.TP
+.BI \-F\ <fqdn.fqdn>
+Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
+be used with the
+.B -H
+option. The fqdn.fqdn option must specify the complete domain name of the
+client host, which the server may use for dynamic DNS updates.
+
+.TP
+.BI \-V\ <vendor-class-identifier>
+Specify the vendor-class-identifier option to send to the DHCP server.
+
+.TP
+.BI \--request-options\ <option>[,<option>...]
+Specify the list of options the client is to request from the server. The
+option list must be a single string consisting of option names separated
+by at least one command and optional space characters. The default option
+list is:
+
+.BR
+ subnet-mask, broadcast-address, time-offset, routers,
+.BR
+ domain-search, domain-name, domain-name-servers, host-name,
+.BR
+ nis-domain, nis-servers, ntp-servers, interface-mtu
+
+.TP
+.B --request-options
+option does not append options to the default request, it overrides the
+default request list. Keep this in mind if you want to request an
+additional option besides the default request list. You will have to
+specify all option names for the
+.B --request-options
+parameter.
+
+.TP
+.BI \--timeout\ <timeout>
+Specify the time after which
+.B dhclient
+will decide that no DHCP servers can be contacted when no responses have been
+received.
+
.TP
.BI \-n
Do not configure any interfaces. This is most likely to be useful in
diff -up dhcp-4.3.4/client/dhclient.c.options dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.options 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:12:14.182364093 +0200
@@ -40,6 +40,12 @@
#include <isc/file.h>
#include <dns/result.h>
diff --git a/client/dhclient.c b/client/dhclient.c
index 825ab00..26a333c 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -41,6 +41,12 @@
#include <sys/wait.h>
#include <limits.h>
+/*
+ * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
+ * that when building ISC code.
@ -154,37 +102,39 @@ diff -up dhcp-4.3.4/client/dhclient.c.options dhcp-4.3.4/client/dhclient.c
+
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
@@ -100,6 +106,10 @@ char *mockup_relay = NULL;
@@ -110,6 +116,10 @@ char *mockup_relay = NULL;
char *progname = NULL;
+int bootp_broadcast_always = 0;
+
+extern struct option *default_requested_options[];
+
void run_stateless(int exit_mode, u_int16_t port);
static isc_result_t write_duid(struct data_string *duid);
@@ -177,7 +187,11 @@ usage(const char *sfmt, const char *sarg
" [-s server-addr] [-cf config-file]\n"
" [-df duid-file] [-lf lease-file]\n"
" [-pf pid-file] [--no-pid] [-e VAR=val]\n"
- " [-sf script-file] [interface]*",
+ " [-sf script-file] [interface]*\n"
+ " [-C <dhcp-client-identifier>] [-B]\n"
+ " [-H <host-name> | -F <fqdn.fqdn>] [--timeout <timeout>]\n"
+ " [-V <vendor-class-identifier>]\n"
+ " [--request-options <request option list>]",
isc_file_basename(progname));
}
@@ -214,6 +228,16 @@ main(int argc, char **argv) {
progname = argv[0];
@@ -183,8 +193,12 @@ static const char use_v6command[] = "Command not used for DHCPv4: %s";
" [-s server-addr] [-cf config-file]\n" \
" [-df duid-file] [-lf lease-file]\n" \
" [-pf pid-file] [--no-pid] [-e VAR=val]\n" \
-" [-sf script-file] [interface]*"
-
+" [-sf script-file] [interface]*\n" \
+" [-C <dhcp-client-identifier>] [-B]\n" \
+" [-H <host-name> | -F <fqdn.fqdn>] [--timeout <timeout>]\n" \
+" [-V <vendor-class-identifier>]\n" \
+" [--request-options <request option list>]"
+
#define DHCLIENT_USAGEH "{--version|--help|-h}"
static void
@@ -243,6 +257,16 @@ main(int argc, char **argv) {
#else
progname = argv[0];
#endif
+ char *dhcp_client_identifier_arg = NULL;
+ char *dhcp_host_name_arg = NULL;
+ char *dhcp_client_identifier_arg = NULL;
+ char *dhcp_host_name_arg = NULL;
+ char *dhcp_fqdn_arg = NULL;
+ char *dhcp_vendor_class_identifier_arg = NULL;
+ char *dhclient_request_options = NULL;
@ -193,13 +143,13 @@ diff -up dhcp-4.3.4/client/dhclient.c.options dhcp-4.3.4/client/dhclient.c
+ char *arg_conf = NULL;
+ int arg_conf_len = 0;
+
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -431,6 +455,88 @@ main(int argc, char **argv) {
strlen(PACKAGE_VERSION)));
IGNORE_RET(write(STDERR_FILENO, "\n", 1));
exit(0);
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -558,6 +582,89 @@ main(int argc, char **argv) {
std_dhcid = 1;
} else if (!strcmp(argv[i], "-v")) {
quiet = 0;
+ } else if (!strcmp(argv[i], "-C")) {
+ if ((++i == argc) || (argv[i] == NULL) || (*(argv[i])=='\0')) {
+ usage(use_noarg, argv[i-1]);
@ -282,13 +232,14 @@ diff -up dhcp-4.3.4/client/dhclient.c.options dhcp-4.3.4/client/dhclient.c
+ }
+
+ dhclient_request_options = argv[i];
} else if (argv[i][0] == '-') {
usage("Unknown command: %s", argv[i]);
} else if (interfaces_requested < 0) {
@@ -630,6 +736,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
+
} else if (argv[i][0] == '-') {
usage("Unknown command: %s", argv[i]);
} else if (interfaces_requested < 0) {
@@ -754,6 +861,156 @@ main(int argc, char **argv) {
/* Parse the dhclient.conf file. */
read_client_conf();
+ /* Parse any extra command line configuration arguments: */
+ if ((dhcp_client_identifier_arg != NULL) && (*dhcp_client_identifier_arg != '\0')) {
+ arg_conf_len = asprintf(&arg_conf, "send dhcp-client-identifier \"%s\";", dhcp_client_identifier_arg);
@ -439,75 +390,78 @@ diff -up dhcp-4.3.4/client/dhclient.c.options dhcp-4.3.4/client/dhclient.c
+ arg_conf_len = 0;
+ }
+
/* Parse the lease database. */
read_client_leases();
@@ -3067,7 +3323,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
/* Parse the lease database. */
read_client_leases();
@@ -3226,7 +3483,8 @@ void make_discover (client, lease)
client -> packet.xid = random ();
client -> packet.secs = 0; /* filled in by send_discover. */
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always || client->config->bootp_broadcast_always))
+ && can_receive_unicast_unconfigured(client->interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -3152,7 +3409,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -3311,7 +3569,9 @@ void make_request (client, lease)
} else {
memset (&client -> packet.ciaddr, 0,
sizeof client -> packet.ciaddr);
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always ||
+ client ->config->bootp_broadcast_always)) &&
+ can_receive_unicast_unconfigured (client -> interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -3215,7 +3474,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
@@ -3374,7 +3634,8 @@ void make_decline (client, lease)
client -> packet.hops = 0;
client -> packet.xid = client -> xid;
client -> packet.secs = 0; /* Filled in by send_request. */
- if (can_receive_unicast_unconfigured (client -> interface))
+ if ((!(bootp_broadcast_always || client->config-> bootp_broadcast_always))
+ && can_receive_unicast_unconfigured (client->interface))
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
diff -up dhcp-4.3.4/common/conflex.c.options dhcp-4.3.4/common/conflex.c
--- dhcp-4.3.4/common/conflex.c.options 2016-04-29 11:59:50.448590077 +0200
+++ dhcp-4.3.4/common/conflex.c 2016-04-29 12:13:23.637342420 +0200
@@ -832,6 +832,8 @@ intern(char *atom, enum dhcp_token dfv)
if (!strcasecmp(atom+1, "ig-endian")) {
return TOKEN_BIG_ENDIAN;
}
client -> packet.flags = 0;
else
client -> packet.flags = htons (BOOTP_BROADCAST);
diff --git a/common/conflex.c b/common/conflex.c
index 045b655..71c0bf5 100644
--- a/common/conflex.c
+++ b/common/conflex.c
@@ -832,6 +832,8 @@ intern(char *atom, enum dhcp_token dfv) {
if (!strcasecmp(atom+1, "ig-endian")) {
return TOKEN_BIG_ENDIAN;
}
+ if (!strcasecmp (atom + 1, "ootp-broadcast-always"))
+ return BOOTP_BROADCAST_ALWAYS;
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
diff -up dhcp-4.3.4/includes/dhcpd.h.options dhcp-4.3.4/includes/dhcpd.h
--- dhcp-4.3.4/includes/dhcpd.h.options 2016-04-29 11:59:50.448590077 +0200
+++ dhcp-4.3.4/includes/dhcpd.h 2016-04-29 12:14:05.361329401 +0200
@@ -1246,6 +1246,9 @@ struct client_config {
int lease_id_format; /* format for IDs in lease file,
TOKEN_OCTAL or TOKEN_HEX */
break;
case 'c':
if (!strcasecmp(atom + 1, "ase"))
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 5930e6a..018fa34 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -1269,6 +1269,9 @@ struct client_config {
int lease_id_format; /* format for IDs in lease file,
TOKEN_OCTAL or TOKEN_HEX */
+
+ int bootp_broadcast_always; /* If nonzero, always set the BOOTP_BROADCAST
+ flag in requests */
};
/* Per-interface state used in the dhcp client... */
diff -up dhcp-4.3.4/includes/dhctoken.h.options dhcp-4.3.4/includes/dhctoken.h
--- dhcp-4.3.4/includes/dhctoken.h.options 2016-04-29 11:59:50.449590076 +0200
+++ dhcp-4.3.4/includes/dhctoken.h 2016-04-29 12:15:03.073300846 +0200
@@ -373,7 +373,8 @@ enum dhcp_token {
TOKEN_BIG_ENDIAN = 675,
LEASE_ID_FORMAT = 676,
TOKEN_HEX = 677,
- TOKEN_OCTAL = 678
+ TOKEN_OCTAL = 678,
+ BOOTP_BROADCAST_ALWAYS = 679
diff --git a/includes/dhctoken.h b/includes/dhctoken.h
index 5920f4f..7e7215a 100644
--- a/includes/dhctoken.h
+++ b/includes/dhctoken.h
@@ -377,6 +377,7 @@ enum dhcp_token {
TOKEN_HEX = 677,
TOKEN_OCTAL = 678,
KEY_ALGORITHM = 679
+ BOOTP_BROADCAST_ALWAYS = 680
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
--
2.14.5

140
dhcp/patches/0002-dhcp-sharedlib.patch
View File

@ -1,140 +0,0 @@
diff -up dhcp-4.3.4/client/Makefile.am.sharedlib dhcp-4.3.4/client/Makefile.am
--- dhcp-4.3.4/client/Makefile.am.sharedlib 2016-04-29 11:48:30.389923087 +0200
+++ dhcp-4.3.4/client/Makefile.am 2016-04-29 11:48:30.393923084 +0200
@@ -13,7 +13,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.4/common/tests/Makefile.am.sharedlib dhcp-4.3.4/common/tests/Makefile.am
--- dhcp-4.3.4/common/tests/Makefile.am.sharedlib 2016-04-29 11:48:30.394923084 +0200
+++ dhcp-4.3.4/common/tests/Makefile.am 2016-04-29 11:54:16.890716651 +0200
@@ -13,25 +13,25 @@ ATF_TESTS += alloc_unittest dns_unittest
alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
alloc_unittest_LDADD = $(ATF_LDFLAGS)
alloc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a \
+ ../../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
dns_unittest_LDADD = $(ATF_LDFLAGS)
dns_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a \
+ ../../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
misc_unittest_LDADD = $(ATF_LDFLAGS)
misc_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a \
+ ../../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
ns_name_unittest_SOURCES = ns_name_test.c $(top_srcdir)/tests/t_api_dhcp.c
ns_name_unittest_LDADD = $(ATF_LDFLAGS)
ns_name_unittest_LDADD += ../libdhcp.a \
- ../../omapip/libomapi.a \
+ ../../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
check: $(ATF_TESTS)
diff -up dhcp-4.3.4/configure.ac.sharedlib dhcp-4.3.4/configure.ac
--- dhcp-4.3.4/configure.ac.sharedlib 2016-04-29 11:48:30.394923084 +0200
+++ dhcp-4.3.4/configure.ac 2016-04-29 11:55:22.729691668 +0200
@@ -47,7 +47,8 @@ AM_CONDITIONAL(CROSS_COMPILING, test "$c
# Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
AC_USE_SYSTEM_EXTENSIONS
-AC_PROG_RANLIB
+# Use libtool to simplify building of shared libraries
+AC_PROG_LIBTOOL
AC_PATH_PROG(AR, ar)
AC_SUBST(AR)
diff -up dhcp-4.3.4/dhcpctl/Makefile.am.sharedlib dhcp-4.3.4/dhcpctl/Makefile.am
--- dhcp-4.3.4/dhcpctl/Makefile.am.sharedlib 2016-04-29 11:48:30.394923084 +0200
+++ dhcp-4.3.4/dhcpctl/Makefile.am 2016-04-29 11:56:18.390670546 +0200
@@ -1,15 +1,15 @@
bin_PROGRAMS = omshell
-lib_LIBRARIES = libdhcpctl.a
+lib_LTLIBRARIES = libdhcpctl.la
noinst_PROGRAMS = cltest
man_MANS = omshell.1 dhcpctl.3
EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
-omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
-libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
cltest_SOURCES = cltest.c
-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.4/omapip/Makefile.am.sharedlib dhcp-4.3.4/omapip/Makefile.am
--- dhcp-4.3.4/omapip/Makefile.am.sharedlib 2016-04-29 11:48:30.392923085 +0200
+++ dhcp-4.3.4/omapip/Makefile.am 2016-04-29 11:57:33.709641969 +0200
@@ -1,7 +1,7 @@
-lib_LIBRARIES = libomapi.a
+lib_LTLIBRARIES = libomapi.la
noinst_PROGRAMS = svtest
-libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
errwarn.c listener.c dispatch.c generic.c support.c \
handle.c message.c convert.c hash.c auth.c inet_addr.c \
array.c trace.c toisc.c iscprint.c isclib.c
@@ -10,6 +10,6 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
svtest_SOURCES = test.c
-svtest_LDADD = libomapi.a \
+svtest_LDADD = libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
diff -up dhcp-4.3.4/relay/Makefile.am.sharedlib dhcp-4.3.4/relay/Makefile.am
--- dhcp-4.3.4/relay/Makefile.am.sharedlib 2016-04-29 11:48:30.392923085 +0200
+++ dhcp-4.3.4/relay/Makefile.am 2016-04-29 11:48:30.395923083 +0200
@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.4/server/Makefile.am.sharedlib dhcp-4.3.4/server/Makefile.am
--- dhcp-4.3.4/server/Makefile.am.sharedlib 2016-04-29 11:48:30.392923085 +0200
+++ dhcp-4.3.4/server/Makefile.am 2016-04-29 11:48:30.395923083 +0200
@@ -13,7 +13,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
dhcpd_CFLAGS = $(LDAP_CFLAGS)
-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dhcpctl/libdhcpctl.a \
+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dhcpctl/libdhcpctl.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export \
$(LDAP_LIBS)
diff -up dhcp-4.3.4/server/tests/Makefile.am.sharedlib dhcp-4.3.4/server/tests/Makefile.am
--- dhcp-4.3.4/server/tests/Makefile.am.sharedlib 2016-04-29 11:48:30.395923083 +0200
+++ dhcp-4.3.4/server/tests/Makefile.am 2016-04-29 11:59:13.414604130 +0200
@@ -17,8 +17,8 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
../ldap.c ../ldap_casa.c ../dhcpd.c ../leasechain.c
-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
- $(top_builddir)/dhcpctl/libdhcpctl.a \
+DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
+ $(top_builddir)/dhcpctl/libdhcpctl.la \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
ATF_TESTS =

39
dhcp/patches/0005-dhcp-release-by-ifup.patch → dhcp/patches/0003-Handle-releasing-interfaces-requested-by-sbin-ifup.patch
View File

@ -1,10 +1,21 @@
diff -up dhcp-4.3.0a1/client/dhclient.c.ifup dhcp-4.3.0a1/client/dhclient.c
--- dhcp-4.3.0a1/client/dhclient.c.ifup 2013-12-19 14:53:08.817760677 +0100
+++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:05:16.290518574 +0100
@@ -521,9 +521,81 @@ main(int argc, char **argv) {
}
}
fclose(pidfd);
From 692fd8b16ef6f12a57596351e930c65c68597bac Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:21:14 +0100
Subject: [PATCH 03/21] Handle releasing interfaces requested by /sbin/ifup
Cc: pzhukov@redhat.com
---
client/dhclient.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 72 insertions(+)
diff --git a/client/dhclient.c b/client/dhclient.c
index 26a333c..2a2e9e6 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -787,9 +787,81 @@ main(int argc, char **argv) {
}
}
fclose(pidfd);
+ } else {
+ /* handle release for interfaces requested with Red Hat
+ * /sbin/ifup - pidfile will be /var/run/dhclient-$interface.pid
@ -75,11 +86,13 @@ diff -up dhcp-4.3.0a1/client/dhclient.c.ifup dhcp-4.3.0a1/client/dhclient.c
+ if (dhc_running) {
+ log_fatal("dhclient(%u) is already running - exiting. ", dhcpid);
+ return(1);
}
}
}
}
+ write_client_pid_file();
+
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
--
2.14.5

117
dhcp/patches/0004-Support-unicast-BOOTP-for-IBM-pSeries-systems-and-ma.patch Normal file
View File

@ -0,0 +1,117 @@
From 9dc17d6086bf140efda84ce434664b60ce2191a1 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:22:41 +0100
Subject: [PATCH 04/21] Support unicast BOOTP for IBM pSeries systems (and
maybe others)
Cc: pzhukov@redhat.com
---
server/bootp.c | 12 +++++++++++-
server/dhcp.c | 33 ++++++++++++++++++++++++++-------
2 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/server/bootp.c b/server/bootp.c
index 26a7607..2212f31 100644
--- a/server/bootp.c
+++ b/server/bootp.c
@@ -52,6 +52,7 @@ void bootp (packet)
char msgbuf [1024];
int ignorep;
int peer_has_leases = 0;
+ int norelay = 0;
if (packet -> raw -> op != BOOTREQUEST)
return;
@@ -67,7 +68,7 @@ void bootp (packet)
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
- if (!locate_network (packet)) {
+ if ((norelay = locate_network (packet)) == 0) {
log_info ("%s: network unknown", msgbuf);
return;
}
@@ -428,6 +429,15 @@ void bootp (packet)
goto out;
}
+ } else if (norelay == 2) {
+ to.sin_addr = raw.ciaddr;
+ to.sin_port = remote_port;
+ if (fallback_interface) {
+ result = send_packet (fallback_interface, NULL, &raw,
+ outgoing.packet_length, from,
+ &to, &hto);
+ goto out;
+ }
/* If it comes from a client that already knows its address
and is not requesting a broadcast response, and we can
diff --git a/server/dhcp.c b/server/dhcp.c
index 6f3a91f..20f2a62 100644
--- a/server/dhcp.c
+++ b/server/dhcp.c
@@ -5224,6 +5224,7 @@ int locate_network (packet)
struct data_string data;
struct subnet *subnet = (struct subnet *)0;
struct option_cache *oc;
+ int norelay = 0;
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6 && (packet->dhcp4o6_response != NULL)) {
@@ -5245,12 +5246,24 @@ int locate_network (packet)
from the interface, if there is one. If not, fail. */
if (!oc && !packet -> raw -> giaddr.s_addr) {
if (packet -> interface -> shared_network) {
- shared_network_reference
- (&packet -> shared_network,
- packet -> interface -> shared_network, MDL);
- return 1;
+ struct in_addr any_addr;
+ any_addr.s_addr = INADDR_ANY;
+
+ if (!packet -> packet_type && memcmp(&packet -> raw -> ciaddr, &any_addr, 4)) {
+ struct iaddr cip;
+ memcpy(cip.iabuf, &packet -> raw -> ciaddr, 4);
+ cip.len = 4;
+ if (!find_grouped_subnet(&subnet, packet->interface->shared_network, cip, MDL))
+ norelay = 2;
+ }
+
+ if (!norelay) {
+ shared_network_reference(&packet -> shared_network, packet -> interface -> shared_network, MDL);
+ return 1;
+ }
+ } else {
+ return 0;
}
- return 0;
}
/* If there's an option indicating link connection, and it's valid,
@@ -5277,7 +5290,10 @@ int locate_network (packet)
data_string_forget (&data, MDL);
} else {
ia.len = 4;
- memcpy (ia.iabuf, &packet -> raw -> giaddr, 4);
+ if (norelay)
+ memcpy (ia.iabuf, &packet->raw->ciaddr, 4);
+ else
+ memcpy (ia.iabuf, &packet->raw->giaddr, 4);
}
/* If we know the subnet on which the IP address lives, use it. */
@@ -5285,7 +5301,10 @@ int locate_network (packet)
shared_network_reference (&packet -> shared_network,
subnet -> shared_network, MDL);
subnet_dereference (&subnet, MDL);
- return 1;
+ if (norelay)
+ return norelay;
+ else
+ return 1;
}
/* Otherwise, fail. */
--
2.14.5

39
dhcp/patches/0008-dhcp-default-requested-options.patch → dhcp/patches/0005-Change-default-requested-options.patch
View File

@ -1,19 +1,32 @@
diff -up dhcp-4.3.4/client/clparse.c.requested dhcp-4.3.4/client/clparse.c
--- dhcp-4.3.4/client/clparse.c.requested 2016-04-29 12:18:50.157151352 +0200
+++ dhcp-4.3.4/client/clparse.c 2016-04-29 12:19:22.235137243 +0200
From ac21c8b966620cbe79be3508c024ae30f93d6266 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:24:24 +0100
Subject: [PATCH 05/21] Change default requested options
Cc: pzhukov@redhat.com
Add NIS domain, NIS servers, NTP servers, interface-mtu and domain-search
to the list of default requested DHCP options
---
client/clparse.c | 27 ++++++++++++++++++++++++++-
1 file changed, 26 insertions(+), 1 deletion(-)
diff --git a/client/clparse.c b/client/clparse.c
index 7212e3a..39b95a0 100644
--- a/client/clparse.c
+++ b/client/clparse.c
@@ -31,7 +31,7 @@
struct client_config top_level_config;
-#define NUM_DEFAULT_REQUESTED_OPTS 9
+#define NUM_DEFAULT_REQUESTED_OPTS 14
/* There can be 2 extra requested options for DHCPv4-over-DHCPv6. */
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 2 + 1];
@@ -116,6 +116,31 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
+ /* 10 */
+ code = DHO_NIS_DOMAIN;
+ option_code_hash_lookup(&default_requested_options[9],
@ -39,6 +52,8 @@ diff -up dhcp-4.3.4/client/clparse.c.requested dhcp-4.3.4/client/clparse.c
+ option_code_hash_lookup(&default_requested_options[13],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
--
2.14.5

119
dhcp/patches/0009-dhcp-manpages.patch → dhcp/patches/0006-Various-man-page-only-fixes.patch
View File

@ -1,38 +1,21 @@
diff -up dhcp-4.3.5b1/client/dhclient.conf.5.man dhcp-4.3.5b1/client/dhclient.conf.5
--- dhcp-4.3.5b1/client/dhclient.conf.5.man 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/client/dhclient.conf.5 2016-09-12 17:09:23.243313514 +0200
@@ -228,7 +228,8 @@ responding to the client send the client
options. Only the option names should be specified in the request
statement - not option parameters. By default, the DHCPv4 client
requests the subnet-mask, broadcast-address, time-offset, routers,
-domain-name, domain-name-servers and host-name options while the DHCPv6
+domain-search, domain-name, domain-name-servers, host-name, nis-domain,
+nis-servers, ntp-servers and interface-mtu options while the DHCPv6
client requests the dhcp6 name-servers and domain-search options. Note
that if you enter a \'request\' statement, you over-ride these defaults
and these options will not be requested.
@@ -736,6 +737,17 @@ know the DHCP service(s) anycast MAC add
client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
in a similar manner to the \fBhardware\fR statement.
.PP
+ \fBbootp-broadcast-always;\fR
+.PP
+The
+.B bootp-broadcast-always
+statement instructs dhclient to always set the bootp broadcast flag in
+request packets, so that servers will always broadcast replies.
+This is equivalent to supplying the dhclient -B argument, and has
+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
+This option is provided as an extension to enable dhclient to work
+on IBM s390 Linux guests.
+.PP
.SH SAMPLE
The following configuration file was used on a laptop running NetBSD
1.3, though the domains have been modified.
diff -up dhcp-4.3.5b1/client/dhclient-script.8.man dhcp-4.3.5b1/client/dhclient-script.8
--- dhcp-4.3.5b1/client/dhclient-script.8.man 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/client/dhclient-script.8 2016-09-12 17:08:09.516254385 +0200
@@ -45,7 +45,7 @@ customizations are needed, they should b
From dd3053e6f45ac1f149869b7ded3f539d6c046114 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:25:53 +0100
Subject: [PATCH 06/21] Various man-page-only fixes
Cc: pzhukov@redhat.com
---
client/dhclient-script.8 | 22 +++++++++++++++++++++-
client/dhclient.conf.5 | 14 +++++++++++++-
common/dhcp-options.5 | 15 +++++++++++++++
server/dhcpd.conf.5 | 14 +++++++++-----
4 files changed, 58 insertions(+), 7 deletions(-)
diff --git a/client/dhclient-script.8 b/client/dhclient-script.8
index 3553afd..0db5516 100644
--- a/client/dhclient-script.8
+++ b/client/dhclient-script.8
@@ -43,7 +43,7 @@ customizations are needed, they should be possible using the enter and
exit hooks provided (see HOOKS for details). These hooks will allow the
user to override the default behaviour of the client in creating a
.B /etc/resolv.conf
@ -41,7 +24,7 @@ diff -up dhcp-4.3.5b1/client/dhclient-script.8.man dhcp-4.3.5b1/client/dhclient-
.PP
No standard client script exists for some operating systems, even though
the actual client may work, so a pioneering user may well need to create
@@ -89,6 +89,26 @@ present. The
@@ -87,6 +87,26 @@ present. The
.B ETCDIR/dhclient-exit-hooks
script can modify the valid of exit_status to change the exit status
of dhclient-script.
@ -68,10 +51,43 @@ diff -up dhcp-4.3.5b1/client/dhclient-script.8.man dhcp-4.3.5b1/client/dhclient-
.SH OPERATION
When dhclient needs to invoke the client configuration script, it
defines a set of variables in the environment, and then invokes
diff -up dhcp-4.3.5b1/common/dhcp-options.5.man dhcp-4.3.5b1/common/dhcp-options.5
--- dhcp-4.3.5b1/common/dhcp-options.5.man 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/common/dhcp-options.5 2016-09-12 17:08:09.517254386 +0200
@@ -1013,6 +1013,21 @@ classless IP routing - it does not inclu
diff --git a/client/dhclient.conf.5 b/client/dhclient.conf.5
index fa3b908..566a881 100644
--- a/client/dhclient.conf.5
+++ b/client/dhclient.conf.5
@@ -228,7 +228,8 @@ responding to the client send the client its values for the specified
options. Only the option names should be specified in the request
statement - not option parameters. By default, the DHCPv4 client
requests the subnet-mask, broadcast-address, time-offset, routers,
-domain-name, domain-name-servers and host-name options while the DHCPv6
+domain-search, domain-name, domain-name-servers, host-name, nis-domain,
+nis-servers, ntp-servers and interface-mtu options while the DHCPv6
client requests the dhcp6 name-servers and domain-search options. Note
that if you enter a \'request\' statement, you over-ride these defaults
and these options will not be requested.
@@ -735,6 +736,17 @@ broadcast packets transmitted by DHCP clients, but is only useful if you
know the DHCP service(s) anycast MAC address prior to configuring your
client. The \fIlink-type\fR and \fImac-address\fR parameters are configured
in a similar manner to the \fBhardware\fR statement.
+.PP
+ \fBbootp-broadcast-always;\fR
+.PP
+The
+.B bootp-broadcast-always
+statement instructs dhclient to always set the bootp broadcast flag in
+request packets, so that servers will always broadcast replies.
+This is equivalent to supplying the dhclient -B argument, and has
+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
+This option is provided as an extension to enable dhclient to work
+on IBM s390 Linux guests.
.PP
.SH SAMPLE
The following configuration file was used on a laptop running NetBSD
diff --git a/common/dhcp-options.5 b/common/dhcp-options.5
index 33d4804..d9e1197 100644
--- a/common/dhcp-options.5
+++ b/common/dhcp-options.5
@@ -1068,6 +1068,21 @@ classless IP routing - it does not include a subnet mask. Since
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
@ -93,10 +109,11 @@ diff -up dhcp-4.3.5b1/common/dhcp-options.5.man dhcp-4.3.5b1/common/dhcp-options
.RE
.PP
.nf
diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
--- dhcp-4.3.5b1/server/dhcpd.conf.5.man 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/dhcpd.conf.5 2016-09-12 17:10:11.205351980 +0200
@@ -528,6 +528,9 @@ pool {
diff --git a/server/dhcpd.conf.5 b/server/dhcpd.conf.5
index 17330d4..89b5540 100644
--- a/server/dhcpd.conf.5
+++ b/server/dhcpd.conf.5
@@ -527,6 +527,9 @@ pool {
};
.fi
.PP
@ -106,7 +123,7 @@ diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
@@ -542,9 +545,9 @@ primary server might look like this:
@@ -541,9 +544,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.example.com;
@ -118,7 +135,7 @@ diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
@@ -1246,7 +1249,7 @@ the zone containing PTR records - for IS
@@ -1323,7 +1326,7 @@ the zone containing PTR records - for ISC BIND, something like this:
.PP
.nf
key DHCP_UPDATER {
@ -126,8 +143,8 @@ diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -1269,7 +1272,7 @@ dhcpd.conf file:
@@ -1346,7 +1349,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
@ -135,8 +152,8 @@ diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -2742,7 +2745,8 @@ statement
@@ -2912,7 +2915,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
\fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
@ -146,3 +163,5 @@ diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.man dhcp-4.3.5b1/server/dhcpd.conf.5
.RE
.PP
The
--
2.14.5

63
dhcp/patches/0006-dhcp-dhclient-decline-backoff.patch
View File

@ -1,63 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.backoff dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.backoff 2016-04-29 12:16:26.976245611 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:16:26.979245609 +0200
@@ -1423,6 +1423,8 @@ void state_init (cpp)
void *cpp;
{
struct client_state *client = cpp;
+ enum dhcp_state init_state = client->state;
+ struct timeval tv;
ASSERT_STATE(state, S_INIT);
@@ -1435,9 +1437,18 @@ void state_init (cpp)
client -> first_sending = cur_time;
client -> interval = client -> config -> initial_interval;
- /* Add an immediate timeout to cause the first DHCPDISCOVER packet
- to go out. */
- send_discover (client);
+ if (init_state != S_DECLINED) {
+ /* Add an immediate timeout to cause the first DHCPDISCOVER packet
+ to go out. */
+ send_discover(client);
+ } else {
+ /* We've received an OFFER and it has been DECLINEd by dhclient-script.
+ * wait for a random time between 1 and backoff_cutoff seconds before
+ * trying again. */
+ tv . tv_sec = cur_time + ((1 + (random() >> 2)) % client->config->backoff_cutoff);
+ tv . tv_usec = 0;
+ add_timeout(&tv, send_discover, client, 0, 0);
+ }
}
/*
@@ -1734,6 +1745,7 @@ void bind_lease (client)
"try (declined). Exiting.");
exit(2);
} else {
+ client -> state = S_DECLINED;
state_init(client);
return;
}
@@ -4626,6 +4638,7 @@ void client_location_changed ()
case S_INIT:
case S_REBINDING:
case S_STOPPED:
+ case S_DECLINED:
break;
}
client -> state = S_INIT;
diff -up dhcp-4.3.4/includes/dhcpd.h.backoff dhcp-4.3.4/includes/dhcpd.h
--- dhcp-4.3.4/includes/dhcpd.h.backoff 2016-04-29 12:16:26.980245609 +0200
+++ dhcp-4.3.4/includes/dhcpd.h 2016-04-29 12:17:30.893203533 +0200
@@ -1171,7 +1171,8 @@ enum dhcp_state {
S_BOUND = 5,
S_RENEWING = 6,
S_REBINDING = 7,
- S_STOPPED = 8
+ S_STOPPED = 8,
+ S_DECLINED = 9
};
/* Possible pending client operations. */

53
dhcp/patches/0007-Change-paths-to-conform-to-our-standards.patch Normal file
View File

@ -0,0 +1,53 @@
From bf4e3f1d181b5b4e6225fe5726c02420157433cc Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:26:34 +0100
Subject: [PATCH 07/21] Change paths to conform to our standards
Cc: pzhukov@redhat.com
---
doc/examples/dhcpd-dhcpv6.conf | 2 +-
includes/dhcpd.h | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/doc/examples/dhcpd-dhcpv6.conf b/doc/examples/dhcpd-dhcpv6.conf
index 448a6a6..2357824 100644
--- a/doc/examples/dhcpd-dhcpv6.conf
+++ b/doc/examples/dhcpd-dhcpv6.conf
@@ -43,7 +43,7 @@ option dhcp6.domain-search "test.example.com","example.com";
option dhcp6.info-refresh-time 21600;
# The path of the lease file
-dhcpv6-lease-file-name "/usr/local/var/db/dhcpd6.leases";
+dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";
# Static definition (must be global)
host myclient {
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 018fa34..3632a6b 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -1545,7 +1545,7 @@ typedef unsigned char option_mask [16];
#else /* !DEBUG */
#ifndef _PATH_DHCPD_CONF
-#define _PATH_DHCPD_CONF "/etc/dhcpd.conf"
+#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf"
#endif /* DEBUG */
#ifndef _PATH_DHCPD_DB
@@ -1567,11 +1567,11 @@ typedef unsigned char option_mask [16];
#endif /* DEBUG */
#ifndef _PATH_DHCLIENT_CONF
-#define _PATH_DHCLIENT_CONF "/etc/dhclient.conf"
+#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf"
#endif
#ifndef _PATH_DHCLIENT_SCRIPT
-#define _PATH_DHCLIENT_SCRIPT "/sbin/dhclient-script"
+#define _PATH_DHCLIENT_SCRIPT "/usr/sbin/dhclient-script"
#endif
#ifndef _PATH_DHCLIENT_PID
--
2.14.5

101
dhcp/patches/0007-dhcp-unicast-bootp.patch
View File

@ -1,101 +0,0 @@
diff -up dhcp-4.3.4/server/bootp.c.unicast dhcp-4.3.4/server/bootp.c
--- dhcp-4.3.4/server/bootp.c.unicast 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/server/bootp.c 2016-05-02 15:09:40.023243008 +0200
@@ -52,6 +52,7 @@ void bootp (packet)
char msgbuf [1024];
int ignorep;
int peer_has_leases = 0;
+ int norelay = 0;
if (packet -> raw -> op != BOOTREQUEST)
return;
@@ -67,7 +68,7 @@ void bootp (packet)
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
- if (!locate_network (packet)) {
+ if ((norelay = locate_network (packet)) == 0) {
log_info ("%s: network unknown", msgbuf);
return;
}
@@ -428,6 +429,15 @@ void bootp (packet)
goto out;
}
+ } else if (norelay == 2) {
+ to.sin_addr = raw.ciaddr;
+ to.sin_port = remote_port;
+ if (fallback_interface) {
+ result = send_packet (fallback_interface, NULL, &raw,
+ outgoing.packet_length, from,
+ &to, &hto);
+ goto out;
+ }
/* If it comes from a client that already knows its address
and is not requesting a broadcast response, and we can
diff -up dhcp-4.3.4/server/dhcp.c.unicast dhcp-4.3.4/server/dhcp.c
--- dhcp-4.3.4/server/dhcp.c.unicast 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/server/dhcp.c 2016-05-02 15:10:13.255267511 +0200
@@ -5132,6 +5132,7 @@ int locate_network (packet)
struct data_string data;
struct subnet *subnet = (struct subnet *)0;
struct option_cache *oc;
+ int norelay = 0;
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6 && (packet->dhcp4o6_response != NULL)) {
@@ -5153,12 +5154,24 @@ int locate_network (packet)
from the interface, if there is one. If not, fail. */
if (!oc && !packet -> raw -> giaddr.s_addr) {
if (packet -> interface -> shared_network) {
- shared_network_reference
- (&packet -> shared_network,
- packet -> interface -> shared_network, MDL);
- return 1;
+ struct in_addr any_addr;
+ any_addr.s_addr = INADDR_ANY;
+
+ if (!packet -> packet_type && memcmp(&packet -> raw -> ciaddr, &any_addr, 4)) {
+ struct iaddr cip;
+ memcpy(cip.iabuf, &packet -> raw -> ciaddr, 4);
+ cip.len = 4;
+ if (!find_grouped_subnet(&subnet, packet->interface->shared_network, cip, MDL))
+ norelay = 2;
+ }
+
+ if (!norelay) {
+ shared_network_reference(&packet -> shared_network, packet -> interface -> shared_network, MDL);
+ return 1;
+ }
+ } else {
+ return 0;
}
- return 0;
}
/* If there's an option indicating link connection, and it's valid,
@@ -5185,7 +5198,10 @@ int locate_network (packet)
data_string_forget (&data, MDL);
} else {
ia.len = 4;
- memcpy (ia.iabuf, &packet -> raw -> giaddr, 4);
+ if (norelay)
+ memcpy (ia.iabuf, &packet->raw->ciaddr, 4);
+ else
+ memcpy (ia.iabuf, &packet->raw->giaddr, 4);
}
/* If we know the subnet on which the IP address lives, use it. */
@@ -5193,7 +5209,10 @@ int locate_network (packet)
shared_network_reference (&packet -> shared_network,
subnet -> shared_network, MDL);
subnet_dereference (&subnet, MDL);
- return 1;
+ if (norelay)
+ return norelay;
+ else
+ return 1;
}
/* Otherwise, fail. */

366
dhcp/patches/0008-Make-sure-all-open-file-descriptors-are-closed-on-ex.patch Normal file
View File

@ -0,0 +1,366 @@
From 26d34bc8e55c39ef84d580b6453c65b5cbeab8ff Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:27:18 +0100
Subject: [PATCH 08/21] Make sure all open file descriptors are closed-on-exec
for SELinux
Cc: pzhukov@redhat.com
ISC-bug: #19148
---
client/clparse.c | 4 ++--
client/dhclient.c | 28 ++++++++++++++--------------
common/bpf.c | 2 +-
common/dlpi.c | 2 +-
common/nit.c | 2 +-
common/resolv.c | 2 +-
common/upf.c | 2 +-
omapip/trace.c | 6 +++---
relay/dhcrelay.c | 10 +++++-----
server/confpars.c | 2 +-
server/db.c | 4 ++--
server/dhcpd.c | 14 +++++++-------
server/ldap.c | 2 +-
13 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/client/clparse.c b/client/clparse.c
index 39b95a0..44387ed 100644
--- a/client/clparse.c
+++ b/client/clparse.c
@@ -288,7 +288,7 @@ int read_client_conf_file (const char *name, struct interface_info *ip,
int token;
isc_result_t status;
- if ((file = open (name, O_RDONLY)) < 0)
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
return uerr2isc (errno);
cfile = NULL;
@@ -364,7 +364,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
return;
cfile = NULL;
diff --git a/client/dhclient.c b/client/dhclient.c
index 2a2e9e6..a86ab9e 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -273,11 +273,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -765,7 +765,7 @@ main(int argc, char **argv) {
long temp;
int e;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -820,7 +820,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
- if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(new_path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -845,7 +845,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) {
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
@@ -3808,7 +3808,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
@@ -4003,7 +4003,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
@@ -4207,7 +4207,7 @@ int write_client_lease (client, lease, rewrite, makesure)
return 1;
if (leaseFile == NULL) { /* XXX */
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
@@ -4786,9 +4786,9 @@ void detach ()
(void) close(2);
/* Reopen them on /dev/null. */
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
@@ -4806,14 +4806,14 @@ void write_client_pid_file ()
return;
}
- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error ("Can't create %s: %m", path_dhclient_pid);
return;
}
- pf = fdopen (pfdesc, "w");
+ pf = fdopen (pfdesc, "we");
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
diff --git a/common/bpf.c b/common/bpf.c
index 16076fe..67b6d64 100644
--- a/common/bpf.c
+++ b/common/bpf.c
@@ -94,7 +94,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff --git a/common/dlpi.c b/common/dlpi.c
index 3990bf1..a941258 100644
--- a/common/dlpi.c
+++ b/common/dlpi.c
@@ -817,7 +817,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
- return open (devname, O_RDWR, 0);
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
}
/*
diff --git a/common/nit.c b/common/nit.c
index d822c15..a9132bc 100644
--- a/common/nit.c
+++ b/common/nit.c
@@ -75,7 +75,7 @@ int if_register_nit (info)
struct strioctl sio;
/* Open a NIT device */
- sock = open ("/dev/nit", O_RDWR);
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
diff --git a/common/resolv.c b/common/resolv.c
index a01f520..b209e3f 100644
--- a/common/resolv.c
+++ b/common/resolv.c
@@ -43,7 +43,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
diff --git a/common/upf.c b/common/upf.c
index 9785879..e0a524f 100644
--- a/common/upf.c
+++ b/common/upf.c
@@ -71,7 +71,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff --git a/omapip/trace.c b/omapip/trace.c
index 45bd508..5ea7486 100644
--- a/omapip/trace.c
+++ b/omapip/trace.c
@@ -136,10 +136,10 @@ isc_result_t trace_begin (const char *filename,
return DHCP_R_INVALIDARG;
}
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
if (traceoutfile < 0 && errno == EEXIST) {
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
0600);
}
@@ -427,7 +427,7 @@ void trace_file_replay (const char *filename)
isc_result_t result;
int len;
- traceinfile = fopen (filename, "r");
+ traceinfile = fopen (filename, "re");
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index d8caaaf..ea1be18 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -296,11 +296,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -776,13 +776,13 @@ main(int argc, char **argv) {
/* Create the pid file. */
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error("Can't create %s: %m",
path_dhcrelay_pid);
} else {
- pf = fdopen(pfdesc, "w");
+ pf = fdopen(pfdesc, "we");
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
diff --git a/server/confpars.c b/server/confpars.c
index d2cedfe..2743979 100644
--- a/server/confpars.c
+++ b/server/confpars.c
@@ -118,7 +118,7 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
}
#endif
- if ((file = open (filename, O_RDONLY)) < 0) {
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
diff --git a/server/db.c b/server/db.c
index 67e6cc1..6181528 100644
--- a/server/db.c
+++ b/server/db.c
@@ -1154,7 +1154,7 @@ int new_lease_file (int test_mode)
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664);
+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664);
if (db_fd < 0) {
log_error ("Can't create new lease file: %m");
return 0;
@@ -1175,7 +1175,7 @@ int new_lease_file (int test_mode)
}
#endif /* PARANOIA */
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
diff --git a/server/dhcpd.c b/server/dhcpd.c
index 55ffae7..530a923 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -300,11 +300,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -975,7 +975,7 @@ main(int argc, char **argv) {
* appropriate.
*/
if (no_pid_file == ISC_FALSE) {
- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET(write(i, pbuf, strlen(pbuf)));
@@ -1028,9 +1028,9 @@ main(int argc, char **argv) {
(void) close(2);
/* Reopen them on /dev/null. */
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
diff --git a/server/ldap.c b/server/ldap.c
index 5126d24..555545c 100644
--- a/server/ldap.c
+++ b/server/ldap.c
@@ -1446,7 +1446,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
S_IRUSR | S_IWUSR)) < 0)
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
strerror (errno));
--
2.14.5

26
dhcp/patches/0009-Fix-garbage-in-format-string-error.patch Normal file
View File

@ -0,0 +1,26 @@
From 9ffd73d22b1337aeedef751afd03822cc0a15014 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:28:13 +0100
Subject: [PATCH 09/21] Fix 'garbage in format string' error
Cc: pzhukov@redhat.com
RHBZ: 450042
---
common/tables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/common/tables.c b/common/tables.c
index c1aa214..d2294c0 100644
--- a/common/tables.c
+++ b/common/tables.c
@@ -215,7 +215,7 @@ static struct option dhcp_options[] = {
{ "name-service-search", "Sa", &dhcp_universe, 117, 1 },
#endif
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
+ { "domain-search", "D", &dhcp_universe, 119, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
--
2.14.5

31
dhcp/patches/0010-Handle-null-timeout.patch Normal file
View File

@ -0,0 +1,31 @@
From e269e137c3b7d25a2d089be508e6769731618d54 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:29:08 +0100
Subject: [PATCH 10/21] Handle null timeout
Cc: pzhukov@redhat.com
Handle cases in add_timeout() where the function is called with a NULL
value for the 'when' parameter
ISC-Bugs: #19867 (rejected)
---
common/dispatch.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/common/dispatch.c b/common/dispatch.c
index 0207ad3..d7fe200 100644
--- a/common/dispatch.c
+++ b/common/dispatch.c
@@ -209,6 +209,10 @@ void add_timeout (when, where, what, ref, unref)
isc_interval_t interval;
isc_time_t expires;
+ if (when == NULL) {
+ return;
+ }
+
/* See if this timeout supersedes an existing timeout. */
t = (struct timeout *)0;
for (q = timeouts; q; q = q->next) {
--
2.14.5

38
dhcp/patches/0010-dhcp-paths.patch
View File

@ -1,38 +0,0 @@
diff -up dhcp-4.3.0a1/doc/examples/dhcpd-dhcpv6.conf.paths dhcp-4.3.0a1/doc/examples/dhcpd-dhcpv6.conf
--- dhcp-4.3.0a1/doc/examples/dhcpd-dhcpv6.conf.paths 2013-11-07 20:15:08.000000000 +0100
+++ dhcp-4.3.0a1/doc/examples/dhcpd-dhcpv6.conf 2013-12-19 15:34:16.262247711 +0100
@@ -42,7 +42,7 @@ option dhcp6.domain-search "test.example
option dhcp6.info-refresh-time 21600;
# The path of the lease file
-dhcpv6-lease-file-name "/usr/local/var/db/dhcpd6.leases";
+dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";
# Static definition (must be global)
host myclient {
diff -up dhcp-4.3.0a1/includes/dhcpd.h.paths dhcp-4.3.0a1/includes/dhcpd.h
--- dhcp-4.3.0a1/includes/dhcpd.h.paths 2013-12-19 15:34:16.253247840 +0100
+++ dhcp-4.3.0a1/includes/dhcpd.h 2013-12-19 15:34:16.263247697 +0100
@@ -1429,7 +1429,7 @@ typedef unsigned char option_mask [16];
#else /* !DEBUG */
#ifndef _PATH_DHCPD_CONF
-#define _PATH_DHCPD_CONF "/etc/dhcpd.conf"
+#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf"
#endif /* DEBUG */
#ifndef _PATH_DHCPD_DB
@@ -1451,11 +1451,11 @@ typedef unsigned char option_mask [16];
#endif /* DEBUG */
#ifndef _PATH_DHCLIENT_CONF
-#define _PATH_DHCLIENT_CONF "/etc/dhclient.conf"
+#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf"
#endif
#ifndef _PATH_DHCLIENT_SCRIPT
-#define _PATH_DHCLIENT_SCRIPT "/sbin/dhclient-script"
+#define _PATH_DHCLIENT_SCRIPT "/usr/sbin/dhclient-script"
#endif
#ifndef _PATH_DHCLIENT_PID

343
dhcp/patches/0015-dhcp-capability.patch → dhcp/patches/0011-Drop-unnecessary-capabilities.patch
View File

@ -1,108 +1,38 @@
diff -up dhcp-4.3.4/client/dhclient.8.capability dhcp-4.3.4/client/dhclient.8
--- dhcp-4.3.4/client/dhclient.8.capability 2016-04-29 12:19:40.657129322 +0200
+++ dhcp-4.3.4/client/dhclient.8 2016-04-29 12:19:40.715129297 +0200
@@ -134,6 +134,9 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
+.B -nc
+]
+[
.B -B
]
[
@@ -318,6 +321,32 @@ has been added or removed, so that the c
address on that interface.
.TP
+.BI \-nc
+Do not drop capabilities.
+
+Normally, if
+.B dhclient
+was compiled with libcap-ng support,
+.B dhclient
+drops most capabilities immediately upon startup. While more secure,
+this greatly restricts the additional actions that hooks in
+.B dhclient-script (8)
+can take. (For example, any daemons that
+.B dhclient-script (8)
+starts or restarts will inherit the restricted capabilities as well,
+which may interfere with their correct operation.) Thus, the
+.BI \-nc
+option can be used to prevent
+.B dhclient
+from dropping capabilities.
+
+The
+.BI \-nc
+option is ignored if
+.B dhclient
+was not compiled with libcap-ng support.
+
+.TP
.BI \-B
Set the BOOTP broadcast flag in request packets so servers will always
broadcast replies.
diff -up dhcp-4.3.4/client/dhclient.c.capability dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.capability 2016-04-29 12:19:40.691129307 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:21:07.620091930 +0200
@@ -40,6 +40,10 @@
#include <isc/file.h>
#include <dns/result.h>
+#ifdef HAVE_LIBCAP_NG
+#include <cap-ng.h>
+#endif
+
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
@@ -237,6 +241,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
+#ifdef HAVE_LIBCAP_NG
+ int keep_capabilities = 0;
+#endif
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -537,6 +544,10 @@ main(int argc, char **argv) {
}
dhclient_request_options = argv[i];
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
+ keep_capabilities = 1;
+#endif
} else if (argv[i][0] == '-') {
usage("Unknown command: %s", argv[i]);
} else if (interfaces_requested < 0) {
@@ -597,6 +608,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
+#ifdef HAVE_LIBCAP_NG
+ /* Drop capabilities */
+ if (!keep_capabilities) {
+ capng_clear(CAPNG_SELECT_CAPS);
+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_DAC_OVERRIDE); // Drop this someday
+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_NET_ADMIN, CAP_NET_RAW,
+ CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1);
+ capng_apply(CAPNG_SELECT_CAPS);
+ }
+#endif
+
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
diff -up dhcp-4.3.4/client/dhclient-script.8.capability dhcp-4.3.4/client/dhclient-script.8
--- dhcp-4.3.4/client/dhclient-script.8.capability 2016-04-29 12:19:40.668129317 +0200
+++ dhcp-4.3.4/client/dhclient-script.8 2016-04-29 12:19:40.717129296 +0200
@@ -243,6 +243,16 @@ repeatedly initialized to the values pro
From 291f738f341a78f8c7974a7603d1a2eaa01ebacc Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:30:28 +0100
Subject: [PATCH 11/21] Drop unnecessary capabilities
Cc: pzhukov@redhat.com
dhclient (#517649, #546765), dhcpd/dhcrelay (#699713)
---
client/Makefile.am | 3 ++-
client/dhclient-script.8 | 10 ++++++++++
client/dhclient.8 | 29 +++++++++++++++++++++++++++++
client/dhclient.c | 24 ++++++++++++++++++++++++
configure.ac | 35 +++++++++++++++++++++++++++++++++++
relay/Makefile.am | 3 ++-
relay/dhcrelay.c | 29 +++++++++++++++++++++++++++++
7 files changed, 131 insertions(+), 2 deletions(-)
diff --git a/client/Makefile.am b/client/Makefile.am
index d177159..0689185 100644
--- a/client/Makefile.am
+++ b/client/Makefile.am
@@ -17,6 +17,7 @@ dhclient_LDADD = ../common/libdhcp.@A@ ../omapip/libomapi.@A@ \
@BINDLIBIRSDIR@/libirs.@A@ \
@BINDLIBDNSDIR@/libdns.@A@ \
@BINDLIBISCCFGDIR@/libisccfg.@A@ \
- @BINDLIBISCDIR@/libisc.@A@
+ @BINDLIBISCDIR@/libisc.@A@ \
+ $(CAPNG_LDADD)
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff --git a/client/dhclient-script.8 b/client/dhclient-script.8
index 0db5516..2eddb8f 100644
--- a/client/dhclient-script.8
+++ b/client/dhclient-script.8
@@ -243,6 +243,16 @@ repeatedly initialized to the values provided by one server, and then
the other. Assuming the information provided by both servers is
valid, this shouldn't cause any real problems, but it could be
confusing.
@ -119,25 +49,117 @@ diff -up dhcp-4.3.4/client/dhclient-script.8.capability dhcp-4.3.4/client/dhclie
.SH SEE ALSO
dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
dhclient.leases(5).
diff -up dhcp-4.3.4/client/Makefile.am.capability dhcp-4.3.4/client/Makefile.am
--- dhcp-4.3.4/client/Makefile.am.capability 2016-04-29 12:19:40.652129324 +0200
+++ dhcp-4.3.4/client/Makefile.am 2016-04-29 12:19:40.717129296 +0200
@@ -13,7 +13,7 @@ dhclient_SOURCES = clparse.c dhclient.c
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
diff -up dhcp-4.3.4/configure.ac.capability dhcp-4.3.4/configure.ac
--- dhcp-4.3.4/configure.ac.capability 2016-04-29 12:19:40.652129324 +0200
+++ dhcp-4.3.4/configure.ac 2016-04-29 12:19:40.717129296 +0200
@@ -585,6 +585,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
diff --git a/client/dhclient.8 b/client/dhclient.8
index 6d7fbdb..0145b9f 100644
--- a/client/dhclient.8
+++ b/client/dhclient.8
@@ -134,6 +134,9 @@ dhclient - Dynamic Host Configuration Protocol Client
.B -w
]
[
+.B -nc
+]
+[
.B -B
]
[
@@ -328,6 +331,32 @@ not to exit when it doesn't find any such interfaces. The
program can then be used to notify the client when a network interface
has been added or removed, so that the client can attempt to configure an IP
address on that interface.
+.TP
+.BI \-nc
+Do not drop capabilities.
+
+Normally, if
+.B dhclient
+was compiled with libcap-ng support,
+.B dhclient
+drops most capabilities immediately upon startup. While more secure,
+this greatly restricts the additional actions that hooks in
+.B dhclient-script (8)
+can take. (For example, any daemons that
+.B dhclient-script (8)
+starts or restarts will inherit the restricted capabilities as well,
+which may interfere with their correct operation.) Thus, the
+.BI \-nc
+option can be used to prevent
+.B dhclient
+from dropping capabilities.
+
+The
+.BI \-nc
+option is ignored if
+.B dhclient
+was not compiled with libcap-ng support.
+
.TP
.BI \-n
Do not configure any interfaces. This is most likely to be useful in
diff --git a/client/dhclient.c b/client/dhclient.c
index a86ab9e..5d3f5bc 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -41,6 +41,10 @@
#include <sys/wait.h>
#include <limits.h>
+#ifdef HAVE_LIBCAP_NG
+#include <cap-ng.h>
+#endif
+
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
@@ -266,6 +270,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
+#ifdef HAVE_LIBCAP_NG
+ int keep_capabilities = 0;
+#endif
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
@@ -665,6 +672,10 @@ main(int argc, char **argv) {
dhclient_request_options = argv[i];
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
+ keep_capabilities = 1;
+#endif
} else if (argv[i][0] == '-') {
usage("Unknown command: %s", argv[i]);
} else if (interfaces_requested < 0) {
@@ -725,6 +736,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
+#ifdef HAVE_LIBCAP_NG
+ /* Drop capabilities */
+ if (!keep_capabilities) {
+ capng_clear(CAPNG_SELECT_CAPS);
+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_DAC_OVERRIDE); // Drop this someday
+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
+ CAP_NET_ADMIN, CAP_NET_RAW,
+ CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1);
+ capng_apply(CAPNG_SELECT_CAPS);
+ }
+#endif
+
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
diff --git a/configure.ac b/configure.ac
index a797438..15fc0d7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -612,6 +612,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[void foo() __attribute__((noreturn));
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
+# look for capabilities library
+AC_ARG_WITH(libcap-ng,
+ [ --with-libcap-ng=[auto/yes/no] Add Libcap-ng support [default=auto]],,
@ -176,13 +198,28 @@ diff -up dhcp-4.3.4/configure.ac.capability dhcp-4.3.4/configure.ac
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
diff -up dhcp-4.3.4/relay/dhcrelay.c.capability dhcp-4.3.4/relay/dhcrelay.c
--- dhcp-4.3.4/relay/dhcrelay.c.capability 2016-04-29 12:19:40.694129306 +0200
+++ dhcp-4.3.4/relay/dhcrelay.c 2016-04-29 12:22:30.278056386 +0200
diff --git a/relay/Makefile.am b/relay/Makefile.am
index 2ba5979..8900e0b 100644
--- a/relay/Makefile.am
+++ b/relay/Makefile.am
@@ -6,7 +6,8 @@ dhcrelay_LDADD = ../common/libdhcp.@A@ ../omapip/libomapi.@A@ \
@BINDLIBIRSDIR@/libirs.@A@ \
@BINDLIBDNSDIR@/libdns.@A@ \
@BINDLIBISCCFGDIR@/libisccfg.@A@ \
- @BINDLIBISCDIR@/libisc.@A@
+ @BINDLIBISCDIR@/libisc.@A@ \
+ $(CAPNG_LDADD)
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index ea1be18..7b4f4f1 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -32,6 +32,11 @@
#include <sys/time.h>
#include <isc/file.h>
+#ifdef HAVE_LIBCAP_NG
+# include <cap-ng.h>
+ int keep_capabilities = 0;
@ -191,21 +228,21 @@ diff -up dhcp-4.3.4/relay/dhcrelay.c.capability dhcp-4.3.4/relay/dhcrelay.c
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
@@ -454,6 +459,10 @@ main(int argc, char **argv) {
usage(use_noarg, argv[i-1]);
dhcrelay_sub_id = argv[i];
#endif
@@ -590,6 +595,10 @@ main(int argc, char **argv) {
if (++i == argc)
usage(use_noarg, argv[i-1]);
dhcrelay_sub_id = argv[i];
+#endif
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
+ keep_capabilities = 1;
+#endif
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
usage(use_noarg, argv[i-1]);
@@ -528,6 +537,17 @@ main(int argc, char **argv) {
#endif
}
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
@@ -660,6 +669,17 @@ main(int argc, char **argv) {
#endif
}
+#ifdef HAVE_LIBCAP_NG
+ /* Drop capabilities */
+ if (!keep_capabilities) {
@ -217,13 +254,13 @@ diff -up dhcp-4.3.4/relay/dhcrelay.c.capability dhcp-4.3.4/relay/dhcrelay.c
+ }
+#endif
+
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
@@ -680,6 +700,15 @@ main(int argc, char **argv) {
signal(SIGTERM, dhcp_signal_handler); /* kill */
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
@@ -816,6 +836,15 @@ main(int argc, char **argv) {
signal(SIGTERM, dhcp_signal_handler); /* kill */
#endif
+#ifdef HAVE_LIBCAP_NG
+ /* Drop all capabilities */
+ if (!keep_capabilities) {
@ -233,18 +270,8 @@ diff -up dhcp-4.3.4/relay/dhcrelay.c.capability dhcp-4.3.4/relay/dhcrelay.c
+ }
+#endif
+
/* Start dispatching packets and timeouts... */
dispatch();
diff -up dhcp-4.3.4/relay/Makefile.am.capability dhcp-4.3.4/relay/Makefile.am
--- dhcp-4.3.4/relay/Makefile.am.capability 2016-04-29 12:19:40.653129323 +0200
+++ dhcp-4.3.4/relay/Makefile.am 2016-04-29 12:19:40.718129295 +0200
@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
$(BIND9_LIBDIR) -lirs-export -ldns-export -lisccfg-export -lisc-export
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
/* Start dispatching packets and timeouts... */
dispatch();
--
2.14.5

336
dhcp/patches/0011-dhcp-CLOEXEC.patch
View File

@ -1,336 +0,0 @@
diff -up dhcp-4.3.3b1/client/clparse.c.cloexec dhcp-4.3.3b1/client/clparse.c
--- dhcp-4.3.3b1/client/clparse.c.cloexec 2015-08-10 10:46:20.264755543 +0200
+++ dhcp-4.3.3b1/client/clparse.c 2015-08-10 10:46:20.274755510 +0200
@@ -247,7 +247,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
- if ((file = open (name, O_RDONLY)) < 0)
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
return uerr2isc (errno);
cfile = NULL;
@@ -323,7 +323,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
return;
cfile = NULL;
diff -up dhcp-4.3.3b1/client/dhclient.c.cloexec dhcp-4.3.3b1/client/dhclient.c
--- dhcp-4.3.3b1/client/dhclient.c.cloexec 2015-08-10 10:46:20.260755556 +0200
+++ dhcp-4.3.3b1/client/dhclient.c 2015-08-10 10:46:20.275755506 +0200
@@ -153,11 +153,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -519,7 +519,7 @@ main(int argc, char **argv) {
long temp;
int e;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -574,7 +574,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
- if ((pidfd = fopen(new_path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(new_path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
@@ -599,7 +599,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) {
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
@@ -3120,7 +3120,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
@@ -3313,7 +3313,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
@@ -3493,7 +3493,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
@@ -4011,9 +4011,9 @@ void go_daemon ()
(void) close(2);
/* Reopen them on /dev/null. */
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
@@ -4030,14 +4030,14 @@ void write_client_pid_file ()
return;
}
- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error ("Can't create %s: %m", path_dhclient_pid);
return;
}
- pf = fdopen (pfdesc, "w");
+ pf = fdopen (pfdesc, "we");
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
diff -up dhcp-4.3.3b1/common/bpf.c.cloexec dhcp-4.3.3b1/common/bpf.c
--- dhcp-4.3.3b1/common/bpf.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/bpf.c 2015-08-10 10:46:20.275755506 +0200
@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.3.3b1/common/dlpi.c.cloexec dhcp-4.3.3b1/common/dlpi.c
--- dhcp-4.3.3b1/common/dlpi.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/dlpi.c 2015-08-10 10:46:20.275755506 +0200
@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
- return open (devname, O_RDWR, 0);
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
}
/*
diff -up dhcp-4.3.3b1/common/nit.c.cloexec dhcp-4.3.3b1/common/nit.c
--- dhcp-4.3.3b1/common/nit.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/nit.c 2015-08-10 10:46:20.275755506 +0200
@@ -75,7 +75,7 @@ int if_register_nit (info)
struct strioctl sio;
/* Open a NIT device */
- sock = open ("/dev/nit", O_RDWR);
+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
diff -up dhcp-4.3.3b1/common/resolv.c.cloexec dhcp-4.3.3b1/common/resolv.c
--- dhcp-4.3.3b1/common/resolv.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/resolv.c 2015-08-10 10:46:20.276755503 +0200
@@ -44,7 +44,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {
+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) {
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
diff -up dhcp-4.3.3b1/common/upf.c.cloexec dhcp-4.3.3b1/common/upf.c
--- dhcp-4.3.3b1/common/upf.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/common/upf.c 2015-08-10 10:46:20.276755503 +0200
@@ -71,7 +71,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) {
if (errno == EBUSY) {
continue;
diff -up dhcp-4.3.3b1/omapip/trace.c.cloexec dhcp-4.3.3b1/omapip/trace.c
--- dhcp-4.3.3b1/omapip/trace.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/omapip/trace.c 2015-08-10 10:46:20.276755503 +0200
@@ -138,10 +138,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
if (traceoutfile < 0 && errno == EEXIST) {
log_error ("WARNING: Overwriting trace file \"%s\"", filename);
- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
0600);
}
@@ -429,7 +429,7 @@ void trace_file_replay (const char *file
isc_result_t result;
int len;
- traceinfile = fopen (filename, "r");
+ traceinfile = fopen (filename, "re");
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
diff -up dhcp-4.3.3b1/relay/dhcrelay.c.cloexec dhcp-4.3.3b1/relay/dhcrelay.c
--- dhcp-4.3.3b1/relay/dhcrelay.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/relay/dhcrelay.c 2015-08-10 10:46:20.276755503 +0200
@@ -187,11 +187,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -558,13 +558,13 @@ main(int argc, char **argv) {
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) {
log_error("Can't create %s: %m",
path_dhcrelay_pid);
} else {
- pf = fdopen(pfdesc, "w");
+ pf = fdopen(pfdesc, "we");
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
diff -up dhcp-4.3.3b1/server/confpars.c.cloexec dhcp-4.3.3b1/server/confpars.c
--- dhcp-4.3.3b1/server/confpars.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/confpars.c 2015-08-10 10:46:20.277755500 +0200
@@ -111,7 +111,7 @@ isc_result_t read_conf_file (const char
}
#endif
- if ((file = open (filename, O_RDONLY)) < 0) {
+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) {
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
diff -up dhcp-4.3.3b1/server/db.c.cloexec dhcp-4.3.3b1/server/db.c
--- dhcp-4.3.3b1/server/db.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/db.c 2015-08-10 10:47:32.644518358 +0200
@@ -1072,7 +1072,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
- db_file = fopen (path_dhcpd_db, "a");
+ db_file = fopen (path_dhcpd_db, "ae");
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
@@ -1120,7 +1120,7 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664);
+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664);
if (db_fd < 0) {
log_error ("Can't create new lease file: %m");
return 0;
@@ -1141,7 +1141,7 @@ int new_lease_file ()
}
#endif /* PARANOIA */
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {
+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
diff -up dhcp-4.3.3b1/server/dhcpd.c.cloexec dhcp-4.3.3b1/server/dhcpd.c
--- dhcp-4.3.3b1/server/dhcpd.c.cloexec 2015-07-30 15:17:16.000000000 +0200
+++ dhcp-4.3.3b1/server/dhcpd.c 2015-08-10 10:46:20.278755497 +0200
@@ -194,11 +194,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 0)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 1)
- fd = open("/dev/null", O_RDWR);
+ fd = open("/dev/null", O_RDWR | O_CLOEXEC);
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
@@ -743,7 +743,7 @@ main(int argc, char **argv) {
* appropriate.
*/
if (no_pid_file == ISC_FALSE) {
- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET(write(i, pbuf, strlen(pbuf)));
@@ -787,9 +787,9 @@ main(int argc, char **argv) {
(void) close(2);
/* Reopen them on /dev/null. */
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
- (void) open("/dev/null", O_RDWR);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
+ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
diff -up dhcp-4.3.3b1/server/ldap.c.cloexec dhcp-4.3.3b1/server/ldap.c
--- dhcp-4.3.3b1/server/ldap.c.cloexec 2015-07-30 21:03:40.000000000 +0200
+++ dhcp-4.3.3b1/server/ldap.c 2015-08-10 10:46:20.279755493 +0200
@@ -1442,7 +1442,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
S_IRUSR | S_IWUSR)) < 0)
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,
strerror (errno));

331
dhcp/patches/0017-dhcp-rfc3442-classless-static-routes.patch → dhcp/patches/0012-RFC-3442-Classless-Static-Route-Option-for-DHCPv4-51.patch
View File

@ -1,44 +1,66 @@
diff -up dhcp-4.3.4/client/clparse.c.rfc3442 dhcp-4.3.4/client/clparse.c
--- dhcp-4.3.4/client/clparse.c.rfc3442 2016-04-29 12:23:34.192032714 +0200
+++ dhcp-4.3.4/client/clparse.c 2016-04-29 12:24:37.531016317 +0200
From 2756fcc3f88c27d0e12e72dbdd2906fbf45f2362 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:32:35 +0100
Subject: [PATCH 12/21] RFC 3442 - Classless Static Route Option for DHCPv4
(#516325)
Cc: pzhukov@redhat.com
(Submitted to dhcp-bugs@isc.org - [ISC-Bugs #24572])
---
client/clparse.c | 13 ++++++++++--
common/dhcp-options.5 | 43 +++++++++++++++++++++++++++++++++++++++
common/inet.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++
common/options.c | 49 +++++++++++++++++++++++++++++++++++++++++++-
common/parse.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++-
common/tables.c | 2 ++
includes/dhcp.h | 1 +
includes/dhcpd.h | 2 ++
includes/dhctoken.h | 5 +++--
9 files changed, 219 insertions(+), 6 deletions(-)
diff --git a/client/clparse.c b/client/clparse.c
index 44387ed..862e4f9 100644
--- a/client/clparse.c
+++ b/client/clparse.c
@@ -31,7 +31,7 @@
struct client_config top_level_config;
-#define NUM_DEFAULT_REQUESTED_OPTS 14
+#define NUM_DEFAULT_REQUESTED_OPTS 15
/* There can be 2 extra requested options for DHCPv4-over-DHCPv6. */
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 2 + 1];
@@ -87,7 +87,11 @@ isc_result_t read_client_conf ()
dhcp_universe.code_hash, &code, 0, MDL);
/* 4 */
dhcp_universe.code_hash, &code, 0, MDL);
/* 4 */
- code = DHO_ROUTERS;
+ /* The Classless Static Routes option code MUST appear in the parameter
+ * request list prior to both the Router option code and the Static
+ * Routes option code, if present. (RFC3442)
+ */
+ code = DHO_CLASSLESS_STATIC_ROUTES;
option_code_hash_lookup(&default_requested_options[3],
dhcp_universe.code_hash, &code, 0, MDL);
option_code_hash_lookup(&default_requested_options[3],
dhcp_universe.code_hash, &code, 0, MDL);
@@ -141,6 +145,11 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[13],
dhcp_universe.code_hash, &code, 0, MDL);
option_code_hash_lookup(&default_requested_options[13],
dhcp_universe.code_hash, &code, 0, MDL);
+ /* 15 */
+ code = DHO_ROUTERS;
+ option_code_hash_lookup(&default_requested_options[14],
+ dhcp_universe.code_hash, &code, 0, MDL);
+
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
diff -up dhcp-4.3.4/common/dhcp-options.5.rfc3442 dhcp-4.3.4/common/dhcp-options.5
--- dhcp-4.3.4/common/dhcp-options.5.rfc3442 2016-04-29 12:23:34.183032716 +0200
+++ dhcp-4.3.4/common/dhcp-options.5 2016-04-29 12:23:34.237032703 +0200
@@ -111,6 +111,26 @@ hexadecimal, separated by colons. For e
for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) {
if (default_requested_options[code] == NULL)
log_fatal("Unable to find option definition for "
diff --git a/common/dhcp-options.5 b/common/dhcp-options.5
index d9e1197..2343b19 100644
--- a/common/dhcp-options.5
+++ b/common/dhcp-options.5
@@ -110,6 +110,26 @@ hexadecimal, separated by colons. For example:
or
option dhcp-client-identifier 43:4c:49:45:54:2d:46:4f:4f;
.fi
@ -65,7 +87,7 @@ diff -up dhcp-4.3.4/common/dhcp-options.5.rfc3442 dhcp-4.3.4/common/dhcp-options
.SH SETTING OPTION VALUES USING EXPRESSIONS
Sometimes it's helpful to be able to set the value of a DHCP option
based on some value that the client has sent. To do this, you can
@@ -1031,6 +1051,29 @@ dhclient-script will create routes:
@@ -1086,6 +1106,29 @@ dhclient-script will create routes:
.RE
.PP
.nf
@ -95,13 +117,14 @@ diff -up dhcp-4.3.4/common/dhcp-options.5.rfc3442 dhcp-4.3.4/common/dhcp-options
.B option \fBstreettalk-directory-assistance-server\fR \fIip-address\fR
[\fB,\fR \fIip-address\fR...]\fB;\fR
.fi
diff -up dhcp-4.3.4/common/inet.c.rfc3442 dhcp-4.3.4/common/inet.c
--- dhcp-4.3.4/common/inet.c.rfc3442 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/common/inet.c 2016-04-29 12:23:34.237032703 +0200
@@ -519,6 +519,60 @@ free_iaddrcidrnetlist(struct iaddrcidrne
return ISC_R_SUCCESS;
diff --git a/common/inet.c b/common/inet.c
index c4da73c..981fb92 100644
--- a/common/inet.c
+++ b/common/inet.c
@@ -519,6 +519,60 @@ free_iaddrcidrnetlist(struct iaddrcidrnetlist **result) {
return ISC_R_SUCCESS;
}
+static const char *
+inet_ntopdd(const unsigned char *src, unsigned srclen, char *dst, size_t size)
+{
@ -159,42 +182,43 @@ diff -up dhcp-4.3.4/common/inet.c.rfc3442 dhcp-4.3.4/common/inet.c
/* piaddr() turns an iaddr structure into a printable address. */
/* XXX: should use a const pointer rather than passing the structure */
const char *
diff -up dhcp-4.3.4/common/options.c.rfc3442 dhcp-4.3.4/common/options.c
--- dhcp-4.3.4/common/options.c.rfc3442 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/common/options.c 2016-04-29 12:23:34.237032703 +0200
@@ -713,7 +713,11 @@ cons_options(struct packet *inpacket, st
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
diff --git a/common/options.c b/common/options.c
index fc0e088..3034cf0 100644
--- a/common/options.c
+++ b/common/options.c
@@ -729,7 +729,11 @@ cons_options(struct packet *inpacket, struct dhcp_packet *outpacket,
* packet.
*/
priority_list[priority_len++] = DHO_SUBNET_MASK;
- priority_list[priority_len++] = DHO_ROUTERS;
+ if (lookup_option(&dhcp_universe, cfg_options,
+ DHO_CLASSLESS_STATIC_ROUTES))
+ priority_list[priority_len++] = DHO_CLASSLESS_STATIC_ROUTES;
+ else
+ priority_list[priority_len++] = DHO_ROUTERS;
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
@@ -1694,6 +1698,7 @@ const char *pretty_print_option (option,
unsigned long tval;
isc_boolean_t a_array = ISC_FALSE;
int len_used;
priority_list[priority_len++] = DHO_DOMAIN_NAME_SERVERS;
priority_list[priority_len++] = DHO_HOST_NAME;
priority_list[priority_len++] = DHO_FQDN;
@@ -1804,6 +1808,7 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
unsigned long tval;
isc_boolean_t a_array = ISC_FALSE;
int len_used;
+ unsigned int octets = 0;
if (emit_commas)
comma = ',';
@@ -1702,6 +1707,7 @@ const char *pretty_print_option (option,
memset (enumbuf, 0, sizeof enumbuf);
if (emit_commas)
comma = ',';
@@ -1812,6 +1817,7 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
memset (enumbuf, 0, sizeof enumbuf);
+ if (option->format[0] != 'R') { /* see explanation lower */
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
@@ -1894,6 +1900,33 @@ const char *pretty_print_option (option,
if (numhunk < 0)
numhunk = 1;
/* Figure out the size of the data. */
for (l = i = 0; option -> format [i]; i++, l++) {
if (l >= sizeof(fmtbuf) - 1)
@@ -2004,6 +2010,33 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
if (numhunk < 0)
numhunk = 1;
+ } else { /* option->format[i] == 'R') */
+ /* R (destination descriptor) has variable length.
+ * We can find it only in classless static route option,
@ -222,13 +246,13 @@ diff -up dhcp-4.3.4/common/options.c.rfc3442 dhcp-4.3.4/common/options.c
+ }
+ }
+
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
@@ -2049,6 +2082,20 @@ const char *pretty_print_option (option,
strcpy(op, piaddr(iaddr));
dp += 4;
break;
/* Cycle through the array (or hunk) printing the data. */
for (i = 0; i < numhunk; i++) {
if ((a_array == ISC_TRUE) && (i != 0) && (numelem > 0)) {
@@ -2159,6 +2192,20 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
strcpy(op, piaddr(iaddr));
dp += 4;
break;
+
+ case 'R':
+ if (dp[0] <= 32)
@ -243,16 +267,18 @@ diff -up dhcp-4.3.4/common/options.c.rfc3442 dhcp-4.3.4/common/options.c
+ dp += iaddr.len;
+ break;
+
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
diff -up dhcp-4.3.4/common/parse.c.rfc3442 dhcp-4.3.4/common/parse.c
--- dhcp-4.3.4/common/parse.c.rfc3442 2016-04-29 12:23:34.220032707 +0200
+++ dhcp-4.3.4/common/parse.c 2016-04-29 12:23:34.238032702 +0200
@@ -341,6 +341,39 @@ int parse_ip_addr (cfile, addr)
}
/*
case '6':
iaddr.len = 16;
memcpy(iaddr.iabuf, dp, 16);
diff --git a/common/parse.c b/common/parse.c
index 3ac4ebf..f17bc0b 100644
--- a/common/parse.c
+++ b/common/parse.c
@@ -344,6 +344,39 @@ int parse_ip_addr (cfile, addr)
return 0;
}
+/*
+ * destination-descriptor :== NUMBER DOT NUMBER |
+ * NUMBER DOT NUMBER DOT NUMBER |
+ * NUMBER DOT NUMBER DOT NUMBER DOT NUMBER |
@ -285,36 +311,35 @@ diff -up dhcp-4.3.4/common/parse.c.rfc3442 dhcp-4.3.4/common/parse.c
+ return 0;
+}
+
+/*
/*
* Return true if every character in the string is hexadecimal.
*/
static int
@@ -720,8 +753,10 @@ unsigned char *parse_numeric_aggregate (
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
@@ -724,8 +757,10 @@ unsigned char *parse_numeric_aggregate (cfile, buf,
if (count) {
token = peek_token (&val, (unsigned *)0, cfile);
if (token != separator) {
- if (!*max)
+ if (!*max) {
+ *max = count;
break;
break;
+ }
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
@@ -1668,6 +1703,9 @@ int parse_option_code_definition (cfile,
case IP_ADDRESS:
type = 'I';
break;
if (token != RBRACE && token != LBRACE)
token = next_token (&val,
(unsigned *)0,
@@ -1672,6 +1707,9 @@ int parse_option_code_definition (cfile, option)
case IP_ADDRESS:
type = 'I';
break;
+ case DESTINATION_DESCRIPTOR:
+ type = 'R';
+ break;
case IP6_ADDRESS:
type = '6';
break;
@@ -5097,6 +5135,15 @@ int parse_option_token (rv, cfile, fmt,
}
break;
case IP6_ADDRESS:
type = '6';
break;
@@ -5101,6 +5139,15 @@ int parse_option_token (rv, cfile, fmt, expr, uniform, lookups)
}
break;
+ case 'R': /* destination descriptor */
+ if (!parse_destination_descriptor (cfile, &addr)) {
+ return 0;
@ -324,13 +349,13 @@ diff -up dhcp-4.3.4/common/parse.c.rfc3442 dhcp-4.3.4/common/parse.c
+ }
+ break;
+
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
@@ -5374,6 +5421,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
case '6': /* IPv6 address. */
if (!parse_ip6_addr(cfile, &addr)) {
return 0;
@@ -5378,6 +5425,13 @@ int parse_option_decl (oc, cfile)
goto exit;
len = ip_addr.len;
dp = ip_addr.iabuf;
+ goto alloc;
+
+ case 'R': /* destination descriptor */
@ -338,15 +363,16 @@ diff -up dhcp-4.3.4/common/parse.c.rfc3442 dhcp-4.3.4/common/parse.c
+ goto exit;
+ len = ip_addr.len;
+ dp = ip_addr.iabuf;
alloc:
if (hunkix + len > sizeof hunkbuf) {
diff -up dhcp-4.3.4/common/tables.c.rfc3442 dhcp-4.3.4/common/tables.c
--- dhcp-4.3.4/common/tables.c.rfc3442 2016-04-29 12:23:34.209032710 +0200
+++ dhcp-4.3.4/common/tables.c 2016-04-29 12:23:34.238032702 +0200
@@ -45,6 +45,7 @@ HASH_FUNCTIONS (option_code, const unsig
alloc:
if (hunkix + len > sizeof hunkbuf) {
diff --git a/common/tables.c b/common/tables.c
index d2294c0..f1be07d 100644
--- a/common/tables.c
+++ b/common/tables.c
@@ -45,6 +45,7 @@ HASH_FUNCTIONS (option_code, const unsigned *, struct option,
Format codes:
I - IPv4 address
+ R - destination descriptor (RFC3442)
6 - IPv6 address
@ -354,52 +380,59 @@ diff -up dhcp-4.3.4/common/tables.c.rfc3442 dhcp-4.3.4/common/tables.c
L - 32-bit unsigned integer
@@ -216,6 +217,7 @@ static struct option dhcp_options[] = {
#endif
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
{ "domain-search", "D", &dhcp_universe, 119, 1 },
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
{ "domain-search", "D", &dhcp_universe, 119, 1 },
+ { "classless-static-routes", "RIA", &dhcp_universe, 121, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0
diff -up dhcp-4.3.4/includes/dhcpd.h.rfc3442 dhcp-4.3.4/includes/dhcpd.h
--- dhcp-4.3.4/includes/dhcpd.h.rfc3442 2016-04-29 12:23:34.186032716 +0200
+++ dhcp-4.3.4/includes/dhcpd.h 2016-04-29 12:23:34.239032702 +0200
@@ -2894,6 +2894,7 @@ isc_result_t range2cidr(struct iaddrcidr
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
+const char *pdestdesc (struct iaddr);
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
@@ -3108,6 +3109,7 @@ void parse_client_lease_declaration (str
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
+int parse_destination_descriptor (struct parse *, struct iaddr *);
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
diff -up dhcp-4.3.4/includes/dhcp.h.rfc3442 dhcp-4.3.4/includes/dhcp.h
--- dhcp-4.3.4/includes/dhcp.h.rfc3442 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/includes/dhcp.h 2016-04-29 12:23:34.239032702 +0200
@@ -159,6 +159,7 @@ struct dhcp_packet {
diff --git a/includes/dhcp.h b/includes/dhcp.h
index 0a74137..95bf539 100644
--- a/includes/dhcp.h
+++ b/includes/dhcp.h
@@ -158,6 +158,7 @@ struct dhcp_packet {
#define DHO_ASSOCIATED_IP 92
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
+#define DHO_CLASSLESS_STATIC_ROUTES 121 /* RFC3442 */
#define DHO_VIVCO_SUBOPTIONS 124
#define DHO_VIVSO_SUBOPTIONS 125
diff -up dhcp-4.3.4/includes/dhctoken.h.rfc3442 dhcp-4.3.4/includes/dhctoken.h
--- dhcp-4.3.4/includes/dhctoken.h.rfc3442 2016-04-29 12:23:34.239032702 +0200
+++ dhcp-4.3.4/includes/dhctoken.h 2016-04-29 12:25:07.236008628 +0200
@@ -374,7 +374,8 @@ enum dhcp_token {
LEASE_ID_FORMAT = 676,
TOKEN_HEX = 677,
TOKEN_OCTAL = 678,
- BOOTP_BROADCAST_ALWAYS = 679
+ BOOTP_BROADCAST_ALWAYS = 679,
+ DESTINATION_DESCRIPTOR = 680
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 3632a6b..2ac39ae 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2951,6 +2951,7 @@ isc_result_t range2cidr(struct iaddrcidrnetlist **result,
const struct iaddr *lo, const struct iaddr *hi);
isc_result_t free_iaddrcidrnetlist(struct iaddrcidrnetlist **result);
const char *piaddr (struct iaddr);
+const char *pdestdesc (struct iaddr);
char *piaddrmask(struct iaddr *, struct iaddr *);
char *piaddrcidr(const struct iaddr *, unsigned int);
u_int16_t validate_port(char *);
@@ -3169,6 +3170,7 @@ void parse_client_lease_declaration (struct parse *,
int parse_option_decl (struct option_cache **, struct parse *);
void parse_string_list (struct parse *, struct string_list **, int);
int parse_ip_addr (struct parse *, struct iaddr *);
+int parse_destination_descriptor (struct parse *, struct iaddr *);
int parse_ip_addr_with_subnet(struct parse *, struct iaddrmatch *);
void parse_reject_statement (struct parse *, struct client_config *);
diff --git a/includes/dhctoken.h b/includes/dhctoken.h
index 7e7215a..b4d93ba 100644
--- a/includes/dhctoken.h
+++ b/includes/dhctoken.h
@@ -376,8 +376,9 @@ enum dhcp_token {
LEASE_ID_FORMAT = 676,
TOKEN_HEX = 677,
TOKEN_OCTAL = 678,
- KEY_ALGORITHM = 679
- BOOTP_BROADCAST_ALWAYS = 680
+ KEY_ALGORITHM = 679,
+ BOOTP_BROADCAST_ALWAYS = 680,
+ DESTINATION_DESCRIPTOR = 681
};
#define is_identifier(x) ((x) >= FIRST_TOKEN && \
--
2.14.5

12
dhcp/patches/0012-dhcp-garbage-chars.patch
View File

@ -1,12 +0,0 @@
diff -up dhcp-4.3.0rc1/common/tables.c.garbage dhcp-4.3.0rc1/common/tables.c
--- dhcp-4.3.0rc1/common/tables.c.garbage 2014-01-29 10:03:52.132624677 +0100
+++ dhcp-4.3.0rc1/common/tables.c 2014-01-29 10:04:51.413875343 +0100
@@ -213,7 +213,7 @@ static struct option dhcp_options[] = {
{ "name-service-search", "Sa", &dhcp_universe, 117, 1 },
#endif
{ "subnet-selection", "I", &dhcp_universe, 118, 1 },
- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
+ { "domain-search", "D", &dhcp_universe, 119, 1 },
{ "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
{ "vivso", "Evendor.", &dhcp_universe, 125, 1 },
#if 0

175
dhcp/patches/0013-DHCPv6-over-PPP-support-626514.patch Normal file
View File

@ -0,0 +1,175 @@
From 43332b29f0c8fef3ddd225e31f5f2b4ff8273b36 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:33:06 +0100
Subject: [PATCH 13/21] DHCPv6 over PPP support (#626514)
Cc: pzhukov@redhat.com
---
client/dhc6.c | 3 ++-
client/dhclient.c | 17 ++++++++++++++---
common/bpf.c | 16 ++++++++++++++++
common/lpf.c | 16 ++++++++++++++++
includes/dhcp.h | 2 ++
includes/dhcpd.h | 2 +-
server/dhcpv6.c | 3 +++
7 files changed, 54 insertions(+), 5 deletions(-)
diff --git a/client/dhc6.c b/client/dhc6.c
index 16a0838..3171828 100644
--- a/client/dhc6.c
+++ b/client/dhc6.c
@@ -5744,7 +5744,8 @@ make_client6_options(struct client_state *client, struct option_state **op,
*/
if ((oc = lookup_option(&dhcpv6_universe, *op,
D6O_CLIENTID)) == NULL) {
- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
+ if (default_duid.len == 0 ||
+ !option_cache(&oc, &default_duid, NULL, clientid_option,
MDL))
log_fatal("Failure assembling a DUID.");
diff --git a/client/dhclient.c b/client/dhclient.c
index 5d3f5bc..301132c 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -1202,8 +1202,8 @@ main(int argc, char **argv) {
if (default_duid.buffer != NULL)
data_string_forget(&default_duid, MDL);
- form_duid(&default_duid, MDL);
- write_duid(&default_duid);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
+ write_duid(&default_duid);
}
}
@@ -3956,7 +3956,7 @@ write_options(struct client_state *client, struct option_state *options,
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
-void
+isc_result_t
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
@@ -3969,6 +3969,15 @@ form_duid(struct data_string *duid, const char *file, int line)
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
+ while (ip && ip->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ /* Try the other interfaces */
+ log_debug("Cannot form default DUID from interface %s.", ip->name);
+ ip = ip->next;
+ }
+ if (ip == NULL) {
+ return ISC_R_UNEXPECTED;
+ }
+
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
@@ -4014,6 +4023,8 @@ form_duid(struct data_string *duid, const char *file, int line)
log_info("Created duid %s.", str);
dfree(str, MDL);
}
+
+ return ISC_R_SUCCESS;
}
/* Write the default DUID to the lease store. */
diff --git a/common/bpf.c b/common/bpf.c
index 67b6d64..ffbd09a 100644
--- a/common/bpf.c
+++ b/common/bpf.c
@@ -650,6 +650,22 @@ get_hw_addr(const char *name, struct hardware *hw) {
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
+#if defined(IFT_PPP)
+ case IFT_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sdl_type, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
diff --git a/common/lpf.c b/common/lpf.c
index 82a279b..b0ed01c 100644
--- a/common/lpf.c
+++ b/common/lpf.c
@@ -563,6 +563,22 @@ get_hw_addr(const char *name, struct hardware *hw) {
hw->hbuf[0] = HTYPE_FDDI;
memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sa_family, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
diff --git a/includes/dhcp.h b/includes/dhcp.h
index 95bf539..4cc547a 100644
--- a/includes/dhcp.h
+++ b/includes/dhcp.h
@@ -80,6 +80,8 @@ struct dhcp_packet {
* is no standard for this so we
* just steal a type */
+#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 2ac39ae..faa9251 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -3051,7 +3051,7 @@ void client_dns_remove(struct client_state *client, struct iaddr *addr);
void dhcpv4_client_assignments(void);
void dhcpv6_client_assignments(void);
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
void dhcp4o6_start(void);
diff --git a/server/dhcpv6.c b/server/dhcpv6.c
index a7110f9..c5ce7e8 100644
--- a/server/dhcpv6.c
+++ b/server/dhcpv6.c
@@ -482,6 +482,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
+ if (p->next == NULL && p->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ log_error("Can not generate DUID from interfaces which do not have hardware addresses, please configure server-duid!");
+ }
}
if (p == NULL) {
return ISC_R_UNEXPECTED;
--
2.14.5

14
dhcp/patches/0013-dhcp-add_timeout_when_NULL.patch
View File

@ -1,14 +0,0 @@
diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispatch.c
--- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 01:25:12.000000000 +0100
+++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100
@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref
isc_interval_t interval;
isc_time_t expires;
+ if (when == NULL) {
+ return;
+ }
+
/* See if this timeout supersedes an existing timeout. */
t = (struct timeout *)0;
for (q = timeouts; q; q = q->next) {

428
dhcp/patches/0020-dhcp-lpf-ib.patch → dhcp/patches/0014-IPoIB-support-660681.patch
View File

@ -1,19 +1,36 @@
diff -up dhcp-4.3.4/client/dhclient.c.lpf-ib dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.lpf-ib 2016-05-02 14:37:36.945128001 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-05-02 14:37:36.952128005 +0200
@@ -163,6 +163,8 @@ static const char use_noarg[] = "No argu
static const char use_v6command[] = "Command not used for DHCPv4: %s";
#endif
From de8468cf16c0fa9d01412446fcf1d44ccd0fd411 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:34:21 +0100
Subject: [PATCH 14/21] IPoIB support (#660681)
Cc: pzhukov@redhat.com
(Submitted to dhcp-bugs@isc.org - [ISC-Bugs #24249])
---
client/dhclient.c | 32 +++++++
common/bpf.c | 32 +++++++
common/discover.c | 4 +-
common/lpf.c | 262 +++++++++++++++++++++++++++++++++++++++++++++++++-----
common/socket.c | 8 +-
includes/dhcpd.h | 6 +-
6 files changed, 315 insertions(+), 29 deletions(-)
diff --git a/client/dhclient.c b/client/dhclient.c
index 301132c..dc9080e 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -205,6 +205,8 @@ static const char use_v6command[] = "Command not used for DHCPv4: %s";
#define DHCLIENT_USAGEH "{--version|--help|-h}"
+static void setup_ib_interface(struct interface_info *ip);
+
static void
usage(const char *sfmt, const char *sarg)
{
@@ -1066,6 +1068,13 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
@@ -1191,6 +1193,13 @@ main(int argc, char **argv) {
}
srandom(seed + cur_time + (unsigned)getpid());
+ /* Setup specific Infiniband options */
+ for (ip = interfaces; ip; ip = ip->next) {
+ if (ip->client &&
@ -21,13 +38,13 @@ diff -up dhcp-4.3.4/client/dhclient.c.lpf-ib dhcp-4.3.4/client/dhclient.c
+ setup_ib_interface(ip);
+ }
+ }
/*
* Establish a default DUID. We always do so for v6 and
@@ -1361,6 +1370,29 @@ int find_subnet (struct subnet **sp,
return 0;
/*
* Establish a default DUID. We always do so for v6 and
@@ -1486,6 +1495,29 @@ int find_subnet (struct subnet **sp,
return 0;
}
+static void setup_ib_interface(struct interface_info *ip)
+{
+ struct group *g;
@ -54,13 +71,14 @@ diff -up dhcp-4.3.4/client/dhclient.c.lpf-ib dhcp-4.3.4/client/dhclient.c
/* Individual States:
*
* Each routine is called from the dhclient_state_machine() in one of
diff -up dhcp-4.3.4/common/bpf.c.lpf-ib dhcp-4.3.4/common/bpf.c
--- dhcp-4.3.4/common/bpf.c.lpf-ib 2016-05-02 14:37:36.946128001 +0200
+++ dhcp-4.3.4/common/bpf.c 2016-05-02 14:37:36.952128005 +0200
@@ -198,11 +198,43 @@ struct bpf_insn dhcp_bpf_filter [] = {
BPF_STMT(BPF_RET+BPF_K, 0),
};
diff --git a/common/bpf.c b/common/bpf.c
index ffbd09a..568e3d9 100644
--- a/common/bpf.c
+++ b/common/bpf.c
@@ -237,11 +237,43 @@ int dhcp_bpf_relay_filter_len =
sizeof dhcp_bpf_relay_filter / sizeof (struct bpf_insn);
#endif
+/* Packet filter program for DHCP over Infiniband.
+ *
+ * XXX
@ -95,37 +113,39 @@ diff -up dhcp-4.3.4/common/bpf.c.lpf-ib dhcp-4.3.4/common/bpf.c
#if defined (DEC_FDDI)
struct bpf_insn *bpf_fddi_filter = NULL;
#endif
int dhcp_bpf_filter_len = sizeof dhcp_bpf_filter / sizeof (struct bpf_insn);
+int dhcp_ib_bpf_filter_len = sizeof dhcp_ib_bpf_filter / sizeof (struct bpf_insn);
#if defined (HAVE_TR_SUPPORT)
struct bpf_insn dhcp_bpf_tr_filter [] = {
/* accept all token ring packets due to variable length header */
diff -up dhcp-4.3.4/common/discover.c.lpf-ib dhcp-4.3.4/common/discover.c
--- dhcp-4.3.4/common/discover.c.lpf-ib 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/common/discover.c 2016-05-02 14:38:08.257147982 +0200
@@ -1235,7 +1235,7 @@ discover_interfaces(int state) {
if_register_send(tmp);
} else {
/* get_hw_addr() was called by register. */
diff --git a/common/discover.c b/common/discover.c
index 6ef8852..65881fc 100644
--- a/common/discover.c
+++ b/common/discover.c
@@ -894,7 +894,7 @@ discover_interfaces(int state) {
if_register_send(tmp);
} else {
/* get_hw_addr() was called by register. */
- get_hw_addr(tmp->name, &tmp->hw_address);
+ get_hw_addr(tmp);
}
break;
}
break;
#ifdef DHCPv6
@@ -1248,7 +1248,7 @@ discover_interfaces(int state) {
so now we have to call it explicitly
to not leave the hardware address unknown
(some code expects it cannot be. */
@@ -907,7 +907,7 @@ discover_interfaces(int state) {
so now we have to call it explicitly
to not leave the hardware address unknown
(some code expects it cannot be. */
- get_hw_addr(tmp->name, &tmp->hw_address);
+ get_hw_addr(tmp);
} else {
if_register_linklocal6(tmp);
}
diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
--- dhcp-4.3.4/common/lpf.c.lpf-ib 2016-05-02 14:37:36.947128002 +0200
+++ dhcp-4.3.4/common/lpf.c 2016-05-02 14:37:36.953128006 +0200
@@ -47,6 +47,17 @@
} else {
if_register_linklocal6(tmp);
}
diff --git a/common/lpf.c b/common/lpf.c
index b0ed01c..b732a86 100644
--- a/common/lpf.c
+++ b/common/lpf.c
@@ -45,6 +45,17 @@
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <net/if.h>
@ -141,12 +161,12 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+};
+
#endif
#if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE)
@@ -80,10 +91,20 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
@@ -78,10 +89,20 @@ int if_register_lpf (info)
struct sockaddr common;
} sa;
struct ifreq ifr;
+ int type;
+ int protocol;
+
@ -158,44 +178,44 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+ type = SOCK_RAW;
+ protocol = ETH_P_ALL;
+ }
/* Make an LPF socket. */
/* Make an LPF socket. */
- if ((sock = socket(PF_PACKET, SOCK_RAW,
- htons((short)ETH_P_ALL))) < 0) {
+ if ((sock = socket(PF_PACKET, type, htons((short)protocol))) < 0) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -106,6 +127,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT ||
errno == EAFNOSUPPORT || errno == EINVAL) {
@@ -104,6 +125,7 @@ int if_register_lpf (info)
/* Bind to the interface name */
memset (&sa, 0, sizeof sa);
sa.ll.sll_family = AF_PACKET;
+ sa.ll.sll_protocol = htons(protocol);
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
@@ -122,8 +144,6 @@ int if_register_lpf (info)
}
sa.ll.sll_ifindex = ifr.ifr_ifindex;
if (bind (sock, &sa.common, sizeof sa)) {
if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT ||
@@ -120,8 +142,6 @@ int if_register_lpf (info)
}
- get_hw_addr(info->name, &info->hw_address);
-
return sock;
return sock;
}
#endif /* USE_LPF_SEND || USE_LPF_RECEIVE */
@@ -178,6 +198,8 @@ void if_deregister_send (info)
@@ -176,6 +196,8 @@ void if_deregister_send (info)
in bpf includes... */
extern struct sock_filter dhcp_bpf_filter [];
extern int dhcp_bpf_filter_len;
+extern struct sock_filter dhcp_ib_bpf_filter [];
+extern int dhcp_ib_bpf_filter_len;
#if defined (HAVE_TR_SUPPORT)
extern struct sock_filter dhcp_bpf_tr_filter [];
@@ -196,11 +218,12 @@ void if_register_receive (info)
#if defined(RELAY_PORT)
extern struct sock_filter dhcp_bpf_relay_filter [];
@@ -199,11 +221,12 @@ void if_register_receive (info)
#ifdef PACKET_AUXDATA
{
int val = 1;
{
int val = 1;
-
- if (setsockopt(info->rfdesc, SOL_PACKET, PACKET_AUXDATA,
- &val, sizeof(val)) < 0) {
@ -207,50 +227,12 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+ if (errno != ENOPROTOOPT) {
+ log_fatal ("Failed to set auxiliary packet data: %m");
+ }
}
}
}
@@ -250,15 +273,28 @@ static void lpf_gen_filter_setup (info)
memset(&p, 0, sizeof(p));
- /* Set up the bpf filter program structure. This is defined in
- bpf.c */
- p.len = dhcp_bpf_filter_len;
- p.filter = dhcp_bpf_filter;
-
- /* Patch the server port into the LPF program...
- XXX changes to filter program may require changes
- to the insn number(s) used below! XXX */
- dhcp_bpf_filter [8].k = ntohs ((short)local_port);
+ if (info->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ /* Set up the bpf filter program structure. */
+ p.len = dhcp_ib_bpf_filter_len;
+ p.filter = dhcp_ib_bpf_filter;
+
+ /* Patch the server port into the LPF program...
+ XXX
+ changes to filter program may require changes
+ to the insn number(s) used below!
+ XXX */
+ dhcp_ib_bpf_filter[6].k = ntohs ((short)local_port);
+ } else {
+ /* Set up the bpf filter program structure.
+ This is defined in bpf.c */
+ p.len = dhcp_bpf_filter_len;
+ p.filter = dhcp_bpf_filter;
+
+ /* Patch the server port into the LPF program...
+ XXX changes to filter program may require changes
+ to the insn number(s) used below! XXX */
+ dhcp_bpf_filter [8].k = ntohs ((short)local_port);
+ }
if (setsockopt (info -> rfdesc, SOL_SOCKET, SO_ATTACH_FILTER, &p,
sizeof p) < 0) {
@@ -315,6 +351,54 @@ static void lpf_tr_filter_setup (info)
}
}
}
@@ -330,6 +353,54 @@ static void lpf_tr_filter_setup (info)
#endif /* USE_LPF_RECEIVE */
#ifdef USE_LPF_SEND
+ssize_t send_packet_ib(interface, packet, raw, len, from, to, hto)
+ struct interface_info *interface;
@ -301,23 +283,23 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+}
+
ssize_t send_packet (interface, packet, raw, len, from, to, hto)
struct interface_info *interface;
struct packet *packet;
@@ -335,6 +419,11 @@ ssize_t send_packet (interface, packet,
return send_fallback (interface, packet, raw,
len, from, to, hto);
struct interface_info *interface;
struct packet *packet;
@@ -350,6 +421,11 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto)
return send_fallback (interface, packet, raw,
len, from, to, hto);
+ if (interface->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ return send_packet_ib(interface, packet, raw, len, from,
+ to, hto);
+ }
+
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
@@ -355,6 +444,42 @@ ssize_t send_packet (interface, packet,
if (hto == NULL && interface->anycast_mac_addr.hlen)
hto = &interface->anycast_mac_addr;
@@ -370,6 +446,42 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto)
#endif /* USE_LPF_SEND */
#ifdef USE_LPF_RECEIVE
+ssize_t receive_packet_ib (interface, buf, len, from, hfrom)
+ struct interface_info *interface;
@ -356,22 +338,22 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+}
+
ssize_t receive_packet (interface, buf, len, from, hfrom)
struct interface_info *interface;
unsigned char *buf;
@@ -393,6 +518,10 @@ ssize_t receive_packet (interface, buf,
};
struct interface_info *interface;
unsigned char *buf;
@@ -408,6 +520,10 @@ ssize_t receive_packet (interface, buf, len, from, hfrom)
};
#endif /* PACKET_AUXDATA */
+ if (interface->hw_address.hbuf[0] == HTYPE_INFINIBAND) {
+ return receive_packet_ib(interface, buf, len, from, hfrom);
+ }
+
length = recvmsg (interface->rfdesc, &msg, 0);
if (length <= 0)
return length;
@@ -506,11 +635,33 @@ void maybe_setup_fallback ()
length = recvmsg (interface->rfdesc, &msg, 0);
if (length <= 0)
return length;
@@ -521,11 +637,33 @@ void maybe_setup_fallback ()
#endif
#if defined (USE_LPF_RECEIVE) || defined (USE_LPF_HWADDR)
-void
-get_hw_addr(const char *name, struct hardware *hw) {
@ -398,25 +380,25 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+struct sockaddr_ll *
+ioctl_get_ll(char *name)
+{
int sock;
struct ifreq tmp;
int sock;
struct ifreq tmp;
- struct sockaddr *sa;
+ struct sockaddr *sa = NULL;
+ struct sockaddr_ll *sll = NULL;
if (strlen(name) >= sizeof(tmp.ifr_name)) {
log_fatal("Device name too long: \"%s\"", name);
@@ -524,16 +675,61 @@ get_hw_addr(const char *name, struct har
memset(&tmp, 0, sizeof(tmp));
strcpy(tmp.ifr_name, name);
if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
- log_fatal("Error getting hardware address for \"%s\": %m",
if (strlen(name) >= sizeof(tmp.ifr_name)) {
log_fatal("Device name too long: \"%s\"", name);
@@ -539,16 +677,61 @@ get_hw_addr(const char *name, struct hardware *hw) {
memset(&tmp, 0, sizeof(tmp));
strcpy(tmp.ifr_name, name);
if (ioctl(sock, SIOCGIFHWADDR, &tmp) < 0) {
- log_fatal("Error getting hardware address for \"%s\": %m",
+ log_fatal("Error getting hardware address for \"%s\": %m",
name);
}
name);
}
+ close(sock);
sa = &tmp.ifr_hwaddr;
sa = &tmp.ifr_hwaddr;
- switch (sa->sa_family) {
+ // needs to be freed outside this function
+ sll = dmalloc (sizeof (struct sockaddr_ll), MDL);
@ -463,24 +445,24 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+ }
+
+ switch (sll->sll_hatype) {
case ARPHRD_ETHER:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_ETHER;
case ARPHRD_ETHER:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_ETHER;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_IEEE802:
break;
case ARPHRD_IEEE802:
#ifdef ARPHRD_IEEE802_TR
@@ -541,18 +737,50 @@ get_hw_addr(const char *name, struct har
@@ -556,18 +739,50 @@ get_hw_addr(const char *name, struct hardware *hw) {
#endif /* ARPHRD_IEEE802_TR */
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
hw->hlen = 7;
hw->hbuf[0] = HTYPE_IEEE802;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
break;
case ARPHRD_FDDI:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
break;
case ARPHRD_FDDI:
hw->hlen = 7;
hw->hbuf[0] = HTYPE_FDDI;
- memcpy(&hw->hbuf[1], sa->sa_data, 6);
+ memcpy(&hw->hbuf[1], sll->sll_addr, 6);
+ break;
@ -515,100 +497,104 @@ diff -up dhcp-4.3.4/common/lpf.c.lpf-ib dhcp-4.3.4/common/lpf.c
+ memcpy(&hw->hbuf[1],
+ &sll->sll_addr[sll->sll_halen - HARDWARE_ADDR_LEN_IOCTL],
+ HARDWARE_ADDR_LEN_IOCTL);
break;
break;
#if defined(ARPHRD_PPP)
case ARPHRD_PPP:
if (local_family != AF_INET6)
case ARPHRD_PPP:
if (local_family != AF_INET6)
- log_fatal("Unsupported device type %d for \"%s\"",
- sa->sa_family, name);
+ log_fatal("local_family != AF_INET6 for \"%s\"",
+ name);
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
@@ -565,10 +793,13 @@ get_hw_addr(const char *name, struct har
break;
hw->hlen = 0;
hw->hbuf[0] = HTYPE_RESERVED;
/* 0xdeadbeef should never occur on the wire,
@@ -580,10 +795,13 @@ get_hw_addr(const char *name, struct hardware *hw) {
break;
#endif
default:
default:
- log_fatal("Unsupported device type %ld for \"%s\"",
- (long int)sa->sa_family, name);
+ freeifaddrs(ifaddrs);
+ log_fatal("Unsupported device type %hu for \"%s\"",
+ sll->sll_hatype, name);
}
}
- close(sock);
+ if (sll_allocated)
+ dfree(sll, MDL);
+ freeifaddrs(ifaddrs);
}
#endif
diff -up dhcp-4.3.4/common/socket.c.lpf-ib dhcp-4.3.4/common/socket.c
--- dhcp-4.3.4/common/socket.c.lpf-ib 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/common/socket.c 2016-05-02 14:37:36.953128006 +0200
@@ -328,7 +328,7 @@ void if_register_send (info)
info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
diff --git a/common/socket.c b/common/socket.c
index 483eb9c..6e1caac 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -350,7 +350,7 @@ void if_register_send (info)
info->wfdesc = if_register_socket(info, AF_INET, 0, NULL);
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
#if defined (USE_SOCKET_FALLBACK)
/* Fallback only registers for send, but may need to receive as
well. */
@@ -391,7 +391,7 @@ void if_register_receive (info)
/* Fallback only registers for send, but may need to receive as
well. */
@@ -413,7 +413,7 @@ void if_register_receive (info)
#endif /* IP_PKTINFO... */
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
/* If this is a normal IPv4 address, get the hardware address. */
if (strcmp(info->name, "fallback") != 0)
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
if (!quiet_interface_discovery)
log_info ("Listening on Socket/%s%s%s",
@@ -505,7 +505,7 @@ if_register6(struct interface_info *info
if (req_multi)
if_register_multicast(info);
if (!quiet_interface_discovery)
log_info ("Listening on Socket/%s%s%s",
@@ -567,7 +567,7 @@ if_register6(struct interface_info *info, int do_multicast) {
if (req_multi)
if_register_multicast(info);
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
@@ -561,7 +561,7 @@ if_register_linklocal6(struct interface_
info->rfdesc = sock;
info->wfdesc = sock;
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
@@ -623,7 +623,7 @@ if_register_linklocal6(struct interface_info *info) {
info->rfdesc = sock;
info->wfdesc = sock;
- get_hw_addr(info->name, &info->hw_address);
+ get_hw_addr(info);
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
diff -up dhcp-4.3.4/includes/dhcpd.h.lpf-ib dhcp-4.3.4/includes/dhcpd.h
--- dhcp-4.3.4/includes/dhcpd.h.lpf-ib 2016-05-02 14:37:36.948128002 +0200
+++ dhcp-4.3.4/includes/dhcpd.h 2016-05-02 14:37:36.954128006 +0200
@@ -482,6 +482,9 @@ struct packet {
if (!quiet_interface_discovery) {
if (info->shared_network != NULL) {
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index faa9251..0c1a0aa 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -485,6 +485,9 @@ struct packet {
#define HARDWARE_ADDR_LEN 20
+/* ioctl limits hardware addresses to 8 bytes */
+#define HARDWARE_ADDR_LEN_IOCTL 8
+
struct hardware {
u_int8_t hlen;
u_int8_t hbuf[HARDWARE_ADDR_LEN + 1];
@@ -1343,6 +1346,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
u_int8_t hlen;
u_int8_t hbuf[HARDWARE_ADDR_LEN + 1];
@@ -1365,6 +1368,7 @@ struct interface_info {
struct shared_network *shared_network;
/* Networks connected to this interface. */
struct hardware hw_address; /* Its physical address. */
+ u_int8_t bcast_addr[20]; /* Infiniband broadcast address */
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
@@ -2580,7 +2584,7 @@ void print_dns_status (int, struct dhcp_
struct in_addr *addresses; /* Addresses associated with this
* interface.
*/
@@ -2633,7 +2637,7 @@ void print_dns_status (int, struct dhcp_ddns_cb *, isc_result_t);
#endif
const char *print_time(TIME);
-void get_hw_addr(const char *name, struct hardware *hw);
+void get_hw_addr(struct interface_info *info);
char *buf_to_hex (const unsigned char *s, unsigned len,
const char *file, int line);
char *format_lease_id(const unsigned char *s, unsigned len, int format,
--
2.14.5

75
dhcp/patches/0014-dhcp-64_bit_lease_parse.patch
View File

@ -1,75 +0,0 @@
diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp-4.3.0a1/common/parse.c
--- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 01:25:12.000000000 +0100
+++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100
@@ -938,8 +938,8 @@ TIME
parse_date_core(cfile)
struct parse *cfile;
{
- int guess;
- int tzoff, year, mon, mday, hour, min, sec;
+ TIME guess;
+ long int tzoff, year, mon, mday, hour, min, sec;
const char *val;
enum dhcp_token token;
static int months[11] = { 31, 59, 90, 120, 151, 181,
@@ -965,7 +965,7 @@ parse_date_core(cfile)
}
skip_token(&val, NULL, cfile); /* consume number */
- guess = atoi(val);
+ guess = atol(val);
return((TIME)guess);
}
@@ -993,7 +993,7 @@ parse_date_core(cfile)
somebody invents a time machine, I think we can safely disregard
it. This actually works around a stupid Y2K bug that was present
in a very early beta release of dhcpd. */
- year = atoi(val);
+ year = atol(val);
if (year > 1900)
year -= 1900;
@@ -1039,7 +1039,7 @@ parse_date_core(cfile)
return((TIME)0);
}
skip_token(&val, NULL, cfile); /* consume day of month */
- mday = atoi(val);
+ mday = atol(val);
/* Hour... */
token = peek_token(&val, NULL, cfile);
@@ -1050,7 +1050,7 @@ parse_date_core(cfile)
return((TIME)0);
}
skip_token(&val, NULL, cfile); /* consume hour */
- hour = atoi(val);
+ hour = atol(val);
/* Colon separating hour from minute... */
token = peek_token(&val, NULL, cfile);
@@ -1072,7 +1072,7 @@ parse_date_core(cfile)
return((TIME)0);
}
skip_token(&val, NULL, cfile); /* consume minute */
- min = atoi(val);
+ min = atol(val);
/* Colon separating minute from second... */
token = peek_token(&val, NULL, cfile);
@@ -1094,13 +1094,13 @@ parse_date_core(cfile)
return((TIME)0);
}
skip_token(&val, NULL, cfile); /* consume second */
- sec = atoi(val);
+ sec = atol(val);
tzoff = 0;
token = peek_token(&val, NULL, cfile);
if (token == NUMBER) {
skip_token(&val, NULL, cfile); /* consume tzoff */
- tzoff = atoi(val);
+ tzoff = atol(val);
} else if (token != SEMI) {
skip_token(&val, NULL, cfile);
parse_warn(cfile,

331
dhcp/patches/0015-Add-GUID-DUID-to-dhcpd-logs-1064416.patch Normal file
View File

@ -0,0 +1,331 @@
From 7ac7d0b00874ee996c7ee75a595c029759368aad Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:35:47 +0100
Subject: [PATCH 15/21] Add GUID/DUID to dhcpd logs (#1064416)
Cc: pzhukov@redhat.com
---
client/dhclient.c | 75 ++++++++++++++++++++++++++++++++++++++++++----------
server/dhcp.c | 78 +++++++++++++++++++++++++++++++++----------------------
2 files changed, 108 insertions(+), 45 deletions(-)
diff --git a/client/dhclient.c b/client/dhclient.c
index dc9080e..8e57da9 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -1170,6 +1170,26 @@ main(int argc, char **argv) {
}
}
+ /* We create a backup seed before rediscovering interfaces in order to
+ have a seed built using all of the available interfaces
+ It's interesting if required interfaces doesn't let us defined
+ a really unique seed due to a lack of valid HW addr later
+ (this is the case with DHCP over IB)
+ We only use the last device as using a sum could broke the
+ uniqueness of the seed among multiple nodes
+ */
+ unsigned backup_seed = 0;
+ for (ip = interfaces; ip; ip = ip -> next) {
+ int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
+ memcpy (&junk,
+ &ip -> hw_address.hbuf [ip -> hw_address.hlen -
+ sizeof seed], sizeof seed);
+ backup_seed = junk;
+ }
+
+
/* At this point, all the interfaces that the script thinks
are relevant should be running, so now we once again call
discover_interfaces(), and this time ask it to actually set
@@ -1184,14 +1204,36 @@ main(int argc, char **argv) {
Not much entropy, but we're booting, so we're not likely to
find anything better. */
seed = 0;
+ int seed_flag = 0;
for (ip = interfaces; ip; ip = ip->next) {
int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
memcpy(&junk,
&ip->hw_address.hbuf[ip->hw_address.hlen -
sizeof seed], sizeof seed);
seed += junk;
+ seed_flag = 1;
}
- srandom(seed + cur_time + (unsigned)getpid());
+ if ( seed_flag == 0 ) {
+ if ( backup_seed != 0 ) {
+ seed = backup_seed;
+ log_info ("xid: rand init seed (0x%x) built using all"
+ " available interfaces",seed);
+ }
+ else {
+ seed = cur_time^((unsigned) gethostid()) ;
+ log_info ("xid: warning: no netdev with useable HWADDR found"
+ " for seed's uniqueness enforcement");
+ log_info ("xid: rand init seed (0x%x) built using gethostid",
+ seed);
+ }
+ /* we only use seed and no current time as a broadcast reply */
+ /* will certainly be used by the hwaddrless interface */
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
+ }
+ else
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
/* Setup specific Infiniband options */
for (ip = interfaces; ip; ip = ip->next) {
@@ -1746,10 +1788,10 @@ void dhcpack (packet)
#endif
return;
}
-
- log_info ("DHCPACK of %s from %s",
- inet_ntoa(packet->raw->yiaddr),
- piaddr (packet->client_addr));
+ log_info ("DHCPACK of %s from %s (xid=0x%x)",
+ inet_ntoa(packet->raw->yiaddr),
+ piaddr (packet -> client_addr),
+ ntohl(client -> xid));
lease = packet_to_lease (packet, client);
if (!lease) {
@@ -2669,7 +2711,7 @@ void dhcpnak (packet)
return;
}
- log_info ("DHCPNAK from %s", piaddr (packet -> client_addr));
+ log_info ("DHCPNAK from %s (xid=0x%x)", piaddr (packet -> client_addr), ntohl(client -> xid));
if (!client -> active) {
#if defined (DEBUG)
@@ -2802,10 +2844,10 @@ void send_discover (cpp)
(long)(client -> interval));
} else
#endif
- log_info ("DHCPDISCOVER on %s to %s port %d interval %ld",
+ log_info ("DHCPDISCOVER on %s to %s port %d interval %ld (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (sockaddr_broadcast.sin_addr),
- ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval));
+ ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval), ntohl(client -> xid));
/* Send out a packet. */
#if defined(DHCPv6) && defined(DHCP4o6)
@@ -3108,10 +3150,12 @@ void send_request (cpp)
}
strncpy(rip_buf, rip_str, sizeof(rip_buf)-1);
- log_info ("DHCPREQUEST for %s on %s to %s port %d", rip_buf,
+ log_info ("DHCPREQUEST for %s on %s to %s port %d (xid=0x%x)",
+ rip_buf,
client->name ? client->name : client->interface->name,
inet_ntoa(destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port),
+ ntohl(client -> xid));
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6) {
@@ -3168,11 +3212,13 @@ void send_decline (cpp)
log_info ("DHCPDECLINE");
} else
#endif
- log_info ("DHCPDECLINE of %s on %s to %s port %d",
+ log_info ("DHCPDECLINE of %s on %s to %s port %d (xid=0x%x)",
piaddr(client->requested_address),
(client->name ? client->name : client->interface->name),
inet_ntoa(sockaddr_broadcast.sin_addr),
- ntohs(sockaddr_broadcast.sin_port));
+ ntohs(sockaddr_broadcast.sin_port),
+ ntohl(client -> xid));
+
/* Send out a packet. */
#if defined(DHCPv6) && defined(DHCP4o6)
@@ -3231,11 +3277,12 @@ void send_release (cpp)
log_info ("DHCPRELEASE");
} else
#endif
- log_info ("DHCPRELEASE of %s on %s to %s port %d",
+ log_info ("DHCPRELEASE of %s on %s to %s port %d (xid=0x%x)",
piaddr(client->active->address),
client->name ? client->name : client->interface->name,
inet_ntoa (destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port),
+ ntohl(client -> xid));
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6) {
diff --git a/server/dhcp.c b/server/dhcp.c
index 20f2a62..0582c4c 100644
--- a/server/dhcp.c
+++ b/server/dhcp.c
@@ -87,6 +87,42 @@ const int dhcp_type_name_max = ((sizeof dhcp_type_names) / sizeof (char *));
static TIME leaseTimeCheck(TIME calculated, TIME alternate);
+char *print_client_identifier_from_packet (packet)
+ struct packet *packet;
+{
+ struct option_cache *oc;
+ struct data_string client_identifier;
+ char *ci;
+
+ memset (&client_identifier, 0, sizeof client_identifier);
+
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_DHCP_CLIENT_IDENTIFIER);
+ if (oc &&
+ evaluate_option_cache (&client_identifier,
+ packet, (struct lease *)0,
+ (struct client_state *)0,
+ packet -> options,
+ (struct option_state *)0,
+ &global_scope, oc, MDL)) {
+ ci = print_hw_addr (HTYPE_INFINIBAND, client_identifier.len, client_identifier.data);
+ data_string_forget (&client_identifier, MDL);
+ return ci;
+ } else
+ return "\"no client id\"";
+}
+
+char *print_hw_addr_or_client_id (packet)
+ struct packet *packet;
+{
+ if (packet -> raw -> htype == HTYPE_INFINIBAND)
+ return print_client_identifier_from_packet (packet);
+ else
+ return print_hw_addr (packet -> raw -> htype,
+ packet -> raw -> hlen,
+ packet -> raw -> chaddr);
+}
+
void
dhcp (struct packet *packet) {
int ms_nulltp = 0;
@@ -129,9 +165,7 @@ dhcp (struct packet *packet) {
log_info("%s from %s via %s: %s", s,
(packet->raw->htype
- ? print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr)
+ ? print_hw_addr_or_client_id(packet)
: "<no identifier>"),
packet->raw->giaddr.s_addr
? inet_ntoa(packet->raw->giaddr)
@@ -328,9 +362,7 @@ void dhcpdiscover (packet, ms_nulltp)
#endif
snprintf (msgbuf, sizeof msgbuf, "DHCPDISCOVER from %s %s%s%svia %s",
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id (packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -542,9 +574,7 @@ void dhcprequest (packet, ms_nulltp, ip_lease)
"DHCPREQUEST for %s%s from %s %s%s%svia %s",
piaddr (cip), smbuf,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -785,9 +815,7 @@ void dhcprelease (packet, ms_nulltp)
if ((oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS))) {
log_info ("DHCPRELEASE from %s specified requested-address.",
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr));
+ print_hw_addr_or_client_id(packet));
}
oc = lookup_option (&dhcp_universe, packet -> options,
@@ -879,9 +907,7 @@ void dhcprelease (packet, ms_nulltp)
"DHCPRELEASE of %s from %s %s%s%svia %s (%sfound)",
cstr,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -986,9 +1012,7 @@ void dhcpdecline (packet, ms_nulltp)
"DHCPDECLINE of %s from %s %s%s%svia %s",
piaddr (cip),
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -1732,8 +1756,7 @@ void dhcpinform (packet, ms_nulltp)
/* Report what we're sending. */
snprintf(msgbuf, sizeof msgbuf, "DHCPACK to %s (%s) via", piaddr(cip),
(packet->raw->htype && packet->raw->hlen) ?
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr) :
+ print_hw_addr_or_client_id(packet) :
"<no client hardware address>");
log_info("%s %s", msgbuf, gip.len ? piaddr(gip) :
packet->interface->name);
@@ -1918,9 +1941,7 @@ void nak_lease (packet, cip, network_group)
#endif
log_info ("DHCPNAK on %s to %s via %s",
piaddr (*cip),
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr),
+ print_hw_addr_or_client_id(packet),
packet -> raw -> giaddr.s_addr
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
@@ -3936,7 +3957,7 @@ void dhcp_reply (lease)
? (state -> offer == DHCPACK ? "DHCPACK" : "DHCPOFFER")
: "BOOTREPLY"),
piaddr (lease -> ip_addr),
- (lease -> hardware_addr.hlen
+ (lease -> hardware_addr.hlen > 1
? print_hw_addr (lease -> hardware_addr.hbuf [0],
lease -> hardware_addr.hlen - 1,
&lease -> hardware_addr.hbuf [1])
@@ -4497,10 +4518,7 @@ int find_lease (struct lease **lp,
if (uid_lease) {
if (uid_lease->binding_state == FTS_ACTIVE) {
log_error ("client %s has duplicate%s on %s",
- (print_hw_addr
- (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)),
+ (print_hw_addr_or_client_id(packet)),
" leases",
(ip_lease -> subnet ->
shared_network -> name));
@@ -4667,9 +4685,7 @@ int find_lease (struct lease **lp,
log_error("uid lease %s for client %s is duplicate "
"on %s",
piaddr(uid_lease->ip_addr),
- print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr),
+ print_hw_addr_or_client_id(packet),
uid_lease->subnet->shared_network->name);
if (!packet -> raw -> ciaddr.s_addr &&
--
2.14.5

125
dhcp/patches/0016-Turn-on-creating-sending-of-DUID.patch Normal file
View File

@ -0,0 +1,125 @@
From 1f0473939bcb17095bbef48cd9a81105a3de9846 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:36:30 +0100
Subject: [PATCH 16/21] Turn on creating/sending of DUID
Cc: pzhukov@redhat.com
as client identifier with DHCPv4 clients (#560361c#40, rfc4361)
---
client/dhclient.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 70 insertions(+), 4 deletions(-)
diff --git a/client/dhclient.c b/client/dhclient.c
index 8e57da9..ccc98e4 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -4021,6 +4021,59 @@ write_options(struct client_state *client, struct option_state *options,
}
}
+int unhexchar(char c) {
+
+ if (c >= '0' && c <= '9')
+ return c - '0';
+
+ if (c >= 'a' && c <= 'f')
+ return c - 'a' + 10;
+
+ if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+
+ return -1;
+}
+
+isc_result_t
+read_uuid(u_int8_t* uuid) {
+ const char *id_fname = "/etc/machine-id";
+ char id[32];
+ size_t nread;
+ FILE * file = fopen( id_fname , "r");
+ if (!file) {
+ log_debug("Cannot open %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+ nread = fread(id, 1, sizeof id, file);
+ fclose(file);
+
+ if (nread < 32) {
+ log_debug("Not enough data in %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+ int j;
+ for (j = 0; j < 16; j++) {
+ int a, b;
+
+ a = unhexchar(id[j*2]);
+ b = unhexchar(id[j*2+1]);
+
+ if (a < 0 || b < 0) {
+ log_debug("Wrong data in %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+ uuid[j] = a << 4 | b;
+ }
+
+ /* Set UUID version to 4 --- truly random generation */
+ uuid[6] = (uuid[6] & 0x0F) | 0x40;
+ /* Set the UUID variant to DCE */
+ uuid[8] = (uuid[8] & 0x3F) | 0x80;
+
+ return ISC_R_SUCCESS;
+}
+
/*
* The "best" default DUID, since we cannot predict any information
* about the system (such as whether or not the hardware addresses are
@@ -4041,6 +4094,7 @@ form_duid(struct data_string *duid, const char *file, int line)
struct interface_info *ip;
int len;
char *str;
+ u_int8_t uuid[16];
/* For now, just use the first interface on the list. */
ip = interfaces;
@@ -4061,9 +4115,16 @@ form_duid(struct data_string *duid, const char *file, int line)
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
- if (duid_type == 0)
- duid_type = stateless ? DUID_LL : DUID_LLT;
-
+ if (duid_type == 0) {
+ if (read_uuid(uuid) == ISC_R_SUCCESS)
+ duid_type = DUID_UUID;
+ else
+ duid_type = stateless ? DUID_LL : DUID_LLT;
+ }
+
+ if (duid_type == DUID_UUID)
+ len = 2 + sizeof (uuid);
+ else {
/*
* 2 bytes for the 'duid type' field.
* 2 bytes for the 'htype' field.
@@ -4074,13 +4135,18 @@ form_duid(struct data_string *duid, const char *file, int line)
len = 4 + (ip->hw_address.hlen - 1);
if (duid_type == DUID_LLT)
len += 4;
+ }
if (!buffer_allocate(&duid->buffer, len, MDL))
log_fatal("no memory for default DUID!");
duid->data = duid->buffer->data;
duid->len = len;
+ if (duid_type == DUID_UUID) {
+ putUShort(duid->buffer->data, DUID_UUID);
+ memcpy(duid->buffer->data + 2, uuid, sizeof(uuid));
+ }
/* Basic Link Local Address type of DUID. */
- if (duid_type == DUID_LLT) {
+ else if (duid_type == DUID_LLT) {
putUShort(duid->buffer->data, DUID_LLT);
putUShort(duid->buffer->data + 2, ip->hw_address.hbuf[0]);
putULong(duid->buffer->data + 4, cur_time - DUID_TIME_EPOCH);
--
2.14.5

231
dhcp/patches/0016-dhcp-sendDecline.patch
View File

@ -1,231 +0,0 @@
diff -up dhcp-4.3.4/client/dhc6.c.sendDecline dhcp-4.3.4/client/dhc6.c
--- dhcp-4.3.4/client/dhc6.c.sendDecline 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/client/dhc6.c 2016-05-02 14:51:57.916578401 +0200
@@ -115,6 +115,8 @@ void do_select6(void *input);
void do_refresh6(void *input);
static void do_release6(void *input);
static void start_bound(struct client_state *client);
+static void start_decline6(struct client_state *client);
+static void do_decline6(void *input);
static void start_informed(struct client_state *client);
void informed_handler(struct packet *packet, struct client_state *client);
void bound_handler(struct packet *packet, struct client_state *client);
@@ -2314,6 +2316,7 @@ start_release6(struct client_state *clie
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
client->state = S_STOPPED;
/*
@@ -2968,6 +2971,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
+ case S_DECLINED:
action = dhc6_stop_action;
break;
@@ -3084,6 +3088,7 @@ dhc6_check_reply(struct client_state *cl
break;
case S_STOPPED:
+ case S_DECLINED:
/* Nothing critical to do at this stage. */
break;
@@ -4214,17 +4219,23 @@ reply_handler(struct packet *packet, str
cancel_timeout(do_select6, client);
cancel_timeout(do_refresh6, client);
cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
/* If this is in response to a Release/Decline, clean up and return. */
- if (client->state == S_STOPPED) {
- if (client->active_lease == NULL)
- return;
+ if ((client->state == S_STOPPED) ||
+ (client->state == S_DECLINED)) {
+
+ if (client->active_lease != NULL) {
+ dhc6_lease_destroy(&client->active_lease, MDL);
+ client->active_lease = NULL;
+ /* We should never wait for nothing!? */
+ if (stopping_finished())
+ exit(0);
+ }
+
+ if (client->state == S_DECLINED)
+ start_init6(client);
- dhc6_lease_destroy(&client->active_lease, MDL);
- client->active_lease = NULL;
- /* We should never wait for nothing!? */
- if (stopping_finished())
- exit(0);
return;
}
@@ -4798,7 +4809,11 @@ start_bound(struct client_state *client)
dhc6_marshall_values("new_", client, lease, ia, addr);
script_write_requested6(client);
- script_go(client);
+ // when script returns 3, DAD failed
+ if (script_go(client) == 3) {
+ start_decline6(client);
+ return;
+ }
}
/* XXX: maybe we should loop on the old values instead? */
@@ -4851,6 +4866,149 @@ start_bound(struct client_state *client)
dhc6_check_times(client);
}
+/*
+ * Decline addresses.
+ */
+void
+start_decline6(struct client_state *client)
+{
+ /* Cancel any pending transmissions */
+ cancel_timeout(do_confirm6, client);
+ cancel_timeout(do_select6, client);
+ cancel_timeout(do_refresh6, client);
+ cancel_timeout(do_release6, client);
+ cancel_timeout(do_decline6, client);
+ client->state = S_DECLINED;
+
+ if (client->active_lease == NULL)
+ return;
+
+ /* Set timers per RFC3315 section 18.1.7. */
+ client->IRT = DEC_TIMEOUT * 100;
+ client->MRT = 0;
+ client->MRC = DEC_MAX_RC;
+ client->MRD = 0;
+
+ dhc6_retrans_init(client);
+ client->v6_handler = reply_handler;
+
+ client->refresh_type = DHCPV6_DECLINE;
+ do_decline6(client);
+}
+
+/*
+ * do_decline6() creates a Decline packet and transmits it.
+ */
+static void
+do_decline6(void *input)
+{
+ struct client_state *client;
+ struct data_string ds;
+ struct timeval elapsed, tv;
+ int send_ret, added;
+
+ client = input;
+
+ if ((client->active_lease == NULL) || !active_prefix(client))
+ return;
+
+ if ((client->MRC != 0) && (client->txcount > client->MRC)) {
+ log_info("Max retransmission count exceeded.");
+ goto decline_done;
+ }
+
+ /*
+ * Start_time starts at the first transmission.
+ */
+ if (client->txcount == 0) {
+ client->start_time.tv_sec = cur_tv.tv_sec;
+ client->start_time.tv_usec = cur_tv.tv_usec;
+ }
+
+ /* elapsed = cur - start */
+ elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
+ elapsed.tv_usec = cur_tv.tv_usec - client->start_time.tv_usec;
+ if (elapsed.tv_usec < 0) {
+ elapsed.tv_sec -= 1;
+ elapsed.tv_usec += 1000000;
+ }
+
+ memset(&ds, 0, sizeof(ds));
+ if (!buffer_allocate(&ds.buffer, 4, MDL)) {
+ log_error("Unable to allocate memory for Decline.");
+ goto decline_done;
+ }
+
+ ds.data = ds.buffer->data;
+ ds.len = 4;
+ ds.buffer->data[0] = DHCPV6_DECLINE;
+ memcpy(ds.buffer->data + 1, client->dhcpv6_transaction_id, 3);
+
+ /* Form an elapsed option. */
+ /* Maximum value is 65535 1/100s coded as 0xffff. */
+ if ((elapsed.tv_sec < 0) || (elapsed.tv_sec > 655) ||
+ ((elapsed.tv_sec == 655) && (elapsed.tv_usec > 350000))) {
+ client->elapsed = 0xffff;
+ } else {
+ client->elapsed = elapsed.tv_sec * 100;
+ client->elapsed += elapsed.tv_usec / 10000;
+ }
+
+ client->elapsed = htons(client->elapsed);
+
+ log_debug("XMT: Forming Decline.");
+ make_client6_options(client, &client->sent_options,
+ client->active_lease, DHCPV6_DECLINE);
+ dhcpv6_universe.encapsulate(&ds, NULL, NULL, client, NULL,
+ client->sent_options, &global_scope,
+ &dhcpv6_universe);
+
+ /* Append IA's (but don't release temporary addresses). */
+ if (wanted_ia_na &&
+ dhc6_add_ia_na(client, &ds, client->active_lease,
+ DHCPV6_DECLINE, 0, &added) != ISC_R_SUCCESS) {
+ data_string_forget(&ds, MDL);
+ goto decline_done;
+ }
+ if (wanted_ia_pd &&
+ dhc6_add_ia_pd(client, &ds, client->active_lease,
+ DHCPV6_DECLINE, 0, &added) != ISC_R_SUCCESS) {
+ data_string_forget(&ds, MDL);
+ goto decline_done;
+ }
+
+ /* Transmit and wait. */
+ log_info("XMT: Decline on %s, interval %ld0ms.",
+ client->name ? client->name : client->interface->name,
+ (long int)client->RT);
+
+ send_ret = send_packet6(client->interface, ds.data, ds.len,
+ &DHCPv6DestAddr);
+ if (send_ret != ds.len) {
+ log_error("dhc6: sendpacket6() sent %d of %d bytes",
+ send_ret, ds.len);
+ }
+
+ data_string_forget(&ds, MDL);
+
+ /* Wait RT */
+ tv.tv_sec = cur_tv.tv_sec + client->RT / 100;
+ tv.tv_usec = cur_tv.tv_usec + (client->RT % 100) * 10000;
+ if (tv.tv_usec >= 1000000) {
+ tv.tv_sec += 1;
+ tv.tv_usec -= 1000000;
+ }
+ add_timeout(&tv, do_decline6, client, NULL, NULL);
+ dhc6_retrans_advance(client);
+ return;
+
+decline_done:
+ dhc6_lease_destroy(&client->active_lease, MDL);
+ client->active_lease = NULL;
+ start_init6(client);
+ return;
+}
+
/* While bound, ignore packets. In the future we'll want to answer
* Reconfigure-Request messages and the like.
*/

76
dhcp/patches/0017-Send-unicast-request-release-via-correct-interface.patch Normal file
View File

@ -0,0 +1,76 @@
From 8a2b491f79aab1f04feac89586dfab1e55b47adb Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:39:36 +0100
Subject: [PATCH 17/21] Send unicast request/release via correct interface
Cc: pzhukov@redhat.com
(#800561, #1177351)
(Submitted to dhcp-bugs@isc.org - [ISC-Bugs #30544])
---
client/dhclient.c | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/client/dhclient.c b/client/dhclient.c
index ccc98e4..27fde69 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -3171,6 +3171,14 @@ void send_request (cpp)
#endif
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -3180,6 +3188,13 @@ void send_request (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
}
else {
/* Send out a packet. */
@@ -3297,6 +3312,14 @@ void send_release (cpp)
} else
#endif
if (fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -3306,6 +3329,13 @@ void send_release (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
} else {
/* Send out a packet. */
result = send_packet(client->interface, NULL, &client->packet,
--
2.14.5

62
dhcp/patches/0018-No-subnet-declaration-for-iface-should-be-info-not-e.patch Normal file
View File

@ -0,0 +1,62 @@
From 588ead2d9a9cfe70f14569a8e950c6c42f15c1e3 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:40:51 +0100
Subject: [PATCH 18/21] No subnet declaration for <iface>' should be info, not
error.
Cc: pzhukov@redhat.com
---
common/discover.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/common/discover.c b/common/discover.c
index 65881fc..056342c 100644
--- a/common/discover.c
+++ b/common/discover.c
@@ -801,9 +801,9 @@ discover_interfaces(int state) {
/* We must have a subnet declaration for each interface. */
if (!tmp->shared_network && (state == DISCOVER_SERVER)) {
- log_error("%s", "");
+ log_info("%s", "");
if (local_family == AF_INET) {
- log_error("No subnet declaration for %s (%s).",
+ log_info("No subnet declaration for %s (%s).",
tmp->name,
(tmp->addresses == NULL) ?
"no IPv4 addresses" :
@@ -818,26 +818,26 @@ discover_interfaces(int state) {
} else {
strcpy(abuf, "no IPv6 addresses");
}
- log_error("No subnet6 declaration for %s (%s).",
+ log_info("No subnet6 declaration for %s (%s).",
tmp->name,
abuf);
#endif /* DHCPv6 */
}
if (supports_multiple_interfaces(tmp)) {
- log_error ("** Ignoring requests on %s. %s",
+ log_info ("** Ignoring requests on %s. %s",
tmp -> name, "If this is not what");
- log_error (" you want, please write %s",
+ log_info (" you want, please write %s",
#ifdef DHCPv6
(local_family != AF_INET) ?
"a subnet6 declaration" :
#endif
"a subnet declaration");
- log_error (" in your dhcpd.conf file %s",
+ log_info (" in your dhcpd.conf file %s",
"for the network segment");
- log_error (" to %s %s %s",
+ log_info (" to %s %s %s",
"which interface",
tmp -> name, "is attached. **");
- log_error ("%s", "");
+ log_info ("%s", "");
goto next;
} else {
log_error ("You must write a %s",
--
2.14.5

49
dhcp/patches/0018-dhcp-honor-expired.patch
View File

@ -1,49 +0,0 @@
diff -up dhcp-4.3.0a1/client/dhc6.c.honor-expired dhcp-4.3.0a1/client/dhc6.c
--- dhcp-4.3.0a1/client/dhc6.c.honor-expired 2013-12-19 16:00:28.062183037 +0100
+++ dhcp-4.3.0a1/client/dhc6.c 2013-12-19 16:00:28.076182842 +0100
@@ -1351,6 +1351,32 @@ start_info_request6(struct client_state
go_daemon();
}
+/* Run through the addresses in lease and return true if there's any unexpired.
+ * Return false otherwise.
+ */
+isc_boolean_t
+unexpired_address_in_lease(struct dhc6_lease *lease)
+{
+ struct dhc6_ia *ia;
+ struct dhc6_addr *addr;
+
+ for (ia = lease->bindings ; ia != NULL ; ia = ia->next) {
+ for (addr = ia->addrs ; addr != NULL ; addr = addr->next) {
+ if (addr->flags & DHC6_ADDR_EXPIRED)
+ continue;
+
+ if (addr->starts + addr->max_life > cur_time) {
+ return ISC_TRUE;
+ }
+ }
+ }
+
+ log_info("PRC: Previous lease is devoid of active addresses."
+ " Re-initializing.");
+
+ return ISC_FALSE;
+}
+
/*
* start_confirm6() kicks off an "init-reboot" version of the process, at
* startup to find out if old bindings are 'fair' and at runtime whenever
@@ -1363,8 +1389,10 @@ start_confirm6(struct client_state *clie
/* If there is no active lease, there is nothing to check. */
if ((client->active_lease == NULL) ||
- !active_prefix(client) ||
- client->active_lease->released) {
+ !active_prefix(client) ||
+ client->active_lease->released ||
+ !unexpired_address_in_lease(client->active_lease)) {
+ dhc6_lease_destroy(&client->active_lease, MDL);
start_init6(client);
return;
}

28
dhcp/patches/0019-dhclient-write-DUID_LLT-even-in-stateless-mode-11563.patch Normal file
View File

@ -0,0 +1,28 @@
From 07b333c48a2fc99d7d502a0c88907b38f61c6230 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:41:14 +0100
Subject: [PATCH 19/21] dhclient: write DUID_LLT even in stateless mode
(#1156356)
Cc: pzhukov@redhat.com
(Submitted to dhcp-bugs@isc.org - [ISC-Bugs #38144])
---
client/dhclient.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/client/dhclient.c b/client/dhclient.c
index 27fde69..4e5546a 100644
--- a/client/dhclient.c
+++ b/client/dhclient.c
@@ -1442,6 +1442,9 @@ void run_stateless(int exit_mode, u_int16_t port)
data_string_forget(&default_duid, MDL);
form_duid(&default_duid, MDL);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS &&
+ duid_type == DUID_LLT)
+ write_duid(&default_duid);
}
#ifdef DHCP4o6
--
2.14.5

150
dhcp/patches/0019-dhcp-PPP.patch
View File

@ -1,150 +0,0 @@
diff -up dhcp-4.3.4/client/dhc6.c.PPP dhcp-4.3.4/client/dhc6.c
--- dhcp-4.3.4/client/dhc6.c.PPP 2016-04-29 12:46:29.824988665 +0200
+++ dhcp-4.3.4/client/dhc6.c 2016-04-29 12:46:29.828988666 +0200
@@ -5641,7 +5641,8 @@ make_client6_options(struct client_state
*/
if ((oc = lookup_option(&dhcpv6_universe, *op,
D6O_CLIENTID)) == NULL) {
- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
+ if (default_duid.len == 0 ||
+ !option_cache(&oc, &default_duid, NULL, clientid_option,
MDL))
log_fatal("Failure assembling a DUID.");
diff -up dhcp-4.3.4/client/dhclient.c.PPP dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.PPP 2016-04-29 12:46:29.815988664 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:46:29.830988666 +0200
@@ -1077,8 +1077,8 @@ main(int argc, char **argv) {
if (default_duid.buffer != NULL)
data_string_forget(&default_duid, MDL);
- form_duid(&default_duid, MDL);
- write_duid(&default_duid);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
+ write_duid(&default_duid);
}
}
@@ -3808,7 +3808,7 @@ write_options(struct client_state *clien
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
-void
+isc_result_t
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
@@ -3821,6 +3821,15 @@ form_duid(struct data_string *duid, cons
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
+ while (ip && ip->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ /* Try the other interfaces */
+ log_debug("Cannot form default DUID from interface %s.", ip->name);
+ ip = ip->next;
+ }
+ if (ip == NULL) {
+ return ISC_R_UNEXPECTED;
+ }
+
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
@@ -3866,6 +3875,8 @@ form_duid(struct data_string *duid, cons
log_info("Created duid %s.", str);
dfree(str, MDL);
}
+
+ return ISC_R_SUCCESS;
}
/* Write the default DUID to the lease store. */
diff -up dhcp-4.3.4/common/bpf.c.PPP dhcp-4.3.4/common/bpf.c
--- dhcp-4.3.4/common/bpf.c.PPP 2016-04-29 12:46:29.794988660 +0200
+++ dhcp-4.3.4/common/bpf.c 2016-04-29 12:46:29.830988666 +0200
@@ -599,6 +599,22 @@ get_hw_addr(const char *name, struct har
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
+#if defined(IFT_PPP)
+ case IFT_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sdl_type, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
diff -up dhcp-4.3.4/common/lpf.c.PPP dhcp-4.3.4/common/lpf.c
--- dhcp-4.3.4/common/lpf.c.PPP 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/common/lpf.c 2016-04-29 12:46:29.830988666 +0200
@@ -548,6 +548,22 @@ get_hw_addr(const char *name, struct har
hw->hbuf[0] = HTYPE_FDDI;
memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
+ if (local_family != AF_INET6)
+ log_fatal("Unsupported device type %d for \"%s\"",
+ sa->sa_family, name);
+ hw->hlen = 0;
+ hw->hbuf[0] = HTYPE_RESERVED;
+ /* 0xdeadbeef should never occur on the wire,
+ * and is a signature that something went wrong.
+ */
+ hw->hbuf[1] = 0xde;
+ hw->hbuf[2] = 0xad;
+ hw->hbuf[3] = 0xbe;
+ hw->hbuf[4] = 0xef;
+ break;
+#endif
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
diff -up dhcp-4.3.4/includes/dhcpd.h.PPP dhcp-4.3.4/includes/dhcpd.h
--- dhcp-4.3.4/includes/dhcpd.h.PPP 2016-04-29 12:46:29.831988667 +0200
+++ dhcp-4.3.4/includes/dhcpd.h 2016-04-29 12:47:13.167995959 +0200
@@ -2990,7 +2990,7 @@ void client_dns_remove(struct client_sta
void dhcpv4_client_assignments(void);
void dhcpv6_client_assignments(void);
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
void dhcp4o6_start(void);
diff -up dhcp-4.3.4/includes/dhcp.h.PPP dhcp-4.3.4/includes/dhcp.h
--- dhcp-4.3.4/includes/dhcp.h.PPP 2016-04-29 12:46:29.822988665 +0200
+++ dhcp-4.3.4/includes/dhcp.h 2016-04-29 12:46:29.832988667 +0200
@@ -81,6 +81,8 @@ struct dhcp_packet {
* is no standard for this so we
* just steal a type */
+#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
diff -up dhcp-4.3.4/server/dhcpv6.c.PPP dhcp-4.3.4/server/dhcpv6.c
--- dhcp-4.3.4/server/dhcpv6.c.PPP 2016-03-22 14:16:51.000000000 +0100
+++ dhcp-4.3.4/server/dhcpv6.c 2016-04-29 12:46:29.833988667 +0200
@@ -454,6 +454,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
+ if (p->next == NULL && p->hw_address.hbuf[0] == HTYPE_RESERVED) {
+ log_error("Can not generate DUID from interfaces which do not have hardware addresses, please configure server-duid!");
+ }
}
if (p == NULL) {
return ISC_R_UNEXPECTED;

100
dhcp/patches/0020-Discover-all-hwaddress-for-xid-uniqueness.patch Normal file
View File

@ -0,0 +1,100 @@
From f1467835402eee90a350a952f1a411f37475a9df Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:42:50 +0100
Subject: [PATCH 20/21] Discover all hwaddress for xid uniqueness
Cc: pzhukov@redhat.com
---
common/discover.c | 2 ++
common/lpf.c | 27 ++++++++++++++++++++++-----
includes/dhcpd.h | 3 +++
3 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/common/discover.c b/common/discover.c
index 056342c..e66e1c5 100644
--- a/common/discover.c
+++ b/common/discover.c
@@ -648,6 +648,8 @@ discover_interfaces(int state) {
interface_dereference(&tmp, MDL);
tmp = interfaces; /* XXX */
}
+ if (tmp != NULL)
+ try_hw_addr(tmp);
if (dhcp_interface_discovery_hook) {
(*dhcp_interface_discovery_hook)(tmp);
diff --git a/common/lpf.c b/common/lpf.c
index b732a86..a708a5d 100644
--- a/common/lpf.c
+++ b/common/lpf.c
@@ -699,8 +699,22 @@ ioctl_get_ll(char *name)
return sll;
}
+// define ?
+void try_hw_addr(struct interface_info *info){
+ get_hw_addr2(info);
+};
+
void
get_hw_addr(struct interface_info *info)
+{
+ if (get_hw_addr2(info) == ISC_R_NOTFOUND){
+ log_fatal("Unsupported device type for \"%s\"",
+ info->name);
+ }
+}
+
+isc_result_t
+get_hw_addr2(struct interface_info *info)
{
struct hardware *hw = &info->hw_address;
char *name = info->name;
@@ -710,7 +724,8 @@ get_hw_addr(struct interface_info *info)
int sll_allocated = 0;
char *dup = NULL;
char *colon = NULL;
-
+ isc_result_t result = ISC_R_SUCCESS;
+
if (getifaddrs(&ifaddrs) == -1)
log_fatal("Failed to get interfaces");
@@ -794,14 +809,16 @@ get_hw_addr(struct interface_info *info)
hw->hbuf[4] = 0xef;
break;
#endif
- default:
- freeifaddrs(ifaddrs);
- log_fatal("Unsupported device type %hu for \"%s\"",
- sll->sll_hatype, name);
+ default:
+ log_error("Unsupported device type %hu for \"%s\"",
+ sll->sll_hatype, name);
+ result = ISC_R_NOTFOUND;
+
}
if (sll_allocated)
dfree(sll, MDL);
freeifaddrs(ifaddrs);
+ return result;
}
#endif
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 0c1a0aa..635c510 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -2637,7 +2637,10 @@ void print_dns_status (int, struct dhcp_ddns_cb *, isc_result_t);
#endif
const char *print_time(TIME);
+
void get_hw_addr(struct interface_info *info);
+void try_hw_addr(struct interface_info *info);
+isc_result_t get_hw_addr2(struct interface_info *info);
char *buf_to_hex (const unsigned char *s, unsigned len,
const char *file, int line);
char *format_lease_id(const unsigned char *s, unsigned len, int format,
--
2.14.5

50
dhcp/patches/0021-Load-leases-DB-in-non-replay-mode-only.patch Normal file
View File

@ -0,0 +1,50 @@
From 1c7b876dc558774c40a2a28da53c19c65e123124 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Thu, 21 Feb 2019 10:44:06 +0100
Subject: [PATCH 21/21] Load leases DB in non-replay mode only
Cc: pzhukov@redhat.com
---
server/confpars.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/server/confpars.c b/server/confpars.c
index 2743979..db21a0b 100644
--- a/server/confpars.c
+++ b/server/confpars.c
@@ -134,6 +134,11 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
cfile = (struct parse *)0;
#if defined (TRACING)
+ // No need to dmalloc huge memory region if we're not going to re-play
+ if (!trace_playback()){
+ status = new_parse(&cfile, file, NULL, 0, filename, 0);
+ goto noreplay;
+ };
flen = lseek (file, (off_t)0, SEEK_END);
if (flen < 0) {
boom:
@@ -171,9 +176,11 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
if (trace_record ())
trace_write_packet (ttype, ulen + tflen + 1, dbuf, MDL);
status = new_parse(&cfile, -1, fbuf, ulen, filename, 0); /* XXX */
+ dfree(dbuf, MDL);
#else
status = new_parse(&cfile, file, NULL, 0, filename, 0);
#endif
+ noreplay:
if (status != ISC_R_SUCCESS || cfile == NULL)
return status;
@@ -182,9 +189,6 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
else
status = conf_file_subparse (cfile, group, group_type);
end_parse (&cfile);
-#if defined (TRACING)
- dfree (dbuf, MDL);
-#endif
return status;
}
--
2.14.5

165
dhcp/patches/0021-dhcp-IPoIB-log-id.patch
View File

@ -1,165 +0,0 @@
diff -up dhcp-4.3.4/server/dhcp.c.IPoIB-log-id dhcp-4.3.4/server/dhcp.c
--- dhcp-4.3.4/server/dhcp.c.IPoIB-log-id 2016-04-29 12:52:14.285061620 +0200
+++ dhcp-4.3.4/server/dhcp.c 2016-04-29 12:53:59.535088020 +0200
@@ -85,6 +85,42 @@ const int dhcp_type_name_max = ((sizeof
# define send_packet trace_packet_send
#endif
+char *print_client_identifier_from_packet (packet)
+ struct packet *packet;
+{
+ struct option_cache *oc;
+ struct data_string client_identifier;
+ char *ci;
+
+ memset (&client_identifier, 0, sizeof client_identifier);
+
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_DHCP_CLIENT_IDENTIFIER);
+ if (oc &&
+ evaluate_option_cache (&client_identifier,
+ packet, (struct lease *)0,
+ (struct client_state *)0,
+ packet -> options,
+ (struct option_state *)0,
+ &global_scope, oc, MDL)) {
+ ci = print_hw_addr (HTYPE_INFINIBAND, client_identifier.len, client_identifier.data);
+ data_string_forget (&client_identifier, MDL);
+ return ci;
+ } else
+ return "\"no client id\"";
+}
+
+char *print_hw_addr_or_client_id (packet)
+ struct packet *packet;
+{
+ if (packet -> raw -> htype == HTYPE_INFINIBAND)
+ return print_client_identifier_from_packet (packet);
+ else
+ return print_hw_addr (packet -> raw -> htype,
+ packet -> raw -> hlen,
+ packet -> raw -> chaddr);
+}
+
void
dhcp (struct packet *packet) {
int ms_nulltp = 0;
@@ -127,9 +163,7 @@ dhcp (struct packet *packet) {
log_info("%s from %s via %s: %s", s,
(packet->raw->htype
- ? print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr)
+ ? print_hw_addr_or_client_id(packet)
: "<no identifier>"),
packet->raw->giaddr.s_addr
? inet_ntoa(packet->raw->giaddr)
@@ -326,9 +360,7 @@ void dhcpdiscover (packet, ms_nulltp)
#endif
snprintf (msgbuf, sizeof msgbuf, "DHCPDISCOVER from %s %s%s%svia %s",
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id (packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -540,9 +572,7 @@ void dhcprequest (packet, ms_nulltp, ip_
"DHCPREQUEST for %s%s from %s %s%s%svia %s",
piaddr (cip), smbuf,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -783,9 +813,7 @@ void dhcprelease (packet, ms_nulltp)
if ((oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_REQUESTED_ADDRESS))) {
log_info ("DHCPRELEASE from %s specified requested-address.",
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr));
+ print_hw_addr_or_client_id(packet));
}
oc = lookup_option (&dhcp_universe, packet -> options,
@@ -877,9 +905,7 @@ void dhcprelease (packet, ms_nulltp)
"DHCPRELEASE of %s from %s %s%s%svia %s (%sfound)",
cstr,
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -984,9 +1010,7 @@ void dhcpdecline (packet, ms_nulltp)
"DHCPDECLINE of %s from %s %s%s%svia %s",
piaddr (cip),
(packet -> raw -> htype
- ? print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)
+ ? print_hw_addr_or_client_id(packet)
: (lease
? print_hex_1(lease->uid_len, lease->uid, 60)
: "<no identifier>")),
@@ -1683,8 +1707,7 @@ void dhcpinform (packet, ms_nulltp)
/* Report what we're sending. */
snprintf(msgbuf, sizeof msgbuf, "DHCPACK to %s (%s) via", piaddr(cip),
(packet->raw->htype && packet->raw->hlen) ?
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr) :
+ print_hw_addr_or_client_id(packet) :
"<no client hardware address>");
log_info("%s %s", msgbuf, gip.len ? piaddr(gip) :
packet->interface->name);
@@ -1862,9 +1885,7 @@ void nak_lease (packet, cip, network_gro
#endif
log_info ("DHCPNAK on %s to %s via %s",
piaddr (*cip),
- print_hw_addr (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr),
+ print_hw_addr_or_client_id(packet),
packet -> raw -> giaddr.s_addr
? inet_ntoa (packet -> raw -> giaddr)
: packet -> interface -> name);
@@ -3859,7 +3880,7 @@ void dhcp_reply (lease)
? (state -> offer == DHCPACK ? "DHCPACK" : "DHCPOFFER")
: "BOOTREPLY"),
piaddr (lease -> ip_addr),
- (lease -> hardware_addr.hlen
+ (lease -> hardware_addr.hlen > 1
? print_hw_addr (lease -> hardware_addr.hbuf [0],
lease -> hardware_addr.hlen - 1,
&lease -> hardware_addr.hbuf [1])
@@ -4408,10 +4429,7 @@ int find_lease (struct lease **lp,
if (uid_lease) {
if (uid_lease->binding_state == FTS_ACTIVE) {
log_error ("client %s has duplicate%s on %s",
- (print_hw_addr
- (packet -> raw -> htype,
- packet -> raw -> hlen,
- packet -> raw -> chaddr)),
+ (print_hw_addr_or_client_id(packet)),
" leases",
(ip_lease -> subnet ->
shared_network -> name));
@@ -4578,9 +4596,7 @@ int find_lease (struct lease **lp,
log_error("uid lease %s for client %s is duplicate "
"on %s",
piaddr(uid_lease->ip_addr),
- print_hw_addr(packet->raw->htype,
- packet->raw->hlen,
- packet->raw->chaddr),
+ print_hw_addr_or_client_id(packet),
uid_lease->subnet->shared_network->name);
if (!packet -> raw -> ciaddr.s_addr &&

77
dhcp/patches/0029-dhcp-sd_notify.patch → dhcp/patches/0022-Backport-sd-notify-patch-for-systemd-support-1687040.patch
View File

@ -1,10 +1,23 @@
diff -up dhcp-4.3.4/configure.ac.sd_notify dhcp-4.3.4/configure.ac
--- dhcp-4.3.4/configure.ac.sd_notify 2016-04-29 13:08:52.813287060 +0200
+++ dhcp-4.3.4/configure.ac 2016-04-29 13:08:52.872287075 +0200
@@ -832,6 +832,17 @@ if test x$ldap = xyes || test x$ldapcryp
From 5c6204bab7279050b78b3d03d1211e9d13d3fd71 Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Wed, 27 Mar 2019 09:59:20 +0100
Subject: [PATCH] Backport sd-notify patch for systemd support (#1687040)
Cc: pzhukov@redhat.com
---
configure.ac | 11 +++++++++++
relay/dhcrelay.c | 12 ++++++++++++
server/dhcpd.c | 12 ++++++++++++
3 files changed, 35 insertions(+)
diff --git a/configure.ac b/configure.ac
index 15fc0d7..0c08000 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1014,6 +1014,17 @@ if test x$ldap = xyes || test x$ldapcrypto = xyes || test x$ldap_gssapi = xyes;
AC_SUBST(LDAP_CFLAGS, [$LDAP_CFLAGS])
fi
+AC_ARG_WITH(systemd,
+ AC_HELP_STRING([--with-systemd],
+ [enable sending status notifications to systemd daemon (default is no)]),
@ -19,13 +32,14 @@ diff -up dhcp-4.3.4/configure.ac.sd_notify dhcp-4.3.4/configure.ac
# Append selected warning levels to CFLAGS before substitution (but after
# AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],[],[]) & etc).
CFLAGS="$CFLAGS $STD_CWARNINGS"
diff -up dhcp-4.3.4/relay/dhcrelay.c.sd_notify dhcp-4.3.4/relay/dhcrelay.c
--- dhcp-4.3.4/relay/dhcrelay.c.sd_notify 2016-04-29 13:08:52.814287061 +0200
+++ dhcp-4.3.4/relay/dhcrelay.c 2016-04-29 13:08:52.872287075 +0200
diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c
index 7b4f4f1..9eb5bfd 100644
--- a/relay/dhcrelay.c
+++ b/relay/dhcrelay.c
@@ -37,6 +37,10 @@
int keep_capabilities = 0;
#endif
+#ifdef HAVE_LIBSYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
@ -33,10 +47,10 @@ diff -up dhcp-4.3.4/relay/dhcrelay.c.sd_notify dhcp-4.3.4/relay/dhcrelay.c
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
@@ -709,6 +713,14 @@ main(int argc, char **argv) {
}
@@ -845,6 +849,14 @@ main(int argc, char **argv) {
}
#endif
+#ifdef HAVE_LIBSYSTEMD
+ /* We are ready to process incomming packets. Let's notify systemd */
+ sd_notifyf(0, "READY=1\n"
@ -45,27 +59,28 @@ diff -up dhcp-4.3.4/relay/dhcrelay.c.sd_notify dhcp-4.3.4/relay/dhcrelay.c
+ (unsigned long) getpid());
+#endif
+
/* Start dispatching packets and timeouts... */
dispatch();
diff -up dhcp-4.3.4/server/dhcpd.c.sd_notify dhcp-4.3.4/server/dhcpd.c
--- dhcp-4.3.4/server/dhcpd.c.sd_notify 2016-04-29 13:08:52.873287075 +0200
+++ dhcp-4.3.4/server/dhcpd.c 2016-04-29 13:12:00.655333096 +0200
@@ -57,6 +57,10 @@ uid_t set_uid = 0;
gid_t set_gid = 0;
#endif /* PARANOIA */
/* Start dispatching packets and timeouts... */
dispatch();
diff --git a/server/dhcpd.c b/server/dhcpd.c
index 530a923..e06f6b4 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -60,6 +60,10 @@ gid_t set_gid = 0;
struct class unknown_class;
struct class known_class;
+#ifdef HAVE_LIBSYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
struct iaddr server_identifier;
int server_identifier_matched;
@@ -931,6 +935,14 @@ main(int argc, char **argv) {
/* Log that we are about to start working */
log_info("Server starting service.");
@@ -1057,6 +1061,14 @@ main(int argc, char **argv) {
/* Log that we are about to start working */
log_info("Server starting service.");
+#ifdef HAVE_LIBSYSTEMD
+ /* We are ready to process incomming packets. Let's notify systemd */
+ sd_notifyf(0, "READY=1\n"
@ -74,6 +89,8 @@ diff -up dhcp-4.3.4/server/dhcpd.c.sd_notify dhcp-4.3.4/server/dhcpd.c
+ (unsigned long) getpid());
+#endif
+
/*
* Receive packets and dispatch them...
* dispatch() will never return.
/*
* Receive packets and dispatch them...
* dispatch() will never return.
--
2.14.5

138
dhcp/patches/0022-dhcp-improved-xid.patch
View File

@ -1,138 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.improved-xid dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.improved-xid 2016-04-29 12:54:55.997102182 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:57:25.123139587 +0200
@@ -1045,6 +1045,26 @@ main(int argc, char **argv) {
}
}
+ /* We create a backup seed before rediscovering interfaces in order to
+ have a seed built using all of the available interfaces
+ It's interesting if required interfaces doesn't let us defined
+ a really unique seed due to a lack of valid HW addr later
+ (this is the case with DHCP over IB)
+ We only use the last device as using a sum could broke the
+ uniqueness of the seed among multiple nodes
+ */
+ unsigned backup_seed = 0;
+ for (ip = interfaces; ip; ip = ip -> next) {
+ int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
+ memcpy (&junk,
+ &ip -> hw_address.hbuf [ip -> hw_address.hlen -
+ sizeof seed], sizeof seed);
+ backup_seed = junk;
+ }
+
+
/* At this point, all the interfaces that the script thinks
are relevant should be running, so now we once again call
discover_interfaces(), and this time ask it to actually set
@@ -1059,14 +1079,36 @@ main(int argc, char **argv) {
Not much entropy, but we're booting, so we're not likely to
find anything better. */
seed = 0;
+ int seed_flag = 0;
for (ip = interfaces; ip; ip = ip->next) {
int junk;
+ if ( ip -> hw_address.hlen <= sizeof seed )
+ continue;
memcpy(&junk,
&ip->hw_address.hbuf[ip->hw_address.hlen -
sizeof seed], sizeof seed);
seed += junk;
+ seed_flag = 1;
}
- srandom(seed + cur_time + (unsigned)getpid());
+ if ( seed_flag == 0 ) {
+ if ( backup_seed != 0 ) {
+ seed = backup_seed;
+ log_info ("xid: rand init seed (0x%x) built using all"
+ " available interfaces",seed);
+ }
+ else {
+ seed = cur_time^((unsigned) gethostid()) ;
+ log_info ("xid: warning: no netdev with useable HWADDR found"
+ " for seed's uniqueness enforcement");
+ log_info ("xid: rand init seed (0x%x) built using gethostid",
+ seed);
+ }
+ /* we only use seed and no current time as a broadcast reply */
+ /* will certainly be used by the hwaddrless interface */
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
+ }
+ else
+ srandom(seed + ((unsigned)(cur_tv.tv_usec * 1000000)) + (unsigned)getpid());
/* Setup specific Infiniband options */
for (ip = interfaces; ip; ip = ip->next) {
@@ -1633,7 +1675,7 @@ void dhcpack (packet)
return;
}
- log_info ("DHCPACK from %s", piaddr (packet -> client_addr));
+ log_info ("DHCPACK from %s (xid=0x%x)", piaddr (packet -> client_addr), ntohl(client -> xid));
lease = packet_to_lease (packet, client);
if (!lease) {
@@ -2541,7 +2583,7 @@ void dhcpnak (packet)
return;
}
- log_info ("DHCPNAK from %s", piaddr (packet -> client_addr));
+ log_info ("DHCPNAK from %s (xid=0x%x)", piaddr (packet -> client_addr), ntohl(client -> xid));
if (!client -> active) {
#if defined (DEBUG)
@@ -2674,10 +2716,10 @@ void send_discover (cpp)
(long)(client -> interval));
} else
#endif
- log_info ("DHCPDISCOVER on %s to %s port %d interval %ld",
+ log_info ("DHCPDISCOVER on %s to %s port %d interval %ld (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (sockaddr_broadcast.sin_addr),
- ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval));
+ ntohs (sockaddr_broadcast.sin_port), (long)(client -> interval), ntohl(client -> xid));
/* Send out a packet. */
#if defined(DHCPv6) && defined(DHCP4o6)
@@ -2962,10 +3004,10 @@ void send_request (cpp)
log_info ("DHCPREQUEST");
} else
#endif
- log_info ("DHCPREQUEST on %s to %s port %d",
+ log_info ("DHCPREQUEST on %s to %s port %d (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), ntohl(client -> xid));
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6) {
@@ -3022,10 +3064,10 @@ void send_decline (cpp)
log_info ("DHCPDECLINE");
} else
#endif
- log_info ("DHCPDECLINE on %s to %s port %d",
+ log_info ("DHCPDECLINE on %s to %s port %d (xid=0x%x)",
client->name ? client->name : client->interface->name,
inet_ntoa(sockaddr_broadcast.sin_addr),
- ntohs(sockaddr_broadcast.sin_port));
+ ntohs(sockaddr_broadcast.sin_port), ntohl(client -> xid));
/* Send out a packet. */
#if defined(DHCPv6) && defined(DHCP4o6)
@@ -3084,10 +3126,10 @@ void send_release (cpp)
log_info ("DHCPRELEASE");
} else
#endif
- log_info ("DHCPRELEASE on %s to %s port %d",
+ log_info ("DHCPRELEASE on %s to %s port %d (xid=0x%x)",
client -> name ? client -> name : client -> interface -> name,
inet_ntoa (destination.sin_addr),
- ntohs (destination.sin_port));
+ ntohs (destination.sin_port), ntohl(client -> xid));
#if defined(DHCPv6) && defined(DHCP4o6)
if (dhcpv4_over_dhcpv6) {

34
dhcp/patches/0023-dhcp-duidv4.patch
View File

@ -1,34 +0,0 @@
diff -up dhcp-4.3.1b1/client/dhclient.8.KrJcIv dhcp-4.3.1b1/client/dhclient.8
--- dhcp-4.3.1b1/client/dhclient.8.KrJcIv 2014-07-10 17:39:25.852763873 +0200
+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:54:26.841012988 +0200
@@ -458,6 +458,9 @@ used to construct a RFC4361 style client
in the client's messages. This client id can be overridden by
setting a client id in the configuration file. Overridding the
client id in this fashion is discouraged.
+This option is turned on by default, if you want to redefine or turn off
+sending of client id, use send dhcp-client-identifier = "better identifier"
+or send dhcp-client-identifier = "" in /etc/dhcp/dhclient.conf.
.TP
.BI \-I
Use the standard DDNS scheme from RFCs 4701 & 4702.
diff -up dhcp-4.3.1b1/client/dhclient.c.KrJcIv dhcp-4.3.1b1/client/dhclient.c
--- dhcp-4.3.1b1/client/dhclient.c.KrJcIv 2014-07-10 17:54:26.829013157 +0200
+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:55:50.155835918 +0200
@@ -73,7 +73,7 @@ struct sockaddr_in sockaddr_broadcast;
struct in_addr giaddr;
struct data_string default_duid;
int duid_type = 0;
-int duid_v4 = 0;
+int duid_v4 = 1;
int std_dhcid = 0;
/* ASSERT_STATE() does nothing now; it used to be
@@ -1301,7 +1301,7 @@ static void setup_ib_interface(struct in
}
/* No client ID specified */
- log_fatal("dhcp-client-identifier must be specified for InfiniBand");
+ //log_fatal("dhcp-client-identifier must be specified for InfiniBand");
}
/* Individual States:

111
dhcp/patches/0024-dhcp-duid_uuid.patch
View File

@ -1,111 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.duid_uuid dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.duid_uuid 2016-04-29 12:58:14.846150838 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 12:58:14.851150839 +0200
@@ -3868,6 +3868,59 @@ write_options(struct client_state *clien
}
}
+int unhexchar(char c) {
+
+ if (c >= '0' && c <= '9')
+ return c - '0';
+
+ if (c >= 'a' && c <= 'f')
+ return c - 'a' + 10;
+
+ if (c >= 'A' && c <= 'F')
+ return c - 'A' + 10;
+
+ return -1;
+}
+
+isc_result_t
+read_uuid(u_int8_t* uuid) {
+ const char *id_fname = "/etc/machine-id";
+ char id[32];
+ size_t nread;
+ FILE * file = fopen( id_fname , "r");
+ if (!file) {
+ log_debug("Cannot open %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+ nread = fread(id, 1, sizeof id, file);
+ fclose(file);
+
+ if (nread < 32) {
+ log_debug("Not enough data in %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+
+ for (int j = 0; j < 16; j++) {
+ int a, b;
+
+ a = unhexchar(id[j*2]);
+ b = unhexchar(id[j*2+1]);
+
+ if (a < 0 || b < 0) {
+ log_debug("Wrong data in %s", id_fname);
+ return ISC_R_IOERROR;
+ }
+ uuid[j] = a << 4 | b;
+ }
+
+ /* Set UUID version to 4 --- truly random generation */
+ uuid[6] = (uuid[6] & 0x0F) | 0x40;
+ /* Set the UUID variant to DCE */
+ uuid[8] = (uuid[8] & 0x3F) | 0x80;
+
+ return ISC_R_SUCCESS;
+}
+
/*
* The "best" default DUID, since we cannot predict any information
* about the system (such as whether or not the hardware addresses are
@@ -3888,6 +3941,7 @@ form_duid(struct data_string *duid, cons
struct interface_info *ip;
int len;
char *str;
+ u_int8_t uuid[16];
/* For now, just use the first interface on the list. */
ip = interfaces;
@@ -3908,9 +3962,16 @@ form_duid(struct data_string *duid, cons
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
- if (duid_type == 0)
- duid_type = stateless ? DUID_LL : DUID_LLT;
-
+ if (duid_type == 0) {
+ if (read_uuid(uuid) == ISC_R_SUCCESS)
+ duid_type = DUID_UUID;
+ else
+ duid_type = stateless ? DUID_LL : DUID_LLT;
+ }
+
+ if (duid_type == DUID_UUID)
+ len = 2 + sizeof (uuid);
+ else {
/*
* 2 bytes for the 'duid type' field.
* 2 bytes for the 'htype' field.
@@ -3921,13 +3982,18 @@ form_duid(struct data_string *duid, cons
len = 4 + (ip->hw_address.hlen - 1);
if (duid_type == DUID_LLT)
len += 4;
+ }
if (!buffer_allocate(&duid->buffer, len, MDL))
log_fatal("no memory for default DUID!");
duid->data = duid->buffer->data;
duid->len = len;
+ if (duid_type == DUID_UUID) {
+ putUShort(duid->buffer->data, DUID_UUID);
+ memcpy(duid->buffer->data + 2, uuid, sizeof(uuid));
+ }
/* Basic Link Local Address type of DUID. */
- if (duid_type == DUID_LLT) {
+ else if (duid_type == DUID_LLT) {
putUShort(duid->buffer->data, DUID_LLT);
putUShort(duid->buffer->data + 2, ip->hw_address.hbuf[0]);
putULong(duid->buffer->data + 4, cur_time - DUID_TIME_EPOCH);

429
dhcp/patches/0025-dhcp-getifaddrs.patch
View File

@ -1,429 +0,0 @@
diff -up dhcp-4.3.5b1/common/discover.c.getifaddrs dhcp-4.3.5b1/common/discover.c
--- dhcp-4.3.5b1/common/discover.c.getifaddrs 2016-09-12 17:10:39.585374741 +0200
+++ dhcp-4.3.5b1/common/discover.c 2016-09-12 17:15:56.160628636 +0200
@@ -373,392 +373,13 @@ end_iface_scan(struct iface_conf_list *i
ifaces->sock = -1;
}
-#elif __linux /* !HAVE_SIOCGLIFCONF */
-/*
- * Linux support
- * -------------
- *
- * In Linux, we use the /proc pseudo-filesystem to get information
- * about interfaces, along with selected ioctl() calls.
- *
- * Linux low level access is documented in the netdevice man page.
- */
-
-/*
- * Structure holding state about the scan.
- */
-struct iface_conf_list {
- int sock; /* file descriptor used to get information */
- FILE *fp; /* input from /proc/net/dev */
-#ifdef DHCPv6
- FILE *fp6; /* input from /proc/net/if_inet6 */
-#endif
-};
-
-/*
- * Structure used to return information about a specific interface.
- */
-struct iface_info {
- char name[IFNAMSIZ]; /* name of the interface, e.g. "eth0" */
- struct sockaddr_storage addr; /* address information */
- isc_uint64_t flags; /* interface flags, e.g. IFF_LOOPBACK */
-};
-
-/*
- * Start a scan of interfaces.
- *
- * The iface_conf_list structure maintains state for this process.
- */
-int
-begin_iface_scan(struct iface_conf_list *ifaces) {
- char buf[IF_LINE_LENGTH];
- int len;
- int i;
-
- ifaces->fp = fopen("/proc/net/dev", "r");
- if (ifaces->fp == NULL) {
- log_error("Error opening '/proc/net/dev' to list interfaces");
- return 0;
- }
-
- /*
- * The first 2 lines are header information, so read and ignore them.
- */
- for (i=0; i<2; i++) {
- if (fgets(buf, sizeof(buf), ifaces->fp) == NULL) {
- log_error("Error reading headers from '/proc/net/dev'");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad header line in '/proc/net/dev'");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- }
-
- ifaces->sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
- if (ifaces->sock < 0) {
- log_error("Error creating socket to list interfaces; %m");
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
-
-#ifdef DHCPv6
- if (local_family == AF_INET6) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
- close(ifaces->sock);
- ifaces->sock = -1;
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
- }
- }
-#endif
-
- return 1;
-}
-
-/*
- * Read our IPv4 interfaces from /proc/net/dev.
- *
- * The file looks something like this:
- *
- * Inter-| Receive ...
- * face |bytes packets errs drop fifo frame ...
- * lo: 1580562 4207 0 0 0 0 ...
- * eth0: 0 0 0 0 0 0 ...
- * eth1:1801552440 37895 0 14 0 ...
- *
- * We only care about the interface name, which is at the start of
- * each line.
- *
- * We use an ioctl() to get the address and flags for each interface.
- */
-static int
-next_iface4(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- char buf[IF_LINE_LENGTH];
- int len;
- char *p;
- char *name;
- struct ifreq tmp;
-
- /*
- * Loop exits when we find an interface that has an address, or
- * when we run out of interfaces.
- */
- for (;;) {
- do {
- /*
- * Read the next line in the file.
- */
- if (fgets(buf, sizeof(buf), ifaces->fp) == NULL) {
- if (ferror(ifaces->fp)) {
- *err = 1;
- log_error("Error reading interface "
- "information");
- } else {
- *err = 0;
- }
- return 0;
- }
-
- /*
- * Make sure the line is a nice,
- * newline-terminated line.
- */
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad line reading interface "
- "information");
- *err = 1;
- return 0;
- }
-
- /*
- * Figure out our name.
- */
- p = strrchr(buf, ':');
- if (p == NULL) {
- log_error("Bad line reading interface "
- "information (no colon)");
- *err = 1;
- return 0;
- }
- *p = '\0';
- name = buf;
- while (isspace(*name)) {
- name++;
- }
-
- /*
- * Copy our name into our interface structure.
- */
- len = p - name;
- if (len >= sizeof(info->name)) {
- *err = 1;
- log_error("Interface name '%s' too long", name);
- return 0;
- }
- strncpy(info->name, name, sizeof(info->name) - 1);
-
-#ifdef ALIAS_NAMED_PERMUTED
- /* interface aliases look like "eth0:1" or "wlan1:3" */
- s = strchr(info->name, ':');
- if (s != NULL) {
- *s = '\0';
- }
-#endif
-
-#ifdef SKIP_DUMMY_INTERFACES
- } while (strncmp(info->name, "dummy", 5) == 0);
-#else
- } while (0);
-#endif
-
- memset(&tmp, 0, sizeof(tmp));
- strncpy(tmp.ifr_name, name, sizeof(tmp.ifr_name) - 1);
- if (ioctl(ifaces->sock, SIOCGIFADDR, &tmp) < 0) {
- if (errno == EADDRNOTAVAIL) {
- continue;
- }
- log_error("Error getting interface address "
- "for '%s'; %m", name);
- *err = 1;
- return 0;
- }
- memcpy(&info->addr, &tmp.ifr_addr, sizeof(tmp.ifr_addr));
-
- memset(&tmp, 0, sizeof(tmp));
- strncpy(tmp.ifr_name, name, sizeof(tmp.ifr_name) - 1);
- if (ioctl(ifaces->sock, SIOCGIFFLAGS, &tmp) < 0) {
- log_error("Error getting interface flags for '%s'; %m",
- name);
- *err = 1;
- return 0;
- }
- info->flags = tmp.ifr_flags;
-
- *err = 0;
- return 1;
- }
-}
-
-#ifdef DHCPv6
-/*
- * Read our IPv6 interfaces from /proc/net/if_inet6.
- *
- * The file looks something like this:
- *
- * fe80000000000000025056fffec00008 05 40 20 80 vmnet8
- * 00000000000000000000000000000001 01 80 10 80 lo
- * fe80000000000000025056fffec00001 06 40 20 80 vmnet1
- * 200108881936000202166ffffe497d9b 03 40 00 00 eth1
- * fe8000000000000002166ffffe497d9b 03 40 20 80 eth1
- *
- * We get IPv6 address from the start, the interface name from the end,
- * and ioctl() to get flags.
- */
-static int
-next_iface6(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- char buf[IF_LINE_LENGTH];
- int len;
- char *p;
- char *name;
- int i;
- struct sockaddr_in6 addr;
- struct ifreq tmp;
-
- do {
- /*
- * Read the next line in the file.
- */
- if (fgets(buf, sizeof(buf), ifaces->fp6) == NULL) {
- if (ferror(ifaces->fp6)) {
- *err = 1;
- log_error("Error reading IPv6 "
- "interface information");
- } else {
- *err = 0;
- }
- return 0;
- }
-
- /*
- * Make sure the line is a nice, newline-terminated line.
- */
- len = strlen(buf);
- if ((len <= 0) || (buf[len-1] != '\n')) {
- log_error("Bad line reading IPv6 "
- "interface information");
- *err = 1;
- return 0;
- }
-
- /*
- * Figure out our name.
- */
- buf[--len] = '\0';
- p = strrchr(buf, ' ');
- if (p == NULL) {
- log_error("Bad line reading IPv6 interface "
- "information (no space)");
- *err = 1;
- return 0;
- }
- name = p+1;
-
- /*
- * Copy our name into our interface structure.
- */
- len = strlen(name);
- if (len >= sizeof(info->name)) {
- *err = 1;
- log_error("IPv6 interface name '%s' too long", name);
- return 0;
- }
- strncpy(info->name, name, sizeof(info->name) - 1);
-
-#ifdef SKIP_DUMMY_INTERFACES
- } while (strncmp(info->name, "dummy", 5) == 0);
-#else
- } while (0);
-#endif
-
- /*
- * Double-check we start with the IPv6 address.
- */
- for (i=0; i<32; i++) {
- if (!isxdigit(buf[i]) || isupper(buf[i])) {
- *err = 1;
- log_error("Bad line reading IPv6 interface address "
- "for '%s'", name);
- return 0;
- }
- }
-
- /*
- * Load our socket structure.
- */
- memset(&addr, 0, sizeof(addr));
- addr.sin6_family = AF_INET6;
- for (i=0; i<16; i++) {
- unsigned char byte;
- static const char hex[] = "0123456789abcdef";
- byte = ((index(hex, buf[i * 2]) - hex) << 4) |
- (index(hex, buf[i * 2 + 1]) - hex);
- addr.sin6_addr.s6_addr[i] = byte;
- }
- memcpy(&info->addr, &addr, sizeof(addr));
-
- /*
- * Get our flags.
- */
- memset(&tmp, 0, sizeof(tmp));
- strncpy(tmp.ifr_name, name, sizeof(tmp.ifr_name) - 1);
- if (ioctl(ifaces->sock, SIOCGIFFLAGS, &tmp) < 0) {
- log_error("Error getting interface flags for '%s'; %m", name);
- *err = 1;
- return 0;
- }
- info->flags = tmp.ifr_flags;
-
- *err = 0;
- return 1;
-}
-#endif /* DHCPv6 */
-
-/*
- * Retrieve the next interface.
- *
- * Returns information in the info structure.
- * Sets err to 1 if there is an error, otherwise 0.
- */
-int
-next_iface(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
- memset(info, 0, sizeof(struct iface_info));
- if (next_iface4(info, err, ifaces)) {
- return 1;
- }
-#ifdef DHCPv6
- if (!(*err)) {
- if (local_family == AF_INET6)
- return next_iface6(info, err, ifaces);
- }
-#endif
- return 0;
-}
-
-/*
- * End scan of interfaces.
- */
-void
-end_iface_scan(struct iface_conf_list *ifaces) {
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- close(ifaces->sock);
- ifaces->sock = -1;
-#ifdef DHCPv6
- if (local_family == AF_INET6) {
- fclose(ifaces->fp6);
- ifaces->fp6 = NULL;
- }
-#endif
-}
#else
/*
* BSD support
* -----------
*
- * FreeBSD, NetBSD, OpenBSD, and OS X all have the getifaddrs()
+ * FreeBSD, NetBSD, OpenBSD, OS X and Linux all have the getifaddrs()
* function.
*
* The getifaddrs() man page describes the use.
@@ -806,6 +427,8 @@ begin_iface_scan(struct iface_conf_list
*/
int
next_iface(struct iface_info *info, int *err, struct iface_conf_list *ifaces) {
+ size_t sa_len = 0;
+
if (ifaces->next == NULL) {
*err = 0;
return 0;
@@ -818,8 +441,20 @@ next_iface(struct iface_info *info, int
}
memset(info, 0, sizeof(struct iface_info));
strncpy(info->name, ifaces->next->ifa_name, sizeof(info->name) - 1);
- memcpy(&info->addr, ifaces->next->ifa_addr,
- ifaces->next->ifa_addr->sa_len);
+
+ memset(&info->addr, 0 , sizeof(info->addr));
+
+ if (ifaces->next->ifa_addr != NULL) {
+#ifdef HAVE_SA_LEN
+ sa_len = ifaces->next->ifa_addr->sa_len;
+#else
+ if (ifaces->next->ifa_addr->sa_family == AF_INET)
+ sa_len = sizeof(struct sockaddr_in);
+ else if (ifaces->next->ifa_addr->sa_family == AF_INET6)
+ sa_len = sizeof(struct sockaddr_in6);
+#endif
+ memcpy(&info->addr, ifaces->next->ifa_addr, sa_len);
+ }
info->flags = ifaces->next->ifa_flags;
ifaces->next = ifaces->next->ifa_next;
*err = 0;

61
dhcp/patches/0026-dhcp-client-request-release-bind-iface.patch
View File

@ -1,61 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.bind-iface dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.bind-iface 2016-04-29 13:06:50.595257108 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 13:08:30.237281528 +0200
@@ -3023,6 +3023,14 @@ void send_request (cpp)
#endif
if (destination.sin_addr.s_addr != INADDR_BROADCAST &&
fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -3032,6 +3040,13 @@ void send_request (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
}
else {
/* Send out a packet. */
@@ -3144,6 +3159,14 @@ void send_release (cpp)
} else
#endif
if (fallback_interface) {
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, client->interface->name,
+ strlen(client->interface->name)) < 0) {
+ log_error("%s:%d: Failed to bind fallback interface"
+ " to %s: %m", MDL, client->interface->name);
+ }
+#endif
result = send_packet(fallback_interface, NULL, &client->packet,
client->packet_length, from, &destination,
NULL);
@@ -3153,6 +3176,13 @@ void send_release (cpp)
client->packet_length,
fallback_interface->name);
}
+#if defined(SO_BINDTODEVICE)
+ if (setsockopt(fallback_interface -> wfdesc, SOL_SOCKET,
+ SO_BINDTODEVICE, NULL, 0) < 0) {
+ log_fatal("%s:%d: Failed to unbind fallback interface:"
+ " %m", MDL);
+ }
+#endif
} else {
/* Send out a packet. */
result = send_packet(client->interface, NULL, &client->packet,

25
dhcp/patches/0027-dhcp-interval.patch
View File

@ -1,25 +0,0 @@
diff -up dhcp-4.3.0a1/common/dispatch.c.interval dhcp-4.3.0a1/common/dispatch.c
--- dhcp-4.3.0a1/common/dispatch.c.interval 2013-12-20 13:51:14.385260622 +0100
+++ dhcp-4.3.0a1/common/dispatch.c 2013-12-20 13:51:14.493259116 +0100
@@ -343,7 +343,20 @@ void add_timeout (when, where, what, ref
q->next = timeouts;
timeouts = q;
- isc_interval_set(&interval, sec & DHCP_SEC_MAX, usec * 1000);
+ /* isc_time_nowplusinterval() is not safe with 64-bit time_t and will
+ * return an error for sufficiently large intervals. We have to limit
+ * the interval to INT_MAX or less to ensure the interval doesn't
+ * overflow 32 bits, since the returned isc_time_t fields are
+ * 32-bit unsigned ints.
+ *
+ * HACK: The 9 is a magic number of seconds, since some time may have
+ * gone by since the last call to gettimeofday() and the one in
+ * isc_time_nowplusinterval().
+ */
+ if (sec > TIME_MAX)
+ sec = TIME_MAX - 9;
+
+ isc_interval_set(&interval, sec, usec * 1000);
status = isc_time_nowplusinterval(&expires, &interval);
if (status != ISC_R_SUCCESS) {
/*

48
dhcp/patches/0028-dhcp-no-subnet-error2info.patch
View File

@ -1,48 +0,0 @@
diff -up dhcp-4.3.0a1/common/discover.c.error2info dhcp-4.3.0a1/common/discover.c
--- dhcp-4.3.0a1/common/discover.c.error2info 2013-12-20 13:59:15.148553898 +0100
+++ dhcp-4.3.0a1/common/discover.c 2013-12-20 13:59:15.181553438 +0100
@@ -779,9 +779,9 @@ discover_interfaces(int state) {
/* We must have a subnet declaration for each interface. */
if (!tmp->shared_network && (state == DISCOVER_SERVER)) {
- log_error("%s", "");
+ log_info("%s", "");
if (local_family == AF_INET) {
- log_error("No subnet declaration for %s (%s).",
+ log_info("No subnet declaration for %s (%s).",
tmp->name,
(tmp->addresses == NULL) ?
"no IPv4 addresses" :
@@ -796,26 +796,26 @@ discover_interfaces(int state) {
} else {
strcpy(abuf, "no IPv6 addresses");
}
- log_error("No subnet6 declaration for %s (%s).",
+ log_info("No subnet6 declaration for %s (%s).",
tmp->name,
abuf);
#endif /* DHCPv6 */
}
if (supports_multiple_interfaces(tmp)) {
- log_error ("** Ignoring requests on %s. %s",
+ log_info ("** Ignoring requests on %s. %s",
tmp -> name, "If this is not what");
- log_error (" you want, please write %s",
+ log_info (" you want, please write %s",
#ifdef DHCPv6
(local_family != AF_INET) ?
"a subnet6 declaration" :
#endif
"a subnet declaration");
- log_error (" in your dhcpd.conf file %s",
+ log_info (" in your dhcpd.conf file %s",
"for the network segment");
- log_error (" to %s %s %s",
+ log_info (" to %s %s %s",
"which interface",
tmp -> name, "is attached. **");
- log_error ("%s", "");
+ log_info ("%s", "");
goto next;
} else {
log_error ("You must write a %s",

217
dhcp/patches/0030-dhcp-option97-pxe-client-id.patch
View File

@ -1,217 +0,0 @@
diff -up dhcp-4.3.5b1/common/options.c.option97 dhcp-4.3.5b1/common/options.c
--- dhcp-4.3.5b1/common/options.c.option97 2016-09-12 17:17:13.972691041 +0200
+++ dhcp-4.3.5b1/common/options.c 2016-09-12 17:19:17.706790276 +0200
@@ -4434,13 +4434,26 @@ int validate_packet(struct packet *packe
"a future version of ISC DHCP will reject this");
}
} else {
- /*
- * If hlen is 0 we don't have any identifier, we warn the user
- * but continue processing the packet as we can.
- */
- if (packet->raw->hlen == 0) {
- log_debug("Received DHCPv4 packet without client-id"
- " option and empty hlen field.");
+ oc = lookup_option (&dhcp_universe, packet->options,
+ DHO_PXE_CLIENT_ID);
+ if (oc) {
+ /* Let's check if pxe-client-id is sane */
+ if ((oc->data.len < 2) ||
+ (oc->data.data[0] == '\0' &&
+ oc->data.len != 17)) {
+ log_debug("Dropped DHCPv4 packet with wrong "
+ "(len == %d) pxe-client-id", oc->data.len);
+ return (0);
+ }
+ } else {
+ /*
+ * If hlen is 0 we don't have any identifier, we warn the user
+ * but continue processing the packet as we can.
+ */
+ if (packet->raw->hlen == 0) {
+ log_debug("Received DHCPv4 packet without client-id"
+ " option and empty hlen field.");
+ }
}
}
diff -up dhcp-4.3.5b1/common/tables.c.option97 dhcp-4.3.5b1/common/tables.c
--- dhcp-4.3.5b1/common/tables.c.option97 2016-09-12 17:17:13.927691005 +0200
+++ dhcp-4.3.5b1/common/tables.c 2016-09-12 17:17:13.972691041 +0200
@@ -196,8 +196,9 @@ static struct option dhcp_options[] = {
/* Defined by RFC 4578 */
{ "pxe-system-type", "S", &dhcp_universe, 93, 1 },
{ "pxe-interface-id", "BBB", &dhcp_universe, 94, 1 },
- { "pxe-client-id", "BX", &dhcp_universe, 97, 1 },
#endif
+ { "pxe-client-id", "BX", &dhcp_universe, 97, 1 },
+
{ "uap-servers", "t", &dhcp_universe, 98, 1 },
#if defined(RFC4776_OPTIONS)
{ "geoconf-civic", "X", &dhcp_universe, 99, 1 },
diff -up dhcp-4.3.5b1/includes/dhcp.h.option97 dhcp-4.3.5b1/includes/dhcp.h
--- dhcp-4.3.5b1/includes/dhcp.h.option97 2016-09-12 17:17:13.936691013 +0200
+++ dhcp-4.3.5b1/includes/dhcp.h 2016-09-12 17:17:13.972691041 +0200
@@ -159,6 +159,7 @@ struct dhcp_packet {
#define DHO_AUTHENTICATE 90 /* RFC3118, was 210 */
#define DHO_CLIENT_LAST_TRANSACTION_TIME 91
#define DHO_ASSOCIATED_IP 92
+#define DHO_PXE_CLIENT_ID 97 /* RFC4578 */
#define DHO_SUBNET_SELECTION 118 /* RFC3011! */
#define DHO_DOMAIN_SEARCH 119 /* RFC3397 */
#define DHO_CLASSLESS_STATIC_ROUTES 121 /* RFC3442 */
diff -up dhcp-4.3.5b1/server/dhcp.c.option97 dhcp-4.3.5b1/server/dhcp.c
--- dhcp-4.3.5b1/server/dhcp.c.option97 2016-09-12 17:17:13.947691021 +0200
+++ dhcp-4.3.5b1/server/dhcp.c 2016-09-12 17:17:13.973691042 +0200
@@ -221,6 +221,10 @@ dhcp (struct packet *packet) {
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
if (!oc)
+ oc = lookup_option (&dhcp_universe,
+ packet -> options,
+ DHO_PXE_CLIENT_ID);
+ if (!oc)
goto nolease;
memset (&data, 0, sizeof data);
@@ -818,6 +822,9 @@ void dhcprelease (packet, ms_nulltp)
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset (&data, 0, sizeof data);
if (oc &&
evaluate_option_cache (&data, packet, (struct lease *)0,
@@ -1286,6 +1293,9 @@ void dhcpinform (packet, ms_nulltp)
*/
oc = lookup_option(&dhcp_universe, packet->options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset(&d1, 0, sizeof(d1));
if (oc &&
evaluate_option_cache(&d1, packet, NULL, NULL,
@@ -2381,6 +2391,9 @@ void ack_lease (packet, lease, offer, wh
can be used. */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
if (oc &&
evaluate_option_cache (&d1, packet, lease,
(struct client_state *)0,
@@ -2962,6 +2975,9 @@ void ack_lease (packet, lease, offer, wh
/* Record the uid, if given... */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
if (oc &&
evaluate_option_cache(&d1, packet, lease, NULL,
packet->options, state->options,
@@ -4068,6 +4084,9 @@ int find_lease (struct lease **lp,
specified unique client identifier. */
oc = lookup_option (&dhcp_universe, packet -> options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option (&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset (&client_identifier, 0, sizeof client_identifier);
if (oc &&
evaluate_option_cache (&client_identifier,
diff -up dhcp-4.3.5b1/server/dhcpd.conf.5.option97 dhcp-4.3.5b1/server/dhcpd.conf.5
--- dhcp-4.3.5b1/server/dhcpd.conf.5.option97 2016-09-12 17:17:13.885690972 +0200
+++ dhcp-4.3.5b1/server/dhcpd.conf.5 2016-09-12 17:17:13.974691043 +0200
@@ -1587,10 +1587,12 @@ should be a name identifying the host.
not specified for the host, \fIhostname\fR is used.
.PP
\fIHost\fR declarations are matched to actual DHCP or BOOTP clients
-by matching the \fRdhcp-client-identifier\fR option specified in the
+by matching the \fIdhcp-client-identifier\fR or \fIpxe-client-id\fR
+options specified in the
\fIhost\fR declaration to the one supplied by the client, or, if the
\fIhost\fR declaration or the client does not provide a
-\fRdhcp-client-identifier\fR option, by matching the \fIhardware\fR
+\fIdhcp-client-identifier\fR or \fIpxe-client-id\fR options,
+by matching the \fIhardware\fR
parameter in the \fIhost\fR declaration to the network hardware
address supplied by the client. BOOTP clients do not normally
provide a \fIdhcp-client-identifier\fR, so the hardware address must
@@ -1602,7 +1604,8 @@ to identify hosts.
.PP
Please be aware that
.B only
-the \fIdhcp-client-identifier\fR option and the hardware address can be
+the \fIdhcp-client-identifier\fR and \fIpxe-client-id\fR
+options and the hardware address can be
used to match a host declaration, or the \fIhost-identifier option\fR
parameter for DHCPv6 servers. For example, it is not possible to
match a host declaration to a \fIhost-name\fR option. This is
diff -up dhcp-4.3.5b1/server/dhcpleasequery.c.option97 dhcp-4.3.5b1/server/dhcpleasequery.c
--- dhcp-4.3.5b1/server/dhcpleasequery.c.option97 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/dhcpleasequery.c 2016-09-12 17:17:13.974691043 +0200
@@ -273,7 +273,7 @@ dhcpleasequery(struct packet *packet, in
*/
memset(&uid, 0, sizeof(uid));
- if (get_option(&uid,
+ i = get_option(&uid,
&dhcp_universe,
packet,
NULL,
@@ -283,8 +283,20 @@ dhcpleasequery(struct packet *packet, in
packet->options,
&global_scope,
DHO_DHCP_CLIENT_IDENTIFIER,
- MDL)) {
-
+ MDL);
+ if (!i)
+ i = get_option(&uid,
+ &dhcp_universe,
+ packet,
+ NULL,
+ NULL,
+ packet->options,
+ NULL,
+ packet->options,
+ &global_scope,
+ DHO_PXE_CLIENT_ID,
+ MDL);
+ if (i) {
snprintf(dbg_info,
sizeof(dbg_info),
"client-id %s",
diff -up dhcp-4.3.5b1/server/failover.c.option97 dhcp-4.3.5b1/server/failover.c
--- dhcp-4.3.5b1/server/failover.c.option97 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/failover.c 2016-09-12 17:17:13.975691044 +0200
@@ -5957,6 +5957,9 @@ int load_balance_mine (struct packet *pa
oc = lookup_option(&dhcp_universe, packet->options,
DHO_DHCP_CLIENT_IDENTIFIER);
+ if (!oc)
+ oc = lookup_option(&dhcp_universe, packet -> options,
+ DHO_PXE_CLIENT_ID);
memset(&ds, 0, sizeof ds);
if (oc &&
evaluate_option_cache(&ds, packet, NULL, NULL,
diff -up dhcp-4.3.5b1/server/mdb.c.option97 dhcp-4.3.5b1/server/mdb.c
--- dhcp-4.3.5b1/server/mdb.c.option97 2016-08-26 20:19:53.000000000 +0200
+++ dhcp-4.3.5b1/server/mdb.c 2016-09-12 17:17:13.975691044 +0200
@@ -129,8 +129,9 @@ static int find_uid_statement (struct ex
esp -> data.option &&
(esp -> data.option -> option -> universe ==
&dhcp_universe) &&
- (esp -> data.option -> option -> code ==
- DHO_DHCP_CLIENT_IDENTIFIER)) {
+ ((esp -> data.option -> option -> code ==
+ DHO_DHCP_CLIENT_IDENTIFIER) ||
+ (esp -> data.option -> option -> code == DHO_PXE_CLIENT_ID))) {
if (condp) {
log_error ("dhcp client identifier may not be %s",
"specified conditionally.");

13
dhcp/patches/0031-dhcp-stateless-DUID-LLT.patch
View File

@ -1,13 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.stateless-DUID-LLT dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.stateless-DUID-LLT 2016-04-29 13:13:50.467360008 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 13:14:53.389375428 +0200
@@ -1317,6 +1317,9 @@ void run_stateless(int exit_mode, u_int1
data_string_forget(&default_duid, MDL);
form_duid(&default_duid, MDL);
+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS &&
+ duid_type == DUID_LLT)
+ write_duid(&default_duid);
}
#ifdef DHCP4o6

64
dhcp/patches/0032-dhcp-dhclient-preinit6s.patch
View File

@ -1,64 +0,0 @@
diff -up dhcp-4.3.4/client/dhclient.c.preinit6s dhcp-4.3.4/client/dhclient.c
--- dhcp-4.3.4/client/dhclient.c.preinit6s 2016-04-29 13:15:10.361379493 +0200
+++ dhcp-4.3.4/client/dhclient.c 2016-04-29 13:17:43.622415423 +0200
@@ -812,6 +812,12 @@ main(int argc, char **argv) {
inaddr_any.s_addr = INADDR_ANY;
+ /* Discover all the network interfaces. */
+ discover_interfaces(DISCOVER_UNCONFIGURED);
+
+ /* Parse the dhclient.conf file. */
+ read_client_conf();
+
/* Stateless special case. */
if (stateless) {
if (release_mode || (wanted_ia_na > 0) ||
@@ -828,12 +834,6 @@ main(int argc, char **argv) {
return 0;
}
- /* Discover all the network interfaces. */
- discover_interfaces(DISCOVER_UNCONFIGURED);
-
- /* Parse the dhclient.conf file. */
- read_client_conf();
-
/* Parse any extra command line configuration arguments: */
if ((dhcp_client_identifier_arg != NULL) && (*dhcp_client_identifier_arg != '\0')) {
arg_conf_len = asprintf(&arg_conf, "send dhcp-client-identifier \"%s\";", dhcp_client_identifier_arg);
@@ -1288,20 +1288,30 @@ void run_stateless(int exit_mode, u_int1
IGNORE_UNUSED(port);
#endif
- /* Discover the network interface. */
- discover_interfaces(DISCOVER_REQUESTED);
+ struct interface_info *ip;
if (!interfaces)
usage("No interfaces available for stateless command: %s", "-S");
- /* Parse the dhclient.conf file. */
#ifdef DHCP4o6
if (dhcpv4_over_dhcpv6) {
/* Mark we want to request IRT too! */
dhcpv4_over_dhcpv6++;
}
#endif
- read_client_conf();
+
+ for (ip = interfaces; ip; ip = ip->next) {
+ if ((interfaces_requested > 0) &&
+ ((ip->flags & (INTERFACE_REQUESTED |
+ INTERFACE_AUTOMATIC)) !=
+ INTERFACE_REQUESTED))
+ continue;
+ script_init(ip->client, "PREINIT6", NULL);
+ script_go(ip->client);
+ }
+
+ /* Discover the network interface. */
+ discover_interfaces(DISCOVER_REQUESTED);
/* Parse the lease database. */
read_client_leases();