]> git.ipfire.org Git - thirdparty/dhcp.git/blame - RELNOTES
projects / thirdparty / dhcp.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[#71] Fix dhcrelay agent option buffer pointer logic
[thirdparty/dhcp.git] / RELNOTES
CommitLineData
5ddbe8e4 1 Internet Systems Consortium DHCP Distribution
82e0ea57
TM		 2 Version 4.4.2b1
3 18 December 2019
72c7bd79 4
5ddbe8e4 5 Release Notes
72c7bd79 6
5ddbe8e4 7 NEW FEATURES
16449d9c 8
397599cb
TM		 9Please note that that ISC DHCP is now licensed under the Mozilla Public License,
10MPL 2.0. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read the MPL 2.0
11license terms.
37ec5845 12
82e0ea57
TM		 13While release 4.4.2b1 is primarily a maintenance release that addresses a number
14of defects, it does introduce a few new features:
15
e4b6b033
TM		 16- Keama - Keama is a migration utility that assists in converting ISC DHCP
17 server configuration files to Kea configuration files. It is found in the
18 keama subdirectory and includes a README.md file with instructions on how
19 to build it as well as a manpage on its usage.
82e0ea57
TM		 20
21- Two new server parameters related to ping checking were added:
22
e4b6b033
TM		 231. ping-cltt-secs which allows the user to specify the number of seconds
24 that must elapse since CLTT before a ping check is conducted.
82e0ea57 25
e4b6b033
TM		 262. ping-timeout-ms which allows the user to specify the amount of time the
27 server waits for a ping-check response in milliseconds rather than in
28 seconds.
82e0ea57
TM		 29
30In general, the areas of focus for ISC DHCP 4.4 were:
397599cb
TM		 31
321. Dynamic DNS additions
332. dhclient improvements
343. Support for dynamic shared libraries
35
36Dynamic DNS Improvements:
37
38- We added three new server configuration parameters which influence DDNS
39 conflict resolution:
40
41 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior
42 to mitigate issues with non-compliant clients in dual stack environments.
43
44 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching
45 requirement of DNS conflict resolution.
46
47 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to
48 allow unguarded DNS entries to be overwritten in certain cases
49
50- The server now honors update-static-leases parameter for static DHCPv6
51 hosts.
52
53dhclient Improvements:
54
a804fcc0 55 - We've added three command line parameters to dhclient:
397599cb
TM		 56
57 1. --prefix-len-hint - directs dhclient to use the given length as
58 the prefix length hint when requesting prefixes
59
a804fcc0 60 2. --decline-wait-time - instructs the client to wait the given number
397599cb
TM		 61 of seconds after declining an IPv4 address before issuing a discover
62
a804fcc0
TM		 63 3. --address-prefix-len - specifies the prefix length passed by dhclient
64 into the client script (via the environment variable ip6_prefixlen) with
65 each IPv6 address. We added this parameter because we have changed the
66 default value from 64 to 128 in order to be compliant with RFC3315bis
67 draft (-09, page 64) and RFC5942, Section 4, point 1.
68 **WARNING**: The new default value of 128 may not be backwardly compatible
69 with your environment. If you are operating without a router, such as
7932503f 70 between VMs on a host, you may find they cannot see each other with prefix
a804fcc0
TM		 71 length of 128. In such cases, you'll need to either provide routing or use
72 the command line parameter to set the value to 64. Alternatively you may
73 change the default at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN
74 in includes/site.h.
75
397599cb
TM		 76 - dhclient will now generate a DHCPv6 DECLINE message when the client script
77 indicates a DAD failure
78
79Dynamic shared library support:
80
81 Configure script, configure.ac+lt, which supports libtool is now provided
82 with the source tar ball. This script can be used to configure ISC DHCP
9de870cc 83 to build with libtool and thus use dynamic shared libraries.
4ff4053b 84
4aa6129a
TM		 85Other Highlights:
86
87 - The server now supports dhcp-cache-threshold for DHCPv6 operations
88 - The server now supports DHPv6 address allocation based on EUI-64 DUIDs
89 - Experimental support for alternate relay port in the both the server
90 and relay for IPv4, IPv6 and 4o6 (see: draft-ietf-dhc-relay-port-10.txt)
91
01a54c17
EH		 92For information on how to install, configure and run this software, as
93well as how to find documentation and report bugs, please consult the
94README file.
ca4606b5 95
01a54c17
EH		 96ISC DHCP uses standard GNU configure for installation. Please review the
97output of "./configure --help" to see what options are available.
fe5b0fdd 98
01a54c17
EH		 99The system has only been tested on Linux, FreeBSD, and Solaris, and may not
100work on other platforms. Please report any problems and suggested fixes to
101<dhcp-users@isc.org>.
98bd7ca0 102
fef8c6f0
SR		 103ISC DHCP is open source software maintained by Internet Systems
104Consortium. This product includes cryptographic software written
105by Eric Young (eay@cryptsoft.com).
106
4ad524bd 107 Changes since 4.4.2b1 (Bug Fixes)
e4b6b033
TM		 108
109- Added a clarification on DHCPINFORMs and server authority to
110 dhcpd.conf.5
111 [Gitlab #37]
112
5c23b618
TM		 113- Only emit lease scrubbing log messages when DEBUG_FAILOVER_MESSAGES
114 is defined.
115 [Gitlab #72]
116
4ad524bd
TM		 117- Added the interface name to socket initialization failure log messages.
118 Prior to this the log messages stated only the error reason without
119 stating the target interface.
120 [Gitlab #75]
121
cce04313 122 Changes since 4.4.1 (New Features)
a5b21e16
TM		 123
124- A new configuration parameter, ping-cltt-secs (v4 operation only), has
125 been added to allow the user to specify the number of seconds that must
126 elapse since CLTT before a ping check is conducted. Prior to this, the
0cd94b5e 127 value was hard coded at 60 seconds. Please see the server man pages for
a5b21e16
TM		 128 a more detailed discussion.
129 [ISC-Bugs #36283]
cce04313 130
cb89a691
TM		 131- A new configuration parameter, ping-timeout-ms (v4 operation only),
132 has been added that allows the user to specify the amount of time
133 the server waits for a ping-check response in milliseconds rather
134 than in seconds (via ping-timeout). When greater than zero, the value
135 of ping-timeout-ms will override the value of ping-timeout. Thanks
136 to Jay Doran from Bluecat Networks for suggesting this feature.
0cd94b5e 137 [Gitlab #10]
cb89a691 138
2ca63671
TM		 139- An experimental tool called, Keama (KEA Migration Assistant), which helps
140 translate ISC DHCP configurations to Kea configurations, is now included
141 in the distribution.
142 [Gitlab #34]
143
cce04313
TM		 144 Changes since 4.4.1 (Bug Fixes)
145
146- Corrected a misuse of the BIND9 DDNS API which caused DDNS updates to be
147 carried out over TCP rather than UDP. The coding error was exposed by
148 migration to BIND9 9.11. Thanks to Jinmei Tatuya at Infoblox for
149 reporting the issue.
150 [ISC-Bugs #47757]
151
c07eb442
TM		 152- Bind9 now defaults to requiring python to build. The Makefile for
153 building Bind9 when bundled with ISC DHCP was modified to turn off
154 this dependency.
0cd94b5e 155 [Gitlab #3]
9ef78585
TM		 156
157- Corrected a dual-stack mixed-mode issue that occurs when both
158 ddns-guard-id-must-match and ddns-other-guard-is-dynamic
159 are enabled and that caused the server to incorrectly interpret
160 the presence of a guard record belonging to another client as
161 a case of no guard record at all. Thanks to Fernando Soto
162 from BlueCat Networks for reporting this issue.
0cd94b5e 163 [Gitlab #1]
c07eb442 164
1c779d3b
TM		 165- Corrected a compilation issue that occurred when building without DNS
166 update ability (e.g. by undefining NSUPDATE).
0cd94b5e 167 [Gitlab #16]
1c779d3b 168
fce94f06
TM		 169- Corrected an issue that was causing the server, when running in
170 DHPCv4 mode, to segfault when class lease limits are reached.
dfcbe359
TM		 171 Thanks to Peter Nagy at Porion-Digital for reporting the matter
172 and submitting a patch.
0cd94b5e 173 [Gitlab #13]
fce94f06 174
753d458b 175- Made minor changes to eliminate warnings when compiled with GCC 9.
71277027 176 Thanks to Brett Neumeier for bringing the matter to our attention.
0cd94b5e
TM		 177 [Gitlab #15]
178
179- Fixed potential memory leaks in parser error message generation
180 spotted by Coverity, CIDs: 1448191, 1448193, 1448194, 1448195
181 [Gitlab #30]
182
183- Updated URL of IEEE oui.txt in contrib/dhcp-lease-list.pl. Thanks
184 to Tommy Smith for contributing the patch.
185 [Gitlab #26]
186
187- Fixed define flags when using SO_BINDTODEVICE. Thanks to Joe LeVeque for
188 reporting the issue.
189 [GitLab #19]
190
191- Applied a patch from OpenBSD to always set the scope id of outbound
192 DHPCv6 packets. Note this change only applies when compiling under
193 OpenBSD. Thanks to Brad Smith at OpenBSD from bringing it to our
194 attention.
195 [Gitlab #33]
196
197- Modified dhclient to not discard config file leases that are
198 duplicates of server-provided leases and to retain such leases
199 after they have been used as the fallback active lease and
200 DHCP service has been restored. This allows them to be used
82e0ea57 201 more than once during the lifetime of a dhclient instance.
0cd94b5e
TM		 202 This applies to DHCPv4 operation only.
203 [Gitlab #9]
204
205- Corrected a number of reference counter and zero-length buffer leaks.
206 [Gitlab #57]
207
208- Closed a small window of time between the installation of graceful
209 shutdown signal handlers and application context startup, during which
210 the receipt of shutdown signal would cause a REQUIRE() assertion to
211 occur. Note this issue is only visible when compiling with
212 ENABLE_GENTLE_SHUTDOWN defined.
213 [Gitlab #53]
214
215- Corrected a buffer overflow that can occur when retrieving zone
216 names that are more than 255 characters in length.
217 [Gitlab #20]
218
219- The "d" domain name option format was incorrectly handled as text
220 instead of RFC 1035 wire format. Thanks to Jay Doran at BlueCat Networks
221 for reporting this issue.
222 [Gitlab #2]
223
224- Improved the error message issued when a host declaration has both
225 a uid and a dhcp-client-identifier. Server configuration parsing will
226 now fail if a host declaration specifies more than one uid.
227 [Gitlab #7]
753d458b 228
4adcee93
TM		 229- Updated developer's documentation on building and running unit tests.
230 Removed support for --with-atf=bind as BIND9 no longer bundles in ATF
231 source.
232 [Gitlab #35]
233
83175640
TM		 234- Fixed a syntax error in ldap.c which cropped up under Ubuntu
235 18.04.1/gcc 7.4.0. Thanks to Charles Hedrick for pointing it out.
236 [Gitlab #51]
237
2661204d
TM		 238- Added clarification to dhcp-options.5 section on ip-address values
239 describing the first-use DNS resolution of options with hostnames as
240 values (e.g. next-server).
241 [Gitlab #28]
242
9a2f9db5
TM		 243- The option format for the server option omapi-key was changed to a
244 format type 'k' (key name); while server options ldap-port and
245 ldap-init-retry were changed to 'L' (unsigned 32-bit integer). These
246 three options were inadvertantly broken when the 'd' format content
247 was changed to comply with RFC 1035 wire format (see Gitlab #2).
248 [Gitlab #68]
249
cce04313
TM		 250 Changes since 4.4.0 (New Features)
251- none
cce04313 252 Changes since 4.4.0 (Bug Fixes)
6826003b
TM		 253
254- A delayed-ack value of 0 (the default), now correctly disables the delayed
255 feature. A change in 4.4.0 prohibited lease updates marking leases active
256 from be written to the lease file when delayed-ack is 0. This in turn,
257 caused servers to lose active lease assignments upon restart.
258 [ISC-Bugs #47141]
259
197b26f2
TM		 260! Option reference count was not correctly decremented in error path
261 when parsing buffer for options. Reported by Felix Wilhelm, Google
262 Security Team.
263 [ISC-Bugs #47140]
c5931725
TM		 264 CVE: CVE-2018-5733
265
266! Corrected an issue where large sized 'X/x' format options were causing
267 option handling logic to overwrite memory when expanding them to human
268 readable form. Reported by Felix Wilhelm, Google Security Team.
269 [ISC-Bugs #47139]
270 CVE: CVE-2018-5732
197b26f2 271
d5118758
TM		 272- Added use of new Bind9 compatibility header files, that are now necessary
273 to supply type definitions for primitive data types, removed from Bind9
274 proper. Altered util/bind.sh to pull from Bind9 repo on gitlab.
275 [ISC-Bugs #48072]
276 [ISC-Bugs #48071]
277
d394b602
TM		 278 Changes since 4.4.0b1 (New Features)
279
280- Duplicate address detection when binding to a new IPv6 address was added
281 to the following dhclient scripts: linux,freebsd,netbsd,openbsd, and macos.
282 The scripts will check for DAD errors after binding to a new IPv6 address
283 for at most --dad-wait-time seconds. If a DAD error is detected the script
284 will exit with a value of 3, instructing dhclient to decline the address. If
285 dad-wait-time is zero (the default), DAD error checking is not peformed.
286 [ISC-Bugs 46805]
287
efd3b1e2
TM		 288- Support for sending and receiving additional DHCP4 options has been added
289 to both the dhcpd and dhclient. Specifically: option codes 93,94, and 97
290 (RFC 4578); code 150 (RFC 5859); and codes 209,219, and 211 (RFC 5071).
291 Beyond configuring, sending, requesting, and receiving these options neither
292 server nor client apply any additional logic based on their values.
293 Thanks to Peter Lewis for requesting this change.
294 [ISC-Bugs 47062]
295
d638452e
TM		 296 Changes since 4.4.0b1 (Bug Fixes)
297
298- Added clarifying text to dhcpd.conf.5 explaining the class match expressions
299 cannot rely on the results of executable statements.
300 [ISC-Bugs #45451]
301
db4e4aa2
TM		 302- Fixed a bug which causes dhcpd and dhclient to crash on certain
303 systems when given relative path names for lease or pid files on
304 the command line. Affected systems are those on which the C library
305 function, realpath() does not support a second parameter value of
306 NULL (see manpages for realpath(3)).
307 [ISC-Bugs #46957]
308
b94669fa
TM		 309- Fixed a build issue when building with embedded BIND9 under OpenBSD that
310 was causing BIND9 build to not generate dns/enumclass.h and dns/enumtype.h.
311 [ISC-Bugs #46971]
312
de964f22
TM		 313- Added <dhcp>/m4/README to the distribution tarball. Some versions of
314 ac_local() treat the absence of the m4 subdirectory as error rather than
315 warning. This was causing the call to autoreconf, necessary for building
316 with libtool, to fail.
317 [ISC-Bugs #47075]
318
4aa6129a 319 Changes since 4.4.0a1 (New Features)
7512d88b 320
4aa6129a
TM		 321- Added experimental support for relay port (draft-ietf-dhc-relay-port-10.txt)
322 feature for DHCPv4, DHCPv6 and DHCPv4-over-DHCPv6. Relay port has to be
323 enabled at compile time via --enable-relay-port and is fully backward
324 compatible (i.e. works with previous implementations of servers and relays
325 using the standard ports). A new --rp <relay-port> command line option
326 specifies to dhcrelay an alternate source port for upstream (i.e. toward
327 the server) messages. Thanks to Naiming Shen and Enke Chen of Cisco
328 systems for submitting these patches.
329 [ISC-Bugs #44535]
330
331- Added --release-on-roam to dhcpd server. When enabled and the server detects
332 that a DHCPv6 client (IAID+DUID) has roamed to a new network, it will release
333 the pre-existing leases on the old network and emit a log statement similar
334 to the following:
335
336 "Client: <id> roamed to new network, releasing lease: <address>"
337
338 The server will carry out all of the same steps that would normally occur
339 when a client explicitly releases a lease. This behavior is disabled by
340 default and may only be specified globally. Prior to this the server renders
341 the leases unavailable until they expire or the server is restarted. Clients
342 that need leases in multiple networks must supply a unique IAID in each IA.
343 When release-on-roam is disabled (the default) the server maintains the
344 prior behavior of making such leases unavailable until they expire or the
345 server is restarted. Clients that need leases in multiple networks must
346 supply a unique IAID in each IA. This parameter may only be specified at
347 the global level. Thanks to Fernando Soto from BlueCat Networks for
348 suggesting this change.
349 [ISC-Bugs #44576]
350 [ISC-Bugs #46849]
351
352- Support for delayed-ack is now compiled in by default. Prior to this
353 it had to be enabled at compile time via --enable-delayed-acks. The
354 default value for delayed-ack, however, has been changed from 28 to 0
355 (i.e. disabled). This was done to minimize the impact on users not
356 currently using the feature. Please note that the delayed-ack feature
357 is not currently compatible with support for DHPCv4-over-DHCPv6 so
358 when a 4to6 port command line argument enables this in the server the
359 delayed-ack value is reset to 0.
360 [ISC-Bugs #42446]
361
362- The server (-6) now honors the parameter, update-static-leases, for static
363 (fixed-address6) DHCPv6 leases. It is worth noting that because stateful
364 data is not retained by the server for static leases, each time a client
365 requests or renews a static lease, the server will perform DDNS updates for
366 it. This may have significant performance implications for environments
367 with many clients that request or renew static leases often. Similarly,
368 the DNS entries will not be removed by server when a client issues a RELEASE
369 nor if the lease is deleted from the configuration. In such cases the DNS
370 entries must be removed manually. This feature is disabled by default.
371 Thanks to both Bill Shirley and dgutier-at-cern-dot-ch for requesting
372 this change.
373 [ISC-Bugs #34097]
374 [ISC-Bugs #41054]
375 [ISC-Bugs #41450]
376
377- Added to the server (-6) a new statement, local-address6, which specifies
378 the source address of packets sent by the server. An additional flag,
379 bind-local-address6, disabled by default, binds the service socket to
380 to local-address6. Note that bind-local-address does not work with direct
381 clients: a relay has to forward packets to the server using the
382 local-address6 destination.
383 [ISC-Bugs #46084]
384
385 Changes since 4.4.0a1 (Bugs)
386
387- The server now recognizes environment variables PATH_DHCPD_DB and
388 PATH_DHCPD_PID. These had been incorrectly compiled out of the code
389 unless DHCPv6 support was disabled. Additionally, the server man
390 pages were corrected to accurately reflect how the server chooses
391 file names (see lease-file-name and pid-file-name statements). Thanks
7932503f
TM		 392 to Fernando Soto at Bluecat Networks for bringing this matter to our
393 attention.
4aa6129a
TM		 394 [ISC-Bugs #46859]
395
396- Removed an "Impossible condition" error upon exit in the dhcpd server that
397 has been shutdown via OMAPI. This condition was only apparent under Solaris
398 when building with --enable-use-sockets and --enable-ipv4-pktinfo.
399 [ISC-Bugs #36118]
400
65eed5c1 401- Corrected some minor Coverity issues: CID 1426059, 1426058, and 1426057.
4aa6129a
TM		 402 [ISC-Bugs #46836]
403
404- Added missing text to dhclient.8 and expanded release note coverage
405 for --address-prefix-len changes.
7512d88b 406
0e76cb91 407 Changes since 4.3.6 (New Features)
3210786b 408
f9741514
FD		 409- Added --enable-bind-install to install embedded bind includes and
410 libraries. Default is to not install them (it was the previous
411 behavior). If you'd like to change the includedir and/or libdir
5a67b030
FD		 412 installation directories to something different than for ISC DHCP
413 you must pass them using the --with-bind-extra-config configuration
414 arguments.
f9741514
FD		 415 [ISC-Bugs #39318]
416
007ba82a
FD		 417- Added support of dynamic shared libraries with libtool. A new
418 --enable-libtool configuration parameter is available but
419 should not be used directly: *please* read the build configuration
420 section in the README file for the recommended procedure.
421 [ISC-Bugs #29402]
422
417b7b4a
TM		 423- IPv6 operation now supports an EUI-64 based address allocation which will
424 calculate addresses for clients with EUI-64 DUIDs based on those DUIDs when
425 enabled by setting use-eui-64 true. The parameter may defined down to the
426 pool scope. Note this feature must be compiled in by defining EUI_64 in
427 includes/site.h. This flag is undefined by default.
428 [ISC-Bugs #43927]
429
b3e6fd51
TM		 430- The directory includes/isc-dhcp and it's only occupant, dst.h, have
431 been removed from the source tree. They are obsolete for branches
432 other than v4_1_esv.
433 [ISC-bugs #45541]
434
7512d88b
TM		 435- Replaced ISC licensing with Mozilla Public License, MPL 2.0 licensing
436 throughout. Please see https://www.mozilla.org/en-US/MPL/2.0/ to read
437 the MPL 2.0 license terms.
438 [ISC-Bugs #45541]
439
3e985dbf
TM		 440- Load balancing for failover peers can now be disabled by setting
441 "load balance max secs" to 0. Doing so for both peers means both
442 servers will respond to all DHCPDISCOVERs or DHCPREQUESTs as soon as
443 they are received.
444 [ISC-Bugs #39669]
445
c0e9661e
TM		 446- Added a new dhclient command line parameter, --prefix-len-hint <length>.
447 When used in conjunction with -P, it directs dhclient to use the given
d8805cee
TM		 448 length as the prefix length hint when requesting prefixes. Thanks to both
449 Indy, of the FireballISO open source project and H. Peter Anvin for
450 suggesting this change.
451 [ISC-Bugs #43792]
452 [ISC-Bugs #35112]
453 [ISC-Bugs #32228]
454 [ISC-Bugs #29470]
3e88222f
TM		 455
456- dhclient will now wait for 10 seconds after declining an IPv4 address
457 before issuing a discover. This is in keeping with RFC 2131, section 3.1.5.
458 Prior to this dhclient did not wait at all. The amount of time dhclient
459 waits can be specified via a new command line parameter:
460 --decline-wait-time <seconds>. A value of zero equates to no wait at all.
ecf9f77b 461 Thanks to Pavel Kankovsky for bringing this matter to our attention.
9de870cc 462 **NOTE: THIS IS CHANGE IN DEFAULT BEHAVIOR.
3e88222f 463 [ISC-Bugs #45457]
c0e9661e 464
35e86889
TM		 465- dhclient will now include the lease address when logging DHCPOFFERs,
466 DHCPREQUESTs, DHCPACKs, DHCPRELEASEs, and DHCPDECLINEs. Additionally,
467 DHCPOFFERs will be logged before their corresponding DHCPREQUESTs are
468 sent and logged.
469 [ISC-Bugs #2729]
470
d6057334
TM		 471- When given the -T command line argument, in addition to reading the
472 current lease file, the server will write the leases to a temporary
473 lease file. This can help detect issues in server configuration that
474 only surface when leases are written to the file. The current lease
475 file will not be modified and the temporary lease file is removed upon
476 completion of the test.
477 [ISC-Bugs #22267]
478
0f69ff73
TM		 479- dhclient will now generate a DHCPv6 DECLINE message containing all IA_NA
480 addresses which for which the client script indicates a DAD failure. After
481 receiving the DECLINE reply, dhclient will restart the solicit process.
482 Note, the client script must exit with a value of 3 to signify that the
483 address failed DAD. Thanks to Jiri Popelka of Red Hat for submitting the
484 patch that was the foundation for this change.
9de870cc 485 **NOTE: THIS IS CHANGE IN DEFAULT BEHAVIOR.
1aca5897
TM		 486 [ISC-Bugs #21237]
487 [ISC-Bugs #23357]
f0f3555e 488 [ISC-Bugs #36966]
0f69ff73 489
30593241
TM		 490- Replaced compilation option, enable-secs-byteorder, with a run-time, server
491 configuration parameter, check-secs-byte-order. When enabled, the
492 server will check for clients that do the byte ordering on the secs field
493 incorrectly. This field should be in network byte order but some clients
494 get it wrong. When this parameter is enabled the server will examine the
495 secs field and if it looks wrong (high byte non zero and low byte zero) swap
496 the bytes. The default is disabled. This parameter is only useful when
497 doing load balancing within failover.
498 [ISC-Bugs #45364]
499
b53ba157
TM		 500- The default value for server (-6) parameter, prefix-length-mode, has been
501 changed from "exact" to "prefer". In "prefer" mode the server will offer
502 the first available prefix with the same length as that requested by the
503 client. If none are found then it will offer the first available prefix of
504 any length. This is more in line with with RFC 8168 and should improve
505 the out-of-the-box user experience.
9de870cc 506 **NOTE: THIS IS CHANGE IN DEFAULT BEHAVIOR.
b53ba157
TM		 507 [ISC-Bugs #45615]
508
bbdac71d
TM		 509- Added support for 'dhcp-cache-threshold' to IPv6 operation: If a client
510 renews before 'dhcp-cache-threshold' percent of its lease has elapsed
511 (default 25%), the server will reuse the allocated lease (provide a
512 lease within the currently allocated lease-time) rather than extend or
513 renew the lease. This allows the server to reply without needlessly
514 writing leases to disk. The preferred and valid lease lifetimes
515 sent to the client will be reduced by the age of the lease. The option
516 may be specified down to the pool level and is supported for all three
517 pool types: NA, TA, and PD.
518 [ISC-Bugs #45292]
519
905c58b9
TM		 520- Added three new server configuration parameters which influence DDNS:
521 1. ddns-dual-stack-mixed-mode - alters DNS conflict resolution behavior
522 to mitigate issues with non-compliant clients in dual stack environments.
523
524 2. ddns-guard-id-must-match - relaxes the DHCID RR client id matching
525 requirement of DNS conflict resolution.
526
2f3eca17 527 3. ddns-other-guard-is-dynamic - alters dual-stack-mixed-mode behavior to
905c58b9
TM		 528 allow unguarded DNS entries to be overwritten in certain cases
529 [ISC-Bugs #42620]
25e4af8b
TM		 530 [ISC-Bugs #42621]
531 [ISC-Bugs #44753]
905c58b9 532
e6ffc27f
TM		 533- A "key-algorithm <algorithm>" statement has been added to omshell to
534 allow the specification of the key algorithm to use during transaction
535 authentication. Prior to this it was hard-coded to be hmac-md5. It now
536 supports all of the same algorithms as the dhcpd server: hmac-md5 (the
537 default), hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, and hmac-sha512.
538 [ISC-Bugs #46771]
539
c2e5ee28
TM		 540- Added a server configuration parameter, persist-eui-64-leases, which
541 determines whether or not EUI-64 based leases are written to the
542 leases file. Default is true.
543 [ISC-Bugs #45046]
544
140612c8 545- Changed the default value of the prefix length passed by dhclient into the
a804fcc0
TM		 546 client script for each IPv6 address from 64 to 128. This was done to comply
547 with RFC3315bis draft (-09, page 64) and RFC5942, Section 4, point 1.
548 In addition, dhclient now supports a command line argument,
549 --address-prefix-len, which may be used to override the default value.
550 **WARNING**: This change may not be backwardly compatible with your
551 environment. If you are operating without a router, such as between VMs on
552 a host, you may find they cannot see each with prefix length of 128. In
553 such cases, you'll need to either provide routing or use the command line
554 parameter to set the value to 64. Alternatively you may change the default
555 at compile time by setting DHCLIENT_DEFAULT_PREFIX_LEN in includes/site.h.
140612c8 556 [ISC-Bugs #23252]
fa6c4c08 557 [ISC-Bugs #37221]
140612c8 558
f1fc5ede 559- Modified dhclient (-6) to bypass sending a confirm (INIT REBOOT) when it has
a804fcc0 560 only expired address associations. Thanks to Jiri Popelka at Red Hat for
f1fc5ede
TM		 561 raising the issue and submitting the patch.
562 [ISC-Bugs #22675]
0e76cb91 563 Changes since 4.3.6 (Bugs):
0b0a1399 564
0e76cb91
TM		 565- Corrected an issue where the server would return a client's previously
566 released prefix lease even when the client provides a prefix length
567 hint that does not match the prior lease. Now the server will only
568 return the previous lease if it exactly matches the hint. If not
569 it will attempt to allocate a new prefix based on the hint and the
570 prefix-length-mode. Thanks to Tim DeNike - Lightspeed Communications
571 for pointing out the error of our ways.
572 [ISC-bugs #45780]
d1489a35 573
a804fcc0 574- Added explicit include of BIND9 isc/util.h to adapt to revisions
0e76cb91
TM		 575 in BIND9 (see BIND9 ticket #46311). Prior to this the build was failing
576 with implicit function declarations errors for POST() and INSIST().
577 [ISC-bugs #46332]
d1489a35 578
0e76cb91
TM		 579- Added to code ignore empty IPv4 host name option (code 12). While RFC 2132
580 states the option cannot be empty, some clients are apparently capable of
581 sending it. Prior to this the server was attempting to use it and store it
582 in the lease file causing issues with DDNS and so forth.
583 [ISC-bugs #43786]
d1489a35 584
9de870cc
TM		 585- Corrected dhclient command line parsing for --dad-wait-time that causes
586 even valid values to fail as invalid on some environments.
587 [ISC-Bugs #46535]
588
0e76cb91
TM		 589- Replaced iasubopt::heap_index with separate values for active and inactive
590 heaps: iasubopt::active_index and iasubopt::inactive_index. This was done
a804fcc0 591 to accommodate a change in behavior in BIND9 isc_heap_delete().
0e76cb91 592 [ISC-bugs #46719]
e105afa1 593
0e76cb91
TM		 594! Plugged a socket descriptor leak in OMAPI, that can occur when there is
595 data pending to be written to an OMAPI connection, when the connection
596 is closed by the reader. Thanks to Pavel Zhukov at RedHat for bringing
597 this issue to our attention and whose patch helped guide us in the right
598 direction.
599 [ISC-Bugs #46767]
4f553fea 600
9de870cc
TM		 601- The ability of the server to send back dhcp6.vendor-opts values has been
602 restored. A change in 4.3.5 (see #29246) which enabled it to send back the
603 FQDN option unfortunately broke its ability send back dhcp6.vendor-opts.
604 Thanks to Sumant Gupta (sumantgupta at gmail dot com) of Landis+Gry for
605 bringing this issue to our attention.
606 [ISC-Bugs #46427]
607
0e76cb91 608 Changes since 4.3.6b1
09dccd03 609
0e76cb91 610- None
eb2d84b6 611
0e76cb91 612 Changes since 4.3.5
76a7db2c 613
0e76cb91
TM		 614- The server now allows the client identifier (option 61) to own leases
615 in more than one subnet concurrently. Prior to this the server would
616 incorrectly release an existing lease in one subnet prior to assigning
617 a lease in another subnet. Note that the prior behavior can be still
618 be achieved by enabling one-lease-per-client. Thanks to both David Zych at
619 the University of Illinois and Norm Proffitt of Infoblox for reporting
620 the issue; and Norm for suggesting a solution.
621 [ISC-Bugs #41358]
ad06e7ba 622
0e76cb91
TM		 623- When replying to a DHCPINFORM, the server will now include options specified
624 at the pool scope, provided the ciaddr field of the DHCPINFORM is populated.
625 Prior to this the server only evaluated options down to the subnet scope.
626 Thanks to Fernando Soto at BlueCat Networks for reporting the issue.
627 [ISC-Bugs #43219]
628 [ISC-Bugs #45051]
a5252220 629
0e76cb91
TM		 630- When memory allocation fails in a repeated way the process writes
631 "Run out of memory." on the standard error and exists with status 1.
632 [ISC-Bugs #32744]
b7bfb2c7 633
0e76cb91
TM		 634- The new lmdb (Lightning Memory DataBase) bind9 configure option is
635 now disabled by default to avoid the presence of this library to be
636 detected which can lead to a link failure.
637 [ISC-Bugs #45069]
841d9a18 638
0e76cb91
TM		 639- The linux interface discovery code has been modified to use getifaddrs()
640 as is done for BSD and OS-X. Prior to this the code would only recognize
641 the first address on an interface and thereby omit vlans.
642 Thanks to Jiri Popelka at Redhat, Marius Tomaschewski at SUSE, and Wei
643 Kong at Novell, who all submitted patches.
644 [ISC-Bugs #28761]
645 [ISC-Bugs #31992]
646 [ISC-Bugs #25428]
647 [ISC-Bugs #31940]
648 [ISC-Bugs #32935]
3abc5708 649
0e76cb91
TM		 650- Fixed a bug in OMAPI that causes omshell to crash when a name-value
651 pair with a zero length value is shipped in an object. Thanks to
652 Fernando Soto at BlueCat Networks for reporting the issue and
653 supplying the patch.
654 [ISC-Bugs #29108]
10b7683e 655
0e76cb91
TM		 656- On 64-bit platforms, dhclient now generates the correct value for the
657 script environment variable, "expiry", the lease expiry value exceeds
658 0x7FFFFFFF. Prior to this such values would produce negative values
659 for expiry in the script environment.
660 [ISC-Bugs #43326]
21f3982a 661
0e76cb91
TM		 662- Common timer logic was modified to cap the maximum timeout values at
663 0x7FFFFFFF - 1. Values larger than that were causing fatal timer out of
664 range errors on 64-bit platforms. Thanks to Jiri Popelka at Red Hat for
665 reporting the issue.
666 [ISC-Bugs #28038]
33dca28a 667
0e76cb91
TM		 668- DHCP6 FQDN option unpacking code now correctly handles values that contain
669 spaces, special, or non-printable characters. Prior to this the buffer
670 size needed was underestimated causing a conversion error message to
671 be logged and DNS updates to be skipped. Thanks to Fernando Soto at
672 BlueCat Networks for bringing the matter to our attention.
673 [ISC-Bugs #43592]
33dca28a 674
0e76cb91
TM		 675- When running in -6 mode, dhclient can enforce the require option statement
676 and will discard offered leases that do not contain all the required
677 options specified in the client configuration. If not enabled the client
678 will still consider such leases. This must be enabled at compile time
679 (see ENFORCE_DHCPV6_CLIENT_REQUIRE in includes/site.h). Thanks to
680 Mritunjaykumar Dubey at Nokia for reporting the issue.
681 [ISC-Bugs #41473]
7da1ac2b 682
0e76cb91
TM		 683- Altered DHCPv4 lease time calculation to avoid roll over errors on 64-bit
684 OS systems when using -1 or large values for default-lease-time. Rollover
685 values will be replaced with 0x7FFFFFFF - 1. This alleviates unintentionally
686 short expiration times being handed out when infinite lease times (-1) in
687 conjunction with failover. Our thanks to Alessandro Gherardi for bringing
688 the issue to our attention.
689 [ISC-Bugs #41976]
e82906fc 690
0e76cb91
TM		 691- Added new compile time option --with-srv-conf-file which specifies a
692 default location of the server configuration file.
693 [ISC-Bugs #44765]
20931f53 694
0e76cb91
TM		 695- Added --dad-wait-time parameter to dhclient. It specifies the maximum time,
696 in seconds, that the client process should wait for the duplicate address
697 detection to complete before initiating DHCP requests. This value is
698 propagated to the dhclient script and the script is responsible for waiting
699 the specified amount of time or until DAD has completed. If the script does
700 not support it, specifying this parameter has no effect. The default value
701 is 0 which specifies that the script should not wait for DAD. With this
702 change the following scripts have been modified to support the new parameter:
703 freebsd, linux, macos, netbsd, openbsd.
704 [ISC-Bugs #36169]
5cc6f201 705
0e76cb91
TM		 706- The server nows checks both the address and length of a prefix delegation
707 when attempting to match it to a prefix pool. This ensures the server
708 responds properly when pool configurations change such that once valid,
709 "in-pool" delegations are now treated as being invalid. During lease
710 file loading at startup, the server will discard any PD leases that
711 are deemed "out-of-pool" either by address or mis-matched prefix length.
712 Clients seeking to renew or rebind such leases will get a response of
713 No Binding in the case of the former, and the prefix delegation with
714 lifetimes set to zero in the case of the latter. Thanks to Mark Nejedlo
715 at TDS Telecom for reporting this issue.
716 [ISC-Bugs #35378]
88c3ff5d 717
0e76cb91
TM		 718- Modified DDNS support initialization such that DNS related ports will only be
719 opened by the server (dhcpd) at startup if ddns-update-style is not "none";
720 by dhclient only if and when the it first attempts an update; and never by
721 dhcrelay. Prior to this all three always did the initialization at startup
722 which causes them to always open on and listen for traffic on two random
723 ports. Thanks to Rodney Beede for reporting this issue.
724 [ISC-Bugs #45290]
725 [ISC-Bugs #33377]
f10cbbfa 726
0e76cb91
TM		 727- Added error logging to two memory allocation failure checks. Thanks to Bill
728 Parker (wp02855 at gmail dot com) for reporting the issue.
729 [ISC-Bugs #41185]
5fc79cfd 730
0e76cb91
TM		 731- Corrected a dhclient -6 issue that caused the client to crash with an
732 "Impossible condition" error after de-preferencing its only IA binding.
733 The crash occurred when server configuration changes rendered the existing
734 binding out-of-range and no other leases were available to offer. Thanks
735 to Pierre Clerissi for bringing this issue to our attention.
736 [ISC-Bugs #44373]
555093da 737
0e76cb91
TM		 738- By defining CALL_SCRIPT_ON_ONETRY_FAIL in includes/site.h, dhclient will
739 now call the script with reason set to FAIL when run with -1 (one try) and
740 there are no server responses. This applies to IPv4 mode only. Thanks for a
741 patch by Martin Pitt which got to us via Andrew Pollock.
742 [ISC-bugs #18183]
646acb59 743
0e76cb91
TM		 744- The server now detects failover peers that are not referenced in at least
745 one pool when run with the command line option for test mode, -T. Prior to
746 this the check was performed too far down stream to be detected in test mode.
747 [ISC-Bugs #29892]
18ba0ff3 748
0e76cb91
TM		 749- Linux script updated. The script is now based on Debian version. It uses
750 ip tool from iproute2 package and ifconfig is no longer used. This also
751 addresses an issue of calling arping with inappropriate parameter.
752 [ISC-bugs #19430]
753 [ISC-bugs #18111]
ce29e695 754
0e76cb91
TM		 755- Changed severity of the log message indicating UDP checksum errors in
756 the received packets from 'info' to 'debug' to avoid logging excessive
757 number of false positives when UDP checksum offloading is enabled.
758 [ISC-bugs #41757]
d1d1da8f 759
0e76cb91
TM		 760- The directory minires has been removed from the source tree. It has
761 long been obsolete for branches other than v4_1_esv. Additionally,
762 includes/minires.h was renamed includes/ns_name.h.
763 [ISC-bugs #45471]
c88dfebd 764
0e76cb91
TM		 765- Replaced ifconfig parameters "add" and "delete" with "alias" and "-alias"
766 for IPv6 mode in the client scripts, netbsd and openbsd. This was
767 preventing IPv6 addresses from being added or removed from interfaces.
768 Thanks to Tim Dean for reporting this issue.
769 [ISC-bugs #31573]
4ce21cb6 770
0e76cb91 771 Changes since 4.3.5b1
b2cb745b 772
0e76cb91
TM		 773- Corrected a bug which could cause the server to sporadically crash while
774 loading lease files with the lease-id-format is set to "hex". Our thanks
775 to Jay Ford, University of Iowa for reporting the issue.
776 [ISC-Bugs #43185]
4ced250f 777
0e76cb91
TM		 778- Eliminated a noisy, but otherwise harmless debug log statment that may
779 appear during server startup when building with --enable-binary-leases
780 and configuring multiple pools in a shared network. Thanks to Fernando
781 Soto from BlueCat Networks for reporting the issue and supplying a patch.
782 [ISC-Bugs #43262]
a3471269 783
0e76cb91 784 Changes since 4.3.4
3e3b5257 785
0e76cb91
TM		 786- Fixed util/bindvar.sh error handling.
787 [ISC-Bugs #41973]
ba4c704d 788
0e76cb91
TM		 789- Correct error message in relay to use remote id length instead
790 of circuit id length.
791 [ISC-Bugs #42556]
b1eea858 792
0e76cb91
TM		 793- Add logic to test directory Makefiles to avoid copying Attfile(s)
794 when building within the source tree. This eliminates a noisy but
795 otherwise harmless error message when running "make check".
796 [ISC-Bugs #41883]
36c4a037 797
0e76cb91
TM		 798- Leases are now scrubbed of certain prior use information when pool
799 re-balancing reassigns them from one FO peer to the other. This
800 corrects an issue where leases that were offered but not used
801 by the client retained the client hostname from the original
802 client. Thanks to Pavel Polacek, Jan Evangelista Purkyne University
803 for reporting the issue.
804 [ISC-Bugs #42008]
41b5a1a6 805
0e76cb91
TM		 806- In the LDAP code and schema add some missing '6' characters to use
807 the v6 instead of the v4 versions. Thanks to Denis Taranushin for
808 reporting this issue and supplying its patch.
809 [ISC-Bugs #42666]
62a9eb91 810
0e76cb91
TM		 811- Correct how the pick-first-value expression is written to a lease
812 file. Previously it was written as a concat expression due to
813 a cut and paste error.
814 [ISC-Bugs #42253]
b7311aae 815
0e76cb91
TM		 816- Modify the DDNS code to clean up the PTR record even if there
817 are issues while cleaning up the A or AAAA records.
818 [ISC-Bugs #23954]
1bfdeaae 819
0e76cb91
TM		 820- Added global configuration parameter, abandon-lease-time, which determines
821 the amount of time a lease remains abandoned. The default is 84600 seconds.
822 Additionaly, the server now conducts a ping check (if ping checks are
823 enabled) prior to offering an abandoned lease to client. Our thanks to
824 David Zych at University of Illinois for reporting the issue and working
825 with us to produce a viable solution.
826 [ISC-Bugs #41815]
1d3fc4d0 827
0e76cb91
TM		 828- Correct handling of interface names during interface discovery. This
829 addresses an issue where interface names of 15 characters in length
830 could lead to crashes or interface recognition errors during startup
831 of dhcpd, dhclient, and dhcrelay.
832 [ISC-Bugs #42226]
68b5d395 833
0e76cb91
TM		 834- Updates to contrib/dhcp-lease-list.pl to make it more friendly.
835 The updates are: looking for the lease file in more places and skipping
836 the "processing complete" output when creating machine readable
837 output. Thanks to Cameron Paine (cbp at null dot net) for the
838 patch.
839 [ISC-Bugs #42113]
f704712e 840
0e76cb91
TM		 841- When reusing a lease for dhcp-cache-threshold return the hostname
842 to the original lease. Also if the host pointer, UID or hardware address
843 change don't allow reuse of the lease.
844 Thanks to Michael Vincent for reporting this and helping us
845 verify the problem and fix.
846 [ISC-Bugs #42849]
6e7e6637 847
0e76cb91
TM		 848- Change dmalloc to use a size_t as the length argument to bring it
849 in line with the call it will make to malloc().
850 [ISC-Bugs #40843]
dce576b8 851
0e76cb91
TM		 852- If the failover socket can't be bound, close it. Otherwise if the
853 user configures an incorrect address in the failover stanza the
854 server will continue to open new sockets every 90 seconds until
855 it runs out.
856 [ISC-Bugs #42452]
45086eef 857
0e76cb91
TM		 858- Add DHCPv4-mode, dhcrelay command line options, "-iu" and "-id", that
859 allow interfaces to be upstream or downstream respectively. Upstream
860 interfaces will accept and forward only BOOTP replies, while downstream
861 interfaces will accept and forward only BOOTP requests.
862 [ISC-Bugs #41547]
785c1a51 863
0e76cb91
TM		 864- Clean up some memory references in the vendor-class construct.
865 [ISC-Bugs #42984]
0f1a34e9 866
0e76cb91 867 Changes since 4.3.4b1
84ee63a0 868
0e76cb91 869- None
cc1bd34e 870
0e76cb91 871 Changes since 4.3.3
0b209ea5 872
0e76cb91
TM		 873- Corrected a static analyzer warning in common/execute.c
874 [ISC-Bugs #40374]
ba4c704d 875
0e76cb91
TM		 876- ISC DHCP now follows the common convention to use the base name a
877 program is invoked with (aka argv[0], vs. a builtin name) for
878 logs. This should help differentiate syslog entries for DHCPv4 and
879 DHCPv6 servers. You can define OLD_LOG_NAME in includes/site.h to
880 keep the previous behavior.
881 [ISC-Bugs #38692]
6067cd48 882
d618ba48
SR		 883- The Linux packet filter code now correctly treats only the least significant
884 12 bits in an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q).
885 Prior to this it was using the entire 16 bit value as the VLAN id and
886 incorrectly discarding packets. Thanks to Jiri Popelka at Red Hat for
887 reporting this issue and supplying its patch.
888 [ISC-Bugs #40591]
21d30347 889
d618ba48
SR		 890- Fixed several static analysis issues such as potential null
891 references, unchecked strdup returns. Thanks to Bill Parker (wp02855 at
892 gmail dot com) who identified these issues and supplied patches to
893 address them.
894 [ISC-Bugs #40754]
895 [ISC-Bugs #40823]
d9b2a590 896
d618ba48
SR		 897- Corrected compilation errors that prohibited building the server
898 and its ATF unit tests when failover is disabled.
899 [ISC-Bugs #40372]
d9b2a590 900
d618ba48
SR		 901- Added the lease address to the end of the debug level log message
902 emitted when an existing lease is renewed within the dhcp-cache-threshold.
903 Thanks to Nathan Neulinger at Missouri S&T for suggesting the change.
904 [ISC-Bugs #40598]
d9b2a590 905
d618ba48
SR		 906- Added dhcpv6 and delayed-ack to settings listed in the "Features:"
907 section of the configure script output. Additionally, all of the
908 features reported on will now always show either a "yes" or "no"
909 value. Prior to this features left to their default setting would
910 not show a value.
911 [ISC-Bugs #40381]
f3a44c10 912
d618ba48
SR		 913- Added a parameter, authoring-byte-order, to the lease file. This value
914 is automatically added to the top of new lease files by the server and
915 indicates the internal byte order (big endian or little endian) of the
916 server. This permits lease files generated on a server with one form of
917 byte order to be used on a server with the opposite form. Our thanks to
918 Timothe Litt for calling this to our attention and for the suggestions
919 he provided.
920 [ISC-Bugs #38396]
04daf4fe 921
d618ba48
SR		 922- Fixed a small memory leak in the DHCPv6 version of the client code.
923 This is unlikely to cause significant issues in actual use.
924 [ISC-Bugs #40990]
7116a34f 925
d618ba48
SR		 926- Corrected a few minor memory leaks in omapi's dereferencing of
927 host objects. Thanks to Jiri Popelka at Red Hat for reporting
928 the issue and supplying the patches.
929 [ISC-Bugs #33990]
930 [ISC-Bugs #41325]
2775bd62 931
d618ba48
SR		 932- Cleaned up some of the Make infrastructure to make --with-libbind
933 work better. Though it still only works with an absolute path.
934 [ISC-Bugs #39210]
dd9738aa 935
d618ba48
SR		 936- Made the embedded bind libraries able to be cross compiled
937 (please refer to the bind9 documentation to learn how to cross
938 compile DHCP and its bind library dependency).
939 [ISC-Bugs #38836]
491bf4a2 940
d618ba48
SR		 941- Update the client code to better support getting IA_NAs and IA_PDs
942 in the same packet, see RFC7550 for some discussion.
943 [ISC-Bugs #40190]
992dc765 944
d618ba48
SR		 945! Update the bounds checking when receiving a packet.
946 Thanks to Sebastian Poehn from Sophos for the bug report and a suggested
947 patch.
948 [ISC-Bugs #41267]
949 CVE: CVE-2015-8605
cb8c997e 950
d618ba48
SR		 951- When handling an incorrect command line for dhcpd, dhclient or dhcrelay
952 print out a specific error message about the first error in addition
953 to the usage string. This may be disabled by editing includes/site.h.
954 [ISC-Bugs #40321]
955 [ISC-Bugs #41454]
acbecb2e 956
d618ba48
SR		 957- The configure script will now exit with an error message if it cannot find
958 a GNU-style make tool (needed when building BIND libraries) or pkg-config
959 (needed to locate ATF used for building unit tests). Prior to this the
960 script would exit indicating success causing subsequent attempts to build
961 the software to fail.
962 [ISC-Bugs #40371]
fb98e02e 963
d618ba48
SR		 964- Properly terminate strings before passing them to regex and fix
965 a boundary error when creating certain new data strings.
966 Thanks to Andrey Jr. Melnikov for the bug report.
967 [ISC-Bugs #41217]
1a006ff6 968
d618ba48
SR		 969- Option expressions, such as prepend and append, are now supported when
970 running dhclient for IPv6. Prior to this such statements in the
971 client configuration file would be parsed but have no affect. Thanks
972 to Jiri Popelka at Red Hat for reporting the issue.
973 [ISC-Bugs #39952]
45adf35c 974
d618ba48
SR		 975- A failover primary server will now accept a binding status update from the
976 secondary which transitions a lease from ACTIVE to ABANDONED. This accounts
977 for instances in which a client declines a lease and only the secondary
978 server receives it. Prior to this the primary server would reject such an
979 update as an "invalid state transition".
980 [ISC_BUGS #25189]
7d9dd306 981
d618ba48
SR		 982- Properly allocate memory for a bpf filter.
983 Thanks to Bill Parker (wp02855 at gmail dot com) who identified this issue.
984 [ISC-Bugs #41485]
7d9dd306 985
d618ba48
SR		 986- Updated contrib/dhcp-lease-list.pl to handle garbage in the oui file better
987 and to print out the hostnames a bit better.
988 Thanks to Antoine Beaupré from Debian for the suggested patch.
989 [ISC-Bugs #41288]
29c6b4f1 990
d618ba48
SR		 991- The DHCPv6 server now handles long valid and preferred lease times better.
992 Values that would cause the internal end time of the lease to wrap are
993 modified to work as infinite.
994 [ISC-Bugs #40773]
01a44a77 995
d618ba48
SR		 996- Updated support for cross compiling by allowing the library archiver
997 to be set at configure time via the environment variable 'AR'.
998 [ISC-Bugs #41536]
01a44a77 999
d618ba48
SR		 1000- The server will now match DHCPv6 relayed clients to host declarations
1001 which include the "hardware" statement, if the relay connected to the
1002 client supplies the client's hardware address via client-linklayer-address
1003 option as per RFC 6939.
1004 [ISC-Bugs #40334]
fc48033a 1005
d618ba48
SR		 1006- Allow a filename to be specified instead of /dev/random during
1007 configuration. This is passed to the BIND configuration to allow
1008 for cross compilation.
1009 [ISC-Bugs #33835]
db3f7799 1010
d618ba48
SR		 1011- Add more option definitions.
1012 [ISC-Bugs #40562]
0da37b4c 1013
d618ba48
SR		 1014- Correct outputting of long lines in the lease file when writing
1015 a lease that includes long strings in an execute statement.
1016 [ISC-Bugs #40994]
158a34fb 1017
d618ba48
SR		 1018- The server will now correctly treat a lease as reserved when the client
1019 requests an infinite lease time (i.e. OxFFFFFFFF) and "infinite-is-reserved"
1020 is enabled. Prior to this the server would halt. In addition, corrections
1021 were made to the server to allow a lease's flags field to be set via omapi.
1022 Prior to this, the server, depending on the host architecture, would
1023 incorrectly parse the new flags value from the omapi message.
1024 [ISC-Bugs #31179]
dceef873 1025
d618ba48
SR		 1026- ISC DHCP can now be configured and built from a directory other than
1027 the top level source directory. Note that "make distcheck" uses this
1028 feature.
1029 [ISC-Bugs #39262]
1be2ba15 1030
d618ba48
SR		 1031- Add support for RFC 3527 to dhcrelay. A new, dhcrelay command line argument,
1032 "-U <interface>" enables the addition of a RFC 3527 compliant link selection
1033 suboption to the agent option added for clients directly connected to the
1034 relay.
1035 [ISC-Bugs #34875]
1036 [ISC-Bugs #41708]
388cba45 1037
d618ba48
SR		 1038- Add a new global DHCPv6 option, dhcpv6-set-tee-times, which when enabled
1039 instructs the server to calculate T1 and T2 as recommended in RFC 3315,
1040 Section 22.4.
1041 [ISC-Bugs #25687]
388cba45 1042
d618ba48
SR		 1043- Corrected minor Coverity issues.
1044 [ISC-Bugs #35144]
b6ab3f6c 1045
d618ba48
SR		 1046- Add support for RFC 7341 DHCPv4 over DHCPv6 with a new configuration
1047 option "--enable-dhcpv4o6". Note this feature requires DHCPv6 support
1048 and is not compatible with delayed-ack. Both client and server use 2
1049 processes which communicate over UDP on a pair of sockets. The new
1050 "-4o6 <port>" command line argument enables DHCPv4 over DHCPv6 support
1051 and specifies the consecutive ports to use for inter-process communication.
1052 Please look at doc/DHCPv4-over-DHCPv6 for more details.
1053 [ISC-Bugs #35711]
f950de77 1054
d618ba48
SR		 1055- Correct interface name formation when using DLPI under Solaris 11. As of
1056 Solaris 11, ethernet device files are located in "/dev/net". The configure
1057 script has been modified to detect this situation and adjust the directory
1058 used accordingly. Thanks to Jarkko Torppa for reporting this issue and
86bda88b 1059 submitting a patch
d618ba48
SR		 1060 [ISC-Bugs #37954]
1061 [ISC-Bugs #40752]
02b0bdc3 1062
d618ba48
SR		 1063- Add a dereference call when handling an error condition while
1064 decoding a packet.
1065 [ISC-Bugs #41774]
d8c7c34e 1066
d618ba48
SR		 1067- Add a new parameter, lease-id-format, to both dhcpd and dhclient. The
1068 parameter controls the format in which certain values are written to lease
1069 files. Formats supported are octal - quoted string containing octal
1070 escapes, and hex - unquoted, colon separated hex digits. Thanks to
1071 Jay Ford, University of Iowa for bringing the issue to our attention.
1072 [ISC-Bugs #26378]
00e9af8e 1073
d618ba48
SR		 1074! Add an option in site.h to limit the number of failover and control
1075 connections the server will accept. By default this is 200.
1076 [ISC-Bugs #41845]
1077 CVE: CVE-2016-2774
9279a3d7 1078
0e76cb91 1079 Changes since 4.3.3b1
59a351d6 1080
0e76cb91 1081- None
0ab4a716 1082
0e76cb91 1083 Changes since 4.3.2
250f7134 1084
0e76cb91
TM		 1085- The server now does a better check to see if it can allocate the memory
1086 for large blocks of v4 leases and should provide a slightly better error
1087 message. Note well: the server pre-allocates v4 addresses, if you use
1088 a large range, such as a /8, the server will attempt to use a large
1089 amount of memory and may not start if there either isn't enough memory
1090 or the size exceeds what the code supports.
1091 [ISC-Bugs #38637]
b05e05b7 1092
0e76cb91
TM		 1093- The server will now reject unicast Request, Renew, Decline, and Release
1094 messages from a client unless the server would have sent that client the
1095 dhcp6.unicast option. This behavior is in compliance with paragraph 1 in
1096 each of the sections 18.2,1, 18.2.3, 18.2.6, and 18.2.7 of RFC 3315. Prior
1097 to this, the server would simply accept the messages. Now, in order for
1098 the server to accept such a message, the server configuration must include
1099 the dhcp6.unicast option either globally or within the shared network to
1100 which the requested lease belongs. In other words, the server will map
1101 the first IA_XX address found within the client message to a shared-network
1102 and look for the presence of the unicast option there and then globally.
1103 Thanks to Jiri Popelka at Red Hat for this issue and his patch which
1104 inspired the fix.
1105 [ISC-Bugs #21235]
ad80055f 1106
0e76cb91
TM		 1107- The ATF (Automated Testing Framework) tools used for optional unit tests
1108 can now be built from its embedded sources in bind, solving the
1109 atf-run / atf-report issue with recent (>= 0.20) versions of ATF.
1110 The new configuration option is "./configure --with-atf=bind".
1111 [ISC-Bugs #38754, #39300]
e9326fd0 1112
0e76cb91
TM		 1113- Corrected a compilation error introduced by the fix for ISC-Bugs #22806.
1114 On older linuxes that do not include the tpacket_auxdata structure don't
1115 bother allocating the cmsgbuf as it isn't necessary and we don't have
1116 a proper length for it.
1117 [ISC-Bugs #39209]
01a44a77 1118
0e76cb91
TM		 1119- Remove the dst directory. This was replaced in 4.2.0 with the dst
1120 code from the Bind libraries but we continued to include it for
1121 backwards compatibility. As we have now released 4.3.x it seems
1122 reasonable to remove it.
1123 [ISC-Buts #39019]
1124
1125- Write out the DUID server id on startup in all cases, previously if it
1126 was read in from server-duid option in the config or lease files for
1127 DHCPv4 it would not be written to the new lease file.
1128 [ISC-Bugs #37791]
1129
1130- When parsing dates for leases convert dates past 2038 to "never".
1131 This avoids problems with integer overflows in the date and time
1132 handling code for people that decide to use very large lease times
1133 or add a lease entry with a date far in the future.
1134 [ISC-Bugs #33056]
1135
1136- Leave the siaddr field clear when sending a NACK as per RFC 2131
1137 table 3.
1138 [ISC-Bugs #38769]
1139
1140- In the client don't send expired addresses to the script as part of
1141 the binding process. Thanks to Sven Trenkel at Google for reporting
1142 the issue and suggesting the patch.
1143 [ISC-Bugs #38631]
1144
1145- While parsing IPv6 addresses treat "add" as part of the address instead
1146 of as a token.
1147 [ISC-Bugs #39529]
1148
1149- Add support for accessing the v4 lease queues (active, free etc) in a
1150 binary fashion instead of needing to walk through a linear list to
1151 insert, find or remove an entry from the queues. In addition add a
1152 compile time option "--enable-binary-leases" to enable the new code
1153 or to continue using the old code. The old code is the default.
1154 Thanks to Fernando Soto from BlueCat Networks for the patch.
1155 [ISC-Bugs #39078]
1156
1157- Delayed-ack now works properly with Failover. Prior to this, bind updates
1158 post startup were being queued but never delivered. Among other things, this
1159 was causing leases to not transition from expired or released to free.
1160 [ISC-Bugs #31474]
1161
1162- Clean up parsing of v6 lease files a bit to avoid infinite loops if the
1163 lease file is corrupt in certain ways.
1164 [ISC-Bugs #39760]
1165
1166- Corrected a crash in dhclient that occurs during lease renewal if the
1167 client is performing its own DNS updates. Thanks to Jiri Popelka at Red Hat
1168 for the bug report.
1169 [ISC-Bugs #38639]
1170
1171- Corrected an issue in v6 lease file parsing. Prior to this, when encountering
1172 a lease with an address for which no configured pool exists, the server was
1173 declaring the lease file corrupt and incorrectly skipping over the subsequent
1174 entry in the file. The server will now emit a log message indicating that
1175 no pool was found for the address (or prefix) and correctly resume parsing
1176 with the next entry in the lease file. Our thanks to Michal Žejdl for
1177 reporting the issue.
1178 [ISC-Bugs #39314]
1179
1180- Be more liberal in finding a subnet group associated with a static
1181 prefix. When we added the class matching code for v6 we also added
1182 a requirement that the static prefix must be within a subnet the
1183 client was in, in order to find the proper statements. We now
1184 look for a subnet based on the prefix, failing that on the static
1185 address for the client and failing that on the shared network
1186 itself.
1187 [ISC-Bugs #38329]
1188
1189- Add a new action expression "parse_vendor_options", which can be used
1190 to parse a vendor-encapsualted-option received by the server based on
1191 the encoding specified by the vendor-option-space statement.
1192 [ISC-Bugs #36449]
1193
1194- Enhance the PARANOIA patch to include fchown() the lease file to
1195 allow it to be manipulated after the server does a chown().
1196 Thanks to Jiri Popelka at Red Hat for the patch.
1197 [ISC-Bugs #36978]
1198
1199- Relax the requirement that prefix pools must be within the subnet.
1200 This was added in as part of #32453 in order to avoid configuration
1201 mistakes but is being removed as prefixes aren't required to be
1202 within the same subnet and many people configure them in that fashion.
1203 [ISC-Bugs #40077]
1204
1205- Fixed a server crash that could occur when the server attempts to remove
1206 the billing class from the last lease billed to a dynamic class after said
1207 class has been deleted. Our thanks to Lasse Pesonen for reporting the
1208 issue.
1209 [ISC-Bugs #39978]
1210
1211- LDAP Patches - Numerous small patches submitted by contributors have
1212 been applied to the contributed code which supplies LDAP support.
1213 In addition, two larger submissions have also been included. The
1214 first adds support for IPv6 configuration and the second provides
1215 GSSAPI authentication. We would like to thank the following for their
1216 contributions (alphabetically):
1217 Alex Novak at SUSE
1218 Bill Parker (wp02855 at gmail dot com)
1219 Jiri Popelka at Red Hat
1220 Marius Tomaschewski at SUSE
1221 (william at adelaide.edu.au), The University of Adelaide
1222 [ISC-Bugs #39056]
1223 [ISC-Bugs #22742]
1224 [ISC-Bugs #24449]
1225 [ISC-Bugs #28545]
1226 [ISC-Bugs #29873]
1227 [ISC-Bugs #30183]
1228 [ISC-Bugs #30402]
1229 [ISC-Bugs #32217]
1230 [ISC-Bugs #32240]
1231 [ISC-Bugs #33176]
1232 [ISC-Bugs #33178]
1233 [ISC-Bugs #36409]
1234 [ISC-Bugs #36774]
1235 [ISC-Bugs #37876]
1236
1237- Handle an out of memory condition in the client a bit better.
1238 Thanks to Frédéric Perrin from Brocade for finding the issue
1239 and suggesting a patch.
1240 [ISC-Bugs #39279]
1241
1242 Changes since 4.3.2rc2
1243- None
1244
1245 Changes since 4.3.2rc1
1246
1247- Corrected a compilation error introduced by the fix for ISC-Bugs #37415.
1248 The error occurs on Linux variants that do not support VLAN tag information
1249 in packet auxiliary data. The configure script now only enables inclusion
1250 of the VLAN tag-based logic if it is supported by the underlying OS.
1251 [ISC-Bugs #38677]
1252
1253 Changes since 4.3.2b1
1254
1255- Specifying the option, --disable-debug, on the configure script command line
1256 now disables debug features. Prior to this, specifying --disable-debug
1257 incorrectly enabled debug features. Thanks to Gustavo Zacarias for reporting
1258 the issue.
1259 [ISC-Bugs #37780]
1260
1261- Unit test execution now uses a path augmented during configuration
1262 processing of the --with-atf option to locate ATF runtime tools, atf-run
1263 and atf-report. For most installations of ATF, this should alleviate the
1264 need to manually include them in the PATH, as was formerly required.
1265 If the configure script cannot locate the tools it will emit a warning,
1266 informing the user that the tools must be in the PATH when running unit
1267 tests.
1268 Secondly, please note that "make check" will now exit with a failure status
1269 code (non-zero) if one or more unit tests fail. This means that invoking
1270 "make check" from an upper level directory will cause the make process to
1271 STOP after the first test subdirectory with failed test(s). To force all
1272 tests in all subdirectories to run, regardless of individual test outcome,
1273 use the command "make -k check".
1274 [ISC-Bugs #38619]
1275
1276 Changes since 4.3.1
1277
1278- Corrected parser's right brace matching when a statement contains an error.
1279 [ISC-Bugs #36021]
1280
1281- TSIG-authenticated dynamic DNS updates now support the use of these
1282 additional algorithms: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384,
1283 and hmac-sha512
1284 [ISC-Bugs #36947]
1285
1286- Added check for invalid failover message type. Thanks to Tobias Stoeckmann
1287 working with the OpenBSD project who spotted the issue and provided the
1288 patch.
1289 [ISC-Bugs #36653]
1290
1291- Corrected rate limiting checks for bad packet logging. Thanks to Tobias
1292 Stoeckmann working with the OpenBSD project who spotted the issue and
1293 provided the patch.
1294 [ISC-Bugs #36897]
1295
1296- Log statements depicting what files will be used by the server now occur
1297 after the configuration file has been processed.
1298 [ISC-Bugs #36671]
1299
1300- Addressed Coverity issues reported as of 07-31-2014:
1301 [ISC-Bugs #36712] Corrects Coverity reported "high" impact issues.
1302 [ISC-Bugs #36933] Corrects Coverity reported "medium" impact issues
1303 [ISC-Bugs #37708] Fixes compilation error in dst_api.c seen in older
1304 compilers that was introduced by #36712
1305
1306- Server now supports a failover split value of 256.
1307 [ISC-Bugs] #36664]
1308
1309- Remove unneeded error #defines. These defines were included in case
1310 external programs required the older versions of the macro. They
1311 have been #ifdeffed for now and will be removed at a future date.
1312 See site.h for the #define to include them again, but you should
1313 switch to using the DHCP_R_* versions instead of the ISC_R_* versions.
1314 Also ISC_R_MULTIPLE has been removed as it is also defined in bind.
1315 [ISC-Bugs #37128]
1316
1317- Added checks in range6 and prefix6 statement parsing to ensure addresses
1318 are within the declared subnet. Thanks to Jiri Popelka at Red Hat for the
1319 bug report and patch.
1320 [ISC-Bugs #32453]
1321 [ISC-Bugs #17766]
1322 [ISC-Bugs #18510]
1323 [ISC-Bugs #23698]
1324 [ISC-Bugs #28883]
1325
1326- Addressed checksum issues:
1327 Added checksum readiness check to Linux packet filtering which eliminates
1328 invalid packet drops due to checksum errors when checksum offloading is
1329 in use. Based on dhcp-4.2.2-xen-checksum.patch made to the Fedora project.
1330 [ISC-Bugs #22806]
1331 [ISC-Bugs #15902]
1332 [ISC-Bugs #17739]
1333 [ISC-Bugs #18010]
1334 [ISC-Bugs #22556]
1335 [ISC-Bugs #29769]
1336 Inbound packets with UDP checksums of 0xffff now validate correctly rather
1337 than being dropped.
1338 [ISC-Bugs #24216]
1339 [ISC-Bugs #25587]
1340
1341- Added the echo-client-id configuration parameter to the server configuration.
1342 The server now supports RFC 6842 compliant behavior by setting a new
1343 configuration parameter, echo-client-id. When enabled, the server will
1344 include the client identifier option (Option code 61) if received, in its
1345 responses. The server identifier returned in NAKs (if enabled) will now
1346 be the globally defined value (if one) if the server cannot attribute the
1347 inbound request to a known subnet.
1348 [ISC-Bugs #35958]
1349 [ISC-Bugs #32545]
1350
1351- Added support of the configuration parameter, use-host-decl-names, to
1352 BOOTP request handling.
1353 [ISC-Bugs #36233]
1354
1355- Added logic to ignore the signal, SIGPIPE, which ensures write failures
1356 will be delivered as errors rather than as SIGPIPE signals on all OSs.
1357 Thanks to Marius Tomaschewski from SUSE who reported the issue and provided
1358 the patch upon which the fix is based.
1359 [ISC-Bugs #32222]
1360
1361- In the failover code, handle the case of communications being interrupted
1362 when the servers are dealing with POTENTIAL-CONFLICT. This patch allows
1363 the primary to accept the secondary moving from POTENTIAL-CONFLICT to
1364 RESOLUTION-INTERRUPTED as well as handling the bind update process better.
1365 In addition the code to resend update or update all requests has been
1366 modified to send requests more often.
1367 [ISC-Bugs #36810]
1368 [ISC-Bugs #20352]
1369
1370- By default, the server will now choose the value to use in the forward DNS
1371 name from the following in order of preference:
1372
1373 1. FQDN option if provided by the client
1374 2. Host name option if provided by the client
1375 3. Configured option host-name if defined
1376
1377 As before, this may be overridden by defining ddns-hostname to the desired
1378 value (or expression). In addition, the server logic has been extended to
1379 use the value of the host name declaration if use-host-decl-names is enabled
1380 and no other value is available.
1381 [ISC-Bugs #21323]
1382
1383- DNS updates were being attempted when dhcp-cache-threshold enabled the use of
1384 the existing lease and the forward DNS name had not changed. This has been
1385 corrected.
1386 [ISC-Bugs #37368]
1387 [ISC-Bugs #38636]
1388
1389- Corrected an issue which caused dhclient to incorrectly form the result when
1390 prepending or appending to the IPv4 domain-search option, received from the
1391 server, when either of the values being combined contain compressed
1392 components.
1393 [ISC-Bugs #20558]
1394
1395- Added the server-id-check parameter to the server configuration.
1396 This parameter allows run-time control over whether or not a server,
1397 participating in failover, verifies the dhcp-server-identifier option in
1398 DHCP REQUESTs against the server's id before processing the request.
1399 Formerly, enabling this behavior was done at compilation time through
1400 the use of the #define, SERVER_ID_CHECK, which has been removed from site.h
1401 The functionality is now only available through the new runtime parameter.
1402 [ISC-Bugs #37551]
1403
1404- During startup, when the server encounters a lease whose binding state is
1405 FTS_BACKUP but whose pool has no configured failover peer, it will reset the
1406 lease's binding state to FTS_FREE. This allows the leases to be reclaimed
1407 by the server after a pool's configuration has changed from failover to
1408 standalone. Prior to this such leases would remain stuck in the backup state
1409 making them unavailable for assignment. Note this conversion will occur
1410 whether or not the server is compiled for failover.
1411 [ISC-Bugs #36960]
1412
1413- Fixed a small issue in the treatment of hosts in the inform processing
1414 that could cause the response to an inform to include information from
1415 the wrong scope. The two examples we've heard of are getting subnet
1416 instead of group information associated with a host entry, or getting
1417 global information instead of subnet if the host entry was built via
1418 omapi. Thanks to Julien Soula at University of Lille for finding the
1419 bug and supplying a patch.
1420 [ISC-Bugs #35712]
1421
1422- Avoid calling pool_timer() recursively from supersede_lease(). This could
1423 result in leases changing state incorrectly or delaying the running of the
1424 leae expiration code.
1425 [ISC-Bugs #38002]
1426
1427- Move the check for a PID file and process to be before we rewrite the
1428 lease file. This avoids the possibility of starting a second instance
1429 of a server which changes the current lease file confusing the first
1430 instance. This check is only included if the admin hasn't disabled PID
1431 files.
1432 [ISC-Bugs #38078]
1433 [ISC-Bugs #38143]
1434
1435- In the client code change the way preferred_life and max_life are printed
1436 for environment variables to be unsigned rather than signed.
1437 Thanks to Jiri Popelka at Red Hat for the bug report and patch.
1438 [ISC-Bugs #37084]
1439
1440- Modified Linux packet handling such that packets received via VLAN are now
1441 seen only by the VLAN interface. Prior to this, such packets were seen by
1442 both the VLAN interface and its parent (physical) interface, causing the
1443 server to respond to both. Note this remains an issue for non-Linux OSs.
1444 Thanks to Jiri Popelka at Red Hat for the patch.
1445 [ISC-Bugs #37415]
1446 [ISC-Bugs #37133]
1447 [ISC-Bugs #36668]
1448 [ISC-Bugs #36652]
1449
1450- Log content has been changed to more directly suggest that admins should
1451 check for multiple IPv6 clients attempting to use the same DUID when only
1452 abandoned addresses are available. Debug level logging will now emit counts
1453 of the total number of, in-use, and abandoned addresses in a shared subnet
1454 when the server finds no addresses available for a given DUID. Lastly,
1455 threshold logging is now automatically disabled for shared subnets whose
1456 total number of possible addresses exceeds (2^64)-1.
1457 [ISC-Bugs #26376]
1458 [ISC-Bugs #38131]
1459
1460- Added a global parameter, prefix-length-mode, which may be used to determine
1461 how the server uses a non-zero value for prefix-length supplied by clients
1462 when soliciting DHCPv6 prefixes. The server supports selection modes of:
1463 ignore, prefer, exact, minimum and maximum which are described in detail in
1464 the server man pages. The prior behavior of the server was to only offer a
1465 prefix whose length exactly matched the prefix-length value requested. If
1466 no such prefixes were available, the server returned a status of none
1467 available. Note the default mode, "exact", provides this same behavior.
1468 [ISC-Bugs #36780]
1469 [ISC-Bugs #32228]
1470
1471- Corrected inconsistencies in dhcrelay's setting the upper interface hop count
1472 limit such that it now sets it to 32 when the upstream address is a multicast
1473 address per RFC 3315 Section 20. Prior to this if the -u argument preceded
1474 the -l argument on the command line or if the same interface was specified
1475 for both; the logic to set the hop limit count for the upper interface was
1476 skipped. This caused the hop count limit to be set to the default value
1477 (typically 1) in the outbound upstream packets.
1478 [ISC-Bugs #37426]
1479
1480 Changes since 4.3.1b1
1481
1482- Modify the linux and openwrt dhclient scripts to process information
1483 from a stateless request. Thanks to Jiri Popelka at Red Hat for the
1484 bug report and patch.
1485 [ISC-Bugs #36102]
01a44a77 1486
0e76cb91
TM		 1487- Remove more unused RCSID tags. These weren't noticed in 4.3 as
1488 the code isn't used anymore but we remove them here to keep the
1489 code consistent across versions.
1490 [ISC-Bugs #36451]
01a44a77 1491
0e76cb91 1492 Changes since 4.3.0
01a44a77 1493
0e76cb91
TM		 1494- Tidy up several small tickets.
1495 Correct parsing of DUID from config file, previously the LL type
1496 was put in the wrong place in the DUID string.
1497 [ISC-Bugs #20962]
1498 Add code to parse "do-forward-updates" as well as "do-forward-update"
1499 Thanks to Jiri Popelka at Red Hat.
1500 [ISC-Bugs #31328]
1501 Remove log_priority as it isn't currently used.
1502 [ISC-Bugs #33397]
1503 Increase the size of the buffer used for reading interface information.
1504 [ISC-Bugs #34858]
01a44a77 1505
0e76cb91
TM		 1506- Remove an extra set of the msg_controllen variable.
1507 [ISC-Bugs #21035]
01a44a77 1508
0e76cb91
TM		 1509- Add a more understandable error message if a configuration attempts
1510 to add multiple keys for a single zone. Thanks to a patch from Jiri
1511 Popelka at Red Hat.
1512 [ISC-Bugs #31892]
f2e70402 1513
0e76cb91
TM		 1514- Fix some minor issues in the dst code.
1515 [ISC-Bugs #34172]
51ce5995 1516
0e76cb91
TM		 1517- Properly #ifdef functions so that the code can compile without NSUPDATE.
1518 [ISC-Bugs #35058]
9b7d458d 1519
0e76cb91
TM		 1520- Update the partner's stos (start time of state, basically when we last
1521 heard from this partner) field when updating the state in failover.
1522 [ISC-Bugs #35549]
9b7d458d 1523
0e76cb91
TM		 1524- Modify the overload processing to allow space for the remote agent ID.
1525 [ISC-Bugs #35569]
1526 Handle the ordering of the SUBNET_MASK option even if it is the last
1527 option in the list.
1528 [ISC-Bugs #24580]
9b7d458d 1529
0e76cb91
TM		 1530- Remove the code that allows a server to follow RFC3315 instead of
1531 the subsequent errata from August 2010 when determining which IAs
1532 to include if no addresses will be assigned.
1533 [ISC-Bugs #28938]
2c8a396a 1534
0e76cb91
TM		 1535- Remove unused RCSID tags.
1536 [ISC-Bugs #35846]
9b7d458d 1537
0e76cb91
TM		 1538- Correct the v6 client timing code. When doing the timing backoff
1539 for MRT limit it to MRD.
1540 Thanks to Jiri Popelka at Red Hat for the bug report and fix.
1541 [ISC-Bugs #21238
66e80033 1542
0e76cb91
TM		 1543- Add a log entry when killing a client and remove the PID files
1544 when a server, relay or client are killed.
1545 [ISC-Bugs #16970]
1546 [ISC-Bugs #17258]
9b7d458d 1547
0e76cb91
TM		 1548- Some minor cleanups in the client code.
1549 In addition to checking for dhcpc check for bootpc in the services list.
1550 [ISC-Bugs #18933]
1551 Correct the client code to only try to get a lease once when the
1552 given the "-1" argument.
1553 Thanks to Jiri Popelka at Red Hat for the bug report and fix.
1554 [ISC-Bugs #26735]
1555 When asked for the version don't send the output to syslog.
1556 [ISC-Bugs #29772]
1557 Add the next server information to the environment variables for
1558 use by the client script. In order to avoid changing the client
1559 lease file the next server information isn't written to it.
1560 Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix.
1561 [ISC-Bugs #33098]
e191f1e8 1562
0e76cb91
TM		 1563- Several updates to the dhcp server code.
1564 When not in quiet mode print out the files being used.
1565 [ISC-Bugs #17551]
1566 As accessing some pid files may require privileges move the dropping
1567 of permission bits due to the paranoia patch to be after the pid code.
1568 Thanks to Jiri Popelka at Red Hat for the bug report and fix.
1569 [ISC-Bugs #25806]
1570 When processing a "--version" request don't output the version information
1571 to syslog.
9b7d458d 1572
0e76cb91
TM		 1573- Add the "enable-log-pid" build option to the configure script. When enabled
1574 this causes the client, server and relay programs to include the PID
1575 number in syslog messages.
1576 Thanks to Marius Tomaschewski for the suggestion and proto-patch.
1577 [ISC-Bugs #29713]
9b7d458d 1578
0e76cb91
TM		 1579- Add a #define to specify the prefix length used when a client attempts
1580 to configure an address. This can be modified by editing includes/site.h.
1581 By default it is set to 64. While 128 might be a better choice it would
1582 also be a change for currently running systems, so we have left it at 64.
1583 [ISC-Bugs #DHCP-2]
9b7d458d 1584
0e76cb91
TM		 1585- Add a run time option to the client "-df" to allow the administrator to
1586 point to a second lease file the client can search for a DUID. This can
1587 be used to allow a v4 and a v6 instance of the client to share a DUID.
1588 The second file will only be searched if there isn't a DUID in the main
1589 lease file and the DUID will be written out to the main lease file.
1590 [ISC-Bugs #34886]
9b7d458d 1591
0e76cb91
TM		 1592- Have the client fsync the lease file to avoid lease corruption if the
1593 client hibernates or otherwise shuts down.
1594 [ISC-Bugs #35894]
9b7d458d 1595
0e76cb91
TM		 1596- Add a check for L2VLAN in bpf.c to help support VLAN interfaces
1597 Thanks to Steinar Haug for the suggestion.
1598 [ISC-Bugs #36033]
ece2d9da 1599
0e76cb91
TM		 1600- Modify the handling of the resolv.conf file to allow the DHCP
1601 process to start up even if the resolv.conf file has problems.
1602 [ISC-Bugs #35989]
ab777749 1603
0e76cb91
TM		 1604- Add threshold logging functionality. Two new options,
1605 log-threshold-low and log-threshold-high, indicate to the
1606 server if and when it should log an error message as addresses
1607 in a pool are used.
1608 [ISC-Bugs #34487]
6ec59010 1609
0e76cb91
TM		 1610- Add code to properly dereference a pointer in the dhclient code
1611 on an error condition.
1612 [ISC-Bugs #36194]
63ccfbb0 1613
0e76cb91
TM		 1614- Add code to help clean up soft leases.
1615 [ISC-Bugs #36304]
babe4149 1616
0e76cb91
TM		 1617- Disable the gentle shutdown functionality until we can determine
1618 the best way to present it to remove or reduce the side effects.
1619 [ISC-Bugs #36066]
d1489a35 1620
0e76cb91 1621 Changes since 4.3.0rc1
e39b4193 1622
0e76cb91
TM		 1623- None
1624 Changes since 4.3.0b1
2d542e1e 1625
0e76cb91
TM		 1626- Tidy up receive packet processing.
1627 Thanks to Brad Plank of GTA for reporting the issue and suggesting
1628 a possible patch.
1629 [ISC-Bugs #34447]
abacf8ad 1630
0e76cb91
TM		 1631 Changes since 4.3.0a1
1632
1633- Modify the message displayed when a process hits a fatal error.
1634 The new message is much shorter and simply points to the README
1635 and our website for directions on bug submissions.
1636 [ISC-Bugs #24789]
1a6b62fe 1637
6980ae03 1638 Changes since 4.2.0 (new features)
51b8a8a0
SR		 1639
1640- If a client renews before 'dhcp-cache-threshold' percent of its lease
1641 has elapsed (default 25%), the server will reuse the allocated lease
1642 (provide a lease within the currently allocated lease-time) rather
1643 than extend or renew the lease. This absolves the server of needing
1644 to perform an fsync() operation on the lease database before reply,
1645 which improves performance. [ISC-Bugs #22228]
80778e94 1646 Updated this patch to support asynchronous DDNS. If the server is
adb95d23 1647 attempting to do DDNS on a lease it should be updated and written to
4809ef5c 1648 disk even if that wouldn't be necessary due to the thresholding.
8cd88e20 1649 [ISC-Bugs #26311]
51b8a8a0 1650
6980ae03
SR		 1651- The 'no available billing' log line now also logs the name of the last
1652 matching billing class tried before failing to provide a billing.
1653 [ISC-Bugs #21759]
1654
32e651c4
SR		 1655- A problem with missing get_hw_addr function when --enable-use-sockets
1656 was used is now solved on GNU/Linux, BSD and GNU/Hurd systems. Note
1657 that use-sockets feature was not tested on those systems. Client and
1658 server code no longer use MAX_PATH constant that is not defined on
3cb6f9bb 1659 GNU/Hurd systems. [ISC-Bugs #25979]
32e651c4 1660
67418698
SR		 1661- Add a perl script in the contrib directory, dhcp-lease-list.pl, which
1662 can parse v4 lease files and output the lease information in a more
1663 human friendly manner. This was written by Christian Hammers with
1664 some updates by vom and ISC. This is contributed code and is not
1665 supported by ISC; however it may be useful to some users.
1666 [ISC-Bugs #20680]
1667
a7341359 1668- Add support in v6 for on-commit, on-expire and on-release.
4809ef5c 1669 [ISC-Bugs #27912]
a7341359 1670
01fa619f
SR		 1671- Add support for using classes with v6.
1672 [ISC-Bugs #26510]
1673
d7d9c0c7
SR		 1674- Update the DDNS code to current standards and allow for sharing
1675 of DDNS entries between v4 and v6 clients. The new code is used
1676 if the ddns-update-style is set to "standard", the older code is
1677 still available if ddns-update-style is set to "interim". The
1678 oldest DDNS code "ad-hoc" has been removed. Thanks to Thomas Pegeot
1679 who submitted a patch for this issue. This patch is based on
1680 that work with some modifications.
64fb661c 1681 [ISC-Bugs #21139]
1534fff7 1682
cde11a4c
SR		 1683- Add a configuration option to the server to suppress using fsync().
1684 Enabling this option will mean that fsync() is never called. This
1685 may provide better performance but there is also a risk that a lease
1686 will not be properly written to the disk after it has been issued
1687 to a client and before the server stops. Using this option is
1688 not recommended.
64fb661c 1689 [ISC-Bugs #34810]
cde11a4c 1690
f88446f1
SR		 1691- Add some logging statements to indicate when the server is ready
1692 to serve. One statement is emitted after the server has finished
1693 reading its files and is about to enter the dispatch loop.
1694 This is "Server starting service.".
1695 The second is emitted when a server determines that both it and
1696 its failover peer are in the normal state.
1697 This is "failover peer <name>: Both servers normal."
64fb661c 1698 [ISC-Bugs #33208]
f88446f1 1699
619304cd
SR		 1700- Add support for accessing options from v6 relays. The v6relay
1701 statement allows the administrator to choose which relay to
1702 use when searching for an option, see the dhcp-options man page
6b9c9f87
SR		 1703 for a description. The host-identifier option has also been
1704 updated to support the use of relay options, see the dhcpd.conf
619304cd
SR		 1705 man page for a description.
1706 [ISC-Bugs #19598]
1707
e54ff84f 1708- When doing DDNS if there isn't an appropriate zone statement attempt
80778e94 1709 to find a reasonable nameserver via a DNS resolver. This restores
e54ff84f
SR		 1710 some functionality that was lost in the transition to asynchronous
1711 DDNS. Due to the lack of security and increase in fragility of the
1712 system when using this feature we strongly recommend the use of
1713 appropriate zone statements rather than using this functionality.
1714 [ISC-Bugs #30461]
1715
61ef216b
SR		 1716- Add support for specifying the address from which to send
1717 DDNS updates on the DHCP server. There are two new options
1718 "ddns-local-address4" and "ddns-local-address6" that each take
1719 one instance of their respective address types.
1720 [ISC-Bugs #34779]
4d079f0e 1721
38ee81bd
SR		 1722- Add ignore-client-uids option in the server. This option causes
1723 the server to not record a client's uid in its lease. This
1724 violates the specification but may also be useful when a client
1725 can dual boot using different client ids but the same mac address.
6b9c9f87 1726 Thank you to Brian De Wolf at Cal Poly Pomona for the patch.
38ee81bd
SR		 1727 [ISC-Bugs #32427]
1728 [ISC-Bugs #35066]
4d079f0e
SR		 1729
1730- Extend the DHCPINFORM processing to honor the subnet selection option
1731 and take host declarations into account.
1732 Thanks to Christof Chen for testing and submitting the patch.
1733 [ISC-Bugs #35015]
1734
fe2ac9e3
SR		 1735- Extend the hardware expression to look into the lease structure
1736 for a hardware address if there is no packet. This allows the
1737 server to find the hardware address during on-expiry processing.
1738 [ISC-Bugs #24584]
61ef216b 1739
bc30c84e
SR		 1740- Add definitions for some options that have been specified by the IETF.
1741 [ISC-Bugs #29268]
ccc2a367 1742 [ISC-Bugs #35198]
bc30c84e 1743
01a44a77 1744 Changes since 4.2.0 (bug fixes)
8ee352ee 1745
01a44a77
SR		 1746- When using 'ignore client-updates;', the FQDN returned to the client
1747 is no longer truncated to one octet.
8ee352ee 1748
01a44a77 1749- Cleaned up an unused hardware address variable in nak_lease().
4889a646 1750
01a44a77
SR		 1751- Manpage entries for the ia-pd and ia-prefix options were updated to
1752 reflect support for prefix delegation.
4889a646 1753
01a44a77 1754- Cleaned up some compiler warnings
7dc4e69c 1755
01a44a77
SR		 1756- An optimization described in the failover protocol draft is now included,
1757 which permits a DHCP server operating in communications-interrupted state
1758 to 'rewind' a lease to the state most recently transmitted to its peer,
1759 greatly increasing a server's endurance in communications-interrupted.
1760 This is supported using a new 'rewind state' record on the dhcpd.leases
1761 entry for each lease.
c5bc8b1a 1762
01a44a77 1763- Fix the trace code which was broken by the changes to the DDNS code.
d0a10f6a 1764
01a44a77
SR		 1765- Update the fsync code to work with the changes to the DDNS code. It now
1766 uses a timer instead of noticing if there are no more packets to process.
dc9d7b08 1767
01a44a77
SR		 1768- When constructing the DNS name structure from a text string append
1769 the root to relative names. This satisfies a requirement in the DNS
1770 library that names be absolute instead of relative and prevents DHCP
1771 from crashing. [ISC-Bugs #21054]
a24b9f23 1772
01a44a77
SR		 1773- "The LDAP Patch" that has been circulating for some time, written by
1774 Brian Masney and S.Kalyanasundraram and maintained for application to
1775 the DHCP-4 sources by David Cantrell has been included. Please be
1776 advised that these sources were contributed, and do not yet meet the
1777 high standards we place on production sources we include by default.
1778 As a result, the LDAP features are only included by using a compile-time
1779 option which defaults off, and if you enable it you do so under your
1780 own recognizance. We will be improving this software over time.
1781 [ISC-Bugs #17741]
c5bc8b1a 1782
01a44a77
SR		 1783- Prohibit including lease time information in a response to a DHCP INFORM.
1784 [ISC-Bugs #21092]
cc17cbc3 1785
01a44a77
SR		 1786! Accept a client id of length 0 while hashing. Previously the server would
1787 exit if it attempted to hash a zero length client id, providing attackers
1788 with a simple denial of service attack. [ISC-Bugs #21253]
1789 CERT: VU#541921 - CVE: CVE-2010-2156
08b2d347 1790
01a44a77 1791- A memory leak in ddns processing was closed. [ISC-Bugs #21377]
08b2d347 1792
01a44a77
SR		 1793- Modify the exception handling for initial context creation. Previously
1794 we would try and clean up before exiting. This could present problems
1795 when the cleanup required part of the context that wasn't available. It
1796 also didn't do much as we exited afterwards anyway. Now we simply log
1797 the error and exit. [ISC-Bugs #21093]
ad4001ce 1798
01a44a77
SR		 1799- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
1800 previously allocated (active) lease to a client that has changed subnets,
1801 despite being on different shared networks. Dynamic prefixes specifically
1802 allocated in shared networks also now are not offered if the client has
1803 moved. [ISC-Bugs #21152]
3cb6f9bb 1804
01a44a77 1805- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916]
f6dc164f 1806
01a44a77
SR		 1807- Fix the trace code to handle timing events better and to truncate a file
1808 before using instead of overwriting it. [ISC-Bugs #20969]
4b8251a0 1809
01a44a77
SR		 1810- Modify the determination of the default TTL to use for DDNS updates.
1811 The user may still configure the ttl via ddns-ttl. The default for
1812 both v4 and v6 is now 1/2 the (preferred) lease time with a limit. The
1813 previous defaults (1/2 lease time without a limit for v4 and a default
1814 value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h
1815 [ISC-Bugs #21126]
47e8308d 1816
01a44a77
SR		 1817- libisc/libdns is now brought up to version 9.7.1rc1. This corrects
1818 three reported flaws in ISC DHCP;
d9b5c150 1819
01a44a77
SR		 1820 o DHCP processes (dhcpd, dhclient) fail to start if one of either the
1821 IPv4 or IPv6 address families is not present. [ISC-Bugs #21122]
08e6dad9 1822
01a44a77
SR		 1823 o Assertion failure when attempting to cancel a previously running DDNS
1824 update. [ISC-Bugs #21133]
9f9265b6 1825
01a44a77
SR		 1826 o Compilation failure of libisc/libdns due to the use of a flexible
1827 array member. [ISC-Bugs #21316]
9f9265b6 1828
01a44a77 1829- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472]
35de6c8c 1830
01a44a77
SR		 1831- Documentation cleanup covering multiple tickets
1832 [ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup
1833 [ISC-Bugs #20263] add text describing some default values
1834 [ISC-Bugs #20193] single quotes at the start of a line indicate a control
1835 line to nroff, escape them if we actually want a quote.
1836 [ISC-Bugs #18916] sync the pointer to web pages amongst the different docs
de87ffe3 1837
01a44a77
SR		 1838- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
1839 was also configured. The nature of this repair also fixes another
1840 error; the host-name supplied by a client is no longer overridden by a
1841 reverse lookup of the lease address. Thanks to a patch from Wilco Baan
1842 Hofman supplied to us by the Debian package maintenance team.
1843 [ISC-Bugs #21691] {Debian Bug#509445}
e563ec2e 1844
01a44a77
SR		 1845- The .TH tag for the dhcp-options manpage was typo repaired
1846 thanks to a report from jidanni and the Debian package maintenance
1847 team. [ISC-Bugs #21676] {Debian Bug#563613}
3bedb117 1848
01a44a77
SR		 1849- More documentation changes - primarily to put the options in the dhclient
1850 and dhcpd man pages into the standard form. Thanks in part to a patch
1851 from David Cantrell at Red Hat.
1852 [ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes
18a28679 1853
01a44a77
SR		 1854- Add code to clear the pointer to an object in an OMAPI handle when the
1855 object is freed due to a dereference. [ISC-Bugs #21306]
0b2ec8c9 1856
01a44a77
SR		 1857- Fixed a bug that leaks host record references onto lease structures,
1858 causing the server to apply configuration intended for one host to any
1859 other innocent clients that come along later. [ISC-Bugs #22018]
67b2cb45 1860
01a44a77
SR		 1861- Minor code fixes
1862 [ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
1863 the name to be at the apex of the zone.
1864 [ISC-Bugs #19617] Restrict length of interface name read from command line
1865 in dhcpd - based on a patch from David Cantrell at Red Hat.
1866 [ISC-Bugs #20039] Correct some error messages in dhcpd.c
1867 [ISC-Bugs #20070] Better range check on values when creating a DHCID.
9a111ee8 1868 [ISC-Bugs #20198] Avoid writing past the end of the field when adding
01a44a77
SR		 1869 overly long file or server names to a packet and add a log message
1870 if the configuration supplied overly long names for these fields.
1871 Thanks to Martin Pala.
1872 [ISC-Bugs #21497] Add a little more randomness to rng seed in client
1873 thanks to a patch from Jeremiah Jinno.
74977c94 1874
01a44a77 1875- Correct error handling in DLPI [ISC-Bugs #20378]
30e42327 1876
01a44a77
SR		 1877- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
1878 checked in configure. [ISC-Bugs #20443]
dbd65517 1879
01a44a77
SR		 1880- Modify how the cmsg header is allocated the v6 send and received routines
1881 to compile on more compilers. [ISC-Bugs #20524]
0f750c4f 1882
01a44a77
SR		 1883- When parsing a domain name free the memory for the name after we are
1884 done with it. [ISC-Bugs #20824]
b95f1ee0 1885
01a44a77
SR		 1886- Add an elapsed time option to the release message and refactor the
1887 code to move most of the common code to a single routine.
1888 [ISC-Bugs #21171].
b95f1ee0 1889
01a44a77
SR		 1890- Two identical log messages for commit_leases() have been disambiguated.
1891 [ISC-Bugs #18915]
0ef9a46e 1892
01a44a77
SR		 1893- Parse date strings more properly - the code now handles semi-colons in
1894 date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat.
1895 [ISC-Bugs #21501, #20598]
de6c9af6 1896
01a44a77
SR		 1897- Fixes to lease input and output.
1898 [ISC-Bugs #20418] - Some systems don't support the "%s" argument to
1899 strftime, paste together the same string using mktime instead.
1900 [ISC-Bugs #19596] - When parsing iaid values accept printable
1901 characters.
1902 [ISC-Bugs #21585] - Always print time values in omshell as hex
1903 instead of ascii if the values happen to be printable characters.
87132514 1904
01a44a77
SR		 1905- Minor changes for scripts, configure.ac and Makefiles
1906 [ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
1907 example conf file. Thanks to a patch from David Cantrell
1908 at Red Hat.
1909 [ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
1910 [ISC-Bugs #19945] Properly close the quote on some arguments.
1911 [ISC-Bugs #20952] Add 64 bit types to configure.ac
adb95d23 1912 [ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH environment variable
b047bd38 1913
01a44a77
SR		 1914- Update the code to parse dhcpv6 lease files to accept a semi-colon at
1915 the end of the max-life and preferred-life clauses. In order to be
1916 backwards compatible with older lease files not finding a semi-colon
1917 is also accepted. [ISC-Bugs #22303].
e3c94800 1918
01a44a77
SR		 1919! Handle a relay forward message with an unspecified address in the
1920 link address field. Previously such a message would cause the
e675b663 1921 server to crash. Thanks to a report from John Gibbins. [ISC-Bugs #21992]
01a44a77 1922 CERT: VU#102047 CVE: CVE-2010-3611
dd9237c3 1923
01a44a77
SR		 1924- ./configure on longer searches for -lcrypto to explicitly link against.
1925 This fixes a bug where 'dhclient' would have shared library dependencies
1926 on '/usr/lib'. [ISC-Bugs #21967]
d13db163 1927
01a44a77
SR		 1928- Handle pipe failures more gracefully. Some OSes pass a SIGPIPE
1929 signal to a process and will kill the process if the signal isn't
1930 caught. This patch adds code to turn off the SIGPIPE signal via
1931 a setsockopt() call. The signal is already being ignored as part
1932 of the ISC library. [ISC-Bugs #22269]
b342f2e7 1933
01a44a77
SR		 1934- Restore printing of values in omshell to the style pre 21585. For
1935 21585 we changed the print routines to always display time values
1936 as a hex list. This had a side effect of printing all data strings
1937 as a hex list. We shall investigate other ways of displaying time
1938 values more usefully. [ISC-Bugs #22626]
797aab67 1939
01a44a77
SR		 1940! Fix the handling of connection requests on the failover port.
1941 Previously a connection request from a source that wasn't
1942 listed as a failover peer would cause the server to become
1943 non-responsive. Thanks to a report from Brad Bendily, brad@bendily.com.
1944 [ISC-Bugs #22679]
9a111ee8 1945 CERT: VU#159528 CVE: CVE-2010-3616
bc7f8b8e 1946
01a44a77
SR		 1947- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
1948 Passing it through to the handlers caused the omshell program to fail
1949 to connect to the server. [ISC-Bugs #21839]
d289ee68 1950
adb95d23 1951- Fix the parenthesis in the code to process configuration statements
01a44a77
SR		 1952 beginning with "auth". The previous arrangement caused
1953 "auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854]
d19fa5a1 1954
01a44a77
SR		 1955- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
1956 Thanks to a report from Jiri Popelka at Red Hat.
1957 [ISC-Bugs #22033], [Red Hat Bug #628258]
bb9189c3 1958
01a44a77
SR		 1959- When processing the format flags for a given option consume the
1960 flag indicating an optional value correctly. A symptom of this
1961 bug was an infinite loop when trying to parse the slp-service-scope
1962 option. Thanks to a patch from Marius Tomaschewski.
1963 [ISC-Bugs #22055]
cbbd2714 1964
01a44a77
SR		 1965- Disable the use of kqueue in the ISC library. This avoids a problem
1966 between the fork and socket code that caused the dhcpd process to
1967 use all available cpu if the program daemonized itself.
1968 [ISC-Bugs #21911]
d208bb04 1969
01a44a77
SR		 1970! When processing a request in the DHCPv6 server code that specifies
1971 an address that is tagged as abandoned (meaning we received a
1972 decline request for it previously) don't attempt to move it from
1973 the inactive to active pool as doing so can result in the server
1974 crashing on an assert failure. Also retag the lease as active
1975 and reset its timeout value.
1976 [ISC-Bugs #21921]
9a111ee8 1977
01a44a77
SR		 1978- Removed the restriction on using IPv6 addresses in IPv4 mode. This
1979 allows IPv4 options which contain IPv6 addresses to be specified. For
1980 example the 6rd option can be specified and used like this:
1981 [ISC-Bugs #23039]
d208bb04 1982
01a44a77
SR		 1983 option 6rd code 212 = { integer 8, integer 8,
1984 ip6-address, array of ip-address };
1985 option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;
25f664a6 1986
01a44a77
SR		 1987- Handle some DDNS corner cases better. Maintain the DDNS transaction
1988 information when updating a lease and cancel any existing transactions
9a111ee8 1989 when removing the ddns information.
01a44a77 1990 [ISC-Bugs #23103]
d424157d 1991
01a44a77
SR		 1992- Some fixes for LDAP
1993 [ISC-Bugs #21783] - Include lber library when building ldap
1994 [ISC-Bugs #22888] - Enable the ldap code when buidling common
1995 The above fixes are from Jiri Popelka at Red Hat.
3221151b 1996
01a44a77
SR		 1997- Modify the dlpi code to accept getmsg() returning a positive value.
1998 [ISC-Bugs #22824]
bea17697
SR		 1999
2000! In dhclient check the data for some string options for
2001 reasonableness before passing it along to the script that
2002 interfaces with the OS.
2003 [ISC-Bugs #23722]
2004 CVE: CVE-2011-0997
c7aa4dd4
TM		 2005
2006- DHCPv6 server now responds properly if client asks for a prefix that
2007 is already assigned to a different client. [ISC-Bugs #23948]
4a5bfeac
SR		 2008
2009- Add the option "--no-pid" to the client, relay and server code,
2010 to disable writing a pid file. Add the option "-pf pidfile"
2011 to the relay to allow the user to supply the pidfile name at
2012 runtime. Add the "with-relay6-pid-file" option to configure
2013 to allow the user to supply the pidfile name for the relay
2014 in v6 mode at configure time.
2015 [ISC-Bugs #23351] [ISC-Bugs #17541]
5d082abd
TM		 2016
2017- 'dhclient' no longer waits a random interval after first starting up to
2018 begin in the INIT state. This conforms to RFC 2131, but elects not to
9a111ee8 2019 implement a 'SHOULD' direction in section 4.1. The goal of this change
73c83820 2020 is to start up faster. [ISC-Bugs #19660]
9a111ee8
TM		 2021
2022- Added 'initial-delay' parameter that specifies maximum amount of time
2023 before client goes to the INIT state. The default value is 0. In previous
2024 versions of the code client could wait up to 5 seconds. The old behavior
5d082abd 2025 may be restored by using 'initial-delay 5;' in the client config file.
73c83820 2026 [ISC-Bugs #19660]
5d082abd
TM		 2027
2028- ICMP ping-check should now sit closer to precisely the number of seconds
2029 configured (or default 1), due to making use of the new microsecond
2030 scale timer internally to dhcpd. This corrects a bug where the server
2031 may immediately timeout an ICMP ping-check if it was made late in the
73c83820 2032 current second. [ISC-Bugs #19660]
5d082abd
TM		 2033
2034- The DHCP client will schedule renewal and rebinding events in
2035 microseconds if the DHCP server provided a lease-time that would result
2036 in sub-1-second timers. This corrects a bug where a 2-second or lower
2037 lease-time would cause the DHCP client to enter an infinite loop by
73c83820 2038 scheduling renewal at zero seconds. [ISC-Bugs #19660]
5d082abd
TM		 2039
2040- Client lease records are recorded at most once every 15 seconds. This
2041 keeps the client from filling the lease database disk quickly on very small
73c83820 2042 lease times. [ISC-Bugs #19660]
5d082abd
TM		 2043
2044- To defend against RFC 2131 non-compliant DHCP servers which fail to
2045 advertise a lease-time (either mangled, or zero in value) the DHCP
2046 client now adds the server to the reject list ACL and returns to INIT
2047 state to hopefully find an RFC 2131 compliant server (or retry in INIT
73c83820 2048 forever). [ISC-Bugs #19660]
023fbaa0
TM		 2049
2050- Parameters configured to evaluate from user defined function calls can
2051 now be correctly written to dhcpd.leases (as on 'on events' or dynamic
2052 host records inserted via OMAPI). [ISC-Bugs #22266]
2053
2054- If a 'next-server' parameter is configured in a dynamic host record via
2055 OMAPI as a domain name, the syntax written to disk is now correctly parsed
2056 upon restart. [ISC-Bugs #22266]
656b1ece
TM		 2057
2058- The DHCP server now responds to DHCPLEASEQUERY messages from agents using
2059 IP addresses not covered by a subnet in configuration. Whether or not to
2060 respond to such an agent is still governed by the 'allow leasequery;'
2061 configuration parameter, in the case of an agent not covered by a configured
2062 subnet the root configuration area is examined. Server now also returns
2063 vendor-class-id option, if client sent it. [ISC-Bugs #21094]
9a111ee8 2064
fc06ee4f
SR		 2065- Documentation fixes
2066 [ISC-Bugs #17959] add text to AIX section describing how to have it send
2067 responses to the all-ones address.
2068 [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
2069 [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS
2070
1185c766
TM		 2071- Relay no longer crashes, when DHCP packet is received over interface without
2072 any IPv4 address assigned. Also extended logging message about discarding
2073 packets with invalid hlen with information about relevant interface name.
2074 [ISC-Bugs #22409]
2075
c6455252
TM		 2076- Relay now properly logs that packet was received over interface without
2077 global IPv6 address [ISC-Bugs #24070]
2078
9a111ee8
TM		 2079- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
2080 rather than sockaddr. Packet ethertype is now forced to ETH_P_IP.
9369bdc1
TM		 2081 [ISC-Bugs #18975]
2082
fb30f3fc
SR		 2083- Minor code cleanups - but note port change for #23196
2084 [ISC-Bugs #23470] - Modify when an ignore return macro is defined to
2085 handle unsed error return warnings for more versions of gcc.
2086 [ISC-Bugs #23196] - Modify the reply handling in the server code to
2087 send to a specified port rather than to the source port for the incoming
2088 message. Sending to the source port was test code that should have
2089 been removed. The previous functionality may be restored by defining
2090 REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't
2091 enable this except for testing purposes.
2092 [ISC-Bugs #22695] - Close a file descriptor in an error path.
2093 [ISC-Bugs #19368] - Tidy up variable types in validate_port.
2094
c616de4f 2095- Code cleanup: remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros
9a111ee8 2096 [ISC-Bugs #13151]
c616de4f
TM		 2097
2098- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831]
a34feb7d 2099
4f55e11b
SR		 2100- Client Script fixes
2101 [ISC-Bugs #23045] Typos in client/scripts/openbsd
2102 [ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
2103 the domain search address is link local.
2104 [ISC-Bugs #1277] In some of the client scripts add code to handle the
2105 case of the default router information being changed without the address
2106 being changed.
2107
802fdea1
TM		 2108- Documentation cleanup
2109 [ISC-Bugs #23326] Updated References document, several man page updates
2110
9a111ee8 2111- Server no longer complains about NULL pointer when configured
1b601efa
TM		 2112 server-identifier expression fails to evaluate. [ISC-Bugs #24547]
2113
199f0b8a
SR		 2114- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
2115 than the dispatch handler. This fixes an issue where omshell, when
2116 run from the same platform as the server, would appear to fail to
2117 connect. This is a companion to #21839. [ISC-Bugs #23592]
2118
786f2e79
SR		 2119- Enlarge the buffer size used by the Omshell code and some of the
2120 print routines to allow for greater than 60 characters or, when
2121 printing as hex strings, 20 characters. [ISC-Bugs #22743]
2122
7cfeb916
SR		 2123- In Solaris 11 switch to using sockets instead of DLPI, thanks
2124 to a patch form Oracle. [ISC-Bugs #24634].
2125
9a111ee8
TM		 2126- Strict checks for content of domain-name DHCPv4 option can now be
2127 configured during compilation time. Even though RFC2132 does not allow
2128 to store more than one domain in domain-name option, such behavior is
d15aa964
TM		 2129 now enabled by default, but this may change some time in the future.
2130 See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
2131 [ISC-Bugs #24167]
2132
beaed73f
SR		 2133- DNS Update fix. A misconfigured server could crash during DNS update
2134 processing if the configuration included overlapping pools or
2135 multiple fixed-address entries for a single address. This issue
2136 affected both IPv4 and IPv6. The fix allows a server to detect such
2137 conditions, provides the user with extra information and recommended
2138 steps to fix the problem. If the user enables the appropriate option
2139 in site.h then server will be terminated
2140 [ISC-Bugs #23595]
2141
8bd96ccb
SR		 2142! Two packets were found that cause a server to halt. The code
2143 has been updated to properly process or reject the packets as
2144 appropriate. Thanks to David Zych at University of Illinois
2145 for reporting this issue. [ISC-Bugs #24960]
2146 One CVE number for each class of packet.
2147 CVE-2011-2748
2148 CVE-2011-2749
2149
01a44a77
SR		 2150- Fix the code that checks for an existing DDNS transaction to cancel
2151 when removing DDNS information, so that we will continue with the
2152 processing if we have a lease even if it doesn't have an outstanding
2153 transaction. [ISC-Bugs #24682]
5a38e43f 2154
01a44a77
SR		 2155- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
2156 configuration files. [ISC-Bugs #24107]
5a38e43f 2157
01a44a77
SR		 2158- Add support for passing DDNS information to a DNS server over
2159 an IPv6 address. [ISC-Bugs #22647]
524705e5 2160
01a44a77
SR		 2161- Enhanced patch for 23595 to handle IPv4 fixed addresses more
2162 cleanly. [ISC-Bugs #23595]
66be0ad1 2163
01a44a77
SR		 2164! Add a check for a null pointer before calling the regexec function.
2165 Without this check we could, under some circumstances, pass
2166 a null pointer to the regexec function causing it to segfault.
2167 Thanks to a report from BlueCat Networks.
2168 [ISC-Bugs #26704].
2169 CVE: CVE-2011-4539
57fbc772 2170
01a44a77
SR		 2171! Modify the DDNS handling code. In a previous patch we added logging
2172 code to the DDNS handling. This code included a bug that caused it
2173 to attempt to dereference a NULL pointer and eventually segfault.
2174 While reviewing the code as we addressed this problem, we determined
2175 that some of the updates to the lease structures would not work as
2176 planned since the structures being updated were in the process of
2177 being freed: these updates were removed. In addition we removed an
2178 incorrect call to the DDNS removal function that could cause a failure
2179 during the removal of DDNS information from the DNS server.
2180 Thanks to Jasper Jongmans for reporting this issue.
2181 [ISC-Bugs #27078]
2182 CVE: CVE-2011-4868
57fbc772 2183
01a44a77
SR		 2184- Fixed the code that checks if an address the server is planning
2185 to hand out is in a reserved range. This would appear as
2186 the server being out of addresses in pools with particular ranges.
2187 [ISC-Bugs #26498]
57fbc772 2188
01a44a77
SR		 2189- In the DDNS code handle error conditions more gracefully and add more
2190 logging code. The major change is to handle unexpected cancel events
2191 from the DNS client code.
2192 [ISC-Bugs #26287]
57fbc772 2193
01a44a77
SR		 2194- Tidy up the receive calls and eliminate the need for found_pkt.
2195 [ISC-Bugs #25066]
9a111ee8 2196
01a44a77
SR		 2197- Add support for Infiniband over sockets to the server and
2198 relay code. We've tested this on Solaris and hope to expand
2199 support for Infiniband in the future. This patch also corrects
2200 some issues we found in the socket code.
2201 [ISC-Bugs #24245]
197c917e 2202
01a44a77
SR		 2203- Add a compile time check for the presence of the noreturn attribute
2204 and use it for log_fatal if it's available. This will help code
2205 checking programs to eliminate false positives.
2206 [ISC-Bugs #27539]
8bd445a1 2207
01a44a77
SR		 2208- Fixed many compilation problems ("set, but not used" warnings) for
2209 gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588]
83d409ae 2210
01a44a77
SR		 2211- Modify the code that determines if an outstanding DDNS request
2212 should be cancelled. This patch results in cancelling the
2213 outstanding request less often. It fixes the problem caused
2214 by a client doing a release where the TXT and PTR records
2215 weren't removed from the DNS.
2216 [ISC-BUGS #27858]
6aaaf6a4 2217
01a44a77
SR		 2218- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet
2219 and dhcpv6_packet in several more places. Thanks to a report from
2220 Bruno Verstuyft and Vincent Demaertelaere of Excentis.
2221 [ISC-Bugs #27941]
4e0997c6 2222
01a44a77
SR		 2223- Remove outdated note in the description of the bootp keyword about the
2224 option not satisfying the requirement of failover peers for denying
2225 dynamic bootp clients.
2226 [ISC-bugs #28574]
ad59838e 2227
01a44a77
SR		 2228- Multiple items to clean up IPv6 address processing.
2229 When processing an IA that we've seen check to see if the
2230 addresses are usable (not in use by somebody else) before
2231 handing it out.
2232 When reading in leases from the file discard expired addresses.
2233 When picking an address for a client include the IA ID in
2234 addition to the client ID to generally pick different addresses
2235 for different IAs.
2236 [ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586]
2237 [ISC-Bugs #27684]
f33dc722 2238
01a44a77
SR		 2239- Remove unnecessary checks in the lease query code and clean up
2240 several compiler issues (some dereferences of NULL and treating
2241 an int as a boolean).
2242 [ISC-Bugs #26203]
4dc5a6b1 2243
01a44a77
SR		 2244- Fix the NA and PD allocation code to handle the case where a client
2245 provides a preference and the server doesn't have any addresses or
2246 prefixes available. Previously the server ignored the request with
2247 this patch it replies with a NoAddrsAvail or NoPrefixAvail response.
2248 By default the code performs according to the errata of August 2010
2249 for RFC 3315 section 17.2.2; to enable the previous style see the
2250 section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option
2251 may be removed in the future.
2252 Thanks to Jiri Popelka at Red Hat for the patch.
2253 [ISC-Bugs #22676]
3004baba 2254
01a44a77
SR		 2255- Fix up some issues found by static analysis.
2256 A potential memory leak and NULL dereference in omapi.
2257 The use of a boolean test instead of a bitwise test in dst.
2258 [ISC-Bugs #28941]
3004baba 2259
01a44a77
SR		 2260- Rotate the lease file when running in v6 mode.
2261 Thanks to Christoph Moench-Tegeder at Astaro for the
2262 report and the first version of the patch.
2263 [ISC-Bugs #24887]
9d97e644 2264
01a44a77
SR		 2265- Correct code to calculate timing values in client to compare
2266 rebind value to infinity instead of renew value.
2267 Thanks to Chenda Huang from H3C Technologies Co., Limited
2268 for reporting this issue.
2269 [ISC-Bugs #29062]
23d39ae2 2270
01a44a77
SR		 2271- Fix some issues in the code for parsing and printing options.
2272 [ISC-Bugs #22625] - properly print options that have several fields
2273 followed by an array of something for example "fIa"
2274 [ISC-Bugs #27289] - properly parse options in declarations that have
2275 several fields followed by an array of something for example "fIa"
2276 [ISC-Bugs #27296] - properly determine if we parsed a 16 or 32 bit
2277 value in evaluate_numeric_expression (extract-int).
2278 [ISC-Bugs #27314] - properly parse a zero length option from
2279 a lease file. Thanks to Marius Tomaschewski from SUSE for the report
2280 and prototype patch for this ticket as well as ticket 27289.
23d39ae2 2281
01a44a77
SR		 2282! Previously the server code was relaxed to allow packets with zero
2283 length client ids to be processed. Under some situations use of
2284 zero length client ids can cause the server to go into an infinite
2285 loop. As such ids are not valid according to RFC 2132 section 9.14
2286 the server no longer accepts them. Client ids with a length of 1
2287 are also invalid but the server still accepts them in order to
2288 minimize disruption. The restriction will likely be tightened in
2289 the future to disallow ids with a length of 1.
2290 Thanks to Markus Hietava of Codenomicon CROSS project for the
9a111ee8 2291 finding this issue and CERT-FI for vulnerability coordination.
01a44a77
SR		 2292 [ISC-Bugs #29851]
2293 CVE: CVE-2012-3571
0c9d3a81 2294
01a44a77
SR		 2295! When attempting to convert a DUID from a client id option
2296 into a hardware address handle unexpected client ids properly.
2297 Thanks to Markus Hietava of Codenomicon CROSS project for the
9a111ee8 2298 finding this issue and CERT-FI for vulnerability coordination.
01a44a77
SR		 2299 [ISC-Bugs #29852]
2300 CVE: CVE-2012-3570
e1a40211 2301
01a44a77
SR		 2302! A pair of memory leaks were found and fixed. Thanks to
2303 Glen Eustace of Massey University, New Zealand for finding
2304 this issue.
2305 [ISC-Bugs #30024]
2306 CVE: CVE-2012-3954
e7e17397 2307
01a44a77
SR		 2308- Existing legacy unit-tests have been migrated to Automated Test
2309 Framework (ATF). Several new tests have been developed. To enable
2310 unit-tests, please use --with-atf in configure script. A Developer's
2311 Guide has been added. To generate it, please use make devel in
2312 the doc directory. It is currently in early stages of development,
2313 but is expected to grow in the near future. [ISC-Bugs 25901]
ef86959b 2314
01a44a77
SR		 2315! An issue with the use of lease times was found and fixed. Making
2316 certain changes to the end time of an IPv6 lease could cause the
2317 server to abort. Thanks to Glen Eustace of Massey University,
2318 New Zealand for finding this issue.
2319 [ISC-Bugs #30281]
2320 CVE: CVE-2012-3955
ef86959b 2321
01a44a77
SR		 2322- Update the memory leakage debug code to work with v6.
2323 [ISC-Bugs #30297]
919f1407 2324
01a44a77
SR		 2325- Relax the requirements for deleting an A or AAAA record.
2326 Previously the DDNS removal code required both the A or AAAA
2327 record and the TXT record to exist. This requirement could
2328 cause problems if something interrupted the removal leaving
2329 the TXT record alone. This relaxation was codified in RFC 4703.
2330 [ISC-Bugs #30734]
8a0d9ca4 2331
01a44a77
SR		 2332- Modify the failover code to handle incorrect peer names
2333 better. Previously the structure holding the name might
2334 have been freed inappropriately in some cases and not
2335 freed in other cases.
2336 [ISC-Bugs #30320]
17a8f0e2 2337
01a44a77
SR		 2338- Add a configure option, enable-secs-byteorder, to deal with
2339 clients that do the byte ordering on the secs field incorrectly.
2340 This field should be in network byte order but some clients
2341 get it wrong. When this option is enabled the server will examine
2342 the secs field and if it looks wrong (high byte non zero and low
2343 byte zero) swap the bytes. The default is disabled. This option
2344 is only useful when doing load balancing within failover.
2345 [ISC-Bugs #26108]
badc999d 2346
01a44a77
SR		 2347- Fix a set of issues that were discovered via a code inspection
2348 tool. Thanks to Jiri Popelka and Tomas Hozza Red Hat for the logs
2349 and patches.
2350 [ISC-Bugs #23833]
0d8c3d6e 2351
9a111ee8 2352- Parsing unquoted base64 strings improved. Parser now properly handles
01a44a77 2353 strings that contain reserved names. [ISC-Bugs #23048]
1e05d095 2354
01a44a77
SR		 2355- Modify the nak_lease function to make some attempts to find a
2356 server-identifier option to use for the NAK.
2357 [ISC-Bugs #25689]
1e05d095 2358
01a44a77
SR		 2359- The client now passes information about the options it requested
2360 from the server to the script code via environment variables.
2361 These variables are of the form requested_<option_name>=1 with
2362 the option name being the same as used in the new_* and old_*
2363 variables.
2364 [ISC-Bugs #29068]
1943bbf8 2365
01a44a77
SR		 2366- Add support for a simple check that the server id in a request message
2367 to a failover peer matches the server id of the server. This support
2368 is enabled by editing the file includes/site.h and uncommenting the
2369 definition for SERVER_ID_CHECK. The option has several restrictions
2370 and issues - please read the comment in the site.h file before
2371 enabling it.
2372 [ISC-Bugs #31463]
8a513c43 2373
01a44a77
SR		 2374- Tidy up some compiler issues in the debug code.
2375 [ISC-Bugs #26460]
d122accf 2376
adb95d23 2377- Move the dhcpd.conf example file to dhcpd.conf.example to avoid
01a44a77
SR		 2378 overwriting the dhcpd.conf file when installing a new version of
2379 ISC DHCP. The user will now need to manual copy and edit the
2380 dhcpd.conf file as desired.
2381 [ISC-Bugs #19337]
0d8c3d6e 2382
01a44a77
SR		 2383- Check the status value when trying to read from a connection to
2384 see if it may have been closed. If it appears closed don't try
2385 to read from it again. This avoids a potential busy-wait like
2386 loop when the peer names are mismatched.
2387 [ISC-Bugs #31231]
590298e7 2388
01a44a77
SR		 2389- Remove an unused variable to keep compilers happy.
2390 [ISC-Bugs #31983]
2b58b865 2391
01a44a77
SR		 2392- Modify test makefiles to be more similar to standard makefiles
2393 and comment out a currently unused test.
2394 [ISC-Bugs #32089]
600ee619 2395
01a44a77
SR		 2396- Address static analysis warnings.
2397 [ISC-Bugs #33510] [ISC-Bugs #33511]
a5c7bf77 2398
01a44a77
SR		 2399- Silence benign static analysis warnings.
2400 [ISC-Bugs #33428]
a5c7bf77 2401
01a44a77
SR		 2402- Add check for 64-bit package for atf.
2403 [ISC-Bugs #32206]
a5c7bf77 2404
01a44a77
SR		 2405- Use newer auto* tool packages and turn on RFC_3542 support on Mac OS.
2406 [ISC-Bugs #26303]
a5c7bf77 2407
01a44a77
SR		 2408- Remove a variable when it isn't being used due to #ifdefs to avoid
2409 a compiler warning on Solaris using GCC.
2410 [ISC-Bugs #33032]
0585235c 2411
01a44a77
SR		 2412- Add a check for too much whitespace in a config or lease file.
2413 Thanks to Paolo Pellegrino for finding the issue and a suggestion
2414 for the patch.
2415 [ISC-Bugs #33351]
0585235c 2416
01a44a77
SR		 2417- Fix several problems with using OMAPI to manipulate class and subclass
2418 objects.
2419 [ISC-Bugs #27452]
f4bc8261 2420
01a44a77
SR		 2421- Added a sleep call after killing the old client to allow time
2422 for the sockets to be cleaned. This should allow the -r option
2423 to work more consistently.
2424 [ISC-Bugs #18175]
33692791 2425
01a44a77
SR		 2426- Missing files for ISC DHCP Developer's Guide are now included in
2427 the release tarballs. To generate this documentation, please use
2428 make devel command in doc directory. [ISC-Bugs #32767]
928618dd 2429
01a44a77
SR		 2430- Update client script for use with openwrt.
2431 [ISC-Bugs #29843]
928618dd 2432
01a44a77
SR		 2433- Fix the socket handling for DHCPv6 clients to allow multiple instances
2434 of a client on a single machine to work properly. Previously only
2435 one client would receive the packets. Thanks to Jiri Popelka at Red Hat
2436 for the bug report and a potential patch.
2437 [ISC-Bugs #34784]
3c941d42 2438
01a44a77
SR		 2439- Added support for gentle shutdown after signal is received.
2440 [ISC-Bugs #32692] [ISC-Bugs 34945]
bdd8e747 2441
01a44a77
SR		 2442- Enhance the DHCPv6 server logging to include the addresses that are assigned
2443 to the clients.
2444 [ISC-Bugs #26377]
3da71461 2445
01a44a77
SR		 2446- Fix an operation in the DDNS code to be a bitwise instead of logical or.
2447 [ISC-Bugs #35138]
fdfebedf 2448
7aa153b8 2449
adbef119
DH		 2450 Changes since 4.1.0 (new features)
2451
d340bc24
DH		 2452- Failover port configuration can now be left to defaults (port 647) as
2453 described in the -12 revision of the Failover draft (and assigned by
4b97eaff 2454 IANA). Thanks in part to a patch from David Cantrell at Red Hat.
adbef119 2455
0829d595
DH		 2456- If configured, dhclient may now transmit to an anycast MAC address,
2457 rather than using a broadcast address. Thanks to a patch from David
2458 Cantrell at Red Hat.
2459
8a3c1e33
PS		 2460- Added client support for setting interface MTU and metric, thanks to
2461 Roy "UberLord" Marples <roy@marples.name>.
2462
a41d7a25
PS		 2463- Added client -D option to specify DUID type to send.
2464
9e3eb22a
DH		 2465- A new failover configuration parameter has been introduced for those
2466 environments where DHCP servers can be reasonably guaranteed to be
2467 "down" when the failover TCP socket is severed, "auto-partner-down".
2468 This parameter is not generally safe, and by default is disabled, so
2469 please carefully review the documentation of this parameter in the
2470 dhcpd.conf(5) manpage before determining to use it yourself.
2471
33ea4622
DH		 2472- Added a configuration function, 'gethostname()', which calls the system
2473 function of the same name and presents the results as a data expression.
2474 This function can be used to incorporate the system level hostname of
2475 the system the DHCP software is operating on in responses or queries (such
2476 as including a failover partner's hostname in a dhcp message or binding
2477 scope, or having a DHCP client send any system hostname in the host-name or
2478 FQDN options by default).
2479
5a671e87
DH		 2480- The dhcp-renewal-time and dhcp-rebinding-time options may now be configured
2481 for DHCPv4 operation and used independently of the dhcp-lease-time
2482 calculations. Invalid renew and rebinding times (e.g., greater than the
2483 determined lease time) are omitted.
2484
adb95d23 2485- Processing the DHCP to DNS server transactions in an asynchronous fashion,
45adf35c 2486 the DHCP server or client can now continue with its processing while
98bf1607 2487 awaiting replies from the DNS server.
c900c5b2
DH		 2488
2489- The 'hardware [ethernet|etc] ...;' parameter in host records has been
2490 extended to attempt to match DHCPv6 clients by the last octets of a
2491 DUID-LL or DUID-LLT provided by the client.
2492
59112e84
SR		 2493 Changes since 4.1.0 (bug fixes)
2494
62f6843d
MA		 2495- Remove infinite loop in token_print_indent_concat().
2496
59112e84
SR		 2497- Validate the argument to the -p option.
2498
47e6eb82
DH		 2499- The notorious 'option <unknown> ... larger than buffer' log line,
2500 which is seen in some malformed DHCP client packets, was modified.
2501 It now logs the universe name, and does not log the length values
2502 (which are bogus corruption read from the packet anyway). It also
2503 carries a hopefully more useful explanation.
2504
159c89d7
EH		 2505- Suppress spurious warnings from configure about --datarootdir
2506
1aa0fe5e
DH		 2507- A bug was fixed that caused the server not to answer some valid Solicit
2508 and Request packets, if the dynamic range covering any requested addresses
2509 had been deleted from configuration.
2510
cd51403d
SR		 2511- Update the code to deal with GCC 4.3. This included two sets of changes.
2512 The first is to the configuration files to include the use of
571c38b0 2513 AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that
cd51403d
SR		 2514 were being ignored.
2515
64e1823d
DH		 2516- The db-time-format option was documented in manpages.
2517
26e59ee9
DH		 2518- Using reserved leases no longer results in 'lease with binding state
2519 free not on its queue' error messages, thanks to a patch from Frode
2520 Nordahl.
2521
70ea9345
PS		 2522- Fix a build error in dhcrelay, using older versions of gcc with
2523 dhcpv6 disabled.
2524
8d7dca58 2525- Two uninitialized stack structures are now memset to zero, thanks to a
4b97eaff 2526 patch from David Cantrell at Red Hat.
819186b7 2527
f4534b17
DH		 2528- Fixed a cosmetic bug where pretty-printing valid domain-search options would
2529 result in an erroneous error log message ('garbage in format string').
2530
f9453d21
DH		 2531- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server
2532 to stop receiving packets is fixed. The same fix also means that the MAC
2533 address will no longer appear 'bogus' on DLPI-based systems.
2534
2535- A bug in select handling was discovered where the results of one select()
2536 call were discarded, causing the server to process the next select() call
2537 and use more system calls than required. This has been repaired - the
2538 sockets will be handled after the first return from select(), resulting in
2539 fewer system calls.
2540
a3dcc0b1
DH		 2541- The update-conflict-detection feature would leave an FQDN updated without
2542 a DHCID (still currently implemented as a TXT RR). This would cause later
2543 expiration or release events to fail to remove the domain name. The feature
2544 now also inserts the client's up to date DHCID record, so records may safely
2545 be removed at expiration or release time. Thanks to a patch submitted by
2546 Christof Chen.
2547
95fd7038
DH		 2548- Memory leak in the load_balance_mine() function is fixed. This would
2549 leak ~20-30 octets per DHCPDISCOVER packet while failover was in use
2550 and in normal state.
2551
2552- Various compilation fixes have been included for the memory related
2553 DEBUG #defines in includes/site.h.
2554
8a3c1e33
PS		 2555- Fixed Linux client script 'unary operator expected' errors with DHCPv6.
2556
2557- Fixed setting hostname in Linux hosts that require hostname argument
2558 to be double-quoted. Also allow server-provided hostname to
2559 override hostnames 'localhost' and '(none)'.
2560
dedde1ba
DH		 2561- Fixed failover reconnection retry code to continue to retry to reconnect
2562 rather than restarting the listener.
2563
a57df74a
DH		 2564- Compilation on Solaris with USE_SOCKETS defined in includes/site.h has
2565 been repaired. Other USE_ overrides should work better.
2566
2567- A check for the local flavor of IFNAMSIZ had a broken 'else' condition,
2568 that probably still resulted in the correct behaviour (but wouldn't use
2569 a larger defined value provided by the host OS).
2570
350576c5
DH		 2571- Fixed a bug where an OMAPI socket disconnection message would not result
2572 in scheduling a failover reconnection, if the link had not negotiated a
2573 failover connect yet (e.g.: connection refused, asynch socket connect()
2574 timeouts).
2575
792156a9
DH		 2576- A bug was fixed that caused the 'conflict-done' state to fail to be parsed
2577 in failover state records.
2578
8a4e543b
DH		 2579! A stack overflow vulnerability was fixed in dhclient that could allow
2580 remote attackers to execute arbitrary commands as root on the system,
2581 or simply terminate the client, by providing an over-long subnet-mask
1b12d999 2582 option. CERT VU#410676 - CVE-2009-0692
8a4e543b 2583
a1308b64
DH		 2584- Fixed a bug where relay agent options would never be returned when
2585 processing a DHCPINFORM.
2586
1b12d999
DH		 2587- Versions 3.0.x syntax with multiple name->code option definitions is now
2588 supported. Note that, similarly to 3.0.x, for by-code lookups only the
2589 last option definition is used.
2590
d453265f
PS		 2591- Fixed a bug where a time difference of greater than 60 seconds between a
2592 failover pair could cause the primary to crash on contact with the
2593 secondary. Thanks to a patch from Steinar Haug.
2594
3e29af1e
PS		 2595- Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode.
2596 Thanks to patches from Matthew Newton and David Cantrell.
2597
b8d45c67
DH		 2598- Secondary servers in a failover pair will now perform ddns removals if
2599 they had performed ddns updates on a lease that is expiring, or was
2600 released through the primary. As part of the same fix, stale binding scopes
2601 will now be removed if a change in identity of a lease's active client is
2602 detected, rather than simply if a lease is noticed to have expired (which it
2603 may have expired without a failover server noticing in some situations).
2604
583c1c16
DH		 2605- A patch supplied by David Cantrell at RedHat was applied that detects
2606 invalid calling parameters given to the ns_name_ntop() function.
2607 Specifically, it detects if the caller passed a pointer and size pair
2608 that causes the pointer to integer-wrap past zero.
2609
e4e3a2ab
DH		 2610! Fixed a fenceposting bug when a client had two host records configured,
2611 one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892
95f5d38c 2612
875e99dc
SR		 2613- Fixed the check in the dhcp_interface_signal_handler routine to verify
2614 the existence of the linked signal handler before calling it.
2615
2267da84
DH		 2616- Both host and subnet6 configuration groups are now included whether a
2617 fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes
2618 precedence. This fixes two bugs, one where host scoped configuration
2619 would not be included from a non-fixed-address6 host record, and the equal
2620 and opposite bug where subnet6 scoped configuration would not be used when
571c38b0 2621 over-riding values were not present in a matching fixed-address6 host
2267da84
DH		 2622 configuration.
2623
cd3f0b9b
DH		 2624- ./configure now checks to ensure the intX_t and u_intX_t types are defined,
2625 correcting a compilation failure when using Sun's compiler.
2626
0493fdca
SR		 2627- Modified the handling of a connection to avoid releasing the omapi io
2628 object for the connection while it is still in use. One symptom from
2629 this error was a segfault when a failover secondary attempted to connect
2630 to the failover primary if their clocks were not synchronized.
2631
95bba8b6
SR		 2632- Clean up to allow compilation with gcc 2.95.4 on FreeBSD. Remove an
2633 extra semi-colon from common/dns.c and moved setting a variable to NULL
2634 in server/dhcpv6.c to allow the compiler to decide that the variable
9a111ee8 2635 was always properly set.
95bba8b6 2636
adbef119 2637 Changes since 4.1.0b1
ebf076fe
EH		 2638
2639- A missing "else" in dhcrelay.c could have caused an interface not to
2640 be recognized.
61d75ea2 2641
a4ffedd1
DH		 2642 Changes since 4.1.0a2
2643
2644- A cosmetic bug in DHCPDECLINE processing was fixed which caused all
2645 successful DHCPDECLINEs to be logged as "not found" rather than
2646 "abandoned".
2647
6ff3b26d
FD		 2648- Added configuration file examples for DHCPv6.
2649
1387545f
DH		 2650- Some failover debugging #defines have been better defined and some
2651 high frequency messages moved to a deeper debugging symbol.
2652
2653- The CLTT parameter in failover is now only updated by client activity,
2654 and not by failover binding updates (taking on the peer's CLTT).
2655
2656- Failover BNDUPD messages are now discarded if they conflict with an
d7ac7a27 2657 update that has been transmitted, but not acknowledged.
1387545f 2658
399d3dbe
DH		 2659- A bug cleaning up unknown-xxx temporary option definitions was fixed.
2660
fbcee149
DH		 2661- Delayed-ack is now a compile-time option, compiled out by default.
2662 This feature is simply too experimental for right now, and causes
2663 some problems to some failover installations. We will revisit this
2664 in future releases.
2665
f1672d89
DH		 2666- The !inet_pton() call in res_mkupdrec was adjusted to '<= 0' as
2667 inet_pton returns either 1, 0, or -1.
2668
236d3a99
DH		 2669- A dhclient-script for MacOS X has been included, which enables
2670 'dhclient -6' support.
2671
efa5e6b9
DH		 2672- DDNS removal routines were updated so that the DHCID is not removed until
2673 the client has been deprived of all A and AAAA records (not only the last
2674 one of either of those). This resolves a bug where dual stack clients
2675 would not be able to regain their names after either expiration event.
2676
7d6180be 2677 Changes since 4.1.0a1
edcb5c46
EH		 2678
2679- Corrected list of failover state values in dhcpd man page.
2680
51e7687f
EH		 2681- Fixed a bug that caused some request types to be logged incorrectly.
2682
20210a7b
EH		 2683- Clients that sent a parameter request list containing the
2684 routers option before the subnet mask option were receiving
2685 only the latter. Fixed.
2686
535485df
EH		 2687- The server wasn't always sending the FQDN option when it should.
2688
8fbb55ff
DH		 2689- A partner-down failover server no longer emits 'peer holds all free leases'
2690 if it is able to newly-allocate one of the peer's leases.
2691
61220a00
EH		 2692- Fixed a coredump when adding a class via OMAPI.
2693
c40e954c
EH		 2694- Check whether files are zero length before trying to parse them.
2695
63971a83
DH		 2696- Ari Edelkind's PARANOIA patch has been included and may be compiled in
2697 via two ./configure parameters, --enable-paranoia and
2698 --enable-early-chroot.
2699
66cebfcb
DH		 2700- ./configure was extended to cover many optional build features, such
2701 as failover, server tracing, debugging, and the execute() command.
2702
f8cbf390
DH		 2703- There is now a default 1/4 of a second scheduled delay between delayed
2704 fsync()'s, it can be configured by the max-ack-delay configuration
2705 parameter.
2706
8269561d
DH		 2707- A bug was fixed where the length of a hostname was miscalculated, so that
2708 hosts were given odd-looking domain names ("foo.bar.ba.example.com").
2709
b445a411
DH		 2710- Shared network selection should be done from the innermost relay
2711 valid link-address field, rather than the outermost.
2712
bd72740e
FD		 2713- Prefix pools are attached to shared network scopes.
2714
9322442f
FD		 2715- Merged IA_XX related structures.
2716
8dea7ba7
FD		 2717- Add DHCPv6 files in configure.
2718
4619c0a2
DH		 2719- A memory leak when using omapi has been fixed.
2720
9ac4206a
DH		 2721- DHCPv6 vendor-class options (VSIO) are now only sent when they appear
2722 on the DHCPv6 ORO. This resolves a bug where VSIO options were placed
2723 in IA_NA encapsulated options fields.
2724
420d8b3f
FD		 2725- Integrated client with stateless, temporary address and prefix delegation
2726 support.
2727
40ec5f38
DH		 2728- A double-dereference in dhclient transmission of DHCPDECLINEs was
2729 repaired.
2730
80097764
FD		 2731- Fix handling of format code 'Z'.
2732
ffbaa880
FD		 2733- Support "-1" argument in DHCPv6.
2734
7de20a95
EH		 2735- Merge DHCPv6-only "dhcrelay6" into general-purpose "dhcrelay" (use
2736 "-6" option to select DHCPv6 mode).
2737
d352732e
EH		 2738- Fix handling of -A and -a flags in dhcrelay; it was failing to expand
2739 packet size as needed to add relay agent options.
2740
7d6180be
DH		 2741- A bug in subnet6 parsing where options contained in subnet6 clauses would
2742 not be applied to clients addressed within that network was repaired.
2743
2744- When configuring a "subnet {}" or "subnet6 {}" without an explicit
2745 shared-network enclosing it, the DHCP software would synthesize a
2746 shared-network to contain the subnet. However, all configuration
2747 parameters within the subnet more intuitively belong "to any client
2748 on that interface", or rather the synthesized shared-network. So,
2749 when a shared-network is synthesized, it is used to contain the
2750 configuration present inside the subnet {} clause. This means that
2751 the configuration will be valid for all clients on that network, not
2752 just those addressed out of the stated subnet. If you intended the
2753 opposite, the workaround is to explicitly configure an empty
2754 shared-network.
2755
2756- A bug was fixed where Information-Request processing was not sourcing
2757 configured option values.
2758
2759- A warning was added since the DHCPv6 processing software does not yet
2760 support class statements.
2761
adb95d23 2762- Compilation warnings on GCC 4.3 relating to bootp source address
dd484ced
DH		 2763 selection were repaired.
2764
ecddae64
DH		 2765- The v6 BSD socket method was updated to use a single UDP BSD socket
2766 no matter how many interfaces are involved, differentiating the
2767 interfaces the packets were received on by the interface index supplied
2768 by the OS.
2769
2770- The relay agent no longer listens to the All DHCP Servers Multicast
2771 address.
2772
2773- A bug was fixed in data_string_sprintfa() where va_start was only called
2774 once for two invocations of vsprintf() variants.
2775
d104d45b
DH		 2776- ERO (RFC 4994) server support.
2777
2778- Basic and partial DHCPv6 leasequery support.
2779
2780- Reliable DHCPv6 release (previous behavior, send release and exit, is
2781 still available with dhclient -6 -1 -r).
2782
01a54c17 2783 Changes since 4.0.0 (new features)
3c12f746 2784
6d7f9584
FD		 2785- Added DHCPv6 rapid commit support.
2786
4cafb815 2787- Added explicit parser support for zero-length DHCP options, such as
6d7f9584 2788 rapid-commit, via format code 'Z'.
4cafb815 2789
022fe95e
EH		 2790- It's now possible to update the "ends" field of a lease with OMAPI.
2791 This is useful if you want not only to release a lease, but also make
2792 it available for reuse right away. Hat tip to Christof Chen.
2793
9a111ee8 2794- Fixed definition of the iaaddr hash functions to use the correct
1dcc3612
SK		 2795 functions when referencing and dereferencing memory.
2796
aabfa4de
FD		 2797- Some definitions not in phase with the IANA registry were updated.
2798
0674055a
FD		 2799- Allocated interface IDs are better controlled ('u' bit set to zero,
2800 reserved IDs avoided).
2801
b51c785f
FD		 2802- Unicast options are taken into account only for RENEWs.
2803
900405e9
FD		 2804- NoAddrsAvail answers to SOLICITs are always ADVERTISEs even when a SOLICIT
2805 carries a rapid-commit option.
2806
96b620e5
FD		 2807- Return in place of raise an impossible condition when one tries to release
2808 an empty active lease.
2809
be62cf06
FD		 2810- Timer granularity is now 1/100s in the DHCPv6 client.
2811
01a54c17
EH		 2812- The dhclient-script was updated to create a host route for the default
2813 gateway if the supplied subnet mask for an IPv4 address was a /32. This
2814 allows the client to work in 'captive' network environments, where the
2815 operator does not want clients to crosstalk directly.
2816
adb95d23 2817- MINUS tokens should be parsable again.
01a54c17
EH		 2818
2819- Multiple (up to "delayed-ack x;" maximum) DHCPv4 packets are now queued and
2820 released in bursts after single fsync() events when the upper limit is
2821 reached or if the receiving sockets go dry. The practical upshot is
2822 that fsync-coupled server performance is now multiplicitively increased.
2823 The default delayed ack limit is 28. Thanks entirely to a patch from
2824 Christof Chen.
2825
2826 Changes since 4.0.0 (bug fixes)
2827
2828- DHCP now builds on AIX.
2829
2830- Exit with warning when DHCPv6-specific statements are used in the
2831 config file but -6 is not specified.
2832
2833- Fixed "--version" flag in dhcrelay
2834
2835- The 'min-secs' configuration parameter's log message has been updated to
2836 be more helpful.
2837
2838- The warning logged when an address range doesn't fit in the subnets
2839 they were declared has been updated to be more helpful and identify the
2840 typo in configuration that created the spanning addresses.
2841
2842- A bug in failover pool rebalancing that caused POOLREQ message ping-pongs
2843 was repaired.
2844
2845- A flaw in failover pool rebalancing that could cause POOLREQ messages to
2846 be sent outside of the min-balance/max-balance scheduled intervals has
2847 been repaired.
2848
2849- A cosmetic bug during potential-conflict recovery that caused the peer's
2850 'conflict-done' state message to be logged as 'unknown-state' has been
2851 repaired. It is now logged correctly.
2852
49f61135
DH		 2853- A bug was fixed where the 'giaddr' may be used to find the client's subnet
2854 rather than its own 'ciaddr'.
2855
41d4652f
DH		 2856- A log message was introduced to clarify the situation where a failover
2857 'address' parameter (the server's local address) did not resolve to an
2858 IPv4 address.
2859
2c9bf1f4
DH		 2860- The minimum site code value was set to 224 in 3.1.0 to track RFC3942. This
2861 broke a lot of legacy site local configurations. The new code in place will
2862 track site local space minimum option codes and logs a warning to encourage
2863 updates and exploration of site local code migration problems. Option
2864 codes less than 128 in site local spaces remain inaccessible.
2865
2866- A possible relay agent option bug was repaired where random server
2867 initialization state may have been used to signal the relay agent
2868 information options sub-option code for the 'END' of the option space.
2869
cff9b78f
SK		 2870- Fixes to allow code to compile and run on Solaris 9.
2871
c4d29896
SK		 2872- Fixes to allow code to compile on Mac OS X Leopard (10.5).
2873
57fcb8d9
SK		 2874- When server is configured with options that it overrides, a warning is
2875 issued when the configuration file is read, rather than at the time the
2876 option is overridden. This was important, because the warning was given
9a111ee8 2877 every time the option was overridden, which could create a lot of
57fcb8d9
SK		 2878 unnecessary logging.
2879
219a65eb
DH		 2880- Fixed a compilation problems on platforms that define a value for FDDI,
2881 which conflicts with a dhcp configuration syntax token by the same name.
2882
ffdf3c8c
DH		 2883- When a failover server suspects it has encountered a peer running a
2884 version 3.0.x failover server, a warning that the failover wire protocol
2885 is incompatible is printed.
2886
2887- The failover server no longer issues a floating point error if it encounters
2888 a previously undefined option code.
2889
00a002fc
MA		 2890- Fix startup error messages to report a missing "subnet6 declaration", rather
2891 than a missing "subnet declaration", when running as a DHCPv6 server.
2892
9a111ee8 2893- DHCPv6 client timestamp in DUID was based on the year 1970 rather
7e9f7a1b
FD		 2894 than the year 2000.
2895
e2cfde76
FD		 2896- Warn when attempting to use a hardware parameter in DHCPv6.
2897
cabdb9b1
FD		 2898- DHCPv6 released resources are now marked as released by the client.
2899
5d89d60f
FD		 2900- 'Soft' bindings have no more side-effects.
2901
61d75ea2
DH		 2902 Changes since 4.0.0b3
2903
2904- The reverse dns name for PTR updates on IPv6 addresses has been fixed to
2905 use ip6.arpa. rather than default to in-addr.arpa and require user
2906 configuration.
76db44f9 2907
e32529a5
EH		 2908- dhc6_lease_destroy() and dhc6_ia_destroy() now set lease and IA pointers
2909 to NULL after freeing, to prevent subsequent accesses to freed memory.
2910
9a111ee8 2911- The DHCPv6 server would not send the preference option unless the
76db44f9
SK		 2912 client requested it, via the ORO. This has been fixed, so the DHCPv6
2913 server will always send the preference value if it is configured.
e4a6be15 2914
9a111ee8
TM		 2915- When addresses were passed as hints to the server in an IA, they were
2916 incorrectly handled, sometimes being treated as an error. Now the
6f76de58
SK		 2917 server will treat these as hints and ignore them if it cannot supply
2918 a requested address.
2919
703873ab
DH		 2920- If the client had multiple addresses, and one expired (was not renewed
2921 by the server), the client would continue to attempt to renew the same
2922 old address over and over. Now, the client will omit any expired
2923 addresses from future Confirm, Renew, or Rebind messages.
2924
2925- dhclient -6 will now select renew/rebind timers based upon the longest
2926 address expiration time rather than the shortest expiration time, in
2927 order to avoid cascading renewals in the event a server elects not to
2928 extend one of multiple IAADDR leases.
2929
b024480e
DH		 2930- The server now limits clients that request multiple addresses to one
2931 address per IA by default, which can be adjusted through the
2932 "limit-addrs-per-ia" configuration option.
2933
c0216cb7
DH		 2934- The DHCPv6 client now issues fresh transaction IDs on Renew and Rebind
2935 message exchanges, rather than using the most recent ID.
2936
1ac57173
FD		 2937- The DHCPv6 server now replies to Information-Request messages.
2938
83835822
DH		 2939- A bug was fixed in the dhclient-script for BSDs to correctly carry error
2940 codes through some conditions.
2941
c54db708
FD		 2942- The parsing of some options in the dhclient lease file, in particular
2943 the success DHCPv6 status-code, was fixed.
2944
e5d83524
DH		 2945- A bug was fixed that caused the DHCPv6 ORO option to be corrupted with
2946 seemingly random values.
2947
821f2dda
DH		 2948- A reference overleak in DHCPv6 shared network processing was repaired.
2949
f8b3c6f4
DH		 2950- ./configure now autodetects local database locations rather than trying
2951 to put dhcpd.leases and dhclient.leases in /usr/local/var/db, which no
2952 one ever has.
2953
9a111ee8
TM		 2954- Regression fix for bug where server advertised a IPv6 address in
2955 response to a SOLICIT but would not return the address in response
b9137d42
SK		 2956 to a REQUEST.
2957
9f1d5a2f
DH		 2958- A bug was fixed where the DHCPv6 server puts the NoAddrsAvail status
2959 code in the IA_NA was fixed. The status code now appears in the root
2960 level.
2961
e4a6be15
DH		 2962 Changes since 4.0.0b2
2963
65cf86d7
EH		 2964- Clarified error message when lease limit exceeded
2965
b1d3778c
DH		 2966- Relative time may now be used as a qualifier for 'allow' and 'deny' access
2967 control lists. These directives may be used to assist in re-addressing
2968 address pools without having to constantly reconfigure the server. Please
2969 see 'man dhcpd.conf' for more information on allow/deny 'after time' syntax.
2970 Thanks to a patch from Christof Chen.
2971
bead14ea
DH		 2972- The server will now include multiple IA_NA's and multiple IAADDRs within
2973 them, if advertised by the client. It still only seeks to allocate one
2974 new address.
2975
f765ec36
SK		 2976 Changes since 4.0.0b1
2977
75135a3f 2978- Use different paths for PID and lease files when running in DHCPv4
adb95d23 2979 or DHCPv6 mode, so that servers for both protocols can be run
75135a3f
EH		 2980 simultaneously on a single interface.
2981
5c2d55c7
EH		 2982- Fixed a buffer overflow error which could have allowed a denial
2983 of service under unusual server configurations
2984
2985- Eliminated a spurious error message from the client
2986
9a111ee8 2987- A number of bugs with the internal handling of lease state on the
f765ec36 2988 server have been fixed. Some of these could cause server crashes.
fa9b593d 2989
edb1283e
DH		 2990- The peer_wants_leases() changes pulled up from 3.1.0 were corrected,
2991 'never used' leases will no longer consistently shift between servers
2992 on every pool rebalance run.
2993
c71c6399
DH		 2994- sendmsg()/recvmsg() control buffers are now declared in such a way to
2995 ensure they are correctly aligned on all (esp. 64-bit) architectures.
2996
5279b8f3
DH		 2997- The client leasing subsystem was streamlined and corrected to account
2998 more closely for changes in client link attachment selection.
2999
ab3a540f 3000 Changes since 4.0.0a3
763cba6b 3001
9a111ee8 3002- The DHCP server no longer requires a "ddns-update-style" statement,
884a458f
SK		 3003 and now defaults to "none", which means DNS updates are disabled.
3004
fa9b593d
DH		 3005- Log messages when failover peer names mismatch have been improved to
3006 point out the problem.
3007
9a111ee8 3008- Bug where server advertised a IPv6 address in response to a SOLICIT
1b5053b5
SK		 3009 but would not return the address in response to a REQUEST. Thanks to
3010 Dennis Kou for finding the bug.
3011
c886c298
SK		 3012- Fixed an error causing the server to lock up on lease expiration,
3013 reported independently by Jothilingam Vasu and Dennis Kou.
3014
eaf7eb17
DH		 3015- Fixed a ./configure bug where compile tests were failing due to
3016 "-Werror" (unused variable) rather than the actual test failure. Lead
3017 to inconsistent and unworkable auto-configurations.
3018
109e00db
DH		 3019- Compilation with DLPI and -Werror has been repaired.
3020
9a111ee8 3021- Error in decoding IA_NA option if multiple interfaces are present
3ad9d48f
SK		 3022 fixed by Marcus Goller.
3023
8eab95f2
DH		 3024- DHCPv6 server Confirm message processing has been enhanced - it no
3025 longer replies only to clients with host {} records, it now replies
3026 as directed in RFC3315 section 18.2.2 - that is, to all clients
3027 regardless of the existence of bindings.
3028
07b9a351
DH		 3029- A core dump during expired lease cleanup has been repaired.
3030
7285af30
DH		 3031- DDNS updates state information are now stored in 'binding scopes' that
3032 follow the leases through their lifecycles. This enables DDNS teardowns
3033 on leases that are assigned and expired inbetween a server restart (the
3034 state is recovered from dhcpd.leases). Arbitrary user-specified binding
3035 scopes ('set var = "value";') are not yet supported.
3036
2394b26b
DH		 3037- Additional compilation problems on HP/UX have been repaired.
3038
ab3a540f
SK		 3039 Changes since 4.0.0a2
3040
97050349
SK		 3041- Fix for startup where there are no IPv4 addresses on an interface.
3042 Thanks to Marcus Goller for reporting the bug.
3043
763cba6b 3044- Fixed file descriptor leak on listen failure. Thanks to Tom Clark.
e889ded1 3045
237f8d3a 3046- Bug in server configuration parser caused server to get stuck on
9a111ee8 3047 startup for certain bad pool declarations. Thanks to Guillaume
237f8d3a
SK		 3048 Knispel for the bug report and fix.
3049
28868515
SK		 3050- Code cleaned to remove warnings reported by "gcc -Wall".
3051
d00d373a
SK		 3052- DHCPv6 is now the default. You can disable DHCPv6 support using the
3053 "--disable-dhcpv6" flag when you run the configure script.
3054
8dfd5744
DH		 3055- An internal database inconsistency bug was repaired where the server
3056 would segfault if a client attempted to renew a lease that had been
3057 loaded from persistent storage.
3058
45d545f0 3059- 'request' and 'also request' syntaxes have been added to accommodate
0c20eab3
DH		 3060 the DHCPv6 client configuration. 'send dhcp6.oro' is no longer
3061 necessary.
3062
9a111ee8
TM		 3063- Bug fixed where configuration file parsing did not work with
3064 zero-length options; this made it impossible to set the
f800f4f6
SK		 3065 rapid-commit option.
3066
845e9677
DH		 3067- Bogus messages about host records with IPv4 fixed-addresses being of
3068 non-128-bits in length were removed.
3069
76c944da
SK		 3070 Changes since 4.0.0a1
3071
71765b58
SK		 3072- Bug in octal parsing fixed. Thanks to Bernd Fuhrmann for the report
3073 and fix.
3074
847e7000
SK		 3075- Autoconf now supplies proper flags for Solaris DHCPv6 builds.
3076
bda33169
SK		 3077- Fix for parsing error on some IPv6 addresses.
3078
9b21e73e
SK		 3079- Invalid CIDR representation for IPv6 subnets or ranges now checked
3080 for when loading configuration.
3081
8da06bb1
DH		 3082- Compilation on HP/UX has been repaired. The changes should generally
3083 apply to any architecture that supplies SIOCGLIFCONF but does not
3084 use 'struct lifconf' structures to pass values.
3085
dd328225
DH		 3086- Two new operators, ~= and ~~, have been integrated to implement
3087 boolean matches by regular expression (such as may be used in
3088 class matching statements). Thanks to a patch by Alexandr S.
3089 Agranovsky, which underwent slight modification.
3090
76c944da
SK		 3091- Fix for icmp packets on 64-bit systems (bug introduced in 4.0).
3092
f796f70a
DH		 3093- A bug was fixed in interface discovery wherein an error identifying
3094 a server-configured interface with no IPv4 addresses would SEGV.
76c944da 3095
c11f349d
EH		 3096- Fixed a bug in which write_lease() might report a failure incorrectly
3097
af5fa176
EH		 3098- Added support for DHCPv6 Release messages
3099
3100- Added -x option to dhclient, which triggers dhclient processes
3101 to exit gracefully without releasing leases first
3102
a546f2a7
EH		 3103- All binaries (client, server, relay) now change directories
3104 to / before going into daemon mode, so as not to hold $CWD open
3105
b55d0d5f
EH		 3106- Fixed a bug parsing DHCPv6 client-id's in host-identifier statements
3107
26be82af
DH		 3108- Fixed a bug with the 'ddns-updates' boolean server configuration
3109 parameter, which caused the server to fail.
3110
98bd7ca0
DH		 3111 Changes since 4.0.0-20070413
3112
d9b43370
SK		 3113- Old (expired) leases are now cleaned.
3114
8c1752d2
DH		 3115- IPv6 subnets now have support for arbitrary allocation ranges via
3116 a new 'range6' configuration directive.
3117
98bd7ca0
DH		 3118- An obviated option code hash lookup to find D6O_CLIENTID was removed.
3119
a512d11b
DH		 3120- Corrected some situations where variables might be used without being
3121 initialized.
3122
3123- Silenced several other compiler warnings.
3124
3125- Include the more standard sys/uio.h rather than rely upon other
f66f02cc
DH		 3126 header files to include it (fixes a BSD 4.2 compile failure).
3127
3128- Duplicate dhclient-script updates for DHCPv6 to all provided scripts.
a512d11b 3129
4ba58919
DH		 3130- DHCPv4 I/O methods that failed to sense hardware address were corrected.
3131
3132- DHCPv4 is now the default (as documented) rather than DHCPv6. The default
3133 was set to DHCPv6 to facilitate ease early development, and forgotten.
3134
3135- Corrected a segmentation violation in DHCPv4 socket processing.
3136
8ea19a71 3137- dhclient will now fork() into the background once it binds to an
45d545f0 3138 IPv6 address, or immediately if the -n flag is supplied.
8ea19a71
DH		 3139
3140- -q is now the default behaviour on dhclient, with -d or -v enabling
3141 non-quiet (stderr logging) mode.
3142
2cf8d0bd
DH		 3143- Fix documentation of the domain-search atom (quoted, with commas).
3144
3145- Document DHCPv6 options presently in the default table.
3146
fe5b0fdd
DH		 3147- Replaced ./configure shellscripting with GNU Autoconf.
3148
98bd7ca0
DH		 3149 Changes since 3.1.0 (NEW FEATURES)
3150
3151- DHCPv6 Client and Server protocol support. Use '-6' to run the daemons
3152 as v6-only. Use '-4' to run the daemons as v4-only (default. There is
3153 no support currently for both.
3154
3155- Server support for multiple IA_NA options, containing at most one
3156 IAADDR option.
3157
3158- Client support for one IA_NA option, containing any number of IAADDR
3159 options.
3160
3161- Server support for the DHCPv6 Information-request message.
3162
3163- Inappropriate unicast DHCPv6 messages sent to the server are now
3164 discarded, and this has rearchitected the IO system slightly.
3165
3166- The DHCPv6 server DUID defaults to type 1, is persistently stored in
3167 the leases database, and can be over-ridden (either completely, or by
3168 specifying type 1 or type 2).
3169
3170- The server only uses Rapid-Commit if it has been configured with the
3171 Rapid-Commit option and the client requests it.
3172
3173- DDNS support. We now update AAAA records in the same place we would
3174 update A records, if we have an IPv6 address. We also generate IP6.ARPA
3175 style names for PTR records if we're dealing with an IPv6 address. Both
3176 A and AAAA updates are done using the same 'fqdn.' virtual option space
3177 (although the DHCPv4 FQDN and DHCPv6 FQDN options are formatted
3178 differently, they both use the same code here).
3179
3180- The Linux dhclient-script attempts to set and remove assigned addresses,
3181 and to configure /etc/resolv.conf from nameserver and domain name
3182 configurations. It can be extended to configure other parameters.
3183
3184- Initial DHCPv6 lease support.
3185
3186- The IO system now tracks all local IP addresses, so that the DHCP
3187 applications (particularly the dhcrelay) can discern between what frames
3188 were transmitted to it, and what frames are being carried through it which
3189 it should not intercept.
3190
1418fd11
DH		 3191 Changes since 3.1.0 (Maintenance)
3192
3193- A bug was repaired where MAC Address Affinity for virgin leases always
3194 mapped to the primary. Virgin leases now have an interleaved preference
3195 between primary and secondary.
3196
3197- A bug was repaired where MAC Address Affinity for clients with no client
3198 identifier was sometimes mishashed to the peer. Load balancing during
3199 runtime and pool rebalancing were opposing.
3200
aa3e348e
DH		 3201- An assertion in lease counting relating to reserved leases was repaired.
3202
e9c59645
DH		 3203- The subnet-mask option inclusion now conforms with RFC2132 section 3.3;
3204 it will only appear prior to the routers option if it is present on the
3205 Parameter-Request-List. The subnet-mask option will also only be
3206 included by default (if it is not on the PRL) in response to DISCOVER
3207 or REQUEST messages.
3208
3209- The FQDN option is only supplied if the client supplied an FQDN option or
3210 if the FQDN option was explicitly requested on the PRL.
3211
c104546d
DH		 3212- Dynamic BOOTP leases are now load balanced in failover.
3213
b9d0cc05
DH		 3214 Changes since 3.1.0rc1
3215
adb95d23 3216- The parse warning that 'deny dynamic bootp;' must be configured for
b9d0cc05
DH		 3217 failover protected subnets was removed.
3218
a512cc3a
DH		 3219 Changes since 3.1.0b2
3220
3221- Failover rebalance events no longer play ping pong with round errors
3222 (moving leases between free and back to backup where there are an
3223 odd number of leases).
3224
3225- The 'pool' log line has been split into two messages, one before the
3226 rebalance run, and one after.
3227
3228- Any queued BNDACKs are transmitted before transmitting new BNDUPDs.
3229 This enforces the correct sequence of events for the remote server
3230 processing these messages.
3231
fe5b0fdd 3232 Changes since 3.1.0b1
27837f95 3233
74dc3e0b
EH		 3234- Fixed a bug that caused OMAPI clients to freeze when opening lease
3235 objects.
3236
1ba87b37
EH		 3237- A new server config option "fqdn-reply" specifies whether the server
3238 should send out option 81 (FQDN). Defaults to "on". If set to "off",
3239 the FQDN option is not sent, even if the client requested it. This is
3240 needed because some clients misbehave otherwise. Thanks to Christof Chen
3241 at Allianz.
3242
a58da042
EH		 3243- Allow trace output files (-tf option) to be overwritten, rather than
3244 crashing dhcpd if the file already exists
3245
61252edf
EH		 3246- A bug was fixed that caused dhcpd to segfault if a pool was declared
3247 outside the scope of a subnet in dhcpd.conf.
3248
27837f95
DH		 3249- Some uninitialized values were repaired in dhcpleasequery.c that
3250 caused the server to abort.
3251
4d2eaafb
DH		 3252- A new server config option, 'do-reverse-updates', has been added
3253 which causes the server to abstain from performing updates on PTR
3254 records. Thanks to a patch from Christof Chen at Allianz.
3255
06211b40
DH		 3256- A bug was repaired in subencapsulation support, where spaces separated
3257 by empty spaces would not get included.
3258
d6614ea2
DH		 3259- A bug in dhclient was repaired which caused it to send parameter request
3260 lists of 55 bytes in length no matter how long the declared PRL was.
3261
132d38f2
DH		 3262- 'dhcp.c(3953): non-null pointer' has been repaired. This fixes a flaw
3263 wherein the DHCPv4 server may ignore a configured server-identifier.
3264
fc3b9c90
DH		 3265- A flaw in failover startup sequences was repaired that sometimes left
3266 the primary DHCP server's pool rebalance schedules unscheduled.
3267
c9feb859
DH		 3268- Corrected a flaw that broke encapsulated spaces included due to presence
3269 on the parameter request list.
3270
c57db45c
SK		 3271 Changes since 3.1.0a3
3272
3273- Some spelling fixes.
98311e4b 3274
bd2bc2fa
DH		 3275 Changes since 3.1.0a2
3276
3277- A bug was fixed where attempting to permit leasequeries results in a
3278 fatal internal error, "Unable to find server option 49".
3279
85edef5c
DH		 3280- A bug was fixed in dhclient rendering the textual output form of the
3281 domain-search option syntax.
3282
bdddcb7d
DH		 3283 Changes since 3.1.0a1
3284
3285- A bug in the FQDN universe that added FQDN codes to the NWIP universe's
3286 hash table was repaired.
3287
616d67cb
DH		 3288- The servers now try harder to transmit pending binding updates when
3289 entering normal state.
3290
3291- UPDREQ/UPDREQALL handling was optimized - it no longer dequeues and
3292 requeues all pending updates. This should reduce the number of spurious
66c8f734
DH		 3293 'xid mismatch' log messages.
3294
3295- An option definition referencing leak was fixed, which resulted in early
3296 termination of dhclient upon the renewal event.
616d67cb 3297
6708d944
DH		 3298- Some default hash table sizes were tweaked, some upwards, some downwards.
3299 3.1.0a1's tables resulted in a reduction in default server memory use.
3300 The new selected values provide more of a zero sum (increasing the size
3301 of tables likely to be populated, decreasing the size of tables unlikely).
3302
45d545f0 3303- Lease structures appear in three separate hashes: by IP address, by UID,
6708d944
DH		 3304 and by hardware address. One type of table was used for all three, and
3305 improvements to IP address hashing were applied to all three (so UID and
3306 hardware addresses were treated like 4-byte integers). There are now two
3307 types of tables, and the uid/hw hashes use functions more appropriate
3308 to their needs.
3309
3310- The max-lease-misbalance percentage no longer causes scheduled rebalance
3311 runs to be skipped: it still governs the schedule, but every scheduled
3312 run will attempt balance.
3313
a7ee93fe
DH		 3314- A segfault bug in recursive encapsulation support has been corrected.
3315
98311e4b
DH		 3316 Changes since 3.0 (New Features)
3317
3318- A workaround for certain STSN servers that send a mangled domain-name
3319 option was introduced for dhclient. The client will now accept corrupted
3320 server responses, if they contain a valid DHCP_MESSAGE_TYPE (OFFER, ACK,
3321 or NAK). The server will continue to not accept corrupt client packets.
3322
98bd7ca0 3323- Support for 'reserved' (pseudo-static) and BOOTP leases via failover
a55ccdd0 3324 was introduced.
98311e4b
DH		 3325
3326- Support for adding, removing, and managing class and subclass statements
3327 via OMAPI.
3328
a55ccdd0
DH		 3329- The failover implementation was updated to comply with revision 12 of
3330 the protocol draft.
3331
98311e4b
DH		 3332- 'make install' now creates the initial zero-length dhcpd.leases file if
3333 one does not already exist on the system.
3334
b43c87ad 3335- RFC3942 compliance, site-local option spaces start at 224 now, not 128.
b43c87ad 3336
0b17f049
DH		 3337- The Load Balance Algorithm was misimplemented. The current implementation
3338 matches RFC 3074.
3339
2727c1cf
DH		 3340- lcase() and ucase() configuration expressions have been added which adjust
3341 their arguments from upper to lower and lower to upper cases respectively.
2714a8ef 3342 Thanks to a patch from Albert Herranz.
2727c1cf 3343
febbd402
DH		 3344- The dhclient 'reject ...;' statement, which rejects leases given by named
3345 server-identifiers, now permits address ranges to be specified in CIDR
7d7073e7 3346 notation. Thanks to a patch from David Boyce.
febbd402 3347
ee912528
DH		 3348- The subnet-mask option is now supplied by default, but at lowest
3349 priority. This helps a small minority of clients that provide parameter
3350 request lists, but do not list the subnet-mask option because they were
3351 designed to interoperate with a server that behaves in this manner.
3352
3353- The FQDN option is similarly supplied even if it does not appear on the
3354 parameter request list, but not to the exclusion of options that do
3355 appear at the parameter request list. Up until now it had ultimate
3356 priority over the client's parameter request list.
3357
f7fdb216 3358- Varying option space code and length bit widths (8/16/32) are now
51202707 3359 supported. This is a milestone in achieving RFC 3925 "VIVSO" and
f7fdb216
DH		 3360 DHCPv6 support.
3361
5e864416
DH		 3362- A new common (server or client) option, 'db-time-format local;', has
3363 been added which prints the local time in /var/db/dhcpd.leases rather
3364 than UTC. Thanks to a patch from Ken Lalonde.
3365
b500bd4c
DH		 3366- Some patches to improve DHCP Server startup speed from Andrew Matheson
3367 have been incorporated.
3368
2426234f
DH		 3369- Failover pairs now implement 'MAC Affinity' on leases moving from the
3370 active to free states. Leases that belonged to the failover secondary
3371 are moved to BACKUP state rather than FREE upon exiting EXPIRED state.
3372 If lease rebalancing must move leases, it tries first to move leases
3373 that belong to the peer in need.
3374
3375- The server no longer sends POOLREQ messages unless the pool is severely
3376 misbalanced in the peer's favor (see 'man dhcpd.conf' for more details).
3377
3378- Pool rebalance events no longer happen upon successfully allocating a
3379 lease. Instead, they happen on a schedule. See 'man dhcpd.conf' for the
3380 min-balance and max-balance statements for more information.
3381
334bf491
DH		 3382- The DHCP Relay Agent Information Option / Link Selection Sub-Option
3383 is now supported. (See RFC3527 for details).
3384
3004bebf
DH		 3385- A new DDNS related server option, update-conflict-detection, has been
3386 added. If this option is enabled, dhcpd will perform normal DHCID
3387 conflict resolution (the default). If this option is disabled, it will
3388 instead trust the assigned name implicitly (removing any other bindings
3389 on that name). This option has not been made available in dhclient.
3390
567e8561
DH		 3391- In those cases where the DHCP software manufactures an IP header (to
3392 transmit via bpf, lpf, etc), the IP TTL the software selects has been
3393 increased from 16 to 128. This is intended to match Microsoft Windows
3394 DHCP Client behaviour, to increase compatibility.
3395
a396d25f
DH		 3396- 'ignore client-updates;' now has behaviour that is different from
3397 'deny client-updates;'. The client's request is not truly ignored,
3398 rather it is encouraged. Should this value be configured, the server
3399 updates DNS as though client-updates were set to 'deny'. That is, it
3400 enters into DNS whatever it is configured to do already, provided it is
3401 configured to. Then it sends a response to the client that lets the
3402 client believe it is performing client updates (which it will), probably
3403 for a different name. In essence, this lets the client do as it will,
3404 ignoring this aspect of their request.
3405
dba5803b
DH		 3406- Support for compressed 'domain name list' style DHCP option contents, and
3407 in particular the domain search option (#119) was added.
3408
41e45067 3409- The DHCP LEASEQUERY protocol as defined in RFC4388 is now implemented.
6d103865
SK		 3410 LEASEQUERY lets you query the DHCP server for information about a lease,
3411 using either an IP address, MAC address, or client identifier. Thanks
3412 to a patch from Justin Haddad.
3413
41e45067
DH		 3414- DHCPD is now RFC2131 section 4.1 compliant (broadcast to all-ones ip and
3415 ethernet mac address) on the SCO platform specifically without any strange
3416 ifconfig hacks. Many thanks go to the Kroger Co. for donating the
3417 hardware and funding the development.
6d103865 3418
b543fea9
DH		 3419- A new common configuration executable statement, execute(), has been
3420 added. This permits dhcpd or dhclient to execute a named external
3421 program with command line arguments specified from other configuration
3422 language. Thanks to a patch written by Mattias Ronnblom, gotten to us
3423 via Robin Breathe.
3424
b22de500
DH		 3425- A new dhcp server option 'adaptive-lease-time-threshold' has been added
3426 which causes the server to substantially reduce lease-times if there are
3427 few (configured percentage) remaining leases. Thanks to a patch submitted
3428 from Christof Chen.
3429
96bbe8c5
SK		 3430- Encapsulated option spaces within encapsulated option spaces is now
3431 formally supported.
3432
b8221d95
DH		 3433 Changes since 3.0.6rc1
3434
3435- supersede_lease() now requeues leases in their respective hardware
3436 address hash bucket. This mirrors client identifier behaviour.
3437
c1e6c832
DH		 3438 Changes since 3.0.5
3439
f546c28b
DH		 3440- Assorted fixes for broken network devices: Packet length is now
3441 determined from the IP header length field to finally calculate the
3442 UDP payload length, because some NIC drivers return more data than
5a22eb63 3443 they actually received.
f546c28b
DH		 3444
3445- UDP packets are now stored in aligned data structures.
3446
c1e6c832
DH		 3447- A logic error in omapi interface code was repaired that might result in
3448 incorrectly indicating 'up' state when any flags were set, rather than
23e10d37
DH		 3449 specifically the INTERFACE_REQUESTED flag. Thanks to a patch from
3450 Jochen Voss which got to us via Andrew Pollock at Debian.
c1e6c832 3451
75ab3070
DH		 3452- A reference leak on binding scopes set by ddns updates was repaired.
3453
d69fb6a8 3454- A memory leak in the minires_nsendsigned() function call was repaired.
23e10d37 3455 Effectively, this leaked ~176 bytes per DDNS update.
d69fb6a8 3456
02428754
DH		 3457- In the case where an "L2" DHCP Relay Agent (one that does not set giaddr)
3458 was directly attached to the same broadcast domain as the DHCP server,
3459 the RFC3046 relay agent information option was not being returned to the
3460 relay in the server's replies. This was fixed; the dhcp server no longer
3461 requires the giaddr to reply with relay agent information. Note that
3462 this also improves compatibility with L2 devices that "intercept" DHCP
3463 packets and expect relay agent information even in unicast (renewal)
23e10d37
DH		 3464 replies. Thanks to a patch from Pekka Silvonen.
3465
3466- A bug was fixed where the BOOTP header 'sname' field had a value, the
3467 copy written to persistent storage was actually the contents of the
3468 'file' field.
02428754 3469
ecde99a3
DH		 3470- A bug was fixed where the nwip virtual option space was referencing
3471 the fqdn option's virtual option space's option cache.
3472
67674ffb
DH		 3473- Timestamp parsing errors that indicated missing "minutes" fields rather
3474 than the actually missing "seconds" fields have been repaired thanks to
3475 a patch from Kevin Steves.
3476
830ebc4c
DH		 3477- A grammar error in the dhclient.8 manpage was repaired thanks to a patch
3478 from Chris Wagner.
3479
c759db75
DH		 3480- Several spelling typos were repaired, and some cross-references to other
3481 relevant documents were included in the manpages, thanks to a patch
3482 by Andrew Pollock which got to us via Tomas Pospisek.
3483
9aa3f3a5
DH		 3484- Some bugs were fixed in the 'emergency relay agent options hologram'
3485 which is used to retain relay agent option contents from when the
3486 client was in INIT or REBIND states. This should solve problems where
3487 relay agent options were not echoed from the server, even when giaddr
3488 was set.
3489
3d0c598a
DH		 3490- dhclient now closes its descriptor to dhclient.leases prior to executing
3491 dhclient-script. Thanks to a patch from Tomas Pospisek.
3492
d5b6835f
DH		 3493- The server's "by client-id" and "by hardware address" hash table lists
3494 are now sorted according to the preference to re-allocate that lease to
3495 returning clients. This should eliminate pool starvation problems
3496 arising when "INIT" clients were given new leases rather than presently
3497 active ones.
3498
02428754 3499 Changes since 3.0.5rc1
0a73b7b6 3500
901306d5 3501- A bug was repaired in fixes to the dhclient, which sought to run the
0a73b7b6
SK		 3502 dhclient-script with the 'EXPIRE' state should it receive a NAK in
3503 response to a REQUEST. The client now iterates the PREINIT state
3504 after the EXPIRE state, so that interfaces that might be configured
3505 'down' can be brought back 'up' and initialized.
3506
87a08ccc
DH		 3507- DHCPINFORM handling for clients that properly set ciaddr and come to the
3508 server via a relay aget has been repaired.
3509
6da113fb
DH		 3510 Changes since 3.0.4
3511
3512- A warning that host statements declared within subnet or shared-network
3513 scopes are actually global has been added.
3514
3515- The default minimum lease time (if min-lease-time was not specified)
3516 was raised from 0 to 300. 0 is not thought to be sensible, and is
3517 known to be damaging.
3518
3519- Added additional fatal error sanity checks surrounding lease binding
3520 state count calculations (free/active counts used for failover pool
3521 balancing).
3522
dcc557db
DH		 3523- Some time value size fixes in 3.0.4 brought on from FreeBSD /usr/ports were
3524 misapplied to server values rather than client values. The server no longer
3525 advertises 8-byte lease-time options when on 64-bit platforms.
3526
1b2ab55f
DH		 3527- A bug where leases not in ACTIVE state would get billed to billed classes
3528 (classes with lease limitations) was fixed. Non-active leases OFFERed
3529 to clients are no longer billed (but billing is checked before offering).
3530
e48891e8
DH		 3531- The dhcpd.conf.5 manpage was updated in regard to the ddns-domainname
3532 configuration option - the default configuration and results should be
3533 more clear now.
3534
6cbc6629
DH		 3535- If the dhclient were to receive a DHCPNAK while it was in the RENEW
3536 state (and consequently, had an active, 'bound' address and related
3537 configuration options), it would fail to 'tear down' this information
3538 before proceeding into INIT state. dhclient now iterates the dhclient-
3539 script with the 'EXPIRE' action to cause these teardowns prior to entering
1d3bfb17 3540 INIT state. Thanks to a patch from Chris Zimmerman.
6cbc6629 3541
c5fec5fa
DH		 3542- The omapi.1 manpage had some formatting errors repaired thanks to a patch
3543 from Yoshihiko Sarumaru.
3544
33e1cb2b
DH		 3545- A few lines of code that were failover-specific were moved within
3546 #if defined() clauses so that compilation without failover could be
3547 made possible.
3548
2bddf829
DH		 3549- The log message emitted when the 'leased-address' value was not available
3550 in dhcpd.conf "executable statements" has been updated to be more helpful.
3551 Manpage information for this value has also been updated.
3552
87578987
DH		 3553- Abandoned or dissociated (err condition) leases now remove any related
3554 dynamic dns bindings. Thanks to a patch from Patrick Schoo.
3555
e77c575f
DH		 3556- Attempting to write a new lease file to replace a corrupt (due to
3557 encountering non-retryable errors during writing) lease file should
3558 no longer result in an infinite recursion.
3559
2178df03
DH		 3560- Host declaration hardware addresses and client identifiers may only be
3561 configured once. dhcpd will now fail to load config files that specify
3562 multiple identifiers (previous versions would silently over-ride the
3563 value with the later configured value).
3564
d5341d9b
SK		 3565- Several option codes that have been allocated since our last release
3566 have been named and documented.
3567
3568- Option names of the form "unknown-123" have been removed from the in-
3569 memory hash tables. In order to support options of these names that
3570 may appear in dhclient.leases or similar in previous versions, the
3571 parser will now find the new option code definition, or mock up a
3572 generic option code definition. This should result in a smooth
3573 transition from one name to the other, as the new name is used to
3574 write new output.
3575
6da113fb
DH		 3576 Changes since 3.0.4rc1
3577
3578- The dhcp-options.5 manpage was updated to correct indentation errors
3579 thanks to a patch from Jean Delvare.
3580
3581 Changes since 3.0.4b3
3582
3583- Some manual pages were clarified pursuant to discussion on the dhcp-server
3584 mailing list.
3585
88cd8aca
DH		 3586 Changes since 3.0.4b2
3587
45d545f0 3588- Null-termination sensing for certain clients that unfortunately require
88cd8aca
DH		 3589 it in DHCPINFORM processing was repaired.
3590
3591- The host-name option and a few others were moved from "X" format to "t"
3592 format to be compatible with new NULL handling functions.
3593
3594- DHCPINFORM processing is a little more careful about return addressing
3595 its responses, or if responding via a relay. The INFORM related
3596 messages also log the 'effective client ip address' rather than the
3597 client's supplied ciaddr (since some clients produce null ciaddrs).
3598
3599- The server was inappropriately sending leases to the RESET state in the
3600 event that multiple active leases were found to match a singly-identified
3601 client. This was changed to RELEASED (by accepting a different, ACTIVE
3602 binding, the client is implicitly releasing its lease). This repairs a
3603 bug wherein secondary servers in failover pairs detecting this condition
3604 move leases to RESET, and primaries refuse to accept that state
3605 transition (properly).
3606
3607- The memset-after-dmalloc() changes made in 3.0.4b1 have been backed out.
3608
3609 Changes since 3.0.4b1
3610
3611- Command line parsing in omshell was repaired - it no longer closes
3612 STDIN after reading one line.
3613
3614- The resolver library no longer closes the /etc/resolv.conf file
3615 descriptor it opened twice.
3616
3617- Changes to trailing NULL removal in 't' option-atoms has been rethought,
3618 it now includes 'd' (domain name) types, and tries hard not to rewind an
3619 option beyond the start of the text field it is un-terminating.
3620
3621 Changes since 3.0.3
3622
3623- A DDNS update handling function was misusing the DNS error codes, rather
3624 than the internal generic result enumeration. The result is a confusing
3625 syslog line, logging the wrong condition.
3626
3627- The DHCP Server was not checking pool balance in the case where it brought
3628 a non-ACTIVE lease out of storage for a client that was returning to use
3629 a lease it once had long ago, and had since expired.
3630
3631- Failover peers no longer bother to look for free leases to allocate when
3632 they already found the client's ACTIVE lease. DISCOVERs are load balanced
98bd7ca0 3633 whether freely-allocated or not, unless the server doubts the peer has
88cd8aca
DH		 3634 leases to allocate.
3635
3636- Fixed a bug in dhcrelay agent addition code that suppressed trailing
45d545f0 3637 PAD options - it was suppressing only one trailing PAD option, rather
88cd8aca
DH		 3638 than the entire block of them.
3639
3a16098f
DH		 3640! Fixed some unlikely overlapping-region memcpy() bugs in dhcrelay agent
3641 option addition and stripping code. Added a few sanity checks. Although
3642 highly improbable, due to requiring the reception of a DHCP datagram well
3643 in excess of all known to be used physical MTU limitations, it is possible
3644 this may have been used in a stack overflow security vulnerability. Thanks
3645 to a patch from infamous42md.
3646
3647! Added some sanity checks to OMAPI connection/authentication code.
3648 Although highly improbable, due to having to deliver in excess of 2^32
3649 bytes of data via the OMAPI channel, not to mention requiring dhcpd to
3650 be able to malloc() a memory region 2^32 bytes in size, it was possible
3651 this might have resulted in a heap overflow security vulnerability.
3652 Thanks to a patch from infamous42md.
88cd8aca
DH		 3653
3654- dmalloc() memset()'s the non-debug (data) portion of the allocated
3655 memory to zero. Code that memset()'s the result returned by dmalloc() to
3656 zero is redundant. These redundancies were removed.
3657
3658- Some type declaration corrections to u_int16_t were made in common/tr.c
4b97eaff 3659 (Token Ring support) thanks to a patch from Jason Vas Dias at Red Hat.
88cd8aca
DH		 3660
3661- A failover bug that was allowing leases that EXPIRED or were RELEASED
3662 where tsfp and tstp are identical timestamps to languish in these
3663 transitional states has been repaired. As a side effect, lease
3664 databases should be kept more consistent overall, not just for these
3665 transitional states.
3666
3667- If the lease db is deleted out from under the daemon, and it moves to rewrite
3668 the db, it will go ahead with the operation and move the new db into place
3669 once it detects the old db does not exist.
3670
3671- dhclient now ignores IRDA, SIT, and IEEE1394 network interfaces, as it
3672 is either nonsensical or (in the case of IEEE1394) is not known to support
3673 these interfaces. Thanks to Marius Gedminas and Andrew Pollock of Debian.
3674
3675- Some previously undocumented reasons for dhclient-script invoking has
45d545f0 3676 been documented in the dhclient-script.8 manpage.
88cd8aca
DH		 3677
3678- Failover potential expiry calculations (TSTP) have been corrected. Results
3679 should be substantially more consistent, and proper given the constraints.
3680
3681- Adjusted lease state validation checks in potential-conflict, to
3682 account for possible clock skew similarly to normal state, and several
3683 previously illegal transitions were made legal (ex: active->released).
3684
3685- An impossible sanity check was removed from omapi/buffer.c, thanks to a
3686 patch from 'infamous42md'.
3687
3688- An OMAPI host/network byte order problem in lease time values has been
3689 repaired.
3690
3691- Several minor bugs, largely relating to treating 8-byte time values as
3692 4-byte entities, have been repaired after careful review of the FreeBSD
3693 ports collection's patch set. Thanks to the nameless entities who have
3694 contributed to the FreeBSD ports.
3695
3696- When writing a trace file, the file is now created with permissions 0600,
3697 to help administrators avoid accidentally publicising sensitive config
3698 data.
3699
3700- The calculation of the maximum size of DHCP packets no longer includes
3701 Ethernet framing overhead. The result is that the 'Maximum Message
3702 Size' option advertised by clients, or the default value 576, is no
3703 longer reduced by 14 bytes, and instead directly reflects the IP level
3704 MTU (and the default, minimum allowed IP MTU of 576).
3705
3706- The special status of RELEASED/EXPIRED/RESET leases when a server
3707 is operating in partner-down was fixed. It no longer requires a
3708 lease be twice the MCLT beyond STOS to 'reallocate', and the expiry
3709 event to turn these into FREE leases without peer acknowledgement
3710 (after STOS+MCLT) has been repaired.
3711
3712- Compilation on older Solaris systems (lacking /usr/include/sys/int_types.h)
3713 has been repaired.
3714
3715- "append"ing a string onto the end of a "t" type option (such as the
3716 domain-name field) that had been improperly NULL-terminated by the
3717 DHCP server will no longer result in a truncated string containing
3718 only the option from the server, and not the expected appended value.
4b97eaff 3719 Thanks to a patch from Jason Vas Dias at Red Hat.
88cd8aca
DH		 3720
3721- File handlers on configuration state (config files and lease dbs) should
98bd7ca0 3722 be treated consistently, regardless of whether TRACING is defined or not.
88cd8aca 3723
45d545f0 3724- The Linux build environment has had some minor improvements - better
88cd8aca
DH		 3725 sensing of 64-bit pointer sizes (only used for establishing an icmp_id),
3726 and corrections to #if operators regarding LINUX_MAJOR should it ever
3727 move to 3.[01].x.
3728
3729- The server now tries harder to survive the condition where it is unable
3730 to open a new lease file to rewrite the lease state database.
3731
c75473d8
DH		 3732 Changes since 3.0.3b3
3733
3734- dhclient.conf documentation for interface {} was updated to reflect recent
3735 discussion on the dhcp-hackers mailing list.
3736
3737- In response to reports that the software does not compile on GCC 4.0.0,
3738 -Werror was removed from Makefile.conf for all platforms that used it.
3739 We will address the true problem in a future release; this is a temporary
3740 workaround.
3741
3742 Changes since 3.0.3b2
3743
3744- An error in code changes introduced in 3.0.3b2 was corrected, which caused
3745 static BOOTP clients to receive random addresses.
3746
3747 Changes since 3.0.3b1
3748
3749- A bug was fixed in BOOTPREQUEST handling code wherein stale references to
3750 host records would be left behind on leases that were not allocated to the
3751 client currently booting (eg in the case where the host was denied booting).
3752
3753- The dhcpd.conf.5 manpage was updated to be more clear in regards to
3754 multiple host declarations (thanks to Vincent McIntyre). 'Interim' style
3755 dynamic updates were also retouched.
3756
98311e4b
DH		 3757 Changes since 3.0.2
3758
3759- A bug was fixed where a server might load balance a DHCP REQUEST to its
45d545f0 3760 peer after already choosing not to load balance the preceding DISCOVER.
98311e4b
DH		 3761 The peer cannot allocate the originating server's lease.
3762
3763- In the case where a secondary server lost its stable storage while the
3764 primary was still in communications-interrupted, and came back online,
3765 the lease databases would not be fully transferred to the secondary.
3766 This was due to the secondary errantly sending an extra UPDREQ message
3767 when the primary made its state transition to PARTNER-DOWN known.
3768
3769- The package will now compile cleanly in gcc 3.3 and 3.4. As a side effect,
3770 lease structures will be 9 bytes smaller on all platforms. Thanks to
4b97eaff 3771 Jason Vas Dias at Red Hat.
98311e4b
DH		 3772
3773- Interface discovery code in DISCOVER_UNCONFIGURED mode is now
3774 properly restricted to only detecting broadcast interfaces. Thanks
4b97eaff 3775 to a patch from Jason Vas Dias at Red Hat.
98311e4b
DH		 3776
3777- decode_udp_ip_header was changed so that the IP address was copied out
3778 to a variable, rather than referenced by a pointer. This enforces 4-byte
3779 alignment of the 32-bit IP address value. Thanks to a patch from Dr.
3780 Peter Poeml.
3781
3782- An incorrect log message was corrected thanks to a patch from
3783 Dr. Peter Poeml.
3784
3785- A bug in DDNS was repaired, where if the server's first DDNS action was
3786 a DDNS removal rather than a DDNS update, the resolver library's
3787 retransmit timer and retry timer was set to the default, implying a
3788 15 second timeout interval. Which is a little excessive in a synchronous,
3789 single-threaded system. In all cases, ISC DHCP should now hold fast to
3790 a 1-second timeout, trying only once.
3791
3792- The siaddr field was being improperly set to the server-identifier when
3793 responding to DHCP messages. RFC2131 clarified the siaddr field as
3794 meaning the 'next server in the bootstrap process', eg a tftp server.
3795 The siaddr field is now left zeroed unless next-server is configured.
3796
3797- mockup_lease() could have returned in an error condition (or in the
3798 condition where no fixed-address was found matching the shared
3799 network) with stale references to a host record. This is probably not
3800 a memory leak since host records generally never die anyway.
3801
3802- A bug was repaired where failover servers would let stale client identifiers
3803 persist on leases that were reallocated to new clients not sending an id.
3804
3805- Binding scopes ("set var = value;") are now removed from leases allocated
3806 by failover peers if the lease had expired. This should help reduce the
3807 number of stale binding scopes on leases.
3808
3809- A small memory leak was closed involving client identifiers larger than
3810 7 bytes, and failover.
3811
3812- Configuring a subnet in dhcpd.conf with a subnet mask of 32 bits might
3813 cause an internal function to overflow heap. Thanks to Jason Vas Dias
4b97eaff 3814 at Red Hat.
98311e4b
DH		 3815
3816- Some inconsistencies in treating numbers that the lexer parsed as 'NUMBER'
3817 or 'NUMBER_OR_NAME' was repaired. Hexadecimal parsing is affected, and
3818 should work better.
3819
3820- In several cases, parse warnings were being issued before the lexical
3821 token had been advanced to the token whose value was causing an error...
3822 causing parse warnings to claim the problem is on the wrong token.
3823
3824- Host declarations matching on client identifier for dynamic leases will
3825 no longer match fixed-address host declarations (this is now identical
3826 to behaviour for host records matching on hardware address).
3827
3828 Changes since 3.0.2rc3
3829
3830- A previously undocumented configuration directive, 'local-address',
3831 was documented in the dhcpd.conf manpage.
3832
3833 Changes since 3.0.2rc2
3834
45d545f0 3835- Two variables introduced in 3.0.2b1 were used without being initialized
98311e4b
DH		 3836 in the case where neither the FILE nor SNAME fields were available for
3837 overloading. This was repaired.
3838
3839- A heretofore believed to be impossible corner case of the option
3840 overloading implementation turned out to be possible ("Unable to sort
3841 overloaded options after 10 tries."). The implementation was reworked
3842 to consider the case of an option so large it would require more than
3843 three chunks to fit.
3844
3845- Many other instances of variables being used without being initialized
3846 were repaired.
3847
3848- An uninitialized variable in omapi_io_destroy() led to the discovery
3849 that this function may result in orphaned pointers (and hence, a memory
3850 leak).
3851
3852 Changes since 3.0.2rc1
3853
3854- allocate_lease() was rewritten to repair a bug in which the server would
3855 try to allocate an ABANDONED lease when FREE leases were available.
3856
3857 Changes since 3.0.2b1
3858
3859- Some dhcp-eval.5 manpage formatting was repaired.
3860
3861 Changes since 3.0.1
3862
3863- A bug was fixed in the server's 'option overloading' implementation,
3864 where options loaded into the 'file' and 'sname' packet fields were
3865 not aligned precisely as rfc2131 dictates.
3866
3867- The FreeBSD client script was changed to support the case where a domain
3868 name was not provided by the server.
3869
3870- A memory leak in 'omshell' per each command line parsed was
3871 repaired, thanks to a patch from Jarkko Torppa.
3872
3873- Log functions writing to stderr were adjusted to use the STDERR_FILENO
3874 system definition rather than '2'. This is a no-op for 90% of platforms.
3875
3876- One call to trace_write_packet_iov() counted the number of io vectors
3877 incorrectly, causing inconsistent tracefiles. This was fixed.
3878
3879- Some expression parse failure memory leaks were closed.
3880
3881- A host byte order problem in tracefiles was repaired.
3882
3883- Pools configured in DHCPD for failover possessing permission lists that
adb95d23 3884 previously were assumed to not include dynamic bootp clients are now
98311e4b
DH		 3885 a little more pessimistic. The result is, dhcpd will nag you about just
3886 about most pools that possess a 'allow' statement with no 'deny' that
3887 would definitely match a dynamic bootp client.
3888
3889- The 'ddns-update-style' configuration warning bit now insists that
3890 the configuration be globally scoped.
3891
3892- Two memory leaks in dhclient were closed thanks to a patch from Felix
3893 Farkas.
3894
3895- Some minor but excellently pedantic documentation errors were fixed
3896 thanks to a patch from Thomas Klausner.
3897
3898- Bugs in operator precedence in executable statements have been repaired
3899 once again. More legal syntaxes should be parsed legally.
3900
3901- Failing to initialize a tracefile for any reason if a tracefile was
3902 specified is now a fatal error. Thanks to a patch from Albert Herranz.
3903
3904- Corrected a bug in which the number of leases transferred as calculated
3905 by the failover primary and sent to peers in POOLRESP responses may be
3906 incorrect. This value is not believed to be used by other failover
3907 implementations, excepting perhaps as logged information.
3908
3909- Corrected a bug in which 'dhcp_failover_send_poolresp()' was in fact
3910 sending POOLREQ messages instead of POOLRESP mesasges. This message
3911 was essentially ignored since failover secondaries effectively do not
3912 respond to POOLREQ messages.
3913
3914- Type definitions for various bitwidths of integers in the sunos5-5
3915 build of ISC DHCP have been fixed. It should compile and run more
3916 easily when built in 64-bit for this platform.
3917
3918- "allow known-clients;" is now a legal syntax, to avoid confusion.
3919
3920- If one dhcp server chooses to 'load balance' a request to its failover
3921 peer, it first checks to see if it believes said peer has a free
3922 lease to allocate before ignoring the DISCOVER.
3923
3924- log() was logging a work buffer, rather than the value returned by
3925 executing the statements configured by the user. In some cases,
3926 the work buffer and the intended results were the same. In some other
3927 cases, they were not. This was fixed thanks to a patch from Gunnar
3928 Fjone and directconnect.no.
3929
3930- Compiler warnings for some string type conversions was fixed, thanks
3931 to Andreas Gustafsson.
3932
3933- The netbsd build environments were simplified to one, in which
3934 -Wconversion is not used, thanks to Andreas Gustafsson.
3935
3936- How randomness in the backoff-cutoff dhclient configuration variable
3937 is implemented was better documented in the manpage, and the behaviour
3938 of dhclient in REQUEST timeout handling was changed to match that of
3939 DISCOVER timeout handling.
3940
3941- Omapi was hardened against clients that pass in null values, thanks
3942 to a patch from Mark Jason Dominus.
3943
3944- A bug was fixed in dhclient that kept it from doing client-side
3945 ddns updates. Thanks to a patch from Andreas Gustafsson, which
3946 underwent some modification after review by Jason Vas Dias.
3947
3948- Failover implementations disconnected due to the network between
3949 them (rather than one of the two shutting down) will now try to
3950 re-establish the failover connection every 5 seconds, rather than
3951 to simply try once and give up until one of them is restarted.
3952 Thanks to a patch from Ulf Ekberg from Infoblox, and field testing
3953 by Greger V. Teigre which led to an enhancement to it.
3954
3955- A problem that kept DHCP Failover secondaries from tearing down
3956 ddns records was repaired. Thanks to a patch from Ulf Ekberg from
3957 Infoblox.
3958
3959- 64bit pointer sizes are detected properly on FreeBSD now.
3960
3961- A bug was repaired where the DHCP server would leave stale references
3962 to host records on leases it once thought about offering to certain
3963 clients. The result would be to apply host and 'known' scopes to the
3964 wrong clients (possibly denying booting). NOTE: The 'mis-host' patch
3965 that was being circulated as a workaround is not the way this bug was
3966 fixed. If you were a victim of this bug in 3.0.1, you are cautioned
3967 to proceed carefully and see if it fixes your problem.
3968
3969- A bug was repaired in the server's DHCPINFORM handling, where it
3970 tried to divine the client's address from the source packet and
3971 would get it wrong. Thanks to Anshuman Singh Rawat.
3972
3973- A log message was introduced to help illuminate the case where the
3974 server was unable to find a lease to assign to any BOOTP client.
3975 Thanks to Daniel Baker.
3976
3977- A minor dhcpd.conf.5 manpage error was fixed.
3978
3979 Changes since 3.0.1rc14
3980
3981- The global variable 'cur_time' was centralized and is now uniformly of a
3982 type #defined in system-dependent headers. It had previously been defined
3983 in one of many places as a 32-bit value, and this causes mayhem on 64-bit
3984 big endian systems. It probably wasn't too healthy on little endian
3985 systems either.
3986
3987- A printf format string error introduced in rc14 was repaired.
3988
3989- AIX system-dependent header file was altered to only define NO_SNPRINTF
3990 if the condition used to #ifdef in vsnprintf in AIX' header files
3991 is false.
3992
3993- The Alpha/OSF system-dependent header file was altered to define
3994 NO_SNPRINTF on OS revisions older than 4.0G.
3995
3996- omapip/test.c had string.h added to its includes.
3997
3998 Changes since 3.0.1rc13
3999
4000! CAN-2004-0460 - CERT VU#317350: Five stack overflow exploits were closed
4001 in logging messages with excessively long hostnames provided by the
4002 clients. It is highly probable that these could have been used by
4003 attackers to gain arbitrary root access on systems using ISC DHCP 3.0.1
4004 release candidates 12 or 13. Special thanks to Gregory Duchemin for
4005 both finding and solving the problem.
4006
4007! CAN-2004-0461 - CERT VU#654390: Once the above was closed, an opening
45d545f0 4008 in log_*() functions was evidenced, on some specific platforms where
98311e4b
DH		 4009 vsnprintf() was not believed to be available and calls were wrapped to
4010 sprintf() instead. Again, credit goes to Gregory Duchemin for finding
4011 the problem. Calls to snprintf() are now linked to a distribution-local
4012 snprintf implementation, only in those cases where the architecture is
4013 not known to provide one (see includes/cf/[arch].h). If you experience
4014 linking problems with snprintf/vsnprintf or 'isc_print_' functions, this
4015 is where to look. This vulnerability did not exist in any previously
4016 published version of ISC DHCP.
4017
4018- Compilation on hpux 11.11 was repaired.
4019
4020- 'The cross-compile bug fix' was backed out.
4021
4022 Changes since 3.0.1rc12
4023
4024- Fixed a bug in omapi lease lookup function, to form the hardware
4025 address for the hash lookup correctly, thanks to a patch from
4026 Richard Hirst.
4027
4028- Fixed a bug where dhcrelay was sending relayed responses back to the
4029 broadcast address, but with the source's unicast mac address. Should
4030 now conform to rfc2131 section 4.1.
4031
4032- Cross-compile bug fix; use $(AR) instead of ar. Thanks to Morten Brorup.
4033
4034- Fixed a crash bug in dhclient where dhcpd servers that do not provide
4035 renewal times results in an FPE. As a side effect, dhclient can now
4036 properly handle 0xFFFFFFFF (-1) expiry times supplied by servers. Thanks
4037 to a patch from Burt Silverman.
4038
4039- The 'ping timeout' debugs from rc12 were removed to -DDEBUG only,
45d545f0 4040 and reformatted to correct a compilation error on Solaris platforms.
98311e4b
DH		 4041
4042- A patch was applied which fixes a case where leases read from the
4043 leases database do not properly over-ride previously read leases.
4044
4045- dhcpctl.3 manpage was tweaked.
4046
4047 Changes since 3.0.1rc11
4048
4049- A patch from Steve Campbell was applied with minor modifications to
4050 permit reverse dns PTR record updates with values containing spaces.
4051
4052- A patch from Florian Lohoff was applied with some modifications to
4053 dhcrelay. It now discards packets whose hop count exceeds 10 by default,
4054 and a command-line option (-c) can be used to set this threshold.
4055
4056- A failover bug relating to identifying peers by name length instead of
4057 by name was fixed.
4058
45d545f0 4059- Declaring failover configs within shared-network statements should no
98311e4b
DH		 4060 longer result in error.
4061
4062- The -nw command line option to dhclient now works.
4063
4064- Thanks to a patch from Michael Richardson:
4065 - Some problems with long option processing have been fixed.
4066 - Some fixes to minires so that updates of KEY records will work.
4067
4068- contrib/ms2isc was updated by Shu-Min Chang of the Intel Corporation.
4069 see contrib/ms2isc/readme.txt for revision notes.
4070
4071- Dhclient no longer uses shell commands to kill another instance of
4072 itself, it sends the signal directly. Thanks to a patch from Martin
4073 Blapp.
4074
4075- The FreeBSD dhclient-script was changed so that a failure to write to
4076 /etc/resolv.conf does not prematurely end the script. This keeps dhclient
4077 from looping infinitely when this is the case. Thanks to a patch from
4078 Martin Blapp.
4079
4080- A patch from Bill Stephens was applied which resolves a problem with lease
4081 expiry times in failover configurations.
4082
4083- A memory leak in configuration parsing was closed thanks to a patch from
4084 Steve G.
4085
4086- The function which discovers interfaces will now skip non-broadcast or
4087 point-to-point interfaces, thanks to a patch from David Brownlee.
4088
4089- Options not yet known by the dhcpd or dhclient have had their names
4090 changed such that they do not contain # symbols, in case they should ever
4091 appear in a lease file. An option that might have been named "#144" is
4092 now "unknown-144".
4093
4094- Another patch from Bill Stephens which allows the ping-check timeout to
4095 be configured as 'ping-timeout'. Defaults to 1.
4096
4097 Changes since 3.0.1rc10
4098
4099- Potential buffer overflows in minires repaired.
4100
4101- A change to the linux client script to use /bin/bash, since /bin/sh may
4102 not be bash.
4103
4104- Some missing va_end cleanups thanks to a patch from Thomas Klausner.
4105
4106- A correction of boolean parsing syntax validation - some illegal syntaxes
4107 that worked before are now detected and produce errs, some legal syntaxes
4108 that errored before will now work properly.
4109
4110- Some search-and-replace errors that caused some options to change their
4111 names was repaired.
4112
4113- Shu-min Chang of the Intel corporation has contributed a perl script and
4114 module that converts the MS NT4 DHCP configuration to a ISC DHCP3
4115 configuration file.
4116
4117- Applied the remainder of the dhcpctl memory leak patch provided by Bill
4118 Squier at ReefEdge, Inc. (groo@reefedge.com).
4119
4120- Missing non-optional failover peer configurations will now result in a soft
4121 error rather than a null dereference.
4122
4123 Changes since 3.0.1rc9
4124
4125- A format string was corrected to fix compiler warnings.
4126
4127- A number of spelling corrections were made in the man pages.
4128
4129- The dhclient.conf.5 man page was changed to refer to do-forward-updates
4130 rather than a configuration option that doesn't exist.
4131
4132- A FreeBSD-specific bug in the interface removal handling was fixed.
4133
4134- A Linux-specific Token Ring detection problem was fixed.
4135
4136- Hashes removed from as-yet-unknown agent options, having those options
4137 appear in reality before we know about them will no longer produce
4138 self-corrupting lease databases.
4139
4140- dhclient will use the proper port numbers now when using the -g option.
4141
4142- A order-of-operations bug with 2 match clauses in 1 class statement is
4143 fixed thanks to a patch from Andrew Matheson.
4144
4145- Compilation problems on Solaris were fixed.
4146
4147- Compilation problems when built with DEBUG or DEBUG_PACKET were repaired.
4148
4149- A fix to the dhcp ack process which makes certain group options will be
4150 included in the first DHCPOFFER message was made thanks to a patch from
4151 Ling Gou.
4152
4153- A few memory leaks were repaired thanks to patches from Bill Squier at
4154 ReefEdge, Inc. (groo@reefedge.com).
4155
4156- A fix for shared-networks that sometimes give clients options for the
4157 wrong subnets (in particular, 'option routers') was applied, thanks to
4158 Ted Lemon for the patch.
4159
4160- Omshell's handling of dotted octets as values was changed such that dots
4161 one after the other produce zero values in the integer string.
4162
4163 Changes since 3.0.1rc8
4164
4165- Fix a format string vulnerability in the server that could lead to a
4166 remote root compromise (discovered by NGSEC Research Team, www.ngsec.com).
4167
4168- Add additional support for NetBSD/sparc64.
4169
4170- Fix a bug in the command-line parsing of the client. Also, resolve
4171 a memory leak.
4172
4173- Add better support for shells other than bash in the Linux client
4174 script.
4175
4176- Various build fixes for modern versions of FreeBSD and Linux.
4177
4178- Fix a bad bounds check when printing binding state names.
4179
4180- Clarify documentation about fixed-address and multiple addresses.
4181
4182- Fix a typo in the authoritative error message.
4183
4184- Make a log entry when we can't write a billing class.
4185
4186- Use conversion targets that are the right size on all architectures.
4187
4188- Increment the hop count when relaying.
4189
4190- Log a message when lease state is changed through OMAPI.
4191
4192- Don't rerun the shared_network when evaluating the pool.
4193
4194- Fix a reversed test in the parser.
4195
4196- Change the type of rbuf_max.
4197
4198- Make FTS_LAST a manifest constant to quiet warnings.
4199
4200 Changes since 3.0.1rc7
4201
4202- Fix two compiler warnings that are generated when compiling on Solaris
4203 with gcc. These stop the build, even though they weren't actually
4204 errors, because we prefer that our builds generate no warnings.
4205
4206 Changes since 3.0.1rc6
4207
4208- Don't allow a lease that's in the EXPIRED, RELEASED or RESET state
4209 to be renewed.
4210
4211- Implement lease stealing for cases where the primary has fewer leases
4212 than the secondary, as called for by the standard.
4213
4214- Add a fudge factor to the lease expiry acceptance code, (suggested
4215 by Kevin Miller of CMU).
4216
4217- Fix a bug in permit_list_match that made it much too willing to say
4218 that two permit lists matched.
4219
4220- Unless DEBUG_DNS_UPDATES is defined, print more user-friendly (and
4221 also more compact) messages about DNS updates.
4222
4223- Fix a bug in generating wire-format domain names for the FQDN option.
4224
4225- Fix a bug where the FQDN option would not be returned if the client
4226 requested it, contrary to the standard.
4227
4228- On Darwin, use the FreeBSD DHCP client script.
4229
4230- On NetBSD/sparc, don't check for casting warnings.
4231
4232- Add a flag in the DHCP client to disable updating the client's A
4233 record when sending an FQDN option indicating that the client is
4234 going to update its A record.
4235
4236- In the client, don't attempt a DNS update until one second after
4237 configuring the new IP address, and if the update times out, keep
4238 trying until a response, positive or negative, is received from the
4239 DNS server.
4240
4241- Fix an uninitialized memory bug in the DHCP client.
4242
4243- Apply some FreeBSD-specific bug fixes suggested by Murray Stokely.
4244
4245- Fix a bug in ns_parserr(), where it was returning the wrong sort
4246 of result code in some cases (suggested by Ben Harris of the
4247 NetBSD project).
4248
4249- Fix a bug in is_identifier(), where it was checking against EOF
4250 instead of the END_OF_FILE token (also suggested by Ben Harris).
4251
4252- Fix a bug where if an option universe contained no options, the
4253 DHCP server could dump core (Walter Steiner).
4254
4255- Fix a bug in the handling of encapsulated options.
4256
4257- Fix a bug that prevented NWIP suboptions from being processed.
4258
4259- Delete the FTS_BOOTP and FTS_RESERVED states and implement them
4260 as modifier flags to the FTS_ACTIVE state, as called for in the
4261 failover protocol standard.
4262
4263- Fix bugs in the pool merging code that resulted in references and
4264 dereferences of null pointers. This bug had no impact unless the
4265 POINTER_DEBUG flag was defined.
4266
4267- In the server, added a do-forward-updates flag that can be used to
4268 disable forward updates in all cases, so that sites that want the
4269 clients to take sole responsibility for updating their A record can
4270 do so.
4271
4272- Make it possible to disable optimization of PTR record updates.
4273
4274 Changes since 3.0.1rc5
4275
4276- Include some new documentation and changes provided by Karl Auer.
4277
4278- Add a workaround for some Lexmark printers that send a double-NUL-
4279 terminated host-name option, which would break DNS updates.
4280
4281- Fix an off-by-one error in the MAC-address checking code for
4282 DHCPRELEASE that was added in 3.0.1rc5.
4283
4284- Fix a bug where client-specific information was not being discarded
4285 from the lease when it expired or was released, resulting in
4286 problems if the lease was reallocated to a different client.
4287
4288- If more than one allocation pool is specified that has the same set
4289 of constraints as another allocation pool on the same shared
4290 network, merge the two pools.
4291
4292- Don't print an error in fallback_discard, since this just causes
4293 confusion and does not appear to be helping to encourage anyone to
4294 fix this bug.
4295
4296 Changes since 3.0.1rc4
4297
4298- Fix a bug that would cause the DHCP server to spin if asked to parse
4299 a certain kind of incorrect statement.
4300
4301- Fix a related bug that would prevent an error from being reported in
4302 the same case.
4303
4304- Additional documentation.
4305
4306- Make sure that the hardware address matches the lease when
4307 processing a DHCPRELEASE message.
4308
4309 Changes since 3.0.1rc3
4310
4311- A minor bug fix in the arguments to a logging function call.
4312- Documentation update for dhcpd.conf.
4313
adbef119 4314 Changes since 3.0.1rc2
98311e4b
DH		 4315
4316- Allow the primary to send a POOLREQ message. This isn't what the current
4317 failover draft says to do, so we may have to back it out if I can't get the
4318 authors to relent, but the scheme for balancing that's specified in the
4319 current draft seems needlessly hairy, so I'm floating a trial balloon.
4320 The rc1 code did not implement the method described in the draft either.
4321
adbef119 4322 Changes since 3.0.1rc1
98311e4b
DH		 4323
4324- Treat NXDOMAIN and NXRRSET as success when we are trying to delete a
4325 domain or RRSET. This allows the DHCP server to forget about a name
4326 it added to the DNS once it's been removed, even if the DHCP server
4327 wasn't the one that removed it.
4328
4329- Install defaults for failover maximum outstanding updates and maximum
4330 silent time. This prevents problems that might occur if these values
4331 were not configured.
4332
4333- Don't do DDNS deletes if ddns-update-style is none.
4334
4335- Return relay agent information options in DHCPNAK. This prevents DHCPNAK
4336 messages from being dropped when the relay agent information option contains
4337 routing information.
4338
4339- Fix a problem where coming up in recover wouldn't result in an update
4340 request being sent.
4341
4342- Add some more chatty messages when we start a recovery update and when it's
4343 done.
4344
4345- Fix a possible problem where some state might have been left around
4346 after the peer lost contact and regained contact about how many updates
4347 were pending.
4348
4349- Don't nix a lease update because of a lease conflict. This test has
4350 never (as far as I know) prevented a mistake, and it appears to cause
4351 problems with failover.
4352
4353- Add support in rc history code for keeping a selective history, rather
4354 than a history of all references and dereferences. This code is only used
4355 when extensive additional debugging is enabled.
4356
adbef119 4357 Changes since 3.0
98311e4b
DH		 4358
4359- Make allocators for hash tables. As a side effect, this fixes a memory
4360 smash in the subclass allocation code.
4361
4362- Fix a small bug in omshell where if you try to close an object when
4363 no object is open, it dumps core.
4364
4365- Fix an obscure coredump that could occur on shutdown.
4366
4367- Fix a bug in the recording of host declaration rubouts in the lease file.
4368
4369- Fix two potential spins in the host deletion code.
4370
4371- Fix a core dump that would happen if an application tried to update
4372 a host object attribute with a null value.
4373
4374 Changes since 3.0 Release Candidate 12
4375
4376- Fix a memory leak in the evaluation code.
4377
4378- Fix an obscure core dump.
4379
4380- Print a couple of new warnings when parsing the configuration file
4381 when crucial information is left out.
4382
4383- Log "no free leases" as an error.
4384
4385- Documentation updates.
4386
4387 Changes since 3.0 Release Candidate 11
4388
4389- Always return a subnet selection option if one is sent.
4390
4391- Fix a warning that was being printed because an automatic data
4392 structure wasn't zeroed.
4393
4394- Fix some failover state transitions that were being handled
4395 incorrectly.
4396
4397- When supersede_lease is called on a lease whose end time has already
4398 expired, but for which a state transition has not yet been done, do
4399 a state transition. This fixes the case where if the secondary
4400 allocated a lease to a client and the lease "expired" while the
4401 secondary was in partner-down, no expiry event would actually
4402 happen, so the lease would remain active until the primary was
4403 restarted.
4404
4405 Changes since 3.0 Release Candidate 10
4406
4407- Fix a bug that was preventing released leases from changing state
4408 in failover-enabled pools.
4409
4410- Fix a core dump in the client identifier finder code (for host
4411 declarations).
4412
4413- Finish fixing a bug where bogus data would sometimes get logged to
4414 the dhclient.leases file because it was opened as descriptor 2.
4415
4416- Fix the Linux dhclient-script according to suggestions made by
4417 several people on the dhcp-client mailing list.
4418
4419- Log successful DNS updates at LOG_INFO, not LOG_ERROR.
4420
4421- Print an error message and refuse to run if a failover peer is
4422 defined but not referenced by any pools.
4423
4424- Correct a confusing error message in failover.
4425
eaf0b302
TL		 4426 Changes since 3.0 Release Candidate 9
4427
4428- Fix a bug in lease allocation for Dynamic BOOTP clients.
4429
0db87765
TL		 4430 Changes since 3.0 Release Candidate 8 Patchlevel 2
4431
4432- Fix a bug that prevented update-static-leases from working.
4433
4434- Document failover-state OMAPI object.
4435
4436- Fix a compilation error on SunOS 4.
4437
d758ad8c
TL		 4438 Changes since 3.0 Release Candidate 8 Patchlevel 1
4439
4440- Fix a parsing bug that broke dns updates (both interim and ad-hoc).
4441 This was introduced in rc8pl1 as an unintended result of the memory
4442 leakage fixes that were in pl1.
4443
4444- Fix a long-standing bug where the server would record that an update
4445 had been done for a client with no name, even though no update had
4446 been done, and then when the client's lease expired the deletion of
4447 that nonexistant record would time out because the name was the null
9a111ee8 4448 string.
d758ad8c
TL		 4449
4450- Clean up the omshell, dhcpctl and omapi man pages a bit.
4451
d758ad8c
TL		 4452 Changes since 3.0 Release Candidate 8
4453
4454- Fix a bug that could cause the DHCP server to spin if
4455 one-lease-per-client was enabled.
4456
4457- Fix a bug that was causing core dumps on BSD/os in the presence of
4458 malformed packets.
4459
4460- In partner-down state, don't restrict lease lengths to MCLT.
4461
4462- On the failover secondary, record the MCLT received from the primary
4463 so that if we come up without a connection to the primary we don't
4464 wind up giving out zero-length leases.
4465
4466- Fix some compilation problems on BSD/os.
4467
4468- Fix a bunch of memory leaks.
4469
4470- Fix a couple of bugs in the option printer.
4471
4472- Fix an obscure error reporting bug in the dns update code, and also
4473 make the message clearer when a key algorithm isn't supported.
4474
4475- Fix a bug in the tracing code that prevented trace runs that used
4476 tcp connections from being played back.
4477
4478- Add some additional debugging capability for catching memory leaks
4479 on exit.
4480
4481- Make the client release the lease correctly on shutdown.
4482
4483- Add some configurability to the build system.
4484
4485- Install omshell manual page in man1, not man8.
4486
4487- Craig Gwydir sent in a patch that fixes a long-standing bug in the
4488 DHCP client that could cause core dumps, but that for some reason
4489 hadn't been noticed until now.
4490
4491 Changes since 3.0 Release Candidate 7
4492
4493- Fix a bug in failover where we weren't sending updates after a
4494 transition from communications-interrupted to normal.
4495
4496- Handle expired/released/reset -> free transition according to the
4497 protocol specification (this works - the other way not only wasn't
4498 conformant, but also didn't work).
4499
4500- Add a control object in both client and server that allows either
4501 daemon to be shut down cleanly.
4502
4503- When writing a lease, if we run out of disk space, shut down the
4504 output file and insist on writing a new one before proceeding.
4505
4506- In the server, if the OMAPI listener port is occupied, keep trying
4507 to get it, rather than simply giving up and exiting.
4508
4509- Support fetching variables from leases and also updating and adding
4510 variables to leases via OMAPI.
4511
4512- If two failover peers have wildly different clocks, refuse to start
4513 doing failover.
4514
4515- Fix a bug in the DNS update code that could cause core dumps when
4516 running on alpha processors.
4517
4518- Fixed a bug in ddns updates for static lease entries, thanks to a
4519 patch from Andrey M Linkevitch.
4520
4521- Add support for Darwin/MacOS X
4522
4523- Install omshell (including new documentation).
4524
4525- Support DNS updates in the client (this is a very obscure feature
4526 that most DHCP client users probably will not be able to use).
4527
4528- Somewhat cleaner status logging in the client.
4529
4530- Make OMAPI key naming syntax compatible with the way keys are
4531 actually named (key names are domain names).
4532
4533- Fix a bug in the lease file writer.
4534
4535- Install DHCP ISC headers in a different place than BIND 9 ISC
4536 headers, to avoid causing trouble in BIND 9 builds.
4537
4538- Don't send updates for attributes on an object when the attributes
4539 haven't changed. Support deleting attributes on remote objects.
4540
4541- Fix a number of bugs in omshell, and add the unset and refresh
4542 statements.
4543
4544- Handle disconnects in OMAPI a little bit more intelligently (so that
4545 the caller gets ECONNRESET instead of EINVAL).
4546
4547- Fix a bunch of bugs in the handling of clients that have existing
4548 leases when the try to renew their leases while failover is
4549 operating.
4550
eaf0b302
TL		 4551 Changes since 3.0 Release Candidate 6
4552
4553- Fix a core dump that could happen when processing a DHCPREQUEST from
4554 a client that had a host declaration that contained both a
4555 fixed-address declaration and a dhcp-client-identifier option
4556 declaration, if the client identifier was longer than nine bytes.
4557
4558- Fix a memory leak that could happen in certain obscure cases when
4559 using omapi to manipulate leases.
4560
4561- Fix some bugs and omissions in omshell.
4562
eaf0b302
TL		 4563 Changes since 3.0 Release Candidate 5
4564
4565- Fix a bug in omapi_object_dereference that prevented objects in
4566 chains from having their reference counts decreased on dereference.
4567
4568- Fix a bug in omapi_object_dereference that would prevent object
4569 chains from being freed upon removal of the last reference external
4570 to the chain.
4571
4572- Fix a number of other memory leaks in the OMAPI protocol subsystem.
4573
4574- Add code in the OMAPI protocol handler to trace memory leakage.
4575
4576- Clean up the memory allocation/reference history printer.
4577
98311e4b 4578- Support input of dotted quads and colon-separated hex lists as
eaf0b302
TL		 4579 attribute values in omshell.
4580
98311e4b 4581- Fix a typo in the Linux interface discovery code.
eaf0b302
TL		 4582
4583- Conditionalize a piece of trace code that wasn't conditional.
4584
4585 Changes since 3.0 Release Candidate 4
4586
4587- Fix a bug that would prevent leases from being abandoned properly on
4588 DHCPDECLINE.
4589
4590- Fix failover peer OMAPI support.
4591
4592- In failover, correctly handle expiration of leases. Previously,
4593 leases would never be reclaimed because they couldn't make the
4594 transition from EXPIRED to FREE.
4595
4596- Fix some broken failover state transitions.
4597
4598- Documentation fixes.
4599
4600- Take out an unnecessary check in DHCP relay agent information option
4601 stashing code that was preventing REBINDING clients from rebinding.
4602
4603- Prevent failover peers from allocating leases in DHCPREQUEST
4604 processing if the lease belongs to the other server.
4605
4606- Record server version in lease file introductory comment.
4607
4608- Correctly report connection errors in OMAPI and failover.
4609
4610- Make authentication signature algorithm name comparisons in OMAPI
4611 case-insensitive.
4612
4613- Fix compile problem on SunOS 4.x
4614
98311e4b 4615- If a signature algorithm is not terminated with '.', terminate it so
eaf0b302
TL		 4616 that comparisons between fully-qualified names will work
4617 consistently.
4618
4619- Different SIOCGIFCONF probe code, may "fix" problem on some Linux
4620 systems with the probe not working correctly.
4621
4622- Don't allow user to type omapi key on command line of omshell.
4623
0596b051
TL		 4624 Changes since 3.0 Release Candidate 3
4625
4626- Do lease billing on startup in a way that I *think* will finally do
4627 the billing correctly - the previous method could overbill as a
4628 result of duplicate leases.
4629
4630- Document OMAPI server objects.
4631
892fe689
TL		 4632 Changes since 3.0 Release Candidate 2 Patchlevel 1
4633
4634- Fix some problems in the DDNS update code. Thanks to Albert
4635 Herranz for figuring out the main problem.
4636
4637- Fix some reference counting errors on host entries that were causing
4638 core dumps.
4639
4640- Fix a byte-swap bug in the token ring code, thanks to Jochen
4641 Friedrich.
4642
4643- Fix a bug in lease billing, thanks to Jonas Bulow.
4644
4645 Changes since 3.0 Release Candidate 2
4646
4647- Change the conditions under which a DHCPRELEASE is actually
4648 committed to be consistent with lease binding states rather than
98311e4b 4649 using the lease end time. This may fix some problems with the
892fe689
TL		 4650 billing class code.
4651
4652- Fix a bug where lease updates would fail on Digital Unix (and maybe
4653 others) because malloc was called with a size of zero.
4654
4655- Fix a core dump that happens when the DHCP server can't create its
4656 trace file.
4657
79ea3de8 4658 Changes since 3.0 Release Candidate 1 Patchlevel 1
87784777 4659
79ea3de8
TL		 4660- Fix the dhcp_failover_put_message to not attempt to allocate a
4661 zero-length buffer. Some versions of malloc() fail if you try to
4662 allocate a zero-length buffer, and this was causing problems on,
4663 e.g., Digital Unix.
4664
4665- Fix a case where the failover code was printing an error message
4666 when no error had occurred.
4667
4668- Fix a problem where when a server went down and back up again, the
4669 peer would not see a state transition and so would stay in the
4670 non-communicating state.
4671
4672- Be smart about going into recover_wait.
4673
4674- Fix a problem in the failover implementation where peers would fail
4675 to come into sync if interrupted in the RECOVER state. This could
4676 have been the cause of some problems people have reported recently.
4677
4678- Fix a problem with billing classes where they would not be unbilled
4679 when the client lease expired.
4680
4681- If select fails, figure out which descriptor is bad, and cut it out
4682 of the I/O loop. This prevents a potentially nasty spin. I
4683 haven't heard any report it in a while, but it came up consistently
4684 in testing.
4685
4686- Fix a bug in the relay agent where if you specified interfaces on
4687 the command line, it would fail.
4688
4689- Fix a couple of small bugs in the omapi connection object (no known
4690 user impact).
4691
4692- Add the missing 3.0 Beta 1 lease conversion script.
4693
4694- Read dhcp client script hooks if they exist, rather than only if
4695 they're executable.
4696
4697 Changes since 3.0 Release Candidate 1
87784777
TL		 4698
4699- Fix a memory smash that happens when fixed-address leases are used.
4700 ANY SITE AT WHICH FIXED-ADDRESS STATEMENTS ARE BEING USED SHOULD
4701 UPGRADE IMMEDIATELY. This has been a long-standing bug - thanks to
4702 Alvise Nobile for discovering it and helping me to find it!
4703
79ea3de8
TL		 4704- Fix a small bug in binary-to-ascii, thanks to H. Peter Anvin of
4705 Transmeta.
4706
87784777
TL		 4707- There is a known problem with the DHCP server doing failover on
4708 Compaq Alpha systems. This patchlevel is not a release candidate
4709 because of this bug. The bug should be straightforward to fix, so
4710 a new release candidate is expected shortly.
4711
4712- There is a known problem in the DDNS update code that is probably a
4713 bug, and is not, as far as we know, fixed in this patchlevel.
4714
6d779c72
TL		 4715 Changes since 3.0 Beta 2 Patchlevel 24
4716
4717- Went over problematic failover state transitions and made them all
4718 work, so that failover should now much less fragile.
4719
4720- Add some dhcpctl and omapi documentation
4721
4722- Fix compile errors when compiling with unusual predefines.
4723
4724- Make Token Ring work on Linux 2.4
4725
4726- Fix the Digital Unix BPF_WORDALIGN bug.
4727
4728- Fix some dhcp client documentation errors.
4729
4730- Update some parts of the README file.
4731
4732- Support GCC on SCO.
4733
adbef119 4734 Changes since 3.0 Beta 2 Patchlevel 23
de57e64b
TL		 4735
4736- Fix a bug in the DNS update code where a status code was not being
4737 checked. This may have been causing core dumps.
4738
4739- When parsing the lease file, if a lease declaration includes a
4740 billing class statement, and the lease already has a billing class,
4741 unbill the old class.
4742
4743- When processing failover transactions, where acks will be deferred,
4744 process the state transition immediately.
4745
4746- Don't try to use the new SIOCGIFCONF buffer size detection code on
4747 Linux 2.0, which doesn't provide this functionality.
4748
4749- Apply a patch suggested by Tuan Uong for a problem in dlpi.c.
4750
4751- Fix a problem in using the which command in the configure script.
4752
4753- Fix a parse error in the client when setting up an omapi listener.
4754
4755- Document the -n and -g flags to the client.
4756
4757- Make sure there is always a stdin and stdout on startup. This
4758 prevents shell scripts from accidentally writing error messages into
4759 configuration files that happen to be opened as stderr.
4760
4761- If an interface is removed, the client will now notice that it is
4762 gone rather than spinning. This has only been tested on NetBSD.
4763
4764- The client will attempt to get an address even if it can't create a
4765 lease file.
4766
4767- Don't overwrite tracefiles.
4768
4769- Fix some memory allocation bugs in failover.
2aa36519 4770
adbef119 4771 Changes since 3.0 Beta 2 Patchlevel 22
140158d3
TL		 4772
4773- Apply some patches suggested by Cyrille Lefevre, who is maintaining
4774 the FreeBSD ISC DHCP Distribution port.
4775
4776- Fix a core dump in DHCPRELEASE.
4777
adbef119 4778 Changes since 3.0 Beta 2 Patchlevel 21
3a395e60
TL		 4779
4780- This time for sure: fix the spin described in the changes for pl20.
4781
adbef119 4782 Changes since 3.0 Beta 2 Patchlevel 20
fc74dd0c
TL		 4783
4784- Fix a problem with Linux detecting large numbers of interfaces (Ben)
4785
4786- Fix a memory smash in the quotify code, which was introduced in
4787 pl19.
4788
4789- Actually fix the spin described in the changes for pl20. The
4790 previous fix only partially fixed the problem - enough to get it
4791 past the regression test.
4792
adbef119 4793 Changes since 3.0 Beta 2 Patchlevel 19
ed5ee591
TL		 4794
4795- Fix a bug that could cause the server to abort if compiled with
4796 POINTER_DEBUG enabled.
4797
4798- Fix a bug that could cause the server to spin when responding to a
4799 DHCPREQUEST.
4800
4801- Apply Joost Mulders' suggested patches for DLPI on x86.
4802
4803- Support NUL characters in quoted strings.
4804
4805- Install unformatted man pages on SunOS.
4806
adbef119 4807 Changes since 3.0 Beta 2 Patchlevel 18
b3fad8ac 4808
3350f5b7
TL		 4809- Allow the server to be placed in partner-down state using OMAPI.
4810 (Damien Neil)
4811
4812- Implement omshell, which can be used to do arbitrary things to the
4813 server (in theory). (Damien Neil)
4814
4815- Fix a case where if a client had two different leases the server could
4816 actually dereference the second one when it hadn't been referenced,
4817 leading to memory corruption and a core dump. (James Brister)
4818
4819- Fix a case where a client could request the address of another client's
4820 lease, but find_lease wouldn't detect that the other client had it, and
4821 would attempt to allocate it to the client, resulting in a lease conflict
4822 message.
4823
4824- Fix a case where a client with more than one client identifier could be
4825 given a lease where the hardware address was correct but the client
4826 identifier was not, resulting in a lease conflict message.
4827
98311e4b 4828- Fix a problem where the server could write out a colon-separated
3350f5b7
TL		 4829 hex list as a value for a variable, which would then not parse.
4830 The fix is to always write strings as quoted strings, with any
4831 non-printable characters quoted as octal escape sequences. So
4832 a file written the old way still won't work, but new files written
4833 this way will work.
4834
b3fad8ac
TL		 4835- Fix documentation for sending non-standard options.
4836
4837- Use unparsable names for unknown options. WARNING: this will
4838 break any configuration files that use the option-nnn convention.
4839 If you want to continue to use this convention for some options,
4840 please be sure to write a definition, like this:
4841
4842 option option-nnn code nnn = string;
4843
4844 You can use a descriptive name instead of option-nnn if you like.
4845
4846- Fix a problem where we would see a DHCPDISCOVER/DHCPOFFER/
4847 DHCPREQUEST/DHCPACK/DHCPREQUEST/DHCPNAK sequence. This was the
4848 result of a deceptively silly bug in supersede_lease.
4849
4850- Fix client script exit status check, according to a fix supplied by
4851 Hermann Lauer.
4852
4853- Fix an endianness bug in the tracefile support, regarding ICMP
4854 messages.
4855
3350f5b7
TL		 4856- Fix a bug in the client where the medium would not work correctly if
4857 it contained quoted strings.
4858
b3fad8ac
TL		 4859 ** there was no pl17 **
4860
adbef119 4861 Changes since 3.0 Beta 2 Patchlevel 16
e6d30fd6 4862
6da9db9d
TL		 4863- Add support for transaction tracing. This allows the state of the
4864 DHCP server on startup, and all the subsequent transactions, to be
4865 recorded in a file which can then be played back to reproduce the
4866 behaviour of the DHCP server. This can be used to quickly
4867 reproduce bugs that cause core dumps or corruption, and also for
4868 tracking down memory leaks.
4869
4870- Incorporate some bug fixes provided by Joost Mulders for the DLPI
4871 package which should clear up problems people have been seeing on
4872 Solaris.
4873
4874- Fix bugs in the handling of options stored as linked lists (agent
4875 options, fqdn options and nwip options) that could cause memory
4876 corruption and core dumps.
4877
4878- Fix a bug in DHCPREQUEST handling that resulted in DHCPNAK messages
4879 not being send in some cases when they were needed.
4880
4881- Make the lease structure somewhat more compact.
4882
4883- Make initial failover startup *much* faster. This was researched
4884 and implemented by Damien Neil.
4885
4886- Add a --version flag to all executables, which prints the program
4887 name and version to standard output.
4888
4889- Don't rewrite the lease file every thousand leases.
4890
e6d30fd6
TL		 4891- A bug in nit.c for older SunOS machines was fixed by a patch sent in
4892 by Takeshi Hagiwara.
4893
6da9db9d
TL		 4894- Fix a memory corruption bug in the DHCP client.
4895
4896- Lots of documentation updates.
4897
4898- Add a feature allowing environment variables to be passed to the
4899 DHCP client script on the DHCP client command line.
4900
4901- Fix client medium support, which had been broken for some time.
4902
4903- Fix a bug in the DHCP client initial startup backoff interval, which
4904 would cause two DHCPDISCOVERS to be sent back-to-back on startup.
4905
adbef119 4906 Changes since 3.0 Beta 2 Patchlevel 15
af49fdff
TL		 4907
4908- Some documentation tweaks.
4909
4910- Maybe fix a problem in the DLPI code.
4911
4912- Fix some error code space inconsistencies in ddns update code.
4913
4914- Support relay agents that intercept unicast DHCP messages to stuff
4915 agent options into them.
4916
4917- Fix a small memory leak in the relay agent option support code.
4918
c5b569f8
TL		 4919- Fix a core dump that would occur if a packet was sent with no
4920 options.
4921
adbef119 4922 Changes since 3.0 Beta 2 Patchlevel 14
754ae3e9
TL		 4923
4924- Finish fixing a long-standing bug in the agent options code. This
4925 was causing core dumps and failing to operate correctly - in
4926 particular, agent option stashing wasn't working. Agent option
4927 stashing should now be working, meaning that agent options can be
4928 used in class statements to control address allocation.
4929
4930- Fix up documentation.
4931
4932- Fix a couple of small memory leaks that would have added up
4933 significantly in a high-demand situation.
4934
4935- Add a log-facility configuration parameter.
4936
4937- Fix a compile error on some older operating systems.
4938
4939- Add the ability in the client to execute certain statements before
4940 transmitting packets to the server. Handy for debugging; not much
4941 practical use otherwise.
4942
4943- Don't send faked-out giaddr when renewing or bound - again, useful
4944 for debugging.
4945
adbef119 4946 Changes since 3.0 Beta 2 Patchlevel 13
2f2e7960
TL		 4947
4948- Fixed a problem where the fqdn decoder would sometimes try to store
4949 an option with an (unsigned) negative length, resulting in a core
4950 dump on some systems.
4951
4952- Work around the Win98 DHCP client, which NUL-terminates the FQDN
4953 option.
4954
4955- Work around Win98 and Win2k clients that will claim they want to do
4956 the update even when they don't have any way to do it.
4957
4958- Fix some log messages that can be printed when failover is operating
4959 that were not printing enough information.
4960
4961- It was possible for a DHCPDISCOVER to get an allocation even when
4962 the state machine said the server shouldn't be responding.
4963
4964- Don't load balance DHCPREQUESTs from clients in RENEWING and
4965 REBINDING, since in RENEWING, if we heard it, it's for us, and in
4966 REBINDING, the client wouldn't have got to REBINDING if its primary
4967 were answering.
4968
4969- When we get a bogus state lease binding state transition, don't do
4970 the transition.
9a111ee8 4971
2f2e7960 4972
adbef119 4973 Changes since 3.0 Beta 2 Patchlevel 12
66e98927
TL		 4974
4975- Fixed a couple of silly compile errors.
4976
a1e2e3d6
TL		 4977 Changes since 3.0 Beta 2 Patchlevel 11
4978
4979- Albert Herranz tracked down and fixed a subtle bug in the base64
4980 decoder that would prevent any key with an 'x' in its base64
4981 representation from working correctly.
4982
4983- Thanks to Chris Cheney and Michael Sanders, we have a fix for the
4984 hang that they both spotted in the DHCP server - when
4985 one-lease-per-client was set, the code to release the "other" lease
4986 could spin.
4987
4988- Fix a problem with alignment of the input buffer in bpf in cases
4989 where two packets arrive in the same bpf read.
4990
4991- Fix a problem where the relay agent would crash if you specified an
4992 interface name on the command line.
4993
4994- Add the ability to conditionalize client behaviour based on the
4995 client state.
4996
4997- Add support for the FQDN option, and added support for a new way of
4998 doing ddns updates (ddns update style interim) that allows more than
4999 one DHCP server to update the DNS for the same network(s). This
5000 was implemented by Damien Neil with some additional functionality
5001 added by Ted Lemon.
5002
5003- Damien added a "log" statement, so that the configuration file can
5004 be made to log debugging information and other information.
5005
5006- Fixed a bug that caused option buffers not to be terminated with an
5007 end option.
5008
5009- Fixed a long-standing bug in the support for option spaces where the
5010 options are stored as an ordered list rather than in a hash table,
5011 which could theoretically result in memory pool corruption.
5012
5013- Prevent hardware declarations with no actual hardware address from
5014 being written as something unparsable, and behave correctly in the
5015 face of a null hardware address on input.
5016
5017- Allow key names to be FQDNs, and qualify the algorithm name if it is
5018 specified unqualified.
5019
5020- Modify the DDNS update code so that it never prints the "resolver
5021 failed" message, but instead says *why* the resolver failed.
5022
5023- Officially support the subnet selection option, which now has an
5024 RFC.
5025
5026- Fix a build bug on MacOS X.
5027
5028- Allow administrator to disable ping checking.
5029
5030- Clean up dhcpd.conf documentation and add more information about how
5031 it works.
5032
6c68ec36
TL		 5033 Changes since 3.0 Beta 2 Patchlevel 10
5034
5035- Fix a bug introduced during debugging (!) and accidentally committed
5036 to CVS.
5037
9fd337e7
TL		 5038 Changes since 3.0 Beta 2 Patchlevel 9
5039
5040- Fix DHCP client handling of vendor encapsulated options.
5041
5042- Fix a bug in the handling of relay agent information options introduced
5043 in patchlevel 9.
5044
5045- Stash agent options on client leases by default, and use the stashed
5046 options at renewal time.
5047
5048- Add the ability to test the client's binding state in the client
5049 configuration language.
5050
5051- Fix a core dump in the DNS update code.
5052
5053- Fix some expression evaluation bugs that were causing updates to be
5054 done when no client hostname was received.
5055
5056- Fix expression evaluation debugging printfs.
5057
5058- Teach pretty_print_option to print options in option spaces other than
5059 the DHCP option space.
5060
5061- Add a warning message if the RHS of a not is not boolean.
5062
5063- Never select for more than a day, because some implementations of
5064 select will just fail if the timeout is too long (!).
5065
5066- Fix a case where a DHCPDISCOVER from an unknown network would be
5067 silently dropped.
5068
5069- Fix a bug where if a client requested an IP address for which a different
5070 client had the lease, the DHCP server would reallocate it anyway.
5071
5072- Fix the DNS update code so that if the client changes its name, the DNS
5073 will be correctly updated.
5074
3922772a
TL		 5075 Changes since 3.0 Beta 2 Patchlevel 8
5076
5077- Oops, there was another subtle math error in the header-length
5078 bounds-checking.
5079
5080 Changes since 3.0 Beta 2 Patchlevel 7
848c2547
TL		 5081
5082- Oops, forgot to byte-swap udp header length before bounds-checking it.
5083
3922772a 5084 Changes since 3.0 Beta 2 Patchlevel 6
0f6045f8 5085
f8572308
TL		 5086- Fix a possible DoS attack where a client could cause the checksummer
5087 to dump core. This was a read, not a write, so it shouldn't be
5088 possible to exploit it any further than that.
5089
5090- Implement client- and server-side support for using the Client FQDN
5091 option.
5092
5093- Support for other option spaces in the client has been added. This
5094 means that it is now possible to define a vendor option space on the
5095 client, request options in that space from the server (which must
5096 define the same option space), and then use those options in the
5097 client. This also allows NWIP and Client FQDN options to be used
5098 meaningfully.
5099
5100- Add object initializer support. This means that objects can now be
5101 initialized to something other than all-zeros when allocated, which
5102 makes, e.g., the interface object support code a little more robust.
5103
5104- Fix an off-by-one bug in the host stuffer. This was causing host
5105 deletes not the work, and may also have been causing OMAPI
5106 connections to get dropped. Thanks to James Brister for tracking
5107 this one down!
5108
5109- Fixed a core dump in the interface discovery code that is triggered
5110 when there is no subnet declaration for an interface, but the server
5111 decides to continue running. Thanks to Shane Kerr for tracking
5112 down and fixing this problem.
5113
5114 Changes since 3.0 Beta 2 Patchlevel 5
5115
0f6045f8
TL		 5116- Fix a bug in the recent enhancement to the interface discovery code
5117 to support arbitrary-length interface lists.
5118
5119- Support NUL-terminated DHCP options when initializing client-script
5120 environment.
5121
5122- Fix suffix operator.
5123
5124- Fix NetWare/IP option parsing.
5125
5126- Better error/status checking in dhcpctl initialization and omapi
5127 connection code.
5128
5129- Fix a potential memory smash in dhcpctl code.
5130
5131- Fix SunOS4 and (maybe) Ultrix builds.
5132
5133- Fix a bug where a certain sort of incoming packet could cause a core
5134 dump on Solaris (and probably elsewhere).
5135
5136- Add some more safety checks in error logging code.
5137
5138- Add support for ISC_R_INCOMPLETE in OMAPI protocol connection code.
5139
5140- Fix relay agent so that if an interface is specified on the command
5141 line, the relay agent does not dump core.
5142
5143- Fix class matching so that match if can be combined with match or
5144 spawn with.
5145
5146- Do not allow spurious leases in the lease database to introduce
5147 potentially bogus leases into the in-memory database.
5148
5149- Fix a byte-order problem in the client hardware address type code
5150 for OMAPI.
5151
5152- Be slightly less picky about what sort of hardware addresses OMAPI
5153 can install in host declarations.
5154
801de092
TL		 5155 Changes since 3.0 Beta 2 Patchlevel 4
5156
5157- Incorporated Peter Marschall's proposed change to array/record
5158 parsing, which allows things like the slp-agent option to be encoded
5159 correctly. Thanks very much to Peter for taking the initiative to
5160 do this, and for doing such a careful job of it (e.g., updating the
5161 comments)!
5162
5163- Added an encoding for the slp-agent option. :')
5164
6ed7a93d
TL		 5165- Fixed SunOS 4 build. Thanks to Robert Elz for responding to my
5166 request for help on this with patches!
5167
5168- Incorporated a change that should fix a problem reported by Philippe
5169 Jumelle where when the network connection between two servers is
5170 lost, they never reconnect.
5171
5172- Fix client script files other than that for NetBSD to actually use
5173 make_resolv_conf as documented in the manual page.
5174
5175- Fix a bug in the packet handling code that could result in a core
5176 dump.
5177
5178- Fix a bug in the bootp code where responses on the local net would
5179 be sent to the wrong MAC address. Thanks to Jerry Schave for
5180 catching this one.
5181
490eb5e7
TL		 5182 Changes since 3.0 Beta 2 Patchlevel 3
5183
5184- In the DHCP client, execute client statements prior to using the values
45d545f0 5185 of options, so that the client configuration can overridden, e.g., the
490eb5e7
TL		 5186 lease renewal time.
5187
5188- Fix a reference counting error that would result in very reproducible
5189 failures in updates, as well as occasional core dumps, if a zone was
5190 declared without a key.
5191
5192- Fix some Linux 2.0 compilation problems.
5193
5194- Fix a bug in scope evaluation during execution of "on" statements that
5195 caused values not to be recorded on leases.
5196
5197- If the dhcp-max-message-size option is specified in scope, and the
5198 client didn't send this option, use the one specified in scope to
5199 determine the maximum size of the response.
5200
592d8153
TL		 5201 Changes since 3.0 Beta 2 Patchlevel 2
5202
359b023e
TL		 5203- Fix a case where spawning subclasses were being allocated
5204 incorrectly, resulting in a core dump.
5205
592d8153
TL		 5206- Fix a case where the DHCP server might inappropriately NAK a
5207 RENEWING client.
5208
5209- Fix a place dhcprequest() where static leases could leak.
5210
5211- Include memory.h in omapip_p.h so that we don't get warnings about
5212 using memcmp().
5213
2aa36519
TL		 5214 Changes since 3.0 Beta 2 Patchlevel 1
5215
5216- Notice when SIOCFIGCONF returns more data than fit in the buffer -
5217 allocate a larger buffer, and retry. Thanks to Greg Fausak for
5218 pointing this out.
5219
5220- In the server, if no interfaces were configured, report an error and
5221 exit.
5222
5223- Don't ever record a state of 'startup'.
5224
5225- Don't try to evaluate the local failover binding address if none was
5226 specified. Thanks to Joseph Breu for finding this.
Mirror of https://github.com/isc-projects/dhcp.git