]> git.ipfire.org Git - thirdparty/dhcp.git/blame - RELNOTES
projects / thirdparty / dhcp.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[master]
[thirdparty/dhcp.git] / RELNOTES
CommitLineData
98311e4b 1 Internet Systems Consortium DHCP Distribution
0b2ec8c9
SR		 2 Version 4.3.0
3 21 December 2013
72c7bd79 4
0171be2d 5 Release Notes
72c7bd79 6
0171be2d 7 NEW FEATURES
16449d9c 8
adbef119
DH		 9ISC DHCP 4.2.x includes features that were not included in DHCP 4.1.x.
10These include:
37ec5845 11
98bf1607 12Processing the DHCP to DNS server transactions in an asyncrhonous fashion.
09afca0d 13The DHCP server or client can now continue with its processing while
98bf1607
SR		 14awaiting replies from the DNS server.
15
01a54c17
EH		 16There are a number of DHCPv6 limitations and features missing in this
17release, which will be addressed in the future:
98bd7ca0 18
01a54c17 19- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.
3a16098f 20
adbef119
DH		 21- DHCPv6 includes human-readable text in status code messages, in
22 English. A method to reconfigure or support other languages would
23 be preferrable.
98bd7ca0
DH		 24
25- The "host-identifier" option is limited to a simple token.
26
98bd7ca0 27- The client and server can only operate DHCPv4 or DHCPv6 at a time,
45d545f0 28 not both. To use both protocols simultaneously, two instances of the
6de1f33e 29 relevant daemon are required, one with the '-6' command line option.
4ff4053b 30
01a54c17
EH		 31For information on how to install, configure and run this software, as
32well as how to find documentation and report bugs, please consult the
33README file.
ca4606b5 34
01a54c17
EH		 35ISC DHCP uses standard GNU configure for installation. Please review the
36output of "./configure --help" to see what options are available.
fe5b0fdd 37
01a54c17
EH		 38The system has only been tested on Linux, FreeBSD, and Solaris, and may not
39work on other platforms. Please report any problems and suggested fixes to
40<dhcp-users@isc.org>.
98bd7ca0 41
6980ae03 42 Changes since 4.2.0 (new features)
51b8a8a0
SR		 43
44- If a client renews before 'dhcp-cache-threshold' percent of its lease
45 has elapsed (default 25%), the server will reuse the allocated lease
46 (provide a lease within the currently allocated lease-time) rather
47 than extend or renew the lease. This absolves the server of needing
48 to perform an fsync() operation on the lease database before reply,
49 which improves performance. [ISC-Bugs #22228]
50
6980ae03
SR		 51- The 'no available billing' log line now also logs the name of the last
52 matching billing class tried before failing to provide a billing.
53 [ISC-Bugs #21759]
54
32e651c4
SR		 55- A problem with missing get_hw_addr function when --enable-use-sockets
56 was used is now solved on GNU/Linux, BSD and GNU/Hurd systems. Note
57 that use-sockets feature was not tested on those systems. Client and
58 server code no longer use MAX_PATH constant that is not defined on
59 GNU/Hurd systems. [ISC-Bugs 25979]
60
67418698
SR		 61- Add a perl script in the contrib directory, dhcp-lease-list.pl, which
62 can parse v4 lease files and output the lease information in a more
63 human friendly manner. This was written by Christian Hammers with
64 some updates by vom and ISC. This is contributed code and is not
65 supported by ISC; however it may be useful to some users.
66 [ISC-Bugs #20680]
67
c5bc8b1a
SR		 68 Changes since 4.2.5
69
d0a10f6a 70- Address static analysis warnings.
9626483b 71 [ISC-Bugs #33510] [ISC-Bugs #33511]
d0a10f6a 72
dc9d7b08
MA		 73- Silence benign static analysis warnings.
74 [ISC-Bugs #33428]
75
c5bc8b1a 76- Add check for 64-bit package for atf.
a24b9f23
MA		 77 [ISC-Bugs #32206]
78
79- Use newer auto* tool packages and turn on RFC_3542 support on Mac OS.
80 [ISC-Bugs #26303]
c5bc8b1a 81
cc17cbc3
SR		 82- Remove a variable when it isn't being used due to #ifdefs to avoid
83 a compiler warning on Solaris using GCC.
84 [ISC-Bugs #33032]
85
360cc6d9
SR		 86- Add a check for too much whitespace in a config or lease file.
87 Thanks to Paolo Pellegrino for finding the issue and a suggestion
88 for the patch.
89 [ISC-Bugs #33351]
9f9265b6
SR		 90 Changes since 4.2.4
91
92- Correct code to calculate timing values in client to compare
93 rebind value to infinity instead of renew value.
94 Thanks to Chenda Huang from H3C Technologies Co., Limited
95 for reporting this issue.
96 [ISC-Bugs #29062]
97
35de6c8c
SR		 98- Fix some issues in the code for parsing and printing options.
99 [ISC-Bugs #22625] - properly print options that have several fields
100 followed by an array of something for example "fIa"
101 [ISC-Bugs #27289] - properly parse options in declarations that have
102 several fields followed by an array of something for example "fIa"
103 [ISC-Bugs #27296] - properly determine if we parsed a 16 or 32 bit
104 value in evaluate_numeric_expression (extract-int).
105 [ISC-Bugs #27314] - properly parse a zero length option from
106 a lease file. Thanks to Marius Tomaschewski from SUSE for the report
107 and prototype patch for this ticket as well as ticket 27289.
108
de87ffe3
SR		 109! Previously the server code was relaxed to allow packets with zero
110 length client ids to be processed. Under some situations use of
111 zero length client ids can cause the server to go into an infinite
112 loop. As such ids are not valid according to RFC 2132 section 9.14
113 the server no longer accepts them. Client ids with a length of 1
114 are also invalid but the server still accepts them in order to
115 minimize disruption. The restriction will likely be tightened in
116 the future to disallow ids with a length of 1.
117 Thanks to Markus Hietava of Codenomicon CROSS project for the
118 finding this issue and CERT-FI for vulnerability coordination.
119 [ISC-Bugs #29851]
120 CVE: CVE-2012-3571
121
e563ec2e
SR		 122! When attempting to convert a DUID from a client id option
123 into a hardware address handle unexpected client ids properly.
124 Thanks to Markus Hietava of Codenomicon CROSS project for the
125 finding this issue and CERT-FI for vulnerability coordination.
126 [ISC-Bugs #29852]
127 CVE: CVE-2012-3570
128
3bedb117
SR		 129! A pair of memory leaks were found and fixed. Thanks to
130 Glen Eustace of Massey University, New Zealand for finding
131 this issue.
132 [ISC-Bugs #30024]
df2c355e 133 CVE: CVE-2012-3954
3bedb117 134
18a28679
TM		 135- Existing legacy unit-tests have been migrated to Automated Test
136 Framework (ATF). Several new tests have been developed. To enable
137 unit-tests, please use --with-atf in configure script. A Developer's
138 Guide has been added. To generate it, please use make devel in
139 the doc directory. It is currently in early stages of development,
140 but is expected to grow in the near future. [ISC-Bugs 25901]
141
0b2ec8c9 142! An issue with the use of lease times was found and fixed. Making
03b44855 143 certain changes to the end time of an IPv6 lease could cause the
0b2ec8c9
SR		 144 server to abort. Thanks to Glen Eustace of Massey University,
145 New Zealand for finding this issue.
146 [ISC-Bugs #30281]
147 CVE: CVE-2012-3955
148
67b2cb45
SR		 149- Update the memory leakage debug code to work with v6.
150 [ISC-Bugs #30297]
151
74977c94
SR		 152- Relax the requirements for deleting an A or AAAA record.
153 Previously the DDNS removal code required both the A or AAAA
154 record and the TXT record to exist. This requirement could
155 cause problems if something interrupted the removal leaving
156 the TXT record alone. This relaxation was codified in RFC 4703.
157 [ISC-Bugs #30734]
158
30e42327
SR		 159- Modify the failover code to handle incorrect peer names
160 better. Previously the structure holding the name might
161 have been freed inappropriately in some cases and not
162 freed in other cases.
163 [ISC-Bugs #30320]
164
d5d868e7 165- Add a configure option, enable-secs-byteorder, to deal with
dbd65517
SR		 166 clients that do the byte ordering on the secs field incorrectly.
167 This field should be in network byte order but some clients
168 get it wrong. When this option is enabled the server will examine
169 the secs field and if it looks wrong (high byte non zero and low
170 byte zero) swap the bytes. The default is disabled. This option
171 is only useful when doing load balancing within failover.
172 [ISC-Bugs #26108]
173
0f750c4f
SR		 174- Fix a set of issues that were discovered via a code inspection
175 tool. Thanks to Jiri Popelka and Tomas Hozza Red Hat for the logs
176 and patches.
177 [ISC-Bugs #23833]
178
962d5eab
SR		 179- Parsing unquoted base64 strings improved. Parser now properly handles
180 strings that contain reserved names. [ISC-Bugs #23048]
181
d56788df
SR		 182- Modify the nak_lease function to make some attempts to find a
183 server-identifier option to use for the NAK.
184 [ISC-Bugs #25689]
185
10613724
SR		 186- The client now passes information about the options it requested
187 from the server to the script code via environment variables.
188 These variables are of the form requested_<option_name>=1 with
189 the option name being the same as used in the new_* and old_*
190 variables.
3aa562f8 191 [ISC-Bugs #29068]
10613724 192
f8380d3f
SR		 193- Add support for a simple check that the server id in a request message
194 to a failover peer matches the server id of the server. This support
195 is enabled by editing the file includes/site.h and uncommenting the
196 definition for SERVER_ID_CHECK. The option has several restrictions
197 and issues - please read the comment in the site.h file before
198 enabling it.
199 [ISC-Bugs #31463]
200
d5d868e7 201- Tidy up some compiler issues in the debug code.
0d93c339
SR		 202 [ISC-Bugs #26460]
203
9ff4e0a2
SR		 204- Move the dhcpd.conf exmample file to dhcpd.conf.example to avoid
205 overwriting the dhcpd.conf file when installing a new version of
206 ISC DHCP. The user will now need to manual copy and edit the
207 dhcpd.conf file as desired.
208 [ISC-Bugs #19337]
209
1e2a127b
SR		 210- Check the status value when trying to read from a connection to
211 see if it may have been closed. If it appears closed don't try
212 to read from it again. This avoids a potential busy-wait like
213 loop when the peer names are mismatched.
214 [ISC-Bugs #31231]
215
d5d868e7 216- Remove an unused variable to keep compilers happy.
8acc987b
SR		 217 [ISC-Bugs #31983]
218
b89b8e16
SR		 219- Modify test makefiles to be more similar to standard makefiles
220 and comment out a currently unused test.
56c0e681 221 [ISC-Bugs #32089]
b89b8e16 222
b95f1ee0
SR		 223 Changes since 4.2.3
224
225! Add a check for a null pointer before calling the regexec function.
dc6908b4 226 Without this check we could, under some circumstances, pass
b95f1ee0 227 a null pointer to the regexec function causing it to segfault.
317d1182 228 Thanks to a report from BlueCat Networks.
b95f1ee0 229 [ISC-Bugs #26704].
846af1cd 230 CVE: CVE-2011-4539
b95f1ee0 231
0ef9a46e
SR		 232! Modify the DDNS handling code. In a previous patch we added logging
233 code to the DDNS handling. This code included a bug that caused it
234 to attempt to dereference a NULL pointer and eventually segfault.
235 While reviewing the code as we addressed this problem, we determined
236 that some of the updates to the lease structures would not work as
237 planned since the structures being updated were in the process of
238 being freed: these updates were removed. In addition we removed an
239 incorrect call to the DDNS removal function that could cause a failure
240 during the removal of DDNS information from the DNS server.
241 Thanks to Jasper Jongmans for reporting this issue.
242 [ISC-Bugs #27078]
243 CVE: CVE-2011-4868
244
de6c9af6
SR		 245- Fixed the code that checks if an address the server is planning
246 to hand out is in a reserved range. This would appear as
247 the server being out of addresses in pools with particular ranges.
248 [ISC-Bugs #26498]
249
87132514
SR		 250- In the DDNS code handle error conditions more gracefully and add more
251 logging code. The major change is to handle unexpected cancel events
252 from the DNS client code.
cfc49463 253 [ISC-Bugs #26287]
87132514 254
cfc49463 255- Tidy up the receive calls and eliminate the need for found_pkt.
865afd5e
SR		 256 [ISC-Bugs #25066]
257
b047bd38
SR		 258- Add support for Infiniband over sockets to the server and
259 relay code. We've tested this on Solaris and hope to expand
260 support for Infiniband in the future. This patch also corrects
53394a8d
SR		 261 some issues we found in the socket code.
262 [ISC-Bugs #24245]
b047bd38 263
e3c94800
SR		 264- Add a compile time check for the presence of the noreturn attribute
265 and use it for log_fatal if it's available. This will help code
266 checking programs to eliminate false positives.
d13db163 267 [ISC-Bugs #27539]
e3c94800 268
dd9237c3
TM		 269- Fixed many compilation problems ("set, but not used" warnings) for
270 gcc 4.6 that may affect Ubuntu 11.10 users. [ISC-Bugs #27588]
271
d13db163
SR		 272- Modify the code that determines if an outstanding DDNS request
273 should be cancelled. This patch results in cancelling the
274 outstanding request less often. It fixes the problem caused
cfc49463 275 by a client doing a release where the TXT and PTR records
d13db163
SR		 276 weren't removed from the DNS.
277 [ISC-BUGS #27858]
278
b342f2e7
SR		 279- Use offsetof() instead of sizeof() to get the sizes for dhcpv6_relay_packet
280 and dhcpv6_packet in several more places. Thanks to a report from
281 Bruno Verstuyft and Vincent Demaertelaere of Excentis.
282 [ISC-Bugs #27941]
283
cfc49463
SR		 284- Remove outdated note in the description of the bootp keyword about the
285 option not satisfying the requirement of failover peers for denying
286 dynamic bootp clients.
797aab67
SR		 287 [ISC-bugs #28574]
288
bc7f8b8e
SR		 289- Multiple items to clean up IPv6 address processing.
290 When processing an IA that we've seen check to see if the
291 addresses are usable (not in use by somebody else) before
292 handing it out.
293 When reading in leases from the file discard expired addresses.
294 When picking an address for a client include the IA ID in
295 addition to the client ID to generally pick different addresses
296 for different IAs.
297 [ISC-Bugs #23138] [ISC-Bugs #27945] [ISC-Bugs #25586]
298 [ISC-Bugs #27684]
299
d289ee68
SR		 300- Remove unnecessary checks in the lease query code and clean up
301 several compiler issues (some dereferences of NULL and treating
302 an int as a boolean).
303 [ISC-Bugs #26203]
304
d19fa5a1
SR		 305- Fix the NA and PD allocation code to handle the case where a client
306 provides a preference and the server doesn't have any addresses or
cfc49463
SR		 307 prefixes available. Previously the server ignored the request with
308 this patch it replies with a NoAddrsAvail or NoPrefixAvail response.
d19fa5a1 309 By default the code performs according to the errata of August 2010
53394a8d 310 for RFC 3315 section 17.2.2; to enable the previous style see the
cfc49463 311 section on RFC3315_PRE_ERRATA_2010_08 in includes/site.h. This option
d19fa5a1
SR		 312 may be removed in the future.
313 Thanks to Jiri Popelka at Red Hat for the patch.
314 [ISC-Bugs #22676]
315
cfc49463 316- Fix up some issues found by static analysis.
bb9189c3
SR		 317 A potential memory leak and NULL dereference in omapi.
318 The use of a boolean test instead of a bitwise test in dst.
319 [ISC-Bugs #28941]
320
cbbd2714
SR		 321- Rotate the lease file when running in v6 mode.
322 Thanks to Christoph Moench-Tegeder at Astaro for the
323 report and the first version of the patch.
324 [ISC-Bugs #24887]
325
d208bb04
SR		 326 Changes since 4.2.2
327
328- Fix the code that checks for an existing DDNS transaction to cancel
329 when removing DDNS information, so that we will continue with the
330 processing if we have a lease even if it doesn't have an outstanding
331 transaction. [ISC-Bugs #24682]
332
25f664a6
SR		 333- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
334 configuration files. [ISC-Bugs #24107]
335
d424157d
SR		 336- Add support for passing DDNS information to a DNS server over
337 an IPv6 address. [ISC-Bugs #22647]
338
3221151b
SR		 339- Enhanced patch for 23595 to handle IPv4 fixed addresses more
340 cleanly. [ISC-Bugs #23595]
341
bea17697
SR		 342 Changes since 4.2.1
343
344! In dhclient check the data for some string options for
345 reasonableness before passing it along to the script that
346 interfaces with the OS.
347 [ISC-Bugs #23722]
348 CVE: CVE-2011-0997
c7aa4dd4
TM		 349
350- DHCPv6 server now responds properly if client asks for a prefix that
351 is already assigned to a different client. [ISC-Bugs #23948]
4a5bfeac
SR		 352
353- Add the option "--no-pid" to the client, relay and server code,
354 to disable writing a pid file. Add the option "-pf pidfile"
355 to the relay to allow the user to supply the pidfile name at
356 runtime. Add the "with-relay6-pid-file" option to configure
357 to allow the user to supply the pidfile name for the relay
358 in v6 mode at configure time.
359 [ISC-Bugs #23351] [ISC-Bugs #17541]
5d082abd
TM		 360
361- 'dhclient' no longer waits a random interval after first starting up to
362 begin in the INIT state. This conforms to RFC 2131, but elects not to
363 implement a 'SHOULD' direction in section 4.1. The goal of this change
73c83820 364 is to start up faster. [ISC-Bugs #19660]
5d082abd
TM		 365
366- Added 'initial-delay' parameter that specifies maximum amount of time
367 before client goes to the INIT state. The default value is 0. In previous
368 versions of the code client could wait up to 5 seconds. The old behavior
369 may be restored by using 'initial-delay 5;' in the client config file.
73c83820 370 [ISC-Bugs #19660]
5d082abd
TM		 371
372- ICMP ping-check should now sit closer to precisely the number of seconds
373 configured (or default 1), due to making use of the new microsecond
374 scale timer internally to dhcpd. This corrects a bug where the server
375 may immediately timeout an ICMP ping-check if it was made late in the
73c83820 376 current second. [ISC-Bugs #19660]
5d082abd
TM		 377
378- The DHCP client will schedule renewal and rebinding events in
379 microseconds if the DHCP server provided a lease-time that would result
380 in sub-1-second timers. This corrects a bug where a 2-second or lower
381 lease-time would cause the DHCP client to enter an infinite loop by
73c83820 382 scheduling renewal at zero seconds. [ISC-Bugs #19660]
5d082abd
TM		 383
384- Client lease records are recorded at most once every 15 seconds. This
385 keeps the client from filling the lease database disk quickly on very small
73c83820 386 lease times. [ISC-Bugs #19660]
5d082abd
TM		 387
388- To defend against RFC 2131 non-compliant DHCP servers which fail to
389 advertise a lease-time (either mangled, or zero in value) the DHCP
390 client now adds the server to the reject list ACL and returns to INIT
391 state to hopefully find an RFC 2131 compliant server (or retry in INIT
73c83820 392 forever). [ISC-Bugs #19660]
023fbaa0
TM		 393
394- Parameters configured to evaluate from user defined function calls can
395 now be correctly written to dhcpd.leases (as on 'on events' or dynamic
396 host records inserted via OMAPI). [ISC-Bugs #22266]
397
398- If a 'next-server' parameter is configured in a dynamic host record via
399 OMAPI as a domain name, the syntax written to disk is now correctly parsed
400 upon restart. [ISC-Bugs #22266]
656b1ece
TM		 401
402- The DHCP server now responds to DHCPLEASEQUERY messages from agents using
403 IP addresses not covered by a subnet in configuration. Whether or not to
404 respond to such an agent is still governed by the 'allow leasequery;'
405 configuration parameter, in the case of an agent not covered by a configured
406 subnet the root configuration area is examined. Server now also returns
407 vendor-class-id option, if client sent it. [ISC-Bugs #21094]
bea17697 408
fc06ee4f
SR		 409- Documentation fixes
410 [ISC-Bugs #17959] add text to AIX section describing how to have it send
411 responses to the all-ones address.
412 [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
413 [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS
414
1185c766
TM		 415- Relay no longer crashes, when DHCP packet is received over interface without
416 any IPv4 address assigned. Also extended logging message about discarding
417 packets with invalid hlen with information about relevant interface name.
418 [ISC-Bugs #22409]
419
c6455252
TM		 420- Relay now properly logs that packet was received over interface without
421 global IPv6 address [ISC-Bugs #24070]
422
9369bdc1
TM		 423- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
424 rather than sockaddr. Packet ethertype is now forced to ETH_P_IP.
425 [ISC-Bugs #18975]
426
fb30f3fc
SR		 427- Minor code cleanups - but note port change for #23196
428 [ISC-Bugs #23470] - Modify when an ignore return macro is defined to
429 handle unsed error return warnings for more versions of gcc.
430 [ISC-Bugs #23196] - Modify the reply handling in the server code to
431 send to a specified port rather than to the source port for the incoming
432 message. Sending to the source port was test code that should have
433 been removed. The previous functionality may be restored by defining
434 REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't
435 enable this except for testing purposes.
436 [ISC-Bugs #22695] - Close a file descriptor in an error path.
437 [ISC-Bugs #19368] - Tidy up variable types in validate_port.
438
c616de4f
TM		 439- Code cleanup: remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros
440 [ISC-Bugs #13151]
441
442- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831]
a34feb7d 443
4f55e11b
SR		 444- Client Script fixes
445 [ISC-Bugs #23045] Typos in client/scripts/openbsd
446 [ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
447 the domain search address is link local.
448 [ISC-Bugs #1277] In some of the client scripts add code to handle the
449 case of the default router information being changed without the address
450 being changed.
451
802fdea1
TM		 452- Documentation cleanup
453 [ISC-Bugs #23326] Updated References document, several man page updates
454
1b601efa
TM		 455- Server no longer complains about NULL pointer when configured
456 server-identifier expression fails to evaluate. [ISC-Bugs #24547]
457
199f0b8a
SR		 458- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
459 than the dispatch handler. This fixes an issue where omshell, when
460 run from the same platform as the server, would appear to fail to
461 connect. This is a companion to #21839. [ISC-Bugs #23592]
462
786f2e79
SR		 463- Enlarge the buffer size used by the Omshell code and some of the
464 print routines to allow for greater than 60 characters or, when
465 printing as hex strings, 20 characters. [ISC-Bugs #22743]
466
7cfeb916
SR		 467- In Solaris 11 switch to using sockets instead of DLPI, thanks
468 to a patch form Oracle. [ISC-Bugs #24634].
469
d15aa964
TM		 470- Strict checks for content of domain-name DHCPv4 option can now be
471 configured during compilation time. Even though RFC2132 does not allow
472 to store more than one domain in domain-name option, such behavior is
473 now enabled by default, but this may change some time in the future.
474 See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
475 [ISC-Bugs #24167]
476
beaed73f
SR		 477- DNS Update fix. A misconfigured server could crash during DNS update
478 processing if the configuration included overlapping pools or
479 multiple fixed-address entries for a single address. This issue
480 affected both IPv4 and IPv6. The fix allows a server to detect such
481 conditions, provides the user with extra information and recommended
482 steps to fix the problem. If the user enables the appropriate option
483 in site.h then server will be terminated
484 [ISC-Bugs #23595]
485
8bd96ccb
SR		 486! Two packets were found that cause a server to halt. The code
487 has been updated to properly process or reject the packets as
488 appropriate. Thanks to David Zych at University of Illinois
489 for reporting this issue. [ISC-Bugs #24960]
490 One CVE number for each class of packet.
491 CVE-2011-2748
492 CVE-2011-2749
493
5a38e43f
SR		 494 Changes since 4.2.0
495
496- Documentation cleanup covering multiple tickets
497 [ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup
498 [ISC-Bugs #20263] add text describing some default values
499 [ISC-Bugs #20193] single quotes at the start of a line indicate a control
500 line to nroff, escape them if we actually want a quote.
501 [ISC-Bugs #18916] sync the pointer to web pages amongst the different docs
502
524705e5
DH		 503- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
504 was also configured. The nature of this repair also fixes another
505 error; the host-name supplied by a client is no longer overridden by a
506 reverse lookup of the lease address. Thanks to a patch from Wilco Baan
507 Hofman supplied to us by the Debian package maintenance team.
508 [ISC-Bugs #21691] {Debian Bug#509445}
509
f07d0fb5
DH		 510- The .TH tag for the dhcp-options manpage was typo repaired
511 thanks to a report from jidanni and the Debian package maintenance
512 team. [ISC-Bugs #21676] {Debian Bug#563613}
513
d6645f56
SR		 514- More documentation changes - primarily to put the options in the dhclient
515 and dhcpd man pages into the standard form. Thanks in part to a patch
516 from David Cantrell at Red Hat.
517 [ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes
518
4a5098e9
SR		 519- Add code to clear the pointer to an object in an OMAPI handle when the
520 object is freed due to a dereference. [ISC-Bugs #21306]
521
ea75d544
DH		 522- Fixed a bug that leaks host record references onto lease structures,
523 causing the server to apply configuration intended for one host to any
524 other innocent clients that come along later. [ISC-Bugs #22018]
525
66be0ad1
SR		 526- Minor code fixes
527 [ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
528 the name to be at the apex of the zone.
529 [ISC-Bugs #19617] Restrict length of interface name read from command line
530 in dhcpd - based on a patch from David Cantrell at Red Hat.
531 [ISC-Bugs #20039] Correct some error messages in dhcpd.c
532 [ISC-Bugs #20070] Better range check on values when creating a DHCID.
533 [ISC-Bugs #20198] Avoid writing past the end of the field when adding
534 overly long file or server names to a packet and add a log message
535 if the configuration supplied overly long names for these fields.
536 Thanks to Martin Pala.
537 [ISC-Bugs #21497] Add a little more randomness to rng seed in client
538 thanks to a patch from Jeremiah Jinno.
539
57fbc772
SR		 540- Correct error handling in DLPI [ISC-Bugs #20378]
541
542- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
543 checked in configure. [ISC-Bugs #20443]
544
545- Modify how the cmsg header is allocated the v6 send and received routines
546 to compile on more compilers. [ISC-Bugs #20524]
547
548- When parsing a domain name free the memory for the name after we are
549 done with it. [ISC-Bugs #20824]
550
197c917e
SR		 551- Add an elapsed time option to the release message and refactor the
552 code to move most of the common code to a single routine.
553 [ISC-Bugs #21171].
554
8bd445a1
DH		 555- Two identical log messages for commit_leases() have been disambiguated.
556 [ISC-Bugs #18915]
557
83d409ae
SR		 558- Parse date strings more properly - the code now handles semi-colons in
559 date strings correctly. Thanks to a patch from Jiri Popelka at Red Hat.
560 [ISC-Bugs #21501, #20598]
561
6aaaf6a4
SR		 562- Fixes to lease input and output.
563 [ISC-Bugs #20418] - Some systems don't support the "%s" argument to
564 strftime, paste together the same string using mktime instead.
565 [ISC-Bugs #19596] - When parsing iaid values accept printable
566 characters.
567 [ISC-Bugs #21585] - Always print time values in omshell as hex
568 instead of ascii if the values happen to be printable characters.
569
4e0997c6
SR		 570- Minor changes for scripts, configure.ac and Makefiles
571 [ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
572 example conf file. Thanks to a patch from David Cantrell
573 at Red Hat.
574 [ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
575 [ISC-Bugs #19945] Properly close the quote on some arguments.
576 [ISC-Bugs #20952] Add 64 bit types to configure.ac
577 [ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable
578
ad59838e
SR		 579- Update the code to parse dhcpv6 lease files to accept a semi-colon at
580 the end of the max-life and preferred-life clauses. In order to be
581 backwards compatible with older lease files not finding a semi-colon
582 is also accepted. [ISC-Bugs #22303].
583
4dc5a6b1
SR		 584! Handle a relay forward message with an unspecified address in the
585 link address field. Previously such a message would cause the
f33dc722
SR		 586 server to crash. Thanks to a report from John Gibbons. [ISC-Bugs #21992]
587 CERT: VU#102047 CVE: CVE-2010-3611
588
8d50c721
DH		 589- ./configure on longer searches for -lcrypto to explicitly link against.
590 This fixes a bug where 'dhclient' would have shared library dependencies
591 on '/usr/lib'. [ISC-Bugs #21967]
4dc5a6b1 592
3004baba
SR		 593- Handle pipe failures more gracefully. Some OSes pass a SIGPIPE
594 signal to a process and will kill the process if the signal isn't
595 caught. This patch adds code to turn off the SIGPIPE signal via
596 a setsockopt() call. The signal is already being ignored as part
597 of the ISC library. [ISC-Bugs #22269]
598
42cbff63
SR		 599- Restore printing of values in omshell to the style pre 21585. For
600 21585 we changed the print routines to always display time values
39196512
SR		 601 as a hex list. This had a side effect of printing all data strings
602 as a hex list. We shall investigate other ways of displaying time
603 values more usefully. [ISC-Bugs #22626]
3004baba 604
9d97e644
SR		 605! Fix the handling of connection requests on the failover port.
606 Previously a connection request from a source that wasn't
607 listed as a failover peer would cause the server to become
dbaa902c
SR		 608 non-responsive. Thanks to a report from Brad Bendily, brad@bendily.com.
609 [ISC-Bugs #22679]
9d97e644
SR		 610 CERT: VU#159528 CVE: CVE-2010-3616
611
23d39ae2
SR		 612- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
613 Passing it through to the handlers caused the omshell program to fail
614 to connect to the server. [ISC-Bugs #21839]
615
616- Fix the paranthesis in the code to process configuration statements
617 beginning with "auth". The previous arrangement caused
618 "auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854]
619
0c9d3a81
SR		 620- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
621 Thanks to a report from Jiri Popelka at Red Hat.
622 [ISC-Bugs #22033], [Red Hat Bug #628258]
623
e1a40211
SR		 624- When processing the format flags for a given option consume the
625 flag indicating an optional value correctly. A symptom of this
626 bug was an infinite loop when trying to parse the slp-service-scope
627 option. Thanks to a patch from Marius Tomaschewski.
628 [ISC-Bugs #22055]
629
e7e17397
SR		 630- Disable the use of kqueue in the ISC library. This avoids a problem
631 between the fork and socket code that caused the dhcpd process to
632 use all available cpu if the program daemonized itself.
633 [ISC-Bugs #21911]
634
c8b189f1 635! When processing a request in the DHCPv6 server code that specifies
45918d36 636 an address that is tagged as abandoned (meaning we received a
c8b189f1
SR		 637 decline request for it previously) don't attempt to move it from
638 the inactive to active pool as doing so can result in the server
e8f330a1 639 crashing on an assert failure. Also retag the lease as active
09afca0d 640 and reset its timeout value.
c8b189f1
SR		 641 [ISC-Bugs #21921]
642
ef86959b
SR		 643- Removed the restriction on using IPv6 addresses in IPv4 mode. This
644 allows IPv4 options which contain IPv6 addresses to be specified. For
645 example the 6rd option can be specified and used like this:
646 [ISC-Bugs #23039]
647
648 option 6rd code 212 = { integer 8, integer 8,
649 ip6-address, array of ip-address };
650 option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;
651
919f1407
SR		 652- Handle some DDNS corner cases better. Maintain the DDNS transaction
653 information when updating a lease and cancel any existing transactions
654 when removing the ddns information.
655 [ISC-Bugs #23103]
656
8a0d9ca4
SR		 657- Some fixes for LDAP
658 [ISC-Bugs #21783] - Include lber library when building ldap
659 [ISC-Bugs #22888] - Enable the ldap code when buidling common
660 The above fixes are from Jiri Popelka at Red Hat.
661
17a8f0e2
SR		 662- Modify the dlpi code to accept getmsg() returning a positive value.
663 [ISC-Bugs #22824]
664
badc999d
SR		 665 Changes since 4.2.0b2
666
667- Add declaration for variable in debug code in alloc.c. [ISC-Bugs #21472]
0d8c3d6e 668
1e05d095
SR		 669 Changes since 4.2.0b1
670
d122accf
SR		 671- Prohibit including lease time information in a response to a DHCP INFORM.
672 [ISC-Bugs #21092]
1e05d095 673
1943bbf8
SR		 674! Accept a client id of length 0 while hashing. Previously the server would
675 exit if it attempted to hash a zero length client id, providing attackers
d122accf 676 with a simple denial of service attack. [ISC-Bugs #21253]
63ff896a 677 CERT: VU#541921 - CVE: CVE-2010-2156
1943bbf8 678
8a513c43
DH		 679- A memory leak in ddns processing was closed. [ISC-Bugs #21377]
680
d122accf
SR		 681- Modify the exception handling for initial context creation. Previously
682 we would try and clean up before exiting. This could present problems
683 when the cleanup required part of the context that wasn't available. It
684 also didn't do much as we exited afterwards anyway. Now we simply log
685 the error and exit. [ISC-Bugs #21093]
686
0d8c3d6e
DH		 687- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
688 previously allocated (active) lease to a client that has changed subnets,
689 despite being on different shared networks. Dynamic prefixes specifically
690 allocated in shared networks also now are not offered if the client has
691 moved. [ISC-Bugs #21152]
692
590298e7
SR		 693- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916]
694
600ee619 695- Fix the trace code to handle timing events better and to truncate a file
2b58b865
SR		 696 before using instead of overwriting it. [ISC-Bugs #20969]
697
698- Modify the determination of the default TTL to use for DDNS updates.
699 The user may still configure the ttl via ddns-ttl. The default for
700 both v4 and v6 is now 1/2 the (preferred) lease time with a limit. The
701 previous defaults (1/2 lease time without a limit for v4 and a default
702 value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h
703 [ISC-Bugs #21126]
600ee619 704
a5c7bf77
DH		 705- libisc/libdns is now brought up to version 9.7.1rc1. This corrects
706 three reported flaws in ISC DHCP;
707
708 o DHCP processes (dhcpd, dhclient) fail to start if one of either the
709 IPv4 or IPv6 address families is not present. [ISC-Bugs #21122]
710
711 o Assertion failure when attempting to cancel a previously running DDNS
712 update. [ISC-Bugs #21133]
713
714 o Compilation failure of libisc/libdns due to the use of a flexible
715 array member. [ISC-Bugs #21316]
716
0585235c
SR		 717 Changes since 4.2.0a2
718
719- Update the fsync code to work with the changes to the DDNS code. It now
720 uses a timer instead of noticing if there are no more packets to process.
721
f4bc8261
SR		 722- When constructing the DNS name structure from a text string append
723 the root to relative names. This satisfies a requirement in the DNS
724 library that names be absolute instead of relative and prevents DHCP
d122accf 725 from crashing. [ISC-Bugs #21054]
f4bc8261 726
33692791
DH		 727- "The LDAP Patch" that has been circulating for some time, written by
728 Brian Masney and S.Kalyanasundraram and maintained for application to
729 the DHCP-4 sources by David Cantrell has been included. Please be
730 advised that these sources were contributed, and do not yet meet the
731 high standards we place on production sources we include by default.
732 As a result, the LDAP features are only included by using a compile-time
733 option which defaults off, and if you enable it you do so under your
734 own recognizance. We will be improving this software over time.
735 [ISC-Bugs #17741]
736
3c941d42 737 Changes since 4.2.0a1
928618dd
DH		 738
739- When using 'ignore client-updates;', the FQDN returned to the client
740 is no longer truncated to one octet.
741
3c941d42
DH		 742- Cleaned up an unused hardware address variable in nak_lease().
743
bdd8e747
DH		 744- Manpage entries for the ia-pd and ia-prefix options were updated to
745 reflect support for prefix delegation.
746
3da71461
SR		 747- Cleaned up some compiler warnings
748
fdfebedf
DH		 749- An optimization described in the failover protocol draft is now included,
750 which permits a DHCP server operating in communications-interrupted state
751 to 'rewind' a lease to the state most recently transmitted to its peer,
752 greatly increasing a server's endurance in communications-interrupted.
753 This is supported using a new 'rewind state' record on the dhcpd.leases
754 entry for each lease.
755
7aa153b8
SR		 756- Fix the trace code which was broken by the changes to the DDNS code.
757
adbef119
DH		 758 Changes since 4.1.0 (new features)
759
d340bc24
DH		 760- Failover port configuration can now be left to defaults (port 647) as
761 described in the -12 revision of the Failover draft (and assigned by
4b97eaff 762 IANA). Thanks in part to a patch from David Cantrell at Red Hat.
adbef119 763
0829d595
DH		 764- If configured, dhclient may now transmit to an anycast MAC address,
765 rather than using a broadcast address. Thanks to a patch from David
766 Cantrell at Red Hat.
767
8a3c1e33
PS		 768- Added client support for setting interface MTU and metric, thanks to
769 Roy "UberLord" Marples <roy@marples.name>.
770
a41d7a25
PS		 771- Added client -D option to specify DUID type to send.
772
9e3eb22a
DH		 773- A new failover configuration parameter has been introduced for those
774 environments where DHCP servers can be reasonably guaranteed to be
775 "down" when the failover TCP socket is severed, "auto-partner-down".
776 This parameter is not generally safe, and by default is disabled, so
777 please carefully review the documentation of this parameter in the
778 dhcpd.conf(5) manpage before determining to use it yourself.
779
33ea4622
DH		 780- Added a configuration function, 'gethostname()', which calls the system
781 function of the same name and presents the results as a data expression.
782 This function can be used to incorporate the system level hostname of
783 the system the DHCP software is operating on in responses or queries (such
784 as including a failover partner's hostname in a dhcp message or binding
785 scope, or having a DHCP client send any system hostname in the host-name or
786 FQDN options by default).
787
5a671e87
DH		 788- The dhcp-renewal-time and dhcp-rebinding-time options may now be configured
789 for DHCPv4 operation and used independently of the dhcp-lease-time
790 calculations. Invalid renew and rebinding times (e.g., greater than the
791 determined lease time) are omitted.
792
98bf1607 793- Processing the DHCP to DNS server transactions in an asyncrhonous fashion.
09afca0d 794 The DHCP server or client can now continue with its processing while
98bf1607 795 awaiting replies from the DNS server.
c900c5b2
DH		 796
797- The 'hardware [ethernet|etc] ...;' parameter in host records has been
798 extended to attempt to match DHCPv6 clients by the last octets of a
799 DUID-LL or DUID-LLT provided by the client.
800
59112e84
SR		 801 Changes since 4.1.0 (bug fixes)
802
62f6843d
MA		 803- Remove infinite loop in token_print_indent_concat().
804
59112e84
SR		 805- Validate the argument to the -p option.
806
47e6eb82
DH		 807- The notorious 'option <unknown> ... larger than buffer' log line,
808 which is seen in some malformed DHCP client packets, was modified.
809 It now logs the universe name, and does not log the length values
810 (which are bogus corruption read from the packet anyway). It also
811 carries a hopefully more useful explanation.
812
159c89d7
EH		 813- Suppress spurious warnings from configure about --datarootdir
814
1aa0fe5e
DH		 815- A bug was fixed that caused the server not to answer some valid Solicit
816 and Request packets, if the dynamic range covering any requested addresses
817 had been deleted from configuration.
818
cd51403d
SR		 819- Update the code to deal with GCC 4.3. This included two sets of changes.
820 The first is to the configuration files to include the use of
571c38b0 821 AC_USE_SYSTEM_EXTENSIONS. The second is to deal with return values that
cd51403d
SR		 822 were being ignored.
823
64e1823d
DH		 824- The db-time-format option was documented in manpages.
825
26e59ee9
DH		 826- Using reserved leases no longer results in 'lease with binding state
827 free not on its queue' error messages, thanks to a patch from Frode
828 Nordahl.
829
70ea9345
PS		 830- Fix a build error in dhcrelay, using older versions of gcc with
831 dhcpv6 disabled.
832
8d7dca58 833- Two uninitialized stack structures are now memset to zero, thanks to a
4b97eaff 834 patch from David Cantrell at Red Hat.
819186b7 835
f4534b17
DH		 836- Fixed a cosmetic bug where pretty-printing valid domain-search options would
837 result in an erroneous error log message ('garbage in format string').
838
f9453d21
DH		 839- A bug in DLPI packet transmission (Solaris, HP/UX) that caused the server
840 to stop receiving packets is fixed. The same fix also means that the MAC
841 address will no longer appear 'bogus' on DLPI-based systems.
842
843- A bug in select handling was discovered where the results of one select()
844 call were discarded, causing the server to process the next select() call
845 and use more system calls than required. This has been repaired - the
846 sockets will be handled after the first return from select(), resulting in
847 fewer system calls.
848
a3dcc0b1
DH		 849- The update-conflict-detection feature would leave an FQDN updated without
850 a DHCID (still currently implemented as a TXT RR). This would cause later
851 expiration or release events to fail to remove the domain name. The feature
852 now also inserts the client's up to date DHCID record, so records may safely
853 be removed at expiration or release time. Thanks to a patch submitted by
854 Christof Chen.
855
95fd7038
DH		 856- Memory leak in the load_balance_mine() function is fixed. This would
857 leak ~20-30 octets per DHCPDISCOVER packet while failover was in use
858 and in normal state.
859
860- Various compilation fixes have been included for the memory related
861 DEBUG #defines in includes/site.h.
862
8a3c1e33
PS		 863- Fixed Linux client script 'unary operator expected' errors with DHCPv6.
864
865- Fixed setting hostname in Linux hosts that require hostname argument
866 to be double-quoted. Also allow server-provided hostname to
867 override hostnames 'localhost' and '(none)'.
868
dedde1ba
DH		 869- Fixed failover reconnection retry code to continue to retry to reconnect
870 rather than restarting the listener.
871
a57df74a
DH		 872- Compilation on Solaris with USE_SOCKETS defined in includes/site.h has
873 been repaired. Other USE_ overrides should work better.
874
875- A check for the local flavor of IFNAMSIZ had a broken 'else' condition,
876 that probably still resulted in the correct behaviour (but wouldn't use
877 a larger defined value provided by the host OS).
878
350576c5
DH		 879- Fixed a bug where an OMAPI socket disconnection message would not result
880 in scheduling a failover reconnection, if the link had not negotiated a
881 failover connect yet (e.g.: connection refused, asynch socket connect()
882 timeouts).
883
792156a9
DH		 884- A bug was fixed that caused the 'conflict-done' state to fail to be parsed
885 in failover state records.
886
8a4e543b
DH		 887! A stack overflow vulnerability was fixed in dhclient that could allow
888 remote attackers to execute arbitrary commands as root on the system,
889 or simply terminate the client, by providing an over-long subnet-mask
1b12d999 890 option. CERT VU#410676 - CVE-2009-0692
8a4e543b 891
a1308b64
DH		 892- Fixed a bug where relay agent options would never be returned when
893 processing a DHCPINFORM.
894
1b12d999
DH		 895- Versions 3.0.x syntax with multiple name->code option definitions is now
896 supported. Note that, similarly to 3.0.x, for by-code lookups only the
897 last option definition is used.
898
d453265f
PS		 899- Fixed a bug where a time difference of greater than 60 seconds between a
900 failover pair could cause the primary to crash on contact with the
901 secondary. Thanks to a patch from Steinar Haug.
902
3e29af1e
PS		 903- Don't look for IPv6 interfaces on Linux when running in DHCPv4 mode.
904 Thanks to patches from Matthew Newton and David Cantrell.
905
b8d45c67
DH		 906- Secondary servers in a failover pair will now perform ddns removals if
907 they had performed ddns updates on a lease that is expiring, or was
908 released through the primary. As part of the same fix, stale binding scopes
909 will now be removed if a change in identity of a lease's active client is
910 detected, rather than simply if a lease is noticed to have expired (which it
911 may have expired without a failover server noticing in some situations).
912
583c1c16
DH		 913- A patch supplied by David Cantrell at RedHat was applied that detects
914 invalid calling parameters given to the ns_name_ntop() function.
915 Specifically, it detects if the caller passed a pointer and size pair
916 that causes the pointer to integer-wrap past zero.
917
e4e3a2ab
DH		 918! Fixed a fenceposting bug when a client had two host records configured,
919 one using 'uid' and the other using 'hardware ethernet'. CVE-2009-1892
95f5d38c 920
875e99dc
SR		 921- Fixed the check in the dhcp_interface_signal_handler routine to verify
922 the existence of the linked signal handler before calling it.
923
2267da84
DH		 924- Both host and subnet6 configuration groups are now included whether a
925 fixed-address6 (DHCPv6) is in use or not. Host scoped configuration takes
926 precedence. This fixes two bugs, one where host scoped configuration
927 would not be included from a non-fixed-address6 host record, and the equal
928 and opposite bug where subnet6 scoped configuration would not be used when
571c38b0 929 over-riding values were not present in a matching fixed-address6 host
2267da84
DH		 930 configuration.
931
cd3f0b9b
DH		 932- ./configure now checks to ensure the intX_t and u_intX_t types are defined,
933 correcting a compilation failure when using Sun's compiler.
934
0493fdca
SR		 935- Modified the handling of a connection to avoid releasing the omapi io
936 object for the connection while it is still in use. One symptom from
937 this error was a segfault when a failover secondary attempted to connect
938 to the failover primary if their clocks were not synchronized.
939
95bba8b6
SR		 940- Clean up to allow compilation with gcc 2.95.4 on FreeBSD. Remove an
941 extra semi-colon from common/dns.c and moved setting a variable to NULL
942 in server/dhcpv6.c to allow the compiler to decide that the variable
943 was always properly set.
944
adbef119 945 Changes since 4.1.0b1
ebf076fe
EH		 946
947- A missing "else" in dhcrelay.c could have caused an interface not to
948 be recognized.
61d75ea2 949
a4ffedd1
DH		 950 Changes since 4.1.0a2
951
952- A cosmetic bug in DHCPDECLINE processing was fixed which caused all
953 successful DHCPDECLINEs to be logged as "not found" rather than
954 "abandoned".
955
6ff3b26d
FD		 956- Added configuration file examples for DHCPv6.
957
1387545f
DH		 958- Some failover debugging #defines have been better defined and some
959 high frequency messages moved to a deeper debugging symbol.
960
961- The CLTT parameter in failover is now only updated by client activity,
962 and not by failover binding updates (taking on the peer's CLTT).
963
964- Failover BNDUPD messages are now discarded if they conflict with an
d7ac7a27 965 update that has been transmitted, but not acknowledged.
1387545f 966
399d3dbe
DH		 967- A bug cleaning up unknown-xxx temporary option definitions was fixed.
968
fbcee149
DH		 969- Delayed-ack is now a compile-time option, compiled out by default.
970 This feature is simply too experimental for right now, and causes
971 some problems to some failover installations. We will revisit this
972 in future releases.
973
f1672d89
DH		 974- The !inet_pton() call in res_mkupdrec was adjusted to '<= 0' as
975 inet_pton returns either 1, 0, or -1.
976
236d3a99
DH		 977- A dhclient-script for MacOS X has been included, which enables
978 'dhclient -6' support.
979
efa5e6b9
DH		 980- DDNS removal routines were updated so that the DHCID is not removed until
981 the client has been deprived of all A and AAAA records (not only the last
982 one of either of those). This resolves a bug where dual stack clients
983 would not be able to regain their names after either expiration event.
984
7d6180be 985 Changes since 4.1.0a1
edcb5c46
EH		 986
987- Corrected list of failover state values in dhcpd man page.
988
51e7687f
EH		 989- Fixed a bug that caused some request types to be logged incorrectly.
990
20210a7b
EH		 991- Clients that sent a parameter request list containing the
992 routers option before the subnet mask option were receiving
993 only the latter. Fixed.
994
535485df
EH		 995- The server wasn't always sending the FQDN option when it should.
996
8fbb55ff
DH		 997- A partner-down failover server no longer emits 'peer holds all free leases'
998 if it is able to newly-allocate one of the peer's leases.
999
61220a00
EH		 1000- Fixed a coredump when adding a class via OMAPI.
1001
c40e954c
EH		 1002- Check whether files are zero length before trying to parse them.
1003
63971a83
DH		 1004- Ari Edelkind's PARANOIA patch has been included and may be compiled in
1005 via two ./configure parameters, --enable-paranoia and
1006 --enable-early-chroot.
1007
66cebfcb
DH		 1008- ./configure was extended to cover many optional build features, such
1009 as failover, server tracing, debugging, and the execute() command.
1010
f8cbf390
DH		 1011- There is now a default 1/4 of a second scheduled delay between delayed
1012 fsync()'s, it can be configured by the max-ack-delay configuration
1013 parameter.
1014
8269561d
DH		 1015- A bug was fixed where the length of a hostname was miscalculated, so that
1016 hosts were given odd-looking domain names ("foo.bar.ba.example.com").
1017
b445a411
DH		 1018- Shared network selection should be done from the innermost relay
1019 valid link-address field, rather than the outermost.
1020
bd72740e
FD		 1021- Prefix pools are attached to shared network scopes.
1022
9322442f
FD		 1023- Merged IA_XX related structures.
1024
8dea7ba7
FD		 1025- Add DHCPv6 files in configure.
1026
4619c0a2
DH		 1027- A memory leak when using omapi has been fixed.
1028
9ac4206a
DH		 1029- DHCPv6 vendor-class options (VSIO) are now only sent when they appear
1030 on the DHCPv6 ORO. This resolves a bug where VSIO options were placed
1031 in IA_NA encapsulated options fields.
1032
420d8b3f
FD		 1033- Integrated client with stateless, temporary address and prefix delegation
1034 support.
1035
40ec5f38
DH		 1036- A double-dereference in dhclient transmission of DHCPDECLINEs was
1037 repaired.
1038
80097764
FD		 1039- Fix handling of format code 'Z'.
1040
ffbaa880
FD		 1041- Support "-1" argument in DHCPv6.
1042
7de20a95
EH		 1043- Merge DHCPv6-only "dhcrelay6" into general-purpose "dhcrelay" (use
1044 "-6" option to select DHCPv6 mode).
1045
d352732e
EH		 1046- Fix handling of -A and -a flags in dhcrelay; it was failing to expand
1047 packet size as needed to add relay agent options.
1048
7d6180be
DH		 1049- A bug in subnet6 parsing where options contained in subnet6 clauses would
1050 not be applied to clients addressed within that network was repaired.
1051
1052- When configuring a "subnet {}" or "subnet6 {}" without an explicit
1053 shared-network enclosing it, the DHCP software would synthesize a
1054 shared-network to contain the subnet. However, all configuration
1055 parameters within the subnet more intuitively belong "to any client
1056 on that interface", or rather the synthesized shared-network. So,
1057 when a shared-network is synthesized, it is used to contain the
1058 configuration present inside the subnet {} clause. This means that
1059 the configuration will be valid for all clients on that network, not
1060 just those addressed out of the stated subnet. If you intended the
1061 opposite, the workaround is to explicitly configure an empty
1062 shared-network.
1063
1064- A bug was fixed where Information-Request processing was not sourcing
1065 configured option values.
1066
1067- A warning was added since the DHCPv6 processing software does not yet
1068 support class statements.
1069
dd484ced
DH		 1070- Compliation warnings on GCC 4.3 relating to bootp source address
1071 selection were repaired.
1072
ecddae64
DH		 1073- The v6 BSD socket method was updated to use a single UDP BSD socket
1074 no matter how many interfaces are involved, differentiating the
1075 interfaces the packets were received on by the interface index supplied
1076 by the OS.
1077
1078- The relay agent no longer listens to the All DHCP Servers Multicast
1079 address.
1080
1081- A bug was fixed in data_string_sprintfa() where va_start was only called
1082 once for two invocations of vsprintf() variants.
1083
d104d45b
DH		 1084- ERO (RFC 4994) server support.
1085
1086- Basic and partial DHCPv6 leasequery support.
1087
1088- Reliable DHCPv6 release (previous behavior, send release and exit, is
1089 still available with dhclient -6 -1 -r).
1090
01a54c17 1091 Changes since 4.0.0 (new features)
3c12f746 1092
6d7f9584
FD		 1093- Added DHCPv6 rapid commit support.
1094
4cafb815 1095- Added explicit parser support for zero-length DHCP options, such as
6d7f9584 1096 rapid-commit, via format code 'Z'.
4cafb815 1097
022fe95e
EH		 1098- It's now possible to update the "ends" field of a lease with OMAPI.
1099 This is useful if you want not only to release a lease, but also make
1100 it available for reuse right away. Hat tip to Christof Chen.
1101
1dcc3612
SK		 1102- Fixed definition of the iaaddr hash functions to use the correct
1103 functions when referencing and dereferencing memory.
1104
aabfa4de
FD		 1105- Some definitions not in phase with the IANA registry were updated.
1106
0674055a
FD		 1107- Allocated interface IDs are better controlled ('u' bit set to zero,
1108 reserved IDs avoided).
1109
b51c785f
FD		 1110- Unicast options are taken into account only for RENEWs.
1111
900405e9
FD		 1112- NoAddrsAvail answers to SOLICITs are always ADVERTISEs even when a SOLICIT
1113 carries a rapid-commit option.
1114
96b620e5
FD		 1115- Return in place of raise an impossible condition when one tries to release
1116 an empty active lease.
1117
be62cf06
FD		 1118- Timer granularity is now 1/100s in the DHCPv6 client.
1119
01a54c17
EH		 1120- The dhclient-script was updated to create a host route for the default
1121 gateway if the supplied subnet mask for an IPv4 address was a /32. This
1122 allows the client to work in 'captive' network environments, where the
1123 operator does not want clients to crosstalk directly.
1124
1125- MINUS tokens should be parseable again.
1126
1127- Multiple (up to "delayed-ack x;" maximum) DHCPv4 packets are now queued and
1128 released in bursts after single fsync() events when the upper limit is
1129 reached or if the receiving sockets go dry. The practical upshot is
1130 that fsync-coupled server performance is now multiplicitively increased.
1131 The default delayed ack limit is 28. Thanks entirely to a patch from
1132 Christof Chen.
1133
1134 Changes since 4.0.0 (bug fixes)
1135
1136- DHCP now builds on AIX.
1137
1138- Exit with warning when DHCPv6-specific statements are used in the
1139 config file but -6 is not specified.
1140
1141- Fixed "--version" flag in dhcrelay
1142
1143- The 'min-secs' configuration parameter's log message has been updated to
1144 be more helpful.
1145
1146- The warning logged when an address range doesn't fit in the subnets
1147 they were declared has been updated to be more helpful and identify the
1148 typo in configuration that created the spanning addresses.
1149
1150- A bug in failover pool rebalancing that caused POOLREQ message ping-pongs
1151 was repaired.
1152
1153- A flaw in failover pool rebalancing that could cause POOLREQ messages to
1154 be sent outside of the min-balance/max-balance scheduled intervals has
1155 been repaired.
1156
1157- A cosmetic bug during potential-conflict recovery that caused the peer's
1158 'conflict-done' state message to be logged as 'unknown-state' has been
1159 repaired. It is now logged correctly.
1160
49f61135
DH		 1161- A bug was fixed where the 'giaddr' may be used to find the client's subnet
1162 rather than its own 'ciaddr'.
1163
41d4652f
DH		 1164- A log message was introduced to clarify the situation where a failover
1165 'address' parameter (the server's local address) did not resolve to an
1166 IPv4 address.
1167
2c9bf1f4
DH		 1168- The minimum site code value was set to 224 in 3.1.0 to track RFC3942. This
1169 broke a lot of legacy site local configurations. The new code in place will
1170 track site local space minimum option codes and logs a warning to encourage
1171 updates and exploration of site local code migration problems. Option
1172 codes less than 128 in site local spaces remain inaccessible.
1173
1174- A possible relay agent option bug was repaired where random server
1175 initialization state may have been used to signal the relay agent
1176 information options sub-option code for the 'END' of the option space.
1177
cff9b78f
SK		 1178- Fixes to allow code to compile and run on Solaris 9.
1179
c4d29896
SK		 1180- Fixes to allow code to compile on Mac OS X Leopard (10.5).
1181
57fcb8d9
SK		 1182- When server is configured with options that it overrides, a warning is
1183 issued when the configuration file is read, rather than at the time the
1184 option is overridden. This was important, because the warning was given
1185 every time the option was overridden, which could create a lot of
1186 unnecessary logging.
1187
219a65eb
DH		 1188- Fixed a compilation problems on platforms that define a value for FDDI,
1189 which conflicts with a dhcp configuration syntax token by the same name.
1190
ffdf3c8c
DH		 1191- When a failover server suspects it has encountered a peer running a
1192 version 3.0.x failover server, a warning that the failover wire protocol
1193 is incompatible is printed.
1194
1195- The failover server no longer issues a floating point error if it encounters
1196 a previously undefined option code.
1197
00a002fc
MA		 1198- Fix startup error messages to report a missing "subnet6 declaration", rather
1199 than a missing "subnet declaration", when running as a DHCPv6 server.
1200
7e9f7a1b
FD		 1201- DHCPv6 client timestamp in DUID was based on the year 1970 rather
1202 than the year 2000.
1203
e2cfde76
FD		 1204- Warn when attempting to use a hardware parameter in DHCPv6.
1205
cabdb9b1
FD		 1206- DHCPv6 released resources are now marked as released by the client.
1207
5d89d60f
FD		 1208- 'Soft' bindings have no more side-effects.
1209
61d75ea2
DH		 1210 Changes since 4.0.0b3
1211
1212- The reverse dns name for PTR updates on IPv6 addresses has been fixed to
1213 use ip6.arpa. rather than default to in-addr.arpa and require user
1214 configuration.
76db44f9 1215
e32529a5
EH		 1216- dhc6_lease_destroy() and dhc6_ia_destroy() now set lease and IA pointers
1217 to NULL after freeing, to prevent subsequent accesses to freed memory.
1218
76db44f9
SK		 1219- The DHCPv6 server would not send the preference option unless the
1220 client requested it, via the ORO. This has been fixed, so the DHCPv6
1221 server will always send the preference value if it is configured.
e4a6be15 1222
6f76de58
SK		 1223- When addresses were passed as hints to the server in an IA, they were
1224 incorrectly handled, sometimes being treated as an error. Now the
1225 server will treat these as hints and ignore them if it cannot supply
1226 a requested address.
1227
703873ab
DH		 1228- If the client had multiple addresses, and one expired (was not renewed
1229 by the server), the client would continue to attempt to renew the same
1230 old address over and over. Now, the client will omit any expired
1231 addresses from future Confirm, Renew, or Rebind messages.
1232
1233- dhclient -6 will now select renew/rebind timers based upon the longest
1234 address expiration time rather than the shortest expiration time, in
1235 order to avoid cascading renewals in the event a server elects not to
1236 extend one of multiple IAADDR leases.
1237
b024480e
DH		 1238- The server now limits clients that request multiple addresses to one
1239 address per IA by default, which can be adjusted through the
1240 "limit-addrs-per-ia" configuration option.
1241
c0216cb7
DH		 1242- The DHCPv6 client now issues fresh transaction IDs on Renew and Rebind
1243 message exchanges, rather than using the most recent ID.
1244
1ac57173
FD		 1245- The DHCPv6 server now replies to Information-Request messages.
1246
83835822
DH		 1247- A bug was fixed in the dhclient-script for BSDs to correctly carry error
1248 codes through some conditions.
1249
c54db708
FD		 1250- The parsing of some options in the dhclient lease file, in particular
1251 the success DHCPv6 status-code, was fixed.
1252
e5d83524
DH		 1253- A bug was fixed that caused the DHCPv6 ORO option to be corrupted with
1254 seemingly random values.
1255
821f2dda
DH		 1256- A reference overleak in DHCPv6 shared network processing was repaired.
1257
f8b3c6f4
DH		 1258- ./configure now autodetects local database locations rather than trying
1259 to put dhcpd.leases and dhclient.leases in /usr/local/var/db, which no
1260 one ever has.
1261
b9137d42
SK		 1262- Regression fix for bug where server advertised a IPv6 address in
1263 response to a SOLICIT but would not return the address in response
1264 to a REQUEST.
1265
9f1d5a2f
DH		 1266- A bug was fixed where the DHCPv6 server puts the NoAddrsAvail status
1267 code in the IA_NA was fixed. The status code now appears in the root
1268 level.
1269
e4a6be15
DH		 1270 Changes since 4.0.0b2
1271
65cf86d7
EH		 1272- Clarified error message when lease limit exceeded
1273
b1d3778c
DH		 1274- Relative time may now be used as a qualifier for 'allow' and 'deny' access
1275 control lists. These directives may be used to assist in re-addressing
1276 address pools without having to constantly reconfigure the server. Please
1277 see 'man dhcpd.conf' for more information on allow/deny 'after time' syntax.
1278 Thanks to a patch from Christof Chen.
1279
bead14ea
DH		 1280- The server will now include multiple IA_NA's and multiple IAADDRs within
1281 them, if advertised by the client. It still only seeks to allocate one
1282 new address.
1283
f765ec36
SK		 1284 Changes since 4.0.0b1
1285
75135a3f
EH		 1286- Use different paths for PID and lease files when running in DHCPv4
1287 or DHCPv6 mode, so that servers for both protcols can be run
1288 simultaneously on a single interface.
1289
5c2d55c7
EH		 1290- Fixed a buffer overflow error which could have allowed a denial
1291 of service under unusual server configurations
1292
1293- Eliminated a spurious error message from the client
1294
f765ec36
SK		 1295- A number of bugs with the internal handling of lease state on the
1296 server have been fixed. Some of these could cause server crashes.
fa9b593d 1297
edb1283e
DH		 1298- The peer_wants_leases() changes pulled up from 3.1.0 were corrected,
1299 'never used' leases will no longer consistently shift between servers
1300 on every pool rebalance run.
1301
c71c6399
DH		 1302- sendmsg()/recvmsg() control buffers are now declared in such a way to
1303 ensure they are correctly aligned on all (esp. 64-bit) architectures.
1304
5279b8f3
DH		 1305- The client leasing subsystem was streamlined and corrected to account
1306 more closely for changes in client link attachment selection.
1307
ab3a540f 1308 Changes since 4.0.0a3
763cba6b 1309
884a458f
SK		 1310- The DHCP server no longer requires a "ddns-update-style" statement,
1311 and now defaults to "none", which means DNS updates are disabled.
1312
fa9b593d
DH		 1313- Log messages when failover peer names mismatch have been improved to
1314 point out the problem.
1315
1b5053b5
SK		 1316- Bug where server advertised a IPv6 address in response to a SOLICIT
1317 but would not return the address in response to a REQUEST. Thanks to
1318 Dennis Kou for finding the bug.
1319
c886c298
SK		 1320- Fixed an error causing the server to lock up on lease expiration,
1321 reported independently by Jothilingam Vasu and Dennis Kou.
1322
eaf7eb17
DH		 1323- Fixed a ./configure bug where compile tests were failing due to
1324 "-Werror" (unused variable) rather than the actual test failure. Lead
1325 to inconsistent and unworkable auto-configurations.
1326
109e00db
DH		 1327- Compilation with DLPI and -Werror has been repaired.
1328
3ad9d48f
SK		 1329- Error in decoding IA_NA option if multiple interfaces are present
1330 fixed by Marcus Goller.
1331
8eab95f2
DH		 1332- DHCPv6 server Confirm message processing has been enhanced - it no
1333 longer replies only to clients with host {} records, it now replies
1334 as directed in RFC3315 section 18.2.2 - that is, to all clients
1335 regardless of the existence of bindings.
1336
07b9a351
DH		 1337- A core dump during expired lease cleanup has been repaired.
1338
7285af30
DH		 1339- DDNS updates state information are now stored in 'binding scopes' that
1340 follow the leases through their lifecycles. This enables DDNS teardowns
1341 on leases that are assigned and expired inbetween a server restart (the
1342 state is recovered from dhcpd.leases). Arbitrary user-specified binding
1343 scopes ('set var = "value";') are not yet supported.
1344
2394b26b
DH		 1345- Additional compilation problems on HP/UX have been repaired.
1346
ab3a540f
SK		 1347 Changes since 4.0.0a2
1348
97050349
SK		 1349- Fix for startup where there are no IPv4 addresses on an interface.
1350 Thanks to Marcus Goller for reporting the bug.
1351
763cba6b 1352- Fixed file descriptor leak on listen failure. Thanks to Tom Clark.
e889ded1 1353
237f8d3a
SK		 1354- Bug in server configuration parser caused server to get stuck on
1355 startup for certain bad pool declarations. Thanks to Guillaume
1356 Knispel for the bug report and fix.
1357
28868515
SK		 1358- Code cleaned to remove warnings reported by "gcc -Wall".
1359
d00d373a
SK		 1360- DHCPv6 is now the default. You can disable DHCPv6 support using the
1361 "--disable-dhcpv6" flag when you run the configure script.
1362
8dfd5744
DH		 1363- An internal database inconsistency bug was repaired where the server
1364 would segfault if a client attempted to renew a lease that had been
1365 loaded from persistent storage.
1366
45d545f0 1367- 'request' and 'also request' syntaxes have been added to accommodate
0c20eab3
DH		 1368 the DHCPv6 client configuration. 'send dhcp6.oro' is no longer
1369 necessary.
1370
f800f4f6
SK		 1371- Bug fixed where configuration file parsing did not work with
1372 zero-length options; this made it impossible to set the
1373 rapid-commit option.
1374
845e9677
DH		 1375- Bogus messages about host records with IPv4 fixed-addresses being of
1376 non-128-bits in length were removed.
1377
76c944da
SK		 1378 Changes since 4.0.0a1
1379
71765b58
SK		 1380- Bug in octal parsing fixed. Thanks to Bernd Fuhrmann for the report
1381 and fix.
1382
847e7000
SK		 1383- Autoconf now supplies proper flags for Solaris DHCPv6 builds.
1384
bda33169
SK		 1385- Fix for parsing error on some IPv6 addresses.
1386
9b21e73e
SK		 1387- Invalid CIDR representation for IPv6 subnets or ranges now checked
1388 for when loading configuration.
1389
8da06bb1
DH		 1390- Compilation on HP/UX has been repaired. The changes should generally
1391 apply to any architecture that supplies SIOCGLIFCONF but does not
1392 use 'struct lifconf' structures to pass values.
1393
dd328225
DH		 1394- Two new operators, ~= and ~~, have been integrated to implement
1395 boolean matches by regular expression (such as may be used in
1396 class matching statements). Thanks to a patch by Alexandr S.
1397 Agranovsky, which underwent slight modification.
1398
76c944da
SK		 1399- Fix for icmp packets on 64-bit systems (bug introduced in 4.0).
1400
f796f70a
DH		 1401- A bug was fixed in interface discovery wherein an error identifying
1402 a server-configured interface with no IPv4 addresses would SEGV.
76c944da 1403
c11f349d
EH		 1404- Fixed a bug in which write_lease() might report a failure incorrectly
1405
af5fa176
EH		 1406- Added support for DHCPv6 Release messages
1407
1408- Added -x option to dhclient, which triggers dhclient processes
1409 to exit gracefully without releasing leases first
1410
a546f2a7
EH		 1411- All binaries (client, server, relay) now change directories
1412 to / before going into daemon mode, so as not to hold $CWD open
1413
b55d0d5f
EH		 1414- Fixed a bug parsing DHCPv6 client-id's in host-identifier statements
1415
26be82af
DH		 1416- Fixed a bug with the 'ddns-updates' boolean server configuration
1417 parameter, which caused the server to fail.
1418
98bd7ca0
DH		 1419 Changes since 4.0.0-20070413
1420
d9b43370
SK		 1421- Old (expired) leases are now cleaned.
1422
8c1752d2
DH		 1423- IPv6 subnets now have support for arbitrary allocation ranges via
1424 a new 'range6' configuration directive.
1425
98bd7ca0
DH		 1426- An obviated option code hash lookup to find D6O_CLIENTID was removed.
1427
a512d11b
DH		 1428- Corrected some situations where variables might be used without being
1429 initialized.
1430
1431- Silenced several other compiler warnings.
1432
1433- Include the more standard sys/uio.h rather than rely upon other
f66f02cc
DH		 1434 header files to include it (fixes a BSD 4.2 compile failure).
1435
1436- Duplicate dhclient-script updates for DHCPv6 to all provided scripts.
a512d11b 1437
4ba58919
DH		 1438- DHCPv4 I/O methods that failed to sense hardware address were corrected.
1439
1440- DHCPv4 is now the default (as documented) rather than DHCPv6. The default
1441 was set to DHCPv6 to facilitate ease early development, and forgotten.
1442
1443- Corrected a segmentation violation in DHCPv4 socket processing.
1444
8ea19a71 1445- dhclient will now fork() into the background once it binds to an
45d545f0 1446 IPv6 address, or immediately if the -n flag is supplied.
8ea19a71
DH		 1447
1448- -q is now the default behaviour on dhclient, with -d or -v enabling
1449 non-quiet (stderr logging) mode.
1450
2cf8d0bd
DH		 1451- Fix documentation of the domain-search atom (quoted, with commas).
1452
1453- Document DHCPv6 options presently in the default table.
1454
fe5b0fdd
DH		 1455- Replaced ./configure shellscripting with GNU Autoconf.
1456
98bd7ca0
DH		 1457 Changes since 3.1.0 (NEW FEATURES)
1458
1459- DHCPv6 Client and Server protocol support. Use '-6' to run the daemons
1460 as v6-only. Use '-4' to run the daemons as v4-only (default. There is
1461 no support currently for both.
1462
1463- Server support for multiple IA_NA options, containing at most one
1464 IAADDR option.
1465
1466- Client support for one IA_NA option, containing any number of IAADDR
1467 options.
1468
1469- Server support for the DHCPv6 Information-request message.
1470
1471- Inappropriate unicast DHCPv6 messages sent to the server are now
1472 discarded, and this has rearchitected the IO system slightly.
1473
1474- The DHCPv6 server DUID defaults to type 1, is persistently stored in
1475 the leases database, and can be over-ridden (either completely, or by
1476 specifying type 1 or type 2).
1477
1478- The server only uses Rapid-Commit if it has been configured with the
1479 Rapid-Commit option and the client requests it.
1480
1481- DDNS support. We now update AAAA records in the same place we would
1482 update A records, if we have an IPv6 address. We also generate IP6.ARPA
1483 style names for PTR records if we're dealing with an IPv6 address. Both
1484 A and AAAA updates are done using the same 'fqdn.' virtual option space
1485 (although the DHCPv4 FQDN and DHCPv6 FQDN options are formatted
1486 differently, they both use the same code here).
1487
1488- The Linux dhclient-script attempts to set and remove assigned addresses,
1489 and to configure /etc/resolv.conf from nameserver and domain name
1490 configurations. It can be extended to configure other parameters.
1491
1492- Initial DHCPv6 lease support.
1493
1494- The IO system now tracks all local IP addresses, so that the DHCP
1495 applications (particularly the dhcrelay) can discern between what frames
1496 were transmitted to it, and what frames are being carried through it which
1497 it should not intercept.
1498
1418fd11
DH		 1499 Changes since 3.1.0 (Maintenance)
1500
1501- A bug was repaired where MAC Address Affinity for virgin leases always
1502 mapped to the primary. Virgin leases now have an interleaved preference
1503 between primary and secondary.
1504
1505- A bug was repaired where MAC Address Affinity for clients with no client
1506 identifier was sometimes mishashed to the peer. Load balancing during
1507 runtime and pool rebalancing were opposing.
1508
aa3e348e
DH		 1509- An assertion in lease counting relating to reserved leases was repaired.
1510
e9c59645
DH		 1511- The subnet-mask option inclusion now conforms with RFC2132 section 3.3;
1512 it will only appear prior to the routers option if it is present on the
1513 Parameter-Request-List. The subnet-mask option will also only be
1514 included by default (if it is not on the PRL) in response to DISCOVER
1515 or REQUEST messages.
1516
1517- The FQDN option is only supplied if the client supplied an FQDN option or
1518 if the FQDN option was explicitly requested on the PRL.
1519
c104546d
DH		 1520- Dynamic BOOTP leases are now load balanced in failover.
1521
b9d0cc05
DH		 1522 Changes since 3.1.0rc1
1523
1524- The parse warning that 'deny dyanmic bootp;' must be configured for
1525 failover protected subnets was removed.
1526
a512cc3a
DH		 1527 Changes since 3.1.0b2
1528
1529- Failover rebalance events no longer play ping pong with round errors
1530 (moving leases between free and back to backup where there are an
1531 odd number of leases).
1532
1533- The 'pool' log line has been split into two messages, one before the
1534 rebalance run, and one after.
1535
1536- Any queued BNDACKs are transmitted before transmitting new BNDUPDs.
1537 This enforces the correct sequence of events for the remote server
1538 processing these messages.
1539
fe5b0fdd 1540 Changes since 3.1.0b1
27837f95 1541
74dc3e0b
EH		 1542- Fixed a bug that caused OMAPI clients to freeze when opening lease
1543 objects.
1544
1ba87b37
EH		 1545- A new server config option "fqdn-reply" specifies whether the server
1546 should send out option 81 (FQDN). Defaults to "on". If set to "off",
1547 the FQDN option is not sent, even if the client requested it. This is
1548 needed because some clients misbehave otherwise. Thanks to Christof Chen
1549 at Allianz.
1550
a58da042
EH		 1551- Allow trace output files (-tf option) to be overwritten, rather than
1552 crashing dhcpd if the file already exists
1553
61252edf
EH		 1554- A bug was fixed that caused dhcpd to segfault if a pool was declared
1555 outside the scope of a subnet in dhcpd.conf.
1556
27837f95
DH		 1557- Some uninitialized values were repaired in dhcpleasequery.c that
1558 caused the server to abort.
1559
4d2eaafb
DH		 1560- A new server config option, 'do-reverse-updates', has been added
1561 which causes the server to abstain from performing updates on PTR
1562 records. Thanks to a patch from Christof Chen at Allianz.
1563
06211b40
DH		 1564- A bug was repaired in subencapsulation support, where spaces separated
1565 by empty spaces would not get included.
1566
d6614ea2
DH		 1567- A bug in dhclient was repaired which caused it to send parameter request
1568 lists of 55 bytes in length no matter how long the declared PRL was.
1569
132d38f2
DH		 1570- 'dhcp.c(3953): non-null pointer' has been repaired. This fixes a flaw
1571 wherein the DHCPv4 server may ignore a configured server-identifier.
1572
fc3b9c90
DH		 1573- A flaw in failover startup sequences was repaired that sometimes left
1574 the primary DHCP server's pool rebalance schedules unscheduled.
1575
c9feb859
DH		 1576- Corrected a flaw that broke encapsulated spaces included due to presence
1577 on the parameter request list.
1578
c57db45c
SK		 1579 Changes since 3.1.0a3
1580
1581- Some spelling fixes.
98311e4b 1582
bd2bc2fa
DH		 1583 Changes since 3.1.0a2
1584
1585- A bug was fixed where attempting to permit leasequeries results in a
1586 fatal internal error, "Unable to find server option 49".
1587
85edef5c
DH		 1588- A bug was fixed in dhclient rendering the textual output form of the
1589 domain-search option syntax.
1590
bdddcb7d
DH		 1591 Changes since 3.1.0a1
1592
1593- A bug in the FQDN universe that added FQDN codes to the NWIP universe's
1594 hash table was repaired.
1595
616d67cb
DH		 1596- The servers now try harder to transmit pending binding updates when
1597 entering normal state.
1598
1599- UPDREQ/UPDREQALL handling was optimized - it no longer dequeues and
1600 requeues all pending updates. This should reduce the number of spurious
66c8f734
DH		 1601 'xid mismatch' log messages.
1602
1603- An option definition referencing leak was fixed, which resulted in early
1604 termination of dhclient upon the renewal event.
616d67cb 1605
6708d944
DH		 1606- Some default hash table sizes were tweaked, some upwards, some downwards.
1607 3.1.0a1's tables resulted in a reduction in default server memory use.
1608 The new selected values provide more of a zero sum (increasing the size
1609 of tables likely to be populated, decreasing the size of tables unlikely).
1610
45d545f0 1611- Lease structures appear in three separate hashes: by IP address, by UID,
6708d944
DH		 1612 and by hardware address. One type of table was used for all three, and
1613 improvements to IP address hashing were applied to all three (so UID and
1614 hardware addresses were treated like 4-byte integers). There are now two
1615 types of tables, and the uid/hw hashes use functions more appropriate
1616 to their needs.
1617
1618- The max-lease-misbalance percentage no longer causes scheduled rebalance
1619 runs to be skipped: it still governs the schedule, but every scheduled
1620 run will attempt balance.
1621
a7ee93fe
DH		 1622- A segfault bug in recursive encapsulation support has been corrected.
1623
98311e4b
DH		 1624 Changes since 3.0 (New Features)
1625
1626- A workaround for certain STSN servers that send a mangled domain-name
1627 option was introduced for dhclient. The client will now accept corrupted
1628 server responses, if they contain a valid DHCP_MESSAGE_TYPE (OFFER, ACK,
1629 or NAK). The server will continue to not accept corrupt client packets.
1630
98bd7ca0 1631- Support for 'reserved' (pseudo-static) and BOOTP leases via failover
a55ccdd0 1632 was introduced.
98311e4b
DH		 1633
1634- Support for adding, removing, and managing class and subclass statements
1635 via OMAPI.
1636
a55ccdd0
DH		 1637- The failover implementation was updated to comply with revision 12 of
1638 the protocol draft.
1639
98311e4b
DH		 1640- 'make install' now creates the initial zero-length dhcpd.leases file if
1641 one does not already exist on the system.
1642
b43c87ad 1643- RFC3942 compliance, site-local option spaces start at 224 now, not 128.
b43c87ad 1644
0b17f049
DH		 1645- The Load Balance Algorithm was misimplemented. The current implementation
1646 matches RFC 3074.
1647
2727c1cf
DH		 1648- lcase() and ucase() configuration expressions have been added which adjust
1649 their arguments from upper to lower and lower to upper cases respectively.
2714a8ef 1650 Thanks to a patch from Albert Herranz.
2727c1cf 1651
febbd402
DH		 1652- The dhclient 'reject ...;' statement, which rejects leases given by named
1653 server-identifiers, now permits address ranges to be specified in CIDR
7d7073e7 1654 notation. Thanks to a patch from David Boyce.
febbd402 1655
ee912528
DH		 1656- The subnet-mask option is now supplied by default, but at lowest
1657 priority. This helps a small minority of clients that provide parameter
1658 request lists, but do not list the subnet-mask option because they were
1659 designed to interoperate with a server that behaves in this manner.
1660
1661- The FQDN option is similarly supplied even if it does not appear on the
1662 parameter request list, but not to the exclusion of options that do
1663 appear at the parameter request list. Up until now it had ultimate
1664 priority over the client's parameter request list.
1665
f7fdb216 1666- Varying option space code and length bit widths (8/16/32) are now
51202707 1667 supported. This is a milestone in achieving RFC 3925 "VIVSO" and
f7fdb216
DH		 1668 DHCPv6 support.
1669
5e864416
DH		 1670- A new common (server or client) option, 'db-time-format local;', has
1671 been added which prints the local time in /var/db/dhcpd.leases rather
1672 than UTC. Thanks to a patch from Ken Lalonde.
1673
b500bd4c
DH		 1674- Some patches to improve DHCP Server startup speed from Andrew Matheson
1675 have been incorporated.
1676
2426234f
DH		 1677- Failover pairs now implement 'MAC Affinity' on leases moving from the
1678 active to free states. Leases that belonged to the failover secondary
1679 are moved to BACKUP state rather than FREE upon exiting EXPIRED state.
1680 If lease rebalancing must move leases, it tries first to move leases
1681 that belong to the peer in need.
1682
1683- The server no longer sends POOLREQ messages unless the pool is severely
1684 misbalanced in the peer's favor (see 'man dhcpd.conf' for more details).
1685
1686- Pool rebalance events no longer happen upon successfully allocating a
1687 lease. Instead, they happen on a schedule. See 'man dhcpd.conf' for the
1688 min-balance and max-balance statements for more information.
1689
334bf491
DH		 1690- The DHCP Relay Agent Information Option / Link Selection Sub-Option
1691 is now supported. (See RFC3527 for details).
1692
3004bebf
DH		 1693- A new DDNS related server option, update-conflict-detection, has been
1694 added. If this option is enabled, dhcpd will perform normal DHCID
1695 conflict resolution (the default). If this option is disabled, it will
1696 instead trust the assigned name implicitly (removing any other bindings
1697 on that name). This option has not been made available in dhclient.
1698
567e8561
DH		 1699- In those cases where the DHCP software manufactures an IP header (to
1700 transmit via bpf, lpf, etc), the IP TTL the software selects has been
1701 increased from 16 to 128. This is intended to match Microsoft Windows
1702 DHCP Client behaviour, to increase compatibility.
1703
a396d25f
DH		 1704- 'ignore client-updates;' now has behaviour that is different from
1705 'deny client-updates;'. The client's request is not truly ignored,
1706 rather it is encouraged. Should this value be configured, the server
1707 updates DNS as though client-updates were set to 'deny'. That is, it
1708 enters into DNS whatever it is configured to do already, provided it is
1709 configured to. Then it sends a response to the client that lets the
1710 client believe it is performing client updates (which it will), probably
1711 for a different name. In essence, this lets the client do as it will,
1712 ignoring this aspect of their request.
1713
dba5803b
DH		 1714- Support for compressed 'domain name list' style DHCP option contents, and
1715 in particular the domain search option (#119) was added.
1716
41e45067 1717- The DHCP LEASEQUERY protocol as defined in RFC4388 is now implemented.
6d103865
SK		 1718 LEASEQUERY lets you query the DHCP server for information about a lease,
1719 using either an IP address, MAC address, or client identifier. Thanks
1720 to a patch from Justin Haddad.
1721
41e45067
DH		 1722- DHCPD is now RFC2131 section 4.1 compliant (broadcast to all-ones ip and
1723 ethernet mac address) on the SCO platform specifically without any strange
1724 ifconfig hacks. Many thanks go to the Kroger Co. for donating the
1725 hardware and funding the development.
6d103865 1726
b543fea9
DH		 1727- A new common configuration executable statement, execute(), has been
1728 added. This permits dhcpd or dhclient to execute a named external
1729 program with command line arguments specified from other configuration
1730 language. Thanks to a patch written by Mattias Ronnblom, gotten to us
1731 via Robin Breathe.
1732
b22de500
DH		 1733- A new dhcp server option 'adaptive-lease-time-threshold' has been added
1734 which causes the server to substantially reduce lease-times if there are
1735 few (configured percentage) remaining leases. Thanks to a patch submitted
1736 from Christof Chen.
1737
96bbe8c5
SK		 1738- Encapsulated option spaces within encapsulated option spaces is now
1739 formally supported.
1740
b8221d95
DH		 1741 Changes since 3.0.6rc1
1742
1743- supersede_lease() now requeues leases in their respective hardware
1744 address hash bucket. This mirrors client identifier behaviour.
1745
c1e6c832
DH		 1746 Changes since 3.0.5
1747
f546c28b
DH		 1748- Assorted fixes for broken network devices: Packet length is now
1749 determined from the IP header length field to finally calculate the
1750 UDP payload length, because some NIC drivers return more data than
5a22eb63 1751 they actually received.
f546c28b
DH		 1752
1753- UDP packets are now stored in aligned data structures.
1754
c1e6c832
DH		 1755- A logic error in omapi interface code was repaired that might result in
1756 incorrectly indicating 'up' state when any flags were set, rather than
23e10d37
DH		 1757 specifically the INTERFACE_REQUESTED flag. Thanks to a patch from
1758 Jochen Voss which got to us via Andrew Pollock at Debian.
c1e6c832 1759
75ab3070
DH		 1760- A reference leak on binding scopes set by ddns updates was repaired.
1761
d69fb6a8 1762- A memory leak in the minires_nsendsigned() function call was repaired.
23e10d37 1763 Effectively, this leaked ~176 bytes per DDNS update.
d69fb6a8 1764
02428754
DH		 1765- In the case where an "L2" DHCP Relay Agent (one that does not set giaddr)
1766 was directly attached to the same broadcast domain as the DHCP server,
1767 the RFC3046 relay agent information option was not being returned to the
1768 relay in the server's replies. This was fixed; the dhcp server no longer
1769 requires the giaddr to reply with relay agent information. Note that
1770 this also improves compatibility with L2 devices that "intercept" DHCP
1771 packets and expect relay agent information even in unicast (renewal)
23e10d37
DH		 1772 replies. Thanks to a patch from Pekka Silvonen.
1773
1774- A bug was fixed where the BOOTP header 'sname' field had a value, the
1775 copy written to persistent storage was actually the contents of the
1776 'file' field.
02428754 1777
ecde99a3
DH		 1778- A bug was fixed where the nwip virtual option space was referencing
1779 the fqdn option's virtual option space's option cache.
1780
67674ffb
DH		 1781- Timestamp parsing errors that indicated missing "minutes" fields rather
1782 than the actually missing "seconds" fields have been repaired thanks to
1783 a patch from Kevin Steves.
1784
830ebc4c
DH		 1785- A grammar error in the dhclient.8 manpage was repaired thanks to a patch
1786 from Chris Wagner.
1787
c759db75
DH		 1788- Several spelling typos were repaired, and some cross-references to other
1789 relevant documents were included in the manpages, thanks to a patch
1790 by Andrew Pollock which got to us via Tomas Pospisek.
1791
9aa3f3a5
DH		 1792- Some bugs were fixed in the 'emergency relay agent options hologram'
1793 which is used to retain relay agent option contents from when the
1794 client was in INIT or REBIND states. This should solve problems where
1795 relay agent options were not echoed from the server, even when giaddr
1796 was set.
1797
3d0c598a
DH		 1798- dhclient now closes its descriptor to dhclient.leases prior to executing
1799 dhclient-script. Thanks to a patch from Tomas Pospisek.
1800
d5b6835f
DH		 1801- The server's "by client-id" and "by hardware address" hash table lists
1802 are now sorted according to the preference to re-allocate that lease to
1803 returning clients. This should eliminate pool starvation problems
1804 arising when "INIT" clients were given new leases rather than presently
1805 active ones.
1806
02428754 1807 Changes since 3.0.5rc1
0a73b7b6 1808
901306d5 1809- A bug was repaired in fixes to the dhclient, which sought to run the
0a73b7b6
SK		 1810 dhclient-script with the 'EXPIRE' state should it receive a NAK in
1811 response to a REQUEST. The client now iterates the PREINIT state
1812 after the EXPIRE state, so that interfaces that might be configured
1813 'down' can be brought back 'up' and initialized.
1814
87a08ccc
DH		 1815- DHCPINFORM handling for clients that properly set ciaddr and come to the
1816 server via a relay aget has been repaired.
1817
6da113fb
DH		 1818 Changes since 3.0.4
1819
1820- A warning that host statements declared within subnet or shared-network
1821 scopes are actually global has been added.
1822
1823- The default minimum lease time (if min-lease-time was not specified)
1824 was raised from 0 to 300. 0 is not thought to be sensible, and is
1825 known to be damaging.
1826
1827- Added additional fatal error sanity checks surrounding lease binding
1828 state count calculations (free/active counts used for failover pool
1829 balancing).
1830
dcc557db
DH		 1831- Some time value size fixes in 3.0.4 brought on from FreeBSD /usr/ports were
1832 misapplied to server values rather than client values. The server no longer
1833 advertises 8-byte lease-time options when on 64-bit platforms.
1834
1b2ab55f
DH		 1835- A bug where leases not in ACTIVE state would get billed to billed classes
1836 (classes with lease limitations) was fixed. Non-active leases OFFERed
1837 to clients are no longer billed (but billing is checked before offering).
1838
e48891e8
DH		 1839- The dhcpd.conf.5 manpage was updated in regard to the ddns-domainname
1840 configuration option - the default configuration and results should be
1841 more clear now.
1842
6cbc6629
DH		 1843- If the dhclient were to receive a DHCPNAK while it was in the RENEW
1844 state (and consequently, had an active, 'bound' address and related
1845 configuration options), it would fail to 'tear down' this information
1846 before proceeding into INIT state. dhclient now iterates the dhclient-
1847 script with the 'EXPIRE' action to cause these teardowns prior to entering
1d3bfb17 1848 INIT state. Thanks to a patch from Chris Zimmerman.
6cbc6629 1849
c5fec5fa
DH		 1850- The omapi.1 manpage had some formatting errors repaired thanks to a patch
1851 from Yoshihiko Sarumaru.
1852
33e1cb2b
DH		 1853- A few lines of code that were failover-specific were moved within
1854 #if defined() clauses so that compilation without failover could be
1855 made possible.
1856
2bddf829
DH		 1857- The log message emitted when the 'leased-address' value was not available
1858 in dhcpd.conf "executable statements" has been updated to be more helpful.
1859 Manpage information for this value has also been updated.
1860
87578987
DH		 1861- Abandoned or dissociated (err condition) leases now remove any related
1862 dynamic dns bindings. Thanks to a patch from Patrick Schoo.
1863
e77c575f
DH		 1864- Attempting to write a new lease file to replace a corrupt (due to
1865 encountering non-retryable errors during writing) lease file should
1866 no longer result in an infinite recursion.
1867
2178df03
DH		 1868- Host declaration hardware addresses and client identifiers may only be
1869 configured once. dhcpd will now fail to load config files that specify
1870 multiple identifiers (previous versions would silently over-ride the
1871 value with the later configured value).
1872
d5341d9b
SK		 1873- Several option codes that have been allocated since our last release
1874 have been named and documented.
1875
1876- Option names of the form "unknown-123" have been removed from the in-
1877 memory hash tables. In order to support options of these names that
1878 may appear in dhclient.leases or similar in previous versions, the
1879 parser will now find the new option code definition, or mock up a
1880 generic option code definition. This should result in a smooth
1881 transition from one name to the other, as the new name is used to
1882 write new output.
1883
6da113fb
DH		 1884 Changes since 3.0.4rc1
1885
1886- The dhcp-options.5 manpage was updated to correct indentation errors
1887 thanks to a patch from Jean Delvare.
1888
1889 Changes since 3.0.4b3
1890
1891- Some manual pages were clarified pursuant to discussion on the dhcp-server
1892 mailing list.
1893
88cd8aca
DH		 1894 Changes since 3.0.4b2
1895
45d545f0 1896- Null-termination sensing for certain clients that unfortunately require
88cd8aca
DH		 1897 it in DHCPINFORM processing was repaired.
1898
1899- The host-name option and a few others were moved from "X" format to "t"
1900 format to be compatible with new NULL handling functions.
1901
1902- DHCPINFORM processing is a little more careful about return addressing
1903 its responses, or if responding via a relay. The INFORM related
1904 messages also log the 'effective client ip address' rather than the
1905 client's supplied ciaddr (since some clients produce null ciaddrs).
1906
1907- The server was inappropriately sending leases to the RESET state in the
1908 event that multiple active leases were found to match a singly-identified
1909 client. This was changed to RELEASED (by accepting a different, ACTIVE
1910 binding, the client is implicitly releasing its lease). This repairs a
1911 bug wherein secondary servers in failover pairs detecting this condition
1912 move leases to RESET, and primaries refuse to accept that state
1913 transition (properly).
1914
1915- The memset-after-dmalloc() changes made in 3.0.4b1 have been backed out.
1916
1917 Changes since 3.0.4b1
1918
1919- Command line parsing in omshell was repaired - it no longer closes
1920 STDIN after reading one line.
1921
1922- The resolver library no longer closes the /etc/resolv.conf file
1923 descriptor it opened twice.
1924
1925- Changes to trailing NULL removal in 't' option-atoms has been rethought,
1926 it now includes 'd' (domain name) types, and tries hard not to rewind an
1927 option beyond the start of the text field it is un-terminating.
1928
1929 Changes since 3.0.3
1930
1931- A DDNS update handling function was misusing the DNS error codes, rather
1932 than the internal generic result enumeration. The result is a confusing
1933 syslog line, logging the wrong condition.
1934
1935- The DHCP Server was not checking pool balance in the case where it brought
1936 a non-ACTIVE lease out of storage for a client that was returning to use
1937 a lease it once had long ago, and had since expired.
1938
1939- Failover peers no longer bother to look for free leases to allocate when
1940 they already found the client's ACTIVE lease. DISCOVERs are load balanced
98bd7ca0 1941 whether freely-allocated or not, unless the server doubts the peer has
88cd8aca
DH		 1942 leases to allocate.
1943
1944- Fixed a bug in dhcrelay agent addition code that suppressed trailing
45d545f0 1945 PAD options - it was suppressing only one trailing PAD option, rather
88cd8aca
DH		 1946 than the entire block of them.
1947
3a16098f
DH		 1948! Fixed some unlikely overlapping-region memcpy() bugs in dhcrelay agent
1949 option addition and stripping code. Added a few sanity checks. Although
1950 highly improbable, due to requiring the reception of a DHCP datagram well
1951 in excess of all known to be used physical MTU limitations, it is possible
1952 this may have been used in a stack overflow security vulnerability. Thanks
1953 to a patch from infamous42md.
1954
1955! Added some sanity checks to OMAPI connection/authentication code.
1956 Although highly improbable, due to having to deliver in excess of 2^32
1957 bytes of data via the OMAPI channel, not to mention requiring dhcpd to
1958 be able to malloc() a memory region 2^32 bytes in size, it was possible
1959 this might have resulted in a heap overflow security vulnerability.
1960 Thanks to a patch from infamous42md.
88cd8aca
DH		 1961
1962- dmalloc() memset()'s the non-debug (data) portion of the allocated
1963 memory to zero. Code that memset()'s the result returned by dmalloc() to
1964 zero is redundant. These redundancies were removed.
1965
1966- Some type declaration corrections to u_int16_t were made in common/tr.c
4b97eaff 1967 (Token Ring support) thanks to a patch from Jason Vas Dias at Red Hat.
88cd8aca
DH		 1968
1969- A failover bug that was allowing leases that EXPIRED or were RELEASED
1970 where tsfp and tstp are identical timestamps to languish in these
1971 transitional states has been repaired. As a side effect, lease
1972 databases should be kept more consistent overall, not just for these
1973 transitional states.
1974
1975- If the lease db is deleted out from under the daemon, and it moves to rewrite
1976 the db, it will go ahead with the operation and move the new db into place
1977 once it detects the old db does not exist.
1978
1979- dhclient now ignores IRDA, SIT, and IEEE1394 network interfaces, as it
1980 is either nonsensical or (in the case of IEEE1394) is not known to support
1981 these interfaces. Thanks to Marius Gedminas and Andrew Pollock of Debian.
1982
1983- Some previously undocumented reasons for dhclient-script invoking has
45d545f0 1984 been documented in the dhclient-script.8 manpage.
88cd8aca
DH		 1985
1986- Failover potential expiry calculations (TSTP) have been corrected. Results
1987 should be substantially more consistent, and proper given the constraints.
1988
1989- Adjusted lease state validation checks in potential-conflict, to
1990 account for possible clock skew similarly to normal state, and several
1991 previously illegal transitions were made legal (ex: active->released).
1992
1993- An impossible sanity check was removed from omapi/buffer.c, thanks to a
1994 patch from 'infamous42md'.
1995
1996- An OMAPI host/network byte order problem in lease time values has been
1997 repaired.
1998
1999- Several minor bugs, largely relating to treating 8-byte time values as
2000 4-byte entities, have been repaired after careful review of the FreeBSD
2001 ports collection's patch set. Thanks to the nameless entities who have
2002 contributed to the FreeBSD ports.
2003
2004- When writing a trace file, the file is now created with permissions 0600,
2005 to help administrators avoid accidentally publicising sensitive config
2006 data.
2007
2008- The calculation of the maximum size of DHCP packets no longer includes
2009 Ethernet framing overhead. The result is that the 'Maximum Message
2010 Size' option advertised by clients, or the default value 576, is no
2011 longer reduced by 14 bytes, and instead directly reflects the IP level
2012 MTU (and the default, minimum allowed IP MTU of 576).
2013
2014- The special status of RELEASED/EXPIRED/RESET leases when a server
2015 is operating in partner-down was fixed. It no longer requires a
2016 lease be twice the MCLT beyond STOS to 'reallocate', and the expiry
2017 event to turn these into FREE leases without peer acknowledgement
2018 (after STOS+MCLT) has been repaired.
2019
2020- Compilation on older Solaris systems (lacking /usr/include/sys/int_types.h)
2021 has been repaired.
2022
2023- "append"ing a string onto the end of a "t" type option (such as the
2024 domain-name field) that had been improperly NULL-terminated by the
2025 DHCP server will no longer result in a truncated string containing
2026 only the option from the server, and not the expected appended value.
4b97eaff 2027 Thanks to a patch from Jason Vas Dias at Red Hat.
88cd8aca
DH		 2028
2029- File handlers on configuration state (config files and lease dbs) should
98bd7ca0 2030 be treated consistently, regardless of whether TRACING is defined or not.
88cd8aca 2031
45d545f0 2032- The Linux build environment has had some minor improvements - better
88cd8aca
DH		 2033 sensing of 64-bit pointer sizes (only used for establishing an icmp_id),
2034 and corrections to #if operators regarding LINUX_MAJOR should it ever
2035 move to 3.[01].x.
2036
2037- The server now tries harder to survive the condition where it is unable
2038 to open a new lease file to rewrite the lease state database.
2039
c75473d8
DH		 2040 Changes since 3.0.3b3
2041
2042- dhclient.conf documentation for interface {} was updated to reflect recent
2043 discussion on the dhcp-hackers mailing list.
2044
2045- In response to reports that the software does not compile on GCC 4.0.0,
2046 -Werror was removed from Makefile.conf for all platforms that used it.
2047 We will address the true problem in a future release; this is a temporary
2048 workaround.
2049
2050 Changes since 3.0.3b2
2051
2052- An error in code changes introduced in 3.0.3b2 was corrected, which caused
2053 static BOOTP clients to receive random addresses.
2054
2055 Changes since 3.0.3b1
2056
2057- A bug was fixed in BOOTPREQUEST handling code wherein stale references to
2058 host records would be left behind on leases that were not allocated to the
2059 client currently booting (eg in the case where the host was denied booting).
2060
2061- The dhcpd.conf.5 manpage was updated to be more clear in regards to
2062 multiple host declarations (thanks to Vincent McIntyre). 'Interim' style
2063 dynamic updates were also retouched.
2064
98311e4b
DH		 2065 Changes since 3.0.2
2066
2067- A bug was fixed where a server might load balance a DHCP REQUEST to its
45d545f0 2068 peer after already choosing not to load balance the preceding DISCOVER.
98311e4b
DH		 2069 The peer cannot allocate the originating server's lease.
2070
2071- In the case where a secondary server lost its stable storage while the
2072 primary was still in communications-interrupted, and came back online,
2073 the lease databases would not be fully transferred to the secondary.
2074 This was due to the secondary errantly sending an extra UPDREQ message
2075 when the primary made its state transition to PARTNER-DOWN known.
2076
2077- The package will now compile cleanly in gcc 3.3 and 3.4. As a side effect,
2078 lease structures will be 9 bytes smaller on all platforms. Thanks to
4b97eaff 2079 Jason Vas Dias at Red Hat.
98311e4b
DH		 2080
2081- Interface discovery code in DISCOVER_UNCONFIGURED mode is now
2082 properly restricted to only detecting broadcast interfaces. Thanks
4b97eaff 2083 to a patch from Jason Vas Dias at Red Hat.
98311e4b
DH		 2084
2085- decode_udp_ip_header was changed so that the IP address was copied out
2086 to a variable, rather than referenced by a pointer. This enforces 4-byte
2087 alignment of the 32-bit IP address value. Thanks to a patch from Dr.
2088 Peter Poeml.
2089
2090- An incorrect log message was corrected thanks to a patch from
2091 Dr. Peter Poeml.
2092
2093- A bug in DDNS was repaired, where if the server's first DDNS action was
2094 a DDNS removal rather than a DDNS update, the resolver library's
2095 retransmit timer and retry timer was set to the default, implying a
2096 15 second timeout interval. Which is a little excessive in a synchronous,
2097 single-threaded system. In all cases, ISC DHCP should now hold fast to
2098 a 1-second timeout, trying only once.
2099
2100- The siaddr field was being improperly set to the server-identifier when
2101 responding to DHCP messages. RFC2131 clarified the siaddr field as
2102 meaning the 'next server in the bootstrap process', eg a tftp server.
2103 The siaddr field is now left zeroed unless next-server is configured.
2104
2105- mockup_lease() could have returned in an error condition (or in the
2106 condition where no fixed-address was found matching the shared
2107 network) with stale references to a host record. This is probably not
2108 a memory leak since host records generally never die anyway.
2109
2110- A bug was repaired where failover servers would let stale client identifiers
2111 persist on leases that were reallocated to new clients not sending an id.
2112
2113- Binding scopes ("set var = value;") are now removed from leases allocated
2114 by failover peers if the lease had expired. This should help reduce the
2115 number of stale binding scopes on leases.
2116
2117- A small memory leak was closed involving client identifiers larger than
2118 7 bytes, and failover.
2119
2120- Configuring a subnet in dhcpd.conf with a subnet mask of 32 bits might
2121 cause an internal function to overflow heap. Thanks to Jason Vas Dias
4b97eaff 2122 at Red Hat.
98311e4b
DH		 2123
2124- Some inconsistencies in treating numbers that the lexer parsed as 'NUMBER'
2125 or 'NUMBER_OR_NAME' was repaired. Hexadecimal parsing is affected, and
2126 should work better.
2127
2128- In several cases, parse warnings were being issued before the lexical
2129 token had been advanced to the token whose value was causing an error...
2130 causing parse warnings to claim the problem is on the wrong token.
2131
2132- Host declarations matching on client identifier for dynamic leases will
2133 no longer match fixed-address host declarations (this is now identical
2134 to behaviour for host records matching on hardware address).
2135
2136 Changes since 3.0.2rc3
2137
2138- A previously undocumented configuration directive, 'local-address',
2139 was documented in the dhcpd.conf manpage.
2140
2141 Changes since 3.0.2rc2
2142
45d545f0 2143- Two variables introduced in 3.0.2b1 were used without being initialized
98311e4b
DH		 2144 in the case where neither the FILE nor SNAME fields were available for
2145 overloading. This was repaired.
2146
2147- A heretofore believed to be impossible corner case of the option
2148 overloading implementation turned out to be possible ("Unable to sort
2149 overloaded options after 10 tries."). The implementation was reworked
2150 to consider the case of an option so large it would require more than
2151 three chunks to fit.
2152
2153- Many other instances of variables being used without being initialized
2154 were repaired.
2155
2156- An uninitialized variable in omapi_io_destroy() led to the discovery
2157 that this function may result in orphaned pointers (and hence, a memory
2158 leak).
2159
2160 Changes since 3.0.2rc1
2161
2162- allocate_lease() was rewritten to repair a bug in which the server would
2163 try to allocate an ABANDONED lease when FREE leases were available.
2164
2165 Changes since 3.0.2b1
2166
2167- Some dhcp-eval.5 manpage formatting was repaired.
2168
2169 Changes since 3.0.1
2170
2171- A bug was fixed in the server's 'option overloading' implementation,
2172 where options loaded into the 'file' and 'sname' packet fields were
2173 not aligned precisely as rfc2131 dictates.
2174
2175- The FreeBSD client script was changed to support the case where a domain
2176 name was not provided by the server.
2177
2178- A memory leak in 'omshell' per each command line parsed was
2179 repaired, thanks to a patch from Jarkko Torppa.
2180
2181- Log functions writing to stderr were adjusted to use the STDERR_FILENO
2182 system definition rather than '2'. This is a no-op for 90% of platforms.
2183
2184- One call to trace_write_packet_iov() counted the number of io vectors
2185 incorrectly, causing inconsistent tracefiles. This was fixed.
2186
2187- Some expression parse failure memory leaks were closed.
2188
2189- A host byte order problem in tracefiles was repaired.
2190
2191- Pools configured in DHCPD for failover possessing permission lists that
2192 previously were assumed to not include dyanmic bootp clients are now
2193 a little more pessimistic. The result is, dhcpd will nag you about just
2194 about most pools that possess a 'allow' statement with no 'deny' that
2195 would definitely match a dynamic bootp client.
2196
2197- The 'ddns-update-style' configuration warning bit now insists that
2198 the configuration be globally scoped.
2199
2200- Two memory leaks in dhclient were closed thanks to a patch from Felix
2201 Farkas.
2202
2203- Some minor but excellently pedantic documentation errors were fixed
2204 thanks to a patch from Thomas Klausner.
2205
2206- Bugs in operator precedence in executable statements have been repaired
2207 once again. More legal syntaxes should be parsed legally.
2208
2209- Failing to initialize a tracefile for any reason if a tracefile was
2210 specified is now a fatal error. Thanks to a patch from Albert Herranz.
2211
2212- Corrected a bug in which the number of leases transferred as calculated
2213 by the failover primary and sent to peers in POOLRESP responses may be
2214 incorrect. This value is not believed to be used by other failover
2215 implementations, excepting perhaps as logged information.
2216
2217- Corrected a bug in which 'dhcp_failover_send_poolresp()' was in fact
2218 sending POOLREQ messages instead of POOLRESP mesasges. This message
2219 was essentially ignored since failover secondaries effectively do not
2220 respond to POOLREQ messages.
2221
2222- Type definitions for various bitwidths of integers in the sunos5-5
2223 build of ISC DHCP have been fixed. It should compile and run more
2224 easily when built in 64-bit for this platform.
2225
2226- "allow known-clients;" is now a legal syntax, to avoid confusion.
2227
2228- If one dhcp server chooses to 'load balance' a request to its failover
2229 peer, it first checks to see if it believes said peer has a free
2230 lease to allocate before ignoring the DISCOVER.
2231
2232- log() was logging a work buffer, rather than the value returned by
2233 executing the statements configured by the user. In some cases,
2234 the work buffer and the intended results were the same. In some other
2235 cases, they were not. This was fixed thanks to a patch from Gunnar
2236 Fjone and directconnect.no.
2237
2238- Compiler warnings for some string type conversions was fixed, thanks
2239 to Andreas Gustafsson.
2240
2241- The netbsd build environments were simplified to one, in which
2242 -Wconversion is not used, thanks to Andreas Gustafsson.
2243
2244- How randomness in the backoff-cutoff dhclient configuration variable
2245 is implemented was better documented in the manpage, and the behaviour
2246 of dhclient in REQUEST timeout handling was changed to match that of
2247 DISCOVER timeout handling.
2248
2249- Omapi was hardened against clients that pass in null values, thanks
2250 to a patch from Mark Jason Dominus.
2251
2252- A bug was fixed in dhclient that kept it from doing client-side
2253 ddns updates. Thanks to a patch from Andreas Gustafsson, which
2254 underwent some modification after review by Jason Vas Dias.
2255
2256- Failover implementations disconnected due to the network between
2257 them (rather than one of the two shutting down) will now try to
2258 re-establish the failover connection every 5 seconds, rather than
2259 to simply try once and give up until one of them is restarted.
2260 Thanks to a patch from Ulf Ekberg from Infoblox, and field testing
2261 by Greger V. Teigre which led to an enhancement to it.
2262
2263- A problem that kept DHCP Failover secondaries from tearing down
2264 ddns records was repaired. Thanks to a patch from Ulf Ekberg from
2265 Infoblox.
2266
2267- 64bit pointer sizes are detected properly on FreeBSD now.
2268
2269- A bug was repaired where the DHCP server would leave stale references
2270 to host records on leases it once thought about offering to certain
2271 clients. The result would be to apply host and 'known' scopes to the
2272 wrong clients (possibly denying booting). NOTE: The 'mis-host' patch
2273 that was being circulated as a workaround is not the way this bug was
2274 fixed. If you were a victim of this bug in 3.0.1, you are cautioned
2275 to proceed carefully and see if it fixes your problem.
2276
2277- A bug was repaired in the server's DHCPINFORM handling, where it
2278 tried to divine the client's address from the source packet and
2279 would get it wrong. Thanks to Anshuman Singh Rawat.
2280
2281- A log message was introduced to help illuminate the case where the
2282 server was unable to find a lease to assign to any BOOTP client.
2283 Thanks to Daniel Baker.
2284
2285- A minor dhcpd.conf.5 manpage error was fixed.
2286
2287 Changes since 3.0.1rc14
2288
2289- The global variable 'cur_time' was centralized and is now uniformly of a
2290 type #defined in system-dependent headers. It had previously been defined
2291 in one of many places as a 32-bit value, and this causes mayhem on 64-bit
2292 big endian systems. It probably wasn't too healthy on little endian
2293 systems either.
2294
2295- A printf format string error introduced in rc14 was repaired.
2296
2297- AIX system-dependent header file was altered to only define NO_SNPRINTF
2298 if the condition used to #ifdef in vsnprintf in AIX' header files
2299 is false.
2300
2301- The Alpha/OSF system-dependent header file was altered to define
2302 NO_SNPRINTF on OS revisions older than 4.0G.
2303
2304- omapip/test.c had string.h added to its includes.
2305
2306 Changes since 3.0.1rc13
2307
2308! CAN-2004-0460 - CERT VU#317350: Five stack overflow exploits were closed
2309 in logging messages with excessively long hostnames provided by the
2310 clients. It is highly probable that these could have been used by
2311 attackers to gain arbitrary root access on systems using ISC DHCP 3.0.1
2312 release candidates 12 or 13. Special thanks to Gregory Duchemin for
2313 both finding and solving the problem.
2314
2315! CAN-2004-0461 - CERT VU#654390: Once the above was closed, an opening
45d545f0 2316 in log_*() functions was evidenced, on some specific platforms where
98311e4b
DH		 2317 vsnprintf() was not believed to be available and calls were wrapped to
2318 sprintf() instead. Again, credit goes to Gregory Duchemin for finding
2319 the problem. Calls to snprintf() are now linked to a distribution-local
2320 snprintf implementation, only in those cases where the architecture is
2321 not known to provide one (see includes/cf/[arch].h). If you experience
2322 linking problems with snprintf/vsnprintf or 'isc_print_' functions, this
2323 is where to look. This vulnerability did not exist in any previously
2324 published version of ISC DHCP.
2325
2326- Compilation on hpux 11.11 was repaired.
2327
2328- 'The cross-compile bug fix' was backed out.
2329
2330 Changes since 3.0.1rc12
2331
2332- Fixed a bug in omapi lease lookup function, to form the hardware
2333 address for the hash lookup correctly, thanks to a patch from
2334 Richard Hirst.
2335
2336- Fixed a bug where dhcrelay was sending relayed responses back to the
2337 broadcast address, but with the source's unicast mac address. Should
2338 now conform to rfc2131 section 4.1.
2339
2340- Cross-compile bug fix; use $(AR) instead of ar. Thanks to Morten Brorup.
2341
2342- Fixed a crash bug in dhclient where dhcpd servers that do not provide
2343 renewal times results in an FPE. As a side effect, dhclient can now
2344 properly handle 0xFFFFFFFF (-1) expiry times supplied by servers. Thanks
2345 to a patch from Burt Silverman.
2346
2347- The 'ping timeout' debugs from rc12 were removed to -DDEBUG only,
45d545f0 2348 and reformatted to correct a compilation error on Solaris platforms.
98311e4b
DH		 2349
2350- A patch was applied which fixes a case where leases read from the
2351 leases database do not properly over-ride previously read leases.
2352
2353- dhcpctl.3 manpage was tweaked.
2354
2355 Changes since 3.0.1rc11
2356
2357- A patch from Steve Campbell was applied with minor modifications to
2358 permit reverse dns PTR record updates with values containing spaces.
2359
2360- A patch from Florian Lohoff was applied with some modifications to
2361 dhcrelay. It now discards packets whose hop count exceeds 10 by default,
2362 and a command-line option (-c) can be used to set this threshold.
2363
2364- A failover bug relating to identifying peers by name length instead of
2365 by name was fixed.
2366
45d545f0 2367- Declaring failover configs within shared-network statements should no
98311e4b
DH		 2368 longer result in error.
2369
2370- The -nw command line option to dhclient now works.
2371
2372- Thanks to a patch from Michael Richardson:
2373 - Some problems with long option processing have been fixed.
2374 - Some fixes to minires so that updates of KEY records will work.
2375
2376- contrib/ms2isc was updated by Shu-Min Chang of the Intel Corporation.
2377 see contrib/ms2isc/readme.txt for revision notes.
2378
2379- Dhclient no longer uses shell commands to kill another instance of
2380 itself, it sends the signal directly. Thanks to a patch from Martin
2381 Blapp.
2382
2383- The FreeBSD dhclient-script was changed so that a failure to write to
2384 /etc/resolv.conf does not prematurely end the script. This keeps dhclient
2385 from looping infinitely when this is the case. Thanks to a patch from
2386 Martin Blapp.
2387
2388- A patch from Bill Stephens was applied which resolves a problem with lease
2389 expiry times in failover configurations.
2390
2391- A memory leak in configuration parsing was closed thanks to a patch from
2392 Steve G.
2393
2394- The function which discovers interfaces will now skip non-broadcast or
2395 point-to-point interfaces, thanks to a patch from David Brownlee.
2396
2397- Options not yet known by the dhcpd or dhclient have had their names
2398 changed such that they do not contain # symbols, in case they should ever
2399 appear in a lease file. An option that might have been named "#144" is
2400 now "unknown-144".
2401
2402- Another patch from Bill Stephens which allows the ping-check timeout to
2403 be configured as 'ping-timeout'. Defaults to 1.
2404
2405 Changes since 3.0.1rc10
2406
2407- Potential buffer overflows in minires repaired.
2408
2409- A change to the linux client script to use /bin/bash, since /bin/sh may
2410 not be bash.
2411
2412- Some missing va_end cleanups thanks to a patch from Thomas Klausner.
2413
2414- A correction of boolean parsing syntax validation - some illegal syntaxes
2415 that worked before are now detected and produce errs, some legal syntaxes
2416 that errored before will now work properly.
2417
2418- Some search-and-replace errors that caused some options to change their
2419 names was repaired.
2420
2421- Shu-min Chang of the Intel corporation has contributed a perl script and
2422 module that converts the MS NT4 DHCP configuration to a ISC DHCP3
2423 configuration file.
2424
2425- Applied the remainder of the dhcpctl memory leak patch provided by Bill
2426 Squier at ReefEdge, Inc. (groo@reefedge.com).
2427
2428- Missing non-optional failover peer configurations will now result in a soft
2429 error rather than a null dereference.
2430
2431 Changes since 3.0.1rc9
2432
2433- A format string was corrected to fix compiler warnings.
2434
2435- A number of spelling corrections were made in the man pages.
2436
2437- The dhclient.conf.5 man page was changed to refer to do-forward-updates
2438 rather than a configuration option that doesn't exist.
2439
2440- A FreeBSD-specific bug in the interface removal handling was fixed.
2441
2442- A Linux-specific Token Ring detection problem was fixed.
2443
2444- Hashes removed from as-yet-unknown agent options, having those options
2445 appear in reality before we know about them will no longer produce
2446 self-corrupting lease databases.
2447
2448- dhclient will use the proper port numbers now when using the -g option.
2449
2450- A order-of-operations bug with 2 match clauses in 1 class statement is
2451 fixed thanks to a patch from Andrew Matheson.
2452
2453- Compilation problems on Solaris were fixed.
2454
2455- Compilation problems when built with DEBUG or DEBUG_PACKET were repaired.
2456
2457- A fix to the dhcp ack process which makes certain group options will be
2458 included in the first DHCPOFFER message was made thanks to a patch from
2459 Ling Gou.
2460
2461- A few memory leaks were repaired thanks to patches from Bill Squier at
2462 ReefEdge, Inc. (groo@reefedge.com).
2463
2464- A fix for shared-networks that sometimes give clients options for the
2465 wrong subnets (in particular, 'option routers') was applied, thanks to
2466 Ted Lemon for the patch.
2467
2468- Omshell's handling of dotted octets as values was changed such that dots
2469 one after the other produce zero values in the integer string.
2470
2471 Changes since 3.0.1rc8
2472
2473- Fix a format string vulnerability in the server that could lead to a
2474 remote root compromise (discovered by NGSEC Research Team, www.ngsec.com).
2475
2476- Add additional support for NetBSD/sparc64.
2477
2478- Fix a bug in the command-line parsing of the client. Also, resolve
2479 a memory leak.
2480
2481- Add better support for shells other than bash in the Linux client
2482 script.
2483
2484- Various build fixes for modern versions of FreeBSD and Linux.
2485
2486- Fix a bad bounds check when printing binding state names.
2487
2488- Clarify documentation about fixed-address and multiple addresses.
2489
2490- Fix a typo in the authoritative error message.
2491
2492- Make a log entry when we can't write a billing class.
2493
2494- Use conversion targets that are the right size on all architectures.
2495
2496- Increment the hop count when relaying.
2497
2498- Log a message when lease state is changed through OMAPI.
2499
2500- Don't rerun the shared_network when evaluating the pool.
2501
2502- Fix a reversed test in the parser.
2503
2504- Change the type of rbuf_max.
2505
2506- Make FTS_LAST a manifest constant to quiet warnings.
2507
2508 Changes since 3.0.1rc7
2509
2510- Fix two compiler warnings that are generated when compiling on Solaris
2511 with gcc. These stop the build, even though they weren't actually
2512 errors, because we prefer that our builds generate no warnings.
2513
2514 Changes since 3.0.1rc6
2515
2516- Don't allow a lease that's in the EXPIRED, RELEASED or RESET state
2517 to be renewed.
2518
2519- Implement lease stealing for cases where the primary has fewer leases
2520 than the secondary, as called for by the standard.
2521
2522- Add a fudge factor to the lease expiry acceptance code, (suggested
2523 by Kevin Miller of CMU).
2524
2525- Fix a bug in permit_list_match that made it much too willing to say
2526 that two permit lists matched.
2527
2528- Unless DEBUG_DNS_UPDATES is defined, print more user-friendly (and
2529 also more compact) messages about DNS updates.
2530
2531- Fix a bug in generating wire-format domain names for the FQDN option.
2532
2533- Fix a bug where the FQDN option would not be returned if the client
2534 requested it, contrary to the standard.
2535
2536- On Darwin, use the FreeBSD DHCP client script.
2537
2538- On NetBSD/sparc, don't check for casting warnings.
2539
2540- Add a flag in the DHCP client to disable updating the client's A
2541 record when sending an FQDN option indicating that the client is
2542 going to update its A record.
2543
2544- In the client, don't attempt a DNS update until one second after
2545 configuring the new IP address, and if the update times out, keep
2546 trying until a response, positive or negative, is received from the
2547 DNS server.
2548
2549- Fix an uninitialized memory bug in the DHCP client.
2550
2551- Apply some FreeBSD-specific bug fixes suggested by Murray Stokely.
2552
2553- Fix a bug in ns_parserr(), where it was returning the wrong sort
2554 of result code in some cases (suggested by Ben Harris of the
2555 NetBSD project).
2556
2557- Fix a bug in is_identifier(), where it was checking against EOF
2558 instead of the END_OF_FILE token (also suggested by Ben Harris).
2559
2560- Fix a bug where if an option universe contained no options, the
2561 DHCP server could dump core (Walter Steiner).
2562
2563- Fix a bug in the handling of encapsulated options.
2564
2565- Fix a bug that prevented NWIP suboptions from being processed.
2566
2567- Delete the FTS_BOOTP and FTS_RESERVED states and implement them
2568 as modifier flags to the FTS_ACTIVE state, as called for in the
2569 failover protocol standard.
2570
2571- Fix bugs in the pool merging code that resulted in references and
2572 dereferences of null pointers. This bug had no impact unless the
2573 POINTER_DEBUG flag was defined.
2574
2575- In the server, added a do-forward-updates flag that can be used to
2576 disable forward updates in all cases, so that sites that want the
2577 clients to take sole responsibility for updating their A record can
2578 do so.
2579
2580- Make it possible to disable optimization of PTR record updates.
2581
2582 Changes since 3.0.1rc5
2583
2584- Include some new documentation and changes provided by Karl Auer.
2585
2586- Add a workaround for some Lexmark printers that send a double-NUL-
2587 terminated host-name option, which would break DNS updates.
2588
2589- Fix an off-by-one error in the MAC-address checking code for
2590 DHCPRELEASE that was added in 3.0.1rc5.
2591
2592- Fix a bug where client-specific information was not being discarded
2593 from the lease when it expired or was released, resulting in
2594 problems if the lease was reallocated to a different client.
2595
2596- If more than one allocation pool is specified that has the same set
2597 of constraints as another allocation pool on the same shared
2598 network, merge the two pools.
2599
2600- Don't print an error in fallback_discard, since this just causes
2601 confusion and does not appear to be helping to encourage anyone to
2602 fix this bug.
2603
2604 Changes since 3.0.1rc4
2605
2606- Fix a bug that would cause the DHCP server to spin if asked to parse
2607 a certain kind of incorrect statement.
2608
2609- Fix a related bug that would prevent an error from being reported in
2610 the same case.
2611
2612- Additional documentation.
2613
2614- Make sure that the hardware address matches the lease when
2615 processing a DHCPRELEASE message.
2616
2617 Changes since 3.0.1rc3
2618
2619- A minor bug fix in the arguments to a logging function call.
2620- Documentation update for dhcpd.conf.
2621
adbef119 2622 Changes since 3.0.1rc2
98311e4b
DH		 2623
2624- Allow the primary to send a POOLREQ message. This isn't what the current
2625 failover draft says to do, so we may have to back it out if I can't get the
2626 authors to relent, but the scheme for balancing that's specified in the
2627 current draft seems needlessly hairy, so I'm floating a trial balloon.
2628 The rc1 code did not implement the method described in the draft either.
2629
adbef119 2630 Changes since 3.0.1rc1
98311e4b
DH		 2631
2632- Treat NXDOMAIN and NXRRSET as success when we are trying to delete a
2633 domain or RRSET. This allows the DHCP server to forget about a name
2634 it added to the DNS once it's been removed, even if the DHCP server
2635 wasn't the one that removed it.
2636
2637- Install defaults for failover maximum outstanding updates and maximum
2638 silent time. This prevents problems that might occur if these values
2639 were not configured.
2640
2641- Don't do DDNS deletes if ddns-update-style is none.
2642
2643- Return relay agent information options in DHCPNAK. This prevents DHCPNAK
2644 messages from being dropped when the relay agent information option contains
2645 routing information.
2646
2647- Fix a problem where coming up in recover wouldn't result in an update
2648 request being sent.
2649
2650- Add some more chatty messages when we start a recovery update and when it's
2651 done.
2652
2653- Fix a possible problem where some state might have been left around
2654 after the peer lost contact and regained contact about how many updates
2655 were pending.
2656
2657- Don't nix a lease update because of a lease conflict. This test has
2658 never (as far as I know) prevented a mistake, and it appears to cause
2659 problems with failover.
2660
2661- Add support in rc history code for keeping a selective history, rather
2662 than a history of all references and dereferences. This code is only used
2663 when extensive additional debugging is enabled.
2664
adbef119 2665 Changes since 3.0
98311e4b
DH		 2666
2667- Make allocators for hash tables. As a side effect, this fixes a memory
2668 smash in the subclass allocation code.
2669
2670- Fix a small bug in omshell where if you try to close an object when
2671 no object is open, it dumps core.
2672
2673- Fix an obscure coredump that could occur on shutdown.
2674
2675- Fix a bug in the recording of host declaration rubouts in the lease file.
2676
2677- Fix two potential spins in the host deletion code.
2678
2679- Fix a core dump that would happen if an application tried to update
2680 a host object attribute with a null value.
2681
2682 Changes since 3.0 Release Candidate 12
2683
2684- Fix a memory leak in the evaluation code.
2685
2686- Fix an obscure core dump.
2687
2688- Print a couple of new warnings when parsing the configuration file
2689 when crucial information is left out.
2690
2691- Log "no free leases" as an error.
2692
2693- Documentation updates.
2694
2695 Changes since 3.0 Release Candidate 11
2696
2697- Always return a subnet selection option if one is sent.
2698
2699- Fix a warning that was being printed because an automatic data
2700 structure wasn't zeroed.
2701
2702- Fix some failover state transitions that were being handled
2703 incorrectly.
2704
2705- When supersede_lease is called on a lease whose end time has already
2706 expired, but for which a state transition has not yet been done, do
2707 a state transition. This fixes the case where if the secondary
2708 allocated a lease to a client and the lease "expired" while the
2709 secondary was in partner-down, no expiry event would actually
2710 happen, so the lease would remain active until the primary was
2711 restarted.
2712
2713 Changes since 3.0 Release Candidate 10
2714
2715- Fix a bug that was preventing released leases from changing state
2716 in failover-enabled pools.
2717
2718- Fix a core dump in the client identifier finder code (for host
2719 declarations).
2720
2721- Finish fixing a bug where bogus data would sometimes get logged to
2722 the dhclient.leases file because it was opened as descriptor 2.
2723
2724- Fix the Linux dhclient-script according to suggestions made by
2725 several people on the dhcp-client mailing list.
2726
2727- Log successful DNS updates at LOG_INFO, not LOG_ERROR.
2728
2729- Print an error message and refuse to run if a failover peer is
2730 defined but not referenced by any pools.
2731
2732- Correct a confusing error message in failover.
2733
eaf0b302
TL		 2734 Changes since 3.0 Release Candidate 9
2735
2736- Fix a bug in lease allocation for Dynamic BOOTP clients.
2737
0db87765
TL		 2738 Changes since 3.0 Release Candidate 8 Patchlevel 2
2739
2740- Fix a bug that prevented update-static-leases from working.
2741
2742- Document failover-state OMAPI object.
2743
2744- Fix a compilation error on SunOS 4.
2745
d758ad8c
TL		 2746 Changes since 3.0 Release Candidate 8 Patchlevel 1
2747
2748- Fix a parsing bug that broke dns updates (both interim and ad-hoc).
2749 This was introduced in rc8pl1 as an unintended result of the memory
2750 leakage fixes that were in pl1.
2751
2752- Fix a long-standing bug where the server would record that an update
2753 had been done for a client with no name, even though no update had
2754 been done, and then when the client's lease expired the deletion of
2755 that nonexistant record would time out because the name was the null
2756 string.
2757
2758- Clean up the omshell, dhcpctl and omapi man pages a bit.
2759
d758ad8c
TL		 2760 Changes since 3.0 Release Candidate 8
2761
2762- Fix a bug that could cause the DHCP server to spin if
2763 one-lease-per-client was enabled.
2764
2765- Fix a bug that was causing core dumps on BSD/os in the presence of
2766 malformed packets.
2767
2768- In partner-down state, don't restrict lease lengths to MCLT.
2769
2770- On the failover secondary, record the MCLT received from the primary
2771 so that if we come up without a connection to the primary we don't
2772 wind up giving out zero-length leases.
2773
2774- Fix some compilation problems on BSD/os.
2775
2776- Fix a bunch of memory leaks.
2777
2778- Fix a couple of bugs in the option printer.
2779
2780- Fix an obscure error reporting bug in the dns update code, and also
2781 make the message clearer when a key algorithm isn't supported.
2782
2783- Fix a bug in the tracing code that prevented trace runs that used
2784 tcp connections from being played back.
2785
2786- Add some additional debugging capability for catching memory leaks
2787 on exit.
2788
2789- Make the client release the lease correctly on shutdown.
2790
2791- Add some configurability to the build system.
2792
2793- Install omshell manual page in man1, not man8.
2794
2795- Craig Gwydir sent in a patch that fixes a long-standing bug in the
2796 DHCP client that could cause core dumps, but that for some reason
2797 hadn't been noticed until now.
2798
2799 Changes since 3.0 Release Candidate 7
2800
2801- Fix a bug in failover where we weren't sending updates after a
2802 transition from communications-interrupted to normal.
2803
2804- Handle expired/released/reset -> free transition according to the
2805 protocol specification (this works - the other way not only wasn't
2806 conformant, but also didn't work).
2807
2808- Add a control object in both client and server that allows either
2809 daemon to be shut down cleanly.
2810
2811- When writing a lease, if we run out of disk space, shut down the
2812 output file and insist on writing a new one before proceeding.
2813
2814- In the server, if the OMAPI listener port is occupied, keep trying
2815 to get it, rather than simply giving up and exiting.
2816
2817- Support fetching variables from leases and also updating and adding
2818 variables to leases via OMAPI.
2819
2820- If two failover peers have wildly different clocks, refuse to start
2821 doing failover.
2822
2823- Fix a bug in the DNS update code that could cause core dumps when
2824 running on alpha processors.
2825
2826- Fixed a bug in ddns updates for static lease entries, thanks to a
2827 patch from Andrey M Linkevitch.
2828
2829- Add support for Darwin/MacOS X
2830
2831- Install omshell (including new documentation).
2832
2833- Support DNS updates in the client (this is a very obscure feature
2834 that most DHCP client users probably will not be able to use).
2835
2836- Somewhat cleaner status logging in the client.
2837
2838- Make OMAPI key naming syntax compatible with the way keys are
2839 actually named (key names are domain names).
2840
2841- Fix a bug in the lease file writer.
2842
2843- Install DHCP ISC headers in a different place than BIND 9 ISC
2844 headers, to avoid causing trouble in BIND 9 builds.
2845
2846- Don't send updates for attributes on an object when the attributes
2847 haven't changed. Support deleting attributes on remote objects.
2848
2849- Fix a number of bugs in omshell, and add the unset and refresh
2850 statements.
2851
2852- Handle disconnects in OMAPI a little bit more intelligently (so that
2853 the caller gets ECONNRESET instead of EINVAL).
2854
2855- Fix a bunch of bugs in the handling of clients that have existing
2856 leases when the try to renew their leases while failover is
2857 operating.
2858
eaf0b302
TL		 2859 Changes since 3.0 Release Candidate 6
2860
2861- Fix a core dump that could happen when processing a DHCPREQUEST from
2862 a client that had a host declaration that contained both a
2863 fixed-address declaration and a dhcp-client-identifier option
2864 declaration, if the client identifier was longer than nine bytes.
2865
2866- Fix a memory leak that could happen in certain obscure cases when
2867 using omapi to manipulate leases.
2868
2869- Fix some bugs and omissions in omshell.
2870
eaf0b302
TL		 2871 Changes since 3.0 Release Candidate 5
2872
2873- Fix a bug in omapi_object_dereference that prevented objects in
2874 chains from having their reference counts decreased on dereference.
2875
2876- Fix a bug in omapi_object_dereference that would prevent object
2877 chains from being freed upon removal of the last reference external
2878 to the chain.
2879
2880- Fix a number of other memory leaks in the OMAPI protocol subsystem.
2881
2882- Add code in the OMAPI protocol handler to trace memory leakage.
2883
2884- Clean up the memory allocation/reference history printer.
2885
98311e4b 2886- Support input of dotted quads and colon-separated hex lists as
eaf0b302
TL		 2887 attribute values in omshell.
2888
98311e4b 2889- Fix a typo in the Linux interface discovery code.
eaf0b302
TL		 2890
2891- Conditionalize a piece of trace code that wasn't conditional.
2892
2893 Changes since 3.0 Release Candidate 4
2894
2895- Fix a bug that would prevent leases from being abandoned properly on
2896 DHCPDECLINE.
2897
2898- Fix failover peer OMAPI support.
2899
2900- In failover, correctly handle expiration of leases. Previously,
2901 leases would never be reclaimed because they couldn't make the
2902 transition from EXPIRED to FREE.
2903
2904- Fix some broken failover state transitions.
2905
2906- Documentation fixes.
2907
2908- Take out an unnecessary check in DHCP relay agent information option
2909 stashing code that was preventing REBINDING clients from rebinding.
2910
2911- Prevent failover peers from allocating leases in DHCPREQUEST
2912 processing if the lease belongs to the other server.
2913
2914- Record server version in lease file introductory comment.
2915
2916- Correctly report connection errors in OMAPI and failover.
2917
2918- Make authentication signature algorithm name comparisons in OMAPI
2919 case-insensitive.
2920
2921- Fix compile problem on SunOS 4.x
2922
98311e4b 2923- If a signature algorithm is not terminated with '.', terminate it so
eaf0b302
TL		 2924 that comparisons between fully-qualified names will work
2925 consistently.
2926
2927- Different SIOCGIFCONF probe code, may "fix" problem on some Linux
2928 systems with the probe not working correctly.
2929
2930- Don't allow user to type omapi key on command line of omshell.
2931
0596b051
TL		 2932 Changes since 3.0 Release Candidate 3
2933
2934- Do lease billing on startup in a way that I *think* will finally do
2935 the billing correctly - the previous method could overbill as a
2936 result of duplicate leases.
2937
2938- Document OMAPI server objects.
2939
892fe689
TL		 2940 Changes since 3.0 Release Candidate 2 Patchlevel 1
2941
2942- Fix some problems in the DDNS update code. Thanks to Albert
2943 Herranz for figuring out the main problem.
2944
2945- Fix some reference counting errors on host entries that were causing
2946 core dumps.
2947
2948- Fix a byte-swap bug in the token ring code, thanks to Jochen
2949 Friedrich.
2950
2951- Fix a bug in lease billing, thanks to Jonas Bulow.
2952
2953 Changes since 3.0 Release Candidate 2
2954
2955- Change the conditions under which a DHCPRELEASE is actually
2956 committed to be consistent with lease binding states rather than
98311e4b 2957 using the lease end time. This may fix some problems with the
892fe689
TL		 2958 billing class code.
2959
2960- Fix a bug where lease updates would fail on Digital Unix (and maybe
2961 others) because malloc was called with a size of zero.
2962
2963- Fix a core dump that happens when the DHCP server can't create its
2964 trace file.
2965
79ea3de8 2966 Changes since 3.0 Release Candidate 1 Patchlevel 1
87784777 2967
79ea3de8
TL		 2968- Fix the dhcp_failover_put_message to not attempt to allocate a
2969 zero-length buffer. Some versions of malloc() fail if you try to
2970 allocate a zero-length buffer, and this was causing problems on,
2971 e.g., Digital Unix.
2972
2973- Fix a case where the failover code was printing an error message
2974 when no error had occurred.
2975
2976- Fix a problem where when a server went down and back up again, the
2977 peer would not see a state transition and so would stay in the
2978 non-communicating state.
2979
2980- Be smart about going into recover_wait.
2981
2982- Fix a problem in the failover implementation where peers would fail
2983 to come into sync if interrupted in the RECOVER state. This could
2984 have been the cause of some problems people have reported recently.
2985
2986- Fix a problem with billing classes where they would not be unbilled
2987 when the client lease expired.
2988
2989- If select fails, figure out which descriptor is bad, and cut it out
2990 of the I/O loop. This prevents a potentially nasty spin. I
2991 haven't heard any report it in a while, but it came up consistently
2992 in testing.
2993
2994- Fix a bug in the relay agent where if you specified interfaces on
2995 the command line, it would fail.
2996
2997- Fix a couple of small bugs in the omapi connection object (no known
2998 user impact).
2999
3000- Add the missing 3.0 Beta 1 lease conversion script.
3001
3002- Read dhcp client script hooks if they exist, rather than only if
3003 they're executable.
3004
3005 Changes since 3.0 Release Candidate 1
87784777
TL		 3006
3007- Fix a memory smash that happens when fixed-address leases are used.
3008 ANY SITE AT WHICH FIXED-ADDRESS STATEMENTS ARE BEING USED SHOULD
3009 UPGRADE IMMEDIATELY. This has been a long-standing bug - thanks to
3010 Alvise Nobile for discovering it and helping me to find it!
3011
79ea3de8
TL		 3012- Fix a small bug in binary-to-ascii, thanks to H. Peter Anvin of
3013 Transmeta.
3014
87784777
TL		 3015- There is a known problem with the DHCP server doing failover on
3016 Compaq Alpha systems. This patchlevel is not a release candidate
3017 because of this bug. The bug should be straightforward to fix, so
3018 a new release candidate is expected shortly.
3019
3020- There is a known problem in the DDNS update code that is probably a
3021 bug, and is not, as far as we know, fixed in this patchlevel.
3022
6d779c72
TL		 3023 Changes since 3.0 Beta 2 Patchlevel 24
3024
3025- Went over problematic failover state transitions and made them all
3026 work, so that failover should now much less fragile.
3027
3028- Add some dhcpctl and omapi documentation
3029
3030- Fix compile errors when compiling with unusual predefines.
3031
3032- Make Token Ring work on Linux 2.4
3033
3034- Fix the Digital Unix BPF_WORDALIGN bug.
3035
3036- Fix some dhcp client documentation errors.
3037
3038- Update some parts of the README file.
3039
3040- Support GCC on SCO.
3041
adbef119 3042 Changes since 3.0 Beta 2 Patchlevel 23
de57e64b
TL		 3043
3044- Fix a bug in the DNS update code where a status code was not being
3045 checked. This may have been causing core dumps.
3046
3047- When parsing the lease file, if a lease declaration includes a
3048 billing class statement, and the lease already has a billing class,
3049 unbill the old class.
3050
3051- When processing failover transactions, where acks will be deferred,
3052 process the state transition immediately.
3053
3054- Don't try to use the new SIOCGIFCONF buffer size detection code on
3055 Linux 2.0, which doesn't provide this functionality.
3056
3057- Apply a patch suggested by Tuan Uong for a problem in dlpi.c.
3058
3059- Fix a problem in using the which command in the configure script.
3060
3061- Fix a parse error in the client when setting up an omapi listener.
3062
3063- Document the -n and -g flags to the client.
3064
3065- Make sure there is always a stdin and stdout on startup. This
3066 prevents shell scripts from accidentally writing error messages into
3067 configuration files that happen to be opened as stderr.
3068
3069- If an interface is removed, the client will now notice that it is
3070 gone rather than spinning. This has only been tested on NetBSD.
3071
3072- The client will attempt to get an address even if it can't create a
3073 lease file.
3074
3075- Don't overwrite tracefiles.
3076
3077- Fix some memory allocation bugs in failover.
2aa36519 3078
adbef119 3079 Changes since 3.0 Beta 2 Patchlevel 22
140158d3
TL		 3080
3081- Apply some patches suggested by Cyrille Lefevre, who is maintaining
3082 the FreeBSD ISC DHCP Distribution port.
3083
3084- Fix a core dump in DHCPRELEASE.
3085
adbef119 3086 Changes since 3.0 Beta 2 Patchlevel 21
3a395e60
TL		 3087
3088- This time for sure: fix the spin described in the changes for pl20.
3089
adbef119 3090 Changes since 3.0 Beta 2 Patchlevel 20
fc74dd0c
TL		 3091
3092- Fix a problem with Linux detecting large numbers of interfaces (Ben)
3093
3094- Fix a memory smash in the quotify code, which was introduced in
3095 pl19.
3096
3097- Actually fix the spin described in the changes for pl20. The
3098 previous fix only partially fixed the problem - enough to get it
3099 past the regression test.
3100
adbef119 3101 Changes since 3.0 Beta 2 Patchlevel 19
ed5ee591
TL		 3102
3103- Fix a bug that could cause the server to abort if compiled with
3104 POINTER_DEBUG enabled.
3105
3106- Fix a bug that could cause the server to spin when responding to a
3107 DHCPREQUEST.
3108
3109- Apply Joost Mulders' suggested patches for DLPI on x86.
3110
3111- Support NUL characters in quoted strings.
3112
3113- Install unformatted man pages on SunOS.
3114
adbef119 3115 Changes since 3.0 Beta 2 Patchlevel 18
b3fad8ac 3116
3350f5b7
TL		 3117- Allow the server to be placed in partner-down state using OMAPI.
3118 (Damien Neil)
3119
3120- Implement omshell, which can be used to do arbitrary things to the
3121 server (in theory). (Damien Neil)
3122
3123- Fix a case where if a client had two different leases the server could
3124 actually dereference the second one when it hadn't been referenced,
3125 leading to memory corruption and a core dump. (James Brister)
3126
3127- Fix a case where a client could request the address of another client's
3128 lease, but find_lease wouldn't detect that the other client had it, and
3129 would attempt to allocate it to the client, resulting in a lease conflict
3130 message.
3131
3132- Fix a case where a client with more than one client identifier could be
3133 given a lease where the hardware address was correct but the client
3134 identifier was not, resulting in a lease conflict message.
3135
98311e4b 3136- Fix a problem where the server could write out a colon-separated
3350f5b7
TL		 3137 hex list as a value for a variable, which would then not parse.
3138 The fix is to always write strings as quoted strings, with any
3139 non-printable characters quoted as octal escape sequences. So
3140 a file written the old way still won't work, but new files written
3141 this way will work.
3142
b3fad8ac
TL		 3143- Fix documentation for sending non-standard options.
3144
3145- Use unparsable names for unknown options. WARNING: this will
3146 break any configuration files that use the option-nnn convention.
3147 If you want to continue to use this convention for some options,
3148 please be sure to write a definition, like this:
3149
3150 option option-nnn code nnn = string;
3151
3152 You can use a descriptive name instead of option-nnn if you like.
3153
3154- Fix a problem where we would see a DHCPDISCOVER/DHCPOFFER/
3155 DHCPREQUEST/DHCPACK/DHCPREQUEST/DHCPNAK sequence. This was the
3156 result of a deceptively silly bug in supersede_lease.
3157
3158- Fix client script exit status check, according to a fix supplied by
3159 Hermann Lauer.
3160
3161- Fix an endianness bug in the tracefile support, regarding ICMP
3162 messages.
3163
3350f5b7
TL		 3164- Fix a bug in the client where the medium would not work correctly if
3165 it contained quoted strings.
3166
b3fad8ac
TL		 3167 ** there was no pl17 **
3168
adbef119 3169 Changes since 3.0 Beta 2 Patchlevel 16
e6d30fd6 3170
6da9db9d
TL		 3171- Add support for transaction tracing. This allows the state of the
3172 DHCP server on startup, and all the subsequent transactions, to be
3173 recorded in a file which can then be played back to reproduce the
3174 behaviour of the DHCP server. This can be used to quickly
3175 reproduce bugs that cause core dumps or corruption, and also for
3176 tracking down memory leaks.
3177
3178- Incorporate some bug fixes provided by Joost Mulders for the DLPI
3179 package which should clear up problems people have been seeing on
3180 Solaris.
3181
3182- Fix bugs in the handling of options stored as linked lists (agent
3183 options, fqdn options and nwip options) that could cause memory
3184 corruption and core dumps.
3185
3186- Fix a bug in DHCPREQUEST handling that resulted in DHCPNAK messages
3187 not being send in some cases when they were needed.
3188
3189- Make the lease structure somewhat more compact.
3190
3191- Make initial failover startup *much* faster. This was researched
3192 and implemented by Damien Neil.
3193
3194- Add a --version flag to all executables, which prints the program
3195 name and version to standard output.
3196
3197- Don't rewrite the lease file every thousand leases.
3198
e6d30fd6
TL		 3199- A bug in nit.c for older SunOS machines was fixed by a patch sent in
3200 by Takeshi Hagiwara.
3201
6da9db9d
TL		 3202- Fix a memory corruption bug in the DHCP client.
3203
3204- Lots of documentation updates.
3205
3206- Add a feature allowing environment variables to be passed to the
3207 DHCP client script on the DHCP client command line.
3208
3209- Fix client medium support, which had been broken for some time.
3210
3211- Fix a bug in the DHCP client initial startup backoff interval, which
3212 would cause two DHCPDISCOVERS to be sent back-to-back on startup.
3213
adbef119 3214 Changes since 3.0 Beta 2 Patchlevel 15
af49fdff
TL		 3215
3216- Some documentation tweaks.
3217
3218- Maybe fix a problem in the DLPI code.
3219
3220- Fix some error code space inconsistencies in ddns update code.
3221
3222- Support relay agents that intercept unicast DHCP messages to stuff
3223 agent options into them.
3224
3225- Fix a small memory leak in the relay agent option support code.
3226
c5b569f8
TL		 3227- Fix a core dump that would occur if a packet was sent with no
3228 options.
3229
adbef119 3230 Changes since 3.0 Beta 2 Patchlevel 14
754ae3e9
TL		 3231
3232- Finish fixing a long-standing bug in the agent options code. This
3233 was causing core dumps and failing to operate correctly - in
3234 particular, agent option stashing wasn't working. Agent option
3235 stashing should now be working, meaning that agent options can be
3236 used in class statements to control address allocation.
3237
3238- Fix up documentation.
3239
3240- Fix a couple of small memory leaks that would have added up
3241 significantly in a high-demand situation.
3242
3243- Add a log-facility configuration parameter.
3244
3245- Fix a compile error on some older operating systems.
3246
3247- Add the ability in the client to execute certain statements before
3248 transmitting packets to the server. Handy for debugging; not much
3249 practical use otherwise.
3250
3251- Don't send faked-out giaddr when renewing or bound - again, useful
3252 for debugging.
3253
adbef119 3254 Changes since 3.0 Beta 2 Patchlevel 13
2f2e7960
TL		 3255
3256- Fixed a problem where the fqdn decoder would sometimes try to store
3257 an option with an (unsigned) negative length, resulting in a core
3258 dump on some systems.
3259
3260- Work around the Win98 DHCP client, which NUL-terminates the FQDN
3261 option.
3262
3263- Work around Win98 and Win2k clients that will claim they want to do
3264 the update even when they don't have any way to do it.
3265
3266- Fix some log messages that can be printed when failover is operating
3267 that were not printing enough information.
3268
3269- It was possible for a DHCPDISCOVER to get an allocation even when
3270 the state machine said the server shouldn't be responding.
3271
3272- Don't load balance DHCPREQUESTs from clients in RENEWING and
3273 REBINDING, since in RENEWING, if we heard it, it's for us, and in
3274 REBINDING, the client wouldn't have got to REBINDING if its primary
3275 were answering.
3276
3277- When we get a bogus state lease binding state transition, don't do
3278 the transition.
3279
3280
adbef119 3281 Changes since 3.0 Beta 2 Patchlevel 12
66e98927
TL		 3282
3283- Fixed a couple of silly compile errors.
3284
a1e2e3d6
TL		 3285 Changes since 3.0 Beta 2 Patchlevel 11
3286
3287- Albert Herranz tracked down and fixed a subtle bug in the base64
3288 decoder that would prevent any key with an 'x' in its base64
3289 representation from working correctly.
3290
3291- Thanks to Chris Cheney and Michael Sanders, we have a fix for the
3292 hang that they both spotted in the DHCP server - when
3293 one-lease-per-client was set, the code to release the "other" lease
3294 could spin.
3295
3296- Fix a problem with alignment of the input buffer in bpf in cases
3297 where two packets arrive in the same bpf read.
3298
3299- Fix a problem where the relay agent would crash if you specified an
3300 interface name on the command line.
3301
3302- Add the ability to conditionalize client behaviour based on the
3303 client state.
3304
3305- Add support for the FQDN option, and added support for a new way of
3306 doing ddns updates (ddns update style interim) that allows more than
3307 one DHCP server to update the DNS for the same network(s). This
3308 was implemented by Damien Neil with some additional functionality
3309 added by Ted Lemon.
3310
3311- Damien added a "log" statement, so that the configuration file can
3312 be made to log debugging information and other information.
3313
3314- Fixed a bug that caused option buffers not to be terminated with an
3315 end option.
3316
3317- Fixed a long-standing bug in the support for option spaces where the
3318 options are stored as an ordered list rather than in a hash table,
3319 which could theoretically result in memory pool corruption.
3320
3321- Prevent hardware declarations with no actual hardware address from
3322 being written as something unparsable, and behave correctly in the
3323 face of a null hardware address on input.
3324
3325- Allow key names to be FQDNs, and qualify the algorithm name if it is
3326 specified unqualified.
3327
3328- Modify the DDNS update code so that it never prints the "resolver
3329 failed" message, but instead says *why* the resolver failed.
3330
3331- Officially support the subnet selection option, which now has an
3332 RFC.
3333
3334- Fix a build bug on MacOS X.
3335
3336- Allow administrator to disable ping checking.
3337
3338- Clean up dhcpd.conf documentation and add more information about how
3339 it works.
3340
6c68ec36
TL		 3341 Changes since 3.0 Beta 2 Patchlevel 10
3342
3343- Fix a bug introduced during debugging (!) and accidentally committed
3344 to CVS.
3345
9fd337e7
TL		 3346 Changes since 3.0 Beta 2 Patchlevel 9
3347
3348- Fix DHCP client handling of vendor encapsulated options.
3349
3350- Fix a bug in the handling of relay agent information options introduced
3351 in patchlevel 9.
3352
3353- Stash agent options on client leases by default, and use the stashed
3354 options at renewal time.
3355
3356- Add the ability to test the client's binding state in the client
3357 configuration language.
3358
3359- Fix a core dump in the DNS update code.
3360
3361- Fix some expression evaluation bugs that were causing updates to be
3362 done when no client hostname was received.
3363
3364- Fix expression evaluation debugging printfs.
3365
3366- Teach pretty_print_option to print options in option spaces other than
3367 the DHCP option space.
3368
3369- Add a warning message if the RHS of a not is not boolean.
3370
3371- Never select for more than a day, because some implementations of
3372 select will just fail if the timeout is too long (!).
3373
3374- Fix a case where a DHCPDISCOVER from an unknown network would be
3375 silently dropped.
3376
3377- Fix a bug where if a client requested an IP address for which a different
3378 client had the lease, the DHCP server would reallocate it anyway.
3379
3380- Fix the DNS update code so that if the client changes its name, the DNS
3381 will be correctly updated.
3382
3922772a
TL		 3383 Changes since 3.0 Beta 2 Patchlevel 8
3384
3385- Oops, there was another subtle math error in the header-length
3386 bounds-checking.
3387
3388 Changes since 3.0 Beta 2 Patchlevel 7
848c2547
TL		 3389
3390- Oops, forgot to byte-swap udp header length before bounds-checking it.
3391
3922772a 3392 Changes since 3.0 Beta 2 Patchlevel 6
0f6045f8 3393
f8572308
TL		 3394- Fix a possible DoS attack where a client could cause the checksummer
3395 to dump core. This was a read, not a write, so it shouldn't be
3396 possible to exploit it any further than that.
3397
3398- Implement client- and server-side support for using the Client FQDN
3399 option.
3400
3401- Support for other option spaces in the client has been added. This
3402 means that it is now possible to define a vendor option space on the
3403 client, request options in that space from the server (which must
3404 define the same option space), and then use those options in the
3405 client. This also allows NWIP and Client FQDN options to be used
3406 meaningfully.
3407
3408- Add object initializer support. This means that objects can now be
3409 initialized to something other than all-zeros when allocated, which
3410 makes, e.g., the interface object support code a little more robust.
3411
3412- Fix an off-by-one bug in the host stuffer. This was causing host
3413 deletes not the work, and may also have been causing OMAPI
3414 connections to get dropped. Thanks to James Brister for tracking
3415 this one down!
3416
3417- Fixed a core dump in the interface discovery code that is triggered
3418 when there is no subnet declaration for an interface, but the server
3419 decides to continue running. Thanks to Shane Kerr for tracking
3420 down and fixing this problem.
3421
3422 Changes since 3.0 Beta 2 Patchlevel 5
3423
0f6045f8
TL		 3424- Fix a bug in the recent enhancement to the interface discovery code
3425 to support arbitrary-length interface lists.
3426
3427- Support NUL-terminated DHCP options when initializing client-script
3428 environment.
3429
3430- Fix suffix operator.
3431
3432- Fix NetWare/IP option parsing.
3433
3434- Better error/status checking in dhcpctl initialization and omapi
3435 connection code.
3436
3437- Fix a potential memory smash in dhcpctl code.
3438
3439- Fix SunOS4 and (maybe) Ultrix builds.
3440
3441- Fix a bug where a certain sort of incoming packet could cause a core
3442 dump on Solaris (and probably elsewhere).
3443
3444- Add some more safety checks in error logging code.
3445
3446- Add support for ISC_R_INCOMPLETE in OMAPI protocol connection code.
3447
3448- Fix relay agent so that if an interface is specified on the command
3449 line, the relay agent does not dump core.
3450
3451- Fix class matching so that match if can be combined with match or
3452 spawn with.
3453
3454- Do not allow spurious leases in the lease database to introduce
3455 potentially bogus leases into the in-memory database.
3456
3457- Fix a byte-order problem in the client hardware address type code
3458 for OMAPI.
3459
3460- Be slightly less picky about what sort of hardware addresses OMAPI
3461 can install in host declarations.
3462
801de092
TL		 3463 Changes since 3.0 Beta 2 Patchlevel 4
3464
3465- Incorporated Peter Marschall's proposed change to array/record
3466 parsing, which allows things like the slp-agent option to be encoded
3467 correctly. Thanks very much to Peter for taking the initiative to
3468 do this, and for doing such a careful job of it (e.g., updating the
3469 comments)!
3470
3471- Added an encoding for the slp-agent option. :')
3472
6ed7a93d
TL		 3473- Fixed SunOS 4 build. Thanks to Robert Elz for responding to my
3474 request for help on this with patches!
3475
3476- Incorporated a change that should fix a problem reported by Philippe
3477 Jumelle where when the network connection between two servers is
3478 lost, they never reconnect.
3479
3480- Fix client script files other than that for NetBSD to actually use
3481 make_resolv_conf as documented in the manual page.
3482
3483- Fix a bug in the packet handling code that could result in a core
3484 dump.
3485
3486- Fix a bug in the bootp code where responses on the local net would
3487 be sent to the wrong MAC address. Thanks to Jerry Schave for
3488 catching this one.
3489
490eb5e7
TL		 3490 Changes since 3.0 Beta 2 Patchlevel 3
3491
3492- In the DHCP client, execute client statements prior to using the values
45d545f0 3493 of options, so that the client configuration can overridden, e.g., the
490eb5e7
TL		 3494 lease renewal time.
3495
3496- Fix a reference counting error that would result in very reproducible
3497 failures in updates, as well as occasional core dumps, if a zone was
3498 declared without a key.
3499
3500- Fix some Linux 2.0 compilation problems.
3501
3502- Fix a bug in scope evaluation during execution of "on" statements that
3503 caused values not to be recorded on leases.
3504
3505- If the dhcp-max-message-size option is specified in scope, and the
3506 client didn't send this option, use the one specified in scope to
3507 determine the maximum size of the response.
3508
592d8153
TL		 3509 Changes since 3.0 Beta 2 Patchlevel 2
3510
359b023e
TL		 3511- Fix a case where spawning subclasses were being allocated
3512 incorrectly, resulting in a core dump.
3513
592d8153
TL		 3514- Fix a case where the DHCP server might inappropriately NAK a
3515 RENEWING client.
3516
3517- Fix a place dhcprequest() where static leases could leak.
3518
3519- Include memory.h in omapip_p.h so that we don't get warnings about
3520 using memcmp().
3521
2aa36519
TL		 3522 Changes since 3.0 Beta 2 Patchlevel 1
3523
3524- Notice when SIOCFIGCONF returns more data than fit in the buffer -
3525 allocate a larger buffer, and retry. Thanks to Greg Fausak for
3526 pointing this out.
3527
3528- In the server, if no interfaces were configured, report an error and
3529 exit.
3530
3531- Don't ever record a state of 'startup'.
3532
3533- Don't try to evaluate the local failover binding address if none was
3534 specified. Thanks to Joseph Breu for finding this.
Mirror of https://github.com/isc-projects/dhcp.git