Merges in rt45290.
freebsd, linux, macos, netbsd, openbsd.
[ISC-Bugs #36169]
+- Modified DDNS support initialization such DNS related ports will only be
+ opened by the server (dhcpd) at startup if ddns-update-style is not "none";
+ by dhclient only if and when the it first attempts an update; and never by
+ dhcrelay. Prior to this all three always did the initialization at startup
+ which causes them to always open on and listen for traffic on two random
+ ports.
+ [ISC-Bugs #45290]
+ [ISC-Bugs #33377]
+
Changes since 4.3.0 (bug fixes)
- Tidy up several small tickets.
When DDNS is enabled at compile time (see includes/site.h)
the client will open both a v4 and a v6 UDP socket on
-random ports. These ports are opened even if DDNS is disabled
-in the configuration file.
+random ports. These ports are not opened unless/until the
+client first attempts to do an update. If the client is not
+configured to do updates, the ports will never be opened.
.PP
.SH CONFIGURATION
The syntax of the \fBdhclient.conf(5)\fR file is discussed separately.
}
/* Set up the isc and dns library managers */
- status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB,
- NULL, NULL);
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB
+ | DHCP_DNS_CLIENT_LAZY_INIT, NULL, NULL);
if (status != ISC_R_SUCCESS)
log_fatal("Can't initialize context: %s",
isc_result_totext(status));
Domain Name Service subroutines. */
/*
- * Copyright (c) 2009-2015 by Internet Systems Consortium, Inc. ("ISC")
- * Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 2001-2003 by Internet Software Consortium
*
* Permission to use, copy, modify, and distribute this software for any
isc_sockaddrlist_t *zlist = NULL;
+ /* Creates client context if we need to */
+ result = dns_client_init();
+ if (result != ISC_R_SUCCESS) {
+ return result;
+ }
+
/* Get a pointer to the clientname to make things easier. */
clientname = (unsigned char *)ddns_cb->fwd_name.data;
unsigned char buf[256];
int buflen;
+ /* Creates client context if we need to */
+ result = dns_client_init();
+ if (result != ISC_R_SUCCESS) {
+ return result;
+ }
+
/*
* Try to lookup the zone in the zone cache. As with the forward
* case it's okay if we don't have one, the DNS code will try to
connections to the isc and dns libraries */
/*
- * Copyright (c) 2009,2013,2014 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2009-2017 by Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
isc_timermgr_t *timermgr;
#if defined (NSUPDATE)
dns_client_t *dnsclient;
+ int use_local4;
+ isc_sockaddr_t local4_sockaddr;
+ int use_local6;
+ isc_sockaddr_t local6_sockaddr;
#endif
} dhcp_context_t;
#define DHCP_CONTEXT_PRE_DB 1
#define DHCP_CONTEXT_POST_DB 2
+#define DHCP_DNS_CLIENT_LAZY_INIT 4
isc_result_t dhcp_context_create(int flags,
struct in_addr *local4,
struct in6_addr *local6);
void dhcp_signal_handler(int signal);
extern int shutdown_signal;
+isc_result_t dns_client_init();
+
#endif /* ISCLIB_H */
/*
- * Copyright(c) 2009-2010,2013-2014 by Internet Systems Consortium, Inc.("ISC")
+ * Copyright(c) 2009-2017 by Internet Systems Consortium, Inc.("ISC")
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
#if defined (NSUPDATE)
if ((flags & DHCP_CONTEXT_POST_DB) != 0) {
- isc_sockaddr_t localaddr4, *localaddr4_ptr = NULL;
- isc_sockaddr_t localaddr6, *localaddr6_ptr = NULL;
+ /* Setting addresses only.
+ * All real work will be done later on if needed to avoid
+ * listening on ddns port if client/server was compiled with
+ * ddns support but not using it. */
if (local4 != NULL) {
- isc_sockaddr_fromin(&localaddr4, local4, 0);
- localaddr4_ptr = &localaddr4;
+ dhcp_gbl_ctx.use_local4 = 1;
+ isc_sockaddr_fromin(&dhcp_gbl_ctx.local4_sockaddr,
+ local4, 0);
}
+
if (local6 != NULL) {
- isc_sockaddr_fromin6(&localaddr6, local6, 0);
- localaddr6_ptr = &localaddr6;
+ dhcp_gbl_ctx.use_local6 = 1;
+ isc_sockaddr_fromin6(&dhcp_gbl_ctx.local6_sockaddr,
+ local6, 0);
}
- result = dns_client_createx2(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- dhcp_gbl_ctx.taskmgr,
- dhcp_gbl_ctx.socketmgr,
- dhcp_gbl_ctx.timermgr,
- 0,
- &dhcp_gbl_ctx.dnsclient,
- localaddr4_ptr,
- localaddr6_ptr);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
- /*
- * If we can't set up the servers we may not be able to
- * do DDNS but we should continue to try and perform
- * our basic functions and let the user sort it out.
- */
- result = dhcp_dns_client_setservers();
- if (result != ISC_R_SUCCESS) {
- log_error("Unable to set resolver from resolv.conf; "
- "startup continuing but DDNS support "
- "may be affected");
+ if (!(flags & DHCP_DNS_CLIENT_LAZY_INIT)) {
+ result = dns_client_init();
}
}
#endif
(void) isc_app_ctxsuspend(ctx);
}
}
+
+isc_result_t dns_client_init() {
+ isc_result_t result;
+ if (dhcp_gbl_ctx.dnsclient == NULL) {
+ result = dns_client_createx2(dhcp_gbl_ctx.mctx,
+ dhcp_gbl_ctx.actx,
+ dhcp_gbl_ctx.taskmgr,
+ dhcp_gbl_ctx.socketmgr,
+ dhcp_gbl_ctx.timermgr,
+ 0,
+ &dhcp_gbl_ctx.dnsclient,
+ (dhcp_gbl_ctx.use_local4 ?
+ &dhcp_gbl_ctx.local4_sockaddr
+ : NULL),
+ (dhcp_gbl_ctx.use_local6 ?
+ &dhcp_gbl_ctx.local6_sockaddr
+ : NULL));
+
+ if (result != ISC_R_SUCCESS) {
+ log_error("Unable to create DNS client context:"
+ " result: %d", result);
+ return result;
+ }
+
+ /* If we can't set up the servers we may not be able to
+ * do DDNS but we should continue to try and perform
+ * our basic functions and let the user sort it out. */
+ result = dhcp_dns_client_setservers();
+ if (result != ISC_R_SUCCESS) {
+ log_error("Unable to set resolver from resolv.conf; "
+ "startup continuing but DDNS support "
+ "may be affected: result %d", result);
+ }
+ }
+
+ return ISC_R_SUCCESS;
+}
/* Set up the isc and dns library managers */
- status = dhcp_context_create(DHCP_CONTEXT_PRE_DB | DHCP_CONTEXT_POST_DB,
- NULL, NULL);
+ status = dhcp_context_create(DHCP_CONTEXT_PRE_DB, NULL, NULL);
if (status != ISC_R_SUCCESS)
log_fatal("Can't initialize context: %s",
isc_result_totext(status));
.\" dhcpd.8
.\"
-.\" Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (c) 1996-2003 by Internet Software Consortium
.\"
.\" Permission to use, copy, modify, and distribute this software for any
When DDNS is enabled at compile time (see includes/site.h)
the server will open both a v4 and a v6 UDP socket on
-random ports. These ports are opened even if DDNS is disabled
-in the configuration file.
+random ports, unless DDNS updates are globally disabled by
+setting ddns-update-style to none in the configuration file.
.PP
.SH CONFIGURATION
The syntax of the dhcpd.conf(5) file is discussed separately. This
}
}
- if (dhcp_context_create(DHCP_CONTEXT_POST_DB, local4_ptr, local6_ptr)
- != ISC_R_SUCCESS)
- log_fatal("Unable to complete ddns initialization");
-
+ /* Don't init DNS client if update style is none. This avoids
+ * listening ports that aren't needed. We don't use ddns-udpates
+ * as that has multiple levels of scope. */
+ if (ddns_update_style != DDNS_UPDATE_STYLE_NONE) {
+ if (dhcp_context_create(DHCP_CONTEXT_POST_DB,
+ local4_ptr, local6_ptr)
+ != ISC_R_SUCCESS) {
+ log_fatal("Unable to complete ddns initialization");
+ }
+ }
#else
/* If we don't have support for updates compiled in tell the user */
if (ddns_update_style != DDNS_UPDATE_STYLE_NONE) {
projects / thirdparty / dhcp.git / commitdiff
