Shawn Routhier [Thu, 5 Jan 2012 00:03:18 +0000 (00:03 +0000)]
Fixed the code that checks if an address the server is planning
to hand out is in a reserved range. This would appear as
the server being out of addresses in pools with particular ranges.
[ISC-Bugs #26498]
Shawn Routhier [Fri, 30 Dec 2011 23:08:41 +0000 (23:08 +0000)]
Modify the DDNS handling code. In a previous patch we added logging
code to the DDNS handling. This code included a bug that caused it
to attempt to dereference a NULL pointer and eventually segfault.
While reviewing the code as we addressed this problem, we determined
that some of the updates to the lease structures would not work as
planned since the structures being updated were in the process of
being freed: these updates were removed. In addition we removed an
incorrect call to the DDNS removal function that could cause a failure
during the removal of DDNS information from the DNS server.
Thanks to Jasper Jongmans for reporting this issue.
[ISC-Bugs #27078]
CVE: CVE-2011-4868
Shawn Routhier [Tue, 22 Nov 2011 23:56:50 +0000 (23:56 +0000)]
Add a check for a null pointer before calling the regexec function.
Without out this check we could, under some circumstances, pass
a null pointer to the regexec function causing it to segfault.
[ISC-Bugs #26704].
Shawn Routhier [Mon, 22 Aug 2011 20:39:19 +0000 (20:39 +0000)]
Fix the code that checks for an existing DDNS transaction to cancel
when removing DDNS information, so that we will continue with the
processing if we have a lease even if it doesn't have an outstanding
transaction. [ISC-Bugs #24682]
Two packets were found that cause a server to halt. The code
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
DNS Update fix. A misconfigured server could crash during DNS update
processing if the configuration included overlapping pools or
multiple fixed-address entries for a single address. This issue
affected both IPv4 and IPv6. The fix allows a server to detect such
conditions, provides the user with extra information and recommended
steps to fix the problem. If the user enables the appropriate option
in site.h then server will be terminated
Correct an unsigned math operation when calculating the options
buffer space for bootp and use a better constant - DHCP packet
size instead of DHCP packet size + udp and iP headers.
Check that we have a packet->options structure before using it.
Only process packets that are longer than a bootp fixed packet
including server and file names. Previously we allowed for
shorter packets but that wasn't working and nobody noticed.
- Strict checks for content of domain-name DHCPv4 option can now be
configured during compilation time. Even though RFC2132 does not allow
to store more than one domain in domain-name option, such behavior is
now enabled by default, but this may change some time in the future.
See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
[ISC-Bugs #24167]
Shawn Routhier [Wed, 1 Jun 2011 23:25:37 +0000 (23:25 +0000)]
Enlarge the buffer size used by the Omshell code and some of the
print routines to allow for greater than 60 characters or, when
printing as hex strings, 20 characters. [ISC-Bugs #22743]
Shawn Routhier [Tue, 24 May 2011 00:36:58 +0000 (00:36 +0000)]
Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
than the dispatch handler. This fixes an issue where omshell, when
run from the same platform as the server, would appear to fail to
connect. This is a companion to #21839. [ISC-Bugs #23592]
Shawn Routhier [Wed, 18 May 2011 19:55:44 +0000 (19:55 +0000)]
Client Script fixes
[ISC-Bugs #23045] Typos in client/scripts/openbsd
[ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
the domain search address is link local.
[ISC-Bugs #1277] In some of the client scripts add code to handle the
case of the default router information being changed without the address
being changed.
Tomek Mrugalski [Thu, 12 May 2011 13:26:55 +0000 (13:26 +0000)]
- If a client renews before 'dhcp-cache-threshold' percent of its lease
has elapsed (default 25%), the server will reuse the allocated lease
(provide a lease within the currently allocated lease-time) rather
than extend or renew the lease. This absolves the server of needing
to perform an fsync() operation on the lease database before reply,
which improves performance. [ISC-Bugs #22228]
Shawn Routhier [Wed, 11 May 2011 00:38:56 +0000 (00:38 +0000)]
Minor code cleanups - but note port change for #23196
[ISC-Bugs #23470] - Modify when an ignore return macro is defined to
handle unsed error return warnings for more versions of gcc.
[ISC-Bugs #23196] - Modify the reply handling in the server code to
send to a specified port rather than to the source port for the incoming
message. Sending to the source port was test code that should have
been removed. The previous functionality may be restored by defining
REPLY_TO_SOURCE_PORT in the includes/site.h file. We suggest you don't
enable this except for testing purposes.
[ISC-Bugs #22695] - Close a file descriptor in an error path.
[ISC-Bugs #19368] - Tidy up variable types in validate_port.
Tomek Mrugalski [Tue, 10 May 2011 14:27:56 +0000 (14:27 +0000)]
Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
rather than sockaddr. Packet ethertype is now forced to ETH_P_IP.
[ISC-Bugs #18975]
Tomek Mrugalski [Tue, 10 May 2011 11:24:44 +0000 (11:24 +0000)]
Relay no longer crashes, when DHCP packet is received over interface without
any IPv4 address assigned. Also extended logging message about discarding
packets with invalid hlen with information about relevant interface name.
[ISC-Bugs #22409]
Documentation fixes
[ISC-Bugs #17959] add text to AIX section describing how to have it send
responses to the all-ones address.
[ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
[ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS
The DHCP server now responds to DHCPLEASEQUERY messages from agents using
IP addresses not covered by a subnet in configuration. Server also returns
vendor-class-id option, if client sent it. [ISC-Bugs #21094]
- Parameters configured to evaluate from user defined function calls can
now be correctly written to dhcpd.leases
- If a 'next-server' parameter is configured in a dynamic host record via
OMAPI as a domain name, the syntax written to disk is now correctly parsed
upon restart. [ISC-Bugs #22266]
Several time related improvements:
- set initial delay to 0 to speed up client start
- added 'initial-delay' parameter to possibly revert to old behavior
- better handling of very short (1 or 2s) leases
- client lease records are recorded at most once every 15 seconds
- ICMP ping-check is now timed more precisely
- Servers that don't offer lease-time are now black-listed
[ISC-Bugs #19660]
Add the option "--no-pid" to the client, relay and server code,
to disable writing a pid file. Add the option "-pf pidfile"
to the relay to allow the user to supply the pidfile name at
runtime. Add the "with-relay6-pid-file" option to configure
to allow the user to supply the pidfile name for the relay
in v6 mode at configure time.
[ISC-Bugs #23351] [ISC-Bugs #17541]
Shawn Routhier [Thu, 24 Mar 2011 21:11:01 +0000 (21:11 +0000)]
In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS. [ISC-Bugs #23722]
Shawn Routhier [Fri, 18 Feb 2011 18:18:20 +0000 (18:18 +0000)]
Handle some DDNS corner cases better. Maintain the DDNS transaction
information when updating a lease and cancel any existing transactions
when removing the ddns information.
[ISC-Bugs #23103]
Mark Andrews [Fri, 18 Feb 2011 01:41:30 +0000 (01:41 +0000)]
- Removed the restriction on using IPv6 address in IPv4 mode. This allow
IPv4 options which contain IPv6 address to be specified. For example
the 6rd option can be specified and use like this:
Shawn Routhier [Thu, 20 Jan 2011 19:13:41 +0000 (19:13 +0000)]
When processing a request in the DHCPv6 server code that specifies
an address that is tagged as abondened (meaning we received a
decline request for it previously) don't attempt to move it from
the inactive to active pool as doing so can result in the server
crshing on an assert failure. Also retag the lease as active
and reset it's timeout value.
[ISC-Bugs #21921]
Shawn Routhier [Thu, 30 Dec 2010 22:35:48 +0000 (22:35 +0000)]
Disable the use of kqueue in the ISC library. This avoids a problem
between the fork and socket code that caused the dhcpd process to
use all available cpu if the program daemonized itself.
[ISC-Bugs #21911]
Shawn Routhier [Wed, 29 Dec 2010 22:56:01 +0000 (22:56 +0000)]
When processing the format flags for a given option consume the
flag indicating an optional value correctly. A symptom of this
bug was an infinite loop when trying to parse the slp-service-scope
option. Thanks to a patch from Marius Tomaschewski.
[ISC-Bugs #22055]
Shawn Routhier [Tue, 14 Dec 2010 23:06:50 +0000 (23:06 +0000)]
Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
Thanks to a report from Jiri Popelka at Red Hat.
[ISC-Bugs #22033], [Red Hat Bug #628258]
Shawn Routhier [Tue, 14 Dec 2010 21:59:44 +0000 (21:59 +0000)]
Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
Passing it through to the handlers caused the omshell program to fail
to connect to the server. [ISC-Bugs #21839]
Fix the paranthesis in the code to process configuration statements
beginning with "auth". The previous arrangement caused
"auto-partner-down" to be processed incorrectly. [ISC-Bugs #21854]
Shawn Routhier [Mon, 13 Dec 2010 20:31:08 +0000 (20:31 +0000)]
Fix the handling of connection requests on the failover port.
Previously a connection request from a source that wasn't
listed as a failover peer would cause the server to become
non-responsive. [ISC-Bugs #22679]
CERT: VU#159528 CVE: CVE-2010-3616
projects / thirdparty / dhcp.git / log
