From: Shawn Routhier Date: Tue, 2 Aug 2016 05:13:09 +0000 (-0700) Subject: [master] Update releases notes for 4.4.0 X-Git-Tag: v4_4_0b1_f1~148 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d618ba487f048ee91d5e08e82e4bad15bb532bf1;p=thirdparty%2Fdhcp.git [master] Update releases notes for 4.4.0 --- diff --git a/RELNOTES b/RELNOTES index 5c53a2148..a6bfd6848 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,5 +1,5 @@ Internet Systems Consortium DHCP Distribution - Version 4.3.4 + Version 4.4.0-pre-alpha 29 March 2016 Release Notes @@ -52,304 +52,367 @@ ISC DHCP is open source software maintained by Internet Systems Consortium. This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). - Changes since 4.3.4 + Changes since 4.3.0 (new features) -- Fixed util/bindvar.sh error handling. - [ISC-Bugs #41973] - -- Correct error message in relay to use remote id length instead - of circuit id length. - [ISC-Bugs #42556] + Changes since 4.3.0 (bug fixes) -- Add support for including an encapsulated option in a response - from the DHCPv6 server. This allows the v6 FQDN option to be - returned in responses. - [ISC-Bugs #29246] +- Tidy up several small tickets. + Correct parsing of DUID from config file, previously the LL type + was put in the wrong place in the DUID string. + [ISC-Bugs #20962] + Add code to parse "do-forward-updates" as well as "do-forward-update" + Thanks to Jiri Popelka at Red Hat. + [ISC-Bugs #31328] + Remove log_priority as it isn't currently used. + [ISC-Bugs #33397] + Increase the size of the buffer used for reading interface information. + [ISC-Bugs #34858] -- Add logic to test directory Makefiles to avoid copying Attfile(s) - when building within the source tree. This eliminates a noisy but - otherwise harmless error message when running "make check". - [ISC-Bugs #41883] +- Remove an extra set of the msg_controllen variable. + [ISC-Bugs #21035] -- Leases are now scrubbed of certain prior use information when pool - re-balancing reassigns them from one FO peer to the other. This - corrects an issue where leases that were offered but ignored retained - the client hostname from the original client. Thanks to Pavel Polacek, - Jan Evangelista Purkyne University for reporting the issue. - [ISC-Bugs #42008] +- Add a more understandable error message if a configuration attempts + to add multiple keys for a single zone. Thanks to a patch from Jiri + Popelka at Red Hat. + [ISC-Bugs #31892] -- In the LDAP code and schema add some missing '6' characters to use - the v6 instead of the v4 versions. Thanks to Denis Taranushin for - reporting this issue and supplying its patch. - [ISC-Bugs #42666] +- Fix some minor issues in the dst code. + [ISC-Bugs #34172] -- Correct how the pick-first-value expression is written to a lease - file. Previously it was written as a concat expression due to - a cut and paste error. - [ISC-Bugs #42253] +- Properly #ifdef functions so that the code can compile without NSUPDATE. + [ISC-Bugs #35058] -- Modify the DDNS code to clean up the PTR record even if there - are issues while cleaning up the A or AAAA records. - [ISC-Bugs #23954] +- Update the partner's stos (start time of state, basically when we last + heard from this partner) field when updating the state in failover. + [ISC-Bugs #35549] -- Added global configuration parameter, abandon-lease-time, which determines - the amount of time a lease remains abandoned. The default is 84600 seconds. - Additionaly, the server now conducts a ping check (if ping checks are - enabled) prior to offering an abandoned lease to client. - [ISC-Bugs #41815] +- Modify the overload processing to allow space for the remote agent ID. + [ISC-Bugs #35569] + Handle the ordering of the SUBNET_MASK option even if it is the last + option in the list. + [ISC-Bugs #24580] -- Correct handling of interface names during interface discovery. This - addresses an issue where interface names of 15 characters in length - could lead to crashes or interface recognition errors during startup - of dhcpd, dhclient, and dhcrelay. - [ISC-Bugs #42226] +- Remove the code that allows a server to follow RFC3315 instead of + the subsequent errata from August 2010 when determining which IAs + to include if no addresses will be assigned. + [ISC-Bugs #28938] -- Updates to contrib/dhcp-lease-list.pl to make it more friendly. - They are looking for the lease file in more places and skipping - the "processing complete" output when creating machine readable - output. - [ISC-Bugs #42113] +- Remove unused RCSID tags. + [ISC-Bugs #35846] -- When reusing a lease for dhcp-cache-threshold return the hostname - to the original lease. Also if the host pointer, UID or hardware address - change don't allow reuse of the lease. - Thanks to Michael Vincent for reporting this and helping us - verify the problem and fix. - [ISC-Bugs #42849] +- Correct the v6 client timing code. When doing the timing backoff + for MRT limit it to MRD. + Thanks to Jiri Popelka at Red Hat for the bug report and fix. + [ISC-Bugs #21238 -- Change dmalloc to use a size_t as the length argument to bring it - in line with the call it will make to malloc(). - [ISC-Bugs #40843] +- Add a log entry when killing a client and remove the PID files + when a server, relay or client are killed. + [ISC-Bugs #16970] + [ISC-Bugs #17258] -- If the failover socket can't be bound close it, otherwise if the - user configures an incorrect address in the failover stanza the - server will continue to open new sockets every 90 seconds until - it runs out. - [ISC-Bugs #42452] +- Some minor cleanups in the client code. + In addition to checking for dhcpc check for bootpc in the services list. + [ISC-Bugs #18933] + Correct the client code to only try to get a lease once when the + given the "-1" argument. + Thanks to Jiri Popelka at Red Hat for the bug report and fix. + [ISC-Bugs #26735] + When asked for the version don't send the output to syslog. + [ISC-Bugs #29772] + Add the next server information to the environment variables for + use by the client script. In order to avoid changing the client + lease file the next server information isn't written to it. + Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix. + [ISC-Bugs #33098] - Changes since 4.3.4b1 +- Several updates to the dhcp server code. + When not in quiet mode print out the files being used. + [ISC-Bugs #17551] + As accessing some pid files may require privileges move the dropping + of permission bits due to the paranoia patch to be after the pid code. + Thanks to Jiri Popelka at Red Hat for the bug report and fix. + [ISC-Bugs #25806] + When processing a "--version" request don't output the version information + to syslog. -- None +- Add the "enable-log-pid" build option to the configure script. When enabled + this causes the client, server and relay programs to include the PID + number in syslog messages. + Thanks to Marius Tomaschewski for the suggestion and proto-patch. + [ISC-Bugs #29713] - Changes since 4.3.3 +- Add a #define to specify the prefix length used when a client attempts + to configure an address. This can be modified by editing includes/site.h. + By default it is set to 64. While 128 might be a better choice it would + also be a change for currently running systems, so we have left it at 64. + [ISC-Bugs #DHCP-2] -- Corrected a static analyzer warning in common/execute.c - [ISC-Bugs #40374] +- Add a run time option to the client "-df" to allow the administrator to + point to a second lease file the client can search for a DUID. This can + be used to allow a v4 and a v6 instance of the client to share a DUID. + The second file will only be searched if there isn't a DUID in the main + lease file and the DUID will be written out to the main lease file. + [ISC-Bugs #34886] -- ISC DHCP now follows the common convention to use the base name a - program is invoked with (aka argv[0], vs. a builtin name) for - logs. This should help differentiate syslog entries for DHCPv4 and - DHCPv6 servers. You can define OLD_LOG_NAME in includes/site.h to - keep the previous behavior. - [ISC-Bugs #38692] +- Have the client fsync the lease file to avoid lease corruption if the + client hibernates or otherwise shuts down. + [ISC-Bugs #35894] -- The Linux packet filter code now correctly treats only the least significant - 12 bits in an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q). - Prior to this it was using the entire 16 bit value as the VLAN id and - incorrectly discarding packets. Thanks to Jiri Popelka at Red Hat for - reporting this issue and supplying its patch. - [ISC-Bugs #40591] +- Add a check for L2VLAN in bpf.c to help support VLAN interfaces + Thanks to Steinar Haug for the suggestion. + [ISC-Bugs #36033] -- Fixed several static analysis issues such as potential null - references, unchecked strdup returns. Thanks to Bill Parker (wp02855 at - gmail dot com) who identified these issues and supplied patches to - address them. - [ISC-Bugs #40754] - [ISC-Bugs #40823] +- Modify the handling of the resolv.conf file to allow the DHCP + process to start up even if the resolv.conf file has problems. + [ISC-Bugs #35989] -- Corrected compilation errors that prohibited building the server - and its ATF unit tests when failover is disabled. - [ISC-Bugs #40372] +- Add threshold logging functionality. Two new options, + log-threshold-low and log-threshold-high, indicate to the + server if and when it should log an error message as addresses + in a pool are used. + [ISC-Bugs #34487] -- Added the lease address to the end of the debug level log message - emitted when an existing lease is renewed within the dhcp-cache-threshold. - Thanks to Nathan Neulinger at Missouri S&T for suggesting the change. - [ISC-Bugs #40598] +- Add code to properly dereference a pointer in the dhclient code + on an error condition. + [ISC-Bugs #36194] -- Added dhcpv6 and delayed-ack to settings listed in the "Features:" - section of the configure script output. Additionally, all of the - features reported on will now always show either a "yes" or "no" - value. Prior to this features left to their default setting would - not show a value. - [ISC-Bugs #40381] +- Add code to help clean up soft leases. + [ISC-Bugs #36304] -- Added a parameter, authoring-byte-order, to the lease file. This value - is automatically added to the top of new lease files by the server and - indicates the internal byte order (big endian or little endian) of the - server. This permits lease files generated on a server with one form of - byte order to be used on a server with the opposite form. Our thanks to - Timothe Litt for calling this to our attention and for the suggestions - he provided. - [ISC-Bugs #38396] +- Disable the gentle shutdown functionality until we can determine + the best way to present it to remove or reduce the side effects. + [ISC-Bugs #36066] -- Fixed a small memory leak in the DHCPv6 version of the client code. - This is unlikely to cause significant issues in actual use. - [ISC-Bugs #40990] +- Modify the message displayed when a process hits a fatal error. + The new message is much shorter and simply points to the README + and our website for directions on bug submissions. + [ISC-Bugs #24789] -- Corrected a few minor memory leaks in omapi's dereferencing of - host objects. Thanks to Jiri Popelka at Red Hat for reporting - the issue and supplying the patches. - [ISC-Bugs #33990] - [ISC-Bugs #41325] +- Handle an absent resolv.conf file better. + [ISC-Bugs #35194] -- Cleaned up some of the Make infrastructure to make --with-libbind - work better. Though it still only works with an absolute path. - [ISC-Bugs #39210] +- Tidy up receive packet processing. + Thanks to Brad Plank of GTA for reporting the issue and suggesting + a possible patch. + [ISC-Bugs #34447] -- Made the embedded bind libraries able to be cross compiled - (please refer to the bind9 documentation to learn how to cross - compile DHCP and its bind library dependency). - [ISC-Bugs #38836] +- Corrected parser's right brace matching when a statement contains an error. + [ISC-Bugs #36021] -- Update the client code to better support getting IA_NAs and IA_PDs - in the same packet, see RFC7550 for some discussion. - [ISC-Bugs #40190] +- TSIG-authenticated dynamic DNS updates now support the use of these + additional algorithms: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, + and hmac-sha512 + [ISC-Bugs #36947] -! Update the bounds checking when receiving a packet. - Thanks to Sebastian Poehn from Sophos for the bug report and a suggested +- Added check for invalid failover message type. Thanks to Tobias Stoeckmann + working with the OpenBSD project who spotted the issue and provided the patch. - [ISC-Bugs #41267] - CVE: CVE-2015-8605 + [ISC-Bugs #36653] -- When handling an incorrect command line for dhcpd, dhclient or dhcrelay - print out a specific error message about the first error in addition - to the usage string. This may be disabled by editing includes/site.h. - [ISC-Bugs #40321] - [ISC-Bugs #41454] +- Corrected rate limiting checks for bad packet logging. Thanks to Tobias + Stoeckmann working with the OpenBSD project who spotted the issue and + provided the patch. + [ISC-Bugs #36897] -- The configure script will now exit with an error message if it cannot find - a GNU-style make tool (needed when building BIND libraries) or pkg-config - (needed to locate ATF used for building unit tests). Prior to this the - script would exit indicating success causing subsequent attempts to build - the software to fail. - [ISC-Bugs #40371] - -- Properly terminate strings before passing them to regex and fix - a boundary error when creating certain new data strings. - Thanks to Andrey Jr. Melnikov for the bug report. - [ISC-Bugs #41217] +- Log statements depicting what files will be used by the server now occur + after the configuration file has been processed. + [ISC-Bugs #36671] -- Option expressions, such as prepend and append, are now supported when - running dhclient for IPv6. Prior to this such statements in the - client configuration file would be parsed but have no affect. Thanks - to Jiri Popelka at Red Hat for reporting the issue. - [ISC-Bugs #39952] +- Addressed Coverity issues reported as of 07-31-2014: + [ISC-Bugs #36712] Corrects Coverity reported "high" impact issues. + [ISC-Bugs #36933] Corrects Coverity reported "medium" impact issues + [ISC-Bugs #37708] Fixes compilation error in dst_api.c seen in older + compilers that was introduced by #36712 -- A failover primary server will now accept a binding status update from the - secondary which transitions a lease from ACTIVE to ABANDONED. This accounts - for instances in which a client declines a lease and only the secondary - server receives it. Prior to this the primary server would reject such an - update as an "invalid state transition". - [ISC_BUGS #25189] +- Server now supports a failover split value of 256. + [ISC-Bugs] #36664] -- Properly allocate memory for a bpf filter. - Thanks to Bill Parker (wp02855 at gmail dot com) who identified this issue. - [ISC-Bugs #41485] +- Remove unneeded error #defines. These defines were included in case + external programs required the older versions of the macro. They + have been #ifdeffed for now and will be removed at a future date. + See site.h for the #define to include them again, but you should + switch to using the DHCP_R_* versions instead of the ISC_R_* versions. + Also ISC_R_MULTIPLE has been removed as it is also defined in bind. + [ISC-Bugs #37128] -- Updated contrib/dhcp-lease-list.pl to handle garbage in the oui file better - and to print out the hostnames a bit better. - Thanks to Antoine Beaupré from Debian for the suggested patch. - [ISC-Bugs #41288] +- Added checks in range6 and prefix6 statement parsing to ensure addresses + are within the declared subnet. Thanks to Jiri Popelka at Red Hat for the + bug report and patch. + [ISC-Bugs #32453] + [ISC-Bugs #17766] + [ISC-Bugs #18510] + [ISC-Bugs #23698] + [ISC-Bugs #28883] -- The DHCPv6 server now handles long valid and preferred lease times better. - Values that would cause the internal end time of the lease to wrap are - modified to work as infinite. - [ISC-Bugs #40773] +- Addressed checksum issues: + Added checksum readiness check to Linux packet filtering which eliminates + invalid packet drops due to checksum errors when checksum offloading is + in use. Based on dhcp-4.2.2-xen-checksum.patch made to the Fedora project. + [ISC-Bugs #22806] + [ISC-Bugs #15902] + [ISC-Bugs #17739] + [ISC-Bugs #18010] + [ISC-Bugs #22556] + [ISC-Bugs #29769] + Inbound packets with UDP checksums of 0xffff now validate correctly rather + than being dropped. + [ISC-Bugs #24216] + [ISC-Bugs #25587] -- Updated support for cross compiling by allowing the library archiver - to be set at configure time via the environment variable 'AR'. - [ISC-Bugs #41536] +- Added the echo-client-id configuration parameter to the server configuration. + The server now supports RFC 6842 compliant behavior by setting a new + configuration parameter, echo-client-id. When enabled, the server will + include the client identifier option (Option code 61) if received, in its + responses. The server identifier returned in NAKs (if enabled) will now + be the globally defined value (if one) if the server cannot attribute the + inbound request to a known subnet. + [ISC-Bugs #35958] + [ISC-Bugs #32545] -- The server will now match DHCPv6 relayed clients to host declarations - which include the "hardware" statement, if the relay connected to the - client supplies the client's hardware address via client-linklayer-address - option as per RFC 6939. - [ISC-Bugs #40334] +- Added support of the configuration parameter, use-host-decl-names, to + BOOTP request handling. + [ISC-Bugs #36233] -- Allow a filename to be specified instead of /dev/random during - configuration. This is passed to the BIND configuration to allow - for cross compilation. - [ISC-Bugs #33835] +- Added logic to ignore the signal, SIGPIPE, which ensures write failures + will be delivered as errors rather than as SIGPIPE signals on all OSs. + Thanks to Marius Tomaschewski from SUSE who reported the issue and provided + the patch upon which the fix is based. + [ISC-Bugs #32222] -- Add more option definitions. - [ISC-Bugs #40562] +- In the failover code, handle the case of communications being interrupted + when the servers are dealing with POTENTIAL-CONFLICT. This patch allows + the primary to accept the secondary moving from POTENTIAL-CONFLICT to + RESOLUTION-INTERRUPTED as well as handling the bind update process better. + In addition the code to resend update or update all requests has been + modified to send requests more often. + [ISC-Bugs #36810] + [ISC-Bugs #20352] -- Correct outputting of long lines in the lease file when writing - a lease that includes long strings in an execute statement. - [ISC-Bugs #40994] +- By default, the server will now choose the value to use in the forward DNS + name from the following in order of preference: -- The server will now correctly treat a lease as reserved when the client - requests an infinite lease time (i.e. OxFFFFFFFF) and "infinite-is-reserved" - is enabled. Prior to this the server would halt. In addition, corrections - were made to the server to allow a lease's flags field to be set via omapi. - Prior to this, the server, depending on the host architecture, would - incorrectly parse the new flags value from the omapi message. - [ISC-Bugs #31179] + 1. FQDN option if provided by the client + 2. Host name option if provided by the client + 3. Configured option host-name if defined -- ISC DHCP can now be configured and built from a directory other than - the top level source directory. Note that "make distcheck" uses this - feature. - [ISC-Bugs #39262] + As before, this may be overridden by defining ddns-hostname to the desired + value (or expression). In addition, the server logic has been extended to + use the value of the host name declaration if use-host-decl-names is enabled + and no other value is available. + [ISC-Bugs #21323] -- Add support for RFC 3527 to dhcrelay. A new, dhcrelay command line argument, - "-U " enables the addition of a RFC 3527 compliant link selection - suboption to the agent option added for clients directly connected to the - relay. - [ISC-Bugs #34875] - [ISC-Bugs #41708] +- DNS updates were being attempted when dhcp-cache-threshold enabled the use of + the existing lease and the forward DNS name had not changed. This has been + corrected. + [ISC-Bugs #37368] + [ISC-Bugs #38636] -- Add a new global DHCPv6 option, dhcpv6-set-tee-times, which when enabled - instructs the server to calculate T1 and T2 as recommended in RFC 3315, - Section 22.4. - [ISC-Bugs #25687] +- Corrected an issue which caused dhclient to incorrectly form the result when + prepending or appending to the IPv4 domain-search option, received from the + server, when either of the values being combined contain compressed + components. + [ISC-Bugs #20558] -- Corrected minor Coverity issues. - [ISC-Bugs #35144] +- Added the server-id-check parameter to the server configuration. + This parameter allows run-time control over whether or not a server, + participating in failover, verifies the dhcp-server-identifier option in + DHCP REQUESTs against the server's id before processing the request. + Formerly, enabling this behavior was done at compilation time through + the use of the #define, SERVER_ID_CHECK, which has been removed from site.h + The functionality is now only available through the new runtime parameter. + [ISC-Bugs #37551] -- Add support for RFC 7341 DHCPv4 over DHCPv6 with a new configuration - option "--enable-dhcpv4o6". Note this feature requires DHCPv6 support - and is not compatible with delayed-ack. Both client and server use 2 - processes which communicate over UDP on a pair of sockets. The new - "-4o6 " command line argument enables DHCPv4 over DHCPv6 support - and specifies the consecutive ports to use for inter-process communication. - Please look at doc/DHCPv4-over-DHCPv6 for more details. - [ISC-Bugs #35711] +- During startup, when the server encounters a lease whose binding state is + FTS_BACKUP but whose pool has no configured failover peer, it will reset the + lease's binding state to FTS_FREE. This allows the leases to be reclaimed + by the server after a pool's configuration has changed from failover to + standalone. Prior to this such leases would remain stuck in the backup state + making them unavailable for assignment. Note this conversion will occur + whether or not the server is compiled for failover. + [ISC-Bugs #36960] -- Correct interface name formation when using DLPI under Solaris 11. As of - Solaris 11, ethernet device files are located in "/dev/net". The configure - script has been modified to detect this situation and adjust the directory - used accordingly. Thanks to Jarkko Torppa for reporting this issue and - submitting a patch - [ISC-Bugs #37954] - [ISC-Bugs #40752] +- Fixed a small issue in the treatment of hosts in the inform processing + that could cause the response to an inform to include information from + the wrong scope. The two examples we've heard of are getting subnet + instead of group information associated with a host entry, or getting + global information instead of subnet if the host entry was built via + omapi. Thanks to Julien Soula at University of Lille for finding the + bug and supplying a patch. + [ISC-Bugs #35712] -- Add a dereference call when handling an error condition while - decoding a packet. - [ISC-Bugs #41774] +- Avoid calling pool_timer() recursively from supersede_lease(). This could + result in leases changing state incorrectly or delaying the running of the + leae expiration code. + [ISC-Bugs #38002] -- Add a new parameter, lease-id-format, to both dhcpd and dhclient. The - parameter controls the format in which certain values are written to lease - files. Formats supported are octal - quoted string containing octal - escapes, and hex - unquoted, colon separated hex digits. Thanks to - Jay Ford, University of Iowa for bringing the issue to our attention. - [ISC-Bugs #26378] +- Move the check for a PID file and process to be before we rewrite the + lease file. This avoids the possibility of starting a second instance + of a server which changes the current lease file confusing the first + instance. This check is only included if the admin hasn't disabled PID + files. + [ISC-Bugs #38078] + [ISC-Bugs #38143] -! Add an option in site.h to limit the number of failover and control - connections the server will accept. By default this is 200. - [ISC-Bugs #41845] - CVE: CVE-2016-2774 +- In the client code change the way preferred_life and max_life are printed + for environment variables to be unsigned rather than signed. + Thanks to Jiri Popelka at Red Hat for the bug report and patch. + [ISC-Bugs #37084] - Changes since 4.3.3b1 +- Modified Linux packet handling such that packets received via VLAN are now + seen only by the VLAN interface. Prior to this, such packets were seen by + both the VLAN interface and its parent (physical) interface, causing the + server to respond to both. Note this remains an issue for non-Linux OSs. + Thanks to Jiri Popelka at Red Hat for the patch. + [ISC-Bugs #37415] + [ISC-Bugs #37133] + [ISC-Bugs #36668] + [ISC-Bugs #36652] -- None +- Log content has been changed to more directly suggest that admins should + check for multiple IPv6 clients attempting to use the same DUID when only + abandoned addresses are available. Debug level logging will now emit counts + of the total number of, in-use, and abandoned addresses in a shared subnet + when the server finds no addresses available for a given DUID. Lastly, + threshold logging is now automatically disabled for shared subnets whose + total number of possible addresses exceeds (2^64)-1. + [ISC-Bugs #26376] + [ISC-Bugs #38131] - Changes since 4.3.2 +- Added a global parameter, prefix-length-mode, which may be used to determine + how the server uses a non-zero value for prefix-length supplied by clients + when soliciting DHCPv6 prefixes. The server supports selection modes of: + ignore, prefer, exact, minimum and maximum which are described in detail in + the server man pages. The prior behavior of the server was to only offer a + prefix whose length exactly matched the prefix-length value requested. If + no such prefixes were available, the server returned a status of none + available. Note the default mode, "exact", provides this same behavior. + [ISC-Bugs #36780] + [ISC-Bugs #32228] -- The server now does a better check to see if it can allocate the memory - for large blocks of v4 leases and should provide a slightly better error - message. Note well: the server pre-allocates v4 addresses, if you use - a large range, such as a /8, the server will attempt to use a large - amount of memory and may not start if there either isn't enough memory +- Corrected inconsistencies in dhcrelay's setting the upper interface hop count + limit such that it now sets it to 32 when the upstream address is a multicast + address per RFC 3315 Section 20. Prior to this if the -u argument preceded + the -l argument on the command line or if the same interface was specified + for both; the logic to set the hop limit count for the upper interface was + skipped. This caused the hop count limit to be set to the default value + (typically 1) in the outbound upstream packets. + [ISC-Bugs #37426] + +- Modify the linux and openwrt dhclient scripts to process information + from a stateless request. Thanks to Jiri Popelka at Red Hat for the + bug report and patch. + [ISC-Bugs #36102] + +- Remove more unused RCSID tags. These weren't noticed in 4.3 as + the code isn't used anymore but we remove them here to keep the + code consistent across versions. + [ISC-Bugs #36451] + +- The server now does a better check to see if it can allocate the memory + for large blocks of v4 leases and should provide a slightly better error + message. Note well: the server pre-allocates v4 addresses, if you use + a large range, such as a /8, the server will attempt to use a large + amount of memory and may not start if there either isn't enough memory or the size exceeds what the code supports. [ISC-Bugs #38637] @@ -502,19 +565,12 @@ by Eric Young (eay@cryptsoft.com). and suggesting a patch. [ISC-Bugs #39279] - Changes since 4.3.2rc2 -- None - - Changes since 4.3.2rc1 - - Corrected a compilation error introduced by the fix for ISC-Bugs #37415. The error occurs on Linux variants that do not support VLAN tag information in packet auxiliary data. The configure script now only enables inclusion of the VLAN tag-based logic if it is supported by the underlying OS. [ISC-Bugs #38677] - Changes since 4.3.2b1 - - Specifying the option, --disable-debug, on the configure script command line now disables debug features. Prior to this, specifying --disable-debug incorrectly enabled debug features. Thanks to Gustavo Zacarias for reporting @@ -536,370 +592,284 @@ by Eric Young (eay@cryptsoft.com). use the command "make -k check". [ISC-Bugs #38619] - Changes since 4.3.1 - -- Corrected parser's right brace matching when a statement contains an error. - [ISC-Bugs #36021] - -- TSIG-authenticated dynamic DNS updates now support the use of these - additional algorithms: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, - and hmac-sha512 - [ISC-Bugs #36947] - -- Added check for invalid failover message type. Thanks to Tobias Stoeckmann - working with the OpenBSD project who spotted the issue and provided the - patch. - [ISC-Bugs #36653] - -- Corrected rate limiting checks for bad packet logging. Thanks to Tobias - Stoeckmann working with the OpenBSD project who spotted the issue and - provided the patch. - [ISC-Bugs #36897] - -- Log statements depicting what files will be used by the server now occur - after the configuration file has been processed. - [ISC-Bugs #36671] - -- Addressed Coverity issues reported as of 07-31-2014: - [ISC-Bugs #36712] Corrects Coverity reported "high" impact issues. - [ISC-Bugs #36933] Corrects Coverity reported "medium" impact issues - [ISC-Bugs #37708] Fixes compilation error in dst_api.c seen in older - compilers that was introduced by #36712 - -- Server now supports a failover split value of 256. - [ISC-Bugs] #36664] - -- Remove unneeded error #defines. These defines were included in case - external programs required the older versions of the macro. They - have been #ifdeffed for now and will be removed at a future date. - See site.h for the #define to include them again, but you should - switch to using the DHCP_R_* versions instead of the ISC_R_* versions. - Also ISC_R_MULTIPLE has been removed as it is also defined in bind. - [ISC-Bugs #37128] - -- Added checks in range6 and prefix6 statement parsing to ensure addresses - are within the declared subnet. Thanks to Jiri Popelka at Red Hat for the - bug report and patch. - [ISC-Bugs #32453] - [ISC-Bugs #17766] - [ISC-Bugs #18510] - [ISC-Bugs #23698] - [ISC-Bugs #28883] - -- Addressed checksum issues: - Added checksum readiness check to Linux packet filtering which eliminates - invalid packet drops due to checksum errors when checksum offloading is - in use. Based on dhcp-4.2.2-xen-checksum.patch made to the Fedora project. - [ISC-Bugs #22806] - [ISC-Bugs #15902] - [ISC-Bugs #17739] - [ISC-Bugs #18010] - [ISC-Bugs #22556] - [ISC-Bugs #29769] - Inbound packets with UDP checksums of 0xffff now validate correctly rather - than being dropped. - [ISC-Bugs #24216] - [ISC-Bugs #25587] - -- Added the echo-client-id configuration parameter to the server configuration. - The server now supports RFC 6842 compliant behavior by setting a new - configuration parameter, echo-client-id. When enabled, the server will - include the client identifier option (Option code 61) if received, in its - responses. The server identifier returned in NAKs (if enabled) will now - be the globally defined value (if one) if the server cannot attribute the - inbound request to a known subnet. - [ISC-Bugs #35958] - [ISC-Bugs #32545] - -- Added support of the configuration parameter, use-host-decl-names, to - BOOTP request handling. - [ISC-Bugs #36233] +- Corrected a static analyzer warning in common/execute.c + [ISC-Bugs #40374] -- Added logic to ignore the signal, SIGPIPE, which ensures write failures - will be delivered as errors rather than as SIGPIPE signals on all OSs. - Thanks to Marius Tomaschewski from SUSE who reported the issue and provided - the patch upon which the fix is based. - [ISC-Bugs #32222] +- ISC DHCP now follows the common convention to use the base name a + program is invoked with (aka argv[0], vs. a builtin name) for + logs. This should help differentiate syslog entries for DHCPv4 and + DHCPv6 servers. You can define OLD_LOG_NAME in includes/site.h to + keep the previous behavior. + [ISC-Bugs #38692] -- In the failover code, handle the case of communications being interrupted - when the servers are dealing with POTENTIAL-CONFLICT. This patch allows - the primary to accept the secondary moving from POTENTIAL-CONFLICT to - RESOLUTION-INTERRUPTED as well as handling the bind update process better. - In addition the code to resend update or update all requests has been - modified to send requests more often. - [ISC-Bugs #36810] - [ISC-Bugs #20352] +- The Linux packet filter code now correctly treats only the least significant + 12 bits in an inbound packet's TCI value as the VLAN id (per IEEE 802.1Q). + Prior to this it was using the entire 16 bit value as the VLAN id and + incorrectly discarding packets. Thanks to Jiri Popelka at Red Hat for + reporting this issue and supplying its patch. + [ISC-Bugs #40591] -- By default, the server will now choose the value to use in the forward DNS - name from the following in order of preference: +- Fixed several static analysis issues such as potential null + references, unchecked strdup returns. Thanks to Bill Parker (wp02855 at + gmail dot com) who identified these issues and supplied patches to + address them. + [ISC-Bugs #40754] + [ISC-Bugs #40823] - 1. FQDN option if provided by the client - 2. Host name option if provided by the client - 3. Configured option host-name if defined +- Corrected compilation errors that prohibited building the server + and its ATF unit tests when failover is disabled. + [ISC-Bugs #40372] - As before, this may be overridden by defining ddns-hostname to the desired - value (or expression). In addition, the server logic has been extended to - use the value of the host name declaration if use-host-decl-names is enabled - and no other value is available. - [ISC-Bugs #21323] +- Added the lease address to the end of the debug level log message + emitted when an existing lease is renewed within the dhcp-cache-threshold. + Thanks to Nathan Neulinger at Missouri S&T for suggesting the change. + [ISC-Bugs #40598] -- DNS updates were being attempted when dhcp-cache-threshold enabled the use of - the existing lease and the forward DNS name had not changed. This has been - corrected. - [ISC-Bugs #37368] - [ISC-Bugs #38636] +- Added dhcpv6 and delayed-ack to settings listed in the "Features:" + section of the configure script output. Additionally, all of the + features reported on will now always show either a "yes" or "no" + value. Prior to this features left to their default setting would + not show a value. + [ISC-Bugs #40381] -- Corrected an issue which caused dhclient to incorrectly form the result when - prepending or appending to the IPv4 domain-search option, received from the - server, when either of the values being combined contain compressed - components. - [ISC-Bugs #20558] +- Added a parameter, authoring-byte-order, to the lease file. This value + is automatically added to the top of new lease files by the server and + indicates the internal byte order (big endian or little endian) of the + server. This permits lease files generated on a server with one form of + byte order to be used on a server with the opposite form. Our thanks to + Timothe Litt for calling this to our attention and for the suggestions + he provided. + [ISC-Bugs #38396] -- Added the server-id-check parameter to the server configuration. - This parameter allows run-time control over whether or not a server, - participating in failover, verifies the dhcp-server-identifier option in - DHCP REQUESTs against the server's id before processing the request. - Formerly, enabling this behavior was done at compilation time through - the use of the #define, SERVER_ID_CHECK, which has been removed from site.h - The functionality is now only available through the new runtime parameter. - [ISC-Bugs #37551] +- Fixed a small memory leak in the DHCPv6 version of the client code. + This is unlikely to cause significant issues in actual use. + [ISC-Bugs #40990] -- During startup, when the server encounters a lease whose binding state is - FTS_BACKUP but whose pool has no configured failover peer, it will reset the - lease's binding state to FTS_FREE. This allows the leases to be reclaimed - by the server after a pool's configuration has changed from failover to - standalone. Prior to this such leases would remain stuck in the backup state - making them unavailable for assignment. Note this conversion will occur - whether or not the server is compiled for failover. - [ISC-Bugs #36960] +- Corrected a few minor memory leaks in omapi's dereferencing of + host objects. Thanks to Jiri Popelka at Red Hat for reporting + the issue and supplying the patches. + [ISC-Bugs #33990] + [ISC-Bugs #41325] -- Fixed a small issue in the treatment of hosts in the inform processing - that could cause the response to an inform to include information from - the wrong scope. The two examples we've heard of are getting subnet - instead of group information associated with a host entry, or getting - global information instead of subnet if the host entry was built via - omapi. Thanks to Julien Soula at University of Lille for finding the - bug and supplying a patch. - [ISC-Bugs #35712] +- Cleaned up some of the Make infrastructure to make --with-libbind + work better. Though it still only works with an absolute path. + [ISC-Bugs #39210] -- Avoid calling pool_timer() recursively from supersede_lease(). This could - result in leases changing state incorrectly or delaying the running of the - leae expiration code. - [ISC-Bugs #38002] +- Made the embedded bind libraries able to be cross compiled + (please refer to the bind9 documentation to learn how to cross + compile DHCP and its bind library dependency). + [ISC-Bugs #38836] -- Move the check for a PID file and process to be before we rewrite the - lease file. This avoids the possibility of starting a second instance - of a server which changes the current lease file confusing the first - instance. This check is only included if the admin hasn't disabled PID - files. - [ISC-Bugs #38078] - [ISC-Bugs #38143] +- Update the client code to better support getting IA_NAs and IA_PDs + in the same packet, see RFC7550 for some discussion. + [ISC-Bugs #40190] -- In the client code change the way preferred_life and max_life are printed - for environment variables to be unsigned rather than signed. - Thanks to Jiri Popelka at Red Hat for the bug report and patch. - [ISC-Bugs #37084] +! Update the bounds checking when receiving a packet. + Thanks to Sebastian Poehn from Sophos for the bug report and a suggested + patch. + [ISC-Bugs #41267] + CVE: CVE-2015-8605 -- Modified Linux packet handling such that packets received via VLAN are now - seen only by the VLAN interface. Prior to this, such packets were seen by - both the VLAN interface and its parent (physical) interface, causing the - server to respond to both. Note this remains an issue for non-Linux OSs. - Thanks to Jiri Popelka at Red Hat for the patch. - [ISC-Bugs #37415] - [ISC-Bugs #37133] - [ISC-Bugs #36668] - [ISC-Bugs #36652] +- When handling an incorrect command line for dhcpd, dhclient or dhcrelay + print out a specific error message about the first error in addition + to the usage string. This may be disabled by editing includes/site.h. + [ISC-Bugs #40321] + [ISC-Bugs #41454] -- Log content has been changed to more directly suggest that admins should - check for multiple IPv6 clients attempting to use the same DUID when only - abandoned addresses are available. Debug level logging will now emit counts - of the total number of, in-use, and abandoned addresses in a shared subnet - when the server finds no addresses available for a given DUID. Lastly, - threshold logging is now automatically disabled for shared subnets whose - total number of possible addresses exceeds (2^64)-1. - [ISC-Bugs #26376] - [ISC-Bugs #38131] +- The configure script will now exit with an error message if it cannot find + a GNU-style make tool (needed when building BIND libraries) or pkg-config + (needed to locate ATF used for building unit tests). Prior to this the + script would exit indicating success causing subsequent attempts to build + the software to fail. + [ISC-Bugs #40371] -- Added a global parameter, prefix-length-mode, which may be used to determine - how the server uses a non-zero value for prefix-length supplied by clients - when soliciting DHCPv6 prefixes. The server supports selection modes of: - ignore, prefer, exact, minimum and maximum which are described in detail in - the server man pages. The prior behavior of the server was to only offer a - prefix whose length exactly matched the prefix-length value requested. If - no such prefixes were available, the server returned a status of none - available. Note the default mode, "exact", provides this same behavior. - [ISC-Bugs #36780] - [ISC-Bugs #32228] +- Properly terminate strings before passing them to regex and fix + a boundary error when creating certain new data strings. + Thanks to Andrey Jr. Melnikov for the bug report. + [ISC-Bugs #41217] -- Corrected inconsistencies in dhcrelay's setting the upper interface hop count - limit such that it now sets it to 32 when the upstream address is a multicast - address per RFC 3315 Section 20. Prior to this if the -u argument preceded - the -l argument on the command line or if the same interface was specified - for both; the logic to set the hop limit count for the upper interface was - skipped. This caused the hop count limit to be set to the default value - (typically 1) in the outbound upstream packets. - [ISC-Bugs #37426] +- Option expressions, such as prepend and append, are now supported when + running dhclient for IPv6. Prior to this such statements in the + client configuration file would be parsed but have no affect. Thanks + to Jiri Popelka at Red Hat for reporting the issue. + [ISC-Bugs #39952] - Changes since 4.3.1b1 +- A failover primary server will now accept a binding status update from the + secondary which transitions a lease from ACTIVE to ABANDONED. This accounts + for instances in which a client declines a lease and only the secondary + server receives it. Prior to this the primary server would reject such an + update as an "invalid state transition". + [ISC_BUGS #25189] -- Modify the linux and openwrt dhclient scripts to process information - from a stateless request. Thanks to Jiri Popelka at Red Hat for the - bug report and patch. - [ISC-Bugs #36102] +- Properly allocate memory for a bpf filter. + Thanks to Bill Parker (wp02855 at gmail dot com) who identified this issue. + [ISC-Bugs #41485] -- Remove more unused RCSID tags. These weren't noticed in 4.3 as - the code isn't used anymore but we remove them here to keep the - code consistent across versions. - [ISC-Bugs #36451] +- Updated contrib/dhcp-lease-list.pl to handle garbage in the oui file better + and to print out the hostnames a bit better. + Thanks to Antoine Beaupré from Debian for the suggested patch. + [ISC-Bugs #41288] - Changes since 4.3.0 +- The DHCPv6 server now handles long valid and preferred lease times better. + Values that would cause the internal end time of the lease to wrap are + modified to work as infinite. + [ISC-Bugs #40773] -- Tidy up several small tickets. - Correct parsing of DUID from config file, previously the LL type - was put in the wrong place in the DUID string. - [ISC-Bugs #20962] - Add code to parse "do-forward-updates" as well as "do-forward-update" - Thanks to Jiri Popelka at Red Hat. - [ISC-Bugs #31328] - Remove log_priority as it isn't currently used. - [ISC-Bugs #33397] - Increase the size of the buffer used for reading interface information. - [ISC-Bugs #34858] +- Updated support for cross compiling by allowing the library archiver + to be set at configure time via the environment variable 'AR'. + [ISC-Bugs #41536] -- Remove an extra set of the msg_controllen variable. - [ISC-Bugs #21035] +- The server will now match DHCPv6 relayed clients to host declarations + which include the "hardware" statement, if the relay connected to the + client supplies the client's hardware address via client-linklayer-address + option as per RFC 6939. + [ISC-Bugs #40334] -- Add a more understandable error message if a configuration attempts - to add multiple keys for a single zone. Thanks to a patch from Jiri - Popelka at Red Hat. - [ISC-Bugs #31892] +- Allow a filename to be specified instead of /dev/random during + configuration. This is passed to the BIND configuration to allow + for cross compilation. + [ISC-Bugs #33835] -- Fix some minor issues in the dst code. - [ISC-Bugs #34172] +- Add more option definitions. + [ISC-Bugs #40562] -- Properly #ifdef functions so that the code can compile without NSUPDATE. - [ISC-Bugs #35058] +- Correct outputting of long lines in the lease file when writing + a lease that includes long strings in an execute statement. + [ISC-Bugs #40994] -- Update the partner's stos (start time of state, basically when we last - heard from this partner) field when updating the state in failover. - [ISC-Bugs #35549] +- The server will now correctly treat a lease as reserved when the client + requests an infinite lease time (i.e. OxFFFFFFFF) and "infinite-is-reserved" + is enabled. Prior to this the server would halt. In addition, corrections + were made to the server to allow a lease's flags field to be set via omapi. + Prior to this, the server, depending on the host architecture, would + incorrectly parse the new flags value from the omapi message. + [ISC-Bugs #31179] -- Modify the overload processing to allow space for the remote agent ID. - [ISC-Bugs #35569] - Handle the ordering of the SUBNET_MASK option even if it is the last - option in the list. - [ISC-Bugs #24580] +- ISC DHCP can now be configured and built from a directory other than + the top level source directory. Note that "make distcheck" uses this + feature. + [ISC-Bugs #39262] -- Remove the code that allows a server to follow RFC3315 instead of - the subsequent errata from August 2010 when determining which IAs - to include if no addresses will be assigned. - [ISC-Bugs #28938] +- Add support for RFC 3527 to dhcrelay. A new, dhcrelay command line argument, + "-U " enables the addition of a RFC 3527 compliant link selection + suboption to the agent option added for clients directly connected to the + relay. + [ISC-Bugs #34875] + [ISC-Bugs #41708] -- Remove unused RCSID tags. - [ISC-Bugs #35846] +- Add a new global DHCPv6 option, dhcpv6-set-tee-times, which when enabled + instructs the server to calculate T1 and T2 as recommended in RFC 3315, + Section 22.4. + [ISC-Bugs #25687] -- Correct the v6 client timing code. When doing the timing backoff - for MRT limit it to MRD. - Thanks to Jiri Popelka at Red Hat for the bug report and fix. - [ISC-Bugs #21238 +- Corrected minor Coverity issues. + [ISC-Bugs #35144] -- Add a log entry when killing a client and remove the PID files - when a server, relay or client are killed. - [ISC-Bugs #16970] - [ISC-Bugs #17258] +- Add support for RFC 7341 DHCPv4 over DHCPv6 with a new configuration + option "--enable-dhcpv4o6". Note this feature requires DHCPv6 support + and is not compatible with delayed-ack. Both client and server use 2 + processes which communicate over UDP on a pair of sockets. The new + "-4o6 " command line argument enables DHCPv4 over DHCPv6 support + and specifies the consecutive ports to use for inter-process communication. + Please look at doc/DHCPv4-over-DHCPv6 for more details. + [ISC-Bugs #35711] -- Some minor cleanups in the client code. - In addition to checking for dhcpc check for bootpc in the services list. - [ISC-Bugs #18933] - Correct the client code to only try to get a lease once when the - given the "-1" argument. - Thanks to Jiri Popelka at Red Hat for the bug report and fix. - [ISC-Bugs #26735] - When asked for the version don't send the output to syslog. - [ISC-Bugs #29772] - Add the next server information to the environment variables for - use by the client script. In order to avoid changing the client - lease file the next server information isn't written to it. - Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix. - [ISC-Bugs #33098] +- Correct interface name formation when using DLPI under Solaris 11. As of + Solaris 11, ethernet device files are located in "/dev/net". The configure + script has been modified to detect this situation and adjust the directory + used accordingly. Thanks to Jarkko Torppa for reporting this issue and + submitting a patch + [ISC-Bugs #37954] + [ISC-Bugs #40752] -- Several updates to the dhcp server code. - When not in quiet mode print out the files being used. - [ISC-Bugs #17551] - As accessing some pid files may require privileges move the dropping - of permission bits due to the paranoia patch to be after the pid code. - Thanks to Jiri Popelka at Red Hat for the bug report and fix. - [ISC-Bugs #25806] - When processing a "--version" request don't output the version information - to syslog. +- Add a dereference call when handling an error condition while + decoding a packet. + [ISC-Bugs #41774] -- Add the "enable-log-pid" build option to the configure script. When enabled - this causes the client, server and relay programs to include the PID - number in syslog messages. - Thanks to Marius Tomaschewski for the suggestion and proto-patch. - [ISC-Bugs #29713] +- Add a new parameter, lease-id-format, to both dhcpd and dhclient. The + parameter controls the format in which certain values are written to lease + files. Formats supported are octal - quoted string containing octal + escapes, and hex - unquoted, colon separated hex digits. Thanks to + Jay Ford, University of Iowa for bringing the issue to our attention. + [ISC-Bugs #26378] -- Add a #define to specify the prefix length used when a client attempts - to configure an address. This can be modified by editing includes/site.h. - By default it is set to 64. While 128 might be a better choice it would - also be a change for currently running systems, so we have left it at 64. - [ISC-Bugs #DHCP-2] +! Add an option in site.h to limit the number of failover and control + connections the server will accept. By default this is 200. + [ISC-Bugs #41845] + CVE: CVE-2016-2774 -- Add a run time option to the client "-df" to allow the administrator to - point to a second lease file the client can search for a DUID. This can - be used to allow a v4 and a v6 instance of the client to share a DUID. - The second file will only be searched if there isn't a DUID in the main - lease file and the DUID will be written out to the main lease file. - [ISC-Bugs #34886] +- Fixed util/bindvar.sh error handling. + [ISC-Bugs #41973] -- Have the client fsync the lease file to avoid lease corruption if the - client hibernates or otherwise shuts down. - [ISC-Bugs #35894] +- Correct error message in relay to use remote id length instead + of circuit id length. + [ISC-Bugs #42556] -- Add a check for L2VLAN in bpf.c to help support VLAN interfaces - Thanks to Steinar Haug for the suggestion. - [ISC-Bugs #36033] +- Add support for including an encapsulated option in a response + from the DHCPv6 server. This allows the v6 FQDN option to be + returned in responses. + [ISC-Bugs #29246] -- Modify the handling of the resolv.conf file to allow the DHCP - process to start up even if the resolv.conf file has problems. - [ISC-Bugs #35989] +- Add logic to test directory Makefiles to avoid copying Attfile(s) + when building within the source tree. This eliminates a noisy but + otherwise harmless error message when running "make check". + [ISC-Bugs #41883] -- Add threshold logging functionality. Two new options, - log-threshold-low and log-threshold-high, indicate to the - server if and when it should log an error message as addresses - in a pool are used. - [ISC-Bugs #34487] +- Leases are now scrubbed of certain prior use information when pool + re-balancing reassigns them from one FO peer to the other. This + corrects an issue where leases that were offered but ignored retained + the client hostname from the original client. Thanks to Pavel Polacek, + Jan Evangelista Purkyne University for reporting the issue. + [ISC-Bugs #42008] -- Add code to properly dereference a pointer in the dhclient code - on an error condition. - [ISC-Bugs #36194] +- In the LDAP code and schema add some missing '6' characters to use + the v6 instead of the v4 versions. Thanks to Denis Taranushin for + reporting this issue and supplying its patch. + [ISC-Bugs #42666] -- Add code to help clean up soft leases. - [ISC-Bugs #36304] +- Correct how the pick-first-value expression is written to a lease + file. Previously it was written as a concat expression due to + a cut and paste error. + [ISC-Bugs #42253] -- Disable the gentle shutdown functionality until we can determine - the best way to present it to remove or reduce the side effects. - [ISC-Bugs #36066] +- Modify the DDNS code to clean up the PTR record even if there + are issues while cleaning up the A or AAAA records. + [ISC-Bugs #23954] - Changes since 4.3.0rc1 +- Added global configuration parameter, abandon-lease-time, which determines + the amount of time a lease remains abandoned. The default is 84600 seconds. + Additionaly, the server now conducts a ping check (if ping checks are + enabled) prior to offering an abandoned lease to client. + [ISC-Bugs #41815] -- None - Changes since 4.3.0b1 +- Correct handling of interface names during interface discovery. This + addresses an issue where interface names of 15 characters in length + could lead to crashes or interface recognition errors during startup + of dhcpd, dhclient, and dhcrelay. + [ISC-Bugs #42226] -- Tidy up receive packet processing. - Thanks to Brad Plank of GTA for reporting the issue and suggesting - a possible patch. - [ISC-Bugs #34447] +- Updates to contrib/dhcp-lease-list.pl to make it more friendly. + They are looking for the lease file in more places and skipping + the "processing complete" output when creating machine readable + output. + [ISC-Bugs #42113] - Changes since 4.3.0a1 +- When reusing a lease for dhcp-cache-threshold return the hostname + to the original lease. Also if the host pointer, UID or hardware address + change don't allow reuse of the lease. + Thanks to Michael Vincent for reporting this and helping us + verify the problem and fix. + [ISC-Bugs #42849] -- Modify the message displayed when a process hits a fatal error. - The new message is much shorter and simply points to the README - and our website for directions on bug submissions. - [ISC-Bugs #24789] +- Change dmalloc to use a size_t as the length argument to bring it + in line with the call it will make to malloc(). + [ISC-Bugs #40843] -- Handle an absent resolv.conf file better. - [ISC-Bugs #35194] +- If the failover socket can't be bound close it, otherwise if the + user configures an incorrect address in the failover stanza the + server will continue to open new sockets every 90 seconds until + it runs out. + [ISC-Bugs #42452] Changes since 4.2.0 (new features)