+Kea 3.1.3 (development) released on October 29, 2025
+
+2412. [build] andrei
+ The library version numbers have been bumped up for the Kea 3.1.3
+ development release.
+ (Gitlab #4175)
+
+2411. [sec] tmark
+ When a hostname or FQDN received from a client is
+ reduced to an empty string by hostname sanitizing,
+ kea-dhcp4 and kea-dhcp6 will now drop the option.
+ CVE:2025-11232
+ (Gitlab #4142)
+
+2410. [build] andrei
+ -Wshadow was added to the compiler flags and its warnings
+ addressed.
+ (Gitlab #3451)
+
+2409. [build] andrei
+ Kea now builds with Clang 21. Thanks to Khem Raj for reporting
+ the problem and suggesting a fix.
+ (Gitlab #4100)
+
+2408. [bug] andrei
+ Fixed a bug introduced in flex-id in 3.1.2 which caused the
+ expression to always be empty even when a value was configured
+ under "identifier-expression".
+ (Gitlab #4181)
+
+2407. [bug] tmark
+ Corrected an issue that was causing an
+ HA peer to not restart its dedicated listener
+ after handling a config-test command.
+ Applies to both kea-dhcp4 and kea-dhcp6.
+ (Gitlab #4145)
+
2406. [bug] razvan
Removed logging an error in ping check hook library if
using lease cache treshold.
+++ /dev/null
-[build] andrei
- -Wshadow was added to the compiler flags and its warnings
- addressed.
- (Gitlab #3451)
+++ /dev/null
-[build] andrei
- Kea now builds with Clang 21. Thanks to Khem Raj for reporting
- the problem and suggesting a fix.
- (Gitlab #4100)
+++ /dev/null
-[bug] tmark
- Corrected an issue that was causing an
- HA peer to not restart its dedicated listener
- after handling a config-test command.
- Applies to both kea-dhcp4 and kea-dhcp6.
- (Gitlab #4145)
+++ /dev/null
-[build] andrei
- The library version numbers have been bumped up for the Kea 3.1.3
- development release.
- (Gitlab #4175)
+++ /dev/null
-[bug] andrei
- Fixed a bug introduced in flex-id in 3.1.2 which caused the
- expression to always be empty even when a value was configured
- under "identifier-expression".
- (Gitlab #4181)
+++ /dev/null
-[sec] tmark
- When a hostname or FQDN received from a client is
- reduced to an empty string by hostname sanitizing,
- kea-dhcp4 and kea-dhcp6 will now drop the option.
- CVE:2025-11232
- (Gitlab #4142)
- DHCP4_BUFFER_WAIT_SIGNAL
- DHCP4_CLIENTID_IGNORED_FOR_LEASES
- DHCP4_CLIENT_FQDN_PROCESS
+- DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY
- DHCP4_CLIENT_HOSTNAME_MALFORMED
- DHCP4_CLIENT_HOSTNAME_PROCESS
+- DHCP4_CLIENT_HOSTNAME_SCRUBBED_EMPTY
- DHCP4_DEFERRED_OPTION_MISSING
- DHCP4_DEFERRED_OPTION_UNPACK_FAIL
- DHCP4_DHCP4O6_BAD_PACKET
- DHCP6_ADD_STATUS_CODE_FOR_IA
- DHCP6_BUFFER_UNPACK
- DHCP6_BUFFER_WAIT_SIGNAL
+- DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY
- DHCP6_DDNS_CREATE_ADD_NAME_CHANGE_REQUEST
- DHCP6_DDNS_GENERATE_FQDN
- DHCP6_DDNS_RECEIVE_FQDN
- PING_CHECK_MGR_RECEIVED_UNEXPECTED_UNREACHABLE_MSG
- PING_CHECK_MGR_RECEIVED_UNREACHABLE_MSG
- PING_CHECK_MGR_REPLY_TIMEOUT_EXPIRED
+- PING_CHECK_NO_LEASE_OR_LEASE_REUSED
- TCP_CONNECTION_REJECTED_BY_FILTER
- TCP_IDLE_CONNECTION_TIMEOUT_OCCURRED
- TCP_REQUEST_RECEIVE_START
FQDN option sent in the client's query. The argument includes the
client and transaction identification information.
+DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY
+================================
+
+.. code-block:: text
+
+ %1: sanitizing client's FQDN option '%2' yielded an empty string
+
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(81) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
+
DHCP4_CLIENT_HOSTNAME_DATA
==========================
option sent in the client's query. The argument includes the client and
transaction identification information.
+DHCP4_CLIENT_HOSTNAME_SCRUBBED_EMPTY
+====================================
+
+.. code-block:: text
+
+ %1: sanitizing client's Hostname option '%2' yielded an empty string
+
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+hostname option(12) sent by the client is an empty string. When this occurs
+the server will ignore the hostname option. The arguments include the
+client and the hostname option it sent.
+
DHCP4_CLIENT_NAME_PROC_FAIL
===========================
.. code-block:: text
- dropped as sent by the same client than a packet being processed by another thread: dropped %1, %2 by thread %3 as duplicate of %4, %5 processed by %6
+ dropped as sent by the same client than a packet being processed by another thread: dropped %1, %2 by thread %3 as duplicate of %4, %5 processed by thread %6
Logged at debug log level 15.
Currently multi-threading processing avoids races between packets sent by
.. code-block:: text
- dropped as sent by the same client than a packet being processed by another thread: dropped %1, %2 by thread %3 as duplicate of %4, %5 processed by %6
+ dropped as sent by the same client than a packet being processed by another thread: dropped %1, %2 by thread %3 as duplicate of %4, %5 processed by thread %6
Logged at debug log level 15.
Currently multi-threading processing avoids races between packets sent by
before the classification was added to Kea is used, or class naming is
inconsistent.
+DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY
+================================
+
+.. code-block:: text
+
+ %1: sanitizing client's FQDN option '%2' yielded an empty string
+
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(39) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
+
DHCP6_CONFIG_COMPLETE
=====================
.. code-block:: text
- dropped as sent by the same client than a packet being processed by another thread: dropped %1 %2 by thread %3 as duplicate of %4 %5 processed by %6
+ dropped as sent by the same client than a packet being processed by another thread: dropped %1 %2 by thread %3 as duplicate of %4 %5 processed by thread %6
Logged at debug log level 15.
Currently multi-threading processing avoids races between packets sent by
An informational message issued when the memfile lease database backend
starts a new process to perform Lease File Cleanup.
+DHCPSRV_MEMFILE_LFC_FAIL_PID_CREATE
+===================================
+
+.. code-block:: text
+
+ Lease File Cleanup pid file create: %1
+
+This error message is issued if the LFC execute code detects a failure
+when trying to create the PID file. It includes a more specific error string.
+
DHCPSRV_MEMFILE_LFC_LEASE_FILE_RENAME_FAIL
==========================================
rescheduled the periodic Lease File Cleanup at the reception of a
"kea-lfc-start" command.
+DHCPSRV_MEMFILE_LFC_RUNNING
+===========================
+
+.. code-block:: text
+
+ Lease File Cleanup instance already running
+
+This informational message is issued when the LFC execute code detects that
+a previous instance of the LFC process is still running via the PID check.
+
DHCPSRV_MEMFILE_LFC_SETUP
=========================
Logged at debug log level 40.
Debug message logged to indicate that the current number of leased addresses or
-prefixes for a client class or a subnet is exceeding the limit.
+prefixes for a client class or a subnet has exceeded the limit.
LIMITS_LEASE_WITHIN_LIMITS
==========================
Logged at debug log level 40.
Debug message logged to indicate that the current number of leased addresses or
-prefixes for a client class or a subnet is exceeding the limit.
+prefixes for a client class or a subnet has not exceeded the limit.
LIMITS_PACKET_WIIH_SUBNET_ID_RATE_NO_SUBNET
===========================================
server will log the error once and then use global ping-check parameters
for the subnet until the configuration is corrected.
+PING_CHECK_NO_LEASE_OR_LEASE_REUSED
+===================================
+
+.. code-block:: text
+
+ Ping check skipped: no lease
+
+Logged at debug log level 50.
+This debug message is emitted when the ping check request made by the
+server does not contain a lease. This typically happens when a lease is
+being reused. The ping check will be skipped and the offer processing will
+continue as normal.
+
PING_CHECK_PAUSE_FAILED
=======================
FQDN option sent in the client's query. The argument includes the
client and transaction identification information.
+% DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(81) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
+
% DHCP4_CLIENT_HOSTNAME_DATA %1: client sent Hostname option: %2
Logged at debug log level 55.
This debug message includes the detailed information extracted from the
the server will ignore the hostname option. The arguments include the
client and the hostname option it sent.
-% DHCP4_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
-Logged at debug log level 50.
-This debug message is issued when the result of sanitizing the
-FQDN option(81) sent by the client is an empty string. When this occurs
-the server will ignore the FQDN option. The arguments include the
-client and the FQDN option it sent.
-
% DHCP4_CLIENT_NAME_PROC_FAIL %1: failed to process the fqdn or hostname sent by a client: %2
Logged at debug log level 55.
This debug message is issued when the DHCP server was unable to process the
before the classification was added to Kea is used, or class naming is
inconsistent.
+% DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
+Logged at debug log level 50.
+This debug message is issued when the result of sanitizing the
+FQDN option(39) sent by the client is an empty string. When this occurs
+the server will ignore the FQDN option. The arguments include the
+client and the FQDN option it sent.
+
% DHCP6_CONFIG_COMPLETE DHCPv6 server has completed configuration: %1
This is an informational message announcing the successful processing of a
new configuration. it is output during server startup, and when an updated
use it to extend their leases. As a result, they will have to go through
a rebinding phase to re-acquire their leases and associate them with a
new server id.
-
-% DHCP6_CLIENT_FQDN_SCRUBBED_EMPTY %1: sanitizing client's FQDN option '%2' yielded an empty string
-Logged at debug log level 50.
-This debug message is issued when the result of sanitizing the
-FQDN option(39) sent by the client is an empty string. When this occurs
-the server will ignore the FQDN option. The arguments include the
-client and the FQDN option it sent.
-// Copyright (C) 2019-2024 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2019-2025 Internet Systems Consortium, Inc. ("ISC")
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
-// Copyright (C) 2019-2023 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2019-2025 Internet Systems Consortium, Inc. ("ISC")
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
projects / thirdparty / kea.git / commitdiff
