- In Solaris 11 switch to using sockets instead of DLPI, thanks
to a patch form Oracle. [ISC-Bugs #24634].
+- Strict checks for content of domain-name DHCPv4 option can now be
+ configured during compilation time. Even though RFC2132 does not allow
+ to store more than one domain in domain-name option, such behavior is
+ now enabled by default, but this may change some time in the future.
+ See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
+ [ISC-Bugs #24167]
+
Changes since 4.2.1rc1
- None
/* just reject options we want to protect, will be escaped anyway */
if ((universe == NULL) || (universe == &dhcp_universe)) {
switch(opt) {
- case DHO_HOST_NAME:
case DHO_DOMAIN_NAME:
+#ifdef ACCEPT_LIST_IN_DOMAIN_NAME
+ return check_domain_name_list(ptr, len, 0);
+#else
+ return check_domain_name(ptr, len, 0);
+#endif
+ case DHO_HOST_NAME:
case DHO_NIS_DOMAIN:
case DHO_NETBIOS_SCOPE:
return check_domain_name(ptr, len, 0);
return 1;
}
+/* boolean :== ON SEMI | OFF SEMI | TRUE SEMI | FALSE SEMI */
+
+int parse_boolean (cfile)
+ struct parse *cfile;
+{
+ enum dhcp_token token;
+ const char *val;
+ int rv;
+
+ token = next_token (&val, (unsigned *)0, cfile);
+ if (!strcasecmp (val, "true")
+ || !strcasecmp (val, "on"))
+ rv = 1;
+ else if (!strcasecmp (val, "false")
+ || !strcasecmp (val, "off"))
+ rv = 0;
+ else {
+ parse_warn (cfile,
+ "boolean value (true/false/on/off) expected");
+ skip_to_semi (cfile);
+ return 0;
+ }
+ parse_semi (cfile);
+ return rv;
+}
+
+
/*
* data_expression :== SUBSTRING LPAREN data-expression COMMA
* numeric-expression COMMA
#endif
int permit_list_match (struct permit *, struct permit *);
void parse_pool_statement (struct parse *, struct group *, int);
-int parse_boolean (struct parse *);
int parse_lbrace (struct parse *);
void parse_host_declaration (struct parse *, struct group *);
int parse_class_declaration (struct class **, struct parse *,
struct parse *, int *);
int parse_boolean_expression (struct expression **,
struct parse *, int *);
+int parse_boolean (struct parse *);
int parse_data_expression (struct expression **,
struct parse *, int *);
int parse_numeric_expression (struct expression **,
source port of the message it received. This is useful for testing
but is only included for backwards compatibility. */
/* #define REPLY_TO_SOURCE_PORT */
+
+/* Define this if you want to allow domain list in domain-name option.
+ RFC2132 does not allow that behavior, but it is somewhat used due
+ to historic reasons. Note that it may be removed some time in the
+ future. */
+
+#define ACCEPT_LIST_IN_DOMAIN_NAME
pool_dereference (&pool, MDL);
}
-/* boolean :== ON SEMI | OFF SEMI | TRUE SEMI | FALSE SEMI */
-
-int parse_boolean (cfile)
- struct parse *cfile;
-{
- enum dhcp_token token;
- const char *val;
- int rv;
-
- token = next_token (&val, (unsigned *)0, cfile);
- if (!strcasecmp (val, "true")
- || !strcasecmp (val, "on"))
- rv = 1;
- else if (!strcasecmp (val, "false")
- || !strcasecmp (val, "off"))
- rv = 0;
- else {
- parse_warn (cfile,
- "boolean value (true/false/on/off) expected");
- skip_to_semi (cfile);
- return 0;
- }
- parse_semi (cfile);
- return rv;
-}
-
/* Expect a left brace; if there isn't one, skip over the rest of the
statement and return zero; otherwise, return 1. */
projects / thirdparty / dhcp.git / commitdiff
