- When a failover server suspects it has encountered a peer running a

  version 3.0.x failover server, a warning that the failover wire protocol
  is incompatible is printed.  [ISC-Bugs #17129]
- The failover server no longer issues a floating point error if it encounters
  a previously undefined option code.  [ISC-Bugs #17129]

diff --git a/RELNOTES b/RELNOTES
index 3133d4b6f102352000459dc77a83b6329739db05..25d5d1c4e598c23b721dabab83487f1c51ce0c08 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -132,6 +132,13 @@ suggested fixes to <dhcp-users@isc.org>.
   allows the client to work in 'captive' network environments, where the
   operator does not want clients to crosstalk directly.
 
+- When a failover server suspects it has encountered a peer running a
+  version 3.0.x failover server, a warning that the failover wire protocol
+  is incompatible is printed.
+
+- The failover server no longer issues a floating point error if it encounters
+  a previously undefined option code.
+
                        Changes since 4.0.0b3
 
 - The reverse dns name for PTR updates on IPv6 addresses has been fixed to

diff --git a/server/failover.c b/server/failover.c
index b96cc855b6f4edbd1689ea83d7aeabf0064a78fe..a9345d16212fcc12a0da55e6f8330de709c8ef58 100644 (file)
--- a/server/failover.c
+++ b/server/failover.c
@@ -645,7 +645,8 @@ static isc_result_t do_a_failover_option (c, link)
        }
 
        /* If it's an unknown code, skip over it. */
-       if (option_code > FTO_MAX) {
+       if ((option_code > FTO_MAX) ||
+           (ft_options[option_code].type == FT_UNDEF)) {
 #if defined (DEBUG_FAILOVER_MESSAGES)
                log_debug ("  option code %d (%s) len %d (not recognized)",
                           option_code,
@@ -788,6 +789,35 @@ static isc_result_t do_a_failover_option (c, link)
        if (op_size == 1 || ft_options [option_code].type == FT_IPADDR) {
                omapi_connection_copyout ((unsigned char *)op, c, option_len);
                link -> imsg_count += option_len;
+
+               /*
+                * As of 3.1.0, many option codes were changed to conform to
+                * draft revision 12 (which alphabetized, then renumbered all
+                * the option codes without preserving the version option code
+                * nor bumping its value).  As it turns out, the message codes
+                * for CONNECT and CONNECTACK turn out the same, so it tries
+                * its darndest to connect, and falls short (when TLS_REQUEST
+                * comes up size 2 rather than size 1 as draft revision 12 also
+                * mandates).
+                *
+                * The VENDOR_CLASS code in 3.0.x was 11, which is now the HBA
+                * code.  Both work out to be arbitrarily long text-or-byte
+                * strings, so they pass parsing.
+                *
+                * Note that it is possible (or intentional), if highly
+                * improbable, for the HBA bit array to exactly match
+                * isc-V3.0.x.  Warning here is not an issue; if it really is
+                * 3.0.x, there will be a protocol error later on.  If it isn't
+                * actually 3.0.x, then I guess the lucky user will have to
+                * live with a weird warning.
+                */
+               if ((option_code == 11) && (option_len > 9) &&
+                   (strncmp((const char *)op, "isc-V3.0.", 9) == 0)) {
+                       log_error("WARNING: failover as of versions 3.1.0 and "
+                                 "on are not reverse compatible with "
+                                 "versions 3.0.x.");
+               }
+
                goto out;
        }