From: Ted Lemon Date: Thu, 25 Feb 1999 23:30:43 +0000 (+0000) Subject: Sync with 2.0b1pl16. Fix some pool allocation problems. X-Git-Tag: V3-ALPHA-19990315~56 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=74f45f9642639bf4dfc7a28595363055d4c1b955;p=thirdparty%2Fdhcp.git Sync with 2.0b1pl16. Fix some pool allocation problems. --- diff --git a/RELNOTES b/RELNOTES index da24d3d1e..9d8338a28 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,12 +1,12 @@ Internet Software Consortium Dynamic Host Configuration Protocol Distribution Version 3, Alpha Snapshot - December 2, 1997 + February 25, 1999 Release Notes -This is the first development snapshot of Version 3 of the Internet -Software Consortium DHCP Distribution. +This is a development snapshot of Version 3 of the Internet Software +Consortium DHCP Distribution. PLANS @@ -78,4 +78,10 @@ experiment, or for sites that desperately need the new features. - Memory allocation behaviour has been completely redone. - Support for more than one pool of addresses per network segment. - This permits different address \ No newline at end of file + This permits clients to be allocated addresses out of different + ranges, even within a subnet, based on what classes they're in, + whether or not they are known (have host declarations), whether or + not they have authenticated, and that sort of thing. Parameters, + including things like lease times and also things like options to be + sent to the client, can vary from address pool to address pool. + diff --git a/client/Makefile.dist b/client/Makefile.dist index df9b65040..9d778d3d6 100644 --- a/client/Makefile.dist +++ b/client/Makefile.dist @@ -44,40 +44,34 @@ CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) all: $(PROG) $(CATMANPAGES) -install: $(PROG) $(CATMANPAGES) - @for dir in $(CLIENTBINDIR) $(ETC) $(ADMMANDIR) $(FFMANDIR) $(VARDB); \ +install: all + for dir in $(CLIENTBINDIR) $(ETC) $(FFMANDIR) $(ADMMANDIR) $(VARDB); \ do \ - case $$dir in \ - /*) base=/ ;; \ - *) base="" ;; \ - esac; \ - slash=""; \ - for elt in `echo $$dir |sed -e 's/\// /g'`; do \ - if [ ! -d $$base/$$elt ]; then \ - echo Making $$base/$$elt; \ - mkdir $$base/$$elt; \ - chmod 755 $$base/$$elt; \ + foo=""; \ + for bar in `echo $(DESTDIR)$${dir} |tr / ' '`; do \ + foo=$${foo}/$$bar; \ + if [ ! -d $$foo ]; then \ + mkdir $$foo; \ + chmod 755 $$foo; \ fi; \ - base=$$base$$slash$$elt; \ - slash=/; \ done; \ done - $(INSTALL) dhclient $(CLIENTBINDIR) - $(CHMOD) 755 $(CLIENTBINDIR)/dhclient - @if [ x$(SCRIPT) = xnone ]; then \ + $(INSTALL) dhclient $(DESTDIR)$(CLIENTBINDIR) + $(CHMOD) 755 $(DESTDIR)$(CLIENTBINDIR)/dhclient + if [ x$(SCRIPT) = xnone ]; then \ echo "No client script available."; \ else \ - $(INSTALL) scripts/$(SCRIPT) $(ETC)/dhclient-script; \ - $(CHMOD) 700 $(ETC)/dhclient-script; \ + $(INSTALL) scripts/$(SCRIPT) $(DESTDIR)$(ETC)/dhclient-script; \ + $(CHMOD) 700 $(DESTDIR)$(ETC)/dhclient-script; \ fi $(MANINSTALL) $(MANFROM) dhclient.cat8 $(MANTO) \ - $(ADMMANDIR)/dhclient$(ADMMANEXT) + $(DESTDIR)$(ADMMANDIR)/dhclient$(ADMMANEXT) $(MANINSTALL) $(MANFROM) dhclient-script.cat8 $(MANTO) \ - $(ADMMANDIR)/dhclient-script$(ADMMANEXT) + $(DESTDIR)$(ADMMANDIR)/dhclient-script$(ADMMANEXT) $(MANINSTALL) $(MANFROM) dhclient.conf.cat5 $(MANTO) \ - $(FFMANDIR)/dhclient.conf$(FFMANEXT) + $(DESTDIR)$(FFMANDIR)/dhclient.conf$(FFMANEXT) $(MANINSTALL) $(MANFROM) dhclient.leases.cat5 $(MANTO) \ - $(FFMANDIR)/dhclient.leases$(FFMANEXT) + $(DESTDIR)$(FFMANDIR)/dhclient.leases$(FFMANEXT) depend: makedepend $(INCLUDES) $(PREDEFINES) $(SRCS) diff --git a/client/clparse.c b/client/clparse.c index b0b63188f..a2c4ac143 100644 --- a/client/clparse.c +++ b/client/clparse.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: clparse.c,v 1.22 1999/02/24 17:56:42 mellon Exp $ Copyright (c) 1997 The Internet Software Consortium. All rights reserved.\n"; +"$Id: clparse.c,v 1.23 1999/02/25 23:30:31 mellon Exp $ Copyright (c) 1997 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -193,7 +193,8 @@ void read_client_leases () SCRIPT string | interface-declaration | LEASE client-lease-statement | - ALIAS client-lease-statement */ + ALIAS client-lease-statement | + AUTH_KEY key_id key_data */ void parse_client_statement (cfile, ip, config) FILE *cfile; @@ -207,8 +208,14 @@ void parse_client_statement (cfile, ip, config) enum statement_op op; int lose; char *name; + struct data_string key_id; switch (peek_token (&val, cfile)) { + case AUTH_KEY: + memset (&key_id, 0, sizeof key_id); + if (parse_auth_key (&key_id, cfile)) + data_string_forget (&key_id, "parse_client_statement"); + break; case SEND: p = &config -> on_transmission -> statements; op = supersede_option_statement; diff --git a/client/dhclient.c b/client/dhclient.c index 9e5577c5f..7016925f5 100644 --- a/client/dhclient.c +++ b/client/dhclient.c @@ -56,7 +56,7 @@ #ifndef lint static char ocopyright[] = -"$Id: dhclient.c,v 1.56 1999/02/24 17:56:42 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; +"$Id: dhclient.c,v 1.57 1999/02/25 23:30:31 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -88,7 +88,7 @@ struct sockaddr_in sockaddr_broadcast; static char copyright[] = "Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium."; static char arr [] = "All rights reserved."; -static char message [] = "Internet Software Consortium DHCP Client V3.0-alpha-990213"; +static char message [] = "Internet Software Consortium DHCP Client V3.0-alpha-990225"; static char contrib [] = "\nPlease contribute if you find this software useful."; static char url [] = "For info, please visit http://www.isc.org/dhcp-contrib.html\n"; @@ -109,7 +109,7 @@ int main (argc, argv, envp) struct interface_info *ip; struct client_state *client; int seed; - int quiet; + int quiet = 0; #ifdef SYSLOG_4_2 openlog ("dhclient", LOG_NDELAY); @@ -1155,8 +1155,6 @@ void send_discover (cpp) client -> packet_length, inaddr_any, &sockaddr_broadcast, (struct hardware *)0); - if (result < 0) - log_error ("send_packet: %m"); add_timeout (cur_time + client -> interval, send_discover, client); } @@ -1406,9 +1404,6 @@ void send_request (cpp) from, &destination, (struct hardware *)0); - if (result < 0) - log_error ("send_packet: %m"); - add_timeout (cur_time + client -> interval, send_request, client); } @@ -1431,8 +1426,6 @@ void send_decline (cpp) client -> packet_length, inaddr_any, &sockaddr_broadcast, (struct hardware *)0); - if (result < 0) - log_error ("send_packet: %m"); } void send_release (cpp) @@ -1453,8 +1446,6 @@ void send_release (cpp) client -> packet_length, inaddr_any, &sockaddr_broadcast, (struct hardware *)0); - if (result < 0) - log_error ("send_packet: %m"); } void make_client_options (client, lease, type, sid, rip, prl, @@ -1760,7 +1751,7 @@ void make_release (client, lease) client -> packet.htype = client -> interface -> hw_address.htype; client -> packet.hlen = client -> interface -> hw_address.hlen; client -> packet.hops = 0; - client -> packet.xid = client -> xid; + client -> packet.xid = random (); client -> packet.secs = 0; client -> packet.flags = 0; memcpy (&client -> packet.ciaddr, diff --git a/client/dhclient.conf.cat5 b/client/dhclient.conf.cat5 index 3a0384427..7b6bb1cd9 100644 --- a/client/dhclient.conf.cat5 +++ b/client/dhclient.conf.cat5 @@ -220,42 +220,42 @@ OOPPTTIIOONN MMOODDIIFFIIEERRSS _T_h_e ddeeffaauulltt _s_t_a_t_e_m_e_n_t - ddeeffaauulltt {{ [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] [,, _._._. _o_p_t_i_o_n _d_e_c_l_a_r_a_­ - _t_i_o_n ]}} + ddeeffaauulltt [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] ;; - If for some set of options the client should use the value - supplied by the server, but needs to use some default - value if no value was supplied by the server, these values - can be defined in the ddeeffaauulltt statement. + If for some option the client should use the value sup­ + plied by the server, but needs to use some default value + if no value was supplied by the server, these values can + be defined in the ddeeffaauulltt statement. _T_h_e ssuuppeerrsseeddee _s_t_a_t_e_m_e_n_t - ssuuppeerrsseeddee {{ [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] [,, _._._. _o_p_t_i_o_n _d_e_c_l_a_r_a_­ - _t_i_o_n ]}} + ssuuppeerrsseeddee [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] ;; - If for some set of options the client should always use - its own value rather than any value supplied by the - server, these values can be defined in the ssuuppeerrsseeddee - statement. + If for some option the client should always use a locally- + configured value or values rather than whatever is sup­ + plied by the server, these values can be defined in the + ssuuppeerrsseeddee statement. _T_h_e pprreeppeenndd _s_t_a_t_e_m_e_n_t - pprreeppeenndd {{ [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] [,, _._._. _o_p_t_i_o_n _d_e_c_l_a_r_a_­ - _t_i_o_n ]}} + pprreeppeenndd [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] ;; - If for some set of options the client should first a value - it supplies, and then use the values supplied by the - server, if any, these values can be defined in the pprreeppeenndd - statement. The pprreeppeenndd statement can only be used for - options which allow more than one value to be given. + If for some option the client should use both a value it + supplies, and then any values supplied by the server, + these values can be defined in the pprreeppeenndd statement. + The pprreeppeenndd statement can only be used for options which + allow more than one value to be given. _T_h_e aappppeenndd _s_t_a_t_e_m_e_n_t - aappppeenndd {{ [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] [,, _._._. _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n - ]}} + aappppeenndd [[ _o_p_t_i_o_n _d_e_c_l_a_r_a_t_i_o_n ] ;; + + If for some option the client should first any values sup­ + plied to it by the server, and then some values it sup­ + plies, those values should be defined in the aappppeenndd state­ + ment. The aappppeenndd statement can only be used for options + which allow more than one value to be given. - If for some set of options the client should first a value - it supplies, and then use the values supplied by the @@ -268,10 +268,6 @@ OOPPTTIIOONN MMOODDIIFFIIEERRSS dhclient.conf(5) dhclient.conf(5) - server, if any, these values can be defined in the aappppeenndd - statement. The aappppeenndd statement can only be used for - options which allow more than one value to be given. - LLEEAASSEE DDEECCLLAARRAATTIIOONNSS _T_h_e lleeaassee _d_e_c_l_a_r_a_t_i_o_n @@ -322,6 +318,10 @@ LLEEAASSEE DDEECCLLAARRAATTIIOONNSS ffiixxeedd--aaddddrreessss _i_p_-_a_d_d_r_e_s_s;; The ffiixxeedd--aaddddrreessss statement is used to set the ip address + of a particular lease. This is required for all lease + statements. The IP address must be specified as a dotted + quad (e.g., 12.34.56.78). + @@ -334,10 +334,6 @@ LLEEAASSEE DDEECCLLAARRAATTIIOONNSS dhclient.conf(5) dhclient.conf(5) - of a particular lease. This is required for all lease - statements. The IP address must be specified as a dotted - quad (e.g., 12.34.56.78). - ffiilleennaammee ""_s_t_r_i_n_g"";; The ffiilleennaammee statement specifies the name of the boot @@ -388,21 +384,21 @@ dhclient.conf(5) dhclient.conf(5) statement should be used in predefined leases only if the network interface requires media type configuration. + rreenneeww _d_a_t_e;; + rreebbiinndd _d_a_t_e;; - 6 + 6 -dhclient.conf(5) dhclient.conf(5) - rreenneeww _d_a_t_e;; +dhclient.conf(5) dhclient.conf(5) - rreebbiinndd _d_a_t_e;; eexxppiirree _d_a_t_e;; @@ -433,8 +429,8 @@ dhclient.conf(5) dhclient.conf(5) is specified as a number starting with 1 for January. The day of the month is likewise specified starting with 1. The hour is a number between 0 and 23, the minute a number - between 0 and 69, and the second also a number between 0 - and 69. + between 0 and 59, and the second also a number between 0 + and 59. AALLIIAASS DDEECCLLAARRAATTIIOONNSS aalliiaass {{ _d_e_c_l_a_r_a_t_i_o_n_s _._._. }} @@ -453,7 +449,11 @@ AALLIIAASS DDEECCLLAARRAATTIIOONNSS except that options other than the subnet-mask option are ignored by the standard client configuration script, and expiry times are ignored. A typical alias declaration - includes an interface declaration, a fixed-address + includes an interface declaration, a fixed-address decla­ + ration for the IP alias address, and a subnet-mask option + declaration. A medium statement should never be included + in an alias declaration. + @@ -466,10 +466,6 @@ AALLIIAASS DDEECCLLAARRAATTIIOONNSS dhclient.conf(5) dhclient.conf(5) - declaration for the IP alias address, and a subnet-mask - option declaration. A medium statement should never be - included in an alias declaration. - OOTTHHEERR DDEECCLLAARRAATTIIOONNSS rreejjeecctt _i_p_-_a_d_d_r_e_s_s;; @@ -520,20 +516,20 @@ SSAAMMPPLLEE 192.5.5.213, and has one interface, ep0 (a 3com 3C589C). Booting intervals have been shortened somewhat from the default, because the client is known to spend most of its + time on networks with little DHCP activity. The laptop + does roam to multiple networks. - 8 + 8 -dhclient.conf(5) dhclient.conf(5) - time on networks with little DHCP activity. The laptop - does roam to multiple networks. +dhclient.conf(5) dhclient.conf(5) timeout 60; @@ -589,6 +585,10 @@ AAUUTTHHOORR + + + + 9 diff --git a/client/scripts/solaris b/client/scripts/solaris index 0f5a253a9..52a1885c7 100755 --- a/client/scripts/solaris +++ b/client/scripts/solaris @@ -16,31 +16,32 @@ if [ x$alias_subnet_mask != x ]; then alias_subnet_arg="netmask $alias_subnet_mask" fi -# For Solaris, ifconfig lives in /sbin -OS=`uname -r` -if [ $OS = "5.5.1" ]; then - PATH=/sbin:$PATH -fi +ifconfig=/sbin/ifconfig + +release=`uname -r` +release=`expr $release : '\(.*\)\..*'` +relmajor=`echo $release |sed -e 's/^\([^\.]*\)\..*$/\1/'` +relminor=`echo $release |sed -e 's/^.*\.\([^\.]*\)$/\1/'` if [ x$reason = xMEDIUM ]; then - ifconfig $interface $medium - ifconfig $interface inet -alias 0.0.0.0 $medium >/dev/null 2>&1 - ifconfig $interface + $ifconfig $interface $medium + $ifconfig $interface sleep 1 exit 0 fi if [ x$reason = xPREINIT ]; then if [ x$alias_ip_address != x ]; then - ifconfig $interface inet -alias $alias_ip_address > /dev/null 2>&1 + $ifconfig ${interface}:1 0 down > /dev/null 2>&1 route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 fi - if [ $OS = "5.5.1" ]; then + if [ $relmajor -gt 5 ] || ( [ $relmajor -eq 5 ] && [ $relminor -ge 5 ] ) + then # Turn the interface on - ifconfig $interface plumb - ifconfig $interface inet 10.0.0.1 up + $ifconfig $interface plumb + $ifconfig $interface up else - ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \ + $ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \ broadcast 255.255.255.255 up fi exit 0 @@ -54,11 +55,11 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ [ x$alias_ip_address != x$old_ip_address ]; then - ifconfig $interface inet -alias $alias_ip_address > /dev/null 2>&1 + $ifconfig ${interface}:1 inet 0 down > /dev/null 2>&1 route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 fi if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then - ifconfig $interface inet -alias $old_ip_address $medium + $ifconfig ${interface} inet 0 down route delete $old_ip_address 127.1 >/dev/null 2>&1 for router in $old_routers; do route delete default $router >/dev/null 2>&1 @@ -67,7 +68,7 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ fi if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then - ifconfig $interface inet $new_ip_address $new_netmask_arg \ + $ifconfig $interface inet $new_ip_address $new_netmask_arg \ $new_broadcast_arg $medium route add $new_ip_address 127.1 1 >/dev/null 2>&1 for router in $new_routers; do @@ -76,8 +77,8 @@ if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ fi if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; then - ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 1 > /dev/null 2>&1 + $ifconfig ${interface}:1 inet $alias_ip_address $alias_subnet_arg + route add $alias_ip_address 127.0.0.1 1 fi echo search $new_domain_name >/etc/resolv.conf for nameserver in $new_domain_name_servers; do @@ -88,39 +89,39 @@ fi if [ x$reason = xEXPIRE ] || [ x$reason = xFAIL ]; then if [ x$alias_ip_address != x ]; then - ifconfig $interface inet -alias $alias_ip_address > /dev/null 2>&1 + $ifconfig ${interface}:1 0 down > /dev/null 2>&1 route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 fi if [ x$old_ip_address != x ]; then - ifconfig $interface inet -alias $old_ip_address $medium + $ifconfig $interface inet 0 down route delete $old_ip_address 127.1 >/dev/null 2>&1 for router in $old_routers; do route delete default $router >/dev/null 2>&1 done - arp -n -a | sed -n -e 's/^.*(\(.*\)) at .*$/arp -n -d \1/p'i \ + arp -n -a | sed -n -e 's/^.*(\(.*\)) at .*$/arp -n -d \1/p' \ |sh >/dev/null 2>&1 fi if [ x$alias_ip_address != x ]; then - ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 1 >/dev/null 2>&1 + $ifconfig ${interface}:1 inet $alias_ip_address $alias_subnet_arg + route add $alias_ip_address 127.0.0.1 1 fi exit 0 fi if [ x$reason = xTIMEOUT ]; then if [ x$alias_ip_address != x ]; then - ifconfig $interface inet -alias $alias_ip_address > /dev/null 2>&1 + $ifconfig ${interface}:1 0 down > /dev/null 2>&1 route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 fi - ifconfig $interface inet $new_ip_address $new_netmask_arg \ + $ifconfig $interface inet $new_ip_address $new_netmask_arg \ $new_broadcast_arg $medium sleep 1 set $new_routers - if ping -c 1 -w 1 $1; then + if ping -s -n -I 1 $1 64 1; then if [ x$new_ip_address != x$alias_ip_address ] && \ [ x$alias_ip_address != x ]; then - ifconfig $interface inet alias $alias_ip_address $alias_subnet_arg - route add $alias_ip_address 127.0.0.1 1 > /dev/null 2>&1 + $ifconfig ${interface}:1 inet $alias_ip_address $alias_subnet_arg + route add $alias_ip_address 127.0.0.1 1 fi route add $new_ip_address 127.1 1 >/dev/null 2>&1 for router in $new_routers; do @@ -136,7 +137,7 @@ if [ x$reason = xTIMEOUT ]; then fi exit 0 fi - ifconfig $interface inet -alias $new_ip_address $medium + $ifconfig $interface inet 0 down for router in $old_routers; do route delete default $router >/dev/null 2>&1 done diff --git a/common/Makefile.dist b/common/Makefile.dist index ceac3814c..6a1d64069 100644 --- a/common/Makefile.dist +++ b/common/Makefile.dist @@ -34,11 +34,11 @@ CATMANPAGES = dhcp-options.cat5 SRC = raw.c parse.c nit.c icmp.c dispatch.c conflex.c upf.c bpf.c socket.c \ lpf.c dlpi.c packet.c memory.c print.c options.c inet.c convert.c \ tree.c tables.c hash.c alloc.c errwarn.c inet_addr.c dns.c \ - resolv.c sysconf.c interact.c execute.c discover.c + resolv.c sysconf.c interact.c execute.c discover.c auth.c OBJ = raw.o parse.o nit.o icmp.o dispatch.o conflex.o upf.o bpf.o socket.o \ lpf.o dlpi.o packet.o memory.o print.o options.o inet.o convert.o \ tree.o tables.o hash.o alloc.o errwarn.o inet_addr.o dns.o \ - resolv.o sysconf.o interact.o execute.o discover.o + resolv.o sysconf.o interact.o execute.o discover.o auth.o MAN = dhcp-options.5 DEBUG = -g @@ -52,25 +52,19 @@ libdhcp.a: $(OBJ) ar cruv libdhcp.a $(OBJ) ranlib libdhcp.a -install: $(CATMANPAGES) - @for dir in $(FFMANDIR); do \ - case $$dir in \ - /*) base=/ ;; \ - *) base="" ;; \ - esac; \ - slash=""; \ - for elt in `echo $$dir |sed -e 's/\// /g'`; do \ - if [ ! -d $$base/$$elt ]; then \ - echo Making $$base/$$elt; \ - mkdir $$base/$$elt; \ - chmod 755 $$base/$$elt; \ +install: all + for dir in $(FFMANDIR); do \ + foo=""; \ + for bar in `echo $(DESTDIR)$${dir} |tr / ' '`; do \ + foo=$${foo}/$$bar; \ + if [ ! -d $$foo ]; then \ + mkdir $$foo; \ + chmod 755 $$foo; \ fi; \ - base=$$base$$slash$$elt; \ - slash=/; \ done; \ done $(MANINSTALL) $(MANFROM) dhcp-options.cat5 $(MANTO) \ - $(FFMANDIR)/dhcp-options$(FFMANEXT) + $(DESTDIR)$(FFMANDIR)/dhcp-options$(FFMANEXT) depend: makedepend $(INCLUDES) $(PREDEFINES) $(SRCS) diff --git a/common/alloc.c b/common/alloc.c index 611853f6f..0ba79d827 100644 --- a/common/alloc.c +++ b/common/alloc.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: alloc.c,v 1.23 1999/02/24 17:56:43 mellon Exp $ Copyright (c) 1995, 1996, 1998 The Internet Software Consortium. All rights reserved.\n"; +"$Id: alloc.c,v 1.24 1999/02/25 23:30:33 mellon Exp $ Copyright (c) 1995, 1996, 1998 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -344,6 +344,27 @@ void free_failover_peer (peer, name) } #endif /* defined (FAILOVER_PROTOCOL) */ +struct auth_key *new_auth_key (len, name) + int len; + char *name; +{ + struct auth_key *peer; + int size = len - 1 + sizeof (struct auth_key); + + peer = (struct auth_key *)dmalloc (size, name); + if (!peer) + return peer; + memset (peer, 0, size); + return peer; +} + +void free_auth_key (peer, name) + struct auth_key *peer; + char *name; +{ + dfree (peer, name); +} + struct permit *new_permit (name) char *name; { diff --git a/common/auth.c b/common/auth.c new file mode 100644 index 000000000..27ac2f92d --- /dev/null +++ b/common/auth.c @@ -0,0 +1,122 @@ +/* auth.c + + Subroutines having to do with authentication. */ + +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 + * The Internet Software Consortium. All rights reserved. + * + * Redistribution and use of this source file, source files derived in whole + * or in part from this source file, and binary files derived in whole or in + * part from this source file, with or without modification, are permitted + * provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * This copyright notice must appear directly below any initial commentary + * describing the file, and may not be preceded by any other copyright + * notice. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of The Internet Software Consortium (hereafter + * referred to as "the ISC") nor the names of its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + * 4. This software is a part of the ISC DHCP Distribution. Redistributions + * of this source file or binary files derived from this source file + * MUST include all documentation accompanying the ISC release from + * which such redistributions are derived of this source file, specifically + * the following files (listed relative to the top of the ISC DHCP + * distribution directory tree): + * + * README + * common/dhcp-contrib.5 + * common/dhcp-options.5 + * server/dhcpd.8 + * server/dhcpd.conf.5 + * server/dhcpd.leases.5 + * client/dhclient.8 + * client/dhclient.conf.5 + * client/dhclient-script.8 + * client/dhclient.leases.5 + * relay/dhcrelay.8 + * + * Absence of these files from a distribution you receive does not excuse + * you from this requirement - if the distribution you receive does not + * contain these files, you must get them from the ISC and include them + * in any redistribution of this source file or any derivative work based + * wholly or in part on this source file. It is permissible in a binary + * redistribution derived from this source file to include formatted + * versions of the manual pages mentioned above, and also to add to or + * correct the manual pages and README file mentioned above so long as the + * sections labeled CONTRIBUTIONS in these documents are unchanged except + * with respect to formatting, so long as the order in which the + * CONTRIBUTIONS section appears in these documents is not changed, and + * so long as the dhcp-contrib.5 manual page is unchanged except with + * respect to formatting. It is also permissible to redistribute this + * source file, source files derived wholly or in part from this source + * file, and binaries derived wholly or in part from this source file + * accompanied by the aforementioned manual pages translated into another + * language. In this case, the CONTRIBUTIONS section and the + * dhcp-contrib.5 section may either be left in their original language + * or translated into the new language with such care and diligence as + * is required to preserve the original meaning. + * 5. If, in addition to the documentation mentioned in section 4, this + * source file, a source file derived wholly or in part from this source + * file, or a binary file derived wholly or in part from this source file + * is redistributed with additional printed or electronic documentation, + * then that documentation must refer to the dhcp-contrib.5 manual page + * in as conspicuous a way as the aforementioned documentation refers to + * it, and the dhcp-contrib.5 manual page must be converted into the same + * format and be made easily accessible to any recipient of such + * redistributions. + * + * THIS SOFTWARE IS PROVIDED BY THE ISC AND CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE ISC OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY + * WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * This software has been written for the ISC by Ted Lemon + * in cooperation with Vixie Enterprises and Internet Engines, Inc. To + * learn more about the ISC, see ``http://www.vix.com/isc''. Development + * of this software is funded through contributions and support contracts. + * Please see the dhcp-contrib manual page that accompanies this file for + * information on how you can contribute. + */ + +#ifndef lint +static char ocopyright[] = +"$Id: auth.c,v 1.1 1999/02/25 23:30:33 mellon Exp $ Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium."; +#endif + +#include "dhcpd.h" + +static struct hash_table *auth_key_hash; + +void enter_auth_key (key_id, key) + struct data_string *key_id; + struct auth_key *key; +{ + if (!auth_key_hash) + auth_key_hash = new_hash (); + if (!auth_key_hash) + log_fatal ("Can't allocate authentication key hash."); + add_hash (auth_key_hash, key_id -> data, key_id -> len, + (unsigned char *)key); +} + +struct auth_key *auth_key_lookup (key_id) + struct data_string *key_id; +{ + return (struct auth_key *)hash_lookup (auth_key_hash, + key_id -> data, key_id -> len); +} + diff --git a/common/bpf.c b/common/bpf.c index 31a0293c3..22f13f985 100644 --- a/common/bpf.c +++ b/common/bpf.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: bpf.c,v 1.21 1999/02/24 17:56:43 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; +"$Id: bpf.c,v 1.22 1999/02/25 23:30:33 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -141,13 +141,14 @@ void if_register_send (info) info -> wfdesc = info -> rfdesc; #endif if (!quiet_interface_discovery) - log_info ("Sending on BPF/%s/%s/%s", + log_info ("Sending on BPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_BPF_SEND */ @@ -249,13 +250,14 @@ void if_register_receive (info) if (ioctl (info -> rfdesc, BIOCSETF, &p) < 0) log_fatal ("Can't install packet filter program: %m"); if (!quiet_interface_discovery) - log_info ("Listening on BPF/%s/%s/%s", + log_info ("Listening on BPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_BPF_RECEIVE */ @@ -272,6 +274,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) int bufp = 0; unsigned char buf [256]; struct iovec iov [2]; + int result; if (!strcmp (interface -> name, "fallback")) return send_fallback (interface, packet, raw, @@ -289,7 +292,10 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) iov [1].iov_base = (char *)raw; iov [1].iov_len = len; - return writev(interface -> wfdesc, iov, 2); + result = writev(interface -> wfdesc, iov, 2); + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_BPF_SEND */ diff --git a/common/conflex.c b/common/conflex.c index 93ad2edf9..a3bc9842a 100644 --- a/common/conflex.c +++ b/common/conflex.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: conflex.c,v 1.37 1999/02/14 18:42:06 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: conflex.c,v 1.38 1999/02/25 23:30:33 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -370,6 +370,8 @@ static int intern (atom, dfv) return ADD; if (!strcasecmp (atom + 1, "uthenticated")) return AUTHENTICATED; + if (!strcasecmp (atom + 1, "uth-key")) + return AUTH_KEY; if (!strcasecmp (atom + 1, "ll")) return ALL; break; @@ -394,10 +396,14 @@ static int intern (atom, dfv) return CLASS; if (!strcasecmp (atom + 1, "iaddr")) return CIADDR; - if (!strcasecmp (atom + 1, "lient-identifier")) - return CLIENT_IDENTIFIER; - if (!strcasecmp (atom + 1, "lient-hostname")) - return CLIENT_HOSTNAME; + if (!strncasecmp (atom + 1, "lient", 5)) { + if (!strcasecmp (atom + 6, "-identifier")) + return CLIENT_IDENTIFIER; + if (!strcasecmp (atom + 6, "-hostname")) + return CLIENT_HOSTNAME; + if (!strcasecmp (atom + 6, "s")) + return CLIENTS; + } if (!strcasecmp (atom + 1, "ommunications-interrupted")) return COMMUNICATIONS_INTERRUPTED; break; diff --git a/common/dhcp-options.cat5 b/common/dhcp-options.cat5 index b941ad0dd..8d3833dbb 100644 --- a/common/dhcp-options.cat5 +++ b/common/dhcp-options.cat5 @@ -88,42 +88,42 @@ dhcpd-options(5) dhcpd-options(5) The standard options are: - ooppttiioonn ssuubbnneett--mmaasskk _i_p_-_a_d_d_r_e_s_s;; + ooppttiioonn ssuubbnneett--mmaasskk _i_p_-_a_d_d_r_e_s_s;; - The subnet mask option specifies the client's subnet mask - as per RFC 950. If no subnet mask option is provided any­ - where in scope, as a last resort dhcpd will use the subnet - mask from the subnet declaration for the network on which - an address is being assigned. However, _a_n_y subnet-mask - option declaration that is in scope for the address being - assigned will override the subnet mask specified in the - subnet declaration. + The subnet mask option specifies the client's subnet + mask as per RFC 950. If no subnet mask option is pro­ + vided anywhere in scope, as a last resort dhcpd will + use the subnet mask from the subnet declaration for the + network on which an address is being assigned. How­ + ever, _a_n_y subnet-mask option declaration that is in + scope for the address being assigned will override the + subnet mask specified in the subnet declaration. - ooppttiioonn ttiimmee--ooffffsseett _i_n_t_3_2;; + ooppttiioonn ttiimmee--ooffffsseett _i_n_t_3_2;; - The time-offset option specifies the offset of the - client's subnet in seconds from Coordinated Universal Time - (UTC). + The time-offset option specifies the offset of the + client's subnet in seconds from Coordinated Universal + Time (UTC). - ooppttiioonn rroouutteerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn rroouutteerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The routers option specifies a list of IP addresses for - routers on the client's subnet. Routers should be listed - in order of preference. + The routers option specifies a list of IP addresses for + routers on the client's subnet. Routers should be + listed in order of preference. - ooppttiioonn ttiimmee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s _[_, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn ttiimmee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [, _i_p_-_a_d_d_r_e_s_s... ];; - The time-server option specifies a list of RFC 868 time - servers available to the client. Servers should be listed - in order of preference. + The time-server option specifies a list of RFC 868 time + servers available to the client. Servers should be + listed in order of preference. - ooppttiioonn iieenn111166--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... - ]; + ooppttiioonn iieenn111166--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ]; - The ien116-name-servers option specifies a list of IEN 116 - name servers available to the client. Servers should be - listed in order of preference. + The ien116-name-servers option specifies a list of IEN + 116 name servers available to the client. Servers + should be listed in order of preference. + ooppttiioonn ddoommaaiinn--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; @@ -136,60 +136,60 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - ooppttiioonn ddoommaaiinn--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... - ];; - - The domain-name-servers option specifies a list of Domain - Name System (STD 13, RFC 1035) name servers available to - the client. Servers should be listed in order of prefer­ - ence. + The domain-name-servers option specifies a list of + Domain Name System (STD 13, RFC 1035) name servers + available to the client. Servers should be listed in + order of preference. - ooppttiioonn lloogg--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn lloogg--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The log-server option specifies a list of MIT-LCS UDP log - servers available to the client. Servers should be listed - in order of preference. + The log-server option specifies a list of MIT-LCS UDP + log servers available to the client. Servers should be + listed in order of preference. - ooppttiioonn ccooookkiiee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn ccooookkiiee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The cookie server option specifies a list of RFC 865 - cookie servers available to the client. Servers should be - listed in order of preference. + The cookie server option specifies a list of RFC 865 + cookie servers available to the client. Servers should + be listed in order of preference. - ooppttiioonn llpprr--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn llpprr--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The LPR server option specifies a list of RFC 1179 line - printer servers available to the client. Servers should - be listed in order of preference. + The LPR server option specifies a list of RFC 1179 line + printer servers available to the client. Servers + should be listed in order of preference. - ooppttiioonn iimmpprreessss--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn iimmpprreessss--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The impress-server option specifies a list of Imagen - Impress servers available to the client. Servers should - be listed in order of preference. + The impress-server option specifies a list of Imagen + Impress servers available to the client. Servers + should be listed in order of preference. - ooppttiioonn rreessoouurrccee--llooccaattiioonn--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s - ... ];; + ooppttiioonn rreessoouurrccee--llooccaattiioonn--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_- + _a_d_d_r_e_s_s... ];; - This option specifies a list of RFC 887 Resource Location - servers available to the client. Servers should be listed - in order of preference. + This option specifies a list of RFC 887 Resource Loca­ + tion servers available to the client. Servers should + be listed in order of preference. - ooppttiioonn hhoosstt--nnaammee _s_t_r_i_n_g;; + ooppttiioonn hhoosstt--nnaammee _s_t_r_i_n_g;; - This option specifies the name of the client. The name - may or may not be qualified with the local domain name (it - is preferable to use the domain-name option to specify the - domain name). See RFC 1035 for character set restric­ - tions. + This option specifies the name of the client. The name + may or may not be qualified with the local domain name + (it is preferable to use the domain-name option to + specify the domain name). See RFC 1035 for character + set restrictions. - ooppttiioonn bboooott--ssiizzee _u_i_n_t_1_6;; + ooppttiioonn bboooott--ssiizzee _u_i_n_t_1_6;; - This option specifies the length in 512-octet blocks of - the default boot image for the client. + This option specifies the length in 512-octet blocks of + the default boot image for the client. - ooppttiioonn mmeerriitt--dduummpp _s_t_r_i_n_g;; + ooppttiioonn mmeerriitt--dduummpp _s_t_r_i_n_g;; + This option specifies the path-name of a file to which + the client's core image should be dumped in the event + the client crashes. The path is formatted as a @@ -202,60 +202,60 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - This option specifies the path-name of a file to which the - client's core image should be dumped in the event the - client crashes. The path is formatted as a character - string consisting of characters from the NVT ASCII charac­ - ter set. + character string consisting of characters from the NVT + ASCII character set. - ooppttiioonn ddoommaaiinn--nnaammee _s_t_r_i_n_g;; + ooppttiioonn ddoommaaiinn--nnaammee _s_t_r_i_n_g;; - This option specifies the domain name that client should - use when resolving hostnames via the Domain Name System. + This option specifies the domain name that client + should use when resolving hostnames via the Domain Name + System. - ooppttiioonn sswwaapp--sseerrvveerr _i_p_-_a_d_d_r_e_s_s;; + ooppttiioonn sswwaapp--sseerrvveerr _i_p_-_a_d_d_r_e_s_s;; - This specifies the IP address of the client's swap server. + This specifies the IP address of the client's swap + server. - ooppttiioonn rroooott--ppaatthh _s_t_r_i_n_g;; + ooppttiioonn rroooott--ppaatthh _s_t_r_i_n_g;; - This option specifies the path-name that contains the - client's root disk. The path is formatted as a character - string consisting of characters from the NVT ASCII charac­ - ter set. + This option specifies the path-name that contains the + client's root disk. The path is formatted as a charac­ + ter string consisting of characters from the NVT ASCII + character set. - ooppttiioonn iipp--ffoorrwwaarrddiinngg _f_l_a_g;; + ooppttiioonn iipp--ffoorrwwaarrddiinngg _f_l_a_g;; - This option specifies whether the client should configure - its IP layer for packet forwarding. A value of 0 means - disable IP forwarding, and a value of 1 means enable IP - forwarding. + This option specifies whether the client should config­ + ure its IP layer for packet forwarding. A value of 0 + means disable IP forwarding, and a value of 1 means + enable IP forwarding. - ooppttiioonn nnoonn--llooccaall--ssoouurrccee--rroouuttiinngg _f_l_a_g;; + ooppttiioonn nnoonn--llooccaall--ssoouurrccee--rroouuttiinngg _f_l_a_g;; - This option specifies whether the client should configure - its IP layer to allow forwarding of datagrams with non- - local source routes (see Section 3.3.5 of [4] for a dis­ - cussion of this topic). A value of 0 means disallow for­ - warding of such datagrams, and a value of 1 means allow - forwarding. + This option specifies whether the client should config­ + ure its IP layer to allow forwarding of datagrams with + non-local source routes (see Section 3.3.5 of [4] for a + discussion of this topic). A value of 0 means disallow + forwarding of such datagrams, and a value of 1 means + allow forwarding. - ooppttiioonn ppoolliiccyy--ffiilltteerr _i_p_-_a_d_d_r_e_s_s _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s - _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn ppoolliiccyy--ffiilltteerr _i_p_-_a_d_d_r_e_s_s _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s + _i_p_-_a_d_d_r_e_s_s... ];; - This option specifies policy filters for non-local source - routing. The filters consist of a list of IP addresses - and masks which specify destination/mask pairs with which - to filter incoming source routes. + This option specifies policy filters for non-local + source routing. The filters consist of a list of IP + addresses and masks which specify destination/mask + pairs with which to filter incoming source routes. - Any source routed datagram whose next-hop address does not - match one of the filters should be discarded by the - client. + Any source routed datagram whose next-hop address does + not match one of the filters should be discarded by the + client. - See STD 3 (RFC1122) for further information. + See STD 3 (RFC1122) for further information. - ooppttiioonn mmaaxx--ddggrraamm--rreeaasssseemmbbllyy _u_i_n_t_1_6;; + ooppttiioonn mmaaxx--ddggrraamm--rreeaasssseemmbbllyy _u_i_n_t_1_6;; + This option specifies the maximum size datagram that @@ -268,60 +268,60 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - This option specifies the maximum size datagram that the - client should be prepared to reassemble. The minimum - value legal value is 576. - - ooppttiioonn ddeeffaauulltt--iipp--ttttll _u_i_n_t_8_; + the client should be prepared to reassemble. The mini­ + mum value legal value is 576. - This option specifies the default time-to-live that the - client should use on outgoing datagrams. + ooppttiioonn ddeeffaauulltt--iipp--ttttll _u_i_n_t_8_; - ooppttiioonn ppaatthh--mmttuu--aaggiinngg--ttiimmeeoouutt _u_i_n_t_3_2;; + This option specifies the default time-to-live that the + client should use on outgoing datagrams. - This option specifies the timeout (in seconds) to use when - aging Path MTU values discovered by the mechanism defined - in RFC 1191. + ooppttiioonn ppaatthh--mmttuu--aaggiinngg--ttiimmeeoouutt _u_i_n_t_3_2;; - ooppttiioonn ppaatthh--mmttuu--ppllaatteeaauu--ttaabbllee _u_i_n_t_1_6 [,, _u_i_n_t_1_6 ... ];; + This option specifies the timeout (in seconds) to use + when aging Path MTU values discovered by the mechanism + defined in RFC 1191. - This option specifies a table of MTU sizes to use when - performing Path MTU Discovery as defined in RFC 1191. The - table is formatted as a list of 16-bit unsigned integers, - ordered from smallest to largest. The minimum MTU value - cannot be smaller than 68. + ooppttiioonn ppaatthh--mmttuu--ppllaatteeaauu--ttaabbllee _u_i_n_t_1_6 [,, _u_i_n_t_1_6... ];; - ooppttiioonn iinntteerrffaaccee--mmttuu _u_i_n_t_1_6;; + This option specifies a table of MTU sizes to use when + performing Path MTU Discovery as defined in RFC 1191. + The table is formatted as a list of 16-bit unsigned + integers, ordered from smallest to largest. The mini­ + mum MTU value cannot be smaller than 68. - This option specifies the MTU to use on this interface. - The minimum legal value for the MTU is 68. + ooppttiioonn iinntteerrffaaccee--mmttuu _u_i_n_t_1_6;; - ooppttiioonn aallll--ssuubbnneettss--llooccaall _f_l_a_g;; + This option specifies the MTU to use on this interface. + The minimum legal value for the MTU is 68. - This option specifies whether or not the client may assume - that all subnets of the IP network to which the client is - connected use the same MTU as the subnet of that network - to which the client is directly connected. A value of 1 - indicates that all subnets share the same MTU. A value of - 0 means that the client should assume that some subnets of - the directly connected network may have smaller MTUs. + ooppttiioonn aallll--ssuubbnneettss--llooccaall _f_l_a_g;; - ooppttiioonn bbrrooaaddccaasstt--aaddddrreessss _i_p_-_a_d_d_r_e_s_s;; + This option specifies whether or not the client may + assume that all subnets of the IP network to which the + client is connected use the same MTU as the subnet of + that network to which the client is directly connected. + A value of 1 indicates that all subnets share the same + MTU. A value of 0 means that the client should assume + that some subnets of the directly connected network may + have smaller MTUs. - This option specifies the broadcast address in use on the - client's subnet. Legal values for broadcast addresses are - specified in section 3.2.1.3 of STD 3 (RFC1122). + ooppttiioonn bbrrooaaddccaasstt--aaddddrreessss _i_p_-_a_d_d_r_e_s_s;; - ooppttiioonn ppeerrffoorrmm--mmaasskk--ddiissccoovveerryy _f_l_a_g;; + This option specifies the broadcast address in use on + the client's subnet. Legal values for broadcast + addresses are specified in section 3.2.1.3 of STD 3 + (RFC1122). - This option specifies whether or not the client should - perform subnet mask discovery using ICMP. A value of 0 - indicates that the client should not perform mask discov­ - ery. A value of 1 means that the client should perform - mask discovery. + ooppttiioonn ppeerrffoorrmm--mmaasskk--ddiissccoovveerryy _f_l_a_g;; - ooppttiioonn mmaasskk--ssuupppplliieerr _f_l_a_g;; + This option specifies whether or not the client should + perform subnet mask discovery using ICMP. A value of 0 + indicates that the client should not perform mask dis­ + covery. A value of 1 means that the client should per­ + form mask discovery. + ooppttiioonn mmaasskk--ssuupppplliieerr _f_l_a_g;; @@ -334,60 +334,60 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - This option specifies whether or not the client should - respond to subnet mask requests using ICMP. A value of 0 - indicates that the client should not respond. A value of - 1 means that the client should respond. + This option specifies whether or not the client should + respond to subnet mask requests using ICMP. A value of + 0 indicates that the client should not respond. A + value of 1 means that the client should respond. - ooppttiioonn rroouutteerr--ddiissccoovveerryy _f_l_a_g;; + ooppttiioonn rroouutteerr--ddiissccoovveerryy _f_l_a_g;; - This option specifies whether or not the client should - solicit routers using the Router Discovery mechanism - defined in RFC 1256. A value of 0 indicates that the - client should not perform router discovery. A value of 1 - means that the client should perform router discovery. + This option specifies whether or not the client should + solicit routers using the Router Discovery mechanism + defined in RFC 1256. A value of 0 indicates that the + client should not perform router discovery. A value of + 1 means that the client should perform router discov­ + ery. - ooppttiioonn rroouutteerr--ssoolliicciittaattiioonn--aaddddrreessss _i_p_-_a_d_d_r_e_s_s;; + ooppttiioonn rroouutteerr--ssoolliicciittaattiioonn--aaddddrreessss _i_p_-_a_d_d_r_e_s_s;; - This option specifies the address to which the client - should transmit router solicitation requests. + This option specifies the address to which the client + should transmit router solicitation requests. - ooppttiioonn ssttaattiicc--rroouutteess _i_p_-_a_d_d_r_e_s_s _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s - _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn ssttaattiicc--rroouutteess _i_p_-_a_d_d_r_e_s_s _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s + _i_p_-_a_d_d_r_e_s_s... ];; - This option specifies a list of static routes that the - client should install in its routing cache. If multiple - routes to the same destination are specified, they are - listed in descending order of priority. + This option specifies a list of static routes that the + client should install in its routing cache. If multi­ + ple routes to the same destination are specified, they + are listed in descending order of priority. - The routes consist of a list of IP address pairs. The - first address is the destination address, and the second - address is the router for the destination. + The routes consist of a list of IP address pairs. The + first address is the destination address, and the sec­ + ond address is the router for the destination. - The default route (0.0.0.0) is an illegal destination for - a static route. To specify the default route, use the - rroouutteerrss option. + The default route (0.0.0.0) is an illegal destination + for a static route. To specify the default route, use + the rroouutteerrss option. - ooppttiioonn ttrraaiilleerr--eennccaappssuullaattiioonn _f_l_a_g;; + ooppttiioonn ttrraaiilleerr--eennccaappssuullaattiioonn _f_l_a_g;; - This option specifies whether or not the client should - negotiate the use of trailers (RFC 893 [14]) when using - the ARP protocol. A value of 0 indicates that the client - should not attempt to use trailers. A value of 1 means - that the client should attempt to use trailers. + This option specifies whether or not the client should + negotiate the use of trailers (RFC 893 [14]) when using + the ARP protocol. A value of 0 indicates that the + client should not attempt to use trailers. A value of + 1 means that the client should attempt to use trailers. - ooppttiioonn aarrpp--ccaacchhee--ttiimmeeoouutt _u_i_n_t_3_2;; + ooppttiioonn aarrpp--ccaacchhee--ttiimmeeoouutt _u_i_n_t_3_2;; - This option specifies the timeout in seconds for ARP cache - entries. + This option specifies the timeout in seconds for ARP + cache entries. - ooppttiioonn iieeeeee880022--33--eennccaappssuullaattiioonn _f_l_a_g;; + ooppttiioonn iieeeeee880022--33--eennccaappssuullaattiioonn _f_l_a_g;; - This option specifies whether or not the client should use - Ethernet Version 2 (RFC 894) or IEEE 802.3 (RFC 1042) - encapsulation if the interface is an Ethernet. A value of - 0 indicates that the client should use RFC 894 encapsula­ - tion. A value of 1 means that the client should use RFC + This option specifies whether or not the client should + use Ethernet Version 2 (RFC 894) or IEEE 802.3 (RFC + 1042) encapsulation if the interface is an Ethernet. A + value of 0 indicates that the client should use RFC 894 @@ -400,60 +400,60 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - 1042 encapsulation. + encapsulation. A value of 1 means that the client + should use RFC 1042 encapsulation. - ooppttiioonn ddeeffaauulltt--ttccpp--ttttll _u_i_n_t_8;; + ooppttiioonn ddeeffaauulltt--ttccpp--ttttll _u_i_n_t_8;; - This option specifies the default TTL that the client - should use when sending TCP segments. The minimum value - is 1. + This option specifies the default TTL that the client + should use when sending TCP segments. The minimum + value is 1. - ooppttiioonn ttccpp--kkeeeeppaalliivvee--iinntteerrvvaall _u_i_n_t_3_2;; + ooppttiioonn ttccpp--kkeeeeppaalliivvee--iinntteerrvvaall _u_i_n_t_3_2;; - This option specifies the interval (in seconds) that the - client TCP should wait before sending a keepalive message - on a TCP connection. The time is specified as a 32-bit - unsigned integer. A value of zero indicates that the - client should not generate keepalive messages on connec­ - tions unless specifically requested by an application. + This option specifies the interval (in seconds) that + the client TCP should wait before sending a keepalive + message on a TCP connection. The time is specified as + a 32-bit unsigned integer. A value of zero indicates + that the client should not generate keepalive messages + on connections unless specifically requested by an + application. - ooppttiioonn ttccpp--kkeeeeppaalliivvee--ggaarrbbaaggee _f_l_a_g;; + ooppttiioonn ttccpp--kkeeeeppaalliivvee--ggaarrbbaaggee _f_l_a_g;; - This option specifies the whether or not the client should - send TCP keepalive messages with a octet of garbage for - compatibility with older implementations. A value of 0 - indicates that a garbage octet should not be sent. A value - of 1 indicates that a garbage octet should be sent. + This option specifies the whether or not the client + should send TCP keepalive messages with a octet of + garbage for compatibility with older implementations. + A value of 0 indicates that a garbage octet should not + be sent. A value of 1 indicates that a garbage octet + should be sent. - ooppttiioonn nniiss--ddoommaaiinn _s_t_r_i_n_g;; + ooppttiioonn nniiss--ddoommaaiinn _s_t_r_i_n_g;; - This option specifies the name of the client's NIS (Sun - Network Information Services) domain. The domain is for­ - matted as a character string consisting of characters from - the NVT ASCII character set. + This option specifies the name of the client's NIS (Sun + Network Information Services) domain. The domain is + formatted as a character string consisting of charac­ + ters from the NVT ASCII character set. - ooppttiioonn nniiss--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn nniiss--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - This option specifies a list of IP addresses indicating - NIS servers available to the client. Servers should be - listed in order of preference. + This option specifies a list of IP addresses indicating + NIS servers available to the client. Servers should be + listed in order of preference. - ooppttiioonn nnttpp--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn nnttpp--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - This option specifies a list of IP addresses indicating - NTP (RFC 1035) servers available to the client. Servers - should be listed in order of preference. + This option specifies a list of IP addresses indicating + NTP (RFC 1035) servers available to the client. + Servers should be listed in order of preference. - ooppttiioonn nneettbbiiooss--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... + ooppttiioonn nneettbbiiooss--nnaammee--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The NetBIOS name server (NBNS) option specifies a list of - RFC 1001/1002 NBNS name servers listed in order of prefer­ - ence. - - ooppttiioonn nneettbbiiooss--dddd--sseerrvveerr _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; - - The NetBIOS datagram distribution server (NBDD) option + The NetBIOS name server (NBNS) option specifies a list + of RFC 1001/1002 NBNS name servers listed in order of + preference. NetBIOS Name Service is currently more + commonly referred to as WINS. WINS servers can be @@ -466,54 +466,81 @@ dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) dhcpd-options(5) - specifies a list of RFC 1001/1002 NBDD servers listed in - order of preference. + specified using the netbios-name-servers option. + + ooppttiioonn nneettbbiiooss--dddd--sseerrvveerr _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; + + The NetBIOS datagram distribution server (NBDD) option + specifies a list of RFC 1001/1002 NBDD servers listed + in order of preference. + + ooppttiioonn nneettbbiiooss--nnooddee--ttyyppee _u_i_n_t_8;; + + The NetBIOS node type option allows NetBIOS over TCP/IP + clients which are configurable to be configured as + described in RFC 1001/1002. The value is specified as + a single octet which identifies the client type. + + Possible node types are: + + + _1 B-node: Broadcast - no WINS + + _2 P-node: Peer - WINS only. + + _4 M-node: Mixed - broadcast, then WINS + + _8 H-node: Hybrid - WINS, then broadcast + + ooppttiioonn nneettbbiiooss--ssccooppee _s_t_r_i_n_g;; + + The NetBIOS scope option specifies the NetBIOS over + TCP/IP scope parameter for the client as specified in + RFC 1001/1002. See RFC1001, RFC1002, and RFC1035 for + character-set restrictions. - ooppttiioonn nneettbbiiooss--nnooddee--ttyyppee _u_i_n_t_8;; + ooppttiioonn ffoonntt--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The NetBIOS node type option allows NetBIOS over TCP/IP - clients which are configurable to be configured as - described in RFC 1001/1002. The value is specified as a - single octet which identifies the client type. A value of - 1 corresponds to a NetBIOS B-node; a value of 2 corre­ - sponds to a P-node; a value of 4 corresponds to an M-node; - a value of 8 corresponds to an H-node. + This option specifies a list of X Window System Font + servers available to the client. Servers should be + listed in order of preference. - ooppttiioonn nneettbbiiooss--ssccooppee _s_t_r_i_n_g;; + ooppttiioonn xx--ddiissppllaayy--mmaannaaggeerr _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s... ];; - The NetBIOS scope option specifies the NetBIOS over TCP/IP - scope parameter for the client as specified in RFC - 1001/1002. See RFC1001, RFC1002, and RFC1035 for charac­ - ter-set restrictions. + This option specifies a list of systems that are run­ + ning the X Window System Display Manager and are avail­ + able to the client. Addresses should be listed in + order of preference. - ooppttiioonn ffoonntt--sseerrvveerrss _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; + ooppttiioonn ddhhccpp--cclliieenntt--iiddeennttiiffiieerr _d_a_t_a_-_s_t_r_i_n_g;; - This option specifies a list of X Window System Font - servers available to the client. Servers should be listed - in order of preference. + This option can be used to specify the a DHCP client + identifier in a host declaration, so that dhcpd can + find the host record by matching against the client + identifier. - ooppttiioonn xx--ddiissppllaayy--mmaannaaggeerr _i_p_-_a_d_d_r_e_s_s [,, _i_p_-_a_d_d_r_e_s_s ... ];; - This option specifies a list of systems that are running - the X Window System Display Manager and are available to - the client. Addresses should be listed in order of pref­ - erence. - ooppttiioonn ddhhccpp--cclliieenntt--iiddeennttiiffiieerr _d_a_t_a_-_s_t_r_i_n_g;; - This option can be used to specify the a DHCP client iden­ - tifier in a host declaration, so that dhcpd can find the - host record by matching against the client identifier. + + 8 + + + + + +dhcpd-options(5) dhcpd-options(5) + SSEEEE AALLSSOO - dhcpd.conf(5), dhcpd.leases(5), dhclient.conf(5), + dhcpd.conf(5), dhcpd.leases(5), dhclient.conf(5), dhcpd(8), dhclient(8), RFC2132, RFC2131. AAUUTTHHOORR ddhhccppdd((88)) was written by Ted Lemon under a - contract with Vixie Labs. Funding for this project was - provided by the Internet Software Corporation. Informa­ - tion about the Internet Software Consortium can be found + contract with Vixie Labs. Funding for this project was + provided by the Internet Software Corporation. Informa­ + tion about the Internet Software Consortium can be found at hhttttpp::////wwwwww..iisscc..oorrgg//iisscc.. @@ -523,6 +550,45 @@ AAUUTTHHOORR - 8 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 9 diff --git a/common/discover.c b/common/discover.c index fb0888c73..8f5130d72 100644 --- a/common/discover.c +++ b/common/discover.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: discover.c,v 1.4 1999/02/24 17:56:44 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: discover.c,v 1.5 1999/02/25 23:30:34 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -142,7 +142,7 @@ void discover_interfaces (state) except don't skip down interfaces if we're trying to get a list of configurable interfaces. */ if ((((ifr.ifr_flags & IFF_LOOPBACK) || -#ifdef IFF_POINTOPOINT +#ifdef HAVE_IFF_POINTOPOINT (ifr.ifr_flags & IFF_POINTOPOINT)) && !tmp) || #endif @@ -170,7 +170,7 @@ void discover_interfaces (state) /* If we have the capability, extract link information and record it in a linked list. */ -#ifdef AF_LINK +#ifdef HAVE_AF_LINK if (ifp -> ifr_addr.sa_family == AF_LINK) { struct sockaddr_dl *foo = ((struct sockaddr_dl *) (&ifp -> ifr_addr)); @@ -334,7 +334,7 @@ void discover_interfaces (state) /* Now cycle through all the interfaces we found, looking for hardware addresses. */ -#if defined (SIOCGIFHWADDR) && !defined (AF_LINK) +#if defined (HAVE_SIOCGIFHWADDR) && !defined (HAVE_AF_LINK) for (tmp = interfaces; tmp; tmp = tmp -> next) { struct ifreq ifr; struct sockaddr sa; @@ -358,7 +358,11 @@ void discover_interfaces (state) sa = *(struct sockaddr *)&ifr.ifr_hwaddr; switch (sa.sa_family) { -#ifdef ARPHRD_LOOPBACK +#ifdef HAVE_ARPHRD_TUNNEL + case ARPHRD_TUNNEL: + /* ignore tunnel interfaces. */ +#endif +#ifdef HAVE_ARPHRD_LOOPBACK case ARPHRD_LOOPBACK: /* ignore loopback interface */ break; @@ -388,7 +392,7 @@ void discover_interfaces (state) memcpy (tmp -> hw_address.haddr, sa.sa_data, 16); break; -#ifdef ARPHRD_METRICOM +#ifdef HAVE_ARPHRD_METRICOM case ARPHRD_METRICOM: tmp -> hw_address.hlen = 6; tmp -> hw_address.htype = ARPHRD_METRICOM; @@ -401,7 +405,7 @@ void discover_interfaces (state) ifr.ifr_name, sa.sa_family); } } -#endif /* defined (SIOCGIFHWADDR) && !defined (AF_LINK) */ +#endif /* defined (HAVE_SIOCGIFHWADDR) && !defined (HAVE_AF_LINK) */ /* If we're just trying to get a list of interfaces that we might be able to configure, we can quit now. */ @@ -436,9 +440,14 @@ void discover_interfaces (state) sizeof tmp -> ifp -> ifr_addr); /* We must have a subnet declaration for each interface. */ - if (!tmp -> shared_network && (state == DISCOVER_SERVER)) - log_fatal ("No subnet declaration for %s (%s).", - tmp -> name, inet_ntoa (foo.sin_addr)); + if (!tmp -> shared_network && (state == DISCOVER_SERVER)) { + log_error ("No subnet declaration for %s (%s).", + tmp -> name, inet_ntoa (foo.sin_addr)); + log_error ("Please write a subnet declaration for %s", + "the network segment to"); + log_fatal ("which interface %s is attached.", + tmp -> name); + } /* Find subnets that don't have valid interface addresses... */ diff --git a/common/dlpi.c b/common/dlpi.c index c8fd91c26..6ce626df7 100644 --- a/common/dlpi.c +++ b/common/dlpi.c @@ -122,7 +122,7 @@ #ifndef lint static char copyright[] = -"$Id: dlpi.c,v 1.4 1999/02/24 17:56:44 mellon Exp $ Copyright (c) 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: dlpi.c,v 1.5 1999/02/25 23:30:34 mellon Exp $ Copyright (c) 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ static int strioctl PROTO ((int fd, int cmd, int timeout, int len, char *dp)); @@ -349,13 +349,14 @@ void if_register_send (info) #endif if (!quiet_interface_discovery) - log_info ("Sending on DLPI/%s/%s/%s", + log_info ("Sending on DLPI/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); #ifdef DLPI_FIRST_SEND_WAIT /* See the implementation notes at the beginning of this file */ @@ -402,7 +403,7 @@ void if_register_receive (info) pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_CAND; pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHWORD + 18; pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT + ENF_CAND; - pf.Pf_Filter [pf.Pf_FilterLen++] = local_port; + pf.Pf_Filter [pf.Pf_FilterLen++] = htons (local_port); #else /* * The packets that will be received on this file descriptor @@ -420,7 +421,7 @@ void if_register_receive (info) pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_CAND; pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHWORD + 11; pf.Pf_Filter [pf.Pf_FilterLen++] = ENF_PUSHLIT + ENF_CAND; - pf.Pf_Filter [pf.Pf_FilterLen++] = local_port; + pf.Pf_Filter [pf.Pf_FilterLen++] = htons (local_port); #endif /* Install the filter... */ @@ -431,13 +432,14 @@ void if_register_receive (info) #endif if (!quiet_interface_discovery) - log_info ("Listening on DLPI/%s/%s/%s", + log_info ("Listening on DLPI/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); #ifdef DLPI_FIRST_SEND_WAIT /* See the implementation notes at the beginning of this file */ @@ -466,7 +468,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) unsigned char dstaddr [DLPI_MAXDLADDR]; unsigned addrlen; int saplen; - int rslt; + int result; if (!strcmp (interface -> name, "fallback")) return send_fallback (interface, packet, raw, @@ -487,7 +489,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) dbuflen += len; #ifdef USE_DLPI_RAW - rslt = write (interface -> wfdesc, dbuf, dbuflen); + result = write (interface -> wfdesc, dbuf, dbuflen); #else /* XXX: Assumes ethernet, with two byte SAP */ sap [0] = 0x08; /* ETHERTYPE_IP, high byte */ @@ -512,10 +514,12 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) addrlen = interface -> hw_address.hlen + ABS (saplen); /* Send the packet down the wire... */ - rslt = dlpiunitdatareq (interface -> wfdesc, dstaddr, addrlen, - 0, 0, dbuf, dbuflen); + result = dlpiunitdatareq (interface -> wfdesc, dstaddr, addrlen, + 0, 0, dbuf, dbuflen); #endif - return rslt; + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_DLPI_SEND */ @@ -535,8 +539,8 @@ ssize_t receive_packet (interface, buf, len, from, hfrom) int flags = 0; int length = 0; int offset = 0; - int bufix = 0; int rslt; + int bufix = 0; #ifdef USE_DLPI_RAW length = read (interface -> rfdesc, dbuf, sizeof (dbuf)); @@ -1057,7 +1061,7 @@ static int dlpiunitdataind (fd, daddr, daddrlen, union DL_primitives *dlp; struct strbuf ctl, data; int flags = 0; - int rslt; + int result; /* Set up the msg_buf structure... */ dlp = (union DL_primitives *)buf; @@ -1071,9 +1075,9 @@ static int dlpiunitdataind (fd, daddr, daddrlen, data.len = 0; data.buf = (char *)dbuf; - rslt = getmsg (fd, &ctl, &data, &flags); + result = getmsg (fd, &ctl, &data, &flags); - if (rslt != 0) { + if (result != 0) { return -1; } @@ -1141,7 +1145,7 @@ static int strgetmsg (fd, ctlp, datap, flagsp, caller) int *flagsp; int fd; { - int rslt; + int result; #ifdef USE_POLL struct pollfd pfd; int count; @@ -1195,8 +1199,8 @@ static int strgetmsg (fd, ctlp, datap, flagsp, caller) * Set flags argument and issue getmsg (). */ *flagsp = 0; - if ((rslt = getmsg (fd, ctlp, datap, flagsp)) < 0) { - return rslt; + if ((result = getmsg (fd, ctlp, datap, flagsp)) < 0) { + return result; } #ifndef USE_POLL @@ -1212,7 +1216,7 @@ static int strgetmsg (fd, ctlp, datap, flagsp, caller) /* * Check for MOREDATA and/or MORECTL. */ - if (rslt & (MORECTL|MOREDATA)) { + if (result & (MORECTL|MOREDATA)) { return -1; } diff --git a/common/execute.c b/common/execute.c index 536719e8a..f5d903b13 100644 --- a/common/execute.c +++ b/common/execute.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: execute.c,v 1.5 1999/02/24 17:56:45 mellon Exp $ Copyright (c) 1998 The Internet Software Consortium. All rights reserved.\n"; +"$Id: execute.c,v 1.6 1999/02/25 23:30:34 mellon Exp $ Copyright (c) 1998 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -166,9 +166,36 @@ void execute_statements_in_scope (packet, in_options, out_options, struct group *limiting_group; { struct group *scope; + struct group *limit; + + /* As soon as we get to a scope that is outer than the limiting + scope, we are done. This is so that if somebody does something + like this, it does the expected thing: + + domain-name "fugue.com"; + shared-network FOO { + host bar { + domain-name "othello.fugue.com"; + fixed-address 10.20.30.40; + } + subnet 10.20.30.0 netmask 255.255.255.0 { + domain-name "manhattan.fugue.com"; + } + } + + The problem with the above arrangement is that the host's + group nesting will be host -> shared-network -> top-level, + and the limiting scope when we evaluate the host's scope + will be the subnet -> shared-network -> top-level, so we need + to know when we evaluate the host's scope to stop before we + evaluate the shared-networks scope, because it's outer than + the limiting scope, which means we've already evaluated it. */ + + for (limit = limiting_group; limit; limit = limit -> next) { + if (group == limit) + return; + } - if (group == limiting_group) - return; if (group -> next) execute_statements_in_scope (packet, in_options, out_options, group -> next, limiting_group); diff --git a/common/lpf.c b/common/lpf.c index 88544173d..9e37fa9c5 100644 --- a/common/lpf.c +++ b/common/lpf.c @@ -43,7 +43,7 @@ #ifndef lint static char copyright[] = -"$Id: lpf.c,v 1.3 1999/02/24 17:56:45 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: lpf.c,v 1.4 1999/02/25 23:30:34 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -129,13 +129,14 @@ void if_register_send (info) info -> wfdesc = info -> rfdesc; #endif if (!quiet_interface_discovery) - log_info ("Sending on LPF/%s/%s/%s", + log_info ("Sending on LPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_LPF_SEND */ @@ -174,13 +175,14 @@ void if_register_receive (info) log_fatal ("Can't install packet filter program: %m"); } if (!quiet_interface_discovery) - log_info ("Listening on LPF/%s/%s/%s", + log_info ("Listening on LPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_LPF_RECEIVE */ @@ -197,6 +199,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) int bufp = 0; unsigned char buf [1500]; struct sockaddr sa; + int result; if (!strcmp (interface -> name, "fallback")) return send_fallback (interface, packet, raw, @@ -216,8 +219,11 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) strncpy (sa.sa_data, (const char *)interface -> ifp, sizeof sa.sa_data); - return sendto (interface -> wfdesc, buf, bufp + len, 0, - &sa, sizeof sa); + result = sendto (interface -> wfdesc, buf, bufp + len, 0, + &sa, sizeof sa); + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_LPF_SEND */ diff --git a/common/memory.c b/common/memory.c index 8248481db..f4cd59ebb 100644 --- a/common/memory.c +++ b/common/memory.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: memory.c,v 1.46 1999/02/24 17:56:46 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: memory.c,v 1.47 1999/02/25 23:30:35 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -66,9 +66,11 @@ void enter_host (hd) hd -> n_ipaddr = (struct host_decl *)0; if (hd -> interface.hlen) { - if (!host_hw_addr_hash) + if (!host_hw_addr_hash) { host_hw_addr_hash = new_hash (); - else + if (!host_hw_addr_hash) + log_fatal ("Can't allocate host/hw hash"); + } else hp = (struct host_decl *) hash_lookup (host_hw_addr_hash, hd -> interface.haddr, @@ -117,6 +119,8 @@ void enter_host (hd) there's already an entry in the hash for this host. */ if (!host_uid_hash) { host_uid_hash = new_hash (); + if (!host_uid_hash) + log_fatal ("Can't allocate host/uid hash"); hp = (struct host_decl *)0; } else hp = ((struct host_decl *) @@ -185,6 +189,8 @@ struct subnet *find_host_for_network (host, addr, share) struct host_decl *hp; struct data_string fixed_addr; + memset (&fixed_addr, 0, sizeof fixed_addr); + for (hp = *host; hp; hp = hp -> n_ipaddr) { if (!hp -> fixed_addr) continue; @@ -229,12 +235,21 @@ void new_address_range (low, high, subnet, pool) } /* Initialize the hash table if it hasn't been done yet. */ - if (!lease_uid_hash) + if (!lease_uid_hash) { lease_uid_hash = new_hash (); - if (!lease_ip_addr_hash) + if (!lease_uid_hash) + log_fatal ("Can't allocate lease/uid hash"); + } + if (!lease_ip_addr_hash) { lease_ip_addr_hash = new_hash (); - if (!lease_hw_addr_hash) + if (!lease_uid_hash) + log_fatal ("Can't allocate lease/ip hash"); + } + if (!lease_hw_addr_hash) { lease_hw_addr_hash = new_hash (); + if (!lease_uid_hash) + log_fatal ("Can't allocate lease/hw hash"); + } /* Make sure that high and low addresses are in same subnet. */ net = subnet_number (low, subnet -> netmask); diff --git a/common/nit.c b/common/nit.c index 5734f6954..656a61819 100644 --- a/common/nit.c +++ b/common/nit.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: nit.c,v 1.17 1999/02/24 17:56:46 mellon Exp $ Copyright (c) 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: nit.c,v 1.18 1999/02/25 23:30:35 mellon Exp $ Copyright (c) 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -155,12 +155,13 @@ void if_register_send (info) info -> wfdesc = info -> rfdesc; #endif if (!quiet_interface_discovery) - log_info ("Sending on NIT/%s/%s", + log_info ("Sending on NIT/%s%s%s", print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_NIT_SEND */ @@ -238,12 +239,13 @@ void if_register_receive (info) log_fatal ("Can't set NIT filter on %s: %m", info -> name); if (!quiet_interface_discovery) - log_info ("Listening on NIT/%s/%s", + log_info ("Listening on NIT/%s%s%s", print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_NIT_RECEIVE */ @@ -263,6 +265,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) struct strbuf ctl, data; int hw_end; struct sockaddr_in foo; + int result; if (!strcmp (interface -> name, "fallback")) return send_fallback (interface, packet, raw, @@ -298,7 +301,10 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) data.buf = (char *)&buf [hw_end]; data.maxlen = data.len = bufp + len - hw_end; - return putmsg (interface -> wfdesc, &ctl, &data, 0); + result = putmsg (interface -> wfdesc, &ctl, &data, 0); + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_NIT_SEND */ diff --git a/common/parse.c b/common/parse.c index 7ac0149e1..9f39ea1ad 100644 --- a/common/parse.c +++ b/common/parse.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: parse.c,v 1.13 1999/02/24 17:56:47 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: parse.c,v 1.14 1999/02/25 23:30:35 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -1866,3 +1866,53 @@ int parse_option_token (rv, cfile, fmt, expr, uniform, lookups) *rv = t; return 1; } + +int parse_auth_key (key_id, cfile) + struct data_string *key_id; + FILE *cfile; +{ + struct data_string key_data; + char *val; + enum dhcp_token token; + struct auth_key *key, *old_key = (struct auth_key *)0; + + memset (&key_data, 0, sizeof key_data); + + if (!parse_cshl (key_id, cfile)) + return 0; + + key = auth_key_lookup (key_id); + + token = peek_token (&val, cfile); + if (token == SEMI) { + if (!key) + parse_warn ("reference to undefined key %s", + print_hex_1 (key_id -> len, + key_id -> data, + key_id -> len)); + data_string_forget (key_id, "parse_auth_key"); + } else { + if (!parse_cshl (&key_data, cfile)) + return 0; + if (key) { + parse_warn ("redefinition of key %s", + print_hex_1 (key_id -> len, + key_id -> data, + key_id -> len)); + old_key = key; + } + key = new_auth_key (key_data.len, "parse_auth_key"); + if (!key) + log_fatal ("No memory for key %s", + print_hex_1 (key_id -> len, + key_id -> data, + key_id -> len)); + key -> length = key_data.len; + memcpy (key -> data, key_data.data, key_data.len); + enter_auth_key (key_id, key); + data_string_forget (&key_data, "parse_auth_key"); + } + + parse_semi (cfile); + return key_id -> len ? 1 : 0; +} diff --git a/common/raw.c b/common/raw.c index 7f4047e9b..1ad4cc996 100644 --- a/common/raw.c +++ b/common/raw.c @@ -16,7 +16,7 @@ Sigh. */ /* - * Copyright (c) 1995, 1996 The Internet Software Consortium. + * Copyright (c) 1995, 1996, 1997, 1999 The Internet Software Consortium. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -54,7 +54,7 @@ #ifndef lint static char copyright[] = -"$Id: raw.c,v 1.12 1999/02/24 17:56:47 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; +"$Id: raw.c,v 1.13 1999/02/25 23:30:35 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -97,10 +97,11 @@ void if_register_send (info) info -> wfdesc = sock; if (!quiet_interface_discovery) - log_info ("Sending on Raw/%s/%s", + log_info ("Sending on Raw/%s%s%s", info -> name, + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } size_t send_packet (interface, packet, raw, len, from, to, hto) @@ -115,6 +116,7 @@ size_t send_packet (interface, packet, raw, len, from, to, hto) unsigned char buf [256]; int bufp = 0; struct iovec iov [2]; + int result; /* Assemble the headers... */ assemble_udp_ip_header (interface, buf, &bufp, from.s_addr, @@ -127,6 +129,9 @@ size_t send_packet (interface, packet, raw, len, from, to, hto) iov [1].iov_base = (char *)raw; iov [1].iov_len = len; - return writev(interface -> wfdesc, iov, 2); + result = writev(interface -> wfdesc, iov, 2); + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_SOCKET_SEND */ diff --git a/common/socket.c b/common/socket.c index 9d594345f..891f33b30 100644 --- a/common/socket.c +++ b/common/socket.c @@ -50,7 +50,7 @@ #ifndef lint static char copyright[] = -"$Id: socket.c,v 1.30 1999/02/24 17:56:48 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: socket.c,v 1.31 1999/02/25 23:30:36 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -102,7 +102,7 @@ int if_register_socket (info) int sock; int flag; -#if !defined (SO_BINDTODEVICE) && !defined (USE_FALLBACK) +#if !defined (HAVE_SO_BINDTODEVICE) && !defined (USE_FALLBACK) /* Make sure only one interface is registered. */ if (once) log_fatal ("The standard socket API can only support %s", @@ -136,7 +136,7 @@ int if_register_socket (info) if (bind (sock, (struct sockaddr *)&name, sizeof name) < 0) log_fatal ("Can't bind to dhcp address: %m"); -#if defined (SO_BINDTODEVICE) +#if defined (HAVE_SO_BINDTODEVICE) /* Bind this socket to this interface. */ if (info -> ifp && setsockopt (sock, SOL_SOCKET, SO_BINDTODEVICE, @@ -159,11 +159,11 @@ void if_register_send (info) info -> wfdesc = info -> rfdesc; #endif if (!quiet_interface_discovery) - log_info ("Sending on Socket/%s/%s", + log_info ("Sending on Socket/%s%s%s", info -> name, + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); - + info -> shared_network -> name : "")); } #endif /* USE_SOCKET_SEND */ @@ -175,10 +175,11 @@ void if_register_receive (info) we don't need to register this interface twice. */ info -> rfdesc = if_register_socket (info); if (!quiet_interface_discovery) - log_info ("Listening on Socket/%s/%s", + log_info ("Listening on Socket/%s%s%s", info -> name, + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_SOCKET_RECEIVE */ @@ -206,6 +207,12 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) errno == ECONNREFUSED) && retry++ < 10); #endif + if (result < 0) { + warn ("send_packet: %m"); + if (errno == ENETUNREACH) + warn ("send_packet: please consult README file %s", + "regarding broadcast address."); + } return result; } #endif /* USE_SOCKET_SEND */ diff --git a/common/tables.c b/common/tables.c index 7542a5cc2..e2279fb3e 100644 --- a/common/tables.c +++ b/common/tables.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: tables.c,v 1.19 1999/02/24 17:56:48 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: tables.c,v 1.20 1999/02/25 23:30:36 mellon Exp $ Copyright (c) 1995, 1996, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -276,7 +276,7 @@ struct option dhcp_options [256] = { { "option-207", "X", &dhcp_universe, 207 }, { "option-208", "X", &dhcp_universe, 208 }, { "option-209", "X", &dhcp_universe, 209 }, - { "option-210", "X", &dhcp_universe, 210 }, + { "authenticate", "X", &dhcp_universe, 210 }, { "option-211", "X", &dhcp_universe, 211 }, { "option-212", "X", &dhcp_universe, 212 }, { "option-213", "X", &dhcp_universe, 213 }, diff --git a/common/upf.c b/common/upf.c index 4fc2f01bb..71d9254b3 100644 --- a/common/upf.c +++ b/common/upf.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: upf.c,v 1.5 1999/02/24 17:56:49 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: upf.c,v 1.6 1999/02/25 23:30:36 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -143,13 +143,14 @@ void if_register_send (info) info -> wfdesc = info -> rfdesc; #endif if (!quiet_interface_discovery) - log_info ("Sending on UPF/%s/%s/%s", + log_info ("Sending on UPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_UPF_SEND */ @@ -208,13 +209,14 @@ void if_register_receive (info) if (ioctl (info -> rfdesc, EIOCSETF, &pf) < 0) log_fatal ("Can't install packet filter program: %m"); if (!quiet_interface_discovery) - log_info ("Listening on UPF/%s/%s/%s", + log_info ("Listening on UPF/%s/%s%s%s", info -> name, print_hw_addr (info -> hw_address.htype, info -> hw_address.hlen, info -> hw_address.haddr), + (info -> shared_network ? "/" : ""), (info -> shared_network ? - info -> shared_network -> name : "unattached")); + info -> shared_network -> name : "")); } #endif /* USE_UPF_RECEIVE */ @@ -231,6 +233,7 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) int bufp = 0; unsigned char buf [256]; struct iovec iov [2]; + int result; if (!strcmp (interface -> name, "fallback")) return send_fallback (interface, packet, raw, @@ -248,7 +251,10 @@ ssize_t send_packet (interface, packet, raw, len, from, to, hto) iov [1].iov_base = (char *)raw; iov [1].iov_len = len; - return writev(interface -> wfdesc, iov, 2); + result = writev(interface -> wfdesc, iov, 2); + if (result < 0) + warn ("send_packet: %m"); + return result; } #endif /* USE_UPF_SEND */ diff --git a/includes/cf/linux.h b/includes/cf/linux.h index 13523b93d..571354e63 100644 --- a/includes/cf/linux.h +++ b/includes/cf/linux.h @@ -76,14 +76,19 @@ extern int h_errno; #include /* gettimeofday()*/ -#ifndef _PATH_DHCPD_PID -#define _PATH_DHCPD_PID "/var/run/dhcpd.pid" -#endif -#ifndef _PATH_DHCLIENT_PID -#define _PATH_DHCLIENT_PID "/var/run/dhclient.pid" +/* Databases go in /var/state/dhcp. It would also be valid to put them + in /var/state/misc - indeed, given that there's only one lease file, it + would probably be better. However, I have some ideas for optimizing + the lease database that may result in a _lot_ of smaller files being + created, so in that context it makes more sense to have a seperate + directory. */ + +#ifndef _PATH_DHCPD_DB +#define _PATH_DHCPD_DB "/var/state/dhcp/dhcpd.leases" #endif + #ifndef _PATH_DHCLIENT_DB -#define _PATH_DHCLIENT_DB "/var/db/dhclient.leases" +#define _PATH_DHCLIENT_DB "/var/state/dhcp/dhclient.leases" #endif /* Varargs stuff... */ @@ -106,15 +111,27 @@ extern int h_errno; #define TIME time_t #define GET_TIME(x) time ((x)) -#if defined (USE_DEFAULT_NETWORK) -# if (LINUX_MAJOR >= 2) && (LINUX_MINOR >= 1) -# define USE_LPF +#if (LINUX_MAJOR >= 2) +# if (LINUX_MINOR >= 1) +# if defined (USE_DEFAULT_NETWORK) +# define USE_LPF +# endif # define LINUX_SLASHPROC_DISCOVERY # define PROCDEV_DEVICE "/proc/net/dev" -# else +# define HAVE_ARPHRD_TUNNEL +# endif +# define HAVE_ARPHRD_METRICOM +# define HAVE_ARPHRD_IEEE802 +# define HAVE_ARPHRD_LOOPBACK +# define HAVE_SO_BINDTODEVICE +# define HAVE_SIOCGIFHWADDR +#endif + +#if !defined (USE_LPF) +# if defined (USE_DEFAULT_NETWORK) # define USE_SOCKETS -# define IGNORE_HOSTUNREACH # endif +# define IGNORE_HOSTUNREACH #endif #define ALIAS_NAMES_PERMUTED diff --git a/includes/cf/sunos5-5.h b/includes/cf/sunos5-5.h index 4edf53323..5fcb0d0b1 100644 --- a/includes/cf/sunos5-5.h +++ b/includes/cf/sunos5-5.h @@ -117,21 +117,9 @@ extern int h_errno; #define NEED_INET_ATON -/* By default, use the DLPI API for receiving and sending packets. */ #if defined (USE_DEFAULT_NETWORK) -# if defined (__sparc) -/* On sparc systems, use the DLPI API, which allows multiple interfaces - to be supported. DLPI is currently buggy on non-sparc machines. - It's unclear whether this is an O.S. bug or an endianness bug in - the DLPI code. */ -# define USE_DLPI -# define USE_DLPI_PFMOD -# else -/* On non-sparc systems, use BSD Socket API for receiving and sending - packets. This actually works pretty well on Solaris, which doesn't - censor the all-ones broadcast address. */ -# define USE_SOCKETS -# endif /* defined (__sparc) */ +# define USE_DLPI +# define USE_DLPI_PFMOD #endif #define USE_POLL diff --git a/includes/dhcp.h b/includes/dhcp.h index 3508e0cca..1aadd0acb 100644 --- a/includes/dhcp.h +++ b/includes/dhcp.h @@ -156,6 +156,12 @@ struct dhcp_packet { #define DHO_DHCP_CLIENT_IDENTIFIER 61 #define DHO_DHCP_USER_CLASS_ID 77 #define DHO_DHCP_AGENT_OPTIONS 82 +/* The DHO_AUTHENTICATE option is not a standard yet, so I've + allocated an option out of the "local" option space for it on a + temporary basis. Once an option code number is assigned, I will + immediately and shamelessly break this, so don't count on it + continuing to work. */ +#define DHO_AUTHENTICATE 210 #define DHO_END 255 /* DHCP message types. */ diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 9e38c4d35..cb5812a91 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -73,6 +73,12 @@ # define OPTION_HASH_SIZE 17 #endif +/* Variable-length array of data. */ +struct auth_key { + int length; + u_int8_t data [1]; +}; + struct string_list { struct string_list *next; char string [1]; @@ -233,6 +239,7 @@ struct lease_state { #define SUBNET_DECL 3 #define CLASS_DECL 4 #define GROUP_DECL 5 +#define POOL_DECL 6 /* Possible modes in which discover_interfaces can run. */ @@ -268,7 +275,7 @@ struct lease_state { #endif #if !defined (DEFAULT_MIN_LEASE_TIME) -# define DEFAULT_MIN_LEASE_TIME 43200 +# define DEFAULT_MIN_LEASE_TIME 0 #endif #if !defined (DEFAULT_MAX_LEASE_TIME) @@ -352,8 +359,7 @@ struct host_decl { struct data_string client_identifier; struct option_cache *fixed_addr; struct group *group; - int client_key_length; - u_int8_t *client_key; + struct data_string auth_key_id; }; struct permit { @@ -372,6 +378,7 @@ struct permit { struct pool { struct pool *next; + struct group *group; struct shared_network *shared_network; struct permit *permit_list; struct permit *prohibit_list; @@ -904,6 +911,7 @@ struct executable_statement *parse_option_statement PROTO ((FILE *, int, ); int parse_option_token PROTO ((struct expression **, FILE *, char *, struct expression *, int, int)); +int parse_auth_key PROTO ((struct data_string *, FILE *)); /* tree.c */ pair cons PROTO ((caddr_t, pair)); @@ -1043,6 +1051,8 @@ struct pool *new_pool PROTO ((char *)); void free_pool PROTO ((struct pool *, char *)); struct failover_peer *new_failover_peer PROTO ((char *)); void free_failover_peer PROTO ((struct failover_peer *, char *)); +struct auth_key *new_auth_key PROTO ((int, char *)); +void free_auth_key PROTO ((struct auth_key *, char *)); struct permit *new_permit PROTO ((char *)); void free_permit PROTO ((struct permit *, char *)); pair new_pair PROTO ((char *)); @@ -1495,6 +1505,12 @@ void execute_statements_in_scope PROTO ((struct packet *, struct option_state *, struct option_state *, struct group *, struct group *)); + +/* auth.c */ +void enter_auth_key PROTO ((struct data_string *, struct auth_key *)); +struct auth_key *auth_key_lookup PROTO ((struct data_string *)); + /* failover.c */ void enter_failover_peer PROTO ((struct failover_peer *)); struct failover_peer *find_failover_peer PROTO ((char *)); + diff --git a/includes/dhctoken.h b/includes/dhctoken.h index 245059637..88ceb2a41 100644 --- a/includes/dhctoken.h +++ b/includes/dhctoken.h @@ -179,6 +179,7 @@ enum dhcp_token { FDDI = 379, AUTHORITATIVE = 380, TOKEN_NOT = 381, + AUTH_KEY = 382, }; #define is_identifier(x) ((x) >= FIRST_TOKEN && \ diff --git a/includes/osdep.h b/includes/osdep.h index 68167915a..0de1fac29 100644 --- a/includes/osdep.h +++ b/includes/osdep.h @@ -3,7 +3,7 @@ Operating system dependencies... */ /* - * Copyright (c) 1996, 1997, 1998 The Internet Software Consortium. + * Copyright (c) 1996, 1997, 1998, 1999 The Internet Software Consortium. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -229,3 +229,36 @@ #ifndef BPF_FORMAT # define BPF_FORMAT "/dev/bpf%d" #endif + +#if defined (IFF_POINTOPOINT) && !defined (HAVE_IFF_POINTOPOINT) +# define HAVE_IFF_POINTOPOINT +#endif + +#if defined (AF_LINK) && !defined (HAVE_AF_LINK) +# define HAVE_AF_LINK +#endif + +#if defined (ARPHRD_TUNNEL) && !defined (HAVE_ARPHRD_TUNNEL) +# define HAVE_ARPHRD_TUNNEL +#endif + +#if defined (ARPHRD_LOOPBACK) && !defined (HAVE_ARPHRD_LOOPBACK) +# define HAVE_ARPHRD_LOOPBACK +#endif + +#if defined (ARPHRD_METRICOM) && !defined (HAVE_ARPHRD_METRICOM) +# define HAVE_ARPHRD_METRICOM +#endif + +#if defined (SO_BINDTODEVICE) && !defined (HAVE_SO_BINDTODEVICE) +# define HAVE_SO_BINDTODEVICE +#endif + +#if defined (SIOCGIFHWADDR) && !defined (HAVE_SIOCGIFHWADDR) +# define HAVE_SIOCGIFHWADDR +#endif + +#if defined (AF_LINK) && !defined (HAVE_AF_LINK) +# define HAVE_AF_LINK +#endif + diff --git a/includes/site.h b/includes/site.h index 80f6a837c..fdc88b514 100644 --- a/includes/site.h +++ b/includes/site.h @@ -32,7 +32,7 @@ /* Define this if you want to see dumps of find_lease() in action. */ -/* #define DEBUG_FIND_LEASE */ +#define DEBUG_FIND_LEASE /* Define this if you want to see dumps of parsed expressions. */ diff --git a/relay/Makefile.dist b/relay/Makefile.dist index ca4b7fab2..69ef1c92d 100644 --- a/relay/Makefile.dist +++ b/relay/Makefile.dist @@ -1,6 +1,6 @@ # Makefile.dist # -# Copyright (c) 1996, 1997, 1998 The Internet Software Consortium. +# Copyright (c) 1996, 1997, 1998, 1999 The Internet Software Consortium. # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -43,26 +43,21 @@ CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) all: $(PROG) $(CATMANPAGES) -install: $(PROG) $(CATMANPAGES) - @for dir in $(BINDIR) $(ADMMANDIR); do \ - case $$dir in \ - /*) base=/ ;; \ - *) base="" ;; \ - esac; \ - slash=""; \ - for elt in `echo $$dir |sed -e 's/\// /g'`; do \ - if [ ! -d $$base/$$elt ]; then \ - echo Making $$base/$$elt; \ - mkdir $$base/$$elt; \ - chmod 755 $$base/$$elt; \ +install: all + for dir in $(BINDIR) $(ADMMANDIR); do \ + foo=""; \ + for bar in `echo $(DESTDIR)$${dir} |tr / ' '`; do \ + foo=$${foo}/$$bar; \ + if [ ! -d $$foo ]; then \ + mkdir $$foo; \ + chmod 755 $$foo; \ fi; \ - base=$$base$$slash$$elt; \ - slash=/; \ done; \ done - $(INSTALL) dhcrelay $(BINDIR); $(CHMOD) 755 $(BINDIR)/dhcrelay + $(INSTALL) dhcrelay $(DESTDIR)$(BINDIR) + $(CHMOD) 755 $(DESTDIR)$(BINDIR)/dhcrelay $(MANINSTALL) $(MANFROM) dhcrelay.cat8 $(MANTO) \ - $(ADMMANDIR)/dhcrelay$(ADMMANEXT) + $(DESTDIR)$(ADMMANDIR)/dhcrelay$(ADMMANEXT) depend: makedepend $(INCLUDES) $(PREDEFINES) $(SRCS) diff --git a/relay/dhcrelay.c b/relay/dhcrelay.c index a08011439..5074a1a2b 100644 --- a/relay/dhcrelay.c +++ b/relay/dhcrelay.c @@ -42,7 +42,7 @@ #ifndef lint static char ocopyright[] = -"$Id: dhcrelay.c,v 1.19 1999/02/24 17:56:50 mellon Exp $ Copyright (c) 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: dhcrelay.c,v 1.20 1999/02/25 23:30:38 mellon Exp $ Copyright (c) 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -111,7 +111,7 @@ struct server_list { static char copyright [] = "Copyright 1997, 1998, 1999 The Internet Software Consortium."; static char arr [] = "All rights reserved."; -static char message [] = "Internet Software Consortium DHCP Relay Agent V3.0-alpha 19990213"; +static char message [] = "Internet Software Consortium DHCP Relay Agent V3.0-alpha 19990225"; static char contrib [] = "\nPlease contribute if you find this software useful."; static char url [] = "For info, please visit http://www.isc.org/dhcp-contrib.html\n"; @@ -372,7 +372,6 @@ void relay (ip, packet, length, from_port, from, hfrom) (struct packet *)0, packet, length, out -> primary_address, &to, &hto) < 0) { - log_debug ("sendpkt: %m"); ++server_packet_errors; } else { log_debug ("forwarded BOOTREPLY for %s to %s", @@ -412,7 +411,6 @@ void relay (ip, packet, length, from_port, from, hfrom) (struct packet *)0, packet, length, ip -> primary_address, &sp -> to, (struct hardware *)0) < 0) { - log_debug ("send_packet: %m"); ++client_packet_errors; } else { log_debug ("forwarded BOOTREQUEST for %s to %s", @@ -427,8 +425,8 @@ void relay (ip, packet, length, from_port, from, hfrom) static void usage () { - log_fatal ("Usage: dhcrelay [-p ] [-d] [-D] [-i interface]\n%s%s%s", - " ", + log_fatal ("Usage: dhcrelay [-p ] [-d] [-D] [-i %s%s%s", + "interface]\n ", "[-q] [-a] [-A length] [-m append|replace|forward|discard]\n", " [server1 [... serverN]]"); } diff --git a/relay/dhcrelay.cat8 b/relay/dhcrelay.cat8 index 0080806d7..7dea2a274 100644 --- a/relay/dhcrelay.cat8 +++ b/relay/dhcrelay.cat8 @@ -9,55 +9,55 @@ NNAAMMEE SSYYNNOOPPSSIISS ddhhccrreellaayy [ --pp _p_o_r_t ] [ --dd ] [ --qq ] [ --ii _i_f_0 [ ...... --ii _i_f_N - ] ] _s_e_r_v_e_r_0 [ _._._._s_e_r_v_e_r_N ] + ] ] [ --aa ] [ --AA _l_e_n_g_t_h ] [ --DD ] [ --mm _a_p_p_e_n_d | _r_e_p_l_a_c_e | + _f_o_r_w_a_r_d | _d_i_s_c_a_r_d ] _s_e_r_v_e_r_0 [ _._._._s_e_r_v_e_r_N ] DDEESSCCRRIIPPTTIIOONN - The Internet Software Consortium DHCP Relay Agent, dhcre­ + The Internet Software Consortium DHCP Relay Agent, dhcre­ lay, provides a means for relaying DHCP and BOOTP requests - from a subnet to which no DHCP server is directly to one + from a subnet to which no DHCP server is directly to one or more DHCP servers on other subnets. OOPPEERRAATTIIOONN - The DHCP Relay Agent listens for DHCP requests on all - interfaces attached to a host, unless one or more inter­ - faces are specified on the command line with the _-_i flag. - - When a query is received, dhcrelay forwards it to the list - of DHCP servers specified on the command line. When a - reply is received, it is broadcast or unicast on the net­ - work from whence the original request came. - - It is possible to specify a set of interfaces on which - dhcrelay will listen, so that if dhcrelay is connected - through one interface to a network on which there is no - DHCP server, but is connected on another interface to a - network on which there is a DHCP server, it will not relay - DHCP and BOOTP requests from the network on which the - server exists to that server. This is an imperfect solu­ - tion. + The DHCP Relay Agent listens for DHCP and BOOTP queries + and responses. When a query is received from a client, + dhcrelay forwards it to the list of DHCP servers specified + on the command line. When a reply is received from a + server, it is broadcast or unicast (according to the relay + agent's ability or the client's request) on the network + from which the original request came. CCOOMMMMAANNDD LLIINNEE The names of the network interfaces that dhcrelay should attempt to configure may be specified on the command line - using the _-_i option. If no interface names are specified + using the --ii option. If no interface names are specified on the command line dhcrelay will identify all network interfaces, elimininating non-broadcast interfaces if pos­ sible, and attempt to configure each interface. - If dhcrelay should listen and transmit on a port other - than the standard (port 67), the --pp flag may used. It - should be followed by the udp port number that dhcrelay + If a relay agent is running on a system that is connected + to one or more networks on which no DHCP servers are pre­ + sent, and is also connected to one or more networks on + which DHCP servers _a_r_e connected, it is may not be helpful + for the relay agent to relay requests from those networks + on which a DHCP server already exists. To avoid such a + situation, the interfaces on which the relay agent should + listen should be specified with the --ii flag. + + Note that in some cases it _i_s helpful for the relay agent + to forward requests from networks on which a DHCP server + is running to other DHCP servers. This would be the case + if two DHCP servers on different networks were being used + to provide backup service for each other's networks. + + If dhcrelay should listen and transmit on a port other + than the standard (port 67), the --pp flag may used. It + should be followed by the udp port number that dhcrelay should use. This is mostly useful for debugging purposes. - Dhcrelay will normally run in the foreground until it has - configured an interface, and then will revert to running + Dhcrelay will normally run in the foreground until it has + configured an interface, and then will revert to running in the background. To run force dhcrelay to always run as - a foreground process, the --dd flag should be specified. - This is useful when running dhcrelay under a debugger, or - when running it out of inittab on System V systems. - - Dhcrelay will normally print its network configuration on - startup. This can be annoying in a system startup script @@ -70,21 +70,138 @@ CCOOMMMMAANNDD LLIINNEE dhcrelay(8) dhcrelay(8) - - to disable this behaviour, specify the _-_q flag. + a foreground process, the --dd flag should be specified. + This is useful when running dhcrelay under a debugger, or + when running it out of inittab on System V systems. + + Dhcrelay will normally print its network configuration on + startup. This can be annoying in a system startup script + - to disable this behaviour, specify the --qq flag. + +RREELLAAYY AAGGEENNTT IINNFFOORRMMAATTIIOONN OOPPTTIIOONNSS + If the --aa flag is set the relay agent will append an agent + option field to each request before forwarding it to the + server. Agent option fields in responses sent from + servers to clients will be stripped before forwarding such + responses back to the client. + + The agent option field will contain two agent options: the + Circuit ID suboption and the Agent ID suboption. Cur­ + rently, the Circuit ID will be the printable name of the + interface on which the client request was received. The + Agent ID will be the value that the relay agent stores in + the DHCP packet's giaddr field. The client supports + inclusion of a Remote ID suboption as well, but this is + not used by default. + + _N_o_t_e_: The Agent ID suboption is not defined in the current + Relay Agent Information Option draft (draft-ietf-dhc- + agent-options-03.txt), but has been proposed for inclusion + in the next draft. + + Relay Agent options are added to a DHCP packet without the + knowledge of the DHCP client. The client may have filled + the DHCP packet option buffer completely, in which case + there theoretically isn't any space to add Agent options. + However, the DHCP server may be able to handle a much + larger packet than most DHCP clients would send. The + current Agent Options draft requires that the relay agent + use a maximum packet size of 576 bytes. + + It is recommended that with the Internet Software Consor­ + tium DHCP server, the maximum packet size be set to about + 1400, allowing plenty of extra space in which the relay + agent can put the agent option field, while still fitting + into the Ethernet MTU size. This can be done by specify­ + ing the --AA flag, followed by the desired maximum packet + size (e.g., 1400). + + Note that this is reasonably safe to do even if the MTU + between the server and the client is less than 1500, as + long as the hosts on which the server and client are run­ + ning support IP fragmentation (and they should). With + some knowledge as to how large the agent options might get + in a particular configuration, this parameter can be tuned + as finely as necessary. + + + + + 2 + + - The name of at least one DHCP server to which DHCP and - BOOTP requests should be relayed must be specified on the - command line. +dhcrelay(8) dhcrelay(8) + + + It is possible for a relay agent to receive a packet which + already contains an agent option field. If this packet + does not have a giaddr set, the standard requires that the + packet be discarded. + + If giaddr is set, the server may handle the situation in + one of four ways: it may _a_p_p_e_n_d its own set of relay + options to the packet, leaving the supplied option field + intact. It may _r_e_p_l_a_c_e the existing agent option field. + It may _f_o_r_w_a_r_d the packet unchanged. Or, it may _d_i_s_c_a_r_d + it. + + Which of these behaviours is followed by the Internet + Software Consortium DHCP Relay Agent may be configured + with the --mm flag, followed by one of the four keywords + specified in _i_t_a_l_i_c_s above. + + When the relay agent receives a reply from a server that + it's supposed to forward to a client, and Relay Agent + Information option processing is enabled, the relay agent + scans the packet for Relay Agent Information options and + removes them. As it's scanning, if it finds a Relay + Agent Information option field containing an Agent ID sub­ + option that matches one of its IP addresses, that option + is recognized as its own. If no such option is found, + the relay agent can either drop the packet, or relay it + anyway. If the --DD option is specified, all packets that + don't contain a match will be dropped. + +SSPPEECCIIFFYYIINNGG DDHHCCPP SSEERRVVEERRSS + The name or IP address of at least one DHCP server to + which DHCP and BOOTP requests should be relayed must be + specified on the command line. + SSEEEE AALLSSOO - dhclient(8), dhcpd(8), RFC2132, RFC2131. + dhclient(8), dhcpd(8), RFC2132, RFC2131, draft-ietf-dhc- + agent-options-03.txt. + +BBUUGGSS + It should be possible for the user to define the Circuit + ID and Remote ID values on a per-interface basis. + + The relay agent should not relay packets received on a + physical network to DHCP servers on the same physical net­ + work - if they do, the server will receive duplicate pack­ + ets. In order to fix this, however, the relay agent + needs to be able to learn about the network topology, + which requires that it have a configuration file. AAUUTTHHOORR ddhhccrreellaayy((88)) has been written for the Internet Software Consortium by Ted Lemon in cooperation with Vixie Enterprises. To learn more about the Internet Software Consortium, see hhttttpp::////wwwwww..vviixx..ccoomm//iisscc.. To learn + + + + 3 + + + + + +dhcrelay(8) dhcrelay(8) + + more about Vixie Enterprises, see hhttttpp::////wwwwww..vviixx..ccoomm.. @@ -127,6 +244,21 @@ AAUUTTHHOORR - 2 + + + + + + + + + + + + + + + + 4 diff --git a/server/Makefile.dist b/server/Makefile.dist index 3b5bda262..29ce59e13 100644 --- a/server/Makefile.dist +++ b/server/Makefile.dist @@ -1,6 +1,6 @@ # Makefile.dist # -# Copyright (c) 1996, 1997, 1998 The Internet Software Consortium. +# Copyright (c) 1996, 1997, 1998, 1999 The Internet Software Consortium. # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -43,30 +43,25 @@ CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) all: $(PROG) $(CATMANPAGES) -install: $(PROG) $(CATMANPAGES) - @for dir in $(BINDIR) $(ADMMANDIR) $(FFMANDIR) $(VARDB); do \ - case $$dir in \ - /*) base=/ ;; \ - *) base="" ;; \ - esac; \ - slash=""; \ - for elt in `echo $$dir |sed -e 's/\// /g'`; do \ - if [ ! -d $$base/$$elt ]; then \ - echo Making $$base/$$elt; \ - mkdir $$base/$$elt; \ - chmod 755 $$base/$$elt; \ +install: all + for dir in $(BINDIR) $(ADMMANDIR) $(FFMANDIR) $(VARDB); do \ + foo=""; \ + for bar in `echo $(DESTDIR)$${dir} |tr / ' '`; do \ + foo=$${foo}/$$bar; \ + if [ ! -d $$foo ]; then \ + mkdir $$foo; \ + chmod 755 $$foo; \ fi; \ - base=$$base$$slash$$elt; \ - slash=/; \ done; \ done - $(INSTALL) dhcpd $(BINDIR); $(CHMOD) 755 $(BINDIR)/dhcpd + $(INSTALL) dhcpd $(DESTDIR)$(BINDIR) + $(CHMOD) 755 $(DESTDIR)$(BINDIR)/dhcpd $(MANINSTALL) $(MANFROM) dhcpd.cat8 $(MANTO) \ - $(ADMMANDIR)/dhcpd$(ADMMANEXT) + $(DESTDIR)$(ADMMANDIR)/dhcpd$(ADMMANEXT) $(MANINSTALL) $(MANFROM) dhcpd.conf.cat5 $(MANTO) \ - $(FFMANDIR)/dhcpd.conf$(FFMANEXT) + $(DESTDIR)$(FFMANDIR)/dhcpd.conf$(FFMANEXT) $(MANINSTALL) $(MANFROM) dhcpd.leases.cat5 $(MANTO) \ - $(FFMANDIR)/dhcpd.leases$(FFMANEXT) + $(DESTDIR)$(FFMANDIR)/dhcpd.leases$(FFMANEXT) depend: makedepend $(INCLUDES) $(PREDEFINES) $(SRCS) diff --git a/server/bootp.c b/server/bootp.c index 938523708..014014f9e 100644 --- a/server/bootp.c +++ b/server/bootp.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: bootp.c,v 1.38 1999/02/24 17:56:50 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: bootp.c,v 1.39 1999/02/25 23:30:39 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -271,8 +271,6 @@ void bootp (packet) (struct packet *)0, &raw, outgoing.packet_length, from, &to, &hto); - if (result < 0) - log_error ("send_packet: %m"); return; } /* Otherwise, broadcast it on the local network. */ @@ -285,6 +283,4 @@ void bootp (packet) result = send_packet (packet -> interface, packet, &raw, outgoing.packet_length, from, &to, &hto); - if (result < 0) - log_error ("send_packet: %m"); } diff --git a/server/confpars.c b/server/confpars.c index b5a9156c5..9190029b0 100644 --- a/server/confpars.c +++ b/server/confpars.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: confpars.c,v 1.60 1999/02/24 17:56:51 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; +"$Id: confpars.c,v 1.61 1999/02/25 23:30:39 mellon Exp $ Copyright (c) 1995, 1996 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -152,6 +152,7 @@ void read_leases () | USE_LEASE_ADDR_FOR_DEFAULT_ROUTE boolean | AUTHORITATIVE | NOT AUTHORITATIVE + | AUTH_KEY key-id key-value declaration :== host-declaration | group-declaration @@ -179,8 +180,18 @@ int parse_statement (cfile, group, type, host_decl, declaration) struct option *option; struct option_cache *cache; int lose; + struct data_string key_id; switch (peek_token (&val, cfile)) { + case AUTH_KEY: + memset (&key_id, 0, sizeof key_id); + if (parse_auth_key (&key_id, cfile)) { + if (type == HOST_DECL) + data_string_copy (&host_decl -> auth_key_id, + &key_id, "parse_statement"); + data_string_forget (&key_id, "parse_statement"); + } + break; case HOST: next_token (&val, cfile); if (type != HOST_DECL && type != CLASS_DECL) @@ -337,6 +348,9 @@ int parse_statement (cfile, group, type, host_decl, declaration) if (type != SUBNET_DECL && type != SHARED_NET_DECL) { parse_warn ("pool declared outside of network"); } + if (type == POOL_DECL) { + parse_warn ("pool declared within pool."); + } parse_pool_statement (cfile, group, type); return declaration; @@ -651,11 +665,14 @@ void parse_pool_statement (cfile, group, type) struct pool *pool, **p; struct permit *permit; struct permit **permit_head; + int declaration = 0; pool = new_pool ("parse_pool_statement"); if (!pool) log_fatal ("no memory for pool."); + pool -> group = clone_group (group, "parse_pool_statement"); + if (!parse_lbrace (cfile)) return; do { @@ -677,7 +694,7 @@ void parse_pool_statement (cfile, group, type) permit -> type = permit_unknown_clients; get_clients: if (next_token (&val, cfile) != CLIENTS) { - parse_warn ("expecting \"hosts\""); + parse_warn ("expecting \"clients\""); skip_to_semi (cfile); free_permit (permit, "parse_pool_statement"); @@ -741,6 +758,7 @@ void parse_pool_statement (cfile, group, type) while (*permit_head) permit_head = &((*permit_head) -> next); *permit_head = permit; + parse_semi (cfile); break; case DENY: @@ -753,8 +771,10 @@ void parse_pool_statement (cfile, group, type) break; default: - parse_warn ("expecting address range or permit list."); - skip_to_semi (cfile); + declaration = parse_statement (cfile, pool -> group, + POOL_DECL, + (struct host_decl *)0, + declaration); break; } } while (!done); diff --git a/server/dhcp.c b/server/dhcp.c index 83b33acb3..5c2c950d0 100644 --- a/server/dhcp.c +++ b/server/dhcp.c @@ -42,7 +42,7 @@ #ifndef lint static char copyright[] = -"$Id: dhcp.c,v 1.75 1999/02/24 17:56:51 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; +"$Id: dhcp.c,v 1.76 1999/02/25 23:30:40 mellon Exp $ Copyright (c) 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium. All rights reserved.\n"; #endif /* not lint */ #include "dhcpd.h" @@ -243,21 +243,6 @@ void dhcprequest (packet) } } - /* If we found a lease for the client but it's not the one the - client asked for, don't send it - some other server probably - made the cut. */ - if (lease && !addr_eq (lease -> ip_addr, cip)) { - /* If we found the address the client asked for, but - it wasn't what got picked, the lease belongs to us, - so we should NAK it. */ - if (ours) { - log_info ("%s: wrong lease %s.", msgbuf, piaddr (cip)); - nak_lease (packet, &cip); - } else - log_info ("%s: wrong lease %s", msgbuf, piaddr (cip)); - return; - } - /* If the address the client asked for is ours, but it wasn't available for the client, NAK it. */ if (!lease && ours) { @@ -269,25 +254,10 @@ void dhcprequest (packet) /* If we found a lease, but the client identifier on the lease exists and is different than the id the client sent, then we can't send this lease to the client. */ - if (lease) { - oc = lookup_option (packet -> options.dhcp_hash, - DHO_DHCP_CLIENT_IDENTIFIER); - if (oc) - status = evaluate_option_cache (&data, packet, - &packet -> options, oc); - if (lease && oc && status && lease -> uid_len && - (lease -> uid_len != data.len || - memcmp (data.data, - lease -> uid, lease -> uid_len))) { - log_info ("%s: wrong owner %s.", msgbuf, piaddr (cip)); - nak_lease (packet, &cip); - } else - ack_lease (packet, lease, DHCPACK, 0, msgbuf); - if (oc && status) - data_string_forget (&data, "dhcprequest"); - return; - } - log_info ("%s: unknown lease %s.", msgbuf, piaddr (cip)); + if (lease) + ack_lease (packet, lease, DHCPACK, 0, msgbuf); + else + log_info ("%s: unknown lease %s.", msgbuf, piaddr (cip)); } void dhcprelease (packet) @@ -508,8 +478,6 @@ void nak_lease (packet, cip) packet, &raw, outgoing.packet_length, from, &to, &hto); - if (result < 0) - log_error ("send_fallback: %m"); return; } } else { @@ -521,8 +489,6 @@ void nak_lease (packet, cip) result = send_packet (packet -> interface, packet, &raw, outgoing.packet_length, from, &to, (struct hardware *)0); - if (result < 0) - log_error ("send_packet: %m"); } void ack_lease (packet, lease, offer, when, msg) @@ -597,10 +563,12 @@ void ack_lease (packet, lease, offer, when, msg) packet -> options.agent_options = (struct agent_options *)0; } - /* Execute the subnet statements. */ + /* Execute statements in scope starting with the pool group. */ execute_statements_in_scope (packet, &state -> options, &state -> options, - lease -> subnet -> group, + (lease -> pool + ? lease -> pool -> group + : lease -> subnet -> group), (struct group *)0); /* Vendor and user classes are only supported for DHCP clients. */ @@ -610,7 +578,9 @@ void ack_lease (packet, lease, offer, when, msg) (packet, &state -> options, &state -> options, packet -> classes [i - 1] -> group, - (struct group *)0); + (lease -> pool + ? lease -> pool -> group + : lease -> subnet -> group)); } } @@ -620,7 +590,9 @@ void ack_lease (packet, lease, offer, when, msg) execute_statements_in_scope (packet, &state -> options, &state -> options, lease -> host -> group, - lease -> subnet -> group); + (lease -> pool + ? lease -> pool -> group + : lease -> subnet -> group)); /* Make sure this packet satisfies the configured minimum number of seconds. */ @@ -738,7 +710,8 @@ void ack_lease (packet, lease, offer, when, msg) packet -> classes [i])) break; if (i == packet -> class_count) { - log_info ("%s: no available billing", msg); + log_info ("%s: no available billing", + msg); return; } } @@ -1349,8 +1322,6 @@ void dhcp_reply (lease) (struct packet *)0, &raw, packet_length, raw.siaddr, &to, &hto); - if (result < 0) - log_error ("send_fallback: %m"); free_lease_state (state, "dhcp_reply fallback 1"); lease -> state = (struct lease_state *)0; @@ -1371,8 +1342,6 @@ void dhcp_reply (lease) (struct packet *)0, &raw, packet_length, raw.siaddr, &to, &hto); - if (result < 0) - log_error ("send_fallback: %m"); free_lease_state (state, "dhcp_reply fallback 1"); lease -> state = (struct lease_state *)0; return; @@ -1389,8 +1358,6 @@ void dhcp_reply (lease) result = send_packet (state -> ip, (struct packet *)0, &raw, packet_length, from, &to, &hto); - if (result < 0) - log_error ("sendpkt: %m"); free_lease_state (state, "dhcp_reply"); lease -> state = (struct lease_state *)0; @@ -1405,13 +1372,28 @@ struct lease *find_lease (packet, share, ours) struct lease *lease = (struct lease *)0; struct iaddr cip; struct host_decl *hp, *host = (struct host_decl *)0; - struct lease *fixed_lease; + struct lease *fixed_lease, *next; struct option_cache *oc; struct data_string d1; int have_client_identifier = 0; struct data_string client_identifier; int status; + /* Look up the requested address. */ + oc = lookup_option (packet -> options.dhcp_hash, + DHO_DHCP_REQUESTED_ADDRESS); + memset (&d1, 0, sizeof d1); + if (oc && + evaluate_option_cache (&d1, packet, &packet -> options, oc)) { + cip.len = 4; + memcpy (cip.iabuf, d1.data, cip.len); + data_string_forget (&d1, "find_lease"); + } else if (packet -> raw -> ciaddr.s_addr) { + cip.len = 4; + memcpy (cip.iabuf, &packet -> raw -> ciaddr, 4); + } else + cip.len = 0; + /* Try to find a host or lease that's been assigned to the specified unique client identifier. */ oc = lookup_option (packet -> options.dhcp_hash, @@ -1434,38 +1416,17 @@ struct lease *find_lease (packet, share, ours) } else fixed_lease = (struct lease *)0; - if (fixed_lease) { #if defined (DEBUG_FIND_LEASE) + if (fixed_lease) { log_info ("Found host for client identifier: %s.", piaddr (fixed_lease -> ip_addr)); + } #endif - uid_lease = (struct lease *)0; - } else { + if (!fixed_lease) host = hp; /* Save the host if we found one. */ - uid_lease = find_lease_by_uid (client_identifier.data, - client_identifier.len); - - /* Find the lease matching this uid that's on the - network the packet came from (if any). */ - for (; uid_lease; uid_lease = uid_lease -> n_uid) - if (uid_lease -> subnet -> shared_network == - share) - break; - fixed_lease = (struct lease *)0; -#if defined (DEBUG_FIND_LEASE) - if (uid_lease) - log_info ("Found lease for client identifier: %s.", - piaddr (uid_lease -> ip_addr)); -#endif - if (uid_lease && - (uid_lease -> flags & ABANDONED_LEASE)) { - uid_lease = (struct lease *)0; -#if defined (DEBUG_FIND_LEASE) - log_info ("...but it was abandoned."); -#endif - } - } + uid_lease = find_lease_by_uid (client_identifier.data, + client_identifier.len); } else { uid_lease = (struct lease *)0; fixed_lease = (struct lease *)0; @@ -1484,32 +1445,115 @@ struct lease *find_lease (packet, share, ours) fixed_lease = mockup_lease (packet, share, hp); #if defined (DEBUG_FIND_LEASE) if (fixed_lease) { - log_info ("Found host for hardware address: %s.", + log_info ("Found host for link address: %s.", piaddr (fixed_lease -> ip_addr)); } #endif } } - /* Try to find a lease that's been attached to the client's - hardware address... */ + /* If fixed_lease is present but does not match the requested + IP address, and this is a DHCPREQUEST, then we can't return + any other lease, so we might as well return now. */ + if (packet -> packet_type == DHCPREQUEST && fixed_lease && + (fixed_lease -> ip_addr.len != cip.len || + memcmp (fixed_lease -> ip_addr.iabuf, + cip.iabuf, cip.len))) { + if (ours) + *ours = 1; + strcpy (dhcp_message, "requested address is incorrect"); +#if defined (DEBUG_FIND_LEASE) + log_info ("Client's fixed-address %s doesn't match %s%s", + piaddr (fixed_lease -> ip_addr), "request ", + print_dotted_quads (cip.len, cip.iabuf)); +#endif + goto out; + } + + /* If we found leases matching the client identifier, loop through + the n_uid pointer looking for one that's actually valid. We + can't do this until we get here because we depend on + packet -> known, which may be set by either the uid host + lookup or the haddr host lookup. */ + for (; uid_lease; uid_lease = next) { +#if defined (DEBUG_FIND_LEASE) + log_info ("trying next lease matching client id: %s", + piaddr (uid_lease -> ip_addr)); +#endif + if (uid_lease -> subnet -> shared_network != share) { +#if defined (DEBUG_FIND_LEASE) + log_info ("wrong network segment: %s", + piaddr (uid_lease -> ip_addr)); +#endif + next = uid_lease -> n_uid; + continue; + } + if ((uid_lease -> pool -> prohibit_list && + permitted (packet, uid_lease -> pool -> prohibit_list)) || + (uid_lease -> pool -> permit_list && + !permitted (packet, uid_lease -> pool -> permit_list))) { +#if defined (DEBUG_FIND_LEASE) + log_info ("not permitted: %s", + piaddr (uid_lease -> ip_addr)); +#endif + next = uid_lease -> n_uid; + if (!packet -> raw -> ciaddr.s_addr) + release_lease (uid_lease); + continue; + } + break; + } +#if defined (DEBUG_FIND_LEASE) + if (uid_lease) + log_info ("Found lease for client id: %s.", + piaddr (uid_lease -> ip_addr)); +#endif + + /* Find a lease whose hardware address matches, whose client + identifier matches, that's permitted, and that's on the + correct subnet. */ hw_lease = find_lease_by_hw_addr (packet -> raw -> chaddr, packet -> raw -> hlen); - /* Find the lease that's on the network the packet came from - (if any). */ - for (; hw_lease; hw_lease = hw_lease -> n_hw) { - if (hw_lease -> subnet -> shared_network == share) { - if (hw_lease -> flags & ABANDONED_LEASE) - continue; - /* If we're allowed to use this lease, do so. */ - if (!((hw_lease -> pool -> prohibit_list && - permitted (packet, - hw_lease -> pool -> prohibit_list)) || - (hw_lease -> pool -> permit_list && - !permitted (packet, - hw_lease -> pool -> permit_list)))) - break; + for (; hw_lease; hw_lease = next) { +#if defined (DEBUG_FIND_LEASE) + log_info ("trying next lease matching hw addr: %s", + piaddr (hw_lease -> ip_addr)); +#endif + if (hw_lease -> ends >= cur_time && + hw_lease -> uid && + (!have_client_identifier || + hw_lease -> uid_len != client_identifier.len || + memcmp (hw_lease -> uid, client_identifier.data, + hw_lease -> uid_len))) { +#if defined (DEBUG_FIND_LEASE) + log_info ("wrong client identifier: %s", + piaddr (hw_lease -> ip_addr)); +#endif + next = hw_lease -> n_hw; + continue; + } + if (hw_lease -> subnet -> shared_network != share) { +#if defined (DEBUG_FIND_LEASE) + log_info ("wrong network segment: %s", + piaddr (hw_lease -> ip_addr)); +#endif + next = hw_lease -> n_hw; + continue; } + if ((hw_lease -> pool -> prohibit_list && + permitted (packet, hw_lease -> pool -> prohibit_list)) || + (hw_lease -> pool -> permit_list && + !permitted (packet, hw_lease -> pool -> permit_list))) { +#if defined (DEBUG_FIND_LEASE) + log_info ("not permitted: %s", + piaddr (hw_lease -> ip_addr)); +#endif + next = hw_lease -> n_hw; + if (!packet -> raw -> ciaddr.s_addr) + release_lease (hw_lease); + continue; + } + break; } #if defined (DEBUG_FIND_LEASE) if (hw_lease) @@ -1519,25 +1563,10 @@ struct lease *find_lease (packet, share, ours) /* Try to find a lease that's been allocated to the client's IP address. */ - - oc = lookup_option (packet -> options.dhcp_hash, - DHO_DHCP_REQUESTED_ADDRESS); - memset (&d1, 0, sizeof d1); - if (oc) - status = evaluate_option_cache (&d1, packet, - &packet -> options, oc); - if (oc && status && d1.len == 4) { - cip.len = 4; - memcpy (cip.iabuf, d1.data, cip.len); - ip_lease = find_lease_by_ip_addr (cip); - } else if (packet -> raw -> ciaddr.s_addr) { - cip.len = 4; - memcpy (cip.iabuf, &packet -> raw -> ciaddr, 4); + if (cip.len) ip_lease = find_lease_by_ip_addr (cip); - } else + else ip_lease = (struct lease *)0; - if (oc && status) - data_string_forget (&d1, "find_lease"); #if defined (DEBUG_FIND_LEASE) if (ip_lease) @@ -1559,7 +1588,12 @@ struct lease *find_lease (packet, share, ours) lease to be abandoned. If so, this request probably came from that client. */ if (ip_lease && (ip_lease -> subnet -> shared_network != share)) { + if (ours) + *ours = 1; +#if defined (DEBUG_FIND_LEASE) log_info ("...but it was on the wrong shared network."); +#endif + strcpy (dhcp_message, "requested address on bad subnet"); ip_lease = (struct lease *)0; } @@ -1582,16 +1616,20 @@ struct lease *find_lease (packet, share, ours) /* If for some reason the client has more than one lease on the subnet that matches its uid, pick the one that it asked for and (if we can) free the other. */ - if (ip_lease && uid_lease && ip_lease != uid_lease) { - if (uid_lease && have_client_identifier && + if (ip_lease && + ip_lease -> ends >= cur_time && + ip_lease -> uid && ip_lease != uid_lease) { + if (have_client_identifier && (ip_lease -> uid_len == client_identifier.len) && !memcmp (client_identifier.data, ip_lease -> uid, ip_lease -> uid_len)) { - if (uid_lease -> ends > cur_time) - log_error ("client %s has duplicate leases on %s", - print_hw_addr (packet -> raw -> htype, - packet -> raw -> hlen, - packet -> raw -> chaddr), + if (uid_lease && uid_lease -> ends > cur_time) + log_error ("client %s has duplicate%s on %s", + " leases", + (print_hw_addr + (packet -> raw -> htype, + packet -> raw -> hlen, + packet -> raw -> chaddr)), (ip_lease -> subnet -> shared_network -> name)); @@ -1600,51 +1638,72 @@ struct lease *find_lease (packet, share, ours) allocation. This is only true if the duplicate lease is on the same network, of course. */ - if (packet -> packet_type == DHCPREQUEST && + if (uid_lease && + !packet -> raw -> ciaddr.s_addr && share == uid_lease -> subnet -> shared_network) dissociate_lease (uid_lease); uid_lease = ip_lease; - ip_lease = (struct lease *)0; } - } + strcpy (dhcp_message, "requested address is not available"); + ip_lease = (struct lease *)0; + if (ours) + *ours = 1; - /* Toss hw_lease if it hasn't yet expired and the uid doesn't - match, except that if the hardware address matches and the - client is now doing dynamic BOOTP (and thus hasn't provided - a uid) we let the client get away with it. */ - while (hw_lease && - hw_lease -> ends >= cur_time && - hw_lease -> uid && - (!have_client_identifier || - hw_lease -> uid_len != client_identifier.len || - memcmp (hw_lease -> uid, client_identifier.data, - hw_lease -> uid_len))) { - hw_lease = hw_lease -> n_hw; -#if defined (DEBUG_FIND_LEASE) - if (hw_lease) - log_info ("trying next lease matching hw addr: %s", - piaddr (hw_lease -> ip_addr)); - else - log_info ("rejecting lease for hardware address."); -#endif + /* If we get to here and fixed_lease is not null, that means + that there are both a dynamic lease and a fixed-address + declaration for the same IP address. */ + if (packet -> packet_type == DHCPREQUEST && fixed_lease) { + fixed_lease = (struct lease *)0; + db_conflict: + warn ("Both dynamic and static leases present for %s.", + piaddr (cip)); + warn ("Either remove host declaration %s or remove %s", + (fixed_lease && fixed_lease -> host + ? (fixed_lease -> host -> name + ? fixed_lease -> host -> name : piaddr (cip)) + : piaddr (cip)), + piaddr (cip)); + warn ("from the dynamic address pool for %s", + ip_lease -> subnet -> shared_network -> name); + if (fixed_lease) + ip_lease = (struct lease *)0; + strcpy (dhcp_message, + "database conflict - call for help!"); + } } - /* Toss extra pointers to the same lease... */ - if (ip_lease == hw_lease) { + /* If we get to here with both fixed_lease and ip_lease not + null, then we have a configuration file bug. */ + if (packet -> packet_type == DHCPREQUEST && fixed_lease && ip_lease) + goto db_conflict; + + /* Make sure the client is permitted to use the requested lease. */ + if (ip_lease && + ((ip_lease -> pool -> prohibit_list && + permitted (packet, ip_lease -> pool -> prohibit_list)) || + (ip_lease -> pool -> permit_list && + !permitted (packet, ip_lease -> pool -> permit_list)))) { + if (!packet -> raw -> ciaddr.s_addr) + release_lease (ip_lease); ip_lease = (struct lease *)0; -#if defined (DEBUG_FIND_LEASE) - log_info ("hardware lease and ip lease are identical."); -#endif } + + /* Toss extra pointers to the same lease... */ if (hw_lease == uid_lease) { #if defined (DEBUG_FIND_LEASE) log_info ("hardware lease and uid lease are identical."); #endif hw_lease = (struct lease *)0; } + if (ip_lease == hw_lease) { + hw_lease = (struct lease *)0; +#if defined (DEBUG_FIND_LEASE) + log_info ("hardware lease and ip lease are identical."); +#endif + } if (ip_lease == uid_lease) { - ip_lease = (struct lease *)0; + uid_lease = (struct lease *)0; #if defined (DEBUG_FIND_LEASE) log_info ("uid lease and ip lease are identical."); #endif @@ -1653,36 +1712,19 @@ struct lease *find_lease (packet, share, ours) /* If we've already eliminated the lease, it wasn't there to begin with. If we have come up with a matching lease, set the message to bad network in case we have to throw it out. */ - if (!ip_lease && !hw_lease && !uid_lease) { + if (!ip_lease) { strcpy (dhcp_message, "requested address not available"); - } else { - strcpy (dhcp_message, "requested address on bad subnet"); } - /* Now eliminate leases that are on the wrong network... */ - if (ip_lease && - (share != ip_lease -> subnet -> shared_network)) { - release_lease (ip_lease); - ip_lease = (struct lease *)0; + /* If this is a DHCPREQUEST, make sure the lease we're going to return + matches the requested IP address. If it doesn't, don't return a + lease at all. */ + if (packet -> packet_type == DHCPREQUEST && + !ip_lease && !fixed_lease) { #if defined (DEBUG_FIND_LEASE) - log_info ("lease on requested address is on wrong network."); -#endif - } - if (uid_lease && - (share != uid_lease -> subnet -> shared_network)) { - release_lease (uid_lease); - uid_lease = (struct lease *)0; -#if defined (DEBUG_FIND_LEASE) - log_info ("lease matching uid is on wrong network."); -#endif - } - if (hw_lease && - (share != hw_lease -> subnet -> shared_network)) { - release_lease (hw_lease); - hw_lease = (struct lease *)0; -#if defined (DEBUG_FIND_LEASE) - log_info ("lease matching hardware address is on wrong network."); + log_info ("no applicable lease found for DHCPREQUEST."); #endif + goto out; } /* At this point, if fixed_lease is nonzero, we can assign it to @@ -1698,8 +1740,7 @@ struct lease *find_lease (packet, share, ours) a better offer, use that; otherwise, release it. */ if (ip_lease) { if (lease) { - /* XXX How is it possible to get here? */ - if (packet -> packet_type == DHCPREQUEST) + if (!packet -> raw -> ciaddr.s_addr) release_lease (ip_lease); #if defined (DEBUG_FIND_LEASE) log_info ("not choosing requested address (!)."); @@ -1718,7 +1759,7 @@ struct lease *find_lease (packet, share, ours) the lease that matched the client identifier. */ if (uid_lease) { if (lease) { - if (packet -> packet_type == DHCPREQUEST) + if (!packet -> raw -> ciaddr.s_addr) dissociate_lease (uid_lease); #if defined (DEBUG_FIND_LEASE) log_info ("not choosing uid lease."); @@ -1735,7 +1776,7 @@ struct lease *find_lease (packet, share, ours) /* The lease that matched the hardware address is treated likewise. */ if (hw_lease) { if (lease) { - if (packet -> packet_type == DHCPREQUEST) + if (!packet -> raw -> ciaddr.s_addr) dissociate_lease (hw_lease); #if defined (DEBUG_FIND_LEASE) log_info ("not choosing hardware lease."); @@ -1762,17 +1803,6 @@ struct lease *find_lease (packet, share, ours) } } - if (have_client_identifier) - data_string_forget (&client_identifier, "find_lease"); - -#if defined (DEBUG_FIND_LEASE) - if (lease) - log_info ("Returning lease: %s.", - piaddr (lease -> ip_addr)); - else - log_info ("Not returning a lease."); -#endif - /* If we find an abandoned lease, but it's the one the client requested, we assume that previous bugginess on the part of the client, or a server database loss, caused the lease to @@ -1792,6 +1822,18 @@ struct lease *find_lease (packet, share, ours) lease = (struct lease *)0; } + out: + if (have_client_identifier) + data_string_forget (&client_identifier, "find_lease"); + +#if defined (DEBUG_FIND_LEASE) + if (lease) + log_info ("Returning lease: %s.", + piaddr (lease -> ip_addr)); + else + log_info ("Not returning a lease."); +#endif + return lease; } diff --git a/server/dhcpd.c b/server/dhcpd.c index 3a62b196b..7b9e3c8c2 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c @@ -94,13 +94,13 @@ #ifndef lint static char ocopyright[] = -"$Id: dhcpd.c,v 1.55 1999/02/24 17:56:52 mellon Exp $ Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium."; +"$Id: dhcpd.c,v 1.56 1999/02/25 23:30:40 mellon Exp $ Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium."; #endif static char copyright[] = "Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium."; static char arr [] = "All rights reserved."; -static char message [] = "Internet Software Consortium DHCP Server V3.0-alpha 980214"; +static char message [] = "Internet Software Consortium DHCP Server V3.0-alpha 980225"; static char contrib [] = "\nPlease contribute if you find this software useful."; static char url [] = "For info, please visit http://www.isc.org/dhcp-contrib.html\n"; @@ -274,7 +274,7 @@ int main (argc, argv, envp) db_startup (); /* Discover all the network interfaces and initialize them. */ - discover_interfaces (1); + discover_interfaces (DISCOVER_SERVER); /* Initialize icmp support... */ icmp_startup (1, lease_pinged); @@ -297,7 +297,7 @@ int main (argc, argv, envp) /* If the previous server process is not still running, write a new pid file immediately. */ - if (pid && kill (pid, 0) < 0) { + if (pid && (pid == getpid() || kill (pid, 0) < 0)) { unlink (path_dhcpd_pid); if ((i = open (path_dhcpd_pid, O_WRONLY | O_CREAT, 0640)) >= 0) { diff --git a/server/dhcpd.cat8 b/server/dhcpd.cat8 index ec7028e59..06a7ed7c4 100644 --- a/server/dhcpd.cat8 +++ b/server/dhcpd.cat8 @@ -20,6 +20,11 @@ DDEESSCCRRIIPPTTIIOONN work to which they are attached. BOOTP provides similar functionality, with certain restrictions. +CCOONNTTRRIIBBUUTTIIOONNSS + Development of this software is funded through contribu­ + tions and support contracts. Please see ddhhccpp--ccoonnttrriibb((55)) + for information on how you can contribute. + OOPPEERRAATTIIOONN The DHCP protocol allows a host which is unknown to the network administrator to be automatically assigned a new @@ -52,12 +57,7 @@ OOPPEERRAATTIIOONN refresh its memory about what leases have been assigned. New leases are appended to the end of the dhcpd.leases - file. In order to prevent the file from becoming arbi­ - trarily large, from time to time dhcpd creates a new - dhcpd.leases file from its in-core lease database. Once - this file has been written to disk, the old file is - renamed _d_h_c_p_d_._l_e_a_s_e_s_~, and the new file is renamed - dhcpd.leases. If the system crashes in the middle of + file. In order to prevent the file from becoming @@ -70,6 +70,11 @@ OOPPEERRAATTIIOONN dhcpd(8) dhcpd(8) + arbitrarily large, from time to time dhcpd creates a new + dhcpd.leases file from its in-core lease database. Once + this file has been written to disk, the old file is + renamed _d_h_c_p_d_._l_e_a_s_e_s_~, and the new file is renamed + dhcpd.leases. If the system crashes in the middle of this process, whichever dhcpd.leases file remains will contain all the lease information, so there is no need for a special crash recovery process. @@ -119,11 +124,6 @@ CCOOMMMMAANNDD LLIINNEE cast interfaces if possible, and listen for DHCP broad­ casts on each interface. - If dhcpd should listen on a port other than the standard - (port 67), the --pp flag may used. It should be followed by - the udp port number on which dhcpd should listen. This is - mostly useful for debugging purposes. - @@ -136,6 +136,11 @@ CCOOMMMMAANNDD LLIINNEE dhcpd(8) dhcpd(8) + If dhcpd should listen on a port other than the standard + (port 67), the --pp flag may used. It should be followed by + the udp port number on which dhcpd should listen. This is + mostly useful for debugging purposes. + To run dhcpd as a foreground process, rather than allowing it to run as a daemon in the background, the --ff flag should be specified. This is useful when running dhcpd @@ -185,11 +190,6 @@ SSuubbnneettss Multiple address ranges may be specified like this: subnet 239.252.197.0 netmask 255.255.255.0 { - range 239.252.197.10 239.252.197.107; - range 239.252.197.113 239.252.197.250; - } - - If a subnet will only be provided with BOOTP service and @@ -202,6 +202,11 @@ SSuubbnneettss dhcpd(8) dhcpd(8) + range 239.252.197.10 239.252.197.107; + range 239.252.197.113 239.252.197.250; + } + + If a subnet will only be provided with BOOTP service and no dynamic address assignment, the range clause can be left out entirely, but the subnet statement must appear. @@ -251,11 +256,6 @@ BBOOOOTTPP SSuuppppoorrtt and the IP address to assign to that client. If the client needs to be able to load a boot file from the server, that file's name must be specified. A simple - bootp client declaration might look like this: - - host haagen { - hardware ethernet 08:00:2b:4c:59:23; - fixed-address 239.252.197.9; @@ -268,6 +268,11 @@ BBOOOOTTPP SSuuppppoorrtt dhcpd(8) dhcpd(8) + bootp client declaration might look like this: + + host haagen { + hardware ethernet 08:00:2b:4c:59:23; + fixed-address 239.252.197.9; filename "/tftpboot/haagen.boot"; } @@ -316,12 +321,7 @@ FFIILLEESS //eettcc//ddhhccppdd..ccoonnff,, //vvaarr//ddbb//ddhhccppdd..lleeaasseess,, //vvaarr//rruunn//ddhhccppdd..ppiidd,, //vvaarr//ddbb//ddhhccppdd..lleeaasseess~~.. -SSEEEE AALLSSOO - dhclient(8), dhcrelay(8), dhcpd.conf(5), dhcpd.leases(5) -AAUUTTHHOORR - ddhhccppdd((88)) was written by Ted Lemon under a - contract with Vixie Labs. Funding for this project was @@ -334,6 +334,12 @@ AAUUTTHHOORR dhcpd(8) dhcpd(8) +SSEEEE AALLSSOO + dhclient(8), dhcrelay(8), dhcpd.conf(5), dhcpd.leases(5) + +AAUUTTHHOORR + ddhhccppdd((88)) was written by Ted Lemon under a + contract with Vixie Labs. Funding for this project was provided by the Internet Software Corporation. Informa­ tion about the Internet Software Consortium can be found at hhttttpp::////wwwwww..iisscc..oorrgg//iisscc.. @@ -378,12 +384,6 @@ dhcpd(8) dhcpd(8) - - - - - - diff --git a/server/dhcpd.conf b/server/dhcpd.conf index 596f750cc..d58d54d6e 100644 --- a/server/dhcpd.conf +++ b/server/dhcpd.conf @@ -1,15 +1,8 @@ # dhcpd.conf # -# Configuration file for ISC dhcpd +# Sample configuration file for ISC dhcpd # -# Hosts with more than one interface MUST specify a ``server-identifier'', -# which should be the IP address of the server's primary network interface, -# or if there is no interface that can be described that way, at least an -# interface whose address isn't likely to change. - -server-identifier toccata.fugue.com; - # option definitions common to all supported networks... option domain-name "fugue.com"; option domain-name-servers toccata.fugue.com; @@ -18,25 +11,13 @@ option subnet-mask 255.255.255.224; default-lease-time 600; max-lease-time 7200; -# Address ranges can be specified for each subnet attached to -# a shared network. Since these subnets share the same physical -# network, addresses are pooled together, and assignments are made -# without regard to the actual subnet. If the optional dynamic-bootp -# keyword is given in the address range declaration, then addresses -# in that range can be assigned either with the DHCP protocol or the -# BOOTP protocol; otherwise, only DHCP clients will have addresses -# allocated from the address range. -# -# Note that each IP subnet can have its own options specific to that subnet. -# options that aren't specified in the subnet are taken from the shared -# network (if any) and then from the global option list. - subnet 204.254.239.0 netmask 255.255.255.224 { range 204.254.239.10 204.254.239.20; option broadcast-address 204.254.239.31; option routers prelude.fugue.com; } +# The other subnet that shares this physical network subnet 204.254.239.32 netmask 255.255.255.224 { range dynamic-bootp 204.254.239.10 204.254.239.20; option broadcast-address 204.254.239.31; diff --git a/server/dhcpd.conf.5 b/server/dhcpd.conf.5 index 545943e28..582c31c36 100644 --- a/server/dhcpd.conf.5 +++ b/server/dhcpd.conf.5 @@ -758,10 +758,18 @@ The use of the server-identifier statement is not recommended - the only reason to use it is to force a value other than the default value to be sent on occasions where the default value would be incorrect. The default value is the first IP address associated with the physical network interface -on which the request arrived. The usual case where the +on which the request arrived. +.PP +The usual case where the \fIserver-identifier\fR statement needs to be sent is when a physical interface has more than one IP address, and the one being sent by default isn't appropriate for some or all clients served by that interface. +Another common case is when an alias is defined for the purpose of +having a consistent IP address for the DHCP server, and it is desired +that the clients use this IP address when contacting the server. +.PP +Supplying a value for the dhcp-server-identifier option is equivalent +to using the server-identifier statement. .SH REFERENCE: OPTION STATEMENTS .PP DHCP option statements are documented in the diff --git a/server/dhcpd.conf.cat5 b/server/dhcpd.conf.cat5 index c7e198557..2b3cd6308 100644 --- a/server/dhcpd.conf.cat5 +++ b/server/dhcpd.conf.cat5 @@ -505,21 +505,21 @@ RREEFFEERREENNCCEE:: PPAARRAAMMEETTEERRSS mmaaxx--lleeaassee--ttiimmee _t_i_m_e;; _T_i_m_e should be the maximum length in seconds that will be - assigned to a lease if the client requesting the lease - asks for a specific expiration time. + assigned to a lease. The only exception to this is that + Dynamic BOOTP lease lengths, which are not specified by + the client, are not limited by this maximum. - TThhee _h_a_r_d_w_a_r_e ssttaatteemmeenntt + TThhee _m_i_n_-_l_e_a_s_e_-_t_i_m_e ssttaatteemmeenntt - hhaarrddwwaarree _h_a_r_d_w_a_r_e_-_t_y_p_e _h_a_r_d_w_a_r_e_-_a_d_d_r_e_s_s;; + mmiinn--lleeaassee--ttiimmee _t_i_m_e;; + + _T_i_m_e should be the minimum length in seconds that will be + assigned to a lease. + + TThhee _m_i_n_-_s_e_c_s ssttaatteemmeenntt + + mmiinn--sseeccss _s_e_c_o_n_d_s;; - In order for a BOOTP client to be recognized, its network - hardware address must be declared using a _h_a_r_d_w_a_r_e clause - in the _h_o_s_t statement. _h_a_r_d_w_a_r_e_-_t_y_p_e must be the name of - a physical hardware interface type. Currently, only the - eetthheerrnneett type is recognized, although support for ttookkeenn-- - rriinngg and ffddddii hardware types would also be desirable. The - _h_a_r_d_w_a_r_e_-_a_d_d_r_e_s_s should be a set of hexadecimal octets - (numbers from 0 through ff) seperated by colons. The @@ -532,16 +532,47 @@ RREEFFEERREENNCCEE:: PPAARRAAMMEETTEERRSS dhcpd.conf(5) dhcpd.conf(5) - _h_a_r_d_w_a_r_e_f_R _s_t_a_t_e_m_e_n_t _m_a_y _a_l_s_o _b_e _u_s_e_d _f_o_r _D_H_C_P _c_l_i_e_n_t_s_. + _S_e_c_o_n_d_s should be the minimum number of seconds since a + client began trying to acquire a new lease before the DHCP + server will respond to its request. The number of seconds + is based on what the client reports, and the maximum value + that the client can report is 255 seconds. Generally, + setting this to one will result in the DHCP server not + responding to the client's first request, but always + responding to its second request. + + This can be used to set up a secondary DHCP server which + never offers an address to a client until the primary + server has been given a chance to do so. If the primary + server is down, the client will bind to the secondary + server, but otherwise clients should always bind to the + primary. Note that this does not, by itself, permit a + primary server and a secondary server to share a pool of + dynamically-allocatable addresses. + + TThhee _h_a_r_d_w_a_r_e ssttaatteemmeenntt + + hhaarrddwwaarree _h_a_r_d_w_a_r_e_-_t_y_p_e _h_a_r_d_w_a_r_e_-_a_d_d_r_e_s_s;; + + In order for a BOOTP client to be recognized, its network + hardware address must be declared using a _h_a_r_d_w_a_r_e clause + in the _h_o_s_t statement. _h_a_r_d_w_a_r_e_-_t_y_p_e must be the name of + a physical hardware interface type. Currently, only the + eetthheerrnneett and ttookkeenn--rriinngg types are recognized, although + support for a ffddddii hardware type (and others) would also + be desirable. The _h_a_r_d_w_a_r_e_-_a_d_d_r_e_s_s should be a set of + hexadecimal octets (numbers from 0 through ff) seperated + by colons. The _h_a_r_d_w_a_r_e_f_R _s_t_a_t_e_m_e_n_t _m_a_y _a_l_s_o _b_e _u_s_e_d _f_o_r + _D_H_C_P _c_l_i_e_n_t_s_. TThhee _f_i_l_e_n_a_m_e ssttaatteemmeenntt ffiilleennaammee ""_f_i_l_e_n_a_m_e"";; - The _f_i_l_e_n_a_m_e statement can be used to specify the name of - the initial boot file which is to be loaded by a client. + The _f_i_l_e_n_a_m_e statement can be used to specify the name of + the initial boot file which is to be loaded by a client. The _f_i_l_e_n_a_m_e should be a filename recognizable to whatever - file transfer protocol the client can be expected to use + file transfer protocol the client can be expected to use to load the file. TThhee _s_e_r_v_e_r_-_n_a_m_e ssttaatteemmeenntt @@ -556,25 +587,36 @@ dhcpd.conf(5) dhcpd.conf(5) nneexxtt--sseerrvveerr _s_e_r_v_e_r_-_n_a_m_e;; - The _n_e_x_t_-_s_e_r_v_e_r statement is used to specify the host - address of the server from which the initial boot file - (specified in the _f_i_l_e_n_a_m_e statement) is to be loaded. - _S_e_r_v_e_r_-_n_a_m_e should be a numeric IP address or a domain - name. If no _n_e_x_t_-_s_e_r_v_e_r parameter applies to a given + + + 9 + + + + + +dhcpd.conf(5) dhcpd.conf(5) + + + The _n_e_x_t_-_s_e_r_v_e_r statement is used to specify the host + address of the server from which the initial boot file + (specified in the _f_i_l_e_n_a_m_e statement) is to be loaded. + _S_e_r_v_e_r_-_n_a_m_e should be a numeric IP address or a domain + name. If no _n_e_x_t_-_s_e_r_v_e_r parameter applies to a given client, the DHCP server's IP address is used. TThhee _f_i_x_e_d_-_a_d_d_r_e_s_s ssttaatteemmeenntt ffiixxeedd--aaddddrreessss _a_d_d_r_e_s_s [,, _a_d_d_r_e_s_s ... ];; - The _f_i_x_e_d_-_a_d_d_r_e_s_s statement is used to assign one or more - fixed IP addresses to a client. It should only appear in + The _f_i_x_e_d_-_a_d_d_r_e_s_s statement is used to assign one or more + fixed IP addresses to a client. It should only appear in a _h_o_s_t declaration. If more than one address is supplied, - then when the client boots, it will be assigned the - address which corresponds to the network on which it is - booting. If none of the addresses in the _f_i_x_e_d_-_a_d_d_r_e_s_s - statement are on the network on which the client is boot­ - ing, that client will not match the _h_o_s_t declaration con­ + then when the client boots, it will be assigned the + address which corresponds to the network on which it is + booting. If none of the addresses in the _f_i_x_e_d_-_a_d_d_r_e_s_s + statement are on the network on which the client is boot­ + ing, that client will not match the _h_o_s_t declaration con­ taining that _f_i_x_e_d_-_a_d_d_r_e_s_s statement. Each _a_d_d_r_e_s_s should be either an IP address or a domain name which resolves to one or more IP addresses. @@ -583,25 +625,13 @@ dhcpd.conf(5) dhcpd.conf(5) ddyynnaammiicc--bboooottpp--lleeaassee--ccuuttooffff _d_a_t_e;; - The _d_y_n_a_m_i_c_-_b_o_o_t_p_-_l_e_a_s_e_-_c_u_t_o_f_f statement sets the ending + The _d_y_n_a_m_i_c_-_b_o_o_t_p_-_l_e_a_s_e_-_c_u_t_o_f_f statement sets the ending time for all leases assigned dynamically to BOOTP clients. - Because BOOTP clients do not have any way of renewing - - - - 9 - - - - - -dhcpd.conf(5) dhcpd.conf(5) - - - leases, and don't know that their leases could expire, by + Because BOOTP clients do not have any way of renewing + leases, and don't know that their leases could expire, by default dhcpd assignes infinite leases to all BOOTP clients. However, it may make sense in some situations to - set a cutoff date for all BOOTP leases - for example, the + set a cutoff date for all BOOTP leases - for example, the end of a school term, or the time at night when a facility is closed and all machines are required to be powered off. @@ -610,61 +640,61 @@ dhcpd.conf(5) dhcpd.conf(5) W YYYY/MM/DD HH:MM:SS - W is the day of the week expressed as a number from zero - (Sunday) to six (Saturday). YYYY is the year, including + W is the day of the week expressed as a number from zero + (Sunday) to six (Saturday). YYYY is the year, including the century. MM is the month expressed as a number from 1 - to 12. DD is the day of the month, counting from 1. HH - is the hour, from zero to 23. MM is the minute and SS is - the second. The time is always in Greenwich Mean Time + to 12. DD is the day of the month, counting from 1. HH + is the hour, from zero to 23. MM is the minute and SS is + the second. The time is always in Greenwich Mean Time (GMT), not local time. TThhee _d_y_n_a_m_i_c_-_b_o_o_t_p_-_l_e_a_s_e_-_l_e_n_g_t_h ssttaatteemmeenntt ddyynnaammiicc--bboooottpp--lleeaassee--lleennggtthh _l_e_n_g_t_h;; - The _d_y_n_a_m_i_c_-_b_o_o_t_p_-_l_e_a_s_e_-_l_e_n_g_t_h statement is used to set - the length of leases dynamically assigned to BOOTP - clients. At some sites, it may be possible to assume - that a lease is no longer in use if its holder has not - used BOOTP or DHCP to get its address within a certain - time period. The period is specified in _l_e_n_g_t_h as a num­ - ber of seconds. If a client reboots using BOOTP during - the timeout period, the lease duration is reset to _l_e_n_g_t_h, - so a BOOTP client that boots frequently enough will never - lose its lease. Needless to say, this parameter should be - adjusted with extreme caution. - TThhee _g_e_t_-_l_e_a_s_e_-_h_o_s_t_n_a_m_e_s ssttaatteemmeenntt - ggeett--lleeaassee--hhoossttnnaammeess _f_l_a_g;; - The _g_e_t_-_l_e_a_s_e_-_h_o_s_t_n_a_m_e_s statement is used to tell dhcpd - whether or not to look up the domain name corresponding to - the IP address of each address in the lease pool and use - that address for the DHCP _h_o_s_t_n_a_m_e option. If _f_l_a_g is - true, then this lookup is done for all addresses in the - current scope. By default, or if _f_l_a_g is false, no - lookups are done. + 10 - TThhee _u_s_e_-_h_o_s_t_-_d_e_c_l_-_n_a_m_e_s ssttaatteemmeenntt - uussee--hhoosstt--ddeeccll--nnaammeess _f_l_a_g;; - If the _u_s_e_-_h_o_s_t_-_d_e_c_l_-_n_a_m_e_s parameter is true in a given - scope, then for every host declaration within that scope, +dhcpd.conf(5) dhcpd.conf(5) - 10 + The _d_y_n_a_m_i_c_-_b_o_o_t_p_-_l_e_a_s_e_-_l_e_n_g_t_h statement is used to set + the length of leases dynamically assigned to BOOTP + clients. At some sites, it may be possible to assume + that a lease is no longer in use if its holder has not + used BOOTP or DHCP to get its address within a certain + time period. The period is specified in _l_e_n_g_t_h as a num­ + ber of seconds. If a client reboots using BOOTP during + the timeout period, the lease duration is reset to _l_e_n_g_t_h, + so a BOOTP client that boots frequently enough will never + lose its lease. Needless to say, this parameter should be + adjusted with extreme caution. + TThhee _g_e_t_-_l_e_a_s_e_-_h_o_s_t_n_a_m_e_s ssttaatteemmeenntt + ggeett--lleeaassee--hhoossttnnaammeess _f_l_a_g;; + The _g_e_t_-_l_e_a_s_e_-_h_o_s_t_n_a_m_e_s statement is used to tell dhcpd + whether or not to look up the domain name corresponding to + the IP address of each address in the lease pool and use + that address for the DHCP _h_o_s_t_n_a_m_e option. If _f_l_a_g is + true, then this lookup is done for all addresses in the + current scope. By default, or if _f_l_a_g is false, no + lookups are done. -dhcpd.conf(5) dhcpd.conf(5) + TThhee _u_s_e_-_h_o_s_t_-_d_e_c_l_-_n_a_m_e_s ssttaatteemmeenntt + uussee--hhoosstt--ddeeccll--nnaammeess _f_l_a_g;; - the name provided for the host declaration will be sup­ + If the _u_s_e_-_h_o_s_t_-_d_e_c_l_-_n_a_m_e_s parameter is true in a given + scope, then for every host declaration within that scope, + the name provided for the host declaration will be sup­ plied to the client as its hostname. So, for example, group { @@ -684,15 +714,109 @@ dhcpd.conf(5) dhcpd.conf(5) option host-name "joe"; } - An _o_p_t_i_o_n _h_o_s_t_-_n_a_m_e statement within a host declaration + An _o_p_t_i_o_n _h_o_s_t_-_n_a_m_e statement within a host declaration will override the use of the name in the host declaration. + TThhee _a_u_t_h_o_r_i_t_a_t_i_v_e ssttaatteemmeenntt + + + + 11 + + + + + +dhcpd.conf(5) dhcpd.conf(5) + + + aauutthhoorriittaattiivvee;; + + nnoott aauutthhoorriittaattiivvee;; + + The DHCP server will normally assume that the configura­ + tion information about a given network segment is known to + be correct and is authoritative. So if a client requests + an IP address on a given network segment that the server + knows is not valid for that segment, the server will + respond with a DHCPNAK message, causing the client to for­ + get its IP address and try to get a new one. + + If a DHCP server is being configured by somebody who is + not the network administrator and who therefore does not + wish to assert this level of authority, then the statement + "not authoritative" should be written in the appropriate + scope in the configuration file. + + Usually, writing nnoott aauutthhoorriittaattiivvee;; at the top level of + the file should be sufficient. However, if a DHCP server + is to be set up so that it is aware of some networks for + which it is authoritative and some networks for which it + is not, it may be more appropriate to declare authority on + a per-network-segment basis. + + Note that the most specific scope for which the concept of + authority makes any sense is the physical network segment + - either a shared-network statement or a subnet statement + that is not contained within a shared-network statement. + It is not meaningful to specify that the server is author­ + itative for some subnets within a shared network, but not + authoritative for others, nor is it meaningful to specify + that the server is authoritative for some host declara­ + tions and not others. + + TThhee _u_s_e_-_l_e_a_s_e_-_a_d_d_r_-_f_o_r_-_d_e_f_a_u_l_t_-_r_o_u_t_e ssttaatteemmeenntt + + uussee--lleeaassee--aaddddrr--ffoorr--ddeeffaauulltt--rroouuttee _f_l_a_g;; + + If the _u_s_e_-_l_e_a_s_e_-_a_d_d_r_-_f_o_r_-_d_e_f_a_u_l_t_-_r_o_u_t_e parameter is true + in a given scope, then instead of sending the value speci­ + fied in the routers option (or sending no value at all), + the IP address of the lease being assigned is sent to the + client. This supposedly causes Win95 machines to ARP for + all IP addresses, which can be helpful if your router is + configured for proxy ARP. + TThhee _s_e_r_v_e_r_-_i_d_e_n_t_i_f_i_e_r ssttaatteemmeenntt sseerrvveerr--iiddeennttiiffiieerr _h_o_s_t_n_a_m_e;; - The server-identifier statement is now obsolete and is - ignored by the DHCP server. + The server-identifier statement can be used to define the + value that is sent in the DHCP Server Identifier option + for a given scope. The value specified mmuusstt be an IP + + + + 12 + + + + + +dhcpd.conf(5) dhcpd.conf(5) + + + address for the DHCP server, and must be reachable by all + clients served by a particular scope. + + The use of the server-identifier statement is not recom­ + mended - the only reason to use it is to force a value + other than the default value to be sent on occasions where + the default value would be incorrect. The default value + is the first IP address associated with the physical net­ + work interface on which the request arrived. + + The usual case where the _s_e_r_v_e_r_-_i_d_e_n_t_i_f_i_e_r statement needs + to be sent is when a physical interface has more than one + IP address, and the one being sent by default isn't appro­ + priate for some or all clients served by that interface. + Another common case is when an alias is defined for the + purpose of having a consistent IP address for the DHCP + server, and it is desired that the clients use this IP + address when contacting the server. + + Supplying a value for the dhcp-server-identifier option is + equivalent to using the server-identifier statement. RREEFFEERREENNCCEE:: OOPPTTIIOONN SSTTAATTEEMMEENNTTSS DHCP option statements are documented in the ddhhccpp-- @@ -721,6 +845,14 @@ AAUUTTHHOORR - 11 + + + + + + + + + 13 diff --git a/server/dhcpd.leases.cat5 b/server/dhcpd.leases.cat5 index 9aab943a6..f509e6221 100644 --- a/server/dhcpd.leases.cat5 +++ b/server/dhcpd.leases.cat5 @@ -10,39 +10,161 @@ NNAAMMEE DDEESSCCRRIIPPTTIIOONN The Internet Software Consortium DHCP Server keeps a per­ sistent database of leases that it has assigned. This - database is a free-form ASCII file containing one valid - declaration per lease. If more than one declaration - appears for a given lease, the last one in the file is - used. The file is written as a log, so this is not an - unusual occurrance. + database is a free-form ASCII file containing a series of + lease declarations. Every time a lease is acquired, + renewed or released, its new value is recorded at the end + of the lease file. So if more than one declaration + appears for a given lease, the last one in the file is the + current one. When dhcpd is first installed, there is no lease database. - However, dhcpd requires that a lease database be present + However, dhcpd requires that a lease database be present before it will start. To make the initial lease database, just create an empty file called /var/db/dhcpd.leases. - In order to prevent the lease database from growing with­ - out bound, the file is rewritten from time to time. + In order to prevent the lease database from growing with­ + out bound, the file is rewritten from time to time. First, a temporary lease database is created and all known leases are dumped to it. Then, the old lease database is - renamed /var/db/dhcpd.leases~. Finally, the newly writ­ + renamed /var/db/dhcpd.leases~. Finally, the newly writ­ ten lease database is moved into place. There is a window of vulnerability where if the dhcpd pro­ - cess is killed or the system crashes after the old lease - database has been renamed but before the new one has been - moved into place, there will be no /var/db/dhcpd.leases. + cess is killed or the system crashes after the old lease + database has been renamed but before the new one has been + moved into place, there will be no /var/db/dhcpd.leases. In this case, dhcpd will refuse to start, and will require - manual intervention. DDOO NNOOTT simply create a new lease + manual intervention. DDOO NNOOTT simply create a new lease file when this happens - if you do, you will lose all your - old bindings, and chaos will ensue. Instead, rename - /var/db/dhcpd.leases~ to /var/db/dhcpd.leases, restoring - the old, valid lease file, and then start dhcpd. This + old bindings, and chaos will ensue. Instead, rename + /var/db/dhcpd.leases~ to /var/db/dhcpd.leases, restoring + the old, valid lease file, and then start dhcpd. This guarantees that a valid lease file will be restored. FFOORRMMAATT - The format of the lease declarations is not currently doc­ - umented. + Lease descriptions are stored in a format that is parsed + by the same recursive descent parser used to read the + ddhhccppdd..ccoonnff((55)) and ddhhcclliieenntt..ccoonnff((55)) files. Currently, the + only declaration that is used in the dhcpd.leases file is + the lleeaassee declaration. + + lleeaassee _i_p_-_a_d_d_r_e_s_s {{ _s_t_a_t_e_m_e_n_t_s_._._. }} + + Each lease declaration include the single IP address that + has been leased to the client. The statements within the + braces define the duration of the lease and to whom it is + assigned. + + The start and end time of a lease are recorded using the + ``starts'' and ``ends'' statements: + + + + + 1 + + + + + +dhcpd.leases(5) dhcpd.leases(5) + + + ssttaarrttss _d_a_t_e;; + eennddss _d_a_t_e;; + + Dates are specified as follows: + + _w_e_e_k_d_a_y _y_e_a_r//_m_o_n_t_h//_d_a_y _h_o_u_r::_m_i_n_u_t_e::_s_e_c_o_n_d + + The weekday is present to make it easy for a human to tell + when a lease expires - it's specified as a number from + zero to six, with zero being Sunday. The day of week is + ignored on input. The year is specified with the century, + so it should generally be four digits except for really + long leases. The month is specified as a number starting + with 1 for January. The day of the month is likewise + specified starting with 1. The hour is a number between 0 + and 23, the minute a number between 0 and 59, and the sec­ + ond also a number between 0 and 59. + + Lease times are specified in Greenwich Mean Time (GMT), + not in the local time zone. Since Greenwich is actually + on Daylight Savings Time part of the year, there is proba­ + bly nowhere in the world where the times recorded on a + lease are always the same as wall clock times. On a unix + machine, one can often figure out the current time in GMT + by typing ddaattee --uu. + + The MAC address of the network interface that was used to + acquire the lease is recorded with the hhaarrddwwaarree statement: + + hhaarrddwwaarree _h_a_r_d_w_a_r_e_-_t_y_p_e _m_a_c_-_a_d_d_r_e_s_s;; + + The MAC address is specified as a series of hexadecimal + octets, seperated by colons. + + If the client used a client identifier to acquire its + address, the client identifier is recorded using the uuiidd + statement: + + uuiidd _c_l_i_e_n_t_-_i_d_e_n_t_i_f_i_e_r;; + + The client identifier is recorded as a series of hexadeci­ + mal octets, regardless of whether the client specifies an + ASCII string or uses the newer hardware type/MAC address + format. + + If the client sends a hostname using the _C_l_i_e_n_t _H_o_s_t_n_a_m_e + option, as specified in some versions of the DHCP-DNS + Interaction draft, that hostname is recorded using the + cclliieenntt--hhoossttnnaammee statement. + + cclliieenntt--hhoossttnnaammee ""_h_o_s_t_n_a_m_e"";; + + If the client sends its hostname using the _H_o_s_t_n_a_m_e + option, as Windows 95 does, it is recorded using the + + + + 2 + + + + + +dhcpd.leases(5) dhcpd.leases(5) + + + hhoossttnnaammee statement. + + hhoossttnnaammee ""_h_o_s_t_n_a_m_e"";; + + The DHCP server may determine that a lease has been mis­ + used in some way, either because a client that has been + assigned a lease NAKs it, or because the server's own + attempt to see if an address is in use prior to reusing it + reveals that the address is in fact already in use. In + that case, the aabbaannddoonneedd statement will be used to indi­ + cate that the lease should not be reassigned. + + aabbaannddoonneedd;; + + Abandoned leases are reclaimed automatically. When a + client asks for a new address, and the server finds that + there are no new addresses, it checks to see if there are + any abandoned leases, and allocates the least recently + abandoned lease. The standard mechanisms for checking + for lease address conflicts are still followed, so if the + abandoned lease's IP address is still in use, it will be + reabandoned. + + If a client rreeqquueessttss an abandoned address, the server + assumes that the reason the address was abandoned was that + the lease file was corrupted, and that the client is the + machine that responded when the lease was probed, causing + it to be abandoned. In that case, the address is immedi­ + ately assigned to the client. FFIILLEESS //vvaarr//ddbb//ddhhccppdd..lleeaasseess @@ -61,6 +183,16 @@ AAUUTTHHOORR - 1 + + + + + + + + + + + 3