Patch for 36810 & 20352
This coves several related problems
1) When the primary is in conflict done it allows the secondary to
transition around resolution interrupted and potentical conflict previously
the primary would die on an illegal state.
2) It allows the servers to restart a bind update request. Previously if
one of the servers sent an udpate request and there died (or had the communications
interrupted) in some states the first server wouldn't retransmit a new
update request and the other server wouldn't send any bind updates. This
was noticed in potential conflict.
3) Updated the state transitions to move the leases on the ack queue
back to the update queue in case of conflict-done as we might need to
retransmit them all.
4) Updated a transition from startup to potentical conflict instead
of resolution interrupted when the servers reconnect during the startup
phase in order to avoid a diffferent dead lock.
As part of 4.2.0 we renamed a number of errors but continued
to include the old ones in case somebody was building something
using our libraries. This #ifdefs them and by defaults removes them
from the compile.
Resore the R_MULTIPLE #define so we have the same code
in final as we did in rc1.
Change the bind.sh file so we use 9.9.5-P1 for testing master, 4.2 and 4.3
until we do remove the #define
Add a define to disable the gentle shutdown feature by default.
The feature has some effects (recover-wait in failvoer pairs)
and release in clients that are always desired. We plan to
revisit this in order to make it easier to use but with the
define it can be enabled if necessary.
Add support to set high and low thresholds for pools for
v4 and v6. A message will be emitted when the usage of
the pool first exceeds the high threshold. More messages
will be skipped until the usage has gone below the low
threshold and then back above the high threshold.
Add the "-df <duid file>" option to the client code in order
to make it easier to share DUIDs between a v4 instance and
a v6 instance. This option instructs the client to search
the duid file for a DUID if it didn't find one in the main
lease file.
In addition add the infrastructure for running ATF tests
for the client and write some ATF tests for this patch.
18933 - add an extra server by name call
26735 - when requested via a command line option
have client exit afer 1 failure per the docs
33098 - expose next-server option to dhclient script
Tidy up several small tickets
Correct parsing of DUID from config file, previously the LL type
was put in the wrong place in the DUID string.
[ISC-Bugs #20962]
Add code to parse "do-forward-updates" as well as "do-forward-update"
[ISC-Bugs #31328]
Remove log_priority as it isn't currently used.
[ISC-Bugs #33397]
Increase the size of the buffer used for reading interface information.
[ISC-Bugs #34858]
Instead of duplicating more third-party licenses here in LICENSE
file (there are many), just generically suggest to see the other files.
Per the md5 copyright license agreement, add mention of
required verbatim advertising statement in the release notes and
readme.
In the RELNOTES, I also mention ISC is open source software.
In the README, I added a HISTORY section and placed that
advertising statement there. If the HISTORY section is not wanted,
then remove it and just mention the required verbatim advertising statement.
By the way, some good history is in old READMEs and at
http://hack.org/mc/texts/dhcp-freenix.txt
(but I can't find the official hosted Lemon version of that paper).
Remove the advertising clause from the historical BSD
code copyrighted by The Regents of the University of California.
For details see
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
(To summarize: in 1999, the University said that distributors
are no longer required to acknowledge within advertising and the
paragraph in the license may be deleted.)
Update the auto genrated files to add the required bind9
libraries
Fix up dhcpctl/Makefile.am to include the isccfg lib
Patch for 30461 to allow the DHCP server to find
the name server to update via the DNS
Conflicts:
[rt27912]
Add code to suppor on {commit expiry release} statements for DHCPv6.
There are several pieces to this change
1) Add space in the iasubopt structure to hold the statement pointers
2) Update the execute code to fill in the structures as necessary
3) Execute the statements when appropriate
Many of the changes in the non-v6 code are to pass the v6 structures
around to the execute code.
+- Add support for a simple check that the server id in a request message
+ to a failover peer matches the server id of the server. This support
+ is enabled by editing the file includes/site.h and uncommenting the
+ definition for SERVER_ID_CHECK. The option has several restrictions
+ and issues - please read the comment in the site.h file before
+ enabling it.
+ [ISC-Bugs #31463]
The client now passes information about the options it requested
from the server to the script code via environment variables.
These variables are of the form requested_<option_name>=1 with
the option name being the same as used in the new_* and old_*
variables. [ISC-Bugs #29068]
into a hardware address handle unexpected client ids properly.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29852]
CVE: CVE-2012-3570
length client ids to be processed. Under some situations use of
zero length client ids can cause the server to go into an infinite
loop. As such ids are not valid according to RFC 2132 section 9.14
the server no longer accepts them. Client ids with a length of 1
are also invalid but the server still accepts them in order to
minimize disruption. The restriction will likely be tightened in
the future to disallow ids with a length of 1.
Thanks to Markus Hietava of Codenomicon CROSS project for the
finding this issue and CERT-FI for vulnerability coordination.
[ISC-Bugs #29851]
CVE: CVE-2012-3571
was used is now solved on GNU/Linux, BSD and GNU/Hurd systems. Note
that use-sockets feature was not tested on those systems. Client and
server code no longer use MAX_PATH constant that is not defined on
GNU/Hurd systems. [ISC-Bugs 25979]
