[rt26311]
Fix the issue with DDNS by checking to see if we have added a pointer
to the ddns_cb and skipping the cache threshold check if we did. Also
expand and correct the cache threshold check into the delayed ack code.
+- Add support for a simple check that the server id in a request message
+ to a failover peer matches the server id of the server. This support
+ is enabled by editing the file includes/site.h and uncommenting the
+ definition for SERVER_ID_CHECK. The option has several restrictions
+ and issues - please read the comment in the site.h file before
+ enabling it.
+ [ISC-Bugs #31463]
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
buffer space for bootp and use a better constant - DHCP packet
size instead of DHCP packet size + udp and iP headers.
Check that we have a packet->options structure before using it.
Only process packets that are longer than a bootp fixed packet
including server and file names. Previously we allowed for
shorter packets but that wasn't working and nobody noticed.
has elapsed (default 25%), the server will reuse the allocated lease
(provide a lease within the currently allocated lease-time) rather
than extend or renew the lease. This absolves the server of needing
to perform an fsync() operation on the lease database before reply,
which improves performance. [ISC-Bugs #22228]
- set initial delay to 0 to speed up client start
- added 'initial-delay' parameter to possibly revert to old behavior
- better handling of very short (1 or 2s) leases
- client lease records are recorded at most once every 15 seconds
- ICMP ping-check is now timed more precisely
- Servers that don't offer lease-time are now black-listed
[ISC-Bugs #19660]
[ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
the name to be at the apex of the zone.
[ISC-Bugs #19617] Restrict length of interface name read from command line
in dhcpd - based on a patch from David Cantrell at Red Hat.
[ISC-Bugs #20039] Correct some error messages in dhcpd.c
[ISC-Bugs #20070] Better range check on values when creating a DHCID.
[ISC-Bugs #20198] Avoid writing past the end of the field when adding
overly long file or server names to a packet and add a log message
if the configuration supplied overly long names for these fields.
[ISC-Bugs #21497] Add a little more randomness to rng seed in client
was also configured. The nature of this repair also fixes another
error; the host-name supplied by a client is no longer overridden by a
reverse lookup of the lease address. Thanks to a patch from Wilco Baan
Hofman supplied to us by the Debian package maintenance team.
[ISC-Bugs #21691] {Debian Bug#509445}
which permits a DHCP server operating in communications-interrupted state
to 'rewind' a lease to the state most recently transmitted to its peer,
greatly increasing a server's endurance in communications-interrupted.
This is supported using a new 'rewind state' record on the dhcpd.leases
entry for each lease. [ISC-Bugs #19601]
leak ~20-30 octets per DHCPDISCOVER packet while failover was in use
and in normal state. [ISC-Bugs #19548]
- Various compilation fixes have been included for the memory related
DEBUG #defines in includes/site.h. [ISC-Bugs #19548]
This feature is simply too experimental for right now, and causes
some problems to some failover installations. We will revisit this
in future releases. [ISC-Bugs #18832]
- Use lease referencers to maintain reference count on the lease structure.
- Log an error if you encounter a lease with no transmit-state.
o These changes were to a feature that has not yet been publically released,
so there is no RELNOTES entry.
released in bursts after single fsync() events when the upper limit is
reached or if the receiving sockets go dry. The practical upshot is
that fsync-coupled server performance is now multiplicitively increased.
The default delayed ack limit is 28. Thanks entirely to a patch from
Christof Chen.
broke a lot of legacy site local configurations. The new code in place will
track site local space minimum option codes and logs a warning to encourage
updates and exploration of site local code migration problems. Option
codes less than 128 in site local spaces remain inaccessible.
[ISC-Bugs #17203]
- A possible relay agent option bug was repaired where random server
initialization state may have been used to signal the relay agent
information options sub-option code for the 'END' of the option space.
[ISC-Bugs #17203]
control lists. These directives may be used to assist in re-addressing
address pools without having to constantly reconfigure the server. Please
see 'man dhcpd.conf' for more information on allow/deny 'after time' syntax.
Thanks to a patch from Christof Chen. [ISC-Bugs #17110]
