If a lease is reused as part of dhcp-cache-threshold processing
the hostname (if it exists) needs to be copied from the temporary
lease back to the permanent lease.
Also add additional checks to see if the lease can be reused.
The host pointer, client ID and hardware address shouldn't have
changed.
Add support for manipluating the queues holding leaes for time
based events (free, backup, active, expired, abandoned and reserved)
via a binary search instead of walking through the linked list.
Add support to set high and low thresholds for pools for
v4 and v6. A message will be emitted when the usage of
the pool first exceeds the high threshold. More messages
will be skipped until the usage has gone below the low
threshold and then back above the high threshold.
[rt27912]
Add code to suppor on {commit expiry release} statements for DHCPv6.
There are several pieces to this change
1) Add space in the iasubopt structure to hold the statement pointers
2) Update the execute code to fill in the structures as necessary
3) Execute the statements when appropriate
Many of the changes in the non-v6 code are to pass the v6 structures
around to the execute code.
[rt26311]
Fix the issue with DDNS by checking to see if we have added a pointer
to the ddns_cb and skipping the cache threshold check if we did. Also
expand and correct the cache threshold check into the delayed ack code.
+- Add support for a simple check that the server id in a request message
+ to a failover peer matches the server id of the server. This support
+ is enabled by editing the file includes/site.h and uncommenting the
+ definition for SERVER_ID_CHECK. The option has several restrictions
+ and issues - please read the comment in the site.h file before
+ enabling it.
+ [ISC-Bugs #31463]
has been updated to properly process or reject the packets as
appropriate. Thanks to David Zych at University of Illinois
for reporting this issue. [ISC-Bugs #24960]
One CVE number for each class of packet.
CVE-2011-2748
CVE-2011-2749
buffer space for bootp and use a better constant - DHCP packet
size instead of DHCP packet size + udp and iP headers.
Check that we have a packet->options structure before using it.
Only process packets that are longer than a bootp fixed packet
including server and file names. Previously we allowed for
shorter packets but that wasn't working and nobody noticed.
has elapsed (default 25%), the server will reuse the allocated lease
(provide a lease within the currently allocated lease-time) rather
than extend or renew the lease. This absolves the server of needing
to perform an fsync() operation on the lease database before reply,
which improves performance. [ISC-Bugs #22228]
- set initial delay to 0 to speed up client start
- added 'initial-delay' parameter to possibly revert to old behavior
- better handling of very short (1 or 2s) leases
- client lease records are recorded at most once every 15 seconds
- ICMP ping-check is now timed more precisely
- Servers that don't offer lease-time are now black-listed
[ISC-Bugs #19660]
[ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
the name to be at the apex of the zone.
[ISC-Bugs #19617] Restrict length of interface name read from command line
in dhcpd - based on a patch from David Cantrell at Red Hat.
[ISC-Bugs #20039] Correct some error messages in dhcpd.c
[ISC-Bugs #20070] Better range check on values when creating a DHCID.
[ISC-Bugs #20198] Avoid writing past the end of the field when adding
overly long file or server names to a packet and add a log message
if the configuration supplied overly long names for these fields.
[ISC-Bugs #21497] Add a little more randomness to rng seed in client
