ISC DHCP 4.2.2b1 is now available

Shawn Routhier sar at
Fri Jul 1 04:43:45 UTC 2011

ISC DHCP 4.2.2b1 is now available for download.

This is the FIRST BETA of ISC DHCP 4.2.1b1, a maintenance
release which contains a number of bug fixes.

A list of the changes in this release has been appended to the end
of this message.  For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:

This release, and its OpenPGP-signatures are available now from:

ISC's Release Signing Key can be obtained at:

We have made some changes to the interfaces code in order to
expand the use of USE_SOCKETS and would be interested in testing
and feedback to ensure that we have not damaged the rest of the
interfaces code.

                        Changes since 4.2.1
! In dhclient check the data for some string options for
   reasonableness before passing it along to the script that
   interfaces with the OS.
   [ISC-Bugs #23722]
   CVE: CVE-2011-0997

- DHCPv6 server now responds properly if client asks for a prefix that
   is already assigned to a different client. [ISC-Bugs #23948]

- Add the option "--no-pid" to the client, relay and server code,
   to disable writing a pid file.  Add the option "-pf pidfile"
   to the relay to allow the user to supply the pidfile name at
   runtime.  Add the "with-relay6-pid-file" option to configure
   to allow the user to supply the pidfile name for the relay
   in v6 mode at configure time.
   [ISC-Bugs #23351] [ISC-Bugs #17541]

- 'dhclient' no longer waits a random interval after first starting up
   to begin in the INIT state.  This conforms to RFC 2131, but elects
   not to implement a 'SHOULD' direction in section 4.1.
   [ISC-Bugs #19660]

- Added 'initial-delay' parameter that specifies maximum amount of
   time before client goes to the INIT state. The default value is 0. In
   previous versions of the code client could wait up to 5 seconds. The
   old behavior may be restored by using 'initial-delay 5;' in the
   client config file. [ISC-Bugs #19660]

- ICMP ping-check should now sit closer to precisely the number of
   seconds configured (or default 1), due to making use of the new
   microsecond scale timer internally to dhcpd.  This corrects a bug
   where the server may immediately timeout an ICMP ping-check if it was
   made late in the current second. [ISC-Bugs #19660]

- The DHCP client will schedule renewal and rebinding events in
   microseconds if the DHCP server provided a lease-time that would
   result in sub-1-second timers.  This corrects a bug where a 2-second
   or lower lease-time would cause the DHCP client to enter an infinite
   loop by scheduling renewal at zero seconds. [ISC-Bugs #19660]

- Client lease records are recorded at most once every 15 seconds.  This
   keeps the client from filling the lease database disk quickly on very
   small lease times. [ISC-Bugs #19660]

- To defend against RFC 2131 non-compliant DHCP servers which fail to
   advertise a lease-time (either mangled, or zero in value) the DHCP
   client now adds the server to the reject list ACL and returns to INIT
   state to hopefully find an RFC 2131 compliant server (or retry in INIT
   forever). [ISC-Bugs #19660]

- Parameters configured to evaluate from user defined function calls can
   now be correctly written to dhcpd.leases (as on 'on events' or dynamic
   host records inserted via OMAPI).  [ISC-Bugs #22266]

- If a 'next-server' parameter is configured in a dynamic host record
   via OMAPI as a domain name, the syntax written to disk is now
   correctly parsed upon restart.  [ISC-Bugs #22266]

- The DHCP server now responds to DHCPLEASEQUERY messages from agents
   using IP addresses not covered by a subnet in configuration.  Whether
   or not to respond to such an agent is still governed by the 'allow
   leasequery;' configuration parameter, in the case of an agent not
   covered by a configured subnet the root configuration area is
   examined. Server now also returns vendor-class-id option, if client
   sent it. [ISC-Bugs #21094]

- Documentation fixes
   [ISC-Bugs #17959] add text to AIX section describing how to have it
   send responses to the all-ones address.
   [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more
   [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for

- Linux Packet Filter interface improvement. sockaddr_pkt structure is
   used rather than sockaddr. Packet etherType is now forced to ETH_P_IP.
   [ISC-Bugs #18975]

- Minor code cleanups - but note port change for #23196
   [ISC-Bugs #23470] - Modify when an ignore return macro is defined to
   handle unsed error return warnings for more versions of gcc.
   [ISC-Bugs #23196] - Modify the reply handling in the server code to
   send to a specified port rather than to the source port for the
   incoming message.  Sending to the source port was test code that
   should have been removed.  The previous functionality may be restored
   by defining REPLY_TO_SOURCE_PORT in the includes/site.h file.  We
   suggest you don't enable this except for testing purposes.
   [ISC-Bugs #22695] - Close a file descriptor in an error path.
   [ISC-Bugs #19368] - Tidy up variable types in validate_port.

- Code cleanup
   [ISC-Bugs #13151] remove obsolete PROTO, KandR, INLINE and ANSI_DECL

- Compilation problem with gcc4.5 and omshell.c resolved.
   [ISC-Bugs #23831]

- Client Script fixes
   [ISC-Bugs #23045] Typos in client/scripts/openbsd
   [ISC-Bugs #23565] In the client scripts add a zone id (interface id)
   if the domain search address is link local.
   [ISC-Bugs #1277] In some of the client scripts add code to handle the
   case of the default router information being changed without the
   address being changed.

- Documentation cleanup
   [ISC-Bugs #23326] Updated References document, several man page

- Server no longer complains about NULL pointer when configured
   server-identifier expression fails to evaluate. [ISC-Bugs #24547]

- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from
   other than the dispatch handler.  This fixes an issue where omshell,
   when run from the same platform as the server, would appear to fail to
   connect.  This is a companion to #21839.  [ISC-Bugs #23592]

- Enlarge the buffer size used by the Omshell code and some of the
   print routines to allow for greater than 60 characters or, when
   printing as hex strings, 20 characters.  [ISC-Bugs #22743]

- In Solaris 11 switch to using sockets instead of DLPI, thanks
   to a patch form Oracle.  [ISC-Bugs #24634].

More information about the dhcp-users mailing list