ISC DHCP 4.2.2b1 is now available
Shawn Routhier
sar at isc.org
Fri Jul 1 04:43:45 UTC 2011
ISC DHCP 4.2.2b1 is now available for download.
This is the FIRST BETA of ISC DHCP 4.2.1b1, a maintenance
release which contains a number of bug fixes.
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source
distribution, or on our website:
http://www.isc.org/software/dhcp/422b1
This release, and its OpenPGP-signatures are available now from:
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.2b1.tar.gz
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.2b1.tar.gz.sha512.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.2b1.tar.gz.sha256.asc
ftp://ftp.isc.org/isc/dhcp/dhcp-4.2.2b1.tar.gz.sha1.asc
ISC's Release Signing Key can be obtained at:
http://www.isc.org/about/openpgp/
We have made some changes to the interfaces code in order to
expand the use of USE_SOCKETS and would be interested in testing
and feedback to ensure that we have not damaged the rest of the
interfaces code.
Changes since 4.2.1
! In dhclient check the data for some string options for
reasonableness before passing it along to the script that
interfaces with the OS.
[ISC-Bugs #23722]
CVE: CVE-2011-0997
- DHCPv6 server now responds properly if client asks for a prefix that
is already assigned to a different client. [ISC-Bugs #23948]
- Add the option "--no-pid" to the client, relay and server code,
to disable writing a pid file. Add the option "-pf pidfile"
to the relay to allow the user to supply the pidfile name at
runtime. Add the "with-relay6-pid-file" option to configure
to allow the user to supply the pidfile name for the relay
in v6 mode at configure time.
[ISC-Bugs #23351] [ISC-Bugs #17541]
- 'dhclient' no longer waits a random interval after first starting up
to begin in the INIT state. This conforms to RFC 2131, but elects
not to implement a 'SHOULD' direction in section 4.1.
[ISC-Bugs #19660]
- Added 'initial-delay' parameter that specifies maximum amount of
time before client goes to the INIT state. The default value is 0. In
previous versions of the code client could wait up to 5 seconds. The
old behavior may be restored by using 'initial-delay 5;' in the
client config file. [ISC-Bugs #19660]
- ICMP ping-check should now sit closer to precisely the number of
seconds configured (or default 1), due to making use of the new
microsecond scale timer internally to dhcpd. This corrects a bug
where the server may immediately timeout an ICMP ping-check if it was
made late in the current second. [ISC-Bugs #19660]
- The DHCP client will schedule renewal and rebinding events in
microseconds if the DHCP server provided a lease-time that would
result in sub-1-second timers. This corrects a bug where a 2-second
or lower lease-time would cause the DHCP client to enter an infinite
loop by scheduling renewal at zero seconds. [ISC-Bugs #19660]
- Client lease records are recorded at most once every 15 seconds. This
keeps the client from filling the lease database disk quickly on very
small lease times. [ISC-Bugs #19660]
- To defend against RFC 2131 non-compliant DHCP servers which fail to
advertise a lease-time (either mangled, or zero in value) the DHCP
client now adds the server to the reject list ACL and returns to INIT
state to hopefully find an RFC 2131 compliant server (or retry in INIT
forever). [ISC-Bugs #19660]
- Parameters configured to evaluate from user defined function calls can
now be correctly written to dhcpd.leases (as on 'on events' or dynamic
host records inserted via OMAPI). [ISC-Bugs #22266]
- If a 'next-server' parameter is configured in a dynamic host record
via OMAPI as a domain name, the syntax written to disk is now
correctly parsed upon restart. [ISC-Bugs #22266]
- The DHCP server now responds to DHCPLEASEQUERY messages from agents
using IP addresses not covered by a subnet in configuration. Whether
or not to respond to such an agent is still governed by the 'allow
leasequery;' configuration parameter, in the case of an agent not
covered by a configured subnet the root configuration area is
examined. Server now also returns vendor-class-id option, if client
sent it. [ISC-Bugs #21094]
- Documentation fixes
[ISC-Bugs #17959] add text to AIX section describing how to have it
send responses to the all-ones address.
[ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more
correct
[ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for
DDNS
- Linux Packet Filter interface improvement. sockaddr_pkt structure is
used rather than sockaddr. Packet etherType is now forced to ETH_P_IP.
[ISC-Bugs #18975]
- Minor code cleanups - but note port change for #23196
[ISC-Bugs #23470] - Modify when an ignore return macro is defined to
handle unsed error return warnings for more versions of gcc.
[ISC-Bugs #23196] - Modify the reply handling in the server code to
send to a specified port rather than to the source port for the
incoming message. Sending to the source port was test code that
should have been removed. The previous functionality may be restored
by defining REPLY_TO_SOURCE_PORT in the includes/site.h file. We
suggest you don't enable this except for testing purposes.
[ISC-Bugs #22695] - Close a file descriptor in an error path.
[ISC-Bugs #19368] - Tidy up variable types in validate_port.
- Code cleanup
[ISC-Bugs #13151] remove obsolete PROTO, KandR, INLINE and ANSI_DECL
macros
- Compilation problem with gcc4.5 and omshell.c resolved.
[ISC-Bugs #23831]
- Client Script fixes
[ISC-Bugs #23045] Typos in client/scripts/openbsd
[ISC-Bugs #23565] In the client scripts add a zone id (interface id)
if the domain search address is link local.
[ISC-Bugs #1277] In some of the client scripts add code to handle the
case of the default router information being changed without the
address being changed.
- Documentation cleanup
[ISC-Bugs #23326] Updated References document, several man page
updates
- Server no longer complains about NULL pointer when configured
server-identifier expression fails to evaluate. [ISC-Bugs #24547]
- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from
other than the dispatch handler. This fixes an issue where omshell,
when run from the same platform as the server, would appear to fail to
connect. This is a companion to #21839. [ISC-Bugs #23592]
- Enlarge the buffer size used by the Omshell code and some of the
print routines to allow for greater than 60 characters or, when
printing as hex strings, 20 characters. [ISC-Bugs #22743]
- In Solaris 11 switch to using sockets instead of DLPI, thanks
to a patch form Oracle. [ISC-Bugs #24634].
More information about the dhcp-workers
mailing list