ISC_DHCP 4.1-ESV-R12 is now available for download.
tmark at isc.org
Thu Sep 3 19:23:01 UTC 2015
ISC DHCP 4.1-ESV-R12 is now available for download.
This is the release of ISC DHCP 4.1-ESV-R12, a maintenance
release which contains a number of bug fixes.
Field testing is an important part of our quality process.
Please report bugs to dhcp-bugs at isc.org.
A list of the changes in this release has been appended to the end
of this message. For a complete list of changes from any previous
release, please consult the RELNOTES file within the source distribution.
They can also be found at:
Knowledge base articles about various features can be found starting from:
Webinars can be found here:
This release, and its OpenPGP-signatures are available now from:
ISC's Release Signing Key can be obtained at:
The following are changes that may be more interesting and require
a bit more explanation.
We have modified the PARANOIA patch to adjust the file permissions
(owner and group) used for the lease file. In our testing this had
no negative effects. However, given the range of OSes and security
features, we are not able to test all possible combinations.
The following is the list of all changes for this release.
Changes since 4.1-ESV-R12b1
Changes since 4.1-ESV-R11
- The server now does a better check to see if it can allocate the memory
for large blocks of v4 leases and should provide a slightly better error
message. Note well: the server pre-allocates v4 addresses, if you use
a large range, such as a /8, the server will attempt to use a large
amount of memory and may not start if there either isn't enough memory
or the size exceeds what the code supports.
- The server will now reject unicast Request, Renew, Decline, and Release
messages from a client unless the server would have sent that client the
dhcp6.unicast option. This behavior is in compliance with paragraph 1 in
each of the sections 18.2,1, 18.2.3, 18.2.6, and 18.2.7 of RFC 3315. Prior
to this, the server would simply accept the messages. Now, in order for
the server to accept such a message, the server configuration must include
the dhcp6.unicast option either globally or within the shared network to
which the requested lease belongs. In other words, the server will map
the first IA_XX address found within the client message to a
and look for the presence of the unicast option there and then globally.
- Write out the DUID server id on startup in all cases, previously if it
was read in from server-duid option in the config or lease files for
DHCPv4 it would not be written to the new lease file.
- When parsing dates for leases convert dates past 2038 to "never".
This avoids problems with integer overflows in the date and time
handling code for people that decide to use very large lease times
or add a lease entry with a date far in the future.
- Leave the siaddr field clear when sending a NACK as per RFC 2131
- Some compilers don't like the use of abs in minires/ns_verify.c,
change it to labs to make them happy.
- In the client don't send expired addresses to the script as part of
the binding process. Thanks to Sven Trenkel at Google for reporting
the issue and suggesting the patch.
- While parsing IPv6 addresses treat "add" as part of the address instead
of as a token.
- Delayed-ack now works properly with Failover. Prior to this, bind updates
post startup were being queued but never delivered. Among other
was causing leases to not transition from expired or released to free.
- Clean up parsing of v6 lease files a bit to avoid infinite loops if the
lease file is corrupt in certain ways.
- Corrected an issue in v6 lease file parsing. Prior to this, when
a lease with an address for which no configured pool exists, the
declaring the lease file corrupt and incorrectly skipping over the
entry in the file. The server will now emit a log message indicating that
no pool was found for the address (or prefix) and correctly resume parsing
with the next entry in the lease file. Our thanks to Michal Žejdl for
reporting the issue.
- Enhance the PARANOIA patch to include fchown() the lease file to
allow it to be manipulated after the server does a chown().
Thanks to Jiri Popelka at Red Hat for the patch.
- Fixed a server crash that could occur when the server attempts to remove
the billing class from the last lease billed to a dynamic class after said
class has been deleted.
- Handle an out of memory condition in the client a bit better.
Thanks to Frédéric Perrin from Brocade for finding the issue
and suggesting a patch.
More information about the dhcp-workers