/tmp may not be writeable yet when dhclient is first run via
/etc/rc.d/netif so using it may not work. Also, writing to a
predictable file in /tmp as root is a really bad idea since a malicious
user may be able to win a race and insert a symlink which will allow
them to cause any file to be overwritten. To solve these problems,
create the tempory file in /var/run which will exist this early and is
writable only by root.
Security: Local risk if users can cause dhclient to run on demand
(such as by unplugging and replugging the network cable).
entries from the interface rather than using ifconfig's delete command.
This preserves non-dhclient configured addresses (though they are wiped
out when dhclient is restarted).
MFC after: 1 week
renewal, or we lose link, be more forceful about clearing interface
state so another interface that connects to the same network has a
chance of working. This doesn't address attemping to connect to both at
once, but appears to allow unplugging from a wired interface and then
inserting a wireless card that associates with an AP bridged to the same
LAN.
check the domain-name parameter according to the rules for "search"
strings as documented in resolv.conf(5). Specifically, the string must
be no more than 256 bytes long and contain no more than six valid domain
names separated by white space.
The previous unchecked values could result in a mangled resolv.conf
file which could effectively deny access to local sites. This is not
a security issue as rogue dhcp servers could already do this without
sending invalid strings.
Reviewed by: cperciva
MFC After: 3 days
serves no apparent purpose (we commented this out ages ago in the ISC
scripts) and cases problems with some ADSL setups.
Reported by: Rostislav Krasny <rosti dot bsd at gmail dot com>
capture. Zero length captures caused an infinte loop and short captures
probably caused memory corruption and a crash.
Reported by: many
MFC After: 3 days
accept NUL-terminated strings as required by RFC 2132.
This solution is not perfect as it removes the ability to send
NUL-terminated host-name options which may be required by some broken
servers. Given the current lack of an existance proof of such servers
and the fact that servers that send NUL-terminated domain names do
exist, this seems like an acceptable compromise. A discussion of these
issues can be found at:
http://marc.theaimsgroup.com/?l=dhcp-client&m=96837107208382&w=2
PR: bin/83468
Reported by: Sean Winn <sean at gothic dot net dot au>
MFC-after: 3 days
include a space seperated list of domains instead of the domain of the
host. This is supported on too many platforms to break for now so,
remove validation of this option for the moment.
The correct solution longer term is to implement RFC 3397 support and
then treat domain-name options containing space seperated lists of
domains as domain-search options for backwards compatability.
Approved by: re (dhclient blanket)
Add a -b option to background immediatly.
Add support for 802.11 routing messages to "instantly" renegotiate
at lease when we associate with a new network.
Submitted by: sam
requests if the interface has an active link. This is a
great benefit if you often change networks with your laptop
and you do not like to kill/restart dhclient all the time.
Changes are automatically detected and the link is refreshed.
The change allows us to start dhclient in background mode
Enable dhclient to poll the interface state and send only
requests if the interface has an active link. This is a
great benefit if you often change networks with your laptop
and you do not like to kill/restart dhclient all the time.
Changes are automatically detected and the link is refreshed.
The change allows us to start dhclient in background mode
while the network cable is not plugged in.
To control the polling interval, the option -i has been
introduced. It takes seconds as parameter, the minimum is
one second, the default is five seconds.
Polling is done in seconds, not microseconds, because dhclient
does internally work with timeouts in seconds.
This change will be part of the next major ISC-dhcpd release.
Tested by: bms, imp, and many many others.
Reviewed by: murray, eivind, dhclient folks
src/contrib/isc-dhcp/includes/minires/resolv.h has a 'extern' definition
but it makes an error when linking crunched binary just like this:
dhclient.lo: In function `MRres_nquery':
dhclient.lo(.text+0x2dcce): undefined reference to `__h_errno_set'
dhclient.lo(.text+0x2dd5b): undefined reference to `__h_errno_set'
dhclient.lo: In function `MRres_nquerydomain':
dhclient.lo(.text+0x2de53): undefined reference to `__h_errno_set'
The author understands this will be a problem (see comments in resolv.h).
Murray said that the author will fix this, but as a temporary solution,
modifying the source code and not to use __h_errno_set.
BTW, I'm sorry that previous commitlog in src/sbin/dhclient/Makefile should
read "Found by:" instead of "Confirmed by"; I just found that rev 1.15
has a typo so fixed.
Tested on: ushi.jp.FreeBSD.org with today's 5-current source code.
(belive me, "make release.4" works fine now)
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
Of course this is a bug in that the dhclient script will not work properly
if one has a local / and an NFS mounted /usr and needs to obtain its IP
address via DHCP before being able to mount /usr.
