In the MPSAFE TTY branch, I noticed PTY's to be leaked, because
dhclient's privileged process was run inside the session of, say, the
login shell. Make sure we call setsid() here.
Approved by: philip (mentor), brooks
interface is one with the default route (or there isn't one). Use it to
decide if we should adjust the default route and /etc/resolv.conf.
Fix the delete of the default route. The if statement was totally bogus
and the delete only worked due to a typo. [1]
Reported by: Jordan Coleman <jordan at JordanColeman dot com> [1]
MFC after: 1 week
lease: track the current bssid and if it changes (as reported in an
assoc/reassoc) event only then kick the state machine. This gives us
immediate response when roaming but otherwise causes us to fallback on
the normal state machine.
Reviewed by: brooks, jhb
MFC after: 3 weeks
The original DHCP specification includes a route option but it supports
only class-based routes. RFC3442 adds support for specifying the netmask
width for each static route. A variable length encoding is used to minimize
the size of this option.
PR: bin/99534
Submitted by: Andrey V. Elsukov <bu7cher@yandex.ru>
Reviewed by: brooks
length != BPF_WORDALIGN(length)
This meeans that it is possible for this to be true:
interface->rbuf_offset > interface->rbuf_len
Handle this case in the test for running out of packets. While
OpenBSD's solution of setting interface->rbuf_len to
BPF_WORDALIGN(length) is safe due to the size of the buffer, I think
this solution results in less hidden assumptions.
This should fix the problem of dhclient running away and consuming 100%
CPU.
PR: bin/102226
Submitted by: Joost Bekkers <joost at jodocus.org>
MFC after: 3 days
despite the interface link status.
Add dhclient_flags_iface and background_dhclient_iface rc.conf options.
(where iface is a specific interface). These can be used to give
interface specific flags to dhclient.
Reviewed by: brooks@
with NACK if I don't set it. Setting 'option dhcp-client-identifier' is
alternative but it is inconvenient because I have to keep the list of
all MAC addresses. As bin/94743 pointed out, it is always sent from
Windows clients and I found Mac OS X does the same.
OK'd by: brooks
option if none is given in the config file. Also add #ifdefd out
support for sending a client ID based on our MAC address.
PR: bin/94743, bin/76401
Submitted by: Frank Behrens <frank at pinky dot sax dot de>
X-MFC after: 6.1-RELEASE
/tmp may not be writeable yet when dhclient is first run via
/etc/rc.d/netif so using it may not work. Also, writing to a
predictable file in /tmp as root is a really bad idea since a malicious
user may be able to win a race and insert a symlink which will allow
them to cause any file to be overwritten. To solve these problems,
create the tempory file in /var/run which will exist this early and is
writable only by root.
Security: Local risk if users can cause dhclient to run on demand
(such as by unplugging and replugging the network cable).
entries from the interface rather than using ifconfig's delete command.
This preserves non-dhclient configured addresses (though they are wiped
out when dhclient is restarted).
MFC after: 1 week
renewal, or we lose link, be more forceful about clearing interface
state so another interface that connects to the same network has a
chance of working. This doesn't address attemping to connect to both at
once, but appears to allow unplugging from a wired interface and then
inserting a wireless card that associates with an AP bridged to the same
LAN.
check the domain-name parameter according to the rules for "search"
strings as documented in resolv.conf(5). Specifically, the string must
be no more than 256 bytes long and contain no more than six valid domain
names separated by white space.
The previous unchecked values could result in a mangled resolv.conf
file which could effectively deny access to local sites. This is not
a security issue as rogue dhcp servers could already do this without
sending invalid strings.
Reviewed by: cperciva
MFC After: 3 days
serves no apparent purpose (we commented this out ages ago in the ISC
scripts) and cases problems with some ADSL setups.
Reported by: Rostislav Krasny <rosti dot bsd at gmail dot com>
capture. Zero length captures caused an infinte loop and short captures
probably caused memory corruption and a crash.
Reported by: many
MFC After: 3 days
accept NUL-terminated strings as required by RFC 2132.
This solution is not perfect as it removes the ability to send
NUL-terminated host-name options which may be required by some broken
servers. Given the current lack of an existance proof of such servers
and the fact that servers that send NUL-terminated domain names do
exist, this seems like an acceptable compromise. A discussion of these
issues can be found at:
http://marc.theaimsgroup.com/?l=dhcp-client&m=96837107208382&w=2
PR: bin/83468
Reported by: Sean Winn <sean at gothic dot net dot au>
MFC-after: 3 days
include a space seperated list of domains instead of the domain of the
host. This is supported on too many platforms to break for now so,
remove validation of this option for the moment.
The correct solution longer term is to implement RFC 3397 support and
then treat domain-name options containing space seperated lists of
domains as domain-search options for backwards compatability.
Approved by: re (dhclient blanket)
Add a -b option to background immediatly.
Add support for 802.11 routing messages to "instantly" renegotiate
at lease when we associate with a new network.
Submitted by: sam
requests if the interface has an active link. This is a
great benefit if you often change networks with your laptop
and you do not like to kill/restart dhclient all the time.
Changes are automatically detected and the link is refreshed.
The change allows us to start dhclient in background mode
Enable dhclient to poll the interface state and send only
requests if the interface has an active link. This is a
great benefit if you often change networks with your laptop
and you do not like to kill/restart dhclient all the time.
Changes are automatically detected and the link is refreshed.
The change allows us to start dhclient in background mode
while the network cable is not plugged in.
To control the polling interval, the option -i has been
introduced. It takes seconds as parameter, the minimum is
one second, the default is five seconds.
Polling is done in seconds, not microseconds, because dhclient
does internally work with timeouts in seconds.
This change will be part of the next major ISC-dhcpd release.
Tested by: bms, imp, and many many others.
Reviewed by: murray, eivind, dhclient folks
src/contrib/isc-dhcp/includes/minires/resolv.h has a 'extern' definition
but it makes an error when linking crunched binary just like this:
dhclient.lo: In function `MRres_nquery':
dhclient.lo(.text+0x2dcce): undefined reference to `__h_errno_set'
dhclient.lo(.text+0x2dd5b): undefined reference to `__h_errno_set'
dhclient.lo: In function `MRres_nquerydomain':
dhclient.lo(.text+0x2de53): undefined reference to `__h_errno_set'
The author understands this will be a problem (see comments in resolv.h).
Murray said that the author will fix this, but as a temporary solution,
modifying the source code and not to use __h_errno_set.
BTW, I'm sorry that previous commitlog in src/sbin/dhclient/Makefile should
read "Found by:" instead of "Confirmed by"; I just found that rev 1.15
has a typo so fixed.
Tested on: ushi.jp.FreeBSD.org with today's 5-current source code.
(belive me, "make release.4" works fine now)
configure FreeBSD so that various databases such as passwd and group can be
looked up using flat files, NIS, or Hesiod.
= Hesiod has been added to libc (see hesiod(3)).
= A library routine for parsing nsswitch.conf and invoking callback
functions as specified has been added to libc (see nsdispatch(3)).
= The following C library functions have been modified to use nsdispatch:
. getgrent, getgrnam, getgrgid
. getpwent, getpwnam, getpwuid
. getusershell
. getaddrinfo
. gethostbyname, gethostbyname2, gethostbyaddr
. getnetbyname, getnetbyaddr
. getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr
= host.conf has been removed from src/etc. rc.network has been modified
to warn that host.conf is no longer used at boot time. In addition, if
there is a host.conf but no nsswitch.conf, the latter is created at boot
time from the former.
Obtained from: NetBSD
Of course this is a bug in that the dhclient script will not work properly
if one has a local / and an NFS mounted /usr and needs to obtain its IP
address via DHCP before being able to mount /usr.