freebsd-skq/contrib/isc-dhcp/RELNOTES

767 lines
25 KiB
Plaintext

Internet Software Consortium
Dynamic Host Configuration Protocol Distribution
Version 2 Patchlevel 5
September 6, 2000
Release Notes
Version 2 of the ISC DHCP Distribution includes the ISC DHCP server,
DHCP Client and DHCP/BOOTP Relay Agent.
This version has been in a near feature freeze since January of 1998,
was in Beta test from that time to June of 1999, and has now been
released in its final form. It has a number of important features,
and is the release that we would expect most sites to run.
For information on how to install, configure and run this software,
as well as how to find documentation and report bugs, please consult
the README file.
CHANGELOG
This log describes the changes that have been made in version 2.0
since June of 1997.
CHANGES FROM VERSION 2.0 PATCHLEVEL 4
- Fix a prototype mismatch that causes compiles to fail on some architectures.
- Two minor cosmetic changes to manual pages.
CHANGES FROM VERSION 2.0 PATCHLEVEL 3
- Fix a bug introduced in the client in the previous patchlevel where the
broadcast would be set to the subnet number instead of the broadcast
address.
CHANGES FROM VERSION 2.0 PATCHLEVEL 2
- Rather than calling a client environment setup script, set the
environment up directly, so as to avoid any possible exploit making
use of clever shell metacharacter hacks. This is a security fix
that applies to the DHCP client *only*.
CHANGES FROM VERSION 2.0 PATCHLEVEL 1
- Fix a case where an unitialized pointer could result from an exceptional
case in DHCPRELEASE and cause a core dump.
CHANGES FROM VERSION 2.0
- Clean up DHCPRELEASE support.
- Don't use the broadcast flag when doing BOOTP unless we need to.
- Clean up the fallback mess.
- Quote all shell special characters in the client script.
- Fix ethernet header alignment on arm32.
- Clarify the "no subnet declaration" message.
- Correctly store the tftp server name in the lease file and the
client script file.
- Avoid a potential spin loop in client when script file creation
fails for reasons other than the presence of an existing file of the
same name.
- Add support for Linux kernel versions greater than 2.2.
- Fix a problem in raw.c on Irix. Thanks to Don Badrak for the
patch.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 29
- Define BYTE_ORDER in includes/cf/hpux.h so that ip.h will compile
correctly on HP-UX.
- Fix a long-standing but minor bug in the way the program name for
syslog was derived.
- Fix a long-standing bug that prevented the DHCP server from broadcasting
responses to BOOTP clients that requested a broadcast response.
- In dhcprequest(), check to make sure that there's a lease before trying
to acknowledge it to the client. This fixes a potential core dump that
a few people observed.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 28
- Fix some pastos I introduced when merging Andrew Chittenden's token
ring support.
- Apply a patch to the token ring support from Andrew Chittenden.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 27
- Add dependencies to makefiles.
- Don't use ping -w 1 in freebsd client script.
- Token ring support for LPF, contributed by Andrew Chittenden.
- Fix a subtle bug that would cause the server to respond incorrectly
in some cases when the client sent duplicate DHCPREQUEST packets.
- Fix option pretty printing for 'X' format.
- Add some special cases to deal with DHCPREQUEST packets from RFC1541
clients.
- Fix an obscure bug in nested subnet mask handling.
- Fix a bug in abandoned lease reclamation.
- Allow maximum message size to be set in configuration file.
- Allow parameter request list to be supplied in configuration file.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 26
- Fix UDP/IP checksum code
- Fix UDP payload length computation to prevent logging of spurious
errors.
- Support compilation on MacOS X
- Add support for some options that were added in RFC2132.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 25
- Use the udp header's length rather than computing the length based
on the number of bytes received, because some broken relay agents
send packets with ip lengths that are longer than then sum of the ip
header size and the udp length.
- Do path keyword substitution on unformatted manual pages before
installing them.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 24
- D'oh! Fix a really stupid mistake in hash.c.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 23
- Support an always-reply-rfc1048 flag, which says to reply with an
RFC1048-style vendor extensions buffer even if the client didn't
send an RFC1048-style magic number.
- Fix a null pointer dereference.
- Use netmask from subnet if no netmask option specified.
- IRIX support (thanks to Don Badrak).
- Install unformatted manual pages on Linux.
- Add note in README about zcat vs. gzcat on BSD/os.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 22
- Test for lease before dereferencing it in dhcprequest.
- Free the client parameter request list in dhcpnak if there is one.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 21
- Fix a pasto in options.c that will cause a core dump whenever a
client sends in a request without a parameter request list.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 20
- Actually do the client fix mentioned below - Patchlevel 20 only contained
half of the fix.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 19
- Removed arp table clearing code from solaris client script.
- Document Linux "protocol not configured" error more thoroughly.
- Clean up some unused variables.
- Add entry and exit hooks to all dhcp client scripts, along with a
make_resolv_conf function that can be redefined in the entry hooks.
Document this new feature set.
- Fix client to take advantage of network APIs that allow it to
receive a unicast instead of requesting that the DHCP server
broadcast its response.
- Add -pf flag to all daemons allowing user to specify PID file name
on command line.
- Undo a previous change that attempted to be clever about testing
interface flags but wound up being stupid instead.
- Enforce access control on DHCPREQUEST messages as well as
DHCPDISCOVER messages.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 18
- Support added for AIX 4.1.5.0 (and hopefully other versions).
- Use /var/run instead of /etc on Digital Unix.
- Change DHCP client exponential backoff code to back off more slowly,
so that it is more robust in lossy environments, at the expense of
being a bit less polite to the server.
- Don't request a specific lease interval in the client unless the
user says to do so.
- Don't print DHCPXXX in wrong xxx messages unless DEBUG is defined.
- Fix handling of secs field.
- Fix handling of append statement.
- Fix documentation for append and prepend statements.
- Fix server support for parameter request list and maximum message
size.
- Parameterize more hardware types in discover_interfaces. Check for
IFF_BROADCAST instead of !IFF_POINTOPOINT
- Print kernel configuration warning message if we get EINVAL when
opening or configuring the Linux packet filter.
- Fix a bug in UDP checksum code (thanks to John Nemeth for figuring
this out) and re-enable UDP checksumming. This allows the client
to work with some buggy DHCP servers that can't handle zero
checksums in the UDP header - in particular, the one John's cable
modem ISP is using.
- Don't report packet header checksum errors unless we see a lot of
them. It's perfectly normal for some number of checksum errors to
occur.
- Refer to the dhcpd.leases man page when printing an error message
prior to exiting because there's no lease database.
- Add information to the README telling the reader how to get to the
manual pages.
- Fix the server packet transmission code to unicast when it can.
- Fix a typo in the dhcpd.conf manual page.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 17
- Fix a bug in the relay agent where messages to the client would be
unicast in the IP header but broadcast in the link header. The
Microsoft DHCP client would reject such packets, preventing it from
being configured. This was only a problem on non-socket-API
platforms.
- Do not attempt to reclaim requested abandoned leases in response to
DHCPDISCOVER messages.
- Allow the maximum lease time parameter in a host declaration to
override the maximum lease time parameter in a subnet declaration.
- Better document the -p flag for dhclient, dhcrelay and dhcpd.
- Apply John Wehle's patch to fix the endianness bug in the dlpi
packet filter on Solaris.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 16
- Fix linux man page install location.
- Fix some confusion in the dhclient-script man page.
- Fix error in includes/cf/linux.h that would have made network API
selections in site.h work incorrectly.
- Fix some major stupidity in the code that figures out where or not a
client owns a particular lease.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 15
- Fix Makefile.conf on Linux to refer to /var/state/dhcp instead of
/var/state/dhcpd.
- Eliminate redundant #defines in includes/cf/linux.h (for neatness).
- Fix an obscure case where dhcpd is started by the /etc/rc system
with exactly the same pid each time, dhcpd.pid is not erased on
reboot, and therefore dhcpd would detect a server (itself) with the
pid in dhcpd.pid and decide that another server was running and
exit.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 14
- Install the dhcp databases in /var/state/dhcp instead of /etc or
/var/dhcpd, as suggested in the Linux Filesystem Hierarchy
Standard.
- Fix an endianness bug in dlpi.c. As a consequence, make the
Solaris/i386 use dlpi again.
- Fix a bunch of bugs in the Solaris client script.
- Add some more information about Solaris to the README file.
- Adjust startup message in interface probe so that the relay agent
and client's unattached status will not trigger questions.
- Update some error messages to provide more help to new users for
some common mistakes.
- Create an interface alias on Solaris when setting up IP aliases,
rather than trying to do things the *BSD way.
- Fix a null pointer dereference bug (this time I went through the
whole function and audited it for more null pointer dereferences,
and I didn't find any, for what that's worth).
- Don't ever release leases in response to a DHCPDISCOVER (I think
this was unlikely anyway, but why not be correct?).
- Remove the shared-network example from the sample dhcpd.conf file.
- Make ``make install'' make all first.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 13
- Support DESTDIR on installs.
- Fix a bug in dhcp.c where a store through a null pointer would
be made under some reasonably common circumstances.
- Add test for ARPHRD_TUNNEL so that client and server do not fail on
versions of Linux running IPsec implementations or the like.
- Move tests for constants defined in O.S. headers into osdep.h - test
for HAVE_whatever in .c files. Define relevant HAVE_whatevers in
linux.h, so that versions of linux that define these constants as
enums will still work.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 12
- Initialize the "quiet" variable in dhclient.c to zero (it was used
without first having been initialized).
- Fix the parser code for the authoritative keyword.
- Adjust lease discovery code to NAK more aggressively for addresses
the server knows it owns.
- Add several new messages for DHCPNAK.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 11
- Use DLPI only on sparcs running Solaris, since it seems not to work
on i386 boxes running Solaris for reasons yet to be determined.
- In the client, close standard I/O descriptors when forking a daemon.
- Don't let large lease lengths wrap lease expiry times - just use
what fits into a TIME value.
- Fix a bug in the SIOCGIFCONF interface scanning code.
- Fix a core dump in the interface scanner that crops up on Linux when
an interface is specified on the command line.
- Don't use %D in strftime because egcs complains about it.
- Print the error message if SO_BINDTODEVICE fails.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 10
- Update top-level Makefile so that it exits correctly on errors in
submakes under bash/gnu make (dunno which is the culprit, and don't
really care).
- Print a more helpful message if no free BPF devices are found.
- Add support for specifying that the server is or is not
authoritative for a particular network segment.
- Fix two stupid typos in lpf.c.
- Print a more helpful message if we can't create an LPF socket or
can't attach a filter to it.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 9
- Correct the hopelessly outdated information about Linux at the top
of the README - many apologies to the Linux people who have had to
read that nonsense for the past couple of snapshots and have been
confused or annoyed by it. I simply hadn't read it recently, and
didn't realize how out-of-date it was.
- Print a message if the client finds no broadcast interfaces to
configure.
- Add support for use-lease-addr-for-default-route flag in server, so
that Windows machines can be made to ARP for all addresses.
- Update README file to mention new Linux gotchas.
- After finally understanding Brian Murrel's code (my fault, not his)
to get interface names from /proc/net/dev on Linux, fix what I broke
of his code and document it.
- Use sendto rather than send for SOCK_PACKET sockets, because they
can't be connected, only bound. :'(
- Fix up SOCK_PACKET creation so that the kernel doesn't complain
about it.
- Fix incorrect tests in linux client script:
[ $relmajor == 2 ] -> [ $relmajor -eq 2 ]
- Make typedefs for u8, u16 and u32 types. These are Linux kernel
internal data types which are unfortunately exposed in the linux
packetfilter header file.
- Don't include <net/ethernet.h> in lpf.c - it defines things we're
already correctly defining elsewhere, and doesn't define any useful
new stuff.
- Finally fix client PREINIT bug that causes interfaces not specified
on the command line to be preinitialized. If no interfaces are
specified on the command line, all interfaces are still
preinitialized.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 8
- Fix socket API fallback setup code, which was causing Linux servers
and clients to loop endlessly on select when run as daemons.
- Add support for Linux 2.2 version number (treated the same as Linux
2.1, for now).
- Correct apparent error in DHCPREQUEST destination address handling
when in INIT-REBOOT state.
- Do not set BROADCAST flag if we have a valid IP address.
- Remove hard-coded filenames and use system-specific manifest
constants.
- Add entry and exit hooks to Linux dhclient-script (should be added
to all operating systems once tested).
- Test for linux major and minor version so as to correctly invoke
network configuration programs.
- Add support for Linux's gratuitous name change of bpf_insn structure
(can't pollute precious Linux sources with the "Berkeley" word, I
guess.
- Correct USE_BPF_{SEND,RECEIVE} ifdefs for if_reinitialize_*
functions.
- Ensure that we have ifreq structure before initializing interface -
if an interface was specified on the command line on Linux, this was
not the case.
- Get rid of references to enstamp structure in lpf.c. Correctly
declare and initialize sock_fprog structure (aka bpf_filter
structure on non-Linux machines).
- Define ssize_t on Ultrix.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 7
- Generalize FDDI support.
- Fix potential core dump in interface discovery code.
- Put explicit release versions on startup messages.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 6
- Add support for Linux Packet Filter (thanks to Brian Murrell, Interlinx).
- Add support for FDDI hardware type.
- Fix a long-standing bug in DLPI support where the ethertype was
being set incorrectly (thanks to Gong Wei, CCENet).
- Don't use DLPI RAW mode on Solaris.
- In the client, when a lease expires, the interface to which that
lease is attached is unconfigured. On systems that use the socket
API, the interface needs to then be reconfigured with the 0.0.0.0
address so that it can be used to get a new address.
- Add fallback support for Linux. This fixes a problem with the
relay agent when relaying over non-broadcast links, and may also fix
some obscure problems with unicasting DHCPACKs in both the server and
relay agent.
- When allocating leases, if the oldest lease is abandoned, try to
find a younger-but-still-expired lease rather than reclaiming the
abandoned lease.
- Add more documentation to README.
- The absence of the /etc/dhclient.conf file is no longer considered
an error.
- The dhcp client's lease file name can be specified on the command
line.
- The DHCP client should no longer zap interfaces that it has not been
directed to configure.
- If a client starts up in the init-reboot state, the xid will be a
"random" number rather than always being zero, as was previously the
case.
- In addition to comparing transaction IDs, compare hardware addresses
in response packets to verify that they are ours.
- Rewrite the client lease database after 20 leases have been written.
- Fix the exponential backoff code.
- Add a Y2k comment to indicate that something suspicious-looking is
in fact _not_ a problem.
- Use mkstemp if possible.
- Add missing fi in various client scripts.
- Use "search" instead of "domain" in linux resolv.conf files.
- Specify a hop count in all route command on solaris.
- If an allocation fails, don't try to zero out the allocation buffer
we didn't get.
- Support subnets that are subsets of other subnets - that is, for
example, 10.0.1.0/24 and 10.0.0.0/16. This is useful in fairly
obscure circumstances.
- Don't set the lease end time if it's already expired.
- Don't define INADDR_LOOPBACK on FreeBSD if it's already defined in a
system header.
- Use the broadcast address in the relay agent if we are using the BSD
socket API.
- Allow host declarations without names.
- Allow the server identifier option to be specified.
- Don't dump hostnames into the lease file if they contain
non-printable characters.
- Copy the entire client hardware address buffer that the client sends
to the output packet, not just the portion of it that's supposedly
significant according to the hardware address length field. This
is done for the benefit of certain Microsoft clients.
- Don't send a second ICMP echo request if we receive two DHCPDISCOVER
messages in quick succession. This prevents a rather annoying
timing race in configuring some Win95 clients.
- Fix up dhcp-options man page to make it more readable. Note that
netbios-name-server is the same thing as WINS.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 5
- Define some extra DLPI support flags that make DLPI work much better
on Solaris.
- Fix inet_aton prototype/declaration to match Internet Software
Consortium BIND distribution.
- Document new server-identifier functionality.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 4
- Do not use -Wstrict-prototypes on Solaris with gcc - if the Internet
Software Consortium BIND distribution is not installed, this produces
errors.
- Actually use the new DLPI support on Solaris - although the code was
added in Patchlevel 2, it wasn't enabled (blush).
- Fix a prototype bug that's exposed when DLPI support is enabled on
Solaris.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 3
- Fix a makefile botch that prevents the DHCP Distribution from
from compiling on Solaris with gcc. Sigh.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 2
- Allow server-identifier in any scope. Use in-scope server
identifier option rather than the default, if one exists.
- Delete newlines from abandoned lease reclaimation warning.
- Only release other applicable leases held by a client when the
client sends a DHCPREQUEST.
- Fix core dump when find_lease didn't find a lease.
- Update dhcpd.leases man page.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 1
- Use -Wno-char-subscript on Solaris to prevent bogus warnings from
gcc on Solaris 2.6.
- Add support for Apple's new Rhapsody operating system.
- Use DLPI on Solaris instead of using the BSD Sockets API.
- Fix two network input buffer overflow problems which could allow an
attacker to pervert the stack.
- Fix an ancient typo that could theoretically cause memory
corruption.
- Sort abandoned leases in at current time rather than end of time.
This allows abandoned leases to be reclaimed if there are no
available free leases.
- If a client explicitly requests a lease that's been abandoned, it's
probably the system that was answering pings on that address, so let it
have the lease.
- Fix a bunch of type conversion errors that are flagged by the Solaris
C compiler.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 0
- Fix two potential buffer overflow problems.
- Differentiate between versions of Linux for better success in
compiling.
- Fix bug in linux client script regarding routing setup.
- Clarify socket API error message on multiple interfaces.
- Fix broken comparison that was setting IP source address to zero.
- Reclaim abandoned leases if we run out of free leases.
CHANGES FROM THE DECEMBER 2, 1997 SNAPSHOT
- Use %ld to print pid_t and cast pid_t values to long to avoid
inconsistent declarations between different POSIX flavours.
- Add support for ARPHRD_IEEE802 (token ring) hardware type.
- If we own an address and a client requests it, but we can't assign
it to that client, we now NAK it so that the client doesn't try to
reuse it.
CHANGES FROM THE JUNE SNAPSHOT
- Support for NeXTstep 3.x and 4.x
- Added man pages for dhcpd.leases, dhclient-script, dhclient.leases
and dhclient.conf. Move general documentation of DHCP options into
a seperate man page which is referred to by the dhclient.conf and
dhcpd.conf man pages.
- Updated README to answer some frequently asked questions.
- Fixed a bug in command-line interface specification in dhclient - it
was formerly not possible to specify that only certain interfaces be
configured.
- Do not leave client scripts lying around in /tmp after they've been
used unless the -D flag is specified.
- Add a new, non-standard, not-guaranteed-to-stay-the-same system
configuration status message server which can be used to trigger the
client to recheck its address, e.g., after a laptop has been put to
sleep and then awakened (this has yet to be documented).
- Fix handling of media selection in the REBOOT phase - previously the
media type would not be remembered, which could cause severe delays
in reacquiring an address if the default media type was wrong.
- Allocate space for a NUL terminator on the end of client options -
this was previously overlooked, and could cause garbage characters
to be written to the temporary client script files.
- Use mkstemp if it's available.
- Supply network number and broadcast address to the client script so
that on systems that need these values, they don't need to be
computed with an awk script.
- Keep a PID file for the client and the relay agent, and have the
relay agent background itself by default.
- Add client script for bsd/os, fix many niggling bugs in existing
client scripts and add support for static routing tables to all bsd
scripts.
- Add a -q option to the client, server and relay agent so that they
can be started from /etc/rc scripts without spewing a bunch of
garbage on the console. By default, all three daemons still print
startup messages, since these are helpful in bug reporting.
- Don't print anything to stderr or stdout after going into
background.
- Fix bug where hostname keyword was not being recognized in
dhcpd.leases file, resulting in the loss of lease database entries.
- Fix problem on some operating systems where zero-length ifreq
structures were being offset incorrectly when scanning the interface
list on startup.
- Unless a BOOTP client requests it, never send more than 64 bytes of
options.
- Don't ping static leases, since we don't have a lease structure on
the heap to work with later.
- Fixed a compile problem on Solaris 2.6.
- Support interface aliases on Solaris.
- Print day and month with leading zero in lease files if less than
ten, for easier parsing by perl/sed/awk scripts.
- Never make the lease database world writable, even if dhcpd is
invoked with a bogus umask.
- Fix DHCPRELEASE handling (before, addressed would never be
released.)
- If there is more than one lease for a particular client on a
particular network, find the lease the client is asking for so as to
avoid a cycle of NAKs.
- If a BOOTP request is received from a particular client and that
client has previously received a DHCP address, make sure that we
still find a valid BOOTP lease so that we don't cycle through
addresses.
- Remove server-identifier option from documentation, other than to
document that it has been deprecated.
- Don't give up if we get an EINTR or EAGAIN while polling or
selecting - these return statuses can occur spuriously without
indicating a fatal problem.
- Do not select for exceptions, since we don't handle them. This was
causing massive CPU consumption on some systems.
- When a DHCP client has been assigned a fixed address but had
previously had a lease, it will request the old leased address. In
such an event, send a DHCPNAK so that it will discover its new
static binding.