From 8c878a4c3c8c358d97986120c600112cec177e53 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Elan=20Ruusam=C3=A4e?= Date: Sun, 27 Apr 2008 15:14:37 +0000 Subject: [PATCH] - patches from dhcp-4.0.0-14.fc9.src.rpm Changed files: dhcp-NetworkManager-crash.patch -> 1.1 dhcp-README.ldap -> 1.1 dhcp-default-requested-options.patch -> 1.1 dhcp-dhclient-anycast.patch -> 1.1 dhcp-dhclient-decline-backoff.patch -> 1.1 dhcp-dhclient-usage.patch -> 1.1 dhcp-errwarn-message.patch -> 1.1 dhcp-failover-ports.patch -> 1.1 dhcp-fast-timeout.patch -> 1.1 dhcp-manpages.patch -> 1.1 dhcp-memory.patch -> 1.1 dhcp-unicast-bootp.patch -> 1.1 dhcp-xen-checksum.patch -> 1.1 dhcpd-conf-to-ldap -> 1.1 draft-ietf-dhc-ldap-schema-01.txt -> 1.1 --- dhcp-NetworkManager-crash.patch | 12 + dhcp-README.ldap | 192 +++++ dhcp-default-requested-options.patch | 34 + dhcp-dhclient-anycast.patch | 70 ++ dhcp-dhclient-decline-backoff.patch | 58 ++ dhcp-dhclient-usage.patch | 43 + dhcp-errwarn-message.patch | 29 + dhcp-failover-ports.patch | 22 + dhcp-fast-timeout.patch | 15 + dhcp-manpages.patch | 533 +++++++++++++ dhcp-memory.patch | 37 + dhcp-unicast-bootp.patch | 97 +++ dhcp-xen-checksum.patch | 245 ++++++ dhcpd-conf-to-ldap | 760 ++++++++++++++++++ draft-ietf-dhc-ldap-schema-01.txt | 1089 ++++++++++++++++++++++++++ 15 files changed, 3236 insertions(+) create mode 100644 dhcp-NetworkManager-crash.patch create mode 100644 dhcp-README.ldap create mode 100644 dhcp-default-requested-options.patch create mode 100644 dhcp-dhclient-anycast.patch create mode 100644 dhcp-dhclient-decline-backoff.patch create mode 100644 dhcp-dhclient-usage.patch create mode 100644 dhcp-errwarn-message.patch create mode 100644 dhcp-failover-ports.patch create mode 100644 dhcp-fast-timeout.patch create mode 100644 dhcp-manpages.patch create mode 100644 dhcp-memory.patch create mode 100644 dhcp-unicast-bootp.patch create mode 100644 dhcp-xen-checksum.patch create mode 100644 dhcpd-conf-to-ldap create mode 100644 draft-ietf-dhc-ldap-schema-01.txt diff --git a/dhcp-NetworkManager-crash.patch b/dhcp-NetworkManager-crash.patch new file mode 100644 index 0000000..aecb844 --- /dev/null +++ b/dhcp-NetworkManager-crash.patch @@ -0,0 +1,12 @@ +--- dhcp-4.0.0//client/clparse.c.nmcrash 2008-04-01 10:25:39.000000000 -1000 ++++ dhcp-4.0.0//client/clparse.c 2008-04-01 10:26:20.000000000 -1000 +@@ -227,6 +227,9 @@ int read_client_conf_file (const char *n + cfile = (struct parse *)0; + new_parse (&cfile, file, (char *)0, 0, path_dhclient_conf, 0); + ++ if (!cfile) ++ return ISC_R_BADPARSE; ++ + do { + token = peek_token (&val, (unsigned *)0, cfile); + if (token == END_OF_FILE) diff --git a/dhcp-README.ldap b/dhcp-README.ldap new file mode 100644 index 0000000..2263050 --- /dev/null +++ b/dhcp-README.ldap @@ -0,0 +1,192 @@ +LDAP Support in DHCP +Brian Masney +Last updated 3/23/2003 + +This document describes setting up the DHCP server to read it's configuration +from LDAP. This work is based on the IETF document +draft-ietf-dhc-ldap-schema-01.txt included in the doc directory. For the +latest version of this document, please see http://home.ntelos.net/~masneyb. + +First question on most people's mind is "Why do I want to store my +configuration in LDAP?" If you run a small DHCP server, and the configuration +on it rarely changes, then you won't need to store your configuration in LDAP. +But, if you have several DHCP servers, and you want an easy way to manage your +configuration, this can be a solution. + +The first step will be to setup your LDAP server. I am using OpenLDAP from +www.openldap.org. Building and installing OpenLDAP is beyond the scope of +this document. There is plenty of documentation out there about this. Once +you have OpenLDAP installed, you will have to edit your slapd.conf file. I +added the following 2 lines to my configuration file: + +include /etc/ldap/schema/dhcp.schema +index dhcpHWAddress eq +index dhcpClassData eq + +The first line tells it to include the dhcp schema file. You will find this +file under the contrib directory in this distribution. You will need to copy +this file to where your other schema files are (maybe +/usr/local/openldap/etc/openldap/schema/). The second line sets up an index +for the dhcpHWAddress parameter. The third parameter is for reading subclasses +from LDAP every time a DHCP request comes in. Make sure you run the slapindex +command and restart slapd to have these changes to into effect. + +Now that you have LDAP setup, you should be able to use gq +(http://biot.com/gq/) to verify that the dhcp schema file is loaded into LDAP. +Pull up gq, and click on the Schema tab. Go under objectClasses, and you +should see at least the following object classes listed: dhcpClass, dhcpGroup, +dhcpHost, dhcpOptions, dhcpPool, dhcpServer, dhcpService, dhcpSharedNetwork, +dhcpSubClass, and dhcpSubnet. If you do not see these, you need to check over +your LDAP configuration before you go any further. + +You should now be ready to build DHCP. If you would like to enable LDAP over +SSL, you will need to perform the following steps: + + * Edit the includes/site.h file and uncomment the USE_SSL line + or specify "-DUSE_SSL" via CFLAGS. + * Edit the dst/Makefile.dist file and remove md5_dgst.c and md5_dgst.o + from the SRC= and OBJ= lines (around line 24) + * Now run configure in the base source directory. If you chose to enable + LDAP over SSL, you must append -lcrypto -lssl to the LIBS= line in the + file work.os/server/Makefile (replace os with your operating system, + linux-2.2 on my machine). You should now be able to type make to build + your DHCP server. + +If you choose to not enable LDAP over SSL, then you only need to run configure +and make in the toplevel source directory. + +Once you have DHCP installed, you will need to setup your initial plaintext +config file. In my /etc/dhcpd.conf file, I have: + +ldap-server "localhost"; +ldap-port 389; +ldap-username "cn=DHCP User, dc=ntelos, dc=net"; +ldap-password "blah"; +ldap-base-dn "dc=ntelos, dc=net"; +ldap-method dynamic; +ldap-debug-file "/var/log/dhcp-ldap-startup.log"; + +If SSL has been enabled at compile time using the USE_SSL flag, the dhcp +server trys to use TLS if possible, but continues without TLS if not. + +You can modify this behaviour using following option in /etc/dhcpd.conf: + +ldap-ssl + off: disables TLS/LDAPS. + ldaps: enables LDAPS -- don't forget to set ldap-port to 636. + start_tls: enables TLS using START_TLS command + on: enables LDAPS if ldap-port is set to 636 or TLS in + other cases. + +See also "man 5 ldap.conf" for description the following TLS related +options: + ldap-tls-reqcert, ldap-tls-ca-file, ldap-tls-ca-dir, ldap-tls-cert + ldap-tls-key, ldap-tls-crlcheck, ldap-tls-ciphers, ldap-tls-randfile + +All of these parameters should be self explanatory except for the ldap-method. +You can set this to static or dynamic. If you set it to static, the +configuration is read once on startup, and LDAP isn't used anymore. But, if +you set this to dynamic, the configuration is read once on startup, and the +hosts that are stored in LDAP are looked up every time a DHCP request comes +in. + +When the optional statement ldap-debug-file is specified, on startup the DHCP +server will write out the configuration that it generated from LDAP. If you +are getting errors about your LDAP configuration, this is a good place to +start looking. + +The next step is to set up your LDAP tree. Here is an example config that will +give a 10.100.0.x address to machines that have a host entry in LDAP. +Otherwise, it will give a 10.200.0.x address to them. (NOTE: replace +dc=ntelos, dc=net with your base dn). If you would like to convert your +existing dhcpd.conf file to LDIF format, there is a script +contrib/dhcpd-conf-to-ldap.pl that will convert it for you. Type +dhcpd-conf-to-ldap.pl --help to see the usage information for this script. + +# You must specify the server's host name in LDAP that you are going to run +# DHCP on and point it to which config tree you want to use. Whenever DHCP +# first starts up, it will do a search for this entry to find out which +# config to use +dn: cn=brian.ntelos.net, dc=ntelos, dc=net +objectClass: top +objectClass: dhcpServer +cn: brian.ntelos.net +dhcpServiceDN: cn=DHCP Service Config, dc=ntelos, dc=net + +# Here is the config tree that brian.ntelos.net points to. +dn: cn=DHCP Service Config, dc=ntelos, dc=net +cn: DHCP Service Config +objectClass: top +objectClass: dhcpService +dhcpPrimaryDN: dc=ntelos, dc=net +dhcpStatements: ddns-update-style none +dhcpStatements: default-lease-time 600 +dhcpStatements: max-lease-time 7200 + +# Set up a shared network segment +dn: cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net +cn: WV +objectClass: top +objectClass: dhcpSharedNetwork + +# Set up a subnet declaration with a pool statement. Also note that we have +# a dhcpOptions object with this entry +dn: cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net +cn: 10.100.0.0 +objectClass: top +objectClass: dhcpSubnet +objectClass: dhcpOptions +dhcpOption: domain-name-servers 10.100.0.2 +dhcpOption: routers 10.100.0.1 +dhcpOption: subnet-mask 255.255.255.0 +dhcpOption: broadcast-address 10.100.0.255 +dhcpNetMask: 24 + +# Set up a pool for this subnet. Only known hosts will get these IPs +dn: cn=Known Pool, cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net +cn: Known Pool +objectClass: top +objectClass: dhcpPool +dhcpRange: 10.100.0.3 10.100.0.254 +dhcpPermitList: deny unknown-clients + +# Set up another subnet declaration with a pool statement +dn: cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net +cn: 10.200.0.0 +objectClass: top +objectClass: dhcpSubnet +objectClass: dhcpOptions +dhcpOption: domain-name-servers 10.200.0.2 +dhcpOption: routers 10.200.0.1 +dhcpOption: subnet-mask 255.255.255.0 +dhcpOption: broadcast-address 10.200.0.255 +dhcpNetMask: 24 + +# Set up a pool for this subnet. Only unknown hosts will get these IPs +dn: cn=Known Pool, cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net +cn: Known Pool +objectClass: top +objectClass: dhcpPool +dhcpRange: 10.200.0.3 10.200.0.254 +dhcpPermitList: deny known clients + +# Set aside a group for all of our known MAC addresses +dn: cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net +objectClass: top +objectClass: dhcpGroup +cn: Customers + +# Host entry for my laptop +dn: cn=brianlaptop, cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net +objectClass: top +objectClass: dhcpHost +cn: brianlaptop +dhcpHWAddress: ethernet 00:00:00:00:00:00 + +You can use the command slapadd to load all of these entries into your LDAP +server. After you load this, you should be able to start up DHCP. If you run +into problems reading the configuration, try running dhcpd with the -d flag. +If you still have problems, edit the site.conf file in the DHCP source and +add the line: COPTS= -DDEBUG_LDAP and recompile DHCP. (make sure you run make +clean and rerun configure before you rebuild). + diff --git a/dhcp-default-requested-options.patch b/dhcp-default-requested-options.patch new file mode 100644 index 0000000..444258f --- /dev/null +++ b/dhcp-default-requested-options.patch @@ -0,0 +1,34 @@ +diff -up dhcp-4.0.0/client/clparse.c.dho dhcp-4.0.0/client/clparse.c +--- dhcp-4.0.0/client/clparse.c.dho 2007-12-29 06:32:16.000000000 -1000 ++++ dhcp-4.0.0/client/clparse.c 2007-12-29 06:35:41.000000000 -1000 +@@ -37,7 +37,7 @@ + + struct client_config top_level_config; + +-#define NUM_DEFAULT_REQUESTED_OPTS 9 ++#define NUM_DEFAULT_REQUESTED_OPTS 12 + struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1]; + + static void parse_client_default_duid(struct parse *cfile); +@@ -107,6 +107,21 @@ isc_result_t read_client_conf () + option_code_hash_lookup(&default_requested_options[8], + dhcpv6_universe.code_hash, &code, 0, MDL); + ++ /* 10 */ ++ code = DHO_NIS_DOMAIN; ++ option_code_hash_lookup(&default_requested_options[9], ++ dhcp_universe.code_hash, &code, 0, MDL); ++ ++ /* 11 */ ++ code = DHO_NIS_SERVERS; ++ option_code_hash_lookup(&default_requested_options[10], ++ dhcp_universe.code_hash, &code, 0, MDL); ++ ++ /* 12 */ ++ code = DHO_NTP_SERVERS; ++ option_code_hash_lookup(&default_requested_options[11], ++ dhcp_universe.code_hash, &code, 0, MDL); ++ + for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) { + if (default_requested_options[code] == NULL) + log_fatal("Unable to find option definition for " diff --git a/dhcp-dhclient-anycast.patch b/dhcp-dhclient-anycast.patch new file mode 100644 index 0000000..508f0aa --- /dev/null +++ b/dhcp-dhclient-anycast.patch @@ -0,0 +1,70 @@ +diff -up dhcp-4.0.0/common/lpf.c.anycast dhcp-4.0.0/common/lpf.c +--- dhcp-4.0.0/common/lpf.c.anycast 2007-12-29 06:44:46.000000000 -1000 ++++ dhcp-4.0.0/common/lpf.c 2007-12-29 10:40:11.000000000 -1000 +@@ -331,6 +331,9 @@ ssize_t send_packet (interface, packet, + return send_fallback (interface, packet, raw, + len, from, to, hto); + ++ if (hto == NULL && interface->anycast_mac_addr.hlen) ++ hto = &interface->anycast_mac_addr; ++ + /* Assemble the headers... */ + assemble_hw_header (interface, (unsigned char *)hh, &hbufp, hto); + fudge = hbufp % 4; /* IP header must be word-aligned. */ +diff -up dhcp-4.0.0/common/conflex.c.anycast dhcp-4.0.0/common/conflex.c +--- dhcp-4.0.0/common/conflex.c.anycast 2007-12-29 06:44:46.000000000 -1000 ++++ dhcp-4.0.0/common/conflex.c 2007-12-29 10:39:30.000000000 -1000 +@@ -715,6 +715,8 @@ intern(char *atom, enum dhcp_token dfv) + } + if (!strcasecmp (atom + 1, "nd")) + return AND; ++ if (!strcasecmp (atom + 1, "nycast-mac")) ++ return ANYCAST_MAC; + if (!strcasecmp (atom + 1, "ppend")) + return APPEND; + if (!strcasecmp (atom + 1, "llow")) +diff -up dhcp-4.0.0/includes/dhcpd.h.anycast dhcp-4.0.0/includes/dhcpd.h +--- dhcp-4.0.0/includes/dhcpd.h.anycast 2007-12-29 06:44:46.000000000 -1000 ++++ dhcp-4.0.0/includes/dhcpd.h 2007-12-29 10:42:56.000000000 -1000 +@@ -1188,6 +1188,7 @@ struct interface_info { + int dlpi_sap_length; + struct hardware dlpi_broadcast_addr; + # endif /* DLPI_SEND || DLPI_RECEIVE */ ++ struct hardware anycast_mac_addr; + }; + + struct hardware_link { +diff -up dhcp-4.0.0/includes/dhctoken.h.anycast dhcp-4.0.0/includes/dhctoken.h +--- dhcp-4.0.0/includes/dhctoken.h.anycast 2007-12-29 06:44:46.000000000 -1000 ++++ dhcp-4.0.0/includes/dhctoken.h 2007-12-29 10:44:00.000000000 -1000 +@@ -346,7 +346,8 @@ enum dhcp_token { + WHITESPACE = 649, + TOKEN_ALSO = 650, + AFTER = 651, +- BOOTP_BROADCAST_ALWAYS = 652 ++ BOOTP_BROADCAST_ALWAYS = 652, ++ ANYCAST_MAC = 653 + }; + + #define is_identifier(x) ((x) >= FIRST_TOKEN && \ +diff -up dhcp-4.0.0/client/clparse.c.anycast dhcp-4.0.0/client/clparse.c +--- dhcp-4.0.0/client/clparse.c.anycast 2007-12-29 06:44:46.000000000 -1000 ++++ dhcp-4.0.0/client/clparse.c 2007-12-29 10:38:55.000000000 -1000 +@@ -550,6 +550,17 @@ void parse_client_statement (cfile, ip, + } + return; + ++ case ANYCAST_MAC: ++ token = next_token (&val, (unsigned *)0, cfile); ++ if (ip) { ++ parse_hardware_param (cfile, &ip -> anycast_mac_addr); ++ } else { ++ parse_warn (cfile, "anycast mac address parameter %s", ++ "not allowed here."); ++ skip_to_semi (cfile); ++ } ++ return; ++ + case REQUEST: + token = next_token (&val, (unsigned *)0, cfile); + if (config -> requested_options == default_requested_options) diff --git a/dhcp-dhclient-decline-backoff.patch b/dhcp-dhclient-decline-backoff.patch new file mode 100644 index 0000000..67729f5 --- /dev/null +++ b/dhcp-dhclient-decline-backoff.patch @@ -0,0 +1,58 @@ +--- dhcp-3.0.5/client/dhclient.c.decline 2007-03-30 15:29:58.000000000 -0400 ++++ dhcp-3.0.5/client/dhclient.c 2007-03-30 15:50:25.000000000 -0400 +@@ -934,6 +934,7 @@ + void *cpp; + { + struct client_state *client = cpp; ++ enum dhcp_state init_state = client->state; + + ASSERT_STATE(state, S_INIT); + +@@ -946,9 +947,16 @@ + client -> first_sending = cur_time; + client -> interval = client -> config -> initial_interval; + +- /* Add an immediate timeout to cause the first DHCPDISCOVER packet +- to go out. */ +- send_discover (client); ++ if (init_state != S_DECLINED) { ++ /* Add an immediate timeout to cause the first DHCPDISCOVER packet ++ to go out. */ ++ send_discover(client); ++ } else { ++ /* We've received an OFFER and it has been DECLINEd by dhclient-script. ++ * wait for a random time between 1 and backoff_cutoff seconds before ++ * trying again. */ ++ add_timeout(cur_time + ((1 + (random() >> 2)) % client->config->backoff_cutoff), send_discover, client, 0, 0); ++ } + } + + /* state_selecting is called when one or more DHCPOFFER packets have been +@@ -1215,6 +1223,7 @@ + send_decline (client); + destroy_client_lease (client -> new); + client -> new = (struct client_lease *)0; ++ client -> state = S_DECLINED; + state_init (client); + return; + } +@@ -3183,6 +3192,7 @@ + case S_INIT: + case S_REBINDING: + case S_STOPPED: ++ case S_DECLINED: + break; + } + client -> state = S_INIT; +--- dhcp-3.0.5/includes/dhcpd.h.decline 2007-03-30 15:30:14.000000000 -0400 ++++ dhcp-3.0.5/includes/dhcpd.h 2007-03-30 15:50:53.000000000 -0400 +@@ -704,7 +704,8 @@ + S_BOUND = 5, + S_RENEWING = 6, + S_REBINDING = 7, +- S_STOPPED = 8 ++ S_STOPPED = 8, ++ S_DECLINED = 9 + }; + + /* Authentication and BOOTP policy possibilities (not all values work diff --git a/dhcp-dhclient-usage.patch b/dhcp-dhclient-usage.patch new file mode 100644 index 0000000..fd4c244 --- /dev/null +++ b/dhcp-dhclient-usage.patch @@ -0,0 +1,43 @@ +diff -up dhcp-4.0.0/client/dhclient.c.usage dhcp-4.0.0/client/dhclient.c +--- dhcp-4.0.0/client/dhclient.c.usage 2008-02-13 16:20:30.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.c 2008-02-13 16:21:05.000000000 -1000 +@@ -882,21 +882,30 @@ main(int argc, char **argv) { + + static void usage () + { +- log_info ("%s %s", message, PACKAGE_VERSION); +- log_info (copyright); +- log_info (arr); +- log_info (url); ++ printf ("%s %s\n", message, PACKAGE_VERSION); ++ printf (copyright); ++ printf ("\n"); ++ printf (arr); ++ printf ("\n"); ++ printf (url); ++ printf ("\n"); + +- log_error ("Usage: dhclient %s %s", ++ printf ("Usage: dhclient %s %s", + #ifdef DHCPv6 + "[-4|-6] [-1dvrx] [-nw] [-p ]", + #else /* DHCPv6 */ + "[-1dvrx] [-nw] [-p ]", + #endif /* DHCPv6 */ +- "[-s server]"); +- log_error (" [-cf config-file] [-lf lease-file]%s", +- "[-pf pid-file] [-e VAR=val]"); +- log_fatal (" [-sf script-file] [interface]"); ++ "[-s server]\n"); ++ printf (" [-cf config-file] [-lf lease-file]%s", ++ "[-pf pid-file] [-e VAR=val]\n"); ++ printf (" [ -I ] [-B]\n"); ++ printf (" [ -H | -F ] [ -T ]\n"); ++ printf (" [ -V ]\n"); ++ printf (" [ -R ]\n"); ++ printf (" [-sf script-file] [interface]\n"); ++ ++ exit (EXIT_FAILURE); + } + + isc_result_t find_class (struct class **c, diff --git a/dhcp-errwarn-message.patch b/dhcp-errwarn-message.patch new file mode 100644 index 0000000..c31e1a2 --- /dev/null +++ b/dhcp-errwarn-message.patch @@ -0,0 +1,29 @@ +--- dhcp-3.0.5/omapip/errwarn.c.message 2007-03-29 15:03:12.000000000 -0400 ++++ dhcp-3.0.5/omapip/errwarn.c 2007-03-29 15:08:50.000000000 -0400 +@@ -80,20 +80,13 @@ + + #if !defined (NOMINUM) + log_error ("%s", ""); +- log_error ("If you did not get this software from ftp.isc.org, please"); +- log_error ("get the latest from ftp.isc.org and install that before"); +- log_error ("requesting help."); ++ log_error ("This version of ISC DHCP is based on the release available"); ++ log_error ("on ftp.isc.org. Features have been added and other changes"); ++ log_error ("have been made to the base software release in order to make"); ++ log_error ("it work better with this distribution."); + log_error ("%s", ""); +- log_error ("If you did get this software from ftp.isc.org and have not"); +- log_error ("yet read the README, please read it before requesting help."); +- log_error ("If you intend to request help from the dhcp-server@isc.org"); +- log_error ("mailing list, please read the section on the README about"); +- log_error ("submitting bug reports and requests for help."); +- log_error ("%s", ""); +- log_error ("Please do not under any circumstances send requests for"); +- log_error ("help directly to the authors of this software - please"); +- log_error ("send them to the appropriate mailing list as described in"); +- log_error ("the README file."); ++ log_error ("Please report for this software via the Red Hat Bugzilla site:"); ++ log_error (" http://bugzilla.redhat.com"); + log_error ("%s", ""); + log_error ("exiting."); + #endif diff --git a/dhcp-failover-ports.patch b/dhcp-failover-ports.patch new file mode 100644 index 0000000..aa0d68f --- /dev/null +++ b/dhcp-failover-ports.patch @@ -0,0 +1,22 @@ +--- dhcp-3.0.5/server/confpars.c.failover 2007-03-30 16:28:08.000000000 -0400 ++++ dhcp-3.0.5/server/confpars.c 2007-03-30 16:32:39.000000000 -0400 +@@ -998,10 +998,17 @@ + parse_warn (cfile, "peer address may not be omitted"); + + /* XXX - when/if we get a port number assigned, just set as default */ ++ /* See Red Hat Bugzilla 167292: ++ * we do now: dhcp-failover 647/tcp ++ * dhcp-failover 647/udp ++ * dhcp-failover 847/tcp ++ * dhcp-failover 847/udp ++ * IANA registration by Bernard Volz ++ */ + if (!peer -> me.port) +- parse_warn (cfile, "local port may not be omitted"); ++ peer -> me.port = 647; + if (!peer -> partner.port) +- parse_warn (cfile, "peer port may not be omitted"); ++ peer -> partner.port = 847; + + if (peer -> i_am == primary) { + if (!peer -> hba) { diff --git a/dhcp-fast-timeout.patch b/dhcp-fast-timeout.patch new file mode 100644 index 0000000..90a0658 --- /dev/null +++ b/dhcp-fast-timeout.patch @@ -0,0 +1,15 @@ +diff -up dhcp-4.0.0/client/dhclient.c.fast dhcp-4.0.0/client/dhclient.c +--- dhcp-4.0.0/client/dhclient.c.fast 2007-12-29 06:07:14.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.c 2007-12-29 06:08:07.000000000 -1000 +@@ -3624,10 +3624,7 @@ isc_result_t dhclient_interface_startup_ + ip -> flags |= INTERFACE_RUNNING; + for (client = ip -> client; client; client = client -> next) { + client -> state = S_INIT; +- /* Set up a timeout to start the initialization +- process. */ +- add_timeout (cur_time + random () % 5, +- state_reboot, client, 0, 0); ++ add_timeout (cur_time, state_reboot, client, 0, 0); + } + } + return ISC_R_SUCCESS; diff --git a/dhcp-manpages.patch b/dhcp-manpages.patch new file mode 100644 index 0000000..7779145 --- /dev/null +++ b/dhcp-manpages.patch @@ -0,0 +1,533 @@ +diff -up dhcp-4.0.0/server/dhcpd.conf.5.manpages dhcp-4.0.0/server/dhcpd.conf.5 +--- dhcp-4.0.0/server/dhcpd.conf.5.manpages 2007-11-20 08:34:37.000000000 -1000 ++++ dhcp-4.0.0/server/dhcpd.conf.5 2008-01-02 11:26:38.000000000 -1000 +@@ -513,6 +513,9 @@ pool { + }; + .fi + .PP ++Dynamic BOOTP leases are not compatible with failover, and, as such, ++you need to disallow BOOTP in pools that you are using failover for. ++.PP + The server currently does very little sanity checking, so if you + configure it wrong, it will just fail in odd ways. I would recommend + therefore that you either do failover or don't do failover, but don't +@@ -527,9 +530,9 @@ primary server might look like this: + failover peer "foo" { + primary; + address anthrax.rc.vix.com; +- port 519; ++ port 647; + peer address trantor.rc.vix.com; +- peer port 520; ++ peer port 847; + max-response-delay 60; + max-unacked-updates 10; + mclt 3600; +@@ -588,9 +591,7 @@ statement + .B port \fIport-number\fR\fB;\fR + .PP + The \fBport\fR statement declares the TCP port on which the server +-should listen for connections from its failover peer. This statement +-may not currently be omitted, because the failover protocol does not +-yet have a reserved TCP port number. ++should listen for connections from its failover peer. + .RE + .PP + The +@@ -602,10 +603,8 @@ statement + .PP + The \fBpeer port\fR statement declares the TCP port to which the + server should connect to reach its failover peer for failover +-messages. This statement may not be omitted because the failover +-protocol does not yet have a reserved TCP port number. The port +-number declared in the \fBpeer port\fR statement may be the same as +-the port number declared in the \fBport\fR statement. ++messages. The port number declared in the \fBpeer port\fR statement ++may be the same as the port number declared in the \fBport\fR statement. + .RE + .PP + The +@@ -1272,7 +1271,7 @@ the zone containing PTR records - for IS + .PP + .nf + key DHCP_UPDATER { +- algorithm HMAC-MD5.SIG-ALG.REG.INT; ++ algorithm hmac-md5; + secret pRP5FapFoJ95JEL06sv4PQ==; + }; + +@@ -1295,7 +1294,7 @@ dhcpd.conf file: + .PP + .nf + key DHCP_UPDATER { +- algorithm HMAC-MD5.SIG-ALG.REG.INT; ++ algorithm hmac-md5; + secret pRP5FapFoJ95JEL06sv4PQ==; + }; + +@@ -2433,7 +2432,8 @@ statement + The \fInext-server\fR statement is used to specify the host address of + the server from which the initial boot file (specified in the + \fIfilename\fR statement) is to be loaded. \fIServer-name\fR should +-be a numeric IP address or a domain name. ++be a numeric IP address or a domain name. If no \fInext-server\fR statement ++applies to a given client, the address 0.0.0.0 is used. + .RE + .PP + The +diff -up dhcp-4.0.0/common/dhcp-options.5.manpages dhcp-4.0.0/common/dhcp-options.5 +--- dhcp-4.0.0/common/dhcp-options.5.manpages 2007-09-17 07:52:01.000000000 -1000 ++++ dhcp-4.0.0/common/dhcp-options.5 2008-01-02 11:26:38.000000000 -1000 +@@ -896,6 +896,21 @@ classless IP routing - it does not inclu + classless IP routing is now the most widely deployed routing standard, + this option is virtually useless, and is not implemented by any of the + popular DHCP clients, for example the Microsoft DHCP client. ++.PP ++NOTE to @PRODUCTNAME@ dhclient users: ++.br ++dhclient-script interprets trailing 0 octets of the target as indicating ++the subnet class of the route, so for the following static-routes value: ++.br ++ option static-routes 172.0.0.0 172.16.2.254, ++.br ++ 192.168.0.0 192.168.2.254; ++.br ++dhclient-script will create routes: ++.br ++ 172/8 via 172.16.2.254 dev $interface ++.br ++ 192.168/16 via 192.168.2.254 dev $interface + .RE + .PP + .nf +diff -up dhcp-4.0.0/client/dhclient-script.8.manpages dhcp-4.0.0/client/dhclient-script.8 +--- dhcp-4.0.0/client/dhclient-script.8.manpages 2006-02-24 13:16:27.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient-script.8 2008-01-02 11:26:38.000000000 -1000 +@@ -47,7 +47,7 @@ customizations are needed, they should b + exit hooks provided (see HOOKS for details). These hooks will allow the + user to override the default behaviour of the client in creating a + .B /etc/resolv.conf +-file. ++file, and to handle DHCP options not handled by default. + .PP + No standard client script exists for some operating systems, even though + the actual client may work, so a pioneering user may well need to create +@@ -91,6 +91,26 @@ present. The + .B ETCDIR/dhclient-exit-hooks + script can modify the valid of exit_status to change the exit status + of dhclient-script. ++.PP ++Immediately after dhclient brings an interface UP with a new IP address, ++subnet mask, and routes, in the REBOOT/BOUND states, it will check for the ++existence of an executable ++.B ETCDIR/dhclient-up-hooks ++script, and source it if found. This script can handle DHCP options in ++the environment that are not handled by default. A per-interface. ++.B ETCDIR/dhclient-${IF}-up-hooks ++script will override the generic script and be sourced when interface ++$IF has been brought up. ++.PP ++Immediately before dhclient brings an interface DOWN, removing its IP ++address, subnet mask, and routes, in the STOP/RELEASE states, it will ++check for the existence of an executable ++.B ETCDIR/dhclient-down-hooks ++script, and source it if found. This script can handle DHCP options in ++the environment that are not handled by default. A per-interface ++.B ETCDIR/dhclient-${IF}-down-hooks ++script will override the generic script and be sourced when interface ++$IF is about to be brought down. + .SH OPERATION + When dhclient needs to invoke the client configuration script, it + defines a set of variables in the environment, and then invokes +diff -up dhcp-4.0.0/client/dhclient.conf.5.manpages dhcp-4.0.0/client/dhclient.conf.5 +--- dhcp-4.0.0/client/dhclient.conf.5.manpages 2007-08-23 06:06:08.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.conf.5 2008-01-02 11:26:38.000000000 -1000 +@@ -186,9 +186,9 @@ responding to the client send the client + options. Only the option names should be specified in the request + statement - not option parameters. By default, the DHCP server + requests the subnet-mask, broadcast-address, time-offset, routers, +-domain-name, domain-name-servers and host-name options. Note that if +-you enter a 'request' statement, you over-ride this default and these +-options will not be requested. ++domain-name, domain-name-servers host-name, nis-domain, nis-servers, ++and ntp-servers options. Note that if you enter a 'request' statement, ++you over-ride this default and these options will not be requested. + .PP + In some cases, it may be desirable to send no parameter request list + at all. To do this, simply write the request statement but specify +@@ -626,6 +626,18 @@ database and will record the media type + Whenever the client tries to renew the lease, it will use that same + media type. The lease must expire before the client will go back to + cycling through media types. ++.PP ++ \fBbootp-broadcast-always;\fR ++.PP ++The ++.B bootp-broadcast-always ++statement instructs dhclient to always set the bootp broadcast flag in ++request packets, so that servers will always broadcast replies. ++This is equivalent to supplying the dhclient -B argument, and has ++the same effect as specifying 'always-broadcast' in the server's dhcpd.conf. ++This option is provided as an extension to enable dhclient to work ++on IBM s390 Linux guests. ++.PP + .SH SAMPLE + The following configuration file is used on a laptop running NetBSD + 1.3. The laptop has an IP alias of 192.5.5.213, and has one +diff -up dhcp-4.0.0/client/dhclient.8.manpages dhcp-4.0.0/client/dhclient.8 +--- dhcp-4.0.0/client/dhclient.8.manpages 2007-10-04 07:13:25.000000000 -1000 ++++ dhcp-4.0.0/client/dhclient.8 2008-01-02 11:26:38.000000000 -1000 +@@ -91,6 +91,33 @@ relay + .B -w + ] + [ ++.B -B ++] ++[ ++.B -I ++.I dhcp-client-identifier ++] ++[ ++.B -H ++.I host-name ++] ++[ ++.B -F ++.I fqdn.fqdn ++] ++[ ++.B -V ++.I vendor-class-identifier ++] ++[ ++.B -R ++.I request-option-list ++] ++[ ++.B -T ++.I timeout ++] ++[ + .B -v + ] + [ +@@ -118,16 +145,6 @@ important details about the network to w + the location of a default router, the location of a name server, and + so on. + .PP +-If given the -4 command line argument (default), dhclient will use the +-DHCPv4 protocol to obtain an IPv4 address and configuration parameters. +-.PP +-If given the -6 command line argument, dhclient will use the DHCPv6 +-protocol to obtain whatever IPv6 addresses are available along with +-configuration parameters. Information-request is not yet supported. +-.PP +-If given the --version command line argument, dhclient will print its +-version number and exit. +-.PP + On startup, dhclient reads the + .IR dhclient.conf + for configuration instructions. It then gets a list of all the +@@ -181,67 +198,183 @@ file. If interfaces are specified in t + only configure interfaces that are either specified in the + configuration file or on the command line, and will ignore all other + interfaces. +-.PP +-If the DHCP client should listen and transmit on a port other than the +-standard (port 68), the +-.B -p +-flag may used. It should be followed by the udp port number that +-dhclient should use. This is mostly useful for debugging purposes. +-If a different port is specified for the client to listen on and +-transmit on, the client will also use a different destination port - +-one greater than the specified destination port. +-.PP +-The DHCP client normally transmits any protocol messages it sends +-before acquiring an IP address to, 255.255.255.255, the IP limited +-broadcast address. For debugging purposes, it may be useful to have +-the server transmit these messages to some other address. This can +-be specified with the +-.B -s +-flag, followed by the IP address or domain name of the destination. +-.PP +-For testing purposes, the giaddr field of all packets that the client +-sends can be set using the +-.B -g +-flag, followed by the IP address to send. This is only useful for testing, +-and should not be expected to work in any consistent or useful way. +-.PP +-The DHCP client will normally run in the foreground until it has +-configured an interface, and then will revert to running in the +-background. To run force dhclient to always run as a foreground +-process, the +-.B -d +-flag should be specified. This is useful when running the client +-under a debugger, or when running it out of inittab on System V +-systems. +-.PP +-The dhclient daemon creates its own environment when executing the +-dhclient-script to do the grunt work of interface configuration. +-To define extra environment variables and their values, use the +-.B -e +-flag, followed by the environment variable name and value assignment, +-just as one would assign a variable in a shell. Eg: +-.B -e +-.I IF_METRIC=1 +-.PP +-The client normally prints no output during its startup sequence. It +-can be made to emit verbose messages displaying the startup sequence events +-until it has acquired an address by supplying the +-.B -v +-command line argument. In either case, the client logs messages using +-the +-.B syslog (3) +-facility. A +-.B -q +-command line argument is provided for backwards compatibility, but since +-dhclient is quiet by default, it has no effect. +-.PP +-The client normally doesn't release the current lease as it is not +-required by the DHCP protocol. Some cable ISPs require their clients +-to notify the server if they wish to release an assigned IP address. ++.SH OPTIONS ++.TP ++.BI \-4 ++Use the DHCPv4 protocol to obtain an IPv4 address and configuration ++parameters. ++ ++.TP ++.BI \-6 ++Use the DHCPv6 protocol to obtain whatever IPv6 addresses are available ++along with configuration parameters. Information-request is not yet ++supported. ++ ++.TP ++.BI \-p\ ++The UDP port number the DHCP client should listen and transmit on. If ++unspecified, ++.B dhclient ++uses the default port 68. This option is mostly useful for debugging ++purposes. If a different port is specified for the client to listen and ++transmit on, the client will also use a different destination port - one ++greater than the specified destination port. ++ ++.TP ++.BI \-d ++Force ++.B dhclient ++to run as a foreground process. This is useful when running the client ++under a debugger, or when running it out of inittab on System V systems. ++ ++.TP ++.BI \-e\ VAR=value ++Define additional environment variables for the environment where ++dhclient-script executes. You may specify multiple ++.B \-e ++options on the command line. ++ ++.TP ++.BI \-q ++Suppress all terminal and log output except error messages. ++ ++.TP ++.BI \-1 ++Try one to get a lease. On failure, exit with code 2. ++ ++.TP ++.BI \-r ++Tell ++.B dhclient ++to release the current lease it has from the server. This is not required ++by the DHCP protocol, but some ISPs require their clients to notify the ++server if they wish to release an assigned IP address. ++ ++.TP ++.BI \-lf\ ++Path to the lease database file. If unspecified, the default ++.B DBDIR/dhclient.leases ++is used. ++ ++.TP ++.BI \-pf\ ++Path to the process ID file. If unspecified, the default ++.B RUNDIR/dhclient.pid ++is used. ++ ++.TP ++.BI \-cf\ ++Path to the client configuration file. If unspecified, the default ++.B ETCDIR/dhclient.conf ++is used. ++ ++.TP ++.BI \-sf\ ++Path to the network configuration script invoked by ++.B dhclient ++when it gets a lease. If unspecified, the default ++.B CLIENTBINDIR/dhclient-script ++is used. ++ ++.TP ++.BI \-s\ ++Specifiy the server IP address or fully qualified domain name to transmit ++DHCP protocol messages to. Normally, ++.B dhclient ++transmits these messages to 255.255.255.255 (the IP limited broadcast ++address). Overriding this is mostly useful for debugging purposes. ++ ++.TP ++.BI \-g\ ++Only for debugging. Set the giaddr field of all packets the client ++sends to the IP address specified. This should not be expected to work ++in any consistent or useful way. ++ ++.TP ++.BI \-n ++Do not configure any interfaces. Most useful combined with the ++.B -w ++option. ++ ++.TP ++.BI \-nw ++Become a daemon process immediately (nowait) rather than waiting until an IP ++address has been acquired. ++ ++.TP ++.BI \-w ++Keep running even if no network interfaces are found. The ++.B omshell ++program can be used to notify the client when a network interface has been ++added or removed so it can attempt to configure an IP address on that ++interface. ++ ++.TP ++.BI \-B ++Set the BOOTP broadcast flag in request packets so servers will always ++broadcast replies. ++ ++.TP ++.BI \-I\ ++Specify the dhcp-client-identifier option to send to the DHCP server. ++ ++.TP ++.BI \-H\ ++Specify the host-name option to send to the DHCP server. The host-name ++string only contains the client's hostname prefix, to which the server will ++append the ddns-domainname or domain-name options, if any, to derive the ++fully qualified domain name of the client. The ++.B -H ++option cannot be used with the ++.B -F ++option. ++ ++.TP ++.BI \-F\ ++Specify the fqdn.fqdn option to send to the DHCP server. This option cannot ++be used with the ++.B -H ++option. The fqdn.fqdn option must specify the complete domain name of the ++client host, which the server may use for dynamic DNS updates. ++ ++.TP ++.BI \-V\ ++Specify the vendor-class-identifier option to send to the DHCP server. ++ ++.TP ++.BI \-R\