diff options
author | Thomas Markwalder <tmark@isc.org> | 2017-06-27 10:32:46 -0400 |
---|---|---|
committer | Thomas Markwalder <tmark@isc.org> | 2017-06-27 10:32:46 -0400 |
commit | 940eda1616668438f6e159be08aedebe01b4a47e (patch) | |
tree | e9f5398fb012449718876e57e68143f3b860e511 | |
parent | dd03d1b061045e0198cde7639d941a0a70cb1420 (diff) | |
download | isc-dhcp-940eda1616668438f6e159be08aedebe01b4a47e.tar.gz |
[v4_1_esv] Check failover pools per peer in test mode
Merges in rt29892
-rw-r--r-- | RELNOTES | 5 | ||||
-rw-r--r-- | includes/dhcpd.h | 3 | ||||
-rw-r--r-- | server/dhcpd.c | 6 | ||||
-rw-r--r-- | server/failover.c | 42 |
4 files changed, 44 insertions, 12 deletions
@@ -169,6 +169,11 @@ by Eric Young (eay@cryptsoft.com). Pitt which got to us via Andrew Pollock. [ISC-bugs #18183] +- The server now detects failover peers that are not referenced in at least + one pool when run with the command line option for test mode, -T. Prior to + this the check was performed too far down stream to be detected in test mode. + [ISC-Bugs #29892] + Changes since 4.1-ESV-R14b1 - None diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 1e3c2011..802a5090 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -3,7 +3,7 @@ Definitions for dhcpd... */ /* - * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 1996-2003 by Internet Software Consortium * * Permission to use, copy, modify, and distribute this software for any @@ -3132,6 +3132,7 @@ int deletePTR (const struct data_string *, const struct data_string *, /* failover.c */ #if defined (FAILOVER_PROTOCOL) extern dhcp_failover_state_t *failover_states; +void dhcp_failover_sanity_check (void); void dhcp_failover_startup (void); int dhcp_failover_write_all_states (void); isc_result_t enter_failover_peer (dhcp_failover_state_t *); diff --git a/server/dhcpd.c b/server/dhcpd.c index e4f8cf98..f81fedd4 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c @@ -3,7 +3,7 @@ DHCP Server Daemon. */ /* - * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 1996-2003 by Internet Software Consortium * * Permission to use, copy, modify, and distribute this software for any @@ -737,6 +737,10 @@ main(int argc, char **argv) { log_fatal ("Configuration file errors encountered -- exiting"); postconf_initialization (quiet); + +#if defined (FAILOVER_PROTOCOL) + dhcp_failover_sanity_check(); +#endif #if defined (PARANOIA) && !defined (EARLY_CHROOT) if (set_chroot) setup_chroot (set_chroot); diff --git a/server/failover.c b/server/failover.c index 778c2a3e..1d5e171f 100644 --- a/server/failover.c +++ b/server/failover.c @@ -3,7 +3,7 @@ Failover protocol support code... */ /* - * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 1999-2003 by Internet Software Consortium * * Permission to use, copy, modify, and distribute this software for any @@ -50,6 +50,37 @@ static inline int secondary_not_hoarding(dhcp_failover_state_t *state, struct pool *p); static void scrub_lease(struct lease* lease, const char *file, int line); +/*! + * \brief Performs a "pre-flight" sanity check of failover configuration + * + * Provides an opportunity to do post-parse pre-startup sanity checking + * of failover configuration. This allows checks to be done under test + * mode (-T), without requiring full startup for validation. + * + * Currently, it enforces all failover peers be used in at lease one + * pool. This logic was formerly located in dhcp_failover_startup. + * + * On failure, a fatal error is logged. + * + */ +void dhcp_failover_sanity_check() { + dhcp_failover_state_t *state; + int fail_count = 0; + + for (state = failover_states; state; state = state->next) { + if (state->pool_count == 0) { + log_error ("ERROR: Failover peer, %s, has no referring" + " pools. You must refer to each peer in at" + " least one pool declaration.", + state->name); + fail_count++; + } + } + + if (fail_count) { + log_fatal ("Failover configuration sanity check failed"); + } +} void dhcp_failover_startup () { @@ -60,15 +91,6 @@ void dhcp_failover_startup () for (state = failover_states; state; state = state -> next) { dhcp_failover_state_transition (state, "startup"); - if (state -> pool_count == 0) { - log_error ("failover peer declaration with no %s", - "referring pools."); - log_error ("In order to use failover, you MUST %s", - "refer to your main failover declaration"); - log_error ("in each pool declaration. You MUST %s", - "NOT use range declarations outside"); - log_fatal ("of pool declarations."); - } /* In case the peer is already running, immediately try to establish a connection with it. */ status = dhcp_failover_link_initiate ((omapi_object_t *)state); |