diff options
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | RELNOTES | 14 | ||||
-rw-r--r-- | client/dhclient.c | 18 | ||||
-rw-r--r-- | common/dns.c | 23 | ||||
-rw-r--r-- | includes/omapip/isclib.h | 5 | ||||
-rw-r--r-- | omapip/isclib.c | 14 |
6 files changed, 61 insertions, 17 deletions
@@ -1,6 +1,6 @@ Internet Systems Consortium DHCP Distribution Version 4.4.1 - 28 February 2018 + 05 June 2019 README FILE @@ -704,7 +704,7 @@ bug reports are more likely to get handled more quickly overall. This assumes that it's the dhcp server you're debugging, and that the core file is in dhcpd.core. -Please see https://www.isc.org/software/dhcp/ for details on how to subscribe +Please see https://www.isc.org/dhcp/ for details on how to subscribe to the ISC DHCP mailing lists. HISTORY @@ -107,7 +107,19 @@ by Eric Young (eay@cryptsoft.com). - Bind9 now defaults to requiring python to build. The Makefile for building Bind9 when bundled with ISC DHCP was modified to turn off this dependency. - [ISC-Bugs #3,!1 git #cc35f84943df44dac2499f3e16e8aaba7d54191d] + [ISC-Bugs #3,!1 git cc35f84943df44dac2499f3e16e8aaba7d54191d] + +- Corrected a dual-stack mixed-mode issue that occurs when both + ddns-guard-id-must-match and ddns-other-guard-is-dynamic + are enabled and that caused the server to incorrectly interpret + the presence of a guard record belonging to another client as + a case of no guard record at all. Thanks to Fernando Soto + from BlueCat Networks for reporting this issue. + [ISC-Bugs #1, !2 git 9ef78585440f568da2a2a0093a8c40c49118e292] + +- Corrected a compilation issue that occurred when building without DNS + update ability (e.g. by undefining NSUPDATE). + [ISC-Bugs, #16,!9 git #TBD] Changes since 4.4.0 (New Features) - none diff --git a/client/dhclient.c b/client/dhclient.c index 825ab00f..6828c676 100644 --- a/client/dhclient.c +++ b/client/dhclient.c @@ -3,7 +3,7 @@ DHCP Client. */ /* - * Copyright (c) 2004-2018 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 1995-2003 by Internet Software Consortium * * This Source Code Form is subject to the terms of the Mozilla Public @@ -120,8 +120,11 @@ static int check_domain_name_list(const char *ptr, size_t len, int dots); static int check_option_values(struct universe *universe, unsigned int opt, const char *ptr, size_t len); +#if defined(NSUPDATE) static void dhclient_ddns_cb_free(dhcp_ddns_cb_t *ddns_cb, char* file, int line); +#endif /* defined NSUPDATE */ + /*! * @@ -1573,7 +1576,8 @@ void bind_lease (client) #if defined (NSUPDATE) if (client->config->do_forward_update) dhclient_schedule_updates(client, &client->active->address, 1); -#endif +#endif /* defined NSUPDATE */ + } /* state_bound is called when we've successfully bound to a particular @@ -4799,7 +4803,8 @@ client_dns_remove(struct client_state *client, } } } -#endif +#endif /* defined NSUPDATE */ + isc_result_t dhcp_set_control_state (control_object_state_t oldstate, control_object_state_t newstate) @@ -4840,7 +4845,8 @@ isc_result_t dhcp_set_control_state (control_object_state_t oldstate, client_dns_remove(client, &client->active->address); } -#endif +#endif /* defined NSUPDATE */ + do_release (client); } break; @@ -5187,7 +5193,7 @@ dhclient_schedule_updates(struct client_state *client, piaddr(*addr)); } } -#endif +#endif /* defined NSUPDATE */ void dhcpv4_client_assignments(void) @@ -5382,6 +5388,7 @@ add_reject(struct packet *packet) { log_info("Server added to list of rejected servers."); } +#if defined(NSUPDATE) /* Wrapper function around common ddns_cb_free function that ensures * we set the client_state pointer to the control block to NULL. */ static void @@ -5395,6 +5402,7 @@ dhclient_ddns_cb_free(dhcp_ddns_cb_t *ddns_cb, char* file, int line) { ddns_cb_free(ddns_cb, file, line); } } +#endif /* defined NSUPDATE */ #if defined(DHCPv6) && defined(DHCP4o6) /* diff --git a/common/dns.c b/common/dns.c index bcebc635..5b097b69 100644 --- a/common/dns.c +++ b/common/dns.c @@ -3,7 +3,7 @@ Domain Name Service subroutines. */ /* - * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2019 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 2001-2003 by Internet Software Consortium * * This Source Code Form is subject to the terms of the Mozilla Public @@ -2047,7 +2047,7 @@ build_dsmm_fwd_add3(dhcp_ddns_cb_t *ddns_cb, * When we're In Dual Stack Mixed Mode and ddns-other-guard-is-dynamic is ON * we need only determine if a guard record of the other type exists, to know * if we can add/replace and address record of our type. In other words, - * the presence of a dynamic entry made belonging to the "other" stack means + * the presence of a dynamic entry belonging to the "other" stack means * all entries for this name should be dynamic and we overwrite an unguarded * address record of our type. * @@ -2073,6 +2073,25 @@ build_dsmm_fwd_add3_other(dhcp_ddns_cb_t *ddns_cb, log_call("build_fwd_add3_other", pname, uname); #endif /* Construct the prereq list */ + + // If ID matching is on, a result of NXRRSET from add2 means + // either there is no guard of my type, or there is but + // it does not match this client. We need to distinguish + // between those two cases here and only allow this add + // if there is no guard of my type. + if (ddns_cb->flags & DDNS_GUARD_ID_MUST_MATCH) { + /* No guard record of my type exists */ + result = make_dns_dataset(dns_rdataclass_none, + ddns_cb->dhcid_class, + dataspace, NULL, 0, 0); + if (result != ISC_R_SUCCESS) { + return(result); + } + + ISC_LIST_APPEND(pname->list, &dataspace->rdataset, link); + dataspace++; + } + /* A guard record of the other type exists */ result = make_dns_dataset(dns_rdataclass_any, ddns_cb->other_dhcid_class, diff --git a/includes/omapip/isclib.h b/includes/omapip/isclib.h index 538b927f..a93117c9 100644 --- a/includes/omapip/isclib.h +++ b/includes/omapip/isclib.h @@ -3,7 +3,7 @@ connections to the isc and dns libraries */ /* - * Copyright (c) 2009-2017 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2009-2019 by Internet Systems Consortium, Inc. ("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this @@ -141,6 +141,9 @@ void isclib_cleanup(void); void dhcp_signal_handler(int signal); extern int shutdown_signal; +#if defined (NSUPDATE) isc_result_t dns_client_init(); +#endif /* defined NSUPDATE */ + #endif /* ISCLIB_H */ diff --git a/omapip/isclib.c b/omapip/isclib.c index db3b8952..fe306b08 100644 --- a/omapip/isclib.c +++ b/omapip/isclib.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2009-2017 by Internet Systems Consortium, Inc.("ISC") + * Copyright(c) 2009-2019 by Internet Systems Consortium, Inc.("ISC") * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this @@ -82,7 +82,7 @@ dhcp_dns_client_setservers(void) } return (result); } -#endif +#endif /* defined NSUPDATE */ void isclib_cleanup(void) @@ -90,7 +90,7 @@ isclib_cleanup(void) #if defined (NSUPDATE) if (dhcp_gbl_ctx.dnsclient != NULL) dns_client_destroy((dns_client_t **)&dhcp_gbl_ctx.dnsclient); -#endif +#endif /* defined NSUPDATE */ if (dhcp_gbl_ctx.task != NULL) { isc_task_shutdown(dhcp_gbl_ctx.task); @@ -171,14 +171,14 @@ dhcp_context_create(int flags, result = dns_lib_init(); if (result != ISC_R_SUCCESS) goto cleanup; -#else +#else /* defined NSUPDATE */ /* The dst library is inited as part of dns_lib_init, we don't * need it if NSUPDATE is enabled */ result = dst_lib_init(dhcp_gbl_ctx.mctx, NULL, 0); if (result != ISC_R_SUCCESS) goto cleanup; -#endif +#endif /* defined NSUPDATE */ result = isc_appctx_create(dhcp_gbl_ctx.mctx, &dhcp_gbl_ctx.actx); @@ -246,7 +246,7 @@ dhcp_context_create(int flags, result = dns_client_init(); } } -#endif +#endif /* defined NSUPDATE */ return(ISC_R_SUCCESS); @@ -351,6 +351,7 @@ void dhcp_signal_handler(int signal) { } } +#if defined (NSUPDATE) isc_result_t dns_client_init() { isc_result_t result; if (dhcp_gbl_ctx.dnsclient == NULL) { @@ -387,3 +388,4 @@ isc_result_t dns_client_init() { return ISC_R_SUCCESS; } +#endif /* defined (NSUPDATE) */ |