diff options
-rw-r--r-- | RELNOTES | 5 | ||||
-rw-r--r-- | doc/References.html | 12 | ||||
-rw-r--r-- | doc/References.txt | 190 | ||||
-rw-r--r-- | doc/References.xml | 11 | ||||
-rw-r--r-- | server/mdb6.c | 9 |
5 files changed, 150 insertions, 77 deletions
@@ -61,6 +61,11 @@ work on other platforms. Please report any problems and suggested fixes to [ISC-Bugs #27078] CVE: CVE-2011-4868 +- Fixed the code that checks if an address the server is planning + to hand out is in a reserved range. This would appear as + the server being out of addresses in pools with particular ranges. + [ISC-Bugs #26498] + Changes since 4.2.2 - Fix the code that checks for an existing DDNS transaction to cancel diff --git a/doc/References.html b/doc/References.html index 9bf4dc47..b20b5aa9 100644 --- a/doc/References.html +++ b/doc/References.html @@ -145,7 +145,7 @@ <tr><td class="header">ISC-DHCP-REFERENCES</td><td class="header">D. Hankins</td></tr> <tr><td class="header"> </td><td class="header">T. Mrugalski</td></tr> <tr><td class="header"> </td><td class="header">ISC</td></tr> -<tr><td class="header"> </td><td class="header">May 20, 2011</td></tr> +<tr><td class="header"> </td><td class="header">January 04, 2012</td></tr> </table></td></tr></table> <h1><br />ISC DHCP References Collection</h1> @@ -740,6 +740,10 @@ DHCPv6 Protocol References</h3> <p>Precisely how to correctly support the above conundrums has not quite yet been settled, so support is incomplete. </p> +<p><a class='info' href='#RFC5453'>[RFC5453]<span> (</span><span class='info'>Krishnan, S., “Reserved IPv6 Interface Identifiers,” February 2009.</span><span>)</span></a> creates a registry at IANA to reserve + interface identifiers and specifies a starting set. These IIDs should + not be used when constructing addresses to avoid possible conflicts. +</p> <a name="anchor20"></a><br /><hr /> <table summary="layout" cellpadding="0" cellspacing="2" class="TOCbug" align="right"><tr><td class="TOCbug"><a href="#toc"> TOC </a></td></tr></table> <a name="rfc.section.6.2"></a><h3>6.2. @@ -974,14 +978,16 @@ References</h3> <td class="author-text">Zeng, S., Volz, B., Kinnear, K., and J. Brzozowski, “<a href="http://tools.ietf.org/html/rfc4994">DHCPv6 Relay Agent Echo Request Option</a>,” RFC 4994, September 2007 (<a href="http://www.rfc-editor.org/rfc/rfc4994.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="RFC5007">[RFC5007]</a></td> <td class="author-text">Brzozowski, J., Kinnear, K., Volz, B., and S. Zeng, “<a href="http://tools.ietf.org/html/rfc5007">DHCPv6 Leasequery</a>,” RFC 5007, September 2007 (<a href="http://www.rfc-editor.org/rfc/rfc5007.txt">TXT</a>).</td></tr> +<tr><td class="author-text" valign="top"><a name="RFC5453">[RFC5453]</a></td> +<td class="author-text">Krishnan, S., “<a href="http://tools.ietf.org/html/rfc5453">Reserved IPv6 Interface Identifiers</a>,” RFC 5453, February 2009 (<a href="http://www.rfc-editor.org/rfc/rfc5453.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="RFC5460">[RFC5460]</a></td> <td class="author-text">Stapp, M., “<a href="http://tools.ietf.org/html/rfc5460">DHCPv6 Bulk Leasequery</a>,” RFC 5460, February 2009 (<a href="http://www.rfc-editor.org/rfc/rfc5460.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="I-D.ietf-mif-dhcpv6-route-option">[I-D.ietf-mif-dhcpv6-route-option]</a></td> -<td class="author-text">Dec, W., Mrugalski, T., Sun, T., and B. Sarikaya, “<a href="http://tools.ietf.org/html/draft-ietf-mif-dhcpv6-route-option-01">DHCPv6 Route Option</a>,” draft-ietf-mif-dhcpv6-route-option-01 (work in progress), March 2011 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-mif-dhcpv6-route-option-01.txt">TXT</a>).</td></tr> +<td class="author-text">Dec, W., Mrugalski, T., Sun, T., and B. Sarikaya, “<a href="http://tools.ietf.org/html/draft-ietf-mif-dhcpv6-route-option-03">DHCPv6 Route Options</a>,” draft-ietf-mif-dhcpv6-route-option-03 (work in progress), September 2011 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-mif-dhcpv6-route-option-03.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="I-D.ietf-dhc-dhcpv6-ldra">[I-D.ietf-dhc-dhcpv6-ldra]</a></td> <td class="author-text">Miles, D., Ooghe, S., Dec, W., Krishnan, S., and A. Kavanagh, “<a href="http://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-ldra-03">Lightweight DHCPv6 Relay Agent</a>,” draft-ietf-dhc-dhcpv6-ldra-03 (work in progress), October 2010 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-dhc-dhcpv6-ldra-03.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="I-D.ietf-dhc-dhcpv6-relay-supplied-options">[I-D.ietf-dhc-dhcpv6-relay-supplied-options]</a></td> -<td class="author-text">Lemon, T. and W. Wu, “<a href="http://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-relay-supplied-options-06">Relay-Supplied DHCP Options</a>,” draft-ietf-dhc-dhcpv6-relay-supplied-options-06 (work in progress), May 2011 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-dhc-dhcpv6-relay-supplied-options-06.txt">TXT</a>).</td></tr> +<td class="author-text">Lemon, T. and W. Wu, “<a href="http://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-relay-supplied-options-09">Relay-Supplied DHCP Options</a>,” draft-ietf-dhc-dhcpv6-relay-supplied-options-09 (work in progress), September 2011 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-dhc-dhcpv6-relay-supplied-options-09.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="I-D.ietf-dhc-pd-exclude">[I-D.ietf-dhc-pd-exclude]</a></td> <td class="author-text">Korhonen, J., Savolainen, T., Krishnan, S., and O. Troan, “<a href="http://tools.ietf.org/html/draft-ietf-dhc-pd-exclude-01">Prefix Exclude Option for DHCPv6-based Prefix Delegation</a>,” draft-ietf-dhc-pd-exclude-01 (work in progress), January 2011 (<a href="http://www.ietf.org/internet-drafts/draft-ietf-dhc-pd-exclude-01.txt">TXT</a>).</td></tr> <tr><td class="author-text" valign="top"><a name="I-D.ietf-dhc-secure-dhcpv6">[I-D.ietf-dhc-secure-dhcpv6]</a></td> diff --git a/doc/References.txt b/doc/References.txt index 9d28f233..28727260 100644 --- a/doc/References.txt +++ b/doc/References.txt @@ -4,7 +4,7 @@ ISC-DHCP-REFERENCES D. Hankins T. Mrugalski ISC - May 20, 2011 + January 04, 2012 ISC DHCP References Collection @@ -54,7 +54,7 @@ Copyright Notice Hankins & Mrugalski [Page 1] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 Table of Contents @@ -110,7 +110,7 @@ Table of Contents Hankins & Mrugalski [Page 2] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 1. Introduction @@ -166,7 +166,7 @@ Hankins & Mrugalski [Page 2] Hankins & Mrugalski [Page 3] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 o To produce new externally-visible behaviour, one must first @@ -222,7 +222,7 @@ Hankins & Mrugalski [Page 3] Hankins & Mrugalski [Page 4] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 address yet) interface. @@ -278,7 +278,7 @@ Hankins & Mrugalski [Page 4] Hankins & Mrugalski [Page 5] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 now unicast without ARP by inserting an entry into the ARP cache @@ -334,7 +334,7 @@ Hankins & Mrugalski [Page 5] Hankins & Mrugalski [Page 6] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 5. DHCPv4 Protocol References @@ -390,7 +390,7 @@ Hankins & Mrugalski [Page 6] Hankins & Mrugalski [Page 7] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 RFC2485 [RFC2485] defines the Open Group's UAP option. @@ -446,7 +446,7 @@ Hankins & Mrugalski [Page 7] Hankins & Mrugalski [Page 8] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 5.2.1. Relay Agent Information Option Options @@ -502,7 +502,7 @@ Hankins & Mrugalski [Page 8] Hankins & Mrugalski [Page 9] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 this document was edited, and the authors no longer show any interest @@ -558,7 +558,7 @@ Hankins & Mrugalski [Page 9] Hankins & Mrugalski [Page 10] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 IA_NAs within one packet from the client, our client only supports @@ -586,6 +586,10 @@ Hankins & Mrugalski [Page 10] Precisely how to correctly support the above conundrums has not quite yet been settled, so support is incomplete. + [RFC5453] creates a registry at IANA to reserve interface identifiers + and specifies a starting set. These IIDs should not be used when + constructing addresses to avoid possible conflicts. + 6.2. DHCPv6 Options References [RFC3319] defines the SIP server options for DHCPv6. @@ -605,18 +609,19 @@ Hankins & Mrugalski [Page 10] [RFC4242] defines the Information Refresh Time option, which advises DHCPv6 Information-Request clients to return for updated information. - [RFC4280] defines two BCMS server options for each protocol family. - - [RFC4580] defines a DHCPv6 subscriber-id option, which is similar in - principle to the DHCPv4 relay agent option of the same name. Hankins & Mrugalski [Page 11] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + [RFC4280] defines two BCMS server options for each protocol family. + + [RFC4580] defines a DHCPv6 subscriber-id option, which is similar in + principle to the DHCPv4 relay agent option of the same name. + [RFC4649] defines a DHCPv6 remote-id option, which is similar in principle to the DHCPv4 relay agent remote-id. @@ -661,18 +666,17 @@ Hankins & Mrugalski [Page 11] [RFC2485] Drach, S., "DHCP Option for The Open Group's User Authentication Protocol", RFC 2485, January 1999. - [RFC2563] Troll, R., "DHCP Option to Disable Stateless Auto- - Configuration in IPv4 Clients", RFC 2563, May 1999. - - [RFC2610] Perkins, C. and E. Guttman, "DHCP Options for Service - Hankins & Mrugalski [Page 12] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + [RFC2563] Troll, R., "DHCP Option to Disable Stateless Auto- + Configuration in IPv4 Clients", RFC 2563, May 1999. + + [RFC2610] Perkins, C. and E. Guttman, "DHCP Options for Service Location Protocol", RFC 2610, June 1999. [RFC2855] Fujisawa, K., "DHCP for IEEE 1394", RFC 2855, June 2000. @@ -717,18 +721,18 @@ Hankins & Mrugalski [Page 12] November 2002. [RFC3397] Aboba, B. and S. Cheshire, "Dynamic Host Configuration - Protocol (DHCP) Domain Search Option", RFC 3397, - November 2002. - - [RFC3442] Lemon, T., Cheshire, S., and B. Volz, "The Classless Hankins & Mrugalski [Page 13] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + + Protocol (DHCP) Domain Search Option", RFC 3397, + November 2002. + [RFC3442] Lemon, T., Cheshire, S., and B. Volz, "The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version 4", RFC 3442, December 2002. @@ -773,17 +777,18 @@ Hankins & Mrugalski [Page 13] Suboption for the Dynamic Host Configuration Protocol (DHCP) Relay Agent Option", RFC 3993, March 2005. - [RFC4014] Droms, R. and J. Schnizlein, "Remote Authentication - Dial-In User Service (RADIUS) Attributes Suboption for the - Dynamic Host Configuration Protocol (DHCP) Relay Agent - Information Option", RFC 4014, February 2005. Hankins & Mrugalski [Page 14] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + + [RFC4014] Droms, R. and J. Schnizlein, "Remote Authentication + Dial-In User Service (RADIUS) Attributes Suboption for the + Dynamic Host Configuration Protocol (DHCP) Relay Agent + Information Option", RFC 4014, February 2005. [RFC4030] Stapp, M. and T. Lemon, "The Authentication Suboption for the Dynamic Host Configuration Protocol (DHCP) Relay Agent @@ -829,18 +834,17 @@ Hankins & Mrugalski [Page 14] Configuration Protocol (DHCP) Clients", RFC 4703, October 2006. - [RFC5010] Kinnear, K., Normoyle, M., and M. Stapp, "The Dynamic Host - Configuration Protocol Version 4 (DHCPv4) Relay Agent - Flags Suboption", RFC 5010, September 2007. - - Hankins & Mrugalski [Page 15] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + [RFC5010] Kinnear, K., Normoyle, M., and M. Stapp, "The Dynamic Host + Configuration Protocol Version 4 (DHCPv4) Relay Agent + Flags Suboption", RFC 5010, September 2007. + [RFC5071] Hankins, D., "Dynamic Host Configuration Protocol Options Used by PXELINUX", RFC 5071, December 2007. @@ -885,18 +889,19 @@ Hankins & Mrugalski [Page 15] draft-ietf-dhc-leasequery-by-remote-id-09 (work in progress), December 2010. - [I-D.ietf-dhc-relay-id-suboption] - Stapp, M., "The DHCPv4 Relay Agent Identifier Suboption", - draft-ietf-dhc-relay-id-suboption-07 (work in progress), - July 2009. Hankins & Mrugalski [Page 16] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + [I-D.ietf-dhc-relay-id-suboption] + Stapp, M., "The DHCPv4 Relay Agent Identifier Suboption", + draft-ietf-dhc-relay-id-suboption-07 (work in progress), + July 2009. + [I-D.ietf-mip6-hiopt] Jang, H., Yegin, A., Chowdhury, K., and J. Choi, "DHCP Options for Home Information Discovery in MIPv6", @@ -941,18 +946,17 @@ Hankins & Mrugalski [Page 16] Location Information Server (LIS)", RFC 5986, September 2010. - [I-D.ietf-dhc-vpn-option] - Kinnear, K., Johnson, R., and M. Stapp, "Virtual Subnet - Selection Options for DHCPv4 and DHCPv6", - draft-ietf-dhc-vpn-option-12 (work in progress), - Hankins & Mrugalski [Page 17] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + [I-D.ietf-dhc-vpn-option] + Kinnear, K., Johnson, R., and M. Stapp, "Virtual Subnet + Selection Options for DHCPv4 and DHCPv6", + draft-ietf-dhc-vpn-option-12 (work in progress), October 2010. 7.3. Published DHCPv6 References @@ -997,18 +1001,18 @@ Hankins & Mrugalski [Page 17] [RFC4649] Volz, B., "Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Relay Agent Remote-ID Option", RFC 4649, - August 2006. - - [RFC4704] Volz, B., "The Dynamic Host Configuration Protocol for - IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN) Hankins & Mrugalski [Page 18] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + August 2006. + + [RFC4704] Volz, B., "The Dynamic Host Configuration Protocol for + IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN) Option", RFC 4704, October 2006. [RFC4994] Zeng, S., Volz, B., Kinnear, K., and J. Brzozowski, @@ -1018,13 +1022,16 @@ Hankins & Mrugalski [Page 18] [RFC5007] Brzozowski, J., Kinnear, K., Volz, B., and S. Zeng, "DHCPv6 Leasequery", RFC 5007, September 2007. + [RFC5453] Krishnan, S., "Reserved IPv6 Interface Identifiers", + RFC 5453, February 2009. + [RFC5460] Stapp, M., "DHCPv6 Bulk Leasequery", RFC 5460, February 2009. [I-D.ietf-mif-dhcpv6-route-option] Dec, W., Mrugalski, T., Sun, T., and B. Sarikaya, "DHCPv6 - Route Option", draft-ietf-mif-dhcpv6-route-option-01 (work - in progress), March 2011. + Route Options", draft-ietf-mif-dhcpv6-route-option-03 + (work in progress), September 2011. [I-D.ietf-dhc-dhcpv6-ldra] Miles, D., Ooghe, S., Dec, W., Krishnan, S., and A. @@ -1034,8 +1041,8 @@ Hankins & Mrugalski [Page 18] [I-D.ietf-dhc-dhcpv6-relay-supplied-options] Lemon, T. and W. Wu, "Relay-Supplied DHCP Options", - draft-ietf-dhc-dhcpv6-relay-supplied-options-06 (work in - progress), May 2011. + draft-ietf-dhc-dhcpv6-relay-supplied-options-09 (work in + progress), September 2011. [I-D.ietf-dhc-pd-exclude] Korhonen, J., Savolainen, T., Krishnan, S., and O. Troan, @@ -1050,21 +1057,21 @@ Hankins & Mrugalski [Page 18] [I-D.ietf-mext-nemo-pd] Droms, R., Thubert, P., Dupont, F., Haddad, W., and C. - Bernardos, "DHCPv6 Prefix Delegation for NEMO", - draft-ietf-mext-nemo-pd-07 (work in progress), - December 2010. - - [I-D.ietf-dhc-duid-uuid] - Narten, T. and J. Johnson, "Definition of the UUID-based - DHCPv6 Unique Identifier (DUID-UUID)", Hankins & Mrugalski [Page 19] - ISC DHCP References Collection May 2011 + ISC DHCP References Collection January 2012 + Bernardos, "DHCPv6 Prefix Delegation for NEMO", + draft-ietf-mext-nemo-pd-07 (work in progress), + December 2010. + + [I-D.ietf-dhc-duid-uuid] + Narten, T. and J. Johnson, "Definition of the UUID-based + DHCPv6 Unique Identifier (DUID-UUID)", draft-ietf-dhc-duid-uuid-03 (work in progress), February 2011. @@ -1100,6 +1107,20 @@ Authors' Addresses Redwood City, CA 94063 + + + + + + + + + +Hankins & Mrugalski [Page 20] + + ISC DHCP References Collection January 2012 + + Tomasz Mrugalski Internet Systems Consortium, Inc. 950 Charter Street @@ -1116,5 +1137,40 @@ Authors' Addresses -Hankins & Mrugalski [Page 20] + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Hankins & Mrugalski [Page 21] diff --git a/doc/References.xml b/doc/References.xml index a51b83e8..11df518e 100644 --- a/doc/References.xml +++ b/doc/References.xml @@ -1,6 +1,6 @@ <?xml version='1.0' ?> -<!-- $Id: References.xml,v 1.7 2011/07/05 16:54:53 sar Exp $ --> +<!-- $Id: References.xml,v 1.8 2012/01/05 00:03:17 sar Exp $ --> <?rfc private="ISC-DHCP-REFERENCES" ?> @@ -92,6 +92,8 @@ 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4702.xml'> <!ENTITY rfc4703 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4703.xml'> + <!ENTITY rfc5453 PUBLIC '' + 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5453.xml'> ]> @@ -133,7 +135,7 @@ </address> </author> - <date day="20" month="May" year="2011"/> + <date day="04" month="January" year="2012"/> <keyword>ISC</keyword> <keyword>DHCP</keyword> @@ -610,6 +612,10 @@ <t>Precisely how to correctly support the above conundrums has not quite yet been settled, so support is incomplete.</t> + + <t><xref target="RFC5453"/> creates a registry at IANA to reserve + interface identifiers and specifies a starting set. These IIDs should + not be used when constructing addresses to avoid possible conflicts.</t> </section> <section title="DHCPv6 Options References"> @@ -760,6 +766,7 @@ <?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.4704'?> <?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.4994'?> <?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.5007'?> + <?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.5453'?> <?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.5460'?> <?rfc include='http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-mif-dhcpv6-route-option'?> <?rfc include='http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-dhc-dhcpv6-ldra'?> diff --git a/server/mdb6.c b/server/mdb6.c index 1925be00..d08016af 100644 --- a/server/mdb6.c +++ b/server/mdb6.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2007-2011 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2007-2012 by Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -808,15 +808,14 @@ create_lease6(struct ipv6_pool *pool, struct iasubopt **addr, } /* - * Avoid reserved interface IDs. - * (cf. draft-krishnan-ipv6-reserved-iids-02.txt) + * Avoid reserved interface IDs. (cf. RFC 5453) */ reserved_iid = ISC_FALSE; - if (memcmp(&tmp.s6_addr[8], &rtany, 8) == 0) { + if (memcmp(&tmp.s6_addr[8], &rtany.s6_addr[8], 8) == 0) { reserved_iid = ISC_TRUE; } if (!reserved_iid && - (memcmp(&tmp.s6_addr[8], &resany, 7) == 0) && + (memcmp(&tmp.s6_addr[8], &resany.s6_addr[8], 7) == 0) && ((tmp.s6_addr[15] & 0x80) == 0x80)) { reserved_iid = ISC_TRUE; } |