* Fix an unaligned access error on BeagleBone Black with FreeBSD.
Thanks to Guy Yur for the patch.
* Remove the fast loop trying to up an interface which does not
report carrier.
* Remove vis based encoding - instead validate against option type and
stop at invalid [1]
This removes all shell escaped encoding - dhcpcd will assume that IF
the --script option is a shell, it will quote variables correctly.
The stock dhcpcd-run-hooks does.
* dhcpcd -V now prints how the variables will be decoded.
* Changed some options in dhcpcd-definitions.conf to more sensible defaults.
* Don't daemonise on delegated address dad.
* Don't drop delegated reject route when forking.
* Fix IPv6 handling of link-local addresses on KAME stacks.
* Work on OpenBSD-5.6 without any special interface setup needed.
* Callout to handlecarrier when we don't have real carrier support and
rely on looking at IFF_UP and IFF_RUNNING.
This allows our hooks to know that dhcpcd thinks we have a carrier or not.
[1] DHCP option encodings defined in dhcpcd-definitions.conf
* domain (RFC3397)/dname (string) is strict domain name allowance
(ie, [alnum] with _- (but not at the start or end))
* string is now printable ascii (1-127) until invalid
* ascii is all ascii (1-127) until invalid
* raw is all chars (1-255) until NUL
* binhex is a hex representation of the option including embedded NULs
* ssid is still escpaed octal because it's expected to be human readable
AND can technically be all NUL
* everything else has strict option -> value encoding
* Detect removal of IPv6 routes
* Don't add link-local addresses to POINTOPOINT interfaces
* Don't discard expired DHCPv6 leases when dumping them
* If a DHCPv6 lease has no timers, expire it right away
* Report delegated addresses
* Call dhcpcd-run-hooks correctly when delegated prefixes already exist
* Fix a memory error when ia_* config exists but IPv6 is disabled
* Ensure servername and bootfile are safely exported
* Sanitise the following characters using svis(3) with VIS_CTYLE and
VIS_OCTAL:
| ^ & ; < > ( ) $ ` \ " ' <tab> <newline>
This allows a non buggy unvis(1) to decode it 100% and stays compatible
with how dhcpcd used to handle encoding on most platforms.
For systems that supply svis(3) there is a code reduction, for systems
that do not, a slight code increase. This change mitigates systems
affected by bash CVE-2014-6271 and CVE-2014-7169.
* Many bounds checking fixes from Tobias Stoeckmann
* Improve error when the authentication token cannot be found
* close the IPv4 specific UDP socket when done sending
* Implemented a write queue to the control sockets
* Only send interfaces to control sockets when in a BOUND state
* Add a sample controlgroup directive to dhcpcd.conf to make setup easier
* Add variables if_oneup and if_ipwaited so hook scripts know the overall
state of dhcpcd better
* Pass RC_SVCNAME from enviromment to hooks so that a service hook can
know it's name (may not be dhcpcd)
* Document every variable set for dhcpcd-run-hooks(8)
* Allow SSIDs with non printable characters to be used in ssid selection
in dhcpcd.conf
* Add an unprivileged control socket so that normal users can obtain
dhcpcd running state
* Correct DHCPv6 Prefix Delegation option decoding
* Poll interfaces on BSD for IFF_RUNNING if link state cannot be obtained
* Check for an IA to use in DHCPv6 lease validation
* Warn about exceeding IDGEN_RETRIES when a stable private address cannot
be obtained
* Fix DHCP option overload handling, thanks to Tobias Stoeckmann
* If just given a domain and no search list, make the search list the domain
* Skip arpping directives if we have a profile but not parsing one
* Allow the request of a DHCPv6 address or prefix, a prefix length must be
specified
* Add the ability to dump DHCPv6 leases
* Improve startup with regards to carrier checking and adding a link-local
IPv6 address
* Start the correct interface reference for added devices
* Support
http://datatracker.ietf.org/doc/draft-ietf-dhc-dhcpv6-stateful-issues-06
via the ia_pd_mix option
* Fix link handling where kernel reported flags in LINK_UP may not be
valid when we actually process them
* Fix defining new options in dhcpcd.conf and requesting them
* Fix a potential segfault when reloading configurations
* Print user defined options via -V
* Add support for RFC6603, Prefix Exclude option
* When requesting a IA_PD and another IA type, create a psuedo interface
to handle the IA_PD
* Handle truncated DHCPv6 saved leases
* Only fork when the RA has a RDNSS option AND a valid prefix OR no DHCPv6 instruction.
* Handle BSD per interface rtadv kernel flag.
* Add a reject route for the delegated prefix so that unassigned prefixes don't go back upstream.
* If not specified, Delegated Prefixes will get an automatic SLA of the interface index. If the biggest SLA and the assigned prefix fits into a /64 then dhcpcd creates a /64 prefix so that SLAAC works. If bigger than /64 is needed then dhcpcd creates one rounded upto the nearest multiple of 8. Unless a configured SLA of 0 is assigned, a reject route for the Delegated Prefix is installed to stop unassigned addresses trying to be resolved upstream. Addresses added from Delegated Prefixes now have a default address suffix of 1 instead of using a SLAAC style address.
* Don't spam timezone updates unless its actually changed.
* Support ND6_IFF_OVERRIDE_RTADV on BSD.
* Document why we don't send both FQDN and hostname options.
* Respect RFC4861 MAX_RTR_SOLICITATION_DELAY as specified in section 6.3.7.
* RFC2131 section 4.4.1 states the client SHOULD wait a random time between one and ten seconds to desynchronize the use of DHCP at startup. Instead we wait a random time between zero and one second to mirror the more modern IPv6RS and DHCPv6 standards unless overridden by defining RFC2131_STRICT.
* Always send a carrier as it's no longer encapsulated in the IPv4 stack. When stopping and not departed, run with the STOPPED reason but do not process it in hooks.
* Poll kernel neighbour reachability (SIOCGNBRINFO_IN6) for each router instead of sending and listening for Neighbour Soliciation/Advertisement packets. The kernel is privy to a lot more reachability information than userland is.
* Ensure that ND6_IFF_PERFORMNUD is set.
* controlgroup option changes group ownership of the control socket.
* Should use arc4random_uniform when wanting a randon number between 1 and N. Improve the compat arc4random function a little and re-stir on fork.
* -4 and -6 are now mutually exclusive and when running on a single interface per protocol pidfiles are created. This means that other control options suchs as -x and -n will require the -4 or -6 option as well.
* Implement Stable Private Addresses for SLAAC as per RFC7217. Enable this as default in dhcpcd.conf.
* Log error condition if a new or changed Router Advertisment to avoid spamming the log.
* Add an IPv6 link-local address before upping the interface if needed. Bring an interface up when we start it and not during discovery. As such, stop waiting on carrier for a second if we did.
* Add gateway option to enable the gateway or an interface/profile. Ensure the option and require options disable the nooption option - last wins.
* Restarting ntp/yp are not critical and their initialisation continues in the background as well so we may as well background the restart commands for faster dhcpcd performance.
* Improvements to autoconf build emulation
* CARRIER/NOCARRIER are now run outside of the IPv4 runs
* validate domains correctly which contain a - on non bash shells
* don't remove IPv6 addresses from internal state when added as tentative
* HUP now rebinds, ALRM now releases - the -x and -k flags work as
they used to
* Add -M, --master option to force dhcpcd into master mode even if one
interface is specified on the command line
* Fix a crash when receiving a reconfigure key
* Dumping a DHCPv4 lease works again
* SEND_DAD code removed
* hoplimit is no longer defined for DHCPv6 messages
* hoplimit of 255 for IPv6 RS/ND message is now defined at the socket
instead of ancillary data with the message
* IAID must be inside an interface block.
* Detect IPv6 address flags on Linux.
* Check that we have ctrl_interface defined in wpa_supplicant.conf and pass this parameter to wpa_cli(8). If not set, warn about not interacting with wpa_supplicant(8).
* Skip Virtual Interface Masters. Currently this only applies to FreeBSD VAP masters as dhcpcd should only work on wlandev created clones.
* Fix handling of ARP failures, thanks to Sebastian Huber.
* Implement RFC 1321 MD5 Message-Digest if not provided in libc.
* Implement RFC 2104 HMAC Keyed Hashing.
* Implement RFC 3118 Authentication for DHCP Messages and RFC 3315 Authentication options.
* Add nodhcp and nodhcp6 directives. Thanks to Sebastian Huber for the initial patch and testing.
* Implement support for RFC 3203, FORCERENEW message.
* Implement Force Renew Nonce Capability option, RFC6704
* Support RECONFIGURE DHCPv6 messages.
* Add support for DHCP auto configuration, RFC 2563.
* Add support for the following RFCs
+ DHCP SLP Directory Agent, RFC2610
+ DHCP Name Service Search, RFC2937
+ DHCP PANA Authentication Agent, RFC5192
+ DHCP Lost Server, RFC5223
+ DHCP CAPWAP, RFC5417
+ DHCP Mobility Services, RFC5678
+ DHCP SIP UA, RFC6011
+ DHCP ANDSF, RFC6153
+ DHCP RDNSS Selection for MIF Nodes, RFC6731
+ DHCP TFTP Server Address, RFC5859
+ DHCP PXELINUX, RFC5071
+ DHCP Access Network Domain Name, RFC5986
+ DHCP Virtual Subnet Selection, RFC6607
+ DHCP Relay Agent Remote-ID, RFC4649
+ DHCP Relay Agent Subscriber-ID, RFC4580
+ DHCPv6 Relay-ID, RFC5460
+ DHCPv6 LIS Discovery, RFC5986
+ DHCPv6 SIP UA, RFC6011
+ DHCPv6 Network Boot, RFC5970
+ DHCPv6 Home Info Discovery in MIPv6, RFC6610
+ DHCPv6 RDNSS Selection for MIF Nodes, RFC6731
+ DHCPv6 Kerberos, RFC6784
+ DHCPv6 Relay-Triggered Reconfiguration, RFC6977
+ DHCPv6 SOL_MAX_RT, RFC7083
* Open UDP sockets for *.*.*.*:bootpc and $ip_address:bootpc to avoid kernel ICMP unreachable messages
* Moved global variables into context variables so dhcpcd is entirely thread safe.
dhcpcd doens't use threads, but it can now be used in a pure threads (ie no process) environment.
* Remove DEBUG_MEMORY guard and always free memory and resources. Remove all atexit(3) and exit(3) calls, instead exiting via the eloop.
* Replace get_line with sscanf where applicable.
* Remove custom set_cloexec and set_nonblock functions. Instead pass O_CLOEXEC or SOCK_CLOEXEC to open, socket, etc.
* Don't use PATH_MAX - we already know the maximum length from the initial directory and IF_NAMESIZE.
* Add a USE_SIGNALS define. If we're not using signals then we also create a control socket in the non MASTER case. We then use this to communicate instead of signals.
* Fix arping moving to the next test if we find the IP address but do not have a profile for it. Thanks to David McGurty for the analysis.
* Respect initial commandline arguments when rebooting via a signal.
* on BSD only flush RA routers and prefixes when trying to own them.
* Mark some data locations as read only and fix a build issue.
* Fix some possible NULL dereferences, CID 1153963.
* Fix CID: 1153964 and 1153966
* Add support for RFC3495 DHCP option for CableLabs Clients.
Note that for the TSP suboption 3 we only support the FQDN encoding.
* Init system detection moved to dhcpcd-run-hooks(8)
* Fix compile errors and warnings with IPv6 disabled.
* Fix NAK backoff when a server NAKs a REQUEST after a DISCOVER.
* Fix IPv6 ICMP filtering on Android (RS/RA now works)
* Fix sending of DHCPv6 FQDN when only hostname specified
* Add support for RFC3925 Vendor-Identifying Vendor Options
* Remove hard coded DHCP/DHCPv6 options and embed dhcpcd-definitions.conf.
This actually results in a slightly smaller binary than before and has the added advantage that the option definitions are now all held within one file.
* Change IAID to default from the last 4 bytes of the MAC address.
Rationale in the commit, but in a nutshell it allows for a stable IAID between reboots without persistent storage and across different OS's who name or number it differently to each other.
* RFC4242, Information Refresh Time Option for DHCPv6.
* Fix processing of inet4 addr in vendor options and terminate correctly.
* Preserve vendor encapsulated options.
* Fix renewal of Prefix Delegation. Only spam the log if a lease has a new address or changes the vltime of an existing address.
* Add noipv4 and noipv6 options.
* Warn about missing interfaces which require prefix delegation.
* If we timeout, remove any waitip config so that we daemonise correctly.
* Remove the IPv6 forwarding router check as valid use cases exist where you would want IPv6 RS/RA on a router.
* Pass the correct run directory to dhcpcd-run-hooks
* Fixed a segfault when configuring a static route in dhcpcd.conf
* Merged IPv6 ND and RA codebases
* Persistent configuration is now a default option in dhcpcd.conf
* Store configured IPv4 addresses against the interface so we only add
them if actually missing to avoid RTM_DELADDR/NEWADDR loops on some OS's
* waitip now supports waiting for any, IPv4, IPv6 or both protocols
* DHCPv6 addresses are added with a /128 prefix and should not attempt to
associate with any existing prefix or make one up as per RFC 5942
* Fix initial carrier status
* Fix requesting >1 DHCPv6 address
Fixes PR bin/48140
* hostname is not stamped on anymore if already set
* hostname will be set to a FQDN when possible as per RFC4702 section 3.1
* a domain is derived from the FQDN if no domain option is set
* add new hostname_short command to send a short hostname for DDNS
* hostname_fqdn is now documented, along with a new server setting and the
potential problems associated with it
* the FQDN option is no longer sent by default for DHCPv4 messages
* dhcpcd will now assign a short hostname by default
To use a FQDN hostname, set this in dhcpcd.conf(5)
env hostname_fqdn=YES
* Only start DHCPv6 if the RA is new or has changed
* Fixed dhcpcd owning RA addressing and routes if disabled in kernel
* DHCPv6 support
* wpa_supplicant hook script
* route IPv4 addresses to 127.0.0.1 for machine centric traffic
* DHCPv6 Prefix Delegation support
* DHCPv6 FQDN support
* Control existing IPv4 routes
* less spamy to syslog by default
* IPv6 protocols now wait for a valid LL address before starting
* IPv6 DAD support now listens to kernel for more accurate timings
* IPv4 code split out more cleanly so dhcpcd can be compiled for
IPv4, IPv6 or IPv4 AND IPv6
* MTU is no longer requested by default
* a DUID is now generated in /etc/dhcpcd.duid and this is used as a
client ID for DHCPv4 and DHCPv6
This does mean that you may get new DHCPv4 addresses
Many bugs have also been fixed along the way and this release addresses
the following PR's
PR bin/47364
PR bin/47502
PR bin/47666
PR bin/47699
PR bin/47775
PR bin/47776
* Preserve space in static routes on the command line.
* Check correct interface the RAP came from; fixes PR bin/47433 thanks to
Taylor R Campbell
* Ensure the nooption works for IPv4 routes
* add interface scope to exported IPv6 link local addresses
* DUID feature works again
* If we receive >1 MTU in the RA we use the last one
* Expire RA options separately from the RA
* Merge multiple RA options together except when a single is needed
* Some memory leaks plugged
* Don't overwrite invalid memory when DNSSL options begin with a NULL
* Ensure we have a large enough buffer for an escaped DNSSL option from RA
Disable kernel RA earlier on Linux
* Don't set if_up or if_down as true when testing
* ra%d_prefix is now a space separated array of the finished address/len
* If we fail to open sockets, don't bother sending the request
* Send our NS solicitation directly to the router
* Change the NS times so that we assume reachable until the reachable time
expires, then send probes at retrans intervals until
DELAY_FIRST_PROBE_TIME is reached at which point we expire the router
* Remove -v from --version in usage
* Only add our own host or destination routes to the build table when we
are adding gateways
* Ensure we have correct memory allocation for each prefix in the RA
Improve IPv6 RA support by allowing dhcpcd to manage addreses and
routes instead of the kernel. dhcpcd will only do this if RA has been
disabled in the kernel or instructed to do so via the dhcpcd.conf(5)
ipv6ra_own and/or ipv6ra_owndefault directives.
Send and process IPv6 Neighbor Solicitions and Adverts to prove router
reachability. If a router cannot be reached in this way then it is
expired.
* Add a suffix to all our config files so that RA never stamps on IPv4
* All valgrind errors fixed on FreeBSD (with ./configure --debug=YES)
* When started with an interface list, respect that with signal handling
* Fix a potential route table corruption if we failed to add a route
New sentence, new line.
Sort options and option descriptions.
Sort SEE ALSO.
Use Fl Fl for long options.
Comment out --version description which binary doesn't support.
* We store the RA against the interface so we can do a comparsion
so we don't spam the log frequently.
* By default only fork on RA if it has a valid RDNSS option
* Add .Lk macros to the man pages
* Use correct event loop calls in RA handling code
* Fix several memory overrun issues
* Use CSR more than once
* Allow operation on Bridge and VLAN interfaces
* Disregard IFF_RUNNING on link state changes
* Warn about the kernel not configured for IPv6 RAs instead of
complaining it can't send messages
OK: releng@
* Stop checking IFF_RUNNING in RTM_IFINFO in an unknown link state
* RA expiry now tiggers off the first option if newer than the prefix
* Prefer a DHCP lease over an IPv4LL one
* Don't start IPv6 RS if disabled globally
* Allow dhcpcd to run on a read only filesystem
* Don't attempt to run the script if an empty string or /dev/null
* Stop truncating the netmask sockaddr on routing messages for BSD
* Shell portability fixes, including proper printf usage.
* Detect a valid ntp.conf before adjusting it
* reboot timeout changed to 5 seconds
* When rebooting and not daemonized, reduce the discover timeout
to allow for fallback or IPv4LL
* Respect each kernel carrier message
* Optimize some bitwise logic
* Don't remove interfaces for which commands have not been sent
* Store the assigned metric to each route so that we can change metrics on the fly
dhcpcd -n --metric 100 iwi0
* Add SixRD support, RFC5969
* Fix SIP server support
* Only regen resolv.conf if it has changed
* Fix --reconfigure from spinning
* Add IPv6 Router Solicitation support we regards to RDNSS and DNSSL, RFC6016
* 20-resolv.conf now uses the correct variable for $IF_METRIC
* Exclude interface values when dumping the lease
* Parse static value subnet_mask when it exists instead of deriving from
ip address
* logger calls now resemble dhcpcd calls to syslog(3)
* Reject offered IP address if INADDR_BROADCAST or INADDR_ANY
* Change the route if source address has changed
* Note the address we are requesting in the broadcast log entry
* When operating on one interface, respect the timeout for in dhcpcd.conf
* Escape | and & characters before passing the value to the shell
Ensure we set a valid hostname, DNS domain and NIS domain.
Document the need for input validation in dhcpcd-run-hooks(8).
Fixes CVE-2011-996
Based on a patch to dhcpcd-3 by Marius Tomaschewski <mt@suse.de>
* syntax in 50-ypbind hook has been fixed
* man page corrections
* report hwaddr used by dhcpcd when debug is enabled
* Fix detecting inet address for INFORM support
* document reason RELEASE in dhcpcd-run-hooks
* Support RTM_CHGADDR in the upcoming NetBSD-6
This is used to work out if the hwaddr has changed as the interface
does not go down/up unlike other OSes
* ntp hook no longer attempts to restart ntpd if 1st attempt failed
* Use dynamically sized buffers for reading kernel link events
* Use the active link address
* Added option to dump a lease to stdout
* TEST mode now works correctly if an old lease is NAKed
* routes with the gateway = leased ip are now treated as host routes
* Fix crash when using clientid and the interface re-configures
* log the pid of dhcpcd
* Indicate server IP received message from even if server ID not
present
* Fix crashes on IPv4LL failure and add more logging
* VendorID is now dhcpcd-$version:$OS-$version:$machine:$platform
* IPv4LL address range can now be used in DHCP requests
* sysctl net.ipv4.conf.$iface.promote_secondaries enabled on Linux
This resolves a long standing issue of changing ip on the same subnet.
* IPv4LL correctly resets the DHCP timer.
* -H, --xidhwaddr uses the last 4 bytes of the hardware address as
the DHCP xid
* -J, --broadcast tells the DHCP server to broadcast replies
* no longer warn about InfiniBand being an unsupported family
* infinite lease times are valid when reading old leases
* discard address correctly if lease is invalid
Changes from dhcpcd-5.1.3 include:
* dhcpcd logs even in quiet mode.
* Sleep for 1/100th of a second to give time for kernel to send RELEASE.
* -S option now works.
* Only warn about using CSR on bind.
* waitip is enabled when running on a single interface.
* Classless Static Routes are now enabled by default in dhcpcd.conf
instead of being always being requested.