NetBSD/usr.sbin/dhcp/RELNOTES

681 lines
24 KiB
Plaintext

Internet Software Consortium
Dynamic Host Configuration Protocol Distribution
Version 2, Beta 1, Patchlevel 25
April 9, 1999
Release Notes
This is the first Beta release of Version 2 of the Internet Software
Consortium DHCP Distribution. This beta is believed to be fairly
stable.
PLANS
Version 1 of the ISC DHCP Distribution includes just a DHCP Server.
Version 1 has been in feature freeze since late 1996, and is quite
stable. This is the release that we would expect very conservative
sites to run in production, but it is no longer recommended.
Version 2 of the ISC DHCP Distribution adds a DHCP Client and a
DHCP/BOOTP Relay Agent to the DHCP Server that was offered in version
1.0. In addition, some new capabilities have been added to the
server:
- IP addresses are now tested before they are assigned to
clients. This allows the DHCP server to detect rogue
machines that may have hijacked IP addresses before an IP
address conflict can occur.
- The server may be configured so that some DHCP clients can
be excluded from booting.
- Improved NAKing behaviour, so that clients that are using
addresses other than the one the server knows they should be
using are disciplined quickly.
This version has been in a near feature freeze since January of 1998,
has been in Beta test since then, and is planned for final release in
mid-1999. It has a number of important features, and is the release
that we would expect most sites to run. It is possible to run the
Version 1 server with the Version 2 client at sites that want to be
really conservative.
Version 3 of the ISC DHCP Distribution will add conditional behaviour,
client classing, Dynamic DNS Support, DHCPv4 16-bit option codes,
asynchronous DNS query resolution, DHCP Authentication, and possibly
support for a DHCP Interserver Protocol and live querying of the DHCP
database. Currently, only client classing and conditional behaviour
have been implemented - the DNS code is waiting for an enhanced DNS
resolver. The code has gone through a major internal restructuring
which will help to support wider option codes, and possibly IPv6, as
well as a more sensible memory allocation strategy. This release is
running in producion at the ISC, but is not expected to be stable in
the near future, and is intended for sites that are in a position to
experiment, or for sites that desperately need the new features.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 24
- D'oh! Fix a really stupid mistake in hash.c.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 23
- Support an always-reply-rfc1048 flag, which says to reply with an
RFC1048-style vendor extensions buffer even if the client didn't
send an RFC1048-style magic number.
- Fix a null pointer dereference.
- Use netmask from subnet if no netmask option specified.
- IRIX support (thanks to Don Badrak).
- Install unformatted manual pages on Linux.
- Add note in README about zcat vs. gzcat on BSD/os.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 22
- Test for lease before dereferencing it in dhcprequest.
- Free the client parameter request list in dhcpnak if there is one.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 21
- Fix a pasto in options.c that will cause a core dump whenever a
client sends in a request without a parameter request list.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 20
- Actually do the client fix mentioned below - Patchlevel 20 only contained
half of the fix.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 19
- Removed arp table clearing code from solaris client script.
- Document Linux "protocol not configured" error more thoroughly.
- Clean up some unused variables.
- Add entry and exit hooks to all dhcp client scripts, along with a
make_resolv_conf function that can be redefined in the entry hooks.
Document this new feature set.
- Fix client to take advantage of network APIs that allow it to
receive a unicast instead of requesting that the DHCP server
broadcast its response.
- Add -pf flag to all daemons allowing user to specify PID file name
on command line.
- Undo a previous change that attempted to be clever about testing
interface flags but wound up being stupid instead.
- Enforce access control on DHCPREQUEST messages as well as
DHCPDISCOVER messages.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 18
- Support added for AIX 4.1.5.0 (and hopefully other versions).
- Use /var/run instead of /etc on Digital Unix.
- Change DHCP client exponential backoff code to back off more slowly,
so that it is more robust in lossy environments, at the expense of
being a bit less polite to the server.
- Don't request a specific lease interval in the client unless the
user says to do so.
- Don't print DHCPXXX in wrong xxx messages unless DEBUG is defined.
- Fix handling of secs field.
- Fix handling of append statement.
- Fix documentation for append and prepend statements.
- Fix server support for parameter request list and maximum message
size.
- Parameterize more hardware types in discover_interfaces. Check for
IFF_BROADCAST instead of !IFF_POINTOPOINT
- Print kernel configuration warning message if we get EINVAL when
opening or configuring the Linux packet filter.
- Fix a bug in UDP checksum code (thanks to John Nemeth for figuring
this out) and re-enable UDP checksumming. This allows the client
to work with some buggy DHCP servers that can't handle zero
checksums in the UDP header - in particular, the one John's cable
modem ISP is using.
- Don't report packet header checksum errors unless we see a lot of
them. It's perfectly normal for some number of checksum errors to
occur.
- Refer to the dhcpd.leases man page when printing an error message
prior to exiting because there's no lease database.
- Add information to the README telling the reader how to get to the
manual pages.
- Fix the server packet transmission code to unicast when it can.
- Fix a typo in the dhcpd.conf manual page.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 17
- Fix a bug in the relay agent where messages to the client would be
unicast in the IP header but broadcast in the link header. The
Microsoft DHCP client would reject such packets, preventing it from
being configured. This was only a problem on non-socket-API
platforms.
- Do not attempt to reclaim requested abandoned leases in response to
DHCPDISCOVER messages.
- Allow the maximum lease time parameter in a host declaration to
override the maximum lease time parameter in a subnet declaration.
- Better document the -p flag for dhclient, dhcrelay and dhcpd.
- Apply John Wehle's patch to fix the endianness bug in the dlpi
packet filter on Solaris.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 16
- Fix linux man page install location.
- Fix some confusion in the dhclient-script man page.
- Fix error in includes/cf/linux.h that would have made network API
selections in site.h work incorrectly.
- Fix some major stupidity in the code that figures out where or not a
client owns a particular lease.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 15
- Fix Makefile.conf on Linux to refer to /var/state/dhcp instead of
/var/state/dhcpd.
- Eliminate redundant #defines in includes/cf/linux.h (for neatness).
- Fix an obscure case where dhcpd is started by the /etc/rc system
with exactly the same pid each time, dhcpd.pid is not erased on
reboot, and therefore dhcpd would detect a server (itself) with the
pid in dhcpd.pid and decide that another server was running and
exit.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 14
- Install the dhcp databases in /var/state/dhcp instead of /etc or
/var/dhcpd, as suggested in the Linux Filesystem Hierarchy
Standard.
- Fix an endianness bug in dlpi.c. As a consequence, make the
Solaris/i386 use dlpi again.
- Fix a bunch of bugs in the Solaris client script.
- Add some more information about Solaris to the README file.
- Adjust startup message in interface probe so that the relay agent
and client's unattached status will not trigger questions.
- Update some error messages to provide more help to new users for
some common mistakes.
- Create an interface alias on Solaris when setting up IP aliases,
rather than trying to do things the *BSD way.
- Fix a null pointer dereference bug (this time I went through the
whole function and audited it for more null pointer dereferences,
and I didn't find any, for what that's worth).
- Don't ever release leases in response to a DHCPDISCOVER (I think
this was unlikely anyway, but why not be correct?).
- Remove the shared-network example from the sample dhcpd.conf file.
- Make ``make install'' make all first.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 13
- Support DESTDIR on installs.
- Fix a bug in dhcp.c where a store through a null pointer would
be made under some reasonably common circumstances.
- Add test for ARPHRD_TUNNEL so that client and server do not fail on
versions of Linux running IPsec implementations or the like.
- Move tests for constants defined in O.S. headers into osdep.h - test
for HAVE_whatever in .c files. Define relevant HAVE_whatevers in
linux.h, so that versions of linux that define these constants as
enums will still work.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 12
- Initialize the "quiet" variable in dhclient.c to zero (it was used
without first having been initialized).
- Fix the parser code for the authoritative keyword.
- Adjust lease discovery code to NAK more aggressively for addresses
the server knows it owns.
- Add several new messages for DHCPNAK.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 11
- Use DLPI only on sparcs running Solaris, since it seems not to work
on i386 boxes running Solaris for reasons yet to be determined.
- In the client, close standard I/O descriptors when forking a daemon.
- Don't let large lease lengths wrap lease expiry times - just use
what fits into a TIME value.
- Fix a bug in the SIOCGIFCONF interface scanning code.
- Fix a core dump in the interface scanner that crops up on Linux when
an interface is specified on the command line.
- Don't use %D in strftime because egcs complains about it.
- Print the error message if SO_BINDTODEVICE fails.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 10
- Update top-level Makefile so that it exits correctly on errors in
submakes under bash/gnu make (dunno which is the culprit, and don't
really care).
- Print a more helpful message if no free BPF devices are found.
- Add support for specifying that the server is or is not
authoritative for a particular network segment.
- Fix two stupid typos in lpf.c.
- Print a more helpful message if we can't create an LPF socket or
can't attach a filter to it.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 9
- Correct the hopelessly outdated information about Linux at the top
of the README - many apologies to the Linux people who have had to
read that nonsense for the past couple of snapshots and have been
confused or annoyed by it. I simply hadn't read it recently, and
didn't realize how out-of-date it was.
- Print a message if the client finds no broadcast interfaces to
configure.
- Add support for use-lease-addr-for-default-route flag in server, so
that Windows machines can be made to ARP for all addresses.
- Update README file to mention new Linux gotchas.
- After finally understanding Brian Murrel's code (my fault, not his)
to get interface names from /proc/net/dev on Linux, fix what I broke
of his code and document it.
- Use sendto rather than send for SOCK_PACKET sockets, because they
can't be connected, only bound. :'(
- Fix up SOCK_PACKET creation so that the kernel doesn't complain
about it.
- Fix incorrect tests in linux client script:
[ $relmajor == 2 ] -> [ $relmajor -eq 2 ]
- Make typedefs for u8, u16 and u32 types. These are Linux kernel
internal data types which are unfortunately exposed in the linux
packetfilter header file.
- Don't include <net/ethernet.h> in lpf.c - it defines things we're
already correctly defining elsewhere, and doesn't define any useful
new stuff.
- Finally fix client PREINIT bug that causes interfaces not specified
on the command line to be preinitialized. If no interfaces are
specified on the command line, all interfaces are still
preinitialized.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 8
- Fix socket API fallback setup code, which was causing Linux servers
and clients to loop endlessly on select when run as daemons.
- Add support for Linux 2.2 version number (treated the same as Linux
2.1, for now).
- Correct apparent error in DHCPREQUEST destination address handling
when in INIT-REBOOT state.
- Do not set BROADCAST flag if we have a valid IP address.
- Remove hard-coded filenames and use system-specific manifest
constants.
- Add entry and exit hooks to Linux dhclient-script (should be added
to all operating systems once tested).
- Test for linux major and minor version so as to correctly invoke
network configuration programs.
- Add support for Linux's gratuitous name change of bpf_insn structure
(can't pollute precious Linux sources with the "Berkeley" word, I
guess.
- Correct USE_BPF_{SEND,RECEIVE} ifdefs for if_reinitialize_*
functions.
- Ensure that we have ifreq structure before initializing interface -
if an interface was specified on the command line on Linux, this was
not the case.
- Get rid of references to enstamp structure in lpf.c. Correctly
declare and initialize sock_fprog structure (aka bpf_filter
structure on non-Linux machines).
- Define ssize_t on Ultrix.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 7
- Generalize FDDI support.
- Fix potential core dump in interface discovery code.
- Put explicit release versions on startup messages.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 6
- Add support for Linux Packet Filter (thanks to Brian Murrell, Interlinx).
- Add support for FDDI hardware type.
- Fix a long-standing bug in DLPI support where the ethertype was
being set incorrectly (thanks to Gong Wei, CCENet).
- Don't use DLPI RAW mode on Solaris.
- In the client, when a lease expires, the interface to which that
lease is attached is unconfigured. On systems that use the socket
API, the interface needs to then be reconfigured with the 0.0.0.0
address so that it can be used to get a new address.
- Add fallback support for Linux. This fixes a problem with the
relay agent when relaying over non-broadcast links, and may also fix
some obscure problems with unicasting DHCPACKs in both the server and
relay agent.
- When allocating leases, if the oldest lease is abandoned, try to
find a younger-but-still-expired lease rather than reclaiming the
abandoned lease.
- Add more documentation to README.
- The absence of the /etc/dhclient.conf file is no longer considered
an error.
- The dhcp client's lease file name can be specified on the command
line.
- The DHCP client should no longer zap interfaces that it has not been
directed to configure.
- If a client starts up in the init-reboot state, the xid will be a
"random" number rather than always being zero, as was previously the
case.
- In addition to comparing transaction IDs, compare hardware addresses
in response packets to verify that they are ours.
- Rewrite the client lease database after 20 leases have been written.
- Fix the exponential backoff code.
- Add a Y2k comment to indicate that something suspicious-looking is
in fact _not_ a problem.
- Use mkstemp if possible.
- Add missing fi in various client scripts.
- Use "search" instead of "domain" in linux resolv.conf files.
- Specify a hop count in all route command on solaris.
- If an allocation fails, don't try to zero out the allocation buffer
we didn't get.
- Support subnets that are subsets of other subnets - that is, for
example, 10.0.1.0/24 and 10.0.0.0/16. This is useful in fairly
obscure circumstances.
- Don't set the lease end time if it's already expired.
- Don't define INADDR_LOOPBACK on FreeBSD if it's already defined in a
system header.
- Use the broadcast address in the relay agent if we are using the BSD
socket API.
- Allow host declarations without names.
- Allow the server identifier option to be specified.
- Don't dump hostnames into the lease file if they contain
non-printable characters.
- Copy the entire client hardware address buffer that the client sends
to the output packet, not just the portion of it that's supposedly
significant according to the hardware address length field. This
is done for the benefit of certain Microsoft clients.
- Don't send a second ICMP echo request if we receive two DHCPDISCOVER
messages in quick succession. This prevents a rather annoying
timing race in configuring some Win95 clients.
- Fix up dhcp-options man page to make it more readable. Note that
netbios-name-server is the same thing as WINS.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 5
- Define some extra DLPI support flags that make DLPI work much better
on Solaris.
- Fix inet_aton prototype/declaration to match Internet Software
Consortium BIND distribution.
- Document new server-identifier functionality.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 4
- Do not use -Wstrict-prototypes on Solaris with gcc - if the Internet
Software Consortium BIND distribution is not installed, this produces
errors.
- Actually use the new DLPI support on Solaris - although the code was
added in Patchlevel 2, it wasn't enabled (blush).
- Fix a prototype bug that's exposed when DLPI support is enabled on
Solaris.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 3
- Fix a makefile botch that prevents the DHCP Distribution from
from compiling on Solaris with gcc. Sigh.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 2
- Allow server-identifier in any scope. Use in-scope server
identifier option rather than the default, if one exists.
- Delete newlines from abandoned lease reclaimation warning.
- Only release other applicable leases held by a client when the
client sends a DHCPREQUEST.
- Fix core dump when find_lease didn't find a lease.
- Update dhcpd.leases man page.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 1
- Use -Wno-char-subscript on Solaris to prevent bogus warnings from
gcc on Solaris 2.6.
- Add support for Apple's new Rhapsody operating system.
- Use DLPI on Solaris instead of using the BSD Sockets API.
- Fix two network input buffer overflow problems which could allow an
attacker to pervert the stack.
- Fix an ancient typo that could theoretically cause memory
corruption.
- Sort abandoned leases in at current time rather than end of time.
This allows abandoned leases to be reclaimed if there are no
available free leases.
- If a client explicitly requests a lease that's been abandoned, it's
probably the system that was answering pings on that address, so let it
have the lease.
- Fix a bunch of type conversion errors that are flagged by the Solaris
C compiler.
CHANGES FROM VERSION 2.0 BETA 1 PATCHLEVEL 0
- Fix two potential buffer overflow problems.
- Differentiate between versions of Linux for better success in
compiling.
- Fix bug in linux client script regarding routing setup.
- Clarify socket API error message on multiple interfaces.
- Fix broken comparison that was setting IP source address to zero.
- Reclaim abandoned leases if we run out of free leases.
CHANGES FROM THE DECEMBER 2, 1997 SNAPSHOT
- Use %ld to print pid_t and cast pid_t values to long to avoid
inconsistent declarations between different POSIX flavours.
- Add support for ARPHRD_IEEE802 (token ring) hardware type.
- If we own an address and a client requests it, but we can't assign
it to that client, we now NAK it so that the client doesn't try to
reuse it.
CHANGES FROM THE JUNE SNAPSHOT
- Support for NeXTstep 3.x and 4.x
- Added man pages for dhcpd.leases, dhclient-script, dhclient.leases
and dhclient.conf. Move general documentation of DHCP options into
a seperate man page which is referred to by the dhclient.conf and
dhcpd.conf man pages.
- Updated README to answer some frequently asked questions.
- Fixed a bug in command-line interface specification in dhclient - it
was formerly not possible to specify that only certain interfaces be
configured.
- Do not leave client scripts lying around in /tmp after they've been
used unless the -D flag is specified.
- Add a new, non-standard, not-guaranteed-to-stay-the-same system
configuration status message server which can be used to trigger the
client to recheck its address, e.g., after a laptop has been put to
sleep and then awakened (this has yet to be documented).
- Fix handling of media selection in the REBOOT phase - previously the
media type would not be remembered, which could cause severe delays
in reacquiring an address if the default media type was wrong.
- Allocate space for a NUL terminator on the end of client options -
this was previously overlooked, and could cause garbage characters
to be written to the temporary client script files.
- Use mkstemp if it's available.
- Supply network number and broadcast address to the client script so
that on systems that need these values, they don't need to be
computed with an awk script.
- Keep a PID file for the client and the relay agent, and have the
relay agent background itself by default.
- Add client script for bsd/os, fix many niggling bugs in existing
client scripts and add support for static routing tables to all bsd
scripts.
- Add a -q option to the client, server and relay agent so that they
can be started from /etc/rc scripts without spewing a bunch of
garbage on the console. By default, all three daemons still print
startup messages, since these are helpful in bug reporting.
- Don't print anything to stderr or stdout after going into
background.
- Fix bug where hostname keyword was not being recognized in
dhcpd.leases file, resulting in the loss of lease database entries.
- Fix problem on some operating systems where zero-length ifreq
structures were being offset incorrectly when scanning the interface
list on startup.
- Unless a BOOTP client requests it, never send more than 64 bytes of
options.
- Don't ping static leases, since we don't have a lease structure on
the heap to work with later.
- Fixed a compile problem on Solaris 2.6.
- Support interface aliases on Solaris.
- Print day and month with leading zero in lease files if less than
ten, for easier parsing by perl/sed/awk scripts.
- Never make the lease database world writable, even if dhcpd is
invoked with a bogus umask.
- Fix DHCPRELEASE handling (before, addressed would never be
released.)
- If there is more than one lease for a particular client on a
particular network, find the lease the client is asking for so as to
avoid a cycle of NAKs.
- If a BOOTP request is received from a particular client and that
client has previously received a DHCP address, make sure that we
still find a valid BOOTP lease so that we don't cycle through
addresses.
- Remove server-identifier option from documentation, other than to
document that it has been deprecated.
- Don't give up if we get an EINTR or EAGAIN while polling or
selecting - these return statuses can occur spuriously without
indicating a fatal problem.
- Do not select for exceptions, since we don't handle them. This was
causing massive CPU consumption on some systems.
- When a DHCP client has been assigned a fixed address but had
previously had a lease, it will request the old leased address. In
such an event, send a DHCPNAK so that it will discover its new
static binding.