Knowledge Base ISC Main Website Ask a Question/Contact ISC
DHCP 4.1-ESV-R3 Release Notes
Author: Reference Number: AA-00431 Views: 10976 Created: 2011-08-10 13:00 Last Updated: 2011-09-09 00:01 0 Rating/ Voters

Introduction

Version 4.1-ESV-R3 is an extended support version (ESV) release. ESVs are intended for users who have longer upgrade constraints. Please see our web page http://www.isc.org/downloads/extended-support for more information on ESVs.

This document summarizes changes from DHCP  4.1-ESV-R2 to DHCP 4.1-ESV-R3. Please see the CHANGES file in the source code release for a complete list of all changes.

Download

The latest release of ISC DHCP  software can always be found on our web site at http://www.isc.org/downloads/all. There you will find additional information about each release, source code, and some pre-compiled versions for certain operating systems.

Support

Product support information is available on http://www.isc.org/services/support for paid support options. Free support is provided by our user community via a mailing list. Information on all public email lists is available at https://lists.isc.org/mailman/listinfo.

New Features

- Add the option "--no-pid" to the client, relay and server code,  to disable writing a pid file.  Add the option "-pf pidfile"  to the relay to allow the user to supply the pidfile name at  runtime.  Add the "with-relay6-pid-file" option to configure  to allow the user to supply the pidfile name for the relay  in v6 mode at configure time.  [ISC-Bugs #23351] [ISC-Bugs #17541]

Security Fixes


! Two packets were found that cause a server to halt.  The code  has been updated to properly process or reject the packets as  appropriate.  Thanks to David Zych at University of Illinois  for reporting this issue.  [ISC-Bugs #24960]  One CVE number for each class of packet.  CVE-2011-2748  CVE-2011-2749

Bug Fixes

- Compilation fix for gcc 4.5 or newer in server/ddns.c [ISC-Bugs #24973]

- Strict checks for content of domain-name DHCPv4 option can now be   configured during compilation time. Even though RFC2132 does not allow   to store more than one domain in domain-name option, such behavior is   now enabled by default, but this may change some time in the future.  See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.  [ISC-Bugs #24167

- DHCPv6 server now responds properly if client asks for a prefix that  is already assigned to a different client. [ISC-Bugs #23948]

- Fix the handling of connection requests on the failover port.  This was a security issue in 4.2.0 but is not in  4.1.x.  [ISC-Bugs #22679]

- When processing the format flags for a given option consume the  flag indicating an optional value correctly.  A symptom of this  bug was an infinite loop when trying to parse the slp-service-scope  option.  Thanks to a patch from Marius Tomaschewski.  [ISC-Bugs #22055]

- Modify the dlpi code to accept getmsg() returning a positive value.  [ISC-Bugs #22824]

- Removed the restriction on using IPv6 addresses in IPv4 mode.  This  allows IPv4 options which contain IPv6 addresses to be specified.  For  example the 6rd option can be specified and used like this:  [ISC-Bugs #23039]

- 'dhclient' no longer waits a random interval after first starting up to  begin in the INIT state.  This conforms to RFC 2131, but elects not to  implement a 'SHOULD' direction in section 4.1. [ISC-Bugs #19660]

- Added 'initial-delay' parameter that specifies maximum amount of time   before client goes to the INIT state. The default value is 0. In previous   versions of the code client could wait up to 5 seconds. The old behavior   may be restored by using 'initial-delay 5;' in the client config file.  [ISC-Bugs #19660]

- ICMP ping-check should now sit closer to precisely the number of seconds  configured (or default 1), due to making use of the new microsecond  scale timer internally to dhcpd.  This corrects a bug where the server  may immediately timeout an ICMP ping-check if it was made late in the  current second. [ISC-Bugs #19660]

- The DHCP client will schedule renewal and rebinding events in  microseconds if the DHCP server provided a lease-time that would result  in sub-1-second timers.  This corrects a bug where a 2-second or lower  lease-time would cause the DHCP client to enter an infinite loop by  scheduling renewal at zero seconds. [ISC-Bugs #19660]

- Client lease records are recorded at most once every 15 seconds.  This  keeps the client from filling the lease database disk quickly on very small  lease times. [ISC-Bugs #19660]

- To defend against RFC 2131 non-compliant DHCP servers which fail to  advertise a lease-time (either mangled, or zero in value) the DHCP  client now adds the server to the reject list ACL and returns to INIT  state to hopefully find an RFC 2131 compliant server (or retry in INIT  forever). [ISC-Bugs #19660]

- Parameters configured to evaluate from user defined function calls can  now be correctly written to dhcpd.leases (as on 'on events' or dynamic  host records inserted via OMAPI).  [ISC-Bugs #22266]

- If a 'next-server' parameter is configured in a dynamic host record via  OMAPI as a domain name, the syntax written to disk is now correctly parsed  upon restart.  [ISC-Bugs #22266]

- The DHCP server now responds to DHCPLEASEQUERY messages from agents using  IP addresses not covered by a subnet in configuration.  Whether or not to  respond to such an agent is still governed by the 'allow leasequery;'  configuration parameter, in the case of an agent not covered by a configured  subnet the root configuration area is examined. Server now also returns  vendor-class-id option, if client sent it. [ISC-Bugs #21094]

- Relay no longer crashes, when DHCP packet is received over interface without  any IPv4 address assigned. [ISC-Bugs #22409]

- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,  rather than sockaddr. Packet etherType is now forced to ETH_P_IP.  [ISC-Bugs #18975]

Documentation Fixes

 [ISC-Bugs #17959] add text to AIX section describing how to have it send

  responses to the all-ones address.

  [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct

  [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS

Thank You

Thank you to everyone who assisted us in making this release possible. If you would like to contribute to ISC to assist us in continuing to make quality open source software, please visit our donations page at http://www.isc.org/supportisc. For further information on how to install, configure and run this software, as well as how to find documentation and report bugs, please consult the README file.


© 2001-2017 Internet Systems Consortium

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

Feedback
  • There is no feedback for this article
Quick Jump Menu