relnotes

DHCP服务器源码

	      Internet Systems Consortium DHCP Distribution
			     Version 3.0.1
			     July 14, 2004

			     Release Notes

			     NEW FEATURES

Version 3 of the ISC DHCP Distribution includes the following features
that are new since version 2.0:

     - DHCP Failover Protocol support
     - OMAPI, an API for accessing and modifying the DHCP server and
       client state.
     - Conditional behaviour
     - Storing arbitrary information on leases
     - Address pools with access control
     - Client classing
     - Address allocation restriction by class
     - Relay agent information option support 
     - Dynamic DNS updates
     - Many bug fixes, performance enhancements, and minor new DHCP
       protocol features. 

The main bug fixed here is a bug in the subclass allocation code that
could result in a memory smash.   Any users of the ISC DHCP server who
are using subclasses should seriously consider upgrading to 3.0.1.

If you are running 3.0 beta 1 and are doing dynamic DNS updates, the
lease file is no longer forward-compatible to 3.0 final.   A script
has been provided to convert 3.0b1 lease files.   This is in
contrib/3.0b1-lease-convert.

For information on how to install, configure and run this software,
as well as how to find documentation and report bugs, please consult
the README file.

The Dynamic DNS Update support is a descendent of an implementation
done by Lans Carstensen and Brian Dols at Rose-Hulman Institute of
Technology, Jim Watt at Applied Biosystems, Irina Goble at Integrated
Measurement Systems, Igor Sharfmesser at Kazakh Telecom, and Brian
Murrell at BC Tel Advanced Communications.  I'd like to express my
thanks to all of these good people here, both for working on the code
and for prodding me into improving it.

			Changes since 3.0.1rc14

- The global variable 'cur_time' was centralized and is now uniformly of a
  type #defined in system-dependent headers.  It had previously been defined
  in one of many places as a 32-bit value, and this causes mayhem on 64-bit
  big endian systems.  It probably wasn't too healthy on little endian
  systems either.

- A printf format string error introduced in rc14 was repaired.

- AIX system-dependent header file was altered to only define NO_SNPRINTF
  if the condition used to #ifdef in vsnprintf in AIX' header files
  is false.

- The Alpha/OSF system-dependent header file was altered to define
  NO_SNPRINTF on OS revisions older than 4.0G.

- omapip/test.c had string.h added to its includes.

			Changes since 3.0.1rc13

! CAN-2004-0460 - CERT VU#317350: Five stack overflow exploits were closed
  in logging messages with excessively long hostnames provided by the
  clients.  It is highly probable that these could have been used by
  attackers to gain arbitrary root access on systems using ISC DHCP 3.0.1
  release candidates 12 or 13.  Special thanks to Gregory Duchemin for
  both finding and solving the problem.

! CAN-2004-0461 - CERT VU#654390: Once the above was closed, an opening
  in log_*() functions was evidented, on some specific platforms where
  vsnprintf() was not believed to be available and calls were wrapped to
  sprintf() instead.  Again, credit goes to Gregory Duchemin for finding
  the problem.  Calls to snprintf() are now linked to a distribution-local
  snprintf implementation, only in those cases where the architecture is
  not known to provide one (see includes/cf/[arch].h).  If you experience
  linking problems with snprintf/vsnprintf or 'isc_print_' functions, this
  is where to look.  This vulnerability did not exist in any previously
  published version of ISC DHCP.

- Compilation on hpux 11.11 was repaired.

- 'The cross-compile bug fix' was backed out.

			Changes since 3.0.1rc12

- Fixed a bug in omapi lease lookup function, to form the hardware
  address for the hash lookup correctly, thanks to a patch from
  Richard Hirst.

- Fixed a bug where dhcrelay was sending relayed responses back to the
  broadcast address, but with the source's unicast mac address.  Should
  now conform to rfc2131 section 4.1.

- Cross-compile bug fix; use $(AR) instead of ar.  Thanks to Morten Brorup.

- Fixed a crash bug in dhclient where dhcpd servers that do not provide
  renewal times results in an FPE.  As a side effect, dhclient can now
  properly handle 0xFFFFFFFF (-1) expiry times supplied by servers.  Thanks
  to a patch from Burt Silverman.

- The 'ping timeout' debugs from rc12 were removed to -DDEBUG only,
  and reformatted to correct a compilation error on solaris platforms.

- A patch was applied which fixes a case where leases read from the
  leases database do not properly over-ride previously read leases.

- dhcpctl.3 manpage was tweaked.

			Changes since 3.0.1rc11

- A patch from Steve Campbell was applied with minor modifications to
  permit reverse dns PTR record updates with values containing spaces.

- A patch from Florian Lohoff was applied with some modifications to
  dhcrelay.  It now discards packets whose hop count exceeds 10 by default,
  and a command-line option (-c) can be used to set this threshold.

- A failover bug relating to identifying peers by name length instead of
  by name was fixed.

- Delcaring failover configs within shared-network statements should no
  longer result in error.

- The -nw command line option to dhclient now works.

- Thanks to a patch from Michael Richardson:
	- Some problems with long option processing have been fixed.
	- Some fixes to minires so that updates of KEY records will work.

- contrib/ms2isc was updated by Shu-Min Chang of the Intel Corporation.
  see contrib/ms2isc/readme.txt for revision notes.

- Dhclient no longer uses shell commands to kill another instance of
  itself, it sends the signal directly.  Thanks to a patch from Martin
  Blapp.

- The FreeBSD dhclient-script was changed so that a failure to write to
  /etc/resolv.conf does not prematurely end the script.  This keeps dhclient
  from looping infinitely when this is the case.  Thanks to a patch from
  Martin Blapp.

- A patch from Bill Stephens was applied which resolves a problem with lease
  expiry times in failover configurations.

- A memory leak in configuration parsing was closed thanks to a patch from
  Steve G.

- The function which discovers interfaces will now skip non-broadcast or
  point-to-point interfaces, thanks to a patch from David Brownlee.

- Options not yet known by the dhcpd or dhclient have had their names
  changed such that they do not contain # symbols, in case they should ever
  appear in a lease file.  An option that might have been named "#144" is
  now "unknown-144".

- Another patch from Bill Stephens which allows the ping-check timeout to
  be configured as 'ping-timeout'.  Defaults to 1.

			Changes since 3.0.1rc10

- Potential buffer overflows in minires repaired.

- A change to the linux client script to use /bin/bash, since /bin/sh may
  not be bash.

- Some missing va_end cleanups thanks to a patch from Thomas Klausner.

- A correction of boolean parsing syntax validation - some illegal syntaxes
  that worked before are now detected and produce errs, some legal syntaxes
  that errored before will now work properly.

- Some search-and-replace errors that caused some options to change their
  names was repaired.

- Shu-min Chang of the Intel corporation has contributed a perl script and
  module that converts the MS NT4 DHCP configuration to a ISC DHCP3
  configuration file.

- Applied the remainder of the dhcpctl memory leak patch provided by Bill
  Squier at ReefEdge, Inc.  (groo@reefedge.com).

- Missing non-optional failover peer configurations will now result in a soft
  error rather than a null dereference.

			Changes since 3.0.1rc9

- A format string was corrected to fix compiler warnings.

- A number of spelling corrections were made in the man pages.

- The dhclient.conf.5 man page was changed to refer to do-forward-updates
  rather than a configuration option that doesn't exist.

- A FreeBSD-specific bug in the interface removal handling was fixed.

- A Linux-specific Token Ring detection problem was fixed.

- Hashes removed from as-yet-unknown agent options, having those options
  appear in reality before we know about them will no longer produce
  self-corrupting lease databases.

- dhclient will use the proper port numbers now when using the -g option.

- A order-of-operations bug with 2 match clauses in 1 class statement is
  fixed thanks to a patch from Andrew Matheson.

- Compilation problems on Solaris were fixed.

- Compilation problems when built with DEBUG or DEBUG_PACKET were repaired.

- A fix to the dhcp ack process which makes certain group options will be
  included in the first DHCPOFFER message was made thanks to a patch from
  Ling Gou.

- A few memory leaks were repaired thanks to patches from Bill Squier at
  ReefEdge, Inc.  (groo@reefedge.com).

- A fix for shared-networks that sometimes give clients options for the
  wrong subnets (in particular, 'option routers') was applied, thanks to
  Ted Lemon for the patch.

- Omshell's handling of dotted octets as values was changed such that dots
  one after the other produce zero values in the integer string.

			Changes since 3.0.1rc8

- Fix a format string vulnerability in the server that could lead to a
  remote root compromise (discovered by NGSEC Research Team, www.ngsec.com).

- Add additional support for NetBSD/sparc64.

- Fix a bug in the command-line parsing of the client.  Also, resolve
  a memory leak.

- Add better support for shells other than bash in the Linux client
  script.

- Various build fixes for modern versions of FreeBSD and Linux.

- Fix a bad bounds check when printing binding state names.

- Clarify documentation about fixed-address and multiple addresses.

- Fix a typo in the authoritative error message.

- Make a log entry when we can't write a billing class.

- Use conversion targets that are the right size on all architectures.

- Increment the hop count when relaying.

- Log a message when lease state is changed through OMAPI.

- Don't rerun the shared_network when evaluating the pool.

- Fix a reversed test in the parser.

- Change the type of rbuf_max.

- Make FTS_LAST a manifest constant to quiet warnings.

			Changes since 3.0.1rc7

- Fix two compiler warnings that are generated when compiling on Solaris
  with gcc.   These stop the build, even though they weren't actually
  errors, because we prefer that our builds generate no warnings.

			Changes since 3.0.1rc6

- Don't allow a lease that's in the EXPIRED, RELEASED or RESET state
  to be renewed.

- Implement lease stealing for cases where the primary has fewer leases
  than the secondary, as called for by the standard.

- Add a fudge factor to the lease expiry acceptance code, (suggested
  by Kevin Miller of CMU).

- Fix a bug in permit_list_match that made it much too willing to say
  that two permit lists matched.

- Unless DEBUG_DNS_UPDATES is defined, print more user-friendly (and
  also more compact) messages about DNS updates.

- Fix a bug in generating wire-format domain names for the FQDN option.

- Fix a bug where the FQDN option would not be returned if the client
  requested it, contrary to the standard.

- On Darwin, use the FreeBSD DHCP client script.

- On NetBSD/sparc, don't check for casting warnings.

- Add a flag in the DHCP client to disable updating the client's A
  record when sending an FQDN option indicating that the client is
  going to update its A record.

- In the client, don't attempt a DNS update until one second after
  configuring the new IP address, and if the update times out, keep
  trying until a response, positive or negative, is received from the
  DNS server.

- Fix an uninitialized memory bug in the DHCP client.

- Apply some FreeBSD-specific bug fixes suggested by Murray Stokely.

- Fix a bug in ns_parserr(), where it was returning the wrong sort
  of result code in some cases (suggested by Ben Harris of the
  NetBSD project).

- Fix a bug in is_identifier(), where it was checking against EOF
  instead of the END_OF_FILE token (also suggested by Ben Harris).

- Fix a bug where if an option universe contained no options, the
  DHCP server could dump core (Walter Steiner).

- Fix a bug in the handling of encapsulated options.

- Fix a bug that prevented NWIP suboptions from being processed.