Djam/dhcp
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/dhcp.git synced 2025-02-23 13:32:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Automatic import for version 4.2.1

Browse source
This commit is contained in:
Rosa 2012-02-01 14:24:24 +04:00
commit a782778d60
17 changed files with 2917 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.abf.yml Normal file
View file

@ -0,0 +1,3 @@
sources:
"dhcp-4.2.1-P1.tar.gz": 7767019313b4128357054a1eb053c66799831dd6
"dhcp-dynamic-dns-examples.tar.bz2": d33980aad3e0380fc89f8346ab37786d39157696

33
dhclient-exit-hooks Normal file
View file

@ -0,0 +1,33 @@
#!/bin/bash
#
# This script contains hooks that will be executed when
# dhclient exits.
#
# process static route requests
if [ x"$new_rfc3442_classless_static_routes" != x"" ]; then
if [ x"$reason" == x"BOUND" -o x"$reason" == x"REBOOT" ]; then
rfc_routes=($new_rfc3442_classless_static_routes)
for(( i=0; i < ${#rfc_routes[@]}; )); do
net_length=${rfc_routes[$i]}
((i++))
net_address=(0 0 0 0)
for(( j=0; j < $[$net_length / 8 + \
($net_length % 8 ? 1 : 0)]; j++, i++)); do
net_address[$j]=${rfc_routes[$i]}
done
gateway=(0 0 0 0)
for (( j=0; j < 4; j++, i++ )); do
gateway[$j]=${rfc_routes[$i]}
done
old_IFS="$IFS"
IFS='.'
if [ x"$net_length" == x"32" ]; then
/sbin/route add -host "${net_address[*]}" gw "${gateway[*]}"
else
/sbin/route add -net "${net_address[*]}/$net_length" gw "${gateway[*]}"
fi
IFS="$old_IFS"
done
fi
fi

85
dhcp-4.1.1-format_not_a_string_literal_and_no_format_arguments.patch Normal file
View file

@ -0,0 +1,85 @@
diff -p -up dhcp-4.1.1/client/dhclient.c.not_a_string dhcp-4.1.1/client/dhclient.c
--- dhcp-4.1.1/client/dhclient.c.not_a_string 2010-01-07 19:47:40.000000000 -0200
+++ dhcp-4.1.1/client/dhclient.c 2010-02-25 11:30:19.000000000 -0300
@@ -381,9 +381,9 @@ main(int argc, char **argv) {
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
- log_info(copyright);
- log_info(arr);
- log_info(url);
+ log_info("%s", copyright);
+ log_info("%s", arr);
+ log_info("%s", url);
log_info("%s", "");
} else {
log_perror = 0;
@@ -647,9 +647,9 @@ main(int argc, char **argv) {
static void usage()
{
log_info("%s %s", message, PACKAGE_VERSION);
- log_info(copyright);
- log_info(arr);
- log_info(url);
+ log_info("%s", copyright);
+ log_info("%s", arr);
+ log_info("%s", url);
log_error("Usage: dhclient %s %s",
#ifdef DHCPv6
diff -p -up dhcp-4.1.1/relay/dhcrelay.c.not_a_string dhcp-4.1.1/relay/dhcrelay.c
--- dhcp-4.1.1/relay/dhcrelay.c.not_a_string 2010-01-07 19:48:02.000000000 -0200
+++ dhcp-4.1.1/relay/dhcrelay.c 2010-02-25 11:30:22.000000000 -0300
@@ -403,9 +403,9 @@ main(int argc, char **argv) {
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
- log_info(copyright);
- log_info(arr);
- log_info(url);
+ log_info("%s", copyright);
+ log_info("%s", arr);
+ log_info("%s", url);
} else {
quiet = 0;
log_perror = 0;
diff -p -up dhcp-4.1.1/server/dhcpd.c.not_a_string dhcp-4.1.1/server/dhcpd.c
--- dhcp-4.1.1/server/dhcpd.c.not_a_string 2010-02-25 11:29:56.000000000 -0300
+++ dhcp-4.1.1/server/dhcpd.c 2010-02-25 11:30:22.000000000 -0300
@@ -459,9 +459,9 @@ main(int argc, char **argv) {
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
- log_info (copyright);
- log_info (arr);
- log_info (url);
+ log_info ("%s", copyright);
+ log_info ("%s", arr);
+ log_info ("%s", url);
} else {
quiet = 0;
log_perror = 0;
@@ -1061,9 +1061,9 @@ void postconf_initialization (int quiet)
log_perror = 0;
log_info("%s %s",
message, PACKAGE_VERSION);
- log_info (copyright);
- log_info (arr);
- log_info (url);
+ log_info ("%s", copyright);
+ log_info ("%s", arr);
+ log_info ("%s", url);
log_perror = tmp;
}
} else
@@ -1170,8 +1170,8 @@ void postdb_startup (void)
static void
usage(void) {
log_info("%s %s", message, PACKAGE_VERSION);
- log_info(copyright);
- log_info(arr);
+ log_info("%s", copyright);
+ log_info("%s", arr);
log_fatal("Usage: dhcpd [-p <UDP port #>] [-f] [-d] [-q] [-t|-T]\n"
#ifdef DHCPv6

181
dhcp-4.1.1-ifup.patch Normal file
View file

@ -0,0 +1,181 @@
diff -p -up dhcp-4.1.1/client/scripts/linux.ifup dhcp-4.1.1/client/scripts/linux
--- dhcp-4.1.1/client/scripts/linux.ifup 2009-04-21 11:21:09.000000000 -0300
+++ dhcp-4.1.1/client/scripts/linux 2010-02-25 11:26:32.000000000 -0300
@@ -1,8 +1,11 @@
#!/bin/bash
-# dhclient-script for Linux. Dan Halbert, March, 1997.
-# Updated for Linux 2.[12] by Brian J. Murrell, January 1999.
-# No guarantees about this. I'm a novice at the details of Linux
-# networking.
+# Network Interface Configuration System
+#
+# Based on:
+# dhclient-script for Linux. Dan Halbert, March, 1997.
+# Updated for Linux 2.[12] by Brian J. Murrell, January 1999.
+# Modified for Mandriva Linux 1999-2009
+
# Notes:
@@ -26,35 +29,46 @@
ip=/sbin/ip
make_resolv_conf() {
+ local d
+ local ns
+
+ if [ -n "$DOMAIN" ]; then
+ d="search $DOMAIN"
+ fi
+
if [ x"$new_domain_name_servers" != x ]; then
- cat /dev/null > /etc/resolv.conf.dhclient
- chmod 644 /etc/resolv.conf.dhclient
- if [ x"$new_domain_search" != x ]; then
- echo search $new_domain_search >> /etc/resolv.conf.dhclient
+ if [ -n "$DOMAIN" ]; then
+ # already done above
+ d="search $DOMAIN"
+ elif [ x"$new_domain_search" != x ]; then
+ d="search $new_domain_search"
elif [ x"$new_domain_name" != x ]; then
# Note that the DHCP 'Domain Name Option' is really just a domain
# name, and that this practice of using the domain name option as
# a search path is both nonstandard and deprecated.
- echo search $new_domain_name >> /etc/resolv.conf.dhclient
+ d="search $new_domain_name"
fi
for nameserver in $new_domain_name_servers; do
- echo nameserver $nameserver >>/etc/resolv.conf.dhclient
+ ns="$ns"$'\n'"nameserver ${nameserver}"
done
- mv /etc/resolv.conf.dhclient /etc/resolv.conf
elif [ "x${new_dhcp6_name_servers}" != x ] ; then
- cat /dev/null > /etc/resolv.conf.dhclient6
- chmod 644 /etc/resolv.conf.dhclient6
- if [ "x${new_dhcp6_domain_search}" != x ] ; then
- echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6
+ if [ -n "$DOMAIN" ]; then
+ # already done above
+ d="search $DOMAIN"
+ elif [ "x${new_dhcp6_domain_search}" != x ] ; then
+ d="search ${new_dhcp6_domain_search}"
fi
for nameserver in ${new_dhcp6_name_servers} ; do
- echo nameserver ${nameserver} >> /etc/resolv.conf.dhclient6
+ ns="$ns"$'\n'"nameserver ${nameserver}"
done
+ fi
- mv /etc/resolv.conf.dhclient6 /etc/resolv.conf
+ if [ -n "$d" -o -n "$ns" ]; then
+ change_resolv_conf "$d" "$ns"
fi
+
}
# Must be used on exit. Invokes the local dhcp client exit hooks, if any.
@@ -78,6 +92,25 @@ if [ -f /etc/dhclient-enter-hooks ]; the
fi
fi
+# Import Mandriva Linux configuration
+cd /etc/sysconfig/network-scripts;
+. /etc/sysconfig/network-scripts/network-functions
+. /etc/rc.d/init.d/functions
+
+[ -f ../network ] && . ../network
+[ -f ../networking/network ] && . ../networking/network
+
+CONFIG=$interface
+
+need_config ${CONFIG}
+
+if [ -f "${CONFIG}" ]; then
+ source_config
+else
+ echo $"$0: configuration for $interface not found." >&2
+ DEVICE=$interface
+fi
+
###
### DHCPv4 Handlers
###
@@ -128,15 +161,6 @@ fi
if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \
[ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then
- current_hostname=`hostname`
- if [ x$current_hostname = x ] || \
- [ x$current_hostname = "x(none)" ] || \
- [ x$current_hostname = xlocalhost ] || \
- [ x$current_hostname = x$old_host_name ]; then
- if [ x$new_host_name != x$old_host_name ]; then
- hostname "$new_host_name"
- fi
- fi
if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \
[ x$alias_ip_address != x$old_ip_address ]; then
@@ -155,12 +179,14 @@ if [ x$reason = xBOUND ] || [ x$reason =
ifconfig $interface inet $new_ip_address $new_subnet_arg \
$new_broadcast_arg $mtu_arg
# Add a network route to the computed network address.
+ if [ "${PEERGATEWAY}" != "no" ]; then
for router in $new_routers; do
if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then
route add -host $router dev $interface
fi
route add default gw $router $metric_arg dev $interface
done
+ fi
fi
if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ];
then
@@ -168,7 +194,25 @@ if [ x$reason = xBOUND ] || [ x$reason =
ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
route add -host $alias_ip_address $interface:0
fi
- make_resolv_conf
+ if [ -n "$METRIC" ]; then
+ ifmetric $interface $METRIC
+ fi
+ if [ "${PEERDNS}" != "no" ]; then
+ make_resolv_conf
+ fi
+ if [ "${NEEDHOSTNAME}" = "yes" ]; then
+ if [ -z "$new_host_name" ]; then
+ eval `/bin/ipcalc --silent --hostname $new_ip_address`
+ new_host_name=$HOSTNAME
+ fi
+ if [ -n "$new_host_name" ]; then
+ current_hostname=`hostname`
+
+ if [ "$new_host_name" != "$current_hostname" ]; then
+ set_hostname $new_host_name
+ fi
+ fi
+ fi
exit_with_hooks 0
fi
@@ -202,13 +246,17 @@ if [ x$reason = xTIMEOUT ]; then
ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
route add -host $alias_ip_address dev $interface:0
fi
+ if [ "${PEERGATEWAY}" != "no" ]; then
for router in $new_routers; do
if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then
route add -host $router dev $interface
fi
route add default gw $router $metric_arg dev $interface
done
+ fi
+ if [ "${PEERDNS}" != "no" ]; then
make_resolv_conf
+ fi
exit_with_hooks 0
fi
ifconfig $interface inet 0 down

51
dhcp-4.1.1-missing-ipv6-not-fatal.patch Normal file
View file

@ -0,0 +1,51 @@
diff -p -up dhcp-4.1.1/common/discover.c.ipv6_not_fatal dhcp-4.1.1/common/discover.c
--- dhcp-4.1.1/common/discover.c.ipv6_not_fatal 2009-09-29 16:44:49.000000000 -0300
+++ dhcp-4.1.1/common/discover.c 2010-02-25 11:35:34.000000000 -0300
@@ -444,15 +444,19 @@ begin_iface_scan(struct iface_conf_list
#ifdef DHCPv6
if (local_family == AF_INET6) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
- close(ifaces->sock);
- ifaces->sock = -1;
- fclose(ifaces->fp);
- ifaces->fp = NULL;
- return 0;
+ if (!access("/proc/net/if_inet6", R_OK)) {
+ ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
+ if (ifaces->fp6 == NULL) {
+ log_error("Error opening '/proc/net/if_inet6' to "
+ "list IPv6 interfaces; %m");
+ close(ifaces->sock);
+ ifaces->sock = -1;
+ fclose(ifaces->fp);
+ ifaces->fp = NULL;
+ return 0;
+ }
+ } else {
+ ifaces->fp6 = NULL;
}
}
#endif
@@ -721,7 +725,7 @@ next_iface(struct iface_info *info, int
return 1;
}
#ifdef DHCPv6
- if (!(*err)) {
+ if (!(*err) && ifaces->fp6) {
if (local_family == AF_INET6)
return next_iface6(info, err, ifaces);
}
@@ -740,7 +744,8 @@ end_iface_scan(struct iface_conf_list *i
ifaces->sock = -1;
#ifdef DHCPv6
if (local_family == AF_INET6) {
- fclose(ifaces->fp6);
+ if (ifaces->fp6)
+ fclose(ifaces->fp6);
ifaces->fp6 = NULL;
}
#endif

39
dhcp-4.1.1-prevent_wireless_deassociation.patch Normal file
View file

@ -0,0 +1,39 @@
diff -p -up dhcp-4.1.1/client/scripts/linux.prevent_wireless dhcp-4.1.1/client/scripts/linux
--- dhcp-4.1.1/client/scripts/linux.prevent_wireless 2010-02-25 11:37:31.000000000 -0300
+++ dhcp-4.1.1/client/scripts/linux 2010-02-25 11:37:37.000000000 -0300
@@ -13,6 +13,8 @@
# 1. ifconfig down apparently deletes all relevant routes and flushes
# the arp cache, so this doesn't need to be done explicitly.
+# 1.1. ifconfig $interface inet 0 is enough, and prevents unneeded
+# deassociation on wireless interfaces
# 2. The alias address handling here has not been tested AT ALL.
# I'm just going by the doc of modern Linux ip aliasing, which uses
@@ -170,7 +172,7 @@ if [ x$reason = xBOUND ] || [ x$reason =
if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then
# IP address changed. Bringing down the interface will delete all routes,
# and clear the ARP cache.
- ifconfig $interface inet 0 down
+ ifconfig $interface inet 0
fi
if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \
@@ -224,7 +226,7 @@ if [ x$reason = xEXPIRE ] || [ x$reason
fi
if [ x$old_ip_address != x ]; then
# Shut down interface, which will delete routes and clear arp cache.
- ifconfig $interface inet 0 down
+ ifconfig $interface inet 0
fi
if [ x$alias_ip_address != x ]; then
ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg
@@ -259,7 +261,7 @@ if [ x$reason = xTIMEOUT ]; then
fi
exit_with_hooks 0
fi
- ifconfig $interface inet 0 down
+ ifconfig $interface inet 0
exit_with_hooks 1
fi

17
dhcp-4.1.1-useless-wait.patch Normal file
View file

@ -0,0 +1,17 @@
--- client/dhclient.c 2010/04/28 19:13:43 1.1
+++ client/dhclient.c 2010/04/28 19:17:01
@@ -594,9 +594,12 @@
else {
client->state = S_INIT;
/* Set up a timeout to start the
- * initialization process.
+ * initialization process,
+ * _immediately_, as agreed but never
+ * applied by the ISC upstream
+ https://lists.isc.org/mailman/htdig/dhcp-users/2006-June/thread.html#928
*/
- tv.tv_sec = cur_time + random() % 5;
+ tv.tv_sec = cur_time - 1;
tv.tv_usec = 0;
add_timeout(&tv, state_reboot,
client, 0, 0);

59
dhcp-4.2.1-P1-CVE-2011-2748,2749.diff Normal file
View file

@ -0,0 +1,59 @@
diff -Naurp dhcp-4.2.1-P1/common/discover.c dhcp-4.2.1-P1.oden/common/discover.c
--- dhcp-4.2.1-P1/common/discover.c 2011-08-18 12:58:40.883411562 +0200
+++ dhcp-4.2.1-P1.oden/common/discover.c 2011-08-18 12:55:47.002338724 +0200
@@ -1391,12 +1391,16 @@ isc_result_t got_one (h)
if (result == 0)
return ISC_R_UNEXPECTED;
- /* If we didn't at least get the fixed portion of the BOOTP
- packet, drop the packet. We're allowing packets with no
- sname or filename, because we're aware of at least one
- client that sends such packets, but this definitely falls
- into the category of being forgiving. */
- if (result < DHCP_FIXED_NON_UDP - DHCP_SNAME_LEN - DHCP_FILE_LEN)
+ /*
+ * If we didn't at least get the fixed portion of the BOOTP
+ * packet, drop the packet.
+ * Previously we allowed packets with no sname or filename
+ * as we were aware of at least one client that did. But
+ * a bug caused short packets to not work and nobody has
+ * complained, it seems rational to tighten up that
+ * restriction.
+ */
+ if (result < DHCP_FIXED_NON_UDP)
return ISC_R_UNEXPECTED;
if (bootp_packet_handler) {
diff -Naurp dhcp-4.2.1-P1/common/options.c dhcp-4.2.1-P1.oden/common/options.c
--- dhcp-4.2.1-P1/common/options.c 2011-03-24 22:57:13.000000000 +0100
+++ dhcp-4.2.1-P1.oden/common/options.c 2011-08-18 12:55:47.003338734 +0200
@@ -592,8 +592,8 @@ cons_options(struct packet *inpacket, st
} else if (bootpp) {
mb_size = 64;
if (inpacket != NULL &&
- (inpacket->packet_length - DHCP_FIXED_LEN >= 64))
- mb_size = inpacket->packet_length - DHCP_FIXED_LEN;
+ (inpacket->packet_length >= 64 + DHCP_FIXED_NON_UDP))
+ mb_size = inpacket->packet_length - DHCP_FIXED_NON_UDP;
} else
mb_size = DHCP_MIN_OPTION_LEN;
diff -Naurp dhcp-4.2.1-P1/server/dhcp.c dhcp-4.2.1-P1.oden/server/dhcp.c
--- dhcp-4.2.1-P1/server/dhcp.c 2010-09-09 08:52:37.000000000 +0200
+++ dhcp-4.2.1-P1.oden/server/dhcp.c 2011-08-18 12:57:53.156117387 +0200
@@ -2336,6 +2336,7 @@ void ack_lease (packet, lease, offer, wh
* giaddr.
*/
if (!packet->agent_options_stashed &&
+ (packet->options != NULL) &&
packet->options->universe_count > agent_universe.index &&
packet->options->universes[agent_universe.index] != NULL) {
oc = lookup_option (&server_universe, state -> options,
@@ -4429,6 +4430,7 @@ maybe_return_agent_options(struct packet
* by the user into the new state, not just give up.
*/
if (!packet->agent_options_stashed &&
+ (packet->options != NULL) &&
packet->options->universe_count > agent_universe.index &&
packet->options->universes[agent_universe.index] != NULL &&
(options->universe_count <= agent_universe.index ||

11
dhcp-4.2.1-P1.tar.gz.sha512.asc Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iQEVAwUATZoM/dgRtT8Le64AAQoHqQf/dRI18soyGYHZwP868cMk4mZsTThTPCul
8WRfxQNjC93fRSrCeANdBeUOEjKnGbDyeAMS4gJHP4MnRywWDKvlKNjEhFNvoD4B
bKRAXTsvYjR19IwMmbjwexI7XAUbD208FiNvynvvjfKbnkiDnb4bJMzea2y/RGYO
RfNJm4SR4P4u4csuY9uG4CaD4z+3CZkCKX00l3oN3SHlkLfntPm/VUbpILtt77wQ
KH/nYaiglyt+SkFEevDMjvW6+04ZQ//tDYuSIOK0LZJBrkspAOMW8lWProZPl2oX
fOI+OLQHAavei1qber2A1Tqj1JC3BRftX6stuMbfTWGj4RYZmhHMNw==
=cijx
-----END PGP SIGNATURE-----

643
dhcp.spec Normal file
View file

@ -0,0 +1,643 @@
%define _catdir /var/cache/man
%define pver P1
Summary: The ISC DHCP (Dynamic Host Configuration Protocol) server/relay agent/client
Name: dhcp
Epoch: 3
Version: 4.2.1
Release: %mkrel 0.%{pver}.2
License: Distributable
Group: System/Servers
URL: https://www.isc.org/software/dhcp
Source0: ftp://ftp.isc.org/isc/%{name}/%{name}-%{version}-%{pver}.tar.gz
Source1: ftp://ftp.isc.org/isc/%{name}/%{name}-%{version}-%{pver}.tar.gz.sha512.asc
Source2: dhcpd.conf
Source3: dhcpd.init
Source4: dhcp-dynamic-dns-examples.tar.bz2
Source5: dhcrelay.init
Source6: update_dhcp.pl
Source7: dhcpreport.pl
Source8: dhcpd-chroot.sh
# (eugeni) dhclient-exit-hooks script
Source9: dhclient-exit-hooks
Source12: draft-ietf-dhc-ldap-schema-01.txt
# customize ifup script
Patch0: dhcp-4.1.1-ifup.patch
Patch5: dhcp-4.1.1-format_not_a_string_literal_and_no_format_arguments.patch
# (fc) 4.1.0-3mdv no IPv6 is no longer fatal for dhclient
Patch6: dhcp-4.1.1-missing-ipv6-not-fatal.patch
# prevents needless deassociation, working around mdv bug #43441
Patch7: dhcp-4.1.1-prevent_wireless_deassociation.patch
# redhat bug #587070
Patch9: dhcp-4.1.1-useless-wait.patch
Patch10: dhcp-4.2.1-P1-CVE-2011-2748,2749.diff
BuildRequires: perl groff-for-man
BuildRequires: openldap-devel
Provides: dhcpd
Obsoletes: dhcpd < 3.0.6
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
%description
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network configuration
information (IP address, subnetmask, broadcast address, etc.) from a DHCP
server. The overall purpose of DHCP is to make it easier to administer a
large network. The dhcp package includes the DHCP server and a DHCP relay
agent. You will also need to install the dhcp-client or dhcpcd package,
or pump or dhcpxd, which provides the DHCP client daemon, on client machines.
If you want the DHCP server and/or relay, you will also need to install the
dhcp-server and/or dhcp-relay packages.
%package common
Summary: The ISC DHCP (Dynamic Host Configuration Protocol) server
Group: System/Servers
%description common
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
DHCP server and a DHCP relay agent.
You will also need to install the dhcp-client or dhcpcd package, or pump or
dhcpxd, which provides the DHCP client daemon, on client machines. If you
want the DHCP server and/or relay, you will also need to install the
dhcp-server and/or dhcp-relay packages.
%package doc
Summary: Documentation about the ISC DHCP server/client
Group: System/Servers
%description doc
This package contains RFC/API/protocol documentation about the ISC
DHCP server and client.
DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
individual devices on an IP network to get their own network
configuration information (IP address, subnetmask, broadcast address,
etc.) from a DHCP server. The overall purpose of DHCP is to make it
easier to administer a large network. The dhcp package includes the
DHCP server and a DHCP relay agent.
%package server
Summary: The ISC DHCP (Dynamic Host Configuration Protocol) server
Group: System/Servers
Requires: dhcp-common = %{epoch}:%{version}-%{release}
Requires(post): rpm-helper
Requires(preun): rpm-helper
Obsoletes: dhcp < 3.0.6
Provides: dhcp
%description server
DHCP server is the Internet Software Consortium (ISC) DHCP server for various
UNIX operating systems. It allows a UNIX mac hine to serve DHCP requests from
the network.
You should install dhcp-server if you want to set up a DHCP server on your
network. You will also need to install the base dhcp package.
%package client
Summary: The ISC DHCP (Dynamic Host Configuration Protocol) client
Group: System/Servers
Requires: dhcp-common = %{epoch}:%{version}-%{release}
%description client
DHCP client is the Internet Software Consortium (ISC) DHCP client for various
UNIX operating systems. It allows a UNIX mac hine to obtain it's networking
parameters from a DHCP server.
You should install dhcp-client if you want to use the ISC DHCP client instead
of the Red Hat DHCP client, pump, or dhcpcd, or dhcpxd. You will also need to
install the base dhcp package.
%package relay
Summary: The ISC DHCP (Dynamic Host Configuration Protocol) relay
Group: System/Servers
Requires: dhcp-common = %{epoch}:%{version}-%{release}
Requires(post): rpm-helper
Requires(preun): rpm-helper
%description relay
DHCP relay is the Internet Software Consortium (ISC) relay agent for DHCP
packets. It is used on a subnet with DHCP clients to "relay" their requests
to a subnet that has a DHCP server on it. Because DHCP packets can be
broadcast, they will not be routed off of the local subnet. The DHCP relay
takes care of this for the client. You will need to set the environment
variable SERVERS and optionally OPTIONS in /etc/sysconfig/dhcrelay before
starting the server.
%package devel
Summary: Development headers and libraries for the dhcpctl API
Group: Development/Other
Requires: dhcp-common = %{epoch}:%{version}-%{release}
%description devel
DHCP devel contains all of the libraries and headers for developing with the
Internet Software Consortium (ISC) dhcpctl API.
%prep
%setup -q -n %{name}-%{version}-%{pver} -a4
%patch0 -p1 -b .ifup
%patch5 -p1 -b .format_not_a_string_literal_and_no_format_arguments
%patch6 -p1 -b .noipv6nonfatal
%patch7 -p1 -b .prevent_wireless_deassociation
%patch9 -p0 -b .useless_wait
%patch10 -p1 -b .CVE-2011-2748,2749
install -m0644 %{SOURCE12} doc
%build
%serverbuild
%configure2_5x --enable-paranoia --enable-early-chroot \
--with-ldapcrypto \
--with-srv-lease-file=%{_var}/lib/dhcp/dhcpd.leases \
--with-srv6-lease-file=%{_var}/lib/dhcp/dhcpd6.leases \
--with-cli-lease-file=%{_var}/lib/dhcp/dhclient.leases \
--with-cli6-lease-file=%{_var}/lib/dhcp/dhclient6.leases \
--with-srv-pid-file=%{_var}/run/dhcpd/dhcpd.pid \
--with-srv6-pid-file=%{_var}/run/dhcpd/dhcpd6.pid \
--with-cli-pid-file=%{_var}/run/dhclient.pid \
--with-cli6-pid-file=%{_var}/run/dhclient6.pid \
--with-relay-pid-file=%{_var}/run/dhcrelay.pid
%make
%install
rm -rf %{buildroot}
install -d %{buildroot}%{_bindir}
install -d %{buildroot}%{_sysconfdir}/sysconfig
install -d %{buildroot}%{_initrddir}
install -d %{buildroot}%{_var}/lib/dhcp
install -d %{buildroot}%{_var}/run/dhcpd
%makeinstall_std
# Install correct dhclient-script
%{__mkdir} -p %{buildroot}/sbin
%{__mv} %{buildroot}%{_sbindir}/dhclient %{buildroot}/sbin/dhclient
%{__install} -p -m 0755 client/scripts/linux %{buildroot}/sbin/dhclient-script
install -m0755 %{SOURCE3} %{buildroot}%{_initrddir}/dhcpd
install -m0755 %{SOURCE5} %{buildroot}%{_initrddir}/dhcrelay
install -m0755 %{SOURCE6} %{SOURCE7} %{SOURCE8} %{buildroot}%{_sbindir}/
install -m0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/
install -m0755 contrib/ldap/dhcpd-conf-to-ldap %{buildroot}%{_sbindir}/
# install exit-hooks script to /etc/
install -m0755 %{SOURCE9} %{buildroot}%{_sysconfdir}/
cat > %{buildroot}%{_sysconfdir}/sysconfig/dhcpd <<EOF
# You can set here various option for dhcpd
# Which configuration file to use.
# CONFIGFILE="/etc/dhcpd.conf"
# Where to store the lease state information.
# LEASEFILE="/var/lib/dhcp/dhcpd.leases"
# Define INTERFACES to limit which network interfaces dhcpd listens on.
# The default null value causes dhcpd to listen on all interfaces.
#INTERFACES=""
# Define OPTIONS with any other options to pass to the dhcpd server.
# See dhcpd(8) for available options and syntax.
OPTIONS="-q"
EOF
touch %{buildroot}%{_var}/lib/dhcp/dhcpd.leases
touch %{buildroot}%{_var}/lib/dhcp/dhclient.leases
cat > %{buildroot}%{_sysconfdir}/sysconfig/dhcrelay <<EOF
# Define SERVERS with a list of one or more DHCP servers where
# DHCP packets are to be relayed to and from. This is mandatory.
#SERVERS="10.11.12.13 10.9.8.7"
SERVERS=""
# Define OPTIONS with any other options to pass to the dhcrelay server.
# See dhcrelay(8) for available options and syntax.
#OPTIONS="-q -i eth0 -i eth1"
OPTIONS="-q"
EOF
find . -type d -exec chmod 0755 {} \;
find . -type f -exec chmod 0644 {} \;
rm -rf doc/ja_JP.eucJP
# remove empty files
find -size 0 |grep ldap | xargs rm -rf
# remove unwanted file
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/dhclient.conf
%post server
%_post_service dhcpd
# New dhcpd lease file
if [ ! -f %{_var}/lib/dhcp/dhcpd.leases ]; then
touch %{_var}/lib/dhcp/dhcpd.leases
fi
if [ $1 = 0 ]; then
%{_initrddir}/dhcpd start
fi
#update an eventual installed dhcp-2* server
if [ -f %{_sysconfdir}/dhcpd.conf ]; then
perl %{_sbindir}/update_dhcp.pl
fi
%preun server
%_preun_service dhcpd
%postun server
if [ "$1" -ge "1" ]; then
/sbin/service dhcpd condrestart >/dev/null 2>&1
fi
%post relay
%_post_service dhcrelay
%preun relay
%_preun_service dhcrelay
%postun relay
if [ "$1" -ge "1" ]; then
/sbin/service dhcrelay condrestart >/dev/null 2>&1
fi
%post client
touch /var/lib/dhcp/dhclient.leases
%postun client
rm -rf /var/lib/dhcp/dhclient.leases
%clean
rm -rf %{buildroot}
%files common
%defattr(-,root,root)
%doc README contrib/ldap/README.ldap RELNOTES
%doc contrib/3.0b1-lease-convert
%dir %{_var}/lib/dhcp
%{_mandir}/man5/dhcp-options.5*
%files doc
%defattr(-,root,root)
%doc doc/*
%files server
%defattr(-,root,root)
%doc server/dhcpd.conf tests/failover contrib/ldap/dhcp.schema
%{_initrddir}/dhcpd
%config(noreplace) %{_sysconfdir}/dhcpd.conf
%config(noreplace) %{_sysconfdir}/dhclient-exit-hooks
%config(noreplace) %{_sysconfdir}/sysconfig/dhcpd
%config(noreplace) %ghost %{_var}/lib/dhcp/dhcpd.leases
%{_sbindir}/dhcpd
%{_sbindir}/update_dhcp.pl
%{_sbindir}/dhcpreport.pl
%{_sbindir}/dhcpd-conf-to-ldap
%{_sbindir}/dhcpd-chroot.sh
%{_bindir}/omshell
%{_mandir}/man1/omshell.1*
%{_mandir}/man3/omapi.3*
%{_mandir}/man5/dhcpd.conf.5*
%{_mandir}/man5/dhcpd.leases.5*
%{_mandir}/man5/dhcp-eval.5*
%{_mandir}/man8/dhcpd.8*
%dir %{_var}/run/dhcpd
%files relay
%defattr(-,root,root)
%{_initrddir}/dhcrelay
%config(noreplace) %{_sysconfdir}/sysconfig/dhcrelay
%{_sbindir}/dhcrelay
%{_mandir}/man8/dhcrelay.8*
%files client
%defattr(-,root,root)
%doc client/dhclient.conf
%config(noreplace) %ghost %{_var}/lib/dhcp/dhclient.leases
%attr (0755,root,root) /sbin/dhclient-script
/sbin/dhclient
%{_mandir}/man5/dhclient.conf.5*
%{_mandir}/man5/dhclient.leases.5*
%{_mandir}/man8/dhclient.8*
%{_mandir}/man8/dhclient-script.8*
%files devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/*.a
%{_mandir}/man3/*
%changelog
* Thu Aug 18 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.1-0.P1.2mdv2011.0
+ Revision: 695144
- actually use the correct friggin patch...
- P10: security fix for CVE-2011-2748,2749
* Fri Apr 08 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.1-0.P1.1
+ Revision: 651971
- 4.2.1-P1
- drop one upstream added patch
* Wed Jan 19 2011 Eugeni Dodonov <eugeni@mandriva.com> 3:4.2.0-0.P2.2
+ Revision: 631680
- Added sample dhclient-exit-hooks, initially handling
rfc3442_classless_static_routes (suggested in #62242).
* Thu Jan 06 2011 Oden Eriksson <oeriksson@mandriva.com> 3:4.2.0-0.P2.1mdv2011.0
+ Revision: 629100
- 4.2.0-P2
- bump release
- 4.2.0-P1
* Mon Aug 30 2010 Olivier Blin <blino@mandriva.org> 2:4.2.0-1mdv2011.0
+ Revision: 574440
- do not define again _GNU_SOURCE, now defined in default configure script
- 4.2.0
- LDAP patch merged upstream
* Mon Jul 12 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.1-7mdv2011.0
+ Revision: 551267
- Get rid of some useless wait (rh bug #587070)
* Fri Jun 11 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.1-6mdv2010.1
+ Revision: 547867
- 4.1.1-P1
* Tue Apr 06 2010 Funda Wang <fwang@mandriva.org> 2:4.1.1-5mdv2010.1
+ Revision: 531983
- rebuild for new openssl
* Fri Mar 12 2010 Götz Waschk <waschk@mandriva.org> 2:4.1.1-4mdv2010.1
+ Revision: 518419
- remove debug files from devel package
* Tue Mar 09 2010 Guillaume Rousse <guillomovitch@mandriva.org> 2:4.1.1-3mdv2010.1
+ Revision: 517076
- set explicit runlevels in init script
* Fri Feb 26 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.1-2mdv2010.1
+ Revision: 511559
- rebuilt against openssl-0.9.8m
* Thu Feb 25 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.1-1mdv2010.1
+ Revision: 511131
- Updated to 4.1.1.
Rediff P0, P5, P6, P7.
Drop P9 (merged upstream).
Drop P10 (no longer needed).
* Wed Feb 17 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.0p1-4mdv2010.1
+ Revision: 507051
- Updated ldap patch to use correct variables (#56028).
* Tue Jan 26 2010 Eugeni Dodonov <eugeni@mandriva.com> 2:4.1.0p1-3mdv2010.1
+ Revision: 496733
- Allow setting MTU if specified by the server (#57260).
* Wed Sep 23 2009 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.0p1-2mdv2010.0
+ Revision: 447689
- P9: security fix for CVE-2009-1892
* Wed Jul 15 2009 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.0p1-1mdv2010.0
+ Revision: 396413
- 4.1.0p1
* Fri Jun 19 2009 Wanderlei Cavassin <cavassin@mandriva.com.br> 2:4.1.0-6mdv2010.0
+ Revision: 387320
- fixed lease file parsing for tokens never and epoch (closes mdv #50194)
+ Götz Waschk <waschk@mandriva.org>
- fix URL
* Wed Mar 04 2009 Gustavo De Nardin <gustavodn@mandriva.com> 2:4.1.0-5mdv2009.1
+ Revision: 348205
- added Patch7, as suggested by Andrey Borzenkov, which prevents
dhclient-script from bringing interfaces down needlessly, which in turn
works around bug #43441 (deassociation going unnoticed by wpa_supplicant,
in the end causing the interface to not get an IP address)
* Thu Feb 19 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-4mdv2009.1
+ Revision: 342950
- Update patch6 with Fedora version which has been submitted upstream for inclusion
* Fri Jan 09 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-3mdv2009.1
+ Revision: 327771
- Patch6: no IPv6 is no longer a fatal error for dhclient
* Thu Jan 08 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-2mdv2009.1
+ Revision: 327169
- Update patch0 to correctly work with resolvconf
* Thu Jan 08 2009 Frederic Crozat <fcrozat@mandriva.com> 2:4.1.0-1mdv2009.1
+ Revision: 327047
- Release 4.1.0 (Mdv bug #46804)
- Remove detection of 64bits host at buildtime, configure is smart enough now
- Enable IPv6 support
- Regenerate patches 0, 5
- Remove patches 2 (merged upstream), 4 (useless)
- Patch1 (LDAP support) is now taked from Fedora, as well as source 9, 10, 11, 12
* Sat Dec 20 2008 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.7-2mdv2009.1
+ Revision: 316549
- rediffed one fuzzy patch
- fix build with -Werror=format-security (P5)
* Sun Jul 13 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 2:3.0.7-1mdv2009.0
+ Revision: 234269
- update to new version 3.0.7
- Patch1: new version
- use %%_var instead of %%_localstatedir
- spec file clean
* Mon Jun 16 2008 Thierry Vignaud <tv@mandriva.org> 2:3.0.6-6mdv2009.0
+ Revision: 220615
- rebuild
+ Pixel <pixel@mandriva.com>
- adapt to %%_localstatedir now being /var instead of /var/lib (#22312)
* Wed Mar 26 2008 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.6-5mdv2008.1
+ Revision: 190309
- don't start it per default
* Wed Jan 23 2008 Thierry Vignaud <tv@mandriva.org> 2:3.0.6-4mdv2008.1
+ Revision: 157246
- rebuild with fixed %%serverbuild macro
* Mon Dec 24 2007 Oden Eriksson <oeriksson@mandriva.com> 2:3.0.6-3mdv2008.1
+ Revision: 137459
- rebuilt against openldap-2.4.7 libs
+ Olivier Blin <blino@mandriva.org>
- restore BuildRoot
- fix typo in doc description
+ Thierry Vignaud <tv@mandriva.org>
- kill re-definition of %%buildroot on Pixel's request
* Wed Dec 12 2007 Olivier Blin <blino@mandriva.org> 2:3.0.6-2mdv2008.1
+ Revision: 119077
- move rpm-helper requirements in post/preun instead of pre/postun when needed
* Tue Jul 10 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 2:3.0.6-1mdv2008.0
+ Revision: 50797
- new version
* Wed Jul 04 2007 Andreas Hasenack <andreas@mandriva.com> 2:3.0.5-8mdv2008.0
+ Revision: 48227
- use serverbuild macro (-fstack-protector-all)
* Wed Mar 28 2007 Olivier Blin <oblin@mandriva.com> 3.0.5-7mdv2007.1
+ Revision: 149230
- dhcpcd should start ldap (Daggett)
* Fri Mar 16 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-6mdv2007.1
+ Revision: 144641
- drop useless perl(Win32API::Registry) requires exception
- move RFC/API/protocol doc in a dhcp-doc sub-package
* Sat Mar 10 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-5mdv2007.1
+ Revision: 140432
- PEERGATEWAY support (#20806)
* Sat Mar 10 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-4mdv2007.1
+ Revision: 140295
- default to NEEDHOSTNAME=no, as described in initscripts documentation
* Thu Jan 11 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-3mdv2007.1
+ Revision: 107599
- make dhclient-script set DEVICE variable when no ifcfg file is present (to call resolvconf correctly)
* Tue Jan 02 2007 Olivier Blin <oblin@mandriva.com> 2:3.0.5-2mdv2007.1
+ Revision: 103318
- bump release
- do not call unknown /sbin/update-resolvrdv in dhclient-script
- set metric before creating resolv.conf (useful for resolvconf)
* Thu Nov 16 2006 Guillaume Rousse <guillomovitch@mandriva.org> 2:3.0.5-1mdv2007.1
+ Revision: 84730
- new version
install configuration file under real name, not as sample
* Fri Sep 01 2006 Olivier Blin <oblin@mandriva.com> 2:3.0.4-2mdv2007.0
+ Revision: 59227
- add METRIC support in dhclient-script (from Fabrice Facorat, #23164)
- bunzip sources and patches
- Import dhcp
* Mon May 22 2006 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-1mdk
- 3.0.4
- added new rediffed ldap patch (P1)
* Mon Feb 06 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.8mdk
- use $'\n' in dhclient-script (required for initscripts >= 7.66,
since change_resolv_conf doesn't use "echo -e" anymore)
* Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.7mdk
- fix requires post and preun
- fix typo in initscript
* Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.6mdk
- convert parallel init to LSB
* Mon Jan 02 2006 Olivier Blin <oblin@mandriva.com> 3.0.4-0.b2.5mdk
- parallel init support
* Tue Dec 06 2005 Frederic Lepied <flepied@mandriva.com> 3.0.4-0.b2.4mdk
- use change_resolv_conf in dhclient-scripts to be able to do the right
thing wrt nscd.
* Tue Nov 29 2005 Thierry Vignaud <tvignaud@mandriva.com> 3.0.4-0.b2.3mdk
- fix build on x86_64
* Thu Nov 24 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-0.b2.2mdk
- exclude debug files in the -devel package, temporary solution
* Mon Nov 14 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.4-0.b2.1mdk
- 3.0.4b2
- pass "-DLDAP_DEPRECATED" to the CFLAGS
- updated rediffed P1 (dhcp-3.0.3-ldap-patch)
- fix the chroot script so it won't touch the /etc/dhcpd.conf file
* Wed Aug 31 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.3-3mdk
- rebuilt against new openldap-2.3.6 libs
* Sat Aug 06 2005 Michael Scherer <misc@mandriva.org> 3.0.3-2mdk
- fill a default config file
* Mon Aug 01 2005 Oden Eriksson <oeriksson@mandriva.com> 3.0.3-1mdk
- 3.0.3
- fix deps
- drop the gcc343 patch (P3), it's fixed upstream
- use the %%mkrel macro
* Sat Apr 23 2005 Olivier Blin <oblin@mandriva.com> 3.0.2-2mdk
- do not make dhclient-script fail and return DENY return code when no
config file for the interface is found (update and re-indent Patch0)
* Thu Feb 24 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 3.0.2-1mdk
- 3.0.2
* Fri Feb 04 2005 Buchan Milne <bgmilne@linux-mandrake.com> 3.0.1-9mdk
- rebuild for ldap2.2_7
* Wed Feb 02 2005 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-8mdk
- back to standard 60 seconds timeout.
* Wed Feb 02 2005 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-7mdk
- default timeout to 5 seconds
* Fri Dec 24 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 3.0.1-6mdk
- new ldap patch
- renumber sources and patches
- bzip sources
- added P2 that allows us to run it chroot
- added S8 that makes it easier to chroot the server
- fixed S3 to make use of P2 & S8
- fix pid file location for the dhcpd daemon
- added P3 to make it build with latest cooker gcc (rock linux)
- misc spec file fixes
* Sat Jul 31 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-5mdk
- by default hostname is set
* Sat Jul 31 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-4mdk
- assign default gateway by interface (updated patch1)
* Fri Jul 30 2004 Frederic Lepied <flepied@mandrakesoft.com> 3.0.1-3mdk
- only change the hostname if NEEDHOSTNAME=yes (updated patch1)
* Thu Jul 29 2004 Buchan Milne <bgmilne@linux-mandrake.com> 3.0.1-2mdk
- update ldap patch
* Thu Jul 29 2004 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 3.0.1-1mdk
- 3.0.1
* Thu Jul 01 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc14.2mdk
- bring back the ldap patch and buildrequires
* Tue Jun 29 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc14.1mdk
- rebuild for cooker
* Tue Jun 22 2004 Vincent Danen <vdanen@mandrakesoft.com> 3.0-1.rc14.0.1.100mdk
- 3.0.1rc14
- security fixes for CAN-2004-0460 (VU#317350) and CAN-2004-0461 (VU#654390)
* Wed May 05 2004 Per Øyvind Karlsen <peroyvind@linux-mandrake.com> 3.0-1.rc13.6mdk
- fix buildrequires
* Sat Apr 24 2004 Florin <florin@mandrakesoft.com> 3.0-1.rc13.5mdk
- add the dhcp-ldap support

162
dhcpd-chroot.sh Executable file
View file

@ -0,0 +1,162 @@
#!/bin/bash
#
# dhcpd-chroot.sh is a modified bind-chroot.sh script that enables the
# dhcpd server to run in a chroot jail under an unprivileged user
# account (dhcpd). It requires that the ISC DHCP software is patched
# with the paranoia patch (listed below) by Ari Edelkind.
#
# http://www.episec.com/people/edelkind/patches/dhcp/dhcp-3.0+paranoia.patch
#
# The current ISC DHCP software should have this patch applied,
# otherwise you shouldn't be able to lurk in here reading this.
#
# Copyright Fri Dec 24 2004:
#
# bind-chroot.sh: Florin Grad <florin@mandrakesoft.com>
# dhcpd-chroot.sh: Oden Eriksson <oeriksson@mandrakesoft.com>
#
# GPL License
# Source function library.
. /etc/rc.d/init.d/functions
[ -f /etc/sysconfig/dhcpd ] && . /etc/sysconfig/dhcpd
# chroot
if [ "$1" == "-s" -o "$1" == "--status" ]; then
if [ -n "${ROOTDIR}" ]; then
echo ""
echo "ROOTDIR is defined in your /etc/sysconfig/dhcpd file."
echo "You already appear to have a chroot ISC DHCPD setup."
echo "ROOTDIR=${ROOTDIR}"
exit
else
echo "Your ISC DHCPD server is not chrooted."
fi
elif [ "$1" == "-c" -o "$1" == "--chroot" -o "$1" == "-i" -o "$1" == "--interactive" ]; then
if [ -n "${ROOTDIR}" ]; then
echo ""
echo "In your /etc/sysconfig/dhcpd file: ROOTDIR=${ROOTDIR} exists"
echo "You already appear to have a chroot ISC DHCPD setup."
exit
#interactive
elif [ "$1" == "-i" -o "$1" == "--interactive" ]; then
echo ""
echo "Please enter the ROOTDIR path (ex: /var/lib/dhcpd-chroot):"
# can't use ctrl-c, we trap all signal.
read answer;
export ROOTDIR="$answer"
#non interactive
elif [ "$1" == "-c" -a -n "$2" -o "$1" == "--chroot" -a -n "$2" ]; then
export ROOTDIR="$2"
else
echo ""
echo "Missing path for chroot."
fi
echo "I have to stop the ISC DHCP server before continuing..."
PIDFILE="/var/run/dhcpd/dhcpd.pid"
[ -f ${PIDFILE} ] && kill -9 `cat ${PIDFILE}` >/dev/null 2>&1
[ -f ${ROOTDIR}/${PIDFILE} ] && kill -9 `cat ${ROOTDIR}/${PIDFILE}` >/dev/null 2>&1
usleep 3600; rm -f ${PIDFILE} ${ROOTDIR}/${PIDFILE} >/dev/null 2>&1
# add the dhcpd user
/usr/sbin/useradd -r -M -s /dev/false -c "system user for dhcpd" -d ${ROOTDIR} dhcpd 2> /dev/null || :
# create directories and set permissions
mkdir -p ${ROOTDIR}
chmod 700 ${ROOTDIR}
cd ${ROOTDIR}
mkdir -p dev etc var/run/dhcpd var/lib/dhcp
[ -e dev/null ] || mknod dev/null c 1 3
[ -e dev/random ] || mknod dev/random c 1 8
cp /etc/localtime etc/
# [ -f /etc/dhcpd.conf ] && cp -f /etc/dhcpd.conf etc/
[ -f /var/lib/dhcp/dhcpd.leases ] && cp -f /var/lib/dhcp/dhcpd.leases var/lib/dhcp/
[ -f /var/lib/dhcp/dhcpd.leases~ ] && cp -f /var/lib/dhcp/dhcpd.leases~ var/lib/dhcp/
chown -R dhcpd:dhcpd ${ROOTDIR}
#update the OPTIONS in /etc/sysconfig/dhcpd
if grep -q ^OPTIONS= /etc/sysconfig/dhcpd; then
if sed 's!^\(OPTIONS=".*\)"$!\1 -user dhcpd -group dhcpd"!' < /etc/sysconfig/dhcpd > /etc/sysconfig/dhcpd.new; then
mv -f /etc/sysconfig/dhcpd.new /etc/sysconfig/dhcpd
fi
else
echo "Updating OPTIONS in /etc/sysconfig/dhcpd"
echo "OPTIONS=\"-user dhcpd -group dhcpd\"" >> /etc/sysconfig/dhcpd
fi
#update the ROOTDIR in /etc/sysconfig/dhcpd
echo "Updating ROOTDIR in /etc/sysconfig/dhcpd"
echo "ROOTDIR=\"${ROOTDIR}\"" >> /etc/sysconfig/dhcpd
echo ""
echo "Chroot configuration for ISC DHCPD is complete."
echo "You should review your ${ROOTDIR}/etc/dhcpd.conf"
echo "and make any necessary changes."
echo ""
echo "Run \"/sbin/service dhcpd restart\" when you are done."
echo ""
# unchroot
elif [ "$1" == "-u" -o "$1" == "--unchroot" ]; then
if ! grep -q "^ROOTDIR=" /etc/sysconfig/dhcpd; then
echo ""
echo "Your dhcpd is not currently chrooted"
echo ""
exit
fi
echo "I have to stop the ISC DHCP server before continuing..."
PIDFILE="/var/run/dhcpd/dhcpd.pid"
[ -f ${PIDFILE} ] && kill -9 `cat ${PIDFILE}` >/dev/null 2>&1
[ -f ${ROOTDIR}/${PIDFILE} ] && kill -9 `cat ${ROOTDIR}/${PIDFILE}` >/dev/null 2>&1
usleep 3600; rm -f ${PIDFILE} ${ROOTDIR}/${PIDFILE} >/dev/null 2>&1
echo ""
echo "Removing ROOTDIR from /etc/sysconfig/dhcpd"
sed -e '/^\(ROOTDIR=".*\)"$/d' < /etc/sysconfig/dhcpd > /etc/sysconfig/dhcpd.new
mv -f /etc/sysconfig/dhcpd.new /etc/sysconfig/dhcpd
echo "Cleaning the OPTIONS in /etc/sysconfig/dhcpd"
sed -e 's|-user dhcpd -group dhcpd[ ]*||' < /etc/sysconfig/dhcpd > /etc/sysconfig/dhcpd.new
mv -f /etc/sysconfig/dhcpd.new /etc/sysconfig/dhcpd
sed -e 's|[ ][ ]*"|"|' < /etc/sysconfig/dhcpd > /etc/sysconfig/dhcpd.new
mv -f /etc/sysconfig/dhcpd.new /etc/sysconfig/dhcpd
echo ""
echo "Moving the following files to their original location :"
# echo "/etc/dhcpd.conf"
echo "/var/lib/dhcp/dhcpd.leases"
echo "/var/lib/dhcp/dhcpd.leases~"
# [ -f /etc/dhcpd.conf ] || mv -f ${ROOTDIR}/etc/dhcpd.conf /etc/
[ -f /var/lib/dhcp/dhcpd.leases~ ] || mv -f ${ROOTDIR}/var/lib/dhcp/dhcpd.leases~ /var/lib/dhcp/
[ -f /var/lib/dhcp/dhcpd.leases ] || mv -f ${ROOTDIR}/var/lib/dhcp/dhcpd.leases /var/lib/dhcp/
#chown -R dhcpd:dhcpd /var/run/dhcpd
echo ""
echo "Removing the ${ROOTDIR}"
rm -rf ${ROOTDIR}
echo "Your dhcpd server is not chrooted anymore."
echo ""
echo "Run \"/sbin/service dhcpd restart\" when you are done."
echo ""
#usage
else
echo ""
echo "Usage: $0 [arguments]"
echo ""
echo -e "\t-s, --status (current dhcpd configuration type)"
echo ""
echo "arguments:"
echo -e "\t-i, --interactive (so you can choose your path)"
echo ""
echo -e "\t-c, --chroot (choose a chroot location. ex: /var/lib/dhcpd-chroot)"
echo ""
echo -e "\t-u, --unchroot (back to the original configuration)"
echo ""
fi

23
dhcpd.conf Normal file
View file

@ -0,0 +1,23 @@
ddns-update-style none;
subnet 192.168.0.0 netmask 255.255.255.0 {
# default gateway
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
option domain-name "domain.org";
# Seting up an ip address is better here
option domain-name-servers ns.domain.org;
option nis-domain "domain.org";
range dynamic-bootp 192.168.0.128 192.168.0.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server fixed.mandrakesoft.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 192.168.0.10;
}
}

120
dhcpd.init Normal file
View file

@ -0,0 +1,120 @@
#!/bin/bash
#
# dhcpd This shell script takes care of starting and stopping
# dhcpd.
#
# chkconfig: 345 65 35
# description: dhcpd provides the Dynamic Host Configuration Protocol service.
#
# processname: dhcpd
# config: /etc/dhcpd.conf
# pidfile: /var/run/dhcpd/dhcpd.pid
#
### BEGIN INIT INFO
# Provides: dhcpd
# Required-Start: $network
# Should-Start: ldap
# Required-Stop: $network
# Should-Stop: ldap
# Short-Description: The dhcpd daemon
# Description: dhcpd provides the Dynamic Host Configuration Protocol service.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x /usr/sbin/dhcpd ] || exit 0
# The following variables should be set in the file
# /etc/sysconfig/dhcpd.
# Which configuration file to use.
CONFIGFILE="/etc/dhcpd.conf"
# Where to store the lease state information.
LEASEFILE="/var/lib/dhcp/dhcpd.leases"
# Define INTERFACES to limit which network interfaces dhcpd listens on.
# The default null value causes dhcpd to listen on all interfaces.
INTERFACES=""
# Define OPTIONS with any other options to pass to the dhcpd server.
OPTIONS="-q"
# Source dhcpd configuration. Values specified in this file override
# the defaults above.
[ -f /etc/sysconfig/dhcpd ] && . /etc/sysconfig/dhcpd
# If null values were specified, use defaults so we don't get a syntax
# error below.
[ "${CONFIGFILE}" = "" ] && CONFIGFILE="/etc/dhcpd.conf"
[ "${LEASEFILE}" = "" ] && LEASEFILE="/var/lib/dhcp/dhcpd.leases"
[ -f $CONFIGFILE ] || exit 0
[ -f $LEASEFILE ] || exit 0
RETVAL=0
start() {
# Start daemons.
echo -n "Starting dhcpd: "
if [ -n "${ROOTDIR}" -a "x${ROOTDIR}" != "x/" ]; then
OPTIONS="${OPTIONS} -chroot ${ROOTDIR}"
fi
daemon /usr/sbin/dhcpd -cf $CONFIGFILE -lf $LEASEFILE $OPTIONS $INTERFACES
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dhcpd
return $RETVAL
}
stop() {
# Stop daemons.
echo -n "Shutting down dhcpd: "
if [ -r ${ROOTDIR}/var/run/dhcpd/dhcpd.pid ]; then
kill -TERM `cat ${ROOTDIR}/var/run/dhcpd/dhcpd.pid`
RETVAL=$?
[ "$RETVAL" = 0 ] && success "stop" || failure "stop"
else
success "already stopped"
RETVAL=0
fi
[ $RETVAL -eq 0 ] && rm -f ${ROOTDIR}/var/run/dhcpd/dhcpd.pid
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/dhcpd
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
condrestart)
if [ -f /var/lock/subsys/dhcpd ]; then
stop
start
RETVAL=$?
fi
;;
status)
status dhcpd
RETVAL=$?
;;
*)
echo "Usage: dhcpd {start|stop|restart|condrestart|status}"
exit 1
esac
exit $RETVAL

253
dhcpreport.pl Normal file
View file

@ -0,0 +1,253 @@
#!/usr/bin/perl
my $path_to_leasefile = "/var/lib/dhcp/dhcpd.leases";
my $ping_ttl = .3;
my $date_format = "%m-%d-%Y %I:%M%p";
use strict;
use Net::Ping;
#To convert the UTC times to seconds since the epoch
use Time::Local;
#To format the output time
use POSIX ("strftime");
use Term::ANSIColor;
use Getopt::Long;
#use Getopt::Long (":config", "bundling");
use Term::ANSIColor (":constants");
$Term::ANSIColor::AUTORESET = 1;
#Populate all the command line variables
my ($showmac,$showatm,$showip,$showexpired,$help,$color);
GetOptions('mac|m' => \$showmac,'atm|a' => \$showatm,'ip|i=s' => \$showip,'expired|x' => \$showexpired,'help|h'=>\$help,'color|c'=>\$color);
$ENV{'REQUEST_METHOD'};
#Display the usage if they pass in --help or -h
if ($help) { die(&usage()); }
my @list;
my %hash;
my ($count,$expired_lease);
#Open the lease file to begin parsing it
open (INFILE,$path_to_leasefile);
#print "$< - $>\n";
$expired_lease=0;
while (<INFILE>) {
if ($_ =~ /lease (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/i) {
my $ip = $1;
my $hostname = undef;
my $remoteid = undef;
my $macaddr = undef;
my $lease_start = undef;
my $lease_end = undef;
# Go until you see a } which is the end of record char
while ($_ !~ /^}$/) {
$_ = <INFILE>;
if ($_ =~ /starts/) {
$lease_start = &leasegm_to_epoch($_);
}
elsif ($_ =~ /ends/) {
$lease_end = &leasegm_to_epoch($_);
}
elsif ($_ =~ /client-hostname \"(.*)\"/ ) {
$hostname = $1;
}
elsif ($_ =~ /option agent\.remote-id (.*);/ ) {
$remoteid = $1;
}
elsif ($_ =~ /hardware ethernet (.*);/ ) {
$macaddr = $1;
}
}
my $expired = &lease_expired($lease_end);
#If we're not searching for ONE IP and the lease isn't expired add it to the hash
if (!$showip && !$expired) {
# Put it in the hash no matter what, if showip isn't set because it will overwrite
$hash{$ip}={"hostname"=>$hostname,"remoteid"=>$remoteid,"mac"=>$macaddr,"lease_end"=>$lease_end};
}
elsif ($showip && $ip =~ /$showip/ && !$expired) {
# Only populate the hash if it matches the passed in request
$hash{$ip}={"hostname"=>$hostname,"remoteid"=>$remoteid,"mac"=>$macaddr,"lease_end"=>$lease_end};
}
elsif ($expired) {
#if ($showexpired) {
# my $ctime = strftime("%m-%d-%Y %I:%M%p",localtime($lease_end));
# print "Expired: $ip\t($ctime)\n";
#}
$expired_lease++;
}
$count++;
}
}
close INFILE;
if ($showip) {
print "Showing IPs that match \"$showip\"\n";
}
@list = sort(keys %hash);
my $total = scalar(@list) + 1;
my $maxlen;
#get the length of the longest IP
for my $ip(@list) {
if ($maxlen < length($ip)) { $maxlen = length($ip); }
}
my $output;
#$output .= "Content-Type: text/html\n\n";
#$output .= "Checking $total ($count dupes) leases for validity\n";
print "Checking $total leases ($expired_lease expired) for validity\n";
my $ping = Net::Ping->new("icmp");
my $count=0;
foreach my $ip (@list) {
my $result = $ping->ping($ip,$ping_ttl);
if ($result) {
$result = "Alive";
if ($color) { $result = GREEN $result; }
$count++;
}
else {
$result = "Dead";
if ($color) { $result = RED $result; }
}
# Get the hostname part
my $hostname;
$hostname = $hash{$ip}->{'hostname'};
if (!$hostname) {
$hostname = "*blank*";
if ($color) { $hostname = BOLD BLUE $hostname; }
}
my $lease_end;
#If we're showing when the leases expire
if ($showexpired) {
#If the year is great than 2020 (my way of representing "never") than it's a
#lease that doesn't expire
if (strftime("%Y",localtime($hash{$ip}->{lease_end})) > 2020) {
$lease_end = "Never";
if ($color) { $lease_end = BOLD WHITE $lease_end; }
$lease_end = &padtext($lease_end,length($lease_end)+2);
}
#Show the date in the date format
else {
$lease_end = strftime($date_format,localtime($hash{$ip}->{lease_end}));
$lease_end = padtext($lease_end,length($lease_end)+2);
}
}
else { $lease_end = ""; }
# Get the agentid
my $remoteid;
$remoteid = $hash{$ip}->{'remoteid'} or $remoteid = "none";
my $mac;
if ($showmac) { $mac = $hash{$ip}->{'mac'} or $mac = ""; }
my $atm;
if ($showatm) { $atm = $hash{$ip}->{'remoteid'} or $atm = ""; }
if ($showatm) { $atm = &getoption82($atm); }
$ip = padtext($ip,$maxlen + 2);
$mac = padtext($mac,19);
if (!$color) { $result = padtext($result,7); }
else { $result = padtext($result,16); }
$atm = padtext($atm,5);
$hostname = padtext("($hostname)",20);
my $outline = "$ip$result$mac$atm$lease_end$hostname\n";
print $outline;
}
my $percent;
if (!$total == 0) {
$percent = sprintf("%2.f%%", ($count/$total) * 100);
}
else {
$percent = "100%";
}
print "$count active leases ($percent)\n";
#$output .= "$count active leases ($percent)\n";
print $output;
sub getoption82 () {
my $data = shift;
if (!$data) { return -1; }
my @list = split(":",$data);
my $vpi = hex($list[9]);
my $vci = (hex($list[10]) * 16) + hex($list[11]);
return "$vpi-$vci";
}
sub padtext() {
my $str = shift;
my $len = shift;
if (!$str || !$len) { return $str; }
$str = sprintf("%-${len}s",$str);
return $str;
}
sub leasegm_to_epoch() {
my ($sec,$min,$hours,$mday,$mon,$year);
if (my @list = $_[0] =~ /(\w+)\s+(\d+)\s+(\d{4})\/(\d{1,2})\/(\d{1,2})\s+(\d{1,2}):(\d{1,2}):(\d{1,2})/) {
$sec = $list[7];
$min = $list[6];
$hours = $list[5];
$mday = $list[4];
$mon = $list[3] - 1;
$year = $list[2] - 1900;
}
elsif (my @list = $_[0] =~ /ends never/) {
$sec = 1;
$min = 1;
$hours = 1;
$mday = 1;
$mon = 1;
$year = 132;
}
else { die("Whoa that aint good!\n"); }
#print "$sec,$min,$hours,$mday,$mon,$year\n";
my $time_string = timegm($sec,$min,$hours,$mday,$mon,$year);
return $time_string;
}
# Check to see if the lease has expired
sub lease_expired() {
my $lease_time = shift;
#Make sure a lease time is passed in
if (!$lease_time) { return undef; }
my $time_now = time();
#If the lease is before right now, then the lease is still good
if ($lease_time < $time_now) { return 1; }
#Otherwise it has expired
else { return 0; }
}
sub usage() {
my $output .= "$0
-x --expired show lease expiration times
-m --mac show lease MAC address
-a --atm show lease ATM (Option 82) information
-i --IP=1.2.3.4 filter for ip 1.2.3.4 (regexp)
-c --color show output in color for readability
";
}

103
dhcrelay.init Normal file
View file

@ -0,0 +1,103 @@
#!/bin/sh
#
# dhcrelay This shell script takes care of starting and stopping
# dhcrelay.
#
# chkconfig: 2345 65 35
# description: dhcrelay provides the DHCP Relay service.
#
# processname: dhcrelay
# pidfile: /var/run/dhcrelay.pid
#
### BEGIN INIT INFO
# Provides: dhcrelay
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Short-Description: The dhcrelay daemon
# Description: dhcrelay provides the DHCP Relay service.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x /usr/sbin/dhcrelay ] || exit 0
# The following variables can be set in the file
# /etc/sysconfig/dhcrelay.
# Define SERVERS with a list of one or more DHCP servers where
# DHCP packets are to be relayed to and from. This is mandatory.
#SERVERS="10.11.12.13 10.9.8.7"
SERVERS=""
# Define OPTIONS with any other options to pass to the dhcrelay server.
# See dhcrelay(8) for available options and syntax.
#OPTIONS="-q -i eth0 -i eth1"
OPTIONS="-q"
# Source dhcrelay configuration. Values specified in this file override
# the defaults above.
[ -f /etc/sysconfig/dhcrelay ] && . /etc/sysconfig/dhcrelay
# Check that at least one DHCP server to relay to was specified.
[ "${SERVERS}" = "" ] && exit 0
RETVAL=0
start() {
# Start daemons.
echo -n "Starting dhcrelay: "
daemon /usr/sbin/dhcrelay $OPTIONS $SERVERS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/dhcrelay
return $RETVAL
}
stop() {
# Stop daemons.
echo -n "Shutting down dhcrelay: "
killproc dhcrelay
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/dhcrelay
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
condrestart)
if [ -f /var/lock/subsys/dhcrelay ]; then
stop
start
RETVAL=$?
fi
;;
status)
status dhcrelay
RETVAL=$?
;;
*)
echo "Usage: dhcrelay {start|stop|restart|condrestart|status}"
exit 1
esac
exit $RETVAL

1089
draft-ietf-dhc-ldap-schema-01.txt Normal file
View file

File diff suppressed because it is too large Load diff

45
update_dhcp.pl Normal file
View file

@ -0,0 +1,45 @@
#!/usr/bin/perl -W
#----------------------------------------------------------------------
# copyright (C) 2001 Florin Grad
#
# This is a really silly program that is supposed to allow an update of
# a dhcp-2* server to a dhcp-3* server
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#------------------------------------------------------------------------
#search for a ddns-update-style entry in /etc/dhcpd.conf file
my $conf_file = "/etc/dhcpd.conf"; #$ARGV[0];
my $conf_file_orig = "/etc/dhcpd.conf.orig";
my $i=0;
open (DHCPCONF, "< $conf_file") or die "Can't open the $conf_file file for reading";
while (<DHCPCONF>) {
if (/ddns-update-style/) {
$i++;
};
};
close (DHCPCONF);
if ($i == 0) { #we are on a dhcp-2
rename("$conf_file","$conf_file_orig") || die "Can't rename $conf_file: $!";
open (DHCPCONF, "> $conf_file") or die "Can't open the $conf_file file for writing";
print DHCPCONF "ddns-update-style none;\n";
open (DHCPCONF_ORIG, "< $conf_file_orig") or die "Can't open the $conf_file_orig file for reading";
while (<DHCPCONF_ORIG>) {
print DHCPCONF "$_";
};
close (DHCPCONF_ORIG);
close (DHCPCONF);
}