Hi, On 01.05.2018 13:18, Michael Tremer wrote: > Hi, > > okay. Let's wait until we hear back from the testers. No problem. > Are you sure that dropping the big patchset doesn't cause us any problems? No. But it was the only chance I saw to build this version. The code changed in a way that I should have rewritten the patches from scratch and that is far beyond my skills. Besides, I'm *never* really sure or trust any kind of software. Software is basically evil. ;-) By now, I'm testing in my (home) environment and the new version is doing its job since the update. No complaints, crashes or seen problems. Best, Matthias > Best, > -Michael > > On Mon, 2018-04-30 at 15:07 +0200, Matthias Fischer wrote: >> For details see: >> https://kb.isc.org/article/AA-01571/82/DHCP-4.4.1-Release-Notes.html >> >> This closes https://bugzilla.ipfire.org/show_bug.cgi?id=11697 and >> https://bugzilla.ipfire.org/show_bug.cgi?id=11293, hopefully. >> >> This update required some changes as described in: >> https://bugzilla.ipfire.org/show_bug.cgi?id=11697#c6 >> >> Best, >> Matthias >> >> Signed-off-by: Matthias Fischer >> --- >> config/rootfiles/common/dhcp | 4 +- >> lfs/dhcp | 39 +- >> .../dhcp/dhcp-64_bit_lease_parse.patch | 75 --- >> src/patches/dhcp/dhcp-CLOEXEC.patch | 342 ---------- >> src/patches/dhcp/dhcp-PPP.patch | 150 ----- >> src/patches/dhcp/dhcp-UseMulticast.patch | 241 -------- >> .../dhcp/dhcp-add_timeout_when_NULL.patch | 14 - >> src/patches/dhcp/dhcp-capability.patch | 250 -------- >> .../dhcp/dhcp-default-requested-options.patch | 44 -- >> .../dhcp/dhcp-dhclient-decline-backoff.patch | 63 -- >> src/patches/dhcp/dhcp-dhclient-options.patch | 509 --------------- >> src/patches/dhcp/dhcp-errwarn-message.patch | 22 - >> src/patches/dhcp/dhcp-garbage-chars.patch | 12 - >> src/patches/dhcp/dhcp-gpxe-cid.patch | 73 --- >> src/patches/dhcp/dhcp-honor-expired.patch | 49 -- >> src/patches/dhcp/dhcp-improved-xid.patch | 138 ----- >> src/patches/dhcp/dhcp-logpid.patch | 11 - >> src/patches/dhcp/dhcp-lpf-ib.patch | 585 ------------------ >> src/patches/dhcp/dhcp-manpages.patch | 157 ----- >> src/patches/dhcp/dhcp-paranoia.patch | 156 ----- >> src/patches/dhcp/dhcp-paths.patch | 44 -- >> src/patches/dhcp/dhcp-release-by-ifup.patch | 85 --- >> src/patches/dhcp/dhcp-remove-bind.patch | 192 ------ >> ...dhcp-rfc3442-classless-static-routes.patch | 405 ------------ >> src/patches/dhcp/dhcp-sendDecline.patch | 231 ------- >> src/patches/dhcp/dhcp-sharedlib.patch | 107 ---- >> .../dhcp/dhcp-stateless-DUID-LLT.patch | 48 -- >> src/patches/dhcp/dhcp-unicast-bootp.patch | 101 --- >> src/patches/dhcp/dhcp-xen-checksum.patch | 251 -------- >> 29 files changed, 7 insertions(+), 4391 deletions(-) >> delete mode 100644 src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> delete mode 100644 src/patches/dhcp/dhcp-CLOEXEC.patch >> delete mode 100644 src/patches/dhcp/dhcp-PPP.patch >> delete mode 100644 src/patches/dhcp/dhcp-UseMulticast.patch >> delete mode 100644 src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> delete mode 100644 src/patches/dhcp/dhcp-capability.patch >> delete mode 100644 src/patches/dhcp/dhcp-default-requested-options.patch >> delete mode 100644 src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> delete mode 100644 src/patches/dhcp/dhcp-dhclient-options.patch >> delete mode 100644 src/patches/dhcp/dhcp-errwarn-message.patch >> delete mode 100644 src/patches/dhcp/dhcp-garbage-chars.patch >> delete mode 100644 src/patches/dhcp/dhcp-gpxe-cid.patch >> delete mode 100644 src/patches/dhcp/dhcp-honor-expired.patch >> delete mode 100644 src/patches/dhcp/dhcp-improved-xid.patch >> delete mode 100644 src/patches/dhcp/dhcp-logpid.patch >> delete mode 100644 src/patches/dhcp/dhcp-lpf-ib.patch >> delete mode 100644 src/patches/dhcp/dhcp-manpages.patch >> delete mode 100644 src/patches/dhcp/dhcp-paranoia.patch >> delete mode 100644 src/patches/dhcp/dhcp-paths.patch >> delete mode 100644 src/patches/dhcp/dhcp-release-by-ifup.patch >> delete mode 100644 src/patches/dhcp/dhcp-remove-bind.patch >> delete mode 100644 src/patches/dhcp/dhcp-rfc3442-classless-static- >> routes.patch >> delete mode 100644 src/patches/dhcp/dhcp-sendDecline.patch >> delete mode 100644 src/patches/dhcp/dhcp-sharedlib.patch >> delete mode 100644 src/patches/dhcp/dhcp-stateless-DUID-LLT.patch >> delete mode 100644 src/patches/dhcp/dhcp-unicast-bootp.patch >> delete mode 100644 src/patches/dhcp/dhcp-xen-checksum.patch >> >> diff --git a/config/rootfiles/common/dhcp b/config/rootfiles/common/dhcp >> index ff225a571..9e6d52e4e 100644 >> --- a/config/rootfiles/common/dhcp >> +++ b/config/rootfiles/common/dhcp >> @@ -5,8 +5,6 @@ etc/dhcp/dhcpd.conf >> #usr/bin/omshell >> #usr/include/dhcpctl >> #usr/include/dhcpctl/dhcpctl.h >> -#usr/include/isc-dhcp >> -#usr/include/isc-dhcp/dst.h >> #usr/include/omapip >> #usr/include/omapip/alloc.h >> #usr/include/omapip/buffer.h >> @@ -17,8 +15,8 @@ etc/dhcp/dhcpd.conf >> #usr/include/omapip/omapip_p.h >> #usr/include/omapip/result.h >> #usr/include/omapip/trace.h >> +#usr/lib/libdhcp.a >> #usr/lib/libdhcpctl.a >> -#usr/lib/libdst.a >> #usr/lib/libomapi.a >> #usr/sbin/dhclient >> usr/sbin/dhcpd >> diff --git a/lfs/dhcp b/lfs/dhcp >> index 262a25129..a055d6081 100644 >> --- a/lfs/dhcp >> +++ b/lfs/dhcp >> @@ -1,7 +1,7 @@ >> ############################################################################# >> ## >> # >> # >> # IPFire.org - A linux based >> firewall # >> -# Copyright (C) 2007-2015 IPFire Team >> # >> +# Copyright (C) 2007-2018 IPFire Team >> # >> # >> # >> # This program is free software: you can redistribute it and/or >> modify # >> # it under the terms of the GNU General Public License as published >> by # >> @@ -24,7 +24,7 @@ >> >> include Config >> >> -VER = 4.3.1 >> +VER = 4.4.1 >> >> THISAPP = dhcp-$(VER) >> DL_FILE = $(THISAPP).tar.gz >> @@ -40,7 +40,7 @@ objects = $(DL_FILE) >> >> $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >> >> -$(DL_FILE)_MD5 = b3a42ece3c7f2cd2e74a3e12ca881d20 >> +$(DL_FILE)_MD5 = 18c7f4dcbb0a63df25098216d47b1ede >> >> install : $(TARGET) >> >> @@ -71,47 +71,20 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> @$(PREBUILD) >> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) >> >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> remove-bind.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> errwarn-message.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> dhclient-options.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> release-by-ifup.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> dhclient-decline-backoff.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> unicast-bootp.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> default-requested-options.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-xen- >> checksum.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> manpages.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> paths.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> CLOEXEC.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> garbage-chars.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> add_timeout_when_NULL.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> 64_bit_lease_parse.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> capability.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> logpid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> UseMulticast.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> sendDecline.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> rfc3442-classless-static-routes.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-honor- >> expired.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> sharedlib.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> PPP.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> paranoia.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-lpf- >> ib.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> improved-xid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-gpxe- >> cid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> stateless-DUID-LLT.patch >> - >> # Help unpacking bundled BIND >> - cd $(DIR_APP) && sed -e "s/gunzip -c/&d/" -i bind/Makefile >> + cd $(DIR_APP) && sed -e "s/gunzip -c/&d/" -i bind/Makefile.in >> >> cd $(DIR_APP) && \ >> ./configure \ >> --prefix=/usr \ >> --sysconfdir=/etc/dhcp \ >> + --with-srv-conf-file=/etc/dhcp/dhcpd.conf \ >> --with-srv-lease-file=/var/state/dhcp/dhcpd.leases \ >> --enable-paranoia \ >> --enable-early-chroot \ >> --disable-dhcpv6 >> >> - cd $(DIR_APP) && make $(MAKETUNING) >> + cd $(DIR_APP) && make >> cd $(DIR_APP) && make install >> >> mkdir -pv /var/state/dhcp >> diff --git a/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> b/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> deleted file mode 100644 >> index a07b5b032..000000000 >> --- a/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> +++ /dev/null >> @@ -1,75 +0,0 @@ >> -diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp- >> 4.3.0a1/common/parse.c >> ---- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100 >> -@@ -938,8 +938,8 @@ TIME >> - parse_date_core(cfile) >> - struct parse *cfile; >> - { >> -- int guess; >> -- int tzoff, year, mon, mday, hour, min, sec; >> -+ TIME guess; >> -+ long int tzoff, year, mon, mday, hour, min, sec; >> - const char *val; >> - enum dhcp_token token; >> - static int months[11] = { 31, 59, 90, 120, 151, 181, >> -@@ -965,7 +965,7 @@ parse_date_core(cfile) >> - } >> - >> - skip_token(&val, NULL, cfile); /* consume number */ >> -- guess = atoi(val); >> -+ guess = atol(val); >> - >> - return((TIME)guess); >> - } >> -@@ -993,7 +993,7 @@ parse_date_core(cfile) >> - somebody invents a time machine, I think we can safely disregard >> - it. This actually works around a stupid Y2K bug that was >> present >> - in a very early beta release of dhcpd. */ >> -- year = atoi(val); >> -+ year = atol(val); >> - if (year > 1900) >> - year -= 1900; >> - >> -@@ -1039,7 +1039,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume day of month */ >> -- mday = atoi(val); >> -+ mday = atol(val); >> - >> - /* Hour... */ >> - token = peek_token(&val, NULL, cfile); >> -@@ -1050,7 +1050,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume hour */ >> -- hour = atoi(val); >> -+ hour = atol(val); >> - >> - /* Colon separating hour from minute... */ >> - token = peek_token(&val, NULL, cfile); >> -@@ -1072,7 +1072,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume minute */ >> -- min = atoi(val); >> -+ min = atol(val); >> - >> - /* Colon separating minute from second... */ >> - token = peek_token(&val, NULL, cfile); >> -@@ -1094,13 +1094,13 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume second */ >> -- sec = atoi(val); >> -+ sec = atol(val); >> - >> - tzoff = 0; >> - token = peek_token(&val, NULL, cfile); >> - if (token == NUMBER) { >> - skip_token(&val, NULL, cfile); /* consume tzoff */ >> -- tzoff = atoi(val); >> -+ tzoff = atol(val); >> - } else if (token != SEMI) { >> - skip_token(&val, NULL, cfile); >> - parse_warn(cfile, >> diff --git a/src/patches/dhcp/dhcp-CLOEXEC.patch b/src/patches/dhcp/dhcp- >> CLOEXEC.patch >> deleted file mode 100644 >> index 722865e4f..000000000 >> --- a/src/patches/dhcp/dhcp-CLOEXEC.patch >> +++ /dev/null >> @@ -1,342 +0,0 @@ >> -diff -up dhcp-4.3.0a1/client/clparse.c.cloexec dhcp-4.3.0a1/client/clparse.c >> ---- dhcp-4.3.0a1/client/clparse.c.cloexec 2013-12-19 >> 15:34:41.638886256 +0100 >> -+++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:34:41.657885985 +0100 >> -@@ -253,7 +253,7 @@ int read_client_conf_file (const char *n >> - int token; >> - isc_result_t status; >> - >> -- if ((file = open (name, O_RDONLY)) < 0) >> -+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0) >> - return uerr2isc (errno); >> - >> - cfile = NULL; >> -@@ -290,7 +290,7 @@ void read_client_leases () >> - >> - /* Open the lease file. If we can't open it, just return - >> - we can safely trust the server to remember our state. */ >> -- if ((file = open (path_dhclient_db, O_RDONLY)) < 0) >> -+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0) >> - return; >> - >> - cfile = NULL; >> -diff -up dhcp-4.3.0a1/client/dhclient.c.cloexec dhcp- >> 4.3.0a1/client/dhclient.c >> ---- dhcp-4.3.0a1/client/dhclient.c.cloexec 2013-12-19 >> 15:34:41.629886384 +0100 >> -+++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:36:41.608180467 +0100 >> -@@ -148,11 +148,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and >> - 2 (stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 0) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 1) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 2) >> - log_perror = 0; /* No sense logging to /dev/null. */ >> - else if (fd != -1) >> -@@ -504,7 +504,7 @@ main(int argc, char **argv) { >> - long temp; >> - int e; >> - >> -- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) { >> -+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) { >> - e = fscanf(pidfd, "%ld\n", &temp); >> - oldpid = (pid_t)temp; >> - >> -@@ -554,7 +554,7 @@ main(int argc, char **argv) { >> - strncpy(new_path_dhclient_pid, >> path_dhclient_pid, pfx); >> - sprintf(new_path_dhclient_pid + pfx, >> "-%s.pid", ip->name); >> - >> -- if ((pidfd = >> fopen(new_path_dhclient_pid, "r")) != NULL) { >> -+ if ((pidfd = >> fopen(new_path_dhclient_pid, "re")) != NULL) { >> - e = fscanf(pidfd, "%ld\n", >> &temp); >> - oldpid = (pid_t)temp; >> - >> -@@ -579,7 +579,7 @@ main(int argc, char **argv) { >> - int dhc_running = 0; >> - char procfn[256] = ""; >> - >> -- if ((pidfp = fopen(path_dhclient_pid, "r")) != NULL) { >> -+ if ((pidfp = fopen(path_dhclient_pid, "re")) != NULL) { >> - if ((fscanf(pidfp, "%ld", &temp)==1) && >> ((dhcpid=(pid_t)temp) > 0)) { >> - snprintf(procfn,256,"/proc/%u",dhcpid); >> - dhc_running = (access(procfn, F_OK) == 0); >> -@@ -3077,7 +3077,7 @@ void rewrite_client_leases () >> - >> - if (leaseFile != NULL) >> - fclose (leaseFile); >> -- leaseFile = fopen (path_dhclient_db, "w"); >> -+ leaseFile = fopen (path_dhclient_db, "we"); >> - if (leaseFile == NULL) { >> - log_error ("can't create %s: %m", path_dhclient_db); >> - return; >> -@@ -3261,7 +3261,7 @@ write_duid(struct data_string *duid) >> - return DHCP_R_INVALIDARG; >> - >> - if (leaseFile == NULL) { /* XXX? */ >> -- leaseFile = fopen(path_dhclient_db, "w"); >> -+ leaseFile = fopen(path_dhclient_db, "we"); >> - if (leaseFile == NULL) { >> - log_error("can't create %s: %m", path_dhclient_db); >> - return ISC_R_IOERROR; >> -@@ -3441,7 +3441,7 @@ int write_client_lease (client, lease, r >> - return 1; >> - >> - if (leaseFile == NULL) { /* XXX */ >> -- leaseFile = fopen (path_dhclient_db, "w"); >> -+ leaseFile = fopen (path_dhclient_db, "we"); >> - if (leaseFile == NULL) { >> - log_error ("can't create %s: %m", path_dhclient_db); >> - return 0; >> -@@ -3952,9 +3952,9 @@ void go_daemon () >> - (void) close(2); >> - >> - /* Reopen them on /dev/null. */ >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> - >> - write_client_pid_file (); >> - >> -@@ -3971,14 +3971,14 @@ void write_client_pid_file () >> - return; >> - } >> - >> -- pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, >> 0644); >> -+ pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | >> O_CLOEXEC, 0644); >> - >> - if (pfdesc < 0) { >> - log_error ("Can't create %s: %m", path_dhclient_pid); >> - return; >> - } >> - >> -- pf = fdopen (pfdesc, "w"); >> -+ pf = fdopen (pfdesc, "we"); >> - if (!pf) { >> - close(pfdesc); >> - log_error ("Can't fdopen %s: %m", path_dhclient_pid); >> -diff -up dhcp-4.3.0a1/common/bpf.c.cloexec dhcp-4.3.0a1/common/bpf.c >> ---- dhcp-4.3.0a1/common/bpf.c.cloexec 2013-12-19 15:34:41.640886227 >> +0100 >> -+++ dhcp-4.3.0a1/common/bpf.c 2013-12-19 15:34:41.661885928 +0100 >> -@@ -95,7 +95,7 @@ int if_register_bpf (info) >> - for (b = 0; 1; b++) { >> - /* %Audit% 31 bytes max. %2004.06.17,Safe% */ >> - sprintf(filename, BPF_FORMAT, b); >> -- sock = open (filename, O_RDWR, 0); >> -+ sock = open (filename, O_RDWR | O_CLOEXEC, 0); >> - if (sock < 0) { >> - if (errno == EBUSY) { >> - continue; >> -diff -up dhcp-4.3.0a1/common/dlpi.c.cloexec dhcp-4.3.0a1/common/dlpi.c >> ---- dhcp-4.3.0a1/common/dlpi.c.cloexec 2013-12-19 15:34:41.641886213 >> +0100 >> -+++ dhcp-4.3.0a1/common/dlpi.c 2013-12-19 15:34:41.662885914 +0100 >> -@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) { >> - } >> - *dp = '\0'; >> - >> -- return open (devname, O_RDWR, 0); >> -+ return open (devname, O_RDWR | O_CLOEXEC, 0); >> - } >> - >> - /* >> -diff -up dhcp-4.3.0a1/common/nit.c.cloexec dhcp-4.3.0a1/common/nit.c >> ---- dhcp-4.3.0a1/common/nit.c.cloexec 2013-12-19 15:34:41.642886199 >> +0100 >> -+++ dhcp-4.3.0a1/common/nit.c 2013-12-19 15:34:41.662885914 +0100 >> -@@ -81,7 +81,7 @@ int if_register_nit (info) >> - struct strioctl sio; >> - >> - /* Open a NIT device */ >> -- sock = open ("/dev/nit", O_RDWR); >> -+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC); >> - if (sock < 0) >> - log_fatal ("Can't open NIT device for %s: %m", info -> >> name); >> - >> -diff -up dhcp-4.3.0a1/common/resolv.c.cloexec dhcp-4.3.0a1/common/resolv.c >> ---- dhcp-4.3.0a1/common/resolv.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/common/resolv.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -50,7 +50,7 @@ void read_resolv_conf (parse_time) >> - struct domain_search_list *dp, *dl, *nd; >> - isc_result_t status; >> - >> -- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) { >> -+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) { >> - log_error ("Can't open %s: %m", path_resolv_conf); >> - return; >> - } >> -diff -up dhcp-4.3.0a1/common/upf.c.cloexec dhcp-4.3.0a1/common/upf.c >> ---- dhcp-4.3.0a1/common/upf.c.cloexec 2013-12-19 15:34:41.642886199 >> +0100 >> -+++ dhcp-4.3.0a1/common/upf.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -77,7 +77,7 @@ int if_register_upf (info) >> - /* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */ >> - sprintf(filename, "/dev/pf/pfilt%d", b); >> - >> -- sock = open (filename, O_RDWR, 0); >> -+ sock = open (filename, O_RDWR | O_CLOEXEC, 0); >> - if (sock < 0) { >> - if (errno == EBUSY) { >> - continue; >> -diff -up dhcp-4.3.0a1/omapip/trace.c.cloexec dhcp-4.3.0a1/omapip/trace.c >> ---- dhcp-4.3.0a1/omapip/trace.c.cloexec 2013-12-11 01:01:03.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/omapip/trace.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -142,10 +142,10 @@ isc_result_t trace_begin (const char *fi >> - return DHCP_R_INVALIDARG; >> - } >> - >> -- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600); >> -+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | >> O_CLOEXEC, 0600); >> - if (traceoutfile < 0 && errno == EEXIST) { >> - log_error ("WARNING: Overwriting trace file \"%s\"", >> filename); >> -- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC, >> -+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | >> O_CLOEXEC, >> - 0600); >> - } >> - >> -@@ -433,7 +433,7 @@ void trace_file_replay (const char *file >> - isc_result_t result; >> - int len; >> - >> -- traceinfile = fopen (filename, "r"); >> -+ traceinfile = fopen (filename, "re"); >> - if (!traceinfile) { >> - log_error("Can't open tracefile %s: %m", filename); >> - return; >> -diff -up dhcp-4.3.0a1/relay/dhcrelay.c.cloexec dhcp-4.3.0a1/relay/dhcrelay.c >> ---- dhcp-4.3.0a1/relay/dhcrelay.c.cloexec 2013-12-13 >> 22:26:21.000000000 +0100 >> -+++ dhcp-4.3.0a1/relay/dhcrelay.c 2013-12-19 15:34:41.664885886 +0100 >> -@@ -193,11 +193,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0(stdin), 1,(stdout), and >> - 2(stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 0) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 1) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 2) >> - log_perror = 0; /* No sense logging to /dev/null. */ >> - else if (fd != -1) >> -@@ -564,13 +564,13 @@ main(int argc, char **argv) { >> - >> - if (no_pid_file == ISC_FALSE) { >> - pfdesc = open(path_dhcrelay_pid, >> -- O_CREAT | O_TRUNC | O_WRONLY, 0644); >> -+ O_CREAT | O_TRUNC | O_WRONLY | >> O_CLOEXEC, 0644); >> - >> - if (pfdesc < 0) { >> - log_error("Can't create %s: %m", >> - path_dhcrelay_pid); >> - } else { >> -- pf = fdopen(pfdesc, "w"); >> -+ pf = fdopen(pfdesc, "we"); >> - if (!pf) >> - log_error("Can't fdopen %s: %m", >> - path_dhcrelay_pid); >> -diff -up dhcp-4.3.0a1/server/confpars.c.cloexec dhcp- >> 4.3.0a1/server/confpars.c >> ---- dhcp-4.3.0a1/server/confpars.c.cloexec 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/server/confpars.c 2013-12-19 15:34:41.665885871 +0100 >> -@@ -117,7 +117,7 @@ isc_result_t read_conf_file (const char >> - } >> - #endif >> - >> -- if ((file = open (filename, O_RDONLY)) < 0) { >> -+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) { >> - if (leasep) { >> - log_error ("Can't open lease database %s: %m --", >> - path_dhcpd_db); >> -diff -up dhcp-4.3.0a1/server/db.c.cloexec dhcp-4.3.0a1/server/db.c >> ---- dhcp-4.3.0a1/server/db.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/db.c 2013-12-19 15:34:41.666885857 +0100 >> -@@ -1081,7 +1081,7 @@ void db_startup (testp) >> - } >> - #endif >> - if (!testp) { >> -- db_file = fopen (path_dhcpd_db, "a"); >> -+ db_file = fopen (path_dhcpd_db, "ae"); >> - if (!db_file) >> - log_fatal ("Can't open %s for append.", >> path_dhcpd_db); >> - expire_all_pools (); >> -@@ -1129,12 +1129,12 @@ int new_lease_file () >> - path_dhcpd_db, (int)t) >= sizeof newfname) >> - log_fatal("new_lease_file: lease file path too long"); >> - >> -- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664); >> -+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, >> 0664); >> - if (db_fd < 0) { >> - log_error ("Can't create new lease file: %m"); >> - return 0; >> - } >> -- if ((new_db_file = fdopen(db_fd, "w")) == NULL) { >> -+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) { >> - log_error("Can't fdopen new lease file: %m"); >> - close(db_fd); >> - goto fdfail; >> -diff -up dhcp-4.3.0a1/server/dhcpd.c.cloexec dhcp-4.3.0a1/server/dhcpd.c >> ---- dhcp-4.3.0a1/server/dhcpd.c.cloexec 2013-12-13 22:26:01.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/dhcpd.c 2013-12-19 15:37:17.258674472 +0100 >> -@@ -193,11 +193,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and >> - 2 (stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 0) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 1) >> -- fd = open("/dev/null", O_RDWR); >> -+ fd = open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd == 2) >> - log_perror = 0; /* No sense logging to /dev/null. */ >> - else if (fd != -1) >> -@@ -716,7 +716,7 @@ main(int argc, char **argv) { >> - */ >> - if (no_pid_file == ISC_FALSE) { >> - /*Read previous pid file. */ >> -- if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) { >> -+ if ((i = open (path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >= 0) >> { >> - status = read(i, pbuf, (sizeof pbuf) - 1); >> - close (i); >> - if (status > 0) { >> -@@ -735,7 +735,7 @@ main(int argc, char **argv) { >> - } >> - >> - /* Write new pid file. */ >> -- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644); >> -+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, >> 0644); >> - if (i >= 0) { >> - sprintf(pbuf, "%d\n", (int) getpid()); >> - IGNORE_RET (write(i, pbuf, strlen(pbuf))); >> -@@ -763,9 +763,9 @@ main(int argc, char **argv) { >> - (void) close(2); >> - >> - /* Reopen them on /dev/null. */ >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> - log_perror = 0; /* No sense logging to /dev/null. */ >> - >> - IGNORE_RET (chdir("/")); >> -diff -up dhcp-4.3.0a1/server/ldap.c.cloexec dhcp-4.3.0a1/server/ldap.c >> ---- dhcp-4.3.0a1/server/ldap.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/ldap.c 2013-12-19 15:34:41.667885843 +0100 >> -@@ -684,7 +684,7 @@ ldap_start (void) >> - >> - if (ldap_debug_file != NULL && ldap_debug_fd == -1) >> - { >> -- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | >> O_WRONLY, >> -+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | >> O_WRONLY | O_CLOEXEC, >> - S_IRUSR | S_IWUSR)) < 0) >> - log_error ("Error opening debug LDAP log file %s: %s", >> ldap_debug_file, >> - strerror (errno)); >> diff --git a/src/patches/dhcp/dhcp-PPP.patch b/src/patches/dhcp/dhcp-PPP.patch >> deleted file mode 100644 >> index 5d022e432..000000000 >> --- a/src/patches/dhcp/dhcp-PPP.patch >> +++ /dev/null >> @@ -1,150 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhc6.c.mRfpsB dhcp-4.3.1b1/client/dhc6.c >> ---- dhcp-4.3.1b1/client/dhc6.c.mRfpsB 2014-07-10 17:48:03.779424870 >> +0200 >> -+++ dhcp-4.3.1b1/client/dhc6.c 2014-07-10 17:48:03.795424644 +0200 >> -@@ -5088,7 +5088,8 @@ make_client6_options(struct client_state >> - */ >> - if ((oc = lookup_option(&dhcpv6_universe, *op, >> - D6O_CLIENTID)) == NULL) { >> -- if (!option_cache(&oc, &default_duid, NULL, clientid_option, >> -+ if (default_duid.len == 0 || >> -+ !option_cache(&oc, &default_duid, NULL, clientid_option, >> - MDL)) >> - log_fatal("Failure assembling a DUID."); >> - >> -diff -up dhcp-4.3.1b1/client/dhclient.c.mRfpsB dhcp-4.3.1b1/client/dhclient.c >> ---- dhcp-4.3.1b1/client/dhclient.c.mRfpsB 2014-07-10 >> 17:39:25.853763858 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:49:49.882925843 +0200 >> -@@ -948,8 +948,8 @@ main(int argc, char **argv) { >> - if (default_duid.buffer != NULL) >> - data_string_forget(&default_duid, MDL); >> - >> -- form_duid(&default_duid, MDL); >> -- write_duid(&default_duid); >> -+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS) >> -+ write_duid(&default_duid); >> - } >> - } >> - >> -@@ -3267,7 +3267,7 @@ write_options(struct client_state *clien >> - * is not how it is intended. Upcoming rearchitecting the client should >> - * address this "one daemon model." >> - */ >> --void >> -+isc_result_t >> - form_duid(struct data_string *duid, const char *file, int line) >> - { >> - struct interface_info *ip; >> -@@ -3280,6 +3280,15 @@ form_duid(struct data_string *duid, cons >> - if (ip == NULL) >> - log_fatal("Impossible condition at %s:%d.", MDL); >> - >> -+ while (ip && ip->hw_address.hbuf[0] == HTYPE_RESERVED) { >> -+ /* Try the other interfaces */ >> -+ log_debug("Cannot form default DUID from interface %s.", ip- >> >name); >> -+ ip = ip->next; >> -+ } >> -+ if (ip == NULL) { >> -+ return ISC_R_UNEXPECTED; >> -+ } >> -+ >> - if ((ip->hw_address.hlen == 0) || >> - (ip->hw_address.hlen > sizeof(ip->hw_address.hbuf))) >> - log_fatal("Impossible hardware address length at %s:%d.", >> MDL); >> -@@ -3323,6 +3332,8 @@ form_duid(struct data_string *duid, cons >> - log_info("Created duid %s.", str); >> - dfree(str, MDL); >> - } >> -+ >> -+ return ISC_R_SUCCESS; >> - } >> - >> - /* Write the default DUID to the lease store. */ >> -diff -up dhcp-4.3.1b1/common/bpf.c.mRfpsB dhcp-4.3.1b1/common/bpf.c >> ---- dhcp-4.3.1b1/common/bpf.c.mRfpsB 2014-07-10 17:39:25.797764653 >> +0200 >> -+++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:48:03.797424616 +0200 >> -@@ -600,6 +600,22 @@ get_hw_addr(const char *name, struct har >> - memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen); >> - break; >> - #endif /* IFT_FDDI */ >> -+#if defined(IFT_PPP) >> -+ case IFT_PPP: >> -+ if (local_family != AF_INET6) >> -+ log_fatal("Unsupported device type %d for >> \"%s\"", >> -+ sa->sdl_type, name); >> -+ hw->hlen = 0; >> -+ hw->hbuf[0] = HTYPE_RESERVED; >> -+ /* 0xdeadbeef should never occur on the wire, >> -+ * and is a signature that something went wrong. >> -+ */ >> -+ hw->hbuf[1] = 0xde; >> -+ hw->hbuf[2] = 0xad; >> -+ hw->hbuf[3] = 0xbe; >> -+ hw->hbuf[4] = 0xef; >> -+ break; >> -+#endif >> - default: >> - log_fatal("Unsupported device type %d for \"%s\"", >> - sa->sdl_type, name); >> -diff -up dhcp-4.3.1b1/common/lpf.c.mRfpsB dhcp-4.3.1b1/common/lpf.c >> ---- dhcp-4.3.1b1/common/lpf.c.mRfpsB 2014-07-10 17:39:25.744765404 >> +0200 >> -+++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:48:03.797424616 +0200 >> -@@ -511,6 +511,22 @@ get_hw_addr(const char *name, struct har >> - hw->hbuf[0] = HTYPE_FDDI; >> - memcpy(&hw->hbuf[1], sa->sa_data, 6); >> - break; >> -+#if defined(ARPHRD_PPP) >> -+ case ARPHRD_PPP: >> -+ if (local_family != AF_INET6) >> -+ log_fatal("Unsupported device type %d for >> \"%s\"", >> -+ sa->sa_family, name); >> -+ hw->hlen = 0; >> -+ hw->hbuf[0] = HTYPE_RESERVED; >> -+ /* 0xdeadbeef should never occur on the wire, >> -+ * and is a signature that something went wrong. >> -+ */ >> -+ hw->hbuf[1] = 0xde; >> -+ hw->hbuf[2] = 0xad; >> -+ hw->hbuf[3] = 0xbe; >> -+ hw->hbuf[4] = 0xef; >> -+ break; >> -+#endif >> - default: >> - log_fatal("Unsupported device type %ld for \"%s\"", >> - (long int)sa->sa_family, name); >> -diff -up dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB dhcp-4.3.1b1/includes/dhcpd.h >> ---- dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB 2014-07-10 17:48:03.761425124 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:48:03.798424601 +0200 >> -@@ -2839,7 +2839,7 @@ void client_dns_remove(struct client_sta >> - >> - void dhcpv4_client_assignments(void); >> - void dhcpv6_client_assignments(void); >> --void form_duid(struct data_string *duid, const char *file, int line); >> -+isc_result_t form_duid(struct data_string *duid, const char *file, int >> line); >> - >> - /* dhc6.c */ >> - void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int >> line); >> -diff -up dhcp-4.3.1b1/includes/dhcp.h.mRfpsB dhcp-4.3.1b1/includes/dhcp.h >> ---- dhcp-4.3.1b1/includes/dhcp.h.mRfpsB 2014-07-10 17:48:03.761425124 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcp.h 2014-07-10 17:48:03.798424601 +0200 >> -@@ -81,6 +81,8 @@ struct dhcp_packet { >> - * is no standard for this so we >> - * just steal a type */ >> - >> -+#define HTYPE_RESERVED 0 /* RFC 5494 */ >> -+ >> - /* Magic cookie validating dhcp options field (and bootp vendor >> - extensions field). */ >> - #define DHCP_OPTIONS_COOKIE "\143\202\123\143" >> -diff -up dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB dhcp-4.3.1b1/server/dhcpv6.c >> ---- dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB 2014-07-10 17:47:31.464881409 >> +0200 >> -+++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 17:48:03.800424573 +0200 >> -@@ -330,6 +330,9 @@ generate_new_server_duid(void) { >> - if (p->hw_address.hlen > 0) { >> - break; >> - } >> -+ if (p->next == NULL && p->hw_address.hbuf[0] == >> HTYPE_RESERVED) { >> -+ log_error("Can not generate DUID from interfaces >> which do not have hardware addresses, please configure server-duid!"); >> -+ } >> - } >> - if (p == NULL) { >> - return ISC_R_UNEXPECTED; >> diff --git a/src/patches/dhcp/dhcp-UseMulticast.patch b/src/patches/dhcp/dhcp- >> UseMulticast.patch >> deleted file mode 100644 >> index ee0ea6b9a..000000000 >> --- a/src/patches/dhcp/dhcp-UseMulticast.patch >> +++ /dev/null >> @@ -1,241 +0,0 @@ >> -diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp- >> 4.3.1b1/server/dhcpv6.c >> ---- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 >> 19:58:40.000000000 +0200 >> -+++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200 >> -@@ -376,6 +376,48 @@ generate_new_server_duid(void) { >> - } >> - >> - /* >> -+ * Is the D6O_UNICAST option defined in dhcpd.conf ? >> -+ */ >> -+static isc_boolean_t unicast_option_defined; >> -+ >> -+/* >> -+ * Did we already search dhcpd.conf for D6O_UNICAST option ? >> -+ * We need to store it here to not parse dhcpd.conf repeatedly. >> -+ */ >> -+static isc_boolean_t unicast_option_parsed = ISC_FALSE; >> -+ >> -+ >> -+/* >> -+ * Is the D6O_UNICAST option defined in dhcpd.conf ? >> -+ */ >> -+isc_boolean_t >> -+is_unicast_option_defined(void) { >> -+ struct option_state *opt_state; >> -+ struct option_cache *oc; >> -+ >> -+ /* >> -+ * If we are looking for the unicast option for the first time >> -+ */ >> -+ if (unicast_option_parsed == ISC_FALSE) { >> -+ unicast_option_parsed = ISC_TRUE; >> -+ opt_state = NULL; >> -+ if (!option_state_allocate(&opt_state, MDL)) { >> -+ log_fatal("No memory for option state."); >> -+ } >> -+ >> -+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL, >> -+ opt_state, &global_scope, root_group, NULL, >> NULL); >> -+ >> -+ oc = lookup_option(&dhcpv6_universe, opt_state, >> D6O_UNICAST); >> -+ unicast_option_defined = (oc != NULL); >> -+ >> -+ option_state_dereference(&opt_state, MDL); >> -+ } >> -+ >> -+ return (unicast_option_defined); >> -+} >> -+ >> -+/* >> - * Get the client identifier from the packet. >> - */ >> - isc_result_t >> -@@ -706,6 +748,12 @@ static const int required_opts[] = { >> - D6O_PREFERENCE, >> - 0 >> - }; >> -+static const int required_opts_NAA[] = { >> -+ D6O_CLIENTID, >> -+ D6O_SERVERID, >> -+ D6O_STATUS_CODE, >> -+ 0 >> -+}; >> - static const int required_opts_solicit[] = { >> - D6O_CLIENTID, >> - D6O_SERVERID, >> -@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl >> - reply.shared->group, >> NULL); >> - } >> - >> -+ /* reject unicast message, unless we set unicast option */ >> -+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) >> -+ /* >> -+ * RFC3315 section 18.2.1 (Request): >> -+ * >> -+ * When the server receives a Request message via unicast from a >> client >> -+ * to which the server has not sent a unicast option, the server >> -+ * discards the Request message and responds with a Reply message >> -+ * containing a Status Code option with the value UseMulticast, a >> Server >> -+ * Identifier option containing the server's DUID, the Client >> Identifier >> -+ * option from the client message, and no other options. >> -+ * >> -+ * Section 18.2.3 (Renew): >> -+ * >> -+ * When the server receives a Renew message via unicast from a >> client to >> -+ * which the server has not sent a unicast option, the server >> discards >> -+ * the Renew message and responds with a Reply message containing a >> -+ * Status Code option with the value UseMulticast, a Server >> Identifier >> -+ * option containing the server's DUID, the Client Identifier option >> -+ * from the client message, and no other options. >> -+ */ >> -+ { >> -+ /* Set the UseMulticast status code. */ >> -+ if (!set_status_code(STATUS_UseMulticast, >> -+ "Unicast not allowed by server.", >> -+ reply.opt_state)) { >> -+ log_error("lease_to_client: Unable to set " >> -+ "UseMulticast status code."); >> -+ goto exit; >> -+ } >> -+ >> -+ /* Rewind the cursor to the start. */ >> -+ reply.cursor = REPLY_OPTIONS_INDEX; >> -+ >> -+ /* >> -+ * Produce an reply that includes only: >> -+ * >> -+ * Status code. >> -+ * Server DUID. >> -+ * Client DUID. >> -+ */ >> -+ reply.cursor += store_options6((char *)reply.buf.data + >> -+ reply.cursor, >> -+ sizeof(reply.buf) - >> -+ reply.cursor, >> -+ reply.opt_state, reply.packet, >> -+ required_opts_NAA, >> -+ NULL); >> -+ } >> -+ >> - /* >> - * RFC3315 section 17.2.2 (Solicit): >> - * >> -@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl >> - * Having stored the client's IA's, store any options that >> - * will fit in the remaining space. >> - */ >> -+ else >> - reply.cursor += store_options6((char *)reply.buf.data + >> reply.cursor, >> - sizeof(reply.buf) - reply.cursor, >> - reply.opt_state, reply.packet, >> -@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply >> - * Very similar to Solicit handling, except the server DUID is required. >> - */ >> - >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_request(struct data_string *reply_ret, struct packet *packet) { >> - struct data_string client_id; >> -@@ -5078,7 +5176,6 @@ exit: >> - * except for the error code of when addresses don't match. >> - */ >> - >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_renew(struct data_string *reply, struct packet *packet) { >> - struct data_string client_id; >> -@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r >> - goto exit; >> - } >> - >> -- snprintf(status_msg, sizeof(status_msg), "%s received.", >> packet_type); >> -- if (!set_status_code(STATUS_Success, status_msg, opt_state)) { >> -- goto exit; >> -- } >> -+ /* reject unicast message, unless we set unicast option */ >> -+ if ((packet->unicast == ISC_TRUE) && !is_unicast_option_defined()) { >> -+ /* >> -+ * RFC3315 section 18.2.6 (Release): >> -+ * >> -+ * When the server receives a Release message via unicast >> from a client >> -+ * to which the server has not sent a unicast option, the >> server >> -+ * discards the Release message and responds with a Reply >> message >> -+ * containing a Status Code option with value UseMulticast, >> a Server >> -+ * Identifier option containing the server's DUID, the >> Client Identifier >> -+ * option from the client message, and no other options. >> -+ * >> -+ * Section 18.2.7 (Decline): >> -+ * >> -+ * When the server receives a Decline message via unicast >> from a client >> -+ * to which the server has not sent a unicast option, the >> server >> -+ * discards the Decline message and responds with a Reply >> message >> -+ * containing a Status Code option with the value >> UseMulticast, a Server >> -+ * Identifier option containing the server's DUID, the >> Client Identifier >> -+ * option from the client message, and no other options. >> -+ */ >> -+ snprintf(status_msg, sizeof(status_msg), >> -+ "%s received unicast.", packet_type); >> -+ if (!set_status_code(STATUS_UseMulticast, status_msg, >> opt_state)) { >> -+ goto exit; >> -+ } >> - >> -- /* >> -- * Add our options that are not associated with any IA_NA or IA_TA. >> -- */ >> -- reply_ofs += store_options6(reply_data+reply_ofs, >> -- sizeof(reply_data)-reply_ofs, >> -+ /* >> -+ * Produce an reply that includes only: >> -+ * >> -+ * Status code. >> -+ * Server DUID. >> -+ * Client DUID. >> -+ */ >> -+ reply_ofs += store_options6(reply_data+reply_ofs, >> -+ sizeof(reply_data)-reply_ofs, >> - opt_state, packet, >> -- required_opts, NULL); >> -+ required_opts_NAA, NULL); >> -+ >> -+ goto return_reply; >> -+ } else { >> -+ snprintf(status_msg, sizeof(status_msg), "%s received.", >> packet_type); >> -+ if (!set_status_code(STATUS_Success, status_msg, opt_state)) >> { >> -+ goto exit; >> -+ } >> -+ >> -+ /* >> -+ * Add our options that are not associated with any IA_NA or >> IA_TA. >> -+ */ >> -+ reply_ofs += store_options6(reply_data+reply_ofs, >> -+ sizeof(reply_data)-reply_ofs, >> -+ opt_state, packet, >> -+ required_opts, NULL); >> -+ } >> - >> - /* >> - * Loop through the IA_NA reported by the client, and deal with >> -@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r >> - /* >> - * Return our reply to the caller. >> - */ >> -+return_reply: >> - reply_ret->len = reply_ofs; >> - reply_ret->buffer = NULL; >> - if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) { >> -@@ -5516,7 +5656,6 @@ exit: >> - * we still need to be aware of this possibility. >> - */ >> - >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - /* TODO: IA_TA */ >> - static void >> - dhcpv6_decline(struct data_string *reply, struct packet *packet) { >> -@@ -5986,7 +6125,6 @@ exit: >> - * Release means a client is done with the leases. >> - */ >> - >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_release(struct data_string *reply, struct packet *packet) { >> - struct data_string client_id; >> diff --git a/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> b/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> deleted file mode 100644 >> index 103824c38..000000000 >> --- a/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> +++ /dev/null >> @@ -1,14 +0,0 @@ >> -diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispatch.c >> ---- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100 >> -@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref >> - isc_interval_t interval; >> - isc_time_t expires; >> - >> -+ if (when == NULL) { >> -+ return; >> -+ } >> -+ >> - /* See if this timeout supersedes an existing timeout. */ >> - t = (struct timeout *)0; >> - for (q = timeouts; q; q = q->next) { >> diff --git a/src/patches/dhcp/dhcp-capability.patch b/src/patches/dhcp/dhcp- >> capability.patch >> deleted file mode 100644 >> index 91a1baef5..000000000 >> --- a/src/patches/dhcp/dhcp-capability.patch >> +++ /dev/null >> @@ -1,250 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclient.8 >> ---- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 >> 17:38:26.938599402 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200 >> -@@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr >> - .B -w >> - ] >> - [ >> -+.B -nc >> -+] >> -+[ >> - .B -B >> - ] >> - [ >> -@@ -304,6 +307,32 @@ has been added or removed, so that the c >> - address on that interface. >> - >> - .TP >> -+.BI \-nc >> -+Do not drop capabilities. >> -+ >> -+Normally, if >> -+.B dhclient >> -+was compiled with libcap-ng support, >> -+.B dhclient >> -+drops most capabilities immediately upon startup. While more secure, >> -+this greatly restricts the additional actions that hooks in >> -+.B dhclient-script (8) >> -+can take. (For example, any daemons that >> -+.B dhclient-script (8) >> -+starts or restarts will inherit the restricted capabilities as well, >> -+which may interfere with their correct operation.) Thus, the >> -+.BI \-nc >> -+option can be used to prevent >> -+.B dhclient >> -+from dropping capabilities. >> -+ >> -+The >> -+.BI \-nc >> -+option is ignored if >> -+.B dhclient >> -+was not compiled with libcap-ng support. >> -+ >> -+.TP >> - .BI \-B >> - Set the BOOTP broadcast flag in request packets so servers will always >> - broadcast replies. >> -diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclient.c >> ---- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 >> 17:39:25.797764653 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200 >> -@@ -39,6 +39,10 @@ >> - #include >> - #include >> - >> -+#ifdef HAVE_LIBCAP_NG >> -+#include >> -+#endif >> -+ >> - /* >> - * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define >> - * that when building ISC code. >> -@@ -143,6 +147,9 @@ main(int argc, char **argv) { >> - int timeout_arg = 0; >> - char *arg_conf = NULL; >> - int arg_conf_len = 0; >> -+#ifdef HAVE_LIBCAP_NG >> -+ int keep_capabilities = 0; >> -+#endif >> - >> - /* Initialize client globals. */ >> - memset(&default_duid, 0, sizeof(default_duid)); >> -@@ -425,6 +432,10 @@ main(int argc, char **argv) { >> - } >> - >> - dhclient_request_options = argv[i]; >> -+ } else if (!strcmp(argv[i], "-nc")) { >> -+#ifdef HAVE_LIBCAP_NG >> -+ keep_capabilities = 1; >> -+#endif >> - } else if (argv[i][0] == '-') { >> - usage(); >> - } else if (interfaces_requested < 0) { >> -@@ -473,6 +484,19 @@ main(int argc, char **argv) { >> - path_dhclient_script = s; >> - } >> - >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_CAPS); >> -+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_DAC_OVERRIDE); // Drop this someday >> -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_NET_ADMIN, CAP_NET_RAW, >> -+ CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1); >> -+ capng_apply(CAPNG_SELECT_CAPS); >> -+ } >> -+#endif >> -+ >> - /* Set up the initial dhcp option universe. */ >> - initialize_common_option_spaces(); >> - >> -diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp- >> 4.3.1b1/client/dhclient-script.8 >> ---- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 >> 17:39:25.761765163 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 >> 17:39:25.851763887 +0200 >> -@@ -243,6 +243,16 @@ repeatedly initialized to the values pro >> - the other. Assuming the information provided by both servers is >> - valid, this shouldn't cause any real problems, but it could be >> - confusing. >> -+.PP >> -+Normally, if dhclient was compiled with libcap-ng support, >> -+dhclient drops most capabilities immediately upon startup. >> -+While more secure, this greatly restricts the additional actions that >> -+hooks in dhclient-script can take. For example, any daemons that >> -+dhclient-script starts or restarts will inherit the restricted >> -+capabilities as well, which may interfere with their correct operation. >> -+Thus, the >> -+.BI \-nc >> -+option can be used to prevent dhclient from dropping capabilities. >> - .SH SEE ALSO >> - dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and >> - dhclient.leases(5). >> -diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp- >> 4.3.1b1/client/Makefile.am >> ---- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 >> 17:38:10.778828583 +0200 >> -+++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 >> +0200 >> -@@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c >> - scripts/bsdos scripts/freebsd scripts/linux scripts/macos >> \ >> - scripts/netbsd scripts/nextstep scripts/openbsd \ >> - scripts/solaris scripts/openwrt >> --dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \ >> -+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \ >> - $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc >> - man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5 >> - EXTRA_DIST = $(man_MANS) >> -diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac >> ---- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 >> +0200 >> -+++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200 >> -@@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], >> - # Look for optional headers. >> - AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h) >> - >> -+# look for capabilities library >> -+AC_ARG_WITH(libcap-ng, >> -+ [ --with-libcap-ng=[auto/yes/no] Add Libcap-ng support >> [default=auto]],, >> -+ with_libcap_ng=auto) >> -+ >> -+# Check for Libcap-ng API >> -+# >> -+# libcap-ng detection >> -+if test x$with_libcap_ng = xno ; then >> -+ have_libcap_ng=no; >> -+else >> -+ # Start by checking for header file >> -+ AC_CHECK_HEADER(cap-ng.h, capng_headers=yes, capng_headers=no) >> -+ >> -+ # See if we have libcap-ng library >> -+ AC_CHECK_LIB(cap-ng, capng_clear, >> -+ CAPNG_LDADD=-lcap-ng,) >> -+ >> -+ # Check results are usable >> -+ if test x$with_libcap_ng = xyes -a x$CAPNG_LDADD = x ; then >> -+ AC_MSG_ERROR(libcap-ng support was requested and the library was not >> found) >> -+ fi >> -+ if test x$CAPNG_LDADD != x -a $capng_headers = no ; then >> -+ AC_MSG_ERROR(libcap-ng libraries found but headers are missing) >> -+ fi >> -+fi >> -+AC_SUBST(CAPNG_LDADD) >> -+AC_MSG_CHECKING(whether to use libcap-ng) >> -+if test x$CAPNG_LDADD != x ; then >> -+ AC_DEFINE(HAVE_LIBCAP_NG,1,[libcap-ng support]) >> -+ AC_MSG_RESULT(yes) >> -+else >> -+ AC_MSG_RESULT(no) >> -+fi >> -+ >> - # Solaris needs some libraries for functions >> - AC_SEARCH_LIBS(socket, [socket]) >> - AC_SEARCH_LIBS(inet_ntoa, [nsl]) >> -diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay.c >> ---- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 >> +0200 >> -+++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200 >> -@@ -31,6 +31,11 @@ >> - #include >> - #include >> - >> -+#ifdef HAVE_LIBCAP_NG >> -+# include >> -+ int keep_capabilities = 0; >> -+#endif >> -+ >> - TIME default_lease_time = 43200; /* 12 hours... */ >> - TIME max_lease_time = 86400; /* 24 hours... */ >> - struct tree_cache *global_options[256]; >> -@@ -376,6 +381,10 @@ main(int argc, char **argv) { >> - usage(); >> - dhcrelay_sub_id = argv[i]; >> - #endif >> -+ } else if (!strcmp(argv[i], "-nc")) { >> -+#ifdef HAVE_LIBCAP_NG >> -+ keep_capabilities = 1; >> -+#endif >> - } else if (!strcmp(argv[i], "-pf")) { >> - if (++i == argc) >> - usage(); >> -@@ -446,6 +455,17 @@ main(int argc, char **argv) { >> - #endif >> - } >> - >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_BOTH); >> -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, -1); >> -+ capng_apply(CAPNG_SELECT_BOTH); >> -+ log_info ("Dropped all unnecessary capabilities."); >> -+ } >> -+#endif >> -+ >> - if (!quiet) { >> - log_info("%s %s", message, PACKAGE_VERSION); >> - log_info(copyright); >> -@@ -598,6 +618,15 @@ main(int argc, char **argv) { >> - signal(SIGTERM, dhcp_signal_handler); /* kill */ >> - #endif >> - >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop all capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_BOTH); >> -+ capng_apply(CAPNG_SELECT_BOTH); >> -+ log_info ("Dropped all capabilities."); >> -+ } >> -+#endif >> -+ >> - /* Start dispatching packets and timeouts... */ >> - dispatch(); >> - >> -diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefile.am >> ---- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 >> 17:38:10.780828554 +0200 >> -+++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200 >> -@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst >> - >> - sbin_PROGRAMS = dhcrelay >> - dhcrelay_SOURCES = dhcrelay.c >> --dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \ >> -+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \ >> - $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc >> - man_MANS = dhcrelay.8 >> - EXTRA_DIST = $(man_MANS) >> diff --git a/src/patches/dhcp/dhcp-default-requested-options.patch >> b/src/patches/dhcp/dhcp-default-requested-options.patch >> deleted file mode 100644 >> index afda222e6..000000000 >> --- a/src/patches/dhcp/dhcp-default-requested-options.patch >> +++ /dev/null >> @@ -1,44 +0,0 @@ >> -diff -up dhcp-4.3.0a1/client/clparse.c.requested dhcp- >> 4.3.0a1/client/clparse.c >> ---- dhcp-4.3.0a1/client/clparse.c.requested 2013-12-19 >> 15:13:27.276631307 +0100 >> -+++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:13:27.313630789 +0100 >> -@@ -37,7 +37,7 @@ >> - >> - struct client_config top_level_config; >> - >> --#define NUM_DEFAULT_REQUESTED_OPTS 9 >> -+#define NUM_DEFAULT_REQUESTED_OPTS 14 >> - struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1]; >> - >> - static void parse_client_default_duid(struct parse *cfile); >> -@@ -119,6 +119,31 @@ isc_result_t read_client_conf () >> - option_code_hash_lookup(&default_requested_options[8], >> - dhcpv6_universe.code_hash, &code, 0, MDL); >> - >> -+ /* 10 */ >> -+ code = DHO_NIS_DOMAIN; >> -+ option_code_hash_lookup(&default_requested_options[9], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 11 */ >> -+ code = DHO_NIS_SERVERS; >> -+ option_code_hash_lookup(&default_requested_options[10], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 12 */ >> -+ code = DHO_NTP_SERVERS; >> -+ option_code_hash_lookup(&default_requested_options[11], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 13 */ >> -+ code = DHO_INTERFACE_MTU; >> -+ option_code_hash_lookup(&default_requested_options[12], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 14 */ >> -+ code = DHO_DOMAIN_SEARCH; >> -+ option_code_hash_lookup(&default_requested_options[13], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> - for (code = 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) { >> - if (default_requested_options[code] == NULL) >> - log_fatal("Unable to find option definition for " >> diff --git a/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> b/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> deleted file mode 100644 >> index 3e52e6400..000000000 >> --- a/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> +++ /dev/null >> @@ -1,63 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhclient.c.JwFUZj dhcp-4.3.1b1/client/dhclient.c >> ---- dhcp-4.3.1b1/client/dhclient.c.JwFUZj 2014-07-10 >> 17:38:50.511265091 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:16.164901267 +0200 >> -@@ -1281,6 +1281,8 @@ void state_init (cpp) >> - void *cpp; >> - { >> - struct client_state *client = cpp; >> -+ enum dhcp_state init_state = client->state; >> -+ struct timeval tv; >> - >> - ASSERT_STATE(state, S_INIT); >> - >> -@@ -1293,9 +1295,18 @@ void state_init (cpp) >> - client -> first_sending = cur_time; >> - client -> interval = client -> config -> initial_interval; >> - >> -- /* Add an immediate timeout to cause the first DHCPDISCOVER packet >> -- to go out. */ >> -- send_discover (client); >> -+ if (init_state != S_DECLINED) { >> -+ /* Add an immediate timeout to cause the first DHCPDISCOVER >> packet >> -+ to go out. */ >> -+ send_discover(client); >> -+ } else { >> -+ /* We've received an OFFER and it has been DECLINEd by >> dhclient-script. >> -+ * wait for a random time between 1 and backoff_cutoff >> seconds before >> -+ * trying again. */ >> -+ tv . tv_sec = cur_time + ((1 + (random() >> 2)) % client- >> >config->backoff_cutoff); >> -+ tv . tv_usec = 0; >> -+ add_timeout(&tv, send_discover, client, 0, 0); >> -+ } >> - } >> - >> - /* >> -@@ -1592,6 +1603,7 @@ void bind_lease (client) >> - "try (declined). Exiting."); >> - exit(2); >> - } else { >> -+ client -> state = S_DECLINED; >> - state_init(client); >> - return; >> - } >> -@@ -4059,6 +4071,7 @@ void client_location_changed () >> - case S_INIT: >> - case S_REBINDING: >> - case S_STOPPED: >> -+ case S_DECLINED: >> - break; >> - } >> - client -> state = S_INIT; >> -diff -up dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj dhcp-4.3.1b1/includes/dhcpd.h >> ---- dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj 2014-07-10 17:38:26.941599360 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:50.526264878 +0200 >> -@@ -1087,7 +1087,8 @@ enum dhcp_state { >> - S_BOUND = 5, >> - S_RENEWING = 6, >> - S_REBINDING = 7, >> -- S_STOPPED = 8 >> -+ S_STOPPED = 8, >> -+ S_DECLINED = 9 >> - }; >> - >> - /* Authentication and BOOTP policy possibilities (not all values work >> diff --git a/src/patches/dhcp/dhcp-dhclient-options.patch >> b/src/patches/dhcp/dhcp-dhclient-options.patch >> deleted file mode 100644 >> index 67f144ecb..000000000 >> --- a/src/patches/dhcp/dhcp-dhclient-options.patch >> +++ /dev/null >> @@ -1,509 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c >> ---- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 >> +0200 >> -+++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200 >> -@@ -148,6 +148,7 @@ isc_result_t read_client_conf () >> - /* Requested lease time, used by DHCPv6 (DHCPv4 uses the option >> cache) >> - */ >> - top_level_config.requested_lease = 7200; >> -+ top_level_config.bootp_broadcast_always = 0; >> - >> - group_allocate (&top_level_config.on_receipt, MDL); >> - if (!top_level_config.on_receipt) >> -@@ -353,7 +354,8 @@ void read_client_leases () >> - interface-declaration | >> - LEASE client-lease-statement | >> - ALIAS client-lease-statement | >> -- KEY key-definition */ >> -+ KEY key-definition | >> -+ BOOTP_BROADCAST_ALWAYS */ >> - >> - void parse_client_statement (cfile, ip, config) >> - struct parse *cfile; >> -@@ -771,6 +773,12 @@ void parse_client_statement (cfile, ip, >> - parse_reject_statement (cfile, config); >> - return; >> - >> -+ case BOOTP_BROADCAST_ALWAYS: >> -+ token = next_token(&val, (unsigned*)0, cfile); >> -+ config -> bootp_broadcast_always = 1; >> -+ parse_semi (cfile); >> -+ return; >> -+ >> - default: >> - lose = 0; >> - stmt = (struct executable_statement *)0; >> -diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8 >> ---- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 >> 19:58:38.000000000 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200 >> -@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr >> - .B -w >> - ] >> - [ >> -+.B -B >> -+] >> -+[ >> -+.B -C >> -+.I dhcp-client-identifier >> -+] >> -+[ >> -+.B -H >> -+.I host-name >> -+] >> -+[ >> -+.B -F >> -+.I fqdn.fqdn >> -+] >> -+[ >> -+.B -V >> -+.I vendor-class-identifier >> -+] >> -+[ >> -+.B -R >> -+.I request-option-list >> -+] >> -+[ >> -+.B -timeout >> -+.I timeout >> -+] >> -+[ >> - .B -v >> - ] >> - [ >> -@@ -275,6 +302,69 @@ not to exit when it doesn't find any suc >> - program can then be used to notify the client when a network interface >> - has been added or removed, so that the client can attempt to configure an IP >> - address on that interface. >> -+ >> -+.TP >> -+.BI \-B >> -+Set the BOOTP broadcast flag in request packets so servers will always >> -+broadcast replies. >> -+ >> -+.TP >> -+.BI \-C\ >> -+Specify the dhcp-client-identifier option to send to the DHCP server. >> -+ >> -+.TP >> -+.BI \-H\ >> -+Specify the host-name option to send to the DHCP server. The host-name >> -+string only contains the client's hostname prefix, to which the server will >> -+append the ddns-domainname or domain-name options, if any, to derive the >> -+fully qualified domain name of the client. The >> -+.B -H >> -+option cannot be used with the >> -+.B -F >> -+option. >> -+ >> -+.TP >> -+.BI \-F\ >> -+Specify the fqdn.fqdn option to send to the DHCP server. This option cannot >> -+be used with the >> -+.B -H >> -+option. The fqdn.fqdn option must specify the complete domain name of the >> -+client host, which the server may use for dynamic DNS updates. >> -+ >> -+.TP >> -+.BI \-V\ >> -+Specify the vendor-class-identifier option to send to the DHCP server. >> -+ >> -+.TP >> -+.BI \-R\