From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: [PATCH] dhcp: Update to 4.4.1 Date: Tue, 01 May 2018 18:10:59 +0200 Message-ID: <8690394a-17a5-7dab-8fbc-8d745390e629@ipfire.org> In-Reply-To: <1525173507.2479471.227.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7397571325177299053==" List-Id: --===============7397571325177299053== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On 01.05.2018 13:18, Michael Tremer wrote: > Hi, >=20 > okay. Let's wait until we hear back from the testers. No problem. > Are you sure that dropping the big patchset doesn't cause us any problems? No. But it was the only chance I saw to build this version. The code changed in a way that I should have rewritten the patches from scratch and that is far beyond my skills. Besides, I'm *never* really sure or trust any kind of software. Software is basically evil. ;-) By now, I'm testing in my (home) environment and the new version is doing its job since the update. No complaints, crashes or seen problems. Best, Matthias > Best, > -Michael >=20 > On Mon, 2018-04-30 at 15:07 +0200, Matthias Fischer wrote: >> For details see: >> https://kb.isc.org/article/AA-01571/82/DHCP-4.4.1-Release-Notes.html >>=20 >> This closes https://bugzilla.ipfire.org/show_bug.cgi?id=3D11697 and >> https://bugzilla.ipfire.org/show_bug.cgi?id=3D11293, hopefully. >>=20 >> This update required some changes as described in: >> https://bugzilla.ipfire.org/show_bug.cgi?id=3D11697#c6 >>=20 >> Best, >> Matthias >>=20 >> Signed-off-by: Matthias Fischer >> --- >> config/rootfiles/common/dhcp | 4 +- >> lfs/dhcp | 39 +- >> .../dhcp/dhcp-64_bit_lease_parse.patch | 75 --- >> src/patches/dhcp/dhcp-CLOEXEC.patch | 342 ---------- >> src/patches/dhcp/dhcp-PPP.patch | 150 ----- >> src/patches/dhcp/dhcp-UseMulticast.patch | 241 -------- >> .../dhcp/dhcp-add_timeout_when_NULL.patch | 14 - >> src/patches/dhcp/dhcp-capability.patch | 250 -------- >> .../dhcp/dhcp-default-requested-options.patch | 44 -- >> .../dhcp/dhcp-dhclient-decline-backoff.patch | 63 -- >> src/patches/dhcp/dhcp-dhclient-options.patch | 509 --------------- >> src/patches/dhcp/dhcp-errwarn-message.patch | 22 - >> src/patches/dhcp/dhcp-garbage-chars.patch | 12 - >> src/patches/dhcp/dhcp-gpxe-cid.patch | 73 --- >> src/patches/dhcp/dhcp-honor-expired.patch | 49 -- >> src/patches/dhcp/dhcp-improved-xid.patch | 138 ----- >> src/patches/dhcp/dhcp-logpid.patch | 11 - >> src/patches/dhcp/dhcp-lpf-ib.patch | 585 ------------------ >> src/patches/dhcp/dhcp-manpages.patch | 157 ----- >> src/patches/dhcp/dhcp-paranoia.patch | 156 ----- >> src/patches/dhcp/dhcp-paths.patch | 44 -- >> src/patches/dhcp/dhcp-release-by-ifup.patch | 85 --- >> src/patches/dhcp/dhcp-remove-bind.patch | 192 ------ >> ...dhcp-rfc3442-classless-static-routes.patch | 405 ------------ >> src/patches/dhcp/dhcp-sendDecline.patch | 231 ------- >> src/patches/dhcp/dhcp-sharedlib.patch | 107 ---- >> .../dhcp/dhcp-stateless-DUID-LLT.patch | 48 -- >> src/patches/dhcp/dhcp-unicast-bootp.patch | 101 --- >> src/patches/dhcp/dhcp-xen-checksum.patch | 251 -------- >> 29 files changed, 7 insertions(+), 4391 deletions(-) >> delete mode 100644 src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> delete mode 100644 src/patches/dhcp/dhcp-CLOEXEC.patch >> delete mode 100644 src/patches/dhcp/dhcp-PPP.patch >> delete mode 100644 src/patches/dhcp/dhcp-UseMulticast.patch >> delete mode 100644 src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> delete mode 100644 src/patches/dhcp/dhcp-capability.patch >> delete mode 100644 src/patches/dhcp/dhcp-default-requested-options.patch >> delete mode 100644 src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> delete mode 100644 src/patches/dhcp/dhcp-dhclient-options.patch >> delete mode 100644 src/patches/dhcp/dhcp-errwarn-message.patch >> delete mode 100644 src/patches/dhcp/dhcp-garbage-chars.patch >> delete mode 100644 src/patches/dhcp/dhcp-gpxe-cid.patch >> delete mode 100644 src/patches/dhcp/dhcp-honor-expired.patch >> delete mode 100644 src/patches/dhcp/dhcp-improved-xid.patch >> delete mode 100644 src/patches/dhcp/dhcp-logpid.patch >> delete mode 100644 src/patches/dhcp/dhcp-lpf-ib.patch >> delete mode 100644 src/patches/dhcp/dhcp-manpages.patch >> delete mode 100644 src/patches/dhcp/dhcp-paranoia.patch >> delete mode 100644 src/patches/dhcp/dhcp-paths.patch >> delete mode 100644 src/patches/dhcp/dhcp-release-by-ifup.patch >> delete mode 100644 src/patches/dhcp/dhcp-remove-bind.patch >> delete mode 100644 src/patches/dhcp/dhcp-rfc3442-classless-static- >> routes.patch >> delete mode 100644 src/patches/dhcp/dhcp-sendDecline.patch >> delete mode 100644 src/patches/dhcp/dhcp-sharedlib.patch >> delete mode 100644 src/patches/dhcp/dhcp-stateless-DUID-LLT.patch >> delete mode 100644 src/patches/dhcp/dhcp-unicast-bootp.patch >> delete mode 100644 src/patches/dhcp/dhcp-xen-checksum.patch >>=20 >> diff --git a/config/rootfiles/common/dhcp b/config/rootfiles/common/dhcp >> index ff225a571..9e6d52e4e 100644 >> --- a/config/rootfiles/common/dhcp >> +++ b/config/rootfiles/common/dhcp >> @@ -5,8 +5,6 @@ etc/dhcp/dhcpd.conf >> #usr/bin/omshell >> #usr/include/dhcpctl >> #usr/include/dhcpctl/dhcpctl.h >> -#usr/include/isc-dhcp >> -#usr/include/isc-dhcp/dst.h >> #usr/include/omapip >> #usr/include/omapip/alloc.h >> #usr/include/omapip/buffer.h >> @@ -17,8 +15,8 @@ etc/dhcp/dhcpd.conf >> #usr/include/omapip/omapip_p.h >> #usr/include/omapip/result.h >> #usr/include/omapip/trace.h >> +#usr/lib/libdhcp.a >> #usr/lib/libdhcpctl.a >> -#usr/lib/libdst.a >> #usr/lib/libomapi.a >> #usr/sbin/dhclient >> usr/sbin/dhcpd >> diff --git a/lfs/dhcp b/lfs/dhcp >> index 262a25129..a055d6081 100644 >> --- a/lfs/dhcp >> +++ b/lfs/dhcp >> @@ -1,7 +1,7 @@ >> #########################################################################= #### >> ## >> # = =20 >> # >> # IPFire.org - A linux based >> firewall # >> -# Copyright (C) 2007-2015 IPFire Team = =20 >> # >> +# Copyright (C) 2007-2018 IPFire Team = =20 >> # >> # = =20 >> # >> # This program is free software: you can redistribute it and/or >> modify # >> # it under the terms of the GNU General Public License as published >> by # >> @@ -24,7 +24,7 @@ >> =20 >> include Config >> =20 >> -VER =3D 4.3.1 >> +VER =3D 4.4.1 >> =20 >> THISAPP =3D dhcp-$(VER) >> DL_FILE =3D $(THISAPP).tar.gz >> @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) >> =20 >> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >> =20 >> -$(DL_FILE)_MD5 =3D b3a42ece3c7f2cd2e74a3e12ca881d20 >> +$(DL_FILE)_MD5 =3D 18c7f4dcbb0a63df25098216d47b1ede >> =20 >> install : $(TARGET) >> =20 >> @@ -71,47 +71,20 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> @$(PREBUILD) >> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) >> =20 >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> remove-bind.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> errwarn-message.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> dhclient-options.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> release-by-ifup.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> dhclient-decline-backoff.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> unicast-bootp.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> default-requested-options.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-xen- >> checksum.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> manpages.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> paths.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> CLOEXEC.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> garbage-chars.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> add_timeout_when_NULL.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> 64_bit_lease_parse.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> capability.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> logpid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> UseMulticast.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> sendDecline.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> rfc3442-classless-static-routes.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-honor- >> expired.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> sharedlib.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> PPP.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> paranoia.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-lpf- >> ib.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> improved-xid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-gpxe- >> cid.patch >> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp- >> stateless-DUID-LLT.patch >> - >> # Help unpacking bundled BIND >> - cd $(DIR_APP) && sed -e "s/gunzip -c/&d/" -i bind/Makefile >> + cd $(DIR_APP) && sed -e "s/gunzip -c/&d/" -i bind/Makefile.in >> =20 >> cd $(DIR_APP) && \ >> ./configure \ >> --prefix=3D/usr \ >> --sysconfdir=3D/etc/dhcp \ >> + --with-srv-conf-file=3D/etc/dhcp/dhcpd.conf \ >> --with-srv-lease-file=3D/var/state/dhcp/dhcpd.leases \ >> --enable-paranoia \ >> --enable-early-chroot \ >> --disable-dhcpv6 >> =20 >> - cd $(DIR_APP) && make $(MAKETUNING) >> + cd $(DIR_APP) && make >> cd $(DIR_APP) && make install >> =20 >> mkdir -pv /var/state/dhcp >> diff --git a/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> b/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> deleted file mode 100644 >> index a07b5b032..000000000 >> --- a/src/patches/dhcp/dhcp-64_bit_lease_parse.patch >> +++ /dev/null >> @@ -1,75 +0,0 @@ >> -diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp- >> 4.3.0a1/common/parse.c >> ---- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100 >> -@@ -938,8 +938,8 @@ TIME >> - parse_date_core(cfile) >> - struct parse *cfile; >> - { >> -- int guess; >> -- int tzoff, year, mon, mday, hour, min, sec; >> -+ TIME guess; >> -+ long int tzoff, year, mon, mday, hour, min, sec; >> - const char *val; >> - enum dhcp_token token; >> - static int months[11] =3D { 31, 59, 90, 120, 151, 181, >> -@@ -965,7 +965,7 @@ parse_date_core(cfile) >> - } >> -=20 >> - skip_token(&val, NULL, cfile); /* consume number */ >> -- guess =3D atoi(val); >> -+ guess =3D atol(val); >> -=20 >> - return((TIME)guess); >> - } >> -@@ -993,7 +993,7 @@ parse_date_core(cfile) >> - somebody invents a time machine, I think we can safely disregard >> - it. This actually works around a stupid Y2K bug that was >> present >> - in a very early beta release of dhcpd. */ >> -- year =3D atoi(val); >> -+ year =3D atol(val); >> - if (year > 1900) >> - year -=3D 1900; >> -=20 >> -@@ -1039,7 +1039,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume day of month */ >> -- mday =3D atoi(val); >> -+ mday =3D atol(val); >> -=20 >> - /* Hour... */ >> - token =3D peek_token(&val, NULL, cfile); >> -@@ -1050,7 +1050,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume hour */ >> -- hour =3D atoi(val); >> -+ hour =3D atol(val); >> -=20 >> - /* Colon separating hour from minute... */ >> - token =3D peek_token(&val, NULL, cfile); >> -@@ -1072,7 +1072,7 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume minute */ >> -- min =3D atoi(val); >> -+ min =3D atol(val); >> -=20 >> - /* Colon separating minute from second... */ >> - token =3D peek_token(&val, NULL, cfile); >> -@@ -1094,13 +1094,13 @@ parse_date_core(cfile) >> - return((TIME)0); >> - } >> - skip_token(&val, NULL, cfile); /* consume second */ >> -- sec =3D atoi(val); >> -+ sec =3D atol(val); >> -=20 >> - tzoff =3D 0; >> - token =3D peek_token(&val, NULL, cfile); >> - if (token =3D=3D NUMBER) { >> - skip_token(&val, NULL, cfile); /* consume tzoff */ >> -- tzoff =3D atoi(val); >> -+ tzoff =3D atol(val); >> - } else if (token !=3D SEMI) { >> - skip_token(&val, NULL, cfile); >> - parse_warn(cfile, >> diff --git a/src/patches/dhcp/dhcp-CLOEXEC.patch b/src/patches/dhcp/dhcp- >> CLOEXEC.patch >> deleted file mode 100644 >> index 722865e4f..000000000 >> --- a/src/patches/dhcp/dhcp-CLOEXEC.patch >> +++ /dev/null >> @@ -1,342 +0,0 @@ >> -diff -up dhcp-4.3.0a1/client/clparse.c.cloexec dhcp-4.3.0a1/client/clpars= e.c >> ---- dhcp-4.3.0a1/client/clparse.c.cloexec 2013-12-19 >> 15:34:41.638886256 +0100 >> -+++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:34:41.657885985 +0100 >> -@@ -253,7 +253,7 @@ int read_client_conf_file (const char *n >> - int token; >> - isc_result_t status; >> -=20 >> -- if ((file =3D open (name, O_RDONLY)) < 0) >> -+ if ((file =3D open (name, O_RDONLY | O_CLOEXEC)) < 0) >> - return uerr2isc (errno); >> -=20 >> - cfile =3D NULL; >> -@@ -290,7 +290,7 @@ void read_client_leases () >> -=20 >> - /* Open the lease file. If we can't open it, just return - >> - we can safely trust the server to remember our state. */ >> -- if ((file =3D open (path_dhclient_db, O_RDONLY)) < 0) >> -+ if ((file =3D open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0) >> - return; >> -=20 >> - cfile =3D NULL; >> -diff -up dhcp-4.3.0a1/client/dhclient.c.cloexec dhcp- >> 4.3.0a1/client/dhclient.c >> ---- dhcp-4.3.0a1/client/dhclient.c.cloexec 2013-12-19 >> 15:34:41.629886384 +0100 >> -+++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:36:41.608180467 +0100 >> -@@ -148,11 +148,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and >> - 2 (stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 0) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 1) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 2) >> - log_perror =3D 0; /* No sense logging to /dev/null. */ >> - else if (fd !=3D -1) >> -@@ -504,7 +504,7 @@ main(int argc, char **argv) { >> - long temp; >> - int e; >> -=20 >> -- if ((pidfd =3D fopen(path_dhclient_pid, "r")) !=3D NULL) { >> -+ if ((pidfd =3D fopen(path_dhclient_pid, "re")) !=3D NULL) { >> - e =3D fscanf(pidfd, "%ld\n", &temp); >> - oldpid =3D (pid_t)temp; >> -=20 >> -@@ -554,7 +554,7 @@ main(int argc, char **argv) { >> - strncpy(new_path_dhclient_pid, >> path_dhclient_pid, pfx); >> - sprintf(new_path_dhclient_pid + pfx, >> "-%s.pid", ip->name); >> -=20 >> -- if ((pidfd =3D >> fopen(new_path_dhclient_pid, "r")) !=3D NULL) { >> -+ if ((pidfd =3D >> fopen(new_path_dhclient_pid, "re")) !=3D NULL) { >> - e =3D fscanf(pidfd, "%ld\n", >> &temp); >> - oldpid =3D (pid_t)temp; >> -=20 >> -@@ -579,7 +579,7 @@ main(int argc, char **argv) { >> - int dhc_running =3D 0; >> - char procfn[256] =3D ""; >> -=20 >> -- if ((pidfp =3D fopen(path_dhclient_pid, "r")) !=3D NULL) { >> -+ if ((pidfp =3D fopen(path_dhclient_pid, "re")) !=3D NULL) { >> - if ((fscanf(pidfp, "%ld", &temp)=3D=3D1) && >> ((dhcpid=3D(pid_t)temp) > 0)) { >> - snprintf(procfn,256,"/proc/%u",dhcpid); >> - dhc_running =3D (access(procfn, F_OK) =3D=3D 0); >> -@@ -3077,7 +3077,7 @@ void rewrite_client_leases () >> -=20 >> - if (leaseFile !=3D NULL) >> - fclose (leaseFile); >> -- leaseFile =3D fopen (path_dhclient_db, "w"); >> -+ leaseFile =3D fopen (path_dhclient_db, "we"); >> - if (leaseFile =3D=3D NULL) { >> - log_error ("can't create %s: %m", path_dhclient_db); >> - return; >> -@@ -3261,7 +3261,7 @@ write_duid(struct data_string *duid) >> - return DHCP_R_INVALIDARG; >> -=20 >> - if (leaseFile =3D=3D NULL) { /* XXX? */ >> -- leaseFile =3D fopen(path_dhclient_db, "w"); >> -+ leaseFile =3D fopen(path_dhclient_db, "we"); >> - if (leaseFile =3D=3D NULL) { >> - log_error("can't create %s: %m", path_dhclient_db); >> - return ISC_R_IOERROR; >> -@@ -3441,7 +3441,7 @@ int write_client_lease (client, lease, r >> - return 1; >> -=20 >> - if (leaseFile =3D=3D NULL) { /* XXX */ >> -- leaseFile =3D fopen (path_dhclient_db, "w"); >> -+ leaseFile =3D fopen (path_dhclient_db, "we"); >> - if (leaseFile =3D=3D NULL) { >> - log_error ("can't create %s: %m", path_dhclient_db); >> - return 0; >> -@@ -3952,9 +3952,9 @@ void go_daemon () >> - (void) close(2); >> -=20 >> - /* Reopen them on /dev/null. */ >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -=20 >> - write_client_pid_file (); >> -=20 >> -@@ -3971,14 +3971,14 @@ void write_client_pid_file () >> - return; >> - } >> -=20 >> -- pfdesc =3D open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, >> 0644); >> -+ pfdesc =3D open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY | >> O_CLOEXEC, 0644); >> -=20 >> - if (pfdesc < 0) { >> - log_error ("Can't create %s: %m", path_dhclient_pid); >> - return; >> - } >> -=20 >> -- pf =3D fdopen (pfdesc, "w"); >> -+ pf =3D fdopen (pfdesc, "we"); >> - if (!pf) { >> - close(pfdesc); >> - log_error ("Can't fdopen %s: %m", path_dhclient_pid); >> -diff -up dhcp-4.3.0a1/common/bpf.c.cloexec dhcp-4.3.0a1/common/bpf.c >> ---- dhcp-4.3.0a1/common/bpf.c.cloexec 2013-12-19 15:34:41.640886227 >> +0100 >> -+++ dhcp-4.3.0a1/common/bpf.c 2013-12-19 15:34:41.661885928 +0100 >> -@@ -95,7 +95,7 @@ int if_register_bpf (info) >> - for (b =3D 0; 1; b++) { >> - /* %Audit% 31 bytes max. %2004.06.17,Safe% */ >> - sprintf(filename, BPF_FORMAT, b); >> -- sock =3D open (filename, O_RDWR, 0); >> -+ sock =3D open (filename, O_RDWR | O_CLOEXEC, 0); >> - if (sock < 0) { >> - if (errno =3D=3D EBUSY) { >> - continue; >> -diff -up dhcp-4.3.0a1/common/dlpi.c.cloexec dhcp-4.3.0a1/common/dlpi.c >> ---- dhcp-4.3.0a1/common/dlpi.c.cloexec 2013-12-19 15:34:41.641886213 >> +0100 >> -+++ dhcp-4.3.0a1/common/dlpi.c 2013-12-19 15:34:41.662885914 +0100 >> -@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) { >> - } >> - *dp =3D '\0'; >> - =09 >> -- return open (devname, O_RDWR, 0); >> -+ return open (devname, O_RDWR | O_CLOEXEC, 0); >> - } >> -=20 >> - /* >> -diff -up dhcp-4.3.0a1/common/nit.c.cloexec dhcp-4.3.0a1/common/nit.c >> ---- dhcp-4.3.0a1/common/nit.c.cloexec 2013-12-19 15:34:41.642886199 >> +0100 >> -+++ dhcp-4.3.0a1/common/nit.c 2013-12-19 15:34:41.662885914 +0100 >> -@@ -81,7 +81,7 @@ int if_register_nit (info) >> - struct strioctl sio; >> -=20 >> - /* Open a NIT device */ >> -- sock =3D open ("/dev/nit", O_RDWR); >> -+ sock =3D open ("/dev/nit", O_RDWR | O_CLOEXEC); >> - if (sock < 0) >> - log_fatal ("Can't open NIT device for %s: %m", info -> >> name); >> -=20 >> -diff -up dhcp-4.3.0a1/common/resolv.c.cloexec dhcp-4.3.0a1/common/resolv.c >> ---- dhcp-4.3.0a1/common/resolv.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/common/resolv.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -50,7 +50,7 @@ void read_resolv_conf (parse_time) >> - struct domain_search_list *dp, *dl, *nd; >> - isc_result_t status; >> -=20 >> -- if ((file =3D open (path_resolv_conf, O_RDONLY)) < 0) { >> -+ if ((file =3D open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) { >> - log_error ("Can't open %s: %m", path_resolv_conf); >> - return; >> - } >> -diff -up dhcp-4.3.0a1/common/upf.c.cloexec dhcp-4.3.0a1/common/upf.c >> ---- dhcp-4.3.0a1/common/upf.c.cloexec 2013-12-19 15:34:41.642886199 >> +0100 >> -+++ dhcp-4.3.0a1/common/upf.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -77,7 +77,7 @@ int if_register_upf (info) >> - /* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */ >> - sprintf(filename, "/dev/pf/pfilt%d", b); >> -=20 >> -- sock =3D open (filename, O_RDWR, 0); >> -+ sock =3D open (filename, O_RDWR | O_CLOEXEC, 0); >> - if (sock < 0) { >> - if (errno =3D=3D EBUSY) { >> - continue; >> -diff -up dhcp-4.3.0a1/omapip/trace.c.cloexec dhcp-4.3.0a1/omapip/trace.c >> ---- dhcp-4.3.0a1/omapip/trace.c.cloexec 2013-12-11 01:01:03.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/omapip/trace.c 2013-12-19 15:34:41.663885900 +0100 >> -@@ -142,10 +142,10 @@ isc_result_t trace_begin (const char *fi >> - return DHCP_R_INVALIDARG; >> - } >> -=20 >> -- traceoutfile =3D open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600); >> -+ traceoutfile =3D open (filename, O_CREAT | O_WRONLY | O_EXCL | >> O_CLOEXEC, 0600); >> - if (traceoutfile < 0 && errno =3D=3D EEXIST) { >> - log_error ("WARNING: Overwriting trace file \"%s\"", >> filename); >> -- traceoutfile =3D open (filename, O_WRONLY | O_EXCL | O_TRUNC, >> -+ traceoutfile =3D open (filename, O_WRONLY | O_EXCL | O_TRUNC | >> O_CLOEXEC, >> - 0600); >> - } >> -=20 >> -@@ -433,7 +433,7 @@ void trace_file_replay (const char *file >> - isc_result_t result; >> - int len; >> -=20 >> -- traceinfile =3D fopen (filename, "r"); >> -+ traceinfile =3D fopen (filename, "re"); >> - if (!traceinfile) { >> - log_error("Can't open tracefile %s: %m", filename); >> - return; >> -diff -up dhcp-4.3.0a1/relay/dhcrelay.c.cloexec dhcp-4.3.0a1/relay/dhcrela= y.c >> ---- dhcp-4.3.0a1/relay/dhcrelay.c.cloexec 2013-12-13 >> 22:26:21.000000000 +0100 >> -+++ dhcp-4.3.0a1/relay/dhcrelay.c 2013-12-19 15:34:41.664885886 +0100 >> -@@ -193,11 +193,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0(stdin), 1,(stdout), and >> - 2(stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 0) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 1) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 2) >> - log_perror =3D 0; /* No sense logging to /dev/null. */ >> - else if (fd !=3D -1) >> -@@ -564,13 +564,13 @@ main(int argc, char **argv) { >> -=20 >> - if (no_pid_file =3D=3D ISC_FALSE) { >> - pfdesc =3D open(path_dhcrelay_pid, >> -- O_CREAT | O_TRUNC | O_WRONLY, 0644); >> -+ O_CREAT | O_TRUNC | O_WRONLY | >> O_CLOEXEC, 0644); >> -=20 >> - if (pfdesc < 0) { >> - log_error("Can't create %s: %m", >> - path_dhcrelay_pid); >> - } else { >> -- pf =3D fdopen(pfdesc, "w"); >> -+ pf =3D fdopen(pfdesc, "we"); >> - if (!pf) >> - log_error("Can't fdopen %s: %m", >> - path_dhcrelay_pid); >> -diff -up dhcp-4.3.0a1/server/confpars.c.cloexec dhcp- >> 4.3.0a1/server/confpars.c >> ---- dhcp-4.3.0a1/server/confpars.c.cloexec 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/server/confpars.c 2013-12-19 15:34:41.665885871 +0100 >> -@@ -117,7 +117,7 @@ isc_result_t read_conf_file (const char >> - } >> - #endif >> -=20 >> -- if ((file =3D open (filename, O_RDONLY)) < 0) { >> -+ if ((file =3D open (filename, O_RDONLY | O_CLOEXEC)) < 0) { >> - if (leasep) { >> - log_error ("Can't open lease database %s: %m --", >> - path_dhcpd_db); >> -diff -up dhcp-4.3.0a1/server/db.c.cloexec dhcp-4.3.0a1/server/db.c >> ---- dhcp-4.3.0a1/server/db.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/db.c 2013-12-19 15:34:41.666885857 +0100 >> -@@ -1081,7 +1081,7 @@ void db_startup (testp) >> - } >> - #endif >> - if (!testp) { >> -- db_file =3D fopen (path_dhcpd_db, "a"); >> -+ db_file =3D fopen (path_dhcpd_db, "ae"); >> - if (!db_file) >> - log_fatal ("Can't open %s for append.", >> path_dhcpd_db); >> - expire_all_pools (); >> -@@ -1129,12 +1129,12 @@ int new_lease_file () >> - path_dhcpd_db, (int)t) >=3D sizeof newfname) >> - log_fatal("new_lease_file: lease file path too long"); >> -=20 >> -- db_fd =3D open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664); >> -+ db_fd =3D open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, >> 0664); >> - if (db_fd < 0) { >> - log_error ("Can't create new lease file: %m"); >> - return 0; >> - } >> -- if ((new_db_file =3D fdopen(db_fd, "w")) =3D=3D NULL) { >> -+ if ((new_db_file =3D fdopen(db_fd, "we")) =3D=3D NULL) { >> - log_error("Can't fdopen new lease file: %m"); >> - close(db_fd); >> - goto fdfail; >> -diff -up dhcp-4.3.0a1/server/dhcpd.c.cloexec dhcp-4.3.0a1/server/dhcpd.c >> ---- dhcp-4.3.0a1/server/dhcpd.c.cloexec 2013-12-13 22:26:01.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/dhcpd.c 2013-12-19 15:37:17.258674472 +0100 >> -@@ -193,11 +193,11 @@ main(int argc, char **argv) { >> - /* Make sure that file descriptors 0 (stdin), 1, (stdout), and >> - 2 (stderr) are open. To do this, we assume that when we >> - open a file the lowest available file descriptor is used. */ >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 0) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 1) >> -- fd =3D open("/dev/null", O_RDWR); >> -+ fd =3D open("/dev/null", O_RDWR | O_CLOEXEC); >> - if (fd =3D=3D 2) >> - log_perror =3D 0; /* No sense logging to /dev/null. */ >> - else if (fd !=3D -1) >> -@@ -716,7 +716,7 @@ main(int argc, char **argv) { >> - */ >> - if (no_pid_file =3D=3D ISC_FALSE) { >> - /*Read previous pid file. */ >> -- if ((i =3D open (path_dhcpd_pid, O_RDONLY)) >=3D 0) { >> -+ if ((i =3D open (path_dhcpd_pid, O_RDONLY | O_CLOEXEC)) >=3D 0) >> { >> - status =3D read(i, pbuf, (sizeof pbuf) - 1); >> - close (i); >> - if (status > 0) { >> -@@ -735,7 +735,7 @@ main(int argc, char **argv) { >> - } >> -=20 >> - /* Write new pid file. */ >> -- i =3D open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644); >> -+ i =3D open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, >> 0644); >> - if (i >=3D 0) { >> - sprintf(pbuf, "%d\n", (int) getpid()); >> - IGNORE_RET (write(i, pbuf, strlen(pbuf))); >> -@@ -763,9 +763,9 @@ main(int argc, char **argv) { >> - (void) close(2); >> -=20 >> - /* Reopen them on /dev/null. */ >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -- (void) open("/dev/null", O_RDWR); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> -+ (void) open("/dev/null", O_RDWR | O_CLOEXEC); >> - log_perror =3D 0; /* No sense logging to /dev/null. */ >> -=20 >> - IGNORE_RET (chdir("/")); >> -diff -up dhcp-4.3.0a1/server/ldap.c.cloexec dhcp-4.3.0a1/server/ldap.c >> ---- dhcp-4.3.0a1/server/ldap.c.cloexec 2013-12-11 01:25:12.000000000 >> +0100 >> -+++ dhcp-4.3.0a1/server/ldap.c 2013-12-19 15:34:41.667885843 +0100 >> -@@ -684,7 +684,7 @@ ldap_start (void) >> -=20 >> - if (ldap_debug_file !=3D NULL && ldap_debug_fd =3D=3D -1) >> - { >> -- if ((ldap_debug_fd =3D open (ldap_debug_file, O_CREAT | O_TRUNC | >> O_WRONLY, >> -+ if ((ldap_debug_fd =3D open (ldap_debug_file, O_CREAT | O_TRUNC | >> O_WRONLY | O_CLOEXEC, >> - S_IRUSR | S_IWUSR)) < 0) >> - log_error ("Error opening debug LDAP log file %s: %s", >> ldap_debug_file, >> - strerror (errno)); >> diff --git a/src/patches/dhcp/dhcp-PPP.patch b/src/patches/dhcp/dhcp-PPP.p= atch >> deleted file mode 100644 >> index 5d022e432..000000000 >> --- a/src/patches/dhcp/dhcp-PPP.patch >> +++ /dev/null >> @@ -1,150 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhc6.c.mRfpsB dhcp-4.3.1b1/client/dhc6.c >> ---- dhcp-4.3.1b1/client/dhc6.c.mRfpsB 2014-07-10 17:48:03.779424870 >> +0200 >> -+++ dhcp-4.3.1b1/client/dhc6.c 2014-07-10 17:48:03.795424644 +0200 >> -@@ -5088,7 +5088,8 @@ make_client6_options(struct client_state >> - */ >> - if ((oc =3D lookup_option(&dhcpv6_universe, *op, >> - D6O_CLIENTID)) =3D=3D NULL) { >> -- if (!option_cache(&oc, &default_duid, NULL, clientid_option, >> -+ if (default_duid.len =3D=3D 0 || >> -+ !option_cache(&oc, &default_duid, NULL, clientid_option, >> - MDL)) >> - log_fatal("Failure assembling a DUID."); >> -=20 >> -diff -up dhcp-4.3.1b1/client/dhclient.c.mRfpsB dhcp-4.3.1b1/client/dhclie= nt.c >> ---- dhcp-4.3.1b1/client/dhclient.c.mRfpsB 2014-07-10 >> 17:39:25.853763858 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:49:49.882925843 +0200 >> -@@ -948,8 +948,8 @@ main(int argc, char **argv) { >> - if (default_duid.buffer !=3D NULL) >> - data_string_forget(&default_duid, MDL); >> -=20 >> -- form_duid(&default_duid, MDL); >> -- write_duid(&default_duid); >> -+ if (form_duid(&default_duid, MDL) =3D=3D ISC_R_SUCCESS) >> -+ write_duid(&default_duid); >> - } >> - } >> -=20 >> -@@ -3267,7 +3267,7 @@ write_options(struct client_state *clien >> - * is not how it is intended. Upcoming rearchitecting the client should >> - * address this "one daemon model." >> - */ >> --void >> -+isc_result_t >> - form_duid(struct data_string *duid, const char *file, int line) >> - { >> - struct interface_info *ip; >> -@@ -3280,6 +3280,15 @@ form_duid(struct data_string *duid, cons >> - if (ip =3D=3D NULL) >> - log_fatal("Impossible condition at %s:%d.", MDL); >> -=20 >> -+ while (ip && ip->hw_address.hbuf[0] =3D=3D HTYPE_RESERVED) { >> -+ /* Try the other interfaces */ >> -+ log_debug("Cannot form default DUID from interface %s.", ip- >> >name); >> -+ ip =3D ip->next; >> -+ } >> -+ if (ip =3D=3D NULL) { >> -+ return ISC_R_UNEXPECTED; >> -+ } >> -+ >> - if ((ip->hw_address.hlen =3D=3D 0) || >> - (ip->hw_address.hlen > sizeof(ip->hw_address.hbuf))) >> - log_fatal("Impossible hardware address length at %s:%d.", >> MDL); >> -@@ -3323,6 +3332,8 @@ form_duid(struct data_string *duid, cons >> - log_info("Created duid %s.", str); >> - dfree(str, MDL); >> - } >> -+=09 >> -+ return ISC_R_SUCCESS; >> - } >> -=20 >> - /* Write the default DUID to the lease store. */ >> -diff -up dhcp-4.3.1b1/common/bpf.c.mRfpsB dhcp-4.3.1b1/common/bpf.c >> ---- dhcp-4.3.1b1/common/bpf.c.mRfpsB 2014-07-10 17:39:25.797764653 >> +0200 >> -+++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:48:03.797424616 +0200 >> -@@ -600,6 +600,22 @@ get_hw_addr(const char *name, struct har >> - memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen); >> - break; >> - #endif /* IFT_FDDI */ >> -+#if defined(IFT_PPP) >> -+ case IFT_PPP: >> -+ if (local_family !=3D AF_INET6) >> -+ log_fatal("Unsupported device type %d for >> \"%s\"", >> -+ sa->sdl_type, name); >> -+ hw->hlen =3D 0; >> -+ hw->hbuf[0] =3D HTYPE_RESERVED; >> -+ /* 0xdeadbeef should never occur on the wire, >> -+ * and is a signature that something went wrong. >> -+ */ >> -+ hw->hbuf[1] =3D 0xde; >> -+ hw->hbuf[2] =3D 0xad; >> -+ hw->hbuf[3] =3D 0xbe; >> -+ hw->hbuf[4] =3D 0xef; >> -+ break; >> -+#endif >> - default: >> - log_fatal("Unsupported device type %d for \"%s\"= ", >> - sa->sdl_type, name); >> -diff -up dhcp-4.3.1b1/common/lpf.c.mRfpsB dhcp-4.3.1b1/common/lpf.c >> ---- dhcp-4.3.1b1/common/lpf.c.mRfpsB 2014-07-10 17:39:25.744765404 >> +0200 >> -+++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:48:03.797424616 +0200 >> -@@ -511,6 +511,22 @@ get_hw_addr(const char *name, struct har >> - hw->hbuf[0] =3D HTYPE_FDDI; >> - memcpy(&hw->hbuf[1], sa->sa_data, 6); >> - break; >> -+#if defined(ARPHRD_PPP) >> -+ case ARPHRD_PPP: >> -+ if (local_family !=3D AF_INET6) >> -+ log_fatal("Unsupported device type %d for >> \"%s\"", >> -+ sa->sa_family, name); >> -+ hw->hlen =3D 0; >> -+ hw->hbuf[0] =3D HTYPE_RESERVED; >> -+ /* 0xdeadbeef should never occur on the wire, >> -+ * and is a signature that something went wrong. >> -+ */ >> -+ hw->hbuf[1] =3D 0xde; >> -+ hw->hbuf[2] =3D 0xad; >> -+ hw->hbuf[3] =3D 0xbe; >> -+ hw->hbuf[4] =3D 0xef; >> -+ break; >> -+#endif >> - default: >> - log_fatal("Unsupported device type %ld for \"%s\"", >> - (long int)sa->sa_family, name); >> -diff -up dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB dhcp-4.3.1b1/includes/dhcpd= .h >> ---- dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB 2014-07-10 17:48:03.761425124 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:48:03.798424601 +0200 >> -@@ -2839,7 +2839,7 @@ void client_dns_remove(struct client_sta >> -=20 >> - void dhcpv4_client_assignments(void); >> - void dhcpv6_client_assignments(void); >> --void form_duid(struct data_string *duid, const char *file, int line); >> -+isc_result_t form_duid(struct data_string *duid, const char *file, int >> line); >> -=20 >> - /* dhc6.c */ >> - void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int >> line); >> -diff -up dhcp-4.3.1b1/includes/dhcp.h.mRfpsB dhcp-4.3.1b1/includes/dhcp.h >> ---- dhcp-4.3.1b1/includes/dhcp.h.mRfpsB 2014-07-10 17:48:03.761425124 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcp.h 2014-07-10 17:48:03.798424601 +0200 >> -@@ -81,6 +81,8 @@ struct dhcp_packet { >> - * is no standard for this so we >> - * just steal a type */ >> -=20 >> -+#define HTYPE_RESERVED 0 /* RFC 5494 */ >> -+ >> - /* Magic cookie validating dhcp options field (and bootp vendor >> - extensions field). */ >> - #define DHCP_OPTIONS_COOKIE "\143\202\123\143" >> -diff -up dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB dhcp-4.3.1b1/server/dhcpv6.c >> ---- dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB 2014-07-10 17:47:31.464881409 >> +0200 >> -+++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 17:48:03.800424573 +0200 >> -@@ -330,6 +330,9 @@ generate_new_server_duid(void) { >> - if (p->hw_address.hlen > 0) { >> - break; >> - } >> -+ if (p->next =3D=3D NULL && p->hw_address.hbuf[0] =3D=3D >> HTYPE_RESERVED) { >> -+ log_error("Can not generate DUID from interfaces >> which do not have hardware addresses, please configure server-duid!"); >> -+ } >> - } >> - if (p =3D=3D NULL) { >> - return ISC_R_UNEXPECTED; >> diff --git a/src/patches/dhcp/dhcp-UseMulticast.patch b/src/patches/dhcp/d= hcp- >> UseMulticast.patch >> deleted file mode 100644 >> index ee0ea6b9a..000000000 >> --- a/src/patches/dhcp/dhcp-UseMulticast.patch >> +++ /dev/null >> @@ -1,241 +0,0 @@ >> -diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp- >> 4.3.1b1/server/dhcpv6.c >> ---- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 >> 19:58:40.000000000 +0200 >> -+++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200 >> -@@ -376,6 +376,48 @@ generate_new_server_duid(void) { >> - } >> -=20 >> - /* >> -+ * Is the D6O_UNICAST option defined in dhcpd.conf ? >> -+ */ >> -+static isc_boolean_t unicast_option_defined; >> -+ >> -+/* >> -+ * Did we already search dhcpd.conf for D6O_UNICAST option ? >> -+ * We need to store it here to not parse dhcpd.conf repeatedly. >> -+ */ >> -+static isc_boolean_t unicast_option_parsed =3D ISC_FALSE; >> -+ >> -+ >> -+/* >> -+ * Is the D6O_UNICAST option defined in dhcpd.conf ? >> -+ */ >> -+isc_boolean_t >> -+is_unicast_option_defined(void) { >> -+ struct option_state *opt_state; >> -+ struct option_cache *oc; >> -+ >> -+ /* >> -+ * If we are looking for the unicast option for the first time >> -+ */ >> -+ if (unicast_option_parsed =3D=3D ISC_FALSE) { >> -+ unicast_option_parsed =3D ISC_TRUE; >> -+ opt_state =3D NULL; >> -+ if (!option_state_allocate(&opt_state, MDL)) { >> -+ log_fatal("No memory for option state."); >> -+ } >> -+ >> -+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL, >> -+ opt_state, &global_scope, root_group, NULL, >> NULL); >> -+ >> -+ oc =3D lookup_option(&dhcpv6_universe, opt_state, >> D6O_UNICAST); >> -+ unicast_option_defined =3D (oc !=3D NULL); >> -+ >> -+ option_state_dereference(&opt_state, MDL); >> -+ } >> -+ >> -+ return (unicast_option_defined); >> -+} >> -+ >> -+/* >> - * Get the client identifier from the packet. >> - */ >> - isc_result_t >> -@@ -706,6 +748,12 @@ static const int required_opts[] =3D { >> - D6O_PREFERENCE, >> - 0 >> - }; >> -+static const int required_opts_NAA[] =3D { >> -+ D6O_CLIENTID, >> -+ D6O_SERVERID, >> -+ D6O_STATUS_CODE, >> -+ 0 >> -+}; >> - static const int required_opts_solicit[] =3D { >> - D6O_CLIENTID, >> - D6O_SERVERID, >> -@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl >> - reply.shared->group, >> NULL); >> - } >> -=20 >> -+ /* reject unicast message, unless we set unicast option */ >> -+ if ((packet->unicast =3D=3D ISC_TRUE) && !is_unicast_option_defined()) >> -+ /* >> -+ * RFC3315 section 18.2.1 (Request): >> -+ * >> -+ * When the server receives a Request message via unicast from a >> client >> -+ * to which the server has not sent a unicast option, the server >> -+ * discards the Request message and responds with a Reply message >> -+ * containing a Status Code option with the value UseMulticast, a >> Server >> -+ * Identifier option containing the server's DUID, the Client >> Identifier >> -+ * option from the client message, and no other options. >> -+ * >> -+ * Section 18.2.3 (Renew): >> -+ * >> -+ * When the server receives a Renew message via unicast from a >> client to >> -+ * which the server has not sent a unicast option, the server >> discards >> -+ * the Renew message and responds with a Reply message containing a >> -+ * Status Code option with the value UseMulticast, a Server >> Identifier >> -+ * option containing the server's DUID, the Client Identifier option >> -+ * from the client message, and no other options. >> -+ */ >> -+ { >> -+ /* Set the UseMulticast status code. */ >> -+ if (!set_status_code(STATUS_UseMulticast, >> -+ "Unicast not allowed by server.", >> -+ reply.opt_state)) { >> -+ log_error("lease_to_client: Unable to set " >> -+ "UseMulticast status code."); >> -+ goto exit; >> -+ } >> -+ >> -+ /* Rewind the cursor to the start. */ >> -+ reply.cursor =3D REPLY_OPTIONS_INDEX; >> -+ >> -+ /* >> -+ * Produce an reply that includes only: >> -+ * >> -+ * Status code. >> -+ * Server DUID. >> -+ * Client DUID. >> -+ */ >> -+ reply.cursor +=3D store_options6((char *)reply.buf.data + >> -+ reply.cursor, >> -+ sizeof(reply.buf) - >> -+ reply.cursor, >> -+ reply.opt_state, reply.packet, >> -+ required_opts_NAA, >> -+ NULL); >> -+ } >> -+ >> - /* >> - * RFC3315 section 17.2.2 (Solicit): >> - * >> -@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl >> - * Having stored the client's IA's, store any options that >> - * will fit in the remaining space. >> - */ >> -+ else=20 >> - reply.cursor +=3D store_options6((char *)reply.buf.data + >> reply.cursor, >> - sizeof(reply.buf) - reply.cursor, >> - reply.opt_state, reply.packet, >> -@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply >> - * Very similar to Solicit handling, except the server DUID is required. >> - */ >> -=20 >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_request(struct data_string *reply_ret, struct packet *packet) { >> - struct data_string client_id; >> -@@ -5078,7 +5176,6 @@ exit: >> - * except for the error code of when addresses don't match. >> - */ >> -=20 >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_renew(struct data_string *reply, struct packet *packet) { >> - struct data_string client_id; >> -@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r >> - goto exit; >> - } >> -=20 >> -- snprintf(status_msg, sizeof(status_msg), "%s received.", >> packet_type); >> -- if (!set_status_code(STATUS_Success, status_msg, opt_state)) { >> -- goto exit; >> -- } >> -+ /* reject unicast message, unless we set unicast option */ >> -+ if ((packet->unicast =3D=3D ISC_TRUE) && !is_unicast_option_defined()) { >> -+ /* >> -+ * RFC3315 section 18.2.6 (Release): >> -+ * >> -+ * When the server receives a Release message via unicast >> from a client >> -+ * to which the server has not sent a unicast option, the >> server >> -+ * discards the Release message and responds with a Reply >> message >> -+ * containing a Status Code option with value UseMulticast, >> a Server >> -+ * Identifier option containing the server's DUID, the >> Client Identifier >> -+ * option from the client message, and no other options. >> -+ * >> -+ * Section 18.2.7 (Decline): >> -+ * >> -+ * When the server receives a Decline message via unicast >> from a client >> -+ * to which the server has not sent a unicast option, the >> server >> -+ * discards the Decline message and responds with a Reply >> message >> -+ * containing a Status Code option with the value >> UseMulticast, a Server >> -+ * Identifier option containing the server's DUID, the >> Client Identifier >> -+ * option from the client message, and no other options. >> -+ */ >> -+ snprintf(status_msg, sizeof(status_msg), >> -+ "%s received unicast.", packet_type); >> -+ if (!set_status_code(STATUS_UseMulticast, status_msg, >> opt_state)) { >> -+ goto exit; >> -+ } >> -=20 >> -- /*=20 >> -- * Add our options that are not associated with any IA_NA or IA_TA.=20 >> -- */ >> -- reply_ofs +=3D store_options6(reply_data+reply_ofs, >> -- sizeof(reply_data)-reply_ofs,=20 >> -+ /* >> -+ * Produce an reply that includes only: >> -+ * >> -+ * Status code. >> -+ * Server DUID. >> -+ * Client DUID. >> -+ */ >> -+ reply_ofs +=3D store_options6(reply_data+reply_ofs, >> -+ sizeof(reply_data)-reply_ofs, >> - opt_state, packet, >> -- required_opts, NULL); >> -+ required_opts_NAA, NULL); >> -+ >> -+ goto return_reply; >> -+ } else { >> -+ snprintf(status_msg, sizeof(status_msg), "%s received.", >> packet_type); >> -+ if (!set_status_code(STATUS_Success, status_msg, opt_state)) >> { >> -+ goto exit; >> -+ } >> -+ >> -+ /* >> -+ * Add our options that are not associated with any IA_NA or >> IA_TA. >> -+ */ >> -+ reply_ofs +=3D store_options6(reply_data+reply_ofs, >> -+ sizeof(reply_data)-reply_ofs, >> -+ opt_state, packet, >> -+ required_opts, NULL); >> -+ } >> -=20 >> - /* >> - * Loop through the IA_NA reported by the client, and deal with >> -@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r >> - /*=20 >> - * Return our reply to the caller. >> - */ >> -+return_reply: >> - reply_ret->len =3D reply_ofs; >> - reply_ret->buffer =3D NULL; >> - if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) { >> -@@ -5516,7 +5656,6 @@ exit: >> - * we still need to be aware of this possibility. >> - */ >> -=20 >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - /* TODO: IA_TA */ >> - static void >> - dhcpv6_decline(struct data_string *reply, struct packet *packet) { >> -@@ -5986,7 +6125,6 @@ exit: >> - * Release means a client is done with the leases. >> - */ >> -=20 >> --/* TODO: reject unicast messages, unless we set unicast option */ >> - static void >> - dhcpv6_release(struct data_string *reply, struct packet *packet) { >> - struct data_string client_id; >> diff --git a/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> b/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> deleted file mode 100644 >> index 103824c38..000000000 >> --- a/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch >> +++ /dev/null >> @@ -1,14 +0,0 @@ >> -diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispat= ch.c >> ---- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 >> 01:25:12.000000000 +0100 >> -+++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100 >> -@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref >> - isc_interval_t interval; >> - isc_time_t expires; >> -=20 >> -+ if (when =3D=3D NULL) { >> -+ return; >> -+ } >> -+ >> - /* See if this timeout supersedes an existing timeout. */ >> - t =3D (struct timeout *)0; >> - for (q =3D timeouts; q; q =3D q->next) { >> diff --git a/src/patches/dhcp/dhcp-capability.patch b/src/patches/dhcp/dhc= p- >> capability.patch >> deleted file mode 100644 >> index 91a1baef5..000000000 >> --- a/src/patches/dhcp/dhcp-capability.patch >> +++ /dev/null >> @@ -1,250 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclie= nt.8 >> ---- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 >> 17:38:26.938599402 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200 >> -@@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr >> - .B -w >> - ] >> - [ >> -+.B -nc >> -+] >> -+[ >> - .B -B >> - ] >> - [ >> -@@ -304,6 +307,32 @@ has been added or removed, so that the c >> - address on that interface. >> -=20 >> - .TP >> -+.BI \-nc >> -+Do not drop capabilities. >> -+ >> -+Normally, if >> -+.B dhclient >> -+was compiled with libcap-ng support, >> -+.B dhclient >> -+drops most capabilities immediately upon startup. While more secure, >> -+this greatly restricts the additional actions that hooks in >> -+.B dhclient-script (8) >> -+can take. (For example, any daemons that=20 >> -+.B dhclient-script (8) >> -+starts or restarts will inherit the restricted capabilities as well, >> -+which may interfere with their correct operation.) Thus, the >> -+.BI \-nc >> -+option can be used to prevent >> -+.B dhclient >> -+from dropping capabilities. >> -+ >> -+The >> -+.BI \-nc >> -+option is ignored if >> -+.B dhclient >> -+was not compiled with libcap-ng support. >> -+ >> -+.TP >> - .BI \-B >> - Set the BOOTP broadcast flag in request packets so servers will always >> - broadcast replies. >> -diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclie= nt.c >> ---- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 >> 17:39:25.797764653 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200 >> -@@ -39,6 +39,10 @@ >> - #include >> - #include >> -=20 >> -+#ifdef HAVE_LIBCAP_NG >> -+#include >> -+#endif >> -+ >> - /* >> - * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to defi= ne >> - * that when building ISC code. >> -@@ -143,6 +147,9 @@ main(int argc, char **argv) { >> - int timeout_arg =3D 0; >> - char *arg_conf =3D NULL; >> - int arg_conf_len =3D 0; >> -+#ifdef HAVE_LIBCAP_NG >> -+ int keep_capabilities =3D 0; >> -+#endif >> -=20 >> - /* Initialize client globals. */ >> - memset(&default_duid, 0, sizeof(default_duid)); >> -@@ -425,6 +432,10 @@ main(int argc, char **argv) { >> - } >> -=20 >> - dhclient_request_options =3D argv[i]; >> -+ } else if (!strcmp(argv[i], "-nc")) { >> -+#ifdef HAVE_LIBCAP_NG >> -+ keep_capabilities =3D 1; >> -+#endif >> - } else if (argv[i][0] =3D=3D '-') { >> - usage(); >> - } else if (interfaces_requested < 0) { >> -@@ -473,6 +484,19 @@ main(int argc, char **argv) { >> - path_dhclient_script =3D s; >> - } >> -=20 >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_CAPS); >> -+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_DAC_OVERRIDE); // Drop this someday >> -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_NET_ADMIN, CAP_NET_RAW, >> -+ CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1); >> -+ capng_apply(CAPNG_SELECT_CAPS); >> -+ } >> -+#endif >> -+ >> - /* Set up the initial dhcp option universe. */ >> - initialize_common_option_spaces(); >> -=20 >> -diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp- >> 4.3.1b1/client/dhclient-script.8 >> ---- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 >> 17:39:25.761765163 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 >> 17:39:25.851763887 +0200 >> -@@ -243,6 +243,16 @@ repeatedly initialized to the values pro >> - the other. Assuming the information provided by both servers is >> - valid, this shouldn't cause any real problems, but it could be >> - confusing. >> -+.PP >> -+Normally, if dhclient was compiled with libcap-ng support, >> -+dhclient drops most capabilities immediately upon startup. >> -+While more secure, this greatly restricts the additional actions that >> -+hooks in dhclient-script can take. For example, any daemons that >> -+dhclient-script starts or restarts will inherit the restricted >> -+capabilities as well, which may interfere with their correct operation. >> -+Thus, the >> -+.BI \-nc >> -+option can be used to prevent dhclient from dropping capabilities. >> - .SH SEE ALSO >> - dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and >> - dhclient.leases(5). >> -diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp- >> 4.3.1b1/client/Makefile.am >> ---- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 >> 17:38:10.778828583 +0200 >> -+++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 >> +0200 >> -@@ -10,7 +10,7 @@ dhclient_SOURCES =3D clparse.c dhclient.c >> - scripts/bsdos scripts/freebsd scripts/linux scripts/macos >> \ >> - scripts/netbsd scripts/nextstep scripts/openbsd \ >> - scripts/solaris scripts/openwrt >> --dhclient_LDADD =3D ../common/libdhcp.a ../omapip/libomapi.a \ >> -+dhclient_LDADD =3D ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDA= DD) \ >> - $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc >> - man_MANS =3D dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.lease= s.5 >> - EXTRA_DIST =3D $(man_MANS) >> -diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac >> ---- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 >> +0200 >> -+++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200 >> -@@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], >> - # Look for optional headers. >> - AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h) >> -=20 >> -+# look for capabilities library >> -+AC_ARG_WITH(libcap-ng, >> -+ [ --with-libcap-ng=3D[auto/yes/no] Add Libcap-ng support >> [default=3Dauto]],, >> -+ with_libcap_ng=3Dauto) >> -+ >> -+# Check for Libcap-ng API >> -+# >> -+# libcap-ng detection >> -+if test x$with_libcap_ng =3D xno ; then >> -+ have_libcap_ng=3Dno; >> -+else >> -+ # Start by checking for header file >> -+ AC_CHECK_HEADER(cap-ng.h, capng_headers=3Dyes, capng_headers=3Dno) >> -+ >> -+ # See if we have libcap-ng library >> -+ AC_CHECK_LIB(cap-ng, capng_clear, >> -+ CAPNG_LDADD=3D-lcap-ng,) >> -+ >> -+ # Check results are usable >> -+ if test x$with_libcap_ng =3D xyes -a x$CAPNG_LDADD =3D x ; then >> -+ AC_MSG_ERROR(libcap-ng support was requested and the library was = not >> found) >> -+ fi >> -+ if test x$CAPNG_LDADD !=3D x -a $capng_headers =3D no ; then >> -+ AC_MSG_ERROR(libcap-ng libraries found but headers are missing) >> -+ fi >> -+fi >> -+AC_SUBST(CAPNG_LDADD) >> -+AC_MSG_CHECKING(whether to use libcap-ng) >> -+if test x$CAPNG_LDADD !=3D x ; then >> -+ AC_DEFINE(HAVE_LIBCAP_NG,1,[libcap-ng support]) >> -+ AC_MSG_RESULT(yes) >> -+else >> -+ AC_MSG_RESULT(no) >> -+fi >> -+ >> - # Solaris needs some libraries for functions >> - AC_SEARCH_LIBS(socket, [socket]) >> - AC_SEARCH_LIBS(inet_ntoa, [nsl]) >> -diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay= .c >> ---- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 >> +0200 >> -+++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200 >> -@@ -31,6 +31,11 @@ >> - #include >> - #include >> -=20 >> -+#ifdef HAVE_LIBCAP_NG >> -+# include >> -+ int keep_capabilities =3D 0; >> -+#endif >> -+ >> - TIME default_lease_time =3D 43200; /* 12 hours... */ >> - TIME max_lease_time =3D 86400; /* 24 hours... */ >> - struct tree_cache *global_options[256]; >> -@@ -376,6 +381,10 @@ main(int argc, char **argv) { >> - usage(); >> - dhcrelay_sub_id =3D argv[i]; >> - #endif >> -+ } else if (!strcmp(argv[i], "-nc")) { >> -+#ifdef HAVE_LIBCAP_NG >> -+ keep_capabilities =3D 1; >> -+#endif >> - } else if (!strcmp(argv[i], "-pf")) { >> - if (++i =3D=3D argc) >> - usage(); >> -@@ -446,6 +455,17 @@ main(int argc, char **argv) { >> - #endif >> - } >> -=20 >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_BOTH); >> -+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, >> -+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, -1); >> -+ capng_apply(CAPNG_SELECT_BOTH); >> -+ log_info ("Dropped all unnecessary capabilities."); >> -+ } >> -+#endif >> -+ >> - if (!quiet) { >> - log_info("%s %s", message, PACKAGE_VERSION); >> - log_info(copyright); >> -@@ -598,6 +618,15 @@ main(int argc, char **argv) { >> - signal(SIGTERM, dhcp_signal_handler); /* kill */ >> - #endif >> -=20 >> -+#ifdef HAVE_LIBCAP_NG >> -+ /* Drop all capabilities */ >> -+ if (!keep_capabilities) { >> -+ capng_clear(CAPNG_SELECT_BOTH); >> -+ capng_apply(CAPNG_SELECT_BOTH); >> -+ log_info ("Dropped all capabilities."); >> -+ } >> -+#endif >> -+ >> - /* Start dispatching packets and timeouts... */ >> - dispatch(); >> -=20 >> -diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefil= e.am >> ---- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 >> 17:38:10.780828554 +0200 >> -+++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200 >> -@@ -2,7 +2,7 @@ AM_CPPFLAGS =3D -DLOCALSTATEDIR=3D'"@localst >> -=20 >> - sbin_PROGRAMS =3D dhcrelay >> - dhcrelay_SOURCES =3D dhcrelay.c >> --dhcrelay_LDADD =3D ../common/libdhcp.a ../omapip/libomapi.a \ >> -+dhcrelay_LDADD =3D ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDA= DD) \ >> - $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc >> - man_MANS =3D dhcrelay.8 >> - EXTRA_DIST =3D $(man_MANS) >> diff --git a/src/patches/dhcp/dhcp-default-requested-options.patch >> b/src/patches/dhcp/dhcp-default-requested-options.patch >> deleted file mode 100644 >> index afda222e6..000000000 >> --- a/src/patches/dhcp/dhcp-default-requested-options.patch >> +++ /dev/null >> @@ -1,44 +0,0 @@ >> -diff -up dhcp-4.3.0a1/client/clparse.c.requested dhcp- >> 4.3.0a1/client/clparse.c >> ---- dhcp-4.3.0a1/client/clparse.c.requested 2013-12-19 >> 15:13:27.276631307 +0100 >> -+++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:13:27.313630789 +0100 >> -@@ -37,7 +37,7 @@ >> -=20 >> - struct client_config top_level_config; >> -=20 >> --#define NUM_DEFAULT_REQUESTED_OPTS 9 >> -+#define NUM_DEFAULT_REQUESTED_OPTS 14 >> - struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1]; >> -=20 >> - static void parse_client_default_duid(struct parse *cfile); >> -@@ -119,6 +119,31 @@ isc_result_t read_client_conf () >> - option_code_hash_lookup(&default_requested_options[8], >> - dhcpv6_universe.code_hash, &code, 0, MDL); >> -=20 >> -+ /* 10 */ >> -+ code =3D DHO_NIS_DOMAIN; >> -+ option_code_hash_lookup(&default_requested_options[9], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 11 */ >> -+ code =3D DHO_NIS_SERVERS; >> -+ option_code_hash_lookup(&default_requested_options[10], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 12 */ >> -+ code =3D DHO_NTP_SERVERS; >> -+ option_code_hash_lookup(&default_requested_options[11], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 13 */ >> -+ code =3D DHO_INTERFACE_MTU; >> -+ option_code_hash_lookup(&default_requested_options[12], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> -+ /* 14 */ >> -+ code =3D DHO_DOMAIN_SEARCH; >> -+ option_code_hash_lookup(&default_requested_options[13], >> -+ dhcp_universe.code_hash, &code, 0, MDL); >> -+ >> - for (code =3D 0 ; code < NUM_DEFAULT_REQUESTED_OPTS ; code++) { >> - if (default_requested_options[code] =3D=3D NULL) >> - log_fatal("Unable to find option definition for " >> diff --git a/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> b/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> deleted file mode 100644 >> index 3e52e6400..000000000 >> --- a/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch >> +++ /dev/null >> @@ -1,63 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/dhclient.c.JwFUZj dhcp-4.3.1b1/client/dhclie= nt.c >> ---- dhcp-4.3.1b1/client/dhclient.c.JwFUZj 2014-07-10 >> 17:38:50.511265091 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:16.164901267 +0200 >> -@@ -1281,6 +1281,8 @@ void state_init (cpp) >> - void *cpp; >> - { >> - struct client_state *client =3D cpp; >> -+ enum dhcp_state init_state =3D client->state; >> -+ struct timeval tv; >> -=20 >> - ASSERT_STATE(state, S_INIT); >> -=20 >> -@@ -1293,9 +1295,18 @@ void state_init (cpp) >> - client -> first_sending =3D cur_time; >> - client -> interval =3D client -> config -> initial_interval; >> -=20 >> -- /* Add an immediate timeout to cause the first DHCPDISCOVER packet >> -- to go out. */ >> -- send_discover (client); >> -+ if (init_state !=3D S_DECLINED) { >> -+ /* Add an immediate timeout to cause the first DHCPDISCOVER >> packet >> -+ to go out. */ >> -+ send_discover(client); >> -+ } else { >> -+ /* We've received an OFFER and it has been DECLINEd by >> dhclient-script. >> -+ * wait for a random time between 1 and backoff_cutoff >> seconds before >> -+ * trying again. */ >> -+ tv . tv_sec =3D cur_time + ((1 + (random() >> 2)) % client- >> >config->backoff_cutoff); >> -+ tv . tv_usec =3D 0; >> -+ add_timeout(&tv, send_discover, client, 0, 0); >> -+ } >> - } >> -=20 >> - /* >> -@@ -1592,6 +1603,7 @@ void bind_lease (client) >> - "try (declined). Exiting."); >> - exit(2); >> - } else { >> -+ client -> state =3D S_DECLINED; >> - state_init(client); >> - return; >> - } >> -@@ -4059,6 +4071,7 @@ void client_location_changed () >> - case S_INIT: >> - case S_REBINDING: >> - case S_STOPPED: >> -+ case S_DECLINED: >> - break; >> - } >> - client -> state =3D S_INIT; >> -diff -up dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj dhcp-4.3.1b1/includes/dhcpd= .h >> ---- dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj 2014-07-10 17:38:26.941599360 >> +0200 >> -+++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:50.526264878 +0200 >> -@@ -1087,7 +1087,8 @@ enum dhcp_state { >> - S_BOUND =3D 5, >> - S_RENEWING =3D 6, >> - S_REBINDING =3D 7, >> -- S_STOPPED =3D 8 >> -+ S_STOPPED =3D 8, >> -+ S_DECLINED =3D 9 >> - }; >> -=20 >> - /* Authentication and BOOTP policy possibilities (not all values work >> diff --git a/src/patches/dhcp/dhcp-dhclient-options.patch >> b/src/patches/dhcp/dhcp-dhclient-options.patch >> deleted file mode 100644 >> index 67f144ecb..000000000 >> --- a/src/patches/dhcp/dhcp-dhclient-options.patch >> +++ /dev/null >> @@ -1,509 +0,0 @@ >> -diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse= .c >> ---- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 >> +0200 >> -+++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200 >> -@@ -148,6 +148,7 @@ isc_result_t read_client_conf () >> - /* Requested lease time, used by DHCPv6 (DHCPv4 uses the option >> cache) >> - */ >> - top_level_config.requested_lease =3D 7200; >> -+ top_level_config.bootp_broadcast_always =3D 0; >> -=20 >> - group_allocate (&top_level_config.on_receipt, MDL); >> - if (!top_level_config.on_receipt) >> -@@ -353,7 +354,8 @@ void read_client_leases () >> - interface-declaration | >> - LEASE client-lease-statement | >> - ALIAS client-lease-statement | >> -- KEY key-definition */ >> -+ KEY key-definition | >> -+ BOOTP_BROADCAST_ALWAYS */ >> -=20 >> - void parse_client_statement (cfile, ip, config) >> - struct parse *cfile; >> -@@ -771,6 +773,12 @@ void parse_client_statement (cfile, ip, >> - parse_reject_statement (cfile, config); >> - return; >> -=20 >> -+ case BOOTP_BROADCAST_ALWAYS: >> -+ token =3D next_token(&val, (unsigned*)0, cfile); >> -+ config -> bootp_broadcast_always =3D 1; >> -+ parse_semi (cfile); >> -+ return; >> -+ >> - default: >> - lose =3D 0; >> - stmt =3D (struct executable_statement *)0; >> -diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclie= nt.8 >> ---- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 >> 19:58:38.000000000 +0200 >> -+++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200 >> -@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr >> - .B -w >> - ] >> - [ >> -+.B -B >> -+] >> -+[ >> -+.B -C >> -+.I dhcp-client-identifier >> -+] >> -+[ >> -+.B -H >> -+.I host-name >> -+] >> -+[ >> -+.B -F >> -+.I fqdn.fqdn >> -+] >> -+[ >> -+.B -V >> -+.I vendor-class-identifier >> -+] >> -+[ >> -+.B -R >> -+.I request-option-list >> -+] >> -+[ >> -+.B -timeout >> -+.I timeout >> -+] >> -+[ >> - .B -v >> - ] >> - [ >> -@@ -275,6 +302,69 @@ not to exit when it doesn't find any suc >> - program can then be used to notify the client when a network interface >> - has been added or removed, so that the client can attempt to configure a= n IP >> - address on that interface. >> -+ >> -+.TP >> -+.BI \-B >> -+Set the BOOTP broadcast flag in request packets so servers will always >> -+broadcast replies. >> -+ >> -+.TP >> -+.BI \-C\ >> -+Specify the dhcp-client-identifier option to send to the DHCP server. >> -+ >> -+.TP >> -+.BI \-H\ >> -+Specify the host-name option to send to the DHCP server. The host-name >> -+string only contains the client's hostname prefix, to which the server w= ill >> -+append the ddns-domainname or domain-name options, if any, to derive the >> -+fully qualified domain name of the client. The >> -+.B -H >> -+option cannot be used with the >> -+.B -F >> -+option. >> -+ >> -+.TP >> -+.BI \-F\ >> -+Specify the fqdn.fqdn option to send to the DHCP server. This option ca= nnot >> -+be used with the >> -+.B -H >> -+option. The fqdn.fqdn option must specify the complete domain name of t= he >> -+client host, which the server may use for dynamic DNS updates. >> -+ >> -+.TP >> -+.BI \-V\ >> -+Specify the vendor-class-identifier option to send to the DHCP server. >> -+ >> -+.TP >> -+.BI \-R\