#
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see . #
+# #
+###############################################################################
+
+# Check if all appropriate variables are set
+[ -n "${INTERFACE}" ] || exit 2
+
+# Ignore virtual interfaces, etc.
+case "${INTERFACE}" in
+ lo)
+ exit 0
+ ;;
+ tun*)
+ exit 0
+ ;;
+ ppp*)
+ exit 0
+ ;;
+esac
+
+# Check if INTERFACE actually exists
+[ -d "/sys/class/net/${INTERFACE}" ] || exit 1
+
+# If the network configuration is not readable,
+# we cannot go on.
+if [ ! -r "/var/ipfire/ethernet/settings" ]; then
+ exit 1
+fi
+
+# Read network settings
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
+# Standard zones
+ZONES="RED GREEN ORANGE BLUE"
+
+# Determine the address of INTERFACE
+ADDRESS="$(new();
my $ccode = $gi->country_code_by_name($srcaddr);
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index a6d705619..b0041ef42 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -437,14 +437,6 @@ sub writeipsecfiles {
}
print CONF "\n";
}#foreach key
-
- # Add post user includes to config file
- # After the GUI-connections allows to patch connections.
- if (-e "/etc/ipsec.user-post.conf") {
- print CONF "include /etc/ipsec.user-post.conf\n";
- print CONF "\n";
- }
-
print SECRETS $last_secrets if ($last_secrets);
close(CONF);
close(SECRETS);
@@ -969,9 +961,9 @@ END
if (!$errormessage) {
&General::log("ipsec", "Creating cacert...");
if (open(STDIN, "-|")) {
- my $opt = " req -x509 -nodes -rand /proc/interrupts:/proc/net/rt_cache";
+ my $opt = " req -x509 -sha256 -nodes";
$opt .= " -days 999999";
- $opt .= " -newkey rsa:2048";
+ $opt .= " -newkey rsa:4096";
$opt .= " -keyout ${General::swroot}/private/cakey.pem";
$opt .= " -out ${General::swroot}/ca/cacert.pem";
@@ -992,8 +984,8 @@ END
if (!$errormessage) {
&General::log("ipsec", "Creating host cert...");
if (open(STDIN, "-|")) {
- my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ my $opt = " req -sha256 -nodes";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/hostkey.pem";
$opt .= " -out ${General::swroot}/certs/hostreq.pem";
$errormessage = &callssl ($opt);
@@ -1028,7 +1020,7 @@ END
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in ${General::swroot}/certs/hostreq.pem";
$opt .= " -out ${General::swroot}/certs/hostcert.pem";
@@ -1451,7 +1443,7 @@ END
# Sign the certificate request
&General::log("ipsec", "Signing your cert $cgiparams{'NAME'}...");
- my $opt = " ca -days 999999";
+ my $opt = " ca -md sha256 -days 999999";
$opt .= " -batch -notext";
$opt .= " -in $filename";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
@@ -1686,7 +1678,7 @@ END
if (open(STDIN, "-|")) {
my $opt = " req -nodes -rand /proc/interrupts:/proc/net/rt_cache";
- $opt .= " -newkey rsa:1024";
+ $opt .= " -newkey rsa:2048";
$opt .= " -keyout ${General::swroot}/certs/$cgiparams{'NAME'}key.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
@@ -1723,7 +1715,7 @@ END
print $fh "subjectAltName=$cgiparams{'SUBJECTALTNAME'}" if ($cgiparams{'SUBJECTALTNAME'});
close ($fh);
- my $opt = " ca -days 999999 -batch -notext";
+ my $opt = " ca -md sha256 -days 999999 -batch -notext";
$opt .= " -in ${General::swroot}/certs/$cgiparams{'NAME'}req.pem";
$opt .= " -out ${General::swroot}/certs/$cgiparams{'NAME'}cert.pem";
$opt .= " -extfile $v3extname";
@@ -1886,12 +1878,12 @@ END
$cgiparams{'REMOTE_ID'} = '';
#use default advanced value
- $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[18];
- $cgiparams{'IKE_INTEGRITY'} = 'sha2_256|sha|md5'; #[19];
+ $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[18];
+ $cgiparams{'IKE_INTEGRITY'} = 'sha2_512|sha2_256|sha'; #[19];
$cgiparams{'IKE_GROUPTYPE'} = '4096|3072|2048|1536|1024'; #[20];
$cgiparams{'IKE_LIFETIME'} = '3'; #[16];
- $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[21];
- $cgiparams{'ESP_INTEGRITY'} = 'sha2_256|sha1|md5'; #[22];
+ $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[21];
+ $cgiparams{'ESP_INTEGRITY'} = 'sha2_512|sha2_256|sha1'; #[22];
$cgiparams{'ESP_GROUPTYPE'} = ''; #[23];
$cgiparams{'ESP_KEYLIFE'} = '1'; #[17];
$cgiparams{'COMPRESSION'} = 'on'; #[13];
@@ -2145,7 +2137,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
@@ -2156,7 +2148,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
@@ -2176,8 +2168,8 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$errormessage = $Lang::tr{'invalid input for ike lifetime'};
goto ADVANCED_ERROR;
}
- if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 24) {
- $errormessage = $Lang::tr{'ike lifetime should be between 1 and 24 hours'};
+ if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 8) {
+ $errormessage = $Lang::tr{'ike lifetime should be between 1 and 8 hours'};
goto ADVANCED_ERROR;
}
@temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
@@ -2186,7 +2178,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
@@ -2197,7 +2189,7 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(sha2_512|sha2_384|sha2_256|sha1|md5|aesxcbc)$/) {
+ if ($val !~ /^(sha2_(512|384|256)|sha1|md5|aesxcbc)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
@@ -2297,6 +2289,15 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$checked{'IKE_ENCRYPTION'}{'aes256'} = '';
$checked{'IKE_ENCRYPTION'}{'aes192'} = '';
$checked{'IKE_ENCRYPTION'}{'aes128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'IKE_ENCRYPTION'}{'3des'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia256'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia192'} = '';
@@ -2328,6 +2329,15 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
$checked{'ESP_ENCRYPTION'}{'aes256'} = '';
$checked{'ESP_ENCRYPTION'}{'aes192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'ESP_ENCRYPTION'}{'3des'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia256'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia192'} = '';
@@ -2406,24 +2416,42 @@ if(($cgiparams{'ACTION'} eq $Lang::tr{'advanced'}) ||
| $Lang::tr{'encryption'} |
|
|
diff --git a/lfs/acpid b/lfs/acpid
index ff85e1cb5..686fadad1 100644
--- a/lfs/acpid
+++ b/lfs/acpid
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.0.16
+VER = 2.0.23
THISAPP = acpid-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d59fc02c9c34f0d5c137495302e2c074
+$(DL_FILE)_MD5 = d7bcdcdefcd53b03730e50ba842554ea
install : $(TARGET)
diff --git a/lfs/apache2 b/lfs/apache2
index 5e8862546..0d7b11ed0 100644
--- a/lfs/apache2
+++ b/lfs/apache2
@@ -25,7 +25,7 @@
include Config
-VER = 2.2.27
+VER = 2.2.29
THISAPP = httpd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -47,7 +47,7 @@ objects = $(DL_FILE) \
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch
-$(DL_FILE)_MD5 = 8faef0decf3fa7e69b2568eb2105a3d8
+$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e
httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822
install : $(TARGET)
diff --git a/lfs/curl b/lfs/curl
index 715d79d07..0fd92c184 100644
--- a/lfs/curl
+++ b/lfs/curl
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 7.31.0
+VER = 7.40.0
THISAPP = curl-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6f26843f7e3a2fb06e02f68a55efe8c7
+$(DL_FILE)_MD5 = 58943642ea0ed050ab0431ea1caf3a6f
install : $(TARGET)
diff --git a/lfs/cyrus-sasl b/lfs/cyrus-sasl
index af2b14889..84f49d935 100644
--- a/lfs/cyrus-sasl
+++ b/lfs/cyrus-sasl
@@ -24,7 +24,7 @@
include Config
-VER = 2.1.21
+VER = 2.1.26
THISAPP = cyrus-sasl-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -49,7 +49,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = dde02db234dea892bee298390890502e
+$(DL_FILE)_MD5 = a7f4e5e559a0e37b3ffc438c9456e425
install : $(TARGET)
@@ -82,7 +82,6 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/cyrus-sasl-2.1.22-bad-elif.patch
cd $(DIR_APP) && sed -i '/sasl_global/s/^static //' lib/client.c
cd $(DIR_APP) && sed -i 's/cat8/man8/' saslauthd/Makefile.am
cd $(DIR_APP) && autoconf
@@ -90,7 +89,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
ifeq "$(PASS)" ""
cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \
--with-dbpath=/var/lib/sasl/sasldb2 \
- --with-saslauthd=/var/run/saslauthd
+ --with-saslauthd=/var/run/saslauthd \
+ --with-des=no --with-rc4=no
cd $(DIR_APP) && make
cd $(DIR_APP) && make install
install -v -m700 -d /var/lib/sasl
diff --git a/lfs/dhcp b/lfs/dhcp
index 083c31fa1..9a89d40bf 100644
--- a/lfs/dhcp
+++ b/lfs/dhcp
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2012 IPFire Team #
+# Copyright (C) 2007-2015 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 4.2.2
+VER = 4.3.1
THISAPP = dhcp-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = bb0f0434cd796f76aa7cead391d71f31
+$(DL_FILE)_MD5 = b3a42ece3c7f2cd2e74a3e12ca881d20
install : $(TARGET)
@@ -71,38 +71,33 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-remove-bind.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-errwarn-message.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-release-by-ifup.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-unicast-bootp.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-dhclient-usage.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-default-requested-options.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-xen-checksum.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-manpages.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-paths.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-CLOEXEC.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-inherit-leases.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-garbage-chars.patch
- # ???
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-capability.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-logpid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-UseMulticast.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-sendDecline.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-retransmission.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-rfc3442-classless-static-routes.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-honor-expired.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-noprefixavail.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-sharedlib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.0-PPP.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-lpf-ib.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-improved-xid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.2-gpxe-cid.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-remove-bind.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-errwarn-message.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-release-by-ifup.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-unicast-bootp.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-default-requested-options.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-xen-checksum.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-manpages.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paths.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-CLOEXEC.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-garbage-chars.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-64_bit_lease_parse.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-capability.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-logpid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-UseMulticast.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sendDecline.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-rfc3442-classless-static-routes.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-honor-expired.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-sharedlib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-PPP.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-paranoia.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-lpf-ib.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-improved-xid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-gpxe-cid.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/dhcp/dhcp-stateless-DUID-LLT.patch
# Remove bundled BIND stuff.
# (requires newer autoconf)
diff --git a/lfs/dhcpcd b/lfs/dhcpcd
index f7a8c361c..e73d99c65 100644
--- a/lfs/dhcpcd
+++ b/lfs/dhcpcd
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2012 IPFire Team #
+# Copyright (C) 2015 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 5.2.9
+VER = 6.7.1
THISAPP = dhcpcd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = aabe4a3c1f23c55f2c99a416c9085de9
+$(DL_FILE)_MD5 = ffb716b0e9327968e7200d519e1d4c0d
install : $(TARGET)
diff --git a/lfs/expat b/lfs/expat
index 8e4db7559..99e458d15 100644
--- a/lfs/expat
+++ b/lfs/expat
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.0.0
+VER = 2.1.0
THISAPP = expat-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d945df7f1c0868c5c73cf66ba9596f3f
+$(DL_FILE)_MD5 = dd7dab7a5fea97d2a6a43f511449b7cd
install : $(TARGET)
@@ -73,7 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && ./configure --prefix=/usr --disable-nls
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
- cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.0.0
- cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.0.0
+ cd $(DIR_APP) && install -v -m755 -d /usr/share/doc/expat-2.1.0
+ cd $(DIR_APP) && install -v -m644 doc/*.{html,png,css} /usr/share/doc/expat-2.1.0
@rm -rf $(DIR_APP)
@$(POSTBUILD)
diff --git a/lfs/flash-images b/lfs/flash-images
index 6c8818059..530bf339b 100644
--- a/lfs/flash-images
+++ b/lfs/flash-images
@@ -211,6 +211,7 @@ endif
-fsck.ext4 -f -y $(PART_ROOT)
fsck.ext4 -f -y $(PART_ROOT)
+ sleep 10 #Ubuntu compiling: allow time to automount/dismount
kpartx -d -v $(DEVICE)
losetup -d $(DEVICE)
diff --git a/lfs/groff b/lfs/groff
index 1739fee23..a0bb0bd3f 100644
--- a/lfs/groff
+++ b/lfs/groff
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2011 IPFire Team #
+# Copyright (C) 2007-2015 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.21
+VER = 1.22.3
THISAPP = groff-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 8b8cd29385b97616a0f0d96d0951c5bf
+$(DL_FILE)_MD5 = cc825fa64bc7306a885f2fb2268d3ec5
install : $(TARGET)
diff --git a/lfs/initscripts b/lfs/initscripts
index f656c72a7..400594136 100755
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -176,6 +176,7 @@ $(TARGET) :
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
+ ln -sf ../init.d/network-trigger /etc/rc.d/rcsysinit.d/S90network-trigger
ln -sf ../init.d/network-vlans /etc/rc.d/rcsysinit.d/S91network-vlans
ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd
ln -sf ../init.d/wlanclient /etc/rc.d/rc0.d/K82wlanclient
diff --git a/lfs/iputils b/lfs/iputils
index 7741c0ed0..bb0879369 100644
--- a/lfs/iputils
+++ b/lfs/iputils
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,12 +24,12 @@
include Config
-VER = ss020927
+VER = s20121221
THISAPP = iputils-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
-DIR_APP = $(DIR_SRC)/iputils
+DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = b5493f7a2997130a4f86c486c9993b86
+$(DL_FILE)_MD5 = 6072aef64205720dd1893b375e184171
install : $(TARGET)
@@ -69,10 +69,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-headers.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-20020927-rh.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/iputils-glibckernheaders.patch
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && make ping tracepath
cd $(DIR_APP) && install -m 4755 ping /usr/bin
cd $(DIR_APP) && install -m 0755 tracepath /usr/bin
diff --git a/lfs/libjpeg b/lfs/libjpeg
index 5e0785926..8b4c0778c 100644
--- a/lfs/libjpeg
+++ b/lfs/libjpeg
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.3.0
+VER = 1.3.1
THISAPP = libjpeg-turbo-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = e1e65cc711a1ade1322c06ad4a647741
+$(DL_FILE)_MD5 = 2c3a68129dac443a72815ff5bb374b05
install : $(TARGET)
diff --git a/lfs/logrotate b/lfs/logrotate
index 8f81b2df5..0904074ba 100644
--- a/lfs/logrotate
+++ b/lfs/logrotate
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2014 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 3.7.1
+VER = 3.8.1
THISAPP = logrotate-$(VER)
DL_FILE = logrotate_$(VER).orig.tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 552639142e163745f6bcd4f1f3816d8a
+$(DL_FILE)_MD5 = bd2e20d8dc644291b08f9215397d28a5
install : $(TARGET)
diff --git a/lfs/logwatch b/lfs/logwatch
index 755557a0b..7144d07f3 100644
--- a/lfs/logwatch
+++ b/lfs/logwatch
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 7.3.6
+VER = 7.4.1
THISAPP = logwatch-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 937d982006b2a76a83edfcfd2e5a9d7d
+$(DL_FILE)_MD5 = a0c3d8721f877bdcd4a9089eb1b4691b
install : $(TARGET)
@@ -99,7 +99,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
-mkdir -p /var/log/logwatch
chmod -v 755 /var/log/logwatch
-rm -rf /etc/logwatch/conf
- ln -vsf /usr/share/logwatch/default.config /etc/logwatch/conf
+ ln -vsf /usr/share/logwatch/default.conf /etc/logwatch/conf
@rm -rf $(DIR_APP)
@$(POSTBUILD)
diff --git a/lfs/nasm b/lfs/nasm
index f6aeac7a8..b77e7cbfd 100644
--- a/lfs/nasm
+++ b/lfs/nasm
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2015 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.10.03
+VER = 2.11.06
THISAPP = nasm-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = a5d0ed070476a7c5b4f0893dc4a4ea4b
+$(DL_FILE)_MD5 = 2b958e9f5d200641e6fc9564977aecc5
install : $(TARGET)
diff --git a/lfs/openssl-compat b/lfs/openssl-compat
index ad5d6649f..5e3c1ff70 100644
--- a/lfs/openssl-compat
+++ b/lfs/openssl-compat
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team #
+# Copyright (C) 2007-2015 IPFire Team #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
diff --git a/lfs/strongswan b/lfs/strongswan
index 43995b5a1..77c287a09 100644
--- a/lfs/strongswan
+++ b/lfs/strongswan
@@ -93,6 +93,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--enable-farp \
--enable-openssl \
--enable-gcrypt \
+ --enable-gcm \
--enable-xauth-eap \
--enable-xauth-noauth \
--enable-eap-radius \
diff --git a/lfs/udev b/lfs/udev
index 15dae817b..e58839c40 100644
--- a/lfs/udev
+++ b/lfs/udev
@@ -93,9 +93,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
rm -f /lib/udev/rules.d/80-net-name-slot.rules
- # Create rule file for the setup
- touch /etc/udev/rules.d/30-persistent-network.rules
-
# Blacklist some modules
cp -vf $(DIR_SRC)/config/udev/blacklist.conf /etc/modprobe.d/blacklist.conf
@@ -107,6 +104,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
install -v -m 644 $(DIR_SRC)/config/udev/25-alsa.rules \
/lib/udev/rules.d
+ # Install network rules.
+ install -v -m 755 $(DIR_SRC)/config/udev/network-hotplug-rename \
+ /lib/udev/network-hotplug-rename
+ install -v -m 644 $(DIR_SRC)/config/udev/60-net.rules \
+ /lib/udev/rules.d
+
# Install hwrng rules.
install -v -m 644 $(DIR_SRC)/config/udev/90-hwrng.rules \
/lib/udev/rules.d
diff --git a/src/initscripts/init.d/network-trigger b/src/initscripts/init.d/network-trigger
new file mode 100644
index 000000000..0d9de45c6
--- /dev/null
+++ b/src/initscripts/init.d/network-trigger
@@ -0,0 +1,22 @@
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/network-trigger
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "${1}" in
+ start)
+ boot_mesg "Triggering network devices..."
+ udevadm trigger --action="add" --subsystem-match="net"
+ evaluate_retval
+ ;;
+
+ *)
+ echo "Usage: ${0} {start}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/network-trigger
diff --git a/src/installer/main.c b/src/installer/main.c
index 358b2c46f..75c8c5ae0 100644
--- a/src/installer/main.c
+++ b/src/installer/main.c
@@ -833,8 +833,11 @@ int main(int argc, char *argv[]) {
newtPopWindow();
- /* Set marker that the user has already accepted the gpl */
- mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
+ /* Set marker that the user has already accepted the GPL if the license has been shown
+ * in the installation process. In unatteded mode, the user will be presented the
+ * license when he or she logs on to the web user interface for the first time. */
+ if (!config.unattended)
+ mysystem(logfile, "/usr/bin/touch /harddisk/var/ipfire/main/gpl_accepted");
/* Copy restore file from cdrom */
char* backup_file = hw_find_backup_file(logfile, SOURCE_MOUNT_PATH);
diff --git a/src/patches/cyrus-sasl-2.1.22-bad-elif.patch b/src/patches/cyrus-sasl-2.1.22-bad-elif.patch
deleted file mode 100644
index 33550c428..000000000
--- a/src/patches/cyrus-sasl-2.1.22-bad-elif.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -up cyrus-sasl-2.1.22/plugins/digestmd5.c.elif cyrus-sasl-2.1.22/plugins/digestmd5.c
---- cyrus-sasl-2.1.22/plugins/digestmd5.c.elif 2009-01-23 09:40:31.000000000 +0100
-+++ cyrus-sasl-2.1.22/plugins/digestmd5.c 2009-02-06 15:20:15.000000000 +0100
-@@ -2743,7 +2743,7 @@ static sasl_server_plug_t digestmd5_serv
- "DIGEST-MD5", /* mech_name */
- #ifdef WITH_RC4
- 128, /* max_ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
-@@ -4071,7 +4071,7 @@ static sasl_client_plug_t digestmd5_clie
- "DIGEST-MD5",
- #ifdef WITH_RC4 /* mech_name */
- 128, /* max ssf */
--#elif WITH_DES
-+#elif defined(WITH_DES)
- 112,
- #else
- 1,
diff --git a/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch b/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch
deleted file mode 100644
index 4784d5a68..000000000
--- a/src/patches/dhcp-4.2.0-add_timeout_when_NULL.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -up dhcp-4.2.0/common/dispatch.c.dracut dhcp-4.2.0/common/dispatch.c
---- dhcp-4.2.0/common/dispatch.c.dracut 2010-06-01 19:29:59.000000000 +0200
-+++ dhcp-4.2.0/common/dispatch.c 2010-07-21 16:10:09.000000000 +0200
-@@ -189,6 +189,10 @@ void add_timeout (when, where, what, ref
- isc_interval_t interval;
- isc_time_t expires;
-
-+ if (when == NULL) {
-+ return;
-+ }
-+
- /* See if this timeout supersedes an existing timeout. */
- t = (struct timeout *)0;
- for (q = timeouts; q; q = q->next) {
diff --git a/src/patches/dhcp-4.2.0-errwarn-message.patch b/src/patches/dhcp-4.2.0-errwarn-message.patch
deleted file mode 100644
index a0f70cd04..000000000
--- a/src/patches/dhcp-4.2.0-errwarn-message.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-diff -up dhcp-4.2.0/omapip/errwarn.c.errwarn dhcp-4.2.0/omapip/errwarn.c
---- dhcp-4.2.0/omapip/errwarn.c.errwarn 2009-07-23 20:52:21.000000000 +0200
-+++ dhcp-4.2.0/omapip/errwarn.c 2010-07-21 13:23:47.000000000 +0200
-@@ -76,20 +76,13 @@ void log_fatal (const char * fmt, ... )
-
- #if !defined (NOMINUM)
- log_error ("%s", "");
-- log_error ("If you did not get this software from ftp.isc.org, please");
-- log_error ("get the latest from ftp.isc.org and install that before");
-- log_error ("requesting help.");
-+ log_error ("This version of ISC DHCP is based on the release available");
-+ log_error ("on ftp.isc.org. Features have been added and other changes");
-+ log_error ("have been made to the base software release in order to make");
-+ log_error ("it work better with this distribution.");
- log_error ("%s", "");
-- log_error ("If you did get this software from ftp.isc.org and have not");
-- log_error ("yet read the README, please read it before requesting help.");
-- log_error ("If you intend to request help from the dhcp-server@isc.org");
-- log_error ("mailing list, please read the section on the README about");
-- log_error ("submitting bug reports and requests for help.");
-- log_error ("%s", "");
-- log_error ("Please do not under any circumstances send requests for");
-- log_error ("help directly to the authors of this software - please");
-- log_error ("send them to the appropriate mailing list as described in");
-- log_error ("the README file.");
-+ log_error ("Please report for this software via the Red Hat Bugzilla site:");
-+ log_error (" http://bugzilla.redhat.com");
- log_error ("%s", "");
- log_error ("exiting.");
- #endif
diff --git a/src/patches/dhcp-4.2.0-garbage-chars.patch b/src/patches/dhcp-4.2.0-garbage-chars.patch
deleted file mode 100644
index 118ff3fc1..000000000
--- a/src/patches/dhcp-4.2.0-garbage-chars.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up dhcp-4.2.0/common/tables.c.garbage dhcp-4.2.0/common/tables.c
---- dhcp-4.2.0/common/tables.c.garbage 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.0/common/tables.c 2010-07-21 14:40:56.000000000 +0200
-@@ -207,7 +207,7 @@ static struct option dhcp_options[] = {
- { "netinfo-server-tag", "t", &dhcp_universe, 113, 1 },
- { "default-url", "t", &dhcp_universe, 114, 1 },
- { "subnet-selection", "I", &dhcp_universe, 118, 1 },
-- { "domain-search", "Dc", &dhcp_universe, 119, 1 },
-+ { "domain-search", "D", &dhcp_universe, 119, 1 },
- { "vivco", "Evendor-class.", &dhcp_universe, 124, 1 },
- { "vivso", "Evendor.", &dhcp_universe, 125, 1 },
- #if 0
diff --git a/src/patches/dhcp-4.2.0-inherit-leases.patch b/src/patches/dhcp-4.2.0-inherit-leases.patch
deleted file mode 100644
index 052f64259..000000000
--- a/src/patches/dhcp-4.2.0-inherit-leases.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-diff -up dhcp-4.2.0/client/dhclient.c.inherit dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.inherit 2010-07-21 14:33:44.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 14:40:05.000000000 +0200
-@@ -2322,6 +2322,7 @@ void send_request (cpp)
- {
- struct client_state *client = cpp;
-
-+ int i;
- int result;
- int interval;
- struct sockaddr_in destination;
-@@ -2381,6 +2382,22 @@ void send_request (cpp)
- /* Now do a preinit on the interface so that we can
- discover a new address. */
- script_init (client, "PREINIT", (struct string_list *)0);
-+
-+ /* Has an active lease */
-+ if (client -> interface -> addresses != NULL) {
-+ for (i = 0; i < client -> interface -> address_count; i++) {
-+ if (client -> active &&
-+ client -> active -> is_bootp &&
-+ client -> active -> expiry > cur_time &&
-+ client -> interface -> addresses[i].s_addr != 0 &&
-+ client -> active -> address.len == 4 &&
-+ memcpy (client -> active -> address.iabuf, &(client -> interface -> addresses[i]), 4) == 0) {
-+ client_envadd (client, "", "keep_old_ip", "%s", "yes");
-+ break;
-+ }
-+ }
-+ }
-+
- if (client -> alias)
- script_write_params (client, "alias_",
- client -> alias);
diff --git a/src/patches/dhcp-4.2.0-logpid.patch b/src/patches/dhcp-4.2.0-logpid.patch
deleted file mode 100644
index c24adb14a..000000000
--- a/src/patches/dhcp-4.2.0-logpid.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up dhcp-4.2.0/client/dhclient.c.logpid dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.logpid 2010-07-21 16:13:52.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 16:16:51.000000000 +0200
-@@ -154,7 +154,7 @@ main(int argc, char **argv) {
- else if (fd != -1)
- close(fd);
-
-- openlog("dhclient", LOG_NDELAY, LOG_DAEMON);
-+ openlog("dhclient", LOG_NDELAY | LOG_PID, LOG_DAEMON);
-
- #if !(defined(DEBUG) || defined(__CYGWIN32__))
- setlogmask(LOG_UPTO(LOG_INFO));
diff --git a/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch b/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch
deleted file mode 100644
index b60411545..000000000
--- a/src/patches/dhcp-4.2.0-missing-ipv6-not-fatal.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-diff -up dhcp-4.2.0/common/discover.c.noipv6 dhcp-4.2.0/common/discover.c
---- dhcp-4.2.0/common/discover.c.noipv6 2010-07-21 14:31:13.000000000 +0200
-+++ dhcp-4.2.0/common/discover.c 2010-07-21 16:04:57.000000000 +0200
-@@ -443,7 +443,7 @@ begin_iface_scan(struct iface_conf_list
- }
-
- #ifdef DHCPv6
-- if (local_family == AF_INET6) {
-+ if ((local_family == AF_INET6) && !access("/proc/net/if_inet6", R_OK)) {
- ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
-@@ -454,6 +454,8 @@ begin_iface_scan(struct iface_conf_list
- ifaces->fp = NULL;
- return 0;
- }
-+ } else {
-+ ifaces->fp6 = NULL;
- }
- #endif
-
-@@ -721,7 +723,7 @@ next_iface(struct iface_info *info, int
- return 1;
- }
- #ifdef DHCPv6
-- if (!(*err)) {
-+ if (!(*err) && ifaces->fp6) {
- if (local_family == AF_INET6)
- return next_iface6(info, err, ifaces);
- }
-@@ -740,7 +742,8 @@ end_iface_scan(struct iface_conf_list *i
- ifaces->sock = -1;
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- fclose(ifaces->fp6);
-+ if (ifaces->fp6)
-+ fclose(ifaces->fp6);
- ifaces->fp6 = NULL;
- }
- #endif
diff --git a/src/patches/dhcp-4.2.0-noprefixavail.patch b/src/patches/dhcp-4.2.0-noprefixavail.patch
deleted file mode 100644
index 729a1726a..000000000
--- a/src/patches/dhcp-4.2.0-noprefixavail.patch
+++ /dev/null
@@ -1,140 +0,0 @@
-diff -up dhcp-4.2.0/server/dhcpv6.c.noprefixavail dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.noprefixavail 2010-10-07 13:48:45.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-10-13 11:00:25.000000000 +0200
-@@ -1134,7 +1134,7 @@ try_client_v6_prefix(struct iasubopt **p
- return DHCP_R_INVALIDARG;
- }
- tmp_plen = (int) requested_pref->data[0];
-- if ((tmp_plen < 3) || (tmp_plen > 128)) {
-+ if ((tmp_plen < 3) || (tmp_plen > 128) ||((int)tmp_plen != pool->units)) {
- return ISC_R_FAILURE;
- }
- memcpy(&tmp_pref, requested_pref->data + 1, sizeof(tmp_pref));
-@@ -1147,9 +1147,8 @@ try_client_v6_prefix(struct iasubopt **p
- return ISC_R_FAILURE;
- }
-
-- if (((int)tmp_plen != pool->units) ||
-- !ipv6_in_pool(&tmp_pref, pool)) {
-- return ISC_R_FAILURE;
-+ if (!ipv6_in_pool(&tmp_pref, pool)) {
-+ return ISC_R_ADDRNOTAVAIL;
- }
-
- if (prefix6_exists(pool, &tmp_pref, tmp_plen)) {
-@@ -1409,13 +1408,6 @@ lease_to_client(struct data_string *repl
- if ((status != ISC_R_SUCCESS) &&
- (status != ISC_R_NORESOURCES))
- goto exit;
--
-- /*
-- * If any prefix cannot be given to any IA_PD, then
-- * set the NoPrefixAvail status code.
-- */
-- if (reply.client_resources == 0)
-- no_resources_avail = ISC_TRUE;
- }
-
- /*
-@@ -1549,36 +1541,6 @@ lease_to_client(struct data_string *repl
- reply.opt_state, reply.packet,
- required_opts_NAA,
- NULL);
-- } else if (no_resources_avail && (reply.ia_count == 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
-- {
-- /* Set the NoPrefixAvail status code. */
-- if (!set_status_code(STATUS_NoPrefixAvail,
-- "No prefixes available for this "
-- "interface.", reply.opt_state)) {
-- log_error("lease_to_client: Unable to set "
-- "NoPrefixAvail status code.");
-- goto exit;
-- }
--
-- /* Rewind the cursor to the start. */
-- reply.cursor = REPLY_OPTIONS_INDEX;
--
-- /*
-- * Produce an advertise that includes only:
-- *
-- * Status code.
-- * Server DUID.
-- * Client DUID.
-- */
-- reply.buf.reply.msg_type = DHCPV6_ADVERTISE;
-- reply.cursor += store_options6((char *)reply.buf.data +
-- reply.cursor,
-- sizeof(reply.buf) -
-- reply.cursor,
-- reply.opt_state, reply.packet,
-- required_opts_NAA,
-- NULL);
- } else {
- /*
- * Having stored the client's IA's, store any options that
-@@ -2793,16 +2755,18 @@ find_client_temporaries(struct reply_sta
- */
- static isc_result_t
- reply_process_try_addr(struct reply_state *reply, struct iaddr *addr) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_addr;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (addr == NULL) ||
-- (reply->lease != NULL))
-+ (addr == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_addr, 0, sizeof(data_addr));
- data_addr.len = addr->len;
- data_addr.data = addr->iabuf;
-@@ -3314,7 +3278,9 @@ reply_process_ia_pd(struct reply_state *
- if (status == ISC_R_CANCELED)
- break;
-
-- if ((status != ISC_R_SUCCESS) && (status != ISC_R_ADDRINUSE))
-+ if ((status != ISC_R_SUCCESS) &&
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
- }
-
-@@ -3594,7 +3560,8 @@ reply_process_prefix(struct reply_state
-
- /* Either error out or skip this prefix. */
- if ((status != ISC_R_SUCCESS) &&
-- (status != ISC_R_ADDRINUSE))
-+ (status != ISC_R_ADDRINUSE) &&
-+ (status != ISC_R_ADDRNOTAVAIL))
- goto cleanup;
-
- if (reply->lease == NULL) {
-@@ -3773,16 +3740,18 @@ prefix_is_owned(struct reply_state *repl
- static isc_result_t
- reply_process_try_prefix(struct reply_state *reply,
- struct iaddrcidrnet *pref) {
-- isc_result_t status = ISC_R_NORESOURCES;
-+ isc_result_t status = ISC_R_ADDRNOTAVAIL;
- struct ipv6_pool *pool;
- int i;
- struct data_string data_pref;
-
- if ((reply == NULL) || (reply->shared == NULL) ||
-- (reply->shared->ipv6_pools == NULL) || (pref == NULL) ||
-- (reply->lease != NULL))
-+ (pref == NULL) || (reply->lease != NULL))
- return DHCP_R_INVALIDARG;
-
-+ if (reply->shared->ipv6_pools == NULL)
-+ return ISC_R_ADDRNOTAVAIL;
-+
- memset(&data_pref, 0, sizeof(data_pref));
- data_pref.len = 17;
- if (!buffer_allocate(&data_pref.buffer, data_pref.len, MDL)) {
diff --git a/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch b/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch
deleted file mode 100644
index a540bc19f..000000000
--- a/src/patches/dhcp-4.2.1-64_bit_lease_parse.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-diff -up dhcp-4.2.1b1/common/dispatch.c.64-bit_lease_parse dhcp-4.2.1b1/common/dispatch.c
-diff -up dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse dhcp-4.2.1b1/common/parse.c
---- dhcp-4.2.1b1/common/parse.c.64-bit_lease_parse 2010-12-30 00:01:42.000000000 +0100
-+++ dhcp-4.2.1b1/common/parse.c 2011-01-28 08:01:10.000000000 +0100
-@@ -909,8 +909,8 @@ TIME
- parse_date_core(cfile)
- struct parse *cfile;
- {
-- int guess;
-- int tzoff, wday, year, mon, mday, hour, min, sec;
-+ TIME guess;
-+ long int tzoff, wday, year, mon, mday, hour, min, sec;
- const char *val;
- enum dhcp_token token;
- static int months[11] = { 31, 59, 90, 120, 151, 181,
-@@ -936,7 +936,7 @@ parse_date_core(cfile)
- }
-
- token = next_token(&val, NULL, cfile); /* consume number */
-- guess = atoi(val);
-+ guess = atol(val);
-
- return((TIME)guess);
- }
-@@ -948,7 +948,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of week */
-- wday = atoi(val);
-+ wday = atol(val);
-
- /* Year... */
- token = peek_token(&val, NULL, cfile);
-@@ -964,7 +964,7 @@ parse_date_core(cfile)
- somebody invents a time machine, I think we can safely disregard
- it. This actually works around a stupid Y2K bug that was present
- in a very early beta release of dhcpd. */
-- year = atoi(val);
-+ year = atol(val);
- if (year > 1900)
- year -= 1900;
-
-@@ -988,7 +988,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume month */
-- mon = atoi(val) - 1;
-+ mon = atol(val) - 1;
-
- /* Slash separating month from day... */
- token = peek_token(&val, NULL, cfile);
-@@ -1010,7 +1010,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume day of month */
-- mday = atoi(val);
-+ mday = atol(val);
-
- /* Hour... */
- token = peek_token(&val, NULL, cfile);
-@@ -1021,7 +1021,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume hour */
-- hour = atoi(val);
-+ hour = atol(val);
-
- /* Colon separating hour from minute... */
- token = peek_token(&val, NULL, cfile);
-@@ -1043,7 +1043,7 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume minute */
-- min = atoi(val);
-+ min = atol(val);
-
- /* Colon separating minute from second... */
- token = peek_token(&val, NULL, cfile);
-@@ -1065,13 +1065,13 @@ parse_date_core(cfile)
- return((TIME)0);
- }
- token = next_token(&val, NULL, cfile); /* consume second */
-- sec = atoi(val);
-+ sec = atol(val);
-
- tzoff = 0;
- token = peek_token(&val, NULL, cfile);
- if (token == NUMBER) {
- token = next_token(&val, NULL, cfile); /* consume tzoff */
-- tzoff = atoi(val);
-+ tzoff = atol(val);
- } else if (token != SEMI) {
- token = next_token(&val, NULL, cfile);
- parse_warn(cfile,
diff --git a/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch b/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch
deleted file mode 100644
index eeeea84fd..000000000
--- a/src/patches/dhcp-4.2.1-invalid-dhclient-conf.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up dhcp-4.2.1b1/client/dhclient.conf.supersede dhcp-4.2.1b1/client/dhclient.conf
---- dhcp-4.2.1b1/client/dhclient.conf.supersede 2010-09-15 01:03:56.000000000 +0200
-+++ dhcp-4.2.1b1/client/dhclient.conf 2011-01-27 18:38:28.000000000 +0100
-@@ -4,7 +4,7 @@ send dhcp-lease-time 3600;
- supersede domain-search "fugue.com", "home.vix.com";
- prepend domain-name-servers 127.0.0.1;
- request subnet-mask, broadcast-address, time-offset, routers,
-- domain-name, domain-name-servers, host-name;
-+ domain-search, domain-name-servers, host-name;
- require subnet-mask, domain-name-servers;
- timeout 60;
- retry 60;
diff --git a/src/patches/dhcp-4.2.1-retransmission.patch b/src/patches/dhcp-4.2.1-retransmission.patch
deleted file mode 100644
index 18e447f6a..000000000
--- a/src/patches/dhcp-4.2.1-retransmission.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-diff -up dhcp-4.2.1b1/client/dhc6.c.retransmission dhcp-4.2.1b1/client/dhc6.c
---- dhcp-4.2.1b1/client/dhc6.c.retransmission 2011-01-28 08:40:56.000000000 +0100
-+++ dhcp-4.2.1b1/client/dhc6.c 2011-01-28 08:39:22.000000000 +0100
-@@ -361,7 +361,7 @@ dhc6_retrans_init(struct client_state *c
- static void
- dhc6_retrans_advance(struct client_state *client)
- {
-- struct timeval elapsed;
-+ struct timeval elapsed, elapsed_after_RT;
-
- /* elapsed = cur - start */
- elapsed.tv_sec = cur_tv.tv_sec - client->start_time.tv_sec;
-@@ -378,6 +378,8 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_sec += 1;
- elapsed.tv_usec -= 1000000;
- }
-+ elapsed_after_RT.tv_sec = elapsed.tv_sec;
-+ elapsed_after_RT.tv_usec = elapsed.tv_usec;
-
- /*
- * RT for each subsequent message transmission is based on the previous
-@@ -415,13 +417,10 @@ dhc6_retrans_advance(struct client_state
- elapsed.tv_usec -= 1000000;
- }
- if (elapsed.tv_sec >= client->MRD) {
-- /*
-- * wake at RT + cur = start + MRD
-- */
-- client->RT = client->MRD +
-- (client->start_time.tv_sec - cur_tv.tv_sec);
-- client->RT = client->RT * 100 +
-- (client->start_time.tv_usec - cur_tv.tv_usec) / 10000;
-+ client->RT = client->MRD - elapsed_after_RT.tv_sec;
-+ client->RT = client->RT * 100 - elapsed_after_RT.tv_usec / 10000;
-+ if (client->RT < 0)
-+ client->RT = 0;
- }
- client->txcount++;
- }
-@@ -1497,7 +1496,7 @@ check_timing6 (struct client_state *clie
- }
-
- /* Check if finished (-1 argument). */
-- if ((client->MRD != 0) && (elapsed.tv_sec > client->MRD)) {
-+ if ((client->MRD != 0) && (elapsed.tv_sec >= client->MRD)) {
- log_info("Max retransmission duration exceeded.");
- return(CHK_TIM_MRD_EXCEEDED);
- }
diff --git a/src/patches/dhcp-4.2.2-dhclient-usage.patch b/src/patches/dhcp-4.2.2-dhclient-usage.patch
deleted file mode 100644
index 0d4194396..000000000
--- a/src/patches/dhcp-4.2.2-dhclient-usage.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -up dhcp-4.2.2b1/client/dhclient.c.usage dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.usage 2011-07-01 13:55:16.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:58:55.243800602 +0200
-@@ -1047,6 +1047,10 @@ static void usage()
- " [-s server-addr] [-cf config-file] "
- "[-lf lease-file]\n"
- " [-pf pid-file] [--no-pid] [-e VAR=val]\n"
-+ " [-I ] [-B]\n"
-+ " [-H | -F ] [-timeout ]\n"
-+ " [-V ]\n"
-+ " [-R ]\n"
- " [-sf script-file] [interface]");
- }
-
diff --git a/src/patches/dhcp-4.2.2-remove-bind.patch b/src/patches/dhcp-4.2.2-remove-bind.patch
deleted file mode 100644
index 629777227..000000000
--- a/src/patches/dhcp-4.2.2-remove-bind.patch
+++ /dev/null
@@ -1,149 +0,0 @@
-diff -up dhcp-4.2.2/client/Makefile.am.rh637017 dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.rh637017 2010-09-15 00:32:36.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-08-11 17:28:58.923897561 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/common/tests/Makefile.am.rh637017 dhcp-4.2.2/common/tests/Makefile.am
---- dhcp-4.2.2/common/tests/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/common/tests/Makefile.am 2011-08-11 17:33:45.258637236 +0200
-@@ -6,6 +6,5 @@ TESTS = test_alloc
-
- test_alloc_SOURCES = test_alloc.c
- test_alloc_LDADD = ../libdhcp.a ../../tests/libt_api.a \
-- ../../omapip/libomapi.a ../../bind/lib/libdns.a \
-- ../../bind/lib/libisc.a
--
-+ ../../omapip/libomapi.a \
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/configure.ac.rh637017 dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.rh637017 2011-07-20 02:32:18.000000000 +0200
-+++ dhcp-4.2.2/configure.ac 2011-08-11 17:28:58.924897535 +0200
-@@ -512,20 +512,37 @@ AC_CHECK_MEMBER(struct msghdr.msg_contro
- libbind=
- AC_ARG_WITH(libbind,
- AC_HELP_STRING([--with-libbind=PATH],
-- [bind includes and libraries are in PATH
-- (default is ./bind)]),
-+ [bind includes are in PATH
-+ (default is ./bind/includes)]),
- use_libbind="$withval", use_libbind="no")
- case "$use_libbind" in
-+yes|no)
-+ libbind="\${top_srcdir}/bind/include"
-+ ;;
-+*)
-+ libbind="$use_libbind"
-+ ;;
-+esac
-+
-+BIND9_LIBDIR='-L$(top_builddir)/bind/lib'
-+AC_ARG_WITH(libbind-libs,
-+ AC_HELP_STRING([--with-libbind-libs=PATH],
-+ [bind9 export libraries are in PATH]),
-+ [libbind_libs="$withval"], [libbind_libs='no'])
-+case "$libbind_libs" in
- yes)
-- libbind="\${top_srcdir}/bind"
-+ AC_MSG_ERROR([Specify path to bind9 libraries])
- ;;
- no)
-- libbind="\${top_srcdir}/bind"
-+ BUNDLED_BIND=yes
- ;;
- *)
-- libbind="$use_libbind"
-+ BIND9_LIBDIR="-L$libbind_libs"
-+ BUNDLED_BIND=no
- ;;
- esac
-+AM_CONDITIONAL([BUNDLED_BIND], [test "$BUNDLED_BIND" = yes])
-+AC_SUBST([BIND9_LIBDIR])
-
- # OpenLDAP support.
- AC_ARG_WITH(ldap,
-@@ -562,7 +579,7 @@ fi
- CFLAGS="$CFLAGS $STD_CWARNINGS"
-
- # Try to add the bind include directory
--CFLAGS="$CFLAGS -I$libbind/include"
-+CFLAGS="$CFLAGS -I$libbind"
-
- AC_C_FLEXIBLE_ARRAY_MEMBER
-
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-08-11 17:28:58.924897535 +0200
-@@ -6,10 +6,10 @@ EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
- omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
- cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-\ No newline at end of file
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/Makefile.am.rh637017 dhcp-4.2.2/Makefile.am
---- dhcp-4.2.2/Makefile.am.rh637017 2010-03-25 00:30:38.000000000 +0100
-+++ dhcp-4.2.2/Makefile.am 2011-08-11 17:28:58.925897509 +0200
-@@ -21,7 +21,13 @@ EXTRA_DIST = RELNOTES LICENSE \
- util/bindvar.sh \
- bind/Makefile bind/bind.tar.gz bind/version.tmp
-
--SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
-+if BUNDLED_BIND
-+SUBDIRS = bind
-+else
-+SUBDIRS =
-+endif
-+
-+SUBDIRS += includes tests common dst omapip client dhcpctl relay server
-
- nobase_include_HEADERS = dhcpctl/dhcpctl.h
-
-diff -up dhcp-4.2.2/omapip/Makefile.am.rh637017 dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.rh637017 2010-02-12 01:13:54.000000000 +0100
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-08-11 17:28:58.939897149 +0200
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a ../bind/lib/libdns.a ../bind/lib/libisc.a
-+svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.rh637017 dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.rh637017 2009-10-28 05:12:30.000000000 +0100
-+++ dhcp-4.2.2/relay/Makefile.am 2011-08-11 17:28:58.940897123 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../bind/lib/libdns.a ../bind/lib/libisc.a
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2/server/Makefile.am.rh637017 dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.rh637017 2010-03-24 22:49:47.000000000 +0100
-+++ dhcp-4.2.2/server/Makefile.am 2011-08-11 17:28:58.944897021 +0200
-@@ -8,8 +8,7 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a ../bind/lib/libdns.a \
-- ../bind/lib/libisc.a
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
diff --git a/src/patches/dhcp-4.2.2-sharedlib.patch b/src/patches/dhcp-4.2.2-sharedlib.patch
deleted file mode 100644
index 74fe9f1c0..000000000
--- a/src/patches/dhcp-4.2.2-sharedlib.patch
+++ /dev/null
@@ -1,119 +0,0 @@
-diff -up dhcp-4.2.2/client/Makefile.am.sharedlib dhcp-4.2.2/client/Makefile.am
---- dhcp-4.2.2/client/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/client/Makefile.am 2011-09-09 16:36:29.849007951 +0200
-@@ -4,7 +4,7 @@ dhclient_SOURCES = clparse.c dhclient.c
- scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
--dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/configure.ac.sharedlib dhcp-4.2.2/configure.ac
---- dhcp-4.2.2/configure.ac.sharedlib 2011-09-09 16:35:56.097000001 +0200
-+++ dhcp-4.2.2/configure.ac 2011-09-09 16:35:56.383000000 +0200
-@@ -30,7 +30,8 @@ fi
- # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
- AC_USE_SYSTEM_EXTENSIONS
-
--AC_PROG_RANLIB
-+# Use libtool to simplify building of shared libraries
-+AC_PROG_LIBTOOL
- AC_CONFIG_HEADERS([includes/config.h])
-
- # we sometimes need to know byte order for building packets
-diff -up dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib dhcp-4.2.2/dhcpctl/Makefile.am
---- dhcp-4.2.2/dhcpctl/Makefile.am.sharedlib 2011-09-09 16:35:55.459000001 +0200
-+++ dhcp-4.2.2/dhcpctl/Makefile.am 2011-09-09 16:35:56.384000000 +0200
-@@ -1,15 +1,15 @@
- bin_PROGRAMS = omshell
--lib_LIBRARIES = libdhcpctl.a
-+lib_LTLIBRARIES = libdhcpctl.la
- noinst_PROGRAMS = cltest
- man_MANS = omshell.1 dhcpctl.3
- EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
--omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-
--libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
--cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export
-diff -up dhcp-4.2.2/dst/base64.c.sharedlib dhcp-4.2.2/dst/base64.c
---- dhcp-4.2.2/dst/base64.c.sharedlib 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2/dst/base64.c 2011-09-09 16:35:56.385000000 +0200
-@@ -64,6 +64,7 @@ static const char rcsid[] = "$Id: base64
-
- #include
-
-+#include "dst_internal.h"
- #include "cdefs.h"
- #include "osdep.h"
- #include "arpa/nameser.h"
-diff -up dhcp-4.2.2/dst/Makefile.am.sharedlib dhcp-4.2.2/dst/Makefile.am
---- dhcp-4.2.2/dst/Makefile.am.sharedlib 2007-05-29 18:32:10.000000000 +0200
-+++ dhcp-4.2.2/dst/Makefile.am 2011-09-09 16:35:56.386000000 +0200
-@@ -1,8 +1,8 @@
- AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
-
--lib_LIBRARIES = libdst.a
-+lib_LTLIBRARIES = libdst.la
-
--libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
-+libdst_la_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
- base64.c prandom.c
-
- EXTRA_DIST = dst_internal.h md5.h md5_locl.h
-diff -up dhcp-4.2.2/omapip/Makefile.am.sharedlib dhcp-4.2.2/omapip/Makefile.am
---- dhcp-4.2.2/omapip/Makefile.am.sharedlib 2011-09-09 16:35:55.000000000 +0200
-+++ dhcp-4.2.2/omapip/Makefile.am 2011-09-09 16:37:36.734000324 +0200
-@@ -1,7 +1,7 @@
--lib_LIBRARIES = libomapi.a
-+lib_LTLIBRARIES = libomapi.la
- noinst_PROGRAMS = svtest
-
--libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
-+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
- errwarn.c listener.c dispatch.c generic.c support.c \
- handle.c message.c convert.c hash.c auth.c inet_addr.c \
- array.c trace.c toisc.c iscprint.c isclib.c
-@@ -10,5 +10,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+svtest_LDADD = libomapi.la $(BIND9_LIBDIR) -ldns-export -lisc-export
-
-diff -up dhcp-4.2.2/relay/Makefile.am.sharedlib dhcp-4.2.2/relay/Makefile.am
---- dhcp-4.2.2/relay/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/relay/Makefile.am 2011-09-09 16:37:57.058019749 +0200
-@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
-
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
--dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
- $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-diff -up dhcp-4.2.2/server/Makefile.am.sharedlib dhcp-4.2.2/server/Makefile.am
---- dhcp-4.2.2/server/Makefile.am.sharedlib 2011-09-09 16:35:56.000000000 +0200
-+++ dhcp-4.2.2/server/Makefile.am 2011-09-09 16:38:56.291004599 +0200
-@@ -7,8 +7,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
- dhcpv6.c mdb6.c ldap.c ldap_casa.c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
--dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ ../dhcpctl/libdhcpctl.la $(BIND9_LIBDIR) -ldns-export -lisc-export \
- $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
diff --git a/src/patches/dhcp/dhcp-64_bit_lease_parse.patch b/src/patches/dhcp/dhcp-64_bit_lease_parse.patch
new file mode 100644
index 000000000..a07b5b032
--- /dev/null
+++ b/src/patches/dhcp/dhcp-64_bit_lease_parse.patch
@@ -0,0 +1,75 @@
+diff -up dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse dhcp-4.3.0a1/common/parse.c
+--- dhcp-4.3.0a1/common/parse.c.64-bit_lease_parse 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/parse.c 2013-12-19 15:45:25.990771814 +0100
+@@ -938,8 +938,8 @@ TIME
+ parse_date_core(cfile)
+ struct parse *cfile;
+ {
+- int guess;
+- int tzoff, year, mon, mday, hour, min, sec;
++ TIME guess;
++ long int tzoff, year, mon, mday, hour, min, sec;
+ const char *val;
+ enum dhcp_token token;
+ static int months[11] = { 31, 59, 90, 120, 151, 181,
+@@ -965,7 +965,7 @@ parse_date_core(cfile)
+ }
+
+ skip_token(&val, NULL, cfile); /* consume number */
+- guess = atoi(val);
++ guess = atol(val);
+
+ return((TIME)guess);
+ }
+@@ -993,7 +993,7 @@ parse_date_core(cfile)
+ somebody invents a time machine, I think we can safely disregard
+ it. This actually works around a stupid Y2K bug that was present
+ in a very early beta release of dhcpd. */
+- year = atoi(val);
++ year = atol(val);
+ if (year > 1900)
+ year -= 1900;
+
+@@ -1039,7 +1039,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume day of month */
+- mday = atoi(val);
++ mday = atol(val);
+
+ /* Hour... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1050,7 +1050,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume hour */
+- hour = atoi(val);
++ hour = atol(val);
+
+ /* Colon separating hour from minute... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1072,7 +1072,7 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume minute */
+- min = atoi(val);
++ min = atol(val);
+
+ /* Colon separating minute from second... */
+ token = peek_token(&val, NULL, cfile);
+@@ -1094,13 +1094,13 @@ parse_date_core(cfile)
+ return((TIME)0);
+ }
+ skip_token(&val, NULL, cfile); /* consume second */
+- sec = atoi(val);
++ sec = atol(val);
+
+ tzoff = 0;
+ token = peek_token(&val, NULL, cfile);
+ if (token == NUMBER) {
+ skip_token(&val, NULL, cfile); /* consume tzoff */
+- tzoff = atoi(val);
++ tzoff = atol(val);
+ } else if (token != SEMI) {
+ skip_token(&val, NULL, cfile);
+ parse_warn(cfile,
diff --git a/src/patches/dhcp-4.2.2-CLOEXEC.patch b/src/patches/dhcp/dhcp-CLOEXEC.patch
similarity index 52%
rename from src/patches/dhcp-4.2.2-CLOEXEC.patch
rename to src/patches/dhcp/dhcp-CLOEXEC.patch
index b07e2ff06..722865e4f 100644
--- a/src/patches/dhcp-4.2.2-CLOEXEC.patch
+++ b/src/patches/dhcp/dhcp-CLOEXEC.patch
@@ -1,7 +1,7 @@
-diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.cloexec 2011-07-01 14:13:30.973887714 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 14:15:15.021580693 +0200
-@@ -246,7 +246,7 @@ int read_client_conf_file (const char *n
+diff -up dhcp-4.3.0a1/client/clparse.c.cloexec dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.cloexec 2013-12-19 15:34:41.638886256 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:34:41.657885985 +0100
+@@ -253,7 +253,7 @@ int read_client_conf_file (const char *n
int token;
isc_result_t status;
@@ -10,7 +10,7 @@ diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
return uerr2isc (errno);
cfile = NULL;
-@@ -283,7 +283,7 @@ void read_client_leases ()
+@@ -290,7 +290,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
@@ -19,9 +19,9 @@ diff -up dhcp-4.2.2b1/client/clparse.c.cloexec dhcp-4.2.2b1/client/clparse.c
return;
cfile = NULL;
-diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.cloexec 2011-07-01 14:13:30.970887717 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 14:16:51.485930388 +0200
+diff -up dhcp-4.3.0a1/client/dhclient.c.cloexec dhcp-4.3.0a1/client/dhclient.c
+--- dhcp-4.3.0a1/client/dhclient.c.cloexec 2013-12-19 15:34:41.629886384 +0100
++++ dhcp-4.3.0a1/client/dhclient.c 2013-12-19 15:36:41.608180467 +0100
@@ -148,11 +148,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
@@ -37,16 +37,16 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -506,7 +506,7 @@ main(int argc, char **argv) {
+@@ -504,7 +504,7 @@ main(int argc, char **argv) {
+ long temp;
int e;
- oldpid = 0;
- if ((pidfd = fopen(path_dhclient_pid, "r")) != NULL) {
+ if ((pidfd = fopen(path_dhclient_pid, "re")) != NULL) {
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -548,7 +548,7 @@ main(int argc, char **argv) {
+@@ -554,7 +554,7 @@ main(int argc, char **argv) {
strncpy(new_path_dhclient_pid, path_dhclient_pid, pfx);
sprintf(new_path_dhclient_pid + pfx, "-%s.pid", ip->name);
@@ -55,7 +55,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
e = fscanf(pidfd, "%ld\n", &temp);
oldpid = (pid_t)temp;
-@@ -573,7 +573,7 @@ main(int argc, char **argv) {
+@@ -579,7 +579,7 @@ main(int argc, char **argv) {
int dhc_running = 0;
char procfn[256] = "";
@@ -64,7 +64,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if ((fscanf(pidfp, "%ld", &temp)==1) && ((dhcpid=(pid_t)temp) > 0)) {
snprintf(procfn,256,"/proc/%u",dhcpid);
dhc_running = (access(procfn, F_OK) == 0);
-@@ -2995,7 +2995,7 @@ void rewrite_client_leases ()
+@@ -3077,7 +3077,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
@@ -73,7 +73,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return;
-@@ -3105,7 +3105,7 @@ write_duid(struct data_string *duid)
+@@ -3261,7 +3261,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */
@@ -82,7 +82,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
-@@ -3285,7 +3285,7 @@ int write_client_lease (client, lease, r
+@@ -3441,7 +3441,7 @@ int write_client_lease (client, lease, r
return 1;
if (leaseFile == NULL) { /* XXX */
@@ -91,20 +91,20 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if (leaseFile == NULL) {
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
-@@ -3772,9 +3772,9 @@ void go_daemon ()
- close(2);
+@@ -3952,9 +3952,9 @@ void go_daemon ()
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
write_client_pid_file ();
-@@ -3791,14 +3791,14 @@ void write_client_pid_file ()
+@@ -3971,14 +3971,14 @@ void write_client_pid_file ()
return;
}
@@ -121,10 +121,10 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.cloexec dhcp-4.2.2b1/client/dhclient.c
if (!pf) {
close(pfdesc);
log_error ("Can't fdopen %s: %m", path_dhclient_pid);
-diff -up dhcp-4.2.2b1/common/bpf.c.cloexec dhcp-4.2.2b1/common/bpf.c
---- dhcp-4.2.2b1/common/bpf.c.cloexec 2011-07-01 14:13:30.976887712 +0200
-+++ dhcp-4.2.2b1/common/bpf.c 2011-07-01 14:13:31.030887673 +0200
-@@ -94,7 +94,7 @@ int if_register_bpf (info)
+diff -up dhcp-4.3.0a1/common/bpf.c.cloexec dhcp-4.3.0a1/common/bpf.c
+--- dhcp-4.3.0a1/common/bpf.c.cloexec 2013-12-19 15:34:41.640886227 +0100
++++ dhcp-4.3.0a1/common/bpf.c 2013-12-19 15:34:41.661885928 +0100
+@@ -95,7 +95,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {
/* %Audit% 31 bytes max. %2004.06.17,Safe% */
sprintf(filename, BPF_FORMAT, b);
@@ -133,31 +133,10 @@ diff -up dhcp-4.2.2b1/common/bpf.c.cloexec dhcp-4.2.2b1/common/bpf.c
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/common/discover.c.cloexec dhcp-4.2.2b1/common/discover.c
---- dhcp-4.2.2b1/common/discover.c.cloexec 2011-06-27 18:18:20.000000000 +0200
-+++ dhcp-4.2.2b1/common/discover.c 2011-07-01 14:13:31.031887673 +0200
-@@ -421,7 +421,7 @@ begin_iface_scan(struct iface_conf_list
- int len;
- int i;
-
-- ifaces->fp = fopen("/proc/net/dev", "r");
-+ ifaces->fp = fopen("/proc/net/dev", "re");
- if (ifaces->fp == NULL) {
- log_error("Error opening '/proc/net/dev' to list interfaces");
- return 0;
-@@ -456,7 +456,7 @@ begin_iface_scan(struct iface_conf_list
-
- #ifdef DHCPv6
- if (local_family == AF_INET6) {
-- ifaces->fp6 = fopen("/proc/net/if_inet6", "r");
-+ ifaces->fp6 = fopen("/proc/net/if_inet6", "re");
- if (ifaces->fp6 == NULL) {
- log_error("Error opening '/proc/net/if_inet6' to "
- "list IPv6 interfaces; %m");
-diff -up dhcp-4.2.2b1/common/dlpi.c.cloexec dhcp-4.2.2b1/common/dlpi.c
---- dhcp-4.2.2b1/common/dlpi.c.cloexec 2011-07-01 14:13:30.977887712 +0200
-+++ dhcp-4.2.2b1/common/dlpi.c 2011-07-01 14:13:31.032887673 +0200
-@@ -806,7 +806,7 @@ dlpiopen(const char *ifname) {
+diff -up dhcp-4.3.0a1/common/dlpi.c.cloexec dhcp-4.3.0a1/common/dlpi.c
+--- dhcp-4.3.0a1/common/dlpi.c.cloexec 2013-12-19 15:34:41.641886213 +0100
++++ dhcp-4.3.0a1/common/dlpi.c 2013-12-19 15:34:41.662885914 +0100
+@@ -804,7 +804,7 @@ dlpiopen(const char *ifname) {
}
*dp = '\0';
@@ -166,9 +145,9 @@ diff -up dhcp-4.2.2b1/common/dlpi.c.cloexec dhcp-4.2.2b1/common/dlpi.c
}
/*
-diff -up dhcp-4.2.2b1/common/nit.c.cloexec dhcp-4.2.2b1/common/nit.c
---- dhcp-4.2.2b1/common/nit.c.cloexec 2011-07-01 14:13:30.978887712 +0200
-+++ dhcp-4.2.2b1/common/nit.c 2011-07-01 14:13:31.033887672 +0200
+diff -up dhcp-4.3.0a1/common/nit.c.cloexec dhcp-4.3.0a1/common/nit.c
+--- dhcp-4.3.0a1/common/nit.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/nit.c 2013-12-19 15:34:41.662885914 +0100
@@ -81,7 +81,7 @@ int if_register_nit (info)
struct strioctl sio;
@@ -178,10 +157,10 @@ diff -up dhcp-4.2.2b1/common/nit.c.cloexec dhcp-4.2.2b1/common/nit.c
if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);
-diff -up dhcp-4.2.2b1/common/resolv.c.cloexec dhcp-4.2.2b1/common/resolv.c
---- dhcp-4.2.2b1/common/resolv.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/common/resolv.c 2011-07-01 14:13:31.033887672 +0200
-@@ -49,7 +49,7 @@ void read_resolv_conf (parse_time)
+diff -up dhcp-4.3.0a1/common/resolv.c.cloexec dhcp-4.3.0a1/common/resolv.c
+--- dhcp-4.3.0a1/common/resolv.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/resolv.c 2013-12-19 15:34:41.663885900 +0100
+@@ -50,7 +50,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
@@ -190,9 +169,9 @@ diff -up dhcp-4.2.2b1/common/resolv.c.cloexec dhcp-4.2.2b1/common/resolv.c
log_error ("Can't open %s: %m", path_resolv_conf);
return;
}
-diff -up dhcp-4.2.2b1/common/upf.c.cloexec dhcp-4.2.2b1/common/upf.c
---- dhcp-4.2.2b1/common/upf.c.cloexec 2011-07-01 14:13:30.979887712 +0200
-+++ dhcp-4.2.2b1/common/upf.c 2011-07-01 14:13:31.034887671 +0200
+diff -up dhcp-4.3.0a1/common/upf.c.cloexec dhcp-4.3.0a1/common/upf.c
+--- dhcp-4.3.0a1/common/upf.c.cloexec 2013-12-19 15:34:41.642886199 +0100
++++ dhcp-4.3.0a1/common/upf.c 2013-12-19 15:34:41.663885900 +0100
@@ -77,7 +77,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
sprintf(filename, "/dev/pf/pfilt%d", b);
@@ -202,70 +181,10 @@ diff -up dhcp-4.2.2b1/common/upf.c.cloexec dhcp-4.2.2b1/common/upf.c
if (sock < 0) {
if (errno == EBUSY) {
continue;
-diff -up dhcp-4.2.2b1/dst/dst_api.c.cloexec dhcp-4.2.2b1/dst/dst_api.c
---- dhcp-4.2.2b1/dst/dst_api.c.cloexec 2009-10-29 01:46:48.000000000 +0100
-+++ dhcp-4.2.2b1/dst/dst_api.c 2011-07-01 14:13:31.035887670 +0200
-@@ -437,7 +437,7 @@ dst_s_write_private_key(const DST_KEY *k
- PRIVATE_KEY, PATH_MAX);
-
- /* Do not overwrite an existing file */
-- if ((fp = dst_s_fopen(file, "w", 0600)) != NULL) {
-+ if ((fp = dst_s_fopen(file, "we", 0600)) != NULL) {
- int nn;
- if ((nn = fwrite(encoded_block, 1, len, fp)) != len) {
- EREPORT(("dst_write_private_key(): Write failure on %s %d != %d errno=%d\n",
-@@ -494,7 +494,7 @@ dst_s_read_public_key(const char *in_nam
- * flags, proto, alg stored as decimal (or hex numbers FIXME).
- * (FIXME: handle parentheses for line continuation.)
- */
-- if ((fp = dst_s_fopen(name, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(name, "re", 0)) == NULL) {
- EREPORT(("dst_read_public_key(): Public Key not found %s\n",
- name));
- return (NULL);
-@@ -620,7 +620,7 @@ dst_s_write_public_key(const DST_KEY *ke
- return (0);
- }
- /* create public key file */
-- if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "w+e", 0644)) == NULL) {
- EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n",
- filename, errno));
- return (0);
-@@ -854,7 +854,7 @@ dst_s_read_private_key_file(char *name,
- return (0);
- }
- /* first check if we can find the key file */
-- if ((fp = dst_s_fopen(filename, "r", 0)) == NULL) {
-+ if ((fp = dst_s_fopen(filename, "re", 0)) == NULL) {
- EREPORT(("dst_s_read_private_key_file: Could not open file %s in directory %s\n",
- filename, dst_path[0] ? dst_path :
- (char *) getcwd(NULL, PATH_MAX - 1)));
-diff -up dhcp-4.2.2b1/dst/prandom.c.cloexec dhcp-4.2.2b1/dst/prandom.c
---- dhcp-4.2.2b1/dst/prandom.c.cloexec 2009-11-20 02:49:01.000000000 +0100
-+++ dhcp-4.2.2b1/dst/prandom.c 2011-07-01 14:13:31.035887670 +0200
-@@ -269,7 +269,7 @@ get_dev_random(u_char *output, unsigned
-
- s = stat("/dev/random", &st);
- if (s == 0 && S_ISCHR(st.st_mode)) {
-- if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) != -1) {
-+ if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK | O_CLOEXEC)) != -1) {
- if ((n = read(fd, output, size)) < 0)
- n = 0;
- close(fd);
-@@ -480,7 +480,7 @@ digest_file(dst_work *work)
- work->file_digest = dst_free_key(work->file_digest);
- return (0);
- }
-- if ((fp = fopen(name, "r")) == NULL)
-+ if ((fp = fopen(name, "re")) == NULL)
- return (0);
- for (no = 0; (i = fread(buf, sizeof(*buf), sizeof(buf), fp)) > 0;
- no += i)
-diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
---- dhcp-4.2.2b1/omapip/trace.c.cloexec 2010-05-27 02:34:57.000000000 +0200
-+++ dhcp-4.2.2b1/omapip/trace.c 2011-07-01 14:13:31.036887669 +0200
-@@ -141,10 +141,10 @@ isc_result_t trace_begin (const char *fi
+diff -up dhcp-4.3.0a1/omapip/trace.c.cloexec dhcp-4.3.0a1/omapip/trace.c
+--- dhcp-4.3.0a1/omapip/trace.c.cloexec 2013-12-11 01:01:03.000000000 +0100
++++ dhcp-4.3.0a1/omapip/trace.c 2013-12-19 15:34:41.663885900 +0100
+@@ -142,10 +142,10 @@ isc_result_t trace_begin (const char *fi
return DHCP_R_INVALIDARG;
}
@@ -278,7 +197,7 @@ diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
0600);
}
-@@ -431,7 +431,7 @@ void trace_file_replay (const char *file
+@@ -433,7 +433,7 @@ void trace_file_replay (const char *file
isc_result_t result;
int len;
@@ -287,10 +206,10 @@ diff -up dhcp-4.2.2b1/omapip/trace.c.cloexec dhcp-4.2.2b1/omapip/trace.c
if (!traceinfile) {
log_error("Can't open tracefile %s: %m", filename);
return;
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.cloexec 2011-05-10 15:07:37.000000000 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 14:18:07.630209767 +0200
-@@ -183,11 +183,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/relay/dhcrelay.c.cloexec dhcp-4.3.0a1/relay/dhcrelay.c
+--- dhcp-4.3.0a1/relay/dhcrelay.c.cloexec 2013-12-13 22:26:21.000000000 +0100
++++ dhcp-4.3.0a1/relay/dhcrelay.c 2013-12-19 15:34:41.664885886 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0(stdin), 1,(stdout), and
2(stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
@@ -305,7 +224,7 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -540,13 +540,13 @@ main(int argc, char **argv) {
+@@ -564,13 +564,13 @@ main(int argc, char **argv) {
if (no_pid_file == ISC_FALSE) {
pfdesc = open(path_dhcrelay_pid,
@@ -321,10 +240,10 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.cloexec dhcp-4.2.2b1/relay/dhcrelay.c
if (!pf)
log_error("Can't fdopen %s: %m",
path_dhcrelay_pid);
-diff -up dhcp-4.2.2b1/server/confpars.c.cloexec dhcp-4.2.2b1/server/confpars.c
---- dhcp-4.2.2b1/server/confpars.c.cloexec 2010-10-14 00:34:45.000000000 +0200
-+++ dhcp-4.2.2b1/server/confpars.c 2011-07-01 14:13:31.039887666 +0200
-@@ -116,7 +116,7 @@ isc_result_t read_conf_file (const char
+diff -up dhcp-4.3.0a1/server/confpars.c.cloexec dhcp-4.3.0a1/server/confpars.c
+--- dhcp-4.3.0a1/server/confpars.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/confpars.c 2013-12-19 15:34:41.665885871 +0100
+@@ -117,7 +117,7 @@ isc_result_t read_conf_file (const char
}
#endif
@@ -333,10 +252,10 @@ diff -up dhcp-4.2.2b1/server/confpars.c.cloexec dhcp-4.2.2b1/server/confpars.c
if (leasep) {
log_error ("Can't open lease database %s: %m --",
path_dhcpd_db);
-diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
---- dhcp-4.2.2b1/server/db.c.cloexec 2010-09-14 00:15:26.000000000 +0200
-+++ dhcp-4.2.2b1/server/db.c 2011-07-01 14:13:31.040887665 +0200
-@@ -1035,7 +1035,7 @@ void db_startup (testp)
+diff -up dhcp-4.3.0a1/server/db.c.cloexec dhcp-4.3.0a1/server/db.c
+--- dhcp-4.3.0a1/server/db.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/db.c 2013-12-19 15:34:41.666885857 +0100
+@@ -1081,7 +1081,7 @@ void db_startup (testp)
}
#endif
if (!testp) {
@@ -345,7 +264,7 @@ diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
if (!db_file)
log_fatal ("Can't open %s for append.", path_dhcpd_db);
expire_all_pools ();
-@@ -1083,12 +1083,12 @@ int new_lease_file ()
+@@ -1129,12 +1129,12 @@ int new_lease_file ()
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");
@@ -360,10 +279,10 @@ diff -up dhcp-4.2.2b1/server/db.c.cloexec dhcp-4.2.2b1/server/db.c
log_error("Can't fdopen new lease file: %m");
close(db_fd);
goto fdfail;
-diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.cloexec 2011-04-21 16:08:15.000000000 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 14:19:40.354124505 +0200
-@@ -270,11 +270,11 @@ main(int argc, char **argv) {
+diff -up dhcp-4.3.0a1/server/dhcpd.c.cloexec dhcp-4.3.0a1/server/dhcpd.c
+--- dhcp-4.3.0a1/server/dhcpd.c.cloexec 2013-12-13 22:26:01.000000000 +0100
++++ dhcp-4.3.0a1/server/dhcpd.c 2013-12-19 15:37:17.258674472 +0100
+@@ -193,11 +193,11 @@ main(int argc, char **argv) {
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
2 (stderr) are open. To do this, we assume that when we
open a file the lowest available file descriptor is used. */
@@ -378,7 +297,7 @@ diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
if (fd == 2)
log_perror = 0; /* No sense logging to /dev/null. */
else if (fd != -1)
-@@ -793,7 +793,7 @@ main(int argc, char **argv) {
+@@ -716,7 +716,7 @@ main(int argc, char **argv) {
*/
if (no_pid_file == ISC_FALSE) {
/*Read previous pid file. */
@@ -387,7 +306,7 @@ diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
status = read(i, pbuf, (sizeof pbuf) - 1);
close (i);
if (status > 0) {
-@@ -812,7 +812,7 @@ main(int argc, char **argv) {
+@@ -735,7 +735,7 @@ main(int argc, char **argv) {
}
/* Write new pid file. */
@@ -396,23 +315,23 @@ diff -up dhcp-4.2.2b1/server/dhcpd.c.cloexec dhcp-4.2.2b1/server/dhcpd.c
if (i >= 0) {
sprintf(pbuf, "%d\n", (int) getpid());
IGNORE_RET (write(i, pbuf, strlen(pbuf)));
-@@ -840,9 +840,9 @@ main(int argc, char **argv) {
- close(2);
+@@ -763,9 +763,9 @@ main(int argc, char **argv) {
+ (void) close(2);
/* Reopen them on /dev/null. */
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-- open("/dev/null", O_RDWR);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
-+ open("/dev/null", O_RDWR | O_CLOEXEC);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
+- (void) open("/dev/null", O_RDWR);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
++ (void) open("/dev/null", O_RDWR | O_CLOEXEC);
log_perror = 0; /* No sense logging to /dev/null. */
IGNORE_RET (chdir("/"));
-diff -up dhcp-4.2.2b1/server/ldap.c.cloexec dhcp-4.2.2b1/server/ldap.c
---- dhcp-4.2.2b1/server/ldap.c.cloexec 2010-03-25 16:26:58.000000000 +0100
-+++ dhcp-4.2.2b1/server/ldap.c 2011-07-01 14:13:31.043887665 +0200
-@@ -685,7 +685,7 @@ ldap_start (void)
+diff -up dhcp-4.3.0a1/server/ldap.c.cloexec dhcp-4.3.0a1/server/ldap.c
+--- dhcp-4.3.0a1/server/ldap.c.cloexec 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/server/ldap.c 2013-12-19 15:34:41.667885843 +0100
+@@ -684,7 +684,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{
diff --git a/src/patches/dhcp-4.2.0-PPP.patch b/src/patches/dhcp/dhcp-PPP.patch
similarity index 59%
rename from src/patches/dhcp-4.2.0-PPP.patch
rename to src/patches/dhcp/dhcp-PPP.patch
index bef2be7f0..5d022e432 100644
--- a/src/patches/dhcp-4.2.0-PPP.patch
+++ b/src/patches/dhcp/dhcp-PPP.patch
@@ -1,7 +1,31 @@
-diff -up dhcp-4.2.0-P1/client/dhc6.c.PPP dhcp-4.2.0-P1/client/dhc6.c
---- dhcp-4.2.0-P1/client/dhc6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhc6.c 2010-11-09 15:54:12.000000000 +0100
-@@ -129,7 +129,7 @@ extern int stateless;
+diff -up dhcp-4.3.1b1/client/dhc6.c.mRfpsB dhcp-4.3.1b1/client/dhc6.c
+--- dhcp-4.3.1b1/client/dhc6.c.mRfpsB 2014-07-10 17:48:03.779424870 +0200
++++ dhcp-4.3.1b1/client/dhc6.c 2014-07-10 17:48:03.795424644 +0200
+@@ -5088,7 +5088,8 @@ make_client6_options(struct client_state
+ */
+ if ((oc = lookup_option(&dhcpv6_universe, *op,
+ D6O_CLIENTID)) == NULL) {
+- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
++ if (default_duid.len == 0 ||
++ !option_cache(&oc, &default_duid, NULL, clientid_option,
+ MDL))
+ log_fatal("Failure assembling a DUID.");
+
+diff -up dhcp-4.3.1b1/client/dhclient.c.mRfpsB dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.mRfpsB 2014-07-10 17:39:25.853763858 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:49:49.882925843 +0200
+@@ -948,8 +948,8 @@ main(int argc, char **argv) {
+ if (default_duid.buffer != NULL)
+ data_string_forget(&default_duid, MDL);
+
+- form_duid(&default_duid, MDL);
+- write_duid(&default_duid);
++ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
++ write_duid(&default_duid);
+ }
+ }
+
+@@ -3267,7 +3267,7 @@ write_options(struct client_state *clien
* is not how it is intended. Upcoming rearchitecting the client should
* address this "one daemon model."
*/
@@ -10,7 +34,7 @@ diff -up dhcp-4.2.0-P1/client/dhc6.c.PPP dhcp-4.2.0-P1/client/dhc6.c
form_duid(struct data_string *duid, const char *file, int line)
{
struct interface_info *ip;
-@@ -141,6 +141,15 @@ form_duid(struct data_string *duid, cons
+@@ -3280,6 +3280,15 @@ form_duid(struct data_string *duid, cons
if (ip == NULL)
log_fatal("Impossible condition at %s:%d.", MDL);
@@ -26,43 +50,19 @@ diff -up dhcp-4.2.0-P1/client/dhc6.c.PPP dhcp-4.2.0-P1/client/dhc6.c
if ((ip->hw_address.hlen == 0) ||
(ip->hw_address.hlen > sizeof(ip->hw_address.hbuf)))
log_fatal("Impossible hardware address length at %s:%d.", MDL);
-@@ -176,6 +185,8 @@ form_duid(struct data_string *duid, cons
- memcpy(duid->buffer->data + 4, ip->hw_address.hbuf + 1,
- ip->hw_address.hlen - 1);
+@@ -3323,6 +3332,8 @@ form_duid(struct data_string *duid, cons
+ log_info("Created duid %s.", str);
+ dfree(str, MDL);
}
-+
++
+ return ISC_R_SUCCESS;
}
- /*
-@@ -5289,7 +5300,8 @@ make_client6_options(struct client_state
- */
- if ((oc = lookup_option(&dhcpv6_universe, *op,
- D6O_CLIENTID)) == NULL) {
-- if (!option_cache(&oc, &default_duid, NULL, clientid_option,
-+ if (default_duid.len == 0 ||
-+ !option_cache(&oc, &default_duid, NULL, clientid_option,
- MDL))
- log_fatal("Failure assembling a DUID.");
-
-diff -up dhcp-4.2.0-P1/client/dhclient.c.PPP dhcp-4.2.0-P1/client/dhclient.c
---- dhcp-4.2.0-P1/client/dhclient.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/client/dhclient.c 2010-11-09 15:37:26.000000000 +0100
-@@ -911,8 +911,8 @@ main(int argc, char **argv) {
- if (default_duid.buffer != NULL)
- data_string_forget(&default_duid, MDL);
-
-- form_duid(&default_duid, MDL);
-- write_duid(&default_duid);
-+ if (form_duid(&default_duid, MDL) == ISC_R_SUCCESS)
-+ write_duid(&default_duid);
- }
-
- for (ip = interfaces ; ip != NULL ; ip = ip->next) {
-diff -up dhcp-4.2.0-P1/common/bpf.c.PPP dhcp-4.2.0-P1/common/bpf.c
---- dhcp-4.2.0-P1/common/bpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/bpf.c 2010-11-09 15:42:42.000000000 +0100
-@@ -599,6 +599,22 @@ get_hw_addr(const char *name, struct har
+ /* Write the default DUID to the lease store. */
+diff -up dhcp-4.3.1b1/common/bpf.c.mRfpsB dhcp-4.3.1b1/common/bpf.c
+--- dhcp-4.3.1b1/common/bpf.c.mRfpsB 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/common/bpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -600,6 +600,22 @@ get_hw_addr(const char *name, struct har
memcpy(&hw->hbuf[1], LLADDR(sa), sa->sdl_alen);
break;
#endif /* IFT_FDDI */
@@ -85,12 +85,12 @@ diff -up dhcp-4.2.0-P1/common/bpf.c.PPP dhcp-4.2.0-P1/common/bpf.c
default:
log_fatal("Unsupported device type %d for \"%s\"",
sa->sdl_type, name);
-diff -up dhcp-4.2.0-P1/common/lpf.c.PPP dhcp-4.2.0-P1/common/lpf.c
---- dhcp-4.2.0-P1/common/lpf.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/common/lpf.c 2010-11-09 15:45:40.000000000 +0100
-@@ -502,6 +502,22 @@ get_hw_addr(const char *name, struct har
+diff -up dhcp-4.3.1b1/common/lpf.c.mRfpsB dhcp-4.3.1b1/common/lpf.c
+--- dhcp-4.3.1b1/common/lpf.c.mRfpsB 2014-07-10 17:39:25.744765404 +0200
++++ dhcp-4.3.1b1/common/lpf.c 2014-07-10 17:48:03.797424616 +0200
+@@ -511,6 +511,22 @@ get_hw_addr(const char *name, struct har
hw->hbuf[0] = HTYPE_FDDI;
- memcpy(&hw->hbuf[1], sa->sa_data, 16);
+ memcpy(&hw->hbuf[1], sa->sa_data, 6);
break;
+#if defined(ARPHRD_PPP)
+ case ARPHRD_PPP:
@@ -111,34 +111,34 @@ diff -up dhcp-4.2.0-P1/common/lpf.c.PPP dhcp-4.2.0-P1/common/lpf.c
default:
log_fatal("Unsupported device type %ld for \"%s\"",
(long int)sa->sa_family, name);
-diff -up dhcp-4.2.0-P1/includes/dhcpd.h.PPP dhcp-4.2.0-P1/includes/dhcpd.h
---- dhcp-4.2.0-P1/includes/dhcpd.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcpd.h 2010-11-09 15:46:58.000000000 +0100
-@@ -2733,7 +2733,7 @@ void dhcpv4_client_assignments(void);
- void dhcpv6_client_assignments(void);
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:48:03.798424601 +0200
+@@ -2839,7 +2839,7 @@ void client_dns_remove(struct client_sta
- /* dhc6.c */
+ void dhcpv4_client_assignments(void);
+ void dhcpv6_client_assignments(void);
-void form_duid(struct data_string *duid, const char *file, int line);
+isc_result_t form_duid(struct data_string *duid, const char *file, int line);
- void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int line);
- void start_init6(struct client_state *client);
- void start_info_request6(struct client_state *client);
-diff -up dhcp-4.2.0-P1/includes/dhcp.h.PPP dhcp-4.2.0-P1/includes/dhcp.h
---- dhcp-4.2.0-P1/includes/dhcp.h.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/includes/dhcp.h 2010-11-09 15:48:53.000000000 +0100
-@@ -80,6 +80,8 @@ struct dhcp_packet {
- #define HTYPE_IEEE802 6 /* IEEE 802.2 Token Ring... */
- #define HTYPE_FDDI 8 /* FDDI... */
-+#define HTYPE_RESERVED 0 /* RFC 5494 */
+ /* dhc6.c */
+ void dhc6_lease_destroy(struct dhc6_lease **src, const char *file, int line);
+diff -up dhcp-4.3.1b1/includes/dhcp.h.mRfpsB dhcp-4.3.1b1/includes/dhcp.h
+--- dhcp-4.3.1b1/includes/dhcp.h.mRfpsB 2014-07-10 17:48:03.761425124 +0200
++++ dhcp-4.3.1b1/includes/dhcp.h 2014-07-10 17:48:03.798424601 +0200
+@@ -81,6 +81,8 @@ struct dhcp_packet {
+ * is no standard for this so we
+ * just steal a type */
+
++#define HTYPE_RESERVED 0 /* RFC 5494 */
+
/* Magic cookie validating dhcp options field (and bootp vendor
extensions field). */
#define DHCP_OPTIONS_COOKIE "\143\202\123\143"
-diff -up dhcp-4.2.0-P1/server/dhcpv6.c.PPP dhcp-4.2.0-P1/server/dhcpv6.c
---- dhcp-4.2.0-P1/server/dhcpv6.c.PPP 2010-11-05 10:47:37.000000000 +0100
-+++ dhcp-4.2.0-P1/server/dhcpv6.c 2010-11-09 15:50:17.000000000 +0100
-@@ -300,6 +300,9 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.mRfpsB 2014-07-10 17:47:31.464881409 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 17:48:03.800424573 +0200
+@@ -330,6 +330,9 @@ generate_new_server_duid(void) {
if (p->hw_address.hlen > 0) {
break;
}
diff --git a/src/patches/dhcp-4.2.0-UseMulticast.patch b/src/patches/dhcp/dhcp-UseMulticast.patch
similarity index 83%
rename from src/patches/dhcp-4.2.0-UseMulticast.patch
rename to src/patches/dhcp/dhcp-UseMulticast.patch
index 319344aa5..ee0ea6b9a 100644
--- a/src/patches/dhcp-4.2.0-UseMulticast.patch
+++ b/src/patches/dhcp/dhcp-UseMulticast.patch
@@ -1,7 +1,7 @@
-diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
---- dhcp-4.2.0/server/dhcpv6.c.UseMulticast 2010-06-01 19:30:00.000000000 +0200
-+++ dhcp-4.2.0/server/dhcpv6.c 2010-07-21 16:17:30.000000000 +0200
-@@ -346,6 +346,48 @@ generate_new_server_duid(void) {
+diff -up dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast dhcp-4.3.1b1/server/dhcpv6.c
+--- dhcp-4.3.1b1/server/dhcpv6.c.UseMulticast 2014-07-02 19:58:40.000000000 +0200
++++ dhcp-4.3.1b1/server/dhcpv6.c 2014-07-10 18:20:03.066256219 +0200
+@@ -376,6 +376,48 @@ generate_new_server_duid(void) {
}
/*
@@ -35,7 +35,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
+ }
+
+ execute_statements_in_scope(NULL, NULL, NULL, NULL, NULL,
-+ opt_state, &global_scope, root_group, NULL);
++ opt_state, &global_scope, root_group, NULL, NULL);
+
+ oc = lookup_option(&dhcpv6_universe, opt_state, D6O_UNICAST);
+ unicast_option_defined = (oc != NULL);
@@ -50,8 +50,21 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
* Get the client identifier from the packet.
*/
isc_result_t
-@@ -1405,6 +1447,56 @@ lease_to_client(struct data_string *repl
- reply.shared->group);
+@@ -706,6 +748,12 @@ static const int required_opts[] = {
+ D6O_PREFERENCE,
+ 0
+ };
++static const int required_opts_NAA[] = {
++ D6O_CLIENTID,
++ D6O_SERVERID,
++ D6O_STATUS_CODE,
++ 0
++};
+ static const int required_opts_solicit[] = {
+ D6O_CLIENTID,
+ D6O_SERVERID,
+@@ -1587,6 +1635,56 @@ lease_to_client(struct data_string *repl
+ reply.shared->group, NULL);
}
+ /* reject unicast message, unless we set unicast option */
@@ -102,21 +115,20 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
+ reply.opt_state, reply.packet,
+ required_opts_NAA,
+ NULL);
-+ } else if (no_resources_avail && (reply.ia_count != 0) &&
-+ (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
++ }
++
/*
* RFC3315 section 17.2.2 (Solicit):
*
-@@ -1429,8 +1521,6 @@ lease_to_client(struct data_string *repl
- * the server.
- * Sends a Renew/Rebind if the IA is not in the Reply message.
+@@ -1619,6 +1717,7 @@ lease_to_client(struct data_string *repl
+ * Having stored the client's IA's, store any options that
+ * will fit in the remaining space.
*/
-- if (no_resources_avail && (reply.ia_count != 0) &&
-- (reply.packet->dhcpv6_msg_type == DHCPV6_SOLICIT))
- {
- /* Set the NoAddrsAvail status code. */
- if (!set_status_code(STATUS_NoAddrsAvail,
-@@ -4128,7 +4218,6 @@ dhcpv6_solicit(struct data_string *reply
++ else
+ reply.cursor += store_options6((char *)reply.buf.data + reply.cursor,
+ sizeof(reply.buf) - reply.cursor,
+ reply.opt_state, reply.packet,
+@@ -4748,7 +4847,6 @@ dhcpv6_solicit(struct data_string *reply
* Very similar to Solicit handling, except the server DUID is required.
*/
@@ -124,7 +136,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
static void
dhcpv6_request(struct data_string *reply_ret, struct packet *packet) {
struct data_string client_id;
-@@ -4443,7 +4532,6 @@ exit:
+@@ -5078,7 +5176,6 @@ exit:
* except for the error code of when addresses don't match.
*/
@@ -132,7 +144,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
static void
dhcpv6_renew(struct data_string *reply, struct packet *packet) {
struct data_string client_id;
-@@ -4688,18 +4776,60 @@ iterate_over_ia_na(struct data_string *r
+@@ -5322,18 +5419,60 @@ iterate_over_ia_na(struct data_string *r
goto exit;
}
@@ -203,7 +215,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
/*
* Loop through the IA_NA reported by the client, and deal with
-@@ -4838,6 +4968,7 @@ iterate_over_ia_na(struct data_string *r
+@@ -5471,6 +5610,7 @@ iterate_over_ia_na(struct data_string *r
/*
* Return our reply to the caller.
*/
@@ -211,7 +223,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
reply_ret->len = reply_ofs;
reply_ret->buffer = NULL;
if (!buffer_allocate(&reply_ret->buffer, reply_ofs, MDL)) {
-@@ -4883,7 +5014,6 @@ exit:
+@@ -5516,7 +5656,6 @@ exit:
* we still need to be aware of this possibility.
*/
@@ -219,7 +231,7 @@ diff -up dhcp-4.2.0/server/dhcpv6.c.UseMulticast dhcp-4.2.0/server/dhcpv6.c
/* TODO: IA_TA */
static void
dhcpv6_decline(struct data_string *reply, struct packet *packet) {
-@@ -5355,7 +5485,6 @@ exit:
+@@ -5986,7 +6125,6 @@ exit:
* Release means a client is done with the leases.
*/
diff --git a/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch b/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch
new file mode 100644
index 000000000..103824c38
--- /dev/null
+++ b/src/patches/dhcp/dhcp-add_timeout_when_NULL.patch
@@ -0,0 +1,14 @@
+diff -up dhcp-4.3.0a1/common/dispatch.c.dracut dhcp-4.3.0a1/common/dispatch.c
+--- dhcp-4.3.0a1/common/dispatch.c.dracut 2013-12-11 01:25:12.000000000 +0100
++++ dhcp-4.3.0a1/common/dispatch.c 2013-12-19 15:39:50.350505860 +0100
+@@ -210,6 +210,10 @@ void add_timeout (when, where, what, ref
+ isc_interval_t interval;
+ isc_time_t expires;
+
++ if (when == NULL) {
++ return;
++ }
++
+ /* See if this timeout supersedes an existing timeout. */
+ t = (struct timeout *)0;
+ for (q = timeouts; q; q = q->next) {
diff --git a/src/patches/dhcp-4.2.2-capability.patch b/src/patches/dhcp/dhcp-capability.patch
similarity index 51%
rename from src/patches/dhcp-4.2.2-capability.patch
rename to src/patches/dhcp/dhcp-capability.patch
index 79af036f2..91a1baef5 100644
--- a/src/patches/dhcp-4.2.2-capability.patch
+++ b/src/patches/dhcp/dhcp-capability.patch
@@ -1,7 +1,7 @@
-diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.8
---- dhcp-4.2.2b1/client/dhclient.8.capability 2011-07-01 15:09:06.603784531 +0200
-+++ dhcp-4.2.2b1/client/dhclient.8 2011-07-01 15:09:06.663783913 +0200
-@@ -118,6 +118,9 @@ dhclient - Dynamic Host Configuration Pr
+diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 17:38:26.938599402 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200
+@@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr
.B -w
]
[
@@ -11,7 +11,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.
.B -B
]
[
-@@ -296,6 +299,32 @@ has been added or removed, so that the c
+@@ -304,6 +307,32 @@ has been added or removed, so that the c
address on that interface.
.TP
@@ -44,9 +44,9 @@ diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.
.BI \-B
Set the BOOTP broadcast flag in request packets so servers will always
broadcast replies.
-diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.capability 2011-07-01 15:09:06.644784107 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 15:09:06.664783903 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 17:39:25.797764653 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200
@@ -39,6 +39,10 @@
#include
#include
@@ -58,7 +58,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.
/*
* Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
* that when building ISC code.
-@@ -141,6 +145,9 @@ main(int argc, char **argv) {
+@@ -143,6 +147,9 @@ main(int argc, char **argv) {
int timeout_arg = 0;
char *arg_conf = NULL;
int arg_conf_len = 0;
@@ -68,7 +68,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.
/* Initialize client globals. */
memset(&default_duid, 0, sizeof(default_duid));
-@@ -410,6 +417,10 @@ main(int argc, char **argv) {
+@@ -425,6 +432,10 @@ main(int argc, char **argv) {
}
dhclient_request_options = argv[i];
@@ -79,7 +79,7 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.
} else if (argv[i][0] == '-') {
usage();
} else if (interfaces_requested < 0) {
-@@ -458,6 +469,19 @@ main(int argc, char **argv) {
+@@ -473,6 +484,19 @@ main(int argc, char **argv) {
path_dhclient_script = s;
}
@@ -99,10 +99,10 @@ diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.
/* Set up the initial dhcp option universe. */
initialize_common_option_spaces();
-diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dhclient-script.8
---- dhcp-4.2.2b1/client/dhclient-script.8.capability 2011-07-01 15:09:06.604784521 +0200
-+++ dhcp-4.2.2b1/client/dhclient-script.8 2011-07-01 15:09:06.666783883 +0200
-@@ -239,6 +239,16 @@ repeatedly initialized to the values pro
+diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp-4.3.1b1/client/dhclient-script.8
+--- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 17:39:25.761765163 +0200
++++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 17:39:25.851763887 +0200
+@@ -243,6 +243,16 @@ repeatedly initialized to the values pro
the other. Assuming the information provided by both servers is
valid, this shouldn't cause any real problems, but it could be
confusing.
@@ -119,22 +119,22 @@ diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dh
.SH SEE ALSO
dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
dhclient.leases(5).
-diff -up dhcp-4.2.2b1/client/Makefile.am.capability dhcp-4.2.2b1/client/Makefile.am
---- dhcp-4.2.2b1/client/Makefile.am.capability 2011-07-01 15:09:06.526785327 +0200
-+++ dhcp-4.2.2b1/client/Makefile.am 2011-07-01 15:09:06.667783873 +0200
-@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp-4.3.1b1/client/Makefile.am
+--- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 17:38:10.778828583 +0200
++++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 +0200
+@@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c
+ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
---- dhcp-4.2.2b1/configure.ac.capability 2011-07-01 15:09:06.527785317 +0200
-+++ dhcp-4.2.2b1/configure.ac 2011-07-01 15:09:06.667783873 +0200
-@@ -449,6 +449,41 @@ AC_TRY_LINK(
+diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac
+--- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 +0200
++++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200
+@@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
@@ -176,11 +176,11 @@ diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
-diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
---- dhcp-4.2.2b1/relay/dhcrelay.c.capability 2011-07-01 15:09:06.626784295 +0200
-+++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 15:12:05.362223794 +0200
-@@ -36,6 +36,11 @@
- #include
+diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay.c
+--- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 +0200
++++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200
+@@ -31,6 +31,11 @@
+ #include
#include
+#ifdef HAVE_LIBCAP_NG
@@ -191,9 +191,9 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
TIME default_lease_time = 43200; /* 12 hours... */
TIME max_lease_time = 86400; /* 24 hours... */
struct tree_cache *global_options[256];
-@@ -356,6 +361,10 @@ main(int argc, char **argv) {
- sl->next = upstreams;
- upstreams = sl;
+@@ -376,6 +381,10 @@ main(int argc, char **argv) {
+ usage();
+ dhcrelay_sub_id = argv[i];
#endif
+ } else if (!strcmp(argv[i], "-nc")) {
+#ifdef HAVE_LIBCAP_NG
@@ -202,7 +202,7 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
} else if (!strcmp(argv[i], "-pf")) {
if (++i == argc)
usage();
-@@ -426,6 +435,17 @@ main(int argc, char **argv) {
+@@ -446,6 +455,17 @@ main(int argc, char **argv) {
#endif
}
@@ -220,8 +220,8 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
if (!quiet) {
log_info("%s %s", message, PACKAGE_VERSION);
log_info(copyright);
-@@ -573,6 +593,15 @@ main(int argc, char **argv) {
- dhcpv6_packet_handler = do_packet6;
+@@ -598,6 +618,15 @@ main(int argc, char **argv) {
+ signal(SIGTERM, dhcp_signal_handler); /* kill */
#endif
+#ifdef HAVE_LIBCAP_NG
@@ -236,88 +236,15 @@ diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
/* Start dispatching packets and timeouts... */
dispatch();
-diff -up dhcp-4.2.2b1/relay/Makefile.am.capability dhcp-4.2.2b1/relay/Makefile.am
---- dhcp-4.2.2b1/relay/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/relay/Makefile.am 2011-07-01 15:09:06.670783841 +0200
-@@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefile.am
+--- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 17:38:10.780828554 +0200
++++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200
+@@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
- dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
+-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
++dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
+ $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
-
-diff -up dhcp-4.2.2b1/server/dhcpd.c.capability dhcp-4.2.2b1/server/dhcpd.c
---- dhcp-4.2.2b1/server/dhcpd.c.capability 2011-07-01 15:09:06.636784192 +0200
-+++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 15:09:06.670783841 +0200
-@@ -58,6 +58,11 @@ static const char url [] =
- # undef group
- #endif /* PARANOIA */
-
-+#ifdef HAVE_LIBCAP_NG
-+# include
-+ int keep_capabilities = 0;
-+#endif
-+
- static void usage(void);
-
- struct iaddr server_identifier;
-@@ -403,6 +408,10 @@ main(int argc, char **argv) {
- traceinfile = argv [i];
- trace_replay_init ();
- #endif /* TRACING */
-+ } else if (!strcmp(argv[i], "-nc")) {
-+#ifdef HAVE_LIBCAP_NG
-+ keep_capabilities = 1;
-+#endif
- } else if (argv [i][0] == '-') {
- usage ();
- } else {
-@@ -459,6 +468,17 @@ main(int argc, char **argv) {
- }
- #endif /* DHCPv6 */
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
-+ CAP_NET_RAW, CAP_NET_BIND_SERVICE, CAP_SYS_CHROOT, CAP_SETUID, CAP_SETGID, -1);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all unnecessary capabilities.");
-+ }
-+#endif
-+
- /*
- * convert relative path names to absolute, for files that need
- * to be reopened after chdir() has been called
-@@ -859,6 +879,15 @@ main(int argc, char **argv) {
- omapi_set_int_value ((omapi_object_t *)dhcp_control_object,
- (omapi_object_t *)0, "state", server_running);
-
-+#ifdef HAVE_LIBCAP_NG
-+ /* Drop all capabilities */
-+ if (!keep_capabilities) {
-+ capng_clear(CAPNG_SELECT_BOTH);
-+ capng_apply(CAPNG_SELECT_BOTH);
-+ log_info ("Dropped all capabilities.");
-+ }
-+#endif
-+
- /* Receive packets and dispatch them... */
- dispatch ();
-
-diff -up dhcp-4.2.2b1/server/Makefile.am.capability dhcp-4.2.2b1/server/Makefile.am
---- dhcp-4.2.2b1/server/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
-+++ dhcp-4.2.2b1/server/Makefile.am 2011-07-01 15:09:06.671783830 +0200
-@@ -8,7 +8,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
- dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
-+ ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
-+ $(CAPNG_LDADD)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
diff --git a/src/patches/dhcp-4.2.0-default-requested-options.patch b/src/patches/dhcp/dhcp-default-requested-options.patch
similarity index 81%
rename from src/patches/dhcp-4.2.0-default-requested-options.patch
rename to src/patches/dhcp/dhcp-default-requested-options.patch
index fea8a4b99..afda222e6 100644
--- a/src/patches/dhcp-4.2.0-default-requested-options.patch
+++ b/src/patches/dhcp/dhcp-default-requested-options.patch
@@ -1,6 +1,6 @@
-diff -up dhcp-4.2.0/client/clparse.c.requested dhcp-4.2.0/client/clparse.c
---- dhcp-4.2.0/client/clparse.c.requested 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/client/clparse.c 2010-07-21 13:50:29.000000000 +0200
+diff -up dhcp-4.3.0a1/client/clparse.c.requested dhcp-4.3.0a1/client/clparse.c
+--- dhcp-4.3.0a1/client/clparse.c.requested 2013-12-19 15:13:27.276631307 +0100
++++ dhcp-4.3.0a1/client/clparse.c 2013-12-19 15:13:27.313630789 +0100
@@ -37,7 +37,7 @@
struct client_config top_level_config;
@@ -10,7 +10,7 @@ diff -up dhcp-4.2.0/client/clparse.c.requested dhcp-4.2.0/client/clparse.c
struct option *default_requested_options[NUM_DEFAULT_REQUESTED_OPTS + 1];
static void parse_client_default_duid(struct parse *cfile);
-@@ -111,6 +111,31 @@ isc_result_t read_client_conf ()
+@@ -119,6 +119,31 @@ isc_result_t read_client_conf ()
option_code_hash_lookup(&default_requested_options[8],
dhcpv6_universe.code_hash, &code, 0, MDL);
diff --git a/src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch b/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
similarity index 58%
rename from src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch
rename to src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
index 81bec7bd4..3e52e6400 100644
--- a/src/patches/dhcp-4.2.0-dhclient-decline-backoff.patch
+++ b/src/patches/dhcp/dhcp-dhclient-decline-backoff.patch
@@ -1,7 +1,7 @@
-diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
---- dhcp-4.2.0/client/dhclient.c.backoff 2010-07-21 13:37:03.000000000 +0200
-+++ dhcp-4.2.0/client/dhclient.c 2010-07-21 13:38:31.000000000 +0200
-@@ -1208,6 +1208,8 @@ void state_init (cpp)
+diff -up dhcp-4.3.1b1/client/dhclient.c.JwFUZj dhcp-4.3.1b1/client/dhclient.c
+--- dhcp-4.3.1b1/client/dhclient.c.JwFUZj 2014-07-10 17:38:50.511265091 +0200
++++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:16.164901267 +0200
+@@ -1281,6 +1281,8 @@ void state_init (cpp)
void *cpp;
{
struct client_state *client = cpp;
@@ -10,7 +10,7 @@ diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
ASSERT_STATE(state, S_INIT);
-@@ -1220,9 +1222,18 @@ void state_init (cpp)
+@@ -1293,9 +1295,18 @@ void state_init (cpp)
client -> first_sending = cur_time;
client -> interval = client -> config -> initial_interval;
@@ -32,15 +32,15 @@ diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
}
/*
-@@ -1501,6 +1512,7 @@ void bind_lease (client)
- send_decline (client);
- destroy_client_lease (client -> new);
- client -> new = (struct client_lease *)0;
-+ client -> state = S_DECLINED;
- state_init (client);
- return;
- }
-@@ -3711,6 +3723,7 @@ void client_location_changed ()
+@@ -1592,6 +1603,7 @@ void bind_lease (client)
+ "try (declined). Exiting.");
+ exit(2);
+ } else {
++ client -> state = S_DECLINED;
+ state_init(client);
+ return;
+ }
+@@ -4059,6 +4071,7 @@ void client_location_changed ()
case S_INIT:
case S_REBINDING:
case S_STOPPED:
@@ -48,10 +48,10 @@ diff -up dhcp-4.2.0/client/dhclient.c.backoff dhcp-4.2.0/client/dhclient.c
break;
}
client -> state = S_INIT;
-diff -up dhcp-4.2.0/includes/dhcpd.h.backoff dhcp-4.2.0/includes/dhcpd.h
---- dhcp-4.2.0/includes/dhcpd.h.backoff 2010-07-21 13:29:05.000000000 +0200
-+++ dhcp-4.2.0/includes/dhcpd.h 2010-07-21 13:38:31.000000000 +0200
-@@ -1056,7 +1056,8 @@ enum dhcp_state {
+diff -up dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj dhcp-4.3.1b1/includes/dhcpd.h
+--- dhcp-4.3.1b1/includes/dhcpd.h.JwFUZj 2014-07-10 17:38:26.941599360 +0200
++++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:38:50.526264878 +0200
+@@ -1087,7 +1087,8 @@ enum dhcp_state {
S_BOUND = 5,
S_RENEWING = 6,
S_REBINDING = 7,
diff --git a/src/patches/dhcp-4.2.2-options.patch b/src/patches/dhcp/dhcp-dhclient-options.patch
similarity index 65%
rename from src/patches/dhcp-4.2.2-options.patch
rename to src/patches/dhcp/dhcp-dhclient-options.patch
index 32e2add77..67f144ecb 100644
--- a/src/patches/dhcp-4.2.2-options.patch
+++ b/src/patches/dhcp/dhcp-dhclient-options.patch
@@ -1,7 +1,7 @@
-diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
---- dhcp-4.2.2b1/client/clparse.c.options 2011-04-21 16:08:14.000000000 +0200
-+++ dhcp-4.2.2b1/client/clparse.c 2011-07-01 13:51:52.935755570 +0200
-@@ -146,6 +146,7 @@ isc_result_t read_client_conf ()
+diff -up dhcp-4.3.1b1/client/clparse.c.fLPqYB dhcp-4.3.1b1/client/clparse.c
+--- dhcp-4.3.1b1/client/clparse.c.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/clparse.c 2014-07-10 17:38:26.938599402 +0200
+@@ -148,6 +148,7 @@ isc_result_t read_client_conf ()
/* Requested lease time, used by DHCPv6 (DHCPv4 uses the option cache)
*/
top_level_config.requested_lease = 7200;
@@ -9,7 +9,7 @@ diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
group_allocate (&top_level_config.on_receipt, MDL);
if (!top_level_config.on_receipt)
-@@ -313,7 +314,8 @@ void read_client_leases ()
+@@ -353,7 +354,8 @@ void read_client_leases ()
interface-declaration |
LEASE client-lease-statement |
ALIAS client-lease-statement |
@@ -19,7 +19,7 @@ diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
void parse_client_statement (cfile, ip, config)
struct parse *cfile;
-@@ -732,6 +734,12 @@ void parse_client_statement (cfile, ip,
+@@ -771,6 +773,12 @@ void parse_client_statement (cfile, ip,
parse_reject_statement (cfile, config);
return;
@@ -32,9 +32,116 @@ diff -up dhcp-4.2.2b1/client/clparse.c.options dhcp-4.2.2b1/client/clparse.c
default:
lose = 0;
stmt = (struct executable_statement *)0;
-diff -up dhcp-4.2.2b1/client/dhclient.c.options dhcp-4.2.2b1/client/dhclient.c
---- dhcp-4.2.2b1/client/dhclient.c.options 2011-05-11 16:20:59.000000000 +0200
-+++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 13:51:52.936755545 +0200
+diff -up dhcp-4.3.1b1/client/dhclient.8.fLPqYB dhcp-4.3.1b1/client/dhclient.8
+--- dhcp-4.3.1b1/client/dhclient.8.fLPqYB 2014-07-02 19:58:38.000000000 +0200
++++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:38:26.938599402 +0200
+@@ -128,6 +128,33 @@ dhclient - Dynamic Host Configuration Pr
+ .B -w
+ ]
+ [
++.B -B
++]
++[
++.B -C
++.I dhcp-client-identifier
++]
++[
++.B -H
++.I host-name
++]
++[
++.B -F
++.I fqdn.fqdn
++]
++[
++.B -V
++.I vendor-class-identifier
++]
++[
++.B -R
++.I request-option-list
++]
++[
++.B -timeout
++.I timeout
++]
++[
+ .B -v
+ ]
+ [
+@@ -275,6 +302,69 @@ not to exit when it doesn't find any suc
+ program can then be used to notify the client when a network interface
+ has been added or removed, so that the client can attempt to configure an IP
+ address on that interface.
++
++.TP
++.BI \-B
++Set the BOOTP broadcast flag in request packets so servers will always
++broadcast replies.
++
++.TP
++.BI \-C\
++Specify the dhcp-client-identifier option to send to the DHCP server.
++
++.TP
++.BI \-H\
++Specify the host-name option to send to the DHCP server. The host-name
++string only contains the client's hostname prefix, to which the server will
++append the ddns-domainname or domain-name options, if any, to derive the
++fully qualified domain name of the client. The
++.B -H
++option cannot be used with the
++.B -F
++option.
++
++.TP
++.BI \-F\
++Specify the fqdn.fqdn option to send to the DHCP server. This option cannot
++be used with the
++.B -H
++option. The fqdn.fqdn option must specify the complete domain name of the
++client host, which the server may use for dynamic DNS updates.
++
++.TP
++.BI \-V\
++Specify the vendor-class-identifier option to send to the DHCP server.
++
++.TP
++.BI \-R\