ISC Open Source Projects issueshttps://gitlab.isc.org/groups/isc-projects/-/issues2022-11-02T15:10:19Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/1557add loose comparison in some unit tests2022-11-02T15:10:19ZFrancis Dupontadd loose comparison in some unit testsFor instance Multi-node testing loop / freebsd-64-latest / results / RebindTest.requestPrefixInRebind failed with:
```
rebind_unittest.cc:948
Expected: 1000
To be equal to: leases_client_na_rebound[0].cltt_ - leases_client_na[0].cl...For instance Multi-node testing loop / freebsd-64-latest / results / RebindTest.requestPrefixInRebind failed with:
```
rebind_unittest.cc:948
Expected: 1000
To be equal to: leases_client_na_rebound[0].cltt_ - leases_client_na[0].cltt_
Which is: 1001
```
it is obviously a timing issue. I propose:
- create a generic tool for handling this case if it does not yet exist
- use it beginning by this testbackloghttps://gitlab.isc.org/isc-projects/bind9/-/issues/2293zone transfer tracking2020-11-19T08:13:25ZPeter Davieszone transfer tracking### Description
zone transfer tracking mechanism
### Request
This is feature request for a function that would allow one to list zone transfers that are in-progress at any one time and how long they have been running for.
Benefit...### Description
zone transfer tracking mechanism
### Request
This is feature request for a function that would allow one to list zone transfers that are in-progress at any one time and how long they have been running for.
Benefits:
- be able to determine if zone transfers are running longer than expected.
- be able to track transfers in-progress over time to monitor primary and secondary zone transfer health.
### Links / references
RT #[17310](https://support.isc.org/Ticket/Display.html?id=17310).https://gitlab.isc.org/isc-projects/stork/-/issues/454UI tests needed for menu2022-03-01T14:19:02ZTomek MrugalskiUI tests needed for menuAs a follow-up to #419, we decided to implement UI unit-tests for menu. Yes, it's a compromise. After this ticket is done and we have UT ready and working, we may revisit the question whether the function is lacking in performance and wh...As a follow-up to #419, we decided to implement UI unit-tests for menu. Yes, it's a compromise. After this ticket is done and we have UT ready and working, we may revisit the question whether the function is lacking in performance and whether this is a problem or not. But that's outside of scope of this ticket.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1547custom option examples2022-11-02T15:10:19ZTomek Mrugalskicustom option examplesWe should improve the custom option examples. Here are some requests:
1. [custom option 191](https://lists.isc.org/pipermail/kea-users/2019-November/002570.html)We should improve the custom option examples. Here are some requests:
1. [custom option 191](https://lists.isc.org/pipermail/kea-users/2019-November/002570.html)backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1545perfdhcp command line examples are needed2022-11-02T15:10:19ZTomek Mrugalskiperfdhcp command line examples are neededOne person complained about [lack of perfdhcp command line examples](https://lists.isc.org/pipermail/kea-users/2019-August/002512.html) on kea-users, which gotten a reply with someone pointing out to some ancient document Tomek and Marc...One person complained about [lack of perfdhcp command line examples](https://lists.isc.org/pipermail/kea-users/2019-August/002512.html) on kea-users, which gotten a reply with someone pointing out to some ancient document Tomek and Marcin wrote in 2012.
We should either add a new section to the ARM explaining basics of perfdhcp, or extend current man page. I think long term ARM section would be better, as we may evolve it into performance tips.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1544user-class filtering per reservation (Microsoft DHCP)2020-12-21T13:11:08ZTomek Mrugalskiuser-class filtering per reservation (Microsoft DHCP)Some time ago there was [a discussion on kea-users](https://lists.isc.org/pipermail/kea-users/2019-April/002333.html) (note: the discussion continued in May). Here's what the user was trying to do:
> What mkangelo and I are trying to do...Some time ago there was [a discussion on kea-users](https://lists.isc.org/pipermail/kea-users/2019-April/002333.html) (note: the discussion continued in May). Here's what the user was trying to do:
> What mkangelo and I are trying to do is to replace Microsoft DHCP server which has a feature to create host reservations with
two option 67 values which are served to the client based on the class (type) of the client - for example return undionly.kpxe when client is pxe return https://api.example.com/customurl/ when client is gpxe
Here's an expression they're trying to achieve:
```
Client class is extracted from DHCP Discover packets:
IF Option [77] == gPXE
then second value is being returned
ELSEIF Option [60] == "PXEClient:Arch:00000:UNDI:002001"
then first value is returned
```
This seems like a useful feature that's provided by some other implementations.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/1541Add backend call counters2020-12-21T13:08:48ZFrancis DupontAdd backend call countersThe idea is to add simple counters (vs full stats) for backend API method calls. For instance in #1418 it would be very fine to confirm that a lease is not updated twice. I know that profiling can get the same information but this is far...The idea is to add simple counters (vs full stats) for backend API method calls. For instance in #1418 it would be very fine to confirm that a lease is not updated twice. I know that profiling can get the same information but this is far more immediate for a low cost (i.e. I am sure the cost will be more than recovered by optimizations it is expected to allow).
Note we do not need large counters: it does not matter if a counter wraps as soon as it takes a long time to happen...outstandinghttps://gitlab.isc.org/isc-projects/dhcp/-/issues/149dhcpd is not escaping quotes (") in .leases2021-01-13T10:46:18ZJoost Bekkersdhcpd is not escaping quotes (") in .leases---
name: Bug report
about: dhcpd can't parse it's own .leases file when using events containing escaped " (")
---
**Describe the bug**
When a release and/or expire event is configured which contains an escaped quote (ie "this is...---
name: Bug report
about: dhcpd can't parse it's own .leases file when using events containing escaped " (")
---
**Describe the bug**
When a release and/or expire event is configured which contains an escaped quote (ie "this is a quote \"." )
the event definition is also written to the leases file when applicable. The backslash used to escape the quote is not written.
When the daemon is restarted it can't parse the leases file and complains it is corrupt.
**To Reproduce**
1. Run dhcpd containing the following config
~~~
on release {
set clip = binary-to-ascii(10, 8, ".", leased-address);
set clhw = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6));
set cid = pick-first-value( concat( "\"", substring(option agent.circuit-id,2,256), "\""), "NO-CID");
set rid = pick-first-value( concat( "\"", substring(option agent.remote-id,2,256), "\""), "NO-RID");
log(info, concat( "RELEASE ", clip, " on ", clhw, " at ", cid, "/", rid));
}
~~~
2. Wait for a client to obtain a lease and the .leases file to be updated.
3. Observe that the leases file now contains
~~~
on release {
set clip =
binary-to-ascii (10, 8, ".", leased-address) ;
set clhw =
binary-to-ascii (16, 8, ":",
substring (hardware, 1, 6)) ;
set cid =
pick-first-value (concat (concat (""",
substring (option agent.circuit-id, 2,
256)), """), "NO-CID") ;
set rid =
pick-first-value (concat (concat (""",
substring (option agent.remote-id, 2,
256)), """), "NO-RID") ;
log (info,
concat (concat (concat (concat (concat (concat (concat ("RELEASE ", clip), " on "),
clhw), " at "), cid), "/"), rid));
}
~~~
3. Restart dhpcd
4. See errors about "comma expected" and "possibly corrupt lease file"
**Expected behavior**
Leases file should be written including the escaping backslash.
**Environment:**
- ISC DHCP version: 4.4.2
- OS: FreeBSD 12
- Which features were compiled in
**Describe the solution you'd like**
I think the problem is in token_indent_data_string() in common/print.c. The purely ASCII path should insert a backslash where needed.
It might be easier to just handle the string as binary, but that impacts human readability.https://gitlab.isc.org/isc-projects/kea/-/issues/1538missing new global parameters in documentation2022-11-02T15:10:17ZFrancis Dupontmissing new global parameters in documentationIn the DHCPv4 8.14.1. Supported Parameters: authoritative, ddns-use-conflict-resolution, ip-reservations-unique, min and max valid-lifetime, statistic-default-sample-age, statistic-default-sample-count and store-extended-info.
In the DH...In the DHCPv4 8.14.1. Supported Parameters: authoritative, ddns-use-conflict-resolution, ip-reservations-unique, min and max valid-lifetime, statistic-default-sample-age, statistic-default-sample-count and store-extended-info.
In the DHCPv6 9.19.1. Supported Parameters: ddns-use-conflict-resolution, min and max preferred and valid lifetime, ip-reservations-unique, statistic-default-sample-age, statistic-default-sample-count and store-extended-info.
Two other points: I did not put in these lists the server-tag because it is not really settable. And please consider to make the lists sorted in alphabetical order.backloghttps://gitlab.isc.org/isc-projects/stork/-/issues/452Configuration: hide "shared subnet" in Stork2022-02-04T09:05:09ZCarsten StrotmannConfiguration: hide "shared subnet" in StorkMany DHCP networks do not have Shared Subnets.
It should be possible to hide all aspects of "shared subnets" in Stork (via the Stork configuration), as it takes precious screen space and might confuse administrators.Many DHCP networks do not have Shared Subnets.
It should be possible to hide all aspects of "shared subnets" in Stork (via the Stork configuration), as it takes precious screen space and might confuse administrators.backloghttps://gitlab.isc.org/isc-projects/stork/-/issues/450Stork build process from release sources with minimal build dependencies2022-06-28T17:18:14ZCarsten StrotmannStork build process from release sources with minimal build dependenciesIt would be nice to be able to build the Stork agent/server binaries from the release sources with just
go build ...
instead of the rake process and all it's dependencies. The generated API source files could be part of the release sou...It would be nice to be able to build the Stork agent/server binaries from the release sources with just
go build ...
instead of the rake process and all it's dependencies. The generated API source files could be part of the release sources, as they should be stable for a release.outstandinghttps://gitlab.isc.org/isc-projects/stork/-/issues/449inconsistant naming of dynamic DNS module2022-02-04T09:05:26ZCarsten Strotmanninconsistant naming of dynamic DNS moduleIn the Stork WebUI, the module for dynamic DNS is called DDNS, and in the events it is called "D2".
![Stork-bug-DDNS-naming](/uploads/6e17f89ba26231aeebc94a2d490b559d/Stork-bug-DDNS-naming.png)
This is confusing. It should probably na...In the Stork WebUI, the module for dynamic DNS is called DDNS, and in the events it is called "D2".
![Stork-bug-DDNS-naming](/uploads/6e17f89ba26231aeebc94a2d490b559d/Stork-bug-DDNS-naming.png)
This is confusing. It should probably named "DDNS" in the events as well.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1537Kea CA port 8000 clashes with other daemons2022-11-02T15:10:17ZCarsten StrotmannKea CA port 8000 clashes with other daemonsHi,
the Kea control agent uses port 8000 by default. It a lot of new projects (Python, Go, Rust based projects) in the last 10 years have chosen this same port, and now admins have to work around this by changing the defaults.
Would it...Hi,
the Kea control agent uses port 8000 by default. It a lot of new projects (Python, Go, Rust based projects) in the last 10 years have chosen this same port, and now admins have to work around this by changing the defaults.
Would it be possible to register dedicated port(s) with IANA for Kea services (and change the defaults to use these ports instead of 8000) to lower the possibility of port clashes?
Greetings
Carstenbackloghttps://gitlab.isc.org/isc-projects/bind9/-/issues/2269Extend DNSTAP to identify forwarded UPDATE messages.2020-11-12T00:01:13ZMark AndrewsExtend DNSTAP to identify forwarded UPDATE messages.Extend DNSTAP to identify forwarded UPDATE messages tagged with their original id in an optional extra field.Extend DNSTAP to identify forwarded UPDATE messages tagged with their original id in an optional extra field.https://gitlab.isc.org/isc-projects/bind9/-/issues/2268RFC 8914 - Extended error for No Reachable Authority2023-07-11T10:01:59ZVicky Riskvicky@isc.orgRFC 8914 - Extended error for No Reachable AuthorityAnother error message support would like to see sooner is
22 - No Reachable AuthorityAnother error message support would like to see sooner is
22 - No Reachable Authorityhttps://gitlab.isc.org/isc-projects/bind9/-/issues/2260Fix pkcs11 system test to handle revoked key collisions.2022-03-01T09:42:56ZMark AndrewsFix pkcs11 system test to handle revoked key collisions.Job [#1286395](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1286395) failed for c19a35c945ebc21272143253d408e145b949a966:
```
S:pkcs11:2020-11-10T04:19:15+0000
T:pkcs11:1:A
A:pkcs11:System test pkcs11
I:pkcs11:PORTS:30765,30766,3076...Job [#1286395](https://gitlab.isc.org/isc-projects/bind9/-/jobs/1286395) failed for c19a35c945ebc21272143253d408e145b949a966:
```
S:pkcs11:2020-11-10T04:19:15+0000
T:pkcs11:1:A
A:pkcs11:System test pkcs11
I:pkcs11:PORTS:30765,30766,30767,30768,30769,30770,30771,30772,30773,30774
=I:pkcs11:Generating keys for Native PKCS#11
dnssec-keyfromlabel: fatal: dnssec-keyfromlabel: ./Krsasha256.example.+008+38641 could collide with another key upon revokation
I:pkcs11:setup.sh script failed
R:pkcs11:FAIL
E:pkcs11:2020-11-10T04:19:15+0000
FAIL pkcs11 (exit status: 1)
```Not plannedhttps://gitlab.isc.org/isc-projects/bind9/-/issues/2257Follow-up from "use netmgr for xfrin"2022-03-01T09:43:01ZOndřej SurýFollow-up from "use netmgr for xfrin"The following discussion from !4246 should be addressed:
- [ ] @ondrej started a [discussion](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4246#note_175084): (+1 comment)
> This is the last weird thing:
>
> ...The following discussion from !4246 should be addressed:
- [ ] @ondrej started a [discussion](https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/4246#note_175084): (+1 comment)
> This is the last weird thing:
>
> a) how do we get here with the (previous) transfer still attached?
> b) should this be `dns_xfrin_shutdown(&zone->xfr);`?Not plannedhttps://gitlab.isc.org/isc-projects/kea/-/issues/1532rawip interface support2020-11-26T16:59:22ZFrancis Dupontrawip interface supportA patch (https://gitlab.isc.org/isc-projects/dhcp/-/merge_requests/66) was proposed for ISC DHCP to add support for interfaces using the rawip ARP hardware type. I propose when the ISC DHCP part will be ready to do the same for Kea.
(tr...A patch (https://gitlab.isc.org/isc-projects/dhcp/-/merge_requests/66) was proposed for ISC DHCP to add support for interfaces using the rawip ARP hardware type. I propose when the ISC DHCP part will be ready to do the same for Kea.
(triage proposal: put it in 1.x and re-triage it when the ISC DHCP part will be ready)outstandinghttps://gitlab.isc.org/isc-projects/dhcp/-/issues/146Add support for raw IP interface type2020-12-03T10:15:34ZFrancis DupontAdd support for raw IP interface typeSee !66 (issue created to host it).See !66 (issue created to host it).4.5.0-betaFrancis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/1525Fix ChangeLog lint issues in premium ChangeLog in v1_8_02022-11-02T15:10:17ZThomas MarkwalderFix ChangeLog lint issues in premium ChangeLog in v1_8_0As of 1.9.0, pipeline now uses ChangeLog lint which complains about lines > 73 characters in length.
Premium's ChangeLog contains several lines that are too long but pipeline does not seem to complain about them. In a nutshell, we appe...As of 1.9.0, pipeline now uses ChangeLog lint which complains about lines > 73 characters in length.
Premium's ChangeLog contains several lines that are too long but pipeline does not seem to complain about them. In a nutshell, we appear to treat Kea ChangeLog differently than Premium's ChangeLog.backlog