RELNOTES

	      Internet Systems Consortium DHCP Distribution
			      Version 4.3.2
			     26 February 2015

			      Release Notes

			      NEW FEATURES

The major "theme" for ISC DHCP 4.3.x was to update the support for
DHCPv6 to include several of the features that have been available
for DHCPv4.  These include:

- Support the use of classes

- Support for on_commit, on_expiry and on_release statements

- Better logging of address assignments

- Support for using DHCPv6 relay options in expressions

This release also adds suppport for the standard DDNS as described in the
current RFCs as well as enhancing support for dynamically adding and removing
subclasses via OMAPI.

There are a number of DHCPv6 limitations and features missing in this
release, which will be addressed in the future:

- Only Solaris, Linux, FreeBSD, NetBSD, and OpenBSD are supported.

- DHCPv6 includes human-readable text in status code messages, in
  English.  A method to reconfigure or support other languages would
  be preferable.

- The "host-identifier" option is limited to a simple token.

- The client and server can only operate DHCPv4 or DHCPv6 at a time,
  not both.  To use both protocols simultaneously, two instances of the
  relevant daemon are required, one with the '-6' command line option.

For information on how to install, configure and run this software, as
well as how to find documentation and report bugs, please consult the
README file.

ISC DHCP uses standard GNU configure for installation. Please review the
output of "./configure --help" to see what options are available.

The system has only been tested on Linux, FreeBSD, and Solaris, and may not
work on other platforms. Please report any problems and suggested fixes to
<dhcp-users@isc.org>.

ISC DHCP is open source software maintained by Internet Systems
Consortium.  This product includes cryptographic software written
by Eric Young (eay@cryptsoft.com).

			Changes since 4.3.2b1

- Specifying the option, --disable-debug, on the configure script command line
  now disables debug features.  Prior to this, specifying --disable-debug
  incorrectly enabled debug features. Thanks to Gustavo Zacarias for reporting
  the issue.
  [ISC-Bugs #37780]

- Unit test execution now uses a path augmented during configuration
  processing of the --with-atf option to locate ATF runtime tools, atf-run
  and atf-report. For most installations of ATF, this should alleviate the
  need to manually include them in the PATH, as was formerly required.
  If the configure script cannot locate the tools it will emit a warning,
  informing the user that the tools must be in the PATH when running unit
  tests.
  Secondly, please note that "make check" will now exit with a failure status
  code (non-zero) if one or more unit tests fail.  This means that invoking
  "make check" from an upper level directory will cause the make process to
  STOP after the first test subdirectory with failed test(s).  To force all
  tests in all subdirectories to run, regardless of individual test outcome,
  use the command "make -k check".
  [ISC-Bugs #38619]

			Changes since 4.3.1

- Corrected parser's right brace matching when a statement contains an error.
  [ISC-Bugs #36021]

- TSIG-authenticated dynamic DNS updates now support the use of these
  additional algorithms: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384,
  and hmac-sha512
  [ISC-Bugs #36947]

- Added check for invalid failover message type. Thanks to Tobias Stoeckmann
  working with the OpenBSD project who spotted the issue and provided the
  patch.
  [ISC-Bugs #36653]

- Corrected rate limiting checks for bad packet logging.  Thanks to Tobias
  Stoeckmann working with the OpenBSD project who spotted the issue and
  provided the patch.
  [ISC-Bugs #36897]

- Log statements depicting what files will be used by the server now occur
  after the configuration file has been processed.
  [ISC-Bugs #36671]

- Addressed Coverity issues reported as of 07-31-2014:
  [ISC-Bugs #36712] Corrects Coverity reported "high" impact issues.
  [ISC-Bugs #36933] Corrects Coverity reported "medium" impact issues
  [ISC-Bugs #37708] Fixes compilation error in dst_api.c seen in older
  compilers that was introduced by #36712

- Server now supports a failover split value of 256.
  [ISC-Bugs] #36664]

- Remove unneeded error #defines.  These defines were included in case
  external programs required the older versions of the macro.  They
  have been #ifdeffed for now and will be removed at a future date.
  See site.h for the #define to include them again, but you should
  switch to using the DHCP_R_* versions instead of the ISC_R_* versions.
  Also ISC_R_MULTIPLE has been removed as it is also deifned in bind.
  [ISC-Bugs #37128]

- Added checks in range6 and prefix6 statement parsing to ensure addresses
  are within the declared subnet. Thanks to Jiri Popelka at Red Hat for the
  bug report and patch.
  [ISC-Bugs #32453]
  [ISC-Bugs #17766]
  [ISC-Bugs #18510]
  [ISC-Bugs #23698]
  [ISC-Bugs #28883]

- Addressed checksum issues:
  Added checksum readiness check to Linux packet filtering which eliminates
  invalid packet drops due to checksum errors when checksum offloading is
  in use.  Based on dhcp-4.2.2-xen-checksum.patch made to the Fedora project.
  [ISC-Bugs #22806]
  [ISC-Bugs #15902]
  [ISC-Bugs #17739]
  [ISC-Bugs #18010]
  [ISC-Bugs #22556]
  [ISC-Bugs #29769]
  Inbound packets with UDP checksums of 0xffff now validate correctly rather
  than being dropped.
  [ISC-Bugs #24216]
  [ISC-Bugs #25587]

- Added the echo-client-id configuration parameter to the server configuration.
  The server now supports RFC 6842 compliant behavior by setting a new
  configuration parameter, echo-client-id.  When enabled, the server will
  include the client identifier option (Option code 61) if received, in its
  responses.  The server identifier returned in NAKs (if enabled) will now
  be the globally defined value (if one) if the server cannot attribute the
  inbound request to a known subnet.
  [ISC-Bugs #35958]
  [ISC-Bugs #32545]

- Added support of the configuration parameter, use-host-decl-names, to
  BOOTP request handling.
  [ISC-Bugs #36233]

- Added logic to ignore the signal, SIGPIPE, which ensures write failures
  will be delivered as errors rather than as SIGPIPE signals on all OSs.
  Thanks to Marius Tomaschewski from SUSE who reported the issue and provided
  the patch upon which the fix is based.
  [ISC-Bugs #32222]

- In the failover code, handle the case of communications being interrupted
  when the servers are dealing with POTENTIAL-CONFLICT.  This patch allows
  the primary to accept the secondary moving from POTENTIAL-CONFLICT to
  RESOLUTION-INTERRUPTED as well as handling the bind update process better.
  In addition the code to resend update or update all requests has been
  modified to send requests more often.
  [ISC-Bugs #36810]
  [ISC-Bugs #20352]

- By default, the server will now choose the value to use in the forward DNS
  name from the following in order of preference:

    1. FQDN option if provided by the client
    2. Host name option if provided by the client
    3. Configured option host-name if defined

  As before, this may be overridden by defining ddns-hostname to the desired
  value (or expression).  In addition, the server logic has been extended to
  use the value of the host name declaration if use-host-decl-names is enabled
  and no other value is available.
  [ISC-Bugs #21323]

- DNS updates were being attempted when dhcp-cache-threshold enabled the use of
  the existing lease and the forward DNS name had not changed.  This has been
  corrected.
  [ISC-Bugs #37368]
  [ISC-Bugs #38686]

- Corrected an issue which caused dhclient to incorrectly form the result when
  prepending or appending to the IPv4 domain-search option, received from the
  server, when either of the values being combined contain compressed
  components.
  [ISC-Bugs #20558]

- Added the server-id-check parameter to the server configuration.
  This parameter allows run-time control over whether or not a server,
  participating in failover, verifies the dhcp-server-identifier option in
  DHCP REQUESTs against the server’s id before processing the request.
  Formerly, enabling this behavior was done at compilation time through
  the use of the #define, SERVER_ID_CHECK, which has been removed from site.h
  The functionality is now only available through the new runtime paramater.
  [ISC-Bugs #37551]

- During startup, when the server encounters a lease whose binding state is
  FTS_BACKUP but whose pool has no configured failover peer, it will reset the
  lease's binding state to FTS_FREE.  This allows the leases to be reclaimed
  by the server after a pool's configuration has changed from failover to
  standalone. Prior to this such leases would remain stuck in the backup state
  making them unavailable for assignment.  Note this conversion will occur
  whether or not the server is compiled for failover.
  [ISC-Bugs #36960]

- Fixed a small issue in the treatment of hosts in the inform processing
  that could cause the response to an inform to include information from
  the wrong scope.  The two examples we've heard of are getting subnet
  instead of group information associated with a host entry, or getting
  global information instead of subnet if the host entry was built via
  omapi.  Thanks to Julien Soula at University of Lille for finding the
  bug and supplying a patch.
  [ISC-Bugs #35712]

- Avoid calling pool_timer() recursively from supersede_lease().  This could
  result in leases changing state incorrectly or delaying the running of the
  leae expiration code.
  [ISC-Bugs #38002]

- Move the check for a PID file and process to be before we rewrite the
  lease file.  This avoids the possibility of starting a second instance
  of a server which changes the current lease file confusing the first
  instance.  This check is only included if the admin hasn't disabled PID
  files.
  [ISC-Bugs #38078]
  [ISC-Bugs #38143]

- In the client code change the way preferred_life and max_life are printed
  for environment variables to be unsigned rather than signed.
  Thanks to Jiri Popelka at Red Hat for the bug report and patch.
  [ISC-Bugs #37084]

- Modified linux packet handling such that packets received via VLAN are now
  seen only by the VLAN interface. Prior to this, such packets were seen by
  both the VLAN interface and its parent (physical) interface, causing the
  server to respond to both.  Note this remains an issue for non-Linux OSs.
  Thanks to Jiri Popelka at Red Hat for the patch.
  [ISC-Bugs #37415]
  [ISC-Bugs #37133]
  [ISC-Bugs #36668]
  [ISC-Bugs #36652]

- Log content has been changed to more directly suggest that admins should
  check for multiple IPv6 clients attempting to use the same DUID when only
  abandoned addresses are available.  Debug level logging will now emit counts
  of the total number of, in-use, and abandoned addresses in a shared subnet
  when the server finds no addresses available for a given DUID.  Lastly,
  threshold logging is now automatically disabled for shared subnets whose
  total number of possible addresses exceeds (2^64)-1.
  [ISC-Bugs #26376]
  [ISC-Bugs #38131]

- Added a global parameter, prefix-length-mode, which may be used to determine
  how the server uses a non-zero value for prefix-length supplied by clients
  when soliciting DHCPv6 prefixes.  The server supports selection modes of:
  ignore, prefer, exact, minimum and maximum which are described in detail in
  the server man pages.  The prior behavior of the server was to only offer a
  prefix whose length exactly matched the prefix-length value requested. If
  no such prefixes were available, the server returned a status of none
  available.  Note the default mode, "exact", provides this same behavior.
  [ISC-Bugs #36780]
  [ISC-Bugs #32228]

- Corrected inconsistencies in dhcrelay's setting the upper interface hop count
  limit such that it now sets it to 32 when the upstream address is a multicast
  address per RFC 3315 Section 20. Prior to this if the -u argument preceded
  the -l argument on the command line or if the same interface was specified
  for both; the logic to set the hop limit count for the upper interface was
  skipped.  This caused the hop count limit to be set to the default value
  (typically 1) in the outbound upstream packets.
  [ISC-Bugs #37426]


			Changes since 4.3.1b1

- Modify the linux and openwrt dhclient scripts to process information
  from a stateless request.  Thanks to Jiri Popelka at Red Hat for the
  bug report and patch.
  [ISC-Bugs #36102]

- Remove more unused RCSID tags.  These weren't noticed in 4.3 as
  the code isn't used anymore but we remove them here to keep the
  code consistent across versions.
  [ISC-Bugs #36451]

			Changes since 4.3.0

- Tidy up several small tickets.
  Correct parsing of DUID from config file, previously the LL type
  was put in the wrong place in the DUID string.
  [ISC-Bugs #20962]
  Add code to parse "do-forward-updates" as well as "do-forward-update"
  Thanks to Jiri Popelka at Red Hat.
  [ISC-Bugs #31328]
  Remove log_priority as it isn't currently used.
  [ISC-Bugs #33397]
  Increase the size of the buffer used for reading interface information.
  [ISC-Bugs #34858]

- Remove an extra set of the msg_controllen variable.
  [ISC-Bugs #21035]

- Add a more understandable error message if a configuration attempts
  to add multiple keys for a single zone.  Thanks to a patch from Jiri
  Popelka at Red Hat.
  [ISC-Bugs #31892]

- Fix some minor issues in the dst code.
  [ISC-Bugs #34172]

- Properly #ifdef functions so that the code can compile without NSUPDATE.
  [ISC-Bugs #35058]

- Update the partner's stos (start time of state, basically when we last
  heard from this partner) field when updating the state in failover.
  [ISC-Bugs #35549]

- Modify the overload processing to allow space for the remote agent ID.
  [ISC-Bugs #35569]
  Handle the ordering of the SUBNET_MASK option even if it is the last
  option in the list.
  [ISC-Bugs #24580]

- Remove the code that allows a server to follow RFC3315 instead of
  the subsequent errata from August 2010 when determining which IAs
  to include if no addresses will be assigned.
  [ISC-Bugs #28938]

- Remove unused RCSID tags.
  [ISC-Bugs #35846]

- Correct the v6 client timing code.  When doing the timing backoff
  for MRT limit it to MRD.
  Thanks to Jiri Popelka at Red Hat for the bug report and fix.
  [ISC-Bugs #21238

- Add a log entry when killing a client and remove the PID files
  when a server, relay or client are killed.
  [ISC-Bugs #16970]
  [ISC-Bugs #17258]

- Some minor cleanups in the client code.
  In addition to checking for dhcpc check for bootpc in the services list.
  [ISC-Bugs #18933]
  Correct the client code to only try to get a lease once when the
  given the "-1" argument.
  Thanks to Jiri Popelka at Red Hat for the bug report and fix.
  [ISC-Bugs #26735]
  When asked for the version don't send the output to syslog.
  [ISC-Bugs #29772]
  Add the next server information to the environment variables for
  use by the client script.  In order to avoid changing the client
  lease file the next server information isn't written to it.
  Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix.
  [ISC-Bugs #33098]

- Several updates to the dhcp server code.
  When not in quiet mode print out the files being used.
  [ISC-Bugs #17551]
  As accessing some pid files may require privileges move the dropping
  of permission bits due to the paranoia patch to be after the pid code.
  Thanks to Jiri Popelka at Red Hat for the bug report and fix.
  [ISC-Bugs #25806]
  When processing a "--version" request don't output the version information
  to syslog.

- Add the "enable-log-pid" build option to the configure script.  When enabled
  this causes the client, server and relay programs to include the PID
  number in syslog messages.
  Thanks to Marius Tomaschewski for the suggestion and proto-patch.
  [ISC-Bugs #29713]

- Add a #define to specify the prefix length used when a client attempts
  to configure an address.  This can be modified by editing includes/site.h.
  By default it is set to 64.  While 128 might be a better choice it would
  also be a change for currently running systems, so we have left it at 64.
  [ISC-Bugs #DHCP-2]

- Add a run time option to the client "-df" to allow the administrator to
  point to a second lease file the client can search for a DUID.  This can
  be used to allow a v4 and a v6 instance of the client to share a DUID.
  The second file will only be searched if there isn't a DUID in the main
  lease file and the DUID will be written out to the main lease file.
  [ISC-Bugs #34886]

- Have the client fsync the lease file to avoid lease corruption if the
  client hibernates or otherwise shuts down.
  [ISC-Bugs #35894]

- Add a check for L2VLAN in bpf.c to help support VLAN interfaces
  Thanks to Steinar Haug for the suggestion.
  [ISC-Bugs #36033]

- Modify the handling of the resolv.conf file to allow the DHCP
  process to start up even if the resolv.conf file has problems.
  [ISC-Bugs #35989]

- Add threshold logging functionality.  Two new options,
  log-threshold-low and log-threshold-high, indicate to the
  server if and when it should log an error message as addresses
  in a pool are used.
  [ISC-Bugs #34487]

- Add code to properly dereference a pointer in the dhclient code
  on an error condition.
  [ISC-Bugs #36194]

- Add code to help clean up soft leases.
  [ISC-Bugs #36304]

- Disable the gentle shutdown functionality until we can determine
  the best way to present it to remove or reduce the side effects.
  [ISC-Bugs #36066]

			Changes since 4.3.0rc1

- None
			Changes since 4.3.0b1

- Tidy up receive packet processing.
  Thanks to Brad Plank of GTA for reporting the issue and suggesting
  a possible patch.
  [ISC-Bugs #34447]

			Changes since 4.3.0a1

- Modify the message displayed when a process hits a fatal error.
  The new message is much shorter and simply points to the README
  and our website for directions on bug submissions.
  [ISC-Bugs #24789]

- Handle an absent resolv.conf file better.
  [ISC-Bugs #35194]

			Changes since 4.2.0 (new features)

- If a client renews before 'dhcp-cache-threshold' percent of its lease
  has elapsed (default 25%), the server will reuse the allocated lease
  (provide a lease within the currently allocated lease-time) rather
  than extend or renew the lease.  This absolves the server of needing
  to perform an fsync() operation on the lease database before reply,
  which improves performance. [ISC-Bugs #22228]
  Updated this patch to support asynchronous DDNS.  If the server is
  attempting to do DDNS on a lease it should be udpated and written to
  disk even if that wouldn't be necessary due to the thresholding.
  [ISC-Bugs #26311]

- The 'no available billing' log line now also logs the name of the last
  matching billing class tried before failing to provide a billing.
  [ISC-Bugs #21759]

- A problem with missing get_hw_addr function when --enable-use-sockets
  was used is now solved on GNU/Linux, BSD and GNU/Hurd systems. Note
  that use-sockets feature was not tested on those systems. Client and
  server code no longer use MAX_PATH constant that is not defined on
  GNU/Hurd systems. [ISC-Bugs #25979]

- Add a perl script in the contrib directory, dhcp-lease-list.pl, which
  can parse v4 lease files and output the lease information in a more
  human friendly manner.  This was written by Christian Hammers with
  some updates by vom and ISC.  This is contributed code and is not
  supported by ISC; however it may be useful to some users.
  [ISC-Bugs #20680]

- Add support in v6 for on-commit, on-expire and on-release.
  [ISC-Bugs #27912]

- Add support for using classes with v6.
  [ISC-Bugs #26510]

- Update the DDNS code to current standards and allow for sharing
  of DDNS entries between v4 and v6 clients.  The new code is used
  if the ddns-update-style is set to "standard", the older code is
  still available if ddns-update-style is set to "interim".  The
  oldest DDNS code "ad-hoc" has been removed.  Thanks to Thomas Pegeot
  who submitted a patch for this issue.  This patch is based on
  that work with some modifications.
  [ISC-Bugs #21139]

- Add a configuration option to the server to suppress using fsync().
  Enabling this option will mean that fsync() is never called.  This
  may provide better performance but there is also a risk that a lease
  will not be properly written to the disk after it has been issued
  to a client and before the server stops.  Using this option is
  not recommended.
  [ISC-Bugs #34810]

- Add some logging statements to indicate when the server is ready
  to serve.  One statement is emitted after the server has finished
  reading its files and is about to enter the dispatch loop.
  This is "Server starting service.".
  The second is emitted when a server determines that both it and
  its failover peer are in the normal state.
  This is "failover peer <name>: Both servers normal."
  [ISC-Bugs #33208]

- Add support for accessing options from v6 relays.  The v6relay
  statement allows the administrator to choose which relay to
  use when searching for an option, see the dhcp-options man page
  for a description.  The host-identifier option has also been
  updated to support the use of relay options, see the dhcpd.conf
  man page for a description.
  [ISC-Bugs #19598]

- When doing DDNS if there isn't an appropriate zone statement attempt
  to find a reasonable nameserver via a DNS resolver.  This restores
  some functionality that was lost in the transition to asynchronous
  DDNS.  Due to the lack of security and increase in fragility of the
  system when using this feature we strongly recommend the use of
  appropriate zone statements rather than using this functionality.
  [ISC-Bugs #30461]

- Add support for specifying the address from which to send
  DDNS updates on the DHCP server.  There are two new options
  "ddns-local-address4" and "ddns-local-address6" that each take
  one instance of their respective address types.
  [ISC-Bugs #34779]

- Add ignore-client-uids option in the server.  This option causes
  the server to not record a client's uid in its lease.  This
  violates the specification but may also be useful when a client
  can dual boot using different client ids but the same mac address.
  Thank you to Brian De Wolf at Cal Poly Pomona for the patch.
  [ISC-Bugs #32427]
  [ISC-Bugs #35066]

- Extend the DHCPINFORM processing to honor the subnet selection option
  and take host declarations into account.
  Thanks to Christof Chen for testing and submitting the patch.
  [ISC-Bugs #35015]

- Extend the hardware expression to look into the lease structure
  for a hardware address if there is no packet.  This allows the
  server to find the hardware address during on-expiry processing.
  [ISC-Bugs #24584]

- Add definitions for some options that have been specified by the IETF.
  [ISC-Bugs #29268]
  [ISC-Bugs #35198]

			Changes since 4.2.0 (bug fixes)

- When using 'ignore client-updates;', the FQDN returned to the client
  is no longer truncated to one octet.

- Cleaned up an unused hardware address variable in nak_lease().

- Manpage entries for the ia-pd and ia-prefix options were updated to
  reflect support for prefix delegation.

- Cleaned up some compiler warnings

- An optimization described in the failover protocol draft is now included,
  which permits a DHCP server operating in communications-interrupted state
  to 'rewind' a lease to the state most recently transmitted to its peer,
  greatly increasing a server's endurance in communications-interrupted.
  This is supported using a new 'rewind state' record on the dhcpd.leases
  entry for each lease.

- Fix the trace code which was broken by the changes to the DDNS code.

- Update the fsync code to work with the changes to the DDNS code.  It now
  uses a timer instead of noticing if there are no more packets to process.

- When constructing the DNS name structure from a text string append
  the root to relative names.  This satisfies a requirement in the DNS
  library that names be absolute instead of relative and prevents DHCP
  from crashing.  [ISC-Bugs #21054]

- "The LDAP Patch" that has been circulating for some time, written by
  Brian Masney and S.Kalyanasundraram and maintained for application to
  the DHCP-4 sources by David Cantrell has been included.  Please be
  advised that these sources were contributed, and do not yet meet the
  high standards we place on production sources we include by default.
  As a result, the LDAP features are only included by using a compile-time
  option which defaults off, and if you enable it you do so under your
  own recognizance.  We will be improving this software over time.
  [ISC-Bugs #17741]

- Prohibit including lease time information in a response to a DHCP INFORM.
  [ISC-Bugs #21092]

! Accept a client id of length 0 while hashing.  Previously the server would
  exit if it attempted to hash a zero length client id, providing attackers
  with a simple denial of service attack.  [ISC-Bugs #21253]
  CERT: VU#541921 - CVE: CVE-2010-2156

- A memory leak in ddns processing was closed.  [ISC-Bugs #21377]

- Modify the exception handling for initial context creation.  Previously
  we would try and clean up before exiting.  This could present problems
  when the cleanup required part of the context that wasn't available.  It
  also didn't do much as we exited afterwards anyway.   Now we simply log
  the error and exit. [ISC-Bugs #21093]

- A bug was fixed that could cause the DHCPv6 server to advertise/assign a
  previously allocated (active) lease to a client that has changed subnets,
  despite being on different shared networks.  Dynamic prefixes specifically
  allocated in shared networks also now are not offered if the client has
  moved.  [ISC-Bugs #21152]

- Add some debugging output for use with the DDNS code. [ISC-Bugs #20916]

- Fix the trace code to handle timing events better and to truncate a file
  before using instead of overwriting it.  [ISC-Bugs #20969]

- Modify the determination of the default TTL to use for DDNS updates.
  The user may still configure the ttl via ddns-ttl.  The default for
  both v4 and v6 is now 1/2 the (preferred) lease time with a limit.  The
  previous defaults (1/2 lease time without a limit for v4 and a default
  value for v6) may be used by defining USE_OLD_DDNS_TTL in site.h
  [ISC-Bugs #21126]

- libisc/libdns is now brought up to version 9.7.1rc1.  This corrects
  three reported flaws in ISC DHCP;

  o DHCP processes (dhcpd, dhclient) fail to start if one of either the
    IPv4 or IPv6 address families is not present.  [ISC-Bugs #21122]

  o Assertion failure when attempting to cancel a previously running DDNS
    update.  [ISC-Bugs #21133]

  o Compilation failure of libisc/libdns due to the use of a flexible
    array member.  [ISC-Bugs #21316]

- Add declaration for variable in debug code in alloc.c.  [ISC-Bugs #21472]

- Documentation cleanup covering multiple tickets
  [ISC-Bugs #20265] [ISC-Bugs #20259] minor cleanup
  [ISC-Bugs #20263] add text describing some default values
  [ISC-Bugs #20193] single quotes at the start of a line indicate a control
  line to nroff, escape them if we actually want a quote.
  [ISC-Bugs #18916] sync the pointer to web pages amongst the different docs

- 'get-host-names true;' now also works even if 'use-host-decl-names true;'
  was also configured.  The nature of this repair also fixes another
  error; the host-name supplied by a client is no longer overridden by a
  reverse lookup of the lease address.  Thanks to a patch from Wilco Baan
  Hofman supplied to us by the Debian package maintenance team.
  [ISC-Bugs #21691] {Debian Bug#509445}

- The .TH tag for the dhcp-options manpage was typo repaired
  thanks to a report from jidanni and the Debian package maintenance
  team.  [ISC-Bugs #21676] {Debian Bug#563613}

- More documentation changes - primarily to put the options in the dhclient
  and dhcpd man pages into the standard form.  Thanks in part to a patch
  from David Cantrell at Red Hat.
  [ISC-Bugs #20264] and parts of [ISC-Bugs #17744] dhclient.8 changes

- Add code to clear the pointer to an object in an OMAPI handle when the
  object is freed due to a dereference.  [ISC-Bugs #21306]

- Fixed a bug that leaks host record references onto lease structures,
  causing the server to apply configuration intended for one host to any
  other innocent clients that come along later.  [ISC-Bugs #22018]

- Minor code fixes
  [ISC-Bugs #19566] When trying to find the zone for a name for ddns allow
  the name to be at the apex of the zone.
  [ISC-Bugs #19617] Restrict length of interface name read from command line
  in dhcpd - based on a patch from David Cantrell at Red Hat.
  [ISC-Bugs #20039] Correct some error messages in dhcpd.c
  [ISC-Bugs #20070] Better range check on values when creating a DHCID.
  [ISC-Bugs #20198] Avoid writing past the end of the field when adding
  overly long file or server names to a packet and add a log message
  if the configuration supplied overly long names for these fields.
  Thanks to Martin Pala.
  [ISC-Bugs #21497] Add a little more randomness to rng seed in client
  thanks to a patch from Jeremiah Jinno.

- Correct error handling in DLPI [ISC-Bugs #20378]

- Remove __sun__ and __hpux__ typedefs in osdep.h as they are now being
  checked in configure.  [ISC-Bugs #20443]

- Modify how the cmsg header is allocated the v6 send and received routines
  to compile on more compilers.  [ISC-Bugs #20524]

- When parsing a domain name free the memory for the name after we are
  done with it.  [ISC-Bugs #20824]

- Add an elapsed time option to the release message and refactor the
  code to move most of the common code to a single routine.
  [ISC-Bugs #21171].

- Two identical log messages for commit_leases() have been disambiguated.
  [ISC-Bugs #18915]

- Parse date strings more properly - the code now handles semi-colons in
  date strings correctly.  Thanks to a patch from Jiri Popelka at Red Hat.
  [ISC-Bugs #21501, #20598]

- Fixes to lease input and output.
  [ISC-Bugs #20418] - Some systems don't support the "%s" argument to
  strftime, paste together the same string using mktime instead.
  [ISC-Bugs #19596] - When parsing iaid values accept printable
  characters.
  [ISC-Bugs #21585] - Always print time values in omshell as hex
  instead of ascii if the values happen to be printable characters.

- Minor changes for scripts, configure.ac and Makefiles
  [ISC-Bugs #19147] Use domain-search instead of domain-name in manual and
                    example conf file.  Thanks to a patch from David Cantrell
                    at Red Hat.
  [ISC-Bugs #19761] Restore address when doing a rebind in DHCPv6
  [ISC-Bugs #19945] Properly close the quote on some arguments.
  [ISC-Bugs #20952] Add 64 bit types to configure.ac
  [ISC-Bugs #21308] Add "PATH=" to CLIENT_PATH envrionment variable

- Update the code to parse dhcpv6 lease files to accept a semi-colon at
  the end of the max-life and preferred-life clauses.  In order to be
  backwards compatible with older lease files not finding a semi-colon
  is also accepted.  [ISC-Bugs #22303].

! Handle a relay forward message with an unspecified address in the
  link address field.  Previously such a message would cause the
  server to crash.  Thanks to a report from John Gibbons.  [ISC-Bugs #21992]
  CERT: VU#102047 CVE: CVE-2010-3611

- ./configure on longer searches for -lcrypto to explicitly link against.
  This fixes a bug where 'dhclient' would have shared library dependencies
  on '/usr/lib'.  [ISC-Bugs #21967]

- Handle pipe failures more gracefully.  Some OSes pass a SIGPIPE
  signal to a process and will kill the process if the signal isn't
  caught.  This patch adds code to turn off the SIGPIPE signal via
  a setsockopt() call.  The signal is already being ignored as part
  of the ISC library.  [ISC-Bugs #22269]

- Restore printing of values in omshell to the style pre 21585.  For
  21585 we changed the print routines to always display time values
  as a hex list.  This had a side effect of printing all data strings
  as a hex list.  We shall investigate other ways of displaying time
  values more usefully.  [ISC-Bugs #22626]

! Fix the handling of connection requests on the failover port.
  Previously a connection request from a source that wasn't
  listed as a failover peer would cause the server to become
  non-responsive.  Thanks to a report from Brad Bendily, brad@bendily.com.
  [ISC-Bugs #22679]
  CERT: VU#159528 CVE: CVE-2010-3616

- Don't pass the ISC_R_INPROGRESS status to the omapi signal handlers.
  Passing it through to the handlers caused the omshell program to fail
  to connect to the server.  [ISC-Bugs #21839]

- Fix the paranthesis in the code to process configuration statements
  beginning with "auth".  The previous arrangement caused
  "auto-partner-down" to be processed incorrectly.  [ISC-Bugs #21854]

- Limit the timeout period allowed in the dispatch code to 2^^32-1 seconds.
  Thanks to a report from Jiri Popelka at Red Hat.
  [ISC-Bugs #22033], [Red Hat Bug #628258]

- When processing the format flags for a given option consume the
  flag indicating an optional value correctly.  A symptom of this
  bug was an infinite loop when trying to parse the slp-service-scope
  option.  Thanks to a patch from Marius Tomaschewski.
  [ISC-Bugs #22055]

- Disable the use of kqueue in the ISC library.  This avoids a problem
  between the fork and socket code that caused the dhcpd process to
  use all available cpu if the program daemonized itself.
  [ISC-Bugs #21911]

! When processing a request in the DHCPv6 server code that specifies
  an address that is tagged as abandoned (meaning we received a
  decline request for it previously) don't attempt to move it from
  the inactive to active pool as doing so can result in the server
  crashing on an assert failure.  Also retag the lease as active
  and reset its timeout value.
  [ISC-Bugs #21921]

- Removed the restriction on using IPv6 addresses in IPv4 mode.  This
  allows IPv4 options which contain IPv6 addresses to be specified.  For
  example the 6rd option can be specified and used like this:
  [ISC-Bugs #23039]

	option 6rd code 212 = { integer 8, integer 8,
				ip6-address, array of ip-address };
	option 6rd 16 10 2001:: 1.2.3.4, 5.6.7.8;

- Handle some DDNS corner cases better.  Maintain the DDNS transaction
  information when updating a lease and cancel any existing transactions
  when removing the ddns information.
  [ISC-Bugs #23103]

- Some fixes for LDAP
  [ISC-Bugs #21783] - Include lber library when building ldap
  [ISC-Bugs #22888] - Enable the ldap code when buidling common
  The above fixes are from Jiri Popelka at Red Hat.

- Modify the dlpi code to accept getmsg() returning a positive value.
  [ISC-Bugs #22824]

! In dhclient check the data for some string options for
  reasonableness before passing it along to the script that
  interfaces with the OS.
  [ISC-Bugs #23722]
  CVE: CVE-2011-0997

- DHCPv6 server now responds properly if client asks for a prefix that
  is already assigned to a different client. [ISC-Bugs #23948]

- Add the option "--no-pid" to the client, relay and server code,
  to disable writing a pid file.  Add the option "-pf pidfile"
  to the relay to allow the user to supply the pidfile name at
  runtime.  Add the "with-relay6-pid-file" option to configure
  to allow the user to supply the pidfile name for the relay
  in v6 mode at configure time.
  [ISC-Bugs #23351] [ISC-Bugs #17541]

- 'dhclient' no longer waits a random interval after first starting up to
  begin in the INIT state.  This conforms to RFC 2131, but elects not to
  implement a 'SHOULD' direction in section 4.1. The goal of this change
  is to start up faster. [ISC-Bugs #19660]

- Added 'initial-delay' parameter that specifies maximum amount of time
  before client goes to the INIT state. The default value is 0. In previous
  versions of the code client could wait up to 5 seconds. The old behavior
  may be restored by using 'initial-delay 5;' in the client config file.
  [ISC-Bugs #19660]

- ICMP ping-check should now sit closer to precisely the number of seconds
  configured (or default 1), due to making use of the new microsecond
  scale timer internally to dhcpd.  This corrects a bug where the server
  may immediately timeout an ICMP ping-check if it was made late in the
  current second. [ISC-Bugs #19660]

- The DHCP client will schedule renewal and rebinding events in
  microseconds if the DHCP server provided a lease-time that would result
  in sub-1-second timers.  This corrects a bug where a 2-second or lower
  lease-time would cause the DHCP client to enter an infinite loop by
  scheduling renewal at zero seconds. [ISC-Bugs #19660]

- Client lease records are recorded at most once every 15 seconds.  This
  keeps the client from filling the lease database disk quickly on very small
  lease times. [ISC-Bugs #19660]

- To defend against RFC 2131 non-compliant DHCP servers which fail to
  advertise a lease-time (either mangled, or zero in value) the DHCP
  client now adds the server to the reject list ACL and returns to INIT
  state to hopefully find an RFC 2131 compliant server (or retry in INIT
  forever). [ISC-Bugs #19660]

- Parameters configured to evaluate from user defined function calls can
  now be correctly written to dhcpd.leases (as on 'on events' or dynamic
  host records inserted via OMAPI).  [ISC-Bugs #22266]

- If a 'next-server' parameter is configured in a dynamic host record via
  OMAPI as a domain name, the syntax written to disk is now correctly parsed
  upon restart.  [ISC-Bugs #22266]

- The DHCP server now responds to DHCPLEASEQUERY messages from agents using
  IP addresses not covered by a subnet in configuration.  Whether or not to
  respond to such an agent is still governed by the 'allow leasequery;'
  configuration parameter, in the case of an agent not covered by a configured
  subnet the root configuration area is examined. Server now also returns
  vendor-class-id option, if client sent it. [ISC-Bugs #21094]

- Documentation fixes
  [ISC-Bugs #17959] add text to AIX section describing how to have it send
  responses to the all-ones address.
  [ISC-Bugs #19615] update the includes in dhcpctl/dhcpctl.3 to be more correct
  [ISC-Bugs #20676] update dhcpd.conf.5 to include the RFC numbers for DDNS

- Relay no longer crashes, when DHCP packet is received over interface without
  any IPv4 address assigned. Also extended logging message about discarding
  packets with invalid hlen with information about relevant interface name.
  [ISC-Bugs #22409]

- Relay now properly logs that packet was received over interface without
  global IPv6 address [ISC-Bugs #24070]

- Linux Packet Filter interface improvement. sockaddr_pkt structure is used,
  rather than sockaddr. Packet ethertype is now forced to ETH_P_IP.
  [ISC-Bugs #18975]

- Minor code cleanups - but note port change for #23196
  [ISC-Bugs #23470] - Modify when an ignore return macro is defined to
  handle unsed error return warnings for more versions of gcc.
  [ISC-Bugs #23196] - Modify the reply handling in the server code to
  send to a specified port rather than to the source port for the incoming
  message.  Sending to the source port was test code that should have
  been removed.  The previous functionality may be restored by defining
  REPLY_TO_SOURCE_PORT in the includes/site.h file.  We suggest you don't
  enable this except for testing purposes.
  [ISC-Bugs #22695] - Close a file descriptor in an error path.
  [ISC-Bugs #19368] - Tidy up variable types in validate_port.

- Code cleanup: remove obsolete PROTO, KandR, INLINE and ANSI_DECL macros
  [ISC-Bugs #13151]

- Compilation problem with gcc4.5 and omshell.c resolved. [ISC-Bugs #23831]

- Client Script fixes
  [ISC-Bugs #23045] Typos in client/scripts/openbsd
  [ISC-Bugs #23565] In the client scripts add a zone id (interface id) if
  the domain search address is link local.
  [ISC-Bugs #1277] In some of the client scripts add code to handle the
  case of the default router information being changed without the address
  being changed.

- Documentation cleanup
  [ISC-Bugs #23326] Updated References document, several man page updates

- Server no longer complains about NULL pointer when configured
  server-identifier expression fails to evaluate. [ISC-Bugs #24547]

- Convert ISC_R_INPROGRESS status to ISC_R_SUCCESS when called from other
  than the dispatch handler.  This fixes an issue where omshell, when
  run from the same platform as the server, would appear to fail to
  connect.  This is a companion to #21839.  [ISC-Bugs #23592]

- Enlarge the buffer size used by the Omshell code and some of the
  print routines to allow for greater than 60 characters or, when
  printing as hex strings, 20 characters.  [ISC-Bugs #22743]

- In Solaris 11 switch to using sockets instead of DLPI, thanks
  to a patch form Oracle.  [ISC-Bugs #24634].

- Strict checks for content of domain-name DHCPv4 option can now be
  configured during compilation time. Even though RFC2132 does not allow
  to store more than one domain in domain-name option, such behavior is
  now enabled by default, but this may change some time in the future.
  See ACCEPT_LIST_IN_DOMAIN_NAME define in includes/site.h.
  [ISC-Bugs #24167]

- DNS Update fix. A misconfigured server could crash during DNS update
  processing if the configuration included overlapping pools or
  multiple fixed-address entries for a single address.  This issue
  affected both IPv4 and IPv6. The fix allows a server to detect such
  conditions, provides the user with extra information and recommended
  steps to fix the problem.  If the user enables the appropriate option
  in site.h then server will be terminated
  [ISC-Bugs #23595]

! Two packets were found that cause a server to halt.  The code
  has been updated to properly process or reject the packets as
  appropriate.  Thanks to David Zych at University of Illinois
  for reporting this issue.  [ISC-Bugs #24960]
  One CVE number for each class of packet.
  CVE-2011-2748
  CVE-2011-2749

- Fix the code that checks for an existing DDNS transaction to cancel
  when removing DDNS information, so that we will continue with the
  processing if we have a lease even if it doesn't have an outstanding
  transaction.  [ISC-Bugs #24682]

- Add AM_MAINTAINER_MODE to configure.ac to avoid rebuilding
  configuration files.  [ISC-Bugs #24107]

- Add support for passing DDNS information to a DNS server over
  an IPv6 address.  [ISC-Bugs #22647]

- Enhanced patch for 23595 to handle IPv4 fixed addresses more
  cleanly.  [ISC-Bugs #23595]

! Add a check for a null pointer before calling the regexec function.
  Without this check we could, under some circumstances, pass
  a null pointer to the regexec function causing it to segfault.
  Thanks to a report from BlueCat Networks.
  [ISC-Bugs #26704].
  CVE: CVE-2011-4539

! Modify the DDNS handling code.  In a previous patch we added logging
  code to the DDNS handling.  This code included a bug that caused it
  to attempt to dereference a NULL pointer and eventually segfault.
  While reviewing the code as we addressed this problem, we determined
  that some of the updates to the lease structures would not work as
  planned since the structures being updated were in the process of
  being freed: these updates were removed.  In addition we removed an
  incorrect call to the DDNS removal function that could cause a failure
  during the removal of DDNS information from the DNS server.
  Thanks to Jasper Jongmans for reporting this issue.
  [ISC-Bugs #27078]
  CVE: CVE-2011-4868

- Fixed the code that checks if an address the server is planning
  to hand out is in a reserved range.  This would appear as
  the server being out of addresses in pools with particular ranges.
  [ISC-Bugs #26498]

- In the DDNS code handle error conditions more gracefully and add more
  logging code.  The major change is to handle unexpected cancel events
  from the DNS client code.
  [ISC-Bugs #26287]

- Tidy up the receive calls and eliminate the need for found_pkt.