From bc639769e829623b7512ec1b463be16cefe5127f Mon Sep 17 00:00:00 2001 From: geos_one Date: Sun, 8 Jun 2008 13:25:18 +0000 Subject: [PATCH] Add ldap patched bind and dhcp git-svn-id: https://svn.disconnected-by-peer.at/svn/linamh/trunk/linamh@373 6952d904-891a-0410-993b-d76249ca496b --- net-dns/bind/Manifest | 35 + net-dns/bind/bind-9.5.0-r1.ebuild | 291 + net-dns/bind/files/10bind.env | 1 + net-dns/bind/files/127.zone | 11 + .../bind/files/bind-9.2.5-berkdb_fix.patch | 11 + net-dns/bind/files/bind-9.2.5-dlz-mysql.patch | 402 ++ net-dns/bind/files/bind-9.2.5-mysql.patch | 402 ++ .../files/bind-9.2.8-missing_odbc_test.patch | 20 + .../files/bind-9.3.2-missing_odbc_test.patch | 20 + net-dns/bind/files/bind-9.3.2-sdb-ldap.patch | 47 + .../files/bind-9.3.4-missing_odbc_test.patch | 20 + .../bind-9.4.0-dlzbdb-close_cursor.patch | 11 + .../bind/files/bind-dlzbdb-close_cursor.patch | 11 + net-dns/bind/files/bind-dlzbdb-includes.patch | 12 + .../bind/files/bind-dlzmysql5-reconnect.patch | 59 + net-dns/bind/files/localhost.zone | 9 + net-dns/bind/files/localhost.zone-r1 | 9 + net-dns/bind/files/localhost.zone-r2 | 11 + net-dns/bind/files/named.ca | 85 + net-dns/bind/files/named.conf-r2 | 42 + net-dns/bind/files/named.conf-r3 | 53 + net-dns/bind/files/named.confd | 13 + net-dns/bind/files/named.confd-r1 | 16 + net-dns/bind/files/named.confd-r2 | 20 + net-dns/bind/files/named.init | 72 + net-dns/bind/files/named.init-r2 | 66 + net-dns/bind/files/named.init-r3 | 66 + net-dns/bind/files/named.init-r4 | 70 + net-dns/bind/files/named.init-r5 | 71 + net-dns/bind/files/named.rc | 72 + net-dns/bind/files/named.rc6 | 66 + net-dns/bind/files/named.rc6-pid_fix | 13 + net-dns/bind/files/named.rc6-smart_pid_fix | 42 + net-misc/dhcp/Manifest | 26 + net-misc/dhcp/dhcp-3.1.0-r1.ebuild | 244 + .../dhcp/files/dhcp-3.0-ddns-example.patch | 13 + net-misc/dhcp/files/dhcp-3.0-fix-perms.patch | 15 + net-misc/dhcp/files/dhcp-3.0-paranoia.patch | 207 + net-misc/dhcp/files/dhcp-3.0.2-gmake.patch | 66 + .../dhcp/files/dhcp-3.0.3-dhclient-dbus.patch | 84 + .../files/dhcp-3.0.3-dhclient-hostname.patch | 16 + .../files/dhcp-3.0.3-dhclient-metric.patch | 200 + .../dhcp/files/dhcp-3.0.3-dhclient-mtu.patch | 180 + .../files/dhcp-3.0.3-dhclient-no-down.patch | 70 + .../dhcp/files/dhcp-3.0.3-dhclient-ntp.patch | 186 + .../dhcp-3.0.3-dhclient-resolvconf.patch | 191 + .../dhcp-3.0.3-dhclient-stdin-conf.patch | 77 + net-misc/dhcp/files/dhcp-3.0.3-libdst.patch | 14 + .../dhcp/files/dhcp-3.0.3-no_isc_blurb.patch | 105 + net-misc/dhcp/files/dhcp-3.0.3-tr.patch | 12 + net-misc/dhcp/files/dhcp-3.0.3-x-option.patch | 216 + .../dhcp-3.0.4-dhclient-stdin-conf.patch | 83 + .../files/dhcp-3.0.5-bpf-nofallback.patch | 44 + net-misc/dhcp/files/dhcp-3.1.0-ldap.patch | 5514 +++++++++++++++++ .../dhcp-3.1.0a1-dhclient-resolvconf.patch | 254 + net-misc/dhcp/files/dhcpd.conf | 29 + net-misc/dhcp/files/dhcpd.init | 71 + net-misc/dhcp/files/dhcrelay.conf | 13 + net-misc/dhcp/files/dhcrelay.init | 32 + sys-devel/llvm/Manifest | 15 +- 60 files changed, 10114 insertions(+), 12 deletions(-) create mode 100644 net-dns/bind/Manifest create mode 100644 net-dns/bind/bind-9.5.0-r1.ebuild create mode 100644 net-dns/bind/files/10bind.env create mode 100644 net-dns/bind/files/127.zone create mode 100644 net-dns/bind/files/bind-9.2.5-berkdb_fix.patch create mode 100644 net-dns/bind/files/bind-9.2.5-dlz-mysql.patch create mode 100644 net-dns/bind/files/bind-9.2.5-mysql.patch create mode 100644 net-dns/bind/files/bind-9.2.8-missing_odbc_test.patch create mode 100644 net-dns/bind/files/bind-9.3.2-missing_odbc_test.patch create mode 100644 net-dns/bind/files/bind-9.3.2-sdb-ldap.patch create mode 100644 net-dns/bind/files/bind-9.3.4-missing_odbc_test.patch create mode 100644 net-dns/bind/files/bind-9.4.0-dlzbdb-close_cursor.patch create mode 100644 net-dns/bind/files/bind-dlzbdb-close_cursor.patch create mode 100644 net-dns/bind/files/bind-dlzbdb-includes.patch create mode 100644 net-dns/bind/files/bind-dlzmysql5-reconnect.patch create mode 100644 net-dns/bind/files/localhost.zone create mode 100644 net-dns/bind/files/localhost.zone-r1 create mode 100644 net-dns/bind/files/localhost.zone-r2 create mode 100644 net-dns/bind/files/named.ca create mode 100644 net-dns/bind/files/named.conf-r2 create mode 100644 net-dns/bind/files/named.conf-r3 create mode 100644 net-dns/bind/files/named.confd create mode 100644 net-dns/bind/files/named.confd-r1 create mode 100644 net-dns/bind/files/named.confd-r2 create mode 100755 net-dns/bind/files/named.init create mode 100755 net-dns/bind/files/named.init-r2 create mode 100755 net-dns/bind/files/named.init-r3 create mode 100755 net-dns/bind/files/named.init-r4 create mode 100755 net-dns/bind/files/named.init-r5 create mode 100755 net-dns/bind/files/named.rc create mode 100755 net-dns/bind/files/named.rc6 create mode 100644 net-dns/bind/files/named.rc6-pid_fix create mode 100644 net-dns/bind/files/named.rc6-smart_pid_fix create mode 100644 net-misc/dhcp/Manifest create mode 100644 net-misc/dhcp/dhcp-3.1.0-r1.ebuild create mode 100644 net-misc/dhcp/files/dhcp-3.0-ddns-example.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0-fix-perms.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0-paranoia.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.2-gmake.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-dbus.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-hostname.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-metric.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-mtu.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-no-down.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-ntp.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-resolvconf.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-dhclient-stdin-conf.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-libdst.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-no_isc_blurb.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-tr.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.3-x-option.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.4-dhclient-stdin-conf.patch create mode 100644 net-misc/dhcp/files/dhcp-3.0.5-bpf-nofallback.patch create mode 100644 net-misc/dhcp/files/dhcp-3.1.0-ldap.patch create mode 100644 net-misc/dhcp/files/dhcp-3.1.0a1-dhclient-resolvconf.patch create mode 100644 net-misc/dhcp/files/dhcpd.conf create mode 100644 net-misc/dhcp/files/dhcpd.init create mode 100644 net-misc/dhcp/files/dhcrelay.conf create mode 100644 net-misc/dhcp/files/dhcrelay.init diff --git a/net-dns/bind/Manifest b/net-dns/bind/Manifest new file mode 100644 index 00000000..db4fe23f --- /dev/null +++ b/net-dns/bind/Manifest @@ -0,0 +1,35 @@ +AUX 10bind.env 27 RMD160 872245707b4f72a212cda162c59495744d77a6e3 SHA1 7b8c1abd5910bb7a07c6b7c820c2b34a534b2593 SHA256 5ad6a4402372b43809618051873b63646746f400447bba30dc4dfecd028e3650 +AUX 127.zone 227 RMD160 66ab92f201d71da613702a85806d2e8d27f6516f SHA1 6787635fd44b1f29dc34b31053ca28e4353f69e0 SHA256 65b909fc1398dfa5b532ab395d6920758937093cf7e5b5bec8242dff4fe15e89 +AUX bind-9.2.5-berkdb_fix.patch 537 RMD160 db4a569f94447687410d6c0145790185a5e2b177 SHA1 e21f0148987e79a27a5d3c662223fb743a67f6c9 SHA256 f2602bb014e5e60da50019447aefadff4ff352467ed9c360aaaec01b54115ff8 +AUX bind-9.2.5-dlz-mysql.patch 11296 RMD160 8a414c89c2479ad1e0212b0d6e263bbc77bed4e8 SHA1 019b83f2f87919820267d473b05d57d2052c921d SHA256 c7130b90a0afa27d91117466a6e09783b43a0ae9227e86d9f2d7e08b89539b37 +AUX bind-9.2.5-mysql.patch 11315 RMD160 6161e9ebaed3b13a64d3cc17edcce8a0e64e48fc SHA1 d22cf2f08c1f4a923513c8ae06a596ac51c2441c SHA256 f275c2f5566bdc57dbe54c6a17db4397f54999715bda1c06a5457b10a8dbbc94 +AUX bind-9.2.8-missing_odbc_test.patch 613 RMD160 ec141cef65e470dfc8df4c641ec96bfbd5d8cdd1 SHA1 dbc3a933cac7e474fa62fb2f71e50be91825b963 SHA256 5e6465bdb01cbb662333cc2b0a00ad51905a0cda2eb6b7abc3a0b2dd3e701f4e +AUX bind-9.3.2-missing_odbc_test.patch 613 RMD160 ec141cef65e470dfc8df4c641ec96bfbd5d8cdd1 SHA1 dbc3a933cac7e474fa62fb2f71e50be91825b963 SHA256 5e6465bdb01cbb662333cc2b0a00ad51905a0cda2eb6b7abc3a0b2dd3e701f4e +AUX bind-9.3.2-sdb-ldap.patch 1466 RMD160 7dad010d273e0975ef661280460932dbd29fc888 SHA1 077279fdb2b5c44ef40638ae7cad402e6d96d29d SHA256 306910a891dcc28bb520c7e663d021f7786eba4d5cf0bd573b7fbcc63812abee +AUX bind-9.3.4-missing_odbc_test.patch 613 RMD160 ec141cef65e470dfc8df4c641ec96bfbd5d8cdd1 SHA1 dbc3a933cac7e474fa62fb2f71e50be91825b963 SHA256 5e6465bdb01cbb662333cc2b0a00ad51905a0cda2eb6b7abc3a0b2dd3e701f4e +AUX bind-9.4.0-dlzbdb-close_cursor.patch 338 RMD160 3c92206a6c77ac8e9ea854dfc22fda5753b653a9 SHA1 903383e2b142d76a73030c27f2cdab8d100df150 SHA256 4a004d72565d6db683b879851ae8dfaddcf1b39fd0f97a995d9c5d22d72c6395 +AUX bind-dlzbdb-close_cursor.patch 307 RMD160 1bbf09d393b5db40b483a952db5f39fe60efda7c SHA1 4214a98ca49b6b85366f85d40dd9d5bbfd008151 SHA256 e18fb5668ffaa540d8ec3e01fe40b1f0d1c562a094c06fa902ef67953daed9f5 +AUX bind-dlzbdb-includes.patch 465 RMD160 07e120527c34ebc044f1312e491a8d8dc13ec558 SHA1 0184830214317aac4c2f60a8eeabdbbdbf3b2276 SHA256 16ac0b8ba61287a2172c99ab21dd66d0a46b104ef34f710da5933720604f70c6 +AUX bind-dlzmysql5-reconnect.patch 1842 RMD160 687f6128b6511dbeecdfc81b197520b1afd74005 SHA1 7b9b8e1b85f1344e4b5d8566ab868fcb1e87a049 SHA256 7376ac37c2d3fbcf5d8e886008639bdbe642f44c9021f435af370bddd3f03bd4 +AUX localhost.zone 412 RMD160 74d734f124f9078c300d089218536bcb108643d9 SHA1 8ed1efa7ba9560f59eff83712b65a4d75cee8340 SHA256 a67891fb66beb12999ade1b599f57a349337ec9a7f941962db94ac5816bc4088 +AUX localhost.zone-r1 419 RMD160 4013a4c855081d823c3b17f898e483d96eac2c3a SHA1 e0c5329c72039b6abd5dca60199aee2b617475f3 SHA256 bb7ec96335f265f7d6d21b6dd63e0a794477c0ec2675864a4851717a72ac447f +AUX localhost.zone-r2 423 RMD160 d4b5c18d7f1678595799320b0bfa238d23e5119e SHA1 0e7bdf1cf307b553a572a6775efd69d9a254a77c SHA256 b6dff70386920adb21883566610b0a45b9de5a3847a870e4ad1902c5c7900399 +AUX named.ca 2878 RMD160 f374039998071794501461ccc13012c052b7d117 SHA1 c2f8c46a51493e4209fca6c3f2ba7755ae6dcf2b SHA256 0bd88f7f5cab2f872d3619700e382c1df6837a8aacf28cf6a0bf336742a0ee56 +AUX named.conf-r2 768 RMD160 911a089113451cf0ac58446069f6046b90f3250a SHA1 60ae31cde6a84694a1773de862c423c150e2f974 SHA256 1f6f47647c9e332ed6636f2b154cb23adad9ee53a50d0cec16b6243547418fb4 +AUX named.conf-r3 1314 RMD160 b8189eaac58eb27b612eacc66826802748e145ca SHA1 d8b2af94a89472ed0b767bdebadcfebcbf6ddfd3 SHA256 ab2f7305e9a1d30406528c5ef079beb4970c89572e90d57bb5ddb27b8126ad13 +AUX named.confd 319 RMD160 621fa073325cba947ffe63f7ff2867128bd90193 SHA1 c4fb9131c5b9b245ac247a2c0233dcb3bfa834da SHA256 c61a8f3b2488e0b007c9441a761026a94c40537acec4dbf7a9f8d22a14c4f3e0 +AUX named.confd-r1 392 RMD160 eb80118694d541aeb06df96473ca7d226adf0f6c SHA1 8a0a19237cb661c9d10f545041783edc0f3795ce SHA256 7f985999486b6cfea652b7a7470976bc703c259ef8cbc1cedc3eaacb302805a6 +AUX named.confd-r2 479 RMD160 0a0452bf9bb6f18d4628ee72abe82a52d484a2cb SHA1 d0b0e2f5d72d43862c5aaff9a226fd8599992323 SHA256 bae05257852ecbc7f66bd30e452162f15b6f6e8c3fc170fb6dfdfa7d22361915 +AUX named.init 1641 RMD160 8f6ff9334b258a1167ac02572391bc4c71d946d2 SHA1 1dd468ba20c1c050b428d5dedd5bb61b44fc3006 SHA256 505604e2e1ac3d7f8e5aea74e1f9fba543570809dadc4769a0de179a10637c1b +AUX named.init-r2 1481 RMD160 e94af8ecbc639f59951ce9828fd3583e9616ca2a SHA1 e619db5d9370325e9bdb40e178dcf5da6f6809d8 SHA256 cbe7b55cf66b606ffede1847dec08e4810c1efd666d38ebc4f75dbe8277f1c13 +AUX named.init-r3 1513 RMD160 f69d90d619de354b5962ba7d69c4f39e5e5ac747 SHA1 8cd9657761f1ed080e9a8494fdf0b472808e1a26 SHA256 244888788cd9ddd0f2bce687621d96ca4d8b960398b6bc3d5cb1da3639861fd4 +AUX named.init-r4 1585 RMD160 30ed0f443f0ec1b63d3fd15e4d32fc79ad6199af SHA1 e600929124b4e993552896f6f111f06a706fed89 SHA256 f2eb9393a7380f670af0e09bd378cf619681e33b81ed7e5c7f5b7a1b01964821 +AUX named.init-r5 1620 RMD160 37279362e437241188a07e5f274730e68645827e SHA1 00a14819a322b391183084c79cc9a4dc04d0d484 SHA256 07fb9d653f086319680d04abde0218495ed09d3528087257788bf294252a0bad +AUX named.rc 1644 RMD160 ab040b05deea9b8b1b2a8a75c174be103aa9a4a9 SHA1 1d3503cb3312f68851bda57c1fd23a90af36256e SHA256 07a1b0958594e067259cfbf8b6eeb33125536e2f82f0e63c2d802943eed1bdb6 +AUX named.rc6 1434 RMD160 f56a0c837609467df4b18b63979542ee7447c83b SHA1 992ef568bade0a5125c58258019b725ca6ac8fc3 SHA256 2619fc7695b84a35f9362bc1c0da4a3835e207f99f1164a56e0bbb97e70df057 +AUX named.rc6-pid_fix 488 RMD160 e59636895b54535a6e7e378635791c3c01728907 SHA1 3b57a5dce713716617de2e94eb1cb53b9876fc84 SHA256 612fbc406fff920a4a2a35ee6146ff31cf8ca1535b21a6a5eed1c912ee631cb5 +AUX named.rc6-smart_pid_fix 1204 RMD160 376ecf34ef5543571f1551a7d83da504ac420628 SHA1 7da3b265235a486686affc2806bd497d98ffc68b SHA256 703aa04162bee124fd492c991ba21ca7276112c61c297f0fa424e2cd4333f060 +DIST bind-9.5.0.tar.gz 6749437 RMD160 1f40217a7baab442f30e024698999ba845f6f05d SHA1 8d622ebcb6061518770cbc66072258c7ff051cb8 SHA256 fbb4c02c792a5298f8c71d617dfbab2acebbbdd51ea1d1e94d1aa66de48ddd61 +DIST bind-sdb-ldap-1.1.0.tar.gz 8687 RMD160 472b90c3792fe846bb5170e8e1bea9dccb28522a SHA1 99069a42cb318176bd190677209fedc19eeef10c SHA256 c0a07b41d67924e13ff362615f3c18a496fb7cb9ea11431f29f3e46d847e4b1c +DIST dyndns-samples.tbz2 22866 RMD160 27d5b2d0edb8e1ff16b3f980c38d7af33ccf0c7d SHA1 0a62e9458d0e16b67a3a2f63ea485ce969f1fb4d SHA256 92fb06a92ca99cbbe96b90bcca229ef9c12397db57ae17e199dad9f1218fdbe8 +EBUILD bind-9.5.0-r1.ebuild 9216 RMD160 70bb89e617fc93572f9658cf9408f19190f92fb2 SHA1 70fc1d7d51e93ed3c2c85283f9e19237715dfd45 SHA256 80717b2545ffb19ca0aee7110a61ea01e7bcb45f4486209540a72767db1e66a4 diff --git a/net-dns/bind/bind-9.5.0-r1.ebuild b/net-dns/bind/bind-9.5.0-r1.ebuild new file mode 100644 index 00000000..6b9496c4 --- /dev/null +++ b/net-dns/bind/bind-9.5.0-r1.ebuild @@ -0,0 +1,291 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/bind-9.5.0.ebuild,v 1.2 2008/06/06 14:40:52 dertobi123 Exp $ + +inherit eutils libtool autotools toolchain-funcs flag-o-matic + +DESCRIPTION="BIND - Berkeley Internet Name Domain - Name Server" +HOMEPAGE="http://www.isc.org/products/BIND/bind9.html" +SRC_URI="ftp://ftp.isc.org/isc/bind9/${PV}/${P}.tar.gz + doc? ( mirror://gentoo/dyndns-samples.tbz2 ) + sdb-ldap? ( http://bind9-ldap.bayour.com/bind-sdb-ldap-1.1.0.tar.gz )" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ssl ipv6 doc dlz postgres berkdb mysql odbc ldap selinux idn threads resolvconf urandom sdb-ldap" + +DEPEND="ssl? ( >=dev-libs/openssl-0.9.6g ) + mysql? ( >=virtual/mysql-4.0 ) + odbc? ( >=dev-db/unixODBC-2.2.6 ) + ldap? ( net-nds/openldap ) + idn? ( net-dns/idnkit )" + +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-bind ) + resolvconf? ( || ( net-dns/openresolv net-dns/resolvconf-gentoo ) )" + +#S="${WORKDIR}/${P/_p1/-P1}" + +pkg_setup() { + use threads && { + echo + ewarn "If you're in vserver enviroment, you're probably want to" + ewarn "disable threads support because of linux capabilities dependency" + echo + } + + ebegin "Creating named group and user" + enewgroup named 40 + enewuser named 40 -1 /etc/bind named + eend ${?} +} + +src_unpack() { + unpack ${A} + cd "${S}" + + # Adjusting PATHs in manpages + for i in bin/{named/named.8,check/named-checkconf.8,rndc/rndc.8} ; do + sed -i \ + -e 's:/etc/named.conf:/etc/bind/named.conf:g' \ + -e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \ + -e 's:/etc/rndc.key:/etc/bind/rndc.key:g' \ + "${i}" + done + + use dlz && epatch "${FILESDIR}"/${PN}-9.4.0-dlzbdb-close_cursor.patch + + # bind fails to reconnect to MySQL5 databases, bug #180720, patch by Nicolas Brousse + # (http://www.shell-tips.com/2007/09/04/bind-950-patch-dlz-mysql-5-for-auto-reconnect/) + + # Add sdb-ldap support + use sdb-ldap && cp "${WORKDIR}"/bind-sdb-ldap-1.1.0/ldapdb.c "${S}"/bin/named/ + use sdb-ldap && cp "${WORKDIR}"/bind-sdb-ldap-1.1.0/ldapdb.h "${S}"/bin/named/include/ + use sdb-ldap && epatch "${FILESDIR}"/${PN}-9.3.2-sdb-ldap.patch + use dlz && use mysql && epatch ${FILESDIR}/bind-dlzmysql5-reconnect.patch + + # should be installed by bind-tools + sed -e "s:nsupdate ::g" -i "${S}"/bin/Makefile.in + + # bug #220361 + rm "${S}"/aclocal.m4 "${S}"/libtool.m4 + WANT_AUTOCONF=2.5 AT_NO_RECURSIVE=1 eautoreconf + + # bug #151839 + sed -e \ + 's:struct isc_socket {:#undef SO_BSDCOMPAT\n\nstruct isc_socket {:' \ + -i lib/isc/unix/socket.c + + # remove useless c++ checks + epunt_cxx +} + +src_compile() { + local myconf="" + + use ssl && myconf="${myconf} --with-openssl" + use idn && myconf="${myconf} --with-idn" + + use dlz && { + myconf="${myconf} --with-dlz-filesystem --with-dlz-stub" + use postgres && myconf="${myconf} --with-dlz-postgres" + use mysql && myconf="${myconf} --with-dlz-mysql" + use berkdb && myconf="${myconf} --with-dlz-bdb" + use ldap && myconf="${myconf} --with-dlz-ldap" + use odbc && myconf="${myconf} --with-dlz-odbc" + } + + if use threads; then + if use dlz && use mysql; then + echo + ewarn + ewarn "MySQL uses thread local storage in its C api. Thus MySQL" + ewarn "requires that each thread of an application execute a MySQL" + ewarn "\"thread initialization\" to setup the thread local storage." + ewarn "This is impossible to do safely while staying within the DLZ" + ewarn "driver API. This is a limitation caused by MySQL, and not" + ewarn "the DLZ API." + ewarn "Because of this BIND MUST only run with a single thread when" + ewarn "using the MySQL driver." + ewarn + myconf="${myconf} --disable-linux-caps --disable-threads" + ewarn "Threading support disabled" + epause 10 + else + myconf="${myconf} --enable-linux-caps --enable-threads" + einfo "Threading support enabled" + fi + else + myconf="${myconf} --disable-linux-caps --disable-threads" + fi + + if use urandom; then + myconf="${myconf} --with-randomdev=/dev/urandom" + else + myconf="${myconf} --with-randomdev=/dev/random" + fi + + # bug #158664 + gcc-specs-ssp && replace-flags -O[23s] -O + export BUILD_CC="${CBUILD}-gcc" + econf \ + --sysconfdir=/etc/bind \ + --localstatedir=/var \ + --with-libtool \ + `use_enable ipv6` \ + ${myconf} || die "econf failed" + + emake -j1 || die "failed to compile bind" +} + +src_install() { + einstall || die "failed to install bind" + + dodoc CHANGES COPYRIGHT FAQ README + + use doc && { + docinto misc + dodoc doc/misc/* + + docinto html + dohtml doc/arm/* + + docinto draft + dodoc doc/draft/* + + docinto rfc + dodoc doc/rfc/* + + docinto contrib + dodoc contrib/named-bootconf/named-bootconf.sh \ + contrib/nanny/nanny.pl + + # some handy-dandy dynamic dns examples + cd "${D}"/usr/share/doc/${PF} + tar pjxf ${DISTFILES}/dyndns-samples.tbz2 + } + + newenvd "${FILESDIR}"/10bind.env 10bind + + dodir /etc/bind /var/bind/{pri,sec} + keepdir /var/bind/sec + + insinto /etc/bind ; newins "${FILESDIR}"/named.conf-r3 named.conf + + # ftp://ftp.rs.internic.net/domain/named.ca: + insinto /var/bind ; doins "${FILESDIR}"/named.ca + + insinto /var/bind/pri + doins "${FILESDIR}"/127.zone + newins "${FILESDIR}"/localhost.zone-r2 localhost.zone + + newinitd "${FILESDIR}"/named.init-r5 named + newconfd "${FILESDIR}"/named.confd-r2 named + + dosym ../../var/bind/named.ca /var/bind/root.cache + dosym ../../var/bind/pri /etc/bind/pri + dosym ../../var/bind/sec /etc/bind/sec + + # Let's get rid of those tools and their manpages since they're provided by bind-tools + rm -f "${D}"/usr/share/man/man1/{dig.1,host.1,nslookup.1} + rm -f "${D}"/usr/share/man/man8/{dnssec-keygen.8,nsupdate.8} + rm -f "${D}"/usr/bin/{dig,host,nslookup,dnssec-keygen,nsupdate} + + use resolvconf && { + exeinto /etc/resolvconf/update.d + newexe "${FILESDIR}"/resolvconf.bind bind + } +} + +pkg_postinst() { + if [ ! -f '/etc/bind/rndc.key' ]; then + if [ -c /dev/urandom ]; then + einfo "Using /dev/urandom for generating rndc.key" + /usr/sbin/rndc-confgen -r /dev/urandom -a -u named + echo + else + einfo "Using /dev/random for generating rndc.key" + /usr/sbin/rndc-confgen -a -u named + echo + fi + fi + + install -d -o named -g named "${ROOT}"/var/run/named \ + "${ROOT}"/var/bind/pri "${ROOT}"/var/bind/sec + chown -R named:named "${ROOT}"/var/bind + + elog "The default zone files are now installed as *.zone," + elog "be careful merging config files if you have modified" + elog "/var/bind/pri/127 or /var/bind/pri/localhost" + elog + elog "You can edit /etc/conf.d/named to customize named settings" + elog + elog "The BIND ebuild now includes chroot support." + elog "If you like to run bind in chroot AND this is a new install OR" + elog "your bind doesn't already run in chroot, simply run:" + elog "\`emerge --config '=${CATEGORY}/${PF}'\`" + elog "Before running the above command you might want to change the chroot" + elog "dir in /etc/conf.d/named. Otherwise /chroot/dns will be used." + elog + elog "Recently verisign added a wildcard A record to the .COM and .NET TLD" + elog "zones making all .com and .net domains appear to be registered" + elog "This causes many problems such as breaking important anti-spam checks" + elog "which verify source domains exist. ISC released a patch for BIND which" + elog "adds 'delegation-only' zones to allow admins to return the .com and .net" + elog "domain resolution to their normal function." + elog + elog "There is no need to create a com or net data file. Just the" + elog "entries to the named.conf file is enough." + elog + elog " zone "com" IN { type delegation-only; };" + elog " zone "net" IN { type delegation-only; };" + + echo + ewarn "BIND >=9.2.5 makes the priority argument to MX records mandatory" + ewarn "when it was previously optional. If the priority is missing, BIND" + ewarn "won't load the zone file at all." + echo +} + +pkg_config() { + CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/named 2>/dev/null` + EXISTS="no" + + if [ -z "${CHROOT}" -a ! -d "/chroot/dns" ]; then + CHROOT="/chroot/dns" + elif [ -d ${CHROOT} ]; then + eerror; eerror "${CHROOT:-/chroot/dns} already exists. Quitting."; eerror; EXISTS="yes" + fi + + if [ ! "$EXISTS" = yes ]; then + einfo ; einfon "Setting up the chroot directory..." + mkdir -m 700 -p ${CHROOT} + mkdir -p ${CHROOT}/{dev,etc,var/run/named} + chown -R named:named ${CHROOT}/var/run/named + cp -R /etc/bind ${CHROOT}/etc/ + cp /etc/localtime ${CHROOT}/etc/localtime + chown named:named ${CHROOT}/etc/bind/rndc.key + cp -R /var/bind ${CHROOT}/var/ + chown -R named:named ${CHROOT}/var/ + mknod ${CHROOT}/dev/zero c 1 5 + mknod ${CHROOT}/dev/random c 1 8 + chmod 666 ${CHROOT}/dev/{random,zero} + chown root:named ${CHROOT} + chmod 0750 ${CHROOT} + + grep -q "^#[[:blank:]]\?CHROOT" /etc/conf.d/named ; RETVAL=$? + if [ $RETVAL = 0 ]; then + sed 's/^# \?\(CHROOT.*\)$/\1/' /etc/conf.d/named > /etc/conf.d/named.orig 2>/dev/null + mv --force /etc/conf.d/named.orig /etc/conf.d/named + fi + + sleep 1; echo " Done."; sleep 1 + einfo + einfo "Add the following to your root .bashrc or .bash_profile: " + einfo " alias rndc='rndc -k ${CHROOT}/etc/bind/rndc.key'" + einfo "Then do the following: " + einfo " source /root/.bashrc or .bash_profile" + einfo + fi +} diff --git a/net-dns/bind/files/10bind.env b/net-dns/bind/files/10bind.env new file mode 100644 index 00000000..13c7910b --- /dev/null +++ b/net-dns/bind/files/10bind.env @@ -0,0 +1 @@ +CONFIG_PROTECT="/var/bind" diff --git a/net-dns/bind/files/127.zone b/net-dns/bind/files/127.zone new file mode 100644 index 00000000..2ad28de5 --- /dev/null +++ b/net-dns/bind/files/127.zone @@ -0,0 +1,11 @@ +$ORIGIN 127.in-addr.arpa. +$TTL 1W +@ 1D IN SOA localhost. root.localhost. ( + 2002081601 ; serial + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS localhost. +1 1D IN PTR localhost. diff --git a/net-dns/bind/files/bind-9.2.5-berkdb_fix.patch b/net-dns/bind/files/bind-9.2.5-berkdb_fix.patch new file mode 100644 index 00000000..ba6bc3f1 --- /dev/null +++ b/net-dns/bind/files/bind-9.2.5-berkdb_fix.patch @@ -0,0 +1,11 @@ +--- configure.in.orig 2005-03-25 23:33:33.000000000 +0300 ++++ configure.in 2005-03-25 23:34:04.000000000 +0300 +@@ -453,7 +453,7 @@ + then + use_dlz_bdb=$d + DLZ_BDB_INCDIR=$use_dlz_bdb/include +- DLB_BDB_LIB="-ldb" ++ DLZ_BDB_LIB="-ldb" + break + fi + done diff --git a/net-dns/bind/files/bind-9.2.5-dlz-mysql.patch b/net-dns/bind/files/bind-9.2.5-dlz-mysql.patch new file mode 100644 index 00000000..e4ac2e94 --- /dev/null +++ b/net-dns/bind/files/bind-9.2.5-dlz-mysql.patch @@ -0,0 +1,402 @@ +diff -uraN bind-9.2.5-dlz/bin/named/include/mysqldb.h bind-9.2.5-dlz-mysql/bin/named/include/mysqldb.h +--- bind-9.2.5-dlz/bin/named/include/mysqldb.h 1970-01-01 03:00:00.000000000 +0300 ++++ bind-9.2.5-dlz-mysql/bin/named/include/mysqldb.h 2005-03-25 21:41:25.000000000 +0300 +@@ -0,0 +1,7 @@ ++ ++#include ++ ++isc_result_t mysqldb_init(void); ++ ++void mysqldb_clear(void); ++ +diff -uraN bind-9.2.5-dlz/bin/named/main.c bind-9.2.5-dlz-mysql/bin/named/main.c +--- bind-9.2.5-dlz/bin/named/main.c 2005-03-25 21:41:01.000000000 +0300 ++++ bind-9.2.5-dlz-mysql/bin/named/main.c 2005-03-25 21:41:25.000000000 +0300 +@@ -68,6 +68,7 @@ + * Include header files for database drivers here. + */ + /* #include "xxdb.h" */ ++#include "mysqldb.h" + + #ifdef DLZ_STUB + #include +@@ -594,6 +595,7 @@ + * Add calls to register sdb drivers here. + */ + /* xxdb_init(); */ ++ mysqldb_init (); + + #ifdef DLZ_STUB + dlz_stub_init(); +@@ -637,6 +639,7 @@ + * Add calls to unregister sdb drivers here. + */ + /* xxdb_clear(); */ ++ mysqldb_clear (); + + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, + ISC_LOG_NOTICE, "exiting"); +diff -uraN bind-9.2.5-dlz/bin/named/Makefile.in bind-9.2.5-dlz-mysql/bin/named/Makefile.in +--- bind-9.2.5-dlz/bin/named/Makefile.in 2005-03-25 21:41:01.000000000 +0300 ++++ bind-9.2.5-dlz-mysql/bin/named/Makefile.in 2005-03-25 21:41:25.000000000 +0300 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = +-DBDRIVER_SRCS = +-DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = ++DBDRIVER_OBJS = mysqldb.@O@ ++DBDRIVER_SRCS = mysqldb.c ++DBDRIVER_INCLUDES = -I/usr/local/include ++DBDRIVER_LIBS = -L/usr/local/lib/mysql -lmysqlclient + + DLZINCLUDES = @DLZ_BDB_INC@ @DLZ_POSTGRES_INC@ @DLZ_ODBC_INC@ \ + @DLZ_MYSQL_INC@ @DLZ_LDAP_INC@ +diff -uraN bind-9.2.5-dlz/bin/named/mysqldb.c bind-9.2.5-dlz-mysql/bin/named/mysqldb.c +--- bind-9.2.5-dlz/bin/named/mysqldb.c 1970-01-01 03:00:00.000000000 +0300 ++++ bind-9.2.5-dlz-mysql/bin/named/mysqldb.c 2005-03-25 21:41:25.000000000 +0300 +@@ -0,0 +1,342 @@ ++/* ++ * Copyright (C) 2002 Mihai Chelaru ( kefren@netbastards.org ) ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND I DISCLAIM ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL I BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#define ROWS 20 ++#define MAXCOLUMN 200 ++ ++/* ++#define ONEDATABASE ++#define MDEBUG ++*/ ++struct mysqlrow { ++ char *s[ROWS]; ++}; ++ ++static dns_sdbimplementation_t *mysqldb = NULL; ++ ++struct mydbinfo { ++ MYSQL *conn; ++ char *database; ++ char *table; ++ char *host; ++ char *user; ++ char *passwd; ++}; ++ ++/* My internal functions */ ++ ++int mysql_dbcon(struct mydbinfo *); ++ ++int ++mysql_dbcon(struct mydbinfo * dbi) ++{ ++#ifdef MDEBUG ++ printf("Connecting\n"); ++#endif ++ dbi->conn=mysql_init(NULL); ++ if (dbi->conn == NULL) return 0; ++ if (!mysql_real_connect(dbi->conn, dbi->host, dbi->user, dbi->passwd, dbi->database, 3306, NULL, 0)) ++ return 0; ++#ifdef MDEBUG ++ printf("Connected\n"); ++#endif ++ return 1; ++} ++ ++/* External functions */ ++ ++static isc_result_t ++mysqldb_lookup(const char *zone, const char *name, void *dbdata, dns_sdblookup_t * lookup) ++{ ++ char *querystring = NULL, seclook[150]; ++ struct mydbinfo *dbi = (struct mydbinfo *) dbdata; ++ MYSQL_RES *result; ++ struct mysqlrow myrow; ++ int i, j, totlen; ++ MYSQL_ROW row; ++ int num_fields, putrr_success=0; ++#ifdef MDEBUG ++ printf("Lookup in %.200s for %.200s ", zone, name); ++#endif ++ querystring = (char *) malloc(200); ++ if (!querystring) ++ return ISC_R_NOMEMORY; ++ snprintf(querystring, 200, "SELECT TTL,RDTYPE,RDATA FROM %s where name='%.150s'", dbi->table, name); ++#ifdef MDEBUG ++ printf("Query = %s\n", querystring); ++#endif ++ mysql_ping(dbi->conn); ++ if (mysql_query(dbi->conn, querystring)) { ++ printf("Query Error in lookup\n"); ++ free(querystring); ++ return ISC_R_FAILURE; ++ } ++ free(querystring); ++ result = mysql_store_result(dbi->conn); ++ ++ num_fields = mysql_num_fields(result); ++ if (num_fields > ROWS) { ++ printf("Incorrect database format\n"); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ /* allocate to fetch */ ++ for (i = 0; i < ROWS; i++) ++ if (!(myrow.s[i] = (char *) malloc(MAXCOLUMN))) { ++ for (j = 0; j < i; j++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_NOMEMORY; ++ } ++ /* Ok. we found no reason why to not let fetch */ ++ while ((row = mysql_fetch_row(result))) { ++ unsigned long *lengths; ++ lengths = mysql_fetch_lengths(result); ++ totlen = 0; ++ for (i = 0; i < num_fields; i++) { ++ totlen += lengths[i]; ++ snprintf(myrow.s[i], MAXCOLUMN, "%.*s", (int) lengths[i], row[i] ? row[i] : "NULL"); ++ } ++#ifdef MDEBUG ++ printf("Lookup: %s %s %s\n", myrow.s[0], myrow.s[1], myrow.s[2]); ++#endif ++ if (dns_sdb_putrr(lookup, myrow.s[1], strtol(myrow.s[0], NULL, 10), myrow.s[2]) != ISC_R_SUCCESS) { ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ printf("Lookup Failure\n"); ++ return ISC_R_FAILURE; ++ } else putrr_success=1; ++ } ++#ifdef MDEBUG ++ printf ("Bailing out lookup\n"); ++#endif ++ /* Ok. success. bail out. */ ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ ++ /* Check if there is any *.foo.com available and return it in case that this is not a *.foo.com call */ ++ if ((!putrr_success)&&(name[0]!='*')) { ++#ifdef MDEBUG ++printf ("Cannot find it. Trying to check * record\n"); ++#endif ++ snprintf (seclook,150,"*.%s",zone); ++ return mysqldb_lookup (zone, seclook, dbdata, lookup); ++ } ++ ++ /* else return SUCCESS */ ++ return ISC_R_SUCCESS; ++} ++ ++static isc_result_t ++mysqldb_allnodes(const char *zone, void *dbdata, dns_sdballnodes_t * allnodes) ++{ ++ char *querystring = NULL; ++ struct mydbinfo *dbi = (struct mydbinfo *) dbdata; ++ MYSQL_RES *result; ++ struct mysqlrow myrow; ++ MYSQL_ROW row; ++ int num_fields; ++ int i, totlen, j; ++#ifdef MDEBUG ++ printf("All Nodes\n"); ++#endif ++ querystring = (char *) malloc(200); ++ if (!querystring) ++ return ISC_R_NOMEMORY; ++ snprintf(querystring, 200, "SELECT TTL,NAME,RDTYPE,RDATA FROM %s where name like('%%%.150s')", dbi->table, zone); ++ mysql_ping(dbi->conn); ++ if (mysql_query(dbi->conn, querystring)) { ++ printf("Query Error\n"); ++ free(querystring); ++ return ISC_R_FAILURE; ++ } ++ free(querystring); ++ result = mysql_store_result(dbi->conn); ++ ++ num_fields = mysql_num_fields(result); ++ if (num_fields > ROWS) { ++ printf("Incorrect database format\n"); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ /* allocate to fetch */ ++ for (i = 0; i < ROWS; i++) ++ if (!(myrow.s[i] = (char *) malloc(MAXCOLUMN))) { ++ for (j = 0; j < i; j++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_NOMEMORY; ++ } ++ /* Ok. we found no reason why to not let fetch */ ++ while ((row = mysql_fetch_row(result))) { ++ unsigned long *lengths; ++ lengths = mysql_fetch_lengths(result); ++ totlen = 0; ++ for (i = 0; i < num_fields; i++) { ++ totlen += lengths[i]; ++ snprintf(myrow.s[i], MAXCOLUMN, "%.*s", (int) lengths[i], row[i] ? row[i] : "NULL"); ++ } ++#ifdef MDEBUG ++ printf("All Nodes: %s %s %s %s\n", myrow.s[0], myrow.s[1], myrow.s[2], myrow.s[3]); ++#endif ++ if (dns_sdb_putnamedrr(allnodes, myrow.s[1], myrow.s[2], strtol(myrow.s[0], NULL, 10), myrow.s[3]) != ISC_R_SUCCESS) { ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ } ++ ++ /* Ok. success. bail out. */ ++ mysql_free_result(result); ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ return ISC_R_SUCCESS; ++} ++ ++ ++ ++/* ++ * Open database argv[i]=database,table,hostname,user,passwd ++ */ ++ ++static isc_result_t ++mysqldb_create(const char *zone, int argc, char **argv, void *driverdata, void **dbdata) ++{ ++ struct mydbinfo *dbi; ++ #ifdef ONEDATABASE ++ static MYSQL *dbconstat; ++ #endif ++ ++ /* Argument count checking */ ++ if (argc < 5) ++ return ISC_R_FAILURE; ++ ++ /* dbi init */ ++ ++ dbi = (struct mydbinfo *) isc_mem_get(ns_g_mctx, sizeof(struct mydbinfo)); ++ if (!dbi) ++ return ISC_R_NOMEMORY; ++ dbi->database = NULL; ++ dbi->table = NULL; ++ dbi->host = NULL; ++ dbi->user = NULL; ++ dbi->passwd = NULL; ++ ++ dbi->database = isc_mem_strdup(ns_g_mctx, argv[0]); ++ dbi->table = isc_mem_strdup(ns_g_mctx, argv[1]); ++ dbi->host = isc_mem_strdup(ns_g_mctx, argv[2]); ++ dbi->user = isc_mem_strdup(ns_g_mctx, argv[3]); ++ dbi->passwd = isc_mem_strdup(ns_g_mctx, argv[4]); ++ ++ if ((!dbi->database) || (!dbi->table) || (!dbi->host) || (!dbi->user) || (!dbi->passwd)) { ++ printf("Cannot strdup\n"); ++ if (dbi->conn) ++ mysql_close(dbi->conn); ++ if (dbi->database) ++ isc_mem_free(ns_g_mctx, dbi->database); ++ if (dbi->table) ++ isc_mem_free(ns_g_mctx, dbi->table); ++ if (dbi->host) ++ isc_mem_free(ns_g_mctx, dbi->host); ++ if (dbi->user) ++ isc_mem_free(ns_g_mctx, dbi->user); ++ if (dbi->passwd) ++ isc_mem_free(ns_g_mctx, dbi->passwd); ++ isc_mem_put(ns_g_mctx, dbi, sizeof(struct mydbinfo)); ++ return ISC_R_NOMEMORY; ++ } ++ /* connect to database */ ++ #ifdef ONEDATABASE ++ if (!((dbconstat) && (!mysql_ping(dbconstat)))) ++ #endif ++ if (!mysql_dbcon(dbi)) { ++ printf("Cannot connect to database\n"); ++ return ISC_R_FAILURE; ++ } ++ #ifdef ONEDATABASE ++ if (dbconstat) dbi->conn = dbconstat; else dbconstat = dbi->conn; ++ #endif ++ *dbdata = dbi; ++ return ISC_R_SUCCESS; ++} ++ ++static void ++mysqldb_destroy(const char *zone, void *driverdata, void **dbdata) ++{ ++ struct mydbinfo *dbi; ++ ++ dbi = (struct mydbinfo *) (*dbdata); ++ if (!dbi) ++ return; ++ if (dbi->conn) ++ mysql_close(dbi->conn); ++ if (dbi->database) ++ isc_mem_free(ns_g_mctx, dbi->database); ++ if (dbi->table) ++ isc_mem_free(ns_g_mctx, dbi->table); ++ if (dbi->host) ++ isc_mem_free(ns_g_mctx, dbi->host); ++ if (dbi->user) ++ isc_mem_free(ns_g_mctx, dbi->user); ++ if (dbi->passwd) ++ isc_mem_free(ns_g_mctx, dbi->passwd); ++ isc_mem_put(ns_g_mctx, dbi, sizeof(struct mydbinfo)); ++#ifdef MDEBUG ++ printf("Destroyed\n"); ++#endif ++} ++ ++ ++/* SDB methods */ ++ ++static dns_sdbmethods_t mysqldb_methods = { ++ mysqldb_lookup, ++ NULL, /* authority */ ++ mysqldb_allnodes, ++ mysqldb_create, ++ mysqldb_destroy ++}; ++ ++ ++ ++isc_result_t ++mysqldb_init() ++{ ++ unsigned int flags = 0; ++ return dns_sdb_register("mysql", &mysqldb_methods, NULL, flags, ns_g_mctx, &mysqldb); ++} ++ ++void ++mysqldb_clear() ++{ ++ if (mysqldb) ++ dns_sdb_unregister(&mysqldb); ++} diff --git a/net-dns/bind/files/bind-9.2.5-mysql.patch b/net-dns/bind/files/bind-9.2.5-mysql.patch new file mode 100644 index 00000000..28b02f37 --- /dev/null +++ b/net-dns/bind/files/bind-9.2.5-mysql.patch @@ -0,0 +1,402 @@ +diff -uraN bind-9.2.5-orig/bin/named/include/mysqldb.h bind-9.2.5-mysql/bin/named/include/mysqldb.h +--- bind-9.2.5-orig/bin/named/include/mysqldb.h 1970-01-01 03:00:00.000000000 +0300 ++++ bind-9.2.5-mysql/bin/named/include/mysqldb.h 2005-03-25 21:35:47.000000000 +0300 +@@ -0,0 +1,7 @@ ++ ++#include ++ ++isc_result_t mysqldb_init(void); ++ ++void mysqldb_clear(void); ++ +diff -uraN bind-9.2.5-orig/bin/named/main.c bind-9.2.5-mysql/bin/named/main.c +--- bind-9.2.5-orig/bin/named/main.c 2004-10-25 04:50:53.000000000 +0400 ++++ bind-9.2.5-mysql/bin/named/main.c 2005-03-25 21:35:47.000000000 +0300 +@@ -68,6 +68,7 @@ + * Include header files for database drivers here. + */ + /* #include "xxdb.h" */ ++#include "mysqldb.h" + + static isc_boolean_t want_stats = ISC_FALSE; + static char program_name[ISC_DIR_NAMEMAX] = "named"; +@@ -565,6 +566,7 @@ + * Add calls to register sdb drivers here. + */ + /* xxdb_init(); */ ++ mysqldb_init (); + + ns_server_create(ns_g_mctx, &ns_g_server); + } +@@ -579,6 +581,7 @@ + * Add calls to unregister sdb drivers here. + */ + /* xxdb_clear(); */ ++ mysqldb_clear (); + + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, + ISC_LOG_NOTICE, "exiting"); +diff -uraN bind-9.2.5-orig/bin/named/Makefile.in bind-9.2.5-mysql/bin/named/Makefile.in +--- bind-9.2.5-orig/bin/named/Makefile.in 2004-09-07 01:42:06.000000000 +0400 ++++ bind-9.2.5-mysql/bin/named/Makefile.in 2005-03-25 21:35:47.000000000 +0300 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = +-DBDRIVER_SRCS = +-DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = ++DBDRIVER_OBJS = mysqldb.@O@ ++DBDRIVER_SRCS = mysqldb.c ++DBDRIVER_INCLUDES = -I/usr/local/include ++DBDRIVER_LIBS = -L/usr/local/lib/mysql -lmysqlclient + + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ + ${LWRES_INCLUDES} ${DNS_INCLUDES} \ +diff -uraN bind-9.2.5-orig/bin/named/mysqldb.c bind-9.2.5-mysql/bin/named/mysqldb.c +--- bind-9.2.5-orig/bin/named/mysqldb.c 1970-01-01 03:00:00.000000000 +0300 ++++ bind-9.2.5-mysql/bin/named/mysqldb.c 2005-03-25 21:35:47.000000000 +0300 +@@ -0,0 +1,342 @@ ++/* ++ * Copyright (C) 2002 Mihai Chelaru ( kefren@netbastards.org ) ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND I DISCLAIM ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL I BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#define ROWS 20 ++#define MAXCOLUMN 200 ++ ++/* ++#define ONEDATABASE ++#define MDEBUG ++*/ ++struct mysqlrow { ++ char *s[ROWS]; ++}; ++ ++static dns_sdbimplementation_t *mysqldb = NULL; ++ ++struct mydbinfo { ++ MYSQL *conn; ++ char *database; ++ char *table; ++ char *host; ++ char *user; ++ char *passwd; ++}; ++ ++/* My internal functions */ ++ ++int mysql_dbcon(struct mydbinfo *); ++ ++int ++mysql_dbcon(struct mydbinfo * dbi) ++{ ++#ifdef MDEBUG ++ printf("Connecting\n"); ++#endif ++ dbi->conn=mysql_init(NULL); ++ if (dbi->conn == NULL) return 0; ++ if (!mysql_real_connect(dbi->conn, dbi->host, dbi->user, dbi->passwd, dbi->database, 3306, NULL, 0)) ++ return 0; ++#ifdef MDEBUG ++ printf("Connected\n"); ++#endif ++ return 1; ++} ++ ++/* External functions */ ++ ++static isc_result_t ++mysqldb_lookup(const char *zone, const char *name, void *dbdata, dns_sdblookup_t * lookup) ++{ ++ char *querystring = NULL, seclook[150]; ++ struct mydbinfo *dbi = (struct mydbinfo *) dbdata; ++ MYSQL_RES *result; ++ struct mysqlrow myrow; ++ int i, j, totlen; ++ MYSQL_ROW row; ++ int num_fields, putrr_success=0; ++#ifdef MDEBUG ++ printf("Lookup in %.200s for %.200s ", zone, name); ++#endif ++ querystring = (char *) malloc(200); ++ if (!querystring) ++ return ISC_R_NOMEMORY; ++ snprintf(querystring, 200, "SELECT TTL,RDTYPE,RDATA FROM %s where name='%.150s'", dbi->table, name); ++#ifdef MDEBUG ++ printf("Query = %s\n", querystring); ++#endif ++ mysql_ping(dbi->conn); ++ if (mysql_query(dbi->conn, querystring)) { ++ printf("Query Error in lookup\n"); ++ free(querystring); ++ return ISC_R_FAILURE; ++ } ++ free(querystring); ++ result = mysql_store_result(dbi->conn); ++ ++ num_fields = mysql_num_fields(result); ++ if (num_fields > ROWS) { ++ printf("Incorrect database format\n"); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ /* allocate to fetch */ ++ for (i = 0; i < ROWS; i++) ++ if (!(myrow.s[i] = (char *) malloc(MAXCOLUMN))) { ++ for (j = 0; j < i; j++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_NOMEMORY; ++ } ++ /* Ok. we found no reason why to not let fetch */ ++ while ((row = mysql_fetch_row(result))) { ++ unsigned long *lengths; ++ lengths = mysql_fetch_lengths(result); ++ totlen = 0; ++ for (i = 0; i < num_fields; i++) { ++ totlen += lengths[i]; ++ snprintf(myrow.s[i], MAXCOLUMN, "%.*s", (int) lengths[i], row[i] ? row[i] : "NULL"); ++ } ++#ifdef MDEBUG ++ printf("Lookup: %s %s %s\n", myrow.s[0], myrow.s[1], myrow.s[2]); ++#endif ++ if (dns_sdb_putrr(lookup, myrow.s[1], strtol(myrow.s[0], NULL, 10), myrow.s[2]) != ISC_R_SUCCESS) { ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ printf("Lookup Failure\n"); ++ return ISC_R_FAILURE; ++ } else putrr_success=1; ++ } ++#ifdef MDEBUG ++ printf ("Bailing out lookup\n"); ++#endif ++ /* Ok. success. bail out. */ ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ ++ /* Check if there is any *.foo.com available and return it in case that this is not a *.foo.com call */ ++ if ((!putrr_success)&&(name[0]!='*')) { ++#ifdef MDEBUG ++printf ("Cannot find it. Trying to check * record\n"); ++#endif ++ snprintf (seclook,150,"*.%s",zone); ++ return mysqldb_lookup (zone, seclook, dbdata, lookup); ++ } ++ ++ /* else return SUCCESS */ ++ return ISC_R_SUCCESS; ++} ++ ++static isc_result_t ++mysqldb_allnodes(const char *zone, void *dbdata, dns_sdballnodes_t * allnodes) ++{ ++ char *querystring = NULL; ++ struct mydbinfo *dbi = (struct mydbinfo *) dbdata; ++ MYSQL_RES *result; ++ struct mysqlrow myrow; ++ MYSQL_ROW row; ++ int num_fields; ++ int i, totlen, j; ++#ifdef MDEBUG ++ printf("All Nodes\n"); ++#endif ++ querystring = (char *) malloc(200); ++ if (!querystring) ++ return ISC_R_NOMEMORY; ++ snprintf(querystring, 200, "SELECT TTL,NAME,RDTYPE,RDATA FROM %s where name like('%%%.150s')", dbi->table, zone); ++ mysql_ping(dbi->conn); ++ if (mysql_query(dbi->conn, querystring)) { ++ printf("Query Error\n"); ++ free(querystring); ++ return ISC_R_FAILURE; ++ } ++ free(querystring); ++ result = mysql_store_result(dbi->conn); ++ ++ num_fields = mysql_num_fields(result); ++ if (num_fields > ROWS) { ++ printf("Incorrect database format\n"); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ /* allocate to fetch */ ++ for (i = 0; i < ROWS; i++) ++ if (!(myrow.s[i] = (char *) malloc(MAXCOLUMN))) { ++ for (j = 0; j < i; j++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_NOMEMORY; ++ } ++ /* Ok. we found no reason why to not let fetch */ ++ while ((row = mysql_fetch_row(result))) { ++ unsigned long *lengths; ++ lengths = mysql_fetch_lengths(result); ++ totlen = 0; ++ for (i = 0; i < num_fields; i++) { ++ totlen += lengths[i]; ++ snprintf(myrow.s[i], MAXCOLUMN, "%.*s", (int) lengths[i], row[i] ? row[i] : "NULL"); ++ } ++#ifdef MDEBUG ++ printf("All Nodes: %s %s %s %s\n", myrow.s[0], myrow.s[1], myrow.s[2], myrow.s[3]); ++#endif ++ if (dns_sdb_putnamedrr(allnodes, myrow.s[1], myrow.s[2], strtol(myrow.s[0], NULL, 10), myrow.s[3]) != ISC_R_SUCCESS) { ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ mysql_free_result(result); ++ return ISC_R_FAILURE; ++ } ++ } ++ ++ /* Ok. success. bail out. */ ++ mysql_free_result(result); ++ for (i = 0; i < ROWS; i++) ++ free(myrow.s[i]); ++ return ISC_R_SUCCESS; ++} ++ ++ ++ ++/* ++ * Open database argv[i]=database,table,hostname,user,passwd ++ */ ++ ++static isc_result_t ++mysqldb_create(const char *zone, int argc, char **argv, void *driverdata, void **dbdata) ++{ ++ struct mydbinfo *dbi; ++ #ifdef ONEDATABASE ++ static MYSQL *dbconstat; ++ #endif ++ ++ /* Argument count checking */ ++ if (argc < 5) ++ return ISC_R_FAILURE; ++ ++ /* dbi init */ ++ ++ dbi = (struct mydbinfo *) isc_mem_get(ns_g_mctx, sizeof(struct mydbinfo)); ++ if (!dbi) ++ return ISC_R_NOMEMORY; ++ dbi->database = NULL; ++ dbi->table = NULL; ++ dbi->host = NULL; ++ dbi->user = NULL; ++ dbi->passwd = NULL; ++ ++ dbi->database = isc_mem_strdup(ns_g_mctx, argv[0]); ++ dbi->table = isc_mem_strdup(ns_g_mctx, argv[1]); ++ dbi->host = isc_mem_strdup(ns_g_mctx, argv[2]); ++ dbi->user = isc_mem_strdup(ns_g_mctx, argv[3]); ++ dbi->passwd = isc_mem_strdup(ns_g_mctx, argv[4]); ++ ++ if ((!dbi->database) || (!dbi->table) || (!dbi->host) || (!dbi->user) || (!dbi->passwd)) { ++ printf("Cannot strdup\n"); ++ if (dbi->conn) ++ mysql_close(dbi->conn); ++ if (dbi->database) ++ isc_mem_free(ns_g_mctx, dbi->database); ++ if (dbi->table) ++ isc_mem_free(ns_g_mctx, dbi->table); ++ if (dbi->host) ++ isc_mem_free(ns_g_mctx, dbi->host); ++ if (dbi->user) ++ isc_mem_free(ns_g_mctx, dbi->user); ++ if (dbi->passwd) ++ isc_mem_free(ns_g_mctx, dbi->passwd); ++ isc_mem_put(ns_g_mctx, dbi, sizeof(struct mydbinfo)); ++ return ISC_R_NOMEMORY; ++ } ++ /* connect to database */ ++ #ifdef ONEDATABASE ++ if (!((dbconstat) && (!mysql_ping(dbconstat)))) ++ #endif ++ if (!mysql_dbcon(dbi)) { ++ printf("Cannot connect to database\n"); ++ return ISC_R_FAILURE; ++ } ++ #ifdef ONEDATABASE ++ if (dbconstat) dbi->conn = dbconstat; else dbconstat = dbi->conn; ++ #endif ++ *dbdata = dbi; ++ return ISC_R_SUCCESS; ++} ++ ++static void ++mysqldb_destroy(const char *zone, void *driverdata, void **dbdata) ++{ ++ struct mydbinfo *dbi; ++ ++ dbi = (struct mydbinfo *) (*dbdata); ++ if (!dbi) ++ return; ++ if (dbi->conn) ++ mysql_close(dbi->conn); ++ if (dbi->database) ++ isc_mem_free(ns_g_mctx, dbi->database); ++ if (dbi->table) ++ isc_mem_free(ns_g_mctx, dbi->table); ++ if (dbi->host) ++ isc_mem_free(ns_g_mctx, dbi->host); ++ if (dbi->user) ++ isc_mem_free(ns_g_mctx, dbi->user); ++ if (dbi->passwd) ++ isc_mem_free(ns_g_mctx, dbi->passwd); ++ isc_mem_put(ns_g_mctx, dbi, sizeof(struct mydbinfo)); ++#ifdef MDEBUG ++ printf("Destroyed\n"); ++#endif ++} ++ ++ ++/* SDB methods */ ++ ++static dns_sdbmethods_t mysqldb_methods = { ++ mysqldb_lookup, ++ NULL, /* authority */ ++ mysqldb_allnodes, ++ mysqldb_create, ++ mysqldb_destroy ++}; ++ ++ ++ ++isc_result_t ++mysqldb_init() ++{ ++ unsigned int flags = 0; ++ return dns_sdb_register("mysql", &mysqldb_methods, NULL, flags, ns_g_mctx, &mysqldb); ++} ++ ++void ++mysqldb_clear() ++{ ++ if (mysqldb) ++ dns_sdb_unregister(&mysqldb); ++} diff --git a/net-dns/bind/files/bind-9.2.8-missing_odbc_test.patch b/net-dns/bind/files/bind-9.2.8-missing_odbc_test.patch new file mode 100644 index 00000000..ead47527 --- /dev/null +++ b/net-dns/bind/files/bind-9.2.8-missing_odbc_test.patch @@ -0,0 +1,20 @@ +--- configure.in 2006-07-09 22:00:54.000000000 +0000 ++++ configure.in 2006-07-09 22:01:05.000000000 +0000 +@@ -686,17 +686,7 @@ + fi + done + +- if test -z "`${CC} contrib/sdb/test//test.c -lodbc -o contrib/sdb/test/test.ok 2>&1`"; then + DLZ_ODBC_LIB="-lodbc" +- elif test -z "`${CC} contrib/sdb/test//test.c -liodbc -o contrib/sdb/test/test.ok 2>&1`"; then +- DLZ_ODBC_LIB="-liodbc" +- else +- DLZ_ODBC_LIB="" +- use_dlz_odbc="no" +- AC_MSG_RESULT("no ODBC libraries found") +- fi +- rm -f contrib/sdb/test/test.ok +- + + if test "$use_dlz_odbc" = "yes" + then diff --git a/net-dns/bind/files/bind-9.3.2-missing_odbc_test.patch b/net-dns/bind/files/bind-9.3.2-missing_odbc_test.patch new file mode 100644 index 00000000..ead47527 --- /dev/null +++ b/net-dns/bind/files/bind-9.3.2-missing_odbc_test.patch @@ -0,0 +1,20 @@ +--- configure.in 2006-07-09 22:00:54.000000000 +0000 ++++ configure.in 2006-07-09 22:01:05.000000000 +0000 +@@ -686,17 +686,7 @@ + fi + done + +- if test -z "`${CC} contrib/sdb/test//test.c -lodbc -o contrib/sdb/test/test.ok 2>&1`"; then + DLZ_ODBC_LIB="-lodbc" +- elif test -z "`${CC} contrib/sdb/test//test.c -liodbc -o contrib/sdb/test/test.ok 2>&1`"; then +- DLZ_ODBC_LIB="-liodbc" +- else +- DLZ_ODBC_LIB="" +- use_dlz_odbc="no" +- AC_MSG_RESULT("no ODBC libraries found") +- fi +- rm -f contrib/sdb/test/test.ok +- + + if test "$use_dlz_odbc" = "yes" + then diff --git a/net-dns/bind/files/bind-9.3.2-sdb-ldap.patch b/net-dns/bind/files/bind-9.3.2-sdb-ldap.patch new file mode 100644 index 00000000..6fc7277a --- /dev/null +++ b/net-dns/bind/files/bind-9.3.2-sdb-ldap.patch @@ -0,0 +1,47 @@ +diff -urN bind9-9.3.2-P1.backup/bin/named/Makefile.in bind9-9.3.2-P1/bin/named/Makefile.in +--- bind9-9.3.2-P1.backup/bin/named/Makefile.in 2004-09-06 23:47:25.000000000 +0200 ++++ bind9-9.3.2-P1/bin/named/Makefile.in 2006-10-06 13:09:13.000000000 +0200 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = ++DBDRIVER_OBJS = ldapdb.@O@ + DBDRIVER_SRCS = +-DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = ++DBDRIVER_INCLUDES = -I/usr/include ++DBDRIVER_LIBS = -L/usr/lib -lldap -llber -lresolv + + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ + ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ +diff -urN bind9-9.3.2-P1.backup/bin/named/main.c bind9-9.3.2-P1/bin/named/main.c +--- bind9-9.3.2-P1.backup/bin/named/main.c 2005-04-29 03:04:47.000000000 +0200 ++++ bind9-9.3.2-P1/bin/named/main.c 2006-10-06 13:09:13.000000000 +0200 +@@ -69,7 +69,7 @@ + /* + * Include header files for database drivers here. + */ +-/* #include "xxdb.h" */ ++#include "ldapdb.h" + + static isc_boolean_t want_stats = ISC_FALSE; + static char program_name[ISC_DIR_NAMEMAX] = "named"; +@@ -669,7 +669,7 @@ + /* + * Add calls to register sdb drivers here. + */ +- /* xxdb_init(); */ ++ ldapdb_init(); + + ns_server_create(ns_g_mctx, &ns_g_server); + } +@@ -685,7 +685,7 @@ + /* + * Add calls to unregister sdb drivers here. + */ +- /* xxdb_clear(); */ ++ ldapdb_clear(); + + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, + ISC_LOG_NOTICE, "exiting"); diff --git a/net-dns/bind/files/bind-9.3.4-missing_odbc_test.patch b/net-dns/bind/files/bind-9.3.4-missing_odbc_test.patch new file mode 100644 index 00000000..ead47527 --- /dev/null +++ b/net-dns/bind/files/bind-9.3.4-missing_odbc_test.patch @@ -0,0 +1,20 @@ +--- configure.in 2006-07-09 22:00:54.000000000 +0000 ++++ configure.in 2006-07-09 22:01:05.000000000 +0000 +@@ -686,17 +686,7 @@ + fi + done + +- if test -z "`${CC} contrib/sdb/test//test.c -lodbc -o contrib/sdb/test/test.ok 2>&1`"; then + DLZ_ODBC_LIB="-lodbc" +- elif test -z "`${CC} contrib/sdb/test//test.c -liodbc -o contrib/sdb/test/test.ok 2>&1`"; then +- DLZ_ODBC_LIB="-liodbc" +- else +- DLZ_ODBC_LIB="" +- use_dlz_odbc="no" +- AC_MSG_RESULT("no ODBC libraries found") +- fi +- rm -f contrib/sdb/test/test.ok +- + + if test "$use_dlz_odbc" = "yes" + then diff --git a/net-dns/bind/files/bind-9.4.0-dlzbdb-close_cursor.patch b/net-dns/bind/files/bind-9.4.0-dlzbdb-close_cursor.patch new file mode 100644 index 00000000..ed71e16d --- /dev/null +++ b/net-dns/bind/files/bind-9.4.0-dlzbdb-close_cursor.patch @@ -0,0 +1,11 @@ +--- contrib/dlz/drivers/dlz_bdbhpt_driver.c 2007-03-02 12:02:12.000000000 +0300 ++++ contrib/dlz/drivers/dlz_bdbhpt_driver.c 2007-03-02 12:02:18.000000000 +0300 +@@ -442,7 +442,7 @@ + xfr_cursor->c_close(xfr_cursor); + + if (dns_cursor != NULL) +- dns_cursor->c_close(xfr_cursor); ++ dns_cursor->c_close(dns_cursor); + + return result; + } diff --git a/net-dns/bind/files/bind-dlzbdb-close_cursor.patch b/net-dns/bind/files/bind-dlzbdb-close_cursor.patch new file mode 100644 index 00000000..5eb8c122 --- /dev/null +++ b/net-dns/bind/files/bind-dlzbdb-close_cursor.patch @@ -0,0 +1,11 @@ +--- bin/named/dlz_bdbhpt_driver.c Thu May 4 13:13:20 2006 ++++ bin/named/dlz_bdbhpt_driver.c Thu May 4 13:27:05 2006 +@@ -462,7 +462,7 @@ + xfr_cursor->c_close(xfr_cursor); + + if(dns_cursor != NULL) +- dns_cursor->c_close(xfr_cursor); ++ dns_cursor->c_close(dns_cursor); + + return result; + } diff --git a/net-dns/bind/files/bind-dlzbdb-includes.patch b/net-dns/bind/files/bind-dlzbdb-includes.patch new file mode 100644 index 00000000..b940840a --- /dev/null +++ b/net-dns/bind/files/bind-dlzbdb-includes.patch @@ -0,0 +1,12 @@ +--- bin/dlzbdb/Makefile.in 2006-03-25 22:11:15.840755988 +0000 ++++ bin/dlzbdb/Makefile.in 2006-03-25 22:33:43.873082259 +0000 +@@ -26,6 +26,9 @@ + DLZINCLUDES = @DLZ_BDB_INC@ + + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ ++ -I${top_srcdir}/lib/isc/include \ ++ -I${top_srcdir}/lib/isc/unix/include \ ++ -I${top_srcdir}/lib/isc/@ISC_THREAD_DIR@/include \ + ${ISC_INCLUDES} ${DLZINCLUDES} + + CDEFINES = @USE_DLZ_BDB@ diff --git a/net-dns/bind/files/bind-dlzmysql5-reconnect.patch b/net-dns/bind/files/bind-dlzmysql5-reconnect.patch new file mode 100644 index 00000000..b854b958 --- /dev/null +++ b/net-dns/bind/files/bind-dlzmysql5-reconnect.patch @@ -0,0 +1,59 @@ +--- bind-9.5.0a6.orig/contrib/dlz/drivers/dlz_mysql_driver.c 2007-02-06 06:44:26.000000000 +0100 ++++ bind-9.5.0a6/contrib/dlz/drivers/dlz_mysql_driver.c 2007-09-04 23:57:57.000000000 +0200 +@@ -92,6 +92,25 @@ + */ + + /*% ++ * Factorize the mysql_ping for adding a log error message ++ */ ++static isc_result_t ++mysqldrv_ping(dbinstance_t *dbi) { ++ int pres = 0; ++ ++ pres = mysql_ping(dbi->dbconn); ++ if ( pres != 0 ) { ++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, ++ DNS_LOGMODULE_DLZ, ISC_LOG_DEBUG(1), ++ "\nMySQL Ping Error : %s (%i)\n", ++ mysql_error(dbi->dbconn), ++ mysql_errno(dbi->dbconn)); ++ return (ISC_R_FAILURE); ++ } ++ return (ISC_R_SUCCESS); ++} ++ ++/*% + * Allocates memory for a new string, and then constructs the new + * string by "escaping" the input string. The new string is + * safe to be used in queries. This is necessary because we cannot +@@ -225,6 +244,8 @@ + } + + ++ mysqldrv_ping(dbi); ++ + /* + * was a zone string passed? If so, make it safe for use in + * queries. +@@ -324,7 +345,7 @@ + qres = mysql_query((MYSQL *) dbi->dbconn, querystring); + if (qres == 0) + break; +- for (j=0; mysql_ping((MYSQL *) dbi->dbconn) != 0 && j < 4; j++) ++ for (j=0; mysqldrv_ping(dbi) != 0 && j < 4; j++) + ; + } + +@@ -923,6 +944,12 @@ + pass = getParameterValue(argv[1], "pass="); + socket = getParameterValue(argv[1], "socket="); + ++ if(mysql_options((MYSQL *) dbi->dbconn, MYSQL_OPT_RECONNECT, "1")) { ++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE, ++ DNS_LOGMODULE_DLZ, ISC_LOG_ERROR, ++ "Could not set database reconnect option"); ++ } ++ + for (j=0; dbc == NULL && j < 4; j++) + dbc = mysql_real_connect((MYSQL *) dbi->dbconn, host, + user, pass, dbname, port, socket, diff --git a/net-dns/bind/files/localhost.zone b/net-dns/bind/files/localhost.zone new file mode 100644 index 00000000..44dff11c --- /dev/null +++ b/net-dns/bind/files/localhost.zone @@ -0,0 +1,9 @@ +$TTL 1W +@ IN SOA ns.localhost. root.localhost. ( + 2002081601 ; Serial + 28800 ; Refresh + 14400 ; Retry + 604800 ; Expire - 1 week + 86400 ) ; Minimum + IN NS ns +localhost. IN A 127.0.0.1 diff --git a/net-dns/bind/files/localhost.zone-r1 b/net-dns/bind/files/localhost.zone-r1 new file mode 100644 index 00000000..aee7b92a --- /dev/null +++ b/net-dns/bind/files/localhost.zone-r1 @@ -0,0 +1,9 @@ +$TTL 1W +@ IN SOA ns.localhost. root.localhost. ( + 2002081601 ; Serial + 28800 ; Refresh + 14400 ; Retry + 604800 ; Expire - 1 week + 86400 ) ; Minimum + IN NS 127.0.0.1 +localhost. IN A 127.0.0.1 diff --git a/net-dns/bind/files/localhost.zone-r2 b/net-dns/bind/files/localhost.zone-r2 new file mode 100644 index 00000000..338d7050 --- /dev/null +++ b/net-dns/bind/files/localhost.zone-r2 @@ -0,0 +1,11 @@ +$TTL 1W +@ IN SOA ns.localhost. root.localhost. ( + 2002081601 ; Serial + 28800 ; Refresh + 14400 ; Retry + 604800 ; Expire - 1 week + 86400 ) ; Minimum +@ IN NS ns +ns IN A 127.0.0.1 + +ns IN AAAA ::1 diff --git a/net-dns/bind/files/named.ca b/net-dns/bind/files/named.ca new file mode 100644 index 00000000..902a7047 --- /dev/null +++ b/net-dns/bind/files/named.ca @@ -0,0 +1,85 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . " +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.root +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: Feb 04, 2008 +; related version of root zone: 2008020400 +; +; formerly NS.INTERNIC.NET +; +. 3600000 IN NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +; +; formerly NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +; +; formerly C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +; +; formerly TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 +; +; formerly NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; formerly NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; formerly NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; formerly AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 +; +; formerly NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +; +; operated by VeriSign, Inc. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +; +; operated by RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; operated by ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +; +; operated by WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of File diff --git a/net-dns/bind/files/named.conf-r2 b/net-dns/bind/files/named.conf-r2 new file mode 100644 index 00000000..f9ae4cc9 --- /dev/null +++ b/net-dns/bind/files/named.conf-r2 @@ -0,0 +1,42 @@ +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + listen-on-v6 { none; }; + listen-on { 127.0.0.1; }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; +}; + +zone "." IN { + type hint; + file "named.ca"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; diff --git a/net-dns/bind/files/named.conf-r3 b/net-dns/bind/files/named.conf-r3 new file mode 100644 index 00000000..d58c61bd --- /dev/null +++ b/net-dns/bind/files/named.conf-r3 @@ -0,0 +1,53 @@ +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + listen-on-v6 { none; }; + listen-on { 127.0.0.1; }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; +}; + +// Briefly, a zone which has been declared delegation-only will be effectively +// limited to containing NS RRs for subdomains, but no actual data beyond its +// own apex (for example, its SOA RR and apex NS RRset). This can be used to +// filter out "wildcard" or "synthesized" data from NAT boxes or from +// authoritative name servers whose undelegated (in-zone) data is of no +// interest. +// See http://www.isc.org/products/BIND/delegation-only.html for more info + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +zone "." IN { + type hint; + file "named.ca"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; diff --git a/net-dns/bind/files/named.confd b/net-dns/bind/files/named.confd new file mode 100644 index 00000000..c59ed25f --- /dev/null +++ b/net-dns/bind/files/named.confd @@ -0,0 +1,13 @@ +# Set various named options here. +# +OPTIONS="" + +# Set this to the number of processors you have. +# +CPU="1" + +# If you wish to run bind in a chroot, run: +# emerge --config = +# and un-comment the following line. +# You can specify a different chroot directory but MAKE SURE it's empty. +# CHROOT="/chroot/dns" diff --git a/net-dns/bind/files/named.confd-r1 b/net-dns/bind/files/named.confd-r1 new file mode 100644 index 00000000..62f4c165 --- /dev/null +++ b/net-dns/bind/files/named.confd-r1 @@ -0,0 +1,16 @@ +# Set various named options here. +# +OPTIONS="" + +# Set this to the number of processors you have. +# +CPU="1" + +# If you wish to run bind in a chroot, run: +# emerge --config = +# and un-comment the following line. +# You can specify a different chroot directory but MAKE SURE it's empty. +# CHROOT="/chroot/dns" + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" diff --git a/net-dns/bind/files/named.confd-r2 b/net-dns/bind/files/named.confd-r2 new file mode 100644 index 00000000..2106938c --- /dev/null +++ b/net-dns/bind/files/named.confd-r2 @@ -0,0 +1,20 @@ +# Set various named options here. +# +OPTIONS="" + +# Set this to the number of processors you have. +# +CPU="1" + +# If you wish to run bind in a chroot, run: +# emerge --config = +# and un-comment the following line. +# You can specify a different chroot directory but MAKE SURE it's empty. +# CHROOT="/chroot/dns" + +# Default pid file location +PIDFILE="${CHROOT}/var/run/named/named.pid" + +# Scheduling priority: 19 is the lowest and -20 is the highest. +# +NAMED_NICELEVEL="0" diff --git a/net-dns/bind/files/named.init b/net-dns/bind/files/named.init new file mode 100755 index 00000000..ff556bc9 --- /dev/null +++ b/net-dns/bind/files/named.init @@ -0,0 +1,72 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init,v 1.1 2005/06/23 17:37:44 voxus Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # As with the named.conf test, above, there's no need + # for chroot and non-chroot cases here + PIDFILE=$(grep "pid-file" ${CHROOT}/etc/bind/named.conf | \ + egrep -v ".*[#,//].*pid-file" | \ + head -n 1 | \ + sed -ne 's:.*pid-file \"\(.*\)\";:\1:p') + [ -n "$PIDFILE" ] || PIDFILE=/var/run/named.pid + + PIDFILE="${CHROOT}$PIDFILE" + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t $CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} + +restart() { + svc_stop + svc_start +} diff --git a/net-dns/bind/files/named.init-r2 b/net-dns/bind/files/named.init-r2 new file mode 100755 index 00000000..65804e11 --- /dev/null +++ b/net-dns/bind/files/named.init-r2 @@ -0,0 +1,66 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r2,v 1.1 2005/09/30 22:33:25 voxus Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # as suggested in bug #107724 + PIDFILE=$(\ + egrep -v \ + "^([[:cntrl:] ]+(#|//|/\*)|(#|//|/\*))" \ + ${CHROOT}/etc/bind/named.conf \ + | egrep -o -m1 "pid\-file +\".+\" *;" \ + | cut -d\" -f2 + ) + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t $CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} diff --git a/net-dns/bind/files/named.init-r3 b/net-dns/bind/files/named.init-r3 new file mode 100755 index 00000000..576b51d3 --- /dev/null +++ b/net-dns/bind/files/named.init-r3 @@ -0,0 +1,66 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r3,v 1.1 2005/11/09 09:25:53 voxus Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # as suggested in bug #107724 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + egrep -v \ + "^([[:cntrl:] ]+(#|//|/\*)|(#|//|/\*))" \ + ${CHROOT}/etc/bind/named.conf \ + | egrep -o -m1 "pid\-file +\".+\" *;" \ + | cut -d\" -f2 + ) + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t $CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} diff --git a/net-dns/bind/files/named.init-r4 b/net-dns/bind/files/named.init-r4 new file mode 100755 index 00000000..aa2b2162 --- /dev/null +++ b/net-dns/bind/files/named.init-r4 @@ -0,0 +1,70 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r4,v 1.2 2007/05/12 23:19:40 uberlord Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # as suggested in bug #107724 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + egrep -v \ + "^([[:cntrl:] ]+(#|//|/\*)|(#|//|/\*))" \ + ${CHROOT}/etc/bind/named.conf \ + | egrep -o -m1 "pid\-file +\".+\" *;" \ + | cut -d\" -f2 + ) + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t} ${CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + if [ -f $KEY ] ; then + rndc -k $KEY stop &>/dev/null + else + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + fi + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} diff --git a/net-dns/bind/files/named.init-r5 b/net-dns/bind/files/named.init-r5 new file mode 100755 index 00000000..734ac5d7 --- /dev/null +++ b/net-dns/bind/files/named.init-r5 @@ -0,0 +1,71 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.init-r5,v 1.1 2007/06/02 22:34:48 voxus Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # as suggested in bug #107724 + [ -n "${PIDFILE}" ] || PIDFILE=${CHROOT}$(\ + egrep -v \ + "^([[:cntrl:] ]+(#|//|/\*)|(#|//|/\*))" \ + ${CHROOT}/etc/bind/named.conf \ + | egrep -o -m1 "pid\-file +\".+\" *;" \ + | cut -d\" -f2 + ) + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --nicelevel ${NAMED_NICELEVEL:-0} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t} ${CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + if [ -f $KEY ] ; then + rndc -k $KEY stop &>/dev/null + else + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + fi + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} diff --git a/net-dns/bind/files/named.rc b/net-dns/bind/files/named.rc new file mode 100755 index 00000000..22fa5eca --- /dev/null +++ b/net-dns/bind/files/named.rc @@ -0,0 +1,72 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.rc,v 1.1 2005/08/03 16:54:38 voxus Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! ${CPU} ] ; then + CPU="1" + fi + + # As with the named.conf test, above, there's no need + # for chroot and non-chroot cases here + PIDFILE=$(grep "pid-file" ${CHROOT}/etc/bind/named.conf | \ + egrep -v ".*[#,//].*pid-file" | \ + head -n 1 | \ + sed -ne 's:.*pid-file\(.*\)\"\(.*\)\";:\2:p') + [ -n "$PIDFILE" ] || PIDFILE=/var/run/named.pid + + PIDFILE="${CHROOT}$PIDFILE" + + KEY="${CHROOT}/etc/bind/rndc.key" +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ + --exec /usr/sbin/named \ + -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t $CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} + +restart() { + svc_stop + svc_start +} diff --git a/net-dns/bind/files/named.rc6 b/net-dns/bind/files/named.rc6 new file mode 100755 index 00000000..7c3f4dfa --- /dev/null +++ b/net-dns/bind/files/named.rc6 @@ -0,0 +1,66 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/bind/files/named.rc6,v 1.15 2004/07/14 23:18:19 agriffis Exp $ + +opts="start stop reload restart" + +depend() { + need net + use logger + provide dns +} + +checkconfig() { + if [ ! -f ${CHROOT}/etc/bind/named.conf ] ; then + eerror "No ${CHROOT}/etc/bind/named.conf file exists!" + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named + if [ ! $CPU ] ; then + CPU=1 + fi + + if [ $CHROOT -a -d $CHROOT ] ; then + PIDFILE="${CHROOT}/var/run/named/named.pid" + KEY="${CHROOT}/etc/bind/rndc.key" + else + PIDFILE="/var/run/named/named.pid" + KEY="/etc/bind/rndc.key" + fi +} + +start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 + start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -n $CPU $OPTIONS ${CHROOT:+-t $CHROOT} + eend $? +} + +stop() { + ebegin "Stopping ${CHROOT:+chrooted }named" + checkconfig || return 2 + start-stop-daemon --stop --quiet --pidfile $PIDFILE \ + --exec /usr/sbin/named -- stop + eend $? +} + +reload() { + checkconfig || return 3 + if [ ! -f $PIDFILE ] ; then + /etc/init.d/named start &>/dev/null + exit + fi + + if [ -f $KEY ] ; then + ebegin "Reloading named.conf and zone files" + rndc -k $KEY reload &>/dev/null + eend $? + else /etc/init.d/named restart &>/dev/null + fi +} + +restart() { + svc_stop + svc_start +} diff --git a/net-dns/bind/files/named.rc6-pid_fix b/net-dns/bind/files/named.rc6-pid_fix new file mode 100644 index 00000000..3f3c4fa7 --- /dev/null +++ b/net-dns/bind/files/named.rc6-pid_fix @@ -0,0 +1,13 @@ +--- files/named.rc6 2004-07-15 03:36:02.000000000 +0400 ++++ named 2005-03-25 20:19:16.000000000 +0300 +@@ -33,7 +33,9 @@ + start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 +- start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -n $CPU $OPTIONS ${CHROOT:+-t $CHROOT} ++ start-stop-daemon --start --quiet --exec /usr/sbin/named \ ++ --pid ${CHROOT}/var/run/named/named.pid \ ++ -- -u named -n $CPU $OPTIONS ${CHROOT:+-t $CHROOT} + eend $? + } + diff --git a/net-dns/bind/files/named.rc6-smart_pid_fix b/net-dns/bind/files/named.rc6-smart_pid_fix new file mode 100644 index 00000000..3af7c040 --- /dev/null +++ b/net-dns/bind/files/named.rc6-smart_pid_fix @@ -0,0 +1,42 @@ +--- named.orig 2005-04-17 16:14:08.000000000 +0400 ++++ named.rc6 2005-04-17 16:18:00.000000000 +0400 +@@ -17,23 +17,29 @@ + fi + + # In case someone doesn't have $CPU set from /etc/conf.d/named +- if [ ! $CPU ] ; then +- CPU=1 ++ if [ ! ${CPU} ] ; then ++ CPU="1" + fi + +- if [ $CHROOT -a -d $CHROOT ] ; then +- PIDFILE="${CHROOT}/var/run/named/named.pid" +- KEY="${CHROOT}/etc/bind/rndc.key" +- else +- PIDFILE="/var/run/named/named.pid" +- KEY="/etc/bind/rndc.key" +- fi ++ # As with the named.conf test, above, there's no need ++ # for chroot and non-chroot cases here ++ PIDFILE=$(grep "pid-file" ${CHROOT}/etc/bind/named.conf | \ ++ egrep -v ".*[#,//].*pid-file" | \ ++ head -n 1 | \ ++ sed -ne 's:.*pid-file \"\(.*\)\";:\1:p') ++ [ -n "$PIDFILE" ] || PIDFILE=/var/run/named.pid ++ ++ PIDFILE="${CHROOT}$PIDFILE" ++ ++ KEY="${CHROOT}/etc/bind/rndc.key" + } + + start() { + ebegin "Starting ${CHROOT:+chrooted }named" + checkconfig || return 1 +- start-stop-daemon --start --quiet --exec /usr/sbin/named -- -u named -n $CPU $OPTIONS ${CHROOT:+-t $CHROOT} ++ start-stop-daemon --start --quiet --pidfile ${PIDFILE} \ ++ --exec /usr/sbin/named \ ++ -- -u named -n ${CPU} ${OPTIONS} ${CHROOT:+-t $CHROOT} + eend $? + } + diff --git a/net-misc/dhcp/Manifest b/net-misc/dhcp/Manifest new file mode 100644 index 00000000..bb891fc7 --- /dev/null +++ b/net-misc/dhcp/Manifest @@ -0,0 +1,26 @@ +AUX dhcp-3.0-ddns-example.patch 401 RMD160 0188ae91fb58fc6f8c0d1b5bcbed58582dfed099 SHA1 c9e0f4c9ccbf1ff89076ff1bec37fb6d1276b7f0 SHA256 cf136ce92ea8f3337b9ded9c6f4f019db9782a68c63a3e8b712d26a04c2c9584 +AUX dhcp-3.0-fix-perms.patch 485 RMD160 3857270dffed5feee95609aeb37d0c9ef8844945 SHA1 1217265a8a7f1416b781e9f79e8dfb8304268e6c SHA256 a805a60b36e148886887aebb797e80f642386b3e55ef4a0b5132f96a2877e018 +AUX dhcp-3.0-paranoia.patch 5366 RMD160 7c64e3dac5b07ff3859fcaa7a8b0e52a0c50446c SHA1 a30103c138e480766f84644fffb1d0897709c27d SHA256 a8db9eb98397a9c1b3a0de07fc107c39dc4f6a4a331d404fc6fcc4a8dbc7aeae +AUX dhcp-3.0.2-gmake.patch 1872 RMD160 d2d41c0a7e002103d68605d2492bfe716bb2889e SHA1 f60c89233f06ca8554cd5cc9ed0301b597a724f7 SHA256 b2bbfc1d1f5b4d03ff3f53b3974ec32731e5f626de8f8d127328591e4c721215 +AUX dhcp-3.0.3-dhclient-dbus.patch 2774 RMD160 250582d89894a58a297786c4a6884b54219c4b6f SHA1 74760ca00712ff529e6b97457408515098563f88 SHA256 d70292c5b61648ba5970ab436429ced33e807bd6f68ba06dcd2b9d4073b02ea4 +AUX dhcp-3.0.3-dhclient-hostname.patch 523 RMD160 38c20bcc417822ae858626eb5d0eaf7e669c1ca0 SHA1 5d2c3a1da74a1d151c9fbf08e01e4545e989078c SHA256 57c09edd2bf48cd65745e3b14499f7f3c26d529f60fd2ab122887ae968e26bbd +AUX dhcp-3.0.3-dhclient-metric.patch 7270 RMD160 04187868f66e03a62dafd31b4cdcdd2029283ce5 SHA1 1d726d1526ae97adbdf1b259bb55e05145060375 SHA256 7e5ace014ed55d7d4e90a6cdac7dec4842ea9d178bb19bf6cdccf295eba9da7d +AUX dhcp-3.0.3-dhclient-mtu.patch 6413 RMD160 2517c7fe58d7dca95bdbdc80e96b6260cc205e56 SHA1 da342800bafee86726570aa0a5e4e3c8bd5f1371 SHA256 0a4bff3c4c44252125f66a3a4423f677465592b84a8f7f500bad9ba4e3b5cb06 +AUX dhcp-3.0.3-dhclient-no-down.patch 2332 RMD160 26d0c88534b71070e81c86c12b76a2b4ec7c9c2c SHA1 b2a00d46754414e937dc6c3d63a28b63b3b57ac9 SHA256 a5a67de79f6435d9bc4eeea416aff7a904ab567e5e8d75ecf34495bc9f2c5a44 +AUX dhcp-3.0.3-dhclient-ntp.patch 5862 RMD160 73d001b7b2df36cf84aba9db76a1753c8d423a7d SHA1 cc3db6430f07f956c2ad25ed00e47d468eef2600 SHA256 80ab30eee75fb03c099416c25f031d03744011a582e8940c73077d5ee587c1ee +AUX dhcp-3.0.3-dhclient-resolvconf.patch 6659 RMD160 27e6d97ca0ca52fc85abeb4f21f4cea526cbffcb SHA1 d4808b4ba195a2fe1232136c2e36fb534a4c07c3 SHA256 3e2ec3758f6a56658aa1ef9c8ab29f655716015f0c75eba022fa6e1a5e28b1ac +AUX dhcp-3.0.3-dhclient-stdin-conf.patch 1948 RMD160 42f32a5bbfe2a937827c2972ef84cfa78c2c401c SHA1 ac7afd5ecbde5348e9acea532dab1e01e3a58e8b SHA256 e1bfd26b7da10acc4bd718e35aae4235308abcacde78dedf39533b11ab18b3ae +AUX dhcp-3.0.3-libdst.patch 322 RMD160 5216c754a912cfcfc65683afcf44dbe1a7871212 SHA1 804bab67ae06269336c51183d5ff1e8ba45c20b5 SHA256 68e9a081739736980c0ad834dfa6197f940982f53d4d16054715c0346b5b9eca +AUX dhcp-3.0.3-no_isc_blurb.patch 3002 RMD160 d70f89e1763bfeb23ce8f09399426983df01f7c8 SHA1 99a9fe69988226d29ccc6c2dc745ffab9b66817c SHA256 09c451cd9667fc8effcecd640f4cbe8629d41f6abacf9d1f2f923aab1f6e0bbb +AUX dhcp-3.0.3-tr.patch 377 RMD160 fe81fefb55796b4e06fa73ec180026dceef5599d SHA1 947a4002e7e2b21cd80fe0a3d0f6f044d5c6faff SHA256 05f81ad7c0e8cd2d2f3e81c0cd1aecc0f2a2787672037eca87e66a814150f5c8 +AUX dhcp-3.0.3-x-option.patch 6478 RMD160 a0fa5b3c7caf2d303a76c3d6fc135783cfa2bbc6 SHA1 4c77474307f9e657e45618f93ba9120eafd83a9e SHA256 6628629a95ee7e711f9dbce6b7d527b15f98eaf7592a1d0855d7bf65961bc3f7 +AUX dhcp-3.0.4-dhclient-stdin-conf.patch 2176 RMD160 fae08899f6b57da3ec7ab0068e288bbdf2fbf2ae SHA1 c10c35dcf4a94f45f4bc98147a70e9dcf3f01dd5 SHA256 80141fe71e52774f1c7b1a02f2cbd49bc646f19753ceefc1c3605104df0cae5f +AUX dhcp-3.0.5-bpf-nofallback.patch 1473 RMD160 1a5ece77cb481416935b0d2eea53e85dc4c4ee93 SHA1 d4cad638075a98606e07c633551c8a1d2f78f2e7 SHA256 b215c5ff4a282b475f28168250c05bbbc85e7c37e7af92616571d499b8c14da6 +AUX dhcp-3.1.0-ldap.patch 186418 RMD160 a84a45107f5b050c859a6a78e6a05be48e553364 SHA1 30f60d83e01decf0de6556f4abab85b168071062 SHA256 2c061f5cd90858d9cacc7176c60c1d9f26a6f034daf161c4f4df1e381eed91cb +AUX dhcp-3.1.0a1-dhclient-resolvconf.patch 10316 RMD160 183bedd1660bf5a5f9dc7d002199e76aec12341c SHA1 1e0332ea31cfdbe92f3053405587f08117de8f8b SHA256 112b2ed44aab92592eb3810c61ada7f30d9d01fe43b647667326972a37b412a1 +AUX dhcpd.conf 1092 RMD160 936bb112c7cdf8e669b695599252d1f6626be2f3 SHA1 cbabbcea73a0cbc9692462683b983c96d6f18b0c SHA256 b86d27e0560689057b01a352474582fceb3a398eaf3b17f901378ec56284c4d5 +AUX dhcpd.init 1989 RMD160 7f6b6858020100e47efa5d6a0809b2959e551249 SHA1 2c611adc6425fd095740aa56d09d8aafb4fea58a SHA256 916bfeb81dcb3423fd4239270ac2dce2e6dc105b28a06e03b352f6bf6b30ed1e +AUX dhcrelay.conf 421 RMD160 456edbc9bcc8d3a44db5bb6dbf0c3003c3e7419c SHA1 78ecdb000382893fb49d0052ced063955b0ad9cf SHA256 409b895ed489e75c1a08f72961b45d641b93fd9357f528abc78b1fd036b7f730 +AUX dhcrelay.init 736 RMD160 04566b87bd6dbb8bb754b26409ca30b878ef3ca3 SHA1 72742b308314b2e1476b27e94212fbf4d179adc4 SHA256 cfdaff3a723be3935d06c14e171d4008f2ad3329bd05ac2e49c19bc0e14bc59c +DIST dhcp-3.1.0.tar.gz 797100 RMD160 59ef8b695b66d3cb61437e25a179d9f17639017d SHA1 f33d017f055648e6571aa26cf314d37857491a2e SHA256 26d02217f53e40ab7c7140cf58d99b55a64979c8501481b28da9c432f0f92243 +EBUILD dhcp-3.1.0-r1.ebuild 7622 RMD160 831ed83951cf678c02ea5b2a7b6c0c873009270f SHA1 a1be08f55e97189d6cde851491b410294db6c6c0 SHA256 a7ca880b7af8422ed152f09eb9c5917b6c3186d51f2a87ab043eae560b94d127 diff --git a/net-misc/dhcp/dhcp-3.1.0-r1.ebuild b/net-misc/dhcp/dhcp-3.1.0-r1.ebuild new file mode 100644 index 00000000..4c895abf --- /dev/null +++ b/net-misc/dhcp/dhcp-3.1.0-r1.ebuild @@ -0,0 +1,244 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.1.0.ebuild,v 1.11 2008/01/10 09:14:57 vapier Exp $ + +inherit eutils flag-o-matic multilib toolchain-funcs + +MY_PV="${PV//_alpha/a}" +MY_PV="${MY_PV//_beta/b}" +MY_PV="${MY_PV//_rc/rc}" +MY_P="${PN}-${MY_PV}" +DESCRIPTION="ISC Dynamic Host Configuration Protocol" +HOMEPAGE="http://www.isc.org/products/DHCP" +SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz" + +LICENSE="isc-dhcp" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" +IUSE="doc minimal static selinux kernel_linux ldap" + +DEPEND="selinux? ( sec-policy/selinux-dhcp ) + kernel_linux? ( sys-apps/net-tools ) + ldap? ( net-nds/openldap )" + +PROVIDE="virtual/dhcpc" + +S="${WORKDIR}/${MY_P}" + +src_unpack() { + unpack ${A} + cd "${S}" + + # Gentoo patches - these will probably never be accepted upstream + # Enable chroot support + epatch "${FILESDIR}/${PN}"-3.0-paranoia.patch + # Fix some permission issues + epatch "${FILESDIR}/${PN}"-3.0-fix-perms.patch + # Enable dhclient to equery NTP servers + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-ntp.patch + # resolvconf support in dhclient-script + epatch "${FILESDIR}/${PN}"-3.1.0a1-dhclient-resolvconf.patch + # Fix setting hostnames on Linux + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-hostname.patch + # Allow mtu settings + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-mtu.patch + # Allow dhclient to use IF_METRIC to set route metrics + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-metric.patch + # Stop downing the interface on Linux as that breaks link dameons + # such as wpa_supplicant and netplug + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-no-down.patch + # Quiet the isc blurb + epatch "${FILESDIR}/${PN}"-3.0.3-no_isc_blurb.patch + # Enable dhclient to get extra configuration from stdin + epatch "${FILESDIR}/${PN}"-3.0.4-dhclient-stdin-conf.patch + # Disable fallback interfaces when using BPF + # This allows more than one dhclient instance on the BSD's + epatch "${FILESDIR}/${PN}"-3.0.5-bpf-nofallback.patch + + # General fixes which will probably be accepted upstream eventually + # Install libdst, #75544 + epatch "${FILESDIR}/${PN}"-3.0.3-libdst.patch + # Fix building on Gentoo/FreeBSD + epatch "${FILESDIR}/${PN}"-3.0.2-gmake.patch + + # NetworkManager support patches + # If they fail to apply to future versions they will be dropped + # Add dbus support to dhclient + epatch "${FILESDIR}/${PN}"-3.0.3-dhclient-dbus.patch + + # Ldap support patch + # Add ldap support to dhcpd + use ldap && epatch "${FILESDIR}/${PN}"-3.1.0-ldap.patch + + # Brand the version with Gentoo + # include revision if >0 + local newver="${MY_PV}-Gentoo" + use ldap && local newver="${MY_PV}-Gentoo-LDAP" + [[ ${PR} != "r0" ]] && newver="${newver}-${PR}" + sed -i '/^#define DHCP_VERSION[ \t]\+/ s/'"${MY_PV}/${newver}/g" \ + includes/version.h || die + + # Change the hook script locations of the scripts + sed -i -e 's,/etc/dhclient-exit-hooks,/etc/dhcp/dhclient-exit-hooks,g' \ + -e 's,/etc/dhclient-enter-hooks,/etc/dhcp/dhclient-enter-hooks,g' \ + client/scripts/* || die + + # No need for the linux script to force bash, #158540. + sed -i -e 's,#!/bin/bash,#!/bin/sh,' client/scripts/linux || die + + # Quiet the freebsd logger a little + sed -i -e '/LOGGER=/ s/-s -p user.notice //g' client/scripts/freebsd || die + + # Remove these options from the sample config + sed -i -e "/\(script\|host-name\|domain-name\) / d" \ + client/dhclient.conf || die + + # Build sed man pages as we don't ever support BSD 4.4 and older, #130251. + local x= + for x in Makefile.dist $(ls */Makefile.dist) ; do + sed -i -e 's/$(CATMANPAGES)/$(SEDMANPAGES)/g' "${x}" || die + done + + # Only install different man pages if we don't have en + if [[ " ${LINGUAS} " != *" en "* ]]; then + # Install Japanese man pages + if [[ " ${LINGUAS} " == *" ja "* && -d doc/ja_JP.eucJP ]]; then + einfo "Installing Japanese documention" + cp doc/ja_JP.eucJP/dhclient* client + cp doc/ja_JP.eucJP/dhcp* common + fi + fi + + # Now remove the non-english docs so there are no errors later + [[ -d doc/ja_JP.eucJP ]] && rm -rf doc/ja_JP.eucJP +} + +src_compile() { + use static && append-ldflags -static + + cat <<-END >> includes/site.h + #define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf" + #define _PATH_DHCPD_PID "/var/run/dhcp/dhcpd.pid" + #define _PATH_DHCPD_DB "/var/lib/dhcp/dhcpd.leases" + #define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf" + #define _PATH_DHCLIENT_DB "/var/lib/dhcp/dhclient.leases" + #define _PATH_DHCLIENT_PID "/var/run/dhcp/dhclient.pid" + #define DHCPD_LOG_FACILITY LOG_LOCAL1 + END + + cat <<-END > site.conf + CC = $(tc-getCC) + LFLAGS = ${LDFLAGS} + LIBDIR = /usr/$(get_libdir) + INCDIR = /usr/include + ETC = /etc/dhcp + VARDB = /var/lib/dhcp + VARRUN = /var/run/dhcp + ADMMANDIR = /usr/share/man/man8 + ADMMANEXT = .8 + FFMANDIR = /usr/share/man/man5 + FFMANEXT = .5 + LIBMANDIR = /usr/share/man/man3 + LIBMANEXT = .3 + USRMANDIR = /usr/share/man/man1 + USRMANEXT = .1 + MANCAT = man + END + + ./configure --copts "-DPARANOIA -DEARLY_CHROOT ${CFLAGS}" \ + || die "configure failed" + + # Remove server support from the Makefile + # We still install some extra crud though + if use minimal ; then + sed -i -e 's/\(server\|relay\|dhcpctl\)/ /g' work.*/Makefile || die + fi + emake || die "compile problem" +} + +src_install() { + make install DESTDIR="${D}" || die + use doc && dodoc README RELNOTES doc/* + + insinto /etc/dhcp + newins client/dhclient.conf dhclient.conf.sample + keepdir /var/{lib,run}/dhcp + + # Install our server files + if ! use minimal ; then + insinto /etc/dhcp + newins server/dhcpd.conf dhcpd.conf.sample + newinitd "${FILESDIR}"/dhcpd.init dhcpd + newinitd "${FILESDIR}"/dhcrelay.init dhcrelay + newconfd "${FILESDIR}"/dhcpd.conf dhcpd + newconfd "${FILESDIR}"/dhcrelay.conf dhcrelay + + # We never want portage to own this file + rm -f "${D}"/var/lib/dhcp/dhcpd.leases + fi +} + +pkg_preinst() { + if ! use minimal ; then + enewgroup dhcp + enewuser dhcp -1 -1 /var/lib/dhcp dhcp + fi +} + +pkg_postinst() { + use minimal && return + + chown dhcp:dhcp "${ROOT}"/var/{lib,run}/dhcp + + if [[ -e "${ROOT}"/etc/init.d/dhcp ]] ; then + ewarn + ewarn "WARNING: The dhcp init script has been renamed to dhcpd" + ewarn "/etc/init.d/dhcp and /etc/conf.d/dhcp need to be removed and" + ewarn "and dhcp should be removed from the default runlevel" + ewarn + fi + + einfo "You can edit /etc/conf.d/dhcpd to customize dhcp settings." + einfo + einfo "If you would like to run dhcpd in a chroot, simply configure the" + einfo "DHCPD_CHROOT directory in /etc/conf.d/dhcpd and then run:" + einfo " emerge --config =${PF}" +} + +pkg_config() { + if use minimal ; then + eerror "${PN} has not been compiled for server support" + eerror "emerge ${PN} without the minimal USE flag to use dhcp sever" + return 1 + fi + + local CHROOT="$( + sed -n -e 's/^[[:blank:]]\?DHCPD_CHROOT="*\([^#"]\+\)"*/\1/p' \ + "${ROOT}"/etc/conf.d/dhcpd + )" + + if [[ -z ${CHROOT} ]]; then + eerror "CHROOT not defined in /etc/conf.d/dhcpd" + return 1 + fi + + CHROOT="${ROOT}/${CHROOT}" + + if [[ -d ${CHROOT} ]] ; then + ewarn "${CHROOT} already exists - aborting" + return 0 + fi + + ebegin "Setting up the chroot directory" + mkdir -m 0755 -p "${CHROOT}/"{dev,etc,var/lib,var/run/dhcp} + cp /etc/{localtime,resolv.conf} "${CHROOT}"/etc + cp -R /etc/dhcp "${CHROOT}"/etc + cp -R /var/lib/dhcp "${CHROOT}"/var/lib + ln -s ../../var/lib/dhcp "${CHROOT}"/etc/dhcp/lib + chown -R dhcp:dhcp "${CHROOT}"/var/{lib,run}/dhcp + eend 0 + + local logger="$(best_version virtual/logger)" + einfo "To enable logging from the dhcpd server, configure your" + einfo "logger (${logger}) to listen on ${CHROOT}/dev/log" +} diff --git a/net-misc/dhcp/files/dhcp-3.0-ddns-example.patch b/net-misc/dhcp/files/dhcp-3.0-ddns-example.patch new file mode 100644 index 00000000..8e69ddbe --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0-ddns-example.patch @@ -0,0 +1,13 @@ +diff -ur a/server/dhcpd.conf b/server/dhcpd.conf +--- a/server/dhcpd.conf 2001-01-25 08:33:11 +0000 ++++ b/server/dhcpd.conf 2007-07-19 10:29:43 +0100 +@@ -21,6 +21,9 @@ + # No service will be given on this subnet, but declaring it helps the + # DHCP server to understand the network topology. + ++# Disable dynamic DNS updates. ++ddns-update-style none; ++ + subnet 10.152.187.0 netmask 255.255.255.0 { + } + diff --git a/net-misc/dhcp/files/dhcp-3.0-fix-perms.patch b/net-misc/dhcp/files/dhcp-3.0-fix-perms.patch new file mode 100644 index 00000000..13debb20 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0-fix-perms.patch @@ -0,0 +1,15 @@ +--- server/dhcpd.c 2003-11-05 14:08:09.000000000 -0800 ++++ server/dhcpd.c 2003-11-05 14:15:32.000000000 -0800 +@@ -602,6 +602,12 @@ + if (lftest) + exit (0); + ++#if defined (PARANOIA) ++ /* Set proper permissions... */ ++ if (lchown (path_dhcpd_db, set_uid, set_gid)) ++ log_fatal ("lchown(%s, %d, %d): %m", path_dhcpd_db, (int) set_uid, (int) set_gid); ++#endif /* PARANOIA */ ++ + /* Discover all the network interfaces and initialize them. */ + discover_interfaces (DISCOVER_SERVER); + diff --git a/net-misc/dhcp/files/dhcp-3.0-paranoia.patch b/net-misc/dhcp/files/dhcp-3.0-paranoia.patch new file mode 100644 index 00000000..886f5cb5 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0-paranoia.patch @@ -0,0 +1,207 @@ + +paranoia (non-root/chroot) patch for ISC dhcp 3.0 +file to patch: dhcp-3.0/server/dhcpd.c + +update from paranoia patch for ISC dhcp 2.0 + +Adds 3 options: + + -user + -group + -chroot + +Notes: + -DPARANOIA must be passed as an argument to the --copts option + of configure. Otherwise, the paranoia code will not be compiled + in. Example: ./configure --copts -DPARANOIA + + The chroot() call has been delayed in order to allow /dev/log to + be reopened after the configuration file has been read. This is + beneficial for systems on which /dev/log is a unix domain socket. + The main side effect is that dhcpd.conf should be placed in /etc, + instead of /etc. + + If dhcpd is to be run on a sysV-style architecture (or, more + generally, if /dev/log is a character device), one may opt to + create the /dev/log character device and add + -DEARLY_CHROOT to the --copts option of configure (in addition to + -DPARANOIA). This will perform the chroot() call at the earliest + convenience (before reading the configuration file). + + If the -user option is used, the lease and pid file directories + should be writable to the server process after it drops + privileges. + + +ari edelkind (12/10/2001) +last modified 12/10/2001 + + +--- dhcp-3.0/server/dhcpd.c Thu Jun 21 22:12:58 2001 ++++ dhcp-3.0+paranoia/server/dhcpd.c Wed Oct 17 08:23:00 2001 +@@ -56,6 +56,16 @@ + #include "version.h" + #include + ++#if defined (PARANOIA) ++# include ++# include ++# include ++/* get around the ISC declaration of group */ ++# define group real_group ++# include ++# undef group ++#endif /* PARANOIA */ ++ + static void usage PROTO ((void)); + + TIME cur_time; +@@ -204,6 +214,22 @@ + omapi_object_dereference (&listener, MDL); + } + ++#if defined (PARANOIA) ++/* to be used in one of two possible scenarios */ ++static void setup_chroot (char *chroot_dir) { ++ if (geteuid()) ++ log_fatal ("you must be root to use chroot"); ++ ++ if (chroot(chroot_dir)) { ++ log_fatal ("chroot(\"%s\"): %m", chroot_dir); ++ } ++ if (chdir ("/")) { ++ /* probably permission denied */ ++ log_fatal ("chdir(\"/\"): %m"); ++ } ++} ++#endif /* PARANOIA */ ++ + int main (argc, argv, envp) + int argc; + char **argv, **envp; +@@ -236,6 +262,14 @@ + char *traceinfile = (char *)0; + char *traceoutfile = (char *)0; + #endif ++#if defined (PARANOIA) ++ char *set_user = 0; ++ char *set_group = 0; ++ char *set_chroot = 0; ++ ++ uid_t set_uid = 0; ++ gid_t set_gid = 0; ++#endif /* PARANOIA */ + + /* Make sure we have stdin, stdout and stderr. */ + status = open ("/dev/null", O_RDWR); +@@ -298,6 +332,20 @@ + if (++i == argc) + usage (); + server = argv [i]; ++#if defined (PARANOIA) ++ } else if (!strcmp (argv [i], "-user")) { ++ if (++i == argc) ++ usage (); ++ set_user = argv [i]; ++ } else if (!strcmp (argv [i], "-group")) { ++ if (++i == argc) ++ usage (); ++ set_group = argv [i]; ++ } else if (!strcmp (argv [i], "-chroot")) { ++ if (++i == argc) ++ usage (); ++ set_chroot = argv [i]; ++#endif /* PARANOIA */ + } else if (!strcmp (argv [i], "-cf")) { + if (++i == argc) + usage (); +@@ -397,6 +445,44 @@ + trace_seed_stop, MDL); + #endif + ++#if defined (PARANOIA) ++ /* get user and group info if those options were given */ ++ if (set_user) { ++ struct passwd *tmp_pwd; ++ ++ if (geteuid()) ++ log_fatal ("you must be root to set user"); ++ ++ if (!(tmp_pwd = getpwnam(set_user))) ++ log_fatal ("no such user: %s", set_user); ++ ++ set_uid = tmp_pwd->pw_uid; ++ ++ /* use the user's group as the default gid */ ++ if (!set_group) ++ set_gid = tmp_pwd->pw_gid; ++ } ++ ++ if (set_group) { ++/* get around the ISC declaration of group */ ++#define group real_group ++ struct group *tmp_grp; ++ ++ if (geteuid()) ++ log_fatal ("you must be root to set group"); ++ ++ if (!(tmp_grp = getgrnam(set_group))) ++ log_fatal ("no such group: %s", set_group); ++ ++ set_gid = tmp_grp->gr_gid; ++#undef group ++ } ++ ++# if defined (EARLY_CHROOT) ++ if (set_chroot) setup_chroot (set_chroot); ++# endif /* EARLY_CHROOT */ ++#endif /* PARANOIA */ ++ + /* Default to the DHCP/BOOTP port. */ + if (!local_port) + { +@@ -500,6 +586,10 @@ + + postconf_initialization (quiet); + ++#if defined (PARANOIA) && !defined (EARLY_CHROOT) ++ if (set_chroot) setup_chroot (set_chroot); ++#endif /* PARANOIA && !EARLY_CHROOT */ ++ + /* test option should cause an early exit */ + if (cftest && !lftest) + exit(0); +@@ -543,6 +633,22 @@ + exit (0); + } + ++#if defined (PARANOIA) ++ /* change uid to the specified one */ ++ ++ if (set_gid) { ++ if (setgroups (0, (void *)0)) ++ log_fatal ("setgroups: %m"); ++ if (setgid (set_gid)) ++ log_fatal ("setgid(%d): %m", (int) set_gid); ++ } ++ ++ if (set_uid) { ++ if (setuid (set_uid)) ++ log_fatal ("setuid(%d): %m", (int) set_uid); ++ } ++#endif /* PARANOIA */ ++ + /* Read previous pid file. */ + if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) { + status = read (i, pbuf, (sizeof pbuf) - 1); +@@ -888,6 +994,10 @@ + + log_fatal ("Usage: dhcpd [-p ] [-d] [-f]%s%s%s%s", + "\n [-cf config-file] [-lf lease-file]", ++#if defined (PARANOIA) ++ /* meld into the following string */ ++ "\n [-user user] [-group group] [-chroot dir]" ++#endif /* PARANOIA */ + #if defined (TRACING) + "\n [-tf trace-output-file]", + "\n [-play trace-input-file]", diff --git a/net-misc/dhcp/files/dhcp-3.0.2-gmake.patch b/net-misc/dhcp/files/dhcp-3.0.2-gmake.patch new file mode 100644 index 00000000..4ab99a2b --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.2-gmake.patch @@ -0,0 +1,66 @@ +Index: dhcp-3.0.2/Makefile +=================================================================== +--- dhcp-3.0.2.orig/Makefile ++++ dhcp-3.0.2/Makefile +@@ -33,7 +33,7 @@ all: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make all); \ ++ (cd work.$$sysname; $(MAKE) all); \ + fi + + install: +@@ -41,7 +41,7 @@ install: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make install); \ ++ (cd work.$$sysname; $(MAKE) install); \ + fi + + depend: +@@ -49,7 +49,7 @@ depend: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make depend); \ ++ (cd work.$$sysname; $(MAKE) depend); \ + fi + + clean: +@@ -57,7 +57,7 @@ clean: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make clean); \ ++ (cd work.$$sysname; $(MAKE) clean); \ + fi + + realclean: +@@ -65,7 +65,7 @@ realclean: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make realclean); \ ++ (cd work.$$sysname; $(MAKE) realclean); \ + fi + + distclean: +@@ -73,7 +73,7 @@ distclean: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make distclean); \ ++ (cd work.$$sysname; $(MAKE) distclean); \ + fi + + links: +@@ -81,6 +81,6 @@ links: + if [ ! -d work.$$sysname ]; then \ + echo No build directory for $$sysname - please run ./configure.; \ + else \ +- (cd work.$$sysname; make links); \ ++ (cd work.$$sysname; $(MAKE) links); \ + fi + diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-dbus.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-dbus.patch new file mode 100644 index 00000000..579d72f4 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-dbus.patch @@ -0,0 +1,84 @@ +--- client/scripts/bsdos ++++ client/scripts/bsdos +@@ -47,6 +47,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +--- client/scripts/freebsd ++++ client/scripts/freebsd +@@ -57,6 +57,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +--- client/scripts/linux ++++ client/scripts/linux +@@ -69,6 +69,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +--- client/scripts/netbsd ++++ client/scripts/netbsd +@@ -47,6 +47,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +--- client/scripts/openbsd ++++ client/scripts/openbsd +@@ -47,6 +47,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + +--- client/scripts/solaris ++++ client/scripts/solaris +@@ -47,6 +47,11 @@ + . /etc/dhcp/dhclient-exit-hooks + fi + # probably should do something with exit status of the local script ++ if [ x$dhc_dbus != x -a $exit_status -eq 0 ]; then ++ dbus-send --system --dest=com.redhat.dhcp \ ++ --type=method_call /com/redhat/dhcp/$interface com.redhat.dhcp.set \ ++ 'string:'"`env | grep -Ev '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`" ++ fi + exit $exit_status + } + diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-hostname.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-hostname.patch new file mode 100644 index 00000000..9a6e7b96 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-hostname.patch @@ -0,0 +1,16 @@ +--- client/scripts/linux ++++ client/scripts/linux +@@ -138,10 +138,12 @@ + [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then + current_hostname=`hostname` + if [ x$current_hostname = x ] || \ ++ [ x$current_hostname = "x(none)" ] || \ ++ [ x$current_hostname = xlocalhost ] || \ + [ x$current_hostname = x$old_host_name ]; then + if [ x$current_hostname = x ] || \ + [ x$new_host_name != x$old_host_name ]; then +- hostname $new_host_name ++ hostname "$new_host_name" + fi + fi + diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-metric.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-metric.patch new file mode 100644 index 00000000..040ef779 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-metric.patch @@ -0,0 +1,200 @@ +--- client/scripts/bsdos ++++ client/scripts/bsdos +@@ -84,6 +84,9 @@ + if [ x$new_interface_mtu != x ]; then + mtu_arg="mtu $new_interface_mtu" + fi ++if [ x$IF_METRIC != x ]; then ++ metric_arg="metric $IF_METRIC" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -141,7 +144,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + route add $new_ip_address 127.1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router >/dev/null 2>&1 +@@ -198,7 +201,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + sleep 1 + if [ "$new_routers" != "" ]; then + set $new_routers +--- client/scripts/freebsd ++++ client/scripts/freebsd +@@ -94,6 +94,9 @@ + if [ x$new_interface_mtu != x ]; then + mtu_arg="mtu $new_interface_mtu" + fi ++if [ x$IF_METRIC != x ]; then ++ metric_arg="metric $IF_METRIC" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -151,7 +154,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + $LOGGER "New IP Address ($interface): $new_ip_address" + $LOGGER "New Subnet Mask ($interface): $new_subnet_mask" + $LOGGER "New Broadcast Address ($interface): $new_broadcast_address" +@@ -215,7 +218,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + $LOGGER "New IP Address ($interface): $new_ip_address" + $LOGGER "New Subnet Mask ($interface): $new_subnet_mask" + $LOGGER "New Broadcast Address ($interface): $new_broadcast_address" +--- client/scripts/linux ++++ client/scripts/linux +@@ -83,11 +83,6 @@ + fi + fi + +-release=`uname -r` +-release=`expr $release : '\(.*\)\..*'` +-relminor=`echo $release |sed -e 's/[0-9]*\.\([0-9][0-9]*\)\(\..*\)*$/\1/'` +-relmajor=`echo $release |sed -e 's/\([0-9][0-9]*\)\..*$/\1/'` +- + if [ x$new_broadcast_address != x ]; then + new_broadcast_arg="broadcast $new_broadcast_address" + fi +@@ -106,6 +101,9 @@ + if [ x$new_interface_mtu != x ]; then + mtu_arg="mtu $new_interface_mtu" + fi ++if [ x$IF_METRIC != x ]; then ++ metric_arg="metric $IF_METRIC" ++fi + + if [ x$reason = xMEDIUM ]; then + # Linux doesn't do mediums (ok, ok, media). +@@ -117,15 +115,7 @@ + # Bring down alias interface. Its routes will disappear too. + ifconfig $interface:0- inet 0 + fi +- if [ $relmajor -lt 2 ] || ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ) +- then +- ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \ +- broadcast 255.255.255.255 up +- # Add route to make broadcast work. Do not omit netmask. +- route add default dev $interface netmask 0.0.0.0 +- else +- ifconfig $interface 0 up +- fi ++ ifconfig $interface 0 up + + # We need to give the kernel some time to get the interface up. + sleep 1 +@@ -164,12 +154,14 @@ + ifconfig $interface inet $new_ip_address $new_subnet_arg \ + $new_broadcast_arg $mtu_arg + # Add a network route to the computed network address. +- if [ $relmajor -lt 2 ] || \ +- ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then +- route add -net $new_network_number $new_subnet_arg dev $interface ++ if [ x$IF_METRIC != x ] && [ x$IF_METRIC != x0 ]; then ++ route del -net $new_network_number $new_subnet_arg \ ++ dev $interface ++ route add -net $new_network_number $new_subnet_arg $metric_arg \ ++ dev $interface + fi + for router in $new_routers; do +- route add default gw $router ++ route add default gw $router $metric_arg dev $interface + done + fi + if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; +@@ -213,12 +205,15 @@ + ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg + route add -host $alias_ip_address dev $interface:0 + fi +- if [ $relmajor -lt 2 ] || \ +- ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then +- route add -net $new_network_number ++ # Add a network route to the computed network address. ++ if [ x$IF_METRIC != x ] && [ x$IF_METRIC != x0 ]; then ++ route del -net $new_network_number $new_subnet_arg \ ++ dev $interface ++ route add -net $new_network_number $new_subnet_arg $metric_arg \ ++ dev $interface + fi + for router in $new_routers; do +- route add default gw $router ++ route add default gw $router $metric_arg dev $interface + done + make_resolv_conf + exit_with_hooks 0 +--- client/scripts/netbsd ++++ client/scripts/netbsd +@@ -84,6 +84,9 @@ + if [ x$new_interface_mtu != x ]; then + mtu_arg="mtu $new_interface_mtu" + fi ++if [ x$IF_METRIC != x ]; then ++ metric_arg="metric $IF_METRIC" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -141,7 +144,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + route add $new_ip_address 127.1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router >/dev/null 2>&1 +@@ -198,7 +201,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + sleep 1 + if [ "$new_routers" != "" ]; then + set $new_routers +--- client/scripts/solaris ++++ client/scripts/solaris +@@ -79,6 +79,9 @@ + if [ x$new_interface_mtu != x ]; then + mtu_arg="mtu $new_interface_mtu" + fi ++if [ x$IF_METRIC != x ]; then ++ metric_arg="metric $IF_METRIC" ++fi + + ifconfig=/sbin/ifconfig + +@@ -141,7 +144,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "$ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + route add $new_ip_address 127.1 1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router 1 >/dev/null 2>&1 +@@ -182,7 +185,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "$ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $mtu_arg $medium" ++ $new_broadcast_arg $mtu_arg $metric_arg $medium" + sleep 1 + set $new_routers + if ping -s -n -I 1 $1 64 1; then diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-mtu.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-mtu.patch new file mode 100644 index 00000000..5ef4442d --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-mtu.patch @@ -0,0 +1,180 @@ +--- client/scripts/bsdos ++++ client/scripts/bsdos +@@ -81,6 +81,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -138,7 +141,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + route add $new_ip_address 127.1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router >/dev/null 2>&1 +@@ -195,7 +198,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + sleep 1 + if [ "$new_routers" != "" ]; then + set $new_routers +--- client/scripts/freebsd ++++ client/scripts/freebsd +@@ -91,6 +91,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -148,7 +151,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + $LOGGER "New IP Address ($interface): $new_ip_address" + $LOGGER "New Subnet Mask ($interface): $new_subnet_mask" + $LOGGER "New Broadcast Address ($interface): $new_broadcast_address" +@@ -212,7 +215,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + $LOGGER "New IP Address ($interface): $new_ip_address" + $LOGGER "New Subnet Mask ($interface): $new_subnet_mask" + $LOGGER "New Broadcast Address ($interface): $new_broadcast_address" +--- client/scripts/linux ++++ client/scripts/linux +@@ -103,6 +103,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + if [ x$reason = xMEDIUM ]; then + # Linux doesn't do mediums (ok, ok, media). +@@ -159,7 +162,7 @@ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + + ifconfig $interface inet $new_ip_address $new_subnet_arg \ +- $new_broadcast_arg ++ $new_broadcast_arg $mtu_arg + # Add a network route to the computed network address. + if [ $relmajor -lt 2 ] || \ + ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then +@@ -201,7 +204,7 @@ + ifconfig $interface:0- inet 0 + fi + ifconfig $interface inet $new_ip_address $new_subnet_arg \ +- $new_broadcast_arg ++ $new_broadcast_arg $mtu_arg + set $new_routers + ############## what is -w in ping? + if ping -q -c 1 $1; then +--- client/scripts/netbsd ++++ client/scripts/netbsd +@@ -81,6 +81,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -138,7 +141,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + route add $new_ip_address 127.1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router >/dev/null 2>&1 +@@ -195,7 +198,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + sleep 1 + if [ "$new_routers" != "" ]; then + set $new_routers +--- client/scripts/openbsd ++++ client/scripts/openbsd +@@ -81,6 +81,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + if [ x$reason = xMEDIUM ]; then + eval "ifconfig $interface $medium" +@@ -138,7 +141,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + route add $new_ip_address 127.1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router >/dev/null 2>&1 +@@ -195,7 +198,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + sleep 1 + if [ "$new_routers" != "" ]; then + set $new_routers +--- client/scripts/solaris ++++ client/scripts/solaris +@@ -76,6 +76,9 @@ + if [ x$alias_subnet_mask != x ]; then + alias_subnet_arg="netmask $alias_subnet_mask" + fi ++if [ x$new_interface_mtu != x ]; then ++ mtu_arg="mtu $new_interface_mtu" ++fi + + ifconfig=/sbin/ifconfig + +@@ -138,7 +141,7 @@ + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + eval "$ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + route add $new_ip_address 127.1 1 >/dev/null 2>&1 + for router in $new_routers; do + route add default $router 1 >/dev/null 2>&1 +@@ -179,7 +182,7 @@ + route delete $alias_ip_address 127.0.0.1 > /dev/null 2>&1 + fi + eval "$ifconfig $interface inet $new_ip_address $new_netmask_arg \ +- $new_broadcast_arg $medium" ++ $new_broadcast_arg $mtu_arg $medium" + sleep 1 + set $new_routers + if ping -s -n -I 1 $1 64 1; then diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-no-down.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-no-down.patch new file mode 100644 index 00000000..518efec1 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-no-down.patch @@ -0,0 +1,70 @@ +--- client/scripts/linux ++++ client/scripts/linux +@@ -118,9 +118,9 @@ + if [ x$reason = xPREINIT ]; then + if [ x$alias_ip_address != x ]; then + # Bring down alias interface. Its routes will disappear too. +- ifconfig $interface:0- inet 0 ++ ifconfig $interface:0- inet 0.0.0.0 + fi +- ifconfig $interface 0 up ++ ifconfig $interface 0.0.0.0 up + + # We need to give the kernel some time to get the interface up. + sleep 1 +@@ -145,12 +145,12 @@ + if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ + [ x$alias_ip_address != x$old_ip_address ]; then + # Possible new alias. Remove old alias. +- ifconfig $interface:0- inet 0 ++ ifconfig $interface:0- inet 0.0.0.0 + fi + if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then + # IP address changed. Bringing down the interface will delete all routes, + # and clear the ARP cache. +- ifconfig $interface inet 0 down ++ ifconfig $interface inet 0.0.0.0 + + fi + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ +@@ -171,7 +171,7 @@ + fi + if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; + then +- ifconfig $interface:0- inet 0 ++ ifconfig $interface:0- inet 0.0.0.0 + ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg + route add -host $alias_ip_address $interface:0 + fi +@@ -183,11 +183,11 @@ + || [ x$reason = xSTOP ]; then + if [ x$alias_ip_address != x ]; then + # Turn off alias interface. +- ifconfig $interface:0- inet 0 ++ ifconfig $interface:0- inet 0.0.0.0 + fi + if [ x$old_ip_address != x ]; then + # Shut down interface, which will delete routes and clear arp cache. +- ifconfig $interface inet 0 down ++ ifconfig $interface inet 0.0.0.0 + fi + if [ x$alias_ip_address != x ]; then + ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg +@@ -198,7 +198,7 @@ + + if [ x$reason = xTIMEOUT ]; then + if [ x$alias_ip_address != x ]; then +- ifconfig $interface:0- inet 0 ++ ifconfig $interface:0- inet 0.0.0.0 + fi + ifconfig $interface inet $new_ip_address $new_subnet_arg \ + $new_broadcast_arg $mtu_arg +@@ -223,7 +223,7 @@ + make_resolv_conf + exit_with_hooks 0 + fi +- ifconfig $interface inet 0 down ++ ifconfig $interface inet 0.0.0.0 + exit_with_hooks 1 + fi + diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-ntp.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-ntp.patch new file mode 100644 index 00000000..d84e6f61 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-ntp.patch @@ -0,0 +1,186 @@ +--- client/clparse.c ++++ client/clparse.c +@@ -51,6 +51,7 @@ + DHO_DOMAIN_NAME, + DHO_DOMAIN_NAME_SERVERS, + DHO_HOST_NAME, ++ DHO_NTP_SERVERS, + 0 + }; + +--- client/scripts/bsdos ++++ client/scripts/bsdos +@@ -7,6 +7,26 @@ + echo nameserver $nameserver >>/etc/resolv.conf + done + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf ++} ++ ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ x$new_ntp_servers != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. +--- client/scripts/freebsd ++++ client/scripts/freebsd +@@ -32,8 +32,28 @@ + done + fi + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf + } + ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ "x$new_ntp_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi ++} ++ + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. + exit_with_hooks() { + exit_status=$1 +--- client/scripts/linux ++++ client/scripts/linux +@@ -30,6 +30,26 @@ + echo nameserver $nameserver >>/etc/resolv.conf + done + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf ++} ++ ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ "x$new_ntp_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. +--- client/scripts/netbsd ++++ client/scripts/netbsd +@@ -7,6 +7,26 @@ + echo nameserver $nameserver >>/etc/resolv.conf + done + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf ++} ++ ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ "x$new_ntp_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. +--- client/scripts/openbsd ++++ client/scripts/openbsd +@@ -7,6 +7,26 @@ + echo nameserver $nameserver >>/etc/resolv.conf + done + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf ++} ++ ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ "x$new_ntp_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. +--- client/scripts/solaris ++++ client/scripts/solaris +@@ -7,6 +7,26 @@ + echo nameserver $nameserver >>/etc/resolv.conf + done + fi ++ # If we're making confs, may as well make an ntp.conf too ++ make_ntp_conf ++} ++ ++make_ntp_conf() { ++ if [ x$PEER_NTP = x ] || [ x$PEER_NTP = xyes ]; then ++ if [ "x$new_ntp_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ conf="${conf}restrict default noquery notrust nomodify\n" ++ conf="${conf}restrict 127.0.0.1\n" ++ for ntpserver in $new_ntp_servers; do ++ conf="${conf}restrict $ntpserver nomodify notrap noquery\n" ++ conf="${conf}server $ntpserver\n" ++ done ++ conf="${conf}driftfile /var/lib/ntp/ntp.drift\n" ++ conf="${conf}logfile /var/log/ntp.log\n" ++ printf "${conf}" > /etc/ntp.conf ++ chmod 644 /etc/ntp.conf ++ fi ++ fi + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-resolvconf.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-resolvconf.patch new file mode 100644 index 00000000..8e499fcb --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-resolvconf.patch @@ -0,0 +1,191 @@ +--- client/scripts/bsdos ++++ client/scripts/bsdos +@@ -1,11 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi ++ fi + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +--- client/scripts/freebsd ++++ client/scripts/freebsd +@@ -11,25 +11,21 @@ + fi + + make_resolv_conf() { +- if [ x"$new_domain_name_servers" != x ]; then +- if [ "x$new_domain_name" != x ]; then +- ( echo search $new_domain_name >/etc/resolv.conf ) +- exit_status=$? +- else +- if [ -e /etc/resolv.conf ] ; then +- ( rm /etc/resolv.conf ) +- exit_status=$? +- else +- ( touch /etc/resolv.conf ) +- exit_status=$? ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" + fi +- fi +- if [ $exit_status -ne 0 ]; then +- $LOGGER "WARNING: Unable to update resolv.conf: Error $exit_status" +- else + for nameserver in $new_domain_name_servers; do +- ( echo nameserver $nameserver >>/etc/resolv.conf ) ++ conf="${conf}nameserver $nameserver\n" + done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi + fi + # If we're making confs, may as well make an ntp.conf too +--- client/scripts/linux ++++ client/scripts/linux +@@ -23,12 +23,22 @@ + # of the $1 in its args. + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- chmod 644 /etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi ++ fi + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +--- client/scripts/netbsd ++++ client/scripts/netbsd +@@ -1,11 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi ++ fi + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +--- client/scripts/openbsd ++++ client/scripts/openbsd +@@ -1,11 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ x$new_domain_name != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi ++ fi + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +--- client/scripts/solaris ++++ client/scripts/solaris +@@ -1,11 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi ++ fi + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf diff --git a/net-misc/dhcp/files/dhcp-3.0.3-dhclient-stdin-conf.patch b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-stdin-conf.patch new file mode 100644 index 00000000..fb46134e --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-dhclient-stdin-conf.patch @@ -0,0 +1,77 @@ +--- client/clparse.c.orig 2006-02-22 09:37:12.000000000 +0000 ++++ client/clparse.c 2006-02-22 09:38:26.000000000 +0000 +@@ -97,6 +97,11 @@ + status = read_client_conf_file (path_dhclient_conf, + (struct interface_info *)0, + &top_level_config); ++ ++ /* Read any extra configuration from stdin */ ++ read_client_conf_stdin ((struct interface_info *)0, ++ &top_level_config); ++ + if (status != ISC_R_SUCCESS) { + ; + #ifdef LATER +@@ -148,20 +153,17 @@ + return status; + } + +-int read_client_conf_file (const char *name, struct interface_info *ip, +- struct client_config *client) ++int read_client_conf_actual (int file, const char *name, ++ struct interface_info *ip, ++ struct client_config *client) + { +- int file; + struct parse *cfile; + const char *val; + int token; + isc_result_t status; + +- if ((file = open (name, O_RDONLY)) < 0) +- return uerr2isc (errno); +- + cfile = (struct parse *)0; +- new_parse (&cfile, file, (char *)0, 0, path_dhclient_conf, 0); ++ new_parse (&cfile, file, (char *)0, 0, name , 0); + + do { + token = peek_token (&val, (unsigned *)0, cfile); +@@ -174,11 +174,36 @@ + status = (cfile -> warnings_occurred + ? ISC_R_BADPARSE + : ISC_R_SUCCESS); +- close (file); + end_parse (&cfile); + return status; + } + ++int read_client_conf_file (const char *name, struct interface_info *ip, ++ struct client_config *client) ++{ ++ int file; ++ isc_result_t status; ++ ++ if ((file = open (name, O_RDONLY)) < 0) ++ return uerr2isc (errno); ++ ++ status = read_client_conf_actual(file, name, ip, client); ++ ++ return status; ++} ++ ++ ++int read_client_conf_stdin (struct interface_info *ip, ++ struct client_config *client) ++{ ++ int file = fileno(stdin); ++ isc_result_t status; ++ ++ if (isatty(file)) return ISC_R_NOTFOUND; ++ status = read_client_conf_actual(file, "stdin", ip, client); ++ ++ return status; ++} + + /* lease-file :== client-lease-statements END_OF_FILE + client-lease-statements :== diff --git a/net-misc/dhcp/files/dhcp-3.0.3-libdst.patch b/net-misc/dhcp/files/dhcp-3.0.3-libdst.patch new file mode 100644 index 00000000..8e93ac95 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-libdst.patch @@ -0,0 +1,14 @@ +--- dst/Makefile.dist.old 2004-12-24 13:31:22.986061032 +0000 ++++ dst/Makefile.dist 2004-12-24 13:47:19.036913364 +0000 +@@ -31,6 +31,10 @@ + all: libdst.a + + install: ++ mkdir -p $(DESTDIR)$(LIBDIR) ++ $(INSTALL) libdst.a $(DESTDIR)$(LIBDIR) ++ $(CHMOD) 644 $(DESTDIR)$(LIBDIR)/libdst.a ++ + + libdst.a: $(OBJ) + rm -f dst.a + diff --git a/net-misc/dhcp/files/dhcp-3.0.3-no_isc_blurb.patch b/net-misc/dhcp/files/dhcp-3.0.3-no_isc_blurb.patch new file mode 100644 index 00000000..38f7713f --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-no_isc_blurb.patch @@ -0,0 +1,105 @@ +Patch nobbled from RedHat, and adapted to work with dhclient and dhrelay +by Roy Marples + +--- dhcp-3.0.3/omapip/errwarn.c.no_isc_blurb 2004-09-30 16:38:32.000000000 -0400 ++++ dhcp-3.0.3/omapip/errwarn.c 2005-04-18 13:45:49.037158000 -0400 +@@ -45,6 +45,8 @@ + int log_perror = 1; + #endif + int log_priority; ++int log_isc_blurb=1; ++ + void (*log_cleanup) (void); + + #define CVT_BUF_MAX 1023 +@@ -76,7 +78,9 @@ + write (STDERR_FILENO, "\n", 1); + } + +-#if !defined (NOMINUM) ++#if !defined(NOMINUM) ++ if ( log_isc_blurb ) ++ { + log_error ("%s", ""); + log_error ("If you did not get this software from ftp.isc.org, please"); + log_error ("get the latest from ftp.isc.org and install that before"); +@@ -94,7 +98,12 @@ + log_error ("the README file."); + log_error ("%s", ""); + log_error ("exiting."); ++ }else ++ { ++ log_error ("exiting."); ++ } + #endif ++ + if (log_cleanup) + (*log_cleanup) (); + exit (1); +--- dhcp-3.0.3/client/dhclient.c.no_isc_blurb 2005-04-18 13:21:08.509169000 -0400 ++++ dhcp-3.0.3/client/dhclient.c 2005-04-18 13:49:27.574402000 -0400 +@@ -34,7 +34,7 @@ + static char ocopyright[] = + "$Id: dhcp-3.0.3-no_isc_blurb.patch,v 1.1 2005/12/09 14:13:30 uberlord Exp $ Copyright (c) 2004 Internet Systems Consortium. All rights reserved.\n"; + #endif /* not lint */ +- ++ + #include "dhcpd.h" + #include "version.h" + +@@ -81,6 +81,8 @@ + + void do_release(struct client_state *); + ++extern int log_isc_blurb; ++ + int main (argc, argv, envp) + int argc; + char **argv, **envp; +@@ -176,6 +178,7 @@ + } else if (!strcmp (argv [i], "-q")) { + quiet = 1; + quiet_interface_discovery = 1; ++ log_isc_blurb = 0; + } else if (!strcmp (argv [i], "-s")) { + if (++i == argc) + usage (); +--- dhcp-3.0.3/server/dhcpd.c.no_isc_blurb 2005-12-08 10:01:40.000000000 +0000 ++++ dhcp-3.0.3/server/dhcpd.c 2005-12-08 10:05:55.000000000 +0000 +@@ -62,6 +62,9 @@ + struct iaddr server_identifier; + int server_identifier_matched; + ++ ++extern int log_isc_blurb; ++ + #if defined (NSUPDATE) + + /* This stuff is always executed to figure the default values for certain +@@ -368,6 +371,7 @@ + } else if (!strcmp (argv [i], "-q")) { + quiet = 1; + quiet_interface_discovery = 1; ++ log_isc_blurb = 0; + } else if (!strcmp (argv [i], "--version")) { + log_info ("isc-dhcpd-%s", DHCP_VERSION); + exit (0); +--- dhcp-3.0.3/relay/dhcrelay.c.no_isc_blurb 2005-12-08 10:21:00.000000000 +0000 ++++ dhcp-3.0.3/relay/dhcrelay.c 2005-12-08 10:21:50.000000000 +0000 +@@ -102,6 +102,8 @@ + static char message [] = "Internet Systems Consortium DHCP Relay Agent"; + static char url [] = "For info, please visit http://www.isc.org/sw/dhcp/"; + ++extern int log_isc_blurb; ++ + int main (argc, argv, envp) + int argc; + char **argv, **envp; +@@ -170,6 +172,7 @@ + } else if (!strcmp (argv [i], "-q")) { + quiet = 1; + quiet_interface_discovery = 1; ++ log_isc_blurb = 0; + } else if (!strcmp (argv [i], "-a")) { + add_agent_options = 1; + } else if (!strcmp (argv [i], "-c")) { diff --git a/net-misc/dhcp/files/dhcp-3.0.3-tr.patch b/net-misc/dhcp/files/dhcp-3.0.3-tr.patch new file mode 100644 index 00000000..2a2957bb --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-tr.patch @@ -0,0 +1,12 @@ +--- work.linux-2.2/common/tr.c 2005/08/14 11:34:24 1.1 ++++ work.linux-2.2/common/tr.c 2005/08/14 11:35:16 +@@ -40,6 +40,9 @@ static char copyright[] = + #include "includes/netinet/if_ether.h" + #include "netinet/if_tr.h" + #include ++#ifdef __linux__ ++#include ++#endif + + /* + * token ring device handling subroutines. These are required as token-ring diff --git a/net-misc/dhcp/files/dhcp-3.0.3-x-option.patch b/net-misc/dhcp/files/dhcp-3.0.3-x-option.patch new file mode 100644 index 00000000..5f5c1a88 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.3-x-option.patch @@ -0,0 +1,216 @@ +--- dhcp-3.0.2/common/parse.c.extended_option_environment 2005-04-05 17:49:36.513062562 -0400 ++++ dhcp-3.0.2/common/parse.c 2005-04-05 17:49:36.580052656 -0400 +@@ -1270,6 +1270,10 @@ + option_hash_add (option -> universe -> hash, + (const char *)option -> name, + 0, option, MDL); ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( new_option_info_tree != 0L ) ++ add_new_option_info( option ); ++#endif + return 1; + } + +--- dhcp-3.0.2/common/tables.c.extended_option_environment 2004-09-01 13:06:35.000000000 -0400 ++++ dhcp-3.0.2/common/tables.c 2005-04-05 18:04:23.915838623 -0400 +@@ -1238,3 +1238,40 @@ + fqdn_universe.name, 0, + &fqdn_universe, MDL); + } ++ ++#ifdef EXTENDED_NEW_OPTION_INFO ++#include ++ ++void *new_option_info_tree = 0L; ++ ++static int new_option_info_comparator( const void* p1, const void *p2 ) ++{ ++ uint32_t ocode1 = (((const struct option*)p1)->universe->index << 8) ++ |(((const struct option*)p1)->code), ++ ocode2 = (((const struct option*)p2)->universe->index << 8) ++ |(((const struct option*)p2)->code); ++ return( (ocode1 == ocode2) ++ ? 0 ++ :( ( ocode1 > ocode2 ) ++ ? 1 ++ : -1 ++ ) ++ ); ++} ++ ++void *add_new_option_info( struct option *option ) ++{ ++ if ( option->universe->index >= fqdn_universe.index ) ++ return 0L; ++ if ( new_option_info_tree == GENERATE_NEW_OPTION_INFO ) ++ new_option_info_tree = (void*)0L; ++ return tsearch( option, &(new_option_info_tree), new_option_info_comparator ); ++} ++ ++void *lookup_new_option_info( struct option *option ) ++{ ++ if ( new_option_info_tree == GENERATE_NEW_OPTION_INFO ) ++ return 0L; ++ return tfind( option, &(new_option_info_tree), new_option_info_comparator ); ++} ++#endif +--- dhcp-3.0.2/includes/dhcpd.h.extended_option_environment 2004-11-24 12:39:16.000000000 -0500 ++++ dhcp-3.0.2/includes/dhcpd.h 2005-04-05 17:49:36.613047777 -0400 +@@ -1800,6 +1800,13 @@ + void initialize_common_option_spaces PROTO ((void)); + struct universe *config_universe; + ++#ifdef EXTENDED_NEW_OPTION_INFO ++#define GENERATE_NEW_OPTION_INFO ((void*)1) ++extern void *new_option_info_tree; ++extern void *add_new_option_info( struct option*); ++extern void *lookup_new_option_info( struct option *); ++#endif ++ + /* stables.c */ + #if defined (FAILOVER_PROTOCOL) + extern failover_option_t null_failover_option; +--- dhcp-3.0.2/client/dhclient.c.extended_option_environment 2005-04-05 17:49:36.566054726 -0400 ++++ dhcp-3.0.2/client/dhclient.c 2005-04-05 17:49:36.617047185 -0400 +@@ -74,7 +74,9 @@ + int onetry=0; + int quiet=0; + int nowait=0; +- ++#ifdef EXTENDED_NEW_OPTION_INFO ++int extended_option_environment = 0; ++#endif + static void usage PROTO ((void)); + + void do_release(struct client_state *); +@@ -204,6 +206,11 @@ + } else if (!strcmp (argv [i], "--version")) { + log_info ("isc-dhclient-%s", DHCP_VERSION); + exit (0); ++#ifdef EXTENDED_NEW_OPTION_INFO ++ } else if (!strcmp (argv [i], "-x")) { ++ extended_option_environment = 1; ++ new_option_info_tree = GENERATE_NEW_OPTION_INFO; ++#endif + } else if (argv [i][0] == '-') { + usage (); + } else { +@@ -572,7 +579,11 @@ + log_info (arr); + log_info (url); + ++#ifdef EXTENDED_NEW_OPTION_INFO ++ log_error ("Usage: dhclient [-1dqr] [-nwx] [-p ] %s", ++#else + log_error ("Usage: dhclient [-1dqr] [-nw] [-p ] %s", ++#endif + "[-s server]"); + log_error (" [-cf config-file] [-lf lease-file]%s", + "[-pf pid-file] [-e VAR=val]"); +@@ -2529,8 +2540,28 @@ + struct envadd_state { + struct client_state *client; + const char *prefix; ++ struct universe *universe; + }; + ++#ifdef EXTENDED_NEW_OPTION_INFO ++static ++void build_universe_info_envvar ++( struct option_cache *oc, ++ struct packet *p, struct lease *l, ++ struct client_state *client, ++ struct option_state *in_o, ++ struct option_state *cf_o, ++ struct binding_scope **scope, ++ struct universe *u, void *es ++) ++{ ++ char info_name[512], info_data[512]; ++ snprintf(info_name, 512, "%s._universe_.", oc->option->universe->name); ++ snprintf(info_data, 512, "%u:%s", oc->option->code,oc->option->format); ++ client_envadd( client, info_name, oc->option->name, info_data ); ++} ++#endif ++ + void client_option_envadd (struct option_cache *oc, + struct packet *packet, struct lease *lease, + struct client_state *client_state, +@@ -2547,6 +2578,31 @@ + in_options, cfg_options, scope, oc, MDL)) { + if (data.len) { + char name [256]; ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( extended_option_environment ) ++ { ++ if( ( oc->option->universe != &dhcp_universe ) ++ &&( oc->option->universe->index > fqdn_universe.index ) ++ &&( es->universe != oc->option->universe ) ++ ) ++ { ++ es->universe = oc->option->universe; ++ (*(es->universe->foreach)) ++ ( (struct packet *)0, (struct lease *)0, ++ client_state, ++ in_options, cfg_options, ++ scope, es->universe, es, ++ build_universe_info_envvar ++ ); ++ }else ++ if ( lookup_new_option_info(oc->option) != 0L ) ++ build_universe_info_envvar ++ ( oc, packet, lease, client_state, ++ in_options, cfg_options, scope, ++ oc->option->universe, es ++ ); ++ } ++#endif + if (dhcp_option_ev_name (name, sizeof name, + oc -> option)) { + client_envadd (es -> client, es -> prefix, +@@ -2575,6 +2631,7 @@ + + es.client = client; + es.prefix = prefix; ++ es.universe = 0L; + + client_envadd (client, + prefix, "ip_address", "%s", piaddr (lease -> address)); +@@ -2788,7 +2845,14 @@ + s = option -> name; + if (j + 1 == buflen) + return 0; ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( ! extended_option_environment ) ++ buf [j++] = '_'; ++ else ++ buf [j++] = '.'; ++#else + buf [j++] = '_'; ++#endif + } + ++i; + } while (i != 2); +--- dhcp-3.0.2/client/dhclient.8.extended_option_environment 2004-09-29 19:01:46.000000000 -0400 ++++ dhcp-3.0.2/client/dhclient.8 2005-04-05 17:49:36.619046889 -0400 +@@ -78,6 +78,9 @@ + .B -w + ] + [ ++.B -x ++] ++[ + .I if0 + [ + .I ...ifN +@@ -252,6 +255,10 @@ + supplying the + .B -nw + flag. ++.PP ++The -x argument enables eXtended option information to be created in the ++-s dhclient-script environment, which would allow applications running ++in that environment to handle options they do not know about in advance. + .SH CONFIGURATION + The syntax of the dhclient.conf(5) file is discussed separately. + .SH OMAPI diff --git a/net-misc/dhcp/files/dhcp-3.0.4-dhclient-stdin-conf.patch b/net-misc/dhcp/files/dhcp-3.0.4-dhclient-stdin-conf.patch new file mode 100644 index 00000000..3fedc7c0 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.4-dhclient-stdin-conf.patch @@ -0,0 +1,83 @@ +--- common/conflex.c.orig 2006-02-21 16:21:45.000000000 +0000 ++++ common/conflex.c 2006-02-21 16:23:06.000000000 +0000 +@@ -90,7 +90,7 @@ + struct parse **cfile; + { + /* "Memory" config files have no file. */ +- if ((*cfile)->file != -1) ++ if ((*cfile)->file != -1 && (*cfile)->file != fileno(stdin)) + close((*cfile)->file); + + if ((*cfile)->bufsiz) +--- client/clparse.c.orig 2006-02-22 09:37:12.000000000 +0000 ++++ client/clparse.c 2006-02-22 09:38:26.000000000 +0000 +@@ -97,6 +97,11 @@ + status = read_client_conf_file (path_dhclient_conf, + (struct interface_info *)0, + &top_level_config); ++ ++ /* Read any extra configuration from stdin */ ++ read_client_conf_stdin ((struct interface_info *)0, ++ &top_level_config); ++ + if (status != ISC_R_SUCCESS) { + ; + #ifdef LATER +@@ -148,20 +153,17 @@ + return status; + } + +-int read_client_conf_file (const char *name, struct interface_info *ip, +- struct client_config *client) ++int read_client_conf_actual (int file, const char *name, ++ struct interface_info *ip, ++ struct client_config *client) + { +- int file; + struct parse *cfile; + const char *val; + int token; + isc_result_t status; + +- if ((file = open (name, O_RDONLY)) < 0) +- return uerr2isc (errno); +- + cfile = (struct parse *)0; +- new_parse (&cfile, file, (char *)0, 0, path_dhclient_conf, 0); ++ new_parse (&cfile, file, (char *)0, 0, name , 0); + + do { + token = peek_token (&val, (unsigned *)0, cfile); +@@ -177,6 +179,32 @@ + return status; + } + ++int read_client_conf_file (const char *name, struct interface_info *ip, ++ struct client_config *client) ++{ ++ int file; ++ isc_result_t status; ++ ++ if ((file = open (name, O_RDONLY)) < 0) ++ return uerr2isc (errno); ++ ++ status = read_client_conf_actual(file, name, ip, client); ++ ++ return status; ++} ++ ++ ++int read_client_conf_stdin (struct interface_info *ip, ++ struct client_config *client) ++{ ++ int file = fileno(stdin); ++ isc_result_t status; ++ ++ if (isatty(file)) return ISC_R_NOTFOUND; ++ status = read_client_conf_actual(file, "stdin", ip, client); ++ ++ return status; ++} + + /* lease-file :== client-lease-statements END_OF_FILE + client-lease-statements :== diff --git a/net-misc/dhcp/files/dhcp-3.0.5-bpf-nofallback.patch b/net-misc/dhcp/files/dhcp-3.0.5-bpf-nofallback.patch new file mode 100644 index 00000000..2fae6f22 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0.5-bpf-nofallback.patch @@ -0,0 +1,44 @@ +diff -ur common.orig/bpf.c common/bpf.c +--- common.orig/bpf.c 2006-09-20 12:52:47 +0100 ++++ common/bpf.c 2006-09-20 12:53:22 +0100 +@@ -354,10 +354,6 @@ + int result; + int fudge; + +- if (!strcmp (interface -> name, "fallback")) +- return send_fallback (interface, packet, raw, +- len, from, to, hto); +- + /* Assemble the headers... */ + assemble_hw_header (interface, (unsigned char *)hw, &hbufp, hto); + assemble_udp_ip_header (interface, +@@ -531,17 +527,5 @@ + + void maybe_setup_fallback () + { +- isc_result_t status; +- struct interface_info *fbi = (struct interface_info *)0; +- if (setup_fallback (&fbi, MDL)) { +- if_register_fallback (fbi); +- status = omapi_register_io_object ((omapi_object_t *)fbi, +- if_readsocket, 0, +- fallback_discard, 0, 0); +- if (status != ISC_R_SUCCESS) +- log_fatal ("Can't register I/O handle for %s: %s", +- fbi -> name, isc_result_totext (status)); +- interface_dereference (&fbi, MDL); +- } + } + #endif +diff -ur includes.orig/osdep.h includes/osdep.h +--- includes.orig/osdep.h 2006-09-20 12:54:52 +0100 ++++ includes/osdep.h 2006-09-20 12:56:40 +0100 +@@ -190,7 +190,7 @@ + Currently, all low-level packet interfaces use BSD sockets as a + fallback. */ + +-#if defined (USE_BPF_SEND) || defined (USE_NIT_SEND) || \ ++#if defined (USE_NIT_SEND) || \ + defined (USE_DLPI_SEND) || defined (USE_UPF_SEND) || \ + defined (USE_LPF_SEND) || \ + (defined (USE_SOCKET_SEND) && defined (HAVE_SO_BINDTODEVICE)) diff --git a/net-misc/dhcp/files/dhcp-3.1.0-ldap.patch b/net-misc/dhcp/files/dhcp-3.1.0-ldap.patch new file mode 100644 index 00000000..bb8289bb --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.1.0-ldap.patch @@ -0,0 +1,5514 @@ +diff -urNad dhcp-3.1.0/Changelog-LDAP dhcp3-3.1.0-ldap/Changelog-LDAP +--- dhcp-3.1.0/Changelog-LDAP 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/Changelog-LDAP 2008-02-08 13:55:00.000000000 +0100 +@@ -0,0 +1,255 @@ ++2008-2-8 José L. Redrejo ++ * includes/dhcpd.h: fixed SV_LDAP_ values according to server/stables.c ++ * server/ldap.c : fixed sprintf call ++ ++2007-2-23 Brian Masney ++ * contrib/dhcpd-conf-to-ldap.pl - fixed a parsing bug in which ++ didn't handle correctly quoted string containing spaces. ++ (Rapha?l Luta ) ++ ++ * dst/Makefile.dist server/Makefile.dist site.conf - updated build ++ method when using -lssl. ++ (from Marius Tomaschewski ) ++ ++ * server/ldap.c - fix for ldap_read_function to avoid returning ++ empty strings (skipped host declaration from ldap) that are causing ++ parsing errors in ldap-dynamic mode. ++ (from Marius Tomaschewski ) ++ ++ * includes/dhcpd.h README.ldap server/dhcpd.c server/ldap.c ++ server/stables.c - added ldap-ssl option and ++ several ldap-tls* options, that are described in the "man ldap.conf". ++ (from Marius Tomaschewski ) ++ ++ * includes/dhcpd.h server/ldap.c server/stables.c - added ldap-referrals ++ option. Also implemented a LDAP rebuind function ++ (from Kalyan ) ++ ++ * includes/dhcpd.h server/ldap.c server/stables.c - renamed dhcpd.conf ++ option ldap-server-cn to ldap-dhcp-server-cn ++ (from Marius Tomaschewski ) ++ ++ * contrib/dhcp.schema - schema updates ++ (from Kalyan ) ++ ++ * server/ldap.c server/ldap_casa.c - CASA support fixes ++ (from Marius Tomaschewski ) ++ ++ * server/ldap.c - added strncat() fix ++ (from Marius Tomaschewski ) ++ ++2006-12-15 Brian Masney ++ * server/ldap.c (ldap_read_config) - unbind from the LDAP server after ++ the config file has been ran if the server is being ran in static mode ++ (from Tomas Hoger ) ++ ++ * server/ldap.c (ldap_read_function) - fixed bug where the entire ++ configuration was not being processed in the LDAP directory. ++ ++ * server/ldap.c - added the following functions for reading values ++ from the config file: _do_lookup_dhcp_string_option(), ++ _do_lookup_dhcp_int_option() and _do_lookup_dhcp_enum_option(). This ++ helped to clean up ldap_start() start a bit. Also, various small ++ formatting changes to the code. ++ ++2006-12-15 Marius Tomaschewski ++ * Changelog-LDAP - Added / changed some of entries in ++ Changelog-LDAP, e.g. changes to the dhcpServer and ++ dhcpService objectclasses in schema file was not mentioned. ++ ++ * server/ldap.c Some a little bit paranoid checks to strchr results ++ in the group patch, avoided allocation of groupname using snprintf ++ with a "%.*s" format. ++ ++ * server/ldap.c - Readded FIXME comment about one space in ++ dhcpHWAddress. ++ ++ * server/ldap.c Changed "dhcpdnsZone" and "dhcpdnszoneServer" into ++ "dhcpDnsZone" and "dhcpDnsZoneServer". ++ ++ * Fixed memory leak in ldap_parse_zone (dfree of keyCn), added checks ++ for dmalloc and strchr results. ++ ++ * ldap_casa.c, ldap_casa.h - surrounded content of ldap_casa.h and ++ ldap_casa.c with if defined(LDAP_CASA_AUTH). ++ ++ * contrib/dhcp.schema - Reverted the equality change for dhcpOption. ++ The dhcp options are case-insensitive in dhcpd.conf. ++ ++ * Changed "dhcpdnsZone" and "dhcpdnszoneServer" into "dhcpDnsZone" ++ and "dhcpDnsZoneServer". ++ ++ * Changed "FQDNs" into "DNs" in dhcpLocatorDN description (DN is already ++ absolute, RDN is relative DN, FQDN means a full qualified domain name). ++ ++2006-12-15 Kalyan ++ * includes/ldap_casa.h server/ldap_casa.c - updated to support CASA ++ 1.7 ++ ++2006-8-15 Kalyan ++ * server/ldap.c (ldap_parse_options) - fetch option from the group ++ if the host belongs to that group in the dynamic method. ++ ++ * contrib/dhcp.schema - modified dhcpServiceDN attribute in dhcpServer ++ objectclasses to be optional instead of mandatory ++ ++ * contrib/dhcp.schema - modified dhcpPrimaryDN attribute in dhcpService ++ objectclasses to be optional instead of mandatory ++ ++ * contrib/dhcp.schema - schema has been updated with ++ new objectclasses dhcpLocator,dhcpTsigKey,dhcpdnsZone,dhcpFailOver and ++ many attributes. ++ ++ * contrib/dhcp.schema - dhcpHWAddress's equality has been modified to ++ caseIgnoreIA5Match. ++ ++ * server/ldap.c - added support for reading the dhcpTsigKey and ++ dhcpdnsZone objects. ++ ++ * server/ldap.c (ldap_parse_options) Fetch option from the group if ++ the host belongs to that group in the dynamic method. ++ ++ * server/ldap.c - CASA authentication is enabled. ++ ++ * server/ldap.c - introduced new attribute ldap-server-cn to mention ++ the dhcpServer object name in configuration. ++ ++2006-7-17 Brian Masney ++ * server/ldap.c (ldap_read_function) - fixes for reading the data ++ from the LDAP tree in some cases (patch from ++ Darrin Smith ) ++ ++2006-3-17 Brian Masney ++ * server/ldap.c (ldap_read_function) - added patch from ++ Dmitriy Bogun . This patch fixes a bug when ++ EOF wasn't returned in some cases. ++ ++2005-9-26 Brian Masney ++ * server/ldap.c (ldap_start) - added support for reading the ++ ldap-port option. This option was not being used. ++ ++2005-5-24 Brian Masney ++ * server/ldap.c (ldap_parse_host) - allow dhcpHost entries that do ++ not have a hardware address associated with them ++ ++2005-4-11 Brian Masney ++ * README.ldap - updated directions on how to use LDAP over SSL on ++ non-Linux machines ++ ++2005-2-23 Brian Masney ++ * server/ldap.c (ldap_generate_config_string) - do a case insensitive ++ string comparsion when comparing the object classes ++ ++2004-11-8 Brian Masney ++ * debian/control - updated the depends and build-depends line ++ (from Andrew Pollock ) ++ ++2004-10-13 Brian Masney ++ * server/ldap.c (ldap_start) - allow doing an anonymous bind to the ++ LDAP server ++ ++2004-9-27 Brian Masney ++ * contrib/dhcpd-conf-to-ldap.pl - make sure the DHCP hardware address ++ is always lowercased ++ ++2004-7-30 Brian Masney ++ * server/ldap.c - added more debbuging statements. Fixed possible crash ++ that could occur whenever more than 1 external DN is added to an LDAP ++ entry. Fixed possible infinite loop when reading the external DNs. ++ (from Sebastian Hetze ) ++ ++2004-7-1 Brian Masney ++ * README.ldap - updated build instructions paragraph ++ (from Mason Schmitt ) ++ ++2004-6-29 Brian Masney ++ * debian/control - set the minimum required version of the DHCP server ++ to be 3.0.1rc9 ++ ++ * configure - fix for sed when configure was run from an older shell ++ ++2004-6-22 Brian Masney ++ * Updated patch to use ISC DHCP 3.0.1rc14 ++ ++2004-5-24 Brian Masney ++ * server/ldap.c - don't append a ; to the end of a dhcpStatement if it ++ ends in } ++ ++ * server/ldap.c contrib/dhcpd-conf-to-ldap.pl - support having multiple ++ dhcpRange statements (from Marco D'Ettorre ) ++ ++2004-5-5 Brian Masney ++ * server/ldap.c - added more debugging statements when ++ it is compiled in to help troubleshoot parsing errors. Don't free ++ a LDAP connection prematurely when there is a reference to another ++ LDAP tree. If the config entry ends in }, make sure a ; gets tacked ++ on ++ ++ * debian/* - Updated version number. Renamed package from ++ dhcp3-ldap-ntelos to dhcp3-server-ldap. ++ ++ * server/ldap.c - enclose the shared-network name in quotes so ++ that there can be shared network statements in LDAP that have spaces ++ in them ++ ++ * configure - after the work directory is setup, add -lldap -llber ++ to the server Makefile ++ ++Wed Apr 21 15:09:08 CEST 2004 - mt@suse.de ++ * contrib/dhcpd-conf-to-ldap.pl: ++ - added "--conf=file" option usable instead of stdin ++ - added "--ldif=file" option usable instead of stdout ++ - added "--second=host|dn" option usefull for failover ++ - added "--use=feature" option to enable extended features; ++ currently used to enable failover (default is disabled). ++ - extended remaining_line() to support block statements ++ - fixed / improved failover support, added notes about ++ ++ * server/ldap.c: ++ - moved code checking statement ends to check_statement_end() ++ - moved parsing of entry options/statements to ++ ldap_parse_entry_options() ++ - moved code closing debug fd into ldap_close_debug_fd() ++ - moved code writing to debug fd into ldap_write_debug() ++ - added support for full hostname in dhcpServer search filter ++ - added support for multiple dhcpService entries in dhcpServer object ++ - added parsing of options and statements for dhcpServer object ++ - added verify if dhcpService contains server dn as primary or ++ secondary ++ - changed to search for dhcpHost,dhcpSubClass bellow of all ++ dhcpService trees instead of base-dn (avoids finding of hosts in ++ foreign configs) ++ - fixes to free all dn's fetched by ldap_get_dn (e.g. debug output) ++ - fixes to free ldap results, mainly in cases where no LDAP_SUCCESS ++ returned or other error conditions happened ++ - fixed/improved some log messages ++ ++2004-3-30 Brian Masney ++ * contrib/dhcpd-conf-to-ldap.pl - added option to control the ++ DHCP Config DN. Wrap the DHCP Statements in { } ++ This patch was contributed by Marius Tomaschewski ++ ++ * server/ldap.c - changed ldap_username and ldap_password to ++ be optional (anonymous bind is used then). Added {} block support ++ to dhcpStatements. (no ";" at end if statement ends with a "}"). ++ Fixed writing to ldap-debug-file. Changed find_haddr_in_ldap() to ++ use dhcpHost objectClass in its filter ++ This patch was contributed by Marius Tomaschewski ++ ++2004-3-23 Brian Masney ++ * contrib/dhcpd-conf-to-ldap.pl - added options for server, basedn ++ options and usage message (Net::Domain instead of SYS::Hostname). ++ Added handling of zone, authoritative and failover (config and ++ pool-refs) statements. Added numbering of groups and pools per ++ subnet. This patch was contributed by Marius Tomaschewski ++ ++2004-2-26 Brian Masney ++ * fixed an instance where the LDAP server would restart, but the DHCP ++ server would not reconnect ++ ++2004-2-18 Brian Masney ++ * allow multiple dhcp*DN entries in the LDAP entry. ++ ++2003-9-11 Brian Masney ++ * updated patch to work with 3.0.1rc12 ++ +diff -urNad dhcp-3.1.0/common/conflex.c dhcp3-3.1.0-ldap/common/conflex.c +--- dhcp-3.1.0/common/conflex.c 2007-05-29 19:49:44.000000000 +0200 ++++ dhcp3-3.1.0-ldap/common/conflex.c 2008-02-08 11:36:22.000000000 +0100 +@@ -47,6 +47,7 @@ + static enum dhcp_token read_number PROTO ((int, struct parse *)); + static enum dhcp_token read_num_or_name PROTO ((int, struct parse *)); + static enum dhcp_token intern PROTO ((unsigned char *, enum dhcp_token)); ++static int read_function PROTO ((struct parse *)); + + isc_result_t new_parse (cfile, file, inbuf, buflen, name, eolp) + struct parse **cfile; +@@ -74,6 +75,10 @@ + tmp -> file = file; + tmp -> eol_token = eolp; + ++ if (file != -1) { ++ tmp -> read_function = read_function;; ++ } ++ + tmp -> bufix = 0; + tmp -> buflen = buflen; + if (inbuf) { +@@ -113,22 +118,11 @@ + int c; + + if (cfile -> bufix == cfile -> buflen) { +- if (cfile -> file != -1) { +- cfile -> buflen = +- read (cfile -> file, +- cfile -> inbuf, cfile -> bufsiz); +- if (cfile -> buflen == 0) { +- c = EOF; +- cfile -> bufix = 0; +- } else if (cfile -> buflen < 0) { +- c = EOF; +- cfile -> bufix = cfile -> buflen = 0; +- } else { +- c = cfile -> inbuf [0]; +- cfile -> bufix = 1; +- } +- } else ++ if (cfile -> read_function) { ++ c = cfile -> read_function (cfile); ++ } else { + c = EOF; ++ } + } else { + c = cfile -> inbuf [cfile -> bufix]; + cfile -> bufix++; +@@ -1213,3 +1207,23 @@ + } + return dfv; + } ++ ++static int ++read_function (struct parse * cfile) ++{ ++ int c; ++ ++ cfile -> buflen = read (cfile -> file, cfile -> inbuf, cfile -> bufsiz); ++ if (cfile -> buflen == 0) { ++ c = EOF; ++ cfile -> bufix = 0; ++ } else if (cfile -> buflen < 0) { ++ c = EOF; ++ cfile -> bufix = cfile -> buflen = 0; ++ } else { ++ c = cfile -> inbuf [0]; ++ cfile -> bufix = 1; ++ } ++ ++ return c; ++} +diff -urNad dhcp-3.1.0/common/print.c dhcp3-3.1.0-ldap/common/print.c +--- dhcp-3.1.0/common/print.c 2007-05-29 19:49:44.000000000 +0200 ++++ dhcp3-3.1.0-ldap/common/print.c 2008-02-08 11:36:22.000000000 +0100 +@@ -168,9 +168,9 @@ + } + + char *print_hw_addr (htype, hlen, data) +- int htype; +- int hlen; +- unsigned char *data; ++ const int htype; ++ const int hlen; ++ const unsigned char *data; + { + static char habuf [49]; + char *s; +diff -urNad dhcp-3.1.0/contrib/dhcpd-conf-to-ldap.pl dhcp3-3.1.0-ldap/contrib/dhcpd-conf-to-ldap.pl +--- dhcp-3.1.0/contrib/dhcpd-conf-to-ldap.pl 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/contrib/dhcpd-conf-to-ldap.pl 2008-02-08 11:36:22.000000000 +0100 +@@ -0,0 +1,760 @@ ++#!/usr/bin/perl -w ++ ++# Brian Masney ++# To use this script, set your base DN below. Then run ++# ./dhcpd-conf-to-ldap.pl < /path-to-dhcpd-conf/dhcpd.conf > output-file ++# The output of this script will generate entries in LDIF format. You can use ++# the slapadd command to add these entries into your LDAP server. You will ++# definately want to double check that your LDAP entries are correct before ++# you load them into LDAP. ++ ++# This script does not do much error checking. Make sure before you run this ++# that the DHCP server doesn't give any errors about your config file ++ ++# FailOver notes: ++# Failover is disabled by default, since it may need manually intervention. ++# You can try the '--use=failover' option to see what happens :-) ++# ++# If enabled, the failover pool references will be written to LDIF output. ++# The failover configs itself will be added to the dhcpServer statements ++# and not to the dhcpService object (since this script uses only one and ++# it may be usefull to have multiple service containers in failover mode). ++# Further, this script does not check if primary or secondary makes sense, ++# it simply converts what it gets... ++ ++use Net::Domain qw(hostname hostfqdn hostdomain); ++use Getopt::Long; ++ ++my $domain = hostdomain(); # your.domain ++my $basedn = "dc=".$domain; ++ $basedn =~ s/\./,dc=/g; # dc=your,dc=domain ++my $server = hostname(); # hostname (nodename) ++my $dhcpcn = 'DHCP Config'; # CN of DHCP config tree ++my $dhcpdn = "cn=$dhcpcn, $basedn"; # DHCP config tree DN ++my $second = ''; # secondary server DN / hostname ++my $i_conf = ''; # dhcp.conf file to read or stdin ++my $o_ldif = ''; # output ldif file name or stdout ++my @use = (); # extended flags (failover) ++ ++sub usage($;$) ++{ ++ my $rc = shift; ++ my $err= shift; ++ ++ print STDERR "Error: $err\n\n" if(defined $err); ++ print STDERR <<__EOF_USAGE__; ++usage: ++ $0 [options] < dhcpd.conf > dhcpd.ldif ++ ++options: ++ ++ --basedn "dc=your,dc=domain" ("$basedn") ++ ++ --dhcpdn "dhcp config DN" ("$dhcpdn") ++ ++ --server "dhcp server name" ("$server") ++ ++ --second "secondary server or DN" ("$second") ++ ++ --conf "/path/to/dhcpd.conf" (default is stdin) ++ --ldif "/path/to/output.ldif" (default is stdout) ++ ++ --use "extended features" (see source comments) ++__EOF_USAGE__ ++ exit($rc); ++} ++ ++ ++sub next_token ++{ ++ local ($lowercase) = @_; ++ local ($token, $newline); ++ ++ do ++ { ++ if (!defined ($line) || length ($line) == 0) ++ { ++ $line = <>; ++ return undef if !defined ($line); ++ chop $line; ++ $line_number++; ++ $token_number = 0; ++ } ++ ++ $line =~ s/#.*//; ++ $line =~ s/^\s+//; ++ $line =~ s/\s+$//; ++ } ++ while (length ($line) == 0); ++ ++ if (($token, $newline) = $line =~ /^(.*?)\s+(.*)/) ++ { ++ if ($token =~ /^"/) { ++ #handle quoted token ++ if ($token !~ /"\s*$/) ++ { ++ ($tok, $newline) = $newline =~ /([^"]+")(.*)/; ++ $token .= " $tok"; ++ } ++ } ++ $line = $newline; ++ } ++ else ++ { ++ $token = $line; ++ $line = ''; ++ } ++ $token_number++; ++ ++ $token =~ y/[A-Z]/[a-z]/ if $lowercase; ++ ++ return ($token); ++} ++ ++ ++sub remaining_line ++{ ++ local ($block) = shift || 0; ++ local ($tmp, $str); ++ ++ $str = ""; ++ while (defined($tmp = next_token (0))) ++ { ++ $str .= ' ' if !($str eq ""); ++ $str .= $tmp; ++ last if $tmp =~ /;\s*$/; ++ last if($block and $tmp =~ /\s*[}{]\s*$/); ++ } ++ ++ $str =~ s/;$//; ++ return ($str); ++} ++ ++ ++sub ++add_dn_to_stack ++{ ++ local ($dn) = @_; ++ ++ $current_dn = "$dn, $current_dn"; ++} ++ ++ ++sub ++remove_dn_from_stack ++{ ++ $current_dn =~ s/^.*?,\s*//; ++} ++ ++ ++sub ++parse_error ++{ ++ print "Parse error on line number $line_number at token number $token_number\n"; ++ exit (1); ++} ++ ++ ++sub ++print_entry ++{ ++ return if (scalar keys %curentry == 0); ++ ++ if (!defined ($curentry{'type'})) ++ { ++ $hostdn = "cn=$server, $basedn"; ++ print "dn: $hostdn\n"; ++ print "cn: $server\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpServer\n"; ++ print "dhcpServiceDN: $current_dn\n"; ++ if(grep(/FaIlOvEr/i, @use)) ++ { ++ foreach my $fo_peer (keys %failover) ++ { ++ next if(scalar(@{$failover{$fo_peer}}) <= 1); ++ print "dhcpStatements: failover peer $fo_peer { ", ++ join('; ', @{$failover{$fo_peer}}), "; }\n"; ++ } ++ } ++ print "\n"; ++ ++ print "dn: $current_dn\n"; ++ print "cn: $dhcpcn\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpService\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ print "dhcpPrimaryDN: $hostdn\n"; ++ if(grep(/FaIlOvEr/i, @use) and ($second ne '')) ++ { ++ print "dhcpSecondaryDN: $second\n"; ++ } ++ } ++ elsif ($curentry{'type'} eq 'subnet') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: " . $curentry{'ip'} . "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpSubnet\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ ++ print "dhcpNetMask: " . $curentry{'netmask'} . "\n"; ++ if (defined ($curentry{'ranges'})) ++ { ++ foreach $statement (@{$curentry{'ranges'}}) ++ { ++ print "dhcpRange: $statement\n"; ++ } ++ } ++ } ++ elsif ($curentry{'type'} eq 'shared-network') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: " . $curentry{'descr'} . "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpSharedNetwork\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ } ++ elsif ($curentry{'type'} eq 'group') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: group", $curentry{'idx'}, "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpGroup\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ } ++ elsif ($curentry{'type'} eq 'host') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: " . $curentry{'host'} . "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpHost\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ ++ if (defined ($curentry{'hwaddress'})) ++ { ++ $curentry{'hwaddress'} =~ y/[A-Z]/[a-z]/; ++ print "dhcpHWAddress: " . $curentry{'hwaddress'} . "\n"; ++ } ++ } ++ elsif ($curentry{'type'} eq 'pool') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: pool", $curentry{'idx'}, "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpPool\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ ++ if (defined ($curentry{'ranges'})) ++ { ++ foreach $statement (@{$curentry{'ranges'}}) ++ { ++ print "dhcpRange: $statement\n"; ++ } ++ } ++ } ++ elsif ($curentry{'type'} eq 'class') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: " . $curentry{'class'} . "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpClass\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ } ++ elsif ($curentry{'type'} eq 'subclass') ++ { ++ print "dn: $current_dn\n"; ++ print "cn: " . $curentry{'subclass'} . "\n"; ++ print "objectClass: top\n"; ++ print "objectClass: dhcpSubClass\n"; ++ if (defined ($curentry{'options'})) ++ { ++ print "objectClass: dhcpOptions\n"; ++ } ++ print "dhcpClassData: " . $curentry{'class'} . "\n"; ++ } ++ ++ if (defined ($curentry{'statements'})) ++ { ++ foreach $statement (@{$curentry{'statements'}}) ++ { ++ print "dhcpStatements: $statement\n"; ++ } ++ } ++ ++ if (defined ($curentry{'options'})) ++ { ++ foreach $statement (@{$curentry{'options'}}) ++ { ++ print "dhcpOption: $statement\n"; ++ } ++ } ++ ++ print "\n"; ++ undef (%curentry); ++} ++ ++ ++sub parse_netmask ++{ ++ local ($netmask) = @_; ++ local ($i); ++ ++ if ((($a, $b, $c, $d) = $netmask =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/) != 4) ++ { ++ parse_error (); ++ } ++ ++ $num = (($a & 0xff) << 24) | ++ (($b & 0xff) << 16) | ++ (($c & 0xff) << 8) | ++ ($d & 0xff); ++ ++ for ($i=1; $i<=32 && $num & (1 << (32 - $i)); $i++) ++ { ++ } ++ $i--; ++ ++ return ($i); ++} ++ ++ ++sub parse_subnet ++{ ++ local ($ip, $tmp, $netmask); ++ ++ print_entry () if %curentry; ++ ++ $ip = next_token (0); ++ parse_error () if !defined ($ip); ++ ++ $tmp = next_token (1); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq 'netmask'); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ $netmask = parse_netmask ($tmp); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ add_dn_to_stack ("cn=$ip"); ++ $curentry{'type'} = 'subnet'; ++ $curentry{'ip'} = $ip; ++ $curentry{'netmask'} = $netmask; ++ $cursubnet = $ip; ++ $curcounter{$ip} = { pool => 0, group => 0 }; ++} ++ ++ ++sub parse_shared_network ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $descr = next_token (0); ++ parse_error () if !defined ($descr); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ add_dn_to_stack ("cn=$descr"); ++ $curentry{'type'} = 'shared-network'; ++ $curentry{'descr'} = $descr; ++} ++ ++ ++sub parse_host ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $host = next_token (0); ++ parse_error () if !defined ($host); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ add_dn_to_stack ("cn=$host"); ++ $curentry{'type'} = 'host'; ++ $curentry{'host'} = $host; ++} ++ ++ ++sub parse_group ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ my $idx; ++ if(exists($curcounter{$cursubnet})) { ++ $idx = ++$curcounter{$cursubnet}->{'group'}; ++ } else { ++ $idx = ++$curcounter{''}->{'group'}; ++ } ++ ++ add_dn_to_stack ("cn=group".$idx); ++ $curentry{'type'} = 'group'; ++ $curentry{'idx'} = $idx; ++} ++ ++ ++sub parse_pool ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ my $idx; ++ if(exists($curcounter{$cursubnet})) { ++ $idx = ++$curcounter{$cursubnet}->{'pool'}; ++ } else { ++ $idx = ++$curcounter{''}->{'pool'}; ++ } ++ ++ add_dn_to_stack ("cn=pool".$idx); ++ $curentry{'type'} = 'pool'; ++ $curentry{'idx'} = $idx; ++} ++ ++ ++sub parse_class ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $class = next_token (0); ++ parse_error () if !defined ($class); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ $class =~ s/\"//g; ++ add_dn_to_stack ("cn=$class"); ++ $curentry{'type'} = 'class'; ++ $curentry{'class'} = $class; ++} ++ ++ ++sub parse_subclass ++{ ++ local ($descr, $tmp); ++ ++ print_entry () if %curentry; ++ ++ $class = next_token (0); ++ parse_error () if !defined ($class); ++ ++ $subclass = next_token (0); ++ parse_error () if !defined ($subclass); ++ ++ $tmp = next_token (0); ++ parse_error () if !defined ($tmp); ++ parse_error () if !($tmp eq '{'); ++ ++ add_dn_to_stack ("cn=$subclass"); ++ $curentry{'type'} = 'subclass'; ++ $curentry{'class'} = $class; ++ $curentry{'subclass'} = $subclass; ++} ++ ++ ++sub parse_hwaddress ++{ ++ local ($type, $hw, $tmp); ++ ++ $type = next_token (1); ++ parse_error () if !defined ($type); ++ ++ $hw = next_token (1); ++ parse_error () if !defined ($hw); ++ $hw =~ s/;$//; ++ ++ $curentry{'hwaddress'} = "$type $hw"; ++} ++ ++ ++sub parse_range ++{ ++ local ($tmp, $str); ++ ++ $str = remaining_line (); ++ ++ if (!($str eq '')) ++ { ++ $str =~ s/;$//; ++ push (@{$curentry{'ranges'}}, $str); ++ } ++} ++ ++ ++sub parse_statement ++{ ++ local ($token) = shift; ++ local ($str); ++ ++ if ($token eq 'option') ++ { ++ $str = remaining_line (); ++ push (@{$curentry{'options'}}, $str); ++ } ++ elsif($token eq 'failover') ++ { ++ $str = remaining_line (1); # take care on block ++ if($str =~ /[{]/) ++ { ++ my ($peername, @statements); ++ ++ parse_error() if($str !~ /^\s*peer\s+(.+?)\s+[{]\s*$/); ++ parse_error() if(($peername = $1) !~ /^\"?[^\"]+\"?$/); ++ ++ # ++ # failover config block found: ++ # e.g. 'failover peer "some-name" {' ++ # ++ if(not grep(/FaIlOvEr/i, @use)) ++ { ++ print STDERR "Warning: Failover config 'peer $peername' found!\n"; ++ print STDERR " Skipping it, since failover disabled!\n"; ++ print STDERR " You may try out --use=failover option.\n"; ++ } ++ ++ until($str =~ /[}]/ or $str eq "") ++ { ++ $str = remaining_line (1); ++ # collect all statements, except ending '}' ++ push(@statements, $str) if($str !~ /[}]/); ++ } ++ $failover{$peername} = [@statements]; ++ } ++ else ++ { ++ # ++ # pool reference to failover config is fine ++ # e.g. 'failover peer "some-name";' ++ # ++ if(not grep(/FaIlOvEr/i, @use)) ++ { ++ print STDERR "Warning: Failover reference '$str' found!\n"; ++ print STDERR " Skipping it, since failover disabled!\n"; ++ print STDERR " You may try out --use=failover option.\n"; ++ } ++ else ++ { ++ push (@{$curentry{'statements'}}, $token. " " . $str); ++ } ++ } ++ } ++ elsif($token eq 'zone') ++ { ++ $str = $token; ++ while($str !~ /}$/) { ++ $str .= ' ' . next_token (0); ++ } ++ push (@{$curentry{'statements'}}, $str); ++ } ++ elsif($token =~ /^(authoritative)[;]*$/) ++ { ++ push (@{$curentry{'statements'}}, $1); ++ } ++ else ++ { ++ $str = $token . " " . remaining_line (); ++ push (@{$curentry{'statements'}}, $str); ++ } ++} ++ ++ ++my $ok = GetOptions( ++ 'basedn=s' => \$basedn, ++ 'dhcpdn=s' => \$dhcpdn, ++ 'server=s' => \$server, ++ 'second=s' => \$second, ++ 'conf=s' => \$i_conf, ++ 'ldif=s' => \$o_ldif, ++ 'use=s' => \@use, ++ 'h|help|usage' => sub { usage(0); }, ++); ++ ++unless($server =~ /^\w+/) ++ { ++ usage(1, "invalid server name '$server'"); ++ } ++unless($basedn =~ /^\w+=[^,]+/) ++ { ++ usage(1, "invalid base dn '$basedn'"); ++ } ++ ++if($dhcpdn =~ /^cn=([^,]+)/i) ++ { ++ $dhcpcn = "$1"; ++ } ++$second = '' if not defined $second; ++unless($second eq '' or $second =~ /^cn=[^,]+\s*,\s*\w+=[^,]+/i) ++ { ++ if($second =~ /^cn=[^,]+$/i) ++ { ++ # relative DN 'cn=name' ++ $second = "$second, $basedn"; ++ } ++ elsif($second =~ /^\w+/) ++ { ++ # assume hostname only ++ $second = "cn=$second, $basedn"; ++ } ++ else ++ { ++ usage(1, "invalid secondary '$second'") ++ } ++ } ++ ++usage(1) unless($ok); ++ ++if($i_conf ne "" and -f $i_conf) ++ { ++ if(not open(STDIN, '<', $i_conf)) ++ { ++ print STDERR "Error: can't open conf file '$i_conf': $!\n"; ++ exit(1); ++ } ++ } ++if($o_ldif ne "") ++ { ++ if(-e $o_ldif) ++ { ++ print STDERR "Error: output ldif name '$o_ldif' already exists!\n"; ++ exit(1); ++ } ++ if(not open(STDOUT, '>', $o_ldif)) ++ { ++ print STDERR "Error: can't open ldif file '$o_ldif': $!\n"; ++ exit(1); ++ } ++ } ++ ++ ++print STDERR "Creating LDAP Configuration with the following options:\n"; ++print STDERR "\tBase DN: $basedn\n"; ++print STDERR "\tDHCP DN: $dhcpdn\n"; ++print STDERR "\tServer DN: cn=$server, $basedn\n"; ++print STDERR "\tSecondary DN: $second\n" ++ if(grep(/FaIlOvEr/i, @use) and $second ne ''); ++print STDERR "\n"; ++ ++my $token; ++my $token_number = 0; ++my $line_number = 0; ++my %curentry; ++my $cursubnet = ''; ++my %curcounter = ( '' => { pool => 0, group => 0 } ); ++ ++$current_dn = "$dhcpdn"; ++$curentry{'descr'} = $dhcpcn; ++$line = ''; ++%failover = (); ++ ++while (($token = next_token (1))) ++ { ++ if ($token eq '}') ++ { ++ print_entry () if %curentry; ++ if($current_dn =~ /.+?,\s*${dhcpdn}$/) { ++ # don't go below dhcpdn ... ++ remove_dn_from_stack (); ++ } ++ } ++ elsif ($token eq 'subnet') ++ { ++ parse_subnet (); ++ next; ++ } ++ elsif ($token eq 'shared-network') ++ { ++ parse_shared_network (); ++ next; ++ } ++ elsif ($token eq 'class') ++ { ++ parse_class (); ++ next; ++ } ++ elsif ($token eq 'subclass') ++ { ++ parse_subclass (); ++ next; ++ } ++ elsif ($token eq 'pool') ++ { ++ parse_pool (); ++ next; ++ } ++ elsif ($token eq 'group') ++ { ++ parse_group (); ++ next; ++ } ++ elsif ($token eq 'host') ++ { ++ parse_host (); ++ next; ++ } ++ elsif ($token eq 'hardware') ++ { ++ parse_hwaddress (); ++ next; ++ } ++ elsif ($token eq 'range') ++ { ++ parse_range (); ++ next; ++ } ++ else ++ { ++ parse_statement ($token); ++ next; ++ } ++ } ++ ++close(STDIN) if($i_conf); ++close(STDOUT) if($o_ldif); ++ ++print STDERR "Done.\n"; ++ +diff -urNad dhcp-3.1.0/contrib/dhcp.schema dhcp3-3.1.0-ldap/contrib/dhcp.schema +--- dhcp-3.1.0/contrib/dhcp.schema 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/contrib/dhcp.schema 2008-02-08 11:36:22.000000000 +0100 +@@ -0,0 +1,462 @@ ++attributetype ( 2.16.840.1.113719.1.203.4.1 ++ NAME 'dhcpPrimaryDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DN of the dhcpServer which is the primary server for the configuration.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.2 ++ NAME 'dhcpSecondaryDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DN of dhcpServer(s) which provide backup service for the configuration.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.3 ++ NAME 'dhcpStatements' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Flexible storage for specific data depending on what object this exists in. Like conditional statements, server parameters, etc. This allows the standard to evolve without needing to adjust the schema.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.4 ++ NAME 'dhcpRange' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'The starting & ending IP Addresses in the range (inclusive), separated by a hyphen; if the range only contains one address, then just the address can be specified with no hyphen. Each range is defined as a separate value.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.5 ++ NAME 'dhcpPermitList' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'This attribute contains the permit lists associated with a pool. Each permit list is defined as a separate value.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.6 ++ NAME 'dhcpNetMask' ++ EQUALITY integerMatch ++ DESC 'The subnet mask length for the subnet. The mask can be easily computed from this length.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.7 ++ NAME 'dhcpOption' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Encoded option values to be sent to clients. Each value represents a single option and contains (OptionTag, Length, OptionValue) encoded in the format used by DHCP.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.8 ++ NAME 'dhcpClassData' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Encoded text string or list of bytes expressed in hexadecimal, separated by colons. Clients match subclasses based on matching the class data with the results of match or spawn with statements in the class name declarations.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.9 ++ NAME 'dhcpOptionsDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of the dhcpOption objects containing the configuration options provided by the server.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.10 ++ NAME 'dhcpHostDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'the distinguished name(s) of the dhcpHost objects.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.11 ++ NAME 'dhcpPoolDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of pools.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.12 ++ NAME 'dhcpGroupDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of the groups.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.13 ++ NAME 'dhcpSubnetDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of the subnets.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.14 ++ NAME 'dhcpLeaseDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name of a client address.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.15 ++ NAME 'dhcpLeasesDN' ++ DESC 'The distinguished name(s) client addresses.' ++ EQUALITY distinguishedNameMatch ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.16 ++ NAME 'dhcpClassesDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of a class(es) in a subclass.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.17 ++ NAME 'dhcpSubclassesDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of subclass(es).' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.18 ++ NAME 'dhcpSharedNetworkDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name(s) of sharedNetworks.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.19 ++ NAME 'dhcpServiceDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DN of dhcpService object(s)which contain the configuration information. Each dhcpServer object has this attribute identifying the DHCP configuration(s) that the server is associated with.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.20 ++ NAME 'dhcpVersion' ++ DESC 'The version attribute of this object.' ++ EQUALITY caseIgnoreIA5Match ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.21 ++ NAME 'dhcpImplementation' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Description of the DHCP Server implementation e.g. DHCP Servers vendor.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.22 ++ NAME 'dhcpAddressState' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'This stores information about the current binding-status of an address. For dynamic addresses managed by DHCP, the values should be restricted to the following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET", "ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP that is reserved for a specific client), "RESERVED-ACTIVE" (same as reserved, but address is currently in use), "ASSIGNED" (assigned manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.23 ++ NAME 'dhcpExpirationTime' ++ EQUALITY generalizedTimeMatch ++ DESC 'This is the time the current lease for an address expires.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.24 ++ NAME 'dhcpStartTimeOfState' ++ EQUALITY generalizedTimeMatch ++ DESC 'This is the time of the last state change for a leased address.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.25 ++ NAME 'dhcpLastTransactionTime' ++ EQUALITY generalizedTimeMatch ++ DESC 'This is the last time a valid DHCP packet was received from the client.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.26 ++ NAME 'dhcpBootpFlag' ++ EQUALITY booleanMatch ++ DESC 'This indicates whether the address was assigned via BOOTP.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.27 ++ NAME 'dhcpDomainName' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'This is the name of the domain sent to the client by the server. It is essentially the same as the value for DHCP option 15 sent to the client, and represents only the domain - not the full FQDN. To obtain the full FQDN assigned to the client you must prepend the "dhcpAssignedHostName" to this value with a ".".' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.28 ++ NAME 'dhcpDnsStatus' ++ EQUALITY integerMatch ++ DESC 'This indicates the status of updating DNS resource records on behalf of the client by the DHCP server for this address. The value is a 16-bit bitmask.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.29 ++ NAME 'dhcpRequestedHostName' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'This is the hostname that was requested by the client.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.30 ++ NAME 'dhcpAssignedHostName' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'This is the actual hostname that was assigned to a client. It may not be the name that was requested by the client. The fully qualified domain name can be determined by appending the value of "dhcpDomainName" (with a dot separator) to this name.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.31 ++ NAME 'dhcpReservedForClient' ++ EQUALITY distinguishedNameMatch ++ DESC 'The distinguished name of a "dhcpClient" that an address is reserved for. This may not be the same as the "dhcpAssignedToClient" attribute if the address is being reassigned but the current lease has not yet expired.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.32 ++ NAME 'dhcpAssignedToClient' ++ EQUALITY distinguishedNameMatch ++ DESC 'This is the distinguished name of a "dhcpClient" that an address is currently assigned to. This attribute is only present in the class when the address is leased.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.33 ++ NAME 'dhcpRelayAgentInfo' ++ EQUALITY octetStringMatch ++ DESC 'If the client request was received via a relay agent, this contains information about the relay agent that was available from the DHCP request. This is a hex-encoded option value.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.34 ++ NAME 'dhcpHWAddress' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'The clients hardware address that requested this IP address.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.35 ++ NAME 'dhcpHashBucketAssignment' ++ EQUALITY octetStringMatch ++ DESC 'HashBucketAssignment bit map for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC 3074].' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.36 ++ NAME 'dhcpDelayedServiceParameter' ++ EQUALITY integerMatch ++ DESC 'Delay in seconds corresponding to Delayed Service Parameter configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. ' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.37 ++ NAME 'dhcpMaxClientLeadTime' ++ EQUALITY integerMatch ++ DESC 'Maximum Client Lead Time configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR]' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.38 ++ NAME 'dhcpFailOverEndpointState' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol [FAILOVR]' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.39 ++ NAME 'dhcpErrorLog' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Generic error log attribute that allows logging error conditions within a dhcpService or a dhcpSubnet, like no IP addresses available for lease.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.40 ++ NAME 'dhcpLocatorDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DN of dhcpLocator object which contain the DNs of all DHCP configuration objects. There will be a single dhcpLocator object in the tree with links to all the DHCP objects in the tree' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.41 ++ NAME 'dhcpKeyAlgorithm' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Algorithm to generate TSIG Key' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.42 ++ NAME 'dhcpKeySecret' ++ EQUALITY octetStringMatch ++ DESC 'Secret to generate TSIG Key' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.43 ++ NAME 'dhcpDnsZoneServer' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Master server of the DNS Zone' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.44 ++ NAME 'dhcpKeyDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DNs of TSIG Key to use in secure dynamic updates. In case of locator object, this will be list of TSIG keys. In case of DHCP Service, Shared Network, Subnet and DNS Zone, it will be a single key.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.45 ++ NAME 'dhcpZoneDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DNs of DNS Zone. In case of locator object, this will be list of DNS Zones in the tree. In case of DHCP Service, Shared Network and Subnet, it will be a single DNS Zone.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.46 ++ NAME 'dhcpFailOverPrimaryServer' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'IP address or DNS name of the server playing primary role in DHC Load Balancing and Fail over.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.47 ++ NAME 'dhcpFailOverSecondaryServer' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'IP address or DNS name of the server playing secondary role in DHC Load Balancing and Fail over.' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.48 ++ NAME 'dhcpFailOverPrimaryPort' ++ EQUALITY integerMatch ++ DESC 'Port on which primary server listens for connections from its fail over peer (secondary server)' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.49 ++ NAME 'dhcpFailOverSecondaryPort' ++ EQUALITY integerMatch ++ DESC 'Port on which secondary server listens for connections from its fail over peer (primary server)' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.50 ++ NAME 'dhcpFailOverResponseDelay' ++ EQUALITY integerMatch ++ DESC 'Maximum response time in seconds, before Server assumes that connection to fail over peer has failed' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.51 ++ NAME 'dhcpFailOverUnackedUpdates' ++ EQUALITY integerMatch ++ DESC 'Number of BNDUPD messages that server can send before it receives BNDACK from its fail over peer' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.52 ++ NAME 'dhcpFailOverSplit' ++ EQUALITY integerMatch ++ DESC 'Split between the primary and secondary servers for fail over purpose' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.53 ++ NAME 'dhcpFailOverLoadBalanceTime' ++ EQUALITY integerMatch ++ DESC 'Cutoff time in seconds, after which load balance is disabled' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.54 ++ NAME 'dhcpFailOverPeerDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'The DNs of Fail over peers. In case of locator object, this will be list of fail over peers in the tree. In case of Subnet and pool, it will be a single Fail Over Peer' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++#List of all servers in the tree ++attributetype ( 2.16.840.1.113719.1.203.4.55 ++ NAME 'dhcpServerDN' ++ EQUALITY distinguishedNameMatch ++ DESC 'List of all DHCP Servers in the tree. Used by dhcpLocatorObject' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++attributetype ( 2.16.840.1.113719.1.203.4.56 ++ NAME 'dhcpComments' ++ EQUALITY caseIgnoreIA5Match ++ DESC 'Generic attribute that allows coments within any DHCP object' ++ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++# Classes ++ ++objectclass ( 2.16.840.1.113719.1.203.6.1 ++ NAME 'dhcpService' ++ DESC 'Service object that represents the actual DHCP Service configuration. This is a container object.' ++ SUP top ++ MUST (cn) ++ MAY ( dhcpPrimaryDN $ dhcpSecondaryDN $ dhcpServerDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpKeyDN $ dhcpFailOverPeerDN $ dhcpStatements $dhcpComments $ dhcpOption) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.2 ++ NAME 'dhcpSharedNetwork' ++ DESC 'This stores configuration information for a shared network.' ++ SUP top ++ MUST cn ++ MAY ( dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpStatements $dhcpComments $ dhcpOption) X-NDS_CONTAINMENT ('dhcpService' ) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.3 ++ NAME 'dhcpSubnet' ++ DESC 'This class defines a subnet. This is a container object.' ++ SUP top ++ MUST ( cn $ dhcpNetMask ) ++ MAY ( dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpKeyDN $ dhcpFailOverPeerDN $ dhcpStatements $ dhcpComments $ dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.4 ++ NAME 'dhcpPool' ++ DESC 'This stores configuration information about a pool.' ++ SUP top ++ MUST ( cn $ dhcpRange ) ++ MAY ( dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $dhcpKeyDN $ dhcpStatements $ dhcpComments $ dhcpOption ) ++ X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.5 ++ NAME 'dhcpGroup' ++ DESC 'Group object that lists host DNs and parameters. This is a container object.' ++ SUP top ++ MUST cn ++ MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption ) ++ X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpService' ) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.6 ++ NAME 'dhcpHost' ++ DESC 'This represents information about a particular client' ++ SUP top ++ MUST cn ++ MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' 'dhcpGroup') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.7 ++ NAME 'dhcpClass' ++ DESC 'Represents information about a collection of related clients.' ++ SUP top ++ MUST cn ++ MAY (dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' ) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.8 ++ NAME 'dhcpSubClass' ++ DESC 'Represents information about a collection of related classes.' ++ SUP top ++ MUST cn ++ MAY (dhcpClassData $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) X-NDS_CONTAINMENT 'dhcpClass' ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.9 ++ NAME 'dhcpOptions' ++ DESC 'Represents information about a collection of options defined.' ++ SUP top AUXILIARY ++ MUST cn ++ MAY ( dhcpOption $ dhcpComments ) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' ) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.10 ++ NAME 'dhcpLeases' ++ DESC 'This class represents an IP Address, which may or may not have been leased.' ++ SUP top ++ MUST ( cn $ dhcpAddressState ) ++ MAY ( dhcpExpirationTime $ dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ dhcpRelayAgentInfo $ dhcpHWAddress ) ++ X-NDS_CONTAINMENT ( 'dhcpService' 'dhcpSubnet' 'dhcpPool') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.11 ++ NAME 'dhcpLog' ++ DESC 'This is the object that holds past information about the IP address. The cn is the time/date stamp when the address was assigned or released, the address state at the time, if the address was assigned or released.' ++ SUP top ++ MUST ( cn ) ++ MAY ( dhcpAddressState $ dhcpExpirationTime $ dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) ++ X-NDS_CONTAINMENT ('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.12 ++ NAME 'dhcpServer' ++ DESC 'DHCP Server Object' ++ SUP top ++ MUST ( cn ) ++ MAY (dhcpServiceDN $ dhcpLocatorDN $ dhcpVersion $ dhcpImplementation $ dhcpHashBucketAssignment $ dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $ dhcpFailOverEndpointState $ dhcpStatements $ dhcpComments $ dhcpOption) ++ X-NDS_CONTAINMENT ('organization' 'organizationalunit' 'domain') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.13 ++ NAME 'dhcpTSigKey' ++ DESC 'TSIG key for secure dynamic updates' ++ SUP top ++ MUST (cn $ dhcpKeyAlgorithm $ dhcpKeySecret ) ++ MAY ( dhcpComments ) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.14 ++ NAME 'dhcpDnsZone' ++ DESC 'DNS Zone for updating leases' ++ SUP top ++ MUST (cn $ dhcpDnsZoneServer ) ++ MAY (dhcpKeyDN $ dhcpComments) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.15 ++ NAME 'dhcpFailOverPeer' ++ DESC 'This class defines the Fail over peer' ++ SUP top ++ MUST ( cn $ dhcpFailOverPrimaryServer $ dhcpFailOverSecondaryServer $ dhcpFailoverPrimaryPort $ dhcpFailOverSecondaryPort) MAY (dhcpFailOverResponseDelay $ dhcpFailOverUnackedUpdates $ dhcpMaxClientLeadTime $ dhcpFailOverSplit $ dhcpHashBucketAssignment $ dhcpFailOverLoadBalanceTime $ dhcpComments ) ++ X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) ++ ++objectclass ( 2.16.840.1.113719.1.203.6.16 ++ NAME 'dhcpLocator' ++ DESC 'Locator object for DHCP configuration in the tree. There will be a single dhcpLocator object in the tree with links to all the DHCP objects in the tree' ++ SUP top ++ MUST ( cn ) ++ MAY ( dhcpServiceDN $dhcpServerDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpKeyDN $ dhcpZoneDN $ dhcpFailOverPeerDN $ dhcpOption $ dhcpComments) ++ X-NDS_CONTAINMENT ('organization' 'organizationalunit' 'domain') ) ++ ++ +diff -urNad dhcp-3.1.0/doc/draft-ietf-dhc-ldap-schema-01.txt dhcp3-3.1.0-ldap/doc/draft-ietf-dhc-ldap-schema-01.txt +--- dhcp-3.1.0/doc/draft-ietf-dhc-ldap-schema-01.txt 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/doc/draft-ietf-dhc-ldap-schema-01.txt 2008-02-08 11:36:22.000000000 +0100 +@@ -0,0 +1,1089 @@ ++ ++ ++ ++ ++ ++Network Working Group M. Meredith, ++Internet Draft V. Nanjundaswamy, ++Document: M. Hinckley ++Category: Proposed Standard Novell Inc. ++Expires: 15th December 2001 16th June 2001 ++ ++ ++ LDAP Schema for DHCP ++ ++Status of this Memo ++ ++This document is an Internet-Draft and is in full conformance with all ++provisions of Section 10 of RFC2026 [ ]. ++ ++Internet-Drafts are working documents of the Internet Engineering Task ++Force (IETF), its areas, and its working groups. Note that other groups ++may also distribute working documents as Internet-Drafts. Internet- ++Drafts are draft documents valid for a maximum of six months and may be ++updated, replaced, or obsolete by other documents at any time. It is ++inappropriate to use Internet-Drafts as reference material or to cite ++them other than as "work in progress." The list of current Internet- ++Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The ++list of Internet-Draft Shadow Directories can be accessed at ++http://www.ietf.org/shadow.html. ++ ++1. Abstract ++ ++This document defines a schema for representing DHCP configuration in an ++LDAP directory. It can be used to represent the DHCP Service ++configuration(s) for an entire enterprise network, a subset of the ++network, or even a single server. Representing DHCP configuration in an ++LDAP directory enables centralized management of DHCP services offered ++by one or more DHCP Servers within the enterprise. ++ ++2. Conventions used in this document ++ ++The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", ++"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this ++document are to be interpreted as described in RFC-2119 [ ]. ++ ++In places where different sets of terminology are commonly used to ++represent similar DHCP concepts, this schema uses the terminology of the ++Internet Software Consortium's DHCP server reference implementation. ++For more information see www.isc.org. ++ ++3. Design Considerations ++ ++The DHCP LDAP schema is designed to be a simple multi-server schema. The ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 1] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++intent of this schema is to provide a basic framework for representing ++the most common elements used in the configuration of DHCP Server. This ++should allow other network services to obtain and use basic DHCP ++configuration information in a server-independent but knowledgeable way. ++ ++It is expected that some implementations may need to extend the schema ++objects, in order to implement all of their features or needs. It is ++recommended that you use the schema defined in this draft to represent ++DHCP configuration information in an LDAP directory. Conforming to a ++standard schema improves interoperability between DHCP implementations ++from different vendors. ++ ++Some implementations may choose not to support all of the objects ++defined here. ++ ++Two decisions are explicitly left up to each implementation: ++ ++First, implementations may choose not to store the lease information in ++the directory, so those objects would not be used. ++ ++Second, implementations may choose not to implement the auditing ++information. ++ ++It is up to the implementation to determine if the data in the directory ++is considered "authoritative", or if it is simply a copy of data from an ++authoritative source. Validity of the information if used as a copy is ++to be ensured by the implementation. ++ ++Primarily two types of applications will use the information in this ++schema: 1. DHCP servers (for loading their configuration) 2. Management ++Interfaces (for defining/editing configurations). ++ ++The schema should be efficient for the needs of both types of ++applications. The schema is designed to allow objects managed by DHCP ++(such as computers, subnets, etc) to be present anywhere in a directory ++hierarchy (to allow those objects to be placed in the directory for ++managing administrative control and access to the objects). ++ ++The schema uses a few naming conventions - all object classes and ++attributes are prefixed with "dhcp" to decrease the chance that object ++classes and attributes will have the same name. The schema also uses ++standard naming attributes ("cn", "ou", etc) for all objects. ++ ++4. Common DHCP Configuration Attributes ++ ++Although DHCP manages several different types of objects, the ++configuration of those objects is often similar. Consequently, most of ++these objects have a common set of attributes, which are defined below. ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 2] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++4.1. Attributes Definitions ++ ++The schema definitions listed below are for readability. The LDIF ++layout for this schema will follow in section 8. ++ ++Name: dhcpPrimaryDN Description: The Distinguished Name of the ++dhcpServer object, which is the primary server for the configuration. ++Syntax: DN Flags: SINGLE-VALUE ++ ++Named: dhcpSecondaryDN Description: The Distinguished Name(s) of the ++dhcpServer object(s), which are secondary servers for the configuration. ++Syntax: DN ++ ++Name: dhcpStatements Description: Flexible storage for representing any ++specific data depending on the object to which it is attached. Examples ++include conditional statements, Server parameters, etc. This also ++serves as a 'catch-all' attribute that allows the standard to evolve ++without needing to update the schema. Syntax: IA5String ++ ++Name: dhcpRange Description: The starting and ending IP Addresses in the ++range (inclusive), separated by a hyphen; if the range only contains one ++address, then just the address can be specified with no hyphen. Each ++range is defined as a separate value. Syntax: IA5String ++ ++Name: dhcpPermitList Description: This attribute contains the permit ++lists associated with a pool. Each permit list is defined as a separate ++value. Syntax: IA5String ++ ++Name: dhcpNetMask Description: The subnet mask length for the subnet. ++The mask can be easily computed from this length. Syntax: Integer ++Flags: SINGLE-VALUE ++ ++Name: dhcpOption Description: Encoded option values to be sent to ++clients. Each value represents a single option and contains (OptionTag, ++Length, OptionData) encoded in the format used by DHCP. For more ++information see [DHCPOPT]. Syntax: OctetString ++ ++Name: dhcpClassData Description: Encoded text string or list of bytes ++expressed in hexadecimal, separated by colons. Clients match subclasses ++based on matching the class data with the results of a 'match' or 'spawn ++with' statement in the class name declarations. Syntax: IA5String ++Flags: SINGLE-VALUE ++ ++Name: dhcpSubclassesDN Description: List of subclasses, these are the ++actual DN of each subclass object. Syntax: DN ++ ++Name: dhcpClassesDN Description: List of classes, these are the actual ++DN of each class object. Syntax: DN ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 3] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++Name: dhcpSubnetDN Description: List of subnets, these are the actual DN ++of each subnet object. Syntax: DN ++ ++Name: dhcpPoolDN Description: List of pools, these are the actual DN of ++each Pool object. Syntax: DN ++ ++Name: dhcpOptionsDN Description: List of options, these are the actual ++DN of each Options object. Syntax: DN ++ ++Name: dhcpHostDN Description: List of hosts, these are the actual DN of ++each host object. Syntax: DN ++ ++Name: dhcpSharedNetworkDN Description: List of shared networks, these ++are the actual DN of each shared network object. Syntax: DN ++ ++Name: dhcpGroupDN Description: List of groups, these are the actual DN ++of each Group object. Syntax: DN ++ ++Name: dhcpLeaseDN Description: Single Lease DN. A dhcpHost configuration ++uses this attribute to identify a static IP address assignment. Syntax: ++DN Flags: SINGLE-VALUE ++ ++Name: dhcpLeasesDN Description: List of leases, these are the actual DN ++of each lease object. Syntax: DN ++ ++Name: dhcpServiceDN Description: The DN of dhcpService object(s)which ++contain the configuration information. Each dhcpServer object has this ++attribute identifying the DHCP configuration(s) that the server is ++associated with. Syntax: DN ++ ++Name: dhcpHWAddress Description: The hardware address of the client ++associated with a lease Syntax: OctetString Flags: SINGLE-VALUE ++ ++Name: dhcpVersion Description: This is the version identified for the ++object that this attribute is part of. In case of the dhcpServer object, ++this represents the DHCP software version. Syntax: IA5String Flags: ++SINGLE-VALUE ++ ++Name: dhcpImplementation Description: DHCP Server implementation ++description e.g. DHCP Vendor information. Syntax: IA5String Flags: ++SINGLE-VALUE ++ ++Name: dhcpHashBucketAssignment Description: HashBucketAssignment bit map ++for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC ++3074]. Syntax: Octet String Flags: SINGLE-VALUE ++ ++Name: dhcpDelayedServiceParameter Description: Delay in seconds ++corresponding to Delayed Service Parameter configuration, as defined in ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 4] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++DHC Load Balancing Algorithm [RFC 3074]. Syntax: Integer Flags: SINGLE- ++VALUE ++ ++Name: dhcpMaxClientLeadTime Description: Maximum Client Lead Time ++configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR] ++Syntax: Integer Flags: SINGLE-VALUE ++ ++Name: dhcpFailOverEndpointState Description: Server (Failover Endpoint) ++state, as defined in DHCP Failover Protocol [FAILOVR] Syntax: IA5String ++Flags: SINGLE-VALUE ++ ++5. Configurations and Services ++ ++The schema definitions below are for readability the LDIF layout for ++this schema will follow in section 8. ++ ++The DHC working group is currently considering several proposals for ++fail-over and redundancy of DHCP servers. These may require sharing of ++configuration information between servers. This schema provides a ++generalized mechanism for supporting any of these proposals, by ++separating the definition of a server from the definition of ++configuration service provided by the server. ++ ++Separating the DHCP Server (dhcpServer) and the DHCP Configuration ++(dhcpService) representations allows a configuration service to be ++provided by one or more servers. Similarly, a server may provide one or ++more configurations. The schema allows a server to be configured as ++either a primary or secondary provider of a DHCP configuration. ++ ++Configurations are also defined so that one configuration can include ++some of the objects that are defined in another configuration. This ++allows for sharing and/or a hierarchy of related configuration items. ++ ++Name: dhcpService Description: Service object that represents the ++actual DHCP Service configuration. This will be a container with the ++following attributes. Must: cn, dhcpPrimaryDN May: dhcpSecondaryDN, ++dhcpSharedNetworkDN, dhcpSubnetDN, dhcpGroupDN, dhcpHostDN, ++dhcpClassesDN, dhcpOptionsDN, dhcpStatements ++ ++The following objects could exist inside the dhcpService container: ++dhcpSharedNetwork, dhcpSubnet, dhcpGroup, dhcpHost, dhcpClass, ++dhcpOptions, dhcpLog ++ ++Name: dhcpServer Description: Server object that the DHCP server will ++login as. The configuration information is in the dhcpService container ++that the dhcpServiceDN points to. Must: cn, dhcpServiceDN May: ++dhcpVersion, dhcpImplementation, dhcpHashBucketAssignment, ++dhcpDelayedServiceParameter, dhcpMaxClientLeadTime, ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 5] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++dhcpFailOverEndpointState, dhcpStatements ++ ++5.1. DHCP Declaration related classes: ++ ++Name: dhcpSharedNetwork Description: Shared Network class will list what ++pools and subnets are in this network. ++ ++This will be a container with the following attributes. Must: cn May: ++dhcpSubnetDN, dhcpPoolDN, dhcpOptionsDN, dhcpStatements ++ ++The following objects can exist within a dhcpSharedNetwork container: ++dhcpSubnet, dhcpPool, dhcpOptions, dhcpLog ++ ++Name: dhcpSubnet Description: Subnet object will include configuration ++information associated with a subnet, including a range and a net mask. ++ ++This will be a container with the following attributes. Must: cn ++(Subnet address), dhcpNetMask May: dhcpRange, dhcpPoolDN, dhcpGroupDN, ++dhcpHostDN, dhcpClassesDN, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements ++ ++The following objects can exist within a dhcpSubnet container: dhcpPool, ++dhcpGroup, dhcpHost, dhcpClass, dhcpOptions, dhcpLease, dhcpLog ++ ++Name: dhcpGroup Description: Group object will have configuration ++information associated with a group. ++ ++This will be a container with the following attributes. Must: cn May: ++dhcpHostDN, dhcpOptionsDN, dhcpStatements ++ ++The following objects can exist within a dhcpGroup container: dhcpHost, ++dhcpOptions ++ ++Name: dhcpHost Description: The host object includes DHCP host ++declarations to assign a static IP address or declare the client as ++known or specify statements for a specific client. Must: cn May: ++dhcpLeaseDN, dhcpHWAddress, dhcpOptionsDN, dhcpStatements ++ ++The following objects can exist within a dhcpHost container: dhcpLease, ++dhcpOptions ++ ++Name: dhcpOptions Description: The options class is for option space ++declarations, it contains a list of options. Must: cn, dhcpOption ++ ++Name: dhcpClass Description: This is a class to group clients together ++based on matching rules. ++ ++This will be a container with the following attributes. Must: cn May: ++dhcpSubClassesDN, dhcpOptionsDN, dhcpStatements ++ ++The following object can exist within a dhcpClass container: ++dhcpSubclass, dhcpOptions ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 6] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++Name: dhcpSubClass Description: This includes configuration information ++for a subclass associated with a class. The dhcpSubClass object will ++always be contained within the corresponding class container object. ++Must: cn May: dhcpClassData, dhcpOptionsDN, dhcpStatements ++ ++Name: dhcpPool Description: This contains configuration for a pool that ++will have the range of addresses, permit lists and point to classes and ++leases that are members of this pool. ++ ++This will be a container that could be contained by dhcpSubnet or a ++dhcpSharedNetwork. Must: cn, dhcpRange May: dhcpClassesDN, ++dhcpPermitList, dhcpLeasesDN, dhcpOptionsDN, dhcpStatements ++ ++The following objects can exist within a dhcpPool container: dhcpClass, ++dhcpOptions, dhcpLease, dhcpLog ++ ++6. Tracking Address Assignments ++ ++The behavior of a DHCP server is influenced by two factors - it's ++configuration and the current state of the addresses that have been ++assigned to clients. This schema defines a set of objects for ++representing the DHCP configuration associated with a server. The ++following object classes provide the ability to record how addresses are ++used including maintaining history (audit log) on individual leases. ++Recording lease information in a directory could result in a significant ++performance impact and is therefore optional. Implementations supporting ++logging of leases need to consider the performance impact. ++ ++6.1. dhcpLeases Attribute Definitions ++ ++The schema definitions below are for readability the LDIF layout for ++this schema will follow in section 8. ++ ++Name: dhcpAddressState Description: This stores information about the ++current binding-status of an address. For dynamic addresses managed by ++DHCP, the values should be restricted to the states defined in the DHCP ++Failover Protocol draft [FAILOVR]: 'FREE', 'ACTIVE', 'EXPIRED', ++'RELEASED', 'RESET', 'ABANDONED', 'BACKUP'. For more information on ++these states see [FAILOVR]. For other addresses, it SHOULD be one of ++the following: 'UNKNOWN', 'RESERVED' (an address that is managed by DHCP ++that is reserved for a specific client), 'RESERVED-ACTIVE' (same as ++reserved, but address is currently in use), 'ASSIGNED' (assigned ++manually or by some other mechanism), 'UNASSIGNED', 'NOTASSIGNABLE'. ++Syntax: IA5String Flags: SINGLE-VALUE ++ ++Name: dhcpExpirationTime Description: This is the time the current lease ++for an address expires. Syntax: DateTime Flags: SINGLE-VALUE ++ ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 7] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++Name: dhcpStartTimeOfState Description: This is the time of the last ++state change for a leased address. Syntax: DateTime Flags: SINGLE-VALUE ++ ++Name: dhcpLastTransactionTime Description: This is the last time a valid ++DHCP packet was received from the client. Syntax: DateTime Flags: ++SINGLE-VALUE ++ ++Name: dhcpBootpFlag Description: This indicates whether the address was ++assigned via BOOTP Syntax: Boolean Flags: SINGLE-VALUE ++ ++Name: dhcpDomainName Description: This is the name of the domain sent to ++the client by the server. It is essentially the same as the value for ++DHCP option 15 sent to the client, and represents only the domain - not ++the full FQDN. To obtain the full FQDN assigned to the client you must ++prepend the "dhcpAssignedHostName" to this value with a ".". Syntax: ++IA5String Flags: SINGLE-VALUE ++ ++Name: dhcpDnsStatus Description: This indicates the status of updating ++DNS resource records on behalf of the client by the DHCP server for this ++address. The value is a 16-bit bitmask that has the same values as ++specified by the Failover-DDNS option (see [FAILOVR]). Syntax: Integer ++Flags: SINGLE-VALUE ++ ++Name: dhcpRequestedHostName Description: This is the hostname that was ++requested by the client. Syntax: IA5String Flags: SINGLE-VALUE ++ ++Name: dhcpAssignedHostName Description: This is the actual hostname that ++was assigned to a client. It may not be the name that was requested by ++the client. The fully qualified domain name can be determined by ++appending the value of "dhcpDomainName" (with a dot separator) to this ++name. Syntax: IA5String Flags: SINGLE-VALUE ++ ++Name: dhcpReservedForClient Description: This is the distinguished name ++of the "dhcpHost" that an address is reserved for. This may not be the ++same as the "dhcpAssignedToClient" attribute if the address is being ++reassigned but the current lease has not yet expired. Syntax: DN Flags: ++SINGLE-VALUE ++ ++Name: dhcpAssignedToClient Description: This is the distinguished name ++of a "dhcpHost" that an address is currently assigned to. This ++attribute is only present in the class when the address is leased. ++Syntax: DN Flags: SINGLE-VALUE ++ ++Name: dhcpRelayAgentInfo Description: If the client request was received ++via a relay agent, this contains information about the relay agent that ++was available from the DHCP request. This is a hex-encoded option ++value. Syntax: OctetString Flags: SINGLE-VALUE ++ ++Name: dhcpErrorLog Description: Generic error log attribute that allows ++logging error conditions within a dhcpService or a dhcpSubnet, like no IP ++addresses available for lease. Syntax: IA5String ++ ++M. Meredith et al. Expires December 2001 [Page 8] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++6.2. dhcpLeases Object Class ++ ++This class represents an IP address. It may or may not be leaseable, ++and the object may exist even though a lease is not currently active for ++the associated IP address. ++ ++It is recommended that all Lease objects for a single DHCP Service be ++centrally located within a single container. This ensures that the lease ++objects and the corresponding logs do not have to be relocated, when ++address ranges allocated to individual DHCP subnets and/or pools change. ++ ++The schema definitions below are for readability the LDIF layout for ++this schema will follow in section 8. ++ ++Name: dhcpLeases Description: This is the object that holds state ++information about an IP address. The cn (which is the IP address), and ++the current address-state are mandatory attributes. If the address is ++assigned then, some of the optional attributes will have valid data. ++Must: cn, dhcpAddressState May: dhcpExpirationTime, ++dhcpStartTimeOfState, dhcpLastTransactionTime, dhcpBootpFlag, ++dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName, ++dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient, ++dhcpRelayAgentInfo, dhcpHWAddress ++ ++6.3 Audit Log Information ++ ++A dhcpLog object is created whenever a lease is assigned or released. ++This object is intended to be created under the corresponding dhcpLeases ++container, or dhcpPool, dhcpSubnet, dhcpSharedNetwork or dhcpService ++containers. ++ ++The log information under the dhcpLeases container would be for ++addresses matching that lease information. The log information in the ++other containers could be used for errors, i.e. when a pool or subnet is ++out our addresses or if a server is not able to assign any more ++addresses for a particular dhcpService. ++ ++Name: dhcpLog Description: This is the object that holds past ++information about an IP address. The cn is the time/date stamp when the ++address was assigned or released, the address state at the time, if the ++address was assigned or released. Must: cn May: dhcpAddressState, ++dhcpExpirationTime, dhcpStartTimeOfState, dhcpLastTransactionTime, ++dhcpBootpFlag, dhcpDomainName, dhcpDnsStatus, dhcpRequestedHostName, ++dhcpAssignedHostName, dhcpReservedForClient, dhcpAssignedToClient, ++dhcpRelayAgentInfo, dhcpHWAddress, dhcpErrorLog ++ ++ ++ ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 9] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++7. Determining settings ++ ++The dhcpStatements attribute is the key to DHC enhancements that may ++come along, and the different key words that a particular server ++implementation may use. This attribute can be used to hold conditional ++DHCP Statements and DHCP server parameters. Having a generic settings ++attribute that is just a string, allows this schema to be extensible and ++easy to configure. ++ ++All of the attributes that end with DN are references to the class that ++precedes the DN e.g. the dhcpPrimaryDN and dhcpSecondaryDN attributes ++hold the Distinguished Names of the dhcpServer objects that are ++associated with the dhcpService object. ++ ++8. LDIF format for attributes and classes. ++ ++# Attributes ++ ++( 2.16.840.1.113719.1.203.4.1 NAME 'dhcpPrimaryDN' DESC ++'The DN of the dhcpServer which is the primary server for the ++configuration.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.2 NAME 'dhcpSecondaryDN' DESC 'The DN of ++dhcpServer(s) which provide backup service for the configuration.' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.3 NAME 'dhcpStatements' DESC 'Flexible ++storage for specific data depending on what object this exists in. Like ++conditional statements, server parameters, etc. This allows the standard ++to evolve without needing to adjust the schema.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++( 2.16.840.1.113719.1.203.4.4 NAME 'dhcpRange' DESC 'The starting & ++ending IP Addresses in the range (inclusive), separated by a hyphen; if ++the range only contains one address, then just the address can be ++specified with no hyphen. Each range is defined as a separate value.' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++( 2.16.840.1.113719.1.203.4.5 NAME 'dhcpPermitList' DESC 'This attribute ++contains the permit lists associated with a pool. Each permit list is ++defined as a separate value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) ++ ++( 2.16.840.1.113719.1.203.4.6 NAME 'dhcpNetMask' DESC 'The subnet mask ++length for the subnet. The mask can be easily computed from this ++length.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.7 NAME 'dhcpOption' DESC 'Encoded option ++values to be sent to clients. Each value represents a single option and ++contains (OptionTag, Length, OptionValue) encoded in the format used by ++DHCP.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) ++ ++M. Meredith et al. Expires December 2001 [Page 10] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++( 2.16.840.1.113719.1.203.4.8 NAME 'dhcpClassData' DESC 'Encoded text ++string or list of bytes expressed in hexadecimal, separated by colons. ++Clients match subclasses based on matching the class data with the ++results of match or spawn with statements in the class name ++declarations.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.9 NAME 'dhcpOptionsDN' DESC 'The ++distinguished name(s) of the dhcpOption objects containing the ++configuration options provided by the server.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.10 NAME 'dhcpHostDN' DESC 'the distinguished ++name(s) of the dhcpHost objects.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.11 NAME 'dhcpPoolDN' DESC 'The distinguished ++name(s) of pools.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.12 NAME 'dhcpGroupDN' DESC 'The ++distinguished name(s) of the groups.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.13 NAME 'dhcpSubnetDN' DESC 'The ++distinguished name(s) of the subnets.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.14 NAME 'dhcpLeaseDN' DESC 'The ++distinguished name of a client address.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) ++ ++( 2.16.840.1.113719.1.203.4.15 NAME 'dhcpLeasesDN' DESC 'The ++distinguished name(s) client addresses.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.16 NAME 'dhcpClassesDN' DESC 'The ++distinguished name(s) of a class(es) in a subclass.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.17 NAME 'dhcpSubclassesDN' DESC 'The ++distinguished name(s) of subclass(es).' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.18 NAME 'dhcpSharedNetworkDN' DESC 'The ++distinguished name(s) of sharedNetworks.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.19 NAME 'dhcpServiceDN' DESC 'The DN of ++dhcpService object(s)which contain the configuration information. Each ++dhcpServer object has this attribute identifying the DHCP ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 11] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++configuration(s) that the server is associated with.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.12 ) ++ ++( 2.16.840.1.113719.1.203.4.20 NAME 'dhcpVersion' DESC 'The version ++attribute of this object.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- ++VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.21 NAME 'dhcpImplementation' DESC ++'Description of the DHCP Server implementation e.g. DHCP Server's ++vendor.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.22 NAME 'dhcpAddressState' DESC 'This stores ++information about the current binding-status of an address. For dynamic ++addresses managed by DHCP, the values should be restricted to the ++following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET", ++"ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the ++following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP ++that is reserved for a specific client), "RESERVED-ACTIVE" (same as ++reserved, but address is currently in use), "ASSIGNED" (assigned ++manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.23 NAME 'dhcpExpirationTime' DESC 'This is ++the time the current lease for an address expires.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.24 NAME 'dhcpStartTimeOfState' DESC 'This is ++the time of the last state change for a leased address.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.25 NAME 'dhcpLastTransactionTime' DESC 'This ++is the last time a valid DHCP packet was received from the client.' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.26 NAME 'dhcpBootpFlag' DESC 'This indicates ++whether the address was assigned via BOOTP.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.27 NAME 'dhcpDomainName' DESC 'This is the ++name of the domain sent to the client by the server. It is essentially ++the same as the value for DHCP option 15 sent to the client, and ++represents only the domain - not the full FQDN. To obtain the full FQDN ++assigned to the client you must prepend the "dhcpAssignedHostName" to ++this value with a ".".' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- ++VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.28 NAME 'dhcpDnsStatus' DESC 'This indicates ++the status of updating DNS resource records on behalf of the client by ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 12] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++the DHCP server for this address. The value is a 16-bit bitmask.' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.29 NAME 'dhcpRequestedHostName' DESC 'This ++is the hostname that was requested by the client.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.30 NAME 'dhcpAssignedHostName' DESC 'This is ++the actual hostname that was assigned to a client. It may not be the ++name that was requested by the client. The fully qualified domain name ++can be determined by appending the value of "dhcpDomainName" (with a dot ++separator) to this name.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE- ++VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.31 NAME 'dhcpReservedForClient' DESC 'The ++distinguished name of a "dhcpClient" that an address is reserved for. ++This may not be the same as the "dhcpAssignedToClient" attribute if the ++address is being reassigned but the current lease has not yet expired.' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.32 NAME 'dhcpAssignedToClient' DESC 'This is ++the distinguished name of a "dhcpClient" that an address is currently ++assigned to. This attribute is only present in the class when the ++address is leased.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.33 NAME 'dhcpRelayAgentInfo' DESC 'If the ++client request was received via a relay agent, this contains information ++about the relay agent that was available from the DHCP request. This is ++a hex-encoded option value.' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ++SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.34 NAME 'dhcpHWAddress' DESC 'The clients ++hardware address that requested this IP address.' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.35 NAME 'dhcpHashBucketAssignment' DESC ++'HashBucketAssignment bit map for the DHCP Server, as defined in DHC ++Load Balancing Algorithm [RFC 3074].' SYNTAX ++1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.36 NAME 'dhcpDelayedServiceParameter' DESC ++'Delay in seconds corresponding to Delayed Service Parameter ++configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. ' ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.37 NAME 'dhcpMaxClientLeadTime' DESC ++'Maximum Client Lead Time configuration in seconds, as defined in DHCP ++Failover Protocol [FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 13] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.38 NAME 'dhcpFailOverEndpointState' DESC ++'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol ++[FAILOVR]' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++( 2.16.840.1.113719.1.203.4.39 NAME 'dhcpErrorLog' DESC ++Generic error log attribute that allows logging error conditions within a ++dhcpService or a dhcpSubnet, like no IP addresses available for lease. ++SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) ++ ++#Classes ++ ++( 2.16.840.1.113719.1.203.6.1 NAME 'dhcpService' DESC ' Service object ++that represents the actual DHCP Service configuration. This is a ++container object.' SUP top MUST (cn $ dhcpPrimaryDN) MAY ++(dhcpSecondaryDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $ ++dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpStatements ) ) ++ ++( 2.16.840.1.113719.1.203.6.2 NAME 'dhcpSharedNetwork' DESC 'This stores ++configuration information for a shared network.' SUP top MUST cn MAY ++(dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpStatements) X- ++NDS_CONTAINMENT ('dhcpService' ) ) ++ ++( 2.16.840.1.113719.1.203.6.3 NAME 'dhcpSubnet' DESC 'This class defines ++a subnet. This is a container object.' SUP top MUST ( cn $ dhcpNetMask ) ++MAY (dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ ++dhcpLeasesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT ++('dhcpService' 'dhcpSharedNetwork') ) ++ ++( 2.16.840.1.113719.1.203.6.4 NAME 'dhcpPool' DESC 'This stores ++configuration information about a pool.' SUP top MUST ( cn $ dhcpRange ) ++MAY (dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ ++dhcpStatements) X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') ) ++ ++( 2.16.840.1.113719.1.203.6.5 NAME 'dhcpGroup' DESC 'Group object that ++lists host DNs and parameters. This is a container object.' SUP top MUST ++cn MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements ) X-NDS_CONTAINMENT ++('dhcpSubnet' 'dhcpService' ) ) ++ ++( 2.16.840.1.113719.1.203.6.6 NAME 'dhcpHost' DESC 'This represents ++information about a particular client' SUP top MUST cn MAY (dhcpLeaseDN ++$ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT ++('dhcpService' 'dhcpSubnet' 'dhcpGroup') ) ++ ++( 2.16.840.1.113719.1.203.6.7 NAME 'dhcpClass' DESC 'Represents ++information about a collection of related clients.' SUP top MUST cn MAY ++(dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT ++('dhcpService' 'dhcpSubnet' ) ) ++ ++( 2.16.840.1.113719.1.203.6.8 NAME 'dhcpSubClass' DESC 'Represents ++information about a collection of related classes.' SUP top MUST cn MAY ++(dhcpClassData $ dhcpOptionsDN $ dhcpStatements) X-NDS_CONTAINMENT ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 14] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++'dhcpClass' ) ++ ++( 2.16.840.1.113719.1.203.6.9 NAME 'dhcpOptions' DESC 'Represents ++information about a collection of options defined.' SUP top MUST cn MAY ++( dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' ++'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' ) ++ ++( 2.16.840.1.113719.1.203.6.10 NAME 'dhcpLeases' DESC 'This class ++represents an IP Address, which may or may not have been leased.' SUP ++top MUST ( cn $ dhcpAddressState ) MAY ( dhcpExpirationTime $ ++dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ ++dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ ++dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ ++dhcpRelayAgentInfo $ dhcpHWAddress ) X-NDS_CONTAINMENT ( 'dhcpService' ++'dhcpSubnet' 'dhcpPool') ) ++ ++( 2.16.840.1.113719.1.203.6.11 NAME 'dhcpLog' DESC 'This is the object ++that holds past information about the IP address. The cn is the ++time/date stamp when the address was assigned or released, the address ++state at the time, if the address was assigned or released.' SUP top ++MUST ( cn ) MAY ( dhcpAddressState $ dhcpExpirationTime $ ++dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ ++dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ ++dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ ++dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) X-NDS_CONTAINMENT ++('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) ) ++ ++( 2.16.840.1.113719.1.203.6.12 NAME 'dhcpServer' DESC 'DHCP Server ++Object' SUP top MUST (cn, dhcpServiceDN) MAY (dhcpVersion $ ++dhcpImplementation $ dhcpHashBucketAssignment $ ++dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $ ++dhcpFailOverEndpointState $ dhcpStatements) X-NDS_CONTAINMENT ('O' 'OU' ++'dc') ) ++ ++9. Security Considerations ++ ++Since the DHCP Configuration information is stored in a directory, the ++security of the information is limited to the security offered by the ++directory including the security of the objects within that directory. ++ ++10. Intellectual Property Rights Notices ++ ++The IETF takes no position regarding the validity or scope of any ++intellectual property or other rights that might be claimed to pertain ++to the implementation or use of the technology described in this ++document or the extent to which any license under such rights might or ++might not be available; neither does it represent that it has made any ++effort to identify any such rights. Information on the IETF's ++procedures with respect to rights in standards-track and standards- ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 15] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++related documentation can be found in BCP-11. Copies of claims of ++rights made available for publication and any assurances of licenses to ++be made available, or the result of an attempt made to obtain a general ++license or permission for the use of such proprietary rights by ++implementors or users of this specification can be obtained from the ++IETF Secretariat. ++ ++The IETF invites any interested party to bring to its attention any ++copyrights, patents or patent applications, or other proprietary rights ++which may cover technology that may be required to practice this ++standard. Please address the information to the IETF Executive ++Director. ++ ++11. Full Copyright Statement ++ ++Copyright (C) The Internet Society (2001). All Rights Reserved. ++ ++This document and translations of it may be copied and furnished to ++others, and derivative works that comment on or otherwise explain it or ++assist in its implementation may be prepared, copied, published and ++distributed, in whole or in part, without restriction of any kind, ++provided that the above copyright notice and this paragraph are included ++on all such copies and derivative works. However, this document itself ++may not be modified in any way, such as by removing the copyright notice ++or references to the Internet Society or other Internet organizations, ++except as needed for the purpose of developing Internet standards in ++which case the procedures for copyrights defined in the Internet ++Standards process must be followed, or as required to translate it into ++languages other than English. ++ ++The limited permissions granted above are perpetual and will not be ++revoked by the Internet Society or its successors or assigns. ++ ++This document and the information contained herein is provided on an "AS ++IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK ++FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT ++LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT ++INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR ++FITNESS FOR A PARTICULAR PURPOSE. ++ ++12. References ++ ++[RFC2131] Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, ++March 1997. ++ ++[RFC2132] Alexander, S., Droms, R., "DHCP Options and BOOTP Vendor ++Extensions", RFC 2132, March 1997. ++ ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 16] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++[MSDHCP] Gu, Y., Vyaghrapuri, R., "An LDAP Schema for Dynamic Host ++Configuration Protocol Service", Internet Draft , August 1998. ++ ++[NOVDHCP] Miller, T., Patel, A., Rao, P., "Lightweight Directory Access ++Protocol (v3): Schema for Dynamic Host Configuration Protocol (DHCP)", ++Internet Draft , June 1998. ++ ++[FAILOVR] Droms, R., Rabil, G., Dooley, M., Kapur, A., Gonczi, S., Volz, ++B., "DHCP Failover Protocol", Internet Draft , July 2000. ++ ++[RFC 3074] Volz B., Gonczi S., Lemon T., Stevens R., "DHC Load Balancing ++Algorithm", February 2001 ++ ++[AGENT] Patrick, M., "DHCP Relay Agent Information Option", Internet ++Draft , March 2000. ++ ++[DHCPOPT] Carney, M., "New Option Review Guidelines and Additional ++Option Namespace", Internet Draft , October 1999. ++ ++[POLICY] Strassner, J., Elleson, E., Moore, B., "Policy Framework LDAP ++Core Schema", Internet Draft , ++November 1999. ++ ++[RFC2251] Wahl, M., Howes, T., Kille, S., "Lightweight Directory Access ++Protocol (v3)", RFC 2251, December 1997. ++ ++[RFC2252] Wahl, M., Coulbeck, A., Howes, T., Kille, S., "Lightweight ++Directory Access Protocol (v3) Attribute Syntax Definitions", RFC 2252, ++December 1997. ++ ++[RFC2255] Howes, T., Smith, M., "The LDAP URL Format", RFC 2255, ++December 1997. ++ ++[RFC951] Croft, B., Gilmore, J., "Bootstrap Protocol (BOOTP)", RFC 951, ++September 1985. ++ ++[RFC2119] Bradner, S. "Key words for use in RFCs to Indicate Requirement ++Levels", RFC 2119, March 1997. ++ ++13. Acknowledgments ++ ++This work is partially based on a previous draft draft-ietf-dhc- ++schema-02.doc. ++ ++ ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 17] ++ ++ ++ ++ ++ ++INTERNET-DRAFT LDAP Schema for DHCP 16 June 2001 ++ ++ ++14. Author's Addresses ++ ++Comments regarding this draft may be sent to the authors at the ++following address: ++ ++Mark Meredith ++Mark Hinckley ++Novell Inc. ++1800 S. Novell Place ++Provo, Utah 84606 ++ ++Vijay K. Nanjundaswamy ++Novell Software Development (I) Ltd ++49/1 & 49/3, Garvebhavi Palya, ++7th Mile, Hosur Road ++Bangalore 560068 ++ ++email: mark_meredith@novell.com ++email: knvijay@novell.com ++email: mhinckley@novell.com ++ ++This Internet Draft expires December 16, 2001. ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++M. Meredith et al. Expires December 2001 [Page 18] ++ ++ ++ ++ +diff -urNad dhcp-3.1.0/dst/Makefile.dist dhcp3-3.1.0-ldap/dst/Makefile.dist +--- dhcp-3.1.0/dst/Makefile.dist 2005-03-17 21:15:06.000000000 +0100 ++++ dhcp3-3.1.0-ldap/dst/Makefile.dist 2008-02-08 11:36:22.000000000 +0100 +@@ -23,12 +23,13 @@ + + SRC = dst_support.c dst_api.c hmac_link.c md5_dgst.c base64.c prandom.c + OBJ = dst_support.o dst_api.o hmac_link.o md5_dgst.o base64.o prandom.o ++OBJ_NM5= dst_support.o dst_api.o hmac_link.o base64.o prandom.o + HDRS = dst_internal.h md5.h md5_locl.h + + INCLUDES = $(BINDINC) -I$(TOP)/includes + CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) -DHMAC_MD5 -DMINIRES_LIB + +-all: libdst.a ++all: libdst.a libdst-nomd5.a + + install: + +@@ -37,11 +38,16 @@ + ar cruv libdst.a $(OBJ) + $(RANLIB) libdst.a + ++libdst-nomd5.a: $(OBJ_NM5) ++ rm -f libdst-nomd5.a ++ ar cruv libdst-nomd5.a $(OBJ_NM5) ++ $(RANLIB) libdst-nomd5.a ++ + depend: + $(MKDEP) $(INCLUDES) $(PREDEFINES) $(SRC) + + clean: +- -rm -f $(OBJ) libdst.a ++ -rm -f $(OBJ) libdst.a libdst-nomd5.a + + realclean: clean + -rm -f *~ $(CATMANPAGES) $(SEDMANPAGES) +diff -urNad dhcp-3.1.0/includes/dhcpd.h dhcp3-3.1.0-ldap/includes/dhcpd.h +--- dhcp-3.1.0/includes/dhcpd.h 2007-05-29 19:49:44.000000000 +0200 ++++ dhcp3-3.1.0-ldap/includes/dhcpd.h 2008-02-08 13:35:19.000000000 +0100 +@@ -81,6 +81,11 @@ + #include + #include + ++#if defined(LDAP_CONFIGURATION) ++# include ++# include /* for uname() */ ++#endif ++ + #if !defined (BYTE_NAME_HASH_SIZE) + # define BYTE_NAME_HASH_SIZE 401 /* Default would be rediculous. */ + #endif +@@ -251,6 +256,8 @@ + char *inbuf; + unsigned bufix, buflen; + unsigned bufsiz; ++ ++ int (*read_function) (struct parse *); + }; + + /* Variable-length array of data. */ +@@ -362,6 +369,32 @@ + u_int8_t hbuf [17]; + }; + ++#if defined(LDAP_CONFIGURATION) ++# define LDAP_BUFFER_SIZE 8192 ++# define LDAP_METHOD_STATIC 0 ++# define LDAP_METHOD_DYNAMIC 1 ++#if defined (USE_SSL) ++# define LDAP_SSL_OFF 0 ++# define LDAP_SSL_ON 1 ++# define LDAP_SSL_TLS 2 ++# define LDAP_SSL_LDAPS 3 ++#endif ++ ++/* This is a tree of the current configuration we are building from LDAP */ ++struct ldap_config_stack { ++ LDAPMessage * res; /* Pointer returned from ldap_search */ ++ LDAPMessage * ldent; /* Current item in LDAP that we're processing. ++ in res */ ++ int close_brace; /* Put a closing } after we're through with ++ this item */ ++ int processed; /* We set this flag if this base item has been ++ processed. After this base item is processed, ++ we can start processing the children */ ++ struct ldap_config_stack *children; ++ struct ldap_config_stack *next; ++}; ++#endif ++ + typedef enum { + server_startup = 0, + server_running = 1, +@@ -558,6 +591,29 @@ + # define DEFAULT_PING_TIMEOUT 1 + #endif + ++#if defined(LDAP_CONFIGURATION) ++# define SV_LDAP_SERVER 53 ++# define SV_LDAP_PORT 54 ++# define SV_LDAP_USERNAME 55 ++# define SV_LDAP_PASSWORD 56 ++# define SV_LDAP_BASE_DN 57 ++# define SV_LDAP_METHOD 58 ++# define SV_LDAP_DEBUG_FILE 59 ++# define SV_LDAP_DHCP_SERVER_CN 60 ++# define SV_LDAP_REFERRALS 61 ++#if defined (USE_SSL) ++# define SV_LDAP_SSL 62 ++# define SV_LDAP_TLS_REQCERT 63 ++# define SV_LDAP_TLS_CA_FILE 64 ++# define SV_LDAP_TLS_CA_DIR 65 ++# define SV_LDAP_TLS_CERT 66 ++# define SV_LDAP_TLS_KEY 67 ++# define SV_LDAP_TLS_CRLCHECK 68 ++# define SV_LDAP_TLS_CIPHERS 69 ++# define SV_LDAP_TLS_RANDFILE 70 ++#endif ++#endif ++ + #if !defined (DEFAULT_DEFAULT_LEASE_TIME) + # define DEFAULT_DEFAULT_LEASE_TIME 43200 + #endif +@@ -1702,7 +1758,7 @@ + char *quotify_string (const char *, const char *, int); + char *quotify_buf (const unsigned char *, unsigned, const char *, int); + char *print_base64 (const unsigned char *, unsigned, const char *, int); +-char *print_hw_addr PROTO ((int, int, unsigned char *)); ++char *print_hw_addr PROTO ((const int, const int, const unsigned char *)); + void print_lease PROTO ((struct lease *)); + void dump_raw PROTO ((const unsigned char *, unsigned)); + void dump_packet_option (struct option_cache *, struct packet *, +@@ -2812,3 +2868,18 @@ + #endif /* FAILOVER_PROTOCOL */ + + const char *binding_state_print (enum failover_state); ++ ++/* ldap.c */ ++#if defined(LDAP_CONFIGURATION) ++extern struct enumeration ldap_methods; ++#if defined (USE_SSL) ++extern struct enumeration ldap_ssl_usage_enum; ++extern struct enumeration ldap_tls_reqcert_enum; ++extern struct enumeration ldap_tls_crlcheck_enum; ++#endif ++isc_result_t ldap_read_config (void); ++int find_haddr_in_ldap (struct host_decl **, int, unsigned, ++ const unsigned char *, const char *, int); ++int find_subclass_in_ldap (struct class *, struct class **, ++ struct data_string *); ++#endif +diff -urNad dhcp-3.1.0/includes/ldap_casa.h dhcp3-3.1.0-ldap/includes/ldap_casa.h +--- dhcp-3.1.0/includes/ldap_casa.h 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/includes/ldap_casa.h 2008-02-08 11:36:22.000000000 +0100 +@@ -0,0 +1,83 @@ ++/* ldap_casa.h ++ ++ Definition for CASA modules... */ ++ ++/* Copyright (c) 2004 Internet Systems Consorium, Inc. ("ISC") ++ * Copyright (c) 1995-2003 Internet Software Consortium. ++ * Copyright (c) 2006 Novell, Inc. ++ ++ * All rights reserved. ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions are met: ++ * 1.Redistributions of source code must retain the above copyright notice, ++ * this list of conditions and the following disclaimer. ++ * 2.Redistributions in binary form must reproduce the above copyright notice, ++ * this list of conditions and the following disclaimer in the documentation ++ * and/or other materials provided with the distribution. ++ * 3.Neither the name of ISC, ISC DHCP, nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ ++ * THIS SOFTWARE IS PROVIDED BY INTERNET SYSTEMS CONSORTIUM AND CONTRIBUTORS ++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ++ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ISC OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ++ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++ * POSSIBILITY OF SUCH DAMAGE. ++ ++ * This file was written by S Kalyanasundaram ++ */ ++ ++#if defined(LDAP_CASA_AUTH) ++#ifndef __LDAP_CASA_H__ ++#define __LDAP_CASA_H__ ++ ++#include ++#include ++#include ++ ++#define MICASA_LIB "libmicasa.so.1" ++ ++SSCS_TYPEDEF_LIBCALL(int, CASA_GetCredential_T) ++( ++ uint32_t ssFlags, ++ SSCS_SECRET_ID_T *appSecretID, ++ SSCS_SECRET_ID_T *sharedSecretID, ++ uint32_t *credentialType, ++ void *credential, ++ SSCS_EXT_T *ext ++); ++SSCS_TYPEDEF_LIBCALL(int, CASA_SetCredential_T) ++( ++ uint32_t ssFlags, ++ SSCS_SECRET_ID_T *appSecretID, ++ SSCS_SECRET_ID_T *sharedSecretID, ++ uint32_t credentialType, ++ void *credential, ++ SSCS_EXT_T *ext ++); ++ ++SSCS_TYPEDEF_LIBCALL(int, CASA_RemoveCredential_T) ++( ++ uint32_t ssFlags, ++ SSCS_SECRET_ID_T *appSecretID, ++ SSCS_SECRET_ID_T *sharedSecretID, ++ SSCS_EXT_T *ext ++); ++static CASA_GetCredential_T p_miCASAGetCredential = NULL; ++static CASA_SetCredential_T p_miCASASetCredential = NULL; ++static CASA_RemoveCredential_T p_miCASARemoveCredential = NULL; ++static void *casaIDK = NULL; ++ ++int load_casa(void); ++static void release_casa(void); ++int load_uname_pwd_from_miCASA(char **, char **); ++ ++#endif /* __LDAP_CASA_H__ */ ++#endif /* LDAP_CASA_AUTH */ ++ +diff -urNad dhcp-3.1.0/includes/site.h dhcp3-3.1.0-ldap/includes/site.h +--- dhcp-3.1.0/includes/site.h 2006-08-01 00:19:51.000000000 +0200 ++++ dhcp3-3.1.0-ldap/includes/site.h 2008-02-08 11:36:22.000000000 +0100 +@@ -183,3 +183,18 @@ + traces. */ + + #define TRACING ++ ++/* Define this if you want to read your config from LDAP. Read README.ldap ++ about how to set this up */ ++ ++#define LDAP_CONFIGURATION ++ ++/* Define this if you want to enable LDAP over a SSL connection. You will need ++ to add -lcrypto -lssl to the LIBS= line of server/Makefile */ ++ ++#define USE_SSL ++ ++#define _PATH_DHCPD_DB "/var/lib/dhcpd/dhcpd.leases" ++#define _PATH_DHCLIENT_DB "/var/lib/dhclient/dhclient.leases" ++#define _PATH_DHCPD_DB "/var/lib/dhcpd/dhcpd.leases" ++#define _PATH_DHCLIENT_DB "/var/lib/dhclient/dhclient.leases" +diff -urNad dhcp-3.1.0/Makefile.conf dhcp3-3.1.0-ldap/Makefile.conf +--- dhcp-3.1.0/Makefile.conf 2007-05-29 19:49:44.000000000 +0200 ++++ dhcp3-3.1.0-ldap/Makefile.conf 2008-02-08 12:43:09.000000000 +0100 +@@ -45,7 +45,7 @@ + LIBDIR=/usr/local/lib + INCDIR=/usr/local/include + LIBS = +-COPTS = $(BINDDEF) $(CC_OPTIONS) ++COPTS = $(BINDDEF) $(CC_OPTIONS) -DDEBUG_LDAP -DDEBUG + DEBUG = -g + #WARNERR = -Werror + RANLIB = ranlib +diff -urNad dhcp-3.1.0/README.ldap dhcp3-3.1.0-ldap/README.ldap +--- dhcp-3.1.0/README.ldap 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/README.ldap 2008-02-08 11:36:22.000000000 +0100 +@@ -0,0 +1,190 @@ ++LDAP Support in DHCP ++Brian Masney ++Last updated 3/23/2003 ++ ++This document describes setting up the DHCP server to read it's configuration ++from LDAP. This work is based on the IETF document ++draft-ietf-dhc-ldap-schema-01.txt included in the doc directory. For the latest ++version of this document, please see http://home.ntelos.net/~masneyb. ++ ++First question on most people's mind is "Why do I want to store my ++configuration in LDAP?" If you run a small DHCP server, and the configuration ++on it rarely changes, then you won't need to store your configuration in LDAP. ++But, if you have several DHCP servers, and you want an easy way to manage your ++configuration, this can be a solution. ++ ++The first step will be to setup your LDAP server. I am using OpenLDAP from ++www.openldap.org. Building and installing OpenLDAP is beyond the scope of this ++document. There is plenty of documentation out there about this. Once you have ++OpenLDAP installed, you will have to edit your slapd.conf file. I added the ++following 2 lines to my configuration file: ++ ++include /etc/ldap/schema/dhcp.schema ++index dhcpHWAddress eq ++index dhcpClassData eq ++ ++The first line tells it to include the dhcp schema file. You will find this ++file under the contrib directory in this distribution. You will need to copy ++this file to where your other schema files are (maybe ++/usr/local/openldap/etc/openldap/schema/). The second line sets up ++an index for the dhcpHWAddress parameter. The third parameter is for reading ++subclasses from LDAP every time a DHCP request comes in. Make sure you run the ++slapindex command and restart slapd to have these changes to into effect. ++ ++Now that you have LDAP setup, you should be able to use gq (http://biot.com/gq/) ++to verify that the dhcp schema file is loaded into LDAP. Pull up gq, and click ++on the Schema tab. Go under objectClasses, and you should see at least the ++following object classes listed: dhcpClass, dhcpGroup, dhcpHost, dhcpOptions, ++dhcpPool, dhcpServer, dhcpService, dhcpSharedNetwork, dhcpSubClass, and ++dhcpSubnet. If you do not see these, you need to check over your LDAP ++configuration before you go any further. ++ ++You should now be ready to build DHCP. If you would like to enable LDAP over ++SSL, you will need to perform the following steps: ++ ++ * Edit the includes/site.h file and uncomment the USE_SSL line ++ or specify "-DUSE_SSL" via CFLAGS. ++ * Edit the dst/Makefile.dist file and remove md5_dgst.c and md5_dgst.o ++ from the SRC= and OBJ= lines (around line 24) ++ * Now run configure in the base source directory. If you chose to enable ++ LDAP over SSL, you must append -lcrypto -lssl to the LIBS= line in the file ++ work.os/server/Makefile (replace os with your operating system, linux-2.2 on ++ my machine). You should now be able to type make to build your DHCP server. ++ ++If you choose to not enable LDAP over SSL, then you only need to run configure ++and make in the toplevel source directory. ++ ++Once you have DHCP installed, you will need to setup your initial plaintext ++config file. In my /etc/dhcpd.conf file, I have: ++ ++ldap-server "localhost"; ++ldap-port 389; ++ldap-username "cn=DHCP User, dc=ntelos, dc=net"; ++ldap-password "blah"; ++ldap-base-dn "dc=ntelos, dc=net"; ++ldap-method dynamic; ++ldap-debug-file "/var/log/dhcp-ldap-startup.log"; ++ ++If SSL has been enabled at compile time using the USE_SSL flag, the dhcp ++server trys to use TLS if possible, but continues without TLS if not. ++ ++You can modify this behaviour using following option in /etc/dhcpd.conf: ++ ++ldap-ssl ++ off: disables TLS/LDAPS. ++ ldaps: enables LDAPS -- don't forget to set ldap-port to 636. ++ start_tls: enables TLS using START_TLS command ++ on: enables LDAPS if ldap-port is set to 636 or TLS in ++ other cases. ++ ++See also "man 5 ldap.conf" for description the following TLS related ++options: ++ ldap-tls-reqcert, ldap-tls-ca-file, ldap-tls-ca-dir, ldap-tls-cert ++ ldap-tls-key, ldap-tls-crlcheck, ldap-tls-ciphers, ldap-tls-randfile ++ ++All of these parameters should be self explanatory except for the ldap-method. ++You can set this to static or dynamic. If you set it to static, the ++configuration is read once on startup, and LDAP isn't used anymore. But, if you ++set this to dynamic, the configuration is read once on startup, and the ++hosts that are stored in LDAP are looked up every time a DHCP request comes in. ++ ++When the optional statement ldap-debug-file is specified, on startup the DHCP ++server will write out the configuration that it generated from LDAP. If you are ++getting errors about your LDAP configuration, this is a good place to start ++looking. ++ ++The next step is to set up your LDAP tree. Here is an example config that will ++give a 10.100.0.x address to machines that have a host entry in LDAP. ++Otherwise, it will give a 10.200.0.x address to them. (NOTE: replace ++dc=ntelos, dc=net with your base dn). If you would like to convert your ++existing dhcpd.conf file to LDIF format, there is a script ++contrib/dhcpd-conf-to-ldap.pl that will convert it for you. Type ++dhcpd-conf-to-ldap.pl --help to see the usage information for this script. ++ ++# You must specify the server's host name in LDAP that you are going to run ++# DHCP on and point it to which config tree you want to use. Whenever DHCP ++# first starts up, it will do a search for this entry to find out which ++# config to use ++dn: cn=brian.ntelos.net, dc=ntelos, dc=net ++objectClass: top ++objectClass: dhcpServer ++cn: brian.ntelos.net ++dhcpServiceDN: cn=DHCP Service Config, dc=ntelos, dc=net ++ ++# Here is the config tree that brian.ntelos.net points to. ++dn: cn=DHCP Service Config, dc=ntelos, dc=net ++cn: DHCP Service Config ++objectClass: top ++objectClass: dhcpService ++dhcpPrimaryDN: dc=ntelos, dc=net ++dhcpStatements: ddns-update-style none ++dhcpStatements: default-lease-time 600 ++dhcpStatements: max-lease-time 7200 ++ ++# Set up a shared network segment ++dn: cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net ++cn: WV ++objectClass: top ++objectClass: dhcpSharedNetwork ++ ++# Set up a subnet declaration with a pool statement. Also note that we have ++# a dhcpOptions object with this entry ++dn: cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net ++cn: 10.100.0.0 ++objectClass: top ++objectClass: dhcpSubnet ++objectClass: dhcpOptions ++dhcpOption: domain-name-servers 10.100.0.2 ++dhcpOption: routers 10.100.0.1 ++dhcpOption: subnet-mask 255.255.255.0 ++dhcpOption: broadcast-address 10.100.0.255 ++dhcpNetMask: 24 ++ ++# Set up a pool for this subnet. Only known hosts will get these IPs ++dn: cn=Known Pool, cn=10.100.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net ++cn: Known Pool ++objectClass: top ++objectClass: dhcpPool ++dhcpRange: 10.100.0.3 10.100.0.254 ++dhcpPermitList: deny unknown-clients ++ ++# Set up another subnet declaration with a pool statement ++dn: cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net ++cn: 10.200.0.0 ++objectClass: top ++objectClass: dhcpSubnet ++objectClass: dhcpOptions ++dhcpOption: domain-name-servers 10.200.0.2 ++dhcpOption: routers 10.200.0.1 ++dhcpOption: subnet-mask 255.255.255.0 ++dhcpOption: broadcast-address 10.200.0.255 ++dhcpNetMask: 24 ++ ++# Set up a pool for this subnet. Only unknown hosts will get these IPs ++dn: cn=Known Pool, cn=10.200.0.0, cn=WV Test, cn=DHCP Service Config, dc=ntelos, dc=net ++cn: Known Pool ++objectClass: top ++objectClass: dhcpPool ++dhcpRange: 10.200.0.3 10.200.0.254 ++dhcpPermitList: deny known clients ++ ++# Set aside a group for all of our known MAC addresses ++dn: cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net ++objectClass: top ++objectClass: dhcpGroup ++cn: Customers ++ ++# Host entry for my laptop ++dn: cn=brianlaptop, cn=Customers, cn=DHCP Service Config, dc=ntelos, dc=net ++objectClass: top ++objectClass: dhcpHost ++cn: brianlaptop ++dhcpHWAddress: ethernet 00:00:00:00:00:00 ++ ++You can use the command slapadd to load all of these entries into your LDAP ++server. After you load this, you should be able to start up DHCP. If you run ++into problems reading the configuration, try running dhcpd with the -d flag. ++If you still have problems, edit the site.conf file in the DHCP source and ++add the line: COPTS= -DDEBUG_LDAP and recompile DHCP. (make sure you run make ++clean and rerun configure before you rebuild). ++ +diff -urNad dhcp-3.1.0/server/class.c dhcp3-3.1.0-ldap/server/class.c +--- dhcp-3.1.0/server/class.c 2006-06-01 22:23:17.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/class.c 2008-02-08 11:36:22.000000000 +0100 +@@ -90,6 +90,7 @@ + int matched = 0; + int status; + int ignorep; ++ int classfound; + + for (class = collection -> classes; class; class = class -> nic) { + #if defined (DEBUG_CLASS_MATCHING) +@@ -135,9 +136,15 @@ + class -> submatch, MDL)); + if (status && data.len) { + nc = (struct class *)0; +- if (class_hash_lookup (&nc, class -> hash, +- (const char *)data.data, +- data.len, MDL)) { ++ classfound = class_hash_lookup (&nc, class -> hash, ++ (const char *)data.data, data.len, MDL); ++ ++#ifdef LDAP_CONFIGURATION ++ if (!classfound && find_subclass_in_ldap (class, &nc, &data)) ++ classfound = 1; ++#endif ++ ++ if (classfound) { + #if defined (DEBUG_CLASS_MATCHING) + log_info ("matches subclass %s.", + print_hex_1 (data.len, +diff -urNad dhcp-3.1.0/server/confpars.c dhcp3-3.1.0-ldap/server/confpars.c +--- dhcp-3.1.0/server/confpars.c 2007-06-28 19:20:40.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/confpars.c 2008-02-08 11:36:22.000000000 +0100 +@@ -63,7 +63,17 @@ + + isc_result_t readconf () + { +- return read_conf_file (path_dhcpd_conf, root_group, ROOT_GROUP, 0); ++ isc_result_t res; ++ ++ res = read_conf_file (path_dhcpd_conf, root_group, ROOT_GROUP, 0); ++#if defined(LDAP_CONFIGURATION) ++ if (res != ISC_R_SUCCESS) ++ return (res); ++ ++ return ldap_read_config (); ++#else ++ return (res); ++#endif + } + + isc_result_t read_conf_file (const char *filename, struct group *group, +diff -urNad dhcp-3.1.0/server/dhcpd.c dhcp3-3.1.0-ldap/server/dhcpd.c +--- dhcp-3.1.0/server/dhcpd.c 2007-05-29 19:49:44.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/dhcpd.c 2008-02-08 11:36:22.000000000 +0100 +@@ -440,6 +440,14 @@ + /* Add the ddns update style enumeration prior to parsing. */ + add_enumeration (&ddns_styles); + add_enumeration (&syslog_enum); ++#if defined (LDAP_CONFIGURATION) ++ add_enumeration (&ldap_methods); ++#if defined (USE_SSL) ++ add_enumeration (&ldap_ssl_usage_enum); ++ add_enumeration (&ldap_tls_reqcert_enum); ++ add_enumeration (&ldap_tls_crlcheck_enum); ++#endif ++#endif + + if (!group_allocate (&root_group, MDL)) + log_fatal ("Can't allocate root group!"); +diff -urNad dhcp-3.1.0/server/ldap.c dhcp3-3.1.0-ldap/server/ldap.c +--- dhcp-3.1.0/server/ldap.c 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/server/ldap.c 2008-02-08 14:15:53.000000000 +0100 +@@ -0,0 +1,2003 @@ ++/* ldap.c ++ ++ Routines for reading the configuration from LDAP */ ++ ++/* ++ * Copyright (c) 2003-2006 Ntelos, Inc. ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. Neither the name of The Internet Software Consortium nor the names ++ * of its contributors may be used to endorse or promote products derived ++ * from this software without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE INTERNET SOFTWARE CONSORTIUM AND ++ * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, ++ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF ++ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ++ * DISCLAIMED. IN NO EVENT SHALL THE INTERNET SOFTWARE CONSORTIUM OR ++ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT ++ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF ++ * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ++ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, ++ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT ++ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ * ++ * This LDAP module was written by Brian Masney . Its ++ * development was sponsored by Ntelos, Inc. (www.ntelos.com). ++ */ ++ ++#include "dhcpd.h" ++#include ++ ++#if defined(LDAP_CONFIGURATION) ++ ++#if defined(LDAP_CASA_AUTH) ++#include "ldap_casa.h" ++#endif ++ ++static LDAP * ld = NULL; ++static char *ldap_server = NULL, ++ *ldap_username = NULL, ++ *ldap_password = NULL, ++ *ldap_base_dn = NULL, ++ *ldap_dhcp_server_cn = NULL, ++ *ldap_debug_file = NULL; ++static int ldap_port = LDAP_PORT, ++ ldap_method = LDAP_METHOD_DYNAMIC, ++ ldap_referrals = -1, ++ ldap_debug_fd = -1; ++#if defined (USE_SSL) ++static int ldap_use_ssl = -1, /* try TLS if possible */ ++ ldap_tls_reqcert = -1, ++ ldap_tls_crlcheck = -1; ++static char *ldap_tls_ca_file = NULL, ++ *ldap_tls_ca_dir = NULL, ++ *ldap_tls_cert = NULL, ++ *ldap_tls_key = NULL, ++ *ldap_tls_ciphers = NULL, ++ *ldap_tls_randfile = NULL; ++#endif ++static struct ldap_config_stack *ldap_stack = NULL; ++ ++typedef struct ldap_dn_node { ++ struct ldap_dn_node *next; ++ size_t refs; ++ char *dn; ++} ldap_dn_node; ++ ++static ldap_dn_node *ldap_service_dn_head = NULL; ++static ldap_dn_node *ldap_service_dn_tail = NULL; ++ ++ ++static char * ++x_strncat(char *dst, const char *src, size_t dst_size) ++{ ++ size_t len = strlen(dst); ++ return strncat(dst, src, dst_size > len ? dst_size - len - 1: 0); ++} ++ ++static void ++ldap_parse_class (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || ++ tempbv[0] == NULL) ++ { ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ x_strncat (cfile->inbuf, "class \"", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); ++ ++ item->close_brace = 1; ++ ldap_value_free_len (tempbv); ++} ++ ++ ++static void ++ldap_parse_subclass (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv, **classdata; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || ++ tempbv[0] == NULL) ++ { ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ if ((classdata = ldap_get_values_len (ld, item->ldent, ++ "dhcpClassData")) == NULL || ++ classdata[0] == NULL) ++ { ++ if (classdata != NULL) ++ ldap_value_free_len (classdata); ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ x_strncat (cfile->inbuf, "subclass ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, classdata[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ ++ item->close_brace = 1; ++ ldap_value_free_len (tempbv); ++ ldap_value_free_len (classdata); ++} ++ ++ ++static void ++ldap_parse_host (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv, **hwaddr; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || ++ tempbv[0] == NULL) ++ { ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ hwaddr = ldap_get_values_len (ld, item->ldent, "dhcpHWAddress"); ++ ++ x_strncat (cfile->inbuf, "host ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ ++ if (hwaddr != NULL && hwaddr[0] != NULL) ++ { ++ x_strncat (cfile->inbuf, " {\nhardware ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, hwaddr[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (hwaddr); ++ } ++ ++ item->close_brace = 1; ++ ldap_value_free_len (tempbv); ++} ++ ++ ++static void ++ldap_parse_shared_network (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || ++ tempbv[0] == NULL) ++ { ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ x_strncat (cfile->inbuf, "shared-network \"", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); ++ ++ item->close_brace = 1; ++ ldap_value_free_len (tempbv); ++} ++ ++ ++static void ++parse_netmask (int netmask, char *netmaskbuf) ++{ ++ unsigned long nm; ++ int i; ++ ++ nm = 0; ++ for (i=1; i <= netmask; i++) ++ { ++ nm |= 1 << (32 - i); ++ } ++ ++ sprintf (netmaskbuf, "%d.%d.%d.%d", (int) (nm >> 24) & 0xff, ++ (int) (nm >> 16) & 0xff, ++ (int) (nm >> 8) & 0xff, ++ (int) nm & 0xff); ++} ++ ++ ++static void ++ldap_parse_subnet (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv, **netmaskstr; ++ char netmaskbuf[16]; ++ int i; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL || ++ tempbv[0] == NULL) ++ { ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ if ((netmaskstr = ldap_get_values_len (ld, item->ldent, ++ "dhcpNetmask")) == NULL || ++ netmaskstr[0] == NULL) ++ { ++ if (netmaskstr != NULL) ++ ldap_value_free_len (netmaskstr); ++ ldap_value_free_len (tempbv); ++ ++ return; ++ } ++ ++ x_strncat (cfile->inbuf, "subnet ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ ++ x_strncat (cfile->inbuf, " netmask ", LDAP_BUFFER_SIZE); ++ parse_netmask (strtol (netmaskstr[0]->bv_val, NULL, 10), netmaskbuf); ++ x_strncat (cfile->inbuf, netmaskbuf, LDAP_BUFFER_SIZE); ++ ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ ++ ldap_value_free_len (tempbv); ++ ldap_value_free_len (netmaskstr); ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange")) != NULL) ++ { ++ for (i=0; tempbv[i] != NULL; i++) ++ { ++ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ } ++ } ++ ++ item->close_brace = 1; ++} ++ ++ ++static void ++ldap_parse_pool (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv; ++ int i; ++ ++ x_strncat (cfile->inbuf, "pool {\n", LDAP_BUFFER_SIZE); ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); ++ for (i=0; tempbv[i] != NULL; i++) ++ { ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE); ++ } ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpPermitList")) != NULL) ++ { ++ for (i=0; tempbv[i] != NULL; i++) ++ { ++ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ } ++ ldap_value_free_len (tempbv); ++ } ++ ++ item->close_brace = 1; ++} ++ ++ ++static void ++ldap_parse_group (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ x_strncat (cfile->inbuf, "group {\n", LDAP_BUFFER_SIZE); ++ item->close_brace = 1; ++} ++ ++ ++static void ++ldap_parse_key (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ struct berval **tempbv; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "key ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeyAlgorithm")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "algorithm ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeySecret")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "secret ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ item->close_brace = 1; ++} ++ ++ ++static void ++ldap_parse_zone (struct ldap_config_stack *item, struct parse *cfile) ++{ ++ char *cnFindStart, *cnFindEnd; ++ struct berval **tempbv; ++ char *keyCn; ++ size_t len; ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "zone ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpDnsZoneServer")) != NULL) ++ { ++ x_strncat (cfile->inbuf, "primary ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE); ++ ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeyDN")) != NULL) ++ { ++ cnFindStart = strchr(tempbv[0]->bv_val,'='); ++ if (cnFindStart != NULL) ++ cnFindEnd = strchr(++cnFindStart,','); ++ else ++ cnFindEnd = NULL; ++ ++ if (cnFindEnd != NULL && cnFindEnd > cnFindStart) ++ { ++ len = cnFindEnd - cnFindStart; ++ keyCn = dmalloc (len + 1, MDL); ++ } ++ else ++ { ++ len = 0; ++ keyCn = NULL; ++ } ++ ++ if (keyCn != NULL) ++ { ++ strncpy (keyCn, cnFindStart, len); ++ keyCn[len] = '\0'; ++ ++ x_strncat (cfile->inbuf, "key ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, keyCn, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ ++ dfree (keyCn, MDL); ++ } ++ ++ ldap_value_free_len (tempbv); ++ } ++ ++ item->close_brace = 1; ++} ++ ++ ++static void ++add_to_config_stack (LDAPMessage * res, LDAPMessage * ent) ++{ ++ struct ldap_config_stack *ns; ++ ++ ns = dmalloc (sizeof (*ns), MDL); ++ ns->res = res; ++ ns->ldent = ent; ++ ns->close_brace = 0; ++ ns->processed = 0; ++ ns->next = ldap_stack; ++ ldap_stack = ns; ++} ++ ++ ++static void ++ldap_stop() ++{ ++ struct sigaction old, new; ++ ++ if (ld == NULL) ++ return; ++ ++ /* ++ ** ldap_unbind after a LDAP_SERVER_DOWN result ++ ** causes a SIGPIPE and dhcpd gets terminated, ++ ** since it doesn't handle it... ++ */ ++ ++ new.sa_flags = 0; ++ new.sa_handler = SIG_IGN; ++ sigemptyset (&new.sa_mask); ++ sigaction (SIGPIPE, &new, &old); ++ ++ ldap_unbind_ext_s (ld, NULL, NULL); ++ ld = NULL; ++ ++ sigaction (SIGPIPE, &old, &new); ++} ++ ++ ++static char * ++_do_lookup_dhcp_string_option (struct option_state *options, int option_name) ++{ ++ struct option_cache *oc; ++ struct data_string db; ++ char *ret; ++ ++ memset (&db, 0, sizeof (db)); ++ oc = lookup_option (&server_universe, options, option_name); ++ if (oc && ++ evaluate_option_cache (&db, (struct packet*) NULL, ++ (struct lease *) NULL, ++ (struct client_state *) NULL, options, ++ (struct option_state *) NULL, ++ &global_scope, oc, MDL) && ++ db.data != NULL && *db.data != '\0') ++ ++ { ++ ret = dmalloc (db.len + 1, MDL); ++ if (ret == NULL) ++ log_fatal ("no memory for ldap option %d value", option_name); ++ ++ memcpy (ret, db.data, db.len); ++ ret[db.len] = 0; ++ data_string_forget (&db, MDL); ++ } ++ else ++ ret = NULL; ++ ++ return (ret); ++} ++ ++ ++static int ++_do_lookup_dhcp_int_option (struct option_state *options, int option_name) ++{ ++ struct option_cache *oc; ++ struct data_string db; ++ int ret; ++ ++ memset (&db, 0, sizeof (db)); ++ oc = lookup_option (&server_universe, options, option_name); ++ if (oc && ++ evaluate_option_cache (&db, (struct packet*) NULL, ++ (struct lease *) NULL, ++ (struct client_state *) NULL, options, ++ (struct option_state *) NULL, ++ &global_scope, oc, MDL) && ++ db.data != NULL && *db.data != '\0') ++ { ++ ret = strtol ((const char *) db.data, NULL, 10); ++ data_string_forget (&db, MDL); ++ } ++ else ++ ret = 0; ++ ++ return (ret); ++} ++ ++ ++static int ++_do_lookup_dhcp_enum_option (struct option_state *options, int option_name) ++{ ++ struct option_cache *oc; ++ struct data_string db; ++ int ret = -1; ++ ++ memset (&db, 0, sizeof (db)); ++ oc = lookup_option (&server_universe, options, option_name); ++ if (oc && ++ evaluate_option_cache (&db, (struct packet*) NULL, ++ (struct lease *) NULL, ++ (struct client_state *) NULL, options, ++ (struct option_state *) NULL, ++ &global_scope, oc, MDL) && ++ db.data != NULL && *db.data != '\0') ++ { ++ if (db.len == 1) ++ ret = db.data [0]; ++ else ++ log_fatal ("invalid option name %d", option_name); ++ ++ data_string_forget (&db, MDL); ++ } ++ else ++ ret = 0; ++ ++ return (ret); ++} ++ ++int ++ldap_rebind_cb (LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *parms) ++{ ++ int ret; ++ LDAPURLDesc *ldapurl = NULL; ++ char *who = NULL; ++ struct berval creds; ++ ++ log_info("LDAP rebind to '%s'", url); ++ if ((ret = ldap_url_parse(url, &ldapurl)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Can not parse ldap rebind url '%s': %s", ++ url, ldap_err2string(ret)); ++ return ret; ++ } ++ ++ ++#if defined (USE_SSL) ++ if (strcasecmp(ldapurl->lud_scheme, "ldaps") == 0) ++ { ++ int opt = LDAP_OPT_X_TLS_HARD; ++ if ((ret = ldap_set_option (ld, LDAP_OPT_X_TLS, &opt)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot init LDAPS session to %s:%d: %s", ++ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret)); ++ return ret; ++ } ++ else ++ { ++ log_info ("LDAPS session successfully enabled to %s", ldap_server); ++ } ++ } ++ else ++ if (strcasecmp(ldapurl->lud_scheme, "ldap") == 0 && ++ ldap_use_ssl != LDAP_SSL_OFF) ++ { ++ if ((ret = ldap_start_tls_s (ld, NULL, NULL)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot start TLS session to %s:%d: %s", ++ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret)); ++ return ret; ++ } ++ else ++ { ++ log_info ("TLS session successfully started to %s:%d", ++ ldapurl->lud_host, ldapurl->lud_port); ++ } ++ } ++#endif ++ ++ ++ if (ldap_username != NULL || *ldap_username != '\0') ++ { ++ who = ldap_username; ++ creds.bv_val = strdup(ldap_password); ++ creds.bv_len = strlen(ldap_password); ++ } ++ ++ if ((ret = ldap_sasl_bind_s (ld, who, LDAP_SASL_SIMPLE, &creds, ++ NULL, NULL, NULL)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot login into ldap server %s:%d: %s", ++ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret)); ++ } ++ return ret; ++} ++ ++static void ++ldap_start (void) ++{ ++ struct option_state *options; ++ int ret, version; ++ char *uri = NULL; ++ struct berval creds; ++ ++ if (ld != NULL) ++ return; ++ ++ if (ldap_server == NULL) ++ { ++ options = NULL; ++ option_state_allocate (&options, MDL); ++ ++ execute_statements_in_scope ((struct binding_value **) NULL, ++ (struct packet *) NULL, (struct lease *) NULL, ++ (struct client_state *) NULL, (struct option_state *) NULL, ++ options, &global_scope, root_group, (struct group *) NULL); ++ ++ ldap_server = _do_lookup_dhcp_string_option (options, SV_LDAP_SERVER); ++ ldap_dhcp_server_cn = _do_lookup_dhcp_string_option (options, ++ SV_LDAP_DHCP_SERVER_CN); ++ ldap_port = _do_lookup_dhcp_int_option (options, SV_LDAP_PORT); ++ ldap_base_dn = _do_lookup_dhcp_string_option (options, SV_LDAP_BASE_DN); ++ ldap_method = _do_lookup_dhcp_enum_option (options, SV_LDAP_METHOD); ++ ldap_debug_file = _do_lookup_dhcp_string_option (options, ++ SV_LDAP_DEBUG_FILE); ++ ldap_referrals = _do_lookup_dhcp_enum_option (options, SV_LDAP_REFERRALS); ++ ++#if defined (USE_SSL) ++ ldap_use_ssl = _do_lookup_dhcp_enum_option (options, SV_LDAP_SSL); ++ if( ldap_use_ssl != LDAP_SSL_OFF) ++ { ++ ldap_tls_reqcert = _do_lookup_dhcp_enum_option (options, SV_LDAP_TLS_REQCERT); ++ ldap_tls_ca_file = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_CA_FILE); ++ ldap_tls_ca_dir = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_CA_DIR); ++ ldap_tls_cert = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_CERT); ++ ldap_tls_key = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_KEY); ++ ldap_tls_crlcheck = _do_lookup_dhcp_enum_option (options, SV_LDAP_TLS_CRLCHECK); ++ ldap_tls_ciphers = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_CIPHERS); ++ ldap_tls_randfile = _do_lookup_dhcp_string_option (options, SV_LDAP_TLS_RANDFILE); ++ } ++#endif ++ ++#if defined (LDAP_CASA_AUTH) ++ if (!load_uname_pwd_from_miCASA(&ldap_username,&ldap_password)) ++ { ++#if defined (DEBUG_LDAP) ++ log_info ("Authentication credential taken from file"); ++#endif ++#endif ++ ++ ldap_username = _do_lookup_dhcp_string_option (options, SV_LDAP_USERNAME); ++ ldap_password = _do_lookup_dhcp_string_option (options, SV_LDAP_PASSWORD); ++ ++#if defined (LDAP_CASA_AUTH) ++ } ++#endif ++ ++ option_state_dereference (&options, MDL); ++ } ++ ++ if (ldap_server == NULL || ldap_base_dn == NULL) ++ { ++ log_info ("Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file"); ++ ldap_method = LDAP_METHOD_STATIC; ++ return; ++ } ++ ++ if (ldap_debug_file != NULL && ldap_debug_fd == -1) ++ { ++ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY, ++ S_IRUSR | S_IWUSR)) < 0) ++ log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file, ++ strerror (errno)); ++ } ++ ++#if defined (DEBUG_LDAP) ++ log_info ("Connecting to LDAP server %s:%d", ldap_server, ldap_port); ++#endif ++ ++#if defined (USE_SSL) ++ if (ldap_use_ssl == -1) ++ { ++ /* ++ ** There was no "ldap-ssl" option in dhcpd.conf (also not "off"). ++ ** Let's try, if we can use an anonymous TLS session without to ++ ** verify the server certificate -- if not continue without TLS. ++ */ ++ int opt = LDAP_OPT_X_TLS_ALLOW; ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, ++ &opt)) != LDAP_SUCCESS) ++ { ++ log_error ("Warning: Cannot set LDAP TLS require cert option to 'allow': %s", ++ ldap_err2string (ret)); ++ } ++ } ++ ++ if (ldap_use_ssl != LDAP_SSL_OFF) ++ { ++ if (ldap_tls_reqcert != -1) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, ++ &ldap_tls_reqcert)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS require cert option: %s", ++ ldap_err2string (ret)); ++ } ++ } ++ ++ if( ldap_tls_ca_file != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_CACERTFILE, ++ ldap_tls_ca_file)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS CA certificate file %s: %s", ++ ldap_tls_ca_file, ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_ca_dir != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_CACERTDIR, ++ ldap_tls_ca_dir)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS CA certificate dir %s: %s", ++ ldap_tls_ca_dir, ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_cert != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_CERTFILE, ++ ldap_tls_cert)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS client certificate file %s: %s", ++ ldap_tls_cert, ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_key != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_KEYFILE, ++ ldap_tls_key)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS certificate key file %s: %s", ++ ldap_tls_key, ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_crlcheck != -1) ++ { ++ int opt = ldap_tls_crlcheck; ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_CRLCHECK, ++ &opt)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS crl check option: %s", ++ ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_ciphers != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, ++ ldap_tls_ciphers)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS cipher suite %s: %s", ++ ldap_tls_ciphers, ldap_err2string (ret)); ++ } ++ } ++ if( ldap_tls_randfile != NULL) ++ { ++ if ((ret = ldap_set_option (NULL, LDAP_OPT_X_TLS_RANDOM_FILE, ++ ldap_tls_randfile)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot set LDAP TLS random file %s: %s", ++ ldap_tls_randfile, ldap_err2string (ret)); ++ } ++ } ++ } ++#endif ++ ++ /* enough for 'ldap://+ + hostname + ':' + port number */ ++ uri = malloc(strlen(ldap_server) + 16); ++ if (uri == NULL) ++ { ++ log_error ("Cannot build ldap init URI %s:%d", ldap_server, ldap_port); ++ return; ++ } ++ ++ sprintf(uri,"ldap://%s:%d", ldap_server, ldap_port); ++ ldap_initialize(&ld, uri); ++ ++ if (ld == NULL) ++ { ++ log_error ("Cannot init ldap session to %s:%d", ldap_server, ldap_port); ++ return; ++ } ++ ++ free(uri); ++ ++ version = LDAP_VERSION3; ++ if ((ret = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version)) != LDAP_OPT_SUCCESS) ++ { ++ log_error ("Cannot set LDAP version to %d: %s", version, ++ ldap_err2string (ret)); ++ } ++ ++ if (ldap_referrals != -1) ++ { ++ if ((ret = ldap_set_option (ld, LDAP_OPT_REFERRALS, ldap_referrals ? ++ LDAP_OPT_ON : LDAP_OPT_OFF)) != LDAP_OPT_SUCCESS) ++ { ++ log_error ("Cannot %s LDAP referrals option: %s", ++ (ldap_referrals ? "enable" : "disable"), ++ ldap_err2string (ret)); ++ } ++ } ++ ++ if ((ret = ldap_set_rebind_proc(ld, ldap_rebind_cb, NULL)) != LDAP_SUCCESS) ++ { ++ log_error ("Warning: Cannot set ldap rebind procedure: %s", ++ ldap_err2string (ret)); ++ } ++ ++#if defined (USE_SSL) ++ if (ldap_use_ssl == LDAP_SSL_LDAPS || ++ (ldap_use_ssl == LDAP_SSL_ON && ldap_port == LDAPS_PORT)) ++ { ++ int opt = LDAP_OPT_X_TLS_HARD; ++ if ((ret = ldap_set_option (ld, LDAP_OPT_X_TLS, &opt)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot init LDAPS session to %s:%d: %s", ++ ldap_server, ldap_port, ldap_err2string (ret)); ++ ldap_stop(); ++ return; ++ } ++ else ++ { ++ log_info ("LDAPS session successfully enabled to %s:%d", ++ ldap_server, ldap_port); ++ } ++ } ++ else if (ldap_use_ssl != LDAP_SSL_OFF) ++ { ++ if ((ret = ldap_start_tls_s (ld, NULL, NULL)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot start TLS session to %s:%d: %s", ++ ldap_server, ldap_port, ldap_err2string (ret)); ++ ldap_stop(); ++ return; ++ } ++ else ++ { ++ log_info ("TLS session successfully started to %s:%d", ++ ldap_server, ldap_port); ++ } ++ } ++#endif ++ ++ if (ldap_username != NULL && *ldap_username != '\0') ++ { ++ creds.bv_val = strdup(ldap_password); ++ creds.bv_len = strlen(ldap_password); ++ ++ if ((ret == ldap_sasl_bind_s (ld, ldap_username, LDAP_SASL_SIMPLE, ++ &creds, NULL, NULL, NULL)) != LDAP_SUCCESS) ++ { ++ log_error ("Error: Cannot login into ldap server %s:%d: %s", ++ ldap_server, ldap_port, ldap_err2string (ret)); ++ ldap_stop(); ++ return; ++ } ++ } ++ ++#if defined (DEBUG_LDAP) ++ log_info ("Successfully logged into LDAP server %s", ldap_server); ++#endif ++} ++ ++ ++static void ++parse_external_dns (LDAPMessage * ent) ++{ ++ char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN", ++ "dhcpGroupDN", "dhcpHostDN", "dhcpClassesDN", ++ "dhcpPoolDN", NULL}; ++ LDAPMessage * newres, * newent; ++ struct berval **tempbv; ++ int i, j, ret; ++#if defined (DEBUG_LDAP) ++ char *dn; ++ ++ dn = ldap_get_dn (ld, ent); ++ if (dn != NULL) ++ { ++ log_info ("Parsing external DNs for '%s'", dn); ++ ldap_memfree (dn); ++ } ++#endif ++ ++ if (ld == NULL) ++ ldap_start (); ++ if (ld == NULL) ++ return; ++ ++ for (i=0; search[i] != NULL; i++) ++ { ++ if ((tempbv = ldap_get_values_len (ld, ent, search[i])) == NULL) ++ continue; ++ ++ for (j=0; tempbv[j] != NULL; j++) ++ { ++ if (*tempbv[j]->bv_val == '\0') ++ continue; ++ ++ if ((ret = ldap_search_ext_s(ld, tempbv[j]->bv_val, LDAP_SCOPE_BASE, ++ "objectClass=*", NULL, 0, NULL, ++ NULL, NULL, 0, &newres)) != LDAP_SUCCESS) ++ { ++ ldap_value_free_len (tempbv); ++ ldap_stop(); ++ return; ++ } ++ ++#if defined (DEBUG_LDAP) ++ log_info ("Adding contents of subtree '%s' to config stack from '%s' reference", tempbv[j], search[i]); ++#endif ++ for (newent = ldap_first_entry (ld, newres); ++ newent != NULL; ++ newent = ldap_next_entry (ld, newent)) ++ { ++#if defined (DEBUG_LDAP) ++ dn = ldap_get_dn (ld, newent); ++ if (dn != NULL) ++ { ++ log_info ("Adding LDAP result set starting with '%s' to config stack", dn); ++ ldap_memfree (dn); ++ } ++#endif ++ ++ add_to_config_stack (newres, newent); ++ /* don't free newres here */ ++ } ++ } ++ ++ ldap_value_free_len (tempbv); ++ } ++} ++ ++ ++static void ++free_stack_entry (struct ldap_config_stack *item) ++{ ++ struct ldap_config_stack *look_ahead_pointer = item; ++ int may_free_msg = 1; ++ ++ while (look_ahead_pointer->next != NULL) ++ { ++ look_ahead_pointer = look_ahead_pointer->next; ++ if (look_ahead_pointer->res == item->res) ++ { ++ may_free_msg = 0; ++ break; ++ } ++ } ++ ++ if (may_free_msg) ++ ldap_msgfree (item->res); ++ ++ dfree (item, MDL); ++} ++ ++ ++static void ++next_ldap_entry (struct parse *cfile) ++{ ++ struct ldap_config_stack *temp_stack; ++ ++ if (ldap_stack != NULL && ldap_stack->close_brace) ++ { ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ ldap_stack->close_brace = 0; ++ } ++ ++ while (ldap_stack != NULL && ++ (ldap_stack->ldent == NULL || ++ (ldap_stack->ldent = ldap_next_entry (ld, ldap_stack->ldent)) == NULL)) ++ { ++ if (ldap_stack->close_brace) ++ { ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ ldap_stack->close_brace = 0; ++ } ++ ++ temp_stack = ldap_stack; ++ ldap_stack = ldap_stack->next; ++ free_stack_entry (temp_stack); ++ } ++ ++ if (ldap_stack != NULL && ldap_stack->close_brace) ++ { ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ ldap_stack->close_brace = 0; ++ } ++} ++ ++ ++static char ++check_statement_end (const char *statement) ++{ ++ char *ptr; ++ ++ if (statement == NULL || *statement == '\0') ++ return ('\0'); ++ ++ /* ++ ** check if it ends with "}", e.g.: ++ ** "zone my.domain. { ... }" ++ ** optionally followed by spaces ++ */ ++ ptr = strrchr (statement, '}'); ++ if (ptr != NULL) ++ { ++ /* skip following white-spaces */ ++ for (++ptr; isspace ((int)*ptr); ptr++); ++ ++ /* check if we reached the end */ ++ if (*ptr == '\0') ++ return ('}'); /* yes, block end */ ++ else ++ return (*ptr); ++ } ++ ++ /* ++ ** this should not happen, but... ++ ** check if it ends with ";", e.g.: ++ ** "authoritative;" ++ ** optionally followed by spaces ++ */ ++ ptr = strrchr (statement, ';'); ++ if (ptr != NULL) ++ { ++ /* skip following white-spaces */ ++ for (++ptr; isspace ((int)*ptr); ptr++); ++ ++ /* check if we reached the end */ ++ if (*ptr == '\0') ++ return (';'); /* ends with a ; */ ++ else ++ return (*ptr); ++ } ++ ++ return ('\0'); ++} ++ ++ ++static isc_result_t ++ldap_parse_entry_options (LDAPMessage *ent, char *buffer, size_t size, ++ int *lease_limit) ++{ ++ struct berval **tempbv; ++ int i; ++ ++ if (ent == NULL || buffer == NULL || size == 0) ++ return (ISC_R_FAILURE); ++ ++ if ((tempbv = ldap_get_values_len (ld, ent, "dhcpStatements")) != NULL) ++ { ++ for (i=0; tempbv[i] != NULL; i++) ++ { ++ if (lease_limit != NULL && ++ strncasecmp ("lease limit ", tempbv[i]->bv_val, 12) == 0) ++ { ++ *lease_limit = (int) strtol ((tempbv[i]->bv_val) + 12, NULL, 10); ++ continue; ++ } ++ ++ x_strncat (buffer, tempbv[i]->bv_val, size); ++ ++ switch((int) check_statement_end (tempbv[i]->bv_val)) ++ { ++ case '}': ++ case ';': ++ x_strncat (buffer, "\n", size); ++ break; ++ default: ++ x_strncat (buffer, ";\n", size); ++ break; ++ } ++ } ++ ldap_value_free_len (tempbv); ++ } ++ ++ if ((tempbv = ldap_get_values_len (ld, ent, "dhcpOption")) != NULL) ++ { ++ for (i=0; tempbv[i] != NULL; i++) ++ { ++ x_strncat (buffer, "option ", size); ++ x_strncat (buffer, tempbv[i]->bv_val, size); ++ switch ((int) check_statement_end (tempbv[i]->bv_val)) ++ { ++ case ';': ++ x_strncat (buffer, "\n", size); ++ break; ++ default: ++ x_strncat (buffer, ";\n", size); ++ break; ++ } ++ } ++ ldap_value_free_len (tempbv); ++ } ++ ++ return (ISC_R_SUCCESS); ++} ++ ++ ++static void ++ldap_generate_config_string (struct parse *cfile) ++{ ++ struct berval **objectClass; ++ char *dn; ++ struct ldap_config_stack *entry; ++ LDAPMessage * ent, * res; ++ int i, ignore, found; ++ int ret; ++ ++ if (ld == NULL) ++ ldap_start (); ++ if (ld == NULL) ++ return; ++ ++ entry = ldap_stack; ++ if ((objectClass = ldap_get_values_len (ld, entry->ldent, ++ "objectClass")) == NULL) ++ return; ++ ++ ignore = 0; ++ found = 1; ++ for (i=0; objectClass[i] != NULL; i++) ++ { ++ if (strcasecmp (objectClass[i]->bv_val, "dhcpSharedNetwork") == 0) ++ ldap_parse_shared_network (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpClass") == 0) ++ ldap_parse_class (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubnet") == 0) ++ ldap_parse_subnet (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpPool") == 0) ++ ldap_parse_pool (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpGroup") == 0) ++ ldap_parse_group (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpTSigKey") == 0) ++ ldap_parse_key (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpDnsZone") == 0) ++ ldap_parse_zone (entry, cfile); ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpHost") == 0) ++ { ++ if (ldap_method == LDAP_METHOD_STATIC) ++ ldap_parse_host (entry, cfile); ++ else ++ { ++ ignore = 1; ++ break; ++ } ++ } ++ else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubClass") == 0) ++ { ++ if (ldap_method == LDAP_METHOD_STATIC) ++ ldap_parse_subclass (entry, cfile); ++ else ++ { ++ ignore = 1; ++ break; ++ } ++ } ++ else ++ found = 0; ++ ++ if (found && cfile->inbuf[0] == '\0') ++ { ++ ignore = 1; ++ break; ++ } ++ } ++ ++ ldap_value_free_len (objectClass); ++ ++ if (ignore) ++ { ++ next_ldap_entry (cfile); ++ return; ++ } ++ ++ ldap_parse_entry_options(entry->ldent, cfile->inbuf, ++ LDAP_BUFFER_SIZE-1, NULL); ++ ++ dn = ldap_get_dn (ld, entry->ldent); ++ ++#if defined(DEBUG_LDAP) ++ if (dn != NULL) ++ log_info ("Found LDAP entry '%s'", dn); ++#endif ++ ++ if (dn == NULL || ++ (ret = ldap_search_ext_s (ld, dn, LDAP_SCOPE_ONELEVEL, ++ "objectClass=*", NULL, 0, NULL, NULL, ++ NULL, 0, &res)) != LDAP_SUCCESS) ++ { ++ if (dn) ++ ldap_memfree (dn); ++ ++ ldap_stop(); ++ return; ++ } ++ ++ ldap_memfree (dn); ++ ++ if ((ent = ldap_first_entry (ld, res)) != NULL) ++ { ++ add_to_config_stack (res, ent); ++ parse_external_dns (entry->ldent); ++ } ++ else ++ { ++ ldap_msgfree (res); ++ parse_external_dns (entry->ldent); ++ next_ldap_entry (cfile); ++ } ++} ++ ++ ++static void ++ldap_close_debug_fd() ++{ ++ if (ldap_debug_fd != -1) ++ { ++ close (ldap_debug_fd); ++ ldap_debug_fd = -1; ++ } ++} ++ ++ ++static void ++ldap_write_debug (const void *buff, size_t size) ++{ ++ if (ldap_debug_fd != -1) ++ { ++ if (write (ldap_debug_fd, buff, size) < 0) ++ { ++ log_error ("Error writing to LDAP debug file %s: %s." ++ " Disabling log file.", ldap_debug_file, ++ strerror (errno)); ++ ldap_close_debug_fd(); ++ } ++ } ++} ++ ++static int ++ldap_read_function (struct parse *cfile) ++{ ++ cfile->inbuf[0] = '\0'; ++ cfile->buflen = 0; ++ ++ while (ldap_stack != NULL && *cfile->inbuf == '\0') ++ ldap_generate_config_string (cfile); ++ ++ if (ldap_stack == NULL && *cfile->inbuf == '\0') ++ return (EOF); ++ ++ cfile->bufix = 1; ++ cfile->buflen = strlen (cfile->inbuf); ++ if (cfile->buflen > 0) ++ ldap_write_debug (cfile->inbuf, cfile->buflen); ++ ++#if defined (DEBUG_LDAP) ++ log_info ("Sending config line '%s'", cfile->inbuf); ++#endif ++ ++ return (cfile->inbuf[0]); ++} ++ ++ ++static char * ++ldap_get_host_name (LDAPMessage * ent) ++{ ++ struct berval **name; ++ char *ret; ++ ++ ret = NULL; ++ if ((name = ldap_get_values_len (ld, ent, "cn")) == NULL || name[0] == NULL) ++ { ++ if (name != NULL) ++ ldap_value_free_len (name); ++ ++#if defined (DEBUG_LDAP) ++ ret = ldap_get_dn (ld, ent); ++ if (ret != NULL) ++ { ++ log_info ("Cannot get cn attribute for LDAP entry %s", ret); ++ ldap_memfree(ret); ++ } ++#endif ++ return (NULL); ++ } ++ ++ ret = dmalloc (strlen (name[0]->bv_val) + 1, MDL); ++ strcpy (ret, name[0]->bv_val); ++ ldap_value_free_len (name); ++ ++ return (ret); ++} ++ ++ ++static int ++getfqhostname(char *fqhost, size_t size) ++{ ++#if defined(MAXHOSTNAMELEN) ++ char hname[MAXHOSTNAMELEN]; ++#else ++ char hname[65]; ++#endif ++ struct hostent *hp; ++ ++ if(NULL == fqhost || 1 >= size) ++ return -1; ++ ++ memset(hname, 0, sizeof(hname)); ++ if( gethostname(hname, sizeof(hname)-1)) ++ return -1; ++ ++ if(NULL == (hp = gethostbyname(hname))) ++ return -1; ++ ++ strncpy(fqhost, hp->h_name, size-1); ++ fqhost[size-1] = '\0'; ++ return 0; ++} ++ ++ ++isc_result_t ++ldap_read_config (void) ++{ ++ LDAPMessage * ldres, * hostres, * ent, * hostent; ++ char hfilter[1024], sfilter[1024], fqdn[257]; ++ char *buffer, *hostdn; ++ ldap_dn_node *curr = NULL; ++ struct parse *cfile; ++ struct utsname unme; ++ isc_result_t res; ++ size_t length; ++ int ret, cnt; ++ struct berval **tempbv = NULL; ++ ++ if (ld == NULL) ++ ldap_start (); ++ if (ld == NULL) ++ return (ldap_server == NULL ? ISC_R_SUCCESS : ISC_R_FAILURE); ++ ++ buffer = dmalloc (LDAP_BUFFER_SIZE+1, MDL); ++ if (buffer == NULL) ++ return (ISC_R_FAILURE); ++ ++ cfile = (struct parse *) NULL; ++ res = new_parse (&cfile, -1, buffer, LDAP_BUFFER_SIZE, "LDAP", 0); ++ if (res != ISC_R_SUCCESS) ++ return (res); ++ ++ uname (&unme); ++ if (ldap_dhcp_server_cn != NULL) ++ { ++ snprintf (hfilter, sizeof (hfilter), ++ "(&(objectClass=dhcpServer)(cn=%s))", ldap_dhcp_server_cn); ++ } ++ else ++ { ++ if(0 == getfqhostname(fqdn, sizeof(fqdn))) ++ { ++ snprintf (hfilter, sizeof (hfilter), ++ "(&(objectClass=dhcpServer)(|(cn=%s)(cn=%s)))", ++ unme.nodename, fqdn); ++ } ++ else ++ { ++ snprintf (hfilter, sizeof (hfilter), ++ "(&(objectClass=dhcpServer)(cn=%s))", unme.nodename); ++ } ++ ++ } ++ hostres = NULL; ++ if ((ret = ldap_search_ext_s (ld, ldap_base_dn, LDAP_SCOPE_SUBTREE, ++ hfilter, NULL, 0, NULL, NULL, NULL, 0, ++ &hostres)) != LDAP_SUCCESS) ++ { ++ log_error ("Cannot find host LDAP entry %s %s", ++ ((ldap_dhcp_server_cn == NULL)?(unme.nodename):(ldap_dhcp_server_cn)), hfilter); ++ if(NULL != hostres) ++ ldap_msgfree (hostres); ++ ldap_stop(); ++ return (ISC_R_FAILURE); ++ } ++ ++ if ((hostent = ldap_first_entry (ld, hostres)) == NULL) ++ { ++ log_error ("Error: Cannot find LDAP entry matching %s", hfilter); ++ ldap_msgfree (hostres); ++ ldap_stop(); ++ return (ISC_R_FAILURE); ++ } ++ ++ hostdn = ldap_get_dn (ld, hostent); ++#if defined(DEBUG_LDAP) ++ if (hostdn != NULL) ++ log_info ("Found dhcpServer LDAP entry '%s'", hostdn); ++#endif ++ ++ if (hostdn == NULL || ++ (tempbv = ldap_get_values_len (ld, hostent, "dhcpServiceDN")) == NULL || ++ tempbv[0] == NULL) ++ { ++ log_error ("Error: Cannot find LDAP entry matching %s", hfilter); ++ ++ if (tempbv != NULL) ++ ldap_value_free_len (tempbv); ++ ++ if (hostdn) ++ ldap_memfree (hostdn); ++ ldap_msgfree (hostres); ++ ldap_stop(); ++ return (ISC_R_FAILURE); ++ } ++ ++#if defined(DEBUG_LDAP) ++ log_info ("LDAP: Parsing dhcpServer options '%s' ...", hostdn); ++#endif ++ ++ cfile->inbuf[0] = '\0'; ++ ldap_parse_entry_options(hostent, cfile->inbuf, LDAP_BUFFER_SIZE, NULL); ++ cfile->buflen = strlen (cfile->inbuf); ++ if(cfile->buflen > 0) ++ { ++ ldap_write_debug (cfile->inbuf, cfile->buflen); ++ ++ res = conf_file_subparse (cfile, root_group, ROOT_GROUP); ++ if (res != ISC_R_SUCCESS) ++ { ++ log_error ("LDAP: cannot parse dhcpServer entry '%s'", hostdn); ++ ldap_memfree (hostdn); ++ ldap_stop(); ++ return res; ++ } ++ cfile->inbuf[0] = '\0'; ++ } ++ ldap_msgfree (hostres); ++ ++ /* ++ ** attach ldap (tree) read function now ++ */ ++ cfile->bufix = cfile->buflen = 0; ++ cfile->read_function = ldap_read_function; ++ ++ res = ISC_R_SUCCESS; ++ for (cnt=0; tempbv[cnt] != NULL; cnt++) ++ { ++ snprintf(sfilter, sizeof(sfilter), "(&(objectClass=dhcpService)" ++ "(|(dhcpPrimaryDN=%s)(dhcpSecondaryDN=%s)))", ++ hostdn, hostdn); ++ ldres = NULL; ++ if ((ret = ldap_search_ext_s (ld, tempbv[cnt]->bv_val, LDAP_SCOPE_BASE, ++ sfilter, NULL, 0, NULL, NULL, NULL, ++ 0, &ldres)) != LDAP_SUCCESS) ++ { ++ log_error ("Error searching for dhcpServiceDN '%s': %s. Please update the LDAP entry '%s'", ++ tempbv[cnt]->bv_val, ldap_err2string (ret), hostdn); ++ if(NULL != ldres) ++ ldap_msgfree(ldres); ++ res = ISC_R_FAILURE; ++ break; ++ } ++ ++ if ((ent = ldap_first_entry (ld, ldres)) == NULL) ++ { ++ log_error ("Error: Cannot find dhcpService DN '%s' with primary or secondary server reference. Please update the LDAP server entry '%s'", ++ tempbv[cnt]->bv_val, hostdn); ++ ++ ldap_msgfree(ldres); ++ res = ISC_R_FAILURE; ++ break; ++ } ++ ++ /* ++ ** FIXME: how to free the remembered dn's on exit? ++ ** This should be OK if dmalloc registers the ++ ** memory it allocated and frees it on exit.. ++ */ ++ ++ curr = dmalloc (sizeof (*curr), MDL); ++ if (curr != NULL) ++ { ++ length = strlen (tempbv[cnt]->bv_val); ++ curr->dn = dmalloc (length + 1, MDL); ++ if (curr->dn == NULL) ++ { ++ dfree (curr, MDL); ++ curr = NULL; ++ } ++ else ++ strcpy (curr->dn, tempbv[cnt]->bv_val); ++ } ++ ++ if (curr != NULL) ++ { ++ curr->refs++; ++ ++ /* append to service-dn list */ ++ if (ldap_service_dn_tail != NULL) ++ ldap_service_dn_tail->next = curr; ++ else ++ ldap_service_dn_head = curr; ++ ++ ldap_service_dn_tail = curr; ++ } ++ else ++ log_fatal ("no memory to remember ldap service dn"); ++ ++#if defined (DEBUG_LDAP) ++ log_info ("LDAP: Parsing dhcpService DN '%s' ...", tempbv[cnt]); ++#endif ++ add_to_config_stack (ldres, ent); ++ res = conf_file_subparse (cfile, root_group, ROOT_GROUP); ++ if (res != ISC_R_SUCCESS) ++ { ++ log_error ("LDAP: cannot parse dhcpService entry '%s'", tempbv[cnt]->bv_val); ++ break; ++ } ++ } ++ ++ end_parse (&cfile); ++ ldap_close_debug_fd(); ++ ++ ldap_memfree (hostdn); ++ ldap_value_free_len (tempbv); ++ ++ if (res != ISC_R_SUCCESS) ++ { ++ struct ldap_config_stack *temp_stack; ++ ++ while ((curr = ldap_service_dn_head) != NULL) ++ { ++ ldap_service_dn_head = curr->next; ++ dfree (curr->dn, MDL); ++ dfree (curr, MDL); ++ } ++ ++ ldap_service_dn_tail = NULL; ++ ++ while ((temp_stack = ldap_stack) != NULL) ++ { ++ ldap_stack = temp_stack->next; ++ free_stack_entry (temp_stack); ++ } ++ ++ ldap_stop(); ++ } ++ ++ /* Unbind from ldap immediately after reading config in static mode. */ ++ if (ldap_method == LDAP_METHOD_STATIC) ++ ldap_stop(); ++ ++ return (res); ++} ++ ++ ++/* This function will parse the dhcpOption and dhcpStatements field in the LDAP ++ entry if it exists. Right now, type will be either HOST_DECL or CLASS_DECL. ++ If we are parsing a HOST_DECL, this always returns 0. If we are parsing a ++ CLASS_DECL, this will return what the current lease limit is in LDAP. If ++ there is no lease limit specified, we return 0 */ ++ ++static int ++ldap_parse_options (LDAPMessage * ent, struct group *group, ++ int type, struct host_decl *host, ++ struct class **class) ++{ ++ int declaration, lease_limit; ++ char option_buffer[8192]; ++ enum dhcp_token token; ++ struct parse *cfile; ++ isc_result_t res; ++ const char *val; ++ ++ lease_limit = 0; ++ *option_buffer = '\0'; ++ ++ /* This block of code will try to find the parent of the host, and ++ if it is a group object, fetch the options and apply to the host. */ ++ if (type == HOST_DECL) ++ { ++ char *hostdn, *basedn, *temp1, *temp2, filter[1024]; ++ LDAPMessage *groupdn, *entry; ++ int ret; ++ ++ hostdn = ldap_get_dn (ld, ent); ++ if( hostdn != NULL) ++ { ++ basedn = NULL; ++ ++ temp1 = strchr (hostdn, '='); ++ if (temp1 != NULL) ++ temp1 = strchr (++temp1, '='); ++ if (temp1 != NULL) ++ temp2 = strchr (++temp1, ','); ++ else ++ temp2 = NULL; ++ ++ if (temp2 != NULL) ++ { ++ snprintf (filter, sizeof(filter), ++ "(&(cn=%.*s)(objectClass=dhcpGroup))", ++ (int)(temp2 - temp1), temp1); ++ ++ basedn = strchr (temp1, ','); ++ if (basedn != NULL) ++ ++basedn; ++ } ++ ++ if (basedn != NULL && *basedn != '\0') ++ { ++ ret = ldap_search_ext_s (ld, basedn, LDAP_SCOPE_SUBTREE, filter, ++ NULL, 0, NULL, NULL, NULL, 0, &groupdn); ++ if (ret == LDAP_SUCCESS) ++ { ++ if ((entry = ldap_first_entry (ld, groupdn)) != NULL) ++ { ++ res = ldap_parse_entry_options (entry, option_buffer, ++ sizeof(option_buffer) - 1, ++ &lease_limit); ++ if (res != ISC_R_SUCCESS) ++ { ++ /* reset option buffer discarding any results */ ++ *option_buffer = '\0'; ++ lease_limit = 0; ++ } ++ } ++ ldap_msgfree( groupdn); ++ } ++ } ++ ldap_memfree( hostdn); ++ } ++ } ++ ++ res = ldap_parse_entry_options (ent, option_buffer, sizeof(option_buffer) - 1, ++ &lease_limit); ++ if (res != ISC_R_SUCCESS) ++ return (lease_limit); ++ ++ option_buffer[sizeof(option_buffer) - 1] = '\0'; ++ if (*option_buffer == '\0') ++ return (lease_limit); ++ ++ cfile = (struct parse *) NULL; ++ res = new_parse (&cfile, -1, option_buffer, strlen (option_buffer), ++ type == HOST_DECL ? "LDAP-HOST" : "LDAP-SUBCLASS", 0); ++ if (res != ISC_R_SUCCESS) ++ return (lease_limit); ++ ++#if defined (DEBUG_LDAP) ++ log_info ("Sending the following options: '%s'", option_buffer); ++#endif ++ ++ declaration = 0; ++ do ++ { ++ token = peek_token (&val, NULL, cfile); ++ if (token == END_OF_FILE) ++ break; ++ declaration = parse_statement (cfile, group, type, host, declaration); ++ } while (1); ++ ++ end_parse (&cfile); ++ ++ return (lease_limit); ++} ++ ++ ++ ++int ++find_haddr_in_ldap (struct host_decl **hp, int htype, unsigned hlen, ++ const unsigned char *haddr, const char *file, int line) ++{ ++ char buf[128], *type_str; ++ LDAPMessage * res, *ent; ++ struct host_decl * host; ++ isc_result_t status; ++ ldap_dn_node *curr; ++ int ret; ++ ++ if (ldap_method == LDAP_METHOD_STATIC) ++ return (0); ++ ++ if (ld == NULL) ++ ldap_start (); ++ if (ld == NULL) ++ return (0); ++ ++ switch (htype) ++ { ++ case HTYPE_ETHER: ++ type_str = "ethernet"; ++ break; ++ case HTYPE_IEEE802: ++ type_str = "token-ring"; ++ break; ++ case HTYPE_FDDI: ++ type_str = "fddi"; ++ break; ++ default: ++ log_info ("Ignoring unknown type %d", htype); ++ return (0); ++ } ++ ++ /* ++ ** FIXME: It is not guaranteed, that the dhcpHWAddress attribute ++ ** contains _exactly_ "type addr" with one space between! ++ */ ++ snprintf (buf, sizeof (buf), ++ "(&(objectClass=dhcpHost)(dhcpHWAddress=%s %s))", ++ type_str, print_hw_addr (htype, hlen, haddr)); ++ ++ res = ent = NULL; ++ for (curr = ldap_service_dn_head; ++ curr != NULL && *curr->dn != '\0'; ++ curr = curr->next) ++ { ++#if defined (DEBUG_LDAP) ++ log_info ("Searching for %s in LDAP tree %s", buf, curr->dn); ++#endif ++ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL, 0, ++ NULL, NULL, NULL, 0, &res); ++ ++ if(ret == LDAP_SERVER_DOWN) ++ { ++ log_info ("LDAP server was down, trying to reconnect..."); ++ ++ ldap_stop(); ++ ldap_start(); ++ if(ld == NULL) ++ { ++ log_info ("LDAP reconnect failed - try again later..."); ++ return (0); ++ } ++ ++ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL, ++ 0, NULL, NULL, NULL, 0, &res); ++ } ++ ++ if (ret == LDAP_SUCCESS) ++ { ++ if( (ent = ldap_first_entry (ld, res)) != NULL) ++ break; /* search OK and have entry */ ++ ++#if defined (DEBUG_LDAP) ++ log_info ("No host entry for %s in LDAP tree %s", ++ buf, curr->dn); ++#endif ++ if(res) ++ { ++ ldap_msgfree (res); ++ res = NULL; ++ } ++ } ++ else ++ { ++ if(res) ++ { ++ ldap_msgfree (res); ++ res = NULL; ++ } ++ ++ if (ret != LDAP_NO_SUCH_OBJECT && ret != LDAP_SUCCESS) ++ { ++ log_error ("Cannot search for %s in LDAP tree %s: %s", buf, ++ curr->dn, ldap_err2string (ret)); ++ ldap_stop(); ++ return (0); ++ } ++#if defined (DEBUG_LDAP) ++ else ++ { ++ log_info ("ldap_search_ext_s returned %s when searching for %s in %s", ++ ldap_err2string (ret), buf, curr->dn); ++ } ++#endif ++ } ++ } ++ ++ if (res && ent) ++ { ++#if defined (DEBUG_LDAP) ++ char *dn = ldap_get_dn (ld, ent); ++ if (dn != NULL) ++ { ++ log_info ("Found dhcpHWAddress LDAP entry %s", dn); ++ ldap_memfree(dn); ++ } ++#endif ++ ++ host = (struct host_decl *)0; ++ status = host_allocate (&host, MDL); ++ if (status != ISC_R_SUCCESS) ++ { ++ log_fatal ("can't allocate host decl struct: %s", ++ isc_result_totext (status)); ++ ldap_msgfree (res); ++ return (0); ++ } ++ ++ host->name = ldap_get_host_name (ent); ++ if (host->name == NULL) ++ { ++ host_dereference (&host, MDL); ++ ldap_msgfree (res); ++ return (0); ++ } ++ ++ if (!clone_group (&host->group, root_group, MDL)) ++ { ++ log_fatal ("can't clone group for host %s", host->name); ++ host_dereference (&host, MDL); ++ ldap_msgfree (res); ++ return (0); ++ } ++ ++ ldap_parse_options (ent, host->group, HOST_DECL, host, NULL); ++ ++ *hp = host; ++ ldap_msgfree (res); ++ return (1); ++ } ++ ++ ++ if(res) ldap_msgfree (res); ++ return (0); ++} ++ ++ ++int ++find_subclass_in_ldap (struct class *class, struct class **newclass, ++ struct data_string *data) ++{ ++ LDAPMessage * res, * ent; ++ int ret, lease_limit; ++ isc_result_t status; ++ ldap_dn_node *curr; ++ char buf[1024]; ++ ++ if (ldap_method == LDAP_METHOD_STATIC) ++ return (0); ++ ++ if (ld == NULL) ++ ldap_start (); ++ if (ld == NULL) ++ return (0); ++ ++ snprintf (buf, sizeof (buf), ++ "(&(objectClass=dhcpSubClass)(cn=%s)(dhcpClassData=%s))", ++ print_hex_1 (data->len, data->data, 60), ++ print_hex_2 (strlen (class->name), (u_int8_t *) class->name, 60)); ++#if defined (DEBUG_LDAP) ++ log_info ("Searching LDAP for %s", buf); ++#endif ++ ++ res = ent = NULL; ++ for (curr = ldap_service_dn_head; ++ curr != NULL && *curr->dn != '\0'; ++ curr = curr->next) ++ { ++#if defined (DEBUG_LDAP) ++ log_info ("Searching for %s in LDAP tree %s", buf, curr->dn); ++#endif ++ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL, 0, ++ NULL, NULL, NULL, 0, &res); ++ ++ if(ret == LDAP_SERVER_DOWN) ++ { ++ log_info ("LDAP server was down, trying to reconnect..."); ++ ++ ldap_stop(); ++ ldap_start(); ++ ++ if(ld == NULL) ++ { ++ log_info ("LDAP reconnect failed - try again later..."); ++ return (0); ++ } ++ ++ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, ++ NULL, 0, NULL, NULL, NULL, 0, &res); ++ } ++ ++ if (ret == LDAP_SUCCESS) ++ { ++ if( (ent = ldap_first_entry (ld, res)) != NULL) ++ break; /* search OK and have entry */ ++ ++#if defined (DEBUG_LDAP) ++ log_info ("No subclass entry for %s in LDAP tree %s", ++ buf, curr->dn); ++#endif ++ if(res) ++ { ++ ldap_msgfree (res); ++ res = NULL; ++ } ++ } ++ else ++ { ++ if(res) ++ { ++ ldap_msgfree (res); ++ res = NULL; ++ } ++ ++ if (ret != LDAP_NO_SUCH_OBJECT && ret != LDAP_SUCCESS) ++ { ++ log_error ("Cannot search for %s in LDAP tree %s: %s", buf, ++ curr->dn, ldap_err2string (ret)); ++ ldap_stop(); ++ return (0); ++ } ++#if defined (DEBUG_LDAP) ++ else ++ { ++ log_info ("ldap_search_ext_s returned %s when searching for %s in %s", ++ ldap_err2string (ret), buf, curr->dn); ++ } ++#endif ++ } ++ } ++ ++ if (res && ent) ++ { ++#if defined (DEBUG_LDAP) ++ char *dn = ldap_get_dn (ld, ent); ++ if (dn != NULL) ++ { ++ log_info ("Found subclass LDAP entry %s", dn); ++ ldap_memfree(dn); ++ } ++#endif ++ ++ status = class_allocate (newclass, MDL); ++ if (status != ISC_R_SUCCESS) ++ { ++ log_error ("Cannot allocate memory for a new class"); ++ ldap_msgfree (res); ++ return (0); ++ } ++ ++ group_reference (&(*newclass)->group, class->group, MDL); ++ class_reference (&(*newclass)->superclass, class, MDL); ++ lease_limit = ldap_parse_options (ent, (*newclass)->group, ++ CLASS_DECL, NULL, newclass); ++ if (lease_limit == 0) ++ (*newclass)->lease_limit = class->lease_limit; ++ else ++ class->lease_limit = lease_limit; ++ ++ if ((*newclass)->lease_limit) ++ { ++ (*newclass)->billed_leases = ++ dmalloc ((*newclass)->lease_limit * sizeof (struct lease *), MDL); ++ if (!(*newclass)->billed_leases) ++ { ++ log_error ("no memory for billing"); ++ class_dereference (newclass, MDL); ++ ldap_msgfree (res); ++ return (0); ++ } ++ memset ((*newclass)->billed_leases, 0, ++ ((*newclass)->lease_limit * sizeof (*newclass)->billed_leases)); ++ } ++ ++ data_string_copy (&(*newclass)->hash_string, data, MDL); ++ ++ ldap_msgfree (res); ++ return (1); ++ } ++ ++ if(res) ldap_msgfree (res); ++ return (0); ++} ++ ++#endif +diff -urNad dhcp-3.1.0/server/ldap_casa.c dhcp3-3.1.0-ldap/server/ldap_casa.c +--- dhcp-3.1.0/server/ldap_casa.c 1970-01-01 01:00:00.000000000 +0100 ++++ dhcp3-3.1.0-ldap/server/ldap_casa.c 2008-02-08 13:15:12.000000000 +0100 +@@ -0,0 +1,138 @@ ++/* ldap_casa.c ++ ++ CASA routines for DHCPD... */ ++ ++/* Copyright (c) 2004 Internet Systems Consorium, Inc. ("ISC") ++ * Copyright (c) 1995-2003 Internet Software Consortium. ++ * Copyright (c) 2006 Novell, Inc. ++ ++ * All rights reserved. ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions are met: ++ * 1.Redistributions of source code must retain the above copyright notice, ++ * this list of conditions and the following disclaimer. ++ * 2.Redistributions in binary form must reproduce the above copyright notice, ++ * this list of conditions and the following disclaimer in the documentation ++ * and/or other materials provided with the distribution. ++ * 3.Neither the name of ISC, ISC DHCP, nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ ++ * THIS SOFTWARE IS PROVIDED BY INTERNET SYSTEMS CONSORTIUM AND CONTRIBUTORS ++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ++ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ISC OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, ++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ++ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++ * POSSIBILITY OF SUCH DAMAGE. ++ ++ * This file was written by S Kalyanasundaram ++ */ ++ ++#if defined(LDAP_CASA_AUTH) ++#include "ldap_casa.h" ++#include "dhcpd.h" ++ ++int ++load_casa (void) ++{ ++ if( !(casaIDK = dlopen(MICASA_LIB,RTLD_LAZY))) ++ return 0; ++ p_miCASAGetCredential = (CASA_GetCredential_T) dlsym(casaIDK, "miCASAGetCredential"); ++ p_miCASASetCredential = (CASA_SetCredential_T) dlsym(casaIDK, "miCASASetCredential"); ++ p_miCASARemoveCredential = (CASA_RemoveCredential_T) dlsym(casaIDK, "miCASARemoveCredential"); ++ ++ if((p_miCASAGetCredential == NULL) || ++ (p_miCASASetCredential == NULL) || ++ (p_miCASARemoveCredential == NULL)) ++ { ++ if(casaIDK) ++ dlclose(casaIDK); ++ casaIDK = NULL; ++ p_miCASAGetCredential = NULL; ++ p_miCASASetCredential = NULL; ++ p_miCASARemoveCredential = NULL; ++ return 0; ++ } ++ else ++ return 1; ++} ++ ++static void ++release_casa(void) ++{ ++ if(casaIDK) ++ { ++ dlclose(casaIDK); ++ casaIDK = NULL; ++ } ++ ++ p_miCASAGetCredential = NULL; ++ p_miCASASetCredential = NULL; ++ p_miCASARemoveCredential = NULL; ++ ++} ++ ++int ++load_uname_pwd_from_miCASA (char **ldap_username, char **ldap_password) ++ { ++ int result = 0; ++ uint32_t credentialtype = SSCS_CRED_TYPE_SERVER_F; ++ SSCS_BASIC_CREDENTIAL credential; ++ SSCS_SECRET_ID_T applicationSecretId; ++ char *tempVar = NULL; ++ ++ const char applicationName[10] = "dhcp-ldap"; ++ ++ if ( load_casa() ) ++ { ++ memset(&credential, 0, sizeof(SSCS_BASIC_CREDENTIAL)); ++ memset(&applicationSecretId, 0, sizeof(SSCS_SECRET_ID_T)); ++ ++ applicationSecretId.len = strlen(applicationName) + 1; ++ memcpy (applicationSecretId.id, applicationName, applicationSecretId.len); ++ ++ credential.unFlags = USERNAME_TYPE_CN_F; ++ ++ result = p_miCASAGetCredential (0, ++ &applicationSecretId,NULL,&credentialtype, ++ &credential,NULL); ++ ++ if(credential.unLen) ++ { ++ tempVar = dmalloc (credential.unLen + 1, MDL); ++ if (!tempVar) ++ log_fatal ("no memory for ldap_username"); ++ memcpy(tempVar , credential.username, credential.unLen); ++ *ldap_username = tempVar; ++ ++ tempVar = dmalloc (credential.pwordLen + 1, MDL); ++ if (!tempVar) ++ log_fatal ("no memory for ldap_password"); ++ memcpy(tempVar, credential.password, credential.pwordLen); ++ *ldap_password = tempVar; ++ ++ ++ log_info ("Authentication credential taken from CASA"); ++ ++ ++ release_casa(); ++ return 1; ++ ++ } ++ else ++ { ++ release_casa(); ++ return 0; ++ } ++ } ++ else ++ return 0; //casa libraries not loaded ++ } ++ ++#endif /* LDAP_CASA_AUTH */ ++ +diff -urNad dhcp-3.1.0/server/Makefile.dist dhcp3-3.1.0-ldap/server/Makefile.dist +--- dhcp-3.1.0/server/Makefile.dist 2006-07-25 15:26:00.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/Makefile.dist 2008-02-08 13:11:36.000000000 +0100 +@@ -25,15 +25,15 @@ + CATMANPAGES = dhcpd.cat8 dhcpd.conf.cat5 dhcpd.leases.cat5 + SEDMANPAGES = dhcpd.man8 dhcpd.conf.man5 dhcpd.leases.man5 + SRCS = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \ +- omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c ++ omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c ldap.c ldap_casa.c + OBJS = dhcpd.o dhcp.o bootp.o confpars.o db.o class.o failover.o \ +- omapi.o mdb.o stables.o salloc.o ddns.o dhcpleasequery.o ++ omapi.o mdb.o stables.o salloc.o ddns.o dhcpleasequery.o ldap.o ldap_casa.o + PROG = dhcpd + MAN = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5 + + INCLUDES = -I$(TOP) $(BINDINC) -I$(TOP)/includes +-DHCPLIB = ../common/libdhcp.a $(BINDLIB) ../omapip/libomapi.a ../dst/libdst.a +-CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) ++DHCPLIB = ../common/libdhcp.a $(BINDLIB) ../omapip/libomapi.a ../dst/libdst-nomd5.a ++CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) -DDEBUG_LDAP + + all: $(PROG) $(CATMANPAGES) + +@@ -106,6 +106,6 @@ + -e "s#RUNDIR#$(VARRUN)#g" < dhcpd.leases.5 >dhcpd.leases.man5 + + dhcpd: $(OBJS) $(COBJ) $(DHCPLIB) +- $(CC) $(LFLAGS) -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS) ++ $(CC) $(LFLAGS) -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS) -lcrypto -lldap -llber + + # Dependencies (semi-automatically-generated) +diff -urNad dhcp-3.1.0/server/mdb.c dhcp3-3.1.0-ldap/server/mdb.c +--- dhcp-3.1.0/server/mdb.c 2007-06-08 20:57:02.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/mdb.c 2008-02-08 11:36:22.000000000 +0100 +@@ -454,6 +454,12 @@ + { + struct host_decl *foo; + struct hardware h; ++ int ret; ++ ++#if defined(LDAP_CONFIGURATION) ++ if ((ret = find_haddr_in_ldap (hp, htype, hlen, haddr, file, line))) ++ return ret; ++#endif + + h.hlen = hlen + 1; + h.hbuf [0] = htype; +diff -urNad dhcp-3.1.0/server/stables.c dhcp3-3.1.0-ldap/server/stables.c +--- dhcp-3.1.0/server/stables.c 2007-04-28 00:48:10.000000000 +0200 ++++ dhcp3-3.1.0-ldap/server/stables.c 2008-02-08 11:36:22.000000000 +0100 +@@ -238,9 +238,107 @@ + { "adaptive-lease-time-threshold", "B", &server_universe, 50, 1 }, + { "do-reverse-updates", "f", &server_universe, 51, 1 }, + { "fqdn-reply", "f", &server_universe, 52, 1 }, ++#if defined(LDAP_CONFIGURATION) ++ { "ldap-server", "t", &server_universe, 53 }, ++ { "ldap-port", "d", &server_universe, 54 }, ++ { "ldap-username", "t", &server_universe, 55 }, ++ { "ldap-password", "t", &server_universe, 56 }, ++ { "ldap-base-dn", "t", &server_universe, 57 }, ++ { "ldap-method", "Nldap-methods.", &server_universe, 58 }, ++ { "ldap-debug-file", "t", &server_universe, 59 }, ++ { "ldap-dhcp-server-cn", "t", &server_universe, 60 }, ++ { "ldap-referrals", "f", &server_universe, 61 }, ++#if defined(USE_SSL) ++ { "ldap-ssl", "Nldap-ssl-usage.", &server_universe, 62 }, ++ { "ldap-tls-reqcert", "Nldap-tls-reqcert.", &server_universe, 63 }, ++ { "ldap-tls-ca-file", "t", &server_universe, 64 }, ++ { "ldap-tls-ca-dir", "t", &server_universe, 65 }, ++ { "ldap-tls-cert", "t", &server_universe, 66 }, ++ { "ldap-tls-key", "t", &server_universe, 67 }, ++ { "ldap-tls-crlcheck", "Nldap-tls-crlcheck.", &server_universe, 68 }, ++ { "ldap-tls-ciphers", "t", &server_universe, 69 }, ++ { "ldap-tls-randfile", "t", &server_universe, 70 }, ++#else ++ { "unknown-62", "X", &server_universe, 62 }, ++ { "unknown-63", "X", &server_universe, 63 }, ++ { "unknown-64", "X", &server_universe, 64 }, ++ { "unknown-65", "X", &server_universe, 65 }, ++ { "unknown-66", "X", &server_universe, 66 }, ++ { "unknown-67", "X", &server_universe, 67 }, ++ { "unknown-68", "X", &server_universe, 68 }, ++ { "unknown-69", "X", &server_universe, 69 }, ++ { "unknown-70", "X", &server_universe, 70 }, ++#endif ++#else ++ { "unknown-53", "X", &server_universe, 53 }, ++ { "unknown-54", "X", &server_universe, 54 }, ++ { "unknown-55", "X", &server_universe, 55 }, ++ { "unknown-56", "X", &server_universe, 56 }, ++ { "unknown-57", "X", &server_universe, 57 }, ++ { "unknown-58", "X", &server_universe, 58 }, ++ { "unknown-59", "X", &server_universe, 59 }, ++ { "unknown-60", "X", &server_universe, 60 }, ++ { "unknown-61", "X", &server_universe, 61 }, ++#endif + { NULL, NULL, NULL, 0, 0 } + }; + ++#if defined(LDAP_CONFIGURATION) ++struct enumeration_value ldap_values [] = { ++ { "static", LDAP_METHOD_STATIC }, ++ { "dynamic", LDAP_METHOD_DYNAMIC }, ++ { (char *) 0, 0 } ++}; ++ ++struct enumeration ldap_methods = { ++ (struct enumeration *)0, ++ "ldap-methods", ++ ldap_values ++}; ++ ++#if defined(USE_SSL) ++struct enumeration_value ldap_ssl_usage_values [] = { ++ { "off", LDAP_SSL_OFF }, ++ { "on",LDAP_SSL_ON }, ++ { "ldaps", LDAP_SSL_LDAPS }, ++ { "start_tls", LDAP_SSL_TLS }, ++ { (char *) 0, 0 } ++}; ++ ++struct enumeration ldap_ssl_usage_enum = { ++ (struct enumeration *)0, ++ "ldap-ssl-usage", ++ ldap_ssl_usage_values ++}; ++ ++struct enumeration_value ldap_tls_reqcert_values [] = { ++ { "never", LDAP_OPT_X_TLS_NEVER }, ++ { "hard", LDAP_OPT_X_TLS_HARD }, ++ { "demand", LDAP_OPT_X_TLS_DEMAND}, ++ { "allow", LDAP_OPT_X_TLS_ALLOW }, ++ { "try", LDAP_OPT_X_TLS_TRY }, ++ { (char *) 0, 0 } ++}; ++struct enumeration ldap_tls_reqcert_enum = { ++ (struct enumeration *)0, ++ "ldap-tls-reqcert", ++ ldap_tls_reqcert_values ++}; ++ ++struct enumeration_value ldap_tls_crlcheck_values [] = { ++ { "none", LDAP_OPT_X_TLS_CRL_NONE}, ++ { "peer", LDAP_OPT_X_TLS_CRL_PEER}, ++ { "all", LDAP_OPT_X_TLS_CRL_ALL }, ++ { (char *) 0, 0 } ++}; ++struct enumeration ldap_tls_crlcheck_enum = { ++ (struct enumeration *)0, ++ "ldap-tls-crlcheck", ++ ldap_tls_crlcheck_values ++}; ++#endif ++#endif ++ + struct enumeration_value ddns_styles_values [] = { + { "none", 0 }, + { "ad-hoc", 1 }, diff --git a/net-misc/dhcp/files/dhcp-3.1.0a1-dhclient-resolvconf.patch b/net-misc/dhcp/files/dhcp-3.1.0a1-dhclient-resolvconf.patch new file mode 100644 index 00000000..5c420ae6 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.1.0a1-dhclient-resolvconf.patch @@ -0,0 +1,254 @@ +diff -ur client.orig/scripts/bsdos client/scripts/bsdos +--- client.orig/scripts/bsdos 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/bsdos 2006-09-07 19:19:53.000000000 +0100 +@@ -1,21 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ x"$new_domain_name_servers" != x ]; then +- cat /dev/null > /etc/resolv.conf.dhclient +- if [ "x$new_domain_search" != x ]; then +- echo search $new_domain_search >> /etc/resolv.conf.dhclient +- elif [ "x$new_domain_name" != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- echo search $new_domain_name >> /etc/resolv.conf.dhclient ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >> /etc/resolv.conf.dhclient +- done +- +- mv /etc/resolv.conf.dhclient /etc/resolv.conf + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +diff -ur client.orig/scripts/freebsd client/scripts/freebsd +--- client.orig/scripts/freebsd 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/freebsd 2006-09-07 19:19:32.000000000 +0100 +@@ -11,38 +11,20 @@ + fi + + make_resolv_conf() { +- if [ x"$new_domain_name_servers" != x ]; then +- ( cat /dev/null > /etc/resolv.conf.dhclient ) +- exit_status=$? +- if [ $exit_status -ne 0 ]; then +- $LOGGER "Unable to create /etc/resolv.conf.dhclient: Error $exit_status" +- else +- if [ "x$new_domain_search" != x ]; then +- ( echo search $new_domain_search >> /etc/resolv.conf.dhclient ) +- exit_status=$? +- elif [ "x$new_domain_name" != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- ( echo search $new_domain_name >> /etc/resolv.conf.dhclient ) +- exit_status=$? ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" + fi + for nameserver in $new_domain_name_servers; do +- if [ $exit_status -ne 0 ]; then +- break +- fi +- ( echo nameserver $nameserver >>/etc/resolv.conf.dhclient ) +- exit_status=$? ++ conf="${conf}nameserver $nameserver\n" + done +- +- # If there were no errors, attempt to mv the new file into place. +- if [ $exit_status -eq 0 ]; then +- ( mv /etc/resolv.conf.dhclient /etc/resolv.conf ) +- exit_status = $? +- fi +- +- if [ $exit_status -ne 0 ]; then +- $LOGGER "Error while writing new /etc/resolv.conf." ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf + fi + fi + fi +diff -ur client.orig/scripts/linux client/scripts/linux +--- client.orig/scripts/linux 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/linux 2006-09-07 19:18:57.000000000 +0100 +@@ -23,22 +23,22 @@ + # of the $1 in its args. + + make_resolv_conf() { +- if [ x"$new_domain_name_servers" != x ]; then +- cat /dev/null > /etc/resolv.conf.dhclient +- chmod 644 /etc/resolv.conf.dhclient +- if [ x"$new_domain_search" != x ]; then +- echo search $new_domain_search >> /etc/resolv.conf.dhclient +- elif [ x"$new_domain_name" != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- echo search $new_domain_name >> /etc/resolv.conf.dhclient ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf.dhclient +- done +- +- mv /etc/resolv.conf.dhclient /etc/resolv.conf + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +diff -ur client.orig/scripts/netbsd client/scripts/netbsd +--- client.orig/scripts/netbsd 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/netbsd 2006-09-07 19:20:10.000000000 +0100 +@@ -1,21 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- cat /dev/null > /etc/resolv.conf.dhclient +- if [ "x$new_domain_search != x ]; then +- echo search $new_domain_search >> /etc/resolv.conf.dhclient +- elif [ "x$new_domain_name != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- echo search $new_domain_name >> /etc/resolv.conf.dhclient ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf.dhclient +- done +- +- mv /etc/resolv.conf.dhclient /etc/resolv.conf + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +diff -ur client.orig/scripts/openbsd client/scripts/openbsd +--- client.orig/scripts/openbsd 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/openbsd 2006-09-07 19:20:38.000000000 +0100 +@@ -1,21 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if x"$new_domain_name_servers" != x ]; then +- cat /dev/null > /etc/resolv.conf.dhclient +- if [ x"$new_domain_search" != x ]; then +- echo search $new_domain_search >> /etc/resolv.conf.dhclient +- elif [ x"$new_domain_name" != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- echo search $new_domain_name >> /etc/resolv.conf.dhclient ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf.dhclient +- done +- +- mv /etc/ersolv.conf.dhclient /etc/resolv.conf + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf +diff -ur client.orig/scripts/solaris client/scripts/solaris +--- client.orig/scripts/solaris 2006-09-07 18:53:10.476329752 +0100 ++++ client/scripts/solaris 2006-09-07 19:21:12.000000000 +0100 +@@ -1,21 +1,22 @@ + #!/bin/sh + + make_resolv_conf() { +- if [ x"$new_domain_name_servers" != x ]; then +- cat /dev/null > /etc/resolv.conf.dhclient +- if [ x"$new_domain_search" != x ]; then +- echo search $new_domain_search >> /etc/resolv.conf.dhclient +- elif [ x"$new_domain_name" != x ]; then +- # Note that the DHCP 'Domain Name Option' is really just a domain +- # name, and that this practice of using the domain name option as +- # a search path is both nonstandard and deprecated. +- echo search $new_domain_name >> /etc/resolv.conf.dhclient ++ if [ x$PEER_DNS = x ] || [ x$PEER_DNS = xyes ]; then ++ if [ "x$new_domain_name" != x ] || [ "x$new_domain_name_servers" != x ]; then ++ conf="# Generated by dhclient for interface $interface\n" ++ if [ "x$new_domain_name" != x ]; then ++ conf="${conf}search $new_domain_name\n" ++ fi ++ for nameserver in $new_domain_name_servers; do ++ conf="${conf}nameserver $nameserver\n" ++ done ++ if [ -x /sbin/resolvconf ]; then ++ printf "$conf" | resolvconf -a "$interface" ++ else ++ printf "$conf" > /etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ fi + fi +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf.dhclient +- done +- +- mv /etc/resolv.conf.dhclient /etc/resolv.conf + fi + # If we're making confs, may as well make an ntp.conf too + make_ntp_conf diff --git a/net-misc/dhcp/files/dhcpd.conf b/net-misc/dhcp/files/dhcpd.conf new file mode 100644 index 00000000..1672633c --- /dev/null +++ b/net-misc/dhcp/files/dhcpd.conf @@ -0,0 +1,29 @@ +# /etc/conf.d/dhcpd: config file for /etc/init.d/dhcpd + +# If you require more than one instance of dhcpd you can create symbolic +# links to dhcpd service like so +# cd /etc/init.d +# ln -s dhcpd dhcpd.foo +# cd ../conf.d +# cp dhcpd dhcpd.foo +# Now you can edit dhcpd.foo and specify a different configuration file. +# You'll also need to specify a pidfile in that dhcpd.conf file. +# See the pid-file-name option in the dhcpd.conf man page for details. + +# If you wish to run dhcpd in a chroot, uncomment the following line +# DHCPD_CHROOT="/chroot/dhcp" + +# Then run emerge dhcp --config +# All file paths below are relative to the chroot. +# You can specify a different chroot directory but MAKE SURE it's empty. + +# Specify a configuration file - the default is /etc/dhcp/dhcpd.conf +# DHCPD_CONF="/etc/dhcp/dhcpd.conf" + +# Configure which interface or interfaces to for dhcpd to listen on. +# List all interfaces space separated. If this is not specified then +# we listen on all interfaces. +# DHCPD_IFACE="" + +# Insert any other dhcpd options - see the man page for a full list. +# DHCPD_OPTS="" diff --git a/net-misc/dhcp/files/dhcpd.init b/net-misc/dhcp/files/dhcpd.init new file mode 100644 index 00000000..6c980fe2 --- /dev/null +++ b/net-misc/dhcp/files/dhcpd.init @@ -0,0 +1,71 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/files/dhcpd.init,v 1.5 2007/04/02 12:34:01 uberlord Exp $ + +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd.conf} + +depend() { + need net + use logger dns +} + +get_var() { + sed -n 's/^[[:blank:]]\?'"$1"' "*\([^#";]\+\).*/\1/p' \ + "${DHCPD_CHROOT}/${DHCPD_CONF}" +} + +start() { + # Work out our cffile if it's on our DHCPD_OPTS + case " ${DHCPD_OPTS} " in + *" -cf "*) + DHCPD_CONF=" ${DHCPD_OPTS} " + DHCPD_CONF="${DHCPD_CONF##* -cf }" + DHCPD_CONF="${DHCPD_CONF%% *}" + ;; + *) DHCPD_OPTS="${DHCPD_OPTS} -cf ${DHCPD_CONF}" + ;; + esac + + if [ ! -f "${DHCPD_CHROOT}/${DHCPD_CONF}" ] ; then + eerror "${DHCPD_CHROOT}/${DHCPD_CONF} does not exist" + return 1 + fi + + local leasefile="$(get_var lease-file-name)" + leasefile="${DHCPD_CHROOT}/${leasefile:-/var/lib/dhcp/dhcpd.leases}" + if [ ! -f "${leasefile}" ] ; then + ebegin "Creating ${leasefile}" + touch "${leasefile}" + chown dhcp:dhcp "${leasefile}" + eend $? || return 1 + fi + + # Setup LD_PRELOAD so name resolution works in our chroot. + if [ -n "${DHCPD_CHROOT}" ] ; then + LD_PRELOAD="${LD_PRELOAD} /usr/lib/libresolv.so" + export LD_PRELOAD="${LD_PRELOAD} /usr/lib/libnss_dns.so" + fi + + local pidfile="$(get_var pid-file-name)" + pidfile="${pidfile:-/var/run/dhcp/dhcpd.pid}" + + ebegin "Starting ${DHCPD_CHROOT:+chrooted }${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/dhcpd \ + --pidfile "${DHCPD_CHROOT}/${pidfile}" \ + -- ${DHCPD_OPTS} -q -pf "${pidfile}" \ + -user dhcp -group dhcp \ + ${DHCPD_CHROOT:+-chroot} ${DHCPD_CHROOT} ${DHCPD_IFACE} + eend $? \ + && save_options chroot "${DHCPD_CHROOT}" \ + && save_options pidfile "${pidfile}" +} + +stop() { + local chroot="$(get_options chroot)" + + ebegin "Stopping ${chroot:+chrooted }${SVCNAME}" + start-stop-daemon --stop --exec /usr/sbin/dhcpd \ + --pidfile "${chroot}/$(get_options pidfile)" + eend $? +} diff --git a/net-misc/dhcp/files/dhcrelay.conf b/net-misc/dhcp/files/dhcrelay.conf new file mode 100644 index 00000000..1102d3a4 --- /dev/null +++ b/net-misc/dhcp/files/dhcrelay.conf @@ -0,0 +1,13 @@ +# /etc/conf.d/dhcrelay: config file for /etc/init.d/dhcrelay + +# Configure which interface or interfaces to for dhcrelay to listen on +# and send to. +# List all interfaces space separated. If this is not specified then +# we use all interfaces. +#IFACE="" + +# Insert any other options needed. See dhcrelay(8) for details. +#DHCRELAY_OPTS="" + +# Space separated list of IPs to forward BOOTP/DHCP packets to. +DHCRELAY_SERVERS="" diff --git a/net-misc/dhcp/files/dhcrelay.init b/net-misc/dhcp/files/dhcrelay.init new file mode 100644 index 00000000..2f92956b --- /dev/null +++ b/net-misc/dhcp/files/dhcrelay.init @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/files/dhcrelay.init,v 1.2 2007/03/22 15:36:59 uberlord Exp $ + +depend() { + need net + use logger +} + +start() { + if [ -z "${DHCRELAY_SERVERS}" ]; then + eerror "No DHCRELAY_SERVERS specified in /etc/conf.d/dhcrelay" + return 1 + fi + + local IFACES= i= + for i in ${IFACE} ; do + IFACES="${IFACES} -i ${i}" + done + + ebegin "Starting dhcrelay" + start-stop-daemon --start --exec /usr/sbin/dhcrelay \ + -- -q ${IFACES} ${DHCRELAY_OPTS} ${DHCRELAY_SERVERS} + eend $? +} + +stop() { + ebegin "Stopping dhcrelay" + start-stop-daemon --stop --pidfile /var/run/dhcrelay.pid + eend $? +} diff --git a/sys-devel/llvm/Manifest b/sys-devel/llvm/Manifest index 6fe48cb5..f79b47c8 100644 --- a/sys-devel/llvm/Manifest +++ b/sys-devel/llvm/Manifest @@ -1,17 +1,8 @@ DIST llvm-2.1-patches-1.0.tar.bz2 1958 RMD160 435a113bd440512cef1713777de059eee9b0fd29 SHA1 01c8ef8b2520155b516f0be7a1fb19a40d8dd942 SHA256 5d180d6a7f2575fcb74d80607f7ec79379d3ca470acec106faacc618ecd7f706 DIST llvm-2.1.tar.gz 5062241 RMD160 df28ee93be79b8d436deb7c0e1cff1c21e1328be SHA1 e57081e1bc7c2cb168859f534c08b579276c3398 SHA256 8cabd422f249ada736d864fc8a1f4d14aabefacb6f860c9beefbc53f93e0f96c +DIST llvm-2.2-patches-1.1.tar.bz2 1734 RMD160 5ca6e8aa4e17a41eabde5e706fb0c1feb58548f8 SHA1 d34b58b78cbf3f4b182f237a4a9a782e620cedb1 SHA256 f8bb10d142597b57fead9682d4088aa763788d4f3cbc362f9605ae07e34cd095 +DIST llvm-2.2.tar.gz 5702420 RMD160 543d26dea265d5cb72b3e5d5c74af85c0f74a376 SHA1 9cbd80cd15711618d11b82c1873d0a46d550091b SHA256 788d871aec139e0c61d49533d0252b21c4cd030e91405491ee8cb9b2d0311072 EBUILD llvm-2.1.ebuild 176 RMD160 9f7b33bdedc3eca0ce04a61c5c82ef8b331aef6a SHA1 8c52175a0cf89471c3a9d27a118898b4d15ba90b SHA256 77abaacb58f0eab70168cf6636e0578ae078e80051739cbf606f0a3424d91acf -MD5 df4cb1f76ce0ffa0f2f327492e78dcf6 llvm-2.1.ebuild 176 -RMD160 9f7b33bdedc3eca0ce04a61c5c82ef8b331aef6a llvm-2.1.ebuild 176 -SHA256 77abaacb58f0eab70168cf6636e0578ae078e80051739cbf606f0a3424d91acf llvm-2.1.ebuild 176 +EBUILD llvm-2.2.ebuild 176 RMD160 bf08a7b74b33b7cd5354879eb2f55c39e76996ec SHA1 d26481b8ab89be55e137902d8f4ea257ea868c2d SHA256 53cfbd1a99c6560a57d7af896d4d9ccf9c801eeac8be14449f62966825c37323 MISC ChangeLog 325 RMD160 25f9393eab9c9990f29ddac537b3d5ba30b3370a SHA1 20833b78acbff61fb36d06ac352c6f1f64d30592 SHA256 a48414fe2821dc7a7f8a089a8b703f74001d51db2018a4c5f088d3767e9d8f53 -MD5 c2e13744fc1e3b64b7705b7fe5876a23 ChangeLog 325 -RMD160 25f9393eab9c9990f29ddac537b3d5ba30b3370a ChangeLog 325 -SHA256 a48414fe2821dc7a7f8a089a8b703f74001d51db2018a4c5f088d3767e9d8f53 ChangeLog 325 MISC metadata.xml 170 RMD160 645927a396fdc21cdeb089fe42c5397332420ea6 SHA1 ac7f48a14fec325926f9ce1be8fbf1f311b4f2e4 SHA256 d797a2ec6f9dc516c9f9c1a758ee87ad3e8c43101b5dc76c2f872d5bd4639b42 -MD5 1e678929a9fec6632e227bdf2262e9a1 metadata.xml 170 -RMD160 645927a396fdc21cdeb089fe42c5397332420ea6 metadata.xml 170 -SHA256 d797a2ec6f9dc516c9f9c1a758ee87ad3e8c43101b5dc76c2f872d5bd4639b42 metadata.xml 170 -MD5 9081076b6c81203f42ee17188f9b6063 files/digest-llvm-2.1 488 -RMD160 7b3d858f78157a6aa203d697ecea2ca83df85479 files/digest-llvm-2.1 488 -SHA256 ae5b55ab3b6bc84fa0748c6db3466a72df053085ac3e4ab1fda4df282b0d2481 files/digest-llvm-2.1 488