diff --git a/IAID-is-output-has-hexe-if-it-contains-or.patch b/IAID-is-output-has-hexe-if-it-contains-or.patch new file mode 100644 index 0000000000000000000000000000000000000000..9c736991652db5ad291683db4a7bb3d97f668f56 --- /dev/null +++ b/IAID-is-output-has-hexe-if-it-contains-or.patch @@ -0,0 +1,46 @@ +From fb971ee6b5403c21e64fa66c8711f688f763518c Mon Sep 17 00:00:00 2001 +From: renmingshuai +Date: Sat, 20 Jan 2024 02:51:53 +0000 +Subject: [PATCH] IAID is output has hexe if it contains '\' or '"' + +Signed-off-by: renmingshuai +--- + client/dhclient.conf.5 | 6 +++--- + common/print.c | 4 +++- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/client/dhclient.conf.5 b/client/dhclient.conf.5 +index 566a881..2e2dc56 100644 +--- a/client/dhclient.conf.5 ++++ b/client/dhclient.conf.5 +@@ -617,9 +617,9 @@ pairs, separated by colons. + Currently, the values written out based on lease-id-format are the default-duid + and the IAID value (DHCPv6 only). The client automatically reads the values + in either format. Note that when the format is octal, rather than as an octal +-string, IAID is output as hex if it contains no printable characters or as a +-string if contains only printable characters. This is done to maintain backward +-compatibility. ++string, IAID is output as hex if it contains special character '"', '\' or ++no printable characters, or as a string if contains only printable characters. ++This is done to maintain backward compatibility. + .PP + \fBreject \fIcidr-ip-address\fR [\fB,\fR \fI...\fB \fIcidr-ip-address\fR ] \fB;\fR + .PP +diff --git a/common/print.c b/common/print.c +index b42e7bc..6835eb1 100644 +--- a/common/print.c ++++ b/common/print.c +@@ -427,7 +427,9 @@ void print_hex_or_string (len, data, limit, buf) + return; + + for (i = 0; (i < (limit - 3)) && (i < len); i++) { +- if (!isascii(data[i]) || !isprint(data[i])) { ++ /* print as hex if the characters contain '"' or '\' */ ++ if (!isascii(data[i]) || !isprint(data[i]) || ++ (data[i] == '"' || data[i] == '\\')) { + print_hex_only(len, data, limit, buf); + return; + } +-- +2.33.0 + diff --git a/backport-0001-change-bug-url.patch b/backport-0001-change-bug-url.patch deleted file mode 100644 index ef22421a0519b29e3b8d983c58ef28ab778c2e69..0000000000000000000000000000000000000000 --- a/backport-0001-change-bug-url.patch +++ /dev/null @@ -1,79 +0,0 @@ -Reference: https://src.fedoraproject.org/rpms/dhcp/blob/rawhide/f/0001-change-bug-url.patch -From 23dfbc560028bf7429196db1a3826f8b80c19d3e Mon Sep 17 00:00:00 2001 -From: Pavel Zhukov -Date: Thu, 21 Feb 2019 10:09:57 +0100 -Subject: [PATCH 01/26] change bug url -Cc: pzhukov@redhat.com - ---- - omapip/errwarn.c | 47 ++++++++++++++++++++++++++++++++++++++++++----- - 1 file changed, 42 insertions(+), 5 deletions(-) - -diff --git a/omapip/errwarn.c b/omapip/errwarn.c -index e30f8a0..09a3004 100644 ---- a/omapip/errwarn.c -+++ b/omapip/errwarn.c -@@ -48,6 +48,41 @@ void (*log_cleanup) (void); - static char mbuf [CVT_BUF_MAX + 1]; - static char fbuf [CVT_BUF_MAX + 1]; - -+// get BUG_REPORT_URL from /etc/os-release -+char * bug_report_url(void) { -+ FILE * file = fopen("/etc/os-release", "r"); -+ size_t len; -+ char * line = NULL; -+ char * url = NULL; -+ size_t url_len = 256; -+ -+ url = (char *) malloc(url_len * sizeof(char)); -+ strcpy(url, "https://bugzilla.redhat.com/"); -+ -+ if (!file) -+ return url; -+ -+ while ((getline(&line, &len, file)) != -1) { -+ if (strstr(line, "BUG_REPORT_URL") != NULL) { -+ char * start = strchr(line, '='); -+ char * rquotes = strrchr(line, '"'); -+ -+ if (rquotes != NULL) { -+ *rquotes = '\0'; -+ strncpy(url, start+2, url_len); -+ } else { -+ strncpy(url, start+1, url_len); -+ } -+ url[url_len-1] = '\0'; -+ fclose(file); -+ return url; -+ } -+ } -+ fclose(file); -+ return url; -+} -+ -+ - /* Log an error message, then exit... */ - - void log_fatal (const char * fmt, ... ) -@@ -74,11 +109,13 @@ void log_fatal (const char * fmt, ... ) - } - - log_error ("%s", ""); -- log_error ("If you think you have received this message due to a bug rather"); -- log_error ("than a configuration issue please read the section on submitting"); -- log_error ("bugs on either our web page at www.isc.org or in the README file"); -- log_error ("before submitting a bug. These pages explain the proper"); -- log_error ("process and the information we find helpful for debugging."); -+ log_error ("This version of ISC DHCP is based on the release available"); -+ log_error ("on ftp.isc.org. Features have been added and other changes"); -+ log_error ("have been made to the base software release in order to make"); -+ log_error ("it work better with this distribution."); -+ log_error ("%s", ""); -+ log_error ("Please report issues with this software via: "); -+ log_error ("%s", bug_report_url()); - log_error ("%s", ""); - log_error ("exiting."); - --- -2.14.5 - diff --git a/bugfix-error-message-display.patch b/bugfix-error-message-display.patch deleted file mode 100644 index 183b27a159c9db8931eaa4b4fd890b6aa7772572..0000000000000000000000000000000000000000 --- a/bugfix-error-message-display.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruNa dhcp-4.4.2-org/omapip/errwarn.c dhcp-4.4.2/omapip/errwarn.c ---- dhcp-4.4.2-org/omapip/errwarn.c 16:51:13.626927174 +0800 -+++ dhcp-4.4.2/omapip/errwarn.c 16:55:40.477496361 +0800 -@@ -57,7 +57,7 @@ - size_t url_len = 256; - - url = (char *) malloc(url_len * sizeof(char)); -- strcpy(url, "https://bugzilla.redhat.com/"); -+ strcpy(url, "https://gitee.com/src-openeuler/dhcp/issues"); - - if (!file) - return url; diff --git a/dhcp.spec b/dhcp.spec index c5d928446fb5437a51b4ad2d798a3bc448fd405b..3488b766267593a8c8b84dd52c29fef4c562aaca 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -3,7 +3,7 @@ Name: dhcp Version: 4.4.3 -Release: 3 +Release: 6 Summary: Dynamic host configuration protocol software #Please don't change the epoch on this package Epoch: 12 @@ -18,7 +18,6 @@ Source6: dhcpd.service Source7: dhcpd6.service Source8: dhcrelay.service -Patch1: backport-0001-change-bug-url.patch Patch2: backport-0002-additional-dhclient-options.patch Patch3: backport-0003-Handle-releasing-interfaces-requested-by-sbin-ifup.patch Patch4: backport-0004-Support-unicast-BOOTP-for-IBM-pSeries-systems-and-ma.patch @@ -54,7 +53,6 @@ Patch33: bugfix-dhcp-64-bit-lease-parse.patch Patch34: fix-coredump-when-client-active-is-NULL.patch Patch35: feature-lease-time-config-ipv6.patch Patch36: add-a-test-case-to-parse-code93-in-option_unittest.patch -Patch37: bugfix-error-message-display.patch Patch38: backport-Fix-CVE-2021-25220.patch Patch39: backport-Fix-CVE-2022-2928.patch Patch40: backport-Fix-CVE-2022-2929.patch @@ -62,6 +60,7 @@ Patch41: Revert-correcting-the-logic-in-dhclient.patch Patch42: backport-CVE-2022-2795.patch Patch43: backport-CVE-2022-38177.patch Patch44: backport-CVE-2022-38178.patch +Patch45: IAID-is-output-has-hexe-if-it-contains-or.patch BuildRequires: gcc autoconf automake libtool openldap-devel krb5-devel libcap-ng-devel BuildRequires: systemd systemd-devel @@ -310,68 +309,78 @@ exit 0 %{_mandir}/man3/omapi.3.gz %changelog -* Thu Jan 4 2024 renmingshuai - 12:4.4.3-3 +* Sat Jan 20 2024 renmingshuai - 12:4.4.3-6 +- Type:bugfix +- ID: +- SUG:restart +- DESC:IAID is output has hexe if it contains '\' or '"' + +* Thu Jan 4 2024 renmingshuai - 12:4.4.3-5 - Type:CVE - ID:CVE-2022-2795,CVE-2022-38177,CVE-2022-38178 - SUG:restart - DESC:fix CVE-2022-2795,CVE-2022-38177 and CVE-2022-38178 -* Thu Jun 29 2023 renmingshuai - 12:4.4.3-2 +* Fri Nov 24 2023 renmingshuai - 12:4.4.3-4 - Type:bugfix - ID: - SUG:restart -- DESC:revert the correction about the logic in dhclient +- DESC:delete report url added by other upstream patch to keep pace with DHCP -* Tue Oct 25 2022 renmingshuai - 12:4.4.3-1 -- Type:requirement +* Thu Jun 29 2023 renmingshuai - 12:4.4.3-3 +- Type:bugfix - ID: - SUG:restart -- DESC:update to 4.4.3 +- DESC:revert the correction about the logic in dhclient -* Mon Oct 17 2022 renmingshuai - 12:4.4.2-15 -- Type:cves -- ID:CVE-2022-2928,CVE-2022-2929 +* Sat May 27 2023 renmingshuai - 12:4.4.3-2 +- Type:bugfix +- ID:NA - SUG:restart -- DESC:Fix CVE-2022-2928 and CVE-2022-2929 +- DESC:add Restart in dhcpd.service -* Tue Sep 27 2022 renmingshuai - 12:4.4.2-14 -- Type:cves -- ID:CVE-2021-25214, CVE-2021-25215, CVE-2021-25219, CVE-2021-25220 +* Tue Nov 1 2022 renmingshuai - 12:4.4.3-1 +- Type:requirement +- ID:NA - SUG:restart -- DESC:Fix CVE-2021-25214 CVE-2021-25215 CVE-2021-25219 CVE-2021-25220 +- DESC:update to 4.4.3 -* Sat Jul 30 2022 renmingshuai - 4.4.2-13 +* Thu Aug 25 2022 renmingshuai - 4.4.2-13 - Type:bugfix - ID:NA - SUG:restart - DESC:add dhX.conf.example in doc -* Tue Feb 22 2022 zengwefeng - 4.4.2-12 +* Wed Aug 24 2022 renmingshuai - 4.4.2-12 - Type:bugfix - ID:NA - SUG:restart -- DESC:fix error message display +- DESC:add a test case for PXE to support ipv6 + support lease time config for ipv6 -* Wed Jan 12 2022 renmingshuai - 4.4.2-11 +* Tue Feb 8 2022 renmingshuai - 4.4.2-11 - Type:bugfix - ID:NA - SUG:restart -- DESC:rename upstream patches and add reference +- DESC:fix error message display -* Fri Jan 07 2022 renmingshuai - 4.4.2-10 +* Mon Feb 7 2022 renmingshuai - 4.4.2-10 - Type:bugfix - ID:NA - SUG:restart -- DESC:remove buildrequires bind-export-devel and buildin bind +- DESC:fix coredump when client active is NULL -* Fri Nov 26 2021 renmingshuai - 4.4.2-9 +* Wed Jan 12 2022 renmingshuai - 4.4.2-9 - Type:bugfix - ID:NA - SUG:restart -- DESC:fix coredump when client active is NULL, add lease time config ipv6 and add a unittest +- DESC:modofy upstream patches name and add reference -* Tue Sep 14 2021 panchenbo - 4.4.2-8 -- DESC: install dhcpd.conf.example +* Wed Jan 05 2022 renmingshuai - 4.4.2-8 +- Type:bugfix +- ID:NA +- SUG:restart +- DESC:remove build require bind-export-devel and add buildin bind * Fri Jul 30 2021 renmingshuai - 4.4.2-7 - Type:bugfix diff --git a/dhcpd.service b/dhcpd.service index 7363d7d4216c7485dca114a26ac31fbbac660681..f4d2190fea1d7dc06c604c036126bac2ae8c0749 100644 --- a/dhcpd.service +++ b/dhcpd.service @@ -10,6 +10,7 @@ Type=notify EnvironmentFile=-/etc/sysconfig/dhcpd ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid $DHCPDARGS StandardError=null +Restart=on-failure [Install] WantedBy=multi-user.target