22517767 Upgrade Solaris' DHCP to version 4.1-ESV-R7-P1
22501693 problem in SERVICE/DHCP-SERVER
--- a/components/isc-dhcp/Makefile Tue Jan 12 14:17:49 2016 -0800
+++ b/components/isc-dhcp/Makefile Tue Jan 12 17:16:02 2016 -0800
@@ -18,13 +18,14 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
#
include ../../make-rules/shared-macros.mk
COMPONENT_NAME= isc-dhcp
COMPONENT_VERSION= 4.1-ESV-R7
-IPS_COMPONENT_VERSION= 4.1.0.7
+HUMAN_VERSION= $(COMPONENT_VERSION)-P1
+IPS_COMPONENT_VERSION= 4.1.0.7.1
COMPONENT_SRC_NAME= dhcp
COMPONENT_SRC= $(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
--- a/components/isc-dhcp/dhcp.p5m Tue Jan 12 14:17:49 2016 -0800
+++ b/components/isc-dhcp/dhcp.p5m Tue Jan 12 17:16:02 2016 -0800
@@ -18,7 +18,7 @@
#
# CDDL HEADER END
#
-# Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
#
<transform file path=usr.*/man/.+ -> default mangler.man.stability uncommitted>
set name=pkg.fmri \
@@ -26,6 +26,7 @@
set name=pkg.summary value="ISC DHCP Server and Relay Agent."
set name=pkg.description \
value="ISC DHCP is open source software that implements the Dynamic Host Configuration Protocols for connection to a local network. This package includes the ISC DHCP server, relay agent and the omshell tool."
+set name=pkg.human-version value=$(HUMAN_VERSION)
set name=com.oracle.info.description value="the ISC DHCP Server and Relay Agent"
set name=com.oracle.info.tpno value=$(TPNO)
set name=info.classification value=org.opensolaris.category.2008:System/Services
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/isc-dhcp/patches/001-dhcp-dynamiclibraries.patch Tue Jan 12 17:16:02 2016 -0800
@@ -0,0 +1,154 @@
+# HG changeset patch
+# User Praveen Kumar Muthuswamy <[email protected]>
+# Date 1428520414 25200
+# Wed Apr 08 12:13:34 2015 -0700
+# Node ID 045f212982ea4578a9dafb925ad62cf366802dc6
+# Parent 6470d3cc3ce1677a8283cdf15257c2b8c0ab43c9
+/*
+ * This patch file (dhcp-dynamiclibraries.patch) was developed in-house to
+ * allow isc-dhcp to build and package shared objects for libomapi, libdhcpctl,
+ * and libdst. Upstream (ISC) has been made aware of this requirement and the
+ * the patch through a service ticket and they are actively working on
+ * developing the patch.
+ */
+
+diff --git a/client/Makefile.am b/client/Makefile.am
+--- a/client/Makefile.am
++++ b/client/Makefile.am
+@@ -5,7 +5,7 @@
+ scripts/netbsd scripts/nextstep scripts/openbsd \
+ scripts/solaris scripts/openwrt
+ dhclient_LDADD = ../common/libdhcp.a ../minires/libres.a \
+- ../omapip/libomapi.a ../dst/libdst.a
++ ../omapip/libomapi.la ../dst/libdst.la
+ man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
+ EXTRA_DIST = $(man_MANS)
+
+diff --git a/common/tests/Makefile.am b/common/tests/Makefile.am
+--- a/common/tests/Makefile.am
++++ b/common/tests/Makefile.am
+@@ -13,7 +13,7 @@
+ alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
+ alloc_unittest_LDADD = $(ATF_LDFLAGS)
+ alloc_unittest_LDADD += ../libdhcp.a \
+- ../../omapip/libomapi.a ../../dst/libdst.a ../../minires/libres.a
++ ../../omapip/libomapi.la ../../dst/libdst.la ../../minires/libres.a
+
+ check: $(ATF_TESTS)
+ atf-run | atf-report
+diff --git a/configure.ac b/configure.ac
+--- a/configure.ac
++++ b/configure.ac
+@@ -37,7 +37,7 @@
+ # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
+ AC_USE_SYSTEM_EXTENSIONS
+
+-AC_PROG_RANLIB
++AC_PROG_LIBTOOL
+ AC_CONFIG_HEADERS([includes/config.h])
+
+ # we sometimes need to know byte order for building packets
+diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am
+--- a/dhcpctl/Makefile.am
++++ b/dhcpctl/Makefile.am
+@@ -1,15 +1,16 @@
+ bin_PROGRAMS = omshell
+-lib_LIBRARIES = libdhcpctl.a
++lib_LTLIBRARIES = libdhcpctl.la
++libdhcpctl_la_LDFLAGS = -version-info 1
+ noinst_PROGRAMS = cltest
+ man_MANS = omshell.1 dhcpctl.3
+ EXTRA_DIST = $(man_MANS)
+
+ omshell_SOURCES = omshell.c
+-omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../minires/libres.a \
+- ../omapip/libomapi.a ../dst/libdst.a
++omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../minires/libres.a \
++ ../omapip/libomapi.la ../dst/libdst.la
+
+-libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
++libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
+
+ cltest_SOURCES = cltest.c
+-cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../minires/libres.a \
+- ../omapip/libomapi.a ../dst/libdst.a
++cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../minires/libres.a \
++ ../omapip/libomapi.la ../dst/libdst.la
+diff --git a/dst/Makefile.am b/dst/Makefile.am
+--- a/dst/Makefile.am
++++ b/dst/Makefile.am
+@@ -1,8 +1,9 @@
+ AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
+
+-lib_LIBRARIES = libdst.a
++lib_LTLIBRARIES = libdst.la
++libdst_la_LDFLAGS = -version-info 1
+
+-libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
++libdst_la_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
+ base64.c prandom.c
+
+ EXTRA_DIST = dst_internal.h md5.h md5_locl.h
+diff --git a/omapip/Makefile.am b/omapip/Makefile.am
+--- a/omapip/Makefile.am
++++ b/omapip/Makefile.am
+@@ -1,7 +1,8 @@
+-lib_LIBRARIES = libomapi.a
++lib_LTLIBRARIES = libomapi.la
++libomapi_la_LDFLAGS = -version-info 1
+ noinst_PROGRAMS = svtest
+
+-libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
++libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
+ errwarn.c listener.c dispatch.c generic.c support.c \
+ handle.c message.c convert.c hash.c auth.c inet_addr.c \
+ array.c trace.c mrtrace.c toisc.c iscprint.c
+@@ -9,5 +10,5 @@
+ EXTRA_DIST = $(man_MANS)
+
+ svtest_SOURCES = test.c
+-svtest_LDADD = libomapi.a ../dst/libdst.a
++svtest_LDADD = libomapi.la ../dst/libdst.la
+
+diff --git a/relay/Makefile.am b/relay/Makefile.am
+--- a/relay/Makefile.am
++++ b/relay/Makefile.am
+@@ -2,7 +2,7 @@
+
+ sbin_PROGRAMS = dhcrelay
+ dhcrelay_SOURCES = dhcrelay.c
+-dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst.a ../minires/libres.a
++dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dst/libdst.la ../minires/libres.a
+ man_MANS = dhcrelay.8
+ EXTRA_DIST = $(man_MANS)
+
+diff --git a/server/Makefile.am b/server/Makefile.am
+--- a/server/Makefile.am
++++ b/server/Makefile.am
+@@ -13,9 +13,9 @@
+ dhcpv6.c mdb6.c
+
+ # libomapi.a this is here twice to handle circular library dependencies :(
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst.a \
+- ../dhcpctl/libdhcpctl.a ../minires/libres.a \
+- ../omapip/libomapi.a
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dst/libdst.la \
++ ../dhcpctl/libdhcpctl.la ../minires/libres.a \
++ ../omapip/libomapi.la
+
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+diff --git a/server/tests/Makefile.am b/server/tests/Makefile.am
+--- a/server/tests/Makefile.am
++++ b/server/tests/Makefile.am
+@@ -17,8 +17,8 @@
+ ../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
+ ../dhcpd.c
+
+-DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
+- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/dst/libdst.a \
++DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
++ $(top_builddir)/dhcpctl/libdhcpctl.la $(top_builddir)/dst/libdst.la \
+ $(top_builddir)/minires/libres.a
+
+ ATF_TESTS =
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/isc-dhcp/patches/002-ignore-client-uids.patch Tue Jan 12 17:16:02 2016 -0800
@@ -0,0 +1,112 @@
+The following patch is adopted from ISC DHCP version 4.3.0.
+http://ftp.isc.org/isc/dhcp/4.3.0/dhcp-4.3.0.tar.gz
+
+--- dhcp-4.1-ESV-R7/server/stables.c.orig Thu Aug 23 19:23:54 2012
++++ dhcp-4.1-ESV-R7/server/stables.c Mon Apr 28 16:37:14 2014
+@@ -244,6 +244,7 @@
+ { "delayed-ack", "S", &server_universe, 58, 1 },
+ { "max-ack-delay", "L", &server_universe, 59, 1 },
+ #endif
++ { "ignore-client-uids", "f", &server_universe, 60, 1 },
+ { NULL, NULL, NULL, 0, 0 }
+ };
+
+--- dhcp-4.1-ESV-R7/server/dhcp.c.orig Thu Aug 23 19:23:54 2012
++++ dhcp-4.1-ESV-R7/server/dhcp.c Mon Apr 28 16:36:18 2014
+@@ -2304,31 +2304,40 @@
+ /* Update Client Last Transaction Time. */
+ lt->cltt = cur_time;
+
+- /* Record the uid, if given... */
+- oc = lookup_option (&dhcp_universe, packet -> options,
+- DHO_DHCP_CLIENT_IDENTIFIER);
+- if (oc &&
+- evaluate_option_cache (&d1, packet, lease,
+- (struct client_state *)0,
+- packet -> options, state -> options,
+- &lease -> scope, oc, MDL)) {
+- if (d1.len <= sizeof lt -> uid_buf) {
+- memcpy (lt -> uid_buf, d1.data, d1.len);
+- lt -> uid = lt -> uid_buf;
+- lt -> uid_max = sizeof lt -> uid_buf;
+- lt -> uid_len = d1.len;
+- } else {
+- unsigned char *tuid;
+- lt -> uid_max = d1.len;
+- lt -> uid_len = d1.len;
+- tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
+- /* XXX inelegant */
+- if (!tuid)
+- log_fatal ("no memory for large uid.");
+- memcpy (tuid, d1.data, lt -> uid_len);
+- lt -> uid = tuid;
++ /* See if we want to record the uid for this client */
++ oc = lookup_option(&server_universe, state->options,
++ SV_IGNORE_CLIENT_UIDS);
++ if ((oc == NULL) ||
++ !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
++ packet->options, state->options,
++ &lease->scope, oc, MDL)) {
++
++ /* Record the uid, if given... */
++ oc = lookup_option (&dhcp_universe, packet -> options,
++ DHO_DHCP_CLIENT_IDENTIFIER);
++ if (oc &&
++ evaluate_option_cache (&d1, packet, lease,
++ (struct client_state *)0,
++ packet -> options, state -> options,
++ &lease -> scope, oc, MDL)) {
++ if (d1.len <= sizeof lt -> uid_buf) {
++ memcpy (lt -> uid_buf, d1.data, d1.len);
++ lt -> uid = lt -> uid_buf;
++ lt -> uid_max = sizeof lt -> uid_buf;
++ lt -> uid_len = d1.len;
++ } else {
++ unsigned char *tuid;
++ lt -> uid_max = d1.len;
++ lt -> uid_len = d1.len;
++ tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
++ /* XXX inelegant */
++ if (!tuid)
++ log_fatal ("no memory for large uid.");
++ memcpy (tuid, d1.data, lt -> uid_len);
++ lt -> uid = tuid;
++ }
++ data_string_forget (&d1, MDL);
+ }
+- data_string_forget (&d1, MDL);
+ }
+
+ if (host) {
+--- dhcp-4.1-ESV-R7/server/dhcpd.conf.5.orig Wed May 7 18:37:36 2014
++++ dhcp-4.1-ESV-R7/server/dhcpd.conf.5 Wed May 7 18:38:46 2014
+@@ -2302,6 +2302,19 @@
+ must be a constant value.
+ .RE
+ .PP
++The
++.I ignore-client-uids
++statement
++.RS 0.25i
++.PP
++.B ignore-client-uids \fIflag\fB;\fR
++.PP
++If the \fIignore-client-uids\fR statement is present and has a value of
++\fItrue\fR or \fIon\fR, the UID for clients will not be recorded.
++If this statement is not present or has a value of \fIfalse\fR or
++\fIoff\fR, then client UIDs will be recorded.
++.RE
++.PP
+ The
+ .I infinite-is-reserved
+ statement
+--- dhcp-4.1-ESV-R7/includes/dhcpd.h.orig Thu Aug 23 19:23:53 2012
++++ dhcp-4.1-ESV-R7/includes/dhcpd.h Mon Apr 28 16:11:17 2014
+@@ -627,6 +627,7 @@
+ #define SV_LIMIT_PREFS_PER_IA 57
+ #define SV_DELAYED_ACK 58
+ #define SV_MAX_ACK_DELAY 59
++#define SV_IGNORE_CLIENT_UIDS 60
+
+ #if !defined (DEFAULT_PING_TIMEOUT)
+ # define DEFAULT_PING_TIMEOUT 1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/isc-dhcp/patches/003-CVE-2015-8605.patch Tue Jan 12 17:16:02 2016 -0800
@@ -0,0 +1,146 @@
+This patch was derived from ISC source differences between dhcp-4.1-ESV-R12
+and dhcp-4.1-ESV-R12-P1.
+
+--- old/./RELNOTES Thu Jan 7 21:28:37 2016
++++ new/./RELNOTES Thu Jan 7 21:28:37 2016
+@@ -1,6 +1,6 @@
+ Internet Systems Consortium DHCP Distribution
+- Version 4.1-ESV-R7
+- 10 September 2012
++ Version 4.1-ESV-R7-P1
++ 01 January 2016
+
+ Release Notes
+
+@@ -52,6 +52,13 @@
+ work on other platforms. Please report any problems and suggested fixes to
+ <[email protected]>.
+
++ Changes since 4.1-ESV-R7-P1
++
++! Update the bounds checking when receiving a packet.
++ Thanks to Sebastian Poehn from Sophos for the bug report and a suggested
++ patch.
++ [ISC-Bugs #41267]
++
+ Changes since 4.1-ESV-R6
+
+ - Existing legacy unit-tests have been migrated to Automated Test
+--- old/common/packet.c Thu Jan 7 21:28:37 2016
++++ new/common/packet.c Thu Jan 7 21:28:37 2016
+@@ -220,7 +220,28 @@
+ }
+ }
+
+-/* UDP header and IP header decoded together for convenience. */
++/*!
++ *
++ * \brief UDP header and IP header decoded together for convenience.
++ *
++ * Attempt to decode the UDP and IP headers and, if necessary, checksum
++ * the packet.
++ *
++ * \param inteface - the interface on which the packet was recevied
++ * \param buf - a pointer to the buffer for the received packet
++ * \param bufix - where to start processing the buffer, previous
++ * routines may have processed parts of the buffer already
++ * \param from - space to return the address of the packet sender
++ * \param buflen - remaining length of the buffer, this will have been
++ * decremented by bufix by the caller
++ * \param rbuflen - space to return the length of the payload from the udp
++ * header
++ * \param csum_ready - indication if the checksum is valid for use
++ * non-zero indicates the checksum should be validated
++ *
++ * \return - the index to the first byte of the udp payload (that is the
++ * start of the DHCP packet
++ */
+
+ ssize_t
+ decode_udp_ip_header(struct interface_info *interface,
+@@ -231,7 +252,7 @@
+ unsigned char *data;
+ struct ip ip;
+ struct udphdr udp;
+- unsigned char *upp, *endbuf;
++ unsigned char *upp;
+ u_int32_t ip_len, ulen, pkt_len;
+ u_int32_t sum, usum;
+ static int ip_packets_seen;
+@@ -242,11 +263,8 @@
+ static int udp_packets_length_overflow;
+ unsigned len;
+
+- /* Designate the end of the input buffer for bounds checks. */
+- endbuf = buf + bufix + buflen;
+-
+ /* Assure there is at least an IP header there. */
+- if ((buf + bufix + sizeof(ip)) > endbuf)
++ if (sizeof(ip) > buflen)
+ return -1;
+
+ /* Copy the IP header into a stack aligned structure for inspection.
+@@ -258,13 +276,17 @@
+ ip_len = (*upp & 0x0f) << 2;
+ upp += ip_len;
+
+- /* Check the IP packet length. */
++ /* Check packet lengths are within the buffer:
++ * first the ip header (ip_len)
++ * then the packet length from the ip header (pkt_len)
++ * then the udp header (ip_len + sizeof(udp)
++ * We are liberal in what we accept, the udp payload should fit within
++ * pkt_len, but we only check against the full buffer size.
++ */
+ pkt_len = ntohs(ip.ip_len);
+- if (pkt_len > buflen)
+- return -1;
+-
+- /* Assure after ip_len bytes that there is enough room for a UDP header. */
+- if ((upp + sizeof(udp)) > endbuf)
++ if ((ip_len > buflen) ||
++ (pkt_len > buflen) ||
++ ((ip_len + sizeof(udp)) > buflen))
+ return -1;
+
+ /* Copy the UDP header into a stack aligned structure for inspection. */
+@@ -285,7 +307,8 @@
+ return -1;
+
+ udp_packets_length_checked++;
+- if ((upp + ulen) > endbuf) {
++ /* verify that the payload length from the udp packet fits in the buffer */
++ if ((ip_len + ulen) > buflen) {
+ udp_packets_length_overflow++;
+ if ((udp_packets_length_checked > 4) &&
+ ((udp_packets_length_checked /
+--- old/./configure Thu Jan 7 21:28:37 2016
++++ new/./configure Thu Jan 7 21:28:37 2016
+@@ -574,8 +574,8 @@
+ # Identity of this package.
+ PACKAGE_NAME='DHCP'
+ PACKAGE_TARNAME='dhcp'
+-PACKAGE_VERSION='4.1-ESV-R7'
+-PACKAGE_STRING='DHCP 4.1-ESV-R7'
++PACKAGE_VERSION='4.1-ESV-R7-P1'
++PACKAGE_STRING='DHCP 4.1-ESV-R7-P1'
+ PACKAGE_BUGREPORT='[email protected]'
+
+ # Factoring default headers for most tests.
+@@ -2125,7 +2125,7 @@
+
+ # Define the identity of the package.
+ PACKAGE='dhcp'
+- VERSION='4.1-ESV-R7'
++ VERSION='4.1-ESV-R7-P1'
+
+
+ cat >>confdefs.h <<_ACEOF
+--- old/./configure.ac Thu Jan 7 21:28:37 2016
++++ new/./configure.ac Thu Jan 7 21:28:37 2016
+@@ -1,4 +1,4 @@
+-AC_INIT([DHCP], [4.1-ESV-R7], [[email protected]])
++AC_INIT([DHCP], [4.1-ESV-R7-P1], [[email protected]])
+
+ # we specify "foreign" to avoid having to have the GNU mandated files,
+ # like AUTHORS, COPYING, and such
--- a/components/isc-dhcp/patches/dhcp-dynamiclibraries.patch Tue Jan 12 14:17:49 2016 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,154 +0,0 @@
-# HG changeset patch
-# User Praveen Kumar Muthuswamy <[email protected]>
-# Date 1428520414 25200
-# Wed Apr 08 12:13:34 2015 -0700
-# Node ID 045f212982ea4578a9dafb925ad62cf366802dc6
-# Parent 6470d3cc3ce1677a8283cdf15257c2b8c0ab43c9
-/*
- * This patch file (dhcp-dynamiclibraries.patch) was developed in-house to
- * allow isc-dhcp to build and package shared objects for libomapi, libdhcpctl,
- * and libdst. Upstream (ISC) has been made aware of this requirement and the
- * the patch through a service ticket and they are actively working on
- * developing the patch.
- */
-
-diff --git a/client/Makefile.am b/client/Makefile.am
---- a/client/Makefile.am
-+++ b/client/Makefile.am
-@@ -5,7 +5,7 @@
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
- dhclient_LDADD = ../common/libdhcp.a ../minires/libres.a \
-- ../omapip/libomapi.a ../dst/libdst.a
-+ ../omapip/libomapi.la ../dst/libdst.la
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-
-diff --git a/common/tests/Makefile.am b/common/tests/Makefile.am
---- a/common/tests/Makefile.am
-+++ b/common/tests/Makefile.am
-@@ -13,7 +13,7 @@
- alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
- alloc_unittest_LDADD = $(ATF_LDFLAGS)
- alloc_unittest_LDADD += ../libdhcp.a \
-- ../../omapip/libomapi.a ../../dst/libdst.a ../../minires/libres.a
-+ ../../omapip/libomapi.la ../../dst/libdst.la ../../minires/libres.a
-
- check: $(ATF_TESTS)
- atf-run | atf-report
-diff --git a/configure.ac b/configure.ac
---- a/configure.ac
-+++ b/configure.ac
-@@ -37,7 +37,7 @@
- # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
- AC_USE_SYSTEM_EXTENSIONS
-
--AC_PROG_RANLIB
-+AC_PROG_LIBTOOL
- AC_CONFIG_HEADERS([includes/config.h])
-
- # we sometimes need to know byte order for building packets
-diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am
---- a/dhcpctl/Makefile.am
-+++ b/dhcpctl/Makefile.am
-@@ -1,15 +1,16 @@
- bin_PROGRAMS = omshell
--lib_LIBRARIES = libdhcpctl.a
-+lib_LTLIBRARIES = libdhcpctl.la
-+libdhcpctl_la_LDFLAGS = -version-info 1
- noinst_PROGRAMS = cltest
- man_MANS = omshell.1 dhcpctl.3
- EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
--omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../minires/libres.a \
-- ../omapip/libomapi.a ../dst/libdst.a
-+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../minires/libres.a \
-+ ../omapip/libomapi.la ../dst/libdst.la
-
--libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
--cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../minires/libres.a \
-- ../omapip/libomapi.a ../dst/libdst.a
-+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../minires/libres.a \
-+ ../omapip/libomapi.la ../dst/libdst.la
-diff --git a/dst/Makefile.am b/dst/Makefile.am
---- a/dst/Makefile.am
-+++ b/dst/Makefile.am
-@@ -1,8 +1,9 @@
- AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
-
--lib_LIBRARIES = libdst.a
-+lib_LTLIBRARIES = libdst.la
-+libdst_la_LDFLAGS = -version-info 1
-
--libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
-+libdst_la_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
- base64.c prandom.c
-
- EXTRA_DIST = dst_internal.h md5.h md5_locl.h
-diff --git a/omapip/Makefile.am b/omapip/Makefile.am
---- a/omapip/Makefile.am
-+++ b/omapip/Makefile.am
-@@ -1,7 +1,8 @@
--lib_LIBRARIES = libomapi.a
-+lib_LTLIBRARIES = libomapi.la
-+libomapi_la_LDFLAGS = -version-info 1
- noinst_PROGRAMS = svtest
-
--libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
-+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
- errwarn.c listener.c dispatch.c generic.c support.c \
- handle.c message.c convert.c hash.c auth.c inet_addr.c \
- array.c trace.c mrtrace.c toisc.c iscprint.c
-@@ -9,5 +10,5 @@
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a ../dst/libdst.a
-+svtest_LDADD = libomapi.la ../dst/libdst.la
-
-diff --git a/relay/Makefile.am b/relay/Makefile.am
---- a/relay/Makefile.am
-+++ b/relay/Makefile.am
-@@ -2,7 +2,7 @@
-
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
--dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst.a ../minires/libres.a
-+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dst/libdst.la ../minires/libres.a
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-
-diff --git a/server/Makefile.am b/server/Makefile.am
---- a/server/Makefile.am
-+++ b/server/Makefile.am
-@@ -13,9 +13,9 @@
- dhcpv6.c mdb6.c
-
- # libomapi.a this is here twice to handle circular library dependencies :(
--dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst.a \
-- ../dhcpctl/libdhcpctl.a ../minires/libres.a \
-- ../omapip/libomapi.a
-+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la ../dst/libdst.la \
-+ ../dhcpctl/libdhcpctl.la ../minires/libres.a \
-+ ../omapip/libomapi.la
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
-diff --git a/server/tests/Makefile.am b/server/tests/Makefile.am
---- a/server/tests/Makefile.am
-+++ b/server/tests/Makefile.am
-@@ -17,8 +17,8 @@
- ../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
- ../dhcpd.c
-
--DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
-- $(top_builddir)/dhcpctl/libdhcpctl.a $(top_builddir)/dst/libdst.a \
-+DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
-+ $(top_builddir)/dhcpctl/libdhcpctl.la $(top_builddir)/dst/libdst.la \
- $(top_builddir)/minires/libres.a
-
- ATF_TESTS =
--- a/components/isc-dhcp/patches/ignore-client-uids.patch Tue Jan 12 14:17:49 2016 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,112 +0,0 @@
-The following patch is adopted from ISC DHCP version 4.3.0.
-http://ftp.isc.org/isc/dhcp/4.3.0/dhcp-4.3.0.tar.gz
-
---- dhcp-4.1-ESV-R7/server/stables.c.orig Thu Aug 23 19:23:54 2012
-+++ dhcp-4.1-ESV-R7/server/stables.c Mon Apr 28 16:37:14 2014
-@@ -244,6 +244,7 @@
- { "delayed-ack", "S", &server_universe, 58, 1 },
- { "max-ack-delay", "L", &server_universe, 59, 1 },
- #endif
-+ { "ignore-client-uids", "f", &server_universe, 60, 1 },
- { NULL, NULL, NULL, 0, 0 }
- };
-
---- dhcp-4.1-ESV-R7/server/dhcp.c.orig Thu Aug 23 19:23:54 2012
-+++ dhcp-4.1-ESV-R7/server/dhcp.c Mon Apr 28 16:36:18 2014
-@@ -2304,31 +2304,40 @@
- /* Update Client Last Transaction Time. */
- lt->cltt = cur_time;
-
-- /* Record the uid, if given... */
-- oc = lookup_option (&dhcp_universe, packet -> options,
-- DHO_DHCP_CLIENT_IDENTIFIER);
-- if (oc &&
-- evaluate_option_cache (&d1, packet, lease,
-- (struct client_state *)0,
-- packet -> options, state -> options,
-- &lease -> scope, oc, MDL)) {
-- if (d1.len <= sizeof lt -> uid_buf) {
-- memcpy (lt -> uid_buf, d1.data, d1.len);
-- lt -> uid = lt -> uid_buf;
-- lt -> uid_max = sizeof lt -> uid_buf;
-- lt -> uid_len = d1.len;
-- } else {
-- unsigned char *tuid;
-- lt -> uid_max = d1.len;
-- lt -> uid_len = d1.len;
-- tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
-- /* XXX inelegant */
-- if (!tuid)
-- log_fatal ("no memory for large uid.");
-- memcpy (tuid, d1.data, lt -> uid_len);
-- lt -> uid = tuid;
-+ /* See if we want to record the uid for this client */
-+ oc = lookup_option(&server_universe, state->options,
-+ SV_IGNORE_CLIENT_UIDS);
-+ if ((oc == NULL) ||
-+ !evaluate_boolean_option_cache(&ignorep, packet, lease, NULL,
-+ packet->options, state->options,
-+ &lease->scope, oc, MDL)) {
-+
-+ /* Record the uid, if given... */
-+ oc = lookup_option (&dhcp_universe, packet -> options,
-+ DHO_DHCP_CLIENT_IDENTIFIER);
-+ if (oc &&
-+ evaluate_option_cache (&d1, packet, lease,
-+ (struct client_state *)0,
-+ packet -> options, state -> options,
-+ &lease -> scope, oc, MDL)) {
-+ if (d1.len <= sizeof lt -> uid_buf) {
-+ memcpy (lt -> uid_buf, d1.data, d1.len);
-+ lt -> uid = lt -> uid_buf;
-+ lt -> uid_max = sizeof lt -> uid_buf;
-+ lt -> uid_len = d1.len;
-+ } else {
-+ unsigned char *tuid;
-+ lt -> uid_max = d1.len;
-+ lt -> uid_len = d1.len;
-+ tuid = (unsigned char *)dmalloc (lt -> uid_max, MDL);
-+ /* XXX inelegant */
-+ if (!tuid)
-+ log_fatal ("no memory for large uid.");
-+ memcpy (tuid, d1.data, lt -> uid_len);
-+ lt -> uid = tuid;
-+ }
-+ data_string_forget (&d1, MDL);
- }
-- data_string_forget (&d1, MDL);
- }
-
- if (host) {
---- dhcp-4.1-ESV-R7/server/dhcpd.conf.5.orig Wed May 7 18:37:36 2014
-+++ dhcp-4.1-ESV-R7/server/dhcpd.conf.5 Wed May 7 18:38:46 2014
-@@ -2302,6 +2302,19 @@
- must be a constant value.
- .RE
- .PP
-+The
-+.I ignore-client-uids
-+statement
-+.RS 0.25i
-+.PP
-+.B ignore-client-uids \fIflag\fB;\fR
-+.PP
-+If the \fIignore-client-uids\fR statement is present and has a value of
-+\fItrue\fR or \fIon\fR, the UID for clients will not be recorded.
-+If this statement is not present or has a value of \fIfalse\fR or
-+\fIoff\fR, then client UIDs will be recorded.
-+.RE
-+.PP
- The
- .I infinite-is-reserved
- statement
---- dhcp-4.1-ESV-R7/includes/dhcpd.h.orig Thu Aug 23 19:23:53 2012
-+++ dhcp-4.1-ESV-R7/includes/dhcpd.h Mon Apr 28 16:11:17 2014
-@@ -627,6 +627,7 @@
- #define SV_LIMIT_PREFS_PER_IA 57
- #define SV_DELAYED_ACK 58
- #define SV_MAX_ACK_DELAY 59
-+#define SV_IGNORE_CLIENT_UIDS 60
-
- #if !defined (DEFAULT_PING_TIMEOUT)
- # define DEFAULT_PING_TIMEOUT 1