On Thu, Feb 23, 2012 at 12:40:23PM +0100, Jiri Popelka wrote:

> On 02/22/2012 08:32 PM, Shawn Routhier wrote:
> >Thank you for your report. We've looked it over and there does
> >seem to be a problem in the timer code. We're trying to figure
> >out how it got triggered and how serious it is. Currently we think
> >it is most likely a configuration issue and so wouldn't be a good
> >DOS vector.
> >
> Yes, nor I've thought it's a security problem since I managed to
> reproduce it.

What kind of configuration issue? Is there something "wrong" in my
dhcpd.conf?

> >While we look into this we were hoping you might be able to
> >do some tests and gather some information as well.
> >
> >Do you know if John tried this with other versions of the code?
> >Specifically any of the 4.1x versions?
> >
> I'll ask but I don't think so as we haven't 4.1 in any supported Fedora
> version and
> he wrote that ha was using dnsmasq as a workaround.
> But I tried to reproduce it with dhcp-4.1.1-P1 and it seems OK
> (well, it should be as the problematic code was added in 4.2.0).

No, the last working version I tried was whatever was in Fedora 15.

> >In the pcap you sent us the client is receiving a lease time value of
> >80000, but I don't see anything in the configuration file that would
> >lead to that value. Does that value ring any bells for you or John
> >(perhaps an older config file? or something leftover from the client?)
> >
> Yes, I had noted that too but forgot to ask John. I'll do that.

I'd experimented with other lease times, so at the time I was using:

        default-lease-time 80000;
        max-lease-time 80000;

The bug was still present.

> >While I wouldn't expect it to show much it would be interesting to get
> >a copy of the lease file to see what the server was trying to record at
> >the time of failure.
> I'm attaching mine and will ask John for his.

I'll have to get back to you if you still need it.

regards
john