Report information
The Basics
Id:
45716
Status:
resolved
Priority:
Medium/Medium
Queue:
dhcp-public
People
BugTracker
Version Fixed:
4.3.3
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
(no value)
Severity:
(no value)
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
(no value)
Dates
Created:Tue, 08 Aug 2017 03:44:58 -0400
Updated:Tue, 08 Aug 2017 10:43:04 -0400
Closed:Tue, 08 Aug 2017 06:33:18 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Tue, 08 Aug 2017 03:44:58 -0400 Edward Heuveling [ReD Innovation] <ea.heuveling@red-innovation.nl> - Ticket created
To: dhcp-bugs@isc.org
Date: Tue, 8 Aug 2017 09:44:39 +0200
From: "Edward Heuveling [ReD Innovation]" <ea.heuveling@red-innovation.nl>
Subject: BUG DHCP (4.3.1-6 - debian Jessie) ldap dosn’t support subnet6, pool6, range6


Hello all,

I have found a bug in the DHCP server that the LDAP does’t support the tags “subnet6, pool6 and rang6”. This will result in a incorrect config file and DHCP server will not load.

Below you can see my patch that will help to make it this work.
The patch is based on the 4.3.1 version from Debian. 

Kind regards,

 

Edward A. Heuveling

ReD Innovation


E ea.heuveling@red-innovation.nl





--- ldap.c 2014-08-07 00:35:03.000000000 +0200

+++ server/ldap.c 2017-08-07 21:57:13.285063020 +0200

@@ -275,6 +275,52 @@

   item->close_brace = 1;

 }

 

+static void

+ldap_parse_subnet6 (struct ldap_config_stack *item, struct parse *cfile)

+{

+  struct berval **tempbv;

+  int i;

+

+  if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||

+      tempbv[0] == NULL)

+    {

+      if (tempbv != NULL)

+        ldap_value_free_len (tempbv);

+

+      return;

+    }

+

+  x_strncat (cfile->inbuf, "subnet6 ", LDAP_BUFFER_SIZE);

+  x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);

+

+  x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);

+

+  ldap_value_free_len (tempbv);

+

+  if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange6")) != NULL)

+    {

+      for (i=0; tempbv[i] != NULL; i++)

+        {

+          x_strncat (cfile->inbuf, "range6", LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);

+        }

+      ldap_value_free_len (tempbv);

+    }

+

+  if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpPermitList")) != NULL)

+    {

+      for (i=0; tempbv[i] != NULL; i++)

+        {

+          x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);

+        }

+      ldap_value_free_len (tempbv);

+    }

+

+  item->close_brace = 1;

+}

 

 static void

 ldap_parse_pool (struct ldap_config_stack *item, struct parse *cfile)

@@ -309,6 +355,38 @@

   item->close_brace = 1;

 }

 

+static void

+ldap_parse_pool6 (struct ldap_config_stack *item, struct parse *cfile)

+{

+  struct berval **tempbv;

+  int i;

+

+  x_strncat (cfile->inbuf, "pool6 {\n", LDAP_BUFFER_SIZE);

+

+  if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange6")) != NULL)

+    {

+      for (i=0; tempbv[i] != NULL; i++)

+        {

+          x_strncat (cfile->inbuf, "range6", LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);

+        }

+      ldap_value_free_len (tempbv);

+    }

+

+  if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpPermitList")) != NULL)

+    {

+      for (i=0; tempbv[i] != NULL; i++)

+        {

+          x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);

+          x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);

+        }

+      ldap_value_free_len (tempbv);

+    }

+

+  item->close_brace = 1;

+}

 

 static void

 ldap_parse_group (struct ldap_config_stack *item, struct parse *cfile)

@@ -892,7 +970,7 @@

 static void

 parse_external_dns (LDAPMessage * ent)

 {

-  char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",

+  char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN", 

                     "dhcpGroupDN", "dhcpHostDN", "dhcpClassesDN",

                     "dhcpPoolDN", NULL};

   LDAPMessage * newres, * newent;

@@ -1155,8 +1233,12 @@

         ldap_parse_class (entry, cfile);

       else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubnet") == 0)

         ldap_parse_subnet (entry, cfile);

+      else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubnet6") == 0)

+        ldap_parse_subnet6 (entry, cfile);

       else if (strcasecmp (objectClass[i]->bv_val, "dhcpPool") == 0)

         ldap_parse_pool (entry, cfile);

+      else if (strcasecmp (objectClass[i]->bv_val, "dhcpPool6") == 0)

+        ldap_parse_pool6 (entry, cfile);

       else if (strcasecmp (objectClass[i]->bv_val, "dhcpGroup") == 0)

         ldap_parse_group (entry, cfile);

       else if (strcasecmp (objectClass[i]->bv_val, "dhcpTSigKey") == 0)

Tue, 08 Aug 2017 06:20:08 -0400 Thomas Markwalder <tmark@isc.org> - Taken
  Tue, 08 Aug 2017 06:32:55 -0400 Thomas Markwalder <tmark@isc.org> - Correspondence added

Hello Edward: Thank you for taking the time to submit your patch, however LDAP support of DHCPv6 was added to ISC DHCP in release 4.3.3 via another contributed patch submission. The schema updates can be found in contrib/ldap/dhcp.schema. The attribute names are slightly different, dhcpSubnet6, dhcpPool6, and dhcpRange6. In addition to DHPCv6 support, 4.3.3 included quite a few other LDAP patch submissions that we had received from various users. Toward that end you should read this knowledge base article prior to upgrading: https://kb.isc.org/article/AA-01462 Our current maintenance release, 4.3.6, was released just last week on July 31. Again thank you for taking the time to develop and submit your patch. Our active user community is one of ISC's biggest assets. Sincerely, Thomas Markwalder ISC Software Engineering
Tue, 08 Aug 2017 06:32:55 -0400 The RT System itself - Status changed from 'new' to 'open'
Tue, 08 Aug 2017 06:33:18 -0400 Thomas Markwalder <tmark@isc.org> - Status changed from 'open' to 'resolved'
Tue, 08 Aug 2017 06:33:29 -0400 Thomas Markwalder <tmark@isc.org> - Version Fixed 4.3.3 added
Tue, 08 Aug 2017 10:43:04 -0400 Vicky Risk <vicky@isc.org> - Subject changed from 'BUG DHCP (4.3.1-6 - debian Jessie) ldap dosn’t support subnet6, pool6, range6' to '[PATCH] BUG DHCP (4.3.1-6 - debian Jessie) ldap dosn’t support subnet6, pool6, range6'
Tue, 08 Aug 2017 10:43:04 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #8 to dhcp-public