diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-07-16 11:51:56 +0000 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-07-16 11:51:56 +0000 |
| commit | 65538a73855b48442bea7d82f614ede488caa308 (patch) | |
| tree | 7297f27d3189da974871273ccdb0a6f65782fe8f | |
| parent | 2cca8a19ca24b427ddf53010af84bb642ad1f48f (diff) | |
Since 4.2.8/4.3.2 isc-dhcp-server started to check if prefix6 range is
within declared subnet and if prefix6 network mask is bigger or equal
subnet mask. Remove these checks and make prefix delegation work as
expected.
For reference - https://redmine.pfsense.org/issues/4829
PR: 201601
Approved by: zi (maintainer)
Sponsored by: Netgate
Notes
Notes:
svn path=/head/; revision=392293
| -rw-r--r-- | net/isc-dhcp42-server/Makefile | 2 | ||||
| -rw-r--r-- | net/isc-dhcp42-server/files/patch-server_confpars.c | 43 | ||||
| -rw-r--r-- | net/isc-dhcp43-server/Makefile | 2 | ||||
| -rw-r--r-- | net/isc-dhcp43-server/files/patch-server_confpars.c | 43 |
4 files changed, 88 insertions, 2 deletions
diff --git a/net/isc-dhcp42-server/Makefile b/net/isc-dhcp42-server/Makefile index ccdf5556811f..0ca6d9c74d75 100644 --- a/net/isc-dhcp42-server/Makefile +++ b/net/isc-dhcp42-server/Makefile @@ -18,7 +18,7 @@ LICENSE= ISCL USES= gmake PATCHLEVEL= P1 -PORTREVISION_SERVER= 0 +PORTREVISION_SERVER= 1 PORTREVISION_CLIENT= 0 PORTREVISION_RELAY= 0 diff --git a/net/isc-dhcp42-server/files/patch-server_confpars.c b/net/isc-dhcp42-server/files/patch-server_confpars.c new file mode 100644 index 000000000000..a60f41c861a6 --- /dev/null +++ b/net/isc-dhcp42-server/files/patch-server_confpars.c @@ -0,0 +1,43 @@ +--- server/confpars.c.orig 2015-02-27 13:42:45 UTC ++++ server/confpars.c +@@ -3926,28 +3926,10 @@ parse_prefix6(struct parse *cfile, struc + return; + } + +- /* Make sure starting prefix is within the subnet */ +- if (!addr_eq(group->subnet->net, +- subnet_number(lo, group->subnet->netmask))) { +- parse_warn(cfile, "prefix6 start prefix" +- " is outside the subnet"); +- skip_to_semi(cfile); +- return; +- } +- + if (!parse_ip6_addr(cfile, &hi)) { + return; + } + +- /* Make sure ending prefix is within the subnet */ +- if (!addr_eq(group->subnet->net, +- subnet_number(hi, group->subnet->netmask))) { +- parse_warn(cfile, "prefix6 end prefix" +- " is outside the subnet"); +- skip_to_semi(cfile); +- return; +- } +- + /* + * Next is '/' number ';'. + */ +@@ -3970,11 +3952,6 @@ parse_prefix6(struct parse *cfile, struc + parse_warn(cfile, "networks have 0 to 128 bits (exclusive)"); + return; + } +- if (bits < group->subnet->prefix_len) { +- parse_warn(cfile, "network mask smaller than subnet mask"); +- skip_to_semi(cfile); +- return; +- } + if (!is_cidr_mask_valid(&lo, bits) || + !is_cidr_mask_valid(&hi, bits)) { + parse_warn(cfile, "network mask too short"); diff --git a/net/isc-dhcp43-server/Makefile b/net/isc-dhcp43-server/Makefile index e2084cbe568a..0f6909c08798 100644 --- a/net/isc-dhcp43-server/Makefile +++ b/net/isc-dhcp43-server/Makefile @@ -18,7 +18,7 @@ LICENSE= ISCL USES= gmake #PATCHLEVEL= P1 -PORTREVISION_SERVER= 0 +PORTREVISION_SERVER= 1 PORTREVISION_CLIENT= 0 PORTREVISION_RELAY= 0 diff --git a/net/isc-dhcp43-server/files/patch-server_confpars.c b/net/isc-dhcp43-server/files/patch-server_confpars.c new file mode 100644 index 000000000000..c31526098ebc --- /dev/null +++ b/net/isc-dhcp43-server/files/patch-server_confpars.c @@ -0,0 +1,43 @@ +--- server/confpars.c.orig 2015-02-26 19:35:43 UTC ++++ server/confpars.c +@@ -4161,28 +4161,10 @@ parse_prefix6(struct parse *cfile, + return; + } + +- /* Make sure starting prefix is within the subnet */ +- if (!addr_eq(group->subnet->net, +- subnet_number(lo, group->subnet->netmask))) { +- parse_warn(cfile, "prefix6 start prefix" +- " is outside the subnet"); +- skip_to_semi(cfile); +- return; +- } +- + if (!parse_ip6_addr(cfile, &hi)) { + return; + } + +- /* Make sure ending prefix is within the subnet */ +- if (!addr_eq(group->subnet->net, +- subnet_number(hi, group->subnet->netmask))) { +- parse_warn(cfile, "prefix6 end prefix" +- " is outside the subnet"); +- skip_to_semi(cfile); +- return; +- } +- + /* + * Next is '/' number ';'. + */ +@@ -4205,11 +4187,6 @@ parse_prefix6(struct parse *cfile, + parse_warn(cfile, "networks have 0 to 128 bits (exclusive)"); + return; + } +- if (bits < group->subnet->prefix_len) { +- parse_warn(cfile, "network mask smaller than subnet mask"); +- skip_to_semi(cfile); +- return; +- } + if (!is_cidr_mask_valid(&lo, bits) || + !is_cidr_mask_valid(&hi, bits)) { + parse_warn(cfile, "network mask too short"); |