[pkg-dhcp-commits] [SCM] ISC DHCP packaging for Debian branch, master, updated. d96b0e6e3157f49d67966405b1ce0f329c70bca1
root (none)
root at aula1-pro.
Sat Jan 9 16:33:59 UTC 2010
The following commit has been merged in the master branch:
commit d96b0e6e3157f49d67966405b1ce0f329c70bca1
Author: root <root at aula1-pro.(none)>
Date: Sat Jan 9 17:30:07 2010 +0100
Added ldap patch for dhcp 4.1
diff --git a/debian/changelog b/debian/changelog
index be39442..510e324 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ isc-dhcp (4.1.0-2) UNRELEASED; urgency=low
* Fix dhclient-script so that changes in the DHCP-provided hostname
cause a hostname change to occur on the client
* Remove unnecessary sleep from dhclient-script
+ * Updated ldap patch
-- Andrew Pollock <apollock at debian.org> Sun, 01 Nov 2009 15:02:10 -0800
diff --git a/debian/control b/debian/control
index c94e788..4039226 100644
--- a/debian/control
+++ b/debian/control
@@ -45,21 +45,24 @@ Description: ISC DHCP server for automatic IP address assignment (debug)
.
This server can handle multiple ethernet interfaces.
-#Package: isc-dhcp-server-ldap
-#Priority: optional
-#Architecture: any
-#Depends: debianutils (>= 2.8.2), isc-dhcp-common (= ${binary:Version}), isc-dhcp-server (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
-#Enhances: isc-dhcp-server
-#Description: DHCP server able to use LDAP as backend
-# This is the server from the Internet Software Consortium's implementation of
-# DHCP. For more information, visit http://www.isc.org.
-# .
-# Dynamic Host Configuration Protocol (DHCP) is a protocol like BOOTP
-# (actually dhcpd includes much of the functionality of bootpd). It
-# gives client machines "leases" for IP addresses and can
-# automatically set their network configuration.
-# .
-# This is the DHCP server with LDAP patches applied to it.
+Package: isc-dhcp-server-ldap
+Priority: optional
+Architecture: any
+Depends: debianutils (>= 2.8.2), isc-dhcp-common (= ${binary:Version}), isc-dhcp-server (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends}
+Provides: dhcp3-server-ldap
+Conflicts: dhcp, dhcp3-server, dhcp3-server-ldap
+Replaces: dhcp3-server-ldap
+Enhances: isc-dhcp-server
+Description: DHCP server able to use LDAP as backend
+ This is the server from the Internet Software Consortium's implementation of
+ DHCP. For more information, visit http://www.isc.org.
+ .
+ Dynamic Host Configuration Protocol (DHCP) is a protocol like BOOTP
+ (actually dhcpd includes much of the functionality of bootpd). It
+ gives client machines "leases" for IP addresses and can
+ automatically set their network configuration.
+ .
+ This is the DHCP server with LDAP patches applied to it.
Package: isc-dhcp-common
Architecture: any
diff --git a/debian/isc-dhcp-server-ldap.dirs b/debian/isc-dhcp-server-ldap.dirs
index 0091546..236670a 100644
--- a/debian/isc-dhcp-server-ldap.dirs
+++ b/debian/isc-dhcp-server-ldap.dirs
@@ -1,2 +1 @@
usr/sbin
-usr/share/lintian/overrides
diff --git a/debian/isc-dhcp-server-ldap.install b/debian/isc-dhcp-server-ldap.install
index ff00caf..ecde2fe 100644
--- a/debian/isc-dhcp-server-ldap.install
+++ b/debian/isc-dhcp-server-ldap.install
@@ -1 +1 @@
-patched-ldap/server/dhcpd3 usr/sbin
+patched-ldap/dhcpd usr/sbin
diff --git a/debian/isc-dhcp-server-ldap.postinst b/debian/isc-dhcp-server-ldap.postinst
index c25423b..651ba17 100644
--- a/debian/isc-dhcp-server-ldap.postinst
+++ b/debian/isc-dhcp-server-ldap.postinst
@@ -6,9 +6,9 @@ set -e
if [ "$1" = remove -o "$1" = upgrade ]; then
for v in `list_versions`; do
- dpkg-divert --package dhcp3-server-ldap --remove \
- --rename --divert /usr/sbin/dhcpd3-noldap \
- /usr/sbin/dhcpd3
+ dpkg-divert --package isc-dhcp-server-ldap --remove \
+ --rename --divert /usr/sbin/dhcpd-noldap \
+ /usr/sbin/dhcpd
done
fi
diff --git a/debian/isc-dhcp-server-ldap.postrm b/debian/isc-dhcp-server-ldap.postrm
index 157c2bb..3d6213e 100644
--- a/debian/isc-dhcp-server-ldap.postrm
+++ b/debian/isc-dhcp-server-ldap.postrm
@@ -3,8 +3,8 @@
set -e
if [ "$1" = remove ]; then
- dpkg-divert --package dhcp3-server-ldap --remove --rename \
- --divert /usr/sbin/dhcpd3-noldap /usr/sbin/dhcpd3
+ dpkg-divert --package isc-dhcp-server-ldap --remove --rename \
+ --divert /usr/sbin/dhcpd-noldap /usr/sbin/dhcpd
fi
#DEBHELPER#
diff --git a/debian/isc-dhcp-server-ldap.preinst b/debian/isc-dhcp-server-ldap.preinst
index 75cc07b..70484fe 100644
--- a/debian/isc-dhcp-server-ldap.preinst
+++ b/debian/isc-dhcp-server-ldap.preinst
@@ -3,14 +3,14 @@
set -e
if [ "$1" = install -o "$1" = upgrade ]; then
- if dpkg-divert --list /usr/sbin/dhcpd3 \
- | grep -q "by dhcp3-server-ldap";
+ if dpkg-divert --list /usr/sbin/dhcpd \
+ | grep -q "by isc-dhcp-server-ldap";
then
exit 0
fi
- dpkg-divert --package dhcp3-server-ldap --add --rename \
- --divert /usr/sbin/dhcpd3-noldap /usr/sbin/dhcpd3
+ dpkg-divert --package isc-dhcp-server-ldap --add --rename \
+ --divert /usr/sbin/dhcpd-noldap /usr/sbin/dhcpd
fi
#DEBHELPER#
diff --git a/debian/patches/00list b/debian/patches/00list
index 614be38..1c26643 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -4,6 +4,6 @@ dhclient-script-exit-status
fix_groff_warnings
# I think this has been independently emailed upstream
no_loopback_checksum
-#ldap backend for dhcp3 server (docs and code)
-#dhcp-3.1.0-ldap-docs
-#dhcp-3.1.0-ldap-code
+#ldap backend for dhcp server (docs and code)
+dhcp-4.1.0-ldap-docs
+dhcp-4.1.0-ldap-code
diff --git a/debian/patches/dhcp-3.1.0-ldap-code.dpatch b/debian/patches/dhcp-4.1.0-ldap-code.dpatch
old mode 100644
new mode 100755
similarity index 64%
rename from debian/patches/dhcp-3.1.0-ldap-code.dpatch
rename to debian/patches/dhcp-4.1.0-ldap-code.dpatch
index 9329f19..d3993a5
--- a/debian/patches/dhcp-3.1.0-ldap-code.dpatch
+++ b/debian/patches/dhcp-4.1.0-ldap-code.dpatch
@@ -1,5 +1,5 @@
#! /bin/sh /usr/share/dpatch/dpatch-run
-## dhcp-3.1.0-ldap.dpatch by <jredrejo at edu.juntaextremadura.net>
+## dhcp-4.1.0-ldap-code.dpatch by <jredrejo at edu.juntaextremadura.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Patch to use ldap as a backend for dhcp3 server
@@ -7,84 +7,30 @@
## DP: This patch is deeply based on the Brian Masney <masneyb at ntelos.net> work
@DPATCH@
-
-diff -urNad dhcp3-3.1.0.orig/common/conflex.c dhcp3-3.1.0/common/conflex.c
---- dhcp3-3.1.0.orig/common/conflex.c 2007-05-29 19:49:44.000000000 +0200
-+++ dhcp3-3.1.0/common/conflex.c 2008-02-20 13:21:26.000000000 +0100
-@@ -47,6 +47,7 @@
- static enum dhcp_token read_number PROTO ((int, struct parse *));
- static enum dhcp_token read_num_or_name PROTO ((int, struct parse *));
- static enum dhcp_token intern PROTO ((unsigned char *, enum dhcp_token));
-+static int read_function PROTO ((struct parse *));
-
- isc_result_t new_parse (cfile, file, inbuf, buflen, name, eolp)
- struct parse **cfile;
-@@ -74,6 +75,10 @@
- tmp -> file = file;
- tmp -> eol_token = eolp;
-
-+ if (file != -1) {
-+ tmp -> read_function = read_function;;
-+ }
-+
- tmp -> bufix = 0;
- tmp -> buflen = buflen;
- if (inbuf) {
-@@ -113,22 +118,11 @@
+diff -urNad isc-dhcp.orig/common/conflex.c isc-dhcp/common/conflex.c
+--- isc-dhcp.orig/common/conflex.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/common/conflex.c 2009-12-30 12:34:08.000000000 +0100
+@@ -177,9 +177,13 @@
+ /* My kingdom for WITH... */
int c;
- if (cfile -> bufix == cfile -> buflen) {
-- if (cfile -> file != -1) {
-- cfile -> buflen =
-- read (cfile -> file,
-- cfile -> inbuf, cfile -> bufsiz);
-- if (cfile -> buflen == 0) {
-- c = EOF;
-- cfile -> bufix = 0;
-- } else if (cfile -> buflen < 0) {
-- c = EOF;
-- cfile -> bufix = cfile -> buflen = 0;
-- } else {
-- c = cfile -> inbuf [0];
-- cfile -> bufix = 1;
-- }
-- } else
+- if (cfile->bufix == cfile->buflen)
+- c = EOF;
+- else {
++ if (cfile->bufix == cfile->buflen) {
+ if (cfile -> read_function) {
-+ c = cfile -> read_function (cfile);
++ c = cfile->read_function (cfile);
+ } else {
- c = EOF;
++ c = EOF;
+ }
- } else {
- c = cfile -> inbuf [cfile -> bufix];
- cfile -> bufix++;
-@@ -1213,3 +1207,23 @@
- }
- return dfv;
- }
-+
-+static int
-+read_function (struct parse * cfile)
-+{
-+ int c;
-+
-+ cfile -> buflen = read (cfile -> file, cfile -> inbuf, cfile -> bufsiz);
-+ if (cfile -> buflen == 0) {
-+ c = EOF;
-+ cfile -> bufix = 0;
-+ } else if (cfile -> buflen < 0) {
-+ c = EOF;
-+ cfile -> bufix = cfile -> buflen = 0;
+ } else {
-+ c = cfile -> inbuf [0];
-+ cfile -> bufix = 1;
-+ }
-+
-+ return c;
-+}
-diff -urNad dhcp3-3.1.0.orig/common/print.c dhcp3-3.1.0/common/print.c
---- dhcp3-3.1.0.orig/common/print.c 2007-05-29 19:49:44.000000000 +0200
-+++ dhcp3-3.1.0/common/print.c 2008-02-20 13:21:26.000000000 +0100
-@@ -168,9 +168,9 @@
+ c = cfile->inbuf [cfile->bufix];
+ cfile->bufix++;
+ }
+diff -urNad isc-dhcp.orig/common/print.c isc-dhcp/common/print.c
+--- isc-dhcp.orig/common/print.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/common/print.c 2009-12-30 12:34:08.000000000 +0100
+@@ -163,9 +163,9 @@
}
char *print_hw_addr (htype, hlen, data)
@@ -97,74 +43,39 @@ diff -urNad dhcp3-3.1.0.orig/common/print.c dhcp3-3.1.0/common/print.c
{
static char habuf [49];
char *s;
-diff -urNad dhcp3-3.1.0.orig/dst/Makefile.dist dhcp3-3.1.0/dst/Makefile.dist
---- dhcp3-3.1.0.orig/dst/Makefile.dist 2005-03-17 21:15:06.000000000 +0100
-+++ dhcp3-3.1.0/dst/Makefile.dist 2008-02-20 13:21:26.000000000 +0100
-@@ -23,12 +23,13 @@
-
- SRC = dst_support.c dst_api.c hmac_link.c md5_dgst.c base64.c prandom.c
- OBJ = dst_support.o dst_api.o hmac_link.o md5_dgst.o base64.o prandom.o
-+OBJ_NM5= dst_support.o dst_api.o hmac_link.o base64.o prandom.o
- HDRS = dst_internal.h md5.h md5_locl.h
-
- INCLUDES = $(BINDINC) -I$(TOP)/includes
- CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) -DHMAC_MD5 -DMINIRES_LIB
-
--all: libdst.a
-+all: libdst.a libdst-nomd5.a
-
- install:
-
-@@ -37,11 +38,16 @@
- ar cruv libdst.a $(OBJ)
- $(RANLIB) libdst.a
-
-+libdst-nomd5.a: $(OBJ_NM5)
-+ rm -f libdst-nomd5.a
-+ ar cruv libdst-nomd5.a $(OBJ_NM5)
-+ $(RANLIB) libdst-nomd5.a
-+
- depend:
- $(MKDEP) $(INCLUDES) $(PREDEFINES) $(SRC)
-
- clean:
-- -rm -f $(OBJ) libdst.a
-+ -rm -f $(OBJ) libdst.a libdst-nomd5.a
-
- realclean: clean
- -rm -f *~ $(CATMANPAGES) $(SEDMANPAGES)
-diff -urNad dhcp3-3.1.0.orig/includes/dhcpd.h dhcp3-3.1.0/includes/dhcpd.h
---- dhcp3-3.1.0.orig/includes/dhcpd.h 2007-05-29 19:49:44.000000000 +0200
-+++ dhcp3-3.1.0/includes/dhcpd.h 2008-02-20 13:21:26.000000000 +0100
-@@ -81,6 +81,11 @@
+diff -urNad isc-dhcp.orig/includes/dhcpd.h isc-dhcp/includes/dhcpd.h
+--- isc-dhcp.orig/includes/dhcpd.h 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/includes/dhcpd.h 2009-12-30 12:34:28.000000000 +0100
+@@ -102,6 +102,12 @@
#include <isc-dhcp/result.h>
#include <omapip/omapip_p.h>
++ #include <site.h>
+#if defined(LDAP_CONFIGURATION)
+# include <ldap.h>
+# include <sys/utsname.h> /* for uname() */
+#endif
+
#if !defined (BYTE_NAME_HASH_SIZE)
- # define BYTE_NAME_HASH_SIZE 401 /* Default would be rediculous. */
+ # define BYTE_NAME_HASH_SIZE 401 /* Default would be ridiculous. */
#endif
-@@ -251,6 +256,8 @@
- char *inbuf;
- unsigned bufix, buflen;
- unsigned bufsiz;
-+
+@@ -290,6 +295,8 @@
+ size_t bufix, buflen;
+ size_t bufsiz;
+
+ int (*read_function) (struct parse *);
++
+ struct parse *saved_state;
};
- /* Variable-length array of data. */
-@@ -362,6 +369,32 @@
+@@ -422,6 +429,32 @@
u_int8_t hbuf [17];
};
+#if defined(LDAP_CONFIGURATION)
+# define LDAP_BUFFER_SIZE 8192
+# define LDAP_METHOD_STATIC 0
-+# define LDAP_METHOD_DYNAMIC 1
++# define LDAP_METHOD_DYNAMIC 1
+#if defined (USE_SSL)
+# define LDAP_SSL_OFF 0
+# define LDAP_SSL_ON 1
@@ -173,16 +84,16 @@ diff -urNad dhcp3-3.1.0.orig/includes/dhcpd.h dhcp3-3.1.0/includes/dhcpd.h
+#endif
+
+/* This is a tree of the current configuration we are building from LDAP */
++
+struct ldap_config_stack {
+ LDAPMessage * res; /* Pointer returned from ldap_search */
-+ LDAPMessage * ldent; /* Current item in LDAP that we're processing.
-+ in res */
++ LDAPMessage * ldent; /* Current item in LDAP that we're processing
++ in res */
+ int close_brace; /* Put a closing } after we're through with
-+ this item */
-+ int processed; /* We set this flag if this base item has been
-+ processed. After this base item is processed,
-+ we can start processing the children */
-+ struct ldap_config_stack *children;
++ this item */
++ int processed; /* We set this flag if this base item has been
++ processed. After this base item is processed,
++ we can start processing the children */
+ struct ldap_config_stack *next;
+};
+#endif
@@ -190,37 +101,37 @@ diff -urNad dhcp3-3.1.0.orig/includes/dhcpd.h dhcp3-3.1.0/includes/dhcpd.h
typedef enum {
server_startup = 0,
server_running = 1,
-@@ -558,6 +591,29 @@
- # define DEFAULT_PING_TIMEOUT 1
+@@ -642,6 +675,29 @@
+ # define DEFAULT_ACK_DELAY_USECS 250000 /* 1/4 of a second */
#endif
+#if defined(LDAP_CONFIGURATION)
-+# define SV_LDAP_SERVER 53
-+# define SV_LDAP_PORT 54
-+# define SV_LDAP_USERNAME 55
-+# define SV_LDAP_PASSWORD 56
-+# define SV_LDAP_BASE_DN 57
-+# define SV_LDAP_METHOD 58
-+# define SV_LDAP_DEBUG_FILE 59
-+# define SV_LDAP_DHCP_SERVER_CN 60
-+# define SV_LDAP_REFERRALS 61
++# define SV_LDAP_SERVER 60
++# define SV_LDAP_PORT 61
++# define SV_LDAP_USERNAME 62
++# define SV_LDAP_PASSWORD 63
++# define SV_LDAP_BASE_DN 64
++# define SV_LDAP_METHOD 65
++# define SV_LDAP_DEBUG_FILE 66
++# define SV_LDAP_DHCP_SERVER_CN 67
++# define SV_LDAP_REFERRALS 68
+#if defined (USE_SSL)
-+# define SV_LDAP_SSL 62
-+# define SV_LDAP_TLS_REQCERT 63
-+# define SV_LDAP_TLS_CA_FILE 64
-+# define SV_LDAP_TLS_CA_DIR 65
-+# define SV_LDAP_TLS_CERT 66
-+# define SV_LDAP_TLS_KEY 67
-+# define SV_LDAP_TLS_CRLCHECK 68
-+# define SV_LDAP_TLS_CIPHERS 69
-+# define SV_LDAP_TLS_RANDFILE 70
++# define SV_LDAP_SSL 69
++# define SV_LDAP_TLS_REQCERT 70
++# define SV_LDAP_TLS_CA_FILE 71
++# define SV_LDAP_TLS_CA_DIR 72
++# define SV_LDAP_TLS_CERT 73
++# define SV_LDAP_TLS_KEY 74
++# define SV_LDAP_TLS_CRLCHECK 75
++# define SV_LDAP_TLS_CIPHERS 76
++# define SV_LDAP_TLS_RANDFILE 77
+#endif
+#endif
+
#if !defined (DEFAULT_DEFAULT_LEASE_TIME)
# define DEFAULT_DEFAULT_LEASE_TIME 43200
#endif
-@@ -1702,7 +1758,7 @@
+@@ -2107,7 +2163,7 @@
char *quotify_string (const char *, const char *, int);
char *quotify_buf (const unsigned char *, unsigned, const char *, int);
char *print_base64 (const unsigned char *, unsigned, const char *, int);
@@ -229,11 +140,10 @@ diff -urNad dhcp3-3.1.0.orig/includes/dhcpd.h dhcp3-3.1.0/includes/dhcpd.h
void print_lease PROTO ((struct lease *));
void dump_raw PROTO ((const unsigned char *, unsigned));
void dump_packet_option (struct option_cache *, struct packet *,
-@@ -2812,3 +2868,18 @@
- #endif /* FAILOVER_PROTOCOL */
+@@ -3228,6 +3284,22 @@
const char *binding_state_print (enum failover_state);
-+
+
+/* ldap.c */
+#if defined(LDAP_CONFIGURATION)
+extern struct enumeration ldap_methods;
@@ -244,123 +154,19 @@ diff -urNad dhcp3-3.1.0.orig/includes/dhcpd.h dhcp3-3.1.0/includes/dhcpd.h
+#endif
+isc_result_t ldap_read_config (void);
+int find_haddr_in_ldap (struct host_decl **, int, unsigned,
-+ const unsigned char *, const char *, int);
-+int find_subclass_in_ldap (struct class *, struct class **,
-+ struct data_string *);
++ const unsigned char *, const char *, int);
++int find_subclass_in_ldap (struct class *, struct class **,
++ struct data_string *);
+#endif
-diff -urNad dhcp3-3.1.0.orig/includes/ldap_casa.h dhcp3-3.1.0/includes/ldap_casa.h
---- dhcp3-3.1.0.orig/includes/ldap_casa.h 1970-01-01 01:00:00.000000000 +0100
-+++ dhcp3-3.1.0/includes/ldap_casa.h 2008-02-20 13:21:26.000000000 +0100
-@@ -0,0 +1,83 @@
-+/* ldap_casa.h
-+
-+ Definition for CASA modules... */
-+
-+/* Copyright (c) 2004 Internet Systems Consorium, Inc. ("ISC")
-+ * Copyright (c) 1995-2003 Internet Software Consortium.
-+ * Copyright (c) 2006 Novell, Inc.
-+
-+ * All rights reserved.
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions are met:
-+ * 1.Redistributions of source code must retain the above copyright notice,
-+ * this list of conditions and the following disclaimer.
-+ * 2.Redistributions in binary form must reproduce the above copyright notice,
-+ * this list of conditions and the following disclaimer in the documentation
-+ * and/or other materials provided with the distribution.
-+ * 3.Neither the name of ISC, ISC DHCP, nor the names of its contributors
-+ * may be used to endorse or promote products derived from this software
-+ * without specific prior written permission.
-+
-+ * THIS SOFTWARE IS PROVIDED BY INTERNET SYSTEMS CONSORTIUM AND CONTRIBUTORS
-+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
-+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ISC OR CONTRIBUTORS BE LIABLE
-+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-+ * POSSIBILITY OF SUCH DAMAGE.
-+
-+ * This file was written by S Kalyanasundaram <skalyanasundaram at novell.com>
-+ */
-+
-+#if defined(LDAP_CASA_AUTH)
-+#ifndef __LDAP_CASA_H__
-+#define __LDAP_CASA_H__
-+
-+#include <micasa_mgmd.h>
-+#include <dlfcn.h>
-+#include <string.h>
-+
-+#define MICASA_LIB "libmicasa.so.1"
-+
-+SSCS_TYPEDEF_LIBCALL(int, CASA_GetCredential_T)
-+(
-+ uint32_t ssFlags,
-+ SSCS_SECRET_ID_T *appSecretID,
-+ SSCS_SECRET_ID_T *sharedSecretID,
-+ uint32_t *credentialType,
-+ void *credential,
-+ SSCS_EXT_T *ext
-+);
-+SSCS_TYPEDEF_LIBCALL(int, CASA_SetCredential_T)
-+(
-+ uint32_t ssFlags,
-+ SSCS_SECRET_ID_T *appSecretID,
-+ SSCS_SECRET_ID_T *sharedSecretID,
-+ uint32_t credentialType,
-+ void *credential,
-+ SSCS_EXT_T *ext
-+);
-+
-+SSCS_TYPEDEF_LIBCALL(int, CASA_RemoveCredential_T)
-+(
-+ uint32_t ssFlags,
-+ SSCS_SECRET_ID_T *appSecretID,
-+ SSCS_SECRET_ID_T *sharedSecretID,
-+ SSCS_EXT_T *ext
-+);
-+static CASA_GetCredential_T p_miCASAGetCredential = NULL;
-+static CASA_SetCredential_T p_miCASASetCredential = NULL;
-+static CASA_RemoveCredential_T p_miCASARemoveCredential = NULL;
-+static void *casaIDK = NULL;
+
-+int load_casa(void);
-+static void release_casa(void);
-+int load_uname_pwd_from_miCASA(char **, char **);
+
-+#endif /* __LDAP_CASA_H__ */
-+#endif /* LDAP_CASA_AUTH */
-+
-diff -urNad dhcp3-3.1.0.orig/includes/site.h dhcp3-3.1.0/includes/site.h
---- dhcp3-3.1.0.orig/includes/site.h 2006-08-01 00:19:51.000000000 +0200
-+++ dhcp3-3.1.0/includes/site.h 2008-02-20 13:21:26.000000000 +0100
-@@ -183,3 +183,18 @@
- traces. */
- #define TRACING
-+
-+/* Define this if you want to read your config from LDAP. Read README.ldap
-+ about how to set this up */
-+
-+#define LDAP_CONFIGURATION
-+
-+/* Define this if you want to enable LDAP over a SSL connection. You will need
-+ to add -lcrypto -lssl to the LIBS= line of server/Makefile */
-+
-+#define USE_SSL
-+
-+#define _PATH_DHCPD_DB "/var/lib/dhcp3/dhcpd.leases"
-+#define _PATH_DHCLIENT_DB "/var/lib/dhcp3/dhclient.leases"
-+#define _PATH_DHCPD_DB "/var/lib/dhcp3/dhcpd.leases"
-+#define _PATH_DHCLIENT_DB "/var/lib/dhcp3/dhclient.leases"
-diff -urNad dhcp3-3.1.0.orig/server/class.c dhcp3-3.1.0/server/class.c
---- dhcp3-3.1.0.orig/server/class.c 2006-06-01 22:23:17.000000000 +0200
-+++ dhcp3-3.1.0/server/class.c 2008-02-20 13:21:26.000000000 +0100
-@@ -90,6 +90,7 @@
+ /* mdb6.c */
+ HASH_FUNCTIONS_DECL(ia, unsigned char *, struct ia_xx, ia_hash_t);
+diff -urNad isc-dhcp.orig/server/class.c isc-dhcp/server/class.c
+--- isc-dhcp.orig/server/class.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/class.c 2009-12-30 12:34:28.000000000 +0100
+@@ -84,6 +84,7 @@
int matched = 0;
int status;
int ignorep;
@@ -368,18 +174,22 @@ diff -urNad dhcp3-3.1.0.orig/server/class.c dhcp3-3.1.0/server/class.c
for (class = collection -> classes; class; class = class -> nic) {
#if defined (DEBUG_CLASS_MATCHING)
-@@ -135,9 +136,15 @@
+@@ -129,9 +130,19 @@
class -> submatch, MDL));
if (status && data.len) {
nc = (struct class *)0;
- if (class_hash_lookup (&nc, class -> hash,
- (const char *)data.data,
- data.len, MDL)) {
-+ classfound = class_hash_lookup (&nc, class -> hash,
-+ (const char *)data.data, data.len, MDL);
++ classfound = class_hash_lookup (&nc,
++ class -> hash,
++ (const char *)data.data,
++ data.len, MDL);
+
+#ifdef LDAP_CONFIGURATION
-+ if (!classfound && find_subclass_in_ldap (class, &nc, &data))
++ if (local_family == AF_INET && !classfound &&
++ find_subclass_in_ldap (class,
++ &nc, &data))
+ classfound = 1;
+#endif
+
@@ -387,10 +197,10 @@ diff -urNad dhcp3-3.1.0.orig/server/class.c dhcp3-3.1.0/server/class.c
#if defined (DEBUG_CLASS_MATCHING)
log_info ("matches subclass %s.",
print_hex_1 (data.len,
-diff -urNad dhcp3-3.1.0.orig/server/confpars.c dhcp3-3.1.0/server/confpars.c
---- dhcp3-3.1.0.orig/server/confpars.c 2007-06-28 19:20:40.000000000 +0200
-+++ dhcp3-3.1.0/server/confpars.c 2008-02-20 13:21:26.000000000 +0100
-@@ -63,7 +63,17 @@
+diff -urNad isc-dhcp.orig/server/confpars.c isc-dhcp/server/confpars.c
+--- isc-dhcp.orig/server/confpars.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/confpars.c 2009-12-30 12:34:28.000000000 +0100
+@@ -61,7 +61,18 @@
isc_result_t readconf ()
{
@@ -406,13 +216,14 @@ diff -urNad dhcp3-3.1.0.orig/server/confpars.c dhcp3-3.1.0/server/confpars.c
+#else
+ return (res);
+#endif
++
}
isc_result_t read_conf_file (const char *filename, struct group *group,
-diff -urNad dhcp3-3.1.0.orig/server/dhcpd.c dhcp3-3.1.0/server/dhcpd.c
---- dhcp3-3.1.0.orig/server/dhcpd.c 2007-05-29 19:49:44.000000000 +0200
-+++ dhcp3-3.1.0/server/dhcpd.c 2008-02-20 13:21:26.000000000 +0100
-@@ -440,6 +440,14 @@
+diff -urNad isc-dhcp.orig/server/dhcpd.c isc-dhcp/server/dhcpd.c
+--- isc-dhcp.orig/server/dhcpd.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/dhcpd.c 2009-12-30 12:34:28.000000000 +0100
+@@ -598,6 +598,14 @@
/* Add the ddns update style enumeration prior to parsing. */
add_enumeration (&ddns_styles);
add_enumeration (&syslog_enum);
@@ -427,10 +238,10 @@ diff -urNad dhcp3-3.1.0.orig/server/dhcpd.c dhcp3-3.1.0/server/dhcpd.c
if (!group_allocate (&root_group, MDL))
log_fatal ("Can't allocate root group!");
-diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
---- dhcp3-3.1.0.orig/server/ldap.c 1970-01-01 01:00:00.000000000 +0100
-+++ dhcp3-3.1.0/server/ldap.c 2008-02-20 13:21:26.000000000 +0100
-@@ -0,0 +1,2003 @@
+diff -urNad isc-dhcp.orig/server/ldap.c isc-dhcp/server/ldap.c
+--- isc-dhcp.orig/server/ldap.c 1970-01-01 01:00:00.000000000 +0100
++++ isc-dhcp/server/ldap.c 2009-12-30 12:34:28.000000000 +0100
+@@ -0,0 +1,2358 @@
+/* ldap.c
+
+ Routines for reading the configuration from LDAP */
@@ -470,14 +281,15 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ * development was sponsored by Ntelos, Inc. (www.ntelos.com).
+ */
+
-+#include "dhcpd.h"
-+#include <signal.h>
++#if defined(HAVE_CONFIG_H)
++#include <config.h>
++#endif
+
+#if defined(LDAP_CONFIGURATION)
-+
-+#if defined(LDAP_CASA_AUTH)
-+#include "ldap_casa.h"
-+#endif
++#include "dhcpd.h"
++#include <signal.h>
++#include <errno.h>
++#include <ctype.h>
+
+static LDAP * ld = NULL;
+static char *ldap_server = NULL,
@@ -520,118 +332,237 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ return strncat(dst, src, dst_size > len ? dst_size - len - 1: 0);
+}
+
++static char *
++x_strxform(char *dst, const char *src, size_t dst_size,
++ int (*xform)(int))
++{
++ if(dst && src && dst_size)
++ {
++ size_t len, pos;
++
++ len = strlen(src);
++ for(pos=0; pos < len && pos + 1 < dst_size; pos++)
++ dst[pos] = xform((int)src[pos]);
++ dst[pos] = '\0';
++
++ return dst;
++ }
++ return NULL;
++}
++
++static int
++get_host_entry(char *fqdnname, size_t fqdnname_size,
++ char *hostaddr, size_t hostaddr_size)
++{
++#if defined(MAXHOSTNAMELEN)
++ char hname[MAXHOSTNAMELEN+1];
++#else
++ char hname[65];
++#endif
++ struct hostent *hp;
++
++ if (NULL == fqdnname || 1 >= fqdnname_size)
++ return -1;
++
++ memset(hname, 0, sizeof(hname));
++ if (gethostname(hname, sizeof(hname)-1))
++ return -1;
++
++ if (NULL == (hp = gethostbyname(hname)))
++ return -1;
++
++ strncpy(fqdnname, hp->h_name, fqdnname_size-1);
++ fqdnname[fqdnname_size-1] = '\0';
++
++ if (hostaddr != NULL)
++ {
++ if (hp->h_addr != NULL)
++ {
++ struct in_addr *aptr = (struct in_addr *)hp->h_addr;
++#if defined(HAVE_INET_NTOP)
++ if (hostaddr_size >= INET_ADDRSTRLEN &&
++ inet_ntop(AF_INET, aptr, hostaddr, hostaddr_size) != NULL)
++ {
++ return 0;
++ }
++#else
++ char *astr = inet_ntoa(*aptr);
++ size_t alen = strlen(astr);
++ if (astr && alen > 0 && hostaddr_size > alen)
++ {
++ strncpy(hostaddr, astr, hostaddr_size-1);
++ hostaddr[hostaddr_size-1] = '\0';
++ return 0;
++ }
++#endif
++ }
++ return -1;
++ }
++ return 0;
++}
++
++static int
++get_host_address(const char *hostname, char *hostaddr, size_t hostaddr_size)
++{
++ if (hostname && *hostname && hostaddr && hostaddr_size)
++ {
++ struct in_addr addr;
++
++#if defined(HAVE_INET_PTON)
++ if (inet_pton(AF_INET, hostname, &addr) == 1)
++#else
++ if (inet_aton(hostname, &addr) != 0)
++#endif
++ {
++ /* it is already IP address string */
++ if(strlen(hostname) < hostaddr_size)
++ {
++ strncpy(hostaddr, hostname, hostaddr_size-1);
++ hostaddr[hostaddr_size-1] = '\0';
++ return 0;
++ }
++ }
++ else
++ {
++ struct hostent *hp;
++ if ((hp = gethostbyname(hostname)) != NULL && hp->h_addr != NULL)
++ {
++ struct in_addr *aptr = (struct in_addr *)hp->h_addr;
++#if defined(HAVE_INET_NTOP)
++ if (hostaddr_size >= INET_ADDRSTRLEN &&
++ inet_ntop(AF_INET, aptr, hostaddr, hostaddr_size) != NULL)
++ {
++ return 0;
++ }
++#else
++ char *astr = inet_ntoa(*aptr);
++ size_t alen = strlen(astr);
++ if (astr && alen > 0 && alen < hostaddr_size)
++ {
++ strncpy(hostaddr, astr, hostaddr_size-1);
++ hostaddr[hostaddr_size-1] = '\0';
++ return 0;
++ }
++#endif
++ }
++ }
++ }
++ return -1;
++}
++
+static void
+ldap_parse_class (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv;
++ char **tempstr;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||
-+ tempbv[0] == NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
+ x_strncat (cfile->inbuf, "class \"", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE);
+
+ item->close_brace = 1;
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+}
+
+
+static void
+ldap_parse_subclass (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv, **classdata;
++ char **tempstr, **classdata;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||
-+ tempbv[0] == NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
-+ if ((classdata = ldap_get_values_len (ld, item->ldent,
++ if ((classdata = ldap_get_values (ld, item->ldent,
+ "dhcpClassData")) == NULL ||
+ classdata[0] == NULL)
+ {
+ if (classdata != NULL)
-+ ldap_value_free_len (classdata);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (classdata);
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
+ x_strncat (cfile->inbuf, "subclass ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, classdata[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, classdata[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);
+
+ item->close_brace = 1;
-+ ldap_value_free_len (tempbv);
-+ ldap_value_free_len (classdata);
++ ldap_value_free (tempstr);
++ ldap_value_free (classdata);
+}
+
+
+static void
+ldap_parse_host (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv, **hwaddr;
++ char **tempstr, **hwaddr;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||
-+ tempbv[0] == NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
-+ hwaddr = ldap_get_values_len (ld, item->ldent, "dhcpHWAddress");
++ hwaddr = ldap_get_values (ld, item->ldent, "dhcpHWAddress");
+
+ x_strncat (cfile->inbuf, "host ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);
+
+ if (hwaddr != NULL && hwaddr[0] != NULL)
+ {
-+ x_strncat (cfile->inbuf, " {\nhardware ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, hwaddr[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, "hardware ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, hwaddr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (hwaddr);
++ ldap_value_free (hwaddr);
+ }
+
+ item->close_brace = 1;
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+}
+
+
+static void
+ldap_parse_shared_network (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv;
++ char **tempstr;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||
-+ tempbv[0] == NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
+ x_strncat (cfile->inbuf, "shared-network \"", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE);
+
+ item->close_brace = 1;
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+}
+
+
@@ -657,51 +588,51 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+static void
+ldap_parse_subnet (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv, **netmaskstr;
-+ char netmaskbuf[16];
++ char **tempstr, **netmaskstr, netmaskbuf[16];
+ int i;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) == NULL ||
-+ tempbv[0] == NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
-+ if ((netmaskstr = ldap_get_values_len (ld, item->ldent,
++ if ((netmaskstr = ldap_get_values (ld, item->ldent,
+ "dhcpNetmask")) == NULL ||
+ netmaskstr[0] == NULL)
+ {
+ if (netmaskstr != NULL)
-+ ldap_value_free_len (netmaskstr);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (netmaskstr);
++ ldap_value_free (tempstr);
+
+ return;
+ }
+
+ x_strncat (cfile->inbuf, "subnet ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+
+ x_strncat (cfile->inbuf, " netmask ", LDAP_BUFFER_SIZE);
-+ parse_netmask (strtol (netmaskstr[0]->bv_val, NULL, 10), netmaskbuf);
++ parse_netmask (strtol (netmaskstr[0], NULL, 10), netmaskbuf);
+ x_strncat (cfile->inbuf, netmaskbuf, LDAP_BUFFER_SIZE);
+
+ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);
+
-+ ldap_value_free_len (tempbv);
-+ ldap_value_free_len (netmaskstr);
++ ldap_value_free (tempstr);
++ ldap_value_free (netmaskstr);
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpRange")) != NULL)
+ {
-+ for (i=0; tempbv[i] != NULL; i++)
++ for (i=0; tempstr[i] != NULL; i++)
+ {
+ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
+ }
++ ldap_value_free (tempstr);
+ }
+
+ item->close_brace = 1;
@@ -711,31 +642,31 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+static void
+ldap_parse_pool (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv;
++ char **tempstr;
+ int i;
+
+ x_strncat (cfile->inbuf, "pool {\n", LDAP_BUFFER_SIZE);
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpRange")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpRange")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE);
-+ for (i=0; tempbv[i] != NULL; i++)
++ for (i=0; tempstr[i] != NULL; i++)
+ {
+ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE);
+ }
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpPermitList")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpPermitList")) != NULL)
+ {
-+ for (i=0; tempbv[i] != NULL; i++)
++ for (i=0; tempstr[i] != NULL; i++)
+ {
-+ x_strncat (cfile->inbuf, tempbv[i]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
+ }
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
+ item->close_brace = 1;
@@ -753,30 +684,30 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+static void
+ldap_parse_key (struct ldap_config_stack *item, struct parse *cfile)
+{
-+ struct berval **tempbv;
++ char **tempstr;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "key ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeyAlgorithm")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpKeyAlgorithm")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "algorithm ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeySecret")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpKeySecret")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "secret ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
+ item->close_brace = 1;
@@ -787,30 +718,30 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ldap_parse_zone (struct ldap_config_stack *item, struct parse *cfile)
+{
+ char *cnFindStart, *cnFindEnd;
-+ struct berval **tempbv;
++ char **tempstr;
+ char *keyCn;
+ size_t len;
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "cn")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "zone ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpDnsZoneServer")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpDnsZoneServer")) != NULL)
+ {
+ x_strncat (cfile->inbuf, "primary ", LDAP_BUFFER_SIZE);
-+ x_strncat (cfile->inbuf, tempbv[0]->bv_val, LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
+
+ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, item->ldent, "dhcpKeyDN")) != NULL)
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpKeyDN")) != NULL)
+ {
-+ cnFindStart = strchr(tempbv[0]->bv_val,'=');
++ cnFindStart = strchr(tempstr[0],'=');
+ if (cnFindStart != NULL)
+ cnFindEnd = strchr(++cnFindStart,',');
+ else
@@ -839,7 +770,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ dfree (keyCn, MDL);
+ }
+
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
+ item->close_brace = 1;
@@ -860,30 +791,231 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ ldap_stack = ns;
+}
+
++static void
++ldap_parse_failover (struct ldap_config_stack *item, struct parse *cfile)
++{
++ char **tempstr;
++ char nodename[257]="\0", fqdnname[257]="\0", fqdnaddr[64]="\0";
++ char srvaddr[2][64] = {"\0", "\0"};
++ int primary, split = 0;
++ struct utsname unme;
++
++ if(uname(&unme) == 0)
++ {
++ snprintf(nodename, sizeof(nodename), "%s", unme.nodename);
++ }
++ if (get_host_entry (fqdnname, sizeof(fqdnname), fqdnaddr, sizeof(fqdnaddr)))
++ {
++ log_info("Could not get fqdn and the IP address of the host");
++ return;
++ }
++
++ /*
++ ** when dhcpFailOverPrimaryServer or dhcpFailOverSecondaryServer
++ ** matches our IP address, the following valiables are set:
++ ** - primary is 1 when we are primary or 0 when we are secondary
++ ** - srvaddr[0] contains ip address of the primary
++ ** - srvaddr[1] contains ip address of the secondary
++ */
++ primary = -1;
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverPrimaryServer")) != NULL)
++ {
++ if (strcasecmp (tempstr[0], fqdnaddr) == 0 ||
++ strcasecmp (tempstr[0], fqdnname) == 0 ||
++ strcasecmp (tempstr[0], nodename) == 0)
++ {
++ /* we are the primary */
++ primary = 1;
++ /* write primary address */
++ strncpy(srvaddr[0], fqdnaddr, sizeof(srvaddr[0])-1);
++ srvaddr[0][sizeof(srvaddr[0])-1] = '\0';
++ }
++ else
++ {
++ /* no match => don't set primary flag */
++ /* write primary address */
++ if (get_host_address (tempstr[0], srvaddr[0], sizeof(srvaddr[0])) != 0)
++ {
++ log_info("Can't resolve address of the primary failover server %s",
++ tempstr[0]);
++ ldap_value_free (tempstr);
++ return;
++ }
++ }
++ ldap_value_free (tempstr);
++ }
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverSecondaryServer")) != NULL)
++ {
++ if (strcasecmp (tempstr[0], fqdnaddr) == 0 ||
++ strcasecmp (tempstr[0], fqdnname) == 0 ||
++ strcasecmp (tempstr[0], nodename) == 0)
++ {
++ if (primary == 1)
++ {
++ log_info("Both, primary and secondary failover server"
++ " attribute matches our hostname/address");
++ ldap_value_free (tempstr);
++ return;
++ }
++ /* we are the secondary */
++ primary = 0;
++ /* write secondary address */
++ strncpy(srvaddr[1], fqdnaddr, sizeof(srvaddr[1])-1);
++ srvaddr[1][sizeof(srvaddr[1])-1] = '\0';
++ }
++ else
++ {
++ /* no match => don't set primary flag */
++ /* write secondary address */
++ if (get_host_address (tempstr[0], srvaddr[1], sizeof(srvaddr[1])) != 0)
++ {
++ log_info("Can't resolve address of the secondary failover server %s",
++ tempstr[0]);
++ ldap_value_free (tempstr);
++ return;
++ }
++ }
++ ldap_value_free (tempstr);
++ }
++
++ if (primary == -1 || srvaddr[0] == '\0' || srvaddr[1] == '\0')
++ {
++ log_error("Could not decide if the server type is primary"
++ " or secondary for failover peering.");
++ return;
++ }
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "cn")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "failover peer \"", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++ else
++ {
++ // ldap with disabled schema checks? fail to avoid syntax error.
++ log_error("Unable to find mandatory failover peering name attribute");
++ return;
++ }
++
++ if (primary)
++ x_strncat (cfile->inbuf, "primary;\n", LDAP_BUFFER_SIZE);
++ else
++ x_strncat (cfile->inbuf, "secondary;\n", LDAP_BUFFER_SIZE);
++
++ x_strncat (cfile->inbuf, "address ", LDAP_BUFFER_SIZE);
++ if (primary)
++ x_strncat (cfile->inbuf, srvaddr[0], LDAP_BUFFER_SIZE);
++ else
++ x_strncat (cfile->inbuf, srvaddr[1], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++
++ x_strncat (cfile->inbuf, "peer address ", LDAP_BUFFER_SIZE);
++ if (primary)
++ x_strncat (cfile->inbuf, srvaddr[1], LDAP_BUFFER_SIZE);
++ else
++ x_strncat (cfile->inbuf, srvaddr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverPrimaryPort")) != NULL)
++ {
++ if (primary)
++ x_strncat (cfile->inbuf, "port ", LDAP_BUFFER_SIZE);
++ else
++ x_strncat (cfile->inbuf, "peer port ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverSecondaryPort")) != NULL)
++ {
++ if (primary)
++ x_strncat (cfile->inbuf, "peer port ", LDAP_BUFFER_SIZE);
++ else
++ x_strncat (cfile->inbuf, "port ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverResponseDelay")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "max-response-delay ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverUnackedUpdates")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "max-unacked-updates ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverLoadBalanceTime")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "load balance max seconds ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ if (primary &&
++ (tempstr = ldap_get_values (ld, item->ldent, "dhcpMaxClientLeadTime")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "mclt ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ if (primary &&
++ (tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverSplit")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "split ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ split = 1;
++ ldap_value_free (tempstr);
++ }
++
++ if (primary && !split &&
++ (tempstr = ldap_get_values (ld, item->ldent, "dhcpFailOverHashBucketAssignment")) != NULL)
++ {
++ x_strncat (cfile->inbuf, "hba ", LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE);
++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE);
++ ldap_value_free (tempstr);
++ }
++
++ /*
++ ** Are there any other options can come here? If yes then we need to enable
++ ** dhcpStatements in the schema and apply them here as well.
++ **
++ if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpStatements")) != NULL)
++ {
++ ...
++ ldap_value_free (tempstr);
++ }
++ */
++
++ item->close_brace = 1;
++}
+
+static void
+ldap_stop()
+{
-+ struct sigaction old, new;
+
+ if (ld == NULL)
+ return;
+
-+ /*
-+ ** ldap_unbind after a LDAP_SERVER_DOWN result
-+ ** causes a SIGPIPE and dhcpd gets terminated,
-+ ** since it doesn't handle it...
-+ */
-+
-+ new.sa_flags = 0;
-+ new.sa_handler = SIG_IGN;
-+ sigemptyset (&new.sa_mask);
-+ sigaction (SIGPIPE, &new, &old);
-+
-+ ldap_unbind_ext_s (ld, NULL, NULL);
++ ldap_unbind (ld);
+ ld = NULL;
+
-+ sigaction (SIGPIPE, &old, &new);
+}
+
+
@@ -892,7 +1024,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+{
+ struct option_cache *oc;
+ struct data_string db;
-+ char *ret;
++ char *ret = NULL;
+
+ memset (&db, 0, sizeof (db));
+ oc = lookup_option (&server_universe, options, option_name);
@@ -913,8 +1045,6 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ ret[db.len] = 0;
+ data_string_forget (&db, MDL);
+ }
-+ else
-+ ret = NULL;
+
+ return (ret);
+}
@@ -925,7 +1055,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+{
+ struct option_cache *oc;
+ struct data_string db;
-+ int ret;
++ int ret = 0;
+
+ memset (&db, 0, sizeof (db));
+ oc = lookup_option (&server_universe, options, option_name);
@@ -937,11 +1067,9 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ &global_scope, oc, MDL) &&
+ db.data != NULL && *db.data != '\0')
+ {
-+ ret = strtol ((const char *) db.data, NULL, 10);
++ ret = strtol ((const char *)db.data, NULL, 10);
+ data_string_forget (&db, MDL);
+ }
-+ else
-+ ret = 0;
+
+ return (ret);
+}
@@ -952,7 +1080,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+{
+ struct option_cache *oc;
+ struct data_string db;
-+ int ret = -1;
++ int ret = 0;
+
+ memset (&db, 0, sizeof (db));
+ oc = lookup_option (&server_universe, options, option_name);
@@ -971,19 +1099,16 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ data_string_forget (&db, MDL);
+ }
-+ else
-+ ret = 0;
+
+ return (ret);
+}
+
-+int
++static int
+ldap_rebind_cb (LDAP *ld, LDAP_CONST char *url, ber_tag_t request, ber_int_t msgid, void *parms)
+{
+ int ret;
+ LDAPURLDesc *ldapurl = NULL;
-+ char *who = NULL;
-+ struct berval creds;
++ char *who = NULL, *pwd = NULL;
+
+ log_info("LDAP rebind to '%s'", url);
+ if ((ret = ldap_url_parse(url, &ldapurl)) != LDAP_SUCCESS)
@@ -1002,6 +1127,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ {
+ log_error ("Error: Cannot init LDAPS session to %s:%d: %s",
+ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret));
++ ldap_free_urldesc(ldapurl);
+ return ret;
+ }
+ else
@@ -1017,6 +1143,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ {
+ log_error ("Error: Cannot start TLS session to %s:%d: %s",
+ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret));
++ ldap_free_urldesc(ldapurl);
+ return ret;
+ }
+ else
@@ -1031,16 +1158,15 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ if (ldap_username != NULL || *ldap_username != '\0')
+ {
+ who = ldap_username;
-+ creds.bv_val = strdup(ldap_password);
-+ creds.bv_len = strlen(ldap_password);
++ pwd = ldap_password;
+ }
+
-+ if ((ret = ldap_sasl_bind_s (ld, who, LDAP_SASL_SIMPLE, &creds,
-+ NULL, NULL, NULL)) != LDAP_SUCCESS)
++ if ((ret = ldap_simple_bind_s (ld, who, pwd)) != LDAP_SUCCESS)
+ {
+ log_error ("Error: Cannot login into ldap server %s:%d: %s",
+ ldapurl->lud_host, ldapurl->lud_port, ldap_err2string (ret));
+ }
++ ldap_free_urldesc(ldapurl);
+ return ret;
+}
+
@@ -1049,8 +1175,6 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+{
+ struct option_state *options;
+ int ret, version;
-+ char *uri = NULL;
-+ struct berval creds;
+
+ if (ld != NULL)
+ return;
@@ -1223,25 +1347,12 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ }
+#endif
+
-+ /* enough for 'ldap://+ + hostname + ':' + port number */
-+ uri = malloc(strlen(ldap_server) + 16);
-+ if (uri == NULL)
-+ {
-+ log_error ("Cannot build ldap init URI %s:%d", ldap_server, ldap_port);
-+ return;
-+ }
-+
-+ sprintf(uri,"ldap://%s:%d", ldap_server, ldap_port);
-+ ldap_initialize(&ld, uri);
-+
-+ if (ld == NULL)
++ if ((ld = ldap_init (ldap_server, ldap_port)) == NULL)
+ {
+ log_error ("Cannot init ldap session to %s:%d", ldap_server, ldap_port);
+ return;
+ }
+
-+ free(uri);
-+
+ version = LDAP_VERSION3;
+ if ((ret = ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version)) != LDAP_OPT_SUCCESS)
+ {
@@ -1303,11 +1414,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ if (ldap_username != NULL && *ldap_username != '\0')
+ {
-+ creds.bv_val = strdup(ldap_password);
-+ creds.bv_len = strlen(ldap_password);
-+
-+ if ((ret = ldap_sasl_bind_s (ld, ldap_username, LDAP_SASL_SIMPLE,
-+ &creds, NULL, NULL, NULL)) != LDAP_SUCCESS)
++ if ((ret = ldap_simple_bind_s (ld, ldap_username,
++ ldap_password)) != LDAP_SUCCESS)
+ {
+ log_error ("Error: Cannot login into ldap server %s:%d: %s",
+ ldap_server, ldap_port, ldap_err2string (ret));
@@ -1327,9 +1435,18 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+{
+ char *search[] = {"dhcpOptionsDN", "dhcpSharedNetworkDN", "dhcpSubnetDN",
+ "dhcpGroupDN", "dhcpHostDN", "dhcpClassesDN",
-+ "dhcpPoolDN", NULL};
++ "dhcpPoolDN", "dhcpZoneDN", "dhcpFailOverPeerDN", NULL};
++
++ /* FIXME: dhcpKeyDN can't be added. It is referenced in dhcpDnsZone to
++ retrive the key name (cn). Adding keyDN will reflect adding a key declaration
++ inside the zone configuration.
++
++ dhcpSubClassesDN cant be added. It is also similar to the above.
++ Needs schema change.
++ */
+ LDAPMessage * newres, * newent;
-+ struct berval **tempbv;
++ struct ldap_config_stack *ns;
++ char **tempstr;
+ int i, j, ret;
+#if defined (DEBUG_LDAP)
+ char *dn;
@@ -1349,25 +1466,25 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ for (i=0; search[i] != NULL; i++)
+ {
-+ if ((tempbv = ldap_get_values_len (ld, ent, search[i])) == NULL)
++ if ((tempstr = ldap_get_values (ld, ent, search[i])) == NULL)
+ continue;
+
-+ for (j=0; tempbv[j] != NULL; j++)
++ for (j=0; tempstr[j] != NULL; j++)
+ {
-+ if (*tempbv[j]->bv_val == '\0')
++ if (*tempstr[j] == '\0')
+ continue;
+
-+ if ((ret = ldap_search_ext_s(ld, tempbv[j]->bv_val, LDAP_SCOPE_BASE,
-+ "objectClass=*", NULL, 0, NULL,
-+ NULL, NULL, 0, &newres)) != LDAP_SUCCESS)
++ if ((ret = ldap_search_s (ld, tempstr[j], LDAP_SCOPE_BASE,
++ "objectClass=*", NULL, 0,
++ &newres)) != LDAP_SUCCESS)
+ {
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ ldap_stop();
+ return;
+ }
+
+#if defined (DEBUG_LDAP)
-+ log_info ("Adding contents of subtree '%s' to config stack from '%s' reference", tempbv[j], search[i]);
++ log_info ("Adding contents of subtree '%s' to config stack from '%s' reference", tempstr[j], search[i]);
+#endif
+ for (newent = ldap_first_entry (ld, newres);
+ newent != NULL;
@@ -1387,7 +1504,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ }
+ }
+
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+}
+
@@ -1427,8 +1544,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ }
+
+ while (ldap_stack != NULL &&
-+ (ldap_stack->ldent == NULL ||
-+ (ldap_stack->ldent = ldap_next_entry (ld, ldap_stack->ldent)) == NULL))
++ (ldap_stack->ldent == NULL || ( ldap_stack->processed &&
++ (ldap_stack->ldent = ldap_next_entry (ld, ldap_stack->ldent)) == NULL)))
+ {
+ if (ldap_stack->close_brace)
+ {
@@ -1502,26 +1619,26 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ldap_parse_entry_options (LDAPMessage *ent, char *buffer, size_t size,
+ int *lease_limit)
+{
-+ struct berval **tempbv;
++ char **tempstr;
+ int i;
+
+ if (ent == NULL || buffer == NULL || size == 0)
+ return (ISC_R_FAILURE);
+
-+ if ((tempbv = ldap_get_values_len (ld, ent, "dhcpStatements")) != NULL)
++ if ((tempstr = ldap_get_values (ld, ent, "dhcpStatements")) != NULL)
+ {
-+ for (i=0; tempbv[i] != NULL; i++)
++ for (i=0; tempstr[i] != NULL; i++)
+ {
+ if (lease_limit != NULL &&
-+ strncasecmp ("lease limit ", tempbv[i]->bv_val, 12) == 0)
++ strncasecmp ("lease limit ", tempstr[i], 12) == 0)
+ {
-+ *lease_limit = (int) strtol ((tempbv[i]->bv_val) + 12, NULL, 10);
++ *lease_limit = (int) strtol ((tempstr[i]) + 12, NULL, 10);
+ continue;
+ }
+
-+ x_strncat (buffer, tempbv[i]->bv_val, size);
++ x_strncat (buffer, tempstr[i], size);
+
-+ switch((int) check_statement_end (tempbv[i]->bv_val))
++ switch((int) check_statement_end (tempstr[i]))
+ {
+ case '}':
+ case ';':
@@ -1532,16 +1649,16 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ break;
+ }
+ }
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
-+ if ((tempbv = ldap_get_values_len (ld, ent, "dhcpOption")) != NULL)
++ if ((tempstr = ldap_get_values (ld, ent, "dhcpOption")) != NULL)
+ {
-+ for (i=0; tempbv[i] != NULL; i++)
++ for (i=0; tempstr[i] != NULL; i++)
+ {
+ x_strncat (buffer, "option ", size);
-+ x_strncat (buffer, tempbv[i]->bv_val, size);
-+ switch ((int) check_statement_end (tempbv[i]->bv_val))
++ x_strncat (buffer, tempstr[i], size);
++ switch ((int) check_statement_end (tempstr[i]))
+ {
+ case ';':
+ x_strncat (buffer, "\n", size);
@@ -1551,7 +1668,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ break;
+ }
+ }
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+ }
+
+ return (ISC_R_SUCCESS);
@@ -1561,12 +1678,11 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+static void
+ldap_generate_config_string (struct parse *cfile)
+{
-+ struct berval **objectClass;
-+ char *dn;
++ char **objectClass, *dn;
+ struct ldap_config_stack *entry;
-+ LDAPMessage * ent, * res;
-+ int i, ignore, found;
-+ int ret;
++ LDAPMessage *ent, *res, *entfirst, *resfirst;
++ int i, j, ignore, found;
++ int ret, parsedn = 1;
+
+ if (ld == NULL)
+ ldap_start ();
@@ -1574,29 +1690,32 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ return;
+
+ entry = ldap_stack;
-+ if ((objectClass = ldap_get_values_len (ld, entry->ldent,
++ if ((objectClass = ldap_get_values (ld, entry->ldent,
+ "objectClass")) == NULL)
+ return;
+
++ entry->processed = 1;
+ ignore = 0;
+ found = 1;
+ for (i=0; objectClass[i] != NULL; i++)
+ {
-+ if (strcasecmp (objectClass[i]->bv_val, "dhcpSharedNetwork") == 0)
++ if (strcasecmp (objectClass[i], "dhcpSharedNetwork") == 0)
+ ldap_parse_shared_network (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpClass") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpClass") == 0)
+ ldap_parse_class (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubnet") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpSubnet") == 0)
+ ldap_parse_subnet (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpPool") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpPool") == 0)
+ ldap_parse_pool (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpGroup") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpGroup") == 0)
+ ldap_parse_group (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpTSigKey") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpTSigKey") == 0)
+ ldap_parse_key (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpDnsZone") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpDnsZone") == 0)
+ ldap_parse_zone (entry, cfile);
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpHost") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpFailOverPeer") == 0)
++ ldap_parse_failover (entry, cfile);
++ else if (strcasecmp (objectClass[i], "dhcpHost") == 0)
+ {
+ if (ldap_method == LDAP_METHOD_STATIC)
+ ldap_parse_host (entry, cfile);
@@ -1606,7 +1725,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ break;
+ }
+ }
-+ else if (strcasecmp (objectClass[i]->bv_val, "dhcpSubClass") == 0)
++ else if (strcasecmp (objectClass[i], "dhcpSubClass") == 0)
+ {
+ if (ldap_method == LDAP_METHOD_STATIC)
+ ldap_parse_subclass (entry, cfile);
@@ -1626,7 +1745,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ }
+ }
+
-+ ldap_value_free_len (objectClass);
++ ldap_value_free (objectClass);
+
+ if (ignore)
+ {
@@ -1638,19 +1757,32 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ LDAP_BUFFER_SIZE-1, NULL);
+
+ dn = ldap_get_dn (ld, entry->ldent);
-+
++ if (dn == NULL)
++ {
++ ldap_stop();
++ return;
++ }
+#if defined(DEBUG_LDAP)
-+ if (dn != NULL)
-+ log_info ("Found LDAP entry '%s'", dn);
++ else
++ {
++ log_info ("Found LDAP entry '%s'", dn);
++ }
+#endif
+
-+ if (dn == NULL ||
-+ (ret = ldap_search_ext_s (ld, dn, LDAP_SCOPE_ONELEVEL,
-+ "objectClass=*", NULL, 0, NULL, NULL,
-+ NULL, 0, &res)) != LDAP_SUCCESS)
++ if ((ret = ldap_search_s (ld, dn, LDAP_SCOPE_ONELEVEL, "(!(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer)))",
++ NULL, 0, &res)) != LDAP_SUCCESS)
++ {
++ ldap_memfree (dn);
++
++ ldap_stop();
++ return;
++ }
++
++ if ((ret = ldap_search_s (ld, dn, LDAP_SCOPE_ONELEVEL, "(|(|(objectClass=dhcpTSigKey)(objectClass=dhcpClass)) (objectClass=dhcpFailOverPeer))",
++ NULL, 0, &resfirst)) != LDAP_SUCCESS)
+ {
-+ if (dn)
-+ ldap_memfree (dn);
++ ldap_memfree (dn);
++ ldap_msgfree (res);
+
+ ldap_stop();
+ return;
@@ -1658,17 +1790,32 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ ldap_memfree (dn);
+
-+ if ((ent = ldap_first_entry (ld, res)) != NULL)
++ ent = ldap_first_entry(ld, res);
++ entfirst = ldap_first_entry(ld, resfirst);
++
++ if (ent == NULL && entfirst == NULL)
++ {
++ parse_external_dns (entry->ldent);
++ next_ldap_entry (cfile);
++ }
++
++ if (ent != NULL)
+ {
+ add_to_config_stack (res, ent);
+ parse_external_dns (entry->ldent);
++ parsedn = 0;
+ }
+ else
++ ldap_msgfree (res);
++
++ if (entfirst != NULL)
+ {
-+ ldap_msgfree (res);
-+ parse_external_dns (entry->ldent);
-+ next_ldap_entry (cfile);
++ add_to_config_stack (resfirst, entfirst);
++ if(parsedn)
++ parse_external_dns (entry->ldent);
+ }
++ else
++ ldap_msgfree (resfirst);
+}
+
+
@@ -1702,7 +1849,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ldap_read_function (struct parse *cfile)
+{
+ cfile->inbuf[0] = '\0';
-+ cfile->buflen = 0;
++ cfile->bufix = cfile->buflen = 0;
+
+ while (ldap_stack != NULL && *cfile->inbuf == '\0')
+ ldap_generate_config_string (cfile);
@@ -1726,14 +1873,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+static char *
+ldap_get_host_name (LDAPMessage * ent)
+{
-+ struct berval **name;
-+ char *ret;
++ char **name, *ret;
+
+ ret = NULL;
-+ if ((name = ldap_get_values_len (ld, ent, "cn")) == NULL || name[0] == NULL)
++ if ((name = ldap_get_values (ld, ent, "cn")) == NULL || name[0] == NULL)
+ {
+ if (name != NULL)
-+ ldap_value_free_len (name);
++ ldap_value_free (name);
+
+#if defined (DEBUG_LDAP)
+ ret = ldap_get_dn (ld, ent);
@@ -1746,53 +1892,26 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ return (NULL);
+ }
+
-+ ret = dmalloc (strlen (name[0]->bv_val) + 1, MDL);
-+ strcpy (ret, name[0]->bv_val);
-+ ldap_value_free_len (name);
++ ret = dmalloc (strlen (name[0]) + 1, MDL);
++ strcpy (ret, name[0]);
++ ldap_value_free (name);
+
+ return (ret);
+}
+
+
-+static int
-+getfqhostname(char *fqhost, size_t size)
-+{
-+#if defined(MAXHOSTNAMELEN)
-+ char hname[MAXHOSTNAMELEN];
-+#else
-+ char hname[65];
-+#endif
-+ struct hostent *hp;
-+
-+ if(NULL == fqhost || 1 >= size)
-+ return -1;
-+
-+ memset(hname, 0, sizeof(hname));
-+ if( gethostname(hname, sizeof(hname)-1))
-+ return -1;
-+
-+ if(NULL == (hp = gethostbyname(hname)))
-+ return -1;
-+
-+ strncpy(fqhost, hp->h_name, size-1);
-+ fqhost[size-1] = '\0';
-+ return 0;
-+}
-+
-+
+isc_result_t
+ldap_read_config (void)
+{
+ LDAPMessage * ldres, * hostres, * ent, * hostent;
+ char hfilter[1024], sfilter[1024], fqdn[257];
-+ char *buffer, *hostdn;
++ char *buffer, **tempstr = NULL, *hostdn;
+ ldap_dn_node *curr = NULL;
+ struct parse *cfile;
+ struct utsname unme;
+ isc_result_t res;
+ size_t length;
+ int ret, cnt;
-+ struct berval **tempbv = NULL;
+
+ if (ld == NULL)
+ ldap_start ();
@@ -1816,7 +1935,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ }
+ else
+ {
-+ if(0 == getfqhostname(fqdn, sizeof(fqdn)))
++ if(0 == get_host_entry(fqdn, sizeof(fqdn), NULL, 0))
+ {
+ snprintf (hfilter, sizeof (hfilter),
+ "(&(objectClass=dhcpServer)(|(cn=%s)(cn=%s)))",
@@ -1830,9 +1949,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ }
+ hostres = NULL;
-+ if ((ret = ldap_search_ext_s (ld, ldap_base_dn, LDAP_SCOPE_SUBTREE,
-+ hfilter, NULL, 0, NULL, NULL, NULL, 0,
-+ &hostres)) != LDAP_SUCCESS)
++ if ((ret = ldap_search_s (ld, ldap_base_dn, LDAP_SCOPE_SUBTREE,
++ hfilter, NULL, 0, &hostres)) != LDAP_SUCCESS)
+ {
+ log_error ("Cannot find host LDAP entry %s %s",
+ ((ldap_dhcp_server_cn == NULL)?(unme.nodename):(ldap_dhcp_server_cn)), hfilter);
@@ -1857,13 +1975,15 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+#endif
+
+ if (hostdn == NULL ||
-+ (tempbv = ldap_get_values_len (ld, hostent, "dhcpServiceDN")) == NULL ||
-+ tempbv[0] == NULL)
++ (tempstr = ldap_get_values (ld, hostent, "dhcpServiceDN")) == NULL ||
++ tempstr[0] == NULL)
+ {
-+ log_error ("Error: Cannot find LDAP entry matching %s", hfilter);
++ log_error ("Error: No dhcp service is associated with the server %s %s",
++ (hostdn ? "dn" : "name"), (hostdn ? hostdn :
++ (ldap_dhcp_server_cn ? ldap_dhcp_server_cn : unme.nodename)));
+
-+ if (tempbv != NULL)
-+ ldap_value_free_len (tempbv);
++ if (tempstr != NULL)
++ ldap_value_free (tempstr);
+
+ if (hostdn)
+ ldap_memfree (hostdn);
@@ -1902,18 +2022,17 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ cfile->read_function = ldap_read_function;
+
+ res = ISC_R_SUCCESS;
-+ for (cnt=0; tempbv[cnt] != NULL; cnt++)
++ for (cnt=0; tempstr[cnt] != NULL; cnt++)
+ {
+ snprintf(sfilter, sizeof(sfilter), "(&(objectClass=dhcpService)"
-+ "(|(dhcpPrimaryDN=%s)(dhcpSecondaryDN=%s)))",
-+ hostdn, hostdn);
++ "(|(|(dhcpPrimaryDN=%s)(dhcpSecondaryDN=%s))(dhcpServerDN=%s)))",
++ hostdn, hostdn, hostdn);
+ ldres = NULL;
-+ if ((ret = ldap_search_ext_s (ld, tempbv[cnt]->bv_val, LDAP_SCOPE_BASE,
-+ sfilter, NULL, 0, NULL, NULL, NULL,
-+ 0, &ldres)) != LDAP_SUCCESS)
++ if ((ret = ldap_search_s (ld, tempstr[cnt], LDAP_SCOPE_BASE,
++ sfilter, NULL, 0, &ldres)) != LDAP_SUCCESS)
+ {
+ log_error ("Error searching for dhcpServiceDN '%s': %s. Please update the LDAP entry '%s'",
-+ tempbv[cnt]->bv_val, ldap_err2string (ret), hostdn);
++ tempstr[cnt], ldap_err2string (ret), hostdn);
+ if(NULL != ldres)
+ ldap_msgfree(ldres);
+ res = ISC_R_FAILURE;
@@ -1922,8 +2041,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ if ((ent = ldap_first_entry (ld, ldres)) == NULL)
+ {
-+ log_error ("Error: Cannot find dhcpService DN '%s' with primary or secondary server reference. Please update the LDAP server entry '%s'",
-+ tempbv[cnt]->bv_val, hostdn);
++ log_error ("Error: Cannot find dhcpService DN '%s' with server reference. Please update the LDAP server entry '%s'",
++ tempstr[cnt], hostdn);
+
+ ldap_msgfree(ldres);
+ res = ISC_R_FAILURE;
@@ -1939,7 +2058,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ curr = dmalloc (sizeof (*curr), MDL);
+ if (curr != NULL)
+ {
-+ length = strlen (tempbv[cnt]->bv_val);
++ length = strlen (tempstr[cnt]);
+ curr->dn = dmalloc (length + 1, MDL);
+ if (curr->dn == NULL)
+ {
@@ -1947,7 +2066,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ curr = NULL;
+ }
+ else
-+ strcpy (curr->dn, tempbv[cnt]->bv_val);
++ strcpy (curr->dn, tempstr[cnt]);
+ }
+
+ if (curr != NULL)
@@ -1966,13 +2085,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_fatal ("no memory to remember ldap service dn");
+
+#if defined (DEBUG_LDAP)
-+ log_info ("LDAP: Parsing dhcpService DN '%s' ...", tempbv[cnt]);
++ log_info ("LDAP: Parsing dhcpService DN '%s' ...", tempstr[cnt]);
+#endif
+ add_to_config_stack (ldres, ent);
+ res = conf_file_subparse (cfile, root_group, ROOT_GROUP);
+ if (res != ISC_R_SUCCESS)
+ {
-+ log_error ("LDAP: cannot parse dhcpService entry '%s'", tempbv[cnt]->bv_val);
++ log_error ("LDAP: cannot parse dhcpService entry '%s'", tempstr[cnt]);
+ break;
+ }
+ }
@@ -1981,7 +2100,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ ldap_close_debug_fd();
+
+ ldap_memfree (hostdn);
-+ ldap_value_free_len (tempbv);
++ ldap_value_free (tempstr);
+
+ if (res != ISC_R_SUCCESS)
+ {
@@ -2024,7 +2143,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ int type, struct host_decl *host,
+ struct class **class)
+{
-+ int declaration, lease_limit;
++ int i, declaration, lease_limit;
+ char option_buffer[8192];
+ enum dhcp_token token;
+ struct parse *cfile;
@@ -2068,8 +2187,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ if (basedn != NULL && *basedn != '\0')
+ {
-+ ret = ldap_search_ext_s (ld, basedn, LDAP_SCOPE_SUBTREE, filter,
-+ NULL, 0, NULL, NULL, NULL, 0, &groupdn);
++ ret = ldap_search_s (ld, basedn, LDAP_SCOPE_SUBTREE,
++ filter, NULL, 0, &groupdn);
+ if (ret == LDAP_SUCCESS)
+ {
+ if ((entry = ldap_first_entry (ld, groupdn)) != NULL)
@@ -2130,20 +2249,35 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+find_haddr_in_ldap (struct host_decl **hp, int htype, unsigned hlen,
+ const unsigned char *haddr, const char *file, int line)
+{
-+ char buf[128], *type_str;
++ char buf[128], *type_str, **tempstr, *addr_str;
+ LDAPMessage * res, *ent;
+ struct host_decl * host;
+ isc_result_t status;
+ ldap_dn_node *curr;
++ char up_hwaddr[20];
++ char lo_hwaddr[20];
+ int ret;
++ struct sigaction old, new;
+
+ if (ldap_method == LDAP_METHOD_STATIC)
+ return (0);
++ /*
++ ** ldap_* calls can result in a SIGPIPE and dhcpd gets terminated,
++ ** since it doesn't handle it...
++ */
++
++ new.sa_flags = 0;
++ new.sa_handler = SIG_IGN;
++ sigemptyset (&new.sa_mask);
++ sigaction (SIGPIPE, &new, &old);
+
+ if (ld == NULL)
+ ldap_start ();
+ if (ld == NULL)
-+ return (0);
++ {
++ sigaction (SIGPIPE, &old, &new);
++ return (0);
++ }
+
+ switch (htype)
+ {
@@ -2158,6 +2292,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ break;
+ default:
+ log_info ("Ignoring unknown type %d", htype);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
@@ -2165,9 +2300,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ ** FIXME: It is not guaranteed, that the dhcpHWAddress attribute
+ ** contains _exactly_ "type addr" with one space between!
+ */
++ snprintf(lo_hwaddr, sizeof(lo_hwaddr), "%s",
++ print_hw_addr (htype, hlen, haddr));
++ x_strxform(up_hwaddr, lo_hwaddr, sizeof(up_hwaddr), toupper);
++
+ snprintf (buf, sizeof (buf),
-+ "(&(objectClass=dhcpHost)(dhcpHWAddress=%s %s))",
-+ type_str, print_hw_addr (htype, hlen, haddr));
++ "(&(objectClass=dhcpHost)(|(dhcpHWAddress=%s %s)(dhcpHWAddress=%s %s)))",
++ type_str, lo_hwaddr, type_str, up_hwaddr);
+
+ res = ent = NULL;
+ for (curr = ldap_service_dn_head;
@@ -2177,8 +2316,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+#if defined (DEBUG_LDAP)
+ log_info ("Searching for %s in LDAP tree %s", buf, curr->dn);
+#endif
-+ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL, 0,
-+ NULL, NULL, NULL, 0, &res);
++ ret = ldap_search_s (ld, curr->dn, LDAP_SCOPE_SUBTREE,
++ buf, NULL, 0, &res);
+
+ if(ret == LDAP_SERVER_DOWN)
+ {
@@ -2189,11 +2328,12 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ if(ld == NULL)
+ {
+ log_info ("LDAP reconnect failed - try again later...");
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
-+ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL,
-+ 0, NULL, NULL, NULL, 0, &res);
++ ret = ldap_search_s (ld, curr->dn, LDAP_SCOPE_SUBTREE,
++ buf, NULL, 0, &res);
+ }
+
+ if (ret == LDAP_SUCCESS)
@@ -2224,12 +2364,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_error ("Cannot search for %s in LDAP tree %s: %s", buf,
+ curr->dn, ldap_err2string (ret));
+ ldap_stop();
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+#if defined (DEBUG_LDAP)
+ else
+ {
-+ log_info ("ldap_search_ext_s returned %s when searching for %s in %s",
++ log_info ("ldap_search_s returned %s when searching for %s in %s",
+ ldap_err2string (ret), buf, curr->dn);
+ }
+#endif
@@ -2254,6 +2395,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_fatal ("can't allocate host decl struct: %s",
+ isc_result_totext (status));
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
@@ -2262,6 +2404,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ {
+ host_dereference (&host, MDL);
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
@@ -2270,6 +2413,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_fatal ("can't clone group for host %s", host->name);
+ host_dereference (&host, MDL);
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
@@ -2277,11 +2421,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+
+ *hp = host;
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (1);
+ }
+
+
+ if(res) ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+}
+
@@ -2291,23 +2437,37 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ struct data_string *data)
+{
+ LDAPMessage * res, * ent;
-+ int ret, lease_limit;
++ int i, ret, lease_limit;
+ isc_result_t status;
+ ldap_dn_node *curr;
+ char buf[1024];
++ struct sigaction old, new;
+
+ if (ldap_method == LDAP_METHOD_STATIC)
+ return (0);
+
++ /*
++ ** ldap_* calls can result in a SIGPIPE and dhcpd gets terminated,
++ ** since it doesn't handle it...
++ */
++
++ new.sa_flags = 0;
++ new.sa_handler = SIG_IGN;
++ sigemptyset (&new.sa_mask);
++ sigaction (SIGPIPE, &new, &old);
++
+ if (ld == NULL)
+ ldap_start ();
+ if (ld == NULL)
-+ return (0);
++ {
++ sigaction (SIGPIPE, &old, &new);
++ return (0);
++ }
+
+ snprintf (buf, sizeof (buf),
+ "(&(objectClass=dhcpSubClass)(cn=%s)(dhcpClassData=%s))",
-+ print_hex_1 (data->len, data->data, 60),
-+ print_hex_2 (strlen (class->name), (u_int8_t *) class->name, 60));
++ print_hex_1 (data->len, (const u_int8_t *)data->data, 60),
++ print_hex_2 (strlen (class->name), (const u_int8_t *)class->name, 60));
+#if defined (DEBUG_LDAP)
+ log_info ("Searching LDAP for %s", buf);
+#endif
@@ -2320,8 +2480,8 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+#if defined (DEBUG_LDAP)
+ log_info ("Searching for %s in LDAP tree %s", buf, curr->dn);
+#endif
-+ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf, NULL, 0,
-+ NULL, NULL, NULL, 0, &res);
++ ret = ldap_search_s (ld, curr->dn, LDAP_SCOPE_SUBTREE,
++ buf, NULL, 0, &res);
+
+ if(ret == LDAP_SERVER_DOWN)
+ {
@@ -2333,11 +2493,12 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ if(ld == NULL)
+ {
+ log_info ("LDAP reconnect failed - try again later...");
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
-+ ret = ldap_search_ext_s (ld, curr->dn, LDAP_SCOPE_SUBTREE, buf,
-+ NULL, 0, NULL, NULL, NULL, 0, &res);
++ ret = ldap_search_s (ld, curr->dn, LDAP_SCOPE_SUBTREE,
++ buf, NULL, 0, &res);
+ }
+
+ if (ret == LDAP_SUCCESS)
@@ -2368,12 +2529,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_error ("Cannot search for %s in LDAP tree %s: %s", buf,
+ curr->dn, ldap_err2string (ret));
+ ldap_stop();
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+#if defined (DEBUG_LDAP)
+ else
+ {
-+ log_info ("ldap_search_ext_s returned %s when searching for %s in %s",
++ log_info ("ldap_search_s returned %s when searching for %s in %s",
+ ldap_err2string (ret), buf, curr->dn);
+ }
+#endif
@@ -2396,6 +2558,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ {
+ log_error ("Cannot allocate memory for a new class");
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+
@@ -2417,6 +2580,7 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ log_error ("no memory for billing");
+ class_dereference (newclass, MDL);
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+ }
+ memset ((*newclass)->billed_leases, 0,
@@ -2426,18 +2590,253 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap.c dhcp3-3.1.0/server/ldap.c
+ data_string_copy (&(*newclass)->hash_string, data, MDL);
+
+ ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (1);
+ }
+
+ if(res) ldap_msgfree (res);
++ sigaction (SIGPIPE, &old, &new);
+ return (0);
+}
+
++#endif /* LDAP_CONFIGURATION */
+diff -urNad isc-dhcp.orig/server/mdb.c isc-dhcp/server/mdb.c
+--- isc-dhcp.orig/server/mdb.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/mdb.c 2009-12-30 12:34:28.000000000 +0100
+@@ -600,6 +600,14 @@
+ const char *file, int line)
+ {
+ struct hardware h;
++ int ret;
++
++#if defined(LDAP_CONFIGURATION)
++ if(local_family == AF_INET) {
++ if ((ret = find_haddr_in_ldap (hp, htype, hlen, haddr, file, line)))
++ return ret;
++ }
++#endif
+
+ h.hlen = hlen + 1;
+ h.hbuf [0] = htype;
+diff -urNad isc-dhcp.orig/server/stables.c isc-dhcp/server/stables.c
+--- isc-dhcp.orig/server/stables.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/stables.c 2009-12-30 12:34:28.000000000 +0100
+@@ -244,9 +244,89 @@
+ { "delayed-ack", "S", &server_universe, 58, 1 },
+ { "max-ack-delay", "L", &server_universe, 59, 1 },
+ #endif
++#if defined(LDAP_CONFIGURATION)
++ { "ldap-server", "t", &server_universe, 60, 1 },
++ { "ldap-port", "d", &server_universe, 61, 1 },
++ { "ldap-username", "t", &server_universe, 62, 1 },
++ { "ldap-password", "t", &server_universe, 63, 1 },
++ { "ldap-base-dn", "t", &server_universe, 64, 1 },
++ { "ldap-method", "Nldap-methods.", &server_universe, 65, 1 },
++ { "ldap-debug-file", "t", &server_universe, 66, 1 },
++ { "ldap-dhcp-server-cn", "t", &server_universe, 67, 1 },
++ { "ldap-referrals", "f", &server_universe, 68, 1 },
++#if defined(USE_SSL)
++ { "ldap-ssl", "Nldap-ssl-usage.", &server_universe, 69, 1 },
++ { "ldap-tls-reqcert", "Nldap-tls-reqcert.",
++ &server_universe, 70, 1 },
++ { "ldap-tls-ca-file", "t", &server_universe, 71, 1 },
++ { "ldap-tls-ca-dir", "t", &server_universe, 72, 1 },
++ { "ldap-tls-cert", "t", &server_universe, 73, 1 },
++ { "ldap-tls-key", "t", &server_universe, 74, 1 },
++ { "ldap-tls-crlcheck", "Nldap-tls-crlcheck.",
++ &server_universe, 75, 1 },
++ { "ldap-tls-ciphers", "t", &server_universe, 76, 1 },
++ { "ldap-tls-randfile", "t", &server_universe, 77, 1 },
++#endif
++#endif
+ { NULL, NULL, NULL, 0, 0 }
+ };
+
++#if defined(LDAP_CONFIGURATION)
++struct enumeration_value ldap_values [] = {
++ { "static", LDAP_METHOD_STATIC },
++ { "dynamic", LDAP_METHOD_DYNAMIC },
++ { (char *) 0, 0 }
++};
++
++struct enumeration ldap_methods = {
++ (struct enumeration *)0,
++ "ldap-methods", 1,
++ ldap_values
++};
++
++#if defined(USE_SSL)
++struct enumeration_value ldap_ssl_usage_values [] = {
++ { "off", LDAP_SSL_OFF },
++ { "on", LDAP_SSL_ON },
++ { "ldaps", LDAP_SSL_LDAPS},
++ { "start_tls", LDAP_SSL_TLS },
++ { (char *) 0, 0 }
++};
++struct enumeration ldap_ssl_usage_enum = {
++ (struct enumeration *)0,
++ "ldap-ssl-usage", 1,
++ ldap_ssl_usage_values
++};
++
++struct enumeration_value ldap_tls_reqcert_values [] = {
++ { "never", LDAP_OPT_X_TLS_NEVER },
++ { "hard", LDAP_OPT_X_TLS_HARD },
++ { "demand", LDAP_OPT_X_TLS_DEMAND},
++ { "allow", LDAP_OPT_X_TLS_ALLOW },
++ { "try", LDAP_OPT_X_TLS_TRY },
++ { (char *) 0, 0 }
++};
++struct enumeration ldap_tls_reqcert_enum = {
++ (struct enumeration *)0,
++ "ldap-tls-reqcert", 1,
++ ldap_tls_reqcert_values
++};
++
++struct enumeration_value ldap_tls_crlcheck_values [] = {
++ { "none", LDAP_OPT_X_TLS_CRL_NONE},
++ { "peer", LDAP_OPT_X_TLS_CRL_PEER},
++ { "all", LDAP_OPT_X_TLS_CRL_ALL },
++ { (char *) 0, 0 }
++};
++struct enumeration ldap_tls_crlcheck_enum = {
++ (struct enumeration *)0,
++ "ldap-tls-crlcheck", 1,
++ ldap_tls_crlcheck_values
++};
++#endif
+#endif
-diff -urNad dhcp3-3.1.0.orig/server/ldap_casa.c dhcp3-3.1.0/server/ldap_casa.c
---- dhcp3-3.1.0.orig/server/ldap_casa.c 1970-01-01 01:00:00.000000000 +0100
-+++ dhcp3-3.1.0/server/ldap_casa.c 2008-02-20 13:21:26.000000000 +0100
-@@ -0,0 +1,138 @@
++
++
+ struct enumeration_value ddns_styles_values [] = {
+ { "none", 0 },
+ { "ad-hoc", 1 },
+diff -urNad isc-dhcp.orig/dst/Makefile.am isc-dhcp/dst/Makefile.am
+--- isc-dhcp.orig/dst/Makefile.am 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/dst/Makefile.am 2009-12-30 12:34:28.000000000 +0100
+@@ -1,8 +1,12 @@
+ AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
+
+ lib_LIBRARIES = libdst.a
++noinst_LIBRARIES = libdst-nomd5.a
+
+ libdst_a_SOURCES = dst_support.c dst_api.c hmac_link.c md5_dgst.c \
+ base64.c prandom.c
+
++libdst_nomd5_a_SOURCES = dst_support.c dst_api.c hmac_link.c \
++ base64.c prandom.c
++
+ EXTRA_DIST = dst_internal.h md5.h md5_locl.h
+diff -urNad isc-dhcp.orig/server/Makefile.am isc-dhcp/server/Makefile.am
+--- isc-dhcp.orig/server/Makefile.am 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/Makefile.am 2009-12-30 12:34:28.000000000 +0100
+@@ -1,15 +1,16 @@
+-AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"'
++AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' $(LDAP_CPPFLAGS)
+
+ dist_sysconf_DATA = dhcpd.conf
+ sbin_PROGRAMS = dhcpd
+ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
+ omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c \
+- dhcpv6.c mdb6.c
++ dhcpv6.c mdb6.c ldap.c ldap_casa.c
+
++dhcpd_CFLAGS= $(OPENSSL_CFLAGS)
+ # libomapi.a this is here twice to handle circular library dependencies :(
+-dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst.a \
++dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a ../dst/libdst-nomd5.a \
+ ../dhcpctl/libdhcpctl.a ../minires/libres.a \
+- ../omapip/libomapi.a
++ ../omapip/libomapi.a $(OPENSSL_LIBS) $(CRYPTO_LIBS) $(LDAP_LIBS)
+
+ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
+ EXTRA_DIST = $(man_MANS)
+diff -urNad isc-dhcp.orig/configure.ac isc-dhcp/configure.ac
+--- isc-dhcp.orig/configure.ac 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/configure.ac 2009-12-30 12:34:28.000000000 +0100
+@@ -389,8 +389,78 @@ AC_TRY_LINK(
+ AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
+
+ # find an MD5 library
++saved_LIBS="$LIBS"
++LIBS=""
+ AC_SEARCH_LIBS(MD5_Init, [crypto])
+ AC_SEARCH_LIBS(MD5Init, [crypto])
++CRYPTO_LIBS="$LIBS"
++LIBS="$saved_LIBS"
++
++AC_ARG_ENABLE(ldap-conf,
++ AS_HELP_STRING([--enable-ldap-conf],
++ [enable ldap configuration support (default is no)]))
++AC_ARG_ENABLE(ldap-ssl,
++ AS_HELP_STRING([--enable-ldap-ssl],
++ [enable SSL/TLS in ldap support (default is yes)]))
++AC_ARG_ENABLE(ldap-casa,
++ AS_HELP_STRING([--enable-ldap-casa],
++ [enable casa auth in ldap support (default is yes)]))
++if test "x$enable_ldap_conf" = xyes ; then
++
++ AC_CHECK_HEADERS([ldap.h])
++ saved_LIBS="$LIBS"
++ LIBS=""
++ AC_SEARCH_LIBS([ber_init], [ldap], [
++ LDAP_LIBS="-lldap"
++ ],[
++ AC_SEARCH_LIBS([ber_init], [lber], [
++ LDAP_LIBS="-lldap -llber"
++ ], [
++ AC_MSG_ERROR([unable to find ldap libraries])
++ ], [-lldap])
++ ])
++ LIBS="$saved_LIBS"
++
++ # TODO: avoid deprecated functions. until then, enable them
++ LDAP_CPPFLAGS="-DLDAP_DEPRECATED"
++
++ AC_DEFINE([LDAP_CONFIGURATION], [1],
++ [Define to 1 to enable ldap configuration support.])
++
++ if test "x$enable_ldap_ssl" != xno ; then
++ AC_DEFINE([USE_SSL], [1],
++ [Define to 1 to enable SSL/TLS in ldap support])
++
++ # Hmm... should be not needed to use explicit -lssl ...
++ # AFAIS libldap is linked against libssl and there is
++ # also no guard around ldap_start_tls in ldap.h, so it
++ # should be possible to just link against libldap...
++ # All this at least in case of openldap-2.4.x.
++ #
++ #PKG_CHECK_MODULES(OPENSSL, [openssl])
++ #if test "x$OPENSSL_LIBS" != x ; then
++ # # reset it, libcrypto is in OPENSSL_LIBS
++ # CRYPTO_LIBS=""
++ #fi
++ fi
++
++ if test "x$enable_ldap_casa" != xno ; then
++ AC_CHECK_HEADERS([micasa_mgmd.h],[
++ AC_DEFINE([LDAP_CASA_AUTH], [1],
++ [Define to 1 to enable casa in ldap support])
++ ],[
++ # fail, when explicitely requested
++ if test "$x$enable_ldap_casa" = xyes ; then
++ AC_MSG_ERROR([Unable to find micasa_mgmd.h header file])
++ fi
++ ])
++ fi
++fi
++AC_SUBST(CRYPTO_LIBS)
++AC_SUBST(LDAP_LIBS)
++AC_SUBST(LDAP_CPPFLAGS)
++AC_SUBST(OPENSSL_LIBS)
++AC_SUBST(OPENSSL_CFLAGS)
+
+ # Solaris needs some libraries for functions
+ AC_SEARCH_LIBS(socket, [socket])
+diff -urNad isc-dhcp.orig/server/ldap_casa.c isc-dhcp/server/ldap_casa.c
+--- isc-dhcp.orig/server/ldap_casa.c 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/ldap_casa.c 2009-12-30 12:34:28.000000000 +0100
+@@ -0,0 +1,142 @@
+/* ldap_casa.c
+
+ CASA routines for DHCPD... */
@@ -2473,9 +2872,13 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap_casa.c dhcp3-3.1.0/server/ldap_casa.c
+ * This file was written by S Kalyanasundaram <skalyanasundaram at novell.com>
+ */
+
++#if defined(HAVE_CONFIG_H)
++#include <config.h>
++#endif
++
+#if defined(LDAP_CASA_AUTH)
-+#include "ldap_casa.h"
+#include "dhcpd.h"
++#include "ldap_casa.h"
+
+int
+load_casa (void)
@@ -2556,9 +2959,9 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap_casa.c dhcp3-3.1.0/server/ldap_casa.c
+ memcpy(tempVar, credential.password, credential.pwordLen);
+ *ldap_password = tempVar;
+
-+
++#if defined (DEBUG_LDAP)
+ log_info ("Authentication credential taken from CASA");
-+
++#endif
+
+ release_casa();
+ return 1;
@@ -2576,161 +2979,90 @@ diff -urNad dhcp3-3.1.0.orig/server/ldap_casa.c dhcp3-3.1.0/server/ldap_casa.c
+
+#endif /* LDAP_CASA_AUTH */
+
-diff -urNad dhcp3-3.1.0.orig/server/Makefile.dist dhcp3-3.1.0/server/Makefile.dist
---- dhcp3-3.1.0.orig/server/Makefile.dist 2006-07-25 15:26:00.000000000 +0200
-+++ dhcp3-3.1.0/server/Makefile.dist 2008-02-20 13:21:26.000000000 +0100
-@@ -25,15 +25,15 @@
- CATMANPAGES = dhcpd.cat8 dhcpd.conf.cat5 dhcpd.leases.cat5
- SEDMANPAGES = dhcpd.man8 dhcpd.conf.man5 dhcpd.leases.man5
- SRCS = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
-- omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c
-+ omapi.c mdb.c stables.c salloc.c ddns.c dhcpleasequery.c ldap.c ldap_casa.c
- OBJS = dhcpd.o dhcp.o bootp.o confpars.o db.o class.o failover.o \
-- omapi.o mdb.o stables.o salloc.o ddns.o dhcpleasequery.o
-+ omapi.o mdb.o stables.o salloc.o ddns.o dhcpleasequery.o ldap.o ldap_casa.o
- PROG = dhcpd
- MAN = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
-
- INCLUDES = -I$(TOP) $(BINDINC) -I$(TOP)/includes
--DHCPLIB = ../common/libdhcp.a $(BINDLIB) ../omapip/libomapi.a ../dst/libdst.a
--CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS)
-+DHCPLIB = ../common/libdhcp.a $(BINDLIB) ../omapip/libomapi.a ../dst/libdst-nomd5.a
-+CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) -DDEBUG_LDAP
-
- all: $(PROG) $(CATMANPAGES)
-
-@@ -106,6 +106,6 @@
- -e "s#RUNDIR#$(VARRUN)#g" < dhcpd.leases.5 >dhcpd.leases.man5
-
- dhcpd: $(OBJS) $(COBJ) $(DHCPLIB)
-- $(CC) $(LFLAGS) -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS)
-+ $(CC) $(LFLAGS) -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS) -lcrypto -lldap -llber
-
- # Dependencies (semi-automatically-generated)
-diff -urNad dhcp3-3.1.0.orig/server/mdb.c dhcp3-3.1.0/server/mdb.c
---- dhcp3-3.1.0.orig/server/mdb.c 2007-06-08 20:57:02.000000000 +0200
-+++ dhcp3-3.1.0/server/mdb.c 2008-02-20 13:21:26.000000000 +0100
-@@ -454,6 +454,12 @@
- {
- struct host_decl *foo;
- struct hardware h;
-+ int ret;
+diff -urNad isc-dhcp.orig/server/ldap_casa.h isc-dhcp/server/ldap_casa.h
+--- isc-dhcp.orig/server/ldap_casa.h 2009-12-30 10:56:15.000000000 +0100
++++ isc-dhcp/server/ldap_casa.h 2009-12-30 12:34:28.000000000 +0100
+@@ -0,0 +1,83 @@
++/* ldap_casa.h
++
++ Definition for CASA modules... */
+
-+#if defined(LDAP_CONFIGURATION)
-+ if ((ret = find_haddr_in_ldap (hp, htype, hlen, haddr, file, line)))
-+ return ret;
-+#endif
-
- h.hlen = hlen + 1;
- h.hbuf [0] = htype;
-diff -urNad dhcp3-3.1.0.orig/server/stables.c dhcp3-3.1.0/server/stables.c
---- dhcp3-3.1.0.orig/server/stables.c 2007-04-28 00:48:10.000000000 +0200
-+++ dhcp3-3.1.0/server/stables.c 2008-02-20 13:21:26.000000000 +0100
-@@ -238,9 +238,107 @@
- { "adaptive-lease-time-threshold", "B", &server_universe, 50, 1 },
- { "do-reverse-updates", "f", &server_universe, 51, 1 },
- { "fqdn-reply", "f", &server_universe, 52, 1 },
-+#if defined(LDAP_CONFIGURATION)
-+ { "ldap-server", "t", &server_universe, 53 },
-+ { "ldap-port", "d", &server_universe, 54 },
-+ { "ldap-username", "t", &server_universe, 55 },
-+ { "ldap-password", "t", &server_universe, 56 },
-+ { "ldap-base-dn", "t", &server_universe, 57 },
-+ { "ldap-method", "Nldap-methods.", &server_universe, 58 },
-+ { "ldap-debug-file", "t", &server_universe, 59 },
-+ { "ldap-dhcp-server-cn", "t", &server_universe, 60 },
-+ { "ldap-referrals", "f", &server_universe, 61 },
-+#if defined(USE_SSL)
-+ { "ldap-ssl", "Nldap-ssl-usage.", &server_universe, 62 },
-+ { "ldap-tls-reqcert", "Nldap-tls-reqcert.", &server_universe, 63 },
-+ { "ldap-tls-ca-file", "t", &server_universe, 64 },
-+ { "ldap-tls-ca-dir", "t", &server_universe, 65 },
-+ { "ldap-tls-cert", "t", &server_universe, 66 },
-+ { "ldap-tls-key", "t", &server_universe, 67 },
-+ { "ldap-tls-crlcheck", "Nldap-tls-crlcheck.", &server_universe, 68 },
-+ { "ldap-tls-ciphers", "t", &server_universe, 69 },
-+ { "ldap-tls-randfile", "t", &server_universe, 70 },
-+#else
-+ { "unknown-62", "X", &server_universe, 62 },
-+ { "unknown-63", "X", &server_universe, 63 },
-+ { "unknown-64", "X", &server_universe, 64 },
-+ { "unknown-65", "X", &server_universe, 65 },
-+ { "unknown-66", "X", &server_universe, 66 },
-+ { "unknown-67", "X", &server_universe, 67 },
-+ { "unknown-68", "X", &server_universe, 68 },
-+ { "unknown-69", "X", &server_universe, 69 },
-+ { "unknown-70", "X", &server_universe, 70 },
-+#endif
-+#else
-+ { "unknown-53", "X", &server_universe, 53 },
-+ { "unknown-54", "X", &server_universe, 54 },
-+ { "unknown-55", "X", &server_universe, 55 },
-+ { "unknown-56", "X", &server_universe, 56 },
-+ { "unknown-57", "X", &server_universe, 57 },
-+ { "unknown-58", "X", &server_universe, 58 },
-+ { "unknown-59", "X", &server_universe, 59 },
-+ { "unknown-60", "X", &server_universe, 60 },
-+ { "unknown-61", "X", &server_universe, 61 },
-+#endif
- { NULL, NULL, NULL, 0, 0 }
- };
-
-+#if defined(LDAP_CONFIGURATION)
-+struct enumeration_value ldap_values [] = {
-+ { "static", LDAP_METHOD_STATIC },
-+ { "dynamic", LDAP_METHOD_DYNAMIC },
-+ { (char *) 0, 0 }
-+};
++/* Copyright (c) 2004 Internet Systems Consorium, Inc. ("ISC")
++ * Copyright (c) 1995-2003 Internet Software Consortium.
++ * Copyright (c) 2006 Novell, Inc.
+
-+struct enumeration ldap_methods = {
-+ (struct enumeration *)0,
-+ "ldap-methods",
-+ ldap_values
-+};
++ * All rights reserved.
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions are met:
++ * 1.Redistributions of source code must retain the above copyright notice,
++ * this list of conditions and the following disclaimer.
++ * 2.Redistributions in binary form must reproduce the above copyright notice,
++ * this list of conditions and the following disclaimer in the documentation
++ * and/or other materials provided with the distribution.
++ * 3.Neither the name of ISC, ISC DHCP, nor the names of its contributors
++ * may be used to endorse or promote products derived from this software
++ * without specific prior written permission.
+
-+#if defined(USE_SSL)
-+struct enumeration_value ldap_ssl_usage_values [] = {
-+ { "off", LDAP_SSL_OFF },
-+ { "on",LDAP_SSL_ON },
-+ { "ldaps", LDAP_SSL_LDAPS },
-+ { "start_tls", LDAP_SSL_TLS },
-+ { (char *) 0, 0 }
-+};
++ * THIS SOFTWARE IS PROVIDED BY INTERNET SYSTEMS CONSORTIUM AND CONTRIBUTORS
++ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
++ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ISC OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
++ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
++ * POSSIBILITY OF SUCH DAMAGE.
+
-+struct enumeration ldap_ssl_usage_enum = {
-+ (struct enumeration *)0,
-+ "ldap-ssl-usage",
-+ ldap_ssl_usage_values
-+};
++ * This file was written by S Kalyanasundaram <skalyanasundaram at novell.com>
++ */
+
-+struct enumeration_value ldap_tls_reqcert_values [] = {
-+ { "never", LDAP_OPT_X_TLS_NEVER },
-+ { "hard", LDAP_OPT_X_TLS_HARD },
-+ { "demand", LDAP_OPT_X_TLS_DEMAND},
-+ { "allow", LDAP_OPT_X_TLS_ALLOW },
-+ { "try", LDAP_OPT_X_TLS_TRY },
-+ { (char *) 0, 0 }
-+};
-+struct enumeration ldap_tls_reqcert_enum = {
-+ (struct enumeration *)0,
-+ "ldap-tls-reqcert",
-+ ldap_tls_reqcert_values
-+};
++#if defined(LDAP_CASA_AUTH)
++#ifndef __LDAP_CASA_H__
++#define __LDAP_CASA_H__
+
-+struct enumeration_value ldap_tls_crlcheck_values [] = {
-+ { "none", LDAP_OPT_X_TLS_CRL_NONE},
-+ { "peer", LDAP_OPT_X_TLS_CRL_PEER},
-+ { "all", LDAP_OPT_X_TLS_CRL_ALL },
-+ { (char *) 0, 0 }
-+};
-+struct enumeration ldap_tls_crlcheck_enum = {
-+ (struct enumeration *)0,
-+ "ldap-tls-crlcheck",
-+ ldap_tls_crlcheck_values
-+};
-+#endif
-+#endif
++#include <micasa_mgmd.h>
++#include <dlfcn.h>
++#include <string.h>
++
++#define MICASA_LIB "libmicasa.so.1"
++
++SSCS_TYPEDEF_LIBCALL(int, CASA_GetCredential_T)
++(
++ uint32_t ssFlags,
++ SSCS_SECRET_ID_T *appSecretID,
++ SSCS_SECRET_ID_T *sharedSecretID,
++ uint32_t *credentialType,
++ void *credential,
++ SSCS_EXT_T *ext
++);
++SSCS_TYPEDEF_LIBCALL(int, CASA_SetCredential_T)
++(
++ uint32_t ssFlags,
++ SSCS_SECRET_ID_T *appSecretID,
++ SSCS_SECRET_ID_T *sharedSecretID,
++ uint32_t credentialType,
++ void *credential,
++ SSCS_EXT_T *ext
++);
++
++SSCS_TYPEDEF_LIBCALL(int, CASA_RemoveCredential_T)
++(
++ uint32_t ssFlags,
++ SSCS_SECRET_ID_T *appSecretID,
++ SSCS_SECRET_ID_T *sharedSecretID,
++ SSCS_EXT_T *ext
++);
++static CASA_GetCredential_T p_miCASAGetCredential = NULL;
++static CASA_SetCredential_T p_miCASASetCredential = NULL;
++static CASA_RemoveCredential_T p_miCASARemoveCredential = NULL;
++static void *casaIDK = NULL;
++
++int load_casa(void);
++static void release_casa(void);
++int load_uname_pwd_from_miCASA(char **, char **);
++
++#endif /* __LDAP_CASA_H__ */
++#endif /* LDAP_CASA_AUTH */
+
- struct enumeration_value ddns_styles_values [] = {
- { "none", 0 },
- { "ad-hoc", 1 },
diff --git a/debian/patches/dhcp-3.1.0-ldap-docs.dpatch b/debian/patches/dhcp-4.1.0-ldap-docs.dpatch
old mode 100644
new mode 100755
similarity index 99%
rename from debian/patches/dhcp-3.1.0-ldap-docs.dpatch
rename to debian/patches/dhcp-4.1.0-ldap-docs.dpatch
index c703724..eb53ba1
--- a/debian/patches/dhcp-3.1.0-ldap-docs.dpatch
+++ b/debian/patches/dhcp-4.1.0-ldap-docs.dpatch
@@ -8,10 +8,22 @@
@DPATCH@
-diff -urNad dhcp3-3.1.0.orig/Changelog-LDAP dhcp3-3.1.0/Changelog-LDAP
---- dhcp3-3.1.0.orig/Changelog-LDAP 1970-01-01 01:00:00.000000000 +0100
-+++ dhcp3-3.1.0/Changelog-LDAP 2008-02-20 13:21:26.000000000 +0100
-@@ -0,0 +1,255 @@
+diff -urNad isc-dhcp.orig/Changelog-LDAP isc-dhcp/Changelog-LDAP
+--- isc-dhcp.orig/Changelog-LDAP 1970-01-01 01:00:00.000000000 +0100
++++ isc-dhcp/Changelog-LDAP 2009-12-30 10:57:24.000000000 +0100
+@@ -0,0 +1,267 @@
++2009-12-30 José L. Redrejo <jredrejo at edu.juntaextremadura.net>
++ * server/ldap.c: Apply patch to avoid DHCP server stops with SIGPIPE
++ when talking to LDAP server. Thanks to Petter Reinholdtsen
++ at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559160
++
++2009-09-29 Marius Tomaschewski <mt at suse.de>
++ * Fixed gcc warnings by adding casts with expected signedness.
++ * Added configure checks and the options --enable-ldap-conf=no,
++ --enable-ldap-ssl=yes, --enable-ldap-casa=yes
++ Removed ldap constants from site.h, adopted Makefile.am in dst
++ and server directories, added config.h inclusions to ldap*.c
++
+2008-2-8 José L. Redrejo <jredrejo at edu.juntaextremadura.net>
+ * includes/dhcpd.h: fixed SV_LDAP_ values according to server/stables.c
+ * server/ldap.c : fixed sprintf call
diff --git a/debian/rules b/debian/rules
index b647299..3fe0ead 100755
--- a/debian/rules
+++ b/debian/rules
@@ -39,9 +39,29 @@ CFLAGS += -D_PATH_DHCPD_CONF='"/etc/dhcp/dhcpd.conf"'
CFLAGS += -D_PATH_DHCLIENT_CONF='"/etc/dhcp/dhclient.conf"'
CFLAGS += -DNOMINUM
+patched-ldap/build-stamp:
+ dh_testdir
+
+ ./configure \
+ --prefix=$(DESTDIR)/usr \
+ --sysconfdir=$(DESTDIR)/etc/dhcp \
+ --enable-ldap-conf --disable-ldap-casa \
+ --disable-dhcpv6
+
+ for f in common ../minires ../dst ../omapip ../dhcpctl ../server; do \
+ cd $$f;\
+ $(MAKE) $(CROSS);\
+ done
+ mkdir -p patched-ldap
+ mv server/dhcpd patched-ldap/
+
+ touch $@
+
build: patch-stamp build-stamp
-build-stamp: patch-stamp
+build-stamp: patched-ldap/build-stamp
+
+ dpatch deapply-until dhcp-4.1.0-ldap-code
# See http://bugs.debian.org/549060 for why DHCPv6 has to be disabled
./configure \
@@ -56,6 +76,7 @@ build-stamp: patch-stamp
clean: unpatch
dh_testdir
rm -f build-stamp install-stamp
+ rm -Rf patched-ldap
[ ! -f Makefile ] || $(MAKE) distclean
@@ -124,9 +145,13 @@ binary-arch: build install
dh_testroot
dh_installdebconf
dh_installdocs -A debian/README.Debian -X doc/ja_JP.eucJP
+ dh_installdocs -pisc-dhcp-server-ldap contrib/dhcpd-conf-to-ldap.pl
dh_installexamples -a
dh_installinit -a -n
dh_installchangelogs
+ dh_installchangelogs -pisc-dhcp-server-ldap Changelog-LDAP
+ dh_install -pisc-dhcp-server-ldap
+ dh_strip -pisc-dhcp-server-ldap
dh_strip -pisc-dhcp-server --dbg-package=isc-dhcp-server-dbg
dh_strip -pisc-dhcp-relay --dbg-package=isc-dhcp-relay-dbg
dh_strip -pisc-dhcp-client --dbg-package=isc-dhcp-client-dbg
--
ISC DHCP packaging for Debian
More information about the pkg-dhcp-commits
mailing list