Commit Graph

15 Commits

Author SHA1 Message Date
zhenggen-xu
999408a954 [security] patch the code for DSA-4133-1 isc-dhcp -- security update (#2142)
https://security-tracker.debian.org/tracker/CVE-2017-3144
https://security-tracker.debian.org/tracker/CVE-2018-5732
https://security-tracker.debian.org/tracker/CVE-2018-5733
2018-10-12 16:00:51 -07:00
Qi Luo
a6d2d777c4
Fix links of debian git server (#1755) 2018-05-31 18:38:12 -07:00
Joe LeVeque
0c9e8eee65
Revert "Fix the sonic build issue" (#1671)
* Revert "[docker-dhcp]: Fix the sonic build issue (#1659)"

This reverts commit 8d3c5fbcc2.
2018-05-02 14:17:04 -07:00
zhenggen-xu
8d3c5fbcc2 [docker-dhcp]: Fix the sonic build issue (#1659)
Install the built version of isc-dhcp-client in docker-dhcp-relay
2018-04-29 20:19:06 -07:00
Joe LeVeque
41418723a3
[isc-dhcp] Add patch to fix bug which caused log messages to also print to stderr in release builds (#1477) 2018-03-09 11:32:03 -08:00
Joe LeVeque
50f060e8bd Revert "[DHCP relay]: Add patch to always undef VLAN_TCI_PRESENT so as not to treat VLAN-tagged packets differently (#1254)" (#1291)
This reverts commit 64602ad5b2.

Reverting this commit because the root cause of the issue was due to
a Broadcom SDK bug which caused VLAN-tagged packets to be tagged twice.
When packets were double-tagged, only one tag was getting stripped before
the packet was trapped to the CPU. However, the second tag was left behind,
which would cause the DHCP relay agent to ignore the packet. The bug has
since been fixed, so now all VLAN-tagged packets should properly have their
tag removed before being trapped to the CPU. Therefore the DHCP relay
agent should never encounter a VLAN-tagged packet.
2018-01-10 03:06:47 -08:00
Joe LeVeque
64602ad5b2
[DHCP relay]: Add patch to always undef VLAN_TCI_PRESENT so as not to treat VLAN-tagged packets differently (#1254) 2017-12-20 11:22:08 -08:00
Joe LeVeque
f0d59cb002 [DHCP relay]: Fix circuit ID and remote ID bugs (#1248)
* [DHCP relay]: Fix circuit ID and remote ID bugs

* Set circuit_id_len after setting circuit_id_len to ip->name
2017-12-19 10:28:45 -08:00
Joe LeVeque
2571cb59b6 [DHCP relay]: Fix bug which could cause incorrect interface name association (#1233)
* [DHCP relay]: Fix bug which could cause incorrect interface name association

* Add patches to series file and apply using stgit

* Update .gitignore in order to ignore downloaded and generated files

* Reorganize src/ subdirectories alphabetically in .gitignore
2017-12-12 23:56:59 -08:00
Joe LeVeque
223a38c02f
Update isc-dhcp source to v4.3.3-6; create new patch against it (#1164)
- Found a bug in v4.3.1-6 in which dhcrelay would not start if
   passed an interface name with a length of 15 characters due
   to truncated copy of interface name in common/lpf.c.
   Bug was fixed in v4.3.2.

 - v4.3.3-6 is the newest version we can build for Debian Jessie, as all
   newer versions require newer versions of debhelper and
   libbind-export-dev dependencies than are available for Jessie.
2017-11-17 14:51:48 -08:00
Bairen Yi
967030f24d Change third party repos from git:// to https:// for better compatibility (#1104)
* Change git:// to https:// for better security and compatibility
2017-11-02 11:19:05 -07:00
Joe LeVeque
1d16a37d48 [DHCP Relay]: Support Multiple VLANs (Separate DHCP Relay Agents, One Per VLAN) (#999)
* [DHCP Relay]: Support new <DhcpRelays> minigraph tag; support multiple VLANs

* Don't start dhcrelay in quiet mode so as to get startup output in syslog

* Update sonic-cfggen tests to support new '<DhcpRelays>' tag

* <DhcpRelays> tag is only present for VLANs which require a DHCP relay agent -- only parse if present

* Don't attempt to configure a DHCP relay agent for VLANs without specified DHCP servers

* Modify to work with Taoyu's minigraph/DB changes (#942)

* Reduce number of DHCP servers in sonic-cfggen unit tests from 4 to 2

* Remove isc-dhcp-relay sample output file from sonic-cfggen test, as we no longer generate that file

* Update Option 82 isc-dhcp-relay patch to load all interface name-alias maps into memory once at start instead of calling sonic-cfggen on each packet we relay

* Remove executable permission from Jinja2 template

* Set max hop count to 1 so that DHCP relay will only relay packets with a hop count of zero

* Replace tabs with spaces

* Modify overlooked sonic-cfggen call, use Config DB instead of minigraph

* Also ensure > 1 VLAN requires a DHCP relay agent before outputting to template

* Generate port name-alias map file using sonic-cfggen and parse that in lieu of parsing port_config.ini directly

* No longer drop packets with hop count > 0; Instead, drop packets which already contain agent info
2017-10-04 23:35:43 -07:00
Joe LeVeque
f49cac086f Remove extra trailing newlines at EOF (#804)
Files now end with a single newline
2017-07-12 20:54:37 -07:00
Marian Pritsak
51cab5d4ed [config]: Add SONIC_CONFIG_MAKE_JOBS (#784)
* [config]: Add SONIC_CONFIG_MAKE_JOBS

This config option allows user to specify -j value that will be passed
to each package build.

Signed-off-by: marian-pritsak <marianp@mellanox.com>
2017-07-07 15:32:50 +03:00
Joe LeVeque
017eea8a87 [DHCP Relay]: Add support for custom Option 82 circuit_id of the form '<hostname>:<portname>' (#747)
* Add docker-dhcp-relay/Dockerfile to .gitignore

* Add isc-dhcp-relay .deb package to image build process, along with my Option 82 patch

* Install custom isc-dhcp-relay in dhcp_relay docker

* Install isc-dhcp-relay build dependencies in sonic-slave Docker container

* Copy the built .deb package to the destination directory

* Add dependencies for isc-dhcp-relay

* Change Option 82 string to '<hostname>:<portname>'

* Install dependencies of .deb files implicitly in Dockerfile

* Remove unused line

* Remove unnecessary space
2017-06-24 12:05:04 -07:00