[v4_1_esv] Check failover pools per peer in test mode

Merges in rt29892
author: Thomas Markwalder <tmark@isc.org> 2017-06-27 10:32:46 -0400
committer: Thomas Markwalder <tmark@isc.org> 2017-06-27 10:32:46 -0400
commit: 940eda1616668438f6e159be08aedebe01b4a47e (patch)
tree: e9f5398fb012449718876e57e68143f3b860e511
parent: dd03d1b061045e0198cde7639d941a0a70cb1420 (diff)
download: isc-dhcp-940eda1616668438f6e159be08aedebe01b4a47e.tar.gz
4 files changed, 44 insertions, 12 deletions
diff --git a/RELNOTES b/RELNOTES
index 799d7160..e9443c81 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -169,6 +169,11 @@ by Eric Young (eay@cryptsoft.com).
   Pitt which got to us via Andrew Pollock.
   [ISC-bugs #18183]
 
+- The server now detects failover peers that are not referenced in at least
+  one pool when run with the command line option for test mode, -T.  Prior to
+  this the check was performed too far down stream to be detected in test mode.
+  [ISC-Bugs #29892]
+
 			Changes since 4.1-ESV-R14b1
 - None
 
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
index 1e3c2011..802a5090 100644
--- a/includes/dhcpd.h
+++ b/includes/dhcpd.h
@@ -3,7 +3,7 @@
    Definitions for dhcpd... */
 
 /*
- * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1996-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -3132,6 +3132,7 @@ int deletePTR (const struct data_string *, const struct data_string *,
 /* failover.c */
 #if defined (FAILOVER_PROTOCOL)
 extern dhcp_failover_state_t *failover_states;
+void dhcp_failover_sanity_check (void);
 void dhcp_failover_startup (void);
 int dhcp_failover_write_all_states (void);
 isc_result_t enter_failover_peer (dhcp_failover_state_t *);
diff --git a/server/dhcpd.c b/server/dhcpd.c
index e4f8cf98..f81fedd4 100644
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -3,7 +3,7 @@
    DHCP Server Daemon. */
 
 /*
- * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1996-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -737,6 +737,10 @@ main(int argc, char **argv) {
 		log_fatal ("Configuration file errors encountered -- exiting");
 
 	postconf_initialization (quiet);
+
+#if defined (FAILOVER_PROTOCOL)
+	dhcp_failover_sanity_check();
+#endif
  
 #if defined (PARANOIA) && !defined (EARLY_CHROOT)
 	if (set_chroot) setup_chroot (set_chroot);
diff --git a/server/failover.c b/server/failover.c
index 778c2a3e..1d5e171f 100644
--- a/server/failover.c
+++ b/server/failover.c
@@ -3,7 +3,7 @@
    Failover protocol support code... */
 
 /*
- * Copyright (c) 2004-2016 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1999-2003 by Internet Software Consortium
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -50,6 +50,37 @@ static inline int secondary_not_hoarding(dhcp_failover_state_t *state,
 					 struct pool *p);
 static void scrub_lease(struct lease* lease, const char *file, int line);
 
+/*!
+ * \brief Performs a "pre-flight" sanity check of failover configuration
+ *
+ * Provides an opportunity to do post-parse pre-startup sanity checking
+ * of failover configuration.  This allows checks to be done under test
+ * mode (-T), without requiring full startup for validation.
+ *
+ * Currently, it enforces all failover peers be used in at lease one
+ * pool. This logic was formerly located in dhcp_failover_startup.
+ *
+ * On failure, a fatal error is logged.
+ *
+ */
+void dhcp_failover_sanity_check() {
+	dhcp_failover_state_t *state;
+	int fail_count = 0;
+
+	for (state = failover_states; state; state = state->next) {
+		if (state->pool_count == 0) {
+			log_error ("ERROR: Failover peer, %s, has no referring"
+				   " pools. You must refer to each peer in at"
+				   " least one pool declaration.",
+				   state->name);
+			fail_count++;
+		}
+	}
+
+	if (fail_count) {
+		log_fatal ("Failover configuration sanity check failed");
+	}
+}
 
 void dhcp_failover_startup ()
 {
@@ -60,15 +91,6 @@ void dhcp_failover_startup ()
 	for (state = failover_states; state; state = state -> next) {
 		dhcp_failover_state_transition (state, "startup");
 
-		if (state -> pool_count == 0) {
-			log_error ("failover peer declaration with no %s",
-				   "referring pools.");
-			log_error ("In order to use failover, you MUST %s",
-				   "refer to your main failover declaration");
-			log_error ("in each pool declaration.   You MUST %s",
-				   "NOT use range declarations outside");
-			log_fatal ("of pool declarations.");
-		}
 		/* In case the peer is already running, immediately try
 		   to establish a connection with it. */
 		status = dhcp_failover_link_initiate ((omapi_object_t *)state);
author	Thomas Markwalder <tmark@isc.org>	2017-06-27 10:32:46 -0400
committer	Thomas Markwalder <tmark@isc.org>	2017-06-27 10:32:46 -0400
commit	940eda1616668438f6e159be08aedebe01b4a47e (patch)
tree	e9f5398fb012449718876e57e68143f3b860e511
parent	dd03d1b061045e0198cde7639d941a0a70cb1420 (diff)
download	isc-dhcp-940eda1616668438f6e159be08aedebe01b4a47e.tar.gz