From owner-freebsd-current@FreeBSD.ORG Sat Nov 12 20:02:09 2011 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:4f8:fff6::35]) by hub.freebsd.org (Postfix) with ESMTP id ACFCC106567A; Sat, 12 Nov 2011 20:02:09 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from [127.0.0.1] (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 9AC0E162E4F; Sat, 12 Nov 2011 20:01:50 +0000 (UTC) Message-ID: <4EBED0A5.5070308@FreeBSD.org> Date: Sun, 13 Nov 2011 00:01:41 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.17) Gecko/20110429 Thunderbird/3.1.10 MIME-Version: 1.0 To: =?UTF-8?B?SmVhbi1Tw6liYXN0aWVuIFDDqWRyb24=?= References: <4EBE99A7.90500@FreeBSD.org> In-Reply-To: <4EBE99A7.90500@FreeBSD.org> X-Enigmail-Version: 1.1.2 OpenPGP: id=10C8A17A Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigE876C3E72FB118AE8A16683C" Cc: freebsd-current@FreeBSD.org Subject: Re: [Call for reviews] Support domain-search option in dhclient(8) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Nov 2011 20:02:09 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigE876C3E72FB118AE8A16683C Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 12.11.2011 20:07, Jean-S=C3=A9bastien P=C3=A9dron wrote: > Attached is a patch that adds support for "domain-search" option > (#119) as defined in RFC 3397[1]. This allows a DHCP server to publish > a list of domain names that should be used to search for non-fully > qualified domain names. >=20 > There's already a PR opened about this: > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D151940 >=20 > With this patch applied and a DHCP server configured to publish this > option, dhclient(8) will add a line similar to the following one: > search example.org. foobar.com. >=20 > In the example, this indicates that the name "www" should be resolved > first as "www.example.org", then as "www.foobar.com". >=20 > I prepared a regression test to be added to tools/regression (not > included). However, I'm not knowledgeable enough to anticipate all > security-related issues. I would appreciate a review especially with > this in mind :) Hi, I have several questions after a quick view of your patch: 1. AFAIR, our dhclient was doing changes in the system configuration via dhclient-script, but i don't see that your changes touched it. 2. Your code handles compressed options. It's good. But it seems you don't check names correctness. There were some checks for "domain-name" option, probably you can use them. 3. Also it would be good to update man pages :) --=20 WBR, Andrey V. Elsukov --------------enigE876C3E72FB118AE8A16683C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) iQEcBAEBAgAGBQJOvtCqAAoJEAHF6gQQyKF6cvYH/3yQjZQO9UdMmBchPal3t80c qhco1LTTtNIcwA019PzoJh614S5ytLRsWVGjLOJJbDS35w+AoPPmTX4iFlulF8bi Iy4VPGiowaOAavazppGMAzR7TSFY4xqjk2H8Feh5UBJe6MXyksggrscF0yaOvIlt wggqXM3TsEZhL6GNHIZobdVPNdYDg+GGDeO2707fANEPsO8mVz8FAY5IEKEs3jXU w+lLjmI6t5kX6byhY1XGF+BKudBzs4TGiQzWPBSseV1LAoy0VFIoJmMB4pN8Cnjh jflUxBi/dvM7hfwMyZxZff35xuD2CeM7tO6dxkUx5eOx0kLXUNYe2kqHMILd2S4= =mRTL -----END PGP SIGNATURE----- --------------enigE876C3E72FB118AE8A16683C--