Bug #8469
closed
DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured
0%
Description
When saving DHCP Server configuration settings, the Dynamic DNS Key algorithm drop down box (under advanced Dynamic DNS settings) is automatically populated with the default value of HMAC-MD5 (legacy default). This happens even if the Display Advanced button is not clicked (and the menu expanded). This populates the config.xml ddnsdomainkeyalgorithm element, /pfsense/dhcpd/lan/ddnsdomainkeyalgorithm, with the value "hmac-md5".
The /usr/local/www/services_dhcp.php file includes conditions for displaying the Dynamic DNS advanced parameters; if the ddnsdomainkeyalgorithm element is not empty the advanced parameters are displayed.
I'm creating a pull request to implement this change; specifically, this:
Line 1558: empty($pconfig['ddnsdomainkeyalgorithm']) &&
Should be changed to this:
Line 1558: (empty($pconfig['ddnsdomainkeyalgorithm']) || ($pconfig['ddnsdomainkeyalgorithm'] == "hmac-md5")) &&
The OR condition allows for the default value without displaying the advanced parameters.
Files
Updated by Michael Alden about 6 years ago
Pull Request: https://github.com/pfsense/pfsense/pull/3938
Updated by Jim Pingle almost 6 years ago
- Status changed from New to Feedback
- Target version changed from 2.4.4 to 2.4.3-p1
Updated by Anonymous almost 6 years ago
Tested on 2.4.3.a.20180308.1837 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.
Tested on 2.4.4.a.20180504.1639 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.
The test performed may not be correct, please provide feedback if it should be tested differently. Otherwise, there doesn't appear to be a difference in how the two versions behave.
Updated by Michael Alden almost 6 years ago
Hello James,
The issue is not whether or not the ddnsdomainkeyalgorithm element contains a value in the config; the issue is that the DHCP Server Dynamic DNS advanced configuration sub-section is erroneously displayed in the GUI.
In general, advanced menu sub-sections are not displayed unless/until you configure settings within them. The Dynamic DNS sub-section is displayed even if you do not configure any settings because the original code did not allow for the ddnsdomainkeyalgorithm element's default setting. This pull request adds a logic check which allows for the default setting.
If no DHCP Server Dynamic DNS advanced settings are configured, i.e., all default settings, the expected behavior is that the Dynamic DNS settings area is collapsed upon first loading the page. The original code would expand this section of the GUI erroneously because the PHP code required that element to be empty.
You can test this behavior by clicking save on the DHCP Server page (as you've described) and then observing the state of the Dynamic DNS sub-section ("Display Advanced" versus "Hide Advanced").
Hope this helps! Please let me know if there's anything that isn't clear.
Updated by Anonymous almost 6 years ago
Got it, the Dynamic DNS settings remained collapsed.
Updated by Jim Pingle almost 6 years ago
- Status changed from Feedback to Resolved
Updated by Anonymous almost 6 years ago
On 2.4.4.a.20180705.0032 stock, hitting Save at Services > DHCP caused the service to stop. Trying to manually start the service once it stopped, fails.
Updated by Anonymous almost 6 years ago
Simply clicking "Display advanced" at Services > DHCP Server, Dynamic DNS changes the DHCP section of config.xml as shown below:
<dhcpd>
<lan>
<enable></enable>
<range>
<from>192.168.1.100</from>
<to>192.168.1.199</to>
</range>
<failover_peerip></failover_peerip>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain></domain>
<domainsearchlist></domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<rootpath></rootpath>
<numberoptions></numberoptions>
</lan>
</dhcpd>
<dhcpdv6>
<lan>
<enable></enable>
<range>
<from>::1000</from>
<to>::2000</to>
</range>
<ramode>assist</ramode>
<rapriority>medium</rapriority>
</lan>
</dhcpdv6>
Updated by Anonymous almost 6 years ago
- File dhcp-config-section-testing-8469.log dhcp-config-section-testing-8469.log added
- File dhcp-log-testing-8469.log dhcp-log-testing-8469.log added
Forgot to include files for https://redmine.pfsense.org/issues/8469#note-8
Updated by Anonymous almost 6 years ago
Retested today on a fresh install (2.4.4.a.20180705.0032) and the issue appears to be resolved.