Project

General

Profile

Bug #8469

DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured

Added by Michael Alden about 1 year ago. Updated 11 months ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
DHCP Server
Target version:
Start date:
04/18/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.3
Affected Architecture:

Description

When saving DHCP Server configuration settings, the Dynamic DNS Key algorithm drop down box (under advanced Dynamic DNS settings) is automatically populated with the default value of HMAC-MD5 (legacy default). This happens even if the Display Advanced button is not clicked (and the menu expanded). This populates the config.xml ddnsdomainkeyalgorithm element, /pfsense/dhcpd/lan/ddnsdomainkeyalgorithm, with the value "hmac-md5".

The /usr/local/www/services_dhcp.php file includes conditions for displaying the Dynamic DNS advanced parameters; if the ddnsdomainkeyalgorithm element is not empty the advanced parameters are displayed.

I'm creating a pull request to implement this change; specifically, this:
Line 1558: empty($pconfig['ddnsdomainkeyalgorithm']) &&

Should be changed to this:
Line 1558: (empty($pconfig['ddnsdomainkeyalgorithm']) || ($pconfig['ddnsdomainkeyalgorithm'] == "hmac-md5")) &&

The OR condition allows for the default value without displaying the advanced parameters.

dhcp-config-section-testing-8469.log (328 Bytes) dhcp-config-section-testing-8469.log after clicking Save at Services > DHCP Server on a stock config James Dekker, 07/05/2018 03:23 PM
dhcp-log-testing-8469.log (3.38 KB) dhcp-log-testing-8469.log relevant DHCP log after trying to start DHCP Server James Dekker, 07/05/2018 03:23 PM

Associated revisions

Revision 3e1b29c7 (diff)
Added by Michael Alden about 1 year ago

Bug #8469 - Modify show_advdns function pageload conditions to allow for ddnsdomainkeyalgorithm default value, i.e., hmac-md5

Revision cdd30801 (diff)
Added by Michael Alden about 1 year ago

Bug #8469 - Modify show_advdns function pageload conditions to allow for ddnsdomainkeyalgorithm default value, i.e., hmac-md5

(cherry picked from commit 3e1b29c7ba3a586cb94268d76ecb78874c2f5007)

History

#2 Updated by Jim Pingle about 1 year ago

  • Target version set to 2.4.4

#3 Updated by Jim Pingle about 1 year ago

  • Status changed from New to Feedback
  • Target version changed from 2.4.4 to 2.4.3-p1

#4 Updated by James Dekker about 1 year ago

Tested on 2.4.3.a.20180308.1837 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.

Tested on 2.4.4.a.20180504.1639 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.

The test performed may not be correct, please provide feedback if it should be tested differently. Otherwise, there doesn't appear to be a difference in how the two versions behave.

#5 Updated by Michael Alden about 1 year ago

Hello James,

The issue is not whether or not the ddnsdomainkeyalgorithm element contains a value in the config; the issue is that the DHCP Server Dynamic DNS advanced configuration sub-section is erroneously displayed in the GUI.

In general, advanced menu sub-sections are not displayed unless/until you configure settings within them. The Dynamic DNS sub-section is displayed even if you do not configure any settings because the original code did not allow for the ddnsdomainkeyalgorithm element's default setting. This pull request adds a logic check which allows for the default setting.

If no DHCP Server Dynamic DNS advanced settings are configured, i.e., all default settings, the expected behavior is that the Dynamic DNS settings area is collapsed upon first loading the page. The original code would expand this section of the GUI erroneously because the PHP code required that element to be empty.

You can test this behavior by clicking save on the DHCP Server page (as you've described) and then observing the state of the Dynamic DNS sub-section ("Display Advanced" versus "Hide Advanced").

Hope this helps! Please let me know if there's anything that isn't clear.

#6 Updated by James Dekker about 1 year ago

Got it, the Dynamic DNS settings remained collapsed.

#7 Updated by Jim Pingle about 1 year ago

  • Status changed from Feedback to Resolved

#8 Updated by James Dekker 11 months ago

On 2.4.4.a.20180705.0032 stock, hitting Save at Services > DHCP caused the service to stop. Trying to manually start the service once it stopped, fails.

#9 Updated by James Dekker 11 months ago

Simply clicking "Display advanced" at Services > DHCP Server, Dynamic DNS changes the DHCP section of config.xml as shown below:

    <dhcpd>
        <lan>
            <enable></enable>
            <range>
                <from>192.168.1.100</from>
                <to>192.168.1.199</to>
            </range>
            <failover_peerip></failover_peerip>
            <dhcpleaseinlocaltime></dhcpleaseinlocaltime>
            <defaultleasetime></defaultleasetime>
            <maxleasetime></maxleasetime>
            <netmask></netmask>
            <gateway></gateway>
            <domain></domain>
            <domainsearchlist></domainsearchlist>
            <ddnsdomain></ddnsdomain>
            <ddnsdomainprimary></ddnsdomainprimary>
            <ddnsdomainkeyname></ddnsdomainkeyname>
            <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
            <ddnsdomainkey></ddnsdomainkey>
            <mac_allow></mac_allow>
            <mac_deny></mac_deny>
            <ddnsclientupdates>allow</ddnsclientupdates>
            <tftp></tftp>
            <ldap></ldap>
            <nextserver></nextserver>
            <filename></filename>
            <filename32></filename32>
            <filename64></filename64>
            <rootpath></rootpath>
            <numberoptions></numberoptions>
        </lan>
    </dhcpd>
    <dhcpdv6>
        <lan>
            <enable></enable>
            <range>
                <from>::1000</from>
                <to>::2000</to>
            </range>
            <ramode>assist</ramode>
            <rapriority>medium</rapriority>
        </lan>
    </dhcpdv6>

#11 Updated by James Dekker 11 months ago

Retested today on a fresh install (2.4.4.a.20180705.0032) and the issue appears to be resolved.

Also available in: Atom PDF