Bug #8469
closed
DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured
Added by Michael Alden over 6 years ago.
Updated over 6 years ago.
Description
When saving DHCP Server configuration settings, the Dynamic DNS Key algorithm drop down box (under advanced Dynamic DNS settings) is automatically populated with the default value of HMAC-MD5 (legacy default). This happens even if the Display Advanced button is not clicked (and the menu expanded). This populates the config.xml ddnsdomainkeyalgorithm element, /pfsense/dhcpd/lan/ddnsdomainkeyalgorithm, with the value "hmac-md5".
The /usr/local/www/services_dhcp.php file includes conditions for displaying the Dynamic DNS advanced parameters; if the ddnsdomainkeyalgorithm element is not empty the advanced parameters are displayed.
I'm creating a pull request to implement this change; specifically, this:
Line 1558: empty($pconfig['ddnsdomainkeyalgorithm']) &&
Should be changed to this:
Line 1558: (empty($pconfig['ddnsdomainkeyalgorithm']) || ($pconfig['ddnsdomainkeyalgorithm'] == "hmac-md5")) &&
The OR condition allows for the default value without displaying the advanced parameters.
Files
- Target version set to 2.4.4
- Status changed from New to Feedback
- Target version changed from 2.4.4 to 2.4.3-p1
Tested on 2.4.3.a.20180308.1837 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.
Tested on 2.4.4.a.20180504.1639 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. Visited Diagnostics > Backup & Restore, made a backup and searched for "md5" in the backup and <ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm> was present in the file.
The test performed may not be correct, please provide feedback if it should be tested differently. Otherwise, there doesn't appear to be a difference in how the two versions behave.
Hello James,
The issue is not whether or not the ddnsdomainkeyalgorithm element contains a value in the config; the issue is that the DHCP Server Dynamic DNS advanced configuration sub-section is erroneously displayed in the GUI.
In general, advanced menu sub-sections are not displayed unless/until you configure settings within them. The Dynamic DNS sub-section is displayed even if you do not configure any settings because the original code did not allow for the ddnsdomainkeyalgorithm element's default setting. This pull request adds a logic check which allows for the default setting.
If no DHCP Server Dynamic DNS advanced settings are configured, i.e., all default settings, the expected behavior is that the Dynamic DNS settings area is collapsed upon first loading the page. The original code would expand this section of the GUI erroneously because the PHP code required that element to be empty.
You can test this behavior by clicking save on the DHCP Server page (as you've described) and then observing the state of the Dynamic DNS sub-section ("Display Advanced" versus "Hide Advanced").
Hope this helps! Please let me know if there's anything that isn't clear.
Got it, the Dynamic DNS settings remained collapsed.
- Status changed from Feedback to Resolved
On 2.4.4.a.20180705.0032 stock, hitting Save at Services > DHCP caused the service to stop. Trying to manually start the service once it stopped, fails.
Simply clicking "Display advanced" at Services > DHCP Server, Dynamic DNS changes the DHCP section of config.xml as shown below:
<dhcpd>
<lan>
<enable></enable>
<range>
<from>192.168.1.100</from>
<to>192.168.1.199</to>
</range>
<failover_peerip></failover_peerip>
<dhcpleaseinlocaltime></dhcpleaseinlocaltime>
<defaultleasetime></defaultleasetime>
<maxleasetime></maxleasetime>
<netmask></netmask>
<gateway></gateway>
<domain></domain>
<domainsearchlist></domainsearchlist>
<ddnsdomain></ddnsdomain>
<ddnsdomainprimary></ddnsdomainprimary>
<ddnsdomainkeyname></ddnsdomainkeyname>
<ddnsdomainkeyalgorithm>hmac-md5</ddnsdomainkeyalgorithm>
<ddnsdomainkey></ddnsdomainkey>
<mac_allow></mac_allow>
<mac_deny></mac_deny>
<ddnsclientupdates>allow</ddnsclientupdates>
<tftp></tftp>
<ldap></ldap>
<nextserver></nextserver>
<filename></filename>
<filename32></filename32>
<filename64></filename64>
<rootpath></rootpath>
<numberoptions></numberoptions>
</lan>
</dhcpd>
<dhcpdv6>
<lan>
<enable></enable>
<range>
<from>::1000</from>
<to>::2000</to>
</range>
<ramode>assist</ramode>
<rapriority>medium</rapriority>
</lan>
</dhcpdv6>
Retested today on a fresh install (2.4.4.a.20180705.0032) and the issue appears to be resolved.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Anonymous