Thor Lancelot Simon <tls@rek.tjls.com> writes:

> It is *illegal* per the relevant standards for the DHCP response that
> reaches your modem to contain the relay agent information option.

However, it still shouldn't cause a coredump. At most it should print
a warning message.

> It is amusing to note that this hoses the Win2k dhclient, too.

Hah! ;-) In light of this, I'm surprised Cisco is taking such a
lackadaisical stance on the issue...

> Curiously, it does *not* crash dhclient on my machine.  (Ted
> noticed it while helping me debug a separate problem with RCN's DHCP
> servers a few months ago; that problem was caused, actually, by my
> overly restrictive ipf rules only allowing broadcast DHCP queries out).

Wait - I thought I read recently that dhcp uses the BPF interface to
inject packets, and thus wasn't subject to ipfilter. As a matter of
fact, I just looked through my ipf.conf and didn't see a rule that
would allow dhcp packets through the interface. What gives?

> I wonder what's different in my configuration from yours!

Dunno. From tracing through the code it looks like a pretty much sure
thing that receipt of the relay agent info option will cause the deref
of a bogus pointer.

My dhclient config is totally generic, except that I override the
make_resolv_conf() function in a dhclient-enter-hooks file (I make it
a nop, since I want my resolv.conf to continue pointing to my own
local dns)