Age | Commit message (Collapse) | Author |
|
original diff from Michael McConville via tech@. Thanks!
ok millert@ beck@ guenther@ jca@
|
|
|
|
multiple domain names in dhcp option 15 (Domain Name). This allows
resolv.conf 'search' statements to be built with multiple entries.
Adhere to the limits stated in resolv.conf(5) - no more than 6
domains and less than 1024 characters total length.
Encountered in the wild and fix tested by beck@. Feedback from
deraadt@
|
|
|
|
Reported long ago by matthieu@. Also Jacob Berkman via the lists.
Tests and suggestions from Jacob and Matthieu.
|
|
present. The latest routing stack code can now handle these situations.
Much requested by beck@ and others. Detailed discussion at s2k15
identified required routing changes.
ok claudio@
|
|
in get_token(). Simplifies code and shrinks future diff.
No intentional functional change.
|
|
encountering a carriage return in the input.
Found by jsg@ a long time ago in a respository far, far away.
|
|
ok krw@
|
|
ok doug millert miod
|
|
using RTM_IFA to bind routes to an interface. Keep the subnet route
conflict avoidance code for the time being.
diff from claudio@ as part of larger routing magic diff.
ok claudio@ mpi@
|
|
are clearly properly initialized in the same area. Prompted by the
recent shrinkage of most imsg structs.
|
|
Original request+diff from matthew@
ok dlg@
|
|
constructing imsgs.
ok reyk@
|
|
theoretically allowed the unprivileged child process to write to
arbitrary files. Restrict it by replacing it with two specific
write_resolv_conf() and write_option_db() privsep interfaces where all
the critical decision has been moved to the parent.
OK krw@
|
|
network-facing process to properly fill out the interface name and
rdomain on which operations are to be performed.
Instead, always use the interface name and rdomain discovered before
forking and dropping privs. Lets all the imsg structs to drop a
couple of members.
ok matthew@ henning@
|
|
|
|
History indicates this is slightly less error prone.
Inconsistant usage pointed out by Benjamin Baier.
|
|
or non-NULLness before calling free().
This batch from Benjamin Baier.
|
|
or non-NULLness before calling free().
|
|
calloc(N, 0). Avoid the whole controversy by skipping zero length
options while cloning a lease.
Leak reported by Remco van den Berg via bugs@. Additional testing
and diagnostic help from Benjamin Baier. Thanks!
|
|
might leak. *Should* not be possible but better safe than sorry.
|
|
|
|
but better safe than sorry.
Noted and diff from Benjamin Baier. Thanks!
|
|
not 'malloc'.
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
be clever, but it is definitely confusing. Use a flag IFI_VALID_LLADDR
to indicate that the ifi->hw_address field is valid, rather than
assuming ifi->linkstat does that. Add startup_time to record client
startup rather than using first_sending and hoping nobody else needs
it until link is complete.
|
|
latest information. So back off to using interface_status() to
directly query the interface when link status is in question. Partly
from Nathanael Rensen's original diff.
Also, while waiting for initial link, keep checking every second
rather than backing off to checking every (default) 60 seconds after
(default) 10 seconds.
|
|
the routing socket initialization. Otherwise certain combinations
of UP/RUNNING/active will generate the deadly RTM_IFINFO with RTF_UP
== 0 and kill the client. Add comment to nail this section in place.
|
|
link comes up and nothing has yet been displayed.
|
|
has expired. In S_REBOOT state_reboot() assumes link is present and
starts sending REQUEST/DISCOVER packets and doing the backoff dance
after retry_interval expires. Stay in S_PREBOOT until link appears.
Pointed out by and initial diff from Nathanael Rensen.
|
|
noted as being up. Thus avoiding a premature exit if extra RTM_IFINFO
messages arrive before state_reboot() gets a chance to run.
|
|
some interfaces (e.g. em(4) in qemu) do not have this flag set in
the RTM_IFINFO message dhclient gets.
Problem found & fix tested by Nathanael Rensen. Thanks!
|
|
state S_PREBOOT and associated state_preboot() function.
This results in routing socket messages being processed even while
the link is being waited for. Thus the RTM_IFINFO message announcing
the link is ready can be reacted to immediately, rather than waiting
for the sleep(1)'ing process to wake up and look at the link state.
Some interfaces seem to lose the first packet sent when the RTM_IFINFO
message is reacted to so quickly, so temporarily leave in place an
explicit delay before sending the first packet.
|
|
if_register_receive.
|
|
construction of default client identifier until link is up (i.e.
do it in state_reboot()).
|
|
relying on S_REBOOTING being 0.
|
|
the validity of the interface name as soon the actual name is known.
i.e. right after 'egress' is expanded. One less thing for
get_hw_address() to do.
|
|
incrementing sporadic errors until the limit is exceeded. i.e. only
exit dhclient when enough consecutive errors occur. Tweak error
messages.
Don't bother checking interface_status() when receive_packet()
fails. Let other status checks function on their own.
|
|
exits, so there is no need to constantly check if 'ifi' is NULL.
Similarly 'ifi->bfdesc' is successfully opened during initialization
or dhclient exits, so there is no point in constantly checking if
it has regressed to -1. Finally, no need to check 'ifi->linkstat'
before trying to read a packet. If there is a packet it should just
as well be read immediately rather than waiting for the link to
reappear and confuse things.
No intentional functional change.
|
|
|
|
info provided in RTM_IFINFO messages. But it didn't replicate the
checks for IFI_NOMEDIA and (IFF_UP | IFF_RUNNING) used in
interface_status() to set ifi->linkstat. So the test (LINK_STATE_IS_UP()
!= ifi->linkstat) was comparing kiwi fruit and hairballs.
Do the additional checks using info present in the RTM_IFINFO
message. As a result interface_status() need not be called to
update ifi->linkstat. Thus avoiding opening/closing a socket and
some ioctls to re-obtain the info already provided in the RTM_IFINFO
message.
Using RTM_IFINFO data ok mpi@
|
|
Hoist one-time initialization of client identifier out of
get_hw_address() to the one-time initialization code in main().
No intentional functional change.
|
|
the two copies of the bpf socket descriptor (rfdesc, wfdesc) with
just one (bfdesc). No need to keep a struct ifreq (ifp) since it's
only used once and can be constructed there and discarded. Nuke
unused 'primary_address' member.
No intentional functional change.
|
|
before filling it in with read_client_conf(). Fixes seg fault when
lease {} statement is used.
Problem reported by Alessandro de Laurenzis via misc@. Thanks!
|
|
the priv child but before getting hardware link. Reducing further the
possibly inappropriate information the priv child could read.
|
|
after forking the privileged process, which should not be reading
those bits. No intentional functional change.
|
|
error print statement.
|
|
|
|
this" tests at the top of the dispatch loop. Use a 'continue' instead
of 'goto <label just after the while>'. No intended functional change.
|