summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2014-12-08Try harder to avoid displaying "no link ... got link" when initialKenneth R Westerback
link comes up and nothing has yet been displayed.
2014-12-07Do not move from S_PREBOOT to S_REBOOT just because link_timeoutKenneth R Westerback
has expired. In S_REBOOT state_reboot() assumes link is present and starts sending REQUEST/DISCOVER packets and doing the backoff dance after retry_interval expires. Stay in S_PREBOOT until link appears. Pointed out by and initial diff from Nathanael Rensen.
2014-12-07Ensure we grab the interface LLADDR as soon as the link state isKenneth R Westerback
noted as being up. Thus avoiding a premature exit if extra RTM_IFINFO messages arrive before state_reboot() gets a chance to run.
2014-12-07Retract check for IFF_RUNNING when checking for link state. At leastKenneth R Westerback
some interfaces (e.g. em(4) in qemu) do not have this flag set in the RTM_IFINFO message dhclient gets. Problem found & fix tested by Nathanael Rensen. Thanks!
2014-12-06Do not define the variable pid twice to avoid a compiler warning.Alexander Bluhm
OK millert@
2014-12-05Move initial wait for network link into the state machine by addingKenneth R Westerback
state S_PREBOOT and associated state_preboot() function. This results in routing socket messages being processed even while the link is being waited for. Thus the RTM_IFINFO message announcing the link is ready can be reacted to immediately, rather than waiting for the sleep(1)'ing process to wake up and look at the link state. Some interfaces seem to lose the first packet sent when the RTM_IFINFO message is reacted to so quickly, so temporarily leave in place an explicit delay before sending the first packet.
2014-12-05Store return value of i2d_X509_NAME in a signed integer to makeMike Belopuhov
sure the negative error gets treated correctly and doesn't get accidentally promoted to a huge unsigned value. From Pedro Martelletto, thanks! OK reyk
2014-12-05Specify correct number of iovecs when sending replies to the ikev2 procMike Belopuhov
Crash reported and fix tested by Vincent Gross <dermiste at kilob ! yt>; patch from Pedro Martelletto, thanks!
2014-12-03Init SPI using arc4random_buf, rather than (r << 32) | rTheo de Raadt
ok matthew
2014-12-03Use arc4random_buf() rather than iterating word by wordoTheo de Raadt
itk florian
2014-12-03ifconfig $if inet6 autoconf sends periodic router solicitations.Florian Obser
input jmc@
2014-12-03rtsol is goneFlorian Obser
OK deraadt@
2014-12-03Unhook rtsol(8) and rtsold(8) from the build.Florian Obser
OK deraadt@
2014-12-03Correct comment to state that the BPF program is patched inKenneth R Westerback
if_register_receive.
2014-12-01memcpy abort found an overlap. from dsp at 2f30. ok deraadtTed Unangst
2014-11-30Don't check for hardware address change unless link was up. DelayKenneth R Westerback
construction of default client identifier until link is up (i.e. do it in state_reboot()).
2014-11-29Explicitly initialize client->state to S_REBOOTING rather thanKenneth R Westerback
relying on S_REBOOTING being 0.
2014-11-27Use if_nametoindex() to get the interface index, and thereby checkKenneth R Westerback
the validity of the interface name as soon the actual name is known. i.e. right after 'egress' is expanded. One less thing for get_hw_address() to do.
2014-11-26Reset ifi->errors after a successful receive_packet(), rather thanKenneth R Westerback
incrementing sporadic errors until the limit is exceeded. i.e. only exit dhclient when enough consecutive errors occur. Tweak error messages. Don't bother checking interface_status() when receive_packet() fails. Let other status checks function on their own.
2014-11-26Prefer setvbuf() to setlinebuf() for portability; ok deraadt@Todd C. Miller
2014-11-26'ifi' is successfully calloc'd during initialization or dhclientKenneth R Westerback
exits, so there is no need to constantly check if 'ifi' is NULL. Similarly 'ifi->bfdesc' is successfully opened during initialization or dhclient exits, so there is no point in constantly checking if it has regressed to -1. Finally, no need to check 'ifi->linkstat' before trying to read a packet. If there is a packet it should just as well be read immediately rather than waiting for the link to reappear and confuse things. No intentional functional change.
2014-11-26Rename 'got_one()' to 'packethandler()'.Kenneth R Westerback
2014-11-25r1.118 starting using LINK_STATE_IS_UP() to check the link statusKenneth R Westerback
info provided in RTM_IFINFO messages. But it didn't replicate the checks for IFI_NOMEDIA and (IFF_UP | IFF_RUNNING) used in interface_status() to set ifi->linkstat. So the test (LINK_STATE_IS_UP() != ifi->linkstat) was comparing kiwi fruit and hairballs. Do the additional checks using info present in the RTM_IFINFO message. As a result interface_status() need not be called to update ifi->linkstat. Thus avoiding opening/closing a socket and some ioctls to re-obtain the info already provided in the RTM_IFINFO message. Using RTM_IFINFO data ok mpi@
2014-11-23Rename discover_interface() to more meaningful get_hw_address().Kenneth R Westerback
Hoist one-time initialization of client identifier out of get_hw_address() to the one-time initialization code in main(). No intentional functional change.
2014-11-23Cleanup some struct interface_info fields. Make 'nomedia' a flag. ReplaceKenneth R Westerback
the two copies of the bpf socket descriptor (rfdesc, wfdesc) with just one (bfdesc). No need to keep a struct ifreq (ifp) since it's only used once and can be constructed there and discarded. Nuke unused 'primary_address' member. No intentional functional change.
2014-11-20A little too agressive reordering. Must initialize the client structKenneth R Westerback
before filling it in with read_client_conf(). Fixes seg fault when lease {} statement is used. Problem reported by Alessandro de Laurenzis via misc@. Thanks!
2014-11-20remove sys/file.h includes in favor of fcntl.h where needed.Ted Unangst
ok deraadt guenther
2014-11-20Yet more #include de-duplication.Kenneth R Westerback
ok deraadt@ tedu@
2014-11-20Don't allow embedded nul characters in strings.Jonathan Gray
Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
2014-11-20remove nt and lanman functions which aren't used. ok reyk yasuokaTed Unangst
2014-11-19delete the KERN_VNODE sysctl. it fails to provide any isolation from theTed Unangst
kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi
2014-11-19Nuke yet more obvious #include duplications.Kenneth R Westerback
ok deraadt@
2014-11-18Nuke some obvious #include duplications.Kenneth R Westerback
ok espie@ deraadt@ millert@ tedu@
2014-11-17Further juggle startup code, putting config file reading after forkingKenneth R Westerback
the priv child but before getting hardware link. Reducing further the possibly inappropriate information the priv child could read.
2014-11-16Move some memory allocations/initialization and file reading toKenneth R Westerback
after forking the privileged process, which should not be reading those bits. No intentional functional change.
2014-11-16Read your compiler output even when it succeeds. Add missing variable toKenneth R Westerback
error print statement.
2014-11-16Correct the first release tmpfs was shipped with.Brad Smith
From bytevolcano at safe-mail dot net
2014-11-15Reduce instances of `` '' in manuals.Anthony J. Bentley
troff displays these as typographic quotes, but nroff implementations almost always print them literally, which rarely has the intended effect with modern fonts, even in stock xterm. These uses of `` '' can be replaced either with more semantic alternatives or with Dq, which prints typographic quotes in a UTF-8 locale (but will automatically fall back to `` '' in an ASCII locale). improvements and ok schwarze@
2014-11-15Make -q (quiet) and -d (don't daemonize) options mutually exclusive.Kenneth R Westerback
2014-11-14sort names for -C. ok reykTed Unangst
2014-11-14move the trunk related functions out of ifdef SMALL, to allow trunk onHenning Brauer
RAMDISKs. grows ifconfig on SMALL media slightly, verified to still fit on amd64 i386 sparc64 alpha hppa macppc by me. ok krw reyk
2014-11-14Add gcc printf format attributes to iked's parse.y and remove unusedDoug Hogan
yywarn() definition. ok bluhm@
2014-11-13keep queues around when anchors are being loadedMartin Pelikan
ok mikeb
2014-11-13Tweak some comments and error messages. Put all "I can't handleKenneth R Westerback
this" tests at the top of the dispatch loop. Use a 'continue' instead of 'goto <label just after the while>'. No intended functional change.
2014-11-10tweak previous; ok mikebJason McIntyre
plus a macro fix while here...
2014-11-10copy pubkey section from isakmpd(8); ok reykMike Belopuhov
2014-11-08Use open(O_CLOEXEC) rather than open() + fcntl(FD_CLOEXEC). InspiredKenneth R Westerback
by and ok guenther@.
2014-11-08Exhort user to recompile 'dhclient', not 'dhcpd', when bpf versions areKenneth R Westerback
mismatched.
2014-11-07Fixup a few problems with EAP state transitionMike Belopuhov
First of all we don't need to satisfy valid EAP state flags for IKEV2_STATE_EAP as it's an initial EAP exchange state. Then when waiting for the "ca" process to construct our AUTH payload we need to bail while sa_localauth is not available. With this change Win7 is able to establish the the tunnel again. ok markus
2014-11-07Run eap_parse on the actual message and only when the length is rightMike Belopuhov