summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2012-12-22Return EEXIST to 'add' when a port is already a bridge member. This makesCamiel Dobbelaar
reconfiguration with /etc/netstart silent again. (noticed by deraadt) And do the same for 'addspan'. ok deraadt
2012-12-21When binding to a new lease, wait for the RTM_NEWADDR message inKenneth R Westerback
S_BOUND state, which prevents confusion when another DHCPACK arrives. Problem found and fix tested by kettenis@.
2012-12-21remove makefile hacks that are no longer needed with t1 t2: working properlyMarc Espie
okay krw@
2012-12-19Don't attempt to delete an address that has already been deletedKenneth R Westerback
by a new dhclient (or anyone else). Instead, use add_address(..., INADDR_ANY, ...) to tell the privileged process that its active address is gone. Thus the cleanup process doesn't try to delete it. Eliminates extraneous log entries complaining that the address can't be deleted. Narrows race window where old dhclient might delete the address the new dhclient has just added. Make rapid-fire starting of dhclient even more reliable.
2012-12-18Don't clean up twice when the non-privileged process exits. Let theKenneth R Westerback
privileged process now cleans up itself. Continuous rapid repeated running of dhclient now more reliable.
2012-12-17Don't daemonize until the RTM_NEWADDR message is received. ShuffleKenneth R Westerback
things a bit so configuring the address and default route are done last. This makes it much more likely that all the work is done when the 'bound to ...' message is displayed. Amoung other things fixes a problem with the install scripts, where the first (hostname-associated) dhclient can exit so quickly the interface doesn't yet have an address and a second (free-floating) dhclient is therefore often run. Noted by rpe@, who also tested the fix.
2012-12-16Prevent a potential segfault that could occur if certain calloc() andLawrence Teo
strdup() calls happen to return NULL. If they do return NULL, error out to be consistent with what most of the rest of the code does when memory allocation fails. feedback/ok krw
2012-12-15Remove unused variables.Reyk Floeter
2012-12-15Don't print an error if the process exited normally.Reyk Floeter
2012-12-15Plug two memory leaks when cleaning up the dh/dsa crypto structures.Reyk Floeter
2012-12-15Fix a very hidden but harmless overflow in the MSCHAPv2 code.Reyk Floeter
2012-12-15Don't pass an uninitialized arg to ibuf_release(); initialize it to NULL.Reyk Floeter
2012-12-15Don't dereference NULL pointers (and some cleanup here).Reyk Floeter
2012-12-15Nuke unused parameter 'ifname' to get_ifname().Kenneth R Westerback
2012-12-10escape some exclamation marks to avoid unwanted double spacing;Jason McIntyre
2012-12-10add -i to usage(); ok krwJason McIntyre
2012-12-09Add a new option to the dhclient command line interface. '-i' takesKenneth R Westerback
a list of option names, and any values provided for those options in leases will be ignored. Requested by phessler@ and djm@. Tested by phessler@. Possible non-optimality of ignoring list in case of error pointed out by tedu@. ok phessler@ todd@ beck@
2012-12-05Archeological investigation shows dhclient-script did not overwriteKenneth R Westerback
resolv.conf unless at least one of domain-name or domain-name-servers were provided in the lease being bound. Tweak priv_resolv_conf() to do the same. i.e. don't overwrite resolv.conf with resolv.conf.tail when neither domain-name nor domain-name-servers are provided in the lease.
2012-12-05If there is no domain-name and no domain-name-servers provided inKenneth R Westerback
the lease (or if they are 'ignore'd in dhclient.conf), and there is no resolv,conf.tail then do not remove any existing resolv.conf. Restores the behaviour ajacoutot@ expected and todd@ thinks makes sense.
2012-12-04Eliminate hand-rolled pseudo-strerror() %m strangeness by replacingKenneth R Westerback
all occurances of %m with strerror(errno). And then nuking do_percentm() and related buffer shuffling. Also simplify parse_warn() so it takes a simple char * of the error, and thus rely on pointing to error location in input for details. Makes sense to beck@
2012-12-04add group support back (for the ramdisk version)Theo de Raadt
spotted by rpe and sthen; ok krw
2012-12-04only needs sys/types.h not sys/param.hTheo de Raadt
2012-12-04replace sys/param.h with sys/types.h (and sometimes add limits.h if needed)Theo de Raadt
ok guenther
2012-12-04remove some unnecessary sys/mbuf.h inclusionsTheo de Raadt
2012-12-04remove some unnecessary sys/cdefs.h inclusionsTheo de Raadt
2012-12-04remove some unnecessary sys/param.h inclusionsTheo de Raadt
2012-12-03Backout last. It breaks existing 'ifconfig down ; dhclient' usage.Kenneth R Westerback
Pointed out by deraadt@
2012-12-03Cleanup after a 'ifconfig down', but stick around so 'ifconfig up'Kenneth R Westerback
will get a new lease without having to restart dhclient. Also tweak cleanup() to cancel any existing timeout, so one doesn't fire between 'down' and 'up'. Makes sense to chris@ beck@.
2012-12-02Try harder to cleanup when exiting. In particular catch signalsKenneth R Westerback
SIGHUP, SIGINT, SIGTERM, SIGUSR1, SIGUS2 and cleanup before exiting when getting them. Cleanup meaning removing routes and the interface address added. Tweaks and feedback from phessler@, sthen@, otto@, deraadt@
2012-12-01Make privileged process daemonize too. Using same function as theKenneth R Westerback
non-privileged process, go_daemon(). As pointed out by kettenis@, otherwise it is still attached to a controlling terminal and subject to the dangers thereof. Prep for having the privileged process pay attention to signals.
2012-12-01A couple of whitespace nits.Kenneth R Westerback
2012-11-30get rid of unneeded \n here. err(3) family already does it for us.Gleydson Soares
OK mikeb@ camield@ reyk@ sobrado@ henning@ krw@
2012-11-29use Nm instead of Xr to self;Jason McIntyre
2012-11-29Prevent VPN traffic leakages in dual-stack hosts/networks.Reyk Floeter
See http://tools.ietf.org/html/draft-gont-opsec-vpn-leakages. We forcibly block IPv6 traffic by loading a "flow esp out from ::/0 to ::/0 type deny" unless the protocol is used in any of the flows. Note that this will block any IPv6 traffic, superseding routes and pf, on the host by default when iked is running with IPv4 flows only. This auto-blocking feature can be disabled by specifying the "-6" command line flag to iked. Thanks to Fernando Gont. ok mikeb@
2012-11-29Nobody looks at the result of fork_privchld(), so make it returnKenneth R Westerback
void and not int/pid_t.
2012-11-29Nuke unused 'extern' declaration.Kenneth R Westerback
2012-11-27Clean up parsing of option lists. Part 7 (and final).Kenneth R Westerback
Allow 'request ;', 'require ;' and 'ignore ;' as requests to create empty lists of options. Thus enabling the removal of built-in lists or the removal of global lists inside an 'interface' declaration.
2012-11-27Clean up parsing of option lists. Part 6.Kenneth R Westerback
Treat 'ignore' option lists the same as 'request' and 'require' option lists. i.e. keep a list of the options rather than using an ACTION flag. So overriding a previous ignore list will not leave breadcrumbs and incorrect ACTIONs lying around. The list will be applied when the new lease is created, and will override any ACTION specified for the option. Mention in dhclient.conf(5) that each request/require/ignore statement will override any previous one.
2012-11-27Clean up parsing of option lists. Part 5.Kenneth R Westerback
Don't toss away an existing request/require list unless the new list is successfully parsed.
2012-11-25Clean up parsing of option lists. Part 3.Kenneth R Westerback
Storing an option in a list more than once is silly, wastes space and is possibly confusing to sensitive dhcp servers. Make it a syntax error to attempt to store an option in a list more than once.
2012-11-25Clean up parsing of option lists. Part 2.Kenneth R Westerback
DHO_PAD ("pad") and DHO_END ("option-end") are not really options and it makes no sense to require, request, or ignore them. And probably would confuse some sensitive dhcp servers.
2012-11-25Clean up parsing of option lists. Part 1.Kenneth R Westerback
1) Add config->required_options_count so that syntactically incorrect request statement in dhclient.conf is completely ignored. 2) Pass size of buffer being filled instead of assuming 256. 3) Always zero (a.k.a. DHO_PAD) the passed in buffer. 4) Check for out of bounds index before using it, not after. Add TOK_IGNORE to syntax in comment. No intentional functional change other than catching bad request statements.
2012-11-24Don't segfault if no subnet-mask is provided, or is marked 'ignore'Kenneth R Westerback
in dhclient.conf. Always zero out stack masks rather than using stack garbage when no subnet-mask is provided.
2012-11-23Mention hardmtu in the list relating to hwfeatures, suggested by jmc@Stuart Henderson
2012-11-23Display hardmtu value when "ifconfig hwfeatures" is used.Stuart Henderson
Looks fine reyk@ ok mikeb@
2012-11-23Missed file from last commit.Kenneth R Westerback
2012-11-23Use the libutil imsg framework rather than a hand-rolled localKenneth R Westerback
version. This is the last hand-rolled imsg implementation I could spot. Doesn't seem to break sparc64. Suggested by chris@, tweaks from brad@ and reyk@. ok reyk@
2012-11-17'deeleting' -> 'deleting' in comment.Kenneth R Westerback
2012-11-16Call discover_interface() before forking, so both processes will knowKenneth R Westerback
the interface index, hardware address, etc. as well as the interface name.
2012-11-16Add missing 'break;' so that IFT_ETHER, etc. routes are deleted asKenneth R Westerback
intended.