summaryrefslogtreecommitdiff
path: root/sbin
AgeCommit message (Collapse)Author
2012-11-14Remove useless _new_ and _old_ from various function names to makeKenneth R Westerback
them shorter and eliminate implications about what the function does. No functional change.
2012-11-11Fix dhclient.conf 'default' directive which was also broken in codeKenneth R Westerback
refactoring. i.e. use specified value if server has provided no data.
2012-11-11supersede/append/prepend actions should work even if the dhcp serverKenneth R Westerback
doesn't send any data for the affected option. This was broken when the supersede/append/prepend/ignore logic was refactored. Reported by and fix tested by johnw via misc@
2012-11-09Remove now unused files.Kenneth R Westerback
2012-11-08Remove confusing extra address abstraction 'struct iaddr'. Just useKenneth R Westerback
'in_addr'. Remove many double conversions and other perversions. piaddr() replaced with inet_ntoa(). dhclient is extremely unlikely to support anything but ipv4/dhcp without a complete rewrite. Joint work with chris@. Positive feedback from deraadt@ zinke@ phessler@.
2012-11-08Remove lie about dhclient configuring all interfaces. MentionKenneth R Westerback
'egress' as a special interface name.
2012-11-08Close routing socket fd leak when deleting old address.Kenneth R Westerback
Spotted by zinke@.
2012-11-07Nuke unused struct and function declarations.Kenneth R Westerback
2012-11-07Always memcpy() into/out of option data rather than hoping the char *Kenneth R Westerback
will be always be aligned. Don't pass around pointers into option data - use variable that has the memcpy()'d data.
2012-11-07Use memset() consistently rather than tossing in a few bzero()'s.Kenneth R Westerback
2012-11-07Use memcpy() consistently rather than tossing in a few bcopy()'s.Kenneth R Westerback
2012-11-07Kill some annoying extra spaces. No code change.Kenneth R Westerback
2012-11-06Ensure that if_exists() always closes its socket before returning.Lawrence Teo
Also fix a bug where the return value of if_exists() was not checked correctly if the interface disappears while pflogd is running. ok beck henning
2012-11-06Kill two unused functions, subnet_number() and broadcast_addr().Kenneth R Westerback
2012-11-05Some systems give ENETUNREACH when trying to add the 'standard'Kenneth R Westerback
host route, a.k.a. 'route add w.x.y.z 127.0.0.1'. Since dhclient-script ignored the failure, ignore it here too until it can be explained or we stop creating these routes.
2012-11-04Properly clear the UP flag while forcing the interface down/upStefan Sperling
rather than setting all flags to zero. ok krw deraadt
2012-11-04Use consistant initialization idiom to reduce confusion.Kenneth R Westerback
2012-11-04No need to pass interface name around when flushing routes.Kenneth R Westerback
2012-11-04No need to pass interface name around when creating routes.Kenneth R Westerback
2012-11-03Various fixes/tweaks for resolv.conf handling:Kenneth R Westerback
1) Don't leak a file descriptor if there are no contents for resolv.conf. 2) Allow for only resolv.conf.tail to go into resolv.conf. 3) Don't need to pass around interface name when creating resolv.conf. 4) Don't leave 0 length resolv.conf lying around if there are no contents.
2012-11-03While this identical idiom caused problems when building an ifaliasreqKenneth R Westerback
to *add* an address, here (building an ifaliasreq to delete an address) it worked fine. But change it to the bcopy() dance that works in the adding case just to be consistant until a sparc64/gcc guru is cornered in a bar with a full keg of guiness.
2012-11-02Avoid some misaligned access on sparc64 (at least) by bcopy()'ingKenneth R Westerback
in_addr_t values into s_addr's rather than assigning them. Possibly not the ideal solution, but at least dhclient will work again on sparc64.
2012-11-02Don't add a 'nameserver' line to resolv.conf if the nameserver inKenneth R Westerback
question is the empty string. Spotted by Joerg Zinke.
2012-11-02Watch the non-privileged end of the pipe to the privileged childKenneth R Westerback
process. So when the child dies, the parent exits immediately.
2012-11-01KNF some leading spaces into tabs.Kenneth R Westerback
2012-10-31Delete some leftover debug code and the array it rode in on.Kenneth R Westerback
2012-10-31chris@ spotted a '2038' where a '2048' was meant and pointed outKenneth R Westerback
that a macro (which I called MAXRESOLVCONSIZE) would make things easier to read and reduce such typos. Make it so.
2012-10-31Forcibly delete all existing ipv4 addresses from an interface whenKenneth R Westerback
binding a lease to that interface. This fixes issues sthen@ found with unexpectedly persistant addresses and failures of dhclient when switching an interface repeatedly between different networks. This crude but predictable behaviour may be toned down once it is figured out what we want to do with mixed static/dynamic configurations on an interface. ok sthen@
2012-10-30Nuke dhclient-script and dhclient.conf 'script' directive. Do allKenneth R Westerback
interface and route configuration via ioctl's and routing sockets. This will break configurations using local enhancements of dhclient-script, which will now require alternate arrangements. Committing early to allow time to identify and develop required alternatives. Several proddings by deraadt@.
2012-10-30New file holding functions to perform direct interface and routingKenneth R Westerback
maninpulations. Inspired by similar files in bgpd, dvmrpd, ldpd, etc. Necessary for imminent nuking of dhclient-script. Not linked into build at the moment.
2012-10-29backout possible infinit-loop (from rev 1.5) when parsing nat_d;Markus Friedl
report from Thomas Proell/Siemens ProductCERT; fix from hshoexer; ok mikeb
2012-10-29Teach wsconsctl(8) about the elantech mouse type. Diff from shadchin@.Stefan Sperling
2012-10-27Change dhclient.conf directive 'ignore' to take a list of option namesKenneth R Westerback
rather than list of option declarations. e.g. 'ignore routers;' instead of 'ignore routers 1.2.3.4;' The value in the declaration was being ignored anyway. While there clean up the related code a bit.
2012-10-25Include the license and copyright notice in the generated files.Reyk Floeter
2012-10-25Move the arrays of default IKE and ESP transforms into parse.y insteadReyk Floeter
of generating them with genmap from ikev2.h. They're only really needed in parse.y and this diff also allows to simplify genmap.sh.
2012-10-23Change the order of variables just to shrink the diff to the (not yetReyk Floeter
released) portable version a bit. No functional changes.
2012-10-23Allow to overwrite a few more definitions like file paths from theReyk Floeter
Makefile. No functional change.
2012-10-23Add a cast for input to inet_pton() to silence a possible but harmlessReyk Floeter
compiler warning.
2012-10-22tweak previous;Jason McIntyre
2012-10-22Fix NAT-T support in iked, both on the initiator and the responderReyk Floeter
side. Also add a new command line option -t to optionally enforce NAT-T with UDP encapsulation on port 4500. Tested by mikeb@ and me ok mikeb@
2012-10-19rtableid must be BREAK instead of MERGE, otherwise the optimizer mightHenning Brauer
reorder rules incorrectly, i. e.: pass rtable 2 pass from 10/16 rtable 0 pass from 10.1/16 rtable 1 so with this ruleset a packet from 10/16 will end up in rtable 0. now let's see what pfctl makes out of it, with default optimization: <brahe@tachi> pfctl $ pfctl -nvf t.conf pass inet from 10.0.0.0/16 to any flags S/SA rtable 0 pass inet from 10.1.0.0/16 to any flags S/SA rtable 1 pass all flags S/SA rtable 2 OUPS! a packet from 10/16 will end up in rtable 2 now. found by phessler, fix by your's truly, from EuroBSDcon ok beck phessler benno mikeb sthen
2012-10-18Disallow tables and interface address pools for rdr-to, nat-to andReyk Floeter
route-to with any other scheduling algorithms than round-robin or least-states. Before this change, pfctl accepted and loaded invalid address pools, eg. "rdr-to <table> source-hash", but it is not supported by the kernel and was silently ignored in operation. Also clarify the manpage a bit by mentioning that tables are only valid with round-robin or least-states. ok zinke@
2012-10-13move the exit status stuff into an EXIT STATUS section;Jason McIntyre
2012-10-11fix "disable lidsuspend on shutdown":Alexander Hall
- pull in machine/cpu.h so we can actually see CPU_LIDSUSPEND if it's there - fix the resulting compilation errors now that the code is actually used "Just go for it" deraadt@
2012-10-11The RSA public keys will be found in a subdirectory of /etc/iked/Reyk Floeter
called "pubkeys" not "pubkey". Found by Michael Cardell "MC" Widerkrantz
2012-10-11Remove the new (as of r1.56) line of code which updates ifi->linkstat inStuart Henderson
the dispatch loop again; in the case where two RTM_IFINFO link changes occur immediately after each other (as in the case with trunk and probably vlan) dhclient missed the state change of the second interface. ok krw@, who points out that dhcp packets received between the two RTM_IFINFO messages would be lost, however the window is small (<0.4ms on my laptop) and this is better than not noticing the link change.
2012-10-10Revert r1.155. Routing breaks if dhclient-script flushes theKenneth R Westerback
interface's routes when the interface is down. Prevents floods of RTM_MISS messages on 'ifconfig down'. And might fix the vpn related failures pirofti@ is seeing.
2012-10-09"If srcid is omitted, the default is to use the hostname of the localReyk Floeter
machine." This has been broken when the subjectAltName certificate check was introduced some time ago. Fix it by obtaining the hostname source Id in the certificate request code as well. ok mikeb@
2012-09-29Remove extra .PpLawrence Teo
ok jmc
2012-09-25Correct DPADD to not list libssl which is not used by iked.Brad Smith
ok sthen@ mikeb@