summaryrefslogtreecommitdiff
path: root/usr.sbin/dhcpd
AgeCommit message (Collapse)Author
2016-04-04In udpsockmode codepath dhcpd.c had the promise route for pledge(2) but it wasRicardo Mestre
missing from udpsock_startup() (udpsock.c) which happens earlier and therefore would abort the program due to SIOCGIFADDR ioctl(2) on udpsock_handler Reported by Philip Higgins <phil ! unita.com.au> OK tb@
2016-02-08sys/param.h -> sys/types.h. No need to drag in nitems() only toKenneth R Westerback
use it once on an array declared iov[1]. Just use '1'. ok yasuoka@
2016-02-07avoid a use after free when parsing address ranges from a configJonathan Gray
ok krw@
2016-02-06Eliminate #include inside *.h files and include only needed headers inKenneth R Westerback
each *.c file. Inspired by mention of header silliness by Edgar Pettijohn and mmcc@ on tech@.
2016-02-03be very careful accepting packets via bpf. First check that theKenneth R Westerback
fixed part of the IP header is completely present before using its header length field. Then use the data in the IP header to ensure the entire IP packet is present. Then check that the entire UDP header is present. Then use the data in the UDP header to ensure all the data it thinks is present is actually present. Started when tj@ and a few others noticed ISC "DHCP CVE-2015-8605: UDP payload length not properly checked". ok sthen@ henning@
2015-12-21remove NULL-checks before free()mmcc
2015-12-14pledge.Kenneth R Westerback
Diff from Ricardo Mestre. Test report from sthen@.
2015-12-11Actually use default-lease-time, max-lease-time, bootp-lease-lengthKenneth R Westerback
specified in dhcpd.conf. Broken in -r1.18. Problem noted by Arne on bugs@, identical fix independently developed by Serguey Parkhomovsky.
2015-09-14Avoid .Ns right after .Pf, it's pointless.Ingo Schwarze
In some cases, do additional cleanup in the immediate vicinity.
2015-08-20stdlib.h is in scope; do not cast malloc/calloc/realloc*Theo de Raadt
ok millert krw
2015-07-27use file system path (.Pa) semantic markup macros where appropriate.Igor Sobrado
2015-06-27Do not send routers (option 3) or static routes (option 33) whenKenneth R Westerback
classless static routes (option 121, 249) are sent. RFC 3442 says servers SHOULD NOT send those options. This avoids confusing clients who fail to ignore the routers or static routes options in the presence of classless static routes options. RFC 3442 says clients MUST ignore those options. Incorrect behavior in MS and Linux clients reported by Juan on misc@. ok millert@
2015-06-11Don't do manual whitespace adjustments inside semantic macros,Ingo Schwarze
rather do it before the macros, and get rid of cargo cult escaping. Both to make the code more robust and less ugly, no output change. Ugly code reported by TJ at mrsk dot me. OK jmc@
2015-06-02write Mobile IP{,v6} in a consistent way, as given in RFCs 5944 and 6275.Igor Sobrado
ok jmc@
2015-05-18Tweak parsing so that hostnames starting with 0-9 are accepted.Kenneth R Westerback
Reported long ago by matthieu@. Also Jacob Berkman via the lists. Tests and suggestions from Jacob and Matthieu.
2015-05-02Hoist common assignments out of a series of if/if-else statementsKenneth R Westerback
in get_token(). Simplifies code and shrinks future diff. No intentional functional change.
2015-05-02Correct switch between current and previous line buffers whenKenneth R Westerback
encountering a carriage return in the input. Found by jsg@ a long time ago in a respository far, far away.
2015-04-15Avoid using inet_ntoa() twice in a single printf() parameter listKenneth R Westerback
by caching the results from excess inet_ntoa() calls before doing the printf(). Should improve usefullness (?) of DHCPRELEASE log entries by actually printing ciaddr and giaddr correctly when dhcprelays stand between servers and clients. Looks good to dlg@.
2015-03-13remove the first comma from constructs like ", and," and ", or,": you can useJason McIntyre
"and" and "or" to join sentence clauses, and you can use commas, but both hinders reading;
2015-02-10Keep track of the last time we scanned the leases to find expiredKenneth R Westerback
ones that needed to be booted out of the pf table process. This avoids removing the same addess over and over. Problem report and original diff from Bertrand Provost.
2015-02-07Close appropriate ends of pfpipe. Lets pf table process die when dhcpdKenneth R Westerback
does. Pointed out by Bertrand Provost. ok henning@
2015-02-05The pf table process should die if the pipe to the dhcpd process isKenneth R Westerback
closed. e.g. dhcpd has been killed. ok henning@
2015-01-21Include <netinet/in.h> before <net/pfvar.h>. In a future change whenTheo de Raadt
ports is ready, <net/pfvar.h> will stop including a pile of balony.
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2014-11-22/dev/random has created the same effect as /dev/arandom (and /dev/urandom)Theo de Raadt
for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
2014-11-15Reduce instances of `` '' in manuals.Anthony J. Bentley
troff displays these as typographic quotes, but nroff implementations almost always print them literally, which rarely has the intended effect with modern fonts, even in stock xterm. These uses of `` '' can be replaced either with more semantic alternatives or with Dq, which prints typographic quotes in a UTF-8 locale (but will automatically fall back to `` '' in an ASCII locale). improvements and ok schwarze@
2014-11-11Tweak the the DHCPACK to DHCPINFORM log entry so that it isKenneth R Westerback
less threatening and more informative. e.g. DHCPACK on <null address> to 5c:51:4f:56:81:c3 via em0 changes to DHCPACK to 192.168.19.62 (3c:97:0e:0c:0c:d7) via em0 Issue noted and diff tested by Marc Peters. Thanks! ok yasuoka@ millert@
2014-11-10Typo: consitent -> consistent.Kenneth R Westerback
2014-10-25Remove unnecessary netinet/in_systm.h include.Lawrence Teo
ok millert@
2014-10-08use reallocarray() to cope with multiplicative integer overflow; ok dougTheo de Raadt
2014-08-18Variables to count seen packets should be unsigned.Tobias Stoeckmann
ok krw@
2014-08-11validate len field for proper length, not just "not zero."Tobias Stoeckmann
ok krw@
2014-07-28Fix memory exhaustion occurring on DHCP options with 0 length.Tobias Stoeckmann
halex@ and krw@ pointed out that a NULL check before free can go, too. ok deraadt@, halex@, krw@
2014-07-26Fix very hard to reach DoS attack vector, which would involve more thanTobias Stoeckmann
8 billion network packets. Mixture of many many malformed and proper packets could result in a division by zero. ok krw@
2014-07-11Fix DHCPINFORM not to lookup the lease database, not to fill the yiaddrYASUOKA Masahiko
field and not to include the lease time parameters. ok krw
2014-07-11tweak previous;Jason McIntyre
ok krw yasuoka
2014-07-11Fix typoYASUOKA Masahiko
2014-07-11Add -u option to bind UDP port as a socket to answer DHCPINFORM fromYASUOKA Masahiko
the clients on non ethernet interfaces (eg. tun(4) or pppx(4)). input krw ok krw
2014-07-09Fix classless-{ms-,}static-routes to comply RFC 3442. Number ofYASUOKA Masahiko
octets should be changed by corresponding to the prefix length. And 0 should be allowed for the prefix length. Also fix white spaces. Based on diff from Yuuichi Someya. ok krw
2014-06-11Prettify & refactor, no functional change.Martin Pelikan
ok beck
2014-05-07back out the previous ICMP simplifying diff, it caused livelocks.Martin Pelikan
reported by Mikolaj Kucharski, thanks! ok krw
2014-05-05Don't call the BOOTP handler indirectly.Martin Pelikan
ok krw
2014-05-05Don't call the ICMP handler indirectly + clean up a bit.Martin Pelikan
ok krw
2014-02-08Create dhclient lease files and dhcpd lease files with permissions 0640,Kenneth R Westerback
rather than 0000 and 0664 respectively. ok kettenis@ tedu@
2014-01-21sort;Jason McIntyre
2014-01-21Add parsing for options 121 (classless-static-routes) and 249Kenneth R Westerback
(classless-ms-static-routes). dhcpd can now specify and serve these options and dhclient can recognize and use supersede, etc. statements on them. Based on a diff from Stefan Rinke. Thanks!
2014-01-03consistent Nd lines for the various dhcp bits; help/ok krwJason McIntyre
2013-12-18Two 'break;'s in a row seems excessive.Kenneth R Westerback
2013-12-05Stop pretending we still support FDDI or token ring hardware types.Kenneth R Westerback
idea ok deraadt@ matthew@
2013-12-05Nuke local #define ETHER_HEADER_SIZE and use the identical value'dKenneth R Westerback
ETHER_HDR_LEN from if_ether.h. dhclient change ok matthew@ as part of larger diff.