summaryrefslogtreecommitdiff
path: root/usr.sbin/eigrpd
AgeCommit message (Collapse)Author
2018-12-07Be more strict in converting a netmask into a prefixlen. Make sureClaudio Jeker
the prefixlen is never bigger than 128 for inet6. OK remi@
2018-11-01- odd condition/test in PF lexerAlexandr Nedvedicky
(and other lexers too) This commit rectifies earlier change: in the lex... even inside quotes, a \ followed by space or tab should expand to space or tab, and a \ followed by newline should be ignored (as a line continuation). compatible with the needs of hoststated (which has the most strict quoted string requirements), and ifstated (where one commonly does line continuations in strings). OK deraadt@, OK millert@
2018-09-26Fix use-after-free by moving the free(3) of the configured interfaces to afterRicardo Mestre
the eigrp instances on shutdown. tried to contact renato@ but he didn't answer in almost 2 months OK benno@ claudio@
2018-09-07replace malloc()+strlcpy() with strndup() in cmdline_symset().miko
"looks good" gilles@ halex@
2018-08-05Remove now unused header which I forgot to commit on previous.Ricardo Mestre
2018-08-05Revert back previous and remove cpath pledge(2) promise entirely. We decidedRicardo Mestre
that not deleting the unix control sockets cause no harm and this way we close another attack surface by not allowing the daemon to create/delete any more files. tweak and OK florian@
2018-08-02Actually order the promises in their canonical form, missed that in myRicardo Mestre
previous commit. heads up and OK tb@
2018-08-02Currently when eigrpd(8) shuts down then its unix control socket is beingRicardo Mestre
unlink(2)ed from eigrpe engine process, the problem is that this proc is chrooted and therefore the socket will never be deleted. In order to solve it we need to bring control_cleanup() function, which calls unlink(2), into the main proc which is not chrooted. This is the way it's already done for several other daemons we have in our base. Additionally we also need to move the "cpath" pledge(2) promise from the child process to the main process in order for the latter to be allowed to delete the socket and while here shuffle the promises into their canonical form. OK florian@ and benno@
2018-07-11Do for most running out of memory err() what was done for most runningKenneth R Westerback
out of memory log_warn(). i.e. ("%s", __func__) instead of manual function names and redundant verbiage about which wrapper detected the out of memory condition. ok henning@
2018-07-10"%%s: s" -> "%s: %s" in log_warn()Kenneth R Westerback
2018-07-09No need to mention which memory allocation entry point failed (malloc,Kenneth R Westerback
calloc or strdup), we just need to log that we ran out of memory in a particular function. Recommended by florian@ and deraadt@ ok benno@ henning@ tb@
2018-06-18remove the SECTIONS header, since a one line DESCRIPTION is a bit silly;Jason McIntyre
use a more general text for the sections, and avoid the catchup issue that was trying to document how many there were; ok benno rob
2018-06-11Fix an off-by-one line count when using include statements.denis
Thanks to otto@ for the initial diff. OK benno@
2018-04-26Plug leak in error case of the common 'varset' implementations.Kenneth R Westerback
ok benno@
2018-02-08Bump the read sockbuf of the routing socket to 2MB, may help reduce some ofClaudio Jeker
the desync cases. OK benno@
2017-07-24Unify ROUNDUP macros for parsing route messages.friehm
Use the macro from route(8) / ospf6d(8) since it works also with argument 0. OK claudio@
2017-03-21From a syslog perspective it does not make sense to log fatal andAlexander Bluhm
warn with the same severity. Switch log_warn() to LOG_ERR and keep fatal() at LOG_CRIT. OK reyk@ florian@
2017-02-22No need to use SIOCGIFRDOMAIN anymore.Renato Westphal
2017-01-08Replace hand-rolled for(;;) traversal of ctl_conns TAILQ withKenneth R Westerback
TAILQ_FOREACH(). No intentional functional change. ok reyk@
2017-01-05Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with moreKenneth R Westerback
modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@
2017-01-05Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQKenneth R Westerback
with more modern TAILQ_FOREACH(). This what symget() was already doing. Add paranoia '{}' around body of symget()'s TAILQ_FOREACH(). No intentional functional change. ok bluhm@ otto@
2016-10-10calls to uname(3) should be checked against non-negative valueGleydson Soares
upon successful and -1 on failure (as per POSIX). No functional change, just improves portability. requested by guenther@ looks correct to schwarze@ OK renato@
2016-09-02work on making log.c similar in all daemons:Sebastian Benoit
move daemon-local functions into new logmsg.c, and reduce the (mostly whitespace) differences so that log.c's can be diffed easily. ok claudio@
2016-09-02Minor tweaksRenato Westphal
2016-09-02Make functions and variables static whenever possible.Renato Westphal
style(9) says: "Function prototypes for private functions (i.e., functions not used elsewhere) go at the top of the first source module. In userland, functions local to one source module should be declared 'static'". The benefits of doing so include: * clean up of the eigrpd global namespace; * improved readability; * more hints to the compiler/linker to generate more efficient code. Additional changes: * Declare all extern variables in header files; * Clean up the indentation of all function prototypes and global variables. ok claudio@ benno@
2016-09-02Use static local variables instead of global variables whenever possible.Renato Westphal
Also, there's no need to zero initialize global and static variables, that's done automatically by the compiler. ok claudio@ benno@
2016-09-02Merge the recv_packet_v[46] functions into one.Renato Westphal
This reduces some code duplication and makes it easier to see the difference between the IPv4 and IPv6 raw sockets API. tweak + ok claudio@, ok benno@
2016-09-02Simplify handling of multicast addresses.Renato Westphal
During the initialization of the eigrpe process, use inet_pton() to store the EIGRP multicast addresses in two global variables: * global.mcast_addr_v4 (in_addr); * global.mcast_addr_v6 (in6_addr). This way we don't need to create temporary in_addr/in6_addr variables everytime we need to use these multicast addresses for something. "I like this" claudio@ ok benno@
2016-09-02Pledge earlier on eigrpe.Renato Westphal
This is for consistency with the other routing daemons. ok claudio@ "earlier is better" benno@
2016-09-02Remove superfluous includes and follow style(9).Renato Westphal
ok claudio@ benno@
2016-09-02Fix broken pipe teardown.Renato Westphal
* Add missing close() calls to actually close the pipes, calling just msgbuf_clean() is not enough; * Bring back some NOTREACHED lint comments. style(9) says they can be removed but in some cases they are useful to humans too; * Add __dead to the shutdown functions; * Some other minor changes to make eigrpd(8) more similar to the other routing daemons.
2016-08-08Simplify shutdown processRenato Westphal
On shutdown, there's no need to use kill(2) to kill the child processes. Just closing the IPC sockets will make the children receive an EOF, break out from the event loop and then exit. This "pipe teardown" removes a PID reuse race condition, makes the code simpler and allow us to remove "proc" from pledge. OK and tweaks from claudio@
2016-08-08rde and eigrpe should use exit(3) instead of _exit(2)Renato Westphal
Since recently these processes call exec() after fork(), so they should stop using _exit(2) and use exit(3) instead when shutting down. ok claudio@
2016-07-18add format attributes to log functions and fix two errorsSebastian Benoit
ok renato@
2016-06-21do not allow whitespace in macro names, i.e. "this is" = "a variable".Sebastian Benoit
change this in all config parsers in our tree that support macros. problem reported by sven falempin. feedback from henning@, stsp@, deraadt@ ok florian@ mikeb@
2016-06-05Fix potential SIGBUS in startup.Renato Westphal
The fork+exec diff introduced this problem where we were indirectly calling imsg_event_add() before initializing (event_set) iev_rde and iev_eigrpe. Fix this by moving down both main_imsg_send_ipc_sockets() and main_imsg_send_config(), after iev_rde and iev_eigrpe are initialized. benno@ reported this problem for the initial ospfd fork+exec attempt, now fix eigrpd too. ok deraadt
2016-06-05Call if_update() only when necessary for IPv6 address changes.Renato Westphal
For EIGRPv6, an interface only needs an link-local address in order to be enabled in the routing daemon. So adding or removing global unicast addresses, for example, will never trigger a state change in the interface. Additionally, move all address handling code to if_addr_new() and if_addr_del() to improve readability.
2016-06-05Reset the interface uptime when it is restarted.Renato Westphal
The uptime was being set only when the interface was created, which is not what we want.
2016-06-05Improve security by calling exec after fork.Renato Westphal
For each child process (rde and eigrpe), re-exec eigrpd with a special "per-role" getopt flag. This way we have seperate ASLR/cookies per process. Based on a similar patch for bgpd, from claudio@ ok deraadt
2016-05-12Disable EIGRPv6 on an interface when it loses its link-local address.Renato Westphal
2016-05-12Improve support for config reloading.Renato Westphal
2016-04-18Revert previous commit.Renato Westphal
When a process receives an EOF on a socketpair, it removes the event handler for that fd and then calls event_loopexit(). Once the process leaves the main loop, it calls its shutdown function. With that said, revert the previous patch because it was unnecessary. Pointed out and ok by deraadt@
2016-04-15Check for subnet overlap between the configured summary-addresses.Renato Westphal
2016-04-15Kill the child processes if their parent dies unexpectedly.Renato Westphal
There's no point on keeping eigrpd running if any of its processes dies unexpectedly.
2016-04-15Fix segfault on reloading the config multiple times.Renato Westphal
2016-04-15Properly implement the clear_config() function.Renato Westphal
We need to free the internal pointers of the eigrpd_conf struct, not only the main struct. This avoids memory leaks when a config reload happens to fail (e.g. due to a syntax error).
2016-04-15Move several other variables out of eigrpd_conf.Renato Westphal
Now eigrpd_conf contains only variables that can be modified via a config reload. The other variables were moved to a new struct called eigrpd_global, which is now a central point for storing global variables.
2016-04-15Move the command line options out of struct eigrpd_configRenato Westphal
into an own flag field since these can't be modified via a config reload. Pulled from bgpd. Original author: claudio@
2016-04-15Fix corner case in Feasible Condition check.Renato Westphal
From the EIGRP draft: "The Feasibility Condition is met when a neighbor's advertised cost, (RD) to a destination is less than the Feasible Distance for that destination". So, according to the draf, when the Reported Distance is EQUAL to the Feasible Distance, the Feasible Condition is NOT met.
2016-04-15Minor fixes and code cleanup.Renato Westphal
* whitespace cleanup; * copy in_addr structs directly; * add more malloc return value checks; * fix some log messages; * turn ifacecnt into a static variable; * use eigrp_addrcmp() on if_deladdr() to avoid code duplication; * s/route_print_origin/log_route_origin/ * more smaller issues.