The wrong character was used to indicate options taking an integer
parameter.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
EINTR _should_ only happen on two signals we trap, and safe_poll
_should_ work here just fine, but there were kernel bugs where spurious EINTRs
happen (e.g. on ptrace attach). Be safe.
function old new delta
udhcpd_main 1437 1468 +31
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Fixes:
commit 52a515d187
"udhcp: use poll() instead of select()"
Feb 16 2017
udhcp_sp_read() is meant to check whether signal pipe indeed has some data to read.
In the above commit, it was changed as follows:
- if (!FD_ISSET(signal_pipe.rd, rfds))
+ if (!pfds[0].revents)
return 0;
The problem is, the check was working for select() purely by accident.
Caught signal interrupts select()/poll() syscalls, they return with EINTR
(regardless of SA_RESTART flag in sigaction). _Then_ signal handler is invoked.
IOW: they can't see any changes to fd state caused by signal haldler
(in our case, signal handler makes signal pipe ready to be read).
For select(), it means that rfds[] bit array is unmodified, bit of signal
pipe's read fd is still set, and the above check "works": it thinks select()
says there is data to read.
This accident does not work for poll(): .revents stays clear, and we do not
try reading signal pipe as we should. In udhcpd, we fall through and block
in socket read. Further SIGTERM signals simply cause socket read to be
interrupted and then restarted (since SIGTERM handler has SA_RESTART=1).
Fixing this as follows: remove the check altogether. Set signal pipe read fd
to nonblocking mode. Always read it in udhcp_sp_read().
If read fails, assume it's EAGAIN and return 0 ("no signal seen").
udhcpd avoids reading signal pipe on every recvd packet by looping if EINTR
(using safe_poll()) - thus ensuring we have correct .revents for all fds -
and calling udhcp_sp_read() only if pfds[0].revents!=0.
udhcpc performs much fewer reads (typically it sleeps >99.999% of the time),
there is no need to optimize it: can call udhcp_sp_read() after each poll
unconditionally.
To robustify socket reads, unconditionally set pfds[1].revents=0
in udhcp_sp_fd_set() (which is before poll), and check it before reading
network socket in udhcpd.
TODO:
This might still fail: if pfds[1].revents=POLLIN, socket read may still block.
There are rare cases when select/poll indicates that data can be read,
but then actual read still blocks (one such case is UDP packets with
wrong checksum). General advise is, if you use a poll/select loop,
keep all your fds nonblocking.
Maybe we should also do that to our network sockets?
function old new delta
udhcp_sp_setup 55 65 +10
udhcp_sp_fd_set 54 60 +6
udhcp_sp_read 46 36 -10
udhcpd_main 1451 1437 -14
udhcpc_main 2723 2708 -15
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/3 up/down: 16/-39) Total: -23 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When fetching a https:// URL with HTTP proxy configured
(e.g. with environment variable http_proxy=http://your-proxy:3128)
busybox was making a https connection to the proxy.
This was because the protocol scheme for the target URL was used to determine whether to connect to the proxy over SSL or not.
When the proxy is in use, the decision on whether to connect to the proxy over https
should based on the proxy URL not on the target URL.
function old new delta
wget_main 2381 2387 +6
Signed-off-by: Peter Lloyd <l-busybox@pgl22.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Attaching an interface to a VRF is done by setting the interface's
master. Besides VRF, this can also be used for bridges.
function old new delta
set_master - 142 +142
do_iplink 1262 1357 +95
packed_usage 32546 32539 -7
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/1 up/down: 237/-7) Total: 230 bytes
Signed-off-by: Jan Luebbe <jluebbe@debian.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
VRF interfaces have a mandatory table parameter, which needs to be
specified using a RTNL attribute.
function old new delta
do_add_or_delete 1150 1254 +104
packed_usage 32444 32546 +102
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 206/0) Total: 206 bytes
Signed-off-by: Jan Luebbe <jluebbe@debian.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This way, we can zero them all in one go.
We do malloc() anyway, thus nothing is lost by mallocing "globals"
function old new delta
arping_main 1683 1686 +3
finish 100 86 -14
catcher 350 310 -40
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/2 up/down: 3/-54) Total: -51 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
ARPING 192.168.1.1 from 192.168.1.172 wlan0
Unicast reply from 192.168.1.1 [F4:F2:6D:52:A8:DE] 1.672ms
Sent 1 probes (1 broadcast(s))
Received 1 response(s)
ARPING 192.168.1.1 from 192.168.1.172 wlan0
Unicast reply from 192.168.1.1 [f4:f2:6d:52:a8:de] 1.152ms
Sent 1 probe(s) (1 broadcast(s))
Received 1 response(s) (0 request(s), 0 broadcast(s))
function old new delta
finish 120 100 -20
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Do not clear extra bits on option_mask32, it's not necessary.
Move DAD bit to 2, this makes exit logic simpler.
function old new delta
arping_main 1655 1629 -26
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Since bb_info_msg() was eliminated type of buffering on stdout is not important
function old new delta
udhcpd_main 1463 1451 -12
udhcpc_main 2735 2723 -12
setlinebuf 19 - -19
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 0/2 up/down: 0/-43) Total: -43 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The current standard (RFC 3542) is for IPV6_RECVPKTINFO to be given to
setsockopt, and IPV6_PKTINFO to be used as the packet type. Previously,
RFC 2292 required IPV6_PKTINFO to be used for both, but RFC 3542
re-purposed IPV6_PKTINFO when given to setsockopt. The special
Linux-specific IPV6_2292PKTINFO has the same semantics as IPV6_PKTINFO
in RFC 2292, but was introduced at the same time as IPV6_RECVPKTINFO.
Therefore, if we have IPV6_RECVPKTINFO available, we can use the RFC
3542 style, and if not, we assume that only the RFC 2292 API is
available, using IPV6_PKTINFO for both.
Signed-off-by: James Clarke <jrtc27@jrtc27.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Bad case: send request to server1good.com; then try to resolve server2bad.com -
this fails, and failure takes ~5 secs; then receive server1's
response 5 seconds later. We'll never sync up in this case...
function old new delta
ntpd_main 1079 1106 +27
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
iproute.c: In function 'print_route':
iproute.c:85:9: error: 'RTA_TABLE' undeclared (first use in this function)
iproute.c:85:9: note: each undeclared identifier is reported only once for each function it appears in
iproute.c: In function 'iproute_modify':
iproute.c:467:36: error: 'RTA_TABLE' undeclared (first use in this function)
Fix it by partially #ifdef'ing the code added in b42107f215
Signed-off-by: Eugene Rudoy <gene.devel@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
With new code, we request that target IP (server ID) must be directly reachable.
If it's not, this happens:
udhcpc: waiting 2000 seconds
udhcpc: entering listen mode: kernel
udhcpc: opening listen socket on *:68 wlan0
udhcpc: entering renew state
udhcpc: sending renew to 1.1.1.1
udhcpc: send: Network is unreachable
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1.1.1.1 needs routing, this is fishy!
udhcpc: entering rebinding state
udhcpc: entering listen mode: raw
udhcpc: created raw socket
udhcpc: sending renew to 0.0.0.0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ going to use broadcast
which is the desired behavior. Before the patch, packet to 1.1.1.1 was routed
over eth0 (!) and maybe even into Internet (!!!).
function old new delta
udhcpc_main 2752 2763 +11
udhcp_send_kernel_packet 295 301 +6
send_renew 82 84 +2
send_packet 166 168 +2
bcast_or_ucast 23 25 +2
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 5/0 up/down: 23/0) Total: 23 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
I see random field values like sll_hatype=0x267 when I strace.
They seem to not matter, but just in case they sometimes do,
let's at least have deterministic values (via memset(0)).
function old new delta
change_listen_mode 308 322 +14
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
FEATURE_GETOPT_LONG made dependent on LONG_OPTS.
The folloving options are removed, now LONG_OPTS enables long options
for affected applets:
FEATURE_ENV_LONG_OPTIONS FEATURE_EXPAND_LONG_OPTIONS
FEATURE_UNEXPAND_LONG_OPTIONS FEATURE_MKDIR_LONG_OPTIONS
FEATURE_MV_LONG_OPTIONS FEATURE_RMDIR_LONG_OPTIONS
FEATURE_ADDGROUP_LONG_OPTIONS FEATURE_ADDUSER_LONG_OPTIONS
FEATURE_HWCLOCK_LONG_OPTIONS FEATURE_NSENTER_LONG_OPTS
FEATURE_CHCON_LONG_OPTIONS FEATURE_RUNCON_LONG_OPTIONS
They either had a small number of long options, or their long options are
essential.
Example: upstream addgroup and adduser have ONLY longopts,
we should probably go further and get rid
of non-standard short options.
To this end, make addgroup and adduser "select LONG_OPTS".
We had this breakage caused by us even in our own package!
#if ENABLE_LONG_OPTS || !ENABLE_ADDGROUP
/* We try to use --gid, not -g, because "standard" addgroup
* has no short option -g, it has only long --gid.
*/
argv[1] = (char*)"--gid";
#else
/* Breaks if system in fact does NOT use busybox addgroup */
argv[1] = (char*)"-g";
#endif
xargs: its lone longopt no longer depends on DESKTOP, only on LONG_OPTS.
hwclock TODO: get rid of incompatible -t, -l aliases to --systz, --localtime
Shorten help texts by omitting long option when short opt alternative exists.
Reduction of size comes from the fact that store of an immediate
(an address of longopts) to a fixed address (global variable)
is a longer insn than pushing that immediate or passing it in a register.
This effect is CPU-agnostic.
function old new delta
getopt32 1350 22 -1328
vgetopt32 - 1318 +1318
getopt32long - 24 +24
tftpd_main 562 567 +5
scan_recursive 376 380 +4
collect_cpu 545 546 +1
date_main 1096 1095 -1
hostname_main 262 259 -3
uname_main 259 255 -4
setpriv_main 362 358 -4
rmdir_main 191 187 -4
mv_main 562 558 -4
ipcalc_main 548 544 -4
ifenslave_main 641 637 -4
gzip_main 192 188 -4
gunzip_main 77 73 -4
fsfreeze_main 81 77 -4
flock_main 318 314 -4
deluser_main 337 333 -4
cp_main 374 370 -4
chown_main 175 171 -4
applet_long_options 4 - -4
xargs_main 894 889 -5
wget_main 2540 2535 -5
udhcpc_main 2767 2762 -5
touch_main 436 431 -5
tar_main 1014 1009 -5
start_stop_daemon_main 1033 1028 -5
sed_main 682 677 -5
script_main 1082 1077 -5
run_parts_main 330 325 -5
rtcwake_main 459 454 -5
od_main 2169 2164 -5
nl_main 201 196 -5
modprobe_main 773 768 -5
mkdir_main 160 155 -5
ls_main 568 563 -5
install_main 773 768 -5
hwclock_main 411 406 -5
getopt_main 622 617 -5
fstrim_main 256 251 -5
env_main 198 193 -5
dumpleases_main 635 630 -5
dpkg_main 3991 3986 -5
diff_main 1355 1350 -5
cryptpw_main 233 228 -5
cpio_main 593 588 -5
conspy_main 1135 1130 -5
chpasswd_main 313 308 -5
adduser_main 887 882 -5
addgroup_main 416 411 -5
ftpgetput_main 351 345 -6
get_terminal_width_height 242 234 -8
expand_main 690 680 -10
static.expand_longopts 18 - -18
static.unexpand_longopts 27 - -27
mkdir_longopts 28 - -28
env_longopts 30 - -30
static.ifenslave_longopts 34 - -34
mv_longopts 46 - -46
static.rmdir_longopts 48 - -48
packed_usage 31739 31687 -52
------------------------------------------------------------------------------
(add/remove: 2/8 grow/shrink: 3/49 up/down: 1352/-1840) Total: -488 bytes
text data bss dec hex filename
915681 485 6880 923046 e15a6 busybox_old
915428 485 6876 922789 e14a5 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Move first two messages to log2 level:
08:46:32.23824 udhcpc: opening raw socket on ifindex 2
08:46:32.23825 udhcpc: got raw socket fd
08:46:32.26354 udhcpc: created raw socket
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Basedon patch by Bernd Holzmüller <bernd.holzmueller@tiggerswelt.net>
function old new delta
option_to_env 504 580 +76
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This patch adds filtering by and printing of 'scope' to the
ip route command, taken from the upstream ip command.
x86_64:
function old new delta
iproute_list_or_flush 1548 1674 +126
print_route 2394 2469 +75
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 201/0) Total: 201 bytes
mipsel:
iproute_list_or_flush 1952 2096 +144
print_route 2580 2696 +116
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 2/0 up/down: 260/0) Total: 260 bytes
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patch is based on work by tiggerswelt.net. They say:
"
We wanted udhcpc6 to release its IPv6-Addresses on
quit (-R-commandline-option) which turned out to generate once again
kind of garbage on the network-link.
We tracked this down to two issues:
- udhcpc6 uses a variable called "srv6_buf" to send packets to
the dhcp6-server, but this variable is never initialized correctly
and contained kind of a garbage-address
- The address of the dhcp6-server is usually a link-local-address,
that requires an interface-index when using connect() on an AF_INET6-
socket
We added an
additional parameter for ifindex to d6_send_kernel_packet() and made
d6_recv_raw_packet() to capture the address of the dhcp6-server and
forward it to its callee.
"
Three last patches together:
function old new delta
d6_read_interface - 454 +454
d6_recv_raw_packet - 283 +283
option_to_env 249 504 +255
.rodata 165226 165371 +145
send_d6_discover 195 237 +42
send_d6_select 118 159 +41
send_d6_renew 173 186 +13
send_d6_release 162 173 +11
opt_req - 10 +10
d6_send_kernel_packet 304 312 +8
opt_fqdn_req - 6 +6
d6_mcast_from_client_config_ifindex 48 51 +3
d6_find_option 63 61 -2
udhcpc6_main 2416 2411 -5
static.d6_recv_raw_packet 266 - -266
------------------------------------------------------------------------------
(add/remove: 5/1 grow/shrink: 8/2 up/down: 1271/-273) Total: 998 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patch is based on work by tiggerswelt.net. They say:
"
But when we tried to use dnsmasq on server-side, udhcpc6 was unable to
forward the acquired address to its setup-script although the
IPv6-Address had been assigned by the server as we could see via
tcpdump. We traced this issue down to a problem on how udhcpc6 parses
DHCPv6-Options: When moving to next option, a pointer-address is
increased and a length buffer is decreased by the length of the option.
The problem is that it is done in this order:
option += 4 + option[3];
len_m4 -= 4 + option[3];
But this has to be switched as the length is decreased by the length of
the *next* option, not the current one. This affected both - internal
checks if a required option is present and the function to expose
options to the environment of the setup-script.
There was also a bug parsing D6_OPT_STATUS_CODE Options, that made
dnsmasq not work as udhcpc6 thought it is receiving a non-positive
status-code (because it did not parse the status-code as required in RFC
3315).
In addition we introduced basic support for RFC 3646 (OPTION_DNS_SERVERS
and OPTION_DOMAIN_LIST) and RFC 4704 (OPTION_CLIENT_FQDN).
"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Patch is based on work by tiggerswelt.net. They say:
"Using this patch it was no problem to acquire an IPv6-Address via DHCPv6
using ISC DHCPD6 on server-side."
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
We were strdup'ing "Cookie: foo" every time we saw it.
function old new delta
handle_incoming_and_exit 2733 2821 +88
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Anonymous ftpd login is useful even when ftpd authentication feature
is enabled. Anonymous logins provide simple password-less connection
for FTP clients.
To allow password-less connection user command line option '-a USER' is
added. This option specifies the system user to use when
'anonymous' username is given in USER command. No password is required
in this case.
function old new delta
ftpd_main 2164 2232 +68
packed_usage 31015 31046 +31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 99/0) Total: 99 bytes
Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)
This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Hoped this can make cdn.kernel.org to like us more. Nope.
While at it, made error reporting more useful.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.
This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).
function old new delta
tls_handshake - 1691 +1691
tls_run_copy_loop - 443 +443
ssl_client_main - 128 +128
packed_usage 30978 31007 +29
wget_main 2508 2535 +27
applet_names 2553 2560 +7
...
xwrite_encrypted 360 342 -18
tls_main 2127 - -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195) Total: 156 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Was:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
ip [OPTIONS] OBJECT [COMMAND]
where OBJECT := address|route|link|tunnel|neigh|rule
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
User: instead of repeating list of OBJECTs twice, you could at least
show available COMMANDs...
Now:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
COMMAND :=
ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
ip route list|flush|add|del|change|append|replace|test ROUTE
ip link set IFACE [up|down] [arp on|off] | show [IFACE]
ip tunnel add|change|del|show [NAME]
[mode ipip|gre|sit]
[remote ADDR] [local ADDR] [ttl TTL]
ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
ip rule [list] | add|del SELECTOR ACTION
While at it, tweak tc --help too (it stays disabled, thus no effect)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
As it turns out, it goes only up to "inbuf_size:4608"
for kernel.org - fixed 18kb buffer was x4 larger than necessary.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
With tls_has_buffered_record(), entire kernel.org response
is printed at once, without 6 second pause to see its delayed EOF.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
For the first time
printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | ./busybox tls kernel.org
successfully reads entire server response and TLS shutdown.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This is particularly useful if hostname resolution is triggered by
host non-reachability: I saw this in real-life, without the message
it is not at all obvious that IP that we use for a specific host
has changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Successfully finishes handshake with test servers using NULL-SHA256
cipher.
The "only" thing remaining before there is a chance
this can actually work with real servers is AES encrypt/decrypt.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>