emo/ndhc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e2ee728982
ndhc/src/ifchd.c

407 lines
12 KiB
C
Raw Normal View History

Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
/* ifchd.c - interface change daemon
*
* Copyright (c) 2004-2014 Nicholas J. Kain <njkain at gmail dot com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* - Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/epoll.h>
#include <sys/signalfd.h>
Change the thread name of the various ndhc processes so that they can be identified via ps/top.
2014-03-11 00:14:12 +05:30
#include <sys/prctl.h>
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
#include <sys/stat.h>
#include <fcntl.h>
#include <signal.h>
#include <errno.h>
#include <getopt.h>
Update to latest ncmlib changes.
2014-03-31 02:32:48 +05:30
#include "nk/log.h"
#include "nk/privilege.h"
#include "nk/signals.h"
#include "nk/io.h"
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
Update to latest ncmlib changes.
2014-03-31 02:32:48 +05:30
#include "seccomp.h"
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
#include "ifchd.h"
Clean up and centralize stray external prototypes into headers.
2014-03-13 01:54:02 +05:30
#include "ndhc.h"
Fix warnings in ifchd-parse.rl. Just needed function prototypes.
2014-03-11 04:59:19 +05:30
#include "ifchd-parse.h"
Use a unified epoll_(add|del)(). Also, background() and setup_signals_ndhc() are moved from sys.c to ndhc.c. background() also no longer attempts to re-configure signals; signals are always set up on initial ndhc initialization.
2014-03-13 02:21:10 +05:30
#include "sys.h"
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
#include "ifset.h"
struct ifchd_client cl;
static int epollfd, signalFd;
/* Slots are for signalFd and the ndhc -> ifchd pipe. */
static struct epoll_event events[2];
ifchd.c: resolv_conf_fd can be static.
2014-03-13 01:44:48 +05:30
static int resolv_conf_fd = -1;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
/* int ntp_conf_fd = -1; */
/* If true, allow HOSTNAME changes from dhcp server. */
int allow_hostname = 0;
uid_t ifch_uid = 0;
gid_t ifch_gid = 0;
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
static void writeordie(int fd, const char *buf, size_t len)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
writeordie() was buggy; delete the == 1 which makes no sense.
2014-04-06 16:01:40 +05:30
ssize_t r = safe_write(fd, buf, len);
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
if (r < 0 || (size_t)r != len)
suicide("%s: (%s) write failed: %d", client_config.interface,
__func__, r);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
}
/* Writes a new resolv.conf based on the information we have received. */
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
static void write_resolve_conf(void)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
static const char ns_str[] = "nameserver ";
static const char dom_str[] = "domain ";
static const char srch_str[] = "search ";
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
int r;
off_t off;
char buf[MAX_BUF];
ifchd.c: If resolv_conf_fd < 0, it is invalid. -1 is the explicit uninitialized value, but there is no need to limit the guard to -1.
2014-03-13 06:28:27 +05:30
if (resolv_conf_fd < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
return;
if (strlen(cl.namesvrs) == 0)
return;
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (lseek(resolv_conf_fd, 0, SEEK_SET) < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
return;
char *p = cl.namesvrs;
while (p && (*p != '\0')) {
char *q = strchr(p, ',');
if (!q)
q = strchr(p, '\0');
else
*q++ = '\0';
Switch to using snprintf in dhcp.c and ifch.c so that truncations can be easily detected.
2014-03-20 05:02:45 +05:30
ssize_t sl = snprintf(buf, sizeof buf, "%s", p);
if (sl < 0 || (size_t)sl >= sizeof buf) {
log_warning("%s: (%s) snprintf failed appending nameservers",
client_config.interface, __func__);
}
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
writeordie(resolv_conf_fd, ns_str, strlen(ns_str));
writeordie(resolv_conf_fd, buf, strlen(buf));
writeordie(resolv_conf_fd, "\n", 1);
p = q;
}
p = cl.domains;
int numdoms = 0;
while (p && (*p != '\0')) {
char *q = strchr(p, ',');
if (!q)
q = strchr(p, '\0');
else
*q++ = '\0';
Switch to using snprintf in dhcp.c and ifch.c so that truncations can be easily detected.
2014-03-20 05:02:45 +05:30
ssize_t sl = snprintf(buf, sizeof buf, "%s", p);
if (sl < 0 || (size_t)sl >= sizeof buf) {
log_warning("%s: (%s) snprintf failed appending domains",
client_config.interface, __func__);
}
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
if (numdoms == 0) {
writeordie(resolv_conf_fd, dom_str, strlen(dom_str));
writeordie(resolv_conf_fd, buf, strlen(buf));
} else {
if (numdoms == 1) {
writeordie(resolv_conf_fd, "\n", 1);
writeordie(resolv_conf_fd, srch_str, strlen(srch_str));
writeordie(resolv_conf_fd, buf, strlen(buf));
} else {
writeordie(resolv_conf_fd, " ", 1);
writeordie(resolv_conf_fd, buf, strlen(buf));
}
}
++numdoms;
p = q;
if (numdoms > 6)
break;
}
writeordie(resolv_conf_fd, "\n", 1);
off = lseek(resolv_conf_fd, 0, SEEK_CUR);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (off < 0) {
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("write_resolve_conf: lseek returned error: %s",
strerror(errno));
return;
}
retry:
r = ftruncate(resolv_conf_fd, off);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (r < 0) {
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
if (errno == EINTR)
goto retry;
log_line("write_resolve_conf: ftruncate returned error: %s",
strerror(errno));
return;
}
r = fsync(resolv_conf_fd);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (r < 0) {
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("write_resolve_conf: fsync returned error: %s",
strerror(errno));
return;
}
}
/* XXX: addme */
void perform_timezone(const char *str, size_t len)
{
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
(void)len;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("Timezone setting NYI: '%s'", str);
}
/* Add a dns server to the /etc/resolv.conf -- we already have a fd. */
void perform_dns(const char *str, size_t len)
{
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (!str || resolv_conf_fd < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
return;
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
if (len > sizeof cl.namesvrs) {
log_line("DNS server list is too long: %zu > %zu", len, cl.namesvrs);
return;
}
Switch to using snprintf in dhcp.c and ifch.c so that truncations can be easily detected.
2014-03-20 05:02:45 +05:30
ssize_t sl = snprintf(cl.namesvrs, sizeof cl.namesvrs, "%s", str);
if (sl < 0 || (size_t)sl >= sizeof cl.namesvrs) {
log_warning("%s: (%s) snprintf failed",
client_config.interface, __func__);
}
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
write_resolve_conf();
log_line("Added DNS server: '%s'", str);
}
/* Updates for print daemons are too non-standard to be useful. */
void perform_lprsvr(const char *str, size_t len)
{
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
(void)len;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("Line printer server setting NYI: '%s'", str);
}
/* Sets machine hostname. */
void perform_hostname(const char *str, size_t len)
{
if (!allow_hostname || !str)
return;
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (sethostname(str, len) < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("sethostname returned %s", strerror(errno));
else
log_line("Set hostname: '%s'", str);
}
/* update "domain" and "search" in /etc/resolv.conf */
void perform_domain(const char *str, size_t len)
{
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (!str || resolv_conf_fd < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
return;
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
if (len > sizeof cl.domains) {
log_line("DNS domain list is too long: %zu > %zu", len, cl.namesvrs);
return;
}
Switch to using snprintf in dhcp.c and ifch.c so that truncations can be easily detected.
2014-03-20 05:02:45 +05:30
ssize_t sl = snprintf(cl.domains, sizeof cl.domains, "%s", str);
if (sl < 0 || (size_t)sl >= sizeof cl.domains) {
log_warning("%s: (%s) snprintf failed",
client_config.interface, __func__);
}
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
write_resolve_conf();
log_line("Added DNS domain: '%s'", str);
}
/* I don't think this can be done without a netfilter extension
* that isn't in the mainline kernels. */
void perform_ipttl(const char *str, size_t len)
{
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
(void)len;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("TTL setting NYI: '%s'", str);
}
/* XXX: addme */
void perform_ntpsrv(const char *str, size_t len)
{
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
(void)len;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
log_line("NTP server setting NYI: '%s'", str);
}
/* Maybe Samba cares about this feature? I don't know. */
void perform_wins(const char *str, size_t len)
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
{
(void)str;
(void)len;
}
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
static void setup_signals_ifch(void)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
sigset_t mask;
sigemptyset(&mask);
sigaddset(&mask, SIGPIPE);
sigaddset(&mask, SIGUSR1);
sigaddset(&mask, SIGUSR2);
sigaddset(&mask, SIGTSTP);
sigaddset(&mask, SIGTTIN);
sigaddset(&mask, SIGCHLD);
sigaddset(&mask, SIGHUP);
sigaddset(&mask, SIGINT);
sigaddset(&mask, SIGTERM);
if (sigprocmask(SIG_BLOCK, &mask, NULL) < 0)
suicide("sigprocmask failed");
signalFd = signalfd(-1, &mask, SFD_NONBLOCK);
if (signalFd < 0)
suicide("signalfd failed");
}
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
static void signal_dispatch(void)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
Fix the remaining signed/unsigned comparison warnings. Nothing stands out as being dangerous or buggy.
2014-03-11 04:30:08 +05:30
int t;
size_t off = 0;
Reduce the scope of a static variable, and zero-initialize a structure just to satisfy cppcheck even though it should be safe.
2014-03-19 15:30:08 +05:30
struct signalfd_siginfo si = {0};
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
again:
t = read(signalFd, (char *)&si + off, sizeof si - off);
Fix the remaining signed/unsigned comparison warnings. Nothing stands out as being dangerous or buggy.
2014-03-11 04:30:08 +05:30
if (t < 0) {
if (t == EAGAIN || t == EWOULDBLOCK || t == EINTR)
goto again;
else
suicide("signalfd read error");
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
}
Fix the remaining signed/unsigned comparison warnings. Nothing stands out as being dangerous or buggy.
2014-03-11 04:30:08 +05:30
if (off + (unsigned)t < sizeof si)
off += t;
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
switch (si.ssi_signo) {
case SIGINT:
case SIGTERM:
exit(EXIT_SUCCESS);
break;
case SIGPIPE:
Handle SIGPIPE and SIGCHLD.
2014-03-12 22:17:39 +05:30
log_line("ndhc-ifch: IPC pipe closed. Exiting.");
exit(EXIT_SUCCESS);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
break;
default:
break;
}
}
Cosmetic cleanups to ifchd.c. No functional change.
2014-03-17 15:03:00 +05:30
static void inform_execute(char c)
Hardware link status can 'bounce' erratically while link properties are being updated, so perform status debouncing. While ifch is doing work, the netlink events are ignored. Once ifch has finished its work, netlink events are no longer ignored. Making this work requires ifch to communicate back to ndhc, but it is no problem since the necessary pipes are already in place for IPC.
2014-03-17 12:25:47 +05:30
{
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
ssize_t r = safe_write(pToNdhcW, &c, sizeof c);
Hardware link status can 'bounce' erratically while link properties are being updated, so perform status debouncing. While ifch is doing work, the netlink events are ignored. Once ifch has finished its work, netlink events are no longer ignored. Making this work requires ifch to communicate back to ndhc, but it is no problem since the necessary pipes are already in place for IPC.
2014-03-17 12:25:47 +05:30
if (r == 0) {
// Remote end hung up.
exit(EXIT_SUCCESS);
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
} else if (r < 0)
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
suicide("%s: (%s) error writing to ifch -> ndhc pipe: %s",
client_config.interface, __func__, strerror(errno));
Hardware link status can 'bounce' erratically while link properties are being updated, so perform status debouncing. While ifch is doing work, the netlink events are ignored. Once ifch has finished its work, netlink events are no longer ignored. Making this work requires ifch to communicate back to ndhc, but it is no problem since the necessary pipes are already in place for IPC.
2014-03-17 12:25:47 +05:30
}
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
static void process_client_pipe(void)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
char buf[MAX_BUF];
memset(buf, '\0', sizeof buf);
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
ssize_t r = safe_read(pToIfchR, buf, sizeof buf - 1);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
if (r == 0) {
// Remote end hung up.
exit(EXIT_SUCCESS);
} else if (r < 0) {
if (errno == EAGAIN || errno == EWOULDBLOCK)
return;
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
suicide("%s: (%s) error reading from ndhc -> ifch pipe: %s",
client_config.interface, __func__, strerror(errno));
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
}
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (execute_buffer(buf) < 0) {
Cosmetic cleanups to ifchd.c. No functional change.
2014-03-17 15:03:00 +05:30
inform_execute('-');
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
suicide("%s: (%s) received invalid commands: '%s'",
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
client_config.interface, __func__, buf);
Hardware link status can 'bounce' erratically while link properties are being updated, so perform status debouncing. While ifch is doing work, the netlink events are ignored. Once ifch has finished its work, netlink events are no longer ignored. Making this work requires ifch to communicate back to ndhc, but it is no problem since the necessary pipes are already in place for IPC.
2014-03-17 12:25:47 +05:30
} else
Cosmetic cleanups to ifchd.c. No functional change.
2014-03-17 15:03:00 +05:30
inform_execute('+');
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
}
Make many more logging prints specify the interface and function, and make the return checks for safe_(read|write) stricter.
2014-04-04 13:31:49 +05:30
static void do_ifch_work(void)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
{
epollfd = epoll_create1(0);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (epollfd < 0)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
suicide("epoll_create1 failed");
if (enforce_seccomp_ifch())
log_line("ifch seccomp filter cannot be installed");
Cosmetic cleanups to ifchd.c. No functional change.
2014-03-17 15:03:00 +05:30
cl.state = STATE_NOTHING;
memset(cl.ibuf, 0, sizeof cl.ibuf);
memset(cl.namesvrs, 0, sizeof cl.namesvrs);
memset(cl.domains, 0, sizeof cl.domains);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
Use a unified epoll_(add|del)(). Also, background() and setup_signals_ndhc() are moved from sys.c to ndhc.c. background() also no longer attempts to re-configure signals; signals are always set up on initial ndhc initialization.
2014-03-13 02:21:10 +05:30
epoll_add(epollfd, pToIfchR);
epoll_add(epollfd, signalFd);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
for (;;) {
int r = epoll_wait(epollfd, events, 2, -1);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (r < 0) {
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
if (errno == EINTR)
continue;
else
suicide("epoll_wait failed");
}
for (int i = 0; i < r; ++i) {
int fd = events[i].data.fd;
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
if (fd == pToIfchR)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
process_client_pipe();
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
else if (fd == signalFd)
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
signal_dispatch();
Convert logging messages to suicide() where appropriate and clean up the logging messages a bit.
2014-03-31 02:51:27 +05:30
else
suicide("ifch: unexpected fd while performing epoll");
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
}
}
}
Fix warnings in ifchd.c.
2014-03-11 05:10:38 +05:30
void ifch_main(void)
{
Change the thread name of the various ndhc processes so that they can be identified via ps/top.
2014-03-11 00:14:12 +05:30
prctl(PR_SET_NAME, "ndhc: ifch");
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
umask(077);
setup_signals_ifch();
// If we are requested to update resolv.conf, preopen the fd before
// we drop root privileges, making sure that if we create
// resolv.conf, it will be world-readable.
if (strncmp(resolv_conf_d, "", sizeof resolv_conf_d)) {
umask(022);
resolv_conf_fd = open(resolv_conf_d, O_RDWR | O_CREAT, 644);
umask(077);
Change most error comparisons from == -1 to < 0. Some were not changed, as the different negative values equate to different errors. Tests against syscall returns and fds are very common and mostly fit the pattern of this change. The gain is increased range-exclusion.
2014-04-06 16:03:14 +05:30
if (resolv_conf_fd < 0) {
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
suicide("FATAL - unable to open resolv.conf");
}
}
memset(resolv_conf_d, '\0', sizeof resolv_conf_d);
Update to latest ncmlib changes.
2014-03-31 02:32:48 +05:30
nk_set_chroot(chroot_dir);
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
memset(chroot_dir, '\0', sizeof chroot_dir);
Update to latest ncmlib privilege.[ch].
2014-04-05 14:53:18 +05:30
nk_set_uidgid(ifch_uid, ifch_gid, "cap_net_admin=ep");
Merge ifchd into ndhc. Rather than function as entirely separate daemons, ndhc will fork off an ifchd child that it will communicate with via pipes rather than by connecting to a SO_PEERCRED AF_UNIX socket. The advantages include: 1. Simpler configuration. Much easier for users and packagers to set up. 2. Drastically less complex code for the ifch functionality. More code is removed than added, and the result is a lot less complex. 3. Potentially better security. The ifch can only service the parent ndhc process, and it is restricted to issuing modifications to the single interface that ndhc manages. 4. Less memory used on systems that allow overcommit. The downsides: 1. Possibly more memory used on systems that run multiple ndhcs and use strict commit limits. At the same time, use netlink rather than ioctls so that the interface ip, subnet, and broadcast address can be set simultaneously. This change reduces the netlink notification spam greatly. The current code builds but isn't yet complete. Subsequent commits will flesh things out and polish out some remaining issues.
2014-03-10 10:22:56 +05:30
do_ifch_work();
}
Reference in New Issue Copy Permalink