Commit Graph

431 Commits

Author SHA1 Message Date
Nicholas J. Kain
4c1c1715fe Refactor the send and listen socket creation functions to share common code.
Fix a regression where cooked packets would be truncated because of a typo
in the buffer length calculation that was introduced in an earlier commit.
2011-06-28 23:56:12 -04:00
Nicholas J. Kain
52fbeb46ad Fix a problem where, when ndhc is waiting for an arp packet, an arp packet
is received that is discarded by ndhc's basic checks and provokes a busy
loop in the main program loop because epoll_wait() constantly sees data that
is never drained from the socket buffer since arp_offset exceeds the
maximum size of an ARP packet and would overflow the packet buffer.
2011-06-28 23:50:36 -04:00
Nicholas J. Kain
d1f36cf75e fsync() the leasefile after writing a new lease IP so that it's instantly
updated to disk.
2011-06-28 13:47:36 -04:00
Nicholas J. Kain
ac38a15c9f Don't spam 'No lease, going to background.' messages after going into the
background and trying to get a DHCP lease when the client has never had
a lease in the current instance of the process.
2011-06-28 06:32:10 -04:00
Nicholas J. Kain
8dc93aad54 Cosmetic cleanups to options.c. 2011-06-27 15:19:54 -04:00
Nicholas J. Kain
55a397c2c9 Add the gentoo script for interfacing ndhc with the net configuration init
scripts to version control.
2011-06-27 15:09:29 -04:00
Nicholas J. Kain
27524d9d34 Use the new libc_random_u32() in ncmlib to replace random_xid(). 2011-06-27 15:07:00 -04:00
Nicholas J. Kain
b72b551a0d Cosmetic changes to packet.c. 2011-06-27 13:01:39 -04:00
Nicholas J. Kain
55f24fd2a3 Make the various functions in options.c that take a pointer to an options
buffer and length instead take a pointer to a struct dhcpmsg.  This argument
list choice implicitly gives safe length checks and is simpler.

Remove DHCP_OPTIONS_LENGTH.
Fold set_option() into alloc_option().
Make some more functions in options.[ch] static.
2011-06-27 12:53:35 -04:00
Nicholas J. Kain
63d9763345 Remove init_header() and clean up init_packet() and its callers. 2011-06-27 12:20:22 -04:00
Nicholas J. Kain
1e2698b402 If a lease is negotiated, then expires after renewal attempts, don't time out
and exit the daemon as would be desirable at startup.  Just keep trying.
2011-06-26 18:21:40 -04:00
Nicholas J. Kain
057211d5f5 Make IP and UDP checksum calculations for sending raw packets much less
confusing.  They are now calculated without mutating the underlying
structures so that there is no longer any tricky operation order dependence.
2011-06-26 17:50:35 -04:00
Nicholas J. Kain
0581cc9aed Trivial cosmetic corrections. 2011-06-26 17:37:57 -04:00
Nicholas J. Kain
864ad73b20 Remove pointless length-checking in get_raw_packet() that can never be triggered
because safe_read() already protects against reads longer than a DHCP
packet in length.

Lots of cosmetic cleanups.  Highlights:
- Remove pointless enums that just define sizeof for various structures.
- Rename struct dhcpMessage to struct dhcpmsg.
2011-06-26 17:25:00 -04:00
Nicholas J. Kain
b70070e592 Define stateless functions to validate the checksum of an ip header and of a
udp packet and use them in get_raw_packet().

Print a warning if the raw UDP receive gets a quantum of data that is greater
than that of a single UDP datagram.

Remove unnecessary argument from net_checksum().  Initializing a nonzero
checksum value is not very helpful in practice.

Define a function net_checksum_add() that, for two sequences of bytes A and B
that return checksums CS(A) and CS(B), will calculate the checksum CS(AB) of
the concatenated value AB given the checksums of the individual parts CS(A)
and CS(B).
2011-06-26 16:33:07 -04:00
Nicholas J. Kain
7d0e05504f Define a new IP checksum function that is resistant to undefined signed
overflow when given ridiculously large data lengths.  In practice, undefined
behavior would never occur with the previous function since it would have
required IP packets >128KiB bytes in length and the maximum length for an
IP packet is 64KiB.

The new checksum function is also a bit more flexible (allowing a starting
checksum value != 0), clearly is endian independent, and does no typesystem
abuse.  It's boringly correct standard C.

Use C99 structure initializers for forming raw UDP packets for send.
2011-06-26 10:21:02 -04:00
Nicholas J. Kain
f43b656673 Make static in packet.c: checksum(), raw_packet(), and kernel_packet().
Rename raw_packet() to send_dhcp_raw() and strip of unnecessary arguments.
Rename kernel_packet() to send_dhcp_cooked() and strip of unnecessary
arguments.
Remove the ugly bcast_raw_packet() wrapper hack.
2011-06-25 16:55:00 -04:00
Nicholas J. Kain
5b3aee93ab Tell the kernel not to attempt routing table lookups for sent DHCP traffic:
- Use SO_DONTROUTE for dhcp listen and send sockets (both raw and udp).

More paranoia against packets being sent to incorrect interfaces:
- Bind arp socket to a specific interface via bind().
- Use SO_BINDTODEVICE for udp send sockets.  It was already used for udp
  listen sockets.

Flatten indentation in arp_(open|close)_fd().
Use C99 initializers in packet.c.
Add more error message prints to packet.c.
2011-06-25 16:31:21 -04:00
Nicholas J. Kain
c37d815754 Rewrite the ARP ping code to properly use modern interfaces. In detail:
- Use AF_PACKET and SOCK_RAW rather than the decade-deprecated
  SOCK_PACKET interface.
- Separate out socket creation code into a subfunction.
- Use C99 initializers for packet and address structures.
- Cosmetic cleanups.
2011-06-25 13:02:56 -04:00
Nicholas J. Kain
8f5eb7e921 Remove invariant args to arpping(). 2011-06-25 11:42:15 -04:00
Nicholas J. Kain
7ee0001e97 Constant correctness: socket(PF_*, ...) -> socket(AF_*, ...) 2011-06-25 11:11:48 -04:00
Nicholas J. Kain
e50c429235 Handle errors in fcntl() if O_NONBLOCK fails. 2011-06-25 10:46:24 -04:00
Nicholas J. Kain
71f59d0433 Remove socket.[ch] : code is merged into packet.c 2011-06-25 10:40:41 -04:00
Nicholas J. Kain
7d206e45b6 Make raw listen sockets nonblocking. They should have been so all along.
Minor constant correction: PF_PACKET -> AF_PACKET
2011-06-25 10:18:14 -04:00
Nicholas J. Kain
19f7e6d11e Silence excessively chatty messages from ARP handling. Random received
packets that are discarded for simply not being targets for examination
should not trigger prints.
2011-06-25 10:02:09 -04:00
Nicholas J. Kain
5cf572c2fd Merge dhcpmsg.[ch] into packet.[ch]. 2011-06-11 11:19:05 -04:00
Nicholas J. Kain
6191a07eb3 Move get_raw_packet() to packet.c and make get_packet() and get_raw_packet()
static functions.
2011-06-11 11:05:53 -04:00
Nicholas J. Kain
52306aa217 Remove some old and now misleading comments. 2011-06-11 10:59:00 -04:00
Nicholas J. Kain
13862b488c Cosmetic improvements for change_listen_mode(). Printed messages now
look better, and epoll_add() is not called before exit() in the failure
case.
2011-06-11 05:03:33 -04:00
Nicholas J. Kain
25ee07db95 Remove sleep() calls from raw packet receipt error handling. 2011-06-11 04:48:25 -04:00
Nicholas J. Kain
9cfcfefd4e Consolidate DHCP_MAGIC check for packet.cookie field.
Minor cosmetic cleanups for DHCP packet receipt handling.
2011-06-11 04:27:56 -04:00
Nicholas J. Kain
7c6b07ca75 Tweak the minimum dhcp packet size to at least include the magic cookie
field.  In practice, packets lacking any options at all are still invalid,
but they will fail later in the validation, so that is fine.
2011-06-11 04:09:05 -04:00
Nicholas J. Kain
6222d6ec0b Update documentation to suggest mode g+w for var/run in the suggested chroot
so that PID file creation for ndhc will not fail.
2011-06-10 14:07:03 -04:00
Nicholas J. Kain
109dfd74c6 Tolerate short DHCP messages that are less than DHCP_SIZE. The previous
check was overzealous and would drop valid packets.  Now the minimal
packet size that is tolerated is 32 bytes.

24 bytes would be enough for the client IP, but I very much doubt that any
server would leave out the non-optional fields of siaddr and giaddr as well as
chaddr. We already tolerate elided chaddr with a cut-off of 32 bytes, which is
dubious enough.
2011-06-10 14:04:50 -04:00
Nicholas J. Kain
bd49819f28 Fix a bug in safe_read() that would cause short reads on an async socket
to return failure rather than the number of characters read.
2011-06-10 13:53:05 -04:00
Nicholas J. Kain
387502255f Clean up logging prints in arp.c. 2011-06-02 10:48:58 -04:00
Nicholas J. Kain
927ed47b58 Print explicit warning messages when ARP packets fail in arp_validate(). 2011-06-02 10:41:34 -04:00
Nicholas J. Kain
8ede75738f When setting route, don't print an error if EEXIST is returned by the ioctl().
This 'error' merely means that the installed route already exists.
2011-05-31 11:55:26 -04:00
Nicholas J. Kain
bec1d30279 Add arpreply_clear() helper. 2011-05-31 11:24:40 -04:00
Nicholas J. Kain
96fee03a16 Use memcmp() rather than pointer type aliasing in handle_arp_response().
Cosmetic improvements to ARP code.
2011-05-31 11:14:50 -04:00
Nicholas J. Kain
96f640e36c More strictly validate ARP responses from remote servers. 2011-05-31 11:01:08 -04:00
Nicholas J. Kain
d72b24a2fe Theoretical correctness fix:
Handle EAGAIN and EWOULDBLOCK more gracefully when dealing with safe_read().
All occurrences of safe_read() should only be invoked on fds that have signaled
ready-to-read state via the epoll() mechanism, so this change should not
result in any observable difference, but it is best to be safe.

Additionally, a constant stack variable is converted to an equivalent
macro define for cleanliness.

Finally, print the error type encountered if reading data from an ARP response
fails with a read error.
2011-05-30 10:54:05 -04:00
Nicholas J. Kain
03f0e8719e Tidy up DESIGN. It was hopelessly out of date. 2011-05-01 21:05:39 -04:00
Nicholas J. Kain
59beb159d3 Place the ifchange socket in /var/state/ifchange within the chroot
jail and change configuration instructions as well.

Change default configuration instructions to specify setting root
of the chroot jail as owned by root.root.
2011-05-01 20:43:29 -04:00
Nicholas J. Kain
b3f9115689 Add a -V --verbose flag to enable the overly verbose list reciept logging.
Update interface flags only if it would provoke an actual change.
2011-04-30 07:30:07 -04:00
Nicholas J. Kain
e96dab80fe lseek() after ftruncate() just to be safe. 2011-04-25 01:08:03 -04:00
Nicholas J. Kain
da193ae35a Add support for writing lease files. 2011-04-19 16:37:43 -04:00
Nicholas J. Kain
c7ff945be8 Shrink a delay and whitespace fix. 2011-03-31 15:28:32 -04:00
Nicholas J. Kain
996983143e Only query gateway hwaddr when binding a new lease. Don't bother when just
renewing or rebinding a lease.
2011-03-31 15:05:05 -04:00
Nicholas J. Kain
a7db2c4bd2 Make arp code more robust and refactor it a bit.
Handle failure to create arp sockets more gracefully.
Add initial support for retransmitting arp requests if no reply is met after
a certain number of spurious packets.
2011-03-31 02:32:34 -04:00