Commit Graph

30 Commits

Author SHA1 Message Date
Nicholas J. Kain
7f08d4b6fb arp: Handle initial gateway query asynchronously and retry failures.
The gateway/router MAC fingerprinting could perhaps be done more
robustly in the face of suspend or carrier loss, but the time window
in which things could get confused is very small and I would rather
just rely on supervisor respawn in that case.

Even this case I don't think I've ever seen.
2017-02-24 07:39:14 -05:00
Nicholas J. Kain
7080850f38 Silence a spurious ARP defense message from previous commit. 2017-02-24 06:57:10 -05:00
Nicholas J. Kain
34a8cd7ad9 arp: Handle initial announcement asynchronously and retry failures.
We need to send two ARP announcements, so these are now done via a
timeout callback so that failures can be handled properly.
2017-02-24 06:57:10 -05:00
Nicholas J. Kain
4d87d5075a Handle carrier interruptions in arp_collision_timeout() better.
Still not ideal; we need to note and retry these errors, but these
changes are preparatory and do not introduce regressions.
2017-02-24 05:36:05 -05:00
Nicholas J. Kain
571b22c4b2 Rename client_state_t init variable to program_init.
Easier to grep.  No functional change.
2017-01-19 05:05:35 -05:00
Nicholas J. Kain
931530786b Convert logically boolean client_state_t variables from uint8_t to bool. 2017-01-19 05:01:23 -05:00
Nicholas J. Kain
b8ee0bd5c2 Update copyright dates to 2017. 2017-01-13 20:15:27 -05:00
Nicholas J. Kain
646931a2bf xid should be regenerated whenever we start a new discover cycle.
Somewhere along the line it quit being set at the start of discovery
and was always 0.  This is clearly not desired behavior.

Found by manual examination of packets while fuzzing the options
parser.
2015-02-20 03:48:13 -05:00
Nicholas J. Kain
b8df1b33f5 Fix the timeouts for rebinding and renewing.
Now renew/rebind requests will be sent every 60+/-10s.
2015-02-18 11:03:58 -05:00
Nicholas J. Kain
b3bd13d45f Fix the return values of dhcp_packet_get and arp_packet_get.
This corrects a bug where stale dhcp packets would get reprocessed,
causing very bad behavior; an issue that was introduced in the
coroutine conversion.
2015-02-18 11:02:13 -05:00
Nicholas J. Kain
a627e9dc9c Minor changes to log messages and comments. 2015-02-18 09:56:38 -05:00
Nicholas J. Kain
3ede5fbe33 Handle the release and renew signals again. 2015-02-18 07:31:19 -05:00
Nicholas J. Kain
731bd14f0a reinit_selecting() can't fail; convert it to void return. 2015-02-18 07:12:35 -05:00
Nicholas J. Kain
89d77313c6 Deconfigure the interface if we've failed a fingerprint check.
We've moved to a new network, so keeping the old information
is counterproductive.
2015-02-18 07:12:22 -05:00
Nicholas J. Kain
29da5d21a4 Tolerate DHCP ACKs in REQUESTING state that don't match the serverid.
Some networks have multiple DHCP servers that don't respect the
serverid that is specified in DHCPREQUESTs.

Instead we simply check to see that the yiaddr matches.

While we're at it, ignore DHCP NAK during REQUESTING state.  It
doesn't really make sense.  Instead we should just wait for
timeout.
2015-02-18 06:52:59 -05:00
Nicholas J. Kain
f28495a58b selecting_packet() shouldn't take the xid from the packet.
This change actually has no effect because incoming dhcp packets
that differ from our xid are dropped, so the xid is always changed
to the same value that it already has.
2015-02-18 06:01:43 -05:00
Nicholas J. Kain
99ce918a31 Use a coroutine instead of several callback state machines.
This change makes it much easier to reason about ndhc's behavior
and properly handle errors.

It is a very large changeset, but there is no way to make this
sort of change incrementally.  Lease acquisition is tested to
work.

It is highly likely that some bugs were both introduced and
squashed here.  Some obvious code cleanups will quickly follow.
2015-02-18 05:31:13 -05:00
Nicholas J. Kain
5b82be8b00 If ifchd interactions fail, terminate.
Ideally we would pause and resume state, but for now just bail out.
If ndhc is process-supervised, it will recover to the proper state
quickly.
2015-02-14 20:47:14 -05:00
Nicholas J. Kain
56cc05599a Add error handling for un-notified carrier downs in ifup_action. 2015-02-14 05:39:15 -05:00
Nicholas J. Kain
b6b778831c Add error handling for un-notified carrier downs when sending packets.
If a packet send failed because the carrier went down without a
netlink notification, then assume the hardware carrier was lost while
the machine was suspended (eg, ethernet cable pulled during suspend).

Simulate a netlink carrier down event and freeze the dhcp state
machine until a netlink carrier up event is received.

The ARP code is not yet handling this issue everywhere, but the
window of opportunity for it to happen there is much shorter.
2015-02-14 05:20:04 -05:00
Nicholas J. Kain
a7cb063f0c state.c: cosmetic cleanups and a constification 2015-02-14 00:44:21 -05:00
Nicholas J. Kain
702d8b0c5b Mark pointer arguments that cannot ever be null as [static 1].
Also constify some cases, too.
2015-02-13 23:14:08 -05:00
Nicholas J. Kain
cc806acc0b Indicate that client_state_t and client_config_t pointer args
cannot ever be null.

Could possibly improve code generation, and makes the intention clear.
2015-02-13 22:29:03 -05:00
Nicholas J. Kain
c58a071f52 Update copyright dates. 2015-02-13 01:54:57 -05:00
Nicholas J. Kain
27c9e2c553 Improve fingerprinting to support DHCP relay agents.
Mostly reverts the previous commit and instead teaches ndhc to properly
handle the case when it is communicating with a DHCP relay agent on
its local segment rather than directly with a DHCP server.
2015-02-12 23:28:54 -05:00
Nicholas J. Kain
a395234a67 Support networks with relay agents that have the DHCP server on a
different segment.

The network fingerprinting would never complete if the DHCP server was
on a different segment before this change, since it would be impossible
for the ARP messages sent by ndhc to ever reach the DHCP server
(and vice-versa).

Now just give up trying to find the hardware address after two tries
and assume that the DHCP server cannot be reached by ARP.

An alternative would be to fingerprint the relay agent instead, but
to do so would require a lot more work as the giaddr field is only
meaningful in the client->server message path, not in the
server->client path.  Thus it would require gathering the source IP
for DHCP replies sent by unicast or broadcast and ferrying along
this information to the ARP checking code where it would be used
in place of the DHCP server address.

This is entirely possible to do, but is quite a bit more work.
2015-02-12 20:49:40 -05:00
Nicholas J. Kain
07cbd88049 Just use raw sockets for listening to DHCP requests. A UDP SO_BROADCAST
socket was previously used only for receiving RENEWING packets, and it
added needless complexity and was somewhat fragile.
2014-04-16 01:00:36 -04:00
Nicholas J. Kain
b3ce601f20 state.c: Print error messages if we fail to send DHCP packets. 2014-04-15 17:59:15 -04:00
Nicholas J. Kain
a9055b5ca5 Update more message prints to prefix with the interface name. 2014-04-15 15:24:22 -04:00
Nicholas J. Kain
b761889025 Move source from ndhc/ to src/ since ifchd is no longer a separate program. 2014-04-06 16:57:06 -04:00