Nicholas J. Kain
b0a5132d72
Cosmetic cleanups to ifchd.c. No functional change.
2014-03-17 05:33:00 -04:00
Nicholas J. Kain
3e78ffd576
We don't need to disable hardware link status while ifch is working; if
...
the link status goes down, we will fail horribly anyway because ARP
will fail, so we must keep track of the link status to be safe.
2014-03-17 03:17:24 -04:00
Nicholas J. Kain
03bd10ed88
When setting the MTU via netlink, we must be careful to preserve the link
...
flags or bad things will happen (such as the link being set down).
2014-03-17 03:16:02 -04:00
Nicholas J. Kain
6fcc43d169
Hardware link status can 'bounce' erratically while link properties are
...
being updated, so perform status debouncing.
While ifch is doing work, the netlink events are ignored. Once ifch has
finished its work, netlink events are no longer ignored. Making this
work requires ifch to communicate back to ndhc, but it is no problem
since the necessary pipes are already in place for IPC.
2014-03-17 02:55:47 -04:00
Nicholas J. Kain
d8e3dc61ea
Make the netlink link flags and router setting code work properly.
...
MTU setting still needs some fixes; it sets the link mtu correctly, but
has a bad interaction with the hardware link status detection.
2014-03-17 02:07:30 -04:00
Nicholas J. Kain
d2f413d46e
Update log prints in nl.c.
2014-03-16 23:39:41 -04:00
Nicholas J. Kain
3220cb90ac
Use recvmsg rather than recv in ifset.c.
2014-03-16 23:39:24 -04:00
Nicholas J. Kain
1ff3adef3a
Update documentation and remove unused ioctl.h header.
2014-03-16 21:16:06 -04:00
Nicholas J. Kain
8a24f74a11
Use netlink when setting the default ipv4 gateway.
2014-03-16 21:05:50 -04:00
Nicholas J. Kain
9de62e7b75
Use netlink when setting the link MTU.
2014-03-16 18:07:09 -04:00
Nicholas J. Kain
987bffe157
Clean up some error prints in ifset.c.
2014-03-16 18:06:42 -04:00
Nicholas J. Kain
50d6284fee
Use netlink for setting link flags instead of ioctl.
2014-03-16 05:10:21 -04:00
Nicholas J. Kain
cce93139d0
Delete old IP addresses associated with the interface when setting the
...
DHCP-assigned IP, broadcast, and subnet.
The nl_foreach_nlmsg() gains a seq parameter that when set to non-0 will
cause nl_foreach_nlmsg() to ignore any nlmsg that has a seq number
that does not match the caller-supplied seq argument.
2014-03-15 04:43:29 -04:00
Nicholas J. Kain
7bf1cc419e
nl_recv_buf() must be non-blocking; enforce it with the MSG_DONTWAIT
...
flag. At the same time, properly handle EINTR.
2014-03-15 04:35:07 -04:00
Nicholas J. Kain
7627298c07
The ip4 protocol change broke on the send side; fix it by explicitly
...
zeroing the send buffer. It's less finicky than special-casing the
ip4 command to use strnkcpy instead of strnkcat.
At the same time, centralize the command print code on the send side.
It can just live in pipewrite() rather than the callers.
2014-03-15 04:32:44 -04:00
Nicholas J. Kain
19d009891a
When updating the IP and broadcast addresses, clear out any old IP and
...
broadcast addresses that may be still bound to the interface.
2014-03-15 02:44:43 -04:00
Nicholas J. Kain
4d1cfe8586
Add a nl_sendgetaddr() function.
2014-03-15 00:30:39 -04:00
Nicholas J. Kain
e5d9f4acf2
Move nl_sendgetlink() to nl.c.
2014-03-14 23:54:21 -04:00
Nicholas J. Kain
180ee36626
Update plain Makefile and README.
2014-03-14 23:51:11 -04:00
Nicholas J. Kain
8faae4a0fd
Check that the return message type is not NLMSG_ERROR when setting
...
the ip and broadcast addresses.
2014-03-14 23:28:56 -04:00
Nicholas J. Kain
6a9e8c5a57
Disable seccomp-filter unless ENABLE_SECCOMP_FILTER is defined.
...
It is very likely to fail on untested architectures. I can only test it
adequately on x64.
2014-03-14 23:24:22 -04:00
Nicholas J. Kain
3af0a7824d
subnet4_to_prefixlen() should use ntohl().
2014-03-14 23:22:23 -04:00
Nicholas J. Kain
b6444fa806
Don't strip the generated executables by default.
2014-03-14 20:49:03 -04:00
Nicholas J. Kain
312884dfc5
When execute_buffer() is passed an invalid command, print the bad command
...
when logging the error.
2014-03-14 20:48:33 -04:00
Nicholas J. Kain
4afddd471a
The getopt_long shortarg string needed a ':' after 'C' as it has a
...
mandatory argument.
2014-03-14 20:47:57 -04:00
Nicholas J. Kain
fbe6d36b6b
Fix the ip4 ragel parser.
2014-03-14 20:46:40 -04:00
Nicholas J. Kain
971c6085d8
ifchd.c: If resolv_conf_fd < 0, it is invalid. -1 is the explicit
...
uninitialized value, but there is no need to limit the guard to -1.
2014-03-12 20:58:27 -04:00
Nicholas J. Kain
f4a2a487d6
Mark more function prototypes as extern.
2014-03-12 20:55:35 -04:00
Nicholas J. Kain
4feac2ea35
Rename ifchd_cmd_str() to ifchd_cmd_bytes() as it can handle byte
...
sequences without a terminating nul.
2014-03-12 20:47:39 -04:00
Nicholas J. Kain
73ad3b1419
Mark external function prototypes in state.h as extern.
2014-03-12 20:39:55 -04:00
Nicholas J. Kain
c81e9f9a28
Merge config.h into ndhc.h.
2014-03-12 17:05:43 -04:00
Nicholas J. Kain
84a68001d3
Use a unified epoll_(add|del)().
...
Also, background() and setup_signals_ndhc() are moved from sys.c to ndhc.c.
background() also no longer attempts to re-configure signals; signals are
always set up on initial ndhc initialization.
2014-03-12 16:51:10 -04:00
Nicholas J. Kain
94a923b00a
Clean up and centralize stray external prototypes into headers.
2014-03-12 16:24:02 -04:00
Nicholas J. Kain
2afd963ad0
ifchd.c: resolv_conf_fd can be static.
2014-03-12 16:14:48 -04:00
Nicholas J. Kain
b9a30f0653
Move external definitions of functions in ifchd.c to ifchd.h instead of
...
defining them manually in ndhc.c.
2014-03-12 16:13:47 -04:00
Nicholas J. Kain
9bf79b6034
Update the nk_random calls to use the new re-entrant-safe API.
2014-03-12 15:41:34 -04:00
Nicholas J. Kain
54a7f54a4a
Move add_rtattr() from ifset.c to nl.c as nl_add_rtatr().
2014-03-12 15:25:07 -04:00
Nicholas J. Kain
1222f4f22a
Handle sendto() returning EINTR in nl_sendgetlink(), and print if an
...
error is encountered while performing sendto().
2014-03-12 15:14:40 -04:00
Nicholas J. Kain
b7b353acdc
Store the interface index in the client_config before forking off the
...
subprocesses. ndhc-ifch can then use the stored interface index when
setting the interface ip/subnet/broadcast via netlink instead of having
to use ioctl to re-fetch the interface index.
2014-03-12 15:07:37 -04:00
Nicholas J. Kain
80f82c2451
options.c: Don't trust the options length field in do_get_dhcp_opt() to
...
not be longer than the total option length.
A lying field sent by the DHCP server could possibly read data past the end of
the options field in the dhcp packet into the returned options data buffer.
It's hard to see how this could lead to an exploit because the total length
of data read into the options data buffer was indeed properly length-checked
so that it is impossible to overrun the destination buffer. Thus, this
problem is at worst a read-too-far with no ability to write to unexpected
locations.
The worst possible outcome is a program crash/DoS, depending on memory
layout. Information disclosure is not an issue because this is on the
path where the consumer of the destination buffer is ndhc, not the remote
DHCP server.
2014-03-12 13:30:55 -04:00
Nicholas J. Kain
765f3de274
Use strncmp rather than strcmp in netlink.c when fetching the interface
...
MAC address and index.
2014-03-12 13:03:34 -04:00
Nicholas J. Kain
fac6794b6c
Handle SIGPIPE and SIGCHLD.
2014-03-12 12:47:39 -04:00
Nicholas J. Kain
be456ddeee
Use the ncmlib combined Tausworthe PRNG.
2014-03-12 12:47:04 -04:00
Nicholas J. Kain
c0fc3ed430
Silence the last few new warnings.
2014-03-10 23:00:57 -04:00
Nicholas J. Kain
84b36f0e02
Remove -Wcast-qual. The warnings are not useful on the ndhc code, and
...
I would effectively end up silencing them via the (uintptr_t) casting
hack.
2014-03-10 22:56:01 -04:00
Nicholas J. Kain
eaa8f2fcb2
Fix warnings for state.c.
2014-03-10 19:44:37 -04:00
Nicholas J. Kain
151ed60de1
Fix warnings in leasefile.c.
2014-03-10 19:42:52 -04:00
Nicholas J. Kain
d18aff8fb0
Fix warnings in ifchd.c.
2014-03-10 19:40:38 -04:00
Nicholas J. Kain
8a3b875119
Fix warnings in ifset.c.
2014-03-10 19:31:46 -04:00
Nicholas J. Kain
eec497adf5
Fix warnings in ifchd-parse.rl. Just needed function prototypes.
2014-03-10 19:29:19 -04:00