summaryrefslogtreecommitdiff
path: root/usr.sbin/rtsold
Commit message (Collapse)AuthorAgeFilesLines
* rtsold: Fix bugs reported by CoverityMark Johnston2020-12-024-15/+21
| | | | | | | | | | | | | - Avoid leaking a socket if llflags_get() fails. - Avoid leaking a file handle if rtsold_init_dumpfile() fails. - Tighten the check in if_nametosdl() which determines whether we failed to find the specified interface. - Fix errno handling in an error path in rtsock_open(). MFC after: 1 week Notes: svn path=/head/; revision=368278
* rtsold: Fix multiple buffer overflowsMark Johnston2020-12-011-6/+18
| | | | | | | | | Approved by: so Security: CVE-2020-25577 MFC after: now Notes: svn path=/head/; revision=368248
* fix casper initialization for setting scripts.Hajimu UMEMOTO2020-11-271-2/+3
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=368111
* rtsold: Remove an incorrect __unused annotationMark Johnston2020-10-231-1/+1
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=366972
* rtsol(d): add script for "M bit"Bjoern A. Zeeb2020-08-255-11/+69
| | | | | | | | | | | | | | | | | While we do support the "O bit" running a script (usually to start a dhcpv6 client) we have no options for setups which set the "M bit" for, e.g., static address assignment as in EC2. Duplicate most of the "O bit" logic to also start a script for the "M bit" with the one difference: if the "M bit" is set we will not start the script for the "O bit" as well (per RFC 4861, Section 4.2). Reviewed by: hrs, markj MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D26099 Notes: svn path=/head/; revision=364771
* Update Makefile.depend filesSimon J. Gerraty2019-12-111-1/+2
| | | | | | | | | | | | | Update a bunch of Makefile.depend files as a result of adding Makefile.depend.options files Reviewed by: bdrewery MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org/D22494 Notes: svn path=/head/; revision=355617
* Add Makefile.depend.optionsSimon J. Gerraty2019-12-111-0/+8
| | | | | | | | | | | | | | | | | | | | Leaf directories that have dependencies impacted by options need a Makefile.depend.options file to avoid churn in Makefile.depend DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc can be set in local.dirdeps-options.mk which can add to those set in Makefile.depend.options See share/mk/dirdeps-options.mk Reviewed by: bdrewery MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org/D22469 Notes: svn path=/head/; revision=355616
* Avoid relying on pollution from libcasper.h.Mark Johnston2019-11-211-0/+1
| | | | | | | | Reported by: sjg Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=354926
* rtsol: Use vwarnx(3) to log messages to standard error.Mark Johnston2019-02-271-4/+2
| | | | | | | | | | | This ensures that the program name is included in the output, which makes it easy to identify the source of error messages printed during boot. MFC after: 1 week Notes: svn path=/head/; revision=344629
* Capsicumize rtsol(8) and rtsold(8).Mark Johnston2019-01-0511-703/+1061
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These programs parse ND6 Router Advertisement messages; rtsold(8) has required an SA, SA-14:20.rtsold, for a bug in this code. Thus, they are good candidates for sandboxing. The approach taken is to run the main executable in capability mode and use Casper services to provide functionality that cannot be implemented within the sandbox. In particular, several custom services were required. - A Casper service is used to send Router Solicitation messages on a raw ICMP6 socket. Initially I took the approach of creating a socket for each interface upon startup, and connect(2)ing it to the all-routers multicast group for the interface. This permits the use of sendmsg(2) in capability mode, but only works if the interface's link is up when rtsol(d) starts. So, instead, the rtsold.sendmsg service is used to transmit RS messages on behalf of the main process. One could alternately define a service which simply creates and connects a socket for each destination address, and returns the socket to the sandboxed process. However, to implement rtsold's -m option we also need to read the ND6 default router list, and this cannot be done in capability mode. - rtsold may execute resolvconf(8) in response to RDNSS and DNSSL options in received RA messages. A Casper service is used to fork and exec resolvconf(8), and to reap the child process. - A service is used to determine whether a given interface's link-local address is useable (i.e., not duplicated or undergoing DAD). This information is supplied by getifaddrs(3), which reads a sysctl not available in capability mode. The SIOCGIFCONF socket ioctl provides equivalent information and can be used in capability mode, but I decided against it for now because of some limitations of that interface. In addition to these new services, cap_syslog(3) is used to send messages to syslogd. Reviewed by: oshogbo Tested by: bz (previous versions) MFC after: 2 months Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D17572 Notes: svn path=/head/; revision=342788
* Minor style fixes around script execution.Mark Johnston2018-10-251-23/+17
| | | | | | | | MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339747
* Clarify the description of the -u option.Mark Johnston2018-10-251-5/+5
| | | | | | | | MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339745
* Always free dynamically allocated memory before returning.Mark Johnston2018-10-241-12/+11
| | | | | | | | | CID: 1007418 MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339687
* Fix a dead store.Mark Johnston2018-10-201-4/+0
| | | | | | | | | | | | | | We would fail to clear DNS search list configuration if a router stopped specifying the DNSSL RA option. I suspect that the bug was mostly harmless, as the RDNSS and DNSSL options are typically used together and omitting the RDNSS option would have the same effect. CID: 1006219 MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339460
* Remove dead code.Mark Johnston2018-10-204-60/+0
| | | | | | | | | | No functional change intended. MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339456
* Staticize a couple of functions.Mark Johnston2018-10-202-4/+4
| | | | | | | | | | No functional change intended. MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339455
* Remove some obsolete compatibility code.Mark Johnston2018-10-202-49/+1
| | | | | | | | | | No functional change intended. MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=339453
* General further adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-207-7/+21
| | | | | | | | | | | | | | | | | Mainly focus on files that use BSD 3-Clause license. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point. Notes: svn path=/head/; revision=326025
* DIRDEPS_BUILD: Update dependencies.Bryan Drewery2017-10-311-1/+0
| | | | | | | Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=325188
* Garbage collect IFT_IEEE80211 (but leave the define for possible reuse)Andriy Voskoboinyk2017-01-281-2/+0
| | | | | | | | | | | This interface type ("a parent interface of wlanX") is not used since r287197 Reviewed by: adrian, glebius Differential Revision: https://reviews.freebsd.org/D9308 Notes: svn path=/head/; revision=312929
* rtsold: Log messages about unexpected RAs at LOG_DEBUG.Mark Johnston2016-10-021-1/+1
| | | | | | | | | | | | | Because rtsold listens for RAs on a raw socket, it may receive RAs from interfaces that it does not manage. Such events can result in excessive logging. Submitted by: Franco Fichtner <franco@opnsense.org> MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D8108 Notes: svn path=/head/; revision=306571
* Use strlcpy() instead of strncpy() when copying ifname to ensureDon Lewis2016-05-151-4/+4
| | | | | | | | | | | | that it is NUL terminated. Additional NUL padding is not required for short names. Reported by: Coverity CID: 99186, 991864, 991865 MFC after: 1 week Notes: svn path=/head/; revision=299868
* Use the _SAFE loop variant, since the loop body may remove queue entries.Mark Johnston2016-02-181-2/+3
| | | | | | | | PR: 207146 MFC after: 3 days Notes: svn path=/head/; revision=295737
* Fix type mismatches for malloc(3) and Co.Ulrich Spörlein2015-12-291-2/+2
| | | | | | | | | | | | This is rather pedantic, as for most architectures it holds that sizeof(type *) == sizeof(type **) Found by: clang static analyzer Reviewed by: ed Differential Revision: https://reviews.freebsd.org/D4722 Notes: svn path=/head/; revision=292864
* Fix rtsold's usage messageEnji Cooper2015-10-301-5/+5
| | | | | | | | | | | | | | | - Remove -a from the usage message example dealing with specific interfaces. -a only makes sense when not specifying an interface, such that it's to be run on all interfaces - Fix the pidfile option (it's -p, not -P) - Change `interfaces` to `interface` to match the manpage MFC after: 3 days PR: 173744 Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=290182
* Fix a ton of speelling errorsEitan Adler2015-10-211-1/+1
| | | | | | | | | | arc lint is helpful Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com Differential Revision: https://reviews.freebsd.org/D3337 Notes: svn path=/head/; revision=289677
* Now that we own the code, use arc4random(3) unconditionallyXin LI2015-10-062-9/+0
| | | | | | | | | and remove the corresponding HAVE_ARC4RANDOM conditions. MFC after: 2 weeks Notes: svn path=/head/; revision=288963
* - Remove #ifdef HAVE_POLL_H.Hiroki Sato2015-09-103-60/+6
| | | | | | | | | - Use nitems(). MFC after: 3 days Notes: svn path=/head/; revision=287612
* Remove bad call to shutdown().Ed Schouten2015-08-101-6/+0
| | | | | | | | | | The socket created by rtsol/rtsold is not a connection-based socket, meaning that we should not attempt to call shutdown() on it. Reported by: kan Notes: svn path=/head/; revision=286566
* Add META_MODE support.Simon J. Gerraty2015-06-131-0/+19
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | Off by default, build behaves normally. WITH_META_MODE we get auto objdir creation, the ability to start build from anywhere in the tree. Still need to add real targets under targets/ to build packages. Differential Revision: D2796 Reviewed by: brooks imp Notes: svn path=/head/; revision=284345
| * dirdeps.mk now sets DEP_RELDIRSimon J. Gerraty2015-06-081-2/+0
| | | | | | | | Notes: svn path=/projects/bmake/; revision=284172
| * Merge sync of headSimon J. Gerraty2015-05-275-10/+0
| |\ | |/ |/| | | Notes: svn path=/projects/bmake/; revision=283595
| * Merge from head@274682Simon J. Gerraty2014-11-191-1/+2
| |\ | | | | | | | | | Notes: svn path=/projects/bmake/; revision=274683
| * | Updated dependenciesSimon J. Gerraty2014-05-161-1/+0
| | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=266219
| * | Updated dependenciesSimon J. Gerraty2014-05-101-0/+2
| | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=265802
| * | Merge from headSimon J. Gerraty2013-09-058-104/+133
| |\ \ | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=255263
| * | | Updated dependenciesSimon J. Gerraty2013-03-111-0/+1
| | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=248169
| * | | Updated dependenciesSimon J. Gerraty2013-02-161-2/+0
| | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=246868
| * | | Sync FreeBSD's bmake branch with Juniper's internal bmake branch.Marcel Moolenaar2012-08-221-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Requested by: Simon Gerraty <sjg@juniper.net> Notes: svn path=/projects/bmake/; revision=239572
* | | | Remove #ifdef IFT_FOO.Gleb Smirnoff2015-05-021-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Submitted by: Guy Yur <guyyur gmail.com> Notes: svn path=/head/; revision=282354
* | | | rtsold does not need to link to libkvmBaptiste Daroussin2015-04-091-1/+0
| | | | | | | | | | | | | | | | Notes: svn path=/head/; revision=281341
* | | | Stop including if_var.h from userland.Gleb Smirnoff2015-04-063-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Sponsored by: Nginx, Inc. Notes: svn path=/head/; revision=281143
* | | | Convert usr.sbin to LIBADDBaptiste Daroussin2014-11-251-2/+1
| |_|/ |/| | | | | | | | | | | | | | | | | Reduce overlinking Notes: svn path=/head/; revision=275054
* | | Fix buffer overrun.Hiroki Sato2014-10-111-1/+2
| |/ |/| | | | | | | | | | | MFC after: 1 day Notes: svn path=/head/; revision=272961
* | Use sysctl(ICMPV6CTL_ND6_DRLIST) instead of SIOCGDRLST_IN6 ioctl.Hiroki Sato2013-08-171-28/+39
| | | | | | | | Notes: svn path=/head/; revision=254470
* | - Remove struct ifinfo *iflist. It is no longer used.Hiroki Sato2013-08-177-17/+14
| | | | | | | | | | | | | | - Suppress warnings about increase of alignment requirement. Notes: svn path=/head/; revision=254462
* | Fix build on arm and mips.Hiroki Sato2013-08-061-4/+2
| | | | | | | | Notes: svn path=/head/; revision=253995
* | - Use time_uptime instead of time_second in data structures forHiroki Sato2013-08-054-48/+76
| | | | | | | | | | | | | | | | | | | | | | | | PF_INET6 in kernel. This fixes various malfunction when the wall time clock is changed. Bump __FreeBSD_version to 1000041. - Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities. MFC after: 1 month Notes: svn path=/head/; revision=253970
* | Silent warnings.Kevin Lo2013-07-161-1/+1
| | | | | | | | Notes: svn path=/head/; revision=253376
* | - Fix wording. [1]Mark Johnston2013-05-281-4/+4
| | | | | | | | | | | | | | | | | | | | | | - Improve the descriptions in the FILES section. [2] Reported by: Jason McIntyre [1] Obtained from: NetBSD [2] MFC after: 3 days Notes: svn path=/head/; revision=251059
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 05:14:45 +0000