| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When sending UDP packets:
* compute the checksum in the correct order. This only has an impact
if the length of the payload is odd.
* don't send packet with a checksum of zero, use 0xffff instead as
required.
When receiving UDP packets:
* don't do any computations when the checksum is zero.
* compute the checksum in the correct order. This only has an impact
if the length of the payload is odd.
* when computing the checksum, store the pseudo header checksum
* if the checksum is computed as zero, use 0xffff instead.
* also accept packets, when the checksum in the packet is the pseudo
header checksum.
The last point fixes a problem when the DHCP client runs in a VM,
the DHCP server runs on the host serving the VM and the network
interface supports transmit checksum offloading. Since dhclient
doesn't use UDP sockets but bpf devices to read the packets, the
checksum will be incorrect and only contain the checksum of the
pseudo header.
PR: 263229
Reviewed by: markj, Timo Völker
Tested by: danilo
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D52394
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the future, this will be beneficial as we move the egid out of the
groups list; there's no need to track the egid explicitly in our
supplemental groups, and doing so could become a security issue if
setgid() would not end up switching groups[0] as it does today and
we end up wanting to change our egid.
The rwhod diff is a little gratuitious, but I like patterns and
setgroups() -> setgid() -> setuid() is a lot more common than
setgid() -> setgroups() -> setuid().
This is sweep is not exhaustive and intentionally did not include
contrib/, crypto/ or tools/.
Reviewed by: olce
Differential Revision: https://reviews.freebsd.org/D51510
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until July 2024, dhclient kept track of time as seconds-since-epoch as
a time_t. This was a problem because (a) we wanted sub-second timeouts
and (b) timeouts didn't always do the right thing if the system clock
changed.
Switching to using CLOCK_MONOTONIC and struct timespec fixed those
issues but introduced a new problem: CLOCK_MONOTONIC values were being
intepreted as seconds-since-epoch and written to the dhclient.leases
file, causing confusion with DHCP leases expiring in early 1970.
Attempt to compromise between these by keeping track of both times;
any type within dhclient which is a time_t now refers to seconds past
the epoch, while any struct timespec value is a CLOCK_MONOTONIC time.
PR: 283256
Reviewed by: dch
Fixes: f0a38976b01e ("dhclient: Use clock_gettime() instead of time()")
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49720
|
| |
|
|
|
|
|
|
|
|
|
| |
Ignore DHCP options 124 and 125 to shut up the warning messages.
These options are defined in the RFC 3925.
PR: 281361
Reviewed by: jrm (mentor), otis (mentor), thj
Tested by: jlduran@gmail.com
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D46760
|
| |
|
|
|
|
|
|
|
|
| |
Document new n flag for disabling ARP resolution within dhclient.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Make arp_timeout available to dhclient.c, set the default timeout to 250
ms, and provide a new command-line argument, 'n' for setting the timeout
to 0.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
|
| |
|
|
|
|
|
|
|
|
|
| |
Change the use of time() to clock_gettime() to have millisecond-accurate
rather than second-accurate timeouts.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
|
| |
|
|
|
|
|
|
|
|
|
| |
Use the new add_timeout_timespec() API to handle timeouts for
state_selecting within dhclient.c. No functional change intended.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new function, add_timeout_timespec(), to use timespec
structs to handle timeouts. Make add_timeout() into a wrapper for the
latter function to retain compatibility with the rest of the codebase.
No functional change intended.
Sponsored by: Google LLC (GSoC 2024)
Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org>
MFC after: 10 days
Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1368
|
| |
|
|
|
|
|
| |
This is a residual of the $FreeBSD$ removal.
MFC After: 3 days (though I'll just run the command on the branches)
Sponsored by: Netflix
|
| |
|
|
|
|
|
|
|
|
| |
Ignore SIP servers dhcp option to shut up the warning message.
This option is defined in the RFC 3361 and sent from NSD-G1000T router.
PR: 280119
Reviewed by: jrm (mentor), brooks
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D45873
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ioctl commands such as BIOCSETIF take a struct ifreq and due to
FreeBSD's ioctl implementation copy exactly sizeof(struct ifreq) bytes
in so allocate that much space.
The over-allocaton was harmless, but useless.
Reported by: def
Fixes: e2dc8d789f68a dhclient: do not add 0.0.0.0 interface alias.
Sponsored by: DARPA, AFRL
Reviewed by: def
Differential Revision: https://reviews.freebsd.org/D45769
|
| |
|
|
|
|
|
|
| |
Its last use was removed in 396c7521364.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1257
Differential Revsiion: https://reviews.freebsd.org/D42717
|
| |
|
|
| |
Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/
|
| |
|
|
| |
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
| |
|
|
| |
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
| |
|
|
| |
Remove /^/[*/]\s*\$FreeBSD\$.*\n/
|
| |
|
|
| |
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Only i386 still uses a 32-bit time_t. I knew this, and I still failed
to compile-test on i386. My bad.
Reported by: cy
Fixes: c210cac00f258 ("dhclient: fix time parsing for leases...")
Sponsored by: Dell EMC Isilon
|
| |
|
|
|
|
|
|
|
|
| |
Convert lease parsing to timegm to calculate timestamp. For reference, when
writing the lease, we use gmtime to convert the timestamp to struct tm.
Reviewed By: markj, vangyzen
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D40760
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A machine might exist on multiple networks, all of which offer, say, default
routes or name servers. There's no easy way to indicate in the config
that those options are only valid for a single interface.
Now, we can write:
interface "lan0" {
request routers;
require routers;
}
interface "lan1" {
ignore routers;
}
And only take action on default routes offered on lan0.
Tested by: Jose Luis Duran <jlduran at gmail dot com>
MFC after: 2 months
Reviewed by: allanjude, imp
Sponsored by: Zenith Electronics LLC
Sponsored by: Klara, Inc.
Pull Request: #693
|
| |
|
|
|
|
| |
Subscribers: imp
Differential Revision: https://reviews.freebsd.org/D38908
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Else out-of-bound reads and undefined behaviour may happen.
The current code only checked for the presence of the first of four bytes.
Make sure the fields in question have the minium size required.
No functional change intended.
Reviewed by: rrs@
MFC after: 1 week
Sponsored by: NVIDIA Networking
|
| |
|
|
|
|
|
|
| |
It doesn't really make sense to have it in runtime and let's not
bloat utilities more.
Reviewed by: emaste, imp
Differential Revision: https://reviews.freebsd.org/D36222
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On certain cloud platforms (Google Cloud, Packet.net and others) the
DHCP server offers a /32 address. This makes adding the default route
fail since it is not reachable via any interface. Linux's
dhclient-script seem to usually have a special case for that and
explicitly adds an interface route to the router's address.
FreeBSD's dhclient-script already has a special case for when the router
address is the same as the leased address. Now also add one for when
it's a different address that doesn't fall in the interface's subnet.
PR: 241792
Event: Aberdeen hackathon 2022
Submitted by: sigsys@gmail.com
Reviewed by: dch, kp, bz (+1 on the idea, not reviewed), thj
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
| |
If isc-dhcp44-server is not installed (as is the case the project's CI
servers) we don't create ngctl.shutdown, causing the 'rm' to fail.
That in turn causes the cleanup function to return non-zero, which
causes kyua to consider the test failed.
Use 'rm -f' instead, so we don't error even if the file doesn't exist.
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
|
|
|
|
|
| |
This tests both both normal (untagged), and pcp tagged (VLAN 0)
networks which are now common for fiber ISPs.
Reviewed by: markj, kp
Differential Revision: https://reviews.freebsd.org/D35178
|
| |
|
|
|
|
| |
- s/explicitely/explicitly/
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
| |
VLAN ID 0 is supposed to be interpreted as having no VLAN with a bit of
priority on the side, but the kernel is not able to decapsulate this on
the fly so dhclient needs to take care of it.
Reviewed by: markj
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D31515
|
| |
|
|
|
|
|
|
|
| |
When invalid statement is found the next statement is skipped even if it
is valid.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31527
|
| |
|
|
|
|
| |
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31502
|
| |
|
|
|
|
|
|
|
| |
PR: 217978
Reported by: Franco Fichtner <franco@opnsense.org>
Reviewed by: markj
Obtained from: OPNsense
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31503
|
| |
|
|
|
|
|
|
|
|
| |
This allows the use of VLAN PCP in dhclient, which is required for
certain ISPs (such as Orange.fr).
Reviewed by: bcr (man page)
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31263
|
| |
|
|
|
|
|
|
|
|
| |
- no blank before trailing delimiter
- new sentence, new line
MFC after: 1 week
Notes:
svn path=/head/; revision=366407
|
| |
|
|
|
|
|
|
|
|
| |
Reported by: Shlomi Oberman, JSOF
Submitted by: delphij
Reviewed by: markj
Tested by: markj
Notes:
svn path=/head/; revision=364994
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A logic bug in remove_protocol() meant that it would remove (leak) all
structures in the list preceding the one intended for removal.
PR: 245971
Submitted by: joost@jodocus.org (original version)
MFC after: 1 week
Notes:
svn path=/head/; revision=361793
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Notes:
svn path=/head/; revision=355617
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend
DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options
See share/mk/dirdeps-options.mk
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22469
Notes:
svn path=/head/; revision=355616
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous revision missed the exact same error in a copy paste block
of the same code in another function. Fix the identical case, too.
A DHCP client identifier is simply the hardware type (one byte)
concatenated with the hardware address (some variable number of bytes,
but at most 16). Limit the size of the temporary buffer to match and
the rest of the calculations shake out correctly.
PR: 238022
Reported by: Young <yangx92 AT hotmail.com>
Submitted by: Young <yangx92 AT hotmail.com>
MFC after: I don't plan to but you should feel free
Security: yes
Notes:
svn path=/head/; revision=355204
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will enable further automation of HTTP UEFI boot loader support by
providing a specific option for providing the boot URL to FreeBSD.
Documented in:
https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml
https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcp-options
https://tools.ietf.org/html/rfc3679
Approved by: emaste
MFC after: 2 weeks
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D22475
Notes:
svn path=/head/; revision=355019
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise they are leaked, allowing an attacker to trigger memory
exhaustion.
This is options.c rev. 1.70 from OpenBSD.
admbugs: 552
Obtained from: OpenBSD
MFC after: 3 days
Notes:
svn path=/head/; revision=349439
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A mixture of IP or UDP packets with valid and invalid checksum could
cause {ip,udp}_packets_bad_checksum to wrap around to 0, resulting
in a division by zero.
This is packet.c rev. 1.27 from OpenBSD.
admbugs: 552
Obtained from: OpenBSD
MFC after: 3 days
Notes:
svn path=/head/; revision=349438
|
| |
|
|
|
|
|
|
|
|
|
|
| |
MTU if we've set it once and there were no changes on the DHCP server
side since the last refresh. This is consistent I believe with how dhclient
handles other settings like IP address, mask etc.
Approved by: cem, eugen
Differential Revision: https://reviews.freebsd.org/D18546
Notes:
svn path=/head/; revision=344488
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r343896 made it such that a non-zero exit status was passed through, but was
still wrong if the script exits on a signal. POSIX does not say what the
WEXITSTATUS macro returns in this case and in practice 0 is a common value.
Instead, translate the wait status into 8 bits the same way as the shell
calculates $?.
Reviewed by: kib, Nash Kaminski
MFC after: 1 week
Notes:
svn path=/head/; revision=343922
|
| |
|
|
|
|
|
|
|
|
|
| |
This is also OpenBSD rev. 1.117, as pointed out by
Ryan Moeller <ryan@ixsystems.com>.
Submitted by: Nash Kaminski <nashkaminski@gmail.com>
MFC after: 1 week
Notes:
svn path=/head/; revision=343896
|
| |
|
|
|
|
|
| |
Use caph_{rights,ioctls,fcntls}_limit to simplify the code.
Notes:
svn path=/head/; revision=340138
|
| |
|
|
|
|
|
|
|
|
| |
This also leverages CONFS for handling config files.
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D17160
Notes:
svn path=/head/; revision=338740
|
| |
|
|
|
|
|
|
|
|
| |
This is being done a separate step to ease importing into other VCSes.
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D17160
Notes:
svn path=/head/; revision=338739
|
