Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/bsd/dhcpcd/dist Import dhcpcd-7.2.1 with the follow...
details: https://anonhg.NetBSD.org/src/rev/4593ae0fdc44
branches: trunk
changeset: 450809:4593ae0fdc44
user: roy <roy%NetBSD.org@localhost>
date: Fri Apr 26 14:32:27 2019 +0000
description:
Import dhcpcd-7.2.1 with the following changes:
* auth: Use consttime_memequal to avoid latency attack
* DHCP: Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED
* DHCPv6: Fix a potential buffer overflow reading NA/TA addresses
diffstat:
external/bsd/dhcpcd/dist/compat/consttime_memequal.h | 28 ++
external/bsd/dhcpcd/dist/configure | 22 +
external/bsd/dhcpcd/dist/src/auth.c | 8 +-
external/bsd/dhcpcd/dist/src/control.c | 2 +-
external/bsd/dhcpcd/dist/src/defs.h | 2 +-
external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in | 5 +-
external/bsd/dhcpcd/dist/src/dhcpcd.h | 2 +
external/bsd/dhcpcd/dist/src/if-sun.c | 264 +++++++++++-------
external/bsd/dhcpcd/dist/src/ipv4.h | 3 +-
external/bsd/dhcpcd/dist/src/ipv4ll.c | 8 +-
external/bsd/dhcpcd/dist/src/ipv6.c | 2 +
external/bsd/dhcpcd/dist/src/ipv6.h | 14 +-
external/bsd/dhcpcd/dist/src/ipv6nd.h | 3 +
13 files changed, 248 insertions(+), 115 deletions(-)
diffs (truncated from 762 to 300 lines):
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/compat/consttime_memequal.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/external/bsd/dhcpcd/dist/compat/consttime_memequal.h Fri Apr 26 14:32:27 2019 +0000
@@ -0,0 +1,28 @@
+/*
+ * Written by Matthias Drochner <drochner%NetBSD.org@localhost>.
+ * Public domain.
+ */
+
+#ifndef CONSTTIME_MEMEQUAL_H
+#define CONSTTIME_MEMEQUAL_H
+inline static int
+consttime_memequal(const void *b1, const void *b2, size_t len)
+{
+ const unsigned char *c1 = b1, *c2 = b2;
+ unsigned int res = 0;
+
+ while (len--)
+ res |= *c1++ ^ *c2++;
+
+ /*
+ * Map 0 to 1 and [1, 256) to 0 using only constant-time
+ * arithmetic.
+ *
+ * This is not simply `!res' because although many CPUs support
+ * branchless conditional moves and many compilers will take
+ * advantage of them, certain compilers generate branches on
+ * certain CPUs for `!res'.
+ */
+ return (1 & ((res - 1) >> 8));
+}
+#endif /* CONSTTIME_MEMEQUAL_H */
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/configure
--- a/external/bsd/dhcpcd/dist/configure Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/configure Fri Apr 26 14:32:27 2019 +0000
@@ -13,6 +13,7 @@
INET6=
ARC4RANDOM=
CLOSEFROM=
+CONSTTIME_MEMEQUAL=
STRLCPY=
UDEV=
OS=
@@ -846,6 +847,27 @@
echo "#include \"compat/strtoi.h\"" >>$CONFIG_H
fi
+if [ -z "$CONSTTIME_MEMEQUAL" ]; then
+ printf "Testing for consttime_memequal ... "
+ cat <<EOF >_consttime_memequal.c
+#include <string.h>
+int main(void) {
+ return consttime_memequal("deadbeef", "deadbeef", 8);
+}
+EOF
+ if $XCC _consttime_memequal.c -o _consttime_memequal 2>&3; then
+ CONSTTIME_MEMEQUAL=yes
+ else
+ CONSTTIME_MEMEQUAL=no
+ fi
+ echo "$CONSTTIME_MEMEQUAL"
+ rm -f _consttime_memequal.c _consttime_memequal
+fi
+if [ "$CONSTTIME_MEMEQUAL" = no ]; then
+ echo "#include \"compat/consttime_memequal.h\"" \
+ >>$CONFIG_H
+fi
+
if [ -z "$DPRINTF" ]; then
printf "Testing for dprintf ... "
cat <<EOF >_dprintf.c
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/auth.c
--- a/external/bsd/dhcpcd/dist/src/auth.c Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/auth.c Fri Apr 26 14:32:27 2019 +0000
@@ -117,7 +117,11 @@
m = vm;
data = vdata;
- /* Ensure that d is inside m which *may* not be the case for DHPCPv4 */
+ /* Ensure that d is inside m which *may* not be the case for DHCPv4.
+ * This can occur if the authentication option is split using
+ * DHCP long option from RFC 3399. Section 9 which does infact note that
+ * implementations should take this into account.
+ * Fixing this would be problematic, patches welcome. */
if (data < m || data > m + mlen || data + dlen > m + mlen) {
errno = ERANGE;
return NULL;
@@ -354,7 +358,7 @@
}
free(mm);
- if (memcmp(d, &hmac_code, dlen)) {
+ if (!consttime_memequal(d, &hmac_code, dlen)) {
errno = EPERM;
return NULL;
}
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/control.c
--- a/external/bsd/dhcpcd/dist/src/control.c Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/control.c Fri Apr 26 14:32:27 2019 +0000
@@ -318,7 +318,7 @@
if ((fd = make_sock(&sa, ifname, 0)) != -1) {
socklen_t len;
-
+
len = (socklen_t)SUN_LEN(&sa);
if (connect(fd, (struct sockaddr *)&sa, len) == -1) {
close(fd);
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/defs.h
--- a/external/bsd/dhcpcd/dist/src/defs.h Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/defs.h Fri Apr 26 14:32:27 2019 +0000
@@ -28,7 +28,7 @@
#define CONFIG_H
#define PACKAGE "dhcpcd"
-#define VERSION "7.2.0"
+#define VERSION "7.2.1"
#ifndef CONFIG
# define CONFIG SYSCONFDIR "/" PACKAGE ".conf"
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in
--- a/external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in Fri Apr 26 14:32:27 2019 +0000
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd September 15, 2018
+.Dd April 24, 2019
.Dt DHCPCD.CONF 5
.Os
.Sh NAME
@@ -376,8 +376,7 @@
noipv6rs # disable routing solicitation
denyinterfaces eth2 # Don't touch eth2 at all
interface eth0
- ipv6rs # enable routing solicitation get the
- # default IPv6 route
+ ipv6rs # enable routing solicitation for eth0
ia_na 1 # request an IPv6 address
ia_pd 2 eth1/0 # request a PD and assign it to eth1
ia_pd 3 eth2/1 eth3/2 # req a PD and assign it to eth2 and eth3
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/dhcpcd.h
--- a/external/bsd/dhcpcd/dist/src/dhcpcd.h Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcpcd.h Fri Apr 26 14:32:27 2019 +0000
@@ -180,7 +180,9 @@
uint8_t *secret;
size_t secret_len;
+#ifndef __sun
int nd_fd;
+#endif
struct ra_head *ra_routers;
int dhcp6_fd;
diff -r 4938920537d9 -r 4593ae0fdc44 external/bsd/dhcpcd/dist/src/if-sun.c
--- a/external/bsd/dhcpcd/dist/src/if-sun.c Fri Apr 26 14:28:40 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/if-sun.c Fri Apr 26 14:32:27 2019 +0000
@@ -74,9 +74,9 @@
#endif
#ifndef RT_ROUNDUP
-#define RT_ROUNDUP(a) \
- ((a) > 0 ? (1 + (((a) - 1) | (sizeof(long) - 1))) : sizeof(long))
-#define RT_ADVANCE(x, n) (x += RT_ROUNDUP(salen(n)))
+#define RT_ROUNDUP(a) \
+ ((a) > 0 ? (1 + (((a) - 1) | (sizeof(int32_t) - 1))) : sizeof(int32_t))
+#define RT_ADVANCE(x, n) ((x) += RT_ROUNDUP(salen((n))))
#endif
#define COPYOUT(sin, sa) do { \
@@ -268,6 +268,7 @@
if_newaddr(const char *ifname, void *arg)
{
struct linkwalk *lw = arg;
+ int error;
struct ifaddrs *ifa;
dlpi_handle_t dh;
dlpi_info_t dlinfo;
@@ -276,7 +277,10 @@
struct sockaddr_dl *sdl;
ifa = NULL;
- if (dlpi_open(ifname, &dh, 0) != DLPI_SUCCESS)
+ error = dlpi_open(ifname, &dh, 0);
+ if (error == DLPI_ENOLINK) /* Just vanished or in global zone */
+ return B_FALSE;
+ if (error != DLPI_SUCCESS)
goto failed1;
if (dlpi_info(dh, &dlinfo, 0) != DLPI_SUCCESS)
goto failed;
@@ -317,7 +321,7 @@
ifa->ifa_next = lw->lw_ifa;
lw->lw_ifa = ifa;
dlpi_close(dh);
- return (B_FALSE);
+ return B_FALSE;
failed:
dlpi_close(dh);
@@ -328,7 +332,7 @@
}
failed1:
lw->lw_error = errno;
- return (B_TRUE);
+ return B_TRUE;
}
/* Creates an empty sockaddr_dl for lo0. */
@@ -423,14 +427,16 @@
{
const char *cp;
int i;
+ const struct sockaddr **sap;
cp = data;
for (i = 0; i < RTAX_MAX; i++) {
+ sap = &sa[i];
if (type & (1 << i)) {
- sa[i] = (const struct sockaddr *)cp;
- RT_ADVANCE(cp, sa[i]);
+ *sap = (const struct sockaddr *)cp;
+ RT_ADVANCE(cp, *sap);
} else
- sa[i] = NULL;
+ *sap = NULL;
}
return 0;
}
@@ -520,6 +526,7 @@
struct rt_msghdr *rtm;
char *bp = rtmsg->buffer;
socklen_t sl;
+ bool gateway_unspec;
/* WARNING: Solaris will not allow you to delete RTF_KERNEL routes.
* This includes subnet/prefix routes. */
@@ -538,25 +545,28 @@
rtm->rtm_flags = rt->rt_flags;
rtm->rtm_addrs = RTA_DST | RTA_GATEWAY;
+ gateway_unspec = sa_is_unspecified(&rt->rt_gateway);
+
if (cmd == RTM_ADD || cmd == RTM_CHANGE) {
bool netmask_bcast = sa_is_allones(&rt->rt_netmask);
rtm->rtm_flags |= RTF_UP;
if (!(rtm->rtm_flags & RTF_REJECT) &&
- !sa_is_loopback(&rt->rt_gateway) &&
- /* Solaris doesn't like interfaces on default routes. */
- !sa_is_unspecified(&rt->rt_dest))
+ !sa_is_loopback(&rt->rt_gateway))
{
rtm->rtm_addrs |= RTA_IFP;
-#if 0
+ /* RTA_IFA is currently ignored by the kernel.
+ * RTA_SRC and RTF_SETSRC look like what we want,
+ * but they don't work with RTF_GATEWAY.
+ * We set RTA_IFA just in the hope that the
+ * kernel will one day support this. */
if (!sa_is_unspecified(&rt->rt_ifa))
rtm->rtm_addrs |= RTA_IFA;
-#endif
}
if (netmask_bcast)
rtm->rtm_flags |= RTF_HOST;
- else
+ else if (!gateway_unspec)
rtm->rtm_flags |= RTF_GATEWAY;
/* Emulate the kernel by marking address generated
@@ -575,7 +585,7 @@
ADDSA(&rt->rt_dest);
- if (sa_is_unspecified(&rt->rt_gateway))
+ if (gateway_unspec)
ADDSA(&rt->rt_ifa);
else
ADDSA(&rt->rt_gateway);
@@ -590,14 +600,13 @@
ADDSA((struct sockaddr *)&sdl);
}
- if (rtm->rtm_addrs & RTA_IFA) {
+ if (rtm->rtm_addrs & RTA_IFA)
ADDSA(&rt->rt_ifa);
- rtm->rtm_addrs |= RTA_SRC;
- }
+
+#if 0
if (rtm->rtm_addrs & RTA_SRC)
ADDSA(&rt->rt_ifa);
-
-#undef ADDSA
+#endif
rtm->rtm_msglen = (unsigned short)(bp - (char *)rtm);
}
Home |
Main Index |
Thread Index |
Old Index