Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/ROY]: src/external/bsd/dhcpcd/dist/src Import dhcpcd-8.0.5 with the foll...
details: https://anonhg.NetBSD.org/src/rev/d16fd6ed0d26
branches: ROY
changeset: 455229:d16fd6ed0d26
user: roy <roy%NetBSD.org@localhost>
date: Fri Sep 13 10:58:31 2019 +0000
description:
Import dhcpcd-8.0.5 with the following changes:
* inet6: Fix default route not being installed
* DHCP: If root fs is network mounted, enable last lease extend
* man: Fix lint errors.
* DHCP: Give a better message when packet validation fails
* DHCP: Ensure we have enough data to checksum IP and UDP
The last change fixes a potential DoS attack introduced in dhcpcd-8.0.3 when
the checksuming code was changed to accomodate variable length IP headers.
diffstat:
external/bsd/dhcpcd/dist/src/common.c | 33 +-
external/bsd/dhcpcd/dist/src/common.h | 1 +
external/bsd/dhcpcd/dist/src/defs.h | 2 +-
external/bsd/dhcpcd/dist/src/dhcp.c | 29 +-
external/bsd/dhcpcd/dist/src/dhcpcd-embedded.c | 407 +++++++++++++++++++++++++
external/bsd/dhcpcd/dist/src/dhcpcd-embedded.h | 32 +
external/bsd/dhcpcd/dist/src/dhcpcd.c | 6 +
external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in | 6 +-
external/bsd/dhcpcd/dist/src/if-bsd.c | 6 +
external/bsd/dhcpcd/dist/src/ipv6.c | 39 +-
external/bsd/dhcpcd/dist/src/ipv6.h | 2 +-
external/bsd/dhcpcd/dist/src/ipv6nd.c | 2 +-
12 files changed, 512 insertions(+), 53 deletions(-)
diffs (truncated from 752 to 300 lines):
diff -r f48261b73c57 -r d16fd6ed0d26 external/bsd/dhcpcd/dist/src/common.c
--- a/external/bsd/dhcpcd/dist/src/common.c Sun Sep 08 20:46:17 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/common.c Fri Sep 13 10:58:31 2019 +0000
@@ -26,28 +26,12 @@
* SUCH DAMAGE.
*/
-#include <sys/param.h>
-#include <sys/time.h>
-#ifdef __sun
-#include <sys/sysmacros.h>
-#endif
+#include <sys/statvfs.h>
-#include <assert.h>
#include <ctype.h>
-#include <err.h>
#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#ifdef BSD
-# include <paths.h>
-#endif
-#include <stdarg.h>
-#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
#include "common.h"
#include "dhcpcd.h"
@@ -153,3 +137,18 @@
fclose(fp);
return len;
}
+
+int
+is_root_local(void)
+{
+#ifdef ST_LOCAL
+ struct statvfs vfs;
+
+ if (statvfs("/", &vfs) == -1)
+ return -1;
+ return vfs.f_flag & ST_LOCAL ? 1 : 0;
+#else
+ errno = ENOTSUP;
+ return -1;
+#endif
+}
diff -r f48261b73c57 -r d16fd6ed0d26 external/bsd/dhcpcd/dist/src/common.h
--- a/external/bsd/dhcpcd/dist/src/common.h Sun Sep 08 20:46:17 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/common.h Fri Sep 13 10:58:31 2019 +0000
@@ -197,4 +197,5 @@
const char *hwaddr_ntoa(const void *, size_t, char *, size_t);
size_t hwaddr_aton(uint8_t *, const char *);
size_t read_hwaddr_aton(uint8_t **, const char *);
+int is_root_local(void);
#endif
diff -r f48261b73c57 -r d16fd6ed0d26 external/bsd/dhcpcd/dist/src/defs.h
--- a/external/bsd/dhcpcd/dist/src/defs.h Sun Sep 08 20:46:17 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/defs.h Fri Sep 13 10:58:31 2019 +0000
@@ -29,7 +29,7 @@
#define CONFIG_H
#define PACKAGE "dhcpcd"
-#define VERSION "8.0.4"
+#define VERSION "8.0.5"
#ifndef CONFIG
# define CONFIG SYSCONFDIR "/" PACKAGE ".conf"
diff -r f48261b73c57 -r d16fd6ed0d26 external/bsd/dhcpcd/dist/src/dhcp.c
--- a/external/bsd/dhcpcd/dist/src/dhcp.c Sun Sep 08 20:46:17 2019 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcp.c Fri Sep 13 10:58:31 2019 +0000
@@ -3250,7 +3250,7 @@
.ip_dst = ip->ip_dst
};
size_t ip_hlen;
- uint16_t ip_len, uh_sum;
+ uint16_t ip_len, udp_len, uh_sum;
struct udphdr *udp;
uint32_t csum;
@@ -3276,27 +3276,31 @@
errno = ERANGE;
return -1;
}
- /* Check we don't go beyond the payload */
+ /* Check IP doesn't go beyond the payload */
if (ip_len > plen) {
errno = ENOBUFS;
return -1;
}
- if (flags & BPF_PARTIALCSUM)
+ /* Check UDP doesn't go beyond the payload */
+ udp = (struct udphdr *)(void *)((char *)ip + ip_hlen);
+ udp_len = ntohs(udp->uh_ulen);
+ if (udp_len > plen - ip_hlen) {
+ errno = ENOBUFS;
+ return -1;
+ }
+
+ if (udp->uh_sum == 0 || flags & BPF_PARTIALCSUM)
return 0;
/* UDP checksum is based on a pseudo IP header alongside
* the UDP header and payload. */
- udp = (struct udphdr *)(void *)((char *)ip + ip_hlen);
- if (udp->uh_sum == 0)
- return 0;
-
uh_sum = udp->uh_sum;
udp->uh_sum = 0;
pseudo_ip.ip_len = udp->uh_ulen;
csum = 0;
in_cksum(&pseudo_ip, sizeof(pseudo_ip), &csum);
- csum = in_cksum(udp, ntohs(udp->uh_ulen), &csum);
+ csum = in_cksum(udp, udp_len, &csum);
if (csum != uh_sum) {
errno = EINVAL;
return -1;
@@ -3338,12 +3342,13 @@
const struct dhcp_state *state = D_CSTATE(ifp);
if (valid_udp_packet(data, len, &from, state->bpf_flags) == -1) {
+ const char *errstr;
+
if (errno == EINVAL)
- logerrx("%s: checksum failure from %s",
- ifp->name, inet_ntoa(from));
+ errstr = "checksum failure";
else
- logerr("%s: invalid UDP packet from %s",
- ifp->name, inet_ntoa(from));
+ errstr = "invalid UDP packet";
+ logerrx("%s: %s from %s", errstr, ifp->name, inet_ntoa(from));
return;
}
diff -r f48261b73c57 -r d16fd6ed0d26 external/bsd/dhcpcd/dist/src/dhcpcd-embedded.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/external/bsd/dhcpcd/dist/src/dhcpcd-embedded.c Fri Sep 13 10:58:31 2019 +0000
@@ -0,0 +1,407 @@
+/*
+ * DO NOT EDIT!
+ * Automatically generated from dhcpcd-embedded.conf
+ * Ths allows us to simply generate DHCP structure without any C programming.
+ */
+
+/*
+ * dhcpcd - DHCP client daemon
+ * Copyright (c) 2006-2019 Roy Marples <roy%marples.name@localhost>
+ * All rights reserved
+
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <unistd.h>
+
+const char * const dhcpcd_embedded_conf[] = {
+"define 1 request ipaddress subnet_mask",
+"define 121 rfc3442 classless_static_routes",
+"define 249 rfc3442 ms_classless_static_routes",
+"define 33 request array ipaddress static_routes",
+"define 3 request array ipaddress routers",
+"define 2 uint32 time_offset",
+"define 4 array ipaddress time_servers",
+"define 5 array ipaddress ien116_name_servers",
+"define 6 array ipaddress domain_name_servers",
+"define 7 array ipaddress log_servers",
+"define 8 array ipaddress cookie_servers",
+"define 9 array ipaddress lpr_servers",
+"define 10 array ipaddress impress_servers",
+"define 11 array ipaddress resource_location_servers",
+"define 12 dname host_name",
+"define 13 uint16 boot_size",
+"define 14 string merit_dump",
+"define 15 array dname domain_name",
+"define 16 ipaddress swap_server",
+"define 17 string root_path",
+"define 18 string extensions_path",
+"define 19 byte ip_forwarding",
+"define 20 byte non_local_source_routing",
+"define 21 array ipaddress policy_filter",
+"define 22 uint16 max_dgram_reassembly",
+"define 23 byte default_ip_ttl",
+"define 24 uint32 path_mtu_aging_timeout",
+"define 25 array uint16 path_mtu_plateau_table",
+"define 26 uint16 interface_mtu",
+"define 27 byte all_subnets_local",
+"define 28 request ipaddress broadcast_address",
+"define 29 byte perform_mask_discovery",
+"define 30 byte mask_supplier",
+"define 31 byte router_discovery",
+"define 32 ipaddress router_solicitation_address",
+"define 34 byte trailer_encapsulation",
+"define 35 uint32 arp_cache_timeout",
+"define 36 uint16 ieee802_3_encapsulation",
+"define 37 byte default_tcp_ttl",
+"define 38 uint32 tcp_keepalive_interval",
+"define 39 byte tcp_keepalive_garbage",
+"define 40 string nis_domain",
+"define 41 array ipaddress nis_servers",
+"define 42 array ipaddress ntp_servers",
+"define 43 binhex vendor_encapsulated_options",
+"define 44 array ipaddress netbios_name_servers",
+"define 45 ipaddress netbios_dd_server",
+"define 46 byte netbios_node_type",
+"define 47 string netbios_scope",
+"define 48 array ipaddress font_servers",
+"define 49 array ipaddress x_display_manager",
+"define 50 ipaddress dhcp_requested_address",
+"define 51 request uint32 dhcp_lease_time",
+"define 52 byte dhcp_option_overload",
+"define 53 byte dhcp_message_type",
+"define 54 ipaddress dhcp_server_identifier",
+"define 55 array byte dhcp_parameter_request_list",
+"define 56 string dhcp_message",
+"define 57 uint16 dhcp_max_message_size",
+"define 58 request uint32 dhcp_renewal_time",
+"define 59 request uint32 dhcp_rebinding_time",
+"define 60 string vendor_class_identifier",
+"define 61 binhex dhcp_client_identifier",
+"define 64 string nisplus_domain",
+"define 65 array ipaddress nisplus_servers",
+"define 66 dname tftp_server_name",
+"define 67 string bootfile_name",
+"define 68 array ipaddress mobile_ip_home_agent",
+"define 69 array ipaddress smtp_server",
+"define 70 array ipaddress pop_server",
+"define 71 array ipaddress nntp_server",
+"define 72 array ipaddress www_server",
+"define 73 array ipaddress finger_server",
+"define 74 array ipaddress irc_server",
+"define 75 array ipaddress streettalk_server",
+"define 76 array ipaddress streettalk_directory_assistance_server",
+"define 77 binhex user_class",
+"define 78 embed slp_agent",
+"embed byte mandatory",
+"embed array ipaddress address",
+"define 79 embed slp_service",
+"embed byte mandatory",
+"embed ascii scope_list",
+"define 80 norequest flag rapid_commit",
+"define 81 embed fqdn",
+"embed bitflags=0000NEOS flags",
+"embed byte rcode1",
+"embed byte rcode2",
+"embed optional domain fqdn",
+"define 83 embed isns",
+"embed byte reserved1",
+"embed bitflags=00000SAE functions",
+"embed byte reserved2",
+"embed bitflags=00fFsSCE dd",
+"embed byte reserved3",
+"embed bitflags=0000DMHE admin",
+"embed uint16 reserved4",
+"embed byte reserved5",
+"embed bitflags=0TXPAMSE server_security",
+"embed array ipaddress servers",
+"define 85 array ipaddress nds_servers",
+"define 86 raw nds_tree_name",
+"define 87 raw nds_context",
+"define 88 array domain bcms_controller_names",
+"define 89 array ipaddress bcms_controller_address",
+"define 90 embed auth",
+"embed byte protocol",
+"embed byte algorithm",
+"embed byte rdm",
+"embed binhex:8 replay",
+"embed binhex information",
+"define 91 uint32 client_last_transaction_time",
+"define 92 array ipaddress associated_ip",
+"define 98 string uap_servers",
+"define 99 encap geoconf_civic",
+"embed byte what",
+"embed uint16 country_code",
+"define 100 string posix_timezone",
Home |
Main Index |
Thread Index |
Old Index