Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/roy]: src/external/bsd/dhcpcd/dist Update to dhcpcd-9.0.0 with the follo...
details: https://anonhg.NetBSD.org/src/rev/3edbf943c0bb
branches: roy
changeset: 746488:3edbf943c0bb
user: roy <roy%NetBSD.org@localhost>
date: Thu Apr 02 12:38:54 2020 +0000
description:
Update to dhcpcd-9.0.0 with the following changes:
* Decode interface complex interface names eth0.100:2 eth0i100:2.
This allows us to ignore some virtual interfaces by default
* ARP: Report L2 header address on conflict for more clarity
* DHCP: Support jumbo frames (untested)
* DHCP6: Clean up old lease on failure to confirm/rebind, etc
* RA: Prefer older routers
* INET6: Obscure prefixes are now calculated correctly
* Privilege Separation
* default hostname is now a blank string rather than localhost
* Leases are now dumped over the control socket - you get RA's now as well.
* Better support for many IPv6 routers
* RTM_MISS filtering
* RA: Deprecate stale addresses by setting pltime 0
* DHCP6: Deprecate stale addresses by setting pltime 0
diffstat:
external/bsd/dhcpcd/dist/LICENSE | 2 +-
external/bsd/dhcpcd/dist/README.md | 10 +-
external/bsd/dhcpcd/dist/hooks/20-resolv.conf | 4 +-
external/bsd/dhcpcd/dist/hooks/50-ntp.conf | 2 +-
external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.8.in | 15 +-
external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.in | 2 +-
external/bsd/dhcpcd/dist/src/arp.c | 166 +++-
external/bsd/dhcpcd/dist/src/arp.h | 12 +-
external/bsd/dhcpcd/dist/src/auth.c | 2 +-
external/bsd/dhcpcd/dist/src/auth.h | 2 +-
external/bsd/dhcpcd/dist/src/bpf.c | 139 ++-
external/bsd/dhcpcd/dist/src/bpf.h | 4 +-
external/bsd/dhcpcd/dist/src/common.c | 5 +-
external/bsd/dhcpcd/dist/src/common.h | 71 +-
external/bsd/dhcpcd/dist/src/control.c | 57 +-
external/bsd/dhcpcd/dist/src/control.h | 5 +-
external/bsd/dhcpcd/dist/src/defs.h | 14 +-
external/bsd/dhcpcd/dist/src/dev.h | 2 +-
external/bsd/dhcpcd/dist/src/dhcp-common.c | 2 +-
external/bsd/dhcpcd/dist/src/dhcp-common.h | 5 +-
external/bsd/dhcpcd/dist/src/dhcp.c | 671 +++++++++-------
external/bsd/dhcpcd/dist/src/dhcp.h | 10 +-
external/bsd/dhcpcd/dist/src/dhcp6.c | 770 +++++++++---------
external/bsd/dhcpcd/dist/src/dhcp6.h | 27 +-
external/bsd/dhcpcd/dist/src/dhcpcd-embedded.c | 12 +-
external/bsd/dhcpcd/dist/src/dhcpcd-embedded.h | 2 +-
external/bsd/dhcpcd/dist/src/dhcpcd.8.in | 32 +-
external/bsd/dhcpcd/dist/src/dhcpcd.c | 637 ++++++++++-----
external/bsd/dhcpcd/dist/src/dhcpcd.conf.5.in | 42 +-
external/bsd/dhcpcd/dist/src/dhcpcd.h | 28 +-
external/bsd/dhcpcd/dist/src/duid.c | 26 +-
external/bsd/dhcpcd/dist/src/duid.h | 6 +-
external/bsd/dhcpcd/dist/src/eloop.c | 337 +++++--
external/bsd/dhcpcd/dist/src/eloop.h | 44 +-
external/bsd/dhcpcd/dist/src/if-bsd.c | 349 ++++++-
external/bsd/dhcpcd/dist/src/if-options.c | 133 ++-
external/bsd/dhcpcd/dist/src/if-options.h | 12 +-
external/bsd/dhcpcd/dist/src/if.c | 137 ++-
external/bsd/dhcpcd/dist/src/if.h | 41 +-
external/bsd/dhcpcd/dist/src/ipv4.c | 3 +-
external/bsd/dhcpcd/dist/src/ipv4.h | 2 +-
external/bsd/dhcpcd/dist/src/ipv4ll.c | 6 +-
external/bsd/dhcpcd/dist/src/ipv4ll.h | 2 +-
external/bsd/dhcpcd/dist/src/ipv6.c | 174 ++--
external/bsd/dhcpcd/dist/src/ipv6.h | 11 +-
external/bsd/dhcpcd/dist/src/ipv6nd.c | 392 ++++++---
external/bsd/dhcpcd/dist/src/ipv6nd.h | 14 +-
external/bsd/dhcpcd/dist/src/logerr.c | 54 +-
external/bsd/dhcpcd/dist/src/logerr.h | 48 +-
external/bsd/dhcpcd/dist/src/route.c | 31 +-
external/bsd/dhcpcd/dist/src/route.h | 2 +-
external/bsd/dhcpcd/dist/src/sa.c | 2 +-
external/bsd/dhcpcd/dist/src/sa.h | 2 +-
external/bsd/dhcpcd/dist/src/script.c | 255 ++++--
external/bsd/dhcpcd/dist/src/script.h | 8 +-
55 files changed, 3033 insertions(+), 1810 deletions(-)
diffs (truncated from 9203 to 300 lines):
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/LICENSE
--- a/external/bsd/dhcpcd/dist/LICENSE Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/LICENSE Thu Apr 02 12:38:54 2020 +0000
@@ -1,4 +1,4 @@
-Copyright (c) 2006-2019 Roy Marples <roy%marples.name@localhost>
+Copyright (c) 2006-2020 Roy Marples <roy%marples.name@localhost>
All rights reserved.
Redistribution and use in source and binary forms, with or without
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/README.md
--- a/external/bsd/dhcpcd/dist/README.md Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/README.md Thu Apr 02 12:38:54 2020 +0000
@@ -89,11 +89,19 @@
dhcpcd-7 defaults the database directory to `/var/db/dhcpcd` instead of
`/var/db` and now stores dhcpcd.duid and dhcpcd.secret in there instead of
in /etc.
+dhcpcd-9 requires this directory and contents to be writeable by the
+unprivileged user (default _dhcpcd).
The Makefile `_confinstall` target will attempt to move the files correctly from
the old locations to the new locations.
-Of course this won't work if dhcpcd-7 is packaged up, so packagers will need to
+
+Of course this won't work if dhcpcd is packaged up, so packagers will need to
install similar logic into their dhcpcd package.
+dhcpcd-9 defaults the run directory to `/var/run/dhcpcd` instead of
+`/var/run` and the prefix of dhcpcd has been removed from the files.
+dhcpcd-9 may also run in a chroot, `/var/chroot/dhcpcd` so all the files
+could be relative to that.
+
## ChangeLog
We no longer supply a ChangeLog.
However, you're more than welcome to read the
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/hooks/20-resolv.conf
--- a/external/bsd/dhcpcd/dist/hooks/20-resolv.conf Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/hooks/20-resolv.conf Thu Apr 02 12:38:54 2020 +0000
@@ -42,7 +42,7 @@
# Build the nameserver list
srvs=$(cd "$resolv_conf_dir"; \
key_get_value "nameserver " ${interfaces})
- for x in $(uniqify ${srvs}); do
+ for x in $(uniqify $srvs); do
servers="${servers}nameserver $x$NL"
done
fi
@@ -152,6 +152,7 @@
fi
fi
if [ -n "$new_domain_search" ]; then
+ new_domain_search=$(uniqify $new_domain_search)
if valid_domainname_list $new_domain_search; then
conf="${conf}search $new_domain_search$NL"
elif ! $warn; then
@@ -159,6 +160,7 @@
"$new_domain_search"
fi
fi
+ new_domain_name_servers=$(uniqify $new_domain_name_servers)
for x in ${new_domain_name_servers}; do
conf="${conf}nameserver $x$NL"
done
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/hooks/50-ntp.conf
--- a/external/bsd/dhcpcd/dist/hooks/50-ntp.conf Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/hooks/50-ntp.conf Thu Apr 02 12:38:54 2020 +0000
@@ -41,7 +41,7 @@
esac
fi
-# Debian has a seperate file for DHCP config to avoid stamping on
+# Debian has a separate file for DHCP config to avoid stamping on
# the master.
if [ "$ntp_service" = ntpd ] && type invoke-rc.d >/dev/null 2>&1; then
[ -e /var/lib/ntp ] || mkdir /var/lib/ntp
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.8.in
--- a/external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.8.in Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.8.in Thu Apr 02 12:38:54 2020 +0000
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2006-2018 Roy Marples
+.\" Copyright (c) 2006-2020 Roy Marples
.\" All rights reserved
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -22,7 +22,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd February 20, 2018
+.Dd January 21, 2020
.Dt DHCPCD-RUN-HOOKS 8
.Os
.Sh NAME
@@ -69,6 +69,7 @@
is run on and
.Ev $reason
is to the reason why
+q
.Nm
was invoked.
DHCP information to be configured is held in variables starting with the word
@@ -83,6 +84,8 @@
.Nm
could be invoked:
.Bl -tag -width EXPIREXXXEXPIRE6
+.It Dv CHROOT
+dhcpcd is starting up and needs to configure a chroot environment.
.It Dv PREINIT
dhcpcd is starting up and any pre-initialisation should be done.
.It Dv CARRIER
@@ -144,12 +147,14 @@
.Sh ENVIRONMENT
.Nm dhcpcd
will clear the environment variables aside from
-.Ev $PATH
-and
-.Ev $RC_SVCNAME .
+.Ev $PATH .
The following variables will then be set, along with any protocol supplied
ones.
.Bl -tag -width xnew_delegated_dhcp6_prefix
+.It Ev $chroot
+the directory where
+.Nm dhcpcd
+is chrooted.
.It Ev $interface
the name of the interface.
.It Ev $protocol
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.in
--- a/external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.in Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/hooks/dhcpcd-run-hooks.in Thu Apr 02 12:38:54 2020 +0000
@@ -8,7 +8,7 @@
signature="$signature_base $from $ifname"
signature_base_end="# End of dhcpcd"
signature_end="$signature_base_end $from $ifname"
-state_dir=@RUNDIR@/dhcpcd
+state_dir=@RUNDIR@/hook-state
_detected_init=false
: ${if_up:=false}
diff -r a47f733072cf -r 3edbf943c0bb external/bsd/dhcpcd/dist/src/arp.c
--- a/external/bsd/dhcpcd/dist/src/arp.c Mon Jan 27 21:11:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/src/arp.c Thu Apr 02 12:38:54 2020 +0000
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: BSD-2-Clause */
/*
* dhcpcd - ARP handler
- * Copyright (c) 2006-2019 Roy Marples <roy%marples.name@localhost>
+ * Copyright (c) 2006-2020 Roy Marples <roy%marples.name@localhost>
* All rights reserved
* Redistribution and use in source and binary forms, with or without
@@ -41,7 +41,7 @@
#include <string.h>
#include <unistd.h>
-#define ELOOP_QUEUE 5
+#define ELOOP_QUEUE ELOOP_ARP
#include "config.h"
#include "arp.h"
#include "bpf.h"
@@ -53,10 +53,12 @@
#include "if-options.h"
#include "ipv4ll.h"
#include "logerr.h"
+#include "privsep.h"
#if defined(ARP)
-#define ARP_LEN \
- (sizeof(struct arphdr) + (2 * sizeof(uint32_t)) + (2 * HWADDR_LEN))
+#define ARP_LEN \
+ (FRAMEHDRLEN_MAX + \
+ sizeof(struct arphdr) + (2 * sizeof(uint32_t)) + (2 * HWADDR_LEN))
/* ARP debugging can be quite noisy. Enable this for more noise! */
//#define ARP_DEBUG
@@ -103,7 +105,13 @@
ZERO(ifp->hwlen);
APPEND(&tip->s_addr, sizeof(tip->s_addr));
+#ifdef PRIVSEP
+ if (ifp->ctx->options & DHCPCD_PRIVSEP)
+ return ps_bpf_sendarp(ifp, arp_buffer, len);
+#endif
state = ARP_CSTATE(ifp);
+ /* Note that well formed ethernet will add extra padding
+ * to ensure that the packet is at least 60 bytes (64 including FCS). */
return bpf_send(ifp, state->bpf_fd, ETHERTYPE_ARP, arp_buffer, len);
eexit:
@@ -115,7 +123,8 @@
arp_report_conflicted(const struct arp_state *astate,
const struct arp_msg *amsg)
{
- char buf[HWADDR_LEN * 3];
+ char abuf[HWADDR_LEN * 3];
+ char fbuf[HWADDR_LEN * 3];
if (amsg == NULL) {
logerrx("%s: DAD detected %s",
@@ -123,9 +132,16 @@
return;
}
- logerrx("%s: hardware address %s claims %s",
- astate->iface->name,
- hwaddr_ntoa(amsg->sha, astate->iface->hwlen, buf, sizeof(buf)),
+ hwaddr_ntoa(amsg->sha, astate->iface->hwlen, abuf, sizeof(abuf));
+ if (bpf_frame_header_len(astate->iface) == 0) {
+ logerrx("%s: %s claims %s",
+ astate->iface->name, abuf, inet_ntoa(astate->addr));
+ return;
+ }
+
+ logerrx("%s: %s(%s) claims %s",
+ astate->iface->name, abuf,
+ hwaddr_ntoa(amsg->fsha, astate->iface->hwlen, fbuf, sizeof(fbuf)),
inet_ntoa(astate->addr));
}
@@ -135,7 +151,7 @@
struct interface *ifp;
struct ipv4_addr *ia;
#ifndef KERNEL_RFC5227
- struct timespec now, defend;
+ struct timespec now;
#endif
arp_report_conflicted(astate, amsg);
@@ -158,10 +174,9 @@
* messages.
* If another conflict happens within DEFEND_INTERVAL
* then we must drop our address and negotiate a new one. */
- defend.tv_sec = astate->defend.tv_sec + DEFEND_INTERVAL;
- defend.tv_nsec = astate->defend.tv_nsec;
clock_gettime(CLOCK_MONOTONIC, &now);
- if (timespeccmp(&defend, &now, >))
+ if (timespecisset(&astate->defend) &&
+ eloop_timespec_diff(&now, &astate->defend, NULL) < DEFEND_INTERVAL)
logwarnx("%s: %d second defence failed for %s",
ifp->name, DEFEND_INTERVAL, inet_ntoa(astate->addr));
else if (arp_request(ifp, &astate->addr, &astate->addr) == -1)
@@ -206,9 +221,10 @@
return true;
}
-static void
+void
arp_packet(struct interface *ifp, uint8_t *data, size_t len)
{
+ size_t fl = bpf_frame_header_len(ifp), falen;
const struct interface *ifn;
struct arphdr ar;
struct arp_msg arm;
@@ -216,6 +232,21 @@
struct arp_state *astate, *astaten;
uint8_t *hw_s, *hw_t;
+ /* Copy the frame header source and destination out */
+ memset(&arm, 0, sizeof(arm));
+ if (fl != 0) {
+ hw_s = bpf_frame_header_src(ifp, data, &falen);
+ if (hw_s != NULL && falen <= sizeof(arm.fsha))
+ memcpy(arm.fsha, hw_s, falen);
+ hw_t = bpf_frame_header_dst(ifp, data, &falen);
+ if (hw_t != NULL && falen <= sizeof(arm.ftha))
+ memcpy(arm.ftha, hw_t, falen);
+
+ /* Skip past the frame header */
+ data += fl;
+ len -= fl;
+ }
+
/* We must have a full ARP header */
if (len < sizeof(ar))
return;
@@ -255,6 +286,8 @@
/* Match the ARP probe to our states.
* Ignore Unicast Poll, RFC1122. */
state = ARP_CSTATE(ifp);
+ if (state == NULL)
+ return;
TAILQ_FOREACH_SAFE(astate, &state->arp_states, next, astaten) {
if (IN_ARE_ADDR_EQUAL(&arm.sip, &astate->addr) ||
(IN_IS_ADDR_UNSPECIFIED(&arm.sip) &&
@@ -267,12 +300,24 @@
static void
arp_close(struct interface *ifp)
{
+ struct dhcpcd_ctx *ctx = ifp->ctx;
struct iarp_state *state;
- if ((state = ARP_STATE(ifp)) == NULL || state->bpf_fd == -1)
+#ifdef PRIVSEP
+ if (IN_PRIVSEP(ctx)) {
+ if (IN_PRIVSEP_SE(ctx) &&
+ ps_bpf_closearp(ifp) == -1)
+ logerr(__func__);
+ return;
+ }
+#endif
+
Home |
Main Index |
Thread Index |
Old Index