Import dhcpcd-8.0.5 with the following changes:
* inet6: Fix default route not being installed * DHCP: If root fs is network mounted, enable last lease extend * man: Fix lint errors. * DHCP: Give a better message when packet validation fails * DHCP: Ensure we have enough data to checksum IP and UDP The last change fixes a potential DoS attack introduced in dhcpcd-8.0.3 when the checksuming code was changed to accomodate variable length IP headers.
This commit is contained in:
parent
7dfda7b4f5
commit
5921161ee0
|
@ -26,28 +26,12 @@
|
|||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/time.h>
|
||||
#ifdef __sun
|
||||
#include <sys/sysmacros.h>
|
||||
#endif
|
||||
#include <sys/statvfs.h>
|
||||
|
||||
#include <assert.h>
|
||||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
#ifdef BSD
|
||||
# include <paths.h>
|
||||
#endif
|
||||
#include <stdarg.h>
|
||||
#include <stdint.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "common.h"
|
||||
#include "dhcpcd.h"
|
||||
|
@ -153,3 +137,18 @@ read_hwaddr_aton(uint8_t **data, const char *path)
|
|||
fclose(fp);
|
||||
return len;
|
||||
}
|
||||
|
||||
int
|
||||
is_root_local(void)
|
||||
{
|
||||
#ifdef ST_LOCAL
|
||||
struct statvfs vfs;
|
||||
|
||||
if (statvfs("/", &vfs) == -1)
|
||||
return -1;
|
||||
return vfs.f_flag & ST_LOCAL ? 1 : 0;
|
||||
#else
|
||||
errno = ENOTSUP;
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
|
|
@ -197,4 +197,5 @@ int get_monotonic(struct timespec *);
|
|||
const char *hwaddr_ntoa(const void *, size_t, char *, size_t);
|
||||
size_t hwaddr_aton(uint8_t *, const char *);
|
||||
size_t read_hwaddr_aton(uint8_t **, const char *);
|
||||
int is_root_local(void);
|
||||
#endif
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define CONFIG_H
|
||||
|
||||
#define PACKAGE "dhcpcd"
|
||||
#define VERSION "8.0.4"
|
||||
#define VERSION "8.0.5"
|
||||
|
||||
#ifndef CONFIG
|
||||
# define CONFIG SYSCONFDIR "/" PACKAGE ".conf"
|
||||
|
|
|
@ -3250,7 +3250,7 @@ valid_udp_packet(void *packet, size_t plen, struct in_addr *from,
|
|||
.ip_dst = ip->ip_dst
|
||||
};
|
||||
size_t ip_hlen;
|
||||
uint16_t ip_len, uh_sum;
|
||||
uint16_t ip_len, udp_len, uh_sum;
|
||||
struct udphdr *udp;
|
||||
uint32_t csum;
|
||||
|
||||
|
@ -3276,27 +3276,31 @@ valid_udp_packet(void *packet, size_t plen, struct in_addr *from,
|
|||
errno = ERANGE;
|
||||
return -1;
|
||||
}
|
||||
/* Check we don't go beyond the payload */
|
||||
/* Check IP doesn't go beyond the payload */
|
||||
if (ip_len > plen) {
|
||||
errno = ENOBUFS;
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (flags & BPF_PARTIALCSUM)
|
||||
/* Check UDP doesn't go beyond the payload */
|
||||
udp = (struct udphdr *)(void *)((char *)ip + ip_hlen);
|
||||
udp_len = ntohs(udp->uh_ulen);
|
||||
if (udp_len > plen - ip_hlen) {
|
||||
errno = ENOBUFS;
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (udp->uh_sum == 0 || flags & BPF_PARTIALCSUM)
|
||||
return 0;
|
||||
|
||||
/* UDP checksum is based on a pseudo IP header alongside
|
||||
* the UDP header and payload. */
|
||||
udp = (struct udphdr *)(void *)((char *)ip + ip_hlen);
|
||||
if (udp->uh_sum == 0)
|
||||
return 0;
|
||||
|
||||
uh_sum = udp->uh_sum;
|
||||
udp->uh_sum = 0;
|
||||
pseudo_ip.ip_len = udp->uh_ulen;
|
||||
csum = 0;
|
||||
in_cksum(&pseudo_ip, sizeof(pseudo_ip), &csum);
|
||||
csum = in_cksum(udp, ntohs(udp->uh_ulen), &csum);
|
||||
csum = in_cksum(udp, udp_len, &csum);
|
||||
if (csum != uh_sum) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
|
@ -3338,12 +3342,13 @@ dhcp_handlepacket(struct interface *ifp, uint8_t *data, size_t len)
|
|||
const struct dhcp_state *state = D_CSTATE(ifp);
|
||||
|
||||
if (valid_udp_packet(data, len, &from, state->bpf_flags) == -1) {
|
||||
const char *errstr;
|
||||
|
||||
if (errno == EINVAL)
|
||||
logerrx("%s: checksum failure from %s",
|
||||
ifp->name, inet_ntoa(from));
|
||||
errstr = "checksum failure";
|
||||
else
|
||||
logerr("%s: invalid UDP packet from %s",
|
||||
ifp->name, inet_ntoa(from));
|
||||
errstr = "invalid UDP packet";
|
||||
logerrx("%s: %s from %s", errstr, ifp->name, inet_ntoa(from));
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,407 @@
|
|||
/*
|
||||
* DO NOT EDIT!
|
||||
* Automatically generated from dhcpcd-embedded.conf
|
||||
* Ths allows us to simply generate DHCP structure without any C programming.
|
||||
*/
|
||||
|
||||
/*
|
||||
* dhcpcd - DHCP client daemon
|
||||
* Copyright (c) 2006-2019 Roy Marples <roy@marples.name>
|
||||
* All rights reserved
|
||||
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <unistd.h>
|
||||
|
||||
const char * const dhcpcd_embedded_conf[] = {
|
||||
"define 1 request ipaddress subnet_mask",
|
||||
"define 121 rfc3442 classless_static_routes",
|
||||
"define 249 rfc3442 ms_classless_static_routes",
|
||||
"define 33 request array ipaddress static_routes",
|
||||
"define 3 request array ipaddress routers",
|
||||
"define 2 uint32 time_offset",
|
||||
"define 4 array ipaddress time_servers",
|
||||
"define 5 array ipaddress ien116_name_servers",
|
||||
"define 6 array ipaddress domain_name_servers",
|
||||
"define 7 array ipaddress log_servers",
|
||||
"define 8 array ipaddress cookie_servers",
|
||||
"define 9 array ipaddress lpr_servers",
|
||||
"define 10 array ipaddress impress_servers",
|
||||
"define 11 array ipaddress resource_location_servers",
|
||||
"define 12 dname host_name",
|
||||
"define 13 uint16 boot_size",
|
||||
"define 14 string merit_dump",
|
||||
"define 15 array dname domain_name",
|
||||
"define 16 ipaddress swap_server",
|
||||
"define 17 string root_path",
|
||||
"define 18 string extensions_path",
|
||||
"define 19 byte ip_forwarding",
|
||||
"define 20 byte non_local_source_routing",
|
||||
"define 21 array ipaddress policy_filter",
|
||||
"define 22 uint16 max_dgram_reassembly",
|
||||
"define 23 byte default_ip_ttl",
|
||||
"define 24 uint32 path_mtu_aging_timeout",
|
||||
"define 25 array uint16 path_mtu_plateau_table",
|
||||
"define 26 uint16 interface_mtu",
|
||||
"define 27 byte all_subnets_local",
|
||||
"define 28 request ipaddress broadcast_address",
|
||||
"define 29 byte perform_mask_discovery",
|
||||
"define 30 byte mask_supplier",
|
||||
"define 31 byte router_discovery",
|
||||
"define 32 ipaddress router_solicitation_address",
|
||||
"define 34 byte trailer_encapsulation",
|
||||
"define 35 uint32 arp_cache_timeout",
|
||||
"define 36 uint16 ieee802_3_encapsulation",
|
||||
"define 37 byte default_tcp_ttl",
|
||||
"define 38 uint32 tcp_keepalive_interval",
|
||||
"define 39 byte tcp_keepalive_garbage",
|
||||
"define 40 string nis_domain",
|
||||
"define 41 array ipaddress nis_servers",
|
||||
"define 42 array ipaddress ntp_servers",
|
||||
"define 43 binhex vendor_encapsulated_options",
|
||||
"define 44 array ipaddress netbios_name_servers",
|
||||
"define 45 ipaddress netbios_dd_server",
|
||||
"define 46 byte netbios_node_type",
|
||||
"define 47 string netbios_scope",
|
||||
"define 48 array ipaddress font_servers",
|
||||
"define 49 array ipaddress x_display_manager",
|
||||
"define 50 ipaddress dhcp_requested_address",
|
||||
"define 51 request uint32 dhcp_lease_time",
|
||||
"define 52 byte dhcp_option_overload",
|
||||
"define 53 byte dhcp_message_type",
|
||||
"define 54 ipaddress dhcp_server_identifier",
|
||||
"define 55 array byte dhcp_parameter_request_list",
|
||||
"define 56 string dhcp_message",
|
||||
"define 57 uint16 dhcp_max_message_size",
|
||||
"define 58 request uint32 dhcp_renewal_time",
|
||||
"define 59 request uint32 dhcp_rebinding_time",
|
||||
"define 60 string vendor_class_identifier",
|
||||
"define 61 binhex dhcp_client_identifier",
|
||||
"define 64 string nisplus_domain",
|
||||
"define 65 array ipaddress nisplus_servers",
|
||||
"define 66 dname tftp_server_name",
|
||||
"define 67 string bootfile_name",
|
||||
"define 68 array ipaddress mobile_ip_home_agent",
|
||||
"define 69 array ipaddress smtp_server",
|
||||
"define 70 array ipaddress pop_server",
|
||||
"define 71 array ipaddress nntp_server",
|
||||
"define 72 array ipaddress www_server",
|
||||
"define 73 array ipaddress finger_server",
|
||||
"define 74 array ipaddress irc_server",
|
||||
"define 75 array ipaddress streettalk_server",
|
||||
"define 76 array ipaddress streettalk_directory_assistance_server",
|
||||
"define 77 binhex user_class",
|
||||
"define 78 embed slp_agent",
|
||||
"embed byte mandatory",
|
||||
"embed array ipaddress address",
|
||||
"define 79 embed slp_service",
|
||||
"embed byte mandatory",
|
||||
"embed ascii scope_list",
|
||||
"define 80 norequest flag rapid_commit",
|
||||
"define 81 embed fqdn",
|
||||
"embed bitflags=0000NEOS flags",
|
||||
"embed byte rcode1",
|
||||
"embed byte rcode2",
|
||||
"embed optional domain fqdn",
|
||||
"define 83 embed isns",
|
||||
"embed byte reserved1",
|
||||
"embed bitflags=00000SAE functions",
|
||||
"embed byte reserved2",
|
||||
"embed bitflags=00fFsSCE dd",
|
||||
"embed byte reserved3",
|
||||
"embed bitflags=0000DMHE admin",
|
||||
"embed uint16 reserved4",
|
||||
"embed byte reserved5",
|
||||
"embed bitflags=0TXPAMSE server_security",
|
||||
"embed array ipaddress servers",
|
||||
"define 85 array ipaddress nds_servers",
|
||||
"define 86 raw nds_tree_name",
|
||||
"define 87 raw nds_context",
|
||||
"define 88 array domain bcms_controller_names",
|
||||
"define 89 array ipaddress bcms_controller_address",
|
||||
"define 90 embed auth",
|
||||
"embed byte protocol",
|
||||
"embed byte algorithm",
|
||||
"embed byte rdm",
|
||||
"embed binhex:8 replay",
|
||||
"embed binhex information",
|
||||
"define 91 uint32 client_last_transaction_time",
|
||||
"define 92 array ipaddress associated_ip",
|
||||
"define 98 string uap_servers",
|
||||
"define 99 encap geoconf_civic",
|
||||
"embed byte what",
|
||||
"embed uint16 country_code",
|
||||
"define 100 string posix_timezone",
|
||||
"define 101 string tzdb_timezone",
|
||||
"define 116 byte auto_configure",
|
||||
"define 117 array uint16 name_service_search",
|
||||
"define 118 ipaddress subnet_selection",
|
||||
"define 119 array domain domain_search",
|
||||
"define 120 rfc3361 sip_server",
|
||||
"define 122 encap tsp",
|
||||
"encap 1 ipaddress dhcp_server",
|
||||
"encap 2 ipaddress dhcp_secondary_server",
|
||||
"encap 3 rfc3361 provisioning_server",
|
||||
"encap 4 embed as_req_as_rep_backoff",
|
||||
"embed uint32 nominal",
|
||||
"embed uint32 maximum",
|
||||
"embed uint32 retry",
|
||||
"encap 5 embed ap_req_ap_rep_backoff",
|
||||
"embed uint32 nominal",
|
||||
"embed uint32 maximum",
|
||||
"embed uint32 retry",
|
||||
"encap 6 domain kerberos_realm",
|
||||
"encap 7 byte ticket_granting_server_utilization",
|
||||
"encap 8 byte provisioning_timer",
|
||||
"define 123 binhex geoconf",
|
||||
"define 124 binhex vivco",
|
||||
"define 125 embed vivso",
|
||||
"embed uint32 enterprise_number",
|
||||
"define 136 array ipaddress pana_agent",
|
||||
"define 137 domain lost_server",
|
||||
"define 138 array ipaddress capwap_ac",
|
||||
"define 139 encap mos_ip",
|
||||
"encap 1 array ipaddress is",
|
||||
"encap 2 array ipaddress cs",
|
||||
"encap 3 array ipaddress es",
|
||||
"define 140 encap mos_domain",
|
||||
"encap 1 domain is",
|
||||
"encap 2 domain cs",
|
||||
"encap 3 domain es",
|
||||
"define 141 array domain sip_ua_cs_list",
|
||||
"define 142 array ipaddress andsf",
|
||||
"define 143 array ip6address andsf6",
|
||||
"define 144 binhex geoloc",
|
||||
"define 145 array byte forcerenew_nonce_capable",
|
||||
"define 146 embed rdnss_selection",
|
||||
"embed byte prf",
|
||||
"embed ipaddress primary",
|
||||
"embed ipaddress secondary",
|
||||
"embed array domain domains",
|
||||
"define 150 array ipaddress tftp_servers",
|
||||
"define 161 string mudurl",
|
||||
"define 208 binhex pxelinux_magic",
|
||||
"define 209 string config_file",
|
||||
"define 210 string path_prefix",
|
||||
"define 211 uint32 reboot_time",
|
||||
"define 212 embed sixrd",
|
||||
"embed byte mask_len",
|
||||
"embed byte prefix_len",
|
||||
"embed ip6address prefix",
|
||||
"embed array ipaddress brip_address",
|
||||
"define 213 domain access_domain",
|
||||
"define 221 encap vss",
|
||||
"encap 0 string nvt",
|
||||
"encap 1 binhex vpn_id",
|
||||
"encap 255 flag global",
|
||||
"define 252 string wpad_url",
|
||||
"definend 1 binhex source_address",
|
||||
"definend 2 binhex target_address",
|
||||
"definend 3 index embed prefix_information",
|
||||
"embed byte length",
|
||||
"embed bitflags=LA flags",
|
||||
"embed uint32 vltime",
|
||||
"embed uint32 pltime",
|
||||
"embed uint32 reserved",
|
||||
"embed array ip6address prefix",
|
||||
"definend 5 embed mtu",
|
||||
"embed uint16 reserved",
|
||||
"embed uint32 mtu",
|
||||
"definend 25 index embed rdnss",
|
||||
"embed uint16 reserved",
|
||||
"embed uint32 lifetime",
|
||||
"embed array ip6address servers",
|
||||
"definend 31 index embed dnssl",
|
||||
"embed uint16 reserved",
|
||||
"embed uint32 lifetime",
|
||||
"embed domain search",
|
||||
"define6 1 binhex client_id",
|
||||
"define6 2 binhex server_id",
|
||||
"define6 3 norequest index embed ia_na",
|
||||
"embed binhex:4 iaid",
|
||||
"embed uint32 t1",
|
||||
"embed uint32 t2",
|
||||
"encap 5 option",
|
||||
"encap 13 option",
|
||||
"define6 4 norequest index embed ia_ta",
|
||||
"embed uint32 iaid",
|
||||
"encap 5 option",
|
||||
"encap 13 option",
|
||||
"define6 5 norequest index embed ia_addr",
|
||||
"embed ip6address ia_addr",
|
||||
"embed uint32 pltime",
|
||||
"embed uint32 vltime",
|
||||
"encap 13 option",
|
||||
"define6 6 array uint16 option_request",
|
||||
"define6 7 byte preference",
|
||||
"define6 8 uint16 elased_time",
|
||||
"define6 9 binhex dhcp_relay_msg",
|
||||
"define6 11 embed auth",
|
||||
"embed byte protocol",
|
||||
"embed byte algorithm",
|
||||
"embed byte rdm",
|
||||
"embed binhex:8 replay",
|
||||
"embed binhex information",
|
||||
"define6 12 ip6address unicast",
|
||||
"define6 13 norequest embed status_code",
|
||||
"embed uint16 status_code",
|
||||
"embed optional string message",
|
||||
"define6 14 norequest flag rapid_commit",
|
||||
"define6 15 binhex user_class",
|
||||
"define6 16 binhex vivco",
|
||||
"define6 17 embed vivso",
|
||||
"embed uint32 enterprise_number",
|
||||
"define6 18 binhex interface_id",
|
||||
"define6 19 byte reconfigure_msg",
|
||||
"define6 20 flag reconfigure_accept",
|
||||
"define6 21 array domain sip_servers_names",
|
||||
"define6 22 array ip6address sip_servers_addresses",
|
||||
"define6 23 array ip6address name_servers",
|
||||
"define6 24 array domain domain_search",
|
||||
"define6 25 norequest index embed ia_pd",
|
||||
"embed binhex:4 iaid",
|
||||
"embed uint32 t1",
|
||||
"embed uint32 t2",
|
||||
"encap 26 option",
|
||||
"define6 26 index embed prefix",
|
||||
"embed uint32 pltime",
|
||||
"embed uint32 vltime",
|
||||
"embed byte length",
|
||||
"embed ip6address prefix",
|
||||
"encap 13 option",
|
||||
"encap 67 option",
|
||||
"define6 27 array ip6address nis_servers",
|
||||
"define6 28 array ip6address nisp_servers",
|
||||
"define6 29 string nis_domain_name",
|
||||
"define6 30 string nisp_domain_name",
|
||||
"define6 31 array ip6address sntp_servers",
|
||||
"define6 32 uint32 info_refresh_time",
|
||||
"define6 33 array domain bcms_server_d",
|
||||
"define6 34 array ip6address bcms_server_a",
|
||||
"define6 36 encap geoconf_civic",
|
||||
"embed byte what",
|
||||
"embed uint16 country_code",
|
||||
"define6 37 embed remote_id",
|
||||
"embed uint32 enterprise_number",
|
||||
"embed binhex remote_id",
|
||||
"define6 38 binhex subscriber_id",
|
||||
"define6 39 embed fqdn",
|
||||
"embed bitflags=00000NOS flags",
|
||||
"embed optional domain fqdn",
|
||||
"define6 40 array ip6address pana_agent",
|
||||
"define6 41 string posix_timezone",
|
||||
"define6 42 string tzdb_timezone",
|
||||
"define6 43 array uint16 ero",
|
||||
"define6 49 domain mip6_hnidf",
|
||||
"define6 50 encap mip6_vdinf",
|
||||
"encap 71 option",
|
||||
"encap 72 option",
|
||||
"encap 73 option",
|
||||
"define6 51 domain lost_server",
|
||||
"define6 52 array ip6address capwap_ac",
|
||||
"define6 53 binhex relay_id",
|
||||
"define6 54 encap mos_ip",
|
||||
"encap 1 array ip6address is",
|
||||
"encap 2 array ip6address cs",
|
||||
"encap 3 array ip6address es",
|
||||
"define6 55 encap mos_domain",
|
||||
"encap 1 domain is",
|
||||
"encap 2 domain cs",
|
||||
"encap 3 domain es",
|
||||
"define6 56 encap ntp_server",
|
||||
"encap 1 ip6address addr",
|
||||
"encap 2 ip6address mcast_addr",
|
||||
"encap 3 ip6address fqdn",
|
||||
"define6 57 domain access_domain",
|
||||
"define6 58 array domain sip_ua_cs_list",
|
||||
"define6 59 string bootfile_url",
|
||||
"define6 60 binhex bootfile_param",
|
||||
"define6 61 array uint16 architecture_types",
|
||||
"define6 62 embed nii",
|
||||
"embed byte type",
|
||||
"embed byte major",
|
||||
"embed byte minor",
|
||||
"define6 63 binhex geoloc",
|
||||
"define6 64 domain aftr_name",
|
||||
"define6 67 embed pd_exclude",
|
||||
"embed byte prefix_len",
|
||||
"embed binhex subnetID",
|
||||
"define6 69 encap mip6_idinf",
|
||||
"encap 71 option",
|
||||
"encap 72 option",
|
||||
"encap 73 option",
|
||||
"define6 70 encap mip6_udinf",
|
||||
"encap 71 option",
|
||||
"encap 72 option",
|
||||
"encap 73 option",
|
||||
"define6 71 embed mip6_hnp",
|
||||
"embed byte prefix_len",
|
||||
"embed ip6address prefix",
|
||||
"define6 72 ip6address mip6_haa",
|
||||
"define6 73 domain mip6_haf",
|
||||
"define6 74 embed rdnss_selection",
|
||||
"embed ip6address server",
|
||||
"embed byte prf",
|
||||
"embed array domain domains",
|
||||
"define6 75 string krb_principal_name",
|
||||
"define6 76 string krb_realm_name",
|
||||
"define6 78 embed krb_kdc",
|
||||
"embed uint16 priority",
|
||||
"embed uint16 weight",
|
||||
"embed byte transport_type",
|
||||
"embed uint16 port",
|
||||
"embed ip6address address",
|
||||
"embed string realm_name",
|
||||
"define6 80 ip6address link_address",
|
||||
"define6 82 request uint32 sol_max_rt",
|
||||
"define6 83 request uint32 inf_max_rt",
|
||||
"define6 89 embed s46_rule",
|
||||
"embed bitflags=0000000F flags",
|
||||
"embed byte ea_len",
|
||||
"embed byte prefix4_len",
|
||||
"embed ipaddress ipv4_prefix",
|
||||
"embed ip6address ipv6_prefix",
|
||||
"define6 90 ip6address s64_br",
|
||||
"define6 91 embed s46_dmr",
|
||||
"embed byte prefix_len",
|
||||
"embed binhex prefix",
|
||||
"define6 92 embed s46_v4v6bind",
|
||||
"embed ipaddress ipv4_address",
|
||||
"embed byte ipv6_prefix_len",
|
||||
"embed binhex ipv6_prefix_and_options",
|
||||
"define6 93 embed s46_portparams",
|
||||
"embed byte offset",
|
||||
"embed byte psid_len",
|
||||
"embed uint16 psid",
|
||||
"define6 94 embed s46_cont_mape",
|
||||
"encap 89 option",
|
||||
"encap 90 option",
|
||||
"define6 95 embed s46_cont_mapt",
|
||||
"encap 89 option",
|
||||
"encap 91 option",
|
||||
"define6 96 embed s46_cont_lw",
|
||||
"encap 90 option",
|
||||
"encap 92 option",
|
||||
"define6 112 string mudurl",
|
||||
NULL
|
||||
};
|
|
@ -0,0 +1,32 @@
|
|||
/*
|
||||
* dhcpcd - DHCP client daemon
|
||||
* Copyright (c) 2006-2019 Roy Marples <roy@marples.name>
|
||||
* All rights reserved
|
||||
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#define INITDEFINES 124
|
||||
#define INITDEFINENDS 6
|
||||
#define INITDEFINE6S 69
|
||||
|
||||
extern const char * const dhcpcd_embedded_conf[];
|
|
@ -590,6 +590,12 @@ configure_interface1(struct interface *ifp)
|
|||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* If root is network mounted, we don't want to kill the connection
|
||||
* if the DHCP server goes the way of the dodo OR dhcpcd is rebooting
|
||||
* and the lease file has expired. */
|
||||
if (is_root_local() == 0)
|
||||
ifo->options |= DHCPCD_LASTLEASE_EXTEND;
|
||||
}
|
||||
|
||||
int
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd August 28, 2019
|
||||
.Dd September 8, 2019
|
||||
.Dt DHCPCD.CONF 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -454,7 +454,7 @@ Metrics are used to prefer an interface over another one, lowest wins.
|
|||
will supply a default metric of 200 +
|
||||
.Xr if_nametoindex 3 .
|
||||
An extra 100 will be added for wireless interfaces.
|
||||
.It Ic mudurl Ar url
|
||||
.It Ic mudurl Ar url
|
||||
Specifies the URL for a Manufacturer Usage Description (MUD).
|
||||
The description is used by upstream network devices to instantiate any
|
||||
desired access lists.
|
||||
|
@ -725,7 +725,7 @@ DHCP, ND and DHCPv6 allow for the use of custom options, and RFC 3925 vendor
|
|||
options for DHCP can also be supplied.
|
||||
Each option needs to be started with the
|
||||
.Ic define ,
|
||||
.Ic definend,
|
||||
.Ic definend ,
|
||||
.Ic define6
|
||||
or
|
||||
.Ic vendopt
|
||||
|
|
|
@ -653,6 +653,12 @@ if_copyrt(struct dhcpcd_ctx *ctx, struct rt *rt, const struct rt_msghdr *rtm)
|
|||
return -1;
|
||||
}
|
||||
#endif
|
||||
#ifdef RTF_WASCLONED
|
||||
if (rtm->rtm_flags & RTF_WASCLONED) {
|
||||
errno = ENOTSUP;
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
#ifdef RTF_LOCAL
|
||||
if (rtm->rtm_flags & RTF_LOCAL) {
|
||||
errno = ENOTSUP;
|
||||
|
|
|
@ -1065,28 +1065,31 @@ ipv6_getstate(struct interface *ifp)
|
|||
}
|
||||
|
||||
struct ipv6_addr *
|
||||
ipv6_ifanyglobal(struct interface *ifp)
|
||||
ipv6_anyglobal(struct interface *sifp)
|
||||
{
|
||||
struct interface *ifp;
|
||||
struct ipv6_state *state;
|
||||
struct ipv6_addr *ia;
|
||||
|
||||
if (ifp->carrier == LINK_DOWN)
|
||||
return NULL;
|
||||
|
||||
state = IPV6_STATE(ifp);
|
||||
if (state == NULL)
|
||||
return NULL;
|
||||
|
||||
TAILQ_FOREACH(ia, &state->addrs, next) {
|
||||
if (IN6_IS_ADDR_LINKLOCAL(&ia->addr))
|
||||
TAILQ_FOREACH(ifp, sifp->ctx->ifaces, next) {
|
||||
if (ifp != sifp && ip6_forwarding(ifp->name) != 1)
|
||||
continue;
|
||||
/* Let's be optimistic.
|
||||
* Any decent OS won't forward or accept traffic
|
||||
* from/to tentative or detached addresses. */
|
||||
if (!(ia->addr_flags & IN6_IFF_DUPLICATED))
|
||||
break;
|
||||
|
||||
state = IPV6_STATE(ifp);
|
||||
if (state == NULL)
|
||||
continue;
|
||||
|
||||
TAILQ_FOREACH(ia, &state->addrs, next) {
|
||||
if (IN6_IS_ADDR_LINKLOCAL(&ia->addr))
|
||||
continue;
|
||||
/* Let's be optimistic.
|
||||
* Any decent OS won't forward or accept traffic
|
||||
* from/to tentative or detached addresses. */
|
||||
if (!(ia->addr_flags & IN6_IFF_DUPLICATED))
|
||||
return ia;
|
||||
}
|
||||
}
|
||||
return ia;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -1133,7 +1136,7 @@ ipv6_handleifa(struct dhcpcd_ctx *ctx,
|
|||
return;
|
||||
if ((state = ipv6_getstate(ifp)) == NULL)
|
||||
return;
|
||||
anyglobal = ipv6_ifanyglobal(ifp) != NULL;
|
||||
anyglobal = ipv6_anyglobal(ifp) != NULL;
|
||||
|
||||
TAILQ_FOREACH(ia, &state->addrs, next) {
|
||||
if (IN6_ARE_ADDR_EQUAL(&ia->addr, addr))
|
||||
|
@ -1252,7 +1255,7 @@ out:
|
|||
* call rt_build to add/remove the default route. */
|
||||
if (ifp->active && ifp->options->options & DHCPCD_IPV6 &&
|
||||
!(ctx->options & DHCPCD_RTBUILD) &&
|
||||
(ipv6_ifanyglobal(ifp) != NULL) != anyglobal)
|
||||
(ipv6_anyglobal(ifp) != NULL) != anyglobal)
|
||||
rt_build(ctx, AF_INET6);
|
||||
}
|
||||
|
||||
|
@ -2335,7 +2338,7 @@ inet6_raroutes(rb_tree_t *routes, struct dhcpcd_ctx *ctx)
|
|||
}
|
||||
if (rap->lifetime == 0)
|
||||
continue;
|
||||
if (ipv6_ifanyglobal(rap->iface) == NULL)
|
||||
if (ipv6_anyglobal(rap->iface) == NULL)
|
||||
continue;
|
||||
rt = inet6_makerouter(rap);
|
||||
if (rt == NULL)
|
||||
|
|
|
@ -273,7 +273,7 @@ int ipv6_handleifa_addrs(int, struct ipv6_addrhead *, const struct ipv6_addr *,
|
|||
struct ipv6_addr *ipv6_iffindaddr(struct interface *,
|
||||
const struct in6_addr *, int);
|
||||
int ipv6_hasaddr(const struct interface *);
|
||||
struct ipv6_addr *ipv6_ifanyglobal(struct interface *);
|
||||
struct ipv6_addr *ipv6_anyglobal(struct interface *);
|
||||
int ipv6_findaddrmatch(const struct ipv6_addr *, const struct in6_addr *,
|
||||
unsigned int);
|
||||
struct ipv6_addr *ipv6_findaddr(struct dhcpcd_ctx *,
|
||||
|
|
|
@ -1290,7 +1290,7 @@ ipv6nd_handlera(struct dhcpcd_ctx *ctx,
|
|||
}
|
||||
}
|
||||
|
||||
if (new_data && !has_address && rap->lifetime && !ipv6_ifanyglobal(ifp))
|
||||
if (new_data && !has_address && rap->lifetime && !ipv6_anyglobal(ifp))
|
||||
logwarnx("%s: no global addresses for default route",
|
||||
ifp->name);
|
||||
|
||||
|
|
Loading…
Reference in New Issue