Commit Graph

1210 Commits

Author SHA1 Message Date
drochner bd39bacef7 avoid NULL dereference in error case 2010-09-12 16:04:57 +00:00
jakllsch c77ac47598 Make the EtherIP in IPv6 input path work.
XXX: Figure out if we really need a separate protosw for IPv6.
2010-08-24 00:07:00 +00:00
joerg 0253fb8bf4 Remove stray { 2010-08-20 16:38:16 +00:00
joerg 0e26070ea9 Consider a mapped IPv4 address of 0.0.0.0 as unspecified. This allows
using mapped IPv4 address with connect without preceding bind.
2010-08-20 15:01:11 +00:00
jym f3fb0a5620 Fix some code paths where pointers are dereferenced after checking that
they are NULL (oops?)

XXX pull-ups for NetBSD-4 and NetBSD-5.
2010-08-14 18:28:59 +00:00
jakllsch 8688cfe5da Make MRT6DEBUG compile on LP64 by using ptrdiff_t printf() format specifier. 2010-07-27 13:59:40 +00:00
dyoung a055a1e00a Under some circumstances, udp6_output() would call ip6_clearpktopts()
with an uninitialized struct ip6_pktopts on the stack, opt.
ip6_clearpktopts(&opt, ...) could dereference dangling pointers,
leading to memory corruption or a crash.  Now, udp6_output() calls
ip6_clearpktopts(&opt, ...) only if opt was initialized. Thanks to
Clement LECIGNE for reporting this bug.

Fix a potential memory leak: it is udp6_output()'s responsibility
to free its mbuf arguments on error.  In the unlikely event that
sa6_embedscope() failed, udp6_output() would not free its mbuf
arguments.

I will ask for this to be pulled up to -4, -5, and -5-0.
2010-07-15 23:46:55 +00:00
dyoung c0d48690b2 To help find the cause of kernel complaints such as "/netbsd:
nd6_storelladdr: sdl_alen == 0, dst=... if=wm1", add printfs for some
"impossible" conditions, and make the nd6_storelladdr() printf more
informative by printing the value of sdl_alen.
2010-07-15 19:15:30 +00:00
dyoung 597c5734cd Remove unnecessary casts from struct route * to struct route *. 2010-07-08 01:22:28 +00:00
dyoung 44c56ddcb9 Sprinkle const to prevent rip6_output() from re-assigning all but one of
its arguments.
2010-07-08 01:13:01 +00:00
dyoung ff06028902 Sprinkle 'const' to prevent udp6_output() from reassigning all but one
of its arguments.
2010-07-08 00:12:35 +00:00
dyoung cb401b7946 When choosing IPv6 source addresses, respect the ifaddr preference
level such as one might set with 'ifconfig xx0 inet6 <address>
preference <pref>'.  I've been running this for many months without
any problems.
2010-04-22 20:05:15 +00:00
oki 304292d4c5 ip6_sprintf: compress the zeros of representation of the IPv6 address.
see RFC4291 section 2.2 item 2.
2010-04-07 22:59:15 +00:00
joerg 58e867556f Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf
check into the inline functions as well the fourth argument for
bpf_attach.
2010-04-05 07:19:28 +00:00
joerg 3d7916e198 Explicitly include opt_gateway.h when depending on GATEWAY. 2010-02-04 21:48:11 +00:00
pooka b014350f7f Redefine bpf linkage through an always present op vector, i.e.
#if NBPFILTER is no longer required in the client.  This change
doesn't yet add support for loading bpf as a module, since drivers
can register before bpf is attached.  However, callers of bpf can
now be modularized.

Dynamically loadable bpf could probably be done fairly easily with
coordination from the stub driver and the real driver by registering
attachments in the stub before the real driver is loaded and doing
a handoff.  ... and I'm not going to ponder the depths of unload
here.

Tested with i386/MONOLITHIC, modified MONOLITHIC without bpf and rump.
2010-01-19 22:08:16 +00:00
elad 2faaca9342 Collapse identical switch cases. 2009-12-30 23:23:58 +00:00
joerg 1a57a79dcb Clear cksum flags before any further processing like ip_forward does.
Many drivers set the UDP/TCP v4 flags even for v6 traffic and if the
packet is encapsulated with gif, the IPv6 header would get corrupted by
ip_output. Patch suggested by bad@
2009-11-11 22:19:22 +00:00
dyoung 2421a1af93 Fix net.inet6.ip6.accept_rtadv and 'ndp -i <interface> accept_rtadv':
Add a flag ND6_IFF_OVERRIDE_RTADV that tells the kernel to override
ip6_accept_rtadv (net.inet6.ip6.accept_rtadv) on an interface.

Add a routine nd6_accepts_rtadv(ndi) that evaluates both the flags
on the interface represented by ndi and ip6_accept_rtadv, and
returns 'true' if the given interface should accept Router
Advertisements, and 'false' if not.

Now, ND6_IFF_ACCEPT_RTADV works as it was historically documented:
if it is set, then accept router advertisements iff ip6_accept_rtadv
!= 0.  Otherwise, do not accept router advertisements.

If ND6_IFF_OVERRIDE_RTADV is set, then the flag ND6_IFF_ACCEPT_RTADV
overrides ip6_accept_rtadv: if ND6_IFF_ACCEPT_RTADV is set, accept;
otherwise reject.  Ignore ip6_accept_rtadv.

If neither ND6_IFF_ACCEPT_RTADV nor ND6_IFF_OVERRIDE_RTADV is set,
reject Router Advertisements.
2009-11-06 20:41:22 +00:00
christos 981156292d fix the sun2 case for real. 2009-10-18 22:57:05 +00:00
christos e1d5a1ca51 unbreak sun2. 2009-10-12 22:32:23 +00:00
christos c0bc5ed834 backout the changes that establish a workqueue to synchronize the addresses
for arg and gre because they cause a race condition by calling ioctl() during
interface initialization. To make this work correctly we would need to
synchronize all interface init routines.
2009-09-19 13:11:02 +00:00
pooka 11281f01a0 Replace a large number of link set based sysctl node creations with
calls from subsystem constructors.  Benefits both future kernel
modules and rump.

no change to sysctl nodes on i386/MONOLITHIC & build tested i386/ALL
2009-09-16 15:23:04 +00:00
dyoung c5d5f7697a Make ifconfig(8) set and display preference numbers for IPv6
addresses.  Make the kernel support SIOC[SG]IFADDRPREF for IPv6
interface addresses.

In in6ifa_ifpforlinklocal(), consult preference numbers before
making an otherwise arbitrary choice of in6_ifaddr.  Otherwise,
preference numbers are *not* consulted by the kernel, but that will
be rather easy for somebody with a little bit of free time to fix.

Please note that setting the preference number for a link-local
IPv6 address does not work right, yet, but that ought to be fixed
soon.

In support of the changes above,

1 Add a method to struct domain for "externalizing" a sockaddr, and
  provide an implementation for IPv6.  Expect more work in this area: it
  may be more proper to say that the IPv6 implementation "internalizes"
  a sockaddr.  Add sockaddr_externalize().

2 Add a subroutine, sofamily(), that returns a struct socket's address
  family or AF_UNSPEC.

3 Make a lot of IPv4-specific code generic, and move it from
  sys/netinet/ to sys/net/ for re-use by IPv6 parts of the kernel and
  ifconfig(8).
2009-09-11 22:06:29 +00:00
dyoung 21904877ab Nothing uses sockaddr_in6_cmp() right now, and the generic
sockaddr_cmp() is probably as fast or faster than calling
sockaddr_in6_cmp() through a function pointer, so let's stop
compiling it.
2009-09-11 20:10:06 +00:00
yamt 7dc10fea3d nd6_ifattach: fix a missing parens bug in rev.1.132. 2009-08-31 12:37:59 +00:00
tsutsui 1b5375c235 Fix error on kernels with options IPSEC without options IPSEC_ESP.
Found on building evbppc/conf/PMPPC.
2009-08-21 16:52:43 +00:00
seanb edb4329e21 - Newer gcc was throwning a 'dereferencing type-punned pointer will
break strict-aliasing rules' warning against IN6_IS_ADDR_* macros
  at -O2 -Wall.
2009-08-19 18:52:48 +00:00
cegger 549d6a10af buildfix: if_indexlim is of type size_t 2009-08-13 09:04:03 +00:00
dyoung 94981d88f4 Postpone to a workqueue adding link-local and loopback IPv6 addresses
to an interface.  This keeps the kernel from entering ifp->if_ioctl
recursively, which can deadlock if if_ioctl takes locks.  This will
fix deadlocks & LOCKDEBUG errors in agr(4) (kern/39940) and in
gre(4).
2009-08-13 00:34:04 +00:00
cegger 302b7dbb45 Check if ndi is valid before use.
ok tonnerre@
2009-08-06 12:17:11 +00:00
dyoung bb61b3608a Use malloc(...|M_ZERO) instead of malloc(...) followed by memset(,0,). 2009-08-04 22:04:23 +00:00
dyoung 59b8f11a8b Fix typo in comment, s/SIOCSIFADDR/SIOCINITIFADDR/. 2009-07-30 17:28:36 +00:00
tonnerre 5d2cc68d22 Instead of using the net.inet6.ip6.accept_rtadv sysctl for all devices,
make net.inet6.ip6.accept_rtadv the default for individual per-device
settings so people can use the ndp(8) utility to set per-device whether
or not to accept route advertisements.

rtadvd changes to follow.

(Debated on tech-net@ before but almost two weeks passed by without any
comment on the patch.)
2009-07-25 23:12:09 +00:00
pooka 7aa04865ab POOL_INIT -> pool_init 2009-05-26 00:17:56 +00:00
pooka 21e6fa78da Remove declaration of unused extern struct ifnet loif[NLOOP], which
was already removed once, but brought back in a wholesale import.
While here, mop up the #ifdef __SomeotherOS__ noise.
2009-05-25 22:49:23 +00:00
elad 29c3cf04e6 Remove "privileged" variable, perform the kauth(9) call before we go into
splnet() for the privileged commands. Privileged commands were marked as
such for clarity.

Mailing list reference:

	http://mail-index.netbsd.org/tech-net/2009/05/08/msg001283.html
2009-05-12 23:01:26 +00:00
elad b15203315e Implicit EPERM -> explicit EACCES.
Requested by ad@ and yamt@.
2009-05-12 22:22:46 +00:00
elad d4ee4ec689 Remove some more "priv" variable usage in favor of kauth(9) calls. 2009-05-07 21:51:47 +00:00
elad 4188b89914 Remove some usage of "priv" and "privileged" variables and instead pass
around credentials. Also push down kauth(9) calls closer to where the
operation is done.

Mailing list reference:

	http://mail-index.netbsd.org/tech-net/2009/04/30/msg001270.html
2009-05-06 21:41:59 +00:00
elad 996746c20d Replace wrong __UNCONST() use with a local variable.
Similar to issues pointed out by bouyer@ and forgotten by me when I did
the last commit.

Should fix issues reported on current-users@ in:

    http://mail-index.netbsd.org/current-users/2009/05/02/msg009273.html
2009-05-02 18:58:03 +00:00
martin 6a887ea20a Add missing paranthesis - from Kurt Lidl in PR port-vax/41316 2009-05-01 03:23:39 +00:00
elad 3c1f169a59 Commit changes to netinet6/in6_src.c, forgot in previous commit:
http://mail-index.netbsd.org/source-changes/2009/04/30/msg220547.html

Make in_pcbsetport() set the port number selected before passing "sin" to
kauth(9).
2009-04-30 20:26:09 +00:00
elad ddcbe0e1dd - Make in6_pcbbind_{addr,port}() static
- Properly authorize port binding in in_pcbsetport() and in6_pcbsetport()

- Pass struct sockaddr_in6 to in6_pcbsetport() instead of just the address,
  so that we have a more complete context

- Adjust udp6_output() to craft a sockaddr_in6 as it calls in6_pcbsetport()

- Fix an issue in in_pcbbind() where we used the "dom_sa_any" pointer and
  not a copy of it, pointed out by bouyer@, thanks!

Mailing list reference:

	http://mail-index.netbsd.org/tech-net/2009/04/29/msg001259.html
2009-04-30 18:18:34 +00:00
elad 3a272cca86 Only check if the port is used if it was specified.
Should fix problem reported in

    http://mail-index.netbsd.org/current-users/2009/04/22/msg009130.html
2009-04-22 18:35:01 +00:00
elad b7a329340e Replace KAUTH_GENERIC_ISSUSER with a better alternative. 2009-04-20 19:57:18 +00:00
elad e75a3b5e33 Extract in6_pcbbind()'s guts into two new routines: in6_pcbbind_addr() and
in6_pcbbind_port(), used for binding to an address and a port respectively.

While here, fix a possible "leak" of an in6pcb when binding to an address
succeeded but binding to an auto-assigned port failed.

Proposed and received no objections on tech-net@:

	http://mail-index.netbsd.org/tech-net/2009/04/15/msg001223.html
2009-04-20 18:14:30 +00:00
tsutsui d779b85d3e Remove extra whitespace added by a stupid tool.
XXX: more in src/sys/arch
2009-04-18 14:58:02 +00:00
drochner 40629b1267 fix traversing of a control mbuf in the case that a message len
is not aligned wrt CMSG_ALIGN - the length counter drops below 0
in this case which was not checked for,
fixes crashes (with isc_dhcrelay4) reported by Uwe in tech-net
(subject: netbsd5-rc3 crash caused by isc_dhcrelay)
2009-04-18 12:40:52 +00:00
elad d91dbb36b0 Don't set sin->sin_port and sin6->sin6_port to 0 before calling
ifa_ifwithaddr(), as we no longer do a byte compare on the entire struct.

Reviewed by and okay from dyoung@.
2009-04-14 21:25:20 +00:00