Steven Barth [Fri, 29 Jan 2016 06:10:51 +0000 (07:10 +0100)]
Merge pull request #43 from bwhacks/security-fixes
Security/regression fixes
Ben Hutchings [Thu, 28 Jan 2016 22:45:39 +0000 (22:45 +0000)]
Fix end pointer passed from dhcpv6_handle_reply() to dhcpv6_parse_ia()
The end of the IA option is odata + olen; there's no need to add anything.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 22:45:14 +0000 (22:45 +0000)]
Fix regression in entry_to_env()
I broke entry_to_env() by incrementing the wrong variable in commit
a6bbd1d7f5c2 ("Fix potential buffer overflow in entry_to_env").
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Steven Barth [Thu, 28 Jan 2016 19:06:46 +0000 (20:06 +0100)]
Merge pull request #42 from bwhacks/logic-fixes
Logic fixes
Steven Barth [Thu, 28 Jan 2016 15:59:12 +0000 (16:59 +0100)]
Merge pull request #41 from bwhacks/security-fixes
Security fixes
Ben Hutchings [Fri, 22 Jan 2016 19:34:41 +0000 (19:34 +0000)]
Fix iteration after expiring a list entry
After removing an entry, the next entry will be at the same offset as
the entry we just removed. Also the total length will have changed.
Update the length when we remove an entry, and advance the offset only
when we don't.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 20:13:35 +0000 (20:13 +0000)]
Fix script environment variable setting for empty lists
When setting an environment variable as a space-separated list, and
the list is empty, we must not delete the '=' before the value.
In practice putenv() is likely to discard the invalid string, leaving
the variable unset, but this is not guaranteed.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 02:09:47 +0000 (02:09 +0000)]
Add missing option length checks in dhcpv6_handle_advert
These might be redundant with checks elsewhere but it's better to be
safe.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:44:10 +0000 (01:44 +0000)]
Fix potential log forgery via status string
We should not include any control characters from the server status
message when logging it; in particular if we include '\n' this could
result in additional arbitrary log lines. In dhcpv6_log_status_code,
replace all control characters with '?'.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:28:32 +0000 (01:28 +0000)]
Check for unsupported PD exclusion configuration in dhcpv6_parse_ia
We currently only support PD exclusions that only affect bits 64-95 of
the address, so we require:
32 <= PD prefix length < exclusion prefix length <= 64
The first inequality was not validated, and this could result in a
buffer overflow when generating the next request message.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:16:31 +0000 (01:16 +0000)]
Fix memory leak in dhcpv6_add_server_cand in case odhcp6c_insert_state fails
If we fail to store information from the new server, the associated
NA and PD options will never be freed. An attacker could use this
for denial-of-service.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:14:04 +0000 (01:14 +0000)]
Change odhcp6c_insert_state to return a success/failure indicator
Some callers will need to free resources on failure.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 00:49:22 +0000 (00:49 +0000)]
Fix possible stack buffer overflow in s46_to_env when copying IPv6 prefixes
An 8-bit prefix-length field can be as large as 255, but values larger
than 128 will result in a buffer overflow when copying to in6.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 19:07:52 +0000 (19:07 +0000)]
Fix off-by-one in buffer length in int_to_env
We need to allow for '=', negative sign, 10 digits and the null
terminator, adding up to 13 bytes not 12.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 18:02:04 +0000 (18:02 +0000)]
Fix potential buffer overflow in entry_to_env
It appears that an entry of type ENTRY_PREFIX with iaid != 1 and an
exclusion can expand to a string of length up to 154 bytes, whereas we
allocate only 144 bytes per entry.
Also, in case of truncation, snprintf() returns the length of the
un-truncated output so we must not use this to increment buf_len.
Finally some of the lengths given to snprintf() are unnecessarily
generous. Reduce them so we don't have to increase the allocated
length per entry further.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 20:15:31 +0000 (20:15 +0000)]
Avoid copying buffer after dn_expand() fails
If dn_expand() returns an error we could copy from an uninitialised
output buffer or append the previous domain name again.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Steven Barth [Tue, 26 Jan 2016 19:29:01 +0000 (20:29 +0100)]
Merge pull request #40 from dedeckeh/bugfixes
script: Launch script with correct action if last script call is terminated
Hans Dedecker [Tue, 26 Jan 2016 08:20:33 +0000 (09:20 +0100)]
script: Launch script with correct action if last script call is terminated
Actions launched as resume will be used in a next script_call
if the new action is not marked as resume even when the previous
script run was already terminated.
This behavior is particular visible when a RA is received as
the script will run with action bound and not ra-updated
resulting into a wan6 interface down/up transition
Steven Barth [Mon, 27 Jul 2015 13:39:11 +0000 (15:39 +0200)]
odhcp6c: sync and accumulate RA & DHCPv6 events correctly
Steven Barth [Mon, 13 Jul 2015 14:15:52 +0000 (16:15 +0200)]
Merge pull request #37 from themiron/master
Avoid solicit for zero-length prefix
Vladislav Grishenko [Mon, 13 Jul 2015 13:12:41 +0000 (18:12 +0500)]
Merge branch 'upstream'
Steven Barth [Mon, 13 Jul 2015 10:38:42 +0000 (12:38 +0200)]
dhcpv6: remove dead code
Vladislav Grishenko [Sun, 12 Jul 2015 12:02:30 +0000 (17:02 +0500)]
Avoid solicit for zero-length prefix
Steven Barth [Tue, 9 Jun 2015 12:04:59 +0000 (14:04 +0200)]
dhcpv6: clear CUSTOM_OPTS in a more sane manner
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sat, 16 May 2015 07:28:01 +0000 (09:28 +0200)]
Fix LW4over6 parameter handling
Steven Barth [Sat, 25 Apr 2015 16:49:59 +0000 (18:49 +0200)]
Merge pull request #33 from themiron/master
Avoid of waiting for Advertise in stateless-only mode
Vladislav Grishenko [Sat, 25 Apr 2015 15:52:57 +0000 (20:52 +0500)]
Avoid of waiting for Advertise in stateless-only mode
Start with Information-request when configured not to ask
IA_NA/IA_PD. It allows to complete the exchange using only
two messages, instead of four, and fixes infinite Advertise
waiting loop with servers that just ignore Solicit messages.
Steven Barth [Mon, 20 Apr 2015 09:59:56 +0000 (11:59 +0200)]
Fixup INF_MAX_RT for RFC 3315 as well
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Mon, 20 Apr 2015 09:16:21 +0000 (11:16 +0200)]
Fix SOL_MAX_RT default value to match RFC 3315
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Wed, 15 Apr 2015 13:02:55 +0000 (15:02 +0200)]
example: actually chmod new resolv.conf after overwriting
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Wed, 15 Apr 2015 12:55:57 +0000 (14:55 +0200)]
ra: avoid saving an empty search domain entry
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Tue, 14 Apr 2015 06:24:44 +0000 (08:24 +0200)]
scan-code fixes
Steven Barth [Mon, 13 Apr 2015 12:48:52 +0000 (14:48 +0200)]
Improve handling of DNS search domains
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sun, 12 Apr 2015 12:02:59 +0000 (14:02 +0200)]
Fix odhcp6c_find_entry
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sun, 12 Apr 2015 07:15:22 +0000 (09:15 +0200)]
Remove obsolete prefix class support
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Fri, 10 Apr 2015 11:31:56 +0000 (13:31 +0200)]
Sanitize RA values less
Steven Barth [Fri, 10 Apr 2015 11:19:44 +0000 (13:19 +0200)]
Pass ICMP configuration to user-space instead of directly applying it
Steven Barth [Thu, 9 Apr 2015 08:16:02 +0000 (10:16 +0200)]
Update README
Steven Barth [Thu, 9 Apr 2015 07:51:39 +0000 (09:51 +0200)]
script: don't resolve AFTR since DNS won't be applied yet anyway
Signed-off-by: Steven Barth <steven@midlink.org>
John Crispin [Sat, 28 Mar 2015 16:58:44 +0000 (17:58 +0100)]
properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>
Felix Fietkau [Sun, 29 Mar 2015 02:35:17 +0000 (04:35 +0200)]
ra: use proper struct msghdr initializer to fix build error on musl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Steven Barth [Wed, 25 Mar 2015 18:23:59 +0000 (19:23 +0100)]
make route metric more compatible with linux defaults
Steven Barth [Wed, 11 Mar 2015 09:06:54 +0000 (10:06 +0100)]
Get rid of getifaddrs for interface ID detection
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Tue, 17 Feb 2015 17:43:35 +0000 (18:43 +0100)]
Merge pull request #30 from themiron/master
Fix handling of DHCPv6 replies containing unrequested IA_NA/IA_PD options
Vladislav Grishenko [Tue, 17 Feb 2015 17:28:45 +0000 (22:28 +0500)]
Fix handling of DHCPv6 replies containing unrequested IA_NA/IA_PD options
Steven Barth [Tue, 17 Feb 2015 13:41:04 +0000 (14:41 +0100)]
example: prevent script from running in parallel to avoid races
Steven Barth [Tue, 13 Jan 2015 08:36:42 +0000 (09:36 +0100)]
set default information refresh time to 86400 as per RFC 4242
Steven Barth [Tue, 6 Jan 2015 13:29:47 +0000 (14:29 +0100)]
README: adjust for a bit of feature creep
Steven Barth [Wed, 31 Dec 2014 14:49:47 +0000 (15:49 +0100)]
Merge pull request #28 from janakj/master
Minor help string clarification for client-ID
Jan Janak [Wed, 31 Dec 2014 14:22:35 +0000 (15:22 +0100)]
Minor help string clarification for client-ID
Document that the value of -c must be a 16-bit type (network byte order) followed by a client-ID value.
For example, to use a UUID based client-ID (type 4, RFC 6355) one could use the following cmdline option:
-c0004<128_bit_uuid_in_hex>
Steven Barth [Wed, 10 Dec 2014 10:40:40 +0000 (11:40 +0100)]
Avoid sending empty DHCPv6 release messages
Steven Barth [Wed, 10 Dec 2014 10:38:20 +0000 (11:38 +0100)]
Don't apply excess filter to DHCPv6 and unify odhcp6c_update_entry
Steven Barth [Sun, 30 Nov 2014 19:25:45 +0000 (20:25 +0100)]
More compatibility with non RFC-compliant servers
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Fri, 28 Nov 2014 09:20:35 +0000 (10:20 +0100)]
Cleanup pidfile-gerneration
Steven Barth [Fri, 28 Nov 2014 00:36:44 +0000 (01:36 +0100)]
Be less picky when erroring out due to strange IA status-codes
Steven Barth [Fri, 28 Nov 2014 00:29:59 +0000 (01:29 +0100)]
Fix initial delay of SOLICIT message
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Tue, 18 Nov 2014 09:36:06 +0000 (10:36 +0100)]
Fix msghdr initialization on musl
Steven Barth [Tue, 18 Nov 2014 09:25:22 +0000 (10:25 +0100)]
Be less verbose by default and add -v flag
Steven Barth [Thu, 13 Nov 2014 11:54:54 +0000 (12:54 +0100)]
update cer-id definition
Steven Barth [Sat, 25 Oct 2014 10:37:01 +0000 (12:37 +0200)]
softwires: avoid unnecessary allocations
sbyx [Fri, 10 Oct 2014 14:25:10 +0000 (16:25 +0200)]
Merge pull request #24 from themiron/master
Fix parsing empty IA_NA, IA_PD and invalid IA_ADDR options
Vladislav Grishenko [Fri, 10 Oct 2014 12:18:42 +0000 (18:18 +0600)]
Fix parsing empty IA_NA, IA_PD and invalid IA_ADDR options
sbyx [Wed, 8 Oct 2014 13:59:44 +0000 (15:59 +0200)]
Merge pull request #23 from dedeckeh/bugfixes
odhcp6c: Set bound state true before script_call in statefull mode
Hans Dedecker [Wed, 8 Oct 2014 13:43:21 +0000 (15:43 +0200)]
odhcp6c: Set bound state true before script_call in statefull mode
Steven Barth [Wed, 8 Oct 2014 13:02:27 +0000 (15:02 +0200)]
script: don't leak IA_PD / IA_NA if not yet bound
Steven Barth [Wed, 8 Oct 2014 09:57:07 +0000 (11:57 +0200)]
Ensure signal-safety of signal handlers
Steven Barth [Mon, 6 Oct 2014 08:29:43 +0000 (10:29 +0200)]
Export DHCPv6 server address to env
Steven Barth [Sat, 27 Sep 2014 16:54:43 +0000 (18:54 +0200)]
Send RS alternatingly with and without source MAC
Steven Barth [Mon, 25 Aug 2014 06:08:56 +0000 (08:08 +0200)]
Enable softwire-support by default
Steven Barth [Fri, 22 Aug 2014 14:09:34 +0000 (16:09 +0200)]
Also test for correct IA-ID for IA_NA
Steven Barth [Fri, 22 Aug 2014 14:07:37 +0000 (16:07 +0200)]
ia_na: use big-endian 1 as IAID
Steven Barth [Wed, 13 Aug 2014 11:30:42 +0000 (13:30 +0200)]
Remove BFD from master-branch (kept in BFD-branch)
Steven Barth [Mon, 21 Jul 2014 10:10:38 +0000 (12:10 +0200)]
Send router solicitations with source link-layer address
Steven Barth [Fri, 30 May 2014 14:51:22 +0000 (16:51 +0200)]
Filter FQDN as well
Steven Barth [Fri, 30 May 2014 14:49:05 +0000 (16:49 +0200)]
Improve filter
Steven Barth [Fri, 23 May 2014 06:29:34 +0000 (08:29 +0200)]
filter DNS-domain from passthru
Steven Barth [Fri, 23 May 2014 06:15:49 +0000 (08:15 +0200)]
Add support for DHCPv6 option passthru
Steven Barth [Thu, 8 May 2014 09:12:43 +0000 (11:12 +0200)]
Add MAPE / MAPT / LW4O6 to Readme
Steven Barth [Thu, 8 May 2014 09:06:32 +0000 (11:06 +0200)]
softwire: fix DMR parsing
Steven Barth [Wed, 30 Apr 2014 15:49:32 +0000 (17:49 +0200)]
Fix compiler warning
Steven Barth [Wed, 30 Apr 2014 15:46:02 +0000 (17:46 +0200)]
MAP: export type value in rules
Steven Barth [Wed, 30 Apr 2014 15:39:15 +0000 (17:39 +0200)]
Fix MAP parameter parsing
Steven Barth [Mon, 28 Apr 2014 17:39:10 +0000 (19:39 +0200)]
Ignore multiple MAP-E instances for now and output DMR / BR for every rule
Steven Barth [Mon, 28 Apr 2014 09:37:13 +0000 (11:37 +0200)]
Initial support for MAP & LW4O6 provisioning
Steven Barth [Wed, 9 Apr 2014 06:56:01 +0000 (08:56 +0200)]
Fix fallout
Steven Barth [Wed, 9 Apr 2014 06:47:53 +0000 (08:47 +0200)]
Revert "Revert to old behaviour regarding information requests"
This reverts commit
c98181c4a48c57e405effd1dc9046aaaee6d480f.
sbyx [Thu, 3 Apr 2014 20:51:09 +0000 (22:51 +0200)]
Merge pull request #19 from dedeckeh/bugfixes
Add user-class option in help text and minor clean up
Hans Dedecker [Wed, 2 Apr 2014 20:30:48 +0000 (22:30 +0200)]
Add user-class option in help text and minor clean up
Steven Barth [Tue, 1 Apr 2014 10:07:28 +0000 (12:07 +0200)]
Correctly clear CER
Steven Barth [Tue, 1 Apr 2014 09:50:53 +0000 (11:50 +0200)]
Don't disable looping (meh)
Steven Barth [Sun, 30 Mar 2014 17:51:56 +0000 (19:51 +0200)]
Add initial support for CER-ID
Steven Barth [Mon, 24 Mar 2014 08:37:36 +0000 (09:37 +0100)]
Stop rebinding when all IAs are lost
Steven Barth [Tue, 18 Mar 2014 13:39:22 +0000 (14:39 +0100)]
Fix building with clang 3.4
Steven Barth [Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)]
Fix HMAC-MD5 verify in reconfigure
Steven Barth [Fri, 7 Mar 2014 09:33:49 +0000 (10:33 +0100)]
fix integer overflow after 50 days (thx Hauke Mehrtens)
Steven Barth [Wed, 5 Mar 2014 08:11:24 +0000 (09:11 +0100)]
ra: don't set nd_ra_{reachable,retransmit} to 0
Steven Barth [Wed, 5 Mar 2014 08:06:29 +0000 (09:06 +0100)]
Set default for min-update-interval to 30
sbyx [Tue, 4 Mar 2014 17:21:04 +0000 (18:21 +0100)]
Merge pull request #18 from kaspar030/rebase
add option to specify minimum interval for accepting RA or DHCP updates.
Kaspar Schleiser [Tue, 4 Mar 2014 15:29:02 +0000 (16:29 +0100)]
add option to specify minimum interval for accepting RA or DHCP updates.
This was fixed to 60s. Add '-m <seconds>' option to change default time.
Steven Barth [Sat, 1 Mar 2014 12:31:33 +0000 (13:31 +0100)]
Fix invalid use of open()