Hans Dedecker [Thu, 3 Dec 2020 20:10:20 +0000 (21:10 +0100)]
dhcpv6: fix printing identity association id
Fix endian issue when printing the identity association id
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 30 Nov 2020 21:10:09 +0000 (22:10 +0100)]
dhcpv6: avoid sending continuous renew/rebind messages
If any of the IAs is not present in the Reply message in response
to a Renew/Rebind message don't set t1 to one second.
This will cause a continuous sending of Renew messages every second
if the DHCP server does not include all IAs in the Reply message.
Instead continue the normal retransmission time as if the Reply
message is not received as specified in RFC8415 §18.2.10.1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 28 Nov 2020 20:01:47 +0000 (21:01 +0100)]
dhcpv6: add extra syslog info traces
Add extra syslog info traces for debug purposes which are only enabled
when the verbose option is specified
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Alin Nastac [Thu, 15 Oct 2020 15:12:15 +0000 (17:12 +0200)]
odhcp6c_find_entry: exclude priority from the list of fields that must match
Priority of an entry can vary from one RA to another, but the entry
identity should be the same regardless of the priority declared in the
RA message handled in ra_process() at a time.
CDRouter for instance tests compliance of the device to requirement
G-5 of RFC 7084 by provisioning initially the CPE with a valid default
route that has a medium preference after which it sends a low preference
RA with lifetime 0 to check that CPE will start sending RAs with
lifetime 0 on the LAN side. Because odhcp6c didn't matched the low
precedence default router entry with the odhcp6c_entry that was
previously stored with medium precedence, it will fail to remove the
existing STATE_RA_ROUTE default route, hence preventing odhcpd from
advertising RAs with lifetime 0 to LAN.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Hans Dedecker [Sat, 28 Mar 2020 19:47:18 +0000 (20:47 +0100)]
ra: fix sending router solicitations
Only stop sending router solicitations when a RA is received with a
valid router lifetime as specified in RFC4861 §6.3.7
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rosen Penev [Wed, 25 Mar 2020 23:15:25 +0000 (16:15 -0700)]
odhcp6c: fix compilation with musl 1.2.0
SYS_clock_gettime is gone with musl 1.2.0. Switch to using the normal
function.
This was done back in the day when uClibc was used when librt was
separate.
Removed struct initialization since it gets written to right after.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 6 Sep 2019 20:09:29 +0000 (22:09 +0200)]
dhcpv6: sanitize oro options
Remove SOL_MAX_RT and INF_MAX_RT from the non-strict oro option
array as both options will be added anyway by the required oro
option array
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 11 Jan 2019 14:02:11 +0000 (15:02 +0100)]
odhcp6c: align further with RFC8415
Align acceptable options in the ORO list further with RFC8415; where
appropriate add send option support for the newly added options.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 11 Jan 2019 09:25:12 +0000 (10:25 +0100)]
dhcpv6: avoid parsing unncessary IAs
Don't parse IA_NA/IA_PD options if either na_mode or pd_mode is set
to IA_MODE_NONE
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 11 Jan 2019 09:16:54 +0000 (10:16 +0100)]
dhcpv6: set cnt to correct IOV enum
Make the code less error prone by setting cnt to IOV_HDR_IA_NA when
sending an INFORMATION REQUEST message
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 11 Jan 2019 08:49:27 +0000 (09:49 +0100)]
dhcpv6: get rid of request_prefix
Get rid of the variable request_prefix as it serves no purpose anymore
and even triggers wrong code in dhcpv6_send by setting cnt to 12 which
is an invalid msg_iovlen index
Where appropriate request_prefix check can be replaced by checking the
pd_mode variable.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 9 Jan 2019 10:38:14 +0000 (11:38 +0100)]
dhcpv6: sanitize option request list
By config statefull options can be specified for the option request
list which will be included in DHCPv6 INFORMATION request messages.
Obviously this is wrong as both RFC3315 and RFC8415 specify no
statefull options must be included in stateless mode.
In RFC8415 Table 4 specifies the options which can be included in
the option request list and which options are required to be requested
in some messages.
This commit extends the option table with flags indicating which options
may be included in the option request list.
On top the client adds by default the options 32/82/83 as they're
required to be sent depending on the message.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Adrian Friedli [Wed, 11 Jul 2018 20:32:41 +0000 (22:32 +0200)]
odhcp6c: add option to ignore Server Unicast option
Add option -U to ignore Server Unicast option and force odhcp6c to use
the multicast address. This allows a workaround for broken setups.
Signed-off-by: Adrian Friedli <adi@koalatux.ch>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 20 Jun 2018 12:42:11 +0000 (14:42 +0200)]
odhcp6c: remove len check in option parsing handle
Replace len check by checking src to determine end of option data in the
different option data handlers.
This will make Coverity happy as reported in CID1437049, CID1430905,
CID1430898 and CID1430848
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 8 Jun 2018 14:29:50 +0000 (16:29 +0200)]
odhcp6c: add support for user string options
Support user defined options having a string as option value.
The option value is detected as a string if it starts and ends with
either a double or single quote.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sun, 29 Apr 2018 20:30:00 +0000 (22:30 +0200)]
ra: always trigger update in case of RA parameter change
Always launch a ra-updated event in case the RA hoplimit/mtu/reachable/
retransmit parameters change
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 21 Apr 2018 11:40:29 +0000 (13:40 +0200)]
dhcpv6: fix strncpy bounds
Fixes dhcpv6.c:138:2: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation] strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 5 Apr 2018 14:51:19 +0000 (16:51 +0200)]
script: fix possible negative delay
Fix delay becoming negative when killing a running script
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 5 Apr 2018 09:55:50 +0000 (11:55 +0200)]
dhcpv6: always trigger script update in case of IA updates
Trigger a script update when IAs have been updated during a reply in reponse
to to either a renew/rebind.
This will make sure new IAs assigned by the DHCPv6 server are published via
a script update.
This covers the following scenario:
-Prefix A is assigned by DHCPv6 server
-Prefix A is renewed but the DHCPv6 server does not include prefix A in
the reply but assigns a new prefix B.
-Prefix B is published via the update script while renews for prefix A
will still be sent
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 2 Apr 2018 19:09:16 +0000 (21:09 +0200)]
ra: rework route information option handling
Use struct icmpv6_opt_route_info to parse the route information option;
improve route information option sanity checks.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 31 Mar 2018 16:57:45 +0000 (18:57 +0200)]
odhcp6c: improve code readibility
Improve code readibility by always checking the sep variable for end of
option data in the different option data parsing functions.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 27 Mar 2018 19:00:08 +0000 (21:00 +0200)]
treewide: improve error handling
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 27 Mar 2018 19:00:08 +0000 (21:00 +0200)]
dhcpv6: initialize ifreq struct
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 27 Mar 2018 18:49:40 +0000 (20:49 +0200)]
ra: handle socket fail creation
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 27 Mar 2018 18:45:04 +0000 (20:45 +0200)]
odhcp6c: fix file pointer leakage
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 16 Jan 2018 12:16:09 +0000 (13:16 +0100)]
dhcpv6: rework option passthrough logic
Options are not added to the passthru state depending on the option code
check. Rework this logic by defining the flag OPT_NO_PASSTHRU which is set
for options in the opts table; when constructing the passthru state the
option is added if the flag is not set.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 16 Jan 2018 10:11:04 +0000 (11:11 +0100)]
odhcp6c: rework userclass and vendorclass command handling
Remove the userclass and vendorclass states; add the userclass and
vendorclass options specified via commands to the OPTS state which
contains the user specified options to be sent.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 11 Jan 2018 15:31:57 +0000 (16:31 +0100)]
odhcp6c: add -x opt:val support
Add -x opt:val command support which allows to add options in sent packets.
The opt argument can be either specified as a string for well known options,
a decimal or a base-16 encoded value.
For some well-known options val will be parsed according to the data format
specified in the corresponding RFCs.
Supported well-know options are :
authentication (option 11) : stream of base-16 encoded bytes
userclass (option 15) : array of strings
vendorclass (option 16) : stream of base-16 encoded bytes
dns (option 23) : array of IPv6 addresses
search (option 24) : Domain name
sntpservers (option 31) : array of IPv6 addresses
ntpserver (option 56) : stream of base-16 encoded bytes
sipserver_d (option 21) : Domain name
sipserver_a (option 22) : array of IPv6 addresses
The val array elements can be separated by either a white space, comma or tab.
The val for non well-known options is a stream of base-16 encoded bytes.
Config examples :
-x sntpservers:3001:3001::1,3001:3001::2
-x 11:
00000000000000000000006674692F
-x 0x3e8:ABCDEF
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 13 Jan 2018 20:28:32 +0000 (21:28 +0100)]
treewide: update copyrights to 2018
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 13 Jan 2018 18:09:53 +0000 (19:09 +0100)]
odhcp6c: let odhcp6c_add_state return a success/failure indication
This will allow callers of odhcp6_add_state parsing a command line option :
generate a syslog error in case of failure
bail out with return an error code
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 3 Jan 2018 09:47:32 +0000 (10:47 +0100)]
Revert "odhcp6c: Replace strerror(errno) with %m"
The code is ISO C source enforced by the usage of the pedantic compile
option; using %m triggers the compiler warning "error: ISO C does not
support the '%m' gnu_printf format [-Werror=format=]" which breaks
compilation due to Werror being set set.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rosen Penev [Mon, 25 Dec 2017 23:05:13 +0000 (15:05 -0800)]
odhcp6c: Replace strerror(errno) with %m
Reduction of 48 bytes in compiled size. No functional difference.
-pedantic was removed as %m is a GNU extension.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hans Dedecker [Thu, 31 Aug 2017 15:03:02 +0000 (17:03 +0200)]
ra: align RA update interval with RFC4861 (FS#964)
RFC4861 paragraph 6.2.1 states the minimum allowed time between sending
unsolicited multicast Router Advertisements is 3 seconds.
Align the odhcp6c implementation to this requirement as before Router
Advertisement updates were accepted each 30 seconds.
This lead to IPv6 connectivity issues when a network sends Router
Advertisements with an interval smaller than 30 seconds as reported
in FS#964.
While at it rework the RA update logic making it clear the -m option
is only related to RA updates.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 22 Mar 2017 13:14:26 +0000 (14:14 +0100)]
dhcpv6: rebind capability support in reconfigure message (rfc6644)
Allow rebind message type to appear in reconfigure message option of
a reconfigure message as desccribed in rfc6644
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 22 Mar 2017 12:58:04 +0000 (13:58 +0100)]
dhcpv6: respect renew end point when handling reconfigure message
Set T1 to 0 when receiving reconfigure message with as msg type renew;
this keeps the renew end point fixed meaning rebinding is started at T2
as initially calculated.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Wed, 22 Mar 2017 12:28:53 +0000 (13:28 +0100)]
dhcpv6: calculate T1, T2 and T3 in a more sane manner
Refresh T1, T2 and T3 only in response to DHCPv6 messages which request
statefull DHCPv6 options.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 21 Mar 2017 14:25:52 +0000 (15:25 +0100)]
md5: use libubox md5 library as local implementation
Replace local md5 library by libubox md5 library as the local md5 library
has big endian issues.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Sat, 18 Mar 2017 17:00:03 +0000 (18:00 +0100)]
dhcpv6: don't return renew msg in case of invalid msg type in reconfigure msg
Return -1 in case the msg type in the reconfigure message is invalid and
as such don't start sending renew messages.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 17 Mar 2017 22:16:57 +0000 (23:16 +0100)]
treewide: align coding style
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Thu, 16 Mar 2017 20:17:24 +0000 (21:17 +0100)]
CMakeLists: don't enable libubox md5 implementation by default
Simplify odhcp6c standalone compilation by selecting local md5
implementation by default
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 21 Feb 2017 21:02:32 +0000 (22:02 +0100)]
dhcpv6: use PRIu64 print macro
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Tue, 7 Feb 2017 21:32:57 +0000 (22:32 +0100)]
odhcp6c: fix possible stack corruption when parsing proc if_inet6
Fix buffer overflow when storing the IPv6 address in addr_buf as
the trailing zero was out of bounds.
Fix possible buffer overflow when storing the interface name in
name as interface name can contain IF_NAMESIZE characters.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 30 Jan 2017 11:27:22 +0000 (12:27 +0100)]
dhcpv6: fix white space error
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Mon, 30 Jan 2017 11:21:16 +0000 (12:21 +0100)]
dhcpv6: trigger restart of DHCPv6 state machine when not receiving statefull options
Don't set the renew timeout to 600 seconds in case no statefull options
are received but rather trigger an immediate restart of the DHCPv6
client state machine.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 27 Jan 2017 10:35:00 +0000 (11:35 +0100)]
update README
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hans Dedecker [Fri, 27 Jan 2017 09:39:52 +0000 (10:39 +0100)]
dhcpv6: server unicast option support
Add server unicast option support according rfc3315
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Matthias Schiffer [Wed, 16 Nov 2016 13:47:46 +0000 (14:47 +0100)]
Add option to ignore default lifetime for RDNSS records
While RFC6106 mandates that the RDNSS lifetime is capped to the default
lifetime, this behaviour is often undesirable. In particular, it prevents
accepting RDNSS records from RAs that don't also advertise a default route
(set the default lifetime to 0).
Therefore, make it possible to opt out of this behaviour and respect the
RDNSS lifetime independently of the default lifetime using the new command
line switch -L.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Luka Perkov [Sun, 6 Nov 2016 22:54:44 +0000 (23:54 +0100)]
Merge pull request #50 from sartura/libubox_md5_reuse
odhcp6c: reuse md5 from libubox
Hrvoje Varga [Tue, 25 Oct 2016 14:08:25 +0000 (14:08 +0000)]
odhcp6c: reuse md5 from libubox
Added config support to use the MD5 implementation from libubox instead
of the in-house implementation. By default if not specified, libubox
will be linked and its MD5 will be used instead of the in-house
implementation.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
Steven Barth [Mon, 8 Feb 2016 07:02:31 +0000 (08:02 +0100)]
Merge pull request #45 from themiron/master
Alignment cleanups
Vladislav Grishenko [Sun, 31 Jan 2016 16:03:55 +0000 (21:03 +0500)]
Sync style with the existing _packed & _unused macros
Vladislav Grishenko [Sun, 31 Jan 2016 16:03:00 +0000 (21:03 +0500)]
Use more conventional way for the alignment
Steven Barth [Sun, 31 Jan 2016 15:18:16 +0000 (16:18 +0100)]
Merge pull request #44 from bwhacks/alignment-fixes
Alignment fixes
Steven Barth [Fri, 29 Jan 2016 06:10:51 +0000 (07:10 +0100)]
Merge pull request #43 from bwhacks/security-fixes
Security/regression fixes
Ben Hutchings [Thu, 28 Jan 2016 22:45:39 +0000 (22:45 +0000)]
Fix end pointer passed from dhcpv6_handle_reply() to dhcpv6_parse_ia()
The end of the IA option is odata + olen; there's no need to add anything.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 22:45:14 +0000 (22:45 +0000)]
Fix regression in entry_to_env()
I broke entry_to_env() by incrementing the wrong variable in commit
a6bbd1d7f5c2 ("Fix potential buffer overflow in entry_to_env").
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Steven Barth [Thu, 28 Jan 2016 19:06:46 +0000 (20:06 +0100)]
Merge pull request #42 from bwhacks/logic-fixes
Logic fixes
Steven Barth [Thu, 28 Jan 2016 15:59:12 +0000 (16:59 +0100)]
Merge pull request #41 from bwhacks/security-fixes
Security fixes
Ben Hutchings [Thu, 28 Jan 2016 02:18:51 +0000 (02:18 +0000)]
Fix alignment of hash buffer in dhcpv6_response_is_valid
md5_final() writes to the hash buffer in 32-bit chunks, so it needs
to be 32-bit aligned.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:59:14 +0000 (01:59 +0000)]
Fix unaligned 32-bit reads from DHCP packets
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 20:57:34 +0000 (20:57 +0000)]
Fix alignment of buffers in ra_process and dhcpv6_request
The packet buffer needs to be 32-bit aligned to ensure that the various
32-bit fields we pick out are naturally aligned.
The control message buffers needs to be naturally aligned for struct
cmsghdr.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 04:33:48 +0000 (04:33 +0000)]
Add padding between odhcp6c_entry structures to ensure 32-bit alignment
struct odhcp6c_entry is not declared as __packed, so the compiler may
assume it is naturally aligned.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 19:34:41 +0000 (19:34 +0000)]
Fix iteration after expiring a list entry
After removing an entry, the next entry will be at the same offset as
the entry we just removed. Also the total length will have changed.
Update the length when we remove an entry, and advance the offset only
when we don't.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 20:13:35 +0000 (20:13 +0000)]
Fix script environment variable setting for empty lists
When setting an environment variable as a space-separated list, and
the list is empty, we must not delete the '=' before the value.
In practice putenv() is likely to discard the invalid string, leaving
the variable unset, but this is not guaranteed.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 02:09:47 +0000 (02:09 +0000)]
Add missing option length checks in dhcpv6_handle_advert
These might be redundant with checks elsewhere but it's better to be
safe.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:44:10 +0000 (01:44 +0000)]
Fix potential log forgery via status string
We should not include any control characters from the server status
message when logging it; in particular if we include '\n' this could
result in additional arbitrary log lines. In dhcpv6_log_status_code,
replace all control characters with '?'.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:28:32 +0000 (01:28 +0000)]
Check for unsupported PD exclusion configuration in dhcpv6_parse_ia
We currently only support PD exclusions that only affect bits 64-95 of
the address, so we require:
32 <= PD prefix length < exclusion prefix length <= 64
The first inequality was not validated, and this could result in a
buffer overflow when generating the next request message.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:16:31 +0000 (01:16 +0000)]
Fix memory leak in dhcpv6_add_server_cand in case odhcp6c_insert_state fails
If we fail to store information from the new server, the associated
NA and PD options will never be freed. An attacker could use this
for denial-of-service.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 01:14:04 +0000 (01:14 +0000)]
Change odhcp6c_insert_state to return a success/failure indicator
Some callers will need to free resources on failure.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Thu, 28 Jan 2016 00:49:22 +0000 (00:49 +0000)]
Fix possible stack buffer overflow in s46_to_env when copying IPv6 prefixes
An 8-bit prefix-length field can be as large as 255, but values larger
than 128 will result in a buffer overflow when copying to in6.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 19:07:52 +0000 (19:07 +0000)]
Fix off-by-one in buffer length in int_to_env
We need to allow for '=', negative sign, 10 digits and the null
terminator, adding up to 13 bytes not 12.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 18:02:04 +0000 (18:02 +0000)]
Fix potential buffer overflow in entry_to_env
It appears that an entry of type ENTRY_PREFIX with iaid != 1 and an
exclusion can expand to a string of length up to 154 bytes, whereas we
allocate only 144 bytes per entry.
Also, in case of truncation, snprintf() returns the length of the
un-truncated output so we must not use this to increment buf_len.
Finally some of the lengths given to snprintf() are unnecessarily
generous. Reduce them so we don't have to increase the allocated
length per entry further.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Ben Hutchings [Fri, 22 Jan 2016 20:15:31 +0000 (20:15 +0000)]
Avoid copying buffer after dn_expand() fails
If dn_expand() returns an error we could copy from an uninitialised
output buffer or append the previous domain name again.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Steven Barth [Tue, 26 Jan 2016 19:29:01 +0000 (20:29 +0100)]
Merge pull request #40 from dedeckeh/bugfixes
script: Launch script with correct action if last script call is terminated
Hans Dedecker [Tue, 26 Jan 2016 08:20:33 +0000 (09:20 +0100)]
script: Launch script with correct action if last script call is terminated
Actions launched as resume will be used in a next script_call
if the new action is not marked as resume even when the previous
script run was already terminated.
This behavior is particular visible when a RA is received as
the script will run with action bound and not ra-updated
resulting into a wan6 interface down/up transition
Steven Barth [Mon, 27 Jul 2015 13:39:11 +0000 (15:39 +0200)]
odhcp6c: sync and accumulate RA & DHCPv6 events correctly
Steven Barth [Mon, 13 Jul 2015 14:15:52 +0000 (16:15 +0200)]
Merge pull request #37 from themiron/master
Avoid solicit for zero-length prefix
Vladislav Grishenko [Mon, 13 Jul 2015 13:12:41 +0000 (18:12 +0500)]
Merge branch 'upstream'
Steven Barth [Mon, 13 Jul 2015 10:38:42 +0000 (12:38 +0200)]
dhcpv6: remove dead code
Vladislav Grishenko [Sun, 12 Jul 2015 12:02:30 +0000 (17:02 +0500)]
Avoid solicit for zero-length prefix
Steven Barth [Tue, 9 Jun 2015 12:04:59 +0000 (14:04 +0200)]
dhcpv6: clear CUSTOM_OPTS in a more sane manner
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sat, 16 May 2015 07:28:01 +0000 (09:28 +0200)]
Fix LW4over6 parameter handling
Steven Barth [Sat, 25 Apr 2015 16:49:59 +0000 (18:49 +0200)]
Merge pull request #33 from themiron/master
Avoid of waiting for Advertise in stateless-only mode
Vladislav Grishenko [Sat, 25 Apr 2015 15:52:57 +0000 (20:52 +0500)]
Avoid of waiting for Advertise in stateless-only mode
Start with Information-request when configured not to ask
IA_NA/IA_PD. It allows to complete the exchange using only
two messages, instead of four, and fixes infinite Advertise
waiting loop with servers that just ignore Solicit messages.
Steven Barth [Mon, 20 Apr 2015 09:59:56 +0000 (11:59 +0200)]
Fixup INF_MAX_RT for RFC 3315 as well
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Mon, 20 Apr 2015 09:16:21 +0000 (11:16 +0200)]
Fix SOL_MAX_RT default value to match RFC 3315
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Wed, 15 Apr 2015 13:02:55 +0000 (15:02 +0200)]
example: actually chmod new resolv.conf after overwriting
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Wed, 15 Apr 2015 12:55:57 +0000 (14:55 +0200)]
ra: avoid saving an empty search domain entry
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Tue, 14 Apr 2015 06:24:44 +0000 (08:24 +0200)]
scan-code fixes
Steven Barth [Mon, 13 Apr 2015 12:48:52 +0000 (14:48 +0200)]
Improve handling of DNS search domains
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sun, 12 Apr 2015 12:02:59 +0000 (14:02 +0200)]
Fix odhcp6c_find_entry
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Sun, 12 Apr 2015 07:15:22 +0000 (09:15 +0200)]
Remove obsolete prefix class support
Signed-off-by: Steven Barth <steven@midlink.org>
Steven Barth [Fri, 10 Apr 2015 11:31:56 +0000 (13:31 +0200)]
Sanitize RA values less
Steven Barth [Fri, 10 Apr 2015 11:19:44 +0000 (13:19 +0200)]
Pass ICMP configuration to user-space instead of directly applying it
Steven Barth [Thu, 9 Apr 2015 08:16:02 +0000 (10:16 +0200)]
Update README
Steven Barth [Thu, 9 Apr 2015 07:51:39 +0000 (09:51 +0200)]
script: don't resolve AFTR since DNS won't be applied yet anyway
Signed-off-by: Steven Barth <steven@midlink.org>
John Crispin [Sat, 28 Mar 2015 16:58:44 +0000 (17:58 +0100)]
properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>
Felix Fietkau [Sun, 29 Mar 2015 02:35:17 +0000 (04:35 +0200)]
ra: use proper struct msghdr initializer to fix build error on musl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Steven Barth [Wed, 25 Mar 2015 18:23:59 +0000 (19:23 +0100)]
make route metric more compatible with linux defaults
Steven Barth [Wed, 11 Mar 2015 09:06:54 +0000 (10:06 +0100)]
Get rid of getifaddrs for interface ID detection
Signed-off-by: Steven Barth <steven@midlink.org>