Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/ROY]: src/external/bsd/dhcpcd/dist/src Update to dhcpcd-9.1.2 with the f...
details: https://anonhg.NetBSD.org/src/rev/a52045968717
branches: ROY
changeset: 934662:a52045968717
user: roy <roy%NetBSD.org@localhost>
date: Mon Jun 15 16:58:01 2020 +0000
description:
Update to dhcpcd-9.1.2 with the following changes:
* NetBSD: free ARP state once IPv4LL address announced
* NetBSD: Mark RA dervied addresses as AUTOCONF
* BSD: Only mark static routes from dhcpcd.conf as static
* DHCP6: Ensure requested addresses are requested
* DHCP6: Fix prefix length calculation when no prefix specified
* privsep: Implement a resource limited sandbox
diffstat:
external/bsd/dhcpcd/dist/src/arp.c | 7 -
external/bsd/dhcpcd/dist/src/arp.h | 1 -
external/bsd/dhcpcd/dist/src/bpf.c | 8 +
external/bsd/dhcpcd/dist/src/control.c | 296 +++++++++++++++-------
external/bsd/dhcpcd/dist/src/control.h | 14 +-
external/bsd/dhcpcd/dist/src/defs.h | 2 +-
external/bsd/dhcpcd/dist/src/dhcp6.c | 15 +-
external/bsd/dhcpcd/dist/src/dhcpcd.c | 303 ++++++++++++----------
external/bsd/dhcpcd/dist/src/dhcpcd.h | 13 +
external/bsd/dhcpcd/dist/src/eloop.c | 39 ++-
external/bsd/dhcpcd/dist/src/eloop.h | 1 +
external/bsd/dhcpcd/dist/src/if-bsd.c | 96 ++++--
external/bsd/dhcpcd/dist/src/if-options.c | 10 +-
external/bsd/dhcpcd/dist/src/if-options.h | 2 +-
external/bsd/dhcpcd/dist/src/if.c | 41 +-
external/bsd/dhcpcd/dist/src/if.h | 1 +
external/bsd/dhcpcd/dist/src/ipv4ll.c | 3 +
external/bsd/dhcpcd/dist/src/ipv6nd.c | 6 +-
external/bsd/dhcpcd/dist/src/logerr.c | 3 +
external/bsd/dhcpcd/dist/src/privsep-bsd.c | 30 ++
external/bsd/dhcpcd/dist/src/privsep-control.c | 323 +++++++++++++++++++++++++
external/bsd/dhcpcd/dist/src/privsep-control.h | 41 +++
external/bsd/dhcpcd/dist/src/privsep-inet.c | 68 +---
external/bsd/dhcpcd/dist/src/privsep-root.c | 37 +-
external/bsd/dhcpcd/dist/src/privsep-root.h | 8 +-
external/bsd/dhcpcd/dist/src/privsep.c | 200 +++++++++++++--
external/bsd/dhcpcd/dist/src/privsep.h | 28 +-
external/bsd/dhcpcd/dist/src/script.c | 5 +-
28 files changed, 1179 insertions(+), 422 deletions(-)
diffs (truncated from 2731 to 300 lines):
diff -r c6d38ce3d69f -r a52045968717 external/bsd/dhcpcd/dist/src/arp.c
--- a/external/bsd/dhcpcd/dist/src/arp.c Thu Jun 04 13:07:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/src/arp.c Mon Jun 15 16:58:01 2020 +0000
@@ -578,13 +578,6 @@
}
void
-arp_cancel(struct arp_state *astate)
-{
-
- eloop_timeout_delete(astate->iface->ctx->eloop, NULL, astate);
-}
-
-void
arp_free(struct arp_state *astate)
{
struct interface *ifp;
diff -r c6d38ce3d69f -r a52045968717 external/bsd/dhcpcd/dist/src/arp.h
--- a/external/bsd/dhcpcd/dist/src/arp.h Thu Jun 04 13:07:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/src/arp.h Mon Jun 15 16:58:01 2020 +0000
@@ -98,7 +98,6 @@
void arp_probe(struct arp_state *);
struct arp_state *arp_announceaddr(struct dhcpcd_ctx *, const struct in_addr *);
struct arp_state *arp_ifannounceaddr(struct interface *, const struct in_addr *);
-void arp_cancel(struct arp_state *);
struct arp_state * arp_find(struct interface *, const struct in_addr *);
void arp_free(struct arp_state *);
void arp_freeaddr(struct interface *, const struct in_addr *);
diff -r c6d38ce3d69f -r a52045968717 external/bsd/dhcpcd/dist/src/bpf.c
--- a/external/bsd/dhcpcd/dist/src/bpf.c Thu Jun 04 13:07:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/src/bpf.c Mon Jun 15 16:58:01 2020 +0000
@@ -703,6 +703,14 @@
return -1;
return 0;
#else
+#ifdef PRIVSEP
+#if defined(__sun) /* Solaris cannot send via BPF. */
+#elif defined(BIOCSETF)
+#warning No BIOCSETWF support - a compromised BPF can be used as a raw socket
+#else
+#warning A compromised PF_PACKET socket can be used as a raw socket
+#endif
+#endif
return bpf_bootp_rw(bpf, true);
#endif
}
diff -r c6d38ce3d69f -r a52045968717 external/bsd/dhcpcd/dist/src/control.c
--- a/external/bsd/dhcpcd/dist/src/control.c Thu Jun 04 13:07:12 2020 +0000
+++ b/external/bsd/dhcpcd/dist/src/control.c Mon Jun 15 16:58:01 2020 +0000
@@ -46,6 +46,7 @@
#include "eloop.h"
#include "if.h"
#include "logerr.h"
+#include "privsep.h"
#ifndef SUN_LEN
#define SUN_LEN(su) \
@@ -63,7 +64,6 @@
free(fdp->data);
free(fdp);
}
- fd->queue_len = 0;
#ifdef CTL_FREE_LIST
while ((fdp = TAILQ_FIRST(&fd->free_queue))) {
@@ -75,56 +75,118 @@
#endif
}
-static void
+void
+control_free(struct fd_list *fd)
+{
+
+#ifdef PRIVSEP
+ if (fd->ctx->ps_control_client == fd)
+ fd->ctx->ps_control_client = NULL;
+#endif
+
+ eloop_event_remove_writecb(fd->ctx->eloop, fd->fd);
+ TAILQ_REMOVE(&fd->ctx->control_fds, fd, next);
+ control_queue_free(fd);
+ free(fd);
+}
+
+void
control_delete(struct fd_list *fd)
{
- TAILQ_REMOVE(&fd->ctx->control_fds, fd, next);
+#ifdef PRIVSEP
+ if (IN_PRIVSEP_SE(fd->ctx))
+ return;
+#endif
+
eloop_event_delete(fd->ctx->eloop, fd->fd);
close(fd->fd);
- control_queue_free(fd);
- free(fd);
+ control_free(fd);
}
static void
control_handle_data(void *arg)
{
struct fd_list *fd = arg;
- char buffer[1024], *e, *p, *argvp[255], **ap, *a;
+ char buffer[1024];
ssize_t bytes;
- size_t len;
- int argc;
bytes = read(fd->fd, buffer, sizeof(buffer) - 1);
+
if (bytes == -1 || bytes == 0) {
/* Control was closed or there was an error.
* Remove it from our list. */
control_delete(fd);
return;
}
- buffer[bytes] = '\0';
- p = buffer;
- e = buffer + bytes;
+
+#ifdef PRIVSEP
+ if (IN_PRIVSEP(fd->ctx)) {
+ ssize_t err;
+
+ fd->flags |= FD_SENDLEN;
+ err = ps_ctl_handleargs(fd, buffer, (size_t)bytes);
+ fd->flags &= ~FD_SENDLEN;
+ if (err == -1) {
+ logerr(__func__);
+ return;
+ }
+ if (err == 1 &&
+ ps_ctl_sendargs(fd, buffer, (size_t)bytes) == -1) {
+ logerr(__func__);
+ control_delete(fd);
+ }
+ return;
+ }
+#endif
+
+ control_recvdata(fd, buffer, (size_t)bytes);
+}
+
+void
+control_recvdata(struct fd_list *fd, char *data, size_t len)
+{
+ char *p = data, *e;
+ char *argvp[255], **ap;
+ int argc;
/* Each command is \n terminated
* Each argument is NULL separated */
- while (p < e) {
+ while (len != 0) {
argc = 0;
ap = argvp;
- while (p < e) {
- argc++;
+ while (len != 0) {
+ if (*p == '\0') {
+ p++;
+ len--;
+ continue;
+ }
+ e = memchr(p, '\0', len);
+ if (e == NULL) {
+ errno = EINVAL;
+ logerrx("%s: no terminator", __func__);
+ return;
+ }
if ((size_t)argc >= sizeof(argvp) / sizeof(argvp[0])) {
errno = ENOBUFS;
+ logerrx("%s: no arg buffer", __func__);
return;
}
- a = *ap++ = p;
- len = strlen(p);
- p += len + 1;
- if (len && a[len - 1] == '\n') {
- a[len - 1] = '\0';
+ *ap++ = p;
+ argc++;
+ e++;
+ len -= (size_t)(e - p);
+ p = e;
+ e--;
+ if (*(--e) == '\n') {
+ *e = '\0';
break;
}
}
+ if (argc == 0) {
+ logerrx("%s: no args", __func__);
+ continue;
+ }
*ap = NULL;
if (dhcpcd_handleargs(fd->ctx, fd, argc, argvp) == -1) {
logerr(__func__);
@@ -136,6 +198,26 @@
}
}
+struct fd_list *
+control_new(struct dhcpcd_ctx *ctx, int fd, unsigned int flags)
+{
+ struct fd_list *l;
+
+ l = malloc(sizeof(*l));
+ if (l == NULL)
+ return NULL;
+
+ l->ctx = ctx;
+ l->fd = fd;
+ l->flags = flags;
+ TAILQ_INIT(&l->queue);
+#ifdef CTL_FREE_LIST
+ TAILQ_INIT(&l->free_queue);
+#endif
+ TAILQ_INSERT_TAIL(&ctx->control_fds, l, next);
+ return l;
+}
+
static void
control_handle1(struct dhcpcd_ctx *ctx, int lfd, unsigned int fd_flags)
{
@@ -154,20 +236,19 @@
fcntl(fd, F_SETFL, flags | O_NONBLOCK) == -1)
goto error;
- l = malloc(sizeof(*l));
+#ifdef PRIVSEP
+ if (IN_PRIVSEP(ctx) && !IN_PRIVSEP_SE(ctx))
+ ;
+ else
+#endif
+ fd_flags |= FD_SENDLEN;
+
+ l = control_new(ctx, fd, fd_flags);
if (l == NULL)
goto error;
- l->ctx = ctx;
- l->fd = fd;
- l->flags = fd_flags;
- TAILQ_INIT(&l->queue);
- l->queue_len = 0;
-#ifdef CTL_FREE_LIST
- TAILQ_INIT(&l->free_queue);
-#endif
- TAILQ_INSERT_TAIL(&ctx->control_fds, l, next);
- eloop_event_add(ctx->eloop, l->fd, control_handle_data, l);
+ if (eloop_event_add(ctx->eloop, l->fd, control_handle_data, l) == -1)
+ logerr(__func__);
return;
error:
@@ -193,6 +274,26 @@
}
static int
+make_path(char *path, size_t len, const char *ifname, sa_family_t family)
+{
+ const char *per;
+
+ switch(family) {
+ case AF_INET:
+ per = "-4";
+ break;
+ case AF_INET6:
+ per = "-6";
+ break;
+ default:
+ per = "";
+ break;
+ }
+ return snprintf(path, len, CONTROLSOCKET,
+ ifname ? ifname : "", ifname ? per : "", ifname ? "." : "");
+}
+
+static int
make_sock(struct sockaddr_un *sa, const char *ifname, sa_family_t family,
bool unpriv)
{
@@ -204,23 +305,8 @@
sa->sun_family = AF_UNIX;
if (unpriv)
strlcpy(sa->sun_path, UNPRIVSOCKET, sizeof(sa->sun_path));
- else {
- const char *per;
-
- switch(family) {
- case AF_INET:
- per = "-4";
- break;
- case AF_INET6:
- per = "-6";
Home |
Main Index |
Thread Index |
Old Index