| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
We can now remove the NOCARRIER_PRESERVE_IP define.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is achieved by checking that the interface is wireless,
IFF_UP and IFF_LOWER_UP are present, but IFF_RUNNING is missing.
This gives exactly the same support as modern NetBSD when carrier
loss is detected, but without the address verifications when the
carrier comes back as that needs to be handled in the kernel.
While IP setup is maintained, other configuration data is discarded.
Note that this should be improved in the future.
Thanks to Boris Krasnovskiy <borkra@gmail.com> for helping with this.
|
| |
|
|
|
|
|
| |
Move the IS_LINK_UP macro to if_is_link_up function to reduce
binary size.
Rather than DHCPCD_LINK option controlling the carrier state,
use it in if_is_link_up to determine the outcome.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Vastly improve and simplify link detection on BSD.
dhcpcd either examines the whole system via getifaddrs(3) or
reacts to events via route(4).
In both cases we have struct if_data which has ifi_link_state.
Armed with this knowledge, we no longer need SIOCGIFDATA or
SIOCGIFMEDIA.
To solve the issue of newly attached interfaces having
LINK_STATE_UNKNOWN or some interfaces not even changing it,
we only change the local knowledge of interface flags when
reports them by getifaddrs(3) or route(4) when we change them.
For example, if we set IFF_UP and it succeeds we don't set this
internally until reported by the kernel as above.
This keeps flags and link state in sync with each other.
The hope is that the kernel can set the real link state before
it reports IFF_UP.
As such, we no longer require the poll option or need to enter a
tight loop for old interfaces.
|
| |
|
|
|
|
|
|
|
|
|
| |
Not all interfaces report media state to get the link state.
However, link state is available from getifaddrs(3) ifa_data
for AF_LINK addresses.
Testing shows that link state is also sent correctly via
route(4) messages for the same interface.
This makes pppoe(4) interfaces more reliable on FreeBSD and OpenBSD.
|
| |
|
|
| |
Also add os_init incase other os need similar in the future.
|
| |
|
|
|
|
|
|
|
|
| |
udev says whether an interface name is stable or not.
In a network namespace, udev claims the interface does not exist.
This makes sense because udev only operates in the root namespace.
As such disable udev in a network namespace.
While here correctly spell initialise.
|
| |
|
|
|
| |
Old systems don't have SOCK_CLOEXEC, etc, this makes it easy.
While here, right limit the sockets.
|
| |
|
|
|
| |
Only to be used if the interface does not report carrier state
changes for whatever reason.
|
| |
|
|
|
|
|
|
|
| |
Achieved by adding IPC to ignore interfaces names based on
the interface group.
This means every process just pledges stdio for IPC which the
exception of the master process which also pledges route so it
can access the routing table.
|
| |
|
|
| |
Add debug per 100 messages.
|
| |
|
|
|
| |
Luckily Solaris supports IP_PKTINFO as well so lets fall back
to that for the time being.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Except for the priviledged process.
This is quite an in-depth change:
* ARP is now one process per address
* BPF flags are now returned via privsep
* BPF write filters are locked when supported
* The root process sends to the network
The last step is done by opening RAW sockets and then sending a UDP
header (where applicable) to avoid binding to an address
which is already in use by the reader sockets.
This is slightly wasteful for OS's without sandboxing but does
have the very nice side effect of not needing a source address
to unicast DHCPs replies from which makes the code smaller.
|
| |
|
|
|
|
|
|
|
|
| |
This allows us to move the database directory back into the
root of the filesystem.
While here, harden the files by denying any user read access to them.
As part of this change, init the DUID from any machine data and
cache the default DHCP vendor field before dropping priviledges as we
may lose access to this later.
|
| | |
|
| |
|
|
|
|
|
|
| |
This instructs dhcpcd to create a temporary address for each
address generated from a RA.
As such, dhcpcd no longer looks at the kernel option for it
as the functionality is being removed from some or never existed
in the first place.
|
| |
|
|
| |
This just clarifies the former fix
|
| |
|
|
|
|
| |
This allows dhcpcd to only listen for RTM_MISS generated by
default routers dhcpcd *could* install so if one becomes
unreachable we can pick another.
|
| | |
|
| |
|
|
|
| |
Also important as we now need to store the frame header in the
initial buffer.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This works by randomising the hardware address when carrier is down
and using this to construct a DUID LL which is used over any saved
DUID. IAID is defaulted to zero and hostname + FQDN are disabled.
Then every possible option is masked out except for essential ones.
It's possible to request options *after* anonymous option which
will enable it. This is RFC compliant and allows 100% flexability
in letting the user decide what, if any, details leek out.
This is disabled by default.
Only works on NetBSD, other OS coming shortly.
|
| |
|
|
|
|
|
|
|
|
| |
BSD and glibc have the signature for request as unsigned long.
musl and Solaris have a signed int.
As such, we need to detect this at compile time and adjust the
signature of our internal ioctl functions to match.
To keep the onwire format the same, memcpy the request to the
unsigned long request and back again, thus preserving the signedness.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not enabled by default - enable with ./configure --enable-privsep
Requires a user added to the system - default _dhcpcd
Several processes will be spawned off the main state engine:
a privileged actioneer and a generic network proxy.
Only the privileged actioneer process will retain root permissions.
When required, the privileged actioneer will also spawn
BPF listeners for BOOTP (DHCP) and ARP.
The BOOTP BPF listener should be a short lived process.
On kernels with RFC 5227 support, the ARP BPF listener will only
be used for ARPing and announcing a preferred address and will
also be a short lived process.
When not running in master mode, an address listener will be
spawned for each address (with the exception of RA dervived addresses)
dhcpcd cares about.
TODO:
* Solaris support.
* ARP BPF address filtering.
|
| |
|
|
|
| |
Only tested thus far on NetBSD.
While here, fix prior to not lose the first sorted route.
|
| |
|
|
| |
Just makes life a bit easier.
|
| |
|
|
| |
Incase someone renames tap0 to foo4.
|
| |
|
|
|
|
|
| |
TAP interfaces are virtual ethernet and not really distinguishable
from real interfaces other than the interface name.
On BSD the interfaces are always called tapN.
|
| |
|
|
|
| |
This simplifies the code and allows onlink route "addresses"
to work on P2P interfaces.
|
| | |
|
| |
|
|
| |
See https://spdx.org/ for details.
|
| |\ |
|
| | |
| |
| |
| |
| | |
It has to work for wireless interfaces, but we have no idea
about other interfaces. So test valid carrier for unknown.
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
Reduces complexity between IPv4 and IPv6 and silences a warning
about potential string trunctaion if the LUN makes too big an
interface name.
|
| | |
| |
| |
| | |
dhcpcd no longer needs ifconfig to do the initial plumbing.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This is an attempt to reduce the memory dhcpcd uses.
By removing kroutes and froutes from global context.
kroutes are generated at the start of rt_build and freed at
the end.
|
| |/ |
|
| |
|
|
| |
Makes dhcpcd smaller still.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the same IPv6 address to exist on more than one
interface. Whenever dhcpcd address an IPv6 address, it will
advertise it along with the hardware address of the preferred
interface.
This is heavliy reliant on the kernel supporting this as it's the
kernel that handle the Duplicate Address Detection.
In a nutshell it needs to support RFC 7527 and ignore NA packets
from any hardware address the host owns.
Currently the only known kernel that fully supports this is
NetBSD-8.99.27
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It's possible for the internal kernel buffer that reports network
events to overflow.
On Linux and NetBSD* this is handled by ENOBUFS being returned
by recv(2). On OpenBSD there is a special route(4) message RTM_DESYNC.
All other OS's don't seem to report this error, so dhcpcd cannot
detect it.
* I will commit a patch to NetBSD soon for this and will request a
pullup to NetBSD-8.
|
| |
|
|
|
|
|
| |
Rename if_checkipv6 to if_setup_inet6 so it's more descriptive.
simpify code as we don't really care about the result.
Restore the prior behavior of not disabling kernel RA handling
if dhcpcd is not doing it.
|
| | |
|
| |
|
|
|
| |
To achieve this we need to learn the addresses AFTER the interface
configuration has been loaded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
The all zero's and all one's hardware address are reserved.
As such, they should not be used in dhcpcd.
Likewise, Router Solicitation messages should not contain an
all zero source address option.
Fixes T119.
Test Plan:
Request IPv6RA over a PPP interface on a suitable OS which assigns
an all zero's or all one's hardware address.
Maniphest Tasks: T119
Differential Revision: https://dev.marples.name/D114
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
This only works if the VLAN interface has already been setup prior
to starting dhcpcd.
Initial fix for T115.
Test Plan:
Configure a vlan interface.
Don't set any iaid in /etc/dhcpcd.conf.
Start dhcpcd, check VLANID is used for IAID.
Reviewers: sthen
Reviewed By: sthen
Tags: #dhcpcd
Differential Revision: https://dev.marples.name/D107
|
| | |
|
| |
|
|
| |
This is controllable via noipv6 and noipv6rs options.
|
