summaryrefslogtreecommitdiffstats
path: root/src/ipv6.c
Commit message (Collapse)AuthorAge
* Rename Master to ManagerRoy Marples2021-02-02
|
* A belated welcome to 2021Roy Marples2021-01-31
|
* Add --noconfigure optionRoy Marples2020-11-04
| | | | | With this set dhcpcd will not configure anything on the host. The expectation is that a 3rd party script will instead.
* dhcpcd: Simplify the link handling even moreRoy Marples2020-10-07
| | | | | | | Move the IS_LINK_UP macro to if_is_link_up function to reduce binary size. Rather than DHCPCD_LINK option controlling the carrier state, use it in if_is_link_up to determine the outcome.
* dhcpcd: Simplify carrier handling more by using IS_LINK_UP macroRoy Marples2020-10-06
| | | | | | Removes the need for the LINK_DOWN_IFFUP state. While here, remove the check for IFF_RUNNING when LINK_UNKNOWN because that is OS specific.
* DHCP: Don't set address lifetimes when extending leasesRoy Marples2020-09-01
| | | | | | | | Otherwise the kernel WILL remove them. dhcpcd already manages address removal when needed because some OS's do not support address lifetimes even for IPv6. While here apply the same logic to IPv6.
* inet6: Linux will convert NULL to all, so don't specify allRoy Marples2020-08-03
|
* Linux: IP6 forwaring only applies to "all" interfaceRoy Marples2020-08-03
| | | | | Per interface forwarding is apparently only for setting things like IsRouter in NA messages.
* inet6: Don't regen temp addresses we didn't add.Roy Marples2020-06-27
| | | | Helps with interopability with OpenBSD's slaacd(8).
* Fix compile with inet or inet6 disabledRoy Marples2020-05-30
|
* Fix prior for BSDRoy Marples2020-05-24
|
* privsep: Allow Linux to work without needing any mountsRoy Marples2020-05-24
|
* Remove some old FORKED logic.Roy Marples2020-05-20
| | | | No longer needed now the main process forks from the get go.
* OpenBSD: Fix non privsep builds.Roy Marples2020-05-20
|
* privsep: Enable Capsicum for all processes.Roy Marples2020-05-19
| | | | | | | | | | | | | | | | | Except for the priviledged process. This is quite an in-depth change: * ARP is now one process per address * BPF flags are now returned via privsep * BPF write filters are locked when supported * The root process sends to the network The last step is done by opening RAW sockets and then sending a UDP header (where applicable) to avoid binding to an address which is already in use by the reader sockets. This is slightly wasteful for OS's without sandboxing but does have the very nice side effect of not needing a source address to unicast DHCPs replies from which makes the code smaller.
* privsep: Handle all file IO in the Priviledged ActioneerRoy Marples2020-05-12
| | | | | | | | | | This allows us to move the database directory back into the root of the filesystem. While here, harden the files by denying any user read access to them. As part of this change, init the DUID from any machine data and cache the default DHCP vendor field before dropping priviledges as we may lose access to this later.
* privsep: Implement pledge(2) support as found on OpenBSDRoy Marples2020-05-10
|
* inet6: Move BSD get/set scope function to ipv6 for general useRoy Marples2020-05-07
| | | | | | It seems that FreeBSD doesn't allow binding to scoped addresses, so let's use our functions everwhere rather than directly setting scope.
* inet6: Mark temp addrs for regenRoy Marples2020-04-29
| | | | | This solves an infinite loop where new temp addrs regened are added at the tail and we loop endlessly.
* DHCP6: Implement DECLINE support for duplicated addressesRoy Marples2020-04-26
| | | | | | This is the final piece of DHCP6 to implement! Part of this change drops the use of the IPV6_AF_DUPLICATED flag and we just use IN6_IFF_DUPLICATED now.
* Rename ifp->family -> ifp->hwtype so it's less confusingRoy Marples2020-04-23
|
* inet6: Add 'temporary' directive to the slaac optionRoy Marples2020-04-19
| | | | | | | | This instructs dhcpcd to create a temporary address for each address generated from a RA. As such, dhcpcd no longer looks at the kernel option for it as the functionality is being removed from some or never existed in the first place.
* inet6: Don't regen temporary addresses without an IPv6 stateRoy Marples2020-04-16
| | | | As this is not possible.
* Linux: Note router preference when adding routesRoy Marples2020-04-09
| | | | This appears to just be cosmetic.
* Linux: doesn't need to create temp addrsRoy Marples2020-04-09
|
* RA: Rework temporary address managementRoy Marples2020-04-09
| | | | | | | | Vastly simpfly how they are generated and managed. Temporary address generation now uses pure random numbers rather than MD5ing over a random secret as arc4random should be random enough. This change reflects RFC 4941bis.
* ND: If a secondary router adds the same prefix, use it's addressRoy Marples2020-03-31
| | | | | With slaac private, it will generate a new address which would be wrong.
* Be pedantic and move syslog.h into the right placeRoy Marples2020-02-11
|
* logerr: Use macros to call log functionsSergey Nikiforov2020-02-11
| | | | | | This allows downstream implementions to inject their own data into the log message and/or supply new logging targets whilst preserving macros such as __FILE__ and __LINE__.
* inet6: guard getting RA routers if inet6 not initialisedRoy Marples2020-02-09
| | | | | Now that we get inet6 routes even when only building inet routes we need to guard as the RA routers collection could be NULL.
* inet6: Calculate the prefix in the canonical formRoy Marples2020-02-07
| | | | Rather than being clever and getting it wrong.
* DHCP6: Clean up old lease when we fail to confirm/rebind, etcRoy Marples2020-02-06
| | | | Also removed the TIMEOUT states which makes things easier to read.
* eloop: define eloop queue numbers in common.hRoy Marples2020-02-06
| | | | Allows for easier maintainance.
* inet6: Support a /128 autoconf prefix from RARoy Marples2020-01-17
| | | | This is apparently a thing. Unsure why, but heh ho.
* inet6: Use milliseconds rather than timespec for calculating delaysRoy Marples2020-01-04
|
* eloop: reduce timers rather than calculating expiryRoy Marples2020-01-07
| | | | | | | | | | | | | | This saves the need to store a created date per timer, we just need to know when the timers were last changed which we can store in the eloop. This makes it easier to make the actual timeout for polling. While here, add the eloop_timespec_diff function to workout the elapsed time from usp to tsp even when time has wrapped on one or both times. This works if time wraps on the maximal size time_t allows AND we know that tsp is always newer than usp.
* eloop: Allow for for timeouts greater than time_t and time wrappingRoy Marples2020-01-01
| | | | | | | | | | | | | On some systems time_t is int32_t. However, on wire timeouts are generally uint32_t. As such, we need to avoid using timespec internally except to record when the timeout was created. Instead, record the timeout as unsigned int seconds and long nanoseconds. On long running systems using time_t as int32_t, monotonic time would wrap after approximately 68 years. It's highly unlikely dhcpcd would be running for so long, but just incase it does, the code should now cope.
* Welcome to 2020!Roy Marples2020-01-03
|
* DHCP6: Rework delegation deprecationRoy Marples2019-12-17
| | | | | | | | | | Split ipv6_addaddrs out so ipv6_doaddr can operate on a single address. Call this when deprecating delegated addresses to avoid calling ipv6_addaddrs. This allows a more simple ipv6_addaddrs that doesn't need to test which address collection we are deleting from and removes DHCPv6 specific code from the generic IPv6 module.
* DHCP6: Fix deprecating a delegated prefixRoy Marples2019-12-16
| | | | | Be sure to remove the address using the right TAILQ member. While here, simplify the initialisation of pd_pfxs.
* privsep: Add support for priviledge separationRoy Marples2019-11-28
| | | | | | | | | | | | | | | | | | | | | | | | Not enabled by default - enable with ./configure --enable-privsep Requires a user added to the system - default _dhcpcd Several processes will be spawned off the main state engine: a privileged actioneer and a generic network proxy. Only the privileged actioneer process will retain root permissions. When required, the privileged actioneer will also spawn BPF listeners for BOOTP (DHCP) and ARP. The BOOTP BPF listener should be a short lived process. On kernels with RFC 5227 support, the ARP BPF listener will only be used for ARPing and announcing a preferred address and will also be a short lived process. When not running in master mode, an address listener will be spawned for each address (with the exception of RA dervived addresses) dhcpcd cares about. TODO: * Solaris support. * ARP BPF address filtering.
* inet6: Fix a potential crash learning addressesRoy Marples2019-10-14
| | | | | Interface maybe active but without options. In this case, check the global state of IPv6.
* inet6: Fix default route not being installedRoy Marples2019-09-05
| | | | | | | | We need to check for global addresses on any forwarding interface, not just the interface we received the RA on. Otherwise this breaks routers who get a default route only from the RA and IPv6 addresses only by prefix delegation to other interfaces.
* Solaris: Get the subnet in ipv6 ifa handlerRoy Marples2019-09-04
| | | | | This simplifies the code and allows onlink route "addresses" to work on P2P interfaces.
* Solaris: Fix issue with prior on other OSRoy Marples2019-09-04
|
* Solaris: Sending NA now seems to work!Roy Marples2019-09-04
|
* Solaris: Fix Prefix routes without an addressRoy Marples2019-09-04
| | | | | These need to be added as subnet's and no address. Kinda back to front, but heh ho.
* Solaris: Fix address flagsRoy Marples2019-09-04
| | | | We can use a lack of IFF_UP to set IN{,6}_IFF_TENTATIVE as well.
* Better fix for prior.Roy Marples2019-08-30
|
* Fix a crash for ipv4 only.Roy Marples2019-08-30
|
generated by cgit v1.2.3 (git 2.25.1) at 2021-03-13 23:31:33 +0000