dhcpcd
3 weeks agooptions: Ensure that we correctly read auth tokens. dhcpcd-9
Roy Marples [Fri, 29 Jul 2022 07:00:09 +0000 (08:00 +0100)]
options: Ensure that we correctly read auth tokens.

5 months agohooks: Use command -v rather than type
Roy Marples [Thu, 24 Feb 2022 12:53:02 +0000 (12:53 +0000)]
hooks: Use command -v rather than type

command -v is now required by POSIX, type is technically an extension.

5 months agoBump dates for prior
Roy Marples [Thu, 24 Feb 2022 06:34:10 +0000 (06:34 +0000)]
Bump dates for prior

5 months agoFixes manual page typos found by Lintian
Martin-Éric Racine [Thu, 24 Feb 2022 06:28:21 +0000 (06:28 +0000)]
Fixes manual page typos found by Lintian

8 months agoFix compile issue with prior
Roy Marples [Sun, 5 Dec 2021 11:04:16 +0000 (11:04 +0000)]
Fix compile issue with prior

9 months agodhcpcd.8: remove reference to 02-dump hook script
Roy Marples [Sat, 13 Nov 2021 14:10:31 +0000 (14:10 +0000)]
dhcpcd.8: remove reference to 02-dump hook script

This hook script was removed a while ago.
Fixes #72.

9 months agoAdd epair(4) to the ignored interface types list (#73)
Ben Woods [Sat, 13 Nov 2021 13:53:58 +0000 (21:53 +0800)]
Add epair(4) to the ignored interface types list (#73)

The FreeBSD epair(4) interface type can be thought of as a virtual patch cable.
The epair interfaces come in pairs, with network traffic being passed between the 2 pairs.
The basic intent is to provide connectivity between two virtual network stack instances.
This interface type does not typically require an IP address, as it is passing traffic
between other virtual networks/interfaces which obtain their own IP address.
Therefore, add this interface type to the list that will be ignored by dhcpcd.

9 months agoprivsep: Only set RLIMIT_NOFILES for supported platforms
Roy Marples [Sat, 13 Nov 2021 14:08:54 +0000 (14:08 +0000)]
privsep: Only set RLIMIT_NOFILES for supported platforms

Basically only for NetBSD, DragonFlyBSD, kqueue or epoll platforms.
All others will use poll(2) and return EINVAL if nfds > RLIMIT_NOFILES.

Trying to work out our nfs limit relies on already listening to
all FD's which may not be the case and was problematic.
Luckily all platforms aside from Solaris have new file creation
sandboxed away aside from accept(2) so this should still be safe.

9 months agoRevert "eloop: Allow eloop to process all fds returned from poll(2)"
Roy Marples [Fri, 12 Nov 2021 16:24:32 +0000 (16:24 +0000)]
Revert "eloop: Allow eloop to process all fds returned from poll(2)"

This stops dumping leases when privsep is compiled out.
This change works fine on master, but we also have eloop using
more of a native poll(2) style interface.
Easier for now to just revert this on the dhcpcd-9 branch.

This reverts commit fe2b82eec25da908c3a1a71c2dc2402d9ff70e31.

9 months agocontrol: Don't log eloop errors when freeing
Roy Marples [Fri, 12 Nov 2021 14:41:24 +0000 (14:41 +0000)]
control: Don't log eloop errors when freeing

We might not be actively listening to or awaiting writes from the fd.

9 months agoRelease dhcpcd-9.4.1 dhcpcd-9.4.1
Roy Marples [Fri, 22 Oct 2021 11:56:19 +0000 (12:56 +0100)]
Release dhcpcd-9.4.1

9 months agoprivsep: and again on OpenBSD
Roy Marples [Wed, 20 Oct 2021 10:21:38 +0000 (11:21 +0100)]
privsep: and again on OpenBSD

9 months agoprivsep: Fix compile on Dragonfly BSD
Roy Marples [Wed, 20 Oct 2021 09:23:19 +0000 (10:23 +0100)]
privsep: Fix compile on Dragonfly BSD

10 months agoREADME.md: Remove non existant man page links.
Roy Marples [Mon, 18 Oct 2021 14:25:35 +0000 (15:25 +0100)]
README.md: Remove non existant man page links.

They have not been online for sometime and are unlikely to return.
While here, correct the commit log location.

Fixes #39

10 months agoDHCP: Set INFORM state only when we are about to inform
Roy Marples [Thu, 14 Oct 2021 05:31:11 +0000 (06:31 +0100)]
DHCP: Set INFORM state only when we are about to inform

As we may not find an address right away.
While here, tidy up and comment code about deriving the address
when none is specified for inform and static setups.

10 months agoDHCP: Fix infinite INFORM messages
Kaelan Mikowicz [Thu, 14 Oct 2021 05:14:45 +0000 (22:14 -0700)]
DHCP: Fix infinite INFORM messages

When an address is configured on the interface, do not send an
INFORM message if the interface is already bound.

Fixes #48

10 months agoprivsep: Fix getting interface VLANID on BSD (#58)
Philip Paeps [Tue, 12 Oct 2021 08:07:28 +0000 (16:07 +0800)]
privsep: Fix getting interface VLANID on BSD (#58)

Include relevant headers for the definition of SIOCGETVLAN.  This fixes
DHCPv6 Prefix Delegation where a prefix is delegated to several VLAN
interfaces on the same physical interface.

10 months agoDHCP6: Don't spam the log when a RA repeatedly triggers an INFORM
Roy Marples [Fri, 1 Oct 2021 15:25:53 +0000 (16:25 +0100)]
DHCP6: Don't spam the log when a RA repeatedly triggers an INFORM

This can occur if the RA reduces the prefix times in accordance
with it's own lifetimes for example.
dhcpcd only checks if the RA contents have changed to trigger a
new INFORM.

As such, only log about new INFORMs.

Fixes #46.

11 months agoprivsep: Enforce proper alignment of serialized struct cmsghdr
Marian Cingel [Tue, 31 Aug 2021 12:33:20 +0000 (13:33 +0100)]
privsep: Enforce proper alignment of serialized struct cmsghdr

Fixes #43.

11 months agoDHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages.
Roy Marples [Tue, 31 Aug 2021 09:57:44 +0000 (10:57 +0100)]
DHCP6: Only send FQDN for SOLICIT, REQUEST, RENEW, or REBIND messages.

As per RFC 4704 section 5.
Fixes #44.

11 months agoFix rt_cmp_dest() for equivalent network prefixes with different netmasks. (#52)
Stefan Sperling [Tue, 31 Aug 2021 09:31:15 +0000 (11:31 +0200)]
Fix rt_cmp_dest() for equivalent network prefixes with different netmasks. (#52)

When rt_add() decides that it must delete+add a route in order to change
the routing table entry, a wrong RB tree lookup result can throw it off
the rails. In the case observed, a static /64 prefix was deleted from
vlan1 while dhcpcd intended to delete its reject route bound to lo0.

Given two routes in the table, the loopback reject route installed by
dhcpd for my /48 prefix, and a cloning route for a /64 prefix on vlan1:

2001:db8::/48 ::1         UGR        0        0 32768    56 lo0
2001:db8::/64 2001:db8::1 UCn        1        2     -     4 vlan1

When searching the OS routing table dhcpcd attempts to tell routes apart
based only on the masked destination address. In the above case the masked
destinations look identical. The only difference is the length of the netmask.
The function rt_cmp_dest() didn't detect this and returned the /64 route
while dhcpcd was in fact searching for the /48 route.

This patch fixes the lookup by running rt_cmp_netmask() if the masked
destination comparison via sa_cmp() leaves us with a tie. With this change
dhcpcd deletes the /48 route as intended, and leaves the /64 route alone.

I had to move the rt_cmp_dest() function down since it needs to use the
static helper function rt_cmp_netmask(), which happened to be defined
just below rt_cmp_dest().

Why am I using an overlapping static prefix? The answer is that my ISP
assigns a static /48 prefix but won't route IPv6 unless my router sends
a DHCPv6 request when it connects via PPPoE. I configure static IPv6 subnets
on LAN interfaces and have configured dhcpcd to obtain a /48 prefix lease
without setting addresses on any internal interfaces.
My dhcpcd.conf contains:
  ipv6only
  noipv6rs
  duid
  persistent
  option rapid_commit
  require dhcp_server_identifier
  script ""
  allowinterfaces pppoe0
  interface pppoe0
    ia_pd 1 /2001:db8::/48

This problem was found on OpenBSD, in case that matters for reproduction
of the issue.

11 months agoUpdate man pages for default metric changes (#51)
Peter Fabinski [Tue, 31 Aug 2021 09:29:25 +0000 (05:29 -0400)]
Update man pages for default metric changes (#51)

* Update man pages for metric changes in 3547ed19

* Make metric man changes additive

11 months agoFix parsing of hex/octal escapes in strings (#42)
Craig McQueen [Fri, 20 Aug 2021 07:57:18 +0000 (17:57 +1000)]
Fix parsing of hex/octal escapes in strings (#42)

12 months agoconfigure: test -a|o is not POSIX
Issam E. Maghni [Tue, 4 May 2021 16:33:02 +0000 (12:33 -0400)]
configure: test -a|o is not POSIX

13 months agoIPv4LL: Don't remove statically assigned addresses
Roy Marples [Mon, 19 Jul 2021 20:22:44 +0000 (21:22 +0100)]
IPv4LL: Don't remove statically assigned addresses

Fixes #37.

While here, don't open a DHCP port for static addresses either
when not in manager mode.

13 months agoBSD: Find the correct interface for tunneled routes
Roy Marples [Tue, 9 Feb 2021 10:11:54 +0000 (10:11 +0000)]
BSD: Find the correct interface for tunneled routes

Should disard a harmless diagnostic.

13 months agosrc/privsep-linux.c: add support for m68k (#29)
Fabrice Fontaine [Mon, 8 Mar 2021 10:05:16 +0000 (11:05 +0100)]
src/privsep-linux.c: add support for m68k (#29)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoREADME.md: remove dead reference to phabricator
Roy Marples [Mon, 8 Mar 2021 09:43:50 +0000 (09:43 +0000)]
README.md: remove dead reference to phabricator

13 months agosrc/privsep-linux.c: add support for arc (#28)
Fabrice Fontaine [Mon, 8 Feb 2021 06:23:54 +0000 (07:23 +0100)]
src/privsep-linux.c: add support for arc (#28)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_{ARCOMPACT,ARCV2} is only defined
since kernel 5.2 and
https://github.com/torvalds/linux/commit/67f2a8a29311841ba6ab9b0e2d1b8f1e9978cd84

Detection of arc compact and arc v2 have been "copy/pasted" from
https://github.com/wbx-github/uclibc-ng/commit/afab56958f1cbb47b831ee3ebff231dfbae74af2

Fixes:
 - http://autobuild.buildroot.org/results/d29083700a80dd647621eed06faeeae03f0587d3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agosrc/privsep-linux.c: add support for or1k (#27)
Fabrice Fontaine [Sun, 7 Feb 2021 08:43:14 +0000 (09:43 +0100)]
src/privsep-linux.c: add support for or1k (#27)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_OPENRISC is defined since kernel 3.7:
https://github.com/torvalds/linux/commit/e2bebb4ae6d9ac4ffc524db67f7ecb205a173f77

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months ago src/privsep-linux.c: add support for nios2 (#23)
Fabrice Fontaine [Sun, 31 Jan 2021 10:12:21 +0000 (11:12 +0100)]
 src/privsep-linux.c: add support for nios2 (#23)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_NIOS2 is only defined since kernel
5.2 and
https://github.com/torvalds/linux/commit/1660aac45e5b49a5ace29fb5b73254617533fcbd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoForce TOP as we know which directory we are in.
Roy Marples [Fri, 5 Feb 2021 22:41:16 +0000 (22:41 +0000)]
Force TOP as we know which directory we are in.

13 months agosrc/privsep-linux: fix build on sparc (#26)
Fabrice Fontaine [Fri, 5 Feb 2021 08:25:12 +0000 (09:25 +0100)]
src/privsep-linux: fix build on sparc (#26)

Fix the following build failure:

privsep-linux.c:203: warning: "AUDIT_ARCH_SPARC64" redefined
  203 | #    define AUDIT_ARCH_SPARC64
      |
In file included from privsep-linux.c:35:
/srv/storage/autobuild/run/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/linux/audit.h:392: note: this is the location of the previous definition
  392 | #define AUDIT_ARCH_SPARC64 (EM_SPARCV9|__AUDIT_ARCH_64BIT)
      |
In file included from privsep-linux.c:36:
privsep-linux.c:215:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  215 |  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
      |                                      ^~~~~~~~~~~~~~~~~~

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agosrc/privsep-linux.c: add support for sh (#25)
Fabrice Fontaine [Fri, 5 Feb 2021 08:05:54 +0000 (09:05 +0100)]
src/privsep-linux.c: add support for sh (#25)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_{SH,SHEL,SH64,SHEL64} are defined at
least since kernel 3.7 and
https://github.com/torvalds/linux/commit/607ca46e97a1b6594b29647d98a32d545c24bdff

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoRename Privileged Actioneer to Privileged Proxy
Roy Marples [Tue, 2 Feb 2021 17:09:25 +0000 (17:09 +0000)]
Rename Privileged Actioneer to Privileged Proxy

Sadly actioneer is not a real word.

13 months agoRename Master to Manager
Roy Marples [Tue, 2 Feb 2021 16:54:09 +0000 (16:54 +0000)]
Rename Master to Manager

13 months ago src/privsep-linux.c: add support for microblaze (#24)
Fabrice Fontaine [Sun, 31 Jan 2021 20:57:40 +0000 (21:57 +0100)]
 src/privsep-linux.c: add support for microblaze (#24)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_MICROBLAZE is only defined since
kernel 3.18 and
https://github.com/torvalds/linux/commit/ce5d112827e5c2e9864323d0efd7ec2a62c6dce0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoA belated welcome to 2021
Roy Marples [Sun, 31 Jan 2021 10:33:21 +0000 (10:33 +0000)]
A belated welcome to 2021

13 months agoTypo with prior
Roy Marples [Sun, 31 Jan 2021 10:08:11 +0000 (10:08 +0000)]
Typo with prior

13 months agoLinux: Add support for NDS32BE SECCOMP
Roy Marples [Sun, 31 Jan 2021 07:37:03 +0000 (07:37 +0000)]
Linux: Add support for NDS32BE SECCOMP

13 months ago src/privsep-linux.c: add support for xtensa (#22)
Fabrice Fontaine [Sun, 31 Jan 2021 02:35:10 +0000 (03:35 +0100)]
 src/privsep-linux.c: add support for xtensa (#22)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_XTENSA is only defined since kernel
5.0 and
https://github.com/torvalds/linux/commit/98c3115a4ec56f03056efd9295e0fcb4c5c57a85

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoimport-src: Improve target so we don't create empty files
Roy Marples [Sat, 30 Jan 2021 12:21:15 +0000 (12:21 +0000)]
import-src: Improve target so we don't create empty files

13 months agoimport-src: adjust build target so all .in files are pre-built
Roy Marples [Sat, 30 Jan 2021 11:46:06 +0000 (11:46 +0000)]
import-src: adjust build target so all .in files are pre-built

While here, if we cannot find ypbind to work out how the hook script
should be configured, guess according to OS.

13 months agosrc/privsep-linux.c: add support for nds32 (#21)
Fabrice Fontaine [Sat, 30 Jan 2021 11:10:08 +0000 (12:10 +0100)]
src/privsep-linux.c: add support for nds32 (#21)

Fix the following build failure:

privsep-linux.c:206:4: error: #error "Platform does not support seccomp filter yet"
 #  error "Platform does not support seccomp filter yet"
    ^~~~~
In file included from privsep-linux.c:36:
privsep-linux.c:213:38: error: 'SECCOMP_AUDIT_ARCH' undeclared here (not in a function); did you mean 'SECCOMP_ALLOW_ARG'?
  BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SECCOMP_AUDIT_ARCH, 1, 0),
                                      ^~~~~~~~~~~~~~~~~~

It should be noted that AUDIT_ARCH_NDS32 is only defined since kernel
5.2 and
https://github.com/torvalds/linux/commit/fa562447e154334523daa44c0b60625d71a345f5

Fixes:
 - http://autobuild.buildroot.org/results/af8ba07ea0c12ab8cd24d528ef98db05521f3d36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
13 months agoBSD: Plug a memory leak
Roy Marples [Thu, 28 Jan 2021 23:24:49 +0000 (23:24 +0000)]
BSD: Plug a memory leak

18 months agoprivsep: move setting signals to after clearing eloop
Roy Marples [Wed, 27 Jan 2021 14:11:52 +0000 (14:11 +0000)]
privsep: move setting signals to after clearing eloop

18 months agoWhitespace
Roy Marples [Wed, 27 Jan 2021 13:45:34 +0000 (13:45 +0000)]
Whitespace

18 months agoprivsep: Ensure BPF listener pid is logged in debug
Roy Marples [Wed, 27 Jan 2021 13:37:31 +0000 (13:37 +0000)]
privsep: Ensure BPF listener pid is logged in debug

This mirrors the inet listener.

18 months agocontrol: log an error if we fail to remove the write callback
Roy Marples [Wed, 27 Jan 2021 13:33:52 +0000 (13:33 +0000)]
control: log an error if we fail to remove the write callback

18 months agoWhitespace
Roy Marples [Wed, 27 Jan 2021 13:31:51 +0000 (13:31 +0000)]
Whitespace

18 months agocontrol: unlink privileged socket when shutting down without privsep
Roy Marples [Tue, 26 Jan 2021 17:37:29 +0000 (17:37 +0000)]
control: unlink privileged socket when shutting down without privsep

Otherwise we have a connection refused when dhcpcd starts again
as it sees the stale socket file.

18 months agoLinux: fix a memory leak when dhcpcd exits or the log is reopened
Roy Marples [Sun, 24 Jan 2021 22:53:20 +0000 (22:53 +0000)]
Linux: fix a memory leak when dhcpcd exits or the log is reopened

18 months agoeloop: Allow eloop to process all fds returned from poll(2)
Roy Marples [Sun, 24 Jan 2021 22:22:25 +0000 (22:22 +0000)]
eloop: Allow eloop to process all fds returned from poll(2)

We do this by ensuring the events list or pollfd struct storage
is not modified during the revent processing.
An event with a fd of -1 means it's been deleted and one without
a pollfd struct reference has been newly added.
This also allows us to count down the number of fd's that
returned a revent so we can break the loop early if possible.

This is a really minor optimisation that at best only applies if
more than one revent is returned via poll(2).
In the case on dhcpcd on NetBSD with privsep, the number of
fd's is really low. And on other platforms or without privsep it's
low also (just not as low).
It's only when you run dhcpcd per interface that the number
of fd's starts to creep upwards as you then need one per address
dhcpcd is monitoring (as well as the ARP listener per IPv4 address
for non NetBSD).

However, I use eloop in other code where this could be a good saving
and dhcpcd is where the master version of this lives!

19 months agoscript: Use rt_proto_add to ensure no duplicate interfaces on OpenBSD
Roy Marples [Mon, 18 Jan 2021 11:31:05 +0000 (11:31 +0000)]
script: Use rt_proto_add to ensure no duplicate interfaces on OpenBSD

OpenBSD allows matching priorities, so we need to take the interfaces
in the order given to ensure uniqueness.

19 months agoRelease dhcpcd-9.4.0 dhcpcd-9.4.0
Roy Marples [Mon, 28 Dec 2020 12:59:20 +0000 (12:59 +0000)]
Release dhcpcd-9.4.0

19 months agoscript: ignore inactive interfaces for ordering
Roy Marples [Mon, 28 Dec 2020 01:59:57 +0000 (01:59 +0000)]
script: ignore inactive interfaces for ordering

19 months agoDHCP: Split hardware address randomisation out of anonymous option
Roy Marples [Mon, 28 Dec 2020 00:02:26 +0000 (00:02 +0000)]
DHCP: Split hardware address randomisation out of anonymous option

A 3rd party might want to control the randomisation.

19 months agoDHCP: For anonymous, just use a generic clientid
Roy Marples [Sun, 27 Dec 2020 23:52:44 +0000 (23:52 +0000)]
DHCP: For anonymous, just use a generic clientid

19 months ago20-resolv.conf: Don't call resolvconf -c if we didn't call -C
Roy Marples [Sun, 27 Dec 2020 22:31:02 +0000 (22:31 +0000)]
20-resolv.conf: Don't call resolvconf -c if we didn't call -C

This solves the warnings on all OS other than Linux who don't have
a supporting resolvconf for deprecating DNS because they never
emit the NOCARRIER_ROAMING reason.

19 months agoCheck for NetBSD in prior, as we did before
Roy Marples [Sun, 27 Dec 2020 22:04:45 +0000 (22:04 +0000)]
Check for NetBSD in prior, as we did before

19 months agodhcpcd: Don't roam when anonymous is set
Roy Marples [Sun, 27 Dec 2020 21:59:32 +0000 (21:59 +0000)]
dhcpcd: Don't roam when anonymous is set

We can now remove the NOCARRIER_PRESERVE_IP define.

19 months agoNetBSD: Map IP Persistance to roaming
Roy Marples [Sun, 27 Dec 2020 20:39:38 +0000 (20:39 +0000)]
NetBSD: Map IP Persistance to roaming

We can use IN_IFF_TENTATIVE for this.

19 months agoAdjust prior to build routes and run script after aborting protocols for roaming
Roy Marples [Sun, 27 Dec 2020 20:39:31 +0000 (20:39 +0000)]
Adjust prior to build routes and run script after aborting protocols for roaming

19 months agohooks: add NOCARRIER_ROAMING reason
Roy Marples [Sun, 27 Dec 2020 19:53:31 +0000 (19:53 +0000)]
hooks: add NOCARRIER_ROAMING reason

This is given when the OS supports the concept of wireless roaming
or the IP setup can be persisted when the carrier drops.

When this happens, routes are moved to a higher metric (if supported)
to support non preferred but non roaming routes.
The `interface_order` hook variable will now order the interfaces
according to priority and move roaming interfaces to the back of the
list.
If resolvconf is present then it is called with the -C option
to deprecate DNS and if carrier comes back it is called again with the
-c option to activate it once more.

As part of this change, default route metrics have been changed to
support a larger number of interfaces.
base metric 1000 (was 200)
wireless offset 2000 (was 100)
IPv4LL offset 1000000 (was 10000)
roaming offset 2000000

19 months agosrc/dhcpcd.c: fix build without fork or signals (#20)
Fabrice Fontaine [Sat, 26 Dec 2020 19:45:08 +0000 (20:45 +0100)]
src/dhcpcd.c: fix build without fork or signals (#20)

Since version 9.3.3 and commit a5348dd02c86fa940cd93f203d0aa974cae0563c,
build without fork or signals fails on:

dhcpcd.c: In function ‘main’:
dhcpcd.c:2261:3: error: label ‘start_master’ used but not defined
   goto start_master;
   ^~~~

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
19 months agoprivsep: log sandbox when not daemonising
Roy Marples [Sat, 26 Dec 2020 15:58:46 +0000 (15:58 +0000)]
privsep: log sandbox when not daemonising

19 months agolinux: ARM64 stock kernel does not emit hardware in cpuinfo
Roy Marples [Sat, 26 Dec 2020 15:57:31 +0000 (15:57 +0000)]
linux: ARM64 stock kernel does not emit hardware in cpuinfo

They have no plans to add it either, so just hardcode AArch64.

20 months agoprivsep: Fix Linux i386 for SECCOMP as it just uses socketcall
Roy Marples [Sat, 12 Dec 2020 22:12:54 +0000 (22:12 +0000)]
privsep: Fix Linux i386 for SECCOMP as it just uses socketcall

Rather than accept(2), recv(2), etc..... which is horrible!

Thanks to Steve Hirsch <stevehirsch49@msn.com> for testing.

20 months agoDHCP6: Fix a LGTM issue
Roy Marples [Sat, 12 Dec 2020 17:41:37 +0000 (17:41 +0000)]
DHCP6: Fix a LGTM issue

20 months agoprivsep: Allow getsockopt for SO_RCVBUF on Linux
Roy Marples [Sat, 12 Dec 2020 17:35:45 +0000 (17:35 +0000)]
privsep: Allow getsockopt for SO_RCVBUF on Linux

For when the link socket overflows

20 months agolink: Report errors obtaining recv buffer size on link overflow
Roy Marples [Sat, 12 Dec 2020 17:34:31 +0000 (17:34 +0000)]
link: Report errors obtaining recv buffer size on link overflow

20 months agolink: Only report hardware address changes for active interfaces
Roy Marples [Sat, 12 Dec 2020 17:33:26 +0000 (17:33 +0000)]
link: Only report hardware address changes for active interfaces

20 months agoLinux: Support wireless IP roaming
Roy Marples [Sat, 12 Dec 2020 13:12:26 +0000 (13:12 +0000)]
Linux: Support wireless IP roaming

This is achieved by checking that the interface is wireless,
IFF_UP and IFF_LOWER_UP are present, but IFF_RUNNING is missing.

This gives exactly the same support as modern NetBSD when carrier
loss is detected, but without the address verifications when the
carrier comes back as that needs to be handled in the kernel.

While IP setup is maintained, other configuration data is discarded.
Note that this should be improved in the future.

Thanks to Boris Krasnovskiy <borkra@gmail.com> for helping with this.

20 months agoprivsep: Don't log a BPF error that network is down
Roy Marples [Wed, 9 Dec 2020 11:15:30 +0000 (11:15 +0000)]
privsep: Don't log a BPF error that network is down

The master process will catch this clean remove the BPF process.

20 months agoLinux: Fix privsep build by including sys/termios.h for all platforms
Mikhail Efremov [Tue, 8 Dec 2020 16:15:28 +0000 (16:15 +0000)]
Linux: Fix privsep build by including sys/termios.h for all platforms

20 months agoRelease dhcpcd-9.3.4 dhcpcd-9.3.4
Roy Marples [Sat, 28 Nov 2020 14:12:59 +0000 (14:12 +0000)]
Release dhcpcd-9.3.4

20 months agoDHCP6: Abort in test mode when an error is returned by server.
Roy Marples [Wed, 25 Nov 2020 15:14:11 +0000 (15:14 +0000)]
DHCP6: Abort in test mode when an error is returned by server.

20 months agoDon't stop control in test
Roy Marples [Wed, 25 Nov 2020 14:55:25 +0000 (14:55 +0000)]
Don't stop control in test

20 months agooptions: Allow duid to take a value
Roy Marples [Wed, 25 Nov 2020 14:19:55 +0000 (14:19 +0000)]
options: Allow duid to take a value

If a value is given, it overrides /var/db/dhcpcd/duid.

20 months agooptions: allow --ia_na=1 and --ia_pd=2 on the command line
Roy Marples [Wed, 25 Nov 2020 14:05:18 +0000 (14:05 +0000)]
options: allow --ia_na=1 and --ia_pd=2 on the command line

This only works for non master mode.

20 months agoDHCP: If error adding the address in oneshot, exit with failure
Roy Marples [Tue, 24 Nov 2020 10:30:08 +0000 (10:30 +0000)]
DHCP: If error adding the address in oneshot, exit with failure

Otherwise we loop.
It's unlikely oneshot would be used with IPv6 due to addresses
having lifetimes.

20 months agoDHCP: Only listen to the address if we successfully added it
Roy Marples [Mon, 23 Nov 2020 13:22:20 +0000 (13:22 +0000)]
DHCP: Only listen to the address if we successfully added it

Fixes an issue on Linux where the headers advertise something
newer than what the kernel actually provides.

20 months agoImprove readability.
Roy Marples [Sat, 21 Nov 2020 12:01:21 +0000 (12:01 +0000)]
Improve readability.

20 months agoDHCP6: Delegated activations work once more
Roy Marples [Sat, 21 Nov 2020 11:59:07 +0000 (11:59 +0000)]
DHCP6: Delegated activations work once more

This was broken with the --noconfigure option in dhcpcd-9.3.3

20 months agoDHCP6: Fix segfault introduced in dhcpcd-9.3.3
Roy Marples [Sat, 21 Nov 2020 08:46:30 +0000 (08:46 +0000)]
DHCP6: Fix segfault introduced in dhcpcd-9.3.3

lo0 won't have a configuration for example.

20 months agodhcpcd.conf(8): add all -> at all
Lars Wendler [Fri, 20 Nov 2020 19:49:46 +0000 (19:49 +0000)]
dhcpcd.conf(8): add all -> at all

20 months agoRelease dhcpcd-9.3.3 dhcpcd-9.3.3
Roy Marples [Fri, 20 Nov 2020 13:06:16 +0000 (13:06 +0000)]
Release dhcpcd-9.3.3

20 months agoprivsep: adjust comment for prior
Matthew Clarkson [Thu, 19 Nov 2020 19:15:12 +0000 (19:15 +0000)]
privsep: adjust comment for prior

Note that this is a requirement for printf over serial terminals.

20 months agoprivsep: Allow ioctl TCGETS
Matthew Clarkson [Thu, 19 Nov 2020 15:37:33 +0000 (15:37 +0000)]
privsep: Allow ioctl TCGETS

printf on some platforms seems to require it.
Without this, script_dump() may fault.

21 months agoprivsep: Allow fcntl64 and fstat64 to fix ARM32 talking to the controller
Matthew Clarkson [Fri, 13 Nov 2020 08:22:42 +0000 (08:22 +0000)]
privsep: Allow fcntl64 and fstat64 to fix ARM32 talking to the controller

We already allow fcntl and fstat so this is not a problem.

21 months agoroute: Correct prior logic
Roy Marples [Fri, 13 Nov 2020 08:21:12 +0000 (08:21 +0000)]
route: Correct prior logic

21 months agodhcpcd: Don't create launcher process if keeping in foreground
Roy Marples [Wed, 11 Nov 2020 17:44:55 +0000 (17:44 +0000)]
dhcpcd: Don't create launcher process if keeping in foreground

There is little point.

21 months agocontrol: create an unpriv socket for non master mode
Roy Marples [Wed, 11 Nov 2020 17:41:16 +0000 (17:41 +0000)]
control: create an unpriv socket for non master mode

This allows `dhcpcd -U4 eth0` to work once more.

21 months agoWhen adding a route, the interface will always have options.
Roy Marples [Wed, 4 Nov 2020 14:25:00 +0000 (14:25 +0000)]
When adding a route, the interface will always have options.

21 months agoAdd --noconfigure option
Roy Marples [Wed, 4 Nov 2020 14:18:48 +0000 (14:18 +0000)]
Add --noconfigure option

With this set dhcpcd will not configure anything on the host.
The expectation is that a 3rd party script will instead.

21 months agofix if_getnetworknamespace matching bug. (#19)
Ted Feng [Tue, 3 Nov 2020 22:31:40 +0000 (11:31 +1300)]
fix if_getnetworknamespace matching bug. (#19)

Co-authored-by: Ted Feng <Ted.Feng@Aviatnet.com>
21 months agoLinux: Fix detecting existing IPv4 addresses
Roy Marples [Tue, 3 Nov 2020 11:37:05 +0000 (11:37 +0000)]
Linux: Fix detecting existing IPv4 addresses

This is important for better NetworkManager support.

21 months agooptions: Don't log unknown option errors when printing the pidfile
Roy Marples [Mon, 2 Nov 2020 17:03:31 +0000 (17:03 +0000)]
options: Don't log unknown option errors when printing the pidfile

21 months agoRelease dhcpcd-9.3.2 dhcpcd-9.3.2
Roy Marples [Sun, 1 Nov 2020 14:07:38 +0000 (14:07 +0000)]
Release dhcpcd-9.3.2

21 months agoFix compile without various defines
Roy Marples [Fri, 30 Oct 2020 22:18:57 +0000 (22:18 +0000)]
Fix compile without various defines