oweals/odhcp6c.git
5 years agodhcpv6: sanitize oro options
Hans Dedecker [Fri, 6 Sep 2019 20:09:29 +0000 (22:09 +0200)]
dhcpv6: sanitize oro options

Remove SOL_MAX_RT and INF_MAX_RT from the non-strict oro option
array as both options will be added anyway by the required oro
option array

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agoodhcp6c: align further with RFC8415
Hans Dedecker [Fri, 11 Jan 2019 14:02:11 +0000 (15:02 +0100)]
odhcp6c: align further with RFC8415

Align acceptable options in the ORO list further with RFC8415; where
appropriate add send option support for the newly added options.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agodhcpv6: avoid parsing unncessary IAs
Hans Dedecker [Fri, 11 Jan 2019 09:25:12 +0000 (10:25 +0100)]
dhcpv6: avoid parsing unncessary IAs

Don't parse IA_NA/IA_PD options if either na_mode or pd_mode is set
to IA_MODE_NONE

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agodhcpv6: set cnt to correct IOV enum
Hans Dedecker [Fri, 11 Jan 2019 09:16:54 +0000 (10:16 +0100)]
dhcpv6: set cnt to correct IOV enum

Make the code less error prone by setting cnt to IOV_HDR_IA_NA when
sending an INFORMATION REQUEST message

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agodhcpv6: get rid of request_prefix
Hans Dedecker [Fri, 11 Jan 2019 08:49:27 +0000 (09:49 +0100)]
dhcpv6: get rid of request_prefix

Get rid of the variable request_prefix as it serves no purpose anymore
and even triggers wrong code in dhcpv6_send by setting cnt to 12 which
is an invalid msg_iovlen index
Where appropriate request_prefix check can be replaced by checking the
pd_mode variable.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
5 years agodhcpv6: sanitize option request list
Hans Dedecker [Wed, 9 Jan 2019 10:38:14 +0000 (11:38 +0100)]
dhcpv6: sanitize option request list

By config statefull options can be specified for the option request
list which will be included in DHCPv6 INFORMATION request messages.
Obviously this is wrong as both RFC3315 and RFC8415 specify no
statefull options must be included in stateless mode.
In RFC8415 Table 4 specifies the options which can be included in
the option request list and which options are required to be requested
in some messages.
This commit extends the option table with flags indicating which options
may be included in the option request list.
On top the client adds by default the options 32/82/83 as they're
required to be sent depending on the message.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: add option to ignore Server Unicast option
Adrian Friedli [Wed, 11 Jul 2018 20:32:41 +0000 (22:32 +0200)]
odhcp6c: add option to ignore Server Unicast option

Add option -U to ignore Server Unicast option and force odhcp6c to use
the multicast address. This allows a workaround for broken setups.

Signed-off-by: Adrian Friedli <adi@koalatux.ch>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: remove len check in option parsing handle
Hans Dedecker [Wed, 20 Jun 2018 12:42:11 +0000 (14:42 +0200)]
odhcp6c: remove len check in option parsing handle

Replace len check by checking src to determine end of option data in the
different option data handlers.
This will make Coverity happy as reported in CID1437049, CID1430905,
CID1430898 and CID1430848

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: add support for user string options
Hans Dedecker [Fri, 8 Jun 2018 14:29:50 +0000 (16:29 +0200)]
odhcp6c: add support for user string options

Support user defined options having a string as option value.
The option value is detected as a string if it starts and ends with
either a double or single quote.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agora: always trigger update in case of RA parameter change
Hans Dedecker [Sun, 29 Apr 2018 20:30:00 +0000 (22:30 +0200)]
ra: always trigger update in case of RA parameter change

Always launch a ra-updated event in case the RA hoplimit/mtu/reachable/
retransmit parameters change

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agodhcpv6: fix strncpy bounds
Hans Dedecker [Sat, 21 Apr 2018 11:40:29 +0000 (13:40 +0200)]
dhcpv6: fix strncpy bounds

Fixes dhcpv6.c:138:2: error: 'strncpy' specified bound 16 equals destination size [-Werror=stringop-truncation]                                                                                                        strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name));

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoscript: fix possible negative delay
Hans Dedecker [Thu, 5 Apr 2018 14:51:19 +0000 (16:51 +0200)]
script: fix possible negative delay

Fix delay becoming negative when killing a running script

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agodhcpv6: always trigger script update in case of IA updates
Hans Dedecker [Thu, 5 Apr 2018 09:55:50 +0000 (11:55 +0200)]
dhcpv6: always trigger script update in case of IA updates

Trigger a script update when IAs have been updated during a reply in reponse
to to either a renew/rebind.
This will make sure new IAs assigned by the DHCPv6 server are published via
a script update.

This covers the following scenario:
    -Prefix A is assigned by DHCPv6 server
    -Prefix A is renewed but the DHCPv6 server does not include prefix A in
    the reply but assigns a new prefix B.
    -Prefix B is published via the update script while renews for prefix A
    will still be sent

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agora: rework route information option handling
Hans Dedecker [Mon, 2 Apr 2018 19:09:16 +0000 (21:09 +0200)]
ra: rework route information option handling

Use struct icmpv6_opt_route_info to parse the route information option;
improve route information option sanity checks.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: improve code readibility
Hans Dedecker [Sat, 31 Mar 2018 16:57:45 +0000 (18:57 +0200)]
odhcp6c: improve code readibility

Improve code readibility by always checking the sep variable for end of
option data in the different option data parsing functions.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agotreewide: improve error handling
Hans Dedecker [Tue, 27 Mar 2018 19:00:08 +0000 (21:00 +0200)]
treewide: improve error handling

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agodhcpv6: initialize ifreq struct
Hans Dedecker [Tue, 27 Mar 2018 19:00:08 +0000 (21:00 +0200)]
dhcpv6: initialize ifreq struct

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agora: handle socket fail creation
Hans Dedecker [Tue, 27 Mar 2018 18:49:40 +0000 (20:49 +0200)]
ra: handle socket fail creation

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: fix file pointer leakage
Hans Dedecker [Tue, 27 Mar 2018 18:45:04 +0000 (20:45 +0200)]
odhcp6c: fix file pointer leakage

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agodhcpv6: rework option passthrough logic
Hans Dedecker [Tue, 16 Jan 2018 12:16:09 +0000 (13:16 +0100)]
dhcpv6: rework option passthrough logic

Options are not added to the passthru state depending on the option code
check. Rework this logic by defining the flag OPT_NO_PASSTHRU which is set
for options in the opts table; when constructing the passthru state the
option is added if the flag is not set.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: rework userclass and vendorclass command handling
Hans Dedecker [Tue, 16 Jan 2018 10:11:04 +0000 (11:11 +0100)]
odhcp6c: rework userclass and vendorclass command handling

Remove the userclass and vendorclass states; add the userclass and
vendorclass options specified via commands to the OPTS state which
contains the user specified options to be sent.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: add -x opt:val support
Hans Dedecker [Thu, 11 Jan 2018 15:31:57 +0000 (16:31 +0100)]
odhcp6c: add -x opt:val support

Add -x opt:val command support which allows to add options in sent packets.
The opt argument can be either specified as a string for well known options,
a decimal or a base-16 encoded value.

For some well-known options val will be parsed according to the data format
specified in the corresponding RFCs.

Supported well-know options are :
    authentication (option 11) : stream of base-16 encoded bytes
    userclass (option 15) : array of strings
    vendorclass (option 16) : stream of base-16 encoded bytes
    dns (option 23) : array of IPv6 addresses
    search (option 24) : Domain name
    sntpservers (option 31) : array of IPv6 addresses
    ntpserver (option 56) : stream of base-16 encoded bytes
    sipserver_d (option 21) : Domain name
    sipserver_a (option 22) : array of IPv6 addresses

The val array elements can be separated by either a white space, comma or tab.

The val for non well-known options is a stream of base-16 encoded bytes.

Config examples :

-x sntpservers:3001:3001::1,3001:3001::2
-x 11:00000000000000000000006674692F
-x 0x3e8:ABCDEF

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agotreewide: update copyrights to 2018
Hans Dedecker [Sat, 13 Jan 2018 20:28:32 +0000 (21:28 +0100)]
treewide: update copyrights to 2018

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: let odhcp6c_add_state return a success/failure indication
Hans Dedecker [Sat, 13 Jan 2018 18:09:53 +0000 (19:09 +0100)]
odhcp6c: let odhcp6c_add_state return a success/failure indication

This will allow callers of odhcp6_add_state parsing a command line option :
generate a syslog error in case of failure
bail out with return an error code

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoRevert "odhcp6c: Replace strerror(errno) with %m"
Hans Dedecker [Wed, 3 Jan 2018 09:47:32 +0000 (10:47 +0100)]
Revert "odhcp6c: Replace strerror(errno) with %m"

The code is ISO C source enforced by the usage of the pedantic compile
option; using %m triggers the compiler warning "error: ISO C does not
support the '%m' gnu_printf format [-Werror=format=]" which breaks
compilation due to Werror being set set.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: Replace strerror(errno) with %m
Rosen Penev [Mon, 25 Dec 2017 23:05:13 +0000 (15:05 -0800)]
odhcp6c: Replace strerror(errno) with %m

Reduction of 48 bytes in compiled size. No functional difference.

-pedantic was removed as %m is a GNU extension.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
7 years agora: align RA update interval with RFC4861 (FS#964)
Hans Dedecker [Thu, 31 Aug 2017 15:03:02 +0000 (17:03 +0200)]
ra: align RA update interval with RFC4861 (FS#964)

RFC4861 paragraph 6.2.1 states the minimum allowed time between sending
unsolicited multicast Router Advertisements is 3 seconds.
Align the odhcp6c implementation to this requirement as before Router
Advertisement updates were accepted each 30 seconds.
This lead to IPv6 connectivity issues when a network sends Router
Advertisements with an interval smaller than 30 seconds as reported
in FS#964.
While at it rework the RA update logic making it clear the -m option
is only related to RA updates.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: rebind capability support in reconfigure message (rfc6644)
Hans Dedecker [Wed, 22 Mar 2017 13:14:26 +0000 (14:14 +0100)]
dhcpv6: rebind capability support in reconfigure message (rfc6644)

Allow rebind message type to appear in reconfigure message option of
a reconfigure message as desccribed in rfc6644

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: respect renew end point when handling reconfigure message
Hans Dedecker [Wed, 22 Mar 2017 12:58:04 +0000 (13:58 +0100)]
dhcpv6: respect renew end point when handling reconfigure message

Set T1 to 0 when receiving reconfigure message with as msg type renew;
this keeps the renew end point fixed meaning rebinding is started at T2
as initially calculated.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: calculate T1, T2 and T3 in a more sane manner
Hans Dedecker [Wed, 22 Mar 2017 12:28:53 +0000 (13:28 +0100)]
dhcpv6: calculate T1, T2 and T3 in a more sane manner

Refresh T1, T2 and T3 only in response to DHCPv6 messages which request
statefull DHCPv6 options.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agomd5: use libubox md5 library as local implementation
Hans Dedecker [Tue, 21 Mar 2017 14:25:52 +0000 (15:25 +0100)]
md5: use libubox md5 library as local implementation

Replace local md5 library by libubox md5 library as the local md5 library
has big endian issues.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: don't return renew msg in case of invalid msg type in reconfigure msg
Hans Dedecker [Sat, 18 Mar 2017 17:00:03 +0000 (18:00 +0100)]
dhcpv6: don't return renew msg in case of invalid msg type in reconfigure msg

Return -1 in case the msg type in the reconfigure message is invalid and
as such don't start sending renew messages.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agotreewide: align coding style
Hans Dedecker [Fri, 17 Mar 2017 22:16:57 +0000 (23:16 +0100)]
treewide: align coding style

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agoCMakeLists: don't enable libubox md5 implementation by default
Hans Dedecker [Thu, 16 Mar 2017 20:17:24 +0000 (21:17 +0100)]
CMakeLists: don't enable libubox md5 implementation by default

Simplify odhcp6c standalone compilation by selecting local md5
implementation by default

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: use PRIu64 print macro
Hans Dedecker [Tue, 21 Feb 2017 21:02:32 +0000 (22:02 +0100)]
dhcpv6: use PRIu64 print macro

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agoodhcp6c: fix possible stack corruption when parsing proc if_inet6
Hans Dedecker [Tue, 7 Feb 2017 21:32:57 +0000 (22:32 +0100)]
odhcp6c: fix possible stack corruption when parsing proc if_inet6

Fix buffer overflow when storing the IPv6 address in addr_buf as
the trailing zero was out of bounds.
Fix possible buffer overflow when storing the interface name in
name as interface name can contain IF_NAMESIZE characters.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: fix white space error
Hans Dedecker [Mon, 30 Jan 2017 11:27:22 +0000 (12:27 +0100)]
dhcpv6: fix white space error

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: trigger restart of DHCPv6 state machine when not receiving statefull options
Hans Dedecker [Mon, 30 Jan 2017 11:21:16 +0000 (12:21 +0100)]
dhcpv6: trigger restart of DHCPv6 state machine when not receiving statefull options

Don't set the renew timeout to 600 seconds in case no statefull options
are received but rather trigger an immediate restart of the DHCPv6
client state machine.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agoupdate README
Hans Dedecker [Fri, 27 Jan 2017 10:35:00 +0000 (11:35 +0100)]
update README

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agodhcpv6: server unicast option support
Hans Dedecker [Fri, 27 Jan 2017 09:39:52 +0000 (10:39 +0100)]
dhcpv6: server unicast option support

Add server unicast option support according rfc3315

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
7 years agoAdd option to ignore default lifetime for RDNSS records
Matthias Schiffer [Wed, 16 Nov 2016 13:47:46 +0000 (14:47 +0100)]
Add option to ignore default lifetime for RDNSS records

While RFC6106 mandates that the RDNSS lifetime is capped to the default
lifetime, this behaviour is often undesirable. In particular, it prevents
accepting RDNSS records from RAs that don't also advertise a default route
(set the default lifetime to 0).

Therefore, make it possible to opt out of this behaviour and respect the
RDNSS lifetime independently of the default lifetime using the new command
line switch -L.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
8 years agoMerge pull request #50 from sartura/libubox_md5_reuse
Luka Perkov [Sun, 6 Nov 2016 22:54:44 +0000 (23:54 +0100)]
Merge pull request #50 from sartura/libubox_md5_reuse

odhcp6c: reuse md5 from libubox

8 years agoodhcp6c: reuse md5 from libubox
Hrvoje Varga [Tue, 25 Oct 2016 14:08:25 +0000 (14:08 +0000)]
odhcp6c: reuse md5 from libubox

Added config support to use the MD5 implementation from libubox instead
of the in-house implementation. By default if not specified, libubox
will be linked and its MD5 will be used instead of the in-house
implementation.

Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
8 years agoMerge pull request #45 from themiron/master
Steven Barth [Mon, 8 Feb 2016 07:02:31 +0000 (08:02 +0100)]
Merge pull request #45 from themiron/master

Alignment cleanups

8 years agoSync style with the existing _packed & _unused macros
Vladislav Grishenko [Sun, 31 Jan 2016 16:03:55 +0000 (21:03 +0500)]
Sync style with the existing _packed & _unused macros

8 years agoUse more conventional way for the alignment
Vladislav Grishenko [Sun, 31 Jan 2016 16:03:00 +0000 (21:03 +0500)]
Use more conventional way for the alignment

8 years agoMerge pull request #44 from bwhacks/alignment-fixes
Steven Barth [Sun, 31 Jan 2016 15:18:16 +0000 (16:18 +0100)]
Merge pull request #44 from bwhacks/alignment-fixes

Alignment fixes

8 years agoMerge pull request #43 from bwhacks/security-fixes
Steven Barth [Fri, 29 Jan 2016 06:10:51 +0000 (07:10 +0100)]
Merge pull request #43 from bwhacks/security-fixes

Security/regression fixes

8 years agoFix end pointer passed from dhcpv6_handle_reply() to dhcpv6_parse_ia()
Ben Hutchings [Thu, 28 Jan 2016 22:45:39 +0000 (22:45 +0000)]
Fix end pointer passed from dhcpv6_handle_reply() to dhcpv6_parse_ia()

The end of the IA option is odata + olen; there's no need to add anything.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix regression in entry_to_env()
Ben Hutchings [Thu, 28 Jan 2016 22:45:14 +0000 (22:45 +0000)]
Fix regression in entry_to_env()

I broke entry_to_env() by incrementing the wrong variable in commit
a6bbd1d7f5c2 ("Fix potential buffer overflow in entry_to_env").

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoMerge pull request #42 from bwhacks/logic-fixes
Steven Barth [Thu, 28 Jan 2016 19:06:46 +0000 (20:06 +0100)]
Merge pull request #42 from bwhacks/logic-fixes

Logic fixes

8 years agoMerge pull request #41 from bwhacks/security-fixes
Steven Barth [Thu, 28 Jan 2016 15:59:12 +0000 (16:59 +0100)]
Merge pull request #41 from bwhacks/security-fixes

Security fixes

8 years agoFix alignment of hash buffer in dhcpv6_response_is_valid
Ben Hutchings [Thu, 28 Jan 2016 02:18:51 +0000 (02:18 +0000)]
Fix alignment of hash buffer in dhcpv6_response_is_valid

md5_final() writes to the hash buffer in 32-bit chunks, so it needs
to be 32-bit aligned.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix unaligned 32-bit reads from DHCP packets
Ben Hutchings [Thu, 28 Jan 2016 01:59:14 +0000 (01:59 +0000)]
Fix unaligned 32-bit reads from DHCP packets

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix alignment of buffers in ra_process and dhcpv6_request
Ben Hutchings [Fri, 22 Jan 2016 20:57:34 +0000 (20:57 +0000)]
Fix alignment of buffers in ra_process and dhcpv6_request

The packet buffer needs to be 32-bit aligned to ensure that the various
32-bit fields we pick out are naturally aligned.

The control message buffers needs to be naturally aligned for struct
cmsghdr.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoAdd padding between odhcp6c_entry structures to ensure 32-bit alignment
Ben Hutchings [Thu, 28 Jan 2016 04:33:48 +0000 (04:33 +0000)]
Add padding between odhcp6c_entry structures to ensure 32-bit alignment

struct odhcp6c_entry is not declared as __packed, so the compiler may
assume it is naturally aligned.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix iteration after expiring a list entry
Ben Hutchings [Fri, 22 Jan 2016 19:34:41 +0000 (19:34 +0000)]
Fix iteration after expiring a list entry

After removing an entry, the next entry will be at the same offset as
the entry we just removed.  Also the total length will have changed.

Update the length when we remove an entry, and advance the offset only
when we don't.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix script environment variable setting for empty lists
Ben Hutchings [Fri, 22 Jan 2016 20:13:35 +0000 (20:13 +0000)]
Fix script environment variable setting for empty lists

When setting an environment variable as a space-separated list, and
the list is empty, we must not delete the '=' before the value.

In practice putenv() is likely to discard the invalid string, leaving
the variable unset, but this is not guaranteed.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoAdd missing option length checks in dhcpv6_handle_advert
Ben Hutchings [Thu, 28 Jan 2016 02:09:47 +0000 (02:09 +0000)]
Add missing option length checks in dhcpv6_handle_advert

These might be redundant with checks elsewhere but it's better to be
safe.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix potential log forgery via status string
Ben Hutchings [Thu, 28 Jan 2016 01:44:10 +0000 (01:44 +0000)]
Fix potential log forgery via status string

We should not include any control characters from the server status
message when logging it; in particular if we include '\n' this could
result in additional arbitrary log lines.  In dhcpv6_log_status_code,
replace all control characters with '?'.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoCheck for unsupported PD exclusion configuration in dhcpv6_parse_ia
Ben Hutchings [Thu, 28 Jan 2016 01:28:32 +0000 (01:28 +0000)]
Check for unsupported PD exclusion configuration in dhcpv6_parse_ia

We currently only support PD exclusions that only affect bits 64-95 of
the address, so we require:

    32 <= PD prefix length < exclusion prefix length <= 64

The first inequality was not validated, and this could result in a
buffer overflow when generating the next request message.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix memory leak in dhcpv6_add_server_cand in case odhcp6c_insert_state fails
Ben Hutchings [Thu, 28 Jan 2016 01:16:31 +0000 (01:16 +0000)]
Fix memory leak in dhcpv6_add_server_cand in case odhcp6c_insert_state fails

If we fail to store information from the new server, the associated
NA and PD options will never be freed.  An attacker could use this
for denial-of-service.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoChange odhcp6c_insert_state to return a success/failure indicator
Ben Hutchings [Thu, 28 Jan 2016 01:14:04 +0000 (01:14 +0000)]
Change odhcp6c_insert_state to return a success/failure indicator

Some callers will need to free resources on failure.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix possible stack buffer overflow in s46_to_env when copying IPv6 prefixes
Ben Hutchings [Thu, 28 Jan 2016 00:49:22 +0000 (00:49 +0000)]
Fix possible stack buffer overflow in s46_to_env when copying IPv6 prefixes

An 8-bit prefix-length field can be as large as 255, but values larger
than 128 will result in a buffer overflow when copying to in6.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix off-by-one in buffer length in int_to_env
Ben Hutchings [Fri, 22 Jan 2016 19:07:52 +0000 (19:07 +0000)]
Fix off-by-one in buffer length in int_to_env

We need to allow for '=', negative sign, 10 digits and the null
terminator, adding up to 13 bytes not 12.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoFix potential buffer overflow in entry_to_env
Ben Hutchings [Fri, 22 Jan 2016 18:02:04 +0000 (18:02 +0000)]
Fix potential buffer overflow in entry_to_env

It appears that an entry of type ENTRY_PREFIX with iaid != 1 and an
exclusion can expand to a string of length up to 154 bytes, whereas we
allocate only 144 bytes per entry.

Also, in case of truncation, snprintf() returns the length of the
un-truncated output so we must not use this to increment buf_len.

Finally some of the lengths given to snprintf() are unnecessarily
generous.  Reduce them so we don't have to increase the allocated
length per entry further.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoAvoid copying buffer after dn_expand() fails
Ben Hutchings [Fri, 22 Jan 2016 20:15:31 +0000 (20:15 +0000)]
Avoid copying buffer after dn_expand() fails

If dn_expand() returns an error we could copy from an uninitialised
output buffer or append the previous domain name again.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
8 years agoMerge pull request #40 from dedeckeh/bugfixes
Steven Barth [Tue, 26 Jan 2016 19:29:01 +0000 (20:29 +0100)]
Merge pull request #40 from dedeckeh/bugfixes

script: Launch script with correct action if last script call is terminated

8 years agoscript: Launch script with correct action if last script call is terminated
Hans Dedecker [Tue, 26 Jan 2016 08:20:33 +0000 (09:20 +0100)]
script: Launch script with correct action if last script call is terminated

Actions launched as resume will be used in a next script_call
if the new action is not marked as resume even when the previous
script run was already terminated.
This behavior is particular visible when a RA is received as
the script will run with action bound and not ra-updated
resulting into a wan6 interface down/up transition

9 years agoodhcp6c: sync and accumulate RA & DHCPv6 events correctly
Steven Barth [Mon, 27 Jul 2015 13:39:11 +0000 (15:39 +0200)]
odhcp6c: sync and accumulate RA & DHCPv6 events correctly

9 years agoMerge pull request #37 from themiron/master
Steven Barth [Mon, 13 Jul 2015 14:15:52 +0000 (16:15 +0200)]
Merge pull request #37 from themiron/master

Avoid solicit for zero-length prefix

9 years agoMerge branch 'upstream'
Vladislav Grishenko [Mon, 13 Jul 2015 13:12:41 +0000 (18:12 +0500)]
Merge branch 'upstream'

9 years agodhcpv6: remove dead code
Steven Barth [Mon, 13 Jul 2015 10:38:42 +0000 (12:38 +0200)]
dhcpv6: remove dead code

9 years agoAvoid solicit for zero-length prefix
Vladislav Grishenko [Sun, 12 Jul 2015 12:02:30 +0000 (17:02 +0500)]
Avoid solicit for zero-length prefix

9 years agodhcpv6: clear CUSTOM_OPTS in a more sane manner
Steven Barth [Tue, 9 Jun 2015 12:04:59 +0000 (14:04 +0200)]
dhcpv6: clear CUSTOM_OPTS in a more sane manner

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoFix LW4over6 parameter handling
Steven Barth [Sat, 16 May 2015 07:28:01 +0000 (09:28 +0200)]
Fix LW4over6 parameter handling

9 years agoMerge pull request #33 from themiron/master
Steven Barth [Sat, 25 Apr 2015 16:49:59 +0000 (18:49 +0200)]
Merge pull request #33 from themiron/master

Avoid of waiting for Advertise in stateless-only mode

9 years agoAvoid of waiting for Advertise in stateless-only mode
Vladislav Grishenko [Sat, 25 Apr 2015 15:52:57 +0000 (20:52 +0500)]
Avoid of waiting for Advertise in stateless-only mode

Start with Information-request when configured not to ask
IA_NA/IA_PD. It allows to complete the exchange using only
two messages, instead of four, and fixes infinite Advertise
waiting loop with servers that just ignore Solicit messages.

9 years agoFixup INF_MAX_RT for RFC 3315 as well
Steven Barth [Mon, 20 Apr 2015 09:59:56 +0000 (11:59 +0200)]
Fixup INF_MAX_RT for RFC 3315 as well

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoFix SOL_MAX_RT default value to match RFC 3315
Steven Barth [Mon, 20 Apr 2015 09:16:21 +0000 (11:16 +0200)]
Fix SOL_MAX_RT default value to match RFC 3315

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoexample: actually chmod new resolv.conf after overwriting
Steven Barth [Wed, 15 Apr 2015 13:02:55 +0000 (15:02 +0200)]
example: actually chmod new resolv.conf after overwriting

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agora: avoid saving an empty search domain entry
Steven Barth [Wed, 15 Apr 2015 12:55:57 +0000 (14:55 +0200)]
ra: avoid saving an empty search domain entry

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoscan-code fixes
Steven Barth [Tue, 14 Apr 2015 06:24:44 +0000 (08:24 +0200)]
scan-code fixes

9 years agoImprove handling of DNS search domains
Steven Barth [Mon, 13 Apr 2015 12:48:52 +0000 (14:48 +0200)]
Improve handling of DNS search domains

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoFix odhcp6c_find_entry
Steven Barth [Sun, 12 Apr 2015 12:02:59 +0000 (14:02 +0200)]
Fix odhcp6c_find_entry

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoRemove obsolete prefix class support
Steven Barth [Sun, 12 Apr 2015 07:15:22 +0000 (09:15 +0200)]
Remove obsolete prefix class support

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoSanitize RA values less
Steven Barth [Fri, 10 Apr 2015 11:31:56 +0000 (13:31 +0200)]
Sanitize RA values less

9 years agoPass ICMP configuration to user-space instead of directly applying it
Steven Barth [Fri, 10 Apr 2015 11:19:44 +0000 (13:19 +0200)]
Pass ICMP configuration to user-space instead of directly applying it

9 years agoUpdate README
Steven Barth [Thu, 9 Apr 2015 08:16:02 +0000 (10:16 +0200)]
Update README

9 years agoscript: don't resolve AFTR since DNS won't be applied yet anyway
Steven Barth [Thu, 9 Apr 2015 07:51:39 +0000 (09:51 +0200)]
script: don't resolve AFTR since DNS won't be applied yet anyway

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoproperly handle return codes
John Crispin [Sat, 28 Mar 2015 16:58:44 +0000 (17:58 +0100)]
properly handle return codes

Signed-off-by: John Crispin <blogic@openwrt.org>
9 years agora: use proper struct msghdr initializer to fix build error on musl
Felix Fietkau [Sun, 29 Mar 2015 02:35:17 +0000 (04:35 +0200)]
ra: use proper struct msghdr initializer to fix build error on musl

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
9 years agomake route metric more compatible with linux defaults
Steven Barth [Wed, 25 Mar 2015 18:23:59 +0000 (19:23 +0100)]
make route metric more compatible with linux defaults

9 years agoGet rid of getifaddrs for interface ID detection
Steven Barth [Wed, 11 Mar 2015 09:06:54 +0000 (10:06 +0100)]
Get rid of getifaddrs for interface ID detection

Signed-off-by: Steven Barth <steven@midlink.org>
9 years agoMerge pull request #30 from themiron/master
Steven Barth [Tue, 17 Feb 2015 17:43:35 +0000 (18:43 +0100)]
Merge pull request #30 from themiron/master

Fix handling of DHCPv6 replies containing unrequested IA_NA/IA_PD options

9 years agoFix handling of DHCPv6 replies containing unrequested IA_NA/IA_PD options
Vladislav Grishenko [Tue, 17 Feb 2015 17:28:45 +0000 (22:28 +0500)]
Fix handling of DHCPv6 replies containing unrequested IA_NA/IA_PD options

9 years agoexample: prevent script from running in parallel to avoid races
Steven Barth [Tue, 17 Feb 2015 13:41:04 +0000 (14:41 +0100)]
example: prevent script from running in parallel to avoid races

9 years agoset default information refresh time to 86400 as per RFC 4242
Steven Barth [Tue, 13 Jan 2015 08:36:42 +0000 (09:36 +0100)]
set default information refresh time to 86400 as per RFC 4242

9 years agoREADME: adjust for a bit of feature creep
Steven Barth [Tue, 6 Jan 2015 13:29:47 +0000 (14:29 +0100)]
README: adjust for a bit of feature creep

9 years agoMerge pull request #28 from janakj/master
Steven Barth [Wed, 31 Dec 2014 14:49:47 +0000 (15:49 +0100)]
Merge pull request #28 from janakj/master

Minor help string clarification for client-ID