On FreeBSD socklen_t is unsigned so the check negative len
in inet6_opt_append() is redundant and likely to be optimized
away by the compiler.
On other operating systems this is not necessarily so, and
in the future we may want to sign it so leave the check in
but place it in a secondary position as a subtle indication
that the bogus check is intentional.
Discussed with: rpaulo
CID: 1017783
b64_pton would sometimes erroneously fail to decode a base64 string into
a precisely sized buffer. The overflow check was a little too greedy.
Reported by: Ted Unangst on freebsd-hackers@
Reviewed by: loos, trasz
Obtained from: OpenBSD
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1218
getgroupmembership() from invoking the correct backend in the compat case.
Replace it with a nesting depth counter so it only blocks one level (the
first is the group -> group_compat translation, the second is the actual
backend). This is one of two bugs that break getgrouplist() in the compat
case, the second being that the backend's own getgroupmembership() method
is ignored. Unfortunately, that is not easily fixable without a redesign
of our nss implementation (which is also needed to implement the +@group
syntax in /etc/passwd).
PR: 190055
MFC after: 1 week
have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.
No objections from: net@
NSS configuration state.
As a side effect, this fixes a race condition which can occur if multiple
threads call nsdispatch(3) concurrently before nsswitch.conf has been
parsed. Previously, the thread holding conf_lock could cause other threads
to return from nss_configure() before nsswitch.conf had been parsed, forcing
them to fall back to the default sources for their NSS methods.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D994
MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
socket options. This includes managing the correspoing stat counters.
Add the SCTP_DETAILED_STR_STATS kernel option to control per policy
counters on every stream. The default is off and only an aggregated
counter is available. This is sufficient for the RTCWeb usecase.
MFC after: 1 week
NRSACK extension. The default will still be off, since it
it not an RFC (yet).
Changing the sysctl name will be in a separate commit.
MFC after: 1 week
option for controlling ECN on future associations and get the
status on current associations.
A simialar pattern will be used for controlling SCTP extensions in
upcoming commits.
Ensure that lex errors fail the build instead of being silently ignored
due to the piped call. Also postpone the update of the nslexer.c file
until we are sure we have generated it properly.
These changes fix some very obscure build failures I encountered while
building FreeBSD within a chroot that did not have devfs mounted. The
specific errors looked like:
.../libc.so.7: undefined reference to `_nsyyerror'
.../libc.so.7: undefined reference to `_nsyyin'
.../libc.so.7: undefined reference to `_nsyylex'
.../libc.so.7: undefined reference to `_nsyylineno'
.../libc.so.7: undefined reference to `_nsyytext'
and were caused due to a mangled nslexer.c being linked into libc.
- style(9)
TODO: When AI_ADDRCONFIG is specified, getaddrinfo() can
be quite slow for system with many interfaces. We should
have some kernel sysctls to report IPv4/IPv6 status.
Spotted by: melifaro
MFC after: 1 week
when looking for configured addresses.
This change is based upon the code from the submitter, and made
following changes:
- Exclude addresses assigned on interfaces which are down, like NetBSD
does.
- Exclude addresses assigned on interfaces which are ifdisabled.
PR: 190824
Submitted by: Justin McOmie
MFC after: 1 week
are unaware of RFC 3542 can construct control messages.
The kernel disallows mixing RFC 2292 behaviour with RFC 3542 behaviour.
Only sockets that have specifically been marked as using the RFC 2292
API can use RFC 2292 specific options. This is all good and well, but
libc itself seems inconsistent with this.
The root cause of this inconsistency seems to relate to the definitions
of IPV6_HOPOPTS and IPV6_DSTOPTS. They are defined in RFC 2292 and re-used
in RFC 3542, yet have distinct values in the kernel. It's for this reason
that the kernel also has definitions for IPV6_2292HOPOPTS and
IPV6_2292DSTOPTS. Not so in libc.
For example: some program calls inet6_option_init() (defined by RFC 2292)
with the RFC 2292 defined IPV6_HOPOPTS and IPV6_DSTOPTS. Before RFC 3542,
this was translated to values of 22 and 23 (resp.) The libc implementation
correctly checks that only options IPV6_HOPOPTS and IPV6_DSTOPTS are given
(as per RFC 2292) but since these defines have taken on the values defined
by RFC 3542 (values 49 and 50 resp,) rejects the correct option values
(22 and 23) passed said program and returns -1.
The precisie fix is to have inet6_option_init() and friends only accept the
RFC 2292 defined IPV6_HOPOPTS & IPV6_DSTOPTS, but that breaks other code
(like mld6query(8)), which seem to not be aware of RFC 3542 and how it
hi-jacked the option names. So the best fix is to accept the options from
both.
Obtained from: Juniper Networks, Inc.
MFC after: 1 week
The previous code failed to return an error condition when the whole input
was invalid due to improper handling of the sscanf return value. Actually,
this failure was properly being caught by a test in
tools/regression/lib/libc/net/test-ether.t but was not noticed because
these tests are never run. (On my way to fixing that ;-)
The fix applied here resembles the implementation of ether_line in NetBSD
modulo the setting of an errno value (which is not documented as an
expectation in the manpage anyway).
if not already defined. This allows building libc from outside of
lib/libc using a reach-over makefile.
A typical use-case is to build a standard ILP32 version and a COMPAT32
version in a single iteration by building the COMPAT32 version using a
reach-over makefile.
Obtained from: Juniper Networks, Inc.
* The RFC says (in section 10.1) that only when extbuf is not NULL,
extlen shall be checked, so don't perform this check when NULL is
passed.
* socklen_t is unsigned, so checking extlen for less than zero is
not needed.
Submitted by: swildner@dragonflybsd.org
Reviewed by: Mark Martinec <Mark.Martinec+freebsd@ijs.si>
Reviewed by: hrs
Obtained by: DragonFlyBSD
* Set errno to EAFNOSUPPORT if an address is provided which is neither
AF_INET nor AF_INET6.
* Don't modify the arguments.
* Don't smash the stack when provided with a non-zero port.
* Handle the case correctly where the first address provided is
an IPv6 address.
MFC after: 3 days
This change avoids undesirably passing some internal file descriptors to a
process created (fork+exec) by another thread.
Kernel support for SOCK_CLOEXEC was added in r248534, March 19, 2013.
Per the NetBSD Foundation statement
Third parties are encouraged to change the license on any files which
have a 4-clause license contributed to the NetBSD Foundation to a
2-clause license.
It is almost always a bug if nscd closes the connection unexpectedly but
programs should not be killed with SIGPIPE for it.
Reviewed by: bushman
Tested by: Jan Beich
MFC after: 1 week
The reasoning behind this, is that if we are consistent in our
documentation about the uint*_t stuff, people will be less tempted to
write new code that uses the non-standard types.
I am not going to bump the man page dates, as these changes can be
considered style nits. The meaning of the man pages is unaffected.
MFC after: 1 month
conditional code parts not used by or applicable to FreeBSD.
The new implementation is supposed to be able to cope with changes to
the 'l' versions of the msghdr structs now used as well as to if_data
allowing future changes without breaking things.
This restores carp(4) config support in HEAD after r231504.
Reviewed by: glebius, brooks
MFC After: 3 months
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.
This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
* Decouple the path supervision using a separate HB timer per path.
* Add support for potentially failed state.
* Bring back RTO.min to 1 second.
* Accept packets on IP-addresses already announced via an ASCONF
* While there: do some cleanups.
Approved by: re@
MFC after: 2 months.
* Cleanup usage of iov's.
* Add support for SCTP_TIMEOUTS socketoption.
* Fix a bug in sctp_recvmsg(): return the msg_flags in case of an error.
* Fix a bug in the error handling of sctp_peeloff(): return the -1.
have to return ERANGE and terminate with NS_RETURN.
- When gethostbyname_r(3) and the friends end with an error,
set errno to the value nss backend returns, and return errno
value.
PR: kern/131623
MFC after: 2 weeks
the kernel will return in msfr_nsrcs the number of source filters
in-mode for a given multicast group.
However, the filters themselves were never copied out, as the libc
function clobbers this field with zero, causing the kernel to assume
the provided vector of struct sockaddr_storage has zero length.
This bug would only affect users of SSM multicast, which is shimmed
in 7.x.
Picked up during mtest(8) refactoring.
MFC after: 1 day
Now, getaddrinfo(3) returns two SOCK_STREAMs, IPPROTO_TCP and
IPPROTO_SCTP. It confuses some programs. If getaddrinfo(3) returns
IPPROTO_SCTP when SOCK_STREAM is specified by hints.ai_socktype, at
least Apache doesn't work. So, I made getaddrinfo(3) to return
IPPROTO_SCTP with SOCK_STREAM only when IPPROTO_SCTP is specified
explicitly by hints.ai_protocol.
PR: bin/128167
Submitted by: Bruce Cran <bruce__at__cran.org.uk> (partly)
MFC after: 2 week
