Commit Graph

159 Commits

Author SHA1 Message Date
Alan Somers
3cde9171d2 Merge ping6 to ping
There is now a single ping binary, which chooses to use ICMP or ICMPv4
based on the -4 and -6 options, and the format of the address.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
Sponsored by:	Google LLC (Google Summer of Code 2019)
MFC after:	Never
Differential Revision:	https://reviews.freebsd.org/D21377
2020-11-26 04:29:30 +00:00
Mark Johnston
78e1f68ee1 ping(8): Improve parameter validation
- Use strtonum(3) to simplify bounds checking of numeric parameters.
- Fix bounds checking when filling out packet data in "sweep" mode.

PR:		239974, 239977, 239978
Reported by:	Neeraj <neerajpal09@gmail.com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25622
2020-11-24 17:12:40 +00:00
Richard Scheffenegger
81a6f4c7ae Make use of IP_VLAN_PCP setsockopt in ping and ping6.
In order to validate the proper marking and use of a different
ethernet priority class, add the new session-specific PCP
feature to the ping/ping6 utilities.

Reviewed by:	mav, bcr
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26627
2020-10-24 21:01:18 +00:00
Mark Johnston
87f9c14ad3 ping(8): Check for integer truncation when handling the value for -s.
PR:		239976
Submitted by:	Neeraj <neerajpal09@gmail.com>
MFC after:	1 week
Event:		July 2020 Bugathon
2020-07-11 17:10:16 +00:00
Alan Somers
2eb6acc277 ping, ping6: Use setitimer(2) instead of obsolete alarm(3)
Submitted by:	Ján Sučan <sucanjan@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D22103
2019-11-26 05:06:25 +00:00
Alan Somers
b17fb99228 ping: Verify whether a datagram timestamp was actually received.
ping(8) uses SO_TIMESTAMP, which attaches a timestamp to each IP datagram at
the time it's received by the kernel.  Except that occasionally it doesn't.
Add a check to see whether such a timestamp was actually set before trying
to read it.  This fixes segfaults that can happen when the kernel doesn't
attach a timestamp.

The bug has always existed, but prior to r351461 it manifested as an
implausible round-trip-time, not a segfault.

Reported by:	pho
MFC after:	3 days
MFC-With:	351461
2019-09-11 18:54:45 +00:00
Alan Somers
301bc9f959 ping: fix a string in an error message
MFC after:	3 days
2019-09-11 18:08:40 +00:00
Alan Somers
67511a4c4c ping: fix unaligned access to ancillary data
Use CMSG_FIRSTHDR rather than assume that an array is correctly aligned.
Fixes warnings on sparc64 and powerpcspe.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFH:		2 weeks
Sponsored by:	Google LLC (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21406
2019-08-24 18:00:18 +00:00
Alan Somers
d9cacf605e ping: Fix alignment errors
This fixes -Wcast-align errors when compiled with WARNS=6.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google LLC (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21327
2019-08-23 22:04:26 +00:00
Alan Somers
299e2c58b7 ping: By default, don't reverse lookup IP addresses
ping's default is now not to attempt reverse DNS lookups.  The -H flag will
enable them.  This change is not quite a reversion of r351330.  That change
made the happy path and error path do reverse lookups consistently; this
change changes the default for both paths.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
Discussed with:	cem
MFC after:	2 weeks
MFC-With:	351330
Sponsored by:	Google LLC (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21364
2019-08-22 18:57:24 +00:00
Alan Somers
99f13ae12c ping: add -H option for enabling reverse DNS lookup
This is the reverse of the -n flag.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
Sponsored by:	Google LLC (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21356
2019-08-21 21:05:15 +00:00
Alan Somers
229e8bf2bb ping: do reverse DNS lookup of the target address
When printing replies, ping will now attempt a reverse DNS lookup of the
target.  That can be suppressed by using the "-n" option.  Curiously, ping
has always done reverse lookups in certain error paths, but never in the
success path.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google LLC (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21351
2019-08-21 14:52:12 +00:00
Alan Somers
a3ce769851 Fix uninitialized variable warnings when MK_CASPER=no
Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21322
2019-08-19 17:54:40 +00:00
Alan Somers
7898770a26 ping: fix -Wformat-truncating warning with GCC
Increase buffer size for the string representation of n_time

ICMP timestamp is a 32-bit number. In pr_ntime(), number of minutes
and seconds is always 2 characters wide. Max. number of hours is 4
characters wide. The buffer size should be at least:

4 + 2 + 2 + 1 (':') + 1 (':') + 1 ('\0') = 11

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21325
2019-08-19 17:28:12 +00:00
Alan Somers
ff77ab831a ping: Move in_cksum() to a separate source file
This is a preparation step for adding ATF tests of in_cksum(), which has been
modified to operate on unaligned data. ping.o cannot be linked to the test
executable because both of them contain 'main' symbol.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21288
2019-08-17 15:25:01 +00:00
Alan Somers
d63a94876b ping: Make in_cksum() operate on u_char buffer
This fixes -Wcast-align errors for in_cksum() calls when compiled with
WARNS=6.

Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21261
2019-08-14 16:55:06 +00:00
Alan Somers
84633ef14a ping: fix triptime calculation after r350998
That revision changed the internal clock to the monotonic, but neglected to
change the datagram's timestamp source.

Reported by:	Oliver Hartmann, Michael Butler
Reviewed by:	Ján Sučan <sucanjan@gmail.com>, allanjude
MFC after:	2 weeks
MFC-With:	r350998
Differential Revision:	https://reviews.freebsd.org/D21258
2019-08-14 16:45:09 +00:00
Alan Somers
1ad76f1b60 ping: use the monotonic clock to measure durations
Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21245
2019-08-13 19:27:23 +00:00
Alan Somers
2c29d74c4f ping: fix data type of a variable for a packet sequence number
Submitted by:	Ján Sučan <sucanjan@gmail.com>
MFC after:	2 weeks
Sponsored by:	Google, inc. (Google Summer of Code 2019)
Differential Revision:	https://reviews.freebsd.org/D21244
2019-08-13 16:25:23 +00:00
Mark Johnston
18fcfaa4ca Use caph_enter_casper() in ping(8).
Reported by:	oshogbo
MFC with:	r341837
Sponsored by:	The FreeBSD Foundation
2018-12-18 16:47:03 +00:00
Mark Johnston
7bdc329113 Use Capsicum helpers in ping(8).
Also use caph_cache_catpages() to ensure that strerror() works when
run with kern.trap_enotcap=1.

Reviewed by:	oshogbo
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18514
2018-12-12 02:33:01 +00:00
Eugene Grosbein
2d0a6ce24c ping(8): add space after "<=" as per style(9).
MFC after:	1 week
X-MFC-with:	r341768
2018-12-10 14:39:21 +00:00
Eugene Grosbein
65c3a67d23 ping(8): remove needless comparision with LONG_MAX
after unsigned long ultmp changed to long ltmp in r340245.

MFC after:	1 week
2018-12-09 21:11:15 +00:00
Mariusz Zaborski
752d135e0d libcasper: ange the name of limits in cap_dns so the intentions are obvious.
Reported by:	pjd
MFC after:	3 weeks
2018-11-12 15:52:45 +00:00
Eugene Grosbein
c0a3773ad2 ping(8): improve diagnostics in case of wrong arguments.
For example, in case of super-user:
$ sudo ping -s -64 127.0.0.1
PING 127.0.0.1 (127.0.0.1): -64 data bytes
ping: sendto: Invalid argument

For unprivileged user:
$ ping -s -64 127.0.0.1
ping: packet size too large: 18446744073709551552 > 56: Operation not permitted

Fix this by switching from strtoul() to strtol() for integer arguments
and adding explicit checks for negative values.

MFC after:	1 month
2018-11-08 09:45:13 +00:00
Mariusz Zaborski
d68e2c047b ping: simplify use of Casper
There is no need to check if capdns is NULL.
If we will build the system without casper all cap_gethostaddr will be
replaced by the standard functions.
2018-11-04 20:26:29 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Mariusz Zaborski
8751b03b19 We return a pointer when we are using cap_init() or cap_service_open()
function, so check if cap_chanel_t is NULL is not enough.
Casper with a normal libc will still fail in capability mote so let's not
enter capability mode without casper support when we need to resolve DNS.

Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D12823
2017-11-12 07:18:10 +00:00
Mariusz Zaborski
0b9d37d25f Simplify ping sandbox.
We don't need to check if casper is present, this is done in the library itself.

Reviewed by:	emaste, cem, ed
Differential Revision:	https://reviews.freebsd.org/D8754
2017-10-28 19:39:22 +00:00
Mariusz Zaborski
2560d18180 We use a few different ifdef's names to check if we are using Casper or not,
let's standardize this. Now we are always use WITH_CASPER name.

Discussed with:	emaste@
MFC after:	1 month
2017-09-21 14:41:41 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Dimitry Andric
a94c074d6a Fix clang 4.0.0 warnings about taking the address of a packed member of
struct ip in ping(8):

sbin/ping/ping.c:1684:53: error: taking address of packed member
'ip_src' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_src.s_addr));
                                                           ^~~~~~~~~~~~~~~~~
sbin/ping/ping.c:1685:53: error: taking address of packed member
'ip_dst' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_dst.s_addr));
                                                           ^~~~~~~~~~~~~~~~~

MFC after:	3 days
2017-01-06 18:41:28 +00:00
Don Lewis
eeb6394364 Check for socket creation success before calling bind().
Reported by:	Coverity
CID:		1194209
2016-05-12 05:43:54 +00:00
Maxim Konovalov
028c7845c0 o Restore some good whitespace killed in the previous commit.
Spotted by:	bjk
2016-03-18 15:44:21 +00:00
Maxim Konovalov
61273736b3 o Kill EoL whitespaces. 2016-03-18 15:07:43 +00:00
Maxim Konovalov
f7fc5c9154 o No need to resolve a mask that we get with ICMP_MASKREPLY,
pass it directly to inet_ntoa(3).
2016-03-18 15:06:50 +00:00
Gleb Smirnoff
bb7dfe5e49 Allow minimum and maximum sweep size be the same.
Submitted by:	maxim
2016-03-11 21:06:17 +00:00
Maxim Konovalov
ed5e3d7a83 o Kill EoL whitespaces. No functional changes. 2016-03-11 16:03:47 +00:00
Mariusz Zaborski
c501d73c7e Convert casperd(8) daemon to the libcasper.
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.

Discussed with:		pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by:	drysdale@google.com, bdrewery
Approved by:		pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4277
2016-02-25 18:23:40 +00:00
Brooks Davis
5743dcb3c2 Remove "capability mode sandbox enabled" messages.
These messages serve little purpose and break some consumers.

PR:		199855
Differential Revision:	https://reviews.freebsd.org/D2440
Reviewed by:	rwatson
Approved by:	pjd
MFC after:	1 week
Sponsored by:	DARPA, AFRL
2015-05-04 21:44:51 +00:00
Andrey V. Elsukov
ffc610b221 After r270929 RAW IP code assumes that all IP fields are in network
byte order. Fix ping(8) to pass an IP header with converted ip_off
and ip_len fields, when IP_HDRINCL socket option used.
2015-01-23 13:26:35 +00:00
Hiroki Sato
7e9489e0f6 WARNS=3 and style fixes. No functionality change. 2014-10-20 00:27:40 +00:00
Robert Watson
b881b8be1d Update most userspace consumers of capability.h to use capsicum.h instead.
auditdistd is not updated as I will make the change upstream and then do a
vendor import sometime in the next week or two.

MFC after:	3 weeks
2014-03-16 11:04:44 +00:00
Pawel Jakub Dawidek
49133c6d52 Protect ping(8) using Capsicum and Casper. This is protection against malicious
network packets that we parse and not against local users trying to gain root
access through ping's set-uid bit - this is handled by dropping privileges very
early in ping.

Submitted by:	Mikhail <mp@lenta.ru>
2014-02-04 21:43:53 +00:00
Eitan Adler
1d1d4a4727 Check the return error of set[ug]id. While this can never fail in the
current version of FreeBSD, this isn't guarenteed by the API.  Custom
security modules, or future implementations of the setuid and setgid
may fail.

PR:		bin/172289
PR:		bin/172290
PR:		bin/172291
Submittud by:	Erik Cederstrand <erik@cederstrand.dk>
Discussed by:	freebsd-security
Approved by:	cperciva
MFC after:	1 week
2012-10-22 03:31:22 +00:00
Xin LI
6959b14df6 Use timeclear() instead of home grown version.
MFC after:	2 weeks
2012-07-02 02:38:27 +00:00
Ed Schouten
fafb8f11c0 Small style fixes:
- ANSIfy prototypes.
- Remove unneeded whitespace.
- Add const keyword to function where it can be used.
2010-06-20 12:52:33 +00:00
George V. Neville-Neil
8409aedfa6 Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes all remaining changes for the time being including
user space updates.

Submitted by:    bz
Approved by:    re
2007-07-01 12:08:08 +00:00
Olivier Houchard
e81f504954 Force the alignment of the chars arrays, as they are casted later to
structs.
gcc 4.2 doesn't do it by default, and that results in unaligned access on
arm.
2007-05-21 14:38:45 +00:00
Dima Dorfman
aa822c3979 Print packet loss figures with one decimal place. ping6 already does
this, and OpenBSD and NetBSD pings do it too. This is primarily useful
for comparing low levels of packet loss.
2006-08-14 07:54:17 +00:00