Commit Graph

117 Commits

Author SHA1 Message Date
Mark Johnston
1af332a7d8 rtsold: Fix validation of RDNSS options
The header specifies the size of the option in multiples of eight bytes.
The option consists of an eight-byte header followed by one or more IPv6
addresses, so the option is invalid if the size is not equal to 1+2n for
some n>0.  Check this.

The bug can cause random stack data to be formatted as an IPv6 address
and passed to resolvconf(8), but a host able to trigger the bug may also
specify arbitrary addresses this way.

Reported by:	Q C <cq674350529@gmail.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2021-03-21 14:19:42 -04:00
Hajimu UMEMOTO
006a01374f Simplify using nvlist_append_string_array().
Reported by:	hrs
MFC after:	1 week
2021-03-08 12:03:32 +09:00
Mark Johnston
ecce515d54 rtsold: Fix bugs reported by Coverity
- Avoid leaking a socket if llflags_get() fails.
- Avoid leaking a file handle if rtsold_init_dumpfile() fails.
- Tighten the check in if_nametosdl() which determines whether we failed
  to find the specified interface.
- Fix errno handling in an error path in rtsock_open().

MFC after:	1 week
2020-12-02 16:46:45 +00:00
Mark Johnston
f2fb8af155 rtsold: Fix multiple buffer overflows
Approved by:	so
Security:	CVE-2020-25577
MFC after:	now
2020-12-01 19:34:44 +00:00
Hajimu UMEMOTO
1def0a6257 fix casper initialization for setting scripts.
MFC after:	1 week
2020-11-27 18:40:51 +00:00
Mark Johnston
a792802f2b rtsold: Remove an incorrect __unused annotation
MFC after:	1 week
2020-10-23 14:56:17 +00:00
Bjoern A. Zeeb
60e7f66931 rtsol(d): add script for "M bit"
While we do support the "O bit" running a script (usually to start a
dhcpv6 client) we have no options for setups which set the "M bit" for,
e.g., static address assignment as in EC2.

Duplicate most of the "O bit" logic to also start a script for the
"M bit" with the one difference: if the "M bit" is set we will not
start the script for the "O bit" as well (per RFC 4861, Section 4.2).

Reviewed by:	hrs, markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26099
2020-08-25 16:09:23 +00:00
Simon J. Gerraty
2c9a9dfc18 Update Makefile.depend files
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22494
2019-12-11 17:37:53 +00:00
Simon J. Gerraty
5ab1c5846f Add Makefile.depend.options
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend

DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options

See share/mk/dirdeps-options.mk

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22469
2019-12-11 17:37:37 +00:00
Mark Johnston
e7485a436b Avoid relying on pollution from libcasper.h.
Reported by:	sjg
Sponsored by:	The FreeBSD Foundation
2019-11-21 00:17:14 +00:00
Mark Johnston
ee74c3327a rtsol: Use vwarnx(3) to log messages to standard error.
This ensures that the program name is included in the output, which
makes it easy to identify the source of error messages printed
during boot.

MFC after:	1 week
2019-02-27 18:13:41 +00:00
Mark Johnston
04e9edb544 Capsicumize rtsol(8) and rtsold(8).
These programs parse ND6 Router Advertisement messages; rtsold(8) has
required an SA, SA-14:20.rtsold, for a bug in this code.  Thus, they
are good candidates for sandboxing.

The approach taken is to run the main executable in capability mode
and use Casper services to provide functionality that cannot be
implemented within the sandbox.  In particular, several custom services
were required.

- A Casper service is used to send Router Solicitation messages on a
  raw ICMP6 socket.  Initially I took the approach of creating a
  socket for each interface upon startup, and connect(2)ing it to
  the all-routers multicast group for the interface.  This permits
  the use of sendmsg(2) in capability mode, but only works if the
  interface's link is up when rtsol(d) starts.  So, instead, the
  rtsold.sendmsg service is used to transmit RS messages on behalf
  of the main process.  One could alternately define a service
  which simply creates and connects a socket for each destination
  address, and returns the socket to the sandboxed process.  However,
  to implement rtsold's -m option we also need to read the ND6 default
  router list, and this cannot be done in capability mode.
- rtsold may execute resolvconf(8) in response to RDNSS and DNSSL
  options in received RA messages.  A Casper service is used to
  fork and exec resolvconf(8), and to reap the child process.
- A service is used to determine whether a given interface's
  link-local address is useable (i.e., not duplicated or undergoing
  DAD).  This information is supplied by getifaddrs(3), which reads
  a sysctl not available in capability mode.  The SIOCGIFCONF socket
  ioctl provides equivalent information and can be used in capability
  mode, but I decided against it for now because of some limitations
  of that interface.

In addition to these new services, cap_syslog(3) is used to send
messages to syslogd.

Reviewed by:	oshogbo
Tested by:	bz (previous versions)
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17572
2019-01-05 16:05:39 +00:00
Mark Johnston
2b2135b8b5 Minor style fixes around script execution.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-25 21:45:24 +00:00
Mark Johnston
af19302315 Clarify the description of the -u option.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-25 21:41:58 +00:00
Mark Johnston
04c07c31eb Always free dynamically allocated memory before returning.
CID:		1007418
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-24 16:46:26 +00:00
Mark Johnston
618703b57b Fix a dead store.
We would fail to clear DNS search list configuration if a router
stopped specifying the DNSSL RA option.  I suspect that the bug
was mostly harmless, as the RDNSS and DNSSL options are typically used
together and omitting the RDNSS option would have the same effect.

CID:		1006219
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 18:00:13 +00:00
Mark Johnston
d2f6957c1c Remove dead code.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:44:23 +00:00
Mark Johnston
3d7dd2d69a Staticize a couple of functions.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:43:27 +00:00
Mark Johnston
1a97dd3cc3 Remove some obsolete compatibility code.
No functional change intended.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 17:40:30 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Bryan Drewery
ea825d0274 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
Andriy Voskoboinyk
2bbd06fc33 Garbage collect IFT_IEEE80211 (but leave the define for possible reuse)
This interface type ("a parent interface of wlanX") is not used since
r287197

Reviewed by:	adrian, glebius
Differential Revision:	https://reviews.freebsd.org/D9308
2017-01-28 17:08:40 +00:00
Mark Johnston
5c3f6d4977 rtsold: Log messages about unexpected RAs at LOG_DEBUG.
Because rtsold listens for RAs on a raw socket, it may receive RAs from
interfaces that it does not manage. Such events can result in excessive
logging.

Submitted by:	Franco Fichtner <franco@opnsense.org>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D8108
2016-10-02 00:56:21 +00:00
Don Lewis
dc47112fa5 Use strlcpy() instead of strncpy() when copying ifname to ensure
that it is NUL terminated.  Additional NUL padding is not required
for short names.

Reported by:	Coverity
CID:		99186, 991864, 991865
MFC after:	1 week
2016-05-15 22:17:41 +00:00
Mark Johnston
0386a98bd0 Use the _SAFE loop variant, since the loop body may remove queue entries.
PR:		207146
MFC after:	3 days
2016-02-18 01:58:26 +00:00
Ulrich Spörlein
c9e1c304c1 Fix type mismatches for malloc(3) and Co.
This is rather pedantic, as for most architectures it holds that
sizeof(type *) == sizeof(type **)

Found by:	clang static analyzer
Reviewed by:	ed
Differential Revision: https://reviews.freebsd.org/D4722
2015-12-29 11:24:41 +00:00
Enji Cooper
0ec7db6428 Fix rtsold's usage message
- Remove -a from the usage message example dealing with specific
  interfaces. -a only makes sense when not specifying an interface,
  such that it's to be run on all interfaces
- Fix the pidfile option (it's -p, not -P)
- Change `interfaces` to `interface` to match the manpage

MFC after: 3 days
PR: 173744
Sponsored by: EMC / Isilon Storage Division
2015-10-30 07:36:43 +00:00
Eitan Adler
463a577b27 Fix a ton of speelling errors
arc lint is helpful

Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com
Differential Revision: https://reviews.freebsd.org/D3337
2015-10-21 05:37:09 +00:00
Xin LI
56160b2e67 Now that we own the code, use arc4random(3) unconditionally
and remove the corresponding HAVE_ARC4RANDOM conditions.

MFC after:	2 weeks
2015-10-06 23:42:58 +00:00
Hiroki Sato
f74237f5b6 - Remove #ifdef HAVE_POLL_H.
- Use nitems().

MFC after:	3 days
2015-09-10 06:40:28 +00:00
Ed Schouten
a1b862daec Remove bad call to shutdown().
The socket created by rtsol/rtsold is not a connection-based socket,
meaning that we should not attempt to call shutdown() on it.

Reported by:	kan
2015-08-10 07:45:13 +00:00
Simon J. Gerraty
ccfb965433 Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
Simon J. Gerraty
44d314f704 dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00
Gleb Smirnoff
0fa5aacd8b Remove #ifdef IFT_FOO.
Submitted by:	Guy Yur <guyyur gmail.com>
2015-05-02 20:31:27 +00:00
Baptiste Daroussin
933095dedc rtsold does not need to link to libkvm 2015-04-09 21:52:14 +00:00
Gleb Smirnoff
56d5e0967c Stop including if_var.h from userland.
Sponsored by:	Nginx, Inc.
2015-04-06 09:42:23 +00:00
Baptiste Daroussin
c6db8143ed Convert usr.sbin to LIBADD
Reduce overlinking
2014-11-25 16:57:27 +00:00
Simon J. Gerraty
9268022b74 Merge from head@274682 2014-11-19 01:07:58 +00:00
Hiroki Sato
e58fde506c Fix buffer overrun.
MFC after:	1 day
2014-10-11 20:46:06 +00:00
Simon J. Gerraty
fae50821ae Updated dependencies 2014-05-16 14:09:51 +00:00
Simon J. Gerraty
76b28ad6ab Updated dependencies 2014-05-10 05:16:28 +00:00
Simon J. Gerraty
d1d0158641 Merge from head 2013-09-05 20:18:59 +00:00
Hiroki Sato
afe41db1ab Use sysctl(ICMPV6CTL_ND6_DRLIST) instead of SIOCGDRLST_IN6 ioctl. 2013-08-17 22:13:26 +00:00
Hiroki Sato
a678ca234f - Remove struct ifinfo *iflist. It is no longer used.
- Suppress warnings about increase of alignment requirement.
2013-08-17 19:23:35 +00:00
Hiroki Sato
3774384085 Fix build on arm and mips. 2013-08-06 15:49:18 +00:00
Hiroki Sato
7d26db1792 - Use time_uptime instead of time_second in data structures for
PF_INET6 in kernel.  This fixes various malfunction when the wall time
  clock is changed.  Bump __FreeBSD_version to 1000041.

- Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities.

MFC after:	1 month
2013-08-05 20:13:02 +00:00
Kevin Lo
fb7a6f238f Silent warnings. 2013-07-16 03:12:31 +00:00
Mark Johnston
dd3368997e - Fix wording. [1]
- Improve the descriptions in the FILES section. [2]

Reported by:	Jason McIntyre [1]
Obtained from:	NetBSD [2]
MFC after:	3 days
2013-05-28 13:54:26 +00:00
Mark Johnston
dcc8e5487b Correct the description of the -a option: rtsol(d) -a will in fact send out
router solicitations on multiple interfaces.

Reviewed by:	hrs
MFC after:	1 week
2013-05-23 19:47:35 +00:00