Commit Graph

26 Commits

Author SHA1 Message Date
markj
5944def9ab Capsicumize rtsol(8) and rtsold(8).
These programs parse ND6 Router Advertisement messages; rtsold(8) has
required an SA, SA-14:20.rtsold, for a bug in this code.  Thus, they
are good candidates for sandboxing.

The approach taken is to run the main executable in capability mode
and use Casper services to provide functionality that cannot be
implemented within the sandbox.  In particular, several custom services
were required.

- A Casper service is used to send Router Solicitation messages on a
  raw ICMP6 socket.  Initially I took the approach of creating a
  socket for each interface upon startup, and connect(2)ing it to
  the all-routers multicast group for the interface.  This permits
  the use of sendmsg(2) in capability mode, but only works if the
  interface's link is up when rtsol(d) starts.  So, instead, the
  rtsold.sendmsg service is used to transmit RS messages on behalf
  of the main process.  One could alternately define a service
  which simply creates and connects a socket for each destination
  address, and returns the socket to the sandboxed process.  However,
  to implement rtsold's -m option we also need to read the ND6 default
  router list, and this cannot be done in capability mode.
- rtsold may execute resolvconf(8) in response to RDNSS and DNSSL
  options in received RA messages.  A Casper service is used to
  fork and exec resolvconf(8), and to reap the child process.
- A service is used to determine whether a given interface's
  link-local address is useable (i.e., not duplicated or undergoing
  DAD).  This information is supplied by getifaddrs(3), which reads
  a sysctl not available in capability mode.  The SIOCGIFCONF socket
  ioctl provides equivalent information and can be used in capability
  mode, but I decided against it for now because of some limitations
  of that interface.

In addition to these new services, cap_syslog(3) is used to send
messages to syslogd.

Reviewed by:	oshogbo
Tested by:	bz (previous versions)
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17572
2019-01-05 16:05:39 +00:00
markj
9029874eaf Minor style fixes around script execution.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-25 21:45:24 +00:00
markj
5711c34ef6 Fix a dead store.
We would fail to clear DNS search list configuration if a router
stopped specifying the DNSSL RA option.  I suspect that the bug
was mostly harmless, as the RDNSS and DNSSL options are typically used
together and omitting the RDNSS option would have the same effect.

CID:		1006219
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-10-20 18:00:13 +00:00
pfg
872b698bd4 General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
markj
e3e51c190e rtsold: Log messages about unexpected RAs at LOG_DEBUG.
Because rtsold listens for RAs on a raw socket, it may receive RAs from
interfaces that it does not manage. Such events can result in excessive
logging.

Submitted by:	Franco Fichtner <franco@opnsense.org>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D8108
2016-10-02 00:56:21 +00:00
hrs
a9647f4732 Fix buffer overrun.
MFC after:	1 day
2014-10-11 20:46:06 +00:00
hrs
a8298dcc37 - Remove struct ifinfo *iflist. It is no longer used.
- Suppress warnings about increase of alignment requirement.
2013-08-17 19:23:35 +00:00
hrs
13c1bcf2c1 - Use time_uptime instead of time_second in data structures for
PF_INET6 in kernel.  This fixes various malfunction when the wall time
  clock is changed.  Bump __FreeBSD_version to 1000041.

- Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities.

MFC after:	1 month
2013-08-05 20:13:02 +00:00
kevlo
1711e0f9b0 Silent warnings. 2013-07-16 03:12:31 +00:00
hrs
06dd2030ac - Add ":origin" label to the interface id for resolvconf(8). (r223149)
- Add -u option to enable adding :[RA-source-address] to the interface id.
  (r223149)
- s/INET6_ADDRSTRLEN/sizeof(ntopbuf)/  (r223149)
- Fix a bug that can prevent -D from being overridden by -d. (r223149)
- /-P pidfile/-p pidfile/ for consistency with rtadvd(8). (r223149)
- Fix -F flag handling to support receiving RAs even when ip6.forwarding=1.
  (r225150)

Approved by:	re (kib)
2011-09-12 23:55:23 +00:00
hrs
1eefc7ab06 - Accumulate RA options instead of replacing old ones when a new RA arrived.
RFC 4861 6.3.4 clearly defines handling multiple RAs in this way.

- RDNSS/DNSSL options from multiple RAs on a single link will be
  gathered and sent to resolvconf(8).

- Call "resolvconf -d" only after at least one RDNSS or DNSSL option is
  received and then all of them are expired.

- The rtsold.dump output now supports displaying a list of the RA options.

- Use more human-readable expression for logging values of struct timeval.

Discussed with:	ume
2011-06-08 16:03:29 +00:00
hrs
e8152d9ab6 - Disable "resolvconf -d" temporarily to avoid extra invocations of the script
under a certain condition.
- Fix argv handling.

Spotted by:	ume
2011-06-08 04:06:56 +00:00
hrs
10df0af5a5 - Implement RDNSS and DNSSL options (RFC 6106, IPv6 Router Advertisement
Options for DNS Configuration) into rtadvd(8) and rtsold(8).  DNS
  information received by rtsold(8) will go to resolv.conf(5) by
  resolvconf(8) script.  This is based on work by J.R. Oldroyd (kern/156259)
  but revised extensively[1].

- rtadvd(8) now supports "noifprefix" to disable gathering on-link prefixes
  from interfaces when no "addr" is specified[2].  An entry in rtadvd.conf
  with "noifprefix" + no "addr" generates an RA message with no prefix
  information option.

- rtadvd(8) now supports RTM_IFANNOUNCE message to fix crashes when an
  interface is added or removed.

- Correct bogus ND_OPT_ROUTE_INFO value to one in RFC 4191.

Reviewed by:	bz[1]
PR:		kern/156259 [1]
PR:		bin/152458 [2]
2011-06-06 03:06:43 +00:00
uqs
1d0c38de11 rtsol(8)/rtsold(8): make WARNS=3 clean
It is actually WARNS=6 clean for non-strict alignment archs.

Approved by:	ed (co-mentor)
2010-02-27 10:19:39 +00:00
kevlo
fa3791e1a7 Cleanup of userland __P use 2007-11-07 10:53:41 +00:00
ume
ab3e3db491 ansify.
Obtained from:	KAME
2004-01-14 17:16:19 +00:00
ume
e63e485957 - improved the -a option. it can probe a interface automatically when
the interface wake up.  it can be started anytime even when there is
  no network interface on the list of intarfaces in the kernel.
- get a correct link ID for each interface at initialization
  (using scope libraries if HAVE_SCOPELIB is defined).
- fill in sin6_scope_id correctly before sendmsg().

Obtained from:	KAME
MFC after:	1 week
2003-08-17 11:11:32 +00:00
ume
30892cac87 decreased too-strong log levels.
Obtained from:	KAME
MFC after:	1 week
2003-08-14 15:21:55 +00:00
ume
958362f6a8 KNF, correct typos and cleanup spaces.
Obtained from:	KAME
MFC after:	1 week
2003-08-08 16:56:01 +00:00
ume
02ba92cc97 Process the "O bit."
If the value of OtherConfigFlag changes from FALSE to TRUE, the
host should invoke the stateful autoconfiguration protocol,
requesting information.
[RFC 2462 Section 5.5.3]

Obtained from:	KAME
MFC after:	1 week
2003-08-08 16:42:37 +00:00
ume
52b4a696e0 __FUNCTION__ --> __func__
Obtained from:	KAME
MFC after:	1 week
2003-08-08 16:38:23 +00:00
suz
4c640a08b8 Explicitly specifies sin6_family & sin6_len of sockaddr_in6 for raw socket
destination.
(Currently lack of their specification does not lead to any problem, because
 kernel does not check the consistency between actual address and its
 address family / length on raw socket.

 However kernel should always check their consistency and stop sending packets
 if there is a contradiction.  Considering backward compatibility of
 programs, I just fixed rtsol now;  I'd like to fix the kernel behavior later.)

Reviewed by: ume
MFC after: 3 days
2002-04-19 11:39:54 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
kris
44c3d480b4 Sync with KAME. Format string auditing, and add -a flag to autoprobe
interfaces.

Obtained from:	KAME
2000-10-06 23:46:52 +00:00
kris
e041633352 Sync with latest KAME.
Obtained from:	KAME
2000-07-05 10:14:11 +00:00
shin
8c2ccb59ca Getaddrinfo(), getnameinfo(), and etc support in libc/net.
Several udp and raw apps IPv6 support.

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
1999-12-28 02:37:14 +00:00