* DHCP: Add support for sending DHCP option 125 and DHCPv6 Option 17 (VSIO)
Note wireshark doesn't decode option 125 correctly when the it needs to be split into more options if it exceeds 255 bytes.
---------
Signed-off-by: Stipe Poljak (EXT) <stipe.poljak.ext@ericsson.com>
Co-authored-by: Roy Marples <roy@marples.name>
This ensures openlog gets a fd so logging of errors can occur
within privsep where no log was written before entering privsep.
Also ensures that closelog does not close -1 on some platforms
where no logging took place.
In certain instances, `ifp->if_data[IF_DATA_IPV6]` was not yet
initialized when ipv6_addaddr adds the address to the state, and a
segfault would ensue. Mitigate this by ensuring the state is initialized
when adding the addresses.
fixes#394
If lastlease is enabled, and dhcpcd is unable to confirm its prior
lease, after timeout, bind the lease and move to the REBIND state.
Confine lastlease behavior to the CONFIRM and REBIND states.
Co-authored-by: Jon Franklin <jon_franklin@dell.com>
Regardless if we are a router or not.
BSD IPv6 source address selection does really matter for this.
This fixes FreeBSD systes where the forwarding sysctl is set
by the routing script which starts late in the day where
dhcpcd is already running and won't get the default route applied
until another RA comes in which could be a while.
I wish the linux team used #defines rather than enums, but heh ho.
Ensure we can test IFF_LOWER_UP, IFF_DORMANT and IFA_FLAGS
based on nearest matching #defines available when the respective
feature was comitted.
Fixes#373.
Running dhpcd --dumplease with input from stdin and redirecting stdout
to a file outputs nothing to the output. The reason is that printf /
fprintf is used to write the output but it is not explicitly flushed
when done, or before exiting, and stdout to files is fully buffered by
default while stdout to terminals is line buffered by default.
This adds calls to fflush() at the end of dhcp_print_option_encoding()
and script_dump(), plus one just before exiting dhcpcd.
Signed-off-by: Diego Santa Cruz <diego.santacruz@spinetix.com>
After the initial solicit timeout, any received advertisements trigger
a request. However, after the timeout, any advertisements will
never result in a request, and the client sends solicits forever.
This patch adds sends a request in response to an advertise if the
initial timeout has expired.
Cleanup: removes a check for an impossible state.
Address advertisemnt was used to allow IP address sharing to work.
It also required the DHCP server to allow the same IP for many
hosts, which modern DHCP servers deny you from doing.
Lastly, there are niggles with the implementation that are
impossible to fully fix due to how the various protocols work,
especially ARP.
All platforms dhcpcd supports allow better ways of doing this,
such as bonding (Linux), trunk(4) (OpenBSD), lagg(4) (Other BSDs).
ARP advertisements will only be made when addresses are added
OR defended against for kernels without RFC 5227 support.
in_cksum falls over with struct ip in a union of uint16_t with
some compilers.
The fix is to create a smaller pseudo header, fill in the bits
we need and then copy this to a uint8_t array which we then
send to in_cksum.
Tested on Debian-12 with clang-15 and CFLAGS=-Os
While here, just check that the UDP checksum check is zero
rather than zeroing it out and checking it matches.
Co-authored-by: Zikai Chen <chenzikai@google.com>
Since we are capturing packets at L2 we should not be using ETH_DATA_LEN
but ETH_FRAME_LEN to include also dst/src MAC and EtherType.
Co-authored-by: Andrzej Ostruszka <amo@semihalf.com>
Remember when we have advertised an address.
If we want to advertise it again, check this first.
If we still want to advertise it, clear this flag for all other
matching addresses.
Clear advertised flags from all addresses on carrier up.
This reduces needless NA spam from dhcpcd when the IPv6 Router
is needlessly chatty with RA.
On all OS 0 is disabled and >0 is enabled.
So return -1 on any error which is returned to the main process so
we could log a diagnostic in the future.
While where allow privsep to actually get the sysctl for Capsicum.
Optimise the flow so that if we do have a global address on the
source interface we avoid the sysctl via the privileged process.
Generally the only time we don't is when we de-configure an
interface or we are configuring an interface where there is
no autoconf prefix from the RA and the only globals come
from a DHCPv6 Prefix Delegation to other interfaces which
requires us to be a router.
We used to rely on route(4) adding it to state based on RTM_NEWADDR
but the message could get lost if the socket overflows.
Work around this by always adding the address to the state.
