| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
ipv4 and ipv6 keys have been combined into one common key, ip. To
distinguish between multiple IPs in later versions ip=0.0.0.0/32 and
ip=::/128 respectively now mean we want to be assigned a random address
from the server.
Releasing/not wanting an IP is now done by just not listing that IP,
i.e. if we only wanted an (random) ipv4 address the request would look
as follows:
request_ip=1
ip=0.0.0.0/32
|
|
Changing struct allowedips_update to hold pointers to addresses
introduced a use after free bug.
Take the opportunity to keep one pointer instead of three.
|
|
|
|
Previously it was possible that pools would not be correctly shadowed
and/or the left or right counters were not updated properly. To fix
that, every node now has flags indicating what type of node it is, and
if it's shadowed. Furthermore, We determine if a poolnode needs to be
(un)shadowed by walking the trie now.
remove_node() now also only modifies the left right counters if the
target node was actually found.
|
|
|
|
Previously this would trigger a BUG_ON() since the calculation of length
& offset was wrong since we added the previous part of the buffer
(req->buf) in parse_request(). This meant handle_request() couldn't know
how much bytes where actually left in the buffer or their offset.
|
|
|
|
|
|
Previously random_bounded(1) would return values in [0, 1], while values
> 1 would return [0, bound).
|
|
|
|
|
|
Instead of a list of attributes, parse messages into a proper struct to
avoid duplicating code in the server/client for handling this list, as
well as making parsing nicer in general.
|
|
|
|
|
|
Adding 127.0.0.0/8 (lo) for example is not what we want.
Didn't happen in tests/netsh.sh because the use of network namespaces.
|
|
|
|
|
|
|
|
|
|
Before this, leases_ht would store the (temporary) pointer to pubkey
that's given to new_lease() directly. The memory it's pointing to is
overwritten as soon as a new connection comes in however and thus
breaking the hashtable.
Instead make our own copy of the pubkey and store the pointer to that.
|
|
CC lease.o
In file included from /usr/include/arpa/inet.h:22:0,
from lease.c:3:
lease.c: In function 'new_lease':
lease.c:93:30: error: 'const struct in6_addr' has no member named 's6_addr32'
bool wants_ipv6 = !ipv6 || !IN6_IS_ADDR_UNSPECIFIED(ipv6);
^
lease.c:93:30: error: 'const struct in6_addr' has no member named 's6_addr32'
bool wants_ipv6 = !ipv6 || !IN6_IS_ADDR_UNSPECIFIED(ipv6);
^
lease.c:93:30: error: 'const struct in6_addr' has no member named 's6_addr32'
bool wants_ipv6 = !ipv6 || !IN6_IS_ADDR_UNSPECIFIED(ipv6);
^
lease.c:93:30: error: 'const struct in6_addr' has no member named 's6_addr32'
bool wants_ipv6 = !ipv6 || !IN6_IS_ADDR_UNSPECIFIED(ipv6);
^
lease.c: In function 'leases_refresh':
lease.c:213:10: error: 'const struct in6_addr' has no member named 's6_addr32'
if (!IN6_IS_ADDR_UNSPECIFIED(ipv6))
^
lease.c:213:10: error: 'const struct in6_addr' has no member named 's6_addr32'
if (!IN6_IS_ADDR_UNSPECIFIED(ipv6))
^
lease.c:213:10: error: 'const struct in6_addr' has no member named 's6_addr32'
if (!IN6_IS_ADDR_UNSPECIFIED(ipv6))
^
lease.c:213:10: error: 'const struct in6_addr' has no member named 's6_addr32'
if (!IN6_IS_ADDR_UNSPECIFIED(ipv6))
^
<builtin>: recipe for target 'lease.o' failed
make: *** [lease.o] Error 1
|
|
|
|
|
|
|
|
Pools are created from routes which can overlap. Consider the following:
ip route add 192.168.4.0/28
ip route add 192.168.4.0/24
sleep 3600
ip route del 192.168.4.0/24
Here, the pool created from the first route is being shadowed by the
pool from the second route. However, since the second pool is later
removed again we cannot simply combine them. So instead this commit
shadows them, to avoid them being double counted.
|
|
|
|
|
|
The way find_node() was written to suit ipp_addpool() means it's not
really generic and rather confusing, so we inline it instead.
|
|
This enables us to later use the timeout parameter of epoll_wait() to
timely remove expired leases.
|
|
The CLOCK_MONOTONIC change was reverted:
https://git.kernel.org/torvalds/c/a3ed0e43
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The link-local IP is always /128, so using a hashtable is more
appropriate here. We only use the lower 64 bits as key, since the first
64 bits of link-local addresses are always the same.
|
|
Only sleep after failed try_connect(), because it might fail quickly.
The read should be blocking for 1s (SO_RCVTIMEO).
|
|
Avoiding the unnecessary complexity of non-blocking I/O.
|
|
POSIX says:
"In each pollfd structure, poll() shall clear the revents member,
except that where the application requested a report on a condition by
setting one of the bits of events listed above, poll() shall set the
corresponding bit in revents if the requested condition is true."
|
|
|
|
|
|
Reject clients not connecting from an IPv6 address.
Reject clients not connecting from the correct port.
Fake address allocation.
Update allowed-ips with leases handed out.
Send response messages.
Extend protocol to include lease start and lease time, errno and errmsg.
Move common code to common.[ch].
|
Thomas Gschwantner
Linus Nordberg