summaryrefslogtreecommitdiffstats
path: root/usr.sbin/dhcpd (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Replace bzero(3) with memset(3)mestre2016-11-154-15/+15
| | | | "Looks good" to deraadt@
* Compare server-identifiers and reject packets only *after* applyingkrw2016-10-241-10/+14
| | | | | | | | | | | value specified in dhcpd.conf. i.e. don't assume it is always the primary address of the interface the packet arrived on. Fixes issues with redundant dhcpd servers and CARP'd interfaces. Issue reported and fix tested by Johan Huldtgren
* - Use memset(*b, 0, len) instead of bzero(*b, len)mestre2016-10-211-14/+14
| | | | | | - Use explicit_bzero(3) instead of bzero(3) to clean temporary HMAC OK krw@
* client_identifier is not a string so using strlen() on it iskrw2016-10-121-2/+2
| | | | | | | | | | inappropriate. Which is why client_identifier_len exists. Replace copy&pasted strlen() with client_identifier_len. Symptoms (crash) and cause (bad c&p) spotted by sthen@. tested & ok sthen@
* Stop pretending we use RFC 3046/Option 82/Relay Agent Information.krw2016-10-101-12/+6
| | | | | | | | | | | RFC 3042 says servers that do not understand the option will not echo it. Plus, our desultory attempt at echoing was almost certainly broken for OFFERs (use after free of packet data) and not even attempted for NACKs. ok millert@
* Add support for RFC 6842. RFC 2131 said the server MUST NOT echokrw2016-10-062-6/+53
| | | | | | | the client-identifier value. RFC 6842 says the server MUST echo it. Echoing the information disambiguates packets for relays and clients when chaddr is 0. Similar to what dhcpv6 does.
* Use consistant idiom (intermediate variable 'i' rather than repeatedkrw2016-10-051-78/+64
| | | | | | | | | | | | uses of very long #define names) to access option data in nak_lease() and ack_lease(). Shortens a lot of lines, which allows a number of line splits to be eliminates. Makes some upcoming diffs easier to integrate. No intentional functional change.
* Zap stray whitespace.krw2016-10-044-14/+14
|
* Pull in <time.h> for one or more of gmtime, strftime, strptime, time,guenther2016-08-274-4/+8
| | | | | | timegm, and tzset ok deraadt@
* KNF and clean up many comments.krw2016-08-171-139/+171
|
* Ansify function definitions.krw2016-08-171-36/+23
| | | | Diff from Edgar Pettijohn.
* Don't leak the option data of non-DHCPINFORM messages received onkrw2016-08-053-13/+12
| | | | | | | | the udp socket. Found by David Carlier. ok yasuoka@
* Replace the /dev/bpf* open loop with a plain open("/dev/bpf0", ...).natano2016-05-281-20/+7
| | | | ok deraadt jca
* Remove pledge(2)'s that are called before chroot(2) since in the near futuremestre2016-04-272-10/+3
| | | | | | | this will be forbidden. The remaining pledge(2) calls after chroot(2) are still kept. OK semarie@ "it is time now"
* In udpsockmode codepath dhcpd.c had the promise route for pledge(2) but it wasmestre2016-04-041-2/+2
| | | | | | | | | missing from udpsock_startup() (udpsock.c) which happens earlier and therefore would abort the program due to SIOCGIFADDR ioctl(2) on udpsock_handler Reported by Philip Higgins <phil ! unita.com.au> OK tb@
* sys/param.h -> sys/types.h. No need to drag in nitems() only tokrw2016-02-081-3/+3
| | | | | | use it once on an array declared iov[1]. Just use '1'. ok yasuoka@
* avoid a use after free when parsing address ranges from a configjsg2016-02-071-1/+2
| | | | ok krw@
* Eliminate #include inside *.h files and include only needed headers inkrw2016-02-0625-97/+351
| | | | | | | each *.c file. Inspired by mention of header silliness by Edgar Pettijohn and mmcc@ on tech@.
* be very careful accepting packets via bpf. First check that thekrw2016-02-031-7/+30
| | | | | | | | | | | | | fixed part of the IP header is completely present before using its header length field. Then use the data in the IP header to ensure the entire IP packet is present. Then check that the entire UDP header is present. Then use the data in the UDP header to ensure all the data it thinks is present is actually present. Started when tj@ and a few others noticed ISC "DHCP CVE-2015-8605: UDP payload length not properly checked". ok sthen@ henning@
* remove NULL-checks before free()mmcc2015-12-213-9/+6
|
* pledge.krw2015-12-142-11/+27
| | | | Diff from Ricardo Mestre. Test report from sthen@.
* Actually use default-lease-time, max-lease-time, bootp-lease-lengthkrw2015-12-111-1/+3
| | | | | | | specified in dhcpd.conf. Broken in -r1.18. Problem noted by Arne on bugs@, identical fix independently developed by Serguey Parkhomovsky.
* Avoid .Ns right after .Pf, it's pointless.schwarze2015-09-141-3/+3
| | | | In some cases, do additional cleanup in the immediate vicinity.
* stdlib.h is in scope; do not cast malloc/calloc/realloc*deraadt2015-08-203-9/+8
| | | | ok millert krw
* use file system path (.Pa) semantic markup macros where appropriate.sobrado2015-07-271-3/+3
|
* Do not send routers (option 3) or static routes (option 33) whenkrw2015-06-272-4/+32
| | | | | | | | | | | | | | classless static routes (option 121, 249) are sent. RFC 3442 says servers SHOULD NOT send those options. This avoids confusing clients who fail to ignore the routers or static routes options in the presence of classless static routes options. RFC 3442 says clients MUST ignore those options. Incorrect behavior in MS and Linux clients reported by Juan on misc@. ok millert@
* Don't do manual whitespace adjustments inside semantic macros,schwarze2015-06-111-18/+18
| | | | | | | rather do it before the macros, and get rid of cargo cult escaping. Both to make the code more robust and less ugly, no output change. Ugly code reported by TJ at mrsk dot me. OK jmc@
* write Mobile IP{,v6} in a consistent way, as given in RFCs 5944 and 6275.sobrado2015-06-021-3/+3
| | | | ok jmc@
* Tweak parsing so that hostnames starting with 0-9 are accepted.krw2015-05-183-76/+66
| | | | | | Reported long ago by matthieu@. Also Jacob Berkman via the lists. Tests and suggestions from Jacob and Matthieu.
* Hoist common assignments out of a series of if/if-else statementskrw2015-05-021-9/+3
| | | | | | in get_token(). Simplifies code and shrinks future diff. No intentional functional change.
* Correct switch between current and previous line buffers whenkrw2015-05-021-3/+3
| | | | | | encountering a carriage return in the input. Found by jsg@ a long time ago in a respository far, far away.
* Avoid using inet_ntoa() twice in a single printf() parameter listkrw2015-04-151-6/+14
| | | | | | | | | by caching the results from excess inet_ntoa() calls before doing the printf(). Should improve usefullness (?) of DHCPRELEASE log entries by actually printing ciaddr and giaddr correctly when dhcprelays stand between servers and clients. Looks good to dlg@.
* remove the first comma from constructs like ", and," and ", or,": you can usejmc2015-03-132-6/+6
| | | | | "and" and "or" to join sentence clauses, and you can use commas, but both hinders reading;
* Keep track of the last time we scanned the leases to find expiredkrw2015-02-102-7/+8
| | | | | | | ones that needed to be booted out of the pf table process. This avoids removing the same addess over and over. Problem report and original diff from Bertrand Provost.
* Close appropriate ends of pfpipe. Lets pf table process die when dhcpdkrw2015-02-071-1/+3
| | | | | | | | does. Pointed out by Bertrand Provost. ok henning@
* The pf table process should die if the pipe to the dhcpd process iskrw2015-02-051-1/+4
| | | | | | closed. e.g. dhcpd has been killed. ok henning@
* Include <netinet/in.h> before <net/pfvar.h>. In a future change whenderaadt2015-01-211-2/+3
| | | | ports is ready, <net/pfvar.h> will stop including a pile of balony.
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-164-9/+9
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* /dev/random has created the same effect as /dev/arandom (and /dev/urandom)deraadt2014-11-221-3/+3
| | | | | for quite some time. Mop up the last few, by using /dev/random where we actually want it, or not even mentioning arandom where it is irrelevant.
* Reduce instances of `` '' in manuals.bentley2014-11-151-4/+7
| | | | | | | | | | | | troff displays these as typographic quotes, but nroff implementations almost always print them literally, which rarely has the intended effect with modern fonts, even in stock xterm. These uses of `` '' can be replaced either with more semantic alternatives or with Dq, which prints typographic quotes in a UTF-8 locale (but will automatically fall back to `` '' in an ASCII locale). improvements and ok schwarze@
* Tweak the the DHCPACK to DHCPINFORM log entry so that it iskrw2014-11-111-8/+17
| | | | | | | | | | | | | | | | less threatening and more informative. e.g. DHCPACK on <null address> to 5c:51:4f:56:81:c3 via em0 changes to DHCPACK to 192.168.19.62 (3c:97:0e:0c:0c:d7) via em0 Issue noted and diff tested by Marc Peters. Thanks! ok yasuoka@ millert@
* Typo: consitent -> consistent.krw2014-11-101-2/+2
|
* Remove unnecessary netinet/in_systm.h include.lteo2014-10-253-6/+3
| | | | ok millert@
* use reallocarray() to cope with multiplicative integer overflow; ok dougderaadt2014-10-081-2/+2
|
* Variables to count seen packets should be unsigned.tobias2014-08-181-10/+10
| | | | ok krw@
* validate len field for proper length, not just "not zero."tobias2014-08-111-7/+6
| | | | ok krw@
* Fix memory exhaustion occurring on DHCP options with 0 length.tobias2014-07-281-3/+2
| | | | | | halex@ and krw@ pointed out that a NULL check before free can go, too. ok deraadt@, halex@, krw@
* Fix very hard to reach DoS attack vector, which would involve more thantobias2014-07-261-3/+4
| | | | | | | 8 billion network packets. Mixture of many many malformed and proper packets could result in a division by zero. ok krw@
* Fix DHCPINFORM not to lookup the lease database, not to fill the yiaddryasuoka2014-07-112-61/+67
| | | | | | field and not to include the lease time parameters. ok krw
* tweak previous;jmc2014-07-111-13/+17
| | | | ok krw yasuoka
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.