summaryrefslogtreecommitdiffstats
path: root/usr.sbin/switchd (follow)
Commit message (Collapse)AuthorAgeFilesLines
* these programs (with common ancestry) had a -fno-common problem relatedderaadt2021-01-272-3/+6
| | | | | to privsep_procid. ok mortimer
* OpenFlow 1.3 defines packet header patterns of interest using TLVs (OXMs)akoshibe2019-11-271-11/+9
| | | | | | | | | | | | | that represent various header fields. One place where OXMs are used is in the sef_field action, which contains one OXM representing the header field to set, followed by padding to align the action in the OpenFlow message to 64 bits. Currently, we assume that a set_field action can contain multiple OXMs and that they do not need to be padded. This matches the way we handle OpenFlow messages that contain set_field actions so that we follow the specs. OK ori claudio
* Remove arguments from ofp13_flowmod() which are unused and unnecessary.akoshibe2019-11-213-8/+6
| | | | ok guenther@
* delete a stray blank from the usage() message; reported by Jesper Wallinschwarze2019-07-231-2/+2
|
* switchd(8)'s main proc needs to open the following paths, and which can bemestre2019-07-221-1/+5
| | | | | | | | | unveiled: / -> read, it will open config files from anywhere in the system /dev -> read/write, in order to open /dev/tap* and /dev/switch* hint and OK akoshibe@
* to avoid confusion, use the IANA-registered port rather than the old made-upsthen2019-07-111-4/+4
| | | | | port in the manpage example. been sitting in my tree for ages and suggested by someone on one of the mailing lists but I forget the details.
* When system calls indicate an error they return -1, not some arbitraryderaadt2019-06-281-3/+3
| | | | | | value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
* switchd(8) will sometimes not save a copy of a packet needing forwardingakoshibe2019-05-054-20/+38
| | | | | | | | | | | | | | | | even when a switch(4) instance requires it to supply it. Cases where this can happen are: if the copy of the packet recieved from the switch is too short (source/destination pairs can't be recovered), is non-unicast, or when switchd has to fall back to flooding traffic. Factor out the check for short packets, stopping before forwarding decisions are made if the full packet is needed by the switch. Set the packet buffer early for cases where it is needed otherwise. Also replace a few bzero's with memset's. Diff based on one by guenther@ OK phessler@
* (unsigned) means (unsigned int) which on ptrdiff_t or size_t or otherderaadt2019-02-131-3/+3
| | | | | | larger types really is a range reduction... Almost any cast to (unsigned) is a bug. ok millert tb benno
* Mention the default address (0.0.0.0) and port (6653) that switchd(8)akoshibe2018-11-111-2/+5
| | | | | | uses. OK nayden@ kn@
* Set sc_server.srv_tls value for "LISTEN ON STRING opttls".akoshibe2018-11-081-1/+2
| | | | OK phessler@
* Currently, switchd(8) defaults to listening on port 6633, which was theakoshibe2018-11-082-5/+6
| | | | | | | | | | | defacto port value used by OpenFlow. A decent chunk of OpenFlow controllers have switched over to the IANA standardized OpenFlow port, 6653. switchd(8) also randomizes its listen ports when one is not specified in switchd.conf(5).conf. Consolidate the #defines for port values, and set a default listen port. OK phessler@ claudio@, kn@ with separate switchd.conf(5) update
* - odd condition/test in PF lexersashan2018-11-011-2/+3
| | | | | | | | | | | | | | (and other lexers too) This commit rectifies earlier change: in the lex... even inside quotes, a \ followed by space or tab should expand to space or tab, and a \ followed by newline should be ignored (as a line continuation). compatible with the needs of hoststated (which has the most strict quoted string requirements), and ifstated (where one commonly does line continuations in strings). OK deraadt@, OK millert@
* typo; from bryan stensonjmc2018-10-301-3/+3
|
* Mirror bluhm's fixes for proc.c daemons to dup /dev/null for child processesakoshibe2018-09-103-9/+20
| | | | | | in switchd(8). OK henning@ bluhm@
* Make switchd(8) ignore PACKET_INs generated from looped traffic. Currently,akoshibe2018-09-092-4/+6
| | | | | | | | it responds to these messages with an invalid PACKET_OUT onto OFP*_PORT_ANY, resulting in the switch responding with an error, causing switchd to disconnect the switch. OK phessler@ claudio@
* replace malloc()+strlcpy() with strndup() in cmdline_symset().miko2018-09-071-9/+4
| | | | "looks good" gilles@ halex@
* Remove cpath pledge(2) promise. We decided that not deleting the unix controlmestre2018-08-053-19/+4
| | | | | | | sockets cause no harm and this way we close another attack surface by not allowing the daemon to create/delete any more files. OK akoshibe@ florian@
* Do for most running out of memory err() what was done for most runningkrw2018-07-111-2/+2
| | | | | | | | out of memory log_warn(). i.e. ("%s", __func__) instead of manual function names and redundant verbiage about which wrapper detected the out of memory condition. ok henning@
* No need to mention which memory allocation entry point failed (malloc,krw2018-07-091-4/+4
| | | | | | | | | calloc or strdup), we just need to log that we ran out of memory in a particular function. Recommended by florian@ and deraadt@ ok benno@ henning@ tb@
* Be consistent in warn() and log_warn() usage whenkrw2018-07-081-3/+3
| | | | | | | | running out of memory. Next step, be correct *and* consistent. ok dennis@ tb@ benno@ schwarze@
* remove the SECTIONS header, since a one line DESCRIPTION is a bit silly;jmc2018-06-181-4/+4
| | | | | | | use a more general text for the sections, and avoid the catchup issue that was trying to document how many there were; ok benno rob
* Fix an off-by-one line count when using include statements.denis2018-06-111-48/+80
| | | | | | Thanks to otto@ for the initial diff. OK benno@
* 65535 is a valid port to listen on.florian2017-08-281-2/+2
| | | | | | | Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT gmail, thanks! chris@ pointed out that more than httpd(8) is effected. OK gilles@
* packet.c and parse.y no longer require err.h. ok jca@ florian@rob2017-08-062-4/+2
|
* /tmp/cvsa9y4jmespie2017-07-061-2/+2
|
* no need to generate y.tab.h if nothing uses it, set YFLAGS to nothingespie2017-07-031-1/+2
| | | | | | instead of CLEANFILES += y.tab.h okay millert@
* sync proc.c changes from relayd/httpdbenno2017-05-291-5/+5
|
* From a syslog perspective it does not make sense to log fatal andbluhm2017-03-211-6/+6
| | | | | | warn with the same severity. Switch log_warn() to LOG_ERR and keep fatal() at LOG_CRIT. OK reyk@ florian@
* argument to the document description (Nd) macro should be lowercase.sobrado2017-03-081-3/+3
| | | | ok jmc@
* Nuke some whitespace that keeps poking me in the eye as I try tokrw2017-01-172-4/+4
| | | | steal code.
* Fix OXM parser for set-field messages. Found it the hardway whilerzalamena2017-01-171-4/+4
| | | | testing set-field configuration.
* pasto; snmpd->switchd in sample "include" line. ok reyk@sthen2017-01-161-3/+3
|
* Stop accessing verbose and debug variables from log.c directly.reyk2017-01-096-21/+25
| | | | | | | | This replaces log_verbose() and "extern int verbose" with the two functions log_setverbose() and log_getverbose(). Pointed out by benno@ OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
* Replace hand-rolled for(;;) traversal of ctl_conns TAILQ withkrw2017-01-091-4/+5
| | | | | | | | TAILQ_FOREACH(). No intentional functional change. ok reyk@
* Sync log.c with the latest version from vmd/log.c that preserves errnoreyk2017-01-081-9/+11
| | | | so it is safe calling log_* after an error without loosing the it.
* Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQkrw2017-01-051-5/+7
| | | | | | | | | | | with more modern TAILQ_FOREACH(). This what symget() was already doing. Add paranoia '{}' around body of symget()'s TAILQ_FOREACH(). No intentional functional change. ok bluhm@ otto@
* Learn remote switch flow tables properties to find out where to installrzalamena2016-12-225-127/+338
| | | | | | | the default table-miss flow for OpenFlow 1.3.5. This is enough to make switchd(8) to work with switch(4) and HP 3800 switch out-of-the-box. ok reyk@
* Implement the connection state machine for OpenFlow 1.0 and 1.3 to detectrzalamena2016-12-026-69/+123
| | | | | | | invalid state transitions and invalid protocol version switching after the hello messages exchange. ok reyk@
* article fix; from rob piercejmc2016-11-291-3/+3
|
* Add "features request" support and reply validation.rzalamena2016-11-221-13/+66
| | | | ok reyk@
* Implement support for version negotiation using hello messages. Thisrzalamena2016-11-225-19/+200
| | | | | | | also prevents connections from switching the version in the middle of the operation. tweak from and ok reyk@
* Do more strict checks of OXM by looking at mask restrictions and addrzalamena2016-11-211-7/+48
| | | | | | missing OXM type (IP_PROTO). ok reyk@
* Add truncation validation for packet-out and reuse the action validationrzalamena2016-11-211-31/+36
| | | | | | function instead of manually rolling the code again. ok reyk@
* Fix jumbo regress test for ofp10.c and use htonl() with OFP_PKTOUT_NO_BUFFERrzalamena2016-11-212-8/+8
| | | | | | for consistency. ok reyk@
* Implement better table features validation. With this we get free switchctlrzalamena2016-11-211-18/+161
| | | | | | display of table features. ok reyk@
* Parse flow-status instructions in multipart replies, so we can see whatrzalamena2016-11-211-3/+25
| | | | instructions are used by the flow.
* The special LOCAL and CONTROLLER ports are valid source ports thatreyk2016-11-182-10/+12
| | | | | | should be learned by the cache. Fixes "addlocal" ports on switch(4). OK rzalamena@
* Make switchd(8) use more strings just like tcpdump(8). While here removerzalamena2016-11-181-73/+67
| | | | action field display from features request.
* Define a group_id map and rename the defines accordingly.reyk2016-11-182-3/+4
| | | | Requested by rzalamena@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.