Commit Graph

2570 Commits

Author SHA1 Message Date
Denys Vlasenko
c5540d61f6 tls: send CHANGE_CIPHER_SPEC
To "actually implement it" will take more work...

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 02:17:03 +01:00
Denys Vlasenko
f78ad0938b whitespace fix
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 00:18:22 +01:00
Denys Vlasenko
11d0096516 tls: format and send CLIENT_KEY_EXCHANGE
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4265
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30
entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30
skipped der 0x30, next byte 0x03
entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00
key bytes:399, first:0x00
entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02
binary bytes:385, first:0x00
skipped der 0x02, next byte 0x02
binary bytes:3, first:0x01
server_rsa_pub_key.size:384
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
insize:9 tail:0
^C

Next step: send CHANGE_CIPHER_SPEC... and actually implement it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 00:12:42 +01:00
Denys Vlasenko
2a17d1fc9b tls: DER length byte 0x81 is actually valid
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 22:38:25 +01:00
Denys Vlasenko
b1003f7019 tls: a bit more work
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4406
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8f7e723:0x30 len:1452 inner_byte @0x8f7e727:0x30
entered der @0x8f7e727:0x30 len:1172 inner_byte @0x8f7e72b:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8f7e830:0x30 len:418 inner_byte @0x8f7e834:0x30
skipped der 0x30, next byte 0x03
entered der @0x8f7e843:0x03 len:399 inner_byte @0x8f7e847:0x00
copying key bytes:399, first:0x00
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE

Now need to teach it to send ClientKeyExchange...

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 13:57:16 +01:00
Denys Vlasenko
ceff6b0ea9 tls: work-in-progress TLS1.2 test applet
function                                             old     new   delta
tls_main                                               -     733    +733
dump                                                   -     230    +230
xread_tls_block                                        -     180    +180
get_der_len                                            -      76     +76
enter_der_item                                         -      70     +70
skip_der_item                                          -      56     +56
get24be                                                -      24     +24
tls_error_die                                          -      19     +19
packed_usage                                       31010   31027     +17
applet_names                                        2549    2553      +4
applet_main                                         1472    1476      +4
applet_suid                                           92      93      +1
applet_install_loc                                   184     185      +1
------------------------------------------------------------------------------
(add/remove: 9/0 grow/shrink: 5/0 up/down: 1415/0)           Total: 1415 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 12:49:32 +01:00
Denys Vlasenko
a6f8651911 wget: fix for brain-damaged HTTP servers. Closes 9471
write(3, "GET / HTTP/1.1\r\nUser-Agent: Wget\r\nConnection: close\r\n\r\n", 74) = 74
shutdown(3, SHUT_WR)    = 0
alarm(900)              = 900
read(3, "", 1024)       = 0
write(2, "wget: error getting response\n", 29) = 29
exit(1)

The peer simply does not return anything. It closes its connection.

Probably it detects wget closing its writing end: shutdown(3, SHUT_WR).

The point it, closing write side of the socket is _valid_ for HTTP.
wget sent the full request, it won't be sending anything more:
it will only receive the response, and that's it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 20:16:45 +01:00
Denys Vlasenko
ed15dde60a Move FEATURE_AUTOWIDTH config option to two applets which use it
No code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 16:35:52 +01:00
Denys Vlasenko
f560422fa0 Big cleanup in config help and description
Redundant help texts (one which only repeats the description)
are deleted.

Descriptions and help texts are trimmed.

Some config options are moved, even across menus.

No config option _names_ are changed.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-10 14:58:54 +01:00
Laurent Bercot
0ef478f01b httpd: fix address family for reverse proxy client socket
When httpd proxies a request to another server, it first creates
an AF_INET socket, then resolves the server name to a sockaddr,
then connects to it. This fails if the server name resolves to
an IPv6 address.

This patch ensures that the socket is created with the correct
address family (AF_INET6 if the server resolves to an IPv6 address
and AF_INET otherwise).

Signed-off-by: Laurent Bercot <ska-dietlibc@skarnet.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-08 15:14:38 +01:00
Natanael Copa
b62ea34afe ntpd: improve postponed hostname resolution
Run the namelookup from the main loop so a misspelled first ntp server
name does not block everything forever.

This fixes the following situation which would block forever:
  $ sudo ./busybox ntpd -dn -p foobar  -p pool.ntp.org
  ntpd: bad address 'foobar'
  ntpd: bad address 'foobar'
  ntpd: bad address 'foobar'
  ...

New behavior:
  ntpd: bad address 'foobar'
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.009775 delay:0.175550 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x01
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.009605 delay:0.175461 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x03
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.005327 delay:0.167027 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x07
  ntpd: sending query to 137.190.2.4
  ntpd: bad address 'foobar'
  ntpd: reply from 137.190.2.4: offset:-1.046349 delay:0.248705 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x0f

This patch is based on Kaarle Ritvanens work.
http://lists.busybox.net/pipermail/busybox/2016-May/084197.html

function                                             old     new   delta
ntpd_main                                           1061    1079     +18
ntp_init                                             556     560      +4
resolve_peer_hostname                                 81      75      -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 22/-6)              Total: 16 bytes

Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-06 16:21:09 +01:00
Denys Vlasenko
c6137ba510 udhcp: tweak config order and menu item names
All other applets are listed simply by their name, no reason why
dumpleases doesn't do that.

Group all udhcpd feature options directly after it.

Put "NOT READY" into udhcpc6 item (some users actually tried to use it,
and complained).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-04 12:13:38 +01:00
Jörg Krause
c6725b0af6 Fix dependency for IFUPDOWN_UDHCPC_CMD_OPTIONS
Commit a8c696bf09 makes ifup and ifdown
individually selectable, but forgets to update the dependency to
IFUPDOWN_UDHCPC_CMD_OPTIONS, so it is not selectable anymore.

This patch fixes the dependency by checking for IFUP or IFDOWN, instead
of the obsolete IFUPDOWN.

Also, it drops dependency on UDHCPC: udhcpc on the target system
does not have to come from the _same_ binary.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-03 12:29:52 +01:00
Denys Vlasenko
7890035452 tcpudp: define SO_ORIGINAL_DST directly, not via include
musl does not like including linux/netfilter_ipv4.h
(enum / #define collision in two headers, resulting in "3 = 3"
type situation in enum definition).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-02 10:46:08 +01:00
Denys Vlasenko
100aea8486 Remove FEATURE_IFUPDOWN_IP_BUILTIN and FEATURE_IFUPDOWN_IFCONFIG_BUILTIN
They merely enable ip or ifconfig/route. There is already a way to do this
on the same menuconfig page.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 15:20:16 +01:00
Denys Vlasenko
9cc3d3ab21 fix breakage found by mass one-applet builds
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 02:42:26 +01:00
Denys Vlasenko
7c5dea399b ip: make ip aliases individually selectable
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 22:30:13 +01:00
Denys Vlasenko
5d27cb3640 Make POST upload example script easier to use
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 15:33:11 +01:00
Denys Vlasenko
4acd393eba Update information on building httpd and wget helpers
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 15:13:37 +01:00
Lukasz Nowak
b42107f215 libiproute: handle table ids larger than 255
Linux kernel, starting from 2.6.19 allows ip table ids to have 32-bit values.
In order to preserve compatibility, the old 8-bit field: rtm_table is still
in use when table id is lower than 256.

Add support for the 32-bit table id (RTA_TABLE attribute) in:
- ip route print
- ip route modify
- ip rule print
- ip rule modify

Add printing of table ids to ip route.

Changes are compatible with the mainline iproute2 utilities.

These changes are required for compatibility with ConnMan, which by default
uses table ids greater than 255.

function                                             old     new   delta
print_route                                         1588    1637     +49
do_iproute                                          2187    2222     +35
do_iprule                                            955     987     +32
print_rule                                           617     630     +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 129/0)             Total: 129 bytes

Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-18 18:56:49 +01:00
Denys Vlasenko
1d3a04a3a4 Code style fixes, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-28 01:22:57 +01:00
Denys Vlasenko
f7683cdf83 Convert all udhcp applets to "new style" applet definitions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 18:54:59 +01:00
Denys Vlasenko
29e2c45a5b tc: consolidate its disabled bits
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:51:33 +01:00
Denys Vlasenko
8342397801 Make ping6 and traceroute6 selectable independently from ping/traceroute
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:25:57 +01:00
Denys Vlasenko
6bfab0c49f ipneigh: add this shortcur similar to other "ip <CMD>" shortcuts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:18:05 +01:00
Denys Vlasenko
3148e0c05b Rename FEATURE_FTP_WRITE and FEATURE_FTP_AUTHENTICATION to *_FTPD_*
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:07:44 +01:00
Denys Vlasenko
47367e1d50 Convert all networking/* applets to "new style" applet definitions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:05:14 +01:00
Denys Vlasenko
9f8eb1ee76 httpd: explain why we use sprintf and why it should be fine
While at it, fix a pathological case where it is not fine:
-r REALM with some 8-kbyte long REALM would overflow the buffer.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-22 02:23:35 +01:00
Denys Vlasenko
a8c696bf09 Make ifup and ifdown individually selectable.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-14 18:31:07 +01:00
Denys Vlasenko
67fd2f2858 dnsdomainname: split it from "hostname", make it independently selectable
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-13 22:35:10 +01:00
Denys Vlasenko
f11c6989ba udhcpc: check read of overload option data byte to be within packet
function                                             old     new   delta
udhcp_get_option                                     220     225      +5

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25 14:26:36 +02:00
Brian Foley
f9beeb22e2 udhcpc: check read of option length byte to be within packet
function                                             old     new   delta
udhcp_get_option                                     215     220      +5
udhcp_run_script                                     802     803      +1

Signed-off-by: Brian Foley <bpfoley@google.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25 14:20:55 +02:00
Denys Vlasenko
662634b829 telnetd: ifdef out a buggy error handling code path
Here, not handling the error is would just eat one input 0xff char.
Correct handling would need even more corner case handling,
as-is buggy handling corrupts the buffer.
Since we just been told by kernel that pty is ready,
EAGAIN should not be happening here anyway.

function                                             old     new   delta
telnetd_main                                        1798    1785     -13

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-13 16:17:06 +02:00
Denys Vlasenko
57727d478d telnet: code shrink
put_iac2(w,c) is mostly used with constants, fold them into one arg

function                                             old     new   delta
put_iac2_merged                                        -      46     +46
telnet_main                                         1603    1583     -20
con_escape                                           285     257     -28
put_iac2                                              50       -     -50
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 0/2 up/down: 46/-98)            Total: -52 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 20:42:58 +02:00
Denys Vlasenko
26d88d6bbd telnetd: add another handshake example in comments, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 20:09:22 +02:00
Denys Vlasenko
b6d421b635 telnetd: treat all 2-byte IACs in 240..249 range as NOPs.
A bit of future-proofing. Some of them can stand just being ignored.

function                                             old     new   delta
telnetd_main                                        1791    1798      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 19:41:33 +02:00
Denys Vlasenko
122c47ac02 telnetd: fix corner case of input processing of 0xff bytes
I managed to reproduce the bug, with some difficulty.

function                                             old     new   delta
telnetd_main                                        1780    1791     +11

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 19:13:46 +02:00
Denys Vlasenko
0190c41bb2 telnetd: fix a corner case where CRLF->CR translation can misbehave
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 17:36:57 +02:00
Denys Vlasenko
2a54b3e86e telnetd: fix handling of short writes to pty
If a write to pty is short, remove_iacs() can be run on a buffer repeatedly.
This, for example, can eat 0xff chars (IACs, in telnet terms).

Rework the logic to handle IACs in a special "write to pty" function.

function                                             old     new   delta
telnetd_main                                        1662    1750     +88

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 14:54:10 +02:00
Denys Vlasenko
3720a61daf ifupdown: rewrite state file atomically
By user's request.
Decided to not use fcntl(F_SETLKW) in lieu of problems with locking
on networked filesystems. The existence of /var/run/ifstate.new
is treated as a write lock. rename() provides atomicity.

function                                             old     new   delta
ifupdown_main                                       1019    1122    +103

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-09 23:04:16 +02:00
Denys Vlasenko
ec1ea16337 tcpsvd: don't keep shared fd open if fd limit is reached. closes 9331
Also, much improved help text.

function                                             old     new   delta
packed_usage                                       30652   30851    +199
tcpudpsvd_main                                      1782    1784      +2

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-07 15:56:47 +02:00
Denys Vlasenko
2972e2c4ac wget: there is no -s option in GNU Wget 1.18, we should be compatible
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 04:23:09 +02:00
Denys Vlasenko
a85740c8af dhcp: merge leases.c and static_leases.c into dhcpd.c
function                                             old     new   delta
send_offer                                           292     461    +169
udhcpd_main                                         1531    1588     +57
read_leases                                          330     332      +2
add_lease                                            314     312      -2
find_lease_by_mac                                     68       -     -68
find_free_or_expired_nip                             174       -    -174
------------------------------------------------------------------------------
(add/remove: 0/4 grow/shrink: 3/1 up/down: 228/-244)          Total: -16 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
d2ae66cb3e dhcp: merge most of static_leases.c into dhcpd.c
function                                             old     new   delta
read_staticlease                                     121     222    +101
add_static_lease                                      48       -     -48
log_static_leases                                     68       -     -68
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 1/0 up/down: 101/-116)          Total: -15 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
2bf2931d52 dhcp: merge files.c into dhcpd.c
Added NOINLINE to two function, since my version of gcc would actualy increase
code size otherwise.

I see no size changes.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
1c32e49bdf traceroute: cleanup and fixes for packet size calculations
Remove FEATURE_TRACEROUTE_SOURCE_ROUTE: it's off by default, and
source routing is not used in real world.

Tested that "traceroute -n ::1 100" and "traceroute -n 127.0.0.1 100"
both send 100 byte IP packets (this matches what traceroute on Fedora
Rawhide is doing).

function                                             old     new   delta
common_traceroute_main                              3731    3738      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-28 18:44:48 +02:00
Denys Vlasenko
bcf47eaa1f ifupdown: improve help text, add comment about run-parts error msg
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-25 02:05:24 +02:00
Denys Vlasenko
92d98f0612 ifupdown: when flushing addresses with "ip", add label %label%
User report:

or our board we setup eth0:0 on a 10.10.10.x/29 netwrok.

The problem is ip addr flush dev eth0:0 removes all ip addresses from
eth0.  You can see this if you run
ip -stat -stat addr flush dev eth0:0

2: eth0    inet 172.27.105.10/22 brd 172.27.107.255 scope global eth0
       valid_lft forever preferred_lft forever
2: eth0    inet 10.10.10.9/29 scope global eth0:0
       valid_lft forever preferred_lft forever
2: eth0    inet6 fe80::a2f6:fdff:fe18:2b13/64 scope link
       valid_lft forever preferred_lft forever

*** Round 1, deleting 3 addresses ***
*** Flush is complete after 1 round ***

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-20 17:31:11 +02:00
Hauke Mehrtens
4ff86df861 libnetlink: fix alignment of netlink messages
A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.

Without this patch the following command does not work and returns an
error code:
ip link add type nlmon

Without this ip from busybox sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=45, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45
return value: 2

The normal ip utile from iproute2 sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0

With this patch ip from busybox sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-18 22:55:47 +02:00
Denys Vlasenko
ef15970d7e *: placate some compile warnings on OSX
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-01 11:16:22 +02:00
Denys Vlasenko
9ff910de6b wget: treat 201,202,203 as success codes too. Closes 9211
This matches "standard" wget.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-31 13:28:53 +02:00
Peter Korsgaard
b6355e2bb5 udhcpc: Unconditionally call deconfig script, not only if lease is active
The udhcpc script may be used to setup fallback configuration (E.G. IPv4LL,
fixed IP address, ..) that also needs to be cleaned up on release (E.G.
when SIGUSR2 is called or on shutdown with -R), so unconditionally call
deconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-26 18:46:34 +02:00
Denys Vlasenko
de3da6bf87 wget/ssl_helper: update to wolfssl-3.9.8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-21 03:39:39 +02:00
Denys Vlasenko
b11be131b7 ifplugd: if SIOCSIFFLAGS fails with ENODEV, don't die
Some user managed to hit a race where iface is gone between SIOCGIFFLAGS
and SIOCSIFFLAGS (!). If SIOCSIFFLAGS fails, treat it the same as failed
SIOCGIFFLAGS

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-16 20:39:52 +02:00
Denys Vlasenko
4548293799 libiproute: eliminate some redundant zero stores
function                                             old     new   delta
do_iprule                                            974     955     -19
rtnl_dump_request                                    173     146     -27
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-46)             Total: -46 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14 02:08:56 +02:00
Denys Vlasenko
34ecc3b7ae ip: fix an improper optimization: req.r.rtm_scope may be nonzero here
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14 01:30:34 +02:00
Miroslav Lichvar
150dc7a2b4 ntpd: respond only to client and symmetric active packets
The busybox NTP implementation doesn't check the NTP mode of packets
received on the server port and responds to any packet with the right
size. This includes responses from another NTP server. An attacker can
send a packet with a spoofed source address in order to create an
infinite loop of responses between two busybox NTP servers. Adding
more packets to the loop increases the traffic between the servers
until one of them has a fully loaded CPU and/or network.

Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-01 20:25:06 +02:00
Denys Vlasenko
ed72761843 wget: run s_client helper with -servername HOST
This is necessary for multi-hosted TLSed web sites.

function                                             old     new   delta
spawn_https_helper_openssl                           334     441    +107

Based on a patch by Jeremy Chadwick <jdc@koitsu.org>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25 21:34:57 +02:00
Denys Vlasenko
9d20297ba8 ssl_helper.sh: strip was invoked incorrectly
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25 17:12:46 +02:00
Denys Vlasenko
e695ac97fd typo fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-19 17:48:55 +02:00
Denys Vlasenko
237bedd499 getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST
In many cases, this aqllows to drop use of opt_complementary.
Approximately -400 bytes:

function                                             old     new   delta
getopt32                                            1423    1502     +79
opt_string                                            17      18      +1
OPT_STR                                               24      25      +1
uniq_main                                            416     406     -10
timeout_main                                         279     269     -10
sulogin_main                                         270     260     -10
readprofile_main                                    1825    1815     -10
ps_main                                              543     533     -10
pidof_main                                           245     235     -10
pgrep_main                                           611     601     -10
od_main                                             2600    2590     -10
mkfs_minix_main                                     2684    2674     -10
mkfs_ext2_main                                      2603    2593     -10
microcom_main                                        712     702     -10
makemime_main                                        315     305     -10
ionice_main                                          282     272     -10
inetd_main                                          2074    2064     -10
ifplugd_main                                        1144    1134     -10
halt_main                                            353     343     -10
getopt_main                                          636     626     -10
fdisk_main                                          2854    2844     -10
env_main                                             206     196     -10
dmesg_main                                           319     309     -10
conspy_main                                         1214    1204     -10
awk_main                                             981     971     -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/22 up/down: 81/-220)         Total: -139 bytes
   text	   data	    bss	    dec	    hex	filename
 919373	    906	  14060	 934339	  e41c3	busybox_old
 918969	    906	  14060	 933935	  e402f	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 21:58:02 +02:00
Denys Vlasenko
0844b5afe2 whois: implement -i
function                                             old     new   delta
whois_main                                           654     675     +21
packed_usage                                       30355   30356      +1

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 17:16:27 +02:00
Denys Vlasenko
1035c92e2d whois: make it actually work
It was doing way too simplistic work of just querying the server,
no redirects, no query massaging. This required user to know a lot about whois,
and enter at least three queries for each host to get meaningful information.

function                                             old     new   delta
whois_main                                           209     646    +437

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 15:45:41 +02:00
Denys Vlasenko
ee772a0d90 arp: fix buffer overflow. Closes 9071
function                                             old     new   delta
arp_main                                            1910    1898     -12

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-04 17:38:01 +02:00
Denys Vlasenko
44399e00ff udhcpc: run "deconfig" script in manual renew state too. closes 9061
The bug was seen when the following is done:

    # killall 1 udhpc; killall 2 udhpc

Performing a DHCP renew
state: 2 -> 5
Sending renew...
Entering released state
state: 5 -> 6  <<<<<<<<<<<<<< not calling script!!!!

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03 20:26:44 +02:00
Denys Vlasenko
aabb0a93e9 ntpd: daemonize before DNS resolution
This resolves the following use case problem:

"I start ntpd by default from /etc/init.d

There might be no working network connection (not configured properly for
whatever reason, hardware problems, whatelse).

With busybox 1.25 ntpd seems to loop forever if now NTP servers are found,
blocking the boot process  and I never get a login to solve a possible pb or
to do a first time configuration."

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03 17:58:54 +02:00
Jonas Danielsson
4d5acd2d42 ping: populate icmp_id field for "simple" ping too
The ICMP RFC says that identifier and sequence number may be zero.
Having them zero for a Echo message, along with a data of zero's
as well will result in a Echo reply message with only zero's.

Some NAT implementations seem to get the checksum wrong on these
packages. Setting a checksum of 0x0 instead of 0xffff.

Through NAT:
  Internet Control Message Protocol
      Type: 0 (Echo (ping) reply)
      Code: 0
      Checksum: 0x0000 [incorrect, should be 0xffff]
      Identifier (BE): 0 (0x0000)
      Identifier (LE): 0 (0x0000)
      Sequence number (BE): 0 (0x0000)
      Sequence number (LE): 0 (0x0000)
      Data (56 bytes)
          Data: 000000000000000000000000000000000000000000000000...
          [Length: 56]

Without NAT:
  Internet Control Message Protocol
      Type: 0 (Echo (ping) reply)
      Code: 0
      Checksum: 0xffff [correct]
      Identifier (BE): 0 (0x0000)
      Identifier (LE): 0 (0x0000)
      Sequence number (BE): 0 (0x0000)
      Sequence number (LE): 0 (0x0000)
      [Request frame: 189]
      [Response time: 0.024 ms]
      Data (56 bytes)
          Data: 000000000000000000000000000000000000000000000000...
          [Length: 56]

And this in turn will make some hardware MAC checksum offloading
engines drop the packet.

(This was seen with a Synopsis MAC, the same one used in for instance the
stmmac Ethernet driver in the linux kernel.)

This change can be seen as a workaround for bugs in other layers.
But just setting an identifier for the Echo message packet will
avoid prodding the hornets nest.

function                                             old     new   delta
common_ping_main                                     424     500     +76

Signed-off-by: Jonas Danielsson <jonasdn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-23 18:26:32 +02:00
Denys Vlasenko
e4caf1dd9c ntpd: retry initial DNS resolution (forever, no timeout for now).
Some users start ntpd on boot, and don't babysit it. If it dies because
DNS is not yet up and therefore NTP servers can't be found, users are
not happy.

Example behavior with a peer name which can't be resolved:

ntpd: bad address 'qwe.rty.ghj.kl'
...5 sec...
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
...

Based on the patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>

function                                             old     new   delta
resolve_peer_hostname                                  -      81     +81
ntpd_main                                           1130    1061     -69
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 81/-69)             Total: 12 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-06 02:26:49 +02:00
Denys Vlasenko
852e8dd734 arping: avoid use of ether_ntoa(). Closes 8926
This is the only non-debug use of ether_ntoa(). By not using it,
we reduce bss:

function                                             old     new   delta
arping_main                                         1568    1665     +97
static.asc                                            18       -     -18
ether_ntoa                                            57       -     -57
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 1/0 up/down: 97/-75)             Total: 22 bytes
   text    data     bss     dec     hex filename
 911020     493    7352  918865   e0551 busybox_old
 911069     493    7336  918898   e0572 busybox_unstripped

Also, "standard" arping zero-pads MAC. ether_ntoa() does not.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-05-26 21:35:46 +02:00
Szabolcs Nagy
4ab372d49a ip: fix problem on mips64 n64 big endian musl systems
Use designated initializers for struct msghdr.
The struct layout is non-portable and musl libc does not match what busybox expects.

Signed-off-by: Szabolcs Nagy <nsz@port70.net>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-24 17:39:02 +02:00
Denys Vlasenko
3e134ebf6a *: slap on a few ALIGN1/2s where appropriate
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"

   text	   data	    bss	    dec	    hex	filename
 829901	   4086	   1904	 835891	  cc133	busybox_before
 829665	   4086	   1904	 835655	  cc047	busybox

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-22 18:09:21 +02:00
Denys Vlasenko
df70a43af2 udhcp: add setup_common_bufsiz() as needed
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 18:54:36 +02:00
Denys Vlasenko
9de2e5a222 *: hopefully all setup_common_bufsiz() are in place
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 18:38:51 +02:00
Denys Vlasenko
47cfbf32fd *: add most of the required setup_common_bufsiz() calls
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 18:18:48 +02:00
Denys Vlasenko
e6a2f4cc5a libbb: make bb_common_bufsiz1 1 kbyte, add capability to use bss tail for it
The config item is FEATURE_USE_BSS_TAIL. When it is off (default):

function                                             old     new   delta
read_config                                          210     228     +18
doCommands                                          2279    2294     +15
ipneigh_list_or_flush                                763     772      +9
ipaddr_list_or_flush                                1256    1261      +5
display_process_list                                1301    1306      +5
conspy_main                                         1378    1383      +5
do_lzo_compress                                      352     355      +3
do_lzo_decompress                                    565     567      +2
push                                                  46      44      -2
inetd_main                                          2136    2134      -2
uevent_main                                          421     418      -3
addLines                                              97      92      -5
bb_common_bufsiz1                                   8193    1024   -7169
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 8/5 up/down: 62/-7181)        Total: -7119 bytes
   text	   data	    bss	    dec	    hex	filename
 829850	   4086	   9080	 843016	  cdd08	busybox_old
 829901	   4086	   1904	 835891	  cc133	busybox_unstripped

FEATURE_USE_BSS_TAIL=y:

read_config                                          210     228     +18
doCommands                                          2279    2294     +15
ipneigh_list_or_flush                                763     772      +9
ipaddr_list_or_flush                                1256    1261      +5
display_process_list                                1301    1306      +5
conspy_main                                         1378    1383      +5
do_lzo_compress                                      352     355      +3
do_lzo_decompress                                    565     567      +2
inetd_main                                          2136    2134      -2
bb_common_bufsiz1                                   8193       -   -8193
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 8/1 up/down: 62/-8195)        Total: -8133 bytes
   text	   data	    bss	    dec	    hex	filename
 829850	   4086	   9080	 843016	  cdd08	busybox_old
 829911	   4086	    880	 834877	  cbd3d	busybox_unstripped

FIXME: setup_common_bufsiz() calls are missing.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 17:39:11 +02:00
Denys Vlasenko
f75a96d74c udhcp: fix capitalization of two messages
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 18:49:45 +02:00
Denys Vlasenko
16efe19128 dhcpd: string reuse
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 18:44:52 +02:00
Denys Vlasenko
8f2e99c813 udhcp: get rid of bb_info_msg()
function                                             old     new   delta
udhcpd_main                                         1501    1531     +30
d6_recv_raw_packet                                   251     264     +13
perform_d6_release                                   188     198     +10
udhcpc6_main                                        2443    2449      +6
udhcp_recv_raw_packet                                582     588      +6
udhcp_recv_kernel_packet                             132     138      +6
send_d6_renew                                        140     146      +6
d6_recv_kernel_packet                                118     124      +6
send_renew                                            77      82      +5
send_discover                                         85      90      +5
send_decline                                          84      89      +5
send_d6_select                                        97     102      +5
send_d6_discover                                     174     179      +5
perform_release                                      167     172      +5
count_lines                                           72      74      +2
udhcpc_main                                         2836    2837      +1
bb_info_msg                                          125       -    -125
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 17/4 up/down: 117/-180)         Total: -63 bytes
   text	   data	    bss	    dec	    hex	filename
 924935	    906	  17160	 943001	  e6399	busybox_old
 924736	    906	  17160	 942802	  e62d2	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 18:41:23 +02:00
Denys Vlasenko
cde1199e01 zcip: use bb_error_msg for logging, not bb_info_msg
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 16:22:13 +02:00
Denys Vlasenko
066e76befe Replace a few more bb_info_msg's by bb_error_msg or printf
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 16:20:28 +02:00
Denys Vlasenko
76b680c7a8 Use bb_error_msg instead of bb_info_msg in all commented-out debug printouts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30 16:04:37 +02:00
Denys Vlasenko
9844d7e830 Revert "networking: properly initialize ipv6 scope id for printing it"
This reverts commit 2fb63292f7.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-29 19:27:00 +02:00
Timo Teräs
2fb63292f7 networking: properly initialize ipv6 scope id for printing it
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-28 22:16:48 +02:00
Denys Vlasenko
6701e91d84 wget: make -T timeout work on header reads too. Closes 8636
function                                             old     new   delta
set_alarm                                              -      27     +27
fgets_and_trim                                        76      92     +16
wget_main                                           2610    2616      +6
open_socket                                           64      54     -10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-17 21:52:42 +01:00
Denys Vlasenko
1b7c17391d udhcpc: fix a warning in debug code
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-11 00:26:58 +01:00
Denys Vlasenko
d474ffc682 udhcp: fix a SEGV on malformed RFC1035-encoded domain name
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-10 11:47:58 +01:00
Denys Vlasenko
86d9f60f3a udhcpc: do not use -t NUM for counting "select" packets, use 3
Otherwise, "-t 0" usage may end up sending them forever
if server does not respond.

function                                             old     new   delta
udhcpc_main                                         2846    2836     -10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-04 17:00:56 +01:00
Denys Vlasenko
aee7cd82be ntpd: add experimental patch
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-04 07:36:04 +01:00
Denys Vlasenko
c8641962e4 ntpd: if peer does not reply anymore, try re-resolving its hostname
function                                             old     new   delta
ntpd_main                                           1053    1130     +77
add_peers                                            166     195     +29

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-04 07:26:08 +01:00
Denys Vlasenko
f37f28199f ntpd: do not use a peer more than once (say, if two peers resolve to the same IP)
function                                             old     new   delta
add_peers                                             98     166     +68

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-04 07:06:53 +01:00
Denys Vlasenko
4c48a64747 ntpd: more informative poll lowering message
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-03 22:02:30 +01:00
Denys Vlasenko
35e063e1b9 ifupdowm: fix "warning: unused variable 'iface_list'"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-03 02:19:16 +01:00
Hans Dedecker
abe8f7515a dhcpc: Use client IP address as source address for DHCP renew/rebind messages
RFC2131 paragraph 4.1 states DHCP messages broadcast by a client prior to
that client obtaining its IP address must have the source IP address
field in the header set to 0.
Request messages transmitted in renewing and rebinding state need to use
the obtained IP address as source IP address in the header; this behavior
lines up with other implementations like ISC dhcp client.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-03 02:05:53 +01:00
Christian Lindeberg
ea2b71be66 udhcpd: keep expired leases at startup
Let udhcpd retain the information about expired leases when restarting
so that the leases are reserved until they possibly become the oldest
expired lease.

This reduces the frequency of IP address changes for example when the
DHCP server and a group of clients, who do not store and request their
previously offered IP address across restarts, are collectively restarted
and the startup order of the clients are not guaranteed.

Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-01 19:23:22 +01:00
Nicolas Cavallari
e5aba88712 ifupdown: allow duplicate interface definitions
This patch allow to have multiple interface definitions, much like
Debian's ifupdown.  More specifically, it removes the check for a
duplicate definition, so the impact on binary size should be fairly
minimal.

This configuration:

iface eth0 inet static
        address 192.168.0.15
        netmask 255.255.0.0
        gateway 192.168.0.1

iface eth0 inet static
        address 10.0.0.1
        netmask 255.255.255.0

Will add two addresses to eth0 if ip is used.  If ifconfig is used,
the standards methods will likely not stack, but the administrator may
still use the manual method.  The DHCP method may work depending on the
DHCP client in use.

This is a fairly advanced feature for power users who knows what they
are doing.  There are not many other network configuration systems that
allows multiple addresses on an interface.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-01 18:59:08 +01:00
Denys Vlasenko
352f79acbd udhcpc: fix OPTION_6RD parsing (could overflow its malloced buffer)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-02-26 15:54:56 +01:00
Denys Vlasenko
5bec08cebd udhcp: trivial shrink
function                                             old     new   delta
dname_dec                                            337     332      -5

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-02-26 14:56:18 +01:00
Denys Vlasenko
03718bb274 ntpd: print packet delay in clock update message
function                                             old     new   delta
update_local_clock                                   820     826      +6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-02-24 01:22:45 +01:00
Denys Vlasenko
8efcc9589b networking: allow dot at the end of the domain name in dhcp response
Patch based on Balaji Punnuru <balaji.punnuru@gmail.com> work.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-02-11 17:44:44 +01:00
Denys Vlasenko
383201e725 ntpd: shorter message
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-02-10 07:06:31 +01:00