overflow when given ridiculously large data lengths. In practice, undefined
behavior would never occur with the previous function since it would have
required IP packets >128KiB bytes in length and the maximum length for an
IP packet is 64KiB.
The new checksum function is also a bit more flexible (allowing a starting
checksum value != 0), clearly is endian independent, and does no typesystem
abuse. It's boringly correct standard C.
Use C99 structure initializers for forming raw UDP packets for send.
Rename raw_packet() to send_dhcp_raw() and strip of unnecessary arguments.
Rename kernel_packet() to send_dhcp_cooked() and strip of unnecessary
arguments.
Remove the ugly bcast_raw_packet() wrapper hack.
- Use SO_DONTROUTE for dhcp listen and send sockets (both raw and udp).
More paranoia against packets being sent to incorrect interfaces:
- Bind arp socket to a specific interface via bind().
- Use SO_BINDTODEVICE for udp send sockets. It was already used for udp
listen sockets.
Flatten indentation in arp_(open|close)_fd().
Use C99 initializers in packet.c.
Add more error message prints to packet.c.
- Use AF_PACKET and SOCK_RAW rather than the decade-deprecated
SOCK_PACKET interface.
- Separate out socket creation code into a subfunction.
- Use C99 initializers for packet and address structures.
- Cosmetic cleanups.
check was overzealous and would drop valid packets. Now the minimal
packet size that is tolerated is 32 bytes.
24 bytes would be enough for the client IP, but I very much doubt that any
server would leave out the non-optional fields of siaddr and giaddr as well as
chaddr. We already tolerate elided chaddr with a cut-off of 32 bytes, which is
dubious enough.
Handle EAGAIN and EWOULDBLOCK more gracefully when dealing with safe_read().
All occurrences of safe_read() should only be invoked on fds that have signaled
ready-to-read state via the epoll() mechanism, so this change should not
result in any observable difference, but it is best to be safe.
Additionally, a constant stack variable is converted to an equivalent
macro define for cleanliness.
Finally, print the error type encountered if reading data from an ARP response
fails with a read error.
jail and change configuration instructions as well.
Change default configuration instructions to specify setting root
of the chroot jail as owned by root.root.
Handle failure to create arp sockets more gracefully.
Add initial support for retransmitting arp requests if no reply is met after
a certain number of spurious packets.
lease.
Be more aggressive about closing old arp file descriptors.
Check the ARP headers to make sure that received ARP packets are addressed to
our machine. Whatever bug may have existed before doesn't exist on modern
Linux kernels, if it ever did.
Use the stored gateway hardware address to validate a restored link in the
DS_ARP_GW_CHECK state.
If an ARP message is received while we are in a state that does not expect
ARP messages, close the ARP socket and log a message.
the currently assigned gateway/router still replies to ARP queries. If so,
keep the lease. If not, get a new lease.
Save the IP address of the current gateway/router.
Remove an outdated check for a buggy compiler.
Fix a typo in the previous commit that caused timeouts to be 1000x faster than
they should be.