Commit Graph

174 Commits

Author SHA1 Message Date
Nicholas J. Kain
b72b551a0d Cosmetic changes to packet.c. 2011-06-27 13:01:39 -04:00
Nicholas J. Kain
55f24fd2a3 Make the various functions in options.c that take a pointer to an options
buffer and length instead take a pointer to a struct dhcpmsg.  This argument
list choice implicitly gives safe length checks and is simpler.

Remove DHCP_OPTIONS_LENGTH.
Fold set_option() into alloc_option().
Make some more functions in options.[ch] static.
2011-06-27 12:53:35 -04:00
Nicholas J. Kain
63d9763345 Remove init_header() and clean up init_packet() and its callers. 2011-06-27 12:20:22 -04:00
Nicholas J. Kain
1e2698b402 If a lease is negotiated, then expires after renewal attempts, don't time out
and exit the daemon as would be desirable at startup.  Just keep trying.
2011-06-26 18:21:40 -04:00
Nicholas J. Kain
057211d5f5 Make IP and UDP checksum calculations for sending raw packets much less
confusing.  They are now calculated without mutating the underlying
structures so that there is no longer any tricky operation order dependence.
2011-06-26 17:50:35 -04:00
Nicholas J. Kain
0581cc9aed Trivial cosmetic corrections. 2011-06-26 17:37:57 -04:00
Nicholas J. Kain
864ad73b20 Remove pointless length-checking in get_raw_packet() that can never be triggered
because safe_read() already protects against reads longer than a DHCP
packet in length.

Lots of cosmetic cleanups.  Highlights:
- Remove pointless enums that just define sizeof for various structures.
- Rename struct dhcpMessage to struct dhcpmsg.
2011-06-26 17:25:00 -04:00
Nicholas J. Kain
b70070e592 Define stateless functions to validate the checksum of an ip header and of a
udp packet and use them in get_raw_packet().

Print a warning if the raw UDP receive gets a quantum of data that is greater
than that of a single UDP datagram.

Remove unnecessary argument from net_checksum().  Initializing a nonzero
checksum value is not very helpful in practice.

Define a function net_checksum_add() that, for two sequences of bytes A and B
that return checksums CS(A) and CS(B), will calculate the checksum CS(AB) of
the concatenated value AB given the checksums of the individual parts CS(A)
and CS(B).
2011-06-26 16:33:07 -04:00
Nicholas J. Kain
7d0e05504f Define a new IP checksum function that is resistant to undefined signed
overflow when given ridiculously large data lengths.  In practice, undefined
behavior would never occur with the previous function since it would have
required IP packets >128KiB bytes in length and the maximum length for an
IP packet is 64KiB.

The new checksum function is also a bit more flexible (allowing a starting
checksum value != 0), clearly is endian independent, and does no typesystem
abuse.  It's boringly correct standard C.

Use C99 structure initializers for forming raw UDP packets for send.
2011-06-26 10:21:02 -04:00
Nicholas J. Kain
f43b656673 Make static in packet.c: checksum(), raw_packet(), and kernel_packet().
Rename raw_packet() to send_dhcp_raw() and strip of unnecessary arguments.
Rename kernel_packet() to send_dhcp_cooked() and strip of unnecessary
arguments.
Remove the ugly bcast_raw_packet() wrapper hack.
2011-06-25 16:55:00 -04:00
Nicholas J. Kain
5b3aee93ab Tell the kernel not to attempt routing table lookups for sent DHCP traffic:
- Use SO_DONTROUTE for dhcp listen and send sockets (both raw and udp).

More paranoia against packets being sent to incorrect interfaces:
- Bind arp socket to a specific interface via bind().
- Use SO_BINDTODEVICE for udp send sockets.  It was already used for udp
  listen sockets.

Flatten indentation in arp_(open|close)_fd().
Use C99 initializers in packet.c.
Add more error message prints to packet.c.
2011-06-25 16:31:21 -04:00
Nicholas J. Kain
c37d815754 Rewrite the ARP ping code to properly use modern interfaces. In detail:
- Use AF_PACKET and SOCK_RAW rather than the decade-deprecated
  SOCK_PACKET interface.
- Separate out socket creation code into a subfunction.
- Use C99 initializers for packet and address structures.
- Cosmetic cleanups.
2011-06-25 13:02:56 -04:00
Nicholas J. Kain
8f5eb7e921 Remove invariant args to arpping(). 2011-06-25 11:42:15 -04:00
Nicholas J. Kain
7ee0001e97 Constant correctness: socket(PF_*, ...) -> socket(AF_*, ...) 2011-06-25 11:11:48 -04:00
Nicholas J. Kain
e50c429235 Handle errors in fcntl() if O_NONBLOCK fails. 2011-06-25 10:46:24 -04:00
Nicholas J. Kain
71f59d0433 Remove socket.[ch] : code is merged into packet.c 2011-06-25 10:40:41 -04:00
Nicholas J. Kain
7d206e45b6 Make raw listen sockets nonblocking. They should have been so all along.
Minor constant correction: PF_PACKET -> AF_PACKET
2011-06-25 10:18:14 -04:00
Nicholas J. Kain
19f7e6d11e Silence excessively chatty messages from ARP handling. Random received
packets that are discarded for simply not being targets for examination
should not trigger prints.
2011-06-25 10:02:09 -04:00
Nicholas J. Kain
5cf572c2fd Merge dhcpmsg.[ch] into packet.[ch]. 2011-06-11 11:19:05 -04:00
Nicholas J. Kain
6191a07eb3 Move get_raw_packet() to packet.c and make get_packet() and get_raw_packet()
static functions.
2011-06-11 11:05:53 -04:00
Nicholas J. Kain
52306aa217 Remove some old and now misleading comments. 2011-06-11 10:59:00 -04:00
Nicholas J. Kain
13862b488c Cosmetic improvements for change_listen_mode(). Printed messages now
look better, and epoll_add() is not called before exit() in the failure
case.
2011-06-11 05:03:33 -04:00
Nicholas J. Kain
25ee07db95 Remove sleep() calls from raw packet receipt error handling. 2011-06-11 04:48:25 -04:00
Nicholas J. Kain
9cfcfefd4e Consolidate DHCP_MAGIC check for packet.cookie field.
Minor cosmetic cleanups for DHCP packet receipt handling.
2011-06-11 04:27:56 -04:00
Nicholas J. Kain
7c6b07ca75 Tweak the minimum dhcp packet size to at least include the magic cookie
field.  In practice, packets lacking any options at all are still invalid,
but they will fail later in the validation, so that is fine.
2011-06-11 04:09:05 -04:00
Nicholas J. Kain
6222d6ec0b Update documentation to suggest mode g+w for var/run in the suggested chroot
so that PID file creation for ndhc will not fail.
2011-06-10 14:07:03 -04:00
Nicholas J. Kain
109dfd74c6 Tolerate short DHCP messages that are less than DHCP_SIZE. The previous
check was overzealous and would drop valid packets.  Now the minimal
packet size that is tolerated is 32 bytes.

24 bytes would be enough for the client IP, but I very much doubt that any
server would leave out the non-optional fields of siaddr and giaddr as well as
chaddr. We already tolerate elided chaddr with a cut-off of 32 bytes, which is
dubious enough.
2011-06-10 14:04:50 -04:00
Nicholas J. Kain
bd49819f28 Fix a bug in safe_read() that would cause short reads on an async socket
to return failure rather than the number of characters read.
2011-06-10 13:53:05 -04:00
Nicholas J. Kain
387502255f Clean up logging prints in arp.c. 2011-06-02 10:48:58 -04:00
Nicholas J. Kain
927ed47b58 Print explicit warning messages when ARP packets fail in arp_validate(). 2011-06-02 10:41:34 -04:00
Nicholas J. Kain
8ede75738f When setting route, don't print an error if EEXIST is returned by the ioctl().
This 'error' merely means that the installed route already exists.
2011-05-31 11:55:26 -04:00
Nicholas J. Kain
bec1d30279 Add arpreply_clear() helper. 2011-05-31 11:24:40 -04:00
Nicholas J. Kain
96fee03a16 Use memcmp() rather than pointer type aliasing in handle_arp_response().
Cosmetic improvements to ARP code.
2011-05-31 11:14:50 -04:00
Nicholas J. Kain
96f640e36c More strictly validate ARP responses from remote servers. 2011-05-31 11:01:08 -04:00
Nicholas J. Kain
d72b24a2fe Theoretical correctness fix:
Handle EAGAIN and EWOULDBLOCK more gracefully when dealing with safe_read().
All occurrences of safe_read() should only be invoked on fds that have signaled
ready-to-read state via the epoll() mechanism, so this change should not
result in any observable difference, but it is best to be safe.

Additionally, a constant stack variable is converted to an equivalent
macro define for cleanliness.

Finally, print the error type encountered if reading data from an ARP response
fails with a read error.
2011-05-30 10:54:05 -04:00
Nicholas J. Kain
03f0e8719e Tidy up DESIGN. It was hopelessly out of date. 2011-05-01 21:05:39 -04:00
Nicholas J. Kain
59beb159d3 Place the ifchange socket in /var/state/ifchange within the chroot
jail and change configuration instructions as well.

Change default configuration instructions to specify setting root
of the chroot jail as owned by root.root.
2011-05-01 20:43:29 -04:00
Nicholas J. Kain
b3f9115689 Add a -V --verbose flag to enable the overly verbose list reciept logging.
Update interface flags only if it would provoke an actual change.
2011-04-30 07:30:07 -04:00
Nicholas J. Kain
e96dab80fe lseek() after ftruncate() just to be safe. 2011-04-25 01:08:03 -04:00
Nicholas J. Kain
da193ae35a Add support for writing lease files. 2011-04-19 16:37:43 -04:00
Nicholas J. Kain
c7ff945be8 Shrink a delay and whitespace fix. 2011-03-31 15:28:32 -04:00
Nicholas J. Kain
996983143e Only query gateway hwaddr when binding a new lease. Don't bother when just
renewing or rebinding a lease.
2011-03-31 15:05:05 -04:00
Nicholas J. Kain
a7db2c4bd2 Make arp code more robust and refactor it a bit.
Handle failure to create arp sockets more gracefully.
Add initial support for retransmitting arp requests if no reply is met after
a certain number of spurious packets.
2011-03-31 02:32:34 -04:00
Nicholas J. Kain
f4aa2058db Get rid of a very old blocking sleep that triggered after a DHCP NAK is
received.
2011-03-31 00:03:07 -04:00
Nicholas J. Kain
a6fa236700 Massive cosmetic patch: update or add copyright headers, untabify, and
change all unsigned char to uint8_t.
2011-03-30 23:59:22 -04:00
Nicholas J. Kain
147e2d0fd9 Untabify and headerize config.h. 2011-03-30 23:33:46 -04:00
Nicholas J. Kain
b5e5685d01 Fetch the gateway hardware address after receiving a router option in a DHCP
lease.

Be more aggressive about closing old arp file descriptors.

Check the ARP headers to make sure that received ARP packets are addressed to
our machine.  Whatever bug may have existed before doesn't exist on modern
Linux kernels, if it ever did.

Use the stored gateway hardware address to validate a restored link in the
DS_ARP_GW_CHECK state.

If an ARP message is received while we are in a state that does not expect
ARP messages, close the ARP socket and log a message.
2011-03-30 23:17:27 -04:00
Nicholas J. Kain
e1eb41e1c0 Remove a debugging print. 2011-03-30 20:21:44 -04:00
Nicholas J. Kain
03717e1593 If physical link state changes to UP and a lease is bound, check to see if
the currently assigned gateway/router still replies to ARP queries.  If so,
keep the lease.  If not, get a new lease.

Save the IP address of the current gateway/router.
Remove an outdated check for a buggy compiler.
Fix a typo in the previous commit that caused timeouts to be 1000x faster than
they should be.
2011-03-30 20:13:48 -04:00
Nicholas J. Kain
de23d2241d Improve timeout backoff. It's a capped linear backoff. RFC specifies
capped randomized exponential, but I don't feel like incurring the cost
when the cap is so low.
Add comments for the dhcpMessage structure members.
2011-03-30 18:58:09 -04:00