CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/14 02:57:32 Modified files: sbin/slaacd: log.c Log message: sync slaacd(8) log.c to dhcpleased(8)'s version. We don't built log.c on the ramdisk so no need for ifndef small.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/14 02:45:05 Modified files: sbin/dhcpleased: log.h Log message: log_getverbose() is a void function pointed out by tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/14 02:41:54 Modified files: sbin/slaacd: log.h Log message: sync slaacd(8) log.h to dhcpleased(8) log.h - include stdlib.h for exit(3) - knf fixes - define log_getverbose as (0) instead of 0 input & OK tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/13 10:06:34 Modified files: sbin/slaacd: engine.c Log message: Reduce if_indextoname(3) usage. Don't ask the kernel to translate an if_index to a name if we are not running with verbose logging, it's not free.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/12 13:11:25 Modified files: bin/dd : misc.c Log message: Rewrite bytes/sec calculation using fixed point math. This makes signal handler safe on OpenBSD. To avoid overflows the accuracy is scaled. Above 10 minutes run time we only care about second accuracy. Between 1 seconds and 10 minutes we use millisecond accuracy. Below one second we use nanoseconds, but those numbers are probably meaningless. Signal handler problem pointed out by deraadt OK deraadt, millert, tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/12 06:35:32 Modified files: etc/examples : vm.conf Log message: Recommend veb(4) instead of bridge(4). bridge(4) has weird interactions with traffic crossing the bridge. Missing change after updating the faq pointed out by ajacoutot OK dv
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: flor...@cvs.openbsd.org 2024/07/12 02:42:37 Modified files: faq: faq16.html Log message: Recommend veb(4) instead of bridge(4). bridge(4) has weird interactions with traffic crossing the bridge. For example I couldn't get dhcpd(8) to work with the given example. dhcpd(8) just worked after switching to veb(4). "Option 4" in the faq should also be converted to veb(4) but I currently don't have the time nor a testsetup. OK mlarkin, dlg
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/11 07:38:03 Modified files: sbin/dhcp6leased: frontend.c Log message: Make sure we are interested in an interface that shows up.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/11 04:48:52 Modified files: sbin/dhcp6leased: engine.c frontend.c Log message: Be a bit more noisy in syslog on what is going on. So far dhcp6leased(8) has been completely silent. Prodding by Brian Conway.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/11 04:38:57 Modified files: sbin/dhcp6leased: dhcp6leased.c engine.c Log message: Write lease after we configured prefixes. While here, do not claim we have a ::/0 lease, it confuses the parser.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/11 04:37:47 Modified files: sbin/dhcp6leased: engine.c Log message: Do not show expired lease information in dhcp6leasectl.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/11 03:39:14 Modified files: sbin/dhcp6leased: engine.c Log message: Forgot to initialize status_code in previous. No STATUS_CODE option from the server means "success", but we are now using stack garbage, which is usually not "success".
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/10 06:52:51 Modified files: sbin/dhcp6leased: engine.c Log message: Pass status option up. If we are in state "renewing" and the DHCPv6 server returns an unsuccessful status go to "rebinding", i.e. ask any DHCPv6 server for a lease not just the one we got the lease from. This likely fixes a problem reported by Brian Conway where the ISP returned "NoBinding - Prefix not bound to this interface." for a renew. dhcp6leased recovered once T1 expired and we went to "rebinding" after some time.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/10 06:44:46 Modified files: sbin/dhcp6leased: dhcp6leased.h engine.c Log message: Pass int to the *2str functions, we don't need anything fancy.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/10 04:30:46 Modified files: sbin/dhcp6leased: engine.c Log message: Only vis(3) the option, not the rest of the packet. Lots of head scratching and help from the hackroom ensued because of a inconveniently placed \r that truncated a string and placed garbage at a weird place.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/09 10:24:57 Modified files: sbin/dhcp6leased: engine.c Log message: Track configured and new prefix delegations in iface. When the DHCPv6 server renumbers and hands us new delegations we have to deconfigure the old prefixes. To prevent situations where we have no IPv6 at all, first configure the new prefixes and then remove the old prefixes.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/09 10:15:42 Modified files: sbin/dhcp6leased: engine.c Log message: Skip prefixes with vltime 0. Servers indicate unusable prefixes with vltime 0 when we are in state reboot and probably hand us new, valid prefixes. In IPv4 dhcp we would receive a NACK instead...
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/09 07:27:18 Modified files: sbin/dhcp6leased: engine.c Log message: remove unnused prototype
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/08 08:22:09 Modified files: usr.sbin/relayd: relay_http.c Log message: cleanup unused variable
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/08 07:46:33 Modified files: usr.bin/dig/lib/isc: sockaddr.c Log message: IN_MULTICAST uses host byte order I somehow missed this when ripping out 3 layers of indirections. from niklas
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/07/02 11:41:27 Modified files: usr.sbin/rad : frontend.c Log message: Use correct idiom to get mac addresses from ethernet-like interfaces. This unbreaks rad(8) on top of carp(4). OK deraadt, bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/30 10:10:26 Modified files: sbin/unwind: unwind.conf.5 Log message: Clearify "force" and "preference" interaction. Problem reported by Kirill A. Korinsky OK kn
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/29 11:25:56 Modified files: sbin/unwind: resolver.c Log message: Disable the shared cache between resolvers for now. Since the latest libunbound update the frontend process would segfault about once a day on one of my MX servers with what looks like a use-after-free deep inside of libunbound. Maybe we are poking too much at internals and the shared cache is too much of a hack. #ifdef for now to ease investigation, but it is possible that this code just has to go.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/27 10:39:31 Modified files: usr.sbin/dhcpd : dhcp-options.5 dhcpd.8 dhcpd.leases.5 parse.c usr.sbin/dhcrelay: dhcrelay.8 Log message: Remove outdated references to dhclient, it's finally going away. Input & OK jmc
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/27 08:53:06 Modified files: sbin/dhcpleased: frontend.c Log message: dhclient hasn't prodded us in a long time to renew a lease. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/19 01:42:44 Modified files: sbin/dhcp6leased: engine.c frontend.c Log message: Handle interfaces going down and up again. Missing feature reported by, testing & OK semarie
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/18 08:57:59 Modified files: usr.sbin/sysupgrade: sysupgrade.sh Log message: Use BUILDINFO to make sure we are not going backwards in time. Input & OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/15 09:05:15 Modified files: distrib/miniroot: install.sub Log message: Install BUILDINFO if available. We already keep /var/db/installed.SHA256 for sysupgrade(8) as a cheap check to not install the same snapshot over and over again. With /mnt/var/db/installed.BUILDINFO we can ensure that we are not installing an older snapshot over a newer snapshot. Intentionally not yet committing the sysupgrade(8) bits so that we exercise the sysupgrade(8) / install.sub interaction as it will happen during the 7.5 -> 7.6 transition. I.e. a newer install.sub getting installed by an older sysupgrade(8). deraadt@ likes it.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/14 01:45:44 Modified files: sbin/unwind/libunbound: config.h sbin/unwind/libunbound/iterator: iter_fwd.c iter_fwd.h iter_hints.c iter_hints.h iter_utils.c iter_utils.h iterator.c sbin/unwind/libunbound/libunbound: context.c libunbound.c libworker.c sbin/unwind/libunbound/services: authzone.c listen_dnsport.c listen_dnsport.h localzone.c mesh.c mesh.h rpz.c rpz.h view.h sbin/unwind/libunbound/services/cache: dns.c infra.c infra.h rrset.c rrset.h sbin/unwind/libunbound/util: config_file.c config_file.h configlexer.c configlexer.lex configparser.h configparser.y module.c module.h net_help.c netevent.c netevent.h sbin/unwind/libunbound/util/data: msgparse.h msgreply.c sbin/unwind/libunbound/util/storage: lookup3.c lruhash.c lruhash.h slabhash.c slabhash.h sbin/unwind/libunbound/validator: val_utils.c validator.c Log message: sync to unbound 1.20.0 heavy lifting by sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/08 00:05:40 Modified files: usr.sbin/sysupgrade: sysupgrade.sh Log message: Do not enforce the next version key if installing a snapshot. Developers sometimes have dev machines with an older snapshot that already has the correct signify key but sysupgrade(8) refuses to do an upgrade because it thinks it's a version jump. That's just silly. tb pointed out that signify(1) can just work out the correct key all by itself. problem reported, same diff & OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/07 03:48:19 Modified files: sys/netinet6 : in6.c Log message: Fix slaac on P2P interfaces slaacd(8) can work on P2P interfaces, it will just never configure the destination address. But this works fine on at least pppoe(4) and tun(4). To make this less confusing pull ifra_dstaddr into dst6 or gw6 depending on if we are doing autoconf or not. I accidentally broke this when implementing rule 5.5 of RFC 6724. reported by & testing naddy OK bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:24:46 Modified files: distrib/sets/lists/base: mi distrib/sets/lists/man: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:21:01 Modified files: usr.sbin : Makefile Log message: hook dhcp6leasectl to the built
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:16:57 Added files: usr.sbin/dhcp6leasectl: Makefile dhcp6leasectl.8 dhcp6leasectl.c Log message: dhcp6leasectl
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:16:11 src/usr.sbin/dhcp6leasectl Update of /cvs/src/usr.sbin/dhcp6leasectl In directory cvs.openbsd.org:/tmp/cvs-serv65376/dhcp6leasectl Log Message: Directory /cvs/src/usr.sbin/dhcp6leasectl added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:15:44 Modified files: sbin/dhcp6leased: dhcp6leased.h engine.c Log message: hand PD_IAs to dhcp6leasectl
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/06 09:07:46 Modified files: usr.sbin/dhcpleasectl: dhcpleasectl.c Log message: Correct plural form usage.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2024/06/06 00:26:14
Modified files:
sbin/dhcp6leased: parse.y
Log message:
Accept more compact forms of prefix delegation requests.
For example, these are now valid, too:
request prefix delegation on vio1 for vether4/64
request prefix delegation on vio1 for { vether5 vether6/64 }
Reminded by Tim Kuijsten
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 10:15:48 Modified files: sbin/dhcp6leased: Makefile control.c dhcp6leased.c dhcp6leased.h engine.c parse.y Added files: sbin/dhcp6leased: parse_lease.y Log message: Implement lease files.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 10:14:12 Modified files: sbin/dhcp6leased: dhcp6leased.h frontend.c Log message: Use a loop to add request options. This makes it easier to extend in the future.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 10:12:09 Modified files: sbin/dhcp6leased: engine.c Log message: unused function
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 10:11:26 Modified files: sbin/dhcp6leased: dhcp6leased.c engine.c Log message: implement removing of addresses from interfaces
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 04:48:56 Modified files: sbin/dhcp6leased: engine.c Log message: Do not try to configure an interface with prefix length 0.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/05 04:25:07 Modified files: sbin/dhcp6leased: frontend.c Log message: Do not request a prefix with length zero. If we got a prefix delegation for some IA but not others use the prefix lenght from the configuration for the ones we did not get a prefix delegation.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/04 09:48:47 Modified files: sbin/dhcp6leased: engine.c frontend.c parse.y Log message: IAIDs can start at 0. I was under the impression that an IAID of 0 is special, but that's not true. Letting IAID start at zero makes array indexing easier and avoids an out of bounds access pointed out by dhill. While here, do not trust IAID received via imsg but do our own accounting.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 12:10:04 Modified files: sbin/dhcp6leased: dhcp6leased.h Log message: gc v4 struct
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 09:55:52 Modified files: usr.bin/uname : uname.1 Log message: OpenBSD intentionally does not print a flavor for -r. confirmed by & OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 09:52:17 Modified files: sbin/dhcp6leased: dhcp6leased.c engine.c Log message: knf; pointed out by deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 05:08:32 Modified files: sbin/dhcp6leased: dhcp6leased.c dhcp6leased.conf.5 dhcp6leased.h engine.c frontend.c parse.y printconf.c Log message: implement rapid commit
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 04:08:05 Modified files: distrib/sets/lists/base: mi distrib/sets/lists/man: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 04:07:27 Modified files: etc: changelist Log message: Track changes to dhcp6leased.conf looks correct to deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 04:06:35 Modified files: etc: Makefile rc rc.conf Added files: etc/rc.d : dhcp6leased Log message: etc bits for dhcp6leased looks correct to deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/03 04:05:18 Modified files: sbin : Makefile Log message: hook dhcp6leased to the build OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 11:44:06 Modified files: sbin/dhcp6leased: parse.y Log message: prev_plen is only accessed on the 2nd round through the loop. Static analysers don't understand this. So give it a value to shut them up. Reported by jsg
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 11:38:44 Modified files: sbin/dhcp6leased: dhcp6leased.c Log message: Fix indent; pointed out by miod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 11:33:48 Modified files: sbin/dhcp6leased: dhcp6leased.c Log message: Make sure we find a link-local address and rdomain pointed out by jsg & miod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 11:26:54 Modified files: sbin/dhcp6leased: parse.y Log message: gc unused variable pointed out by jsg
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 09:43:24 Modified files: sbin/dhcp6leased: dhcp6leased.c Log message: oops, we need to hold on to ifap for a bit longer
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 09:19:05 Modified files: sbin/dhcp6leased: dhcp6leased.c frontend.c Log message: fix leaks
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 08:07:20 Modified files: sbin/dhcp6leased: frontend.c Log message: Unlike DHCPv4 we will only send multicast messages. Initialize destination address once and fold udp_send_packet() into send_packet(). While here improve debugging output a bit.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 07:55:37 Modified files: sbin/dhcp6leased: engine.c frontend.c Log message: we do not poke around in udp headers
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 07:35:52 Modified files: sbin/dhcp6leased: control.c dhcp6leased.c dhcp6leased.h engine.c frontend.c parse.y printconf.c Log message: DHCPv6 is not concerned with link layer addresses. pointed out by martijn
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:41:46 Modified files: sbin/dhcp6leased: dhcp6leased.h engine.c frontend.c Log message: Implement renew & rebind. Missed in previous.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:39:26 Modified files: sbin/dhcpleased: engine.c Log message: Switch to rebinding at the rebinding time not when one timeout past. Spotted while hacking on dhcp6leased(8)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:33:56 Modified files: distrib/sets/lists/base: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:32:33 Modified files: etc: group master.passwd etc/mtree : 4.4BSD.dist Log message: user, group & /var/db/dhcp6leased for dhcpleased(8) typo spotted by ccappuc Input & OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:28:05 Added files: sbin/dhcp6leased: Makefile control.c control.h dhcp6leased.8 dhcp6leased.c dhcp6leased.conf.5 dhcp6leased.h engine.c engine.h frontend.c frontend.h log.c log.h parse.y printconf.c Log message: Import dhcp6leased(8) dhcp6leased is a daemon to manage IPv6 prefix delegations. It requests a prefix from an upstream DHCPv6 server and configures downstream network interfaces. rad(8) can be used to advertise available prefixes to clients. It's a transmogrified dhcpleased(8), so it's a bit rough around the edges. But it can already request and renew prefixes and configure interfaces. It's time to hack on it in-tree. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/06/02 06:26:02 src/sbin/dhcp6leased Update of /cvs/src/sbin/dhcp6leased In directory cvs.openbsd.org:/tmp/cvs-serv72913/dhcp6leased Log Message: Directory /cvs/src/sbin/dhcp6leased added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/31 10:19:53 Modified files: usr.sbin/rad : rad.conf.5 Log message: Preferred and valid lifetime options are sometimes ignored. When a prefix is discovered on a network interface and and the IP address has a valid or preferred lifetime configured that value is used instead of the static value from the configuration. Limitation pointed out by & man page text proposed by Ryan Vogt. Slightly tweaked by me. rad(8) should calculate the minimum of the static value from the config file and what is configured on the interface. Implementing that is slightly complicated and is left for a future diff.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/31 10:10:42 Modified files: usr.sbin/rad : frontend.c rad.h Log message: Prefixes delegated via DHCPv6 have a lifetime, honour it. The "auto prefix" feature derives the prefix to announce from a configured IPv6 address. If that address has a vltime / pltime use that value in router advertisements instead of statically configured values. We also need to count down the vltime / pltime as time progresses. testing Ryan Vogt testing & OK bket@, jmatthew@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/31 10:10:02 Modified files: usr.sbin/rad : frontend.c Log message: getifaddrs(3) does a non trivial amount of work. Call it once and pass a pointer to the head of the list around when reconfiguring interfaces. testing Ryan Vogt ok benno testing & OK bket@, jmatthew@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/21 09:12:25 Modified files: sys/netinet6 : in6.c Log message: Inform user land when vltime / pltime changes. Do not send a RTM_CHGADDRATTR route message when the address is tentative because we will send one when DAD finishes. To be used by rad(8) shortly. OK bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/17 00:50:14 Modified files: usr.sbin/rad : frontend.c parse.y printconf.c rad.c rad.conf.5 rad.h Log message: Send source link-layer address option in router advertisements. With this, hosts immediately learn the layer 2 (i.e. ethernet mac) address of their default router and don't need to do another round trip. It also turns out that apple devices (macOS & iOS) install the default route as what they call "interface scoped" if a DNS option is present and the source link-layer address option is absent. This effectively makes the default route unusable. Problem with fruit devices tracked down & diff by Ryan Vogt (rvogt.ca AT gmail), thanks! OK sthen, bket
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/10 09:02:26 Modified files: sbin/unwind: resolver.c Log message: Keep probing upstream servers. (lib)unbound might mark many servers down in case of a network issue. This is something that can easily happen for unwind(8). Problem pointed out by Kirill A. Korinsky in unbound(8). https://github.com/NLnetLabs/unbound/issues/362 OK sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/09 02:35:41 Modified files: sbin/dump : itime.c main.c optr.c tape.c sbin/dumpfs: dumpfs.c sbin/fsck_ext2fs: inode.c pass1.c sbin/fsck_ffs : inode.c sbin/fsdb : fsdbutil.c sbin/fsirand : fsirand.c sbin/mount : mount.c sbin/pfctl : pfctl_table.c sbin/restore : tape.c sbin/route : route.c sbin/savecore : savecore.c sbin/scan_ffs : scan_ffs.c sbin/sysctl: sysctl.c sbin/unwind/libunbound/validator: autotrust.c Log message: ctime(3) and ctime_r(3) can fail when timestamps are way off. Add missing error checks to all calls under sbin/ Input kettenis, millert OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/05/09 02:35:03 Modified files: libexec/ftpd : ftpd.c libexec/mail.local: mail.local.c libexec/spamd : spamd.c Log message: ctime(3) and ctime_r(3) can fail when timestamps are way off. Add missing error checks to all calls under libexec/ Input kettenis, millert OK millert
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: flor...@cvs.openbsd.org 2024/05/01 11:58:53 Modified files: . : want.html Log message: This has been taken care of. Thank you very much Mischa Peters & Ibsen S Ripsbusker.
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: flor...@cvs.openbsd.org 2024/04/30 03:06:01 Modified files: . : want.html Log message: I give up, this sagemcom cpe provided by my ISP is just too broken to work on DHCPv6-PD. It hands out a prefix delegation exactly once, any change in DHCPv6 options and it requires a factory reset. Changing the duid, that's right, factory reset. If rapid commit is enabled it hands out a prefix but forgets about it? And without rapid commit it hands out a prefix but does not properly route to it, instead it issues neighbour solicitations so we'd need to implement and ND proxy. This is all too much trouble for an initial implementation.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/29 10:17:46 Modified files: usr.sbin/httpd : server_file.c Log message: plug fd leak introduced in "avoid toctu" rewrite. Issue reported by job OK tb, job
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/28 10:43:43 Modified files: sbin/dhclient : dhclient.c sbin/isakmpd : log.c policy.c x509.c sbin/newfs_msdos: newfs_msdos.c sbin/route : route.c sbin/shutdown : shutdown.c sbin/unwind/libunbound/util: log.c Log message: gmtime(3) / locatime(3) can fail when timestamps are way off. Add missing error checks to all calls under sbin/ Input & OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/28 10:43:15 Modified files: bin/date : date.c bin/ksh: lex.c bin/pax: sel_subs.c bin/ps : print.c Log message: gmtime(3) / locatime(3) can fail when timestamps are way off. Add missing error checks to all calls under bin/ Input & OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/28 10:42:53 Modified files: libexec/ftpd : ftpcmd.y libexec/getty : main.c libexec/snmpd/snmpd_metrics: mib.c libexec/talkd : announce.c Log message: gmtime(3) / locatime(3) can fail when timestamps are way off. Add missing error checks to all calls under libexec/ Input & OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/28 02:29:56 Modified files: usr.sbin/acme-client: netproc.c Log message: Don't filter dangerous characters by hand when strvisx(3) is right there. segfault reported by sthen, which was most likely caused by buf_dump(). OK tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/27 13:49:42 Modified files: bin/pax: gen_subs.c Log message: Use propper knf. Spotted by kettenis.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/27 08:57:02 Modified files: bin/pax: gen_subs.c Log message: localtime(3) can fail if time_t is very far in the future or past. found using afl++ OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/23 16:17:49 Modified files: usr.sbin/rad : rad.conf.5 Log message: Use "indicate" to match reset of the document. Pointed out by kn, missed in previous.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/23 16:11:59 Modified files: usr.sbin/rad : frontend.c parse.y printconf.c rad.conf.5 rad.h Log message: Implement RFC 4191 default router preference. OK phessler, kn (Committing from a ferry somewhere on the English channel. Sadly the free WiFi does not provide IPv6.)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/21 11:33:05 Modified files: sbin/slaacd: engine.c engine.h slaacd.c Log message: Pass advertising router to the kernel. We are using the ifra_dstaddr for this because it will always be unused with autoconf addresses since they can't be used on P2P links. OK bluhm
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/21 11:32:11 Modified files: sys/netinet6 : icmp6.c in6.c in6.h in6_src.c in6_var.h Log message: Implement rule 5.5 of RFC 6724 (Default Address Selection for IPv6) Rule 5.5: Prefer addresses in a prefix advertised by the next-hop. For this we have to track the (link-local) address of the advertising router per interface address and compare it with the selected route. Rule 5.5 is useful in multi-homing setups where we have more than one prefix and default router. We have to use the source address with the correct default gateway otherwise traffic is likely going to be dropped because of BCP 38. While here refactor in6_update_ifa() a bit to make the code clearer and consistently use (var & flag) instead of (var & flag) != 0. Patiently reviewed by & OK bluhm.
Re: CVS: cvs.openbsd.org: src
reverted, sorry for the breakage, I did my tests on an old kernel :( On 2024-04-17 02:07 -06, Theo de Raadt wrote: > There's a long history of using loX interfaces for such things. > > What might make sense is to restrict it on lo0 ? > it's not about configuring additional IP addresses on loopback interfaces but on how they are configured. What ifconfig does internally is set a *destination* of ::1, i.e. as if called like this: /sbin/ifconfig lo19 inet6 fc00::19/128 ::1 I suspect that something somewhere in our stack depends on ::1 being there to deliver packets correctly. I'll leave this alone and punt it to future IPv6 hackers. I think we probably should enforce in the kernel that ifconfig sends us ::1 as the destination address and nothing else. >>On Tue, Apr 16, 2024 at 08:37:49AM -0600, Florian Obser wrote: >>> CVSROOT:/cvs >>> Module name:src >>> Changes by: flor...@cvs.openbsd.org 2024/04/16 08:37:49 >>> >>> Modified files: >>> sys/netinet6 : in6.c >>> >>> Log message: >>> Destination addresses make no sense on loopback interfaces. >>> >>> While here use (variable & FLAG) or !(variable & FLAG) consistently in >>> in6_update_ifa(). >>> >>> Discussed with claudio >>> OK denis >> >>This change introduced 15 regress failures, all related to inet6. >> >> https://regress.basename.se/ >> >>Excerpt from sys/net/mpath showing the symptom: >> >> doas -n /sbin/ifconfig lo19 inet6 fc00::19 alias >> ifconfig: lo19: SIOCIFAFATTACH: Invalid argument >> ifconfig: SIOCAIFADDR: Invalid argument >> >> > -- In my defence, I have been left unsupervised.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/17 02:36:30 Modified files: sys/netinet6 : in6.c Log message: Revert previous, it breaks IPv6 on loopback interfaces. Reported by bket & anton
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/16 11:15:51 Modified files: usr.sbin/httpd : server_file.c Log message: Prevent toctu issues in static file serving and auto index generation. This fixes a problem in passing, reported by matthieu@ where httpd would return 500 Internal Server Error when it could stat(2) but not open(2) a file. The correct error code is 403. testing matthieu ok tobhe, tl;dr ok stsp input & OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/16 08:37:49 Modified files: sys/netinet6 : in6.c Log message: Destination addresses make no sense on loopback interfaces. While here use (variable & FLAG) or !(variable & FLAG) consistently in in6_update_ifa(). Discussed with claudio OK denis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/15 09:47:58 Modified files: include: dirent.h lib/libc : Symbols.list lib/libc/gen : opendir.c scandir.3 scandir.c lib/libc/hidden: dirent.h Log message: Add scandirat(3); from freebsd To be used in httpd(8) shortly to prevent toctu issues. This makes __fdopendir internally accessible to avoid unnecessary syscalls in scandirat(3). Suggested & diff by guenther suggested by & OK millert tweak & OK guenther OK tb, jca This rides the libc crank.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/15 06:44:24 Modified files: usr.sbin/nsd : aclocal.m4 config.h.in configure configure.ac Added files: usr.sbin/nsd : config.guess config.sub Log message: Sync to autoconf 2.71 upstream built infrastructure This reduces the diff when doing updates considerably. No change in .o files. Much help & OK sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/14 05:21:08 Modified files: lib/libc/gen : scandir.c Log message: Zap trailing whitespace. OK tb
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/13 07:58:35 Modified files: sbin/unwind/libunbound: config.h sbin/unwind/libunbound/dns64: dns64.c sbin/unwind/libunbound/dnstap: dnstap.h sbin/unwind/libunbound/iterator: iter_fwd.c iter_hints.c iter_priv.c iter_resptype.c iter_resptype.h iter_scrub.c iter_scrub.h iterator.c iterator.h sbin/unwind/libunbound/libunbound: libworker.c sbin/unwind/libunbound/services: authzone.c listen_dnsport.c localzone.c mesh.c outside_network.c rpz.c sbin/unwind/libunbound/services/cache: dns.c sbin/unwind/libunbound/sldns: rrdef.h str2wire.c wire2str.c wire2str.h sbin/unwind/libunbound/util: config_file.c config_file.h configlexer.c configlexer.lex configparser.h configparser.y fptr_wlist.c iana_ports.inc log.c module.c module.h net_help.c net_help.h netevent.c proxy_protocol.c proxy_protocol.h sbin/unwind/libunbound/util/data: msgencode.c msgparse.c msgparse.h msgreply.c msgreply.h packed_rrset.c sbin/unwind/libunbound/validator: autotrust.c val_anchor.c val_anchor.h val_sigcrypt.c val_utils.c validator.c Log message: sync to unbound 1.19.3 heavy lifting by & OK sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/12 09:53:34 Modified files: usr.sbin/nsd : Makefile.in acx_nlnetlabs.m4 buffer.h config.h.in configlexer.lex configparser.y configure configure.ac difffile.c difffile.h dname.c dname.h namedb.h nsd-checkconf.8.in nsd-checkconf.c nsd-checkzone.8.in nsd-control.8.in nsd-control.c nsd-mem.c nsd.8.in nsd.c nsd.conf.5.in nsd.conf.sample.in options.c options.h query.c remote.c server.c util.c util.h xfrd-disk.c xfrd-tcp.c xfrd.c xfrd.h usr.sbin/nsd/doc: ChangeLog README RELNOTES Added files: usr.sbin/nsd : xfrd-catalog-zones.c xfrd-catalog-zones.h Log message: Update to nsd 4.9.1 sparc64 built test by tb OK tb, sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/04/01 08:24:30 Modified files: usr.sbin/nsd : Makefile.bsd-wrapper Log message: The previous unveil feature test assumed that having the unistd.h header file was enough. The new feature tests also requires that the required unveil system calls are supported.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2024/02/25 03:13:09 Modified files: sbin/unwind: resolver.c Log message: Let some missing missing RFC 1918 reverse zones through. Problem spotted and diff from Einfach Jemand (rru.142 at gmail), thanks! OK phessler, jca
