2016-07-05 20:17 GMT-03:00 Jeremie Courreges-Anglas <[email protected]>: > > Nobody cares about route6d, and it shows: runas as root, not chrooted. > Also it uses wide pledge(2) permissions. > > I have diffs to switch the logging to log.c and use it to support the -R > option and /var/run/route6d_dump. The end goal is to use a tighter > pledge(2) call: > + if (pledge("stdio inet route mcast", NULL) == -1) > > But first I'd like to get rid of a few "nits". > > - nuke util.h, not needed since pidfile(3) went away > - nuke the rrt_same member of struct riprt, "future use" since import > - mark rtdexit as __dead > - nuke progname handling > - fix pid handling: cache the pid *after* calling daemon(3) > - nuke the useless myseq variable > > ok? > > > Index: route6d.c > =================================================================== > RCS file: /cvs/src/usr.sbin/route6d/route6d.c,v > retrieving revision 1.86 > diff -u -p -p -u -r1.86 route6d.c > --- route6d.c 25 Jan 2016 05:15:43 -0000 1.86 > +++ route6d.c 5 Jul 2016 22:26:36 -0000 > @@ -58,7 +58,6 @@ > #include <syslog.h> > #include <time.h> > #include <unistd.h> > -#include <util.h> > > #include "route6d.h" > > @@ -142,7 +141,6 @@ struct rip6 *ripbuf; /* packet buffer fo > > struct riprt { > struct riprt *rrt_next; /* next destination */ > - struct riprt *rrt_same; /* same destination - future use */ > struct netinfo6 rrt_info; /* network info */ > struct in6_addr rrt_gw; /* gateway */ > u_long rrt_flags; /* kernel routing table flags */ > @@ -215,7 +213,7 @@ void ifdump(int); > void ifdump0(FILE *, const struct ifc *); > void rtdump(int); > void rt_entry(struct rt_msghdr *, int); > -void rtdexit(void); > +__dead void rtdexit(void); > void riprequest(struct ifc *, struct netinfo6 *, int, struct sockaddr_in6 *); > void ripflush(struct ifc *, struct sockaddr_in6 *); > void sendrequest(struct ifc *); > @@ -253,16 +251,8 @@ main(int argc, char *argv[]) > int error = 0; > struct ifc *ifcp; > sigset_t mask, omask; > - char *progname; > char *ep; > > - progname = strrchr(*argv, '/'); > - if (progname) > - progname++; > - else > - progname = *argv; > - > - pid = getpid(); > while ((ch = getopt(argc, argv, "A:N:O:R:T:L:t:adDhlnqsS")) != -1) { > switch (ch) { > case 'A': > @@ -326,7 +316,9 @@ main(int argc, char *argv[]) > } > } > > - openlog(progname, LOG_NDELAY|LOG_PID, LOG_DAEMON); > + openlog("route6d", LOG_NDELAY|LOG_PID, LOG_DAEMON); > + > + pid = getpid(); > > if ((ripbuf = calloc(RIP6_MAXMTU, 1)) == NULL) > fatal("calloc"); > @@ -1268,7 +1260,6 @@ riprecv(void) > } > nq = &rrt->rrt_info; > > - rrt->rrt_same = NULL; > rrt->rrt_index = ifcp->ifc_index; > rrt->rrt_flags = RTF_UP|RTF_GATEWAY; > rrt->rrt_gw = nh; > @@ -1989,7 +1980,6 @@ ifrt(struct ifc *ifcp, int again) > if (ifcp->ifc_flags & IFF_UP) { > if ((rrt = calloc(1, sizeof(struct riprt))) == NULL) > fatal("calloc: struct riprt"); > - rrt->rrt_same = NULL; > rrt->rrt_index = ifcp->ifc_index; > rrt->rrt_t = 0; /* don't age */ > rrt->rrt_info.rip6_dest = ifa->ifa_addr; > @@ -2145,7 +2135,6 @@ ifrt_p2p(struct ifc *ifcp, int again) > fatal("calloc: struct riprt"); > /*NOTREACHED*/ > } > - rrt->rrt_same = NULL; > rrt->rrt_index = ifcp->ifc_index; > rrt->rrt_t = 0; /* don't age */ > switch (i) { > @@ -2518,7 +2507,6 @@ rt_entry(struct rt_msghdr *rtm, int agai > /*NOTREACHED*/ > } > np = &rrt->rrt_info; > - rrt->rrt_same = NULL; > rrt->rrt_t = time(NULL); > if (aflag == 0 && (rtm->rtm_flags & RTF_STATIC)) > rrt->rrt_t = 0; /* Don't age static routes */ > @@ -2630,7 +2618,6 @@ addroute(struct riprt *rrt, const struct > rtm->rtm_type = RTM_ADD; > rtm->rtm_version = RTM_VERSION; > rtm->rtm_seq = ++seq; > - rtm->rtm_pid = pid; > rtm->rtm_flags = rrt->rrt_flags; > rtm->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK; > rtm->rtm_inits = RTV_HOPCOUNT; > @@ -2694,7 +2681,6 @@ delroute(struct netinfo6 *np, struct in6 > rtm->rtm_type = RTM_DELETE; > rtm->rtm_version = RTM_VERSION; > rtm->rtm_seq = ++seq; > - rtm->rtm_pid = pid; > rtm->rtm_flags = RTF_UP | RTF_GATEWAY; > if (np->rip6_plen == sizeof(struct in6_addr) * 8) > rtm->rtm_flags |= RTF_HOST; > @@ -2741,7 +2727,6 @@ struct in6_addr * > getroute(struct netinfo6 *np, struct in6_addr *gw) > { > u_char buf[BUFSIZ]; > - int myseq; > int len; > struct rt_msghdr *rtm; > struct sockaddr_in6 *sin6; > @@ -2751,8 +2736,7 @@ getroute(struct netinfo6 *np, struct in6 > memset(rtm, 0, len); > rtm->rtm_type = RTM_GET; > rtm->rtm_version = RTM_VERSION; > - myseq = ++seq; > - rtm->rtm_seq = myseq; > + rtm->rtm_seq = ++seq; > rtm->rtm_addrs = RTA_DST; > rtm->rtm_msglen = len; > sin6 = (struct sockaddr_in6 *)&buf[sizeof(struct rt_msghdr)]; > @@ -2772,7 +2756,7 @@ getroute(struct netinfo6 *np, struct in6 > } > rtm = (struct rt_msghdr *)buf; > } while (rtm->rtm_version != RTM_VERSION || > - rtm->rtm_seq != myseq || rtm->rtm_pid != pid); > + rtm->rtm_seq != seq || rtm->rtm_pid != pid); > sin6 = (struct sockaddr_in6 *)&buf[sizeof(struct rt_msghdr)]; > if (rtm->rtm_addrs & RTA_DST) { > sin6 = (struct sockaddr_in6 *) > > > --
ok renato@ I just think it would make more sense to add v6 capabilities to ripd and remove route6d from base. But yes, nobody cares about RIP anymore, motivation would be a problem. -- Renato Westphal
