Fixes: 8e9dbbf80918 "lldp: don't send VLANs when there are too many of them
On interface with a lot of vlans, we still have "Too big packet"
notification on version 1.0.14
It looks like retry does exactly the same packet than first try
Vincent Bernat [Sun, 15 May 2022 10:03:52 +0000 (12:03 +0200)]
Revert "lib: update version-info"
This reverts commit e069bba4ec993cc4df14fab3a7108f43e3b66714. My bad,
this should not be changed just because of new stuff in enums. Only
additional functions require an update.
Default inventory information is fetched from dmi table.
Most of embedded devices do not run EFI bootloader hence dmi information
will not be available in /sys/class/dmi
- Add `configure inventory` commands
- Add `unconfigure inventory` commands
- New code is dependent on enable-lldpmed
- Add write support on lldpctl atoms
- Add support for setting inventory configuration in daemon
- Refactor `lldp_med` to assign `c_med_sw` only once.
We have the configurability of inventory information, So
it is not required for daemon to keep assigning `c_med_sw`
Vincent Bernat [Sat, 12 Mar 2022 13:30:06 +0000 (14:30 +0100)]
include: add back include/linux for old distributions
However, we don't ship sys/queue.h and netinet/if_ether.h. At some
point, we may want to explore just shipping uapi directory. This has
been tested with Debian 8.
Vincent Bernat [Sun, 12 Dec 2021 13:25:13 +0000 (14:25 +0100)]
interfaces: detect interface index changes
When an interface is deleted and recreated, we didn't detect any
change and just updated its index. However, the handles we had on this
interface are now invalid. Ensure the interface is correctly
reinitialized in this case.
Vincent Bernat [Sun, 19 Sep 2021 19:18:47 +0000 (21:18 +0200)]
sonmp: fix heap overflow when reading SONMP packets
By sending short SONMP packets, an attacker can make the decoder crash
by reading too much data on the heap. SONMP packets are fixed in size,
just ensure we get the enough bytes to contain a SONMP packet.
lldpcli: remove redundant "ports" parameters from cap and mgmt cmds
The commands below were introduced as global commands, but all of them
except the first one were missing code to ignore "ports" parameter
```
configure lldp capabilities-advertisements
unconfigure lldp capabilities-advertisements
unconfigure lldp management-addresses-advertisements
configure lldp management-addresses-advertisements
```
Vincent Bernat [Sun, 29 Aug 2021 19:57:07 +0000 (21:57 +0200)]
interfaces-bsd: do not consider an interface when it is down
At least on OpenBSD, an interface can be oper down while
`IFF_RUNNING`. Check the link state and removes the `IFF_RUNNING` flag
in this case. Something similar may work with FreeBSD and NetBSD, but
it may not be needed. It does not work with MacOS.
Vincent Bernat [Fri, 4 Jun 2021 16:51:13 +0000 (18:51 +0200)]
lldpcli: require powerpairs for Dot3 power even when PD
This reverts commit 7056d802b9c595dd16f1354649bb7ae2f8b8880c. I may
have been hasty in removing this as my understanding is that the PSE
would impose the value to the PD, but it could be the other way
around. Some implementations do not like to have 0 as the value here
and will ignore the whole TLV.
Vincent Bernat [Tue, 4 May 2021 19:46:30 +0000 (21:46 +0200)]
client: put lock file in the same directory as the socket
The whole deal I was trying to solve is the fact that I cannot put the
lock here because I was unprivileged. Just let lldpd create the lock
in the same way it creates the socket (same privileges).
Vincent Bernat [Tue, 4 May 2021 13:55:21 +0000 (15:55 +0200)]
client: use a dedicated file lock to prevent concurrent changes
We were using a lock on the Unix socket. This was working on Linux but
this is not portable. Therefore, we have to use a dedicated file for
this purpose. We use /var/lock by default.
We don't do a secure creation as the lock file is only opened in
append mode, so a symlink attack could only create empty file or reset
the timestamp of a file. No content can be erased this way.
Vincent Bernat [Fri, 30 Apr 2021 09:03:14 +0000 (11:03 +0200)]
priv: explain why we don't use ethtool
I have tested on a few servers I have access to and none of them
supported the use of this ethtool command. So, keep using sysfs
instead (with the drawback that 1. debugfs should be mounted, 2. we
need to tell systemd we want to tune through sysfs).
Vincent Bernat [Sun, 25 Apr 2021 17:08:26 +0000 (19:08 +0200)]
daemon: fix some use of "if defined"
`#if defined HOST_OS_FREEBSD || HOST_OS_NETBSD` is not the same as
`#if defined HOST_OS_FREEBSD || defined HOST_OS_NETBSD`. This doesn't
really matter in our case, but for consistency, fix these cases. Also,
don't use parentheses as they are not useful in our case (or we should
put them everywhere).