Vincent Bernat [Fri, 18 Mar 2016 15:52:40 +0000 (16:52 +0100)]
tests/integration: mount /proc in namespaces
Because of the use of a PID namespace, we must mount /proc into the
appropriate namespace. We don't do that directly when creating
namespaces as clone() doesn't account for the namespace change with
setns() when we are still in the same process. We also fork a process to
do the mount as it seems mount() doesn't get that we are in a different
mount namespace either. Obviously, setns() has some drawbacks we need to
workaround.
We also mount /proc in the chroot. It's absolutely not safe to do so,
but that's only for address sanitizer to work as expected.
Vincent Bernat [Fri, 18 Mar 2016 12:43:22 +0000 (13:43 +0100)]
fixedpoint: fix buffer overflow in fixed point computations
This was detected by address sanitizer. This was harmless as we use
exclusively 5-byte buffers and we know the next byte is always unused
due to alignment.
Vincent Bernat [Wed, 16 Mar 2016 20:32:53 +0000 (21:32 +0100)]
tests/integration: use ctypes for mount instead of util-linux
Some versions of util-linux had a bug with respect to private/slave
mounts. The kernel doesn't expect the option to be passed during the
initial mount but only during subsequent calls (you mount the FS, you
make it private and slave). Directly use mount(2) to avoid the problem.
Vincent Bernat [Tue, 1 Mar 2016 19:01:23 +0000 (20:01 +0100)]
tests: replace integration test by py.test+namespace tests
Relying on namespaces enable us to quickly run isolated instances of
lldpd without the need of virtual machines. Since the startup time is
quite fast (despite having to wait for lldpd to be "ready"), we can use
a classic unittest framework like py.test to run tests and get
appropriate reports. Tests can be run in parallel to overcome the
slowness induced by all those `time.sleep(2)`.
Vincent Bernat [Sun, 13 Mar 2016 23:12:12 +0000 (00:12 +0100)]
build: ensure "make distcheck" work for any value of sysconfdir
When using `--sysconfdir=/etc`, `make distcheck` was failing because it
did use `--prefix=...` to force a different installation path (and not
`DESTDIR`). During `make distcheck`, we force the use the original
value.
Vincent Bernat [Sun, 13 Mar 2016 16:54:07 +0000 (17:54 +0100)]
interfaces: handle correctly operation conversation of a port
When a port was regular and become an enslaved member of a bond, we
created a different port. Since we now keep the old ports around, the
old port may still attract a lot of things, like specific configuration
or VLAN. Therefore, we handle the conversion of a port from one kind to
another.
Another idea would be to not do special handling for bonds. Only old
kernels need that. We could remove that later.
Vincent Bernat [Sun, 13 Mar 2016 11:26:44 +0000 (12:26 +0100)]
netlink: ensure lower link doesn't change for an interface
The lower link of an interface is defined at its creation. It's not
possible for it to change. This is important to not try to change it
because the kernel won't send IFLA_LINK_NETNSID each time it sends
IFLA_LINK.
Vincent Bernat [Sun, 13 Mar 2016 11:04:06 +0000 (12:04 +0100)]
interfaces: limit the maximum search depth when applying a VLAN
It's now quite easy to hit a bug where we loop over interfaces when
trying to find the physical interface associated to a VLAN. Put a
maximum depth of 5.
Vincent Bernat [Sat, 12 Mar 2016 16:39:02 +0000 (17:39 +0100)]
netlink: don't consider a lower interface when in another namespace
The index of an interface is specific to a namespace, don't try to
interpret anything about interfaces belonging to another namespace. This
change unbreak some scenario, like in an appropriate loop detection
because an interface from another namespace is detected (vlan100 ->
veth1 -> veth0 with same index as vlan100). However, it is not possible
to exactly detect a physical interface anymore since we don't really
know what can be on the other side of the interface (in the other
namespace). However, bridged, bonded and VLAN interfaces should be safe.
Vincent Bernat [Fri, 11 Mar 2016 21:47:10 +0000 (22:47 +0100)]
lldpcli: display LLDP-MED caps like LLDP caps
While LLDP caps can be available and/or enabled, LLDP-MED caps are only
available. However, the way they were declared made them invisible in
some formats, like the key/value pair. Try to fix that. Warn about the
change in NEWS file.
Vincent Bernat [Sun, 21 Feb 2016 14:04:38 +0000 (15:04 +0100)]
osx: ensure _lldpd user is hidden
We use /usr/bin/false. Otherwise, with OSX >= 10.8, having an UID < 500
is not sufficient. Another way would be to set `IsHidden` to TRUE but no
other users have this property.
Vincent Bernat [Sun, 21 Feb 2016 13:51:15 +0000 (14:51 +0100)]
osx: explain how to compile for older versions with recent SDK
It's still quite unclear how we could know which versions a given SDK
supports. Let's assume that we can support all still supported versions
with El Capitan.
David Morel [Wed, 10 Feb 2016 15:10:08 +0000 (16:10 +0100)]
netlink: fix reception of large netlink messages
If received netlink message is bigger than the buffer provided by the
application, netlink message flag will contain the MSG_TRUNC flag. In
this case it is up to the application to allocate a buffer large enough
to receive the full message and to call recv() again.
Vincent Bernat [Thu, 4 Feb 2016 19:25:59 +0000 (20:25 +0100)]
interfaces: fix alias handling
And try to add some simple tests for them. The manual page says that if
an alias is provided, the default is to use the alias as description and
port name as port ID. We try to respect that.
The tests are not as complete as they could be because the MSAP changes
due to the port ID change and this makes tests more complex.
Vincent Bernat [Thu, 4 Feb 2016 19:16:56 +0000 (20:16 +0100)]
netlink: merge old attributes with new ones
It seems that netlink won't advertise all attributes each time. At least
type can be not advertised in a netlink message. Copy the appropriate
attributes from the old ones when they are missing and we know they
can't change or be absent.
Vincent Bernat [Fri, 1 Jan 2016 20:11:02 +0000 (21:11 +0100)]
netlink: handle veth loops correctly
Since Linux 4.1, a pair of veth are referenced as IFLINK for each
other. We previously detected this loop easily and did break the loop by
removing this bogus information. However, when one of the interface is
updated, only the modified interface has IFLINK pointing to the other
interface. Therefore, no more loop but the information is incorrect. To
avoid that, don't reset indexes, just pointers. We only use indexes to
build correctly those pointers.
Vincent Bernat [Fri, 1 Jan 2016 07:54:32 +0000 (08:54 +0100)]
netlink: remove use of libnl3
Use netlink implementation from 0.7.19 instead but manage a cache
ourselves. The changes are quite minimal compared to the implementation
in 0.7.19. We handle deletion and updates. The use of linked list may be
problematic performance-wise.
When an interface goes down then up, no PDU is scheduled to be sent
again. This bug was already present in the previous implementation and
should be a regression of 36080c.
Vincent Bernat [Tue, 29 Dec 2015 08:53:08 +0000 (09:53 +0100)]
doc: no 0.8.0 release planned
The switch to libnl3 makes it difficult to do a proper release as the
compilation fails on many old platforms due to libnl3 requirement. The
plan is to reimplement a minimal version of libnl3 (same interface) for
our needs.
Vincent Bernat [Tue, 29 Dec 2015 08:41:40 +0000 (09:41 +0100)]
client: fix segfault when displaying some information
Due to 5ed4156c02b0ba801feb9bf383d9b7772dc990e5, we were incorrectly
hiding information when it was present and displaying it when it was
absent (leading to a segfault).