Roy Marples [Fri, 7 Feb 2025 11:47:01 +0000 (11:47 +0000)]
BSD: Improve NEWADDR == IFF_UP handling
On BSD when an address is added, the interface is automatically
brought up.
We can detect this by RTM_NEWADDR, but that lacks the IFF_UP flag.
We really want to stay in sync with RTM messages for flags, but
here we need to check the interface for IFF_UP if we think it's
not there. Only set that.
This fixes NEWADDR announcements for state transitions when
the interface is currently down.
Colin McInnes [Wed, 5 Feb 2025 19:38:55 +0000 (13:38 -0600)]
Always send req for InfoRefreshTime option on Inform-Req (#446)
RFC8415 says client must always request Information Request refresh time
option 32.
Client has other logic for handling if server does not include this in
the reply.
Colin McInnes [Wed, 5 Feb 2025 14:06:10 +0000 (08:06 -0600)]
Update route if lifetime needs changing (#441)
Everything about IPv6 is lifetime, not expiry.
Only linux routes have an expiry.
OK, this is not consistent at all!
In the kernel RTA_EXPIRES is only set for IPv4 multicast routes
when emitting route changes and only read for IPv6 routes when
userland makes route changes.
We cannot set this for non IPv6 routes currently.
To make it worse, we set a UINT32 for IPv6 routes but read a
UINT64 for IPv4 multicast routes.
To make this even more totally bonkers, the expiry we set for
the IPv6 route can be read back via RTA_CACHEINE rta_expires
but we need to convert to divide it by hz.
Now we can read kernel route lifetime correctly, we can compare this to what we think it should be when building the routing table (allowing for some deviation due to processing time) and update if needed.
Roy Marples [Thu, 31 Oct 2024 10:40:46 +0000 (10:40 +0000)]
logerr: use LOG_NDELAY for openlog
This ensures openlog gets a fd so logging of errors can occur
within privsep where no log was written before entering privsep.
Also ensures that closelog does not close -1 on some platforms
where no logging took place.
Ken Simon [Tue, 29 Oct 2024 23:11:54 +0000 (19:11 -0400)]
IPv6: Avoid uninitialized ifp state when adding address (#395)
In certain instances, `ifp->if_data[IF_DATA_IPV6]` was not yet
initialized when ipv6_addaddr adds the address to the state, and a
segfault would ensue. Mitigate this by ensuring the state is initialized
when adding the addresses.
Jon Franklin [Tue, 29 Oct 2024 07:53:51 +0000 (02:53 -0500)]
DHCP6: lastlease behavior after Confirm non-response (#387)
If lastlease is enabled, and dhcpcd is unable to confirm its prior
lease, after timeout, bind the lease and move to the REBIND state.
Confine lastlease behavior to the CONFIRM and REBIND states.
Co-authored-by: Jon Franklin <jon_franklin@dell.com>
Roy Marples [Mon, 14 Oct 2024 09:48:23 +0000 (10:48 +0100)]
IPv6: allow any global address for default route
Regardless if we are a router or not.
BSD IPv6 source address selection does really matter for this.
This fixes FreeBSD systes where the forwarding sysctl is set
by the routing script which starts late in the day where
dhcpcd is already running and won't get the default route applied
until another RA comes in which could be a while.
Roy Marples [Thu, 10 Oct 2024 13:19:46 +0000 (14:19 +0100)]
linux: Support old kernels by not including linux/if.h
I wish the linux team used #defines rather than enums, but heh ho.
Ensure we can test IFF_LOWER_UP, IFF_DORMANT and IFA_FLAGS
based on nearest matching #defines available when the respective
feature was comitted.
Diego Santa cruz [Thu, 10 Oct 2024 10:45:34 +0000 (12:45 +0200)]
dhcpcd: stdout output sometimes empty when redirected to a file (#364)
Running dhpcd --dumplease with input from stdin and redirecting stdout
to a file outputs nothing to the output. The reason is that printf /
fprintf is used to write the output but it is not explicitly flushed
when done, or before exiting, and stdout to files is fully buffered by
default while stdout to terminals is line buffered by default.
This adds calls to fflush() at the end of dhcp_print_option_encoding()
and script_dump(), plus one just before exiting dhcpcd.
Signed-off-by: Diego Santa Cruz <diego.santacruz@spinetix.com>
dhcp6: start request when advertise received after IRT (#376)
After the initial solicit timeout, any received advertisements trigger
a request. However, after the timeout, any advertisements will
never result in a request, and the client sends solicits forever.
This patch adds sends a request in response to an advertise if the
initial timeout has expired.
Roy Marples [Fri, 4 Oct 2024 15:36:01 +0000 (15:36 +0000)]
dhcpcd: remove advertisement of addresses
Address advertisemnt was used to allow IP address sharing to work.
It also required the DHCP server to allow the same IP for many
hosts, which modern DHCP servers deny you from doing.
Lastly, there are niggles with the implementation that are
impossible to fully fix due to how the various protocols work,
especially ARP.
All platforms dhcpcd supports allow better ways of doing this,
such as bonding (Linux), trunk(4) (OpenBSD), lagg(4) (Other BSDs).
ARP advertisements will only be made when addresses are added
OR defended against for kernels without RFC 5227 support.
Roy Marples [Wed, 11 Sep 2024 09:28:58 +0000 (10:28 +0100)]
IPv6: Only advertise addresses when needed
Remember when we have advertised an address.
If we want to advertise it again, check this first.
If we still want to advertise it, clear this flag for all other
matching addresses.
Clear advertised flags from all addresses on carrier up.
This reduces needless NA spam from dhcpcd when the IPv6 Router
is needlessly chatty with RA.
Roy Marples [Tue, 3 Sep 2024 08:37:47 +0000 (09:37 +0100)]
privsep: Capsicum needs root to access ipv6 forwarding sysctl
Optimise the flow so that if we do have a global address on the
source interface we avoid the sysctl via the privileged process.
Generally the only time we don't is when we de-configure an
interface or we are configuring an interface where there is
no autoconf prefix from the RA and the only globals come
from a DHCPv6 Prefix Delegation to other interfaces which
requires us to be a router.
Roy Marples [Wed, 28 Aug 2024 18:04:53 +0000 (19:04 +0100)]
IPv6: Add the added address to state
We used to rely on route(4) adding it to state based on RTM_NEWADDR
but the message could get lost if the socket overflows.
Work around this by always adding the address to the state.
Roy Marples [Mon, 29 Jul 2024 15:17:08 +0000 (16:17 +0100)]
DHCP: No longer set interface mtu (#346)
We've been enforcing an interface MTU that is slightly larger
than the minimum for some time.
Instead, log an error than the MTU is smaller than the minimum
to send a BOOTP message.
The DHCP MTU is only used when adding routes as setting the
interface MTU can cause a PHY reset which is bad.
DHCP: Handle option 108 correctly when receiving 0.0.0.0 OFFER (#342)
* DHCP: Handle option 108 correctly when receiving 0.0.0.0 OFFER
According to RFC8925 section 3.3.1, when the server supports both option
108 (IPv6-Only Preferred) and option 116 (Auto-Configure), and the
client only sends IPv6-Only Preferred option, then the server SHOULD
return 0.0.0.0 as the offered address, and not setting the
Auto-Configure option.
However, in our current client code, the IPv6-Only Preferred option in a
0.0.0.0 OFFER is only handled correctly when the Auto-Configure option
is present. This patch fixes this issue.
Leo Ruan [Thu, 25 Jul 2024 08:37:11 +0000 (16:37 +0800)]
IPv4LL: Restart ARP probling on address conflict (#340)
* IPv4LL: Restart ARP probling on address conflict
When IPv4LL address conflict is detected, it is failed to restart IPv4LL
since IPv4LL is running. The commit fixes the problem by restarting ARP
probing instead of restarting IPv4LL.
Roy Marples [Fri, 14 Jun 2024 16:29:35 +0000 (17:29 +0100)]
DHCP6: Don't remove state in DISCOVER
As we might still have config that failed to CONFIRM/REBIND.
Try and remove timers more sensibly rather than blaket statements
so that expire timeout still works.
Roy Marples [Tue, 9 Jul 2024 12:39:07 +0000 (13:39 +0100)]
DHCP6: Persist configuration on confirm/rebind failure
only expire the lease once the last address has expired.
This is more in accordance with RFC8415 18.2.
Note, we still require an initial confirm/rebind on link state
change to ensure the configuration for link is valid.
Extending the lastlease in DHCP6 has been removed.
Roy Marples [Thu, 27 Jun 2024 05:27:22 +0000 (06:27 +0100)]
linux: allow roaming without IFF_DORMANT
IFF_DORMANT is apparently only set by supplicants.
For roaming without supplicants, we need to check that IFF_UP and
IFF_LOWER_UP are set, but IFF_RUNNING is not.
Thanks to Boris Krasnovskiy for the patch.
Fixes #335.
While here, remove our define if IFF_LOWER_UP as we can now include
linux/if.h
Roy Marples [Wed, 26 Jun 2024 08:36:35 +0000 (09:36 +0100)]
DHCP6: Don't remove delegated prefix addresses on start or fail
In the event where an interface is first delegated and then
started, we don't want the reading of a lease file to remove the
delegated prefixes or addresses.
Neither do we want any DHCP6 failure to remove the delegated
addresses.
As such, we also can't test the actual DHCP6 state when building
routes. Instead, just change the test for a delegated prefix
or not so we can still prefer non delegated routes.
While here, fix reject routes being restored for privsep.
Roy Marples [Tue, 25 Jun 2024 10:40:14 +0000 (11:40 +0100)]
DHCP6: Don't remove delegated prefix addresses on start
In the event where an interface is first delegated and then
started, we don't want the reading of a lease file to remove the
delegated prefixes or addresses.
As such, we also can't test the actual DHCP6 state when building
routes. Instead, just change the test for a delegated prefix
or not so we can still prefer non delegated routes.
Roy Marples [Fri, 21 Jun 2024 11:58:38 +0000 (12:58 +0100)]
IPv6: DUPLICATED could be announced by RTM_DELADDR
This at least is true on Linux when addresses are not permanent.
As such, update address flags on all paths and run DAD hooks
even for address deletions.
This helps to give reason to the messages that pid 0 has deleted
your newly added address.
Brett Holman [Sat, 20 Jan 2024 01:43:26 +0000 (18:43 -0700)]
Force dumplease to parse stdin
Checking if data exists in the stdin buffer via an ioctl is
unreliable. Allow a user to pass '-' to force stdin parsing.
This provides a fix that will allow "no interfaces" to still
mean "dump all interfaces".
Roy Marples [Fri, 24 May 2024 10:30:29 +0000 (10:30 +0000)]
DHCP: use request_time, fallback_time and ipv4ll_time
Rather than reboot time.
This allows reboot time of zero to skip the using old leases
while still allowing REQUESTs to gracefully fallback to DISCOVER.
request_time has a default of 180 seconds to mirror the DHCPv6
equivalent.
fallback_time and ipv4_ll time have a default of 5 seconds
to mirror the default reboot time.
Benjamin Drung [Tue, 7 May 2024 09:20:04 +0000 (11:20 +0200)]
hooks/30-hostname: Exit with 0 if setting hostname is not needed
If the hostname is already set before dhcpcd is started, `need_hostname`
will hit the "No old hostname" case and will call `false` to return 1.
`set_hostname` will return with the same return value. Then
`30-hostname` will exit with the same exit value:
```
dhcpcd-10.0.6 starting
dev: loaded udev
DUID 00:03:00:01:3c:97:0e:e9:32:3c
enp0s25: IAID 0e:e9:32:3c
enp0s25: soliciting a DHCP lease
enp0s25: offered 192.168.3.61 from 192.168.1.7
enp0s25: ignoring offer of 192.168.3.61 from 192.168.1.8
enp0s25: probing address 192.168.3.61/20
enp0s25: leased 192.168.3.61 for 3600 seconds
enp0s25: adding route to 192.168.0.0/20
enp0s25: adding default route via 192.168.1.1
script_status: /usr/lib/dhcpcd/dhcpcd-run-hooks: WEXITSTATUS 1
exiting due to oneshot
dhcpcd exited
```
Return with value 0 in case setting the hostname is not needed.
Bug-Ubuntu: https://launchpad.net/bugs/2064926 Signed-off-by: Benjamin Drung <benjamin.drung@canonical.com>
Roy Marples [Sat, 4 May 2024 22:33:11 +0000 (23:33 +0100)]
DHCPv6: Don't re-INFORM if the RA changes
RFC 8415 21.23
If the Reply to an Information-request message does not contain this
option, the client MUST behave as if the option with the value
IRT_DEFAULT was provided.
So we should not be influenced by only the RA changing the pl/vl
times of it's addresses.
Roy Marples [Sat, 4 May 2024 11:33:24 +0000 (12:33 +0100)]
privsep: Reduce fd use
On start close all FD's above stderr.
Close some fd's we don't need in processes spawned from priv.
Ensure we init some FD's to -1 to ensure we don't close stdin.
If DEBUG_FD is defined, we log FD's opened by pid.
Audit process FD usage and document it so I don't forget it.
projects / thirdparty / dhcpcd.git / log
