First, mtr-packet or override path taken from MTR_PACKET env variable will be search in PATH if not found we falllback to current directory search. This way we can use mtr without installing or setting any additional env variables.
Also fix batch file to support paths with spaces on Windows.
Matt Kimball [Fri, 30 Dec 2016 16:32:45 +0000 (16:32 +0000)]
build: fix compiler warnings when for OpenBSD, NetBSD and Solaris
When building for NetBSD, the compiler was warning about
index into an array with a character when using isspace() and
similar macros.
IPPROTO_SCTP is also not defined by NetBSD, so there were
warnings about unused SCTP related variables.
OpenBSD complains about using sprintf rather than snprintf.
It's a good idea to use snprintf, anyway, to avoid buffer overruns,
though I believe in these particular cases sprintf was safe.
Nevertheless, snprintf is now used instead.
Solaris requires strings.h to find index().
Solaris complaints about a missing sentinel pointer unless
the terminating NULL in execl is cast to a "char *".
Matt Kimball [Fri, 30 Dec 2016 19:44:32 +0000 (11:44 -0800)]
build: Fix Solaris build issues
Prefer ncurses over curses, since curses on Solaris is lacking
wattr_on and wattr_off, but ncurses has them.
Check if sys/ctypes.h exists, since Solaris lacks it.
When sending an IPv6 probe, check if the send socket is already
bound to the intended source address, and if so, avoid rebinding.
Rebinding return an error on Solaris.
Matt Kimball [Wed, 28 Dec 2016 01:09:49 +0000 (17:09 -0800)]
mtr-packet: Fall back to IPv4 only support if IPv6 sockets fail to open
If we fail to open any IPv6 sockets, rather than aborting with an
unrecoverable error, fall back to IPv4 only support. Socket
creation might fail, for example, when Linux is booted with
the kernel command-line "ipv6.disable=1".
In the case where opening IPv6 sockets fail,
'check-support feature ip-6' will indicate there is no support
for sending IPv6 probes.
Stricter error reporting revealed that test for protocols other
than ICMP were running on Cygwin. Modified the tests such that
they won't run if the protocol isn't supported.
Matt Kimball [Mon, 26 Dec 2016 09:26:01 +0000 (01:26 -0800)]
build: use AC_CHECK_LIB for ncurses, rather than pkg-tool
pkg-tool is indeed an elegant way to check for the presence
of libraries. When using pkg-config to check for ncurses, this
works great... for Linux. Unfortunately, on FreeBSD and MacOS,
ncurses is installed by default, but pkg-config is not. When
pkg-config is installed on these systems, it doesn't know about
the system installed ncurses.
Therefore, somewhat counterintuitively, it is better for portability
to just us AC_CHECK_LIB instead of PKG_CHECK_MODULES to find
ncurses.
Matt Kimball [Sun, 25 Dec 2016 17:26:34 +0000 (09:26 -0800)]
mtr-packet: drop capabilities + using BSD's linked lists for probes
At startup, we now use cap_set_proc to drop all privileged
capabilities for the mtr-packet process. This means that
capabilities granted through the commandline setcap to the
mtr-packet executable will only be in effect while the necessary
raw sockets are opened, and will be dropped before any command
requests are read.
Now we use BSD's queue.h linked list support for storing outstanding
probes. This makes iterating through in-flight probes more efficient,
as we don't need to loop through many unused probe entires when only
a few probes are outstanding.
Changed mtr-packet's default probe size to 64 bytes, to match
mainline mtr's default.
The code consistently uses 'exit(EXIT_FAILURE)' instead of 'exit(1)'.
The effect is the same, but the intent is clearer.
Matt Kimball [Fri, 23 Dec 2016 17:37:47 +0000 (09:37 -0800)]
mtr-packet: allow local address binding
A probe can be bound to a local address with the 'local-ip-4' or
'local-ip-6' arguments to 'send-probe'. The '-a' commandline
argument to mtr will cause sent probes to be bound to the specified
address.
Changed argument names for consistency:
'localport' is now 'local-port'
'bitpattern' is now 'bit-pattern'
mtr now opens and connects a UDP socket at startup to determine the
local address for display in the UI.
Windows error codes resulting from send-probe are now using the
same error strings which are used to report errors in the
Unix implementation.
We now use the mtr commandline timeout value for sent probes.
Edited the help and man page to reflect that the timeout value
no longer applies to only TCP probes, but now all probes.
With this change, I believe the mtr-packet implementation is at
feature parity with mainline mtr.
Matt Kimball [Thu, 22 Dec 2016 15:28:29 +0000 (07:28 -0800)]
mtr-packet: MPLS decoding and local UDP port usage
mtr-packet will decode any MPLS labels embedded in an
ICMP reply which results from a probe, and report those
labels with the probe reply.
When sending a UDP probe, a local port can be specified
for probe origination. In the same way that the legacy mtr
code found a location to store a unique identifier for the probe,
we'll use the destination port, the local port or the checksum
field, depending on what probe arguments have been specified.
Both MPLS and local UDP port options have been documented in the
mtr-packet man page.
Update the SECURITY documentation to reflect mtr-packet, and did
minor copyediting in the README. Also, update my email address
in AUTHORS.
Matt Kimball [Tue, 20 Dec 2016 18:09:29 +0000 (10:09 -0800)]
mtr-packet: TCP and SCTP probes
Added support for generating probes using TCP or SCTP, for both
IPv4 and IPv6. These protocols require that we create a unique
socket for each probe and watch for either a TTL expiration of
the initial packet sent during a connection attempt from that
socket or for socket connection success.
We now allocate a unique port number or ICMP sequence ID when
a probe is created, rather than using the command token for this
purpose. This relieves the calling application of the burden
of picking sensible command token values, and allows command
tokens values greater than 16 bits. However, the existing mtr
code continues to use the same command tokens values it has
previously used as port numbers, so there is no difference when
the calling program is mtr.
Split mtr's command pipe handling out from net.c and into cmdpipe.c
in the interest of future maintainability.
Split probe.py's simple probes out from the individual protocol
test cases and into common code which can be used by many
protocol tests.
Added send-probe arguments to customize the packet size,
the bitpattern which fills the packet, the IP "type of service"
and the Linux routing mark. These arguments are documented
in the mtr-packet man page, and have been hooked up to mtr's
commandline parameters.
Internally to mtr-packet, the code is now more consistent about
using errno to return error codes.
Added instrutions for building on Windows to the README.
Fixed the Makefile to build the man pages with BSD make, for FreeBSD.
BSD make lacks the GNU make extension for '%' wildcard matching.
Added a helper program for testing which listens for an ICMP
packet with a particular sequence and prints information about
that packet.
Matt Kimball [Wed, 14 Dec 2016 17:18:42 +0000 (09:18 -0800)]
mtr-packet: UDP probe support
Added support send using UDP as the protocol for sending probes,
rather than ICMP. Both IPv4 and IPv6 UDP probes are supported.
We are using the source port in the UDP packet for identifying
the particular probe transmitted. This is a bit less reliable
than ICMP, where we are also able to store our PID for verifying
the probe has been transmitted by this instance of mtr-packet,
but space is limited, and it is what the pre-existing mtr
implementation does.
We report no-route and network-down errors in response to errors
from sendto(), in addition to reporting them from errors in
the connect() used to determine the source address of an outgoing
probe.
The mtr-packet tests now properly parse the replies from
mtr-packet, as opposed to simply matching regular expressions
against the output. This is better because it give us future
compatibility with additional reply arguments from mtr-packet.
A better introduction to mtr-packet is now included in the
mtr-packet man page.
The dual code paths for sending IPv6 probes between Linux
and non-Linux Unix-likes has been eliminated. The Linux path
gave us direct control over the IP header, but wasn't necessary
and would make maintainence more difficult, so now Linux uses
the more indirect setsockopt() method of setting IPv6 header
fields.
Matt Kimball [Fri, 9 Dec 2016 19:14:06 +0000 (11:14 -0800)]
mtr-packet: IPv6 support
mtr-packet can now send and receive ICMPv6 probes.
We now determine the source address for an outgoing probe by
opening a UDP socket to the destination, though no outgoing packets
are sent through this UDP socket. IPv6 made this necessary, but
it now occurs for IPv4, too.
mtr-packet now uses sockaddr_storage for passing around addresses,
rather than sockaddr_in, as it can work for either IPv4 or IPv6.
To improve the maintainability of the code, the packet construction
and interpetation has been moved from probe_unix.c to construct_unix.c
and deconstruct_unix.c.
The way that Windows reads from the command stream has been changed to
avoid the possibility of hanging in a Sleep without an active read
of the command stream.
"send-probe" will now respond with "no-route" or "network-down"
when those conditions apply.
The test code has been moved to a test directory and split into
the following modules:
probe.py - tests for sending probes
cmdparse.py - tests for command parsing
mtrpacket.py - infrastructure for testing mtr-packet
The mtr-packet man page has been updated to describe ip-6 options
and now has an example of tracing a route to a remote host.
The mtr-packet network initialization has been split into two halves
to minimize the operations which occur with elevated privileges.
Matt Kimball [Wed, 7 Dec 2016 15:43:08 +0000 (07:43 -0800)]
cmdline: multiple host names dropped all but one host (issue #168)
Change 1ed2bab broke multiple host names, either specified through
the --filename option, or listed on the commandline. This was
due to well-intentioned refactoring of the hostname linked list
management which happened to lose all host names other than the
last name in the list.
I've fixed the append_to_names to walk the list of host names before
appending a new host name. This does make the building of host names
O(n^2) rather than O(n), but I'm skeptical that will impact anyone's
life in a negative way, because it only happens at startup, and
it does simplify the code.
Also, multiple host names will now work in all non-interactive modes
(i.e. report, txt, json, xml, raw, csv) instead of just CSV mode.
Matt Kimball [Sun, 4 Dec 2016 18:03:44 +0000 (10:03 -0800)]
test: Fix mtr-packet tests for Python 3
The mtr-packet test suite was written to run with Python 2, and lacked
the Unicode to bytes and bytes to Unicode conversions required to
run with Python 3. This change adds those conversions, and the result
works with either Python 2 or Python 3.
Also, close the subprocess's stdin and stdout explicitly. Python 3's
unittest complains about unclosed file descriptors otherwise.
Matt Kimball [Thu, 1 Dec 2016 01:14:43 +0000 (17:14 -0800)]
Added mtr-packet subprocess
The mtr-packet tool isolates the raw socket sending/receiving of
packets from the mtr user interface. By isolating the socket
interactions to a separate process, we can be sure that any security
flaws in the user-interface code doesn't expose a raw socket
interface to an attacker attempting to escalate privileges.
This is a bare-bones implementation, only support ICMP,
only support IP version 4, and missing many of the probe customization
features available in mtr. It will require some more work to reach
feature parity with the current mtr implementation. But it's a start.
The include mtr-packet man page explains the protocol format
used to communicate with this new process.
Included is an automated test for mtr-packet, implemented using
Python's unittest module. Though the code actually being tested
is implemented in C, Python make it easy to write test cases.
'make check' will test the current build.
An alternate code-path for Windows is included in the mtr-packet
tool. The mechanism for sending and receiving network probes
is significantly different for Windows, as compared to Unix-like
operating systems, but the interface provided by mtr-packet is
the same. 'make dist-windows-bin' will make a Windows binary
distribution. A Cygwin build environment is required, but the
resulting binary distribution doesn't require that Cygwin be
already installed.
Tested on:
Ubuntu 16.10, FreeBSD 11.0, MacOS 10.12.1 (Sierra), Windows 7
Since the code changes are significant, more esoteric operating
systems may require changes.
Sami Kerola [Sat, 29 Oct 2016 13:19:16 +0000 (14:19 +0100)]
cleanup: use single logic to handle conditional options
Options that exist depending on compile time configuration are made
conditional in usage() and getopt_long(). Removing not-supported options
from manual per compile time configuration would be nice, but making that to
work is a bit tricky.
Sami Kerola [Sun, 9 Oct 2016 10:27:07 +0000 (11:27 +0100)]
cleanup: move file scope variables to the beginning of file
Writing file scope global variables in between function somewhere half way
down feels like an attempt to hide these variables. This commit moves such
variables to beginning of file before functions. From technical point of
view the change is unnecessary, but hope is to help to read the code.
Sami Kerola [Sun, 9 Oct 2016 10:02:38 +0000 (11:02 +0100)]
data types: move variables from a file to a function scope
Use of static keyword, that ensures persistent variables within function
during different invocations, is the reason why these values can be moved
from global scope to a function scope.
Narthorn [Sat, 8 Oct 2016 06:38:10 +0000 (08:38 +0200)]
Initialize dns process before opening display
By opening the display before the dns process is forked, the child
inherits things like ncurses's handler for SIGWINCH (window resize
event), which can cause it to crash and leave the parent process in
an infinite select() loop, freezing the display.
Sami Kerola [Sun, 2 Oct 2016 21:17:39 +0000 (22:17 +0100)]
net: fix net_reopen() initialization
Mantas Mikulenas reviewed recent pull reques that contained commit b90a522f23167bd00062504803e94220937aba23 making a code path quicker.
Unfortunately initialization was incomplete, as demonstrated by R.E.
Wolff in same review. Fix is to use GCC designated initializer.
Sami Kerola [Sun, 25 Sep 2016 21:09:09 +0000 (22:09 +0100)]
performance: make reset in net.c more effective
Set all values in one go rather than each struct member separately. Notice
that template initializer takes advantage of setting all missing values
using value of the last item that was set. That makes them to be implicitly
zero.
Sami Kerola [Sun, 4 Sep 2016 16:20:55 +0000 (17:20 +0100)]
cleanup: set variable only if it is used
Variable introduction needs to be same way preprocessor conditional as the
related code. This is a minor clean up, because modern compilers should
remove these types of variables automatically.
Sami Kerola [Sun, 4 Sep 2016 16:08:17 +0000 (17:08 +0100)]
cleanup: remove more/bottom labels header separation from mpls
Commit a932cb2abc85651ca6f33a06d7b64448c1d27f65 added this separation, but
after five years and a bit the printouts has not become different. It is
time to remove this todo item.
Sami Kerola [Sun, 4 Sep 2016 08:30:25 +0000 (09:30 +0100)]
cleanup: make unused and const attributes to look the same
Definition CONST was already reserved in net.h to mean 'const' as a variable
attribute, so function attribute got a ATTRIBUTE_ prefix to separate them.
This change unifies unused to look the same.
Sami Kerola [Sun, 4 Sep 2016 00:12:08 +0000 (01:12 +0100)]
crash fix: ctl->iiwidth_len was not initialized correctly
It was a mistake to add iiwidth_len to struct mtr_ctl. First of all the
value needed in that field was never set, and that resulted to crash when
running command with --csv option.
Secondly adding the field was bad idea to begin with. Number of array
elements is known only within context of asn.c file, so it is better to add
interface to query it rather than try to set value to a structure. Later
design is prone to cause futher bugs, if/when execution flow is not as one
might assume.
Sami Kerola [Sat, 3 Sep 2016 22:25:17 +0000 (23:25 +0100)]
crash fix: add ctl structure to gtk Pause_clicked() handler
Without this handler net_max() will crash with SIGSEGV at line 1209. gdb
backtrace gave clear hint what was the problem, and where it needs to be
fixed.
#0 0x4109db in net_max /home/src/mtr/net.c:1209
#1 0x42478e in gtk_redraw /home/src/mtr/gtk.c:508
#2 0x422fc7 in Pause_clicked /home/src/mtr/gtk.c:121
Sami Kerola [Sat, 3 Sep 2016 07:02:09 +0000 (08:02 +0100)]
cleanup: merge two trim functions to one
As a minor improvement make the trimmed string to stay at same start
address, so that trims can be safely done to pointers that are allocated and
need to be free'd later on. There is no such case in this code, but it is
good idea to write functions the way they will not cause memory issues
if/when such use case happens.
Sami Kerola [Sun, 4 Sep 2016 15:33:25 +0000 (16:33 +0100)]
bug fix: long option --gracetime is correct, --graceperiod is not
Commit 5dbeb8f1b4084c38103e92dbd028da2762c1f0a9 introduced new long option
--gracetime, that was documented as --graceperiod. Only one or the other
can be correct, so pick the --gracetime and update documentation to tell
this is, the expected long option.
Sami Kerola [Mon, 29 Aug 2016 11:42:59 +0000 (12:42 +0100)]
cleanup: remove commented out includes in dns.c
Thees have been two years commented out, and if someone really has to fiddle
around with comments that is a failure of autotools usage and needs to be
addressed by getting the autoconf to do the right things.
projects / thirdparty / mtr.git / log
