#
e1cb65bb |
| 21-Apr-2024 |
florian <florian@openbsd.org> |
Pass advertising router to the kernel.
We are using the ifra_dstaddr for this because it will always be unused with autoconf addresses since they can't be used on P2P links.
OK bluhm
|
#
fe9a5e47 |
| 15-Feb-2023 |
florian <florian@openbsd.org> |
Use correct order of arguments for shutdown(2).
Luckily routesock would never be <= 2 so shutdown would always failing with EINVAL and not shutting down random other sockets. The kernel was just use
Use correct order of arguments for shutdown(2).
Luckily routesock would never be <= 2 so shutdown would always failing with EINVAL and not shutting down random other sockets. The kernel was just uselessly piling up route messages that we were never reading.
This mistake first showed up in slaacd(8) and then was copied to the other daemons.
Reported & fixed by Josiah Frentsos (jfrent at tilde.team), thanks! OK kn
show more ...
|
#
1c0cb702 |
| 27-Nov-2022 |
kn <kn@openbsd.org> |
Provide more accurate lock error message
When started manuall from single-user mode (/ still read-only), the current error is misleading: # slaacd -dv slaacd: already running
The lock was specifi
Provide more accurate lock error message
When started manuall from single-user mode (/ still read-only), the current error is misleading: # slaacd -dv slaacd: already running
The lock was specifically added to prevent multiple instances in the installer, which discards the error message entirely anyway.
Retain the useful EAGAIN/"already running" message, but otherwise print the real error reason: # slaacd -dv slaacd: /dev/slaacd.lock: Read-only file system
Feedback OK deraadt millert
show more ...
|
#
51e6ed8b |
| 15-Sep-2022 |
florian <florian@openbsd.org> |
Ignore error when we try to delete an address that's already gone.
This will happen when an address expires because the vltime drops to zero. The kernel then deletes the address and slaacd tries to
Ignore error when we try to delete an address that's already gone.
This will happen when an address expires because the vltime drops to zero. The kernel then deletes the address and slaacd tries to do so, too. The correct fix is to track in slaacd that the kernel already deleted the address for us, but that's too much work shortly before a release so just hide the ugly warning for now, it's harmless. Problem reported by semarie some time ago. OK deraadt, benno
show more ...
|
#
5a030e60 |
| 12-Jul-2022 |
florian <florian@openbsd.org> |
Rewrite state machine in the style of dhcpleased(8).
It is less cluttered, easier to reason about and fixes some bugs in passing that would have been difficult in the old state machine.
Stale IPv6
Rewrite state machine in the style of dhcpleased(8).
It is less cluttered, easier to reason about and fixes some bugs in passing that would have been difficult in the old state machine.
Stale IPv6 addresses, default routes and nameservers are now correctly removed when moving from one IPv6 enabled network to another IPv6 enabled network. Default routes and nameservers correctly expire when they are not refreshed and nameservers are updated when router advertisements change the nameserver option.
Testing & input caspar@
Putting it in now to get wider testing and shake out bugs, discussed with deraadt@ at r2k22.
show more ...
|
#
c932786d |
| 24-Aug-2021 |
florian <florian@openbsd.org> |
When an interface disappears, e.g. when a usb dongle gets unplugged, we get a RTM_IFANNOUNCE message not a RTM_IFINFO message. Handle this message to not accumulate "unknown" interfaces. While here f
When an interface disappears, e.g. when a usb dongle gets unplugged, we get a RTM_IFANNOUNCE message not a RTM_IFINFO message. Handle this message to not accumulate "unknown" interfaces. While here fix a bug where we would remove an interface only in the engine process but not in the frontend when an interfaces gets unplugged while we process a RTM_IFINFO message for it. OK benno
show more ...
|
#
eaca7584 |
| 27-Jul-2021 |
florian <florian@openbsd.org> |
The SIOCAIFADDR_IN6 ioctl could lose a race against another process configuring the same IP. I forgot to fix slaacd after fixing the same problem in dhcpleased. Pointed out by afresh1
|
#
06d929a1 |
| 22-Jul-2021 |
kn <kn@openbsd.org> |
Send rDNS proposals on ramdisks
Otherwise resolvd(8) will never learn nameservers and update /etc/resolv.conf with IPv6 resolvers.
At the moment IPv6 only installations always prompt for nameserver
Send rDNS proposals on ramdisks
Otherwise resolvd(8) will never learn nameservers and update /etc/resolv.conf with IPv6 resolvers.
At the moment IPv6 only installations always prompt for nameservers anyway, but that is its own bug and will be fixed soon.
This enables the upcoming fix to detect learned nameservers in the first place.
Feedback OK florian
show more ...
|
#
bc9eb55c |
| 21-Jul-2021 |
kn <kn@openbsd.org> |
Use exclusive lock under /dev/, silence expected errors in installer
resolvd(8), slaacd(8) and dhcpleased(8) are different from other daemons in that there must only be a single instance.
resolvd a
Use exclusive lock under /dev/, silence expected errors in installer
resolvd(8), slaacd(8) and dhcpleased(8) are different from other daemons in that there must only be a single instance.
resolvd already does this, adjust slaacd and dhcpleased accordingly while moving the lockfile paths under /dev/ such that they work early on boot and don't run into races should /var be (un)mounted between daemon starts.
Locking is especially required in the installer where all three daemons are started every time the "(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? " prompt is entered, i.e. restarting installation or dropping into a shell and back into the prompt again would start multiple instances.
To avoid expected lockfile error messages in between installer prompts, discard standard error when starting the autoconf daemons; none of them has other potential failure cases in installer mode before daemon(3)izing.
Input sthen deraadt OK deraadt
show more ...
|
#
2eeed627 |
| 01-May-2021 |
florian <florian@openbsd.org> |
In singel user mode / is mounted ro. Just warn if we can't create the control socket instead of fatal(). OK deraadt
|
#
804ba004 |
| 21-Mar-2021 |
florian <florian@openbsd.org> |
Use new terminology of RFC 8981 and (mechanically) replace "privacy" with "temporary".
|
#
8a8bcb8b |
| 07-Mar-2021 |
florian <florian@openbsd.org> |
Fold get_lladdr into update_iface, now the only caller. This allows us to pass the link state over to engine here instead of in update_addr which is not available in small. This gets us more in line
Fold get_lladdr into update_iface, now the only caller. This allows us to pass the link state over to engine here instead of in update_addr which is not available in small. This gets us more in line dhcpleased.
show more ...
|
#
168427c5 |
| 27-Feb-2021 |
florian <florian@openbsd.org> |
Path #defines are traditionally prefixed with _PATH. pointed out by deraadt
|
#
5ebbfac0 |
| 19-Jan-2021 |
florian <florian@openbsd.org> |
Make imsg event structs static to fix -fno-common. Follows claudio's lead in ospfd et al. Problem reported by mortimer.
|
#
31525baa |
| 19-Jan-2021 |
florian <florian@openbsd.org> |
No need for a global slaacd_process; unbreaks -fno-common. Problem reported by mortimer
|
#
939e6f5e |
| 17-Jan-2021 |
florian <florian@openbsd.org> |
Mark up locations of KAME hack with #ifdef __KAME__ so that we can find it again if and when we no longer need it. No object change.
|
#
9bdef370 |
| 01-Dec-2020 |
florian <florian@openbsd.org> |
Sync get_ifrdomain() to rad(8) version by removing a useles (void) cast in front of a strlcpy(3). tb@ had pointed out that the use in rad(8) was not consistent. I consider the void cast a useless ann
Sync get_ifrdomain() to rad(8) version by removing a useles (void) cast in front of a strlcpy(3). tb@ had pointed out that the use in rad(8) was not consistent. I consider the void cast a useless annotation, either the strl* functions must have the canonical trucation check or it must be obvious that truncation cannot happen or is not a problem. While at it remove a bunch more casts that snuck in over time.
show more ...
|
#
3ee8adf9 |
| 14-Sep-2020 |
florian <florian@openbsd.org> |
We might race against removal of an rdomain we just want to handle. Make setsockopt non-fatal in this case and just ignore the request. Spotted in a diff by reyk for rad(8); discussed with claudio
|
#
dd19964d |
| 14-Sep-2020 |
florian <florian@openbsd.org> |
Let slaacd handle all rdomains in a single daemon. Suggested by claudio and matthieu Testing matthieu Putting it in now to get enough testing before release so that there is enough time to back it ou
Let slaacd handle all rdomains in a single daemon. Suggested by claudio and matthieu Testing matthieu Putting it in now to get enough testing before release so that there is enough time to back it out, suggested by deraadt
show more ...
|
#
c99d424e |
| 03-Jul-2020 |
florian <florian@openbsd.org> |
Rename IN6_IFF_PRIVACY to IN6_IFF_TEMPORARY. This is the name the other BSDs use for this, there is no reason to be different, the IPv6 RFCs call these addresses temporary, and some software in ports
Rename IN6_IFF_PRIVACY to IN6_IFF_TEMPORARY. This is the name the other BSDs use for this, there is no reason to be different, the IPv6 RFCs call these addresses temporary, and some software in ports wants to use this as well. Most recently pointed out for firefox by landry. OK claudio, sthen
show more ...
|
#
04a70a4b |
| 25-May-2020 |
florian <florian@openbsd.org> |
Do not log "startup" to syslog.
slaacd and unwind start very early in the boot process and syslog is not fully available yet so these messages tend to get lost. But they are also not particularly us
Do not log "startup" to syslog.
slaacd and unwind start very early in the boot process and syslog is not fully available yet so these messages tend to get lost. But they are also not particularly useful. Prompted by a report by Jason Mader on bugs@ OK deraadt, claudio, bluhm
Note that this code has been copied around to all our privsep daemons and also lives in usr.sbin. Leave it alone there because multiple people said they find it useful for those daemons.
show more ...
|
#
4876bc35 |
| 16-Apr-2020 |
florian <florian@openbsd.org> |
Make the control socket name depend on the routing domain we are in. That way, when slaacd gets started in a different rdomain with route exec things just work, no need to provide an alternative cont
Make the control socket name depend on the routing domain we are in. That way, when slaacd gets started in a different rdomain with route exec things just work, no need to provide an alternative control socket. Pointed out by claudio Original diff by benno, but I like my bikeshed purple. OK benno, claudio
show more ...
|
#
875a69c5 |
| 14-Apr-2020 |
florian <florian@openbsd.org> |
When slaacd is run in a routing domain (rdomain) other than the default (0) it sends router solicitations and receives router advertisements only from interfaces that are in its own rdomain. It also
When slaacd is run in a routing domain (rdomain) other than the default (0) it sends router solicitations and receives router advertisements only from interfaces that are in its own rdomain. It also only sees interfaces arriving, or departing in its own rdomain. However, for the default route there is rdomain cross-talk because slaacd configures the default route in the default rdomain (and fails). Make slaacd honour the rdomain it's running in as well. OK denis, phessler, benno
show more ...
|
#
04e960aa |
| 15-Dec-2019 |
deraadt <deraadt@openbsd.org> |
semarie diagnosed a what appeared to be a 'large backwards memcpy' of an ipv6 address, but was actually oversize (a large union). correct access to the right subfield. ok florian semarie
|
#
ee79b9a7 |
| 23-Nov-2019 |
florian <florian@openbsd.org> |
On startup withdraw all proposals for all interfaces by sending an empty proposal with if_index 0.
It is possible that the set of autoconf interfaces changed between a stop -> start tran
On startup withdraw all proposals for all interfaces by sending an empty proposal with if_index 0.
It is possible that the set of autoconf interfaces changed between a stop -> start transition and slaacd would never withdraw nameservers for interfaces that had the autoconf flag previously but no longer after the restart.
show more ...
|