summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Roy Marples [Mon, 12 Oct 2020 14:17:22 +0000 (15:17 +0100)]
Update to dhcpcd-9.3.1 with the following changes:
* dhcpcd: carrier handling issue fixed from 9.3.0
* dhcpcd: log if interface type is unsupported in debug
* duid: memory leak fixed if UUID wanted but none available
* privsep: fix receiving inet and no BPF running
* privsep: allow gettimeofday for SECCOMP
* privsep: fix stderr redirection again
Roy Marples [Mon, 5 Oct 2020 16:22:25 +0000 (17:22 +0100)]
Update to dhcpcd-9.3.0 with the following changes:
* dhcpcd: Backticks have been removed from quoting filenames
* dhcpcd: Only manipulate stdin, stdout and stderr if they are valid
* duid: Adjust option so the type can be specified
* logerr: Don't leak logfile fd to scripts
* privsep: Run the launcher process in the sandbox
* privsep: getifaddrs now carries ifa_data for BSD
* BSD: Use `ifi_link_state` as the single source of truth about carrier
* BSD: Ignore vether(4) devices by default
Roy Marples [Sun, 6 Sep 2020 16:15:23 +0000 (17:15 +0100)]
Update to dhcpcd-9.2.0 with the following changes:
* route: ensure IPv4LL routes come last in priority
* DHCP: fix many issues with extending the last lease
* privsep: don't read control group from config in privsep
* privsep: only the master process responds to signals
* privsep: use a socketpair for stderr/stdin rather than dupping /dev/null
* privsep: right limit stdin/stderr/stdout
* privsep: dumping a lease is now run in a sandbox
* options: check if kernel supports INET or INET6 before enabling default
* options: let clientid override a prior duid
* options: allow -1 to represent infinity for requested lease time
* dhcpcd: fix a crash initing a new interface after route overflow
Roy Marples [Thu, 2 Jul 2020 14:08:00 +0000 (15:08 +0100)]
dhcpcd: Update to version 9.1.3 with the following changes:
* inet6: Add support for reporting Mobile IPv6 RA's
* inet6: Report RA Proxy flag if set
* privsep: Don't handle any signals meant for the main process
* eloop: Try and survive a signal storm
* dhcpcd: Add an option to poll the interface carrier state
* script: Make visible some link level parameters to lease dumping
* inet6: Don't regen temp addresses we didn't add
* privsep: Don't limit file writes if logging to a file
* DHCP6: Fix lease timings with nodelay option
Roy Marples [Tue, 16 Jun 2020 08:43:31 +0000 (08:43 +0000)]
Update to dhcpcd-9.1.2 with the following changes:
* BSD: Only mark static routes from dhcpcd.conf as static
* DHCP6: Ensure requested addresses are requested
* DHCP6: Fix prefix length calculation when no prefix specified
* privsep: Implement a resource limited sandbox
You will see a control proxy process now.
This is for the resource limited sandbox so that we can isolate
requests over the control socket.
For NetBSD, FreeBSD and derivatives such as DragonFlyBSD this is a massive win
as these OS now enjoy a similar level of protection as Capsicum or Pledge,
but without the syscall filtering.
Roy Marples [Thu, 4 Jun 2020 13:23:18 +0000 (13:23 +0000)]
Import dhcpcd-9.1.1 with the following changes:
* Restore dumping leases from stdin
* auth: Only accept RECONFIGURE messages from LL addresses
* auth: Access the RDM monotonic counter file via privsep
* ARP: call arp_announced() when cancelling it
* BSD: fwip(4) interfaces are now ignored by default
* privsep: Ensure IPC buffers are large enough to carry messages
* privsep: Only open RAW sockets for the needed protocols
* privsep: Fix indirect ioctls returning data
* privsep: wait for processes on SIGCHLD rather than when sent a STOP cmd
* eloop: just use ppoll/pollts(2), falling back to pselect(2)
Roy Marples [Mon, 1 Jun 2020 09:57:38 +0000 (09:57 +0000)]
Update to dhcpcd-9.1.0 with the following changes:
* Leases are stored outside the chroot again
* The chroot directory can now be (and should be) empty [1]
* BPF: set write filters when supported
* ARP is now per address rather than per interface
* Filter allowed ioctls in the privileged actioneer
* Filter allowed UDP ports used by sendto(2) in the privileged actioneer
* Filter allowed file paths in the privileged actioneer
* route socket is now drained on overflow as it cannot be
re-opened by the unpriviledged user
* hostname can no longer be clobbered by SLAAC
* grep is no longer used by the test hook
* Interface hardware address type changes are now picked up
* Fixed some RA timing issues
* Fixed nd_* option parsing in dhcpcd.conf
* Allow SIGPIPE in scripts
* Default dhcpcd.conf no longer sends the current hostname
* Default dhcpcd.conf no longer sends a vendorclassid
Roy Marples [Tue, 21 Apr 2020 10:03:27 +0000 (10:03 +0000)]
Import dhcpcd-9.0.2 with the following changes:
* Control sockets are not opened in test mode
* privsep: no longer aborts if protocol not available
* inet6: Don't regen temporary addresses without a state
* inet6: Reduce RA log spam
* dhcp6: Don't log when things consitently fail
* inet6: Add temporary directive to slaac option [1]
* Ensure current interface flags persist when setting a flag
* DHCP via BPF is now aligned correctly
* CMSG buffers are now aligned correctly
* hostnames are no longer clobbered when being forced and a RA is recieved
[1] dhcpcd no longer looks at any possible kernel settings when deciding to
manage IPv6 temporary addresses or not. You now instruct dhcpcd to do this
in dhcpcd.conf. Playing whack-a-mole with various kernel knobs wasn't fun
and some OS's have or are removing RA and thus temporary address managemnt
from the kernel so said knobs are no longer there.
Roy Marples [Mon, 13 Apr 2020 16:30:52 +0000 (16:30 +0000)]
Update to dhcpcd-9.0.1 with the following changes:
* privsep: Improve error when we don't have permission to write lease
* privsep: Fix hooks restarting other daemons
Roy Marples [Thu, 2 Apr 2020 15:14:14 +0000 (15:14 +0000)]
Import dhcpcd-9.0.0 with the following changes:
* inet: Allow forcing a host route from an interface without a lease
* dhcpcd: Don't wait for an address family to complete if not using it
* INET6: Support a /128 prefix advertised via RA
* BSD: More address validation from route(4) messages
* DHCP: Fix a potential segfault on DaD failure
* IPv4LL: Fix a potential segfault when dropping IPv4LL addresses
* Decode interface complex interface names eth0.100:2 eth0i100:2.
This allows us to ignore some virtual interfaces by default
* ARP: Report L2 header address on conflict for more clarity
* DHCP: Support jumbo frames (untested)
* DHCP6: Clean up old lease on failure to confirm/rebind, etc
* RA: Prefer older routers
* INET6: Obscure prefixes are now calculated correctly
* Privilege Separation
* Default hostname is now a blank string
* Leases are now dumped over the control socket - you get RA's now as well.
* Better support for many IPv6 routers
* RA: Deprecate stale addresses by setting pltime 0
* DHCP6: Deprecate stale addresses by setting pltime 0
Roy Marples [Fri, 20 Dec 2019 22:35:27 +0000 (22:35 +0000)]
Import dhcpcd-8.1.4 with the following change:
* options: Fix allocating the script option
Roy Marples [Fri, 20 Dec 2019 12:09:22 +0000 (12:09 +0000)]
Import dhcpcd-8.1.3 with the following changes:
* dhcpcd: Only report SSID when we have a carrier
* IPv6ND: Fix reachable test
* DHCP6: Work better with infinite addresses
* DHCP6: Suboption 3 of NTP Server is a FQDN
* DHCP6: Fix deprecating a delegated prefix
* DHCP: Ensure we have a lease to extract options from
Roy Marples [Wed, 13 Nov 2019 17:01:06 +0000 (17:01 +0000)]
Import dhcpcd-8.1.2
* hooks: STOPPED is now run on timeout and exit
* BSD: Use IP_REVCIF rather than IN_PKTINFO
* DHCP: When rebinding, ensure we have a DHCP ARP state
* RA: Sort routers when reachability changes
* RA: Apply hoplimit, reachable and retrans timer values to kernel
* RA: Warn if advertised MTU > interface MTU
* dhcpcd: Report SSID connection to when we gain carrier
* DHCP: Fix corruption of address flags when renewing
Roy Marples [Wed, 16 Oct 2019 15:00:37 +0000 (16:00 +0100)]
Import dhcpcd-8.1.1 with the following changes:
* IPv6: Fix a potential crash when learning interface addresses.
* DHCP: Fix fallout from dhcpcd-8.1.0 for checksum calculation.
Roy Marples [Fri, 11 Oct 2019 11:42:26 +0000 (12:42 +0100)]
Import dhcpcd-8.1.0 to vendor branch with the following changes:
* Fix carrier status after a route socket overflow
* Allow domain spaced options
* DHCP: Allow not sending Force Renew Nonce or Reconf Accept
* IPv4LL: Now passes Apple Bonjour test versions 1.4 and 1.5
* ARP: Fix a typo and remove pragma (thus working with old gcc)
* DHCP6: Fix a cosmetic issue with infinite leases
* DHCP6: SLA 0 and Prefix Len 0 will now add a delegatd /64 address
* Ignore some virtual interfaces such as Tap and Bridge by default
* BPF: Move validation logic out of BPF and back into dhcpcd
Roy Marples [Fri, 13 Sep 2019 12:44:27 +0000 (13:44 +0100)]
Import dhcpcd-8.0.6 with the following changes:
* inet6: Fix default route not being installed
* DHCP: If root fs is network mounted, enable last lease extend
* man: Fix lint errors.
* BSD: avoid RTF_WASCLONED routes
* DHCP: Give a better message when packet validation fails
* DHCP: Ensure we have enough data to checksum IP and UDP
The last change fixes a potential DoS attack introduced in dhcpcd-8.0.3
when the checksuming code was changed to accomodate variable length IP headers.
Roy Marples [Wed, 4 Sep 2019 16:55:23 +0000 (17:55 +0100)]
Import dhcpcd-8.0.4 to vendor branch.
Aaron LI [Fri, 19 Oct 2018 06:32:39 +0000 (14:32 +0800)]
dhcpcd: Add READMEs
Aaron LI [Fri, 19 Oct 2018 06:22:17 +0000 (14:22 +0800)]
Import dhcpcd 7.0.8
Version: 7.0.8
Date: 2018 August 20
URL: https://github.com/rsmarples/dhcpcd/releases
Homepage: https://roy.marples.name/projects/dhcpcd
projects / dragonfly.git / log