chiark / gitweb /
Ian Jackson [Fri, 17 May 2019 22:38:47 +0000 (23:38 +0100)]
site: Log about crossed MSG1 with a higher priority
This means that we normally get these messages.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
v2: New patch
Ian Jackson [Sat, 18 May 2019 00:28:02 +0000 (01:28 +0100)]
site: Log about crossed MSG1 ignored only once
If for some reason our peer isn't getting our MSG1s, they will
retransmit and we will ignore each retransmission. Log this only
once.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
v2: New patch
Ian Jackson [Fri, 17 May 2019 22:10:03 +0000 (23:10 +0100)]
site: transport peers update: avoid nearly-trivial debug
When the order of peers changes, but not the total set, we probably
don't want to log it. Actually comparing the before and after lists
setwise is rather too hard. But we can do it fairly easily when
there's only one peer being recorded.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
v2: New patch
Ian Jackson [Tue, 14 May 2019 23:32:08 +0000 (00:32 +0100)]
configure: rerun autogen.sh with autoconf 2.69-10
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 15 May 2019 21:02:10 +0000 (22:02 +0100)]
NOTES: tiny fix
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Mark Wooding [Wed, 26 Apr 2017 10:53:05 +0000 (11:53 +0100)]
site.c: Cope with failure of transform `setkey' method.
The `setkey' method can fail, and indicates this by returning False.
Indeed, the `serpent-cbc256' transform will fail if the shared secret
it's given is too short.
Change `set_new_transform' and its callers to propagate failures
properly.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Wed, 26 Apr 2017 10:53:05 +0000 (11:53 +0100)]
README: Note that I've hacked on the code.
I shall be hacking on it further.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
site.c: Don't overwrite `st->sharedsecret' if it's null.
In this case, `st->sharesecretlen' is zero, but this is still undefined
behaviour.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Fri, 28 Apr 2017 21:51:36 +0000 (22:51 +0100)]
site.c: Make sure there's enough buffer space for the signature terminator.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Fri, 28 Apr 2017 21:51:20 +0000 (22:51 +0100)]
rsa.c transform-cbcmac.c: Fix configuration error messages.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
NOTES: Describe the current allocation of capability bits.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
make-secnet-sites: Don't allow setting new VPN-level props when restricted.
Currently, one can say something like
vpn thing
renegotiate-time 1
location evil
## ...
and if the VPN admin failed to set a value for `renegotiate-time' then
everyone will spin their CPUs doing key exchange.
Fix this lacuna. Now user input can only modify location and site
properties. If the administrator didn't set a location-level
`restrict-nets', then a user can do this, but obviously that can't make
anything worse.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
make-secnet-sites: Remove duplicate `address' entry in sitelevel.
It was already there, with a functionally equivalent presentation
function.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
secnet.8: Fix wrong information.
No, sites don't all have to use the same DH group. It's true that sites
have to agree pairwise to use the same group when talking to each other.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
README.make-secnet-sites: Provide some documentation for this tool.
Constructed by reverse-engineering. I may well have misunderstood
things.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Sat, 29 Apr 2017 12:55:40 +0000 (13:55 +0100)]
.dir-locals.el: Settings for Python code.
This project has very weird Python style. Even by my standards.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Fri, 28 Apr 2017 21:51:36 +0000 (22:51 +0100)]
util.c: Don't byte-swap IPv4 addresses, even if we don't have IPv6.
The `string_item_to_ipaddr' function returns addresses as a single
integer in host byte order. But this isn't what's wanted for setting up
`struct sockaddr_in', for example. The function `adns_text2addr' does
the right thing.
I think this has always been wrong for setting up UDP sockets: before
the introduction of `string_item_to_iaddr', `udp_apply' would call
`string_item_to_ipaddr' directly, and neglected to swap the bytes.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Ian Jackson [Sat, 25 Nov 2017 16:14:00 +0000 (16:14 +0000)]
Administrivia: Fix erroneous GPL3+ licence notices "version d or later" (!)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 16:12:32 +0000 (16:12 +0000)]
changelog: start 0.4.4~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:31:56 +0000 (14:31 +0000)]
finalise 0.4.3
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:30:19 +0000 (14:30 +0000)]
changelog, Makefile.in: burn version numbers 0.4.1 and 0.4.2
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:23:34 +0000 (14:23 +0000)]
changelog: Retrospectively some items missing from 0.4.1
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:17:07 +0000 (14:17 +0000)]
build: Release checklist fixes.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:16:32 +0000 (14:16 +0000)]
build: #include <limits.h>
Fixes the build on jessie.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:07:31 +0000 (14:07 +0000)]
build: Tolerate building from a git checkout, but with git not installed.
This can happen in chroots.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 14:07:16 +0000 (14:07 +0000)]
changelog: start 0.4.2~
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Nov 2017 13:41:47 +0000 (13:41 +0000)]
finalise 0.4.1
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 25 Apr 2017 12:05:53 +0000 (13:05 +0100)]
Merge remote-tracking branch 'mdw/mdw/powm-sec'
Ian Jackson [Sun, 23 Apr 2017 19:59:18 +0000 (20:59 +0100)]
When turning on debug, turn on verbose too.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 19:58:22 +0000 (20:58 +0100)]
When printing messages about dropping IPv6, do not print anything about ihl.
Check the IP version field first !
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 17:14:11 +0000 (18:14 +0100)]
fixup! polypath: Introduce comm-info/dedicated
Ian Jackson [Sun, 23 Apr 2017 17:13:55 +0000 (18:13 +0100)]
fixup! polypath: Plumb ifname_wanted
Ian Jackson [Sun, 23 Apr 2017 17:12:20 +0000 (18:12 +0100)]
fixup! polypath: change return type of ifname_wanted
Ian Jackson [Sun, 23 Apr 2017 16:25:15 +0000 (17:25 +0100)]
changelog: mention hippotat
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 11:36:09 +0000 (12:36 +0100)]
polypath: Introduce comm-info/dedicated-interface-addr
Also, rename `interfs' to `interfs_general' in struct polypath, to
ensure we found everywhere this list is processed.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 13:25:58 +0000 (14:25 +0100)]
polypath: Break out polypath_sendmsg_interf
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 13:07:57 +0000 (14:07 +0100)]
polypath: Plumb ifname_wanted `want' through privsep etc.
Prepare for there being multiple interface lists, and for a new kind
of `want'. Specifically:
* Arrange to declare the type `struct interf_list'.
* Pass the want via the privsep protocol, as a character.
* Pass the want in lots of command line arguments.
* Move assert for rogue values to the use site, which is now in
a different process so it can't be an assert.
* Introduce a variable `interfs' in polypath_record_ifaddr to allow
it to manipulate a different list.
* Introduce a variable `max_interfs' in polypath_record_ifaddr to
allow a different check.
* Print the relevant want in debugging output.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 12:46:05 +0000 (13:46 +0100)]
polypath: change return type of ifname_wanted, to char
We are going to want to provide other answers besides just
yes (True, '+') and no (False, '!'). Prepare for this.
No functional change just yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 12:11:43 +0000 (13:11 +0100)]
comm clientinfo: site: Pass comm-info to comm
Call each comm's clientinfo_fn on the comm-info dict, if any.
Pass the resulting struct clientinfo to sendmsg.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 11:36:44 +0000 (12:36 +0100)]
comm clientinfo: Provide clientinfo interface
This will allow a comm client to provide information from its
configuration dicts to the comm, so that a comm can be shared by
multiple clients but still have client-specific configuration.
Currently, this new interface has no callers, and no consumers.
No comm clients call comm_if->_clientinfo(); they all just pass NULL.
No comms take any notice of the clientinfo information; they always
return NULL for the clientinfo*.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 12:17:37 +0000 (13:17 +0100)]
site: Introduce comm_addr_sendmsg
This helper function currently simply sends a packet to an comm_addr,
using the addr's comm. It will do more in a bit.
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 23 Apr 2017 12:09:36 +0000 (13:09 +0100)]
conffile: Provide dict_read_dict
No callers yet.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Mark Wooding [Wed, 28 Sep 2016 11:01:26 +0000 (12:01 +0100)]
dh.c, rsa.c: use `mpz_powm_sec' for modexps.
This makes an effort to run in constant time. It's not perfect, but
it's a lot better than nothing.
* It uses fixed windows from the exponent rather than the traditional
sliding windows used by `mpz_powm'. Sliding windows are more
efficient on low Hamming-weight exponents, which is obviously bad if
you were hoping for constant-time behaviour.
* It uses a cache-oblivious algorithm to pick values out of its table
of small multiples -- i.e., it scans the entire table and plucks out
the entry it's looking for using bitmasking. (This is tweakable
with a macro `WANT_CACHE_SECURITY', but that's hardwired on.)
* It uses a constant-time conditional subtract to finish up after a
Montgomery reduction.
On the other hand there are some rough edges.
* The initial reduction of the exponentiand is done with a non-
constant-time algorithm. It /could/ be done a fancy way, using
Montgomery reduction, but they've not done this yet.
* I've not looked at the Secnet code to see whether there are other
timing leaks.
The call in `rsa_sig_check' is safe to leave as the faster `mpz_powm',
since it's verifying a signature which could, in principle, be done by
anyone using only public information.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Mark Wooding [Wed, 28 Sep 2016 11:00:24 +0000 (12:00 +0100)]
Makefile.in: Fix `check-ipaddrset' rule to get reference from $(srcdir).
Makes out-of-tree builds work properly.
Signed-off-by: Mark Wooding <mdw@distorted.org.uk>
Ian Jackson [Tue, 19 Apr 2016 21:46:12 +0000 (22:46 +0100)]
Makefile.in: turn of -Wsign-compare for bison output
conffile.yy.c: In function `yy_get_next_buffer':
conffile.yy.c:1228:44: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare]
if ((int) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) {
^
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 12 Sep 2015 23:56:06 +0000 (00:56 +0100)]
Keepalive option: Start trying to rekey as soon as peer shuts down
This avoids us ending up in state RUN with no keys and no key
initiation attempt, which with keepalive is a forbidden.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 12 Sep 2015 15:17:51 +0000 (16:17 +0100)]
Implement `keepalive' site option, to try to keep link always up.
Ian Jackson [Sat, 28 Feb 2015 15:26:03 +0000 (15:26 +0000)]
Finalise 0.4.0
Ian Jackson [Sat, 28 Feb 2015 15:02:32 +0000 (15:02 +0000)]
Report when transport peers updated as a result of transmit.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 28 Feb 2015 15:01:21 +0000 (15:01 +0000)]
site: Packet-level debugging notes errors from transmit.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 31 Jan 2015 09:03:36 +0000 (09:03 +0000)]
Release process notes from 0.4.0~beta2
Ian Jackson [Sun, 28 Dec 2014 17:14:27 +0000 (17:14 +0000)]
Finalise changelog for 0.4.0~beta2
Ian Jackson [Sun, 28 Dec 2014 17:11:38 +0000 (17:11 +0000)]
Finalise changelog for beta2~ test build
Ian Jackson [Sun, 28 Dec 2014 17:10:59 +0000 (17:10 +0000)]
Makefile.in: Putative dual (backport and not) release build process doc.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:48:19 +0000 (16:48 +0000)]
Sort out changelog
Ian Jackson [Sun, 28 Dec 2014 16:42:06 +0000 (16:42 +0000)]
Build system: Use -lnsl only if inet_ntoa is not found otherwise.
Ian Jackson [Sun, 28 Dec 2014 16:37:44 +0000 (16:37 +0000)]
Build system: Break out SECNET_C_GETFUNC macro
No functional change.
Verified with `git diff -b' that there is no significant change to the
generated configure.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:34:10 +0000 (16:34 +0000)]
Build system: Use -lresolv only if inet_aton is not found otherwise.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:22:05 +0000 (16:22 +0000)]
Build system: debian/rules: Do not run build for *-indep (!)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:21:08 +0000 (16:21 +0000)]
Build system: debian/rules: Provide build-arch and build-indep targets.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:16:54 +0000 (16:16 +0000)]
Build system: debian/rules: Support dpkg-buildflags.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 15:55:32 +0000 (15:55 +0000)]
Copyright updates - update to GPLv3, etc.
Update to GPLv3. secnet as actually installed is GPLv3+ anyway
because it depends on python-ipaddr (Apache 2.0, which is
GPLv2-incompatible), adns (now GPLv3+), and libgmp (now LGPLv3+).
Also:
* Add missing copyright notices and credits.
* Get rid of old FSF street address; use URL instead.
* Remove obsolete LICENCE.txt (which was for snprintf reimplementation).
* Remove obsolete references to Cendio (for old ipaddr.py, now gone).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 16:02:13 +0000 (16:02 +0000)]
Build system: Fix check for <linux/if_tun.h> and remove our copy
* Check for <linux/if_tun.h>, not <linux/if.h>, since the former is
what we include.
* Remove our embedded copy of linux/if_tun.h. We have no need of
this any more as all recent Linux platforms will provide this as
part of the system. This is good because linux/if_tun.h is
GPLv2-only and secnet as a whole has to be GPLv3+ when built
because it contains and depends on a few GPLv3+ things.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 28 Dec 2014 12:38:05 +0000 (12:38 +0000)]
Build system: Install ipaddrset.py and secnet.8 with correct perms
Do not install them as executables; use INSTALL_DATA instead.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 27 Dec 2014 21:35:39 +0000 (21:35 +0000)]
Build system: debian/rules: set DESTDIR (not prefix).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 27 Dec 2014 21:35:02 +0000 (21:35 +0000)]
Build system: Makefile: support DESTDIR.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 27 Dec 2014 21:29:00 +0000 (21:29 +0000)]
Changelog update.
Ian Jackson [Sun, 2 Nov 2014 15:40:32 +0000 (15:40 +0000)]
polypath: "address to remove not found" not an error
Reduce the log severity of this message. This can happen due to a
previous error, and does not then want to be reported again (unless
debugging is turned up).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 2 Nov 2014 15:38:09 +0000 (15:38 +0000)]
polypath: Make message class an argument to bad() callbacks
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Mon, 27 Oct 2014 01:42:28 +0000 (01:42 +0000)]
Portability fix: Build where sizeof is not compatible with int
On Debian amd64, for example:
util.c: In function 'iaddr_to_string':
util.c:575:3: error: field precision specifier '.*' expects argument
of type 'int', but argument 3 has type 'long unsigned int'
Thanks to Jonathan Amery for the report.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 26 Oct 2014 19:50:50 +0000 (19:50 +0000)]
polypath-interface-monitor-linux: Skip "tentative" IPv6 local addrs
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 26 Oct 2014 19:50:37 +0000 (19:50 +0000)]
polypath-interface-monitor-linux: Debugging output
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sun, 26 Oct 2014 18:26:54 +0000 (18:26 +0000)]
polypath: Ignore IPv6 Unique Local unicast addresses.
Ian Jackson [Sun, 26 Oct 2014 15:28:39 +0000 (15:28 +0000)]
Finalise 0.4.0~beta1
Ian Jackson [Sat, 25 Oct 2014 18:22:01 +0000 (19:22 +0100)]
udp: Print more info in our comm_addr representations
Include an index number (starting at 0) and the line number (but not
filename) at which we were defined. This is allows the user to more
easily see (for example) which comm_addrs actually belong to the same
udp, even if they might have a different ix and thus be reported with
different local addresses.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 18:20:14 +0000 (19:20 +0100)]
site: When reporting resolution complete, print only iaddr
For any particular site, the comm (and ix) are always going to be the
same. Printing only the address and port produces less clutter in the
log.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 18:04:31 +0000 (19:04 +0100)]
Static buffers: Provide new rotating static buffer macros
Provide new macros SBUF_DEFINE and SBUF which replace the open coded
rotating static buffers in ipaddr_getbuf (ipaddr_to_string and
subnet_to_string) and iaddr_to_string.
No functional change.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 17:27:34 +0000 (18:27 +0100)]
Static buffers: Replace references to bufs[b]
Introduce a new macro SBUF which currently refers to bufs[b]. We are
going to change its definition in a moment. Splitting the patches up
this way makes it easier to see that they're right.
No functional change in this patch.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 17:56:32 +0000 (18:56 +0100)]
Static buffers: ipaddr_getbuf: Rename some variables
Rename ipaddr_bufnum to b and ipaddr_bufs to bufs. That makes the
naming consistent with the other ad-hoc rotating buffers in
iaddr_to_string.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 15:56:50 +0000 (16:56 +0100)]
udp: Insist on only one successful default socket setup
If we default the addresses to use, we only insist that at least one
of them can be successfully set up.
(This is particularly significant when upgrading an existing secnet
installation to the new secnet, with IPv6 support, but on a host with
no IPv6, and no address configured in the config file. Without this
patch, secnet would fail to start up because it would try, and fail,
to bind the IPv6 address.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 14:00:38 +0000 (15:00 +0100)]
udp: Provide st->addr_configured
We are going to use it in udp_phase_hook.
Rewrite the tests on caddrl in terms of this new boolean.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 11:09:46 +0000 (12:09 +0100)]
udp, polypath: Log destination address in `some success' messages
Replace the boolean parameter with a pointer to the destination
address. (Conveniently this means that the calls relating to
reception can remain unchanged and the ones relating to transmission
produce a compile error until converted.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Sat, 25 Oct 2014 11:02:02 +0000 (12:02 +0100)]
authbind: Better logging of authbind failures
Report the address and the authbind helper pathname.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 23 Oct 2014 22:50:45 +0000 (23:50 +0100)]
string_item_to_iaddr: Actually set port if !CONFIG_IPV6
This bug was introduced along with this function in
bb839899 `Provide
string_item_to_iaddr', which simply forgot to set the port.
The practical implications are that the port number of a locally bound
socket would not be specified, if an address was supplied, but only in
builds without IPv6 support. (This might result in the kernel picking
a port nmber; if authbind is in use it would probably cause authbind
to refuse.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 23 Oct 2014 22:49:17 +0000 (23:49 +0100)]
resolver: Actually set port in resulting ca's
This got broken in
2093fb5c `comm etc.: Provide comm_addr_equal'.
We mistakenly removed the code that copied the port from q, along with
the code that copied the adns answer from ra. (The sockaddr that
comes back from adns obviously doesn't have a port number in it.)
As a result all actual DNS resolutions would result in an unuseable
sockaddr with port==0.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 23 Oct 2014 18:04:57 +0000 (19:04 +0100)]
udp: Print `&' in address descriptions only if multiple sockets
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 21 Oct 2014 00:20:12 +0000 (01:20 +0100)]
Makefile.in: remove *.pyc
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 21 Oct 2014 00:05:53 +0000 (01:05 +0100)]
debian/changelog: Write most of changelog for 0.4.x
Ian Jackson [Mon, 20 Oct 2014 23:33:49 +0000 (00:33 +0100)]
Makefile.in: Handle conffile.yy.h properly
This needs to be deleted by clean. And it needs to be a dependency of
the %.o pattern rule. (Since we rely on autogenerated .d header file
dependencies, are fine for manually-edited header files but not
autogenerated ones.)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 9 Oct 2014 18:23:31 +0000 (19:23 +0100)]
debian: Fix build-depends
Add libbsd-dev and python-ipaddr
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Thu, 9 Oct 2014 18:20:32 +0000 (19:20 +0100)]
debian/changelog: wip 0.4.x
Ian Jackson [Tue, 7 Oct 2014 19:51:05 +0000 (20:51 +0100)]
NEW etc.: Use NEW at non-formulaic call sites
Manually replace calls to safe_malloc with NEW. Calls where
safe_malloc was used to allocate a byte array (or a string buffer) are
left alone.
Some simple calls to allocate a single object are replaced with NEW.
(in COMM_APPLY, init_log, resolve_request, transform_cbcmac_module,
TRANSFORM_CREATE_CORE).
Some calls which were allocating arrays are replaced with NEW_ARY
(in dict_keys, ipset_new).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 7 Oct 2014 19:41:20 +0000 (20:41 +0100)]
NEW etc.: Replace most calls to safe_realloc_ary
Replace with REALLOC_ARY whenever the array object size is not 1
In subnet_list_set_len and ipset_set_len we abolish the unnecessary
temporary variable `nd'. In subnet_list_set_len we also simplify the
assert integer overflow condition (the division is not needed because
REALLOC_ARY and hence safe_malloc_ary will check for potential
multiplication overflow).
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 7 Oct 2014 19:36:17 +0000 (20:36 +0100)]
NEW etc.: Use NEW_ARY
Replace all calls to safe_malloc_ary with the NEW_ARY wrapper.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 7 Oct 2014 19:31:26 +0000 (20:31 +0100)]
NEW etc.: Use NEW in all obvious places
Entirely automatic conversion, using the following Perl rune:
perl -i~ -pe 's#^(\s+)(\w+)=safe_malloc\(sizeof\(\*\2\),"[^"]+"\);$#$1NEW($2);#' *.c conffile.fl conffile.y
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Tue, 7 Oct 2014 19:28:33 +0000 (20:28 +0100)]
NEW etc.: Provide size-safe wrappers for safe_malloc et al.
These automatically compute the size from the type to be assigned to,
and automatically generate a context string.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 1 Oct 2014 23:55:28 +0000 (00:55 +0100)]
udp, polypath: Log `experiencing success receiving', etc.
We want to use the `experienced' mechanism to report success while
receiving.
But, previously, the udp_socks_afterpoll function which does the
reciving didn't have a suitable description (`socksdesc') available:
in particular, for polypath, it should print the interface name.
Solve this as follows:
* Add a `desc' field to struct udpsocks, set by udp_socks_register
(for polypath this duplicates interf->name, but we don't really
care much about that as it's only one pointer).
* Add a new argument to udp_socks_register to ensure we catch
all the creation sites.
* Have have udp_sock_experienced take a struct udpsocks*.
After all that, the new call to udp_sock_experienced is trivial.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 1 Oct 2014 23:24:24 +0000 (00:24 +0100)]
test-example: Test not specifying a port
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 1 Oct 2014 23:19:34 +0000 (00:19 +0100)]
udp, polypath: Make specifying port optional
There is no particular reason why a mobile site with no stable address
ought to have to bind to a particular port. Doing so in those
configurations can bring in additional complications.
So, make specifying the port optional.
udp_make_socket calls getsockname to find what port number it got.
(We do this unconditionally as that's simplest.)
This has more complicated fallout than appears at first glance.
polypath needs to be able to match disappearances of the interface
address, which is mostly processed in terms of the configured rather
than obtained sockaddr.
In polypath, we need to compare just the addresses when removing an
interface address, because the port will have been assigned later. We
also use the actual address in logging, rather than the one supplied
by the interface monitor.
To support these changes, we formalise udp_import_socket, and provide
a new `ignoreport' option to iaddr_equal. The scope of the FAIL and
FAIL_LG macros in udp.c becomes a bit wider.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Ian Jackson [Wed, 1 Oct 2014 17:22:57 +0000 (18:22 +0100)]
test-example: Set `system/userid'
This means we normally test the privsep, rather than non-privsep,
version of polypath.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>