aboutsummaryrefslogtreecommitdiff
path: root/networking
AgeCommit message (Collapse)Author
2017-01-08httpd: fix address family for reverse proxy client socketLaurent Bercot
When httpd proxies a request to another server, it first creates an AF_INET socket, then resolves the server name to a sockaddr, then connects to it. This fails if the server name resolves to an IPv6 address. This patch ensures that the socket is created with the correct address family (AF_INET6 if the server resolves to an IPv6 address and AF_INET otherwise). Signed-off-by: Laurent Bercot <ska-dietlibc@skarnet.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-06ntpd: improve postponed hostname resolutionNatanael Copa
Run the namelookup from the main loop so a misspelled first ntp server name does not block everything forever. This fixes the following situation which would block forever: $ sudo ./busybox ntpd -dn -p foobar -p pool.ntp.org ntpd: bad address 'foobar' ntpd: bad address 'foobar' ntpd: bad address 'foobar' ... New behavior: ntpd: bad address 'foobar' ntpd: sending query to 137.190.2.4 ntpd: reply from 137.190.2.4: offset:-1.009775 delay:0.175550 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x01 ntpd: sending query to 137.190.2.4 ntpd: reply from 137.190.2.4: offset:-1.009605 delay:0.175461 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x03 ntpd: sending query to 137.190.2.4 ntpd: reply from 137.190.2.4: offset:-1.005327 delay:0.167027 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x07 ntpd: sending query to 137.190.2.4 ntpd: bad address 'foobar' ntpd: reply from 137.190.2.4: offset:-1.046349 delay:0.248705 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x0f This patch is based on Kaarle Ritvanens work. http://lists.busybox.net/pipermail/busybox/2016-May/084197.html function old new delta ntpd_main 1061 1079 +18 ntp_init 556 560 +4 resolve_peer_hostname 81 75 -6 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/1 up/down: 22/-6) Total: 16 bytes Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-04udhcp: tweak config order and menu item namesDenys Vlasenko
All other applets are listed simply by their name, no reason why dumpleases doesn't do that. Group all udhcpd feature options directly after it. Put "NOT READY" into udhcpc6 item (some users actually tried to use it, and complained). Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-03Fix dependency for IFUPDOWN_UDHCPC_CMD_OPTIONSJörg Krause
Commit a8c696bf09d8151323f6e99348c4bc8989f829c8 makes ifup and ifdown individually selectable, but forgets to update the dependency to IFUPDOWN_UDHCPC_CMD_OPTIONS, so it is not selectable anymore. This patch fixes the dependency by checking for IFUP or IFDOWN, instead of the obsolete IFUPDOWN. Also, it drops dependency on UDHCPC: udhcpc on the target system does not have to come from the _same_ binary. Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-02tcpudp: define SO_ORIGINAL_DST directly, not via includeDenys Vlasenko
musl does not like including linux/netfilter_ipv4.h (enum / #define collision in two headers, resulting in "3 = 3" type situation in enum definition). Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23Remove FEATURE_IFUPDOWN_IP_BUILTIN and FEATURE_IFUPDOWN_IFCONFIG_BUILTINDenys Vlasenko
They merely enable ip or ifconfig/route. There is already a way to do this on the same menuconfig page. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23fix breakage found by mass one-applet buildsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22ip: make ip aliases individually selectableDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22Make POST upload example script easier to useDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22Update information on building httpd and wget helpersDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-18libiproute: handle table ids larger than 255Lukasz Nowak
Linux kernel, starting from 2.6.19 allows ip table ids to have 32-bit values. In order to preserve compatibility, the old 8-bit field: rtm_table is still in use when table id is lower than 256. Add support for the 32-bit table id (RTA_TABLE attribute) in: - ip route print - ip route modify - ip rule print - ip rule modify Add printing of table ids to ip route. Changes are compatible with the mainline iproute2 utilities. These changes are required for compatibility with ConnMan, which by default uses table ids greater than 255. function old new delta print_route 1588 1637 +49 do_iproute 2187 2222 +35 do_iprule 955 987 +32 print_rule 617 630 +13 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 4/0 up/down: 129/0) Total: 129 bytes Signed-off-by: Lukasz Nowak <lnowak@tycoint.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-28Code style fixes, no code changesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23Convert all udhcp applets to "new style" applet definitionsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23tc: consolidate its disabled bitsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23Make ping6 and traceroute6 selectable independently from ping/tracerouteDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23ipneigh: add this shortcur similar to other "ip <CMD>" shortcutsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23Rename FEATURE_FTP_WRITE and FEATURE_FTP_AUTHENTICATION to *_FTPD_*Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23Convert all networking/* applets to "new style" applet definitionsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-22httpd: explain why we use sprintf and why it should be fineDenys Vlasenko
While at it, fix a pathological case where it is not fine: -r REALM with some 8-kbyte long REALM would overflow the buffer. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-14Make ifup and ifdown individually selectable.Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-13dnsdomainname: split it from "hostname", make it independently selectableDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25udhcpc: check read of overload option data byte to be within packetDenys Vlasenko
function old new delta udhcp_get_option 220 225 +5 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25udhcpc: check read of option length byte to be within packetBrian Foley
function old new delta udhcp_get_option 215 220 +5 udhcp_run_script 802 803 +1 Signed-off-by: Brian Foley <bpfoley@google.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-13telnetd: ifdef out a buggy error handling code pathDenys Vlasenko
Here, not handling the error is would just eat one input 0xff char. Correct handling would need even more corner case handling, as-is buggy handling corrupts the buffer. Since we just been told by kernel that pty is ready, EAGAIN should not be happening here anyway. function old new delta telnetd_main 1798 1785 -13 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnet: code shrinkDenys Vlasenko
put_iac2(w,c) is mostly used with constants, fold them into one arg function old new delta put_iac2_merged - 46 +46 telnet_main 1603 1583 -20 con_escape 285 257 -28 put_iac2 50 - -50 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 0/2 up/down: 46/-98) Total: -52 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: add another handshake example in comments, no code changesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: treat all 2-byte IACs in 240..249 range as NOPs.Denys Vlasenko
A bit of future-proofing. Some of them can stand just being ignored. function old new delta telnetd_main 1791 1798 +7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix corner case of input processing of 0xff bytesDenys Vlasenko
I managed to reproduce the bug, with some difficulty. function old new delta telnetd_main 1780 1791 +11 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix a corner case where CRLF->CR translation can misbehaveDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix handling of short writes to ptyDenys Vlasenko
If a write to pty is short, remove_iacs() can be run on a buffer repeatedly. This, for example, can eat 0xff chars (IACs, in telnet terms). Rework the logic to handle IACs in a special "write to pty" function. function old new delta telnetd_main 1662 1750 +88 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-09ifupdown: rewrite state file atomicallyDenys Vlasenko
By user's request. Decided to not use fcntl(F_SETLKW) in lieu of problems with locking on networked filesystems. The existence of /var/run/ifstate.new is treated as a write lock. rename() provides atomicity. function old new delta ifupdown_main 1019 1122 +103 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-07tcpsvd: don't keep shared fd open if fd limit is reached. closes 9331Denys Vlasenko
Also, much improved help text. function old new delta packed_usage 30652 30851 +199 tcpudpsvd_main 1782 1784 +2 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04wget: there is no -s option in GNU Wget 1.18, we should be compatibleDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge leases.c and static_leases.c into dhcpd.cDenys Vlasenko
function old new delta send_offer 292 461 +169 udhcpd_main 1531 1588 +57 read_leases 330 332 +2 add_lease 314 312 -2 find_lease_by_mac 68 - -68 find_free_or_expired_nip 174 - -174 ------------------------------------------------------------------------------ (add/remove: 0/4 grow/shrink: 3/1 up/down: 228/-244) Total: -16 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge most of static_leases.c into dhcpd.cDenys Vlasenko
function old new delta read_staticlease 121 222 +101 add_static_lease 48 - -48 log_static_leases 68 - -68 ------------------------------------------------------------------------------ (add/remove: 0/2 grow/shrink: 1/0 up/down: 101/-116) Total: -15 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge files.c into dhcpd.cDenys Vlasenko
Added NOINLINE to two function, since my version of gcc would actualy increase code size otherwise. I see no size changes. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-28traceroute: cleanup and fixes for packet size calculationsDenys Vlasenko
Remove FEATURE_TRACEROUTE_SOURCE_ROUTE: it's off by default, and source routing is not used in real world. Tested that "traceroute -n ::1 100" and "traceroute -n 127.0.0.1 100" both send 100 byte IP packets (this matches what traceroute on Fedora Rawhide is doing). function old new delta common_traceroute_main 3731 3738 +7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-25ifupdown: improve help text, add comment about run-parts error msgDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-20ifupdown: when flushing addresses with "ip", add label %label%Denys Vlasenko
User report: or our board we setup eth0:0 on a 10.10.10.x/29 netwrok. The problem is ip addr flush dev eth0:0 removes all ip addresses from eth0. You can see this if you run ip -stat -stat addr flush dev eth0:0 2: eth0 inet 172.27.105.10/22 brd 172.27.107.255 scope global eth0 valid_lft forever preferred_lft forever 2: eth0 inet 10.10.10.9/29 scope global eth0:0 valid_lft forever preferred_lft forever 2: eth0 inet6 fe80::a2f6:fdff:fe18:2b13/64 scope link valid_lft forever preferred_lft forever *** Round 1, deleting 3 addresses *** *** Flush is complete after 1 round *** Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-18libnetlink: fix alignment of netlink messagesHauke Mehrtens
A padding to align a message should not only be added between different attributes of a netlink message, but also at the end of the message to pad it to the correct size. Without this patch the following command does not work and returns an error code: ip link add type nlmon Without this ip from busybox sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=45, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45 return value: 2 The normal ip utile from iproute2 sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=48, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48 return value: 0 With this patch ip from busybox sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=48, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48 return value: 0 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-01*: placate some compile warnings on OSXDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-31wget: treat 201,202,203 as success codes too. Closes 9211Denys Vlasenko
This matches "standard" wget. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-26udhcpc: Unconditionally call deconfig script, not only if lease is activePeter Korsgaard
The udhcpc script may be used to setup fallback configuration (E.G. IPv4LL, fixed IP address, ..) that also needs to be cleaned up on release (E.G. when SIGUSR2 is called or on shutdown with -R), so unconditionally call deconfig. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-21wget/ssl_helper: update to wolfssl-3.9.8Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-16ifplugd: if SIOCSIFFLAGS fails with ENODEV, don't dieDenys Vlasenko
Some user managed to hit a race where iface is gone between SIOCGIFFLAGS and SIOCSIFFLAGS (!). If SIOCSIFFLAGS fails, treat it the same as failed SIOCGIFFLAGS Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14libiproute: eliminate some redundant zero storesDenys Vlasenko
function old new delta do_iprule 974 955 -19 rtnl_dump_request 173 146 -27 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-46) Total: -46 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14ip: fix an improper optimization: req.r.rtm_scope may be nonzero hereDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-01ntpd: respond only to client and symmetric active packetsMiroslav Lichvar
The busybox NTP implementation doesn't check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of responses between two busybox NTP servers. Adding more packets to the loop increases the traffic between the servers until one of them has a fully loaded CPU and/or network. Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25wget: run s_client helper with -servername HOSTDenys Vlasenko
This is necessary for multi-hosted TLSed web sites. function old new delta spawn_https_helper_openssl 334 441 +107 Based on a patch by Jeremy Chadwick <jdc@koitsu.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25ssl_helper.sh: strip was invoked incorrectlyDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>