Age | Commit message (Collapse) | Author |
|
The busybox NTP implementation doesn't check the NTP mode of packets
received on the server port and responds to any packet with the right
size. This includes responses from another NTP server. An attacker can
send a packet with a spoofed source address in order to create an
infinite loop of responses between two busybox NTP servers. Adding
more packets to the loop increases the traffic between the servers
until one of them has a fully loaded CPU and/or network.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This is necessary for multi-hosted TLSed web sites.
function old new delta
spawn_https_helper_openssl 334 441 +107
Based on a patch by Jeremy Chadwick <jdc@koitsu.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
In many cases, this aqllows to drop use of opt_complementary.
Approximately -400 bytes:
function old new delta
getopt32 1423 1502 +79
opt_string 17 18 +1
OPT_STR 24 25 +1
uniq_main 416 406 -10
timeout_main 279 269 -10
sulogin_main 270 260 -10
readprofile_main 1825 1815 -10
ps_main 543 533 -10
pidof_main 245 235 -10
pgrep_main 611 601 -10
od_main 2600 2590 -10
mkfs_minix_main 2684 2674 -10
mkfs_ext2_main 2603 2593 -10
microcom_main 712 702 -10
makemime_main 315 305 -10
ionice_main 282 272 -10
inetd_main 2074 2064 -10
ifplugd_main 1144 1134 -10
halt_main 353 343 -10
getopt_main 636 626 -10
fdisk_main 2854 2844 -10
env_main 206 196 -10
dmesg_main 319 309 -10
conspy_main 1214 1204 -10
awk_main 981 971 -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/22 up/down: 81/-220) Total: -139 bytes
text data bss dec hex filename
919373 906 14060 934339 e41c3 busybox_old
918969 906 14060 933935 e402f busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
whois_main 654 675 +21
packed_usage 30355 30356 +1
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
It was doing way too simplistic work of just querying the server,
no redirects, no query massaging. This required user to know a lot about whois,
and enter at least three queries for each host to get meaningful information.
function old new delta
whois_main 209 646 +437
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
arp_main 1910 1898 -12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The bug was seen when the following is done:
# killall 1 udhpc; killall 2 udhpc
Performing a DHCP renew
state: 2 -> 5
Sending renew...
Entering released state
state: 5 -> 6 <<<<<<<<<<<<<< not calling script!!!!
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This resolves the following use case problem:
"I start ntpd by default from /etc/init.d
There might be no working network connection (not configured properly for
whatever reason, hardware problems, whatelse).
With busybox 1.25 ntpd seems to loop forever if now NTP servers are found,
blocking the boot process and I never get a login to solve a possible pb or
to do a first time configuration."
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The ICMP RFC says that identifier and sequence number may be zero.
Having them zero for a Echo message, along with a data of zero's
as well will result in a Echo reply message with only zero's.
Some NAT implementations seem to get the checksum wrong on these
packages. Setting a checksum of 0x0 instead of 0xffff.
Through NAT:
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0x0000 [incorrect, should be 0xffff]
Identifier (BE): 0 (0x0000)
Identifier (LE): 0 (0x0000)
Sequence number (BE): 0 (0x0000)
Sequence number (LE): 0 (0x0000)
Data (56 bytes)
Data: 000000000000000000000000000000000000000000000000...
[Length: 56]
Without NAT:
Internet Control Message Protocol
Type: 0 (Echo (ping) reply)
Code: 0
Checksum: 0xffff [correct]
Identifier (BE): 0 (0x0000)
Identifier (LE): 0 (0x0000)
Sequence number (BE): 0 (0x0000)
Sequence number (LE): 0 (0x0000)
[Request frame: 189]
[Response time: 0.024 ms]
Data (56 bytes)
Data: 000000000000000000000000000000000000000000000000...
[Length: 56]
And this in turn will make some hardware MAC checksum offloading
engines drop the packet.
(This was seen with a Synopsis MAC, the same one used in for instance the
stmmac Ethernet driver in the linux kernel.)
This change can be seen as a workaround for bugs in other layers.
But just setting an identifier for the Echo message packet will
avoid prodding the hornets nest.
function old new delta
common_ping_main 424 500 +76
Signed-off-by: Jonas Danielsson <jonasdn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Some users start ntpd on boot, and don't babysit it. If it dies because
DNS is not yet up and therefore NTP servers can't be found, users are
not happy.
Example behavior with a peer name which can't be resolved:
ntpd: bad address 'qwe.rty.ghj.kl'
...5 sec...
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
...
Based on the patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
function old new delta
resolve_peer_hostname - 81 +81
ntpd_main 1130 1061 -69
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 81/-69) Total: 12 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This is the only non-debug use of ether_ntoa(). By not using it,
we reduce bss:
function old new delta
arping_main 1568 1665 +97
static.asc 18 - -18
ether_ntoa 57 - -57
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 1/0 up/down: 97/-75) Total: 22 bytes
text data bss dec hex filename
911020 493 7352 918865 e0551 busybox_old
911069 493 7336 918898 e0572 busybox_unstripped
Also, "standard" arping zero-pads MAC. ether_ntoa() does not.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Use designated initializers for struct msghdr.
The struct layout is non-portable and musl libc does not match what busybox expects.
Signed-off-by: Szabolcs Nagy <nsz@port70.net>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"
text data bss dec hex filename
829901 4086 1904 835891 cc133 busybox_before
829665 4086 1904 835655 cc047 busybox
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The config item is FEATURE_USE_BSS_TAIL. When it is off (default):
function old new delta
read_config 210 228 +18
doCommands 2279 2294 +15
ipneigh_list_or_flush 763 772 +9
ipaddr_list_or_flush 1256 1261 +5
display_process_list 1301 1306 +5
conspy_main 1378 1383 +5
do_lzo_compress 352 355 +3
do_lzo_decompress 565 567 +2
push 46 44 -2
inetd_main 2136 2134 -2
uevent_main 421 418 -3
addLines 97 92 -5
bb_common_bufsiz1 8193 1024 -7169
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 8/5 up/down: 62/-7181) Total: -7119 bytes
text data bss dec hex filename
829850 4086 9080 843016 cdd08 busybox_old
829901 4086 1904 835891 cc133 busybox_unstripped
FEATURE_USE_BSS_TAIL=y:
read_config 210 228 +18
doCommands 2279 2294 +15
ipneigh_list_or_flush 763 772 +9
ipaddr_list_or_flush 1256 1261 +5
display_process_list 1301 1306 +5
conspy_main 1378 1383 +5
do_lzo_compress 352 355 +3
do_lzo_decompress 565 567 +2
inetd_main 2136 2134 -2
bb_common_bufsiz1 8193 - -8193
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 8/1 up/down: 62/-8195) Total: -8133 bytes
text data bss dec hex filename
829850 4086 9080 843016 cdd08 busybox_old
829911 4086 880 834877 cbd3d busybox_unstripped
FIXME: setup_common_bufsiz() calls are missing.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
udhcpd_main 1501 1531 +30
d6_recv_raw_packet 251 264 +13
perform_d6_release 188 198 +10
udhcpc6_main 2443 2449 +6
udhcp_recv_raw_packet 582 588 +6
udhcp_recv_kernel_packet 132 138 +6
send_d6_renew 140 146 +6
d6_recv_kernel_packet 118 124 +6
send_renew 77 82 +5
send_discover 85 90 +5
send_decline 84 89 +5
send_d6_select 97 102 +5
send_d6_discover 174 179 +5
perform_release 167 172 +5
count_lines 72 74 +2
udhcpc_main 2836 2837 +1
bb_info_msg 125 - -125
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 17/4 up/down: 117/-180) Total: -63 bytes
text data bss dec hex filename
924935 906 17160 943001 e6399 busybox_old
924736 906 17160 942802 e62d2 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This reverts commit 2fb63292f7083fb259a3f8d8ee70ef8acdaed626.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
set_alarm - 27 +27
fgets_and_trim 76 92 +16
wget_main 2610 2616 +6
open_socket 64 54 -10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Otherwise, "-t 0" usage may end up sending them forever
if server does not respond.
function old new delta
udhcpc_main 2846 2836 -10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
ntpd_main 1053 1130 +77
add_peers 166 195 +29
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
same IP)
function old new delta
add_peers 98 166 +68
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
RFC2131 paragraph 4.1 states DHCP messages broadcast by a client prior to
that client obtaining its IP address must have the source IP address
field in the header set to 0.
Request messages transmitted in renewing and rebinding state need to use
the obtained IP address as source IP address in the header; this behavior
lines up with other implementations like ISC dhcp client.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Let udhcpd retain the information about expired leases when restarting
so that the leases are reserved until they possibly become the oldest
expired lease.
This reduces the frequency of IP address changes for example when the
DHCP server and a group of clients, who do not store and request their
previously offered IP address across restarts, are collectively restarted
and the startup order of the clients are not guaranteed.
Signed-off-by: Christian Lindeberg <christian.lindeberg@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This patch allow to have multiple interface definitions, much like
Debian's ifupdown. More specifically, it removes the check for a
duplicate definition, so the impact on binary size should be fairly
minimal.
This configuration:
iface eth0 inet static
address 192.168.0.15
netmask 255.255.0.0
gateway 192.168.0.1
iface eth0 inet static
address 10.0.0.1
netmask 255.255.255.0
Will add two addresses to eth0 if ip is used. If ifconfig is used,
the standards methods will likely not stack, but the administrator may
still use the manual method. The DHCP method may work depending on the
DHCP client in use.
This is a fairly advanced feature for power users who knows what they
are doing. There are not many other network configuration systems that
allows multiple addresses on an interface.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
dname_dec 337 332 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
update_local_clock 820 826 +6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Patch based on Balaji Punnuru <balaji.punnuru@gmail.com> work.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
update_local_clock 769 820 +51
recv_and_process_peer_pkt 838 862 +24
reset_peer_stats 137 133 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 75/-4) Total: 71 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
After commit 8e74adab0107658e3dc04ed342206272a284f43e
("libbb: make INET[6]_rresolve use sockaddr2{host,dotted}_noport")
INET_sprint6 uses more than just sin6_addr, it also tries to display the
scope id, which is uninitialized when called from ife_print6.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
iproute_modify 1051 1120 +69
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The -H NAME is deprecated in udhcpc. See commit
2017d48c0d70bef8768efb42909e605ea8eb5a21
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
IPv6 routes need the device argument for link-local routes, or they
cannot be used at all. E.g. "gateway fe80::def" seems to be used in
some places, but kernel refuses to insert the route unless device
name is explicitly specified in the route addition.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|