aboutsummaryrefslogtreecommitdiff
path: root/networking
AgeCommit message (Collapse)Author
2016-11-22httpd: explain why we use sprintf and why it should be fineDenys Vlasenko
While at it, fix a pathological case where it is not fine: -r REALM with some 8-kbyte long REALM would overflow the buffer. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-14Make ifup and ifdown individually selectable.Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-13dnsdomainname: split it from "hostname", make it independently selectableDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25udhcpc: check read of overload option data byte to be within packetDenys Vlasenko
function old new delta udhcp_get_option 220 225 +5 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25udhcpc: check read of option length byte to be within packetBrian Foley
function old new delta udhcp_get_option 215 220 +5 udhcp_run_script 802 803 +1 Signed-off-by: Brian Foley <bpfoley@google.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-13telnetd: ifdef out a buggy error handling code pathDenys Vlasenko
Here, not handling the error is would just eat one input 0xff char. Correct handling would need even more corner case handling, as-is buggy handling corrupts the buffer. Since we just been told by kernel that pty is ready, EAGAIN should not be happening here anyway. function old new delta telnetd_main 1798 1785 -13 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnet: code shrinkDenys Vlasenko
put_iac2(w,c) is mostly used with constants, fold them into one arg function old new delta put_iac2_merged - 46 +46 telnet_main 1603 1583 -20 con_escape 285 257 -28 put_iac2 50 - -50 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 0/2 up/down: 46/-98) Total: -52 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: add another handshake example in comments, no code changesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: treat all 2-byte IACs in 240..249 range as NOPs.Denys Vlasenko
A bit of future-proofing. Some of them can stand just being ignored. function old new delta telnetd_main 1791 1798 +7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix corner case of input processing of 0xff bytesDenys Vlasenko
I managed to reproduce the bug, with some difficulty. function old new delta telnetd_main 1780 1791 +11 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix a corner case where CRLF->CR translation can misbehaveDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12telnetd: fix handling of short writes to ptyDenys Vlasenko
If a write to pty is short, remove_iacs() can be run on a buffer repeatedly. This, for example, can eat 0xff chars (IACs, in telnet terms). Rework the logic to handle IACs in a special "write to pty" function. function old new delta telnetd_main 1662 1750 +88 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-09ifupdown: rewrite state file atomicallyDenys Vlasenko
By user's request. Decided to not use fcntl(F_SETLKW) in lieu of problems with locking on networked filesystems. The existence of /var/run/ifstate.new is treated as a write lock. rename() provides atomicity. function old new delta ifupdown_main 1019 1122 +103 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-07tcpsvd: don't keep shared fd open if fd limit is reached. closes 9331Denys Vlasenko
Also, much improved help text. function old new delta packed_usage 30652 30851 +199 tcpudpsvd_main 1782 1784 +2 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04wget: there is no -s option in GNU Wget 1.18, we should be compatibleDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge leases.c and static_leases.c into dhcpd.cDenys Vlasenko
function old new delta send_offer 292 461 +169 udhcpd_main 1531 1588 +57 read_leases 330 332 +2 add_lease 314 312 -2 find_lease_by_mac 68 - -68 find_free_or_expired_nip 174 - -174 ------------------------------------------------------------------------------ (add/remove: 0/4 grow/shrink: 3/1 up/down: 228/-244) Total: -16 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge most of static_leases.c into dhcpd.cDenys Vlasenko
function old new delta read_staticlease 121 222 +101 add_static_lease 48 - -48 log_static_leases 68 - -68 ------------------------------------------------------------------------------ (add/remove: 0/2 grow/shrink: 1/0 up/down: 101/-116) Total: -15 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04dhcp: merge files.c into dhcpd.cDenys Vlasenko
Added NOINLINE to two function, since my version of gcc would actualy increase code size otherwise. I see no size changes. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-28traceroute: cleanup and fixes for packet size calculationsDenys Vlasenko
Remove FEATURE_TRACEROUTE_SOURCE_ROUTE: it's off by default, and source routing is not used in real world. Tested that "traceroute -n ::1 100" and "traceroute -n 127.0.0.1 100" both send 100 byte IP packets (this matches what traceroute on Fedora Rawhide is doing). function old new delta common_traceroute_main 3731 3738 +7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-25ifupdown: improve help text, add comment about run-parts error msgDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-20ifupdown: when flushing addresses with "ip", add label %label%Denys Vlasenko
User report: or our board we setup eth0:0 on a 10.10.10.x/29 netwrok. The problem is ip addr flush dev eth0:0 removes all ip addresses from eth0. You can see this if you run ip -stat -stat addr flush dev eth0:0 2: eth0 inet 172.27.105.10/22 brd 172.27.107.255 scope global eth0 valid_lft forever preferred_lft forever 2: eth0 inet 10.10.10.9/29 scope global eth0:0 valid_lft forever preferred_lft forever 2: eth0 inet6 fe80::a2f6:fdff:fe18:2b13/64 scope link valid_lft forever preferred_lft forever *** Round 1, deleting 3 addresses *** *** Flush is complete after 1 round *** Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-18libnetlink: fix alignment of netlink messagesHauke Mehrtens
A padding to align a message should not only be added between different attributes of a netlink message, but also at the end of the message to pad it to the correct size. Without this patch the following command does not work and returns an error code: ip link add type nlmon Without this ip from busybox sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=45, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45 return value: 2 The normal ip utile from iproute2 sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=48, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48 return value: 0 With this patch ip from busybox sends this: sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=48, ...}, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48 return value: 0 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-01*: placate some compile warnings on OSXDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-31wget: treat 201,202,203 as success codes too. Closes 9211Denys Vlasenko
This matches "standard" wget. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-26udhcpc: Unconditionally call deconfig script, not only if lease is activePeter Korsgaard
The udhcpc script may be used to setup fallback configuration (E.G. IPv4LL, fixed IP address, ..) that also needs to be cleaned up on release (E.G. when SIGUSR2 is called or on shutdown with -R), so unconditionally call deconfig. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-21wget/ssl_helper: update to wolfssl-3.9.8Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-16ifplugd: if SIOCSIFFLAGS fails with ENODEV, don't dieDenys Vlasenko
Some user managed to hit a race where iface is gone between SIOCGIFFLAGS and SIOCSIFFLAGS (!). If SIOCSIFFLAGS fails, treat it the same as failed SIOCGIFFLAGS Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14libiproute: eliminate some redundant zero storesDenys Vlasenko
function old new delta do_iprule 974 955 -19 rtnl_dump_request 173 146 -27 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-46) Total: -46 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14ip: fix an improper optimization: req.r.rtm_scope may be nonzero hereDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-01ntpd: respond only to client and symmetric active packetsMiroslav Lichvar
The busybox NTP implementation doesn't check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of responses between two busybox NTP servers. Adding more packets to the loop increases the traffic between the servers until one of them has a fully loaded CPU and/or network. Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25wget: run s_client helper with -servername HOSTDenys Vlasenko
This is necessary for multi-hosted TLSed web sites. function old new delta spawn_https_helper_openssl 334 441 +107 Based on a patch by Jeremy Chadwick <jdc@koitsu.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25ssl_helper.sh: strip was invoked incorrectlyDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-19typo fixesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LISTDenys Vlasenko
In many cases, this aqllows to drop use of opt_complementary. Approximately -400 bytes: function old new delta getopt32 1423 1502 +79 opt_string 17 18 +1 OPT_STR 24 25 +1 uniq_main 416 406 -10 timeout_main 279 269 -10 sulogin_main 270 260 -10 readprofile_main 1825 1815 -10 ps_main 543 533 -10 pidof_main 245 235 -10 pgrep_main 611 601 -10 od_main 2600 2590 -10 mkfs_minix_main 2684 2674 -10 mkfs_ext2_main 2603 2593 -10 microcom_main 712 702 -10 makemime_main 315 305 -10 ionice_main 282 272 -10 inetd_main 2074 2064 -10 ifplugd_main 1144 1134 -10 halt_main 353 343 -10 getopt_main 636 626 -10 fdisk_main 2854 2844 -10 env_main 206 196 -10 dmesg_main 319 309 -10 conspy_main 1214 1204 -10 awk_main 981 971 -10 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 3/22 up/down: 81/-220) Total: -139 bytes text data bss dec hex filename 919373 906 14060 934339 e41c3 busybox_old 918969 906 14060 933935 e402f busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06whois: implement -iDenys Vlasenko
function old new delta whois_main 654 675 +21 packed_usage 30355 30356 +1 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06whois: make it actually workDenys Vlasenko
It was doing way too simplistic work of just querying the server, no redirects, no query massaging. This required user to know a lot about whois, and enter at least three queries for each host to get meaningful information. function old new delta whois_main 209 646 +437 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-04arp: fix buffer overflow. Closes 9071Denys Vlasenko
function old new delta arp_main 1910 1898 -12 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03udhcpc: run "deconfig" script in manual renew state too. closes 9061Denys Vlasenko
The bug was seen when the following is done: # killall 1 udhpc; killall 2 udhpc Performing a DHCP renew state: 2 -> 5 Sending renew... Entering released state state: 5 -> 6 <<<<<<<<<<<<<< not calling script!!!! Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03ntpd: daemonize before DNS resolutionDenys Vlasenko
This resolves the following use case problem: "I start ntpd by default from /etc/init.d There might be no working network connection (not configured properly for whatever reason, hardware problems, whatelse). With busybox 1.25 ntpd seems to loop forever if now NTP servers are found, blocking the boot process and I never get a login to solve a possible pb or to do a first time configuration." Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-23ping: populate icmp_id field for "simple" ping tooJonas Danielsson
The ICMP RFC says that identifier and sequence number may be zero. Having them zero for a Echo message, along with a data of zero's as well will result in a Echo reply message with only zero's. Some NAT implementations seem to get the checksum wrong on these packages. Setting a checksum of 0x0 instead of 0xffff. Through NAT: Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 Checksum: 0x0000 [incorrect, should be 0xffff] Identifier (BE): 0 (0x0000) Identifier (LE): 0 (0x0000) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) Data (56 bytes) Data: 000000000000000000000000000000000000000000000000... [Length: 56] Without NAT: Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 Checksum: 0xffff [correct] Identifier (BE): 0 (0x0000) Identifier (LE): 0 (0x0000) Sequence number (BE): 0 (0x0000) Sequence number (LE): 0 (0x0000) [Request frame: 189] [Response time: 0.024 ms] Data (56 bytes) Data: 000000000000000000000000000000000000000000000000... [Length: 56] And this in turn will make some hardware MAC checksum offloading engines drop the packet. (This was seen with a Synopsis MAC, the same one used in for instance the stmmac Ethernet driver in the linux kernel.) This change can be seen as a workaround for bugs in other layers. But just setting an identifier for the Echo message packet will avoid prodding the hornets nest. function old new delta common_ping_main 424 500 +76 Signed-off-by: Jonas Danielsson <jonasdn@axis.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-06ntpd: retry initial DNS resolution (forever, no timeout for now).Denys Vlasenko
Some users start ntpd on boot, and don't babysit it. If it dies because DNS is not yet up and therefore NTP servers can't be found, users are not happy. Example behavior with a peer name which can't be resolved: ntpd: bad address 'qwe.rty.ghj.kl' ...5 sec... ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ntpd: bad address 'qwe.rty.ghj.kl' ... Based on the patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> function old new delta resolve_peer_hostname - 81 +81 ntpd_main 1130 1061 -69 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/1 up/down: 81/-69) Total: 12 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-05-26arping: avoid use of ether_ntoa(). Closes 8926Denys Vlasenko
This is the only non-debug use of ether_ntoa(). By not using it, we reduce bss: function old new delta arping_main 1568 1665 +97 static.asc 18 - -18 ether_ntoa 57 - -57 ------------------------------------------------------------------------------ (add/remove: 0/2 grow/shrink: 1/0 up/down: 97/-75) Total: 22 bytes text data bss dec hex filename 911020 493 7352 918865 e0551 busybox_old 911069 493 7336 918898 e0572 busybox_unstripped Also, "standard" arping zero-pads MAC. ether_ntoa() does not. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-24ip: fix problem on mips64 n64 big endian musl systemsSzabolcs Nagy
Use designated initializers for struct msghdr. The struct layout is non-portable and musl libc does not match what busybox expects. Signed-off-by: Szabolcs Nagy <nsz@port70.net> Tested-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-22*: slap on a few ALIGN1/2s where appropriateDenys Vlasenko
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map" text data bss dec hex filename 829901 4086 1904 835891 cc133 busybox_before 829665 4086 1904 835655 cc047 busybox Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21udhcp: add setup_common_bufsiz() as neededDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21*: hopefully all setup_common_bufsiz() are in placeDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21*: add most of the required setup_common_bufsiz() callsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21libbb: make bb_common_bufsiz1 1 kbyte, add capability to use bss tail for itDenys Vlasenko
The config item is FEATURE_USE_BSS_TAIL. When it is off (default): function old new delta read_config 210 228 +18 doCommands 2279 2294 +15 ipneigh_list_or_flush 763 772 +9 ipaddr_list_or_flush 1256 1261 +5 display_process_list 1301 1306 +5 conspy_main 1378 1383 +5 do_lzo_compress 352 355 +3 do_lzo_decompress 565 567 +2 push 46 44 -2 inetd_main 2136 2134 -2 uevent_main 421 418 -3 addLines 97 92 -5 bb_common_bufsiz1 8193 1024 -7169 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 8/5 up/down: 62/-7181) Total: -7119 bytes text data bss dec hex filename 829850 4086 9080 843016 cdd08 busybox_old 829901 4086 1904 835891 cc133 busybox_unstripped FEATURE_USE_BSS_TAIL=y: read_config 210 228 +18 doCommands 2279 2294 +15 ipneigh_list_or_flush 763 772 +9 ipaddr_list_or_flush 1256 1261 +5 display_process_list 1301 1306 +5 conspy_main 1378 1383 +5 do_lzo_compress 352 355 +3 do_lzo_decompress 565 567 +2 inetd_main 2136 2134 -2 bb_common_bufsiz1 8193 - -8193 ------------------------------------------------------------------------------ (add/remove: 0/1 grow/shrink: 8/1 up/down: 62/-8195) Total: -8133 bytes text data bss dec hex filename 829850 4086 9080 843016 cdd08 busybox_old 829911 4086 880 834877 cbd3d busybox_unstripped FIXME: setup_common_bufsiz() calls are missing. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30udhcp: fix capitalization of two messagesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-03-30dhcpd: string reuseDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>