[arch-commits] Commit in dhcpcd/repos (7 files)
Giancarlo Razzolini
grazzolini at archlinux.org
Tue Jun 23 12:57:23 UTC 2020
Date: Tuesday, June 23, 2020 @ 12:57:22
Author: grazzolini
Revision: 390160
archrelease: copy trunk to testing-x86_64
Added:
dhcpcd/repos/testing-x86_64/
dhcpcd/repos/testing-x86_64/0001-generic_netlink_ssid_privsep.patch
(from rev 390159, dhcpcd/trunk/0001-generic_netlink_ssid_privsep.patch)
dhcpcd/repos/testing-x86_64/PKGBUILD
(from rev 390159, dhcpcd/trunk/PKGBUILD)
dhcpcd/repos/testing-x86_64/dhcpcd.service
(from rev 390159, dhcpcd/trunk/dhcpcd.service)
dhcpcd/repos/testing-x86_64/dhcpcd.sysusers
(from rev 390159, dhcpcd/trunk/dhcpcd.sysusers)
dhcpcd/repos/testing-x86_64/dhcpcd.tmpfiles
(from rev 390159, dhcpcd/trunk/dhcpcd.tmpfiles)
dhcpcd/repos/testing-x86_64/dhcpcd_.service
(from rev 390159, dhcpcd/trunk/dhcpcd_.service)
-----------------------------------------+
0001-generic_netlink_ssid_privsep.patch | 196 ++++++++++++++++++++++++++++++
PKGBUILD | 79 ++++++++++++
dhcpcd.service | 13 +
dhcpcd.sysusers | 1
dhcpcd.tmpfiles | 2
dhcpcd_.service | 15 ++
6 files changed, 306 insertions(+)
Copied: dhcpcd/repos/testing-x86_64/0001-generic_netlink_ssid_privsep.patch (from rev 390159, dhcpcd/trunk/0001-generic_netlink_ssid_privsep.patch)
===================================================================
--- testing-x86_64/0001-generic_netlink_ssid_privsep.patch (rev 0)
+++ testing-x86_64/0001-generic_netlink_ssid_privsep.patch 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1,196 @@
+From 5d5ff024cbffa09bb3b3457a5a45be688adca949 Mon Sep 17 00:00:00 2001
+From: Roy Marples <roy at marples.name>
+Date: Mon, 22 Jun 2020 21:56:16 +0100
+Subject: Linux: keep the generic netlink socket around to get ssid with
+ privsep
+
+While here, improve our reading of netlink(7) and terminate on either
+ERROR or DONE. If neither are in the message, read again unless it's
+the link receiving socket.
+Also, only callback if this is the sequence number expected.
+---
+ src/if-linux.c | 81 ++++++++++++++++++++++++++++++++++------------------------
+ 1 file changed, 48 insertions(+), 33 deletions(-)
+
+diff --git a/src/if-linux.c b/src/if-linux.c
+index b3ab8280..815a06b7 100644
+--- a/src/if-linux.c
++++ b/src/if-linux.c
+@@ -130,6 +130,7 @@ int if_getssid_wext(const char *ifname, uint8_t *ssid);
+
+ struct priv {
+ int route_fd;
++ int generic_fd;
+ uint32_t route_pid;
+ };
+
+@@ -414,6 +415,12 @@ if_opensockets_os(struct dhcpcd_ctx *ctx)
+ if (getsockname(priv->route_fd, (struct sockaddr *)&snl, &len) == -1)
+ return -1;
+ priv->route_pid = snl.nl_pid;
++
++ memset(&snl, 0, sizeof(snl));
++ priv->generic_fd = if_linksocket(&snl, NETLINK_GENERIC, 0);
++ if (priv->generic_fd == -1)
++ return -1;
++
+ return 0;
+ }
+
+@@ -425,6 +432,7 @@ if_closesockets_os(struct dhcpcd_ctx *ctx)
+ if (ctx->priv != NULL) {
+ priv = (struct priv *)ctx->priv;
+ close(priv->route_fd);
++ close(priv->generic_fd);
+ }
+ }
+
+@@ -465,26 +473,27 @@ if_getnetlink(struct dhcpcd_ctx *ctx, struct iovec *iov, int fd, int flags,
+ };
+ ssize_t len;
+ struct nlmsghdr *nlm;
+- int r;
++ int r = 0;
+ unsigned int again;
++ bool terminated;
+
+ recv_again:
+- if ((len = recvmsg(fd, &msg, flags)) == -1)
+- return -1;
+- if (len == 0)
+- return 0;
++ len = recvmsg(fd, &msg, flags);
++ if (len == -1 || len == 0)
++ return (int)len;
+
+ /* Check sender */
+ if (msg.msg_namelen != sizeof(nladdr)) {
+ errno = EINVAL;
+ return -1;
+ }
++
+ /* Ignore message if it is not from kernel */
+ if (nladdr.nl_pid != 0)
+ return 0;
+
+- r = 0;
+ again = 0;
++ terminated = false;
+ for (nlm = iov->iov_base;
+ nlm && NLMSG_OK(nlm, (size_t)len);
+ nlm = NLMSG_NEXT(nlm, len))
+@@ -492,6 +501,7 @@ recv_again:
+ again = (nlm->nlmsg_flags & NLM_F_MULTI);
+ if (nlm->nlmsg_type == NLMSG_NOOP)
+ continue;
++
+ if (nlm->nlmsg_type == NLMSG_ERROR) {
+ struct nlmsgerr *err;
+
+@@ -504,17 +514,21 @@ recv_again:
+ errno = -err->error;
+ return -1;
+ }
++ again = 0;
++ terminated = true;
+ break;
+ }
+ if (nlm->nlmsg_type == NLMSG_DONE) {
+ again = 0;
++ terminated = true;
+ break;
+ }
+- if (cb != NULL && (r = cb(ctx, cbarg, nlm)) != 0)
+- break;
++ if (cb != NULL &&
++ (nlm->nlmsg_seq == (uint32_t)ctx->seq || fd == ctx->link_fd))
++ r = cb(ctx, cbarg, nlm);
+ }
+
+- if (r == 0 && again)
++ if ((again || !terminated) && (ctx != NULL && ctx->link_fd != fd))
+ goto recv_again;
+
+ return r;
+@@ -982,16 +996,19 @@ static int
+ if_sendnetlink(struct dhcpcd_ctx *ctx, int protocol, struct nlmsghdr *hdr,
+ int (*cb)(struct dhcpcd_ctx *, void *, struct nlmsghdr *), void *cbarg)
+ {
+- int s, r;
++ int s;
+ struct sockaddr_nl snl = { .nl_family = AF_NETLINK };
+ struct iovec iov = { .iov_base = hdr, .iov_len = hdr->nlmsg_len };
+ struct msghdr msg = {
+ .msg_name = &snl, .msg_namelen = sizeof(snl),
+ .msg_iov = &iov, .msg_iovlen = 1
+ };
+- bool use_rfd;
+-
+- use_rfd = (protocol == NETLINK_ROUTE && hdr->nlmsg_type != RTM_GETADDR);
++ struct priv *priv = (struct priv *)ctx->priv;
++ unsigned char buf[16 * 1024];
++ struct iovec riov = {
++ .iov_base = buf,
++ .iov_len = sizeof(buf),
++ };
+
+ /* Request a reply */
+ hdr->nlmsg_flags |= NLM_F_ACK;
+@@ -1002,13 +1019,16 @@ if_sendnetlink(struct dhcpcd_ctx *ctx, int protocol, struct nlmsghdr *hdr,
+ return (int)ps_root_sendnetlink(ctx, protocol, &msg);
+ #endif
+
+- if (use_rfd) {
+- struct priv *priv = (struct priv *)ctx->priv;
+-
+- s = priv->route_fd;
+- } else {
+- if ((s = if_linksocket(&snl, protocol, 0)) == -1)
+- return -1;
++ switch (protocol) {
++ case NETLINK_ROUTE:
++ if (hdr->nlmsg_type != RTM_GETADDR) {
++ s = priv->route_fd;
++ break;
++ }
++ /* FALLTHROUGH */
++ case NETLINK_GENERIC:
++ s = priv->generic_fd;
++#if 0
+ #ifdef NETLINK_GET_STRICT_CHK
+ if (hdr->nlmsg_type == RTM_GETADDR) {
+ int on = 1;
+@@ -1018,22 +1038,17 @@ if_sendnetlink(struct dhcpcd_ctx *ctx, int protocol, struct nlmsghdr *hdr,
+ logerr("%s: NETLINK_GET_STRICT_CHK", __func__);
+ }
+ #endif
++#endif
++ break;
++ default:
++ errno = EINVAL;
++ return -1;
+ }
+
+- if (sendmsg(s, &msg, 0) != -1) {
+- unsigned char buf[16 * 1024];
+- struct iovec riov = {
+- .iov_base = buf,
+- .iov_len = sizeof(buf),
+- };
+-
+- r = if_getnetlink(ctx, &riov, s, 0, cb, cbarg);
+- } else
+- r = -1;
++ if (sendmsg(s, &msg, 0) == -1)
++ return -1;
+
+- if (!use_rfd)
+- close(s);
+- return r;
++ return if_getnetlink(ctx, &riov, s, 0, cb, cbarg);
+ }
+
+ #define NLMSG_TAIL(nmsg) \
+--
+cgit v1.2.3
+
Copied: dhcpcd/repos/testing-x86_64/PKGBUILD (from rev 390159, dhcpcd/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1,79 @@
+# Maintainer: Ronald van Haren <ronald.archlinux.org>
+# Maintainer: Giancarlo Razzolini <grazzolini at archlinux.org>
+# Contributor: Tom Killian <tom.archlinux.org>
+# Contributor: Judd Vinet <jvinet.zeroflux.org>
+
+pkgname=dhcpcd
+pkgver=9.1.2
+pkgrel=2
+pkgdesc="RFC2131 compliant DHCP client daemon"
+url="https://roy.marples.name/projects/dhcpcd/"
+arch=('x86_64')
+license=('BSD')
+depends=('glibc' 'sh' 'udev' 'systemd-libs')
+optdepends=('openresolv: resolvconf support')
+provides=('dhcp-client')
+backup=('etc/dhcpcd.conf')
+options=('emptydirs') # We Need the Empty /var/lib/dhcpcd Directory
+source=("https://roy.marples.name/downloads/$pkgname/$pkgname-$pkgver.tar.xz"
+ dhcpcd_.service
+ dhcpcd.service
+ dhcpcd.sysusers
+ dhcpcd.tmpfiles
+ 0001-generic_netlink_ssid_privsep.patch)
+validpgpkeys=('A785ED2755955D9E93EA59F6597F97EA9AD45549') # Roy Marples (NetBSD) <roy at NetBSD.org>
+sha256sums=('ed053839beb9aaf6424c94ff340826446af2df754db7c7137a09de2a71fb512c'
+ '37acd53a589711f5e1db2fcaebb4ccf1c90dc4bcd309626bde25beb7b630a545'
+ '20bccbf8a05b1bc2be365c8b4b526c38c752f48229ba53c3be113ac5b634f210'
+ 'df33c69a79fb30895217db8fe6a46ad0658a70b32a280bc91fc04a09b584fa62'
+ 'e0cef3b7cbe047393e4ecb60369f67d2d73e616b56cea9401070f2aff28a7434'
+ '0887ace3e43d468528d808c6cf9f62d2926a1b61e3cae254410ecd2e8471a5cb')
+prepare () {
+ cd ${pkgname}-${pkgver}
+
+ # patch for keep the generic netlink socket around to get ssid with privsep
+ patch -Np1 < $srcdir/0001-generic_netlink_ssid_privsep.patch
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+
+ # configure variables
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/dhcpcd \
+ --dbdir=/var/lib/dhcpcd \
+ --runstatedir=/run \
+ --privsepuser=dhcpcd
+
+ # Build
+ make
+}
+
+
+check() {
+ cd ${pkgname}-${pkgver}
+
+ make test
+}
+
+
+package() {
+ cd ${pkgname}-${pkgver}
+ make DESTDIR="${pkgdir}" install
+
+ # Install License
+ install -Dm644 "${srcdir}/${pkgname}-${pkgver}/LICENSE" \
+ "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+
+ # Set Options in /etc/dhcpcd.conf
+ echo noipv4ll >> "${pkgdir}/etc/dhcpcd.conf" # Disable ip4vall
+
+ # install systemd files
+ install -Dm644 "${srcdir}/dhcpcd_.service" "${pkgdir}/usr/lib/systemd/system/dhcpcd at .service"
+ install -Dm644 "${srcdir}/dhcpcd.service" "${pkgdir}/usr/lib/systemd/system/dhcpcd.service" # FS#31543
+ install -Dm644 "${srcdir}/dhcpcd.sysusers" "${pkgdir}/usr/lib/sysusers.d/dhcpcd.conf"
+ install -Dm644 "${srcdir}/dhcpcd.tmpfiles" "${pkgdir}/usr/lib/tmpfiles.d/dhcpcd.conf"
+}
Copied: dhcpcd/repos/testing-x86_64/dhcpcd.service (from rev 390159, dhcpcd/trunk/dhcpcd.service)
===================================================================
--- testing-x86_64/dhcpcd.service (rev 0)
+++ testing-x86_64/dhcpcd.service 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1,13 @@
+[Unit]
+Description=dhcpcd on all interfaces
+Wants=network.target
+Before=network.target
+
+[Service]
+Type=forking
+PIDFile=/run/dhcpcd/pid
+ExecStart=/usr/bin/dhcpcd -q -b
+ExecStop=/usr/bin/dhcpcd -x
+
+[Install]
+WantedBy=multi-user.target
Copied: dhcpcd/repos/testing-x86_64/dhcpcd.sysusers (from rev 390159, dhcpcd/trunk/dhcpcd.sysusers)
===================================================================
--- testing-x86_64/dhcpcd.sysusers (rev 0)
+++ testing-x86_64/dhcpcd.sysusers 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1 @@
+u dhcpcd - "dhcpcd privilege separation" /var/lib/dhcpcd
Copied: dhcpcd/repos/testing-x86_64/dhcpcd.tmpfiles (from rev 390159, dhcpcd/trunk/dhcpcd.tmpfiles)
===================================================================
--- testing-x86_64/dhcpcd.tmpfiles (rev 0)
+++ testing-x86_64/dhcpcd.tmpfiles 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1,2 @@
+d /var/lib/dhcpcd 0700 dhcpcd dhcpcd -
+d /run/dhcpcd 0755 dhcpcd dhcpcd -
Copied: dhcpcd/repos/testing-x86_64/dhcpcd_.service (from rev 390159, dhcpcd/trunk/dhcpcd_.service)
===================================================================
--- testing-x86_64/dhcpcd_.service (rev 0)
+++ testing-x86_64/dhcpcd_.service 2020-06-23 12:57:22 UTC (rev 390160)
@@ -0,0 +1,15 @@
+[Unit]
+Description=dhcpcd on %I
+Wants=network.target
+Before=network.target
+BindsTo=sys-subsystem-net-devices-%i.device
+After=sys-subsystem-net-devices-%i.device
+
+[Service]
+Type=forking
+PIDFile=/run/dhcpcd/%I.pid
+ExecStart=/usr/bin/dhcpcd -q -w %I
+ExecStop=/usr/bin/dhcpcd -x %I
+
+[Install]
+WantedBy=multi-user.target
More information about the arch-commits
mailing list